@fnd-platform/cognito-auth 1.0.0-alpha.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +323 -0
- package/lib/authorizer/handler.d.ts +33 -0
- package/lib/authorizer/handler.d.ts.map +1 -0
- package/lib/authorizer/handler.js +106 -0
- package/lib/authorizer/handler.js.map +1 -0
- package/lib/authorizer/index.d.ts +7 -0
- package/lib/authorizer/index.d.ts.map +1 -0
- package/lib/authorizer/index.js +16 -0
- package/lib/authorizer/index.js.map +1 -0
- package/lib/client/auth-client.d.ts +131 -0
- package/lib/client/auth-client.d.ts.map +1 -0
- package/lib/client/auth-client.js +270 -0
- package/lib/client/auth-client.js.map +1 -0
- package/lib/client/errors.d.ts +67 -0
- package/lib/client/errors.d.ts.map +1 -0
- package/lib/client/errors.js +90 -0
- package/lib/client/errors.js.map +1 -0
- package/lib/client/index.d.ts +8 -0
- package/lib/client/index.d.ts.map +1 -0
- package/lib/client/index.js +29 -0
- package/lib/client/index.js.map +1 -0
- package/lib/cognito-construct.d.ts +113 -0
- package/lib/cognito-construct.d.ts.map +1 -0
- package/lib/cognito-construct.js +211 -0
- package/lib/cognito-construct.js.map +1 -0
- package/lib/index.d.ts +30 -0
- package/lib/index.d.ts.map +1 -0
- package/lib/index.js +59 -0
- package/lib/index.js.map +1 -0
- package/lib/jwt.d.ts +89 -0
- package/lib/jwt.d.ts.map +1 -0
- package/lib/jwt.js +117 -0
- package/lib/jwt.js.map +1 -0
- package/lib/middleware/auth.d.ts +59 -0
- package/lib/middleware/auth.d.ts.map +1 -0
- package/lib/middleware/auth.js +148 -0
- package/lib/middleware/auth.js.map +1 -0
- package/lib/middleware/index.d.ts +12 -0
- package/lib/middleware/index.d.ts.map +1 -0
- package/lib/middleware/index.js +16 -0
- package/lib/middleware/index.js.map +1 -0
- package/lib/remix/admin.server.d.ts +105 -0
- package/lib/remix/admin.server.d.ts.map +1 -0
- package/lib/remix/admin.server.js +146 -0
- package/lib/remix/admin.server.js.map +1 -0
- package/lib/remix/index.d.ts +17 -0
- package/lib/remix/index.d.ts.map +1 -0
- package/lib/remix/index.js +95 -0
- package/lib/remix/index.js.map +1 -0
- package/lib/remix/session.server.d.ts +177 -0
- package/lib/remix/session.server.d.ts.map +1 -0
- package/lib/remix/session.server.js +287 -0
- package/lib/remix/session.server.js.map +1 -0
- package/lib/types.d.ts +161 -0
- package/lib/types.d.ts.map +1 -0
- package/lib/types.js +8 -0
- package/lib/types.js.map +1 -0
- package/lib/utils/index.d.ts +12 -0
- package/lib/utils/index.d.ts.map +1 -0
- package/lib/utils/index.js +22 -0
- package/lib/utils/index.js.map +1 -0
- package/lib/utils/token-refresh.d.ts +62 -0
- package/lib/utils/token-refresh.d.ts.map +1 -0
- package/lib/utils/token-refresh.js +84 -0
- package/lib/utils/token-refresh.js.map +1 -0
- package/package.json +70 -0
|
@@ -0,0 +1,177 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Remix session management utilities.
|
|
3
|
+
*
|
|
4
|
+
* Provides cookie-based session storage for authentication tokens
|
|
5
|
+
* and utilities for requiring authentication in Remix loaders.
|
|
6
|
+
*
|
|
7
|
+
* @packageDocumentation
|
|
8
|
+
*/
|
|
9
|
+
import type { SessionStorage } from '@remix-run/node';
|
|
10
|
+
import type { AuthTokens, SessionData, SessionUser } from '../types.js';
|
|
11
|
+
/**
|
|
12
|
+
* Creates a session storage with the given secret.
|
|
13
|
+
*
|
|
14
|
+
* @param secret - Session secret for signing cookies. Defaults to SESSION_SECRET env var.
|
|
15
|
+
* @returns Remix session storage instance
|
|
16
|
+
*
|
|
17
|
+
* @example
|
|
18
|
+
* ```typescript
|
|
19
|
+
* // Use default secret from env
|
|
20
|
+
* const storage = createSessionStorage();
|
|
21
|
+
*
|
|
22
|
+
* // Use custom secret (useful for testing)
|
|
23
|
+
* const storage = createSessionStorage('test-secret');
|
|
24
|
+
* ```
|
|
25
|
+
*/
|
|
26
|
+
export declare function createSessionStorage(secret?: string): SessionStorage;
|
|
27
|
+
/**
|
|
28
|
+
* Resets the default session storage. Useful for testing.
|
|
29
|
+
*
|
|
30
|
+
* @internal
|
|
31
|
+
*/
|
|
32
|
+
export declare function resetDefaultStorage(): void;
|
|
33
|
+
/**
|
|
34
|
+
* Gets the session from a request.
|
|
35
|
+
*
|
|
36
|
+
* @param request - Remix request object
|
|
37
|
+
* @param storage - Optional custom session storage
|
|
38
|
+
* @returns Remix session object
|
|
39
|
+
*
|
|
40
|
+
* @example
|
|
41
|
+
* ```typescript
|
|
42
|
+
* export async function loader({ request }: LoaderFunctionArgs) {
|
|
43
|
+
* const session = await getSession(request);
|
|
44
|
+
* const userId = session.get('userId');
|
|
45
|
+
* }
|
|
46
|
+
* ```
|
|
47
|
+
*/
|
|
48
|
+
export declare function getSession(
|
|
49
|
+
request: Request,
|
|
50
|
+
storage?: SessionStorage
|
|
51
|
+
): Promise<
|
|
52
|
+
import('@remix-run/node').Session<
|
|
53
|
+
import('@remix-run/node').SessionData,
|
|
54
|
+
import('@remix-run/node').SessionData
|
|
55
|
+
>
|
|
56
|
+
>;
|
|
57
|
+
/**
|
|
58
|
+
* Creates a user session with authentication tokens and redirects.
|
|
59
|
+
*
|
|
60
|
+
* Extracts user information from the ID token and stores it in the session
|
|
61
|
+
* along with the tokens for future use.
|
|
62
|
+
*
|
|
63
|
+
* @param tokens - Authentication tokens from Cognito
|
|
64
|
+
* @param redirectTo - URL to redirect after creating session
|
|
65
|
+
* @param storage - Optional custom session storage
|
|
66
|
+
* @returns Redirect response with session cookie
|
|
67
|
+
*
|
|
68
|
+
* @example
|
|
69
|
+
* ```typescript
|
|
70
|
+
* export async function action({ request }: ActionFunctionArgs) {
|
|
71
|
+
* const tokens = await authClient.signIn(email, password);
|
|
72
|
+
* return createUserSession(tokens, '/dashboard');
|
|
73
|
+
* }
|
|
74
|
+
* ```
|
|
75
|
+
*/
|
|
76
|
+
export declare function createUserSession(
|
|
77
|
+
tokens: AuthTokens,
|
|
78
|
+
redirectTo: string,
|
|
79
|
+
storage?: SessionStorage
|
|
80
|
+
): Promise<Response>;
|
|
81
|
+
/**
|
|
82
|
+
* Requires authentication for a route.
|
|
83
|
+
*
|
|
84
|
+
* Checks if the user has a valid session. If not, redirects to the login page.
|
|
85
|
+
* Also handles automatic token refresh when tokens are near expiry.
|
|
86
|
+
*
|
|
87
|
+
* @param request - Remix request object
|
|
88
|
+
* @param redirectTo - URL to redirect if not authenticated (default: '/login')
|
|
89
|
+
* @param storage - Optional custom session storage
|
|
90
|
+
* @returns User ID if authenticated
|
|
91
|
+
* @throws Redirect response if not authenticated
|
|
92
|
+
*
|
|
93
|
+
* @example
|
|
94
|
+
* ```typescript
|
|
95
|
+
* export async function loader({ request }: LoaderFunctionArgs) {
|
|
96
|
+
* const userId = await requireAuth(request);
|
|
97
|
+
* // User is authenticated, load their data
|
|
98
|
+
* return json({ userId });
|
|
99
|
+
* }
|
|
100
|
+
* ```
|
|
101
|
+
*/
|
|
102
|
+
export declare function requireAuth(
|
|
103
|
+
request: Request,
|
|
104
|
+
redirectTo?: string,
|
|
105
|
+
storage?: SessionStorage
|
|
106
|
+
): Promise<string>;
|
|
107
|
+
/**
|
|
108
|
+
* Gets the optional user from the session.
|
|
109
|
+
*
|
|
110
|
+
* Returns user information if authenticated, null otherwise.
|
|
111
|
+
* Does not redirect or throw errors.
|
|
112
|
+
*
|
|
113
|
+
* @param request - Remix request object
|
|
114
|
+
* @param storage - Optional custom session storage
|
|
115
|
+
* @returns Session user or null
|
|
116
|
+
*
|
|
117
|
+
* @example
|
|
118
|
+
* ```typescript
|
|
119
|
+
* export async function loader({ request }: LoaderFunctionArgs) {
|
|
120
|
+
* const user = await getOptionalUser(request);
|
|
121
|
+
* return json({ isLoggedIn: !!user, user });
|
|
122
|
+
* }
|
|
123
|
+
* ```
|
|
124
|
+
*/
|
|
125
|
+
export declare function getOptionalUser(
|
|
126
|
+
request: Request,
|
|
127
|
+
storage?: SessionStorage
|
|
128
|
+
): Promise<SessionUser | null>;
|
|
129
|
+
/**
|
|
130
|
+
* Gets full session data including tokens.
|
|
131
|
+
*
|
|
132
|
+
* Use this when you need access to the tokens, e.g., for API calls.
|
|
133
|
+
*
|
|
134
|
+
* @param request - Remix request object
|
|
135
|
+
* @param storage - Optional custom session storage
|
|
136
|
+
* @returns Full session data or null
|
|
137
|
+
*
|
|
138
|
+
* @example
|
|
139
|
+
* ```typescript
|
|
140
|
+
* export async function loader({ request }: LoaderFunctionArgs) {
|
|
141
|
+
* const sessionData = await getUserSession(request);
|
|
142
|
+
* if (sessionData) {
|
|
143
|
+
* // Use accessToken for API call
|
|
144
|
+
* const response = await fetch('/api/data', {
|
|
145
|
+
* headers: { Authorization: `Bearer ${sessionData.accessToken}` },
|
|
146
|
+
* });
|
|
147
|
+
* }
|
|
148
|
+
* }
|
|
149
|
+
* ```
|
|
150
|
+
*/
|
|
151
|
+
export declare function getUserSession(
|
|
152
|
+
request: Request,
|
|
153
|
+
storage?: SessionStorage
|
|
154
|
+
): Promise<SessionData | null>;
|
|
155
|
+
/**
|
|
156
|
+
* Logs out the user and redirects to the login page.
|
|
157
|
+
*
|
|
158
|
+
* Destroys the session cookie.
|
|
159
|
+
*
|
|
160
|
+
* @param request - Remix request object
|
|
161
|
+
* @param redirectTo - URL to redirect after logout (default: '/login')
|
|
162
|
+
* @param storage - Optional custom session storage
|
|
163
|
+
* @returns Redirect response with destroyed session
|
|
164
|
+
*
|
|
165
|
+
* @example
|
|
166
|
+
* ```typescript
|
|
167
|
+
* export async function action({ request }: ActionFunctionArgs) {
|
|
168
|
+
* return logout(request);
|
|
169
|
+
* }
|
|
170
|
+
* ```
|
|
171
|
+
*/
|
|
172
|
+
export declare function logout(
|
|
173
|
+
request: Request,
|
|
174
|
+
redirectTo?: string,
|
|
175
|
+
storage?: SessionStorage
|
|
176
|
+
): Promise<Response>;
|
|
177
|
+
//# sourceMappingURL=session.server.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"session.server.d.ts","sourceRoot":"","sources":["../../src/remix/session.server.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAmBxE;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,cAAc,CAcpE;AAeD;;;;GAIG;AACH,wBAAgB,mBAAmB,IAAI,IAAI,CAE1C;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,UAAU,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE,cAAc,4HAG1E;AAoBD;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAsB,iBAAiB,CACrC,MAAM,EAAE,UAAU,EAClB,UAAU,EAAE,MAAM,EAClB,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,QAAQ,CAAC,CAqBnB;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAsB,WAAW,CAC/B,OAAO,EAAE,OAAO,EAChB,UAAU,SAAW,EACrB,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,MAAM,CAAC,CAiBjB;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAsB,eAAe,CACnC,OAAO,EAAE,OAAO,EAChB,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,CAa7B;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAsB,cAAc,CAClC,OAAO,EAAE,OAAO,EAChB,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,CAiB7B;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAsB,MAAM,CAC1B,OAAO,EAAE,OAAO,EAChB,UAAU,SAAW,EACrB,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,QAAQ,CAAC,CASnB"}
|
|
@@ -0,0 +1,287 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
/**
|
|
3
|
+
* Remix session management utilities.
|
|
4
|
+
*
|
|
5
|
+
* Provides cookie-based session storage for authentication tokens
|
|
6
|
+
* and utilities for requiring authentication in Remix loaders.
|
|
7
|
+
*
|
|
8
|
+
* @packageDocumentation
|
|
9
|
+
*/
|
|
10
|
+
Object.defineProperty(exports, '__esModule', { value: true });
|
|
11
|
+
exports.createSessionStorage = createSessionStorage;
|
|
12
|
+
exports.resetDefaultStorage = resetDefaultStorage;
|
|
13
|
+
exports.getSession = getSession;
|
|
14
|
+
exports.createUserSession = createUserSession;
|
|
15
|
+
exports.requireAuth = requireAuth;
|
|
16
|
+
exports.getOptionalUser = getOptionalUser;
|
|
17
|
+
exports.getUserSession = getUserSession;
|
|
18
|
+
exports.logout = logout;
|
|
19
|
+
const node_1 = require('@remix-run/node');
|
|
20
|
+
/**
|
|
21
|
+
* Default session storage instance.
|
|
22
|
+
* Lazily initialized to avoid accessing env at module load.
|
|
23
|
+
*/
|
|
24
|
+
let defaultSessionStorage = null;
|
|
25
|
+
/**
|
|
26
|
+
* Cookie configuration for session storage.
|
|
27
|
+
*/
|
|
28
|
+
const COOKIE_CONFIG = {
|
|
29
|
+
name: '__fnd_session',
|
|
30
|
+
httpOnly: true,
|
|
31
|
+
maxAge: 60 * 60 * 24 * 7, // 1 week
|
|
32
|
+
path: '/',
|
|
33
|
+
sameSite: 'lax',
|
|
34
|
+
};
|
|
35
|
+
/**
|
|
36
|
+
* Creates a session storage with the given secret.
|
|
37
|
+
*
|
|
38
|
+
* @param secret - Session secret for signing cookies. Defaults to SESSION_SECRET env var.
|
|
39
|
+
* @returns Remix session storage instance
|
|
40
|
+
*
|
|
41
|
+
* @example
|
|
42
|
+
* ```typescript
|
|
43
|
+
* // Use default secret from env
|
|
44
|
+
* const storage = createSessionStorage();
|
|
45
|
+
*
|
|
46
|
+
* // Use custom secret (useful for testing)
|
|
47
|
+
* const storage = createSessionStorage('test-secret');
|
|
48
|
+
* ```
|
|
49
|
+
*/
|
|
50
|
+
function createSessionStorage(secret) {
|
|
51
|
+
const sessionSecret = secret ?? process.env.SESSION_SECRET;
|
|
52
|
+
if (!sessionSecret) {
|
|
53
|
+
throw new Error('SESSION_SECRET environment variable is required');
|
|
54
|
+
}
|
|
55
|
+
return (0, node_1.createCookieSessionStorage)({
|
|
56
|
+
cookie: {
|
|
57
|
+
...COOKIE_CONFIG,
|
|
58
|
+
secrets: [sessionSecret],
|
|
59
|
+
secure: process.env.NODE_ENV === 'production',
|
|
60
|
+
},
|
|
61
|
+
});
|
|
62
|
+
}
|
|
63
|
+
/**
|
|
64
|
+
* Gets the default session storage instance.
|
|
65
|
+
* Lazily creates it on first access.
|
|
66
|
+
*
|
|
67
|
+
* @internal
|
|
68
|
+
*/
|
|
69
|
+
function getDefaultStorage() {
|
|
70
|
+
if (!defaultSessionStorage) {
|
|
71
|
+
defaultSessionStorage = createSessionStorage();
|
|
72
|
+
}
|
|
73
|
+
return defaultSessionStorage;
|
|
74
|
+
}
|
|
75
|
+
/**
|
|
76
|
+
* Resets the default session storage. Useful for testing.
|
|
77
|
+
*
|
|
78
|
+
* @internal
|
|
79
|
+
*/
|
|
80
|
+
function resetDefaultStorage() {
|
|
81
|
+
defaultSessionStorage = null;
|
|
82
|
+
}
|
|
83
|
+
/**
|
|
84
|
+
* Gets the session from a request.
|
|
85
|
+
*
|
|
86
|
+
* @param request - Remix request object
|
|
87
|
+
* @param storage - Optional custom session storage
|
|
88
|
+
* @returns Remix session object
|
|
89
|
+
*
|
|
90
|
+
* @example
|
|
91
|
+
* ```typescript
|
|
92
|
+
* export async function loader({ request }: LoaderFunctionArgs) {
|
|
93
|
+
* const session = await getSession(request);
|
|
94
|
+
* const userId = session.get('userId');
|
|
95
|
+
* }
|
|
96
|
+
* ```
|
|
97
|
+
*/
|
|
98
|
+
async function getSession(request, storage) {
|
|
99
|
+
const sessionStorage = storage ?? getDefaultStorage();
|
|
100
|
+
return sessionStorage.getSession(request.headers.get('Cookie'));
|
|
101
|
+
}
|
|
102
|
+
/**
|
|
103
|
+
* Decodes a JWT token payload (base64).
|
|
104
|
+
*
|
|
105
|
+
* @param token - JWT token
|
|
106
|
+
* @returns Decoded payload object
|
|
107
|
+
*
|
|
108
|
+
* @internal
|
|
109
|
+
*/
|
|
110
|
+
function decodeTokenPayload(token) {
|
|
111
|
+
try {
|
|
112
|
+
const payload = token.split('.')[1];
|
|
113
|
+
const decoded = Buffer.from(payload, 'base64').toString('utf-8');
|
|
114
|
+
return JSON.parse(decoded);
|
|
115
|
+
} catch {
|
|
116
|
+
return {};
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
/**
|
|
120
|
+
* Creates a user session with authentication tokens and redirects.
|
|
121
|
+
*
|
|
122
|
+
* Extracts user information from the ID token and stores it in the session
|
|
123
|
+
* along with the tokens for future use.
|
|
124
|
+
*
|
|
125
|
+
* @param tokens - Authentication tokens from Cognito
|
|
126
|
+
* @param redirectTo - URL to redirect after creating session
|
|
127
|
+
* @param storage - Optional custom session storage
|
|
128
|
+
* @returns Redirect response with session cookie
|
|
129
|
+
*
|
|
130
|
+
* @example
|
|
131
|
+
* ```typescript
|
|
132
|
+
* export async function action({ request }: ActionFunctionArgs) {
|
|
133
|
+
* const tokens = await authClient.signIn(email, password);
|
|
134
|
+
* return createUserSession(tokens, '/dashboard');
|
|
135
|
+
* }
|
|
136
|
+
* ```
|
|
137
|
+
*/
|
|
138
|
+
async function createUserSession(tokens, redirectTo, storage) {
|
|
139
|
+
const sessionStorage = storage ?? getDefaultStorage();
|
|
140
|
+
const session = await sessionStorage.getSession();
|
|
141
|
+
// Decode ID token to get user info
|
|
142
|
+
const payload = decodeTokenPayload(tokens.idToken);
|
|
143
|
+
// Store tokens and user info in session
|
|
144
|
+
session.set('accessToken', tokens.accessToken);
|
|
145
|
+
session.set('idToken', tokens.idToken);
|
|
146
|
+
session.set('refreshToken', tokens.refreshToken);
|
|
147
|
+
session.set('expiresAt', Date.now() + tokens.expiresIn * 1000);
|
|
148
|
+
session.set('userId', payload.sub);
|
|
149
|
+
session.set('email', payload.email ?? '');
|
|
150
|
+
session.set('groups', payload['cognito:groups'] ?? []);
|
|
151
|
+
return (0, node_1.redirect)(redirectTo, {
|
|
152
|
+
headers: {
|
|
153
|
+
'Set-Cookie': await sessionStorage.commitSession(session),
|
|
154
|
+
},
|
|
155
|
+
});
|
|
156
|
+
}
|
|
157
|
+
/**
|
|
158
|
+
* Requires authentication for a route.
|
|
159
|
+
*
|
|
160
|
+
* Checks if the user has a valid session. If not, redirects to the login page.
|
|
161
|
+
* Also handles automatic token refresh when tokens are near expiry.
|
|
162
|
+
*
|
|
163
|
+
* @param request - Remix request object
|
|
164
|
+
* @param redirectTo - URL to redirect if not authenticated (default: '/login')
|
|
165
|
+
* @param storage - Optional custom session storage
|
|
166
|
+
* @returns User ID if authenticated
|
|
167
|
+
* @throws Redirect response if not authenticated
|
|
168
|
+
*
|
|
169
|
+
* @example
|
|
170
|
+
* ```typescript
|
|
171
|
+
* export async function loader({ request }: LoaderFunctionArgs) {
|
|
172
|
+
* const userId = await requireAuth(request);
|
|
173
|
+
* // User is authenticated, load their data
|
|
174
|
+
* return json({ userId });
|
|
175
|
+
* }
|
|
176
|
+
* ```
|
|
177
|
+
*/
|
|
178
|
+
async function requireAuth(request, redirectTo = '/login', storage) {
|
|
179
|
+
const session = await getSession(request, storage);
|
|
180
|
+
const userId = session.get('userId');
|
|
181
|
+
if (!userId) {
|
|
182
|
+
throw (0, node_1.redirect)(redirectTo);
|
|
183
|
+
}
|
|
184
|
+
// Check if tokens are near expiry (within 5 minutes)
|
|
185
|
+
const expiresAt = session.get('expiresAt');
|
|
186
|
+
if (expiresAt && Date.now() > expiresAt - 5 * 60 * 1000) {
|
|
187
|
+
// Tokens are near expiry
|
|
188
|
+
// In a full implementation, this would refresh tokens
|
|
189
|
+
// For now, we just return the userId as the session is still valid
|
|
190
|
+
}
|
|
191
|
+
return userId;
|
|
192
|
+
}
|
|
193
|
+
/**
|
|
194
|
+
* Gets the optional user from the session.
|
|
195
|
+
*
|
|
196
|
+
* Returns user information if authenticated, null otherwise.
|
|
197
|
+
* Does not redirect or throw errors.
|
|
198
|
+
*
|
|
199
|
+
* @param request - Remix request object
|
|
200
|
+
* @param storage - Optional custom session storage
|
|
201
|
+
* @returns Session user or null
|
|
202
|
+
*
|
|
203
|
+
* @example
|
|
204
|
+
* ```typescript
|
|
205
|
+
* export async function loader({ request }: LoaderFunctionArgs) {
|
|
206
|
+
* const user = await getOptionalUser(request);
|
|
207
|
+
* return json({ isLoggedIn: !!user, user });
|
|
208
|
+
* }
|
|
209
|
+
* ```
|
|
210
|
+
*/
|
|
211
|
+
async function getOptionalUser(request, storage) {
|
|
212
|
+
const session = await getSession(request, storage);
|
|
213
|
+
const userId = session.get('userId');
|
|
214
|
+
if (!userId) {
|
|
215
|
+
return null;
|
|
216
|
+
}
|
|
217
|
+
return {
|
|
218
|
+
userId,
|
|
219
|
+
email: session.get('email') ?? '',
|
|
220
|
+
groups: session.get('groups') ?? [],
|
|
221
|
+
};
|
|
222
|
+
}
|
|
223
|
+
/**
|
|
224
|
+
* Gets full session data including tokens.
|
|
225
|
+
*
|
|
226
|
+
* Use this when you need access to the tokens, e.g., for API calls.
|
|
227
|
+
*
|
|
228
|
+
* @param request - Remix request object
|
|
229
|
+
* @param storage - Optional custom session storage
|
|
230
|
+
* @returns Full session data or null
|
|
231
|
+
*
|
|
232
|
+
* @example
|
|
233
|
+
* ```typescript
|
|
234
|
+
* export async function loader({ request }: LoaderFunctionArgs) {
|
|
235
|
+
* const sessionData = await getUserSession(request);
|
|
236
|
+
* if (sessionData) {
|
|
237
|
+
* // Use accessToken for API call
|
|
238
|
+
* const response = await fetch('/api/data', {
|
|
239
|
+
* headers: { Authorization: `Bearer ${sessionData.accessToken}` },
|
|
240
|
+
* });
|
|
241
|
+
* }
|
|
242
|
+
* }
|
|
243
|
+
* ```
|
|
244
|
+
*/
|
|
245
|
+
async function getUserSession(request, storage) {
|
|
246
|
+
const session = await getSession(request, storage);
|
|
247
|
+
const userId = session.get('userId');
|
|
248
|
+
if (!userId) {
|
|
249
|
+
return null;
|
|
250
|
+
}
|
|
251
|
+
return {
|
|
252
|
+
accessToken: session.get('accessToken'),
|
|
253
|
+
idToken: session.get('idToken'),
|
|
254
|
+
refreshToken: session.get('refreshToken'),
|
|
255
|
+
expiresAt: session.get('expiresAt'),
|
|
256
|
+
userId,
|
|
257
|
+
email: session.get('email') ?? '',
|
|
258
|
+
groups: session.get('groups') ?? [],
|
|
259
|
+
};
|
|
260
|
+
}
|
|
261
|
+
/**
|
|
262
|
+
* Logs out the user and redirects to the login page.
|
|
263
|
+
*
|
|
264
|
+
* Destroys the session cookie.
|
|
265
|
+
*
|
|
266
|
+
* @param request - Remix request object
|
|
267
|
+
* @param redirectTo - URL to redirect after logout (default: '/login')
|
|
268
|
+
* @param storage - Optional custom session storage
|
|
269
|
+
* @returns Redirect response with destroyed session
|
|
270
|
+
*
|
|
271
|
+
* @example
|
|
272
|
+
* ```typescript
|
|
273
|
+
* export async function action({ request }: ActionFunctionArgs) {
|
|
274
|
+
* return logout(request);
|
|
275
|
+
* }
|
|
276
|
+
* ```
|
|
277
|
+
*/
|
|
278
|
+
async function logout(request, redirectTo = '/login', storage) {
|
|
279
|
+
const sessionStorage = storage ?? getDefaultStorage();
|
|
280
|
+
const session = await getSession(request, storage);
|
|
281
|
+
return (0, node_1.redirect)(redirectTo, {
|
|
282
|
+
headers: {
|
|
283
|
+
'Set-Cookie': await sessionStorage.destroySession(session),
|
|
284
|
+
},
|
|
285
|
+
});
|
|
286
|
+
}
|
|
287
|
+
//# sourceMappingURL=session.server.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"session.server.js","sourceRoot":"","sources":["../../src/remix/session.server.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;AAsCH,oDAcC;AAoBD,kDAEC;AAiBD,gCAGC;AAuCD,8CAyBC;AAuBD,kCAqBC;AAoBD,0CAgBC;AAwBD,wCAoBC;AAmBD,wBAaC;AAxTD,0CAAuE;AAIvE;;;GAGG;AACH,IAAI,qBAAqB,GAA0B,IAAI,CAAC;AAExD;;GAEG;AACH,MAAM,aAAa,GAAG;IACpB,IAAI,EAAE,eAAe;IACrB,QAAQ,EAAE,IAAI;IACd,MAAM,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,SAAS;IACnC,IAAI,EAAE,GAAG;IACT,QAAQ,EAAE,KAAc;CACzB,CAAC;AAEF;;;;;;;;;;;;;;GAcG;AACH,SAAgB,oBAAoB,CAAC,MAAe;IAClD,MAAM,aAAa,GAAG,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;IAE3D,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IAED,OAAO,IAAA,iCAA0B,EAAC;QAChC,MAAM,EAAE;YACN,GAAG,aAAa;YAChB,OAAO,EAAE,CAAC,aAAa,CAAC;YACxB,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;SAC9C;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,SAAS,iBAAiB;IACxB,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAC3B,qBAAqB,GAAG,oBAAoB,EAAE,CAAC;IACjD,CAAC;IACD,OAAO,qBAAqB,CAAC;AAC/B,CAAC;AAED;;;;GAIG;AACH,SAAgB,mBAAmB;IACjC,qBAAqB,GAAG,IAAI,CAAC;AAC/B,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACI,KAAK,UAAU,UAAU,CAAC,OAAgB,EAAE,OAAwB;IACzE,MAAM,cAAc,GAAG,OAAO,IAAI,iBAAiB,EAAE,CAAC;IACtD,OAAO,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC;AAClE,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,kBAAkB,CAAC,KAAa;IACvC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACjE,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACI,KAAK,UAAU,iBAAiB,CACrC,MAAkB,EAClB,UAAkB,EAClB,OAAwB;IAExB,MAAM,cAAc,GAAG,OAAO,IAAI,iBAAiB,EAAE,CAAC;IACtD,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,UAAU,EAAE,CAAC;IAElD,mCAAmC;IACnC,MAAM,OAAO,GAAG,kBAAkB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAEnD,wCAAwC;IACxC,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IACjD,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAa,CAAC,CAAC;IAC7C,OAAO,CAAC,GAAG,CAAC,OAAO,EAAG,OAAO,CAAC,KAAgB,IAAI,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAG,OAAO,CAAC,gBAAgB,CAAc,IAAI,EAAE,CAAC,CAAC;IAErE,OAAO,IAAA,eAAQ,EAAC,UAAU,EAAE;QAC1B,OAAO,EAAE;YACP,YAAY,EAAE,MAAM,cAAc,CAAC,aAAa,CAAC,OAAO,CAAC;SAC1D;KACF,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACI,KAAK,UAAU,WAAW,CAC/B,OAAgB,EAChB,UAAU,GAAG,QAAQ,EACrB,OAAwB;IAExB,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAuB,CAAC;IAE3D,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAA,eAAQ,EAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;IAED,qDAAqD;IACrD,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,CAAuB,CAAC;IACjE,IAAI,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;QACxD,yBAAyB;QACzB,sDAAsD;QACtD,mEAAmE;IACrE,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACI,KAAK,UAAU,eAAe,CACnC,OAAgB,EAChB,OAAwB;IAExB,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAuB,CAAC;IAE3D,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO;QACL,MAAM;QACN,KAAK,EAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAY,IAAI,EAAE;QAC7C,MAAM,EAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAc,IAAI,EAAE;KAClD,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACI,KAAK,UAAU,cAAc,CAClC,OAAgB,EAChB,OAAwB;IAExB,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAuB,CAAC;IAE3D,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO;QACL,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,aAAa,CAAW;QACjD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,CAAW;QACzC,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAW;QACnD,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,WAAW,CAAW;QAC7C,MAAM;QACN,KAAK,EAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAY,IAAI,EAAE;QAC7C,MAAM,EAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAc,IAAI,EAAE;KAClD,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACI,KAAK,UAAU,MAAM,CAC1B,OAAgB,EAChB,UAAU,GAAG,QAAQ,EACrB,OAAwB;IAExB,MAAM,cAAc,GAAG,OAAO,IAAI,iBAAiB,EAAE,CAAC;IACtD,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAEnD,OAAO,IAAA,eAAQ,EAAC,UAAU,EAAE;QAC1B,OAAO,EAAE;YACP,YAAY,EAAE,MAAM,cAAc,CAAC,cAAc,CAAC,OAAO,CAAC;SAC3D;KACF,CAAC,CAAC;AACL,CAAC"}
|
package/lib/types.d.ts
ADDED
|
@@ -0,0 +1,161 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Type definitions for cognito-auth middleware and utilities.
|
|
3
|
+
*
|
|
4
|
+
* @packageDocumentation
|
|
5
|
+
*/
|
|
6
|
+
/**
|
|
7
|
+
* Cognito JWT payload structure from access token.
|
|
8
|
+
*/
|
|
9
|
+
export interface CognitoAccessTokenPayload {
|
|
10
|
+
/** User's unique identifier */
|
|
11
|
+
sub: string;
|
|
12
|
+
/** Cognito groups the user belongs to */
|
|
13
|
+
'cognito:groups'?: string[];
|
|
14
|
+
/** Token use type */
|
|
15
|
+
token_use: 'access';
|
|
16
|
+
/** Token scopes */
|
|
17
|
+
scope?: string;
|
|
18
|
+
/** Issuer URL */
|
|
19
|
+
iss: string;
|
|
20
|
+
/** Expiration timestamp */
|
|
21
|
+
exp: number;
|
|
22
|
+
/** Issued at timestamp */
|
|
23
|
+
iat: number;
|
|
24
|
+
/** Client ID */
|
|
25
|
+
client_id: string;
|
|
26
|
+
/** Username */
|
|
27
|
+
username: string;
|
|
28
|
+
}
|
|
29
|
+
/**
|
|
30
|
+
* Cognito JWT payload structure from ID token.
|
|
31
|
+
*/
|
|
32
|
+
export interface CognitoIdTokenPayload {
|
|
33
|
+
/** User's unique identifier */
|
|
34
|
+
sub: string;
|
|
35
|
+
/** User's email address */
|
|
36
|
+
email?: string;
|
|
37
|
+
/** Whether email is verified */
|
|
38
|
+
email_verified?: boolean;
|
|
39
|
+
/** Cognito groups the user belongs to */
|
|
40
|
+
'cognito:groups'?: string[];
|
|
41
|
+
/** Cognito username */
|
|
42
|
+
'cognito:username'?: string;
|
|
43
|
+
/** Token use type */
|
|
44
|
+
token_use: 'id';
|
|
45
|
+
/** Issuer URL */
|
|
46
|
+
iss: string;
|
|
47
|
+
/** Expiration timestamp */
|
|
48
|
+
exp: number;
|
|
49
|
+
/** Issued at timestamp */
|
|
50
|
+
iat: number;
|
|
51
|
+
/** Audience (client ID) */
|
|
52
|
+
aud: string;
|
|
53
|
+
}
|
|
54
|
+
/**
|
|
55
|
+
* Configuration for JWT verification.
|
|
56
|
+
*/
|
|
57
|
+
export interface JwtVerifierConfig {
|
|
58
|
+
/** Cognito User Pool ID */
|
|
59
|
+
userPoolId: string;
|
|
60
|
+
/** Cognito Client ID */
|
|
61
|
+
clientId: string;
|
|
62
|
+
/** Token type to verify */
|
|
63
|
+
tokenUse?: 'access' | 'id';
|
|
64
|
+
}
|
|
65
|
+
/**
|
|
66
|
+
* Configuration options for the auth middleware.
|
|
67
|
+
*/
|
|
68
|
+
export interface CognitoAuthOptions {
|
|
69
|
+
/** Cognito User Pool ID (defaults to COGNITO_USER_POOL_ID env var) */
|
|
70
|
+
userPoolId?: string;
|
|
71
|
+
/** Cognito Client ID (defaults to COGNITO_CLIENT_ID env var) */
|
|
72
|
+
clientId?: string;
|
|
73
|
+
/** Required roles (Cognito groups). User must have at least one. */
|
|
74
|
+
roles?: string[];
|
|
75
|
+
/** Paths to skip authentication for */
|
|
76
|
+
skipPaths?: string[];
|
|
77
|
+
/** Token type to verify */
|
|
78
|
+
tokenUse?: 'access' | 'id';
|
|
79
|
+
}
|
|
80
|
+
/**
|
|
81
|
+
* Result of successful token verification.
|
|
82
|
+
*/
|
|
83
|
+
export interface TokenVerificationResult {
|
|
84
|
+
/** User ID (sub claim) */
|
|
85
|
+
userId: string;
|
|
86
|
+
/** User email (from ID token or access token if present) */
|
|
87
|
+
email?: string;
|
|
88
|
+
/** User's Cognito groups */
|
|
89
|
+
groups: string[];
|
|
90
|
+
/** Raw token payload */
|
|
91
|
+
payload: CognitoAccessTokenPayload | CognitoIdTokenPayload;
|
|
92
|
+
}
|
|
93
|
+
/**
|
|
94
|
+
* Configuration for FndAuthClient.
|
|
95
|
+
*/
|
|
96
|
+
export interface AuthClientConfig {
|
|
97
|
+
/** Cognito User Pool ID */
|
|
98
|
+
userPoolId: string;
|
|
99
|
+
/** Cognito Client ID */
|
|
100
|
+
clientId: string;
|
|
101
|
+
/** AWS region (defaults to AWS_REGION env var) */
|
|
102
|
+
region?: string;
|
|
103
|
+
}
|
|
104
|
+
/**
|
|
105
|
+
* Authentication tokens returned from Cognito.
|
|
106
|
+
*/
|
|
107
|
+
export interface AuthTokens {
|
|
108
|
+
/** JWT access token */
|
|
109
|
+
accessToken: string;
|
|
110
|
+
/** JWT ID token */
|
|
111
|
+
idToken: string;
|
|
112
|
+
/** Refresh token for obtaining new tokens */
|
|
113
|
+
refreshToken: string;
|
|
114
|
+
/** Token expiration in seconds */
|
|
115
|
+
expiresIn: number;
|
|
116
|
+
}
|
|
117
|
+
/**
|
|
118
|
+
* Result of sign-up operation.
|
|
119
|
+
*/
|
|
120
|
+
export interface SignUpResult {
|
|
121
|
+
/** Whether user confirmation is required */
|
|
122
|
+
userConfirmed: boolean;
|
|
123
|
+
/** Delivery details for confirmation code (if applicable) */
|
|
124
|
+
codeDeliveryDetails?: {
|
|
125
|
+
/** Destination (masked email/phone) */
|
|
126
|
+
destination?: string;
|
|
127
|
+
/** Delivery medium */
|
|
128
|
+
deliveryMedium?: 'EMAIL' | 'SMS';
|
|
129
|
+
};
|
|
130
|
+
}
|
|
131
|
+
/**
|
|
132
|
+
* Session data stored in cookies.
|
|
133
|
+
*/
|
|
134
|
+
export interface SessionData {
|
|
135
|
+
/** JWT access token */
|
|
136
|
+
accessToken: string;
|
|
137
|
+
/** JWT ID token */
|
|
138
|
+
idToken: string;
|
|
139
|
+
/** Refresh token */
|
|
140
|
+
refreshToken: string;
|
|
141
|
+
/** Expiration timestamp (ms since epoch) */
|
|
142
|
+
expiresAt: number;
|
|
143
|
+
/** User ID (sub claim) */
|
|
144
|
+
userId: string;
|
|
145
|
+
/** User email */
|
|
146
|
+
email: string;
|
|
147
|
+
/** User's Cognito groups */
|
|
148
|
+
groups: string[];
|
|
149
|
+
}
|
|
150
|
+
/**
|
|
151
|
+
* User information extracted from session.
|
|
152
|
+
*/
|
|
153
|
+
export interface SessionUser {
|
|
154
|
+
/** User ID */
|
|
155
|
+
userId: string;
|
|
156
|
+
/** User email */
|
|
157
|
+
email: string;
|
|
158
|
+
/** User's groups/roles */
|
|
159
|
+
groups: string[];
|
|
160
|
+
}
|
|
161
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,+BAA+B;IAC/B,GAAG,EAAE,MAAM,CAAC;IACZ,yCAAyC;IACzC,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,qBAAqB;IACrB,SAAS,EAAE,QAAQ,CAAC;IACpB,mBAAmB;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,iBAAiB;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,2BAA2B;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,0BAA0B;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,gBAAgB;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe;IACf,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,+BAA+B;IAC/B,GAAG,EAAE,MAAM,CAAC;IACZ,2BAA2B;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gCAAgC;IAChC,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,yCAAyC;IACzC,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,uBAAuB;IACvB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,qBAAqB;IACrB,SAAS,EAAE,IAAI,CAAC;IAChB,iBAAiB;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,2BAA2B;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,0BAA0B;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,2BAA2B;IAC3B,GAAG,EAAE,MAAM,CAAC;CACb;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,2BAA2B;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,wBAAwB;IACxB,QAAQ,EAAE,MAAM,CAAC;IACjB,2BAA2B;IAC3B,QAAQ,CAAC,EAAE,QAAQ,GAAG,IAAI,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,sEAAsE;IACtE,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,gEAAgE;IAChE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,oEAAoE;IACpE,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,uCAAuC;IACvC,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,2BAA2B;IAC3B,QAAQ,CAAC,EAAE,QAAQ,GAAG,IAAI,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,0BAA0B;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,4DAA4D;IAC5D,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,4BAA4B;IAC5B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,wBAAwB;IACxB,OAAO,EAAE,yBAAyB,GAAG,qBAAqB,CAAC;CAC5D;AAID;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,2BAA2B;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,wBAAwB;IACxB,QAAQ,EAAE,MAAM,CAAC;IACjB,kDAAkD;IAClD,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,uBAAuB;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,mBAAmB;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,6CAA6C;IAC7C,YAAY,EAAE,MAAM,CAAC;IACrB,kCAAkC;IAClC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,4CAA4C;IAC5C,aAAa,EAAE,OAAO,CAAC;IACvB,6DAA6D;IAC7D,mBAAmB,CAAC,EAAE;QACpB,uCAAuC;QACvC,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,sBAAsB;QACtB,cAAc,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC;KAClC,CAAC;CACH;AAID;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,uBAAuB;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,mBAAmB;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,oBAAoB;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,4CAA4C;IAC5C,SAAS,EAAE,MAAM,CAAC;IAClB,0BAA0B;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,4BAA4B;IAC5B,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,cAAc;IACd,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,0BAA0B;IAC1B,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB"}
|
package/lib/types.js
ADDED
package/lib/types.js.map
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":";AAAA;;;;GAIG"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EACL,kBAAkB,EAClB,gBAAgB,EAChB,KAAK,kBAAkB,EACvB,KAAK,aAAa,GACnB,MAAM,oBAAoB,CAAC"}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
/**
|
|
3
|
+
* Utility function exports.
|
|
4
|
+
*
|
|
5
|
+
* @packageDocumentation
|
|
6
|
+
*/
|
|
7
|
+
Object.defineProperty(exports, '__esModule', { value: true });
|
|
8
|
+
exports.clearClientCache = exports.refreshAccessToken = void 0;
|
|
9
|
+
var token_refresh_js_1 = require('./token-refresh.js');
|
|
10
|
+
Object.defineProperty(exports, 'refreshAccessToken', {
|
|
11
|
+
enumerable: true,
|
|
12
|
+
get: function () {
|
|
13
|
+
return token_refresh_js_1.refreshAccessToken;
|
|
14
|
+
},
|
|
15
|
+
});
|
|
16
|
+
Object.defineProperty(exports, 'clearClientCache', {
|
|
17
|
+
enumerable: true,
|
|
18
|
+
get: function () {
|
|
19
|
+
return token_refresh_js_1.clearClientCache;
|
|
20
|
+
},
|
|
21
|
+
});
|
|
22
|
+
//# sourceMappingURL=index.js.map
|