@civic/auth 0.3.2-beta.1 → 0.3.2-beta.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/constants.d.ts +2 -1
- package/dist/cjs/constants.d.ts.map +1 -1
- package/dist/cjs/constants.js +9 -1
- package/dist/cjs/constants.js.map +1 -1
- package/dist/cjs/nextjs/config.d.ts.map +1 -1
- package/dist/cjs/nextjs/config.js +1 -1
- package/dist/cjs/nextjs/config.js.map +1 -1
- package/dist/cjs/reactjs/hooks/useSignIn.d.ts +6 -0
- package/dist/cjs/reactjs/hooks/useSignIn.d.ts.map +1 -0
- package/dist/cjs/reactjs/hooks/useSignIn.js +38 -0
- package/dist/cjs/reactjs/hooks/useSignIn.js.map +1 -0
- package/dist/cjs/services/UserinfoService.d.ts +5 -0
- package/dist/cjs/services/UserinfoService.d.ts.map +1 -0
- package/dist/cjs/services/UserinfoService.js +15 -0
- package/dist/cjs/services/UserinfoService.js.map +1 -0
- package/dist/cjs/shared/lib/session.d.ts.map +1 -1
- package/dist/cjs/shared/lib/session.js +7 -5
- package/dist/cjs/shared/lib/session.js.map +1 -1
- package/dist/cjs/shared/lib/util.d.ts.map +1 -1
- package/dist/cjs/shared/lib/util.js +5 -5
- package/dist/cjs/shared/lib/util.js.map +1 -1
- package/dist/cjs/shared/providers/TokenProvider.d.ts.map +1 -1
- package/dist/cjs/shared/providers/TokenProvider.js +2 -5
- package/dist/cjs/shared/providers/TokenProvider.js.map +1 -1
- package/dist/cjs/shared/providers/UserProvider.d.ts +2 -2
- package/dist/cjs/shared/providers/UserProvider.d.ts.map +1 -1
- package/dist/cjs/shared/providers/UserProvider.js.map +1 -1
- package/dist/cjs/shared/version.d.ts +1 -1
- package/dist/cjs/shared/version.js +1 -1
- package/dist/cjs/shared/version.js.map +1 -1
- package/dist/cjs/types.d.ts +3 -11
- package/dist/cjs/types.d.ts.map +1 -1
- package/dist/cjs/types.js +1 -3
- package/dist/cjs/types.js.map +1 -1
- package/dist/esm/constants.d.ts +2 -1
- package/dist/esm/constants.d.ts.map +1 -1
- package/dist/esm/constants.js +8 -1
- package/dist/esm/constants.js.map +1 -1
- package/dist/esm/nextjs/config.d.ts.map +1 -1
- package/dist/esm/nextjs/config.js +1 -1
- package/dist/esm/nextjs/config.js.map +1 -1
- package/dist/esm/reactjs/hooks/useSignIn.d.ts +6 -0
- package/dist/esm/reactjs/hooks/useSignIn.d.ts.map +1 -0
- package/dist/esm/reactjs/hooks/useSignIn.js +34 -0
- package/dist/esm/reactjs/hooks/useSignIn.js.map +1 -0
- package/dist/esm/shared/lib/session.d.ts.map +1 -1
- package/dist/esm/shared/lib/session.js +8 -6
- package/dist/esm/shared/lib/session.js.map +1 -1
- package/dist/esm/shared/lib/util.d.ts.map +1 -1
- package/dist/esm/shared/lib/util.js +5 -5
- package/dist/esm/shared/lib/util.js.map +1 -1
- package/dist/esm/shared/providers/TokenProvider.d.ts.map +1 -1
- package/dist/esm/shared/providers/TokenProvider.js +2 -5
- package/dist/esm/shared/providers/TokenProvider.js.map +1 -1
- package/dist/esm/shared/providers/UserProvider.d.ts +2 -2
- package/dist/esm/shared/providers/UserProvider.d.ts.map +1 -1
- package/dist/esm/shared/providers/UserProvider.js.map +1 -1
- package/dist/esm/shared/version.d.ts +1 -1
- package/dist/esm/shared/version.js +1 -1
- package/dist/esm/shared/version.js.map +1 -1
- package/dist/esm/types.d.ts +3 -11
- package/dist/esm/types.d.ts.map +1 -1
- package/dist/esm/types.js +1 -2
- package/dist/esm/types.js.map +1 -1
- package/dist/tsconfig.cjs.tsbuildinfo +1 -1
- package/dist/tsconfig.esm.tsbuildinfo +1 -1
- package/package.json +18 -19
- package/dist/generateVersion.d.ts +0 -2
- package/dist/generateVersion.d.ts.map +0 -1
- package/dist/generateVersion.js +0 -12
- package/dist/generateVersion.js.map +0 -1
- package/dist/package.json +0 -118
- package/dist/src/browser/storage.d.ts +0 -9
- package/dist/src/browser/storage.d.ts.map +0 -1
- package/dist/src/browser/storage.js +0 -17
- package/dist/src/browser/storage.js.map +0 -1
- package/dist/src/config.d.ts +0 -3
- package/dist/src/config.d.ts.map +0 -1
- package/dist/src/config.js +0 -5
- package/dist/src/config.js.map +0 -1
- package/dist/src/constants.d.ts +0 -8
- package/dist/src/constants.d.ts.map +0 -1
- package/dist/src/constants.js +0 -16
- package/dist/src/constants.js.map +0 -1
- package/dist/src/index.d.ts +0 -6
- package/dist/src/index.d.ts.map +0 -1
- package/dist/src/index.js +0 -4
- package/dist/src/index.js.map +0 -1
- package/dist/src/lib/cookies.d.ts +0 -7
- package/dist/src/lib/cookies.d.ts.map +0 -1
- package/dist/src/lib/cookies.js +0 -25
- package/dist/src/lib/cookies.js.map +0 -1
- package/dist/src/lib/jwt.d.ts +0 -3
- package/dist/src/lib/jwt.d.ts.map +0 -1
- package/dist/src/lib/jwt.js +0 -9
- package/dist/src/lib/jwt.js.map +0 -1
- package/dist/src/lib/logger.d.ts +0 -26
- package/dist/src/lib/logger.d.ts.map +0 -1
- package/dist/src/lib/logger.js +0 -55
- package/dist/src/lib/logger.js.map +0 -1
- package/dist/src/lib/oauth.d.ts +0 -19
- package/dist/src/lib/oauth.d.ts.map +0 -1
- package/dist/src/lib/oauth.js +0 -61
- package/dist/src/lib/oauth.js.map +0 -1
- package/dist/src/lib/obj.d.ts +0 -3
- package/dist/src/lib/obj.d.ts.map +0 -1
- package/dist/src/lib/obj.js +0 -18
- package/dist/src/lib/obj.js.map +0 -1
- package/dist/src/lib/postMessage.d.ts +0 -4
- package/dist/src/lib/postMessage.d.ts.map +0 -1
- package/dist/src/lib/postMessage.js +0 -15
- package/dist/src/lib/postMessage.js.map +0 -1
- package/dist/src/lib/windowUtil.d.ts +0 -4
- package/dist/src/lib/windowUtil.d.ts.map +0 -1
- package/dist/src/lib/windowUtil.js +0 -31
- package/dist/src/lib/windowUtil.js.map +0 -1
- package/dist/src/nextjs/GetUser.d.ts +0 -6
- package/dist/src/nextjs/GetUser.d.ts.map +0 -1
- package/dist/src/nextjs/GetUser.js +0 -7
- package/dist/src/nextjs/GetUser.js.map +0 -1
- package/dist/src/nextjs/config.d.ts +0 -181
- package/dist/src/nextjs/config.d.ts.map +0 -1
- package/dist/src/nextjs/config.js +0 -177
- package/dist/src/nextjs/config.js.map +0 -1
- package/dist/src/nextjs/cookies.d.ts +0 -30
- package/dist/src/nextjs/cookies.d.ts.map +0 -1
- package/dist/src/nextjs/cookies.js +0 -112
- package/dist/src/nextjs/cookies.js.map +0 -1
- package/dist/src/nextjs/hooks/index.d.ts +0 -2
- package/dist/src/nextjs/hooks/index.d.ts.map +0 -1
- package/dist/src/nextjs/hooks/index.js +0 -2
- package/dist/src/nextjs/hooks/index.js.map +0 -1
- package/dist/src/nextjs/hooks/usePrevious.d.ts +0 -2
- package/dist/src/nextjs/hooks/usePrevious.d.ts.map +0 -1
- package/dist/src/nextjs/hooks/usePrevious.js +0 -9
- package/dist/src/nextjs/hooks/usePrevious.js.map +0 -1
- package/dist/src/nextjs/hooks/useUserCookie.d.ts +0 -8
- package/dist/src/nextjs/hooks/useUserCookie.d.ts.map +0 -1
- package/dist/src/nextjs/hooks/useUserCookie.js +0 -88
- package/dist/src/nextjs/hooks/useUserCookie.js.map +0 -1
- package/dist/src/nextjs/index.d.ts +0 -7
- package/dist/src/nextjs/index.d.ts.map +0 -1
- package/dist/src/nextjs/index.js +0 -8
- package/dist/src/nextjs/index.js.map +0 -1
- package/dist/src/nextjs/middleware/index.d.ts +0 -2
- package/dist/src/nextjs/middleware/index.d.ts.map +0 -1
- package/dist/src/nextjs/middleware/index.js +0 -4
- package/dist/src/nextjs/middleware/index.js.map +0 -1
- package/dist/src/nextjs/middleware.d.ts +0 -59
- package/dist/src/nextjs/middleware.d.ts.map +0 -1
- package/dist/src/nextjs/middleware.js +0 -107
- package/dist/src/nextjs/middleware.js.map +0 -1
- package/dist/src/nextjs/providers/NextAuthProvider.d.ts +0 -13
- package/dist/src/nextjs/providers/NextAuthProvider.d.ts.map +0 -1
- package/dist/src/nextjs/providers/NextAuthProvider.js +0 -94
- package/dist/src/nextjs/providers/NextAuthProvider.js.map +0 -1
- package/dist/src/nextjs/routeHandler.d.ts +0 -19
- package/dist/src/nextjs/routeHandler.d.ts.map +0 -1
- package/dist/src/nextjs/routeHandler.js +0 -309
- package/dist/src/nextjs/routeHandler.js.map +0 -1
- package/dist/src/nextjs/utils.d.ts +0 -3
- package/dist/src/nextjs/utils.d.ts.map +0 -1
- package/dist/src/nextjs/utils.js +0 -5
- package/dist/src/nextjs/utils.js.map +0 -1
- package/dist/src/reactjs/components/SignInButton.d.ts +0 -8
- package/dist/src/reactjs/components/SignInButton.d.ts.map +0 -1
- package/dist/src/reactjs/components/SignInButton.js +0 -14
- package/dist/src/reactjs/components/SignInButton.js.map +0 -1
- package/dist/src/reactjs/components/SignOutButton.d.ts +0 -6
- package/dist/src/reactjs/components/SignOutButton.d.ts.map +0 -1
- package/dist/src/reactjs/components/SignOutButton.js +0 -14
- package/dist/src/reactjs/components/SignOutButton.js.map +0 -1
- package/dist/src/reactjs/components/UserButton.d.ts +0 -6
- package/dist/src/reactjs/components/UserButton.d.ts.map +0 -1
- package/dist/src/reactjs/components/UserButton.js +0 -118
- package/dist/src/reactjs/components/UserButton.js.map +0 -1
- package/dist/src/reactjs/components/index.d.ts +0 -6
- package/dist/src/reactjs/components/index.d.ts.map +0 -1
- package/dist/src/reactjs/components/index.js +0 -6
- package/dist/src/reactjs/components/index.js.map +0 -1
- package/dist/src/reactjs/hooks/index.d.ts +0 -6
- package/dist/src/reactjs/hooks/index.d.ts.map +0 -1
- package/dist/src/reactjs/hooks/index.js +0 -6
- package/dist/src/reactjs/hooks/index.js.map +0 -1
- package/dist/src/reactjs/hooks/useAuth.d.ts +0 -3
- package/dist/src/reactjs/hooks/useAuth.d.ts.map +0 -1
- package/dist/src/reactjs/hooks/useAuth.js +0 -12
- package/dist/src/reactjs/hooks/useAuth.js.map +0 -1
- package/dist/src/reactjs/hooks/useClientTokenExchangeSession.d.ts +0 -3
- package/dist/src/reactjs/hooks/useClientTokenExchangeSession.d.ts.map +0 -1
- package/dist/src/reactjs/hooks/useClientTokenExchangeSession.js +0 -13
- package/dist/src/reactjs/hooks/useClientTokenExchangeSession.js.map +0 -1
- package/dist/src/reactjs/hooks/useUser.d.ts +0 -4
- package/dist/src/reactjs/hooks/useUser.d.ts.map +0 -1
- package/dist/src/reactjs/hooks/useUser.js +0 -12
- package/dist/src/reactjs/hooks/useUser.js.map +0 -1
- package/dist/src/reactjs/index.d.ts +0 -6
- package/dist/src/reactjs/index.d.ts.map +0 -1
- package/dist/src/reactjs/index.js +0 -10
- package/dist/src/reactjs/index.js.map +0 -1
- package/dist/src/reactjs/providers/AuthProvider.d.ts +0 -11
- package/dist/src/reactjs/providers/AuthProvider.d.ts.map +0 -1
- package/dist/src/reactjs/providers/AuthProvider.js +0 -76
- package/dist/src/reactjs/providers/AuthProvider.js.map +0 -1
- package/dist/src/reactjs/providers/CivicAuthProvider.d.ts +0 -6
- package/dist/src/reactjs/providers/CivicAuthProvider.d.ts.map +0 -1
- package/dist/src/reactjs/providers/CivicAuthProvider.js +0 -32
- package/dist/src/reactjs/providers/CivicAuthProvider.js.map +0 -1
- package/dist/src/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts +0 -17
- package/dist/src/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts.map +0 -1
- package/dist/src/reactjs/providers/ClientTokenExchangeSessionProvider.js +0 -148
- package/dist/src/reactjs/providers/ClientTokenExchangeSessionProvider.js.map +0 -1
- package/dist/src/reactjs/providers/index.d.ts +0 -8
- package/dist/src/reactjs/providers/index.d.ts.map +0 -1
- package/dist/src/reactjs/providers/index.js +0 -7
- package/dist/src/reactjs/providers/index.js.map +0 -1
- package/dist/src/server/ServerAuthenticationResolver.d.ts +0 -20
- package/dist/src/server/ServerAuthenticationResolver.d.ts.map +0 -1
- package/dist/src/server/ServerAuthenticationResolver.js +0 -67
- package/dist/src/server/ServerAuthenticationResolver.js.map +0 -1
- package/dist/src/server/config.d.ts +0 -10
- package/dist/src/server/config.d.ts.map +0 -1
- package/dist/src/server/config.js +0 -2
- package/dist/src/server/config.js.map +0 -1
- package/dist/src/server/index.d.ts +0 -7
- package/dist/src/server/index.d.ts.map +0 -1
- package/dist/src/server/index.js +0 -7
- package/dist/src/server/index.js.map +0 -1
- package/dist/src/server/login.d.ts +0 -21
- package/dist/src/server/login.d.ts.map +0 -1
- package/dist/src/server/login.js +0 -56
- package/dist/src/server/login.js.map +0 -1
- package/dist/src/server/refresh.d.ts +0 -7
- package/dist/src/server/refresh.d.ts.map +0 -1
- package/dist/src/server/refresh.js +0 -13
- package/dist/src/server/refresh.js.map +0 -1
- package/dist/src/services/AuthenticationService.d.ts +0 -91
- package/dist/src/services/AuthenticationService.d.ts.map +0 -1
- package/dist/src/services/AuthenticationService.js +0 -322
- package/dist/src/services/AuthenticationService.js.map +0 -1
- package/dist/src/services/PKCE.d.ts +0 -20
- package/dist/src/services/PKCE.d.ts.map +0 -1
- package/dist/src/services/PKCE.js +0 -44
- package/dist/src/services/PKCE.js.map +0 -1
- package/dist/src/services/types.d.ts +0 -24
- package/dist/src/services/types.d.ts.map +0 -1
- package/dist/src/services/types.js +0 -7
- package/dist/src/services/types.js.map +0 -1
- package/dist/src/shared/components/BlockDisplay.d.ts +0 -7
- package/dist/src/shared/components/BlockDisplay.d.ts.map +0 -1
- package/dist/src/shared/components/BlockDisplay.js +0 -25
- package/dist/src/shared/components/BlockDisplay.js.map +0 -1
- package/dist/src/shared/components/CivicAuthIframe.d.ts +0 -9
- package/dist/src/shared/components/CivicAuthIframe.d.ts.map +0 -1
- package/dist/src/shared/components/CivicAuthIframe.js +0 -8
- package/dist/src/shared/components/CivicAuthIframe.js.map +0 -1
- package/dist/src/shared/components/CivicAuthIframeContainer.d.ts +0 -13
- package/dist/src/shared/components/CivicAuthIframeContainer.d.ts.map +0 -1
- package/dist/src/shared/components/CivicAuthIframeContainer.js +0 -138
- package/dist/src/shared/components/CivicAuthIframeContainer.js.map +0 -1
- package/dist/src/shared/components/CivicAuthLogoutIframeContainer.d.ts +0 -7
- package/dist/src/shared/components/CivicAuthLogoutIframeContainer.d.ts.map +0 -1
- package/dist/src/shared/components/CivicAuthLogoutIframeContainer.js +0 -22
- package/dist/src/shared/components/CivicAuthLogoutIframeContainer.js.map +0 -1
- package/dist/src/shared/components/CloseIcon.d.ts +0 -4
- package/dist/src/shared/components/CloseIcon.d.ts.map +0 -1
- package/dist/src/shared/components/CloseIcon.js +0 -6
- package/dist/src/shared/components/CloseIcon.js.map +0 -1
- package/dist/src/shared/components/IFrameAndLoading.d.ts +0 -8
- package/dist/src/shared/components/IFrameAndLoading.d.ts.map +0 -1
- package/dist/src/shared/components/IFrameAndLoading.js +0 -27
- package/dist/src/shared/components/IFrameAndLoading.js.map +0 -1
- package/dist/src/shared/components/LoadingIcon.d.ts +0 -4
- package/dist/src/shared/components/LoadingIcon.d.ts.map +0 -1
- package/dist/src/shared/components/LoadingIcon.js +0 -30
- package/dist/src/shared/components/LoadingIcon.js.map +0 -1
- package/dist/src/shared/hooks/index.d.ts +0 -11
- package/dist/src/shared/hooks/index.d.ts.map +0 -1
- package/dist/src/shared/hooks/index.js +0 -11
- package/dist/src/shared/hooks/index.js.map +0 -1
- package/dist/src/shared/hooks/useAuth.d.ts +0 -3
- package/dist/src/shared/hooks/useAuth.d.ts.map +0 -1
- package/dist/src/shared/hooks/useAuth.js +0 -12
- package/dist/src/shared/hooks/useAuth.js.map +0 -1
- package/dist/src/shared/hooks/useCivicAuthConfig.d.ts +0 -3
- package/dist/src/shared/hooks/useCivicAuthConfig.d.ts.map +0 -1
- package/dist/src/shared/hooks/useCivicAuthConfig.js +0 -10
- package/dist/src/shared/hooks/useCivicAuthConfig.js.map +0 -1
- package/dist/src/shared/hooks/useClientTokenExchangeSession.d.ts +0 -3
- package/dist/src/shared/hooks/useClientTokenExchangeSession.d.ts.map +0 -1
- package/dist/src/shared/hooks/useClientTokenExchangeSession.js +0 -13
- package/dist/src/shared/hooks/useClientTokenExchangeSession.js.map +0 -1
- package/dist/src/shared/hooks/useCurrentUrl.d.ts +0 -3
- package/dist/src/shared/hooks/useCurrentUrl.d.ts.map +0 -1
- package/dist/src/shared/hooks/useCurrentUrl.js +0 -24
- package/dist/src/shared/hooks/useCurrentUrl.js.map +0 -1
- package/dist/src/shared/hooks/useIframe.d.ts +0 -3
- package/dist/src/shared/hooks/useIframe.d.ts.map +0 -1
- package/dist/src/shared/hooks/useIframe.js +0 -13
- package/dist/src/shared/hooks/useIframe.js.map +0 -1
- package/dist/src/shared/hooks/useIsInIframe.d.ts +0 -3
- package/dist/src/shared/hooks/useIsInIframe.d.ts.map +0 -1
- package/dist/src/shared/hooks/useIsInIframe.js +0 -14
- package/dist/src/shared/hooks/useIsInIframe.js.map +0 -1
- package/dist/src/shared/hooks/useOAuthEndpoints.d.ts +0 -4
- package/dist/src/shared/hooks/useOAuthEndpoints.d.ts.map +0 -1
- package/dist/src/shared/hooks/useOAuthEndpoints.js +0 -14
- package/dist/src/shared/hooks/useOAuthEndpoints.js.map +0 -1
- package/dist/src/shared/hooks/useRefresh.d.ts +0 -4
- package/dist/src/shared/hooks/useRefresh.d.ts.map +0 -1
- package/dist/src/shared/hooks/useRefresh.js +0 -38
- package/dist/src/shared/hooks/useRefresh.js.map +0 -1
- package/dist/src/shared/hooks/useSession.d.ts +0 -3
- package/dist/src/shared/hooks/useSession.d.ts.map +0 -1
- package/dist/src/shared/hooks/useSession.js +0 -13
- package/dist/src/shared/hooks/useSession.js.map +0 -1
- package/dist/src/shared/hooks/useSignIn.d.ts +0 -15
- package/dist/src/shared/hooks/useSignIn.d.ts.map +0 -1
- package/dist/src/shared/hooks/useSignIn.js +0 -126
- package/dist/src/shared/hooks/useSignIn.js.map +0 -1
- package/dist/src/shared/hooks/useToken.d.ts +0 -3
- package/dist/src/shared/hooks/useToken.d.ts.map +0 -1
- package/dist/src/shared/hooks/useToken.js +0 -12
- package/dist/src/shared/hooks/useToken.js.map +0 -1
- package/dist/src/shared/hooks/useWindowFocused.d.ts +0 -5
- package/dist/src/shared/hooks/useWindowFocused.d.ts.map +0 -1
- package/dist/src/shared/hooks/useWindowFocused.js +0 -21
- package/dist/src/shared/hooks/useWindowFocused.js.map +0 -1
- package/dist/src/shared/index.d.ts +0 -5
- package/dist/src/shared/index.d.ts.map +0 -1
- package/dist/src/shared/index.js +0 -16
- package/dist/src/shared/index.js.map +0 -1
- package/dist/src/shared/lib/GenericAuthenticationRefresher.d.ts +0 -20
- package/dist/src/shared/lib/GenericAuthenticationRefresher.d.ts.map +0 -1
- package/dist/src/shared/lib/GenericAuthenticationRefresher.js +0 -73
- package/dist/src/shared/lib/GenericAuthenticationRefresher.js.map +0 -1
- package/dist/src/shared/lib/UserSession.d.ts +0 -12
- package/dist/src/shared/lib/UserSession.d.ts.map +0 -1
- package/dist/src/shared/lib/UserSession.js +0 -20
- package/dist/src/shared/lib/UserSession.js.map +0 -1
- package/dist/src/shared/lib/session.d.ts +0 -3
- package/dist/src/shared/lib/session.d.ts.map +0 -1
- package/dist/src/shared/lib/session.js +0 -21
- package/dist/src/shared/lib/session.js.map +0 -1
- package/dist/src/shared/lib/storage.d.ts +0 -25
- package/dist/src/shared/lib/storage.d.ts.map +0 -1
- package/dist/src/shared/lib/storage.js +0 -17
- package/dist/src/shared/lib/storage.js.map +0 -1
- package/dist/src/shared/lib/types.d.ts +0 -36
- package/dist/src/shared/lib/types.d.ts.map +0 -1
- package/dist/src/shared/lib/types.js +0 -18
- package/dist/src/shared/lib/types.js.map +0 -1
- package/dist/src/shared/lib/util.d.ts +0 -34
- package/dist/src/shared/lib/util.d.ts.map +0 -1
- package/dist/src/shared/lib/util.js +0 -137
- package/dist/src/shared/lib/util.js.map +0 -1
- package/dist/src/shared/providers/AuthContext.d.ts +0 -11
- package/dist/src/shared/providers/AuthContext.d.ts.map +0 -1
- package/dist/src/shared/providers/AuthContext.js +0 -3
- package/dist/src/shared/providers/AuthContext.js.map +0 -1
- package/dist/src/shared/providers/AuthProvider.d.ts +0 -22
- package/dist/src/shared/providers/AuthProvider.d.ts.map +0 -1
- package/dist/src/shared/providers/AuthProvider.js +0 -72
- package/dist/src/shared/providers/AuthProvider.js.map +0 -1
- package/dist/src/shared/providers/CivicAuthConfigContext.d.ts +0 -18
- package/dist/src/shared/providers/CivicAuthConfigContext.d.ts.map +0 -1
- package/dist/src/shared/providers/CivicAuthConfigContext.js +0 -52
- package/dist/src/shared/providers/CivicAuthConfigContext.js.map +0 -1
- package/dist/src/shared/providers/CivicAuthProvider.d.ts +0 -6
- package/dist/src/shared/providers/CivicAuthProvider.d.ts.map +0 -1
- package/dist/src/shared/providers/CivicAuthProvider.js +0 -32
- package/dist/src/shared/providers/CivicAuthProvider.js.map +0 -1
- package/dist/src/shared/providers/ClientTokenExchangeSessionProvider.d.ts +0 -17
- package/dist/src/shared/providers/ClientTokenExchangeSessionProvider.d.ts.map +0 -1
- package/dist/src/shared/providers/ClientTokenExchangeSessionProvider.js +0 -131
- package/dist/src/shared/providers/ClientTokenExchangeSessionProvider.js.map +0 -1
- package/dist/src/shared/providers/IframeProvider.d.ts +0 -22
- package/dist/src/shared/providers/IframeProvider.d.ts.map +0 -1
- package/dist/src/shared/providers/IframeProvider.js +0 -35
- package/dist/src/shared/providers/IframeProvider.js.map +0 -1
- package/dist/src/shared/providers/SessionProvider.d.ts +0 -19
- package/dist/src/shared/providers/SessionProvider.d.ts.map +0 -1
- package/dist/src/shared/providers/SessionProvider.js +0 -23
- package/dist/src/shared/providers/SessionProvider.js.map +0 -1
- package/dist/src/shared/providers/TokenProvider.d.ts +0 -18
- package/dist/src/shared/providers/TokenProvider.d.ts.map +0 -1
- package/dist/src/shared/providers/TokenProvider.js +0 -42
- package/dist/src/shared/providers/TokenProvider.js.map +0 -1
- package/dist/src/shared/providers/UserProvider.d.ts +0 -24
- package/dist/src/shared/providers/UserProvider.d.ts.map +0 -1
- package/dist/src/shared/providers/UserProvider.js +0 -52
- package/dist/src/shared/providers/UserProvider.js.map +0 -1
- package/dist/src/shared/providers/types.d.ts +0 -15
- package/dist/src/shared/providers/types.d.ts.map +0 -1
- package/dist/src/shared/providers/types.js +0 -2
- package/dist/src/shared/providers/types.js.map +0 -1
- package/dist/src/shared/version.d.ts +0 -2
- package/dist/src/shared/version.d.ts.map +0 -1
- package/dist/src/shared/version.js +0 -3
- package/dist/src/shared/version.js.map +0 -1
- package/dist/src/types.d.ts +0 -148
- package/dist/src/types.d.ts.map +0 -1
- package/dist/src/types.js +0 -4
- package/dist/src/types.js.map +0 -1
- package/dist/src/utils.d.ts +0 -15
- package/dist/src/utils.d.ts.map +0 -1
- package/dist/src/utils.js +0 -43
- package/dist/src/utils.js.map +0 -1
- package/dist/src/version.d.ts +0 -2
- package/dist/src/version.d.ts.map +0 -1
- package/dist/src/version.js +0 -3
- package/dist/src/version.js.map +0 -1
- package/dist/test/integration/sdk.test.d.ts +0 -2
- package/dist/test/integration/sdk.test.d.ts.map +0 -1
- package/dist/test/integration/sdk.test.js +0 -237
- package/dist/test/integration/sdk.test.js.map +0 -1
- package/dist/test/support/fixtures.d.ts +0 -26
- package/dist/test/support/fixtures.d.ts.map +0 -1
- package/dist/test/support/fixtures.js +0 -55
- package/dist/test/support/fixtures.js.map +0 -1
- package/dist/test/support/tokens.json +0 -26
- package/dist/test/unit/lib/oauth.test.d.ts +0 -2
- package/dist/test/unit/lib/oauth.test.d.ts.map +0 -1
- package/dist/test/unit/lib/oauth.test.js +0 -56
- package/dist/test/unit/lib/oauth.test.js.map +0 -1
- package/dist/test/unit/lib/obj.test.d.ts +0 -2
- package/dist/test/unit/lib/obj.test.d.ts.map +0 -1
- package/dist/test/unit/lib/obj.test.js +0 -37
- package/dist/test/unit/lib/obj.test.js.map +0 -1
- package/dist/test/unit/logger.test.d.ts +0 -2
- package/dist/test/unit/logger.test.d.ts.map +0 -1
- package/dist/test/unit/logger.test.js +0 -141
- package/dist/test/unit/logger.test.js.map +0 -1
- package/dist/test/unit/nextjs/NextAuthProvider.test.d.ts +0 -2
- package/dist/test/unit/nextjs/NextAuthProvider.test.d.ts.map +0 -1
- package/dist/test/unit/nextjs/NextAuthProvider.test.js +0 -31
- package/dist/test/unit/nextjs/NextAuthProvider.test.js.map +0 -1
- package/dist/test/unit/nextjs/config.test.d.ts +0 -2
- package/dist/test/unit/nextjs/config.test.d.ts.map +0 -1
- package/dist/test/unit/nextjs/config.test.js +0 -203
- package/dist/test/unit/nextjs/config.test.js.map +0 -1
- package/dist/test/unit/nextjs/getUser.test.d.ts +0 -2
- package/dist/test/unit/nextjs/getUser.test.d.ts.map +0 -1
- package/dist/test/unit/nextjs/getUser.test.js +0 -22
- package/dist/test/unit/nextjs/getUser.test.js.map +0 -1
- package/dist/test/unit/nextjs/handler.test.d.ts +0 -2
- package/dist/test/unit/nextjs/handler.test.d.ts.map +0 -1
- package/dist/test/unit/nextjs/handler.test.js +0 -207
- package/dist/test/unit/nextjs/handler.test.js.map +0 -1
- package/dist/test/unit/nextjs/middleware.test.d.ts +0 -2
- package/dist/test/unit/nextjs/middleware.test.d.ts.map +0 -1
- package/dist/test/unit/nextjs/middleware.test.js +0 -113
- package/dist/test/unit/nextjs/middleware.test.js.map +0 -1
- package/dist/test/unit/nextjs/utils.test.d.ts +0 -2
- package/dist/test/unit/nextjs/utils.test.d.ts.map +0 -1
- package/dist/test/unit/nextjs/utils.test.js +0 -13
- package/dist/test/unit/nextjs/utils.test.js.map +0 -1
- package/dist/test/unit/publicApi/apiSnapshot.test.d.ts +0 -2
- package/dist/test/unit/publicApi/apiSnapshot.test.d.ts.map +0 -1
- package/dist/test/unit/publicApi/apiSnapshot.test.js +0 -10
- package/dist/test/unit/publicApi/apiSnapshot.test.js.map +0 -1
- package/dist/test/unit/react/components/SignInButton.test.d.ts +0 -2
- package/dist/test/unit/react/components/SignInButton.test.d.ts.map +0 -1
- package/dist/test/unit/react/components/SignInButton.test.js +0 -31
- package/dist/test/unit/react/components/SignInButton.test.js.map +0 -1
- package/dist/test/unit/react/components/SignOutButton.test.d.ts +0 -2
- package/dist/test/unit/react/components/SignOutButton.test.d.ts.map +0 -1
- package/dist/test/unit/react/components/SignOutButton.test.js +0 -30
- package/dist/test/unit/react/components/SignOutButton.test.js.map +0 -1
- package/dist/test/unit/server/login.test.d.ts +0 -2
- package/dist/test/unit/server/login.test.d.ts.map +0 -1
- package/dist/test/unit/server/login.test.js +0 -184
- package/dist/test/unit/server/login.test.js.map +0 -1
- package/dist/test/unit/server/refresh.test.d.ts +0 -2
- package/dist/test/unit/server/refresh.test.d.ts.map +0 -1
- package/dist/test/unit/server/refresh.test.js +0 -55
- package/dist/test/unit/server/refresh.test.js.map +0 -1
- package/dist/test/unit/server/session.test.d.ts +0 -2
- package/dist/test/unit/server/session.test.d.ts.map +0 -1
- package/dist/test/unit/server/session.test.js +0 -41
- package/dist/test/unit/server/session.test.js.map +0 -1
- package/dist/test/unit/services/AuthenticationService.test.d.ts +0 -2
- package/dist/test/unit/services/AuthenticationService.test.d.ts.map +0 -1
- package/dist/test/unit/services/AuthenticationService.test.js +0 -301
- package/dist/test/unit/services/AuthenticationService.test.js.map +0 -1
- package/dist/test/unit/services/ServerAuthenticationResolver.test.d.ts +0 -2
- package/dist/test/unit/services/ServerAuthenticationResolver.test.d.ts.map +0 -1
- package/dist/test/unit/services/ServerAuthenticationResolver.test.js +0 -75
- package/dist/test/unit/services/ServerAuthenticationResolver.test.js.map +0 -1
- package/dist/test/unit/shared/GenericAuthenticationRefresher.test.d.ts +0 -2
- package/dist/test/unit/shared/GenericAuthenticationRefresher.test.d.ts.map +0 -1
- package/dist/test/unit/shared/GenericAuthenticationRefresher.test.js +0 -144
- package/dist/test/unit/shared/GenericAuthenticationRefresher.test.js.map +0 -1
- package/dist/test/unit/shared/UserSession.test.d.ts +0 -2
- package/dist/test/unit/shared/UserSession.test.d.ts.map +0 -1
- package/dist/test/unit/shared/UserSession.test.js +0 -37
- package/dist/test/unit/shared/UserSession.test.js.map +0 -1
- package/dist/test/unit/shared/components/CivicAuthIframeContainer.test.d.ts +0 -2
- package/dist/test/unit/shared/components/CivicAuthIframeContainer.test.d.ts.map +0 -1
- package/dist/test/unit/shared/components/CivicAuthIframeContainer.test.js +0 -122
- package/dist/test/unit/shared/components/CivicAuthIframeContainer.test.js.map +0 -1
- package/dist/test/unit/shared/printVersion.test.d.ts +0 -2
- package/dist/test/unit/shared/printVersion.test.d.ts.map +0 -1
- package/dist/test/unit/shared/printVersion.test.js +0 -39
- package/dist/test/unit/shared/printVersion.test.js.map +0 -1
- package/dist/test/unit/shared/providers/ClientTokenExchangeSessionProvider.test.d.ts +0 -2
- package/dist/test/unit/shared/providers/ClientTokenExchangeSessionProvider.test.d.ts.map +0 -1
- package/dist/test/unit/shared/providers/ClientTokenExchangeSessionProvider.test.js +0 -108
- package/dist/test/unit/shared/providers/ClientTokenExchangeSessionProvider.test.js.map +0 -1
- package/dist/test/unit/shared/storage.test.d.ts +0 -2
- package/dist/test/unit/shared/storage.test.d.ts.map +0 -1
- package/dist/test/unit/shared/storage.test.js +0 -53
- package/dist/test/unit/shared/storage.test.js.map +0 -1
- package/dist/test/unit/utils.test.d.ts +0 -2
- package/dist/test/unit/utils.test.d.ts.map +0 -1
- package/dist/test/unit/utils.test.js +0 -40
- package/dist/test/unit/utils.test.js.map +0 -1
- package/dist/tsconfig.tsbuildinfo +0 -1
- package/dist/vitest.config.d.ts +0 -3
- package/dist/vitest.config.d.ts.map +0 -1
- package/dist/vitest.config.js +0 -44
- package/dist/vitest.config.js.map +0 -1
package/dist/cjs/constants.d.ts
CHANGED
|
@@ -5,5 +5,6 @@ declare const DEFAULT_EXPIRES_IN = 3600;
|
|
|
5
5
|
declare const TOKEN_EXCHANGE_TRIGGER_TEXT = "sameDomainCodeExchangeRequired";
|
|
6
6
|
declare const TOKEN_EXCHANGE_SUCCESS_TEXT = "serverSideTokenExchangeSuccess";
|
|
7
7
|
declare const DEFAULT_DISPLAY_MODE = "iframe";
|
|
8
|
-
|
|
8
|
+
declare const JWT_PAYLOAD_KNOWN_CLAIM_KEYS: readonly ["iss", "aud", "sub", "iat", "exp"];
|
|
9
|
+
export { DEFAULT_SCOPES, DEFAULT_OAUTH_GET_PARAMS, DEFAULT_DISPLAY_MODE, DEFAULT_AUTH_SERVER, DEFAULT_EXPIRES_IN, TOKEN_EXCHANGE_TRIGGER_TEXT, TOKEN_EXCHANGE_SUCCESS_TEXT, JWT_PAYLOAD_KNOWN_CLAIM_KEYS, };
|
|
9
10
|
//# sourceMappingURL=constants.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,QAAA,MAAM,cAAc,UAMnB,CAAC;AACF,QAAA,MAAM,mBAAmB,iCAAiC,CAAC;AAE3D,QAAA,MAAM,wBAAwB,UAA2B,CAAC;AAE1D,QAAA,MAAM,kBAAkB,OAAO,CAAC;AAIhC,QAAA,MAAM,2BAA2B,mCAAmC,CAAC;AAErE,QAAA,MAAM,2BAA2B,mCAAmC,CAAC;AAErE,QAAA,MAAM,oBAAoB,WAAW,CAAC;AACtC,OAAO,EACL,cAAc,EACd,wBAAwB,EACxB,oBAAoB,EACpB,mBAAmB,EACnB,kBAAkB,EAClB,2BAA2B,EAC3B,2BAA2B,
|
|
1
|
+
{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,QAAA,MAAM,cAAc,UAMnB,CAAC;AACF,QAAA,MAAM,mBAAmB,iCAAiC,CAAC;AAE3D,QAAA,MAAM,wBAAwB,UAA2B,CAAC;AAE1D,QAAA,MAAM,kBAAkB,OAAO,CAAC;AAIhC,QAAA,MAAM,2BAA2B,mCAAmC,CAAC;AAErE,QAAA,MAAM,2BAA2B,mCAAmC,CAAC;AAErE,QAAA,MAAM,oBAAoB,WAAW,CAAC;AACtC,QAAA,MAAM,4BAA4B,8CAMxB,CAAC;AAEX,OAAO,EACL,cAAc,EACd,wBAAwB,EACxB,oBAAoB,EACpB,mBAAmB,EACnB,kBAAkB,EAClB,2BAA2B,EAC3B,2BAA2B,EAC3B,4BAA4B,GAC7B,CAAC"}
|
package/dist/cjs/constants.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.TOKEN_EXCHANGE_SUCCESS_TEXT = exports.TOKEN_EXCHANGE_TRIGGER_TEXT = exports.DEFAULT_EXPIRES_IN = exports.DEFAULT_AUTH_SERVER = exports.DEFAULT_DISPLAY_MODE = exports.DEFAULT_OAUTH_GET_PARAMS = exports.DEFAULT_SCOPES = void 0;
|
|
3
|
+
exports.JWT_PAYLOAD_KNOWN_CLAIM_KEYS = exports.TOKEN_EXCHANGE_SUCCESS_TEXT = exports.TOKEN_EXCHANGE_TRIGGER_TEXT = exports.DEFAULT_EXPIRES_IN = exports.DEFAULT_AUTH_SERVER = exports.DEFAULT_DISPLAY_MODE = exports.DEFAULT_OAUTH_GET_PARAMS = exports.DEFAULT_SCOPES = void 0;
|
|
4
4
|
const DEFAULT_SCOPES = [
|
|
5
5
|
"openid",
|
|
6
6
|
"profile",
|
|
@@ -23,4 +23,12 @@ const TOKEN_EXCHANGE_SUCCESS_TEXT = "serverSideTokenExchangeSuccess";
|
|
|
23
23
|
exports.TOKEN_EXCHANGE_SUCCESS_TEXT = TOKEN_EXCHANGE_SUCCESS_TEXT;
|
|
24
24
|
const DEFAULT_DISPLAY_MODE = "iframe";
|
|
25
25
|
exports.DEFAULT_DISPLAY_MODE = DEFAULT_DISPLAY_MODE;
|
|
26
|
+
const JWT_PAYLOAD_KNOWN_CLAIM_KEYS = [
|
|
27
|
+
"iss",
|
|
28
|
+
"aud",
|
|
29
|
+
"sub",
|
|
30
|
+
"iat",
|
|
31
|
+
"exp",
|
|
32
|
+
];
|
|
33
|
+
exports.JWT_PAYLOAD_KNOWN_CLAIM_KEYS = JWT_PAYLOAD_KNOWN_CLAIM_KEYS;
|
|
26
34
|
//# sourceMappingURL=constants.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":";;;AAAA,MAAM,cAAc,GAAG;IACrB,QAAQ;IACR,SAAS;IACT,OAAO;IACP,iBAAiB;IACjB,gBAAgB;CACjB,CAAC;
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":";;;AAAA,MAAM,cAAc,GAAG;IACrB,QAAQ;IACR,SAAS;IACT,OAAO;IACP,iBAAiB;IACjB,gBAAgB;CACjB,CAAC;AAuBA,wCAAc;AAtBhB,MAAM,mBAAmB,GAAG,8BAA8B,CAAC;AAyBzD,kDAAmB;AAvBrB,MAAM,wBAAwB,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;AAqBxD,4DAAwB;AAnB1B,MAAM,kBAAkB,GAAG,IAAI,CAAC,CAAC,oBAAoB;AAsBnD,gDAAkB;AApBpB,uHAAuH;AACvH,kFAAkF;AAClF,MAAM,2BAA2B,GAAG,gCAAgC,CAAC;AAmBnE,kEAA2B;AAjB7B,MAAM,2BAA2B,GAAG,gCAAgC,CAAC;AAkBnE,kEAA2B;AAhB7B,MAAM,oBAAoB,GAAG,QAAQ,CAAC;AAYpC,oDAAoB;AAXtB,MAAM,4BAA4B,GAAG;IACnC,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK;CACG,CAAC;AAUT,oEAA4B","sourcesContent":["const DEFAULT_SCOPES = [\n \"openid\",\n \"profile\",\n \"email\",\n \"forwardedTokens\",\n \"offline_access\",\n];\nconst DEFAULT_AUTH_SERVER = \"https://auth.civic.com/oauth\";\n\nconst DEFAULT_OAUTH_GET_PARAMS = [\"code\", \"state\", \"iss\"];\n\nconst DEFAULT_EXPIRES_IN = 3600; // 1 hour in seconds\n\n// The server's callback handler renders this text if it needs the front-end to make an additional token exchange call,\n// for the iframe case where cookies are not sent along with the initial redirect.\nconst TOKEN_EXCHANGE_TRIGGER_TEXT = \"sameDomainCodeExchangeRequired\";\n\nconst TOKEN_EXCHANGE_SUCCESS_TEXT = \"serverSideTokenExchangeSuccess\";\n\nconst DEFAULT_DISPLAY_MODE = \"iframe\";\nconst JWT_PAYLOAD_KNOWN_CLAIM_KEYS = [\n \"iss\",\n \"aud\",\n \"sub\",\n \"iat\",\n \"exp\",\n] as const;\n\nexport {\n DEFAULT_SCOPES,\n DEFAULT_OAUTH_GET_PARAMS,\n DEFAULT_DISPLAY_MODE,\n DEFAULT_AUTH_SERVER,\n DEFAULT_EXPIRES_IN,\n TOKEN_EXCHANGE_TRIGGER_TEXT,\n TOKEN_EXCHANGE_SUCCESS_TEXT,\n JWT_PAYLOAD_KNOWN_CLAIM_KEYS,\n};\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../src/nextjs/config.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAGvC,OAAO,EAEL,KAAK,YAAY,EAEjB,KAAK,kBAAkB,EACxB,MAAM,uBAAuB,CAAC;AAM/B,MAAM,MAAM,mBAAmB,GAAG;IAChC,MAAM,EAAE,kBAAkB,CAAC;IAC3B,IAAI,EAAE,YAAY,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,sBAAsB,GAAG;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,mBAAmB,CAAC;CAC9B,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,OAAO,CACpC,sBAAsB,GACtB;IACE,OAAO,CAAC,EAAE;QACR,MAAM,CAAC,EAAE,OAAO,CAAC,kBAAkB,CAAC,CAAC;QACrC,IAAI,CAAC,EAAE,YAAY,CAAC;KACrB,CAAC;CACH,CACJ,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG,kBAAkB,GAAG;IAAE,QAAQ,EAAE,MAAM,CAAA;CAAE,CAAC;AAKnE;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,IAAI,CAAC,sBAAsB,EAAE,UAAU,CA+DtE,CAAC;AAEF;;;;;;;;;;;;;;;;;;;GAmBG;AACH,eAAO,MAAM,iBAAiB,YACpB,OAAO,CAAC,UAAU,CAAC,KAC1B,sBAoCF,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AACH,eAAO,MAAM,qBAAqB,eAAgB,UAAU,mBACrC,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../src/nextjs/config.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAGvC,OAAO,EAEL,KAAK,YAAY,EAEjB,KAAK,kBAAkB,EACxB,MAAM,uBAAuB,CAAC;AAM/B,MAAM,MAAM,mBAAmB,GAAG;IAChC,MAAM,EAAE,kBAAkB,CAAC;IAC3B,IAAI,EAAE,YAAY,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,sBAAsB,GAAG;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,mBAAmB,CAAC;CAC9B,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,OAAO,CACpC,sBAAsB,GACtB;IACE,OAAO,CAAC,EAAE;QACR,MAAM,CAAC,EAAE,OAAO,CAAC,kBAAkB,CAAC,CAAC;QACrC,IAAI,CAAC,EAAE,YAAY,CAAC;KACrB,CAAC;CACH,CACJ,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG,kBAAkB,GAAG;IAAE,QAAQ,EAAE,MAAM,CAAA;CAAE,CAAC;AAKnE;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,IAAI,CAAC,sBAAsB,EAAE,UAAU,CA+DtE,CAAC;AAEF;;;;;;;;;;;;;;;;;;;GAmBG;AACH,eAAO,MAAM,iBAAiB,YACpB,OAAO,CAAC,UAAU,CAAC,KAC1B,sBAoCF,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AACH,eAAO,MAAM,qBAAqB,eAAgB,UAAU,mBACrC,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;qBAyBy7Z,CAAC;6BAAsG,CAAC;;;sBAAke,CAAC;yBAA4H,CAAC;;;qBAA+H,CAAC;;;;;;;;;;;;;;;;;;iBAA8pE,CAAC;;;;;;;6BAAg6C,CAAC;sBAAoC,CAAC;;aAAoC,CAAC;;6BAA0D,CAAC;oBAA8B,CAAC;0BAAkE,CAAC;;qBAA2C,CAAC;mBAAiC,CAAC;;wBAA+C,CAAC;eAAmD,CAAC;iBAA4C,CAAC;2BAAyC,CAAC;;;;;;;;;yBAA4zC,CAAC;6BAAwC,CAAC;;;eAAkD,CAAC;mBAAuB,CAAC;;;;CADlwmB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../src/nextjs/config.ts"],"names":[],"mappings":";;;AAEA,+CAA0C;AAC1C,yCAA8C;AAC9C,oDAK+B;AAC/B,iDAAqD;AACrD,+CAAqC;AAErC,MAAM,MAAM,GAAG,mBAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;AAuC5C,MAAM,mBAAmB,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa,CAAC,CAAC;AACtE,MAAM,oBAAoB,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,SAAS;AAE/C;;GAEG;AACU,QAAA,iBAAiB,GAA6C;IACzE,WAAW,EAAE,kCAAmB;IAChC,WAAW,EAAE,oBAAoB;IACjC,YAAY,EAAE,qBAAqB;IACnC,UAAU,EAAE,mBAAmB;IAC/B,SAAS,EAAE,kBAAkB;IAC7B,iBAAiB,EAAE,0BAA0B;IAC7C,QAAQ,EAAE,GAAG;IACb,OAAO,EAAE,CAAC,KAAK,CAAC;IAChB,OAAO,EAAE,EAAE;IACX,OAAO,EAAE;QACP,MAAM,EAAE;YACN,CAAC,sBAAW,CAAC,QAAQ,CAAC,EAAE;gBACtB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;gBACT,MAAM,EAAE,oBAAoB;aAC7B;YACD,CAAC,sBAAW,CAAC,YAAY,CAAC,EAAE;gBAC1B,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;gBACT,MAAM,EAAE,oBAAoB;aAC7B;YACD,CAAC,sBAAW,CAAC,aAAa,CAAC,EAAE;gBAC3B,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;gBACT,MAAM,EAAE,oBAAoB;aAC7B;YACD,CAAC,sBAAW,CAAC,uBAAuB,CAAC,EAAE;gBACrC,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,KAAK,EAAE,2CAA2C;gBAC5D,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;gBACT,MAAM,EAAE,oBAAoB;aAC7B;YACD,CAAC,uBAAY,CAAC,WAAW,CAAC,EAAE;gBAC1B,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;gBACT,MAAM,EAAE,oBAAoB;aAC7B;YACD,CAAC,uBAAY,CAAC,OAAO,CAAC,EAAE;gBACtB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;gBACT,MAAM,EAAE,oBAAoB;aAC7B;SACF;QACD,IAAI,EAAE;YACJ,MAAM,EAAE,mBAAmB;YAC3B,QAAQ,EAAE,KAAK,EAAE,2CAA2C;YAC5D,QAAQ,EAAE,QAAQ;YAClB,IAAI,EAAE,GAAG;YACT,MAAM,EAAE,oBAAoB;SAC7B;KACF;CACF,CAAC;AAEF;;;;;;;;;;;;;;;;;;;GAmBG;AACI,MAAM,iBAAiB,GAAG,CAC/B,SAA8B,EAAE,EACR,EAAE;IAC1B,0EAA0E;IAC1E,MAAM,aAAa,GAAG,IAAA,2BAAgB,EAAC;QACrC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;QAC3C,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,mBAAmB;QAC5C,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,wBAAwB;QACjD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB;QACnD,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;QAC3C,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,sBAAsB;QAC7C,iBAAiB,EAAE,OAAO,CAAC,GAAG,CAAC,+BAA+B;QAC9D,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG,CAAC;QACrD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG,CAAC;QACrD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB;YAC5C,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC;YACnD,CAAC,CAAC,SAAS;KACd,CAAe,CAAC;IAEjB,6CAA6C;IAC7C,MAAM,YAAY,GAAG,oBAAK,CAAC,WAAW,CACpC,EAAE,WAAW,EAAE,KAAK,EAAE,EACtB,yBAAiB,EACjB,aAAa,EACb,MAAM,CACP,CAAC;IAEF,MAAM,CAAC,KAAK,CACV,0BAA0B,EAC1B,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,CACvC,CAAC;IACF,MAAM,CAAC,KAAK,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAExE,IAAI,YAAY,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;IAED,OAAO,YAA6D,CAAC;AACvE,CAAC,CAAC;AAtCW,QAAA,iBAAiB,qBAsC5B;AAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AACI,MAAM,qBAAqB,GAAG,CAAC,UAAsB,EAAE,EAAE;IAC9D,OAAO,CAAC,UAAuB,EAAE,EAAE;QACjC,MAAM,CAAC,KAAK,CACV,kCAAkC,EAClC,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CACpC,CAAC;QACF,MAAM,cAAc,GAAG,IAAA,yBAAiB,EAAC,UAAU,CAAC,CAAC;QACrD,OAAO;YACL,GAAG,UAAU;YACb,GAAG,EAAE;gBACH,GAAG,UAAU,EAAE,GAAG;gBAClB,6DAA6D;gBAC7D,qBAAqB,EAAE,cAAc,CAAC,QAAQ;gBAC9C,mBAAmB,EAAE,cAAc,CAAC,WAAW;gBAC/C,wBAAwB,EAAE,cAAc,CAAC,WAAW;gBACpD,yBAAyB,EAAE,cAAc,CAAC,YAAY;gBACtD,qBAAqB,EAAE,cAAc,CAAC,QAAQ;gBAC9C,sBAAsB,EAAE,cAAc,CAAC,SAAS;gBAChD,+BAA+B,EAAE,cAAc,CAAC,iBAAiB;gBACjE,oBAAoB,EAAE,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;gBACtD,oBAAoB,EAAE,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;gBACtD,yBAAyB,EAAE,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,OAAO,CAAC;aAClE;SACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC,CAAC;AAzBW,QAAA,qBAAqB,yBAyBhC","sourcesContent":["/* eslint-disable turbo/no-undeclared-env-vars */\nimport type { NextConfig } from \"next\";\nimport { loggers } from \"@/lib/logger.js\";\nimport { withoutUndefined } from \"@/utils.js\";\nimport {\n CodeVerifier,\n type CookieConfig,\n OAuthTokens,\n type TokensCookieConfig,\n} from \"@/shared/lib/types.js\";\nimport { DEFAULT_AUTH_SERVER } from \"@/constants.js\";\nimport { merge } from \"ts-deepmerge\";\n\nconst logger = loggers.nextjs.handlers.auth;\n\nexport type CookiesConfigObject = {\n tokens: TokensCookieConfig;\n user: CookieConfig;\n};\n\nexport type AuthConfigWithDefaults = {\n clientId: string;\n oauthServer: string;\n callbackUrl: string;\n loginUrl: string;\n logoutUrl: string;\n logoutCallbackUrl: string;\n challengeUrl: string;\n refreshUrl: string;\n include: string[];\n exclude: string[];\n cookies: CookiesConfigObject;\n};\n\n/**\n * All possible config values for Civic Auth\n */\nexport type OptionalAuthConfig = Partial<\n | AuthConfigWithDefaults\n | {\n cookies?: {\n tokens?: Partial<TokensCookieConfig>;\n user?: CookieConfig;\n };\n }\n>;\n\n/**\n * Configuration values that are required for Civic Auth to work.\n */\nexport type AuthConfig = OptionalAuthConfig & { clientId: string };\n\nconst defaultServerSecure = !(process.env.NODE_ENV === \"development\");\nconst defaultCookiesMaxAge = 60 * 60; // 1 hour\n\n/**\n * Default configuration values that will be used if not overridden\n */\nexport const defaultAuthConfig: Omit<AuthConfigWithDefaults, \"clientId\"> = {\n oauthServer: DEFAULT_AUTH_SERVER,\n callbackUrl: \"/api/auth/callback\",\n challengeUrl: \"/api/auth/challenge\",\n refreshUrl: \"/api/auth/refresh\",\n logoutUrl: \"/api/auth/logout\",\n logoutCallbackUrl: \"/api/auth/logoutcallback\",\n loginUrl: \"/\",\n include: [\"/**\"],\n exclude: [],\n cookies: {\n tokens: {\n [OAuthTokens.ID_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n maxAge: defaultCookiesMaxAge,\n },\n [OAuthTokens.ACCESS_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n maxAge: defaultCookiesMaxAge,\n },\n [OAuthTokens.REFRESH_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n maxAge: defaultCookiesMaxAge,\n },\n [OAuthTokens.ACCESS_TOKEN_EXPIRES_AT]: {\n secure: defaultServerSecure,\n httpOnly: false, // we need this to be available client-side\n sameSite: \"strict\",\n path: \"/\",\n maxAge: defaultCookiesMaxAge,\n },\n [CodeVerifier.COOKIE_NAME]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n maxAge: defaultCookiesMaxAge,\n },\n [CodeVerifier.APP_URL]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n maxAge: defaultCookiesMaxAge,\n },\n },\n user: {\n secure: defaultServerSecure,\n httpOnly: false, // we need this to be available client-side\n sameSite: \"strict\",\n path: \"/\",\n maxAge: defaultCookiesMaxAge,\n },\n },\n};\n\n/**\n * Resolves the authentication configuration by combining:\n * 1. Default values\n * 2. Environment variables (set internally by the plugin)\n * 3. Explicitly passed configuration\n *\n * Config will be merged deeply, with arrays not merged, so that the\n * default include list (for example) [\"/*\"] will not be added\n *\n * Note: Developers should not set _civic_auth_* environment variables directly.\n * Instead, pass configuration to the createCivicAuthPlugin in next.config.js:\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n * callbackUrl: '/custom/callback',\n * })\n * ```\n */\nexport const resolveAuthConfig = (\n config: Partial<AuthConfig> = {},\n): AuthConfigWithDefaults => {\n // Read configuration that was set by the plugin via environment variables\n const configFromEnv = withoutUndefined({\n clientId: process.env._civic_auth_client_id,\n oauthServer: process.env._civic_oauth_server,\n callbackUrl: process.env._civic_auth_callback_url,\n challengeUrl: process.env._civic_auth_challenge_url,\n loginUrl: process.env._civic_auth_login_url,\n logoutUrl: process.env._civic_auth_logout_url,\n logoutCallbackUrl: process.env._civic_auth_logout_callback_url,\n include: process.env._civic_auth_includes?.split(\",\"),\n exclude: process.env._civic_auth_excludes?.split(\",\"),\n cookies: process.env._civic_auth_cookie_config\n ? JSON.parse(process.env._civic_auth_cookie_config)\n : undefined,\n }) as AuthConfig;\n\n // Perform a deep merge of the configurations\n const mergedConfig = merge.withOptions(\n { mergeArrays: false },\n defaultAuthConfig,\n configFromEnv,\n config,\n );\n\n logger.debug(\n \"Config from environment:\",\n JSON.stringify(configFromEnv, null, 2),\n );\n logger.debug(\"Resolved config:\", JSON.stringify(mergedConfig, null, 2));\n\n if (mergedConfig.clientId === undefined) {\n throw new Error(\"Civic Auth client ID is required\");\n }\n\n return mergedConfig as AuthConfigWithDefaults & { clientId: string };\n};\n\n/**\n * Creates a Next.js plugin that handles auth configuration.\n *\n * This is the main configuration point for the auth system.\n * Do not set _civic_auth_* environment variables directly - instead,\n * pass your configuration here.\n *\n * The only required field is clientId.\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n * clientId: 'my-client-id',\n * });\n * ```\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n * clientId: 'my-client-id',\n * callbackUrl: '/custom/callback',\n * loginUrl: '/custom/login',\n * logoutUrl: '/custom/logout',\n * logoutCallbackUrl: '/custom/logoutcallback',\n * include: ['/protected/*'],\n * exclude: ['/public/*']\n * })\n * ```\n *\n * The plugin sets internal environment variables that are used by\n * the auth system. These variables should not be set manually.\n */\nexport const createCivicAuthPlugin = (authConfig: AuthConfig) => {\n return (nextConfig?: NextConfig) => {\n logger.debug(\n \"createCivicAuthPlugin nextConfig\",\n JSON.stringify(nextConfig, null, 2),\n );\n const resolvedConfig = resolveAuthConfig(authConfig);\n return {\n ...nextConfig,\n env: {\n ...nextConfig?.env,\n // Internal environment variables - do not set these manually\n _civic_auth_client_id: resolvedConfig.clientId,\n _civic_oauth_server: resolvedConfig.oauthServer,\n _civic_auth_callback_url: resolvedConfig.callbackUrl,\n _civic_auth_challenge_url: resolvedConfig.challengeUrl,\n _civic_auth_login_url: resolvedConfig.loginUrl,\n _civic_auth_logout_url: resolvedConfig.logoutUrl,\n _civic_auth_logout_callback_url: resolvedConfig.logoutCallbackUrl,\n _civic_auth_includes: resolvedConfig.include.join(\",\"),\n _civic_auth_excludes: resolvedConfig.exclude.join(\",\"),\n _civic_auth_cookie_config: JSON.stringify(resolvedConfig.cookies),\n },\n };\n };\n};\n"]}
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../src/nextjs/config.ts"],"names":[],"mappings":";;;AAEA,+CAA0C;AAC1C,yCAA8C;AAC9C,oDAK+B;AAC/B,iDAAqD;AACrD,+CAAqC;AAErC,MAAM,MAAM,GAAG,mBAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;AAuC5C,MAAM,mBAAmB,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa,CAAC,CAAC;AACtE,MAAM,oBAAoB,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,SAAS;AAE/C;;GAEG;AACU,QAAA,iBAAiB,GAA6C;IACzE,WAAW,EAAE,kCAAmB;IAChC,WAAW,EAAE,oBAAoB;IACjC,YAAY,EAAE,qBAAqB;IACnC,UAAU,EAAE,mBAAmB;IAC/B,SAAS,EAAE,kBAAkB;IAC7B,iBAAiB,EAAE,0BAA0B;IAC7C,QAAQ,EAAE,GAAG;IACb,OAAO,EAAE,CAAC,IAAI,CAAC;IACf,OAAO,EAAE,EAAE;IACX,OAAO,EAAE;QACP,MAAM,EAAE;YACN,CAAC,sBAAW,CAAC,QAAQ,CAAC,EAAE;gBACtB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;gBACT,MAAM,EAAE,oBAAoB;aAC7B;YACD,CAAC,sBAAW,CAAC,YAAY,CAAC,EAAE;gBAC1B,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;gBACT,MAAM,EAAE,oBAAoB;aAC7B;YACD,CAAC,sBAAW,CAAC,aAAa,CAAC,EAAE;gBAC3B,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;gBACT,MAAM,EAAE,oBAAoB;aAC7B;YACD,CAAC,sBAAW,CAAC,uBAAuB,CAAC,EAAE;gBACrC,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,KAAK,EAAE,2CAA2C;gBAC5D,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;gBACT,MAAM,EAAE,oBAAoB;aAC7B;YACD,CAAC,uBAAY,CAAC,WAAW,CAAC,EAAE;gBAC1B,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;gBACT,MAAM,EAAE,oBAAoB;aAC7B;YACD,CAAC,uBAAY,CAAC,OAAO,CAAC,EAAE;gBACtB,MAAM,EAAE,mBAAmB;gBAC3B,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG;gBACT,MAAM,EAAE,oBAAoB;aAC7B;SACF;QACD,IAAI,EAAE;YACJ,MAAM,EAAE,mBAAmB;YAC3B,QAAQ,EAAE,KAAK,EAAE,2CAA2C;YAC5D,QAAQ,EAAE,QAAQ;YAClB,IAAI,EAAE,GAAG;YACT,MAAM,EAAE,oBAAoB;SAC7B;KACF;CACF,CAAC;AAEF;;;;;;;;;;;;;;;;;;;GAmBG;AACI,MAAM,iBAAiB,GAAG,CAC/B,SAA8B,EAAE,EACR,EAAE;IAC1B,0EAA0E;IAC1E,MAAM,aAAa,GAAG,IAAA,2BAAgB,EAAC;QACrC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;QAC3C,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,mBAAmB;QAC5C,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,wBAAwB;QACjD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB;QACnD,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;QAC3C,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,sBAAsB;QAC7C,iBAAiB,EAAE,OAAO,CAAC,GAAG,CAAC,+BAA+B;QAC9D,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG,CAAC;QACrD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG,CAAC;QACrD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB;YAC5C,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC;YACnD,CAAC,CAAC,SAAS;KACd,CAAe,CAAC;IAEjB,6CAA6C;IAC7C,MAAM,YAAY,GAAG,oBAAK,CAAC,WAAW,CACpC,EAAE,WAAW,EAAE,KAAK,EAAE,EACtB,yBAAiB,EACjB,aAAa,EACb,MAAM,CACP,CAAC;IAEF,MAAM,CAAC,KAAK,CACV,0BAA0B,EAC1B,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,CACvC,CAAC;IACF,MAAM,CAAC,KAAK,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAExE,IAAI,YAAY,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;IAED,OAAO,YAA6D,CAAC;AACvE,CAAC,CAAC;AAtCW,QAAA,iBAAiB,qBAsC5B;AAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AACI,MAAM,qBAAqB,GAAG,CAAC,UAAsB,EAAE,EAAE;IAC9D,OAAO,CAAC,UAAuB,EAAE,EAAE;QACjC,MAAM,CAAC,KAAK,CACV,kCAAkC,EAClC,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CACpC,CAAC;QACF,MAAM,cAAc,GAAG,IAAA,yBAAiB,EAAC,UAAU,CAAC,CAAC;QACrD,OAAO;YACL,GAAG,UAAU;YACb,GAAG,EAAE;gBACH,GAAG,UAAU,EAAE,GAAG;gBAClB,6DAA6D;gBAC7D,qBAAqB,EAAE,cAAc,CAAC,QAAQ;gBAC9C,mBAAmB,EAAE,cAAc,CAAC,WAAW;gBAC/C,wBAAwB,EAAE,cAAc,CAAC,WAAW;gBACpD,yBAAyB,EAAE,cAAc,CAAC,YAAY;gBACtD,qBAAqB,EAAE,cAAc,CAAC,QAAQ;gBAC9C,sBAAsB,EAAE,cAAc,CAAC,SAAS;gBAChD,+BAA+B,EAAE,cAAc,CAAC,iBAAiB;gBACjE,oBAAoB,EAAE,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;gBACtD,oBAAoB,EAAE,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;gBACtD,yBAAyB,EAAE,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,OAAO,CAAC;aAClE;SACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC,CAAC;AAzBW,QAAA,qBAAqB,yBAyBhC","sourcesContent":["/* eslint-disable turbo/no-undeclared-env-vars */\nimport type { NextConfig } from \"next\";\nimport { loggers } from \"@/lib/logger.js\";\nimport { withoutUndefined } from \"@/utils.js\";\nimport {\n CodeVerifier,\n type CookieConfig,\n OAuthTokens,\n type TokensCookieConfig,\n} from \"@/shared/lib/types.js\";\nimport { DEFAULT_AUTH_SERVER } from \"@/constants.js\";\nimport { merge } from \"ts-deepmerge\";\n\nconst logger = loggers.nextjs.handlers.auth;\n\nexport type CookiesConfigObject = {\n tokens: TokensCookieConfig;\n user: CookieConfig;\n};\n\nexport type AuthConfigWithDefaults = {\n clientId: string;\n oauthServer: string;\n callbackUrl: string;\n loginUrl: string;\n logoutUrl: string;\n logoutCallbackUrl: string;\n challengeUrl: string;\n refreshUrl: string;\n include: string[];\n exclude: string[];\n cookies: CookiesConfigObject;\n};\n\n/**\n * All possible config values for Civic Auth\n */\nexport type OptionalAuthConfig = Partial<\n | AuthConfigWithDefaults\n | {\n cookies?: {\n tokens?: Partial<TokensCookieConfig>;\n user?: CookieConfig;\n };\n }\n>;\n\n/**\n * Configuration values that are required for Civic Auth to work.\n */\nexport type AuthConfig = OptionalAuthConfig & { clientId: string };\n\nconst defaultServerSecure = !(process.env.NODE_ENV === \"development\");\nconst defaultCookiesMaxAge = 60 * 60; // 1 hour\n\n/**\n * Default configuration values that will be used if not overridden\n */\nexport const defaultAuthConfig: Omit<AuthConfigWithDefaults, \"clientId\"> = {\n oauthServer: DEFAULT_AUTH_SERVER,\n callbackUrl: \"/api/auth/callback\",\n challengeUrl: \"/api/auth/challenge\",\n refreshUrl: \"/api/auth/refresh\",\n logoutUrl: \"/api/auth/logout\",\n logoutCallbackUrl: \"/api/auth/logoutcallback\",\n loginUrl: \"/\",\n include: [\"/*\"],\n exclude: [],\n cookies: {\n tokens: {\n [OAuthTokens.ID_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n maxAge: defaultCookiesMaxAge,\n },\n [OAuthTokens.ACCESS_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n maxAge: defaultCookiesMaxAge,\n },\n [OAuthTokens.REFRESH_TOKEN]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n maxAge: defaultCookiesMaxAge,\n },\n [OAuthTokens.ACCESS_TOKEN_EXPIRES_AT]: {\n secure: defaultServerSecure,\n httpOnly: false, // we need this to be available client-side\n sameSite: \"strict\",\n path: \"/\",\n maxAge: defaultCookiesMaxAge,\n },\n [CodeVerifier.COOKIE_NAME]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n maxAge: defaultCookiesMaxAge,\n },\n [CodeVerifier.APP_URL]: {\n secure: defaultServerSecure,\n httpOnly: true,\n sameSite: \"strict\",\n path: \"/\",\n maxAge: defaultCookiesMaxAge,\n },\n },\n user: {\n secure: defaultServerSecure,\n httpOnly: false, // we need this to be available client-side\n sameSite: \"strict\",\n path: \"/\",\n maxAge: defaultCookiesMaxAge,\n },\n },\n};\n\n/**\n * Resolves the authentication configuration by combining:\n * 1. Default values\n * 2. Environment variables (set internally by the plugin)\n * 3. Explicitly passed configuration\n *\n * Config will be merged deeply, with arrays not merged, so that the\n * default include list (for example) [\"/*\"] will not be added\n *\n * Note: Developers should not set _civic_auth_* environment variables directly.\n * Instead, pass configuration to the createCivicAuthPlugin in next.config.js:\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n * callbackUrl: '/custom/callback',\n * })\n * ```\n */\nexport const resolveAuthConfig = (\n config: Partial<AuthConfig> = {},\n): AuthConfigWithDefaults => {\n // Read configuration that was set by the plugin via environment variables\n const configFromEnv = withoutUndefined({\n clientId: process.env._civic_auth_client_id,\n oauthServer: process.env._civic_oauth_server,\n callbackUrl: process.env._civic_auth_callback_url,\n challengeUrl: process.env._civic_auth_challenge_url,\n loginUrl: process.env._civic_auth_login_url,\n logoutUrl: process.env._civic_auth_logout_url,\n logoutCallbackUrl: process.env._civic_auth_logout_callback_url,\n include: process.env._civic_auth_includes?.split(\",\"),\n exclude: process.env._civic_auth_excludes?.split(\",\"),\n cookies: process.env._civic_auth_cookie_config\n ? JSON.parse(process.env._civic_auth_cookie_config)\n : undefined,\n }) as AuthConfig;\n\n // Perform a deep merge of the configurations\n const mergedConfig = merge.withOptions(\n { mergeArrays: false },\n defaultAuthConfig,\n configFromEnv,\n config,\n );\n\n logger.debug(\n \"Config from environment:\",\n JSON.stringify(configFromEnv, null, 2),\n );\n logger.debug(\"Resolved config:\", JSON.stringify(mergedConfig, null, 2));\n\n if (mergedConfig.clientId === undefined) {\n throw new Error(\"Civic Auth client ID is required\");\n }\n\n return mergedConfig as AuthConfigWithDefaults & { clientId: string };\n};\n\n/**\n * Creates a Next.js plugin that handles auth configuration.\n *\n * This is the main configuration point for the auth system.\n * Do not set _civic_auth_* environment variables directly - instead,\n * pass your configuration here.\n *\n * The only required field is clientId.\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n * clientId: 'my-client-id',\n * });\n * ```\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n * clientId: 'my-client-id',\n * callbackUrl: '/custom/callback',\n * loginUrl: '/custom/login',\n * logoutUrl: '/custom/logout',\n * logoutCallbackUrl: '/custom/logoutcallback',\n * include: ['/protected/*'],\n * exclude: ['/public/*']\n * })\n * ```\n *\n * The plugin sets internal environment variables that are used by\n * the auth system. These variables should not be set manually.\n */\nexport const createCivicAuthPlugin = (authConfig: AuthConfig) => {\n return (nextConfig?: NextConfig) => {\n logger.debug(\n \"createCivicAuthPlugin nextConfig\",\n JSON.stringify(nextConfig, null, 2),\n );\n const resolvedConfig = resolveAuthConfig(authConfig);\n return {\n ...nextConfig,\n env: {\n ...nextConfig?.env,\n // Internal environment variables - do not set these manually\n _civic_auth_client_id: resolvedConfig.clientId,\n _civic_oauth_server: resolvedConfig.oauthServer,\n _civic_auth_callback_url: resolvedConfig.callbackUrl,\n _civic_auth_challenge_url: resolvedConfig.challengeUrl,\n _civic_auth_login_url: resolvedConfig.loginUrl,\n _civic_auth_logout_url: resolvedConfig.logoutUrl,\n _civic_auth_logout_callback_url: resolvedConfig.logoutCallbackUrl,\n _civic_auth_includes: resolvedConfig.include.join(\",\"),\n _civic_auth_excludes: resolvedConfig.exclude.join(\",\"),\n _civic_auth_cookie_config: JSON.stringify(resolvedConfig.cookies),\n },\n };\n };\n};\n"]}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* This hook wraps the signIn function from the useUser hook and returns a promise that resolves when the user is signed in.
|
|
3
|
+
* It allows integrators to await the completion of the sign-in process,
|
|
4
|
+
*/
|
|
5
|
+
export declare const useSignIn: () => () => Promise<unknown>;
|
|
6
|
+
//# sourceMappingURL=useSignIn.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"useSignIn.d.ts","sourceRoot":"","sources":["../../../../src/reactjs/hooks/useSignIn.ts"],"names":[],"mappings":"AAGA;;;GAGG;AACH,eAAO,MAAM,SAAS,8BAgCrB,CAAC"}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.useSignIn = void 0;
|
|
4
|
+
const useUser_js_1 = require("./useUser.js");
|
|
5
|
+
const react_1 = require("react");
|
|
6
|
+
/**
|
|
7
|
+
* This hook wraps the signIn function from the useUser hook and returns a promise that resolves when the user is signed in.
|
|
8
|
+
* It allows integrators to await the completion of the sign-in process,
|
|
9
|
+
*/
|
|
10
|
+
const useSignIn = () => {
|
|
11
|
+
const { signIn: triggerSignIn, user, error } = (0, useUser_js_1.useUser)();
|
|
12
|
+
// We'll create exactly ONE promise in the component's lifetime:
|
|
13
|
+
const signInPromiseRef = (0, react_1.useRef)(null);
|
|
14
|
+
// We'll store its resolve/reject callbacks in here:
|
|
15
|
+
const signInCallbacksRef = (0, react_1.useRef)({});
|
|
16
|
+
if (!signInPromiseRef.current) {
|
|
17
|
+
signInPromiseRef.current = new Promise((resolve, reject) => {
|
|
18
|
+
signInCallbacksRef.current.resolve = resolve;
|
|
19
|
+
signInCallbacksRef.current.reject = reject;
|
|
20
|
+
});
|
|
21
|
+
}
|
|
22
|
+
// Once user or error changes, fulfill or reject that single promise:
|
|
23
|
+
(0, react_1.useEffect)(() => {
|
|
24
|
+
if (user) {
|
|
25
|
+
signInCallbacksRef.current.resolve?.(user);
|
|
26
|
+
}
|
|
27
|
+
else if (error) {
|
|
28
|
+
signInCallbacksRef.current.reject?.(error);
|
|
29
|
+
}
|
|
30
|
+
}, [user, error]);
|
|
31
|
+
// signIn triggers the login and returns the SAME promise every time:
|
|
32
|
+
return (0, react_1.useCallback)(async () => {
|
|
33
|
+
await triggerSignIn();
|
|
34
|
+
return signInPromiseRef.current;
|
|
35
|
+
}, [triggerSignIn]);
|
|
36
|
+
};
|
|
37
|
+
exports.useSignIn = useSignIn;
|
|
38
|
+
//# sourceMappingURL=useSignIn.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"useSignIn.js","sourceRoot":"","sources":["../../../../src/reactjs/hooks/useSignIn.ts"],"names":[],"mappings":";;;AAAA,6CAA0D;AAC1D,iCAAuD;AAEvD;;;GAGG;AACI,MAAM,SAAS,GAAG,GAAG,EAAE;IAC5B,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,IAAA,oBAAe,GAAE,CAAC;IAEjE,gEAAgE;IAChE,MAAM,gBAAgB,GAAG,IAAA,cAAM,EAA0B,IAAI,CAAC,CAAC;IAC/D,oDAAoD;IACpD,MAAM,kBAAkB,GAAG,IAAA,cAAM,EAG9B,EAAE,CAAC,CAAC;IAEP,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,CAAC;QAC9B,gBAAgB,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACzD,kBAAkB,CAAC,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC;YAC7C,kBAAkB,CAAC,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC;QAC7C,CAAC,CAAC,CAAC;IACL,CAAC;IAED,qEAAqE;IACrE,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,IAAI,EAAE,CAAC;YACT,kBAAkB,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,CAAC;QAC7C,CAAC;aAAM,IAAI,KAAK,EAAE,CAAC;YACjB,kBAAkB,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC,EAAE,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC;IAElB,qEAAqE;IACrE,OAAO,IAAA,mBAAW,EAAC,KAAK,IAAI,EAAE;QAC5B,MAAM,aAAa,EAAE,CAAC;QACtB,OAAO,gBAAgB,CAAC,OAAQ,CAAC;IACnC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;AACtB,CAAC,CAAC;AAhCW,QAAA,SAAS,aAgCpB","sourcesContent":["import { useUser as useUserInternal } from \"./useUser.js\";\nimport { useCallback, useEffect, useRef } from \"react\";\n\n/**\n * This hook wraps the signIn function from the useUser hook and returns a promise that resolves when the user is signed in.\n * It allows integrators to await the completion of the sign-in process,\n */\nexport const useSignIn = () => {\n const { signIn: triggerSignIn, user, error } = useUserInternal();\n\n // We'll create exactly ONE promise in the component's lifetime:\n const signInPromiseRef = useRef<Promise<unknown> | null>(null);\n // We'll store its resolve/reject callbacks in here:\n const signInCallbacksRef = useRef<{\n resolve?: (val: unknown) => void;\n reject?: (err: unknown) => void;\n }>({});\n\n if (!signInPromiseRef.current) {\n signInPromiseRef.current = new Promise((resolve, reject) => {\n signInCallbacksRef.current.resolve = resolve;\n signInCallbacksRef.current.reject = reject;\n });\n }\n\n // Once user or error changes, fulfill or reject that single promise:\n useEffect(() => {\n if (user) {\n signInCallbacksRef.current.resolve?.(user);\n } else if (error) {\n signInCallbacksRef.current.reject?.(error);\n }\n }, [user, error]);\n\n // signIn triggers the login and returns the SAME promise every time:\n return useCallback(async () => {\n await triggerSignIn();\n return signInPromiseRef.current!;\n }, [triggerSignIn]);\n};\n"]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"UserInfoService.d.ts","sourceRoot":"","sources":["../../../src/services/UserInfoService.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAQ,eAAe,EAAE,MAAM,aAAa,CAAC;AAEzD,qBAAa,mBAAoB,YAAW,eAAe;IACnD,WAAW,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CASxD"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.UserInfoServiceImpl = void 0;
|
|
4
|
+
class UserInfoServiceImpl {
|
|
5
|
+
async getUserInfo(accessToken) {
|
|
6
|
+
const response = await fetch("", {
|
|
7
|
+
headers: {
|
|
8
|
+
Authorization: `Bearer ${accessToken}`,
|
|
9
|
+
},
|
|
10
|
+
});
|
|
11
|
+
return response.json();
|
|
12
|
+
}
|
|
13
|
+
}
|
|
14
|
+
exports.UserInfoServiceImpl = UserInfoServiceImpl;
|
|
15
|
+
//# sourceMappingURL=UserInfoService.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"UserInfoService.js","sourceRoot":"","sources":["../../../src/services/UserInfoService.ts"],"names":[],"mappings":";;;AAEA,MAAa,mBAAmB;IAC9B,KAAK,CAAC,WAAW,CAAC,WAAmB;QACnC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,EAAE,EAAE;YAC/B,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,WAAW,EAAE;aACvC;SACF,CAAC,CAAC;QAEH,OAAO,QAAQ,CAAC,IAAI,EAAE,CAAC;IACzB,CAAC;CACF;AAVD,kDAUC","sourcesContent":["import type { User, UserInfoService } from \"../types.js\";\n\nexport class UserInfoServiceImpl implements UserInfoService {\n async getUserInfo(accessToken: string): Promise<object> {\n const response = await fetch(\"\", {\n headers: {\n Authorization: `Bearer ${accessToken}`,\n },\n });\n\n return response.json();\n }\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/session.ts"],"names":[],"mappings":"AAEA,OAAO,
|
|
1
|
+
{"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/session.ts"],"names":[],"mappings":"AAEA,OAAO,EAEL,KAAK,WAAW,EAChB,KAAK,WAAW,EAChB,KAAK,IAAI,EACT,KAAK,WAAW,EAChB,KAAK,aAAa,EACnB,MAAM,YAAY,CAAC;AAsBpB,wBAAsB,OAAO,CAAC,CAAC,SAAS,aAAa,GAAG,WAAW,EACjE,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAoBzB;AAED,wBAAsB,SAAS,CAC7B,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,CAS7B"}
|
|
@@ -3,8 +3,9 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.getUser = getUser;
|
|
4
4
|
exports.getTokens = getTokens;
|
|
5
5
|
const util_js_1 = require("../../shared/lib/util.js");
|
|
6
|
-
const
|
|
6
|
+
const jose_1 = require("jose");
|
|
7
7
|
const types_js_1 = require("../../types.js");
|
|
8
|
+
const constants_js_1 = require("../../constants.js");
|
|
8
9
|
// Function to omit keys from an object
|
|
9
10
|
const omitKeys = (keys, obj) => {
|
|
10
11
|
const result = { ...obj };
|
|
@@ -14,15 +15,16 @@ const omitKeys = (keys, obj) => {
|
|
|
14
15
|
return result;
|
|
15
16
|
};
|
|
16
17
|
const parseJWTToType = (jwt) => {
|
|
17
|
-
const parseResult = (0,
|
|
18
|
-
return parseResult
|
|
18
|
+
const parseResult = (0, jose_1.decodeJwt)(jwt);
|
|
19
|
+
return parseResult;
|
|
19
20
|
};
|
|
20
21
|
async function getUser(storage) {
|
|
21
22
|
const tokens = await (0, util_js_1.retrieveTokens)(storage);
|
|
22
23
|
if (!tokens)
|
|
23
24
|
return null;
|
|
24
25
|
const parsedToken = parseJWTToType(tokens.id_token);
|
|
25
|
-
|
|
26
|
+
// it might be preferable to throw here
|
|
27
|
+
if (!parsedToken.sub)
|
|
26
28
|
return null;
|
|
27
29
|
// set the user ID from the token sub
|
|
28
30
|
const userWithAdditionalTokenFields = {
|
|
@@ -31,7 +33,7 @@ async function getUser(storage) {
|
|
|
31
33
|
};
|
|
32
34
|
// Assumes all information is in the ID token
|
|
33
35
|
// remove the token keys from the user object to stop it getting too large
|
|
34
|
-
return omitKeys([...
|
|
36
|
+
return omitKeys([...constants_js_1.JWT_PAYLOAD_KNOWN_CLAIM_KEYS, ...types_js_1.tokenKeys], userWithAdditionalTokenFields);
|
|
35
37
|
}
|
|
36
38
|
async function getTokens(storage) {
|
|
37
39
|
const storageData = await (0, util_js_1.retrieveTokens)(storage);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"session.js","sourceRoot":"","sources":["../../../../src/shared/lib/session.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"session.js","sourceRoot":"","sources":["../../../../src/shared/lib/session.ts"],"names":[],"mappings":";;AA+BA,0BAsBC;AAED,8BAWC;AAlED,kDAAsD;AACtD,+BAAkD;AAClD,yCAOoB;AACpB,iDAA8D;AAE9D,uCAAuC;AACvC,MAAM,QAAQ,GAAG,CACf,IAAS,EACT,GAAM,EACM,EAAE;IACd,MAAM,MAAM,GAAG,EAAE,GAAG,GAAG,EAAE,CAAC;IAC1B,IAAI,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;QACnB,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;IACrB,CAAC,CAAC,CAAC;IACH,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF,MAAM,cAAc,GAAG,CACrB,GAAW,EACK,EAAE;IAClB,MAAM,WAAW,GAAG,IAAA,gBAAS,EAAC,GAAG,CAAC,CAAC;IACnC,OAAO,WAA6B,CAAC;AACvC,CAAC,CAAC;AAEK,KAAK,UAAU,OAAO,CAC3B,OAAoB;IAEpB,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAc,EAAC,OAAO,CAAC,CAAC;IAC7C,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEzB,MAAM,WAAW,GAAG,cAAc,CAAI,MAAM,CAAC,QAAQ,CAAC,CAAC;IACvD,uCAAuC;IACvC,IAAI,CAAC,WAAW,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IAElC,qCAAqC;IACrC,MAAM,6BAA6B,GAAG;QACpC,GAAI,WAAiB;QACrB,EAAE,EAAE,WAAW,CAAC,GAAG;KACpB,CAAC;IAEF,6CAA6C;IAC7C,0EAA0E;IAC1E,OAAO,QAAQ,CACb,CAAC,GAAG,2CAA4B,EAAE,GAAG,oBAAS,CAAC,EAC/C,6BAA6B,CAC9B,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,SAAS,CAC7B,OAAoB;IAEpB,MAAM,WAAW,GAAG,MAAM,IAAA,wBAAc,EAAC,OAAO,CAAC,CAAC;IAClD,IAAI,CAAC,WAAW;QAAE,OAAO,IAAI,CAAC;IAE9B,OAAO;QACL,OAAO,EAAE,WAAW,CAAC,QAAQ;QAC7B,WAAW,EAAE,WAAW,CAAC,YAAY;QACrC,YAAY,EAAE,WAAW,CAAC,aAAa;KACxC,CAAC;AACJ,CAAC","sourcesContent":["import { retrieveTokens } from \"@/shared/lib/util.js\";\nimport { decodeJwt, type JWTPayload } from \"jose\";\nimport {\n tokenKeys,\n type AuthStorage,\n type OAuthTokens,\n type User,\n type EmptyObject,\n type UnknownObject,\n} from \"@/types.js\";\nimport { JWT_PAYLOAD_KNOWN_CLAIM_KEYS } from \"@/constants.js\";\n\n// Function to omit keys from an object\nconst omitKeys = <K extends keyof T, T extends Record<string, unknown>>(\n keys: K[],\n obj: T,\n): Omit<T, K> => {\n const result = { ...obj };\n keys.forEach((key) => {\n delete result[key];\n });\n return result;\n};\n\nconst parseJWTToType = <T extends UnknownObject = EmptyObject>(\n jwt: string,\n): JWTPayload & T => {\n const parseResult = decodeJwt(jwt);\n return parseResult as JWTPayload & T;\n};\n\nexport async function getUser<T extends UnknownObject = EmptyObject>(\n storage: AuthStorage,\n): Promise<User<T> | null> {\n const tokens = await retrieveTokens(storage);\n if (!tokens) return null;\n\n const parsedToken = parseJWTToType<T>(tokens.id_token);\n // it might be preferable to throw here\n if (!parsedToken.sub) return null;\n\n // set the user ID from the token sub\n const userWithAdditionalTokenFields = {\n ...(parsedToken as T),\n id: parsedToken.sub,\n };\n\n // Assumes all information is in the ID token\n // remove the token keys from the user object to stop it getting too large\n return omitKeys(\n [...JWT_PAYLOAD_KNOWN_CLAIM_KEYS, ...tokenKeys],\n userWithAdditionalTokenFields,\n );\n}\n\nexport async function getTokens(\n storage: AuthStorage,\n): Promise<OAuthTokens | null> {\n const storageData = await retrieveTokens(storage);\n if (!storageData) return null;\n\n return {\n idToken: storageData.id_token,\n accessToken: storageData.access_token,\n refreshToken: storageData.refresh_token,\n };\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/util.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,SAAS,
|
|
1
|
+
{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/util.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,SAAS,EACT,qBAAqB,EACrB,YAAY,EACb,MAAM,YAAY,CAAC;AAMpB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAI3C,OAAO,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAItE;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,YAAY,EAAE,MAAM,EACpB,MAAM,GAAE,OAAO,GAAG,MAAe,GAChC,OAAO,CAAC,MAAM,CAAC,CAajB;AAED,wBAAsB,yBAAyB,CAC7C,WAAW,EAAE,MAAM,EACnB,iBAAiB,GAAE,OAAO,CAAC,SAAS,CAAM,GACzC,OAAO,CAAC,SAAS,CAAC,CAMpB;AAED,wBAAsB,qBAAqB,CAAC,MAAM,EAAE;IAClD,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IAEvC,YAAY,EAAE,YAAY,CAAC;CAC5B,GAAG,OAAO,CAAC,GAAG,CAAC,CA2Bf;AAED,wBAAsB,sBAAsB,CAAC,MAAM,EAAE;IACnD,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;CACxC,GAAG,OAAO,CAAC,GAAG,CAAC,CAcf;AAED,wBAAgB,iBAAiB,CAC/B,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,SAAS,GACnB,YAAY,CAId;AAED,wBAAsB,cAAc,CAClC,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,YAAY,EAAE,YAAY,EAC1B,YAAY,EAAE,YAAY,EAC1B,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,SAAS,kCAoBrB;AAED,wBAAsB,uBAAuB,CAC3C,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,qBAAqB,iBAkB9B;AAED,wBAAsB,WAAW,CAC/B,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,qBAAqB,iBAS9B;AAED,wBAAsB,WAAW,CAAC,OAAO,EAAE,WAAW,iBAKrD;AAED,wBAAsB,sBAAsB,CAAC,OAAO,EAAE,WAAW,iBAGhE;AAED,wBAAsB,SAAS,CAAC,OAAO,EAAE,WAAW,iBAGnD;AAED,wBAAsB,cAAc,CAClC,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC,CAmBvC;AAED,wBAAsB,4BAA4B,CAChD,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,MAAM,CAAC,CAEjB;AAED,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,qBAAqB,EAC7B,SAAS,EAAE,SAAS,EACpB,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,YAAY,CAAC,CA2BvB"}
|
|
@@ -53,7 +53,7 @@ const oauth_js_1 = require("../../lib/oauth.js");
|
|
|
53
53
|
const jose = __importStar(require("jose"));
|
|
54
54
|
const utils_js_1 = require("../../utils.js");
|
|
55
55
|
const UserSession_js_1 = require("../../shared/lib/UserSession.js");
|
|
56
|
-
const
|
|
56
|
+
const jose_1 = require("jose");
|
|
57
57
|
/**
|
|
58
58
|
* Given a PKCE code verifier, derive the code challenge using SHA
|
|
59
59
|
*/
|
|
@@ -129,10 +129,10 @@ async function exchangeTokens(code, state, pkceProducer, oauth2Client, oauthServ
|
|
|
129
129
|
return tokens;
|
|
130
130
|
}
|
|
131
131
|
async function setAccessTokenExpiresAt(storage, tokens) {
|
|
132
|
-
// try to extract
|
|
133
|
-
const parsedAccessToken = (0,
|
|
134
|
-
if (parsedAccessToken
|
|
135
|
-
await storage.set(types_js_1.OAuthTokens.ACCESS_TOKEN_EXPIRES_AT, parsedAccessToken.
|
|
132
|
+
// try to extract absolute expiry time from access token but fallback to calculation if not possible
|
|
133
|
+
const parsedAccessToken = (0, jose_1.decodeJwt)(tokens.access_token);
|
|
134
|
+
if (parsedAccessToken?.exp) {
|
|
135
|
+
await storage.set(types_js_1.OAuthTokens.ACCESS_TOKEN_EXPIRES_AT, parsedAccessToken.exp.toString());
|
|
136
136
|
}
|
|
137
137
|
else if (tokens.expires_in) {
|
|
138
138
|
const now = Math.floor(new Date().getTime() / 1000);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"util.js","sourceRoot":"","sources":["../../../../src/shared/lib/util.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAyBA,kDAgBC;AAED,8DASC;AAED,sDAqCC;AAED,wDAqBC;AAED,8CAQC;AAED,wCA0BC;AAED,0DAoBC;AAED,kCAWC;AAED,kCAKC;AAED,wDAGC;AAED,8BAGC;AAED,wCAqBC;AAED,oEAIC;AAED,oDAgCC;AAlQD,yCAIoB;AACpB,wCAA2C;AAC3C,6CAAwE;AACxE,2CAA6B;AAC7B,yCAA8C;AAE9C,gEAAiE;AACjE,kCAAoC;AAEpC;;GAEG;AACI,KAAK,UAAU,mBAAmB,CACvC,YAAoB,EACpB,SAA2B,MAAM;IAEjC,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,OAAO,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QAC3D,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;SACxD,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACxB,CAAC;AAEM,KAAK,UAAU,yBAAyB,CAC7C,WAAmB,EACnB,oBAAwC,EAAE;IAE1C,MAAM,SAAS,GAAG,MAAM,IAAA,4BAAiB,EAAC,WAAW,CAAC,CAAC;IACvD,OAAO;QACL,GAAG,SAAS;QACZ,GAAG,iBAAiB;KACrB,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,qBAAqB,CAAC,MAU3C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,YAAY,GAAG,iBAAiB,CACpC,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,WAAW,EAClB,SAAS,CACV,CAAC;IACF,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,gBAAgB,EAAE,CAAC;IAC/D,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,sBAAsB,CAAC;QACzD,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAC;IACH,yGAAyG;IACzG,yEAAyE;IACzE,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;IAC1D,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;IAC9D,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,uDAAuD;QACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACtD,CAAC;IACD,uDAAuD;IACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IAElD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAAC,MAO5C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IACpD,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChE,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IACnE,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACzD,aAAa,CAAC,YAAY,CAAC,MAAM,CAC/B,0BAA0B,EAC1B,MAAM,CAAC,WAAW,CACnB,CAAC;IACF,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,SAAgB,iBAAiB,CAC/B,QAAgB,EAChB,WAAmB,EACnB,SAAoB;IAEpB,OAAO,IAAI,qBAAY,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,KAAK,EAAE;QACjE,WAAW,EAAE,WAAW;KACzB,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,cAAc,CAClC,IAAY,EACZ,KAAa,EACb,YAA0B,EAC1B,YAA0B,EAC1B,WAAmB,EACnB,SAAoB;IAEpB,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,eAAe,EAAE,CAAC;IAC1D,IAAI,CAAC,YAAY;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAEvE,MAAM,MAAM,GACV,MAAM,YAAY,CAAC,yBAAyB,CAAwB,IAAI,EAAE;QACxE,YAAY;KACb,CAAC,CAAC;IAEL,2BAA2B;IAC3B,IAAI,CAAC;QACH,MAAM,oBAAoB,CAAC,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,WAAW,CAAC,CAAC;IAC3E,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qBAAqB,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACxD,MAAM,IAAI,KAAK,CACb,kCAAmC,KAAe,CAAC,OAAO,EAAE,CAC7D,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAEM,KAAK,UAAU,uBAAuB,CAC3C,OAAoB,EACpB,MAA6B;IAE7B,mGAAmG;IACnG,MAAM,iBAAiB,GAAG,IAAA,cAAQ,EAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACxD,IAAI,iBAAiB,IAAI,iBAAiB,EAAE,SAAS,EAAE,CAAC;QACtD,MAAM,OAAO,CAAC,GAAG,CACf,sBAAW,CAAC,uBAAuB,EACnC,iBAAiB,CAAC,SAAS,EAAE,OAAO,EAAE,CAAC,QAAQ,EAAE,CAClD,CAAC;IACJ,CAAC;SAAM,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QAC7B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;QACpD,MAAM,OAAO,CAAC,GAAG,CACf,sBAAW,CAAC,uBAAuB,EACnC,CAAC,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,QAAQ,EAAE,CACrC,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,WAAW,CAC/B,OAAoB,EACpB,MAA6B;IAE7B,4GAA4G;IAC5G,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IACzD,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IACjE,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACzB,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,aAAa,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;IACrE,CAAC;IACD,MAAM,uBAAuB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;AACjD,CAAC;AAEM,KAAK,UAAU,WAAW,CAAC,OAAoB;IACpD,MAAM,kBAAkB,GAAG,MAAM,CAAC,MAAM,CAAC,sBAAW,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QACtE,MAAM,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IACH,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,kBAAkB,CAAC,CAAC,CAAC;AAC7C,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAAC,OAAoB;IAC/D,MAAM,OAAO,CAAC,MAAM,CAAC,8BAAmB,CAAC,CAAC;IAC1C,MAAM,OAAO,CAAC,MAAM,CAAC,qCAA0B,CAAC,CAAC;AACnD,CAAC;AAEM,KAAK,UAAU,SAAS,CAAC,OAAoB;IAClD,MAAM,WAAW,GAAG,IAAI,mCAAkB,CAAC,OAAO,CAAC,CAAC;IACpD,MAAM,WAAW,CAAC,KAAK,EAAE,CAAC;AAC5B,CAAC;AAEM,KAAK,UAAU,cAAc,CAClC,OAAoB;IAEpB,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,YAAY,CAAC,CAAC;IAChE,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,aAAa,CAAC,CAAC;IAClE,MAAM,oBAAoB,GAAG,MAAM,OAAO,CAAC,GAAG,CAC5C,sBAAW,CAAC,uBAAuB,CACpC,CAAC;IAEF,IAAI,CAAC,OAAO,IAAI,CAAC,WAAW;QAAE,OAAO,IAAI,CAAC;IAE1C,OAAO;QACL,QAAQ,EAAE,OAAO;QACjB,YAAY,EAAE,WAAW;QACzB,aAAa,EAAE,YAAY,IAAI,SAAS;QACxC,uBAAuB,EACrB,oBAAoB,KAAK,IAAI;YAC3B,CAAC,CAAC,QAAQ,CAAC,oBAAoB,EAAE,EAAE,CAAC;YACpC,CAAC,CAAC,SAAS,EAAE,2BAA2B;KAC7C,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,4BAA4B,CAChD,OAAoB;IAEpB,OAAO,MAAM,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,uBAAuB,CAAC,CAAC,CAAC;AACxE,CAAC;AAEM,KAAK,UAAU,oBAAoB,CACxC,MAA6B,EAC7B,SAAoB,EACpB,YAA0B,EAC1B,MAAc;IAEd,MAAM,IAAI,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAE9D,wBAAwB;IACxB,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,SAAS,CAC1C,MAAM,CAAC,QAAQ,EACf,IAAI,EACJ;QACE,MAAM,EAAE,IAAA,8BAAmB,EAAC,MAAM,CAAC;QACnC,QAAQ,EAAE,YAAY,CAAC,QAAQ;KAChC,CACF,CAAC;IAEF,4BAA4B;IAC5B,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,SAAS,CAC9C,MAAM,CAAC,YAAY,EACnB,IAAI,EACJ;QACE,MAAM,EAAE,IAAA,8BAAmB,EAAC,MAAM,CAAC;KACpC,CACF,CAAC;IAEF,OAAO,IAAA,2BAAgB,EAAC;QACtB,QAAQ,EAAE,eAAe,CAAC,OAAO;QACjC,YAAY,EAAE,mBAAmB,CAAC,OAAO;QACzC,aAAa,EAAE,MAAM,CAAC,aAAa;KACpC,CAAC,CAAC;AACL,CAAC","sourcesContent":["// Utility functions shared by auth server and client integrations\n// Typically these functions should be used inside AuthenticationInitiator and AuthenticationResolver implementations\nimport type {\n AuthStorage,\n Endpoints,\n JWTPayload,\n OIDCTokenResponseBody,\n ParsedTokens,\n} from \"@/types.js\";\nimport {\n AUTH_SERVER_LEGACY_SESSION,\n AUTH_SERVER_SESSION,\n OAuthTokens,\n} from \"./types.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { getIssuerVariations, getOauthEndpoints } from \"@/lib/oauth.js\";\nimport * as jose from \"jose\";\nimport { withoutUndefined } from \"@/utils.js\";\nimport type { PKCEConsumer, PKCEProducer } from \"@/services/types.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport { parseJWT } from \"oslo/jwt\";\n\n/**\n * Given a PKCE code verifier, derive the code challenge using SHA\n */\nexport async function deriveCodeChallenge(\n codeVerifier: string,\n method: \"Plain\" | \"S256\" = \"S256\",\n): Promise<string> {\n if (method === \"Plain\") {\n console.warn(\"Using insecure plain code challenge method\");\n return codeVerifier;\n }\n\n const encoder = new TextEncoder();\n const data = encoder.encode(codeVerifier);\n const digest = await crypto.subtle.digest(\"SHA-256\", data);\n return btoa(String.fromCharCode(...new Uint8Array(digest)))\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=+$/, \"\");\n}\n\nexport async function getEndpointsWithOverrides(\n oauthServer: string,\n endpointOverrides: Partial<Endpoints> = {},\n): Promise<Endpoints> {\n const endpoints = await getOauthEndpoints(oauthServer);\n return {\n ...endpoints,\n ...endpointOverrides,\n };\n}\n\nexport async function generateOauthLoginUrl(config: {\n clientId: string;\n scopes: string[];\n state: string;\n redirectUrl: string;\n oauthServer: string;\n nonce?: string;\n endpointOverrides?: Partial<Endpoints>;\n // used to get the PKCE challenge\n pkceConsumer: PKCEConsumer;\n}): Promise<URL> {\n const endpoints = await getEndpointsWithOverrides(\n config.oauthServer,\n config.endpointOverrides,\n );\n const oauth2Client = buildOauth2Client(\n config.clientId,\n config.redirectUrl,\n endpoints,\n );\n const challenge = await config.pkceConsumer.getCodeChallenge();\n const oAuthUrl = await oauth2Client.createAuthorizationURL({\n state: config.state,\n scopes: config.scopes,\n });\n // The OAuth2 client supports PKCE, but does not allow passing in a code challenge from some other source\n // It only allows passing in a code verifier which it then hashes itself.\n oAuthUrl.searchParams.append(\"code_challenge\", challenge);\n oAuthUrl.searchParams.append(\"code_challenge_method\", \"S256\");\n if (config.nonce) {\n // nonce isn't supported by oslo, so we add it manually\n oAuthUrl.searchParams.append(\"nonce\", config.nonce);\n }\n // Required by the auth server for offline_access scope\n oAuthUrl.searchParams.append(\"prompt\", \"consent\");\n\n return oAuthUrl;\n}\n\nexport async function generateOauthLogoutUrl(config: {\n clientId: string;\n redirectUrl: string;\n idToken: string;\n state: string;\n oauthServer: string;\n endpointOverrides?: Partial<Endpoints>;\n}): Promise<URL> {\n const endpoints = await getEndpointsWithOverrides(\n config.oauthServer,\n config.endpointOverrides,\n );\n const endSessionUrl = new URL(endpoints.endsession);\n endSessionUrl.searchParams.append(\"client_id\", config.clientId);\n endSessionUrl.searchParams.append(\"id_token_hint\", config.idToken);\n endSessionUrl.searchParams.append(\"state\", config.state);\n endSessionUrl.searchParams.append(\n \"post_logout_redirect_uri\",\n config.redirectUrl,\n );\n return endSessionUrl;\n}\n\nexport function buildOauth2Client(\n clientId: string,\n redirectUri: string,\n endpoints: Endpoints,\n): OAuth2Client {\n return new OAuth2Client(clientId, endpoints.auth, endpoints.token, {\n redirectURI: redirectUri,\n });\n}\n\nexport async function exchangeTokens(\n code: string,\n state: string,\n pkceProducer: PKCEProducer,\n oauth2Client: OAuth2Client,\n oauthServer: string,\n endpoints: Endpoints,\n) {\n const codeVerifier = await pkceProducer.getCodeVerifier();\n if (!codeVerifier) throw new Error(\"Code verifier not found in state\");\n\n const tokens =\n await oauth2Client.validateAuthorizationCode<OIDCTokenResponseBody>(code, {\n codeVerifier,\n });\n\n // Validate relevant tokens\n try {\n await validateOauth2Tokens(tokens, endpoints, oauth2Client, oauthServer);\n } catch (error) {\n console.error(\"tokenExchange error\", { error, tokens });\n throw new Error(\n `OIDC tokens validation failed: ${(error as Error).message}`,\n );\n }\n return tokens;\n}\n\nexport async function setAccessTokenExpiresAt(\n storage: AuthStorage,\n tokens: OIDCTokenResponseBody,\n) {\n // try to extract absolut expiry time from access token but fallback to calculation if not possible\n const parsedAccessToken = parseJWT(tokens.access_token);\n if (parsedAccessToken && parsedAccessToken?.expiresAt) {\n await storage.set(\n OAuthTokens.ACCESS_TOKEN_EXPIRES_AT,\n parsedAccessToken.expiresAt?.getTime().toString(),\n );\n } else if (tokens.expires_in) {\n const now = Math.floor(new Date().getTime() / 1000);\n await storage.set(\n OAuthTokens.ACCESS_TOKEN_EXPIRES_AT,\n (now + tokens.expires_in).toString(),\n );\n } else {\n throw new Error(\"Cannot determine access token expiry!\");\n }\n}\n\nexport async function storeTokens(\n storage: AuthStorage,\n tokens: OIDCTokenResponseBody,\n) {\n // store tokens in storage ( TODO we should probably store them against the state to allow multiple logins )\n await storage.set(OAuthTokens.ID_TOKEN, tokens.id_token);\n await storage.set(OAuthTokens.ACCESS_TOKEN, tokens.access_token);\n if (tokens.refresh_token) {\n await storage.set(OAuthTokens.REFRESH_TOKEN, tokens.refresh_token);\n }\n await setAccessTokenExpiresAt(storage, tokens);\n}\n\nexport async function clearTokens(storage: AuthStorage) {\n const clearOAuthPromises = Object.values(OAuthTokens).map(async (key) => {\n await storage.delete(key);\n });\n await Promise.all([...clearOAuthPromises]);\n}\n\nexport async function clearAuthServerSession(storage: AuthStorage) {\n await storage.delete(AUTH_SERVER_SESSION);\n await storage.delete(AUTH_SERVER_LEGACY_SESSION);\n}\n\nexport async function clearUser(storage: AuthStorage) {\n const userSession = new GenericUserSession(storage);\n await userSession.clear();\n}\n\nexport async function retrieveTokens(\n storage: AuthStorage,\n): Promise<OIDCTokenResponseBody | null> {\n const idToken = await storage.get(OAuthTokens.ID_TOKEN);\n const accessToken = await storage.get(OAuthTokens.ACCESS_TOKEN);\n const refreshToken = await storage.get(OAuthTokens.REFRESH_TOKEN);\n const accessTokenExpiresAt = await storage.get(\n OAuthTokens.ACCESS_TOKEN_EXPIRES_AT,\n );\n\n if (!idToken || !accessToken) return null;\n\n return {\n id_token: idToken,\n access_token: accessToken,\n refresh_token: refreshToken ?? undefined,\n access_token_expires_at:\n accessTokenExpiresAt !== null\n ? parseInt(accessTokenExpiresAt, 10)\n : undefined, // Convert string to number\n };\n}\n\nexport async function retrieveAccessTokenExpiresAt(\n storage: AuthStorage,\n): Promise<number> {\n return Number(await storage.get(OAuthTokens.ACCESS_TOKEN_EXPIRES_AT));\n}\n\nexport async function validateOauth2Tokens(\n tokens: OIDCTokenResponseBody,\n endpoints: Endpoints,\n oauth2Client: OAuth2Client,\n issuer: string,\n): Promise<ParsedTokens> {\n const JWKS = jose.createRemoteJWKSet(new URL(endpoints.jwks));\n\n // validate the ID token\n const idTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.id_token,\n JWKS,\n {\n issuer: getIssuerVariations(issuer),\n audience: oauth2Client.clientId,\n },\n );\n\n // validate the access token\n const accessTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.access_token,\n JWKS,\n {\n issuer: getIssuerVariations(issuer),\n },\n );\n\n return withoutUndefined({\n id_token: idTokenResponse.payload,\n access_token: accessTokenResponse.payload,\n refresh_token: tokens.refresh_token,\n });\n}\n"]}
|
|
1
|
+
{"version":3,"file":"util.js","sourceRoot":"","sources":["../../../../src/shared/lib/util.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAwBA,kDAgBC;AAED,8DASC;AAED,sDAqCC;AAED,wDAqBC;AAED,8CAQC;AAED,wCA0BC;AAED,0DAoBC;AAED,kCAWC;AAED,kCAKC;AAED,wDAGC;AAED,8BAGC;AAED,wCAqBC;AAED,oEAIC;AAED,oDAgCC;AAlQD,yCAIoB;AACpB,wCAA2C;AAC3C,6CAAwE;AACxE,2CAA6B;AAC7B,yCAA8C;AAE9C,gEAAiE;AACjE,+BAAkD;AAElD;;GAEG;AACI,KAAK,UAAU,mBAAmB,CACvC,YAAoB,EACpB,SAA2B,MAAM;IAEjC,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,OAAO,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QAC3D,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;SACxD,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACxB,CAAC;AAEM,KAAK,UAAU,yBAAyB,CAC7C,WAAmB,EACnB,oBAAwC,EAAE;IAE1C,MAAM,SAAS,GAAG,MAAM,IAAA,4BAAiB,EAAC,WAAW,CAAC,CAAC;IACvD,OAAO;QACL,GAAG,SAAS;QACZ,GAAG,iBAAiB;KACrB,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,qBAAqB,CAAC,MAU3C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,YAAY,GAAG,iBAAiB,CACpC,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,WAAW,EAClB,SAAS,CACV,CAAC;IACF,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,gBAAgB,EAAE,CAAC;IAC/D,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,sBAAsB,CAAC;QACzD,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAC;IACH,yGAAyG;IACzG,yEAAyE;IACzE,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;IAC1D,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;IAC9D,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,uDAAuD;QACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACtD,CAAC;IACD,uDAAuD;IACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IAElD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAAC,MAO5C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IACpD,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChE,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IACnE,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACzD,aAAa,CAAC,YAAY,CAAC,MAAM,CAC/B,0BAA0B,EAC1B,MAAM,CAAC,WAAW,CACnB,CAAC;IACF,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,SAAgB,iBAAiB,CAC/B,QAAgB,EAChB,WAAmB,EACnB,SAAoB;IAEpB,OAAO,IAAI,qBAAY,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,KAAK,EAAE;QACjE,WAAW,EAAE,WAAW;KACzB,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,cAAc,CAClC,IAAY,EACZ,KAAa,EACb,YAA0B,EAC1B,YAA0B,EAC1B,WAAmB,EACnB,SAAoB;IAEpB,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,eAAe,EAAE,CAAC;IAC1D,IAAI,CAAC,YAAY;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAEvE,MAAM,MAAM,GACV,MAAM,YAAY,CAAC,yBAAyB,CAAwB,IAAI,EAAE;QACxE,YAAY;KACb,CAAC,CAAC;IAEL,2BAA2B;IAC3B,IAAI,CAAC;QACH,MAAM,oBAAoB,CAAC,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,WAAW,CAAC,CAAC;IAC3E,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qBAAqB,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACxD,MAAM,IAAI,KAAK,CACb,kCAAmC,KAAe,CAAC,OAAO,EAAE,CAC7D,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAEM,KAAK,UAAU,uBAAuB,CAC3C,OAAoB,EACpB,MAA6B;IAE7B,oGAAoG;IACpG,MAAM,iBAAiB,GAAG,IAAA,gBAAS,EAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACzD,IAAI,iBAAiB,EAAE,GAAG,EAAE,CAAC;QAC3B,MAAM,OAAO,CAAC,GAAG,CACf,sBAAW,CAAC,uBAAuB,EACnC,iBAAiB,CAAC,GAAG,CAAC,QAAQ,EAAE,CACjC,CAAC;IACJ,CAAC;SAAM,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QAC7B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;QACpD,MAAM,OAAO,CAAC,GAAG,CACf,sBAAW,CAAC,uBAAuB,EACnC,CAAC,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,QAAQ,EAAE,CACrC,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,WAAW,CAC/B,OAAoB,EACpB,MAA6B;IAE7B,4GAA4G;IAC5G,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IACzD,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IACjE,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACzB,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,aAAa,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;IACrE,CAAC;IACD,MAAM,uBAAuB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;AACjD,CAAC;AAEM,KAAK,UAAU,WAAW,CAAC,OAAoB;IACpD,MAAM,kBAAkB,GAAG,MAAM,CAAC,MAAM,CAAC,sBAAW,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QACtE,MAAM,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IACH,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,kBAAkB,CAAC,CAAC,CAAC;AAC7C,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAAC,OAAoB;IAC/D,MAAM,OAAO,CAAC,MAAM,CAAC,8BAAmB,CAAC,CAAC;IAC1C,MAAM,OAAO,CAAC,MAAM,CAAC,qCAA0B,CAAC,CAAC;AACnD,CAAC;AAEM,KAAK,UAAU,SAAS,CAAC,OAAoB;IAClD,MAAM,WAAW,GAAG,IAAI,mCAAkB,CAAC,OAAO,CAAC,CAAC;IACpD,MAAM,WAAW,CAAC,KAAK,EAAE,CAAC;AAC5B,CAAC;AAEM,KAAK,UAAU,cAAc,CAClC,OAAoB;IAEpB,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,YAAY,CAAC,CAAC;IAChE,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,aAAa,CAAC,CAAC;IAClE,MAAM,oBAAoB,GAAG,MAAM,OAAO,CAAC,GAAG,CAC5C,sBAAW,CAAC,uBAAuB,CACpC,CAAC;IAEF,IAAI,CAAC,OAAO,IAAI,CAAC,WAAW;QAAE,OAAO,IAAI,CAAC;IAE1C,OAAO;QACL,QAAQ,EAAE,OAAO;QACjB,YAAY,EAAE,WAAW;QACzB,aAAa,EAAE,YAAY,IAAI,SAAS;QACxC,uBAAuB,EACrB,oBAAoB,KAAK,IAAI;YAC3B,CAAC,CAAC,QAAQ,CAAC,oBAAoB,EAAE,EAAE,CAAC;YACpC,CAAC,CAAC,SAAS,EAAE,2BAA2B;KAC7C,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,4BAA4B,CAChD,OAAoB;IAEpB,OAAO,MAAM,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,uBAAuB,CAAC,CAAC,CAAC;AACxE,CAAC;AAEM,KAAK,UAAU,oBAAoB,CACxC,MAA6B,EAC7B,SAAoB,EACpB,YAA0B,EAC1B,MAAc;IAEd,MAAM,IAAI,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAE9D,wBAAwB;IACxB,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,SAAS,CAC1C,MAAM,CAAC,QAAQ,EACf,IAAI,EACJ;QACE,MAAM,EAAE,IAAA,8BAAmB,EAAC,MAAM,CAAC;QACnC,QAAQ,EAAE,YAAY,CAAC,QAAQ;KAChC,CACF,CAAC;IAEF,4BAA4B;IAC5B,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,SAAS,CAC9C,MAAM,CAAC,YAAY,EACnB,IAAI,EACJ;QACE,MAAM,EAAE,IAAA,8BAAmB,EAAC,MAAM,CAAC;KACpC,CACF,CAAC;IAEF,OAAO,IAAA,2BAAgB,EAAC;QACtB,QAAQ,EAAE,eAAe,CAAC,OAAO;QACjC,YAAY,EAAE,mBAAmB,CAAC,OAAO;QACzC,aAAa,EAAE,MAAM,CAAC,aAAa;KACpC,CAAC,CAAC;AACL,CAAC","sourcesContent":["// Utility functions shared by auth server and client integrations\n// Typically these functions should be used inside AuthenticationInitiator and AuthenticationResolver implementations\nimport type {\n AuthStorage,\n Endpoints,\n OIDCTokenResponseBody,\n ParsedTokens,\n} from \"@/types.js\";\nimport {\n AUTH_SERVER_LEGACY_SESSION,\n AUTH_SERVER_SESSION,\n OAuthTokens,\n} from \"./types.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { getIssuerVariations, getOauthEndpoints } from \"@/lib/oauth.js\";\nimport * as jose from \"jose\";\nimport { withoutUndefined } from \"@/utils.js\";\nimport type { PKCEConsumer, PKCEProducer } from \"@/services/types.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport { decodeJwt, type JWTPayload } from \"jose\";\n\n/**\n * Given a PKCE code verifier, derive the code challenge using SHA\n */\nexport async function deriveCodeChallenge(\n codeVerifier: string,\n method: \"Plain\" | \"S256\" = \"S256\",\n): Promise<string> {\n if (method === \"Plain\") {\n console.warn(\"Using insecure plain code challenge method\");\n return codeVerifier;\n }\n\n const encoder = new TextEncoder();\n const data = encoder.encode(codeVerifier);\n const digest = await crypto.subtle.digest(\"SHA-256\", data);\n return btoa(String.fromCharCode(...new Uint8Array(digest)))\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=+$/, \"\");\n}\n\nexport async function getEndpointsWithOverrides(\n oauthServer: string,\n endpointOverrides: Partial<Endpoints> = {},\n): Promise<Endpoints> {\n const endpoints = await getOauthEndpoints(oauthServer);\n return {\n ...endpoints,\n ...endpointOverrides,\n };\n}\n\nexport async function generateOauthLoginUrl(config: {\n clientId: string;\n scopes: string[];\n state: string;\n redirectUrl: string;\n oauthServer: string;\n nonce?: string;\n endpointOverrides?: Partial<Endpoints>;\n // used to get the PKCE challenge\n pkceConsumer: PKCEConsumer;\n}): Promise<URL> {\n const endpoints = await getEndpointsWithOverrides(\n config.oauthServer,\n config.endpointOverrides,\n );\n const oauth2Client = buildOauth2Client(\n config.clientId,\n config.redirectUrl,\n endpoints,\n );\n const challenge = await config.pkceConsumer.getCodeChallenge();\n const oAuthUrl = await oauth2Client.createAuthorizationURL({\n state: config.state,\n scopes: config.scopes,\n });\n // The OAuth2 client supports PKCE, but does not allow passing in a code challenge from some other source\n // It only allows passing in a code verifier which it then hashes itself.\n oAuthUrl.searchParams.append(\"code_challenge\", challenge);\n oAuthUrl.searchParams.append(\"code_challenge_method\", \"S256\");\n if (config.nonce) {\n // nonce isn't supported by oslo, so we add it manually\n oAuthUrl.searchParams.append(\"nonce\", config.nonce);\n }\n // Required by the auth server for offline_access scope\n oAuthUrl.searchParams.append(\"prompt\", \"consent\");\n\n return oAuthUrl;\n}\n\nexport async function generateOauthLogoutUrl(config: {\n clientId: string;\n redirectUrl: string;\n idToken: string;\n state: string;\n oauthServer: string;\n endpointOverrides?: Partial<Endpoints>;\n}): Promise<URL> {\n const endpoints = await getEndpointsWithOverrides(\n config.oauthServer,\n config.endpointOverrides,\n );\n const endSessionUrl = new URL(endpoints.endsession);\n endSessionUrl.searchParams.append(\"client_id\", config.clientId);\n endSessionUrl.searchParams.append(\"id_token_hint\", config.idToken);\n endSessionUrl.searchParams.append(\"state\", config.state);\n endSessionUrl.searchParams.append(\n \"post_logout_redirect_uri\",\n config.redirectUrl,\n );\n return endSessionUrl;\n}\n\nexport function buildOauth2Client(\n clientId: string,\n redirectUri: string,\n endpoints: Endpoints,\n): OAuth2Client {\n return new OAuth2Client(clientId, endpoints.auth, endpoints.token, {\n redirectURI: redirectUri,\n });\n}\n\nexport async function exchangeTokens(\n code: string,\n state: string,\n pkceProducer: PKCEProducer,\n oauth2Client: OAuth2Client,\n oauthServer: string,\n endpoints: Endpoints,\n) {\n const codeVerifier = await pkceProducer.getCodeVerifier();\n if (!codeVerifier) throw new Error(\"Code verifier not found in state\");\n\n const tokens =\n await oauth2Client.validateAuthorizationCode<OIDCTokenResponseBody>(code, {\n codeVerifier,\n });\n\n // Validate relevant tokens\n try {\n await validateOauth2Tokens(tokens, endpoints, oauth2Client, oauthServer);\n } catch (error) {\n console.error(\"tokenExchange error\", { error, tokens });\n throw new Error(\n `OIDC tokens validation failed: ${(error as Error).message}`,\n );\n }\n return tokens;\n}\n\nexport async function setAccessTokenExpiresAt(\n storage: AuthStorage,\n tokens: OIDCTokenResponseBody,\n) {\n // try to extract absolute expiry time from access token but fallback to calculation if not possible\n const parsedAccessToken = decodeJwt(tokens.access_token);\n if (parsedAccessToken?.exp) {\n await storage.set(\n OAuthTokens.ACCESS_TOKEN_EXPIRES_AT,\n parsedAccessToken.exp.toString(),\n );\n } else if (tokens.expires_in) {\n const now = Math.floor(new Date().getTime() / 1000);\n await storage.set(\n OAuthTokens.ACCESS_TOKEN_EXPIRES_AT,\n (now + tokens.expires_in).toString(),\n );\n } else {\n throw new Error(\"Cannot determine access token expiry!\");\n }\n}\n\nexport async function storeTokens(\n storage: AuthStorage,\n tokens: OIDCTokenResponseBody,\n) {\n // store tokens in storage ( TODO we should probably store them against the state to allow multiple logins )\n await storage.set(OAuthTokens.ID_TOKEN, tokens.id_token);\n await storage.set(OAuthTokens.ACCESS_TOKEN, tokens.access_token);\n if (tokens.refresh_token) {\n await storage.set(OAuthTokens.REFRESH_TOKEN, tokens.refresh_token);\n }\n await setAccessTokenExpiresAt(storage, tokens);\n}\n\nexport async function clearTokens(storage: AuthStorage) {\n const clearOAuthPromises = Object.values(OAuthTokens).map(async (key) => {\n await storage.delete(key);\n });\n await Promise.all([...clearOAuthPromises]);\n}\n\nexport async function clearAuthServerSession(storage: AuthStorage) {\n await storage.delete(AUTH_SERVER_SESSION);\n await storage.delete(AUTH_SERVER_LEGACY_SESSION);\n}\n\nexport async function clearUser(storage: AuthStorage) {\n const userSession = new GenericUserSession(storage);\n await userSession.clear();\n}\n\nexport async function retrieveTokens(\n storage: AuthStorage,\n): Promise<OIDCTokenResponseBody | null> {\n const idToken = await storage.get(OAuthTokens.ID_TOKEN);\n const accessToken = await storage.get(OAuthTokens.ACCESS_TOKEN);\n const refreshToken = await storage.get(OAuthTokens.REFRESH_TOKEN);\n const accessTokenExpiresAt = await storage.get(\n OAuthTokens.ACCESS_TOKEN_EXPIRES_AT,\n );\n\n if (!idToken || !accessToken) return null;\n\n return {\n id_token: idToken,\n access_token: accessToken,\n refresh_token: refreshToken ?? undefined,\n access_token_expires_at:\n accessTokenExpiresAt !== null\n ? parseInt(accessTokenExpiresAt, 10)\n : undefined, // Convert string to number\n };\n}\n\nexport async function retrieveAccessTokenExpiresAt(\n storage: AuthStorage,\n): Promise<number> {\n return Number(await storage.get(OAuthTokens.ACCESS_TOKEN_EXPIRES_AT));\n}\n\nexport async function validateOauth2Tokens(\n tokens: OIDCTokenResponseBody,\n endpoints: Endpoints,\n oauth2Client: OAuth2Client,\n issuer: string,\n): Promise<ParsedTokens> {\n const JWKS = jose.createRemoteJWKSet(new URL(endpoints.jwks));\n\n // validate the ID token\n const idTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.id_token,\n JWKS,\n {\n issuer: getIssuerVariations(issuer),\n audience: oauth2Client.clientId,\n },\n );\n\n // validate the access token\n const accessTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.access_token,\n JWKS,\n {\n issuer: getIssuerVariations(issuer),\n },\n );\n\n return withoutUndefined({\n id_token: idTokenResponse.payload,\n access_token: accessTokenResponse.payload,\n refresh_token: tokens.refresh_token,\n });\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"TokenProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/TokenProvider.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACvC,OAAO,KAAiC,MAAM,OAAO,CAAC;AAEtD,OAAO,KAAK,EAAE,eAAe,
|
|
1
|
+
{"version":3,"file":"TokenProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/TokenProvider.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACvC,OAAO,KAAiC,MAAM,OAAO,CAAC;AAEtD,OAAO,KAAK,EAAE,eAAe,EAAkB,MAAM,YAAY,CAAC;AAIlE,KAAK,gBAAgB,GAAG;IACtB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,eAAe,EAAE,eAAe,CAAC;IACjC,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;CACrB,CAAC;AAEF,QAAA,MAAM,YAAY,6CAAyD,CAAC;AAE5E,QAAA,MAAM,aAAa,iBAAkB;IAAE,QAAQ,EAAE,SAAS,CAAA;CAAE,qDAkC3D,CAAC;AAEF,YAAY,EAAE,gBAAgB,EAAE,CAAC;AACjC,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC"}
|
|
@@ -5,8 +5,8 @@ exports.TokenContext = exports.TokenProvider = void 0;
|
|
|
5
5
|
const jsx_runtime_1 = require("@emotion/react/jsx-runtime");
|
|
6
6
|
const react_1 = require("react");
|
|
7
7
|
const useSession_js_1 = require("../../shared/hooks/useSession.js");
|
|
8
|
-
const jwt_1 = require("oslo/jwt");
|
|
9
8
|
const jwt_js_1 = require("../../lib/jwt.js");
|
|
9
|
+
const jose_1 = require("jose");
|
|
10
10
|
const TokenContext = (0, react_1.createContext)(undefined);
|
|
11
11
|
exports.TokenContext = TokenContext;
|
|
12
12
|
const TokenProvider = ({ children }) => {
|
|
@@ -15,10 +15,7 @@ const TokenProvider = ({ children }) => {
|
|
|
15
15
|
const decodeTokens = (0, react_1.useMemo)(() => {
|
|
16
16
|
if (!session?.idToken)
|
|
17
17
|
return null;
|
|
18
|
-
const
|
|
19
|
-
if (!parsedJWT)
|
|
20
|
-
return null;
|
|
21
|
-
const { forwardedTokens } = parsedJWT.payload;
|
|
18
|
+
const { forwardedTokens } = (0, jose_1.decodeJwt)(session.idToken);
|
|
22
19
|
return forwardedTokens
|
|
23
20
|
? (0, jwt_js_1.convertForwardedTokenFormat)(forwardedTokens)
|
|
24
21
|
: null;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"TokenProvider.js","sourceRoot":"","sources":["../../../../src/shared/providers/TokenProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;AAEb,iCAAsD;AACtD,gEAA0D;AAE1D,
|
|
1
|
+
{"version":3,"file":"TokenProvider.js","sourceRoot":"","sources":["../../../../src/shared/providers/TokenProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;AAEb,iCAAsD;AACtD,gEAA0D;AAE1D,yCAA2D;AAC3D,+BAAiC;AAUjC,MAAM,YAAY,GAAG,IAAA,qBAAa,EAA+B,SAAS,CAAC,CAAC;AAuCpD,oCAAY;AArCpC,MAAM,aAAa,GAAG,CAAC,EAAE,QAAQ,EAA2B,EAAE,EAAE;IAC9D,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAA,0BAAU,GAAE,CAAC;IACrD,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,IAAA,0BAAU,GAAE,CAAC;IAEvC,MAAM,YAAY,GAAG,IAAA,eAAO,EAAC,GAAG,EAAE;QAChC,IAAI,CAAC,OAAO,EAAE,OAAO;YAAE,OAAO,IAAI,CAAC;QAEnC,MAAM,EAAE,eAAe,EAAE,GAAG,IAAA,gBAAS,EAAC,OAAO,CAAC,OAAO,CAAmB,CAAC;QAEzE,OAAO,eAAe;YACpB,CAAC,CAAC,IAAA,oCAA2B,EAAC,eAAe,CAAC;YAC9C,CAAC,CAAC,IAAI,CAAC;IACX,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IAEvB,MAAM,KAAK,GAAG,IAAA,eAAO,EACnB,GAAG,EAAE,CAAC,CAAC;QACL,WAAW,EAAE,OAAO,EAAE,WAAW,IAAI,IAAI;QACzC,OAAO,EAAE,OAAO,EAAE,OAAO,IAAI,IAAI;QACjC,eAAe,EAAE,YAAY,IAAI,EAAE;QACnC,SAAS;QACT,KAAK,EAAE,SAAyB;KACjC,CAAC,EACF;QACE,OAAO,EAAE,WAAW;QACpB,OAAO,EAAE,OAAO;QAChB,YAAY;QACZ,SAAS;QACT,SAAS;KACV,CACF,CAAC;IAEF,OAAO,CACL,uBAAC,YAAY,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK,YAAG,QAAQ,GAAyB,CACxE,CAAC;AACJ,CAAC,CAAC;AAGO,sCAAa","sourcesContent":["\"use client\";\nimport type { ReactNode } from \"react\";\nimport React, { createContext, useMemo } from \"react\";\nimport { useSession } from \"@/shared/hooks/useSession.js\";\nimport type { ForwardedTokens, IdTokenPayload } from \"@/types.js\";\nimport { convertForwardedTokenFormat } from \"@/lib/jwt.js\";\nimport { decodeJwt } from \"jose\";\n\ntype TokenContextType = {\n accessToken: string | null;\n idToken: string | null;\n forwardedTokens: ForwardedTokens;\n isLoading: boolean;\n error: Error | null;\n};\n\nconst TokenContext = createContext<TokenContextType | undefined>(undefined);\n\nconst TokenProvider = ({ children }: { children: ReactNode }) => {\n const { isLoading, error: authError } = useSession();\n const { data: session } = useSession();\n\n const decodeTokens = useMemo(() => {\n if (!session?.idToken) return null;\n\n const { forwardedTokens } = decodeJwt(session.idToken) as IdTokenPayload;\n\n return forwardedTokens\n ? convertForwardedTokenFormat(forwardedTokens)\n : null;\n }, [session?.idToken]);\n\n const value = useMemo(\n () => ({\n accessToken: session?.accessToken || null,\n idToken: session?.idToken || null,\n forwardedTokens: decodeTokens || {},\n isLoading,\n error: authError as Error | null,\n }),\n [\n session?.accessToken,\n session?.idToken,\n decodeTokens,\n isLoading,\n authError,\n ],\n );\n\n return (\n <TokenContext.Provider value={value}>{children}</TokenContext.Provider>\n );\n};\n\nexport type { TokenContextType };\nexport { TokenProvider, TokenContext };\n"]}
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
import React from "react";
|
|
2
2
|
import type { ReactNode } from "react";
|
|
3
|
-
import type { JWT } from "oslo/jwt";
|
|
4
3
|
import type { AuthStatus, AuthStorage, DisplayMode, ForwardedTokens, User } from "../../types.js";
|
|
5
4
|
import type { AuthContextType } from "../../shared/providers/AuthContext.js";
|
|
6
|
-
type
|
|
5
|
+
import type { JWTPayload } from "jose";
|
|
6
|
+
type UserContent = Record<string, unknown> & JWTPayload;
|
|
7
7
|
type UserContextType<T extends UserContent = UserContent> = {
|
|
8
8
|
user: User<T> | null;
|
|
9
9
|
} & {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"UserProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/UserProvider.tsx"],"names":[],"mappings":"AAEA,OAAO,KAA0D,MAAM,OAAO,CAAC;AAC/E,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACvC,OAAO,KAAK,
|
|
1
|
+
{"version":3,"file":"UserProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/UserProvider.tsx"],"names":[],"mappings":"AAEA,OAAO,KAA0D,MAAM,OAAO,CAAC;AAC/E,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AACvC,OAAO,KAAK,EACV,UAAU,EACV,WAAW,EACX,WAAW,EACX,eAAe,EACf,IAAI,EACL,MAAM,YAAY,CAAC;AAEpB,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAGzE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAEvC,KAAK,WAAW,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,UAAU,CAAC;AACxD,KAAK,eAAe,CAAC,CAAC,SAAS,WAAW,GAAG,WAAW,IAAI;IAC1D,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;CACtB,GAAG;IACF,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,eAAe,CAAC,EAAE,eAAe,CAAC;CACnC,GAAG,IAAI,CAAC,eAAe,EAAE,iBAAiB,CAAC,CAAC;AAE7C,QAAA,MAAM,WAAW,oDAA8C,CAAC;AAEhE,QAAA,MAAM,YAAY,GAAI,CAAC,SAAS,WAAW,qFAQxC;IACD,QAAQ,EAAE,SAAS,CAAC;IACpB,OAAO,EAAE,WAAW,CAAC;IACrB,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;IACrB,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7B,UAAU,EAAE,UAAU,CAAC;IACvB,MAAM,EAAE,CAAC,WAAW,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACrD,WAAW,EAAE,WAAW,CAAC;CAC1B,qDAgEA,CAAC;AAEF,YAAY,EAAE,eAAe,EAAE,CAAC;AAEhC,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"UserProvider.js","sourceRoot":"","sources":["../../../../src/shared/providers/UserProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;AAEb,iCAA+E;
|
|
1
|
+
{"version":3,"file":"UserProvider.js","sourceRoot":"","sources":["../../../../src/shared/providers/UserProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;AAEb,iCAA+E;AAS/E,gEAA0D;AAE1D,gEAAiE;AACjE,sDAAgD;AAYhD,MAAM,WAAW,GAAG,IAAA,qBAAa,EAAyB,IAAI,CAAC,CAAC;AAsFzC,kCAAW;AApFlC,MAAM,YAAY,GAAG,CAAwB,EAC3C,QAAQ,EACR,OAAO,EACP,IAAI,EAAE,SAAS,EACf,OAAO,EACP,UAAU,EACV,MAAM,EACN,WAAW,GASZ,EAAE,EAAE;IACH,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,WAAW,EAAE,GAAG,IAAA,0BAAU,GAAE,CAAC;IAClE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,IAAA,0BAAU,GAAE,CAAC;IACvC,MAAM,MAAM,GAAG,IAAA,sBAAQ,GAAE,CAAC;IAC1B,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,IAAA,gBAAQ,EAAU,KAAK,CAAC,CAAC;IAC/D,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,IAAA,gBAAQ,EAAe,IAAI,CAAC,CAAC;IAC/D,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAA,gBAAQ,EAAiB,SAAS,CAAC,CAAC;IAE5D,MAAM,SAAS,GAAG,IAAA,mBAAW,EAAC,KAAK,IAA6B,EAAE;QAChE,IAAI,CAAC,OAAO,EAAE,OAAO;YAAE,OAAO,IAAI,CAAC;QACnC,MAAM,WAAW,GAAG,IAAI,mCAAkB,CAAI,OAAO,CAAC,CAAC;QACvD,OAAO,WAAW,CAAC,GAAG,EAAE,CAAC;IAC3B,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IAEhC,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,OAAO,EAAE,OAAO,EAAE,CAAC;YACrB,cAAc,CAAC,IAAI,CAAC,CAAC;YACrB,SAAS,EAAE;iBACR,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;gBACb,cAAc,CAAC,KAAK,CAAC,CAAC;gBACtB,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;oBACnB,sGAAsG;oBACtG,sEAAsE;oBACtE,2EAA2E;oBAC3E,OAAO,IAAI,IAAI,QAAQ,CAAC;gBAC1B,CAAC,CAAC,CAAC;YACL,CAAC,CAAC;iBACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBACf,cAAc,CAAC,KAAK,CAAC,CAAC;gBACtB,YAAY,CAAC,KAAK,CAAC,CAAC;YACtB,CAAC,CAAC,CAAC;QACP,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,IAAI,CAAC,CAAC;QAChB,CAAC;IACH,CAAC,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IAElC,MAAM,SAAS,GAAG,WAAW,IAAI,WAAW,CAAC;IAC7C,MAAM,KAAK,GAAG,SAAS,IAAI,SAAS,CAAC;IAErC,mEAAmE;IACnE,+DAA+D;IAC/D,kEAAkE;IAClE,oEAAoE;IACpE,mEAAmE;IACnE,8CAA8C;IAC9C,qEAAqE;IACrE,MAAM,SAAS,GAAG,IAAI,IAAI,SAAS,CAAC;IAEpC,OAAO,CACL,uBAAC,WAAW,CAAC,QAAQ,IACnB,KAAK,EAAE;YACL,GAAG,MAAM;YACT,IAAI,EAAE,SAAS;YACf,SAAS;YACT,KAAK;YACL,MAAM;YACN,OAAO;YACP,UAAU;YACV,WAAW,EAAE,WAAW,IAAI,QAAQ;SACrC,YAEA,QAAQ,GACY,CACxB,CAAC;AACJ,CAAC,CAAC;AAIO,oCAAY","sourcesContent":["\"use client\";\n\nimport React, { createContext, useCallback, useEffect, useState } from \"react\";\nimport type { ReactNode } from \"react\";\nimport type {\n AuthStatus,\n AuthStorage,\n DisplayMode,\n ForwardedTokens,\n User,\n} from \"@/types.js\";\nimport { useSession } from \"@/shared/hooks/useSession.js\";\nimport type { AuthContextType } from \"@/shared/providers/AuthContext.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport { useToken } from \"../hooks/useToken.js\";\nimport type { JWTPayload } from \"jose\";\n\ntype UserContent = Record<string, unknown> & JWTPayload;\ntype UserContextType<T extends UserContent = UserContent> = {\n user: User<T> | null;\n} & {\n accessToken?: string | null;\n idToken?: string | null;\n forwardedTokens?: ForwardedTokens;\n} & Omit<AuthContextType, \"isAuthenticated\">;\n\nconst UserContext = createContext<UserContextType | null>(null);\n\nconst UserProvider = <T extends UserContent>({\n children,\n storage,\n user: inputUser,\n signOut,\n authStatus,\n signIn,\n displayMode,\n}: {\n children: ReactNode;\n storage: AuthStorage;\n user: User<T> | null;\n signOut: () => Promise<void>;\n authStatus: AuthStatus;\n signIn: (displayMode?: DisplayMode) => Promise<void>;\n displayMode: DisplayMode;\n}) => {\n const { error: authError, isLoading: authLoading } = useSession();\n const { data: session } = useSession();\n const tokens = useToken();\n const [userLoading, setUserLoading] = useState<boolean>(false);\n const [userError, setUserError] = useState<Error | null>(null);\n const [user, setUser] = useState<User<T> | null>(inputUser);\n\n const fetchUser = useCallback(async (): Promise<User<T> | null> => {\n if (!session?.idToken) return null;\n const userSession = new GenericUserSession<T>(storage);\n return userSession.get();\n }, [session?.idToken, storage]);\n\n useEffect(() => {\n if (session?.idToken) {\n setUserLoading(true);\n fetchUser()\n .then((user) => {\n setUserLoading(false);\n setUser((prevUser) => {\n // we only want to update the user if it's set - if a user is passed in, don't assume it is wrong here\n // it could be just the fetchUser returned null for some other reason.\n // TODO consider cleaning this up in general to avoid needing context here.\n return user ?? prevUser;\n });\n })\n .catch((error) => {\n setUserLoading(false);\n setUserError(error);\n });\n } else {\n setUser(null);\n }\n }, [fetchUser, session?.idToken]);\n\n const isLoading = authLoading || userLoading;\n const error = authError ?? userError;\n\n // While we are passing a user as a prop _and_ storing it in state,\n // there is the case where the user is not set in the state yet\n // (setState is called but the rerender has not yet happened), but\n // is passed as a prop. In this case, we want to use the prop value.\n // A better solution is to avoid having multiple layers of context.\n // If the user is passed in, we just use that.\n // We should not split user state management across multiple contexts\n const userValue = user ?? inputUser;\n\n return (\n <UserContext.Provider\n value={{\n ...tokens,\n user: userValue,\n isLoading,\n error,\n signIn,\n signOut,\n authStatus,\n displayMode: displayMode || \"iframe\",\n }}\n >\n {children}\n </UserContext.Provider>\n );\n};\n\nexport type { UserContextType };\n\nexport { UserProvider, UserContext };\n"]}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export declare const VERSION = "@civic/auth:0.3.2-beta.
|
|
1
|
+
export declare const VERSION = "@civic/auth:0.3.2-beta.2";
|
|
2
2
|
//# sourceMappingURL=version.d.ts.map
|
|
@@ -2,5 +2,5 @@
|
|
|
2
2
|
// This is an auto-generated file. Do not edit.
|
|
3
3
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
4
|
exports.VERSION = void 0;
|
|
5
|
-
exports.VERSION = "@civic/auth:0.3.2-beta.
|
|
5
|
+
exports.VERSION = "@civic/auth:0.3.2-beta.2";
|
|
6
6
|
//# sourceMappingURL=version.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"version.js","sourceRoot":"","sources":["../../../src/shared/version.ts"],"names":[],"mappings":";AAAA,+CAA+C;;;AAElC,QAAA,OAAO,GAAG,0BAA0B,CAAC","sourcesContent":["// This is an auto-generated file. Do not edit.\n\nexport const VERSION = \"@civic/auth:0.3.2-beta.
|
|
1
|
+
{"version":3,"file":"version.js","sourceRoot":"","sources":["../../../src/shared/version.ts"],"names":[],"mappings":";AAAA,+CAA+C;;;AAElC,QAAA,OAAO,GAAG,0BAA0B,CAAC","sourcesContent":["// This is an auto-generated file. Do not edit.\n\nexport const VERSION = \"@civic/auth:0.3.2-beta.2\";\n"]}
|
package/dist/cjs/types.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import type { TokenResponseBody } from "oslo/oauth2";
|
|
2
|
-
import type {
|
|
2
|
+
import type { JWTPayload } from "jose";
|
|
3
3
|
type UnknownObject = Record<string, unknown>;
|
|
4
4
|
type EmptyObject = Record<string, never>;
|
|
5
5
|
export declare enum AuthStatus {
|
|
@@ -80,11 +80,6 @@ type ForwardedTokensJWT = Record<string, {
|
|
|
80
80
|
refresh_token?: string;
|
|
81
81
|
scope?: string;
|
|
82
82
|
}>;
|
|
83
|
-
declare const jwtPayloadKnownClaimsKeys: readonly ["iss", "aud", "sub", "iat", "exp"];
|
|
84
|
-
type JWTPayloadKnownClaims = {
|
|
85
|
-
[K in (typeof jwtPayloadKnownClaimsKeys)[number]]: string;
|
|
86
|
-
};
|
|
87
|
-
type JWTPayload = JWT["payload"] & JWTPayloadKnownClaims;
|
|
88
83
|
type IdTokenPayload = JWTPayload & {
|
|
89
84
|
forwardedTokens?: ForwardedTokensJWT;
|
|
90
85
|
email?: string;
|
|
@@ -93,9 +88,6 @@ type IdTokenPayload = JWTPayload & {
|
|
|
93
88
|
nonce: string;
|
|
94
89
|
at_hash: string;
|
|
95
90
|
};
|
|
96
|
-
type IdToken = Omit<JWT, "payload"> & {
|
|
97
|
-
payload: IdTokenPayload;
|
|
98
|
-
};
|
|
99
91
|
declare const tokenKeys: readonly ["sub", "idToken", "accessToken", "refreshToken", "forwardedTokens"];
|
|
100
92
|
export type OAuthTokens = {
|
|
101
93
|
idToken?: string;
|
|
@@ -156,8 +148,8 @@ export type IframeAuthMessage = {
|
|
|
156
148
|
error?: string;
|
|
157
149
|
};
|
|
158
150
|
};
|
|
159
|
-
export type { LoginPostMessage, AuthSessionService, TokenService, UserInfoService, ResourceService, AuthRequest, Tokens, Endpoints, Config, SessionData, OIDCTokenResponseBody, ParsedTokens, BaseUser, User, DisplayMode, UnknownObject, EmptyObject, ForwardedTokens, ForwardedTokensJWT,
|
|
160
|
-
export {
|
|
151
|
+
export type { LoginPostMessage, AuthSessionService, TokenService, UserInfoService, ResourceService, AuthRequest, Tokens, Endpoints, Config, SessionData, OIDCTokenResponseBody, ParsedTokens, BaseUser, User, DisplayMode, UnknownObject, EmptyObject, ForwardedTokens, ForwardedTokensJWT, IdTokenPayload, OpenIdConfiguration, };
|
|
152
|
+
export { tokenKeys };
|
|
161
153
|
export interface AuthStorage {
|
|
162
154
|
get(key: string): Promise<string | null>;
|
|
163
155
|
set(key: string, value: string): Promise<void>;
|
package/dist/cjs/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,KAAK,EAAE,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAEvC,KAAK,aAAa,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AAC7C,KAAK,WAAW,GAAG,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;AAEzC,oBAAY,UAAU;IACpB,aAAa,kBAAkB;IAC/B,eAAe,oBAAoB;IACnC,cAAc,mBAAmB;IACjC,KAAK,UAAU;IACf,WAAW,gBAAgB;CAC5B;AAED,KAAK,WAAW,GAAG,QAAQ,GAAG,UAAU,GAAG,SAAS,GAAG,YAAY,CAAC;AAGpE,UAAU,kBAAkB;IAE1B,oBAAoB,CAClB,gBAAgB,EAAE,MAAM,EACxB,WAAW,EAAE,WAAW,GACvB,IAAI,CAAC;IAER,mBAAmB,CACjB,MAAM,EAAE,MAAM,EAAE,EAChB,mBAAmB,EAAE,WAAW,EAChC,KAAK,CAAC,EAAE,MAAM,GACb,OAAO,CAAC,MAAM,CAAC,CAAC;IAEnB,MAAM,CACJ,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE,MAAM,EAAE,EAChB,KAAK,CAAC,EAAE,MAAM,GACb,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjB,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IAEzD,cAAc,IAAI,WAAW,CAAC;IAE9B,iBAAiB,CAAC,IAAI,EAAE,WAAW,GAAG,IAAI,CAAC;IAC3C,kBAAkB,IAAI,OAAO,CAAC,eAAe,CAAC,CAAC;CAChD;AAGD,UAAU,YAAY;IACpB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACzD,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;IACzD,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CAC3D;AAGD,UAAU,eAAe;IACvB,WAAW,CAAC,CAAC,SAAS,aAAa,EACjC,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,GAAG,IAAI,GACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;CAC5B;AAGD,UAAU,eAAe;IACvB,oBAAoB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CAC7D;AAGD,KAAK,WAAW,GAAG;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,KAAK,SAAS,GAAG;IACf,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,KAAK,MAAM,GAAG;IACZ,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,SAAS,CAAC;CACvB,CAAC;AAEF,KAAK,WAAW,GAAG;IACjB,aAAa,EAAE,OAAO,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,KAAK,qBAAqB,GAAG,iBAAiB,GAAG;IAC/C,QAAQ,EAAE,MAAM,CAAC;IACjB,uBAAuB,CAAC,EAAE,MAAM,CAAC;CAClC,CAAC;AAEF,KAAK,YAAY,GAAG;IAClB,QAAQ,EAAE,UAAU,CAAC;IACrB,YAAY,EAAE,UAAU,CAAC;IACzB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAGF,KAAK,eAAe,GAAG,MAAM,CAC3B,MAAM,EACN;IACE,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CACF,CAAC;AAGF,KAAK,kBAAkB,GAAG,MAAM,CAC9B,MAAM,EACN;IACE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CACF,CAAC;AAEF,KAAK,cAAc,GAAG,UAAU,GAAG;IACjC,eAAe,CAAC,EAAE,kBAAkB,CAAC;IACrC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,QAAA,MAAM,SAAS,+EAML,CAAC;AAEX,MAAM,MAAM,WAAW,GAAG;IACxB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF,KAAK,MAAM,GAAG;KACX,CAAC,IAAI,CAAC,OAAO,SAAS,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,iBAAiB,GAC1D,eAAe,GACf,MAAM;CACX,CAAC;AAGF,KAAK,QAAQ,GAAG;IACd,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,IAAI,CAAC;CACnB,CAAC;AAEF,KAAK,IAAI,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,IACjE,QAAQ,GAAG,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC;AAE5B,KAAK,mBAAmB,GAAG;IACzB,sBAAsB,EAAE,MAAM,CAAC;IAC/B,0BAA0B,EAAE,OAAO,CAAC;IACpC,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,gCAAgC,EAAE,MAAM,EAAE,CAAC;IAC3C,oBAAoB,EAAE,MAAM,CAAC;IAC7B,qBAAqB,EAAE,MAAM,EAAE,CAAC;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,8CAA8C,EAAE,OAAO,CAAC;IACxD,wBAAwB,EAAE,MAAM,EAAE,CAAC;IACnC,wBAAwB,EAAE,MAAM,EAAE,CAAC;IACnC,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,uBAAuB,EAAE,MAAM,EAAE,CAAC;IAClC,qCAAqC,EAAE,MAAM,EAAE,CAAC;IAChD,gDAAgD,EAAE,MAAM,EAAE,CAAC;IAC3D,cAAc,EAAE,MAAM,CAAC;IACvB,qCAAqC,EAAE,MAAM,EAAE,CAAC;IAChD,qCAAqC,EAAE,MAAM,CAAC;IAC9C,2BAA2B,EAAE,OAAO,CAAC;IACrC,+BAA+B,EAAE,OAAO,CAAC;IACzC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,qBAAqB,EAAE,MAAM,EAAE,CAAC;CACjC,CAAC;AAEF,KAAK,gBAAgB,GAAG;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE;QACJ,GAAG,EAAE,MAAM,CAAC;KACb,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,MAAM,EAAE,eAAe,CAAC;IACxB,IAAI,EAAE,YAAY,GAAG,sBAAsB,CAAC;IAC5C,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE;QACJ,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;CACH,CAAC;AAEF,YAAY,EACV,gBAAgB,EAChB,kBAAkB,EAClB,YAAY,EACZ,eAAe,EACf,eAAe,EACf,WAAW,EACX,MAAM,EACN,SAAS,EACT,MAAM,EACN,WAAW,EACX,qBAAqB,EACrB,YAAY,EACZ,QAAQ,EACR,IAAI,EACJ,WAAW,EACX,aAAa,EACb,WAAW,EACX,eAAe,EACf,kBAAkB,EAClB,cAAc,EACd,mBAAmB,GACpB,CAAC;AACF,OAAO,EAAE,SAAS,EAAE,CAAC;AACrB,MAAM,WAAW,WAAW;IAC1B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/C,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACpC;AAED,MAAM,MAAM,UAAU,GAAG,UAAU,GAAG,OAAO,CAAC"}
|