@cas-system/nextjs-cas-client 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (155) hide show
  1. package/dist/{CasProvider.d.ts → cjs/CasProvider.d.ts} +1 -1
  2. package/dist/cjs/CasProvider.d.ts.map +1 -0
  3. package/dist/cjs/CasProvider.js +154 -0
  4. package/dist/cjs/CasProvider.js.map +1 -0
  5. package/dist/cjs/components/CasLoginButton.d.ts.map +1 -0
  6. package/dist/cjs/components/CasLoginButton.js +26 -0
  7. package/dist/cjs/components/CasLoginButton.js.map +1 -0
  8. package/dist/cjs/components/CasProtectedRoute.d.ts.map +1 -0
  9. package/dist/cjs/components/CasProtectedRoute.js +61 -0
  10. package/dist/cjs/components/CasProtectedRoute.js.map +1 -0
  11. package/dist/{handlers → cjs/handlers}/callback.d.ts +2 -2
  12. package/dist/cjs/handlers/callback.d.ts.map +1 -0
  13. package/dist/cjs/handlers/callback.js +68 -0
  14. package/dist/cjs/handlers/callback.js.map +1 -0
  15. package/dist/cjs/handlers/index.d.ts +8 -0
  16. package/dist/cjs/handlers/index.d.ts.map +1 -0
  17. package/dist/cjs/handlers/index.js +14 -0
  18. package/dist/cjs/handlers/index.js.map +1 -0
  19. package/dist/{handlers → cjs/handlers}/logout.d.ts +2 -2
  20. package/dist/cjs/handlers/logout.d.ts.map +1 -0
  21. package/dist/cjs/handlers/logout.js +64 -0
  22. package/dist/cjs/handlers/logout.js.map +1 -0
  23. package/dist/{handlers → cjs/handlers}/user.d.ts +1 -1
  24. package/dist/cjs/handlers/user.d.ts.map +1 -0
  25. package/dist/cjs/handlers/user.js +47 -0
  26. package/dist/cjs/handlers/user.js.map +1 -0
  27. package/dist/{hooks → cjs/hooks}/useCasAuth.d.ts +1 -1
  28. package/dist/cjs/hooks/useCasAuth.d.ts.map +1 -0
  29. package/dist/cjs/hooks/useCasAuth.js +17 -0
  30. package/dist/cjs/hooks/useCasAuth.js.map +1 -0
  31. package/dist/{hooks → cjs/hooks}/useCasUser.d.ts +1 -1
  32. package/dist/cjs/hooks/useCasUser.d.ts.map +1 -0
  33. package/dist/cjs/hooks/useCasUser.js +48 -0
  34. package/dist/cjs/hooks/useCasUser.js.map +1 -0
  35. package/dist/{index.d.ts → cjs/index.d.ts} +10 -10
  36. package/dist/cjs/index.d.ts.map +1 -0
  37. package/dist/cjs/index.js +26 -0
  38. package/dist/cjs/index.js.map +1 -0
  39. package/dist/{middleware.d.ts → cjs/middleware.d.ts} +2 -2
  40. package/dist/cjs/middleware.d.ts.map +1 -0
  41. package/dist/cjs/middleware.js +114 -0
  42. package/dist/cjs/middleware.js.map +1 -0
  43. package/dist/cjs/package.json +3 -0
  44. package/dist/{server → cjs/server}/auth.d.ts +2 -2
  45. package/dist/cjs/server/auth.d.ts.map +1 -0
  46. package/dist/cjs/server/auth.js +222 -0
  47. package/dist/cjs/server/auth.js.map +1 -0
  48. package/dist/{server → cjs/server}/cas-client.d.ts +1 -1
  49. package/dist/cjs/server/cas-client.d.ts.map +1 -0
  50. package/dist/cjs/server/cas-client.js +226 -0
  51. package/dist/cjs/server/cas-client.js.map +1 -0
  52. package/dist/{server → cjs/server}/index.d.ts +3 -3
  53. package/dist/cjs/server/index.d.ts.map +1 -0
  54. package/dist/cjs/server/index.js +20 -0
  55. package/dist/cjs/server/index.js.map +1 -0
  56. package/dist/cjs/types.d.ts.map +1 -0
  57. package/dist/cjs/types.js +7 -0
  58. package/dist/cjs/types.js.map +1 -0
  59. package/dist/esm/CasProvider.d.ts +63 -0
  60. package/dist/esm/CasProvider.d.ts.map +1 -0
  61. package/dist/esm/CasProvider.js.map +1 -0
  62. package/dist/esm/components/CasLoginButton.d.ts +36 -0
  63. package/dist/esm/components/CasLoginButton.d.ts.map +1 -0
  64. package/dist/{components → esm/components}/CasLoginButton.js +1 -1
  65. package/dist/esm/components/CasLoginButton.js.map +1 -0
  66. package/dist/esm/components/CasProtectedRoute.d.ts +51 -0
  67. package/dist/esm/components/CasProtectedRoute.d.ts.map +1 -0
  68. package/dist/{components → esm/components}/CasProtectedRoute.js +1 -1
  69. package/dist/esm/components/CasProtectedRoute.js.map +1 -0
  70. package/dist/esm/handlers/callback.d.ts +39 -0
  71. package/dist/esm/handlers/callback.d.ts.map +1 -0
  72. package/dist/{handlers → esm/handlers}/callback.js +4 -4
  73. package/dist/esm/handlers/callback.js.map +1 -0
  74. package/dist/esm/handlers/index.d.ts +8 -0
  75. package/dist/esm/handlers/index.d.ts.map +1 -0
  76. package/dist/esm/handlers/index.js +8 -0
  77. package/dist/esm/handlers/index.js.map +1 -0
  78. package/dist/esm/handlers/logout.d.ts +36 -0
  79. package/dist/esm/handlers/logout.d.ts.map +1 -0
  80. package/dist/{handlers → esm/handlers}/logout.js +4 -4
  81. package/dist/esm/handlers/logout.js.map +1 -0
  82. package/dist/esm/handlers/user.d.ts +27 -0
  83. package/dist/esm/handlers/user.d.ts.map +1 -0
  84. package/dist/{handlers → esm/handlers}/user.js +3 -3
  85. package/dist/esm/handlers/user.js.map +1 -0
  86. package/dist/esm/hooks/useCasAuth.d.ts +32 -0
  87. package/dist/esm/hooks/useCasAuth.d.ts.map +1 -0
  88. package/dist/{hooks → esm/hooks}/useCasAuth.js +1 -1
  89. package/dist/esm/hooks/useCasAuth.js.map +1 -0
  90. package/dist/esm/hooks/useCasUser.d.ts +33 -0
  91. package/dist/esm/hooks/useCasUser.d.ts.map +1 -0
  92. package/dist/{hooks → esm/hooks}/useCasUser.js +1 -1
  93. package/dist/esm/hooks/useCasUser.js.map +1 -0
  94. package/dist/esm/index.d.ts +19 -0
  95. package/dist/esm/index.d.ts.map +1 -0
  96. package/dist/{index.js → esm/index.js} +5 -5
  97. package/dist/esm/index.js.map +1 -0
  98. package/dist/esm/middleware.d.ts +40 -0
  99. package/dist/esm/middleware.d.ts.map +1 -0
  100. package/dist/{middleware.js → esm/middleware.js} +2 -2
  101. package/dist/esm/middleware.js.map +1 -0
  102. package/dist/esm/package.json +3 -0
  103. package/dist/esm/server/auth.d.ts +111 -0
  104. package/dist/esm/server/auth.d.ts.map +1 -0
  105. package/dist/{server → esm/server}/auth.js +1 -1
  106. package/dist/esm/server/auth.js.map +1 -0
  107. package/dist/esm/server/cas-client.d.ts +93 -0
  108. package/dist/esm/server/cas-client.d.ts.map +1 -0
  109. package/dist/esm/server/cas-client.js.map +1 -0
  110. package/dist/esm/server/index.d.ts +12 -0
  111. package/dist/esm/server/index.d.ts.map +1 -0
  112. package/dist/{server → esm/server}/index.js +2 -2
  113. package/dist/esm/server/index.js.map +1 -0
  114. package/dist/esm/types.d.ts +170 -0
  115. package/dist/esm/types.d.ts.map +1 -0
  116. package/dist/esm/types.js.map +1 -0
  117. package/package.json +39 -19
  118. package/dist/CasProvider.d.ts.map +0 -1
  119. package/dist/CasProvider.js.map +0 -1
  120. package/dist/components/CasLoginButton.d.ts.map +0 -1
  121. package/dist/components/CasLoginButton.js.map +0 -1
  122. package/dist/components/CasProtectedRoute.d.ts.map +0 -1
  123. package/dist/components/CasProtectedRoute.js.map +0 -1
  124. package/dist/handlers/callback.d.ts.map +0 -1
  125. package/dist/handlers/callback.js.map +0 -1
  126. package/dist/handlers/index.d.ts +0 -8
  127. package/dist/handlers/index.d.ts.map +0 -1
  128. package/dist/handlers/index.js +0 -8
  129. package/dist/handlers/index.js.map +0 -1
  130. package/dist/handlers/logout.d.ts.map +0 -1
  131. package/dist/handlers/logout.js.map +0 -1
  132. package/dist/handlers/user.d.ts.map +0 -1
  133. package/dist/handlers/user.js.map +0 -1
  134. package/dist/hooks/useCasAuth.d.ts.map +0 -1
  135. package/dist/hooks/useCasAuth.js.map +0 -1
  136. package/dist/hooks/useCasUser.d.ts.map +0 -1
  137. package/dist/hooks/useCasUser.js.map +0 -1
  138. package/dist/index.d.ts.map +0 -1
  139. package/dist/index.js.map +0 -1
  140. package/dist/middleware.d.ts.map +0 -1
  141. package/dist/middleware.js.map +0 -1
  142. package/dist/server/auth.d.ts.map +0 -1
  143. package/dist/server/auth.js.map +0 -1
  144. package/dist/server/cas-client.d.ts.map +0 -1
  145. package/dist/server/cas-client.js.map +0 -1
  146. package/dist/server/index.d.ts.map +0 -1
  147. package/dist/server/index.js.map +0 -1
  148. package/dist/types.d.ts.map +0 -1
  149. package/dist/types.js.map +0 -1
  150. /package/dist/{components → cjs/components}/CasLoginButton.d.ts +0 -0
  151. /package/dist/{components → cjs/components}/CasProtectedRoute.d.ts +0 -0
  152. /package/dist/{types.d.ts → cjs/types.d.ts} +0 -0
  153. /package/dist/{CasProvider.js → esm/CasProvider.js} +0 -0
  154. /package/dist/{server → esm/server}/cas-client.js +0 -0
  155. /package/dist/{types.js → esm/types.js} +0 -0
@@ -0,0 +1,226 @@
1
+ "use strict";
2
+ /**
3
+ * @module @cas-system/nextjs-cas-client/server/cas-client
4
+ * @description Server-side CAS client for token validation, generation, and
5
+ * SSO login URL construction. Uses only the built-in `fetch` API — zero
6
+ * external dependencies.
7
+ *
8
+ * **IMPORTANT:** This module must only run on the server. It requires the
9
+ * `clientSecret` which must never be sent to the browser.
10
+ */
11
+ Object.defineProperty(exports, "__esModule", { value: true });
12
+ exports.CasClient = void 0;
13
+ // ---------------------------------------------------------------------------
14
+ // Helpers
15
+ // ---------------------------------------------------------------------------
16
+ /**
17
+ * Normalise a base URL by stripping a trailing slash.
18
+ * @internal
19
+ */
20
+ function normaliseUrl(url) {
21
+ return url.replace(/\/+$/, '');
22
+ }
23
+ // ---------------------------------------------------------------------------
24
+ // CasClient
25
+ // ---------------------------------------------------------------------------
26
+ /**
27
+ * Server-side CAS client.
28
+ *
29
+ * @example
30
+ * ```ts
31
+ * import { CasClient } from '@cas-system/nextjs-cas-client/server';
32
+ *
33
+ * const cas = new CasClient({
34
+ * serverUrl: process.env.CAS_SERVER_URL!,
35
+ * clientId: process.env.CAS_CLIENT_ID!,
36
+ * clientSecret: process.env.CAS_CLIENT_SECRET!,
37
+ * callbackUrl: process.env.CAS_CALLBACK_URL,
38
+ * });
39
+ *
40
+ * // Validate a token received from the callback
41
+ * const user = await cas.validateToken(token);
42
+ * ```
43
+ */
44
+ class CasClient {
45
+ constructor(config) {
46
+ if (!config.serverUrl)
47
+ throw new Error('[CasClient] serverUrl is required');
48
+ if (!config.clientId)
49
+ throw new Error('[CasClient] clientId is required');
50
+ if (!config.clientSecret)
51
+ throw new Error('[CasClient] clientSecret is required');
52
+ this.config = {
53
+ ...config,
54
+ serverUrl: normaliseUrl(config.serverUrl),
55
+ };
56
+ }
57
+ // -----------------------------------------------------------------------
58
+ // Login URL
59
+ // -----------------------------------------------------------------------
60
+ /**
61
+ * Build the CAS SSO login URL.
62
+ *
63
+ * @param returnUrl - Optional URL to redirect back to after login.
64
+ * Falls back to `config.callbackUrl`.
65
+ * @returns Fully-qualified CAS login URL.
66
+ *
67
+ * @example
68
+ * ```ts
69
+ * const loginUrl = cas.getLoginUrl('/dashboard');
70
+ * redirect(loginUrl);
71
+ * ```
72
+ */
73
+ getLoginUrl(returnUrl) {
74
+ const callbackUrl = returnUrl ?? this.config.callbackUrl ?? '/api/cas/callback';
75
+ const params = new URLSearchParams({
76
+ client_id: this.config.clientId,
77
+ response_type: 'token',
78
+ redirect_uri: callbackUrl,
79
+ });
80
+ return `${this.config.serverUrl}/sso/login?${params.toString()}`;
81
+ }
82
+ // -----------------------------------------------------------------------
83
+ // Token Validation
84
+ // -----------------------------------------------------------------------
85
+ /**
86
+ * Validate a JWT token with the CAS server (server-to-server call).
87
+ *
88
+ * @param token - The JWT token received from the CAS callback.
89
+ * @returns The authenticated {@link CasUser} or `null` if invalid.
90
+ *
91
+ * @example
92
+ * ```ts
93
+ * const user = await cas.validateToken(token);
94
+ * if (!user) throw new Error('Invalid token');
95
+ * ```
96
+ */
97
+ async validateToken(token) {
98
+ try {
99
+ const res = await fetch(`${this.config.serverUrl}/api/validate-token`, {
100
+ method: 'POST',
101
+ headers: {
102
+ 'Content-Type': 'application/json',
103
+ },
104
+ body: JSON.stringify({
105
+ token,
106
+ client_id: this.config.clientId,
107
+ client_secret: this.config.clientSecret,
108
+ }),
109
+ cache: 'no-store',
110
+ });
111
+ if (!res.ok) {
112
+ console.error(`[CasClient] validateToken failed: ${res.status} ${res.statusText}`);
113
+ return null;
114
+ }
115
+ const data = (await res.json());
116
+ if (!data.valid || !data.user)
117
+ return null;
118
+ return data.user;
119
+ }
120
+ catch (err) {
121
+ console.error('[CasClient] validateToken error:', err);
122
+ return null;
123
+ }
124
+ }
125
+ // -----------------------------------------------------------------------
126
+ // Token Generation
127
+ // -----------------------------------------------------------------------
128
+ /**
129
+ * Generate a JWT token for the given username (server-to-server).
130
+ *
131
+ * This is useful for machine-to-machine auth flows or impersonation
132
+ * when the calling service already knows the target user.
133
+ *
134
+ * @param username - The username to issue a token for.
135
+ * @returns The JWT string or `null` on failure.
136
+ */
137
+ async generateToken(username) {
138
+ try {
139
+ const res = await fetch(`${this.config.serverUrl}/api/sso/token`, {
140
+ method: 'POST',
141
+ headers: {
142
+ 'Content-Type': 'application/json',
143
+ },
144
+ body: JSON.stringify({
145
+ client_id: this.config.clientId,
146
+ client_secret: this.config.clientSecret,
147
+ username,
148
+ }),
149
+ cache: 'no-store',
150
+ });
151
+ if (!res.ok) {
152
+ console.error(`[CasClient] generateToken failed: ${res.status} ${res.statusText}`);
153
+ return null;
154
+ }
155
+ const data = (await res.json());
156
+ if (!data.token)
157
+ return null;
158
+ return data.token;
159
+ }
160
+ catch (err) {
161
+ console.error('[CasClient] generateToken error:', err);
162
+ return null;
163
+ }
164
+ }
165
+ // -----------------------------------------------------------------------
166
+ // Logout
167
+ // -----------------------------------------------------------------------
168
+ /**
169
+ * Notify the CAS server of a logout event.
170
+ *
171
+ * @param token - Optional token to invalidate on the server.
172
+ * @returns `true` if the server acknowledged the logout.
173
+ */
174
+ async logout(token) {
175
+ try {
176
+ const headers = {
177
+ 'Content-Type': 'application/json',
178
+ };
179
+ if (token) {
180
+ headers['Authorization'] = `Bearer ${token}`;
181
+ }
182
+ const res = await fetch(`${this.config.serverUrl}/api/logout`, {
183
+ method: 'POST',
184
+ headers,
185
+ body: JSON.stringify({
186
+ client_id: this.config.clientId,
187
+ }),
188
+ cache: 'no-store',
189
+ });
190
+ return res.ok;
191
+ }
192
+ catch (err) {
193
+ console.error('[CasClient] logout error:', err);
194
+ return false;
195
+ }
196
+ }
197
+ // -----------------------------------------------------------------------
198
+ // Role helpers
199
+ // -----------------------------------------------------------------------
200
+ /**
201
+ * Check whether a user has **all** of the specified roles.
202
+ *
203
+ * @param user - The CAS user.
204
+ * @param roles - Required roles.
205
+ * @returns `true` if the user possesses every role.
206
+ */
207
+ static hasRoles(user, roles) {
208
+ if (!user.roles)
209
+ return roles.length === 0;
210
+ return roles.every((r) => user.roles.includes(r));
211
+ }
212
+ /**
213
+ * Check whether a user has **at least one** of the specified roles.
214
+ *
215
+ * @param user - The CAS user.
216
+ * @param roles - Roles to check.
217
+ * @returns `true` if the user possesses any of the roles.
218
+ */
219
+ static hasAnyRole(user, roles) {
220
+ if (!user.roles)
221
+ return false;
222
+ return roles.some((r) => user.roles.includes(r));
223
+ }
224
+ }
225
+ exports.CasClient = CasClient;
226
+ //# sourceMappingURL=cas-client.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"cas-client.js","sourceRoot":"","sources":["../../../src/server/cas-client.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AASH,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E;;;GAGG;AACH,SAAS,YAAY,CAAC,GAAW;IAC/B,OAAO,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AACjC,CAAC;AAED,8EAA8E;AAC9E,YAAY;AACZ,8EAA8E;AAE9E;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAa,SAAS;IAGpB,YAAY,MAAuB;QACjC,IAAI,CAAC,MAAM,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QAC5E,IAAI,CAAC,MAAM,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QAC1E,IAAI,CAAC,MAAM,CAAC,YAAY;YACtB,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;QAE1D,IAAI,CAAC,MAAM,GAAG;YACZ,GAAG,MAAM;YACT,SAAS,EAAE,YAAY,CAAC,MAAM,CAAC,SAAS,CAAC;SAC1C,CAAC;IACJ,CAAC;IAED,0EAA0E;IAC1E,YAAY;IACZ,0EAA0E;IAE1E;;;;;;;;;;;;OAYG;IACH,WAAW,CAAC,SAAkB;QAC5B,MAAM,WAAW,GACf,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,mBAAmB,CAAC;QAC9D,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC/B,aAAa,EAAE,OAAO;YACtB,YAAY,EAAE,WAAW;SAC1B,CAAC,CAAC;QACH,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,cAAc,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;IACnE,CAAC;IAED,0EAA0E;IAC1E,mBAAmB;IACnB,0EAA0E;IAE1E;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,aAAa,CAAC,KAAa;QAC/B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CACrB,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,qBAAqB,EAC7C;gBACE,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;iBACnC;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,KAAK;oBACL,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;oBAC/B,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;iBACxC,CAAC;gBACF,KAAK,EAAE,UAAU;aAClB,CACF,CAAC;YAEF,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,OAAO,CAAC,KAAK,CACX,qCAAqC,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CACpE,CAAC;gBACF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAwB,CAAC;YACvD,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,IAAI;gBAAE,OAAO,IAAI,CAAC;YAE3C,OAAO,IAAI,CAAC,IAAI,CAAC;QACnB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,GAAG,CAAC,CAAC;YACvD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,0EAA0E;IAC1E,mBAAmB;IACnB,0EAA0E;IAE1E;;;;;;;;OAQG;IACH,KAAK,CAAC,aAAa,CAAC,QAAgB;QAClC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CACrB,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,gBAAgB,EACxC;gBACE,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;iBACnC;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;oBAC/B,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;oBACvC,QAAQ;iBACT,CAAC;gBACF,KAAK,EAAE,UAAU;aAClB,CACF,CAAC;YAEF,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,OAAO,CAAC,KAAK,CACX,qCAAqC,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CACpE,CAAC;gBACF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAqB,CAAC;YACpD,IAAI,CAAC,IAAI,CAAC,KAAK;gBAAE,OAAO,IAAI,CAAC;YAE7B,OAAO,IAAI,CAAC,KAAK,CAAC;QACpB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,GAAG,CAAC,CAAC;YACvD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,0EAA0E;IAC1E,SAAS;IACT,0EAA0E;IAE1E;;;;;OAKG;IACH,KAAK,CAAC,MAAM,CAAC,KAAc;QACzB,IAAI,CAAC;YACH,MAAM,OAAO,GAA2B;gBACtC,cAAc,EAAE,kBAAkB;aACnC,CAAC;YACF,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,KAAK,EAAE,CAAC;YAC/C,CAAC;YAED,MAAM,GAAG,GAAG,MAAM,KAAK,CACrB,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,aAAa,EACrC;gBACE,MAAM,EAAE,MAAM;gBACd,OAAO;gBACP,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;iBAChC,CAAC;gBACF,KAAK,EAAE,UAAU;aAClB,CACF,CAAC;YAEF,OAAO,GAAG,CAAC,EAAE,CAAC;QAChB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,2BAA2B,EAAE,GAAG,CAAC,CAAC;YAChD,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,0EAA0E;IAC1E,eAAe;IACf,0EAA0E;IAE1E;;;;;;OAMG;IACH,MAAM,CAAC,QAAQ,CAAC,IAAa,EAAE,KAAe;QAC5C,IAAI,CAAC,IAAI,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC;QAC3C,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,UAAU,CAAC,IAAa,EAAE,KAAe;QAC9C,IAAI,CAAC,IAAI,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC;QAC9B,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACpD,CAAC;CACF;AA/MD,8BA+MC"}
@@ -6,7 +6,7 @@
6
6
  * the cookie-based session helpers. These modules require the
7
7
  * `clientSecret` / cookie signing secret and must never run in the browser.
8
8
  */
9
- export { CasClient } from './cas-client';
10
- export { getCasSession, setCasSession, clearCasSession, withCasAuth, getCasSessionFromRequest, } from './auth';
11
- export type { CasConfig, CasServerConfig, CasUser, CasSessionData, CasHandlerConfig, } from '../types';
9
+ export { CasClient } from './cas-client.js';
10
+ export { getCasSession, setCasSession, clearCasSession, withCasAuth, getCasSessionFromRequest, } from './auth.js';
11
+ export type { CasConfig, CasServerConfig, CasUser, CasSessionData, CasHandlerConfig, } from '../types.js';
12
12
  //# sourceMappingURL=index.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/server/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EACL,aAAa,EACb,aAAa,EACb,eAAe,EACf,WAAW,EACX,wBAAwB,GACzB,MAAM,WAAW,CAAC;AAEnB,YAAY,EACV,SAAS,EACT,eAAe,EACf,OAAO,EACP,cAAc,EACd,gBAAgB,GACjB,MAAM,aAAa,CAAC"}
@@ -0,0 +1,20 @@
1
+ "use strict";
2
+ /**
3
+ * @module @cas-system/nextjs-cas-client/server
4
+ * @description Server-only entry point for the Next.js CAS Client SDK.
5
+ *
6
+ * Exposes the {@link CasClient} (token validation / generation / logout) and
7
+ * the cookie-based session helpers. These modules require the
8
+ * `clientSecret` / cookie signing secret and must never run in the browser.
9
+ */
10
+ Object.defineProperty(exports, "__esModule", { value: true });
11
+ exports.getCasSessionFromRequest = exports.withCasAuth = exports.clearCasSession = exports.setCasSession = exports.getCasSession = exports.CasClient = void 0;
12
+ var cas_client_js_1 = require("./cas-client.js");
13
+ Object.defineProperty(exports, "CasClient", { enumerable: true, get: function () { return cas_client_js_1.CasClient; } });
14
+ var auth_js_1 = require("./auth.js");
15
+ Object.defineProperty(exports, "getCasSession", { enumerable: true, get: function () { return auth_js_1.getCasSession; } });
16
+ Object.defineProperty(exports, "setCasSession", { enumerable: true, get: function () { return auth_js_1.setCasSession; } });
17
+ Object.defineProperty(exports, "clearCasSession", { enumerable: true, get: function () { return auth_js_1.clearCasSession; } });
18
+ Object.defineProperty(exports, "withCasAuth", { enumerable: true, get: function () { return auth_js_1.withCasAuth; } });
19
+ Object.defineProperty(exports, "getCasSessionFromRequest", { enumerable: true, get: function () { return auth_js_1.getCasSessionFromRequest; } });
20
+ //# sourceMappingURL=index.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/server/index.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;AAEH,iDAA4C;AAAnC,0GAAA,SAAS,OAAA;AAClB,qCAMmB;AALjB,wGAAA,aAAa,OAAA;AACb,wGAAA,aAAa,OAAA;AACb,0GAAA,eAAe,OAAA;AACf,sGAAA,WAAW,OAAA;AACX,mHAAA,wBAAwB,OAAA"}
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH;;;;;;;;;;;GAWG;AACH,MAAM,WAAW,SAAS;IACxB,sDAAsD;IACtD,SAAS,EAAE,MAAM,CAAC;IAElB,kEAAkE;IAClE,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,eAAgB,SAAQ,SAAS;IAChD,0EAA0E;IAC1E,YAAY,EAAE,MAAM,CAAC;CACtB;AAMD;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,OAAO;IACtB,qCAAqC;IACrC,EAAE,EAAE,MAAM,CAAC;IAEX,sBAAsB;IACtB,QAAQ,EAAE,MAAM,CAAC;IAEjB,sBAAsB;IACtB,KAAK,EAAE,MAAM,CAAC;IAEd,wDAAwD;IACxD,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;CAClB;AAMD;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,8BAA8B;IAC9B,IAAI,EAAE,OAAO,CAAC;IAEd,8CAA8C;IAC9C,KAAK,EAAE,MAAM,CAAC;IAEd,sDAAsD;IACtD,SAAS,EAAE,MAAM,CAAC;CACnB;AAMD;;;;;;;;;;;GAWG;AACH,MAAM,WAAW,mBAAmB;IAClC;;;;OAIG;IACH,cAAc,EAAE,MAAM,EAAE,CAAC;IAEzB;;;;;OAKG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB;AAMD;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,0DAA0D;IAC1D,IAAI,EAAE,OAAO,GAAG,IAAI,CAAC;IAErB,6DAA6D;IAC7D,SAAS,EAAE,OAAO,CAAC;IAEnB,0CAA0C;IAC1C,eAAe,EAAE,OAAO,CAAC;IAEzB,iDAAiD;IACjD,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IAEpB,kDAAkD;IAClD,KAAK,EAAE,CAAC,SAAS,CAAC,EAAE,MAAM,KAAK,IAAI,CAAC;IAEpC,oDAAoD;IACpD,MAAM,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAE5B,4CAA4C;IAC5C,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9B;AAMD;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,qCAAqC;IACrC,GAAG,EAAE,eAAe,CAAC;IAErB;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;;OAGG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAMD;;;;;GAKG;AACH,MAAM,WAAW,mBAAmB;IAClC,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;;GAIG;AACH,MAAM,WAAW,gBAAgB;IAC/B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB"}
@@ -0,0 +1,7 @@
1
+ "use strict";
2
+ /**
3
+ * @module @cas-system/nextjs-cas-client/types
4
+ * @description Core TypeScript type definitions for the CAS Client SDK.
5
+ */
6
+ Object.defineProperty(exports, "__esModule", { value: true });
7
+ //# sourceMappingURL=types.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":";AAAA;;;GAGG"}
@@ -0,0 +1,63 @@
1
+ /**
2
+ * @module @cas-system/nextjs-cas-client/CasProvider
3
+ * @description Client-side React context provider that manages CAS
4
+ * authentication state. Fetches the current session from
5
+ * `/api/cas/user` on mount and exposes login / logout / refresh actions.
6
+ *
7
+ * @example
8
+ * ```tsx
9
+ * // app/layout.tsx
10
+ * import { CasProvider } from '@cas-system/nextjs-cas-client';
11
+ *
12
+ * export default function RootLayout({ children }: { children: React.ReactNode }) {
13
+ * return (
14
+ * <html>
15
+ * <body>
16
+ * <CasProvider>{children}</CasProvider>
17
+ * </body>
18
+ * </html>
19
+ * );
20
+ * }
21
+ * ```
22
+ */
23
+ import React from 'react';
24
+ import type { CasAuthContext } from './types.js';
25
+ /** Props accepted by {@link CasProvider}. */
26
+ export interface CasProviderProps {
27
+ children: React.ReactNode;
28
+ /**
29
+ * Custom endpoint that returns the current user JSON.
30
+ * @default '/api/cas/user'
31
+ */
32
+ userEndpoint?: string;
33
+ /**
34
+ * Custom endpoint for logout.
35
+ * @default '/api/cas/logout'
36
+ */
37
+ logoutEndpoint?: string;
38
+ /**
39
+ * CAS login URL (client-side redirect).
40
+ * When omitted the provider builds it from `casServerUrl` and `casClientId`.
41
+ */
42
+ loginUrl?: string;
43
+ /** CAS server URL — used to build the login redirect when `loginUrl` is not provided. */
44
+ casServerUrl?: string;
45
+ /** CAS client ID — used to build the login redirect when `loginUrl` is not provided. */
46
+ casClientId?: string;
47
+ /** Callback URL — used to build the login redirect when `loginUrl` is not provided. */
48
+ casCallbackUrl?: string;
49
+ }
50
+ /**
51
+ * Client-side authentication provider.
52
+ *
53
+ * Wrap your application (typically in `app/layout.tsx`) with this provider to
54
+ * make CAS auth state available to all client components via the
55
+ * {@link useCasAuth} and {@link useCasUser} hooks.
56
+ */
57
+ export declare function CasProvider({ children, userEndpoint, logoutEndpoint, loginUrl: loginUrlProp, casServerUrl, casClientId, casCallbackUrl, }: CasProviderProps): React.JSX.Element;
58
+ /**
59
+ * Access the CAS auth context. Must be called inside a `<CasProvider>`.
60
+ * @throws If used outside of a `CasProvider`.
61
+ */
62
+ export declare function useCasAuthContext(): CasAuthContext;
63
+ //# sourceMappingURL=CasProvider.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"CasProvider.d.ts","sourceRoot":"","sources":["../../src/CasProvider.tsx"],"names":[],"mappings":"AAEA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAEH,OAAO,KAON,MAAM,OAAO,CAAC;AACf,OAAO,KAAK,EAAE,cAAc,EAAW,MAAM,YAAY,CAAC;AAY1D,6CAA6C;AAC7C,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;IAE1B;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;;OAGG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,yFAAyF;IACzF,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB,wFAAwF;IACxF,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,uFAAuF;IACvF,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAMD;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,EAC1B,QAAQ,EACR,YAA8B,EAC9B,cAAkC,EAClC,QAAQ,EAAE,YAAY,EACtB,YAAY,EACZ,WAAW,EACX,cAAc,GACf,EAAE,gBAAgB,qBA8GlB;AAMD;;;GAGG;AACH,wBAAgB,iBAAiB,IAAI,cAAc,CASlD"}
@@ -0,0 +1 @@
1
+ {"version":3,"file":"CasProvider.js","sourceRoot":"","sources":["../../src/CasProvider.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AAEb;;;;;;;;;;;;;;;;;;;;;GAqBG;AAEH,OAAc,EACZ,aAAa,EACb,WAAW,EACX,UAAU,EACV,SAAS,EACT,OAAO,EACP,QAAQ,GACT,MAAM,OAAO,CAAC;AAGf,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,MAAM,UAAU,GAAG,aAAa,CAA6B,SAAS,CAAC,CAAC;AAsCxE,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E;;;;;;GAMG;AACH,MAAM,UAAU,WAAW,CAAC,EAC1B,QAAQ,EACR,YAAY,GAAG,eAAe,EAC9B,cAAc,GAAG,iBAAiB,EAClC,QAAQ,EAAE,YAAY,EACtB,YAAY,EACZ,WAAW,EACX,cAAc,GACG;IACjB,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAiB,IAAI,CAAC,CAAC;IACvD,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IAEvD,0EAA0E;IAC1E,wBAAwB;IACxB,0EAA0E;IAE1E,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACvC,YAAY,CAAC,IAAI,CAAC,CAAC;QACnB,QAAQ,CAAC,IAAI,CAAC,CAAC;QACf,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,YAAY,EAAE;gBACpC,WAAW,EAAE,aAAa;gBAC1B,KAAK,EAAE,UAAU;aAClB,CAAC,CAAC;YACH,IAAI,GAAG,CAAC,EAAE,EAAE,CAAC;gBACX,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAsB,CAAC;gBACrD,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,CAAC;YAC7B,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,IAAI,CAAC,CAAC;YAChB,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,IAAI,CAAC,CAAC;YACd,QAAQ,CACN,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,6BAA6B,CAAC,CACtE,CAAC;QACJ,CAAC;gBAAS,CAAC;YACT,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;IACH,CAAC,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC;IAEnB,SAAS,CAAC,GAAG,EAAE;QACb,KAAK,SAAS,EAAE,CAAC;IACnB,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;IAEhB,0EAA0E;IAC1E,UAAU;IACV,0EAA0E;IAE1E,MAAM,KAAK,GAAG,WAAW,CACvB,CAAC,SAAkB,EAAE,EAAE;QACrB,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,CAAC;YAClC,IAAI,SAAS;gBAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;YAC5D,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;YACtC,OAAO;QACT,CAAC;QAED,IAAI,YAAY,IAAI,WAAW,EAAE,CAAC;YAChC,MAAM,QAAQ,GACZ,cAAc;gBACd,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,mBAAmB,CAAC;YAE/C,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC7C,IAAI,SAAS;gBAAE,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;YAE3E,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;gBACjC,SAAS,EAAE,WAAW;gBACtB,aAAa,EAAE,OAAO;gBACtB,YAAY,EAAE,kBAAkB,CAAC,QAAQ,EAAE;aAC5C,CAAC,CAAC;YACH,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,YAAY,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,cAAc,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;YAC5F,OAAO;QACT,CAAC;QAED,4CAA4C;QAC5C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QACtD,IAAI,SAAS;YAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;QAC5D,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;IACxC,CAAC,EACD,CAAC,YAAY,EAAE,YAAY,EAAE,WAAW,EAAE,cAAc,CAAC,CAC1D,CAAC;IAEF,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACpC,IAAI,CAAC;YACH,MAAM,KAAK,CAAC,cAAc,EAAE;gBAC1B,MAAM,EAAE,MAAM;gBACd,WAAW,EAAE,aAAa;aAC3B,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACP,wCAAwC;QAC1C,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC;QACd,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC;IAC7B,CAAC,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC;IAErB,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACrC,MAAM,SAAS,EAAE,CAAC;IACpB,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;IAEhB,0EAA0E;IAC1E,yBAAyB;IACzB,0EAA0E;IAE1E,MAAM,KAAK,GAAG,OAAO,CACnB,GAAG,EAAE,CAAC,CAAC;QACL,IAAI;QACJ,SAAS;QACT,eAAe,EAAE,CAAC,CAAC,IAAI;QACvB,KAAK;QACL,KAAK;QACL,MAAM;QACN,OAAO;KACR,CAAC,EACF,CAAC,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,CACjD,CAAC;IAEF,OAAO,KAAC,UAAU,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK,YAAG,QAAQ,GAAuB,CAAC;AAC7E,CAAC;AAED,8EAA8E;AAC9E,sCAAsC;AACtC,8EAA8E;AAE9E;;;GAGG;AACH,MAAM,UAAU,iBAAiB;IAC/B,MAAM,GAAG,GAAG,UAAU,CAAC,UAAU,CAAC,CAAC;IACnC,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CACb,yDAAyD;YACvD,qDAAqD,CACxD,CAAC;IACJ,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}
@@ -0,0 +1,36 @@
1
+ /**
2
+ * @module @cas-system/nextjs-cas-client/components/CasLoginButton
3
+ * @description A ready-to-use login button that redirects to the CAS SSO
4
+ * login page when clicked.
5
+ *
6
+ * @example
7
+ * ```tsx
8
+ * import { CasLoginButton } from '@cas-system/nextjs-cas-client';
9
+ *
10
+ * export default function Header() {
11
+ * return (
12
+ * <nav>
13
+ * <CasLoginButton>Sign in with SSO</CasLoginButton>
14
+ * </nav>
15
+ * );
16
+ * }
17
+ * ```
18
+ */
19
+ import React from 'react';
20
+ /** Props for {@link CasLoginButton}. */
21
+ export interface CasLoginButtonProps extends Omit<React.ButtonHTMLAttributes<HTMLButtonElement>, 'onClick'> {
22
+ children?: React.ReactNode;
23
+ /**
24
+ * URL to return to after login.
25
+ * Defaults to the current page.
26
+ */
27
+ returnUrl?: string;
28
+ }
29
+ /**
30
+ * A simple button that triggers the CAS login flow.
31
+ *
32
+ * When the user is already authenticated the button renders nothing by
33
+ * default. Customise this via the {@link CasLoginButtonProps}.
34
+ */
35
+ export declare function CasLoginButton({ children, returnUrl, ...buttonProps }: CasLoginButtonProps): React.JSX.Element | null;
36
+ //# sourceMappingURL=CasLoginButton.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"CasLoginButton.d.ts","sourceRoot":"","sources":["../../../src/components/CasLoginButton.tsx"],"names":[],"mappings":"AAEA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B,wCAAwC;AACxC,MAAM,WAAW,mBACf,SAAQ,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,iBAAiB,CAAC,EAAE,SAAS,CAAC;IACtE,QAAQ,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC;IAE3B;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,EAC7B,QAAoB,EACpB,SAAS,EACT,GAAG,WAAW,EACf,EAAE,mBAAmB,4BA8BrB"}
@@ -1,6 +1,6 @@
1
1
  'use client';
2
2
  import { jsx as _jsx } from "react/jsx-runtime";
3
- import { useCasAuthContext } from '../CasProvider';
3
+ import { useCasAuthContext } from '../CasProvider.js';
4
4
  /**
5
5
  * A simple button that triggers the CAS login flow.
6
6
  *
@@ -0,0 +1 @@
1
+ {"version":3,"file":"CasLoginButton.js","sourceRoot":"","sources":["../../../src/components/CasLoginButton.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AAsBb,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AActD;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAAC,EAC7B,QAAQ,GAAG,SAAS,EACpB,SAAS,EACT,GAAG,WAAW,EACM;IACpB,MAAM,EAAE,eAAe,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,iBAAiB,EAAE,CAAC;IAElE,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,CACL,oBAAY,WAAW,EAAE,QAAQ,oCAExB,CACV,CAAC;IACJ,CAAC;IAED,IAAI,eAAe,EAAE,CAAC;QACpB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CACL,oBACM,WAAW,EACf,OAAO,EAAE,GAAG,EAAE,CACZ,KAAK,CACH,SAAS;YACP,CAAC,OAAO,MAAM,KAAK,WAAW;gBAC5B,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM;gBACnD,CAAC,CAAC,SAAS,CAAC,CACjB,YAGF,QAAQ,GACF,CACV,CAAC;AACJ,CAAC"}
@@ -0,0 +1,51 @@
1
+ /**
2
+ * @module @cas-system/nextjs-cas-client/components/CasProtectedRoute
3
+ * @description Client component that guards its children behind CAS
4
+ * authentication. Shows a loading state while the session is being
5
+ * fetched and redirects to login when no valid session exists.
6
+ *
7
+ * @example
8
+ * ```tsx
9
+ * import { CasProtectedRoute } from '@cas-system/nextjs-cas-client';
10
+ *
11
+ * export default function SecretPage() {
12
+ * return (
13
+ * <CasProtectedRoute>
14
+ * <h1>Secret Content</h1>
15
+ * </CasProtectedRoute>
16
+ * );
17
+ * }
18
+ * ```
19
+ */
20
+ import React from 'react';
21
+ /** Props for {@link CasProtectedRoute}. */
22
+ export interface CasProtectedRouteProps {
23
+ children: React.ReactNode;
24
+ /**
25
+ * Optional list of required roles. The user must possess **all** of
26
+ * these roles to see the content.
27
+ */
28
+ roles?: string[];
29
+ /**
30
+ * Custom loading element shown while the session is being fetched.
31
+ * @default A simple "Loading…" paragraph.
32
+ */
33
+ loadingFallback?: React.ReactNode;
34
+ /**
35
+ * Custom element shown when the user is authenticated but lacks the
36
+ * required roles.
37
+ * @default A simple "Access denied" paragraph.
38
+ */
39
+ unauthorizedFallback?: React.ReactNode;
40
+ /**
41
+ * URL to redirect to when not authenticated.
42
+ * If omitted the provider's `login()` action is invoked instead.
43
+ */
44
+ redirectTo?: string;
45
+ }
46
+ /**
47
+ * Client component that only renders its children when the user is
48
+ * authenticated (and optionally has the required roles).
49
+ */
50
+ export declare function CasProtectedRoute({ children, roles, loadingFallback, unauthorizedFallback, redirectTo, }: CasProtectedRouteProps): React.JSX.Element;
51
+ //# sourceMappingURL=CasProtectedRoute.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"CasProtectedRoute.d.ts","sourceRoot":"","sources":["../../../src/components/CasProtectedRoute.tsx"],"names":[],"mappings":"AAEA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,KAAoB,MAAM,OAAO,CAAC;AAGzC,2CAA2C;AAC3C,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;IAE1B;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IAEjB;;;OAGG;IACH,eAAe,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC;IAElC;;;;OAIG;IACH,oBAAoB,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC;IAEvC;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,EAChC,QAAQ,EACR,KAAK,EACL,eAAe,EACf,oBAAoB,EACpB,UAAU,GACX,EAAE,sBAAsB,qBAmCxB"}
@@ -20,7 +20,7 @@ import { jsx as _jsx, Fragment as _Fragment } from "react/jsx-runtime";
20
20
  * ```
21
21
  */
22
22
  import { useEffect } from 'react';
23
- import { useCasAuthContext } from '../CasProvider';
23
+ import { useCasAuthContext } from '../CasProvider.js';
24
24
  /**
25
25
  * Client component that only renders its children when the user is
26
26
  * authenticated (and optionally has the required roles).
@@ -0,0 +1 @@
1
+ {"version":3,"file":"CasProtectedRoute.js","sourceRoot":"","sources":["../../../src/components/CasProtectedRoute.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AAEb;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAc,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACzC,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAgCtD;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,EAChC,QAAQ,EACR,KAAK,EACL,eAAe,EACf,oBAAoB,EACpB,UAAU,GACa;IACvB,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,eAAe,EAAE,KAAK,EAAE,GAAG,iBAAiB,EAAE,CAAC;IAExE,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,SAAS,IAAI,CAAC,eAAe,EAAE,CAAC;YACnC,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,UAAU,CAAC;YACpC,CAAC;iBAAM,CAAC;gBACN,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC3D,CAAC;QACH,CAAC;IACH,CAAC,EAAE,CAAC,SAAS,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC;IAEpD,gBAAgB;IAChB,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,4BAAG,eAAe,IAAI,wCAAe,GAAI,CAAC;IACnD,CAAC;IAED,iDAAiD;IACjD,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,OAAO,4BAAG,eAAe,IAAI,qDAA4B,GAAI,CAAC;IAChE,CAAC;IAED,aAAa;IACb,IAAI,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,MAAM,SAAS,GAAG,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;QACpC,MAAM,gBAAgB,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QACnE,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,OAAO,CACL,4BAAG,oBAAoB,IAAI,yEAAgD,GAAI,CAChF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,4BAAG,QAAQ,GAAI,CAAC;AACzB,CAAC"}
@@ -0,0 +1,39 @@
1
+ /**
2
+ * @module @cas-system/nextjs-cas-client/handlers/callback
3
+ * @description API route handler for the CAS SSO callback endpoint.
4
+ *
5
+ * After the CAS server authenticates the user it redirects to
6
+ * `{callbackUrl}?token=JWT_TOKEN`. This handler:
7
+ *
8
+ * 1. Extracts the `token` query parameter.
9
+ * 2. Validates it server-side via the CAS `/api/validate-token` endpoint.
10
+ * 3. Sets an encrypted session cookie.
11
+ * 4. Redirects the user to the intended URL (or `/`).
12
+ *
13
+ * @example
14
+ * ```ts
15
+ * // app/api/cas/callback/route.ts
16
+ * import { createCallbackHandler } from '@cas-system/nextjs-cas-client/handlers';
17
+ *
18
+ * const handler = createCallbackHandler({
19
+ * cas: {
20
+ * serverUrl: process.env.CAS_SERVER_URL!,
21
+ * clientId: process.env.CAS_CLIENT_ID!,
22
+ * clientSecret: process.env.CAS_CLIENT_SECRET!,
23
+ * },
24
+ * afterLoginUrl: '/dashboard',
25
+ * });
26
+ *
27
+ * export { handler as GET };
28
+ * ```
29
+ */
30
+ import { NextRequest, NextResponse } from 'next/server.js';
31
+ import type { CasHandlerConfig } from '../types.js';
32
+ /**
33
+ * Create a GET handler for `/api/cas/callback`.
34
+ *
35
+ * @param config - Handler configuration including CAS server details.
36
+ * @returns A Next.js App Router GET handler.
37
+ */
38
+ export declare function createCallbackHandler(config: CasHandlerConfig): (request: NextRequest) => Promise<NextResponse>;
39
+ //# sourceMappingURL=callback.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"callback.d.ts","sourceRoot":"","sources":["../../../src/handlers/callback.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE3D,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAIpD;;;;;GAKG;AACH,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,gBAAgB,IAIlC,SAAS,WAAW,KAAG,OAAO,CAAC,YAAY,CAAC,CA4BvE"}
@@ -27,10 +27,10 @@
27
27
  * export { handler as GET };
28
28
  * ```
29
29
  */
30
- import { NextResponse } from 'next/server';
31
- import { cookies } from 'next/headers';
32
- import { CasClient } from '../server/cas-client';
33
- import { setCasSession } from '../server/auth';
30
+ import { NextResponse } from 'next/server.js';
31
+ import { cookies } from 'next/headers.js';
32
+ import { CasClient } from '../server/cas-client.js';
33
+ import { setCasSession } from '../server/auth.js';
34
34
  /**
35
35
  * Create a GET handler for `/api/cas/callback`.
36
36
  *
@@ -0,0 +1 @@
1
+ {"version":3,"file":"callback.js","sourceRoot":"","sources":["../../../src/handlers/callback.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,OAAO,EAAe,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAE1C,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAElD;;;;;GAKG;AACH,MAAM,UAAU,qBAAqB,CAAC,MAAwB;IAC5D,MAAM,GAAG,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACtC,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,IAAI,GAAG,CAAC;IAElD,OAAO,KAAK,UAAU,GAAG,CAAC,OAAoB;QAC5C,MAAM,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;QACzC,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACxC,MAAM,SAAS,GAAG,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,aAAa,CAAC;QAEjE,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;YAClE,OAAO,YAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,uBAAuB,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9E,CAAC;QAED,iCAAiC;QACjC,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QAE5C,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;YACxD,OAAO,YAAY,CAAC,QAAQ,CAC1B,IAAI,GAAG,CAAC,4BAA4B,EAAE,OAAO,CAAC,GAAG,CAAC,CACnD,CAAC;QACJ,CAAC;QAED,qBAAqB;QACrB,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;QACpC,MAAM,aAAa,CAAC,WAAW,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;QAE9C,+BAA+B;QAC/B,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;QACpD,OAAO,YAAY,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC5C,CAAC,CAAC;AACJ,CAAC"}
@@ -0,0 +1,8 @@
1
+ /**
2
+ * @module @cas-system/nextjs-cas-client/handlers
3
+ * @description Re-exports all API route handler factories.
4
+ */
5
+ export { createCallbackHandler } from './callback.js';
6
+ export { createLogoutHandler } from './logout.js';
7
+ export { createUserHandler } from './user.js';
8
+ //# sourceMappingURL=index.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/handlers/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC"}
@@ -0,0 +1,8 @@
1
+ /**
2
+ * @module @cas-system/nextjs-cas-client/handlers
3
+ * @description Re-exports all API route handler factories.
4
+ */
5
+ export { createCallbackHandler } from './callback.js';
6
+ export { createLogoutHandler } from './logout.js';
7
+ export { createUserHandler } from './user.js';
8
+ //# sourceMappingURL=index.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/handlers/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC"}
@@ -0,0 +1,36 @@
1
+ /**
2
+ * @module @cas-system/nextjs-cas-client/handlers/logout
3
+ * @description API route handler for the CAS logout endpoint.
4
+ *
5
+ * 1. Reads the session to obtain the JWT token.
6
+ * 2. Notifies the CAS server of the logout.
7
+ * 3. Clears the session cookies.
8
+ * 4. Redirects the user (or returns 200 for API calls).
9
+ *
10
+ * @example
11
+ * ```ts
12
+ * // app/api/cas/logout/route.ts
13
+ * import { createLogoutHandler } from '@cas-system/nextjs-cas-client/handlers';
14
+ *
15
+ * const handler = createLogoutHandler({
16
+ * cas: {
17
+ * serverUrl: process.env.CAS_SERVER_URL!,
18
+ * clientId: process.env.CAS_CLIENT_ID!,
19
+ * clientSecret: process.env.CAS_CLIENT_SECRET!,
20
+ * },
21
+ * afterLogoutUrl: '/',
22
+ * });
23
+ *
24
+ * export { handler as POST };
25
+ * ```
26
+ */
27
+ import { NextRequest, NextResponse } from 'next/server.js';
28
+ import type { CasHandlerConfig } from '../types.js';
29
+ /**
30
+ * Create a POST handler for `/api/cas/logout`.
31
+ *
32
+ * @param config - Handler configuration.
33
+ * @returns A Next.js App Router POST handler.
34
+ */
35
+ export declare function createLogoutHandler(config: CasHandlerConfig): (request: NextRequest) => Promise<NextResponse>;
36
+ //# sourceMappingURL=logout.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"logout.d.ts","sourceRoot":"","sources":["../../../src/handlers/logout.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE3D,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAIpD;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,gBAAgB,IAI/B,SAAS,WAAW,KAAG,OAAO,CAAC,YAAY,CAAC,CAyBxE"}
@@ -24,10 +24,10 @@
24
24
  * export { handler as POST };
25
25
  * ```
26
26
  */
27
- import { NextResponse } from 'next/server';
28
- import { cookies } from 'next/headers';
29
- import { CasClient } from '../server/cas-client';
30
- import { getCasSession, clearCasSession } from '../server/auth';
27
+ import { NextResponse } from 'next/server.js';
28
+ import { cookies } from 'next/headers.js';
29
+ import { CasClient } from '../server/cas-client.js';
30
+ import { getCasSession, clearCasSession } from '../server/auth.js';
31
31
  /**
32
32
  * Create a POST handler for `/api/cas/logout`.
33
33
  *