@frontegg/nextjs 9.2.2-alpha.13969697706 → 9.2.2-alpha.13994474816
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/api/utils.d.ts +2 -0
- package/api/utils.js +6 -2
- package/api/utils.js.map +1 -1
- package/edge/getSessionOnEdge.js +3 -1
- package/edge/getSessionOnEdge.js.map +1 -1
- package/index.js +1 -1
- package/middleware/ProxyRequestCallback.js +3 -1
- package/middleware/ProxyRequestCallback.js.map +1 -1
- package/package.json +1 -1
- package/sdkVersion.js +1 -1
- package/sdkVersion.js.map +1 -1
- package/utils/refreshAccessTokenIfNeeded/index.js +3 -1
- package/utils/refreshAccessTokenIfNeeded/index.js.map +1 -1
package/api/utils.d.ts
CHANGED
|
@@ -25,6 +25,8 @@ export declare const CUSTOM_LOGIN_HEADER = "frontegg-login-alias";
|
|
|
25
25
|
export declare const FRONTEGG_FORWARD_IP_HEADER = "x-frontegg-forwarded-for";
|
|
26
26
|
export declare const FRONTEGG_HEADERS_VERIFIER_HEADER = "x-frontegg-headers-verifier";
|
|
27
27
|
export declare const FRONTEGG_APPLICATION_ID_HEADER = "frontegg-requested-application-id";
|
|
28
|
+
export declare const FRONTEGG_APP_ID_HEADER = "test123";
|
|
29
|
+
export declare const FRONTEGG_VENDOR_ID_HEADER = "frontegg-vendor-id";
|
|
28
30
|
/**
|
|
29
31
|
* Build fetch request headers, remove invalid http headers
|
|
30
32
|
* @param headers - Incoming request headers
|
package/api/utils.js
CHANGED
|
@@ -4,7 +4,7 @@ var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefau
|
|
|
4
4
|
Object.defineProperty(exports, "__esModule", {
|
|
5
5
|
value: true
|
|
6
6
|
});
|
|
7
|
-
exports.Post = exports.Get = exports.FRONTEGG_HEADERS_VERIFIER_HEADER = exports.FRONTEGG_FORWARD_IP_HEADER = exports.FRONTEGG_APPLICATION_ID_HEADER = exports.CUSTOM_LOGIN_HEADER = void 0;
|
|
7
|
+
exports.Post = exports.Get = exports.FRONTEGG_VENDOR_ID_HEADER = exports.FRONTEGG_HEADERS_VERIFIER_HEADER = exports.FRONTEGG_FORWARD_IP_HEADER = exports.FRONTEGG_APP_ID_HEADER = exports.FRONTEGG_APPLICATION_ID_HEADER = exports.CUSTOM_LOGIN_HEADER = void 0;
|
|
8
8
|
exports.buildRequestHeaders = buildRequestHeaders;
|
|
9
9
|
exports.isMiddlewarePath = isMiddlewarePath;
|
|
10
10
|
exports.parseHttpResponse = void 0;
|
|
@@ -70,6 +70,8 @@ const CUSTOM_LOGIN_HEADER = exports.CUSTOM_LOGIN_HEADER = 'frontegg-login-alias'
|
|
|
70
70
|
const FRONTEGG_FORWARD_IP_HEADER = exports.FRONTEGG_FORWARD_IP_HEADER = 'x-frontegg-forwarded-for';
|
|
71
71
|
const FRONTEGG_HEADERS_VERIFIER_HEADER = exports.FRONTEGG_HEADERS_VERIFIER_HEADER = 'x-frontegg-headers-verifier';
|
|
72
72
|
const FRONTEGG_APPLICATION_ID_HEADER = exports.FRONTEGG_APPLICATION_ID_HEADER = 'frontegg-requested-application-id';
|
|
73
|
+
const FRONTEGG_APP_ID_HEADER = exports.FRONTEGG_APP_ID_HEADER = 'test123'; //frontegg-application-id;
|
|
74
|
+
const FRONTEGG_VENDOR_ID_HEADER = exports.FRONTEGG_VENDOR_ID_HEADER = 'frontegg-vendor-id';
|
|
73
75
|
|
|
74
76
|
/**
|
|
75
77
|
* Build fetch request headers, remove invalid http headers
|
|
@@ -116,8 +118,10 @@ function buildRequestHeaders(headers) {
|
|
|
116
118
|
}
|
|
117
119
|
const clientIp = (0, _headers.getClientIp)(headers[FRONTEGG_FORWARD_IP_HEADER] || headers['cf-connecting-ip'] || headers['x-forwarded-for']);
|
|
118
120
|
if (clientIp && _config.default.shouldForwardIp) {
|
|
119
|
-
var _config$sharedSecret;
|
|
121
|
+
var _config$appId, _config$clientId, _config$sharedSecret;
|
|
120
122
|
preparedHeaders[FRONTEGG_FORWARD_IP_HEADER] = clientIp;
|
|
123
|
+
preparedHeaders[FRONTEGG_APP_ID_HEADER] = (_config$appId = _config.default.appId) != null ? _config$appId : '';
|
|
124
|
+
preparedHeaders[FRONTEGG_VENDOR_ID_HEADER] = (_config$clientId = _config.default.clientId) != null ? _config$clientId : '';
|
|
121
125
|
preparedHeaders['build-request-headers'] = `headers[FRONTEGG_FORWARD_IP_HEADER] ${headers[FRONTEGG_FORWARD_IP_HEADER]} | headers['cf-connecting-ip'] ${headers['cf-connecting-ip']} | headers['x-forwarded-for'] ${headers['x-forwarded-for']}`;
|
|
122
126
|
preparedHeaders[FRONTEGG_HEADERS_VERIFIER_HEADER] = (_config$sharedSecret = _config.default.sharedSecret) != null ? _config$sharedSecret : '';
|
|
123
127
|
}
|
package/api/utils.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.js","names":["_config","_interopRequireDefault","require","_sdkVersion","_package","_restApi","_constants","_headers","Get","url","credentials","headers","fetch","method","exports","Post","body","removeInvalidHeaders","newHeaders","_extends2","default","Object","keys","forEach","key","val","Array","isArray","headerCharRegex","exec","undefined","length","CUSTOM_LOGIN_HEADER","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","FRONTEGG_APPLICATION_ID_HEADER","buildRequestHeaders","cookie","replace","config","rewriteCookieByAppId","appId","split","filter","cookieStr","trim","startsWith","clientId","join","entries","map","value","preparedHeaders","authorization","accept","origin","baseUrl","nextjsPkg","version","sdkVersion","clientIp","getClientIp","shouldForwardIp","_config$sharedSecret","sharedSecret","parseHttpResponse","res","ok","json","isMiddlewarePath","path","isAuthPath","fronteggAuthApiRoutesRegex","find","pathRegex","RegExp","test","isSocialLoginPath","endsWith"],"sources":["../../../../packages/nextjs/src/api/utils.ts"],"sourcesContent":["import config from '../config';\nimport sdkVersion from '../sdkVersion';\nimport nextjsPkg from 'next/package.json';\nimport { fronteggAuthApiRoutesRegex } from '@frontegg/rest-api';\nimport { headerCharRegex } from '../utils/common/constants';\nimport { getClientIp } from '../utils/headers';\n\ninterface GetRequestOptions {\n url: string;\n credentials?: RequestCredentials;\n headers?: HeadersInit;\n}\n\nexport const Get = ({ url, credentials = 'include', headers }: GetRequestOptions) =>\n fetch(url, { method: 'GET', credentials, headers });\n\ninterface PostRequestOptions extends GetRequestOptions {\n body: string;\n}\n\nexport const Post = ({ url, credentials = 'include', headers, body }: PostRequestOptions) =>\n fetch(url, { method: 'POST', credentials, headers, body });\n\n/**\n * NodeJS 18 start using undici as http request handler,\n * undici http request does not accept invalid headers\n * for more details see:\n * https://github.com/nodejs/undici/blob/2b260c997ad4efe4ed2064b264b4b546a59e7a67/lib/core/request.js#L282\n * @param headers\n */\nexport function removeInvalidHeaders(headers: Record<string, string>) {\n const newHeaders = { ...headers };\n Object.keys(newHeaders).forEach((key: string) => {\n const val: any = headers[key];\n if (val && typeof val === 'object' && !Array.isArray(val)) {\n delete newHeaders[key];\n } else if (headerCharRegex.exec(val) !== null) {\n delete newHeaders[key];\n } else if (val === undefined || val === null) {\n delete newHeaders[key];\n } else if (key.length === 10 && key === 'connection') {\n delete newHeaders[key];\n }\n });\n return newHeaders;\n}\n\n/**\n * These headers are used to identify the tenant for login per tenant feature\n */\nexport const CUSTOM_LOGIN_HEADER = 'frontegg-login-alias';\nexport const FRONTEGG_FORWARD_IP_HEADER = 'x-frontegg-forwarded-for';\nexport const FRONTEGG_HEADERS_VERIFIER_HEADER = 'x-frontegg-headers-verifier';\nexport const FRONTEGG_APPLICATION_ID_HEADER = 'frontegg-requested-application-id';\n\n/**\n * Build fetch request headers, remove invalid http headers\n * @param headers - Incoming request headers\n */\nexport function buildRequestHeaders(headers: Record<string, any>): Record<string, string> {\n let cookie = headers['cookie'];\n if (cookie != null && typeof cookie === 'string') {\n cookie = cookie.replace(/fe_session-[^=]*=[^;]*$/, '').replace(/fe_session-[^=]*=[^;]*;/, '');\n\n if (config.rewriteCookieByAppId && config.appId) {\n cookie = cookie\n .split(';')\n .filter((cookieStr: string) => !cookieStr.trim().startsWith(`fe_refresh_${config.clientId.replace('-', '')}`))\n .join(';');\n cookie = cookie.replace(\n `fe_refresh_${config.appId.replace('-', '')}`,\n `fe_refresh_${config.clientId.replace('-', '')}`\n );\n }\n }\n if (cookie != null && typeof cookie === 'object') {\n cookie = Object.entries(cookie)\n .filter(([key]) => {\n if (config.rewriteCookieByAppId && config.appId) {\n return key !== `fe_refresh_${config.clientId.replace('-', '')}`;\n }\n return true;\n })\n .map(([key, value]) => {\n if (config.rewriteCookieByAppId && config.appId && key === `fe_refresh_${config.appId.replace('-', '')}`) {\n return `fe_refresh_${config.clientId.replace('-', '')}=${value}`;\n } else {\n return `${key}=${value}`;\n }\n })\n .join('; ');\n }\n\n const preparedHeaders: Record<string, string> = {\n authorization: headers['authorization'],\n 'accept-encoding': headers['accept-encoding'],\n 'accept-language': headers['accept-language'],\n accept: headers['accept'],\n 'content-type': 'application/json',\n origin: config.baseUrl,\n cookie,\n 'user-agent': headers['user-agent'],\n 'cache-control': headers['cache-control'],\n 'x-frontegg-framework': `next@${nextjsPkg.version}`,\n 'x-frontegg-sdk': `@frontegg/nextjs@${sdkVersion.version}`,\n };\n\n if (headers[FRONTEGG_APPLICATION_ID_HEADER]) {\n preparedHeaders[FRONTEGG_APPLICATION_ID_HEADER] = headers[FRONTEGG_APPLICATION_ID_HEADER];\n }\n\n const clientIp = getClientIp(\n headers[FRONTEGG_FORWARD_IP_HEADER] || headers['cf-connecting-ip'] || headers['x-forwarded-for']\n );\n if (clientIp && config.shouldForwardIp) {\n preparedHeaders[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n preparedHeaders[\n 'build-request-headers'\n ] = `headers[FRONTEGG_FORWARD_IP_HEADER] ${headers[FRONTEGG_FORWARD_IP_HEADER]} | headers['cf-connecting-ip'] ${headers['cf-connecting-ip']} | headers['x-forwarded-for'] ${headers['x-forwarded-for']}`;\n preparedHeaders[FRONTEGG_HEADERS_VERIFIER_HEADER] = config.sharedSecret ?? '';\n }\n\n if (headers[CUSTOM_LOGIN_HEADER]) {\n preparedHeaders[CUSTOM_LOGIN_HEADER] = headers[CUSTOM_LOGIN_HEADER];\n }\n return removeInvalidHeaders({ ...preparedHeaders });\n}\n\n/**\n * Return parsed json response if http status code = 200\n * @param res\n */\nexport const parseHttpResponse = async <T>(res: Response): Promise<T | undefined> => {\n if (!res.ok) {\n return undefined;\n }\n return await res.json();\n};\n\n/**\n * Checks if the given path should be forwarded to the Next.js server middleware.\n *\n *\n * @param {string} path - The path to check for authentication API routes.\n * @returns {boolean} Returns true if the path is a frontegg authentication API route or ends with '/postlogin' or '/prelogin'; otherwise, returns false.\n */\nexport function isMiddlewarePath(path: string): boolean {\n let isAuthPath =\n fronteggAuthApiRoutesRegex.find((pathRegex) => {\n if (typeof pathRegex === 'string') {\n return pathRegex === path;\n } else {\n return new RegExp(pathRegex).test(path);\n }\n }) != null;\n\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/user\\/sso\\/[^\\/]*\\/postlogin$/g.test(path)\n // }\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/passwordless\\/[^\\/]*\\/prelogin$/g.test(path)\n // }\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/[^\\/]*\\/prelogin$/g.test(path)\n // }\n\n if (!isAuthPath) {\n const isSocialLoginPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/user\\/sso\\/default\\/[^\\/]*\\/prelogin$/.test(path);\n isAuthPath = (path.endsWith('/postlogin') || path.endsWith('/prelogin')) && !isSocialLoginPath;\n }\n\n return isAuthPath;\n}\n"],"mappings":";;;;;;;;;;;;AAAA,IAAAA,OAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,WAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,QAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,QAAA,GAAAH,OAAA;AACA,IAAAI,UAAA,GAAAJ,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AAQO,MAAMM,GAAG,GAAGA,CAAC;EAAEC,GAAG;EAAEC,WAAW,GAAG,SAAS;EAAEC;AAA2B,CAAC,KAC9EC,KAAK,CAACH,GAAG,EAAE;EAAEI,MAAM,EAAE,KAAK;EAAEH,WAAW;EAAEC;AAAQ,CAAC,CAAC;AAACG,OAAA,CAAAN,GAAA,GAAAA,GAAA;AAM/C,MAAMO,IAAI,GAAGA,CAAC;EAAEN,GAAG;EAAEC,WAAW,GAAG,SAAS;EAAEC,OAAO;EAAEK;AAAyB,CAAC,KACtFJ,KAAK,CAACH,GAAG,EAAE;EAAEI,MAAM,EAAE,MAAM;EAAEH,WAAW;EAAEC,OAAO;EAAEK;AAAK,CAAC,CAAC;;AAE5D;AACA;AACA;AACA;AACA;AACA;AACA;AANAF,OAAA,CAAAC,IAAA,GAAAA,IAAA;AAOO,SAASE,oBAAoBA,CAACN,OAA+B,EAAE;EACpE,MAAMO,UAAU,OAAAC,SAAA,CAAAC,OAAA,MAAQT,OAAO,CAAE;EACjCU,MAAM,CAACC,IAAI,CAACJ,UAAU,CAAC,CAACK,OAAO,CAAEC,GAAW,IAAK;IAC/C,MAAMC,GAAQ,GAAGd,OAAO,CAACa,GAAG,CAAC;IAC7B,IAAIC,GAAG,IAAI,OAAOA,GAAG,KAAK,QAAQ,IAAI,CAACC,KAAK,CAACC,OAAO,CAACF,GAAG,CAAC,EAAE;MACzD,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAII,0BAAe,CAACC,IAAI,CAACJ,GAAG,CAAC,KAAK,IAAI,EAAE;MAC7C,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAIC,GAAG,KAAKK,SAAS,IAAIL,GAAG,KAAK,IAAI,EAAE;MAC5C,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAIA,GAAG,CAACO,MAAM,KAAK,EAAE,IAAIP,GAAG,KAAK,YAAY,EAAE;MACpD,OAAON,UAAU,CAACM,GAAG,CAAC;IACxB;EACF,CAAC,CAAC;EACF,OAAON,UAAU;AACnB;;AAEA;AACA;AACA;AACO,MAAMc,mBAAmB,GAAAlB,OAAA,CAAAkB,mBAAA,GAAG,sBAAsB;AAClD,MAAMC,0BAA0B,GAAAnB,OAAA,CAAAmB,0BAAA,GAAG,0BAA0B;AAC7D,MAAMC,gCAAgC,GAAApB,OAAA,CAAAoB,gCAAA,GAAG,6BAA6B;AACtE,MAAMC,8BAA8B,GAAArB,OAAA,CAAAqB,8BAAA,GAAG,mCAAmC;;AAEjF;AACA;AACA;AACA;AACO,SAASC,mBAAmBA,CAACzB,OAA4B,EAA0B;EACxF,IAAI0B,MAAM,GAAG1B,OAAO,CAAC,QAAQ,CAAC;EAC9B,IAAI0B,MAAM,IAAI,IAAI,IAAI,OAAOA,MAAM,KAAK,QAAQ,EAAE;IAChDA,MAAM,GAAGA,MAAM,CAACC,OAAO,CAAC,yBAAyB,EAAE,EAAE,CAAC,CAACA,OAAO,CAAC,yBAAyB,EAAE,EAAE,CAAC;IAE7F,IAAIC,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,EAAE;MAC/CJ,MAAM,GAAGA,MAAM,CACZK,KAAK,CAAC,GAAG,CAAC,CACVC,MAAM,CAAEC,SAAiB,IAAK,CAACA,SAAS,CAACC,IAAI,CAAC,CAAC,CAACC,UAAU,CAAC,cAAcP,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAC7GU,IAAI,CAAC,GAAG,CAAC;MACZX,MAAM,GAAGA,MAAM,CAACC,OAAO,CACrB,cAAcC,eAAM,CAACE,KAAK,CAACH,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAC7C,cAAcC,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAChD,CAAC;IACH;EACF;EACA,IAAID,MAAM,IAAI,IAAI,IAAI,OAAOA,MAAM,KAAK,QAAQ,EAAE;IAChDA,MAAM,GAAGhB,MAAM,CAAC4B,OAAO,CAACZ,MAAM,CAAC,CAC5BM,MAAM,CAAC,CAAC,CAACnB,GAAG,CAAC,KAAK;MACjB,IAAIe,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,EAAE;QAC/C,OAAOjB,GAAG,KAAK,cAAce,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;MACjE;MACA,OAAO,IAAI;IACb,CAAC,CAAC,CACDY,GAAG,CAAC,CAAC,CAAC1B,GAAG,EAAE2B,KAAK,CAAC,KAAK;MACrB,IAAIZ,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,IAAIjB,GAAG,KAAK,cAAce,eAAM,CAACE,KAAK,CAACH,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;QACxG,OAAO,cAAcC,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,IAAIa,KAAK,EAAE;MAClE,CAAC,MAAM;QACL,OAAO,GAAG3B,GAAG,IAAI2B,KAAK,EAAE;MAC1B;IACF,CAAC,CAAC,CACDH,IAAI,CAAC,IAAI,CAAC;EACf;EAEA,MAAMI,eAAuC,GAAG;IAC9CC,aAAa,EAAE1C,OAAO,CAAC,eAAe,CAAC;IACvC,iBAAiB,EAAEA,OAAO,CAAC,iBAAiB,CAAC;IAC7C,iBAAiB,EAAEA,OAAO,CAAC,iBAAiB,CAAC;IAC7C2C,MAAM,EAAE3C,OAAO,CAAC,QAAQ,CAAC;IACzB,cAAc,EAAE,kBAAkB;IAClC4C,MAAM,EAAEhB,eAAM,CAACiB,OAAO;IACtBnB,MAAM;IACN,YAAY,EAAE1B,OAAO,CAAC,YAAY,CAAC;IACnC,eAAe,EAAEA,OAAO,CAAC,eAAe,CAAC;IACzC,sBAAsB,EAAE,QAAQ8C,gBAAS,CAACC,OAAO,EAAE;IACnD,gBAAgB,EAAE,oBAAoBC,mBAAU,CAACD,OAAO;EAC1D,CAAC;EAED,IAAI/C,OAAO,CAACwB,8BAA8B,CAAC,EAAE;IAC3CiB,eAAe,CAACjB,8BAA8B,CAAC,GAAGxB,OAAO,CAACwB,8BAA8B,CAAC;EAC3F;EAEA,MAAMyB,QAAQ,GAAG,IAAAC,oBAAW,EAC1BlD,OAAO,CAACsB,0BAA0B,CAAC,IAAItB,OAAO,CAAC,kBAAkB,CAAC,IAAIA,OAAO,CAAC,iBAAiB,CACjG,CAAC;EACD,IAAIiD,QAAQ,IAAIrB,eAAM,CAACuB,eAAe,EAAE;IAAA,IAAAC,oBAAA;IACtCX,eAAe,CAACnB,0BAA0B,CAAC,GAAG2B,QAAQ;IACtDR,eAAe,CACb,uBAAuB,CACxB,GAAG,uCAAuCzC,OAAO,CAACsB,0BAA0B,CAAC,kCAAkCtB,OAAO,CAAC,kBAAkB,CAAC,iCAAiCA,OAAO,CAAC,iBAAiB,CAAC,EAAE;IACxMyC,eAAe,CAAClB,gCAAgC,CAAC,IAAA6B,oBAAA,GAAGxB,eAAM,CAACyB,YAAY,YAAAD,oBAAA,GAAI,EAAE;EAC/E;EAEA,IAAIpD,OAAO,CAACqB,mBAAmB,CAAC,EAAE;IAChCoB,eAAe,CAACpB,mBAAmB,CAAC,GAAGrB,OAAO,CAACqB,mBAAmB,CAAC;EACrE;EACA,OAAOf,oBAAoB,KAAAE,SAAA,CAAAC,OAAA,MAAMgC,eAAe,CAAE,CAAC;AACrD;;AAEA;AACA;AACA;AACA;AACO,MAAMa,iBAAiB,GAAG,MAAUC,GAAa,IAA6B;EACnF,IAAI,CAACA,GAAG,CAACC,EAAE,EAAE;IACX,OAAOrC,SAAS;EAClB;EACA,OAAO,MAAMoC,GAAG,CAACE,IAAI,CAAC,CAAC;AACzB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAtD,OAAA,CAAAmD,iBAAA,GAAAA,iBAAA;AAOO,SAASI,gBAAgBA,CAACC,IAAY,EAAW;EACtD,IAAIC,UAAU,GACZC,mCAA0B,CAACC,IAAI,CAAEC,SAAS,IAAK;IAC7C,IAAI,OAAOA,SAAS,KAAK,QAAQ,EAAE;MACjC,OAAOA,SAAS,KAAKJ,IAAI;IAC3B,CAAC,MAAM;MACL,OAAO,IAAIK,MAAM,CAACD,SAAS,CAAC,CAACE,IAAI,CAACN,IAAI,CAAC;IACzC;EACF,CAAC,CAAC,IAAI,IAAI;;EAEZ;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,IAAI,CAACC,UAAU,EAAE;IACf,MAAMM,iBAAiB,GAAG,8EAA8E,CAACD,IAAI,CAACN,IAAI,CAAC;IACnHC,UAAU,GAAG,CAACD,IAAI,CAACQ,QAAQ,CAAC,YAAY,CAAC,IAAIR,IAAI,CAACQ,QAAQ,CAAC,WAAW,CAAC,KAAK,CAACD,iBAAiB;EAChG;EAEA,OAAON,UAAU;AACnB","ignoreList":[]}
|
|
1
|
+
{"version":3,"file":"utils.js","names":["_config","_interopRequireDefault","require","_sdkVersion","_package","_restApi","_constants","_headers","Get","url","credentials","headers","fetch","method","exports","Post","body","removeInvalidHeaders","newHeaders","_extends2","default","Object","keys","forEach","key","val","Array","isArray","headerCharRegex","exec","undefined","length","CUSTOM_LOGIN_HEADER","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","FRONTEGG_APPLICATION_ID_HEADER","FRONTEGG_APP_ID_HEADER","FRONTEGG_VENDOR_ID_HEADER","buildRequestHeaders","cookie","replace","config","rewriteCookieByAppId","appId","split","filter","cookieStr","trim","startsWith","clientId","join","entries","map","value","preparedHeaders","authorization","accept","origin","baseUrl","nextjsPkg","version","sdkVersion","clientIp","getClientIp","shouldForwardIp","_config$appId","_config$clientId","_config$sharedSecret","sharedSecret","parseHttpResponse","res","ok","json","isMiddlewarePath","path","isAuthPath","fronteggAuthApiRoutesRegex","find","pathRegex","RegExp","test","isSocialLoginPath","endsWith"],"sources":["../../../../packages/nextjs/src/api/utils.ts"],"sourcesContent":["import config from '../config';\nimport sdkVersion from '../sdkVersion';\nimport nextjsPkg from 'next/package.json';\nimport { fronteggAuthApiRoutesRegex } from '@frontegg/rest-api';\nimport { headerCharRegex } from '../utils/common/constants';\nimport { getClientIp } from '../utils/headers';\n\ninterface GetRequestOptions {\n url: string;\n credentials?: RequestCredentials;\n headers?: HeadersInit;\n}\n\nexport const Get = ({ url, credentials = 'include', headers }: GetRequestOptions) =>\n fetch(url, { method: 'GET', credentials, headers });\n\ninterface PostRequestOptions extends GetRequestOptions {\n body: string;\n}\n\nexport const Post = ({ url, credentials = 'include', headers, body }: PostRequestOptions) =>\n fetch(url, { method: 'POST', credentials, headers, body });\n\n/**\n * NodeJS 18 start using undici as http request handler,\n * undici http request does not accept invalid headers\n * for more details see:\n * https://github.com/nodejs/undici/blob/2b260c997ad4efe4ed2064b264b4b546a59e7a67/lib/core/request.js#L282\n * @param headers\n */\nexport function removeInvalidHeaders(headers: Record<string, string>) {\n const newHeaders = { ...headers };\n Object.keys(newHeaders).forEach((key: string) => {\n const val: any = headers[key];\n if (val && typeof val === 'object' && !Array.isArray(val)) {\n delete newHeaders[key];\n } else if (headerCharRegex.exec(val) !== null) {\n delete newHeaders[key];\n } else if (val === undefined || val === null) {\n delete newHeaders[key];\n } else if (key.length === 10 && key === 'connection') {\n delete newHeaders[key];\n }\n });\n return newHeaders;\n}\n\n/**\n * These headers are used to identify the tenant for login per tenant feature\n */\nexport const CUSTOM_LOGIN_HEADER = 'frontegg-login-alias';\nexport const FRONTEGG_FORWARD_IP_HEADER = 'x-frontegg-forwarded-for';\nexport const FRONTEGG_HEADERS_VERIFIER_HEADER = 'x-frontegg-headers-verifier';\nexport const FRONTEGG_APPLICATION_ID_HEADER = 'frontegg-requested-application-id';\nexport const FRONTEGG_APP_ID_HEADER = 'test123'; //frontegg-application-id;\nexport const FRONTEGG_VENDOR_ID_HEADER = 'frontegg-vendor-id';\n\n/**\n * Build fetch request headers, remove invalid http headers\n * @param headers - Incoming request headers\n */\nexport function buildRequestHeaders(headers: Record<string, any>): Record<string, string> {\n let cookie = headers['cookie'];\n if (cookie != null && typeof cookie === 'string') {\n cookie = cookie.replace(/fe_session-[^=]*=[^;]*$/, '').replace(/fe_session-[^=]*=[^;]*;/, '');\n\n if (config.rewriteCookieByAppId && config.appId) {\n cookie = cookie\n .split(';')\n .filter((cookieStr: string) => !cookieStr.trim().startsWith(`fe_refresh_${config.clientId.replace('-', '')}`))\n .join(';');\n cookie = cookie.replace(\n `fe_refresh_${config.appId.replace('-', '')}`,\n `fe_refresh_${config.clientId.replace('-', '')}`\n );\n }\n }\n if (cookie != null && typeof cookie === 'object') {\n cookie = Object.entries(cookie)\n .filter(([key]) => {\n if (config.rewriteCookieByAppId && config.appId) {\n return key !== `fe_refresh_${config.clientId.replace('-', '')}`;\n }\n return true;\n })\n .map(([key, value]) => {\n if (config.rewriteCookieByAppId && config.appId && key === `fe_refresh_${config.appId.replace('-', '')}`) {\n return `fe_refresh_${config.clientId.replace('-', '')}=${value}`;\n } else {\n return `${key}=${value}`;\n }\n })\n .join('; ');\n }\n\n const preparedHeaders: Record<string, string> = {\n authorization: headers['authorization'],\n 'accept-encoding': headers['accept-encoding'],\n 'accept-language': headers['accept-language'],\n accept: headers['accept'],\n 'content-type': 'application/json',\n origin: config.baseUrl,\n cookie,\n 'user-agent': headers['user-agent'],\n 'cache-control': headers['cache-control'],\n 'x-frontegg-framework': `next@${nextjsPkg.version}`,\n 'x-frontegg-sdk': `@frontegg/nextjs@${sdkVersion.version}`,\n };\n\n if (headers[FRONTEGG_APPLICATION_ID_HEADER]) {\n preparedHeaders[FRONTEGG_APPLICATION_ID_HEADER] = headers[FRONTEGG_APPLICATION_ID_HEADER];\n }\n\n const clientIp = getClientIp(\n headers[FRONTEGG_FORWARD_IP_HEADER] || headers['cf-connecting-ip'] || headers['x-forwarded-for']\n );\n if (clientIp && config.shouldForwardIp) {\n preparedHeaders[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n preparedHeaders[FRONTEGG_APP_ID_HEADER] = config.appId ?? '';\n preparedHeaders[FRONTEGG_VENDOR_ID_HEADER] = config.clientId ?? '';\n\n preparedHeaders[\n 'build-request-headers'\n ] = `headers[FRONTEGG_FORWARD_IP_HEADER] ${headers[FRONTEGG_FORWARD_IP_HEADER]} | headers['cf-connecting-ip'] ${headers['cf-connecting-ip']} | headers['x-forwarded-for'] ${headers['x-forwarded-for']}`;\n preparedHeaders[FRONTEGG_HEADERS_VERIFIER_HEADER] = config.sharedSecret ?? '';\n }\n\n if (headers[CUSTOM_LOGIN_HEADER]) {\n preparedHeaders[CUSTOM_LOGIN_HEADER] = headers[CUSTOM_LOGIN_HEADER];\n }\n return removeInvalidHeaders({ ...preparedHeaders });\n}\n\n/**\n * Return parsed json response if http status code = 200\n * @param res\n */\nexport const parseHttpResponse = async <T>(res: Response): Promise<T | undefined> => {\n if (!res.ok) {\n return undefined;\n }\n return await res.json();\n};\n\n/**\n * Checks if the given path should be forwarded to the Next.js server middleware.\n *\n *\n * @param {string} path - The path to check for authentication API routes.\n * @returns {boolean} Returns true if the path is a frontegg authentication API route or ends with '/postlogin' or '/prelogin'; otherwise, returns false.\n */\nexport function isMiddlewarePath(path: string): boolean {\n let isAuthPath =\n fronteggAuthApiRoutesRegex.find((pathRegex) => {\n if (typeof pathRegex === 'string') {\n return pathRegex === path;\n } else {\n return new RegExp(pathRegex).test(path);\n }\n }) != null;\n\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/user\\/sso\\/[^\\/]*\\/postlogin$/g.test(path)\n // }\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/passwordless\\/[^\\/]*\\/prelogin$/g.test(path)\n // }\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/[^\\/]*\\/prelogin$/g.test(path)\n // }\n\n if (!isAuthPath) {\n const isSocialLoginPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/user\\/sso\\/default\\/[^\\/]*\\/prelogin$/.test(path);\n isAuthPath = (path.endsWith('/postlogin') || path.endsWith('/prelogin')) && !isSocialLoginPath;\n }\n\n return isAuthPath;\n}\n"],"mappings":";;;;;;;;;;;;AAAA,IAAAA,OAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,WAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,QAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,QAAA,GAAAH,OAAA;AACA,IAAAI,UAAA,GAAAJ,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AAQO,MAAMM,GAAG,GAAGA,CAAC;EAAEC,GAAG;EAAEC,WAAW,GAAG,SAAS;EAAEC;AAA2B,CAAC,KAC9EC,KAAK,CAACH,GAAG,EAAE;EAAEI,MAAM,EAAE,KAAK;EAAEH,WAAW;EAAEC;AAAQ,CAAC,CAAC;AAACG,OAAA,CAAAN,GAAA,GAAAA,GAAA;AAM/C,MAAMO,IAAI,GAAGA,CAAC;EAAEN,GAAG;EAAEC,WAAW,GAAG,SAAS;EAAEC,OAAO;EAAEK;AAAyB,CAAC,KACtFJ,KAAK,CAACH,GAAG,EAAE;EAAEI,MAAM,EAAE,MAAM;EAAEH,WAAW;EAAEC,OAAO;EAAEK;AAAK,CAAC,CAAC;;AAE5D;AACA;AACA;AACA;AACA;AACA;AACA;AANAF,OAAA,CAAAC,IAAA,GAAAA,IAAA;AAOO,SAASE,oBAAoBA,CAACN,OAA+B,EAAE;EACpE,MAAMO,UAAU,OAAAC,SAAA,CAAAC,OAAA,MAAQT,OAAO,CAAE;EACjCU,MAAM,CAACC,IAAI,CAACJ,UAAU,CAAC,CAACK,OAAO,CAAEC,GAAW,IAAK;IAC/C,MAAMC,GAAQ,GAAGd,OAAO,CAACa,GAAG,CAAC;IAC7B,IAAIC,GAAG,IAAI,OAAOA,GAAG,KAAK,QAAQ,IAAI,CAACC,KAAK,CAACC,OAAO,CAACF,GAAG,CAAC,EAAE;MACzD,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAII,0BAAe,CAACC,IAAI,CAACJ,GAAG,CAAC,KAAK,IAAI,EAAE;MAC7C,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAIC,GAAG,KAAKK,SAAS,IAAIL,GAAG,KAAK,IAAI,EAAE;MAC5C,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAIA,GAAG,CAACO,MAAM,KAAK,EAAE,IAAIP,GAAG,KAAK,YAAY,EAAE;MACpD,OAAON,UAAU,CAACM,GAAG,CAAC;IACxB;EACF,CAAC,CAAC;EACF,OAAON,UAAU;AACnB;;AAEA;AACA;AACA;AACO,MAAMc,mBAAmB,GAAAlB,OAAA,CAAAkB,mBAAA,GAAG,sBAAsB;AAClD,MAAMC,0BAA0B,GAAAnB,OAAA,CAAAmB,0BAAA,GAAG,0BAA0B;AAC7D,MAAMC,gCAAgC,GAAApB,OAAA,CAAAoB,gCAAA,GAAG,6BAA6B;AACtE,MAAMC,8BAA8B,GAAArB,OAAA,CAAAqB,8BAAA,GAAG,mCAAmC;AAC1E,MAAMC,sBAAsB,GAAAtB,OAAA,CAAAsB,sBAAA,GAAG,SAAS,CAAC,CAAC;AAC1C,MAAMC,yBAAyB,GAAAvB,OAAA,CAAAuB,yBAAA,GAAG,oBAAoB;;AAE7D;AACA;AACA;AACA;AACO,SAASC,mBAAmBA,CAAC3B,OAA4B,EAA0B;EACxF,IAAI4B,MAAM,GAAG5B,OAAO,CAAC,QAAQ,CAAC;EAC9B,IAAI4B,MAAM,IAAI,IAAI,IAAI,OAAOA,MAAM,KAAK,QAAQ,EAAE;IAChDA,MAAM,GAAGA,MAAM,CAACC,OAAO,CAAC,yBAAyB,EAAE,EAAE,CAAC,CAACA,OAAO,CAAC,yBAAyB,EAAE,EAAE,CAAC;IAE7F,IAAIC,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,EAAE;MAC/CJ,MAAM,GAAGA,MAAM,CACZK,KAAK,CAAC,GAAG,CAAC,CACVC,MAAM,CAAEC,SAAiB,IAAK,CAACA,SAAS,CAACC,IAAI,CAAC,CAAC,CAACC,UAAU,CAAC,cAAcP,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAC7GU,IAAI,CAAC,GAAG,CAAC;MACZX,MAAM,GAAGA,MAAM,CAACC,OAAO,CACrB,cAAcC,eAAM,CAACE,KAAK,CAACH,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAC7C,cAAcC,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAChD,CAAC;IACH;EACF;EACA,IAAID,MAAM,IAAI,IAAI,IAAI,OAAOA,MAAM,KAAK,QAAQ,EAAE;IAChDA,MAAM,GAAGlB,MAAM,CAAC8B,OAAO,CAACZ,MAAM,CAAC,CAC5BM,MAAM,CAAC,CAAC,CAACrB,GAAG,CAAC,KAAK;MACjB,IAAIiB,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,EAAE;QAC/C,OAAOnB,GAAG,KAAK,cAAciB,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;MACjE;MACA,OAAO,IAAI;IACb,CAAC,CAAC,CACDY,GAAG,CAAC,CAAC,CAAC5B,GAAG,EAAE6B,KAAK,CAAC,KAAK;MACrB,IAAIZ,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,IAAInB,GAAG,KAAK,cAAciB,eAAM,CAACE,KAAK,CAACH,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;QACxG,OAAO,cAAcC,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,IAAIa,KAAK,EAAE;MAClE,CAAC,MAAM;QACL,OAAO,GAAG7B,GAAG,IAAI6B,KAAK,EAAE;MAC1B;IACF,CAAC,CAAC,CACDH,IAAI,CAAC,IAAI,CAAC;EACf;EAEA,MAAMI,eAAuC,GAAG;IAC9CC,aAAa,EAAE5C,OAAO,CAAC,eAAe,CAAC;IACvC,iBAAiB,EAAEA,OAAO,CAAC,iBAAiB,CAAC;IAC7C,iBAAiB,EAAEA,OAAO,CAAC,iBAAiB,CAAC;IAC7C6C,MAAM,EAAE7C,OAAO,CAAC,QAAQ,CAAC;IACzB,cAAc,EAAE,kBAAkB;IAClC8C,MAAM,EAAEhB,eAAM,CAACiB,OAAO;IACtBnB,MAAM;IACN,YAAY,EAAE5B,OAAO,CAAC,YAAY,CAAC;IACnC,eAAe,EAAEA,OAAO,CAAC,eAAe,CAAC;IACzC,sBAAsB,EAAE,QAAQgD,gBAAS,CAACC,OAAO,EAAE;IACnD,gBAAgB,EAAE,oBAAoBC,mBAAU,CAACD,OAAO;EAC1D,CAAC;EAED,IAAIjD,OAAO,CAACwB,8BAA8B,CAAC,EAAE;IAC3CmB,eAAe,CAACnB,8BAA8B,CAAC,GAAGxB,OAAO,CAACwB,8BAA8B,CAAC;EAC3F;EAEA,MAAM2B,QAAQ,GAAG,IAAAC,oBAAW,EAC1BpD,OAAO,CAACsB,0BAA0B,CAAC,IAAItB,OAAO,CAAC,kBAAkB,CAAC,IAAIA,OAAO,CAAC,iBAAiB,CACjG,CAAC;EACD,IAAImD,QAAQ,IAAIrB,eAAM,CAACuB,eAAe,EAAE;IAAA,IAAAC,aAAA,EAAAC,gBAAA,EAAAC,oBAAA;IACtCb,eAAe,CAACrB,0BAA0B,CAAC,GAAG6B,QAAQ;IACtDR,eAAe,CAAClB,sBAAsB,CAAC,IAAA6B,aAAA,GAAGxB,eAAM,CAACE,KAAK,YAAAsB,aAAA,GAAI,EAAE;IAC5DX,eAAe,CAACjB,yBAAyB,CAAC,IAAA6B,gBAAA,GAAGzB,eAAM,CAACQ,QAAQ,YAAAiB,gBAAA,GAAI,EAAE;IAElEZ,eAAe,CACb,uBAAuB,CACxB,GAAG,uCAAuC3C,OAAO,CAACsB,0BAA0B,CAAC,kCAAkCtB,OAAO,CAAC,kBAAkB,CAAC,iCAAiCA,OAAO,CAAC,iBAAiB,CAAC,EAAE;IACxM2C,eAAe,CAACpB,gCAAgC,CAAC,IAAAiC,oBAAA,GAAG1B,eAAM,CAAC2B,YAAY,YAAAD,oBAAA,GAAI,EAAE;EAC/E;EAEA,IAAIxD,OAAO,CAACqB,mBAAmB,CAAC,EAAE;IAChCsB,eAAe,CAACtB,mBAAmB,CAAC,GAAGrB,OAAO,CAACqB,mBAAmB,CAAC;EACrE;EACA,OAAOf,oBAAoB,KAAAE,SAAA,CAAAC,OAAA,MAAMkC,eAAe,CAAE,CAAC;AACrD;;AAEA;AACA;AACA;AACA;AACO,MAAMe,iBAAiB,GAAG,MAAUC,GAAa,IAA6B;EACnF,IAAI,CAACA,GAAG,CAACC,EAAE,EAAE;IACX,OAAOzC,SAAS;EAClB;EACA,OAAO,MAAMwC,GAAG,CAACE,IAAI,CAAC,CAAC;AACzB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANA1D,OAAA,CAAAuD,iBAAA,GAAAA,iBAAA;AAOO,SAASI,gBAAgBA,CAACC,IAAY,EAAW;EACtD,IAAIC,UAAU,GACZC,mCAA0B,CAACC,IAAI,CAAEC,SAAS,IAAK;IAC7C,IAAI,OAAOA,SAAS,KAAK,QAAQ,EAAE;MACjC,OAAOA,SAAS,KAAKJ,IAAI;IAC3B,CAAC,MAAM;MACL,OAAO,IAAIK,MAAM,CAACD,SAAS,CAAC,CAACE,IAAI,CAACN,IAAI,CAAC;IACzC;EACF,CAAC,CAAC,IAAI,IAAI;;EAEZ;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,IAAI,CAACC,UAAU,EAAE;IACf,MAAMM,iBAAiB,GAAG,8EAA8E,CAACD,IAAI,CAACN,IAAI,CAAC;IACnHC,UAAU,GAAG,CAACD,IAAI,CAACQ,QAAQ,CAAC,YAAY,CAAC,IAAIR,IAAI,CAACQ,QAAQ,CAAC,WAAW,CAAC,KAAK,CAACD,iBAAiB;EAChG;EAEA,OAAON,UAAU;AACnB","ignoreList":[]}
|
package/edge/getSessionOnEdge.js
CHANGED
|
@@ -204,9 +204,11 @@ const handleHostedLoginCallback = async (req, pathname, searchParams) => {
|
|
|
204
204
|
headers['get-session-on-edge'] = `requestHeaders['cf-connecting-ip'] ${requestHeaders['cf-connecting-ip']} | requestHeaders['x-forwarded-for'] ${requestHeaders['x-forwarded-for']} | (req as any).socket?.remoteAddress ${requestHeaders['x-forwarded-for']}`;
|
|
205
205
|
}
|
|
206
206
|
if (clientIp && _config.default.shouldForwardIp) {
|
|
207
|
-
var _config$sharedSecret;
|
|
207
|
+
var _config$sharedSecret, _config$appId, _config$clientId;
|
|
208
208
|
headers[_utils.FRONTEGG_FORWARD_IP_HEADER] = clientIp;
|
|
209
209
|
headers[_utils.FRONTEGG_HEADERS_VERIFIER_HEADER] = (_config$sharedSecret = _config.default.sharedSecret) != null ? _config$sharedSecret : '';
|
|
210
|
+
headers[_utils.FRONTEGG_APP_ID_HEADER] = (_config$appId = _config.default.appId) != null ? _config$appId : '';
|
|
211
|
+
headers[_utils.FRONTEGG_VENDOR_ID_HEADER] = (_config$clientId = _config.default.clientId) != null ? _config$clientId : '';
|
|
210
212
|
}
|
|
211
213
|
const response = await _api.default.exchangeHostedLoginToken((0, _utils.buildRequestHeaders)(headers), code, _config.default.clientId, _config.default.clientSecret);
|
|
212
214
|
const data = await response.json();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getSessionOnEdge.js","names":["_cookies","_interopRequireDefault","require","_createSession","_encryptionEdge","_api","_server","_config","_jwt","_utils","_fronteggLogger","_refreshAccessTokenIfNeededOnEdge","_redirectToLogin","_shouldBypassMiddleware","_headers","logger","fronteggLogger","child","tag","handleSessionOnEdge","params","request","pathname","searchParams","headers","isHostedLoginCallback","handleHostedLoginCallback","shouldByPassMiddleware","NextResponse","next","edgeSession","checkSessionOnEdge","redirectToLogin","forwardedHeaders","exports","GET_SESSION_ON_EDGE_DEPRECATED_WARN","getSessionOnEdge","req","disableWarning","cookies","CookieManager","getSessionCookieFromRequest","info","createSession","encryptionEdge","sessionCookies","existingSession","debug","session","refreshAccessTokenIfNeededOnEdge","createSessionFromAccessTokenEdge","data","_data$accessToken","_data$refreshToken","accessToken","access_token","refreshToken","refresh_token","payload","decodedJwt","JwtManager","verify","expiresIn","Math","floor","exp","Date","now","tokens","sealTokens","_searchParams$get","_req$headers","code","get","clientIp","undefined","_socket","socket","remoteAddress","_socket2","requestHeaders","_extends2","default","getClientIp","config","shouldForwardIp","_config$sharedSecret","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","sharedSecret","response","api","exchangeHostedLoginToken","buildRequestHeaders","clientId","clientSecret","json","redirect","appUrl","isSecured","isSSL","cookieValue","create","value","expires","secure","cookieName","replace","rewriteCookieByAppId","appId","refreshCookie","sessionCookieHeaders","map","cookie","refreshCookieHeaders","secureJwtEnabled","startsWith"],"sources":["../../../../packages/nextjs/src/edge/getSessionOnEdge.ts"],"sourcesContent":["import type { IncomingMessage } from 'http';\nimport { FronteggEdgeSession, FronteggNextJSSession } from '../types';\nimport CookieManager from '../utils/cookies';\nimport createSession from '../utils/createSession';\nimport encryptionEdge from '../utils/encryption-edge';\nimport api from '../api';\nimport { type NextRequest, NextResponse } from 'next/server';\nimport config from '../config';\nimport JwtManager from '../utils/jwt';\nimport { buildRequestHeaders, FRONTEGG_HEADERS_VERIFIER_HEADER, FRONTEGG_FORWARD_IP_HEADER } from '../api/utils';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport { refreshAccessTokenIfNeededOnEdge } from './refreshAccessTokenIfNeededOnEdge';\nimport { redirectToLogin } from './redirectToLogin';\nimport { shouldByPassMiddleware } from './shouldBypassMiddleware';\nimport { getClientIp } from '../utils/headers';\n\nconst logger = fronteggLogger.child({ tag: 'EdgeRuntime.getSessionOnEdge' });\n\nexport type HandleSessionOnEdge = {\n request: IncomingMessage | Request;\n pathname: string;\n headers: NextRequest['headers'];\n searchParams: URLSearchParams;\n};\n\nexport const handleSessionOnEdge = async (params: HandleSessionOnEdge): Promise<NextResponse> => {\n const { request, pathname, searchParams, headers } = params;\n\n if (isHostedLoginCallback(pathname, searchParams)) {\n return handleHostedLoginCallback(request, pathname, searchParams);\n }\n\n if (shouldByPassMiddleware(pathname, headers /*, options: optional bypass configuration */)) {\n return NextResponse.next();\n }\n\n const edgeSession = await checkSessionOnEdge(request);\n if (!edgeSession) {\n return redirectToLogin(pathname, searchParams);\n }\n if (edgeSession.headers) {\n return NextResponse.next({\n headers: edgeSession.headers,\n request: {\n headers: edgeSession.forwardedHeaders,\n },\n });\n }\n return NextResponse.next();\n};\n\nconst GET_SESSION_ON_EDGE_DEPRECATED_WARN = `Deprecation Notice: getSessionOnEdge has been deprecated. Please use handleSessionOnEdge instead. For example:\n\nfile: middleware.ts\n\\`\\`\\`ts\n import { NextRequest } from 'next/server';\n import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n \n export const middleware = async (request: NextRequest) => {\n const { pathname, searchParams } = request.nextUrl;\n const headers = request.headers;\n \n // Additional logic if needed\n \n return handleSessionOnEdge({ request, pathname, searchParams, headers });\n };\n \n \n export const config = {\n matcher: '/(.*)',\n };\n\n\\`\\`\\`\n\nAlternatively, to manually verify the session, you can use checkSessionOnEdge. Note that this method does not redirect to the login page if the session is invalid.\n`;\n\n/**\n * getSessionOnEdge is deprecated, please use handleSessionOnEdge instead example:\n *\n * ```ts\n * import { NextRequest } from 'next/server';\n * import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n *\n * export const middleware = async (request: NextRequest) => {\n * const { pathname, searchParams } = request.nextUrl;\n * const headers = request.headers;\n *\n * // Additional logic if needed\n *\n * return handleSessionOnEdge({ request, pathname, searchParams, headers });\n * };\n *\n * export const config = {\n * matcher: '/(.*)',\n * };\n * ```\n * @deprecated\n */\n\nexport const getSessionOnEdge = (\n req: IncomingMessage | Request,\n disableWarning = false\n): Promise<FronteggNextJSSession | undefined> => {\n const logger = fronteggLogger.child({ tag: 'EdgeRuntime.getSessionOnEdge' });\n const cookies = CookieManager.getSessionCookieFromRequest(req);\n if (!disableWarning) {\n logger.info(GET_SESSION_ON_EDGE_DEPRECATED_WARN);\n }\n return createSession(cookies, encryptionEdge);\n};\n\n/**\n * Check session on edge and return session if exists this method does not redirect to login page\n * Example:\n *\n * ```ts\n * import { NextRequest } from 'next/server';\n * import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n *\n * export const middleware = async (request: NextRequest) => {\n * const { pathname, searchParams } = request.nextUrl;\n * const headers = request.headers;\n *\n * // Additional logic if needed\n *\n * // check if it's a hosted login callback\n * if (isHostedLoginCallback(pathname, searchParams)) {\n * return handleHostedLoginCallback(request, pathname, searchParams);\n * }\n *\n * // check if we should bypass the middleware\n * if (shouldByPassMiddleware(pathname)) {\n * return NextResponse.next();\n * }\n *\n * // check session\n * const session = await checkSessionOnEdge(request);\n *\n * if (!session) {\n * return redirectToLogin(pathname);\n * }\n *\n * // if headers are present forward them to the next response / request\n * if (session.headers) {\n * return NextResponse.next({\n * headers: edgeSession.headers,\n * request:{\n * headers: edgeSession.forwardedHeaders\n * }\n * });\n * }\n * return NextResponse.next();\n * };\n * ```\n *\n *\n * @param req\n */\nexport const checkSessionOnEdge = async (req: IncomingMessage | Request): Promise<FronteggEdgeSession | undefined> => {\n const sessionCookies = CookieManager.getSessionCookieFromRequest(req);\n let existingSession = await createSession(sessionCookies, encryptionEdge);\n if (existingSession) {\n logger.debug('session resolved from session cookie');\n return {\n session: existingSession,\n };\n }\n\n logger.debug('Failed to resolve session from cookie, going to refresh token');\n return refreshAccessTokenIfNeededOnEdge(req);\n};\n\nasync function createSessionFromAccessTokenEdge(data: any): Promise<[string, any, string] | []> {\n const accessToken = data.accessToken ?? data.access_token;\n const refreshToken = data.refreshToken ?? data.refresh_token;\n const { payload: decodedJwt }: any = await JwtManager.verify(accessToken);\n decodedJwt.expiresIn = Math.floor((decodedJwt.exp * 1000 - Date.now()) / 1000);\n\n const tokens = { accessToken, refreshToken };\n const session = await encryptionEdge.sealTokens(tokens, decodedJwt.exp);\n return [session, decodedJwt, refreshToken];\n}\n\nexport const handleHostedLoginCallback = async (\n req: IncomingMessage | Request,\n pathname: string,\n searchParams: URLSearchParams\n): Promise<NextResponse> => {\n if (!isHostedLoginCallback(pathname, searchParams)) {\n return NextResponse.next();\n }\n\n const code = searchParams.get('code') ?? '';\n\n let headers: Record<string, string> = {};\n let clientIp: string | undefined = undefined;\n if (typeof req.headers?.get === 'function') {\n clientIp =\n req.headers.get('cf-connecting-ip') || req.headers.get('x-forwarded-for') || (req as any).socket?.remoteAddress;\n } else if (typeof req.headers === 'object') {\n let requestHeaders: any = { ...req.headers };\n clientIp =\n getClientIp(requestHeaders['cf-connecting-ip'] || requestHeaders['x-forwarded-for']) ||\n (req as any).socket?.remoteAddress;\n headers[\n 'get-session-on-edge'\n ] = `requestHeaders['cf-connecting-ip'] ${requestHeaders['cf-connecting-ip']} | requestHeaders['x-forwarded-for'] ${requestHeaders['x-forwarded-for']} | (req as any).socket?.remoteAddress ${requestHeaders['x-forwarded-for']}`;\n }\n\n if (clientIp && config.shouldForwardIp) {\n headers[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n headers[FRONTEGG_HEADERS_VERIFIER_HEADER] = config.sharedSecret ?? '';\n }\n\n const response = await api.exchangeHostedLoginToken(\n buildRequestHeaders(headers),\n code,\n config.clientId,\n config.clientSecret!\n );\n\n const data = await response.json();\n\n const [session, decodedJwt, refreshToken] = await createSessionFromAccessTokenEdge(data);\n\n if (!session) {\n return NextResponse.redirect(config.appUrl);\n }\n const isSecured = config.isSSL;\n const cookieValue = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n });\n\n let cookieName = `fe_refresh_${config.clientId.replace('-', '')}`;\n if (config.rewriteCookieByAppId && config.appId) {\n cookieName = `fe_refresh_${config.appId.replace('-', '')}`;\n }\n const refreshCookie = CookieManager.create({\n cookieName,\n value: refreshToken ?? '',\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n });\n const sessionCookieHeaders: [string, string][] = cookieValue.map((cookie) => ['set-cookie', cookie]);\n const refreshCookieHeaders: [string, string][] = refreshCookie.map((cookie) => ['set-cookie', cookie]);\n\n return NextResponse.redirect(config.appUrl, {\n headers: [...sessionCookieHeaders, ...refreshCookieHeaders],\n });\n};\n\nexport const isHostedLoginCallback = (pathname: string, searchParams: URLSearchParams): boolean => {\n if (config.secureJwtEnabled) {\n if (pathname.startsWith('/oauth/callback')) {\n return searchParams.get('code') != null;\n }\n }\n return false;\n};\n"],"mappings":";;;;;;;;AAEA,IAAAA,QAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,cAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,eAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,IAAA,GAAAJ,sBAAA,CAAAC,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAN,sBAAA,CAAAC,OAAA;AACA,IAAAM,IAAA,GAAAP,sBAAA,CAAAC,OAAA;AACA,IAAAO,MAAA,GAAAP,OAAA;AACA,IAAAQ,eAAA,GAAAT,sBAAA,CAAAC,OAAA;AACA,IAAAS,iCAAA,GAAAT,OAAA;AACA,IAAAU,gBAAA,GAAAV,OAAA;AACA,IAAAW,uBAAA,GAAAX,OAAA;AACA,IAAAY,QAAA,GAAAZ,OAAA;AAEA,MAAMa,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;EAAEC,GAAG,EAAE;AAA+B,CAAC,CAAC;AASrE,MAAMC,mBAAmB,GAAG,MAAOC,MAA2B,IAA4B;EAC/F,MAAM;IAAEC,OAAO;IAAEC,QAAQ;IAAEC,YAAY;IAAEC;EAAQ,CAAC,GAAGJ,MAAM;EAE3D,IAAIK,qBAAqB,CAACH,QAAQ,EAAEC,YAAY,CAAC,EAAE;IACjD,OAAOG,yBAAyB,CAACL,OAAO,EAAEC,QAAQ,EAAEC,YAAY,CAAC;EACnE;EAEA,IAAI,IAAAI,8CAAsB,EAACL,QAAQ,EAAEE,OAAO,CAAC,6CAA6C,CAAC,EAAE;IAC3F,OAAOI,oBAAY,CAACC,IAAI,CAAC,CAAC;EAC5B;EAEA,MAAMC,WAAW,GAAG,MAAMC,kBAAkB,CAACV,OAAO,CAAC;EACrD,IAAI,CAACS,WAAW,EAAE;IAChB,OAAO,IAAAE,gCAAe,EAACV,QAAQ,EAAEC,YAAY,CAAC;EAChD;EACA,IAAIO,WAAW,CAACN,OAAO,EAAE;IACvB,OAAOI,oBAAY,CAACC,IAAI,CAAC;MACvBL,OAAO,EAAEM,WAAW,CAACN,OAAO;MAC5BH,OAAO,EAAE;QACPG,OAAO,EAAEM,WAAW,CAACG;MACvB;IACF,CAAC,CAAC;EACJ;EACA,OAAOL,oBAAY,CAACC,IAAI,CAAC,CAAC;AAC5B,CAAC;AAACK,OAAA,CAAAf,mBAAA,GAAAA,mBAAA;AAEF,MAAMgB,mCAAmC,GAAG;AAC5C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEO,MAAMC,gBAAgB,GAAGA,CAC9BC,GAA8B,EAC9BC,cAAc,GAAG,KAAK,KACyB;EAC/C,MAAMvB,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA+B,CAAC,CAAC;EAC5E,MAAMqB,OAAO,GAAGC,gBAAa,CAACC,2BAA2B,CAACJ,GAAG,CAAC;EAC9D,IAAI,CAACC,cAAc,EAAE;IACnBvB,MAAM,CAAC2B,IAAI,CAACP,mCAAmC,CAAC;EAClD;EACA,OAAO,IAAAQ,sBAAa,EAACJ,OAAO,EAAEK,uBAAc,CAAC;AAC/C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA9CAV,OAAA,CAAAE,gBAAA,GAAAA,gBAAA;AA+CO,MAAML,kBAAkB,GAAG,MAAOM,GAA8B,IAA+C;EACpH,MAAMQ,cAAc,GAAGL,gBAAa,CAACC,2BAA2B,CAACJ,GAAG,CAAC;EACrE,IAAIS,eAAe,GAAG,MAAM,IAAAH,sBAAa,EAACE,cAAc,EAAED,uBAAc,CAAC;EACzE,IAAIE,eAAe,EAAE;IACnB/B,MAAM,CAACgC,KAAK,CAAC,sCAAsC,CAAC;IACpD,OAAO;MACLC,OAAO,EAAEF;IACX,CAAC;EACH;EAEA/B,MAAM,CAACgC,KAAK,CAAC,+DAA+D,CAAC;EAC7E,OAAO,IAAAE,kEAAgC,EAACZ,GAAG,CAAC;AAC9C,CAAC;AAACH,OAAA,CAAAH,kBAAA,GAAAA,kBAAA;AAEF,eAAemB,gCAAgCA,CAACC,IAAS,EAAuC;EAAA,IAAAC,iBAAA,EAAAC,kBAAA;EAC9F,MAAMC,WAAW,IAAAF,iBAAA,GAAGD,IAAI,CAACG,WAAW,YAAAF,iBAAA,GAAID,IAAI,CAACI,YAAY;EACzD,MAAMC,YAAY,IAAAH,kBAAA,GAAGF,IAAI,CAACK,YAAY,YAAAH,kBAAA,GAAIF,IAAI,CAACM,aAAa;EAC5D,MAAM;IAAEC,OAAO,EAAEC;EAAgB,CAAC,GAAG,MAAMC,YAAU,CAACC,MAAM,CAACP,WAAW,CAAC;EACzEK,UAAU,CAACG,SAAS,GAAGC,IAAI,CAACC,KAAK,CAAC,CAACL,UAAU,CAACM,GAAG,GAAG,IAAI,GAAGC,IAAI,CAACC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC;EAE9E,MAAMC,MAAM,GAAG;IAAEd,WAAW;IAAEE;EAAa,CAAC;EAC5C,MAAMR,OAAO,GAAG,MAAMJ,uBAAc,CAACyB,UAAU,CAACD,MAAM,EAAET,UAAU,CAACM,GAAG,CAAC;EACvE,OAAO,CAACjB,OAAO,EAAEW,UAAU,EAAEH,YAAY,CAAC;AAC5C;AAEO,MAAM9B,yBAAyB,GAAG,MAAAA,CACvCW,GAA8B,EAC9Bf,QAAgB,EAChBC,YAA6B,KACH;EAAA,IAAA+C,iBAAA,EAAAC,YAAA;EAC1B,IAAI,CAAC9C,qBAAqB,CAACH,QAAQ,EAAEC,YAAY,CAAC,EAAE;IAClD,OAAOK,oBAAY,CAACC,IAAI,CAAC,CAAC;EAC5B;EAEA,MAAM2C,IAAI,IAAAF,iBAAA,GAAG/C,YAAY,CAACkD,GAAG,CAAC,MAAM,CAAC,YAAAH,iBAAA,GAAI,EAAE;EAE3C,IAAI9C,OAA+B,GAAG,CAAC,CAAC;EACxC,IAAIkD,QAA4B,GAAGC,SAAS;EAC5C,IAAI,SAAAJ,YAAA,GAAOlC,GAAG,CAACb,OAAO,qBAAX+C,YAAA,CAAaE,GAAG,MAAK,UAAU,EAAE;IAAA,IAAAG,OAAA;IAC1CF,QAAQ,GACNrC,GAAG,CAACb,OAAO,CAACiD,GAAG,CAAC,kBAAkB,CAAC,IAAIpC,GAAG,CAACb,OAAO,CAACiD,GAAG,CAAC,iBAAiB,CAAC,MAAAG,OAAA,GAAKvC,GAAG,CAASwC,MAAM,qBAAnBD,OAAA,CAAqBE,aAAa;EACnH,CAAC,MAAM,IAAI,OAAOzC,GAAG,CAACb,OAAO,KAAK,QAAQ,EAAE;IAAA,IAAAuD,QAAA;IAC1C,IAAIC,cAAmB,OAAAC,SAAA,CAAAC,OAAA,MAAQ7C,GAAG,CAACb,OAAO,CAAE;IAC5CkD,QAAQ,GACN,IAAAS,oBAAW,EAACH,cAAc,CAAC,kBAAkB,CAAC,IAAIA,cAAc,CAAC,iBAAiB,CAAC,CAAC,MAAAD,QAAA,GACnF1C,GAAG,CAASwC,MAAM,qBAAnBE,QAAA,CAAqBD,aAAa;IACpCtD,OAAO,CACL,qBAAqB,CACtB,GAAG,sCAAsCwD,cAAc,CAAC,kBAAkB,CAAC,wCAAwCA,cAAc,CAAC,iBAAiB,CAAC,yCAAyCA,cAAc,CAAC,iBAAiB,CAAC,EAAE;EACnO;EAEA,IAAIN,QAAQ,IAAIU,eAAM,CAACC,eAAe,EAAE;IAAA,IAAAC,oBAAA;IACtC9D,OAAO,CAAC+D,iCAA0B,CAAC,GAAGb,QAAQ;IAC9ClD,OAAO,CAACgE,uCAAgC,CAAC,IAAAF,oBAAA,GAAGF,eAAM,CAACK,YAAY,YAAAH,oBAAA,GAAI,EAAE;EACvE;EAEA,MAAMI,QAAQ,GAAG,MAAMC,YAAG,CAACC,wBAAwB,CACjD,IAAAC,0BAAmB,EAACrE,OAAO,CAAC,EAC5BgD,IAAI,EACJY,eAAM,CAACU,QAAQ,EACfV,eAAM,CAACW,YACT,CAAC;EAED,MAAM5C,IAAI,GAAG,MAAMuC,QAAQ,CAACM,IAAI,CAAC,CAAC;EAElC,MAAM,CAAChD,OAAO,EAAEW,UAAU,EAAEH,YAAY,CAAC,GAAG,MAAMN,gCAAgC,CAACC,IAAI,CAAC;EAExF,IAAI,CAACH,OAAO,EAAE;IACZ,OAAOpB,oBAAY,CAACqE,QAAQ,CAACb,eAAM,CAACc,MAAM,CAAC;EAC7C;EACA,MAAMC,SAAS,GAAGf,eAAM,CAACgB,KAAK;EAC9B,MAAMC,WAAW,GAAG7D,gBAAa,CAAC8D,MAAM,CAAC;IACvCC,KAAK,EAAEvD,OAAO;IACdwD,OAAO,EAAE,IAAItC,IAAI,CAACP,UAAU,CAACM,GAAG,GAAG,IAAI,CAAC;IACxCwC,MAAM,EAAEN;EACV,CAAC,CAAC;EAEF,IAAIO,UAAU,GAAG,cAActB,eAAM,CAACU,QAAQ,CAACa,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;EACjE,IAAIvB,eAAM,CAACwB,oBAAoB,IAAIxB,eAAM,CAACyB,KAAK,EAAE;IAC/CH,UAAU,GAAG,cAActB,eAAM,CAACyB,KAAK,CAACF,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;EAC5D;EACA,MAAMG,aAAa,GAAGtE,gBAAa,CAAC8D,MAAM,CAAC;IACzCI,UAAU;IACVH,KAAK,EAAE/C,YAAY,WAAZA,YAAY,GAAI,EAAE;IACzBgD,OAAO,EAAE,IAAItC,IAAI,CAACP,UAAU,CAACM,GAAG,GAAG,IAAI,CAAC;IACxCwC,MAAM,EAAEN;EACV,CAAC,CAAC;EACF,MAAMY,oBAAwC,GAAGV,WAAW,CAACW,GAAG,CAAEC,MAAM,IAAK,CAAC,YAAY,EAAEA,MAAM,CAAC,CAAC;EACpG,MAAMC,oBAAwC,GAAGJ,aAAa,CAACE,GAAG,CAAEC,MAAM,IAAK,CAAC,YAAY,EAAEA,MAAM,CAAC,CAAC;EAEtG,OAAOrF,oBAAY,CAACqE,QAAQ,CAACb,eAAM,CAACc,MAAM,EAAE;IAC1C1E,OAAO,EAAE,CAAC,GAAGuF,oBAAoB,EAAE,GAAGG,oBAAoB;EAC5D,CAAC,CAAC;AACJ,CAAC;AAAChF,OAAA,CAAAR,yBAAA,GAAAA,yBAAA;AAEK,MAAMD,qBAAqB,GAAGA,CAACH,QAAgB,EAAEC,YAA6B,KAAc;EACjG,IAAI6D,eAAM,CAAC+B,gBAAgB,EAAE;IAC3B,IAAI7F,QAAQ,CAAC8F,UAAU,CAAC,iBAAiB,CAAC,EAAE;MAC1C,OAAO7F,YAAY,CAACkD,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI;IACzC;EACF;EACA,OAAO,KAAK;AACd,CAAC;AAACvC,OAAA,CAAAT,qBAAA,GAAAA,qBAAA","ignoreList":[]}
|
|
1
|
+
{"version":3,"file":"getSessionOnEdge.js","names":["_cookies","_interopRequireDefault","require","_createSession","_encryptionEdge","_api","_server","_config","_jwt","_utils","_fronteggLogger","_refreshAccessTokenIfNeededOnEdge","_redirectToLogin","_shouldBypassMiddleware","_headers","logger","fronteggLogger","child","tag","handleSessionOnEdge","params","request","pathname","searchParams","headers","isHostedLoginCallback","handleHostedLoginCallback","shouldByPassMiddleware","NextResponse","next","edgeSession","checkSessionOnEdge","redirectToLogin","forwardedHeaders","exports","GET_SESSION_ON_EDGE_DEPRECATED_WARN","getSessionOnEdge","req","disableWarning","cookies","CookieManager","getSessionCookieFromRequest","info","createSession","encryptionEdge","sessionCookies","existingSession","debug","session","refreshAccessTokenIfNeededOnEdge","createSessionFromAccessTokenEdge","data","_data$accessToken","_data$refreshToken","accessToken","access_token","refreshToken","refresh_token","payload","decodedJwt","JwtManager","verify","expiresIn","Math","floor","exp","Date","now","tokens","sealTokens","_searchParams$get","_req$headers","code","get","clientIp","undefined","_socket","socket","remoteAddress","_socket2","requestHeaders","_extends2","default","getClientIp","config","shouldForwardIp","_config$sharedSecret","_config$appId","_config$clientId","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","sharedSecret","FRONTEGG_APP_ID_HEADER","appId","FRONTEGG_VENDOR_ID_HEADER","clientId","response","api","exchangeHostedLoginToken","buildRequestHeaders","clientSecret","json","redirect","appUrl","isSecured","isSSL","cookieValue","create","value","expires","secure","cookieName","replace","rewriteCookieByAppId","refreshCookie","sessionCookieHeaders","map","cookie","refreshCookieHeaders","secureJwtEnabled","startsWith"],"sources":["../../../../packages/nextjs/src/edge/getSessionOnEdge.ts"],"sourcesContent":["import type { IncomingMessage } from 'http';\nimport { FronteggEdgeSession, FronteggNextJSSession } from '../types';\nimport CookieManager from '../utils/cookies';\nimport createSession from '../utils/createSession';\nimport encryptionEdge from '../utils/encryption-edge';\nimport api from '../api';\nimport { type NextRequest, NextResponse } from 'next/server';\nimport config from '../config';\nimport JwtManager from '../utils/jwt';\nimport {\n buildRequestHeaders,\n FRONTEGG_HEADERS_VERIFIER_HEADER,\n FRONTEGG_FORWARD_IP_HEADER,\n FRONTEGG_APP_ID_HEADER,\n FRONTEGG_VENDOR_ID_HEADER,\n} from '../api/utils';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport { refreshAccessTokenIfNeededOnEdge } from './refreshAccessTokenIfNeededOnEdge';\nimport { redirectToLogin } from './redirectToLogin';\nimport { shouldByPassMiddleware } from './shouldBypassMiddleware';\nimport { getClientIp } from '../utils/headers';\n\nconst logger = fronteggLogger.child({ tag: 'EdgeRuntime.getSessionOnEdge' });\n\nexport type HandleSessionOnEdge = {\n request: IncomingMessage | Request;\n pathname: string;\n headers: NextRequest['headers'];\n searchParams: URLSearchParams;\n};\n\nexport const handleSessionOnEdge = async (params: HandleSessionOnEdge): Promise<NextResponse> => {\n const { request, pathname, searchParams, headers } = params;\n\n if (isHostedLoginCallback(pathname, searchParams)) {\n return handleHostedLoginCallback(request, pathname, searchParams);\n }\n\n if (shouldByPassMiddleware(pathname, headers /*, options: optional bypass configuration */)) {\n return NextResponse.next();\n }\n\n const edgeSession = await checkSessionOnEdge(request);\n if (!edgeSession) {\n return redirectToLogin(pathname, searchParams);\n }\n if (edgeSession.headers) {\n return NextResponse.next({\n headers: edgeSession.headers,\n request: {\n headers: edgeSession.forwardedHeaders,\n },\n });\n }\n return NextResponse.next();\n};\n\nconst GET_SESSION_ON_EDGE_DEPRECATED_WARN = `Deprecation Notice: getSessionOnEdge has been deprecated. Please use handleSessionOnEdge instead. For example:\n\nfile: middleware.ts\n\\`\\`\\`ts\n import { NextRequest } from 'next/server';\n import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n \n export const middleware = async (request: NextRequest) => {\n const { pathname, searchParams } = request.nextUrl;\n const headers = request.headers;\n \n // Additional logic if needed\n \n return handleSessionOnEdge({ request, pathname, searchParams, headers });\n };\n \n \n export const config = {\n matcher: '/(.*)',\n };\n\n\\`\\`\\`\n\nAlternatively, to manually verify the session, you can use checkSessionOnEdge. Note that this method does not redirect to the login page if the session is invalid.\n`;\n\n/**\n * getSessionOnEdge is deprecated, please use handleSessionOnEdge instead example:\n *\n * ```ts\n * import { NextRequest } from 'next/server';\n * import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n *\n * export const middleware = async (request: NextRequest) => {\n * const { pathname, searchParams } = request.nextUrl;\n * const headers = request.headers;\n *\n * // Additional logic if needed\n *\n * return handleSessionOnEdge({ request, pathname, searchParams, headers });\n * };\n *\n * export const config = {\n * matcher: '/(.*)',\n * };\n * ```\n * @deprecated\n */\n\nexport const getSessionOnEdge = (\n req: IncomingMessage | Request,\n disableWarning = false\n): Promise<FronteggNextJSSession | undefined> => {\n const logger = fronteggLogger.child({ tag: 'EdgeRuntime.getSessionOnEdge' });\n const cookies = CookieManager.getSessionCookieFromRequest(req);\n if (!disableWarning) {\n logger.info(GET_SESSION_ON_EDGE_DEPRECATED_WARN);\n }\n return createSession(cookies, encryptionEdge);\n};\n\n/**\n * Check session on edge and return session if exists this method does not redirect to login page\n * Example:\n *\n * ```ts\n * import { NextRequest } from 'next/server';\n * import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n *\n * export const middleware = async (request: NextRequest) => {\n * const { pathname, searchParams } = request.nextUrl;\n * const headers = request.headers;\n *\n * // Additional logic if needed\n *\n * // check if it's a hosted login callback\n * if (isHostedLoginCallback(pathname, searchParams)) {\n * return handleHostedLoginCallback(request, pathname, searchParams);\n * }\n *\n * // check if we should bypass the middleware\n * if (shouldByPassMiddleware(pathname)) {\n * return NextResponse.next();\n * }\n *\n * // check session\n * const session = await checkSessionOnEdge(request);\n *\n * if (!session) {\n * return redirectToLogin(pathname);\n * }\n *\n * // if headers are present forward them to the next response / request\n * if (session.headers) {\n * return NextResponse.next({\n * headers: edgeSession.headers,\n * request:{\n * headers: edgeSession.forwardedHeaders\n * }\n * });\n * }\n * return NextResponse.next();\n * };\n * ```\n *\n *\n * @param req\n */\nexport const checkSessionOnEdge = async (req: IncomingMessage | Request): Promise<FronteggEdgeSession | undefined> => {\n const sessionCookies = CookieManager.getSessionCookieFromRequest(req);\n let existingSession = await createSession(sessionCookies, encryptionEdge);\n if (existingSession) {\n logger.debug('session resolved from session cookie');\n return {\n session: existingSession,\n };\n }\n\n logger.debug('Failed to resolve session from cookie, going to refresh token');\n return refreshAccessTokenIfNeededOnEdge(req);\n};\n\nasync function createSessionFromAccessTokenEdge(data: any): Promise<[string, any, string] | []> {\n const accessToken = data.accessToken ?? data.access_token;\n const refreshToken = data.refreshToken ?? data.refresh_token;\n const { payload: decodedJwt }: any = await JwtManager.verify(accessToken);\n decodedJwt.expiresIn = Math.floor((decodedJwt.exp * 1000 - Date.now()) / 1000);\n\n const tokens = { accessToken, refreshToken };\n const session = await encryptionEdge.sealTokens(tokens, decodedJwt.exp);\n return [session, decodedJwt, refreshToken];\n}\n\nexport const handleHostedLoginCallback = async (\n req: IncomingMessage | Request,\n pathname: string,\n searchParams: URLSearchParams\n): Promise<NextResponse> => {\n if (!isHostedLoginCallback(pathname, searchParams)) {\n return NextResponse.next();\n }\n\n const code = searchParams.get('code') ?? '';\n\n let headers: Record<string, string> = {};\n let clientIp: string | undefined = undefined;\n if (typeof req.headers?.get === 'function') {\n clientIp =\n req.headers.get('cf-connecting-ip') || req.headers.get('x-forwarded-for') || (req as any).socket?.remoteAddress;\n } else if (typeof req.headers === 'object') {\n let requestHeaders: any = { ...req.headers };\n clientIp =\n getClientIp(requestHeaders['cf-connecting-ip'] || requestHeaders['x-forwarded-for']) ||\n (req as any).socket?.remoteAddress;\n headers[\n 'get-session-on-edge'\n ] = `requestHeaders['cf-connecting-ip'] ${requestHeaders['cf-connecting-ip']} | requestHeaders['x-forwarded-for'] ${requestHeaders['x-forwarded-for']} | (req as any).socket?.remoteAddress ${requestHeaders['x-forwarded-for']}`;\n }\n\n if (clientIp && config.shouldForwardIp) {\n headers[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n headers[FRONTEGG_HEADERS_VERIFIER_HEADER] = config.sharedSecret ?? '';\n headers[FRONTEGG_APP_ID_HEADER] = config.appId ?? '';\n headers[FRONTEGG_VENDOR_ID_HEADER] = config.clientId ?? '';\n }\n\n const response = await api.exchangeHostedLoginToken(\n buildRequestHeaders(headers),\n code,\n config.clientId,\n config.clientSecret!\n );\n\n const data = await response.json();\n\n const [session, decodedJwt, refreshToken] = await createSessionFromAccessTokenEdge(data);\n\n if (!session) {\n return NextResponse.redirect(config.appUrl);\n }\n const isSecured = config.isSSL;\n const cookieValue = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n });\n\n let cookieName = `fe_refresh_${config.clientId.replace('-', '')}`;\n if (config.rewriteCookieByAppId && config.appId) {\n cookieName = `fe_refresh_${config.appId.replace('-', '')}`;\n }\n const refreshCookie = CookieManager.create({\n cookieName,\n value: refreshToken ?? '',\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n });\n const sessionCookieHeaders: [string, string][] = cookieValue.map((cookie) => ['set-cookie', cookie]);\n const refreshCookieHeaders: [string, string][] = refreshCookie.map((cookie) => ['set-cookie', cookie]);\n\n return NextResponse.redirect(config.appUrl, {\n headers: [...sessionCookieHeaders, ...refreshCookieHeaders],\n });\n};\n\nexport const isHostedLoginCallback = (pathname: string, searchParams: URLSearchParams): boolean => {\n if (config.secureJwtEnabled) {\n if (pathname.startsWith('/oauth/callback')) {\n return searchParams.get('code') != null;\n }\n }\n return false;\n};\n"],"mappings":";;;;;;;;AAEA,IAAAA,QAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,cAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,eAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,IAAA,GAAAJ,sBAAA,CAAAC,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAN,sBAAA,CAAAC,OAAA;AACA,IAAAM,IAAA,GAAAP,sBAAA,CAAAC,OAAA;AACA,IAAAO,MAAA,GAAAP,OAAA;AAOA,IAAAQ,eAAA,GAAAT,sBAAA,CAAAC,OAAA;AACA,IAAAS,iCAAA,GAAAT,OAAA;AACA,IAAAU,gBAAA,GAAAV,OAAA;AACA,IAAAW,uBAAA,GAAAX,OAAA;AACA,IAAAY,QAAA,GAAAZ,OAAA;AAEA,MAAMa,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;EAAEC,GAAG,EAAE;AAA+B,CAAC,CAAC;AASrE,MAAMC,mBAAmB,GAAG,MAAOC,MAA2B,IAA4B;EAC/F,MAAM;IAAEC,OAAO;IAAEC,QAAQ;IAAEC,YAAY;IAAEC;EAAQ,CAAC,GAAGJ,MAAM;EAE3D,IAAIK,qBAAqB,CAACH,QAAQ,EAAEC,YAAY,CAAC,EAAE;IACjD,OAAOG,yBAAyB,CAACL,OAAO,EAAEC,QAAQ,EAAEC,YAAY,CAAC;EACnE;EAEA,IAAI,IAAAI,8CAAsB,EAACL,QAAQ,EAAEE,OAAO,CAAC,6CAA6C,CAAC,EAAE;IAC3F,OAAOI,oBAAY,CAACC,IAAI,CAAC,CAAC;EAC5B;EAEA,MAAMC,WAAW,GAAG,MAAMC,kBAAkB,CAACV,OAAO,CAAC;EACrD,IAAI,CAACS,WAAW,EAAE;IAChB,OAAO,IAAAE,gCAAe,EAACV,QAAQ,EAAEC,YAAY,CAAC;EAChD;EACA,IAAIO,WAAW,CAACN,OAAO,EAAE;IACvB,OAAOI,oBAAY,CAACC,IAAI,CAAC;MACvBL,OAAO,EAAEM,WAAW,CAACN,OAAO;MAC5BH,OAAO,EAAE;QACPG,OAAO,EAAEM,WAAW,CAACG;MACvB;IACF,CAAC,CAAC;EACJ;EACA,OAAOL,oBAAY,CAACC,IAAI,CAAC,CAAC;AAC5B,CAAC;AAACK,OAAA,CAAAf,mBAAA,GAAAA,mBAAA;AAEF,MAAMgB,mCAAmC,GAAG;AAC5C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEO,MAAMC,gBAAgB,GAAGA,CAC9BC,GAA8B,EAC9BC,cAAc,GAAG,KAAK,KACyB;EAC/C,MAAMvB,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA+B,CAAC,CAAC;EAC5E,MAAMqB,OAAO,GAAGC,gBAAa,CAACC,2BAA2B,CAACJ,GAAG,CAAC;EAC9D,IAAI,CAACC,cAAc,EAAE;IACnBvB,MAAM,CAAC2B,IAAI,CAACP,mCAAmC,CAAC;EAClD;EACA,OAAO,IAAAQ,sBAAa,EAACJ,OAAO,EAAEK,uBAAc,CAAC;AAC/C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA9CAV,OAAA,CAAAE,gBAAA,GAAAA,gBAAA;AA+CO,MAAML,kBAAkB,GAAG,MAAOM,GAA8B,IAA+C;EACpH,MAAMQ,cAAc,GAAGL,gBAAa,CAACC,2BAA2B,CAACJ,GAAG,CAAC;EACrE,IAAIS,eAAe,GAAG,MAAM,IAAAH,sBAAa,EAACE,cAAc,EAAED,uBAAc,CAAC;EACzE,IAAIE,eAAe,EAAE;IACnB/B,MAAM,CAACgC,KAAK,CAAC,sCAAsC,CAAC;IACpD,OAAO;MACLC,OAAO,EAAEF;IACX,CAAC;EACH;EAEA/B,MAAM,CAACgC,KAAK,CAAC,+DAA+D,CAAC;EAC7E,OAAO,IAAAE,kEAAgC,EAACZ,GAAG,CAAC;AAC9C,CAAC;AAACH,OAAA,CAAAH,kBAAA,GAAAA,kBAAA;AAEF,eAAemB,gCAAgCA,CAACC,IAAS,EAAuC;EAAA,IAAAC,iBAAA,EAAAC,kBAAA;EAC9F,MAAMC,WAAW,IAAAF,iBAAA,GAAGD,IAAI,CAACG,WAAW,YAAAF,iBAAA,GAAID,IAAI,CAACI,YAAY;EACzD,MAAMC,YAAY,IAAAH,kBAAA,GAAGF,IAAI,CAACK,YAAY,YAAAH,kBAAA,GAAIF,IAAI,CAACM,aAAa;EAC5D,MAAM;IAAEC,OAAO,EAAEC;EAAgB,CAAC,GAAG,MAAMC,YAAU,CAACC,MAAM,CAACP,WAAW,CAAC;EACzEK,UAAU,CAACG,SAAS,GAAGC,IAAI,CAACC,KAAK,CAAC,CAACL,UAAU,CAACM,GAAG,GAAG,IAAI,GAAGC,IAAI,CAACC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC;EAE9E,MAAMC,MAAM,GAAG;IAAEd,WAAW;IAAEE;EAAa,CAAC;EAC5C,MAAMR,OAAO,GAAG,MAAMJ,uBAAc,CAACyB,UAAU,CAACD,MAAM,EAAET,UAAU,CAACM,GAAG,CAAC;EACvE,OAAO,CAACjB,OAAO,EAAEW,UAAU,EAAEH,YAAY,CAAC;AAC5C;AAEO,MAAM9B,yBAAyB,GAAG,MAAAA,CACvCW,GAA8B,EAC9Bf,QAAgB,EAChBC,YAA6B,KACH;EAAA,IAAA+C,iBAAA,EAAAC,YAAA;EAC1B,IAAI,CAAC9C,qBAAqB,CAACH,QAAQ,EAAEC,YAAY,CAAC,EAAE;IAClD,OAAOK,oBAAY,CAACC,IAAI,CAAC,CAAC;EAC5B;EAEA,MAAM2C,IAAI,IAAAF,iBAAA,GAAG/C,YAAY,CAACkD,GAAG,CAAC,MAAM,CAAC,YAAAH,iBAAA,GAAI,EAAE;EAE3C,IAAI9C,OAA+B,GAAG,CAAC,CAAC;EACxC,IAAIkD,QAA4B,GAAGC,SAAS;EAC5C,IAAI,SAAAJ,YAAA,GAAOlC,GAAG,CAACb,OAAO,qBAAX+C,YAAA,CAAaE,GAAG,MAAK,UAAU,EAAE;IAAA,IAAAG,OAAA;IAC1CF,QAAQ,GACNrC,GAAG,CAACb,OAAO,CAACiD,GAAG,CAAC,kBAAkB,CAAC,IAAIpC,GAAG,CAACb,OAAO,CAACiD,GAAG,CAAC,iBAAiB,CAAC,MAAAG,OAAA,GAAKvC,GAAG,CAASwC,MAAM,qBAAnBD,OAAA,CAAqBE,aAAa;EACnH,CAAC,MAAM,IAAI,OAAOzC,GAAG,CAACb,OAAO,KAAK,QAAQ,EAAE;IAAA,IAAAuD,QAAA;IAC1C,IAAIC,cAAmB,OAAAC,SAAA,CAAAC,OAAA,MAAQ7C,GAAG,CAACb,OAAO,CAAE;IAC5CkD,QAAQ,GACN,IAAAS,oBAAW,EAACH,cAAc,CAAC,kBAAkB,CAAC,IAAIA,cAAc,CAAC,iBAAiB,CAAC,CAAC,MAAAD,QAAA,GACnF1C,GAAG,CAASwC,MAAM,qBAAnBE,QAAA,CAAqBD,aAAa;IACpCtD,OAAO,CACL,qBAAqB,CACtB,GAAG,sCAAsCwD,cAAc,CAAC,kBAAkB,CAAC,wCAAwCA,cAAc,CAAC,iBAAiB,CAAC,yCAAyCA,cAAc,CAAC,iBAAiB,CAAC,EAAE;EACnO;EAEA,IAAIN,QAAQ,IAAIU,eAAM,CAACC,eAAe,EAAE;IAAA,IAAAC,oBAAA,EAAAC,aAAA,EAAAC,gBAAA;IACtChE,OAAO,CAACiE,iCAA0B,CAAC,GAAGf,QAAQ;IAC9ClD,OAAO,CAACkE,uCAAgC,CAAC,IAAAJ,oBAAA,GAAGF,eAAM,CAACO,YAAY,YAAAL,oBAAA,GAAI,EAAE;IACrE9D,OAAO,CAACoE,6BAAsB,CAAC,IAAAL,aAAA,GAAGH,eAAM,CAACS,KAAK,YAAAN,aAAA,GAAI,EAAE;IACpD/D,OAAO,CAACsE,gCAAyB,CAAC,IAAAN,gBAAA,GAAGJ,eAAM,CAACW,QAAQ,YAAAP,gBAAA,GAAI,EAAE;EAC5D;EAEA,MAAMQ,QAAQ,GAAG,MAAMC,YAAG,CAACC,wBAAwB,CACjD,IAAAC,0BAAmB,EAAC3E,OAAO,CAAC,EAC5BgD,IAAI,EACJY,eAAM,CAACW,QAAQ,EACfX,eAAM,CAACgB,YACT,CAAC;EAED,MAAMjD,IAAI,GAAG,MAAM6C,QAAQ,CAACK,IAAI,CAAC,CAAC;EAElC,MAAM,CAACrD,OAAO,EAAEW,UAAU,EAAEH,YAAY,CAAC,GAAG,MAAMN,gCAAgC,CAACC,IAAI,CAAC;EAExF,IAAI,CAACH,OAAO,EAAE;IACZ,OAAOpB,oBAAY,CAAC0E,QAAQ,CAAClB,eAAM,CAACmB,MAAM,CAAC;EAC7C;EACA,MAAMC,SAAS,GAAGpB,eAAM,CAACqB,KAAK;EAC9B,MAAMC,WAAW,GAAGlE,gBAAa,CAACmE,MAAM,CAAC;IACvCC,KAAK,EAAE5D,OAAO;IACd6D,OAAO,EAAE,IAAI3C,IAAI,CAACP,UAAU,CAACM,GAAG,GAAG,IAAI,CAAC;IACxC6C,MAAM,EAAEN;EACV,CAAC,CAAC;EAEF,IAAIO,UAAU,GAAG,cAAc3B,eAAM,CAACW,QAAQ,CAACiB,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;EACjE,IAAI5B,eAAM,CAAC6B,oBAAoB,IAAI7B,eAAM,CAACS,KAAK,EAAE;IAC/CkB,UAAU,GAAG,cAAc3B,eAAM,CAACS,KAAK,CAACmB,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;EAC5D;EACA,MAAME,aAAa,GAAG1E,gBAAa,CAACmE,MAAM,CAAC;IACzCI,UAAU;IACVH,KAAK,EAAEpD,YAAY,WAAZA,YAAY,GAAI,EAAE;IACzBqD,OAAO,EAAE,IAAI3C,IAAI,CAACP,UAAU,CAACM,GAAG,GAAG,IAAI,CAAC;IACxC6C,MAAM,EAAEN;EACV,CAAC,CAAC;EACF,MAAMW,oBAAwC,GAAGT,WAAW,CAACU,GAAG,CAAEC,MAAM,IAAK,CAAC,YAAY,EAAEA,MAAM,CAAC,CAAC;EACpG,MAAMC,oBAAwC,GAAGJ,aAAa,CAACE,GAAG,CAAEC,MAAM,IAAK,CAAC,YAAY,EAAEA,MAAM,CAAC,CAAC;EAEtG,OAAOzF,oBAAY,CAAC0E,QAAQ,CAAClB,eAAM,CAACmB,MAAM,EAAE;IAC1C/E,OAAO,EAAE,CAAC,GAAG2F,oBAAoB,EAAE,GAAGG,oBAAoB;EAC5D,CAAC,CAAC;AACJ,CAAC;AAACpF,OAAA,CAAAR,yBAAA,GAAAA,yBAAA;AAEK,MAAMD,qBAAqB,GAAGA,CAACH,QAAgB,EAAEC,YAA6B,KAAc;EACjG,IAAI6D,eAAM,CAACmC,gBAAgB,EAAE;IAC3B,IAAIjG,QAAQ,CAACkG,UAAU,CAAC,iBAAiB,CAAC,EAAE;MAC1C,OAAOjG,YAAY,CAACkD,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI;IACzC;EACF;EACA,OAAO,KAAK;AACd,CAAC;AAACvC,OAAA,CAAAT,qBAAA,GAAAA,qBAAA","ignoreList":[]}
|
package/index.js
CHANGED
|
@@ -51,8 +51,10 @@ const ProxyRequestCallback = (proxyReq, req) => {
|
|
|
51
51
|
proxyReq.setHeader('x-frontegg-middleware', 'true');
|
|
52
52
|
const clientIp = (0, _headers.getClientIp)(req.headers['cf-connecting-ip'] || req.headers['x-forwarded-for']);
|
|
53
53
|
if (clientIp && _config.default.shouldForwardIp) {
|
|
54
|
-
var _config$sharedSecret;
|
|
54
|
+
var _config$appId, _config$clientId, _config$sharedSecret;
|
|
55
55
|
proxyReq.setHeader(_utils.FRONTEGG_FORWARD_IP_HEADER, clientIp);
|
|
56
|
+
proxyReq.setHeader(_utils.FRONTEGG_APP_ID_HEADER, (_config$appId = _config.default.appId) != null ? _config$appId : '');
|
|
57
|
+
proxyReq.setHeader(_utils.FRONTEGG_VENDOR_ID_HEADER, (_config$clientId = _config.default.clientId) != null ? _config$clientId : '');
|
|
56
58
|
proxyReq.setHeader('proxy-request-callback', `req.headers['cf-connecting-ip'] ${req.headers['cf-connecting-ip']} | req.headers['x-forwarded-for'] ${req.headers['x-forwarded-for']}`);
|
|
57
59
|
proxyReq.setHeader(_utils.FRONTEGG_HEADERS_VERIFIER_HEADER, (_config$sharedSecret = _config.default.sharedSecret) != null ? _config$sharedSecret : '');
|
|
58
60
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ProxyRequestCallback.js","names":["_package","_interopRequireDefault","require","_sdkVersion","_config","_cookies","_fronteggLogger","_helpers","_utils","_constants","_headers","logger","fronteggLogger","child","tag","ProxyRequestCallback","proxyReq","req","_req$headers$xFronte","_req$headers$xFronte2","info","url","debug","allCookies","CookieManager","parseCookieHeader","fronteggCookiesNames","Object","keys","filter","cookieName","startsWith","config","join","modifiedCookies","forEach","requestCookieName","rewriteCookieByAppId","appId","replace","clientId","setHeader","headers","NextJsPkg","version","sdkVersion","clientIp","getClientIp","shouldForwardIp","_config$sharedSecret","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","sharedSecret","isRefreshTokenRequest","removeHeader","headersToRemove","map","header","method","body","bodyData","JSON","stringify","Buffer","byteLength","write","e","error","_default","exports","default"],"sources":["../../../../packages/nextjs/src/middleware/ProxyRequestCallback.ts"],"sourcesContent":["import NextJsPkg from 'next/package.json';\nimport { ProxyReqCallback } from 'http-proxy';\nimport { ClientRequest } from 'http';\nimport { NextApiRequest } from 'next';\nimport sdkVersion from '../sdkVersion';\nimport config from '../config';\nimport CookieManager from '../utils/cookies';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport { isRefreshTokenRequest } from '../utils/refreshAccessTokenIfNeeded/helpers';\nimport {
|
|
1
|
+
{"version":3,"file":"ProxyRequestCallback.js","names":["_package","_interopRequireDefault","require","_sdkVersion","_config","_cookies","_fronteggLogger","_helpers","_utils","_constants","_headers","logger","fronteggLogger","child","tag","ProxyRequestCallback","proxyReq","req","_req$headers$xFronte","_req$headers$xFronte2","info","url","debug","allCookies","CookieManager","parseCookieHeader","fronteggCookiesNames","Object","keys","filter","cookieName","startsWith","config","join","modifiedCookies","forEach","requestCookieName","rewriteCookieByAppId","appId","replace","clientId","setHeader","headers","NextJsPkg","version","sdkVersion","clientIp","getClientIp","shouldForwardIp","_config$appId","_config$clientId","_config$sharedSecret","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_APP_ID_HEADER","FRONTEGG_VENDOR_ID_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","sharedSecret","isRefreshTokenRequest","removeHeader","headersToRemove","map","header","method","body","bodyData","JSON","stringify","Buffer","byteLength","write","e","error","_default","exports","default"],"sources":["../../../../packages/nextjs/src/middleware/ProxyRequestCallback.ts"],"sourcesContent":["import NextJsPkg from 'next/package.json';\nimport { ProxyReqCallback } from 'http-proxy';\nimport { ClientRequest } from 'http';\nimport { NextApiRequest } from 'next';\nimport sdkVersion from '../sdkVersion';\nimport config from '../config';\nimport CookieManager from '../utils/cookies';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport { isRefreshTokenRequest } from '../utils/refreshAccessTokenIfNeeded/helpers';\nimport {\n FRONTEGG_HEADERS_VERIFIER_HEADER,\n FRONTEGG_FORWARD_IP_HEADER,\n FRONTEGG_APP_ID_HEADER,\n FRONTEGG_VENDOR_ID_HEADER,\n} from '../api/utils';\nimport { headersToRemove } from './constants';\nimport { getClientIp } from '../utils/headers';\n\nconst logger = fronteggLogger.child({ tag: 'FronteggApiMiddleware.ProxyRequestCallback' });\n/**\n * Proxy request callback fired on before each request to Frontegg services,\n * to transport frontegg cookies.\n *\n * @param {ClientRequest} proxyReq - Proxy request to be sent\n * @param {NextApiRequest} req - Next.js incoming request\n */\nconst ProxyRequestCallback: ProxyReqCallback<ClientRequest, NextApiRequest> = (proxyReq, req) => {\n try {\n logger.info(`${req.url} | Going to proxy request`);\n logger.debug(`${req.url} | parsing request cookies`);\n const allCookies = CookieManager.parseCookieHeader(req);\n logger.debug(`${req.url} | found ${allCookies} cookies`);\n const fronteggCookiesNames = Object.keys(allCookies).filter((cookieName) => {\n return cookieName.startsWith('fe_') && !cookieName.startsWith(config.cookieName);\n });\n\n logger.debug(`${req.url} | proxy FronteggCookies (${fronteggCookiesNames.join(', ')})`);\n let modifiedCookies = ``;\n\n fronteggCookiesNames.forEach((requestCookieName: string) => {\n let cookieName = requestCookieName;\n if (config.rewriteCookieByAppId && config.appId) {\n cookieName = requestCookieName\n .replace(config.appId, config.clientId)\n .replace(config.appId.replace(/-/g, ''), config.clientId.replace(/-/g, ''))\n .replace(config.appId.replace('-', ''), config.clientId.replace('-', ''));\n\n logger.debug(`cookieName ${requestCookieName} replaced with appId ${cookieName}`);\n }\n\n logger.debug(`PROXY_ADDING_COOKIE ${cookieName}, ${allCookies[requestCookieName]}`);\n modifiedCookies += `${cookieName}=${allCookies[requestCookieName]}; `;\n });\n proxyReq.setHeader('cookie', modifiedCookies);\n\n proxyReq.setHeader('x-frontegg-framework', req.headers['x-frontegg-framework'] ?? `next@${NextJsPkg.version}`);\n proxyReq.setHeader('x-frontegg-sdk', req.headers['x-frontegg-sdk'] ?? `@frontegg/nextjs@${sdkVersion.version}`);\n proxyReq.setHeader('x-frontegg-middleware', 'true');\n\n const clientIp = getClientIp(req.headers['cf-connecting-ip'] || req.headers['x-forwarded-for']);\n\n if (clientIp && config.shouldForwardIp) {\n proxyReq.setHeader(FRONTEGG_FORWARD_IP_HEADER, clientIp);\n proxyReq.setHeader(FRONTEGG_APP_ID_HEADER, config.appId ?? '');\n proxyReq.setHeader(FRONTEGG_VENDOR_ID_HEADER, config.clientId ?? '');\n proxyReq.setHeader(\n 'proxy-request-callback',\n `req.headers['cf-connecting-ip'] ${req.headers['cf-connecting-ip']} | req.headers['x-forwarded-for'] ${req.headers['x-forwarded-for']}`\n );\n proxyReq.setHeader(FRONTEGG_HEADERS_VERIFIER_HEADER, config.sharedSecret ?? '');\n }\n\n if (isRefreshTokenRequest(req.url!)) {\n logger.debug(`${req.url} | removing Authorization header`);\n proxyReq.removeHeader('authorization');\n }\n\n headersToRemove.map((header) => proxyReq.removeHeader(header));\n\n logger.debug(`${req.url} | check if request has body`);\n if (req.method !== 'GET' && req.body) {\n logger.debug(`${req.url} | writing request body to proxyReq`);\n const bodyData = JSON.stringify(req.body);\n // in case if content-type is application/x-www-form-urlencoded -> we need to change to application/json\n proxyReq.setHeader('Content-Type', 'application/json');\n proxyReq.setHeader('Content-Length', Buffer.byteLength(bodyData));\n // stream the content\n proxyReq.write(bodyData);\n }\n } catch (e) {\n logger.error(`${req.url} | Failed to proxy request`, e);\n }\n};\n\nexport default ProxyRequestCallback;\n"],"mappings":";;;;;;;AAAA,IAAAA,QAAA,GAAAC,sBAAA,CAAAC,OAAA;AAIA,IAAAC,WAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,OAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,QAAA,GAAAJ,sBAAA,CAAAC,OAAA;AACA,IAAAI,eAAA,GAAAL,sBAAA,CAAAC,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AACA,IAAAM,MAAA,GAAAN,OAAA;AAMA,IAAAO,UAAA,GAAAP,OAAA;AACA,IAAAQ,QAAA,GAAAR,OAAA;AAEA,MAAMS,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;EAAEC,GAAG,EAAE;AAA6C,CAAC,CAAC;AAC1F;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,oBAAqE,GAAGA,CAACC,QAAQ,EAAEC,GAAG,KAAK;EAC/F,IAAI;IAAA,IAAAC,oBAAA,EAAAC,qBAAA;IACFR,MAAM,CAACS,IAAI,CAAC,GAAGH,GAAG,CAACI,GAAG,2BAA2B,CAAC;IAClDV,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,4BAA4B,CAAC;IACpD,MAAME,UAAU,GAAGC,gBAAa,CAACC,iBAAiB,CAACR,GAAG,CAAC;IACvDN,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,YAAYE,UAAU,UAAU,CAAC;IACxD,MAAMG,oBAAoB,GAAGC,MAAM,CAACC,IAAI,CAACL,UAAU,CAAC,CAACM,MAAM,CAAEC,UAAU,IAAK;MAC1E,OAAOA,UAAU,CAACC,UAAU,CAAC,KAAK,CAAC,IAAI,CAACD,UAAU,CAACC,UAAU,CAACC,eAAM,CAACF,UAAU,CAAC;IAClF,CAAC,CAAC;IAEFnB,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,6BAA6BK,oBAAoB,CAACO,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;IACvF,IAAIC,eAAe,GAAG,EAAE;IAExBR,oBAAoB,CAACS,OAAO,CAAEC,iBAAyB,IAAK;MAC1D,IAAIN,UAAU,GAAGM,iBAAiB;MAClC,IAAIJ,eAAM,CAACK,oBAAoB,IAAIL,eAAM,CAACM,KAAK,EAAE;QAC/CR,UAAU,GAAGM,iBAAiB,CAC3BG,OAAO,CAACP,eAAM,CAACM,KAAK,EAAEN,eAAM,CAACQ,QAAQ,CAAC,CACtCD,OAAO,CAACP,eAAM,CAACM,KAAK,CAACC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,EAAEP,eAAM,CAACQ,QAAQ,CAACD,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAC1EA,OAAO,CAACP,eAAM,CAACM,KAAK,CAACC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAEP,eAAM,CAACQ,QAAQ,CAACD,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAE3E5B,MAAM,CAACW,KAAK,CAAC,cAAcc,iBAAiB,wBAAwBN,UAAU,EAAE,CAAC;MACnF;MAEAnB,MAAM,CAACW,KAAK,CAAC,uBAAuBQ,UAAU,KAAKP,UAAU,CAACa,iBAAiB,CAAC,EAAE,CAAC;MACnFF,eAAe,IAAI,GAAGJ,UAAU,IAAIP,UAAU,CAACa,iBAAiB,CAAC,IAAI;IACvE,CAAC,CAAC;IACFpB,QAAQ,CAACyB,SAAS,CAAC,QAAQ,EAAEP,eAAe,CAAC;IAE7ClB,QAAQ,CAACyB,SAAS,CAAC,sBAAsB,GAAAvB,oBAAA,GAAED,GAAG,CAACyB,OAAO,CAAC,sBAAsB,CAAC,YAAAxB,oBAAA,GAAI,QAAQyB,gBAAS,CAACC,OAAO,EAAE,CAAC;IAC9G5B,QAAQ,CAACyB,SAAS,CAAC,gBAAgB,GAAAtB,qBAAA,GAAEF,GAAG,CAACyB,OAAO,CAAC,gBAAgB,CAAC,YAAAvB,qBAAA,GAAI,oBAAoB0B,mBAAU,CAACD,OAAO,EAAE,CAAC;IAC/G5B,QAAQ,CAACyB,SAAS,CAAC,uBAAuB,EAAE,MAAM,CAAC;IAEnD,MAAMK,QAAQ,GAAG,IAAAC,oBAAW,EAAC9B,GAAG,CAACyB,OAAO,CAAC,kBAAkB,CAAC,IAAIzB,GAAG,CAACyB,OAAO,CAAC,iBAAiB,CAAC,CAAC;IAE/F,IAAII,QAAQ,IAAId,eAAM,CAACgB,eAAe,EAAE;MAAA,IAAAC,aAAA,EAAAC,gBAAA,EAAAC,oBAAA;MACtCnC,QAAQ,CAACyB,SAAS,CAACW,iCAA0B,EAAEN,QAAQ,CAAC;MACxD9B,QAAQ,CAACyB,SAAS,CAACY,6BAAsB,GAAAJ,aAAA,GAAEjB,eAAM,CAACM,KAAK,YAAAW,aAAA,GAAI,EAAE,CAAC;MAC9DjC,QAAQ,CAACyB,SAAS,CAACa,gCAAyB,GAAAJ,gBAAA,GAAElB,eAAM,CAACQ,QAAQ,YAAAU,gBAAA,GAAI,EAAE,CAAC;MACpElC,QAAQ,CAACyB,SAAS,CAChB,wBAAwB,EACxB,mCAAmCxB,GAAG,CAACyB,OAAO,CAAC,kBAAkB,CAAC,qCAAqCzB,GAAG,CAACyB,OAAO,CAAC,iBAAiB,CAAC,EACvI,CAAC;MACD1B,QAAQ,CAACyB,SAAS,CAACc,uCAAgC,GAAAJ,oBAAA,GAAEnB,eAAM,CAACwB,YAAY,YAAAL,oBAAA,GAAI,EAAE,CAAC;IACjF;IAEA,IAAI,IAAAM,8BAAqB,EAACxC,GAAG,CAACI,GAAI,CAAC,EAAE;MACnCV,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,kCAAkC,CAAC;MAC1DL,QAAQ,CAAC0C,YAAY,CAAC,eAAe,CAAC;IACxC;IAEAC,0BAAe,CAACC,GAAG,CAAEC,MAAM,IAAK7C,QAAQ,CAAC0C,YAAY,CAACG,MAAM,CAAC,CAAC;IAE9DlD,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,8BAA8B,CAAC;IACtD,IAAIJ,GAAG,CAAC6C,MAAM,KAAK,KAAK,IAAI7C,GAAG,CAAC8C,IAAI,EAAE;MACpCpD,MAAM,CAACW,KAAK,CAAC,GAAGL,GAAG,CAACI,GAAG,qCAAqC,CAAC;MAC7D,MAAM2C,QAAQ,GAAGC,IAAI,CAACC,SAAS,CAACjD,GAAG,CAAC8C,IAAI,CAAC;MACzC;MACA/C,QAAQ,CAACyB,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC;MACtDzB,QAAQ,CAACyB,SAAS,CAAC,gBAAgB,EAAE0B,MAAM,CAACC,UAAU,CAACJ,QAAQ,CAAC,CAAC;MACjE;MACAhD,QAAQ,CAACqD,KAAK,CAACL,QAAQ,CAAC;IAC1B;EACF,CAAC,CAAC,OAAOM,CAAC,EAAE;IACV3D,MAAM,CAAC4D,KAAK,CAAC,GAAGtD,GAAG,CAACI,GAAG,4BAA4B,EAAEiD,CAAC,CAAC;EACzD;AACF,CAAC;AAAC,IAAAE,QAAA,GAAAC,OAAA,CAAAC,OAAA,GAEa3D,oBAAoB","ignoreList":[]}
|
package/package.json
CHANGED
package/sdkVersion.js
CHANGED
package/sdkVersion.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sdkVersion.js","names":["version"],"sources":["../../../packages/nextjs/src/sdkVersion.ts"],"sourcesContent":["export default { version: '9.2.2-alpha.
|
|
1
|
+
{"version":3,"file":"sdkVersion.js","names":["version"],"sources":["../../../packages/nextjs/src/sdkVersion.ts"],"sourcesContent":["export default { version: '9.2.2-alpha.13994474816' };\n"],"mappings":";;;;;;iCAAe;EAAEA,OAAO,EAAE;AAA0B,CAAC","ignoreList":[]}
|
|
@@ -78,8 +78,10 @@ async function refreshAccessTokenIfNeeded(ctx) {
|
|
|
78
78
|
}
|
|
79
79
|
const clientIp = (0, _headers.getClientIp)(nextJsRequest.headers['cf-connecting-ip'] || nextJsRequest.headers['x-forwarded-for']) || ((_nextJsRequest$socket = nextJsRequest.socket) == null ? void 0 : _nextJsRequest$socket.remoteAddress);
|
|
80
80
|
if (clientIp && _config.default.shouldForwardIp) {
|
|
81
|
-
var _nextJsRequest$socket2, _config$sharedSecret;
|
|
81
|
+
var _config$appId, _config$clientId, _nextJsRequest$socket2, _config$sharedSecret;
|
|
82
82
|
nextJsRequest.headers[_utils.FRONTEGG_FORWARD_IP_HEADER] = clientIp;
|
|
83
|
+
nextJsRequest.headers[_utils.FRONTEGG_APP_ID_HEADER] = (_config$appId = _config.default.appId) != null ? _config$appId : '';
|
|
84
|
+
nextJsRequest.headers[_utils.FRONTEGG_VENDOR_ID_HEADER] = (_config$clientId = _config.default.clientId) != null ? _config$clientId : '';
|
|
83
85
|
nextJsRequest.headers['refresh-access-token-if-needed'] = `nextJsRequest.headers['cf-connecting-ip'] ${nextJsRequest.headers['cf-connecting-ip']} | nextJsRequest.headers['x-forwarded-for']${nextJsRequest.headers['x-forwarded-for']} | nextJsRequest.socket?.remoteAddress ${(_nextJsRequest$socket2 = nextJsRequest.socket) == null ? void 0 : _nextJsRequest$socket2.remoteAddress}`;
|
|
84
86
|
nextJsRequest.headers[_utils.FRONTEGG_HEADERS_VERIFIER_HEADER] = (_config$sharedSecret = _config.default.sharedSecret) != null ? _config$sharedSecret : '';
|
|
85
87
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":["_common","require","_config","_interopRequireDefault","_cookies","_helpers","_fronteggLogger","_encryption","_createSession","_utils","_headers","refreshAccessTokenIfNeeded","ctx","logger","fronteggLogger","child","tag","info","pathname","nextJsRequest","req","nextJsResponse","res","url","debug","hasSetSessionCookie","getHeader","cookies","CookieManager","getSessionCookieFromRedirectedResponse","session","createSession","encryption","getForwardedSession","_nextJsRequest$socket","_ref","_ref2","_response$headers$raw","_response$headers","_response$headers$raw2","_response$headers2","_response$headers2$ge","_response$headers3","_response$headers3$ge","_CookieManager$modify","_data$accessToken","isRuntimeNextRequest","config","disableInitialPropsRefreshToken","getSessionCookieFromRequest","isHostedLogin","isOauthCallback","removeCookies","isSecured","isSSL","cookieDomain","isSamlCallback","clientIp","getClientIp","headers","socket","remoteAddress","shouldForwardIp","_nextJsRequest$socket2","_config$sharedSecret","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","sharedSecret","response","refreshAccessTokenHostedLogin","refreshAccessTokenEmbedded","ok","data","json","cookieHeader","raw","call","getSetCookie","get","newSetCookie","modifySetCookie","decodedJwt","refreshToken","createSessionFromAccessToken","cookieValue","create","value","expires","Date","exp","secure","push","setHeader","fronteggSession","accessToken","access_token","user","saveForwardedSession","e","error"],"sources":["../../../../../packages/nextjs/src/utils/refreshAccessTokenIfNeeded/index.ts"],"sourcesContent":["import type { NextPageContext } from 'next/dist/shared/lib/utils';\nimport type { FronteggNextJSSession } from '../../types';\nimport { createSessionFromAccessToken } from '../../common';\nimport config from '../../config';\nimport CookieManager from '../cookies';\nimport {\n isOauthCallback,\n hasSetSessionCookie,\n isRuntimeNextRequest,\n isSamlCallback,\n refreshAccessTokenEmbedded,\n refreshAccessTokenHostedLogin,\n saveForwardedSession,\n getForwardedSession,\n} from './helpers';\nimport fronteggLogger from '../fronteggLogger';\nimport encryption from '../encryption';\nimport createSession from '../createSession';\nimport { FRONTEGG_HEADERS_VERIFIER_HEADER, FRONTEGG_FORWARD_IP_HEADER } from '../../api/utils';\nimport { getClientIp } from '../headers';\n\nexport { isRuntimeNextRequest };\n/**\n * Refreshes the access token for the current session.\n *\n * @param {NextPageContext} ctx - The Next.js Page Context object.\n * @returns {Promise<FronteggNextJSSession | null>} A Promise that resolves to the updated session object, or `null` if the refresh failed.\n */\nexport default async function refreshAccessTokenIfNeeded(ctx: NextPageContext): Promise<FronteggNextJSSession | null> {\n const logger = fronteggLogger.child({ tag: 'refreshAccessTokenIfNeeded' });\n\n logger.info(`Refreshing token by for PageContext ${ctx.pathname}`);\n const nextJsRequest = ctx.req;\n const nextJsResponse = ctx.res;\n const url = nextJsRequest?.url;\n if (!nextJsResponse || !nextJsRequest || !url) {\n logger.debug(`abandon refreshToken due to PageContext.req = null`);\n return null;\n }\n\n if (hasSetSessionCookie(nextJsResponse.getHeader('set-cookie'))) {\n const cookies = CookieManager.getSessionCookieFromRedirectedResponse(nextJsResponse);\n const session = await createSession(cookies, encryption);\n logger.debug('Abandon refreshToken due to a previous redirect to /_error or other server-side redirect.');\n return session ?? getForwardedSession(nextJsResponse);\n }\n\n try {\n logger.info(`Check if should request made from first application load`);\n\n if (isRuntimeNextRequest(url) || config.disableInitialPropsRefreshToken) {\n logger.debug(`Detect runtime next.js request, resolving existing session from cookies if exists`);\n\n const cookies = CookieManager.getSessionCookieFromRequest(nextJsRequest);\n const session = await createSession(cookies, encryption);\n\n if (session) {\n logger.debug(`session resolved from session cookie`);\n return session;\n } else {\n logger.info('Failed to resolve session from cookie, going to refresh token');\n }\n }\n\n if (config.isHostedLogin) {\n // hosted login bypassed urls\n if (isOauthCallback(url)) {\n logger.debug(`abandon refreshToken for HostedLogin Callback ${url}`);\n CookieManager.removeCookies({\n isSecured: config.isSSL,\n cookieDomain: config.cookieDomain,\n res: nextJsResponse,\n req: nextJsRequest,\n });\n }\n } else {\n // embedded login bypassed urls\n if (isSamlCallback(url)) {\n logger.debug(`abandon refreshToken for Saml Callback ${url}`);\n return null;\n }\n }\n\n const clientIp =\n getClientIp(nextJsRequest.headers['cf-connecting-ip'] || nextJsRequest.headers['x-forwarded-for']) ||\n nextJsRequest.socket?.remoteAddress;\n\n if (clientIp && config.shouldForwardIp) {\n nextJsRequest.headers[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n nextJsRequest.headers[\n 'refresh-access-token-if-needed'\n ] = `nextJsRequest.headers['cf-connecting-ip'] ${nextJsRequest.headers['cf-connecting-ip']} | nextJsRequest.headers['x-forwarded-for']${nextJsRequest.headers['x-forwarded-for']} | nextJsRequest.socket?.remoteAddress ${nextJsRequest.socket?.remoteAddress}`;\n nextJsRequest.headers[FRONTEGG_HEADERS_VERIFIER_HEADER] = config.sharedSecret ?? '';\n }\n\n let response: Response | null;\n if (config.isHostedLogin) {\n response = await refreshAccessTokenHostedLogin(nextJsRequest);\n } else {\n response = await refreshAccessTokenEmbedded(nextJsRequest);\n }\n\n const isSecured = config.isSSL;\n if (response === null || !response.ok) {\n CookieManager.removeCookies({\n cookieDomain: config.cookieDomain,\n isSecured,\n req: nextJsRequest,\n res: nextJsResponse,\n });\n return null;\n }\n\n const data = await response.json();\n\n const cookieHeader: string[] =\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n response.headers?.raw?.()['set-cookie'] ??\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n response.headers?.getSetCookie?.() ??\n response.headers?.get?.('set-cookie') ??\n [];\n\n const newSetCookie = CookieManager.modifySetCookie(cookieHeader, isSecured) ?? [];\n const [session, decodedJwt, refreshToken] = await createSessionFromAccessToken(data);\n\n if (!session) {\n return null;\n }\n const cookieValue = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n req: nextJsRequest,\n });\n newSetCookie.push(...cookieValue);\n nextJsResponse.setHeader('set-cookie', newSetCookie);\n\n const fronteggSession = {\n accessToken: data.accessToken ?? data.access_token,\n user: decodedJwt,\n refreshToken,\n };\n\n saveForwardedSession(nextJsResponse, fronteggSession);\n return fronteggSession;\n } catch (e) {\n logger.error('[refreshToken] Failed to create session e', e);\n return null;\n }\n}\n"],"mappings":";;;;;;;;;;;;;AAEA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,QAAA,GAAAD,sBAAA,CAAAF,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AAUA,IAAAK,eAAA,GAAAH,sBAAA,CAAAF,OAAA;AACA,IAAAM,WAAA,GAAAJ,sBAAA,CAAAF,OAAA;AACA,IAAAO,cAAA,GAAAL,sBAAA,CAAAF,OAAA;AACA,IAAAQ,MAAA,GAAAR,OAAA;AACA,IAAAS,QAAA,GAAAT,OAAA;AAGA;AACA;AACA;AACA;AACA;AACA;AACe,eAAeU,0BAA0BA,CAACC,GAAoB,EAAyC;EACpH,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA6B,CAAC,CAAC;EAE1EH,MAAM,CAACI,IAAI,CAAC,uCAAuCL,GAAG,CAACM,QAAQ,EAAE,CAAC;EAClE,MAAMC,aAAa,GAAGP,GAAG,CAACQ,GAAG;EAC7B,MAAMC,cAAc,GAAGT,GAAG,CAACU,GAAG;EAC9B,MAAMC,GAAG,GAAGJ,aAAa,oBAAbA,aAAa,CAAEI,GAAG;EAC9B,IAAI,CAACF,cAAc,IAAI,CAACF,aAAa,IAAI,CAACI,GAAG,EAAE;IAC7CV,MAAM,CAACW,KAAK,CAAC,oDAAoD,CAAC;IAClE,OAAO,IAAI;EACb;EAEA,IAAI,IAAAC,4BAAmB,EAACJ,cAAc,CAACK,SAAS,CAAC,YAAY,CAAC,CAAC,EAAE;IAC/D,MAAMC,OAAO,GAAGC,gBAAa,CAACC,sCAAsC,CAACR,cAAc,CAAC;IACpF,MAAMS,OAAO,GAAG,MAAM,IAAAC,sBAAa,EAACJ,OAAO,EAAEK,mBAAU,CAAC;IACxDnB,MAAM,CAACW,KAAK,CAAC,2FAA2F,CAAC;IACzG,OAAOM,OAAO,WAAPA,OAAO,GAAI,IAAAG,4BAAmB,EAACZ,cAAc,CAAC;EACvD;EAEA,IAAI;IAAA,IAAAa,qBAAA,EAAAC,IAAA,EAAAC,KAAA,EAAAC,qBAAA,EAAAC,iBAAA,EAAAC,sBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,iBAAA;IACFhC,MAAM,CAACI,IAAI,CAAC,0DAA0D,CAAC;IAEvE,IAAI,IAAA6B,6BAAoB,EAACvB,GAAG,CAAC,IAAIwB,eAAM,CAACC,+BAA+B,EAAE;MACvEnC,MAAM,CAACW,KAAK,CAAC,mFAAmF,CAAC;MAEjG,MAAMG,OAAO,GAAGC,gBAAa,CAACqB,2BAA2B,CAAC9B,aAAa,CAAC;MACxE,MAAMW,OAAO,GAAG,MAAM,IAAAC,sBAAa,EAACJ,OAAO,EAAEK,mBAAU,CAAC;MAExD,IAAIF,OAAO,EAAE;QACXjB,MAAM,CAACW,KAAK,CAAC,sCAAsC,CAAC;QACpD,OAAOM,OAAO;MAChB,CAAC,MAAM;QACLjB,MAAM,CAACI,IAAI,CAAC,+DAA+D,CAAC;MAC9E;IACF;IAEA,IAAI8B,eAAM,CAACG,aAAa,EAAE;MACxB;MACA,IAAI,IAAAC,wBAAe,EAAC5B,GAAG,CAAC,EAAE;QACxBV,MAAM,CAACW,KAAK,CAAC,iDAAiDD,GAAG,EAAE,CAAC;QACpEK,gBAAa,CAACwB,aAAa,CAAC;UAC1BC,SAAS,EAAEN,eAAM,CAACO,KAAK;UACvBC,YAAY,EAAER,eAAM,CAACQ,YAAY;UACjCjC,GAAG,EAAED,cAAc;UACnBD,GAAG,EAAED;QACP,CAAC,CAAC;MACJ;IACF,CAAC,MAAM;MACL;MACA,IAAI,IAAAqC,uBAAc,EAACjC,GAAG,CAAC,EAAE;QACvBV,MAAM,CAACW,KAAK,CAAC,0CAA0CD,GAAG,EAAE,CAAC;QAC7D,OAAO,IAAI;MACb;IACF;IAEA,MAAMkC,QAAQ,GACZ,IAAAC,oBAAW,EAACvC,aAAa,CAACwC,OAAO,CAAC,kBAAkB,CAAC,IAAIxC,aAAa,CAACwC,OAAO,CAAC,iBAAiB,CAAC,CAAC,MAAAzB,qBAAA,GAClGf,aAAa,CAACyC,MAAM,qBAApB1B,qBAAA,CAAsB2B,aAAa;IAErC,IAAIJ,QAAQ,IAAIV,eAAM,CAACe,eAAe,EAAE;MAAA,IAAAC,sBAAA,EAAAC,oBAAA;MACtC7C,aAAa,CAACwC,OAAO,CAACM,iCAA0B,CAAC,GAAGR,QAAQ;MAC5DtC,aAAa,CAACwC,OAAO,CACnB,gCAAgC,CACjC,GAAG,6CAA6CxC,aAAa,CAACwC,OAAO,CAAC,kBAAkB,CAAC,8CAA8CxC,aAAa,CAACwC,OAAO,CAAC,iBAAiB,CAAC,2CAAAI,sBAAA,GAA0C5C,aAAa,CAACyC,MAAM,qBAApBG,sBAAA,CAAsBF,aAAa,EAAE;MAC/P1C,aAAa,CAACwC,OAAO,CAACO,uCAAgC,CAAC,IAAAF,oBAAA,GAAGjB,eAAM,CAACoB,YAAY,YAAAH,oBAAA,GAAI,EAAE;IACrF;IAEA,IAAII,QAAyB;IAC7B,IAAIrB,eAAM,CAACG,aAAa,EAAE;MACxBkB,QAAQ,GAAG,MAAM,IAAAC,sCAA6B,EAAClD,aAAa,CAAC;IAC/D,CAAC,MAAM;MACLiD,QAAQ,GAAG,MAAM,IAAAE,mCAA0B,EAACnD,aAAa,CAAC;IAC5D;IAEA,MAAMkC,SAAS,GAAGN,eAAM,CAACO,KAAK;IAC9B,IAAIc,QAAQ,KAAK,IAAI,IAAI,CAACA,QAAQ,CAACG,EAAE,EAAE;MACrC3C,gBAAa,CAACwB,aAAa,CAAC;QAC1BG,YAAY,EAAER,eAAM,CAACQ,YAAY;QACjCF,SAAS;QACTjC,GAAG,EAAED,aAAa;QAClBG,GAAG,EAAED;MACP,CAAC,CAAC;MACF,OAAO,IAAI;IACb;IAEA,MAAMmD,IAAI,GAAG,MAAMJ,QAAQ,CAACK,IAAI,CAAC,CAAC;IAElC,MAAMC,YAAsB,GAC1B;IAAA,CAAAvC,IAAA,IAAAC,KAAA,IAAAC,qBAAA,IAAAC,iBAAA,GACA8B,QAAQ,CAACT,OAAO,cAAApB,sBAAA,GAAhBD,iBAAA,CAAkBqC,GAAG,qBAArBpC,sBAAA,CAAAqC,IAAA,CAAAtC,iBAAwB,CAAC,CAAC,YAAY,CAAC,YAAAD,qBAAA,GACvC;IAAA,CAAAG,kBAAA,GACA4B,QAAQ,CAACT,OAAO,cAAAlB,qBAAA,GAAhBD,kBAAA,CAAkBqC,YAAY,qBAA9BpC,qBAAA,CAAAmC,IAAA,CAAApC,kBAAiC,CAAC,YAAAJ,KAAA,IAAAM,kBAAA,GAClC0B,QAAQ,CAACT,OAAO,cAAAhB,qBAAA,GAAhBD,kBAAA,CAAkBoC,GAAG,qBAArBnC,qBAAA,CAAAiC,IAAA,CAAAlC,kBAAA,EAAwB,YAAY,CAAC,YAAAP,IAAA,GACrC,EAAE;IAEJ,MAAM4C,YAAY,IAAAnC,qBAAA,GAAGhB,gBAAa,CAACoD,eAAe,CAACN,YAAY,EAAErB,SAAS,CAAC,YAAAT,qBAAA,GAAI,EAAE;IACjF,MAAM,CAACd,OAAO,EAAEmD,UAAU,EAAEC,YAAY,CAAC,GAAG,MAAM,IAAAC,oCAA4B,EAACX,IAAI,CAAC;IAEpF,IAAI,CAAC1C,OAAO,EAAE;MACZ,OAAO,IAAI;IACb;IACA,MAAMsD,WAAW,GAAGxD,gBAAa,CAACyD,MAAM,CAAC;MACvCC,KAAK,EAAExD,OAAO;MACdyD,OAAO,EAAE,IAAIC,IAAI,CAACP,UAAU,CAACQ,GAAG,GAAG,IAAI,CAAC;MACxCC,MAAM,EAAErC,SAAS;MACjBjC,GAAG,EAAED;IACP,CAAC,CAAC;IACF4D,YAAY,CAACY,IAAI,CAAC,GAAGP,WAAW,CAAC;IACjC/D,cAAc,CAACuE,SAAS,CAAC,YAAY,EAAEb,YAAY,CAAC;IAEpD,MAAMc,eAAe,GAAG;MACtBC,WAAW,GAAAjD,iBAAA,GAAE2B,IAAI,CAACsB,WAAW,YAAAjD,iBAAA,GAAI2B,IAAI,CAACuB,YAAY;MAClDC,IAAI,EAAEf,UAAU;MAChBC;IACF,CAAC;IAED,IAAAe,6BAAoB,EAAC5E,cAAc,EAAEwE,eAAe,CAAC;IACrD,OAAOA,eAAe;EACxB,CAAC,CAAC,OAAOK,CAAC,EAAE;IACVrF,MAAM,CAACsF,KAAK,CAAC,2CAA2C,EAAED,CAAC,CAAC;IAC5D,OAAO,IAAI;EACb;AACF","ignoreList":[]}
|
|
1
|
+
{"version":3,"file":"index.js","names":["_common","require","_config","_interopRequireDefault","_cookies","_helpers","_fronteggLogger","_encryption","_createSession","_utils","_headers","refreshAccessTokenIfNeeded","ctx","logger","fronteggLogger","child","tag","info","pathname","nextJsRequest","req","nextJsResponse","res","url","debug","hasSetSessionCookie","getHeader","cookies","CookieManager","getSessionCookieFromRedirectedResponse","session","createSession","encryption","getForwardedSession","_nextJsRequest$socket","_ref","_ref2","_response$headers$raw","_response$headers","_response$headers$raw2","_response$headers2","_response$headers2$ge","_response$headers3","_response$headers3$ge","_CookieManager$modify","_data$accessToken","isRuntimeNextRequest","config","disableInitialPropsRefreshToken","getSessionCookieFromRequest","isHostedLogin","isOauthCallback","removeCookies","isSecured","isSSL","cookieDomain","isSamlCallback","clientIp","getClientIp","headers","socket","remoteAddress","shouldForwardIp","_config$appId","_config$clientId","_nextJsRequest$socket2","_config$sharedSecret","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_APP_ID_HEADER","appId","FRONTEGG_VENDOR_ID_HEADER","clientId","FRONTEGG_HEADERS_VERIFIER_HEADER","sharedSecret","response","refreshAccessTokenHostedLogin","refreshAccessTokenEmbedded","ok","data","json","cookieHeader","raw","call","getSetCookie","get","newSetCookie","modifySetCookie","decodedJwt","refreshToken","createSessionFromAccessToken","cookieValue","create","value","expires","Date","exp","secure","push","setHeader","fronteggSession","accessToken","access_token","user","saveForwardedSession","e","error"],"sources":["../../../../../packages/nextjs/src/utils/refreshAccessTokenIfNeeded/index.ts"],"sourcesContent":["import type { NextPageContext } from 'next/dist/shared/lib/utils';\nimport type { FronteggNextJSSession } from '../../types';\nimport { createSessionFromAccessToken } from '../../common';\nimport config from '../../config';\nimport CookieManager from '../cookies';\nimport {\n isOauthCallback,\n hasSetSessionCookie,\n isRuntimeNextRequest,\n isSamlCallback,\n refreshAccessTokenEmbedded,\n refreshAccessTokenHostedLogin,\n saveForwardedSession,\n getForwardedSession,\n} from './helpers';\nimport fronteggLogger from '../fronteggLogger';\nimport encryption from '../encryption';\nimport createSession from '../createSession';\nimport {\n FRONTEGG_HEADERS_VERIFIER_HEADER,\n FRONTEGG_FORWARD_IP_HEADER,\n FRONTEGG_APP_ID_HEADER,\n FRONTEGG_VENDOR_ID_HEADER,\n} from '../../api/utils';\nimport { getClientIp } from '../headers';\n\nexport { isRuntimeNextRequest };\n/**\n * Refreshes the access token for the current session.\n *\n * @param {NextPageContext} ctx - The Next.js Page Context object.\n * @returns {Promise<FronteggNextJSSession | null>} A Promise that resolves to the updated session object, or `null` if the refresh failed.\n */\nexport default async function refreshAccessTokenIfNeeded(ctx: NextPageContext): Promise<FronteggNextJSSession | null> {\n const logger = fronteggLogger.child({ tag: 'refreshAccessTokenIfNeeded' });\n\n logger.info(`Refreshing token by for PageContext ${ctx.pathname}`);\n const nextJsRequest = ctx.req;\n const nextJsResponse = ctx.res;\n const url = nextJsRequest?.url;\n if (!nextJsResponse || !nextJsRequest || !url) {\n logger.debug(`abandon refreshToken due to PageContext.req = null`);\n return null;\n }\n\n if (hasSetSessionCookie(nextJsResponse.getHeader('set-cookie'))) {\n const cookies = CookieManager.getSessionCookieFromRedirectedResponse(nextJsResponse);\n const session = await createSession(cookies, encryption);\n logger.debug('Abandon refreshToken due to a previous redirect to /_error or other server-side redirect.');\n return session ?? getForwardedSession(nextJsResponse);\n }\n\n try {\n logger.info(`Check if should request made from first application load`);\n\n if (isRuntimeNextRequest(url) || config.disableInitialPropsRefreshToken) {\n logger.debug(`Detect runtime next.js request, resolving existing session from cookies if exists`);\n\n const cookies = CookieManager.getSessionCookieFromRequest(nextJsRequest);\n const session = await createSession(cookies, encryption);\n\n if (session) {\n logger.debug(`session resolved from session cookie`);\n return session;\n } else {\n logger.info('Failed to resolve session from cookie, going to refresh token');\n }\n }\n\n if (config.isHostedLogin) {\n // hosted login bypassed urls\n if (isOauthCallback(url)) {\n logger.debug(`abandon refreshToken for HostedLogin Callback ${url}`);\n CookieManager.removeCookies({\n isSecured: config.isSSL,\n cookieDomain: config.cookieDomain,\n res: nextJsResponse,\n req: nextJsRequest,\n });\n }\n } else {\n // embedded login bypassed urls\n if (isSamlCallback(url)) {\n logger.debug(`abandon refreshToken for Saml Callback ${url}`);\n return null;\n }\n }\n\n const clientIp =\n getClientIp(nextJsRequest.headers['cf-connecting-ip'] || nextJsRequest.headers['x-forwarded-for']) ||\n nextJsRequest.socket?.remoteAddress;\n\n if (clientIp && config.shouldForwardIp) {\n nextJsRequest.headers[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n nextJsRequest.headers[FRONTEGG_APP_ID_HEADER] = config.appId ?? '';\n nextJsRequest.headers[FRONTEGG_VENDOR_ID_HEADER] = config.clientId ?? '';\n nextJsRequest.headers[\n 'refresh-access-token-if-needed'\n ] = `nextJsRequest.headers['cf-connecting-ip'] ${nextJsRequest.headers['cf-connecting-ip']} | nextJsRequest.headers['x-forwarded-for']${nextJsRequest.headers['x-forwarded-for']} | nextJsRequest.socket?.remoteAddress ${nextJsRequest.socket?.remoteAddress}`;\n nextJsRequest.headers[FRONTEGG_HEADERS_VERIFIER_HEADER] = config.sharedSecret ?? '';\n }\n\n let response: Response | null;\n if (config.isHostedLogin) {\n response = await refreshAccessTokenHostedLogin(nextJsRequest);\n } else {\n response = await refreshAccessTokenEmbedded(nextJsRequest);\n }\n\n const isSecured = config.isSSL;\n if (response === null || !response.ok) {\n CookieManager.removeCookies({\n cookieDomain: config.cookieDomain,\n isSecured,\n req: nextJsRequest,\n res: nextJsResponse,\n });\n return null;\n }\n\n const data = await response.json();\n\n const cookieHeader: string[] =\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n response.headers?.raw?.()['set-cookie'] ??\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n response.headers?.getSetCookie?.() ??\n response.headers?.get?.('set-cookie') ??\n [];\n\n const newSetCookie = CookieManager.modifySetCookie(cookieHeader, isSecured) ?? [];\n const [session, decodedJwt, refreshToken] = await createSessionFromAccessToken(data);\n\n if (!session) {\n return null;\n }\n const cookieValue = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n req: nextJsRequest,\n });\n newSetCookie.push(...cookieValue);\n nextJsResponse.setHeader('set-cookie', newSetCookie);\n\n const fronteggSession = {\n accessToken: data.accessToken ?? data.access_token,\n user: decodedJwt,\n refreshToken,\n };\n\n saveForwardedSession(nextJsResponse, fronteggSession);\n return fronteggSession;\n } catch (e) {\n logger.error('[refreshToken] Failed to create session e', e);\n return null;\n }\n}\n"],"mappings":";;;;;;;;;;;;;AAEA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,QAAA,GAAAD,sBAAA,CAAAF,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AAUA,IAAAK,eAAA,GAAAH,sBAAA,CAAAF,OAAA;AACA,IAAAM,WAAA,GAAAJ,sBAAA,CAAAF,OAAA;AACA,IAAAO,cAAA,GAAAL,sBAAA,CAAAF,OAAA;AACA,IAAAQ,MAAA,GAAAR,OAAA;AAMA,IAAAS,QAAA,GAAAT,OAAA;AAGA;AACA;AACA;AACA;AACA;AACA;AACe,eAAeU,0BAA0BA,CAACC,GAAoB,EAAyC;EACpH,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA6B,CAAC,CAAC;EAE1EH,MAAM,CAACI,IAAI,CAAC,uCAAuCL,GAAG,CAACM,QAAQ,EAAE,CAAC;EAClE,MAAMC,aAAa,GAAGP,GAAG,CAACQ,GAAG;EAC7B,MAAMC,cAAc,GAAGT,GAAG,CAACU,GAAG;EAC9B,MAAMC,GAAG,GAAGJ,aAAa,oBAAbA,aAAa,CAAEI,GAAG;EAC9B,IAAI,CAACF,cAAc,IAAI,CAACF,aAAa,IAAI,CAACI,GAAG,EAAE;IAC7CV,MAAM,CAACW,KAAK,CAAC,oDAAoD,CAAC;IAClE,OAAO,IAAI;EACb;EAEA,IAAI,IAAAC,4BAAmB,EAACJ,cAAc,CAACK,SAAS,CAAC,YAAY,CAAC,CAAC,EAAE;IAC/D,MAAMC,OAAO,GAAGC,gBAAa,CAACC,sCAAsC,CAACR,cAAc,CAAC;IACpF,MAAMS,OAAO,GAAG,MAAM,IAAAC,sBAAa,EAACJ,OAAO,EAAEK,mBAAU,CAAC;IACxDnB,MAAM,CAACW,KAAK,CAAC,2FAA2F,CAAC;IACzG,OAAOM,OAAO,WAAPA,OAAO,GAAI,IAAAG,4BAAmB,EAACZ,cAAc,CAAC;EACvD;EAEA,IAAI;IAAA,IAAAa,qBAAA,EAAAC,IAAA,EAAAC,KAAA,EAAAC,qBAAA,EAAAC,iBAAA,EAAAC,sBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,iBAAA;IACFhC,MAAM,CAACI,IAAI,CAAC,0DAA0D,CAAC;IAEvE,IAAI,IAAA6B,6BAAoB,EAACvB,GAAG,CAAC,IAAIwB,eAAM,CAACC,+BAA+B,EAAE;MACvEnC,MAAM,CAACW,KAAK,CAAC,mFAAmF,CAAC;MAEjG,MAAMG,OAAO,GAAGC,gBAAa,CAACqB,2BAA2B,CAAC9B,aAAa,CAAC;MACxE,MAAMW,OAAO,GAAG,MAAM,IAAAC,sBAAa,EAACJ,OAAO,EAAEK,mBAAU,CAAC;MAExD,IAAIF,OAAO,EAAE;QACXjB,MAAM,CAACW,KAAK,CAAC,sCAAsC,CAAC;QACpD,OAAOM,OAAO;MAChB,CAAC,MAAM;QACLjB,MAAM,CAACI,IAAI,CAAC,+DAA+D,CAAC;MAC9E;IACF;IAEA,IAAI8B,eAAM,CAACG,aAAa,EAAE;MACxB;MACA,IAAI,IAAAC,wBAAe,EAAC5B,GAAG,CAAC,EAAE;QACxBV,MAAM,CAACW,KAAK,CAAC,iDAAiDD,GAAG,EAAE,CAAC;QACpEK,gBAAa,CAACwB,aAAa,CAAC;UAC1BC,SAAS,EAAEN,eAAM,CAACO,KAAK;UACvBC,YAAY,EAAER,eAAM,CAACQ,YAAY;UACjCjC,GAAG,EAAED,cAAc;UACnBD,GAAG,EAAED;QACP,CAAC,CAAC;MACJ;IACF,CAAC,MAAM;MACL;MACA,IAAI,IAAAqC,uBAAc,EAACjC,GAAG,CAAC,EAAE;QACvBV,MAAM,CAACW,KAAK,CAAC,0CAA0CD,GAAG,EAAE,CAAC;QAC7D,OAAO,IAAI;MACb;IACF;IAEA,MAAMkC,QAAQ,GACZ,IAAAC,oBAAW,EAACvC,aAAa,CAACwC,OAAO,CAAC,kBAAkB,CAAC,IAAIxC,aAAa,CAACwC,OAAO,CAAC,iBAAiB,CAAC,CAAC,MAAAzB,qBAAA,GAClGf,aAAa,CAACyC,MAAM,qBAApB1B,qBAAA,CAAsB2B,aAAa;IAErC,IAAIJ,QAAQ,IAAIV,eAAM,CAACe,eAAe,EAAE;MAAA,IAAAC,aAAA,EAAAC,gBAAA,EAAAC,sBAAA,EAAAC,oBAAA;MACtC/C,aAAa,CAACwC,OAAO,CAACQ,iCAA0B,CAAC,GAAGV,QAAQ;MAC5DtC,aAAa,CAACwC,OAAO,CAACS,6BAAsB,CAAC,IAAAL,aAAA,GAAGhB,eAAM,CAACsB,KAAK,YAAAN,aAAA,GAAI,EAAE;MAClE5C,aAAa,CAACwC,OAAO,CAACW,gCAAyB,CAAC,IAAAN,gBAAA,GAAGjB,eAAM,CAACwB,QAAQ,YAAAP,gBAAA,GAAI,EAAE;MACxE7C,aAAa,CAACwC,OAAO,CACnB,gCAAgC,CACjC,GAAG,6CAA6CxC,aAAa,CAACwC,OAAO,CAAC,kBAAkB,CAAC,8CAA8CxC,aAAa,CAACwC,OAAO,CAAC,iBAAiB,CAAC,2CAAAM,sBAAA,GAA0C9C,aAAa,CAACyC,MAAM,qBAApBK,sBAAA,CAAsBJ,aAAa,EAAE;MAC/P1C,aAAa,CAACwC,OAAO,CAACa,uCAAgC,CAAC,IAAAN,oBAAA,GAAGnB,eAAM,CAAC0B,YAAY,YAAAP,oBAAA,GAAI,EAAE;IACrF;IAEA,IAAIQ,QAAyB;IAC7B,IAAI3B,eAAM,CAACG,aAAa,EAAE;MACxBwB,QAAQ,GAAG,MAAM,IAAAC,sCAA6B,EAACxD,aAAa,CAAC;IAC/D,CAAC,MAAM;MACLuD,QAAQ,GAAG,MAAM,IAAAE,mCAA0B,EAACzD,aAAa,CAAC;IAC5D;IAEA,MAAMkC,SAAS,GAAGN,eAAM,CAACO,KAAK;IAC9B,IAAIoB,QAAQ,KAAK,IAAI,IAAI,CAACA,QAAQ,CAACG,EAAE,EAAE;MACrCjD,gBAAa,CAACwB,aAAa,CAAC;QAC1BG,YAAY,EAAER,eAAM,CAACQ,YAAY;QACjCF,SAAS;QACTjC,GAAG,EAAED,aAAa;QAClBG,GAAG,EAAED;MACP,CAAC,CAAC;MACF,OAAO,IAAI;IACb;IAEA,MAAMyD,IAAI,GAAG,MAAMJ,QAAQ,CAACK,IAAI,CAAC,CAAC;IAElC,MAAMC,YAAsB,GAC1B;IAAA,CAAA7C,IAAA,IAAAC,KAAA,IAAAC,qBAAA,IAAAC,iBAAA,GACAoC,QAAQ,CAACf,OAAO,cAAApB,sBAAA,GAAhBD,iBAAA,CAAkB2C,GAAG,qBAArB1C,sBAAA,CAAA2C,IAAA,CAAA5C,iBAAwB,CAAC,CAAC,YAAY,CAAC,YAAAD,qBAAA,GACvC;IAAA,CAAAG,kBAAA,GACAkC,QAAQ,CAACf,OAAO,cAAAlB,qBAAA,GAAhBD,kBAAA,CAAkB2C,YAAY,qBAA9B1C,qBAAA,CAAAyC,IAAA,CAAA1C,kBAAiC,CAAC,YAAAJ,KAAA,IAAAM,kBAAA,GAClCgC,QAAQ,CAACf,OAAO,cAAAhB,qBAAA,GAAhBD,kBAAA,CAAkB0C,GAAG,qBAArBzC,qBAAA,CAAAuC,IAAA,CAAAxC,kBAAA,EAAwB,YAAY,CAAC,YAAAP,IAAA,GACrC,EAAE;IAEJ,MAAMkD,YAAY,IAAAzC,qBAAA,GAAGhB,gBAAa,CAAC0D,eAAe,CAACN,YAAY,EAAE3B,SAAS,CAAC,YAAAT,qBAAA,GAAI,EAAE;IACjF,MAAM,CAACd,OAAO,EAAEyD,UAAU,EAAEC,YAAY,CAAC,GAAG,MAAM,IAAAC,oCAA4B,EAACX,IAAI,CAAC;IAEpF,IAAI,CAAChD,OAAO,EAAE;MACZ,OAAO,IAAI;IACb;IACA,MAAM4D,WAAW,GAAG9D,gBAAa,CAAC+D,MAAM,CAAC;MACvCC,KAAK,EAAE9D,OAAO;MACd+D,OAAO,EAAE,IAAIC,IAAI,CAACP,UAAU,CAACQ,GAAG,GAAG,IAAI,CAAC;MACxCC,MAAM,EAAE3C,SAAS;MACjBjC,GAAG,EAAED;IACP,CAAC,CAAC;IACFkE,YAAY,CAACY,IAAI,CAAC,GAAGP,WAAW,CAAC;IACjCrE,cAAc,CAAC6E,SAAS,CAAC,YAAY,EAAEb,YAAY,CAAC;IAEpD,MAAMc,eAAe,GAAG;MACtBC,WAAW,GAAAvD,iBAAA,GAAEiC,IAAI,CAACsB,WAAW,YAAAvD,iBAAA,GAAIiC,IAAI,CAACuB,YAAY;MAClDC,IAAI,EAAEf,UAAU;MAChBC;IACF,CAAC;IAED,IAAAe,6BAAoB,EAAClF,cAAc,EAAE8E,eAAe,CAAC;IACrD,OAAOA,eAAe;EACxB,CAAC,CAAC,OAAOK,CAAC,EAAE;IACV3F,MAAM,CAAC4F,KAAK,CAAC,2CAA2C,EAAED,CAAC,CAAC;IAC5D,OAAO,IAAI;EACb;AACF","ignoreList":[]}
|