@frontegg/nextjs 9.2.2-alpha.13033875737 → 9.2.2-alpha.13540668007

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (21) hide show
  1. package/api/utils.d.ts +1 -1
  2. package/api/utils.js +4 -4
  3. package/api/utils.js.map +1 -1
  4. package/app/FronteggAppProvider.js +1 -0
  5. package/app/FronteggAppProvider.js.map +1 -1
  6. package/config/constants.d.ts +7 -1
  7. package/config/constants.js +1 -0
  8. package/config/constants.js.map +1 -1
  9. package/config/index.d.ts +1 -0
  10. package/config/index.js +16 -5
  11. package/config/index.js.map +1 -1
  12. package/edge/getSessionOnEdge.js +2 -2
  13. package/edge/getSessionOnEdge.js.map +1 -1
  14. package/index.js +1 -1
  15. package/middleware/ProxyRequestCallback.js +2 -2
  16. package/middleware/ProxyRequestCallback.js.map +1 -1
  17. package/package.json +1 -1
  18. package/sdkVersion.js +1 -1
  19. package/sdkVersion.js.map +1 -1
  20. package/utils/refreshAccessTokenIfNeeded/index.js +2 -2
  21. package/utils/refreshAccessTokenIfNeeded/index.js.map +1 -1
package/api/utils.d.ts CHANGED
@@ -23,7 +23,7 @@ export declare function removeInvalidHeaders(headers: Record<string, string>): {
23
23
  */
24
24
  export declare const CUSTOM_LOGIN_HEADER = "frontegg-login-alias";
25
25
  export declare const FRONTEGG_FORWARD_IP_HEADER = "x-frontegg-forwarded-for";
26
- export declare const FRONTEGG_CLIENT_SECRET_HEADER = "x-frontegg-client-secret";
26
+ export declare const FRONTEGG_HEADERS_VERIFIER_HEADER = "x-frontegg-headers-verifier";
27
27
  export declare const FRONTEGG_APPLICATION_ID_HEADER = "frontegg-requested-application-id";
28
28
  /**
29
29
  * Build fetch request headers, remove invalid http headers
package/api/utils.js CHANGED
@@ -4,7 +4,7 @@ var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefau
4
4
  Object.defineProperty(exports, "__esModule", {
5
5
  value: true
6
6
  });
7
- exports.Post = exports.Get = exports.FRONTEGG_FORWARD_IP_HEADER = exports.FRONTEGG_CLIENT_SECRET_HEADER = exports.FRONTEGG_APPLICATION_ID_HEADER = exports.CUSTOM_LOGIN_HEADER = void 0;
7
+ exports.Post = exports.Get = exports.FRONTEGG_HEADERS_VERIFIER_HEADER = exports.FRONTEGG_FORWARD_IP_HEADER = exports.FRONTEGG_APPLICATION_ID_HEADER = exports.CUSTOM_LOGIN_HEADER = void 0;
8
8
  exports.buildRequestHeaders = buildRequestHeaders;
9
9
  exports.isMiddlewarePath = isMiddlewarePath;
10
10
  exports.parseHttpResponse = void 0;
@@ -67,7 +67,7 @@ function removeInvalidHeaders(headers) {
67
67
  */
68
68
  const CUSTOM_LOGIN_HEADER = exports.CUSTOM_LOGIN_HEADER = 'frontegg-login-alias';
69
69
  const FRONTEGG_FORWARD_IP_HEADER = exports.FRONTEGG_FORWARD_IP_HEADER = 'x-frontegg-forwarded-for';
70
- const FRONTEGG_CLIENT_SECRET_HEADER = exports.FRONTEGG_CLIENT_SECRET_HEADER = 'x-frontegg-client-secret';
70
+ const FRONTEGG_HEADERS_VERIFIER_HEADER = exports.FRONTEGG_HEADERS_VERIFIER_HEADER = 'x-frontegg-headers-verifier';
71
71
  const FRONTEGG_APPLICATION_ID_HEADER = exports.FRONTEGG_APPLICATION_ID_HEADER = 'frontegg-requested-application-id';
72
72
 
73
73
  /**
@@ -115,9 +115,9 @@ function buildRequestHeaders(headers) {
115
115
  }
116
116
  const clientIp = headers[FRONTEGG_FORWARD_IP_HEADER] || headers['cf-connecting-ip'] || headers['x-forwarded-for'];
117
117
  if (clientIp && _config.default.shouldForwardIp) {
118
- var _config$clientSecret;
118
+ var _config$sharedSecret;
119
119
  preparedHeaders[FRONTEGG_FORWARD_IP_HEADER] = clientIp;
120
- preparedHeaders[FRONTEGG_CLIENT_SECRET_HEADER] = (_config$clientSecret = _config.default.clientSecret) != null ? _config$clientSecret : '';
120
+ preparedHeaders[FRONTEGG_HEADERS_VERIFIER_HEADER] = (_config$sharedSecret = _config.default.sharedSecret) != null ? _config$sharedSecret : '';
121
121
  }
122
122
  if (headers[CUSTOM_LOGIN_HEADER]) {
123
123
  preparedHeaders[CUSTOM_LOGIN_HEADER] = headers[CUSTOM_LOGIN_HEADER];
package/api/utils.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"utils.js","names":["_config","_interopRequireDefault","require","_sdkVersion","_package","_restApi","_constants","Get","url","credentials","headers","fetch","method","exports","Post","body","removeInvalidHeaders","newHeaders","_extends2","default","Object","keys","forEach","key","val","Array","isArray","headerCharRegex","exec","undefined","length","CUSTOM_LOGIN_HEADER","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_CLIENT_SECRET_HEADER","FRONTEGG_APPLICATION_ID_HEADER","buildRequestHeaders","cookie","replace","config","rewriteCookieByAppId","appId","split","filter","cookieStr","trim","startsWith","clientId","join","entries","map","value","preparedHeaders","authorization","accept","origin","baseUrl","nextjsPkg","version","sdkVersion","clientIp","shouldForwardIp","_config$clientSecret","clientSecret","parseHttpResponse","res","ok","json","isMiddlewarePath","path","isAuthPath","fronteggAuthApiRoutesRegex","find","pathRegex","RegExp","test","isSocialLoginPath","endsWith"],"sources":["../../../../packages/nextjs/src/api/utils.ts"],"sourcesContent":["import config from '../config';\nimport sdkVersion from '../sdkVersion';\nimport nextjsPkg from 'next/package.json';\nimport { fronteggAuthApiRoutesRegex } from '@frontegg/rest-api';\nimport { headerCharRegex } from '../utils/common/constants';\n\ninterface GetRequestOptions {\n url: string;\n credentials?: RequestCredentials;\n headers?: HeadersInit;\n}\n\nexport const Get = ({ url, credentials = 'include', headers }: GetRequestOptions) =>\n fetch(url, { method: 'GET', credentials, headers });\n\ninterface PostRequestOptions extends GetRequestOptions {\n body: string;\n}\n\nexport const Post = ({ url, credentials = 'include', headers, body }: PostRequestOptions) =>\n fetch(url, { method: 'POST', credentials, headers, body });\n\n/**\n * NodeJS 18 start using undici as http request handler,\n * undici http request does not accept invalid headers\n * for more details see:\n * https://github.com/nodejs/undici/blob/2b260c997ad4efe4ed2064b264b4b546a59e7a67/lib/core/request.js#L282\n * @param headers\n */\nexport function removeInvalidHeaders(headers: Record<string, string>) {\n const newHeaders = { ...headers };\n Object.keys(newHeaders).forEach((key: string) => {\n const val: any = headers[key];\n if (val && typeof val === 'object' && !Array.isArray(val)) {\n delete newHeaders[key];\n } else if (headerCharRegex.exec(val) !== null) {\n delete newHeaders[key];\n } else if (val === undefined || val === null) {\n delete newHeaders[key];\n } else if (key.length === 10 && key === 'connection') {\n delete newHeaders[key];\n }\n });\n return newHeaders;\n}\n\n/**\n * These headers are used to identify the tenant for login per tenant feature\n */\nexport const CUSTOM_LOGIN_HEADER = 'frontegg-login-alias';\nexport const FRONTEGG_FORWARD_IP_HEADER = 'x-frontegg-forwarded-for';\nexport const FRONTEGG_CLIENT_SECRET_HEADER = 'x-frontegg-client-secret';\nexport const FRONTEGG_APPLICATION_ID_HEADER = 'frontegg-requested-application-id';\n\n/**\n * Build fetch request headers, remove invalid http headers\n * @param headers - Incoming request headers\n */\nexport function buildRequestHeaders(headers: Record<string, any>): Record<string, string> {\n let cookie = headers['cookie'];\n if (cookie != null && typeof cookie === 'string') {\n cookie = cookie.replace(/fe_session-[^=]*=[^;]*$/, '').replace(/fe_session-[^=]*=[^;]*;/, '');\n\n if (config.rewriteCookieByAppId && config.appId) {\n cookie = cookie\n .split(';')\n .filter((cookieStr: string) => !cookieStr.trim().startsWith(`fe_refresh_${config.clientId.replace('-', '')}`))\n .join(';');\n cookie = cookie.replace(\n `fe_refresh_${config.appId.replace('-', '')}`,\n `fe_refresh_${config.clientId.replace('-', '')}`\n );\n }\n }\n if (cookie != null && typeof cookie === 'object') {\n cookie = Object.entries(cookie)\n .filter(([key]) => {\n if (config.rewriteCookieByAppId && config.appId) {\n return key !== `fe_refresh_${config.clientId.replace('-', '')}`;\n }\n return true;\n })\n .map(([key, value]) => {\n if (config.rewriteCookieByAppId && config.appId && key === `fe_refresh_${config.appId.replace('-', '')}`) {\n return `fe_refresh_${config.clientId.replace('-', '')}=${value}`;\n } else {\n return `${key}=${value}`;\n }\n })\n .join('; ');\n }\n\n const preparedHeaders: Record<string, string> = {\n authorization: headers['authorization'],\n 'accept-encoding': headers['accept-encoding'],\n 'accept-language': headers['accept-language'],\n accept: headers['accept'],\n 'content-type': 'application/json',\n origin: config.baseUrl,\n cookie,\n 'user-agent': headers['user-agent'],\n 'cache-control': headers['cache-control'],\n 'x-frontegg-framework': `next@${nextjsPkg.version}`,\n 'x-frontegg-sdk': `@frontegg/nextjs@${sdkVersion.version}`,\n };\n\n if (headers[FRONTEGG_APPLICATION_ID_HEADER]) {\n preparedHeaders[FRONTEGG_APPLICATION_ID_HEADER] = headers[FRONTEGG_APPLICATION_ID_HEADER];\n }\n\n const clientIp = headers[FRONTEGG_FORWARD_IP_HEADER] || headers['cf-connecting-ip'] || headers['x-forwarded-for'];\n if (clientIp && config.shouldForwardIp) {\n preparedHeaders[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n preparedHeaders[FRONTEGG_CLIENT_SECRET_HEADER] = config.clientSecret ?? '';\n }\n\n if (headers[CUSTOM_LOGIN_HEADER]) {\n preparedHeaders[CUSTOM_LOGIN_HEADER] = headers[CUSTOM_LOGIN_HEADER];\n }\n return removeInvalidHeaders({ ...preparedHeaders });\n}\n\n/**\n * Return parsed json response if http status code = 200\n * @param res\n */\nexport const parseHttpResponse = async <T>(res: Response): Promise<T | undefined> => {\n if (!res.ok) {\n return undefined;\n }\n return await res.json();\n};\n\n/**\n * Checks if the given path should be forwarded to the Next.js server middleware.\n *\n *\n * @param {string} path - The path to check for authentication API routes.\n * @returns {boolean} Returns true if the path is a frontegg authentication API route or ends with '/postlogin' or '/prelogin'; otherwise, returns false.\n */\nexport function isMiddlewarePath(path: string): boolean {\n let isAuthPath =\n fronteggAuthApiRoutesRegex.find((pathRegex) => {\n if (typeof pathRegex === 'string') {\n return pathRegex === path;\n } else {\n return new RegExp(pathRegex).test(path);\n }\n }) != null;\n\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/user\\/sso\\/[^\\/]*\\/postlogin$/g.test(path)\n // }\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/passwordless\\/[^\\/]*\\/prelogin$/g.test(path)\n // }\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/[^\\/]*\\/prelogin$/g.test(path)\n // }\n\n if (!isAuthPath) {\n const isSocialLoginPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/user\\/sso\\/default\\/[^\\/]*\\/prelogin$/.test(path);\n isAuthPath = (path.endsWith('/postlogin') || path.endsWith('/prelogin')) && !isSocialLoginPath;\n }\n\n return isAuthPath;\n}\n"],"mappings":";;;;;;;;;;;;AAAA,IAAAA,OAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,WAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,QAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,QAAA,GAAAH,OAAA;AACA,IAAAI,UAAA,GAAAJ,OAAA;AAQO,MAAMK,GAAG,GAAGA,CAAC;EAAEC,GAAG;EAAEC,WAAW,GAAG,SAAS;EAAEC;AAA2B,CAAC,KAC9EC,KAAK,CAACH,GAAG,EAAE;EAAEI,MAAM,EAAE,KAAK;EAAEH,WAAW;EAAEC;AAAQ,CAAC,CAAC;AAACG,OAAA,CAAAN,GAAA,GAAAA,GAAA;AAM/C,MAAMO,IAAI,GAAGA,CAAC;EAAEN,GAAG;EAAEC,WAAW,GAAG,SAAS;EAAEC,OAAO;EAAEK;AAAyB,CAAC,KACtFJ,KAAK,CAACH,GAAG,EAAE;EAAEI,MAAM,EAAE,MAAM;EAAEH,WAAW;EAAEC,OAAO;EAAEK;AAAK,CAAC,CAAC;;AAE5D;AACA;AACA;AACA;AACA;AACA;AACA;AANAF,OAAA,CAAAC,IAAA,GAAAA,IAAA;AAOO,SAASE,oBAAoBA,CAACN,OAA+B,EAAE;EACpE,MAAMO,UAAU,OAAAC,SAAA,CAAAC,OAAA,MAAQT,OAAO,CAAE;EACjCU,MAAM,CAACC,IAAI,CAACJ,UAAU,CAAC,CAACK,OAAO,CAAEC,GAAW,IAAK;IAC/C,MAAMC,GAAQ,GAAGd,OAAO,CAACa,GAAG,CAAC;IAC7B,IAAIC,GAAG,IAAI,OAAOA,GAAG,KAAK,QAAQ,IAAI,CAACC,KAAK,CAACC,OAAO,CAACF,GAAG,CAAC,EAAE;MACzD,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAII,0BAAe,CAACC,IAAI,CAACJ,GAAG,CAAC,KAAK,IAAI,EAAE;MAC7C,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAIC,GAAG,KAAKK,SAAS,IAAIL,GAAG,KAAK,IAAI,EAAE;MAC5C,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAIA,GAAG,CAACO,MAAM,KAAK,EAAE,IAAIP,GAAG,KAAK,YAAY,EAAE;MACpD,OAAON,UAAU,CAACM,GAAG,CAAC;IACxB;EACF,CAAC,CAAC;EACF,OAAON,UAAU;AACnB;;AAEA;AACA;AACA;AACO,MAAMc,mBAAmB,GAAAlB,OAAA,CAAAkB,mBAAA,GAAG,sBAAsB;AAClD,MAAMC,0BAA0B,GAAAnB,OAAA,CAAAmB,0BAAA,GAAG,0BAA0B;AAC7D,MAAMC,6BAA6B,GAAApB,OAAA,CAAAoB,6BAAA,GAAG,0BAA0B;AAChE,MAAMC,8BAA8B,GAAArB,OAAA,CAAAqB,8BAAA,GAAG,mCAAmC;;AAEjF;AACA;AACA;AACA;AACO,SAASC,mBAAmBA,CAACzB,OAA4B,EAA0B;EACxF,IAAI0B,MAAM,GAAG1B,OAAO,CAAC,QAAQ,CAAC;EAC9B,IAAI0B,MAAM,IAAI,IAAI,IAAI,OAAOA,MAAM,KAAK,QAAQ,EAAE;IAChDA,MAAM,GAAGA,MAAM,CAACC,OAAO,CAAC,yBAAyB,EAAE,EAAE,CAAC,CAACA,OAAO,CAAC,yBAAyB,EAAE,EAAE,CAAC;IAE7F,IAAIC,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,EAAE;MAC/CJ,MAAM,GAAGA,MAAM,CACZK,KAAK,CAAC,GAAG,CAAC,CACVC,MAAM,CAAEC,SAAiB,IAAK,CAACA,SAAS,CAACC,IAAI,CAAC,CAAC,CAACC,UAAU,CAAC,cAAcP,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAC7GU,IAAI,CAAC,GAAG,CAAC;MACZX,MAAM,GAAGA,MAAM,CAACC,OAAO,CACrB,cAAcC,eAAM,CAACE,KAAK,CAACH,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAC7C,cAAcC,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAChD,CAAC;IACH;EACF;EACA,IAAID,MAAM,IAAI,IAAI,IAAI,OAAOA,MAAM,KAAK,QAAQ,EAAE;IAChDA,MAAM,GAAGhB,MAAM,CAAC4B,OAAO,CAACZ,MAAM,CAAC,CAC5BM,MAAM,CAAC,CAAC,CAACnB,GAAG,CAAC,KAAK;MACjB,IAAIe,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,EAAE;QAC/C,OAAOjB,GAAG,KAAK,cAAce,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;MACjE;MACA,OAAO,IAAI;IACb,CAAC,CAAC,CACDY,GAAG,CAAC,CAAC,CAAC1B,GAAG,EAAE2B,KAAK,CAAC,KAAK;MACrB,IAAIZ,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,IAAIjB,GAAG,KAAK,cAAce,eAAM,CAACE,KAAK,CAACH,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;QACxG,OAAO,cAAcC,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,IAAIa,KAAK,EAAE;MAClE,CAAC,MAAM;QACL,OAAO,GAAG3B,GAAG,IAAI2B,KAAK,EAAE;MAC1B;IACF,CAAC,CAAC,CACDH,IAAI,CAAC,IAAI,CAAC;EACf;EAEA,MAAMI,eAAuC,GAAG;IAC9CC,aAAa,EAAE1C,OAAO,CAAC,eAAe,CAAC;IACvC,iBAAiB,EAAEA,OAAO,CAAC,iBAAiB,CAAC;IAC7C,iBAAiB,EAAEA,OAAO,CAAC,iBAAiB,CAAC;IAC7C2C,MAAM,EAAE3C,OAAO,CAAC,QAAQ,CAAC;IACzB,cAAc,EAAE,kBAAkB;IAClC4C,MAAM,EAAEhB,eAAM,CAACiB,OAAO;IACtBnB,MAAM;IACN,YAAY,EAAE1B,OAAO,CAAC,YAAY,CAAC;IACnC,eAAe,EAAEA,OAAO,CAAC,eAAe,CAAC;IACzC,sBAAsB,EAAE,QAAQ8C,gBAAS,CAACC,OAAO,EAAE;IACnD,gBAAgB,EAAE,oBAAoBC,mBAAU,CAACD,OAAO;EAC1D,CAAC;EAED,IAAI/C,OAAO,CAACwB,8BAA8B,CAAC,EAAE;IAC3CiB,eAAe,CAACjB,8BAA8B,CAAC,GAAGxB,OAAO,CAACwB,8BAA8B,CAAC;EAC3F;EAEA,MAAMyB,QAAQ,GAAGjD,OAAO,CAACsB,0BAA0B,CAAC,IAAItB,OAAO,CAAC,kBAAkB,CAAC,IAAIA,OAAO,CAAC,iBAAiB,CAAC;EACjH,IAAIiD,QAAQ,IAAIrB,eAAM,CAACsB,eAAe,EAAE;IAAA,IAAAC,oBAAA;IACtCV,eAAe,CAACnB,0BAA0B,CAAC,GAAG2B,QAAQ;IACtDR,eAAe,CAAClB,6BAA6B,CAAC,IAAA4B,oBAAA,GAAGvB,eAAM,CAACwB,YAAY,YAAAD,oBAAA,GAAI,EAAE;EAC5E;EAEA,IAAInD,OAAO,CAACqB,mBAAmB,CAAC,EAAE;IAChCoB,eAAe,CAACpB,mBAAmB,CAAC,GAAGrB,OAAO,CAACqB,mBAAmB,CAAC;EACrE;EACA,OAAOf,oBAAoB,KAAAE,SAAA,CAAAC,OAAA,MAAMgC,eAAe,CAAE,CAAC;AACrD;;AAEA;AACA;AACA;AACA;AACO,MAAMY,iBAAiB,GAAG,MAAUC,GAAa,IAA6B;EACnF,IAAI,CAACA,GAAG,CAACC,EAAE,EAAE;IACX,OAAOpC,SAAS;EAClB;EACA,OAAO,MAAMmC,GAAG,CAACE,IAAI,CAAC,CAAC;AACzB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANArD,OAAA,CAAAkD,iBAAA,GAAAA,iBAAA;AAOO,SAASI,gBAAgBA,CAACC,IAAY,EAAW;EACtD,IAAIC,UAAU,GACZC,mCAA0B,CAACC,IAAI,CAAEC,SAAS,IAAK;IAC7C,IAAI,OAAOA,SAAS,KAAK,QAAQ,EAAE;MACjC,OAAOA,SAAS,KAAKJ,IAAI;IAC3B,CAAC,MAAM;MACL,OAAO,IAAIK,MAAM,CAACD,SAAS,CAAC,CAACE,IAAI,CAACN,IAAI,CAAC;IACzC;EACF,CAAC,CAAC,IAAI,IAAI;;EAEZ;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,IAAI,CAACC,UAAU,EAAE;IACf,MAAMM,iBAAiB,GAAG,8EAA8E,CAACD,IAAI,CAACN,IAAI,CAAC;IACnHC,UAAU,GAAG,CAACD,IAAI,CAACQ,QAAQ,CAAC,YAAY,CAAC,IAAIR,IAAI,CAACQ,QAAQ,CAAC,WAAW,CAAC,KAAK,CAACD,iBAAiB;EAChG;EAEA,OAAON,UAAU;AACnB","ignoreList":[]}
1
+ {"version":3,"file":"utils.js","names":["_config","_interopRequireDefault","require","_sdkVersion","_package","_restApi","_constants","Get","url","credentials","headers","fetch","method","exports","Post","body","removeInvalidHeaders","newHeaders","_extends2","default","Object","keys","forEach","key","val","Array","isArray","headerCharRegex","exec","undefined","length","CUSTOM_LOGIN_HEADER","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","FRONTEGG_APPLICATION_ID_HEADER","buildRequestHeaders","cookie","replace","config","rewriteCookieByAppId","appId","split","filter","cookieStr","trim","startsWith","clientId","join","entries","map","value","preparedHeaders","authorization","accept","origin","baseUrl","nextjsPkg","version","sdkVersion","clientIp","shouldForwardIp","_config$sharedSecret","sharedSecret","parseHttpResponse","res","ok","json","isMiddlewarePath","path","isAuthPath","fronteggAuthApiRoutesRegex","find","pathRegex","RegExp","test","isSocialLoginPath","endsWith"],"sources":["../../../../packages/nextjs/src/api/utils.ts"],"sourcesContent":["import config from '../config';\nimport sdkVersion from '../sdkVersion';\nimport nextjsPkg from 'next/package.json';\nimport { fronteggAuthApiRoutesRegex } from '@frontegg/rest-api';\nimport { headerCharRegex } from '../utils/common/constants';\n\ninterface GetRequestOptions {\n url: string;\n credentials?: RequestCredentials;\n headers?: HeadersInit;\n}\n\nexport const Get = ({ url, credentials = 'include', headers }: GetRequestOptions) =>\n fetch(url, { method: 'GET', credentials, headers });\n\ninterface PostRequestOptions extends GetRequestOptions {\n body: string;\n}\n\nexport const Post = ({ url, credentials = 'include', headers, body }: PostRequestOptions) =>\n fetch(url, { method: 'POST', credentials, headers, body });\n\n/**\n * NodeJS 18 start using undici as http request handler,\n * undici http request does not accept invalid headers\n * for more details see:\n * https://github.com/nodejs/undici/blob/2b260c997ad4efe4ed2064b264b4b546a59e7a67/lib/core/request.js#L282\n * @param headers\n */\nexport function removeInvalidHeaders(headers: Record<string, string>) {\n const newHeaders = { ...headers };\n Object.keys(newHeaders).forEach((key: string) => {\n const val: any = headers[key];\n if (val && typeof val === 'object' && !Array.isArray(val)) {\n delete newHeaders[key];\n } else if (headerCharRegex.exec(val) !== null) {\n delete newHeaders[key];\n } else if (val === undefined || val === null) {\n delete newHeaders[key];\n } else if (key.length === 10 && key === 'connection') {\n delete newHeaders[key];\n }\n });\n return newHeaders;\n}\n\n/**\n * These headers are used to identify the tenant for login per tenant feature\n */\nexport const CUSTOM_LOGIN_HEADER = 'frontegg-login-alias';\nexport const FRONTEGG_FORWARD_IP_HEADER = 'x-frontegg-forwarded-for';\nexport const FRONTEGG_HEADERS_VERIFIER_HEADER = 'x-frontegg-headers-verifier';\nexport const FRONTEGG_APPLICATION_ID_HEADER = 'frontegg-requested-application-id';\n\n/**\n * Build fetch request headers, remove invalid http headers\n * @param headers - Incoming request headers\n */\nexport function buildRequestHeaders(headers: Record<string, any>): Record<string, string> {\n let cookie = headers['cookie'];\n if (cookie != null && typeof cookie === 'string') {\n cookie = cookie.replace(/fe_session-[^=]*=[^;]*$/, '').replace(/fe_session-[^=]*=[^;]*;/, '');\n\n if (config.rewriteCookieByAppId && config.appId) {\n cookie = cookie\n .split(';')\n .filter((cookieStr: string) => !cookieStr.trim().startsWith(`fe_refresh_${config.clientId.replace('-', '')}`))\n .join(';');\n cookie = cookie.replace(\n `fe_refresh_${config.appId.replace('-', '')}`,\n `fe_refresh_${config.clientId.replace('-', '')}`\n );\n }\n }\n if (cookie != null && typeof cookie === 'object') {\n cookie = Object.entries(cookie)\n .filter(([key]) => {\n if (config.rewriteCookieByAppId && config.appId) {\n return key !== `fe_refresh_${config.clientId.replace('-', '')}`;\n }\n return true;\n })\n .map(([key, value]) => {\n if (config.rewriteCookieByAppId && config.appId && key === `fe_refresh_${config.appId.replace('-', '')}`) {\n return `fe_refresh_${config.clientId.replace('-', '')}=${value}`;\n } else {\n return `${key}=${value}`;\n }\n })\n .join('; ');\n }\n\n const preparedHeaders: Record<string, string> = {\n authorization: headers['authorization'],\n 'accept-encoding': headers['accept-encoding'],\n 'accept-language': headers['accept-language'],\n accept: headers['accept'],\n 'content-type': 'application/json',\n origin: config.baseUrl,\n cookie,\n 'user-agent': headers['user-agent'],\n 'cache-control': headers['cache-control'],\n 'x-frontegg-framework': `next@${nextjsPkg.version}`,\n 'x-frontegg-sdk': `@frontegg/nextjs@${sdkVersion.version}`,\n };\n\n if (headers[FRONTEGG_APPLICATION_ID_HEADER]) {\n preparedHeaders[FRONTEGG_APPLICATION_ID_HEADER] = headers[FRONTEGG_APPLICATION_ID_HEADER];\n }\n\n const clientIp = headers[FRONTEGG_FORWARD_IP_HEADER] || headers['cf-connecting-ip'] || headers['x-forwarded-for'];\n if (clientIp && config.shouldForwardIp) {\n preparedHeaders[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n preparedHeaders[FRONTEGG_HEADERS_VERIFIER_HEADER] = config.sharedSecret ?? '';\n }\n\n if (headers[CUSTOM_LOGIN_HEADER]) {\n preparedHeaders[CUSTOM_LOGIN_HEADER] = headers[CUSTOM_LOGIN_HEADER];\n }\n return removeInvalidHeaders({ ...preparedHeaders });\n}\n\n/**\n * Return parsed json response if http status code = 200\n * @param res\n */\nexport const parseHttpResponse = async <T>(res: Response): Promise<T | undefined> => {\n if (!res.ok) {\n return undefined;\n }\n return await res.json();\n};\n\n/**\n * Checks if the given path should be forwarded to the Next.js server middleware.\n *\n *\n * @param {string} path - The path to check for authentication API routes.\n * @returns {boolean} Returns true if the path is a frontegg authentication API route or ends with '/postlogin' or '/prelogin'; otherwise, returns false.\n */\nexport function isMiddlewarePath(path: string): boolean {\n let isAuthPath =\n fronteggAuthApiRoutesRegex.find((pathRegex) => {\n if (typeof pathRegex === 'string') {\n return pathRegex === path;\n } else {\n return new RegExp(pathRegex).test(path);\n }\n }) != null;\n\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/user\\/sso\\/[^\\/]*\\/postlogin$/g.test(path)\n // }\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/passwordless\\/[^\\/]*\\/prelogin$/g.test(path)\n // }\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/[^\\/]*\\/prelogin$/g.test(path)\n // }\n\n if (!isAuthPath) {\n const isSocialLoginPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/user\\/sso\\/default\\/[^\\/]*\\/prelogin$/.test(path);\n isAuthPath = (path.endsWith('/postlogin') || path.endsWith('/prelogin')) && !isSocialLoginPath;\n }\n\n return isAuthPath;\n}\n"],"mappings":";;;;;;;;;;;;AAAA,IAAAA,OAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,WAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,QAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,QAAA,GAAAH,OAAA;AACA,IAAAI,UAAA,GAAAJ,OAAA;AAQO,MAAMK,GAAG,GAAGA,CAAC;EAAEC,GAAG;EAAEC,WAAW,GAAG,SAAS;EAAEC;AAA2B,CAAC,KAC9EC,KAAK,CAACH,GAAG,EAAE;EAAEI,MAAM,EAAE,KAAK;EAAEH,WAAW;EAAEC;AAAQ,CAAC,CAAC;AAACG,OAAA,CAAAN,GAAA,GAAAA,GAAA;AAM/C,MAAMO,IAAI,GAAGA,CAAC;EAAEN,GAAG;EAAEC,WAAW,GAAG,SAAS;EAAEC,OAAO;EAAEK;AAAyB,CAAC,KACtFJ,KAAK,CAACH,GAAG,EAAE;EAAEI,MAAM,EAAE,MAAM;EAAEH,WAAW;EAAEC,OAAO;EAAEK;AAAK,CAAC,CAAC;;AAE5D;AACA;AACA;AACA;AACA;AACA;AACA;AANAF,OAAA,CAAAC,IAAA,GAAAA,IAAA;AAOO,SAASE,oBAAoBA,CAACN,OAA+B,EAAE;EACpE,MAAMO,UAAU,OAAAC,SAAA,CAAAC,OAAA,MAAQT,OAAO,CAAE;EACjCU,MAAM,CAACC,IAAI,CAACJ,UAAU,CAAC,CAACK,OAAO,CAAEC,GAAW,IAAK;IAC/C,MAAMC,GAAQ,GAAGd,OAAO,CAACa,GAAG,CAAC;IAC7B,IAAIC,GAAG,IAAI,OAAOA,GAAG,KAAK,QAAQ,IAAI,CAACC,KAAK,CAACC,OAAO,CAACF,GAAG,CAAC,EAAE;MACzD,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAII,0BAAe,CAACC,IAAI,CAACJ,GAAG,CAAC,KAAK,IAAI,EAAE;MAC7C,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAIC,GAAG,KAAKK,SAAS,IAAIL,GAAG,KAAK,IAAI,EAAE;MAC5C,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAIA,GAAG,CAACO,MAAM,KAAK,EAAE,IAAIP,GAAG,KAAK,YAAY,EAAE;MACpD,OAAON,UAAU,CAACM,GAAG,CAAC;IACxB;EACF,CAAC,CAAC;EACF,OAAON,UAAU;AACnB;;AAEA;AACA;AACA;AACO,MAAMc,mBAAmB,GAAAlB,OAAA,CAAAkB,mBAAA,GAAG,sBAAsB;AAClD,MAAMC,0BAA0B,GAAAnB,OAAA,CAAAmB,0BAAA,GAAG,0BAA0B;AAC7D,MAAMC,gCAAgC,GAAApB,OAAA,CAAAoB,gCAAA,GAAG,6BAA6B;AACtE,MAAMC,8BAA8B,GAAArB,OAAA,CAAAqB,8BAAA,GAAG,mCAAmC;;AAEjF;AACA;AACA;AACA;AACO,SAASC,mBAAmBA,CAACzB,OAA4B,EAA0B;EACxF,IAAI0B,MAAM,GAAG1B,OAAO,CAAC,QAAQ,CAAC;EAC9B,IAAI0B,MAAM,IAAI,IAAI,IAAI,OAAOA,MAAM,KAAK,QAAQ,EAAE;IAChDA,MAAM,GAAGA,MAAM,CAACC,OAAO,CAAC,yBAAyB,EAAE,EAAE,CAAC,CAACA,OAAO,CAAC,yBAAyB,EAAE,EAAE,CAAC;IAE7F,IAAIC,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,EAAE;MAC/CJ,MAAM,GAAGA,MAAM,CACZK,KAAK,CAAC,GAAG,CAAC,CACVC,MAAM,CAAEC,SAAiB,IAAK,CAACA,SAAS,CAACC,IAAI,CAAC,CAAC,CAACC,UAAU,CAAC,cAAcP,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAC7GU,IAAI,CAAC,GAAG,CAAC;MACZX,MAAM,GAAGA,MAAM,CAACC,OAAO,CACrB,cAAcC,eAAM,CAACE,KAAK,CAACH,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAC7C,cAAcC,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAChD,CAAC;IACH;EACF;EACA,IAAID,MAAM,IAAI,IAAI,IAAI,OAAOA,MAAM,KAAK,QAAQ,EAAE;IAChDA,MAAM,GAAGhB,MAAM,CAAC4B,OAAO,CAACZ,MAAM,CAAC,CAC5BM,MAAM,CAAC,CAAC,CAACnB,GAAG,CAAC,KAAK;MACjB,IAAIe,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,EAAE;QAC/C,OAAOjB,GAAG,KAAK,cAAce,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;MACjE;MACA,OAAO,IAAI;IACb,CAAC,CAAC,CACDY,GAAG,CAAC,CAAC,CAAC1B,GAAG,EAAE2B,KAAK,CAAC,KAAK;MACrB,IAAIZ,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,IAAIjB,GAAG,KAAK,cAAce,eAAM,CAACE,KAAK,CAACH,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;QACxG,OAAO,cAAcC,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,IAAIa,KAAK,EAAE;MAClE,CAAC,MAAM;QACL,OAAO,GAAG3B,GAAG,IAAI2B,KAAK,EAAE;MAC1B;IACF,CAAC,CAAC,CACDH,IAAI,CAAC,IAAI,CAAC;EACf;EAEA,MAAMI,eAAuC,GAAG;IAC9CC,aAAa,EAAE1C,OAAO,CAAC,eAAe,CAAC;IACvC,iBAAiB,EAAEA,OAAO,CAAC,iBAAiB,CAAC;IAC7C,iBAAiB,EAAEA,OAAO,CAAC,iBAAiB,CAAC;IAC7C2C,MAAM,EAAE3C,OAAO,CAAC,QAAQ,CAAC;IACzB,cAAc,EAAE,kBAAkB;IAClC4C,MAAM,EAAEhB,eAAM,CAACiB,OAAO;IACtBnB,MAAM;IACN,YAAY,EAAE1B,OAAO,CAAC,YAAY,CAAC;IACnC,eAAe,EAAEA,OAAO,CAAC,eAAe,CAAC;IACzC,sBAAsB,EAAE,QAAQ8C,gBAAS,CAACC,OAAO,EAAE;IACnD,gBAAgB,EAAE,oBAAoBC,mBAAU,CAACD,OAAO;EAC1D,CAAC;EAED,IAAI/C,OAAO,CAACwB,8BAA8B,CAAC,EAAE;IAC3CiB,eAAe,CAACjB,8BAA8B,CAAC,GAAGxB,OAAO,CAACwB,8BAA8B,CAAC;EAC3F;EAEA,MAAMyB,QAAQ,GAAGjD,OAAO,CAACsB,0BAA0B,CAAC,IAAItB,OAAO,CAAC,kBAAkB,CAAC,IAAIA,OAAO,CAAC,iBAAiB,CAAC;EACjH,IAAIiD,QAAQ,IAAIrB,eAAM,CAACsB,eAAe,EAAE;IAAA,IAAAC,oBAAA;IACtCV,eAAe,CAACnB,0BAA0B,CAAC,GAAG2B,QAAQ;IACtDR,eAAe,CAAClB,gCAAgC,CAAC,IAAA4B,oBAAA,GAAGvB,eAAM,CAACwB,YAAY,YAAAD,oBAAA,GAAI,EAAE;EAC/E;EAEA,IAAInD,OAAO,CAACqB,mBAAmB,CAAC,EAAE;IAChCoB,eAAe,CAACpB,mBAAmB,CAAC,GAAGrB,OAAO,CAACqB,mBAAmB,CAAC;EACrE;EACA,OAAOf,oBAAoB,KAAAE,SAAA,CAAAC,OAAA,MAAMgC,eAAe,CAAE,CAAC;AACrD;;AAEA;AACA;AACA;AACA;AACO,MAAMY,iBAAiB,GAAG,MAAUC,GAAa,IAA6B;EACnF,IAAI,CAACA,GAAG,CAACC,EAAE,EAAE;IACX,OAAOpC,SAAS;EAClB;EACA,OAAO,MAAMmC,GAAG,CAACE,IAAI,CAAC,CAAC;AACzB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANArD,OAAA,CAAAkD,iBAAA,GAAAA,iBAAA;AAOO,SAASI,gBAAgBA,CAACC,IAAY,EAAW;EACtD,IAAIC,UAAU,GACZC,mCAA0B,CAACC,IAAI,CAAEC,SAAS,IAAK;IAC7C,IAAI,OAAOA,SAAS,KAAK,QAAQ,EAAE;MACjC,OAAOA,SAAS,KAAKJ,IAAI;IAC3B,CAAC,MAAM;MACL,OAAO,IAAIK,MAAM,CAACD,SAAS,CAAC,CAACE,IAAI,CAACN,IAAI,CAAC;IACzC;EACF,CAAC,CAAC,IAAI,IAAI;;EAEZ;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,IAAI,CAACC,UAAU,EAAE;IACf,MAAMM,iBAAiB,GAAG,8EAA8E,CAACD,IAAI,CAACN,IAAI,CAAC;IACnHC,UAAU,GAAG,CAACD,IAAI,CAACQ,QAAQ,CAAC,YAAY,CAAC,IAAIR,IAAI,CAACQ,QAAQ,CAAC,WAAW,CAAC,KAAK,CAACD,iBAAiB;EAChG;EAEA,OAAON,UAAU;AACnB","ignoreList":[]}
package/app/FronteggAppProvider.js CHANGED
@@ -42,6 +42,7 @@ const FronteggAppProvider = async options => {
42
42
  logger.warn(_consts.FRONTEGG_HOSTED_LOGIN_MIGRATION_WARNING);
43
43
  }
44
44
  const providerProps = (0, _extends2.default)({}, appEnvConfig, userData, options, {
45
+ shouldRequestAuthorize: true,
45
46
  envAppUrl: subDomainAppUrl != null ? subDomainAppUrl : envAppUrl,
46
47
  secureJwtEnabled: (_options$secureJwtEna = options.secureJwtEnabled) != null ? _options$secureJwtEna : false,
47
48
  hostedLoginBox: (_ref = (_appEnvConfig$envHost = appEnvConfig.envHostedLoginBox) != null ? _appEnvConfig$envHost : options.hostedLoginBox) != null ? _ref : false
package/app/FronteggAppProvider.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"FronteggAppProvider.js","names":["_react","_interopRequireDefault","require","_ClientFronteggProvider","_helpers","_config","_fetchUserData","_getAppUrlForCustomLoginWithSubdomain","_helpers2","_fronteggLogger","_consts","_jsxRuntime","_excluded","FronteggAppProvider","options","_options$customLoginO","_options$secureJwtEna","_ref","_appEnvConfig$envHost","_config$appEnvConfig","config","appEnvConfig","envAppUrl","_objectWithoutPropertiesLoose2","default","userData","fetchUserData","getSession","getAppSession","getHeaders","getAppHeaders","subDomainAppUrl","getAppUrlForCustomLoginWithSubdomain","customLoginOptions","subDomainIndex","logger","fronteggLogger","child","tag","process","env","_userData","removeJwtSignatureFrom","session","Object","hasOwn","warn","FRONTEGG_HOSTED_LOGIN_MIGRATION_WARNING","providerProps","_extends2","secureJwtEnabled","hostedLoginBox","envHostedLoginBox","jsx","ClientFronteggProvider","exports"],"sources":["../../../../packages/nextjs/src/app/FronteggAppProvider.tsx"],"sourcesContent":["import React, { PropsWithChildren } from 'react';\nimport { ClientFronteggProvider } from './ClientFronteggProvider';\nimport { getAppHeaders, getAppSession } from './helpers';\nimport config from '../config';\nimport fetchUserData from '../utils/fetchUserData';\nimport { ClientFronteggProviderProps } from '../types';\nimport { getAppUrlForCustomLoginWithSubdomain } from './getAppUrlForCustomLoginWithSubdomain';\nimport { removeJwtSignatureFrom } from '../middleware/helpers';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport { FRONTEGG_HOSTED_LOGIN_MIGRATION_WARNING } from './consts';\n\nexport type FronteggAppProviderProps = PropsWithChildren<\n Omit<ClientFronteggProviderProps, 'contextOptions' | 'envAppUrl' | 'envBaseUrl' | 'envClientId'>\n>;\n\nexport const FronteggAppProvider = async (options: FronteggAppProviderProps) => {\n const { envAppUrl, ...appEnvConfig } = config.appEnvConfig;\n let userData = await fetchUserData({ getSession: getAppSession, getHeaders: getAppHeaders });\n const subDomainAppUrl = await getAppUrlForCustomLoginWithSubdomain(options.customLoginOptions?.subDomainIndex);\n const logger = fronteggLogger.child({ tag: 'FronteggAppProvider' });\n\n if (process.env['FRONTEGG_SECURE_JWT_ENABLED'] === 'true' && userData) {\n userData = removeJwtSignatureFrom(userData);\n userData.session = removeJwtSignatureFrom(userData?.session);\n }\n if (Object.hasOwn(options, 'hostedLoginBox')) {\n logger.warn(FRONTEGG_HOSTED_LOGIN_MIGRATION_WARNING);\n }\n\n const providerProps = {\n ...appEnvConfig,\n ...userData,\n ...options,\n envAppUrl: subDomainAppUrl ?? envAppUrl,\n secureJwtEnabled: options.secureJwtEnabled ?? false,\n hostedLoginBox: appEnvConfig.envHostedLoginBox ?? options.hostedLoginBox ?? false,\n };\n\n return <ClientFronteggProvider {...providerProps} />;\n};\n"],"mappings":";;;;;;;;;AAAA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,uBAAA,GAAAD,OAAA;AACA,IAAAE,QAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAJ,sBAAA,CAAAC,OAAA;AACA,IAAAI,cAAA,GAAAL,sBAAA,CAAAC,OAAA;AAEA,IAAAK,qCAAA,GAAAL,OAAA;AACA,IAAAM,SAAA,GAAAN,OAAA;AACA,IAAAO,eAAA,GAAAR,sBAAA,CAAAC,OAAA;AACA,IAAAQ,OAAA,GAAAR,OAAA;AAAmE,IAAAS,WAAA,GAAAT,OAAA;AAAA,MAAAU,SAAA;AAM5D,MAAMC,mBAAmB,GAAG,MAAOC,OAAiC,IAAK;EAAA,IAAAC,qBAAA,EAAAC,qBAAA,EAAAC,IAAA,EAAAC,qBAAA;EAC9E,MAAAC,oBAAA,GAAuCC,eAAM,CAACC,YAAY;IAApD;MAAEC;IAA2B,CAAC,GAAAH,oBAAA;IAAdE,YAAY,OAAAE,8BAAA,CAAAC,OAAA,EAAAL,oBAAA,EAAAP,SAAA;EAClC,IAAIa,QAAQ,GAAG,MAAM,IAAAC,sBAAa,EAAC;IAAEC,UAAU,EAAEC,sBAAa;IAAEC,UAAU,EAAEC;EAAc,CAAC,CAAC;EAC5F,MAAMC,eAAe,GAAG,MAAM,IAAAC,0EAAoC,GAAAjB,qBAAA,GAACD,OAAO,CAACmB,kBAAkB,qBAA1BlB,qBAAA,CAA4BmB,cAAc,CAAC;EAC9G,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAAsB,CAAC,CAAC;EAEnE,IAAIC,OAAO,CAACC,GAAG,CAAC,6BAA6B,CAAC,KAAK,MAAM,IAAIf,QAAQ,EAAE;IAAA,IAAAgB,SAAA;IACrEhB,QAAQ,GAAG,IAAAiB,gCAAsB,EAACjB,QAAQ,CAAC;IAC3CA,QAAQ,CAACkB,OAAO,GAAG,IAAAD,gCAAsB,GAAAD,SAAA,GAAChB,QAAQ,qBAARgB,SAAA,CAAUE,OAAO,CAAC;EAC9D;EACA,IAAIC,MAAM,CAACC,MAAM,CAAC/B,OAAO,EAAE,gBAAgB,CAAC,EAAE;IAC5CqB,MAAM,CAACW,IAAI,CAACC,+CAAuC,CAAC;EACtD;EAEA,MAAMC,aAAa,OAAAC,SAAA,CAAAzB,OAAA,MACdH,YAAY,EACZI,QAAQ,EACRX,OAAO;IACVQ,SAAS,EAAES,eAAe,WAAfA,eAAe,GAAIT,SAAS;IACvC4B,gBAAgB,GAAAlC,qBAAA,GAAEF,OAAO,CAACoC,gBAAgB,YAAAlC,qBAAA,GAAI,KAAK;IACnDmC,cAAc,GAAAlC,IAAA,IAAAC,qBAAA,GAAEG,YAAY,CAAC+B,iBAAiB,YAAAlC,qBAAA,GAAIJ,OAAO,CAACqC,cAAc,YAAAlC,IAAA,GAAI;EAAK,EAClF;EAED,oBAAO,IAAAN,WAAA,CAAA0C,GAAA,EAAClD,uBAAA,CAAAmD,sBAAsB,MAAAL,SAAA,CAAAzB,OAAA,MAAKwB,aAAa,CAAG,CAAC;AACtD,CAAC;AAACO,OAAA,CAAA1C,mBAAA,GAAAA,mBAAA","ignoreList":[]}
1
+ {"version":3,"file":"FronteggAppProvider.js","names":["_react","_interopRequireDefault","require","_ClientFronteggProvider","_helpers","_config","_fetchUserData","_getAppUrlForCustomLoginWithSubdomain","_helpers2","_fronteggLogger","_consts","_jsxRuntime","_excluded","FronteggAppProvider","options","_options$customLoginO","_options$secureJwtEna","_ref","_appEnvConfig$envHost","_config$appEnvConfig","config","appEnvConfig","envAppUrl","_objectWithoutPropertiesLoose2","default","userData","fetchUserData","getSession","getAppSession","getHeaders","getAppHeaders","subDomainAppUrl","getAppUrlForCustomLoginWithSubdomain","customLoginOptions","subDomainIndex","logger","fronteggLogger","child","tag","process","env","_userData","removeJwtSignatureFrom","session","Object","hasOwn","warn","FRONTEGG_HOSTED_LOGIN_MIGRATION_WARNING","providerProps","_extends2","shouldRequestAuthorize","secureJwtEnabled","hostedLoginBox","envHostedLoginBox","jsx","ClientFronteggProvider","exports"],"sources":["../../../../packages/nextjs/src/app/FronteggAppProvider.tsx"],"sourcesContent":["import React, { PropsWithChildren } from 'react';\nimport { ClientFronteggProvider } from './ClientFronteggProvider';\nimport { getAppHeaders, getAppSession } from './helpers';\nimport config from '../config';\nimport fetchUserData from '../utils/fetchUserData';\nimport { ClientFronteggProviderProps } from '../types';\nimport { getAppUrlForCustomLoginWithSubdomain } from './getAppUrlForCustomLoginWithSubdomain';\nimport { removeJwtSignatureFrom } from '../middleware/helpers';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport { FRONTEGG_HOSTED_LOGIN_MIGRATION_WARNING } from './consts';\n\nexport type FronteggAppProviderProps = PropsWithChildren<\n Omit<ClientFronteggProviderProps, 'contextOptions' | 'envAppUrl' | 'envBaseUrl' | 'envClientId'>\n>;\n\nexport const FronteggAppProvider = async (options: FronteggAppProviderProps) => {\n const { envAppUrl, ...appEnvConfig } = config.appEnvConfig;\n let userData = await fetchUserData({ getSession: getAppSession, getHeaders: getAppHeaders });\n const subDomainAppUrl = await getAppUrlForCustomLoginWithSubdomain(options.customLoginOptions?.subDomainIndex);\n const logger = fronteggLogger.child({ tag: 'FronteggAppProvider' });\n\n if (process.env['FRONTEGG_SECURE_JWT_ENABLED'] === 'true' && userData) {\n userData = removeJwtSignatureFrom(userData);\n userData.session = removeJwtSignatureFrom(userData?.session);\n }\n if (Object.hasOwn(options, 'hostedLoginBox')) {\n logger.warn(FRONTEGG_HOSTED_LOGIN_MIGRATION_WARNING);\n }\n\n const providerProps = {\n ...appEnvConfig,\n ...userData,\n ...options,\n shouldRequestAuthorize: true,\n envAppUrl: subDomainAppUrl ?? envAppUrl,\n secureJwtEnabled: options.secureJwtEnabled ?? false,\n hostedLoginBox: appEnvConfig.envHostedLoginBox ?? options.hostedLoginBox ?? false,\n };\n\n return <ClientFronteggProvider {...providerProps} />;\n};\n"],"mappings":";;;;;;;;;AAAA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,uBAAA,GAAAD,OAAA;AACA,IAAAE,QAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAJ,sBAAA,CAAAC,OAAA;AACA,IAAAI,cAAA,GAAAL,sBAAA,CAAAC,OAAA;AAEA,IAAAK,qCAAA,GAAAL,OAAA;AACA,IAAAM,SAAA,GAAAN,OAAA;AACA,IAAAO,eAAA,GAAAR,sBAAA,CAAAC,OAAA;AACA,IAAAQ,OAAA,GAAAR,OAAA;AAAmE,IAAAS,WAAA,GAAAT,OAAA;AAAA,MAAAU,SAAA;AAM5D,MAAMC,mBAAmB,GAAG,MAAOC,OAAiC,IAAK;EAAA,IAAAC,qBAAA,EAAAC,qBAAA,EAAAC,IAAA,EAAAC,qBAAA;EAC9E,MAAAC,oBAAA,GAAuCC,eAAM,CAACC,YAAY;IAApD;MAAEC;IAA2B,CAAC,GAAAH,oBAAA;IAAdE,YAAY,OAAAE,8BAAA,CAAAC,OAAA,EAAAL,oBAAA,EAAAP,SAAA;EAClC,IAAIa,QAAQ,GAAG,MAAM,IAAAC,sBAAa,EAAC;IAAEC,UAAU,EAAEC,sBAAa;IAAEC,UAAU,EAAEC;EAAc,CAAC,CAAC;EAC5F,MAAMC,eAAe,GAAG,MAAM,IAAAC,0EAAoC,GAAAjB,qBAAA,GAACD,OAAO,CAACmB,kBAAkB,qBAA1BlB,qBAAA,CAA4BmB,cAAc,CAAC;EAC9G,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAAsB,CAAC,CAAC;EAEnE,IAAIC,OAAO,CAACC,GAAG,CAAC,6BAA6B,CAAC,KAAK,MAAM,IAAIf,QAAQ,EAAE;IAAA,IAAAgB,SAAA;IACrEhB,QAAQ,GAAG,IAAAiB,gCAAsB,EAACjB,QAAQ,CAAC;IAC3CA,QAAQ,CAACkB,OAAO,GAAG,IAAAD,gCAAsB,GAAAD,SAAA,GAAChB,QAAQ,qBAARgB,SAAA,CAAUE,OAAO,CAAC;EAC9D;EACA,IAAIC,MAAM,CAACC,MAAM,CAAC/B,OAAO,EAAE,gBAAgB,CAAC,EAAE;IAC5CqB,MAAM,CAACW,IAAI,CAACC,+CAAuC,CAAC;EACtD;EAEA,MAAMC,aAAa,OAAAC,SAAA,CAAAzB,OAAA,MACdH,YAAY,EACZI,QAAQ,EACRX,OAAO;IACVoC,sBAAsB,EAAE,IAAI;IAC5B5B,SAAS,EAAES,eAAe,WAAfA,eAAe,GAAIT,SAAS;IACvC6B,gBAAgB,GAAAnC,qBAAA,GAAEF,OAAO,CAACqC,gBAAgB,YAAAnC,qBAAA,GAAI,KAAK;IACnDoC,cAAc,GAAAnC,IAAA,IAAAC,qBAAA,GAAEG,YAAY,CAACgC,iBAAiB,YAAAnC,qBAAA,GAAIJ,OAAO,CAACsC,cAAc,YAAAnC,IAAA,GAAI;EAAK,EAClF;EAED,oBAAO,IAAAN,WAAA,CAAA2C,GAAA,EAACnD,uBAAA,CAAAoD,sBAAsB,MAAAN,SAAA,CAAAzB,OAAA,MAAKwB,aAAa,CAAG,CAAC;AACtD,CAAC;AAACQ,OAAA,CAAA3C,mBAAA,GAAAA,mBAAA","ignoreList":[]}
package/config/constants.d.ts CHANGED
@@ -38,6 +38,12 @@ export declare enum EnvVariables {
38
38
  * - For Prod environment [visit](https://portal.frontegg.com/production/settings/general)
39
39
  */
40
40
  FRONTEGG_CLIENT_SECRET = "FRONTEGG_CLIENT_SECRET",
41
+ /**
42
+ * Your Frontegg application's Shared Secret, get it by visit:
43
+ * - For Dev environment [visit](https://portal.frontegg.com/development/applications/[YOUR_APP_ID])
44
+ * - For Prod environment [visit](https://portal.frontegg.com/production/applications/[YOUR_APP_ID])
45
+ */
46
+ FRONTEGG_SHARED_SECRET = "FRONTEGG_SHARED_SECRET",
41
47
  /**
42
48
  * The stateless session encryption password, used to encrypt
43
49
  * JWT before sending it to the client side.
@@ -89,7 +95,7 @@ export declare enum EnvVariables {
89
95
  /**
90
96
  * Forward client IP address to Frontegg gateway, used to detect the client's IP address
91
97
  * when the Next.js application using frontegg middleware proxy service
92
- * In order to enable this feature, you need to provide {@link EnvVariables.FRONTEGG_CLIENT_SECRET}
98
+ * In order to enable this feature, you need to provide {@link EnvVariables.FRONTEGG_SHARED_SECRET}
93
99
  */
94
100
  FRONTEGG_FORWARD_IP = "FRONTEGG_FORWARD_IP",
95
101
  /**
package/config/constants.js CHANGED
@@ -12,6 +12,7 @@ let EnvVariables = exports.EnvVariables = /*#__PURE__*/function (EnvVariables) {
12
12
  EnvVariables["FRONTEGG_APP_ID"] = "FRONTEGG_APP_ID";
13
13
  EnvVariables["FRONTEGG_REWRITE_COOKIE_BY_APP_ID"] = "FRONTEGG_REWRITE_COOKIE_BY_APP_ID";
14
14
  EnvVariables["FRONTEGG_CLIENT_SECRET"] = "FRONTEGG_CLIENT_SECRET";
15
+ EnvVariables["FRONTEGG_SHARED_SECRET"] = "FRONTEGG_SHARED_SECRET";
15
16
  EnvVariables["FRONTEGG_ENCRYPTION_PASSWORD"] = "FRONTEGG_ENCRYPTION_PASSWORD";
16
17
  EnvVariables["FRONTEGG_JWT_PUBLIC_KEY"] = "FRONTEGG_JWT_PUBLIC_KEY";
17
18
  EnvVariables["FRONTEGG_COOKIE_NAME"] = "FRONTEGG_COOKIE_NAME";
package/config/constants.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"constants.js","names":["EnvVariables","exports"],"sources":["../../../../packages/nextjs/src/config/constants.ts"],"sourcesContent":["export enum EnvVariables {\n /**\n * The AppUrl is to tell Frontegg your application's app url\n * for generating cookies and proxy http requests\n */\n FRONTEGG_APP_URL = 'FRONTEGG_APP_URL',\n /**\n * The Frontegg domain is your unique URL to connect to the Frontegg gateway, get it by visit:\n * - For Dev environment [visit](https://portal.frontegg.com/development/settings/domains)\n * - For Prod environment [visit](https://portal.frontegg.com/production/settings/domains)\n */\n FRONTEGG_BASE_URL = 'FRONTEGG_BASE_URL',\n /**\n * The Frontegg test domain used for testing proxy middleware\n * @private for Frontegg\n */\n FRONTEGG_TEST_URL = 'FRONTEGG_TEST_URL',\n\n /**\n * Your Frontegg application's Client ID, get it by visit:\n * - For Dev environment [visit](https://portal.frontegg.com/development/settings/general)\n * - For Prod environment [visit](https://portal.frontegg.com/production/settings/general)\n */\n FRONTEGG_CLIENT_ID = 'FRONTEGG_CLIENT_ID',\n\n /**\n * Your Frontegg application ID, get it by visit:\n * - For Dev environment [visit](https://portal.frontegg.com/development/applications)\n * - For Prod environment [visit](https://portal.frontegg.com/production/applications)\n */\n FRONTEGG_APP_ID = 'FRONTEGG_APP_ID',\n\n /**\n * Rewrite the cookie name by the Frontegg application ID\n * to support multiple Frontegg applications with same domain\n */\n FRONTEGG_REWRITE_COOKIE_BY_APP_ID = 'FRONTEGG_REWRITE_COOKIE_BY_APP_ID',\n\n /**\n * Your Frontegg application's Client Secret, get it by visit:\n * - For Dev environment [visit](https://portal.frontegg.com/development/settings/general)\n * - For Prod environment [visit](https://portal.frontegg.com/production/settings/general)\n */\n FRONTEGG_CLIENT_SECRET = 'FRONTEGG_CLIENT_SECRET',\n\n /**\n * The stateless session encryption password, used to encrypt\n * JWT before sending it to the client side.\n *\n * For quick password generation use the following command:\n *\n * ```sh\n * node -e \"console.log(crypto.randomBytes(32).toString('hex'))\"\n * ```\n */\n FRONTEGG_ENCRYPTION_PASSWORD = 'FRONTEGG_ENCRYPTION_PASSWORD',\n\n /**\n * The JWT public key generated by frontegg, to verify JWT before create session,\n * get it by visit: https://[YOUR_FRONTEGG_FOMAIN]/.well-known/jwks.json.\n *\n * Then: Copy and Paste the first key from the response:\n * {keys: [{__KEY__}]}\n */\n FRONTEGG_JWT_PUBLIC_KEY = 'FRONTEGG_JWT_PUBLIC_KEY',\n\n /**\n * The stateless cookie name for storing the encrypted JWT\n * value as session cookies for supporting getServerSideProps and ServerComponents\n */\n FRONTEGG_COOKIE_NAME = 'FRONTEGG_COOKIE_NAME',\n\n /**\n * The stateless cookie domain for storing the encrypted JWT\n * value as session cookies for supporting getServerSideProps and ServerComponents\n */\n FRONTEGG_COOKIE_DOMAIN = 'FRONTEGG_COOKIE_DOMAIN',\n\n /**\n * The stateless cookie same site value for storing the encrypted JWT\n * default is none, you can set it to 'lax' or 'strict' for more security\n */\n FRONTEGG_COOKIE_SAME_SITE = 'FRONTEGG_COOKIE_SAME_SITE',\n\n /**\n * When `true`, the initial props will not refresh access token if it's valid.\n */\n DISABLE_INITIAL_PROPS_REFRESH_TOKEN = 'DISABLE_INITIAL_PROPS_REFRESH_TOKEN',\n\n /**\n * Enable secure JWT by removing the signature from the JWT token.\n * In order to enable this feature, you need to provide {@link EnvVariables.FRONTEGG_CLIENT_SECRET}\n */\n FRONTEGG_SECURE_JWT_ENABLED = 'FRONTEGG_SECURE_JWT_ENABLED',\n\n /**\n * The Frontegg Hosted Login URL, used to redirect the user to the Frontegg login page\n * set to 'true' to enable the hosted login feature\n */\n FRONTEGG_HOSTED_LOGIN = 'FRONTEGG_HOSTED_LOGIN',\n\n /**\n * Forward client IP address to Frontegg gateway, used to detect the client's IP address\n * when the Next.js application using frontegg middleware proxy service\n * In order to enable this feature, you need to provide {@link EnvVariables.FRONTEGG_CLIENT_SECRET}\n */\n FRONTEGG_FORWARD_IP = 'FRONTEGG_FORWARD_IP',\n /**\n * This Env variable assign automatically when deploying you Next.js application\n * to Vercel deployments service, and will be used to detect to dynamically configure\n * the {@link EnvVariables.FRONTEGG_APP_URL}\n *\n * @see [Vercel Environment Variables](https://vercel.com/docs/concepts/projects/environment-variables#system-environment-variables)\n */\n VERCEL = 'VERCEL',\n VERCEL_URL = 'VERCEL_URL',\n}\n"],"mappings":";;;;;;IAAYA,YAAY,GAAAC,OAAA,CAAAD,YAAA,0BAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAA,OAAZA,YAAY;AAAA","ignoreList":[]}
1
+ {"version":3,"file":"constants.js","names":["EnvVariables","exports"],"sources":["../../../../packages/nextjs/src/config/constants.ts"],"sourcesContent":["export enum EnvVariables {\n /**\n * The AppUrl is to tell Frontegg your application's app url\n * for generating cookies and proxy http requests\n */\n FRONTEGG_APP_URL = 'FRONTEGG_APP_URL',\n /**\n * The Frontegg domain is your unique URL to connect to the Frontegg gateway, get it by visit:\n * - For Dev environment [visit](https://portal.frontegg.com/development/settings/domains)\n * - For Prod environment [visit](https://portal.frontegg.com/production/settings/domains)\n */\n FRONTEGG_BASE_URL = 'FRONTEGG_BASE_URL',\n /**\n * The Frontegg test domain used for testing proxy middleware\n * @private for Frontegg\n */\n FRONTEGG_TEST_URL = 'FRONTEGG_TEST_URL',\n\n /**\n * Your Frontegg application's Client ID, get it by visit:\n * - For Dev environment [visit](https://portal.frontegg.com/development/settings/general)\n * - For Prod environment [visit](https://portal.frontegg.com/production/settings/general)\n */\n FRONTEGG_CLIENT_ID = 'FRONTEGG_CLIENT_ID',\n\n /**\n * Your Frontegg application ID, get it by visit:\n * - For Dev environment [visit](https://portal.frontegg.com/development/applications)\n * - For Prod environment [visit](https://portal.frontegg.com/production/applications)\n */\n FRONTEGG_APP_ID = 'FRONTEGG_APP_ID',\n\n /**\n * Rewrite the cookie name by the Frontegg application ID\n * to support multiple Frontegg applications with same domain\n */\n FRONTEGG_REWRITE_COOKIE_BY_APP_ID = 'FRONTEGG_REWRITE_COOKIE_BY_APP_ID',\n\n /**\n * Your Frontegg application's Client Secret, get it by visit:\n * - For Dev environment [visit](https://portal.frontegg.com/development/settings/general)\n * - For Prod environment [visit](https://portal.frontegg.com/production/settings/general)\n */\n FRONTEGG_CLIENT_SECRET = 'FRONTEGG_CLIENT_SECRET',\n\n /**\n * Your Frontegg application's Shared Secret, get it by visit:\n * - For Dev environment [visit](https://portal.frontegg.com/development/applications/[YOUR_APP_ID])\n * - For Prod environment [visit](https://portal.frontegg.com/production/applications/[YOUR_APP_ID])\n */\n FRONTEGG_SHARED_SECRET = 'FRONTEGG_SHARED_SECRET',\n\n /**\n * The stateless session encryption password, used to encrypt\n * JWT before sending it to the client side.\n *\n * For quick password generation use the following command:\n *\n * ```sh\n * node -e \"console.log(crypto.randomBytes(32).toString('hex'))\"\n * ```\n */\n FRONTEGG_ENCRYPTION_PASSWORD = 'FRONTEGG_ENCRYPTION_PASSWORD',\n\n /**\n * The JWT public key generated by frontegg, to verify JWT before create session,\n * get it by visit: https://[YOUR_FRONTEGG_FOMAIN]/.well-known/jwks.json.\n *\n * Then: Copy and Paste the first key from the response:\n * {keys: [{__KEY__}]}\n */\n FRONTEGG_JWT_PUBLIC_KEY = 'FRONTEGG_JWT_PUBLIC_KEY',\n\n /**\n * The stateless cookie name for storing the encrypted JWT\n * value as session cookies for supporting getServerSideProps and ServerComponents\n */\n FRONTEGG_COOKIE_NAME = 'FRONTEGG_COOKIE_NAME',\n\n /**\n * The stateless cookie domain for storing the encrypted JWT\n * value as session cookies for supporting getServerSideProps and ServerComponents\n */\n FRONTEGG_COOKIE_DOMAIN = 'FRONTEGG_COOKIE_DOMAIN',\n\n /**\n * The stateless cookie same site value for storing the encrypted JWT\n * default is none, you can set it to 'lax' or 'strict' for more security\n */\n FRONTEGG_COOKIE_SAME_SITE = 'FRONTEGG_COOKIE_SAME_SITE',\n\n /**\n * When `true`, the initial props will not refresh access token if it's valid.\n */\n DISABLE_INITIAL_PROPS_REFRESH_TOKEN = 'DISABLE_INITIAL_PROPS_REFRESH_TOKEN',\n\n /**\n * Enable secure JWT by removing the signature from the JWT token.\n * In order to enable this feature, you need to provide {@link EnvVariables.FRONTEGG_CLIENT_SECRET}\n */\n FRONTEGG_SECURE_JWT_ENABLED = 'FRONTEGG_SECURE_JWT_ENABLED',\n\n /**\n * The Frontegg Hosted Login URL, used to redirect the user to the Frontegg login page\n * set to 'true' to enable the hosted login feature\n */\n FRONTEGG_HOSTED_LOGIN = 'FRONTEGG_HOSTED_LOGIN',\n\n /**\n * Forward client IP address to Frontegg gateway, used to detect the client's IP address\n * when the Next.js application using frontegg middleware proxy service\n * In order to enable this feature, you need to provide {@link EnvVariables.FRONTEGG_SHARED_SECRET}\n */\n FRONTEGG_FORWARD_IP = 'FRONTEGG_FORWARD_IP',\n /**\n * This Env variable assign automatically when deploying you Next.js application\n * to Vercel deployments service, and will be used to detect to dynamically configure\n * the {@link EnvVariables.FRONTEGG_APP_URL}\n *\n * @see [Vercel Environment Variables](https://vercel.com/docs/concepts/projects/environment-variables#system-environment-variables)\n */\n VERCEL = 'VERCEL',\n VERCEL_URL = 'VERCEL_URL',\n}\n"],"mappings":";;;;;;IAAYA,YAAY,GAAAC,OAAA,CAAAD,YAAA,0BAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAZA,YAAY;EAAA,OAAZA,YAAY;AAAA","ignoreList":[]}
package/config/index.d.ts CHANGED
@@ -12,6 +12,7 @@ declare class Config {
12
12
  get appId(): string | undefined;
13
13
  get rewriteCookieByAppId(): boolean;
14
14
  get clientSecret(): string | undefined;
15
+ get sharedSecret(): string | undefined;
15
16
  get shouldForwardIp(): boolean;
16
17
  get jwtPublicKeyJson(): string | undefined;
17
18
  get secureJwtEnabled(): boolean;
package/config/index.js CHANGED
@@ -21,6 +21,7 @@ const setupEnvVariables = {
21
21
  FRONTEGG_APP_ID: process.env.FRONTEGG_APP_ID,
22
22
  FRONTEGG_REWRITE_COOKIE_BY_APP_ID: process.env.FRONTEGG_REWRITE_COOKIE_BY_APP_ID,
23
23
  FRONTEGG_CLIENT_SECRET: process.env.FRONTEGG_CLIENT_SECRET,
24
+ FRONTEGG_SHARED_SECRET: process.env.FRONTEGG_SHARED_SECRET,
24
25
  FRONTEGG_ENCRYPTION_PASSWORD: process.env.FRONTEGG_ENCRYPTION_PASSWORD,
25
26
  FRONTEGG_COOKIE_NAME: process.env.FRONTEGG_COOKIE_NAME,
26
27
  FRONTEGG_COOKIE_DOMAIN: process.env.FRONTEGG_COOKIE_DOMAIN,
@@ -68,7 +69,7 @@ class Config {
68
69
  return (0, _helpers.getEnvOrDefault)(_constants.EnvVariables.FRONTEGG_REWRITE_COOKIE_BY_APP_ID, (_setupEnvVariables$FR = setupEnvVariables.FRONTEGG_REWRITE_COOKIE_BY_APP_ID) != null ? _setupEnvVariables$FR : 'false') === 'true';
69
70
  }
70
71
  get clientSecret() {
71
- let clientSecret = undefined;
72
+ let clientSecret;
72
73
  try {
73
74
  var _getEnv3;
74
75
  clientSecret = (_getEnv3 = (0, _helpers.getEnv)(_constants.EnvVariables.FRONTEGG_CLIENT_SECRET)) != null ? _getEnv3 : setupEnvVariables.FRONTEGG_CLIENT_SECRET;
@@ -80,13 +81,23 @@ class Config {
80
81
  }
81
82
  return clientSecret;
82
83
  }
84
+ get sharedSecret() {
85
+ let sharedSecret;
86
+ try {
87
+ var _getEnv4;
88
+ sharedSecret = (_getEnv4 = (0, _helpers.getEnv)(_constants.EnvVariables.FRONTEGG_SHARED_SECRET)) != null ? _getEnv4 : setupEnvVariables.FRONTEGG_SHARED_SECRET;
89
+ } catch (e) {
90
+ sharedSecret = setupEnvVariables.FRONTEGG_SHARED_SECRET;
91
+ }
92
+ return sharedSecret;
93
+ }
83
94
  get shouldForwardIp() {
84
95
  var _setupEnvVariables$FR2;
85
96
  return (0, _helpers.getEnvOrDefault)(_constants.EnvVariables.FRONTEGG_FORWARD_IP, (_setupEnvVariables$FR2 = setupEnvVariables.FRONTEGG_FORWARD_IP) != null ? _setupEnvVariables$FR2 : 'false') === 'true';
86
97
  }
87
98
  get jwtPublicKeyJson() {
88
- var _getEnv4;
89
- return (_getEnv4 = (0, _helpers.getEnv)(_constants.EnvVariables.FRONTEGG_JWT_PUBLIC_KEY)) != null ? _getEnv4 : setupEnvVariables.FRONTEGG_JWT_PUBLIC_KEY;
99
+ var _getEnv5;
100
+ return (_getEnv5 = (0, _helpers.getEnv)(_constants.EnvVariables.FRONTEGG_JWT_PUBLIC_KEY)) != null ? _getEnv5 : setupEnvVariables.FRONTEGG_JWT_PUBLIC_KEY;
90
101
  }
91
102
  get secureJwtEnabled() {
92
103
  var _setupEnvVariables$FR3;
@@ -135,8 +146,8 @@ class Config {
135
146
  }
136
147
  }
137
148
  get password() {
138
- var _getEnv5;
139
- const encryptionPasswordEnv = (_getEnv5 = (0, _helpers.getEnv)(_constants.EnvVariables.FRONTEGG_ENCRYPTION_PASSWORD)) != null ? _getEnv5 : setupEnvVariables.FRONTEGG_ENCRYPTION_PASSWORD;
149
+ var _getEnv6;
150
+ const encryptionPasswordEnv = (_getEnv6 = (0, _helpers.getEnv)(_constants.EnvVariables.FRONTEGG_ENCRYPTION_PASSWORD)) != null ? _getEnv6 : setupEnvVariables.FRONTEGG_ENCRYPTION_PASSWORD;
140
151
  return (0, _helpers.normalizeStringPasswordToMap)(encryptionPasswordEnv);
141
152
  }
142
153
  get isSSL() {
package/config/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","names":["_helpers","require","_constants","_errors","setupEnvVariables","FRONTEGG_APP_URL","process","env","FRONTEGG_BASE_URL","FRONTEGG_TEST_URL","FRONTEGG_CLIENT_ID","FRONTEGG_APP_ID","FRONTEGG_REWRITE_COOKIE_BY_APP_ID","FRONTEGG_CLIENT_SECRET","FRONTEGG_ENCRYPTION_PASSWORD","FRONTEGG_COOKIE_NAME","FRONTEGG_COOKIE_DOMAIN","FRONTEGG_COOKIE_SAME_SITE","FRONTEGG_JWT_PUBLIC_KEY","FRONTEGG_SECURE_JWT_ENABLED","FRONTEGG_FORWARD_IP","DISABLE_INITIAL_PROPS_REFRESH_TOKEN","VERCEL","VERCEL_URL","Config","constructor","fronteggAppOptions","window","validatePassword","appUrl","generateAppUrl","testUrl","getEnvOrDefault","EnvVariables","baseUrl","_getEnv","getEnv","endsWith","slice","baseUrlHost","URL","hostname","clientId","_getEnv2","appId","rewriteCookieByAppId","_setupEnvVariables$FR","clientSecret","undefined","_getEnv3","e","secureJwtEnabled","InvalidFronteggEnv","shouldForwardIp","_setupEnvVariables$FR2","jwtPublicKeyJson","_getEnv4","_setupEnvVariables$FR3","cookieName","_setupEnvVariables$FR4","cookieNameEnv","replace","cookieDomain","_setupEnvVariables$FR5","generateCookieDomain","cookieSameSite","_setupEnvVariables$FR6","sameSite","authRoutes","_this$fronteggAppOpti","_this$fronteggAppOpti2","authOptions","routes","passwordMaps","password","key","Object","keys","match","length","_getEnv5","encryptionPasswordEnv","normalizeStringPasswordToMap","isSSL","protocol","isHostedLogin","_this$fronteggAppOpti3","hostedLoginBox","FRONTEGG_HOSTED_LOGIN","disableInitialPropsRefreshToken","appEnvConfig","config","envAppUrl","envBaseUrl","envClientId","envAppId","envHostedLoginBox","checkHostedLoginConfig","options","Error","_default","exports","default"],"sources":["../../../../packages/nextjs/src/config/index.ts"],"sourcesContent":["import { AuthPageRoutes } from '@frontegg/redux-store';\nimport { WithFronteggAppOptions } from '../pages';\nimport { AppEnvConfig, PasswordsMap } from './types';\nimport { generateAppUrl, generateCookieDomain, getEnv, getEnvOrDefault, normalizeStringPasswordToMap } from './helpers';\nimport { EnvVariables } from './constants';\nimport { InvalidFronteggEnv } from '../utils/errors';\n\nconst setupEnvVariables = {\n FRONTEGG_APP_URL: process.env.FRONTEGG_APP_URL,\n FRONTEGG_BASE_URL: process.env.FRONTEGG_BASE_URL,\n FRONTEGG_TEST_URL: process.env.FRONTEGG_TEST_URL,\n FRONTEGG_CLIENT_ID: process.env.FRONTEGG_CLIENT_ID,\n FRONTEGG_APP_ID: process.env.FRONTEGG_APP_ID,\n FRONTEGG_REWRITE_COOKIE_BY_APP_ID: process.env.FRONTEGG_REWRITE_COOKIE_BY_APP_ID,\n FRONTEGG_CLIENT_SECRET: process.env.FRONTEGG_CLIENT_SECRET,\n FRONTEGG_ENCRYPTION_PASSWORD: process.env.FRONTEGG_ENCRYPTION_PASSWORD,\n FRONTEGG_COOKIE_NAME: process.env.FRONTEGG_COOKIE_NAME,\n FRONTEGG_COOKIE_DOMAIN: process.env.FRONTEGG_COOKIE_DOMAIN,\n FRONTEGG_COOKIE_SAME_SITE: process.env.FRONTEGG_COOKIE_SAME_SITE,\n FRONTEGG_JWT_PUBLIC_KEY: process.env.FRONTEGG_JWT_PUBLIC_KEY,\n FRONTEGG_SECURE_JWT_ENABLED: process.env.FRONTEGG_SECURE_JWT_ENABLED,\n FRONTEGG_FORWARD_IP: process.env.FRONTEGG_FORWARD_IP,\n DISABLE_INITIAL_PROPS_REFRESH_TOKEN: process.env.DISABLE_INITIAL_PROPS_REFRESH_TOKEN,\n VERCEL: process.env.VERCEL,\n VERCEL_URL: process.env.VERCEL_URL,\n};\n\nclass Config {\n public fronteggAppOptions: Partial<WithFronteggAppOptions> = {};\n\n constructor() {\n if (typeof window === 'undefined') {\n this.validatePassword();\n }\n }\n\n get appUrl(): string {\n return generateAppUrl();\n }\n\n get testUrl(): string | undefined {\n return getEnvOrDefault(EnvVariables.FRONTEGG_TEST_URL, setupEnvVariables.FRONTEGG_TEST_URL);\n }\n\n get baseUrl(): string {\n const baseUrl = getEnv(EnvVariables.FRONTEGG_BASE_URL) ?? setupEnvVariables.FRONTEGG_BASE_URL;\n if (baseUrl.endsWith('/')) {\n return baseUrl.slice(0, -1);\n }\n return baseUrl;\n }\n\n get baseUrlHost(): string {\n return new URL(this.baseUrl).hostname;\n }\n\n get clientId(): string {\n return getEnv(EnvVariables.FRONTEGG_CLIENT_ID) ?? setupEnvVariables.FRONTEGG_CLIENT_ID;\n }\n\n get appId(): string | undefined {\n return getEnvOrDefault(EnvVariables.FRONTEGG_APP_ID, setupEnvVariables.FRONTEGG_APP_ID);\n }\n\n get rewriteCookieByAppId(): boolean {\n return (\n getEnvOrDefault(\n EnvVariables.FRONTEGG_REWRITE_COOKIE_BY_APP_ID,\n setupEnvVariables.FRONTEGG_REWRITE_COOKIE_BY_APP_ID ?? 'false'\n ) === 'true'\n );\n }\n\n get clientSecret(): string | undefined {\n let clientSecret = undefined;\n try {\n clientSecret = getEnv(EnvVariables.FRONTEGG_CLIENT_SECRET) ?? setupEnvVariables.FRONTEGG_CLIENT_SECRET;\n } catch (e) {\n clientSecret = setupEnvVariables.FRONTEGG_CLIENT_SECRET;\n }\n\n if (this.secureJwtEnabled && !clientSecret) {\n throw new InvalidFronteggEnv(\n EnvVariables.FRONTEGG_CLIENT_SECRET,\n 'Client secret is required when secure JWT is enabled'\n );\n }\n return clientSecret;\n }\n\n get shouldForwardIp(): boolean {\n return (\n getEnvOrDefault(EnvVariables.FRONTEGG_FORWARD_IP, setupEnvVariables.FRONTEGG_FORWARD_IP ?? 'false') === 'true'\n );\n }\n\n get jwtPublicKeyJson(): string | undefined {\n return getEnv(EnvVariables.FRONTEGG_JWT_PUBLIC_KEY) ?? setupEnvVariables.FRONTEGG_JWT_PUBLIC_KEY;\n }\n\n get secureJwtEnabled(): boolean {\n return (\n getEnvOrDefault(\n EnvVariables.FRONTEGG_SECURE_JWT_ENABLED,\n setupEnvVariables.FRONTEGG_SECURE_JWT_ENABLED ?? 'false'\n ) == 'true'\n );\n }\n\n get cookieName(): string {\n const cookieNameEnv = getEnvOrDefault(\n EnvVariables.FRONTEGG_COOKIE_NAME,\n setupEnvVariables.FRONTEGG_COOKIE_NAME ?? 'fe_session'\n );\n\n if (this.rewriteCookieByAppId && this.appId) {\n return `${cookieNameEnv}-${this.appId.replace(/-/g, '')}`;\n } else {\n return `${cookieNameEnv}-${this.clientId.replace(/-/g, '')}`;\n }\n }\n\n get cookieDomain(): string {\n return getEnvOrDefault(\n EnvVariables.FRONTEGG_COOKIE_DOMAIN,\n setupEnvVariables.FRONTEGG_COOKIE_DOMAIN ?? generateCookieDomain(this.appUrl)\n );\n }\n\n get cookieSameSite(): 'lax' | 'strict' | 'none' {\n let sameSite = getEnvOrDefault(\n EnvVariables.FRONTEGG_COOKIE_SAME_SITE,\n setupEnvVariables.FRONTEGG_COOKIE_SAME_SITE ?? 'none'\n );\n switch (sameSite) {\n case 'true':\n return 'strict';\n case 'false':\n return 'none';\n case 'lax':\n case 'strict':\n case 'none':\n return sameSite;\n default:\n return 'none';\n }\n }\n\n get authRoutes(): Partial<AuthPageRoutes> {\n return this.fronteggAppOptions?.authOptions?.routes ?? {};\n }\n\n private validatePassword() {\n const passwordMaps = this.password;\n for (let key of Object.keys(passwordMaps)) {\n const password = passwordMaps[key];\n if (!password.match(/[0-9A-Fa-f]{6}/g) || password.length !== 64) {\n throw new InvalidFronteggEnv(\n EnvVariables.FRONTEGG_ENCRYPTION_PASSWORD,\n `Hex string.\\n\\nFor quick password generation use the following command:\\nnode -e \"console.log(crypto.randomBytes(32).toString('hex'))\"`\n );\n }\n }\n }\n\n get password(): PasswordsMap {\n const encryptionPasswordEnv =\n getEnv(EnvVariables.FRONTEGG_ENCRYPTION_PASSWORD) ?? setupEnvVariables.FRONTEGG_ENCRYPTION_PASSWORD;\n\n return normalizeStringPasswordToMap(encryptionPasswordEnv);\n }\n\n get isSSL(): boolean {\n return new URL(this.appUrl).protocol === 'https:';\n }\n\n get isHostedLogin(): boolean {\n return (\n this.fronteggAppOptions.hostedLoginBox ?? getEnvOrDefault(EnvVariables.FRONTEGG_HOSTED_LOGIN, 'false') === 'true'\n );\n }\n\n get disableInitialPropsRefreshToken(): boolean {\n const disableInitialPropsRefreshToken = getEnvOrDefault(\n EnvVariables.DISABLE_INITIAL_PROPS_REFRESH_TOKEN,\n setupEnvVariables.DISABLE_INITIAL_PROPS_REFRESH_TOKEN\n );\n return disableInitialPropsRefreshToken === 'true';\n }\n\n get appEnvConfig(): AppEnvConfig {\n const config = {\n envAppUrl: this.appUrl,\n envBaseUrl: this.baseUrl,\n envClientId: this.clientId,\n envAppId: this.appId,\n secureJwtEnabled: this.secureJwtEnabled,\n envHostedLoginBox: this.isHostedLogin,\n };\n return config;\n }\n\n checkHostedLoginConfig(options: WithFronteggAppOptions | undefined) {\n // noinspection JSDeprecatedSymbols\n if (options?.hostedLoginBox === undefined) {\n return;\n }\n // noinspection JSDeprecatedSymbols\n if (options.hostedLoginBox != this.isHostedLogin) {\n throw new Error(\n 'There is mismatch between FRONTEGG_HOSTED_LOGIN environment variable and withFronteggOptions, ' +\n 'please remove the hostedLoginBox from withFronteggOptions and use the FRONTEGG_HOSTED_LOGIN environment variable instead.'\n );\n }\n }\n}\n\nexport { EnvVariables } from './constants';\nexport default new Config();\n"],"mappings":";;;;;;;;;;;;AAGA,IAAAA,QAAA,GAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AAEA,MAAMG,iBAAiB,GAAG;EACxBC,gBAAgB,EAAEC,OAAO,CAACC,GAAG,CAACF,gBAAgB;EAC9CG,iBAAiB,EAAEF,OAAO,CAACC,GAAG,CAACC,iBAAiB;EAChDC,iBAAiB,EAAEH,OAAO,CAACC,GAAG,CAACE,iBAAiB;EAChDC,kBAAkB,EAAEJ,OAAO,CAACC,GAAG,CAACG,kBAAkB;EAClDC,eAAe,EAAEL,OAAO,CAACC,GAAG,CAACI,eAAe;EAC5CC,iCAAiC,EAAEN,OAAO,CAACC,GAAG,CAACK,iCAAiC;EAChFC,sBAAsB,EAAEP,OAAO,CAACC,GAAG,CAACM,sBAAsB;EAC1DC,4BAA4B,EAAER,OAAO,CAACC,GAAG,CAACO,4BAA4B;EACtEC,oBAAoB,EAAET,OAAO,CAACC,GAAG,CAACQ,oBAAoB;EACtDC,sBAAsB,EAAEV,OAAO,CAACC,GAAG,CAACS,sBAAsB;EAC1DC,yBAAyB,EAAEX,OAAO,CAACC,GAAG,CAACU,yBAAyB;EAChEC,uBAAuB,EAAEZ,OAAO,CAACC,GAAG,CAACW,uBAAuB;EAC5DC,2BAA2B,EAAEb,OAAO,CAACC,GAAG,CAACY,2BAA2B;EACpEC,mBAAmB,EAAEd,OAAO,CAACC,GAAG,CAACa,mBAAmB;EACpDC,mCAAmC,EAAEf,OAAO,CAACC,GAAG,CAACc,mCAAmC;EACpFC,MAAM,EAAEhB,OAAO,CAACC,GAAG,CAACe,MAAM;EAC1BC,UAAU,EAAEjB,OAAO,CAACC,GAAG,CAACgB;AAC1B,CAAC;AAED,MAAMC,MAAM,CAAC;EAGXC,WAAWA,CAAA,EAAG;IAAA,KAFPC,kBAAkB,GAAoC,CAAC,CAAC;IAG7D,IAAI,OAAOC,MAAM,KAAK,WAAW,EAAE;MACjC,IAAI,CAACC,gBAAgB,CAAC,CAAC;IACzB;EACF;EAEA,IAAIC,MAAMA,CAAA,EAAW;IACnB,OAAO,IAAAC,uBAAc,EAAC,CAAC;EACzB;EAEA,IAAIC,OAAOA,CAAA,EAAuB;IAChC,OAAO,IAAAC,wBAAe,EAACC,uBAAY,CAACxB,iBAAiB,EAAEL,iBAAiB,CAACK,iBAAiB,CAAC;EAC7F;EAEA,IAAIyB,OAAOA,CAAA,EAAW;IAAA,IAAAC,OAAA;IACpB,MAAMD,OAAO,IAAAC,OAAA,GAAG,IAAAC,eAAM,EAACH,uBAAY,CAACzB,iBAAiB,CAAC,YAAA2B,OAAA,GAAI/B,iBAAiB,CAACI,iBAAiB;IAC7F,IAAI0B,OAAO,CAACG,QAAQ,CAAC,GAAG,CAAC,EAAE;MACzB,OAAOH,OAAO,CAACI,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7B;IACA,OAAOJ,OAAO;EAChB;EAEA,IAAIK,WAAWA,CAAA,EAAW;IACxB,OAAO,IAAIC,GAAG,CAAC,IAAI,CAACN,OAAO,CAAC,CAACO,QAAQ;EACvC;EAEA,IAAIC,QAAQA,CAAA,EAAW;IAAA,IAAAC,QAAA;IACrB,QAAAA,QAAA,GAAO,IAAAP,eAAM,EAACH,uBAAY,CAACvB,kBAAkB,CAAC,YAAAiC,QAAA,GAAIvC,iBAAiB,CAACM,kBAAkB;EACxF;EAEA,IAAIkC,KAAKA,CAAA,EAAuB;IAC9B,OAAO,IAAAZ,wBAAe,EAACC,uBAAY,CAACtB,eAAe,EAAEP,iBAAiB,CAACO,eAAe,CAAC;EACzF;EAEA,IAAIkC,oBAAoBA,CAAA,EAAY;IAAA,IAAAC,qBAAA;IAClC,OACE,IAAAd,wBAAe,EACbC,uBAAY,CAACrB,iCAAiC,GAAAkC,qBAAA,GAC9C1C,iBAAiB,CAACQ,iCAAiC,YAAAkC,qBAAA,GAAI,OACzD,CAAC,KAAK,MAAM;EAEhB;EAEA,IAAIC,YAAYA,CAAA,EAAuB;IACrC,IAAIA,YAAY,GAAGC,SAAS;IAC5B,IAAI;MAAA,IAAAC,QAAA;MACFF,YAAY,IAAAE,QAAA,GAAG,IAAAb,eAAM,EAACH,uBAAY,CAACpB,sBAAsB,CAAC,YAAAoC,QAAA,GAAI7C,iBAAiB,CAACS,sBAAsB;IACxG,CAAC,CAAC,OAAOqC,CAAC,EAAE;MACVH,YAAY,GAAG3C,iBAAiB,CAACS,sBAAsB;IACzD;IAEA,IAAI,IAAI,CAACsC,gBAAgB,IAAI,CAACJ,YAAY,EAAE;MAC1C,MAAM,IAAIK,0BAAkB,CAC1BnB,uBAAY,CAACpB,sBAAsB,EACnC,sDACF,CAAC;IACH;IACA,OAAOkC,YAAY;EACrB;EAEA,IAAIM,eAAeA,CAAA,EAAY;IAAA,IAAAC,sBAAA;IAC7B,OACE,IAAAtB,wBAAe,EAACC,uBAAY,CAACb,mBAAmB,GAAAkC,sBAAA,GAAElD,iBAAiB,CAACgB,mBAAmB,YAAAkC,sBAAA,GAAI,OAAO,CAAC,KAAK,MAAM;EAElH;EAEA,IAAIC,gBAAgBA,CAAA,EAAuB;IAAA,IAAAC,QAAA;IACzC,QAAAA,QAAA,GAAO,IAAApB,eAAM,EAACH,uBAAY,CAACf,uBAAuB,CAAC,YAAAsC,QAAA,GAAIpD,iBAAiB,CAACc,uBAAuB;EAClG;EAEA,IAAIiC,gBAAgBA,CAAA,EAAY;IAAA,IAAAM,sBAAA;IAC9B,OACE,IAAAzB,wBAAe,EACbC,uBAAY,CAACd,2BAA2B,GAAAsC,sBAAA,GACxCrD,iBAAiB,CAACe,2BAA2B,YAAAsC,sBAAA,GAAI,OACnD,CAAC,IAAI,MAAM;EAEf;EAEA,IAAIC,UAAUA,CAAA,EAAW;IAAA,IAAAC,sBAAA;IACvB,MAAMC,aAAa,GAAG,IAAA5B,wBAAe,EACnCC,uBAAY,CAAClB,oBAAoB,GAAA4C,sBAAA,GACjCvD,iBAAiB,CAACW,oBAAoB,YAAA4C,sBAAA,GAAI,YAC5C,CAAC;IAED,IAAI,IAAI,CAACd,oBAAoB,IAAI,IAAI,CAACD,KAAK,EAAE;MAC3C,OAAO,GAAGgB,aAAa,IAAI,IAAI,CAAChB,KAAK,CAACiB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE;IAC3D,CAAC,MAAM;MACL,OAAO,GAAGD,aAAa,IAAI,IAAI,CAAClB,QAAQ,CAACmB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE;IAC9D;EACF;EAEA,IAAIC,YAAYA,CAAA,EAAW;IAAA,IAAAC,sBAAA;IACzB,OAAO,IAAA/B,wBAAe,EACpBC,uBAAY,CAACjB,sBAAsB,GAAA+C,sBAAA,GACnC3D,iBAAiB,CAACY,sBAAsB,YAAA+C,sBAAA,GAAI,IAAAC,6BAAoB,EAAC,IAAI,CAACnC,MAAM,CAC9E,CAAC;EACH;EAEA,IAAIoC,cAAcA,CAAA,EAA8B;IAAA,IAAAC,sBAAA;IAC9C,IAAIC,QAAQ,GAAG,IAAAnC,wBAAe,EAC5BC,uBAAY,CAAChB,yBAAyB,GAAAiD,sBAAA,GACtC9D,iBAAiB,CAACa,yBAAyB,YAAAiD,sBAAA,GAAI,MACjD,CAAC;IACD,QAAQC,QAAQ;MACd,KAAK,MAAM;QACT,OAAO,QAAQ;MACjB,KAAK,OAAO;QACV,OAAO,MAAM;MACf,KAAK,KAAK;MACV,KAAK,QAAQ;MACb,KAAK,MAAM;QACT,OAAOA,QAAQ;MACjB;QACE,OAAO,MAAM;IACjB;EACF;EAEA,IAAIC,UAAUA,CAAA,EAA4B;IAAA,IAAAC,qBAAA,EAAAC,sBAAA;IACxC,QAAAD,qBAAA,IAAAC,sBAAA,GAAO,IAAI,CAAC5C,kBAAkB,cAAA4C,sBAAA,GAAvBA,sBAAA,CAAyBC,WAAW,qBAApCD,sBAAA,CAAsCE,MAAM,YAAAH,qBAAA,GAAI,CAAC,CAAC;EAC3D;EAEQzC,gBAAgBA,CAAA,EAAG;IACzB,MAAM6C,YAAY,GAAG,IAAI,CAACC,QAAQ;IAClC,KAAK,IAAIC,GAAG,IAAIC,MAAM,CAACC,IAAI,CAACJ,YAAY,CAAC,EAAE;MACzC,MAAMC,QAAQ,GAAGD,YAAY,CAACE,GAAG,CAAC;MAClC,IAAI,CAACD,QAAQ,CAACI,KAAK,CAAC,iBAAiB,CAAC,IAAIJ,QAAQ,CAACK,MAAM,KAAK,EAAE,EAAE;QAChE,MAAM,IAAI3B,0BAAkB,CAC1BnB,uBAAY,CAACnB,4BAA4B,EACzC,wIACF,CAAC;MACH;IACF;EACF;EAEA,IAAI4D,QAAQA,CAAA,EAAiB;IAAA,IAAAM,QAAA;IAC3B,MAAMC,qBAAqB,IAAAD,QAAA,GACzB,IAAA5C,eAAM,EAACH,uBAAY,CAACnB,4BAA4B,CAAC,YAAAkE,QAAA,GAAI5E,iBAAiB,CAACU,4BAA4B;IAErG,OAAO,IAAAoE,qCAA4B,EAACD,qBAAqB,CAAC;EAC5D;EAEA,IAAIE,KAAKA,CAAA,EAAY;IACnB,OAAO,IAAI3C,GAAG,CAAC,IAAI,CAACX,MAAM,CAAC,CAACuD,QAAQ,KAAK,QAAQ;EACnD;EAEA,IAAIC,aAAaA,CAAA,EAAY;IAAA,IAAAC,sBAAA;IAC3B,QAAAA,sBAAA,GACE,IAAI,CAAC5D,kBAAkB,CAAC6D,cAAc,YAAAD,sBAAA,GAAI,IAAAtD,wBAAe,EAACC,uBAAY,CAACuD,qBAAqB,EAAE,OAAO,CAAC,KAAK,MAAM;EAErH;EAEA,IAAIC,+BAA+BA,CAAA,EAAY;IAC7C,MAAMA,+BAA+B,GAAG,IAAAzD,wBAAe,EACrDC,uBAAY,CAACZ,mCAAmC,EAChDjB,iBAAiB,CAACiB,mCACpB,CAAC;IACD,OAAOoE,+BAA+B,KAAK,MAAM;EACnD;EAEA,IAAIC,YAAYA,CAAA,EAAiB;IAC/B,MAAMC,MAAM,GAAG;MACbC,SAAS,EAAE,IAAI,CAAC/D,MAAM;MACtBgE,UAAU,EAAE,IAAI,CAAC3D,OAAO;MACxB4D,WAAW,EAAE,IAAI,CAACpD,QAAQ;MAC1BqD,QAAQ,EAAE,IAAI,CAACnD,KAAK;MACpBO,gBAAgB,EAAE,IAAI,CAACA,gBAAgB;MACvC6C,iBAAiB,EAAE,IAAI,CAACX;IAC1B,CAAC;IACD,OAAOM,MAAM;EACf;EAEAM,sBAAsBA,CAACC,OAA2C,EAAE;IAClE;IACA,IAAI,CAAAA,OAAO,oBAAPA,OAAO,CAAEX,cAAc,MAAKvC,SAAS,EAAE;MACzC;IACF;IACA;IACA,IAAIkD,OAAO,CAACX,cAAc,IAAI,IAAI,CAACF,aAAa,EAAE;MAChD,MAAM,IAAIc,KAAK,CACb,gGAAgG,GAC9F,2HACJ,CAAC;IACH;EACF;AACF;AAAC,IAAAC,QAAA,GAAAC,OAAA,CAAAC,OAAA,GAGc,IAAI9E,MAAM,CAAC,CAAC","ignoreList":[]}
1
+ {"version":3,"file":"index.js","names":["_helpers","require","_constants","_errors","setupEnvVariables","FRONTEGG_APP_URL","process","env","FRONTEGG_BASE_URL","FRONTEGG_TEST_URL","FRONTEGG_CLIENT_ID","FRONTEGG_APP_ID","FRONTEGG_REWRITE_COOKIE_BY_APP_ID","FRONTEGG_CLIENT_SECRET","FRONTEGG_SHARED_SECRET","FRONTEGG_ENCRYPTION_PASSWORD","FRONTEGG_COOKIE_NAME","FRONTEGG_COOKIE_DOMAIN","FRONTEGG_COOKIE_SAME_SITE","FRONTEGG_JWT_PUBLIC_KEY","FRONTEGG_SECURE_JWT_ENABLED","FRONTEGG_FORWARD_IP","DISABLE_INITIAL_PROPS_REFRESH_TOKEN","VERCEL","VERCEL_URL","Config","constructor","fronteggAppOptions","window","validatePassword","appUrl","generateAppUrl","testUrl","getEnvOrDefault","EnvVariables","baseUrl","_getEnv","getEnv","endsWith","slice","baseUrlHost","URL","hostname","clientId","_getEnv2","appId","rewriteCookieByAppId","_setupEnvVariables$FR","clientSecret","_getEnv3","e","secureJwtEnabled","InvalidFronteggEnv","sharedSecret","_getEnv4","shouldForwardIp","_setupEnvVariables$FR2","jwtPublicKeyJson","_getEnv5","_setupEnvVariables$FR3","cookieName","_setupEnvVariables$FR4","cookieNameEnv","replace","cookieDomain","_setupEnvVariables$FR5","generateCookieDomain","cookieSameSite","_setupEnvVariables$FR6","sameSite","authRoutes","_this$fronteggAppOpti","_this$fronteggAppOpti2","authOptions","routes","passwordMaps","password","key","Object","keys","match","length","_getEnv6","encryptionPasswordEnv","normalizeStringPasswordToMap","isSSL","protocol","isHostedLogin","_this$fronteggAppOpti3","hostedLoginBox","FRONTEGG_HOSTED_LOGIN","disableInitialPropsRefreshToken","appEnvConfig","config","envAppUrl","envBaseUrl","envClientId","envAppId","envHostedLoginBox","checkHostedLoginConfig","options","undefined","Error","_default","exports","default"],"sources":["../../../../packages/nextjs/src/config/index.ts"],"sourcesContent":["import { AuthPageRoutes } from '@frontegg/redux-store';\nimport { WithFronteggAppOptions } from '../pages';\nimport { AppEnvConfig, PasswordsMap } from './types';\nimport { generateAppUrl, generateCookieDomain, getEnv, getEnvOrDefault, normalizeStringPasswordToMap } from './helpers';\nimport { EnvVariables } from './constants';\nimport { InvalidFronteggEnv } from '../utils/errors';\n\nconst setupEnvVariables = {\n FRONTEGG_APP_URL: process.env.FRONTEGG_APP_URL,\n FRONTEGG_BASE_URL: process.env.FRONTEGG_BASE_URL,\n FRONTEGG_TEST_URL: process.env.FRONTEGG_TEST_URL,\n FRONTEGG_CLIENT_ID: process.env.FRONTEGG_CLIENT_ID,\n FRONTEGG_APP_ID: process.env.FRONTEGG_APP_ID,\n FRONTEGG_REWRITE_COOKIE_BY_APP_ID: process.env.FRONTEGG_REWRITE_COOKIE_BY_APP_ID,\n FRONTEGG_CLIENT_SECRET: process.env.FRONTEGG_CLIENT_SECRET,\n FRONTEGG_SHARED_SECRET: process.env.FRONTEGG_SHARED_SECRET,\n FRONTEGG_ENCRYPTION_PASSWORD: process.env.FRONTEGG_ENCRYPTION_PASSWORD,\n FRONTEGG_COOKIE_NAME: process.env.FRONTEGG_COOKIE_NAME,\n FRONTEGG_COOKIE_DOMAIN: process.env.FRONTEGG_COOKIE_DOMAIN,\n FRONTEGG_COOKIE_SAME_SITE: process.env.FRONTEGG_COOKIE_SAME_SITE,\n FRONTEGG_JWT_PUBLIC_KEY: process.env.FRONTEGG_JWT_PUBLIC_KEY,\n FRONTEGG_SECURE_JWT_ENABLED: process.env.FRONTEGG_SECURE_JWT_ENABLED,\n FRONTEGG_FORWARD_IP: process.env.FRONTEGG_FORWARD_IP,\n DISABLE_INITIAL_PROPS_REFRESH_TOKEN: process.env.DISABLE_INITIAL_PROPS_REFRESH_TOKEN,\n VERCEL: process.env.VERCEL,\n VERCEL_URL: process.env.VERCEL_URL,\n};\n\nclass Config {\n public fronteggAppOptions: Partial<WithFronteggAppOptions> = {};\n\n constructor() {\n if (typeof window === 'undefined') {\n this.validatePassword();\n }\n }\n\n get appUrl(): string {\n return generateAppUrl();\n }\n\n get testUrl(): string | undefined {\n return getEnvOrDefault(EnvVariables.FRONTEGG_TEST_URL, setupEnvVariables.FRONTEGG_TEST_URL);\n }\n\n get baseUrl(): string {\n const baseUrl = getEnv(EnvVariables.FRONTEGG_BASE_URL) ?? setupEnvVariables.FRONTEGG_BASE_URL;\n if (baseUrl.endsWith('/')) {\n return baseUrl.slice(0, -1);\n }\n return baseUrl;\n }\n\n get baseUrlHost(): string {\n return new URL(this.baseUrl).hostname;\n }\n\n get clientId(): string {\n return getEnv(EnvVariables.FRONTEGG_CLIENT_ID) ?? setupEnvVariables.FRONTEGG_CLIENT_ID;\n }\n\n get appId(): string | undefined {\n return getEnvOrDefault(EnvVariables.FRONTEGG_APP_ID, setupEnvVariables.FRONTEGG_APP_ID);\n }\n\n get rewriteCookieByAppId(): boolean {\n return (\n getEnvOrDefault(\n EnvVariables.FRONTEGG_REWRITE_COOKIE_BY_APP_ID,\n setupEnvVariables.FRONTEGG_REWRITE_COOKIE_BY_APP_ID ?? 'false'\n ) === 'true'\n );\n }\n\n get clientSecret(): string | undefined {\n let clientSecret;\n try {\n clientSecret = getEnv(EnvVariables.FRONTEGG_CLIENT_SECRET) ?? setupEnvVariables.FRONTEGG_CLIENT_SECRET;\n } catch (e) {\n clientSecret = setupEnvVariables.FRONTEGG_CLIENT_SECRET;\n }\n\n if (this.secureJwtEnabled && !clientSecret) {\n throw new InvalidFronteggEnv(\n EnvVariables.FRONTEGG_CLIENT_SECRET,\n 'Client secret is required when secure JWT is enabled'\n );\n }\n return clientSecret;\n }\n\n get sharedSecret(): string | undefined {\n let sharedSecret;\n try {\n sharedSecret = getEnv(EnvVariables.FRONTEGG_SHARED_SECRET) ?? setupEnvVariables.FRONTEGG_SHARED_SECRET;\n } catch (e) {\n sharedSecret = setupEnvVariables.FRONTEGG_SHARED_SECRET;\n }\n\n return sharedSecret;\n }\n\n get shouldForwardIp(): boolean {\n return (\n getEnvOrDefault(EnvVariables.FRONTEGG_FORWARD_IP, setupEnvVariables.FRONTEGG_FORWARD_IP ?? 'false') === 'true'\n );\n }\n\n get jwtPublicKeyJson(): string | undefined {\n return getEnv(EnvVariables.FRONTEGG_JWT_PUBLIC_KEY) ?? setupEnvVariables.FRONTEGG_JWT_PUBLIC_KEY;\n }\n\n get secureJwtEnabled(): boolean {\n return (\n getEnvOrDefault(\n EnvVariables.FRONTEGG_SECURE_JWT_ENABLED,\n setupEnvVariables.FRONTEGG_SECURE_JWT_ENABLED ?? 'false'\n ) == 'true'\n );\n }\n\n get cookieName(): string {\n const cookieNameEnv = getEnvOrDefault(\n EnvVariables.FRONTEGG_COOKIE_NAME,\n setupEnvVariables.FRONTEGG_COOKIE_NAME ?? 'fe_session'\n );\n\n if (this.rewriteCookieByAppId && this.appId) {\n return `${cookieNameEnv}-${this.appId.replace(/-/g, '')}`;\n } else {\n return `${cookieNameEnv}-${this.clientId.replace(/-/g, '')}`;\n }\n }\n\n get cookieDomain(): string {\n return getEnvOrDefault(\n EnvVariables.FRONTEGG_COOKIE_DOMAIN,\n setupEnvVariables.FRONTEGG_COOKIE_DOMAIN ?? generateCookieDomain(this.appUrl)\n );\n }\n\n get cookieSameSite(): 'lax' | 'strict' | 'none' {\n let sameSite = getEnvOrDefault(\n EnvVariables.FRONTEGG_COOKIE_SAME_SITE,\n setupEnvVariables.FRONTEGG_COOKIE_SAME_SITE ?? 'none'\n );\n switch (sameSite) {\n case 'true':\n return 'strict';\n case 'false':\n return 'none';\n case 'lax':\n case 'strict':\n case 'none':\n return sameSite;\n default:\n return 'none';\n }\n }\n\n get authRoutes(): Partial<AuthPageRoutes> {\n return this.fronteggAppOptions?.authOptions?.routes ?? {};\n }\n\n private validatePassword() {\n const passwordMaps = this.password;\n for (let key of Object.keys(passwordMaps)) {\n const password = passwordMaps[key];\n if (!password.match(/[0-9A-Fa-f]{6}/g) || password.length !== 64) {\n throw new InvalidFronteggEnv(\n EnvVariables.FRONTEGG_ENCRYPTION_PASSWORD,\n `Hex string.\\n\\nFor quick password generation use the following command:\\nnode -e \"console.log(crypto.randomBytes(32).toString('hex'))\"`\n );\n }\n }\n }\n\n get password(): PasswordsMap {\n const encryptionPasswordEnv =\n getEnv(EnvVariables.FRONTEGG_ENCRYPTION_PASSWORD) ?? setupEnvVariables.FRONTEGG_ENCRYPTION_PASSWORD;\n\n return normalizeStringPasswordToMap(encryptionPasswordEnv);\n }\n\n get isSSL(): boolean {\n return new URL(this.appUrl).protocol === 'https:';\n }\n\n get isHostedLogin(): boolean {\n return (\n this.fronteggAppOptions.hostedLoginBox ?? getEnvOrDefault(EnvVariables.FRONTEGG_HOSTED_LOGIN, 'false') === 'true'\n );\n }\n\n get disableInitialPropsRefreshToken(): boolean {\n const disableInitialPropsRefreshToken = getEnvOrDefault(\n EnvVariables.DISABLE_INITIAL_PROPS_REFRESH_TOKEN,\n setupEnvVariables.DISABLE_INITIAL_PROPS_REFRESH_TOKEN\n );\n return disableInitialPropsRefreshToken === 'true';\n }\n\n get appEnvConfig(): AppEnvConfig {\n const config = {\n envAppUrl: this.appUrl,\n envBaseUrl: this.baseUrl,\n envClientId: this.clientId,\n envAppId: this.appId,\n secureJwtEnabled: this.secureJwtEnabled,\n envHostedLoginBox: this.isHostedLogin,\n };\n return config;\n }\n\n checkHostedLoginConfig(options: WithFronteggAppOptions | undefined) {\n // noinspection JSDeprecatedSymbols\n if (options?.hostedLoginBox === undefined) {\n return;\n }\n // noinspection JSDeprecatedSymbols\n if (options.hostedLoginBox != this.isHostedLogin) {\n throw new Error(\n 'There is mismatch between FRONTEGG_HOSTED_LOGIN environment variable and withFronteggOptions, ' +\n 'please remove the hostedLoginBox from withFronteggOptions and use the FRONTEGG_HOSTED_LOGIN environment variable instead.'\n );\n }\n }\n}\n\nexport { EnvVariables } from './constants';\nexport default new Config();\n"],"mappings":";;;;;;;;;;;;AAGA,IAAAA,QAAA,GAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AAEA,MAAMG,iBAAiB,GAAG;EACxBC,gBAAgB,EAAEC,OAAO,CAACC,GAAG,CAACF,gBAAgB;EAC9CG,iBAAiB,EAAEF,OAAO,CAACC,GAAG,CAACC,iBAAiB;EAChDC,iBAAiB,EAAEH,OAAO,CAACC,GAAG,CAACE,iBAAiB;EAChDC,kBAAkB,EAAEJ,OAAO,CAACC,GAAG,CAACG,kBAAkB;EAClDC,eAAe,EAAEL,OAAO,CAACC,GAAG,CAACI,eAAe;EAC5CC,iCAAiC,EAAEN,OAAO,CAACC,GAAG,CAACK,iCAAiC;EAChFC,sBAAsB,EAAEP,OAAO,CAACC,GAAG,CAACM,sBAAsB;EAC1DC,sBAAsB,EAAER,OAAO,CAACC,GAAG,CAACO,sBAAsB;EAC1DC,4BAA4B,EAAET,OAAO,CAACC,GAAG,CAACQ,4BAA4B;EACtEC,oBAAoB,EAAEV,OAAO,CAACC,GAAG,CAACS,oBAAoB;EACtDC,sBAAsB,EAAEX,OAAO,CAACC,GAAG,CAACU,sBAAsB;EAC1DC,yBAAyB,EAAEZ,OAAO,CAACC,GAAG,CAACW,yBAAyB;EAChEC,uBAAuB,EAAEb,OAAO,CAACC,GAAG,CAACY,uBAAuB;EAC5DC,2BAA2B,EAAEd,OAAO,CAACC,GAAG,CAACa,2BAA2B;EACpEC,mBAAmB,EAAEf,OAAO,CAACC,GAAG,CAACc,mBAAmB;EACpDC,mCAAmC,EAAEhB,OAAO,CAACC,GAAG,CAACe,mCAAmC;EACpFC,MAAM,EAAEjB,OAAO,CAACC,GAAG,CAACgB,MAAM;EAC1BC,UAAU,EAAElB,OAAO,CAACC,GAAG,CAACiB;AAC1B,CAAC;AAED,MAAMC,MAAM,CAAC;EAGXC,WAAWA,CAAA,EAAG;IAAA,KAFPC,kBAAkB,GAAoC,CAAC,CAAC;IAG7D,IAAI,OAAOC,MAAM,KAAK,WAAW,EAAE;MACjC,IAAI,CAACC,gBAAgB,CAAC,CAAC;IACzB;EACF;EAEA,IAAIC,MAAMA,CAAA,EAAW;IACnB,OAAO,IAAAC,uBAAc,EAAC,CAAC;EACzB;EAEA,IAAIC,OAAOA,CAAA,EAAuB;IAChC,OAAO,IAAAC,wBAAe,EAACC,uBAAY,CAACzB,iBAAiB,EAAEL,iBAAiB,CAACK,iBAAiB,CAAC;EAC7F;EAEA,IAAI0B,OAAOA,CAAA,EAAW;IAAA,IAAAC,OAAA;IACpB,MAAMD,OAAO,IAAAC,OAAA,GAAG,IAAAC,eAAM,EAACH,uBAAY,CAAC1B,iBAAiB,CAAC,YAAA4B,OAAA,GAAIhC,iBAAiB,CAACI,iBAAiB;IAC7F,IAAI2B,OAAO,CAACG,QAAQ,CAAC,GAAG,CAAC,EAAE;MACzB,OAAOH,OAAO,CAACI,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7B;IACA,OAAOJ,OAAO;EAChB;EAEA,IAAIK,WAAWA,CAAA,EAAW;IACxB,OAAO,IAAIC,GAAG,CAAC,IAAI,CAACN,OAAO,CAAC,CAACO,QAAQ;EACvC;EAEA,IAAIC,QAAQA,CAAA,EAAW;IAAA,IAAAC,QAAA;IACrB,QAAAA,QAAA,GAAO,IAAAP,eAAM,EAACH,uBAAY,CAACxB,kBAAkB,CAAC,YAAAkC,QAAA,GAAIxC,iBAAiB,CAACM,kBAAkB;EACxF;EAEA,IAAImC,KAAKA,CAAA,EAAuB;IAC9B,OAAO,IAAAZ,wBAAe,EAACC,uBAAY,CAACvB,eAAe,EAAEP,iBAAiB,CAACO,eAAe,CAAC;EACzF;EAEA,IAAImC,oBAAoBA,CAAA,EAAY;IAAA,IAAAC,qBAAA;IAClC,OACE,IAAAd,wBAAe,EACbC,uBAAY,CAACtB,iCAAiC,GAAAmC,qBAAA,GAC9C3C,iBAAiB,CAACQ,iCAAiC,YAAAmC,qBAAA,GAAI,OACzD,CAAC,KAAK,MAAM;EAEhB;EAEA,IAAIC,YAAYA,CAAA,EAAuB;IACrC,IAAIA,YAAY;IAChB,IAAI;MAAA,IAAAC,QAAA;MACFD,YAAY,IAAAC,QAAA,GAAG,IAAAZ,eAAM,EAACH,uBAAY,CAACrB,sBAAsB,CAAC,YAAAoC,QAAA,GAAI7C,iBAAiB,CAACS,sBAAsB;IACxG,CAAC,CAAC,OAAOqC,CAAC,EAAE;MACVF,YAAY,GAAG5C,iBAAiB,CAACS,sBAAsB;IACzD;IAEA,IAAI,IAAI,CAACsC,gBAAgB,IAAI,CAACH,YAAY,EAAE;MAC1C,MAAM,IAAII,0BAAkB,CAC1BlB,uBAAY,CAACrB,sBAAsB,EACnC,sDACF,CAAC;IACH;IACA,OAAOmC,YAAY;EACrB;EAEA,IAAIK,YAAYA,CAAA,EAAuB;IACrC,IAAIA,YAAY;IAChB,IAAI;MAAA,IAAAC,QAAA;MACFD,YAAY,IAAAC,QAAA,GAAG,IAAAjB,eAAM,EAACH,uBAAY,CAACpB,sBAAsB,CAAC,YAAAwC,QAAA,GAAIlD,iBAAiB,CAACU,sBAAsB;IACxG,CAAC,CAAC,OAAOoC,CAAC,EAAE;MACVG,YAAY,GAAGjD,iBAAiB,CAACU,sBAAsB;IACzD;IAEA,OAAOuC,YAAY;EACrB;EAEA,IAAIE,eAAeA,CAAA,EAAY;IAAA,IAAAC,sBAAA;IAC7B,OACE,IAAAvB,wBAAe,EAACC,uBAAY,CAACb,mBAAmB,GAAAmC,sBAAA,GAAEpD,iBAAiB,CAACiB,mBAAmB,YAAAmC,sBAAA,GAAI,OAAO,CAAC,KAAK,MAAM;EAElH;EAEA,IAAIC,gBAAgBA,CAAA,EAAuB;IAAA,IAAAC,QAAA;IACzC,QAAAA,QAAA,GAAO,IAAArB,eAAM,EAACH,uBAAY,CAACf,uBAAuB,CAAC,YAAAuC,QAAA,GAAItD,iBAAiB,CAACe,uBAAuB;EAClG;EAEA,IAAIgC,gBAAgBA,CAAA,EAAY;IAAA,IAAAQ,sBAAA;IAC9B,OACE,IAAA1B,wBAAe,EACbC,uBAAY,CAACd,2BAA2B,GAAAuC,sBAAA,GACxCvD,iBAAiB,CAACgB,2BAA2B,YAAAuC,sBAAA,GAAI,OACnD,CAAC,IAAI,MAAM;EAEf;EAEA,IAAIC,UAAUA,CAAA,EAAW;IAAA,IAAAC,sBAAA;IACvB,MAAMC,aAAa,GAAG,IAAA7B,wBAAe,EACnCC,uBAAY,CAAClB,oBAAoB,GAAA6C,sBAAA,GACjCzD,iBAAiB,CAACY,oBAAoB,YAAA6C,sBAAA,GAAI,YAC5C,CAAC;IAED,IAAI,IAAI,CAACf,oBAAoB,IAAI,IAAI,CAACD,KAAK,EAAE;MAC3C,OAAO,GAAGiB,aAAa,IAAI,IAAI,CAACjB,KAAK,CAACkB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE;IAC3D,CAAC,MAAM;MACL,OAAO,GAAGD,aAAa,IAAI,IAAI,CAACnB,QAAQ,CAACoB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE;IAC9D;EACF;EAEA,IAAIC,YAAYA,CAAA,EAAW;IAAA,IAAAC,sBAAA;IACzB,OAAO,IAAAhC,wBAAe,EACpBC,uBAAY,CAACjB,sBAAsB,GAAAgD,sBAAA,GACnC7D,iBAAiB,CAACa,sBAAsB,YAAAgD,sBAAA,GAAI,IAAAC,6BAAoB,EAAC,IAAI,CAACpC,MAAM,CAC9E,CAAC;EACH;EAEA,IAAIqC,cAAcA,CAAA,EAA8B;IAAA,IAAAC,sBAAA;IAC9C,IAAIC,QAAQ,GAAG,IAAApC,wBAAe,EAC5BC,uBAAY,CAAChB,yBAAyB,GAAAkD,sBAAA,GACtChE,iBAAiB,CAACc,yBAAyB,YAAAkD,sBAAA,GAAI,MACjD,CAAC;IACD,QAAQC,QAAQ;MACd,KAAK,MAAM;QACT,OAAO,QAAQ;MACjB,KAAK,OAAO;QACV,OAAO,MAAM;MACf,KAAK,KAAK;MACV,KAAK,QAAQ;MACb,KAAK,MAAM;QACT,OAAOA,QAAQ;MACjB;QACE,OAAO,MAAM;IACjB;EACF;EAEA,IAAIC,UAAUA,CAAA,EAA4B;IAAA,IAAAC,qBAAA,EAAAC,sBAAA;IACxC,QAAAD,qBAAA,IAAAC,sBAAA,GAAO,IAAI,CAAC7C,kBAAkB,cAAA6C,sBAAA,GAAvBA,sBAAA,CAAyBC,WAAW,qBAApCD,sBAAA,CAAsCE,MAAM,YAAAH,qBAAA,GAAI,CAAC,CAAC;EAC3D;EAEQ1C,gBAAgBA,CAAA,EAAG;IACzB,MAAM8C,YAAY,GAAG,IAAI,CAACC,QAAQ;IAClC,KAAK,IAAIC,GAAG,IAAIC,MAAM,CAACC,IAAI,CAACJ,YAAY,CAAC,EAAE;MACzC,MAAMC,QAAQ,GAAGD,YAAY,CAACE,GAAG,CAAC;MAClC,IAAI,CAACD,QAAQ,CAACI,KAAK,CAAC,iBAAiB,CAAC,IAAIJ,QAAQ,CAACK,MAAM,KAAK,EAAE,EAAE;QAChE,MAAM,IAAI7B,0BAAkB,CAC1BlB,uBAAY,CAACnB,4BAA4B,EACzC,wIACF,CAAC;MACH;IACF;EACF;EAEA,IAAI6D,QAAQA,CAAA,EAAiB;IAAA,IAAAM,QAAA;IAC3B,MAAMC,qBAAqB,IAAAD,QAAA,GACzB,IAAA7C,eAAM,EAACH,uBAAY,CAACnB,4BAA4B,CAAC,YAAAmE,QAAA,GAAI9E,iBAAiB,CAACW,4BAA4B;IAErG,OAAO,IAAAqE,qCAA4B,EAACD,qBAAqB,CAAC;EAC5D;EAEA,IAAIE,KAAKA,CAAA,EAAY;IACnB,OAAO,IAAI5C,GAAG,CAAC,IAAI,CAACX,MAAM,CAAC,CAACwD,QAAQ,KAAK,QAAQ;EACnD;EAEA,IAAIC,aAAaA,CAAA,EAAY;IAAA,IAAAC,sBAAA;IAC3B,QAAAA,sBAAA,GACE,IAAI,CAAC7D,kBAAkB,CAAC8D,cAAc,YAAAD,sBAAA,GAAI,IAAAvD,wBAAe,EAACC,uBAAY,CAACwD,qBAAqB,EAAE,OAAO,CAAC,KAAK,MAAM;EAErH;EAEA,IAAIC,+BAA+BA,CAAA,EAAY;IAC7C,MAAMA,+BAA+B,GAAG,IAAA1D,wBAAe,EACrDC,uBAAY,CAACZ,mCAAmC,EAChDlB,iBAAiB,CAACkB,mCACpB,CAAC;IACD,OAAOqE,+BAA+B,KAAK,MAAM;EACnD;EAEA,IAAIC,YAAYA,CAAA,EAAiB;IAC/B,MAAMC,MAAM,GAAG;MACbC,SAAS,EAAE,IAAI,CAAChE,MAAM;MACtBiE,UAAU,EAAE,IAAI,CAAC5D,OAAO;MACxB6D,WAAW,EAAE,IAAI,CAACrD,QAAQ;MAC1BsD,QAAQ,EAAE,IAAI,CAACpD,KAAK;MACpBM,gBAAgB,EAAE,IAAI,CAACA,gBAAgB;MACvC+C,iBAAiB,EAAE,IAAI,CAACX;IAC1B,CAAC;IACD,OAAOM,MAAM;EACf;EAEAM,sBAAsBA,CAACC,OAA2C,EAAE;IAClE;IACA,IAAI,CAAAA,OAAO,oBAAPA,OAAO,CAAEX,cAAc,MAAKY,SAAS,EAAE;MACzC;IACF;IACA;IACA,IAAID,OAAO,CAACX,cAAc,IAAI,IAAI,CAACF,aAAa,EAAE;MAChD,MAAM,IAAIe,KAAK,CACb,gGAAgG,GAC9F,2HACJ,CAAC;IACH;EACF;AACF;AAAC,IAAAC,QAAA,GAAAC,OAAA,CAAAC,OAAA,GAGc,IAAIhF,MAAM,CAAC,CAAC","ignoreList":[]}
package/edge/getSessionOnEdge.js CHANGED
@@ -202,9 +202,9 @@ const handleHostedLoginCallback = async (req, pathname, searchParams) => {
202
202
  clientIp = requestHeaders['cf-connecting-ip'] || requestHeaders['x-forwarded-for'] || ((_socket2 = req.socket) == null ? void 0 : _socket2.remoteAddress);
203
203
  }
204
204
  if (clientIp && _config.default.shouldForwardIp) {
205
- var _config$clientSecret;
205
+ var _config$sharedSecret;
206
206
  headers[_utils.FRONTEGG_FORWARD_IP_HEADER] = clientIp;
207
- headers[_utils.FRONTEGG_CLIENT_SECRET_HEADER] = (_config$clientSecret = _config.default.clientSecret) != null ? _config$clientSecret : '';
207
+ headers[_utils.FRONTEGG_HEADERS_VERIFIER_HEADER] = (_config$sharedSecret = _config.default.sharedSecret) != null ? _config$sharedSecret : '';
208
208
  }
209
209
  const response = await _api.default.exchangeHostedLoginToken((0, _utils.buildRequestHeaders)(headers), code, _config.default.clientId, _config.default.clientSecret);
210
210
  const data = await response.json();
package/edge/getSessionOnEdge.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"getSessionOnEdge.js","names":["_cookies","_interopRequireDefault","require","_createSession","_encryptionEdge","_api","_server","_config","_jwt","_utils","_fronteggLogger","_refreshAccessTokenIfNeededOnEdge","_redirectToLogin","_shouldBypassMiddleware","logger","fronteggLogger","child","tag","handleSessionOnEdge","params","request","pathname","searchParams","headers","isHostedLoginCallback","handleHostedLoginCallback","shouldByPassMiddleware","NextResponse","next","edgeSession","checkSessionOnEdge","redirectToLogin","forwardedHeaders","exports","GET_SESSION_ON_EDGE_DEPRECATED_WARN","getSessionOnEdge","req","disableWarning","cookies","CookieManager","getSessionCookieFromRequest","info","createSession","encryptionEdge","sessionCookies","existingSession","debug","session","refreshAccessTokenIfNeededOnEdge","createSessionFromAccessTokenEdge","data","_data$accessToken","_data$refreshToken","accessToken","access_token","refreshToken","refresh_token","payload","decodedJwt","JwtManager","verify","expiresIn","Math","floor","exp","Date","now","tokens","sealTokens","_searchParams$get","_req$headers","code","get","clientIp","undefined","_socket","socket","remoteAddress","_socket2","requestHeaders","_extends2","default","config","shouldForwardIp","_config$clientSecret","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_CLIENT_SECRET_HEADER","clientSecret","response","api","exchangeHostedLoginToken","buildRequestHeaders","clientId","json","redirect","appUrl","isSecured","isSSL","cookieValue","create","value","expires","secure","cookieName","replace","rewriteCookieByAppId","appId","refreshCookie","sessionCookieHeaders","map","cookie","refreshCookieHeaders","secureJwtEnabled","startsWith"],"sources":["../../../../packages/nextjs/src/edge/getSessionOnEdge.ts"],"sourcesContent":["import type { IncomingMessage } from 'http';\nimport { FronteggEdgeSession, FronteggNextJSSession } from '../types';\nimport CookieManager from '../utils/cookies';\nimport createSession from '../utils/createSession';\nimport encryptionEdge from '../utils/encryption-edge';\nimport api from '../api';\nimport { type NextRequest, NextResponse } from 'next/server';\nimport config from '../config';\nimport JwtManager from '../utils/jwt';\nimport { buildRequestHeaders, FRONTEGG_CLIENT_SECRET_HEADER, FRONTEGG_FORWARD_IP_HEADER } from '../api/utils';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport { refreshAccessTokenIfNeededOnEdge } from './refreshAccessTokenIfNeededOnEdge';\nimport { redirectToLogin } from './redirectToLogin';\nimport { shouldByPassMiddleware } from './shouldBypassMiddleware';\n\nconst logger = fronteggLogger.child({ tag: 'EdgeRuntime.getSessionOnEdge' });\n\nexport type HandleSessionOnEdge = {\n request: IncomingMessage | Request;\n pathname: string;\n headers: NextRequest['headers'];\n searchParams: URLSearchParams;\n};\n\nexport const handleSessionOnEdge = async (params: HandleSessionOnEdge): Promise<NextResponse> => {\n const { request, pathname, searchParams, headers } = params;\n\n if (isHostedLoginCallback(pathname, searchParams)) {\n return handleHostedLoginCallback(request, pathname, searchParams);\n }\n\n if (shouldByPassMiddleware(pathname, headers /*, options: optional bypass configuration */)) {\n return NextResponse.next();\n }\n\n const edgeSession = await checkSessionOnEdge(request);\n if (!edgeSession) {\n return redirectToLogin(pathname, searchParams);\n }\n if (edgeSession.headers) {\n return NextResponse.next({\n headers: edgeSession.headers,\n request: {\n headers: edgeSession.forwardedHeaders,\n },\n });\n }\n return NextResponse.next();\n};\n\nconst GET_SESSION_ON_EDGE_DEPRECATED_WARN = `Deprecation Notice: getSessionOnEdge has been deprecated. Please use handleSessionOnEdge instead. For example:\n\nfile: middleware.ts\n\\`\\`\\`ts\n import { NextRequest } from 'next/server';\n import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n \n export const middleware = async (request: NextRequest) => {\n const { pathname, searchParams } = request.nextUrl;\n const headers = request.headers;\n \n // Additional logic if needed\n \n return handleSessionOnEdge({ request, pathname, searchParams, headers });\n };\n \n \n export const config = {\n matcher: '/(.*)',\n };\n\n\\`\\`\\`\n\nAlternatively, to manually verify the session, you can use checkSessionOnEdge. Note that this method does not redirect to the login page if the session is invalid.\n`;\n\n/**\n * getSessionOnEdge is deprecated, please use handleSessionOnEdge instead example:\n *\n * ```ts\n * import { NextRequest } from 'next/server';\n * import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n *\n * export const middleware = async (request: NextRequest) => {\n * const { pathname, searchParams } = request.nextUrl;\n * const headers = request.headers;\n *\n * // Additional logic if needed\n *\n * return handleSessionOnEdge({ request, pathname, searchParams, headers });\n * };\n *\n * export const config = {\n * matcher: '/(.*)',\n * };\n * ```\n * @deprecated\n */\n\nexport const getSessionOnEdge = (\n req: IncomingMessage | Request,\n disableWarning = false\n): Promise<FronteggNextJSSession | undefined> => {\n const logger = fronteggLogger.child({ tag: 'EdgeRuntime.getSessionOnEdge' });\n const cookies = CookieManager.getSessionCookieFromRequest(req);\n if (!disableWarning) {\n logger.info(GET_SESSION_ON_EDGE_DEPRECATED_WARN);\n }\n return createSession(cookies, encryptionEdge);\n};\n\n/**\n * Check session on edge and return session if exists this method does not redirect to login page\n * Example:\n *\n * ```ts\n * import { NextRequest } from 'next/server';\n * import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n *\n * export const middleware = async (request: NextRequest) => {\n * const { pathname, searchParams } = request.nextUrl;\n * const headers = request.headers;\n *\n * // Additional logic if needed\n *\n * // check if it's a hosted login callback\n * if (isHostedLoginCallback(pathname, searchParams)) {\n * return handleHostedLoginCallback(request, pathname, searchParams);\n * }\n *\n * // check if we should bypass the middleware\n * if (shouldByPassMiddleware(pathname)) {\n * return NextResponse.next();\n * }\n *\n * // check session\n * const session = await checkSessionOnEdge(request);\n *\n * if (!session) {\n * return redirectToLogin(pathname);\n * }\n *\n * // if headers are present forward them to the next response / request\n * if (session.headers) {\n * return NextResponse.next({\n * headers: edgeSession.headers,\n * request:{\n * headers: edgeSession.forwardedHeaders\n * }\n * });\n * }\n * return NextResponse.next();\n * };\n * ```\n *\n *\n * @param req\n */\nexport const checkSessionOnEdge = async (req: IncomingMessage | Request): Promise<FronteggEdgeSession | undefined> => {\n const sessionCookies = CookieManager.getSessionCookieFromRequest(req);\n let existingSession = await createSession(sessionCookies, encryptionEdge);\n if (existingSession) {\n logger.debug('session resolved from session cookie');\n return {\n session: existingSession,\n };\n }\n\n logger.debug('Failed to resolve session from cookie, going to refresh token');\n return refreshAccessTokenIfNeededOnEdge(req);\n};\n\nasync function createSessionFromAccessTokenEdge(data: any): Promise<[string, any, string] | []> {\n const accessToken = data.accessToken ?? data.access_token;\n const refreshToken = data.refreshToken ?? data.refresh_token;\n const { payload: decodedJwt }: any = await JwtManager.verify(accessToken);\n decodedJwt.expiresIn = Math.floor((decodedJwt.exp * 1000 - Date.now()) / 1000);\n\n const tokens = { accessToken, refreshToken };\n const session = await encryptionEdge.sealTokens(tokens, decodedJwt.exp);\n return [session, decodedJwt, refreshToken];\n}\n\nexport const handleHostedLoginCallback = async (\n req: IncomingMessage | Request,\n pathname: string,\n searchParams: URLSearchParams\n): Promise<NextResponse> => {\n if (!isHostedLoginCallback(pathname, searchParams)) {\n return NextResponse.next();\n }\n\n const code = searchParams.get('code') ?? '';\n\n let headers: Record<string, string> = {};\n let clientIp: string | undefined = undefined;\n if (typeof req.headers?.get === 'function') {\n clientIp =\n req.headers.get('cf-connecting-ip') || req.headers.get('x-forwarded-for') || (req as any).socket?.remoteAddress;\n } else if (typeof req.headers === 'object') {\n let requestHeaders: any = { ...req.headers };\n clientIp =\n requestHeaders['cf-connecting-ip'] || requestHeaders['x-forwarded-for'] || (req as any).socket?.remoteAddress;\n }\n\n if (clientIp && config.shouldForwardIp) {\n headers[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n headers[FRONTEGG_CLIENT_SECRET_HEADER] = config.clientSecret ?? '';\n }\n\n const response = await api.exchangeHostedLoginToken(\n buildRequestHeaders(headers),\n code,\n config.clientId,\n config.clientSecret!\n );\n\n const data = await response.json();\n\n const [session, decodedJwt, refreshToken] = await createSessionFromAccessTokenEdge(data);\n\n if (!session) {\n return NextResponse.redirect(config.appUrl);\n }\n const isSecured = config.isSSL;\n const cookieValue = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n });\n\n let cookieName = `fe_refresh_${config.clientId.replace('-', '')}`;\n if (config.rewriteCookieByAppId && config.appId) {\n cookieName = `fe_refresh_${config.appId.replace('-', '')}`;\n }\n const refreshCookie = CookieManager.create({\n cookieName,\n value: refreshToken ?? '',\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n });\n const sessionCookieHeaders: [string, string][] = cookieValue.map((cookie) => ['set-cookie', cookie]);\n const refreshCookieHeaders: [string, string][] = refreshCookie.map((cookie) => ['set-cookie', cookie]);\n\n return NextResponse.redirect(config.appUrl, {\n headers: [...sessionCookieHeaders, ...refreshCookieHeaders],\n });\n};\n\nexport const isHostedLoginCallback = (pathname: string, searchParams: URLSearchParams): boolean => {\n if (config.secureJwtEnabled) {\n if (pathname.startsWith('/oauth/callback')) {\n return searchParams.get('code') != null;\n }\n }\n return false;\n};\n"],"mappings":";;;;;;;;AAEA,IAAAA,QAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,cAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,eAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,IAAA,GAAAJ,sBAAA,CAAAC,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAN,sBAAA,CAAAC,OAAA;AACA,IAAAM,IAAA,GAAAP,sBAAA,CAAAC,OAAA;AACA,IAAAO,MAAA,GAAAP,OAAA;AACA,IAAAQ,eAAA,GAAAT,sBAAA,CAAAC,OAAA;AACA,IAAAS,iCAAA,GAAAT,OAAA;AACA,IAAAU,gBAAA,GAAAV,OAAA;AACA,IAAAW,uBAAA,GAAAX,OAAA;AAEA,MAAMY,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;EAAEC,GAAG,EAAE;AAA+B,CAAC,CAAC;AASrE,MAAMC,mBAAmB,GAAG,MAAOC,MAA2B,IAA4B;EAC/F,MAAM;IAAEC,OAAO;IAAEC,QAAQ;IAAEC,YAAY;IAAEC;EAAQ,CAAC,GAAGJ,MAAM;EAE3D,IAAIK,qBAAqB,CAACH,QAAQ,EAAEC,YAAY,CAAC,EAAE;IACjD,OAAOG,yBAAyB,CAACL,OAAO,EAAEC,QAAQ,EAAEC,YAAY,CAAC;EACnE;EAEA,IAAI,IAAAI,8CAAsB,EAACL,QAAQ,EAAEE,OAAO,CAAC,6CAA6C,CAAC,EAAE;IAC3F,OAAOI,oBAAY,CAACC,IAAI,CAAC,CAAC;EAC5B;EAEA,MAAMC,WAAW,GAAG,MAAMC,kBAAkB,CAACV,OAAO,CAAC;EACrD,IAAI,CAACS,WAAW,EAAE;IAChB,OAAO,IAAAE,gCAAe,EAACV,QAAQ,EAAEC,YAAY,CAAC;EAChD;EACA,IAAIO,WAAW,CAACN,OAAO,EAAE;IACvB,OAAOI,oBAAY,CAACC,IAAI,CAAC;MACvBL,OAAO,EAAEM,WAAW,CAACN,OAAO;MAC5BH,OAAO,EAAE;QACPG,OAAO,EAAEM,WAAW,CAACG;MACvB;IACF,CAAC,CAAC;EACJ;EACA,OAAOL,oBAAY,CAACC,IAAI,CAAC,CAAC;AAC5B,CAAC;AAACK,OAAA,CAAAf,mBAAA,GAAAA,mBAAA;AAEF,MAAMgB,mCAAmC,GAAG;AAC5C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEO,MAAMC,gBAAgB,GAAGA,CAC9BC,GAA8B,EAC9BC,cAAc,GAAG,KAAK,KACyB;EAC/C,MAAMvB,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA+B,CAAC,CAAC;EAC5E,MAAMqB,OAAO,GAAGC,gBAAa,CAACC,2BAA2B,CAACJ,GAAG,CAAC;EAC9D,IAAI,CAACC,cAAc,EAAE;IACnBvB,MAAM,CAAC2B,IAAI,CAACP,mCAAmC,CAAC;EAClD;EACA,OAAO,IAAAQ,sBAAa,EAACJ,OAAO,EAAEK,uBAAc,CAAC;AAC/C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA9CAV,OAAA,CAAAE,gBAAA,GAAAA,gBAAA;AA+CO,MAAML,kBAAkB,GAAG,MAAOM,GAA8B,IAA+C;EACpH,MAAMQ,cAAc,GAAGL,gBAAa,CAACC,2BAA2B,CAACJ,GAAG,CAAC;EACrE,IAAIS,eAAe,GAAG,MAAM,IAAAH,sBAAa,EAACE,cAAc,EAAED,uBAAc,CAAC;EACzE,IAAIE,eAAe,EAAE;IACnB/B,MAAM,CAACgC,KAAK,CAAC,sCAAsC,CAAC;IACpD,OAAO;MACLC,OAAO,EAAEF;IACX,CAAC;EACH;EAEA/B,MAAM,CAACgC,KAAK,CAAC,+DAA+D,CAAC;EAC7E,OAAO,IAAAE,kEAAgC,EAACZ,GAAG,CAAC;AAC9C,CAAC;AAACH,OAAA,CAAAH,kBAAA,GAAAA,kBAAA;AAEF,eAAemB,gCAAgCA,CAACC,IAAS,EAAuC;EAAA,IAAAC,iBAAA,EAAAC,kBAAA;EAC9F,MAAMC,WAAW,IAAAF,iBAAA,GAAGD,IAAI,CAACG,WAAW,YAAAF,iBAAA,GAAID,IAAI,CAACI,YAAY;EACzD,MAAMC,YAAY,IAAAH,kBAAA,GAAGF,IAAI,CAACK,YAAY,YAAAH,kBAAA,GAAIF,IAAI,CAACM,aAAa;EAC5D,MAAM;IAAEC,OAAO,EAAEC;EAAgB,CAAC,GAAG,MAAMC,YAAU,CAACC,MAAM,CAACP,WAAW,CAAC;EACzEK,UAAU,CAACG,SAAS,GAAGC,IAAI,CAACC,KAAK,CAAC,CAACL,UAAU,CAACM,GAAG,GAAG,IAAI,GAAGC,IAAI,CAACC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC;EAE9E,MAAMC,MAAM,GAAG;IAAEd,WAAW;IAAEE;EAAa,CAAC;EAC5C,MAAMR,OAAO,GAAG,MAAMJ,uBAAc,CAACyB,UAAU,CAACD,MAAM,EAAET,UAAU,CAACM,GAAG,CAAC;EACvE,OAAO,CAACjB,OAAO,EAAEW,UAAU,EAAEH,YAAY,CAAC;AAC5C;AAEO,MAAM9B,yBAAyB,GAAG,MAAAA,CACvCW,GAA8B,EAC9Bf,QAAgB,EAChBC,YAA6B,KACH;EAAA,IAAA+C,iBAAA,EAAAC,YAAA;EAC1B,IAAI,CAAC9C,qBAAqB,CAACH,QAAQ,EAAEC,YAAY,CAAC,EAAE;IAClD,OAAOK,oBAAY,CAACC,IAAI,CAAC,CAAC;EAC5B;EAEA,MAAM2C,IAAI,IAAAF,iBAAA,GAAG/C,YAAY,CAACkD,GAAG,CAAC,MAAM,CAAC,YAAAH,iBAAA,GAAI,EAAE;EAE3C,IAAI9C,OAA+B,GAAG,CAAC,CAAC;EACxC,IAAIkD,QAA4B,GAAGC,SAAS;EAC5C,IAAI,SAAAJ,YAAA,GAAOlC,GAAG,CAACb,OAAO,qBAAX+C,YAAA,CAAaE,GAAG,MAAK,UAAU,EAAE;IAAA,IAAAG,OAAA;IAC1CF,QAAQ,GACNrC,GAAG,CAACb,OAAO,CAACiD,GAAG,CAAC,kBAAkB,CAAC,IAAIpC,GAAG,CAACb,OAAO,CAACiD,GAAG,CAAC,iBAAiB,CAAC,MAAAG,OAAA,GAAKvC,GAAG,CAASwC,MAAM,qBAAnBD,OAAA,CAAqBE,aAAa;EACnH,CAAC,MAAM,IAAI,OAAOzC,GAAG,CAACb,OAAO,KAAK,QAAQ,EAAE;IAAA,IAAAuD,QAAA;IAC1C,IAAIC,cAAmB,OAAAC,SAAA,CAAAC,OAAA,MAAQ7C,GAAG,CAACb,OAAO,CAAE;IAC5CkD,QAAQ,GACNM,cAAc,CAAC,kBAAkB,CAAC,IAAIA,cAAc,CAAC,iBAAiB,CAAC,MAAAD,QAAA,GAAK1C,GAAG,CAASwC,MAAM,qBAAnBE,QAAA,CAAqBD,aAAa;EACjH;EAEA,IAAIJ,QAAQ,IAAIS,eAAM,CAACC,eAAe,EAAE;IAAA,IAAAC,oBAAA;IACtC7D,OAAO,CAAC8D,iCAA0B,CAAC,GAAGZ,QAAQ;IAC9ClD,OAAO,CAAC+D,oCAA6B,CAAC,IAAAF,oBAAA,GAAGF,eAAM,CAACK,YAAY,YAAAH,oBAAA,GAAI,EAAE;EACpE;EAEA,MAAMI,QAAQ,GAAG,MAAMC,YAAG,CAACC,wBAAwB,CACjD,IAAAC,0BAAmB,EAACpE,OAAO,CAAC,EAC5BgD,IAAI,EACJW,eAAM,CAACU,QAAQ,EACfV,eAAM,CAACK,YACT,CAAC;EAED,MAAMrC,IAAI,GAAG,MAAMsC,QAAQ,CAACK,IAAI,CAAC,CAAC;EAElC,MAAM,CAAC9C,OAAO,EAAEW,UAAU,EAAEH,YAAY,CAAC,GAAG,MAAMN,gCAAgC,CAACC,IAAI,CAAC;EAExF,IAAI,CAACH,OAAO,EAAE;IACZ,OAAOpB,oBAAY,CAACmE,QAAQ,CAACZ,eAAM,CAACa,MAAM,CAAC;EAC7C;EACA,MAAMC,SAAS,GAAGd,eAAM,CAACe,KAAK;EAC9B,MAAMC,WAAW,GAAG3D,gBAAa,CAAC4D,MAAM,CAAC;IACvCC,KAAK,EAAErD,OAAO;IACdsD,OAAO,EAAE,IAAIpC,IAAI,CAACP,UAAU,CAACM,GAAG,GAAG,IAAI,CAAC;IACxCsC,MAAM,EAAEN;EACV,CAAC,CAAC;EAEF,IAAIO,UAAU,GAAG,cAAcrB,eAAM,CAACU,QAAQ,CAACY,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;EACjE,IAAItB,eAAM,CAACuB,oBAAoB,IAAIvB,eAAM,CAACwB,KAAK,EAAE;IAC/CH,UAAU,GAAG,cAAcrB,eAAM,CAACwB,KAAK,CAACF,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;EAC5D;EACA,MAAMG,aAAa,GAAGpE,gBAAa,CAAC4D,MAAM,CAAC;IACzCI,UAAU;IACVH,KAAK,EAAE7C,YAAY,WAAZA,YAAY,GAAI,EAAE;IACzB8C,OAAO,EAAE,IAAIpC,IAAI,CAACP,UAAU,CAACM,GAAG,GAAG,IAAI,CAAC;IACxCsC,MAAM,EAAEN;EACV,CAAC,CAAC;EACF,MAAMY,oBAAwC,GAAGV,WAAW,CAACW,GAAG,CAAEC,MAAM,IAAK,CAAC,YAAY,EAAEA,MAAM,CAAC,CAAC;EACpG,MAAMC,oBAAwC,GAAGJ,aAAa,CAACE,GAAG,CAAEC,MAAM,IAAK,CAAC,YAAY,EAAEA,MAAM,CAAC,CAAC;EAEtG,OAAOnF,oBAAY,CAACmE,QAAQ,CAACZ,eAAM,CAACa,MAAM,EAAE;IAC1CxE,OAAO,EAAE,CAAC,GAAGqF,oBAAoB,EAAE,GAAGG,oBAAoB;EAC5D,CAAC,CAAC;AACJ,CAAC;AAAC9E,OAAA,CAAAR,yBAAA,GAAAA,yBAAA;AAEK,MAAMD,qBAAqB,GAAGA,CAACH,QAAgB,EAAEC,YAA6B,KAAc;EACjG,IAAI4D,eAAM,CAAC8B,gBAAgB,EAAE;IAC3B,IAAI3F,QAAQ,CAAC4F,UAAU,CAAC,iBAAiB,CAAC,EAAE;MAC1C,OAAO3F,YAAY,CAACkD,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI;IACzC;EACF;EACA,OAAO,KAAK;AACd,CAAC;AAACvC,OAAA,CAAAT,qBAAA,GAAAA,qBAAA","ignoreList":[]}
1
+ {"version":3,"file":"getSessionOnEdge.js","names":["_cookies","_interopRequireDefault","require","_createSession","_encryptionEdge","_api","_server","_config","_jwt","_utils","_fronteggLogger","_refreshAccessTokenIfNeededOnEdge","_redirectToLogin","_shouldBypassMiddleware","logger","fronteggLogger","child","tag","handleSessionOnEdge","params","request","pathname","searchParams","headers","isHostedLoginCallback","handleHostedLoginCallback","shouldByPassMiddleware","NextResponse","next","edgeSession","checkSessionOnEdge","redirectToLogin","forwardedHeaders","exports","GET_SESSION_ON_EDGE_DEPRECATED_WARN","getSessionOnEdge","req","disableWarning","cookies","CookieManager","getSessionCookieFromRequest","info","createSession","encryptionEdge","sessionCookies","existingSession","debug","session","refreshAccessTokenIfNeededOnEdge","createSessionFromAccessTokenEdge","data","_data$accessToken","_data$refreshToken","accessToken","access_token","refreshToken","refresh_token","payload","decodedJwt","JwtManager","verify","expiresIn","Math","floor","exp","Date","now","tokens","sealTokens","_searchParams$get","_req$headers","code","get","clientIp","undefined","_socket","socket","remoteAddress","_socket2","requestHeaders","_extends2","default","config","shouldForwardIp","_config$sharedSecret","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","sharedSecret","response","api","exchangeHostedLoginToken","buildRequestHeaders","clientId","clientSecret","json","redirect","appUrl","isSecured","isSSL","cookieValue","create","value","expires","secure","cookieName","replace","rewriteCookieByAppId","appId","refreshCookie","sessionCookieHeaders","map","cookie","refreshCookieHeaders","secureJwtEnabled","startsWith"],"sources":["../../../../packages/nextjs/src/edge/getSessionOnEdge.ts"],"sourcesContent":["import type { IncomingMessage } from 'http';\nimport { FronteggEdgeSession, FronteggNextJSSession } from '../types';\nimport CookieManager from '../utils/cookies';\nimport createSession from '../utils/createSession';\nimport encryptionEdge from '../utils/encryption-edge';\nimport api from '../api';\nimport { type NextRequest, NextResponse } from 'next/server';\nimport config from '../config';\nimport JwtManager from '../utils/jwt';\nimport { buildRequestHeaders, FRONTEGG_HEADERS_VERIFIER_HEADER, FRONTEGG_FORWARD_IP_HEADER } from '../api/utils';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport { refreshAccessTokenIfNeededOnEdge } from './refreshAccessTokenIfNeededOnEdge';\nimport { redirectToLogin } from './redirectToLogin';\nimport { shouldByPassMiddleware } from './shouldBypassMiddleware';\n\nconst logger = fronteggLogger.child({ tag: 'EdgeRuntime.getSessionOnEdge' });\n\nexport type HandleSessionOnEdge = {\n request: IncomingMessage | Request;\n pathname: string;\n headers: NextRequest['headers'];\n searchParams: URLSearchParams;\n};\n\nexport const handleSessionOnEdge = async (params: HandleSessionOnEdge): Promise<NextResponse> => {\n const { request, pathname, searchParams, headers } = params;\n\n if (isHostedLoginCallback(pathname, searchParams)) {\n return handleHostedLoginCallback(request, pathname, searchParams);\n }\n\n if (shouldByPassMiddleware(pathname, headers /*, options: optional bypass configuration */)) {\n return NextResponse.next();\n }\n\n const edgeSession = await checkSessionOnEdge(request);\n if (!edgeSession) {\n return redirectToLogin(pathname, searchParams);\n }\n if (edgeSession.headers) {\n return NextResponse.next({\n headers: edgeSession.headers,\n request: {\n headers: edgeSession.forwardedHeaders,\n },\n });\n }\n return NextResponse.next();\n};\n\nconst GET_SESSION_ON_EDGE_DEPRECATED_WARN = `Deprecation Notice: getSessionOnEdge has been deprecated. Please use handleSessionOnEdge instead. For example:\n\nfile: middleware.ts\n\\`\\`\\`ts\n import { NextRequest } from 'next/server';\n import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n \n export const middleware = async (request: NextRequest) => {\n const { pathname, searchParams } = request.nextUrl;\n const headers = request.headers;\n \n // Additional logic if needed\n \n return handleSessionOnEdge({ request, pathname, searchParams, headers });\n };\n \n \n export const config = {\n matcher: '/(.*)',\n };\n\n\\`\\`\\`\n\nAlternatively, to manually verify the session, you can use checkSessionOnEdge. Note that this method does not redirect to the login page if the session is invalid.\n`;\n\n/**\n * getSessionOnEdge is deprecated, please use handleSessionOnEdge instead example:\n *\n * ```ts\n * import { NextRequest } from 'next/server';\n * import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n *\n * export const middleware = async (request: NextRequest) => {\n * const { pathname, searchParams } = request.nextUrl;\n * const headers = request.headers;\n *\n * // Additional logic if needed\n *\n * return handleSessionOnEdge({ request, pathname, searchParams, headers });\n * };\n *\n * export const config = {\n * matcher: '/(.*)',\n * };\n * ```\n * @deprecated\n */\n\nexport const getSessionOnEdge = (\n req: IncomingMessage | Request,\n disableWarning = false\n): Promise<FronteggNextJSSession | undefined> => {\n const logger = fronteggLogger.child({ tag: 'EdgeRuntime.getSessionOnEdge' });\n const cookies = CookieManager.getSessionCookieFromRequest(req);\n if (!disableWarning) {\n logger.info(GET_SESSION_ON_EDGE_DEPRECATED_WARN);\n }\n return createSession(cookies, encryptionEdge);\n};\n\n/**\n * Check session on edge and return session if exists this method does not redirect to login page\n * Example:\n *\n * ```ts\n * import { NextRequest } from 'next/server';\n * import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n *\n * export const middleware = async (request: NextRequest) => {\n * const { pathname, searchParams } = request.nextUrl;\n * const headers = request.headers;\n *\n * // Additional logic if needed\n *\n * // check if it's a hosted login callback\n * if (isHostedLoginCallback(pathname, searchParams)) {\n * return handleHostedLoginCallback(request, pathname, searchParams);\n * }\n *\n * // check if we should bypass the middleware\n * if (shouldByPassMiddleware(pathname)) {\n * return NextResponse.next();\n * }\n *\n * // check session\n * const session = await checkSessionOnEdge(request);\n *\n * if (!session) {\n * return redirectToLogin(pathname);\n * }\n *\n * // if headers are present forward them to the next response / request\n * if (session.headers) {\n * return NextResponse.next({\n * headers: edgeSession.headers,\n * request:{\n * headers: edgeSession.forwardedHeaders\n * }\n * });\n * }\n * return NextResponse.next();\n * };\n * ```\n *\n *\n * @param req\n */\nexport const checkSessionOnEdge = async (req: IncomingMessage | Request): Promise<FronteggEdgeSession | undefined> => {\n const sessionCookies = CookieManager.getSessionCookieFromRequest(req);\n let existingSession = await createSession(sessionCookies, encryptionEdge);\n if (existingSession) {\n logger.debug('session resolved from session cookie');\n return {\n session: existingSession,\n };\n }\n\n logger.debug('Failed to resolve session from cookie, going to refresh token');\n return refreshAccessTokenIfNeededOnEdge(req);\n};\n\nasync function createSessionFromAccessTokenEdge(data: any): Promise<[string, any, string] | []> {\n const accessToken = data.accessToken ?? data.access_token;\n const refreshToken = data.refreshToken ?? data.refresh_token;\n const { payload: decodedJwt }: any = await JwtManager.verify(accessToken);\n decodedJwt.expiresIn = Math.floor((decodedJwt.exp * 1000 - Date.now()) / 1000);\n\n const tokens = { accessToken, refreshToken };\n const session = await encryptionEdge.sealTokens(tokens, decodedJwt.exp);\n return [session, decodedJwt, refreshToken];\n}\n\nexport const handleHostedLoginCallback = async (\n req: IncomingMessage | Request,\n pathname: string,\n searchParams: URLSearchParams\n): Promise<NextResponse> => {\n if (!isHostedLoginCallback(pathname, searchParams)) {\n return NextResponse.next();\n }\n\n const code = searchParams.get('code') ?? '';\n\n let headers: Record<string, string> = {};\n let clientIp: string | undefined = undefined;\n if (typeof req.headers?.get === 'function') {\n clientIp =\n req.headers.get('cf-connecting-ip') || req.headers.get('x-forwarded-for') || (req as any).socket?.remoteAddress;\n } else if (typeof req.headers === 'object') {\n let requestHeaders: any = { ...req.headers };\n clientIp =\n requestHeaders['cf-connecting-ip'] || requestHeaders['x-forwarded-for'] || (req as any).socket?.remoteAddress;\n }\n\n if (clientIp && config.shouldForwardIp) {\n headers[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n headers[FRONTEGG_HEADERS_VERIFIER_HEADER] = config.sharedSecret ?? '';\n }\n\n const response = await api.exchangeHostedLoginToken(\n buildRequestHeaders(headers),\n code,\n config.clientId,\n config.clientSecret!\n );\n\n const data = await response.json();\n\n const [session, decodedJwt, refreshToken] = await createSessionFromAccessTokenEdge(data);\n\n if (!session) {\n return NextResponse.redirect(config.appUrl);\n }\n const isSecured = config.isSSL;\n const cookieValue = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n });\n\n let cookieName = `fe_refresh_${config.clientId.replace('-', '')}`;\n if (config.rewriteCookieByAppId && config.appId) {\n cookieName = `fe_refresh_${config.appId.replace('-', '')}`;\n }\n const refreshCookie = CookieManager.create({\n cookieName,\n value: refreshToken ?? '',\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n });\n const sessionCookieHeaders: [string, string][] = cookieValue.map((cookie) => ['set-cookie', cookie]);\n const refreshCookieHeaders: [string, string][] = refreshCookie.map((cookie) => ['set-cookie', cookie]);\n\n return NextResponse.redirect(config.appUrl, {\n headers: [...sessionCookieHeaders, ...refreshCookieHeaders],\n });\n};\n\nexport const isHostedLoginCallback = (pathname: string, searchParams: URLSearchParams): boolean => {\n if (config.secureJwtEnabled) {\n if (pathname.startsWith('/oauth/callback')) {\n return searchParams.get('code') != null;\n }\n }\n return false;\n};\n"],"mappings":";;;;;;;;AAEA,IAAAA,QAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,cAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,eAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,IAAA,GAAAJ,sBAAA,CAAAC,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAN,sBAAA,CAAAC,OAAA;AACA,IAAAM,IAAA,GAAAP,sBAAA,CAAAC,OAAA;AACA,IAAAO,MAAA,GAAAP,OAAA;AACA,IAAAQ,eAAA,GAAAT,sBAAA,CAAAC,OAAA;AACA,IAAAS,iCAAA,GAAAT,OAAA;AACA,IAAAU,gBAAA,GAAAV,OAAA;AACA,IAAAW,uBAAA,GAAAX,OAAA;AAEA,MAAMY,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;EAAEC,GAAG,EAAE;AAA+B,CAAC,CAAC;AASrE,MAAMC,mBAAmB,GAAG,MAAOC,MAA2B,IAA4B;EAC/F,MAAM;IAAEC,OAAO;IAAEC,QAAQ;IAAEC,YAAY;IAAEC;EAAQ,CAAC,GAAGJ,MAAM;EAE3D,IAAIK,qBAAqB,CAACH,QAAQ,EAAEC,YAAY,CAAC,EAAE;IACjD,OAAOG,yBAAyB,CAACL,OAAO,EAAEC,QAAQ,EAAEC,YAAY,CAAC;EACnE;EAEA,IAAI,IAAAI,8CAAsB,EAACL,QAAQ,EAAEE,OAAO,CAAC,6CAA6C,CAAC,EAAE;IAC3F,OAAOI,oBAAY,CAACC,IAAI,CAAC,CAAC;EAC5B;EAEA,MAAMC,WAAW,GAAG,MAAMC,kBAAkB,CAACV,OAAO,CAAC;EACrD,IAAI,CAACS,WAAW,EAAE;IAChB,OAAO,IAAAE,gCAAe,EAACV,QAAQ,EAAEC,YAAY,CAAC;EAChD;EACA,IAAIO,WAAW,CAACN,OAAO,EAAE;IACvB,OAAOI,oBAAY,CAACC,IAAI,CAAC;MACvBL,OAAO,EAAEM,WAAW,CAACN,OAAO;MAC5BH,OAAO,EAAE;QACPG,OAAO,EAAEM,WAAW,CAACG;MACvB;IACF,CAAC,CAAC;EACJ;EACA,OAAOL,oBAAY,CAACC,IAAI,CAAC,CAAC;AAC5B,CAAC;AAACK,OAAA,CAAAf,mBAAA,GAAAA,mBAAA;AAEF,MAAMgB,mCAAmC,GAAG;AAC5C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEO,MAAMC,gBAAgB,GAAGA,CAC9BC,GAA8B,EAC9BC,cAAc,GAAG,KAAK,KACyB;EAC/C,MAAMvB,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA+B,CAAC,CAAC;EAC5E,MAAMqB,OAAO,GAAGC,gBAAa,CAACC,2BAA2B,CAACJ,GAAG,CAAC;EAC9D,IAAI,CAACC,cAAc,EAAE;IACnBvB,MAAM,CAAC2B,IAAI,CAACP,mCAAmC,CAAC;EAClD;EACA,OAAO,IAAAQ,sBAAa,EAACJ,OAAO,EAAEK,uBAAc,CAAC;AAC/C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA9CAV,OAAA,CAAAE,gBAAA,GAAAA,gBAAA;AA+CO,MAAML,kBAAkB,GAAG,MAAOM,GAA8B,IAA+C;EACpH,MAAMQ,cAAc,GAAGL,gBAAa,CAACC,2BAA2B,CAACJ,GAAG,CAAC;EACrE,IAAIS,eAAe,GAAG,MAAM,IAAAH,sBAAa,EAACE,cAAc,EAAED,uBAAc,CAAC;EACzE,IAAIE,eAAe,EAAE;IACnB/B,MAAM,CAACgC,KAAK,CAAC,sCAAsC,CAAC;IACpD,OAAO;MACLC,OAAO,EAAEF;IACX,CAAC;EACH;EAEA/B,MAAM,CAACgC,KAAK,CAAC,+DAA+D,CAAC;EAC7E,OAAO,IAAAE,kEAAgC,EAACZ,GAAG,CAAC;AAC9C,CAAC;AAACH,OAAA,CAAAH,kBAAA,GAAAA,kBAAA;AAEF,eAAemB,gCAAgCA,CAACC,IAAS,EAAuC;EAAA,IAAAC,iBAAA,EAAAC,kBAAA;EAC9F,MAAMC,WAAW,IAAAF,iBAAA,GAAGD,IAAI,CAACG,WAAW,YAAAF,iBAAA,GAAID,IAAI,CAACI,YAAY;EACzD,MAAMC,YAAY,IAAAH,kBAAA,GAAGF,IAAI,CAACK,YAAY,YAAAH,kBAAA,GAAIF,IAAI,CAACM,aAAa;EAC5D,MAAM;IAAEC,OAAO,EAAEC;EAAgB,CAAC,GAAG,MAAMC,YAAU,CAACC,MAAM,CAACP,WAAW,CAAC;EACzEK,UAAU,CAACG,SAAS,GAAGC,IAAI,CAACC,KAAK,CAAC,CAACL,UAAU,CAACM,GAAG,GAAG,IAAI,GAAGC,IAAI,CAACC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC;EAE9E,MAAMC,MAAM,GAAG;IAAEd,WAAW;IAAEE;EAAa,CAAC;EAC5C,MAAMR,OAAO,GAAG,MAAMJ,uBAAc,CAACyB,UAAU,CAACD,MAAM,EAAET,UAAU,CAACM,GAAG,CAAC;EACvE,OAAO,CAACjB,OAAO,EAAEW,UAAU,EAAEH,YAAY,CAAC;AAC5C;AAEO,MAAM9B,yBAAyB,GAAG,MAAAA,CACvCW,GAA8B,EAC9Bf,QAAgB,EAChBC,YAA6B,KACH;EAAA,IAAA+C,iBAAA,EAAAC,YAAA;EAC1B,IAAI,CAAC9C,qBAAqB,CAACH,QAAQ,EAAEC,YAAY,CAAC,EAAE;IAClD,OAAOK,oBAAY,CAACC,IAAI,CAAC,CAAC;EAC5B;EAEA,MAAM2C,IAAI,IAAAF,iBAAA,GAAG/C,YAAY,CAACkD,GAAG,CAAC,MAAM,CAAC,YAAAH,iBAAA,GAAI,EAAE;EAE3C,IAAI9C,OAA+B,GAAG,CAAC,CAAC;EACxC,IAAIkD,QAA4B,GAAGC,SAAS;EAC5C,IAAI,SAAAJ,YAAA,GAAOlC,GAAG,CAACb,OAAO,qBAAX+C,YAAA,CAAaE,GAAG,MAAK,UAAU,EAAE;IAAA,IAAAG,OAAA;IAC1CF,QAAQ,GACNrC,GAAG,CAACb,OAAO,CAACiD,GAAG,CAAC,kBAAkB,CAAC,IAAIpC,GAAG,CAACb,OAAO,CAACiD,GAAG,CAAC,iBAAiB,CAAC,MAAAG,OAAA,GAAKvC,GAAG,CAASwC,MAAM,qBAAnBD,OAAA,CAAqBE,aAAa;EACnH,CAAC,MAAM,IAAI,OAAOzC,GAAG,CAACb,OAAO,KAAK,QAAQ,EAAE;IAAA,IAAAuD,QAAA;IAC1C,IAAIC,cAAmB,OAAAC,SAAA,CAAAC,OAAA,MAAQ7C,GAAG,CAACb,OAAO,CAAE;IAC5CkD,QAAQ,GACNM,cAAc,CAAC,kBAAkB,CAAC,IAAIA,cAAc,CAAC,iBAAiB,CAAC,MAAAD,QAAA,GAAK1C,GAAG,CAASwC,MAAM,qBAAnBE,QAAA,CAAqBD,aAAa;EACjH;EAEA,IAAIJ,QAAQ,IAAIS,eAAM,CAACC,eAAe,EAAE;IAAA,IAAAC,oBAAA;IACtC7D,OAAO,CAAC8D,iCAA0B,CAAC,GAAGZ,QAAQ;IAC9ClD,OAAO,CAAC+D,uCAAgC,CAAC,IAAAF,oBAAA,GAAGF,eAAM,CAACK,YAAY,YAAAH,oBAAA,GAAI,EAAE;EACvE;EAEA,MAAMI,QAAQ,GAAG,MAAMC,YAAG,CAACC,wBAAwB,CACjD,IAAAC,0BAAmB,EAACpE,OAAO,CAAC,EAC5BgD,IAAI,EACJW,eAAM,CAACU,QAAQ,EACfV,eAAM,CAACW,YACT,CAAC;EAED,MAAM3C,IAAI,GAAG,MAAMsC,QAAQ,CAACM,IAAI,CAAC,CAAC;EAElC,MAAM,CAAC/C,OAAO,EAAEW,UAAU,EAAEH,YAAY,CAAC,GAAG,MAAMN,gCAAgC,CAACC,IAAI,CAAC;EAExF,IAAI,CAACH,OAAO,EAAE;IACZ,OAAOpB,oBAAY,CAACoE,QAAQ,CAACb,eAAM,CAACc,MAAM,CAAC;EAC7C;EACA,MAAMC,SAAS,GAAGf,eAAM,CAACgB,KAAK;EAC9B,MAAMC,WAAW,GAAG5D,gBAAa,CAAC6D,MAAM,CAAC;IACvCC,KAAK,EAAEtD,OAAO;IACduD,OAAO,EAAE,IAAIrC,IAAI,CAACP,UAAU,CAACM,GAAG,GAAG,IAAI,CAAC;IACxCuC,MAAM,EAAEN;EACV,CAAC,CAAC;EAEF,IAAIO,UAAU,GAAG,cAActB,eAAM,CAACU,QAAQ,CAACa,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;EACjE,IAAIvB,eAAM,CAACwB,oBAAoB,IAAIxB,eAAM,CAACyB,KAAK,EAAE;IAC/CH,UAAU,GAAG,cAActB,eAAM,CAACyB,KAAK,CAACF,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;EAC5D;EACA,MAAMG,aAAa,GAAGrE,gBAAa,CAAC6D,MAAM,CAAC;IACzCI,UAAU;IACVH,KAAK,EAAE9C,YAAY,WAAZA,YAAY,GAAI,EAAE;IACzB+C,OAAO,EAAE,IAAIrC,IAAI,CAACP,UAAU,CAACM,GAAG,GAAG,IAAI,CAAC;IACxCuC,MAAM,EAAEN;EACV,CAAC,CAAC;EACF,MAAMY,oBAAwC,GAAGV,WAAW,CAACW,GAAG,CAAEC,MAAM,IAAK,CAAC,YAAY,EAAEA,MAAM,CAAC,CAAC;EACpG,MAAMC,oBAAwC,GAAGJ,aAAa,CAACE,GAAG,CAAEC,MAAM,IAAK,CAAC,YAAY,EAAEA,MAAM,CAAC,CAAC;EAEtG,OAAOpF,oBAAY,CAACoE,QAAQ,CAACb,eAAM,CAACc,MAAM,EAAE;IAC1CzE,OAAO,EAAE,CAAC,GAAGsF,oBAAoB,EAAE,GAAGG,oBAAoB;EAC5D,CAAC,CAAC;AACJ,CAAC;AAAC/E,OAAA,CAAAR,yBAAA,GAAAA,yBAAA;AAEK,MAAMD,qBAAqB,GAAGA,CAACH,QAAgB,EAAEC,YAA6B,KAAc;EACjG,IAAI4D,eAAM,CAAC+B,gBAAgB,EAAE;IAC3B,IAAI5F,QAAQ,CAAC6F,UAAU,CAAC,iBAAiB,CAAC,EAAE;MAC1C,OAAO5F,YAAY,CAACkD,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI;IACzC;EACF;EACA,OAAO,KAAK;AACd,CAAC;AAACvC,OAAA,CAAAT,qBAAA,GAAAA,qBAAA","ignoreList":[]}
package/index.js CHANGED
@@ -1,4 +1,4 @@
1
- /** @license Frontegg v9.2.2-alpha.13033875737
1
+ /** @license Frontegg v9.2.2-alpha.13540668007
2
2
  *
3
3
  * This source code is licensed under the MIT license found in the
4
4
  * LICENSE file in the root directory of this source tree.
package/middleware/ProxyRequestCallback.js CHANGED
@@ -50,9 +50,9 @@ const ProxyRequestCallback = (proxyReq, req) => {
50
50
  proxyReq.setHeader('x-frontegg-middleware', 'true');
51
51
  const clientIp = req.headers['cf-connecting-ip'] || req.headers['x-forwarded-for'];
52
52
  if (clientIp && _config.default.shouldForwardIp) {
53
- var _config$clientSecret;
53
+ var _config$sharedSecret;
54
54
  proxyReq.setHeader(_utils.FRONTEGG_FORWARD_IP_HEADER, `${clientIp}`);
55
- proxyReq.setHeader(_utils.FRONTEGG_CLIENT_SECRET_HEADER, (_config$clientSecret = _config.default.clientSecret) != null ? _config$clientSecret : '');
55
+ proxyReq.setHeader(_utils.FRONTEGG_HEADERS_VERIFIER_HEADER, (_config$sharedSecret = _config.default.sharedSecret) != null ? _config$sharedSecret : '');
56
56
  }
57
57
  if ((0, _helpers.isRefreshTokenRequest)(req.url)) {
58
58
  logger.debug(`${req.url} | removing Authorization header`);
package/middleware/ProxyRequestCallback.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ProxyRequestCallback.js","names":["_package","_interopRequireDefault","require","_sdkVersion","_config","_cookies","_fronteggLogger","_helpers","_utils","_constants","logger","fronteggLogger","child","tag","ProxyRequestCallback","proxyReq","req","_req$headers$xFronte","_req$headers$xFronte2","info","url","debug","allCookies","CookieManager","parseCookieHeader","fronteggCookiesNames","Object","keys","filter","cookieName","startsWith","config","join","modifiedCookies","forEach","requestCookieName","rewriteCookieByAppId","appId","replace","clientId","setHeader","headers","NextJsPkg","version","sdkVersion","clientIp","shouldForwardIp","_config$clientSecret","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_CLIENT_SECRET_HEADER","clientSecret","isRefreshTokenRequest","removeHeader","headersToRemove","map","header","method","body","bodyData","JSON","stringify","Buffer","byteLength","write","e","error","_default","exports","default"],"sources":["../../../../packages/nextjs/src/middleware/ProxyRequestCallback.ts"],"sourcesContent":["import NextJsPkg from 'next/package.json';\nimport { ProxyReqCallback } from 'http-proxy';\nimport { ClientRequest } from 'http';\nimport { NextApiRequest } from 'next';\nimport sdkVersion from '../sdkVersion';\nimport config from '../config';\nimport CookieManager from '../utils/cookies';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport { isRefreshTokenRequest } from '../utils/refreshAccessTokenIfNeeded/helpers';\nimport { FRONTEGG_CLIENT_SECRET_HEADER, FRONTEGG_FORWARD_IP_HEADER } from '../api/utils';\nimport { headersToRemove } from './constants';\n\nconst logger = fronteggLogger.child({ tag: 'FronteggApiMiddleware.ProxyRequestCallback' });\n/**\n * Proxy request callback fired on before each request to Frontegg services,\n * to transport frontegg cookies.\n *\n * @param {ClientRequest} proxyReq - Proxy request to be sent\n * @param {NextApiRequest} req - Next.js incoming request\n */\nconst ProxyRequestCallback: ProxyReqCallback<ClientRequest, NextApiRequest> = (proxyReq, req) => {\n try {\n logger.info(`${req.url} | Going to proxy request`);\n logger.debug(`${req.url} | parsing request cookies`);\n const allCookies = CookieManager.parseCookieHeader(req);\n logger.debug(`${req.url} | found ${allCookies} cookies`);\n const fronteggCookiesNames = Object.keys(allCookies).filter((cookieName) => {\n return cookieName.startsWith('fe_') && !cookieName.startsWith(config.cookieName);\n });\n\n logger.debug(`${req.url} | proxy FronteggCookies (${fronteggCookiesNames.join(', ')})`);\n let modifiedCookies = ``;\n\n fronteggCookiesNames.forEach((requestCookieName: string) => {\n let cookieName = requestCookieName;\n if (config.rewriteCookieByAppId && config.appId) {\n cookieName = requestCookieName\n .replace(config.appId, config.clientId)\n .replace(config.appId.replace(/-/g, ''), config.clientId.replace(/-/g, ''))\n .replace(config.appId.replace('-', ''), config.clientId.replace('-', ''));\n\n logger.debug(`cookieName ${requestCookieName} replaced with appId ${cookieName}`);\n }\n\n logger.debug(`PROXY_ADDING_COOKIE ${cookieName}, ${allCookies[requestCookieName]}`);\n modifiedCookies += `${cookieName}=${allCookies[requestCookieName]}; `;\n });\n proxyReq.setHeader('cookie', modifiedCookies);\n\n proxyReq.setHeader('x-frontegg-framework', req.headers['x-frontegg-framework'] ?? `next@${NextJsPkg.version}`);\n proxyReq.setHeader('x-frontegg-sdk', req.headers['x-frontegg-sdk'] ?? `@frontegg/nextjs@${sdkVersion.version}`);\n proxyReq.setHeader('x-frontegg-middleware', 'true');\n\n const clientIp = req.headers['cf-connecting-ip'] || req.headers['x-forwarded-for'];\n\n if (clientIp && config.shouldForwardIp) {\n proxyReq.setHeader(FRONTEGG_FORWARD_IP_HEADER, `${clientIp}`);\n proxyReq.setHeader(FRONTEGG_CLIENT_SECRET_HEADER, config.clientSecret ?? '');\n }\n\n if (isRefreshTokenRequest(req.url!)) {\n logger.debug(`${req.url} | removing Authorization header`);\n proxyReq.removeHeader('authorization');\n }\n\n headersToRemove.map((header) => proxyReq.removeHeader(header));\n\n logger.debug(`${req.url} | check if request has body`);\n if (req.method !== 'GET' && req.body) {\n logger.debug(`${req.url} | writing request body to proxyReq`);\n const bodyData = JSON.stringify(req.body);\n // in case if content-type is application/x-www-form-urlencoded -> we need to change to application/json\n proxyReq.setHeader('Content-Type', 'application/json');\n proxyReq.setHeader('Content-Length', Buffer.byteLength(bodyData));\n // stream the content\n proxyReq.write(bodyData);\n }\n } catch (e) {\n logger.error(`${req.url} | Failed to proxy request`, e);\n }\n};\n\nexport default ProxyRequestCallback;\n"],"mappings":";;;;;;;AAAA,IAAAA,QAAA,GAAAC,sBAAA,CAAAC,OAAA;AAIA,IAAAC,WAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,OAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,QAAA,GAAAJ,sBAAA,CAAAC,OAAA;AACA,IAAAI,eAAA,GAAAL,sBAAA,CAAAC,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AACA,IAAAM,MAAA,GAAAN,OAAA;AACA,IAAAO,UAAA,GAAAP,OAAA;AAEA,MAAMQ,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;EAAEC,GAAG,EAAE;AAA6C,CAAC,CAAC;AAC1F;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,oBAAqE,GAAGA,CAACC,QAAQ,EAAEC,GAAG,KAAK;EAC/F,IAAI;IAAA,IAAAC,oBAAA,EAAAC,qBAAA;IACFR,MAAM,CAACS,IAAI,CAAC,GAAGH,GAAG,CAACI,GAAG,2BAA2B,CAAC;IAClDV,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,4BAA4B,CAAC;IACpD,MAAME,UAAU,GAAGC,gBAAa,CAACC,iBAAiB,CAACR,GAAG,CAAC;IACvDN,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,YAAYE,UAAU,UAAU,CAAC;IACxD,MAAMG,oBAAoB,GAAGC,MAAM,CAACC,IAAI,CAACL,UAAU,CAAC,CAACM,MAAM,CAAEC,UAAU,IAAK;MAC1E,OAAOA,UAAU,CAACC,UAAU,CAAC,KAAK,CAAC,IAAI,CAACD,UAAU,CAACC,UAAU,CAACC,eAAM,CAACF,UAAU,CAAC;IAClF,CAAC,CAAC;IAEFnB,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,6BAA6BK,oBAAoB,CAACO,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;IACvF,IAAIC,eAAe,GAAG,EAAE;IAExBR,oBAAoB,CAACS,OAAO,CAAEC,iBAAyB,IAAK;MAC1D,IAAIN,UAAU,GAAGM,iBAAiB;MAClC,IAAIJ,eAAM,CAACK,oBAAoB,IAAIL,eAAM,CAACM,KAAK,EAAE;QAC/CR,UAAU,GAAGM,iBAAiB,CAC3BG,OAAO,CAACP,eAAM,CAACM,KAAK,EAAEN,eAAM,CAACQ,QAAQ,CAAC,CACtCD,OAAO,CAACP,eAAM,CAACM,KAAK,CAACC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,EAAEP,eAAM,CAACQ,QAAQ,CAACD,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAC1EA,OAAO,CAACP,eAAM,CAACM,KAAK,CAACC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAEP,eAAM,CAACQ,QAAQ,CAACD,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAE3E5B,MAAM,CAACW,KAAK,CAAC,cAAcc,iBAAiB,wBAAwBN,UAAU,EAAE,CAAC;MACnF;MAEAnB,MAAM,CAACW,KAAK,CAAC,uBAAuBQ,UAAU,KAAKP,UAAU,CAACa,iBAAiB,CAAC,EAAE,CAAC;MACnFF,eAAe,IAAI,GAAGJ,UAAU,IAAIP,UAAU,CAACa,iBAAiB,CAAC,IAAI;IACvE,CAAC,CAAC;IACFpB,QAAQ,CAACyB,SAAS,CAAC,QAAQ,EAAEP,eAAe,CAAC;IAE7ClB,QAAQ,CAACyB,SAAS,CAAC,sBAAsB,GAAAvB,oBAAA,GAAED,GAAG,CAACyB,OAAO,CAAC,sBAAsB,CAAC,YAAAxB,oBAAA,GAAI,QAAQyB,gBAAS,CAACC,OAAO,EAAE,CAAC;IAC9G5B,QAAQ,CAACyB,SAAS,CAAC,gBAAgB,GAAAtB,qBAAA,GAAEF,GAAG,CAACyB,OAAO,CAAC,gBAAgB,CAAC,YAAAvB,qBAAA,GAAI,oBAAoB0B,mBAAU,CAACD,OAAO,EAAE,CAAC;IAC/G5B,QAAQ,CAACyB,SAAS,CAAC,uBAAuB,EAAE,MAAM,CAAC;IAEnD,MAAMK,QAAQ,GAAG7B,GAAG,CAACyB,OAAO,CAAC,kBAAkB,CAAC,IAAIzB,GAAG,CAACyB,OAAO,CAAC,iBAAiB,CAAC;IAElF,IAAII,QAAQ,IAAId,eAAM,CAACe,eAAe,EAAE;MAAA,IAAAC,oBAAA;MACtChC,QAAQ,CAACyB,SAAS,CAACQ,iCAA0B,EAAE,GAAGH,QAAQ,EAAE,CAAC;MAC7D9B,QAAQ,CAACyB,SAAS,CAACS,oCAA6B,GAAAF,oBAAA,GAAEhB,eAAM,CAACmB,YAAY,YAAAH,oBAAA,GAAI,EAAE,CAAC;IAC9E;IAEA,IAAI,IAAAI,8BAAqB,EAACnC,GAAG,CAACI,GAAI,CAAC,EAAE;MACnCV,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,kCAAkC,CAAC;MAC1DL,QAAQ,CAACqC,YAAY,CAAC,eAAe,CAAC;IACxC;IAEAC,0BAAe,CAACC,GAAG,CAAEC,MAAM,IAAKxC,QAAQ,CAACqC,YAAY,CAACG,MAAM,CAAC,CAAC;IAE9D7C,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,8BAA8B,CAAC;IACtD,IAAIJ,GAAG,CAACwC,MAAM,KAAK,KAAK,IAAIxC,GAAG,CAACyC,IAAI,EAAE;MACpC/C,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,qCAAqC,CAAC;MAC7D,MAAMsC,QAAQ,GAAGC,IAAI,CAACC,SAAS,CAAC5C,GAAG,CAACyC,IAAI,CAAC;MACzC;MACA1C,QAAQ,CAACyB,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC;MACtDzB,QAAQ,CAACyB,SAAS,CAAC,gBAAgB,EAAEqB,MAAM,CAACC,UAAU,CAACJ,QAAQ,CAAC,CAAC;MACjE;MACA3C,QAAQ,CAACgD,KAAK,CAACL,QAAQ,CAAC;IAC1B;EACF,CAAC,CAAC,OAAOM,CAAC,EAAE;IACVtD,MAAM,CAACuD,KAAK,CAAC,GAAGjD,GAAG,CAACI,GAAG,4BAA4B,EAAE4C,CAAC,CAAC;EACzD;AACF,CAAC;AAAC,IAAAE,QAAA,GAAAC,OAAA,CAAAC,OAAA,GAEatD,oBAAoB","ignoreList":[]}
1
+ {"version":3,"file":"ProxyRequestCallback.js","names":["_package","_interopRequireDefault","require","_sdkVersion","_config","_cookies","_fronteggLogger","_helpers","_utils","_constants","logger","fronteggLogger","child","tag","ProxyRequestCallback","proxyReq","req","_req$headers$xFronte","_req$headers$xFronte2","info","url","debug","allCookies","CookieManager","parseCookieHeader","fronteggCookiesNames","Object","keys","filter","cookieName","startsWith","config","join","modifiedCookies","forEach","requestCookieName","rewriteCookieByAppId","appId","replace","clientId","setHeader","headers","NextJsPkg","version","sdkVersion","clientIp","shouldForwardIp","_config$sharedSecret","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","sharedSecret","isRefreshTokenRequest","removeHeader","headersToRemove","map","header","method","body","bodyData","JSON","stringify","Buffer","byteLength","write","e","error","_default","exports","default"],"sources":["../../../../packages/nextjs/src/middleware/ProxyRequestCallback.ts"],"sourcesContent":["import NextJsPkg from 'next/package.json';\nimport { ProxyReqCallback } from 'http-proxy';\nimport { ClientRequest } from 'http';\nimport { NextApiRequest } from 'next';\nimport sdkVersion from '../sdkVersion';\nimport config from '../config';\nimport CookieManager from '../utils/cookies';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport { isRefreshTokenRequest } from '../utils/refreshAccessTokenIfNeeded/helpers';\nimport { FRONTEGG_HEADERS_VERIFIER_HEADER, FRONTEGG_FORWARD_IP_HEADER } from '../api/utils';\nimport { headersToRemove } from './constants';\n\nconst logger = fronteggLogger.child({ tag: 'FronteggApiMiddleware.ProxyRequestCallback' });\n/**\n * Proxy request callback fired on before each request to Frontegg services,\n * to transport frontegg cookies.\n *\n * @param {ClientRequest} proxyReq - Proxy request to be sent\n * @param {NextApiRequest} req - Next.js incoming request\n */\nconst ProxyRequestCallback: ProxyReqCallback<ClientRequest, NextApiRequest> = (proxyReq, req) => {\n try {\n logger.info(`${req.url} | Going to proxy request`);\n logger.debug(`${req.url} | parsing request cookies`);\n const allCookies = CookieManager.parseCookieHeader(req);\n logger.debug(`${req.url} | found ${allCookies} cookies`);\n const fronteggCookiesNames = Object.keys(allCookies).filter((cookieName) => {\n return cookieName.startsWith('fe_') && !cookieName.startsWith(config.cookieName);\n });\n\n logger.debug(`${req.url} | proxy FronteggCookies (${fronteggCookiesNames.join(', ')})`);\n let modifiedCookies = ``;\n\n fronteggCookiesNames.forEach((requestCookieName: string) => {\n let cookieName = requestCookieName;\n if (config.rewriteCookieByAppId && config.appId) {\n cookieName = requestCookieName\n .replace(config.appId, config.clientId)\n .replace(config.appId.replace(/-/g, ''), config.clientId.replace(/-/g, ''))\n .replace(config.appId.replace('-', ''), config.clientId.replace('-', ''));\n\n logger.debug(`cookieName ${requestCookieName} replaced with appId ${cookieName}`);\n }\n\n logger.debug(`PROXY_ADDING_COOKIE ${cookieName}, ${allCookies[requestCookieName]}`);\n modifiedCookies += `${cookieName}=${allCookies[requestCookieName]}; `;\n });\n proxyReq.setHeader('cookie', modifiedCookies);\n\n proxyReq.setHeader('x-frontegg-framework', req.headers['x-frontegg-framework'] ?? `next@${NextJsPkg.version}`);\n proxyReq.setHeader('x-frontegg-sdk', req.headers['x-frontegg-sdk'] ?? `@frontegg/nextjs@${sdkVersion.version}`);\n proxyReq.setHeader('x-frontegg-middleware', 'true');\n\n const clientIp = req.headers['cf-connecting-ip'] || req.headers['x-forwarded-for'];\n\n if (clientIp && config.shouldForwardIp) {\n proxyReq.setHeader(FRONTEGG_FORWARD_IP_HEADER, `${clientIp}`);\n proxyReq.setHeader(FRONTEGG_HEADERS_VERIFIER_HEADER, config.sharedSecret ?? '');\n }\n\n if (isRefreshTokenRequest(req.url!)) {\n logger.debug(`${req.url} | removing Authorization header`);\n proxyReq.removeHeader('authorization');\n }\n\n headersToRemove.map((header) => proxyReq.removeHeader(header));\n\n logger.debug(`${req.url} | check if request has body`);\n if (req.method !== 'GET' && req.body) {\n logger.debug(`${req.url} | writing request body to proxyReq`);\n const bodyData = JSON.stringify(req.body);\n // in case if content-type is application/x-www-form-urlencoded -> we need to change to application/json\n proxyReq.setHeader('Content-Type', 'application/json');\n proxyReq.setHeader('Content-Length', Buffer.byteLength(bodyData));\n // stream the content\n proxyReq.write(bodyData);\n }\n } catch (e) {\n logger.error(`${req.url} | Failed to proxy request`, e);\n }\n};\n\nexport default ProxyRequestCallback;\n"],"mappings":";;;;;;;AAAA,IAAAA,QAAA,GAAAC,sBAAA,CAAAC,OAAA;AAIA,IAAAC,WAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,OAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,QAAA,GAAAJ,sBAAA,CAAAC,OAAA;AACA,IAAAI,eAAA,GAAAL,sBAAA,CAAAC,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AACA,IAAAM,MAAA,GAAAN,OAAA;AACA,IAAAO,UAAA,GAAAP,OAAA;AAEA,MAAMQ,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;EAAEC,GAAG,EAAE;AAA6C,CAAC,CAAC;AAC1F;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,oBAAqE,GAAGA,CAACC,QAAQ,EAAEC,GAAG,KAAK;EAC/F,IAAI;IAAA,IAAAC,oBAAA,EAAAC,qBAAA;IACFR,MAAM,CAACS,IAAI,CAAC,GAAGH,GAAG,CAACI,GAAG,2BAA2B,CAAC;IAClDV,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,4BAA4B,CAAC;IACpD,MAAME,UAAU,GAAGC,gBAAa,CAACC,iBAAiB,CAACR,GAAG,CAAC;IACvDN,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,YAAYE,UAAU,UAAU,CAAC;IACxD,MAAMG,oBAAoB,GAAGC,MAAM,CAACC,IAAI,CAACL,UAAU,CAAC,CAACM,MAAM,CAAEC,UAAU,IAAK;MAC1E,OAAOA,UAAU,CAACC,UAAU,CAAC,KAAK,CAAC,IAAI,CAACD,UAAU,CAACC,UAAU,CAACC,eAAM,CAACF,UAAU,CAAC;IAClF,CAAC,CAAC;IAEFnB,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,6BAA6BK,oBAAoB,CAACO,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;IACvF,IAAIC,eAAe,GAAG,EAAE;IAExBR,oBAAoB,CAACS,OAAO,CAAEC,iBAAyB,IAAK;MAC1D,IAAIN,UAAU,GAAGM,iBAAiB;MAClC,IAAIJ,eAAM,CAACK,oBAAoB,IAAIL,eAAM,CAACM,KAAK,EAAE;QAC/CR,UAAU,GAAGM,iBAAiB,CAC3BG,OAAO,CAACP,eAAM,CAACM,KAAK,EAAEN,eAAM,CAACQ,QAAQ,CAAC,CACtCD,OAAO,CAACP,eAAM,CAACM,KAAK,CAACC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,EAAEP,eAAM,CAACQ,QAAQ,CAACD,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAC1EA,OAAO,CAACP,eAAM,CAACM,KAAK,CAACC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAEP,eAAM,CAACQ,QAAQ,CAACD,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAE3E5B,MAAM,CAACW,KAAK,CAAC,cAAcc,iBAAiB,wBAAwBN,UAAU,EAAE,CAAC;MACnF;MAEAnB,MAAM,CAACW,KAAK,CAAC,uBAAuBQ,UAAU,KAAKP,UAAU,CAACa,iBAAiB,CAAC,EAAE,CAAC;MACnFF,eAAe,IAAI,GAAGJ,UAAU,IAAIP,UAAU,CAACa,iBAAiB,CAAC,IAAI;IACvE,CAAC,CAAC;IACFpB,QAAQ,CAACyB,SAAS,CAAC,QAAQ,EAAEP,eAAe,CAAC;IAE7ClB,QAAQ,CAACyB,SAAS,CAAC,sBAAsB,GAAAvB,oBAAA,GAAED,GAAG,CAACyB,OAAO,CAAC,sBAAsB,CAAC,YAAAxB,oBAAA,GAAI,QAAQyB,gBAAS,CAACC,OAAO,EAAE,CAAC;IAC9G5B,QAAQ,CAACyB,SAAS,CAAC,gBAAgB,GAAAtB,qBAAA,GAAEF,GAAG,CAACyB,OAAO,CAAC,gBAAgB,CAAC,YAAAvB,qBAAA,GAAI,oBAAoB0B,mBAAU,CAACD,OAAO,EAAE,CAAC;IAC/G5B,QAAQ,CAACyB,SAAS,CAAC,uBAAuB,EAAE,MAAM,CAAC;IAEnD,MAAMK,QAAQ,GAAG7B,GAAG,CAACyB,OAAO,CAAC,kBAAkB,CAAC,IAAIzB,GAAG,CAACyB,OAAO,CAAC,iBAAiB,CAAC;IAElF,IAAII,QAAQ,IAAId,eAAM,CAACe,eAAe,EAAE;MAAA,IAAAC,oBAAA;MACtChC,QAAQ,CAACyB,SAAS,CAACQ,iCAA0B,EAAE,GAAGH,QAAQ,EAAE,CAAC;MAC7D9B,QAAQ,CAACyB,SAAS,CAACS,uCAAgC,GAAAF,oBAAA,GAAEhB,eAAM,CAACmB,YAAY,YAAAH,oBAAA,GAAI,EAAE,CAAC;IACjF;IAEA,IAAI,IAAAI,8BAAqB,EAACnC,GAAG,CAACI,GAAI,CAAC,EAAE;MACnCV,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,kCAAkC,CAAC;MAC1DL,QAAQ,CAACqC,YAAY,CAAC,eAAe,CAAC;IACxC;IAEAC,0BAAe,CAACC,GAAG,CAAEC,MAAM,IAAKxC,QAAQ,CAACqC,YAAY,CAACG,MAAM,CAAC,CAAC;IAE9D7C,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,8BAA8B,CAAC;IACtD,IAAIJ,GAAG,CAACwC,MAAM,KAAK,KAAK,IAAIxC,GAAG,CAACyC,IAAI,EAAE;MACpC/C,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,qCAAqC,CAAC;MAC7D,MAAMsC,QAAQ,GAAGC,IAAI,CAACC,SAAS,CAAC5C,GAAG,CAACyC,IAAI,CAAC;MACzC;MACA1C,QAAQ,CAACyB,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC;MACtDzB,QAAQ,CAACyB,SAAS,CAAC,gBAAgB,EAAEqB,MAAM,CAACC,UAAU,CAACJ,QAAQ,CAAC,CAAC;MACjE;MACA3C,QAAQ,CAACgD,KAAK,CAACL,QAAQ,CAAC;IAC1B;EACF,CAAC,CAAC,OAAOM,CAAC,EAAE;IACVtD,MAAM,CAACuD,KAAK,CAAC,GAAGjD,GAAG,CAACI,GAAG,4BAA4B,EAAE4C,CAAC,CAAC;EACzD;AACF,CAAC;AAAC,IAAAE,QAAA,GAAAC,OAAA,CAAAC,OAAA,GAEatD,oBAAoB","ignoreList":[]}
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@frontegg/nextjs",
3
3
  "libName": "FronteggNextJs",
4
- "version": "9.2.2-alpha.13033875737",
4
+ "version": "9.2.2-alpha.13540668007",
5
5
  "author": "Frontegg LTD",
6
6
  "license": "MIT",
7
7
  "repository": {
package/sdkVersion.js CHANGED
@@ -5,6 +5,6 @@ Object.defineProperty(exports, "__esModule", {
5
5
  });
6
6
  exports.default = void 0;
7
7
  var _default = exports.default = {
8
- version: '9.2.2-alpha.13033875737'
8
+ version: '9.2.2-alpha.13540668007'
9
9
  };
10
10
  //# sourceMappingURL=sdkVersion.js.map
package/sdkVersion.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"sdkVersion.js","names":["version"],"sources":["../../../packages/nextjs/src/sdkVersion.ts"],"sourcesContent":["export default { version: '9.2.2-alpha.13033875737' };\n"],"mappings":";;;;;;iCAAe;EAAEA,OAAO,EAAE;AAA0B,CAAC","ignoreList":[]}
1
+ {"version":3,"file":"sdkVersion.js","names":["version"],"sources":["../../../packages/nextjs/src/sdkVersion.ts"],"sourcesContent":["export default { version: '9.2.2-alpha.13540668007' };\n"],"mappings":";;;;;;iCAAe;EAAEA,OAAO,EAAE;AAA0B,CAAC","ignoreList":[]}
package/utils/refreshAccessTokenIfNeeded/index.js CHANGED
@@ -77,9 +77,9 @@ async function refreshAccessTokenIfNeeded(ctx) {
77
77
  }
78
78
  const clientIp = nextJsRequest.headers['cf-connecting-ip'] || nextJsRequest.headers['x-forwarded-for'] || ((_nextJsRequest$socket = nextJsRequest.socket) == null ? void 0 : _nextJsRequest$socket.remoteAddress);
79
79
  if (clientIp && _config.default.shouldForwardIp) {
80
- var _config$clientSecret;
80
+ var _config$sharedSecret;
81
81
  nextJsRequest.headers[_utils.FRONTEGG_FORWARD_IP_HEADER] = clientIp;
82
- nextJsRequest.headers[_utils.FRONTEGG_CLIENT_SECRET_HEADER] = (_config$clientSecret = _config.default.clientSecret) != null ? _config$clientSecret : '';
82
+ nextJsRequest.headers[_utils.FRONTEGG_HEADERS_VERIFIER_HEADER] = (_config$sharedSecret = _config.default.sharedSecret) != null ? _config$sharedSecret : '';
83
83
  }
84
84
  let response;
85
85
  if (_config.default.isHostedLogin) {
package/utils/refreshAccessTokenIfNeeded/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","names":["_common","require","_config","_interopRequireDefault","_cookies","_helpers","_fronteggLogger","_encryption","_createSession","_utils","refreshAccessTokenIfNeeded","ctx","logger","fronteggLogger","child","tag","info","pathname","nextJsRequest","req","nextJsResponse","res","url","debug","hasSetSessionCookie","getHeader","cookies","CookieManager","getSessionCookieFromRedirectedResponse","session","createSession","encryption","getForwardedSession","_nextJsRequest$socket","_ref","_ref2","_response$headers$raw","_response$headers","_response$headers$raw2","_response$headers2","_response$headers2$ge","_response$headers3","_response$headers3$ge","_CookieManager$modify","_data$accessToken","isRuntimeNextRequest","config","disableInitialPropsRefreshToken","getSessionCookieFromRequest","isHostedLogin","isOauthCallback","removeCookies","isSecured","isSSL","cookieDomain","isSamlCallback","clientIp","headers","socket","remoteAddress","shouldForwardIp","_config$clientSecret","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_CLIENT_SECRET_HEADER","clientSecret","response","refreshAccessTokenHostedLogin","refreshAccessTokenEmbedded","ok","data","json","cookieHeader","raw","call","getSetCookie","get","newSetCookie","modifySetCookie","decodedJwt","refreshToken","createSessionFromAccessToken","cookieValue","create","value","expires","Date","exp","secure","push","setHeader","fronteggSession","accessToken","access_token","user","saveForwardedSession","e","error"],"sources":["../../../../../packages/nextjs/src/utils/refreshAccessTokenIfNeeded/index.ts"],"sourcesContent":["import type { NextPageContext } from 'next/dist/shared/lib/utils';\nimport type { FronteggNextJSSession } from '../../types';\nimport { createSessionFromAccessToken } from '../../common';\nimport config from '../../config';\nimport CookieManager from '../cookies';\nimport {\n isOauthCallback,\n hasSetSessionCookie,\n isRuntimeNextRequest,\n isSamlCallback,\n refreshAccessTokenEmbedded,\n refreshAccessTokenHostedLogin,\n saveForwardedSession,\n getForwardedSession,\n} from './helpers';\nimport fronteggLogger from '../fronteggLogger';\nimport encryption from '../encryption';\nimport createSession from '../createSession';\nimport { FRONTEGG_CLIENT_SECRET_HEADER, FRONTEGG_FORWARD_IP_HEADER } from '../../api/utils';\n\nexport { isRuntimeNextRequest };\n/**\n * Refreshes the access token for the current session.\n *\n * @param {NextPageContext} ctx - The Next.js Page Context object.\n * @returns {Promise<FronteggNextJSSession | null>} A Promise that resolves to the updated session object, or `null` if the refresh failed.\n */\nexport default async function refreshAccessTokenIfNeeded(ctx: NextPageContext): Promise<FronteggNextJSSession | null> {\n const logger = fronteggLogger.child({ tag: 'refreshAccessTokenIfNeeded' });\n\n logger.info(`Refreshing token by for PageContext ${ctx.pathname}`);\n const nextJsRequest = ctx.req;\n const nextJsResponse = ctx.res;\n const url = nextJsRequest?.url;\n if (!nextJsResponse || !nextJsRequest || !url) {\n logger.debug(`abandon refreshToken due to PageContext.req = null`);\n return null;\n }\n\n if (hasSetSessionCookie(nextJsResponse.getHeader('set-cookie'))) {\n const cookies = CookieManager.getSessionCookieFromRedirectedResponse(nextJsResponse);\n const session = await createSession(cookies, encryption);\n logger.debug('Abandon refreshToken due to a previous redirect to /_error or other server-side redirect.');\n return session ?? getForwardedSession(nextJsResponse);\n }\n\n try {\n logger.info(`Check if should request made from first application load`);\n\n if (isRuntimeNextRequest(url) || config.disableInitialPropsRefreshToken) {\n logger.debug(`Detect runtime next.js request, resolving existing session from cookies if exists`);\n\n const cookies = CookieManager.getSessionCookieFromRequest(nextJsRequest);\n const session = await createSession(cookies, encryption);\n\n if (session) {\n logger.debug(`session resolved from session cookie`);\n return session;\n } else {\n logger.info('Failed to resolve session from cookie, going to refresh token');\n }\n }\n\n if (config.isHostedLogin) {\n // hosted login bypassed urls\n if (isOauthCallback(url)) {\n logger.debug(`abandon refreshToken for HostedLogin Callback ${url}`);\n CookieManager.removeCookies({\n isSecured: config.isSSL,\n cookieDomain: config.cookieDomain,\n res: nextJsResponse,\n req: nextJsRequest,\n });\n }\n } else {\n // embedded login bypassed urls\n if (isSamlCallback(url)) {\n logger.debug(`abandon refreshToken for Saml Callback ${url}`);\n return null;\n }\n }\n\n const clientIp =\n nextJsRequest.headers['cf-connecting-ip'] ||\n nextJsRequest.headers['x-forwarded-for'] ||\n nextJsRequest.socket?.remoteAddress;\n\n if (clientIp && config.shouldForwardIp) {\n nextJsRequest.headers[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n nextJsRequest.headers[FRONTEGG_CLIENT_SECRET_HEADER] = config.clientSecret ?? '';\n }\n\n let response: Response | null;\n if (config.isHostedLogin) {\n response = await refreshAccessTokenHostedLogin(nextJsRequest);\n } else {\n response = await refreshAccessTokenEmbedded(nextJsRequest);\n }\n\n const isSecured = config.isSSL;\n if (response === null || !response.ok) {\n CookieManager.removeCookies({\n cookieDomain: config.cookieDomain,\n isSecured,\n req: nextJsRequest,\n res: nextJsResponse,\n });\n return null;\n }\n\n const data = await response.json();\n\n const cookieHeader: string[] =\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n response.headers?.raw?.()['set-cookie'] ??\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n response.headers?.getSetCookie?.() ??\n response.headers?.get?.('set-cookie') ??\n [];\n\n const newSetCookie = CookieManager.modifySetCookie(cookieHeader, isSecured) ?? [];\n const [session, decodedJwt, refreshToken] = await createSessionFromAccessToken(data);\n\n if (!session) {\n return null;\n }\n const cookieValue = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n req: nextJsRequest,\n });\n newSetCookie.push(...cookieValue);\n nextJsResponse.setHeader('set-cookie', newSetCookie);\n\n const fronteggSession = {\n accessToken: data.accessToken ?? data.access_token,\n user: decodedJwt,\n refreshToken,\n };\n\n saveForwardedSession(nextJsResponse, fronteggSession);\n return fronteggSession;\n } catch (e) {\n logger.error('[refreshToken] Failed to create session e', e);\n return null;\n }\n}\n"],"mappings":";;;;;;;;;;;;;AAEA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,QAAA,GAAAD,sBAAA,CAAAF,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AAUA,IAAAK,eAAA,GAAAH,sBAAA,CAAAF,OAAA;AACA,IAAAM,WAAA,GAAAJ,sBAAA,CAAAF,OAAA;AACA,IAAAO,cAAA,GAAAL,sBAAA,CAAAF,OAAA;AACA,IAAAQ,MAAA,GAAAR,OAAA;AAGA;AACA;AACA;AACA;AACA;AACA;AACe,eAAeS,0BAA0BA,CAACC,GAAoB,EAAyC;EACpH,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA6B,CAAC,CAAC;EAE1EH,MAAM,CAACI,IAAI,CAAC,uCAAuCL,GAAG,CAACM,QAAQ,EAAE,CAAC;EAClE,MAAMC,aAAa,GAAGP,GAAG,CAACQ,GAAG;EAC7B,MAAMC,cAAc,GAAGT,GAAG,CAACU,GAAG;EAC9B,MAAMC,GAAG,GAAGJ,aAAa,oBAAbA,aAAa,CAAEI,GAAG;EAC9B,IAAI,CAACF,cAAc,IAAI,CAACF,aAAa,IAAI,CAACI,GAAG,EAAE;IAC7CV,MAAM,CAACW,KAAK,CAAC,oDAAoD,CAAC;IAClE,OAAO,IAAI;EACb;EAEA,IAAI,IAAAC,4BAAmB,EAACJ,cAAc,CAACK,SAAS,CAAC,YAAY,CAAC,CAAC,EAAE;IAC/D,MAAMC,OAAO,GAAGC,gBAAa,CAACC,sCAAsC,CAACR,cAAc,CAAC;IACpF,MAAMS,OAAO,GAAG,MAAM,IAAAC,sBAAa,EAACJ,OAAO,EAAEK,mBAAU,CAAC;IACxDnB,MAAM,CAACW,KAAK,CAAC,2FAA2F,CAAC;IACzG,OAAOM,OAAO,WAAPA,OAAO,GAAI,IAAAG,4BAAmB,EAACZ,cAAc,CAAC;EACvD;EAEA,IAAI;IAAA,IAAAa,qBAAA,EAAAC,IAAA,EAAAC,KAAA,EAAAC,qBAAA,EAAAC,iBAAA,EAAAC,sBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,iBAAA;IACFhC,MAAM,CAACI,IAAI,CAAC,0DAA0D,CAAC;IAEvE,IAAI,IAAA6B,6BAAoB,EAACvB,GAAG,CAAC,IAAIwB,eAAM,CAACC,+BAA+B,EAAE;MACvEnC,MAAM,CAACW,KAAK,CAAC,mFAAmF,CAAC;MAEjG,MAAMG,OAAO,GAAGC,gBAAa,CAACqB,2BAA2B,CAAC9B,aAAa,CAAC;MACxE,MAAMW,OAAO,GAAG,MAAM,IAAAC,sBAAa,EAACJ,OAAO,EAAEK,mBAAU,CAAC;MAExD,IAAIF,OAAO,EAAE;QACXjB,MAAM,CAACW,KAAK,CAAC,sCAAsC,CAAC;QACpD,OAAOM,OAAO;MAChB,CAAC,MAAM;QACLjB,MAAM,CAACI,IAAI,CAAC,+DAA+D,CAAC;MAC9E;IACF;IAEA,IAAI8B,eAAM,CAACG,aAAa,EAAE;MACxB;MACA,IAAI,IAAAC,wBAAe,EAAC5B,GAAG,CAAC,EAAE;QACxBV,MAAM,CAACW,KAAK,CAAC,iDAAiDD,GAAG,EAAE,CAAC;QACpEK,gBAAa,CAACwB,aAAa,CAAC;UAC1BC,SAAS,EAAEN,eAAM,CAACO,KAAK;UACvBC,YAAY,EAAER,eAAM,CAACQ,YAAY;UACjCjC,GAAG,EAAED,cAAc;UACnBD,GAAG,EAAED;QACP,CAAC,CAAC;MACJ;IACF,CAAC,MAAM;MACL;MACA,IAAI,IAAAqC,uBAAc,EAACjC,GAAG,CAAC,EAAE;QACvBV,MAAM,CAACW,KAAK,CAAC,0CAA0CD,GAAG,EAAE,CAAC;QAC7D,OAAO,IAAI;MACb;IACF;IAEA,MAAMkC,QAAQ,GACZtC,aAAa,CAACuC,OAAO,CAAC,kBAAkB,CAAC,IACzCvC,aAAa,CAACuC,OAAO,CAAC,iBAAiB,CAAC,MAAAxB,qBAAA,GACxCf,aAAa,CAACwC,MAAM,qBAApBzB,qBAAA,CAAsB0B,aAAa;IAErC,IAAIH,QAAQ,IAAIV,eAAM,CAACc,eAAe,EAAE;MAAA,IAAAC,oBAAA;MACtC3C,aAAa,CAACuC,OAAO,CAACK,iCAA0B,CAAC,GAAGN,QAAQ;MAC5DtC,aAAa,CAACuC,OAAO,CAACM,oCAA6B,CAAC,IAAAF,oBAAA,GAAGf,eAAM,CAACkB,YAAY,YAAAH,oBAAA,GAAI,EAAE;IAClF;IAEA,IAAII,QAAyB;IAC7B,IAAInB,eAAM,CAACG,aAAa,EAAE;MACxBgB,QAAQ,GAAG,MAAM,IAAAC,sCAA6B,EAAChD,aAAa,CAAC;IAC/D,CAAC,MAAM;MACL+C,QAAQ,GAAG,MAAM,IAAAE,mCAA0B,EAACjD,aAAa,CAAC;IAC5D;IAEA,MAAMkC,SAAS,GAAGN,eAAM,CAACO,KAAK;IAC9B,IAAIY,QAAQ,KAAK,IAAI,IAAI,CAACA,QAAQ,CAACG,EAAE,EAAE;MACrCzC,gBAAa,CAACwB,aAAa,CAAC;QAC1BG,YAAY,EAAER,eAAM,CAACQ,YAAY;QACjCF,SAAS;QACTjC,GAAG,EAAED,aAAa;QAClBG,GAAG,EAAED;MACP,CAAC,CAAC;MACF,OAAO,IAAI;IACb;IAEA,MAAMiD,IAAI,GAAG,MAAMJ,QAAQ,CAACK,IAAI,CAAC,CAAC;IAElC,MAAMC,YAAsB,GAC1B;IAAA,CAAArC,IAAA,IAAAC,KAAA,IAAAC,qBAAA,IAAAC,iBAAA,GACA4B,QAAQ,CAACR,OAAO,cAAAnB,sBAAA,GAAhBD,iBAAA,CAAkBmC,GAAG,qBAArBlC,sBAAA,CAAAmC,IAAA,CAAApC,iBAAwB,CAAC,CAAC,YAAY,CAAC,YAAAD,qBAAA,GACvC;IAAA,CAAAG,kBAAA,GACA0B,QAAQ,CAACR,OAAO,cAAAjB,qBAAA,GAAhBD,kBAAA,CAAkBmC,YAAY,qBAA9BlC,qBAAA,CAAAiC,IAAA,CAAAlC,kBAAiC,CAAC,YAAAJ,KAAA,IAAAM,kBAAA,GAClCwB,QAAQ,CAACR,OAAO,cAAAf,qBAAA,GAAhBD,kBAAA,CAAkBkC,GAAG,qBAArBjC,qBAAA,CAAA+B,IAAA,CAAAhC,kBAAA,EAAwB,YAAY,CAAC,YAAAP,IAAA,GACrC,EAAE;IAEJ,MAAM0C,YAAY,IAAAjC,qBAAA,GAAGhB,gBAAa,CAACkD,eAAe,CAACN,YAAY,EAAEnB,SAAS,CAAC,YAAAT,qBAAA,GAAI,EAAE;IACjF,MAAM,CAACd,OAAO,EAAEiD,UAAU,EAAEC,YAAY,CAAC,GAAG,MAAM,IAAAC,oCAA4B,EAACX,IAAI,CAAC;IAEpF,IAAI,CAACxC,OAAO,EAAE;MACZ,OAAO,IAAI;IACb;IACA,MAAMoD,WAAW,GAAGtD,gBAAa,CAACuD,MAAM,CAAC;MACvCC,KAAK,EAAEtD,OAAO;MACduD,OAAO,EAAE,IAAIC,IAAI,CAACP,UAAU,CAACQ,GAAG,GAAG,IAAI,CAAC;MACxCC,MAAM,EAAEnC,SAAS;MACjBjC,GAAG,EAAED;IACP,CAAC,CAAC;IACF0D,YAAY,CAACY,IAAI,CAAC,GAAGP,WAAW,CAAC;IACjC7D,cAAc,CAACqE,SAAS,CAAC,YAAY,EAAEb,YAAY,CAAC;IAEpD,MAAMc,eAAe,GAAG;MACtBC,WAAW,GAAA/C,iBAAA,GAAEyB,IAAI,CAACsB,WAAW,YAAA/C,iBAAA,GAAIyB,IAAI,CAACuB,YAAY;MAClDC,IAAI,EAAEf,UAAU;MAChBC;IACF,CAAC;IAED,IAAAe,6BAAoB,EAAC1E,cAAc,EAAEsE,eAAe,CAAC;IACrD,OAAOA,eAAe;EACxB,CAAC,CAAC,OAAOK,CAAC,EAAE;IACVnF,MAAM,CAACoF,KAAK,CAAC,2CAA2C,EAAED,CAAC,CAAC;IAC5D,OAAO,IAAI;EACb;AACF","ignoreList":[]}
1
+ {"version":3,"file":"index.js","names":["_common","require","_config","_interopRequireDefault","_cookies","_helpers","_fronteggLogger","_encryption","_createSession","_utils","refreshAccessTokenIfNeeded","ctx","logger","fronteggLogger","child","tag","info","pathname","nextJsRequest","req","nextJsResponse","res","url","debug","hasSetSessionCookie","getHeader","cookies","CookieManager","getSessionCookieFromRedirectedResponse","session","createSession","encryption","getForwardedSession","_nextJsRequest$socket","_ref","_ref2","_response$headers$raw","_response$headers","_response$headers$raw2","_response$headers2","_response$headers2$ge","_response$headers3","_response$headers3$ge","_CookieManager$modify","_data$accessToken","isRuntimeNextRequest","config","disableInitialPropsRefreshToken","getSessionCookieFromRequest","isHostedLogin","isOauthCallback","removeCookies","isSecured","isSSL","cookieDomain","isSamlCallback","clientIp","headers","socket","remoteAddress","shouldForwardIp","_config$sharedSecret","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","sharedSecret","response","refreshAccessTokenHostedLogin","refreshAccessTokenEmbedded","ok","data","json","cookieHeader","raw","call","getSetCookie","get","newSetCookie","modifySetCookie","decodedJwt","refreshToken","createSessionFromAccessToken","cookieValue","create","value","expires","Date","exp","secure","push","setHeader","fronteggSession","accessToken","access_token","user","saveForwardedSession","e","error"],"sources":["../../../../../packages/nextjs/src/utils/refreshAccessTokenIfNeeded/index.ts"],"sourcesContent":["import type { NextPageContext } from 'next/dist/shared/lib/utils';\nimport type { FronteggNextJSSession } from '../../types';\nimport { createSessionFromAccessToken } from '../../common';\nimport config from '../../config';\nimport CookieManager from '../cookies';\nimport {\n isOauthCallback,\n hasSetSessionCookie,\n isRuntimeNextRequest,\n isSamlCallback,\n refreshAccessTokenEmbedded,\n refreshAccessTokenHostedLogin,\n saveForwardedSession,\n getForwardedSession,\n} from './helpers';\nimport fronteggLogger from '../fronteggLogger';\nimport encryption from '../encryption';\nimport createSession from '../createSession';\nimport { FRONTEGG_HEADERS_VERIFIER_HEADER, FRONTEGG_FORWARD_IP_HEADER } from '../../api/utils';\n\nexport { isRuntimeNextRequest };\n/**\n * Refreshes the access token for the current session.\n *\n * @param {NextPageContext} ctx - The Next.js Page Context object.\n * @returns {Promise<FronteggNextJSSession | null>} A Promise that resolves to the updated session object, or `null` if the refresh failed.\n */\nexport default async function refreshAccessTokenIfNeeded(ctx: NextPageContext): Promise<FronteggNextJSSession | null> {\n const logger = fronteggLogger.child({ tag: 'refreshAccessTokenIfNeeded' });\n\n logger.info(`Refreshing token by for PageContext ${ctx.pathname}`);\n const nextJsRequest = ctx.req;\n const nextJsResponse = ctx.res;\n const url = nextJsRequest?.url;\n if (!nextJsResponse || !nextJsRequest || !url) {\n logger.debug(`abandon refreshToken due to PageContext.req = null`);\n return null;\n }\n\n if (hasSetSessionCookie(nextJsResponse.getHeader('set-cookie'))) {\n const cookies = CookieManager.getSessionCookieFromRedirectedResponse(nextJsResponse);\n const session = await createSession(cookies, encryption);\n logger.debug('Abandon refreshToken due to a previous redirect to /_error or other server-side redirect.');\n return session ?? getForwardedSession(nextJsResponse);\n }\n\n try {\n logger.info(`Check if should request made from first application load`);\n\n if (isRuntimeNextRequest(url) || config.disableInitialPropsRefreshToken) {\n logger.debug(`Detect runtime next.js request, resolving existing session from cookies if exists`);\n\n const cookies = CookieManager.getSessionCookieFromRequest(nextJsRequest);\n const session = await createSession(cookies, encryption);\n\n if (session) {\n logger.debug(`session resolved from session cookie`);\n return session;\n } else {\n logger.info('Failed to resolve session from cookie, going to refresh token');\n }\n }\n\n if (config.isHostedLogin) {\n // hosted login bypassed urls\n if (isOauthCallback(url)) {\n logger.debug(`abandon refreshToken for HostedLogin Callback ${url}`);\n CookieManager.removeCookies({\n isSecured: config.isSSL,\n cookieDomain: config.cookieDomain,\n res: nextJsResponse,\n req: nextJsRequest,\n });\n }\n } else {\n // embedded login bypassed urls\n if (isSamlCallback(url)) {\n logger.debug(`abandon refreshToken for Saml Callback ${url}`);\n return null;\n }\n }\n\n const clientIp =\n nextJsRequest.headers['cf-connecting-ip'] ||\n nextJsRequest.headers['x-forwarded-for'] ||\n nextJsRequest.socket?.remoteAddress;\n\n if (clientIp && config.shouldForwardIp) {\n nextJsRequest.headers[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n nextJsRequest.headers[FRONTEGG_HEADERS_VERIFIER_HEADER] = config.sharedSecret ?? '';\n }\n\n let response: Response | null;\n if (config.isHostedLogin) {\n response = await refreshAccessTokenHostedLogin(nextJsRequest);\n } else {\n response = await refreshAccessTokenEmbedded(nextJsRequest);\n }\n\n const isSecured = config.isSSL;\n if (response === null || !response.ok) {\n CookieManager.removeCookies({\n cookieDomain: config.cookieDomain,\n isSecured,\n req: nextJsRequest,\n res: nextJsResponse,\n });\n return null;\n }\n\n const data = await response.json();\n\n const cookieHeader: string[] =\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n response.headers?.raw?.()['set-cookie'] ??\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n response.headers?.getSetCookie?.() ??\n response.headers?.get?.('set-cookie') ??\n [];\n\n const newSetCookie = CookieManager.modifySetCookie(cookieHeader, isSecured) ?? [];\n const [session, decodedJwt, refreshToken] = await createSessionFromAccessToken(data);\n\n if (!session) {\n return null;\n }\n const cookieValue = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n req: nextJsRequest,\n });\n newSetCookie.push(...cookieValue);\n nextJsResponse.setHeader('set-cookie', newSetCookie);\n\n const fronteggSession = {\n accessToken: data.accessToken ?? data.access_token,\n user: decodedJwt,\n refreshToken,\n };\n\n saveForwardedSession(nextJsResponse, fronteggSession);\n return fronteggSession;\n } catch (e) {\n logger.error('[refreshToken] Failed to create session e', e);\n return null;\n }\n}\n"],"mappings":";;;;;;;;;;;;;AAEA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,QAAA,GAAAD,sBAAA,CAAAF,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AAUA,IAAAK,eAAA,GAAAH,sBAAA,CAAAF,OAAA;AACA,IAAAM,WAAA,GAAAJ,sBAAA,CAAAF,OAAA;AACA,IAAAO,cAAA,GAAAL,sBAAA,CAAAF,OAAA;AACA,IAAAQ,MAAA,GAAAR,OAAA;AAGA;AACA;AACA;AACA;AACA;AACA;AACe,eAAeS,0BAA0BA,CAACC,GAAoB,EAAyC;EACpH,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA6B,CAAC,CAAC;EAE1EH,MAAM,CAACI,IAAI,CAAC,uCAAuCL,GAAG,CAACM,QAAQ,EAAE,CAAC;EAClE,MAAMC,aAAa,GAAGP,GAAG,CAACQ,GAAG;EAC7B,MAAMC,cAAc,GAAGT,GAAG,CAACU,GAAG;EAC9B,MAAMC,GAAG,GAAGJ,aAAa,oBAAbA,aAAa,CAAEI,GAAG;EAC9B,IAAI,CAACF,cAAc,IAAI,CAACF,aAAa,IAAI,CAACI,GAAG,EAAE;IAC7CV,MAAM,CAACW,KAAK,CAAC,oDAAoD,CAAC;IAClE,OAAO,IAAI;EACb;EAEA,IAAI,IAAAC,4BAAmB,EAACJ,cAAc,CAACK,SAAS,CAAC,YAAY,CAAC,CAAC,EAAE;IAC/D,MAAMC,OAAO,GAAGC,gBAAa,CAACC,sCAAsC,CAACR,cAAc,CAAC;IACpF,MAAMS,OAAO,GAAG,MAAM,IAAAC,sBAAa,EAACJ,OAAO,EAAEK,mBAAU,CAAC;IACxDnB,MAAM,CAACW,KAAK,CAAC,2FAA2F,CAAC;IACzG,OAAOM,OAAO,WAAPA,OAAO,GAAI,IAAAG,4BAAmB,EAACZ,cAAc,CAAC;EACvD;EAEA,IAAI;IAAA,IAAAa,qBAAA,EAAAC,IAAA,EAAAC,KAAA,EAAAC,qBAAA,EAAAC,iBAAA,EAAAC,sBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,iBAAA;IACFhC,MAAM,CAACI,IAAI,CAAC,0DAA0D,CAAC;IAEvE,IAAI,IAAA6B,6BAAoB,EAACvB,GAAG,CAAC,IAAIwB,eAAM,CAACC,+BAA+B,EAAE;MACvEnC,MAAM,CAACW,KAAK,CAAC,mFAAmF,CAAC;MAEjG,MAAMG,OAAO,GAAGC,gBAAa,CAACqB,2BAA2B,CAAC9B,aAAa,CAAC;MACxE,MAAMW,OAAO,GAAG,MAAM,IAAAC,sBAAa,EAACJ,OAAO,EAAEK,mBAAU,CAAC;MAExD,IAAIF,OAAO,EAAE;QACXjB,MAAM,CAACW,KAAK,CAAC,sCAAsC,CAAC;QACpD,OAAOM,OAAO;MAChB,CAAC,MAAM;QACLjB,MAAM,CAACI,IAAI,CAAC,+DAA+D,CAAC;MAC9E;IACF;IAEA,IAAI8B,eAAM,CAACG,aAAa,EAAE;MACxB;MACA,IAAI,IAAAC,wBAAe,EAAC5B,GAAG,CAAC,EAAE;QACxBV,MAAM,CAACW,KAAK,CAAC,iDAAiDD,GAAG,EAAE,CAAC;QACpEK,gBAAa,CAACwB,aAAa,CAAC;UAC1BC,SAAS,EAAEN,eAAM,CAACO,KAAK;UACvBC,YAAY,EAAER,eAAM,CAACQ,YAAY;UACjCjC,GAAG,EAAED,cAAc;UACnBD,GAAG,EAAED;QACP,CAAC,CAAC;MACJ;IACF,CAAC,MAAM;MACL;MACA,IAAI,IAAAqC,uBAAc,EAACjC,GAAG,CAAC,EAAE;QACvBV,MAAM,CAACW,KAAK,CAAC,0CAA0CD,GAAG,EAAE,CAAC;QAC7D,OAAO,IAAI;MACb;IACF;IAEA,MAAMkC,QAAQ,GACZtC,aAAa,CAACuC,OAAO,CAAC,kBAAkB,CAAC,IACzCvC,aAAa,CAACuC,OAAO,CAAC,iBAAiB,CAAC,MAAAxB,qBAAA,GACxCf,aAAa,CAACwC,MAAM,qBAApBzB,qBAAA,CAAsB0B,aAAa;IAErC,IAAIH,QAAQ,IAAIV,eAAM,CAACc,eAAe,EAAE;MAAA,IAAAC,oBAAA;MACtC3C,aAAa,CAACuC,OAAO,CAACK,iCAA0B,CAAC,GAAGN,QAAQ;MAC5DtC,aAAa,CAACuC,OAAO,CAACM,uCAAgC,CAAC,IAAAF,oBAAA,GAAGf,eAAM,CAACkB,YAAY,YAAAH,oBAAA,GAAI,EAAE;IACrF;IAEA,IAAII,QAAyB;IAC7B,IAAInB,eAAM,CAACG,aAAa,EAAE;MACxBgB,QAAQ,GAAG,MAAM,IAAAC,sCAA6B,EAAChD,aAAa,CAAC;IAC/D,CAAC,MAAM;MACL+C,QAAQ,GAAG,MAAM,IAAAE,mCAA0B,EAACjD,aAAa,CAAC;IAC5D;IAEA,MAAMkC,SAAS,GAAGN,eAAM,CAACO,KAAK;IAC9B,IAAIY,QAAQ,KAAK,IAAI,IAAI,CAACA,QAAQ,CAACG,EAAE,EAAE;MACrCzC,gBAAa,CAACwB,aAAa,CAAC;QAC1BG,YAAY,EAAER,eAAM,CAACQ,YAAY;QACjCF,SAAS;QACTjC,GAAG,EAAED,aAAa;QAClBG,GAAG,EAAED;MACP,CAAC,CAAC;MACF,OAAO,IAAI;IACb;IAEA,MAAMiD,IAAI,GAAG,MAAMJ,QAAQ,CAACK,IAAI,CAAC,CAAC;IAElC,MAAMC,YAAsB,GAC1B;IAAA,CAAArC,IAAA,IAAAC,KAAA,IAAAC,qBAAA,IAAAC,iBAAA,GACA4B,QAAQ,CAACR,OAAO,cAAAnB,sBAAA,GAAhBD,iBAAA,CAAkBmC,GAAG,qBAArBlC,sBAAA,CAAAmC,IAAA,CAAApC,iBAAwB,CAAC,CAAC,YAAY,CAAC,YAAAD,qBAAA,GACvC;IAAA,CAAAG,kBAAA,GACA0B,QAAQ,CAACR,OAAO,cAAAjB,qBAAA,GAAhBD,kBAAA,CAAkBmC,YAAY,qBAA9BlC,qBAAA,CAAAiC,IAAA,CAAAlC,kBAAiC,CAAC,YAAAJ,KAAA,IAAAM,kBAAA,GAClCwB,QAAQ,CAACR,OAAO,cAAAf,qBAAA,GAAhBD,kBAAA,CAAkBkC,GAAG,qBAArBjC,qBAAA,CAAA+B,IAAA,CAAAhC,kBAAA,EAAwB,YAAY,CAAC,YAAAP,IAAA,GACrC,EAAE;IAEJ,MAAM0C,YAAY,IAAAjC,qBAAA,GAAGhB,gBAAa,CAACkD,eAAe,CAACN,YAAY,EAAEnB,SAAS,CAAC,YAAAT,qBAAA,GAAI,EAAE;IACjF,MAAM,CAACd,OAAO,EAAEiD,UAAU,EAAEC,YAAY,CAAC,GAAG,MAAM,IAAAC,oCAA4B,EAACX,IAAI,CAAC;IAEpF,IAAI,CAACxC,OAAO,EAAE;MACZ,OAAO,IAAI;IACb;IACA,MAAMoD,WAAW,GAAGtD,gBAAa,CAACuD,MAAM,CAAC;MACvCC,KAAK,EAAEtD,OAAO;MACduD,OAAO,EAAE,IAAIC,IAAI,CAACP,UAAU,CAACQ,GAAG,GAAG,IAAI,CAAC;MACxCC,MAAM,EAAEnC,SAAS;MACjBjC,GAAG,EAAED;IACP,CAAC,CAAC;IACF0D,YAAY,CAACY,IAAI,CAAC,GAAGP,WAAW,CAAC;IACjC7D,cAAc,CAACqE,SAAS,CAAC,YAAY,EAAEb,YAAY,CAAC;IAEpD,MAAMc,eAAe,GAAG;MACtBC,WAAW,GAAA/C,iBAAA,GAAEyB,IAAI,CAACsB,WAAW,YAAA/C,iBAAA,GAAIyB,IAAI,CAACuB,YAAY;MAClDC,IAAI,EAAEf,UAAU;MAChBC;IACF,CAAC;IAED,IAAAe,6BAAoB,EAAC1E,cAAc,EAAEsE,eAAe,CAAC;IACrD,OAAOA,eAAe;EACxB,CAAC,CAAC,OAAOK,CAAC,EAAE;IACVnF,MAAM,CAACoF,KAAK,CAAC,2CAA2C,EAAED,CAAC,CAAC;IAC5D,OAAO,IAAI;EACb;AACF","ignoreList":[]}