@frontegg/nextjs 8.0.25 → 8.0.26-alpha.9960571383
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +6 -0
- package/README.md +32 -7
- package/api/index.d.ts +6 -1
- package/api/index.js +27 -4
- package/api/index.js.map +1 -1
- package/app/FronteggAppProvider.js +10 -3
- package/app/FronteggAppProvider.js.map +1 -1
- package/config/constants.d.ts +22 -0
- package/config/constants.js +4 -0
- package/config/constants.js.map +1 -1
- package/config/index.d.ts +3 -0
- package/config/index.js +37 -5
- package/config/index.js.map +1 -1
- package/config/types.d.ts +2 -0
- package/config/types.js.map +1 -1
- package/edge/getSessionOnEdge.d.ts +3 -0
- package/edge/getSessionOnEdge.js +62 -1
- package/edge/getSessionOnEdge.js.map +1 -1
- package/index.js +1 -1
- package/middleware/FronteggApiMiddleware.js +14 -2
- package/middleware/FronteggApiMiddleware.js.map +1 -1
- package/middleware/ProxyRequestCallback.js +0 -3
- package/middleware/ProxyRequestCallback.js.map +1 -1
- package/middleware/ProxyResponseCallback.js +8 -7
- package/middleware/ProxyResponseCallback.js.map +1 -1
- package/middleware/helpers.d.ts +14 -0
- package/middleware/helpers.js +55 -1
- package/middleware/helpers.js.map +1 -1
- package/package.json +1 -1
- package/pages/withFronteggApp/withFronteggApp.js +14 -3
- package/pages/withFronteggApp/withFronteggApp.js.map +1 -1
- package/sdkVersion.js +1 -1
- package/sdkVersion.js.map +1 -1
- package/types/index.d.ts +1 -0
- package/types/index.js.map +1 -1
- package/utils/initializeFronteggApp/index.js +2 -1
- package/utils/initializeFronteggApp/index.js.map +1 -1
- package/utils/refreshAccessTokenIfNeeded/helpers.js +10 -2
- package/utils/refreshAccessTokenIfNeeded/helpers.js.map +1 -1
package/index.js
CHANGED
|
@@ -1,13 +1,16 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
+
var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
|
|
3
4
|
Object.defineProperty(exports, "__esModule", {
|
|
4
5
|
value: true
|
|
5
6
|
});
|
|
6
7
|
exports.FronteggApiMiddleware = FronteggApiMiddleware;
|
|
8
|
+
var _extends2 = _interopRequireDefault(require("@babel/runtime/helpers/extends"));
|
|
7
9
|
var _FronteggProxy = require("./FronteggProxy");
|
|
8
10
|
var _constants = require("./constants");
|
|
9
11
|
var _helpers = require("./helpers");
|
|
10
|
-
|
|
12
|
+
var _pages = require("../pages");
|
|
13
|
+
const middlewarePromise = (req, res) => new Promise(async resolve => {
|
|
11
14
|
var _req$url;
|
|
12
15
|
const fronteggUrlPath = (0, _helpers.rewritePath)((_req$url = req.url) != null ? _req$url : '/', _constants.fronteggPathRewrite);
|
|
13
16
|
const rewriteUrl = (0, _helpers.rewritePath)(fronteggUrlPath != null ? fronteggUrlPath : '/', _constants.fronteggSSOPathRewrite);
|
|
@@ -19,7 +22,16 @@ const middlewarePromise = (req, res) => new Promise(resolve => {
|
|
|
19
22
|
if (process.env['FRONTEGG_TEST_URL'] && req.url == '/frontegg/middleware-test') {
|
|
20
23
|
options.target = process.env['FRONTEGG_TEST_URL'];
|
|
21
24
|
}
|
|
22
|
-
|
|
25
|
+
const headers = {};
|
|
26
|
+
if (process.env['FRONTEGG_SECURE_JWT_ENABLED'] === 'true') {
|
|
27
|
+
const session = await (0, _pages.getSession)(req);
|
|
28
|
+
if (session != null && session.accessToken) {
|
|
29
|
+
headers['authorization'] = 'Bearer ' + session.accessToken;
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
_FronteggProxy.FronteggProxy.web(req, res, (0, _extends2.default)({}, options, {
|
|
33
|
+
headers
|
|
34
|
+
}));
|
|
23
35
|
});
|
|
24
36
|
|
|
25
37
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"FronteggApiMiddleware.js","names":["_FronteggProxy","require","_constants","_helpers","middlewarePromise","req","res","Promise","resolve","_req$url","fronteggUrlPath","rewritePath","url","fronteggPathRewrite","rewriteUrl","fronteggSSOPathRewrite","on","options","target","process","env","FronteggProxy","web","FronteggApiMiddleware"],"sources":["../../../../packages/nextjs/src/middleware/FronteggApiMiddleware.ts"],"sourcesContent":["import type { NextApiRequest, NextApiResponse } from 'next';\nimport { FronteggProxy } from './FronteggProxy';\nimport { fronteggSSOPathRewrite, fronteggPathRewrite } from './constants';\nimport { rewritePath } from './helpers';\n\nconst middlewarePromise = (req: NextApiRequest, res: NextApiResponse) =>\n new Promise<void>((resolve) => {\n const fronteggUrlPath = rewritePath(req.url ?? '/', fronteggPathRewrite);\n const rewriteUrl = rewritePath(fronteggUrlPath ?? '/', fronteggSSOPathRewrite);\n req.url = rewriteUrl;\n res.on('close', () => resolve());\n const options = {\n target: process.env['FRONTEGG_BASE_URL'],\n };\n if (process.env['FRONTEGG_TEST_URL'] && req.url == '/frontegg/middleware-test') {\n options.target = process.env['FRONTEGG_TEST_URL'];\n }\n\n FronteggProxy.web(req, res, options);\n });\n\n/**\n * Next.js HTTP Proxy Middleware\n * @see https://nextjs.org/docs/api-routes/api-middlewares\n * @param {NextApiRequest} req - NextJS api request passed from api routing\n * @param {NextApiResponse} res - NextJS api response passed from api routing\n */\nexport async function FronteggApiMiddleware(req: NextApiRequest, res: NextApiResponse) {\n return await middlewarePromise(req, res);\n}\n"],"mappings":"
|
|
1
|
+
{"version":3,"file":"FronteggApiMiddleware.js","names":["_FronteggProxy","require","_constants","_helpers","_pages","middlewarePromise","req","res","Promise","resolve","_req$url","fronteggUrlPath","rewritePath","url","fronteggPathRewrite","rewriteUrl","fronteggSSOPathRewrite","on","options","target","process","env","headers","session","getSession","accessToken","FronteggProxy","web","_extends2","default","FronteggApiMiddleware"],"sources":["../../../../packages/nextjs/src/middleware/FronteggApiMiddleware.ts"],"sourcesContent":["import type { NextApiRequest, NextApiResponse } from 'next';\nimport { FronteggProxy } from './FronteggProxy';\nimport { fronteggSSOPathRewrite, fronteggPathRewrite } from './constants';\nimport { rewritePath } from './helpers';\nimport { getSession } from '../pages';\n\nconst middlewarePromise = (req: NextApiRequest, res: NextApiResponse) =>\n new Promise<void>(async (resolve) => {\n const fronteggUrlPath = rewritePath(req.url ?? '/', fronteggPathRewrite);\n const rewriteUrl = rewritePath(fronteggUrlPath ?? '/', fronteggSSOPathRewrite);\n req.url = rewriteUrl;\n res.on('close', () => resolve());\n const options = {\n target: process.env['FRONTEGG_BASE_URL'],\n };\n if (process.env['FRONTEGG_TEST_URL'] && req.url == '/frontegg/middleware-test') {\n options.target = process.env['FRONTEGG_TEST_URL'];\n }\n\n const headers: Record<string, string> = {};\n if (process.env['FRONTEGG_SECURE_JWT_ENABLED'] === 'true') {\n const session = await getSession(req);\n if (session?.accessToken) {\n headers['authorization'] = 'Bearer ' + session.accessToken;\n }\n }\n FronteggProxy.web(req, res, {\n ...options,\n headers,\n });\n });\n\n/**\n * Next.js HTTP Proxy Middleware\n * @see https://nextjs.org/docs/api-routes/api-middlewares\n * @param {NextApiRequest} req - NextJS api request passed from api routing\n * @param {NextApiResponse} res - NextJS api response passed from api routing\n */\nexport async function FronteggApiMiddleware(req: NextApiRequest, res: NextApiResponse) {\n return await middlewarePromise(req, res);\n}\n"],"mappings":";;;;;;;;AACA,IAAAA,cAAA,GAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,QAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAEA,MAAMI,iBAAiB,GAAGA,CAACC,GAAmB,EAAEC,GAAoB,KAClE,IAAIC,OAAO,CAAO,MAAOC,OAAO,IAAK;EAAA,IAAAC,QAAA;EACnC,MAAMC,eAAe,GAAG,IAAAC,oBAAW,GAAAF,QAAA,GAACJ,GAAG,CAACO,GAAG,YAAAH,QAAA,GAAI,GAAG,EAAEI,8BAAmB,CAAC;EACxE,MAAMC,UAAU,GAAG,IAAAH,oBAAW,EAACD,eAAe,WAAfA,eAAe,GAAI,GAAG,EAAEK,iCAAsB,CAAC;EAC9EV,GAAG,CAACO,GAAG,GAAGE,UAAU;EACpBR,GAAG,CAACU,EAAE,CAAC,OAAO,EAAE,MAAMR,OAAO,EAAE,CAAC;EAChC,MAAMS,OAAO,GAAG;IACdC,MAAM,EAAEC,OAAO,CAACC,GAAG,CAAC,mBAAmB;EACzC,CAAC;EACD,IAAID,OAAO,CAACC,GAAG,CAAC,mBAAmB,CAAC,IAAIf,GAAG,CAACO,GAAG,IAAI,2BAA2B,EAAE;IAC9EK,OAAO,CAACC,MAAM,GAAGC,OAAO,CAACC,GAAG,CAAC,mBAAmB,CAAC;EACnD;EAEA,MAAMC,OAA+B,GAAG,CAAC,CAAC;EAC1C,IAAIF,OAAO,CAACC,GAAG,CAAC,6BAA6B,CAAC,KAAK,MAAM,EAAE;IACzD,MAAME,OAAO,GAAG,MAAM,IAAAC,iBAAU,EAAClB,GAAG,CAAC;IACrC,IAAIiB,OAAO,YAAPA,OAAO,CAAEE,WAAW,EAAE;MACxBH,OAAO,CAAC,eAAe,CAAC,GAAG,SAAS,GAAGC,OAAO,CAACE,WAAW;IAC5D;EACF;EACAC,4BAAa,CAACC,GAAG,CAACrB,GAAG,EAAEC,GAAG,MAAAqB,SAAA,CAAAC,OAAA,MACrBX,OAAO;IACVI;EAAO,GACP;AACJ,CAAC,CAAC;;AAEJ;AACA;AACA;AACA;AACA;AACA;AACO,eAAeQ,qBAAqBA,CAACxB,GAAmB,EAAEC,GAAoB,EAAE;EACrF,OAAO,MAAMF,iBAAiB,CAACC,GAAG,EAAEC,GAAG,CAAC;AAC1C"}
|
|
@@ -24,9 +24,6 @@ const ProxyRequestCallback = (proxyReq, req) => {
|
|
|
24
24
|
try {
|
|
25
25
|
var _req$headers$xFronte, _req$headers$xFronte2;
|
|
26
26
|
logger.info(`${req.url} | Going to proxy request`);
|
|
27
|
-
logger.info('The original req headers are', {
|
|
28
|
-
headers: req.headers
|
|
29
|
-
});
|
|
30
27
|
logger.debug(`${req.url} | parsing request cookies`);
|
|
31
28
|
const allCookies = _cookies.default.parseCookieHeader(req);
|
|
32
29
|
logger.debug(`${req.url} | found ${allCookies} cookies`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ProxyRequestCallback.js","names":["_package","_interopRequireDefault","require","_sdkVersion","_config","_cookies","_fronteggLogger","logger","fronteggLogger","child","tag","ProxyRequestCallback","proxyReq","req","_req$headers$xFronte","_req$headers$xFronte2","info","url","
|
|
1
|
+
{"version":3,"file":"ProxyRequestCallback.js","names":["_package","_interopRequireDefault","require","_sdkVersion","_config","_cookies","_fronteggLogger","logger","fronteggLogger","child","tag","ProxyRequestCallback","proxyReq","req","_req$headers$xFronte","_req$headers$xFronte2","info","url","debug","allCookies","CookieManager","parseCookieHeader","fronteggCookiesNames","Object","keys","filter","cookieName","startsWith","config","join","forEach","setHeader","headers","NextJsPkg","version","sdkVersion","xForwardedFor","xOriginalForwardedFor","cfConnectionIp","map","header","removeHeader","method","body","bodyData","JSON","stringify","Buffer","byteLength","write","e","error","_default","exports","default"],"sources":["../../../../packages/nextjs/src/middleware/ProxyRequestCallback.ts"],"sourcesContent":["import NextJsPkg from 'next/package.json';\nimport { ProxyReqCallback } from 'http-proxy';\nimport { ClientRequest } from 'http';\nimport { NextApiRequest } from 'next';\nimport sdkVersion from '../sdkVersion';\nimport config from '../config';\nimport CookieManager from '../utils/cookies';\nimport fronteggLogger from '../utils/fronteggLogger';\n\nconst logger = fronteggLogger.child({ tag: 'FronteggApiMiddleware.ProxyRequestCallback' });\n/**\n * Proxy request callback fired on before each request to Frontegg services,\n * to transport frontegg cookies.\n *\n * @param {ClientRequest} proxyReq - Proxy request to be sent\n * @param {NextApiRequest} req - Next.js incoming request\n */\nconst ProxyRequestCallback: ProxyReqCallback<ClientRequest, NextApiRequest> = (proxyReq, req) => {\n try {\n logger.info(`${req.url} | Going to proxy request`);\n logger.debug(`${req.url} | parsing request cookies`);\n const allCookies = CookieManager.parseCookieHeader(req);\n logger.debug(`${req.url} | found ${allCookies} cookies`);\n const fronteggCookiesNames = Object.keys(allCookies).filter((cookieName) => {\n return cookieName.startsWith('fe_') && !cookieName.startsWith(config.cookieName);\n });\n\n logger.debug(`${req.url} | proxy FronteggCookies (${fronteggCookiesNames.join(', ')})`);\n fronteggCookiesNames.forEach((cookieName: string) => {\n proxyReq.setHeader(cookieName, allCookies[cookieName]);\n });\n\n proxyReq.setHeader('x-frontegg-framework', req.headers['x-frontegg-framework'] ?? `next@${NextJsPkg.version}`);\n proxyReq.setHeader('x-frontegg-sdk', req.headers['x-frontegg-sdk'] ?? `@frontegg/nextjs@${sdkVersion.version}`);\n proxyReq.setHeader('x-frontegg-middleware', 'true');\n\n const xForwardedFor = req.headers['x-forwarded-for'];\n const xOriginalForwardedFor = req.headers['x-original-forwarded-for'];\n const cfConnectionIp = req.headers['cf-connecting-ip'];\n\n if (xForwardedFor) {\n proxyReq.setHeader('x-forwarded-for', xForwardedFor);\n }\n if (xOriginalForwardedFor) {\n proxyReq.setHeader('x-original-forwarded-for', xOriginalForwardedFor);\n }\n if (cfConnectionIp) {\n proxyReq.setHeader('cf-connecting-ip', cfConnectionIp);\n }\n\n [\n 'x-invoke-path',\n 'x-invoke-query',\n 'x-middleware-invoke',\n 'x-middleware-next',\n 'transfer-encoding',\n 'cache-control',\n ].map((header) => proxyReq.removeHeader(header));\n\n logger.debug(`${req.url} | check if request has body`);\n if (req.method !== 'GET' && req.body) {\n logger.debug(`${req.url} | writing request body to proxyReq`);\n const bodyData = JSON.stringify(req.body);\n // in case if content-type is application/x-www-form-urlencoded -> we need to change to application/json\n proxyReq.setHeader('Content-Type', 'application/json');\n proxyReq.setHeader('Content-Length', Buffer.byteLength(bodyData));\n // stream the content\n proxyReq.write(bodyData);\n }\n } catch (e) {\n logger.error(`${req.url} | Failed to proxy request`, e);\n }\n};\n\nexport default ProxyRequestCallback;\n"],"mappings":";;;;;;;AAAA,IAAAA,QAAA,GAAAC,sBAAA,CAAAC,OAAA;AAIA,IAAAC,WAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,OAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,QAAA,GAAAJ,sBAAA,CAAAC,OAAA;AACA,IAAAI,eAAA,GAAAL,sBAAA,CAAAC,OAAA;AAEA,MAAMK,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;EAAEC,GAAG,EAAE;AAA6C,CAAC,CAAC;AAC1F;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,oBAAqE,GAAGA,CAACC,QAAQ,EAAEC,GAAG,KAAK;EAC/F,IAAI;IAAA,IAAAC,oBAAA,EAAAC,qBAAA;IACFR,MAAM,CAACS,IAAI,CAAE,GAAEH,GAAG,CAACI,GAAI,2BAA0B,CAAC;IAClDV,MAAM,CAACW,KAAK,CAAE,GAAEL,GAAG,CAACI,GAAI,4BAA2B,CAAC;IACpD,MAAME,UAAU,GAAGC,gBAAa,CAACC,iBAAiB,CAACR,GAAG,CAAC;IACvDN,MAAM,CAACW,KAAK,CAAE,GAAEL,GAAG,CAACI,GAAI,YAAWE,UAAW,UAAS,CAAC;IACxD,MAAMG,oBAAoB,GAAGC,MAAM,CAACC,IAAI,CAACL,UAAU,CAAC,CAACM,MAAM,CAAEC,UAAU,IAAK;MAC1E,OAAOA,UAAU,CAACC,UAAU,CAAC,KAAK,CAAC,IAAI,CAACD,UAAU,CAACC,UAAU,CAACC,eAAM,CAACF,UAAU,CAAC;IAClF,CAAC,CAAC;IAEFnB,MAAM,CAACW,KAAK,CAAE,GAAEL,GAAG,CAACI,GAAI,6BAA4BK,oBAAoB,CAACO,IAAI,CAAC,IAAI,CAAE,GAAE,CAAC;IACvFP,oBAAoB,CAACQ,OAAO,CAAEJ,UAAkB,IAAK;MACnDd,QAAQ,CAACmB,SAAS,CAACL,UAAU,EAAEP,UAAU,CAACO,UAAU,CAAC,CAAC;IACxD,CAAC,CAAC;IAEFd,QAAQ,CAACmB,SAAS,CAAC,sBAAsB,GAAAjB,oBAAA,GAAED,GAAG,CAACmB,OAAO,CAAC,sBAAsB,CAAC,YAAAlB,oBAAA,GAAK,QAAOmB,gBAAS,CAACC,OAAQ,EAAC,CAAC;IAC9GtB,QAAQ,CAACmB,SAAS,CAAC,gBAAgB,GAAAhB,qBAAA,GAAEF,GAAG,CAACmB,OAAO,CAAC,gBAAgB,CAAC,YAAAjB,qBAAA,GAAK,oBAAmBoB,mBAAU,CAACD,OAAQ,EAAC,CAAC;IAC/GtB,QAAQ,CAACmB,SAAS,CAAC,uBAAuB,EAAE,MAAM,CAAC;IAEnD,MAAMK,aAAa,GAAGvB,GAAG,CAACmB,OAAO,CAAC,iBAAiB,CAAC;IACpD,MAAMK,qBAAqB,GAAGxB,GAAG,CAACmB,OAAO,CAAC,0BAA0B,CAAC;IACrE,MAAMM,cAAc,GAAGzB,GAAG,CAACmB,OAAO,CAAC,kBAAkB,CAAC;IAEtD,IAAII,aAAa,EAAE;MACjBxB,QAAQ,CAACmB,SAAS,CAAC,iBAAiB,EAAEK,aAAa,CAAC;IACtD;IACA,IAAIC,qBAAqB,EAAE;MACzBzB,QAAQ,CAACmB,SAAS,CAAC,0BAA0B,EAAEM,qBAAqB,CAAC;IACvE;IACA,IAAIC,cAAc,EAAE;MAClB1B,QAAQ,CAACmB,SAAS,CAAC,kBAAkB,EAAEO,cAAc,CAAC;IACxD;IAEA,CACE,eAAe,EACf,gBAAgB,EAChB,qBAAqB,EACrB,mBAAmB,EACnB,mBAAmB,EACnB,eAAe,CAChB,CAACC,GAAG,CAAEC,MAAM,IAAK5B,QAAQ,CAAC6B,YAAY,CAACD,MAAM,CAAC,CAAC;IAEhDjC,MAAM,CAACW,KAAK,CAAE,GAAEL,GAAG,CAACI,GAAI,8BAA6B,CAAC;IACtD,IAAIJ,GAAG,CAAC6B,MAAM,KAAK,KAAK,IAAI7B,GAAG,CAAC8B,IAAI,EAAE;MACpCpC,MAAM,CAACW,KAAK,CAAE,GAAEL,GAAG,CAACI,GAAI,qCAAoC,CAAC;MAC7D,MAAM2B,QAAQ,GAAGC,IAAI,CAACC,SAAS,CAACjC,GAAG,CAAC8B,IAAI,CAAC;MACzC;MACA/B,QAAQ,CAACmB,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC;MACtDnB,QAAQ,CAACmB,SAAS,CAAC,gBAAgB,EAAEgB,MAAM,CAACC,UAAU,CAACJ,QAAQ,CAAC,CAAC;MACjE;MACAhC,QAAQ,CAACqC,KAAK,CAACL,QAAQ,CAAC;IAC1B;EACF,CAAC,CAAC,OAAOM,CAAC,EAAE;IACV3C,MAAM,CAAC4C,KAAK,CAAE,GAAEtC,GAAG,CAACI,GAAI,4BAA2B,EAAEiC,CAAC,CAAC;EACzD;AACF,CAAC;AAAC,IAAAE,QAAA,GAEazC,oBAAoB;AAAA0C,OAAA,CAAAC,OAAA,GAAAF,QAAA"}
|
|
@@ -36,7 +36,7 @@ const ProxyResponseCallback = (proxyRes, req, res) => {
|
|
|
36
36
|
const url = req.url;
|
|
37
37
|
const statusCode = (_proxyRes$statusCode = proxyRes.statusCode) != null ? _proxyRes$statusCode : 500;
|
|
38
38
|
const isSuccess = statusCode >= 200 && statusCode < 400;
|
|
39
|
-
|
|
39
|
+
let bodyStr = buffer.toString('utf-8');
|
|
40
40
|
const isLogout = (0, _helpers.isFronteggLogoutUrl)(url);
|
|
41
41
|
if (isLogout) {
|
|
42
42
|
_cookies.default.removeCookies({
|
|
@@ -59,12 +59,12 @@ const ProxyResponseCallback = (proxyRes, req, res) => {
|
|
|
59
59
|
if (isSuccess) {
|
|
60
60
|
try {
|
|
61
61
|
if (bodyStr && bodyStr.length > 0) {
|
|
62
|
-
const
|
|
63
|
-
if (
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
const [session, decodedJwt] = await (0, _common.createSessionFromAccessToken)(
|
|
62
|
+
const tokens = (0, _helpers.extractAccessToken)(bodyStr);
|
|
63
|
+
if (tokens.accessToken) {
|
|
64
|
+
if (process.env['FRONTEGG_SECURE_JWT_ENABLED'] === 'true') {
|
|
65
|
+
bodyStr = JSON.stringify((0, _helpers.removeJwtSignatureFrom)(JSON.parse(bodyStr)));
|
|
66
|
+
}
|
|
67
|
+
const [session, decodedJwt] = await (0, _common.createSessionFromAccessToken)(tokens);
|
|
68
68
|
if (session) {
|
|
69
69
|
const sessionCookie = _cookies.default.create({
|
|
70
70
|
value: session,
|
|
@@ -96,6 +96,7 @@ const ProxyResponseCallback = (proxyRes, req, res) => {
|
|
|
96
96
|
res.setHeader(header, `${proxyRes.headers[header]}`);
|
|
97
97
|
});
|
|
98
98
|
res.setHeader('set-cookie', cookies);
|
|
99
|
+
res.setHeader('content-length', bodyStr.length);
|
|
99
100
|
res.status(statusCode).end(bodyStr);
|
|
100
101
|
} else {
|
|
101
102
|
if (statusCode >= 400 && statusCode !== 404) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ProxyResponseCallback.js","names":["_config","_interopRequireDefault","require","_cookies","_common","_helpers","_fronteggLogger","_helpers2","logger","fronteggLogger","child","tag","ProxyResponseCallback","proxyRes","req","res","buffer","Buffer","totalLength","isSecured","URL","config","appUrl","protocol","on","chunk","length","concat","_proxyRes$statusCode","_CookieManager$modify","url","statusCode","isSuccess","bodyStr","toString","isLogout","isFronteggLogoutUrl","CookieManager","removeCookies","cookieDomain","isFronteggOauthLogoutUrl","isHostedLogin","asPath","hostedLogoutUrl","getHostedLogoutUrl","headers","status","end","cookies","modifySetCookie","
|
|
1
|
+
{"version":3,"file":"ProxyResponseCallback.js","names":["_config","_interopRequireDefault","require","_cookies","_common","_helpers","_fronteggLogger","_helpers2","logger","fronteggLogger","child","tag","ProxyResponseCallback","proxyRes","req","res","buffer","Buffer","totalLength","isSecured","URL","config","appUrl","protocol","on","chunk","length","concat","_proxyRes$statusCode","_CookieManager$modify","url","statusCode","isSuccess","bodyStr","toString","isLogout","isFronteggLogoutUrl","CookieManager","removeCookies","cookieDomain","isFronteggOauthLogoutUrl","isHostedLogin","asPath","hostedLogoutUrl","getHostedLogoutUrl","headers","status","end","cookies","modifySetCookie","tokens","extractAccessToken","accessToken","process","env","JSON","stringify","removeJwtSignatureFrom","parse","session","decodedJwt","createSessionFromAccessToken","sessionCookie","create","value","expires","Date","exp","secure","push","e","isSSOPostRequest","error","Object","keys","filter","header","forEach","setHeader","_default","exports","default"],"sources":["../../../../packages/nextjs/src/middleware/ProxyResponseCallback.ts"],"sourcesContent":["import { ProxyResCallback } from 'http-proxy';\nimport { IncomingMessage } from 'http';\nimport { NextApiResponse } from 'next';\nimport config from '../config';\nimport CookieManager from '../utils/cookies';\nimport { createSessionFromAccessToken } from '../common';\nimport {\n extractAccessToken,\n getHostedLogoutUrl,\n isFronteggLogoutUrl,\n isFronteggOauthLogoutUrl,\n removeJwtSignatureFrom,\n} from './helpers';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport { isSSOPostRequest } from '../utils/refreshAccessTokenIfNeeded/helpers';\n\nconst logger = fronteggLogger.child({ tag: 'FronteggApiMiddleware.ProxyResponseCallback' });\n/**\n * Proxy response callback fired on after each response from Frontegg services,\n * to transport frontegg modify cookies and generating encrypted JWT session cookie.\n *\n * @param {IncomingMessage} proxyRes - Proxy response from Frontegg services\n * @param {NextApiRequest} req - Next.js request sent from client-side\n * @param {NextApiResponse} res - Next.js response to send to client-side\n */\nconst ProxyResponseCallback: ProxyResCallback<IncomingMessage, NextApiResponse> = (proxyRes, req, res) => {\n let buffer = new Buffer('');\n let totalLength: number = 0;\n const isSecured = new URL(config.appUrl).protocol === 'https:';\n\n proxyRes.on('data', (chunk: Buffer) => {\n totalLength += chunk.length;\n buffer = Buffer.concat([buffer, chunk], totalLength);\n });\n proxyRes.on('end', async () => {\n try {\n const url = req.url!;\n const statusCode = proxyRes.statusCode ?? 500;\n const isSuccess = statusCode >= 200 && statusCode < 400;\n let bodyStr = buffer.toString('utf-8');\n const isLogout = isFronteggLogoutUrl(url);\n\n if (isLogout) {\n CookieManager.removeCookies({\n isSecured,\n cookieDomain: config.cookieDomain,\n res,\n req,\n });\n if (isFronteggOauthLogoutUrl(url) || config.isHostedLogin) {\n const { asPath: hostedLogoutUrl } = getHostedLogoutUrl(req.headers['referer']);\n res.status(302).end(hostedLogoutUrl);\n return;\n }\n res.status(statusCode).end(bodyStr);\n return;\n }\n\n const cookies = CookieManager.modifySetCookie(proxyRes.headers['set-cookie'], isSecured) ?? [];\n if (isSuccess) {\n try {\n if (bodyStr && bodyStr.length > 0) {\n const tokens = extractAccessToken(bodyStr);\n\n if (tokens.accessToken) {\n if (process.env['FRONTEGG_SECURE_JWT_ENABLED'] === 'true') {\n bodyStr = JSON.stringify(removeJwtSignatureFrom(JSON.parse(bodyStr)));\n }\n\n const [session, decodedJwt] = await createSessionFromAccessToken(tokens);\n if (session) {\n const sessionCookie = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n req,\n });\n cookies.push(...sessionCookie);\n }\n }\n }\n } catch (e) {\n /** ignore api call if:\n * - Does not have accessToken / access_token\n * - Not json response\n */\n if (statusCode === 302 && isSSOPostRequest(url)) {\n /**\n * Ignore saml/oidc postLogin response with redirect\n */\n } else {\n logger.error('failed to create session', e, {\n url,\n statusCode,\n });\n }\n }\n Object.keys(proxyRes.headers)\n .filter((header) => header !== 'cookie')\n .forEach((header) => {\n res.setHeader(header, `${proxyRes.headers[header]}`);\n });\n res.setHeader('set-cookie', cookies);\n res.setHeader('content-length', bodyStr.length);\n res.status(statusCode).end(bodyStr);\n } else {\n if (statusCode >= 400 && statusCode !== 404) {\n logger.error(`Middleware request failed statusCode: ${statusCode} for url: ${url}`);\n }\n Object.keys(proxyRes.headers)\n .filter((header) => header !== 'cookie')\n .forEach((header) => {\n res.setHeader(header, `${proxyRes.headers[header]}`);\n });\n res.setHeader('set-cookie', cookies);\n res.status(statusCode).end(bodyStr);\n }\n } catch (e: any) {\n logger.error('proxy failed to send request', e);\n res.status(500).end('Internal Server Error');\n }\n });\n};\n\nexport default ProxyResponseCallback;\n"],"mappings":";;;;;;;AAGA,IAAAA,OAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,QAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,QAAA,GAAAH,OAAA;AAOA,IAAAI,eAAA,GAAAL,sBAAA,CAAAC,OAAA;AACA,IAAAK,SAAA,GAAAL,OAAA;AAEA,MAAMM,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;EAAEC,GAAG,EAAE;AAA8C,CAAC,CAAC;AAC3F;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,qBAAyE,GAAGA,CAACC,QAAQ,EAAEC,GAAG,EAAEC,GAAG,KAAK;EACxG,IAAIC,MAAM,GAAG,IAAIC,MAAM,CAAC,EAAE,CAAC;EAC3B,IAAIC,WAAmB,GAAG,CAAC;EAC3B,MAAMC,SAAS,GAAG,IAAIC,GAAG,CAACC,eAAM,CAACC,MAAM,CAAC,CAACC,QAAQ,KAAK,QAAQ;EAE9DV,QAAQ,CAACW,EAAE,CAAC,MAAM,EAAGC,KAAa,IAAK;IACrCP,WAAW,IAAIO,KAAK,CAACC,MAAM;IAC3BV,MAAM,GAAGC,MAAM,CAACU,MAAM,CAAC,CAACX,MAAM,EAAES,KAAK,CAAC,EAAEP,WAAW,CAAC;EACtD,CAAC,CAAC;EACFL,QAAQ,CAACW,EAAE,CAAC,KAAK,EAAE,YAAY;IAC7B,IAAI;MAAA,IAAAI,oBAAA,EAAAC,qBAAA;MACF,MAAMC,GAAG,GAAGhB,GAAG,CAACgB,GAAI;MACpB,MAAMC,UAAU,IAAAH,oBAAA,GAAGf,QAAQ,CAACkB,UAAU,YAAAH,oBAAA,GAAI,GAAG;MAC7C,MAAMI,SAAS,GAAGD,UAAU,IAAI,GAAG,IAAIA,UAAU,GAAG,GAAG;MACvD,IAAIE,OAAO,GAAGjB,MAAM,CAACkB,QAAQ,CAAC,OAAO,CAAC;MACtC,MAAMC,QAAQ,GAAG,IAAAC,4BAAmB,EAACN,GAAG,CAAC;MAEzC,IAAIK,QAAQ,EAAE;QACZE,gBAAa,CAACC,aAAa,CAAC;UAC1BnB,SAAS;UACToB,YAAY,EAAElB,eAAM,CAACkB,YAAY;UACjCxB,GAAG;UACHD;QACF,CAAC,CAAC;QACF,IAAI,IAAA0B,iCAAwB,EAACV,GAAG,CAAC,IAAIT,eAAM,CAACoB,aAAa,EAAE;UACzD,MAAM;YAAEC,MAAM,EAAEC;UAAgB,CAAC,GAAG,IAAAC,2BAAkB,EAAC9B,GAAG,CAAC+B,OAAO,CAAC,SAAS,CAAC,CAAC;UAC9E9B,GAAG,CAAC+B,MAAM,CAAC,GAAG,CAAC,CAACC,GAAG,CAACJ,eAAe,CAAC;UACpC;QACF;QACA5B,GAAG,CAAC+B,MAAM,CAACf,UAAU,CAAC,CAACgB,GAAG,CAACd,OAAO,CAAC;QACnC;MACF;MAEA,MAAMe,OAAO,IAAAnB,qBAAA,GAAGQ,gBAAa,CAACY,eAAe,CAACpC,QAAQ,CAACgC,OAAO,CAAC,YAAY,CAAC,EAAE1B,SAAS,CAAC,YAAAU,qBAAA,GAAI,EAAE;MAC9F,IAAIG,SAAS,EAAE;QACb,IAAI;UACF,IAAIC,OAAO,IAAIA,OAAO,CAACP,MAAM,GAAG,CAAC,EAAE;YACjC,MAAMwB,MAAM,GAAG,IAAAC,2BAAkB,EAAClB,OAAO,CAAC;YAE1C,IAAIiB,MAAM,CAACE,WAAW,EAAE;cACtB,IAAIC,OAAO,CAACC,GAAG,CAAC,6BAA6B,CAAC,KAAK,MAAM,EAAE;gBACzDrB,OAAO,GAAGsB,IAAI,CAACC,SAAS,CAAC,IAAAC,+BAAsB,EAACF,IAAI,CAACG,KAAK,CAACzB,OAAO,CAAC,CAAC,CAAC;cACvE;cAEA,MAAM,CAAC0B,OAAO,EAAEC,UAAU,CAAC,GAAG,MAAM,IAAAC,oCAA4B,EAACX,MAAM,CAAC;cACxE,IAAIS,OAAO,EAAE;gBACX,MAAMG,aAAa,GAAGzB,gBAAa,CAAC0B,MAAM,CAAC;kBACzCC,KAAK,EAAEL,OAAO;kBACdM,OAAO,EAAE,IAAIC,IAAI,CAACN,UAAU,CAACO,GAAG,GAAG,IAAI,CAAC;kBACxCC,MAAM,EAAEjD,SAAS;kBACjBL;gBACF,CAAC,CAAC;gBACFkC,OAAO,CAACqB,IAAI,CAAC,GAAGP,aAAa,CAAC;cAChC;YACF;UACF;QACF,CAAC,CAAC,OAAOQ,CAAC,EAAE;UACV;AACV;AACA;AACA;UACU,IAAIvC,UAAU,KAAK,GAAG,IAAI,IAAAwC,0BAAgB,EAACzC,GAAG,CAAC,EAAE;YAC/C;AACZ;AACA;UAFY,CAGD,MAAM;YACLtB,MAAM,CAACgE,KAAK,CAAC,0BAA0B,EAAEF,CAAC,EAAE;cAC1CxC,GAAG;cACHC;YACF,CAAC,CAAC;UACJ;QACF;QACA0C,MAAM,CAACC,IAAI,CAAC7D,QAAQ,CAACgC,OAAO,CAAC,CAC1B8B,MAAM,CAAEC,MAAM,IAAKA,MAAM,KAAK,QAAQ,CAAC,CACvCC,OAAO,CAAED,MAAM,IAAK;UACnB7D,GAAG,CAAC+D,SAAS,CAACF,MAAM,EAAG,GAAE/D,QAAQ,CAACgC,OAAO,CAAC+B,MAAM,CAAE,EAAC,CAAC;QACtD,CAAC,CAAC;QACJ7D,GAAG,CAAC+D,SAAS,CAAC,YAAY,EAAE9B,OAAO,CAAC;QACpCjC,GAAG,CAAC+D,SAAS,CAAC,gBAAgB,EAAE7C,OAAO,CAACP,MAAM,CAAC;QAC/CX,GAAG,CAAC+B,MAAM,CAACf,UAAU,CAAC,CAACgB,GAAG,CAACd,OAAO,CAAC;MACrC,CAAC,MAAM;QACL,IAAIF,UAAU,IAAI,GAAG,IAAIA,UAAU,KAAK,GAAG,EAAE;UAC3CvB,MAAM,CAACgE,KAAK,CAAE,yCAAwCzC,UAAW,aAAYD,GAAI,EAAC,CAAC;QACrF;QACA2C,MAAM,CAACC,IAAI,CAAC7D,QAAQ,CAACgC,OAAO,CAAC,CAC1B8B,MAAM,CAAEC,MAAM,IAAKA,MAAM,KAAK,QAAQ,CAAC,CACvCC,OAAO,CAAED,MAAM,IAAK;UACnB7D,GAAG,CAAC+D,SAAS,CAACF,MAAM,EAAG,GAAE/D,QAAQ,CAACgC,OAAO,CAAC+B,MAAM,CAAE,EAAC,CAAC;QACtD,CAAC,CAAC;QACJ7D,GAAG,CAAC+D,SAAS,CAAC,YAAY,EAAE9B,OAAO,CAAC;QACpCjC,GAAG,CAAC+B,MAAM,CAACf,UAAU,CAAC,CAACgB,GAAG,CAACd,OAAO,CAAC;MACrC;IACF,CAAC,CAAC,OAAOqC,CAAM,EAAE;MACf9D,MAAM,CAACgE,KAAK,CAAC,8BAA8B,EAAEF,CAAC,CAAC;MAC/CvD,GAAG,CAAC+B,MAAM,CAAC,GAAG,CAAC,CAACC,GAAG,CAAC,uBAAuB,CAAC;IAC9C;EACF,CAAC,CAAC;AACJ,CAAC;AAAC,IAAAgC,QAAA,GAEanE,qBAAqB;AAAAoE,OAAA,CAAAC,OAAA,GAAAF,QAAA"}
|
package/middleware/helpers.d.ts
CHANGED
|
@@ -26,3 +26,17 @@ export declare const isFronteggOauthLogoutUrl: (url: string) => boolean;
|
|
|
26
26
|
* @param referer the route to redirect to after logout
|
|
27
27
|
*/
|
|
28
28
|
export declare const getHostedLogoutUrl: (referer?: string) => BuildRouteResult;
|
|
29
|
+
export type Tokens = {
|
|
30
|
+
accessToken: string;
|
|
31
|
+
refreshToken: string;
|
|
32
|
+
};
|
|
33
|
+
/**
|
|
34
|
+
* Extracts the access token from the response body
|
|
35
|
+
* @param bodyStr
|
|
36
|
+
*/
|
|
37
|
+
export declare const extractAccessToken: (bodyStr: string) => Tokens;
|
|
38
|
+
/**
|
|
39
|
+
* Removes the signature from the JWT token
|
|
40
|
+
* @param body
|
|
41
|
+
*/
|
|
42
|
+
export declare const removeJwtSignatureFrom: <T extends unknown>(body: any) => T;
|
package/middleware/helpers.js
CHANGED
|
@@ -4,7 +4,7 @@ var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefau
|
|
|
4
4
|
Object.defineProperty(exports, "__esModule", {
|
|
5
5
|
value: true
|
|
6
6
|
});
|
|
7
|
-
exports.rewritePath = exports.isFronteggOauthLogoutUrl = exports.isFronteggLogoutUrl = exports.getHostedLogoutUrl = void 0;
|
|
7
|
+
exports.rewritePath = exports.removeJwtSignatureFrom = exports.isFronteggOauthLogoutUrl = exports.isFronteggLogoutUrl = exports.getHostedLogoutUrl = exports.extractAccessToken = void 0;
|
|
8
8
|
var _urls = require("../api/urls");
|
|
9
9
|
var _config = _interopRequireDefault(require("../config"));
|
|
10
10
|
var _reduxStore = require("@frontegg/redux-store");
|
|
@@ -66,4 +66,58 @@ const getHostedLogoutUrl = (referer = _config.default.appUrl) => {
|
|
|
66
66
|
return (0, _urls.buildLogoutRoute)(redirectUrl, _config.default.baseUrl);
|
|
67
67
|
};
|
|
68
68
|
exports.getHostedLogoutUrl = getHostedLogoutUrl;
|
|
69
|
+
/**
|
|
70
|
+
* Extracts the access token from the response body
|
|
71
|
+
* @param bodyStr
|
|
72
|
+
*/
|
|
73
|
+
const extractAccessToken = bodyStr => {
|
|
74
|
+
const body = JSON.parse(bodyStr);
|
|
75
|
+
if (body.authResponse) {
|
|
76
|
+
Object.assign(body, body.authResponse);
|
|
77
|
+
}
|
|
78
|
+
return {
|
|
79
|
+
accessToken: body.accessToken || body.access_token,
|
|
80
|
+
refreshToken: body.refreshToken || body.refresh_token
|
|
81
|
+
};
|
|
82
|
+
};
|
|
83
|
+
exports.extractAccessToken = extractAccessToken;
|
|
84
|
+
const jwtKeys = ['accessToken', 'access_token', 'idToken', 'id_token'];
|
|
85
|
+
const refreshTokenKeys = ['refreshToken', 'refresh_token'];
|
|
86
|
+
/**
|
|
87
|
+
* Removes the signature from the JWT token
|
|
88
|
+
* @param body
|
|
89
|
+
*/
|
|
90
|
+
const removeJwtSignatureFrom = body => {
|
|
91
|
+
if (!body) {
|
|
92
|
+
return body;
|
|
93
|
+
}
|
|
94
|
+
if (body.authResponse) {
|
|
95
|
+
jwtKeys.forEach(key => {
|
|
96
|
+
if (body.authResponse[key]) {
|
|
97
|
+
// body.authResponse[key] = "REDACTED_FOR_SECURITY";
|
|
98
|
+
// body.authResponse[key] = body.authResponse[key].split('.')[0] + '.' + body.authResponse[key].split('.')[1];
|
|
99
|
+
body.authResponse[key] = `REDACTED_FOR_SECURITY.${body.authResponse[key].split('.')[1]}.REDACTED_FOR_SECURITY`;
|
|
100
|
+
}
|
|
101
|
+
});
|
|
102
|
+
refreshTokenKeys.forEach(key => {
|
|
103
|
+
if (body.authResponse[key]) {
|
|
104
|
+
delete body.authResponse[key];
|
|
105
|
+
}
|
|
106
|
+
});
|
|
107
|
+
}
|
|
108
|
+
jwtKeys.forEach(key => {
|
|
109
|
+
if (body[key]) {
|
|
110
|
+
// body[key] = "REDACTED_FOR_SECURITY";
|
|
111
|
+
// body[key] = body[key].split('.')[0] + '.' + body[key].split('.')[1];
|
|
112
|
+
body[key] = `REDACTED_FOR_SECURITY.${body[key].split('.')[1]}.REDACTED_FOR_SECURITY`;
|
|
113
|
+
}
|
|
114
|
+
});
|
|
115
|
+
refreshTokenKeys.forEach(key => {
|
|
116
|
+
if (body[key]) {
|
|
117
|
+
delete body[key];
|
|
118
|
+
}
|
|
119
|
+
});
|
|
120
|
+
return body;
|
|
121
|
+
};
|
|
122
|
+
exports.removeJwtSignatureFrom = removeJwtSignatureFrom;
|
|
69
123
|
//# sourceMappingURL=helpers.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"helpers.js","names":["_urls","require","_config","_interopRequireDefault","_reduxStore","rewritePath","url","pathRewrite","Array","isArray","item","patternStr","replaceStr","pattern","RegExp","test","replace","path","exports","isFronteggLogoutUrl","endsWith","isFronteggOauthLogoutUrl","getHostedLogoutUrl","referer","config","appUrl","_config$authRoutes$lo","_config$authRoutes","logoutPath","authRoutes","logoutUrl","authInitialState","routes","refererUrl","URL","isLogoutRoute","toString","includes","redirectUrl","origin","search","buildLogoutRoute","baseUrl"],"sources":["../../../../packages/nextjs/src/middleware/helpers.ts"],"sourcesContent":["import { BuildRouteResult, buildLogoutRoute } from '../api/urls';\nimport config from '../config';\nimport { authInitialState } from '@frontegg/redux-store';\n\n/**\n * If pattern information matching the input url information is found in the `pathRewrite` array,\n * the url value is partially replaced with the `pathRewrite.replaceStr` value.\n * @param url\n * @param pathRewrite\n */\nexport const rewritePath = (\n url: string,\n pathRewrite: { [key: string]: string } | { patternStr: string; replaceStr: string }[]\n) => {\n if (Array.isArray(pathRewrite)) {\n for (const item of pathRewrite) {\n const { patternStr, replaceStr } = item;\n const pattern = RegExp(patternStr);\n if (pattern.test(url as string)) {\n return url.replace(pattern, replaceStr);\n }\n }\n } else {\n for (const patternStr in pathRewrite) {\n const pattern = RegExp(patternStr);\n const path = pathRewrite[patternStr];\n if (pattern.test(url as string)) {\n return url.replace(pattern, path);\n }\n }\n }\n return url;\n};\n\n/**\n * Checks If route is a logout route\n * @param url\n */\nexport const isFronteggLogoutUrl = (url: string) => url.endsWith('/logout');\n\n/**\n * Checks If route is a hosted logout route\n * @param url\n */\nexport const isFronteggOauthLogoutUrl = (url: string) => url.endsWith('/oauth/logout');\n\n/**\n * Returns url to be redirected for hosted logout\n * @param referer the route to redirect to after logout\n */\nexport const getHostedLogoutUrl = (referer = config.appUrl): BuildRouteResult => {\n const logoutPath = config.authRoutes?.logoutUrl ?? authInitialState.routes.logoutUrl;\n const refererUrl = new URL(referer);\n const isLogoutRoute = refererUrl.toString().includes(logoutPath);\n\n const redirectUrl = isLogoutRoute ? refererUrl.origin + refererUrl.search : refererUrl.toString();\n\n return buildLogoutRoute(redirectUrl, config.baseUrl);\n};\n"],"mappings":";;;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,WAAA,GAAAH,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMI,WAAW,GAAGA,CACzBC,GAAW,EACXC,WAAqF,KAClF;EACH,IAAIC,KAAK,CAACC,OAAO,CAACF,WAAW,CAAC,EAAE;IAC9B,KAAK,MAAMG,IAAI,IAAIH,WAAW,EAAE;MAC9B,MAAM;QAAEI,UAAU;QAAEC;MAAW,CAAC,GAAGF,IAAI;MACvC,MAAMG,OAAO,GAAGC,MAAM,CAACH,UAAU,CAAC;MAClC,IAAIE,OAAO,CAACE,IAAI,CAACT,GAAG,CAAW,EAAE;QAC/B,OAAOA,GAAG,CAACU,OAAO,CAACH,OAAO,EAAED,UAAU,CAAC;MACzC;IACF;EACF,CAAC,MAAM;IACL,KAAK,MAAMD,UAAU,IAAIJ,WAAW,EAAE;MACpC,MAAMM,OAAO,GAAGC,MAAM,CAACH,UAAU,CAAC;MAClC,MAAMM,IAAI,GAAGV,WAAW,CAACI,UAAU,CAAC;MACpC,IAAIE,OAAO,CAACE,IAAI,CAACT,GAAG,CAAW,EAAE;QAC/B,OAAOA,GAAG,CAACU,OAAO,CAACH,OAAO,EAAEI,IAAI,CAAC;MACnC;IACF;EACF;EACA,OAAOX,GAAG;AACZ,CAAC;;AAED;AACA;AACA;AACA;AAHAY,OAAA,CAAAb,WAAA,GAAAA,WAAA;AAIO,MAAMc,mBAAmB,GAAIb,GAAW,IAAKA,GAAG,CAACc,QAAQ,CAAC,SAAS,CAAC;;AAE3E;AACA;AACA;AACA;AAHAF,OAAA,CAAAC,mBAAA,GAAAA,mBAAA;AAIO,MAAME,wBAAwB,GAAIf,GAAW,IAAKA,GAAG,CAACc,QAAQ,CAAC,eAAe,CAAC;;AAEtF;AACA;AACA;AACA;AAHAF,OAAA,CAAAG,wBAAA,GAAAA,wBAAA;AAIO,MAAMC,kBAAkB,GAAGA,CAACC,OAAO,GAAGC,eAAM,CAACC,MAAM,KAAuB;EAAA,IAAAC,qBAAA,EAAAC,kBAAA;EAC/E,MAAMC,UAAU,IAAAF,qBAAA,IAAAC,kBAAA,GAAGH,eAAM,CAACK,UAAU,qBAAjBF,kBAAA,CAAmBG,SAAS,YAAAJ,qBAAA,GAAIK,4BAAgB,CAACC,MAAM,CAACF,SAAS;EACpF,MAAMG,UAAU,GAAG,IAAIC,GAAG,CAACX,OAAO,CAAC;EACnC,MAAMY,aAAa,GAAGF,UAAU,CAACG,QAAQ,EAAE,CAACC,QAAQ,CAACT,UAAU,CAAC;EAEhE,MAAMU,WAAW,GAAGH,aAAa,GAAGF,UAAU,CAACM,MAAM,GAAGN,UAAU,CAACO,MAAM,GAAGP,UAAU,CAACG,QAAQ,EAAE;EAEjG,OAAO,IAAAK,sBAAgB,EAACH,WAAW,EAAEd,eAAM,CAACkB,OAAO,CAAC;AACtD,CAAC;AAACxB,OAAA,CAAAI,kBAAA,GAAAA,kBAAA"}
|
|
1
|
+
{"version":3,"file":"helpers.js","names":["_urls","require","_config","_interopRequireDefault","_reduxStore","rewritePath","url","pathRewrite","Array","isArray","item","patternStr","replaceStr","pattern","RegExp","test","replace","path","exports","isFronteggLogoutUrl","endsWith","isFronteggOauthLogoutUrl","getHostedLogoutUrl","referer","config","appUrl","_config$authRoutes$lo","_config$authRoutes","logoutPath","authRoutes","logoutUrl","authInitialState","routes","refererUrl","URL","isLogoutRoute","toString","includes","redirectUrl","origin","search","buildLogoutRoute","baseUrl","extractAccessToken","bodyStr","body","JSON","parse","authResponse","Object","assign","accessToken","access_token","refreshToken","refresh_token","jwtKeys","refreshTokenKeys","removeJwtSignatureFrom","forEach","key","split"],"sources":["../../../../packages/nextjs/src/middleware/helpers.ts"],"sourcesContent":["import { BuildRouteResult, buildLogoutRoute } from '../api/urls';\nimport config from '../config';\nimport { authInitialState } from '@frontegg/redux-store';\n\n/**\n * If pattern information matching the input url information is found in the `pathRewrite` array,\n * the url value is partially replaced with the `pathRewrite.replaceStr` value.\n * @param url\n * @param pathRewrite\n */\nexport const rewritePath = (\n url: string,\n pathRewrite: { [key: string]: string } | { patternStr: string; replaceStr: string }[]\n) => {\n if (Array.isArray(pathRewrite)) {\n for (const item of pathRewrite) {\n const { patternStr, replaceStr } = item;\n const pattern = RegExp(patternStr);\n if (pattern.test(url as string)) {\n return url.replace(pattern, replaceStr);\n }\n }\n } else {\n for (const patternStr in pathRewrite) {\n const pattern = RegExp(patternStr);\n const path = pathRewrite[patternStr];\n if (pattern.test(url as string)) {\n return url.replace(pattern, path);\n }\n }\n }\n return url;\n};\n\n/**\n * Checks If route is a logout route\n * @param url\n */\nexport const isFronteggLogoutUrl = (url: string) => url.endsWith('/logout');\n\n/**\n * Checks If route is a hosted logout route\n * @param url\n */\nexport const isFronteggOauthLogoutUrl = (url: string) => url.endsWith('/oauth/logout');\n\n/**\n * Returns url to be redirected for hosted logout\n * @param referer the route to redirect to after logout\n */\nexport const getHostedLogoutUrl = (referer = config.appUrl): BuildRouteResult => {\n const logoutPath = config.authRoutes?.logoutUrl ?? authInitialState.routes.logoutUrl;\n const refererUrl = new URL(referer);\n const isLogoutRoute = refererUrl.toString().includes(logoutPath);\n\n const redirectUrl = isLogoutRoute ? refererUrl.origin + refererUrl.search : refererUrl.toString();\n\n return buildLogoutRoute(redirectUrl, config.baseUrl);\n};\n\nexport type Tokens = {\n accessToken: string;\n refreshToken: string;\n};\n\n/**\n * Extracts the access token from the response body\n * @param bodyStr\n */\nexport const extractAccessToken = (bodyStr: string): Tokens => {\n const body = JSON.parse(bodyStr);\n\n if (body.authResponse) {\n Object.assign(body, body.authResponse);\n }\n return {\n accessToken: body.accessToken || body.access_token,\n refreshToken: body.refreshToken || body.refresh_token,\n };\n};\n\nconst jwtKeys = ['accessToken', 'access_token', 'idToken', 'id_token'];\nconst refreshTokenKeys = ['refreshToken', 'refresh_token'];\n/**\n * Removes the signature from the JWT token\n * @param body\n */\nexport const removeJwtSignatureFrom = <T extends any>(body: any): T => {\n if (!body) {\n return body;\n }\n\n if (body.authResponse) {\n jwtKeys.forEach((key) => {\n if (body.authResponse[key]) {\n // body.authResponse[key] = \"REDACTED_FOR_SECURITY\";\n // body.authResponse[key] = body.authResponse[key].split('.')[0] + '.' + body.authResponse[key].split('.')[1];\n body.authResponse[key] = `REDACTED_FOR_SECURITY.${body.authResponse[key].split('.')[1]}.REDACTED_FOR_SECURITY`;\n }\n });\n refreshTokenKeys.forEach((key) => {\n if (body.authResponse[key]) {\n delete body.authResponse[key];\n }\n });\n }\n\n jwtKeys.forEach((key) => {\n if (body[key]) {\n // body[key] = \"REDACTED_FOR_SECURITY\";\n // body[key] = body[key].split('.')[0] + '.' + body[key].split('.')[1];\n body[key] = `REDACTED_FOR_SECURITY.${body[key].split('.')[1]}.REDACTED_FOR_SECURITY`;\n }\n });\n refreshTokenKeys.forEach((key) => {\n if (body[key]) {\n delete body[key];\n }\n });\n return body;\n};\n"],"mappings":";;;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,WAAA,GAAAH,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMI,WAAW,GAAGA,CACzBC,GAAW,EACXC,WAAqF,KAClF;EACH,IAAIC,KAAK,CAACC,OAAO,CAACF,WAAW,CAAC,EAAE;IAC9B,KAAK,MAAMG,IAAI,IAAIH,WAAW,EAAE;MAC9B,MAAM;QAAEI,UAAU;QAAEC;MAAW,CAAC,GAAGF,IAAI;MACvC,MAAMG,OAAO,GAAGC,MAAM,CAACH,UAAU,CAAC;MAClC,IAAIE,OAAO,CAACE,IAAI,CAACT,GAAG,CAAW,EAAE;QAC/B,OAAOA,GAAG,CAACU,OAAO,CAACH,OAAO,EAAED,UAAU,CAAC;MACzC;IACF;EACF,CAAC,MAAM;IACL,KAAK,MAAMD,UAAU,IAAIJ,WAAW,EAAE;MACpC,MAAMM,OAAO,GAAGC,MAAM,CAACH,UAAU,CAAC;MAClC,MAAMM,IAAI,GAAGV,WAAW,CAACI,UAAU,CAAC;MACpC,IAAIE,OAAO,CAACE,IAAI,CAACT,GAAG,CAAW,EAAE;QAC/B,OAAOA,GAAG,CAACU,OAAO,CAACH,OAAO,EAAEI,IAAI,CAAC;MACnC;IACF;EACF;EACA,OAAOX,GAAG;AACZ,CAAC;;AAED;AACA;AACA;AACA;AAHAY,OAAA,CAAAb,WAAA,GAAAA,WAAA;AAIO,MAAMc,mBAAmB,GAAIb,GAAW,IAAKA,GAAG,CAACc,QAAQ,CAAC,SAAS,CAAC;;AAE3E;AACA;AACA;AACA;AAHAF,OAAA,CAAAC,mBAAA,GAAAA,mBAAA;AAIO,MAAME,wBAAwB,GAAIf,GAAW,IAAKA,GAAG,CAACc,QAAQ,CAAC,eAAe,CAAC;;AAEtF;AACA;AACA;AACA;AAHAF,OAAA,CAAAG,wBAAA,GAAAA,wBAAA;AAIO,MAAMC,kBAAkB,GAAGA,CAACC,OAAO,GAAGC,eAAM,CAACC,MAAM,KAAuB;EAAA,IAAAC,qBAAA,EAAAC,kBAAA;EAC/E,MAAMC,UAAU,IAAAF,qBAAA,IAAAC,kBAAA,GAAGH,eAAM,CAACK,UAAU,qBAAjBF,kBAAA,CAAmBG,SAAS,YAAAJ,qBAAA,GAAIK,4BAAgB,CAACC,MAAM,CAACF,SAAS;EACpF,MAAMG,UAAU,GAAG,IAAIC,GAAG,CAACX,OAAO,CAAC;EACnC,MAAMY,aAAa,GAAGF,UAAU,CAACG,QAAQ,EAAE,CAACC,QAAQ,CAACT,UAAU,CAAC;EAEhE,MAAMU,WAAW,GAAGH,aAAa,GAAGF,UAAU,CAACM,MAAM,GAAGN,UAAU,CAACO,MAAM,GAAGP,UAAU,CAACG,QAAQ,EAAE;EAEjG,OAAO,IAAAK,sBAAgB,EAACH,WAAW,EAAEd,eAAM,CAACkB,OAAO,CAAC;AACtD,CAAC;AAACxB,OAAA,CAAAI,kBAAA,GAAAA,kBAAA;AAOF;AACA;AACA;AACA;AACO,MAAMqB,kBAAkB,GAAIC,OAAe,IAAa;EAC7D,MAAMC,IAAI,GAAGC,IAAI,CAACC,KAAK,CAACH,OAAO,CAAC;EAEhC,IAAIC,IAAI,CAACG,YAAY,EAAE;IACrBC,MAAM,CAACC,MAAM,CAACL,IAAI,EAAEA,IAAI,CAACG,YAAY,CAAC;EACxC;EACA,OAAO;IACLG,WAAW,EAAEN,IAAI,CAACM,WAAW,IAAIN,IAAI,CAACO,YAAY;IAClDC,YAAY,EAAER,IAAI,CAACQ,YAAY,IAAIR,IAAI,CAACS;EAC1C,CAAC;AACH,CAAC;AAACpC,OAAA,CAAAyB,kBAAA,GAAAA,kBAAA;AAEF,MAAMY,OAAO,GAAG,CAAC,aAAa,EAAE,cAAc,EAAE,SAAS,EAAE,UAAU,CAAC;AACtE,MAAMC,gBAAgB,GAAG,CAAC,cAAc,EAAE,eAAe,CAAC;AAC1D;AACA;AACA;AACA;AACO,MAAMC,sBAAsB,GAAmBZ,IAAS,IAAQ;EACrE,IAAI,CAACA,IAAI,EAAE;IACT,OAAOA,IAAI;EACb;EAEA,IAAIA,IAAI,CAACG,YAAY,EAAE;IACrBO,OAAO,CAACG,OAAO,CAAEC,GAAG,IAAK;MACvB,IAAId,IAAI,CAACG,YAAY,CAACW,GAAG,CAAC,EAAE;QAC1B;QACA;QACAd,IAAI,CAACG,YAAY,CAACW,GAAG,CAAC,GAAI,yBAAwBd,IAAI,CAACG,YAAY,CAACW,GAAG,CAAC,CAACC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAE,wBAAuB;MAChH;IACF,CAAC,CAAC;IACFJ,gBAAgB,CAACE,OAAO,CAAEC,GAAG,IAAK;MAChC,IAAId,IAAI,CAACG,YAAY,CAACW,GAAG,CAAC,EAAE;QAC1B,OAAOd,IAAI,CAACG,YAAY,CAACW,GAAG,CAAC;MAC/B;IACF,CAAC,CAAC;EACJ;EAEAJ,OAAO,CAACG,OAAO,CAAEC,GAAG,IAAK;IACvB,IAAId,IAAI,CAACc,GAAG,CAAC,EAAE;MACb;MACA;MACAd,IAAI,CAACc,GAAG,CAAC,GAAI,yBAAwBd,IAAI,CAACc,GAAG,CAAC,CAACC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAE,wBAAuB;IACtF;EACF,CAAC,CAAC;EACFJ,gBAAgB,CAACE,OAAO,CAAEC,GAAG,IAAK;IAChC,IAAId,IAAI,CAACc,GAAG,CAAC,EAAE;MACb,OAAOd,IAAI,CAACc,GAAG,CAAC;IAClB;EACF,CAAC,CAAC;EACF,OAAOd,IAAI;AACb,CAAC;AAAC3B,OAAA,CAAAuC,sBAAA,GAAAA,sBAAA"}
|
package/package.json
CHANGED
|
@@ -11,6 +11,7 @@ var _FronteggPagesProvider = _interopRequireDefault(require("../FronteggPagesPro
|
|
|
11
11
|
var _refreshAccessTokenIfNeeded = _interopRequireWildcard(require("../../utils/refreshAccessTokenIfNeeded"));
|
|
12
12
|
var _fetchUserData = _interopRequireDefault(require("../../utils/fetchUserData"));
|
|
13
13
|
var _config = _interopRequireDefault(require("../../config"));
|
|
14
|
+
var _helpers = require("../../middleware/helpers");
|
|
14
15
|
var _jsxRuntime = require("react/jsx-runtime");
|
|
15
16
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
16
17
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
@@ -32,18 +33,26 @@ const withFronteggApp = (app, options) => {
|
|
|
32
33
|
appEnvConfig = _config.default.appEnvConfig;
|
|
33
34
|
const url = (_ctx$req = ctx.req) == null ? void 0 : _ctx$req.url;
|
|
34
35
|
if (url && (0, _refreshAccessTokenIfNeeded.isRuntimeNextRequest)(url)) {
|
|
35
|
-
|
|
36
|
+
let session = await (0, _refreshAccessTokenIfNeeded.default)(ctx);
|
|
37
|
+
if (process.env['FRONTEGG_SECURE_JWT_ENABLED'] === 'true') {
|
|
38
|
+
session = (0, _helpers.removeJwtSignatureFrom)(session);
|
|
39
|
+
}
|
|
36
40
|
Object.assign(appContextSessionData, {
|
|
37
41
|
session
|
|
38
42
|
});
|
|
39
43
|
} else {
|
|
40
|
-
|
|
44
|
+
let userData = await (0, _fetchUserData.default)({
|
|
41
45
|
getSession: async () => await (0, _refreshAccessTokenIfNeeded.default)(ctx),
|
|
42
46
|
getHeaders: async () => {
|
|
43
47
|
var _ctx$req$headers, _ctx$req2;
|
|
44
48
|
return (_ctx$req$headers = (_ctx$req2 = ctx.req) == null ? void 0 : _ctx$req2.headers) != null ? _ctx$req$headers : {};
|
|
45
49
|
}
|
|
46
50
|
});
|
|
51
|
+
if (process.env['FRONTEGG_SECURE_JWT_ENABLED'] === 'true' && userData) {
|
|
52
|
+
var _userData;
|
|
53
|
+
userData = (0, _helpers.removeJwtSignatureFrom)(userData);
|
|
54
|
+
userData.session = (0, _helpers.removeJwtSignatureFrom)((_userData = userData) == null ? void 0 : _userData.session);
|
|
55
|
+
}
|
|
47
56
|
Object.assign(appContextSessionData, userData);
|
|
48
57
|
}
|
|
49
58
|
}
|
|
@@ -60,7 +69,8 @@ const withFronteggApp = (app, options) => {
|
|
|
60
69
|
session,
|
|
61
70
|
envAppUrl,
|
|
62
71
|
envBaseUrl,
|
|
63
|
-
envClientId
|
|
72
|
+
envClientId,
|
|
73
|
+
secureJwtEnabled
|
|
64
74
|
} = appProps.pageProps;
|
|
65
75
|
return /*#__PURE__*/(0, _jsxRuntime.jsx)(_FronteggPagesProvider.default, (0, _extends2.default)({}, options, {
|
|
66
76
|
user,
|
|
@@ -69,6 +79,7 @@ const withFronteggApp = (app, options) => {
|
|
|
69
79
|
session,
|
|
70
80
|
envAppUrl,
|
|
71
81
|
envBaseUrl,
|
|
82
|
+
secureJwtEnabled,
|
|
72
83
|
envClientId,
|
|
73
84
|
children: app(appProps)
|
|
74
85
|
}));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"withFronteggApp.js","names":["_react","_interopRequireDefault","require","_FronteggPagesProvider","_refreshAccessTokenIfNeeded","_interopRequireWildcard","_fetchUserData","_config","_jsxRuntime","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","withFronteggApp","app","options","originalGetInitialProps","getInitialProps","appContext","ctx","Component","appEnvConfig","appContextSessionData","session","user","tenants","req","_ctx$req","config","url","isRuntimeNextRequest","refreshAccessTokenIfNeeded","assign","userData","fetchUserData","getSession","getHeaders","_ctx$req$headers","_ctx$req2","headers","pageProps","_extends2","CustomFronteggApp","appProps","activeTenant","envAppUrl","envBaseUrl","envClientId","jsx","children","exports"],"sources":["../../../../../packages/nextjs/src/pages/withFronteggApp/withFronteggApp.tsx"],"sourcesContent":["import React from 'react';\nimport type { AppContext, AppInitialProps, AppProps } from 'next/app';\nimport type { FronteggCustomAppClass, FronteggCustomApp, WithFronteggAppOptions } from './types';\nimport FronteggProvider from '../FronteggPagesProvider';\nimport refreshAccessTokenIfNeeded, { isRuntimeNextRequest } from '../../utils/refreshAccessTokenIfNeeded';\nimport fetchUserData from '../../utils/fetchUserData';\nimport config from '../../config';\nimport { AllUserData } from '../../types';\n\nexport const withFronteggApp = (app: FronteggCustomAppClass, options?: WithFronteggAppOptions): FronteggCustomApp => {\n const originalGetInitialProps = app.getInitialProps;\n\n app.getInitialProps = async (appContext: AppContext & AllUserData): Promise<AppInitialProps> => {\n const { ctx, Component } = appContext;\n\n let appEnvConfig = {};\n let appContextSessionData: AllUserData = {\n session: null,\n user: null,\n tenants: null,\n };\n\n if (ctx.req) {\n appEnvConfig = config.appEnvConfig;\n const url = ctx.req?.url;\n\n if (url && isRuntimeNextRequest(url)) {\n
|
|
1
|
+
{"version":3,"file":"withFronteggApp.js","names":["_react","_interopRequireDefault","require","_FronteggPagesProvider","_refreshAccessTokenIfNeeded","_interopRequireWildcard","_fetchUserData","_config","_helpers","_jsxRuntime","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","withFronteggApp","app","options","originalGetInitialProps","getInitialProps","appContext","ctx","Component","appEnvConfig","appContextSessionData","session","user","tenants","req","_ctx$req","config","url","isRuntimeNextRequest","refreshAccessTokenIfNeeded","process","env","removeJwtSignatureFrom","assign","userData","fetchUserData","getSession","getHeaders","_ctx$req$headers","_ctx$req2","headers","_userData","pageProps","_extends2","CustomFronteggApp","appProps","activeTenant","envAppUrl","envBaseUrl","envClientId","secureJwtEnabled","jsx","children","exports"],"sources":["../../../../../packages/nextjs/src/pages/withFronteggApp/withFronteggApp.tsx"],"sourcesContent":["import React from 'react';\nimport type { AppContext, AppInitialProps, AppProps } from 'next/app';\nimport type { FronteggCustomAppClass, FronteggCustomApp, WithFronteggAppOptions } from './types';\nimport FronteggProvider from '../FronteggPagesProvider';\nimport refreshAccessTokenIfNeeded, { isRuntimeNextRequest } from '../../utils/refreshAccessTokenIfNeeded';\nimport fetchUserData from '../../utils/fetchUserData';\nimport config from '../../config';\nimport { AllUserData } from '../../types';\nimport { removeJwtSignatureFrom } from '../../middleware/helpers';\n\nexport const withFronteggApp = (app: FronteggCustomAppClass, options?: WithFronteggAppOptions): FronteggCustomApp => {\n const originalGetInitialProps = app.getInitialProps;\n\n app.getInitialProps = async (appContext: AppContext & AllUserData): Promise<AppInitialProps> => {\n const { ctx, Component } = appContext;\n\n let appEnvConfig = {};\n let appContextSessionData: AllUserData = {\n session: null,\n user: null,\n tenants: null,\n };\n\n if (ctx.req) {\n appEnvConfig = config.appEnvConfig;\n const url = ctx.req?.url;\n\n if (url && isRuntimeNextRequest(url)) {\n let session = await refreshAccessTokenIfNeeded(ctx);\n if (process.env['FRONTEGG_SECURE_JWT_ENABLED'] === 'true') {\n session = removeJwtSignatureFrom(session);\n }\n Object.assign(appContextSessionData, { session });\n } else {\n let userData = await fetchUserData({\n getSession: async () => await refreshAccessTokenIfNeeded(ctx),\n getHeaders: async () => ctx.req?.headers ?? {},\n });\n if (process.env['FRONTEGG_SECURE_JWT_ENABLED'] === 'true' && userData) {\n userData = removeJwtSignatureFrom(userData);\n userData.session = removeJwtSignatureFrom(userData?.session);\n }\n Object.assign(appContextSessionData, userData);\n }\n }\n\n Object.assign(appContext, appContextSessionData);\n\n return {\n pageProps: {\n ...(originalGetInitialProps ? await originalGetInitialProps(appContext) : {}),\n ...(Component.getInitialProps ? await Component.getInitialProps(ctx) : {}),\n ...(appContextSessionData.session == null ? {} : appContextSessionData),\n ...appEnvConfig,\n },\n };\n };\n\n function CustomFronteggApp(appProps: AppProps) {\n const { user, tenants, activeTenant, session, envAppUrl, envBaseUrl, envClientId, secureJwtEnabled } =\n appProps.pageProps;\n return (\n <FronteggProvider\n {...options}\n {...{\n user,\n tenants,\n activeTenant,\n session,\n envAppUrl,\n envBaseUrl,\n secureJwtEnabled,\n envClientId,\n }}\n >\n {app(appProps) as any}\n </FronteggProvider>\n );\n }\n\n CustomFronteggApp.getInitialProps = app.getInitialProps;\n\n return CustomFronteggApp as FronteggCustomApp;\n};\n"],"mappings":";;;;;;;;AAAA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AAGA,IAAAC,sBAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,2BAAA,GAAAC,uBAAA,CAAAH,OAAA;AACA,IAAAI,cAAA,GAAAL,sBAAA,CAAAC,OAAA;AACA,IAAAK,OAAA,GAAAN,sBAAA,CAAAC,OAAA;AAEA,IAAAM,QAAA,GAAAN,OAAA;AAAkE,IAAAO,WAAA,GAAAP,OAAA;AAAA,SAAAQ,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAN,wBAAAU,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAE3D,MAAMW,eAAe,GAAGA,CAACC,GAA2B,EAAEC,OAAgC,KAAwB;EACnH,MAAMC,uBAAuB,GAAGF,GAAG,CAACG,eAAe;EAEnDH,GAAG,CAACG,eAAe,GAAG,MAAOC,UAAoC,IAA+B;IAC9F,MAAM;MAAEC,GAAG;MAAEC;IAAU,CAAC,GAAGF,UAAU;IAErC,IAAIG,YAAY,GAAG,CAAC,CAAC;IACrB,IAAIC,qBAAkC,GAAG;MACvCC,OAAO,EAAE,IAAI;MACbC,IAAI,EAAE,IAAI;MACVC,OAAO,EAAE;IACX,CAAC;IAED,IAAIN,GAAG,CAACO,GAAG,EAAE;MAAA,IAAAC,QAAA;MACXN,YAAY,GAAGO,eAAM,CAACP,YAAY;MAClC,MAAMQ,GAAG,IAAAF,QAAA,GAAGR,GAAG,CAACO,GAAG,qBAAPC,QAAA,CAASE,GAAG;MAExB,IAAIA,GAAG,IAAI,IAAAC,gDAAoB,EAACD,GAAG,CAAC,EAAE;QACpC,IAAIN,OAAO,GAAG,MAAM,IAAAQ,mCAA0B,EAACZ,GAAG,CAAC;QACnD,IAAIa,OAAO,CAACC,GAAG,CAAC,6BAA6B,CAAC,KAAK,MAAM,EAAE;UACzDV,OAAO,GAAG,IAAAW,+BAAsB,EAACX,OAAO,CAAC;QAC3C;QACAnB,MAAM,CAAC+B,MAAM,CAACb,qBAAqB,EAAE;UAAEC;QAAQ,CAAC,CAAC;MACnD,CAAC,MAAM;QACL,IAAIa,QAAQ,GAAG,MAAM,IAAAC,sBAAa,EAAC;UACjCC,UAAU,EAAE,MAAAA,CAAA,KAAY,MAAM,IAAAP,mCAA0B,EAACZ,GAAG,CAAC;UAC7DoB,UAAU,EAAE,MAAAA,CAAA;YAAA,IAAAC,gBAAA,EAAAC,SAAA;YAAA,QAAAD,gBAAA,IAAAC,SAAA,GAAYtB,GAAG,CAACO,GAAG,qBAAPe,SAAA,CAASC,OAAO,YAAAF,gBAAA,GAAI,CAAC,CAAC;UAAA;QAChD,CAAC,CAAC;QACF,IAAIR,OAAO,CAACC,GAAG,CAAC,6BAA6B,CAAC,KAAK,MAAM,IAAIG,QAAQ,EAAE;UAAA,IAAAO,SAAA;UACrEP,QAAQ,GAAG,IAAAF,+BAAsB,EAACE,QAAQ,CAAC;UAC3CA,QAAQ,CAACb,OAAO,GAAG,IAAAW,+BAAsB,GAAAS,SAAA,GAACP,QAAQ,qBAARO,SAAA,CAAUpB,OAAO,CAAC;QAC9D;QACAnB,MAAM,CAAC+B,MAAM,CAACb,qBAAqB,EAAEc,QAAQ,CAAC;MAChD;IACF;IAEAhC,MAAM,CAAC+B,MAAM,CAACjB,UAAU,EAAEI,qBAAqB,CAAC;IAEhD,OAAO;MACLsB,SAAS,MAAAC,SAAA,CAAA/C,OAAA,MACHkB,uBAAuB,GAAG,MAAMA,uBAAuB,CAACE,UAAU,CAAC,GAAG,CAAC,CAAC,EACxEE,SAAS,CAACH,eAAe,GAAG,MAAMG,SAAS,CAACH,eAAe,CAACE,GAAG,CAAC,GAAG,CAAC,CAAC,EACrEG,qBAAqB,CAACC,OAAO,IAAI,IAAI,GAAG,CAAC,CAAC,GAAGD,qBAAqB,EACnED,YAAY;IAEnB,CAAC;EACH,CAAC;EAED,SAASyB,iBAAiBA,CAACC,QAAkB,EAAE;IAC7C,MAAM;MAAEvB,IAAI;MAAEC,OAAO;MAAEuB,YAAY;MAAEzB,OAAO;MAAE0B,SAAS;MAAEC,UAAU;MAAEC,WAAW;MAAEC;IAAiB,CAAC,GAClGL,QAAQ,CAACH,SAAS;IACpB,oBACE,IAAAtD,WAAA,CAAA+D,GAAA,EAACrE,sBAAA,CAAAc,OAAgB,MAAA+C,SAAA,CAAA/C,OAAA,MACXiB,OAAO;MAETS,IAAI;MACJC,OAAO;MACPuB,YAAY;MACZzB,OAAO;MACP0B,SAAS;MACTC,UAAU;MACVE,gBAAgB;MAChBD,WAAW;MAAAG,QAAA,EAGZxC,GAAG,CAACiC,QAAQ;IAAC,GACG;EAEvB;EAEAD,iBAAiB,CAAC7B,eAAe,GAAGH,GAAG,CAACG,eAAe;EAEvD,OAAO6B,iBAAiB;AAC1B,CAAC;AAACS,OAAA,CAAA1C,eAAA,GAAAA,eAAA"}
|
package/sdkVersion.js
CHANGED
package/sdkVersion.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sdkVersion.js","names":["version","exports","default","_default"],"sources":["../../../packages/nextjs/src/sdkVersion.ts"],"sourcesContent":["export default { version: '8.0.
|
|
1
|
+
{"version":3,"file":"sdkVersion.js","names":["version","exports","default","_default"],"sources":["../../../packages/nextjs/src/sdkVersion.ts"],"sourcesContent":["export default { version: '8.0.26-alpha.9960571383' };\n"],"mappings":";;;;;;eAAe;EAAEA,OAAO,EAAE;AAA0B,CAAC;AAAAC,OAAA,CAAAC,OAAA,GAAAC,QAAA"}
|
package/types/index.d.ts
CHANGED
|
@@ -59,6 +59,7 @@ export interface FronteggProviderOptions extends Omit<FronteggAppOptions, 'conte
|
|
|
59
59
|
envAppUrl: string;
|
|
60
60
|
envBaseUrl: string;
|
|
61
61
|
envClientId: string;
|
|
62
|
+
secureJwtEnabled?: boolean;
|
|
62
63
|
contextOptions?: Omit<FronteggAppOptions['contextOptions'], 'baseUrl'>;
|
|
63
64
|
}
|
|
64
65
|
export interface FronteggProviderProps extends FronteggProviderOptions {
|
package/types/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":[],"sources":["../../../../packages/nextjs/src/types/index.ts"],"sourcesContent":["import type { FronteggAppOptions } from '@frontegg/types';\nimport type { ILoginResponse, ITenantsResponse } from '@frontegg/rest-api';\nimport type { IncomingMessage } from 'http';\nimport type { ReactNode } from 'react';\nimport type { AppRouterInstance } from 'next/dist/shared/lib/app-router-context';\nimport type { NextRouter } from 'next/router';\n\nexport interface EncryptionUtils {\n unsealTokens(data: string): Promise<FronteggUserTokens | undefined>;\n\n sealTokens(tokens: FronteggUserTokens, ttl: number): Promise<string>;\n}\n\nexport interface FronteggUserTokens {\n accessToken: string;\n refreshToken?: string;\n}\n\nexport interface FronteggNextJSSession extends FronteggUserTokens {\n user: FronteggUserSession;\n}\n\nexport type RequestType = IncomingMessage | Request;\n\nexport interface AccountEnvironment {\n id: string;\n createdAt: string;\n environment: 'production' | 'development';\n}\n\nexport interface CustomClaims {\n accountEnvironments: AccountEnvironment[];\n}\n\nexport interface FronteggUserTokens {\n accessToken: string;\n refreshToken?: string;\n}\n\nexport interface AllUserData {\n user?: ILoginResponse | null;\n tenants?: ITenantsResponse[] | null;\n activeTenant?: ITenantsResponse;\n session?: FronteggNextJSSession | null;\n}\nexport interface FronteggUserSession {\n sub: string;\n name: string;\n email: string;\n email_verified: boolean;\n metadata: any;\n roles: string[];\n permissions: string[];\n tenantId: string;\n tenantIds: string[];\n profilePictureUrl: string;\n type: string; // \"userToken\"\n customClaims: CustomClaims;\n iat: number;\n exp: number;\n aud: string;\n iss: string;\n}\n\nexport interface FronteggNextJSSession extends FronteggUserTokens {\n user: FronteggUserSession;\n}\n\nexport interface FronteggProviderOptions extends Omit<FronteggAppOptions, 'contextOptions'>, AllUserData {\n envAppUrl: string;\n envBaseUrl: string;\n envClientId: string;\n contextOptions?: Omit<FronteggAppOptions['contextOptions'], 'baseUrl'>;\n}\n\nexport interface FronteggProviderProps extends FronteggProviderOptions {\n children?: ReactNode;\n router: AppRouterInstance | NextRouter;\n appName?: string;\n}\n\ntype CustomLoginOptionsWithParamKeyType = {\n /**\n *The param key from your tenant login url, for 'frontegg.com?organization=[tenant]' would be 'organization'\n */\n paramKey: string;\n subDomainIndex?: never;\n};\n\ntype CustomLoginOptionsWithSubDomainType = {\n /**\n *The index of sub domain from your tenant login url, for 'https://[tenant].frontegg.com' would be 0\n */\n subDomainIndex: number;\n paramKey?: never;\n};\n\nexport type CustomLoginOptionsType = CustomLoginOptionsWithParamKeyType | CustomLoginOptionsWithSubDomainType;\n\ntype PagesDirectoryProviderProps = {\n customLoginOptions?: CustomLoginOptionsType;\n};\n\nexport type ClientFronteggProviderProps = Omit<FronteggProviderProps, 'router'> & PagesDirectoryProviderProps;\n\ndeclare module 'iron-session' {\n interface IronSessionData {\n accessToken: FronteggNextJSSession['accessToken'];\n user: FronteggNextJSSession['user'];\n }\n}\n\ndeclare global {\n var customLoginAppUrl: string | undefined;\n interface ProcessEnv {\n FRONTEGG_BASE_URL: string;\n PORT?: string;\n PWD: string;\n }\n}\n"],"mappings":""}
|
|
1
|
+
{"version":3,"file":"index.js","names":[],"sources":["../../../../packages/nextjs/src/types/index.ts"],"sourcesContent":["import type { FronteggAppOptions } from '@frontegg/types';\nimport type { ILoginResponse, ITenantsResponse } from '@frontegg/rest-api';\nimport type { IncomingMessage } from 'http';\nimport type { ReactNode } from 'react';\nimport type { AppRouterInstance } from 'next/dist/shared/lib/app-router-context';\nimport type { NextRouter } from 'next/router';\n\nexport interface EncryptionUtils {\n unsealTokens(data: string): Promise<FronteggUserTokens | undefined>;\n\n sealTokens(tokens: FronteggUserTokens, ttl: number): Promise<string>;\n}\n\nexport interface FronteggUserTokens {\n accessToken: string;\n refreshToken?: string;\n}\n\nexport interface FronteggNextJSSession extends FronteggUserTokens {\n user: FronteggUserSession;\n}\n\nexport type RequestType = IncomingMessage | Request;\n\nexport interface AccountEnvironment {\n id: string;\n createdAt: string;\n environment: 'production' | 'development';\n}\n\nexport interface CustomClaims {\n accountEnvironments: AccountEnvironment[];\n}\n\nexport interface FronteggUserTokens {\n accessToken: string;\n refreshToken?: string;\n}\n\nexport interface AllUserData {\n user?: ILoginResponse | null;\n tenants?: ITenantsResponse[] | null;\n activeTenant?: ITenantsResponse;\n session?: FronteggNextJSSession | null;\n}\nexport interface FronteggUserSession {\n sub: string;\n name: string;\n email: string;\n email_verified: boolean;\n metadata: any;\n roles: string[];\n permissions: string[];\n tenantId: string;\n tenantIds: string[];\n profilePictureUrl: string;\n type: string; // \"userToken\"\n customClaims: CustomClaims;\n iat: number;\n exp: number;\n aud: string;\n iss: string;\n}\n\nexport interface FronteggNextJSSession extends FronteggUserTokens {\n user: FronteggUserSession;\n}\n\nexport interface FronteggProviderOptions extends Omit<FronteggAppOptions, 'contextOptions'>, AllUserData {\n envAppUrl: string;\n envBaseUrl: string;\n envClientId: string;\n secureJwtEnabled?: boolean;\n contextOptions?: Omit<FronteggAppOptions['contextOptions'], 'baseUrl'>;\n}\n\nexport interface FronteggProviderProps extends FronteggProviderOptions {\n children?: ReactNode;\n router: AppRouterInstance | NextRouter;\n appName?: string;\n}\n\ntype CustomLoginOptionsWithParamKeyType = {\n /**\n *The param key from your tenant login url, for 'frontegg.com?organization=[tenant]' would be 'organization'\n */\n paramKey: string;\n subDomainIndex?: never;\n};\n\ntype CustomLoginOptionsWithSubDomainType = {\n /**\n *The index of sub domain from your tenant login url, for 'https://[tenant].frontegg.com' would be 0\n */\n subDomainIndex: number;\n paramKey?: never;\n};\n\nexport type CustomLoginOptionsType = CustomLoginOptionsWithParamKeyType | CustomLoginOptionsWithSubDomainType;\n\ntype PagesDirectoryProviderProps = {\n customLoginOptions?: CustomLoginOptionsType;\n};\n\nexport type ClientFronteggProviderProps = Omit<FronteggProviderProps, 'router'> & PagesDirectoryProviderProps;\n\ndeclare module 'iron-session' {\n interface IronSessionData {\n accessToken: FronteggNextJSSession['accessToken'];\n user: FronteggNextJSSession['user'];\n }\n}\n\ndeclare global {\n var customLoginAppUrl: string | undefined;\n interface ProcessEnv {\n FRONTEGG_BASE_URL: string;\n PORT?: string;\n PWD: string;\n }\n}\n"],"mappings":""}
|
|
@@ -54,8 +54,9 @@ const initializeFronteggApp = ({
|
|
|
54
54
|
});
|
|
55
55
|
return additionalHeaders;
|
|
56
56
|
},
|
|
57
|
+
tokenResolver: options.secureJwtEnabled ? () => '' : undefined,
|
|
57
58
|
baseUrl: path => {
|
|
58
|
-
if ((0, _utils.isMiddlewarePath)(path)) {
|
|
59
|
+
if ((0, _utils.isMiddlewarePath)(path) || options.secureJwtEnabled) {
|
|
59
60
|
return `${options.envAppUrl}/api`;
|
|
60
61
|
} else {
|
|
61
62
|
return options.envBaseUrl;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":["_js","require","_reduxStore","_sdkVersion","_interopRequireDefault","_package","_utils","initializeFronteggApp","options","onRedirectTo","appName","storeHolder","_options$authOptions","_options$authOptions2","_options$hostedLoginB","_options$authOptions$","_options$authOptions3","_options$auditsOption","session","user","tenants","activeTenant","accessToken","refreshToken","contextOptions","_extends2","default","requestCredentials","additionalHeadersResolver","_options$contextOptio","additionalHeaders","originalAdditionalHeadersResolver","push","e","Array","isArray","key","value","nextjsPkg","version","sdkVersion","baseUrl","path","isMiddlewarePath","envAppUrl","envBaseUrl","clientId","envClientId","tenantsState","defaultTenantsState","authOptions","userData","
|
|
1
|
+
{"version":3,"file":"index.js","names":["_js","require","_reduxStore","_sdkVersion","_interopRequireDefault","_package","_utils","initializeFronteggApp","options","onRedirectTo","appName","storeHolder","_options$authOptions","_options$authOptions2","_options$hostedLoginB","_options$authOptions$","_options$authOptions3","_options$auditsOption","session","user","tenants","activeTenant","accessToken","refreshToken","contextOptions","_extends2","default","requestCredentials","additionalHeadersResolver","_options$contextOptio","additionalHeaders","originalAdditionalHeadersResolver","push","e","Array","isArray","key","value","nextjsPkg","version","sdkVersion","tokenResolver","secureJwtEnabled","undefined","baseUrl","path","isMiddlewarePath","envAppUrl","envBaseUrl","clientId","envClientId","tenantsState","defaultTenantsState","authOptions","userData","isLoading","isAuthenticated","hostedLoginBox","disableSilentRefresh","sharedStore","createFronteggStore","context","previewMode","auth","audits","auditsOptions","urlStrategy","createdApp","AppHolder","getInstance","store","_options$hostedLoginB2","_options$customLoginB","initialize","customLoginBox","basename","_default","exports"],"sources":["../../../../../packages/nextjs/src/utils/initializeFronteggApp/index.ts"],"sourcesContent":["import { AppHolder, FronteggApp, initialize } from '@frontegg/js';\nimport { createFronteggStore, AuthState, tenantsState as defaultTenantsState } from '@frontegg/redux-store';\nimport { KeyValuePair } from '@frontegg/rest-api';\nimport { FronteggAppOptions } from '@frontegg/types';\nimport sdkVersion from '../../sdkVersion';\nimport type { FronteggProviderOptions } from '../../types';\nimport nextjsPkg from 'next/package.json';\nimport { isMiddlewarePath } from '../../api/utils';\n\ntype CreateOrGetFronteggAppParams = {\n options: FronteggProviderOptions;\n onRedirectTo: AuthState['onRedirectTo'];\n appName?: string;\n storeHolder: any;\n};\n\nconst initializeFronteggApp = ({\n options,\n onRedirectTo,\n appName,\n storeHolder,\n}: CreateOrGetFronteggAppParams): FronteggApp => {\n const { session, user, tenants, activeTenant } = options;\n const { accessToken, refreshToken } = session ?? {};\n\n const contextOptions: FronteggAppOptions['contextOptions'] = {\n requestCredentials: 'include' as RequestCredentials,\n ...options.contextOptions,\n additionalHeadersResolver: async () => {\n const additionalHeaders: KeyValuePair[] = [];\n const originalAdditionalHeadersResolver = options.contextOptions?.additionalHeadersResolver;\n if (typeof originalAdditionalHeadersResolver === 'function') {\n try {\n additionalHeaders.push(...(await originalAdditionalHeadersResolver()));\n } catch (e) {\n /** ignore failed additionalHeadersResolver */\n }\n } else if (Array.isArray(originalAdditionalHeadersResolver)) {\n additionalHeaders.push(...(originalAdditionalHeadersResolver as KeyValuePair[]));\n }\n additionalHeaders.push({\n key: 'x-frontegg-framework',\n value: `next@${nextjsPkg.version}`,\n });\n additionalHeaders.push({\n key: 'x-frontegg-sdk',\n value: `@frontegg/nextjs@${sdkVersion.version}`,\n });\n return additionalHeaders;\n },\n tokenResolver: options.secureJwtEnabled ? () => '' : undefined,\n baseUrl: (path: string) => {\n if (isMiddlewarePath(path) || options.secureJwtEnabled) {\n return `${options.envAppUrl}/api`;\n } else {\n return options.envBaseUrl;\n }\n },\n clientId: options.envClientId,\n };\n\n const tenantsState = {\n ...defaultTenantsState,\n tenants: tenants || [],\n activeTenant,\n ...options.authOptions?.tenantsState,\n };\n const userData = user\n ? {\n ...user,\n accessToken: accessToken ?? '',\n refreshToken: refreshToken ?? undefined,\n ...options.authOptions?.user,\n }\n : null;\n\n const authOptions: FronteggAppOptions['authOptions'] = {\n ...options.authOptions,\n onRedirectTo,\n isLoading: false,\n isAuthenticated: !!options.session,\n hostedLoginBox: options.hostedLoginBox ?? false,\n disableSilentRefresh: options.authOptions?.disableSilentRefresh ?? true,\n user: userData,\n tenantsState,\n };\n\n const sharedStore = createFronteggStore(\n { context: contextOptions, appName: appName ?? 'default' },\n storeHolder,\n options.previewMode,\n authOptions,\n {\n auth: authOptions ?? {},\n audits: options.auditsOptions ?? {},\n },\n false,\n options.urlStrategy\n );\n\n let createdApp;\n try {\n createdApp = AppHolder.getInstance(appName ?? 'default');\n createdApp.store = sharedStore;\n } catch (e) {\n createdApp = initialize(\n {\n ...options,\n store: sharedStore,\n hostedLoginBox: options.hostedLoginBox ?? false,\n customLoginBox: options.customLoginBox ?? false,\n basename: options.basename,\n authOptions,\n contextOptions,\n onRedirectTo,\n },\n appName ?? 'default'\n );\n }\n return createdApp;\n};\n\nexport default initializeFronteggApp;\n"],"mappings":";;;;;;;;AAAA,IAAAA,GAAA,GAAAC,OAAA;AACA,IAAAC,WAAA,GAAAD,OAAA;AAGA,IAAAE,WAAA,GAAAC,sBAAA,CAAAH,OAAA;AAEA,IAAAI,QAAA,GAAAD,sBAAA,CAAAH,OAAA;AACA,IAAAK,MAAA,GAAAL,OAAA;AASA,MAAMM,qBAAqB,GAAGA,CAAC;EAC7BC,OAAO;EACPC,YAAY;EACZC,OAAO;EACPC;AAC4B,CAAC,KAAkB;EAAA,IAAAC,oBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,qBAAA;EAC/C,MAAM;IAAEC,OAAO;IAAEC,IAAI;IAAEC,OAAO;IAAEC;EAAa,CAAC,GAAGb,OAAO;EACxD,MAAM;IAAEc,WAAW;IAAEC;EAAa,CAAC,GAAGL,OAAO,WAAPA,OAAO,GAAI,CAAC,CAAC;EAEnD,MAAMM,cAAoD,OAAAC,SAAA,CAAAC,OAAA;IACxDC,kBAAkB,EAAE;EAA+B,GAChDnB,OAAO,CAACgB,cAAc;IACzBI,yBAAyB,EAAE,MAAAA,CAAA,KAAY;MAAA,IAAAC,qBAAA;MACrC,MAAMC,iBAAiC,GAAG,EAAE;MAC5C,MAAMC,iCAAiC,IAAAF,qBAAA,GAAGrB,OAAO,CAACgB,cAAc,qBAAtBK,qBAAA,CAAwBD,yBAAyB;MAC3F,IAAI,OAAOG,iCAAiC,KAAK,UAAU,EAAE;QAC3D,IAAI;UACFD,iBAAiB,CAACE,IAAI,CAAC,IAAI,MAAMD,iCAAiC,EAAE,CAAC,CAAC;QACxE,CAAC,CAAC,OAAOE,CAAC,EAAE;UACV;QAAA;MAEJ,CAAC,MAAM,IAAIC,KAAK,CAACC,OAAO,CAACJ,iCAAiC,CAAC,EAAE;QAC3DD,iBAAiB,CAACE,IAAI,CAAC,GAAID,iCAAoD,CAAC;MAClF;MACAD,iBAAiB,CAACE,IAAI,CAAC;QACrBI,GAAG,EAAE,sBAAsB;QAC3BC,KAAK,EAAG,QAAOC,gBAAS,CAACC,OAAQ;MACnC,CAAC,CAAC;MACFT,iBAAiB,CAACE,IAAI,CAAC;QACrBI,GAAG,EAAE,gBAAgB;QACrBC,KAAK,EAAG,oBAAmBG,mBAAU,CAACD,OAAQ;MAChD,CAAC,CAAC;MACF,OAAOT,iBAAiB;IAC1B,CAAC;IACDW,aAAa,EAAEjC,OAAO,CAACkC,gBAAgB,GAAG,MAAM,EAAE,GAAGC,SAAS;IAC9DC,OAAO,EAAGC,IAAY,IAAK;MACzB,IAAI,IAAAC,uBAAgB,EAACD,IAAI,CAAC,IAAIrC,OAAO,CAACkC,gBAAgB,EAAE;QACtD,OAAQ,GAAElC,OAAO,CAACuC,SAAU,MAAK;MACnC,CAAC,MAAM;QACL,OAAOvC,OAAO,CAACwC,UAAU;MAC3B;IACF,CAAC;IACDC,QAAQ,EAAEzC,OAAO,CAAC0C;EAAW,EAC9B;EAED,MAAMC,YAAY,OAAA1B,SAAA,CAAAC,OAAA,MACb0B,wBAAmB;IACtBhC,OAAO,EAAEA,OAAO,IAAI,EAAE;IACtBC;EAAY,IAAAT,oBAAA,GACTJ,OAAO,CAAC6C,WAAW,qBAAnBzC,oBAAA,CAAqBuC,YAAY,CACrC;EACD,MAAMG,QAAQ,GAAGnC,IAAI,OAAAM,SAAA,CAAAC,OAAA,MAEZP,IAAI;IACPG,WAAW,EAAEA,WAAW,WAAXA,WAAW,GAAI,EAAE;IAC9BC,YAAY,EAAEA,YAAY,WAAZA,YAAY,GAAIoB;EAAS,IAAA9B,qBAAA,GACpCL,OAAO,CAAC6C,WAAW,qBAAnBxC,qBAAA,CAAqBM,IAAI,IAE9B,IAAI;EAER,MAAMkC,WAA8C,OAAA5B,SAAA,CAAAC,OAAA,MAC/ClB,OAAO,CAAC6C,WAAW;IACtB5C,YAAY;IACZ8C,SAAS,EAAE,KAAK;IAChBC,eAAe,EAAE,CAAC,CAAChD,OAAO,CAACU,OAAO;IAClCuC,cAAc,GAAA3C,qBAAA,GAAEN,OAAO,CAACiD,cAAc,YAAA3C,qBAAA,GAAI,KAAK;IAC/C4C,oBAAoB,GAAA3C,qBAAA,IAAAC,qBAAA,GAAER,OAAO,CAAC6C,WAAW,qBAAnBrC,qBAAA,CAAqB0C,oBAAoB,YAAA3C,qBAAA,GAAI,IAAI;IACvEI,IAAI,EAAEmC,QAAQ;IACdH;EAAY,EACb;EAED,MAAMQ,WAAW,GAAG,IAAAC,+BAAmB,EACrC;IAAEC,OAAO,EAAErC,cAAc;IAAEd,OAAO,EAAEA,OAAO,WAAPA,OAAO,GAAI;EAAU,CAAC,EAC1DC,WAAW,EACXH,OAAO,CAACsD,WAAW,EACnBT,WAAW,EACX;IACEU,IAAI,EAAEV,WAAW,WAAXA,WAAW,GAAI,CAAC,CAAC;IACvBW,MAAM,GAAA/C,qBAAA,GAAET,OAAO,CAACyD,aAAa,YAAAhD,qBAAA,GAAI,CAAC;EACpC,CAAC,EACD,KAAK,EACLT,OAAO,CAAC0D,WAAW,CACpB;EAED,IAAIC,UAAU;EACd,IAAI;IACFA,UAAU,GAAGC,aAAS,CAACC,WAAW,CAAC3D,OAAO,WAAPA,OAAO,GAAI,SAAS,CAAC;IACxDyD,UAAU,CAACG,KAAK,GAAGX,WAAW;EAChC,CAAC,CAAC,OAAO1B,CAAC,EAAE;IAAA,IAAAsC,sBAAA,EAAAC,qBAAA;IACVL,UAAU,GAAG,IAAAM,cAAU,MAAAhD,SAAA,CAAAC,OAAA,MAEhBlB,OAAO;MACV8D,KAAK,EAAEX,WAAW;MAClBF,cAAc,GAAAc,sBAAA,GAAE/D,OAAO,CAACiD,cAAc,YAAAc,sBAAA,GAAI,KAAK;MAC/CG,cAAc,GAAAF,qBAAA,GAAEhE,OAAO,CAACkE,cAAc,YAAAF,qBAAA,GAAI,KAAK;MAC/CG,QAAQ,EAAEnE,OAAO,CAACmE,QAAQ;MAC1BtB,WAAW;MACX7B,cAAc;MACdf;IAAY,IAEdC,OAAO,WAAPA,OAAO,GAAI,SAAS,CACrB;EACH;EACA,OAAOyD,UAAU;AACnB,CAAC;AAAC,IAAAS,QAAA,GAEarE,qBAAqB;AAAAsE,OAAA,CAAAnD,OAAA,GAAAkD,QAAA"}
|
|
@@ -15,6 +15,7 @@ var _fronteggLogger = _interopRequireDefault(require("../fronteggLogger"));
|
|
|
15
15
|
var _cookies = _interopRequireDefault(require("../cookies"));
|
|
16
16
|
var _api = _interopRequireDefault(require("../../api"));
|
|
17
17
|
var _common = require("../../common");
|
|
18
|
+
var _config = _interopRequireDefault(require("../../config"));
|
|
18
19
|
function hasRefreshTokenCookie(cookies) {
|
|
19
20
|
const logger = _fronteggLogger.default.child({
|
|
20
21
|
tag: 'refreshToken.hasRefreshTokenCookie'
|
|
@@ -54,8 +55,15 @@ async function refreshAccessTokenHostedLogin(request) {
|
|
|
54
55
|
logger.info('refresh token not found');
|
|
55
56
|
return null;
|
|
56
57
|
}
|
|
57
|
-
|
|
58
|
-
|
|
58
|
+
if (_config.default.secureJwtEnabled) {
|
|
59
|
+
const clientId = _config.default.clientId;
|
|
60
|
+
const clientSecret = _config.default.clientSecret;
|
|
61
|
+
logger.info('going to refresh token (hosted-login mode) (secure-jwt mode)');
|
|
62
|
+
return await _api.default.refreshTokenHostedLogin(headers, tokens.refreshToken, clientId, clientSecret);
|
|
63
|
+
} else {
|
|
64
|
+
logger.info('going to refresh token (hosted-login mode) ', tokens.refreshToken);
|
|
65
|
+
return await _api.default.refreshTokenHostedLogin(headers, tokens.refreshToken);
|
|
66
|
+
}
|
|
59
67
|
} catch (e) {
|
|
60
68
|
logger.error(e);
|
|
61
69
|
return null;
|