@frontegg/nextjs 6.7.3-alpha.3385017971 → 6.7.3-alpha.3417849294

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/helpers.d.ts +14 -1
  2. package/index.cjs.js +95 -40
  3. package/index.esm.js +95 -40
  4. package/package.json +3 -3
package/helpers.d.ts CHANGED
@@ -1,11 +1,24 @@
1
1
  /// <reference types="node" />
2
2
  import { ServerResponse } from 'http';
3
+ import { CookieSerializeOptions } from 'cookie';
3
4
  import { NextPageContext } from 'next/dist/shared/lib/utils';
4
5
  import { FronteggNextJSSession } from './types';
5
6
  export declare function refreshToken(ctx: NextPageContext): Promise<FronteggNextJSSession | null>;
6
- export declare function addToCookies(cookieValue: string, res: ServerResponse): void;
7
+ declare type CreateCookieArguments = {
8
+ cookieName?: string;
9
+ session: string;
10
+ expires: CookieSerializeOptions['expires'];
11
+ isSecured: CookieSerializeOptions['secure'];
12
+ cookieDomain?: CookieSerializeOptions['domain'];
13
+ httpOnly?: CookieSerializeOptions['httpOnly'];
14
+ path?: CookieSerializeOptions['path'];
15
+ };
16
+ export declare function createCookie({ cookieName, session, expires, isSecured, cookieDomain, httpOnly, path }: CreateCookieArguments): string[];
17
+ export declare function parseCookie(cookieStr: string): string | undefined;
18
+ export declare function addToCookies(newCookies: string[], res: ServerResponse): void;
7
19
  export declare function removeCookies(cookieName: string, isSecured: boolean, cookieDomain: string, res: ServerResponse): void;
8
20
  export declare function compress(input: string): Promise<string>;
9
21
  export declare function uncompress(input: string): Promise<string>;
10
22
  export declare function createSessionFromAccessToken(output: string): Promise<[string, any] | []>;
11
23
  export declare const modifySetCookieIfUnsecure: (setCookieValue: string[] | undefined, isSecured: boolean) => string[] | undefined;
24
+ export {};
package/index.cjs.js CHANGED
@@ -1375,7 +1375,7 @@ function getSession(req) {
1375
1375
  case 0:
1376
1376
  _context.prev = 0;
1377
1377
  cookieStr = "credentials" in req ? req.headers.get("cookie") || "" : req.headers.cookie || "";
1378
- sealFromCookies = cookie__default["default"].parse(cookieStr)[fronteggConfig.cookieName];
1378
+ sealFromCookies = parseCookie(cookieStr);
1379
1379
 
1380
1380
  if (sealFromCookies) {
1381
1381
  _context.next = 5;
@@ -1519,7 +1519,7 @@ function refreshToken(ctx) {
1519
1519
  var _a;
1520
1520
 
1521
1521
  return __awaiter(this, void 0, void 0, /*#__PURE__*/regenerator.mark(function _callee() {
1522
- var request, session, headers, cookies, refreshTokenKey, cookieKey, response, data, rewriteCookieDomainConfig, cookieHeader, newSetCookie, _yield$createSessionF, _yield$createSessionF2, _session, decodedJwt, isSecured, cookieValue;
1522
+ var request, session, headers, cookies, refreshTokenKey, cookieKey, response, _newSetCookie, data, rewriteCookieDomainConfig, cookieHeader, newSetCookie, _yield$createSessionF, _yield$createSessionF2, _session, decodedJwt, isSecured, cookieValue;
1523
1523
 
1524
1524
  return regenerator.wrap(function _callee$(_context) {
1525
1525
  while (1) {
@@ -1567,7 +1567,7 @@ function refreshToken(ctx) {
1567
1567
  });
1568
1568
 
1569
1569
  if (!cookieKey) {
1570
- _context.next = 46;
1570
+ _context.next = 45;
1571
1571
  break;
1572
1572
  }
1573
1573
 
@@ -1591,7 +1591,7 @@ function refreshToken(ctx) {
1591
1591
  response = _context.sent;
1592
1592
 
1593
1593
  if (!response.ok) {
1594
- _context.next = 46;
1594
+ _context.next = 45;
1595
1595
  break;
1596
1596
  }
1597
1597
 
@@ -1622,48 +1622,112 @@ function refreshToken(ctx) {
1622
1622
 
1623
1623
  case 37:
1624
1624
  isSecured = new URL(fronteggConfig.appUrl).protocol === 'https:';
1625
- cookieValue = cookie__default["default"].serialize(fronteggConfig.cookieName, _session, {
1625
+ cookieValue = createCookie({
1626
+ session: _session,
1626
1627
  expires: new Date(decodedJwt.exp * 1000),
1627
- httpOnly: true,
1628
- domain: fronteggConfig.cookieDomain,
1629
- path: '/',
1630
- sameSite: isSecured ? 'none' : undefined,
1631
- secure: isSecured
1628
+ isSecured: isSecured
1632
1629
  });
1633
1630
 
1634
- if (cookieValue.length > 4096) {
1635
- console.error("@frontegg/nextjs: Cookie length is too big ".concat(cookieValue.length, ", browsers will refuse it. Try to remove some data."));
1636
- }
1637
-
1638
1631
  if (typeof newSetCookie === 'string') {
1639
1632
  newSetCookie = [newSetCookie];
1640
1633
  }
1641
1634
 
1642
- newSetCookie.push(cookieValue);
1635
+ (_newSetCookie = newSetCookie).push.apply(_newSetCookie, _toConsumableArray(cookieValue));
1636
+
1643
1637
  (_a = ctx.res) === null || _a === void 0 ? void 0 : _a.setHeader('set-cookie', newSetCookie);
1644
1638
  return _context.abrupt("return", {
1645
1639
  accessToken: JSON.parse(data).accessToken,
1646
1640
  user: decodedJwt
1647
1641
  });
1648
1642
 
1649
- case 46:
1643
+ case 45:
1650
1644
  return _context.abrupt("return", null);
1651
1645
 
1652
- case 49:
1653
- _context.prev = 49;
1646
+ case 48:
1647
+ _context.prev = 48;
1654
1648
  _context.t1 = _context["catch"](0);
1655
1649
  console.log(_context.t1);
1656
1650
  return _context.abrupt("return", null);
1657
1651
 
1658
- case 53:
1652
+ case 52:
1659
1653
  case "end":
1660
1654
  return _context.stop();
1661
1655
  }
1662
1656
  }
1663
- }, _callee, null, [[0, 49], [4, 12]]);
1657
+ }, _callee, null, [[0, 48], [4, 12]]);
1664
1658
  }));
1665
1659
  }
1666
- function addToCookies(cookieValue, res) {
1660
+ var COOKIE_MAX_LENGTH = 4096;
1661
+ function createCookie(_ref) {
1662
+ var _ref$cookieName = _ref.cookieName,
1663
+ cookieName = _ref$cookieName === void 0 ? fronteggConfig.cookieName : _ref$cookieName,
1664
+ session = _ref.session,
1665
+ expires = _ref.expires,
1666
+ isSecured = _ref.isSecured,
1667
+ _ref$cookieDomain = _ref.cookieDomain,
1668
+ cookieDomain = _ref$cookieDomain === void 0 ? fronteggConfig.cookieDomain : _ref$cookieDomain,
1669
+ _ref$httpOnly = _ref.httpOnly,
1670
+ httpOnly = _ref$httpOnly === void 0 ? true : _ref$httpOnly,
1671
+ _ref$path = _ref.path,
1672
+ path = _ref$path === void 0 ? '/' : _ref$path;
1673
+ var options = {
1674
+ expires: expires,
1675
+ httpOnly: httpOnly,
1676
+ domain: cookieDomain,
1677
+ path: path,
1678
+ sameSite: isSecured ? 'none' : undefined,
1679
+ secure: isSecured
1680
+ };
1681
+ var cookieValue = cookie__default["default"].serialize(cookieName, session, options);
1682
+
1683
+ if (cookieValue.length < COOKIE_MAX_LENGTH) {
1684
+ return [cookieValue];
1685
+ }
1686
+
1687
+ return createSplitCookie(cookieName, session, options, cookieValue.length);
1688
+ }
1689
+
1690
+ function createSplitCookie(cookieName, session, options, cookieLength) {
1691
+ var numberOfCookies = Math.ceil(cookieLength / COOKIE_MAX_LENGTH);
1692
+ var splitSession = chunkString(session, numberOfCookies);
1693
+ var allCookies = [];
1694
+
1695
+ for (var i = 1; i <= numberOfCookies; i++) {
1696
+ allCookies.push(cookie__default["default"].serialize("".concat(cookieName, "-").concat(i), splitSession[i - 1], options));
1697
+ }
1698
+
1699
+ return allCookies;
1700
+ }
1701
+
1702
+ function chunkString(str, numChunks) {
1703
+ var chunkSize = Math.ceil(str.length / numChunks);
1704
+ var chunks = [];
1705
+
1706
+ for (var i = 0; i < numChunks; i + chunkSize) {
1707
+ var limit = i + chunkSize;
1708
+ chunks.push(str.substring(i, limit < str.length ? limit : str.length));
1709
+ }
1710
+
1711
+ return chunks;
1712
+ }
1713
+
1714
+ function parseCookie(cookieStr) {
1715
+ var sealFromCookies = '';
1716
+
1717
+ if (cookie__default["default"].parse(cookieStr)[fronteggConfig.cookieName]) {
1718
+ sealFromCookies = cookie__default["default"].parse(cookieStr)[fronteggConfig.cookieName];
1719
+ } else {
1720
+ var i = 1;
1721
+
1722
+ while (cookie__default["default"].parse(cookieStr)["".concat(fronteggConfig.cookieName, "-").concat(i)]) {
1723
+ sealFromCookies += cookie__default["default"].parse(cookieStr)["".concat(fronteggConfig.cookieName, "-").concat(i)];
1724
+ i++;
1725
+ }
1726
+ }
1727
+
1728
+ return sealFromCookies !== '' ? sealFromCookies : undefined;
1729
+ }
1730
+ function addToCookies(newCookies, res) {
1667
1731
  var _a;
1668
1732
 
1669
1733
  var existingSetCookie = (_a = res.getHeader('set-cookie')) !== null && _a !== void 0 ? _a : [];
@@ -1672,18 +1736,17 @@ function addToCookies(cookieValue, res) {
1672
1736
  existingSetCookie = [existingSetCookie];
1673
1737
  }
1674
1738
 
1675
- res.setHeader('set-cookie', [].concat(_toConsumableArray(existingSetCookie), [cookieValue]));
1739
+ res.setHeader('set-cookie', [].concat(_toConsumableArray(existingSetCookie), _toConsumableArray(newCookies)));
1676
1740
  }
1677
1741
  function removeCookies(cookieName, isSecured, cookieDomain, res) {
1678
1742
  var _a;
1679
1743
 
1680
- var cookieValue = cookie__default["default"].serialize(cookieName, '', {
1744
+ var cookieValue = createCookie({
1745
+ cookieName: cookieName,
1746
+ session: '',
1681
1747
  expires: new Date(),
1682
- httpOnly: true,
1683
- domain: cookieDomain,
1684
- path: '/',
1685
- sameSite: isSecured ? 'none' : undefined,
1686
- secure: isSecured
1748
+ isSecured: isSecured,
1749
+ cookieDomain: cookieDomain
1687
1750
  });
1688
1751
  var existingSetCookie = (_a = res.getHeader('set-cookie')) !== null && _a !== void 0 ? _a : [];
1689
1752
 
@@ -1691,7 +1754,7 @@ function removeCookies(cookieName, isSecured, cookieDomain, res) {
1691
1754
  existingSetCookie = [existingSetCookie];
1692
1755
  }
1693
1756
 
1694
- res.setHeader('set-cookie', [].concat(_toConsumableArray(existingSetCookie), [cookieValue]));
1757
+ res.setHeader('set-cookie', [].concat(_toConsumableArray(existingSetCookie), _toConsumableArray(cookieValue)));
1695
1758
  }
1696
1759
  function compress(input) {
1697
1760
  return new Promise(function (resolve, reject) {
@@ -2093,19 +2156,11 @@ function fronteggMiddleware(req, res) {
2093
2156
  decodedJwt = _yield$createSessionF2[1];
2094
2157
 
2095
2158
  if (session) {
2096
- cookieValue = cookie__default["default"].serialize(fronteggConfig.cookieName, session, {
2159
+ cookieValue = createCookie({
2160
+ session: session,
2097
2161
  expires: new Date(decodedJwt.exp * 1000),
2098
- httpOnly: true,
2099
- domain: fronteggConfig.cookieDomain,
2100
- path: '/',
2101
- sameSite: isSecured ? 'none' : undefined,
2102
- secure: isSecured
2162
+ isSecured: isSecured
2103
2163
  });
2104
-
2105
- if (cookieValue.length > 4096) {
2106
- console.error("@frontegg/nextjs: Cookie length is too big ".concat(cookieValue.length, ", browsers will refuse it. Try to remove some data."));
2107
- }
2108
-
2109
2164
  addToCookies(cookieValue, serverResponse);
2110
2165
  }
2111
2166
 
package/index.esm.js CHANGED
@@ -1349,7 +1349,7 @@ function getSession(req) {
1349
1349
  case 0:
1350
1350
  _context.prev = 0;
1351
1351
  cookieStr = "credentials" in req ? req.headers.get("cookie") || "" : req.headers.cookie || "";
1352
- sealFromCookies = cookie.parse(cookieStr)[fronteggConfig.cookieName];
1352
+ sealFromCookies = parseCookie(cookieStr);
1353
1353
 
1354
1354
  if (sealFromCookies) {
1355
1355
  _context.next = 5;
@@ -1493,7 +1493,7 @@ function refreshToken(ctx) {
1493
1493
  var _a;
1494
1494
 
1495
1495
  return __awaiter(this, void 0, void 0, /*#__PURE__*/regenerator.mark(function _callee() {
1496
- var request, session, headers, cookies, refreshTokenKey, cookieKey, response, data, rewriteCookieDomainConfig, cookieHeader, newSetCookie, _yield$createSessionF, _yield$createSessionF2, _session, decodedJwt, isSecured, cookieValue;
1496
+ var request, session, headers, cookies, refreshTokenKey, cookieKey, response, _newSetCookie, data, rewriteCookieDomainConfig, cookieHeader, newSetCookie, _yield$createSessionF, _yield$createSessionF2, _session, decodedJwt, isSecured, cookieValue;
1497
1497
 
1498
1498
  return regenerator.wrap(function _callee$(_context) {
1499
1499
  while (1) {
@@ -1541,7 +1541,7 @@ function refreshToken(ctx) {
1541
1541
  });
1542
1542
 
1543
1543
  if (!cookieKey) {
1544
- _context.next = 46;
1544
+ _context.next = 45;
1545
1545
  break;
1546
1546
  }
1547
1547
 
@@ -1565,7 +1565,7 @@ function refreshToken(ctx) {
1565
1565
  response = _context.sent;
1566
1566
 
1567
1567
  if (!response.ok) {
1568
- _context.next = 46;
1568
+ _context.next = 45;
1569
1569
  break;
1570
1570
  }
1571
1571
 
@@ -1596,48 +1596,112 @@ function refreshToken(ctx) {
1596
1596
 
1597
1597
  case 37:
1598
1598
  isSecured = new URL(fronteggConfig.appUrl).protocol === 'https:';
1599
- cookieValue = cookie.serialize(fronteggConfig.cookieName, _session, {
1599
+ cookieValue = createCookie({
1600
+ session: _session,
1600
1601
  expires: new Date(decodedJwt.exp * 1000),
1601
- httpOnly: true,
1602
- domain: fronteggConfig.cookieDomain,
1603
- path: '/',
1604
- sameSite: isSecured ? 'none' : undefined,
1605
- secure: isSecured
1602
+ isSecured: isSecured
1606
1603
  });
1607
1604
 
1608
- if (cookieValue.length > 4096) {
1609
- console.error("@frontegg/nextjs: Cookie length is too big ".concat(cookieValue.length, ", browsers will refuse it. Try to remove some data."));
1610
- }
1611
-
1612
1605
  if (typeof newSetCookie === 'string') {
1613
1606
  newSetCookie = [newSetCookie];
1614
1607
  }
1615
1608
 
1616
- newSetCookie.push(cookieValue);
1609
+ (_newSetCookie = newSetCookie).push.apply(_newSetCookie, _toConsumableArray(cookieValue));
1610
+
1617
1611
  (_a = ctx.res) === null || _a === void 0 ? void 0 : _a.setHeader('set-cookie', newSetCookie);
1618
1612
  return _context.abrupt("return", {
1619
1613
  accessToken: JSON.parse(data).accessToken,
1620
1614
  user: decodedJwt
1621
1615
  });
1622
1616
 
1623
- case 46:
1617
+ case 45:
1624
1618
  return _context.abrupt("return", null);
1625
1619
 
1626
- case 49:
1627
- _context.prev = 49;
1620
+ case 48:
1621
+ _context.prev = 48;
1628
1622
  _context.t1 = _context["catch"](0);
1629
1623
  console.log(_context.t1);
1630
1624
  return _context.abrupt("return", null);
1631
1625
 
1632
- case 53:
1626
+ case 52:
1633
1627
  case "end":
1634
1628
  return _context.stop();
1635
1629
  }
1636
1630
  }
1637
- }, _callee, null, [[0, 49], [4, 12]]);
1631
+ }, _callee, null, [[0, 48], [4, 12]]);
1638
1632
  }));
1639
1633
  }
1640
- function addToCookies(cookieValue, res) {
1634
+ var COOKIE_MAX_LENGTH = 4096;
1635
+ function createCookie(_ref) {
1636
+ var _ref$cookieName = _ref.cookieName,
1637
+ cookieName = _ref$cookieName === void 0 ? fronteggConfig.cookieName : _ref$cookieName,
1638
+ session = _ref.session,
1639
+ expires = _ref.expires,
1640
+ isSecured = _ref.isSecured,
1641
+ _ref$cookieDomain = _ref.cookieDomain,
1642
+ cookieDomain = _ref$cookieDomain === void 0 ? fronteggConfig.cookieDomain : _ref$cookieDomain,
1643
+ _ref$httpOnly = _ref.httpOnly,
1644
+ httpOnly = _ref$httpOnly === void 0 ? true : _ref$httpOnly,
1645
+ _ref$path = _ref.path,
1646
+ path = _ref$path === void 0 ? '/' : _ref$path;
1647
+ var options = {
1648
+ expires: expires,
1649
+ httpOnly: httpOnly,
1650
+ domain: cookieDomain,
1651
+ path: path,
1652
+ sameSite: isSecured ? 'none' : undefined,
1653
+ secure: isSecured
1654
+ };
1655
+ var cookieValue = cookie.serialize(cookieName, session, options);
1656
+
1657
+ if (cookieValue.length < COOKIE_MAX_LENGTH) {
1658
+ return [cookieValue];
1659
+ }
1660
+
1661
+ return createSplitCookie(cookieName, session, options, cookieValue.length);
1662
+ }
1663
+
1664
+ function createSplitCookie(cookieName, session, options, cookieLength) {
1665
+ var numberOfCookies = Math.ceil(cookieLength / COOKIE_MAX_LENGTH);
1666
+ var splitSession = chunkString(session, numberOfCookies);
1667
+ var allCookies = [];
1668
+
1669
+ for (var i = 1; i <= numberOfCookies; i++) {
1670
+ allCookies.push(cookie.serialize("".concat(cookieName, "-").concat(i), splitSession[i - 1], options));
1671
+ }
1672
+
1673
+ return allCookies;
1674
+ }
1675
+
1676
+ function chunkString(str, numChunks) {
1677
+ var chunkSize = Math.ceil(str.length / numChunks);
1678
+ var chunks = [];
1679
+
1680
+ for (var i = 0; i < numChunks; i + chunkSize) {
1681
+ var limit = i + chunkSize;
1682
+ chunks.push(str.substring(i, limit < str.length ? limit : str.length));
1683
+ }
1684
+
1685
+ return chunks;
1686
+ }
1687
+
1688
+ function parseCookie(cookieStr) {
1689
+ var sealFromCookies = '';
1690
+
1691
+ if (cookie.parse(cookieStr)[fronteggConfig.cookieName]) {
1692
+ sealFromCookies = cookie.parse(cookieStr)[fronteggConfig.cookieName];
1693
+ } else {
1694
+ var i = 1;
1695
+
1696
+ while (cookie.parse(cookieStr)["".concat(fronteggConfig.cookieName, "-").concat(i)]) {
1697
+ sealFromCookies += cookie.parse(cookieStr)["".concat(fronteggConfig.cookieName, "-").concat(i)];
1698
+ i++;
1699
+ }
1700
+ }
1701
+
1702
+ return sealFromCookies !== '' ? sealFromCookies : undefined;
1703
+ }
1704
+ function addToCookies(newCookies, res) {
1641
1705
  var _a;
1642
1706
 
1643
1707
  var existingSetCookie = (_a = res.getHeader('set-cookie')) !== null && _a !== void 0 ? _a : [];
@@ -1646,18 +1710,17 @@ function addToCookies(cookieValue, res) {
1646
1710
  existingSetCookie = [existingSetCookie];
1647
1711
  }
1648
1712
 
1649
- res.setHeader('set-cookie', [].concat(_toConsumableArray(existingSetCookie), [cookieValue]));
1713
+ res.setHeader('set-cookie', [].concat(_toConsumableArray(existingSetCookie), _toConsumableArray(newCookies)));
1650
1714
  }
1651
1715
  function removeCookies(cookieName, isSecured, cookieDomain, res) {
1652
1716
  var _a;
1653
1717
 
1654
- var cookieValue = cookie.serialize(cookieName, '', {
1718
+ var cookieValue = createCookie({
1719
+ cookieName: cookieName,
1720
+ session: '',
1655
1721
  expires: new Date(),
1656
- httpOnly: true,
1657
- domain: cookieDomain,
1658
- path: '/',
1659
- sameSite: isSecured ? 'none' : undefined,
1660
- secure: isSecured
1722
+ isSecured: isSecured,
1723
+ cookieDomain: cookieDomain
1661
1724
  });
1662
1725
  var existingSetCookie = (_a = res.getHeader('set-cookie')) !== null && _a !== void 0 ? _a : [];
1663
1726
 
@@ -1665,7 +1728,7 @@ function removeCookies(cookieName, isSecured, cookieDomain, res) {
1665
1728
  existingSetCookie = [existingSetCookie];
1666
1729
  }
1667
1730
 
1668
- res.setHeader('set-cookie', [].concat(_toConsumableArray(existingSetCookie), [cookieValue]));
1731
+ res.setHeader('set-cookie', [].concat(_toConsumableArray(existingSetCookie), _toConsumableArray(cookieValue)));
1669
1732
  }
1670
1733
  function compress(input) {
1671
1734
  return new Promise(function (resolve, reject) {
@@ -2067,19 +2130,11 @@ function fronteggMiddleware(req, res) {
2067
2130
  decodedJwt = _yield$createSessionF2[1];
2068
2131
 
2069
2132
  if (session) {
2070
- cookieValue = cookie.serialize(fronteggConfig.cookieName, session, {
2133
+ cookieValue = createCookie({
2134
+ session: session,
2071
2135
  expires: new Date(decodedJwt.exp * 1000),
2072
- httpOnly: true,
2073
- domain: fronteggConfig.cookieDomain,
2074
- path: '/',
2075
- sameSite: isSecured ? 'none' : undefined,
2076
- secure: isSecured
2136
+ isSecured: isSecured
2077
2137
  });
2078
-
2079
- if (cookieValue.length > 4096) {
2080
- console.error("@frontegg/nextjs: Cookie length is too big ".concat(cookieValue.length, ", browsers will refuse it. Try to remove some data."));
2081
- }
2082
-
2083
2138
  addToCookies(cookieValue, serverResponse);
2084
2139
  }
2085
2140
 
package/package.json CHANGED
@@ -1,9 +1,9 @@
1
1
  {
2
2
  "name": "@frontegg/nextjs",
3
- "version": "6.7.3-alpha.3385017971",
3
+ "version": "6.7.3-alpha.3417849294",
4
4
  "dependencies": {
5
- "@frontegg/js": "6.36.0-alpha.4",
6
- "@frontegg/react-hooks": "6.36.0-alpha.4",
5
+ "@frontegg/js": "6.36.0-alpha.5",
6
+ "@frontegg/react-hooks": "6.36.0-alpha.5",
7
7
  "jose": "^4.8.0",
8
8
  "iron-session": "^6.2.1",
9
9
  "http-proxy": "^1.18.1",