@civic/auth 0.3.7 → 0.3.8-beta.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +3 -0
- package/dist/cjs/nextjs/GetUser.d.ts +6 -0
- package/dist/cjs/nextjs/GetUser.d.ts.map +1 -0
- package/dist/cjs/nextjs/GetUser.js +11 -0
- package/dist/cjs/nextjs/GetUser.js.map +1 -0
- package/dist/cjs/nextjs/NextAuthenticationRefresherImpl.d.ts +11 -0
- package/dist/cjs/nextjs/NextAuthenticationRefresherImpl.d.ts.map +1 -0
- package/dist/cjs/nextjs/NextAuthenticationRefresherImpl.js +21 -0
- package/dist/cjs/nextjs/NextAuthenticationRefresherImpl.js.map +1 -0
- package/dist/cjs/nextjs/NextClientAuthenticationRefresher.d.ts +3 -4
- package/dist/cjs/nextjs/NextClientAuthenticationRefresher.d.ts.map +1 -1
- package/dist/cjs/nextjs/NextClientAuthenticationRefresher.js +14 -12
- package/dist/cjs/nextjs/NextClientAuthenticationRefresher.js.map +1 -1
- package/dist/cjs/nextjs/NextServerAuthenticationRefresherImpl.d.ts +2 -1
- package/dist/cjs/nextjs/NextServerAuthenticationRefresherImpl.d.ts.map +1 -1
- package/dist/cjs/nextjs/NextServerAuthenticationRefresherImpl.js +10 -2
- package/dist/cjs/nextjs/NextServerAuthenticationRefresherImpl.js.map +1 -1
- package/dist/cjs/nextjs/hooks/useRefresh.d.ts +3 -1
- package/dist/cjs/nextjs/hooks/useRefresh.d.ts.map +1 -1
- package/dist/cjs/nextjs/hooks/useRefresh.js +10 -2
- package/dist/cjs/nextjs/hooks/useRefresh.js.map +1 -1
- package/dist/cjs/nextjs/providers/NextAuthProvider.d.ts.map +1 -1
- package/dist/cjs/nextjs/providers/NextAuthProvider.js +7 -1
- package/dist/cjs/nextjs/providers/NextAuthProvider.js.map +1 -1
- package/dist/cjs/nextjs/routeHandler.d.ts.map +1 -1
- package/dist/cjs/nextjs/routeHandler.js +18 -11
- package/dist/cjs/nextjs/routeHandler.js.map +1 -1
- package/dist/cjs/reactjs/components/LoadingSpinner.d.ts +7 -0
- package/dist/cjs/reactjs/components/LoadingSpinner.d.ts.map +1 -0
- package/dist/cjs/reactjs/components/LoadingSpinner.js +33 -0
- package/dist/cjs/reactjs/components/LoadingSpinner.js.map +1 -0
- package/dist/cjs/reactjs/hooks/useAuth.d.ts +3 -0
- package/dist/cjs/reactjs/hooks/useAuth.d.ts.map +1 -0
- package/dist/cjs/reactjs/hooks/useAuth.js +15 -0
- package/dist/cjs/reactjs/hooks/useAuth.js.map +1 -0
- package/dist/cjs/reactjs/hooks/useSignIn.d.ts +6 -0
- package/dist/cjs/reactjs/hooks/useSignIn.d.ts.map +1 -0
- package/dist/cjs/reactjs/hooks/useSignIn.js +38 -0
- package/dist/cjs/reactjs/hooks/useSignIn.js.map +1 -0
- package/dist/cjs/reactjs/providers/AuthProvider.d.ts.map +1 -1
- package/dist/cjs/reactjs/providers/AuthProvider.js +8 -0
- package/dist/cjs/reactjs/providers/AuthProvider.js.map +1 -1
- package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts.map +1 -1
- package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.js +0 -1
- package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.js.map +1 -1
- package/dist/cjs/server/refresh.d.ts.map +1 -1
- package/dist/cjs/server/refresh.js +4 -1
- package/dist/cjs/server/refresh.js.map +1 -1
- package/dist/cjs/services/AuthenticationService.d.ts.map +1 -1
- package/dist/cjs/services/AuthenticationService.js +0 -5
- package/dist/cjs/services/AuthenticationService.js.map +1 -1
- package/dist/cjs/shared/components/CivicAuthIframe.d.ts.map +1 -1
- package/dist/cjs/shared/components/CivicAuthIframe.js +7 -1
- package/dist/cjs/shared/components/CivicAuthIframe.js.map +1 -1
- package/dist/cjs/shared/hooks/useClientTokenExchangeSession.d.ts +3 -0
- package/dist/cjs/shared/hooks/useClientTokenExchangeSession.d.ts.map +1 -0
- package/dist/cjs/shared/hooks/useClientTokenExchangeSession.js +16 -0
- package/dist/cjs/shared/hooks/useClientTokenExchangeSession.js.map +1 -0
- package/dist/cjs/shared/hooks/useRefresh.d.ts +3 -1
- package/dist/cjs/shared/hooks/useRefresh.d.ts.map +1 -1
- package/dist/cjs/shared/hooks/useRefresh.js +10 -2
- package/dist/cjs/shared/hooks/useRefresh.js.map +1 -1
- package/dist/cjs/shared/lib/AuthenticationRefresherImpl.d.ts +2 -2
- package/dist/cjs/shared/lib/AuthenticationRefresherImpl.d.ts.map +1 -1
- package/dist/cjs/shared/lib/AuthenticationRefresherImpl.js +7 -4
- package/dist/cjs/shared/lib/AuthenticationRefresherImpl.js.map +1 -1
- package/dist/cjs/shared/lib/BrowserAuthenticationRefresher.d.ts +11 -0
- package/dist/cjs/shared/lib/BrowserAuthenticationRefresher.d.ts.map +1 -0
- package/dist/cjs/shared/lib/BrowserAuthenticationRefresher.js +63 -0
- package/dist/cjs/shared/lib/BrowserAuthenticationRefresher.js.map +1 -0
- package/dist/cjs/shared/lib/GenericAuthenticationRefresher copy.d.ts +18 -0
- package/dist/cjs/shared/lib/GenericAuthenticationRefresher copy.d.ts.map +1 -0
- package/dist/cjs/shared/lib/GenericAuthenticationRefresher copy.js +85 -0
- package/dist/cjs/shared/lib/GenericAuthenticationRefresher copy.js.map +1 -0
- package/dist/cjs/shared/lib/GenericAuthenticationRefresher.d.ts +2 -4
- package/dist/cjs/shared/lib/GenericAuthenticationRefresher.d.ts.map +1 -1
- package/dist/cjs/shared/lib/GenericAuthenticationRefresher.js +9 -36
- package/dist/cjs/shared/lib/GenericAuthenticationRefresher.js.map +1 -1
- package/dist/cjs/shared/lib/util.d.ts.map +1 -1
- package/dist/cjs/shared/lib/util.js +14 -1
- package/dist/cjs/shared/lib/util.js.map +1 -1
- package/dist/cjs/shared/providers/AuthProvider.d.ts +22 -0
- package/dist/cjs/shared/providers/AuthProvider.d.ts.map +1 -0
- package/dist/cjs/shared/providers/AuthProvider.js +108 -0
- package/dist/cjs/shared/providers/AuthProvider.js.map +1 -0
- package/dist/cjs/shared/providers/CivicAuthProvider.d.ts +6 -0
- package/dist/cjs/shared/providers/CivicAuthProvider.d.ts.map +1 -0
- package/dist/cjs/shared/providers/CivicAuthProvider.js +38 -0
- package/dist/cjs/shared/providers/CivicAuthProvider.js.map +1 -0
- package/dist/cjs/shared/providers/ClientTokenExchangeSessionProvider.d.ts +17 -0
- package/dist/cjs/shared/providers/ClientTokenExchangeSessionProvider.d.ts.map +1 -0
- package/dist/cjs/shared/providers/ClientTokenExchangeSessionProvider.js +168 -0
- package/dist/cjs/shared/providers/ClientTokenExchangeSessionProvider.js.map +1 -0
- package/dist/esm/nextjs/GetUser.d.ts +6 -0
- package/dist/esm/nextjs/GetUser.d.ts.map +1 -0
- package/dist/esm/nextjs/GetUser.js +7 -0
- package/dist/esm/nextjs/GetUser.js.map +1 -0
- package/dist/esm/nextjs/NextClientAuthenticationRefresher.d.ts +3 -4
- package/dist/esm/nextjs/NextClientAuthenticationRefresher.d.ts.map +1 -1
- package/dist/esm/nextjs/NextClientAuthenticationRefresher.js +14 -12
- package/dist/esm/nextjs/NextClientAuthenticationRefresher.js.map +1 -1
- package/dist/esm/nextjs/NextServerAuthenticationRefresherImpl.d.ts +2 -1
- package/dist/esm/nextjs/NextServerAuthenticationRefresherImpl.d.ts.map +1 -1
- package/dist/esm/nextjs/NextServerAuthenticationRefresherImpl.js +10 -2
- package/dist/esm/nextjs/NextServerAuthenticationRefresherImpl.js.map +1 -1
- package/dist/esm/nextjs/hooks/useRefresh.d.ts +3 -1
- package/dist/esm/nextjs/hooks/useRefresh.d.ts.map +1 -1
- package/dist/esm/nextjs/hooks/useRefresh.js +10 -2
- package/dist/esm/nextjs/hooks/useRefresh.js.map +1 -1
- package/dist/esm/nextjs/providers/NextAuthProvider.d.ts.map +1 -1
- package/dist/esm/nextjs/providers/NextAuthProvider.js +7 -1
- package/dist/esm/nextjs/providers/NextAuthProvider.js.map +1 -1
- package/dist/esm/nextjs/routeHandler.d.ts.map +1 -1
- package/dist/esm/nextjs/routeHandler.js +18 -11
- package/dist/esm/nextjs/routeHandler.js.map +1 -1
- package/dist/esm/reactjs/hooks/useAuth.d.ts +3 -0
- package/dist/esm/reactjs/hooks/useAuth.d.ts.map +1 -0
- package/dist/esm/reactjs/hooks/useAuth.js +12 -0
- package/dist/esm/reactjs/hooks/useAuth.js.map +1 -0
- package/dist/esm/reactjs/hooks/useSignIn.d.ts +6 -0
- package/dist/esm/reactjs/hooks/useSignIn.d.ts.map +1 -0
- package/dist/esm/reactjs/hooks/useSignIn.js +34 -0
- package/dist/esm/reactjs/hooks/useSignIn.js.map +1 -0
- package/dist/esm/reactjs/providers/AuthProvider.d.ts.map +1 -1
- package/dist/esm/reactjs/providers/AuthProvider.js +8 -0
- package/dist/esm/reactjs/providers/AuthProvider.js.map +1 -1
- package/dist/esm/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts.map +1 -1
- package/dist/esm/reactjs/providers/ClientTokenExchangeSessionProvider.js +1 -2
- package/dist/esm/reactjs/providers/ClientTokenExchangeSessionProvider.js.map +1 -1
- package/dist/esm/server/refresh.d.ts.map +1 -1
- package/dist/esm/server/refresh.js +4 -1
- package/dist/esm/server/refresh.js.map +1 -1
- package/dist/esm/services/AuthenticationService.d.ts.map +1 -1
- package/dist/esm/services/AuthenticationService.js +0 -5
- package/dist/esm/services/AuthenticationService.js.map +1 -1
- package/dist/esm/shared/components/CivicAuthIframe.d.ts.map +1 -1
- package/dist/esm/shared/components/CivicAuthIframe.js +8 -2
- package/dist/esm/shared/components/CivicAuthIframe.js.map +1 -1
- package/dist/esm/shared/hooks/useClientTokenExchangeSession.d.ts +3 -0
- package/dist/esm/shared/hooks/useClientTokenExchangeSession.d.ts.map +1 -0
- package/dist/esm/shared/hooks/useClientTokenExchangeSession.js +13 -0
- package/dist/esm/shared/hooks/useClientTokenExchangeSession.js.map +1 -0
- package/dist/esm/shared/hooks/useRefresh.d.ts +3 -1
- package/dist/esm/shared/hooks/useRefresh.d.ts.map +1 -1
- package/dist/esm/shared/hooks/useRefresh.js +10 -2
- package/dist/esm/shared/hooks/useRefresh.js.map +1 -1
- package/dist/esm/shared/lib/AuthenticationRefresherImpl.d.ts +2 -2
- package/dist/esm/shared/lib/AuthenticationRefresherImpl.d.ts.map +1 -1
- package/dist/esm/shared/lib/AuthenticationRefresherImpl.js +7 -4
- package/dist/esm/shared/lib/AuthenticationRefresherImpl.js.map +1 -1
- package/dist/esm/shared/lib/BrowserAuthenticationRefresher.d.ts +11 -0
- package/dist/esm/shared/lib/BrowserAuthenticationRefresher.d.ts.map +1 -0
- package/dist/esm/shared/lib/BrowserAuthenticationRefresher.js +59 -0
- package/dist/esm/shared/lib/BrowserAuthenticationRefresher.js.map +1 -0
- package/dist/esm/shared/lib/GenericAuthenticationRefresher.d.ts +2 -4
- package/dist/esm/shared/lib/GenericAuthenticationRefresher.d.ts.map +1 -1
- package/dist/esm/shared/lib/GenericAuthenticationRefresher.js +11 -38
- package/dist/esm/shared/lib/GenericAuthenticationRefresher.js.map +1 -1
- package/dist/esm/shared/lib/util.d.ts.map +1 -1
- package/dist/esm/shared/lib/util.js +14 -1
- package/dist/esm/shared/lib/util.js.map +1 -1
- package/dist/esm/shared/providers/AuthProvider.d.ts +22 -0
- package/dist/esm/shared/providers/AuthProvider.d.ts.map +1 -0
- package/dist/esm/shared/providers/AuthProvider.js +72 -0
- package/dist/esm/shared/providers/AuthProvider.js.map +1 -0
- package/dist/esm/shared/providers/CivicAuthProvider.d.ts +6 -0
- package/dist/esm/shared/providers/CivicAuthProvider.d.ts.map +1 -0
- package/dist/esm/shared/providers/CivicAuthProvider.js +32 -0
- package/dist/esm/shared/providers/CivicAuthProvider.js.map +1 -0
- package/dist/esm/shared/providers/ClientTokenExchangeSessionProvider.d.ts +17 -0
- package/dist/esm/shared/providers/ClientTokenExchangeSessionProvider.d.ts.map +1 -0
- package/dist/esm/shared/providers/ClientTokenExchangeSessionProvider.js +131 -0
- package/dist/esm/shared/providers/ClientTokenExchangeSessionProvider.js.map +1 -0
- package/dist/nextjs/providers/NextAuthProvider.d.ts.map +1 -1
- package/dist/nextjs/providers/NextAuthProvider.js +9 -4
- package/dist/nextjs/providers/NextAuthProvider.js.map +1 -1
- package/dist/reactjs/providers/AuthProvider.d.ts.map +1 -1
- package/dist/reactjs/providers/AuthProvider.js +3 -1
- package/dist/reactjs/providers/AuthProvider.js.map +1 -1
- package/dist/shared/components/CivicAuthIframeContainer.d.ts.map +1 -1
- package/dist/shared/components/CivicAuthIframeContainer.js +4 -1
- package/dist/shared/components/CivicAuthIframeContainer.js.map +1 -1
- package/dist/shared/hooks/useSignIn.js +3 -3
- package/dist/shared/hooks/useSignIn.js.map +1 -1
- package/dist/shared/lib/iframeUtils.d.ts +1 -1
- package/dist/shared/lib/iframeUtils.d.ts.map +1 -1
- package/dist/shared/lib/iframeUtils.js +2 -2
- package/dist/shared/lib/iframeUtils.js.map +1 -1
- package/dist/shared/providers/IframeProvider.d.ts +3 -0
- package/dist/shared/providers/IframeProvider.d.ts.map +1 -1
- package/dist/shared/providers/IframeProvider.js +5 -0
- package/dist/shared/providers/IframeProvider.js.map +1 -1
- package/dist/shared/version.d.ts +1 -1
- package/dist/shared/version.d.ts.map +1 -1
- package/dist/shared/version.js +1 -1
- package/dist/shared/version.js.map +1 -1
- package/dist/tsconfig.cjs.tsbuildinfo +1 -1
- package/dist/tsconfig.esm.tsbuildinfo +1 -1
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,6 @@
|
|
|
1
|
+
# 0.3.8 Fix NextJS cookie expiration behaviour
|
|
2
|
+
- fix the civic-auth SDK NextJS cookie expiration behaviour for embedded iframes: when the iframe mounts, it will trigger the auto sign-in process to start again
|
|
3
|
+
|
|
1
4
|
# 0.3.7 Fix user auth refresh
|
|
2
5
|
- Fix issue where a 500 occurred during token refresh
|
|
3
6
|
- UI fixes
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"GetUser.d.ts","sourceRoot":"","sources":["../../../src/nextjs/GetUser.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAIvC,eAAO,MAAM,OAAO,QAAa,OAAO,CAAC,IAAI,GAAG,IAAI,CAGnD,CAAC"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.getUser = void 0;
|
|
4
|
+
const cookies_js_1 = require("../nextjs/cookies.js");
|
|
5
|
+
const session_js_1 = require("../shared/lib/session.js");
|
|
6
|
+
const getUser = async () => {
|
|
7
|
+
const clientStorage = new cookies_js_1.NextjsClientStorage();
|
|
8
|
+
return (0, session_js_1.getUser)(clientStorage);
|
|
9
|
+
};
|
|
10
|
+
exports.getUser = getUser;
|
|
11
|
+
//# sourceMappingURL=GetUser.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"GetUser.js","sourceRoot":"","sources":["../../../src/nextjs/GetUser.ts"],"names":[],"mappings":";;;AAIA,oDAA0D;AAC1D,wDAAoE;AAE7D,MAAM,OAAO,GAAG,KAAK,IAA0B,EAAE;IACtD,MAAM,aAAa,GAAG,IAAI,gCAAmB,EAAE,CAAC;IAChD,OAAO,IAAA,oBAAc,EAAC,aAAa,CAAC,CAAC;AACvC,CAAC,CAAC;AAHW,QAAA,OAAO,WAGlB","sourcesContent":["/**\n * Used on the server-side to get the user object from the cookie\n */\nimport type { User } from \"@/types.js\";\nimport { NextjsClientStorage } from \"@/nextjs/cookies.js\";\nimport { getUser as getSessionUser } from \"@/shared/lib/session.js\";\n\nexport const getUser = async (): Promise<User | null> => {\n const clientStorage = new NextjsClientStorage();\n return getSessionUser(clientStorage);\n};\n"]}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { AuthenticationRefresherImpl } from "../shared/lib/AuthenticationRefresherImpl.js";
|
|
2
|
+
import type { Endpoints, OIDCTokenResponseBody } from "../types.js";
|
|
3
|
+
import type { AuthConfig } from "../server/config.js";
|
|
4
|
+
import type { CookieStorage } from "../server/index.js";
|
|
5
|
+
export declare class NextAuthenticationRefresherImpl extends AuthenticationRefresherImpl {
|
|
6
|
+
endpointOverrides?: Partial<Endpoints> | undefined;
|
|
7
|
+
storage: CookieStorage | undefined;
|
|
8
|
+
constructor(authConfig: AuthConfig, storage: CookieStorage, endpointOverrides?: Partial<Endpoints> | undefined);
|
|
9
|
+
storeTokens(tokenResponseBody: OIDCTokenResponseBody): Promise<void>;
|
|
10
|
+
}
|
|
11
|
+
//# sourceMappingURL=NextAuthenticationRefresherImpl.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"NextAuthenticationRefresherImpl.d.ts","sourceRoot":"","sources":["../../../src/nextjs/NextAuthenticationRefresherImpl.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,2BAA2B,EAAE,MAAM,6CAA6C,CAAC;AAC1F,OAAO,KAAK,EAAe,SAAS,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAChF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAErD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAEvD,qBAAa,+BAAgC,SAAQ,2BAA2B;IAKnE,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC;IAJxC,OAAO,EAAE,aAAa,GAAG,SAAS,CAAC;gBAE1C,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE,aAAa,EACb,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,YAAA;IAMlC,WAAW,CACxB,iBAAiB,EAAE,qBAAqB,GACvC,OAAO,CAAC,IAAI,CAAC;CAIjB"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.NextAuthenticationRefresherImpl = void 0;
|
|
4
|
+
const AuthenticationRefresherImpl_js_1 = require("../shared/lib/AuthenticationRefresherImpl.js");
|
|
5
|
+
const util_js_1 = require("../shared/lib/util.js");
|
|
6
|
+
class NextAuthenticationRefresherImpl extends AuthenticationRefresherImpl_js_1.AuthenticationRefresherImpl {
|
|
7
|
+
endpointOverrides;
|
|
8
|
+
storage;
|
|
9
|
+
constructor(authConfig, storage, endpointOverrides) {
|
|
10
|
+
super(authConfig, storage, endpointOverrides);
|
|
11
|
+
this.endpointOverrides = endpointOverrides;
|
|
12
|
+
this.storage = storage;
|
|
13
|
+
}
|
|
14
|
+
async storeTokens(tokenResponseBody) {
|
|
15
|
+
if (!this.storage)
|
|
16
|
+
throw new Error("No storage available");
|
|
17
|
+
await (0, util_js_1.storeServerTokens)(this.storage, tokenResponseBody);
|
|
18
|
+
}
|
|
19
|
+
}
|
|
20
|
+
exports.NextAuthenticationRefresherImpl = NextAuthenticationRefresherImpl;
|
|
21
|
+
//# sourceMappingURL=NextAuthenticationRefresherImpl.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"NextAuthenticationRefresherImpl.js","sourceRoot":"","sources":["../../../src/nextjs/NextAuthenticationRefresherImpl.ts"],"names":[],"mappings":";;;AAAA,gGAA0F;AAG1F,kDAAsE;AAGtE,MAAa,+BAAgC,SAAQ,4DAA2B;IAKnE;IAJF,OAAO,CAA4B;IAC5C,YACE,UAAsB,EACtB,OAAsB,EACb,iBAAsC;QAE/C,KAAK,CAAC,UAAU,EAAE,OAAO,EAAE,iBAAiB,CAAC,CAAC;QAFrC,sBAAiB,GAAjB,iBAAiB,CAAqB;QAG/C,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAEQ,KAAK,CAAC,WAAW,CACxB,iBAAwC;QAExC,IAAI,CAAC,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC3D,MAAM,IAAA,2BAAiB,EAAC,IAAI,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;IAC3D,CAAC;CACF;AAjBD,0EAiBC","sourcesContent":["import { AuthenticationRefresherImpl } from \"@/shared/lib/AuthenticationRefresherImpl.js\";\nimport type { AuthStorage, Endpoints, OIDCTokenResponseBody } from \"@/types.js\";\nimport type { AuthConfig } from \"@/server/config.js\";\nimport { storeServerTokens, storeTokens } from \"@/shared/lib/util.js\";\nimport type { CookieStorage } from \"@/server/index.js\";\n\nexport class NextAuthenticationRefresherImpl extends AuthenticationRefresherImpl {\n override storage: CookieStorage | undefined;\n constructor(\n authConfig: AuthConfig,\n storage: CookieStorage,\n override endpointOverrides?: Partial<Endpoints>,\n ) {\n super(authConfig, storage, endpointOverrides);\n this.storage = storage;\n }\n\n override async storeTokens(\n tokenResponseBody: OIDCTokenResponseBody,\n ): Promise<void> {\n if (!this.storage) throw new Error(\"No storage available\");\n await storeServerTokens(this.storage, tokenResponseBody);\n }\n}\n\n"]}
|
|
@@ -1,9 +1,8 @@
|
|
|
1
1
|
import type { AuthConfig } from "../server/config.js";
|
|
2
2
|
import type { AuthStorage, OIDCTokenResponseBody } from "../types.js";
|
|
3
|
-
import {
|
|
4
|
-
export declare class NextClientAuthenticationRefresher extends
|
|
5
|
-
|
|
6
|
-
static build(authConfig: AuthConfig, storage: AuthStorage): Promise<NextClientAuthenticationRefresher>;
|
|
3
|
+
import { BrowserAuthenticationRefresher } from "../shared/lib/BrowserAuthenticationRefresher.js";
|
|
4
|
+
export declare class NextClientAuthenticationRefresher extends BrowserAuthenticationRefresher {
|
|
5
|
+
static build(authConfig: AuthConfig, storage: AuthStorage, onError: (error: Error) => Promise<void>): Promise<NextClientAuthenticationRefresher>;
|
|
7
6
|
refreshAccessToken(): Promise<OIDCTokenResponseBody>;
|
|
8
7
|
}
|
|
9
8
|
//# sourceMappingURL=NextClientAuthenticationRefresher.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"NextClientAuthenticationRefresher.d.ts","sourceRoot":"","sources":["../../../src/nextjs/NextClientAuthenticationRefresher.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AACrE,OAAO,EAAE,8BAA8B,EAAE,MAAM,gDAAgD,CAAC;AAEhG,qBAAa,iCAAkC,SAAQ,8BAA8B;
|
|
1
|
+
{"version":3,"file":"NextClientAuthenticationRefresher.d.ts","sourceRoot":"","sources":["../../../src/nextjs/NextClientAuthenticationRefresher.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AACrE,OAAO,EAAE,8BAA8B,EAAE,MAAM,gDAAgD,CAAC;AAEhG,qBAAa,iCAAkC,SAAQ,8BAA8B;WAC7D,KAAK,CACzB,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE,WAAW,EACpB,OAAO,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,IAAI,CAAC,GACvC,OAAO,CAAC,iCAAiC,CAAC;IAS9B,kBAAkB,IAAI,OAAO,CAAC,qBAAqB,CAAC;CAkBpE"}
|
|
@@ -1,15 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.NextClientAuthenticationRefresher = void 0;
|
|
4
|
-
const
|
|
5
|
-
class NextClientAuthenticationRefresher extends
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
this.authConfig = authConfig;
|
|
9
|
-
this.storage = storage;
|
|
10
|
-
}
|
|
11
|
-
static async build(authConfig, storage) {
|
|
12
|
-
const refresher = new NextClientAuthenticationRefresher(authConfig, storage);
|
|
4
|
+
const BrowserAuthenticationRefresher_js_1 = require("../shared/lib/BrowserAuthenticationRefresher.js");
|
|
5
|
+
class NextClientAuthenticationRefresher extends BrowserAuthenticationRefresher_js_1.BrowserAuthenticationRefresher {
|
|
6
|
+
static async build(authConfig, storage, onError) {
|
|
7
|
+
const refresher = new NextClientAuthenticationRefresher(authConfig, storage, onError);
|
|
13
8
|
return refresher;
|
|
14
9
|
}
|
|
15
10
|
async refreshAccessToken() {
|
|
@@ -17,9 +12,16 @@ class NextClientAuthenticationRefresher extends GenericAuthenticationRefresher_j
|
|
|
17
12
|
throw new Error("No auth config available");
|
|
18
13
|
if (!this.authConfig.refreshUrl)
|
|
19
14
|
throw new Error("No refresh URL available");
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
15
|
+
try {
|
|
16
|
+
const res = await fetch(`${this.authConfig?.refreshUrl}`);
|
|
17
|
+
const json = await res.json();
|
|
18
|
+
return json.tokens;
|
|
19
|
+
}
|
|
20
|
+
catch (error) {
|
|
21
|
+
console.error("NextClientAuthenticationRefresher refreshAccessToken: Failed to refresh tokens:", error);
|
|
22
|
+
this.onError(error);
|
|
23
|
+
throw error;
|
|
24
|
+
}
|
|
23
25
|
}
|
|
24
26
|
}
|
|
25
27
|
exports.NextClientAuthenticationRefresher = NextClientAuthenticationRefresher;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"NextClientAuthenticationRefresher.js","sourceRoot":"","sources":["../../../src/nextjs/NextClientAuthenticationRefresher.ts"],"names":[],"mappings":";;;AAEA,sGAAgG;AAEhG,MAAa,iCAAkC,SAAQ,kEAA8B;IACnF,
|
|
1
|
+
{"version":3,"file":"NextClientAuthenticationRefresher.js","sourceRoot":"","sources":["../../../src/nextjs/NextClientAuthenticationRefresher.ts"],"names":[],"mappings":";;;AAEA,sGAAgG;AAEhG,MAAa,iCAAkC,SAAQ,kEAA8B;IACnF,MAAM,CAAU,KAAK,CAAC,KAAK,CACzB,UAAsB,EACtB,OAAoB,EACpB,OAAwC;QAExC,MAAM,SAAS,GAAG,IAAI,iCAAiC,CACrD,UAAU,EACV,OAAO,EACP,OAAO,CACR,CAAC;QACF,OAAO,SAAS,CAAC;IACnB,CAAC;IAEQ,KAAK,CAAC,kBAAkB;QAC/B,IAAI,CAAC,IAAI,CAAC,UAAU;YAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QAClE,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU;YAC7B,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QAE9C,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,UAAU,EAAE,UAAU,EAAE,CAAC,CAAC;YAC1D,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC,MAA+B,CAAC;QAC9C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CACX,iFAAiF,EACjF,KAAK,CACN,CAAC;YACF,IAAI,CAAC,OAAO,CAAC,KAAc,CAAC,CAAC;YAC7B,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;CACF;AAhCD,8EAgCC","sourcesContent":["import type { AuthConfig } from \"@/server/config.js\";\nimport type { AuthStorage, OIDCTokenResponseBody } from \"@/types.js\";\nimport { BrowserAuthenticationRefresher } from \"@/shared/lib/BrowserAuthenticationRefresher.js\";\n\nexport class NextClientAuthenticationRefresher extends BrowserAuthenticationRefresher {\n static override async build(\n authConfig: AuthConfig,\n storage: AuthStorage,\n onError: (error: Error) => Promise<void>,\n ): Promise<NextClientAuthenticationRefresher> {\n const refresher = new NextClientAuthenticationRefresher(\n authConfig,\n storage,\n onError,\n );\n return refresher;\n }\n\n override async refreshAccessToken(): Promise<OIDCTokenResponseBody> {\n if (!this.authConfig) throw new Error(\"No auth config available\");\n if (!this.authConfig.refreshUrl)\n throw new Error(\"No refresh URL available\");\n\n try {\n const res = await fetch(`${this.authConfig?.refreshUrl}`);\n const json = await res.json();\n return json.tokens as OIDCTokenResponseBody;\n } catch (error) {\n console.error(\n \"NextClientAuthenticationRefresher refreshAccessToken: Failed to refresh tokens:\",\n error,\n );\n this.onError(error as Error);\n throw error;\n }\n }\n}\n"]}
|
|
@@ -5,7 +5,8 @@ import type { CookieStorage } from "../server/index.js";
|
|
|
5
5
|
export declare class NextServerAuthenticationRefresherImpl extends AuthenticationRefresherImpl {
|
|
6
6
|
endpointOverrides?: Partial<Endpoints> | undefined;
|
|
7
7
|
storage: CookieStorage | undefined;
|
|
8
|
-
constructor(authConfig: AuthConfig, storage: CookieStorage, endpointOverrides?: Partial<Endpoints> | undefined);
|
|
8
|
+
constructor(authConfig: AuthConfig, storage: CookieStorage, onError: (error: Error) => Promise<void>, endpointOverrides?: Partial<Endpoints> | undefined);
|
|
9
9
|
storeTokens(tokenResponseBody: OIDCTokenResponseBody): Promise<void>;
|
|
10
|
+
static build(authConfig: AuthConfig, storage: CookieStorage, onError: (error: Error) => Promise<void>, endpointOverrides?: Partial<Endpoints>): Promise<NextServerAuthenticationRefresherImpl>;
|
|
10
11
|
}
|
|
11
12
|
//# sourceMappingURL=NextServerAuthenticationRefresherImpl.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"NextServerAuthenticationRefresherImpl.d.ts","sourceRoot":"","sources":["../../../src/nextjs/NextServerAuthenticationRefresherImpl.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,2BAA2B,EAAE,MAAM,6CAA6C,CAAC;AAC1F,OAAO,KAAK,EAAE,SAAS,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AACnE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAErD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAEvD,qBAAa,qCAAsC,SAAQ,2BAA2B;
|
|
1
|
+
{"version":3,"file":"NextServerAuthenticationRefresherImpl.d.ts","sourceRoot":"","sources":["../../../src/nextjs/NextServerAuthenticationRefresherImpl.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,2BAA2B,EAAE,MAAM,6CAA6C,CAAC;AAC1F,OAAO,KAAK,EAAE,SAAS,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AACnE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAErD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAEvD,qBAAa,qCAAsC,SAAQ,2BAA2B;IAMzE,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC;IALxC,OAAO,EAAE,aAAa,GAAG,SAAS,CAAC;gBAE1C,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE,aAAa,EACtB,OAAO,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,IAAI,CAAC,EAC/B,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,YAAA;IAMlC,WAAW,CACxB,iBAAiB,EAAE,qBAAqB,GACvC,OAAO,CAAC,IAAI,CAAC;WAYM,KAAK,CACzB,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE,aAAa,EACtB,OAAO,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,IAAI,CAAC,EACxC,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,GACrC,OAAO,CAAC,qCAAqC,CAAC;CAWlD"}
|
|
@@ -6,16 +6,24 @@ const util_js_1 = require("../shared/lib/util.js");
|
|
|
6
6
|
class NextServerAuthenticationRefresherImpl extends AuthenticationRefresherImpl_js_1.AuthenticationRefresherImpl {
|
|
7
7
|
endpointOverrides;
|
|
8
8
|
storage;
|
|
9
|
-
constructor(authConfig, storage, endpointOverrides) {
|
|
10
|
-
super(authConfig, storage, endpointOverrides);
|
|
9
|
+
constructor(authConfig, storage, onError, endpointOverrides) {
|
|
10
|
+
super(authConfig, storage, onError, endpointOverrides);
|
|
11
11
|
this.endpointOverrides = endpointOverrides;
|
|
12
12
|
this.storage = storage;
|
|
13
13
|
}
|
|
14
14
|
async storeTokens(tokenResponseBody) {
|
|
15
15
|
if (!this.storage)
|
|
16
16
|
throw new Error("No storage available");
|
|
17
|
+
console.log("NextServerAuthenticationRefresherImpl storeTokens calling storeServerTokens", {
|
|
18
|
+
tokenResponseBody,
|
|
19
|
+
});
|
|
17
20
|
await (0, util_js_1.storeServerTokens)(this.storage, tokenResponseBody);
|
|
18
21
|
}
|
|
22
|
+
static async build(authConfig, storage, onError, endpointOverrides) {
|
|
23
|
+
const refresher = new NextServerAuthenticationRefresherImpl(authConfig, storage, onError, endpointOverrides);
|
|
24
|
+
await refresher.init();
|
|
25
|
+
return refresher;
|
|
26
|
+
}
|
|
19
27
|
}
|
|
20
28
|
exports.NextServerAuthenticationRefresherImpl = NextServerAuthenticationRefresherImpl;
|
|
21
29
|
//# sourceMappingURL=NextServerAuthenticationRefresherImpl.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"NextServerAuthenticationRefresherImpl.js","sourceRoot":"","sources":["../../../src/nextjs/NextServerAuthenticationRefresherImpl.ts"],"names":[],"mappings":";;;AAAA,gGAA0F;AAG1F,kDAAyD;AAGzD,MAAa,qCAAsC,SAAQ,4DAA2B;
|
|
1
|
+
{"version":3,"file":"NextServerAuthenticationRefresherImpl.js","sourceRoot":"","sources":["../../../src/nextjs/NextServerAuthenticationRefresherImpl.ts"],"names":[],"mappings":";;;AAAA,gGAA0F;AAG1F,kDAAyD;AAGzD,MAAa,qCAAsC,SAAQ,4DAA2B;IAMzE;IALF,OAAO,CAA4B;IAC5C,YACE,UAAsB,EACtB,OAAsB,EACtB,OAAwC,EAC/B,iBAAsC;QAE/C,KAAK,CAAC,UAAU,EAAE,OAAO,EAAE,OAAO,EAAE,iBAAiB,CAAC,CAAC;QAF9C,sBAAiB,GAAjB,iBAAiB,CAAqB;QAG/C,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAEQ,KAAK,CAAC,WAAW,CACxB,iBAAwC;QAExC,IAAI,CAAC,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAE3D,OAAO,CAAC,GAAG,CACT,6EAA6E,EAC7E;YACE,iBAAiB;SAClB,CACF,CAAC;QACF,MAAM,IAAA,2BAAiB,EAAC,IAAI,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;IAC3D,CAAC;IAED,MAAM,CAAU,KAAK,CAAC,KAAK,CACzB,UAAsB,EACtB,OAAsB,EACtB,OAAwC,EACxC,iBAAsC;QAEtC,MAAM,SAAS,GAAG,IAAI,qCAAqC,CACzD,UAAU,EACV,OAAO,EACP,OAAO,EACP,iBAAiB,CAClB,CAAC;QACF,MAAM,SAAS,CAAC,IAAI,EAAE,CAAC;QAEvB,OAAO,SAAS,CAAC;IACnB,CAAC;CACF;AA1CD,sFA0CC","sourcesContent":["import { AuthenticationRefresherImpl } from \"@/shared/lib/AuthenticationRefresherImpl.js\";\nimport type { Endpoints, OIDCTokenResponseBody } from \"@/types.js\";\nimport type { AuthConfig } from \"@/server/config.js\";\nimport { storeServerTokens } from \"@/shared/lib/util.js\";\nimport type { CookieStorage } from \"@/server/index.js\";\n\nexport class NextServerAuthenticationRefresherImpl extends AuthenticationRefresherImpl {\n override storage: CookieStorage | undefined;\n constructor(\n authConfig: AuthConfig,\n storage: CookieStorage,\n onError: (error: Error) => Promise<void>,\n override endpointOverrides?: Partial<Endpoints>,\n ) {\n super(authConfig, storage, onError, endpointOverrides);\n this.storage = storage;\n }\n\n override async storeTokens(\n tokenResponseBody: OIDCTokenResponseBody,\n ): Promise<void> {\n if (!this.storage) throw new Error(\"No storage available\");\n\n console.log(\n \"NextServerAuthenticationRefresherImpl storeTokens calling storeServerTokens\",\n {\n tokenResponseBody,\n },\n );\n await storeServerTokens(this.storage, tokenResponseBody);\n }\n\n static override async build(\n authConfig: AuthConfig,\n storage: CookieStorage,\n onError: (error: Error) => Promise<void>,\n endpointOverrides?: Partial<Endpoints>,\n ): Promise<NextServerAuthenticationRefresherImpl> {\n const refresher = new NextServerAuthenticationRefresherImpl(\n authConfig,\n storage,\n onError,\n endpointOverrides,\n );\n await refresher.init();\n\n return refresher;\n }\n}\n"]}
|
|
@@ -1,4 +1,6 @@
|
|
|
1
1
|
import type { SessionData } from "../../types.js";
|
|
2
|
-
declare const useRefresh: (session: SessionData | null) =>
|
|
2
|
+
declare const useRefresh: (session: SessionData | null) => {
|
|
3
|
+
error: Error | undefined;
|
|
4
|
+
};
|
|
3
5
|
export { useRefresh };
|
|
4
6
|
//# sourceMappingURL=useRefresh.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"useRefresh.d.ts","sourceRoot":"","sources":["../../../../src/nextjs/hooks/useRefresh.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAM9C,QAAA,MAAM,UAAU,YAAa,WAAW,GAAG,IAAI,
|
|
1
|
+
{"version":3,"file":"useRefresh.d.ts","sourceRoot":"","sources":["../../../../src/nextjs/hooks/useRefresh.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAM9C,QAAA,MAAM,UAAU,YAAa,WAAW,GAAG,IAAI;;CAoD9C,CAAC;AAEF,OAAO,EAAE,UAAU,EAAE,CAAC"}
|
|
@@ -3,10 +3,11 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.useRefresh = void 0;
|
|
4
4
|
const useCivicAuthConfig_js_1 = require("../../shared/hooks/useCivicAuthConfig.js");
|
|
5
5
|
const react_1 = require("react");
|
|
6
|
-
const NextClientAuthenticationRefresher_js_1 = require("../../nextjs/NextClientAuthenticationRefresher.js");
|
|
7
6
|
const index_js_1 = require("../../shared/index.js");
|
|
8
7
|
const config_js_1 = require("../config.js");
|
|
8
|
+
const NextClientAuthenticationRefresher_js_1 = require("../NextClientAuthenticationRefresher.js");
|
|
9
9
|
const useRefresh = (session) => {
|
|
10
|
+
const [error, setError] = (0, react_1.useState)();
|
|
10
11
|
const authConfig = (0, useCivicAuthConfig_js_1.useCivicAuthConfig)();
|
|
11
12
|
// setup token autorefresh
|
|
12
13
|
const [refresher, setRefresher] = (0, react_1.useState)(undefined);
|
|
@@ -17,7 +18,11 @@ const useRefresh = (session) => {
|
|
|
17
18
|
const currentRefresher = refresher;
|
|
18
19
|
const config = (0, config_js_1.resolveAuthConfig)(authConfig ?? {});
|
|
19
20
|
const storage = new index_js_1.BrowserCookieStorage(config.cookies.tokens.access_token);
|
|
20
|
-
|
|
21
|
+
const onError = async (error) => {
|
|
22
|
+
console.error("Error refreshing token", error);
|
|
23
|
+
setError(error);
|
|
24
|
+
};
|
|
25
|
+
NextClientAuthenticationRefresher_js_1.NextClientAuthenticationRefresher.build({ ...authConfig }, storage, onError).then((newRefresher) => {
|
|
21
26
|
if (abortController.signal.aborted)
|
|
22
27
|
return;
|
|
23
28
|
currentRefresher?.clearAutorefresh();
|
|
@@ -38,6 +43,9 @@ const useRefresh = (session) => {
|
|
|
38
43
|
}
|
|
39
44
|
return () => refresher?.clearAutorefresh();
|
|
40
45
|
}, [refresher, session?.authenticated]);
|
|
46
|
+
return {
|
|
47
|
+
error,
|
|
48
|
+
};
|
|
41
49
|
};
|
|
42
50
|
exports.useRefresh = useRefresh;
|
|
43
51
|
//# sourceMappingURL=useRefresh.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"useRefresh.js","sourceRoot":"","sources":["../../../../src/nextjs/hooks/useRefresh.ts"],"names":[],"mappings":";;;AAAA,gFAA0E;AAE1E,iCAA4C;AAC5C,
|
|
1
|
+
{"version":3,"file":"useRefresh.js","sourceRoot":"","sources":["../../../../src/nextjs/hooks/useRefresh.ts"],"names":[],"mappings":";;;AAAA,gFAA0E;AAE1E,iCAA4C;AAC5C,gDAAyD;AACzD,4CAAiD;AACjD,kGAA4F;AAE5F,MAAM,UAAU,GAAG,CAAC,OAA2B,EAAE,EAAE;IACjD,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,IAAA,gBAAQ,GAAS,CAAC;IAC5C,MAAM,UAAU,GAAG,IAAA,0CAAkB,GAAE,CAAC;IAExC,0BAA0B;IAC1B,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,IAAA,gBAAQ,EAExC,SAAS,CAAC,CAAC;IAEb,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,CAAC,UAAU;YAAE,OAAO;QACxB,MAAM,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC;QAC9C,MAAM,gBAAgB,GAAG,SAAS,CAAC;QACnC,MAAM,MAAM,GAAG,IAAA,6BAAiB,EAAC,UAAU,IAAI,EAAE,CAAC,CAAC;QACnD,MAAM,OAAO,GAAG,IAAI,+BAAoB,CACtC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,CACnC,CAAC;QACF,MAAM,OAAO,GAAG,KAAK,EAAE,KAAY,EAAE,EAAE;YACrC,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;YAC/C,QAAQ,CAAC,KAAK,CAAC,CAAC;QAClB,CAAC,CAAC;QACF,wEAAiC,CAAC,KAAK,CACrC,EAAE,GAAG,UAAU,EAAE,EACjB,OAAO,EACP,OAAO,CACR,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,EAAE;YACtB,IAAI,eAAe,CAAC,MAAM,CAAC,OAAO;gBAAE,OAAO;YAE3C,gBAAgB,EAAE,gBAAgB,EAAE,CAAC;YACrC,YAAY,CAAC,YAAY,CAAC,CAAC;QAC7B,CAAC,CAAC,CAAC;QAEH,OAAO,GAAG,EAAE;YACV,eAAe,CAAC,KAAK,EAAE,CAAC;YACxB,gBAAgB,EAAE,gBAAgB,EAAE,CAAC;QACvC,CAAC,CAAC;QACF,uDAAuD;IACzD,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,uCAAuC;IAEzD,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,OAAO,EAAE,aAAa,EAAE,CAAC;YAC3B,SAAS,EAAE,gBAAgB,EAAE,CAAC;QAChC,CAAC;aAAM,CAAC;YACN,SAAS,EAAE,gBAAgB,EAAE,CAAC;QAChC,CAAC;QAED,OAAO,GAAG,EAAE,CAAC,SAAS,EAAE,gBAAgB,EAAE,CAAC;IAC7C,CAAC,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC;IAExC,OAAO;QACL,KAAK;KACN,CAAC;AACJ,CAAC,CAAC;AAEO,gCAAU","sourcesContent":["import { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport type { SessionData } from \"@/types.js\";\nimport { useEffect, useState } from \"react\";\nimport { BrowserCookieStorage } from \"@/shared/index.js\";\nimport { resolveAuthConfig } from \"../config.js\";\nimport { NextClientAuthenticationRefresher } from \"../NextClientAuthenticationRefresher.js\";\n\nconst useRefresh = (session: SessionData | null) => {\n const [error, setError] = useState<Error>();\n const authConfig = useCivicAuthConfig();\n\n // setup token autorefresh\n const [refresher, setRefresher] = useState<\n NextClientAuthenticationRefresher | undefined\n >(undefined);\n\n useEffect(() => {\n if (!authConfig) return;\n const abortController = new AbortController();\n const currentRefresher = refresher;\n const config = resolveAuthConfig(authConfig ?? {});\n const storage = new BrowserCookieStorage(\n config.cookies.tokens.access_token,\n );\n const onError = async (error: Error) => {\n console.error(\"Error refreshing token\", error);\n setError(error);\n };\n NextClientAuthenticationRefresher.build(\n { ...authConfig },\n storage,\n onError,\n ).then((newRefresher) => {\n if (abortController.signal.aborted) return;\n\n currentRefresher?.clearAutorefresh();\n setRefresher(newRefresher);\n });\n\n return () => {\n abortController.abort();\n currentRefresher?.clearAutorefresh();\n };\n // eslint-disable-next-line react-hooks/exhaustive-deps\n }, [authConfig]); // Only depend on what actually changes\n\n useEffect(() => {\n if (session?.authenticated) {\n refresher?.setupAutorefresh();\n } else {\n refresher?.clearAutorefresh();\n }\n\n return () => refresher?.clearAutorefresh();\n }, [refresher, session?.authenticated]);\n\n return {\n error,\n };\n};\n\nexport { useRefresh };\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"NextAuthProvider.d.ts","sourceRoot":"","sources":["../../../../src/nextjs/providers/NextAuthProvider.tsx"],"names":[],"mappings":"AAKA,OAAO,EAEL,KAAK,sBAAsB,EAC5B,MAAM,oBAAoB,CAAC;AAe5B,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAcrE,KAAK,kCAAkC,GAAG,IAAI,CAC5C,iBAAiB,EACjB,UAAU,CACX,GAAG;IACF,cAAc,EAAE,sBAAsB,CAAC;CACxC,CAAC;AACF,KAAK,0BAA0B,GAAG,IAAI,CACpC,kCAAkC,EAClC,UAAU,GAAG,gBAAgB,GAAG,aAAa,CAC9C,CAAC;
|
|
1
|
+
{"version":3,"file":"NextAuthProvider.d.ts","sourceRoot":"","sources":["../../../../src/nextjs/providers/NextAuthProvider.tsx"],"names":[],"mappings":"AAKA,OAAO,EAEL,KAAK,sBAAsB,EAC5B,MAAM,oBAAoB,CAAC;AAe5B,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAcrE,KAAK,kCAAkC,GAAG,IAAI,CAC5C,iBAAiB,EACjB,UAAU,CACX,GAAG;IACF,cAAc,EAAE,sBAAsB,CAAC;CACxC,CAAC;AACF,KAAK,0BAA0B,GAAG,IAAI,CACpC,kCAAkC,EAClC,UAAU,GAAG,gBAAgB,GAAG,aAAa,CAC9C,CAAC;AA2HF,QAAA,MAAM,qBAAqB,2BAGxB,0BAA0B,qDA0C5B,CAAC;AAEF,OAAO,EAAE,qBAAqB,EAAE,KAAK,0BAA0B,EAAE,CAAC"}
|
|
@@ -72,6 +72,13 @@ const CivicNextAuthTokenProviderInternal = ({ children, isLoading, displayMode =
|
|
|
72
72
|
startSignIn,
|
|
73
73
|
displayMode,
|
|
74
74
|
]);
|
|
75
|
+
const { error: refreshError } = (0, useRefresh_js_1.useRefresh)(session);
|
|
76
|
+
(0, react_1.useEffect)(() => {
|
|
77
|
+
if (refreshError) {
|
|
78
|
+
console.error("Error refreshing token, signing out...", refreshError);
|
|
79
|
+
signOut();
|
|
80
|
+
}
|
|
81
|
+
}, [refreshError, signOut]);
|
|
75
82
|
return ((0, jsx_runtime_1.jsx)(TokenProvider_js_1.TokenProvider, { children: (0, jsx_runtime_1.jsxs)(UserProvider_js_1.UserProvider, { storage: new index_js_2.BrowserCookieStorage(), user: user, signOut: signOut, signIn: signIn, displayMode: displayMode, authStatus: authStatus, children: [(0, jsx_runtime_1.jsx)(IFrameAndLoading_js_1.IFrameAndLoading, { error: null, isLoading: isLoading }), isLoading && ((0, jsx_runtime_1.jsx)(BlockDisplay_js_1.BlockDisplay, { children: (0, jsx_runtime_1.jsx)(LoadingIcon_js_1.LoadingIcon, {}) })), children] }) }));
|
|
76
83
|
};
|
|
77
84
|
const CivicNextAuthProviderInternal = ({ children, ...props }) => {
|
|
@@ -83,7 +90,6 @@ const CivicNextAuthProviderInternal = ({ children, ...props }) => {
|
|
|
83
90
|
authenticated: !!user,
|
|
84
91
|
idToken,
|
|
85
92
|
};
|
|
86
|
-
(0, useRefresh_js_1.useRefresh)(session);
|
|
87
93
|
return ((0, jsx_runtime_1.jsx)(SessionProvider_js_1.SessionProvider, { data: session, isLoading: isLoading, children: (0, jsx_runtime_1.jsx)(CivicNextAuthTokenProviderInternal, { ...props, user: user, idToken: idToken, fetchUser: fetchUser, isLoading: isLoading, children: children }) }));
|
|
88
94
|
};
|
|
89
95
|
const CivicNextAuthProvider = ({ children, ...props }) => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"NextAuthProvider.js","sourceRoot":"","sources":["../../../../src/nextjs/providers/NextAuthProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;AACb;;GAEG;AACH,iCAAgE;AAChE,kDAG4B;AAC5B,gDAAuD;AACvD,gDAAoE;AACpE,wEAAkE;AAClE,sEAAgE;AAChE,4FAAuF;AACvF,8EAAwE;AACxE,4EAAsE;AACtE,0EAAoE;AACpE,8DAAwD;AACxD,gFAA0E;AAC1E,iFAA2E;AAC3E,yEAAmE;AACnE,uEAAiE;AACjE,8DAAwD;AAExD,sEAAgE;AAChE,yCAAuE;AACvE,gEAA0D;AAC1D,sDAAoE;AACpE,gDAAyD;AAoBzD,MAAM,kCAAkC,GAAG,CAEzC,EACA,QAAQ,EACR,SAAS,EACT,WAAW,GAAG,QAAQ,EACtB,IAAI,EACJ,SAAS,EACT,GAAG,KAAK,EACuC,EAAE,EAAE;IACnD,MAAM,EAAE,UAAU,EAAE,cAAc,EAAE,GAAG,KAAK,CAAC;IAC7C,MAAM,EAAE,SAAS,EAAE,kBAAkB,EAAE,GAAG,IAAA,wBAAS,GAAE,CAAC;IACtD,MAAM,eAAe,GAAG,IAAA,0CAAkB,GAAE,CAAC;IAC7C,MAAM,EAAE,YAAY,EAAE,GAAG,cAAc,CAAC;IACxC,MAAM,YAAY,GAAG,IAAI,wCAA8B,CAAC,YAAY,CAAC,CAAC;IACtE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,IAAA,qBAAU,GAAE,CAAC;IACvC,MAAM,UAAU,GAAG,IAAA,wBAAa,GAAE,CAAC;IAEnC,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,OAAO,EAAE,aAAa,EAAE,CAAC;YAC3B,+DAA+D;YAC/D,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC1B,OAAO;QACT,CAAC;IACH,CAAC,EAAE,CAAC,OAAO,EAAE,aAAa,EAAE,kBAAkB,CAAC,CAAC,CAAC;IAEjD,MAAM,WAAW,GAAG,IAAA,mBAAW,EAAC,KAAK,IAAI,EAAE;QACzC,oFAAoF;QACpF,MAAM,SAAS,EAAE,CAAC;QAClB,MAAM,KAAK,EAAE,SAAS,EAAE,EAAE,CAAC;IAC7B,CAAC,EAAE,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC;IAEvB,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,IAAA,wBAAS,EAAC;QAC7D,WAAW;QACX,YAAY;QACZ,WAAW;KACZ,CAAC,CAAC;IAEH,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IACE,eAAe;YACf,CAAC,OAAO,EAAE,aAAa;YACvB,SAAS,EAAE,OAAO;YAClB,UAAU,KAAK,qBAAU,CAAC,eAAe;YACzC,WAAW,KAAK,QAAQ;YACxB,CAAC,UAAU,EAAE,QAAQ,CAAC,OAAO,CAAC,EAC9B,CAAC;YACD,WAAW,EAAE,CAAC;QAChB,CAAC;QACD,uDAAuD;IACzD,CAAC,EAAE;QACD,UAAU;QACV,UAAU;QACV,SAAS;QACT,eAAe;QACf,OAAO,EAAE,aAAa;QACtB,UAAU;QACV,WAAW;QACX,WAAW;KACZ,CAAC,CAAC;IAEH,OAAO,CACL,uBAAC,gCAAa,cACZ,wBAAC,8BAAY,IACX,OAAO,EAAE,IAAI,+BAAoB,EAAE,EACnC,IAAI,EAAE,IAAI,EACV,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,UAAU,EAAE,UAAU,aAEtB,uBAAC,sCAAgB,IAAC,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,GAAI,EACtD,SAAS,IAAI,CACZ,uBAAC,8BAAY,cACX,uBAAC,4BAAW,KAAG,GACF,CAChB,EACA,QAAQ,IACI,GACD,CACjB,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,6BAA6B,GAAG,CAAC,EACrC,QAAQ,EACR,GAAG,KAAK,EAC2B,EAAE,EAAE;IACvC,2EAA2E;IAC3E,kCAAkC;IAClC,MAAM,SAAS,GAAG,IAAA,gCAAa,GAAE,CAAC;IAClC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,IAAA,gCAAa,GAAE,CAAC;IAErD,MAAM,OAAO,GAAG;QACd,aAAa,EAAE,CAAC,CAAC,IAAI;QACrB,OAAO;KACR,CAAC;IAEF,IAAA,0BAAU,EAAC,OAAO,CAAC,CAAC;IAEpB,OAAO,CACL,uBAAC,oCAAe,IAAC,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,YAClD,uBAAC,kCAAkC,OAC7B,KAAK,EACT,IAAI,EAAE,IAAI,EACV,OAAO,EAAE,OAAO,EAChB,SAAS,EAAE,SAAS,EACpB,SAAS,EAAE,SAAS,YAEnB,QAAQ,GAC0B,GACrB,CACnB,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,qBAAqB,GAAG,CAAC,EAC7B,QAAQ,EACR,GAAG,KAAK,EACmB,EAAE,EAAE;IAC/B,MAAM,cAAc,GAAG,IAAA,6BAAiB,GAAE,CAAC;IAC3C,MAAM,EACJ,QAAQ,EACR,WAAW,EACX,WAAW,EACX,YAAY,EACZ,SAAS,EACT,UAAU,EACV,iBAAiB,GAClB,GAAG,cAAc,CAAC;IACnB,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,IAAA,gBAAQ,EAAS,EAAE,CAAC,CAAC;IAE3D,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,OAAO,UAAU,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YAC7C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YACjD,cAAc,CAAC,IAAA,6BAAkB,EAAC,cAAc,EAAE,MAAM,CAAC,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;IAElC,OAAO,CACL,uBAAC,mDAAuB,IACtB,WAAW,EAAE,WAAW,EACxB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,EACxB,iBAAiB,EAAE,iBAAiB,EACpC,KAAK,EAAE,KAAK,EAAE,KAAK,EACnB,YAAY,EAAE,YAAY,EAC1B,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,SAAS,EACpB,iBAAiB,EAAE,iBAAiB,YAEpC,uBAAC,kCAAc,IAAC,UAAU,EAAE,KAAK,CAAC,UAAU,YAC1C,uBAAC,6BAA6B,OACxB,KAAK,EACT,cAAc,EAAE,cAAc,YAE7B,QAAQ,GACqB,GACjB,GACO,CAC3B,CAAC;AACJ,CAAC,CAAC;AAEO,sDAAqB","sourcesContent":["\"use client\";\n/**\n * A very small context provider for the user object - it takes the user object from the cookie and provides it to the app.\n */\nimport React, { useCallback, useEffect, useState } from \"react\";\nimport {\n resolveAuthConfig,\n type AuthConfigWithDefaults,\n} from \"@/nextjs/config.js\";\nimport { resolveCallbackUrl } from \"@/nextjs/utils.js\";\nimport { ConfidentialClientPKCEConsumer } from \"@/services/PKCE.js\";\nimport { UserProvider } from \"@/shared/providers/UserProvider.js\";\nimport { useUserCookie } from \"@/nextjs/hooks/useUserCookie.js\";\nimport { CivicAuthConfigProvider } from \"@/shared/providers/CivicAuthConfigContext.js\";\nimport { SessionProvider } from \"@/shared/providers/SessionProvider.js\";\nimport { IframeProvider } from \"@/shared/providers/IframeProvider.js\";\nimport { TokenProvider } from \"@/shared/providers/TokenProvider.js\";\nimport { useSignIn } from \"@/shared/hooks/useSignIn.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport { IFrameAndLoading } from \"@/shared/components/IFrameAndLoading.js\";\nimport { BlockDisplay } from \"@/shared/components/BlockDisplay.js\";\nimport { LoadingIcon } from \"@/shared/components/LoadingIcon.js\";\nimport { useIframe } from \"@/shared/hooks/useIframe.js\";\nimport type { AuthProviderProps } from \"@/shared/providers/types.js\";\nimport { useIsInIframe } from \"@/shared/hooks/useIsInIframe.js\";\nimport { AuthStatus, type UnknownObject, type User } from \"@/types.js\";\nimport { useRefresh } from \"@/nextjs/hooks/useRefresh.js\";\nimport { useCurrentUrl, useSession } from \"@/shared/hooks/index.js\";\nimport { BrowserCookieStorage } from \"@/shared/index.js\";\n\ntype CivicNextAuthTokenProviderInternalProps<TUser extends UnknownObject> =\n NextCivicAuthProviderInternalProps & {\n isLoading: boolean;\n idToken?: string;\n user: User<TUser> | null;\n fetchUser: () => Promise<void>;\n };\ntype NextCivicAuthProviderInternalProps = Omit<\n AuthProviderProps,\n \"clientId\"\n> & {\n resolvedConfig: AuthConfigWithDefaults;\n};\ntype NextCivicAuthProviderProps = Omit<\n NextCivicAuthProviderInternalProps,\n \"clientId\" | \"resolvedConfig\" | \"redirectUrl\"\n>;\n\nconst CivicNextAuthTokenProviderInternal = <\n TUser extends UnknownObject = UnknownObject,\n>({\n children,\n isLoading,\n displayMode = \"iframe\",\n user,\n fetchUser,\n ...props\n}: CivicNextAuthTokenProviderInternalProps<TUser>) => {\n const { iframeMode, resolvedConfig } = props;\n const { iframeRef, setIframeIsVisible } = useIframe();\n const civicAuthConfig = useCivicAuthConfig();\n const { challengeUrl } = resolvedConfig;\n const pkceConsumer = new ConfidentialClientPKCEConsumer(challengeUrl);\n const { data: session } = useSession();\n const currentUrl = useCurrentUrl();\n\n useEffect(() => {\n if (session?.authenticated) {\n // the session is authenticated, so don't show the login iframe\n setIframeIsVisible(false);\n return;\n }\n }, [session?.authenticated, setIframeIsVisible]);\n\n const postSignOut = useCallback(async () => {\n // user is signed out, manually update the user from cookies to not wait for polling\n await fetchUser();\n await props?.onSignOut?.();\n }, [fetchUser, props]);\n\n const { signIn, startSignIn, signOut, authStatus } = useSignIn({\n postSignOut,\n pkceConsumer,\n displayMode,\n });\n\n useEffect(() => {\n if (\n civicAuthConfig &&\n !session?.authenticated &&\n iframeRef?.current &&\n authStatus === AuthStatus.UNAUTHENTICATED &&\n displayMode === \"iframe\" &&\n !currentUrl?.includes(\"code=\")\n ) {\n startSignIn();\n }\n // eslint-disable-next-line react-hooks/exhaustive-deps\n }, [\n currentUrl,\n iframeMode,\n iframeRef,\n civicAuthConfig,\n session?.authenticated,\n authStatus,\n startSignIn,\n displayMode,\n ]);\n\n return (\n <TokenProvider>\n <UserProvider\n storage={new BrowserCookieStorage()}\n user={user}\n signOut={signOut}\n signIn={signIn}\n displayMode={displayMode}\n authStatus={authStatus}\n >\n <IFrameAndLoading error={null} isLoading={isLoading} />\n {isLoading && (\n <BlockDisplay>\n <LoadingIcon />\n </BlockDisplay>\n )}\n {children}\n </UserProvider>\n </TokenProvider>\n );\n};\n\nconst CivicNextAuthProviderInternal = ({\n children,\n ...props\n}: NextCivicAuthProviderInternalProps) => {\n // if the SDK loads in an iframe, we show the loading spinner as the iframe\n // will be waiting to be minimized\n const isLoading = useIsInIframe();\n const { user, idToken, fetchUser } = useUserCookie();\n\n const session = {\n authenticated: !!user,\n idToken,\n };\n\n useRefresh(session);\n\n return (\n <SessionProvider data={session} isLoading={isLoading}>\n <CivicNextAuthTokenProviderInternal\n {...props}\n user={user}\n idToken={idToken}\n fetchUser={fetchUser}\n isLoading={isLoading}\n >\n {children}\n </CivicNextAuthTokenProviderInternal>\n </SessionProvider>\n );\n};\n\nconst CivicNextAuthProvider = ({\n children,\n ...props\n}: NextCivicAuthProviderProps) => {\n const resolvedConfig = resolveAuthConfig();\n const {\n clientId,\n oauthServer,\n callbackUrl,\n challengeUrl,\n logoutUrl,\n refreshUrl,\n logoutCallbackUrl,\n } = resolvedConfig;\n const [redirectUrl, setRedirectUrl] = useState<string>(\"\");\n\n useEffect(() => {\n if (typeof globalThis.window !== \"undefined\") {\n const appUrl = globalThis.window.location.origin;\n setRedirectUrl(resolveCallbackUrl(resolvedConfig, appUrl));\n }\n }, [callbackUrl, resolvedConfig]);\n\n return (\n <CivicAuthConfigProvider\n oauthServer={oauthServer}\n clientId={clientId}\n redirectUrl={redirectUrl}\n logoutRedirectUrl={logoutCallbackUrl}\n nonce={props?.nonce}\n challengeUrl={challengeUrl}\n refreshUrl={refreshUrl}\n logoutUrl={logoutUrl}\n logoutCallbackUrl={logoutCallbackUrl}\n >\n <IframeProvider iframeMode={props.iframeMode}>\n <CivicNextAuthProviderInternal\n {...props}\n resolvedConfig={resolvedConfig}\n >\n {children}\n </CivicNextAuthProviderInternal>\n </IframeProvider>\n </CivicAuthConfigProvider>\n );\n};\n\nexport { CivicNextAuthProvider, type NextCivicAuthProviderProps };\n"]}
|
|
1
|
+
{"version":3,"file":"NextAuthProvider.js","sourceRoot":"","sources":["../../../../src/nextjs/providers/NextAuthProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;AACb;;GAEG;AACH,iCAAgE;AAChE,kDAG4B;AAC5B,gDAAuD;AACvD,gDAAoE;AACpE,wEAAkE;AAClE,sEAAgE;AAChE,4FAAuF;AACvF,8EAAwE;AACxE,4EAAsE;AACtE,0EAAoE;AACpE,8DAAwD;AACxD,gFAA0E;AAC1E,iFAA2E;AAC3E,yEAAmE;AACnE,uEAAiE;AACjE,8DAAwD;AAExD,sEAAgE;AAChE,yCAAuE;AACvE,gEAA0D;AAC1D,sDAAoE;AACpE,gDAAyD;AAoBzD,MAAM,kCAAkC,GAAG,CAEzC,EACA,QAAQ,EACR,SAAS,EACT,WAAW,GAAG,QAAQ,EACtB,IAAI,EACJ,SAAS,EACT,GAAG,KAAK,EACuC,EAAE,EAAE;IACnD,MAAM,EAAE,UAAU,EAAE,cAAc,EAAE,GAAG,KAAK,CAAC;IAC7C,MAAM,EAAE,SAAS,EAAE,kBAAkB,EAAE,GAAG,IAAA,wBAAS,GAAE,CAAC;IACtD,MAAM,eAAe,GAAG,IAAA,0CAAkB,GAAE,CAAC;IAC7C,MAAM,EAAE,YAAY,EAAE,GAAG,cAAc,CAAC;IACxC,MAAM,YAAY,GAAG,IAAI,wCAA8B,CAAC,YAAY,CAAC,CAAC;IACtE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,IAAA,qBAAU,GAAE,CAAC;IACvC,MAAM,UAAU,GAAG,IAAA,wBAAa,GAAE,CAAC;IAEnC,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,OAAO,EAAE,aAAa,EAAE,CAAC;YAC3B,+DAA+D;YAC/D,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC1B,OAAO;QACT,CAAC;IACH,CAAC,EAAE,CAAC,OAAO,EAAE,aAAa,EAAE,kBAAkB,CAAC,CAAC,CAAC;IAEjD,MAAM,WAAW,GAAG,IAAA,mBAAW,EAAC,KAAK,IAAI,EAAE;QACzC,oFAAoF;QACpF,MAAM,SAAS,EAAE,CAAC;QAClB,MAAM,KAAK,EAAE,SAAS,EAAE,EAAE,CAAC;IAC7B,CAAC,EAAE,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC;IAEvB,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,IAAA,wBAAS,EAAC;QAC7D,WAAW;QACX,YAAY;QACZ,WAAW;KACZ,CAAC,CAAC;IAEH,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IACE,eAAe;YACf,CAAC,OAAO,EAAE,aAAa;YACvB,SAAS,EAAE,OAAO;YAClB,UAAU,KAAK,qBAAU,CAAC,eAAe;YACzC,WAAW,KAAK,QAAQ;YACxB,CAAC,UAAU,EAAE,QAAQ,CAAC,OAAO,CAAC,EAC9B,CAAC;YACD,WAAW,EAAE,CAAC;QAChB,CAAC;QACD,uDAAuD;IACzD,CAAC,EAAE;QACD,UAAU;QACV,UAAU;QACV,SAAS;QACT,eAAe;QACf,OAAO,EAAE,aAAa;QACtB,UAAU;QACV,WAAW;QACX,WAAW;KACZ,CAAC,CAAC;IAEH,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,GAAG,IAAA,0BAAU,EAAC,OAAO,CAAC,CAAC;IAEpD,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,CAAC,KAAK,CAAC,wCAAwC,EAAE,YAAY,CAAC,CAAC;YACtE,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC,EAAE,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC;IAE5B,OAAO,CACL,uBAAC,gCAAa,cACZ,wBAAC,8BAAY,IACX,OAAO,EAAE,IAAI,+BAAoB,EAAE,EACnC,IAAI,EAAE,IAAI,EACV,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,UAAU,EAAE,UAAU,aAEtB,uBAAC,sCAAgB,IAAC,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,GAAI,EACtD,SAAS,IAAI,CACZ,uBAAC,8BAAY,cACX,uBAAC,4BAAW,KAAG,GACF,CAChB,EACA,QAAQ,IACI,GACD,CACjB,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,6BAA6B,GAAG,CAAC,EACrC,QAAQ,EACR,GAAG,KAAK,EAC2B,EAAE,EAAE;IACvC,2EAA2E;IAC3E,kCAAkC;IAClC,MAAM,SAAS,GAAG,IAAA,gCAAa,GAAE,CAAC;IAClC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,IAAA,gCAAa,GAAE,CAAC;IAErD,MAAM,OAAO,GAAG;QACd,aAAa,EAAE,CAAC,CAAC,IAAI;QACrB,OAAO;KACR,CAAC;IAEF,OAAO,CACL,uBAAC,oCAAe,IAAC,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,YAClD,uBAAC,kCAAkC,OAC7B,KAAK,EACT,IAAI,EAAE,IAAI,EACV,OAAO,EAAE,OAAO,EAChB,SAAS,EAAE,SAAS,EACpB,SAAS,EAAE,SAAS,YAEnB,QAAQ,GAC0B,GACrB,CACnB,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,qBAAqB,GAAG,CAAC,EAC7B,QAAQ,EACR,GAAG,KAAK,EACmB,EAAE,EAAE;IAC/B,MAAM,cAAc,GAAG,IAAA,6BAAiB,GAAE,CAAC;IAC3C,MAAM,EACJ,QAAQ,EACR,WAAW,EACX,WAAW,EACX,YAAY,EACZ,SAAS,EACT,UAAU,EACV,iBAAiB,GAClB,GAAG,cAAc,CAAC;IACnB,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,IAAA,gBAAQ,EAAS,EAAE,CAAC,CAAC;IAE3D,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,OAAO,UAAU,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YAC7C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YACjD,cAAc,CAAC,IAAA,6BAAkB,EAAC,cAAc,EAAE,MAAM,CAAC,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;IAElC,OAAO,CACL,uBAAC,mDAAuB,IACtB,WAAW,EAAE,WAAW,EACxB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,EACxB,iBAAiB,EAAE,iBAAiB,EACpC,KAAK,EAAE,KAAK,EAAE,KAAK,EACnB,YAAY,EAAE,YAAY,EAC1B,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,SAAS,EACpB,iBAAiB,EAAE,iBAAiB,YAEpC,uBAAC,kCAAc,IAAC,UAAU,EAAE,KAAK,CAAC,UAAU,YAC1C,uBAAC,6BAA6B,OACxB,KAAK,EACT,cAAc,EAAE,cAAc,YAE7B,QAAQ,GACqB,GACjB,GACO,CAC3B,CAAC;AACJ,CAAC,CAAC;AAEO,sDAAqB","sourcesContent":["\"use client\";\n/**\n * A very small context provider for the user object - it takes the user object from the cookie and provides it to the app.\n */\nimport React, { useCallback, useEffect, useState } from \"react\";\nimport {\n resolveAuthConfig,\n type AuthConfigWithDefaults,\n} from \"@/nextjs/config.js\";\nimport { resolveCallbackUrl } from \"@/nextjs/utils.js\";\nimport { ConfidentialClientPKCEConsumer } from \"@/services/PKCE.js\";\nimport { UserProvider } from \"@/shared/providers/UserProvider.js\";\nimport { useUserCookie } from \"@/nextjs/hooks/useUserCookie.js\";\nimport { CivicAuthConfigProvider } from \"@/shared/providers/CivicAuthConfigContext.js\";\nimport { SessionProvider } from \"@/shared/providers/SessionProvider.js\";\nimport { IframeProvider } from \"@/shared/providers/IframeProvider.js\";\nimport { TokenProvider } from \"@/shared/providers/TokenProvider.js\";\nimport { useSignIn } from \"@/shared/hooks/useSignIn.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport { IFrameAndLoading } from \"@/shared/components/IFrameAndLoading.js\";\nimport { BlockDisplay } from \"@/shared/components/BlockDisplay.js\";\nimport { LoadingIcon } from \"@/shared/components/LoadingIcon.js\";\nimport { useIframe } from \"@/shared/hooks/useIframe.js\";\nimport type { AuthProviderProps } from \"@/shared/providers/types.js\";\nimport { useIsInIframe } from \"@/shared/hooks/useIsInIframe.js\";\nimport { AuthStatus, type UnknownObject, type User } from \"@/types.js\";\nimport { useRefresh } from \"@/nextjs/hooks/useRefresh.js\";\nimport { useCurrentUrl, useSession } from \"@/shared/hooks/index.js\";\nimport { BrowserCookieStorage } from \"@/shared/index.js\";\n\ntype CivicNextAuthTokenProviderInternalProps<TUser extends UnknownObject> =\n NextCivicAuthProviderInternalProps & {\n isLoading: boolean;\n idToken?: string;\n user: User<TUser> | null;\n fetchUser: () => Promise<void>;\n };\ntype NextCivicAuthProviderInternalProps = Omit<\n AuthProviderProps,\n \"clientId\"\n> & {\n resolvedConfig: AuthConfigWithDefaults;\n};\ntype NextCivicAuthProviderProps = Omit<\n NextCivicAuthProviderInternalProps,\n \"clientId\" | \"resolvedConfig\" | \"redirectUrl\"\n>;\n\nconst CivicNextAuthTokenProviderInternal = <\n TUser extends UnknownObject = UnknownObject,\n>({\n children,\n isLoading,\n displayMode = \"iframe\",\n user,\n fetchUser,\n ...props\n}: CivicNextAuthTokenProviderInternalProps<TUser>) => {\n const { iframeMode, resolvedConfig } = props;\n const { iframeRef, setIframeIsVisible } = useIframe();\n const civicAuthConfig = useCivicAuthConfig();\n const { challengeUrl } = resolvedConfig;\n const pkceConsumer = new ConfidentialClientPKCEConsumer(challengeUrl);\n const { data: session } = useSession();\n const currentUrl = useCurrentUrl();\n\n useEffect(() => {\n if (session?.authenticated) {\n // the session is authenticated, so don't show the login iframe\n setIframeIsVisible(false);\n return;\n }\n }, [session?.authenticated, setIframeIsVisible]);\n\n const postSignOut = useCallback(async () => {\n // user is signed out, manually update the user from cookies to not wait for polling\n await fetchUser();\n await props?.onSignOut?.();\n }, [fetchUser, props]);\n\n const { signIn, startSignIn, signOut, authStatus } = useSignIn({\n postSignOut,\n pkceConsumer,\n displayMode,\n });\n\n useEffect(() => {\n if (\n civicAuthConfig &&\n !session?.authenticated &&\n iframeRef?.current &&\n authStatus === AuthStatus.UNAUTHENTICATED &&\n displayMode === \"iframe\" &&\n !currentUrl?.includes(\"code=\")\n ) {\n startSignIn();\n }\n // eslint-disable-next-line react-hooks/exhaustive-deps\n }, [\n currentUrl,\n iframeMode,\n iframeRef,\n civicAuthConfig,\n session?.authenticated,\n authStatus,\n startSignIn,\n displayMode,\n ]);\n\n const { error: refreshError } = useRefresh(session);\n\n useEffect(() => {\n if (refreshError) {\n console.error(\"Error refreshing token, signing out...\", refreshError);\n signOut();\n }\n }, [refreshError, signOut]);\n\n return (\n <TokenProvider>\n <UserProvider\n storage={new BrowserCookieStorage()}\n user={user}\n signOut={signOut}\n signIn={signIn}\n displayMode={displayMode}\n authStatus={authStatus}\n >\n <IFrameAndLoading error={null} isLoading={isLoading} />\n {isLoading && (\n <BlockDisplay>\n <LoadingIcon />\n </BlockDisplay>\n )}\n {children}\n </UserProvider>\n </TokenProvider>\n );\n};\n\nconst CivicNextAuthProviderInternal = ({\n children,\n ...props\n}: NextCivicAuthProviderInternalProps) => {\n // if the SDK loads in an iframe, we show the loading spinner as the iframe\n // will be waiting to be minimized\n const isLoading = useIsInIframe();\n const { user, idToken, fetchUser } = useUserCookie();\n\n const session = {\n authenticated: !!user,\n idToken,\n };\n\n return (\n <SessionProvider data={session} isLoading={isLoading}>\n <CivicNextAuthTokenProviderInternal\n {...props}\n user={user}\n idToken={idToken}\n fetchUser={fetchUser}\n isLoading={isLoading}\n >\n {children}\n </CivicNextAuthTokenProviderInternal>\n </SessionProvider>\n );\n};\n\nconst CivicNextAuthProvider = ({\n children,\n ...props\n}: NextCivicAuthProviderProps) => {\n const resolvedConfig = resolveAuthConfig();\n const {\n clientId,\n oauthServer,\n callbackUrl,\n challengeUrl,\n logoutUrl,\n refreshUrl,\n logoutCallbackUrl,\n } = resolvedConfig;\n const [redirectUrl, setRedirectUrl] = useState<string>(\"\");\n\n useEffect(() => {\n if (typeof globalThis.window !== \"undefined\") {\n const appUrl = globalThis.window.location.origin;\n setRedirectUrl(resolveCallbackUrl(resolvedConfig, appUrl));\n }\n }, [callbackUrl, resolvedConfig]);\n\n return (\n <CivicAuthConfigProvider\n oauthServer={oauthServer}\n clientId={clientId}\n redirectUrl={redirectUrl}\n logoutRedirectUrl={logoutCallbackUrl}\n nonce={props?.nonce}\n challengeUrl={challengeUrl}\n refreshUrl={refreshUrl}\n logoutUrl={logoutUrl}\n logoutCallbackUrl={logoutCallbackUrl}\n >\n <IframeProvider iframeMode={props.iframeMode}>\n <CivicNextAuthProviderInternal\n {...props}\n resolvedConfig={resolvedConfig}\n >\n {children}\n </CivicNextAuthProviderInternal>\n </IframeProvider>\n </CivicAuthConfigProvider>\n );\n};\n\nexport { CivicNextAuthProvider, type NextCivicAuthProviderProps };\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"routeHandler.d.ts","sourceRoot":"","sources":["../../../src/nextjs/routeHandler.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAWrD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"routeHandler.d.ts","sourceRoot":"","sources":["../../../src/nextjs/routeHandler.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAWrD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAiR9C,wBAAsB,YAAY,CAChC,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,UAAU,GACjB,OAAO,CAAC,YAAY,CAAC,CAiCvB;AAED,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,UAAU,GACjB,OAAO,CAAC,YAAY,CAAC,CAmDvB;AAED;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,OAAO,iCAEF,WAAW,KAAG,OAAO,CAAC,YAAY,CAkCjD,CAAC"}
|
|
@@ -78,17 +78,24 @@ async function performTokenExchangeAndSetCookies(config, code, state, appUrl) {
|
|
|
78
78
|
async function handleRefresh(_request, config) {
|
|
79
79
|
const resolvedConfigs = (0, config_js_1.resolveAuthConfig)(config);
|
|
80
80
|
const cookieStorage = new cookies_js_1.NextjsCookieStorage(config.cookies?.tokens ?? {});
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
81
|
+
try {
|
|
82
|
+
const onError = (error) => {
|
|
83
|
+
logger.error("handleRefresh: Token refresh failed:", error);
|
|
84
|
+
throw new AuthError("Failed to refresh tokens", 500);
|
|
85
|
+
};
|
|
86
|
+
const refresher = await NextServerAuthenticationRefresherImpl_js_1.NextServerAuthenticationRefresherImpl.build({
|
|
87
|
+
clientId: resolvedConfigs.clientId,
|
|
88
|
+
oauthServer: resolvedConfigs.oauthServer,
|
|
89
|
+
redirectUrl: resolvedConfigs.callbackUrl,
|
|
90
|
+
refreshUrl: resolvedConfigs.refreshUrl,
|
|
91
|
+
}, cookieStorage, onError);
|
|
92
|
+
const tokens = await refresher.refreshAccessToken();
|
|
93
|
+
return server_js_1.NextResponse.json({ status: "success", tokens });
|
|
94
|
+
}
|
|
95
|
+
catch (error) {
|
|
96
|
+
logger.error("handleRefresh: Token refresh failed:", error);
|
|
97
|
+
throw new AuthError("Failed to refresh tokens", 500);
|
|
98
|
+
}
|
|
92
99
|
}
|
|
93
100
|
const generateHtmlResponseWithCallback = (request, callbackUrl) => {
|
|
94
101
|
// we need to replace the URL with resolved config in case the server is hosted
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"routeHandler.js","sourceRoot":"","sources":["../../../src/nextjs/routeHandler.ts"],"names":[],"mappings":";;;AAgSA,oCAoCC;AAED,oDAsDC;AA5XD,iDAGwB;AACxB,+CAA0C;AAC1C,6CAGwB;AAExB,kDAAuD;AACvD,oDAA4E;AAC5E,gDAA4C;AAC5C,gDAAuD;AACvD,gDAA2D;AAC3D,gDAAqE;AACrE,oDAAkE;AAClE,gEAAiE;AACjE,kDAA8D;AAC9D,4CAA+C;AAE/C,8CAA8C;AAC9C,yGAAmG;AAEnG,MAAM,MAAM,GAAG,mBAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;AAE5C,MAAM,SAAU,SAAQ,KAAK;IAGT;IAFlB,YACE,OAAe,EACC,SAAiB,GAAG;QAEpC,KAAK,CAAC,OAAO,CAAC,CAAC;QAFC,WAAM,GAAN,MAAM,CAAc;QAGpC,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;IAC1B,CAAC;CACF;AAED,MAAM,SAAS,GAAG,CAAC,OAAoB,EAAiB,EAAE,CACxD,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAY,CAAC,OAAO,CAAC,EAAE,KAAK;IAChD,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;AAE7C,MAAM,UAAU,GAAG,KAAK,EAAE,MAAkB,EAA0B,EAAE;IACtE,MAAM,aAAa,GAAG,IAAI,gCAAmB,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,IAAI,EAAE,CAAC,CAAC;IAC5E,OAAO,aAAa,CAAC,GAAG,CAAC,sBAAW,CAAC,QAAQ,CAAC,CAAC;AACjD,CAAC,CAAC;AAEF;;;;GAIG;AACH,KAAK,UAAU,eAAe,CAC5B,OAAoB,EACpB,MAAkB;IAElB,MAAM,aAAa,GAAG,IAAI,gCAAmB,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,IAAI,EAAE,CAAC,CAAC;IAC5E,MAAM,YAAY,GAAG,IAAI,yCAA+B,CAAC,aAAa,CAAC,CAAC;IAExE,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC,gBAAgB,EAAE,CAAC;IACxD,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC1D,IAAI,MAAM,EAAE,CAAC;QACX,aAAa,CAAC,GAAG,CAAC,uBAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAClD,CAAC;IACD,OAAO,wBAAY,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC;AAC7D,CAAC;AAED,KAAK,UAAU,iCAAiC,CAC9C,MAAkB,EAClB,IAAY,EACZ,KAAa,EACb,MAAc;IAEd,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAClD,mGAAmG;IACnG,kFAAkF;IAClF,0DAA0D;IAC1D,MAAM,aAAa,GAAG,IAAI,gCAAmB,CAAC;QAC5C,GAAG,eAAe,CAAC,OAAO,CAAC,MAAM;QACjC,IAAI,EAAE,eAAe,CAAC,OAAO,CAAC,IAAI;KACnC,CAAC,CAAC;IAEH,MAAM,WAAW,GAAG,IAAA,6BAAkB,EAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAChE,IAAI,CAAC;QACH,MAAM,IAAA,iCAAsB,EAAC,IAAI,EAAE,KAAK,EAAE,aAAa,EAAE;YACvD,GAAG,eAAe;YAClB,WAAW,EAAE,WAAW;SACzB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;QAC9C,MAAM,IAAI,SAAS,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;IAC1D,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,IAAA,kBAAO,GAAE,CAAC;IAC7B,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,SAAS,CAAC,yBAAyB,EAAE,GAAG,CAAC,CAAC;IACtD,CAAC;IACD,MAAM,WAAW,GAAG,IAAI,mCAAkB,CAAC,aAAa,CAAC,CAAC;IAC1D,MAAM,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAC9B,CAAC;AACD,KAAK,UAAU,aAAa,CAC1B,QAAqB,EACrB,MAAkB;IAElB,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAClD,MAAM,aAAa,GAAG,IAAI,gCAAmB,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,IAAI,EAAE,CAAC,CAAC;IAE5E,MAAM,SAAS,GAAG,MAAM,gFAAqC,CAAC,KAAK,CACjE;QACE,QAAQ,EAAE,eAAe,CAAC,QAAQ;QAClC,WAAW,EAAE,eAAe,CAAC,WAAW;QACxC,WAAW,EAAE,eAAe,CAAC,WAAW;QACxC,UAAU,EAAE,eAAe,CAAC,UAAU;KACvC,EACD,aAAa,CACd,CAAC;IACF,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,kBAAkB,EAAE,CAAC;IAEpD,uEAAuE;IACvE,4DAA4D;IAC5D,sCAAsC;IACtC,OAAO,wBAAY,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC;AAC1D,CAAC;AAED,MAAM,gCAAgC,GAAG,CACvC,OAAoB,EACpB,WAAmB,EACnB,EAAE;IACF,+EAA+E;IAC/E,0CAA0C;IAC1C,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,QAAQ,GAAG,GAAG,WAAW,IAAI,UAAU,CAAC,YAAY,CAAC,QAAQ,EAAE,0BAA0B,CAAC;IAChG,OAAO,IAAI,wBAAY,CACrB;;;;;;kCAM8B,QAAQ;;;;;;;;;;;;KAYrC,CACF,CAAC;AACJ,CAAC,CAAC;AAEF,KAAK,UAAU,cAAc,CAC3B,OAAoB,EACpB,MAAkB;IAElB,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAClD,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACtD,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACxD,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK;QAAE,MAAM,IAAI,SAAS,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;IAEhE,qEAAqE;IACrE,mGAAmG;IACnG,+FAA+F;IAC/F,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC;IAElC,gFAAgF;IAChF,wCAAwC;IACxC,yHAAyH;IACzH,wHAAwH;IACxH,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAY,CAAC,WAAW,CAAC,CAAC;IAEnE,IAAI,CAAC,YAAY,IAAI,CAAC,MAAM,EAAE,CAAC;QAC7B,MAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE;YACpD,KAAK;YACL,mBAAmB,EAAE,IAAA,uCAA4B,EAAC,GAAG,KAAK,EAAE,CAAC;SAC9D,CAAC,CAAC;QACH,IAAI,QAAQ,GAAG,IAAI,wBAAY,CAC7B,oDAAoD,0CAA2B,uBAAuB,CACvG,CAAC;QAEF,mGAAmG;QACnG,uEAAuE;QACvE,wGAAwG;QACxG,sCAAsC;QACtC,IAAI,KAAK,IAAI,IAAA,uCAA4B,EAAC,KAAK,CAAC,EAAE,CAAC;YACjD,MAAM,CAAC,KAAK,CACV,yEAAyE,EACzE;gBACE,UAAU,EAAE,OAAO,CAAC,GAAG;gBACvB,iBAAiB,EAAE,eAAe,CAAC,WAAW;aAC/C,CACF,CAAC;YACF,yEAAyE;YACzE,sDAAsD;YACtD,QAAQ,GAAG,gCAAgC,CACzC,OAAO,EACP,eAAe,CAAC,WAAW,CAC5B,CAAC;QACJ,CAAC;QAED,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;QACjE,MAAM,CAAC,KAAK,CACV,oDAAoD,0CAA2B,EAAE,CAClF,CAAC;QACF,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,iCAAiC,CAAC,eAAe,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;IAE9E,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,yBAAyB,CAAC,EAAE,CAAC;QACpD,MAAM,CAAC,KAAK,CACV,iEAAiE,EACjE,MAAM,CACP,CAAC;QACF,OAAO,wBAAY,CAAC,IAAI,CAAC;YACvB,MAAM,EAAE,SAAS;YACjB,WAAW,EAAE,MAAM;SACpB,CAAC,CAAC;IACL,CAAC;IAED,0DAA0D;IAC1D,IAAI,IAAA,uCAA4B,EAAC,KAAK,CAAC,EAAE,CAAC;QACxC,MAAM,CAAC,KAAK,CACV,iEAAiE,EACjE,MAAM,CACP,CAAC;QACF,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACxD,CAAC;QACD,OAAO,wBAAY,CAAC,QAAQ,CAAC,GAAG,MAAM,EAAE,CAAC,CAAC;IAC5C,CAAC;IACD,wEAAwE;IACxE,iEAAiE;IACjE,oDAAoD;IACpD,MAAM,QAAQ,GAAG,IAAI,wBAAY,CAC/B,8CAA8C,0CAA2B,gBAAgB,CAC1F,CAAC;IACF,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;IACjE,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,uBAAuB,GAAG,CAC9B,YAAoB,EACpB,eAAuB,EACvB,EAAE,CAAC,IAAI,GAAG,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC,IAAI,CAAC;AAEjD,MAAM,wBAAwB,GAAG,CAC/B,OAAoB,EACpB,MAAkB,EACH,EAAE;IACjB,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAC/C,MAAM,cAAc,GAAG,QAAQ,IAAI,GAAG,CAAC;IAEvC,kEAAkE;IAClE,gCAAgC;IAChC,MAAM,kBAAkB,GAAG,yBAAyB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC1E,IAAI,kBAAkB,EAAE,CAAC;QACvB,OAAO,cAAc,CAAC;IACxB,CAAC;IAED,iFAAiF;IACjF,gFAAgF;IAChF,+EAA+E;IAC/E,+DAA+D;IAC/D,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC;IAClC,IAAI,MAAM;QAAE,OAAO,uBAAuB,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;IAEnE,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,KAAK,EAAE,GAAW,EAAE,EAAE;IAC9C,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;QACnC,IAAA,yBAAc,EAAC,IAAI,CAAC,CAAC;IACvB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,yCAAyC,EAAE,KAAK,CAAC,CAAC;IAChE,CAAC;AACH,CAAC,CAAC;AAEK,KAAK,UAAU,YAAY,CAChC,OAAoB,EACpB,MAAkB;IAElB,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAElD,MAAM,aAAa,GAAG,IAAI,GAAG,CAC3B,eAAe,CAAC,iBAAiB,EACjC,SAAS,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,GAAG,CAClC,CAAC;IAEF,qCAAqC;IACrC,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,eAAe,CAAC,CAAC;IAElD,2CAA2C;IAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAExD,IAAI,CAAC,KAAK,IAAI,CAAC,OAAO,EAAE,CAAC;QACvB,MAAM,CAAC,KAAK,CAAC,wCAAwC,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;QAC3E,yEAAyE;QACzE,8EAA8E;QAC9E,kCAAkC;QAClC,OAAO,wBAAY,CAAC,QAAQ,CAC1B,GAAG,aAAa,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CACpD,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,IAAA,gCAAsB,EAAC;QAC7C,QAAQ,EAAE,eAAe,CAAC,QAAQ;QAClC,OAAO;QACP,KAAK;QACL,WAAW,EAAE,aAAa,CAAC,IAAI;QAC/B,WAAW,EAAE,eAAe,CAAC,WAAW;KACzC,CAAC,CAAC;IAEH,OAAO,wBAAY,CAAC,QAAQ,CAAC,GAAG,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC;AACpD,CAAC;AAEM,KAAK,UAAU,oBAAoB,CACxC,OAAoB,EACpB,MAAkB;IAElB,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAElD,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;IAC9D,MAAM,WAAW,GAAG,IAAA,+BAAoB,EAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;IAE1D,MAAM,gBAAgB,GAAG,CAAC,CAAC,CAAC,MAAM,UAAU,CAAC,eAAe,CAAC,CAAC,CAAC;IAC/D,MAAM,oBAAoB,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,yBAAyB,CAAC,CAAC;IAE7E,IAAI,gBAAgB,IAAI,oBAAoB,EAAE,CAAC;QAC7C,MAAM,IAAA,6BAAgB,GAAE,CAAC;IAC3B,CAAC;IAED,IAAI,QAAQ,CAAC;IAEb,wCAAwC;IACxC,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;QAC7B,sEAAsE;QACtE,0DAA0D;QAC1D,2EAA2E;QAC3E,IAAI,gBAAgB,IAAI,oBAAoB,EAAE,CAAC;YAC7C,sBAAsB;YACtB,OAAO,wBAAY,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC;QAClD,CAAC;QAED,kEAAkE;QAClE,QAAQ,GAAG,gCAAgC,CACzC,OAAO,EACP,eAAe,CAAC,iBAAiB,CAClC,CAAC;QACF,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;QACjE,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,4CAA4C;IAC5C,MAAM,WAAW,GAAG,wBAAwB,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;IAEvE,IAAI,WAAW,IAAI,CAAC,gBAAgB,IAAI,oBAAoB,CAAC,EAAE,CAAC;QAC9D,+BAA+B;QAC/B,QAAQ,GAAG,wBAAY,CAAC,QAAQ,CAAC,GAAG,WAAW,EAAE,CAAC,CAAC;QACnD,iBAAiB,CAAC,WAAW,CAAC,CAAC;IACjC,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,KAAK,CAAC,mCAAmC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QAC7D,QAAQ,GAAG,gCAAgC,CACzC,OAAO,EACP,eAAe,CAAC,iBAAiB,CAClC,CAAC;QACF,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;IACnE,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;;;;;;GAWG;AACI,MAAM,OAAO,GAClB,CAAC,UAAU,GAAG,EAAE,EAAE,EAAE,CACpB,KAAK,EAAE,OAAoB,EAAyB,EAAE;IACpD,MAAM,MAAM,GAAG,IAAA,6BAAiB,EAAC,UAAU,CAAC,CAAC;IAE7C,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;QAC1C,MAAM,YAAY,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACzC,MAAM,WAAW,GAAG,YAAY,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAE1D,QAAQ,WAAW,EAAE,CAAC;YACpB,KAAK,WAAW;gBACd,OAAO,MAAM,eAAe,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAChD,KAAK,UAAU;gBACb,OAAO,MAAM,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAC/C,KAAK,SAAS;gBACZ,OAAO,MAAM,aAAa,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAC9C,KAAK,QAAQ;gBACX,OAAO,MAAM,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAC7C,KAAK,gBAAgB;gBACnB,OAAO,MAAM,oBAAoB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YACrD;gBACE,MAAM,IAAI,SAAS,CAAC,uBAAuB,QAAQ,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,KAAK,CAAC,CAAC;QAE3C,MAAM,MAAM,GAAG,KAAK,YAAY,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC;QAC/D,MAAM,OAAO,GACX,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB,CAAC;QAEnE,MAAM,QAAQ,GAAG,wBAAY,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;QAEnE,MAAM,IAAA,6BAAgB,GAAE,CAAC;QACzB,OAAO,QAAQ,CAAC;IAClB,CAAC;AACH,CAAC,CAAC;AApCS,QAAA,OAAO,WAoChB","sourcesContent":["import {\n TOKEN_EXCHANGE_SUCCESS_TEXT,\n TOKEN_EXCHANGE_TRIGGER_TEXT,\n} from \"@/constants.js\";\nimport { loggers } from \"@/lib/logger.js\";\nimport {\n displayModeFromState,\n serverTokenExchangeFromState,\n} from \"@/lib/oauth.js\";\nimport type { AuthConfig } from \"@/nextjs/config.js\";\nimport { resolveAuthConfig } from \"@/nextjs/config.js\";\nimport { clearAuthCookies, NextjsCookieStorage } from \"@/nextjs/cookies.js\";\nimport { getUser } from \"@/nextjs/index.js\";\nimport { resolveCallbackUrl } from \"@/nextjs/utils.js\";\nimport { resolveOAuthAccessCode } from \"@/server/login.js\";\nimport { GenericPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { CodeVerifier, OAuthTokens } from \"@/shared/lib/types.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport { generateOauthLogoutUrl } from \"@/shared/lib/util.js\";\nimport { revalidatePath } from \"next/cache.js\";\nimport type { NextRequest } from \"next/server.js\";\nimport { NextResponse } from \"next/server.js\";\nimport { NextServerAuthenticationRefresherImpl } from \"./NextServerAuthenticationRefresherImpl.js\";\n\nconst logger = loggers.nextjs.handlers.auth;\n\nclass AuthError extends Error {\n constructor(\n message: string,\n public readonly status: number = 401,\n ) {\n super(message);\n this.name = \"AuthError\";\n }\n}\n\nconst getAppUrl = (request: NextRequest): string | null =>\n request.cookies.get(CodeVerifier.APP_URL)?.value ||\n request.nextUrl.searchParams.get(\"appUrl\");\n\nconst getIdToken = async (config: AuthConfig): Promise<string | null> => {\n const cookieStorage = new NextjsCookieStorage(config.cookies?.tokens ?? {});\n return cookieStorage.get(OAuthTokens.ID_TOKEN);\n};\n\n/**\n * create a code verifier and challenge for PKCE\n * saving the verifier in a cookie for later use\n * @returns {Promise<NextResponse>}\n */\nasync function handleChallenge(\n request: NextRequest,\n config: AuthConfig,\n): Promise<NextResponse> {\n const cookieStorage = new NextjsCookieStorage(config.cookies?.tokens ?? {});\n const pkceProducer = new GenericPublicClientPKCEProducer(cookieStorage);\n\n const challenge = await pkceProducer.getCodeChallenge();\n const appUrl = request.nextUrl.searchParams.get(\"appUrl\");\n if (appUrl) {\n cookieStorage.set(CodeVerifier.APP_URL, appUrl);\n }\n return NextResponse.json({ status: \"success\", challenge });\n}\n\nasync function performTokenExchangeAndSetCookies(\n config: AuthConfig,\n code: string,\n state: string,\n appUrl: string,\n) {\n const resolvedConfigs = resolveAuthConfig(config);\n // TODO This is messy, better would be to fix the config.cookies type to always be <name: settings>\n // rather than nesting the tokens-related ones *and* code-verifier inside \"tokens\"\n // (despite code-verifier not relating directly to tokens)\n const cookieStorage = new NextjsCookieStorage({\n ...resolvedConfigs.cookies.tokens,\n user: resolvedConfigs.cookies.user,\n });\n\n const callbackUrl = resolveCallbackUrl(resolvedConfigs, appUrl);\n try {\n await resolveOAuthAccessCode(code, state, cookieStorage, {\n ...resolvedConfigs,\n redirectUrl: callbackUrl,\n });\n } catch (error) {\n logger.error(\"Token exchange failed:\", error);\n throw new AuthError(\"Failed to authenticate user\", 401);\n }\n\n const user = await getUser();\n if (!user) {\n throw new AuthError(\"Failed to get user info\", 401);\n }\n const userSession = new GenericUserSession(cookieStorage);\n await userSession.set(user);\n}\nasync function handleRefresh(\n _request: NextRequest,\n config: AuthConfig,\n): Promise<NextResponse> {\n const resolvedConfigs = resolveAuthConfig(config);\n const cookieStorage = new NextjsCookieStorage(config.cookies?.tokens ?? {});\n\n const refresher = await NextServerAuthenticationRefresherImpl.build(\n {\n clientId: resolvedConfigs.clientId,\n oauthServer: resolvedConfigs.oauthServer,\n redirectUrl: resolvedConfigs.callbackUrl,\n refreshUrl: resolvedConfigs.refreshUrl,\n },\n cookieStorage,\n );\n const tokens = await refresher.refreshAccessToken();\n\n // this will use the refresh token to get new tokens and, if successful\n // the idToken, accessToken and user cookies will be updated\n // await newRefresher.refreshTokens();\n return NextResponse.json({ status: \"success\", tokens });\n}\n\nconst generateHtmlResponseWithCallback = (\n request: NextRequest,\n callbackUrl: string,\n) => {\n // we need to replace the URL with resolved config in case the server is hosted\n // behind a reverse proxy or load balancer\n const requestUrl = new URL(request.url);\n const fetchUrl = `${callbackUrl}?${requestUrl.searchParams.toString()}&sameDomainCallback=true`;\n return new NextResponse(\n `<html lang=\"en\">\n <body>\n <span style=\"display:none\">\n <script>\n window.onload = function () {\n const appUrl = globalThis.window?.location?.origin;\n fetch('${fetchUrl}&appUrl=' + appUrl).then((response) => {\n response.json().then((jsonResponse) => {\n if (jsonResponse.redirectUrl) {\n window.location.href = jsonResponse.redirectUrl;\n }\n });\n });\n };\n </script>\n </span>\n </body>\n </html>\n `,\n );\n};\n\nasync function handleCallback(\n request: NextRequest,\n config: AuthConfig,\n): Promise<NextResponse> {\n const resolvedConfigs = resolveAuthConfig(config);\n const code = request.nextUrl.searchParams.get(\"code\");\n const state = request.nextUrl.searchParams.get(\"state\");\n if (!code || !state) throw new AuthError(\"Bad parameters\", 400);\n\n // appUrl is passed from the client to the server in the query string\n // this is necessary because the server does not have access to the client's window.location.origin\n // and can not accurately determine the appUrl (specially if the app is behind a reverse proxy)\n const appUrl = getAppUrl(request);\n\n // If we have a code_verifier cookie and the appUrl, we can do a token exchange.\n // Otherwise, just render an empty page.\n // The initial redirect back from the auth server does not send cookies, because the redirect is from a 3rd-party domain.\n // The client will make an additional call to this route with cookies included, at which point we do the token exchange.\n const codeVerifier = request.cookies.get(CodeVerifier.COOKIE_NAME);\n\n if (!codeVerifier || !appUrl) {\n logger.debug(\"handleCallback no code_verifier found\", {\n state,\n serverTokenExchange: serverTokenExchangeFromState(`${state}`),\n });\n let response = new NextResponse(\n `<html lang=\"en\"><body><span style=\"display:none\">${TOKEN_EXCHANGE_TRIGGER_TEXT}</span></body></html>`,\n );\n\n // in server-side token exchange mode we need to launch a page that will trigger the token exchange\n // from the same domain, allowing it access to the code_verifier cookie\n // we only need to do this in redirect mode, as the iframe already triggers a client-side token exchange\n // if no code-verifier cookie is found\n if (state && serverTokenExchangeFromState(state)) {\n logger.debug(\n \"handleCallback serverTokenExchangeFromState, launching redirect page...\",\n {\n requestUrl: request.url,\n configCallbackUrl: resolvedConfigs.callbackUrl,\n },\n );\n // generate a page that will callback to the same domain, allowing access\n // to the code_verifier cookie and passing the appUrl.\n response = generateHtmlResponseWithCallback(\n request,\n resolvedConfigs.callbackUrl,\n );\n }\n\n response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n logger.debug(\n `handleCallback no code_verifier found, returning ${TOKEN_EXCHANGE_TRIGGER_TEXT}`,\n );\n return response;\n }\n\n await performTokenExchangeAndSetCookies(resolvedConfigs, code, state, appUrl);\n\n if (request.url.includes(\"sameDomainCallback=true\")) {\n logger.debug(\n \"handleCallback sameDomainCallback = true, returning redirectUrl\",\n appUrl,\n );\n return NextResponse.json({\n status: \"success\",\n redirectUrl: appUrl,\n });\n }\n\n // this is the case where a 'normal' redirect is happening\n if (serverTokenExchangeFromState(state)) {\n logger.debug(\n \"handleCallback serverTokenExchangeFromState, redirect to appUrl\",\n appUrl,\n );\n if (!appUrl) {\n throw new Error(\"appUrl undefined. Cannot redirect.\");\n }\n return NextResponse.redirect(`${appUrl}`);\n }\n // return an empty HTML response so the iframe doesn't show any response\n // in the short moment between the redirect and the parent window\n // acknowledging the redirect and closing the iframe\n const response = new NextResponse(\n `<html lang=\"en\"><span style=\"display:none\">${TOKEN_EXCHANGE_SUCCESS_TEXT}</span></html>`,\n );\n response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n return response;\n}\n\n/**\n * If redirectPath is an absolute path, return it as-is.\n * Otherwise for relative paths, append it to the current domain.\n * @param redirectPath\n * @param currentBasePath\n * @returns\n */\nconst getAbsoluteRedirectPath = (\n redirectPath: string,\n currentBasePath: string,\n) => new URL(redirectPath, currentBasePath).href;\n\nconst getPostLogoutRedirectUrl = (\n request: NextRequest,\n config: AuthConfig,\n): string | null => {\n const { loginUrl } = resolveAuthConfig(config);\n const redirectTarget = loginUrl ?? \"/\";\n\n // if the optional loginUrl is provided and it is an absolute URL,\n // use it as the redirect target\n const isAbsoluteRedirect = /^(https?:\\/\\/|www\\.).+/i.test(redirectTarget);\n if (isAbsoluteRedirect) {\n return redirectTarget;\n }\n\n // if loginUrl is not defined, the appUrl is passed from the client to the server\n // in the query string or cookies. This is necessary because the server does not\n // have access to the client's window.location and can not accurately determine\n // the appUrl (specially if the app is behind a reverse proxy).\n const appUrl = getAppUrl(request);\n if (appUrl) return getAbsoluteRedirectPath(redirectTarget, appUrl);\n\n return null;\n};\n\nconst revalidateUrlPath = async (url: string) => {\n try {\n const path = new URL(url).pathname;\n revalidatePath(path);\n } catch (error) {\n logger.warn(\"Failed to revalidate path after logout:\", error);\n }\n};\n\nexport async function handleLogout(\n request: NextRequest,\n config: AuthConfig,\n): Promise<NextResponse> {\n const resolvedConfigs = resolveAuthConfig(config);\n\n const postLogoutUrl = new URL(\n resolvedConfigs.logoutCallbackUrl,\n getAppUrl(request) || request.url,\n );\n\n // read the id_token from the cookies\n const idToken = await getIdToken(resolvedConfigs);\n\n // read the state from the query parameters\n const state = request.nextUrl.searchParams.get(\"state\");\n\n if (!state || !idToken) {\n logger.error(\"handleLogout: missing state or idToken\", { state, idToken });\n // if token or state is missing, the logout call to the server will fail,\n // (token has potentially expired already) so go straight to the postLogoutUrl\n // so the user can be signed out.\n return NextResponse.redirect(\n `${postLogoutUrl}${state ? \"?state=\" + state : \"\"}`,\n );\n }\n\n const logoutUrl = await generateOauthLogoutUrl({\n clientId: resolvedConfigs.clientId,\n idToken,\n state,\n redirectUrl: postLogoutUrl.href,\n oauthServer: resolvedConfigs.oauthServer,\n });\n\n return NextResponse.redirect(`${logoutUrl.href}`);\n}\n\nexport async function handleLogoutCallback(\n request: NextRequest,\n config: AuthConfig,\n): Promise<NextResponse> {\n const resolvedConfigs = resolveAuthConfig(config);\n\n const state = request.nextUrl.searchParams.get(\"state\") || \"\";\n const displayMode = displayModeFromState(state, \"iframe\");\n\n const canAccessCookies = !!(await getIdToken(resolvedConfigs));\n const isSameDomainCallback = request.url.includes(\"sameDomainCallback=true\");\n\n if (canAccessCookies || isSameDomainCallback) {\n await clearAuthCookies();\n }\n\n let response;\n\n // handle logout for iframe display mode\n if (displayMode === \"iframe\") {\n // try to read the token from cookies. If cookies cant be read/written\n // because the request cames from a cross-origin redirect,\n // we need to show a page that will trigger the logout from the same domain\n if (canAccessCookies || isSameDomainCallback) {\n // just return success\n return NextResponse.json({ status: \"success\" });\n }\n\n // return a page that will trigger the logout from the same domain\n response = generateHtmlResponseWithCallback(\n request,\n resolvedConfigs.logoutCallbackUrl,\n );\n response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n return response;\n }\n\n // handle logout for non-iframe display mode\n const redirectUrl = getPostLogoutRedirectUrl(request, resolvedConfigs);\n\n if (redirectUrl && (canAccessCookies || isSameDomainCallback)) {\n // just redirect to the app url\n response = NextResponse.redirect(`${redirectUrl}`);\n revalidateUrlPath(redirectUrl);\n } else {\n logger.debug(\"handleLogout no redirectUrl found\", { state });\n response = generateHtmlResponseWithCallback(\n request,\n resolvedConfigs.logoutCallbackUrl,\n );\n response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n }\n\n return response;\n}\n\n/**\n * Creates an authentication handler for Next.js API routes\n *\n * Usage:\n * ```ts\n * // app/api/auth/[...civicauth]/route.ts\n * import { handler } from '@civic/auth/nextjs'\n * export const GET = handler({\n * // optional config overrides\n * })\n * ```\n */\nexport const handler =\n (authConfig = {}) =>\n async (request: NextRequest): Promise<NextResponse> => {\n const config = resolveAuthConfig(authConfig);\n\n try {\n const pathname = request.nextUrl.pathname;\n const pathSegments = pathname.split(\"/\");\n const lastSegment = pathSegments[pathSegments.length - 1];\n\n switch (lastSegment) {\n case \"challenge\":\n return await handleChallenge(request, config);\n case \"callback\":\n return await handleCallback(request, config);\n case \"refresh\":\n return await handleRefresh(request, config);\n case \"logout\":\n return await handleLogout(request, config);\n case \"logoutcallback\":\n return await handleLogoutCallback(request, config);\n default:\n throw new AuthError(`Invalid auth route: ${pathname}`, 404);\n }\n } catch (error) {\n logger.error(\"Auth handler error:\", error);\n\n const status = error instanceof AuthError ? error.status : 500;\n const message =\n error instanceof Error ? error.message : \"Authentication failed\";\n\n const response = NextResponse.json({ error: message }, { status });\n\n await clearAuthCookies();\n return response;\n }\n };\n"]}
|
|
1
|
+
{"version":3,"file":"routeHandler.js","sourceRoot":"","sources":["../../../src/nextjs/routeHandler.ts"],"names":[],"mappings":";;;AAsSA,oCAoCC;AAED,oDAsDC;AAlYD,iDAGwB;AACxB,+CAA0C;AAC1C,6CAGwB;AAExB,kDAAuD;AACvD,oDAA4E;AAC5E,gDAA4C;AAC5C,gDAAuD;AACvD,gDAA2D;AAC3D,gDAAqE;AACrE,oDAAkE;AAClE,gEAAiE;AACjE,kDAA8D;AAC9D,4CAA+C;AAE/C,8CAA8C;AAC9C,yGAAmG;AAEnG,MAAM,MAAM,GAAG,mBAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;AAE5C,MAAM,SAAU,SAAQ,KAAK;IAGT;IAFlB,YACE,OAAe,EACC,SAAiB,GAAG;QAEpC,KAAK,CAAC,OAAO,CAAC,CAAC;QAFC,WAAM,GAAN,MAAM,CAAc;QAGpC,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;IAC1B,CAAC;CACF;AAED,MAAM,SAAS,GAAG,CAAC,OAAoB,EAAiB,EAAE,CACxD,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAY,CAAC,OAAO,CAAC,EAAE,KAAK;IAChD,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;AAE7C,MAAM,UAAU,GAAG,KAAK,EAAE,MAAkB,EAA0B,EAAE;IACtE,MAAM,aAAa,GAAG,IAAI,gCAAmB,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,IAAI,EAAE,CAAC,CAAC;IAC5E,OAAO,aAAa,CAAC,GAAG,CAAC,sBAAW,CAAC,QAAQ,CAAC,CAAC;AACjD,CAAC,CAAC;AAEF;;;;GAIG;AACH,KAAK,UAAU,eAAe,CAC5B,OAAoB,EACpB,MAAkB;IAElB,MAAM,aAAa,GAAG,IAAI,gCAAmB,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,IAAI,EAAE,CAAC,CAAC;IAC5E,MAAM,YAAY,GAAG,IAAI,yCAA+B,CAAC,aAAa,CAAC,CAAC;IAExE,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC,gBAAgB,EAAE,CAAC;IACxD,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC1D,IAAI,MAAM,EAAE,CAAC;QACX,aAAa,CAAC,GAAG,CAAC,uBAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAClD,CAAC;IACD,OAAO,wBAAY,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC;AAC7D,CAAC;AAED,KAAK,UAAU,iCAAiC,CAC9C,MAAkB,EAClB,IAAY,EACZ,KAAa,EACb,MAAc;IAEd,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAClD,mGAAmG;IACnG,kFAAkF;IAClF,0DAA0D;IAC1D,MAAM,aAAa,GAAG,IAAI,gCAAmB,CAAC;QAC5C,GAAG,eAAe,CAAC,OAAO,CAAC,MAAM;QACjC,IAAI,EAAE,eAAe,CAAC,OAAO,CAAC,IAAI;KACnC,CAAC,CAAC;IAEH,MAAM,WAAW,GAAG,IAAA,6BAAkB,EAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAChE,IAAI,CAAC;QACH,MAAM,IAAA,iCAAsB,EAAC,IAAI,EAAE,KAAK,EAAE,aAAa,EAAE;YACvD,GAAG,eAAe;YAClB,WAAW,EAAE,WAAW;SACzB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;QAC9C,MAAM,IAAI,SAAS,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;IAC1D,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,IAAA,kBAAO,GAAE,CAAC;IAC7B,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,SAAS,CAAC,yBAAyB,EAAE,GAAG,CAAC,CAAC;IACtD,CAAC;IACD,MAAM,WAAW,GAAG,IAAI,mCAAkB,CAAC,aAAa,CAAC,CAAC;IAC1D,MAAM,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAC9B,CAAC;AACD,KAAK,UAAU,aAAa,CAC1B,QAAqB,EACrB,MAAkB;IAElB,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAClD,MAAM,aAAa,GAAG,IAAI,gCAAmB,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,IAAI,EAAE,CAAC,CAAC;IAC5E,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,CAAC,KAAY,EAAE,EAAE;YAC/B,MAAM,CAAC,KAAK,CAAC,sCAAsC,EAAE,KAAK,CAAC,CAAC;YAC5D,MAAM,IAAI,SAAS,CAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;QACvD,CAAC,CAAC;QACF,MAAM,SAAS,GAAG,MAAM,gFAAqC,CAAC,KAAK,CACjE;YACE,QAAQ,EAAE,eAAe,CAAC,QAAQ;YAClC,WAAW,EAAE,eAAe,CAAC,WAAW;YACxC,WAAW,EAAE,eAAe,CAAC,WAAW;YACxC,UAAU,EAAE,eAAe,CAAC,UAAU;SACvC,EACD,aAAa,EACb,OAAO,CACR,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,kBAAkB,EAAE,CAAC;QACpD,OAAO,wBAAY,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC;IAC1D,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,sCAAsC,EAAE,KAAK,CAAC,CAAC;QAC5D,MAAM,IAAI,SAAS,CAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;IACvD,CAAC;AACH,CAAC;AAED,MAAM,gCAAgC,GAAG,CACvC,OAAoB,EACpB,WAAmB,EACnB,EAAE;IACF,+EAA+E;IAC/E,0CAA0C;IAC1C,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,QAAQ,GAAG,GAAG,WAAW,IAAI,UAAU,CAAC,YAAY,CAAC,QAAQ,EAAE,0BAA0B,CAAC;IAChG,OAAO,IAAI,wBAAY,CACrB;;;;;;kCAM8B,QAAQ;;;;;;;;;;;;KAYrC,CACF,CAAC;AACJ,CAAC,CAAC;AAEF,KAAK,UAAU,cAAc,CAC3B,OAAoB,EACpB,MAAkB;IAElB,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAClD,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACtD,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACxD,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK;QAAE,MAAM,IAAI,SAAS,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;IAEhE,qEAAqE;IACrE,mGAAmG;IACnG,+FAA+F;IAC/F,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC;IAElC,gFAAgF;IAChF,wCAAwC;IACxC,yHAAyH;IACzH,wHAAwH;IACxH,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAY,CAAC,WAAW,CAAC,CAAC;IAEnE,IAAI,CAAC,YAAY,IAAI,CAAC,MAAM,EAAE,CAAC;QAC7B,MAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE;YACpD,KAAK;YACL,mBAAmB,EAAE,IAAA,uCAA4B,EAAC,GAAG,KAAK,EAAE,CAAC;SAC9D,CAAC,CAAC;QACH,IAAI,QAAQ,GAAG,IAAI,wBAAY,CAC7B,oDAAoD,0CAA2B,uBAAuB,CACvG,CAAC;QAEF,mGAAmG;QACnG,uEAAuE;QACvE,wGAAwG;QACxG,sCAAsC;QACtC,IAAI,KAAK,IAAI,IAAA,uCAA4B,EAAC,KAAK,CAAC,EAAE,CAAC;YACjD,MAAM,CAAC,KAAK,CACV,yEAAyE,EACzE;gBACE,UAAU,EAAE,OAAO,CAAC,GAAG;gBACvB,iBAAiB,EAAE,eAAe,CAAC,WAAW;aAC/C,CACF,CAAC;YACF,yEAAyE;YACzE,sDAAsD;YACtD,QAAQ,GAAG,gCAAgC,CACzC,OAAO,EACP,eAAe,CAAC,WAAW,CAC5B,CAAC;QACJ,CAAC;QAED,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;QACjE,MAAM,CAAC,KAAK,CACV,oDAAoD,0CAA2B,EAAE,CAClF,CAAC;QACF,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,iCAAiC,CAAC,eAAe,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;IAE9E,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,yBAAyB,CAAC,EAAE,CAAC;QACpD,MAAM,CAAC,KAAK,CACV,iEAAiE,EACjE,MAAM,CACP,CAAC;QACF,OAAO,wBAAY,CAAC,IAAI,CAAC;YACvB,MAAM,EAAE,SAAS;YACjB,WAAW,EAAE,MAAM;SACpB,CAAC,CAAC;IACL,CAAC;IAED,0DAA0D;IAC1D,IAAI,IAAA,uCAA4B,EAAC,KAAK,CAAC,EAAE,CAAC;QACxC,MAAM,CAAC,KAAK,CACV,iEAAiE,EACjE,MAAM,CACP,CAAC;QACF,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACxD,CAAC;QACD,OAAO,wBAAY,CAAC,QAAQ,CAAC,GAAG,MAAM,EAAE,CAAC,CAAC;IAC5C,CAAC;IACD,wEAAwE;IACxE,iEAAiE;IACjE,oDAAoD;IACpD,MAAM,QAAQ,GAAG,IAAI,wBAAY,CAC/B,8CAA8C,0CAA2B,gBAAgB,CAC1F,CAAC;IACF,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;IACjE,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,uBAAuB,GAAG,CAC9B,YAAoB,EACpB,eAAuB,EACvB,EAAE,CAAC,IAAI,GAAG,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC,IAAI,CAAC;AAEjD,MAAM,wBAAwB,GAAG,CAC/B,OAAoB,EACpB,MAAkB,EACH,EAAE;IACjB,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAC/C,MAAM,cAAc,GAAG,QAAQ,IAAI,GAAG,CAAC;IAEvC,kEAAkE;IAClE,gCAAgC;IAChC,MAAM,kBAAkB,GAAG,yBAAyB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC1E,IAAI,kBAAkB,EAAE,CAAC;QACvB,OAAO,cAAc,CAAC;IACxB,CAAC;IAED,iFAAiF;IACjF,gFAAgF;IAChF,+EAA+E;IAC/E,+DAA+D;IAC/D,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC;IAClC,IAAI,MAAM;QAAE,OAAO,uBAAuB,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;IAEnE,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,KAAK,EAAE,GAAW,EAAE,EAAE;IAC9C,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;QACnC,IAAA,yBAAc,EAAC,IAAI,CAAC,CAAC;IACvB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,yCAAyC,EAAE,KAAK,CAAC,CAAC;IAChE,CAAC;AACH,CAAC,CAAC;AAEK,KAAK,UAAU,YAAY,CAChC,OAAoB,EACpB,MAAkB;IAElB,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAElD,MAAM,aAAa,GAAG,IAAI,GAAG,CAC3B,eAAe,CAAC,iBAAiB,EACjC,SAAS,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,GAAG,CAClC,CAAC;IAEF,qCAAqC;IACrC,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,eAAe,CAAC,CAAC;IAElD,2CAA2C;IAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAExD,IAAI,CAAC,KAAK,IAAI,CAAC,OAAO,EAAE,CAAC;QACvB,MAAM,CAAC,KAAK,CAAC,wCAAwC,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;QAC3E,yEAAyE;QACzE,8EAA8E;QAC9E,kCAAkC;QAClC,OAAO,wBAAY,CAAC,QAAQ,CAC1B,GAAG,aAAa,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CACpD,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,IAAA,gCAAsB,EAAC;QAC7C,QAAQ,EAAE,eAAe,CAAC,QAAQ;QAClC,OAAO;QACP,KAAK;QACL,WAAW,EAAE,aAAa,CAAC,IAAI;QAC/B,WAAW,EAAE,eAAe,CAAC,WAAW;KACzC,CAAC,CAAC;IAEH,OAAO,wBAAY,CAAC,QAAQ,CAAC,GAAG,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC;AACpD,CAAC;AAEM,KAAK,UAAU,oBAAoB,CACxC,OAAoB,EACpB,MAAkB;IAElB,MAAM,eAAe,GAAG,IAAA,6BAAiB,EAAC,MAAM,CAAC,CAAC;IAElD,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;IAC9D,MAAM,WAAW,GAAG,IAAA,+BAAoB,EAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;IAE1D,MAAM,gBAAgB,GAAG,CAAC,CAAC,CAAC,MAAM,UAAU,CAAC,eAAe,CAAC,CAAC,CAAC;IAC/D,MAAM,oBAAoB,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,yBAAyB,CAAC,CAAC;IAE7E,IAAI,gBAAgB,IAAI,oBAAoB,EAAE,CAAC;QAC7C,MAAM,IAAA,6BAAgB,GAAE,CAAC;IAC3B,CAAC;IAED,IAAI,QAAQ,CAAC;IAEb,wCAAwC;IACxC,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;QAC7B,sEAAsE;QACtE,0DAA0D;QAC1D,2EAA2E;QAC3E,IAAI,gBAAgB,IAAI,oBAAoB,EAAE,CAAC;YAC7C,sBAAsB;YACtB,OAAO,wBAAY,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC;QAClD,CAAC;QAED,kEAAkE;QAClE,QAAQ,GAAG,gCAAgC,CACzC,OAAO,EACP,eAAe,CAAC,iBAAiB,CAClC,CAAC;QACF,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;QACjE,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,4CAA4C;IAC5C,MAAM,WAAW,GAAG,wBAAwB,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;IAEvE,IAAI,WAAW,IAAI,CAAC,gBAAgB,IAAI,oBAAoB,CAAC,EAAE,CAAC;QAC9D,+BAA+B;QAC/B,QAAQ,GAAG,wBAAY,CAAC,QAAQ,CAAC,GAAG,WAAW,EAAE,CAAC,CAAC;QACnD,iBAAiB,CAAC,WAAW,CAAC,CAAC;IACjC,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,KAAK,CAAC,mCAAmC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QAC7D,QAAQ,GAAG,gCAAgC,CACzC,OAAO,EACP,eAAe,CAAC,iBAAiB,CAClC,CAAC;QACF,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;IACnE,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;;;;;;GAWG;AACI,MAAM,OAAO,GAClB,CAAC,UAAU,GAAG,EAAE,EAAE,EAAE,CACpB,KAAK,EAAE,OAAoB,EAAyB,EAAE;IACpD,MAAM,MAAM,GAAG,IAAA,6BAAiB,EAAC,UAAU,CAAC,CAAC;IAE7C,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;QAC1C,MAAM,YAAY,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACzC,MAAM,WAAW,GAAG,YAAY,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAE1D,QAAQ,WAAW,EAAE,CAAC;YACpB,KAAK,WAAW;gBACd,OAAO,MAAM,eAAe,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAChD,KAAK,UAAU;gBACb,OAAO,MAAM,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAC/C,KAAK,SAAS;gBACZ,OAAO,MAAM,aAAa,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAC9C,KAAK,QAAQ;gBACX,OAAO,MAAM,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAC7C,KAAK,gBAAgB;gBACnB,OAAO,MAAM,oBAAoB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YACrD;gBACE,MAAM,IAAI,SAAS,CAAC,uBAAuB,QAAQ,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,KAAK,CAAC,CAAC;QAE3C,MAAM,MAAM,GAAG,KAAK,YAAY,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC;QAC/D,MAAM,OAAO,GACX,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB,CAAC;QAEnE,MAAM,QAAQ,GAAG,wBAAY,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;QAEnE,MAAM,IAAA,6BAAgB,GAAE,CAAC;QACzB,OAAO,QAAQ,CAAC;IAClB,CAAC;AACH,CAAC,CAAC;AApCS,QAAA,OAAO,WAoChB","sourcesContent":["import {\n TOKEN_EXCHANGE_SUCCESS_TEXT,\n TOKEN_EXCHANGE_TRIGGER_TEXT,\n} from \"@/constants.js\";\nimport { loggers } from \"@/lib/logger.js\";\nimport {\n displayModeFromState,\n serverTokenExchangeFromState,\n} from \"@/lib/oauth.js\";\nimport type { AuthConfig } from \"@/nextjs/config.js\";\nimport { resolveAuthConfig } from \"@/nextjs/config.js\";\nimport { clearAuthCookies, NextjsCookieStorage } from \"@/nextjs/cookies.js\";\nimport { getUser } from \"@/nextjs/index.js\";\nimport { resolveCallbackUrl } from \"@/nextjs/utils.js\";\nimport { resolveOAuthAccessCode } from \"@/server/login.js\";\nimport { GenericPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { CodeVerifier, OAuthTokens } from \"@/shared/lib/types.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\nimport { generateOauthLogoutUrl } from \"@/shared/lib/util.js\";\nimport { revalidatePath } from \"next/cache.js\";\nimport type { NextRequest } from \"next/server.js\";\nimport { NextResponse } from \"next/server.js\";\nimport { NextServerAuthenticationRefresherImpl } from \"./NextServerAuthenticationRefresherImpl.js\";\n\nconst logger = loggers.nextjs.handlers.auth;\n\nclass AuthError extends Error {\n constructor(\n message: string,\n public readonly status: number = 401,\n ) {\n super(message);\n this.name = \"AuthError\";\n }\n}\n\nconst getAppUrl = (request: NextRequest): string | null =>\n request.cookies.get(CodeVerifier.APP_URL)?.value ||\n request.nextUrl.searchParams.get(\"appUrl\");\n\nconst getIdToken = async (config: AuthConfig): Promise<string | null> => {\n const cookieStorage = new NextjsCookieStorage(config.cookies?.tokens ?? {});\n return cookieStorage.get(OAuthTokens.ID_TOKEN);\n};\n\n/**\n * create a code verifier and challenge for PKCE\n * saving the verifier in a cookie for later use\n * @returns {Promise<NextResponse>}\n */\nasync function handleChallenge(\n request: NextRequest,\n config: AuthConfig,\n): Promise<NextResponse> {\n const cookieStorage = new NextjsCookieStorage(config.cookies?.tokens ?? {});\n const pkceProducer = new GenericPublicClientPKCEProducer(cookieStorage);\n\n const challenge = await pkceProducer.getCodeChallenge();\n const appUrl = request.nextUrl.searchParams.get(\"appUrl\");\n if (appUrl) {\n cookieStorage.set(CodeVerifier.APP_URL, appUrl);\n }\n return NextResponse.json({ status: \"success\", challenge });\n}\n\nasync function performTokenExchangeAndSetCookies(\n config: AuthConfig,\n code: string,\n state: string,\n appUrl: string,\n) {\n const resolvedConfigs = resolveAuthConfig(config);\n // TODO This is messy, better would be to fix the config.cookies type to always be <name: settings>\n // rather than nesting the tokens-related ones *and* code-verifier inside \"tokens\"\n // (despite code-verifier not relating directly to tokens)\n const cookieStorage = new NextjsCookieStorage({\n ...resolvedConfigs.cookies.tokens,\n user: resolvedConfigs.cookies.user,\n });\n\n const callbackUrl = resolveCallbackUrl(resolvedConfigs, appUrl);\n try {\n await resolveOAuthAccessCode(code, state, cookieStorage, {\n ...resolvedConfigs,\n redirectUrl: callbackUrl,\n });\n } catch (error) {\n logger.error(\"Token exchange failed:\", error);\n throw new AuthError(\"Failed to authenticate user\", 401);\n }\n\n const user = await getUser();\n if (!user) {\n throw new AuthError(\"Failed to get user info\", 401);\n }\n const userSession = new GenericUserSession(cookieStorage);\n await userSession.set(user);\n}\nasync function handleRefresh(\n _request: NextRequest,\n config: AuthConfig,\n): Promise<NextResponse> {\n const resolvedConfigs = resolveAuthConfig(config);\n const cookieStorage = new NextjsCookieStorage(config.cookies?.tokens ?? {});\n try {\n const onError = (error: Error) => {\n logger.error(\"handleRefresh: Token refresh failed:\", error);\n throw new AuthError(\"Failed to refresh tokens\", 500);\n };\n const refresher = await NextServerAuthenticationRefresherImpl.build(\n {\n clientId: resolvedConfigs.clientId,\n oauthServer: resolvedConfigs.oauthServer,\n redirectUrl: resolvedConfigs.callbackUrl,\n refreshUrl: resolvedConfigs.refreshUrl,\n },\n cookieStorage,\n onError,\n );\n\n const tokens = await refresher.refreshAccessToken();\n return NextResponse.json({ status: \"success\", tokens });\n } catch (error) {\n logger.error(\"handleRefresh: Token refresh failed:\", error);\n throw new AuthError(\"Failed to refresh tokens\", 500);\n }\n}\n\nconst generateHtmlResponseWithCallback = (\n request: NextRequest,\n callbackUrl: string,\n) => {\n // we need to replace the URL with resolved config in case the server is hosted\n // behind a reverse proxy or load balancer\n const requestUrl = new URL(request.url);\n const fetchUrl = `${callbackUrl}?${requestUrl.searchParams.toString()}&sameDomainCallback=true`;\n return new NextResponse(\n `<html lang=\"en\">\n <body>\n <span style=\"display:none\">\n <script>\n window.onload = function () {\n const appUrl = globalThis.window?.location?.origin;\n fetch('${fetchUrl}&appUrl=' + appUrl).then((response) => {\n response.json().then((jsonResponse) => {\n if (jsonResponse.redirectUrl) {\n window.location.href = jsonResponse.redirectUrl;\n }\n });\n });\n };\n </script>\n </span>\n </body>\n </html>\n `,\n );\n};\n\nasync function handleCallback(\n request: NextRequest,\n config: AuthConfig,\n): Promise<NextResponse> {\n const resolvedConfigs = resolveAuthConfig(config);\n const code = request.nextUrl.searchParams.get(\"code\");\n const state = request.nextUrl.searchParams.get(\"state\");\n if (!code || !state) throw new AuthError(\"Bad parameters\", 400);\n\n // appUrl is passed from the client to the server in the query string\n // this is necessary because the server does not have access to the client's window.location.origin\n // and can not accurately determine the appUrl (specially if the app is behind a reverse proxy)\n const appUrl = getAppUrl(request);\n\n // If we have a code_verifier cookie and the appUrl, we can do a token exchange.\n // Otherwise, just render an empty page.\n // The initial redirect back from the auth server does not send cookies, because the redirect is from a 3rd-party domain.\n // The client will make an additional call to this route with cookies included, at which point we do the token exchange.\n const codeVerifier = request.cookies.get(CodeVerifier.COOKIE_NAME);\n\n if (!codeVerifier || !appUrl) {\n logger.debug(\"handleCallback no code_verifier found\", {\n state,\n serverTokenExchange: serverTokenExchangeFromState(`${state}`),\n });\n let response = new NextResponse(\n `<html lang=\"en\"><body><span style=\"display:none\">${TOKEN_EXCHANGE_TRIGGER_TEXT}</span></body></html>`,\n );\n\n // in server-side token exchange mode we need to launch a page that will trigger the token exchange\n // from the same domain, allowing it access to the code_verifier cookie\n // we only need to do this in redirect mode, as the iframe already triggers a client-side token exchange\n // if no code-verifier cookie is found\n if (state && serverTokenExchangeFromState(state)) {\n logger.debug(\n \"handleCallback serverTokenExchangeFromState, launching redirect page...\",\n {\n requestUrl: request.url,\n configCallbackUrl: resolvedConfigs.callbackUrl,\n },\n );\n // generate a page that will callback to the same domain, allowing access\n // to the code_verifier cookie and passing the appUrl.\n response = generateHtmlResponseWithCallback(\n request,\n resolvedConfigs.callbackUrl,\n );\n }\n\n response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n logger.debug(\n `handleCallback no code_verifier found, returning ${TOKEN_EXCHANGE_TRIGGER_TEXT}`,\n );\n return response;\n }\n\n await performTokenExchangeAndSetCookies(resolvedConfigs, code, state, appUrl);\n\n if (request.url.includes(\"sameDomainCallback=true\")) {\n logger.debug(\n \"handleCallback sameDomainCallback = true, returning redirectUrl\",\n appUrl,\n );\n return NextResponse.json({\n status: \"success\",\n redirectUrl: appUrl,\n });\n }\n\n // this is the case where a 'normal' redirect is happening\n if (serverTokenExchangeFromState(state)) {\n logger.debug(\n \"handleCallback serverTokenExchangeFromState, redirect to appUrl\",\n appUrl,\n );\n if (!appUrl) {\n throw new Error(\"appUrl undefined. Cannot redirect.\");\n }\n return NextResponse.redirect(`${appUrl}`);\n }\n // return an empty HTML response so the iframe doesn't show any response\n // in the short moment between the redirect and the parent window\n // acknowledging the redirect and closing the iframe\n const response = new NextResponse(\n `<html lang=\"en\"><span style=\"display:none\">${TOKEN_EXCHANGE_SUCCESS_TEXT}</span></html>`,\n );\n response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n return response;\n}\n\n/**\n * If redirectPath is an absolute path, return it as-is.\n * Otherwise for relative paths, append it to the current domain.\n * @param redirectPath\n * @param currentBasePath\n * @returns\n */\nconst getAbsoluteRedirectPath = (\n redirectPath: string,\n currentBasePath: string,\n) => new URL(redirectPath, currentBasePath).href;\n\nconst getPostLogoutRedirectUrl = (\n request: NextRequest,\n config: AuthConfig,\n): string | null => {\n const { loginUrl } = resolveAuthConfig(config);\n const redirectTarget = loginUrl ?? \"/\";\n\n // if the optional loginUrl is provided and it is an absolute URL,\n // use it as the redirect target\n const isAbsoluteRedirect = /^(https?:\\/\\/|www\\.).+/i.test(redirectTarget);\n if (isAbsoluteRedirect) {\n return redirectTarget;\n }\n\n // if loginUrl is not defined, the appUrl is passed from the client to the server\n // in the query string or cookies. This is necessary because the server does not\n // have access to the client's window.location and can not accurately determine\n // the appUrl (specially if the app is behind a reverse proxy).\n const appUrl = getAppUrl(request);\n if (appUrl) return getAbsoluteRedirectPath(redirectTarget, appUrl);\n\n return null;\n};\n\nconst revalidateUrlPath = async (url: string) => {\n try {\n const path = new URL(url).pathname;\n revalidatePath(path);\n } catch (error) {\n logger.warn(\"Failed to revalidate path after logout:\", error);\n }\n};\n\nexport async function handleLogout(\n request: NextRequest,\n config: AuthConfig,\n): Promise<NextResponse> {\n const resolvedConfigs = resolveAuthConfig(config);\n\n const postLogoutUrl = new URL(\n resolvedConfigs.logoutCallbackUrl,\n getAppUrl(request) || request.url,\n );\n\n // read the id_token from the cookies\n const idToken = await getIdToken(resolvedConfigs);\n\n // read the state from the query parameters\n const state = request.nextUrl.searchParams.get(\"state\");\n\n if (!state || !idToken) {\n logger.error(\"handleLogout: missing state or idToken\", { state, idToken });\n // if token or state is missing, the logout call to the server will fail,\n // (token has potentially expired already) so go straight to the postLogoutUrl\n // so the user can be signed out.\n return NextResponse.redirect(\n `${postLogoutUrl}${state ? \"?state=\" + state : \"\"}`,\n );\n }\n\n const logoutUrl = await generateOauthLogoutUrl({\n clientId: resolvedConfigs.clientId,\n idToken,\n state,\n redirectUrl: postLogoutUrl.href,\n oauthServer: resolvedConfigs.oauthServer,\n });\n\n return NextResponse.redirect(`${logoutUrl.href}`);\n}\n\nexport async function handleLogoutCallback(\n request: NextRequest,\n config: AuthConfig,\n): Promise<NextResponse> {\n const resolvedConfigs = resolveAuthConfig(config);\n\n const state = request.nextUrl.searchParams.get(\"state\") || \"\";\n const displayMode = displayModeFromState(state, \"iframe\");\n\n const canAccessCookies = !!(await getIdToken(resolvedConfigs));\n const isSameDomainCallback = request.url.includes(\"sameDomainCallback=true\");\n\n if (canAccessCookies || isSameDomainCallback) {\n await clearAuthCookies();\n }\n\n let response;\n\n // handle logout for iframe display mode\n if (displayMode === \"iframe\") {\n // try to read the token from cookies. If cookies cant be read/written\n // because the request cames from a cross-origin redirect,\n // we need to show a page that will trigger the logout from the same domain\n if (canAccessCookies || isSameDomainCallback) {\n // just return success\n return NextResponse.json({ status: \"success\" });\n }\n\n // return a page that will trigger the logout from the same domain\n response = generateHtmlResponseWithCallback(\n request,\n resolvedConfigs.logoutCallbackUrl,\n );\n response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n return response;\n }\n\n // handle logout for non-iframe display mode\n const redirectUrl = getPostLogoutRedirectUrl(request, resolvedConfigs);\n\n if (redirectUrl && (canAccessCookies || isSameDomainCallback)) {\n // just redirect to the app url\n response = NextResponse.redirect(`${redirectUrl}`);\n revalidateUrlPath(redirectUrl);\n } else {\n logger.debug(\"handleLogout no redirectUrl found\", { state });\n response = generateHtmlResponseWithCallback(\n request,\n resolvedConfigs.logoutCallbackUrl,\n );\n response.headers.set(\"Content-Type\", \"text/html; charset=utf-8\");\n }\n\n return response;\n}\n\n/**\n * Creates an authentication handler for Next.js API routes\n *\n * Usage:\n * ```ts\n * // app/api/auth/[...civicauth]/route.ts\n * import { handler } from '@civic/auth/nextjs'\n * export const GET = handler({\n * // optional config overrides\n * })\n * ```\n */\nexport const handler =\n (authConfig = {}) =>\n async (request: NextRequest): Promise<NextResponse> => {\n const config = resolveAuthConfig(authConfig);\n\n try {\n const pathname = request.nextUrl.pathname;\n const pathSegments = pathname.split(\"/\");\n const lastSegment = pathSegments[pathSegments.length - 1];\n\n switch (lastSegment) {\n case \"challenge\":\n return await handleChallenge(request, config);\n case \"callback\":\n return await handleCallback(request, config);\n case \"refresh\":\n return await handleRefresh(request, config);\n case \"logout\":\n return await handleLogout(request, config);\n case \"logoutcallback\":\n return await handleLogoutCallback(request, config);\n default:\n throw new AuthError(`Invalid auth route: ${pathname}`, 404);\n }\n } catch (error) {\n logger.error(\"Auth handler error:\", error);\n\n const status = error instanceof AuthError ? error.status : 500;\n const message =\n error instanceof Error ? error.message : \"Authentication failed\";\n\n const response = NextResponse.json({ error: message }, { status });\n\n await clearAuthCookies();\n return response;\n }\n };\n"]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"LoadingSpinner.d.ts","sourceRoot":"","sources":["../../../../src/reactjs/components/LoadingSpinner.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B,eAAO,MAAM,sBAAsB;;;;uBAuClC,CAAC"}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
"use client";
|
|
3
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
4
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
5
|
+
};
|
|
6
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
7
|
+
exports.ButtonContentOrSpinner = void 0;
|
|
8
|
+
const react_1 = __importDefault(require("react"));
|
|
9
|
+
const LoadingIcon_js_1 = require("../../shared/components/LoadingIcon.js");
|
|
10
|
+
const ButtonContentOrSpinner = ({ isSigningOut, isSigningIn, children, }) => {
|
|
11
|
+
return (react_1.default.createElement("div", { style: {
|
|
12
|
+
position: "relative",
|
|
13
|
+
display: "flex",
|
|
14
|
+
alignItems: "center",
|
|
15
|
+
} },
|
|
16
|
+
react_1.default.createElement("span", { style: {
|
|
17
|
+
visibility: isSigningOut || isSigningIn ? "hidden" : "visible",
|
|
18
|
+
whiteSpace: "nowrap",
|
|
19
|
+
} }, children),
|
|
20
|
+
(isSigningOut || isSigningIn) && (react_1.default.createElement("span", { style: {
|
|
21
|
+
position: "absolute",
|
|
22
|
+
display: "flex",
|
|
23
|
+
justifyContent: "center",
|
|
24
|
+
alignItems: "center",
|
|
25
|
+
top: 0,
|
|
26
|
+
left: 0,
|
|
27
|
+
right: 0,
|
|
28
|
+
bottom: 0,
|
|
29
|
+
} },
|
|
30
|
+
react_1.default.createElement(LoadingIcon_js_1.LoadingIcon, { width: "1.5em", height: "1.5em" })))));
|
|
31
|
+
};
|
|
32
|
+
exports.ButtonContentOrSpinner = ButtonContentOrSpinner;
|
|
33
|
+
//# sourceMappingURL=LoadingSpinner.js.map
|