@civic/auth 0.1.6-beta.1 → 0.1.6-beta.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +1 -0
- package/dist/cjs/lib/cookies.d.ts +12 -1
- package/dist/cjs/lib/cookies.d.ts.map +1 -1
- package/dist/cjs/lib/cookies.js +28 -1
- package/dist/cjs/lib/cookies.js.map +1 -1
- package/dist/cjs/nextjs/NextClientAuthenticationRefresher.d.ts +9 -0
- package/dist/cjs/nextjs/NextClientAuthenticationRefresher.d.ts.map +1 -0
- package/dist/cjs/nextjs/NextClientAuthenticationRefresher.js +27 -0
- package/dist/cjs/nextjs/NextClientAuthenticationRefresher.js.map +1 -0
- package/dist/cjs/nextjs/config.d.ts +1 -0
- package/dist/cjs/nextjs/config.d.ts.map +1 -1
- package/dist/cjs/nextjs/config.js +4 -3
- package/dist/cjs/nextjs/config.js.map +1 -1
- package/dist/cjs/nextjs/hooks/useRefresh.d.ts +4 -0
- package/dist/cjs/nextjs/hooks/useRefresh.d.ts.map +1 -0
- package/dist/cjs/nextjs/hooks/useRefresh.js +45 -0
- package/dist/cjs/nextjs/hooks/useRefresh.js.map +1 -0
- package/dist/cjs/nextjs/hooks/useUserCookie.js +1 -1
- package/dist/cjs/nextjs/hooks/useUserCookie.js.map +1 -1
- package/dist/cjs/nextjs/providers/NextAuthProvider.d.ts.map +1 -1
- package/dist/cjs/nextjs/providers/NextAuthProvider.js +5 -3
- package/dist/cjs/nextjs/providers/NextAuthProvider.js.map +1 -1
- package/dist/cjs/nextjs/routeHandler.d.ts +2 -2
- package/dist/cjs/nextjs/routeHandler.d.ts.map +1 -1
- package/dist/cjs/nextjs/routeHandler.js +35 -25
- package/dist/cjs/nextjs/routeHandler.js.map +1 -1
- package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts.map +1 -1
- package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.js +7 -24
- package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.js.map +1 -1
- package/dist/cjs/server/config.d.ts +1 -0
- package/dist/cjs/server/config.d.ts.map +1 -1
- package/dist/cjs/server/config.js.map +1 -1
- package/dist/cjs/server/refresh.d.ts.map +1 -1
- package/dist/cjs/server/refresh.js +2 -2
- package/dist/cjs/server/refresh.js.map +1 -1
- package/dist/cjs/shared/hooks/useRefresh.d.ts.map +1 -1
- package/dist/cjs/shared/hooks/useRefresh.js +3 -3
- package/dist/cjs/shared/hooks/useRefresh.js.map +1 -1
- package/dist/cjs/shared/lib/AuthenticationRefresherImpl.d.ts +13 -0
- package/dist/cjs/shared/lib/AuthenticationRefresherImpl.d.ts.map +1 -0
- package/dist/cjs/shared/lib/AuthenticationRefresherImpl.js +44 -0
- package/dist/cjs/shared/lib/AuthenticationRefresherImpl.js.map +1 -0
- package/dist/cjs/shared/lib/GenericAuthenticationRefresher.d.ts +7 -11
- package/dist/cjs/shared/lib/GenericAuthenticationRefresher.d.ts.map +1 -1
- package/dist/cjs/shared/lib/GenericAuthenticationRefresher.js +15 -31
- package/dist/cjs/shared/lib/GenericAuthenticationRefresher.js.map +1 -1
- package/dist/cjs/shared/lib/storage.d.ts +8 -0
- package/dist/cjs/shared/lib/storage.d.ts.map +1 -1
- package/dist/cjs/shared/lib/storage.js.map +1 -1
- package/dist/cjs/shared/lib/types.d.ts +1 -0
- package/dist/cjs/shared/lib/types.d.ts.map +1 -1
- package/dist/cjs/shared/lib/types.js.map +1 -1
- package/dist/cjs/shared/providers/CivicAuthConfigContext.d.ts +2 -1
- package/dist/cjs/shared/providers/CivicAuthConfigContext.d.ts.map +1 -1
- package/dist/cjs/shared/providers/CivicAuthConfigContext.js +3 -1
- package/dist/cjs/shared/providers/CivicAuthConfigContext.js.map +1 -1
- package/dist/cjs/shared/version.d.ts +1 -1
- package/dist/cjs/shared/version.js +1 -1
- package/dist/cjs/shared/version.js.map +1 -1
- package/dist/esm/lib/cookies.d.ts +12 -1
- package/dist/esm/lib/cookies.d.ts.map +1 -1
- package/dist/esm/lib/cookies.js +27 -1
- package/dist/esm/lib/cookies.js.map +1 -1
- package/dist/esm/nextjs/NextClientAuthenticationRefresher.d.ts +9 -0
- package/dist/esm/nextjs/NextClientAuthenticationRefresher.d.ts.map +1 -0
- package/dist/esm/nextjs/NextClientAuthenticationRefresher.js +23 -0
- package/dist/esm/nextjs/NextClientAuthenticationRefresher.js.map +1 -0
- package/dist/esm/nextjs/config.d.ts +1 -0
- package/dist/esm/nextjs/config.d.ts.map +1 -1
- package/dist/esm/nextjs/config.js +4 -3
- package/dist/esm/nextjs/config.js.map +1 -1
- package/dist/esm/nextjs/hooks/useRefresh.d.ts +4 -0
- package/dist/esm/nextjs/hooks/useRefresh.d.ts.map +1 -0
- package/dist/esm/nextjs/hooks/useRefresh.js +42 -0
- package/dist/esm/nextjs/hooks/useRefresh.js.map +1 -0
- package/dist/esm/nextjs/hooks/useUserCookie.js +1 -1
- package/dist/esm/nextjs/hooks/useUserCookie.js.map +1 -1
- package/dist/esm/nextjs/providers/NextAuthProvider.d.ts.map +1 -1
- package/dist/esm/nextjs/providers/NextAuthProvider.js +5 -3
- package/dist/esm/nextjs/providers/NextAuthProvider.js.map +1 -1
- package/dist/esm/nextjs/routeHandler.d.ts +2 -2
- package/dist/esm/nextjs/routeHandler.d.ts.map +1 -1
- package/dist/esm/nextjs/routeHandler.js +35 -25
- package/dist/esm/nextjs/routeHandler.js.map +1 -1
- package/dist/esm/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts.map +1 -1
- package/dist/esm/reactjs/providers/ClientTokenExchangeSessionProvider.js +5 -22
- package/dist/esm/reactjs/providers/ClientTokenExchangeSessionProvider.js.map +1 -1
- package/dist/esm/server/config.d.ts +1 -0
- package/dist/esm/server/config.d.ts.map +1 -1
- package/dist/esm/server/config.js.map +1 -1
- package/dist/esm/server/refresh.d.ts.map +1 -1
- package/dist/esm/server/refresh.js +2 -2
- package/dist/esm/server/refresh.js.map +1 -1
- package/dist/esm/shared/hooks/useRefresh.d.ts.map +1 -1
- package/dist/esm/shared/hooks/useRefresh.js +3 -3
- package/dist/esm/shared/hooks/useRefresh.js.map +1 -1
- package/dist/esm/shared/lib/AuthenticationRefresherImpl.d.ts +13 -0
- package/dist/esm/shared/lib/AuthenticationRefresherImpl.d.ts.map +1 -0
- package/dist/esm/shared/lib/AuthenticationRefresherImpl.js +40 -0
- package/dist/esm/shared/lib/AuthenticationRefresherImpl.js.map +1 -0
- package/dist/esm/shared/lib/GenericAuthenticationRefresher.d.ts +7 -11
- package/dist/esm/shared/lib/GenericAuthenticationRefresher.d.ts.map +1 -1
- package/dist/esm/shared/lib/GenericAuthenticationRefresher.js +15 -31
- package/dist/esm/shared/lib/GenericAuthenticationRefresher.js.map +1 -1
- package/dist/esm/shared/lib/storage.d.ts +8 -0
- package/dist/esm/shared/lib/storage.d.ts.map +1 -1
- package/dist/esm/shared/lib/storage.js.map +1 -1
- package/dist/esm/shared/lib/types.d.ts +1 -0
- package/dist/esm/shared/lib/types.d.ts.map +1 -1
- package/dist/esm/shared/lib/types.js.map +1 -1
- package/dist/esm/shared/providers/CivicAuthConfigContext.d.ts +2 -1
- package/dist/esm/shared/providers/CivicAuthConfigContext.d.ts.map +1 -1
- package/dist/esm/shared/providers/CivicAuthConfigContext.js +3 -1
- package/dist/esm/shared/providers/CivicAuthConfigContext.js.map +1 -1
- package/dist/esm/shared/version.d.ts +1 -1
- package/dist/esm/shared/version.js +1 -1
- package/dist/esm/shared/version.js.map +1 -1
- package/dist/tsconfig.cjs.tsbuildinfo +1 -1
- package/dist/tsconfig.esm.tsbuildinfo +1 -1
- package/package.json +6 -5
package/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# 0.1.6 Fix printVersion usage
|
|
2
2
|
- Only print the SDK version once
|
|
3
3
|
- fix useUserCookie re-rendering too often
|
|
4
|
+
- add auto-refresh to nextjs and standalone providers
|
|
4
5
|
|
|
5
6
|
# 0.1.5 Logout updates and faster user cookie retrieval
|
|
6
7
|
- Implement client & auth-server logout functionality to invalidate tokens on logout
|
|
@@ -1,7 +1,18 @@
|
|
|
1
|
+
import { CookieStorage } from "../shared/lib/storage.js";
|
|
2
|
+
import type { OAuthTokens, TokensCookieConfig } from "../shared/lib/types.js";
|
|
1
3
|
declare const getWindowCookieValue: (requests: {
|
|
2
4
|
key: string;
|
|
3
5
|
window: Window;
|
|
4
6
|
parseJson?: boolean;
|
|
5
7
|
}[]) => Record<string, string | Record<string, unknown>> | null;
|
|
6
|
-
|
|
8
|
+
declare class BrowserCookieStorage extends CookieStorage {
|
|
9
|
+
readonly config: Partial<TokensCookieConfig>;
|
|
10
|
+
constructor(config?: Partial<TokensCookieConfig>);
|
|
11
|
+
get(key: string): Promise<string | null>;
|
|
12
|
+
/**
|
|
13
|
+
* there is no client-side implementation for setting cookies
|
|
14
|
+
*/
|
|
15
|
+
set(_key: OAuthTokens, _value: string): Promise<void>;
|
|
16
|
+
}
|
|
17
|
+
export { BrowserCookieStorage, getWindowCookieValue };
|
|
7
18
|
//# sourceMappingURL=cookies.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cookies.d.ts","sourceRoot":"","sources":["../../../src/lib/cookies.ts"],"names":[],"mappings":"AAAA,QAAA,MAAM,oBAAoB,aACd;IACR,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB,EAAE,4DAqBJ,CAAC;
|
|
1
|
+
{"version":3,"file":"cookies.d.ts","sourceRoot":"","sources":["../../../src/lib/cookies.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,OAAO,KAAK,EAAE,WAAW,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAE7E,QAAA,MAAM,oBAAoB,aACd;IACR,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB,EAAE,4DAqBJ,CAAC;AAEF,cAAM,oBAAqB,SAAQ,aAAa;IAClC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,kBAAkB,CAAC;gBAAnC,MAAM,GAAE,OAAO,CAAC,kBAAkB,CAAM;IAOvD,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAS9C;;OAEG;IAEG,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAG5D;AAED,OAAO,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,CAAC"}
|
package/dist/cjs/lib/cookies.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.getWindowCookieValue = void 0;
|
|
3
|
+
exports.getWindowCookieValue = exports.BrowserCookieStorage = void 0;
|
|
4
|
+
const storage_js_1 = require("../shared/lib/storage.js");
|
|
4
5
|
const getWindowCookieValue = (requests) => {
|
|
5
6
|
const cookie = window.document.cookie;
|
|
6
7
|
if (!cookie)
|
|
@@ -25,4 +26,30 @@ const getWindowCookieValue = (requests) => {
|
|
|
25
26
|
return response;
|
|
26
27
|
};
|
|
27
28
|
exports.getWindowCookieValue = getWindowCookieValue;
|
|
29
|
+
class BrowserCookieStorage extends storage_js_1.CookieStorage {
|
|
30
|
+
config;
|
|
31
|
+
constructor(config = {}) {
|
|
32
|
+
super({
|
|
33
|
+
secure: true,
|
|
34
|
+
httpOnly: false,
|
|
35
|
+
});
|
|
36
|
+
this.config = config;
|
|
37
|
+
}
|
|
38
|
+
async get(key) {
|
|
39
|
+
const value = `; ${document.cookie}`;
|
|
40
|
+
const parts = value.split(`; ${key}=`);
|
|
41
|
+
if (parts && parts.length === 2) {
|
|
42
|
+
return parts.pop()?.split(";").shift() ?? null;
|
|
43
|
+
}
|
|
44
|
+
return null;
|
|
45
|
+
}
|
|
46
|
+
/**
|
|
47
|
+
* there is no client-side implementation for setting cookies
|
|
48
|
+
*/
|
|
49
|
+
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
|
50
|
+
async set(_key, _value) {
|
|
51
|
+
throw new Error("Not implemented.");
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
exports.BrowserCookieStorage = BrowserCookieStorage;
|
|
28
55
|
//# sourceMappingURL=cookies.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cookies.js","sourceRoot":"","sources":["../../../src/lib/cookies.ts"],"names":[],"mappings":";;;AAAA,MAAM,oBAAoB,GAAG,CAC3B,QAIG,EACH,EAAE;IACF,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;IACtC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAClC,MAAM,QAAQ,GAAqD,EAAE,CAAC;IACtE,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC1C,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,IAAI,CAAC,CAAC;QACrD,IAAI,KAAK,IAAI,OAAO,EAAE,CAAC;YACrB,IAAI,CAAC;gBACH,MAAM,uBAAuB,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;gBAC1D,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,SAAS;oBACvC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,uBAAuB,CAAC;oBACrC,CAAC,CAAC,uBAAuB,CAAC;YAC9B,CAAC;YAAC,MAAM,CAAC;gBACP,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YAChC,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"cookies.js","sourceRoot":"","sources":["../../../src/lib/cookies.ts"],"names":[],"mappings":";;;AAAA,wDAAwD;AAGxD,MAAM,oBAAoB,GAAG,CAC3B,QAIG,EACH,EAAE;IACF,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;IACtC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAClC,MAAM,QAAQ,GAAqD,EAAE,CAAC;IACtE,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC1C,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,IAAI,CAAC,CAAC;QACrD,IAAI,KAAK,IAAI,OAAO,EAAE,CAAC;YACrB,IAAI,CAAC;gBACH,MAAM,uBAAuB,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;gBAC1D,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,SAAS;oBACvC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,uBAAuB,CAAC;oBACrC,CAAC,CAAC,uBAAuB,CAAC;YAC9B,CAAC;YAAC,MAAM,CAAC;gBACP,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YAChC,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AA4B6B,oDAAoB;AA1BnD,MAAM,oBAAqB,SAAQ,0BAAa;IACzB;IAArB,YAAqB,SAAsC,EAAE;QAC3D,KAAK,CAAC;YACJ,MAAM,EAAE,IAAI;YACZ,QAAQ,EAAE,KAAK;SAChB,CAAC,CAAC;QAJgB,WAAM,GAAN,MAAM,CAAkC;IAK7D,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW;QACnB,MAAM,KAAK,GAAG,KAAK,QAAQ,CAAC,MAAM,EAAE,CAAC;QACrC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC;QACvC,IAAI,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAChC,OAAO,KAAK,CAAC,GAAG,EAAE,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,IAAI,IAAI,CAAC;QACjD,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,6DAA6D;IAC7D,KAAK,CAAC,GAAG,CAAC,IAAiB,EAAE,MAAc;QACzC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACtC,CAAC;CACF;AAEQ,oDAAoB","sourcesContent":["import { CookieStorage } from \"@/shared/lib/storage.js\";\nimport type { OAuthTokens, TokensCookieConfig } from \"@/shared/lib/types.js\";\n\nconst getWindowCookieValue = (\n requests: {\n key: string;\n window: Window;\n parseJson?: boolean;\n }[],\n) => {\n const cookie = window.document.cookie;\n if (!cookie) return null;\n const cookies = cookie.split(\";\");\n const response: Record<string, string | Record<string, unknown>> = {};\n for (const c of cookies) {\n const [name, value] = c.trim().split(\"=\");\n const request = requests.find((r) => r.key === name);\n if (value && request) {\n try {\n const decodeURIComponentValue = decodeURIComponent(value);\n response[request.key] = request.parseJson\n ? JSON.parse(decodeURIComponentValue)\n : decodeURIComponentValue;\n } catch {\n response[request.key] = value;\n }\n }\n }\n return response;\n};\n\nclass BrowserCookieStorage extends CookieStorage {\n constructor(readonly config: Partial<TokensCookieConfig> = {}) {\n super({\n secure: true,\n httpOnly: false,\n });\n }\n\n async get(key: string): Promise<string | null> {\n const value = `; ${document.cookie}`;\n const parts = value.split(`; ${key}=`);\n if (parts && parts.length === 2) {\n return parts.pop()?.split(\";\").shift() ?? null;\n }\n return null;\n }\n\n /**\n * there is no client-side implementation for setting cookies\n */\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n async set(_key: OAuthTokens, _value: string): Promise<void> {\n throw new Error(\"Not implemented.\");\n }\n}\n\nexport { BrowserCookieStorage, getWindowCookieValue };\n"]}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import type { AuthConfig } from "../server/config.js";
|
|
2
|
+
import type { AuthStorage, OIDCTokenResponseBody } from "../types.js";
|
|
3
|
+
import { GenericAuthenticationRefresher } from "../shared/lib/GenericAuthenticationRefresher.js";
|
|
4
|
+
export declare class NextClientAuthenticationRefresher extends GenericAuthenticationRefresher {
|
|
5
|
+
private constructor();
|
|
6
|
+
static build(authConfig: AuthConfig, storage: AuthStorage): Promise<NextClientAuthenticationRefresher>;
|
|
7
|
+
refreshAccessToken(): Promise<OIDCTokenResponseBody>;
|
|
8
|
+
}
|
|
9
|
+
//# sourceMappingURL=NextClientAuthenticationRefresher.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"NextClientAuthenticationRefresher.d.ts","sourceRoot":"","sources":["../../../src/nextjs/NextClientAuthenticationRefresher.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AACrE,OAAO,EAAE,8BAA8B,EAAE,MAAM,gDAAgD,CAAC;AAEhG,qBAAa,iCAAkC,SAAQ,8BAA8B;IACnF,OAAO;WAMM,KAAK,CAChB,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,iCAAiC,CAAC;IAQ9B,kBAAkB,IAAI,OAAO,CAAC,qBAAqB,CAAC;CAapE"}
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.NextClientAuthenticationRefresher = void 0;
|
|
4
|
+
const GenericAuthenticationRefresher_js_1 = require("../shared/lib/GenericAuthenticationRefresher.js");
|
|
5
|
+
class NextClientAuthenticationRefresher extends GenericAuthenticationRefresher_js_1.GenericAuthenticationRefresher {
|
|
6
|
+
constructor(authConfig, storage) {
|
|
7
|
+
super();
|
|
8
|
+
this.authConfig = authConfig;
|
|
9
|
+
this.storage = storage;
|
|
10
|
+
}
|
|
11
|
+
static async build(authConfig, storage) {
|
|
12
|
+
const refresher = new NextClientAuthenticationRefresher(authConfig, storage);
|
|
13
|
+
return refresher;
|
|
14
|
+
}
|
|
15
|
+
async refreshAccessToken() {
|
|
16
|
+
if (!this.authConfig)
|
|
17
|
+
throw new Error("No auth config available");
|
|
18
|
+
if (!this.authConfig.refreshUrl)
|
|
19
|
+
throw new Error("No refresh URL available");
|
|
20
|
+
const refreshToken = await this.getRefreshToken();
|
|
21
|
+
const res = await fetch(`${this.authConfig?.refreshUrl}/?refresh_token=${refreshToken}`);
|
|
22
|
+
const json = await res.json();
|
|
23
|
+
return json.tokens;
|
|
24
|
+
}
|
|
25
|
+
}
|
|
26
|
+
exports.NextClientAuthenticationRefresher = NextClientAuthenticationRefresher;
|
|
27
|
+
//# sourceMappingURL=NextClientAuthenticationRefresher.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"NextClientAuthenticationRefresher.js","sourceRoot":"","sources":["../../../src/nextjs/NextClientAuthenticationRefresher.ts"],"names":[],"mappings":";;;AAEA,sGAAgG;AAEhG,MAAa,iCAAkC,SAAQ,kEAA8B;IACnF,YAAoB,UAAsB,EAAE,OAAoB;QAC9D,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,KAAK,CAChB,UAAsB,EACtB,OAAoB;QAEpB,MAAM,SAAS,GAAG,IAAI,iCAAiC,CACrD,UAAU,EACV,OAAO,CACR,CAAC;QACF,OAAO,SAAS,CAAC;IACnB,CAAC;IAEQ,KAAK,CAAC,kBAAkB;QAC/B,IAAI,CAAC,IAAI,CAAC,UAAU;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QAClE,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU;YAC7B,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QAE9C,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAElD,MAAM,GAAG,GAAG,MAAM,KAAK,CACrB,GAAG,IAAI,CAAC,UAAU,EAAE,UAAU,mBAAmB,YAAY,EAAE,CAChE,CAAC;QACF,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC,MAA+B,CAAC;IAC9C,CAAC;CACF;AA/BD,8EA+BC","sourcesContent":["import type { AuthConfig } from \"@/server/config.js\";\nimport type { AuthStorage, OIDCTokenResponseBody } from \"@/types.js\";\nimport { GenericAuthenticationRefresher } from \"@/shared/lib/GenericAuthenticationRefresher.js\";\n\nexport class NextClientAuthenticationRefresher extends GenericAuthenticationRefresher {\n private constructor(authConfig: AuthConfig, storage: AuthStorage) {\n super();\n this.authConfig = authConfig;\n this.storage = storage;\n }\n\n static async build(\n authConfig: AuthConfig,\n storage: AuthStorage,\n ): Promise<NextClientAuthenticationRefresher> {\n const refresher = new NextClientAuthenticationRefresher(\n authConfig,\n storage,\n );\n return refresher;\n }\n\n override async refreshAccessToken(): Promise<OIDCTokenResponseBody> {\n if (!this.authConfig) throw new Error(\"No auth config available\");\n if (!this.authConfig.refreshUrl)\n throw new Error(\"No refresh URL available\");\n\n const refreshToken = await this.getRefreshToken();\n\n const res = await fetch(\n `${this.authConfig?.refreshUrl}/?refresh_token=${refreshToken}`,\n );\n const json = await res.json();\n return json.tokens as OIDCTokenResponseBody;\n }\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../src/nextjs/config.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAGvC,OAAO,EAEL,KAAK,YAAY,EAEjB,KAAK,kBAAkB,EACxB,MAAM,uBAAuB,CAAC;AAK/B,MAAM,MAAM,mBAAmB,GAAG;IAChC,MAAM,EAAE,kBAAkB,CAAC;IAC3B,IAAI,EAAE,YAAY,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,sBAAsB,GAAG;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,mBAAmB,CAAC;CAC9B,CAAC;AAEF,MAAM,MAAM,UAAU,GAAG,OAAO,CAAC,sBAAsB,CAAC,CAAC;AAEzD,MAAM,MAAM,iBAAiB,GAAG,sBAAsB,CAAC;AAGvD;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,IAAI,CAAC,sBAAsB,EAAE,UAAU,
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../src/nextjs/config.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAGvC,OAAO,EAEL,KAAK,YAAY,EAEjB,KAAK,kBAAkB,EACxB,MAAM,uBAAuB,CAAC;AAK/B,MAAM,MAAM,mBAAmB,GAAG;IAChC,MAAM,EAAE,kBAAkB,CAAC;IAC3B,IAAI,EAAE,YAAY,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,sBAAsB,GAAG;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,mBAAmB,CAAC;CAC9B,CAAC;AAEF,MAAM,MAAM,UAAU,GAAG,OAAO,CAAC,sBAAsB,CAAC,CAAC;AAEzD,MAAM,MAAM,iBAAiB,GAAG,sBAAsB,CAAC;AAGvD;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,IAAI,CAAC,sBAAsB,EAAE,UAAU,CA+DtE,CAAC;AAEF;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,iBAAiB,YACpB,UAAU,KACjB,sBA2CF,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,eAAO,MAAM,qBAAqB,eACpB,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,UAAU,CAAC,mBAE1C,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;qBAyBmxa,CAAC;6BAAsG,CAAC;;;sBAAke,CAAC;yBAA4H,CAAC;;;qBAA+H,CAAC;;;;;;;;;;;;;;;;;;iBAA8pE,CAAC;;;;;;;6BAAg6C,CAAC;sBAAoC,CAAC;;aAAoC,CAAC;;6BAA0D,CAAC;oBAA8B,CAAC;0BAAkE,CAAC;;qBAA2C,CAAC;mBAAiC,CAAC;;wBAA+C,CAAC;eAAmD,CAAC;iBAA4C,CAAC;2BAAyC,CAAC;;;;;;;;;yBAA4zC,CAAC;6BAAwC,CAAC;;;eAAkD,CAAC;mBAAuB,CAAC;;;;CAD5lnB,CAAC"}
|
|
@@ -14,6 +14,7 @@ exports.defaultAuthConfig = {
|
|
|
14
14
|
oauthServer: constants_js_1.DEFAULT_AUTH_SERVER,
|
|
15
15
|
callbackUrl: "/api/auth/callback",
|
|
16
16
|
challengeUrl: "/api/auth/challenge",
|
|
17
|
+
refreshUrl: "/api/auth/refresh",
|
|
17
18
|
logoutUrl: "/api/auth/logout",
|
|
18
19
|
logoutCallbackUrl: "/api/auth/logoutcallback",
|
|
19
20
|
loginUrl: "/",
|
|
@@ -41,13 +42,13 @@ exports.defaultAuthConfig = {
|
|
|
41
42
|
},
|
|
42
43
|
[types_js_1.OAuthTokens.EXPIRES_IN]: {
|
|
43
44
|
secure: defaultServerSecure,
|
|
44
|
-
httpOnly:
|
|
45
|
+
httpOnly: false, // we need this to be available client-side
|
|
45
46
|
sameSite: "strict",
|
|
46
47
|
path: "/",
|
|
47
48
|
},
|
|
48
49
|
[types_js_1.OAuthTokens.TIMESTAMP]: {
|
|
49
50
|
secure: defaultServerSecure,
|
|
50
|
-
httpOnly:
|
|
51
|
+
httpOnly: false, // we need this to be available client-side
|
|
51
52
|
sameSite: "strict",
|
|
52
53
|
path: "/",
|
|
53
54
|
},
|
|
@@ -66,7 +67,7 @@ exports.defaultAuthConfig = {
|
|
|
66
67
|
},
|
|
67
68
|
user: {
|
|
68
69
|
secure: defaultServerSecure,
|
|
69
|
-
httpOnly: false,
|
|
70
|
+
httpOnly: false, // we need this to be available client-side
|
|
70
71
|
sameSite: "strict",
|
|
71
72
|
path: "/",
|
|
72
73
|
maxAge: 60 * 60, // 1 hour
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../src/nextjs/config.ts"],"names":[],"mappings":";;;AAEA,+CAA0C;AAC1C,yCAA8C;AAC9C,oDAK+B;AAC/B,iDAAqD;AAErD,MAAM,MAAM,GAAG,mBAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;AAwB5C,MAAM,mBAAmB,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa,CAAC,CAAC;AACtE;;GAEG;AACU,QAAA,iBAAiB,GAA6C;IACzE,WAAW,EAAE,kCAAmB;IAChC,WAAW,EAAE,oBAAoB;IACjC,YAAY,EAAE,qBAAqB;IACnC,SAAS,EAAE,kBAAkB;IAC7B,iBAAiB,EAAE,0BAA0B;IAC7C,QAAQ,EAAE,GAAG;IACb,OAAO,EAAE,CAAC,IAAI,CAAC;IACf,OAAO,EAAE,EAAE;IACX,OAAO,EAAE;QACP,MAAM,EAAE;YACN,CAAC,sBAAW,CAAC,QAAQ,CAAC,EAAE;gBACtB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,sBAAW,CAAC,YAAY,CAAC,EAAE;gBAC1B,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,sBAAW,CAAC,aAAa,CAAC,EAAE;gBAC3B,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,sBAAW,CAAC,UAAU,CAAC,EAAE;gBACxB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,sBAAW,CAAC,SAAS,CAAC,EAAE;gBACvB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,uBAAY,CAAC,WAAW,CAAC,EAAE;gBAC1B,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,uBAAY,CAAC,OAAO,CAAC,EAAE;gBACtB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;SACF;QACD,IAAI,EAAE;YACJ,MAAM,EAAE,mBAAmB;YAC3B,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,QAAQ;YAClB,IAAI,EAAE,GAAG;YACT,MAAM,EAAE,EAAE,GAAG,EAAE,EAAE,SAAS;SAC3B;KACF;CACF,CAAC;AAEF;;;;;;;;;;;;;;;;GAgBG;AACI,MAAM,iBAAiB,GAAG,CAC/B,SAAqB,EAAE,EACC,EAAE;IAC1B,0EAA0E;IAC1E,MAAM,aAAa,GAAG,IAAA,2BAAgB,EAAC;QACrC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;QAC3C,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,mBAAmB;QAC5C,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,wBAAwB;QACjD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB;QACnD,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;QAC3C,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,sBAAsB;QAC7C,iBAAiB,EAAE,OAAO,CAAC,GAAG,CAAC,+BAA+B;QAC9D,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG,CAAC;QACrD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG,CAAC;QACrD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB;YAC5C,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC;YACnD,CAAC,CAAC,SAAS;KACd,CAAe,CAAC;IACjB,MAAM,YAAY,GAAG;QACnB,GAAG,yBAAiB;QACpB,GAAG,aAAa,EAAE,0BAA0B;QAC5C,GAAG,MAAM,EAAE,uCAAuC;QAClD,OAAO,EAAE;YACP,MAAM,EAAE;gBACN,GAAG,yBAAiB,CAAC,OAAO,CAAC,MAAM;gBACnC,GAAG,CAAC,aAAa,EAAE,OAAO,EAAE,MAAM,IAAI,EAAE,CAAC;gBACzC,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,IAAI,EAAE,CAAC;aAClC;YACD,IAAI,EAAE;gBACJ,GAAG,yBAAiB,CAAC,OAAO,CAAC,IAAI;gBACjC,GAAG,CAAC,aAAa,EAAE,OAAO,EAAE,IAAI,IAAI,EAAE,CAAC;gBACvC,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,IAAI,EAAE,CAAC;aAChC;SACF;KACF,CAAC;IAEF,MAAM,CAAC,KAAK,CACV,0BAA0B,EAC1B,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,CACvC,CAAC;IACF,MAAM,CAAC,KAAK,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACxE,IAAI,YAAY,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;IACD,OAAO,YAA6D,CAAC;AACvE,CAAC,CAAC;AA7CW,QAAA,iBAAiB,qBA6C5B;AAEF;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACI,MAAM,qBAAqB,GAAG,CACnC,UAA+D,EAC/D,EAAE;IACF,OAAO,CAAC,UAAuB,EAAE,EAAE;QACjC,MAAM,CAAC,KAAK,CACV,kCAAkC,EAClC,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CACpC,CAAC;QACF,MAAM,cAAc,GAAG,IAAA,yBAAiB,EAAC,EAAE,GAAG,UAAU,EAAE,CAAC,CAAC;QAC5D,OAAO;YACL,GAAG,UAAU;YACb,GAAG,EAAE;gBACH,GAAG,UAAU,EAAE,GAAG;gBAClB,6DAA6D;gBAC7D,qBAAqB,EAAE,cAAc,CAAC,QAAQ;gBAC9C,mBAAmB,EAAE,cAAc,CAAC,WAAW;gBAC/C,wBAAwB,EAAE,cAAc,CAAC,WAAW;gBACpD,yBAAyB,EAAE,cAAc,CAAC,YAAY;gBACtD,qBAAqB,EAAE,cAAc,CAAC,QAAQ;gBAC9C,sBAAsB,EAAE,cAAc,CAAC,SAAS;gBAChD,+BAA+B,EAAE,cAAc,CAAC,iBAAiB;gBACjE,oBAAoB,EAAE,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;gBACtD,oBAAoB,EAAE,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;gBACtD,yBAAyB,EAAE,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,OAAO,CAAC;aAClE;SACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC,CAAC;AA3BW,QAAA,qBAAqB,yBA2BhC","sourcesContent":["/* eslint-disable turbo/no-undeclared-env-vars */\nimport type { NextConfig } from \"next\";\nimport { loggers } from \"@/lib/logger.js\";\nimport { withoutUndefined } from \"@/utils.js\";\nimport {\n CodeVerifier,\n type CookieConfig,\n OAuthTokens,\n type TokensCookieConfig,\n} from \"@/shared/lib/types.js\";\nimport { DEFAULT_AUTH_SERVER } from \"@/constants.js\";\n\nconst logger = loggers.nextjs.handlers.auth;\n\nexport type CookiesConfigObject = {\n tokens: TokensCookieConfig;\n user: CookieConfig;\n};\n\nexport type AuthConfigWithDefaults = {\n clientId: string;\n oauthServer: string;\n callbackUrl: string;\n loginUrl: string;\n logoutUrl: string;\n logoutCallbackUrl: string;\n challengeUrl: string;\n include: string[];\n exclude: string[];\n cookies: CookiesConfigObject;\n};\n\nexport type AuthConfig = Partial<AuthConfigWithDefaults>;\n\nexport type DefinedAuthConfig = AuthConfigWithDefaults;\n\nconst defaultServerSecure = !(process.env.NODE_ENV === \"development\");\n/**\n * Default configuration values that will be used if not overridden\n */\nexport const defaultAuthConfig: Omit<AuthConfigWithDefaults, \"clientId\"> = {\n oauthServer: DEFAULT_AUTH_SERVER,\n callbackUrl: \"/api/auth/callback\",\n challengeUrl: \"/api/auth/challenge\",\n logoutUrl: \"/api/auth/logout\",\n logoutCallbackUrl: \"/api/auth/logoutcallback\",\n loginUrl: \"/\",\n include: [\"/*\"],\n exclude: [],\n cookies: {\n tokens: {\n [OAuthTokens.ID_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [OAuthTokens.ACCESS_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [OAuthTokens.REFRESH_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [OAuthTokens.EXPIRES_IN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [OAuthTokens.TIMESTAMP]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [CodeVerifier.COOKIE_NAME]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [CodeVerifier.APP_URL]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n },\n user: {\n secure: defaultServerSecure,\n httpOnly: false,\n sameSite: \"strict\",\n path: \"/\",\n maxAge: 60 * 60, // 1 hour\n },\n },\n};\n\n/**\n * Resolves the authentication configuration by combining:\n * 1. Default values\n * 2. Environment variables (set internally by the plugin)\n * 3. Explicitly passed configuration\n *\n * Note: Developers should not set _civic_auth_* environment variables directly.\n * Instead, pass configuration to the createCivicAuthPlugin in next.config.js:\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n * callbackUrl: '/custom/callback',\n * })\n * ```\n */\nexport const resolveAuthConfig = (\n config: AuthConfig = {},\n): AuthConfigWithDefaults => {\n // Read configuration that was set by the plugin via environment variables\n const configFromEnv = withoutUndefined({\n clientId: process.env._civic_auth_client_id,\n oauthServer: process.env._civic_oauth_server,\n callbackUrl: process.env._civic_auth_callback_url,\n challengeUrl: process.env._civic_auth_challenge_url,\n loginUrl: process.env._civic_auth_login_url,\n logoutUrl: process.env._civic_auth_logout_url,\n logoutCallbackUrl: process.env._civic_auth_logout_callback_url,\n include: process.env._civic_auth_includes?.split(\",\"),\n exclude: process.env._civic_auth_excludes?.split(\",\"),\n cookies: process.env._civic_auth_cookie_config\n ? JSON.parse(process.env._civic_auth_cookie_config)\n : undefined,\n }) as AuthConfig;\n const mergedConfig = {\n ...defaultAuthConfig,\n ...configFromEnv, // Apply plugin-set config\n ...config, // Override with directly passed config\n cookies: {\n tokens: {\n ...defaultAuthConfig.cookies.tokens,\n ...(configFromEnv?.cookies?.tokens || {}),\n ...(config.cookies?.tokens || {}),\n },\n user: {\n ...defaultAuthConfig.cookies.user,\n ...(configFromEnv?.cookies?.user || {}),\n ...(config.cookies?.user || {}),\n },\n },\n };\n\n logger.debug(\n \"Config from environment:\",\n JSON.stringify(configFromEnv, null, 2),\n );\n logger.debug(\"Resolved config:\", JSON.stringify(mergedConfig, null, 2));\n if (mergedConfig.clientId === undefined) {\n throw new Error(\"Civic Auth client ID is required\");\n }\n return mergedConfig as AuthConfigWithDefaults & { clientId: string };\n};\n\n/**\n * Creates a Next.js plugin that handles auth configuration.\n *\n * This is the main configuration point for the auth system.\n * Do not set _civic_auth_* environment variables directly - instead,\n * pass your configuration here:\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n * clientId: 'my-client-id',\n * callbackUrl: '/custom/callback',\n * loginUrl: '/custom/login',\n * logoutUrl: '/custom/logout',\n * logoutCallbackUrl: '/custom/logoutcallback',\n * include: ['/protected/*'],\n * exclude: ['/public/*']\n * })\n * ```\n *\n * The plugin sets internal environment variables that are used by\n * the auth system. These variables should not be set manually.\n */\nexport const createCivicAuthPlugin = (\n authConfig: AuthConfig & Pick<Required<AuthConfig>, \"clientId\">,\n) => {\n return (nextConfig?: NextConfig) => {\n logger.debug(\n \"createCivicAuthPlugin nextConfig\",\n JSON.stringify(nextConfig, null, 2),\n );\n const resolvedConfig = resolveAuthConfig({ ...authConfig });\n return {\n ...nextConfig,\n env: {\n ...nextConfig?.env,\n // Internal environment variables - do not set these manually\n _civic_auth_client_id: resolvedConfig.clientId,\n _civic_oauth_server: resolvedConfig.oauthServer,\n _civic_auth_callback_url: resolvedConfig.callbackUrl,\n _civic_auth_challenge_url: resolvedConfig.challengeUrl,\n _civic_auth_login_url: resolvedConfig.loginUrl,\n _civic_auth_logout_url: resolvedConfig.logoutUrl,\n _civic_auth_logout_callback_url: resolvedConfig.logoutCallbackUrl,\n _civic_auth_includes: resolvedConfig.include.join(\",\"),\n _civic_auth_excludes: resolvedConfig.exclude.join(\",\"),\n _civic_auth_cookie_config: JSON.stringify(resolvedConfig.cookies),\n },\n };\n };\n};\n"]}
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../src/nextjs/config.ts"],"names":[],"mappings":";;;AAEA,+CAA0C;AAC1C,yCAA8C;AAC9C,oDAK+B;AAC/B,iDAAqD;AAErD,MAAM,MAAM,GAAG,mBAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;AAyB5C,MAAM,mBAAmB,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa,CAAC,CAAC;AACtE;;GAEG;AACU,QAAA,iBAAiB,GAA6C;IACzE,WAAW,EAAE,kCAAmB;IAChC,WAAW,EAAE,oBAAoB;IACjC,YAAY,EAAE,qBAAqB;IACnC,UAAU,EAAE,mBAAmB;IAC/B,SAAS,EAAE,kBAAkB;IAC7B,iBAAiB,EAAE,0BAA0B;IAC7C,QAAQ,EAAE,GAAG;IACb,OAAO,EAAE,CAAC,IAAI,CAAC;IACf,OAAO,EAAE,EAAE;IACX,OAAO,EAAE;QACP,MAAM,EAAE;YACN,CAAC,sBAAW,CAAC,QAAQ,CAAC,EAAE;gBACtB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,sBAAW,CAAC,YAAY,CAAC,EAAE;gBAC1B,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,sBAAW,CAAC,aAAa,CAAC,EAAE;gBAC3B,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,sBAAW,CAAC,UAAU,CAAC,EAAE;gBACxB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,KAAK,EAAE,2CAA2C;gBAC5D,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,sBAAW,CAAC,SAAS,CAAC,EAAE;gBACvB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,KAAK,EAAE,2CAA2C;gBAC5D,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,uBAAY,CAAC,WAAW,CAAC,EAAE;gBAC1B,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;YACD,CAAC,uBAAY,CAAC,OAAO,CAAC,EAAE;gBACtB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;aACV;SACF;QACD,IAAI,EAAE;YACJ,MAAM,EAAE,mBAAmB;YAC3B,QAAQ,EAAE,KAAK,EAAE,2CAA2C;YAC5D,QAAQ,EAAE,QAAQ;YAClB,IAAI,EAAE,GAAG;YACT,MAAM,EAAE,EAAE,GAAG,EAAE,EAAE,SAAS;SAC3B;KACF;CACF,CAAC;AAEF;;;;;;;;;;;;;;;;GAgBG;AACI,MAAM,iBAAiB,GAAG,CAC/B,SAAqB,EAAE,EACC,EAAE;IAC1B,0EAA0E;IAC1E,MAAM,aAAa,GAAG,IAAA,2BAAgB,EAAC;QACrC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;QAC3C,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,mBAAmB;QAC5C,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,wBAAwB;QACjD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB;QACnD,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;QAC3C,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,sBAAsB;QAC7C,iBAAiB,EAAE,OAAO,CAAC,GAAG,CAAC,+BAA+B;QAC9D,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG,CAAC;QACrD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG,CAAC;QACrD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB;YAC5C,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC;YACnD,CAAC,CAAC,SAAS;KACd,CAAe,CAAC;IACjB,MAAM,YAAY,GAAG;QACnB,GAAG,yBAAiB;QACpB,GAAG,aAAa,EAAE,0BAA0B;QAC5C,GAAG,MAAM,EAAE,uCAAuC;QAClD,OAAO,EAAE;YACP,MAAM,EAAE;gBACN,GAAG,yBAAiB,CAAC,OAAO,CAAC,MAAM;gBACnC,GAAG,CAAC,aAAa,EAAE,OAAO,EAAE,MAAM,IAAI,EAAE,CAAC;gBACzC,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,IAAI,EAAE,CAAC;aAClC;YACD,IAAI,EAAE;gBACJ,GAAG,yBAAiB,CAAC,OAAO,CAAC,IAAI;gBACjC,GAAG,CAAC,aAAa,EAAE,OAAO,EAAE,IAAI,IAAI,EAAE,CAAC;gBACvC,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,IAAI,EAAE,CAAC;aAChC;SACF;KACF,CAAC;IAEF,MAAM,CAAC,KAAK,CACV,0BAA0B,EAC1B,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,CACvC,CAAC;IACF,MAAM,CAAC,KAAK,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACxE,IAAI,YAAY,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;IACD,OAAO,YAA6D,CAAC;AACvE,CAAC,CAAC;AA7CW,QAAA,iBAAiB,qBA6C5B;AAEF;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACI,MAAM,qBAAqB,GAAG,CACnC,UAA+D,EAC/D,EAAE;IACF,OAAO,CAAC,UAAuB,EAAE,EAAE;QACjC,MAAM,CAAC,KAAK,CACV,kCAAkC,EAClC,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CACpC,CAAC;QACF,MAAM,cAAc,GAAG,IAAA,yBAAiB,EAAC,EAAE,GAAG,UAAU,EAAE,CAAC,CAAC;QAC5D,OAAO;YACL,GAAG,UAAU;YACb,GAAG,EAAE;gBACH,GAAG,UAAU,EAAE,GAAG;gBAClB,6DAA6D;gBAC7D,qBAAqB,EAAE,cAAc,CAAC,QAAQ;gBAC9C,mBAAmB,EAAE,cAAc,CAAC,WAAW;gBAC/C,wBAAwB,EAAE,cAAc,CAAC,WAAW;gBACpD,yBAAyB,EAAE,cAAc,CAAC,YAAY;gBACtD,qBAAqB,EAAE,cAAc,CAAC,QAAQ;gBAC9C,sBAAsB,EAAE,cAAc,CAAC,SAAS;gBAChD,+BAA+B,EAAE,cAAc,CAAC,iBAAiB;gBACjE,oBAAoB,EAAE,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;gBACtD,oBAAoB,EAAE,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;gBACtD,yBAAyB,EAAE,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,OAAO,CAAC;aAClE;SACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC,CAAC;AA3BW,QAAA,qBAAqB,yBA2BhC","sourcesContent":["/* eslint-disable turbo/no-undeclared-env-vars */\nimport type { NextConfig } from \"next\";\nimport { loggers } from \"@/lib/logger.js\";\nimport { withoutUndefined } from \"@/utils.js\";\nimport {\n CodeVerifier,\n type CookieConfig,\n OAuthTokens,\n type TokensCookieConfig,\n} from \"@/shared/lib/types.js\";\nimport { DEFAULT_AUTH_SERVER } from \"@/constants.js\";\n\nconst logger = loggers.nextjs.handlers.auth;\n\nexport type CookiesConfigObject = {\n tokens: TokensCookieConfig;\n user: CookieConfig;\n};\n\nexport type AuthConfigWithDefaults = {\n clientId: string;\n oauthServer: string;\n callbackUrl: string;\n loginUrl: string;\n logoutUrl: string;\n logoutCallbackUrl: string;\n challengeUrl: string;\n refreshUrl: string;\n include: string[];\n exclude: string[];\n cookies: CookiesConfigObject;\n};\n\nexport type AuthConfig = Partial<AuthConfigWithDefaults>;\n\nexport type DefinedAuthConfig = AuthConfigWithDefaults;\n\nconst defaultServerSecure = !(process.env.NODE_ENV === \"development\");\n/**\n * Default configuration values that will be used if not overridden\n */\nexport const defaultAuthConfig: Omit<AuthConfigWithDefaults, \"clientId\"> = {\n oauthServer: DEFAULT_AUTH_SERVER,\n callbackUrl: \"/api/auth/callback\",\n challengeUrl: \"/api/auth/challenge\",\n refreshUrl: \"/api/auth/refresh\",\n logoutUrl: \"/api/auth/logout\",\n logoutCallbackUrl: \"/api/auth/logoutcallback\",\n loginUrl: \"/\",\n include: [\"/*\"],\n exclude: [],\n cookies: {\n tokens: {\n [OAuthTokens.ID_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [OAuthTokens.ACCESS_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [OAuthTokens.REFRESH_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [OAuthTokens.EXPIRES_IN]: {\n secure: defaultServerSecure,\n httpOnly: false, // we need this to be available client-side\n sameSite: \"strict\",\n path: \"/\",\n },\n [OAuthTokens.TIMESTAMP]: {\n secure: defaultServerSecure,\n httpOnly: false, // we need this to be available client-side\n sameSite: \"strict\",\n path: \"/\",\n },\n [CodeVerifier.COOKIE_NAME]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n [CodeVerifier.APP_URL]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n },\n },\n user: {\n secure: defaultServerSecure,\n httpOnly: false, // we need this to be available client-side\n sameSite: \"strict\",\n path: \"/\",\n maxAge: 60 * 60, // 1 hour\n },\n },\n};\n\n/**\n * Resolves the authentication configuration by combining:\n * 1. Default values\n * 2. Environment variables (set internally by the plugin)\n * 3. Explicitly passed configuration\n *\n * Note: Developers should not set _civic_auth_* environment variables directly.\n * Instead, pass configuration to the createCivicAuthPlugin in next.config.js:\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n * callbackUrl: '/custom/callback',\n * })\n * ```\n */\nexport const resolveAuthConfig = (\n config: AuthConfig = {},\n): AuthConfigWithDefaults => {\n // Read configuration that was set by the plugin via environment variables\n const configFromEnv = withoutUndefined({\n clientId: process.env._civic_auth_client_id,\n oauthServer: process.env._civic_oauth_server,\n callbackUrl: process.env._civic_auth_callback_url,\n challengeUrl: process.env._civic_auth_challenge_url,\n loginUrl: process.env._civic_auth_login_url,\n logoutUrl: process.env._civic_auth_logout_url,\n logoutCallbackUrl: process.env._civic_auth_logout_callback_url,\n include: process.env._civic_auth_includes?.split(\",\"),\n exclude: process.env._civic_auth_excludes?.split(\",\"),\n cookies: process.env._civic_auth_cookie_config\n ? JSON.parse(process.env._civic_auth_cookie_config)\n : undefined,\n }) as AuthConfig;\n const mergedConfig = {\n ...defaultAuthConfig,\n ...configFromEnv, // Apply plugin-set config\n ...config, // Override with directly passed config\n cookies: {\n tokens: {\n ...defaultAuthConfig.cookies.tokens,\n ...(configFromEnv?.cookies?.tokens || {}),\n ...(config.cookies?.tokens || {}),\n },\n user: {\n ...defaultAuthConfig.cookies.user,\n ...(configFromEnv?.cookies?.user || {}),\n ...(config.cookies?.user || {}),\n },\n },\n };\n\n logger.debug(\n \"Config from environment:\",\n JSON.stringify(configFromEnv, null, 2),\n );\n logger.debug(\"Resolved config:\", JSON.stringify(mergedConfig, null, 2));\n if (mergedConfig.clientId === undefined) {\n throw new Error(\"Civic Auth client ID is required\");\n }\n return mergedConfig as AuthConfigWithDefaults & { clientId: string };\n};\n\n/**\n * Creates a Next.js plugin that handles auth configuration.\n *\n * This is the main configuration point for the auth system.\n * Do not set _civic_auth_* environment variables directly - instead,\n * pass your configuration here:\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n * clientId: 'my-client-id',\n * callbackUrl: '/custom/callback',\n * loginUrl: '/custom/login',\n * logoutUrl: '/custom/logout',\n * logoutCallbackUrl: '/custom/logoutcallback',\n * include: ['/protected/*'],\n * exclude: ['/public/*']\n * })\n * ```\n *\n * The plugin sets internal environment variables that are used by\n * the auth system. These variables should not be set manually.\n */\nexport const createCivicAuthPlugin = (\n authConfig: AuthConfig & Pick<Required<AuthConfig>, \"clientId\">,\n) => {\n return (nextConfig?: NextConfig) => {\n logger.debug(\n \"createCivicAuthPlugin nextConfig\",\n JSON.stringify(nextConfig, null, 2),\n );\n const resolvedConfig = resolveAuthConfig({ ...authConfig });\n return {\n ...nextConfig,\n env: {\n ...nextConfig?.env,\n // Internal environment variables - do not set these manually\n _civic_auth_client_id: resolvedConfig.clientId,\n _civic_oauth_server: resolvedConfig.oauthServer,\n _civic_auth_callback_url: resolvedConfig.callbackUrl,\n _civic_auth_challenge_url: resolvedConfig.challengeUrl,\n _civic_auth_login_url: resolvedConfig.loginUrl,\n _civic_auth_logout_url: resolvedConfig.logoutUrl,\n _civic_auth_logout_callback_url: resolvedConfig.logoutCallbackUrl,\n _civic_auth_includes: resolvedConfig.include.join(\",\"),\n _civic_auth_excludes: resolvedConfig.exclude.join(\",\"),\n _civic_auth_cookie_config: JSON.stringify(resolvedConfig.cookies),\n },\n };\n };\n};\n"]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"useRefresh.d.ts","sourceRoot":"","sources":["../../../../src/nextjs/hooks/useRefresh.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAM9C,QAAA,MAAM,UAAU,YAAa,WAAW,GAAG,IAAI,SA2C9C,CAAC;AAEF,OAAO,EAAE,UAAU,EAAE,CAAC"}
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.useRefresh = void 0;
|
|
4
|
+
const useCivicAuthConfig_js_1 = require("../../shared/hooks/useCivicAuthConfig.js");
|
|
5
|
+
const react_1 = require("react");
|
|
6
|
+
const NextClientAuthenticationRefresher_js_1 = require("../../nextjs/NextClientAuthenticationRefresher.js");
|
|
7
|
+
const config_js_1 = require("../../nextjs/config.js");
|
|
8
|
+
const cookies_js_1 = require("../../lib/cookies.js");
|
|
9
|
+
const useRefresh = (session) => {
|
|
10
|
+
const authConfig = (0, useCivicAuthConfig_js_1.useCivicAuthConfig)();
|
|
11
|
+
const storage = (0, react_1.useMemo)(() => {
|
|
12
|
+
const config = (0, config_js_1.resolveAuthConfig)(authConfig ?? {});
|
|
13
|
+
return new cookies_js_1.BrowserCookieStorage(config?.cookies?.tokens ?? {});
|
|
14
|
+
}, [authConfig]);
|
|
15
|
+
// setup token autorefresh
|
|
16
|
+
const [refresher, setRefresher] = (0, react_1.useState)(undefined);
|
|
17
|
+
(0, react_1.useEffect)(() => {
|
|
18
|
+
if (!authConfig)
|
|
19
|
+
return;
|
|
20
|
+
const abortController = new AbortController();
|
|
21
|
+
const currentRefresher = refresher;
|
|
22
|
+
NextClientAuthenticationRefresher_js_1.NextClientAuthenticationRefresher.build({ ...authConfig }, storage).then((newRefresher) => {
|
|
23
|
+
if (abortController.signal.aborted)
|
|
24
|
+
return;
|
|
25
|
+
currentRefresher?.clearAutorefresh();
|
|
26
|
+
setRefresher(newRefresher);
|
|
27
|
+
});
|
|
28
|
+
return () => {
|
|
29
|
+
abortController.abort();
|
|
30
|
+
currentRefresher?.clearAutorefresh();
|
|
31
|
+
};
|
|
32
|
+
// eslint-disable-next-line react-hooks/exhaustive-deps
|
|
33
|
+
}, [authConfig, storage]); // Only depend on what actually changes
|
|
34
|
+
(0, react_1.useEffect)(() => {
|
|
35
|
+
if (session?.authenticated) {
|
|
36
|
+
refresher?.setupAutorefresh();
|
|
37
|
+
}
|
|
38
|
+
else {
|
|
39
|
+
refresher?.clearAutorefresh();
|
|
40
|
+
}
|
|
41
|
+
return () => refresher?.clearAutorefresh();
|
|
42
|
+
}, [refresher, session?.authenticated]);
|
|
43
|
+
};
|
|
44
|
+
exports.useRefresh = useRefresh;
|
|
45
|
+
//# sourceMappingURL=useRefresh.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"useRefresh.js","sourceRoot":"","sources":["../../../../src/nextjs/hooks/useRefresh.ts"],"names":[],"mappings":";;;AAAA,gFAA0E;AAE1E,iCAAqD;AACrD,wGAAkG;AAClG,kDAAuD;AACvD,iDAAwD;AAExD,MAAM,UAAU,GAAG,CAAC,OAA2B,EAAE,EAAE;IACjD,MAAM,UAAU,GAAG,IAAA,0CAAkB,GAAE,CAAC;IAExC,MAAM,OAAO,GAAG,IAAA,eAAO,EAAC,GAAG,EAAE;QAC3B,MAAM,MAAM,GAAG,IAAA,6BAAiB,EAAC,UAAU,IAAI,EAAE,CAAC,CAAC;QACnD,OAAO,IAAI,iCAAoB,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,IAAI,EAAE,CAAC,CAAC;IACjE,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC;IAEjB,0BAA0B;IAC1B,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,IAAA,gBAAQ,EAExC,SAAS,CAAC,CAAC;IAEb,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,CAAC,UAAU;YAAE,OAAO;QACxB,MAAM,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC;QAC9C,MAAM,gBAAgB,GAAG,SAAS,CAAC;QAEnC,wEAAiC,CAAC,KAAK,CAAC,EAAE,GAAG,UAAU,EAAE,EAAE,OAAO,CAAC,CAAC,IAAI,CACtE,CAAC,YAAY,EAAE,EAAE;YACf,IAAI,eAAe,CAAC,MAAM,CAAC,OAAO;gBAAE,OAAO;YAE3C,gBAAgB,EAAE,gBAAgB,EAAE,CAAC;YACrC,YAAY,CAAC,YAAY,CAAC,CAAC;QAC7B,CAAC,CACF,CAAC;QAEF,OAAO,GAAG,EAAE;YACV,eAAe,CAAC,KAAK,EAAE,CAAC;YACxB,gBAAgB,EAAE,gBAAgB,EAAE,CAAC;QACvC,CAAC,CAAC;QACF,uDAAuD;IACzD,CAAC,EAAE,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,uCAAuC;IAElE,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,OAAO,EAAE,aAAa,EAAE,CAAC;YAC3B,SAAS,EAAE,gBAAgB,EAAE,CAAC;QAChC,CAAC;aAAM,CAAC;YACN,SAAS,EAAE,gBAAgB,EAAE,CAAC;QAChC,CAAC;QAED,OAAO,GAAG,EAAE,CAAC,SAAS,EAAE,gBAAgB,EAAE,CAAC;IAC7C,CAAC,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC;AAC1C,CAAC,CAAC;AAEO,gCAAU","sourcesContent":["import { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport type { SessionData } from \"@/types.js\";\nimport { useEffect, useMemo, useState } from \"react\";\nimport { NextClientAuthenticationRefresher } from \"@/nextjs/NextClientAuthenticationRefresher.js\";\nimport { resolveAuthConfig } from \"@/nextjs/config.js\";\nimport { BrowserCookieStorage } from \"@/lib/cookies.js\";\n\nconst useRefresh = (session: SessionData | null) => {\n const authConfig = useCivicAuthConfig();\n\n const storage = useMemo(() => {\n const config = resolveAuthConfig(authConfig ?? {});\n return new BrowserCookieStorage(config?.cookies?.tokens ?? {});\n }, [authConfig]);\n\n // setup token autorefresh\n const [refresher, setRefresher] = useState<\n NextClientAuthenticationRefresher | undefined\n >(undefined);\n\n useEffect(() => {\n if (!authConfig) return;\n const abortController = new AbortController();\n const currentRefresher = refresher;\n\n NextClientAuthenticationRefresher.build({ ...authConfig }, storage).then(\n (newRefresher) => {\n if (abortController.signal.aborted) return;\n\n currentRefresher?.clearAutorefresh();\n setRefresher(newRefresher);\n },\n );\n\n return () => {\n abortController.abort();\n currentRefresher?.clearAutorefresh();\n };\n // eslint-disable-next-line react-hooks/exhaustive-deps\n }, [authConfig, storage]); // Only depend on what actually changes\n\n useEffect(() => {\n if (session?.authenticated) {\n refresher?.setupAutorefresh();\n } else {\n refresher?.clearAutorefresh();\n }\n\n return () => refresher?.clearAutorefresh();\n }, [refresher, session?.authenticated]);\n};\n\nexport { useRefresh };\n"]}
|
|
@@ -6,7 +6,7 @@ const react_1 = require("react");
|
|
|
6
6
|
const navigation_js_1 = require("next/navigation.js");
|
|
7
7
|
const cookies_js_1 = require("../../lib/cookies.js");
|
|
8
8
|
const types_js_1 = require("../../shared/lib/types.js");
|
|
9
|
-
const usePrevious_js_1 = require("
|
|
9
|
+
const usePrevious_js_1 = require("../../nextjs/hooks/usePrevious.js");
|
|
10
10
|
const react_2 = require("react");
|
|
11
11
|
const obj_js_1 = require("../../lib/obj.js");
|
|
12
12
|
const getUserAndTokenFromCookie = () => (0, cookies_js_1.getWindowCookieValue)([
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"useUserCookie.js","sourceRoot":"","sources":["../../../../src/nextjs/hooks/useUserCookie.ts"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;AACb,iCAAiE;AACjE,sDAA+C;AAC/C,iDAAwD;AAExD,oDAAiE;AACjE,
|
|
1
|
+
{"version":3,"file":"useUserCookie.js","sourceRoot":"","sources":["../../../../src/nextjs/hooks/useUserCookie.ts"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;AACb,iCAAiE;AACjE,sDAA+C;AAC/C,iDAAwD;AAExD,oDAAiE;AACjE,kEAA4D;AAC5D,iCAAsC;AACtC,yCAA+C;AAM/C,MAAM,yBAAyB,GAAG,GAA2B,EAAE,CAC7D,IAAA,iCAAoB,EAAC;IACnB;QACE,GAAG,EAAE,sBAAW,CAAC,IAAI;QACrB,MAAM,EAAE,UAAU,CAAC,MAAM;QACzB,SAAS,EAAE,IAAI;KAChB;IACD;QACE,GAAG,EAAE,sBAAW,CAAC,QAAQ;QACzB,MAAM,EAAE,UAAU,CAAC,MAAM;QACzB,SAAS,EAAE,KAAK;KACjB;CACF,CAA2B,CAAC;AAExB,MAAM,aAAa,GAAG,GAA0B,EAAE;IACvD,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAA,gBAAQ,EAAiB,IAAI,CAAC,CAAC;IACvD,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,IAAA,gBAAQ,GAAsB,CAAC;IAC7D,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,IAAA,gBAAQ,EAAU,KAAK,CAAC,CAAC;IAC/D,MAAM,SAAS,GAAG,IAAA,cAAM,EAAC,KAAK,CAAC,CAAC;IAChC,MAAM,CAAC,SAAS,EAAE,eAAe,CAAC,GAAG,IAAA,qBAAa,GAAE,CAAC;IAErD,MAAM,MAAM,GAAG,IAAA,yBAAS,GAAE,CAAC;IAE3B,MAAM,QAAQ,GAAG,IAAA,4BAAW,EAAC,IAAI,CAAC,CAAC;IACnC,MAAM,SAAS,GAAG,IAAA,4BAAW,EAAC,OAAO,CAAC,CAAC;IACvC,MAAM,WAAW,GAAG,IAAA,4BAAW,EAAC,SAAS,CAAC,CAAC;IAE3C,MAAM,SAAS,GAAG,IAAA,mBAAW,EAC3B,KAAK,EAAE,eAAiC,EAAiB,EAAE;QACzD,IAAI,eAAe,EAAE,MAAM,CAAC,OAAO;YAAE,OAAO;QAE5C,MAAM,QAAQ,GAAG,yBAAyB,EAAE,IAAI,EAAE,CAAC;QACnD,MAAM,QAAQ,GAAG,QAAQ,CAAC,sBAAW,CAAC,IAAI,CAAY,CAAC;QACvD,MAAM,SAAS,GAAG,QAAQ,CAAC,sBAAW,CAAC,QAAQ,CAAC,CAAC;QAEjD,IAAI,eAAe,EAAE,MAAM,CAAC,OAAO;YAAE,OAAO;QAE5C,IAAI,CAAC,IAAA,wBAAe,EAAC,QAAQ,EAAE,QAAQ,CAAC,EAAE,CAAC;YACzC,OAAO,CAAC,QAAQ,IAAI,IAAI,CAAC,CAAC;YAC1B,cAAc,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC;QACD,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,UAAU,CAAC,SAAS,CAAC,CAAC;QACxB,CAAC;IACH,CAAC,EACD,CAAC,SAAS,EAAE,QAAQ,CAAC,CACtB,CAAC;IAEF,yCAAyC;IACzC,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,cAAc,CAAC,KAAK,CAAC,CAAC;QACtB,IAAI,WAAW,IAAI,CAAC,SAAS,EAAE,CAAC;YAC9B,SAAS,EAAE,CAAC;QACd,CAAC;IACH,CAAC,EAAE,CAAC,WAAW,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC;IAExC,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC;QAC5C,MAAM,cAAc,GAAG,GAAG,EAAE;YAC1B,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC;YACxC,SAAS,CAAC,eAAe,CAAC,CAAC;QAC7B,CAAC,CAAC;QAEF,QAAQ,CAAC,gBAAgB,CAAC,kBAAkB,EAAE,cAAc,CAAC,CAAC;QAC9D,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;QACnD,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;QAEjD,SAAS,CAAC,eAAe,CAAC,CAAC;QAE3B,MAAM,UAAU,GAAG,WAAW,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;QAErD,OAAO,GAAG,EAAE;YACV,eAAe,CAAC,KAAK,EAAE,CAAC;YACxB,QAAQ,CAAC,mBAAmB,CAAC,kBAAkB,EAAE,cAAc,CAAC,CAAC;YACjE,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;YACtD,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;YACpD,aAAa,CAAC,UAAU,CAAC,CAAC;QAC5B,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;IAEhB,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;gBACvB,SAAS,CAAC,OAAO,GAAG,IAAI,CAAC;gBACzB,eAAe,CAAC,GAAG,EAAE;oBACnB,MAAM,CAAC,OAAO,EAAE,CAAC;gBACnB,CAAC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;aAAM,CAAC;YACN,SAAS,CAAC,OAAO,GAAG,KAAK,CAAC;QAC5B,CAAC;QACD,uDAAuD;IACzD,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;IAElB,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;AACjD,CAAC,CAAC;AAjFW,QAAA,aAAa,iBAiFxB","sourcesContent":["\"use client\";\nimport { useCallback, useEffect, useRef, useState } from \"react\";\nimport { useRouter } from \"next/navigation.js\";\nimport { getWindowCookieValue } from \"@/lib/cookies.js\";\nimport type { EmptyObject, User } from \"@/types.js\";\nimport { OAuthTokens, UserStorage } from \"@/shared/lib/types.js\";\nimport { usePrevious } from \"@/nextjs/hooks/usePrevious.js\";\nimport { useTransition } from \"react\";\nimport { objectsAreEqual } from \"@/lib/obj.js\";\n\ntype UserAndTokenFromCookie = {\n [UserStorage.USER]: User | undefined;\n [OAuthTokens.ID_TOKEN]: string | undefined;\n};\nconst getUserAndTokenFromCookie = (): UserAndTokenFromCookie =>\n getWindowCookieValue([\n {\n key: UserStorage.USER,\n window: globalThis.window,\n parseJson: true,\n },\n {\n key: OAuthTokens.ID_TOKEN,\n window: globalThis.window,\n parseJson: false,\n },\n ]) as UserAndTokenFromCookie;\n\nexport const useUserCookie = <T extends EmptyObject>() => {\n const [user, setUser] = useState<User<T> | null>(null);\n const [idToken, setIdToken] = useState<string | undefined>();\n const [userChanged, setUserChanged] = useState<boolean>(false);\n const hasRunRef = useRef(false);\n const [isPending, startTransition] = useTransition();\n\n const router = useRouter();\n\n const prevUser = usePrevious(user);\n const prevToken = usePrevious(idToken);\n const prevPending = usePrevious(isPending);\n\n const fetchUser = useCallback(\n async (abortController?: AbortController): Promise<void> => {\n if (abortController?.signal.aborted) return;\n\n const response = getUserAndTokenFromCookie() || {};\n const userData = response[UserStorage.USER] as User<T>;\n const tokenData = response[OAuthTokens.ID_TOKEN];\n\n if (abortController?.signal.aborted) return;\n\n if (!objectsAreEqual(prevUser, userData)) {\n setUser(userData || null);\n setUserChanged(true);\n }\n if (tokenData !== prevToken) {\n setIdToken(tokenData);\n }\n },\n [prevToken, prevUser],\n );\n\n // call fetch immediately after a refresh\n useEffect(() => {\n setUserChanged(false);\n if (prevPending && !isPending) {\n fetchUser();\n }\n }, [prevPending, isPending, fetchUser]);\n\n useEffect(() => {\n let abortController = new AbortController();\n const cookieListener = () => {\n abortController = new AbortController();\n fetchUser(abortController);\n };\n\n document.addEventListener(\"visibilitychange\", cookieListener);\n window.addEventListener(\"storage\", cookieListener);\n window.addEventListener(\"focus\", cookieListener);\n\n fetchUser(abortController);\n\n const intervalId = setInterval(cookieListener, 2000);\n\n return () => {\n abortController.abort();\n document.removeEventListener(\"visibilitychange\", cookieListener);\n window.removeEventListener(\"storage\", cookieListener);\n window.removeEventListener(\"focus\", cookieListener);\n clearInterval(intervalId);\n };\n }, [fetchUser]);\n\n useEffect(() => {\n if (userChanged) {\n if (!hasRunRef.current) {\n hasRunRef.current = true;\n startTransition(() => {\n router.refresh();\n });\n }\n } else {\n hasRunRef.current = false;\n }\n // eslint-disable-next-line react-hooks/exhaustive-deps\n }, [userChanged]);\n\n return { user, idToken, fetchUser, isPending };\n};\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"NextAuthProvider.d.ts","sourceRoot":"","sources":["../../../../src/nextjs/providers/NextAuthProvider.tsx"],"names":[],"mappings":"AACA;;GAEG;AACH,OAAO,KAA2C,MAAM,OAAO,CAAC;AAChE,OAAO,EAEL,KAAK,sBAAsB,EAC5B,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"NextAuthProvider.d.ts","sourceRoot":"","sources":["../../../../src/nextjs/providers/NextAuthProvider.tsx"],"names":[],"mappings":"AACA;;GAEG;AACH,OAAO,KAA2C,MAAM,OAAO,CAAC;AAChE,OAAO,EAEL,KAAK,sBAAsB,EAC5B,MAAM,oBAAoB,CAAC;AAgB5B,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAarE,KAAK,kCAAkC,GAAG,IAAI,CAC5C,iBAAiB,EACjB,UAAU,CACX,GAAG;IACF,cAAc,EAAE,sBAAsB,CAAC;CACxC,CAAC;AACF,KAAK,0BAA0B,GAAG,IAAI,CACpC,kCAAkC,EAClC,UAAU,GAAG,gBAAgB,GAAG,aAAa,CAC9C,CAAC;AA4GF,QAAA,MAAM,qBAAqB,2BAGxB,0BAA0B,sBA0C5B,CAAC;AAEF,OAAO,EAAE,qBAAqB,EAAE,KAAK,0BAA0B,EAAE,CAAC"}
|
|
@@ -55,8 +55,9 @@ const IFrameAndLoading_js_1 = require("../../shared/components/IFrameAndLoading.
|
|
|
55
55
|
const BlockDisplay_js_1 = require("../../shared/components/BlockDisplay.js");
|
|
56
56
|
const LoadingIcon_js_1 = require("../../shared/components/LoadingIcon.js");
|
|
57
57
|
const useIframe_js_1 = require("../../shared/hooks/useIframe.js");
|
|
58
|
-
const index_js_1 = require("../../reactjs/index.js");
|
|
59
58
|
const useIsInIframe_js_1 = require("../../shared/hooks/useIsInIframe.js");
|
|
59
|
+
const useRefresh_js_1 = require("../../nextjs/hooks/useRefresh.js");
|
|
60
|
+
const index_js_1 = require("../../shared/hooks/index.js");
|
|
60
61
|
const CivicNextAuthTokenProviderInternal = ({ children, isLoading, displayMode = "iframe", user, fetchUser, ...props }) => {
|
|
61
62
|
const { iframeMode, resolvedConfig } = props;
|
|
62
63
|
const { iframeRef, setLogoutIframeIsVisible } = (0, useIframe_js_1.useIframe)();
|
|
@@ -109,12 +110,13 @@ const CivicNextAuthProviderInternal = ({ children, ...props }) => {
|
|
|
109
110
|
authenticated: !!user,
|
|
110
111
|
idToken,
|
|
111
112
|
};
|
|
113
|
+
(0, useRefresh_js_1.useRefresh)(session);
|
|
112
114
|
return (react_1.default.createElement(SessionProvider_js_1.SessionProvider, { data: session, isLoading: isLoading },
|
|
113
115
|
react_1.default.createElement(CivicNextAuthTokenProviderInternal, { ...props, user: user, idToken: idToken, fetchUser: fetchUser, isLoading: isLoading || isPending }, children)));
|
|
114
116
|
};
|
|
115
117
|
const CivicNextAuthProvider = ({ children, ...props }) => {
|
|
116
118
|
const resolvedConfig = (0, config_js_1.resolveAuthConfig)();
|
|
117
|
-
const { clientId, oauthServer, callbackUrl, challengeUrl, logoutUrl, logoutCallbackUrl, } = resolvedConfig;
|
|
119
|
+
const { clientId, oauthServer, callbackUrl, challengeUrl, logoutUrl, refreshUrl, logoutCallbackUrl, } = resolvedConfig;
|
|
118
120
|
const [redirectUrl, setRedirectUrl] = (0, react_1.useState)("");
|
|
119
121
|
(0, react_1.useEffect)(() => {
|
|
120
122
|
if (typeof globalThis.window !== "undefined") {
|
|
@@ -122,7 +124,7 @@ const CivicNextAuthProvider = ({ children, ...props }) => {
|
|
|
122
124
|
setRedirectUrl((0, utils_js_1.resolveCallbackUrl)(resolvedConfig, appUrl));
|
|
123
125
|
}
|
|
124
126
|
}, [callbackUrl, resolvedConfig]);
|
|
125
|
-
return (react_1.default.createElement(CivicAuthConfigContext_js_1.CivicAuthConfigProvider, { oauthServer: oauthServer, clientId: clientId, redirectUrl: redirectUrl, logoutRedirectUrl: logoutCallbackUrl, nonce: props?.nonce, challengeUrl: challengeUrl, logoutUrl: logoutUrl, logoutCallbackUrl: logoutCallbackUrl },
|
|
127
|
+
return (react_1.default.createElement(CivicAuthConfigContext_js_1.CivicAuthConfigProvider, { oauthServer: oauthServer, clientId: clientId, redirectUrl: redirectUrl, logoutRedirectUrl: logoutCallbackUrl, nonce: props?.nonce, challengeUrl: challengeUrl, refreshUrl: refreshUrl, logoutUrl: logoutUrl, logoutCallbackUrl: logoutCallbackUrl },
|
|
126
128
|
react_1.default.createElement(IframeProvider_js_1.IframeProvider, { iframeMode: props.iframeMode },
|
|
127
129
|
react_1.default.createElement(CivicNextAuthProviderInternal, { ...props, resolvedConfig: resolvedConfig }, children))));
|
|
128
130
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"NextAuthProvider.js","sourceRoot":"","sources":["../../../../src/nextjs/providers/NextAuthProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACb;;GAEG;AACH,+CAAgE;AAChE,kDAG4B;AAC5B,gDAAuD;AACvD,gDAAoE;AACpE,oDAA0D;AAC1D,wEAAkE;AAClE,sEAAgE;AAChE,4FAAuF;AACvF,8EAAwE;AACxE,4EAAsE;AACtE,0EAAoE;AACpE,8DAAwD;AACxD,gFAA0E;AAC1E,iFAA2E;AAC3E,yEAAmE;AACnE,uEAAiE;AACjE,8DAAwD;AACxD,iDAAgD;AAEhD,sEAAgE;AAqBhE,MAAM,kCAAkC,GAAG,CAAC,EAC1C,QAAQ,EACR,SAAS,EACT,WAAW,GAAG,QAAQ,EACtB,IAAI,EACJ,SAAS,EACT,GAAG,KAAK,EACgC,EAAE,EAAE;IAC5C,MAAM,EAAE,UAAU,EAAE,cAAc,EAAE,GAAG,KAAK,CAAC;IAC7C,MAAM,EAAE,SAAS,EAAE,wBAAwB,EAAE,GAAG,IAAA,wBAAS,GAAE,CAAC;IAC5D,MAAM,eAAe,GAAG,IAAA,0CAAkB,GAAE,CAAC;IAC7C,MAAM,EAAE,YAAY,EAAE,GAAG,cAAc,CAAC;IACxC,MAAM,YAAY,GAAG,IAAI,wCAA8B,CAAC,YAAY,CAAC,CAAC;IACtE,MAAM,CAAC,YAAY,EAAE,eAAe,CAAC,GAAG,IAAA,gBAAQ,EAAC,KAAK,CAAC,CAAC;IACxD,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,IAAA,qBAAU,GAAE,CAAC;IAEvC,MAAM,WAAW,GAAG,IAAA,mBAAW,EAAC,KAAK,IAAI,EAAE;QACzC,eAAe,CAAC,IAAI,CAAC,CAAC;QACtB,oFAAoF;QACpF,MAAM,SAAS,EAAE,CAAC;QAClB,MAAM,KAAK,EAAE,SAAS,EAAE,EAAE,CAAC;IAC7B,CAAC,EAAE,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC;IAEvB,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,CAAC,OAAO,EAAE,aAAa,EAAE,CAAC;YAC5B,eAAe,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC;IACH,CAAC,EAAE,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC;IAE7B,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,wBAAwB,CAAC,YAAY,CAAC,CAAC;IACzC,CAAC,EAAE,CAAC,YAAY,EAAE,wBAAwB,CAAC,CAAC,CAAC;IAE7C,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,wBAAS,EAAC;QACpC,WAAW;QACX,YAAY;QACZ,WAAW;KACZ,CAAC,CAAC;IAEH,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IACE,UAAU,KAAK,UAAU;YACzB,eAAe;YACf,CAAC,OAAO,EAAE,aAAa;YACvB,SAAS,EAAE,OAAO,EAClB,CAAC;YACD,MAAM,EAAE,CAAC;QACX,CAAC;IACH,CAAC,EAAE,CAAC,UAAU,EAAE,eAAe,EAAE,OAAO,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC;IAE7E,OAAO,CACL,8BAAC,gCAAa;QACZ,8BAAC,8BAAY,IACX,OAAO,EAAE,IAAI,gCAAmB,EAAE,EAClC,IAAI,EAAE,IAAI,EACV,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW;YAExB,8BAAC,sCAAgB,IACf,KAAK,EAAE,IAAI,EACX,SAAS,EAAE,SAAS,EACpB,kBAAkB,EAAE,IAAI,GACxB;YACD,SAAS,IAAI,CACZ,8BAAC,8BAAY;gBACX,8BAAC,4BAAW,OAAG,CACF,CAChB;YACA,QAAQ,CACI,CACD,CACjB,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,6BAA6B,GAAG,CAAC,EACrC,QAAQ,EACR,GAAG,KAAK,EAC2B,EAAE,EAAE;IACvC,MAAM,UAAU,GAAG,IAAA,gCAAa,GAAE,CAAC;IACnC,2EAA2E;IAC3E,kCAAkC;IAClC,MAAM,SAAS,GAAG,UAAU,CAAC;IAC7B,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,IAAA,gCAAa,GAAE,CAAC;IAEhE,MAAM,OAAO,GAAG;QACd,aAAa,EAAE,CAAC,CAAC,IAAI;QACrB,OAAO;KACR,CAAC;IAEF,OAAO,CACL,8BAAC,oCAAe,IAAC,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;QAClD,8BAAC,kCAAkC,OAC7B,KAAK,EACT,IAAI,EAAE,IAAI,EACV,OAAO,EAAE,OAAO,EAChB,SAAS,EAAE,SAAS,EACpB,SAAS,EAAE,SAAS,IAAI,SAAS,IAEhC,QAAQ,CAC0B,CACrB,CACnB,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,qBAAqB,GAAG,CAAC,EAC7B,QAAQ,EACR,GAAG,KAAK,EACmB,EAAE,EAAE;IAC/B,MAAM,cAAc,GAAG,IAAA,6BAAiB,GAAE,CAAC;IAC3C,MAAM,EACJ,QAAQ,EACR,WAAW,EACX,WAAW,EACX,YAAY,EACZ,SAAS,EACT,iBAAiB,GAClB,GAAG,cAAc,CAAC;IACnB,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,IAAA,gBAAQ,EAAS,EAAE,CAAC,CAAC;IAE3D,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,OAAO,UAAU,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YAC7C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YACjD,cAAc,CAAC,IAAA,6BAAkB,EAAC,cAAc,EAAE,MAAM,CAAC,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;IAElC,OAAO,CACL,8BAAC,mDAAuB,IACtB,WAAW,EAAE,WAAW,EACxB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,EACxB,iBAAiB,EAAE,iBAAiB,EACpC,KAAK,EAAE,KAAK,EAAE,KAAK,EACnB,YAAY,EAAE,YAAY,EAC1B,SAAS,EAAE,SAAS,EACpB,iBAAiB,EAAE,iBAAiB;QAEpC,8BAAC,kCAAc,IAAC,UAAU,EAAE,KAAK,CAAC,UAAU;YAC1C,8BAAC,6BAA6B,OACxB,KAAK,EACT,cAAc,EAAE,cAAc,IAE7B,QAAQ,CACqB,CACjB,CACO,CAC3B,CAAC;AACJ,CAAC,CAAC;AAEO,sDAAqB","sourcesContent":["\"use client\";\n/**\n * A very small context provider for the user object - it takes the user object from the cookie and provides it to the app.\n */\nimport React, { useCallback, useEffect, useState } from \"react\";\nimport {\n resolveAuthConfig,\n type AuthConfigWithDefaults,\n} from \"@/nextjs/config.js\";\nimport { resolveCallbackUrl } from \"@/nextjs/utils.js\";\nimport { ConfidentialClientPKCEConsumer } from \"@/services/PKCE.js\";\nimport { NextjsClientStorage } from \"@/nextjs/cookies.js\";\nimport { UserProvider } from \"@/shared/providers/UserProvider.js\";\nimport { useUserCookie } from \"@/nextjs/hooks/useUserCookie.js\";\nimport { CivicAuthConfigProvider } from \"@/shared/providers/CivicAuthConfigContext.js\";\nimport { SessionProvider } from \"@/shared/providers/SessionProvider.js\";\nimport { IframeProvider } from \"@/shared/providers/IframeProvider.js\";\nimport { TokenProvider } from \"@/shared/providers/TokenProvider.js\";\nimport { useSignIn } from \"@/shared/hooks/useSignIn.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport { IFrameAndLoading } from \"@/shared/components/IFrameAndLoading.js\";\nimport { BlockDisplay } from \"@/shared/components/BlockDisplay.js\";\nimport { LoadingIcon } from \"@/shared/components/LoadingIcon.js\";\nimport { useIframe } from \"@/shared/hooks/useIframe.js\";\nimport { useSession } from \"@/reactjs/index.js\";\nimport type { AuthProviderProps } from \"@/shared/providers/types.js\";\nimport { useIsInIframe } from \"@/shared/hooks/useIsInIframe.js\";\nimport type { User } from \"@/types.js\";\n\ntype CivicNextAuthTokenProviderInternalProps =\n NextCivicAuthProviderInternalProps & {\n isLoading: boolean;\n idToken?: string;\n user: User | null;\n fetchUser: () => Promise<void>;\n };\ntype NextCivicAuthProviderInternalProps = Omit<\n AuthProviderProps,\n \"clientId\"\n> & {\n resolvedConfig: AuthConfigWithDefaults;\n};\ntype NextCivicAuthProviderProps = Omit<\n NextCivicAuthProviderInternalProps,\n \"clientId\" | \"resolvedConfig\" | \"redirectUrl\"\n>;\n\nconst CivicNextAuthTokenProviderInternal = ({\n children,\n isLoading,\n displayMode = \"iframe\",\n user,\n fetchUser,\n ...props\n}: CivicNextAuthTokenProviderInternalProps) => {\n const { iframeMode, resolvedConfig } = props;\n const { iframeRef, setLogoutIframeIsVisible } = useIframe();\n const civicAuthConfig = useCivicAuthConfig();\n const { challengeUrl } = resolvedConfig;\n const pkceConsumer = new ConfidentialClientPKCEConsumer(challengeUrl);\n const [isSigningOut, setIsSigningOut] = useState(false);\n const { data: session } = useSession();\n\n const postSignOut = useCallback(async () => {\n setIsSigningOut(true);\n // user is signed out, manually update the user from cookies to not wait for polling\n await fetchUser();\n await props?.onSignOut?.();\n }, [fetchUser, props]);\n\n useEffect(() => {\n if (!session?.authenticated) {\n setIsSigningOut(false);\n }\n }, [session?.authenticated]);\n\n useEffect(() => {\n setLogoutIframeIsVisible(isSigningOut);\n }, [isSigningOut, setLogoutIframeIsVisible]);\n\n const { signIn, signOut } = useSignIn({\n postSignOut,\n pkceConsumer,\n displayMode,\n });\n\n useEffect(() => {\n if (\n iframeMode === \"embedded\" &&\n civicAuthConfig &&\n !session?.authenticated &&\n iframeRef?.current\n ) {\n signIn();\n }\n }, [iframeMode, civicAuthConfig, session?.authenticated, iframeRef, signIn]);\n\n return (\n <TokenProvider>\n <UserProvider\n storage={new NextjsClientStorage()}\n user={user}\n signOut={signOut}\n signIn={signIn}\n displayMode={displayMode}\n >\n <IFrameAndLoading\n error={null}\n isLoading={isLoading}\n showIframeOnLogout={true}\n />\n {isLoading && (\n <BlockDisplay>\n <LoadingIcon />\n </BlockDisplay>\n )}\n {children}\n </UserProvider>\n </TokenProvider>\n );\n};\n\nconst CivicNextAuthProviderInternal = ({\n children,\n ...props\n}: NextCivicAuthProviderInternalProps) => {\n const isInIframe = useIsInIframe();\n // if the SDK loads in an iframe, we show the loading spinner as the iframe\n // will be waiting to be minimized\n const isLoading = isInIframe;\n const { user, idToken, fetchUser, isPending } = useUserCookie();\n\n const session = {\n authenticated: !!user,\n idToken,\n };\n\n return (\n <SessionProvider data={session} isLoading={isLoading}>\n <CivicNextAuthTokenProviderInternal\n {...props}\n user={user}\n idToken={idToken}\n fetchUser={fetchUser}\n isLoading={isLoading || isPending}\n >\n {children}\n </CivicNextAuthTokenProviderInternal>\n </SessionProvider>\n );\n};\n\nconst CivicNextAuthProvider = ({\n children,\n ...props\n}: NextCivicAuthProviderProps) => {\n const resolvedConfig = resolveAuthConfig();\n const {\n clientId,\n oauthServer,\n callbackUrl,\n challengeUrl,\n logoutUrl,\n logoutCallbackUrl,\n } = resolvedConfig;\n const [redirectUrl, setRedirectUrl] = useState<string>(\"\");\n\n useEffect(() => {\n if (typeof globalThis.window !== \"undefined\") {\n const appUrl = globalThis.window.location.origin;\n setRedirectUrl(resolveCallbackUrl(resolvedConfig, appUrl));\n }\n }, [callbackUrl, resolvedConfig]);\n\n return (\n <CivicAuthConfigProvider\n oauthServer={oauthServer}\n clientId={clientId}\n redirectUrl={redirectUrl}\n logoutRedirectUrl={logoutCallbackUrl}\n nonce={props?.nonce}\n challengeUrl={challengeUrl}\n logoutUrl={logoutUrl}\n logoutCallbackUrl={logoutCallbackUrl}\n >\n <IframeProvider iframeMode={props.iframeMode}>\n <CivicNextAuthProviderInternal\n {...props}\n resolvedConfig={resolvedConfig}\n >\n {children}\n </CivicNextAuthProviderInternal>\n </IframeProvider>\n </CivicAuthConfigProvider>\n );\n};\n\nexport { CivicNextAuthProvider, type NextCivicAuthProviderProps };\n"]}
|
|
1
|
+
{"version":3,"file":"NextAuthProvider.js","sourceRoot":"","sources":["../../../../src/nextjs/providers/NextAuthProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACb;;GAEG;AACH,+CAAgE;AAChE,kDAG4B;AAC5B,gDAAuD;AACvD,gDAAoE;AACpE,oDAA0D;AAC1D,wEAAkE;AAClE,sEAAgE;AAChE,4FAAuF;AACvF,8EAAwE;AACxE,4EAAsE;AACtE,0EAAoE;AACpE,8DAAwD;AACxD,gFAA0E;AAC1E,iFAA2E;AAC3E,yEAAmE;AACnE,uEAAiE;AACjE,8DAAwD;AAExD,sEAAgE;AAEhE,gEAA0D;AAC1D,sDAAqD;AAoBrD,MAAM,kCAAkC,GAAG,CAAC,EAC1C,QAAQ,EACR,SAAS,EACT,WAAW,GAAG,QAAQ,EACtB,IAAI,EACJ,SAAS,EACT,GAAG,KAAK,EACgC,EAAE,EAAE;IAC5C,MAAM,EAAE,UAAU,EAAE,cAAc,EAAE,GAAG,KAAK,CAAC;IAC7C,MAAM,EAAE,SAAS,EAAE,wBAAwB,EAAE,GAAG,IAAA,wBAAS,GAAE,CAAC;IAC5D,MAAM,eAAe,GAAG,IAAA,0CAAkB,GAAE,CAAC;IAC7C,MAAM,EAAE,YAAY,EAAE,GAAG,cAAc,CAAC;IACxC,MAAM,YAAY,GAAG,IAAI,wCAA8B,CAAC,YAAY,CAAC,CAAC;IACtE,MAAM,CAAC,YAAY,EAAE,eAAe,CAAC,GAAG,IAAA,gBAAQ,EAAC,KAAK,CAAC,CAAC;IACxD,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,IAAA,qBAAU,GAAE,CAAC;IAEvC,MAAM,WAAW,GAAG,IAAA,mBAAW,EAAC,KAAK,IAAI,EAAE;QACzC,eAAe,CAAC,IAAI,CAAC,CAAC;QACtB,oFAAoF;QACpF,MAAM,SAAS,EAAE,CAAC;QAClB,MAAM,KAAK,EAAE,SAAS,EAAE,EAAE,CAAC;IAC7B,CAAC,EAAE,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC;IAEvB,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,CAAC,OAAO,EAAE,aAAa,EAAE,CAAC;YAC5B,eAAe,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC;IACH,CAAC,EAAE,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC;IAE7B,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,wBAAwB,CAAC,YAAY,CAAC,CAAC;IACzC,CAAC,EAAE,CAAC,YAAY,EAAE,wBAAwB,CAAC,CAAC,CAAC;IAE7C,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,wBAAS,EAAC;QACpC,WAAW;QACX,YAAY;QACZ,WAAW;KACZ,CAAC,CAAC;IAEH,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IACE,UAAU,KAAK,UAAU;YACzB,eAAe;YACf,CAAC,OAAO,EAAE,aAAa;YACvB,SAAS,EAAE,OAAO,EAClB,CAAC;YACD,MAAM,EAAE,CAAC;QACX,CAAC;IACH,CAAC,EAAE,CAAC,UAAU,EAAE,eAAe,EAAE,OAAO,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC;IAE7E,OAAO,CACL,8BAAC,gCAAa;QACZ,8BAAC,8BAAY,IACX,OAAO,EAAE,IAAI,gCAAmB,EAAE,EAClC,IAAI,EAAE,IAAI,EACV,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW;YAExB,8BAAC,sCAAgB,IACf,KAAK,EAAE,IAAI,EACX,SAAS,EAAE,SAAS,EACpB,kBAAkB,EAAE,IAAI,GACxB;YACD,SAAS,IAAI,CACZ,8BAAC,8BAAY;gBACX,8BAAC,4BAAW,OAAG,CACF,CAChB;YACA,QAAQ,CACI,CACD,CACjB,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,6BAA6B,GAAG,CAAC,EACrC,QAAQ,EACR,GAAG,KAAK,EAC2B,EAAE,EAAE;IACvC,MAAM,UAAU,GAAG,IAAA,gCAAa,GAAE,CAAC;IACnC,2EAA2E;IAC3E,kCAAkC;IAClC,MAAM,SAAS,GAAG,UAAU,CAAC;IAC7B,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,IAAA,gCAAa,GAAE,CAAC;IAEhE,MAAM,OAAO,GAAG;QACd,aAAa,EAAE,CAAC,CAAC,IAAI;QACrB,OAAO;KACR,CAAC;IAEF,IAAA,0BAAU,EAAC,OAAO,CAAC,CAAC;IACpB,OAAO,CACL,8BAAC,oCAAe,IAAC,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;QAClD,8BAAC,kCAAkC,OAC7B,KAAK,EACT,IAAI,EAAE,IAAI,EACV,OAAO,EAAE,OAAO,EAChB,SAAS,EAAE,SAAS,EACpB,SAAS,EAAE,SAAS,IAAI,SAAS,IAEhC,QAAQ,CAC0B,CACrB,CACnB,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,qBAAqB,GAAG,CAAC,EAC7B,QAAQ,EACR,GAAG,KAAK,EACmB,EAAE,EAAE;IAC/B,MAAM,cAAc,GAAG,IAAA,6BAAiB,GAAE,CAAC;IAC3C,MAAM,EACJ,QAAQ,EACR,WAAW,EACX,WAAW,EACX,YAAY,EACZ,SAAS,EACT,UAAU,EACV,iBAAiB,GAClB,GAAG,cAAc,CAAC;IACnB,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,IAAA,gBAAQ,EAAS,EAAE,CAAC,CAAC;IAE3D,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,OAAO,UAAU,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YAC7C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YACjD,cAAc,CAAC,IAAA,6BAAkB,EAAC,cAAc,EAAE,MAAM,CAAC,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;IAElC,OAAO,CACL,8BAAC,mDAAuB,IACtB,WAAW,EAAE,WAAW,EACxB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,EACxB,iBAAiB,EAAE,iBAAiB,EACpC,KAAK,EAAE,KAAK,EAAE,KAAK,EACnB,YAAY,EAAE,YAAY,EAC1B,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,SAAS,EACpB,iBAAiB,EAAE,iBAAiB;QAEpC,8BAAC,kCAAc,IAAC,UAAU,EAAE,KAAK,CAAC,UAAU;YAC1C,8BAAC,6BAA6B,OACxB,KAAK,EACT,cAAc,EAAE,cAAc,IAE7B,QAAQ,CACqB,CACjB,CACO,CAC3B,CAAC;AACJ,CAAC,CAAC;AAEO,sDAAqB","sourcesContent":["\"use client\";\n/**\n * A very small context provider for the user object - it takes the user object from the cookie and provides it to the app.\n */\nimport React, { useCallback, useEffect, useState } from \"react\";\nimport {\n resolveAuthConfig,\n type AuthConfigWithDefaults,\n} from \"@/nextjs/config.js\";\nimport { resolveCallbackUrl } from \"@/nextjs/utils.js\";\nimport { ConfidentialClientPKCEConsumer } from \"@/services/PKCE.js\";\nimport { NextjsClientStorage } from \"@/nextjs/cookies.js\";\nimport { UserProvider } from \"@/shared/providers/UserProvider.js\";\nimport { useUserCookie } from \"@/nextjs/hooks/useUserCookie.js\";\nimport { CivicAuthConfigProvider } from \"@/shared/providers/CivicAuthConfigContext.js\";\nimport { SessionProvider } from \"@/shared/providers/SessionProvider.js\";\nimport { IframeProvider } from \"@/shared/providers/IframeProvider.js\";\nimport { TokenProvider } from \"@/shared/providers/TokenProvider.js\";\nimport { useSignIn } from \"@/shared/hooks/useSignIn.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport { IFrameAndLoading } from \"@/shared/components/IFrameAndLoading.js\";\nimport { BlockDisplay } from \"@/shared/components/BlockDisplay.js\";\nimport { LoadingIcon } from \"@/shared/components/LoadingIcon.js\";\nimport { useIframe } from \"@/shared/hooks/useIframe.js\";\nimport type { AuthProviderProps } from \"@/shared/providers/types.js\";\nimport { useIsInIframe } from \"@/shared/hooks/useIsInIframe.js\";\nimport type { User } from \"@/types.js\";\nimport { useRefresh } from \"@/nextjs/hooks/useRefresh.js\";\nimport { useSession } from \"@/shared/hooks/index.js\";\n\ntype CivicNextAuthTokenProviderInternalProps =\n NextCivicAuthProviderInternalProps & {\n isLoading: boolean;\n idToken?: string;\n user: User | null;\n fetchUser: () => Promise<void>;\n };\ntype NextCivicAuthProviderInternalProps = Omit<\n AuthProviderProps,\n \"clientId\"\n> & {\n resolvedConfig: AuthConfigWithDefaults;\n};\ntype NextCivicAuthProviderProps = Omit<\n NextCivicAuthProviderInternalProps,\n \"clientId\" | \"resolvedConfig\" | \"redirectUrl\"\n>;\n\nconst CivicNextAuthTokenProviderInternal = ({\n children,\n isLoading,\n displayMode = \"iframe\",\n user,\n fetchUser,\n ...props\n}: CivicNextAuthTokenProviderInternalProps) => {\n const { iframeMode, resolvedConfig } = props;\n const { iframeRef, setLogoutIframeIsVisible } = useIframe();\n const civicAuthConfig = useCivicAuthConfig();\n const { challengeUrl } = resolvedConfig;\n const pkceConsumer = new ConfidentialClientPKCEConsumer(challengeUrl);\n const [isSigningOut, setIsSigningOut] = useState(false);\n const { data: session } = useSession();\n\n const postSignOut = useCallback(async () => {\n setIsSigningOut(true);\n // user is signed out, manually update the user from cookies to not wait for polling\n await fetchUser();\n await props?.onSignOut?.();\n }, [fetchUser, props]);\n\n useEffect(() => {\n if (!session?.authenticated) {\n setIsSigningOut(false);\n }\n }, [session?.authenticated]);\n\n useEffect(() => {\n setLogoutIframeIsVisible(isSigningOut);\n }, [isSigningOut, setLogoutIframeIsVisible]);\n\n const { signIn, signOut } = useSignIn({\n postSignOut,\n pkceConsumer,\n displayMode,\n });\n\n useEffect(() => {\n if (\n iframeMode === \"embedded\" &&\n civicAuthConfig &&\n !session?.authenticated &&\n iframeRef?.current\n ) {\n signIn();\n }\n }, [iframeMode, civicAuthConfig, session?.authenticated, iframeRef, signIn]);\n\n return (\n <TokenProvider>\n <UserProvider\n storage={new NextjsClientStorage()}\n user={user}\n signOut={signOut}\n signIn={signIn}\n displayMode={displayMode}\n >\n <IFrameAndLoading\n error={null}\n isLoading={isLoading}\n showIframeOnLogout={true}\n />\n {isLoading && (\n <BlockDisplay>\n <LoadingIcon />\n </BlockDisplay>\n )}\n {children}\n </UserProvider>\n </TokenProvider>\n );\n};\n\nconst CivicNextAuthProviderInternal = ({\n children,\n ...props\n}: NextCivicAuthProviderInternalProps) => {\n const isInIframe = useIsInIframe();\n // if the SDK loads in an iframe, we show the loading spinner as the iframe\n // will be waiting to be minimized\n const isLoading = isInIframe;\n const { user, idToken, fetchUser, isPending } = useUserCookie();\n\n const session = {\n authenticated: !!user,\n idToken,\n };\n\n useRefresh(session);\n return (\n <SessionProvider data={session} isLoading={isLoading}>\n <CivicNextAuthTokenProviderInternal\n {...props}\n user={user}\n idToken={idToken}\n fetchUser={fetchUser}\n isLoading={isLoading || isPending}\n >\n {children}\n </CivicNextAuthTokenProviderInternal>\n </SessionProvider>\n );\n};\n\nconst CivicNextAuthProvider = ({\n children,\n ...props\n}: NextCivicAuthProviderProps) => {\n const resolvedConfig = resolveAuthConfig();\n const {\n clientId,\n oauthServer,\n callbackUrl,\n challengeUrl,\n logoutUrl,\n refreshUrl,\n logoutCallbackUrl,\n } = resolvedConfig;\n const [redirectUrl, setRedirectUrl] = useState<string>(\"\");\n\n useEffect(() => {\n if (typeof globalThis.window !== \"undefined\") {\n const appUrl = globalThis.window.location.origin;\n setRedirectUrl(resolveCallbackUrl(resolvedConfig, appUrl));\n }\n }, [callbackUrl, resolvedConfig]);\n\n return (\n <CivicAuthConfigProvider\n oauthServer={oauthServer}\n clientId={clientId}\n redirectUrl={redirectUrl}\n logoutRedirectUrl={logoutCallbackUrl}\n nonce={props?.nonce}\n challengeUrl={challengeUrl}\n refreshUrl={refreshUrl}\n logoutUrl={logoutUrl}\n logoutCallbackUrl={logoutCallbackUrl}\n >\n <IframeProvider iframeMode={props.iframeMode}>\n <CivicNextAuthProviderInternal\n {...props}\n resolvedConfig={resolvedConfig}\n >\n {children}\n </CivicNextAuthProviderInternal>\n </IframeProvider>\n </CivicAuthConfigProvider>\n );\n};\n\nexport { CivicNextAuthProvider, type NextCivicAuthProviderProps };\n"]}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
|
+
import type { AuthConfig } from "../nextjs/config.js";
|
|
1
2
|
import type { NextRequest } from "next/server.js";
|
|
2
3
|
import { NextResponse } from "next/server.js";
|
|
3
|
-
|
|
4
|
-
export declare function handleLogout(request: NextRequest, config: AuthConfig): Promise<string>;
|
|
4
|
+
export declare function handleLogout(request: NextRequest, config: AuthConfig): Promise<NextResponse>;
|
|
5
5
|
export declare function handleLogoutCallback(request: NextRequest, config: AuthConfig): Promise<NextResponse>;
|
|
6
6
|
/**
|
|
7
7
|
* Creates an authentication handler for Next.js API routes
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"routeHandler.d.ts","sourceRoot":"","sources":["../../../src/nextjs/routeHandler.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"routeHandler.d.ts","sourceRoot":"","sources":["../../../src/nextjs/routeHandler.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAgBrD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAmR9C,wBAAsB,YAAY,CAChC,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,UAAU,GACjB,OAAO,CAAC,YAAY,CAAC,CAyBvB;AAED,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,UAAU,GACjB,OAAO,CAAC,YAAY,CAAC,CAkEvB;AAED;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,OAAO,iCAEF,WAAW,KAAG,OAAO,CAAC,YAAY,CAkCjD,CAAC"}
|
|
@@ -3,21 +3,21 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.handler = void 0;
|
|
4
4
|
exports.handleLogout = handleLogout;
|
|
5
5
|
exports.handleLogoutCallback = handleLogoutCallback;
|
|
6
|
-
const
|
|
7
|
-
const cache_js_1 = require("next/cache.js");
|
|
8
|
-
const config_js_1 = require("../nextjs/config.js");
|
|
6
|
+
const constants_js_1 = require("../constants.js");
|
|
9
7
|
const logger_js_1 = require("../lib/logger.js");
|
|
8
|
+
const oauth_js_1 = require("../lib/oauth.js");
|
|
9
|
+
const config_js_1 = require("../nextjs/config.js");
|
|
10
10
|
const cookies_js_1 = require("../nextjs/cookies.js");
|
|
11
|
-
const PKCE_js_1 = require("../services/PKCE.js");
|
|
12
|
-
const login_js_1 = require("../server/login.js");
|
|
13
11
|
const GetUser_js_1 = require("../nextjs/GetUser.js");
|
|
14
12
|
const utils_js_1 = require("../nextjs/utils.js");
|
|
15
|
-
const
|
|
16
|
-
const
|
|
17
|
-
const
|
|
13
|
+
const login_js_1 = require("../server/login.js");
|
|
14
|
+
const PKCE_js_1 = require("../services/PKCE.js");
|
|
15
|
+
const AuthenticationRefresherImpl_js_1 = require("../shared/lib/AuthenticationRefresherImpl.js");
|
|
18
16
|
const types_js_1 = require("../shared/lib/types.js");
|
|
17
|
+
const UserSession_js_1 = require("../shared/lib/UserSession.js");
|
|
19
18
|
const util_js_1 = require("../shared/lib/util.js");
|
|
20
|
-
const
|
|
19
|
+
const cache_js_1 = require("next/cache.js");
|
|
20
|
+
const server_js_1 = require("next/server.js");
|
|
21
21
|
const logger = logger_js_1.loggers.nextjs.handlers.auth;
|
|
22
22
|
class AuthError extends Error {
|
|
23
23
|
status;
|
|
@@ -70,6 +70,21 @@ async function performTokenExchangeAndSetCookies(request, config, code, state, a
|
|
|
70
70
|
const userSession = new UserSession_js_1.GenericUserSession(clientStorage);
|
|
71
71
|
userSession.set(user);
|
|
72
72
|
}
|
|
73
|
+
async function handleRefresh(request, config) {
|
|
74
|
+
const resolvedConfigs = (0, config_js_1.resolveAuthConfig)(config);
|
|
75
|
+
const cookieStorage = new cookies_js_1.NextjsCookieStorage(config.cookies?.tokens ?? {});
|
|
76
|
+
const refresher = await AuthenticationRefresherImpl_js_1.AuthenticationRefresherImpl.build({
|
|
77
|
+
clientId: resolvedConfigs.clientId,
|
|
78
|
+
oauthServer: resolvedConfigs.oauthServer,
|
|
79
|
+
redirectUrl: resolvedConfigs.callbackUrl,
|
|
80
|
+
refreshUrl: resolvedConfigs.refreshUrl,
|
|
81
|
+
}, cookieStorage);
|
|
82
|
+
const tokens = await refresher.refreshAccessToken();
|
|
83
|
+
// this will use the refresh token to get new tokens and, if successful
|
|
84
|
+
// the idToken, accessToken and user cookies will be updated
|
|
85
|
+
// await newRefresher.refreshTokens();
|
|
86
|
+
return server_js_1.NextResponse.json({ status: "success", tokens });
|
|
87
|
+
}
|
|
73
88
|
const generateHtmlResponseWithCallback = (request, callbackUrl) => {
|
|
74
89
|
// we need to replace the URL with resolved config in case the server is hosted
|
|
75
90
|
// behind a reverse proxy or load balancer
|
|
@@ -213,25 +228,26 @@ async function handleLogout(request, config) {
|
|
|
213
228
|
redirectUrl: postLogoutUrl.href,
|
|
214
229
|
oauthServer: resolvedConfigs.oauthServer,
|
|
215
230
|
});
|
|
216
|
-
|
|
217
|
-
return logoutUrl.href;
|
|
231
|
+
return server_js_1.NextResponse.redirect(`${logoutUrl.href}`);
|
|
218
232
|
}
|
|
219
233
|
async function handleLogoutCallback(request, config) {
|
|
220
234
|
const resolvedConfigs = (0, config_js_1.resolveAuthConfig)(config);
|
|
221
235
|
const state = request.nextUrl.searchParams.get("state") || "";
|
|
222
236
|
if (!state)
|
|
223
237
|
throw new AuthError("Bad parameters", 400);
|
|
224
|
-
const displayMode = (0, oauth_js_1.displayModeFromState)(state, "
|
|
238
|
+
const displayMode = (0, oauth_js_1.displayModeFromState)(state, "iframe");
|
|
225
239
|
console.log("handleLogout: clear auth cookies", { state, displayMode });
|
|
226
|
-
|
|
240
|
+
const canAccessCookies = !!(await getIdToken(resolvedConfigs));
|
|
241
|
+
if (canAccessCookies) {
|
|
242
|
+
await (0, cookies_js_1.clearAuthCookies)(resolvedConfigs);
|
|
243
|
+
}
|
|
227
244
|
let response;
|
|
228
245
|
// handle logout for iframe display mode
|
|
229
246
|
if (displayMode === "iframe") {
|
|
230
247
|
// try to read the token from cookies. If cookies cant be read/written
|
|
231
248
|
// because the request cames from a cross-origin redirect,
|
|
232
249
|
// we need to show a page that will trigger the logout from the same domain
|
|
233
|
-
|
|
234
|
-
if (canReadCookies || request.url.includes("sameDomainCallback=true")) {
|
|
250
|
+
if (canAccessCookies || request.url.includes("sameDomainCallback=true")) {
|
|
235
251
|
// just return success
|
|
236
252
|
return server_js_1.NextResponse.json({ status: "success" });
|
|
237
253
|
}
|
|
@@ -242,7 +258,7 @@ async function handleLogoutCallback(request, config) {
|
|
|
242
258
|
}
|
|
243
259
|
// handle logout for non-iframe display mode
|
|
244
260
|
const redirectUrl = getPostLogoutRedirectUrl(request, resolvedConfigs);
|
|
245
|
-
if (redirectUrl) {
|
|
261
|
+
if (redirectUrl && canAccessCookies) {
|
|
246
262
|
console.log("handleLogout with redirect mode", { state, redirectUrl });
|
|
247
263
|
// this is comming from the fetch from the HTML page returned by this handler
|
|
248
264
|
if (request.url.includes("sameDomainCallback=true")) {
|
|
@@ -277,7 +293,6 @@ async function handleLogoutCallback(request, config) {
|
|
|
277
293
|
*/
|
|
278
294
|
const handler = (authConfig = {}) => async (request) => {
|
|
279
295
|
const config = (0, config_js_1.resolveAuthConfig)(authConfig);
|
|
280
|
-
let redirectUrl = null;
|
|
281
296
|
try {
|
|
282
297
|
const pathname = request.nextUrl.pathname;
|
|
283
298
|
const pathSegments = pathname.split("/");
|
|
@@ -287,9 +302,10 @@ const handler = (authConfig = {}) => async (request) => {
|
|
|
287
302
|
return await handleChallenge(request, config);
|
|
288
303
|
case "callback":
|
|
289
304
|
return await handleCallback(request, config);
|
|
305
|
+
case "refresh":
|
|
306
|
+
return await handleRefresh(request, config);
|
|
290
307
|
case "logout":
|
|
291
|
-
|
|
292
|
-
break;
|
|
308
|
+
return await handleLogout(request, config);
|
|
293
309
|
case "logoutcallback":
|
|
294
310
|
return await handleLogoutCallback(request, config);
|
|
295
311
|
default:
|
|
@@ -304,12 +320,6 @@ const handler = (authConfig = {}) => async (request) => {
|
|
|
304
320
|
(0, cookies_js_1.clearAuthCookies)(config);
|
|
305
321
|
return response;
|
|
306
322
|
}
|
|
307
|
-
// redirect on Nextjs must be called outside a try-catch block
|
|
308
|
-
// see https://nextjs.org/docs/app/api-reference/functions/redirect
|
|
309
|
-
if (redirectUrl)
|
|
310
|
-
(0, navigation_js_1.redirect)(redirectUrl);
|
|
311
|
-
// do nothing if no redirectUrl
|
|
312
|
-
return server_js_1.NextResponse.json({ status: "ok" });
|
|
313
323
|
};
|
|
314
324
|
exports.handler = handler;
|
|
315
325
|
//# sourceMappingURL=routeHandler.js.map
|