@frontegg/nextjs 9.0.4 → 9.0.5-alpha.11469892684
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/README.md +29 -8
- package/api/utils.js +24 -1
- package/api/utils.js.map +1 -1
- package/app/FronteggAppProvider.js +1 -1
- package/app/FronteggAppProvider.js.map +1 -1
- package/app/FronteggAppRouter.d.ts +7 -0
- package/app/FronteggAppRouter.js +25 -0
- package/app/FronteggAppRouter.js.map +1 -1
- package/app/getAppUrlForCustomLoginWithSubdomain.js +1 -1
- package/app/getAppUrlForCustomLoginWithSubdomain.js.map +1 -1
- package/app/helpers.d.ts +8 -2
- package/app/helpers.js +56 -11
- package/app/helpers.js.map +1 -1
- package/common/FronteggBaseProvider.js +4 -2
- package/common/FronteggBaseProvider.js.map +1 -1
- package/common/hooks.js +5 -2
- package/common/hooks.js.map +1 -1
- package/config/constants.d.ts +21 -0
- package/config/constants.js +4 -0
- package/config/constants.js.map +1 -1
- package/config/index.d.ts +3 -0
- package/config/index.js +37 -5
- package/config/index.js.map +1 -1
- package/edge/getSessionOnEdge.js +22 -5
- package/edge/getSessionOnEdge.js.map +1 -1
- package/index.js +1 -1
- package/middleware/ProxyRequestCallback.js +13 -13
- package/middleware/ProxyRequestCallback.js.map +1 -1
- package/no-ssr/FronteggProviderNoSSR.js +1 -1
- package/no-ssr/FronteggProviderNoSSR.js.map +1 -1
- package/package.json +1 -1
- package/pages/withFronteggApp/withFronteggApp.js +3 -1
- package/pages/withFronteggApp/withFronteggApp.js.map +1 -1
- package/sdkVersion.js +1 -1
- package/sdkVersion.js.map +1 -1
- package/types/index.d.ts +1 -0
- package/types/index.js.map +1 -1
- package/utils/cookies/helpers.js +7 -1
- package/utils/cookies/helpers.js.map +1 -1
- package/utils/cookies/index.js +32 -4
- package/utils/cookies/index.js.map +1 -1
- package/utils/fetchUserData/index.js +4 -0
- package/utils/fetchUserData/index.js.map +1 -1
- package/utils/initializeFronteggApp/index.js +2 -1
- package/utils/initializeFronteggApp/index.js.map +1 -1
- package/utils/refreshAccessTokenIfNeeded/helpers.js +6 -0
- package/utils/refreshAccessTokenIfNeeded/helpers.js.map +1 -1
- package/utils/refreshAccessTokenIfNeeded/index.js +5 -4
- package/utils/refreshAccessTokenIfNeeded/index.js.map +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"helpers.js","names":["_serializer","_interopRequireDefault","require","_constants","_common","_config","getIndexedCookieName","index","_cookieName","cookieName","config","exports","splitValueToChunks","value","options","cookieOptionLength","cookieSerializer","serialize","length","chunkSize","COOKIE_MAX_LENGTH","valueChunks","chunkString","map","chunk","indexedCookieName","getCookieHeader","request","cookieHeader","headers","get","cookie","getRefreshTokenCookieNameVariants","
|
|
1
|
+
{"version":3,"file":"helpers.js","names":["_serializer","_interopRequireDefault","require","_constants","_common","_config","getIndexedCookieName","index","_cookieName","cookieName","config","exports","splitValueToChunks","value","options","cookieOptionLength","cookieSerializer","serialize","length","chunkSize","COOKIE_MAX_LENGTH","valueChunks","chunkString","map","chunk","indexedCookieName","getCookieHeader","request","cookieHeader","headers","get","cookie","getRefreshTokenCookieNameVariants","rewriteCookieByAppId","appId","replace","clientId"],"sources":["../../../../../packages/nextjs/src/utils/cookies/helpers.ts"],"sourcesContent":["import cookieSerializer from './serializer';\nimport { COOKIE_MAX_LENGTH } from './constants';\nimport { chunkString } from '../common';\nimport config from '../../config';\nimport { CookieSerializeOptions, RequestType } from './types';\n\n/**\n * Return a cookieName with index, used for divided cookies.\n *\n * @param {number} index - The index of the cookie, starts with '1'\n * @param {string} _cookieName - Default is {@link config.cookieName}\n */\nexport const getIndexedCookieName = (index: number, _cookieName?: string) => {\n const cookieName = _cookieName ?? config.cookieName;\n return `${cookieName}-${index}`;\n};\n\n/**\n * Split cookie value if value length exceeded the MAX Length of a standard HTTP header.\n * Used to split the session cookie.\n *\n * @param {string} cookieName - Cookie name for serializing\n * @param {string} value - cookie value to split if needed\n * @param {CookieSerializeOptions} options - {@link CookieSerializeOptions} for serializing\n */\nexport const splitValueToChunks = (cookieName: string, value: string, options: CookieSerializeOptions): string[] => {\n const cookieOptionLength = cookieSerializer.serialize(getIndexedCookieName(1, cookieName), '', options).length;\n const chunkSize = COOKIE_MAX_LENGTH - cookieOptionLength - 1;\n\n const valueChunks = chunkString(value, chunkSize);\n\n return valueChunks.map((chunk, index) => {\n const indexedCookieName = getIndexedCookieName(index + 1, cookieName);\n return cookieSerializer.serialize(indexedCookieName, chunk, options) + ';';\n });\n};\n\n/**\n * Receive incoming http request, and extract the cookie header.\n * @return cookie as string if exists, else empty string\n *\n * @param {RequestType} request - Incoming HTTP Request\n */\nexport const getCookieHeader = (request: RequestType): string => {\n let cookieHeader: string | null | undefined;\n if ('credentials' in request) {\n cookieHeader = request.headers.get('cookie');\n } else {\n cookieHeader = request.headers.cookie;\n }\n if (!cookieHeader) {\n return '';\n }\n\n return cookieHeader;\n};\n\nexport const getRefreshTokenCookieNameVariants = () => {\n if (config.rewriteCookieByAppId && config.appId) {\n return [\n `fe_refresh_${config.appId}`,\n `fe_refresh_${config.appId.replace('-', '')}`,\n `fe_refresh_${config.appId.replace(/-/g, '')}`,\n ];\n } else {\n return [\n `fe_refresh_${config.clientId}`,\n `fe_refresh_${config.clientId.replace('-', '')}`,\n `fe_refresh_${config.clientId.replace(/-/g, '')}`,\n ];\n }\n};\n"],"mappings":";;;;;;;AAAA,IAAAA,WAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAJ,sBAAA,CAAAC,OAAA;AAGA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMI,oBAAoB,GAAGA,CAACC,KAAa,EAAEC,WAAoB,KAAK;EAC3E,MAAMC,UAAU,GAAGD,WAAW,WAAXA,WAAW,GAAIE,eAAM,CAACD,UAAU;EACnD,OAAQ,GAAEA,UAAW,IAAGF,KAAM,EAAC;AACjC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAPAI,OAAA,CAAAL,oBAAA,GAAAA,oBAAA;AAQO,MAAMM,kBAAkB,GAAGA,CAACH,UAAkB,EAAEI,KAAa,EAAEC,OAA+B,KAAe;EAClH,MAAMC,kBAAkB,GAAGC,mBAAgB,CAACC,SAAS,CAACX,oBAAoB,CAAC,CAAC,EAAEG,UAAU,CAAC,EAAE,EAAE,EAAEK,OAAO,CAAC,CAACI,MAAM;EAC9G,MAAMC,SAAS,GAAGC,4BAAiB,GAAGL,kBAAkB,GAAG,CAAC;EAE5D,MAAMM,WAAW,GAAG,IAAAC,mBAAW,EAACT,KAAK,EAAEM,SAAS,CAAC;EAEjD,OAAOE,WAAW,CAACE,GAAG,CAAC,CAACC,KAAK,EAAEjB,KAAK,KAAK;IACvC,MAAMkB,iBAAiB,GAAGnB,oBAAoB,CAACC,KAAK,GAAG,CAAC,EAAEE,UAAU,CAAC;IACrE,OAAOO,mBAAgB,CAACC,SAAS,CAACQ,iBAAiB,EAAED,KAAK,EAAEV,OAAO,CAAC,GAAG,GAAG;EAC5E,CAAC,CAAC;AACJ,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AALAH,OAAA,CAAAC,kBAAA,GAAAA,kBAAA;AAMO,MAAMc,eAAe,GAAIC,OAAoB,IAAa;EAC/D,IAAIC,YAAuC;EAC3C,IAAI,aAAa,IAAID,OAAO,EAAE;IAC5BC,YAAY,GAAGD,OAAO,CAACE,OAAO,CAACC,GAAG,CAAC,QAAQ,CAAC;EAC9C,CAAC,MAAM;IACLF,YAAY,GAAGD,OAAO,CAACE,OAAO,CAACE,MAAM;EACvC;EACA,IAAI,CAACH,YAAY,EAAE;IACjB,OAAO,EAAE;EACX;EAEA,OAAOA,YAAY;AACrB,CAAC;AAACjB,OAAA,CAAAe,eAAA,GAAAA,eAAA;AAEK,MAAMM,iCAAiC,GAAGA,CAAA,KAAM;EACrD,IAAItB,eAAM,CAACuB,oBAAoB,IAAIvB,eAAM,CAACwB,KAAK,EAAE;IAC/C,OAAO,CACJ,cAAaxB,eAAM,CAACwB,KAAM,EAAC,EAC3B,cAAaxB,eAAM,CAACwB,KAAK,CAACC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAE,EAAC,EAC5C,cAAazB,eAAM,CAACwB,KAAK,CAACC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAE,EAAC,CAC/C;EACH,CAAC,MAAM;IACL,OAAO,CACJ,cAAazB,eAAM,CAAC0B,QAAS,EAAC,EAC9B,cAAa1B,eAAM,CAAC0B,QAAQ,CAACD,OAAO,CAAC,GAAG,EAAE,EAAE,CAAE,EAAC,EAC/C,cAAazB,eAAM,CAAC0B,QAAQ,CAACD,OAAO,CAAC,IAAI,EAAE,EAAE,CAAE,EAAC,CAClD;EACH;AACF,CAAC;AAACxB,OAAA,CAAAqB,iCAAA,GAAAA,iCAAA"}
|
package/utils/cookies/index.js
CHANGED
|
@@ -70,6 +70,23 @@ class CookieManager {
|
|
|
70
70
|
logger.info(`No headers to modify`);
|
|
71
71
|
return setCookieValue;
|
|
72
72
|
}
|
|
73
|
+
|
|
74
|
+
// noinspection SuspiciousTypeOfGuard
|
|
75
|
+
if (typeof setCookieValue === 'string') {
|
|
76
|
+
const cookieRegexSplitter = /(.*?;.*?(?:Expires=[^;]+;.*?)?(?=,\s*\S+=|$))/g;
|
|
77
|
+
const cookies = [];
|
|
78
|
+
const cookieHeader = `${setCookieValue}`;
|
|
79
|
+
let match;
|
|
80
|
+
while ((match = cookieRegexSplitter.exec(cookieHeader)) !== null) {
|
|
81
|
+
let cookieString = match[1].trim();
|
|
82
|
+
if (cookieString.startsWith(',')) {
|
|
83
|
+
cookies.push(cookieString.substring(1).trim());
|
|
84
|
+
} else {
|
|
85
|
+
cookies.push(cookieString);
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
setCookieValue = cookies;
|
|
89
|
+
}
|
|
73
90
|
logger.info(`modifying cookie headers (count: ${setCookieValue.length})`);
|
|
74
91
|
return setCookieValue.map(c => {
|
|
75
92
|
let cookie = c.split('; ');
|
|
@@ -78,16 +95,27 @@ class CookieManager {
|
|
|
78
95
|
cookie = cookie.filter(property => property !== 'Secure' && property !== 'SameSite=None');
|
|
79
96
|
}
|
|
80
97
|
return cookie.map(property => {
|
|
81
|
-
if (property.
|
|
98
|
+
if (property.trim().startsWith(`fe_refresh_${_config.default.clientId.replace('-', '')}`)) {
|
|
99
|
+
if (_config.default.rewriteCookieByAppId && _config.default.appId) {
|
|
100
|
+
return property.replace(`fe_refresh_${_config.default.clientId.replace('-', '')}`, `fe_refresh_${_config.default.appId.replace('-', '')}`);
|
|
101
|
+
} else {
|
|
102
|
+
return property;
|
|
103
|
+
}
|
|
104
|
+
} else if (property.toLowerCase() === `domain=${_config.default.baseUrlHost}`) {
|
|
82
105
|
return `Domain=${_config.default.cookieDomain}`;
|
|
106
|
+
} else {
|
|
107
|
+
return property;
|
|
83
108
|
}
|
|
84
|
-
return property;
|
|
85
109
|
}).join(';') + ';';
|
|
86
110
|
});
|
|
87
111
|
};
|
|
88
112
|
}
|
|
89
113
|
get refreshTokenKey() {
|
|
90
|
-
|
|
114
|
+
if (_config.default.rewriteCookieByAppId && _config.default.appId) {
|
|
115
|
+
return `fe_refresh_${_config.default.appId.replace(/-/g, '')}`;
|
|
116
|
+
} else {
|
|
117
|
+
return `fe_refresh_${_config.default.clientId.replace(/-/g, '')}`;
|
|
118
|
+
}
|
|
91
119
|
}
|
|
92
120
|
|
|
93
121
|
/**
|
|
@@ -136,7 +164,7 @@ class CookieManager {
|
|
|
136
164
|
if (options.secure) {
|
|
137
165
|
logger.debug(`Set cookie '${cookieName}' as secure`);
|
|
138
166
|
serializeOptions.secure = options.secure;
|
|
139
|
-
serializeOptions.sameSite =
|
|
167
|
+
serializeOptions.sameSite = _config.default.cookieSameSite;
|
|
140
168
|
}
|
|
141
169
|
const serializedCookie = _serializer.default.serialize(cookieName, cookieValue, serializeOptions);
|
|
142
170
|
let newCookies = [];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":["_serializer","_interopRequireDefault","require","_config","_constants","_helpers","_fronteggLogger","CookieManager","constructor","getCookieName","cookieNumber","cookieName","config","getIndexedCookieName","createEmptySingleCookie","isSecured","cookieDomain","create","value","expires","Date","secure","domain","silent","createEmptyCookies","_cookiesToRemove","removeRefresh","allEmptyCookies","refreshTokenVariants","getRefreshTokenCookieNameVariants","cookiesToRemove","forEach","name","push","getCookiesToRemove","request","logger","fronteggLogger","child","tag","info","cookieStr","getCookieHeader","cookies","cookieSerializer","parse","cookieToRemove","length","e","error","modifySetCookie","setCookieValue","map","c","cookie","split","debug","filter","property","toLowerCase","baseUrlHost","join","refreshTokenKey","clientId","replace","getEmptyCookiesBeforeCreatingNew","req","newCookies","newCookieNames","indexOf","options","_options$cookieName","_options$httpOnly","_options$domain","_options$path","level","undefined","cookieValue","serializeOptions","httpOnly","path","priority","sameSite","serializedCookie","serialize","COOKIE_MAX_LENGTH","splitValueToChunks","removedCookiesValue","parseCookieHeader","cookieHeader","getSessionCookieFromRequest","i","sessionCookies","sessionCookieChunk","parseCookieFromArray","cookieChunks","includes","sort","a","b","firstCookieNumber","parseInt","slice","secondCookieNumber","removeCookies","cookieNames","res","_ref","existingSetCookie","getHeader","setCookieHeaders","setHeader","_default","exports","default"],"sources":["../../../../../packages/nextjs/src/utils/cookies/index.ts"],"sourcesContent":["import cookieSerializer from './serializer';\nimport type { RequestCookie } from 'next/dist/server/web/spec-extension/cookies';\nimport config from '../../config';\nimport { CookieSerializeOptions, CreateCookieOptions, RemoveCookiesOptions, RequestType } from './types';\nimport { COOKIE_MAX_LENGTH } from './constants';\n\nimport {\n getCookieHeader,\n getIndexedCookieName,\n getRefreshTokenCookieNameVariants,\n splitValueToChunks,\n} from './helpers';\nimport fronteggLogger from '../fronteggLogger';\n\nclass CookieManager {\n getCookieName = (cookieNumber?: number, cookieName = config.cookieName) =>\n cookieNumber ? getIndexedCookieName(cookieNumber, cookieName) : cookieName;\n\n get refreshTokenKey(): string {\n return `fe_refresh_${config.clientId}`.replace(/-/g, '');\n }\n\n /**\n * This function creates list of empty cookies that already exists in the request.\n * This is used for removing existing cookies before creating new ones.\n * @param {CreateCookieOptions} options - Create cookie options\n */\n getEmptyCookiesBeforeCreatingNew(\n { req, value, secure, domain }: CreateCookieOptions,\n newCookies: string[]\n ): string[] {\n if (!req || !value) {\n return [];\n }\n const newCookieNames = newCookies.map((c) => c.split('=')[0]);\n const cookiesToRemove = this.getCookiesToRemove(req).filter((cookie) => newCookieNames.indexOf(cookie) === -1);\n if (cookiesToRemove.length === 0) {\n return [];\n }\n\n return this.createEmptyCookies(secure, domain ?? config.cookieDomain, cookiesToRemove, false);\n }\n\n /**\n * Validate and create new cookie headers.\n * The default value of `cookieName` is {@link config.cookieName}\n * @param {CreateCookieOptions} options - Create cookie options\n */\n create(options: CreateCookieOptions): string[] {\n const logger = fronteggLogger.child({ tag: 'CookieManager.create', level: options.silent ? 'error' : undefined });\n const cookieName = options.cookieName ?? this.getCookieName();\n const cookieValue = options.value;\n logger.info(`Creating new cookie for '${cookieName}'`);\n\n const serializeOptions: CookieSerializeOptions = {\n expires: options.expires,\n httpOnly: options.httpOnly ?? true,\n domain: options.domain ?? config.cookieDomain,\n path: options.path ?? '/',\n priority: 'high',\n };\n\n if (options.secure) {\n logger.debug(`Set cookie '${cookieName}' as secure`);\n serializeOptions.secure = options.secure;\n serializeOptions.sameSite = 'none';\n }\n\n const serializedCookie = cookieSerializer.serialize(cookieName, cookieValue, serializeOptions);\n\n let newCookies: string[] = [];\n if (serializedCookie.length <= COOKIE_MAX_LENGTH) {\n logger.info(`Successfully create a cookie header, '${cookieName}'`);\n newCookies = [serializedCookie];\n } else {\n logger.debug('Going to split cookie into chunks');\n /** Create chunked cookie headers and store value as array of headers */\n const cookies = splitValueToChunks(cookieName, cookieValue, serializeOptions);\n logger.info(`Successfully create chunked cookie headers, '${cookieName}' (count: ${cookies.length})`);\n newCookies = cookies;\n }\n\n const removedCookiesValue = this.getEmptyCookiesBeforeCreatingNew(options, newCookies);\n return [...removedCookiesValue, ...newCookies];\n }\n\n /**\n * Receive incoming http request, and extract the cookie header.\n * @return cookie as string if exists, else empty string\n *\n * @param {RequestType} request - Incoming HTTP Request\n */\n parseCookieHeader(request: RequestType): Record<string, string> {\n const logger = fronteggLogger.child({ tag: 'CookieManager.parseCookieHeader' });\n\n logger.info('Going to extract all cookies header from request');\n const cookieHeader = getCookieHeader(request);\n logger.info('Parsing cookie header to map');\n return cookieSerializer.parse(cookieHeader);\n }\n\n /**\n * Loop over cookie headers, extract, parse cookies and merged divided cookies from incoming http request,\n * @return full session cookie headers if exists, else return undefined\n * @param {RequestType} request - Incoming HTTP Request\n */\n getSessionCookieFromRequest(request?: RequestType): string | undefined {\n const logger = fronteggLogger.child({ tag: 'CookieManager.getSessionCookieFromRequest' });\n logger.info('Going to extract session cookies header from request');\n\n if (!request) {\n logger.info(`'request' argument is null, Cookie header not found`);\n return undefined;\n }\n\n logger.debug('Getting cookie header');\n const cookieStr = getCookieHeader(request);\n\n logger.debug('Parsing cookie header string');\n const cookies = cookieSerializer.parse(cookieStr);\n\n logger.debug('Loop over session cookie headers');\n let i = 1;\n let sessionCookies = '';\n let sessionCookieChunk: string | undefined = cookies[this.getCookieName()];\n if (sessionCookieChunk === undefined) {\n do {\n sessionCookieChunk = cookies[getIndexedCookieName(i++)];\n if (sessionCookieChunk) {\n sessionCookies += sessionCookieChunk;\n }\n } while (sessionCookieChunk);\n } else {\n sessionCookies = sessionCookieChunk;\n }\n\n if (sessionCookies.length === 0) {\n logger.info('Session cookie NOT found');\n return undefined;\n }\n\n logger.info(`Session cookie found, (count: ${sessionCookies.length})`);\n return sessionCookies;\n }\n\n parseCookieFromArray(cookies: RequestCookie[]): string | undefined {\n const logger = fronteggLogger.child({ tag: 'CookieManager.parseCookieFromArray' });\n const cookieChunks = cookies.filter((c) => c.name.includes(this.getCookieName()));\n logger.info('Parsing session cookie from RequestCookie for Next.JS 13+');\n\n if (!cookieChunks || cookieChunks.length === 0) {\n logger.info(`No session cookies found`);\n return undefined;\n }\n logger.debug(`Found ${cookieChunks.length} chunks`);\n cookieChunks.sort((a, b) => {\n const firstCookieNumber = parseInt(a.name.slice(-1));\n const secondCookieNumber = parseInt(b.name.slice(-1));\n return firstCookieNumber > secondCookieNumber ? 1 : -1;\n });\n\n logger.info(`Concatenate session cookies chunks`);\n return cookieChunks.map((c) => c.value).join('');\n }\n\n private createEmptySingleCookie = (cookieName: string, isSecured: boolean, cookieDomain: string) => {\n return this.create({\n cookieName,\n value: '',\n expires: new Date(),\n secure: isSecured,\n domain: cookieDomain,\n silent: true,\n });\n };\n\n createEmptyCookies = (\n isSecured: boolean,\n cookieDomain: string,\n _cookiesToRemove: string[],\n removeRefresh = true\n ): string[] => {\n const allEmptyCookies: string[] = [];\n\n const refreshTokenVariants = getRefreshTokenCookieNameVariants();\n const cookiesToRemove = [..._cookiesToRemove, ...(removeRefresh ? refreshTokenVariants : [])];\n\n cookiesToRemove.forEach((name: string) => {\n allEmptyCookies.push(...this.createEmptySingleCookie(name, isSecured, cookieDomain));\n });\n\n return allEmptyCookies;\n };\n\n private getCookiesToRemove = (request?: RequestType): string[] => {\n const logger = fronteggLogger.child({ tag: 'getCookiesToRemove' });\n if (!request) {\n return [];\n }\n try {\n logger.info('extract cookie from request headers');\n const cookieStr = getCookieHeader(request);\n const cookies = cookieStr && cookieSerializer.parse(cookieStr);\n if (!cookies) {\n return [];\n }\n let cookieNumber = 1;\n const cookieToRemove = [];\n if (cookies[this.getCookieName()]) {\n cookieToRemove.push(this.getCookieName());\n }\n while (cookies[this.getCookieName(cookieNumber)]) {\n cookieToRemove.push(this.getCookieName(cookieNumber));\n cookieNumber++;\n }\n logger.info(`number of cookies to remove: ${cookieToRemove.length}`);\n return cookieToRemove;\n } catch (e) {\n logger.error(e);\n return [];\n }\n };\n\n /**\n * Take a list of cookieNames and modify request/response headers\n * to proxy the cookies from Next.js to Frontegg Services and vice-versa\n * @param {string[]} setCookieValue - list of cookies to modify\n * @param {boolean} isSecured - if the running application behind SSL\n */\n removeCookies({ cookieNames, isSecured, cookieDomain, res, req }: RemoveCookiesOptions): void {\n const logger = fronteggLogger.child({ tag: 'CookieManager.removeCookies' });\n logger.debug('Setting empty cookie headers remove cookies from client side');\n const cookiesToRemove = this.getCookiesToRemove(req);\n const cookieValue = this.createEmptyCookies(isSecured, cookieDomain, cookieNames ?? cookiesToRemove);\n let existingSetCookie = (res.getHeader('set-cookie') as string[] | string) ?? [];\n if (typeof existingSetCookie === 'string') {\n existingSetCookie = [existingSetCookie];\n }\n\n const setCookieHeaders = [...existingSetCookie, ...cookieValue];\n logger.debug(`removing headers (count: ${setCookieHeaders.length})`);\n res.setHeader('set-cookie', setCookieHeaders);\n }\n\n /**\n * Take a list of cookie headers and modify the Domain / Secure / SameSite\n * to proxy the cookies to Frontegg Services and vice-versa\n * @param {string[]} setCookieValue - list of cookies to modify\n * @param {boolean} isSecured - if the running application behind SSL\n */\n modifySetCookie = (setCookieValue: string[] | undefined, isSecured: boolean): string[] | undefined => {\n const logger = fronteggLogger.child({ tag: 'CookieManager.modifySetCookie' });\n if (!setCookieValue || setCookieValue.length === 0) {\n logger.info(`No headers to modify`);\n return setCookieValue;\n }\n logger.info(`modifying cookie headers (count: ${setCookieValue.length})`);\n return setCookieValue.map((c) => {\n let cookie = c.split('; ');\n\n logger.debug(`modifying cookie ${cookie[0]}, isSecured: ${isSecured}`);\n if (!isSecured) {\n cookie = cookie.filter((property) => property !== 'Secure' && property !== 'SameSite=None');\n }\n\n return (\n cookie\n .map((property) => {\n if (property.toLowerCase() === `domain=${config.baseUrlHost}`) {\n return `Domain=${config.cookieDomain}`;\n }\n return property;\n })\n .join(';') + ';'\n );\n });\n };\n}\n\nexport default new CookieManager();\n"],"mappings":";;;;;;;AAAA,IAAAA,WAAA,GAAAC,sBAAA,CAAAC,OAAA;AAEA,IAAAC,OAAA,GAAAF,sBAAA,CAAAC,OAAA;AAEA,IAAAE,UAAA,GAAAF,OAAA;AAEA,IAAAG,QAAA,GAAAH,OAAA;AAMA,IAAAI,eAAA,GAAAL,sBAAA,CAAAC,OAAA;AAEA,MAAMK,aAAa,CAAC;EAAAC,YAAA;IAAA,KAClBC,aAAa,GAAG,CAACC,YAAqB,EAAEC,UAAU,GAAGC,eAAM,CAACD,UAAU,KACpED,YAAY,GAAG,IAAAG,6BAAoB,EAACH,YAAY,EAAEC,UAAU,CAAC,GAAGA,UAAU;IAAA,KAqJpEG,uBAAuB,GAAG,CAACH,UAAkB,EAAEI,SAAkB,EAAEC,YAAoB,KAAK;MAClG,OAAO,IAAI,CAACC,MAAM,CAAC;QACjBN,UAAU;QACVO,KAAK,EAAE,EAAE;QACTC,OAAO,EAAE,IAAIC,IAAI,EAAE;QACnBC,MAAM,EAAEN,SAAS;QACjBO,MAAM,EAAEN,YAAY;QACpBO,MAAM,EAAE;MACV,CAAC,CAAC;IACJ,CAAC;IAAA,KAEDC,kBAAkB,GAAG,CACnBT,SAAkB,EAClBC,YAAoB,EACpBS,gBAA0B,EAC1BC,aAAa,GAAG,IAAI,KACP;MACb,MAAMC,eAAyB,GAAG,EAAE;MAEpC,MAAMC,oBAAoB,GAAG,IAAAC,0CAAiC,GAAE;MAChE,MAAMC,eAAe,GAAG,CAAC,GAAGL,gBAAgB,EAAE,IAAIC,aAAa,GAAGE,oBAAoB,GAAG,EAAE,CAAC,CAAC;MAE7FE,eAAe,CAACC,OAAO,CAAEC,IAAY,IAAK;QACxCL,eAAe,CAACM,IAAI,CAAC,GAAG,IAAI,CAACnB,uBAAuB,CAACkB,IAAI,EAAEjB,SAAS,EAAEC,YAAY,CAAC,CAAC;MACtF,CAAC,CAAC;MAEF,OAAOW,eAAe;IACxB,CAAC;IAAA,KAEOO,kBAAkB,GAAIC,OAAqB,IAAe;MAChE,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;QAAEC,GAAG,EAAE;MAAqB,CAAC,CAAC;MAClE,IAAI,CAACJ,OAAO,EAAE;QACZ,OAAO,EAAE;MACX;MACA,IAAI;QACFC,MAAM,CAACI,IAAI,CAAC,qCAAqC,CAAC;QAClD,MAAMC,SAAS,GAAG,IAAAC,wBAAe,EAACP,OAAO,CAAC;QAC1C,MAAMQ,OAAO,GAAGF,SAAS,IAAIG,mBAAgB,CAACC,KAAK,CAACJ,SAAS,CAAC;QAC9D,IAAI,CAACE,OAAO,EAAE;UACZ,OAAO,EAAE;QACX;QACA,IAAIjC,YAAY,GAAG,CAAC;QACpB,MAAMoC,cAAc,GAAG,EAAE;QACzB,IAAIH,OAAO,CAAC,IAAI,CAAClC,aAAa,EAAE,CAAC,EAAE;UACjCqC,cAAc,CAACb,IAAI,CAAC,IAAI,CAACxB,aAAa,EAAE,CAAC;QAC3C;QACA,OAAOkC,OAAO,CAAC,IAAI,CAAClC,aAAa,CAACC,YAAY,CAAC,CAAC,EAAE;UAChDoC,cAAc,CAACb,IAAI,CAAC,IAAI,CAACxB,aAAa,CAACC,YAAY,CAAC,CAAC;UACrDA,YAAY,EAAE;QAChB;QACA0B,MAAM,CAACI,IAAI,CAAE,gCAA+BM,cAAc,CAACC,MAAO,EAAC,CAAC;QACpE,OAAOD,cAAc;MACvB,CAAC,CAAC,OAAOE,CAAC,EAAE;QACVZ,MAAM,CAACa,KAAK,CAACD,CAAC,CAAC;QACf,OAAO,EAAE;MACX;IACF,CAAC;IAAA,KA6BDE,eAAe,GAAG,CAACC,cAAoC,EAAEpC,SAAkB,KAA2B;MACpG,MAAMqB,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;QAAEC,GAAG,EAAE;MAAgC,CAAC,CAAC;MAC7E,IAAI,CAACY,cAAc,IAAIA,cAAc,CAACJ,MAAM,KAAK,CAAC,EAAE;QAClDX,MAAM,CAACI,IAAI,CAAE,sBAAqB,CAAC;QACnC,OAAOW,cAAc;MACvB;MACAf,MAAM,CAACI,IAAI,CAAE,oCAAmCW,cAAc,CAACJ,MAAO,GAAE,CAAC;MACzE,OAAOI,cAAc,CAACC,GAAG,CAAEC,CAAC,IAAK;QAC/B,IAAIC,MAAM,GAAGD,CAAC,CAACE,KAAK,CAAC,IAAI,CAAC;QAE1BnB,MAAM,CAACoB,KAAK,CAAE,oBAAmBF,MAAM,CAAC,CAAC,CAAE,gBAAevC,SAAU,EAAC,CAAC;QACtE,IAAI,CAACA,SAAS,EAAE;UACduC,MAAM,GAAGA,MAAM,CAACG,MAAM,CAAEC,QAAQ,IAAKA,QAAQ,KAAK,QAAQ,IAAIA,QAAQ,KAAK,eAAe,CAAC;QAC7F;QAEA,OACEJ,MAAM,CACHF,GAAG,CAAEM,QAAQ,IAAK;UACjB,IAAIA,QAAQ,CAACC,WAAW,EAAE,KAAM,UAAS/C,eAAM,CAACgD,WAAY,EAAC,EAAE;YAC7D,OAAQ,UAAShD,eAAM,CAACI,YAAa,EAAC;UACxC;UACA,OAAO0C,QAAQ;QACjB,CAAC,CAAC,CACDG,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG;MAEtB,CAAC,CAAC;IACJ,CAAC;EAAA;EAlQD,IAAIC,eAAeA,CAAA,EAAW;IAC5B,OAAQ,cAAalD,eAAM,CAACmD,QAAS,EAAC,CAACC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;EAC1D;;EAEA;AACF;AACA;AACA;AACA;EACEC,gCAAgCA,CAC9B;IAAEC,GAAG;IAAEhD,KAAK;IAAEG,MAAM;IAAEC;EAA4B,CAAC,EACnD6C,UAAoB,EACV;IACV,IAAI,CAACD,GAAG,IAAI,CAAChD,KAAK,EAAE;MAClB,OAAO,EAAE;IACX;IACA,MAAMkD,cAAc,GAAGD,UAAU,CAACf,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7D,MAAMzB,eAAe,GAAG,IAAI,CAACI,kBAAkB,CAACgC,GAAG,CAAC,CAACT,MAAM,CAAEH,MAAM,IAAKc,cAAc,CAACC,OAAO,CAACf,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;IAC9G,IAAIxB,eAAe,CAACiB,MAAM,KAAK,CAAC,EAAE;MAChC,OAAO,EAAE;IACX;IAEA,OAAO,IAAI,CAACvB,kBAAkB,CAACH,MAAM,EAAEC,MAAM,WAANA,MAAM,GAAIV,eAAM,CAACI,YAAY,EAAEc,eAAe,EAAE,KAAK,CAAC;EAC/F;;EAEA;AACF;AACA;AACA;AACA;EACEb,MAAMA,CAACqD,OAA4B,EAAY;IAAA,IAAAC,mBAAA,EAAAC,iBAAA,EAAAC,eAAA,EAAAC,aAAA;IAC7C,MAAMtC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;MAAEC,GAAG,EAAE,sBAAsB;MAAEoC,KAAK,EAAEL,OAAO,CAAC/C,MAAM,GAAG,OAAO,GAAGqD;IAAU,CAAC,CAAC;IACjH,MAAMjE,UAAU,IAAA4D,mBAAA,GAAGD,OAAO,CAAC3D,UAAU,YAAA4D,mBAAA,GAAI,IAAI,CAAC9D,aAAa,EAAE;IAC7D,MAAMoE,WAAW,GAAGP,OAAO,CAACpD,KAAK;IACjCkB,MAAM,CAACI,IAAI,CAAE,4BAA2B7B,UAAW,GAAE,CAAC;IAEtD,MAAMmE,gBAAwC,GAAG;MAC/C3D,OAAO,EAAEmD,OAAO,CAACnD,OAAO;MACxB4D,QAAQ,GAAAP,iBAAA,GAAEF,OAAO,CAACS,QAAQ,YAAAP,iBAAA,GAAI,IAAI;MAClClD,MAAM,GAAAmD,eAAA,GAAEH,OAAO,CAAChD,MAAM,YAAAmD,eAAA,GAAI7D,eAAM,CAACI,YAAY;MAC7CgE,IAAI,GAAAN,aAAA,GAAEJ,OAAO,CAACU,IAAI,YAAAN,aAAA,GAAI,GAAG;MACzBO,QAAQ,EAAE;IACZ,CAAC;IAED,IAAIX,OAAO,CAACjD,MAAM,EAAE;MAClBe,MAAM,CAACoB,KAAK,CAAE,eAAc7C,UAAW,aAAY,CAAC;MACpDmE,gBAAgB,CAACzD,MAAM,GAAGiD,OAAO,CAACjD,MAAM;MACxCyD,gBAAgB,CAACI,QAAQ,GAAG,MAAM;IACpC;IAEA,MAAMC,gBAAgB,GAAGvC,mBAAgB,CAACwC,SAAS,CAACzE,UAAU,EAAEkE,WAAW,EAAEC,gBAAgB,CAAC;IAE9F,IAAIX,UAAoB,GAAG,EAAE;IAC7B,IAAIgB,gBAAgB,CAACpC,MAAM,IAAIsC,4BAAiB,EAAE;MAChDjD,MAAM,CAACI,IAAI,CAAE,yCAAwC7B,UAAW,GAAE,CAAC;MACnEwD,UAAU,GAAG,CAACgB,gBAAgB,CAAC;IACjC,CAAC,MAAM;MACL/C,MAAM,CAACoB,KAAK,CAAC,mCAAmC,CAAC;MACjD;MACA,MAAMb,OAAO,GAAG,IAAA2C,2BAAkB,EAAC3E,UAAU,EAAEkE,WAAW,EAAEC,gBAAgB,CAAC;MAC7E1C,MAAM,CAACI,IAAI,CAAE,gDAA+C7B,UAAW,aAAYgC,OAAO,CAACI,MAAO,GAAE,CAAC;MACrGoB,UAAU,GAAGxB,OAAO;IACtB;IAEA,MAAM4C,mBAAmB,GAAG,IAAI,CAACtB,gCAAgC,CAACK,OAAO,EAAEH,UAAU,CAAC;IACtF,OAAO,CAAC,GAAGoB,mBAAmB,EAAE,GAAGpB,UAAU,CAAC;EAChD;;EAEA;AACF;AACA;AACA;AACA;AACA;EACEqB,iBAAiBA,CAACrD,OAAoB,EAA0B;IAC9D,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;MAAEC,GAAG,EAAE;IAAkC,CAAC,CAAC;IAE/EH,MAAM,CAACI,IAAI,CAAC,kDAAkD,CAAC;IAC/D,MAAMiD,YAAY,GAAG,IAAA/C,wBAAe,EAACP,OAAO,CAAC;IAC7CC,MAAM,CAACI,IAAI,CAAC,8BAA8B,CAAC;IAC3C,OAAOI,mBAAgB,CAACC,KAAK,CAAC4C,YAAY,CAAC;EAC7C;;EAEA;AACF;AACA;AACA;AACA;EACEC,2BAA2BA,CAACvD,OAAqB,EAAsB;IACrE,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;MAAEC,GAAG,EAAE;IAA4C,CAAC,CAAC;IACzFH,MAAM,CAACI,IAAI,CAAC,sDAAsD,CAAC;IAEnE,IAAI,CAACL,OAAO,EAAE;MACZC,MAAM,CAACI,IAAI,CAAE,qDAAoD,CAAC;MAClE,OAAOoC,SAAS;IAClB;IAEAxC,MAAM,CAACoB,KAAK,CAAC,uBAAuB,CAAC;IACrC,MAAMf,SAAS,GAAG,IAAAC,wBAAe,EAACP,OAAO,CAAC;IAE1CC,MAAM,CAACoB,KAAK,CAAC,8BAA8B,CAAC;IAC5C,MAAMb,OAAO,GAAGC,mBAAgB,CAACC,KAAK,CAACJ,SAAS,CAAC;IAEjDL,MAAM,CAACoB,KAAK,CAAC,kCAAkC,CAAC;IAChD,IAAImC,CAAC,GAAG,CAAC;IACT,IAAIC,cAAc,GAAG,EAAE;IACvB,IAAIC,kBAAsC,GAAGlD,OAAO,CAAC,IAAI,CAAClC,aAAa,EAAE,CAAC;IAC1E,IAAIoF,kBAAkB,KAAKjB,SAAS,EAAE;MACpC,GAAG;QACDiB,kBAAkB,GAAGlD,OAAO,CAAC,IAAA9B,6BAAoB,EAAC8E,CAAC,EAAE,CAAC,CAAC;QACvD,IAAIE,kBAAkB,EAAE;UACtBD,cAAc,IAAIC,kBAAkB;QACtC;MACF,CAAC,QAAQA,kBAAkB;IAC7B,CAAC,MAAM;MACLD,cAAc,GAAGC,kBAAkB;IACrC;IAEA,IAAID,cAAc,CAAC7C,MAAM,KAAK,CAAC,EAAE;MAC/BX,MAAM,CAACI,IAAI,CAAC,0BAA0B,CAAC;MACvC,OAAOoC,SAAS;IAClB;IAEAxC,MAAM,CAACI,IAAI,CAAE,iCAAgCoD,cAAc,CAAC7C,MAAO,GAAE,CAAC;IACtE,OAAO6C,cAAc;EACvB;EAEAE,oBAAoBA,CAACnD,OAAwB,EAAsB;IACjE,MAAMP,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;MAAEC,GAAG,EAAE;IAAqC,CAAC,CAAC;IAClF,MAAMwD,YAAY,GAAGpD,OAAO,CAACc,MAAM,CAAEJ,CAAC,IAAKA,CAAC,CAACrB,IAAI,CAACgE,QAAQ,CAAC,IAAI,CAACvF,aAAa,EAAE,CAAC,CAAC;IACjF2B,MAAM,CAACI,IAAI,CAAC,2DAA2D,CAAC;IAExE,IAAI,CAACuD,YAAY,IAAIA,YAAY,CAAChD,MAAM,KAAK,CAAC,EAAE;MAC9CX,MAAM,CAACI,IAAI,CAAE,0BAAyB,CAAC;MACvC,OAAOoC,SAAS;IAClB;IACAxC,MAAM,CAACoB,KAAK,CAAE,SAAQuC,YAAY,CAAChD,MAAO,SAAQ,CAAC;IACnDgD,YAAY,CAACE,IAAI,CAAC,CAACC,CAAC,EAAEC,CAAC,KAAK;MAC1B,MAAMC,iBAAiB,GAAGC,QAAQ,CAACH,CAAC,CAAClE,IAAI,CAACsE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;MACpD,MAAMC,kBAAkB,GAAGF,QAAQ,CAACF,CAAC,CAACnE,IAAI,CAACsE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;MACrD,OAAOF,iBAAiB,GAAGG,kBAAkB,GAAG,CAAC,GAAG,CAAC,CAAC;IACxD,CAAC,CAAC;IAEFnE,MAAM,CAACI,IAAI,CAAE,oCAAmC,CAAC;IACjD,OAAOuD,YAAY,CAAC3C,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACnC,KAAK,CAAC,CAAC2C,IAAI,CAAC,EAAE,CAAC;EAClD;EA4DA;AACF;AACA;AACA;AACA;AACA;EACE2C,aAAaA,CAAC;IAAEC,WAAW;IAAE1F,SAAS;IAAEC,YAAY;IAAE0F,GAAG;IAAExC;EAA0B,CAAC,EAAQ;IAAA,IAAAyC,IAAA;IAC5F,MAAMvE,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;MAAEC,GAAG,EAAE;IAA8B,CAAC,CAAC;IAC3EH,MAAM,CAACoB,KAAK,CAAC,8DAA8D,CAAC;IAC5E,MAAM1B,eAAe,GAAG,IAAI,CAACI,kBAAkB,CAACgC,GAAG,CAAC;IACpD,MAAMW,WAAW,GAAG,IAAI,CAACrD,kBAAkB,CAACT,SAAS,EAAEC,YAAY,EAAEyF,WAAW,WAAXA,WAAW,GAAI3E,eAAe,CAAC;IACpG,IAAI8E,iBAAiB,IAAAD,IAAA,GAAID,GAAG,CAACG,SAAS,CAAC,YAAY,CAAC,YAAAF,IAAA,GAA0B,EAAE;IAChF,IAAI,OAAOC,iBAAiB,KAAK,QAAQ,EAAE;MACzCA,iBAAiB,GAAG,CAACA,iBAAiB,CAAC;IACzC;IAEA,MAAME,gBAAgB,GAAG,CAAC,GAAGF,iBAAiB,EAAE,GAAG/B,WAAW,CAAC;IAC/DzC,MAAM,CAACoB,KAAK,CAAE,4BAA2BsD,gBAAgB,CAAC/D,MAAO,GAAE,CAAC;IACpE2D,GAAG,CAACK,SAAS,CAAC,YAAY,EAAED,gBAAgB,CAAC;EAC/C;;EAEA;AACF;AACA;AACA;AACA;AACA;AA4BA;AAAC,IAAAE,QAAA,GAEc,IAAIzG,aAAa,EAAE;AAAA0G,OAAA,CAAAC,OAAA,GAAAF,QAAA"}
|
|
1
|
+
{"version":3,"file":"index.js","names":["_serializer","_interopRequireDefault","require","_config","_constants","_helpers","_fronteggLogger","CookieManager","constructor","getCookieName","cookieNumber","cookieName","config","getIndexedCookieName","createEmptySingleCookie","isSecured","cookieDomain","create","value","expires","Date","secure","domain","silent","createEmptyCookies","_cookiesToRemove","removeRefresh","allEmptyCookies","refreshTokenVariants","getRefreshTokenCookieNameVariants","cookiesToRemove","forEach","name","push","getCookiesToRemove","request","logger","fronteggLogger","child","tag","info","cookieStr","getCookieHeader","cookies","cookieSerializer","parse","cookieToRemove","length","e","error","modifySetCookie","setCookieValue","cookieRegexSplitter","cookieHeader","match","exec","cookieString","trim","startsWith","substring","map","c","cookie","split","debug","filter","property","clientId","replace","rewriteCookieByAppId","appId","toLowerCase","baseUrlHost","join","refreshTokenKey","getEmptyCookiesBeforeCreatingNew","req","newCookies","newCookieNames","indexOf","options","_options$cookieName","_options$httpOnly","_options$domain","_options$path","level","undefined","cookieValue","serializeOptions","httpOnly","path","priority","sameSite","cookieSameSite","serializedCookie","serialize","COOKIE_MAX_LENGTH","splitValueToChunks","removedCookiesValue","parseCookieHeader","getSessionCookieFromRequest","i","sessionCookies","sessionCookieChunk","parseCookieFromArray","cookieChunks","includes","sort","a","b","firstCookieNumber","parseInt","slice","secondCookieNumber","removeCookies","cookieNames","res","_ref","existingSetCookie","getHeader","setCookieHeaders","setHeader","_default","exports","default"],"sources":["../../../../../packages/nextjs/src/utils/cookies/index.ts"],"sourcesContent":["import cookieSerializer from './serializer';\nimport type { RequestCookie } from 'next/dist/server/web/spec-extension/cookies';\nimport config from '../../config';\nimport { CookieSerializeOptions, CreateCookieOptions, RemoveCookiesOptions, RequestType } from './types';\nimport { COOKIE_MAX_LENGTH } from './constants';\n\nimport {\n getCookieHeader,\n getIndexedCookieName,\n getRefreshTokenCookieNameVariants,\n splitValueToChunks,\n} from './helpers';\nimport fronteggLogger from '../fronteggLogger';\n\nclass CookieManager {\n getCookieName = (cookieNumber?: number, cookieName = config.cookieName) =>\n cookieNumber ? getIndexedCookieName(cookieNumber, cookieName) : cookieName;\n\n get refreshTokenKey(): string {\n if (config.rewriteCookieByAppId && config.appId) {\n return `fe_refresh_${config.appId.replace(/-/g, '')}`;\n } else {\n return `fe_refresh_${config.clientId.replace(/-/g, '')}`;\n }\n }\n\n /**\n * This function creates list of empty cookies that already exists in the request.\n * This is used for removing existing cookies before creating new ones.\n * @param {CreateCookieOptions} options - Create cookie options\n */\n getEmptyCookiesBeforeCreatingNew(\n { req, value, secure, domain }: CreateCookieOptions,\n newCookies: string[]\n ): string[] {\n if (!req || !value) {\n return [];\n }\n const newCookieNames = newCookies.map((c) => c.split('=')[0]);\n const cookiesToRemove = this.getCookiesToRemove(req).filter((cookie) => newCookieNames.indexOf(cookie) === -1);\n if (cookiesToRemove.length === 0) {\n return [];\n }\n\n return this.createEmptyCookies(secure, domain ?? config.cookieDomain, cookiesToRemove, false);\n }\n\n /**\n * Validate and create new cookie headers.\n * The default value of `cookieName` is {@link config.cookieName}\n * @param {CreateCookieOptions} options - Create cookie options\n */\n create(options: CreateCookieOptions): string[] {\n const logger = fronteggLogger.child({ tag: 'CookieManager.create', level: options.silent ? 'error' : undefined });\n const cookieName = options.cookieName ?? this.getCookieName();\n const cookieValue = options.value;\n logger.info(`Creating new cookie for '${cookieName}'`);\n\n const serializeOptions: CookieSerializeOptions = {\n expires: options.expires,\n httpOnly: options.httpOnly ?? true,\n domain: options.domain ?? config.cookieDomain,\n path: options.path ?? '/',\n priority: 'high',\n };\n\n if (options.secure) {\n logger.debug(`Set cookie '${cookieName}' as secure`);\n serializeOptions.secure = options.secure;\n serializeOptions.sameSite = config.cookieSameSite;\n }\n\n const serializedCookie = cookieSerializer.serialize(cookieName, cookieValue, serializeOptions);\n\n let newCookies: string[] = [];\n if (serializedCookie.length <= COOKIE_MAX_LENGTH) {\n logger.info(`Successfully create a cookie header, '${cookieName}'`);\n newCookies = [serializedCookie];\n } else {\n logger.debug('Going to split cookie into chunks');\n /** Create chunked cookie headers and store value as array of headers */\n const cookies = splitValueToChunks(cookieName, cookieValue, serializeOptions);\n logger.info(`Successfully create chunked cookie headers, '${cookieName}' (count: ${cookies.length})`);\n newCookies = cookies;\n }\n\n const removedCookiesValue = this.getEmptyCookiesBeforeCreatingNew(options, newCookies);\n return [...removedCookiesValue, ...newCookies];\n }\n\n /**\n * Receive incoming http request, and extract the cookie header.\n * @return cookie as string if exists, else empty string\n *\n * @param {RequestType} request - Incoming HTTP Request\n */\n parseCookieHeader(request: RequestType): Record<string, string> {\n const logger = fronteggLogger.child({ tag: 'CookieManager.parseCookieHeader' });\n\n logger.info('Going to extract all cookies header from request');\n const cookieHeader = getCookieHeader(request);\n logger.info('Parsing cookie header to map');\n return cookieSerializer.parse(cookieHeader);\n }\n\n /**\n * Loop over cookie headers, extract, parse cookies and merged divided cookies from incoming http request,\n * @return full session cookie headers if exists, else return undefined\n * @param {RequestType} request - Incoming HTTP Request\n */\n getSessionCookieFromRequest(request?: RequestType): string | undefined {\n const logger = fronteggLogger.child({ tag: 'CookieManager.getSessionCookieFromRequest' });\n logger.info('Going to extract session cookies header from request');\n\n if (!request) {\n logger.info(`'request' argument is null, Cookie header not found`);\n return undefined;\n }\n\n logger.debug('Getting cookie header');\n const cookieStr = getCookieHeader(request);\n\n logger.debug('Parsing cookie header string');\n const cookies = cookieSerializer.parse(cookieStr);\n\n logger.debug('Loop over session cookie headers');\n let i = 1;\n let sessionCookies = '';\n let sessionCookieChunk: string | undefined = cookies[this.getCookieName()];\n if (sessionCookieChunk === undefined) {\n do {\n sessionCookieChunk = cookies[getIndexedCookieName(i++)];\n if (sessionCookieChunk) {\n sessionCookies += sessionCookieChunk;\n }\n } while (sessionCookieChunk);\n } else {\n sessionCookies = sessionCookieChunk;\n }\n\n if (sessionCookies.length === 0) {\n logger.info('Session cookie NOT found');\n return undefined;\n }\n\n logger.info(`Session cookie found, (count: ${sessionCookies.length})`);\n return sessionCookies;\n }\n\n parseCookieFromArray(cookies: RequestCookie[]): string | undefined {\n const logger = fronteggLogger.child({ tag: 'CookieManager.parseCookieFromArray' });\n const cookieChunks = cookies.filter((c) => c.name.includes(this.getCookieName()));\n logger.info('Parsing session cookie from RequestCookie for Next.JS 13+');\n\n if (!cookieChunks || cookieChunks.length === 0) {\n logger.info(`No session cookies found`);\n return undefined;\n }\n logger.debug(`Found ${cookieChunks.length} chunks`);\n cookieChunks.sort((a, b) => {\n const firstCookieNumber = parseInt(a.name.slice(-1));\n const secondCookieNumber = parseInt(b.name.slice(-1));\n return firstCookieNumber > secondCookieNumber ? 1 : -1;\n });\n\n logger.info(`Concatenate session cookies chunks`);\n return cookieChunks.map((c) => c.value).join('');\n }\n\n private createEmptySingleCookie = (cookieName: string, isSecured: boolean, cookieDomain: string) => {\n return this.create({\n cookieName,\n value: '',\n expires: new Date(),\n secure: isSecured,\n domain: cookieDomain,\n silent: true,\n });\n };\n\n createEmptyCookies = (\n isSecured: boolean,\n cookieDomain: string,\n _cookiesToRemove: string[],\n removeRefresh = true\n ): string[] => {\n const allEmptyCookies: string[] = [];\n\n const refreshTokenVariants = getRefreshTokenCookieNameVariants();\n const cookiesToRemove = [..._cookiesToRemove, ...(removeRefresh ? refreshTokenVariants : [])];\n\n cookiesToRemove.forEach((name: string) => {\n allEmptyCookies.push(...this.createEmptySingleCookie(name, isSecured, cookieDomain));\n });\n\n return allEmptyCookies;\n };\n\n private getCookiesToRemove = (request?: RequestType): string[] => {\n const logger = fronteggLogger.child({ tag: 'getCookiesToRemove' });\n if (!request) {\n return [];\n }\n try {\n logger.info('extract cookie from request headers');\n const cookieStr = getCookieHeader(request);\n const cookies = cookieStr && cookieSerializer.parse(cookieStr);\n if (!cookies) {\n return [];\n }\n let cookieNumber = 1;\n const cookieToRemove = [];\n if (cookies[this.getCookieName()]) {\n cookieToRemove.push(this.getCookieName());\n }\n while (cookies[this.getCookieName(cookieNumber)]) {\n cookieToRemove.push(this.getCookieName(cookieNumber));\n cookieNumber++;\n }\n logger.info(`number of cookies to remove: ${cookieToRemove.length}`);\n return cookieToRemove;\n } catch (e) {\n logger.error(e);\n return [];\n }\n };\n\n /**\n * Take a list of cookieNames and modify request/response headers\n * to proxy the cookies from Next.js to Frontegg Services and vice-versa\n * @param {string[]} setCookieValue - list of cookies to modify\n * @param {boolean} isSecured - if the running application behind SSL\n */\n removeCookies({ cookieNames, isSecured, cookieDomain, res, req }: RemoveCookiesOptions): void {\n const logger = fronteggLogger.child({ tag: 'CookieManager.removeCookies' });\n logger.debug('Setting empty cookie headers remove cookies from client side');\n const cookiesToRemove = this.getCookiesToRemove(req);\n const cookieValue = this.createEmptyCookies(isSecured, cookieDomain, cookieNames ?? cookiesToRemove);\n let existingSetCookie = (res.getHeader('set-cookie') as string[] | string) ?? [];\n if (typeof existingSetCookie === 'string') {\n existingSetCookie = [existingSetCookie];\n }\n\n const setCookieHeaders = [...existingSetCookie, ...cookieValue];\n logger.debug(`removing headers (count: ${setCookieHeaders.length})`);\n res.setHeader('set-cookie', setCookieHeaders);\n }\n\n /**\n * Take a list of cookie headers and modify the Domain / Secure / SameSite\n * to proxy the cookies to Frontegg Services and vice-versa\n * @param {string[]} setCookieValue - list of cookies to modify\n * @param {boolean} isSecured - if the running application behind SSL\n */\n modifySetCookie = (setCookieValue: string[] | undefined, isSecured: boolean): string[] | undefined => {\n const logger = fronteggLogger.child({ tag: 'CookieManager.modifySetCookie' });\n if (!setCookieValue || setCookieValue.length === 0) {\n logger.info(`No headers to modify`);\n return setCookieValue;\n }\n\n // noinspection SuspiciousTypeOfGuard\n if (typeof setCookieValue === 'string') {\n const cookieRegexSplitter = /(.*?;.*?(?:Expires=[^;]+;.*?)?(?=,\\s*\\S+=|$))/g;\n const cookies = [];\n const cookieHeader = `${setCookieValue}`;\n let match;\n while ((match = cookieRegexSplitter.exec(cookieHeader)) !== null) {\n let cookieString = match[1].trim();\n if (cookieString.startsWith(',')) {\n cookies.push(cookieString.substring(1).trim());\n } else {\n cookies.push(cookieString);\n }\n }\n setCookieValue = cookies;\n }\n\n logger.info(`modifying cookie headers (count: ${setCookieValue.length})`);\n return setCookieValue.map((c) => {\n let cookie = c.split('; ');\n\n logger.debug(`modifying cookie ${cookie[0]}, isSecured: ${isSecured}`);\n if (!isSecured) {\n cookie = cookie.filter((property) => property !== 'Secure' && property !== 'SameSite=None');\n }\n\n return (\n cookie\n .map((property) => {\n if (property.trim().startsWith(`fe_refresh_${config.clientId.replace('-', '')}`)) {\n if (config.rewriteCookieByAppId && config.appId) {\n return property.replace(\n `fe_refresh_${config.clientId.replace('-', '')}`,\n `fe_refresh_${config.appId.replace('-', '')}`\n );\n } else {\n return property;\n }\n } else if (property.toLowerCase() === `domain=${config.baseUrlHost}`) {\n return `Domain=${config.cookieDomain}`;\n } else {\n return property;\n }\n })\n .join(';') + ';'\n );\n });\n };\n}\n\nexport default new CookieManager();\n"],"mappings":";;;;;;;AAAA,IAAAA,WAAA,GAAAC,sBAAA,CAAAC,OAAA;AAEA,IAAAC,OAAA,GAAAF,sBAAA,CAAAC,OAAA;AAEA,IAAAE,UAAA,GAAAF,OAAA;AAEA,IAAAG,QAAA,GAAAH,OAAA;AAMA,IAAAI,eAAA,GAAAL,sBAAA,CAAAC,OAAA;AAEA,MAAMK,aAAa,CAAC;EAAAC,YAAA;IAAA,KAClBC,aAAa,GAAG,CAACC,YAAqB,EAAEC,UAAU,GAAGC,eAAM,CAACD,UAAU,KACpED,YAAY,GAAG,IAAAG,6BAAoB,EAACH,YAAY,EAAEC,UAAU,CAAC,GAAGA,UAAU;IAAA,KAyJpEG,uBAAuB,GAAG,CAACH,UAAkB,EAAEI,SAAkB,EAAEC,YAAoB,KAAK;MAClG,OAAO,IAAI,CAACC,MAAM,CAAC;QACjBN,UAAU;QACVO,KAAK,EAAE,EAAE;QACTC,OAAO,EAAE,IAAIC,IAAI,EAAE;QACnBC,MAAM,EAAEN,SAAS;QACjBO,MAAM,EAAEN,YAAY;QACpBO,MAAM,EAAE;MACV,CAAC,CAAC;IACJ,CAAC;IAAA,KAEDC,kBAAkB,GAAG,CACnBT,SAAkB,EAClBC,YAAoB,EACpBS,gBAA0B,EAC1BC,aAAa,GAAG,IAAI,KACP;MACb,MAAMC,eAAyB,GAAG,EAAE;MAEpC,MAAMC,oBAAoB,GAAG,IAAAC,0CAAiC,GAAE;MAChE,MAAMC,eAAe,GAAG,CAAC,GAAGL,gBAAgB,EAAE,IAAIC,aAAa,GAAGE,oBAAoB,GAAG,EAAE,CAAC,CAAC;MAE7FE,eAAe,CAACC,OAAO,CAAEC,IAAY,IAAK;QACxCL,eAAe,CAACM,IAAI,CAAC,GAAG,IAAI,CAACnB,uBAAuB,CAACkB,IAAI,EAAEjB,SAAS,EAAEC,YAAY,CAAC,CAAC;MACtF,CAAC,CAAC;MAEF,OAAOW,eAAe;IACxB,CAAC;IAAA,KAEOO,kBAAkB,GAAIC,OAAqB,IAAe;MAChE,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;QAAEC,GAAG,EAAE;MAAqB,CAAC,CAAC;MAClE,IAAI,CAACJ,OAAO,EAAE;QACZ,OAAO,EAAE;MACX;MACA,IAAI;QACFC,MAAM,CAACI,IAAI,CAAC,qCAAqC,CAAC;QAClD,MAAMC,SAAS,GAAG,IAAAC,wBAAe,EAACP,OAAO,CAAC;QAC1C,MAAMQ,OAAO,GAAGF,SAAS,IAAIG,mBAAgB,CAACC,KAAK,CAACJ,SAAS,CAAC;QAC9D,IAAI,CAACE,OAAO,EAAE;UACZ,OAAO,EAAE;QACX;QACA,IAAIjC,YAAY,GAAG,CAAC;QACpB,MAAMoC,cAAc,GAAG,EAAE;QACzB,IAAIH,OAAO,CAAC,IAAI,CAAClC,aAAa,EAAE,CAAC,EAAE;UACjCqC,cAAc,CAACb,IAAI,CAAC,IAAI,CAACxB,aAAa,EAAE,CAAC;QAC3C;QACA,OAAOkC,OAAO,CAAC,IAAI,CAAClC,aAAa,CAACC,YAAY,CAAC,CAAC,EAAE;UAChDoC,cAAc,CAACb,IAAI,CAAC,IAAI,CAACxB,aAAa,CAACC,YAAY,CAAC,CAAC;UACrDA,YAAY,EAAE;QAChB;QACA0B,MAAM,CAACI,IAAI,CAAE,gCAA+BM,cAAc,CAACC,MAAO,EAAC,CAAC;QACpE,OAAOD,cAAc;MACvB,CAAC,CAAC,OAAOE,CAAC,EAAE;QACVZ,MAAM,CAACa,KAAK,CAACD,CAAC,CAAC;QACf,OAAO,EAAE;MACX;IACF,CAAC;IAAA,KA6BDE,eAAe,GAAG,CAACC,cAAoC,EAAEpC,SAAkB,KAA2B;MACpG,MAAMqB,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;QAAEC,GAAG,EAAE;MAAgC,CAAC,CAAC;MAC7E,IAAI,CAACY,cAAc,IAAIA,cAAc,CAACJ,MAAM,KAAK,CAAC,EAAE;QAClDX,MAAM,CAACI,IAAI,CAAE,sBAAqB,CAAC;QACnC,OAAOW,cAAc;MACvB;;MAEA;MACA,IAAI,OAAOA,cAAc,KAAK,QAAQ,EAAE;QACtC,MAAMC,mBAAmB,GAAG,gDAAgD;QAC5E,MAAMT,OAAO,GAAG,EAAE;QAClB,MAAMU,YAAY,GAAI,GAAEF,cAAe,EAAC;QACxC,IAAIG,KAAK;QACT,OAAO,CAACA,KAAK,GAAGF,mBAAmB,CAACG,IAAI,CAACF,YAAY,CAAC,MAAM,IAAI,EAAE;UAChE,IAAIG,YAAY,GAAGF,KAAK,CAAC,CAAC,CAAC,CAACG,IAAI,EAAE;UAClC,IAAID,YAAY,CAACE,UAAU,CAAC,GAAG,CAAC,EAAE;YAChCf,OAAO,CAACV,IAAI,CAACuB,YAAY,CAACG,SAAS,CAAC,CAAC,CAAC,CAACF,IAAI,EAAE,CAAC;UAChD,CAAC,MAAM;YACLd,OAAO,CAACV,IAAI,CAACuB,YAAY,CAAC;UAC5B;QACF;QACAL,cAAc,GAAGR,OAAO;MAC1B;MAEAP,MAAM,CAACI,IAAI,CAAE,oCAAmCW,cAAc,CAACJ,MAAO,GAAE,CAAC;MACzE,OAAOI,cAAc,CAACS,GAAG,CAAEC,CAAC,IAAK;QAC/B,IAAIC,MAAM,GAAGD,CAAC,CAACE,KAAK,CAAC,IAAI,CAAC;QAE1B3B,MAAM,CAAC4B,KAAK,CAAE,oBAAmBF,MAAM,CAAC,CAAC,CAAE,gBAAe/C,SAAU,EAAC,CAAC;QACtE,IAAI,CAACA,SAAS,EAAE;UACd+C,MAAM,GAAGA,MAAM,CAACG,MAAM,CAAEC,QAAQ,IAAKA,QAAQ,KAAK,QAAQ,IAAIA,QAAQ,KAAK,eAAe,CAAC;QAC7F;QAEA,OACEJ,MAAM,CACHF,GAAG,CAAEM,QAAQ,IAAK;UACjB,IAAIA,QAAQ,CAACT,IAAI,EAAE,CAACC,UAAU,CAAE,cAAa9C,eAAM,CAACuD,QAAQ,CAACC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAE,EAAC,CAAC,EAAE;YAChF,IAAIxD,eAAM,CAACyD,oBAAoB,IAAIzD,eAAM,CAAC0D,KAAK,EAAE;cAC/C,OAAOJ,QAAQ,CAACE,OAAO,CACpB,cAAaxD,eAAM,CAACuD,QAAQ,CAACC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAE,EAAC,EAC/C,cAAaxD,eAAM,CAAC0D,KAAK,CAACF,OAAO,CAAC,GAAG,EAAE,EAAE,CAAE,EAAC,CAC9C;YACH,CAAC,MAAM;cACL,OAAOF,QAAQ;YACjB;UACF,CAAC,MAAM,IAAIA,QAAQ,CAACK,WAAW,EAAE,KAAM,UAAS3D,eAAM,CAAC4D,WAAY,EAAC,EAAE;YACpE,OAAQ,UAAS5D,eAAM,CAACI,YAAa,EAAC;UACxC,CAAC,MAAM;YACL,OAAOkD,QAAQ;UACjB;QACF,CAAC,CAAC,CACDO,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG;MAEtB,CAAC,CAAC;IACJ,CAAC;EAAA;EAlSD,IAAIC,eAAeA,CAAA,EAAW;IAC5B,IAAI9D,eAAM,CAACyD,oBAAoB,IAAIzD,eAAM,CAAC0D,KAAK,EAAE;MAC/C,OAAQ,cAAa1D,eAAM,CAAC0D,KAAK,CAACF,OAAO,CAAC,IAAI,EAAE,EAAE,CAAE,EAAC;IACvD,CAAC,MAAM;MACL,OAAQ,cAAaxD,eAAM,CAACuD,QAAQ,CAACC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAE,EAAC;IAC1D;EACF;;EAEA;AACF;AACA;AACA;AACA;EACEO,gCAAgCA,CAC9B;IAAEC,GAAG;IAAE1D,KAAK;IAAEG,MAAM;IAAEC;EAA4B,CAAC,EACnDuD,UAAoB,EACV;IACV,IAAI,CAACD,GAAG,IAAI,CAAC1D,KAAK,EAAE;MAClB,OAAO,EAAE;IACX;IACA,MAAM4D,cAAc,GAAGD,UAAU,CAACjB,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7D,MAAMjC,eAAe,GAAG,IAAI,CAACI,kBAAkB,CAAC0C,GAAG,CAAC,CAACX,MAAM,CAAEH,MAAM,IAAKgB,cAAc,CAACC,OAAO,CAACjB,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;IAC9G,IAAIhC,eAAe,CAACiB,MAAM,KAAK,CAAC,EAAE;MAChC,OAAO,EAAE;IACX;IAEA,OAAO,IAAI,CAACvB,kBAAkB,CAACH,MAAM,EAAEC,MAAM,WAANA,MAAM,GAAIV,eAAM,CAACI,YAAY,EAAEc,eAAe,EAAE,KAAK,CAAC;EAC/F;;EAEA;AACF;AACA;AACA;AACA;EACEb,MAAMA,CAAC+D,OAA4B,EAAY;IAAA,IAAAC,mBAAA,EAAAC,iBAAA,EAAAC,eAAA,EAAAC,aAAA;IAC7C,MAAMhD,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;MAAEC,GAAG,EAAE,sBAAsB;MAAE8C,KAAK,EAAEL,OAAO,CAACzD,MAAM,GAAG,OAAO,GAAG+D;IAAU,CAAC,CAAC;IACjH,MAAM3E,UAAU,IAAAsE,mBAAA,GAAGD,OAAO,CAACrE,UAAU,YAAAsE,mBAAA,GAAI,IAAI,CAACxE,aAAa,EAAE;IAC7D,MAAM8E,WAAW,GAAGP,OAAO,CAAC9D,KAAK;IACjCkB,MAAM,CAACI,IAAI,CAAE,4BAA2B7B,UAAW,GAAE,CAAC;IAEtD,MAAM6E,gBAAwC,GAAG;MAC/CrE,OAAO,EAAE6D,OAAO,CAAC7D,OAAO;MACxBsE,QAAQ,GAAAP,iBAAA,GAAEF,OAAO,CAACS,QAAQ,YAAAP,iBAAA,GAAI,IAAI;MAClC5D,MAAM,GAAA6D,eAAA,GAAEH,OAAO,CAAC1D,MAAM,YAAA6D,eAAA,GAAIvE,eAAM,CAACI,YAAY;MAC7C0E,IAAI,GAAAN,aAAA,GAAEJ,OAAO,CAACU,IAAI,YAAAN,aAAA,GAAI,GAAG;MACzBO,QAAQ,EAAE;IACZ,CAAC;IAED,IAAIX,OAAO,CAAC3D,MAAM,EAAE;MAClBe,MAAM,CAAC4B,KAAK,CAAE,eAAcrD,UAAW,aAAY,CAAC;MACpD6E,gBAAgB,CAACnE,MAAM,GAAG2D,OAAO,CAAC3D,MAAM;MACxCmE,gBAAgB,CAACI,QAAQ,GAAGhF,eAAM,CAACiF,cAAc;IACnD;IAEA,MAAMC,gBAAgB,GAAGlD,mBAAgB,CAACmD,SAAS,CAACpF,UAAU,EAAE4E,WAAW,EAAEC,gBAAgB,CAAC;IAE9F,IAAIX,UAAoB,GAAG,EAAE;IAC7B,IAAIiB,gBAAgB,CAAC/C,MAAM,IAAIiD,4BAAiB,EAAE;MAChD5D,MAAM,CAACI,IAAI,CAAE,yCAAwC7B,UAAW,GAAE,CAAC;MACnEkE,UAAU,GAAG,CAACiB,gBAAgB,CAAC;IACjC,CAAC,MAAM;MACL1D,MAAM,CAAC4B,KAAK,CAAC,mCAAmC,CAAC;MACjD;MACA,MAAMrB,OAAO,GAAG,IAAAsD,2BAAkB,EAACtF,UAAU,EAAE4E,WAAW,EAAEC,gBAAgB,CAAC;MAC7EpD,MAAM,CAACI,IAAI,CAAE,gDAA+C7B,UAAW,aAAYgC,OAAO,CAACI,MAAO,GAAE,CAAC;MACrG8B,UAAU,GAAGlC,OAAO;IACtB;IAEA,MAAMuD,mBAAmB,GAAG,IAAI,CAACvB,gCAAgC,CAACK,OAAO,EAAEH,UAAU,CAAC;IACtF,OAAO,CAAC,GAAGqB,mBAAmB,EAAE,GAAGrB,UAAU,CAAC;EAChD;;EAEA;AACF;AACA;AACA;AACA;AACA;EACEsB,iBAAiBA,CAAChE,OAAoB,EAA0B;IAC9D,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;MAAEC,GAAG,EAAE;IAAkC,CAAC,CAAC;IAE/EH,MAAM,CAACI,IAAI,CAAC,kDAAkD,CAAC;IAC/D,MAAMa,YAAY,GAAG,IAAAX,wBAAe,EAACP,OAAO,CAAC;IAC7CC,MAAM,CAACI,IAAI,CAAC,8BAA8B,CAAC;IAC3C,OAAOI,mBAAgB,CAACC,KAAK,CAACQ,YAAY,CAAC;EAC7C;;EAEA;AACF;AACA;AACA;AACA;EACE+C,2BAA2BA,CAACjE,OAAqB,EAAsB;IACrE,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;MAAEC,GAAG,EAAE;IAA4C,CAAC,CAAC;IACzFH,MAAM,CAACI,IAAI,CAAC,sDAAsD,CAAC;IAEnE,IAAI,CAACL,OAAO,EAAE;MACZC,MAAM,CAACI,IAAI,CAAE,qDAAoD,CAAC;MAClE,OAAO8C,SAAS;IAClB;IAEAlD,MAAM,CAAC4B,KAAK,CAAC,uBAAuB,CAAC;IACrC,MAAMvB,SAAS,GAAG,IAAAC,wBAAe,EAACP,OAAO,CAAC;IAE1CC,MAAM,CAAC4B,KAAK,CAAC,8BAA8B,CAAC;IAC5C,MAAMrB,OAAO,GAAGC,mBAAgB,CAACC,KAAK,CAACJ,SAAS,CAAC;IAEjDL,MAAM,CAAC4B,KAAK,CAAC,kCAAkC,CAAC;IAChD,IAAIqC,CAAC,GAAG,CAAC;IACT,IAAIC,cAAc,GAAG,EAAE;IACvB,IAAIC,kBAAsC,GAAG5D,OAAO,CAAC,IAAI,CAAClC,aAAa,EAAE,CAAC;IAC1E,IAAI8F,kBAAkB,KAAKjB,SAAS,EAAE;MACpC,GAAG;QACDiB,kBAAkB,GAAG5D,OAAO,CAAC,IAAA9B,6BAAoB,EAACwF,CAAC,EAAE,CAAC,CAAC;QACvD,IAAIE,kBAAkB,EAAE;UACtBD,cAAc,IAAIC,kBAAkB;QACtC;MACF,CAAC,QAAQA,kBAAkB;IAC7B,CAAC,MAAM;MACLD,cAAc,GAAGC,kBAAkB;IACrC;IAEA,IAAID,cAAc,CAACvD,MAAM,KAAK,CAAC,EAAE;MAC/BX,MAAM,CAACI,IAAI,CAAC,0BAA0B,CAAC;MACvC,OAAO8C,SAAS;IAClB;IAEAlD,MAAM,CAACI,IAAI,CAAE,iCAAgC8D,cAAc,CAACvD,MAAO,GAAE,CAAC;IACtE,OAAOuD,cAAc;EACvB;EAEAE,oBAAoBA,CAAC7D,OAAwB,EAAsB;IACjE,MAAMP,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;MAAEC,GAAG,EAAE;IAAqC,CAAC,CAAC;IAClF,MAAMkE,YAAY,GAAG9D,OAAO,CAACsB,MAAM,CAAEJ,CAAC,IAAKA,CAAC,CAAC7B,IAAI,CAAC0E,QAAQ,CAAC,IAAI,CAACjG,aAAa,EAAE,CAAC,CAAC;IACjF2B,MAAM,CAACI,IAAI,CAAC,2DAA2D,CAAC;IAExE,IAAI,CAACiE,YAAY,IAAIA,YAAY,CAAC1D,MAAM,KAAK,CAAC,EAAE;MAC9CX,MAAM,CAACI,IAAI,CAAE,0BAAyB,CAAC;MACvC,OAAO8C,SAAS;IAClB;IACAlD,MAAM,CAAC4B,KAAK,CAAE,SAAQyC,YAAY,CAAC1D,MAAO,SAAQ,CAAC;IACnD0D,YAAY,CAACE,IAAI,CAAC,CAACC,CAAC,EAAEC,CAAC,KAAK;MAC1B,MAAMC,iBAAiB,GAAGC,QAAQ,CAACH,CAAC,CAAC5E,IAAI,CAACgF,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;MACpD,MAAMC,kBAAkB,GAAGF,QAAQ,CAACF,CAAC,CAAC7E,IAAI,CAACgF,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;MACrD,OAAOF,iBAAiB,GAAGG,kBAAkB,GAAG,CAAC,GAAG,CAAC,CAAC;IACxD,CAAC,CAAC;IAEF7E,MAAM,CAACI,IAAI,CAAE,oCAAmC,CAAC;IACjD,OAAOiE,YAAY,CAAC7C,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAAC3C,KAAK,CAAC,CAACuD,IAAI,CAAC,EAAE,CAAC;EAClD;EA4DA;AACF;AACA;AACA;AACA;AACA;EACEyC,aAAaA,CAAC;IAAEC,WAAW;IAAEpG,SAAS;IAAEC,YAAY;IAAEoG,GAAG;IAAExC;EAA0B,CAAC,EAAQ;IAAA,IAAAyC,IAAA;IAC5F,MAAMjF,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;MAAEC,GAAG,EAAE;IAA8B,CAAC,CAAC;IAC3EH,MAAM,CAAC4B,KAAK,CAAC,8DAA8D,CAAC;IAC5E,MAAMlC,eAAe,GAAG,IAAI,CAACI,kBAAkB,CAAC0C,GAAG,CAAC;IACpD,MAAMW,WAAW,GAAG,IAAI,CAAC/D,kBAAkB,CAACT,SAAS,EAAEC,YAAY,EAAEmG,WAAW,WAAXA,WAAW,GAAIrF,eAAe,CAAC;IACpG,IAAIwF,iBAAiB,IAAAD,IAAA,GAAID,GAAG,CAACG,SAAS,CAAC,YAAY,CAAC,YAAAF,IAAA,GAA0B,EAAE;IAChF,IAAI,OAAOC,iBAAiB,KAAK,QAAQ,EAAE;MACzCA,iBAAiB,GAAG,CAACA,iBAAiB,CAAC;IACzC;IAEA,MAAME,gBAAgB,GAAG,CAAC,GAAGF,iBAAiB,EAAE,GAAG/B,WAAW,CAAC;IAC/DnD,MAAM,CAAC4B,KAAK,CAAE,4BAA2BwD,gBAAgB,CAACzE,MAAO,GAAE,CAAC;IACpEqE,GAAG,CAACK,SAAS,CAAC,YAAY,EAAED,gBAAgB,CAAC;EAC/C;;EAEA;AACF;AACA;AACA;AACA;AACA;AAwDA;AAAC,IAAAE,QAAA,GAEc,IAAInH,aAAa,EAAE;AAAAoH,OAAA,CAAAC,OAAA,GAAAF,QAAA"}
|
|
@@ -9,6 +9,7 @@ var _extends2 = _interopRequireDefault(require("@babel/runtime/helpers/extends")
|
|
|
9
9
|
var _api = require("../../api");
|
|
10
10
|
var _common = require("../common");
|
|
11
11
|
var _fronteggLogger = _interopRequireDefault(require("../fronteggLogger"));
|
|
12
|
+
var _config = _interopRequireDefault(require("../../config"));
|
|
12
13
|
const FULFILLED_STATUS = 'fulfilled';
|
|
13
14
|
async function fetchUserData(options) {
|
|
14
15
|
const {
|
|
@@ -31,6 +32,9 @@ async function fetchUserData(options) {
|
|
|
31
32
|
const headers = (0, _extends2.default)({}, reqHeaders, {
|
|
32
33
|
authorization: `Bearer ${accessToken}`
|
|
33
34
|
});
|
|
35
|
+
if (_config.default.appId) {
|
|
36
|
+
headers['frontegg-requested-application-id'] = _config.default.appId;
|
|
37
|
+
}
|
|
34
38
|
logger.debug('Retrieving user data...');
|
|
35
39
|
const [baseUserResult, tenantsResult, entitlementsResult, meAuthorizationResult] = await Promise.allSettled([(0, _api.getMe)(headers), (0, _api.getTenants)(headers), (0, _api.getEntitlements)(headers), (0, _api.getMeAuthorization)(headers)]);
|
|
36
40
|
logger.debug('Retrieved user data:', 'baseUserResult: ', baseUserResult.status, 'tenantsResult:', tenantsResult.status, 'entitlements:', entitlementsResult.status);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":["_api","require","_common","_fronteggLogger","_interopRequireDefault","FULFILLED_STATUS","fetchUserData","options","getSession","getHeaders","logger","fronteggLogger","child","tag","session","info","accessToken","reqHeaders","headers","_extends2","default","authorization","debug","baseUserResult","tenantsResult","entitlementsResult","meAuthorizationResult","Promise","allSettled","getMe","getTenants","getEntitlements","getMeAuthorization","status","baseUser","value","tenantsResponse","meAuthorizationResponse","entitlementsResponse","undefined","user","entitlements","expiresIn","calculateExpiresInFromExp","exp","tenants","activeTenant","e"],"sources":["../../../../../packages/nextjs/src/utils/fetchUserData/index.ts"],"sourcesContent":["import { AllUserData, FronteggNextJSSession } from '../../types';\nimport { getTenants, getMe, getMeAuthorization, getEntitlements } from '../../api';\nimport { calculateExpiresInFromExp } from '../common';\nimport fronteggLogger from '../fronteggLogger';\n\nconst FULFILLED_STATUS = 'fulfilled';\n\ntype FetchUserDataOptions = {\n getSession: () => Promise<FronteggNextJSSession | undefined | null>;\n getHeaders: () => Promise<Record<string, string | string[] | undefined>>;\n};\n\nexport default async function fetchUserData(options: FetchUserDataOptions): Promise<AllUserData> {\n const { getSession, getHeaders } = options;\n\n const logger = fronteggLogger.child({ tag: 'fetchUserData.getAllUserData' });\n try {\n const session = await getSession();\n if (!session) {\n logger.info('No session found');\n return {};\n }\n\n const { accessToken } = session;\n const reqHeaders = await getHeaders();\n const headers = { ...reqHeaders, authorization: `Bearer ${accessToken}` };\n\n logger.debug('Retrieving user data...');\n const [baseUserResult, tenantsResult, entitlementsResult, meAuthorizationResult] = await Promise.allSettled([\n getMe(headers),\n getTenants(headers),\n getEntitlements(headers),\n getMeAuthorization(headers),\n ]);\n\n logger.debug(\n 'Retrieved user data:',\n 'baseUserResult: ',\n baseUserResult.status,\n 'tenantsResult:',\n tenantsResult.status,\n 'entitlements:',\n entitlementsResult.status\n );\n\n const baseUser = baseUserResult.status === FULFILLED_STATUS ? baseUserResult.value : null;\n const tenantsResponse = tenantsResult.status === FULFILLED_STATUS ? tenantsResult.value : null;\n const meAuthorizationResponse =\n meAuthorizationResult.status === FULFILLED_STATUS ? meAuthorizationResult.value : null;\n const entitlementsResponse = entitlementsResult.status === FULFILLED_STATUS ? entitlementsResult.value : undefined;\n\n if (!baseUser || !tenantsResponse) {\n logger.info('No base user or tenants found');\n return {};\n }\n\n const user = {\n ...session.user,\n ...baseUser!,\n ...meAuthorizationResponse,\n entitlements: entitlementsResponse,\n expiresIn: calculateExpiresInFromExp(session.user.exp),\n };\n\n logger.info('Retrieved all user data successfully');\n\n const { tenants, activeTenant } = tenantsResponse;\n return { user, session, tenants, activeTenant };\n } catch (e: any) {\n // logger.error(e.message, e);\n return {};\n }\n}\n"],"mappings":";;;;;;;;AACA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,eAAA,GAAAC,sBAAA,CAAAH,OAAA;AAEA,
|
|
1
|
+
{"version":3,"file":"index.js","names":["_api","require","_common","_fronteggLogger","_interopRequireDefault","_config","FULFILLED_STATUS","fetchUserData","options","getSession","getHeaders","logger","fronteggLogger","child","tag","session","info","accessToken","reqHeaders","headers","_extends2","default","authorization","config","appId","debug","baseUserResult","tenantsResult","entitlementsResult","meAuthorizationResult","Promise","allSettled","getMe","getTenants","getEntitlements","getMeAuthorization","status","baseUser","value","tenantsResponse","meAuthorizationResponse","entitlementsResponse","undefined","user","entitlements","expiresIn","calculateExpiresInFromExp","exp","tenants","activeTenant","e"],"sources":["../../../../../packages/nextjs/src/utils/fetchUserData/index.ts"],"sourcesContent":["import { AllUserData, FronteggNextJSSession } from '../../types';\nimport { getTenants, getMe, getMeAuthorization, getEntitlements } from '../../api';\nimport { calculateExpiresInFromExp } from '../common';\nimport fronteggLogger from '../fronteggLogger';\nimport config from '../../config';\n\nconst FULFILLED_STATUS = 'fulfilled';\n\ntype FetchUserDataOptions = {\n getSession: () => Promise<FronteggNextJSSession | undefined | null>;\n getHeaders: () => Promise<Record<string, string | string[] | undefined>>;\n};\n\nexport default async function fetchUserData(options: FetchUserDataOptions): Promise<AllUserData> {\n const { getSession, getHeaders } = options;\n\n const logger = fronteggLogger.child({ tag: 'fetchUserData.getAllUserData' });\n try {\n const session = await getSession();\n if (!session) {\n logger.info('No session found');\n return {};\n }\n\n const { accessToken } = session;\n const reqHeaders = await getHeaders();\n const headers: Record<string, string> = { ...reqHeaders, authorization: `Bearer ${accessToken}` };\n\n if (config.appId) {\n headers['frontegg-requested-application-id'] = config.appId;\n }\n\n logger.debug('Retrieving user data...');\n const [baseUserResult, tenantsResult, entitlementsResult, meAuthorizationResult] = await Promise.allSettled([\n getMe(headers),\n getTenants(headers),\n getEntitlements(headers),\n getMeAuthorization(headers),\n ]);\n\n logger.debug(\n 'Retrieved user data:',\n 'baseUserResult: ',\n baseUserResult.status,\n 'tenantsResult:',\n tenantsResult.status,\n 'entitlements:',\n entitlementsResult.status\n );\n\n const baseUser = baseUserResult.status === FULFILLED_STATUS ? baseUserResult.value : null;\n const tenantsResponse = tenantsResult.status === FULFILLED_STATUS ? tenantsResult.value : null;\n const meAuthorizationResponse =\n meAuthorizationResult.status === FULFILLED_STATUS ? meAuthorizationResult.value : null;\n const entitlementsResponse = entitlementsResult.status === FULFILLED_STATUS ? entitlementsResult.value : undefined;\n\n if (!baseUser || !tenantsResponse) {\n logger.info('No base user or tenants found');\n return {};\n }\n\n const user = {\n ...session.user,\n ...baseUser!,\n ...meAuthorizationResponse,\n entitlements: entitlementsResponse,\n expiresIn: calculateExpiresInFromExp(session.user.exp),\n };\n\n logger.info('Retrieved all user data successfully');\n\n const { tenants, activeTenant } = tenantsResponse;\n return { user, session, tenants, activeTenant };\n } catch (e: any) {\n // logger.error(e.message, e);\n return {};\n }\n}\n"],"mappings":";;;;;;;;AACA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,eAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,OAAA,GAAAD,sBAAA,CAAAH,OAAA;AAEA,MAAMK,gBAAgB,GAAG,WAAW;AAOrB,eAAeC,aAAaA,CAACC,OAA6B,EAAwB;EAC/F,MAAM;IAAEC,UAAU;IAAEC;EAAW,CAAC,GAAGF,OAAO;EAE1C,MAAMG,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA+B,CAAC,CAAC;EAC5E,IAAI;IACF,MAAMC,OAAO,GAAG,MAAMN,UAAU,EAAE;IAClC,IAAI,CAACM,OAAO,EAAE;MACZJ,MAAM,CAACK,IAAI,CAAC,kBAAkB,CAAC;MAC/B,OAAO,CAAC,CAAC;IACX;IAEA,MAAM;MAAEC;IAAY,CAAC,GAAGF,OAAO;IAC/B,MAAMG,UAAU,GAAG,MAAMR,UAAU,EAAE;IACrC,MAAMS,OAA+B,OAAAC,SAAA,CAAAC,OAAA,MAAQH,UAAU;MAAEI,aAAa,EAAG,UAASL,WAAY;IAAC,EAAE;IAEjG,IAAIM,eAAM,CAACC,KAAK,EAAE;MAChBL,OAAO,CAAC,mCAAmC,CAAC,GAAGI,eAAM,CAACC,KAAK;IAC7D;IAEAb,MAAM,CAACc,KAAK,CAAC,yBAAyB,CAAC;IACvC,MAAM,CAACC,cAAc,EAAEC,aAAa,EAAEC,kBAAkB,EAAEC,qBAAqB,CAAC,GAAG,MAAMC,OAAO,CAACC,UAAU,CAAC,CAC1G,IAAAC,UAAK,EAACb,OAAO,CAAC,EACd,IAAAc,eAAU,EAACd,OAAO,CAAC,EACnB,IAAAe,oBAAe,EAACf,OAAO,CAAC,EACxB,IAAAgB,uBAAkB,EAAChB,OAAO,CAAC,CAC5B,CAAC;IAEFR,MAAM,CAACc,KAAK,CACV,sBAAsB,EACtB,kBAAkB,EAClBC,cAAc,CAACU,MAAM,EACrB,gBAAgB,EAChBT,aAAa,CAACS,MAAM,EACpB,eAAe,EACfR,kBAAkB,CAACQ,MAAM,CAC1B;IAED,MAAMC,QAAQ,GAAGX,cAAc,CAACU,MAAM,KAAK9B,gBAAgB,GAAGoB,cAAc,CAACY,KAAK,GAAG,IAAI;IACzF,MAAMC,eAAe,GAAGZ,aAAa,CAACS,MAAM,KAAK9B,gBAAgB,GAAGqB,aAAa,CAACW,KAAK,GAAG,IAAI;IAC9F,MAAME,uBAAuB,GAC3BX,qBAAqB,CAACO,MAAM,KAAK9B,gBAAgB,GAAGuB,qBAAqB,CAACS,KAAK,GAAG,IAAI;IACxF,MAAMG,oBAAoB,GAAGb,kBAAkB,CAACQ,MAAM,KAAK9B,gBAAgB,GAAGsB,kBAAkB,CAACU,KAAK,GAAGI,SAAS;IAElH,IAAI,CAACL,QAAQ,IAAI,CAACE,eAAe,EAAE;MACjC5B,MAAM,CAACK,IAAI,CAAC,+BAA+B,CAAC;MAC5C,OAAO,CAAC,CAAC;IACX;IAEA,MAAM2B,IAAI,OAAAvB,SAAA,CAAAC,OAAA,MACLN,OAAO,CAAC4B,IAAI,EACZN,QAAQ,EACRG,uBAAuB;MAC1BI,YAAY,EAAEH,oBAAoB;MAClCI,SAAS,EAAE,IAAAC,iCAAyB,EAAC/B,OAAO,CAAC4B,IAAI,CAACI,GAAG;IAAC,EACvD;IAEDpC,MAAM,CAACK,IAAI,CAAC,sCAAsC,CAAC;IAEnD,MAAM;MAAEgC,OAAO;MAAEC;IAAa,CAAC,GAAGV,eAAe;IACjD,OAAO;MAAEI,IAAI;MAAE5B,OAAO;MAAEiC,OAAO;MAAEC;IAAa,CAAC;EACjD,CAAC,CAAC,OAAOC,CAAM,EAAE;IACf;IACA,OAAO,CAAC,CAAC;EACX;AACF"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":["_js","require","_reduxStore","_sdkVersion","_interopRequireDefault","_package","_utils","initializeFronteggApp","options","onRedirectTo","appName","storeHolder","_options$authOptions","_options$authOptions2","_options$hostedLoginB","_options$authOptions$","_options$authOptions3","session","user","tenants","activeTenant","accessToken","refreshToken","contextOptions","_extends2","default","requestCredentials","additionalHeadersResolver","_options$contextOptio","additionalHeaders","originalAdditionalHeadersResolver","push","e","Array","isArray","key","value","nextjsPkg","version","sdkVersion","tokenResolver","secureJwtEnabled","undefined","baseUrl","path","isMiddlewarePath","envAppUrl","envBaseUrl","clientId","envClientId","tenantsState","authOptions","userData","isLoading","isAuthenticated","hostedLoginBox","disableSilentRefresh","sharedStore","store","createStore","context","previewMode","name","urlStrategy","builderMode","initialState","auth","createdApp","AppHolder","getInstance","_options$hostedLoginB2","_options$customLoginB","initialize","customLoginBox","basename","_default","exports"],"sources":["../../../../../packages/nextjs/src/utils/initializeFronteggApp/index.ts"],"sourcesContent":["import { AppHolder, FronteggApp, initialize } from '@frontegg/js';\nimport { createStore, AuthState } from '@frontegg/redux-store';\nimport { KeyValuePair } from '@frontegg/rest-api';\nimport { FronteggAppOptions } from '@frontegg/types';\nimport sdkVersion from '../../sdkVersion';\nimport type { FronteggProviderOptions } from '../../types';\nimport nextjsPkg from 'next/package.json';\nimport { isMiddlewarePath } from '../../api/utils';\n\ntype CreateOrGetFronteggAppParams = {\n options: FronteggProviderOptions;\n onRedirectTo: AuthState['onRedirectTo'];\n appName?: string;\n storeHolder: any;\n};\n\nconst initializeFronteggApp = ({\n options,\n onRedirectTo,\n appName,\n storeHolder,\n}: CreateOrGetFronteggAppParams): FronteggApp => {\n const { session, user, tenants, activeTenant } = options;\n const { accessToken, refreshToken } = session ?? {};\n\n const contextOptions: FronteggAppOptions['contextOptions'] = {\n requestCredentials: 'include' as RequestCredentials,\n ...options.contextOptions,\n additionalHeadersResolver: async () => {\n const additionalHeaders: KeyValuePair[] = [];\n const originalAdditionalHeadersResolver = options.contextOptions?.additionalHeadersResolver;\n if (typeof originalAdditionalHeadersResolver === 'function') {\n try {\n additionalHeaders.push(...(await originalAdditionalHeadersResolver()));\n } catch (e) {\n /** ignore failed additionalHeadersResolver */\n }\n } else if (Array.isArray(originalAdditionalHeadersResolver)) {\n additionalHeaders.push(...(originalAdditionalHeadersResolver as KeyValuePair[]));\n }\n additionalHeaders.push({\n key: 'x-frontegg-framework',\n value: `next@${nextjsPkg.version}`,\n });\n additionalHeaders.push({\n key: 'x-frontegg-sdk',\n value: `@frontegg/nextjs@${sdkVersion.version}`,\n });\n return additionalHeaders;\n },\n tokenResolver: options.secureJwtEnabled ? () => '' : undefined,\n baseUrl: (path: string) => {\n if (isMiddlewarePath(path) || options.secureJwtEnabled) {\n return `${options.envAppUrl}/api`;\n } else {\n return options.envBaseUrl;\n }\n },\n clientId: options.envClientId,\n };\n\n const tenantsState = {\n tenants: tenants || [],\n activeTenant,\n ...options.authOptions?.tenantsState,\n };\n const userData = user\n ? {\n ...user,\n accessToken: accessToken ?? '',\n refreshToken: refreshToken ?? undefined,\n ...options.authOptions?.user,\n }\n : null;\n\n const authOptions: FronteggAppOptions['authOptions'] = {\n ...options.authOptions,\n onRedirectTo,\n isLoading: false,\n isAuthenticated: !!options.session,\n hostedLoginBox: options.hostedLoginBox ?? false,\n disableSilentRefresh: options.authOptions?.disableSilentRefresh ?? true,\n user: userData,\n tenantsState: tenantsState as AuthState['tenantsState'],\n };\n\n let sharedStore = storeHolder.store;\n if (!sharedStore) {\n sharedStore = createStore({\n context: contextOptions,\n storeHolder,\n previewMode: options.previewMode,\n name: appName ?? 'default',\n urlStrategy: options.urlStrategy,\n builderMode: false,\n initialState: {\n auth: authOptions,\n },\n });\n storeHolder.store = sharedStore;\n }\n\n let createdApp;\n try {\n createdApp = AppHolder.getInstance(appName ?? 'default');\n createdApp.store = sharedStore;\n } catch (e) {\n createdApp = initialize(\n {\n ...options,\n store: sharedStore,\n hostedLoginBox: options.hostedLoginBox ?? false,\n customLoginBox: options.customLoginBox ?? false,\n basename: options.basename,\n authOptions,\n contextOptions,\n onRedirectTo,\n },\n appName ?? 'default'\n );\n }\n return createdApp;\n};\nexport default initializeFronteggApp;\n"],"mappings":";;;;;;;;AAAA,IAAAA,GAAA,GAAAC,OAAA;AACA,IAAAC,WAAA,GAAAD,OAAA;AAGA,IAAAE,WAAA,GAAAC,sBAAA,CAAAH,OAAA;AAEA,IAAAI,QAAA,GAAAD,sBAAA,CAAAH,OAAA;AACA,IAAAK,MAAA,GAAAL,OAAA;AASA,MAAMM,qBAAqB,GAAGA,CAAC;EAC7BC,OAAO;EACPC,YAAY;EACZC,OAAO;EACPC;AAC4B,CAAC,KAAkB;EAAA,IAAAC,oBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,qBAAA;EAC/C,MAAM;IAAEC,OAAO;IAAEC,IAAI;IAAEC,OAAO;IAAEC;EAAa,CAAC,GAAGZ,OAAO;EACxD,MAAM;IAAEa,WAAW;IAAEC;EAAa,CAAC,GAAGL,OAAO,WAAPA,OAAO,GAAI,CAAC,CAAC;EAEnD,MAAMM,cAAoD,OAAAC,SAAA,CAAAC,OAAA;IACxDC,kBAAkB,EAAE;EAA+B,GAChDlB,OAAO,CAACe,cAAc;IACzBI,yBAAyB,EAAE,MAAAA,CAAA,KAAY;MAAA,IAAAC,qBAAA;MACrC,MAAMC,iBAAiC,GAAG,EAAE;MAC5C,MAAMC,iCAAiC,IAAAF,qBAAA,GAAGpB,OAAO,CAACe,cAAc,qBAAtBK,qBAAA,CAAwBD,yBAAyB;MAC3F,IAAI,OAAOG,iCAAiC,KAAK,UAAU,EAAE;QAC3D,IAAI;UACFD,iBAAiB,CAACE,IAAI,CAAC,IAAI,MAAMD,iCAAiC,EAAE,CAAC,CAAC;QACxE,CAAC,CAAC,OAAOE,CAAC,EAAE;UACV;QAAA;MAEJ,CAAC,MAAM,IAAIC,KAAK,CAACC,OAAO,CAACJ,iCAAiC,CAAC,EAAE;QAC3DD,iBAAiB,CAACE,IAAI,CAAC,GAAID,iCAAoD,CAAC;MAClF;MACAD,iBAAiB,CAACE,IAAI,CAAC;QACrBI,GAAG,EAAE,sBAAsB;QAC3BC,KAAK,EAAG,QAAOC,gBAAS,CAACC,OAAQ;MACnC,CAAC,CAAC;MACFT,iBAAiB,CAACE,IAAI,CAAC;QACrBI,GAAG,EAAE,gBAAgB;QACrBC,KAAK,EAAG,oBAAmBG,mBAAU,CAACD,OAAQ;MAChD,CAAC,CAAC;MACF,OAAOT,iBAAiB;IAC1B,CAAC;IACDW,aAAa,EAAEhC,OAAO,CAACiC,gBAAgB,GAAG,MAAM,EAAE,GAAGC,SAAS;IAC9DC,OAAO,EAAGC,IAAY,IAAK;MACzB,IAAI,IAAAC,uBAAgB,EAACD,IAAI,CAAC,IAAIpC,OAAO,CAACiC,gBAAgB,EAAE;QACtD,OAAQ,GAAEjC,OAAO,CAACsC,SAAU,MAAK;MACnC,CAAC,MAAM;QACL,OAAOtC,OAAO,CAACuC,UAAU;MAC3B;IACF,CAAC;IACDC,QAAQ,EAAExC,OAAO,CAACyC;
|
|
1
|
+
{"version":3,"file":"index.js","names":["_js","require","_reduxStore","_sdkVersion","_interopRequireDefault","_package","_utils","initializeFronteggApp","options","onRedirectTo","appName","storeHolder","_options$authOptions","_options$authOptions2","_options$hostedLoginB","_options$authOptions$","_options$authOptions3","session","user","tenants","activeTenant","accessToken","refreshToken","contextOptions","_extends2","default","requestCredentials","additionalHeadersResolver","_options$contextOptio","additionalHeaders","originalAdditionalHeadersResolver","push","e","Array","isArray","key","value","nextjsPkg","version","sdkVersion","tokenResolver","secureJwtEnabled","undefined","baseUrl","path","isMiddlewarePath","envAppUrl","envBaseUrl","clientId","envClientId","appId","envAppId","tenantsState","authOptions","userData","isLoading","isAuthenticated","hostedLoginBox","disableSilentRefresh","sharedStore","store","createStore","context","previewMode","name","urlStrategy","builderMode","initialState","auth","createdApp","AppHolder","getInstance","_options$hostedLoginB2","_options$customLoginB","initialize","customLoginBox","basename","_default","exports"],"sources":["../../../../../packages/nextjs/src/utils/initializeFronteggApp/index.ts"],"sourcesContent":["import { AppHolder, FronteggApp, initialize } from '@frontegg/js';\nimport { createStore, AuthState } from '@frontegg/redux-store';\nimport { KeyValuePair } from '@frontegg/rest-api';\nimport { FronteggAppOptions } from '@frontegg/types';\nimport sdkVersion from '../../sdkVersion';\nimport type { FronteggProviderOptions } from '../../types';\nimport nextjsPkg from 'next/package.json';\nimport { isMiddlewarePath } from '../../api/utils';\n\ntype CreateOrGetFronteggAppParams = {\n options: FronteggProviderOptions;\n onRedirectTo: AuthState['onRedirectTo'];\n appName?: string;\n storeHolder: any;\n};\n\nconst initializeFronteggApp = ({\n options,\n onRedirectTo,\n appName,\n storeHolder,\n}: CreateOrGetFronteggAppParams): FronteggApp => {\n const { session, user, tenants, activeTenant } = options;\n const { accessToken, refreshToken } = session ?? {};\n\n const contextOptions: FronteggAppOptions['contextOptions'] = {\n requestCredentials: 'include' as RequestCredentials,\n ...options.contextOptions,\n additionalHeadersResolver: async () => {\n const additionalHeaders: KeyValuePair[] = [];\n const originalAdditionalHeadersResolver = options.contextOptions?.additionalHeadersResolver;\n if (typeof originalAdditionalHeadersResolver === 'function') {\n try {\n additionalHeaders.push(...(await originalAdditionalHeadersResolver()));\n } catch (e) {\n /** ignore failed additionalHeadersResolver */\n }\n } else if (Array.isArray(originalAdditionalHeadersResolver)) {\n additionalHeaders.push(...(originalAdditionalHeadersResolver as KeyValuePair[]));\n }\n additionalHeaders.push({\n key: 'x-frontegg-framework',\n value: `next@${nextjsPkg.version}`,\n });\n additionalHeaders.push({\n key: 'x-frontegg-sdk',\n value: `@frontegg/nextjs@${sdkVersion.version}`,\n });\n return additionalHeaders;\n },\n tokenResolver: options.secureJwtEnabled ? () => '' : undefined,\n baseUrl: (path: string) => {\n if (isMiddlewarePath(path) || options.secureJwtEnabled) {\n return `${options.envAppUrl}/api`;\n } else {\n return options.envBaseUrl;\n }\n },\n clientId: options.envClientId,\n appId: options.envAppId,\n };\n\n const tenantsState = {\n tenants: tenants || [],\n activeTenant,\n ...options.authOptions?.tenantsState,\n };\n const userData = user\n ? {\n ...user,\n accessToken: accessToken ?? '',\n refreshToken: refreshToken ?? undefined,\n ...options.authOptions?.user,\n }\n : null;\n\n const authOptions: FronteggAppOptions['authOptions'] = {\n ...options.authOptions,\n onRedirectTo,\n isLoading: false,\n isAuthenticated: !!options.session,\n hostedLoginBox: options.hostedLoginBox ?? false,\n disableSilentRefresh: options.authOptions?.disableSilentRefresh ?? true,\n user: userData,\n tenantsState: tenantsState as AuthState['tenantsState'],\n };\n\n let sharedStore = storeHolder.store;\n if (!sharedStore) {\n sharedStore = createStore({\n context: contextOptions,\n storeHolder,\n previewMode: options.previewMode,\n name: appName ?? 'default',\n urlStrategy: options.urlStrategy,\n builderMode: false,\n initialState: {\n auth: authOptions,\n },\n });\n storeHolder.store = sharedStore;\n }\n\n let createdApp;\n try {\n createdApp = AppHolder.getInstance(appName ?? 'default');\n createdApp.store = sharedStore;\n } catch (e) {\n createdApp = initialize(\n {\n ...options,\n store: sharedStore,\n hostedLoginBox: options.hostedLoginBox ?? false,\n customLoginBox: options.customLoginBox ?? false,\n basename: options.basename,\n authOptions,\n contextOptions,\n onRedirectTo,\n },\n appName ?? 'default'\n );\n }\n return createdApp;\n};\nexport default initializeFronteggApp;\n"],"mappings":";;;;;;;;AAAA,IAAAA,GAAA,GAAAC,OAAA;AACA,IAAAC,WAAA,GAAAD,OAAA;AAGA,IAAAE,WAAA,GAAAC,sBAAA,CAAAH,OAAA;AAEA,IAAAI,QAAA,GAAAD,sBAAA,CAAAH,OAAA;AACA,IAAAK,MAAA,GAAAL,OAAA;AASA,MAAMM,qBAAqB,GAAGA,CAAC;EAC7BC,OAAO;EACPC,YAAY;EACZC,OAAO;EACPC;AAC4B,CAAC,KAAkB;EAAA,IAAAC,oBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,qBAAA;EAC/C,MAAM;IAAEC,OAAO;IAAEC,IAAI;IAAEC,OAAO;IAAEC;EAAa,CAAC,GAAGZ,OAAO;EACxD,MAAM;IAAEa,WAAW;IAAEC;EAAa,CAAC,GAAGL,OAAO,WAAPA,OAAO,GAAI,CAAC,CAAC;EAEnD,MAAMM,cAAoD,OAAAC,SAAA,CAAAC,OAAA;IACxDC,kBAAkB,EAAE;EAA+B,GAChDlB,OAAO,CAACe,cAAc;IACzBI,yBAAyB,EAAE,MAAAA,CAAA,KAAY;MAAA,IAAAC,qBAAA;MACrC,MAAMC,iBAAiC,GAAG,EAAE;MAC5C,MAAMC,iCAAiC,IAAAF,qBAAA,GAAGpB,OAAO,CAACe,cAAc,qBAAtBK,qBAAA,CAAwBD,yBAAyB;MAC3F,IAAI,OAAOG,iCAAiC,KAAK,UAAU,EAAE;QAC3D,IAAI;UACFD,iBAAiB,CAACE,IAAI,CAAC,IAAI,MAAMD,iCAAiC,EAAE,CAAC,CAAC;QACxE,CAAC,CAAC,OAAOE,CAAC,EAAE;UACV;QAAA;MAEJ,CAAC,MAAM,IAAIC,KAAK,CAACC,OAAO,CAACJ,iCAAiC,CAAC,EAAE;QAC3DD,iBAAiB,CAACE,IAAI,CAAC,GAAID,iCAAoD,CAAC;MAClF;MACAD,iBAAiB,CAACE,IAAI,CAAC;QACrBI,GAAG,EAAE,sBAAsB;QAC3BC,KAAK,EAAG,QAAOC,gBAAS,CAACC,OAAQ;MACnC,CAAC,CAAC;MACFT,iBAAiB,CAACE,IAAI,CAAC;QACrBI,GAAG,EAAE,gBAAgB;QACrBC,KAAK,EAAG,oBAAmBG,mBAAU,CAACD,OAAQ;MAChD,CAAC,CAAC;MACF,OAAOT,iBAAiB;IAC1B,CAAC;IACDW,aAAa,EAAEhC,OAAO,CAACiC,gBAAgB,GAAG,MAAM,EAAE,GAAGC,SAAS;IAC9DC,OAAO,EAAGC,IAAY,IAAK;MACzB,IAAI,IAAAC,uBAAgB,EAACD,IAAI,CAAC,IAAIpC,OAAO,CAACiC,gBAAgB,EAAE;QACtD,OAAQ,GAAEjC,OAAO,CAACsC,SAAU,MAAK;MACnC,CAAC,MAAM;QACL,OAAOtC,OAAO,CAACuC,UAAU;MAC3B;IACF,CAAC;IACDC,QAAQ,EAAExC,OAAO,CAACyC,WAAW;IAC7BC,KAAK,EAAE1C,OAAO,CAAC2C;EAAQ,EACxB;EAED,MAAMC,YAAY,OAAA5B,SAAA,CAAAC,OAAA;IAChBN,OAAO,EAAEA,OAAO,IAAI,EAAE;IACtBC;EAAY,IAAAR,oBAAA,GACTJ,OAAO,CAAC6C,WAAW,qBAAnBzC,oBAAA,CAAqBwC,YAAY,CACrC;EACD,MAAME,QAAQ,GAAGpC,IAAI,OAAAM,SAAA,CAAAC,OAAA,MAEZP,IAAI;IACPG,WAAW,EAAEA,WAAW,WAAXA,WAAW,GAAI,EAAE;IAC9BC,YAAY,EAAEA,YAAY,WAAZA,YAAY,GAAIoB;EAAS,IAAA7B,qBAAA,GACpCL,OAAO,CAAC6C,WAAW,qBAAnBxC,qBAAA,CAAqBK,IAAI,IAE9B,IAAI;EAER,MAAMmC,WAA8C,OAAA7B,SAAA,CAAAC,OAAA,MAC/CjB,OAAO,CAAC6C,WAAW;IACtB5C,YAAY;IACZ8C,SAAS,EAAE,KAAK;IAChBC,eAAe,EAAE,CAAC,CAAChD,OAAO,CAACS,OAAO;IAClCwC,cAAc,GAAA3C,qBAAA,GAAEN,OAAO,CAACiD,cAAc,YAAA3C,qBAAA,GAAI,KAAK;IAC/C4C,oBAAoB,GAAA3C,qBAAA,IAAAC,qBAAA,GAAER,OAAO,CAAC6C,WAAW,qBAAnBrC,qBAAA,CAAqB0C,oBAAoB,YAAA3C,qBAAA,GAAI,IAAI;IACvEG,IAAI,EAAEoC,QAAQ;IACdF,YAAY,EAAEA;EAAyC,EACxD;EAED,IAAIO,WAAW,GAAGhD,WAAW,CAACiD,KAAK;EACnC,IAAI,CAACD,WAAW,EAAE;IAChBA,WAAW,GAAG,IAAAE,uBAAW,EAAC;MACxBC,OAAO,EAAEvC,cAAc;MACvBZ,WAAW;MACXoD,WAAW,EAAEvD,OAAO,CAACuD,WAAW;MAChCC,IAAI,EAAEtD,OAAO,WAAPA,OAAO,GAAI,SAAS;MAC1BuD,WAAW,EAAEzD,OAAO,CAACyD,WAAW;MAChCC,WAAW,EAAE,KAAK;MAClBC,YAAY,EAAE;QACZC,IAAI,EAAEf;MACR;IACF,CAAC,CAAC;IACF1C,WAAW,CAACiD,KAAK,GAAGD,WAAW;EACjC;EAEA,IAAIU,UAAU;EACd,IAAI;IACFA,UAAU,GAAGC,aAAS,CAACC,WAAW,CAAC7D,OAAO,WAAPA,OAAO,GAAI,SAAS,CAAC;IACxD2D,UAAU,CAACT,KAAK,GAAGD,WAAW;EAChC,CAAC,CAAC,OAAO3B,CAAC,EAAE;IAAA,IAAAwC,sBAAA,EAAAC,qBAAA;IACVJ,UAAU,GAAG,IAAAK,cAAU,MAAAlD,SAAA,CAAAC,OAAA,MAEhBjB,OAAO;MACVoD,KAAK,EAAED,WAAW;MAClBF,cAAc,GAAAe,sBAAA,GAAEhE,OAAO,CAACiD,cAAc,YAAAe,sBAAA,GAAI,KAAK;MAC/CG,cAAc,GAAAF,qBAAA,GAAEjE,OAAO,CAACmE,cAAc,YAAAF,qBAAA,GAAI,KAAK;MAC/CG,QAAQ,EAAEpE,OAAO,CAACoE,QAAQ;MAC1BvB,WAAW;MACX9B,cAAc;MACdd;IAAY,IAEdC,OAAO,WAAPA,OAAO,GAAI,SAAS,CACrB;EACH;EACA,OAAO2D,UAAU;AACnB,CAAC;AAAC,IAAAQ,QAAA,GACatE,qBAAqB;AAAAuE,OAAA,CAAArD,OAAA,GAAAoD,QAAA"}
|
|
@@ -40,6 +40,9 @@ async function refreshAccessTokenEmbedded(request) {
|
|
|
40
40
|
logger.info('check if has refresh token headers');
|
|
41
41
|
if (hasRefreshTokenCookie(cookies)) {
|
|
42
42
|
logger.info('going to refresh token (embedded mode)');
|
|
43
|
+
if (_config.default.appId) {
|
|
44
|
+
headers['frontegg-requested-application-id'] = _config.default.appId;
|
|
45
|
+
}
|
|
43
46
|
return await _api.default.refreshTokenEmbedded(headers);
|
|
44
47
|
}
|
|
45
48
|
return null;
|
|
@@ -57,6 +60,9 @@ async function refreshAccessTokenHostedLogin(request) {
|
|
|
57
60
|
logger.info('refresh token not found');
|
|
58
61
|
return null;
|
|
59
62
|
}
|
|
63
|
+
if (_config.default.appId) {
|
|
64
|
+
headers['frontegg-requested-application-id'] = _config.default.appId;
|
|
65
|
+
}
|
|
60
66
|
if (_config.default.secureJwtEnabled) {
|
|
61
67
|
const clientId = _config.default.clientId;
|
|
62
68
|
const clientSecret = _config.default.clientSecret;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"helpers.js","names":["_fronteggLogger","_interopRequireDefault","require","_cookies","_api","_common","_config","_urls","hasRefreshTokenCookie","cookies","logger","fronteggLogger","child","tag","refreshTokenKey","CookieManager","debug","cookieKey","Object","keys","find","cookie","replace","exists","refreshAccessTokenEmbedded","request","headers","info","api","refreshTokenEmbedded","refreshAccessTokenHostedLogin","sealFromCookies","getSessionCookieFromRequest","tokens","getTokensFromCookie","refreshToken","
|
|
1
|
+
{"version":3,"file":"helpers.js","names":["_fronteggLogger","_interopRequireDefault","require","_cookies","_api","_common","_config","_urls","hasRefreshTokenCookie","cookies","logger","fronteggLogger","child","tag","refreshTokenKey","CookieManager","debug","cookieKey","Object","keys","find","cookie","replace","exists","refreshAccessTokenEmbedded","request","headers","info","config","appId","api","refreshTokenEmbedded","refreshAccessTokenHostedLogin","sealFromCookies","getSessionCookieFromRequest","tokens","getTokensFromCookie","refreshToken","secureJwtEnabled","clientId","clientSecret","refreshTokenHostedLogin","e","error","isRuntimeNextRequest","url","startsWith","isOauthCallback","isSamlCallback","isSSOPostRequest","isRefreshTokenRequest","refreshTokenUrls","ApiUrls","embedded","hosted","includes"],"sources":["../../../../../packages/nextjs/src/utils/refreshAccessTokenIfNeeded/helpers.ts"],"sourcesContent":["import fronteggLogger from '../fronteggLogger';\nimport CookieManager from '../cookies';\nimport { NextApiRequest } from 'next/dist/shared/lib/utils';\nimport api from '../../api';\nimport { getTokensFromCookie } from '../../common';\nimport { IncomingMessage } from 'http';\nimport config from '../../config';\nimport { ApiUrls } from '../../api/urls';\n\nexport function hasRefreshTokenCookie(cookies: Record<string, any>): boolean {\n const logger = fronteggLogger.child({ tag: 'refreshToken.hasRefreshTokenCookie' });\n const refreshTokenKey = CookieManager.refreshTokenKey;\n logger.debug(`Checking if '${refreshTokenKey}' exists in cookies`);\n const cookieKey = Object.keys(cookies).find((cookie) => {\n return cookie.replace(/-/g, '') === refreshTokenKey;\n });\n const exists: boolean = cookieKey != null;\n logger.debug(`Cookie '${refreshTokenKey}' ${exists ? 'exists' : 'NOT exists'} in cookies`);\n return exists;\n}\n\nexport async function refreshAccessTokenEmbedded(request: IncomingMessage): Promise<Response | null> {\n const logger = fronteggLogger.child({ tag: 'refreshToken.refreshAccessTokenEmbedded' });\n\n const headers = request.headers as Record<string, string>;\n const cookies = (request as NextApiRequest).cookies;\n\n logger.info('check if has refresh token headers');\n if (hasRefreshTokenCookie(cookies)) {\n logger.info('going to refresh token (embedded mode)');\n if (config.appId) {\n headers['frontegg-requested-application-id'] = config.appId;\n }\n return await api.refreshTokenEmbedded(headers);\n }\n return null;\n}\n\nexport async function refreshAccessTokenHostedLogin(request: IncomingMessage): Promise<Response | null> {\n const logger = fronteggLogger.child({ tag: 'refreshToken.refreshAccessTokenHostedLogin' });\n const headers = request.headers as Record<string, string>;\n\n logger.info('trying to get token from cookies');\n\n const sealFromCookies = CookieManager.getSessionCookieFromRequest(request);\n try {\n const tokens = await getTokensFromCookie(sealFromCookies);\n if (!tokens?.refreshToken) {\n logger.info('refresh token not found');\n return null;\n }\n if (config.appId) {\n headers['frontegg-requested-application-id'] = config.appId;\n }\n if (config.secureJwtEnabled) {\n const clientId = config.clientId;\n const clientSecret = config.clientSecret;\n\n logger.info('going to refresh token (hosted-login mode) (secure-jwt mode)');\n return await api.refreshTokenHostedLogin(headers, tokens.refreshToken, clientId, clientSecret);\n } else {\n logger.info('going to refresh token (hosted-login mode) ', tokens.refreshToken);\n return await api.refreshTokenHostedLogin(headers, tokens.refreshToken);\n }\n } catch (e) {\n logger.error(e);\n return null;\n }\n}\n\n/**\n * If url starts with /_next/ means that the user trying to navigate\n * to a new nextjs page, in this scenario no need to refresh token\n * we can just return the actual stateless session from\n * the encrypted cookie\n */\nexport function isRuntimeNextRequest(url: string): boolean {\n return url.startsWith('/_next/');\n}\n\n/**\n * If url starts with '/oauth/callback' means that the user navigated back\n * from frontegg hosted login, in this scenario no need to SSR refresh token\n */\nexport function isOauthCallback(url: string): boolean {\n return url.startsWith('/oauth/callback');\n}\n\n/**\n * If url starts with '/account/saml/callback' means that the user navigated back\n * from sso login, in this scenario no need to SSR refresh token\n */\nexport function isSamlCallback(url: string): boolean {\n return url.startsWith('/account/saml/callback') || url.startsWith('/account/oidc/callback');\n}\n\n/**\n * If the url equals to '/frontegg/auth/{provider}/callback', it means that the SSO provider\n * is posting an http request to the nextjs backend middleware after successfully logged in the user\n */\nexport function isSSOPostRequest(url: string): boolean {\n return url === '/frontegg/auth/saml/callback' || url === '/frontegg/auth/oidc/callback';\n}\n\n/**\n * Checks if the request URL is a refresh token request.\n * This is used to determine if the current request is targeting\n * one of the predefined refresh token URLs (embedded or hosted modes).\n */\nexport function isRefreshTokenRequest(url: string): boolean {\n const refreshTokenUrls = [ApiUrls.refreshToken.embedded, ApiUrls.refreshToken.hosted];\n return refreshTokenUrls.includes(url);\n}\n"],"mappings":";;;;;;;;;;;;;;AAAA,IAAAA,eAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,QAAA,GAAAF,sBAAA,CAAAC,OAAA;AAEA,IAAAE,IAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AAEA,IAAAI,OAAA,GAAAL,sBAAA,CAAAC,OAAA;AACA,IAAAK,KAAA,GAAAL,OAAA;AAEO,SAASM,qBAAqBA,CAACC,OAA4B,EAAW;EAC3E,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAAqC,CAAC,CAAC;EAClF,MAAMC,eAAe,GAAGC,gBAAa,CAACD,eAAe;EACrDJ,MAAM,CAACM,KAAK,CAAE,gBAAeF,eAAgB,qBAAoB,CAAC;EAClE,MAAMG,SAAS,GAAGC,MAAM,CAACC,IAAI,CAACV,OAAO,CAAC,CAACW,IAAI,CAAEC,MAAM,IAAK;IACtD,OAAOA,MAAM,CAACC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,KAAKR,eAAe;EACrD,CAAC,CAAC;EACF,MAAMS,MAAe,GAAGN,SAAS,IAAI,IAAI;EACzCP,MAAM,CAACM,KAAK,CAAE,WAAUF,eAAgB,KAAIS,MAAM,GAAG,QAAQ,GAAG,YAAa,aAAY,CAAC;EAC1F,OAAOA,MAAM;AACf;AAEO,eAAeC,0BAA0BA,CAACC,OAAwB,EAA4B;EACnG,MAAMf,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA0C,CAAC,CAAC;EAEvF,MAAMa,OAAO,GAAGD,OAAO,CAACC,OAAiC;EACzD,MAAMjB,OAAO,GAAIgB,OAAO,CAAoBhB,OAAO;EAEnDC,MAAM,CAACiB,IAAI,CAAC,oCAAoC,CAAC;EACjD,IAAInB,qBAAqB,CAACC,OAAO,CAAC,EAAE;IAClCC,MAAM,CAACiB,IAAI,CAAC,wCAAwC,CAAC;IACrD,IAAIC,eAAM,CAACC,KAAK,EAAE;MAChBH,OAAO,CAAC,mCAAmC,CAAC,GAAGE,eAAM,CAACC,KAAK;IAC7D;IACA,OAAO,MAAMC,YAAG,CAACC,oBAAoB,CAACL,OAAO,CAAC;EAChD;EACA,OAAO,IAAI;AACb;AAEO,eAAeM,6BAA6BA,CAACP,OAAwB,EAA4B;EACtG,MAAMf,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA6C,CAAC,CAAC;EAC1F,MAAMa,OAAO,GAAGD,OAAO,CAACC,OAAiC;EAEzDhB,MAAM,CAACiB,IAAI,CAAC,kCAAkC,CAAC;EAE/C,MAAMM,eAAe,GAAGlB,gBAAa,CAACmB,2BAA2B,CAACT,OAAO,CAAC;EAC1E,IAAI;IACF,MAAMU,MAAM,GAAG,MAAM,IAAAC,2BAAmB,EAACH,eAAe,CAAC;IACzD,IAAI,EAACE,MAAM,YAANA,MAAM,CAAEE,YAAY,GAAE;MACzB3B,MAAM,CAACiB,IAAI,CAAC,yBAAyB,CAAC;MACtC,OAAO,IAAI;IACb;IACA,IAAIC,eAAM,CAACC,KAAK,EAAE;MAChBH,OAAO,CAAC,mCAAmC,CAAC,GAAGE,eAAM,CAACC,KAAK;IAC7D;IACA,IAAID,eAAM,CAACU,gBAAgB,EAAE;MAC3B,MAAMC,QAAQ,GAAGX,eAAM,CAACW,QAAQ;MAChC,MAAMC,YAAY,GAAGZ,eAAM,CAACY,YAAY;MAExC9B,MAAM,CAACiB,IAAI,CAAC,8DAA8D,CAAC;MAC3E,OAAO,MAAMG,YAAG,CAACW,uBAAuB,CAACf,OAAO,EAAES,MAAM,CAACE,YAAY,EAAEE,QAAQ,EAAEC,YAAY,CAAC;IAChG,CAAC,MAAM;MACL9B,MAAM,CAACiB,IAAI,CAAC,6CAA6C,EAAEQ,MAAM,CAACE,YAAY,CAAC;MAC/E,OAAO,MAAMP,YAAG,CAACW,uBAAuB,CAACf,OAAO,EAAES,MAAM,CAACE,YAAY,CAAC;IACxE;EACF,CAAC,CAAC,OAAOK,CAAC,EAAE;IACVhC,MAAM,CAACiC,KAAK,CAACD,CAAC,CAAC;IACf,OAAO,IAAI;EACb;AACF;;AAEA;AACA;AACA;AACA;AACA;AACA;AACO,SAASE,oBAAoBA,CAACC,GAAW,EAAW;EACzD,OAAOA,GAAG,CAACC,UAAU,CAAC,SAAS,CAAC;AAClC;;AAEA;AACA;AACA;AACA;AACO,SAASC,eAAeA,CAACF,GAAW,EAAW;EACpD,OAAOA,GAAG,CAACC,UAAU,CAAC,iBAAiB,CAAC;AAC1C;;AAEA;AACA;AACA;AACA;AACO,SAASE,cAAcA,CAACH,GAAW,EAAW;EACnD,OAAOA,GAAG,CAACC,UAAU,CAAC,wBAAwB,CAAC,IAAID,GAAG,CAACC,UAAU,CAAC,wBAAwB,CAAC;AAC7F;;AAEA;AACA;AACA;AACA;AACO,SAASG,gBAAgBA,CAACJ,GAAW,EAAW;EACrD,OAAOA,GAAG,KAAK,8BAA8B,IAAIA,GAAG,KAAK,8BAA8B;AACzF;;AAEA;AACA;AACA;AACA;AACA;AACO,SAASK,qBAAqBA,CAACL,GAAW,EAAW;EAC1D,MAAMM,gBAAgB,GAAG,CAACC,aAAO,CAACf,YAAY,CAACgB,QAAQ,EAAED,aAAO,CAACf,YAAY,CAACiB,MAAM,CAAC;EACrF,OAAOH,gBAAgB,CAACI,QAAQ,CAACV,GAAG,CAAC;AACvC"}
|
|
@@ -37,7 +37,7 @@ async function refreshAccessTokenIfNeeded(ctx) {
|
|
|
37
37
|
return null;
|
|
38
38
|
}
|
|
39
39
|
try {
|
|
40
|
-
var _ref, _response$headers$raw, _response$headers, _response$headers$raw2, _response$headers2, _response$headers2$ge, _CookieManager$modify, _ctx$res, _data$accessToken;
|
|
40
|
+
var _ref, _ref2, _response$headers$raw, _response$headers, _response$headers$raw2, _response$headers2, _response$headers2$ge, _response$headers3, _response$headers3$ge, _CookieManager$modify, _ctx$res, _data$accessToken;
|
|
41
41
|
logger.info(`Check if should request made from first application load`);
|
|
42
42
|
if ((0, _helpers.isRuntimeNextRequest)(url) || _config.default.disableInitialPropsRefreshToken) {
|
|
43
43
|
logger.debug(`Detect runtime next.js request, resolving existing session from cookies if exists`);
|
|
@@ -55,6 +55,7 @@ async function refreshAccessTokenIfNeeded(ctx) {
|
|
|
55
55
|
logger.debug(`abandon refreshToken for url='/oauth/callback'`);
|
|
56
56
|
return null;
|
|
57
57
|
}
|
|
58
|
+
nextJsRequest.headers['x-original-forwarded-for'] = nextJsRequest.headers['cf-connecting-ip'] || nextJsRequest.headers['x-forwarded-for'] || nextJsRequest.socket.remoteAddress;
|
|
58
59
|
let response;
|
|
59
60
|
if (_config.default.isHostedLogin) {
|
|
60
61
|
response = await (0, _helpers.refreshAccessTokenHostedLogin)(nextJsRequest);
|
|
@@ -72,9 +73,9 @@ async function refreshAccessTokenIfNeeded(ctx) {
|
|
|
72
73
|
return null;
|
|
73
74
|
}
|
|
74
75
|
const data = await response.json();
|
|
75
|
-
|
|
76
|
-
// @ts-ignore the first argument "raw" will only work before nextjs 13.4 and the second argument "getSetCookie" will only work after
|
|
77
|
-
|
|
76
|
+
const cookieHeader = // @ts-ignore the first argument "raw" will only work before nextjs 13.4 and the second argument "getSetCookie" will only work after
|
|
77
|
+
(_ref = (_ref2 = (_response$headers$raw = (_response$headers = response.headers) == null ? void 0 : (_response$headers$raw2 = _response$headers.raw) == null ? void 0 : _response$headers$raw2.call(_response$headers)['set-cookie']) != null ? _response$headers$raw : // @ts-ignore the first argument "raw" will only work before nextjs 13.4 and the second argument "getSetCookie" will only work after
|
|
78
|
+
(_response$headers2 = response.headers) == null ? void 0 : (_response$headers2$ge = _response$headers2.getSetCookie) == null ? void 0 : _response$headers2$ge.call(_response$headers2)) != null ? _ref2 : (_response$headers3 = response.headers) == null ? void 0 : (_response$headers3$ge = _response$headers3.get) == null ? void 0 : _response$headers3$ge.call(_response$headers3, 'set-cookie')) != null ? _ref : [];
|
|
78
79
|
const newSetCookie = (_CookieManager$modify = _cookies.default.modifySetCookie(cookieHeader, isSecured)) != null ? _CookieManager$modify : [];
|
|
79
80
|
const [session, decodedJwt, refreshToken] = await (0, _common.createSessionFromAccessToken)(data);
|
|
80
81
|
if (!session) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":["_common","require","_config","_interopRequireDefault","_cookies","_helpers","_fronteggLogger","_encryption","_createSession","refreshAccessTokenIfNeeded","ctx","logger","fronteggLogger","child","tag","info","pathname","nextJsRequest","req","nextJsResponse","res","url","debug","_ref","_response$headers$raw","_response$headers","_response$headers$raw2","_response$headers2","_response$headers2$ge","_CookieManager$modify","_ctx$res","_data$accessToken","isRuntimeNextRequest","config","disableInitialPropsRefreshToken","cookies","CookieManager","getSessionCookieFromRequest","session","createSession","encryption","isOauthCallback","isSamlCallback","response","isHostedLogin","refreshAccessTokenHostedLogin","refreshAccessTokenEmbedded","isSecured","isSSL","ok","removeCookies","cookieDomain","data","json","cookieHeader","
|
|
1
|
+
{"version":3,"file":"index.js","names":["_common","require","_config","_interopRequireDefault","_cookies","_helpers","_fronteggLogger","_encryption","_createSession","refreshAccessTokenIfNeeded","ctx","logger","fronteggLogger","child","tag","info","pathname","nextJsRequest","req","nextJsResponse","res","url","debug","_ref","_ref2","_response$headers$raw","_response$headers","_response$headers$raw2","_response$headers2","_response$headers2$ge","_response$headers3","_response$headers3$ge","_CookieManager$modify","_ctx$res","_data$accessToken","isRuntimeNextRequest","config","disableInitialPropsRefreshToken","cookies","CookieManager","getSessionCookieFromRequest","session","createSession","encryption","isOauthCallback","isSamlCallback","headers","socket","remoteAddress","response","isHostedLogin","refreshAccessTokenHostedLogin","refreshAccessTokenEmbedded","isSecured","isSSL","ok","removeCookies","cookieDomain","data","json","cookieHeader","raw","call","getSetCookie","get","newSetCookie","modifySetCookie","decodedJwt","refreshToken","createSessionFromAccessToken","cookieValue","create","value","expires","Date","exp","secure","push","setHeader","accessToken","access_token","user","e","error"],"sources":["../../../../../packages/nextjs/src/utils/refreshAccessTokenIfNeeded/index.ts"],"sourcesContent":["import type { NextPageContext } from 'next/dist/shared/lib/utils';\nimport type { FronteggNextJSSession } from '../../types';\nimport { createSessionFromAccessToken } from '../../common';\nimport config from '../../config';\nimport CookieManager from '../cookies';\nimport {\n isOauthCallback,\n isRuntimeNextRequest,\n isSamlCallback,\n refreshAccessTokenEmbedded,\n refreshAccessTokenHostedLogin,\n} from './helpers';\nimport fronteggLogger from '../fronteggLogger';\nimport encryption from '../encryption';\nimport createSession from '../createSession';\n\nexport { isRuntimeNextRequest };\n/**\n * Refreshes the access token for the current session.\n *\n * @param {NextPageContext} ctx - The Next.js Page Context object.\n * @returns {Promise<FronteggNextJSSession | null>} A Promise that resolves to the updated session object, or `null` if the refresh failed.\n */\nexport default async function refreshAccessTokenIfNeeded(ctx: NextPageContext): Promise<FronteggNextJSSession | null> {\n const logger = fronteggLogger.child({ tag: 'refreshAccessTokenIfNeeded' });\n logger.info(`Refreshing token by for PageContext ${ctx.pathname}`);\n const nextJsRequest = ctx.req;\n const nextJsResponse = ctx.res;\n const url = nextJsRequest?.url;\n if (!nextJsResponse || !nextJsRequest || !url) {\n logger.debug(`abandon refreshToken due to PageContext.req = null`);\n return null;\n }\n\n try {\n logger.info(`Check if should request made from first application load`);\n\n if (isRuntimeNextRequest(url) || config.disableInitialPropsRefreshToken) {\n logger.debug(`Detect runtime next.js request, resolving existing session from cookies if exists`);\n\n const cookies = CookieManager.getSessionCookieFromRequest(nextJsRequest);\n const session = await createSession(cookies, encryption);\n\n if (session) {\n logger.debug(`session resolved from session cookie`);\n return session;\n } else {\n logger.info('Failed to resolve session from cookie, going to refresh token');\n }\n }\n\n if (isOauthCallback(url) || isSamlCallback(url)) {\n /* Prevent refresh token due to oauth login callback */\n logger.debug(`abandon refreshToken for url='/oauth/callback'`);\n return null;\n }\n\n nextJsRequest.headers['x-original-forwarded-for'] =\n nextJsRequest.headers['cf-connecting-ip'] ||\n nextJsRequest.headers['x-forwarded-for'] ||\n nextJsRequest.socket.remoteAddress;\n\n let response: Response | null;\n if (config.isHostedLogin) {\n response = await refreshAccessTokenHostedLogin(nextJsRequest);\n } else {\n response = await refreshAccessTokenEmbedded(nextJsRequest);\n }\n\n const isSecured = config.isSSL;\n if (response === null || !response.ok) {\n CookieManager.removeCookies({\n cookieDomain: config.cookieDomain,\n isSecured,\n req: nextJsRequest,\n res: nextJsResponse,\n });\n return null;\n }\n\n const data = await response.json();\n\n const cookieHeader: string[] =\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n response.headers?.raw?.()['set-cookie'] ??\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n response.headers?.getSetCookie?.() ??\n response.headers?.get?.('set-cookie') ??\n [];\n\n const newSetCookie = CookieManager.modifySetCookie(cookieHeader, isSecured) ?? [];\n const [session, decodedJwt, refreshToken] = await createSessionFromAccessToken(data);\n\n if (!session) {\n return null;\n }\n const cookieValue = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n req: nextJsRequest,\n });\n newSetCookie.push(...cookieValue);\n ctx.res?.setHeader('set-cookie', newSetCookie);\n\n return {\n accessToken: data.accessToken ?? data.access_token,\n user: decodedJwt,\n refreshToken,\n };\n } catch (e) {\n logger.error('[refreshToken] Failed to create session e', e);\n return null;\n }\n}\n"],"mappings":";;;;;;;;;;;;;AAEA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,QAAA,GAAAD,sBAAA,CAAAF,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AAOA,IAAAK,eAAA,GAAAH,sBAAA,CAAAF,OAAA;AACA,IAAAM,WAAA,GAAAJ,sBAAA,CAAAF,OAAA;AACA,IAAAO,cAAA,GAAAL,sBAAA,CAAAF,OAAA;AAGA;AACA;AACA;AACA;AACA;AACA;AACe,eAAeQ,0BAA0BA,CAACC,GAAoB,EAAyC;EACpH,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA6B,CAAC,CAAC;EAC1EH,MAAM,CAACI,IAAI,CAAE,uCAAsCL,GAAG,CAACM,QAAS,EAAC,CAAC;EAClE,MAAMC,aAAa,GAAGP,GAAG,CAACQ,GAAG;EAC7B,MAAMC,cAAc,GAAGT,GAAG,CAACU,GAAG;EAC9B,MAAMC,GAAG,GAAGJ,aAAa,oBAAbA,aAAa,CAAEI,GAAG;EAC9B,IAAI,CAACF,cAAc,IAAI,CAACF,aAAa,IAAI,CAACI,GAAG,EAAE;IAC7CV,MAAM,CAACW,KAAK,CAAE,oDAAmD,CAAC;IAClE,OAAO,IAAI;EACb;EAEA,IAAI;IAAA,IAAAC,IAAA,EAAAC,KAAA,EAAAC,qBAAA,EAAAC,iBAAA,EAAAC,sBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,QAAA,EAAAC,iBAAA;IACFvB,MAAM,CAACI,IAAI,CAAE,0DAAyD,CAAC;IAEvE,IAAI,IAAAoB,6BAAoB,EAACd,GAAG,CAAC,IAAIe,eAAM,CAACC,+BAA+B,EAAE;MACvE1B,MAAM,CAACW,KAAK,CAAE,mFAAkF,CAAC;MAEjG,MAAMgB,OAAO,GAAGC,gBAAa,CAACC,2BAA2B,CAACvB,aAAa,CAAC;MACxE,MAAMwB,OAAO,GAAG,MAAM,IAAAC,sBAAa,EAACJ,OAAO,EAAEK,mBAAU,CAAC;MAExD,IAAIF,OAAO,EAAE;QACX9B,MAAM,CAACW,KAAK,CAAE,sCAAqC,CAAC;QACpD,OAAOmB,OAAO;MAChB,CAAC,MAAM;QACL9B,MAAM,CAACI,IAAI,CAAC,+DAA+D,CAAC;MAC9E;IACF;IAEA,IAAI,IAAA6B,wBAAe,EAACvB,GAAG,CAAC,IAAI,IAAAwB,uBAAc,EAACxB,GAAG,CAAC,EAAE;MAC/C;MACAV,MAAM,CAACW,KAAK,CAAE,gDAA+C,CAAC;MAC9D,OAAO,IAAI;IACb;IAEAL,aAAa,CAAC6B,OAAO,CAAC,0BAA0B,CAAC,GAC/C7B,aAAa,CAAC6B,OAAO,CAAC,kBAAkB,CAAC,IACzC7B,aAAa,CAAC6B,OAAO,CAAC,iBAAiB,CAAC,IACxC7B,aAAa,CAAC8B,MAAM,CAACC,aAAa;IAEpC,IAAIC,QAAyB;IAC7B,IAAIb,eAAM,CAACc,aAAa,EAAE;MACxBD,QAAQ,GAAG,MAAM,IAAAE,sCAA6B,EAAClC,aAAa,CAAC;IAC/D,CAAC,MAAM;MACLgC,QAAQ,GAAG,MAAM,IAAAG,mCAA0B,EAACnC,aAAa,CAAC;IAC5D;IAEA,MAAMoC,SAAS,GAAGjB,eAAM,CAACkB,KAAK;IAC9B,IAAIL,QAAQ,KAAK,IAAI,IAAI,CAACA,QAAQ,CAACM,EAAE,EAAE;MACrChB,gBAAa,CAACiB,aAAa,CAAC;QAC1BC,YAAY,EAAErB,eAAM,CAACqB,YAAY;QACjCJ,SAAS;QACTnC,GAAG,EAAED,aAAa;QAClBG,GAAG,EAAED;MACP,CAAC,CAAC;MACF,OAAO,IAAI;IACb;IAEA,MAAMuC,IAAI,GAAG,MAAMT,QAAQ,CAACU,IAAI,EAAE;IAElC,MAAMC,YAAsB,GAC1B;IAAA,CAAArC,IAAA,IAAAC,KAAA,IAAAC,qBAAA,IAAAC,iBAAA,GACAuB,QAAQ,CAACH,OAAO,sBAAAnB,sBAAA,GAAhBD,iBAAA,CAAkBmC,GAAG,qBAArBlC,sBAAA,CAAAmC,IAAA,CAAApC,iBAAA,CAAyB,CAAC,YAAY,CAAC,YAAAD,qBAAA,GACvC;IAAA,CAAAG,kBAAA,GACAqB,QAAQ,CAACH,OAAO,sBAAAjB,qBAAA,GAAhBD,kBAAA,CAAkBmC,YAAY,qBAA9BlC,qBAAA,CAAAiC,IAAA,CAAAlC,kBAAA,CAAkC,YAAAJ,KAAA,IAAAM,kBAAA,GAClCmB,QAAQ,CAACH,OAAO,sBAAAf,qBAAA,GAAhBD,kBAAA,CAAkBkC,GAAG,qBAArBjC,qBAAA,CAAA+B,IAAA,CAAAhC,kBAAA,EAAwB,YAAY,CAAC,YAAAP,IAAA,GACrC,EAAE;IAEJ,MAAM0C,YAAY,IAAAjC,qBAAA,GAAGO,gBAAa,CAAC2B,eAAe,CAACN,YAAY,EAAEP,SAAS,CAAC,YAAArB,qBAAA,GAAI,EAAE;IACjF,MAAM,CAACS,OAAO,EAAE0B,UAAU,EAAEC,YAAY,CAAC,GAAG,MAAM,IAAAC,oCAA4B,EAACX,IAAI,CAAC;IAEpF,IAAI,CAACjB,OAAO,EAAE;MACZ,OAAO,IAAI;IACb;IACA,MAAM6B,WAAW,GAAG/B,gBAAa,CAACgC,MAAM,CAAC;MACvCC,KAAK,EAAE/B,OAAO;MACdgC,OAAO,EAAE,IAAIC,IAAI,CAACP,UAAU,CAACQ,GAAG,GAAG,IAAI,CAAC;MACxCC,MAAM,EAAEvB,SAAS;MACjBnC,GAAG,EAAED;IACP,CAAC,CAAC;IACFgD,YAAY,CAACY,IAAI,CAAC,GAAGP,WAAW,CAAC;IACjC,CAAArC,QAAA,GAAAvB,GAAG,CAACU,GAAG,qBAAPa,QAAA,CAAS6C,SAAS,CAAC,YAAY,EAAEb,YAAY,CAAC;IAE9C,OAAO;MACLc,WAAW,GAAA7C,iBAAA,GAAEwB,IAAI,CAACqB,WAAW,YAAA7C,iBAAA,GAAIwB,IAAI,CAACsB,YAAY;MAClDC,IAAI,EAAEd,UAAU;MAChBC;IACF,CAAC;EACH,CAAC,CAAC,OAAOc,CAAC,EAAE;IACVvE,MAAM,CAACwE,KAAK,CAAC,2CAA2C,EAAED,CAAC,CAAC;IAC5D,OAAO,IAAI;EACb;AACF"}
|