@crossauth/sveltekit 1.1.4 → 1.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -2145,7 +2145,8 @@ export class SvelteKitOAuthClient extends OAuthClientBackend {
|
|
|
2145
2145
|
const ce = new CrossauthError(ErrorCode.Configuration, "If tokenResponseType is " + this.tokenResponseType + ", use actions not post");
|
|
2146
2146
|
return this.errorFn(this.server, event, ce);
|
|
2147
2147
|
}
|
|
2148
|
-
|
|
2148
|
+
const ret = await this.refreshTokens(event, "post", true);
|
|
2149
|
+
return this.pack(ret);
|
|
2149
2150
|
},
|
|
2150
2151
|
actions: {
|
|
2151
2152
|
default: async (event) => {
|
|
@@ -2163,7 +2164,8 @@ export class SvelteKitOAuthClient extends OAuthClientBackend {
|
|
|
2163
2164
|
const ce = new CrossauthError(ErrorCode.Configuration, "If tokenResponseType is " + this.tokenResponseType + ", use actions not post");
|
|
2164
2165
|
return this.errorFn(this.server, event, ce);
|
|
2165
2166
|
}
|
|
2166
|
-
|
|
2167
|
+
const ret = await this.refreshTokens(event, "silent", true);
|
|
2168
|
+
return this.pack(ret);
|
|
2167
2169
|
},
|
|
2168
2170
|
};
|
|
2169
2171
|
autoRefreshTokensEndpoint = {
|
|
@@ -2377,6 +2379,12 @@ export class SvelteKitOAuthClient extends OAuthClientBackend {
|
|
|
2377
2379
|
},
|
|
2378
2380
|
};
|
|
2379
2381
|
errorIfIdTokenInvalid(oauthResponse) {
|
|
2382
|
+
if (!oauthResponse) {
|
|
2383
|
+
return {
|
|
2384
|
+
error: "access_denied",
|
|
2385
|
+
error_description: "Invalid OAuth response"
|
|
2386
|
+
};
|
|
2387
|
+
}
|
|
2380
2388
|
if (oauthResponse["id_token"] && this.jwtTokens.includes("id")) {
|
|
2381
2389
|
/*const payload = this.validateIdToken(oauthResponse["id_token"]);
|
|
2382
2390
|
if (payload == undefined) {
|
|
@@ -251,8 +251,12 @@ export class SvelteKitAuthorizationServer {
|
|
|
251
251
|
cookieParams.domain = this.refreshTokenCookieDomain;
|
|
252
252
|
if (this.refreshTokenCookieHttpOnly == true)
|
|
253
253
|
cookieParams.httpOnly = true;
|
|
254
|
+
else
|
|
255
|
+
cookieParams.httpOnly = false;
|
|
254
256
|
if (this.refreshTokenCookieSecure == true)
|
|
255
257
|
cookieParams.secure = true;
|
|
258
|
+
else
|
|
259
|
+
cookieParams.secure = false;
|
|
256
260
|
event.cookies.set(this.refreshTokenCookieName, token, cookieParams);
|
|
257
261
|
}
|
|
258
262
|
requireGetParam(url, name) {
|
|
@@ -1220,7 +1224,7 @@ export class SvelteKitAuthorizationServer {
|
|
|
1220
1224
|
}
|
|
1221
1225
|
else if (this.authServer.upstreamClients && this.authServer.upstreamClientOptionss) {
|
|
1222
1226
|
if (!upstream) {
|
|
1223
|
-
CrossauthLogger.logger.
|
|
1227
|
+
CrossauthLogger.logger.warn(j({ msg: "Have multiple upstream clients but upstream redirect uri not passed the upstream identifier" }));
|
|
1224
1228
|
return this.redirectError(oauthData.orig_redirect_uri, "server_error", "Have multiple upstream clients but upstream redirect uri not passed the upstream identifier");
|
|
1225
1229
|
}
|
|
1226
1230
|
upstreamClient = this.authServer.upstreamClients[upstream];
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@crossauth/sveltekit",
|
|
3
|
-
"version": "1.1.
|
|
3
|
+
"version": "1.1.6",
|
|
4
4
|
"license": "Apache-2.0",
|
|
5
5
|
"description": "Sveltekit adapter for Crossauth authentication package",
|
|
6
6
|
"private": false,
|
|
@@ -54,8 +54,8 @@
|
|
|
54
54
|
"minimatch": "^10.0.1",
|
|
55
55
|
"publint": "0.3.15",
|
|
56
56
|
"qrcode": "^1.5.4",
|
|
57
|
-
"@crossauth/backend": "^1.1.
|
|
58
|
-
"@crossauth/common": "^1.1.
|
|
57
|
+
"@crossauth/backend": "^1.1.6",
|
|
58
|
+
"@crossauth/common": "^1.1.6"
|
|
59
59
|
},
|
|
60
60
|
"scripts": {
|
|
61
61
|
"preparex": "svelte-kit sync",
|