@civic/auth 0.0.1-beta.20 → 0.0.1-beta.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-CBQ3HKRV.mjs → chunk-4PLCDPEN.mjs} +3 -3
- package/dist/chunk-4PLCDPEN.mjs.map +1 -0
- package/dist/chunk-5UQQYXCX.js.map +1 -1
- package/dist/{chunk-O6DPCPRH.js → chunk-6RFRDWIP.js} +16 -16
- package/dist/chunk-6RFRDWIP.js.map +1 -0
- package/dist/{chunk-O2SODTR3.js → chunk-7K3QN2AT.js} +3 -3
- package/dist/chunk-7K3QN2AT.js.map +1 -0
- package/dist/{chunk-HTTTZ2BP.mjs → chunk-AP4627CS.mjs} +6 -6
- package/dist/chunk-AP4627CS.mjs.map +1 -0
- package/dist/chunk-CRTRMMJ7.js.map +1 -1
- package/dist/{chunk-DJFTZS4P.js → chunk-CTVJJBBA.js} +7 -7
- package/dist/chunk-CTVJJBBA.js.map +1 -0
- package/dist/{chunk-VJVRFKDH.js → chunk-FHRZSX3C.js} +21 -21
- package/dist/chunk-FHRZSX3C.js.map +1 -0
- package/dist/{chunk-CZ3AVCKD.js → chunk-JDZPCA3P.js} +9 -7
- package/dist/chunk-JDZPCA3P.js.map +1 -0
- package/dist/{chunk-BFESCRFK.mjs → chunk-MK7557NR.mjs} +3 -3
- package/dist/chunk-MK7557NR.mjs.map +1 -0
- package/dist/{chunk-UADVRCHY.mjs → chunk-NLRREFOX.mjs} +4 -4
- package/dist/chunk-NLRREFOX.mjs.map +1 -0
- package/dist/{chunk-X3FQBE22.mjs → chunk-O3WGNLRO.mjs} +8 -6
- package/dist/chunk-O3WGNLRO.mjs.map +1 -0
- package/dist/index.js.map +1 -1
- package/dist/nextjs/client.js +11 -11
- package/dist/nextjs/client.js.map +1 -1
- package/dist/nextjs/client.mjs +5 -5
- package/dist/nextjs.js +31 -31
- package/dist/nextjs.js.map +1 -1
- package/dist/nextjs.mjs +4 -4
- package/dist/react.js +13 -13
- package/dist/react.js.map +1 -1
- package/dist/react.mjs +3 -3
- package/dist/server.js +3 -3
- package/dist/server.js.map +1 -1
- package/dist/server.mjs +2 -2
- package/package.json +3 -3
- package/dist/chunk-BFESCRFK.mjs.map +0 -1
- package/dist/chunk-CBQ3HKRV.mjs.map +0 -1
- package/dist/chunk-CZ3AVCKD.js.map +0 -1
- package/dist/chunk-DJFTZS4P.js.map +0 -1
- package/dist/chunk-HTTTZ2BP.mjs.map +0 -1
- package/dist/chunk-O2SODTR3.js.map +0 -1
- package/dist/chunk-O6DPCPRH.js.map +0 -1
- package/dist/chunk-UADVRCHY.mjs.map +0 -1
- package/dist/chunk-VJVRFKDH.js.map +0 -1
- package/dist/chunk-X3FQBE22.mjs.map +0 -1
package/dist/nextjs/client.js
CHANGED
|
@@ -2,18 +2,18 @@
|
|
|
2
2
|
|
|
3
3
|
|
|
4
4
|
|
|
5
|
-
var
|
|
5
|
+
var _chunkFHRZSX3Cjs = require('../chunk-FHRZSX3C.js');
|
|
6
6
|
|
|
7
7
|
|
|
8
8
|
|
|
9
|
-
var
|
|
9
|
+
var _chunkCTVJJBBAjs = require('../chunk-CTVJJBBA.js');
|
|
10
10
|
|
|
11
11
|
|
|
12
|
-
var
|
|
13
|
-
require('../chunk-
|
|
12
|
+
var _chunkJDZPCA3Pjs = require('../chunk-JDZPCA3P.js');
|
|
13
|
+
require('../chunk-6RFRDWIP.js');
|
|
14
14
|
|
|
15
15
|
|
|
16
|
-
var
|
|
16
|
+
var _chunk7K3QN2ATjs = require('../chunk-7K3QN2AT.js');
|
|
17
17
|
|
|
18
18
|
|
|
19
19
|
|
|
@@ -131,12 +131,12 @@ var CivicNextAuthProvider = (_a) => {
|
|
|
131
131
|
"children"
|
|
132
132
|
]);
|
|
133
133
|
const [redirectUrl, setRedirectUrl] = _react.useState.call(void 0, "");
|
|
134
|
-
const resolvedConfig =
|
|
134
|
+
const resolvedConfig = _chunkJDZPCA3Pjs.resolveAuthConfig.call(void 0, );
|
|
135
135
|
const { clientId, oauthServer, callbackUrl, challengeUrl, logoutUrl } = resolvedConfig;
|
|
136
136
|
_react.useEffect.call(void 0, () => {
|
|
137
137
|
if (typeof globalThis.window !== "undefined") {
|
|
138
138
|
const currentUrl = globalThis.window.location.href;
|
|
139
|
-
setRedirectUrl(
|
|
139
|
+
setRedirectUrl(_chunkCTVJJBBAjs.resolveCallbackUrl.call(void 0, resolvedConfig, currentUrl));
|
|
140
140
|
}
|
|
141
141
|
}, [callbackUrl, resolvedConfig]);
|
|
142
142
|
const user = useUserCookie();
|
|
@@ -153,17 +153,17 @@ var CivicNextAuthProvider = (_a) => {
|
|
|
153
153
|
return;
|
|
154
154
|
});
|
|
155
155
|
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, _reactquery.QueryClientProvider, { client: queryClient, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
156
|
-
|
|
156
|
+
_chunkFHRZSX3Cjs.AuthProvider,
|
|
157
157
|
_chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, props), {
|
|
158
158
|
redirectUrl,
|
|
159
159
|
config: { oauthServer },
|
|
160
160
|
clientId,
|
|
161
|
-
pkceConsumer: new (0,
|
|
161
|
+
pkceConsumer: new (0, _chunk7K3QN2ATjs.ConfidentialClientPKCEConsumer)(challengeUrl),
|
|
162
162
|
sessionData,
|
|
163
163
|
children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
164
|
-
|
|
164
|
+
_chunkFHRZSX3Cjs.UserProvider,
|
|
165
165
|
{
|
|
166
|
-
storage: new (0,
|
|
166
|
+
storage: new (0, _chunkCTVJJBBAjs.NextjsClientStorage)(),
|
|
167
167
|
user: combinedUser,
|
|
168
168
|
signOut,
|
|
169
169
|
children
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["/Users/kevincolgan/code/civic-auth/packages/civic-auth-client/dist/nextjs/client.js","../../src/nextjs/providers/NextAuthProvider.tsx","../../src/nextjs/hooks/useUserCookie.ts","../../src/lib/cookies.ts","../../src/nextjs/hooks/useTokenCookie.ts"],"names":["window","useRef","useRouter","useQuery","useEffect"],"mappings":"AAAA,yGAA6B;AAC7B;AACE;AACA;AACF,uDAA6B;AAC7B;AACE;AACA;AACF,uDAA6B;AAC7B;AACE;AACF,uDAA6B;AAC7B,gCAA6B;AAC7B;AACE;AACF,uDAA6B;AAC7B;AACE;AACA;AACA;AACA;AACF,uDAA6B;AAC7B;AACA;ACnBA,8BAAoC;AAEpC,mDAAiD;ADoBjD;AACA;AE1BA;AACA,kDAA0B;AAC1B;AF4BA;AACA;AGhCA,IAAM,qBAAA,EAAuB,CAAC;AAAA,EAC5B,GAAA;AAAA,EACA,MAAA,EAAAA,OAAAA;AAAA,EACA,UAAA,EAAY;AACd,CAAA,EAAA,GAIM;AACJ,EAAA,MAAM,OAAA,EAASA,OAAAA,CAAO,QAAA,CAAS,MAAA;AAC/B,EAAA,GAAA,CAAI,CAAC,MAAA,EAAQ,OAAO,IAAA;AACpB,EAAA,MAAM,QAAA,EAAU,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AAChC,EAAA,IAAA,CAAA,MAAW,EAAA,GAAK,OAAA,EAAS;AACvB,IAAA,MAAM,CAAC,IAAA,EAAM,KAAK,EAAA,EAAI,CAAA,CAAE,IAAA,CAAK,CAAA,CAAE,KAAA,CAAM,GAAG,CAAA;AACxC,IAAA,GAAA,CAAI,MAAA,GAAS,KAAA,IAAS,GAAA,EAAK;AACzB,MAAA,IAAI;AACF,QAAA,MAAM,wBAAA,EAA0B,kBAAA,CAAmB,KAAK,CAAA;AACxD,QAAA,OAAO,UAAA,IAAc,KAAA,EACjB,IAAA,CAAK,KAAA,CAAM,uBAAuB,EAAA,EAClC,uBAAA;AAAA,MACN,EAAA,MAAA,CAAQ,CAAA,EAAA;AACN,QAAA,OAAO,KAAA;AAAA,MACT;AAAA,IACF;AAAA,EACF;AACA,EAAA,OAAO,IAAA;AACT,CAAA;AH4BA;AACA;AE/CA,IAAM,kBAAA,EAAoB,CAAA,EAAA,GAAM;AAC9B,EAAA,MAAM,WAAA,EAAa,oBAAA,CAAqB;AAAA,IACtC,GAAA,EAAA,iBAAA;AAAA,IACA,MAAA,EAAQ,UAAA,CAAW,MAAA;AAAA,IACnB,SAAA,EAAW;AAAA,EACb,CAAC,CAAA;AACD,EAAA,OAAO,UAAA;AACT,CAAA;AAEO,IAAM,cAAA,EAAgB,CAAA,EAAA,GAA6B;AACxD,EAAA,MAAM,UAAA,EAAY,2BAAA,KAAY,CAAA;AAC9B,EAAA,MAAM,OAAA,EAAS,qCAAA,CAAU;AAEzB,EAAA,MAAM,EAAE,IAAA,EAAM,KAAK,EAAA,EAAI,kCAAA;AAAS,IAC9B,QAAA,EAAU,CAAC,MAAM,CAAA;AAAA,IACjB,OAAA,EAAS,CAAA,EAAA,GAAM,iBAAA,CAAkB,CAAA;AAAA,IACjC,eAAA,EAAiB,GAAA;AAAA,IACjB,2BAAA,EAA6B,IAAA;AAAA,IAC7B,OAAA,EAAS,CAAC,SAAA,CAAU,OAAA;AAAA,IACpB,oBAAA,EAAsB;AAAA,EACxB,CAAC,CAAA;AAED,EAAA,8BAAA,CAAU,EAAA,GAAM;AACd,IAAA,GAAA,CAAI,IAAA,EAAM;AACR,MAAA,GAAA,CAAI,CAAC,SAAA,CAAU,OAAA,EAAS;AACtB,QAAA,SAAA,CAAU,QAAA,EAAU,IAAA;AACpB,QAAA,MAAA,CAAO,OAAA,CAAQ,CAAA;AAAA,MACjB;AAAA,IACF,EAAA,KAAO;AACL,MAAA,SAAA,CAAU,QAAA,EAAU,KAAA;AAAA,IACtB;AAAA,EACF,CAAA,EAAG,CAAC,IAAA,EAAM,MAAM,CAAC,CAAA;AAEjB,EAAA,OAAO,KAAA,GAAA,KAAA,EAAA,KAAA,EAAQ,IAAA;AACjB,CAAA;AF6CA;AACA;AIvFA;AACA;AACA;AAIA,IAAM,mBAAA,EAAqB,CAAC,SAAA,EAAA,GAAmC;AAC7D,EAAA,OAAO,oBAAA,CAAqB;AAAA,IAC1B,GAAA,EAAK,SAAA;AAAA,IACL,MAAA,EAAQ,UAAA,CAAW,MAAA;AAAA,IACnB,SAAA,EAAW;AAAA,EACb,CAAC,CAAA;AACH,CAAA;AAEO,IAAM,eAAA,EAAiB,CAAC,SAAA,EAAA,GAA0C;AACvE,EAAA,MAAM,UAAA,EAAYC,2BAAAA,KAAY,CAAA;AAC9B,EAAA,MAAM,OAAA,EAASC,qCAAAA,CAAU;AAEzB,EAAA,MAAM,EAAE,IAAA,EAAM,MAAM,EAAA,EAAIC,kCAAAA;AAAS,IAC/B,QAAA,EAAU,CAAC,OAAA,EAAS,SAAS,CAAA;AAAA,IAC7B,OAAA,EAAS,CAAA,EAAA,GAAM,kBAAA,CAAmB,SAAS,EAAA,GAAK,IAAA;AAAA,IAChD,eAAA,EAAiB,GAAA;AAAA,IACjB,2BAAA,EAA6B,IAAA;AAAA,IAC7B,OAAA,EAAS,CAAC,SAAA,CAAU,OAAA;AAAA,IACpB,oBAAA,EAAsB;AAAA,EACxB,CAAC,CAAA;AAED,EAAAC,8BAAAA,CAAU,EAAA,GAAM;AACd,IAAA,GAAA,CAAI,KAAA,EAAO;AACT,MAAA,GAAA,CAAI,CAAC,SAAA,CAAU,OAAA,EAAS;AACtB,QAAA,SAAA,CAAU,QAAA,EAAU,IAAA;AACpB,QAAA,MAAA,CAAO,OAAA,CAAQ,CAAA;AAAA,MACjB;AAAA,IACF,EAAA,KAAO;AACL,MAAA,SAAA,CAAU,QAAA,EAAU,KAAA;AAAA,IACtB;AAAA,EACF,CAAA,EAAG,CAAC,KAAA,EAAO,MAAM,CAAC,CAAA;AAElB,EAAA,OAAO,MAAA,GAAA,KAAA,EAAA,MAAA,EAAS,IAAA;AAClB,CAAA;AJkFA;AACA;AC3DQ,+CAAA;AA5CR,IAAM,YAAA,EAAc,IAAI,4BAAA,CAAY,CAAA;AAI7B,IAAM,sBAAA,EAAwB,CAAC,EAAA,EAAA,GAGJ;AAHI,EAAA,IAAA,GAAA,EAAA,EAAA,EACpC;AAAA,IAAA;AAAA,EAzBF,EAAA,EAwBsC,EAAA,EAEjC,MAAA,EAAA,wCAAA,EAFiC,EAEjC;AAAA,IADH;AAAA,EAAA,CAAA,CAAA;AAGA,EAAA,MAAM,CAAC,WAAA,EAAa,cAAc,EAAA,EAAI,6BAAA,EAAmB,CAAA;AACzD,EAAA,MAAM,eAAA,EAAiB,gDAAA,CAAkB;AACzC,EAAA,MAAM,EAAE,QAAA,EAAU,WAAA,EAAa,WAAA,EAAa,YAAA,EAAc,UAAU,EAAA,EAClE,cAAA;AAEF,EAAAA,8BAAAA,CAAU,EAAA,GAAM;AACd,IAAA,GAAA,CAAI,OAAO,UAAA,CAAW,OAAA,IAAW,WAAA,EAAa;AAC5C,MAAA,MAAM,WAAA,EAAa,UAAA,CAAW,MAAA,CAAO,QAAA,CAAS,IAAA;AAC9C,MAAA,cAAA,CAAe,iDAAA,cAAmB,EAAgB,UAAU,CAAC,CAAA;AAAA,IAC/D;AAAA,EACF,CAAA,EAAG,CAAC,WAAA,EAAa,cAAc,CAAC,CAAA;AAEhC,EAAA,MAAM,KAAA,EAAO,aAAA,CAAc,CAAA;AAC3B,EAAA,MAAM,QAAA,EAAU,cAAA,CAAA,yBAAmC,CAAA;AACnD,EAAA,MAAM,aAAA,EAAe,KAAA,EAAQ,4CAAA,6CAAA,CAAA,CAAA,EAAM,KAAA,GAAQ,CAAC,CAAA,CAAA,EAAf,EAAmB,QAAQ,CAAA,EAAA,EAAa,IAAA;AACrE,EAAA,MAAM,YAAA,EAAc,6CAAA;AAAA,IAClB,aAAA,EAAe,CAAC,CAAC;AAAA,EAAA,CAAA,EACb,QAAA,EAAU,EAAE,QAAQ,EAAA,EAAI,CAAC,CAAA,CAAA;AAE/B,EAAA,MAAM,QAAA,EAAU,CAAA,EAAA,GAA2B,sCAAA,KAAA,CAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AACzC,IAAA,GAAA,CAAI,KAAA,CAAM,SAAA,EAAW;AACnB,MAAA,MAAM,KAAA,CAAM,SAAA,CAAU,CAAA;AAAA,IACxB;AACA,IAAA,MAAA,CAAO,QAAA,CAAS,KAAA,EAAO,SAAA;AACvB,IAAA,MAAA;AAAA,EACF,CAAA,CAAA;AACA,EAAA,uBACE,6BAAA,+BAAC,EAAA,EAAoB,MAAA,EAAQ,WAAA,EAC3B,QAAA,kBAAA,6BAAA;AAAA,IAAC,6BAAA;AAAA,IAAA,4CAAA,6CAAA,CAAA,CAAA,EACK,KAAA,CAAA,EADL;AAAA,MAEC,WAAA;AAAA,MACA,MAAA,EAAQ,EAAE,YAAY,CAAA;AAAA,MACtB,QAAA;AAAA,MACA,YAAA,EAAc,IAAI,oDAAA,CAA+B,YAAY,CAAA;AAAA,MAC7D,WAAA;AAAA,MAEA,QAAA,kBAAA,6BAAA;AAAA,QAAC,6BAAA;AAAA,QAAA;AAAA,UACC,OAAA,EAAS,IAAI,yCAAA,CAAoB,CAAA;AAAA,UACjC,IAAA,EAAM,YAAA;AAAA,UACN,OAAA;AAAA,UAEC;AAAA,QAAA;AAAA,MACH;AAAA,IAAA,CAAA;AAAA,EACF,EAAA,CACF,CAAA;AAEJ,CAAA;ADoGA;AACE;AACA;AACF,yFAAC","file":"/Users/kevincolgan/code/civic-auth/packages/civic-auth-client/dist/nextjs/client.js","sourcesContent":[null,"\"use client\";\n/**\n * A very small context provider for the user object - it takes the user object from the cookie and provides it to the app.\n */\nimport { useEffect, useState } from \"react\";\nimport { AuthProvider, AuthProviderProps } from \"@/shared/AuthProvider.js\";\nimport { QueryClient, QueryClientProvider } from \"@tanstack/react-query\";\nimport { resolveAuthConfig } from \"@/nextjs/config.js\";\nimport { resolveCallbackUrl } from \"@/nextjs/utils.js\";\n\n// adding the styles import here to be added to the bundle\nimport \"@/styles.css\";\nimport { ConfidentialClientPKCEConsumer } from \"@/services/PKCE.js\";\nimport { NextjsClientStorage } from \"@/nextjs/cookies\";\nimport { UserProvider } from \"@/shared/UserProvider\";\nimport { useUserCookie } from \"../hooks/useUserCookie\";\nimport { OAuthTokens } from \"@/shared/types\";\nimport { useTokenCookie } from \"../hooks/useTokenCookie\";\nimport { User } from \"@/types\";\n\nconst queryClient = new QueryClient();\n\nexport type NextCivicAuthProviderProps = Omit<AuthProviderProps, \"clientId\">;\n\nexport const CivicNextAuthProvider = ({\n children,\n ...props\n}: NextCivicAuthProviderProps) => {\n const [redirectUrl, setRedirectUrl] = useState<string>(\"\");\n const resolvedConfig = resolveAuthConfig();\n const { clientId, oauthServer, callbackUrl, challengeUrl, logoutUrl } =\n resolvedConfig;\n\n useEffect(() => {\n if (typeof globalThis.window !== \"undefined\") {\n const currentUrl = globalThis.window.location.href;\n setRedirectUrl(resolveCallbackUrl(resolvedConfig, currentUrl));\n }\n }, [callbackUrl, resolvedConfig]);\n\n const user = useUserCookie();\n const idToken = useTokenCookie(OAuthTokens.ID_TOKEN);\n const combinedUser = user ? ({ ...(user || {}), idToken } as User) : null;\n const sessionData = {\n authenticated: !!user,\n ...(idToken ? { idToken } : {}),\n };\n const signOut = async (): Promise<void> => {\n if (props.onSignOut) {\n await props.onSignOut();\n }\n window.location.href = logoutUrl;\n return;\n };\n return (\n <QueryClientProvider client={queryClient}>\n <AuthProvider\n {...props}\n redirectUrl={redirectUrl}\n config={{ oauthServer }}\n clientId={clientId}\n pkceConsumer={new ConfidentialClientPKCEConsumer(challengeUrl)}\n sessionData={sessionData}\n >\n <UserProvider\n storage={new NextjsClientStorage()}\n user={combinedUser}\n signOut={signOut}\n >\n {children}\n </UserProvider>\n </AuthProvider>\n </QueryClientProvider>\n );\n};\n","\"use client\";\nimport { useEffect, useRef } from \"react\";\nimport { useRouter } from \"next/navigation.js\";\nimport { useQuery } from \"@tanstack/react-query\";\nimport { getWindowCookieValue } from \"@/lib/cookies.js\";\nimport { EmptyObject, User } from \"@/types\";\nimport { UserStorage } from \"@/shared/types\";\n\nconst getUserFromCookie = () => {\n const userCookie = getWindowCookieValue({\n key: UserStorage.USER,\n window: globalThis.window,\n parseJson: true,\n });\n return userCookie;\n};\n\nexport const useUserCookie = <T extends EmptyObject>() => {\n const hasRunRef = useRef(false);\n const router = useRouter();\n\n const { data: user } = useQuery({\n queryKey: [\"user\"],\n queryFn: () => getUserFromCookie() as User<T> | null,\n refetchInterval: 2000,\n refetchIntervalInBackground: true,\n enabled: !hasRunRef.current,\n refetchOnWindowFocus: true,\n });\n\n useEffect(() => {\n if (user) {\n if (!hasRunRef.current) {\n hasRunRef.current = true;\n router.refresh();\n }\n } else {\n hasRunRef.current = false;\n }\n }, [user, router]);\n\n return user ?? null;\n};\n","const getWindowCookieValue = ({\n key,\n window,\n parseJson = false,\n}: {\n key: string;\n window: Window;\n parseJson?: boolean;\n}) => {\n const cookie = window.document.cookie;\n if (!cookie) return null;\n const cookies = cookie.split(\";\");\n for (const c of cookies) {\n const [name, value] = c.trim().split(\"=\");\n if (value && name === key) {\n try {\n const decodeURIComponentValue = decodeURIComponent(value);\n return parseJson === true\n ? JSON.parse(decodeURIComponentValue)\n : decodeURIComponentValue;\n } catch {\n return value;\n }\n }\n }\n return null;\n};\nexport { getWindowCookieValue };\n","\"use client\";\nimport { useEffect, useRef } from \"react\";\nimport { useRouter } from \"next/navigation.js\";\nimport { useQuery } from \"@tanstack/react-query\";\nimport { getWindowCookieValue } from \"@/lib/cookies.js\";\nimport { OAuthTokens } from \"@/shared/types\";\n\nconst getTokenFromCookie = (tokenName: OAuthTokens): string => {\n return getWindowCookieValue({\n key: tokenName,\n window: globalThis.window,\n parseJson: false,\n });\n};\n\nexport const useTokenCookie = (tokenName: OAuthTokens): string | null => {\n const hasRunRef = useRef(false);\n const router = useRouter();\n\n const { data: token } = useQuery({\n queryKey: [\"token\", tokenName],\n queryFn: () => getTokenFromCookie(tokenName) || null,\n refetchInterval: 2000,\n refetchIntervalInBackground: true,\n enabled: !hasRunRef.current,\n refetchOnWindowFocus: true,\n });\n\n useEffect(() => {\n if (token) {\n if (!hasRunRef.current) {\n hasRunRef.current = true;\n router.refresh();\n }\n } else {\n hasRunRef.current = false;\n }\n }, [token, router]);\n\n return token ?? null;\n};\n"]}
|
|
1
|
+
{"version":3,"sources":["/Users/flippie/civic/repos/civic-auth/packages/civic-auth-client/dist/nextjs/client.js","../../src/nextjs/providers/NextAuthProvider.tsx","../../src/nextjs/hooks/useUserCookie.ts","../../src/lib/cookies.ts","../../src/nextjs/hooks/useTokenCookie.ts"],"names":["window","useRef","useRouter","useQuery","useEffect"],"mappings":"AAAA,yGAA6B;AAC7B;AACE;AACA;AACF,uDAA6B;AAC7B;AACE;AACA;AACF,uDAA6B;AAC7B;AACE;AACF,uDAA6B;AAC7B,gCAA6B;AAC7B;AACE;AACF,uDAA6B;AAC7B;AACE;AACA;AACA;AACA;AACF,uDAA6B;AAC7B;AACA;ACnBA,8BAAoC;AAEpC,mDAAiD;ADoBjD;AACA;AE1BA;AACA,kDAA0B;AAC1B;AF4BA;AACA;AGhCA,IAAM,qBAAA,EAAuB,CAAC;AAAA,EAC5B,GAAA;AAAA,EACA,MAAA,EAAAA,OAAAA;AAAA,EACA,UAAA,EAAY;AACd,CAAA,EAAA,GAIM;AACJ,EAAA,MAAM,OAAA,EAASA,OAAAA,CAAO,QAAA,CAAS,MAAA;AAC/B,EAAA,GAAA,CAAI,CAAC,MAAA,EAAQ,OAAO,IAAA;AACpB,EAAA,MAAM,QAAA,EAAU,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AAChC,EAAA,IAAA,CAAA,MAAW,EAAA,GAAK,OAAA,EAAS;AACvB,IAAA,MAAM,CAAC,IAAA,EAAM,KAAK,EAAA,EAAI,CAAA,CAAE,IAAA,CAAK,CAAA,CAAE,KAAA,CAAM,GAAG,CAAA;AACxC,IAAA,GAAA,CAAI,MAAA,GAAS,KAAA,IAAS,GAAA,EAAK;AACzB,MAAA,IAAI;AACF,QAAA,MAAM,wBAAA,EAA0B,kBAAA,CAAmB,KAAK,CAAA;AACxD,QAAA,OAAO,UAAA,IAAc,KAAA,EACjB,IAAA,CAAK,KAAA,CAAM,uBAAuB,EAAA,EAClC,uBAAA;AAAA,MACN,EAAA,MAAA,CAAQ,CAAA,EAAA;AACN,QAAA,OAAO,KAAA;AAAA,MACT;AAAA,IACF;AAAA,EACF;AACA,EAAA,OAAO,IAAA;AACT,CAAA;AH4BA;AACA;AE/CA,IAAM,kBAAA,EAAoB,CAAA,EAAA,GAAM;AAC9B,EAAA,MAAM,WAAA,EAAa,oBAAA,CAAqB;AAAA,IACtC,GAAA,EAAA,iBAAA;AAAA,IACA,MAAA,EAAQ,UAAA,CAAW,MAAA;AAAA,IACnB,SAAA,EAAW;AAAA,EACb,CAAC,CAAA;AACD,EAAA,OAAO,UAAA;AACT,CAAA;AAEO,IAAM,cAAA,EAAgB,CAAA,EAAA,GAA6B;AACxD,EAAA,MAAM,UAAA,EAAY,2BAAA,KAAY,CAAA;AAC9B,EAAA,MAAM,OAAA,EAAS,qCAAA,CAAU;AAEzB,EAAA,MAAM,EAAE,IAAA,EAAM,KAAK,EAAA,EAAI,kCAAA;AAAS,IAC9B,QAAA,EAAU,CAAC,MAAM,CAAA;AAAA,IACjB,OAAA,EAAS,CAAA,EAAA,GAAM,iBAAA,CAAkB,CAAA;AAAA,IACjC,eAAA,EAAiB,GAAA;AAAA,IACjB,2BAAA,EAA6B,IAAA;AAAA,IAC7B,OAAA,EAAS,CAAC,SAAA,CAAU,OAAA;AAAA,IACpB,oBAAA,EAAsB;AAAA,EACxB,CAAC,CAAA;AAED,EAAA,8BAAA,CAAU,EAAA,GAAM;AACd,IAAA,GAAA,CAAI,IAAA,EAAM;AACR,MAAA,GAAA,CAAI,CAAC,SAAA,CAAU,OAAA,EAAS;AACtB,QAAA,SAAA,CAAU,QAAA,EAAU,IAAA;AACpB,QAAA,MAAA,CAAO,OAAA,CAAQ,CAAA;AAAA,MACjB;AAAA,IACF,EAAA,KAAO;AACL,MAAA,SAAA,CAAU,QAAA,EAAU,KAAA;AAAA,IACtB;AAAA,EACF,CAAA,EAAG,CAAC,IAAA,EAAM,MAAM,CAAC,CAAA;AAEjB,EAAA,OAAO,KAAA,GAAA,KAAA,EAAA,KAAA,EAAQ,IAAA;AACjB,CAAA;AF6CA;AACA;AIvFA;AACA;AACA;AAIA,IAAM,mBAAA,EAAqB,CAAC,SAAA,EAAA,GAAmC;AAC7D,EAAA,OAAO,oBAAA,CAAqB;AAAA,IAC1B,GAAA,EAAK,SAAA;AAAA,IACL,MAAA,EAAQ,UAAA,CAAW,MAAA;AAAA,IACnB,SAAA,EAAW;AAAA,EACb,CAAC,CAAA;AACH,CAAA;AAEO,IAAM,eAAA,EAAiB,CAAC,SAAA,EAAA,GAA0C;AACvE,EAAA,MAAM,UAAA,EAAYC,2BAAAA,KAAY,CAAA;AAC9B,EAAA,MAAM,OAAA,EAASC,qCAAAA,CAAU;AAEzB,EAAA,MAAM,EAAE,IAAA,EAAM,MAAM,EAAA,EAAIC,kCAAAA;AAAS,IAC/B,QAAA,EAAU,CAAC,OAAA,EAAS,SAAS,CAAA;AAAA,IAC7B,OAAA,EAAS,CAAA,EAAA,GAAM,kBAAA,CAAmB,SAAS,EAAA,GAAK,IAAA;AAAA,IAChD,eAAA,EAAiB,GAAA;AAAA,IACjB,2BAAA,EAA6B,IAAA;AAAA,IAC7B,OAAA,EAAS,CAAC,SAAA,CAAU,OAAA;AAAA,IACpB,oBAAA,EAAsB;AAAA,EACxB,CAAC,CAAA;AAED,EAAAC,8BAAAA,CAAU,EAAA,GAAM;AACd,IAAA,GAAA,CAAI,KAAA,EAAO;AACT,MAAA,GAAA,CAAI,CAAC,SAAA,CAAU,OAAA,EAAS;AACtB,QAAA,SAAA,CAAU,QAAA,EAAU,IAAA;AACpB,QAAA,MAAA,CAAO,OAAA,CAAQ,CAAA;AAAA,MACjB;AAAA,IACF,EAAA,KAAO;AACL,MAAA,SAAA,CAAU,QAAA,EAAU,KAAA;AAAA,IACtB;AAAA,EACF,CAAA,EAAG,CAAC,KAAA,EAAO,MAAM,CAAC,CAAA;AAElB,EAAA,OAAO,MAAA,GAAA,KAAA,EAAA,MAAA,EAAS,IAAA;AAClB,CAAA;AJkFA;AACA;AC3DQ,+CAAA;AA5CR,IAAM,YAAA,EAAc,IAAI,4BAAA,CAAY,CAAA;AAI7B,IAAM,sBAAA,EAAwB,CAAC,EAAA,EAAA,GAGJ;AAHI,EAAA,IAAA,GAAA,EAAA,EAAA,EACpC;AAAA,IAAA;AAAA,EAzBF,EAAA,EAwBsC,EAAA,EAEjC,MAAA,EAAA,wCAAA,EAFiC,EAEjC;AAAA,IADH;AAAA,EAAA,CAAA,CAAA;AAGA,EAAA,MAAM,CAAC,WAAA,EAAa,cAAc,EAAA,EAAI,6BAAA,EAAmB,CAAA;AACzD,EAAA,MAAM,eAAA,EAAiB,gDAAA,CAAkB;AACzC,EAAA,MAAM,EAAE,QAAA,EAAU,WAAA,EAAa,WAAA,EAAa,YAAA,EAAc,UAAU,EAAA,EAClE,cAAA;AAEF,EAAAA,8BAAAA,CAAU,EAAA,GAAM;AACd,IAAA,GAAA,CAAI,OAAO,UAAA,CAAW,OAAA,IAAW,WAAA,EAAa;AAC5C,MAAA,MAAM,WAAA,EAAa,UAAA,CAAW,MAAA,CAAO,QAAA,CAAS,IAAA;AAC9C,MAAA,cAAA,CAAe,iDAAA,cAAmB,EAAgB,UAAU,CAAC,CAAA;AAAA,IAC/D;AAAA,EACF,CAAA,EAAG,CAAC,WAAA,EAAa,cAAc,CAAC,CAAA;AAEhC,EAAA,MAAM,KAAA,EAAO,aAAA,CAAc,CAAA;AAC3B,EAAA,MAAM,QAAA,EAAU,cAAA,CAAA,yBAAmC,CAAA;AACnD,EAAA,MAAM,aAAA,EAAe,KAAA,EAAQ,4CAAA,6CAAA,CAAA,CAAA,EAAM,KAAA,GAAQ,CAAC,CAAA,CAAA,EAAf,EAAmB,QAAQ,CAAA,EAAA,EAAa,IAAA;AACrE,EAAA,MAAM,YAAA,EAAc,6CAAA;AAAA,IAClB,aAAA,EAAe,CAAC,CAAC;AAAA,EAAA,CAAA,EACb,QAAA,EAAU,EAAE,QAAQ,EAAA,EAAI,CAAC,CAAA,CAAA;AAE/B,EAAA,MAAM,QAAA,EAAU,CAAA,EAAA,GAA2B,sCAAA,KAAA,CAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AACzC,IAAA,GAAA,CAAI,KAAA,CAAM,SAAA,EAAW;AACnB,MAAA,MAAM,KAAA,CAAM,SAAA,CAAU,CAAA;AAAA,IACxB;AACA,IAAA,MAAA,CAAO,QAAA,CAAS,KAAA,EAAO,SAAA;AACvB,IAAA,MAAA;AAAA,EACF,CAAA,CAAA;AACA,EAAA,uBACE,6BAAA,+BAAC,EAAA,EAAoB,MAAA,EAAQ,WAAA,EAC3B,QAAA,kBAAA,6BAAA;AAAA,IAAC,6BAAA;AAAA,IAAA,4CAAA,6CAAA,CAAA,CAAA,EACK,KAAA,CAAA,EADL;AAAA,MAEC,WAAA;AAAA,MACA,MAAA,EAAQ,EAAE,YAAY,CAAA;AAAA,MACtB,QAAA;AAAA,MACA,YAAA,EAAc,IAAI,oDAAA,CAA+B,YAAY,CAAA;AAAA,MAC7D,WAAA;AAAA,MAEA,QAAA,kBAAA,6BAAA;AAAA,QAAC,6BAAA;AAAA,QAAA;AAAA,UACC,OAAA,EAAS,IAAI,yCAAA,CAAoB,CAAA;AAAA,UACjC,IAAA,EAAM,YAAA;AAAA,UACN,OAAA;AAAA,UAEC;AAAA,QAAA;AAAA,MACH;AAAA,IAAA,CAAA;AAAA,EACF,EAAA,CACF,CAAA;AAEJ,CAAA;ADoGA;AACE;AACA;AACF,yFAAC","file":"/Users/flippie/civic/repos/civic-auth/packages/civic-auth-client/dist/nextjs/client.js","sourcesContent":[null,"\"use client\";\n/**\n * A very small context provider for the user object - it takes the user object from the cookie and provides it to the app.\n */\nimport { useEffect, useState } from \"react\";\nimport { AuthProvider, AuthProviderProps } from \"@/shared/AuthProvider.js\";\nimport { QueryClient, QueryClientProvider } from \"@tanstack/react-query\";\nimport { resolveAuthConfig } from \"@/nextjs/config.js\";\nimport { resolveCallbackUrl } from \"@/nextjs/utils.js\";\n\n// adding the styles import here to be added to the bundle\nimport \"@/styles.css\";\nimport { ConfidentialClientPKCEConsumer } from \"@/services/PKCE.js\";\nimport { NextjsClientStorage } from \"@/nextjs/cookies\";\nimport { UserProvider } from \"@/shared/UserProvider\";\nimport { useUserCookie } from \"../hooks/useUserCookie\";\nimport { OAuthTokens } from \"@/shared/types\";\nimport { useTokenCookie } from \"../hooks/useTokenCookie\";\nimport { User } from \"@/types\";\n\nconst queryClient = new QueryClient();\n\nexport type NextCivicAuthProviderProps = Omit<AuthProviderProps, \"clientId\">;\n\nexport const CivicNextAuthProvider = ({\n children,\n ...props\n}: NextCivicAuthProviderProps) => {\n const [redirectUrl, setRedirectUrl] = useState<string>(\"\");\n const resolvedConfig = resolveAuthConfig();\n const { clientId, oauthServer, callbackUrl, challengeUrl, logoutUrl } =\n resolvedConfig;\n\n useEffect(() => {\n if (typeof globalThis.window !== \"undefined\") {\n const currentUrl = globalThis.window.location.href;\n setRedirectUrl(resolveCallbackUrl(resolvedConfig, currentUrl));\n }\n }, [callbackUrl, resolvedConfig]);\n\n const user = useUserCookie();\n const idToken = useTokenCookie(OAuthTokens.ID_TOKEN);\n const combinedUser = user ? ({ ...(user || {}), idToken } as User) : null;\n const sessionData = {\n authenticated: !!user,\n ...(idToken ? { idToken } : {}),\n };\n const signOut = async (): Promise<void> => {\n if (props.onSignOut) {\n await props.onSignOut();\n }\n window.location.href = logoutUrl;\n return;\n };\n return (\n <QueryClientProvider client={queryClient}>\n <AuthProvider\n {...props}\n redirectUrl={redirectUrl}\n config={{ oauthServer }}\n clientId={clientId}\n pkceConsumer={new ConfidentialClientPKCEConsumer(challengeUrl)}\n sessionData={sessionData}\n >\n <UserProvider\n storage={new NextjsClientStorage()}\n user={combinedUser}\n signOut={signOut}\n >\n {children}\n </UserProvider>\n </AuthProvider>\n </QueryClientProvider>\n );\n};\n","\"use client\";\nimport { useEffect, useRef } from \"react\";\nimport { useRouter } from \"next/navigation.js\";\nimport { useQuery } from \"@tanstack/react-query\";\nimport { getWindowCookieValue } from \"@/lib/cookies.js\";\nimport { EmptyObject, User } from \"@/types\";\nimport { UserStorage } from \"@/shared/types\";\n\nconst getUserFromCookie = () => {\n const userCookie = getWindowCookieValue({\n key: UserStorage.USER,\n window: globalThis.window,\n parseJson: true,\n });\n return userCookie;\n};\n\nexport const useUserCookie = <T extends EmptyObject>() => {\n const hasRunRef = useRef(false);\n const router = useRouter();\n\n const { data: user } = useQuery({\n queryKey: [\"user\"],\n queryFn: () => getUserFromCookie() as User<T> | null,\n refetchInterval: 2000,\n refetchIntervalInBackground: true,\n enabled: !hasRunRef.current,\n refetchOnWindowFocus: true,\n });\n\n useEffect(() => {\n if (user) {\n if (!hasRunRef.current) {\n hasRunRef.current = true;\n router.refresh();\n }\n } else {\n hasRunRef.current = false;\n }\n }, [user, router]);\n\n return user ?? null;\n};\n","const getWindowCookieValue = ({\n key,\n window,\n parseJson = false,\n}: {\n key: string;\n window: Window;\n parseJson?: boolean;\n}) => {\n const cookie = window.document.cookie;\n if (!cookie) return null;\n const cookies = cookie.split(\";\");\n for (const c of cookies) {\n const [name, value] = c.trim().split(\"=\");\n if (value && name === key) {\n try {\n const decodeURIComponentValue = decodeURIComponent(value);\n return parseJson === true\n ? JSON.parse(decodeURIComponentValue)\n : decodeURIComponentValue;\n } catch {\n return value;\n }\n }\n }\n return null;\n};\nexport { getWindowCookieValue };\n","\"use client\";\nimport { useEffect, useRef } from \"react\";\nimport { useRouter } from \"next/navigation.js\";\nimport { useQuery } from \"@tanstack/react-query\";\nimport { getWindowCookieValue } from \"@/lib/cookies.js\";\nimport { OAuthTokens } from \"@/shared/types\";\n\nconst getTokenFromCookie = (tokenName: OAuthTokens): string => {\n return getWindowCookieValue({\n key: tokenName,\n window: globalThis.window,\n parseJson: false,\n });\n};\n\nexport const useTokenCookie = (tokenName: OAuthTokens): string | null => {\n const hasRunRef = useRef(false);\n const router = useRouter();\n\n const { data: token } = useQuery({\n queryKey: [\"token\", tokenName],\n queryFn: () => getTokenFromCookie(tokenName) || null,\n refetchInterval: 2000,\n refetchIntervalInBackground: true,\n enabled: !hasRunRef.current,\n refetchOnWindowFocus: true,\n });\n\n useEffect(() => {\n if (token) {\n if (!hasRunRef.current) {\n hasRunRef.current = true;\n router.refresh();\n }\n } else {\n hasRunRef.current = false;\n }\n }, [token, router]);\n\n return token ?? null;\n};\n"]}
|
package/dist/nextjs/client.mjs
CHANGED
|
@@ -2,18 +2,18 @@ import "../chunk-PMJAV4JJ.mjs";
|
|
|
2
2
|
import {
|
|
3
3
|
AuthProvider,
|
|
4
4
|
UserProvider
|
|
5
|
-
} from "../chunk-
|
|
5
|
+
} from "../chunk-NLRREFOX.mjs";
|
|
6
6
|
import {
|
|
7
7
|
NextjsClientStorage,
|
|
8
8
|
resolveCallbackUrl
|
|
9
|
-
} from "../chunk-
|
|
9
|
+
} from "../chunk-MK7557NR.mjs";
|
|
10
10
|
import {
|
|
11
11
|
resolveAuthConfig
|
|
12
|
-
} from "../chunk-
|
|
13
|
-
import "../chunk-
|
|
12
|
+
} from "../chunk-O3WGNLRO.mjs";
|
|
13
|
+
import "../chunk-AP4627CS.mjs";
|
|
14
14
|
import {
|
|
15
15
|
ConfidentialClientPKCEConsumer
|
|
16
|
-
} from "../chunk-
|
|
16
|
+
} from "../chunk-4PLCDPEN.mjs";
|
|
17
17
|
import {
|
|
18
18
|
__async,
|
|
19
19
|
__objRest,
|
package/dist/nextjs.js
CHANGED
|
@@ -5,16 +5,16 @@
|
|
|
5
5
|
|
|
6
6
|
|
|
7
7
|
|
|
8
|
-
var
|
|
8
|
+
var _chunkCTVJJBBAjs = require('./chunk-CTVJJBBA.js');
|
|
9
9
|
|
|
10
10
|
|
|
11
11
|
|
|
12
12
|
|
|
13
13
|
|
|
14
|
-
var
|
|
14
|
+
var _chunkJDZPCA3Pjs = require('./chunk-JDZPCA3P.js');
|
|
15
15
|
|
|
16
16
|
|
|
17
|
-
var
|
|
17
|
+
var _chunk6RFRDWIPjs = require('./chunk-6RFRDWIP.js');
|
|
18
18
|
|
|
19
19
|
|
|
20
20
|
|
|
@@ -23,7 +23,7 @@ var _chunkO6DPCPRHjs = require('./chunk-O6DPCPRH.js');
|
|
|
23
23
|
|
|
24
24
|
|
|
25
25
|
|
|
26
|
-
var
|
|
26
|
+
var _chunk7K3QN2ATjs = require('./chunk-7K3QN2AT.js');
|
|
27
27
|
|
|
28
28
|
|
|
29
29
|
|
|
@@ -33,9 +33,9 @@ var _chunkCRTRMMJ7js = require('./chunk-CRTRMMJ7.js');
|
|
|
33
33
|
// src/nextjs/GetUser.ts
|
|
34
34
|
var getUser2 = () => {
|
|
35
35
|
var _a;
|
|
36
|
-
const clientStorage = new (0,
|
|
37
|
-
const userSession = new (0,
|
|
38
|
-
const tokens =
|
|
36
|
+
const clientStorage = new (0, _chunkCTVJJBBAjs.NextjsClientStorage)();
|
|
37
|
+
const userSession = new (0, _chunk7K3QN2ATjs.GenericUserSession)(clientStorage);
|
|
38
|
+
const tokens = _chunk7K3QN2ATjs.retrieveTokens.call(void 0, clientStorage);
|
|
39
39
|
const user = userSession.get();
|
|
40
40
|
if (!user || !tokens) return null;
|
|
41
41
|
return _chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, user), {
|
|
@@ -62,7 +62,7 @@ var matchesGlobs = (pathname, patterns) => patterns.some((pattern) => {
|
|
|
62
62
|
return matchGlob(pathname, pattern);
|
|
63
63
|
});
|
|
64
64
|
var applyAuth = (authConfig, request) => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
|
|
65
|
-
const authConfigWithDefaults =
|
|
65
|
+
const authConfigWithDefaults = _chunkJDZPCA3Pjs.resolveAuthConfig.call(void 0, authConfig);
|
|
66
66
|
const isAuthenticated = !!request.cookies.get("id_token");
|
|
67
67
|
if (request.nextUrl.pathname === authConfigWithDefaults.loginUrl && request.method === "GET") {
|
|
68
68
|
console.log("\u2192 Skipping auth check - this is the login URL");
|
|
@@ -84,7 +84,7 @@ var applyAuth = (authConfig, request) => _chunkCRTRMMJ7js.__async.call(void 0, v
|
|
|
84
84
|
console.log("\u2192 Auth check passed");
|
|
85
85
|
return void 0;
|
|
86
86
|
});
|
|
87
|
-
var authMiddleware = (authConfig =
|
|
87
|
+
var authMiddleware = (authConfig = _chunkJDZPCA3Pjs.defaultAuthConfig) => (request) => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
|
|
88
88
|
const response = yield applyAuth(authConfig, request);
|
|
89
89
|
if (response) return response;
|
|
90
90
|
return _serverjs.NextResponse.next();
|
|
@@ -110,7 +110,7 @@ function auth(authConfig = {}) {
|
|
|
110
110
|
|
|
111
111
|
var _cachejs = require('next/cache.js');
|
|
112
112
|
var _headersjs = require('next/headers.js');
|
|
113
|
-
var logger =
|
|
113
|
+
var logger = _chunkJDZPCA3Pjs.loggers.nextjs.handlers.auth;
|
|
114
114
|
var AuthError = class extends Error {
|
|
115
115
|
constructor(message, status = 401) {
|
|
116
116
|
super(message);
|
|
@@ -121,37 +121,37 @@ var AuthError = class extends Error {
|
|
|
121
121
|
function handleChallenge(config) {
|
|
122
122
|
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
123
123
|
var _a, _b;
|
|
124
|
-
const cookieStorage = new (0,
|
|
125
|
-
const pkceProducer = new (0,
|
|
124
|
+
const cookieStorage = new (0, _chunkCTVJJBBAjs.NextjsCookieStorage)((_b = (_a = config.cookies) == null ? void 0 : _a.tokens) != null ? _b : {});
|
|
125
|
+
const pkceProducer = new (0, _chunk7K3QN2ATjs.GenericPublicClientPKCEProducer)(cookieStorage);
|
|
126
126
|
const challenge = yield pkceProducer.getCodeChallenge();
|
|
127
127
|
return _serverjs.NextResponse.json({ status: "success", challenge });
|
|
128
128
|
});
|
|
129
129
|
}
|
|
130
130
|
function performTokenExchangeAndSetCookies(request, config, code, state) {
|
|
131
131
|
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
132
|
-
const resolvedConfigs =
|
|
133
|
-
const cookieStorage = new (0,
|
|
134
|
-
const callbackUrl =
|
|
132
|
+
const resolvedConfigs = _chunkJDZPCA3Pjs.resolveAuthConfig.call(void 0, config);
|
|
133
|
+
const cookieStorage = new (0, _chunkCTVJJBBAjs.NextjsCookieStorage)(resolvedConfigs.cookies.tokens);
|
|
134
|
+
const callbackUrl = _chunkCTVJJBBAjs.resolveCallbackUrl.call(void 0, resolvedConfigs, request.url);
|
|
135
135
|
try {
|
|
136
|
-
yield
|
|
136
|
+
yield _chunk6RFRDWIPjs.resolveOAuthAccessCode.call(void 0, code, state, cookieStorage, _chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, resolvedConfigs), {
|
|
137
137
|
redirectUrl: callbackUrl
|
|
138
138
|
}));
|
|
139
139
|
} catch (error) {
|
|
140
140
|
logger.error("Token exchange failed:", error);
|
|
141
141
|
throw new AuthError("Failed to authenticate user", 401);
|
|
142
142
|
}
|
|
143
|
-
const user = yield
|
|
143
|
+
const user = yield _chunk7K3QN2ATjs.getUser.call(void 0, cookieStorage);
|
|
144
144
|
if (!user) {
|
|
145
145
|
throw new AuthError("Failed to get user info", 401);
|
|
146
146
|
}
|
|
147
|
-
const clientStorage = new (0,
|
|
148
|
-
const userSession = new (0,
|
|
147
|
+
const clientStorage = new (0, _chunkCTVJJBBAjs.NextjsClientStorage)();
|
|
148
|
+
const userSession = new (0, _chunk7K3QN2ATjs.GenericUserSession)(clientStorage);
|
|
149
149
|
userSession.set(user);
|
|
150
150
|
});
|
|
151
151
|
}
|
|
152
152
|
function handleCallback(request, config) {
|
|
153
153
|
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
154
|
-
const resolvedConfigs =
|
|
154
|
+
const resolvedConfigs = _chunkJDZPCA3Pjs.resolveAuthConfig.call(void 0, config);
|
|
155
155
|
console.log("handleCallback", { request, resolvedConfigs });
|
|
156
156
|
const code = request.nextUrl.searchParams.get("code");
|
|
157
157
|
const state = request.nextUrl.searchParams.get("state") || "";
|
|
@@ -160,12 +160,12 @@ function handleCallback(request, config) {
|
|
|
160
160
|
if (!request.cookies.get("code_verifier" /* COOKIE_NAME */)) {
|
|
161
161
|
console.log("handleCallback no code_verifier found", {
|
|
162
162
|
state,
|
|
163
|
-
serverTokenExchange:
|
|
163
|
+
serverTokenExchange: _chunk7K3QN2ATjs.serverTokenExchangeFromState.call(void 0, `${state}`)
|
|
164
164
|
});
|
|
165
165
|
let response2 = new (0, _serverjs.NextResponse)(
|
|
166
|
-
`<html><body><span style="display:none">${
|
|
166
|
+
`<html><body><span style="display:none">${_chunk7K3QN2ATjs.TOKEN_EXCHANGE_TRIGGER_TEXT}</span></body></html>`
|
|
167
167
|
);
|
|
168
|
-
if (state &&
|
|
168
|
+
if (state && _chunk7K3QN2ATjs.serverTokenExchangeFromState.call(void 0, state)) {
|
|
169
169
|
console.log(
|
|
170
170
|
"handleCallback serverTokenExchangeFromState, launching redirect page...",
|
|
171
171
|
{
|
|
@@ -200,7 +200,7 @@ function handleCallback(request, config) {
|
|
|
200
200
|
}
|
|
201
201
|
response2.headers.set("Content-Type", "text/html; charset=utf-8");
|
|
202
202
|
console.log(
|
|
203
|
-
`handleCallback no code_verifier found, returning ${
|
|
203
|
+
`handleCallback no code_verifier found, returning ${_chunk7K3QN2ATjs.TOKEN_EXCHANGE_TRIGGER_TEXT}`
|
|
204
204
|
);
|
|
205
205
|
return response2;
|
|
206
206
|
}
|
|
@@ -220,7 +220,7 @@ function handleCallback(request, config) {
|
|
|
220
220
|
redirectUrl: resolvedConfigs.appUrl
|
|
221
221
|
});
|
|
222
222
|
}
|
|
223
|
-
if (
|
|
223
|
+
if (_chunk7K3QN2ATjs.serverTokenExchangeFromState.call(void 0, state)) {
|
|
224
224
|
console.log(
|
|
225
225
|
"handleCallback serverTokenExchangeFromState, redirect to config.appUrl",
|
|
226
226
|
resolvedConfigs.appUrl
|
|
@@ -231,7 +231,7 @@ function handleCallback(request, config) {
|
|
|
231
231
|
return _serverjs.NextResponse.redirect(`${resolvedConfigs.appUrl}`);
|
|
232
232
|
}
|
|
233
233
|
const response = new (0, _serverjs.NextResponse)(
|
|
234
|
-
`<html><span style="display:none">${
|
|
234
|
+
`<html><span style="display:none">${_chunk7K3QN2ATjs.TOKEN_EXCHANGE_SUCCESS_TEXT}</span></html>`
|
|
235
235
|
);
|
|
236
236
|
response.headers.set("Content-Type", "text/html; charset=utf-8");
|
|
237
237
|
return response;
|
|
@@ -246,7 +246,7 @@ var getAbsoluteRedirectPath = (redirectPath, currentBasePath) => {
|
|
|
246
246
|
function handleLogout(request, config) {
|
|
247
247
|
return _chunkCRTRMMJ7js.__async.call(void 0, this, null, function* () {
|
|
248
248
|
var _a, _b;
|
|
249
|
-
const resolvedConfigs =
|
|
249
|
+
const resolvedConfigs = _chunkJDZPCA3Pjs.resolveAuthConfig.call(void 0, config);
|
|
250
250
|
const defaultRedirectPath = (_a = resolvedConfigs.loginUrl) != null ? _a : "/";
|
|
251
251
|
const redirectTarget = new URL(request.url).searchParams.get("redirect") || defaultRedirectPath;
|
|
252
252
|
const isAbsoluteRedirect = /^(https?:\/\/|www\.).+/i.test(redirectTarget);
|
|
@@ -255,7 +255,7 @@ function handleLogout(request, config) {
|
|
|
255
255
|
new URL((_b = resolvedConfigs.appUrl) != null ? _b : request.url).origin
|
|
256
256
|
);
|
|
257
257
|
const response = _serverjs.NextResponse.redirect(finalRedirectUrl);
|
|
258
|
-
|
|
258
|
+
_chunkCTVJJBBAjs.clearAuthCookies.call(void 0, config);
|
|
259
259
|
try {
|
|
260
260
|
_cachejs.revalidatePath.call(void 0, isAbsoluteRedirect ? finalRedirectUrl : redirectTarget);
|
|
261
261
|
} catch (error) {
|
|
@@ -265,7 +265,7 @@ function handleLogout(request, config) {
|
|
|
265
265
|
});
|
|
266
266
|
}
|
|
267
267
|
var handler = (authConfig = {}) => (request) => _chunkCRTRMMJ7js.__async.call(void 0, void 0, null, function* () {
|
|
268
|
-
const config =
|
|
268
|
+
const config = _chunkJDZPCA3Pjs.resolveAuthConfig.call(void 0, authConfig);
|
|
269
269
|
try {
|
|
270
270
|
const pathname = request.nextUrl.pathname;
|
|
271
271
|
const pathSegments = pathname.split("/");
|
|
@@ -285,7 +285,7 @@ var handler = (authConfig = {}) => (request) => _chunkCRTRMMJ7js.__async.call(vo
|
|
|
285
285
|
const status = error instanceof AuthError ? error.status : 500;
|
|
286
286
|
const message = error instanceof Error ? error.message : "Authentication failed";
|
|
287
287
|
const response = _serverjs.NextResponse.json({ error: message }, { status });
|
|
288
|
-
|
|
288
|
+
_chunkCTVJJBBAjs.clearAuthCookies.call(void 0, config);
|
|
289
289
|
return response;
|
|
290
290
|
}
|
|
291
291
|
});
|
|
@@ -303,5 +303,5 @@ var handler = (authConfig = {}) => (request) => _chunkCRTRMMJ7js.__async.call(vo
|
|
|
303
303
|
|
|
304
304
|
|
|
305
305
|
|
|
306
|
-
exports.NextjsClientStorage =
|
|
306
|
+
exports.NextjsClientStorage = _chunkCTVJJBBAjs.NextjsClientStorage; exports.NextjsCookieStorage = _chunkCTVJJBBAjs.NextjsCookieStorage; exports.auth = auth; exports.authMiddleware = authMiddleware; exports.clearAuthCookies = _chunkCTVJJBBAjs.clearAuthCookies; exports.createCivicAuthPlugin = _chunkJDZPCA3Pjs.createCivicAuthPlugin; exports.createTokenCookies = _chunkCTVJJBBAjs.createTokenCookies; exports.createUserInfoCookie = _chunkCTVJJBBAjs.createUserInfoCookie; exports.defaultAuthConfig = _chunkJDZPCA3Pjs.defaultAuthConfig; exports.getUser = getUser2; exports.handler = handler; exports.resolveAuthConfig = _chunkJDZPCA3Pjs.resolveAuthConfig; exports.withAuth = withAuth;
|
|
307
307
|
//# sourceMappingURL=nextjs.js.map
|
package/dist/nextjs.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["/Users/kevincolgan/code/civic-auth/packages/civic-auth-client/dist/nextjs.js","../src/nextjs/GetUser.ts","../src/nextjs/middleware.ts","../src/nextjs/routeHandler.ts"],"names":["getUser","NextResponse","response"],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACF,sDAA4B;AAC5B;AACE;AACA;AACA;AACA;AACF,sDAA4B;AAC5B;AACE;AACF,sDAA4B;AAC5B;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACF,sDAA4B;AAC5B;AACE;AACA;AACA;AACF,sDAA4B;AAC5B;AACA;ACxBO,IAAMA,SAAAA,EAAU,CAAA,EAAA,GAAmB;AAR1C,EAAA,IAAA,EAAA;AASE,EAAA,MAAM,cAAA,EAAgB,IAAI,yCAAA,CAAoB,CAAA;AAC9C,EAAA,MAAM,YAAA,EAAc,IAAI,wCAAA,CAAmB,aAAa,CAAA;AACxD,EAAA,MAAM,OAAA,EAAS,6CAAA,aAA4B,CAAA;AAC3C,EAAA,MAAM,KAAA,EAAO,WAAA,CAAY,GAAA,CAAI,CAAA;AAC7B,EAAA,GAAA,CAAI,CAAC,KAAA,GAAQ,CAAC,MAAA,EAAQ,OAAO,IAAA;AAE7B,EAAA,OAAO,4CAAA,6CAAA,CAAA,CAAA,EACF,IAAA,CAAA,EADE;AAAA,IAEL,OAAA,EAAS,MAAA,CAAO,QAAA;AAAA,IAChB,WAAA,EAAa,MAAA,CAAO,YAAA;AAAA,IACpB,YAAA,EAAA,CAAc,GAAA,EAAA,MAAA,CAAO,aAAA,EAAA,GAAP,KAAA,EAAA,GAAA,EAAwB;AAAA,EACxC,CAAA,CAAA;AACF,CAAA;ADyBA;AACA;AE1BA,0CAA0C;AAC1C,4FAAsB;AAgBtB,IAAM,UAAA,EAAY,CAAC,QAAA,EAAkB,WAAA,EAAA,GAAwB;AAC3D,EAAA,MAAM,QAAA,EAAU,iCAAA,WAAqB,CAAA;AACrC,EAAA,OAAO,OAAA,CAAQ,QAAQ,CAAA;AACzB,CAAA;AAOA,IAAM,aAAA,EAAe,CAAC,QAAA,EAAkB,QAAA,EAAA,GACtC,QAAA,CAAS,IAAA,CAAK,CAAC,OAAA,EAAA,GAAY;AACzB,EAAA,GAAA,CAAI,CAAC,OAAA,EAAS,OAAO,KAAA;AACrB,EAAA,OAAA,CAAQ,GAAA,CAAI,UAAA,EAAY;AAAA,IACtB,OAAA;AAAA,IACA,QAAA;AAAA,IACA,KAAA,EAAO,SAAA,CAAU,QAAA,EAAU,OAAO;AAAA,EACpC,CAAC,CAAA;AACD,EAAA,OAAO,SAAA,CAAU,QAAA,EAAU,OAAO,CAAA;AACpC,CAAC,CAAA;AAGH,IAAM,UAAA,EAAY,CAChB,UAAA,EACA,OAAA,EAAA,GACsC,sCAAA,KAAA,CAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AACtC,EAAA,MAAM,uBAAA,EAAyB,gDAAA,UAA4B,CAAA;AAE3D,EAAA,MAAM,gBAAA,EAAkB,CAAC,CAAC,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,UAAU,CAAA;AAGxD,EAAA,GAAA,CACE,OAAA,CAAQ,OAAA,CAAQ,SAAA,IAAa,sBAAA,CAAuB,SAAA,GACpD,OAAA,CAAQ,OAAA,IAAW,KAAA,EACnB;AACA,IAAA,OAAA,CAAQ,GAAA,CAAI,oDAA+C,CAAA;AAC3D,IAAA,OAAO,KAAA,CAAA;AAAA,EACT;AAEA,EAAA,GAAA,CAAI,CAAC,YAAA,CAAa,OAAA,CAAQ,OAAA,CAAQ,QAAA,EAAU,sBAAA,CAAuB,OAAO,CAAA,EAAG;AAC3E,IAAA,OAAA,CAAQ,GAAA,CAAI,2DAAsD,CAAA;AAClE,IAAA,OAAO,KAAA,CAAA;AAAA,EACT;AAEA,EAAA,GAAA,CAAI,YAAA,CAAa,OAAA,CAAQ,OAAA,CAAQ,QAAA,EAAU,sBAAA,CAAuB,OAAO,CAAA,EAAG;AAC1E,IAAA,OAAA,CAAQ,GAAA,CAAI,uDAAkD,CAAA;AAC9D,IAAA,OAAO,KAAA,CAAA;AAAA,EACT;AAGA,EAAA,GAAA,CAAI,CAAC,eAAA,EAAiB;AACpB,IAAA,MAAM,SAAA,EAAW,IAAI,GAAA,CAAI,sBAAA,CAAuB,QAAA,EAAU,OAAA,CAAQ,GAAG,CAAA;AACrE,IAAA,OAAA,CAAQ,GAAA,CAAI,oDAAA,EAAiD,QAAQ,CAAA;AACrE,IAAA,OAAO,sBAAA,CAAa,QAAA,CAAS,QAAQ,CAAA;AAAA,EACvC;AAEA,EAAA,OAAA,CAAQ,GAAA,CAAI,0BAAqB,CAAA;AACjC,EAAA,OAAO,KAAA,CAAA;AACT,CAAA,CAAA;AAUO,IAAM,eAAA,EACX,CAAC,WAAA,EAAa,kCAAA,EAAA,GACd,CAAO,OAAA,EAAA,GAAgD,sCAAA,KAAA,CAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AACrD,EAAA,MAAM,SAAA,EAAW,MAAM,SAAA,CAAU,UAAA,EAAY,OAAO,CAAA;AACpD,EAAA,GAAA,CAAI,QAAA,EAAU,OAAO,QAAA;AAIrB,EAAA,OAAO,sBAAA,CAAa,IAAA,CAAK,CAAA;AAC3B,CAAA,CAAA;AAWK,SAAS,QAAA,CACd,UAAA,EACiD;AACjD,EAAA,OAAO,CAAO,OAAA,EAAA,GAAgD,sCAAA,IAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AAC5D,IAAA,MAAM,SAAA,EAAW,MAAM,SAAA,CAAU,CAAC,CAAA,EAAG,OAAO,CAAA;AAC5C,IAAA,GAAA,CAAI,QAAA,EAAU,OAAO,QAAA;AAErB,IAAA,OAAO,UAAA,CAAW,OAAO,CAAA;AAAA,EAC3B,CAAA,CAAA;AACF;AAeO,SAAS,IAAA,CAAK,WAAA,EAAyB,CAAC,CAAA,EAAG;AAChD,EAAA,OAAO,CACL,UAAA,EAAA,GACsD;AACtD,IAAA,OAAO,CAAO,OAAA,EAAA,GAAgD,sCAAA,IAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AAC5D,MAAA,MAAM,SAAA,EAAW,MAAM,SAAA,CAAU,UAAA,EAAY,OAAO,CAAA;AACpD,MAAA,GAAA,CAAI,QAAA,EAAU,OAAO,QAAA;AAErB,MAAA,OAAO,UAAA,CAAW,OAAO,CAAA;AAAA,IAC3B,CAAA,CAAA;AAAA,EACF,CAAA;AACF;AFtDA;AACA;AG5GA;AACA,wCAA+B;AAkB/B,4CAAwB;AAGxB,IAAM,OAAA,EAAS,wBAAA,CAAQ,MAAA,CAAO,QAAA,CAAS,IAAA;AAEvC,IAAM,UAAA,EAAN,MAAA,QAAwB,MAAM;AAAA,EAC5B,WAAA,CACE,OAAA,EACgB,OAAA,EAAiB,GAAA,EACjC;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAFG,IAAA,IAAA,CAAA,OAAA,EAAA,MAAA;AAGhB,IAAA,IAAA,CAAK,KAAA,EAAO,WAAA;AAAA,EACd;AACF,CAAA;AAOA,SAAe,eAAA,CAAgB,MAAA,EAA2C;AAAA,EAAA,OAAA,sCAAA,IAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AAvC1E,IAAA,IAAA,EAAA,EAAA,EAAA;AAwCE,IAAA,MAAM,cAAA,EAAgB,IAAI,yCAAA,CAAA,CAAoB,GAAA,EAAA,CAAA,GAAA,EAAA,MAAA,CAAO,OAAA,EAAA,GAAP,KAAA,EAAA,KAAA,EAAA,EAAA,EAAA,CAAgB,MAAA,EAAA,GAAhB,KAAA,EAAA,GAAA,EAA0B,CAAC,CAAC,CAAA;AAC1E,IAAA,MAAM,aAAA,EAAe,IAAI,qDAAA,CAAgC,aAAa,CAAA;AAEtE,IAAA,MAAM,UAAA,EAAY,MAAM,YAAA,CAAa,gBAAA,CAAiB,CAAA;AAEtD,IAAA,OAAOC,sBAAAA,CAAa,IAAA,CAAK,EAAE,MAAA,EAAQ,SAAA,EAAW,UAAU,CAAC,CAAA;AAAA,EAC3D,CAAA,CAAA;AAAA;AAEA,SAAe,iCAAA,CACb,OAAA,EACA,MAAA,EACA,IAAA,EACA,KAAA,EACA;AAAA,EAAA,OAAA,sCAAA,IAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AACA,IAAA,MAAM,gBAAA,EAAkB,gDAAA,MAAwB,CAAA;AAChD,IAAA,MAAM,cAAA,EAAgB,IAAI,yCAAA,CAAoB,eAAA,CAAgB,OAAA,CAAQ,MAAM,CAAA;AAE5E,IAAA,MAAM,YAAA,EAAc,iDAAA,eAAmB,EAAiB,OAAA,CAAQ,GAAG,CAAA;AACnE,IAAA,IAAI;AACF,MAAA,MAAM,qDAAA,IAAuB,EAAM,KAAA,EAAO,aAAA,EAAe,4CAAA,6CAAA,CAAA,CAAA,EACpD,eAAA,CAAA,EADoD;AAAA,QAEvD,WAAA,EAAa;AAAA,MACf,CAAA,CAAC,CAAA;AAAA,IACH,EAAA,MAAA,CAAS,KAAA,EAAO;AACd,MAAA,MAAA,CAAO,KAAA,CAAM,wBAAA,EAA0B,KAAK,CAAA;AAC5C,MAAA,MAAM,IAAI,SAAA,CAAU,6BAAA,EAA+B,GAAG,CAAA;AAAA,IACxD;AAEA,IAAA,MAAM,KAAA,EAAO,MAAM,sCAAA,aAAqB,CAAA;AACxC,IAAA,GAAA,CAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,IAAI,SAAA,CAAU,yBAAA,EAA2B,GAAG,CAAA;AAAA,IACpD;AAEA,IAAA,MAAM,cAAA,EAAgB,IAAI,yCAAA,CAAoB,CAAA;AAC9C,IAAA,MAAM,YAAA,EAAc,IAAI,wCAAA,CAAmB,aAAa,CAAA;AACxD,IAAA,WAAA,CAAY,GAAA,CAAI,IAAI,CAAA;AAAA,EACtB,CAAA,CAAA;AAAA;AACA,SAAe,cAAA,CACb,OAAA,EACA,MAAA,EACuB;AAAA,EAAA,OAAA,sCAAA,IAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AACvB,IAAA,MAAM,gBAAA,EAAkB,gDAAA,MAAwB,CAAA;AAChD,IAAA,OAAA,CAAQ,GAAA,CAAI,gBAAA,EAAkB,EAAE,OAAA,EAAS,gBAAgB,CAAC,CAAA;AAC1D,IAAA,MAAM,KAAA,EAAO,OAAA,CAAQ,OAAA,CAAQ,YAAA,CAAa,GAAA,CAAI,MAAM,CAAA;AACpD,IAAA,MAAM,MAAA,EAAQ,OAAA,CAAQ,OAAA,CAAQ,YAAA,CAAa,GAAA,CAAI,OAAO,EAAA,GAAK,EAAA;AAC3D,IAAA,GAAA,CAAI,CAAC,KAAA,GAAQ,CAAC,KAAA,EAAO,MAAM,IAAI,SAAA,CAAU,gBAAA,EAAkB,GAAG,CAAA;AAM9D,IAAA,OAAA,CAAQ,GAAA,CAAI,gBAAA,EAAkB,EAAE,IAAA,EAAM,KAAA,EAAO,OAAA,EAAS,gCAAA,EAAU,CAAC,CAAA;AACjE,IAAA,GAAA,CAAI,CAAC,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAA,iCAA4B,CAAA,EAAG;AAClD,MAAA,OAAA,CAAQ,GAAA,CAAI,uCAAA,EAAyC;AAAA,QACnD,KAAA;AAAA,QACA,mBAAA,EAAqB,2DAAA,CAA6B,EAAA;AACnD,MAAA;AACkBA,MAAAA;AACyB,QAAA;AAC5C,MAAA;AAKkD,MAAA;AACxC,QAAA;AACN,UAAA;AACA,UAAA;AACsB,YAAA;AACe,YAAA;AACrC,UAAA;AACF,QAAA;AAGsC,QAAA;AACa,QAAA;AACpCA,QAAAA;AACb,UAAA;AAAA;AAAA;AAAA;AAAA;AAKqC,mCAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,QAAA;AAevC,QAAA;AACF,MAAA;AACqC,MAAA;AAC7B,MAAA;AACN,QAAA;AACF,MAAA;AACOC,MAAAA;AACT,IAAA;AAEM,IAAA;AACJ,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACF,IAAA;AAEyB,IAAA;AACf,MAAA;AACN,QAAA;AACgB,QAAA;AAClB,MAAA;AACyB,MAAA;AACf,QAAA;AACqB,QAAA;AAC9B,MAAA;AACH,IAAA;AAGyC,IAAA;AAC/B,MAAA;AACN,QAAA;AACgB,QAAA;AAClB,MAAA;AAC6B,MAAA;AACX,QAAA;AAClB,MAAA;AACgD,MAAA;AAClD,IAAA;AAIqBD,IAAAA;AACiB,MAAA;AACtC,IAAA;AACqC,IAAA;AAC9B,IAAA;AACT,EAAA;AAAA;AAUE;AAGkD,EAAA;AACzC,IAAA;AACT,EAAA;AAC8C,EAAA;AAChD;AAKyB;AAAA,EAAA;AA7MzB,IAAA;AA8MkD,IAAA;AACJ,IAAA;AAErB,IAAA;AAC8B,IAAA;AAC5B,IAAA;AACvB,MAAA;AACkC,MAAA;AACpC,IAAA;AAEuC,IAAA;AAEhB,IAAA;AAEnB,IAAA;AACkC,MAAA;AACtB,IAAA;AACF,MAAA;AACd,IAAA;AAEO,IAAA;AACT,EAAA;AAAA;AAgByD;AACV,EAAA;AAEvC,EAAA;AAC+B,IAAA;AACM,IAAA;AACgB,IAAA;AAElC,IAAA;AACd,MAAA;AACgC,QAAA;AAChC,MAAA;AACwC,QAAA;AACxC,MAAA;AACsC,QAAA;AAC3C,MAAA;AACqD,QAAA;AACvD,IAAA;AACc,EAAA;AAC2B,IAAA;AAES,IAAA;AAEjB,IAAA;AAEmB,IAAA;AAE7B,IAAA;AAChB,IAAA;AACT,EAAA;AACF;AHkByD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","file":"/Users/kevincolgan/code/civic-auth/packages/civic-auth-client/dist/nextjs.js","sourcesContent":[null,"/**\n * Used on the server-side to get the user object from the cookie\n */\nimport { User } from \"@/types\";\nimport { GenericUserSession } from \"@/shared/UserSession\";\nimport { NextjsClientStorage } from \"@/nextjs/cookies\";\nimport { retrieveTokens } from \"@/shared/util\";\n\nexport const getUser = (): User | null => {\n const clientStorage = new NextjsClientStorage();\n const userSession = new GenericUserSession(clientStorage);\n const tokens = retrieveTokens(clientStorage);\n const user = userSession.get();\n if (!user || !tokens) return null;\n\n return {\n ...user!,\n idToken: tokens.id_token,\n accessToken: tokens.access_token,\n refreshToken: tokens.refresh_token ?? \"\",\n } as User;\n};\n","/**\n * Authenticates the user on all requests by checking the token cookie\n *\n * Usage:\n * Option 1: use if no other middleware (e.g. no next-intl etc)\n * export default authMiddleware();\n *\n * Option 2: use if other middleware is needed - default auth config\n * export default withAuth((request) => {\n * console.log('in custom middleware', request.nextUrl.pathname);\n * return NextResponse.next();\n * })\n *\n * Option 3: use if other middleware is needed - specifying auth config\n * const withCivicAuth = auth({ loginUrl: '/login', include: ['/[.*]/user'] })\n * export default withCivicAuth((request) => {\n * console.log('in custom middleware', request.url);\n * return NextResponse.next();\n * })\n *\n */\nimport { NextRequest, NextResponse } from \"next/server.js\";\nimport picomatch from \"picomatch\";\nimport {\n AuthConfig,\n defaultAuthConfig,\n resolveAuthConfig,\n} from \"@/nextjs/config.js\";\n\ntype Middleware = (\n request: NextRequest,\n) => Promise<NextResponse> | NextResponse;\n\n// Matches globs:\n// Examples:\n// /user\n// /user/*\n// /user/**/info\nconst matchGlob = (pathname: string, globPattern: string) => {\n const matches = picomatch(globPattern);\n return matches(pathname);\n};\n\n// Matches globs:\n// Examples:\n// /user\n// /user/*\n// /user/**/info\nconst matchesGlobs = (pathname: string, patterns: string[]) =>\n patterns.some((pattern) => {\n if (!pattern) return false;\n console.log(\"matching\", {\n pattern,\n pathname,\n match: matchGlob(pathname, pattern),\n });\n return matchGlob(pathname, pattern);\n });\n\n// internal - used by all exported functions\nconst applyAuth = async (\n authConfig: AuthConfig,\n request: NextRequest,\n): Promise<NextResponse | undefined> => {\n const authConfigWithDefaults = resolveAuthConfig(authConfig);\n // Check for any valid auth token\n const isAuthenticated = !!request.cookies.get(\"id_token\");\n\n // skip auth check for redirect to login url\n if (\n request.nextUrl.pathname === authConfigWithDefaults.loginUrl &&\n request.method === \"GET\"\n ) {\n console.log(\"→ Skipping auth check - this is the login URL\");\n return undefined;\n }\n\n if (!matchesGlobs(request.nextUrl.pathname, authConfigWithDefaults.include)) {\n console.log(\"→ Skipping auth check - path not in include patterns\");\n return undefined;\n }\n\n if (matchesGlobs(request.nextUrl.pathname, authConfigWithDefaults.exclude)) {\n console.log(\"→ Skipping auth check - path in exclude patterns\");\n return undefined;\n }\n\n // Check for either token type\n if (!isAuthenticated) {\n const loginUrl = new URL(authConfigWithDefaults.loginUrl, request.url);\n console.log(\"→ No valid token found - redirecting to login\", loginUrl);\n return NextResponse.redirect(loginUrl);\n }\n\n console.log(\"→ Auth check passed\");\n return undefined;\n};\n\n/**\n *\n * Use this when auth is the only middleware you need.\n * Usage:\n *\n * export default authMiddleware({ loginUrl = '/login' }); // or just authMiddleware();\n *\n */\nexport const authMiddleware =\n (authConfig = defaultAuthConfig) =>\n async (request: NextRequest): Promise<NextResponse> => {\n const response = await applyAuth(authConfig, request);\n if (response) return response;\n\n // NextJS doesn't do middleware chaining yet, so this does not mean\n // \"call the next middleware\" - it means \"continue to the route handler\"\n return NextResponse.next();\n };\n\n/**\n * Usage:\n *\n * export default withAuth(async (request) => {\n * console.log('my middleware');\n * return NextResponse.next();\n * })\n */\n// use this when you have your own middleware to chain\nexport function withAuth(\n middleware: Middleware,\n): (request: NextRequest) => Promise<NextResponse> {\n return async (request: NextRequest): Promise<NextResponse> => {\n const response = await applyAuth({}, request);\n if (response) return response;\n\n return middleware(request);\n };\n}\n\n/**\n * Use this when you want to configure the middleware here (an alternative is to do it in the next.config file)\n *\n * Usage:\n *\n * const withAuth = auth({ loginUrl = '/login' }); // or just auth();\n *\n * export default withAuth(async (request) => {\n * console.log('my middleware');\n * return NextResponse.next();\n * })\n *\n */\nexport function auth(authConfig: AuthConfig = {}) {\n return (\n middleware: Middleware,\n ): ((request: NextRequest) => Promise<NextResponse>) => {\n return async (request: NextRequest): Promise<NextResponse> => {\n const response = await applyAuth(authConfig, request);\n if (response) return response;\n\n return middleware(request);\n };\n };\n}\n","import { NextRequest, NextResponse } from \"next/server.js\";\nimport { revalidatePath } from \"next/cache.js\";\nimport { AuthConfig, resolveAuthConfig } from \"@/nextjs/config.js\";\nimport { loggers } from \"@/lib/logger.js\";\nimport {\n clearAuthCookies,\n NextjsClientStorage,\n NextjsCookieStorage,\n} from \"@/nextjs/cookies.js\";\nimport { GenericPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { resolveOAuthAccessCode } from \"@/server/login.js\";\nimport { getUser } from \"@/shared/session.js\";\nimport { resolveCallbackUrl } from \"@/nextjs/utils.js\";\nimport { GenericUserSession } from \"@/shared/UserSession.js\";\nimport {\n TOKEN_EXCHANGE_SUCCESS_TEXT,\n TOKEN_EXCHANGE_TRIGGER_TEXT,\n} from \"@/constants.js\";\nimport { serverTokenExchangeFromState } from \"@/lib/oauth.js\";\nimport { cookies } from \"next/headers.js\";\nimport { CodeVerifier } from \"@/shared/types\";\n\nconst logger = loggers.nextjs.handlers.auth;\n\nclass AuthError extends Error {\n constructor(\n message: string,\n public readonly status: number = 401,\n ) {\n super(message);\n this.name = \"AuthError\";\n }\n}\n\n/**\n * create a code verifier and challenge for PKCE\n * saving the verifier in a cookie for later use\n * @returns {Promise<NextResponse>}\n */\nasync function handleChallenge(config: AuthConfig): Promise<NextResponse> {\n const cookieStorage = new NextjsCookieStorage(config.cookies?.tokens ?? {});\n const pkceProducer = new GenericPublicClientPKCEProducer(cookieStorage);\n\n const challenge = await pkceProducer.getCodeChallenge();\n\n return NextResponse.json({ status: \"success\", challenge });\n}\n\nasync function performTokenExchangeAndSetCookies(\n request: NextRequest,\n config: AuthConfig,\n code: string,\n state: string,\n) {\n const resolvedConfigs = resolveAuthConfig(config);\n const cookieStorage = new NextjsCookieStorage(resolvedConfigs.cookies.tokens);\n\n const callbackUrl = resolveCallbackUrl(resolvedConfigs, request.url);\n try {\n await resolveOAuthAccessCode(code, state, cookieStorage, {\n ...resolvedConfigs,\n redirectUrl: callbackUrl,\n });\n } catch (error) {\n logger.error(\"Token exchange failed:\", error);\n throw new AuthError(\"Failed to authenticate user\", 401);\n }\n\n const user = await getUser(cookieStorage);\n if (!user) {\n throw new AuthError(\"Failed to get user info\", 401);\n }\n\n const clientStorage = new NextjsClientStorage();\n const userSession = new GenericUserSession(clientStorage);\n userSession.set(user);\n}\nasync function handleCallback(\n request: NextRequest,\n config: AuthConfig,\n): Promise<NextResponse> {\n const resolvedConfigs = resolveAuthConfig(config);\n console.log(\"handleCallback\", { request, resolvedConfigs });\n const code = request.nextUrl.searchParams.get(\"code\");\n const state = request.nextUrl.searchParams.get(\"state\") || \"\";\n if (!code || !state) throw new AuthError(\"Bad parameters\", 400);\n\n // If we have a code_verifier cookie, we can do a token exchange.\n // Otherwise, just render an empty page.\n // The initial redirect back from the auth server does not send cookies, because the redirect is from a 3rd-party domain.\n // The client will make an additional call to this route with cookies included, at which point we do the token exchange.\n console.log(\"handleCallback\", { code, state, cookies: cookies() });\n if (!request.cookies.get(CodeVerifier.COOKIE_NAME)) {\n console.log(\"handleCallback no code_verifier found\", {\n state,\n serverTokenExchange: serverTokenExchangeFromState(`${state}`),\n });\n let response = new NextResponse(\n `<html><body><span style=\"display:none\">${TOKEN_EXCHANGE_TRIGGER_TEXT}</span></body></html>`,\n );\n // in server-side token exchange mode we need to launch a page that will trigger the token exchange\n // from the same domain, allowing it access to the code_verifier cookie\n // we only need to do this in redirect mode, as the iframe already triggers a client-side token exchange\n // if no code-verifier cookie is found\n if (state && serverTokenExchangeFromState(state)) {\n console.log(\n \"handleCallback serverTokenExchangeFromState, launching redirect page...\",\n {\n requestUrl: request.url,\n configCallbackUrl: resolvedConfigs.callbackUrl,\n },\n );\n // we need to replace the URL with resolved config in case the server is hosted\n // behind a reverse proxy or load balancer\n const requestUrl = new URL(request.url);\n const fetchUrl = `${resolvedConfigs.callbackUrl}?${requestUrl.searchParams.toString()}&sameDomainServerTokenExchange=true`;\n response = new NextResponse(\n `<html>\n <body>\n <span style=\"display:none\">\n <script>\n window.onload = function () {\n fetch('${fetchUrl}').then((response) => {\n response.json().then((jsonResponse) => {\n console.log('fetch jsonResponse', jsonResponse);\n if (jsonResponse.redirectUrl) {\n console.log('handleCallback serverTokenExchangeFromState, redirecting');\n window.location.href = jsonResponse.redirectUrl;\n }\n });\n });\n };\n </script>\n </span>\n </body>\n </html>\n `,\n );\n }\n response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n console.log(\n `handleCallback no code_verifier found, returning ${TOKEN_EXCHANGE_TRIGGER_TEXT}`,\n );\n return response;\n }\n\n await performTokenExchangeAndSetCookies(\n request,\n resolvedConfigs,\n code,\n state,\n );\n\n if (request.url.includes(\"sameDomainServerTokenExchange=true\")) {\n console.log(\n \"handleCallback sameDomainServerTokenExchange = true, returnining redirectUrl\",\n resolvedConfigs.appUrl,\n );\n return NextResponse.json({\n status: \"success\",\n redirectUrl: resolvedConfigs.appUrl,\n });\n }\n\n // this is the case where a 'normal' redirect is happening\n if (serverTokenExchangeFromState(state)) {\n console.log(\n \"handleCallback serverTokenExchangeFromState, redirect to config.appUrl\",\n resolvedConfigs.appUrl,\n );\n if (!resolvedConfigs.appUrl) {\n throw new Error(\"appUrl not defined in config. Cannot redirect.\");\n }\n return NextResponse.redirect(`${resolvedConfigs.appUrl}`);\n }\n // return an empty HTML response so the iframe doesn't show any response\n // in the short moment between the redirect and the parent window\n // acknowledging the redirect and closing the iframe\n const response = new NextResponse(\n `<html><span style=\"display:none\">${TOKEN_EXCHANGE_SUCCESS_TEXT}</span></html>`,\n );\n response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n return response;\n}\n\n/**\n * If redirectPath is an absolute path, return it as-is.\n * Otherwise for relative paths, append it to the current domain.\n * @param redirectPath\n * @returns\n */\nconst getAbsoluteRedirectPath = (\n redirectPath: string,\n currentBasePath: string,\n) => {\n // Check if the redirectPath is an absolute URL\n if (/^(https?:\\/\\/|www\\.).+/i.test(redirectPath)) {\n return redirectPath; // Return as-is if it's an absolute URL\n }\n return new URL(redirectPath, currentBasePath).href;\n};\n\nexport async function handleLogout(\n request: NextRequest,\n config: AuthConfig,\n): Promise<NextResponse> {\n const resolvedConfigs = resolveAuthConfig(config);\n const defaultRedirectPath = resolvedConfigs.loginUrl ?? \"/\";\n const redirectTarget =\n new URL(request.url).searchParams.get(\"redirect\") || defaultRedirectPath;\n const isAbsoluteRedirect = /^(https?:\\/\\/|www\\.).+/i.test(redirectTarget);\n const finalRedirectUrl = getAbsoluteRedirectPath(\n redirectTarget,\n new URL(resolvedConfigs.appUrl ?? request.url).origin,\n );\n\n const response = NextResponse.redirect(finalRedirectUrl);\n\n clearAuthCookies(config);\n\n try {\n revalidatePath(isAbsoluteRedirect ? finalRedirectUrl : redirectTarget);\n } catch (error) {\n logger.warn(\"Failed to revalidate path after logout:\", error);\n }\n\n return response;\n}\n\n/**\n * Creates an authentication handler for Next.js API routes\n *\n * Usage:\n * ```ts\n * // app/api/auth/[...civicauth]/route.ts\n * import { handler } from '@civic/auth/nextjs'\n * export const GET = handler({\n * // optional config overrides\n * })\n * ```\n */\nexport const handler =\n (authConfig = {}) =>\n async (request: NextRequest): Promise<NextResponse> => {\n const config = resolveAuthConfig(authConfig);\n\n try {\n const pathname = request.nextUrl.pathname;\n const pathSegments = pathname.split(\"/\");\n const lastSegment = pathSegments[pathSegments.length - 1];\n\n switch (lastSegment) {\n case \"challenge\":\n return await handleChallenge(config);\n case \"callback\":\n return await handleCallback(request, config);\n case \"logout\":\n return await handleLogout(request, config);\n default:\n throw new AuthError(`Invalid auth route: ${pathname}`, 404);\n }\n } catch (error) {\n logger.error(\"Auth handler error:\", error);\n\n const status = error instanceof AuthError ? error.status : 500;\n const message =\n error instanceof Error ? error.message : \"Authentication failed\";\n\n const response = NextResponse.json({ error: message }, { status });\n\n clearAuthCookies(config);\n return response;\n }\n };\n"]}
|
|
1
|
+
{"version":3,"sources":["/Users/flippie/civic/repos/civic-auth/packages/civic-auth-client/dist/nextjs.js","../src/nextjs/GetUser.ts","../src/nextjs/middleware.ts","../src/nextjs/routeHandler.ts"],"names":["getUser","NextResponse","response"],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACF,sDAA4B;AAC5B;AACE;AACA;AACA;AACA;AACF,sDAA4B;AAC5B;AACE;AACF,sDAA4B;AAC5B;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACF,sDAA4B;AAC5B;AACE;AACA;AACA;AACF,sDAA4B;AAC5B;AACA;ACxBO,IAAMA,SAAAA,EAAU,CAAA,EAAA,GAAmB;AAR1C,EAAA,IAAA,EAAA;AASE,EAAA,MAAM,cAAA,EAAgB,IAAI,yCAAA,CAAoB,CAAA;AAC9C,EAAA,MAAM,YAAA,EAAc,IAAI,wCAAA,CAAmB,aAAa,CAAA;AACxD,EAAA,MAAM,OAAA,EAAS,6CAAA,aAA4B,CAAA;AAC3C,EAAA,MAAM,KAAA,EAAO,WAAA,CAAY,GAAA,CAAI,CAAA;AAC7B,EAAA,GAAA,CAAI,CAAC,KAAA,GAAQ,CAAC,MAAA,EAAQ,OAAO,IAAA;AAE7B,EAAA,OAAO,4CAAA,6CAAA,CAAA,CAAA,EACF,IAAA,CAAA,EADE;AAAA,IAEL,OAAA,EAAS,MAAA,CAAO,QAAA;AAAA,IAChB,WAAA,EAAa,MAAA,CAAO,YAAA;AAAA,IACpB,YAAA,EAAA,CAAc,GAAA,EAAA,MAAA,CAAO,aAAA,EAAA,GAAP,KAAA,EAAA,GAAA,EAAwB;AAAA,EACxC,CAAA,CAAA;AACF,CAAA;ADyBA;AACA;AE1BA,0CAA0C;AAC1C,4FAAsB;AAgBtB,IAAM,UAAA,EAAY,CAAC,QAAA,EAAkB,WAAA,EAAA,GAAwB;AAC3D,EAAA,MAAM,QAAA,EAAU,iCAAA,WAAqB,CAAA;AACrC,EAAA,OAAO,OAAA,CAAQ,QAAQ,CAAA;AACzB,CAAA;AAOA,IAAM,aAAA,EAAe,CAAC,QAAA,EAAkB,QAAA,EAAA,GACtC,QAAA,CAAS,IAAA,CAAK,CAAC,OAAA,EAAA,GAAY;AACzB,EAAA,GAAA,CAAI,CAAC,OAAA,EAAS,OAAO,KAAA;AACrB,EAAA,OAAA,CAAQ,GAAA,CAAI,UAAA,EAAY;AAAA,IACtB,OAAA;AAAA,IACA,QAAA;AAAA,IACA,KAAA,EAAO,SAAA,CAAU,QAAA,EAAU,OAAO;AAAA,EACpC,CAAC,CAAA;AACD,EAAA,OAAO,SAAA,CAAU,QAAA,EAAU,OAAO,CAAA;AACpC,CAAC,CAAA;AAGH,IAAM,UAAA,EAAY,CAChB,UAAA,EACA,OAAA,EAAA,GACsC,sCAAA,KAAA,CAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AACtC,EAAA,MAAM,uBAAA,EAAyB,gDAAA,UAA4B,CAAA;AAE3D,EAAA,MAAM,gBAAA,EAAkB,CAAC,CAAC,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,UAAU,CAAA;AAGxD,EAAA,GAAA,CACE,OAAA,CAAQ,OAAA,CAAQ,SAAA,IAAa,sBAAA,CAAuB,SAAA,GACpD,OAAA,CAAQ,OAAA,IAAW,KAAA,EACnB;AACA,IAAA,OAAA,CAAQ,GAAA,CAAI,oDAA+C,CAAA;AAC3D,IAAA,OAAO,KAAA,CAAA;AAAA,EACT;AAEA,EAAA,GAAA,CAAI,CAAC,YAAA,CAAa,OAAA,CAAQ,OAAA,CAAQ,QAAA,EAAU,sBAAA,CAAuB,OAAO,CAAA,EAAG;AAC3E,IAAA,OAAA,CAAQ,GAAA,CAAI,2DAAsD,CAAA;AAClE,IAAA,OAAO,KAAA,CAAA;AAAA,EACT;AAEA,EAAA,GAAA,CAAI,YAAA,CAAa,OAAA,CAAQ,OAAA,CAAQ,QAAA,EAAU,sBAAA,CAAuB,OAAO,CAAA,EAAG;AAC1E,IAAA,OAAA,CAAQ,GAAA,CAAI,uDAAkD,CAAA;AAC9D,IAAA,OAAO,KAAA,CAAA;AAAA,EACT;AAGA,EAAA,GAAA,CAAI,CAAC,eAAA,EAAiB;AACpB,IAAA,MAAM,SAAA,EAAW,IAAI,GAAA,CAAI,sBAAA,CAAuB,QAAA,EAAU,OAAA,CAAQ,GAAG,CAAA;AACrE,IAAA,OAAA,CAAQ,GAAA,CAAI,oDAAA,EAAiD,QAAQ,CAAA;AACrE,IAAA,OAAO,sBAAA,CAAa,QAAA,CAAS,QAAQ,CAAA;AAAA,EACvC;AAEA,EAAA,OAAA,CAAQ,GAAA,CAAI,0BAAqB,CAAA;AACjC,EAAA,OAAO,KAAA,CAAA;AACT,CAAA,CAAA;AAUO,IAAM,eAAA,EACX,CAAC,WAAA,EAAa,kCAAA,EAAA,GACd,CAAO,OAAA,EAAA,GAAgD,sCAAA,KAAA,CAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AACrD,EAAA,MAAM,SAAA,EAAW,MAAM,SAAA,CAAU,UAAA,EAAY,OAAO,CAAA;AACpD,EAAA,GAAA,CAAI,QAAA,EAAU,OAAO,QAAA;AAIrB,EAAA,OAAO,sBAAA,CAAa,IAAA,CAAK,CAAA;AAC3B,CAAA,CAAA;AAWK,SAAS,QAAA,CACd,UAAA,EACiD;AACjD,EAAA,OAAO,CAAO,OAAA,EAAA,GAAgD,sCAAA,IAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AAC5D,IAAA,MAAM,SAAA,EAAW,MAAM,SAAA,CAAU,CAAC,CAAA,EAAG,OAAO,CAAA;AAC5C,IAAA,GAAA,CAAI,QAAA,EAAU,OAAO,QAAA;AAErB,IAAA,OAAO,UAAA,CAAW,OAAO,CAAA;AAAA,EAC3B,CAAA,CAAA;AACF;AAeO,SAAS,IAAA,CAAK,WAAA,EAAyB,CAAC,CAAA,EAAG;AAChD,EAAA,OAAO,CACL,UAAA,EAAA,GACsD;AACtD,IAAA,OAAO,CAAO,OAAA,EAAA,GAAgD,sCAAA,IAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AAC5D,MAAA,MAAM,SAAA,EAAW,MAAM,SAAA,CAAU,UAAA,EAAY,OAAO,CAAA;AACpD,MAAA,GAAA,CAAI,QAAA,EAAU,OAAO,QAAA;AAErB,MAAA,OAAO,UAAA,CAAW,OAAO,CAAA;AAAA,IAC3B,CAAA,CAAA;AAAA,EACF,CAAA;AACF;AFtDA;AACA;AG5GA;AACA,wCAA+B;AAkB/B,4CAAwB;AAGxB,IAAM,OAAA,EAAS,wBAAA,CAAQ,MAAA,CAAO,QAAA,CAAS,IAAA;AAEvC,IAAM,UAAA,EAAN,MAAA,QAAwB,MAAM;AAAA,EAC5B,WAAA,CACE,OAAA,EACgB,OAAA,EAAiB,GAAA,EACjC;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAFG,IAAA,IAAA,CAAA,OAAA,EAAA,MAAA;AAGhB,IAAA,IAAA,CAAK,KAAA,EAAO,WAAA;AAAA,EACd;AACF,CAAA;AAOA,SAAe,eAAA,CAAgB,MAAA,EAA2C;AAAA,EAAA,OAAA,sCAAA,IAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AAvC1E,IAAA,IAAA,EAAA,EAAA,EAAA;AAwCE,IAAA,MAAM,cAAA,EAAgB,IAAI,yCAAA,CAAA,CAAoB,GAAA,EAAA,CAAA,GAAA,EAAA,MAAA,CAAO,OAAA,EAAA,GAAP,KAAA,EAAA,KAAA,EAAA,EAAA,EAAA,CAAgB,MAAA,EAAA,GAAhB,KAAA,EAAA,GAAA,EAA0B,CAAC,CAAC,CAAA;AAC1E,IAAA,MAAM,aAAA,EAAe,IAAI,qDAAA,CAAgC,aAAa,CAAA;AAEtE,IAAA,MAAM,UAAA,EAAY,MAAM,YAAA,CAAa,gBAAA,CAAiB,CAAA;AAEtD,IAAA,OAAOC,sBAAAA,CAAa,IAAA,CAAK,EAAE,MAAA,EAAQ,SAAA,EAAW,UAAU,CAAC,CAAA;AAAA,EAC3D,CAAA,CAAA;AAAA;AAEA,SAAe,iCAAA,CACb,OAAA,EACA,MAAA,EACA,IAAA,EACA,KAAA,EACA;AAAA,EAAA,OAAA,sCAAA,IAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AACA,IAAA,MAAM,gBAAA,EAAkB,gDAAA,MAAwB,CAAA;AAChD,IAAA,MAAM,cAAA,EAAgB,IAAI,yCAAA,CAAoB,eAAA,CAAgB,OAAA,CAAQ,MAAM,CAAA;AAE5E,IAAA,MAAM,YAAA,EAAc,iDAAA,eAAmB,EAAiB,OAAA,CAAQ,GAAG,CAAA;AACnE,IAAA,IAAI;AACF,MAAA,MAAM,qDAAA,IAAuB,EAAM,KAAA,EAAO,aAAA,EAAe,4CAAA,6CAAA,CAAA,CAAA,EACpD,eAAA,CAAA,EADoD;AAAA,QAEvD,WAAA,EAAa;AAAA,MACf,CAAA,CAAC,CAAA;AAAA,IACH,EAAA,MAAA,CAAS,KAAA,EAAO;AACd,MAAA,MAAA,CAAO,KAAA,CAAM,wBAAA,EAA0B,KAAK,CAAA;AAC5C,MAAA,MAAM,IAAI,SAAA,CAAU,6BAAA,EAA+B,GAAG,CAAA;AAAA,IACxD;AAEA,IAAA,MAAM,KAAA,EAAO,MAAM,sCAAA,aAAqB,CAAA;AACxC,IAAA,GAAA,CAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,IAAI,SAAA,CAAU,yBAAA,EAA2B,GAAG,CAAA;AAAA,IACpD;AAEA,IAAA,MAAM,cAAA,EAAgB,IAAI,yCAAA,CAAoB,CAAA;AAC9C,IAAA,MAAM,YAAA,EAAc,IAAI,wCAAA,CAAmB,aAAa,CAAA;AACxD,IAAA,WAAA,CAAY,GAAA,CAAI,IAAI,CAAA;AAAA,EACtB,CAAA,CAAA;AAAA;AACA,SAAe,cAAA,CACb,OAAA,EACA,MAAA,EACuB;AAAA,EAAA,OAAA,sCAAA,IAAA,EAAA,IAAA,EAAA,QAAA,EAAA,CAAA,EAAA;AACvB,IAAA,MAAM,gBAAA,EAAkB,gDAAA,MAAwB,CAAA;AAChD,IAAA,OAAA,CAAQ,GAAA,CAAI,gBAAA,EAAkB,EAAE,OAAA,EAAS,gBAAgB,CAAC,CAAA;AAC1D,IAAA,MAAM,KAAA,EAAO,OAAA,CAAQ,OAAA,CAAQ,YAAA,CAAa,GAAA,CAAI,MAAM,CAAA;AACpD,IAAA,MAAM,MAAA,EAAQ,OAAA,CAAQ,OAAA,CAAQ,YAAA,CAAa,GAAA,CAAI,OAAO,EAAA,GAAK,EAAA;AAC3D,IAAA,GAAA,CAAI,CAAC,KAAA,GAAQ,CAAC,KAAA,EAAO,MAAM,IAAI,SAAA,CAAU,gBAAA,EAAkB,GAAG,CAAA;AAM9D,IAAA,OAAA,CAAQ,GAAA,CAAI,gBAAA,EAAkB,EAAE,IAAA,EAAM,KAAA,EAAO,OAAA,EAAS,gCAAA,EAAU,CAAC,CAAA;AACjE,IAAA,GAAA,CAAI,CAAC,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAA,iCAA4B,CAAA,EAAG;AAClD,MAAA,OAAA,CAAQ,GAAA,CAAI,uCAAA,EAAyC;AAAA,QACnD,KAAA;AAAA,QACA,mBAAA,EAAqB,2DAAA,CAA6B,EAAA;AACnD,MAAA;AACkBA,MAAAA;AACyB,QAAA;AAC5C,MAAA;AAKkD,MAAA;AACxC,QAAA;AACN,UAAA;AACA,UAAA;AACsB,YAAA;AACe,YAAA;AACrC,UAAA;AACF,QAAA;AAGsC,QAAA;AACa,QAAA;AACpCA,QAAAA;AACb,UAAA;AAAA;AAAA;AAAA;AAAA;AAKqC,mCAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,QAAA;AAevC,QAAA;AACF,MAAA;AACqC,MAAA;AAC7B,MAAA;AACN,QAAA;AACF,MAAA;AACOC,MAAAA;AACT,IAAA;AAEM,IAAA;AACJ,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACF,IAAA;AAEyB,IAAA;AACf,MAAA;AACN,QAAA;AACgB,QAAA;AAClB,MAAA;AACyB,MAAA;AACf,QAAA;AACqB,QAAA;AAC9B,MAAA;AACH,IAAA;AAGyC,IAAA;AAC/B,MAAA;AACN,QAAA;AACgB,QAAA;AAClB,MAAA;AAC6B,MAAA;AACX,QAAA;AAClB,MAAA;AACgD,MAAA;AAClD,IAAA;AAIqBD,IAAAA;AACiB,MAAA;AACtC,IAAA;AACqC,IAAA;AAC9B,IAAA;AACT,EAAA;AAAA;AAUE;AAGkD,EAAA;AACzC,IAAA;AACT,EAAA;AAC8C,EAAA;AAChD;AAKyB;AAAA,EAAA;AA7MzB,IAAA;AA8MkD,IAAA;AACJ,IAAA;AAErB,IAAA;AAC8B,IAAA;AAC5B,IAAA;AACvB,MAAA;AACkC,MAAA;AACpC,IAAA;AAEuC,IAAA;AAEhB,IAAA;AAEnB,IAAA;AACkC,MAAA;AACtB,IAAA;AACF,MAAA;AACd,IAAA;AAEO,IAAA;AACT,EAAA;AAAA;AAgByD;AACV,EAAA;AAEvC,EAAA;AAC+B,IAAA;AACM,IAAA;AACgB,IAAA;AAElC,IAAA;AACd,MAAA;AACgC,QAAA;AAChC,MAAA;AACwC,QAAA;AACxC,MAAA;AACsC,QAAA;AAC3C,MAAA;AACqD,QAAA;AACvD,IAAA;AACc,EAAA;AAC2B,IAAA;AAES,IAAA;AAEjB,IAAA;AAEmB,IAAA;AAE7B,IAAA;AAChB,IAAA;AACT,EAAA;AACF;AHkByD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","file":"/Users/flippie/civic/repos/civic-auth/packages/civic-auth-client/dist/nextjs.js","sourcesContent":[null,"/**\n * Used on the server-side to get the user object from the cookie\n */\nimport { User } from \"@/types\";\nimport { GenericUserSession } from \"@/shared/UserSession\";\nimport { NextjsClientStorage } from \"@/nextjs/cookies\";\nimport { retrieveTokens } from \"@/shared/util\";\n\nexport const getUser = (): User | null => {\n const clientStorage = new NextjsClientStorage();\n const userSession = new GenericUserSession(clientStorage);\n const tokens = retrieveTokens(clientStorage);\n const user = userSession.get();\n if (!user || !tokens) return null;\n\n return {\n ...user!,\n idToken: tokens.id_token,\n accessToken: tokens.access_token,\n refreshToken: tokens.refresh_token ?? \"\",\n } as User;\n};\n","/**\n * Authenticates the user on all requests by checking the token cookie\n *\n * Usage:\n * Option 1: use if no other middleware (e.g. no next-intl etc)\n * export default authMiddleware();\n *\n * Option 2: use if other middleware is needed - default auth config\n * export default withAuth((request) => {\n * console.log('in custom middleware', request.nextUrl.pathname);\n * return NextResponse.next();\n * })\n *\n * Option 3: use if other middleware is needed - specifying auth config\n * const withCivicAuth = auth({ loginUrl: '/login', include: ['/[.*]/user'] })\n * export default withCivicAuth((request) => {\n * console.log('in custom middleware', request.url);\n * return NextResponse.next();\n * })\n *\n */\nimport { NextRequest, NextResponse } from \"next/server.js\";\nimport picomatch from \"picomatch\";\nimport {\n AuthConfig,\n defaultAuthConfig,\n resolveAuthConfig,\n} from \"@/nextjs/config.js\";\n\ntype Middleware = (\n request: NextRequest,\n) => Promise<NextResponse> | NextResponse;\n\n// Matches globs:\n// Examples:\n// /user\n// /user/*\n// /user/**/info\nconst matchGlob = (pathname: string, globPattern: string) => {\n const matches = picomatch(globPattern);\n return matches(pathname);\n};\n\n// Matches globs:\n// Examples:\n// /user\n// /user/*\n// /user/**/info\nconst matchesGlobs = (pathname: string, patterns: string[]) =>\n patterns.some((pattern) => {\n if (!pattern) return false;\n console.log(\"matching\", {\n pattern,\n pathname,\n match: matchGlob(pathname, pattern),\n });\n return matchGlob(pathname, pattern);\n });\n\n// internal - used by all exported functions\nconst applyAuth = async (\n authConfig: AuthConfig,\n request: NextRequest,\n): Promise<NextResponse | undefined> => {\n const authConfigWithDefaults = resolveAuthConfig(authConfig);\n // Check for any valid auth token\n const isAuthenticated = !!request.cookies.get(\"id_token\");\n\n // skip auth check for redirect to login url\n if (\n request.nextUrl.pathname === authConfigWithDefaults.loginUrl &&\n request.method === \"GET\"\n ) {\n console.log(\"→ Skipping auth check - this is the login URL\");\n return undefined;\n }\n\n if (!matchesGlobs(request.nextUrl.pathname, authConfigWithDefaults.include)) {\n console.log(\"→ Skipping auth check - path not in include patterns\");\n return undefined;\n }\n\n if (matchesGlobs(request.nextUrl.pathname, authConfigWithDefaults.exclude)) {\n console.log(\"→ Skipping auth check - path in exclude patterns\");\n return undefined;\n }\n\n // Check for either token type\n if (!isAuthenticated) {\n const loginUrl = new URL(authConfigWithDefaults.loginUrl, request.url);\n console.log(\"→ No valid token found - redirecting to login\", loginUrl);\n return NextResponse.redirect(loginUrl);\n }\n\n console.log(\"→ Auth check passed\");\n return undefined;\n};\n\n/**\n *\n * Use this when auth is the only middleware you need.\n * Usage:\n *\n * export default authMiddleware({ loginUrl = '/login' }); // or just authMiddleware();\n *\n */\nexport const authMiddleware =\n (authConfig = defaultAuthConfig) =>\n async (request: NextRequest): Promise<NextResponse> => {\n const response = await applyAuth(authConfig, request);\n if (response) return response;\n\n // NextJS doesn't do middleware chaining yet, so this does not mean\n // \"call the next middleware\" - it means \"continue to the route handler\"\n return NextResponse.next();\n };\n\n/**\n * Usage:\n *\n * export default withAuth(async (request) => {\n * console.log('my middleware');\n * return NextResponse.next();\n * })\n */\n// use this when you have your own middleware to chain\nexport function withAuth(\n middleware: Middleware,\n): (request: NextRequest) => Promise<NextResponse> {\n return async (request: NextRequest): Promise<NextResponse> => {\n const response = await applyAuth({}, request);\n if (response) return response;\n\n return middleware(request);\n };\n}\n\n/**\n * Use this when you want to configure the middleware here (an alternative is to do it in the next.config file)\n *\n * Usage:\n *\n * const withAuth = auth({ loginUrl = '/login' }); // or just auth();\n *\n * export default withAuth(async (request) => {\n * console.log('my middleware');\n * return NextResponse.next();\n * })\n *\n */\nexport function auth(authConfig: AuthConfig = {}) {\n return (\n middleware: Middleware,\n ): ((request: NextRequest) => Promise<NextResponse>) => {\n return async (request: NextRequest): Promise<NextResponse> => {\n const response = await applyAuth(authConfig, request);\n if (response) return response;\n\n return middleware(request);\n };\n };\n}\n","import { NextRequest, NextResponse } from \"next/server.js\";\nimport { revalidatePath } from \"next/cache.js\";\nimport { AuthConfig, resolveAuthConfig } from \"@/nextjs/config.js\";\nimport { loggers } from \"@/lib/logger.js\";\nimport {\n clearAuthCookies,\n NextjsClientStorage,\n NextjsCookieStorage,\n} from \"@/nextjs/cookies.js\";\nimport { GenericPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { resolveOAuthAccessCode } from \"@/server/login.js\";\nimport { getUser } from \"@/shared/session.js\";\nimport { resolveCallbackUrl } from \"@/nextjs/utils.js\";\nimport { GenericUserSession } from \"@/shared/UserSession.js\";\nimport {\n TOKEN_EXCHANGE_SUCCESS_TEXT,\n TOKEN_EXCHANGE_TRIGGER_TEXT,\n} from \"@/constants.js\";\nimport { serverTokenExchangeFromState } from \"@/lib/oauth.js\";\nimport { cookies } from \"next/headers.js\";\nimport { CodeVerifier } from \"@/shared/types\";\n\nconst logger = loggers.nextjs.handlers.auth;\n\nclass AuthError extends Error {\n constructor(\n message: string,\n public readonly status: number = 401,\n ) {\n super(message);\n this.name = \"AuthError\";\n }\n}\n\n/**\n * create a code verifier and challenge for PKCE\n * saving the verifier in a cookie for later use\n * @returns {Promise<NextResponse>}\n */\nasync function handleChallenge(config: AuthConfig): Promise<NextResponse> {\n const cookieStorage = new NextjsCookieStorage(config.cookies?.tokens ?? {});\n const pkceProducer = new GenericPublicClientPKCEProducer(cookieStorage);\n\n const challenge = await pkceProducer.getCodeChallenge();\n\n return NextResponse.json({ status: \"success\", challenge });\n}\n\nasync function performTokenExchangeAndSetCookies(\n request: NextRequest,\n config: AuthConfig,\n code: string,\n state: string,\n) {\n const resolvedConfigs = resolveAuthConfig(config);\n const cookieStorage = new NextjsCookieStorage(resolvedConfigs.cookies.tokens);\n\n const callbackUrl = resolveCallbackUrl(resolvedConfigs, request.url);\n try {\n await resolveOAuthAccessCode(code, state, cookieStorage, {\n ...resolvedConfigs,\n redirectUrl: callbackUrl,\n });\n } catch (error) {\n logger.error(\"Token exchange failed:\", error);\n throw new AuthError(\"Failed to authenticate user\", 401);\n }\n\n const user = await getUser(cookieStorage);\n if (!user) {\n throw new AuthError(\"Failed to get user info\", 401);\n }\n\n const clientStorage = new NextjsClientStorage();\n const userSession = new GenericUserSession(clientStorage);\n userSession.set(user);\n}\nasync function handleCallback(\n request: NextRequest,\n config: AuthConfig,\n): Promise<NextResponse> {\n const resolvedConfigs = resolveAuthConfig(config);\n console.log(\"handleCallback\", { request, resolvedConfigs });\n const code = request.nextUrl.searchParams.get(\"code\");\n const state = request.nextUrl.searchParams.get(\"state\") || \"\";\n if (!code || !state) throw new AuthError(\"Bad parameters\", 400);\n\n // If we have a code_verifier cookie, we can do a token exchange.\n // Otherwise, just render an empty page.\n // The initial redirect back from the auth server does not send cookies, because the redirect is from a 3rd-party domain.\n // The client will make an additional call to this route with cookies included, at which point we do the token exchange.\n console.log(\"handleCallback\", { code, state, cookies: cookies() });\n if (!request.cookies.get(CodeVerifier.COOKIE_NAME)) {\n console.log(\"handleCallback no code_verifier found\", {\n state,\n serverTokenExchange: serverTokenExchangeFromState(`${state}`),\n });\n let response = new NextResponse(\n `<html><body><span style=\"display:none\">${TOKEN_EXCHANGE_TRIGGER_TEXT}</span></body></html>`,\n );\n // in server-side token exchange mode we need to launch a page that will trigger the token exchange\n // from the same domain, allowing it access to the code_verifier cookie\n // we only need to do this in redirect mode, as the iframe already triggers a client-side token exchange\n // if no code-verifier cookie is found\n if (state && serverTokenExchangeFromState(state)) {\n console.log(\n \"handleCallback serverTokenExchangeFromState, launching redirect page...\",\n {\n requestUrl: request.url,\n configCallbackUrl: resolvedConfigs.callbackUrl,\n },\n );\n // we need to replace the URL with resolved config in case the server is hosted\n // behind a reverse proxy or load balancer\n const requestUrl = new URL(request.url);\n const fetchUrl = `${resolvedConfigs.callbackUrl}?${requestUrl.searchParams.toString()}&sameDomainServerTokenExchange=true`;\n response = new NextResponse(\n `<html>\n <body>\n <span style=\"display:none\">\n <script>\n window.onload = function () {\n fetch('${fetchUrl}').then((response) => {\n response.json().then((jsonResponse) => {\n console.log('fetch jsonResponse', jsonResponse);\n if (jsonResponse.redirectUrl) {\n console.log('handleCallback serverTokenExchangeFromState, redirecting');\n window.location.href = jsonResponse.redirectUrl;\n }\n });\n });\n };\n </script>\n </span>\n </body>\n </html>\n `,\n );\n }\n response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n console.log(\n `handleCallback no code_verifier found, returning ${TOKEN_EXCHANGE_TRIGGER_TEXT}`,\n );\n return response;\n }\n\n await performTokenExchangeAndSetCookies(\n request,\n resolvedConfigs,\n code,\n state,\n );\n\n if (request.url.includes(\"sameDomainServerTokenExchange=true\")) {\n console.log(\n \"handleCallback sameDomainServerTokenExchange = true, returnining redirectUrl\",\n resolvedConfigs.appUrl,\n );\n return NextResponse.json({\n status: \"success\",\n redirectUrl: resolvedConfigs.appUrl,\n });\n }\n\n // this is the case where a 'normal' redirect is happening\n if (serverTokenExchangeFromState(state)) {\n console.log(\n \"handleCallback serverTokenExchangeFromState, redirect to config.appUrl\",\n resolvedConfigs.appUrl,\n );\n if (!resolvedConfigs.appUrl) {\n throw new Error(\"appUrl not defined in config. Cannot redirect.\");\n }\n return NextResponse.redirect(`${resolvedConfigs.appUrl}`);\n }\n // return an empty HTML response so the iframe doesn't show any response\n // in the short moment between the redirect and the parent window\n // acknowledging the redirect and closing the iframe\n const response = new NextResponse(\n `<html><span style=\"display:none\">${TOKEN_EXCHANGE_SUCCESS_TEXT}</span></html>`,\n );\n response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n return response;\n}\n\n/**\n * If redirectPath is an absolute path, return it as-is.\n * Otherwise for relative paths, append it to the current domain.\n * @param redirectPath\n * @returns\n */\nconst getAbsoluteRedirectPath = (\n redirectPath: string,\n currentBasePath: string,\n) => {\n // Check if the redirectPath is an absolute URL\n if (/^(https?:\\/\\/|www\\.).+/i.test(redirectPath)) {\n return redirectPath; // Return as-is if it's an absolute URL\n }\n return new URL(redirectPath, currentBasePath).href;\n};\n\nexport async function handleLogout(\n request: NextRequest,\n config: AuthConfig,\n): Promise<NextResponse> {\n const resolvedConfigs = resolveAuthConfig(config);\n const defaultRedirectPath = resolvedConfigs.loginUrl ?? \"/\";\n const redirectTarget =\n new URL(request.url).searchParams.get(\"redirect\") || defaultRedirectPath;\n const isAbsoluteRedirect = /^(https?:\\/\\/|www\\.).+/i.test(redirectTarget);\n const finalRedirectUrl = getAbsoluteRedirectPath(\n redirectTarget,\n new URL(resolvedConfigs.appUrl ?? request.url).origin,\n );\n\n const response = NextResponse.redirect(finalRedirectUrl);\n\n clearAuthCookies(config);\n\n try {\n revalidatePath(isAbsoluteRedirect ? finalRedirectUrl : redirectTarget);\n } catch (error) {\n logger.warn(\"Failed to revalidate path after logout:\", error);\n }\n\n return response;\n}\n\n/**\n * Creates an authentication handler for Next.js API routes\n *\n * Usage:\n * ```ts\n * // app/api/auth/[...civicauth]/route.ts\n * import { handler } from '@civic/auth/nextjs'\n * export const GET = handler({\n * // optional config overrides\n * })\n * ```\n */\nexport const handler =\n (authConfig = {}) =>\n async (request: NextRequest): Promise<NextResponse> => {\n const config = resolveAuthConfig(authConfig);\n\n try {\n const pathname = request.nextUrl.pathname;\n const pathSegments = pathname.split(\"/\");\n const lastSegment = pathSegments[pathSegments.length - 1];\n\n switch (lastSegment) {\n case \"challenge\":\n return await handleChallenge(config);\n case \"callback\":\n return await handleCallback(request, config);\n case \"logout\":\n return await handleLogout(request, config);\n default:\n throw new AuthError(`Invalid auth route: ${pathname}`, 404);\n }\n } catch (error) {\n logger.error(\"Auth handler error:\", error);\n\n const status = error instanceof AuthError ? error.status : 500;\n const message =\n error instanceof Error ? error.message : \"Authentication failed\";\n\n const response = NextResponse.json({ error: message }, { status });\n\n clearAuthCookies(config);\n return response;\n }\n };\n"]}
|
package/dist/nextjs.mjs
CHANGED
|
@@ -5,16 +5,16 @@ import {
|
|
|
5
5
|
createTokenCookies,
|
|
6
6
|
createUserInfoCookie,
|
|
7
7
|
resolveCallbackUrl
|
|
8
|
-
} from "./chunk-
|
|
8
|
+
} from "./chunk-MK7557NR.mjs";
|
|
9
9
|
import {
|
|
10
10
|
createCivicAuthPlugin,
|
|
11
11
|
defaultAuthConfig,
|
|
12
12
|
loggers,
|
|
13
13
|
resolveAuthConfig
|
|
14
|
-
} from "./chunk-
|
|
14
|
+
} from "./chunk-O3WGNLRO.mjs";
|
|
15
15
|
import {
|
|
16
16
|
resolveOAuthAccessCode
|
|
17
|
-
} from "./chunk-
|
|
17
|
+
} from "./chunk-AP4627CS.mjs";
|
|
18
18
|
import {
|
|
19
19
|
GenericPublicClientPKCEProducer,
|
|
20
20
|
GenericUserSession,
|
|
@@ -23,7 +23,7 @@ import {
|
|
|
23
23
|
getUser,
|
|
24
24
|
retrieveTokens,
|
|
25
25
|
serverTokenExchangeFromState
|
|
26
|
-
} from "./chunk-
|
|
26
|
+
} from "./chunk-4PLCDPEN.mjs";
|
|
27
27
|
import {
|
|
28
28
|
__async,
|
|
29
29
|
__spreadProps,
|
package/dist/react.js
CHANGED
|
@@ -8,15 +8,15 @@
|
|
|
8
8
|
|
|
9
9
|
|
|
10
10
|
|
|
11
|
-
var
|
|
11
|
+
var _chunkFHRZSX3Cjs = require('./chunk-FHRZSX3C.js');
|
|
12
12
|
|
|
13
13
|
|
|
14
|
-
var
|
|
14
|
+
var _chunkJDZPCA3Pjs = require('./chunk-JDZPCA3P.js');
|
|
15
15
|
|
|
16
16
|
|
|
17
17
|
|
|
18
18
|
|
|
19
|
-
var
|
|
19
|
+
var _chunk7K3QN2ATjs = require('./chunk-7K3QN2AT.js');
|
|
20
20
|
|
|
21
21
|
|
|
22
22
|
|
|
@@ -35,17 +35,17 @@ var queryClient = new (0, _reactquery.QueryClient)();
|
|
|
35
35
|
var CivicAuthProvider = (_a) => {
|
|
36
36
|
var _b = _a, { children } = _b, props = _chunkCRTRMMJ7js.__objRest.call(void 0, _b, ["children"]);
|
|
37
37
|
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, _reactquery.QueryClientProvider, { client: queryClient, children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
38
|
-
|
|
38
|
+
_chunkFHRZSX3Cjs.AuthProvider,
|
|
39
39
|
_chunkCRTRMMJ7js.__spreadProps.call(void 0, _chunkCRTRMMJ7js.__spreadValues.call(void 0, {}, props), {
|
|
40
|
-
pkceConsumer: new (0,
|
|
41
|
-
children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
40
|
+
pkceConsumer: new (0, _chunk7K3QN2ATjs.BrowserPublicClientPKCEProducer)(),
|
|
41
|
+
children: /* @__PURE__ */ _jsxruntime.jsx.call(void 0, _chunkFHRZSX3Cjs.UserProvider, { storage: new (0, _chunk7K3QN2ATjs.LocalStorageAdapter)(), children })
|
|
42
42
|
})
|
|
43
43
|
) });
|
|
44
44
|
};
|
|
45
45
|
|
|
46
46
|
// src/react/hooks/useUser.tsx
|
|
47
47
|
var useUser = () => {
|
|
48
|
-
const context = _react.useContext.call(void 0,
|
|
48
|
+
const context = _react.useContext.call(void 0, _chunkFHRZSX3Cjs.UserContext);
|
|
49
49
|
if (!context) {
|
|
50
50
|
throw new Error("useUser must be used within a UserProvider");
|
|
51
51
|
}
|
|
@@ -127,7 +127,7 @@ var UserButton = ({
|
|
|
127
127
|
/* @__PURE__ */ _jsxruntime.jsxs.call(void 0,
|
|
128
128
|
"button",
|
|
129
129
|
{
|
|
130
|
-
className:
|
|
130
|
+
className: _chunk7K3QN2ATjs.cn.call(void 0,
|
|
131
131
|
"cac-flex cac-w-full cac-items-center cac-justify-between cac-gap-2 cac-rounded-full cac-border cac-border-neutral-500 cac-px-3 cac-py-2 cac-text-neutral-500 cac-transition-colors hover:cac-bg-neutral-200 hover:cac-bg-opacity-50",
|
|
132
132
|
className
|
|
133
133
|
),
|
|
@@ -166,7 +166,7 @@ var UserButton = ({
|
|
|
166
166
|
"button",
|
|
167
167
|
{
|
|
168
168
|
"data-testid": "sign-in-button",
|
|
169
|
-
className:
|
|
169
|
+
className: _chunk7K3QN2ATjs.cn.call(void 0,
|
|
170
170
|
"cac-rounded-full cac-border cac-border-neutral-500 cac-px-3 cac-py-2 cac-transition-colors hover:cac-bg-neutral-200 hover:cac-bg-opacity-50",
|
|
171
171
|
className
|
|
172
172
|
),
|
|
@@ -187,7 +187,7 @@ var SignInButton = ({
|
|
|
187
187
|
"button",
|
|
188
188
|
{
|
|
189
189
|
"data-testid": "sign-in-button",
|
|
190
|
-
className:
|
|
190
|
+
className: _chunk7K3QN2ATjs.cn.call(void 0,
|
|
191
191
|
"cac-rounded-full cac-border cac-border-neutral-500 cac-px-3 cac-py-2 cac-transition-colors hover:cac-bg-neutral-200 hover:cac-bg-opacity-50",
|
|
192
192
|
className
|
|
193
193
|
),
|
|
@@ -204,7 +204,7 @@ var SignOutButton = ({ className }) => {
|
|
|
204
204
|
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0,
|
|
205
205
|
"button",
|
|
206
206
|
{
|
|
207
|
-
className:
|
|
207
|
+
className: _chunk7K3QN2ATjs.cn.call(void 0,
|
|
208
208
|
"cac-rounded-full cac-border cac-border-neutral-500 cac-px-3 cac-py-2 cac-transition-colors hover:cac-bg-neutral-200 hover:cac-bg-opacity-50",
|
|
209
209
|
className
|
|
210
210
|
),
|
|
@@ -217,7 +217,7 @@ var SignOutButton = ({ className }) => {
|
|
|
217
217
|
// src/react/components/NextLogOut.tsx
|
|
218
218
|
|
|
219
219
|
var NextLogOut = ({ children }) => {
|
|
220
|
-
const config =
|
|
220
|
+
const config = _chunkJDZPCA3Pjs.resolveAuthConfig.call(void 0, );
|
|
221
221
|
const logoutUrl = `${config.logoutUrl}`;
|
|
222
222
|
return /* @__PURE__ */ _jsxruntime.jsx.call(void 0, "a", { href: logoutUrl, children });
|
|
223
223
|
};
|
|
@@ -234,5 +234,5 @@ var NextLogOut = ({ children }) => {
|
|
|
234
234
|
|
|
235
235
|
|
|
236
236
|
|
|
237
|
-
exports.CivicAuthIframeContainer =
|
|
237
|
+
exports.CivicAuthIframeContainer = _chunkFHRZSX3Cjs.CivicAuthIframeContainer; exports.CivicAuthProvider = CivicAuthProvider; exports.NextLogOut = NextLogOut; exports.SignInButton = SignInButton; exports.SignOutButton = SignOutButton; exports.UserButton = UserButton; exports.useAuth = _chunkFHRZSX3Cjs.useAuth; exports.useConfig = _chunkFHRZSX3Cjs.useConfig; exports.useIframe = _chunkFHRZSX3Cjs.useIframe; exports.useSession = _chunkFHRZSX3Cjs.useSession; exports.useToken = _chunkFHRZSX3Cjs.useToken; exports.useUser = useUser;
|
|
238
238
|
//# sourceMappingURL=react.js.map
|