@cas-system/nextjs-cas-client 1.0.0 → 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{CasProvider.d.ts → cjs/CasProvider.d.ts} +1 -1
- package/dist/cjs/CasProvider.d.ts.map +1 -0
- package/dist/cjs/CasProvider.js +154 -0
- package/dist/cjs/CasProvider.js.map +1 -0
- package/dist/cjs/components/CasLoginButton.d.ts.map +1 -0
- package/dist/cjs/components/CasLoginButton.js +26 -0
- package/dist/cjs/components/CasLoginButton.js.map +1 -0
- package/dist/cjs/components/CasProtectedRoute.d.ts.map +1 -0
- package/dist/cjs/components/CasProtectedRoute.js +61 -0
- package/dist/cjs/components/CasProtectedRoute.js.map +1 -0
- package/dist/{handlers → cjs/handlers}/callback.d.ts +2 -2
- package/dist/cjs/handlers/callback.d.ts.map +1 -0
- package/dist/cjs/handlers/callback.js +68 -0
- package/dist/cjs/handlers/callback.js.map +1 -0
- package/dist/cjs/handlers/index.d.ts +8 -0
- package/dist/cjs/handlers/index.d.ts.map +1 -0
- package/dist/cjs/handlers/index.js +14 -0
- package/dist/cjs/handlers/index.js.map +1 -0
- package/dist/{handlers → cjs/handlers}/logout.d.ts +2 -2
- package/dist/cjs/handlers/logout.d.ts.map +1 -0
- package/dist/cjs/handlers/logout.js +64 -0
- package/dist/cjs/handlers/logout.js.map +1 -0
- package/dist/{handlers → cjs/handlers}/user.d.ts +1 -1
- package/dist/cjs/handlers/user.d.ts.map +1 -0
- package/dist/cjs/handlers/user.js +47 -0
- package/dist/cjs/handlers/user.js.map +1 -0
- package/dist/{hooks → cjs/hooks}/useCasAuth.d.ts +1 -1
- package/dist/cjs/hooks/useCasAuth.d.ts.map +1 -0
- package/dist/cjs/hooks/useCasAuth.js +17 -0
- package/dist/cjs/hooks/useCasAuth.js.map +1 -0
- package/dist/{hooks → cjs/hooks}/useCasUser.d.ts +1 -1
- package/dist/cjs/hooks/useCasUser.d.ts.map +1 -0
- package/dist/cjs/hooks/useCasUser.js +48 -0
- package/dist/cjs/hooks/useCasUser.js.map +1 -0
- package/dist/{index.d.ts → cjs/index.d.ts} +10 -10
- package/dist/cjs/index.d.ts.map +1 -0
- package/dist/cjs/index.js +26 -0
- package/dist/cjs/index.js.map +1 -0
- package/dist/{middleware.d.ts → cjs/middleware.d.ts} +2 -2
- package/dist/cjs/middleware.d.ts.map +1 -0
- package/dist/cjs/middleware.js +114 -0
- package/dist/cjs/middleware.js.map +1 -0
- package/dist/cjs/package.json +3 -0
- package/dist/{server → cjs/server}/auth.d.ts +2 -2
- package/dist/cjs/server/auth.d.ts.map +1 -0
- package/dist/cjs/server/auth.js +222 -0
- package/dist/cjs/server/auth.js.map +1 -0
- package/dist/{server → cjs/server}/cas-client.d.ts +1 -1
- package/dist/cjs/server/cas-client.d.ts.map +1 -0
- package/dist/cjs/server/cas-client.js +226 -0
- package/dist/cjs/server/cas-client.js.map +1 -0
- package/dist/{server → cjs/server}/index.d.ts +3 -3
- package/dist/cjs/server/index.d.ts.map +1 -0
- package/dist/cjs/server/index.js +20 -0
- package/dist/cjs/server/index.js.map +1 -0
- package/dist/cjs/types.d.ts.map +1 -0
- package/dist/cjs/types.js +7 -0
- package/dist/cjs/types.js.map +1 -0
- package/dist/esm/CasProvider.d.ts +63 -0
- package/dist/esm/CasProvider.d.ts.map +1 -0
- package/dist/esm/CasProvider.js.map +1 -0
- package/dist/esm/components/CasLoginButton.d.ts +36 -0
- package/dist/esm/components/CasLoginButton.d.ts.map +1 -0
- package/dist/{components → esm/components}/CasLoginButton.js +1 -1
- package/dist/esm/components/CasLoginButton.js.map +1 -0
- package/dist/esm/components/CasProtectedRoute.d.ts +51 -0
- package/dist/esm/components/CasProtectedRoute.d.ts.map +1 -0
- package/dist/{components → esm/components}/CasProtectedRoute.js +1 -1
- package/dist/esm/components/CasProtectedRoute.js.map +1 -0
- package/dist/esm/handlers/callback.d.ts +39 -0
- package/dist/esm/handlers/callback.d.ts.map +1 -0
- package/dist/{handlers → esm/handlers}/callback.js +4 -4
- package/dist/esm/handlers/callback.js.map +1 -0
- package/dist/esm/handlers/index.d.ts +8 -0
- package/dist/esm/handlers/index.d.ts.map +1 -0
- package/dist/esm/handlers/index.js +8 -0
- package/dist/esm/handlers/index.js.map +1 -0
- package/dist/esm/handlers/logout.d.ts +36 -0
- package/dist/esm/handlers/logout.d.ts.map +1 -0
- package/dist/{handlers → esm/handlers}/logout.js +4 -4
- package/dist/esm/handlers/logout.js.map +1 -0
- package/dist/esm/handlers/user.d.ts +27 -0
- package/dist/esm/handlers/user.d.ts.map +1 -0
- package/dist/{handlers → esm/handlers}/user.js +3 -3
- package/dist/esm/handlers/user.js.map +1 -0
- package/dist/esm/hooks/useCasAuth.d.ts +32 -0
- package/dist/esm/hooks/useCasAuth.d.ts.map +1 -0
- package/dist/{hooks → esm/hooks}/useCasAuth.js +1 -1
- package/dist/esm/hooks/useCasAuth.js.map +1 -0
- package/dist/esm/hooks/useCasUser.d.ts +33 -0
- package/dist/esm/hooks/useCasUser.d.ts.map +1 -0
- package/dist/{hooks → esm/hooks}/useCasUser.js +1 -1
- package/dist/esm/hooks/useCasUser.js.map +1 -0
- package/dist/esm/index.d.ts +19 -0
- package/dist/esm/index.d.ts.map +1 -0
- package/dist/{index.js → esm/index.js} +5 -5
- package/dist/esm/index.js.map +1 -0
- package/dist/esm/middleware.d.ts +40 -0
- package/dist/esm/middleware.d.ts.map +1 -0
- package/dist/{middleware.js → esm/middleware.js} +2 -2
- package/dist/esm/middleware.js.map +1 -0
- package/dist/esm/package.json +3 -0
- package/dist/esm/server/auth.d.ts +111 -0
- package/dist/esm/server/auth.d.ts.map +1 -0
- package/dist/{server → esm/server}/auth.js +1 -1
- package/dist/esm/server/auth.js.map +1 -0
- package/dist/esm/server/cas-client.d.ts +93 -0
- package/dist/esm/server/cas-client.d.ts.map +1 -0
- package/dist/esm/server/cas-client.js.map +1 -0
- package/dist/esm/server/index.d.ts +12 -0
- package/dist/esm/server/index.d.ts.map +1 -0
- package/dist/{server → esm/server}/index.js +2 -2
- package/dist/esm/server/index.js.map +1 -0
- package/dist/esm/types.d.ts +170 -0
- package/dist/esm/types.d.ts.map +1 -0
- package/dist/esm/types.js.map +1 -0
- package/package.json +39 -19
- package/dist/CasProvider.d.ts.map +0 -1
- package/dist/CasProvider.js.map +0 -1
- package/dist/components/CasLoginButton.d.ts.map +0 -1
- package/dist/components/CasLoginButton.js.map +0 -1
- package/dist/components/CasProtectedRoute.d.ts.map +0 -1
- package/dist/components/CasProtectedRoute.js.map +0 -1
- package/dist/handlers/callback.d.ts.map +0 -1
- package/dist/handlers/callback.js.map +0 -1
- package/dist/handlers/index.d.ts +0 -8
- package/dist/handlers/index.d.ts.map +0 -1
- package/dist/handlers/index.js +0 -8
- package/dist/handlers/index.js.map +0 -1
- package/dist/handlers/logout.d.ts.map +0 -1
- package/dist/handlers/logout.js.map +0 -1
- package/dist/handlers/user.d.ts.map +0 -1
- package/dist/handlers/user.js.map +0 -1
- package/dist/hooks/useCasAuth.d.ts.map +0 -1
- package/dist/hooks/useCasAuth.js.map +0 -1
- package/dist/hooks/useCasUser.d.ts.map +0 -1
- package/dist/hooks/useCasUser.js.map +0 -1
- package/dist/index.d.ts.map +0 -1
- package/dist/index.js.map +0 -1
- package/dist/middleware.d.ts.map +0 -1
- package/dist/middleware.js.map +0 -1
- package/dist/server/auth.d.ts.map +0 -1
- package/dist/server/auth.js.map +0 -1
- package/dist/server/cas-client.d.ts.map +0 -1
- package/dist/server/cas-client.js.map +0 -1
- package/dist/server/index.d.ts.map +0 -1
- package/dist/server/index.js.map +0 -1
- package/dist/types.d.ts.map +0 -1
- package/dist/types.js.map +0 -1
- /package/dist/{components → cjs/components}/CasLoginButton.d.ts +0 -0
- /package/dist/{components → cjs/components}/CasProtectedRoute.d.ts +0 -0
- /package/dist/{types.d.ts → cjs/types.d.ts} +0 -0
- /package/dist/{CasProvider.js → esm/CasProvider.js} +0 -0
- /package/dist/{server → esm/server}/cas-client.js +0 -0
- /package/dist/{types.js → esm/types.js} +0 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"logout.js","sourceRoot":"","sources":["../../../src/handlers/logout.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,OAAO,EAAe,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAE1C,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAEnE;;;;;GAKG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAwB;IAC1D,MAAM,GAAG,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACtC,MAAM,cAAc,GAAG,MAAM,CAAC,cAAc,IAAI,GAAG,CAAC;IAEpD,OAAO,KAAK,UAAU,IAAI,CAAC,OAAoB;QAC7C,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;QAEpC,oDAAoD;QACpD,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,WAAW,CAAC,CAAC;QAEjD,sCAAsC;QACtC,IAAI,OAAO,EAAE,KAAK,EAAE,CAAC;YACnB,MAAM,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;gBACzC,yDAAyD;YAC3D,CAAC,CAAC,CAAC;QACL,CAAC;QAED,8BAA8B;QAC9B,eAAe,CAAC,WAAW,CAAC,CAAC;QAE7B,mEAAmE;QACnE,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QACnD,IAAI,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACxC,OAAO,YAAY,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QAC9C,CAAC;QAED,qBAAqB;QACrB,OAAO,YAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,cAAc,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;IACrE,CAAC,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @module @cas-system/nextjs-cas-client/handlers/user
|
|
3
|
+
* @description API route handler that returns the current CAS user from
|
|
4
|
+
* the session cookie. This endpoint is called by the client-side
|
|
5
|
+
* `CasProvider` to hydrate the auth state.
|
|
6
|
+
*
|
|
7
|
+
* @example
|
|
8
|
+
* ```ts
|
|
9
|
+
* // app/api/cas/user/route.ts
|
|
10
|
+
* import { createUserHandler } from '@cas-system/nextjs-cas-client/handlers';
|
|
11
|
+
*
|
|
12
|
+
* const handler = createUserHandler();
|
|
13
|
+
* export { handler as GET };
|
|
14
|
+
* ```
|
|
15
|
+
*/
|
|
16
|
+
import { NextResponse } from 'next/server.js';
|
|
17
|
+
/**
|
|
18
|
+
* Create a GET handler for `/api/cas/user`.
|
|
19
|
+
*
|
|
20
|
+
* Returns `{ user: CasUser }` when authenticated, or `401` otherwise.
|
|
21
|
+
* The response includes `Cache-Control: no-store` to prevent caching of
|
|
22
|
+
* auth state.
|
|
23
|
+
*
|
|
24
|
+
* @returns A Next.js App Router GET handler.
|
|
25
|
+
*/
|
|
26
|
+
export declare function createUserHandler(): () => Promise<NextResponse>;
|
|
27
|
+
//# sourceMappingURL=user.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"user.d.ts","sourceRoot":"","sources":["../../../src/handlers/user.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAI9C;;;;;;;;GAQG;AACH,wBAAgB,iBAAiB,UACF,OAAO,CAAC,YAAY,CAAC,CAsBnD"}
|
|
@@ -13,9 +13,9 @@
|
|
|
13
13
|
* export { handler as GET };
|
|
14
14
|
* ```
|
|
15
15
|
*/
|
|
16
|
-
import { NextResponse } from 'next/server';
|
|
17
|
-
import { cookies } from 'next/headers';
|
|
18
|
-
import { getCasSession } from '../server/auth';
|
|
16
|
+
import { NextResponse } from 'next/server.js';
|
|
17
|
+
import { cookies } from 'next/headers.js';
|
|
18
|
+
import { getCasSession } from '../server/auth.js';
|
|
19
19
|
/**
|
|
20
20
|
* Create a GET handler for `/api/cas/user`.
|
|
21
21
|
*
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"user.js","sourceRoot":"","sources":["../../../src/handlers/user.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAElD;;;;;;;;GAQG;AACH,MAAM,UAAU,iBAAiB;IAC/B,OAAO,KAAK,UAAU,GAAG;QACvB,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;QACpC,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,WAAW,CAAC,CAAC;QAEjD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,YAAY,CAAC,IAAI,CACtB,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,mBAAmB,EAAE,EAC1C;gBACE,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,eAAe,EAAE,UAAU,EAAE;aACzC,CACF,CAAC;QACJ,CAAC;QAED,OAAO,YAAY,CAAC,IAAI,CACtB,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,EACtB;YACE,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,eAAe,EAAE,UAAU,EAAE;SACzC,CACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @module @cas-system/nextjs-cas-client/hooks/useCasAuth
|
|
3
|
+
* @description Client-side hook for accessing CAS authentication state and
|
|
4
|
+
* actions (login, logout, refresh).
|
|
5
|
+
*
|
|
6
|
+
* @example
|
|
7
|
+
* ```tsx
|
|
8
|
+
* 'use client';
|
|
9
|
+
* import { useCasAuth } from '@cas-system/nextjs-cas-client';
|
|
10
|
+
*
|
|
11
|
+
* export function Navbar() {
|
|
12
|
+
* const { user, isAuthenticated, login, logout } = useCasAuth();
|
|
13
|
+
*
|
|
14
|
+
* return isAuthenticated ? (
|
|
15
|
+
* <button onClick={logout}>Sign out ({user?.username})</button>
|
|
16
|
+
* ) : (
|
|
17
|
+
* <button onClick={() => login()}>Sign in</button>
|
|
18
|
+
* );
|
|
19
|
+
* }
|
|
20
|
+
* ```
|
|
21
|
+
*/
|
|
22
|
+
import type { CasAuthContext } from '../types.js';
|
|
23
|
+
/**
|
|
24
|
+
* Access CAS authentication state and actions.
|
|
25
|
+
*
|
|
26
|
+
* This is a convenience re-export of the context hook. Must be used inside
|
|
27
|
+
* a `<CasProvider>`.
|
|
28
|
+
*
|
|
29
|
+
* @returns The full {@link CasAuthContext}.
|
|
30
|
+
*/
|
|
31
|
+
export declare function useCasAuth(): CasAuthContext;
|
|
32
|
+
//# sourceMappingURL=useCasAuth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"useCasAuth.d.ts","sourceRoot":"","sources":["../../../src/hooks/useCasAuth.ts"],"names":[],"mappings":"AAEA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAGlD;;;;;;;GAOG;AACH,wBAAgB,UAAU,IAAI,cAAc,CAE3C"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"useCasAuth.js","sourceRoot":"","sources":["../../../src/hooks/useCasAuth.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAyBb,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAEtD;;;;;;;GAOG;AACH,MAAM,UAAU,UAAU;IACxB,OAAO,iBAAiB,EAAE,CAAC;AAC7B,CAAC"}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
import type { CasUser } from '../types.js';
|
|
2
|
+
/** Return type of {@link useCasUser}. */
|
|
3
|
+
export interface UseCasUserReturn {
|
|
4
|
+
/** The current user, or `null` when not authenticated. */
|
|
5
|
+
user: CasUser | null;
|
|
6
|
+
/** Whether the initial session fetch is still loading. */
|
|
7
|
+
isLoading: boolean;
|
|
8
|
+
/** Whether a valid session exists. */
|
|
9
|
+
isAuthenticated: boolean;
|
|
10
|
+
/**
|
|
11
|
+
* Check whether the current user has **all** of the specified roles.
|
|
12
|
+
*
|
|
13
|
+
* @param roles - Required roles.
|
|
14
|
+
* @returns `true` if the user possesses every role (or the list is empty).
|
|
15
|
+
*/
|
|
16
|
+
hasRole: (...roles: string[]) => boolean;
|
|
17
|
+
/**
|
|
18
|
+
* Check whether the current user has **at least one** of the specified roles.
|
|
19
|
+
*
|
|
20
|
+
* @param roles - Roles to check.
|
|
21
|
+
* @returns `true` if the user possesses any one role.
|
|
22
|
+
*/
|
|
23
|
+
hasAnyRole: (...roles: string[]) => boolean;
|
|
24
|
+
/** All roles assigned to the current user (empty array when unauthenticated). */
|
|
25
|
+
roles: string[];
|
|
26
|
+
}
|
|
27
|
+
/**
|
|
28
|
+
* Hook for accessing the current CAS user and performing role checks.
|
|
29
|
+
*
|
|
30
|
+
* Must be used inside a `<CasProvider>`.
|
|
31
|
+
*/
|
|
32
|
+
export declare function useCasUser(): UseCasUserReturn;
|
|
33
|
+
//# sourceMappingURL=useCasUser.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"useCasUser.d.ts","sourceRoot":"","sources":["../../../src/hooks/useCasUser.ts"],"names":[],"mappings":"AAyBA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAG3C,yCAAyC;AACzC,MAAM,WAAW,gBAAgB;IAC/B,0DAA0D;IAC1D,IAAI,EAAE,OAAO,GAAG,IAAI,CAAC;IAErB,0DAA0D;IAC1D,SAAS,EAAE,OAAO,CAAC;IAEnB,sCAAsC;IACtC,eAAe,EAAE,OAAO,CAAC;IAEzB;;;;;OAKG;IACH,OAAO,EAAE,CAAC,GAAG,KAAK,EAAE,MAAM,EAAE,KAAK,OAAO,CAAC;IAEzC;;;;;OAKG;IACH,UAAU,EAAE,CAAC,GAAG,KAAK,EAAE,MAAM,EAAE,KAAK,OAAO,CAAC;IAE5C,iFAAiF;IACjF,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB;AAED;;;;GAIG;AACH,wBAAgB,UAAU,IAAI,gBAAgB,CAsB7C"}
|
|
@@ -21,7 +21,7 @@
|
|
|
21
21
|
* ```
|
|
22
22
|
*/
|
|
23
23
|
import { useCallback, useMemo } from 'react';
|
|
24
|
-
import { useCasAuthContext } from '../CasProvider';
|
|
24
|
+
import { useCasAuthContext } from '../CasProvider.js';
|
|
25
25
|
/**
|
|
26
26
|
* Hook for accessing the current CAS user and performing role checks.
|
|
27
27
|
*
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"useCasUser.js","sourceRoot":"","sources":["../../../src/hooks/useCasUser.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,OAAO,CAAC;AAE7C,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAiCtD;;;;GAIG;AACH,MAAM,UAAU,UAAU;IACxB,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,eAAe,EAAE,GAAG,iBAAiB,EAAE,CAAC;IAEjE,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,KAAK,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;IAEvD,MAAM,OAAO,GAAG,WAAW,CACzB,CAAC,GAAG,QAAkB,EAAE,EAAE;QACxB,IAAI,CAAC,IAAI,EAAE,KAAK;YAAE,OAAO,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC;QAC/C,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACxD,CAAC,EACD,CAAC,IAAI,CAAC,CACP,CAAC;IAEF,MAAM,UAAU,GAAG,WAAW,CAC5B,CAAC,GAAG,UAAoB,EAAE,EAAE;QAC1B,IAAI,CAAC,IAAI,EAAE,KAAK;YAAE,OAAO,KAAK,CAAC;QAC/B,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACzD,CAAC,EACD,CAAC,IAAI,CAAC,CACP,CAAC;IAEF,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,eAAe,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC;AAC1E,CAAC"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @module @cas-system/nextjs-cas-client
|
|
3
|
+
* @description Public entry point for the Next.js CAS Client SDK.
|
|
4
|
+
*
|
|
5
|
+
* Re-exports the client-side provider, hooks, components, and shared types.
|
|
6
|
+
* Server-only helpers live under `@cas-system/nextjs-cas-client/server`,
|
|
7
|
+
* route handlers under `/handlers`, and middleware under `/middleware`.
|
|
8
|
+
*/
|
|
9
|
+
export { CasProvider, useCasAuthContext } from './CasProvider.js';
|
|
10
|
+
export type { CasProviderProps } from './CasProvider.js';
|
|
11
|
+
export { useCasAuth } from './hooks/useCasAuth.js';
|
|
12
|
+
export { useCasUser } from './hooks/useCasUser.js';
|
|
13
|
+
export type { UseCasUserReturn } from './hooks/useCasUser.js';
|
|
14
|
+
export { CasLoginButton } from './components/CasLoginButton.js';
|
|
15
|
+
export type { CasLoginButtonProps } from './components/CasLoginButton.js';
|
|
16
|
+
export { CasProtectedRoute } from './components/CasProtectedRoute.js';
|
|
17
|
+
export type { CasProtectedRouteProps } from './components/CasProtectedRoute.js';
|
|
18
|
+
export type { CasConfig, CasServerConfig, CasUser, CasSessionData, CasMiddlewareConfig, CasAuthContext, CasHandlerConfig, } from './types.js';
|
|
19
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAClE,YAAY,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAGzD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,YAAY,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAG9D,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAChE,YAAY,EAAE,mBAAmB,EAAE,MAAM,gCAAgC,CAAC;AAC1E,OAAO,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAC;AACtE,YAAY,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAC;AAGhF,YAAY,EACV,SAAS,EACT,eAAe,EACf,OAAO,EACP,cAAc,EACd,mBAAmB,EACnB,cAAc,EACd,gBAAgB,GACjB,MAAM,YAAY,CAAC"}
|
|
@@ -7,11 +7,11 @@
|
|
|
7
7
|
* route handlers under `/handlers`, and middleware under `/middleware`.
|
|
8
8
|
*/
|
|
9
9
|
// Provider + context hook
|
|
10
|
-
export { CasProvider, useCasAuthContext } from './CasProvider';
|
|
10
|
+
export { CasProvider, useCasAuthContext } from './CasProvider.js';
|
|
11
11
|
// Hooks
|
|
12
|
-
export { useCasAuth } from './hooks/useCasAuth';
|
|
13
|
-
export { useCasUser } from './hooks/useCasUser';
|
|
12
|
+
export { useCasAuth } from './hooks/useCasAuth.js';
|
|
13
|
+
export { useCasUser } from './hooks/useCasUser.js';
|
|
14
14
|
// Components
|
|
15
|
-
export { CasLoginButton } from './components/CasLoginButton';
|
|
16
|
-
export { CasProtectedRoute } from './components/CasProtectedRoute';
|
|
15
|
+
export { CasLoginButton } from './components/CasLoginButton.js';
|
|
16
|
+
export { CasProtectedRoute } from './components/CasProtectedRoute.js';
|
|
17
17
|
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,0BAA0B;AAC1B,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAGlE,QAAQ;AACR,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAGnD,aAAa;AACb,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAEhE,OAAO,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAC"}
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @module @cas-system/nextjs-cas-client/middleware
|
|
3
|
+
* @description Factory for creating a Next.js middleware that guards routes
|
|
4
|
+
* behind CAS authentication.
|
|
5
|
+
*
|
|
6
|
+
* @example
|
|
7
|
+
* ```ts
|
|
8
|
+
* // middleware.ts (project root)
|
|
9
|
+
* import { createCasMiddleware } from '@cas-system/nextjs-cas-client/middleware';
|
|
10
|
+
*
|
|
11
|
+
* export default createCasMiddleware({
|
|
12
|
+
* protectedPaths: ['/dashboard', '/admin', '/settings'],
|
|
13
|
+
* publicPaths: ['/api/health'],
|
|
14
|
+
* loginPath: '/login',
|
|
15
|
+
* });
|
|
16
|
+
*
|
|
17
|
+
* export const config = {
|
|
18
|
+
* matcher: ['/((?!_next/static|_next/image|favicon.ico).*)'],
|
|
19
|
+
* };
|
|
20
|
+
* ```
|
|
21
|
+
*/
|
|
22
|
+
import { NextRequest, NextResponse } from 'next/server.js';
|
|
23
|
+
import type { CasMiddlewareConfig } from './types.js';
|
|
24
|
+
/**
|
|
25
|
+
* Create a Next.js middleware function that enforces CAS authentication on
|
|
26
|
+
* the configured protected paths.
|
|
27
|
+
*
|
|
28
|
+
* @param config - Middleware configuration.
|
|
29
|
+
* @returns A Next.js-compatible middleware function.
|
|
30
|
+
*
|
|
31
|
+
* @remarks
|
|
32
|
+
* - If the request targets a **public path** it is always allowed through.
|
|
33
|
+
* - If the request targets a **protected path** and there is no valid CAS
|
|
34
|
+
* session cookie, the user is redirected to either the `loginPath` (if
|
|
35
|
+
* set) or the CAS server SSO login page.
|
|
36
|
+
* - The original URL is forwarded as a `?returnUrl=…` query parameter so
|
|
37
|
+
* the login page can redirect back after authentication.
|
|
38
|
+
*/
|
|
39
|
+
export declare function createCasMiddleware(config: CasMiddlewareConfig): (request: NextRequest) => Promise<NextResponse>;
|
|
40
|
+
//# sourceMappingURL=middleware.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AAatD;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,mBAAmB,IAQ3D,SAAS,WAAW,KACnB,OAAO,CAAC,YAAY,CAAC,CA+EzB"}
|
|
@@ -19,8 +19,8 @@
|
|
|
19
19
|
* };
|
|
20
20
|
* ```
|
|
21
21
|
*/
|
|
22
|
-
import { NextResponse } from 'next/server';
|
|
23
|
-
import { getCasSessionFromRequest } from './server/auth';
|
|
22
|
+
import { NextResponse } from 'next/server.js';
|
|
23
|
+
import { getCasSessionFromRequest } from './server/auth.js';
|
|
24
24
|
/**
|
|
25
25
|
* Check whether `pathname` starts with any of the given prefixes.
|
|
26
26
|
* @internal
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,EAAe,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE3D,OAAO,EAAE,wBAAwB,EAAE,MAAM,kBAAkB,CAAC;AAE5D;;;GAGG;AACH,SAAS,UAAU,CAAC,QAAgB,EAAE,QAAkB;IACtD,OAAO,QAAQ,CAAC,IAAI,CAClB,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,KAAK,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAC5E,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAA2B;IAC7D,MAAM,EACJ,cAAc,EACd,WAAW,GAAG,EAAE,EAChB,SAAS,GACV,GAAG,MAAM,CAAC;IAEX,OAAO,KAAK,UAAU,aAAa,CACjC,OAAoB;QAEpB,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;QAErC,oDAAoD;QACpD,IACE,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC;YAC7B,QAAQ,CAAC,UAAU,CAAC,UAAU,CAAC;YAC/B,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EACtB,CAAC;YACD,OAAO,YAAY,CAAC,IAAI,EAAE,CAAC;QAC7B,CAAC;QAED,0CAA0C;QAC1C,IAAI,UAAU,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,CAAC;YACtC,OAAO,YAAY,CAAC,IAAI,EAAE,CAAC;QAC7B,CAAC;QAED,qDAAqD;QACrD,MAAM,WAAW,GAAG,UAAU,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;QACzD,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,YAAY,CAAC,IAAI,EAAE,CAAC;QAC7B,CAAC;QAED,8CAA8C;QAC9C,MAAM,OAAO,GAAG,MAAM,wBAAwB,CAAC,OAAO,CAAC,CAAC;QACxD,IAAI,OAAO,EAAE,CAAC;YACZ,oEAAoE;YACpE,sEAAsE;YACtE,cAAc;YACd,MAAM,cAAc,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YACpD,cAAc,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;YAC/D,cAAc,CAAC,GAAG,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;YAElD,OAAO,YAAY,CAAC,IAAI,CAAC;gBACvB,OAAO,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE;aACrC,CAAC,CAAC;QACL,CAAC;QAED,2CAA2C;QAC3C,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC;QAEpE,IAAI,SAAS,EAAE,CAAC;YACd,uCAAuC;YACvC,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;YACjD,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;YAClD,OAAO,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACzC,CAAC;QAED,+CAA+C;QAC/C,2EAA2E;QAC3E,sEAAsE;QACtE,4EAA4E;QAC5E,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;QAC9E,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC;QAC9C,MAAM,cAAc,GAClB,OAAO,CAAC,GAAG,CAAC,gBAAgB;YAC5B,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,mBAAmB,CAAC;QAE/C,IAAI,CAAC,YAAY,IAAI,CAAC,WAAW,EAAE,CAAC;YAClC,OAAO,CAAC,KAAK,CACX,yEAAyE;gBACvE,kCAAkC,CACrC,CAAC;YACF,OAAO,YAAY,CAAC,IAAI,EAAE,CAAC;QAC7B,CAAC;QAED,yEAAyE;QACzE,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC,cAAc,CAAC,CAAC;QACnD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;QAE5D,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,SAAS,EAAE,WAAW;YACtB,aAAa,EAAE,OAAO;YACtB,YAAY,EAAE,kBAAkB,CAAC,QAAQ,EAAE;SAC5C,CAAC,CAAC;QAEH,MAAM,WAAW,GAAG,GAAG,YAAY,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,cAAc,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;QACzF,OAAO,YAAY,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC5C,CAAC,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,111 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @module @cas-system/nextjs-cas-client/server/auth
|
|
3
|
+
* @description Server-side session helpers for reading / writing CAS session
|
|
4
|
+
* data to Next.js cookies.
|
|
5
|
+
*
|
|
6
|
+
* The session is stored as a base-64 encoded JSON blob (signed with HMAC)
|
|
7
|
+
* inside an `HttpOnly`, `Secure`, `SameSite=Lax` cookie. This gives us
|
|
8
|
+
* tamper-proof cookies without requiring any external crypto library.
|
|
9
|
+
*
|
|
10
|
+
* **Security model:**
|
|
11
|
+
* - The cookie is `HttpOnly` — JavaScript in the browser cannot read it.
|
|
12
|
+
* - A separate HMAC signature cookie prevents tampering.
|
|
13
|
+
* - Token validation always happens server-side via {@link CasClient}.
|
|
14
|
+
*/
|
|
15
|
+
import type { ReadonlyRequestCookies } from 'next/dist/server/web/spec-extension/adapters/request-cookies';
|
|
16
|
+
import type { CasUser, CasSessionData } from '../types.js';
|
|
17
|
+
import { NextRequest, NextResponse } from 'next/server.js';
|
|
18
|
+
/**
|
|
19
|
+
* Read the CAS session from Next.js **request** cookies.
|
|
20
|
+
*
|
|
21
|
+
* Works in Server Components, Route Handlers, and middleware — anywhere
|
|
22
|
+
* you have access to the Next.js `cookies()` helper.
|
|
23
|
+
*
|
|
24
|
+
* @param cookies - The Next.js `cookies()` read-only store.
|
|
25
|
+
* @returns The session data, or `null` if no valid session exists.
|
|
26
|
+
*
|
|
27
|
+
* @example
|
|
28
|
+
* ```ts
|
|
29
|
+
* import { cookies } from 'next/headers';
|
|
30
|
+
* import { getCasSession } from '@cas-system/nextjs-cas-client/server';
|
|
31
|
+
*
|
|
32
|
+
* export default async function DashboardPage() {
|
|
33
|
+
* const session = await getCasSession(cookies());
|
|
34
|
+
* if (!session) redirect('/login');
|
|
35
|
+
* return <h1>Hello {session.user.username}</h1>;
|
|
36
|
+
* }
|
|
37
|
+
* ```
|
|
38
|
+
*/
|
|
39
|
+
export declare function getCasSession(cookies: ReadonlyRequestCookies): Promise<CasSessionData | null>;
|
|
40
|
+
/**
|
|
41
|
+
* Write the CAS session into Next.js **response** cookies.
|
|
42
|
+
*
|
|
43
|
+
* @param cookies - The Next.js `cookies()` store (must be writable — only
|
|
44
|
+
* available inside Route Handlers and Server Actions).
|
|
45
|
+
* @param user - The authenticated user.
|
|
46
|
+
* @param token - The raw JWT token.
|
|
47
|
+
*
|
|
48
|
+
* @example
|
|
49
|
+
* ```ts
|
|
50
|
+
* import { cookies } from 'next/headers';
|
|
51
|
+
* import { setCasSession } from '@cas-system/nextjs-cas-client/server';
|
|
52
|
+
*
|
|
53
|
+
* await setCasSession(cookies(), user, token);
|
|
54
|
+
* ```
|
|
55
|
+
*/
|
|
56
|
+
export declare function setCasSession(cookies: ReadonlyRequestCookies, user: CasUser, token: string): Promise<void>;
|
|
57
|
+
/**
|
|
58
|
+
* Delete the CAS session cookies.
|
|
59
|
+
*
|
|
60
|
+
* @param cookies - The Next.js `cookies()` store.
|
|
61
|
+
*
|
|
62
|
+
* @example
|
|
63
|
+
* ```ts
|
|
64
|
+
* import { cookies } from 'next/headers';
|
|
65
|
+
* import { clearCasSession } from '@cas-system/nextjs-cas-client/server';
|
|
66
|
+
*
|
|
67
|
+
* clearCasSession(cookies());
|
|
68
|
+
* ```
|
|
69
|
+
*/
|
|
70
|
+
export declare function clearCasSession(cookies: ReadonlyRequestCookies): void;
|
|
71
|
+
/** Typed Next.js App Router route handler signature. */
|
|
72
|
+
type RouteHandler = (req: NextRequest, ctx?: {
|
|
73
|
+
params?: Record<string, string>;
|
|
74
|
+
}) => Promise<NextResponse | Response> | NextResponse | Response;
|
|
75
|
+
/** A route handler that receives the authenticated user as a 3rd argument. */
|
|
76
|
+
type AuthenticatedHandler = (req: NextRequest, ctx: {
|
|
77
|
+
params?: Record<string, string>;
|
|
78
|
+
}, user: CasUser) => Promise<NextResponse | Response> | NextResponse | Response;
|
|
79
|
+
/**
|
|
80
|
+
* Higher-order function that wraps a Next.js App Router route handler,
|
|
81
|
+
* automatically extracting and verifying the CAS session and injecting the
|
|
82
|
+
* `CasUser` into the handler.
|
|
83
|
+
*
|
|
84
|
+
* If no valid session exists, responds with `401 Unauthorized`.
|
|
85
|
+
*
|
|
86
|
+
* @param handler - The protected route handler.
|
|
87
|
+
* @returns A standard Next.js route handler.
|
|
88
|
+
*
|
|
89
|
+
* @example
|
|
90
|
+
* ```ts
|
|
91
|
+
* // app/api/admin/route.ts
|
|
92
|
+
* import { withCasAuth } from '@cas-system/nextjs-cas-client/server';
|
|
93
|
+
*
|
|
94
|
+
* export const GET = withCasAuth(async (req, ctx, user) => {
|
|
95
|
+
* return NextResponse.json({ message: `Hello ${user.username}` });
|
|
96
|
+
* });
|
|
97
|
+
* ```
|
|
98
|
+
*/
|
|
99
|
+
export declare function withCasAuth(handler: AuthenticatedHandler): RouteHandler;
|
|
100
|
+
/**
|
|
101
|
+
* Read the CAS session from a plain `NextRequest` (useful in middleware
|
|
102
|
+
* and edge functions where the `cookies()` helper is not available).
|
|
103
|
+
*
|
|
104
|
+
* @param request - The incoming Next.js request.
|
|
105
|
+
* @returns Session data or `null`.
|
|
106
|
+
*
|
|
107
|
+
* @internal
|
|
108
|
+
*/
|
|
109
|
+
export declare function getCasSessionFromRequest(request: NextRequest): Promise<CasSessionData | null>;
|
|
110
|
+
export {};
|
|
111
|
+
//# sourceMappingURL=auth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/server/auth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,8DAA8D,CAAC;AAC3G,OAAO,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AA8D3D;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,sBAAsB,GAC9B,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAuBhC;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,sBAAsB,EAC/B,IAAI,EAAE,OAAO,EACb,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,IAAI,CAAC,CAgBf;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,sBAAsB,GAAG,IAAI,CAGrE;AAMD,wDAAwD;AACxD,KAAK,YAAY,GAAG,CAClB,GAAG,EAAE,WAAW,EAChB,GAAG,CAAC,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAAE,KACtC,OAAO,CAAC,YAAY,GAAG,QAAQ,CAAC,GAAG,YAAY,GAAG,QAAQ,CAAC;AAEhE,8EAA8E;AAC9E,KAAK,oBAAoB,GAAG,CAC1B,GAAG,EAAE,WAAW,EAChB,GAAG,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAAE,EACxC,IAAI,EAAE,OAAO,KACV,OAAO,CAAC,YAAY,GAAG,QAAQ,CAAC,GAAG,YAAY,GAAG,QAAQ,CAAC;AAEhE;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,oBAAoB,GAAG,YAAY,CAsCvE;AAED;;;;;;;;GAQG;AACH,wBAAsB,wBAAwB,CAC5C,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAehC"}
|
|
@@ -12,7 +12,7 @@
|
|
|
12
12
|
* - A separate HMAC signature cookie prevents tampering.
|
|
13
13
|
* - Token validation always happens server-side via {@link CasClient}.
|
|
14
14
|
*/
|
|
15
|
-
import { NextResponse } from 'next/server';
|
|
15
|
+
import { NextResponse } from 'next/server.js';
|
|
16
16
|
// ---------------------------------------------------------------------------
|
|
17
17
|
// Constants
|
|
18
18
|
// ---------------------------------------------------------------------------
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/server/auth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAIH,OAAO,EAAe,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE3D,8EAA8E;AAC9E,YAAY;AACZ,8EAA8E;AAE9E,0DAA0D;AAC1D,MAAM,cAAc,GAAG,aAAa,CAAC;AAErC,wEAAwE;AACxE,MAAM,gBAAgB,GAAG,iBAAiB,CAAC;AAE3C,0EAA0E;AAC1E,SAAS,gBAAgB;IACvB,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;IAC9E,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CACb,yFAAyF;YACvF,8CAA8C,CACjD,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,8EAA8E;AAC9E,0BAA0B;AAC1B,8EAA8E;AAE9E,gBAAgB;AAChB,KAAK,UAAU,WAAW,CAAC,OAAe,EAAE,MAAc;IACxD,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CACvC,KAAK,EACL,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EACtB,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,EACjC,KAAK,EACL,CAAC,MAAM,CAAC,CACT,CAAC;IACF,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;IAC3E,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED,gBAAgB;AAChB,KAAK,UAAU,aAAa,CAC1B,OAAe,EACf,SAAiB,EACjB,MAAc;IAEd,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IACpD,8DAA8D;IAC9D,IAAI,QAAQ,CAAC,MAAM,KAAK,SAAS,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACvD,IAAI,QAAQ,GAAG,CAAC,CAAC;IACjB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,QAAQ,IAAI,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAC/D,CAAC;IACD,OAAO,QAAQ,KAAK,CAAC,CAAC;AACxB,CAAC;AAED,8EAA8E;AAC9E,aAAa;AACb,8EAA8E;AAE9E;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,OAA+B;IAE/B,IAAI,CAAC;QACH,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAClD,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QAChD,IAAI,CAAC,aAAa,EAAE,KAAK,IAAI,CAAC,SAAS,EAAE,KAAK;YAAE,OAAO,IAAI,CAAC;QAE5D,MAAM,MAAM,GAAG,gBAAgB,EAAE,CAAC;QAClC,MAAM,KAAK,GAAG,MAAM,aAAa,CAC/B,aAAa,CAAC,KAAK,EACnB,SAAS,CAAC,KAAK,EACf,MAAM,CACP,CAAC;QACF,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,IAAI,CAAC,yDAAyD,CAAC,CAAC;YACxE,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAmB,CAAC;QACnD,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,OAA+B,EAC/B,IAAa,EACb,KAAa;IAEb,MAAM,IAAI,GAAmB,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;IACpE,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,gBAAgB,EAAE,CAAC;IAClC,MAAM,GAAG,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAE/C,MAAM,aAAa,GAAG;QACpB,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;QAC7C,QAAQ,EAAE,KAAc;QACxB,IAAI,EAAE,GAAG;QACT,MAAM,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,SAAS;KACpC,CAAC;IAED,OAAe,CAAC,GAAG,CAAC,cAAc,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC;IAC5D,OAAe,CAAC,GAAG,CAAC,gBAAgB,EAAE,GAAG,EAAE,aAAa,CAAC,CAAC;AAC7D,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,eAAe,CAAC,OAA+B;IAC5D,OAAe,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;IACvC,OAAe,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;AAC5C,CAAC;AAmBD;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,UAAU,WAAW,CAAC,OAA6B;IACvD,OAAO,KAAK,EAAE,GAAgB,EAAE,GAAyC,EAAE,EAAE;QAC3E,+EAA+E;QAC/E,MAAM,aAAa,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACtD,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QAEpD,IAAI,CAAC,aAAa,EAAE,KAAK,IAAI,CAAC,SAAS,EAAE,KAAK,EAAE,CAAC;YAC/C,OAAO,YAAY,CAAC,IAAI,CACtB,EAAE,KAAK,EAAE,cAAc,EAAE,EACzB,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,gBAAgB,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,MAAM,aAAa,CAC/B,aAAa,CAAC,KAAK,EACnB,SAAS,CAAC,KAAK,EACf,MAAM,CACP,CAAC;YACF,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,YAAY,CAAC,IAAI,CACtB,EAAE,KAAK,EAAE,gCAAgC,EAAE,EAC3C,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;YACJ,CAAC;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;YAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAmB,CAAC;YAEnD,OAAO,OAAO,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,YAAY,CAAC,IAAI,CACtB,EAAE,KAAK,EAAE,oCAAoC,EAAE,EAC/C,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,OAAoB;IAEpB,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,KAAK,CAAC;QAChE,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,EAAE,KAAK,CAAC;QAC9D,IAAI,CAAC,YAAY,IAAI,CAAC,QAAQ;YAAE,OAAO,IAAI,CAAC;QAE5C,MAAM,MAAM,GAAG,gBAAgB,EAAE,CAAC;QAClC,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,YAAY,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;QAClE,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QAExB,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAmB,CAAC;IAC/C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @module @cas-system/nextjs-cas-client/server/cas-client
|
|
3
|
+
* @description Server-side CAS client for token validation, generation, and
|
|
4
|
+
* SSO login URL construction. Uses only the built-in `fetch` API — zero
|
|
5
|
+
* external dependencies.
|
|
6
|
+
*
|
|
7
|
+
* **IMPORTANT:** This module must only run on the server. It requires the
|
|
8
|
+
* `clientSecret` which must never be sent to the browser.
|
|
9
|
+
*/
|
|
10
|
+
import type { CasServerConfig, CasUser } from '../types.js';
|
|
11
|
+
/**
|
|
12
|
+
* Server-side CAS client.
|
|
13
|
+
*
|
|
14
|
+
* @example
|
|
15
|
+
* ```ts
|
|
16
|
+
* import { CasClient } from '@cas-system/nextjs-cas-client/server';
|
|
17
|
+
*
|
|
18
|
+
* const cas = new CasClient({
|
|
19
|
+
* serverUrl: process.env.CAS_SERVER_URL!,
|
|
20
|
+
* clientId: process.env.CAS_CLIENT_ID!,
|
|
21
|
+
* clientSecret: process.env.CAS_CLIENT_SECRET!,
|
|
22
|
+
* callbackUrl: process.env.CAS_CALLBACK_URL,
|
|
23
|
+
* });
|
|
24
|
+
*
|
|
25
|
+
* // Validate a token received from the callback
|
|
26
|
+
* const user = await cas.validateToken(token);
|
|
27
|
+
* ```
|
|
28
|
+
*/
|
|
29
|
+
export declare class CasClient {
|
|
30
|
+
private readonly config;
|
|
31
|
+
constructor(config: CasServerConfig);
|
|
32
|
+
/**
|
|
33
|
+
* Build the CAS SSO login URL.
|
|
34
|
+
*
|
|
35
|
+
* @param returnUrl - Optional URL to redirect back to after login.
|
|
36
|
+
* Falls back to `config.callbackUrl`.
|
|
37
|
+
* @returns Fully-qualified CAS login URL.
|
|
38
|
+
*
|
|
39
|
+
* @example
|
|
40
|
+
* ```ts
|
|
41
|
+
* const loginUrl = cas.getLoginUrl('/dashboard');
|
|
42
|
+
* redirect(loginUrl);
|
|
43
|
+
* ```
|
|
44
|
+
*/
|
|
45
|
+
getLoginUrl(returnUrl?: string): string;
|
|
46
|
+
/**
|
|
47
|
+
* Validate a JWT token with the CAS server (server-to-server call).
|
|
48
|
+
*
|
|
49
|
+
* @param token - The JWT token received from the CAS callback.
|
|
50
|
+
* @returns The authenticated {@link CasUser} or `null` if invalid.
|
|
51
|
+
*
|
|
52
|
+
* @example
|
|
53
|
+
* ```ts
|
|
54
|
+
* const user = await cas.validateToken(token);
|
|
55
|
+
* if (!user) throw new Error('Invalid token');
|
|
56
|
+
* ```
|
|
57
|
+
*/
|
|
58
|
+
validateToken(token: string): Promise<CasUser | null>;
|
|
59
|
+
/**
|
|
60
|
+
* Generate a JWT token for the given username (server-to-server).
|
|
61
|
+
*
|
|
62
|
+
* This is useful for machine-to-machine auth flows or impersonation
|
|
63
|
+
* when the calling service already knows the target user.
|
|
64
|
+
*
|
|
65
|
+
* @param username - The username to issue a token for.
|
|
66
|
+
* @returns The JWT string or `null` on failure.
|
|
67
|
+
*/
|
|
68
|
+
generateToken(username: string): Promise<string | null>;
|
|
69
|
+
/**
|
|
70
|
+
* Notify the CAS server of a logout event.
|
|
71
|
+
*
|
|
72
|
+
* @param token - Optional token to invalidate on the server.
|
|
73
|
+
* @returns `true` if the server acknowledged the logout.
|
|
74
|
+
*/
|
|
75
|
+
logout(token?: string): Promise<boolean>;
|
|
76
|
+
/**
|
|
77
|
+
* Check whether a user has **all** of the specified roles.
|
|
78
|
+
*
|
|
79
|
+
* @param user - The CAS user.
|
|
80
|
+
* @param roles - Required roles.
|
|
81
|
+
* @returns `true` if the user possesses every role.
|
|
82
|
+
*/
|
|
83
|
+
static hasRoles(user: CasUser, roles: string[]): boolean;
|
|
84
|
+
/**
|
|
85
|
+
* Check whether a user has **at least one** of the specified roles.
|
|
86
|
+
*
|
|
87
|
+
* @param user - The CAS user.
|
|
88
|
+
* @param roles - Roles to check.
|
|
89
|
+
* @returns `true` if the user possesses any of the roles.
|
|
90
|
+
*/
|
|
91
|
+
static hasAnyRole(user: CasUser, roles: string[]): boolean;
|
|
92
|
+
}
|
|
93
|
+
//# sourceMappingURL=cas-client.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"cas-client.d.ts","sourceRoot":"","sources":["../../../src/server/cas-client.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EACV,eAAe,EACf,OAAO,EAGR,MAAM,aAAa,CAAC;AAkBrB;;;;;;;;;;;;;;;;;GAiBG;AACH,qBAAa,SAAS;IACpB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA0C;gBAErD,MAAM,EAAE,eAAe;IAgBnC;;;;;;;;;;;;OAYG;IACH,WAAW,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM;IAevC;;;;;;;;;;;OAWG;IACG,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAuC3D;;;;;;;;OAQG;IACG,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAuC7D;;;;;OAKG;IACG,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAgC9C;;;;;;OAMG;IACH,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO;IAKxD;;;;;;OAMG;IACH,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO;CAI3D"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"cas-client.js","sourceRoot":"","sources":["../../../src/server/cas-client.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AASH,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E;;;GAGG;AACH,SAAS,YAAY,CAAC,GAAW;IAC/B,OAAO,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AACjC,CAAC;AAED,8EAA8E;AAC9E,YAAY;AACZ,8EAA8E;AAE9E;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,OAAO,SAAS;IAGpB,YAAY,MAAuB;QACjC,IAAI,CAAC,MAAM,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QAC5E,IAAI,CAAC,MAAM,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QAC1E,IAAI,CAAC,MAAM,CAAC,YAAY;YACtB,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;QAE1D,IAAI,CAAC,MAAM,GAAG;YACZ,GAAG,MAAM;YACT,SAAS,EAAE,YAAY,CAAC,MAAM,CAAC,SAAS,CAAC;SAC1C,CAAC;IACJ,CAAC;IAED,0EAA0E;IAC1E,YAAY;IACZ,0EAA0E;IAE1E;;;;;;;;;;;;OAYG;IACH,WAAW,CAAC,SAAkB;QAC5B,MAAM,WAAW,GACf,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,mBAAmB,CAAC;QAC9D,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC/B,aAAa,EAAE,OAAO;YACtB,YAAY,EAAE,WAAW;SAC1B,CAAC,CAAC;QACH,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,cAAc,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;IACnE,CAAC;IAED,0EAA0E;IAC1E,mBAAmB;IACnB,0EAA0E;IAE1E;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,aAAa,CAAC,KAAa;QAC/B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CACrB,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,qBAAqB,EAC7C;gBACE,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;iBACnC;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,KAAK;oBACL,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;oBAC/B,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;iBACxC,CAAC;gBACF,KAAK,EAAE,UAAU;aAClB,CACF,CAAC;YAEF,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,OAAO,CAAC,KAAK,CACX,qCAAqC,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CACpE,CAAC;gBACF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAwB,CAAC;YACvD,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,IAAI;gBAAE,OAAO,IAAI,CAAC;YAE3C,OAAO,IAAI,CAAC,IAAI,CAAC;QACnB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,GAAG,CAAC,CAAC;YACvD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,0EAA0E;IAC1E,mBAAmB;IACnB,0EAA0E;IAE1E;;;;;;;;OAQG;IACH,KAAK,CAAC,aAAa,CAAC,QAAgB;QAClC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CACrB,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,gBAAgB,EACxC;gBACE,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;iBACnC;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;oBAC/B,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;oBACvC,QAAQ;iBACT,CAAC;gBACF,KAAK,EAAE,UAAU;aAClB,CACF,CAAC;YAEF,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,OAAO,CAAC,KAAK,CACX,qCAAqC,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CACpE,CAAC;gBACF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAqB,CAAC;YACpD,IAAI,CAAC,IAAI,CAAC,KAAK;gBAAE,OAAO,IAAI,CAAC;YAE7B,OAAO,IAAI,CAAC,KAAK,CAAC;QACpB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,GAAG,CAAC,CAAC;YACvD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,0EAA0E;IAC1E,SAAS;IACT,0EAA0E;IAE1E;;;;;OAKG;IACH,KAAK,CAAC,MAAM,CAAC,KAAc;QACzB,IAAI,CAAC;YACH,MAAM,OAAO,GAA2B;gBACtC,cAAc,EAAE,kBAAkB;aACnC,CAAC;YACF,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,KAAK,EAAE,CAAC;YAC/C,CAAC;YAED,MAAM,GAAG,GAAG,MAAM,KAAK,CACrB,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,aAAa,EACrC;gBACE,MAAM,EAAE,MAAM;gBACd,OAAO;gBACP,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;iBAChC,CAAC;gBACF,KAAK,EAAE,UAAU;aAClB,CACF,CAAC;YAEF,OAAO,GAAG,CAAC,EAAE,CAAC;QAChB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,2BAA2B,EAAE,GAAG,CAAC,CAAC;YAChD,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,0EAA0E;IAC1E,eAAe;IACf,0EAA0E;IAE1E;;;;;;OAMG;IACH,MAAM,CAAC,QAAQ,CAAC,IAAa,EAAE,KAAe;QAC5C,IAAI,CAAC,IAAI,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC;QAC3C,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,UAAU,CAAC,IAAa,EAAE,KAAe;QAC9C,IAAI,CAAC,IAAI,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC;QAC9B,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACpD,CAAC;CACF"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @module @cas-system/nextjs-cas-client/server
|
|
3
|
+
* @description Server-only entry point for the Next.js CAS Client SDK.
|
|
4
|
+
*
|
|
5
|
+
* Exposes the {@link CasClient} (token validation / generation / logout) and
|
|
6
|
+
* the cookie-based session helpers. These modules require the
|
|
7
|
+
* `clientSecret` / cookie signing secret and must never run in the browser.
|
|
8
|
+
*/
|
|
9
|
+
export { CasClient } from './cas-client.js';
|
|
10
|
+
export { getCasSession, setCasSession, clearCasSession, withCasAuth, getCasSessionFromRequest, } from './auth.js';
|
|
11
|
+
export type { CasConfig, CasServerConfig, CasUser, CasSessionData, CasHandlerConfig, } from '../types.js';
|
|
12
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/server/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EACL,aAAa,EACb,aAAa,EACb,eAAe,EACf,WAAW,EACX,wBAAwB,GACzB,MAAM,WAAW,CAAC;AAEnB,YAAY,EACV,SAAS,EACT,eAAe,EACf,OAAO,EACP,cAAc,EACd,gBAAgB,GACjB,MAAM,aAAa,CAAC"}
|
|
@@ -6,6 +6,6 @@
|
|
|
6
6
|
* the cookie-based session helpers. These modules require the
|
|
7
7
|
* `clientSecret` / cookie signing secret and must never run in the browser.
|
|
8
8
|
*/
|
|
9
|
-
export { CasClient } from './cas-client';
|
|
10
|
-
export { getCasSession, setCasSession, clearCasSession, withCasAuth, getCasSessionFromRequest, } from './auth';
|
|
9
|
+
export { CasClient } from './cas-client.js';
|
|
10
|
+
export { getCasSession, setCasSession, clearCasSession, withCasAuth, getCasSessionFromRequest, } from './auth.js';
|
|
11
11
|
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/server/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EACL,aAAa,EACb,aAAa,EACb,eAAe,EACf,WAAW,EACX,wBAAwB,GACzB,MAAM,WAAW,CAAC"}
|