@frontegg/nextjs 8.0.16 → 8.0.17-alpha.8505427513
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +10 -0
- package/config/constants.d.ts +4 -0
- package/config/constants.js +1 -0
- package/config/constants.js.map +1 -1
- package/config/index.d.ts +1 -0
- package/config/index.js +5 -0
- package/config/index.js.map +1 -1
- package/index.js +1 -1
- package/middleware/ProxyResponseCallback.js +1 -1
- package/middleware/ProxyResponseCallback.js.map +1 -1
- package/package.json +1 -1
- package/pages/withFronteggApp/withFronteggApp.js +20 -9
- package/pages/withFronteggApp/withFronteggApp.js.map +1 -1
- package/sdkVersion.js +1 -1
- package/sdkVersion.js.map +1 -1
- package/utils/refreshAccessTokenIfNeeded/helpers.js.map +1 -0
- package/utils/{refreshAccessToken → refreshAccessTokenIfNeeded}/index.d.ts +3 -1
- package/utils/{refreshAccessToken → refreshAccessTokenIfNeeded}/index.js +10 -4
- package/utils/refreshAccessTokenIfNeeded/index.js.map +1 -0
- package/utils/refreshAccessToken/helpers.js.map +0 -1
- package/utils/refreshAccessToken/index.js.map +0 -1
- /package/utils/{refreshAccessToken → refreshAccessTokenIfNeeded}/helpers.d.ts +0 -0
- /package/utils/{refreshAccessToken → refreshAccessTokenIfNeeded}/helpers.js +0 -0
- /package/utils/{refreshAccessToken → refreshAccessTokenIfNeeded}/package.json +0 -0
package/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,13 @@
|
|
|
1
|
+
# Change Log
|
|
2
|
+
|
|
3
|
+
## [8.0.17](https://github.com/frontegg/frontegg-nextjs/compare/v8.0.16...v8.0.17) (2024-4-1)
|
|
4
|
+
|
|
5
|
+
- FR-15715 - Entitlements api v1 usage removal (FF)
|
|
6
|
+
|
|
7
|
+
### NextJS Wrapper 8.0.17:
|
|
8
|
+
- FR-15792 - Add support for disable refresh token on every initial props
|
|
9
|
+
- FR-15792 - Filter empty cookies array from the new cookies
|
|
10
|
+
- FR-14384 - Added entitlements for NextJS
|
|
1
11
|
# Change Log
|
|
2
12
|
|
|
3
13
|
## [8.0.16](https://github.com/frontegg/frontegg-nextjs/compare/v8.0.15...v8.0.16) (2024-3-31)
|
package/config/constants.d.ts
CHANGED
|
@@ -45,6 +45,10 @@ export declare enum EnvVariables {
|
|
|
45
45
|
* value as session cookies for supporting getServerSideProps and ServerComponents
|
|
46
46
|
*/
|
|
47
47
|
FRONTEGG_COOKIE_NAME = "FRONTEGG_COOKIE_NAME",
|
|
48
|
+
/**
|
|
49
|
+
* When `true`, the initial props will not refresh access token if it's valid.
|
|
50
|
+
*/
|
|
51
|
+
DISABLE_INITIAL_PROPS_REFRESH_TOKEN = "DISABLE_INITIAL_PROPS_REFRESH_TOKEN",
|
|
48
52
|
/**
|
|
49
53
|
* This Env variable assign automatically when deploying you Next.js application
|
|
50
54
|
* to Vercel deployments service, and will be used to detect to dynamically configure
|
package/config/constants.js
CHANGED
|
@@ -12,6 +12,7 @@ let EnvVariables = /*#__PURE__*/function (EnvVariables) {
|
|
|
12
12
|
EnvVariables["FRONTEGG_ENCRYPTION_PASSWORD"] = "FRONTEGG_ENCRYPTION_PASSWORD";
|
|
13
13
|
EnvVariables["FRONTEGG_JWT_PUBLIC_KEY"] = "FRONTEGG_JWT_PUBLIC_KEY";
|
|
14
14
|
EnvVariables["FRONTEGG_COOKIE_NAME"] = "FRONTEGG_COOKIE_NAME";
|
|
15
|
+
EnvVariables["DISABLE_INITIAL_PROPS_REFRESH_TOKEN"] = "DISABLE_INITIAL_PROPS_REFRESH_TOKEN";
|
|
15
16
|
EnvVariables["VERCEL"] = "VERCEL";
|
|
16
17
|
EnvVariables["VERCEL_URL"] = "VERCEL_URL";
|
|
17
18
|
return EnvVariables;
|
package/config/constants.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.js","names":["EnvVariables","exports"],"sources":["../../../../packages/nextjs/src/config/constants.ts"],"sourcesContent":["export enum EnvVariables {\n /**\n * The AppUrl is to tell Frontegg your application's app url\n * for generating cookies and proxy http requests\n */\n FRONTEGG_APP_URL = 'FRONTEGG_APP_URL',\n /**\n * The Frontegg domain is your unique URL to connect to the Frontegg gateway, get it by visit:\n * - For Dev environment [visit](https://portal.frontegg.com/development/settings/domains)\n * - For Prod environment [visit](https://portal.frontegg.com/production/settings/domains)\n */\n FRONTEGG_BASE_URL = 'FRONTEGG_BASE_URL',\n /**\n * The Frontegg test domain used for testing proxy middleware\n * @private for Frontegg\n */\n FRONTEGG_TEST_URL = 'FRONTEGG_TEST_URL',\n\n /**\n * Your Frontegg application's Client ID, get it by visit:\n * - For Dev environment [visit](https://portal.frontegg.com/development/settings/general)\n * - For Prod environment [visit](https://portal.frontegg.com/production/settings/general)\n */\n FRONTEGG_CLIENT_ID = 'FRONTEGG_CLIENT_ID',\n\n /**\n * The stateless session encryption password, used to encrypt\n * JWT before sending it to the client side.\n *\n * For quick password generation use the following command:\n *\n * ```sh\n * node -e \"console.log(crypto.randomBytes(32).toString('hex'))\"\n * ```\n */\n FRONTEGG_ENCRYPTION_PASSWORD = 'FRONTEGG_ENCRYPTION_PASSWORD',\n\n /**\n * The JWT public key generated by frontegg, to verify JWT before create session,\n * get it by visit: https://[YOUR_FRONTEGG_FOMAIN]/.well-known/jwks.json.\n *\n * Then: Copy and Paste the first key from the response:\n * {keys: [{__KEY__}]}\n */\n FRONTEGG_JWT_PUBLIC_KEY = 'FRONTEGG_JWT_PUBLIC_KEY',\n\n /**\n * The stateless cookie name for storing the encrypted JWT\n * value as session cookies for supporting getServerSideProps and ServerComponents\n */\n FRONTEGG_COOKIE_NAME = 'FRONTEGG_COOKIE_NAME',\n\n /**\n * This Env variable assign automatically when deploying you Next.js application\n * to Vercel deployments service, and will be used to detect to dynamically configure\n * the {@link EnvVariables.FRONTEGG_APP_URL}\n *\n * @see [Vercel Environment Variables](https://vercel.com/docs/concepts/projects/environment-variables#system-environment-variables)\n */\n VERCEL = 'VERCEL',\n VERCEL_URL = 'VERCEL_URL',\n}\n"],"mappings":";;;;;;IAAYA,YAAY,0BAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAA,OAAZA,YAAY;AAAA;AAAAC,OAAA,CAAAD,YAAA,GAAAA,YAAA"}
|
|
1
|
+
{"version":3,"file":"constants.js","names":["EnvVariables","exports"],"sources":["../../../../packages/nextjs/src/config/constants.ts"],"sourcesContent":["export enum EnvVariables {\n /**\n * The AppUrl is to tell Frontegg your application's app url\n * for generating cookies and proxy http requests\n */\n FRONTEGG_APP_URL = 'FRONTEGG_APP_URL',\n /**\n * The Frontegg domain is your unique URL to connect to the Frontegg gateway, get it by visit:\n * - For Dev environment [visit](https://portal.frontegg.com/development/settings/domains)\n * - For Prod environment [visit](https://portal.frontegg.com/production/settings/domains)\n */\n FRONTEGG_BASE_URL = 'FRONTEGG_BASE_URL',\n /**\n * The Frontegg test domain used for testing proxy middleware\n * @private for Frontegg\n */\n FRONTEGG_TEST_URL = 'FRONTEGG_TEST_URL',\n\n /**\n * Your Frontegg application's Client ID, get it by visit:\n * - For Dev environment [visit](https://portal.frontegg.com/development/settings/general)\n * - For Prod environment [visit](https://portal.frontegg.com/production/settings/general)\n */\n FRONTEGG_CLIENT_ID = 'FRONTEGG_CLIENT_ID',\n\n /**\n * The stateless session encryption password, used to encrypt\n * JWT before sending it to the client side.\n *\n * For quick password generation use the following command:\n *\n * ```sh\n * node -e \"console.log(crypto.randomBytes(32).toString('hex'))\"\n * ```\n */\n FRONTEGG_ENCRYPTION_PASSWORD = 'FRONTEGG_ENCRYPTION_PASSWORD',\n\n /**\n * The JWT public key generated by frontegg, to verify JWT before create session,\n * get it by visit: https://[YOUR_FRONTEGG_FOMAIN]/.well-known/jwks.json.\n *\n * Then: Copy and Paste the first key from the response:\n * {keys: [{__KEY__}]}\n */\n FRONTEGG_JWT_PUBLIC_KEY = 'FRONTEGG_JWT_PUBLIC_KEY',\n\n /**\n * The stateless cookie name for storing the encrypted JWT\n * value as session cookies for supporting getServerSideProps and ServerComponents\n */\n FRONTEGG_COOKIE_NAME = 'FRONTEGG_COOKIE_NAME',\n\n /**\n * When `true`, the initial props will not refresh access token if it's valid.\n */\n DISABLE_INITIAL_PROPS_REFRESH_TOKEN = 'DISABLE_INITIAL_PROPS_REFRESH_TOKEN',\n\n /**\n * This Env variable assign automatically when deploying you Next.js application\n * to Vercel deployments service, and will be used to detect to dynamically configure\n * the {@link EnvVariables.FRONTEGG_APP_URL}\n *\n * @see [Vercel Environment Variables](https://vercel.com/docs/concepts/projects/environment-variables#system-environment-variables)\n */\n VERCEL = 'VERCEL',\n VERCEL_URL = 'VERCEL_URL',\n}\n"],"mappings":";;;;;;IAAYA,YAAY,0BAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAA,OAAZA,YAAY;AAAA;AAAAC,OAAA,CAAAD,YAAA,GAAAA,YAAA"}
|
package/config/index.d.ts
CHANGED
package/config/index.js
CHANGED
|
@@ -21,6 +21,7 @@ const setupEnvVariables = {
|
|
|
21
21
|
FRONTEGG_ENCRYPTION_PASSWORD: process.env.FRONTEGG_ENCRYPTION_PASSWORD,
|
|
22
22
|
FRONTEGG_COOKIE_NAME: process.env.FRONTEGG_COOKIE_NAME,
|
|
23
23
|
FRONTEGG_JWT_PUBLIC_KEY: process.env.FRONTEGG_JWT_PUBLIC_KEY,
|
|
24
|
+
DISABLE_INITIAL_PROPS_REFRESH_TOKEN: process.env.DISABLE_INITIAL_PROPS_REFRESH_TOKEN,
|
|
24
25
|
VERCEL: process.env.VERCEL,
|
|
25
26
|
VERCEL_URL: process.env.VERCEL_URL
|
|
26
27
|
};
|
|
@@ -88,6 +89,10 @@ class Config {
|
|
|
88
89
|
var _this$fronteggAppOpti4;
|
|
89
90
|
return (_this$fronteggAppOpti4 = this.fronteggAppOptions.hostedLoginBox) != null ? _this$fronteggAppOpti4 : false;
|
|
90
91
|
}
|
|
92
|
+
get disableInitialPropsRefreshToken() {
|
|
93
|
+
const disableInitialPropsRefreshToken = (0, _helpers.getEnvOrDefault)(_constants.EnvVariables.DISABLE_INITIAL_PROPS_REFRESH_TOKEN, setupEnvVariables.DISABLE_INITIAL_PROPS_REFRESH_TOKEN);
|
|
94
|
+
return disableInitialPropsRefreshToken === 'true';
|
|
95
|
+
}
|
|
91
96
|
get appEnvConfig() {
|
|
92
97
|
return {
|
|
93
98
|
envAppUrl: this.appUrl,
|
package/config/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":["_helpers","require","_constants","_errors","setupEnvVariables","FRONTEGG_APP_URL","process","env","FRONTEGG_BASE_URL","FRONTEGG_TEST_URL","FRONTEGG_CLIENT_ID","FRONTEGG_ENCRYPTION_PASSWORD","FRONTEGG_COOKIE_NAME","FRONTEGG_JWT_PUBLIC_KEY","VERCEL","VERCEL_URL","Config","constructor","fronteggAppOptions","window","validatePassword","appUrl","generateAppUrl","testUrl","getEnvOrDefault","EnvVariables","baseUrl","_getEnv","getEnv","endsWith","slice","baseUrlHost","URL","hostname","clientId","_getEnv2","jwtPublicKeyJson","cookieName","_setupEnvVariables$FR","cookieNameEnv","replace","cookieDomain","generateCookieDomain","authRoutes","_this$fronteggAppOpti","_this$fronteggAppOpti2","_this$fronteggAppOpti3","authOptions","routes","passwordMaps","password","key","Object","keys","match","length","InvalidFronteggEnv","_getEnv3","encryptionPasswordEnv","normalizeStringPasswordToMap","isSSL","protocol","isHostedLogin","_this$fronteggAppOpti4","hostedLoginBox","appEnvConfig","envAppUrl","envBaseUrl","envClientId","_default","exports","default"],"sources":["../../../../packages/nextjs/src/config/index.ts"],"sourcesContent":["import { AuthPageRoutes } from '@frontegg/redux-store';\nimport { WithFronteggAppOptions } from '../pages';\nimport { AppEnvConfig, PasswordsMap } from './types';\nimport { generateAppUrl, generateCookieDomain, getEnv, getEnvOrDefault, normalizeStringPasswordToMap } from './helpers';\nimport { EnvVariables } from './constants';\nimport { InvalidFronteggEnv } from '../utils/errors';\n\nconst setupEnvVariables = {\n FRONTEGG_APP_URL: process.env.FRONTEGG_APP_URL,\n FRONTEGG_BASE_URL: process.env.FRONTEGG_BASE_URL,\n FRONTEGG_TEST_URL: process.env.FRONTEGG_TEST_URL,\n FRONTEGG_CLIENT_ID: process.env.FRONTEGG_CLIENT_ID,\n FRONTEGG_ENCRYPTION_PASSWORD: process.env.FRONTEGG_ENCRYPTION_PASSWORD,\n FRONTEGG_COOKIE_NAME: process.env.FRONTEGG_COOKIE_NAME,\n FRONTEGG_JWT_PUBLIC_KEY: process.env.FRONTEGG_JWT_PUBLIC_KEY,\n VERCEL: process.env.VERCEL,\n VERCEL_URL: process.env.VERCEL_URL,\n};\n\nclass Config {\n public fronteggAppOptions: Partial<WithFronteggAppOptions> = {};\n constructor() {\n if (typeof window === 'undefined') {\n this.validatePassword();\n }\n }\n\n get appUrl(): string {\n return generateAppUrl();\n }\n\n get testUrl(): string | undefined {\n return getEnvOrDefault(EnvVariables.FRONTEGG_TEST_URL, setupEnvVariables.FRONTEGG_TEST_URL);\n }\n\n get baseUrl(): string {\n const baseUrl = getEnv(EnvVariables.FRONTEGG_BASE_URL) ?? setupEnvVariables.FRONTEGG_BASE_URL;\n if (baseUrl.endsWith('/')) {\n return baseUrl.slice(0, -1);\n }\n return baseUrl;\n }\n\n get baseUrlHost(): string {\n return new URL(this.baseUrl).hostname;\n }\n\n get clientId(): string {\n return getEnv(EnvVariables.FRONTEGG_CLIENT_ID) ?? setupEnvVariables.FRONTEGG_CLIENT_ID;\n }\n\n get jwtPublicKeyJson(): string | undefined {\n return getEnv(EnvVariables.FRONTEGG_JWT_PUBLIC_KEY);\n }\n\n get cookieName(): string {\n const cookieNameEnv = getEnvOrDefault(\n EnvVariables.FRONTEGG_COOKIE_NAME,\n setupEnvVariables.FRONTEGG_COOKIE_NAME ?? 'fe_session'\n );\n return `${cookieNameEnv}-${this.clientId.replace(/-/g, '')}`;\n }\n\n get cookieDomain(): string {\n return generateCookieDomain(this.appUrl);\n }\n\n get authRoutes(): Partial<AuthPageRoutes> {\n return this.fronteggAppOptions?.authOptions?.routes ?? {};\n }\n\n private validatePassword() {\n const passwordMaps = this.password;\n for (let key of Object.keys(passwordMaps)) {\n const password = passwordMaps[key];\n if (!password.match(/[0-9A-Fa-f]{6}/g) || password.length !== 64) {\n throw new InvalidFronteggEnv(\n EnvVariables.FRONTEGG_ENCRYPTION_PASSWORD,\n `Hex string.\\n\\nFor quick password generation use the following command:\\nnode -e \"console.log(crypto.randomBytes(32).toString('hex'))\"`\n );\n }\n }\n }\n get password(): PasswordsMap {\n const encryptionPasswordEnv =\n getEnv(EnvVariables.FRONTEGG_ENCRYPTION_PASSWORD) ?? setupEnvVariables.FRONTEGG_ENCRYPTION_PASSWORD;\n\n return normalizeStringPasswordToMap(encryptionPasswordEnv);\n }\n\n get isSSL(): boolean {\n return new URL(this.appUrl).protocol === 'https:';\n }\n\n get isHostedLogin(): boolean {\n return this.fronteggAppOptions.hostedLoginBox ?? false;\n }\n\n get appEnvConfig(): AppEnvConfig {\n return {\n envAppUrl: this.appUrl,\n envBaseUrl: this.baseUrl,\n envClientId: this.clientId,\n };\n }\n}\n\nexport { EnvVariables } from './constants';\nexport default new Config();\n"],"mappings":";;;;;;;;;;;;AAGA,IAAAA,QAAA,GAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AAEA,MAAMG,iBAAiB,GAAG;EACxBC,gBAAgB,EAAEC,OAAO,CAACC,GAAG,CAACF,gBAAgB;EAC9CG,iBAAiB,EAAEF,OAAO,CAACC,GAAG,CAACC,iBAAiB;EAChDC,iBAAiB,EAAEH,OAAO,CAACC,GAAG,CAACE,iBAAiB;EAChDC,kBAAkB,EAAEJ,OAAO,CAACC,GAAG,CAACG,kBAAkB;EAClDC,4BAA4B,EAAEL,OAAO,CAACC,GAAG,CAACI,4BAA4B;EACtEC,oBAAoB,EAAEN,OAAO,CAACC,GAAG,CAACK,oBAAoB;EACtDC,uBAAuB,EAAEP,OAAO,CAACC,GAAG,CAACM,uBAAuB;EAC5DC,
|
|
1
|
+
{"version":3,"file":"index.js","names":["_helpers","require","_constants","_errors","setupEnvVariables","FRONTEGG_APP_URL","process","env","FRONTEGG_BASE_URL","FRONTEGG_TEST_URL","FRONTEGG_CLIENT_ID","FRONTEGG_ENCRYPTION_PASSWORD","FRONTEGG_COOKIE_NAME","FRONTEGG_JWT_PUBLIC_KEY","DISABLE_INITIAL_PROPS_REFRESH_TOKEN","VERCEL","VERCEL_URL","Config","constructor","fronteggAppOptions","window","validatePassword","appUrl","generateAppUrl","testUrl","getEnvOrDefault","EnvVariables","baseUrl","_getEnv","getEnv","endsWith","slice","baseUrlHost","URL","hostname","clientId","_getEnv2","jwtPublicKeyJson","cookieName","_setupEnvVariables$FR","cookieNameEnv","replace","cookieDomain","generateCookieDomain","authRoutes","_this$fronteggAppOpti","_this$fronteggAppOpti2","_this$fronteggAppOpti3","authOptions","routes","passwordMaps","password","key","Object","keys","match","length","InvalidFronteggEnv","_getEnv3","encryptionPasswordEnv","normalizeStringPasswordToMap","isSSL","protocol","isHostedLogin","_this$fronteggAppOpti4","hostedLoginBox","disableInitialPropsRefreshToken","appEnvConfig","envAppUrl","envBaseUrl","envClientId","_default","exports","default"],"sources":["../../../../packages/nextjs/src/config/index.ts"],"sourcesContent":["import { AuthPageRoutes } from '@frontegg/redux-store';\nimport { WithFronteggAppOptions } from '../pages';\nimport { AppEnvConfig, PasswordsMap } from './types';\nimport { generateAppUrl, generateCookieDomain, getEnv, getEnvOrDefault, normalizeStringPasswordToMap } from './helpers';\nimport { EnvVariables } from './constants';\nimport { InvalidFronteggEnv } from '../utils/errors';\n\nconst setupEnvVariables = {\n FRONTEGG_APP_URL: process.env.FRONTEGG_APP_URL,\n FRONTEGG_BASE_URL: process.env.FRONTEGG_BASE_URL,\n FRONTEGG_TEST_URL: process.env.FRONTEGG_TEST_URL,\n FRONTEGG_CLIENT_ID: process.env.FRONTEGG_CLIENT_ID,\n FRONTEGG_ENCRYPTION_PASSWORD: process.env.FRONTEGG_ENCRYPTION_PASSWORD,\n FRONTEGG_COOKIE_NAME: process.env.FRONTEGG_COOKIE_NAME,\n FRONTEGG_JWT_PUBLIC_KEY: process.env.FRONTEGG_JWT_PUBLIC_KEY,\n DISABLE_INITIAL_PROPS_REFRESH_TOKEN: process.env.DISABLE_INITIAL_PROPS_REFRESH_TOKEN,\n VERCEL: process.env.VERCEL,\n VERCEL_URL: process.env.VERCEL_URL,\n};\n\nclass Config {\n public fronteggAppOptions: Partial<WithFronteggAppOptions> = {};\n constructor() {\n if (typeof window === 'undefined') {\n this.validatePassword();\n }\n }\n\n get appUrl(): string {\n return generateAppUrl();\n }\n\n get testUrl(): string | undefined {\n return getEnvOrDefault(EnvVariables.FRONTEGG_TEST_URL, setupEnvVariables.FRONTEGG_TEST_URL);\n }\n\n get baseUrl(): string {\n const baseUrl = getEnv(EnvVariables.FRONTEGG_BASE_URL) ?? setupEnvVariables.FRONTEGG_BASE_URL;\n if (baseUrl.endsWith('/')) {\n return baseUrl.slice(0, -1);\n }\n return baseUrl;\n }\n\n get baseUrlHost(): string {\n return new URL(this.baseUrl).hostname;\n }\n\n get clientId(): string {\n return getEnv(EnvVariables.FRONTEGG_CLIENT_ID) ?? setupEnvVariables.FRONTEGG_CLIENT_ID;\n }\n\n get jwtPublicKeyJson(): string | undefined {\n return getEnv(EnvVariables.FRONTEGG_JWT_PUBLIC_KEY);\n }\n\n get cookieName(): string {\n const cookieNameEnv = getEnvOrDefault(\n EnvVariables.FRONTEGG_COOKIE_NAME,\n setupEnvVariables.FRONTEGG_COOKIE_NAME ?? 'fe_session'\n );\n return `${cookieNameEnv}-${this.clientId.replace(/-/g, '')}`;\n }\n\n get cookieDomain(): string {\n return generateCookieDomain(this.appUrl);\n }\n\n get authRoutes(): Partial<AuthPageRoutes> {\n return this.fronteggAppOptions?.authOptions?.routes ?? {};\n }\n\n private validatePassword() {\n const passwordMaps = this.password;\n for (let key of Object.keys(passwordMaps)) {\n const password = passwordMaps[key];\n if (!password.match(/[0-9A-Fa-f]{6}/g) || password.length !== 64) {\n throw new InvalidFronteggEnv(\n EnvVariables.FRONTEGG_ENCRYPTION_PASSWORD,\n `Hex string.\\n\\nFor quick password generation use the following command:\\nnode -e \"console.log(crypto.randomBytes(32).toString('hex'))\"`\n );\n }\n }\n }\n get password(): PasswordsMap {\n const encryptionPasswordEnv =\n getEnv(EnvVariables.FRONTEGG_ENCRYPTION_PASSWORD) ?? setupEnvVariables.FRONTEGG_ENCRYPTION_PASSWORD;\n\n return normalizeStringPasswordToMap(encryptionPasswordEnv);\n }\n\n get isSSL(): boolean {\n return new URL(this.appUrl).protocol === 'https:';\n }\n\n get isHostedLogin(): boolean {\n return this.fronteggAppOptions.hostedLoginBox ?? false;\n }\n\n get disableInitialPropsRefreshToken(): boolean {\n const disableInitialPropsRefreshToken = getEnvOrDefault(\n EnvVariables.DISABLE_INITIAL_PROPS_REFRESH_TOKEN,\n setupEnvVariables.DISABLE_INITIAL_PROPS_REFRESH_TOKEN\n );\n return disableInitialPropsRefreshToken === 'true';\n }\n\n get appEnvConfig(): AppEnvConfig {\n return {\n envAppUrl: this.appUrl,\n envBaseUrl: this.baseUrl,\n envClientId: this.clientId,\n };\n }\n}\n\nexport { EnvVariables } from './constants';\nexport default new Config();\n"],"mappings":";;;;;;;;;;;;AAGA,IAAAA,QAAA,GAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AAEA,MAAMG,iBAAiB,GAAG;EACxBC,gBAAgB,EAAEC,OAAO,CAACC,GAAG,CAACF,gBAAgB;EAC9CG,iBAAiB,EAAEF,OAAO,CAACC,GAAG,CAACC,iBAAiB;EAChDC,iBAAiB,EAAEH,OAAO,CAACC,GAAG,CAACE,iBAAiB;EAChDC,kBAAkB,EAAEJ,OAAO,CAACC,GAAG,CAACG,kBAAkB;EAClDC,4BAA4B,EAAEL,OAAO,CAACC,GAAG,CAACI,4BAA4B;EACtEC,oBAAoB,EAAEN,OAAO,CAACC,GAAG,CAACK,oBAAoB;EACtDC,uBAAuB,EAAEP,OAAO,CAACC,GAAG,CAACM,uBAAuB;EAC5DC,mCAAmC,EAAER,OAAO,CAACC,GAAG,CAACO,mCAAmC;EACpFC,MAAM,EAAET,OAAO,CAACC,GAAG,CAACQ,MAAM;EAC1BC,UAAU,EAAEV,OAAO,CAACC,GAAG,CAACS;AAC1B,CAAC;AAED,MAAMC,MAAM,CAAC;EAEXC,WAAWA,CAAA,EAAG;IAAA,KADPC,kBAAkB,GAAoC,CAAC,CAAC;IAE7D,IAAI,OAAOC,MAAM,KAAK,WAAW,EAAE;MACjC,IAAI,CAACC,gBAAgB,EAAE;IACzB;EACF;EAEA,IAAIC,MAAMA,CAAA,EAAW;IACnB,OAAO,IAAAC,uBAAc,GAAE;EACzB;EAEA,IAAIC,OAAOA,CAAA,EAAuB;IAChC,OAAO,IAAAC,wBAAe,EAACC,uBAAY,CAACjB,iBAAiB,EAAEL,iBAAiB,CAACK,iBAAiB,CAAC;EAC7F;EAEA,IAAIkB,OAAOA,CAAA,EAAW;IAAA,IAAAC,OAAA;IACpB,MAAMD,OAAO,IAAAC,OAAA,GAAG,IAAAC,eAAM,EAACH,uBAAY,CAAClB,iBAAiB,CAAC,YAAAoB,OAAA,GAAIxB,iBAAiB,CAACI,iBAAiB;IAC7F,IAAImB,OAAO,CAACG,QAAQ,CAAC,GAAG,CAAC,EAAE;MACzB,OAAOH,OAAO,CAACI,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7B;IACA,OAAOJ,OAAO;EAChB;EAEA,IAAIK,WAAWA,CAAA,EAAW;IACxB,OAAO,IAAIC,GAAG,CAAC,IAAI,CAACN,OAAO,CAAC,CAACO,QAAQ;EACvC;EAEA,IAAIC,QAAQA,CAAA,EAAW;IAAA,IAAAC,QAAA;IACrB,QAAAA,QAAA,GAAO,IAAAP,eAAM,EAACH,uBAAY,CAAChB,kBAAkB,CAAC,YAAA0B,QAAA,GAAIhC,iBAAiB,CAACM,kBAAkB;EACxF;EAEA,IAAI2B,gBAAgBA,CAAA,EAAuB;IACzC,OAAO,IAAAR,eAAM,EAACH,uBAAY,CAACb,uBAAuB,CAAC;EACrD;EAEA,IAAIyB,UAAUA,CAAA,EAAW;IAAA,IAAAC,qBAAA;IACvB,MAAMC,aAAa,GAAG,IAAAf,wBAAe,EACnCC,uBAAY,CAACd,oBAAoB,GAAA2B,qBAAA,GACjCnC,iBAAiB,CAACQ,oBAAoB,YAAA2B,qBAAA,GAAI,YAAY,CACvD;IACD,OAAQ,GAAEC,aAAc,IAAG,IAAI,CAACL,QAAQ,CAACM,OAAO,CAAC,IAAI,EAAE,EAAE,CAAE,EAAC;EAC9D;EAEA,IAAIC,YAAYA,CAAA,EAAW;IACzB,OAAO,IAAAC,6BAAoB,EAAC,IAAI,CAACrB,MAAM,CAAC;EAC1C;EAEA,IAAIsB,UAAUA,CAAA,EAA4B;IAAA,IAAAC,qBAAA,EAAAC,sBAAA,EAAAC,sBAAA;IACxC,QAAAF,qBAAA,IAAAC,sBAAA,GAAO,IAAI,CAAC3B,kBAAkB,sBAAA4B,sBAAA,GAAvBD,sBAAA,CAAyBE,WAAW,qBAApCD,sBAAA,CAAsCE,MAAM,YAAAJ,qBAAA,GAAI,CAAC,CAAC;EAC3D;EAEQxB,gBAAgBA,CAAA,EAAG;IACzB,MAAM6B,YAAY,GAAG,IAAI,CAACC,QAAQ;IAClC,KAAK,IAAIC,GAAG,IAAIC,MAAM,CAACC,IAAI,CAACJ,YAAY,CAAC,EAAE;MACzC,MAAMC,QAAQ,GAAGD,YAAY,CAACE,GAAG,CAAC;MAClC,IAAI,CAACD,QAAQ,CAACI,KAAK,CAAC,iBAAiB,CAAC,IAAIJ,QAAQ,CAACK,MAAM,KAAK,EAAE,EAAE;QAChE,MAAM,IAAIC,0BAAkB,CAC1B/B,uBAAY,CAACf,4BAA4B,EACxC,wIAAuI,CACzI;MACH;IACF;EACF;EACA,IAAIwC,QAAQA,CAAA,EAAiB;IAAA,IAAAO,QAAA;IAC3B,MAAMC,qBAAqB,IAAAD,QAAA,GACzB,IAAA7B,eAAM,EAACH,uBAAY,CAACf,4BAA4B,CAAC,YAAA+C,QAAA,GAAItD,iBAAiB,CAACO,4BAA4B;IAErG,OAAO,IAAAiD,qCAA4B,EAACD,qBAAqB,CAAC;EAC5D;EAEA,IAAIE,KAAKA,CAAA,EAAY;IACnB,OAAO,IAAI5B,GAAG,CAAC,IAAI,CAACX,MAAM,CAAC,CAACwC,QAAQ,KAAK,QAAQ;EACnD;EAEA,IAAIC,aAAaA,CAAA,EAAY;IAAA,IAAAC,sBAAA;IAC3B,QAAAA,sBAAA,GAAO,IAAI,CAAC7C,kBAAkB,CAAC8C,cAAc,YAAAD,sBAAA,GAAI,KAAK;EACxD;EAEA,IAAIE,+BAA+BA,CAAA,EAAY;IAC7C,MAAMA,+BAA+B,GAAG,IAAAzC,wBAAe,EACrDC,uBAAY,CAACZ,mCAAmC,EAChDV,iBAAiB,CAACU,mCAAmC,CACtD;IACD,OAAOoD,+BAA+B,KAAK,MAAM;EACnD;EAEA,IAAIC,YAAYA,CAAA,EAAiB;IAC/B,OAAO;MACLC,SAAS,EAAE,IAAI,CAAC9C,MAAM;MACtB+C,UAAU,EAAE,IAAI,CAAC1C,OAAO;MACxB2C,WAAW,EAAE,IAAI,CAACnC;IACpB,CAAC;EACH;AACF;AAAC,IAAAoC,QAAA,GAGc,IAAItD,MAAM,EAAE;AAAAuD,OAAA,CAAAC,OAAA,GAAAF,QAAA"}
|
package/index.js
CHANGED
|
@@ -10,7 +10,7 @@ var _cookies = _interopRequireDefault(require("../utils/cookies"));
|
|
|
10
10
|
var _common = require("../common");
|
|
11
11
|
var _helpers = require("./helpers");
|
|
12
12
|
var _fronteggLogger = _interopRequireDefault(require("../utils/fronteggLogger"));
|
|
13
|
-
var _helpers2 = require("../utils/
|
|
13
|
+
var _helpers2 = require("../utils/refreshAccessTokenIfNeeded/helpers");
|
|
14
14
|
const logger = _fronteggLogger.default.child({
|
|
15
15
|
tag: 'FronteggApiMiddleware.ProxyResponseCallback'
|
|
16
16
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ProxyResponseCallback.js","names":["_config","_interopRequireDefault","require","_cookies","_common","_helpers","_fronteggLogger","_helpers2","logger","fronteggLogger","child","tag","ProxyResponseCallback","proxyRes","req","res","buffer","Buffer","totalLength","isSecured","URL","config","appUrl","protocol","on","chunk","length","concat","_proxyRes$statusCode","_CookieManager$modify","url","statusCode","isSuccess","bodyStr","toString","isLogout","isFronteggLogoutUrl","CookieManager","removeCookies","cookieDomain","isFronteggOauthLogoutUrl","isHostedLogin","asPath","hostedLogoutUrl","getHostedLogoutUrl","headers","status","end","cookies","modifySetCookie","body","JSON","parse","accessToken","access_token","session","decodedJwt","createSessionFromAccessToken","sessionCookie","create","value","expires","Date","exp","secure","push","e","isSSOPostRequest","error","Object","keys","filter","header","forEach","setHeader","_default","exports","default"],"sources":["../../../../packages/nextjs/src/middleware/ProxyResponseCallback.ts"],"sourcesContent":["import { ProxyResCallback } from 'http-proxy';\nimport { IncomingMessage } from 'http';\nimport { NextApiResponse } from 'next';\nimport config from '../config';\nimport CookieManager from '../utils/cookies';\nimport { createSessionFromAccessToken } from '../common';\nimport { getHostedLogoutUrl, isFronteggLogoutUrl, isFronteggOauthLogoutUrl } from './helpers';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport { isSSOPostRequest } from '../utils/
|
|
1
|
+
{"version":3,"file":"ProxyResponseCallback.js","names":["_config","_interopRequireDefault","require","_cookies","_common","_helpers","_fronteggLogger","_helpers2","logger","fronteggLogger","child","tag","ProxyResponseCallback","proxyRes","req","res","buffer","Buffer","totalLength","isSecured","URL","config","appUrl","protocol","on","chunk","length","concat","_proxyRes$statusCode","_CookieManager$modify","url","statusCode","isSuccess","bodyStr","toString","isLogout","isFronteggLogoutUrl","CookieManager","removeCookies","cookieDomain","isFronteggOauthLogoutUrl","isHostedLogin","asPath","hostedLogoutUrl","getHostedLogoutUrl","headers","status","end","cookies","modifySetCookie","body","JSON","parse","accessToken","access_token","session","decodedJwt","createSessionFromAccessToken","sessionCookie","create","value","expires","Date","exp","secure","push","e","isSSOPostRequest","error","Object","keys","filter","header","forEach","setHeader","_default","exports","default"],"sources":["../../../../packages/nextjs/src/middleware/ProxyResponseCallback.ts"],"sourcesContent":["import { ProxyResCallback } from 'http-proxy';\nimport { IncomingMessage } from 'http';\nimport { NextApiResponse } from 'next';\nimport config from '../config';\nimport CookieManager from '../utils/cookies';\nimport { createSessionFromAccessToken } from '../common';\nimport { getHostedLogoutUrl, isFronteggLogoutUrl, isFronteggOauthLogoutUrl } from './helpers';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport { isSSOPostRequest } from '../utils/refreshAccessTokenIfNeeded/helpers';\n\nconst logger = fronteggLogger.child({ tag: 'FronteggApiMiddleware.ProxyResponseCallback' });\n/**\n * Proxy response callback fired on after each response from Frontegg services,\n * to transport frontegg modify cookies and generating encrypted JWT session cookie.\n *\n * @param {IncomingMessage} proxyRes - Proxy response from Frontegg services\n * @param {NextApiRequest} req - Next.js request sent from client-side\n * @param {NextApiResponse} res - Next.js response to send to client-side\n */\nconst ProxyResponseCallback: ProxyResCallback<IncomingMessage, NextApiResponse> = (proxyRes, req, res) => {\n let buffer = new Buffer('');\n let totalLength: number = 0;\n const isSecured = new URL(config.appUrl).protocol === 'https:';\n\n proxyRes.on('data', (chunk: Buffer) => {\n totalLength += chunk.length;\n buffer = Buffer.concat([buffer, chunk], totalLength);\n });\n proxyRes.on('end', async () => {\n try {\n const url = req.url!;\n const statusCode = proxyRes.statusCode ?? 500;\n const isSuccess = statusCode >= 200 && statusCode < 400;\n const bodyStr = buffer.toString('utf-8');\n const isLogout = isFronteggLogoutUrl(url);\n\n if (isLogout) {\n CookieManager.removeCookies({\n isSecured,\n cookieDomain: config.cookieDomain,\n res,\n req,\n });\n if (isFronteggOauthLogoutUrl(url) || config.isHostedLogin) {\n const { asPath: hostedLogoutUrl } = getHostedLogoutUrl(req.headers['referer']);\n res.status(302).end(hostedLogoutUrl);\n return;\n }\n res.status(statusCode).end(bodyStr);\n return;\n }\n\n const cookies = CookieManager.modifySetCookie(proxyRes.headers['set-cookie'], isSecured) ?? [];\n if (isSuccess) {\n try {\n if (bodyStr && bodyStr.length > 0) {\n const body = JSON.parse(bodyStr);\n if (body.accessToken || body.access_token) {\n const [session, decodedJwt] = await createSessionFromAccessToken(body);\n if (session) {\n const sessionCookie = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n req,\n });\n cookies.push(...sessionCookie);\n }\n }\n }\n } catch (e) {\n /** ignore api call if:\n * - Does not have accessToken / access_token\n * - Not json response\n */\n if (statusCode === 302 && isSSOPostRequest(url)) {\n /**\n * Ignore saml/oidc postLogin response with redirect\n */\n } else {\n logger.error('failed to create session', e, {\n url,\n statusCode,\n });\n }\n }\n Object.keys(proxyRes.headers)\n .filter((header) => header !== 'cookie')\n .forEach((header) => {\n res.setHeader(header, `${proxyRes.headers[header]}`);\n });\n res.setHeader('set-cookie', cookies);\n res.status(statusCode).end(bodyStr);\n } else {\n if (statusCode >= 400 && statusCode !== 404) {\n logger.error(`Middleware request failed statusCode: ${statusCode} for url: ${url}`);\n }\n Object.keys(proxyRes.headers)\n .filter((header) => header !== 'cookie')\n .forEach((header) => {\n res.setHeader(header, `${proxyRes.headers[header]}`);\n });\n res.setHeader('set-cookie', cookies);\n res.status(statusCode).end(bodyStr);\n }\n } catch (e: any) {\n logger.error('proxy failed to send request', e);\n res.status(500).end('Internal Server Error');\n }\n });\n};\n\nexport default ProxyResponseCallback;\n"],"mappings":";;;;;;;AAGA,IAAAA,OAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,QAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,QAAA,GAAAH,OAAA;AACA,IAAAI,eAAA,GAAAL,sBAAA,CAAAC,OAAA;AACA,IAAAK,SAAA,GAAAL,OAAA;AAEA,MAAMM,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;EAAEC,GAAG,EAAE;AAA8C,CAAC,CAAC;AAC3F;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,qBAAyE,GAAGA,CAACC,QAAQ,EAAEC,GAAG,EAAEC,GAAG,KAAK;EACxG,IAAIC,MAAM,GAAG,IAAIC,MAAM,CAAC,EAAE,CAAC;EAC3B,IAAIC,WAAmB,GAAG,CAAC;EAC3B,MAAMC,SAAS,GAAG,IAAIC,GAAG,CAACC,eAAM,CAACC,MAAM,CAAC,CAACC,QAAQ,KAAK,QAAQ;EAE9DV,QAAQ,CAACW,EAAE,CAAC,MAAM,EAAGC,KAAa,IAAK;IACrCP,WAAW,IAAIO,KAAK,CAACC,MAAM;IAC3BV,MAAM,GAAGC,MAAM,CAACU,MAAM,CAAC,CAACX,MAAM,EAAES,KAAK,CAAC,EAAEP,WAAW,CAAC;EACtD,CAAC,CAAC;EACFL,QAAQ,CAACW,EAAE,CAAC,KAAK,EAAE,YAAY;IAC7B,IAAI;MAAA,IAAAI,oBAAA,EAAAC,qBAAA;MACF,MAAMC,GAAG,GAAGhB,GAAG,CAACgB,GAAI;MACpB,MAAMC,UAAU,IAAAH,oBAAA,GAAGf,QAAQ,CAACkB,UAAU,YAAAH,oBAAA,GAAI,GAAG;MAC7C,MAAMI,SAAS,GAAGD,UAAU,IAAI,GAAG,IAAIA,UAAU,GAAG,GAAG;MACvD,MAAME,OAAO,GAAGjB,MAAM,CAACkB,QAAQ,CAAC,OAAO,CAAC;MACxC,MAAMC,QAAQ,GAAG,IAAAC,4BAAmB,EAACN,GAAG,CAAC;MAEzC,IAAIK,QAAQ,EAAE;QACZE,gBAAa,CAACC,aAAa,CAAC;UAC1BnB,SAAS;UACToB,YAAY,EAAElB,eAAM,CAACkB,YAAY;UACjCxB,GAAG;UACHD;QACF,CAAC,CAAC;QACF,IAAI,IAAA0B,iCAAwB,EAACV,GAAG,CAAC,IAAIT,eAAM,CAACoB,aAAa,EAAE;UACzD,MAAM;YAAEC,MAAM,EAAEC;UAAgB,CAAC,GAAG,IAAAC,2BAAkB,EAAC9B,GAAG,CAAC+B,OAAO,CAAC,SAAS,CAAC,CAAC;UAC9E9B,GAAG,CAAC+B,MAAM,CAAC,GAAG,CAAC,CAACC,GAAG,CAACJ,eAAe,CAAC;UACpC;QACF;QACA5B,GAAG,CAAC+B,MAAM,CAACf,UAAU,CAAC,CAACgB,GAAG,CAACd,OAAO,CAAC;QACnC;MACF;MAEA,MAAMe,OAAO,IAAAnB,qBAAA,GAAGQ,gBAAa,CAACY,eAAe,CAACpC,QAAQ,CAACgC,OAAO,CAAC,YAAY,CAAC,EAAE1B,SAAS,CAAC,YAAAU,qBAAA,GAAI,EAAE;MAC9F,IAAIG,SAAS,EAAE;QACb,IAAI;UACF,IAAIC,OAAO,IAAIA,OAAO,CAACP,MAAM,GAAG,CAAC,EAAE;YACjC,MAAMwB,IAAI,GAAGC,IAAI,CAACC,KAAK,CAACnB,OAAO,CAAC;YAChC,IAAIiB,IAAI,CAACG,WAAW,IAAIH,IAAI,CAACI,YAAY,EAAE;cACzC,MAAM,CAACC,OAAO,EAAEC,UAAU,CAAC,GAAG,MAAM,IAAAC,oCAA4B,EAACP,IAAI,CAAC;cACtE,IAAIK,OAAO,EAAE;gBACX,MAAMG,aAAa,GAAGrB,gBAAa,CAACsB,MAAM,CAAC;kBACzCC,KAAK,EAAEL,OAAO;kBACdM,OAAO,EAAE,IAAIC,IAAI,CAACN,UAAU,CAACO,GAAG,GAAG,IAAI,CAAC;kBACxCC,MAAM,EAAE7C,SAAS;kBACjBL;gBACF,CAAC,CAAC;gBACFkC,OAAO,CAACiB,IAAI,CAAC,GAAGP,aAAa,CAAC;cAChC;YACF;UACF;QACF,CAAC,CAAC,OAAOQ,CAAC,EAAE;UACV;AACV;AACA;AACA;UACU,IAAInC,UAAU,KAAK,GAAG,IAAI,IAAAoC,0BAAgB,EAACrC,GAAG,CAAC,EAAE;YAC/C;AACZ;AACA;UAFY,CAGD,MAAM;YACLtB,MAAM,CAAC4D,KAAK,CAAC,0BAA0B,EAAEF,CAAC,EAAE;cAC1CpC,GAAG;cACHC;YACF,CAAC,CAAC;UACJ;QACF;QACAsC,MAAM,CAACC,IAAI,CAACzD,QAAQ,CAACgC,OAAO,CAAC,CAC1B0B,MAAM,CAAEC,MAAM,IAAKA,MAAM,KAAK,QAAQ,CAAC,CACvCC,OAAO,CAAED,MAAM,IAAK;UACnBzD,GAAG,CAAC2D,SAAS,CAACF,MAAM,EAAG,GAAE3D,QAAQ,CAACgC,OAAO,CAAC2B,MAAM,CAAE,EAAC,CAAC;QACtD,CAAC,CAAC;QACJzD,GAAG,CAAC2D,SAAS,CAAC,YAAY,EAAE1B,OAAO,CAAC;QACpCjC,GAAG,CAAC+B,MAAM,CAACf,UAAU,CAAC,CAACgB,GAAG,CAACd,OAAO,CAAC;MACrC,CAAC,MAAM;QACL,IAAIF,UAAU,IAAI,GAAG,IAAIA,UAAU,KAAK,GAAG,EAAE;UAC3CvB,MAAM,CAAC4D,KAAK,CAAE,yCAAwCrC,UAAW,aAAYD,GAAI,EAAC,CAAC;QACrF;QACAuC,MAAM,CAACC,IAAI,CAACzD,QAAQ,CAACgC,OAAO,CAAC,CAC1B0B,MAAM,CAAEC,MAAM,IAAKA,MAAM,KAAK,QAAQ,CAAC,CACvCC,OAAO,CAAED,MAAM,IAAK;UACnBzD,GAAG,CAAC2D,SAAS,CAACF,MAAM,EAAG,GAAE3D,QAAQ,CAACgC,OAAO,CAAC2B,MAAM,CAAE,EAAC,CAAC;QACtD,CAAC,CAAC;QACJzD,GAAG,CAAC2D,SAAS,CAAC,YAAY,EAAE1B,OAAO,CAAC;QACpCjC,GAAG,CAAC+B,MAAM,CAACf,UAAU,CAAC,CAACgB,GAAG,CAACd,OAAO,CAAC;MACrC;IACF,CAAC,CAAC,OAAOiC,CAAM,EAAE;MACf1D,MAAM,CAAC4D,KAAK,CAAC,8BAA8B,EAAEF,CAAC,CAAC;MAC/CnD,GAAG,CAAC+B,MAAM,CAAC,GAAG,CAAC,CAACC,GAAG,CAAC,uBAAuB,CAAC;IAC9C;EACF,CAAC,CAAC;AACJ,CAAC;AAAC,IAAA4B,QAAA,GAEa/D,qBAAqB;AAAAgE,OAAA,CAAAC,OAAA,GAAAF,QAAA"}
|
package/package.json
CHANGED
|
@@ -8,10 +8,12 @@ exports.withFronteggApp = void 0;
|
|
|
8
8
|
var _extends2 = _interopRequireDefault(require("@babel/runtime/helpers/extends"));
|
|
9
9
|
var _react = _interopRequireDefault(require("react"));
|
|
10
10
|
var _FronteggPagesProvider = _interopRequireDefault(require("../FronteggPagesProvider"));
|
|
11
|
-
var
|
|
11
|
+
var _refreshAccessTokenIfNeeded = _interopRequireWildcard(require("../../utils/refreshAccessTokenIfNeeded"));
|
|
12
12
|
var _fetchUserData = _interopRequireDefault(require("../../utils/fetchUserData"));
|
|
13
13
|
var _config = _interopRequireDefault(require("../../config"));
|
|
14
14
|
var _jsxRuntime = require("react/jsx-runtime");
|
|
15
|
+
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
16
|
+
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
15
17
|
const withFronteggApp = (app, options) => {
|
|
16
18
|
const originalGetInitialProps = app.getInitialProps;
|
|
17
19
|
app.getInitialProps = async appContext => {
|
|
@@ -26,15 +28,24 @@ const withFronteggApp = (app, options) => {
|
|
|
26
28
|
tenants: null
|
|
27
29
|
};
|
|
28
30
|
if (ctx.req) {
|
|
31
|
+
var _ctx$req;
|
|
29
32
|
appEnvConfig = _config.default.appEnvConfig;
|
|
30
|
-
const
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
}
|
|
36
|
-
}
|
|
37
|
-
|
|
33
|
+
const url = (_ctx$req = ctx.req) == null ? void 0 : _ctx$req.url;
|
|
34
|
+
if (url && (0, _refreshAccessTokenIfNeeded.isRuntimeNextRequest)(url)) {
|
|
35
|
+
const session = await (0, _refreshAccessTokenIfNeeded.default)(ctx);
|
|
36
|
+
Object.assign(appContextSessionData, {
|
|
37
|
+
session
|
|
38
|
+
});
|
|
39
|
+
} else {
|
|
40
|
+
const userData = await (0, _fetchUserData.default)({
|
|
41
|
+
getSession: async () => await (0, _refreshAccessTokenIfNeeded.default)(ctx),
|
|
42
|
+
getHeaders: async () => {
|
|
43
|
+
var _ctx$req$headers, _ctx$req2;
|
|
44
|
+
return (_ctx$req$headers = (_ctx$req2 = ctx.req) == null ? void 0 : _ctx$req2.headers) != null ? _ctx$req$headers : {};
|
|
45
|
+
}
|
|
46
|
+
});
|
|
47
|
+
Object.assign(appContextSessionData, userData);
|
|
48
|
+
}
|
|
38
49
|
}
|
|
39
50
|
Object.assign(appContext, appContextSessionData);
|
|
40
51
|
return {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"withFronteggApp.js","names":["_react","_interopRequireDefault","require","_FronteggPagesProvider","
|
|
1
|
+
{"version":3,"file":"withFronteggApp.js","names":["_react","_interopRequireDefault","require","_FronteggPagesProvider","_refreshAccessTokenIfNeeded","_interopRequireWildcard","_fetchUserData","_config","_jsxRuntime","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","withFronteggApp","app","options","originalGetInitialProps","getInitialProps","appContext","ctx","Component","appEnvConfig","appContextSessionData","session","user","tenants","req","_ctx$req","config","url","isRuntimeNextRequest","refreshAccessTokenIfNeeded","assign","userData","fetchUserData","getSession","getHeaders","_ctx$req$headers","_ctx$req2","headers","pageProps","_extends2","CustomFronteggApp","appProps","activeTenant","envAppUrl","envBaseUrl","envClientId","jsx","children","exports"],"sources":["../../../../../packages/nextjs/src/pages/withFronteggApp/withFronteggApp.tsx"],"sourcesContent":["import React from 'react';\nimport type { AppContext, AppInitialProps, AppProps } from 'next/app';\nimport type { FronteggCustomAppClass, FronteggCustomApp, WithFronteggAppOptions } from './types';\nimport FronteggProvider from '../FronteggPagesProvider';\nimport refreshAccessTokenIfNeeded, { isRuntimeNextRequest } from '../../utils/refreshAccessTokenIfNeeded';\nimport fetchUserData from '../../utils/fetchUserData';\nimport config from '../../config';\nimport { AllUserData } from '../../types';\n\nexport const withFronteggApp = (app: FronteggCustomAppClass, options?: WithFronteggAppOptions): FronteggCustomApp => {\n const originalGetInitialProps = app.getInitialProps;\n\n app.getInitialProps = async (appContext: AppContext & AllUserData): Promise<AppInitialProps> => {\n const { ctx, Component } = appContext;\n\n let appEnvConfig = {};\n let appContextSessionData: AllUserData = {\n session: null,\n user: null,\n tenants: null,\n };\n\n if (ctx.req) {\n appEnvConfig = config.appEnvConfig;\n const url = ctx.req?.url;\n\n if (url && isRuntimeNextRequest(url)) {\n const session = await refreshAccessTokenIfNeeded(ctx);\n Object.assign(appContextSessionData, { session });\n } else {\n const userData = await fetchUserData({\n getSession: async () => await refreshAccessTokenIfNeeded(ctx),\n getHeaders: async () => ctx.req?.headers ?? {},\n });\n Object.assign(appContextSessionData, userData);\n }\n }\n\n Object.assign(appContext, appContextSessionData);\n\n return {\n pageProps: {\n ...(originalGetInitialProps ? await originalGetInitialProps(appContext) : {}),\n ...(Component.getInitialProps ? await Component.getInitialProps(ctx) : {}),\n ...(appContextSessionData.session == null ? {} : appContextSessionData),\n ...appEnvConfig,\n },\n };\n };\n\n function CustomFronteggApp(appProps: AppProps) {\n const { user, tenants, activeTenant, session, envAppUrl, envBaseUrl, envClientId } = appProps.pageProps;\n return (\n <FronteggProvider {...options} {...{ user, tenants, activeTenant, session, envAppUrl, envBaseUrl, envClientId }}>\n {app(appProps) as any}\n </FronteggProvider>\n );\n }\n\n CustomFronteggApp.getInitialProps = app.getInitialProps;\n\n return CustomFronteggApp as FronteggCustomApp;\n};\n"],"mappings":";;;;;;;;AAAA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AAGA,IAAAC,sBAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,2BAAA,GAAAC,uBAAA,CAAAH,OAAA;AACA,IAAAI,cAAA,GAAAL,sBAAA,CAAAC,OAAA;AACA,IAAAK,OAAA,GAAAN,sBAAA,CAAAC,OAAA;AAAkC,IAAAM,WAAA,GAAAN,OAAA;AAAA,SAAAO,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAG3B,MAAMW,eAAe,GAAGA,CAACC,GAA2B,EAAEC,OAAgC,KAAwB;EACnH,MAAMC,uBAAuB,GAAGF,GAAG,CAACG,eAAe;EAEnDH,GAAG,CAACG,eAAe,GAAG,MAAOC,UAAoC,IAA+B;IAC9F,MAAM;MAAEC,GAAG;MAAEC;IAAU,CAAC,GAAGF,UAAU;IAErC,IAAIG,YAAY,GAAG,CAAC,CAAC;IACrB,IAAIC,qBAAkC,GAAG;MACvCC,OAAO,EAAE,IAAI;MACbC,IAAI,EAAE,IAAI;MACVC,OAAO,EAAE;IACX,CAAC;IAED,IAAIN,GAAG,CAACO,GAAG,EAAE;MAAA,IAAAC,QAAA;MACXN,YAAY,GAAGO,eAAM,CAACP,YAAY;MAClC,MAAMQ,GAAG,IAAAF,QAAA,GAAGR,GAAG,CAACO,GAAG,qBAAPC,QAAA,CAASE,GAAG;MAExB,IAAIA,GAAG,IAAI,IAAAC,gDAAoB,EAACD,GAAG,CAAC,EAAE;QACpC,MAAMN,OAAO,GAAG,MAAM,IAAAQ,mCAA0B,EAACZ,GAAG,CAAC;QACrDf,MAAM,CAAC4B,MAAM,CAACV,qBAAqB,EAAE;UAAEC;QAAQ,CAAC,CAAC;MACnD,CAAC,MAAM;QACL,MAAMU,QAAQ,GAAG,MAAM,IAAAC,sBAAa,EAAC;UACnCC,UAAU,EAAE,MAAAA,CAAA,KAAY,MAAM,IAAAJ,mCAA0B,EAACZ,GAAG,CAAC;UAC7DiB,UAAU,EAAE,MAAAA,CAAA;YAAA,IAAAC,gBAAA,EAAAC,SAAA;YAAA,QAAAD,gBAAA,IAAAC,SAAA,GAAYnB,GAAG,CAACO,GAAG,qBAAPY,SAAA,CAASC,OAAO,YAAAF,gBAAA,GAAI,CAAC,CAAC;UAAA;QAChD,CAAC,CAAC;QACFjC,MAAM,CAAC4B,MAAM,CAACV,qBAAqB,EAAEW,QAAQ,CAAC;MAChD;IACF;IAEA7B,MAAM,CAAC4B,MAAM,CAACd,UAAU,EAAEI,qBAAqB,CAAC;IAEhD,OAAO;MACLkB,SAAS,MAAAC,SAAA,CAAA3C,OAAA,MACHkB,uBAAuB,GAAG,MAAMA,uBAAuB,CAACE,UAAU,CAAC,GAAG,CAAC,CAAC,EACxEE,SAAS,CAACH,eAAe,GAAG,MAAMG,SAAS,CAACH,eAAe,CAACE,GAAG,CAAC,GAAG,CAAC,CAAC,EACrEG,qBAAqB,CAACC,OAAO,IAAI,IAAI,GAAG,CAAC,CAAC,GAAGD,qBAAqB,EACnED,YAAY;IAEnB,CAAC;EACH,CAAC;EAED,SAASqB,iBAAiBA,CAACC,QAAkB,EAAE;IAC7C,MAAM;MAAEnB,IAAI;MAAEC,OAAO;MAAEmB,YAAY;MAAErB,OAAO;MAAEsB,SAAS;MAAEC,UAAU;MAAEC;IAAY,CAAC,GAAGJ,QAAQ,CAACH,SAAS;IACvG,oBACE,IAAAlD,WAAA,CAAA0D,GAAA,EAAC/D,sBAAA,CAAAa,OAAgB,MAAA2C,SAAA,CAAA3C,OAAA,MAAKiB,OAAO;MAAQS,IAAI;MAAEC,OAAO;MAAEmB,YAAY;MAAErB,OAAO;MAAEsB,SAAS;MAAEC,UAAU;MAAEC,WAAW;MAAAE,QAAA,EAC1GnC,GAAG,CAAC6B,QAAQ;IAAC,GACG;EAEvB;EAEAD,iBAAiB,CAACzB,eAAe,GAAGH,GAAG,CAACG,eAAe;EAEvD,OAAOyB,iBAAiB;AAC1B,CAAC;AAACQ,OAAA,CAAArC,eAAA,GAAAA,eAAA"}
|
package/sdkVersion.js
CHANGED
package/sdkVersion.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sdkVersion.js","names":["version","exports","default","_default"],"sources":["../../../packages/nextjs/src/sdkVersion.ts"],"sourcesContent":["export default { version: '8.0.
|
|
1
|
+
{"version":3,"file":"sdkVersion.js","names":["version","exports","default","_default"],"sources":["../../../packages/nextjs/src/sdkVersion.ts"],"sourcesContent":["export default { version: '8.0.17-alpha.8505427513' };\n"],"mappings":";;;;;;eAAe;EAAEA,OAAO,EAAE;AAA0B,CAAC;AAAAC,OAAA,CAAAC,OAAA,GAAAC,QAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"helpers.js","names":["_fronteggLogger","_interopRequireDefault","require","_cookies","_api","_common","hasRefreshTokenCookie","cookies","logger","fronteggLogger","child","tag","refreshTokenKey","CookieManager","debug","cookieKey","Object","keys","find","cookie","replace","exists","refreshAccessTokenEmbedded","request","headers","info","api","refreshTokenEmbedded","refreshAccessTokenHostedLogin","sealFromCookies","getSessionCookieFromRequest","tokens","getTokensFromCookie","refreshToken","refreshTokenHostedLogin","e","error","isRuntimeNextRequest","url","startsWith","isOauthCallback","isSamlCallback","isSSOPostRequest"],"sources":["../../../../../packages/nextjs/src/utils/refreshAccessTokenIfNeeded/helpers.ts"],"sourcesContent":["import fronteggLogger from '../fronteggLogger';\nimport CookieManager from '../cookies';\nimport { NextApiRequest } from 'next/dist/shared/lib/utils';\nimport api from '../../api';\nimport { getTokensFromCookie } from '../../common';\nimport { IncomingMessage } from 'http';\n\nexport function hasRefreshTokenCookie(cookies: Record<string, any>): boolean {\n const logger = fronteggLogger.child({ tag: 'refreshToken.hasRefreshTokenCookie' });\n const refreshTokenKey = CookieManager.refreshTokenKey;\n logger.debug(`Checking if '${refreshTokenKey}' exists in cookies`);\n const cookieKey = Object.keys(cookies).find((cookie) => {\n return cookie.replace(/-/g, '') === refreshTokenKey;\n });\n const exists: boolean = cookieKey != null;\n logger.debug(`Cookie '${refreshTokenKey}' ${exists ? 'exists' : 'NOT exists'} in cookies`);\n return exists;\n}\n\nexport async function refreshAccessTokenEmbedded(request: IncomingMessage): Promise<Response | null> {\n const logger = fronteggLogger.child({ tag: 'refreshToken.refreshAccessTokenEmbedded' });\n\n const headers = request.headers as Record<string, string>;\n const cookies = (request as NextApiRequest).cookies;\n\n logger.info('check if has refresh token headers');\n if (hasRefreshTokenCookie(cookies)) {\n logger.info('going to refresh token (embedded mode)');\n return await api.refreshTokenEmbedded(headers);\n }\n return null;\n}\n\nexport async function refreshAccessTokenHostedLogin(request: IncomingMessage): Promise<Response | null> {\n const logger = fronteggLogger.child({ tag: 'refreshToken.refreshAccessTokenHostedLogin' });\n const headers = request.headers as Record<string, string>;\n\n logger.info('trying to get token from cookies');\n\n const sealFromCookies = CookieManager.getSessionCookieFromRequest(request);\n try {\n const tokens = await getTokensFromCookie(sealFromCookies);\n if (!tokens?.refreshToken) {\n logger.info('refresh token not found');\n return null;\n }\n\n logger.info('going to refresh token (hosted-login mode)');\n return await api.refreshTokenHostedLogin(headers, tokens.refreshToken);\n } catch (e) {\n logger.error(e);\n return null;\n }\n}\n\n/**\n * If url starts with /_next/ means that the user trying to navigate\n * to a new nextjs page, in this scenario no need to refresh token\n * we can just return the actual stateless session from\n * the encrypted cookie\n */\nexport function isRuntimeNextRequest(url: string): boolean {\n return url.startsWith('/_next/');\n}\n\n/**\n * If url starts with '/oauth/callback' means that the user navigated back\n * from frontegg hosted login, in this scenario no need to SSR refresh token\n */\nexport function isOauthCallback(url: string): boolean {\n return url.startsWith('/oauth/callback');\n}\n\n/**\n * If url starts with '/account/saml/callback' means that the user navigated back\n * from sso login, in this scenario no need to SSR refresh token\n */\nexport function isSamlCallback(url: string): boolean {\n return url.startsWith('/account/saml/callback') || url.startsWith('/account/oidc/callback');\n}\n\n/**\n * If the url equals to '/frontegg/auth/{provider}/callback', it means that the SSO provider\n * is posting an http request to the nextjs backend middleware after successfully logged in the user\n */\nexport function isSSOPostRequest(url: string): boolean {\n return url === '/frontegg/auth/saml/callback' || url === '/frontegg/auth/oidc/callback';\n}\n"],"mappings":";;;;;;;;;;;;;AAAA,IAAAA,eAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,QAAA,GAAAF,sBAAA,CAAAC,OAAA;AAEA,IAAAE,IAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AAGO,SAASI,qBAAqBA,CAACC,OAA4B,EAAW;EAC3E,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAAqC,CAAC,CAAC;EAClF,MAAMC,eAAe,GAAGC,gBAAa,CAACD,eAAe;EACrDJ,MAAM,CAACM,KAAK,CAAE,gBAAeF,eAAgB,qBAAoB,CAAC;EAClE,MAAMG,SAAS,GAAGC,MAAM,CAACC,IAAI,CAACV,OAAO,CAAC,CAACW,IAAI,CAAEC,MAAM,IAAK;IACtD,OAAOA,MAAM,CAACC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,KAAKR,eAAe;EACrD,CAAC,CAAC;EACF,MAAMS,MAAe,GAAGN,SAAS,IAAI,IAAI;EACzCP,MAAM,CAACM,KAAK,CAAE,WAAUF,eAAgB,KAAIS,MAAM,GAAG,QAAQ,GAAG,YAAa,aAAY,CAAC;EAC1F,OAAOA,MAAM;AACf;AAEO,eAAeC,0BAA0BA,CAACC,OAAwB,EAA4B;EACnG,MAAMf,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA0C,CAAC,CAAC;EAEvF,MAAMa,OAAO,GAAGD,OAAO,CAACC,OAAiC;EACzD,MAAMjB,OAAO,GAAIgB,OAAO,CAAoBhB,OAAO;EAEnDC,MAAM,CAACiB,IAAI,CAAC,oCAAoC,CAAC;EACjD,IAAInB,qBAAqB,CAACC,OAAO,CAAC,EAAE;IAClCC,MAAM,CAACiB,IAAI,CAAC,wCAAwC,CAAC;IACrD,OAAO,MAAMC,YAAG,CAACC,oBAAoB,CAACH,OAAO,CAAC;EAChD;EACA,OAAO,IAAI;AACb;AAEO,eAAeI,6BAA6BA,CAACL,OAAwB,EAA4B;EACtG,MAAMf,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA6C,CAAC,CAAC;EAC1F,MAAMa,OAAO,GAAGD,OAAO,CAACC,OAAiC;EAEzDhB,MAAM,CAACiB,IAAI,CAAC,kCAAkC,CAAC;EAE/C,MAAMI,eAAe,GAAGhB,gBAAa,CAACiB,2BAA2B,CAACP,OAAO,CAAC;EAC1E,IAAI;IACF,MAAMQ,MAAM,GAAG,MAAM,IAAAC,2BAAmB,EAACH,eAAe,CAAC;IACzD,IAAI,EAACE,MAAM,YAANA,MAAM,CAAEE,YAAY,GAAE;MACzBzB,MAAM,CAACiB,IAAI,CAAC,yBAAyB,CAAC;MACtC,OAAO,IAAI;IACb;IAEAjB,MAAM,CAACiB,IAAI,CAAC,4CAA4C,CAAC;IACzD,OAAO,MAAMC,YAAG,CAACQ,uBAAuB,CAACV,OAAO,EAAEO,MAAM,CAACE,YAAY,CAAC;EACxE,CAAC,CAAC,OAAOE,CAAC,EAAE;IACV3B,MAAM,CAAC4B,KAAK,CAACD,CAAC,CAAC;IACf,OAAO,IAAI;EACb;AACF;;AAEA;AACA;AACA;AACA;AACA;AACA;AACO,SAASE,oBAAoBA,CAACC,GAAW,EAAW;EACzD,OAAOA,GAAG,CAACC,UAAU,CAAC,SAAS,CAAC;AAClC;;AAEA;AACA;AACA;AACA;AACO,SAASC,eAAeA,CAACF,GAAW,EAAW;EACpD,OAAOA,GAAG,CAACC,UAAU,CAAC,iBAAiB,CAAC;AAC1C;;AAEA;AACA;AACA;AACA;AACO,SAASE,cAAcA,CAACH,GAAW,EAAW;EACnD,OAAOA,GAAG,CAACC,UAAU,CAAC,wBAAwB,CAAC,IAAID,GAAG,CAACC,UAAU,CAAC,wBAAwB,CAAC;AAC7F;;AAEA;AACA;AACA;AACA;AACO,SAASG,gBAAgBA,CAACJ,GAAW,EAAW;EACrD,OAAOA,GAAG,KAAK,8BAA8B,IAAIA,GAAG,KAAK,8BAA8B;AACzF"}
|
|
@@ -1,9 +1,11 @@
|
|
|
1
1
|
import type { NextPageContext } from 'next/dist/shared/lib/utils';
|
|
2
2
|
import type { FronteggNextJSSession } from '../../types';
|
|
3
|
+
import { isRuntimeNextRequest } from './helpers';
|
|
4
|
+
export { isRuntimeNextRequest };
|
|
3
5
|
/**
|
|
4
6
|
* Refreshes the access token for the current session.
|
|
5
7
|
*
|
|
6
8
|
* @param {NextPageContext} ctx - The Next.js Page Context object.
|
|
7
9
|
* @returns {Promise<FronteggNextJSSession | null>} A Promise that resolves to the updated session object, or `null` if the refresh failed.
|
|
8
10
|
*/
|
|
9
|
-
export default function
|
|
11
|
+
export default function refreshAccessTokenIfNeeded(ctx: NextPageContext): Promise<FronteggNextJSSession | null>;
|
|
@@ -4,7 +4,13 @@ var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefau
|
|
|
4
4
|
Object.defineProperty(exports, "__esModule", {
|
|
5
5
|
value: true
|
|
6
6
|
});
|
|
7
|
-
exports.default =
|
|
7
|
+
exports.default = refreshAccessTokenIfNeeded;
|
|
8
|
+
Object.defineProperty(exports, "isRuntimeNextRequest", {
|
|
9
|
+
enumerable: true,
|
|
10
|
+
get: function () {
|
|
11
|
+
return _helpers.isRuntimeNextRequest;
|
|
12
|
+
}
|
|
13
|
+
});
|
|
8
14
|
var _common = require("../../common");
|
|
9
15
|
var _config = _interopRequireDefault(require("../../config"));
|
|
10
16
|
var _cookies = _interopRequireDefault(require("../cookies"));
|
|
@@ -18,9 +24,9 @@ var _createSession = _interopRequireDefault(require("../createSession"));
|
|
|
18
24
|
* @param {NextPageContext} ctx - The Next.js Page Context object.
|
|
19
25
|
* @returns {Promise<FronteggNextJSSession | null>} A Promise that resolves to the updated session object, or `null` if the refresh failed.
|
|
20
26
|
*/
|
|
21
|
-
async function
|
|
27
|
+
async function refreshAccessTokenIfNeeded(ctx) {
|
|
22
28
|
const logger = _fronteggLogger.default.child({
|
|
23
|
-
tag: '
|
|
29
|
+
tag: 'refreshAccessTokenIfNeeded'
|
|
24
30
|
});
|
|
25
31
|
logger.info(`Refreshing token by for PageContext ${ctx.pathname}`);
|
|
26
32
|
const nextJsRequest = ctx.req;
|
|
@@ -33,7 +39,7 @@ async function refreshAccessToken(ctx) {
|
|
|
33
39
|
try {
|
|
34
40
|
var _ref, _response$headers$raw, _response$headers, _response$headers$raw2, _response$headers2, _response$headers2$ge, _CookieManager$modify, _ctx$res, _data$accessToken;
|
|
35
41
|
logger.info(`Check if should request made from first application load`);
|
|
36
|
-
if ((0, _helpers.isRuntimeNextRequest)(url)) {
|
|
42
|
+
if ((0, _helpers.isRuntimeNextRequest)(url) || _config.default.disableInitialPropsRefreshToken) {
|
|
37
43
|
logger.debug(`Detect runtime next.js request, resolving existing session from cookies if exists`);
|
|
38
44
|
const cookies = _cookies.default.getSessionCookieFromRequest(nextJsRequest);
|
|
39
45
|
const session = await (0, _createSession.default)(cookies, _encryption.default);
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","names":["_common","require","_config","_interopRequireDefault","_cookies","_helpers","_fronteggLogger","_encryption","_createSession","refreshAccessTokenIfNeeded","ctx","logger","fronteggLogger","child","tag","info","pathname","nextJsRequest","req","nextJsResponse","res","url","debug","_ref","_response$headers$raw","_response$headers","_response$headers$raw2","_response$headers2","_response$headers2$ge","_CookieManager$modify","_ctx$res","_data$accessToken","isRuntimeNextRequest","config","disableInitialPropsRefreshToken","cookies","CookieManager","getSessionCookieFromRequest","session","createSession","encryption","isOauthCallback","isSamlCallback","response","isHostedLogin","refreshAccessTokenHostedLogin","refreshAccessTokenEmbedded","isSecured","isSSL","ok","removeCookies","cookieDomain","data","json","cookieHeader","headers","raw","call","getSetCookie","newSetCookie","modifySetCookie","decodedJwt","refreshToken","createSessionFromAccessToken","cookieValue","create","value","expires","Date","exp","secure","push","setHeader","accessToken","access_token","user","e","error"],"sources":["../../../../../packages/nextjs/src/utils/refreshAccessTokenIfNeeded/index.ts"],"sourcesContent":["import type { NextPageContext } from 'next/dist/shared/lib/utils';\nimport type { FronteggNextJSSession } from '../../types';\nimport { createSessionFromAccessToken } from '../../common';\nimport config from '../../config';\nimport CookieManager from '../cookies';\nimport {\n isOauthCallback,\n isRuntimeNextRequest,\n isSamlCallback,\n refreshAccessTokenEmbedded,\n refreshAccessTokenHostedLogin,\n} from './helpers';\nimport fronteggLogger from '../fronteggLogger';\nimport encryption from '../encryption';\nimport createSession from '../createSession';\n\nexport { isRuntimeNextRequest };\n/**\n * Refreshes the access token for the current session.\n *\n * @param {NextPageContext} ctx - The Next.js Page Context object.\n * @returns {Promise<FronteggNextJSSession | null>} A Promise that resolves to the updated session object, or `null` if the refresh failed.\n */\nexport default async function refreshAccessTokenIfNeeded(ctx: NextPageContext): Promise<FronteggNextJSSession | null> {\n const logger = fronteggLogger.child({ tag: 'refreshAccessTokenIfNeeded' });\n logger.info(`Refreshing token by for PageContext ${ctx.pathname}`);\n const nextJsRequest = ctx.req;\n const nextJsResponse = ctx.res;\n const url = nextJsRequest?.url;\n if (!nextJsResponse || !nextJsRequest || !url) {\n logger.debug(`abandon refreshToken due to PageContext.req = null`);\n return null;\n }\n\n try {\n logger.info(`Check if should request made from first application load`);\n\n if (isRuntimeNextRequest(url) || config.disableInitialPropsRefreshToken) {\n logger.debug(`Detect runtime next.js request, resolving existing session from cookies if exists`);\n\n const cookies = CookieManager.getSessionCookieFromRequest(nextJsRequest);\n const session = await createSession(cookies, encryption);\n\n if (session) {\n logger.debug(`session resolved from session cookie`);\n return session;\n } else {\n logger.info('Failed to resolve session from cookie, going to refresh token');\n }\n }\n\n if (isOauthCallback(url) || isSamlCallback(url)) {\n /* Prevent refresh token due to oauth login callback */\n logger.debug(`abandon refreshToken for url='/oauth/callback'`);\n return null;\n }\n\n let response: Response | null;\n if (config.isHostedLogin) {\n response = await refreshAccessTokenHostedLogin(nextJsRequest);\n } else {\n response = await refreshAccessTokenEmbedded(nextJsRequest);\n }\n\n const isSecured = config.isSSL;\n if (response === null || !response.ok) {\n CookieManager.removeCookies({\n cookieDomain: config.cookieDomain,\n isSecured,\n req: nextJsRequest,\n res: nextJsResponse,\n });\n return null;\n }\n\n const data = await response.json();\n\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n const cookieHeader: string[] = response.headers?.raw?.()['set-cookie'] ?? response.headers?.getSetCookie?.() ?? [];\n const newSetCookie = CookieManager.modifySetCookie(cookieHeader, isSecured) ?? [];\n\n const [session, decodedJwt, refreshToken] = await createSessionFromAccessToken(data);\n\n if (!session) {\n return null;\n }\n const cookieValue = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n req: nextJsRequest,\n });\n newSetCookie.push(...cookieValue);\n ctx.res?.setHeader('set-cookie', newSetCookie);\n\n return {\n accessToken: data.accessToken ?? data.access_token,\n user: decodedJwt,\n refreshToken,\n };\n } catch (e) {\n logger.error('[refreshToken] Failed to create session e', e);\n return null;\n }\n}\n"],"mappings":";;;;;;;;;;;;;AAEA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,QAAA,GAAAD,sBAAA,CAAAF,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AAOA,IAAAK,eAAA,GAAAH,sBAAA,CAAAF,OAAA;AACA,IAAAM,WAAA,GAAAJ,sBAAA,CAAAF,OAAA;AACA,IAAAO,cAAA,GAAAL,sBAAA,CAAAF,OAAA;AAGA;AACA;AACA;AACA;AACA;AACA;AACe,eAAeQ,0BAA0BA,CAACC,GAAoB,EAAyC;EACpH,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA6B,CAAC,CAAC;EAC1EH,MAAM,CAACI,IAAI,CAAE,uCAAsCL,GAAG,CAACM,QAAS,EAAC,CAAC;EAClE,MAAMC,aAAa,GAAGP,GAAG,CAACQ,GAAG;EAC7B,MAAMC,cAAc,GAAGT,GAAG,CAACU,GAAG;EAC9B,MAAMC,GAAG,GAAGJ,aAAa,oBAAbA,aAAa,CAAEI,GAAG;EAC9B,IAAI,CAACF,cAAc,IAAI,CAACF,aAAa,IAAI,CAACI,GAAG,EAAE;IAC7CV,MAAM,CAACW,KAAK,CAAE,oDAAmD,CAAC;IAClE,OAAO,IAAI;EACb;EAEA,IAAI;IAAA,IAAAC,IAAA,EAAAC,qBAAA,EAAAC,iBAAA,EAAAC,sBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,QAAA,EAAAC,iBAAA;IACFpB,MAAM,CAACI,IAAI,CAAE,0DAAyD,CAAC;IAEvE,IAAI,IAAAiB,6BAAoB,EAACX,GAAG,CAAC,IAAIY,eAAM,CAACC,+BAA+B,EAAE;MACvEvB,MAAM,CAACW,KAAK,CAAE,mFAAkF,CAAC;MAEjG,MAAMa,OAAO,GAAGC,gBAAa,CAACC,2BAA2B,CAACpB,aAAa,CAAC;MACxE,MAAMqB,OAAO,GAAG,MAAM,IAAAC,sBAAa,EAACJ,OAAO,EAAEK,mBAAU,CAAC;MAExD,IAAIF,OAAO,EAAE;QACX3B,MAAM,CAACW,KAAK,CAAE,sCAAqC,CAAC;QACpD,OAAOgB,OAAO;MAChB,CAAC,MAAM;QACL3B,MAAM,CAACI,IAAI,CAAC,+DAA+D,CAAC;MAC9E;IACF;IAEA,IAAI,IAAA0B,wBAAe,EAACpB,GAAG,CAAC,IAAI,IAAAqB,uBAAc,EAACrB,GAAG,CAAC,EAAE;MAC/C;MACAV,MAAM,CAACW,KAAK,CAAE,gDAA+C,CAAC;MAC9D,OAAO,IAAI;IACb;IAEA,IAAIqB,QAAyB;IAC7B,IAAIV,eAAM,CAACW,aAAa,EAAE;MACxBD,QAAQ,GAAG,MAAM,IAAAE,sCAA6B,EAAC5B,aAAa,CAAC;IAC/D,CAAC,MAAM;MACL0B,QAAQ,GAAG,MAAM,IAAAG,mCAA0B,EAAC7B,aAAa,CAAC;IAC5D;IAEA,MAAM8B,SAAS,GAAGd,eAAM,CAACe,KAAK;IAC9B,IAAIL,QAAQ,KAAK,IAAI,IAAI,CAACA,QAAQ,CAACM,EAAE,EAAE;MACrCb,gBAAa,CAACc,aAAa,CAAC;QAC1BC,YAAY,EAAElB,eAAM,CAACkB,YAAY;QACjCJ,SAAS;QACT7B,GAAG,EAAED,aAAa;QAClBG,GAAG,EAAED;MACP,CAAC,CAAC;MACF,OAAO,IAAI;IACb;IAEA,MAAMiC,IAAI,GAAG,MAAMT,QAAQ,CAACU,IAAI,EAAE;;IAElC;IACA,MAAMC,YAAsB,IAAA/B,IAAA,IAAAC,qBAAA,IAAAC,iBAAA,GAAGkB,QAAQ,CAACY,OAAO,sBAAA7B,sBAAA,GAAhBD,iBAAA,CAAkB+B,GAAG,qBAArB9B,sBAAA,CAAA+B,IAAA,CAAAhC,iBAAA,CAAyB,CAAC,YAAY,CAAC,YAAAD,qBAAA,IAAAG,kBAAA,GAAIgB,QAAQ,CAACY,OAAO,sBAAA3B,qBAAA,GAAhBD,kBAAA,CAAkB+B,YAAY,qBAA9B9B,qBAAA,CAAA6B,IAAA,CAAA9B,kBAAA,CAAkC,YAAAJ,IAAA,GAAI,EAAE;IAClH,MAAMoC,YAAY,IAAA9B,qBAAA,GAAGO,gBAAa,CAACwB,eAAe,CAACN,YAAY,EAAEP,SAAS,CAAC,YAAAlB,qBAAA,GAAI,EAAE;IAEjF,MAAM,CAACS,OAAO,EAAEuB,UAAU,EAAEC,YAAY,CAAC,GAAG,MAAM,IAAAC,oCAA4B,EAACX,IAAI,CAAC;IAEpF,IAAI,CAACd,OAAO,EAAE;MACZ,OAAO,IAAI;IACb;IACA,MAAM0B,WAAW,GAAG5B,gBAAa,CAAC6B,MAAM,CAAC;MACvCC,KAAK,EAAE5B,OAAO;MACd6B,OAAO,EAAE,IAAIC,IAAI,CAACP,UAAU,CAACQ,GAAG,GAAG,IAAI,CAAC;MACxCC,MAAM,EAAEvB,SAAS;MACjB7B,GAAG,EAAED;IACP,CAAC,CAAC;IACF0C,YAAY,CAACY,IAAI,CAAC,GAAGP,WAAW,CAAC;IACjC,CAAAlC,QAAA,GAAApB,GAAG,CAACU,GAAG,qBAAPU,QAAA,CAAS0C,SAAS,CAAC,YAAY,EAAEb,YAAY,CAAC;IAE9C,OAAO;MACLc,WAAW,GAAA1C,iBAAA,GAAEqB,IAAI,CAACqB,WAAW,YAAA1C,iBAAA,GAAIqB,IAAI,CAACsB,YAAY;MAClDC,IAAI,EAAEd,UAAU;MAChBC;IACF,CAAC;EACH,CAAC,CAAC,OAAOc,CAAC,EAAE;IACVjE,MAAM,CAACkE,KAAK,CAAC,2CAA2C,EAAED,CAAC,CAAC;IAC5D,OAAO,IAAI;EACb;AACF"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"helpers.js","names":["_fronteggLogger","_interopRequireDefault","require","_cookies","_api","_common","hasRefreshTokenCookie","cookies","logger","fronteggLogger","child","tag","refreshTokenKey","CookieManager","debug","cookieKey","Object","keys","find","cookie","replace","exists","refreshAccessTokenEmbedded","request","headers","info","api","refreshTokenEmbedded","refreshAccessTokenHostedLogin","sealFromCookies","getSessionCookieFromRequest","tokens","getTokensFromCookie","refreshToken","refreshTokenHostedLogin","e","error","isRuntimeNextRequest","url","startsWith","isOauthCallback","isSamlCallback","isSSOPostRequest"],"sources":["../../../../../packages/nextjs/src/utils/refreshAccessToken/helpers.ts"],"sourcesContent":["import fronteggLogger from '../fronteggLogger';\nimport CookieManager from '../cookies';\nimport { NextApiRequest } from 'next/dist/shared/lib/utils';\nimport api from '../../api';\nimport { getTokensFromCookie } from '../../common';\nimport { IncomingMessage } from 'http';\n\nexport function hasRefreshTokenCookie(cookies: Record<string, any>): boolean {\n const logger = fronteggLogger.child({ tag: 'refreshToken.hasRefreshTokenCookie' });\n const refreshTokenKey = CookieManager.refreshTokenKey;\n logger.debug(`Checking if '${refreshTokenKey}' exists in cookies`);\n const cookieKey = Object.keys(cookies).find((cookie) => {\n return cookie.replace(/-/g, '') === refreshTokenKey;\n });\n const exists: boolean = cookieKey != null;\n logger.debug(`Cookie '${refreshTokenKey}' ${exists ? 'exists' : 'NOT exists'} in cookies`);\n return exists;\n}\n\nexport async function refreshAccessTokenEmbedded(request: IncomingMessage): Promise<Response | null> {\n const logger = fronteggLogger.child({ tag: 'refreshToken.refreshAccessTokenEmbedded' });\n\n const headers = request.headers as Record<string, string>;\n const cookies = (request as NextApiRequest).cookies;\n\n logger.info('check if has refresh token headers');\n if (hasRefreshTokenCookie(cookies)) {\n logger.info('going to refresh token (embedded mode)');\n return await api.refreshTokenEmbedded(headers);\n }\n return null;\n}\n\nexport async function refreshAccessTokenHostedLogin(request: IncomingMessage): Promise<Response | null> {\n const logger = fronteggLogger.child({ tag: 'refreshToken.refreshAccessTokenHostedLogin' });\n const headers = request.headers as Record<string, string>;\n logger.info('trying to get token from cookies');\n\n const sealFromCookies = CookieManager.getSessionCookieFromRequest(request);\n try {\n const tokens = await getTokensFromCookie(sealFromCookies);\n if (!tokens?.refreshToken) {\n logger.info('refresh token not found');\n return null;\n }\n\n logger.info('going to refresh token (hosted-login mode)');\n return await api.refreshTokenHostedLogin(headers, tokens.refreshToken);\n } catch (e) {\n logger.error(e);\n return null;\n }\n}\n\n/**\n * If url starts with /_next/ means that the user trying to navigate\n * to a new nextjs page, in this scenario no need to refresh token\n * we can just return the actual stateless session from\n * the encrypted cookie\n */\nexport function isRuntimeNextRequest(url: string): boolean {\n return url.startsWith('/_next/');\n}\n\n/**\n * If url starts with '/oauth/callback' means that the user navigated back\n * from frontegg hosted login, in this scenario no need to SSR refresh token\n */\nexport function isOauthCallback(url: string): boolean {\n return url.startsWith('/oauth/callback');\n}\n\n/**\n * If url starts with '/account/saml/callback' means that the user navigated back\n * from sso login, in this scenario no need to SSR refresh token\n */\nexport function isSamlCallback(url: string): boolean {\n return url.startsWith('/account/saml/callback') || url.startsWith('/account/oidc/callback');\n}\n\n/**\n * If the url equals to '/frontegg/auth/{provider}/callback', it means that the SSO provider\n * is posting an http request to the nextjs backend middleware after successfully logged in the user\n */\nexport function isSSOPostRequest(url: string): boolean {\n return url === '/frontegg/auth/saml/callback' || url === '/frontegg/auth/oidc/callback';\n}\n"],"mappings":";;;;;;;;;;;;;AAAA,IAAAA,eAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,QAAA,GAAAF,sBAAA,CAAAC,OAAA;AAEA,IAAAE,IAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AAGO,SAASI,qBAAqBA,CAACC,OAA4B,EAAW;EAC3E,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAAqC,CAAC,CAAC;EAClF,MAAMC,eAAe,GAAGC,gBAAa,CAACD,eAAe;EACrDJ,MAAM,CAACM,KAAK,CAAE,gBAAeF,eAAgB,qBAAoB,CAAC;EAClE,MAAMG,SAAS,GAAGC,MAAM,CAACC,IAAI,CAACV,OAAO,CAAC,CAACW,IAAI,CAAEC,MAAM,IAAK;IACtD,OAAOA,MAAM,CAACC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,KAAKR,eAAe;EACrD,CAAC,CAAC;EACF,MAAMS,MAAe,GAAGN,SAAS,IAAI,IAAI;EACzCP,MAAM,CAACM,KAAK,CAAE,WAAUF,eAAgB,KAAIS,MAAM,GAAG,QAAQ,GAAG,YAAa,aAAY,CAAC;EAC1F,OAAOA,MAAM;AACf;AAEO,eAAeC,0BAA0BA,CAACC,OAAwB,EAA4B;EACnG,MAAMf,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA0C,CAAC,CAAC;EAEvF,MAAMa,OAAO,GAAGD,OAAO,CAACC,OAAiC;EACzD,MAAMjB,OAAO,GAAIgB,OAAO,CAAoBhB,OAAO;EAEnDC,MAAM,CAACiB,IAAI,CAAC,oCAAoC,CAAC;EACjD,IAAInB,qBAAqB,CAACC,OAAO,CAAC,EAAE;IAClCC,MAAM,CAACiB,IAAI,CAAC,wCAAwC,CAAC;IACrD,OAAO,MAAMC,YAAG,CAACC,oBAAoB,CAACH,OAAO,CAAC;EAChD;EACA,OAAO,IAAI;AACb;AAEO,eAAeI,6BAA6BA,CAACL,OAAwB,EAA4B;EACtG,MAAMf,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA6C,CAAC,CAAC;EAC1F,MAAMa,OAAO,GAAGD,OAAO,CAACC,OAAiC;EACzDhB,MAAM,CAACiB,IAAI,CAAC,kCAAkC,CAAC;EAE/C,MAAMI,eAAe,GAAGhB,gBAAa,CAACiB,2BAA2B,CAACP,OAAO,CAAC;EAC1E,IAAI;IACF,MAAMQ,MAAM,GAAG,MAAM,IAAAC,2BAAmB,EAACH,eAAe,CAAC;IACzD,IAAI,EAACE,MAAM,YAANA,MAAM,CAAEE,YAAY,GAAE;MACzBzB,MAAM,CAACiB,IAAI,CAAC,yBAAyB,CAAC;MACtC,OAAO,IAAI;IACb;IAEAjB,MAAM,CAACiB,IAAI,CAAC,4CAA4C,CAAC;IACzD,OAAO,MAAMC,YAAG,CAACQ,uBAAuB,CAACV,OAAO,EAAEO,MAAM,CAACE,YAAY,CAAC;EACxE,CAAC,CAAC,OAAOE,CAAC,EAAE;IACV3B,MAAM,CAAC4B,KAAK,CAACD,CAAC,CAAC;IACf,OAAO,IAAI;EACb;AACF;;AAEA;AACA;AACA;AACA;AACA;AACA;AACO,SAASE,oBAAoBA,CAACC,GAAW,EAAW;EACzD,OAAOA,GAAG,CAACC,UAAU,CAAC,SAAS,CAAC;AAClC;;AAEA;AACA;AACA;AACA;AACO,SAASC,eAAeA,CAACF,GAAW,EAAW;EACpD,OAAOA,GAAG,CAACC,UAAU,CAAC,iBAAiB,CAAC;AAC1C;;AAEA;AACA;AACA;AACA;AACO,SAASE,cAAcA,CAACH,GAAW,EAAW;EACnD,OAAOA,GAAG,CAACC,UAAU,CAAC,wBAAwB,CAAC,IAAID,GAAG,CAACC,UAAU,CAAC,wBAAwB,CAAC;AAC7F;;AAEA;AACA;AACA;AACA;AACO,SAASG,gBAAgBA,CAACJ,GAAW,EAAW;EACrD,OAAOA,GAAG,KAAK,8BAA8B,IAAIA,GAAG,KAAK,8BAA8B;AACzF"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":["_common","require","_config","_interopRequireDefault","_cookies","_helpers","_fronteggLogger","_encryption","_createSession","refreshAccessToken","ctx","logger","fronteggLogger","child","tag","info","pathname","nextJsRequest","req","nextJsResponse","res","url","debug","_ref","_response$headers$raw","_response$headers","_response$headers$raw2","_response$headers2","_response$headers2$ge","_CookieManager$modify","_ctx$res","_data$accessToken","isRuntimeNextRequest","cookies","CookieManager","getSessionCookieFromRequest","session","createSession","encryption","isOauthCallback","isSamlCallback","response","config","isHostedLogin","refreshAccessTokenHostedLogin","refreshAccessTokenEmbedded","isSecured","isSSL","ok","removeCookies","cookieDomain","data","json","cookieHeader","headers","raw","call","getSetCookie","newSetCookie","modifySetCookie","decodedJwt","refreshToken","createSessionFromAccessToken","cookieValue","create","value","expires","Date","exp","secure","push","setHeader","accessToken","access_token","user","e","error"],"sources":["../../../../../packages/nextjs/src/utils/refreshAccessToken/index.ts"],"sourcesContent":["import type { NextPageContext } from 'next/dist/shared/lib/utils';\nimport type { FronteggNextJSSession } from '../../types';\nimport { createSessionFromAccessToken } from '../../common';\nimport config from '../../config';\nimport CookieManager from '../cookies';\nimport {\n isOauthCallback,\n isRuntimeNextRequest,\n isSamlCallback,\n refreshAccessTokenEmbedded,\n refreshAccessTokenHostedLogin,\n} from './helpers';\nimport fronteggLogger from '../fronteggLogger';\nimport encryption from '../encryption';\nimport createSession from '../createSession';\n\n/**\n * Refreshes the access token for the current session.\n *\n * @param {NextPageContext} ctx - The Next.js Page Context object.\n * @returns {Promise<FronteggNextJSSession | null>} A Promise that resolves to the updated session object, or `null` if the refresh failed.\n */\nexport default async function refreshAccessToken(ctx: NextPageContext): Promise<FronteggNextJSSession | null> {\n const logger = fronteggLogger.child({ tag: 'refreshAccessToken' });\n logger.info(`Refreshing token by for PageContext ${ctx.pathname}`);\n const nextJsRequest = ctx.req;\n const nextJsResponse = ctx.res;\n const url = nextJsRequest?.url;\n if (!nextJsResponse || !nextJsRequest || !url) {\n logger.debug(`abandon refreshToken due to PageContext.req = null`);\n return null;\n }\n\n try {\n logger.info(`Check if should request made from first application load`);\n\n if (isRuntimeNextRequest(url)) {\n logger.debug(`Detect runtime next.js request, resolving existing session from cookies if exists`);\n\n const cookies = CookieManager.getSessionCookieFromRequest(nextJsRequest);\n const session = await createSession(cookies, encryption);\n\n if (session) {\n logger.debug(`session resolved from session cookie`);\n return session;\n } else {\n logger.info('Failed to resolve session from cookie, going to refresh token');\n }\n }\n\n if (isOauthCallback(url) || isSamlCallback(url)) {\n /* Prevent refresh token due to oauth login callback */\n logger.debug(`abandon refreshToken for url='/oauth/callback'`);\n return null;\n }\n\n let response: Response | null;\n if (config.isHostedLogin) {\n response = await refreshAccessTokenHostedLogin(nextJsRequest);\n } else {\n response = await refreshAccessTokenEmbedded(nextJsRequest);\n }\n\n const isSecured = config.isSSL;\n if (response === null || !response.ok) {\n CookieManager.removeCookies({\n cookieDomain: config.cookieDomain,\n isSecured,\n req: nextJsRequest,\n res: nextJsResponse,\n });\n return null;\n }\n\n const data = await response.json();\n\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n const cookieHeader: string[] = response.headers?.raw?.()['set-cookie'] ?? response.headers?.getSetCookie?.() ?? [];\n const newSetCookie = CookieManager.modifySetCookie(cookieHeader, isSecured) ?? [];\n\n const [session, decodedJwt, refreshToken] = await createSessionFromAccessToken(data);\n\n if (!session) {\n return null;\n }\n const cookieValue = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n req: nextJsRequest,\n });\n newSetCookie.push(...cookieValue);\n ctx.res?.setHeader('set-cookie', newSetCookie);\n\n return {\n accessToken: data.accessToken ?? data.access_token,\n user: decodedJwt,\n refreshToken,\n };\n } catch (e) {\n logger.error('[refreshToken] Failed to create session e', e);\n return null;\n }\n}\n"],"mappings":";;;;;;;AAEA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,QAAA,GAAAD,sBAAA,CAAAF,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AAOA,IAAAK,eAAA,GAAAH,sBAAA,CAAAF,OAAA;AACA,IAAAM,WAAA,GAAAJ,sBAAA,CAAAF,OAAA;AACA,IAAAO,cAAA,GAAAL,sBAAA,CAAAF,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACe,eAAeQ,kBAAkBA,CAACC,GAAoB,EAAyC;EAC5G,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAAqB,CAAC,CAAC;EAClEH,MAAM,CAACI,IAAI,CAAE,uCAAsCL,GAAG,CAACM,QAAS,EAAC,CAAC;EAClE,MAAMC,aAAa,GAAGP,GAAG,CAACQ,GAAG;EAC7B,MAAMC,cAAc,GAAGT,GAAG,CAACU,GAAG;EAC9B,MAAMC,GAAG,GAAGJ,aAAa,oBAAbA,aAAa,CAAEI,GAAG;EAC9B,IAAI,CAACF,cAAc,IAAI,CAACF,aAAa,IAAI,CAACI,GAAG,EAAE;IAC7CV,MAAM,CAACW,KAAK,CAAE,oDAAmD,CAAC;IAClE,OAAO,IAAI;EACb;EAEA,IAAI;IAAA,IAAAC,IAAA,EAAAC,qBAAA,EAAAC,iBAAA,EAAAC,sBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,QAAA,EAAAC,iBAAA;IACFpB,MAAM,CAACI,IAAI,CAAE,0DAAyD,CAAC;IAEvE,IAAI,IAAAiB,6BAAoB,EAACX,GAAG,CAAC,EAAE;MAC7BV,MAAM,CAACW,KAAK,CAAE,mFAAkF,CAAC;MAEjG,MAAMW,OAAO,GAAGC,gBAAa,CAACC,2BAA2B,CAAClB,aAAa,CAAC;MACxE,MAAMmB,OAAO,GAAG,MAAM,IAAAC,sBAAa,EAACJ,OAAO,EAAEK,mBAAU,CAAC;MAExD,IAAIF,OAAO,EAAE;QACXzB,MAAM,CAACW,KAAK,CAAE,sCAAqC,CAAC;QACpD,OAAOc,OAAO;MAChB,CAAC,MAAM;QACLzB,MAAM,CAACI,IAAI,CAAC,+DAA+D,CAAC;MAC9E;IACF;IAEA,IAAI,IAAAwB,wBAAe,EAAClB,GAAG,CAAC,IAAI,IAAAmB,uBAAc,EAACnB,GAAG,CAAC,EAAE;MAC/C;MACAV,MAAM,CAACW,KAAK,CAAE,gDAA+C,CAAC;MAC9D,OAAO,IAAI;IACb;IAEA,IAAImB,QAAyB;IAC7B,IAAIC,eAAM,CAACC,aAAa,EAAE;MACxBF,QAAQ,GAAG,MAAM,IAAAG,sCAA6B,EAAC3B,aAAa,CAAC;IAC/D,CAAC,MAAM;MACLwB,QAAQ,GAAG,MAAM,IAAAI,mCAA0B,EAAC5B,aAAa,CAAC;IAC5D;IAEA,MAAM6B,SAAS,GAAGJ,eAAM,CAACK,KAAK;IAC9B,IAAIN,QAAQ,KAAK,IAAI,IAAI,CAACA,QAAQ,CAACO,EAAE,EAAE;MACrCd,gBAAa,CAACe,aAAa,CAAC;QAC1BC,YAAY,EAAER,eAAM,CAACQ,YAAY;QACjCJ,SAAS;QACT5B,GAAG,EAAED,aAAa;QAClBG,GAAG,EAAED;MACP,CAAC,CAAC;MACF,OAAO,IAAI;IACb;IAEA,MAAMgC,IAAI,GAAG,MAAMV,QAAQ,CAACW,IAAI,EAAE;;IAElC;IACA,MAAMC,YAAsB,IAAA9B,IAAA,IAAAC,qBAAA,IAAAC,iBAAA,GAAGgB,QAAQ,CAACa,OAAO,sBAAA5B,sBAAA,GAAhBD,iBAAA,CAAkB8B,GAAG,qBAArB7B,sBAAA,CAAA8B,IAAA,CAAA/B,iBAAA,CAAyB,CAAC,YAAY,CAAC,YAAAD,qBAAA,IAAAG,kBAAA,GAAIc,QAAQ,CAACa,OAAO,sBAAA1B,qBAAA,GAAhBD,kBAAA,CAAkB8B,YAAY,qBAA9B7B,qBAAA,CAAA4B,IAAA,CAAA7B,kBAAA,CAAkC,YAAAJ,IAAA,GAAI,EAAE;IAClH,MAAMmC,YAAY,IAAA7B,qBAAA,GAAGK,gBAAa,CAACyB,eAAe,CAACN,YAAY,EAAEP,SAAS,CAAC,YAAAjB,qBAAA,GAAI,EAAE;IAEjF,MAAM,CAACO,OAAO,EAAEwB,UAAU,EAAEC,YAAY,CAAC,GAAG,MAAM,IAAAC,oCAA4B,EAACX,IAAI,CAAC;IAEpF,IAAI,CAACf,OAAO,EAAE;MACZ,OAAO,IAAI;IACb;IACA,MAAM2B,WAAW,GAAG7B,gBAAa,CAAC8B,MAAM,CAAC;MACvCC,KAAK,EAAE7B,OAAO;MACd8B,OAAO,EAAE,IAAIC,IAAI,CAACP,UAAU,CAACQ,GAAG,GAAG,IAAI,CAAC;MACxCC,MAAM,EAAEvB,SAAS;MACjB5B,GAAG,EAAED;IACP,CAAC,CAAC;IACFyC,YAAY,CAACY,IAAI,CAAC,GAAGP,WAAW,CAAC;IACjC,CAAAjC,QAAA,GAAApB,GAAG,CAACU,GAAG,qBAAPU,QAAA,CAASyC,SAAS,CAAC,YAAY,EAAEb,YAAY,CAAC;IAE9C,OAAO;MACLc,WAAW,GAAAzC,iBAAA,GAAEoB,IAAI,CAACqB,WAAW,YAAAzC,iBAAA,GAAIoB,IAAI,CAACsB,YAAY;MAClDC,IAAI,EAAEd,UAAU;MAChBC;IACF,CAAC;EACH,CAAC,CAAC,OAAOc,CAAC,EAAE;IACVhE,MAAM,CAACiE,KAAK,CAAC,2CAA2C,EAAED,CAAC,CAAC;IAC5D,OAAO,IAAI;EACb;AACF"}
|
|
File without changes
|
|
File without changes
|
|
File without changes
|