@frontegg/nextjs 6.7.8 → 6.7.9-alpha.3757258005

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (60) hide show
  1. package/CHANGELOG.md +6 -0
  2. package/FronteggClientProviderNext13-b55f477b.js +127 -0
  3. package/FronteggClientProviderNext13-b55f477b.js.map +1 -0
  4. package/FronteggConfig-7ae86562.js +123 -0
  5. package/FronteggConfig-7ae86562.js.map +1 -0
  6. package/FronteggProvider.d.ts +3 -12
  7. package/FronteggProviderNoSSR.d.ts +2 -4
  8. package/README.md +56 -4
  9. package/api-70f0e81e.js +58 -0
  10. package/api-70f0e81e.js.map +1 -0
  11. package/client/FronteggAppRouter.d.ts +10 -0
  12. package/client/FronteggClientProviderNext13.d.ts +3 -0
  13. package/client/index.d.ts +2 -0
  14. package/client/index.js +63 -0
  15. package/client/index.js.map +1 -0
  16. package/{FronteggConfig.d.ts → common/FronteggConfig.d.ts} +1 -1
  17. package/{api.d.ts → common/api.d.ts} +0 -0
  18. package/{AppContext.d.ts → common/client/AppContext.d.ts} +0 -0
  19. package/common/client/ExpireInListener.d.ts +1 -0
  20. package/common/client/FronteggBaseProvider.d.ts +3 -0
  21. package/common/client/createOrGetFronteggApp.d.ts +11 -0
  22. package/common/client/hooks/index.d.ts +1 -0
  23. package/common/client/hooks/useRequestAuthorizeSSR.d.ts +9 -0
  24. package/common/client/index.d.ts +4 -0
  25. package/{consts.d.ts → common/consts.d.ts} +0 -0
  26. package/common/getMeAndTenants.d.ts +2 -0
  27. package/{helpers.d.ts → common/helpers.d.ts} +7 -9
  28. package/common/index.d.ts +6 -0
  29. package/common/index.js +20 -0
  30. package/common/index.js.map +1 -0
  31. package/common/types.d.ts +74 -0
  32. package/common/utils/createGetSession.d.ts +7 -0
  33. package/common/utils/getCookieFromRequest.d.ts +2 -0
  34. package/common/utils/index.d.ts +3 -0
  35. package/common/utils/parseCookie.d.ts +1 -0
  36. package/createGetSession-81b1748e.js +50 -0
  37. package/createGetSession-81b1748e.js.map +1 -0
  38. package/edge/getSessionOnEdge.d.ts +2 -0
  39. package/edge/index.d.ts +1 -0
  40. package/edge/index.js +29 -0
  41. package/edge/index.js.map +1 -0
  42. package/getCookieFromRequest-624c37b5.js +28 -0
  43. package/getCookieFromRequest-624c37b5.js.map +1 -0
  44. package/helpers-dac4dc7b.js +189 -0
  45. package/helpers-dac4dc7b.js.map +1 -0
  46. package/index.d.ts +1 -2
  47. package/index.js +1168 -0
  48. package/index.js.map +1 -0
  49. package/package.json +17 -12
  50. package/refreshToken.d.ts +3 -0
  51. package/server/FronteggProviderNext13.d.ts +3 -0
  52. package/server/getSessionNext13.d.ts +4 -0
  53. package/server/index.d.ts +2 -0
  54. package/server/index.js +86 -0
  55. package/server/index.js.map +1 -0
  56. package/session.d.ts +4 -8
  57. package/withFronteggApp.d.ts +10 -8
  58. package/index.cjs.js +0 -2747
  59. package/index.esm.js +0 -2691
  60. package/types.d.ts +0 -53
package/index.js ADDED
@@ -0,0 +1,1168 @@
1
+ 'use strict';
2
+
3
+ Object.defineProperty(exports, '__esModule', { value: true });
4
+
5
+ var tslib = require('tslib');
6
+ var router = require('next/router');
7
+ var React = require('react');
8
+ var reactHooks = require('@frontegg/react-hooks');
9
+ var restApi = require('@frontegg/rest-api');
10
+ var js = require('@frontegg/js');
11
+ var reduxStore = require('@frontegg/redux-store');
12
+ var jose = require('jose');
13
+ var cookie = require('cookie');
14
+ var ironSession = require('iron-session');
15
+ var url = require('url');
16
+ var httpProxy = require('http-proxy');
17
+ var types = require('@frontegg/types');
18
+
19
+ function _interopDefaultLegacy (e) { return e && typeof e === 'object' && 'default' in e ? e : { 'default': e }; }
20
+
21
+ var React__default = /*#__PURE__*/_interopDefaultLegacy(React);
22
+ var cookie__default = /*#__PURE__*/_interopDefaultLegacy(cookie);
23
+ var httpProxy__default = /*#__PURE__*/_interopDefaultLegacy(httpProxy);
24
+
25
+ var AppContext = React.createContext(null);
26
+
27
+ var createOrGetFronteggApp = function (_a) {
28
+ var _b, _c, _d, _e, _f, _g, _h, _j, _k;
29
+ var options = _a.options, onRedirectTo = _a.onRedirectTo, appName = _a.appName, user = _a.user, tenants = _a.tenants, storeHolder = _a.storeHolder;
30
+ var _l = (_b = options.session) !== null && _b !== void 0 ? _b : {}, accessToken = _l.accessToken, refreshToken = _l.refreshToken;
31
+ var contextOptions = tslib.__assign(tslib.__assign({ requestCredentials: 'include' }, options.contextOptions), { baseUrl: function (path) {
32
+ if (restApi.fronteggAuthApiRoutes.indexOf(path) !== -1 ||
33
+ path.endsWith('/postlogin') ||
34
+ path.endsWith('/prelogin') ||
35
+ path === '/oauth/token') {
36
+ return options.envAppUrl + "/api";
37
+ }
38
+ else {
39
+ return options.envBaseUrl;
40
+ }
41
+ }, clientId: options.envClientId });
42
+ var tenantsState = tenants
43
+ ? tslib.__assign({ tenantTree: null, subTenants: [], tenants: tenants, loading: false }, (_c = options.authOptions) === null || _c === void 0 ? void 0 : _c.tenantsState) : undefined;
44
+ var userData = user
45
+ ? tslib.__assign(tslib.__assign(tslib.__assign({}, user), { accessToken: accessToken !== null && accessToken !== void 0 ? accessToken : '', refreshToken: refreshToken !== null && refreshToken !== void 0 ? refreshToken : undefined }), (_d = options.authOptions) === null || _d === void 0 ? void 0 : _d.user) : null;
46
+ var authOptions = tslib.__assign(tslib.__assign({}, options.authOptions), { onRedirectTo: onRedirectTo, isLoading: false, isAuthenticated: !!options.session, hostedLoginBox: (_e = options.hostedLoginBox) !== null && _e !== void 0 ? _e : false, disableSilentRefresh: (_g = (_f = options.authOptions) === null || _f === void 0 ? void 0 : _f.disableSilentRefresh) !== null && _g !== void 0 ? _g : false, user: userData, tenantsState: tenantsState });
47
+ var sharedStore = reduxStore.createFronteggStore({ context: contextOptions }, storeHolder.current, options.previewMode, authOptions, {
48
+ auth: authOptions !== null && authOptions !== void 0 ? authOptions : {},
49
+ audits: (_h = options.auditsOptions) !== null && _h !== void 0 ? _h : {},
50
+ }, false, options.urlStrategy);
51
+ var createdApp;
52
+ try {
53
+ createdApp = js.AppHolder.getInstance(appName !== null && appName !== void 0 ? appName : 'default');
54
+ createdApp.store = sharedStore;
55
+ }
56
+ catch (e) {
57
+ createdApp = js.initialize(tslib.__assign(tslib.__assign({}, options), { store: sharedStore, hostedLoginBox: (_j = options.hostedLoginBox) !== null && _j !== void 0 ? _j : false, customLoginBox: (_k = options.customLoginBox) !== null && _k !== void 0 ? _k : false, basename: options.basename, authOptions: authOptions,
58
+ contextOptions: contextOptions,
59
+ onRedirectTo: onRedirectTo }), appName !== null && appName !== void 0 ? appName : 'default');
60
+ }
61
+ return createdApp;
62
+ };
63
+
64
+ var ExpireInListener = function () {
65
+ var user = reactHooks.useAuthUserOrNull();
66
+ var actions = reactHooks.useAuthActions();
67
+ React.useEffect(function () {
68
+ if (user && (user === null || user === void 0 ? void 0 : user.expiresIn) == null) {
69
+ actions.setUser(tslib.__assign(tslib.__assign({}, user), { expiresIn: Math.floor((user['exp'] * 1000 - Date.now()) / 1000) }));
70
+ }
71
+ }, [actions, user]);
72
+ // eslint-disable-next-line react/jsx-no-useless-fragment
73
+ return React__default["default"].createElement(React__default["default"].Fragment, null);
74
+ };
75
+
76
+ var useRequestAuthorizeSSR = function (_a) {
77
+ var app = _a.app, accessToken = _a.accessToken, user = _a.user, tenants = _a.tenants, refreshToken = _a.refreshToken;
78
+ React.useEffect(function () {
79
+ app === null || app === void 0 ? void 0 : app.store.dispatch({
80
+ type: 'auth/requestAuthorizeSSR',
81
+ payload: {
82
+ accessToken: accessToken,
83
+ user: user ? tslib.__assign(tslib.__assign({}, user), { refreshToken: refreshToken }) : null,
84
+ tenants: tenants,
85
+ },
86
+ });
87
+ }, [app]);
88
+ };
89
+
90
+ var Connector$1 = function (_a) {
91
+ var _b, _c;
92
+ var router = _a.router, _d = _a.appName, appName = _d === void 0 ? 'default' : _d, user = _a.user, tenants = _a.tenants, props = tslib.__rest(_a, ["router", "appName", "user", "tenants"]);
93
+ var isSSR = typeof window === 'undefined';
94
+ var _e = (_b = props.session) !== null && _b !== void 0 ? _b : {}, accessToken = _e.accessToken, refreshToken = _e.refreshToken;
95
+ var baseName = (_c = props.basename) !== null && _c !== void 0 ? _c : '';
96
+ var storeHolder = React.useRef({});
97
+ var onRedirectTo = React.useCallback(function (_path, opts) {
98
+ var path = _path;
99
+ if (path.startsWith(baseName)) {
100
+ path = path.substring(baseName.length);
101
+ }
102
+ if (opts === null || opts === void 0 ? void 0 : opts.preserveQueryParams) {
103
+ path = "" + path + window.location.search;
104
+ }
105
+ if ((opts === null || opts === void 0 ? void 0 : opts.refresh) && !isSSR) {
106
+ // @ts-ignore
107
+ window.Cypress ? router.push(path) : (window.location.href = path);
108
+ }
109
+ else {
110
+ (opts === null || opts === void 0 ? void 0 : opts.replace) ? router.replace(path) : router.push(path);
111
+ }
112
+ }, []);
113
+ var app = React.useMemo(function () {
114
+ return createOrGetFronteggApp({
115
+ options: tslib.__assign(tslib.__assign({}, props), { basename: baseName }),
116
+ user: user,
117
+ tenants: tenants,
118
+ onRedirectTo: onRedirectTo,
119
+ appName: appName,
120
+ storeHolder: storeHolder,
121
+ });
122
+ }, [props]);
123
+ restApi.ContextHolder.setOnRedirectTo(onRedirectTo);
124
+ useRequestAuthorizeSSR({ app: app, accessToken: accessToken, user: user, tenants: tenants, refreshToken: refreshToken });
125
+ return (React__default["default"].createElement(AppContext.Provider, { value: app },
126
+ React__default["default"].createElement(reactHooks.FronteggStoreProvider, tslib.__assign({}, tslib.__assign(tslib.__assign({}, props), { app: app })), props.children)));
127
+ };
128
+ var FronteggBaseProvider = function (props) {
129
+ return (React__default["default"].createElement(Connector$1, tslib.__assign({}, props, { framework: 'nextjs' }),
130
+ React__default["default"].createElement(ExpireInListener, null),
131
+ props.children));
132
+ };
133
+
134
+ var FronteggProvider = function (_a) {
135
+ var children = _a.children, basename = _a.basename, props = tslib.__rest(_a, ["children", "basename"]);
136
+ var router$1 = router.useRouter();
137
+ var baseName = basename !== null && basename !== void 0 ? basename : router$1.basePath;
138
+ return (React__default["default"].createElement(FronteggBaseProvider, tslib.__assign({ router: router$1, basename: baseName }, props), children));
139
+ };
140
+
141
+ var Connector = function (_props) {
142
+ var _a;
143
+ var router = _props.router, appName = _props.appName, hostedLoginBox = _props.hostedLoginBox; _props.customLoginBox; var props = tslib.__rest(_props, ["router", "appName", "hostedLoginBox", "customLoginBox"]);
144
+ var isSSR = typeof window === 'undefined';
145
+ var baseName = (_a = props.basename) !== null && _a !== void 0 ? _a : router.basePath;
146
+ var onRedirectTo = React.useCallback(function (_path, opts) {
147
+ var path = _path;
148
+ if (path.startsWith(baseName)) {
149
+ path = path.substring(baseName.length);
150
+ }
151
+ if (opts === null || opts === void 0 ? void 0 : opts.preserveQueryParams) {
152
+ path = "" + path + window.location.search;
153
+ }
154
+ if ((opts === null || opts === void 0 ? void 0 : opts.refresh) && !isSSR) {
155
+ // @ts-ignore
156
+ window.Cypress ? router.push(path) : (window.location.href = path);
157
+ }
158
+ else {
159
+ (opts === null || opts === void 0 ? void 0 : opts.replace) ? router.replace(path) : router.push(path);
160
+ }
161
+ }, []);
162
+ var app = React.useMemo(function () {
163
+ var _a;
164
+ var createdApp;
165
+ try {
166
+ createdApp = js.AppHolder.getInstance(appName !== null && appName !== void 0 ? appName : 'default');
167
+ }
168
+ catch (e) {
169
+ createdApp = js.initialize(tslib.__assign(tslib.__assign({}, props), { hostedLoginBox: hostedLoginBox !== null && hostedLoginBox !== void 0 ? hostedLoginBox : false, basename: (_a = props.basename) !== null && _a !== void 0 ? _a : baseName, authOptions: tslib.__assign(tslib.__assign({}, props.authOptions), { onRedirectTo: onRedirectTo }), contextOptions: tslib.__assign({ requestCredentials: 'include' }, props.contextOptions), onRedirectTo: onRedirectTo }), appName !== null && appName !== void 0 ? appName : 'default');
170
+ }
171
+ return createdApp;
172
+ }, [appName, props, hostedLoginBox, baseName, onRedirectTo]);
173
+ restApi.ContextHolder.setOnRedirectTo(onRedirectTo);
174
+ React.useEffect(function () {
175
+ app.store.dispatch({ type: 'auth/requestAuthorize', payload: true });
176
+ }, [app]);
177
+ return (React__default["default"].createElement(AppContext.Provider, { value: app },
178
+ React__default["default"].createElement(reactHooks.FronteggStoreProvider, tslib.__assign({}, tslib.__assign(tslib.__assign({}, props), { app: app })), props.children)));
179
+ };
180
+ var FronteggNextJSProvider = function (props) {
181
+ var router$1 = router.useRouter();
182
+ return (React__default["default"].createElement(Connector, tslib.__assign({}, props, { router: router$1 }),
183
+ React__default["default"].createElement(ExpireInListener, null),
184
+ props.children));
185
+ };
186
+ var FronteggProviderNoSSR = function (props) {
187
+ return (React__default["default"].createElement(FronteggNextJSProvider, tslib.__assign({}, props, { framework: 'nextjs' }), props.children));
188
+ };
189
+
190
+ var AuthorizedContent = function (props) {
191
+ var _a, _b;
192
+ var isAuthorized = true; // Initially
193
+ var user = reactHooks.useAuthUserOrNull();
194
+ if (!(user === null || user === void 0 ? void 0 : user.superUser)) {
195
+ if (props.requiredPermissions) {
196
+ if (!(user === null || user === void 0 ? void 0 : user.permissions) || (user === null || user === void 0 ? void 0 : user.permissions.length) === 0) {
197
+ isAuthorized = false;
198
+ }
199
+ var _loop_1 = function (permission) {
200
+ if (!((_a = user === null || user === void 0 ? void 0 : user.permissions) === null || _a === void 0 ? void 0 : _a.find(function (_a) {
201
+ var key = _a.key;
202
+ return key === permission;
203
+ }))) {
204
+ isAuthorized = false;
205
+ }
206
+ };
207
+ for (var _i = 0, _c = props.requiredPermissions; _i < _c.length; _i++) {
208
+ var permission = _c[_i];
209
+ _loop_1(permission);
210
+ }
211
+ }
212
+ if (props.requiredRoles) {
213
+ if (!(user === null || user === void 0 ? void 0 : user.roles) || (user === null || user === void 0 ? void 0 : user.roles.length) === 0) {
214
+ isAuthorized = false;
215
+ }
216
+ var _loop_2 = function (role) {
217
+ if (!((_b = user === null || user === void 0 ? void 0 : user.roles) === null || _b === void 0 ? void 0 : _b.find(function (_a) {
218
+ var key = _a.key;
219
+ return key === role;
220
+ }))) {
221
+ isAuthorized = false;
222
+ }
223
+ };
224
+ for (var _d = 0, _e = props.requiredRoles; _d < _e.length; _d++) {
225
+ var role = _e[_d];
226
+ _loop_2(role);
227
+ }
228
+ }
229
+ }
230
+ if (typeof props.render === 'function') {
231
+ return React__default["default"].createElement(React__default["default"].Fragment, null, props.render(isAuthorized));
232
+ }
233
+ return isAuthorized ? React__default["default"].createElement(React__default["default"].Fragment, null, props.children) : null;
234
+ };
235
+
236
+ function normalizeStringPasswordToMap(password) {
237
+ return typeof password === 'string' ? { 1: password } : password;
238
+ }
239
+ var FronteggConfig = /** @class */ (function () {
240
+ function FronteggConfig() {
241
+ var _a, _b, _c;
242
+ this.authRoutes = {};
243
+ this.fronteggAppOptions = {};
244
+ this._clientId = (_a = process.env['FRONTEGG_CLIENT_ID']) !== null && _a !== void 0 ? _a : '';
245
+ this._cookieName = (_b = process.env['FRONTEGG_COOKIE_NAME']) !== null && _b !== void 0 ? _b : "fe_next_session";
246
+ this._password = (_c = process.env['FRONTEGG_ENCRYPTION_PASSWORD']) !== null && _c !== void 0 ? _c : '';
247
+ this._passwordsAsMap = normalizeStringPasswordToMap(this._password);
248
+ }
249
+ Object.defineProperty(FronteggConfig.prototype, "cookieName", {
250
+ get: function () {
251
+ return this._cookieName + "-" + this._clientId.replace(/-/g, '');
252
+ },
253
+ enumerable: false,
254
+ configurable: true
255
+ });
256
+ Object.defineProperty(FronteggConfig.prototype, "password", {
257
+ get: function () {
258
+ return this._password;
259
+ },
260
+ enumerable: false,
261
+ configurable: true
262
+ });
263
+ Object.defineProperty(FronteggConfig.prototype, "clientId", {
264
+ get: function () {
265
+ return this._clientId;
266
+ },
267
+ enumerable: false,
268
+ configurable: true
269
+ });
270
+ Object.defineProperty(FronteggConfig.prototype, "baseUrlHost", {
271
+ get: function () {
272
+ var _a;
273
+ return new URL((_a = process.env['FRONTEGG_BASE_URL']) !== null && _a !== void 0 ? _a : '').hostname;
274
+ },
275
+ enumerable: false,
276
+ configurable: true
277
+ });
278
+ FronteggConfig.prototype.getEnvAppUrl = function () {
279
+ var url = undefined;
280
+ if (process.env['FRONTEGG_APP_URL']) {
281
+ url = process.env['FRONTEGG_APP_URL'];
282
+ }
283
+ else if (process.env['VERCEL'] && process.env['VERCEL_URL']) {
284
+ url = process.env['VERCEL_URL'];
285
+ }
286
+ if (url && !url.startsWith('http')) {
287
+ var protocol = url.startsWith('localhost') ? 'http://' : 'https://';
288
+ url = "" + protocol + url;
289
+ }
290
+ return url;
291
+ };
292
+ Object.defineProperty(FronteggConfig.prototype, "appUrl", {
293
+ get: function () {
294
+ var _a;
295
+ return (_a = this.getEnvAppUrl()) !== null && _a !== void 0 ? _a : 'http://localhost:3000';
296
+ },
297
+ enumerable: false,
298
+ configurable: true
299
+ });
300
+ Object.defineProperty(FronteggConfig.prototype, "appEnvConfig", {
301
+ get: function () {
302
+ return {
303
+ envAppUrl: this.getEnvAppUrl(),
304
+ envBaseUrl: process.env['FRONTEGG_BASE_URL'],
305
+ envClientId: process.env['FRONTEGG_CLIENT_ID'],
306
+ };
307
+ },
308
+ enumerable: false,
309
+ configurable: true
310
+ });
311
+ Object.defineProperty(FronteggConfig.prototype, "cookieDomain", {
312
+ get: function () {
313
+ var _a;
314
+ return new URL((_a = this.getEnvAppUrl()) !== null && _a !== void 0 ? _a : '').hostname.replace(/:(\d)+$/, '');
315
+ },
316
+ enumerable: false,
317
+ configurable: true
318
+ });
319
+ FronteggConfig.prototype.getJwtPublicKey = function () {
320
+ return tslib.__awaiter(this, void 0, void 0, function () {
321
+ var response, data, publicKey, _a;
322
+ return tslib.__generator(this, function (_b) {
323
+ switch (_b.label) {
324
+ case 0:
325
+ if (!!this._jwtPublicKey) return [3 /*break*/, 4];
326
+ return [4 /*yield*/, fetch(process.env['FRONTEGG_BASE_URL'] + "/.well-known/jwks.json")];
327
+ case 1:
328
+ response = _b.sent();
329
+ return [4 /*yield*/, response.json()];
330
+ case 2:
331
+ data = _b.sent();
332
+ publicKey = data.keys.find(function (key) { return key.kty === 'RSA'; });
333
+ _a = this;
334
+ return [4 /*yield*/, jose.importJWK(publicKey)];
335
+ case 3:
336
+ _a._jwtPublicKey = _b.sent();
337
+ _b.label = 4;
338
+ case 4: return [2 /*return*/, this._jwtPublicKey];
339
+ }
340
+ });
341
+ });
342
+ };
343
+ Object.defineProperty(FronteggConfig.prototype, "passwordsAsMap", {
344
+ get: function () {
345
+ return this._passwordsAsMap;
346
+ },
347
+ enumerable: false,
348
+ configurable: true
349
+ });
350
+ return FronteggConfig;
351
+ }());
352
+ var fronteggConfig = new FronteggConfig();
353
+
354
+ var BASE_URL = process.env['FRONTEGG_BASE_URL'] + "/frontegg";
355
+ var Get = function (_a) {
356
+ var url = _a.url, _b = _a.credentials, credentials = _b === void 0 ? 'include' : _b, headers = _a.headers;
357
+ return fetch(url, { method: 'GET', credentials: credentials, headers: headers });
358
+ };
359
+ var extractHeaders = function (headers) { return ({
360
+ 'accept-encoding': headers['accept-encoding'],
361
+ 'accept-language': headers['accept-language'],
362
+ cookie: headers['cookie'],
363
+ accept: headers['accept'],
364
+ 'user-agent': headers['user-agent'],
365
+ // connection: headers['connection'],
366
+ 'cache-control': headers['cache-control'],
367
+ Authorization: headers['Authorization'],
368
+ }); };
369
+ var parseResponse = function (res) { return tslib.__awaiter(void 0, void 0, void 0, function () {
370
+ var resText;
371
+ return tslib.__generator(this, function (_a) {
372
+ switch (_a.label) {
373
+ case 0:
374
+ if (!res.ok) {
375
+ return [2 /*return*/, undefined];
376
+ }
377
+ return [4 /*yield*/, res.text()];
378
+ case 1:
379
+ resText = _a.sent();
380
+ return [2 /*return*/, JSON.parse(resText)];
381
+ }
382
+ });
383
+ }); };
384
+ var getUsers = function (headers) { return tslib.__awaiter(void 0, void 0, void 0, function () {
385
+ var res;
386
+ return tslib.__generator(this, function (_a) {
387
+ switch (_a.label) {
388
+ case 0: return [4 /*yield*/, Get({ url: "" + BASE_URL + restApi.fronteggUsersUrl, headers: extractHeaders(headers) })];
389
+ case 1:
390
+ res = _a.sent();
391
+ return [2 /*return*/, parseResponse(res)];
392
+ }
393
+ });
394
+ }); };
395
+ var getTenants = function (headers) { return tslib.__awaiter(void 0, void 0, void 0, function () {
396
+ var res;
397
+ return tslib.__generator(this, function (_a) {
398
+ switch (_a.label) {
399
+ case 0: return [4 /*yield*/, Get({ url: "" + BASE_URL + restApi.fronteggTenantsUrl, headers: extractHeaders(headers) })];
400
+ case 1:
401
+ res = _a.sent();
402
+ return [2 /*return*/, parseResponse(res)];
403
+ }
404
+ });
405
+ }); };
406
+
407
+ function getMeAndTenants(reqHeaders, accessToken) {
408
+ return tslib.__awaiter(this, void 0, void 0, function () {
409
+ var headers, _a, user, tenants;
410
+ return tslib.__generator(this, function (_b) {
411
+ switch (_b.label) {
412
+ case 0:
413
+ if (!reqHeaders || !accessToken) {
414
+ return [2 /*return*/, {}];
415
+ }
416
+ headers = tslib.__assign(tslib.__assign({}, reqHeaders), { Authorization: "Bearer " + accessToken });
417
+ return [4 /*yield*/, Promise.all([getUsers(headers), getTenants(headers)])];
418
+ case 1:
419
+ _a = _b.sent(), user = _a[0], tenants = _a[1];
420
+ return [2 /*return*/, { user: user, tenants: tenants }];
421
+ }
422
+ });
423
+ });
424
+ }
425
+
426
+ function rewriteCookieProperty(header, config, property) {
427
+ if (Array.isArray(header)) {
428
+ return header.map(function (headerElement) {
429
+ return rewriteCookieProperty(headerElement, config, property);
430
+ });
431
+ }
432
+ return header.replace(new RegExp('(;\\s*' + property + '=)([^;]+)', 'i'), function (match, prefix, previousValue) {
433
+ var newValue;
434
+ if (previousValue in config) {
435
+ newValue = config[previousValue];
436
+ }
437
+ else if ('*' in config) {
438
+ newValue = config['*'];
439
+ }
440
+ else {
441
+ // no match, return previous value
442
+ return match;
443
+ }
444
+ if (newValue) {
445
+ // replace value
446
+ return prefix + newValue;
447
+ }
448
+ else {
449
+ // remove value
450
+ return '';
451
+ }
452
+ });
453
+ }
454
+ var COOKIE_MAX_LENGTH = 4096;
455
+ function createCookie(_a) {
456
+ var _b = _a.cookieName, cookieName = _b === void 0 ? fronteggConfig.cookieName : _b, session = _a.session, expires = _a.expires, isSecured = _a.isSecured, _c = _a.cookieDomain, cookieDomain = _c === void 0 ? fronteggConfig.cookieDomain : _c, _d = _a.httpOnly, httpOnly = _d === void 0 ? true : _d, _e = _a.path, path = _e === void 0 ? '/' : _e;
457
+ var options = {
458
+ expires: expires,
459
+ httpOnly: httpOnly,
460
+ domain: cookieDomain,
461
+ path: path,
462
+ sameSite: isSecured ? 'none' : undefined,
463
+ secure: isSecured,
464
+ };
465
+ var cookieValue = cookie__default["default"].serialize(cookieName, session, options);
466
+ if (cookieValue.length < COOKIE_MAX_LENGTH) {
467
+ return [cookieValue];
468
+ }
469
+ return createSplitCookie(cookieName, session, options, cookieValue.length);
470
+ }
471
+ function createSplitCookie(cookieName, session, options, cookieLength) {
472
+ var numberOfCookies = Math.ceil(cookieLength / COOKIE_MAX_LENGTH);
473
+ var splitSession = chunkString(session, numberOfCookies);
474
+ var allCookies = [];
475
+ for (var i = 1; i <= numberOfCookies; i++) {
476
+ allCookies.push(cookie__default["default"].serialize(cookieName + "-" + i, splitSession[i - 1], options));
477
+ }
478
+ return allCookies;
479
+ }
480
+ function chunkString(str, numChunks) {
481
+ var chunkSize = Math.ceil(str.length / numChunks);
482
+ var chunks = [];
483
+ for (var i = 0; i < numChunks; i + chunkSize) {
484
+ var limit = i + chunkSize;
485
+ chunks.push(str.substring(i, limit < str.length ? limit : str.length));
486
+ }
487
+ return chunks;
488
+ }
489
+ function parseCookieFromArray(cookies) {
490
+ var userCookie = cookies.find(function (c) { return c.name === fronteggConfig.cookieName; });
491
+ if (userCookie) {
492
+ return userCookie.value;
493
+ }
494
+ var cookieChunks = cookies.filter(function (c) { return c.name.includes(fronteggConfig.cookieName); });
495
+ if (!cookieChunks) {
496
+ return undefined;
497
+ }
498
+ cookieChunks.sort(function (a, b) { return (parseInt(a.name) > parseInt(b.name) ? 1 : -1); });
499
+ return cookieChunks.map(function (c) { return c.value; }).join();
500
+ }
501
+ function addToCookies(newCookies, res) {
502
+ var _a;
503
+ var existingSetCookie = (_a = res.getHeader('set-cookie')) !== null && _a !== void 0 ? _a : [];
504
+ if (typeof existingSetCookie === 'string') {
505
+ existingSetCookie = [existingSetCookie];
506
+ }
507
+ res.setHeader('set-cookie', tslib.__spreadArrays(existingSetCookie, newCookies));
508
+ }
509
+ function removeCookies(cookieName, isSecured, cookieDomain, res) {
510
+ var _a;
511
+ var cookieValue = createCookie({ cookieName: cookieName, session: '', expires: new Date(), isSecured: isSecured, cookieDomain: cookieDomain });
512
+ var existingSetCookie = (_a = res.getHeader('set-cookie')) !== null && _a !== void 0 ? _a : [];
513
+ if (typeof existingSetCookie === 'string') {
514
+ existingSetCookie = [existingSetCookie];
515
+ }
516
+ res.setHeader('set-cookie', tslib.__spreadArrays(existingSetCookie, cookieValue));
517
+ }
518
+ function createSessionFromAccessToken(output) {
519
+ var _a, _b;
520
+ return tslib.__awaiter(this, void 0, void 0, function () {
521
+ var data, accessToken, refreshToken, publicKey, decodedJwt, stringifySession, session;
522
+ return tslib.__generator(this, function (_c) {
523
+ switch (_c.label) {
524
+ case 0:
525
+ _c.trys.push([0, 4, , 5]);
526
+ data = JSON.parse(output);
527
+ accessToken = (_a = data === null || data === void 0 ? void 0 : data.accessToken) !== null && _a !== void 0 ? _a : data.access_token;
528
+ refreshToken = (_b = data === null || data === void 0 ? void 0 : data.refreshToken) !== null && _b !== void 0 ? _b : data.refresh_token;
529
+ return [4 /*yield*/, fronteggConfig.getJwtPublicKey()];
530
+ case 1:
531
+ publicKey = _c.sent();
532
+ return [4 /*yield*/, jose.jwtVerify(accessToken, publicKey)];
533
+ case 2:
534
+ decodedJwt = (_c.sent()).payload;
535
+ decodedJwt.expiresIn = Math.floor((decodedJwt.exp * 1000 - Date.now()) / 1000);
536
+ stringifySession = JSON.stringify({ accessToken: accessToken, refreshToken: refreshToken });
537
+ return [4 /*yield*/, ironSession.sealData(stringifySession, {
538
+ password: fronteggConfig.passwordsAsMap,
539
+ ttl: decodedJwt.exp,
540
+ })];
541
+ case 3:
542
+ session = _c.sent();
543
+ return [2 /*return*/, [session, decodedJwt, refreshToken]];
544
+ case 4:
545
+ _c.sent();
546
+ return [2 /*return*/, []];
547
+ case 5: return [2 /*return*/];
548
+ }
549
+ });
550
+ });
551
+ }
552
+ var modifySetCookieIfUnsecure = function (setCookieValue, isSecured) {
553
+ if (!setCookieValue) {
554
+ return setCookieValue;
555
+ }
556
+ if (setCookieValue.length > 0) {
557
+ return setCookieValue.map(function (c) {
558
+ var cookie = c.split('; ');
559
+ if (isSecured) {
560
+ return c;
561
+ }
562
+ return cookie.filter(function (property) { return property !== 'Secure' && property !== 'SameSite=None'; }).join('; ');
563
+ });
564
+ }
565
+ return setCookieValue;
566
+ };
567
+ function getTokensFromCookie(cookie) {
568
+ return tslib.__awaiter(this, void 0, void 0, function () {
569
+ var stringifyJwt;
570
+ return tslib.__generator(this, function (_a) {
571
+ switch (_a.label) {
572
+ case 0:
573
+ if (!cookie) {
574
+ return [2 /*return*/, undefined];
575
+ }
576
+ return [4 /*yield*/, ironSession.unsealData(cookie, {
577
+ password: fronteggConfig.passwordsAsMap,
578
+ })];
579
+ case 1:
580
+ stringifyJwt = _a.sent();
581
+ return [2 /*return*/, JSON.parse(stringifyJwt)];
582
+ }
583
+ });
584
+ });
585
+ }
586
+
587
+ function parseCookie(cookieStr) {
588
+ var sealFromCookies = '';
589
+ if (cookie__default["default"].parse(cookieStr)[fronteggConfig.cookieName]) {
590
+ sealFromCookies = cookie__default["default"].parse(cookieStr)[fronteggConfig.cookieName];
591
+ }
592
+ else {
593
+ var i = 1;
594
+ while (cookie__default["default"].parse(cookieStr)[fronteggConfig.cookieName + "-" + i]) {
595
+ sealFromCookies += cookie__default["default"].parse(cookieStr)[fronteggConfig.cookieName + "-" + i];
596
+ i++;
597
+ }
598
+ }
599
+ return sealFromCookies !== '' ? sealFromCookies : undefined;
600
+ }
601
+
602
+ var createGetSession = function (_a) {
603
+ var getCookie = _a.getCookie, cookieResolver = _a.cookieResolver;
604
+ return tslib.__awaiter(void 0, void 0, void 0, function () {
605
+ var cookie, tokens, accessToken, refreshToken, publicKey, payload, session, e_1;
606
+ return tslib.__generator(this, function (_b) {
607
+ switch (_b.label) {
608
+ case 0:
609
+ _b.trys.push([0, 4, , 5]);
610
+ cookie = getCookie();
611
+ if (!cookie) {
612
+ return [2 /*return*/, undefined];
613
+ }
614
+ return [4 /*yield*/, cookieResolver(cookie)];
615
+ case 1:
616
+ tokens = _b.sent();
617
+ if (!(tokens === null || tokens === void 0 ? void 0 : tokens.accessToken)) {
618
+ return [2 /*return*/, undefined];
619
+ }
620
+ accessToken = tokens.accessToken, refreshToken = tokens.refreshToken;
621
+ return [4 /*yield*/, fronteggConfig.getJwtPublicKey()];
622
+ case 2:
623
+ publicKey = _b.sent();
624
+ return [4 /*yield*/, jose.jwtVerify(accessToken, publicKey)];
625
+ case 3:
626
+ payload = (_b.sent()).payload;
627
+ session = {
628
+ accessToken: accessToken,
629
+ user: payload,
630
+ refreshToken: refreshToken,
631
+ };
632
+ if (session.user.exp * 1000 < Date.now()) {
633
+ return [2 /*return*/, undefined];
634
+ }
635
+ return [2 /*return*/, session];
636
+ case 4:
637
+ e_1 = _b.sent();
638
+ console.error(e_1);
639
+ return [2 /*return*/, undefined];
640
+ case 5: return [2 /*return*/];
641
+ }
642
+ });
643
+ });
644
+ };
645
+
646
+ function getCookieFromRequest(req) {
647
+ if (!req) {
648
+ return undefined;
649
+ }
650
+ var cookieStr = 'credentials' in req ? req.headers.get('cookie') || '' : req.headers.cookie || '';
651
+ return parseCookie(cookieStr);
652
+ }
653
+
654
+ var envError = function (varName) { return "@frontegg/nextjs: .env.local must contain " + varName; };
655
+ var fronteggErrors = {
656
+ envAppUrl: envError('FRONTEGG_APP_URL'),
657
+ envBaseUrl: envError('FRONTEGG_BASE_URL'),
658
+ envClientId: envError('FRONTEGG_CLIENT_ID'),
659
+ };
660
+
661
+ function FronteggRouter() {
662
+ var app = React.useContext(AppContext);
663
+ var _a = router.useRouter(), query = _a.query, replace = _a.replace;
664
+ var loginWithRedirect = reactHooks.useLoginWithRedirect();
665
+ var logout = reactHooks.useLoginActions().logout;
666
+ React.useEffect(function () {
667
+ if (!app) {
668
+ return;
669
+ }
670
+ if (app.options.hostedLoginBox) {
671
+ var routesObj = tslib.__assign(tslib.__assign({}, reduxStore.authInitialState.routes), fronteggConfig.authRoutes);
672
+ var _a = query, pathArr = _a["frontegg-router"], queryParams = tslib.__rest(_a, ['frontegg-router']);
673
+ var pathname = "/" + pathArr.join('/');
674
+ if (pathname === routesObj.loginUrl) {
675
+ if (queryParams.redirectUrl) {
676
+ localStorage.setItem('FRONTEGG_AFTER_AUTH_REDIRECT_URL', "" + window.location.origin + queryParams.redirectUrl);
677
+ }
678
+ loginWithRedirect();
679
+ }
680
+ else if (pathname === routesObj.logoutUrl) {
681
+ var _baseUrl = app.options.contextOptions.baseUrl;
682
+ var baseUrl_1 = typeof _baseUrl === 'string' ? _baseUrl : _baseUrl('');
683
+ logout(function () {
684
+ window.location.href = baseUrl_1 + "/oauth/logout?post_logout_redirect_uri=" + encodeURIComponent(window.location.origin);
685
+ });
686
+ }
687
+ }
688
+ }, [app, query, loginWithRedirect, logout, replace]);
689
+ return '';
690
+ }
691
+ function FronteggRouterProps(context) {
692
+ var _a;
693
+ var routesObj = tslib.__assign(tslib.__assign({}, reduxStore.authInitialState.routes), fronteggConfig.authRoutes);
694
+ var routesArr = Object.keys(routesObj).reduce(function (p, key) { return tslib.__spreadArrays(p, [routesObj[key]]); }, []);
695
+ var pathname = url.parse((_a = context.resolvedUrl) !== null && _a !== void 0 ? _a : context.req.url, true).pathname;
696
+ if (!pathname || pathname.startsWith('/_next/data')) {
697
+ var query = context.req.query[Object.keys(context.req.query)[0]];
698
+ pathname = "/" + (Array.isArray(query) ? query.join('/') : query);
699
+ }
700
+ var notFound = routesArr.indexOf(pathname) === -1;
701
+ if (fronteggConfig.fronteggAppOptions.hostedLoginBox) {
702
+ var notFound_1 = !(routesObj.loginUrl === pathname ||
703
+ routesObj.logoutUrl === pathname ||
704
+ routesObj.hostedLoginRedirectUrl === pathname);
705
+ return { notFound: notFound_1, props: {} };
706
+ }
707
+ return {
708
+ notFound: notFound,
709
+ props: {},
710
+ };
711
+ }
712
+
713
+ var getSession = function (req) {
714
+ return createGetSession({ getCookie: function () { return getCookieFromRequest(req); }, cookieResolver: getTokensFromCookie });
715
+ };
716
+ function withSSRSession(handler) {
717
+ var _this = this;
718
+ return function (context) { return tslib.__awaiter(_this, void 0, void 0, function () {
719
+ var session, loginUrl;
720
+ var _a, _b;
721
+ return tslib.__generator(this, function (_c) {
722
+ switch (_c.label) {
723
+ case 0: return [4 /*yield*/, getSession(context.req)];
724
+ case 1:
725
+ session = _c.sent();
726
+ if (session) {
727
+ return [2 /*return*/, handler(context, session)];
728
+ }
729
+ else {
730
+ loginUrl = (_a = fronteggConfig.authRoutes.loginUrl) !== null && _a !== void 0 ? _a : reduxStore.authInitialState.routes.loginUrl;
731
+ if (!loginUrl.startsWith('/')) {
732
+ loginUrl = "/" + loginUrl;
733
+ }
734
+ return [2 /*return*/, {
735
+ redirect: {
736
+ permanent: false,
737
+ destination: loginUrl + "?redirectUrl=" + encodeURIComponent((_b = context.resolvedUrl) !== null && _b !== void 0 ? _b : context.req.url),
738
+ },
739
+ props: {},
740
+ }];
741
+ }
742
+ }
743
+ });
744
+ }); };
745
+ }
746
+
747
+ function refreshTokenHostedLogin(ctx, headers) {
748
+ return tslib.__awaiter(this, void 0, void 0, function () {
749
+ var sealFromCookies, tokens;
750
+ return tslib.__generator(this, function (_a) {
751
+ switch (_a.label) {
752
+ case 0:
753
+ _a.trys.push([0, 3, , 4]);
754
+ sealFromCookies = getCookieFromRequest(ctx === null || ctx === void 0 ? void 0 : ctx.req);
755
+ return [4 /*yield*/, getTokensFromCookie(sealFromCookies)];
756
+ case 1:
757
+ tokens = _a.sent();
758
+ if (!(tokens === null || tokens === void 0 ? void 0 : tokens.refreshToken)) {
759
+ return [2 /*return*/, null];
760
+ }
761
+ return [4 /*yield*/, fetch(process.env['FRONTEGG_BASE_URL'] + "/frontegg" + restApi.fronteggSilentRefreshTokenUrl, {
762
+ method: 'POST',
763
+ credentials: 'include',
764
+ body: JSON.stringify({
765
+ grant_type: 'refresh_token',
766
+ refresh_token: tokens.refreshToken,
767
+ }),
768
+ headers: {
769
+ 'accept-encoding': headers['accept-encoding'],
770
+ 'accept-language': headers['accept-language'],
771
+ cookie: headers['cookie'],
772
+ accept: headers['accept'],
773
+ 'user-agent': headers['user-agent'],
774
+ connection: headers['connection'],
775
+ 'cache-control': headers['cache-control'],
776
+ },
777
+ })];
778
+ case 2: return [2 /*return*/, _a.sent()];
779
+ case 3:
780
+ _a.sent();
781
+ return [2 /*return*/, null];
782
+ case 4: return [2 /*return*/];
783
+ }
784
+ });
785
+ });
786
+ }
787
+ function refreshTokenEmbedded(ctx, headers, cookies) {
788
+ return tslib.__awaiter(this, void 0, void 0, function () {
789
+ var refreshTokenKey, cookieKey;
790
+ return tslib.__generator(this, function (_a) {
791
+ switch (_a.label) {
792
+ case 0:
793
+ refreshTokenKey = ("fe_refresh_" + fronteggConfig.clientId).replace(/-/g, '');
794
+ cookieKey = Object.keys(cookies).find(function (cookie) {
795
+ return cookie.replace(/-/g, '') === refreshTokenKey;
796
+ });
797
+ if (!cookieKey) {
798
+ // ctx.res?.setHeader('set-cookie', removedCookies);
799
+ // remove all fe_nextjs-session cookies
800
+ return [2 /*return*/, null];
801
+ }
802
+ return [4 /*yield*/, fetch(process.env['FRONTEGG_BASE_URL'] + "/frontegg" + restApi.fronteggRefreshTokenUrl, {
803
+ method: 'POST',
804
+ credentials: 'include',
805
+ body: '{}',
806
+ headers: {
807
+ 'accept-encoding': headers['accept-encoding'],
808
+ 'accept-language': headers['accept-language'],
809
+ cookie: headers['cookie'],
810
+ accept: headers['accept'],
811
+ 'user-agent': headers['user-agent'],
812
+ connection: headers['connection'],
813
+ 'cache-control': headers['cache-control'],
814
+ },
815
+ })];
816
+ case 1: return [2 /*return*/, _a.sent()];
817
+ }
818
+ });
819
+ });
820
+ }
821
+ function refreshToken(ctx) {
822
+ var _a;
823
+ return tslib.__awaiter(this, void 0, void 0, function () {
824
+ var request, session, isSecured, headers, cookies, response, data, rewriteCookieDomainConfig, cookieHeader, newSetCookie, _b, session, decodedJwt, refreshToken_1, cookieValue;
825
+ var _c;
826
+ return tslib.__generator(this, function (_d) {
827
+ switch (_d.label) {
828
+ case 0:
829
+ _d.trys.push([0, 13, , 14]);
830
+ request = ctx.req;
831
+ if (!request) {
832
+ return [2 /*return*/, null];
833
+ }
834
+ _d.label = 1;
835
+ case 1:
836
+ _d.trys.push([1, 3, , 4]);
837
+ return [4 /*yield*/, getSession(ctx.req)];
838
+ case 2:
839
+ session = _d.sent();
840
+ if (session) {
841
+ return [2 /*return*/, session];
842
+ }
843
+ return [3 /*break*/, 4];
844
+ case 3:
845
+ _d.sent();
846
+ return [3 /*break*/, 4];
847
+ case 4:
848
+ isSecured = new URL(fronteggConfig.appUrl).protocol === 'https:';
849
+ headers = request.headers;
850
+ cookies = request.cookies;
851
+ if (ctx.req.url.startsWith('/oauth/callback')) {
852
+ return [2 /*return*/, null];
853
+ }
854
+ response = void 0;
855
+ if (!fronteggConfig.fronteggAppOptions.hostedLoginBox) return [3 /*break*/, 6];
856
+ return [4 /*yield*/, refreshTokenHostedLogin(ctx, headers)];
857
+ case 5:
858
+ response = _d.sent();
859
+ return [3 /*break*/, 8];
860
+ case 6: return [4 /*yield*/, refreshTokenEmbedded(ctx, headers, cookies)];
861
+ case 7:
862
+ response = _d.sent();
863
+ _d.label = 8;
864
+ case 8:
865
+ if (!response) {
866
+ removeCookies(fronteggConfig.cookieName, isSecured, fronteggConfig.cookieDomain, ctx.res);
867
+ return [2 /*return*/, null];
868
+ }
869
+ if (!response.ok) return [3 /*break*/, 11];
870
+ return [4 /*yield*/, response.text()];
871
+ case 9:
872
+ data = _d.sent();
873
+ rewriteCookieDomainConfig = (_c = {},
874
+ _c[fronteggConfig.baseUrlHost] = fronteggConfig.cookieDomain,
875
+ _c);
876
+ cookieHeader = response.headers.raw()['set-cookie'];
877
+ newSetCookie = rewriteCookieProperty(cookieHeader, rewriteCookieDomainConfig, 'domain');
878
+ return [4 /*yield*/, createSessionFromAccessToken(data)];
879
+ case 10:
880
+ _b = _d.sent(), session = _b[0], decodedJwt = _b[1], refreshToken_1 = _b[2];
881
+ if (!session) {
882
+ return [2 /*return*/, null];
883
+ }
884
+ cookieValue = createCookie({ session: session, expires: new Date(decodedJwt.exp * 1000), isSecured: isSecured });
885
+ if (typeof newSetCookie === 'string') {
886
+ newSetCookie = [newSetCookie];
887
+ }
888
+ newSetCookie.push.apply(newSetCookie, cookieValue);
889
+ (_a = ctx.res) === null || _a === void 0 ? void 0 : _a.setHeader('set-cookie', newSetCookie);
890
+ return [2 /*return*/, {
891
+ accessToken: JSON.parse(data).accessToken,
892
+ user: decodedJwt,
893
+ refreshToken: refreshToken_1,
894
+ }];
895
+ case 11:
896
+ // remove all fe_nextjs-session cookies
897
+ // ctx.res?.setHeader('set-cookie', removedCookies);
898
+ return [2 /*return*/, null];
899
+ case 12: return [3 /*break*/, 14];
900
+ case 13:
901
+ _d.sent();
902
+ return [2 /*return*/, null];
903
+ case 14: return [2 /*return*/];
904
+ }
905
+ });
906
+ });
907
+ }
908
+
909
+ var withFronteggApp = function (app, options) {
910
+ var _a, _b;
911
+ var originalGetInitialProps = app.getInitialProps;
912
+ app.getInitialProps = function (appContext) { return tslib.__awaiter(void 0, void 0, void 0, function () {
913
+ var ctx, Component, session, _a, user, tenants, _b, envAppUrl, envBaseUrl, envClientId, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m;
914
+ var _o;
915
+ return tslib.__generator(this, function (_p) {
916
+ switch (_p.label) {
917
+ case 0:
918
+ ctx = appContext.ctx, Component = appContext.Component;
919
+ if (!ctx.req) return [3 /*break*/, 9];
920
+ return [4 /*yield*/, refreshToken(ctx)];
921
+ case 1:
922
+ session = _p.sent();
923
+ return [4 /*yield*/, getMeAndTenants((_o = ctx.req) === null || _o === void 0 ? void 0 : _o.headers, session === null || session === void 0 ? void 0 : session.accessToken)];
924
+ case 2:
925
+ _a = _p.sent(), user = _a.user, tenants = _a.tenants;
926
+ appContext.session = session;
927
+ appContext.user = user;
928
+ appContext.tenants = tenants;
929
+ _b = fronteggConfig.appEnvConfig, envAppUrl = _b.envAppUrl, envBaseUrl = _b.envBaseUrl, envClientId = _b.envClientId;
930
+ if (!envAppUrl) {
931
+ throw Error(fronteggErrors.envAppUrl);
932
+ }
933
+ if (!envBaseUrl) {
934
+ throw Error(fronteggErrors.envBaseUrl);
935
+ }
936
+ if (!envClientId) {
937
+ throw Error(fronteggErrors.envClientId);
938
+ }
939
+ _c = {};
940
+ _d = [{}];
941
+ if (!originalGetInitialProps) return [3 /*break*/, 4];
942
+ return [4 /*yield*/, originalGetInitialProps(appContext)];
943
+ case 3:
944
+ _e = _p.sent();
945
+ return [3 /*break*/, 5];
946
+ case 4:
947
+ _e = {};
948
+ _p.label = 5;
949
+ case 5:
950
+ _f = [tslib.__assign.apply(void 0, _d.concat([(_e)]))];
951
+ if (!Component.getInitialProps) return [3 /*break*/, 7];
952
+ return [4 /*yield*/, Component.getInitialProps(ctx)];
953
+ case 6:
954
+ _g = _p.sent();
955
+ return [3 /*break*/, 8];
956
+ case 7:
957
+ _g = {};
958
+ _p.label = 8;
959
+ case 8: return [2 /*return*/, (_c.pageProps = tslib.__assign.apply(void 0, [tslib.__assign.apply(void 0, _f.concat([(_g)])), { session: session,
960
+ user: user,
961
+ tenants: tenants,
962
+ envAppUrl: envAppUrl, envBaseUrl: process.env['FRONTEGG_BASE_URL'], envClientId: process.env['FRONTEGG_CLIENT_ID'] }]),
963
+ _c)];
964
+ case 9:
965
+ appContext.session = null;
966
+ _h = {};
967
+ _j = [{}];
968
+ if (!originalGetInitialProps) return [3 /*break*/, 11];
969
+ return [4 /*yield*/, originalGetInitialProps(appContext)];
970
+ case 10:
971
+ _k = _p.sent();
972
+ return [3 /*break*/, 12];
973
+ case 11:
974
+ _k = {};
975
+ _p.label = 12;
976
+ case 12:
977
+ _l = [tslib.__assign.apply(void 0, _j.concat([(_k)]))];
978
+ if (!Component.getInitialProps) return [3 /*break*/, 14];
979
+ return [4 /*yield*/, Component.getInitialProps(ctx)];
980
+ case 13:
981
+ _m = _p.sent();
982
+ return [3 /*break*/, 15];
983
+ case 14:
984
+ _m = {};
985
+ _p.label = 15;
986
+ case 15: return [2 /*return*/, (_h.pageProps = tslib.__assign.apply(void 0, _l.concat([(_m)])),
987
+ _h)];
988
+ }
989
+ });
990
+ }); };
991
+ fronteggConfig.authRoutes = (_b = (_a = options === null || options === void 0 ? void 0 : options.authOptions) === null || _a === void 0 ? void 0 : _a.routes) !== null && _b !== void 0 ? _b : {};
992
+ fronteggConfig.fronteggAppOptions = options !== null && options !== void 0 ? options : {};
993
+ function CustomFronteggApp(appProps) {
994
+ var _a = appProps.pageProps, user = _a.user, tenants = _a.tenants, session = _a.session, envAppUrl = _a.envAppUrl, envBaseUrl = _a.envBaseUrl, envClientId = _a.envClientId;
995
+ return (React__default["default"].createElement(FronteggProvider, tslib.__assign({}, options, { user: user, tenants: tenants, session: session, envAppUrl: envAppUrl, envBaseUrl: envBaseUrl, envClientId: envClientId }), app(appProps)));
996
+ }
997
+ CustomFronteggApp.getInitialProps = app.getInitialProps;
998
+ return CustomFronteggApp;
999
+ };
1000
+
1001
+ /**
1002
+ * @see https://www.npmjs.com/package/http-proxy
1003
+ */
1004
+ var proxy = httpProxy__default["default"].createProxyServer({
1005
+ target: process.env['FRONTEGG_BASE_URL'],
1006
+ });
1007
+ /**
1008
+ * Please refer to the following links for the specification document for HTTP.
1009
+ * @see https://tools.ietf.org/html/rfc7231
1010
+ * @see https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol
1011
+ */
1012
+ var hasRequestBodyMethods = ['HEAD', 'POST', 'PUT', 'DELETE', 'CONNECT', 'OPTIONS', 'PATCH'];
1013
+ /**
1014
+ * If pattern information matching the input url information is found in the `pathRewrite` array,
1015
+ * the url value is partially replaced with the `pathRewrite.replaceStr` value.
1016
+ * @param url
1017
+ * @param pathRewrite
1018
+ */
1019
+ var rewritePath = function (url, pathRewrite) {
1020
+ if (Array.isArray(pathRewrite)) {
1021
+ for (var _i = 0, pathRewrite_1 = pathRewrite; _i < pathRewrite_1.length; _i++) {
1022
+ var item = pathRewrite_1[_i];
1023
+ var patternStr = item.patternStr, replaceStr = item.replaceStr;
1024
+ var pattern = RegExp(patternStr);
1025
+ if (pattern.test(url)) {
1026
+ return url.replace(pattern, replaceStr);
1027
+ }
1028
+ }
1029
+ }
1030
+ else {
1031
+ // tslint:disable-next-line:forin
1032
+ for (var patternStr in pathRewrite) {
1033
+ var pattern = RegExp(patternStr);
1034
+ var path = pathRewrite[patternStr];
1035
+ if (pattern.test(url)) {
1036
+ return url.replace(pattern, path);
1037
+ }
1038
+ }
1039
+ }
1040
+ return url;
1041
+ };
1042
+ /**
1043
+ * Next.js HTTP Proxy Middleware
1044
+ * @see https://nextjs.org/docs/api-routes/api-middlewares
1045
+ * @param {NextApiRequest} req
1046
+ * @param {NextApiResponse} res
1047
+ */
1048
+ function fronteggMiddleware(req, res) {
1049
+ var _this = this;
1050
+ return new Promise(function (resolve, reject) {
1051
+ var _a;
1052
+ var pathRewrite = [
1053
+ {
1054
+ patternStr: '^/api/',
1055
+ replaceStr: '/',
1056
+ },
1057
+ ];
1058
+ if (pathRewrite) {
1059
+ req.url = rewritePath(req.url, pathRewrite);
1060
+ }
1061
+ if (hasRequestBodyMethods.indexOf(req.method) >= 0 && typeof req.body === 'object') {
1062
+ req.body = JSON.stringify(req.body);
1063
+ }
1064
+ var isSecured = new URL(fronteggConfig.appUrl).protocol === 'https:';
1065
+ proxy
1066
+ .once('proxyReq', function (proxyReq, req) {
1067
+ if (hasRequestBodyMethods.indexOf(req.method) >= 0 && typeof req.body === 'string') {
1068
+ proxyReq.write(req.body);
1069
+ proxyReq.end();
1070
+ }
1071
+ })
1072
+ .once('proxyRes', function (proxyRes, req, serverResponse) {
1073
+ proxyRes.headers['set-cookie'] = modifySetCookieIfUnsecure(proxyRes.headers['set-cookie'], isSecured);
1074
+ var _end = res.end;
1075
+ var buffer = new Buffer('');
1076
+ proxyRes
1077
+ .on('data', function (chunk) {
1078
+ buffer = Buffer.concat([buffer, chunk]);
1079
+ })
1080
+ .on('end', function () { return tslib.__awaiter(_this, void 0, void 0, function () {
1081
+ var output, isLogout, _a, session, decodedJwt, sessionCookie;
1082
+ var _b, _c;
1083
+ return tslib.__generator(this, function (_d) {
1084
+ switch (_d.label) {
1085
+ case 0:
1086
+ output = buffer.toString('utf-8');
1087
+ isLogout = (_b = req === null || req === void 0 ? void 0 : req.url) === null || _b === void 0 ? void 0 : _b.endsWith((_c = restApi.fronteggAuthApiRoutes.find(function (path) { return path.endsWith('/logout'); })) !== null && _c !== void 0 ? _c : '/logout');
1088
+ if (!isLogout) return [3 /*break*/, 1];
1089
+ removeCookies(fronteggConfig.cookieName, isSecured, fronteggConfig.cookieDomain, serverResponse);
1090
+ return [3 /*break*/, 3];
1091
+ case 1: return [4 /*yield*/, createSessionFromAccessToken(output)];
1092
+ case 2:
1093
+ _a = _d.sent(), session = _a[0], decodedJwt = _a[1];
1094
+ if (session) {
1095
+ sessionCookie = createCookie({
1096
+ session: session,
1097
+ expires: new Date(decodedJwt.exp * 1000),
1098
+ isSecured: isSecured,
1099
+ });
1100
+ addToCookies(sessionCookie, serverResponse);
1101
+ }
1102
+ _d.label = 3;
1103
+ case 3:
1104
+ res.setHeader('content-length', output.length);
1105
+ res.setHeader('content-encoding', '');
1106
+ // @ts-ignore
1107
+ _end.apply(res, [output]);
1108
+ return [2 /*return*/];
1109
+ }
1110
+ });
1111
+ }); });
1112
+ // disable default behavior to read jwt
1113
+ // @ts-ignore
1114
+ serverResponse.write = function () { return undefined; };
1115
+ // @ts-ignore
1116
+ serverResponse.end = function () { return undefined; };
1117
+ })
1118
+ .once('error', reject)
1119
+ .web(req, res, {
1120
+ changeOrigin: true,
1121
+ cookieDomainRewrite: (_a = {},
1122
+ _a[fronteggConfig.baseUrlHost] = fronteggConfig.cookieDomain,
1123
+ _a),
1124
+ });
1125
+ });
1126
+ }
1127
+
1128
+ Object.defineProperty(exports, 'AdminPortal', {
1129
+ enumerable: true,
1130
+ get: function () { return js.AdminPortal; }
1131
+ });
1132
+ exports.AuthorizedContent = AuthorizedContent;
1133
+ exports.FronteggConfig = fronteggConfig;
1134
+ exports.FronteggProvider = FronteggProvider;
1135
+ exports.FronteggProviderNoSSR = FronteggProviderNoSSR;
1136
+ exports.FronteggRouter = FronteggRouter;
1137
+ exports.FronteggRouterProps = FronteggRouterProps;
1138
+ exports.addToCookies = addToCookies;
1139
+ exports.createCookie = createCookie;
1140
+ exports.createGetSession = createGetSession;
1141
+ exports.createSessionFromAccessToken = createSessionFromAccessToken;
1142
+ exports.fronteggErrors = fronteggErrors;
1143
+ exports.fronteggMiddleware = fronteggMiddleware;
1144
+ exports.getCookieFromRequest = getCookieFromRequest;
1145
+ exports.getMeAndTenants = getMeAndTenants;
1146
+ exports.getSession = getSession;
1147
+ exports.getTokensFromCookie = getTokensFromCookie;
1148
+ exports.modifySetCookieIfUnsecure = modifySetCookieIfUnsecure;
1149
+ exports.parseCookie = parseCookie;
1150
+ exports.parseCookieFromArray = parseCookieFromArray;
1151
+ exports.removeCookies = removeCookies;
1152
+ exports.rewriteCookieProperty = rewriteCookieProperty;
1153
+ exports.rewritePath = rewritePath;
1154
+ exports.withFronteggApp = withFronteggApp;
1155
+ exports.withSSRSession = withSSRSession;
1156
+ Object.keys(reactHooks).forEach(function (k) {
1157
+ if (k !== 'default' && !exports.hasOwnProperty(k)) Object.defineProperty(exports, k, {
1158
+ enumerable: true,
1159
+ get: function () { return reactHooks[k]; }
1160
+ });
1161
+ });
1162
+ Object.keys(types).forEach(function (k) {
1163
+ if (k !== 'default' && !exports.hasOwnProperty(k)) Object.defineProperty(exports, k, {
1164
+ enumerable: true,
1165
+ get: function () { return types[k]; }
1166
+ });
1167
+ });
1168
+ //# sourceMappingURL=index.js.map