@frontegg/nextjs 9.2.7 → 9.2.8-alpha.15876559484
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/api/utils.js +4 -0
- package/api/utils.js.map +1 -1
- package/edge/getSessionOnEdge.js +5 -0
- package/edge/getSessionOnEdge.js.map +1 -1
- package/index.js +1 -1
- package/middleware/ProxyRequestCallback.js +8 -1
- package/middleware/ProxyRequestCallback.js.map +1 -1
- package/package.json +1 -1
- package/sdkVersion.js +1 -1
- package/sdkVersion.js.map +1 -1
- package/utils/fetchUserData/index.js +5 -0
- package/utils/fetchUserData/index.js.map +1 -1
- package/utils/refreshAccessTokenIfNeeded/index.js +3 -0
- package/utils/refreshAccessTokenIfNeeded/index.js.map +1 -1
package/api/utils.js
CHANGED
|
@@ -118,6 +118,10 @@ function buildRequestHeaders(headers) {
|
|
|
118
118
|
const clientIp = getClientIp(headers[FRONTEGG_FORWARD_IP_HEADER] || headers['cf-connecting-ip'] || headers['x-forwarded-for']);
|
|
119
119
|
if (clientIp && _config.default.shouldForwardIp) {
|
|
120
120
|
var _config$sharedSecret;
|
|
121
|
+
console.log('inside buildRequestHeaders', process.env.VERCEL);
|
|
122
|
+
console.log('headers[FRONTEGG_FORWARD_IP_HEADER]', headers[FRONTEGG_FORWARD_IP_HEADER]);
|
|
123
|
+
console.log('headers[cf-connecting-ip]', headers['cf-connecting-ip']);
|
|
124
|
+
console.log('headers[x-forwarded-for]', headers['x-forwarded-for']);
|
|
121
125
|
preparedHeaders[FRONTEGG_FORWARD_IP_HEADER] = clientIp;
|
|
122
126
|
preparedHeaders[FRONTEGG_HEADERS_VERIFIER_HEADER] = (_config$sharedSecret = _config.default.sharedSecret) != null ? _config$sharedSecret : '';
|
|
123
127
|
preparedHeaders[FRONTEGG_VENDOR_ID_HEADER] = _config.default.clientId;
|
package/api/utils.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.js","names":["_config","_interopRequireDefault","require","_sdkVersion","_package","_restApi","_constants","Get","url","credentials","headers","fetch","method","exports","Post","body","removeInvalidHeaders","newHeaders","_extends2","default","Object","keys","forEach","key","val","Array","isArray","headerCharRegex","exec","undefined","length","CUSTOM_LOGIN_HEADER","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","FRONTEGG_APPLICATION_ID_HEADER","FRONTEGG_VENDOR_ID_HEADER","buildRequestHeaders","cookie","replace","config","rewriteCookieByAppId","appId","split","filter","cookieStr","trim","startsWith","clientId","join","entries","map","value","preparedHeaders","authorization","accept","origin","baseUrl","nextjsPkg","version","sdkVersion","clientIp","getClientIp","shouldForwardIp","_config$sharedSecret","sharedSecret","parseHttpResponse","res","ok","json","isMiddlewarePath","path","isAuthPath","fronteggAuthApiRoutesRegex","find","pathRegex","RegExp","test","isSocialLoginPath","endsWith","rawIp","ip"],"sources":["../../../../packages/nextjs/src/api/utils.ts"],"sourcesContent":["import config from '../config';\nimport sdkVersion from '../sdkVersion';\nimport nextjsPkg from 'next/package.json';\nimport { fronteggAuthApiRoutesRegex } from '@frontegg/rest-api';\nimport { headerCharRegex } from '../utils/common/constants';\n\ninterface GetRequestOptions {\n url: string;\n credentials?: RequestCredentials;\n headers?: HeadersInit;\n}\n\nexport const Get = ({ url, credentials = 'include', headers }: GetRequestOptions) =>\n fetch(url, { method: 'GET', credentials, headers });\n\ninterface PostRequestOptions extends GetRequestOptions {\n body: string;\n}\n\nexport const Post = ({ url, credentials = 'include', headers, body }: PostRequestOptions) =>\n fetch(url, { method: 'POST', credentials, headers, body });\n\n/**\n * NodeJS 18 start using undici as http request handler,\n * undici http request does not accept invalid headers\n * for more details see:\n * https://github.com/nodejs/undici/blob/2b260c997ad4efe4ed2064b264b4b546a59e7a67/lib/core/request.js#L282\n * @param headers\n */\nexport function removeInvalidHeaders(headers: Record<string, string>) {\n const newHeaders = { ...headers };\n Object.keys(newHeaders).forEach((key: string) => {\n const val: any = headers[key];\n if (val && typeof val === 'object' && !Array.isArray(val)) {\n delete newHeaders[key];\n } else if (headerCharRegex.exec(val) !== null) {\n delete newHeaders[key];\n } else if (val === undefined || val === null) {\n delete newHeaders[key];\n } else if (key.length === 10 && key === 'connection') {\n delete newHeaders[key];\n }\n });\n return newHeaders;\n}\n\n/**\n * These headers are used to identify the tenant for login per tenant feature\n */\nexport const CUSTOM_LOGIN_HEADER = 'frontegg-login-alias';\nexport const FRONTEGG_FORWARD_IP_HEADER = 'x-frontegg-forwarded-for';\nexport const FRONTEGG_HEADERS_VERIFIER_HEADER = 'x-frontegg-headers-verifier';\nexport const FRONTEGG_APPLICATION_ID_HEADER = 'frontegg-requested-application-id';\nexport const FRONTEGG_VENDOR_ID_HEADER = 'frontegg-vendor-id';\n\n/**\n * Build fetch request headers, remove invalid http headers\n * @param headers - Incoming request headers\n */\nexport function buildRequestHeaders(headers: Record<string, any>): Record<string, string> {\n let cookie = headers['cookie'];\n if (cookie != null && typeof cookie === 'string') {\n cookie = cookie.replace(/fe_session-[^=]*=[^;]*$/, '').replace(/fe_session-[^=]*=[^;]*;/, '');\n\n if (config.rewriteCookieByAppId && config.appId) {\n cookie = cookie\n .split(';')\n .filter((cookieStr: string) => !cookieStr.trim().startsWith(`fe_refresh_${config.clientId.replace('-', '')}`))\n .join(';');\n cookie = cookie.replace(\n `fe_refresh_${config.appId.replace('-', '')}`,\n `fe_refresh_${config.clientId.replace('-', '')}`\n );\n }\n }\n if (cookie != null && typeof cookie === 'object') {\n cookie = Object.entries(cookie)\n .filter(([key]) => {\n if (config.rewriteCookieByAppId && config.appId) {\n return key !== `fe_refresh_${config.clientId.replace('-', '')}`;\n }\n return true;\n })\n .map(([key, value]) => {\n if (config.rewriteCookieByAppId && config.appId && key === `fe_refresh_${config.appId.replace('-', '')}`) {\n return `fe_refresh_${config.clientId.replace('-', '')}=${value}`;\n } else {\n return `${key}=${value}`;\n }\n })\n .join('; ');\n }\n\n const preparedHeaders: Record<string, string> = {\n authorization: headers['authorization'],\n 'accept-encoding': headers['accept-encoding'],\n 'accept-language': headers['accept-language'],\n accept: headers['accept'],\n 'content-type': 'application/json',\n origin: config.baseUrl,\n cookie,\n 'user-agent': headers['user-agent'],\n 'cache-control': headers['cache-control'],\n 'x-frontegg-framework': `next@${nextjsPkg.version}`,\n 'x-frontegg-sdk': `@frontegg/nextjs@${sdkVersion.version}`,\n };\n\n if (headers[FRONTEGG_APPLICATION_ID_HEADER]) {\n preparedHeaders[FRONTEGG_APPLICATION_ID_HEADER] = headers[FRONTEGG_APPLICATION_ID_HEADER];\n }\n\n const clientIp = getClientIp(\n headers[FRONTEGG_FORWARD_IP_HEADER] || headers['cf-connecting-ip'] || headers['x-forwarded-for']\n );\n\n if (clientIp && config.shouldForwardIp) {\n preparedHeaders[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n preparedHeaders[FRONTEGG_HEADERS_VERIFIER_HEADER] = config.sharedSecret ?? '';\n preparedHeaders[FRONTEGG_VENDOR_ID_HEADER] = config.clientId;\n }\n\n if (headers[CUSTOM_LOGIN_HEADER]) {\n preparedHeaders[CUSTOM_LOGIN_HEADER] = headers[CUSTOM_LOGIN_HEADER];\n }\n return removeInvalidHeaders({ ...preparedHeaders });\n}\n\n/**\n * Return parsed json response if http status code = 200\n * @param res\n */\nexport const parseHttpResponse = async <T>(res: Response): Promise<T | undefined> => {\n if (!res.ok) {\n return undefined;\n }\n return await res.json();\n};\n\n/**\n * Checks if the given path should be forwarded to the Next.js server middleware.\n *\n *\n * @param {string} path - The path to check for authentication API routes.\n * @returns {boolean} Returns true if the path is a frontegg authentication API route or ends with '/postlogin' or '/prelogin'; otherwise, returns false.\n */\nexport function isMiddlewarePath(path: string): boolean {\n let isAuthPath =\n fronteggAuthApiRoutesRegex.find((pathRegex) => {\n if (typeof pathRegex === 'string') {\n return pathRegex === path;\n } else {\n return new RegExp(pathRegex).test(path);\n }\n }) != null;\n\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/user\\/sso\\/[^\\/]*\\/postlogin$/g.test(path)\n // }\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/passwordless\\/[^\\/]*\\/prelogin$/g.test(path)\n // }\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/[^\\/]*\\/prelogin$/g.test(path)\n // }\n\n if (!isAuthPath) {\n const isSocialLoginPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/user\\/sso\\/default\\/[^\\/]*\\/prelogin$/.test(path);\n isAuthPath = (path.endsWith('/postlogin') || path.endsWith('/prelogin')) && !isSocialLoginPath;\n }\n\n return isAuthPath;\n}\n\n/**\n * Extracts the real client IP address from a raw IP string or array.\n *\n * If the input contains multiple IPs (e.g., from the `x-forwarded-for` header),\n * it returns only the first IP, which typically represents the real client.\n *\n * @param rawIp - A single IP string or an array of IPs.\n * @returns The first IP address as a string, or undefined if not available.\n */\nexport function getClientIp(rawIp?: string | string[] | null): string | undefined {\n if (!rawIp) return undefined;\n const ip = Array.isArray(rawIp) ? rawIp[0] : rawIp;\n return ip.split(',')[0].trim();\n}\n"],"mappings":";;;;;;;;;;;;;AAAA,IAAAA,OAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,WAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,QAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,QAAA,GAAAH,OAAA;AACA,IAAAI,UAAA,GAAAJ,OAAA;AAQO,MAAMK,GAAG,GAAGA,CAAC;EAAEC,GAAG;EAAEC,WAAW,GAAG,SAAS;EAAEC;AAA2B,CAAC,KAC9EC,KAAK,CAACH,GAAG,EAAE;EAAEI,MAAM,EAAE,KAAK;EAAEH,WAAW;EAAEC;AAAQ,CAAC,CAAC;AAACG,OAAA,CAAAN,GAAA,GAAAA,GAAA;AAM/C,MAAMO,IAAI,GAAGA,CAAC;EAAEN,GAAG;EAAEC,WAAW,GAAG,SAAS;EAAEC,OAAO;EAAEK;AAAyB,CAAC,KACtFJ,KAAK,CAACH,GAAG,EAAE;EAAEI,MAAM,EAAE,MAAM;EAAEH,WAAW;EAAEC,OAAO;EAAEK;AAAK,CAAC,CAAC;;AAE5D;AACA;AACA;AACA;AACA;AACA;AACA;AANAF,OAAA,CAAAC,IAAA,GAAAA,IAAA;AAOO,SAASE,oBAAoBA,CAACN,OAA+B,EAAE;EACpE,MAAMO,UAAU,OAAAC,SAAA,CAAAC,OAAA,MAAQT,OAAO,CAAE;EACjCU,MAAM,CAACC,IAAI,CAACJ,UAAU,CAAC,CAACK,OAAO,CAAEC,GAAW,IAAK;IAC/C,MAAMC,GAAQ,GAAGd,OAAO,CAACa,GAAG,CAAC;IAC7B,IAAIC,GAAG,IAAI,OAAOA,GAAG,KAAK,QAAQ,IAAI,CAACC,KAAK,CAACC,OAAO,CAACF,GAAG,CAAC,EAAE;MACzD,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAII,0BAAe,CAACC,IAAI,CAACJ,GAAG,CAAC,KAAK,IAAI,EAAE;MAC7C,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAIC,GAAG,KAAKK,SAAS,IAAIL,GAAG,KAAK,IAAI,EAAE;MAC5C,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAIA,GAAG,CAACO,MAAM,KAAK,EAAE,IAAIP,GAAG,KAAK,YAAY,EAAE;MACpD,OAAON,UAAU,CAACM,GAAG,CAAC;IACxB;EACF,CAAC,CAAC;EACF,OAAON,UAAU;AACnB;;AAEA;AACA;AACA;AACO,MAAMc,mBAAmB,GAAAlB,OAAA,CAAAkB,mBAAA,GAAG,sBAAsB;AAClD,MAAMC,0BAA0B,GAAAnB,OAAA,CAAAmB,0BAAA,GAAG,0BAA0B;AAC7D,MAAMC,gCAAgC,GAAApB,OAAA,CAAAoB,gCAAA,GAAG,6BAA6B;AACtE,MAAMC,8BAA8B,GAAArB,OAAA,CAAAqB,8BAAA,GAAG,mCAAmC;AAC1E,MAAMC,yBAAyB,GAAAtB,OAAA,CAAAsB,yBAAA,GAAG,oBAAoB;;AAE7D;AACA;AACA;AACA;AACO,SAASC,mBAAmBA,CAAC1B,OAA4B,EAA0B;EACxF,IAAI2B,MAAM,GAAG3B,OAAO,CAAC,QAAQ,CAAC;EAC9B,IAAI2B,MAAM,IAAI,IAAI,IAAI,OAAOA,MAAM,KAAK,QAAQ,EAAE;IAChDA,MAAM,GAAGA,MAAM,CAACC,OAAO,CAAC,yBAAyB,EAAE,EAAE,CAAC,CAACA,OAAO,CAAC,yBAAyB,EAAE,EAAE,CAAC;IAE7F,IAAIC,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,EAAE;MAC/CJ,MAAM,GAAGA,MAAM,CACZK,KAAK,CAAC,GAAG,CAAC,CACVC,MAAM,CAAEC,SAAiB,IAAK,CAACA,SAAS,CAACC,IAAI,CAAC,CAAC,CAACC,UAAU,CAAC,cAAcP,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAC7GU,IAAI,CAAC,GAAG,CAAC;MACZX,MAAM,GAAGA,MAAM,CAACC,OAAO,CACrB,cAAcC,eAAM,CAACE,KAAK,CAACH,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAC7C,cAAcC,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAChD,CAAC;IACH;EACF;EACA,IAAID,MAAM,IAAI,IAAI,IAAI,OAAOA,MAAM,KAAK,QAAQ,EAAE;IAChDA,MAAM,GAAGjB,MAAM,CAAC6B,OAAO,CAACZ,MAAM,CAAC,CAC5BM,MAAM,CAAC,CAAC,CAACpB,GAAG,CAAC,KAAK;MACjB,IAAIgB,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,EAAE;QAC/C,OAAOlB,GAAG,KAAK,cAAcgB,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;MACjE;MACA,OAAO,IAAI;IACb,CAAC,CAAC,CACDY,GAAG,CAAC,CAAC,CAAC3B,GAAG,EAAE4B,KAAK,CAAC,KAAK;MACrB,IAAIZ,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,IAAIlB,GAAG,KAAK,cAAcgB,eAAM,CAACE,KAAK,CAACH,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;QACxG,OAAO,cAAcC,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,IAAIa,KAAK,EAAE;MAClE,CAAC,MAAM;QACL,OAAO,GAAG5B,GAAG,IAAI4B,KAAK,EAAE;MAC1B;IACF,CAAC,CAAC,CACDH,IAAI,CAAC,IAAI,CAAC;EACf;EAEA,MAAMI,eAAuC,GAAG;IAC9CC,aAAa,EAAE3C,OAAO,CAAC,eAAe,CAAC;IACvC,iBAAiB,EAAEA,OAAO,CAAC,iBAAiB,CAAC;IAC7C,iBAAiB,EAAEA,OAAO,CAAC,iBAAiB,CAAC;IAC7C4C,MAAM,EAAE5C,OAAO,CAAC,QAAQ,CAAC;IACzB,cAAc,EAAE,kBAAkB;IAClC6C,MAAM,EAAEhB,eAAM,CAACiB,OAAO;IACtBnB,MAAM;IACN,YAAY,EAAE3B,OAAO,CAAC,YAAY,CAAC;IACnC,eAAe,EAAEA,OAAO,CAAC,eAAe,CAAC;IACzC,sBAAsB,EAAE,QAAQ+C,gBAAS,CAACC,OAAO,EAAE;IACnD,gBAAgB,EAAE,oBAAoBC,mBAAU,CAACD,OAAO;EAC1D,CAAC;EAED,IAAIhD,OAAO,CAACwB,8BAA8B,CAAC,EAAE;IAC3CkB,eAAe,CAAClB,8BAA8B,CAAC,GAAGxB,OAAO,CAACwB,8BAA8B,CAAC;EAC3F;EAEA,MAAM0B,QAAQ,GAAGC,WAAW,CAC1BnD,OAAO,CAACsB,0BAA0B,CAAC,IAAItB,OAAO,CAAC,kBAAkB,CAAC,IAAIA,OAAO,CAAC,iBAAiB,CACjG,CAAC;EAED,IAAIkD,QAAQ,IAAIrB,eAAM,CAACuB,eAAe,EAAE;IAAA,IAAAC,oBAAA;IACtCX,eAAe,CAACpB,0BAA0B,CAAC,GAAG4B,QAAQ;IACtDR,eAAe,CAACnB,gCAAgC,CAAC,IAAA8B,oBAAA,GAAGxB,eAAM,CAACyB,YAAY,YAAAD,oBAAA,GAAI,EAAE;IAC7EX,eAAe,CAACjB,yBAAyB,CAAC,GAAGI,eAAM,CAACQ,QAAQ;EAC9D;EAEA,IAAIrC,OAAO,CAACqB,mBAAmB,CAAC,EAAE;IAChCqB,eAAe,CAACrB,mBAAmB,CAAC,GAAGrB,OAAO,CAACqB,mBAAmB,CAAC;EACrE;EACA,OAAOf,oBAAoB,KAAAE,SAAA,CAAAC,OAAA,MAAMiC,eAAe,CAAE,CAAC;AACrD;;AAEA;AACA;AACA;AACA;AACO,MAAMa,iBAAiB,GAAG,MAAUC,GAAa,IAA6B;EACnF,IAAI,CAACA,GAAG,CAACC,EAAE,EAAE;IACX,OAAOtC,SAAS;EAClB;EACA,OAAO,MAAMqC,GAAG,CAACE,IAAI,CAAC,CAAC;AACzB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAvD,OAAA,CAAAoD,iBAAA,GAAAA,iBAAA;AAOO,SAASI,gBAAgBA,CAACC,IAAY,EAAW;EACtD,IAAIC,UAAU,GACZC,mCAA0B,CAACC,IAAI,CAAEC,SAAS,IAAK;IAC7C,IAAI,OAAOA,SAAS,KAAK,QAAQ,EAAE;MACjC,OAAOA,SAAS,KAAKJ,IAAI;IAC3B,CAAC,MAAM;MACL,OAAO,IAAIK,MAAM,CAACD,SAAS,CAAC,CAACE,IAAI,CAACN,IAAI,CAAC;IACzC;EACF,CAAC,CAAC,IAAI,IAAI;;EAEZ;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,IAAI,CAACC,UAAU,EAAE;IACf,MAAMM,iBAAiB,GAAG,8EAA8E,CAACD,IAAI,CAACN,IAAI,CAAC;IACnHC,UAAU,GAAG,CAACD,IAAI,CAACQ,QAAQ,CAAC,YAAY,CAAC,IAAIR,IAAI,CAACQ,QAAQ,CAAC,WAAW,CAAC,KAAK,CAACD,iBAAiB;EAChG;EAEA,OAAON,UAAU;AACnB;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASV,WAAWA,CAACkB,KAAgC,EAAsB;EAChF,IAAI,CAACA,KAAK,EAAE,OAAOlD,SAAS;EAC5B,MAAMmD,EAAE,GAAGvD,KAAK,CAACC,OAAO,CAACqD,KAAK,CAAC,GAAGA,KAAK,CAAC,CAAC,CAAC,GAAGA,KAAK;EAClD,OAAOC,EAAE,CAACtC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAACG,IAAI,CAAC,CAAC;AAChC","ignoreList":[]}
|
|
1
|
+
{"version":3,"file":"utils.js","names":["_config","_interopRequireDefault","require","_sdkVersion","_package","_restApi","_constants","Get","url","credentials","headers","fetch","method","exports","Post","body","removeInvalidHeaders","newHeaders","_extends2","default","Object","keys","forEach","key","val","Array","isArray","headerCharRegex","exec","undefined","length","CUSTOM_LOGIN_HEADER","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","FRONTEGG_APPLICATION_ID_HEADER","FRONTEGG_VENDOR_ID_HEADER","buildRequestHeaders","cookie","replace","config","rewriteCookieByAppId","appId","split","filter","cookieStr","trim","startsWith","clientId","join","entries","map","value","preparedHeaders","authorization","accept","origin","baseUrl","nextjsPkg","version","sdkVersion","clientIp","getClientIp","shouldForwardIp","_config$sharedSecret","console","log","process","env","VERCEL","sharedSecret","parseHttpResponse","res","ok","json","isMiddlewarePath","path","isAuthPath","fronteggAuthApiRoutesRegex","find","pathRegex","RegExp","test","isSocialLoginPath","endsWith","rawIp","ip"],"sources":["../../../../packages/nextjs/src/api/utils.ts"],"sourcesContent":["import config from '../config';\nimport sdkVersion from '../sdkVersion';\nimport nextjsPkg from 'next/package.json';\nimport { fronteggAuthApiRoutesRegex } from '@frontegg/rest-api';\nimport { headerCharRegex } from '../utils/common/constants';\n\ninterface GetRequestOptions {\n url: string;\n credentials?: RequestCredentials;\n headers?: HeadersInit;\n}\n\nexport const Get = ({ url, credentials = 'include', headers }: GetRequestOptions) =>\n fetch(url, { method: 'GET', credentials, headers });\n\ninterface PostRequestOptions extends GetRequestOptions {\n body: string;\n}\n\nexport const Post = ({ url, credentials = 'include', headers, body }: PostRequestOptions) =>\n fetch(url, { method: 'POST', credentials, headers, body });\n\n/**\n * NodeJS 18 start using undici as http request handler,\n * undici http request does not accept invalid headers\n * for more details see:\n * https://github.com/nodejs/undici/blob/2b260c997ad4efe4ed2064b264b4b546a59e7a67/lib/core/request.js#L282\n * @param headers\n */\nexport function removeInvalidHeaders(headers: Record<string, string>) {\n const newHeaders = { ...headers };\n Object.keys(newHeaders).forEach((key: string) => {\n const val: any = headers[key];\n if (val && typeof val === 'object' && !Array.isArray(val)) {\n delete newHeaders[key];\n } else if (headerCharRegex.exec(val) !== null) {\n delete newHeaders[key];\n } else if (val === undefined || val === null) {\n delete newHeaders[key];\n } else if (key.length === 10 && key === 'connection') {\n delete newHeaders[key];\n }\n });\n return newHeaders;\n}\n\n/**\n * These headers are used to identify the tenant for login per tenant feature\n */\nexport const CUSTOM_LOGIN_HEADER = 'frontegg-login-alias';\nexport const FRONTEGG_FORWARD_IP_HEADER = 'x-frontegg-forwarded-for';\nexport const FRONTEGG_HEADERS_VERIFIER_HEADER = 'x-frontegg-headers-verifier';\nexport const FRONTEGG_APPLICATION_ID_HEADER = 'frontegg-requested-application-id';\nexport const FRONTEGG_VENDOR_ID_HEADER = 'frontegg-vendor-id';\n\n/**\n * Build fetch request headers, remove invalid http headers\n * @param headers - Incoming request headers\n */\nexport function buildRequestHeaders(headers: Record<string, any>): Record<string, string> {\n let cookie = headers['cookie'];\n if (cookie != null && typeof cookie === 'string') {\n cookie = cookie.replace(/fe_session-[^=]*=[^;]*$/, '').replace(/fe_session-[^=]*=[^;]*;/, '');\n\n if (config.rewriteCookieByAppId && config.appId) {\n cookie = cookie\n .split(';')\n .filter((cookieStr: string) => !cookieStr.trim().startsWith(`fe_refresh_${config.clientId.replace('-', '')}`))\n .join(';');\n cookie = cookie.replace(\n `fe_refresh_${config.appId.replace('-', '')}`,\n `fe_refresh_${config.clientId.replace('-', '')}`\n );\n }\n }\n if (cookie != null && typeof cookie === 'object') {\n cookie = Object.entries(cookie)\n .filter(([key]) => {\n if (config.rewriteCookieByAppId && config.appId) {\n return key !== `fe_refresh_${config.clientId.replace('-', '')}`;\n }\n return true;\n })\n .map(([key, value]) => {\n if (config.rewriteCookieByAppId && config.appId && key === `fe_refresh_${config.appId.replace('-', '')}`) {\n return `fe_refresh_${config.clientId.replace('-', '')}=${value}`;\n } else {\n return `${key}=${value}`;\n }\n })\n .join('; ');\n }\n\n const preparedHeaders: Record<string, string> = {\n authorization: headers['authorization'],\n 'accept-encoding': headers['accept-encoding'],\n 'accept-language': headers['accept-language'],\n accept: headers['accept'],\n 'content-type': 'application/json',\n origin: config.baseUrl,\n cookie,\n 'user-agent': headers['user-agent'],\n 'cache-control': headers['cache-control'],\n 'x-frontegg-framework': `next@${nextjsPkg.version}`,\n 'x-frontegg-sdk': `@frontegg/nextjs@${sdkVersion.version}`,\n };\n\n if (headers[FRONTEGG_APPLICATION_ID_HEADER]) {\n preparedHeaders[FRONTEGG_APPLICATION_ID_HEADER] = headers[FRONTEGG_APPLICATION_ID_HEADER];\n }\n\n const clientIp = getClientIp(\n headers[FRONTEGG_FORWARD_IP_HEADER] || headers['cf-connecting-ip'] || headers['x-forwarded-for']\n );\n\n if (clientIp && config.shouldForwardIp) {\n console.log('inside buildRequestHeaders', process.env.VERCEL);\n console.log('headers[FRONTEGG_FORWARD_IP_HEADER]', headers[FRONTEGG_FORWARD_IP_HEADER]);\n console.log('headers[cf-connecting-ip]', headers['cf-connecting-ip']);\n console.log('headers[x-forwarded-for]', headers['x-forwarded-for']);\n preparedHeaders[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n preparedHeaders[FRONTEGG_HEADERS_VERIFIER_HEADER] = config.sharedSecret ?? '';\n preparedHeaders[FRONTEGG_VENDOR_ID_HEADER] = config.clientId;\n }\n\n if (headers[CUSTOM_LOGIN_HEADER]) {\n preparedHeaders[CUSTOM_LOGIN_HEADER] = headers[CUSTOM_LOGIN_HEADER];\n }\n return removeInvalidHeaders({ ...preparedHeaders });\n}\n\n/**\n * Return parsed json response if http status code = 200\n * @param res\n */\nexport const parseHttpResponse = async <T>(res: Response): Promise<T | undefined> => {\n if (!res.ok) {\n return undefined;\n }\n return await res.json();\n};\n\n/**\n * Checks if the given path should be forwarded to the Next.js server middleware.\n *\n *\n * @param {string} path - The path to check for authentication API routes.\n * @returns {boolean} Returns true if the path is a frontegg authentication API route or ends with '/postlogin' or '/prelogin'; otherwise, returns false.\n */\nexport function isMiddlewarePath(path: string): boolean {\n let isAuthPath =\n fronteggAuthApiRoutesRegex.find((pathRegex) => {\n if (typeof pathRegex === 'string') {\n return pathRegex === path;\n } else {\n return new RegExp(pathRegex).test(path);\n }\n }) != null;\n\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/user\\/sso\\/[^\\/]*\\/postlogin$/g.test(path)\n // }\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/passwordless\\/[^\\/]*\\/prelogin$/g.test(path)\n // }\n // if(!isAuthPath){\n // isAuthPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/[^\\/]*\\/prelogin$/g.test(path)\n // }\n\n if (!isAuthPath) {\n const isSocialLoginPath = /^\\/identity\\/resources\\/auth\\/v[0-9]*\\/user\\/sso\\/default\\/[^\\/]*\\/prelogin$/.test(path);\n isAuthPath = (path.endsWith('/postlogin') || path.endsWith('/prelogin')) && !isSocialLoginPath;\n }\n\n return isAuthPath;\n}\n\n/**\n * Extracts the real client IP address from a raw IP string or array.\n *\n * If the input contains multiple IPs (e.g., from the `x-forwarded-for` header),\n * it returns only the first IP, which typically represents the real client.\n *\n * @param rawIp - A single IP string or an array of IPs.\n * @returns The first IP address as a string, or undefined if not available.\n */\nexport function getClientIp(rawIp?: string | string[] | null): string | undefined {\n if (!rawIp) return undefined;\n const ip = Array.isArray(rawIp) ? rawIp[0] : rawIp;\n return ip.split(',')[0].trim();\n}\n"],"mappings":";;;;;;;;;;;;;AAAA,IAAAA,OAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,WAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,QAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,QAAA,GAAAH,OAAA;AACA,IAAAI,UAAA,GAAAJ,OAAA;AAQO,MAAMK,GAAG,GAAGA,CAAC;EAAEC,GAAG;EAAEC,WAAW,GAAG,SAAS;EAAEC;AAA2B,CAAC,KAC9EC,KAAK,CAACH,GAAG,EAAE;EAAEI,MAAM,EAAE,KAAK;EAAEH,WAAW;EAAEC;AAAQ,CAAC,CAAC;AAACG,OAAA,CAAAN,GAAA,GAAAA,GAAA;AAM/C,MAAMO,IAAI,GAAGA,CAAC;EAAEN,GAAG;EAAEC,WAAW,GAAG,SAAS;EAAEC,OAAO;EAAEK;AAAyB,CAAC,KACtFJ,KAAK,CAACH,GAAG,EAAE;EAAEI,MAAM,EAAE,MAAM;EAAEH,WAAW;EAAEC,OAAO;EAAEK;AAAK,CAAC,CAAC;;AAE5D;AACA;AACA;AACA;AACA;AACA;AACA;AANAF,OAAA,CAAAC,IAAA,GAAAA,IAAA;AAOO,SAASE,oBAAoBA,CAACN,OAA+B,EAAE;EACpE,MAAMO,UAAU,OAAAC,SAAA,CAAAC,OAAA,MAAQT,OAAO,CAAE;EACjCU,MAAM,CAACC,IAAI,CAACJ,UAAU,CAAC,CAACK,OAAO,CAAEC,GAAW,IAAK;IAC/C,MAAMC,GAAQ,GAAGd,OAAO,CAACa,GAAG,CAAC;IAC7B,IAAIC,GAAG,IAAI,OAAOA,GAAG,KAAK,QAAQ,IAAI,CAACC,KAAK,CAACC,OAAO,CAACF,GAAG,CAAC,EAAE;MACzD,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAII,0BAAe,CAACC,IAAI,CAACJ,GAAG,CAAC,KAAK,IAAI,EAAE;MAC7C,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAIC,GAAG,KAAKK,SAAS,IAAIL,GAAG,KAAK,IAAI,EAAE;MAC5C,OAAOP,UAAU,CAACM,GAAG,CAAC;IACxB,CAAC,MAAM,IAAIA,GAAG,CAACO,MAAM,KAAK,EAAE,IAAIP,GAAG,KAAK,YAAY,EAAE;MACpD,OAAON,UAAU,CAACM,GAAG,CAAC;IACxB;EACF,CAAC,CAAC;EACF,OAAON,UAAU;AACnB;;AAEA;AACA;AACA;AACO,MAAMc,mBAAmB,GAAAlB,OAAA,CAAAkB,mBAAA,GAAG,sBAAsB;AAClD,MAAMC,0BAA0B,GAAAnB,OAAA,CAAAmB,0BAAA,GAAG,0BAA0B;AAC7D,MAAMC,gCAAgC,GAAApB,OAAA,CAAAoB,gCAAA,GAAG,6BAA6B;AACtE,MAAMC,8BAA8B,GAAArB,OAAA,CAAAqB,8BAAA,GAAG,mCAAmC;AAC1E,MAAMC,yBAAyB,GAAAtB,OAAA,CAAAsB,yBAAA,GAAG,oBAAoB;;AAE7D;AACA;AACA;AACA;AACO,SAASC,mBAAmBA,CAAC1B,OAA4B,EAA0B;EACxF,IAAI2B,MAAM,GAAG3B,OAAO,CAAC,QAAQ,CAAC;EAC9B,IAAI2B,MAAM,IAAI,IAAI,IAAI,OAAOA,MAAM,KAAK,QAAQ,EAAE;IAChDA,MAAM,GAAGA,MAAM,CAACC,OAAO,CAAC,yBAAyB,EAAE,EAAE,CAAC,CAACA,OAAO,CAAC,yBAAyB,EAAE,EAAE,CAAC;IAE7F,IAAIC,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,EAAE;MAC/CJ,MAAM,GAAGA,MAAM,CACZK,KAAK,CAAC,GAAG,CAAC,CACVC,MAAM,CAAEC,SAAiB,IAAK,CAACA,SAAS,CAACC,IAAI,CAAC,CAAC,CAACC,UAAU,CAAC,cAAcP,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAC7GU,IAAI,CAAC,GAAG,CAAC;MACZX,MAAM,GAAGA,MAAM,CAACC,OAAO,CACrB,cAAcC,eAAM,CAACE,KAAK,CAACH,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAC7C,cAAcC,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAChD,CAAC;IACH;EACF;EACA,IAAID,MAAM,IAAI,IAAI,IAAI,OAAOA,MAAM,KAAK,QAAQ,EAAE;IAChDA,MAAM,GAAGjB,MAAM,CAAC6B,OAAO,CAACZ,MAAM,CAAC,CAC5BM,MAAM,CAAC,CAAC,CAACpB,GAAG,CAAC,KAAK;MACjB,IAAIgB,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,EAAE;QAC/C,OAAOlB,GAAG,KAAK,cAAcgB,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;MACjE;MACA,OAAO,IAAI;IACb,CAAC,CAAC,CACDY,GAAG,CAAC,CAAC,CAAC3B,GAAG,EAAE4B,KAAK,CAAC,KAAK;MACrB,IAAIZ,eAAM,CAACC,oBAAoB,IAAID,eAAM,CAACE,KAAK,IAAIlB,GAAG,KAAK,cAAcgB,eAAM,CAACE,KAAK,CAACH,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;QACxG,OAAO,cAAcC,eAAM,CAACQ,QAAQ,CAACT,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,IAAIa,KAAK,EAAE;MAClE,CAAC,MAAM;QACL,OAAO,GAAG5B,GAAG,IAAI4B,KAAK,EAAE;MAC1B;IACF,CAAC,CAAC,CACDH,IAAI,CAAC,IAAI,CAAC;EACf;EAEA,MAAMI,eAAuC,GAAG;IAC9CC,aAAa,EAAE3C,OAAO,CAAC,eAAe,CAAC;IACvC,iBAAiB,EAAEA,OAAO,CAAC,iBAAiB,CAAC;IAC7C,iBAAiB,EAAEA,OAAO,CAAC,iBAAiB,CAAC;IAC7C4C,MAAM,EAAE5C,OAAO,CAAC,QAAQ,CAAC;IACzB,cAAc,EAAE,kBAAkB;IAClC6C,MAAM,EAAEhB,eAAM,CAACiB,OAAO;IACtBnB,MAAM;IACN,YAAY,EAAE3B,OAAO,CAAC,YAAY,CAAC;IACnC,eAAe,EAAEA,OAAO,CAAC,eAAe,CAAC;IACzC,sBAAsB,EAAE,QAAQ+C,gBAAS,CAACC,OAAO,EAAE;IACnD,gBAAgB,EAAE,oBAAoBC,mBAAU,CAACD,OAAO;EAC1D,CAAC;EAED,IAAIhD,OAAO,CAACwB,8BAA8B,CAAC,EAAE;IAC3CkB,eAAe,CAAClB,8BAA8B,CAAC,GAAGxB,OAAO,CAACwB,8BAA8B,CAAC;EAC3F;EAEA,MAAM0B,QAAQ,GAAGC,WAAW,CAC1BnD,OAAO,CAACsB,0BAA0B,CAAC,IAAItB,OAAO,CAAC,kBAAkB,CAAC,IAAIA,OAAO,CAAC,iBAAiB,CACjG,CAAC;EAED,IAAIkD,QAAQ,IAAIrB,eAAM,CAACuB,eAAe,EAAE;IAAA,IAAAC,oBAAA;IACtCC,OAAO,CAACC,GAAG,CAAC,4BAA4B,EAAEC,OAAO,CAACC,GAAG,CAACC,MAAM,CAAC;IAC7DJ,OAAO,CAACC,GAAG,CAAC,qCAAqC,EAAEvD,OAAO,CAACsB,0BAA0B,CAAC,CAAC;IACvFgC,OAAO,CAACC,GAAG,CAAC,2BAA2B,EAAEvD,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACrEsD,OAAO,CAACC,GAAG,CAAC,0BAA0B,EAAEvD,OAAO,CAAC,iBAAiB,CAAC,CAAC;IACnE0C,eAAe,CAACpB,0BAA0B,CAAC,GAAG4B,QAAQ;IACtDR,eAAe,CAACnB,gCAAgC,CAAC,IAAA8B,oBAAA,GAAGxB,eAAM,CAAC8B,YAAY,YAAAN,oBAAA,GAAI,EAAE;IAC7EX,eAAe,CAACjB,yBAAyB,CAAC,GAAGI,eAAM,CAACQ,QAAQ;EAC9D;EAEA,IAAIrC,OAAO,CAACqB,mBAAmB,CAAC,EAAE;IAChCqB,eAAe,CAACrB,mBAAmB,CAAC,GAAGrB,OAAO,CAACqB,mBAAmB,CAAC;EACrE;EACA,OAAOf,oBAAoB,KAAAE,SAAA,CAAAC,OAAA,MAAMiC,eAAe,CAAE,CAAC;AACrD;;AAEA;AACA;AACA;AACA;AACO,MAAMkB,iBAAiB,GAAG,MAAUC,GAAa,IAA6B;EACnF,IAAI,CAACA,GAAG,CAACC,EAAE,EAAE;IACX,OAAO3C,SAAS;EAClB;EACA,OAAO,MAAM0C,GAAG,CAACE,IAAI,CAAC,CAAC;AACzB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANA5D,OAAA,CAAAyD,iBAAA,GAAAA,iBAAA;AAOO,SAASI,gBAAgBA,CAACC,IAAY,EAAW;EACtD,IAAIC,UAAU,GACZC,mCAA0B,CAACC,IAAI,CAAEC,SAAS,IAAK;IAC7C,IAAI,OAAOA,SAAS,KAAK,QAAQ,EAAE;MACjC,OAAOA,SAAS,KAAKJ,IAAI;IAC3B,CAAC,MAAM;MACL,OAAO,IAAIK,MAAM,CAACD,SAAS,CAAC,CAACE,IAAI,CAACN,IAAI,CAAC;IACzC;EACF,CAAC,CAAC,IAAI,IAAI;;EAEZ;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,IAAI,CAACC,UAAU,EAAE;IACf,MAAMM,iBAAiB,GAAG,8EAA8E,CAACD,IAAI,CAACN,IAAI,CAAC;IACnHC,UAAU,GAAG,CAACD,IAAI,CAACQ,QAAQ,CAAC,YAAY,CAAC,IAAIR,IAAI,CAACQ,QAAQ,CAAC,WAAW,CAAC,KAAK,CAACD,iBAAiB;EAChG;EAEA,OAAON,UAAU;AACnB;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASf,WAAWA,CAACuB,KAAgC,EAAsB;EAChF,IAAI,CAACA,KAAK,EAAE,OAAOvD,SAAS;EAC5B,MAAMwD,EAAE,GAAG5D,KAAK,CAACC,OAAO,CAAC0D,KAAK,CAAC,GAAGA,KAAK,CAAC,CAAC,CAAC,GAAGA,KAAK;EAClD,OAAOC,EAAE,CAAC3C,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAACG,IAAI,CAAC,CAAC;AAChC","ignoreList":[]}
|
package/edge/getSessionOnEdge.js
CHANGED
|
@@ -195,14 +195,19 @@ const handleHostedLoginCallback = async (req, pathname, searchParams) => {
|
|
|
195
195
|
let clientIp = undefined;
|
|
196
196
|
if (typeof ((_req$headers = req.headers) == null ? void 0 : _req$headers.get) === 'function') {
|
|
197
197
|
var _socket;
|
|
198
|
+
console.log('req.headers.get(cf-connecting-ip)', req.headers.get('cf-connecting-ip'));
|
|
199
|
+
console.log('req.headers.get(x-forwarded-for)', req.headers.get('x-forwarded-for'));
|
|
198
200
|
clientIp = (0, _utils.getClientIp)(req.headers.get('cf-connecting-ip') || req.headers.get('x-forwarded-for')) || ((_socket = req.socket) == null ? void 0 : _socket.remoteAddress);
|
|
199
201
|
} else if (typeof req.headers === 'object') {
|
|
200
202
|
var _socket2;
|
|
201
203
|
let requestHeaders = (0, _extends2.default)({}, req.headers);
|
|
204
|
+
console.log('requestHeaders[cf-connecting-ip]', requestHeaders['cf-connecting-ip']);
|
|
205
|
+
console.log('requestHeaders[x-forwarded-for]', requestHeaders['x-forwarded-for']);
|
|
202
206
|
clientIp = (0, _utils.getClientIp)(requestHeaders['cf-connecting-ip'] || requestHeaders['x-forwarded-for']) || ((_socket2 = req.socket) == null ? void 0 : _socket2.remoteAddress);
|
|
203
207
|
}
|
|
204
208
|
if (clientIp && _config.default.shouldForwardIp) {
|
|
205
209
|
var _config$sharedSecret;
|
|
210
|
+
console.log('inside handleHostedLoginCallback', process.env.VERCEL);
|
|
206
211
|
headers[_utils.FRONTEGG_FORWARD_IP_HEADER] = clientIp;
|
|
207
212
|
headers[_utils.FRONTEGG_HEADERS_VERIFIER_HEADER] = (_config$sharedSecret = _config.default.sharedSecret) != null ? _config$sharedSecret : '';
|
|
208
213
|
headers[_utils.FRONTEGG_VENDOR_ID_HEADER] = _config.default.clientId;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getSessionOnEdge.js","names":["_cookies","_interopRequireDefault","require","_createSession","_encryptionEdge","_api","_server","_config","_jwt","_utils","_fronteggLogger","_refreshAccessTokenIfNeededOnEdge","_redirectToLogin","_shouldBypassMiddleware","logger","fronteggLogger","child","tag","handleSessionOnEdge","params","request","pathname","searchParams","headers","isHostedLoginCallback","handleHostedLoginCallback","shouldByPassMiddleware","NextResponse","next","edgeSession","checkSessionOnEdge","redirectToLogin","forwardedHeaders","exports","GET_SESSION_ON_EDGE_DEPRECATED_WARN","getSessionOnEdge","req","disableWarning","cookies","CookieManager","getSessionCookieFromRequest","info","createSession","encryptionEdge","sessionCookies","existingSession","debug","session","refreshAccessTokenIfNeededOnEdge","createSessionFromAccessTokenEdge","data","_data$accessToken","_data$refreshToken","accessToken","access_token","refreshToken","refresh_token","payload","decodedJwt","JwtManager","verify","expiresIn","Math","floor","exp","Date","now","tokens","sealTokens","_searchParams$get","_req$headers","code","get","clientIp","undefined","_socket","getClientIp","socket","remoteAddress","_socket2","requestHeaders","_extends2","default","config","shouldForwardIp","_config$sharedSecret","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","sharedSecret","FRONTEGG_VENDOR_ID_HEADER","clientId","response","api","exchangeHostedLoginToken","buildRequestHeaders","clientSecret","json","redirect","appUrl","isSecured","isSSL","cookieValue","create","value","expires","secure","cookieName","replace","rewriteCookieByAppId","appId","refreshCookie","sessionCookieHeaders","map","cookie","refreshCookieHeaders","secureJwtEnabled","startsWith"],"sources":["../../../../packages/nextjs/src/edge/getSessionOnEdge.ts"],"sourcesContent":["import type { IncomingMessage } from 'http';\nimport { FronteggEdgeSession, FronteggNextJSSession } from '../types';\nimport CookieManager from '../utils/cookies';\nimport createSession from '../utils/createSession';\nimport encryptionEdge from '../utils/encryption-edge';\nimport api from '../api';\nimport { type NextRequest, NextResponse } from 'next/server';\nimport config from '../config';\nimport JwtManager from '../utils/jwt';\nimport {\n buildRequestHeaders,\n FRONTEGG_HEADERS_VERIFIER_HEADER,\n FRONTEGG_FORWARD_IP_HEADER,\n getClientIp,\n FRONTEGG_VENDOR_ID_HEADER,\n} from '../api/utils';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport { refreshAccessTokenIfNeededOnEdge } from './refreshAccessTokenIfNeededOnEdge';\nimport { redirectToLogin } from './redirectToLogin';\nimport { shouldByPassMiddleware } from './shouldBypassMiddleware';\n\nconst logger = fronteggLogger.child({ tag: 'EdgeRuntime.getSessionOnEdge' });\n\nexport type HandleSessionOnEdge = {\n request: IncomingMessage | Request;\n pathname: string;\n headers: NextRequest['headers'];\n searchParams: URLSearchParams;\n};\n\nexport const handleSessionOnEdge = async (params: HandleSessionOnEdge): Promise<NextResponse> => {\n const { request, pathname, searchParams, headers } = params;\n\n if (isHostedLoginCallback(pathname, searchParams)) {\n return handleHostedLoginCallback(request, pathname, searchParams);\n }\n\n if (shouldByPassMiddleware(pathname, headers /*, options: optional bypass configuration */)) {\n return NextResponse.next();\n }\n\n const edgeSession = await checkSessionOnEdge(request);\n if (!edgeSession) {\n return redirectToLogin(pathname, searchParams);\n }\n if (edgeSession.headers) {\n return NextResponse.next({\n headers: edgeSession.headers,\n request: {\n headers: edgeSession.forwardedHeaders,\n },\n });\n }\n return NextResponse.next();\n};\n\nconst GET_SESSION_ON_EDGE_DEPRECATED_WARN = `Deprecation Notice: getSessionOnEdge has been deprecated. Please use handleSessionOnEdge instead. For example:\n\nfile: middleware.ts\n\\`\\`\\`ts\n import { NextRequest } from 'next/server';\n import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n \n export const middleware = async (request: NextRequest) => {\n const { pathname, searchParams } = request.nextUrl;\n const headers = request.headers;\n \n // Additional logic if needed\n \n return handleSessionOnEdge({ request, pathname, searchParams, headers });\n };\n \n \n export const config = {\n matcher: '/(.*)',\n };\n\n\\`\\`\\`\n\nAlternatively, to manually verify the session, you can use checkSessionOnEdge. Note that this method does not redirect to the login page if the session is invalid.\n`;\n\n/**\n * getSessionOnEdge is deprecated, please use handleSessionOnEdge instead example:\n *\n * ```ts\n * import { NextRequest } from 'next/server';\n * import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n *\n * export const middleware = async (request: NextRequest) => {\n * const { pathname, searchParams } = request.nextUrl;\n * const headers = request.headers;\n *\n * // Additional logic if needed\n *\n * return handleSessionOnEdge({ request, pathname, searchParams, headers });\n * };\n *\n * export const config = {\n * matcher: '/(.*)',\n * };\n * ```\n * @deprecated\n */\n\nexport const getSessionOnEdge = (\n req: IncomingMessage | Request,\n disableWarning = false\n): Promise<FronteggNextJSSession | undefined> => {\n const logger = fronteggLogger.child({ tag: 'EdgeRuntime.getSessionOnEdge' });\n const cookies = CookieManager.getSessionCookieFromRequest(req);\n if (!disableWarning) {\n logger.info(GET_SESSION_ON_EDGE_DEPRECATED_WARN);\n }\n return createSession(cookies, encryptionEdge);\n};\n\n/**\n * Check session on edge and return session if exists this method does not redirect to login page\n * Example:\n *\n * ```ts\n * import { NextRequest } from 'next/server';\n * import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n *\n * export const middleware = async (request: NextRequest) => {\n * const { pathname, searchParams } = request.nextUrl;\n * const headers = request.headers;\n *\n * // Additional logic if needed\n *\n * // check if it's a hosted login callback\n * if (isHostedLoginCallback(pathname, searchParams)) {\n * return handleHostedLoginCallback(request, pathname, searchParams);\n * }\n *\n * // check if we should bypass the middleware\n * if (shouldByPassMiddleware(pathname)) {\n * return NextResponse.next();\n * }\n *\n * // check session\n * const session = await checkSessionOnEdge(request);\n *\n * if (!session) {\n * return redirectToLogin(pathname);\n * }\n *\n * // if headers are present forward them to the next response / request\n * if (session.headers) {\n * return NextResponse.next({\n * headers: edgeSession.headers,\n * request:{\n * headers: edgeSession.forwardedHeaders\n * }\n * });\n * }\n * return NextResponse.next();\n * };\n * ```\n *\n *\n * @param req\n */\nexport const checkSessionOnEdge = async (req: IncomingMessage | Request): Promise<FronteggEdgeSession | undefined> => {\n const sessionCookies = CookieManager.getSessionCookieFromRequest(req);\n let existingSession = await createSession(sessionCookies, encryptionEdge);\n if (existingSession) {\n logger.debug('session resolved from session cookie');\n return {\n session: existingSession,\n };\n }\n\n logger.debug('Failed to resolve session from cookie, going to refresh token');\n return refreshAccessTokenIfNeededOnEdge(req);\n};\n\nasync function createSessionFromAccessTokenEdge(data: any): Promise<[string, any, string] | []> {\n const accessToken = data.accessToken ?? data.access_token;\n const refreshToken = data.refreshToken ?? data.refresh_token;\n const { payload: decodedJwt }: any = await JwtManager.verify(accessToken);\n decodedJwt.expiresIn = Math.floor((decodedJwt.exp * 1000 - Date.now()) / 1000);\n\n const tokens = { accessToken, refreshToken };\n const session = await encryptionEdge.sealTokens(tokens, decodedJwt.exp);\n return [session, decodedJwt, refreshToken];\n}\n\nexport const handleHostedLoginCallback = async (\n req: IncomingMessage | Request,\n pathname: string,\n searchParams: URLSearchParams\n): Promise<NextResponse> => {\n if (!isHostedLoginCallback(pathname, searchParams)) {\n return NextResponse.next();\n }\n\n const code = searchParams.get('code') ?? '';\n\n let headers: Record<string, string> = {};\n let clientIp: string | undefined = undefined;\n if (typeof req.headers?.get === 'function') {\n clientIp =\n getClientIp(req.headers.get('cf-connecting-ip') || req.headers.get('x-forwarded-for')) ||\n (req as any).socket?.remoteAddress;\n } else if (typeof req.headers === 'object') {\n let requestHeaders: any = { ...req.headers };\n clientIp =\n getClientIp(requestHeaders['cf-connecting-ip'] || requestHeaders['x-forwarded-for']) ||\n (req as any).socket?.remoteAddress;\n }\n\n if (clientIp && config.shouldForwardIp) {\n headers[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n headers[FRONTEGG_HEADERS_VERIFIER_HEADER] = config.sharedSecret ?? '';\n headers[FRONTEGG_VENDOR_ID_HEADER] = config.clientId;\n }\n\n const response = await api.exchangeHostedLoginToken(\n buildRequestHeaders(headers),\n code,\n config.clientId,\n config.clientSecret!\n );\n\n const data = await response.json();\n\n const [session, decodedJwt, refreshToken] = await createSessionFromAccessTokenEdge(data);\n\n if (!session) {\n return NextResponse.redirect(config.appUrl);\n }\n const isSecured = config.isSSL;\n const cookieValue = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n });\n\n let cookieName = `fe_refresh_${config.clientId.replace('-', '')}`;\n if (config.rewriteCookieByAppId && config.appId) {\n cookieName = `fe_refresh_${config.appId.replace('-', '')}`;\n }\n const refreshCookie = CookieManager.create({\n cookieName,\n value: refreshToken ?? '',\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n });\n const sessionCookieHeaders: [string, string][] = cookieValue.map((cookie) => ['set-cookie', cookie]);\n const refreshCookieHeaders: [string, string][] = refreshCookie.map((cookie) => ['set-cookie', cookie]);\n\n return NextResponse.redirect(config.appUrl, {\n headers: [...sessionCookieHeaders, ...refreshCookieHeaders],\n });\n};\n\nexport const isHostedLoginCallback = (pathname: string, searchParams: URLSearchParams): boolean => {\n if (config.secureJwtEnabled) {\n if (pathname.startsWith('/oauth/callback')) {\n return searchParams.get('code') != null;\n }\n }\n return false;\n};\n"],"mappings":";;;;;;;;AAEA,IAAAA,QAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,cAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,eAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,IAAA,GAAAJ,sBAAA,CAAAC,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAN,sBAAA,CAAAC,OAAA;AACA,IAAAM,IAAA,GAAAP,sBAAA,CAAAC,OAAA;AACA,IAAAO,MAAA,GAAAP,OAAA;AAOA,IAAAQ,eAAA,GAAAT,sBAAA,CAAAC,OAAA;AACA,IAAAS,iCAAA,GAAAT,OAAA;AACA,IAAAU,gBAAA,GAAAV,OAAA;AACA,IAAAW,uBAAA,GAAAX,OAAA;AAEA,MAAMY,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;EAAEC,GAAG,EAAE;AAA+B,CAAC,CAAC;AASrE,MAAMC,mBAAmB,GAAG,MAAOC,MAA2B,IAA4B;EAC/F,MAAM;IAAEC,OAAO;IAAEC,QAAQ;IAAEC,YAAY;IAAEC;EAAQ,CAAC,GAAGJ,MAAM;EAE3D,IAAIK,qBAAqB,CAACH,QAAQ,EAAEC,YAAY,CAAC,EAAE;IACjD,OAAOG,yBAAyB,CAACL,OAAO,EAAEC,QAAQ,EAAEC,YAAY,CAAC;EACnE;EAEA,IAAI,IAAAI,8CAAsB,EAACL,QAAQ,EAAEE,OAAO,CAAC,6CAA6C,CAAC,EAAE;IAC3F,OAAOI,oBAAY,CAACC,IAAI,CAAC,CAAC;EAC5B;EAEA,MAAMC,WAAW,GAAG,MAAMC,kBAAkB,CAACV,OAAO,CAAC;EACrD,IAAI,CAACS,WAAW,EAAE;IAChB,OAAO,IAAAE,gCAAe,EAACV,QAAQ,EAAEC,YAAY,CAAC;EAChD;EACA,IAAIO,WAAW,CAACN,OAAO,EAAE;IACvB,OAAOI,oBAAY,CAACC,IAAI,CAAC;MACvBL,OAAO,EAAEM,WAAW,CAACN,OAAO;MAC5BH,OAAO,EAAE;QACPG,OAAO,EAAEM,WAAW,CAACG;MACvB;IACF,CAAC,CAAC;EACJ;EACA,OAAOL,oBAAY,CAACC,IAAI,CAAC,CAAC;AAC5B,CAAC;AAACK,OAAA,CAAAf,mBAAA,GAAAA,mBAAA;AAEF,MAAMgB,mCAAmC,GAAG;AAC5C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEO,MAAMC,gBAAgB,GAAGA,CAC9BC,GAA8B,EAC9BC,cAAc,GAAG,KAAK,KACyB;EAC/C,MAAMvB,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA+B,CAAC,CAAC;EAC5E,MAAMqB,OAAO,GAAGC,gBAAa,CAACC,2BAA2B,CAACJ,GAAG,CAAC;EAC9D,IAAI,CAACC,cAAc,EAAE;IACnBvB,MAAM,CAAC2B,IAAI,CAACP,mCAAmC,CAAC;EAClD;EACA,OAAO,IAAAQ,sBAAa,EAACJ,OAAO,EAAEK,uBAAc,CAAC;AAC/C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA9CAV,OAAA,CAAAE,gBAAA,GAAAA,gBAAA;AA+CO,MAAML,kBAAkB,GAAG,MAAOM,GAA8B,IAA+C;EACpH,MAAMQ,cAAc,GAAGL,gBAAa,CAACC,2BAA2B,CAACJ,GAAG,CAAC;EACrE,IAAIS,eAAe,GAAG,MAAM,IAAAH,sBAAa,EAACE,cAAc,EAAED,uBAAc,CAAC;EACzE,IAAIE,eAAe,EAAE;IACnB/B,MAAM,CAACgC,KAAK,CAAC,sCAAsC,CAAC;IACpD,OAAO;MACLC,OAAO,EAAEF;IACX,CAAC;EACH;EAEA/B,MAAM,CAACgC,KAAK,CAAC,+DAA+D,CAAC;EAC7E,OAAO,IAAAE,kEAAgC,EAACZ,GAAG,CAAC;AAC9C,CAAC;AAACH,OAAA,CAAAH,kBAAA,GAAAA,kBAAA;AAEF,eAAemB,gCAAgCA,CAACC,IAAS,EAAuC;EAAA,IAAAC,iBAAA,EAAAC,kBAAA;EAC9F,MAAMC,WAAW,IAAAF,iBAAA,GAAGD,IAAI,CAACG,WAAW,YAAAF,iBAAA,GAAID,IAAI,CAACI,YAAY;EACzD,MAAMC,YAAY,IAAAH,kBAAA,GAAGF,IAAI,CAACK,YAAY,YAAAH,kBAAA,GAAIF,IAAI,CAACM,aAAa;EAC5D,MAAM;IAAEC,OAAO,EAAEC;EAAgB,CAAC,GAAG,MAAMC,YAAU,CAACC,MAAM,CAACP,WAAW,CAAC;EACzEK,UAAU,CAACG,SAAS,GAAGC,IAAI,CAACC,KAAK,CAAC,CAACL,UAAU,CAACM,GAAG,GAAG,IAAI,GAAGC,IAAI,CAACC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC;EAE9E,MAAMC,MAAM,GAAG;IAAEd,WAAW;IAAEE;EAAa,CAAC;EAC5C,MAAMR,OAAO,GAAG,MAAMJ,uBAAc,CAACyB,UAAU,CAACD,MAAM,EAAET,UAAU,CAACM,GAAG,CAAC;EACvE,OAAO,CAACjB,OAAO,EAAEW,UAAU,EAAEH,YAAY,CAAC;AAC5C;AAEO,MAAM9B,yBAAyB,GAAG,MAAAA,CACvCW,GAA8B,EAC9Bf,QAAgB,EAChBC,YAA6B,KACH;EAAA,IAAA+C,iBAAA,EAAAC,YAAA;EAC1B,IAAI,CAAC9C,qBAAqB,CAACH,QAAQ,EAAEC,YAAY,CAAC,EAAE;IAClD,OAAOK,oBAAY,CAACC,IAAI,CAAC,CAAC;EAC5B;EAEA,MAAM2C,IAAI,IAAAF,iBAAA,GAAG/C,YAAY,CAACkD,GAAG,CAAC,MAAM,CAAC,YAAAH,iBAAA,GAAI,EAAE;EAE3C,IAAI9C,OAA+B,GAAG,CAAC,CAAC;EACxC,IAAIkD,QAA4B,GAAGC,SAAS;EAC5C,IAAI,SAAAJ,YAAA,GAAOlC,GAAG,CAACb,OAAO,qBAAX+C,YAAA,CAAaE,GAAG,MAAK,UAAU,EAAE;IAAA,IAAAG,OAAA;IAC1CF,QAAQ,GACN,IAAAG,kBAAW,EAACxC,GAAG,CAACb,OAAO,CAACiD,GAAG,CAAC,kBAAkB,CAAC,IAAIpC,GAAG,CAACb,OAAO,CAACiD,GAAG,CAAC,iBAAiB,CAAC,CAAC,MAAAG,OAAA,GACrFvC,GAAG,CAASyC,MAAM,qBAAnBF,OAAA,CAAqBG,aAAa;EACtC,CAAC,MAAM,IAAI,OAAO1C,GAAG,CAACb,OAAO,KAAK,QAAQ,EAAE;IAAA,IAAAwD,QAAA;IAC1C,IAAIC,cAAmB,OAAAC,SAAA,CAAAC,OAAA,MAAQ9C,GAAG,CAACb,OAAO,CAAE;IAC5CkD,QAAQ,GACN,IAAAG,kBAAW,EAACI,cAAc,CAAC,kBAAkB,CAAC,IAAIA,cAAc,CAAC,iBAAiB,CAAC,CAAC,MAAAD,QAAA,GACnF3C,GAAG,CAASyC,MAAM,qBAAnBE,QAAA,CAAqBD,aAAa;EACtC;EAEA,IAAIL,QAAQ,IAAIU,eAAM,CAACC,eAAe,EAAE;IAAA,IAAAC,oBAAA;IACtC9D,OAAO,CAAC+D,iCAA0B,CAAC,GAAGb,QAAQ;IAC9ClD,OAAO,CAACgE,uCAAgC,CAAC,IAAAF,oBAAA,GAAGF,eAAM,CAACK,YAAY,YAAAH,oBAAA,GAAI,EAAE;IACrE9D,OAAO,CAACkE,gCAAyB,CAAC,GAAGN,eAAM,CAACO,QAAQ;EACtD;EAEA,MAAMC,QAAQ,GAAG,MAAMC,YAAG,CAACC,wBAAwB,CACjD,IAAAC,0BAAmB,EAACvE,OAAO,CAAC,EAC5BgD,IAAI,EACJY,eAAM,CAACO,QAAQ,EACfP,eAAM,CAACY,YACT,CAAC;EAED,MAAM7C,IAAI,GAAG,MAAMyC,QAAQ,CAACK,IAAI,CAAC,CAAC;EAElC,MAAM,CAACjD,OAAO,EAAEW,UAAU,EAAEH,YAAY,CAAC,GAAG,MAAMN,gCAAgC,CAACC,IAAI,CAAC;EAExF,IAAI,CAACH,OAAO,EAAE;IACZ,OAAOpB,oBAAY,CAACsE,QAAQ,CAACd,eAAM,CAACe,MAAM,CAAC;EAC7C;EACA,MAAMC,SAAS,GAAGhB,eAAM,CAACiB,KAAK;EAC9B,MAAMC,WAAW,GAAG9D,gBAAa,CAAC+D,MAAM,CAAC;IACvCC,KAAK,EAAExD,OAAO;IACdyD,OAAO,EAAE,IAAIvC,IAAI,CAACP,UAAU,CAACM,GAAG,GAAG,IAAI,CAAC;IACxCyC,MAAM,EAAEN;EACV,CAAC,CAAC;EAEF,IAAIO,UAAU,GAAG,cAAcvB,eAAM,CAACO,QAAQ,CAACiB,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;EACjE,IAAIxB,eAAM,CAACyB,oBAAoB,IAAIzB,eAAM,CAAC0B,KAAK,EAAE;IAC/CH,UAAU,GAAG,cAAcvB,eAAM,CAAC0B,KAAK,CAACF,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;EAC5D;EACA,MAAMG,aAAa,GAAGvE,gBAAa,CAAC+D,MAAM,CAAC;IACzCI,UAAU;IACVH,KAAK,EAAEhD,YAAY,WAAZA,YAAY,GAAI,EAAE;IACzBiD,OAAO,EAAE,IAAIvC,IAAI,CAACP,UAAU,CAACM,GAAG,GAAG,IAAI,CAAC;IACxCyC,MAAM,EAAEN;EACV,CAAC,CAAC;EACF,MAAMY,oBAAwC,GAAGV,WAAW,CAACW,GAAG,CAAEC,MAAM,IAAK,CAAC,YAAY,EAAEA,MAAM,CAAC,CAAC;EACpG,MAAMC,oBAAwC,GAAGJ,aAAa,CAACE,GAAG,CAAEC,MAAM,IAAK,CAAC,YAAY,EAAEA,MAAM,CAAC,CAAC;EAEtG,OAAOtF,oBAAY,CAACsE,QAAQ,CAACd,eAAM,CAACe,MAAM,EAAE;IAC1C3E,OAAO,EAAE,CAAC,GAAGwF,oBAAoB,EAAE,GAAGG,oBAAoB;EAC5D,CAAC,CAAC;AACJ,CAAC;AAACjF,OAAA,CAAAR,yBAAA,GAAAA,yBAAA;AAEK,MAAMD,qBAAqB,GAAGA,CAACH,QAAgB,EAAEC,YAA6B,KAAc;EACjG,IAAI6D,eAAM,CAACgC,gBAAgB,EAAE;IAC3B,IAAI9F,QAAQ,CAAC+F,UAAU,CAAC,iBAAiB,CAAC,EAAE;MAC1C,OAAO9F,YAAY,CAACkD,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI;IACzC;EACF;EACA,OAAO,KAAK;AACd,CAAC;AAACvC,OAAA,CAAAT,qBAAA,GAAAA,qBAAA","ignoreList":[]}
|
|
1
|
+
{"version":3,"file":"getSessionOnEdge.js","names":["_cookies","_interopRequireDefault","require","_createSession","_encryptionEdge","_api","_server","_config","_jwt","_utils","_fronteggLogger","_refreshAccessTokenIfNeededOnEdge","_redirectToLogin","_shouldBypassMiddleware","logger","fronteggLogger","child","tag","handleSessionOnEdge","params","request","pathname","searchParams","headers","isHostedLoginCallback","handleHostedLoginCallback","shouldByPassMiddleware","NextResponse","next","edgeSession","checkSessionOnEdge","redirectToLogin","forwardedHeaders","exports","GET_SESSION_ON_EDGE_DEPRECATED_WARN","getSessionOnEdge","req","disableWarning","cookies","CookieManager","getSessionCookieFromRequest","info","createSession","encryptionEdge","sessionCookies","existingSession","debug","session","refreshAccessTokenIfNeededOnEdge","createSessionFromAccessTokenEdge","data","_data$accessToken","_data$refreshToken","accessToken","access_token","refreshToken","refresh_token","payload","decodedJwt","JwtManager","verify","expiresIn","Math","floor","exp","Date","now","tokens","sealTokens","_searchParams$get","_req$headers","code","get","clientIp","undefined","_socket","console","log","getClientIp","socket","remoteAddress","_socket2","requestHeaders","_extends2","default","config","shouldForwardIp","_config$sharedSecret","process","env","VERCEL","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","sharedSecret","FRONTEGG_VENDOR_ID_HEADER","clientId","response","api","exchangeHostedLoginToken","buildRequestHeaders","clientSecret","json","redirect","appUrl","isSecured","isSSL","cookieValue","create","value","expires","secure","cookieName","replace","rewriteCookieByAppId","appId","refreshCookie","sessionCookieHeaders","map","cookie","refreshCookieHeaders","secureJwtEnabled","startsWith"],"sources":["../../../../packages/nextjs/src/edge/getSessionOnEdge.ts"],"sourcesContent":["import type { IncomingMessage } from 'http';\nimport { FronteggEdgeSession, FronteggNextJSSession } from '../types';\nimport CookieManager from '../utils/cookies';\nimport createSession from '../utils/createSession';\nimport encryptionEdge from '../utils/encryption-edge';\nimport api from '../api';\nimport { type NextRequest, NextResponse } from 'next/server';\nimport config from '../config';\nimport JwtManager from '../utils/jwt';\nimport {\n buildRequestHeaders,\n FRONTEGG_HEADERS_VERIFIER_HEADER,\n FRONTEGG_FORWARD_IP_HEADER,\n getClientIp,\n FRONTEGG_VENDOR_ID_HEADER,\n} from '../api/utils';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport { refreshAccessTokenIfNeededOnEdge } from './refreshAccessTokenIfNeededOnEdge';\nimport { redirectToLogin } from './redirectToLogin';\nimport { shouldByPassMiddleware } from './shouldBypassMiddleware';\n\nconst logger = fronteggLogger.child({ tag: 'EdgeRuntime.getSessionOnEdge' });\n\nexport type HandleSessionOnEdge = {\n request: IncomingMessage | Request;\n pathname: string;\n headers: NextRequest['headers'];\n searchParams: URLSearchParams;\n};\n\nexport const handleSessionOnEdge = async (params: HandleSessionOnEdge): Promise<NextResponse> => {\n const { request, pathname, searchParams, headers } = params;\n\n if (isHostedLoginCallback(pathname, searchParams)) {\n return handleHostedLoginCallback(request, pathname, searchParams);\n }\n\n if (shouldByPassMiddleware(pathname, headers /*, options: optional bypass configuration */)) {\n return NextResponse.next();\n }\n\n const edgeSession = await checkSessionOnEdge(request);\n if (!edgeSession) {\n return redirectToLogin(pathname, searchParams);\n }\n if (edgeSession.headers) {\n return NextResponse.next({\n headers: edgeSession.headers,\n request: {\n headers: edgeSession.forwardedHeaders,\n },\n });\n }\n return NextResponse.next();\n};\n\nconst GET_SESSION_ON_EDGE_DEPRECATED_WARN = `Deprecation Notice: getSessionOnEdge has been deprecated. Please use handleSessionOnEdge instead. For example:\n\nfile: middleware.ts\n\\`\\`\\`ts\n import { NextRequest } from 'next/server';\n import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n \n export const middleware = async (request: NextRequest) => {\n const { pathname, searchParams } = request.nextUrl;\n const headers = request.headers;\n \n // Additional logic if needed\n \n return handleSessionOnEdge({ request, pathname, searchParams, headers });\n };\n \n \n export const config = {\n matcher: '/(.*)',\n };\n\n\\`\\`\\`\n\nAlternatively, to manually verify the session, you can use checkSessionOnEdge. Note that this method does not redirect to the login page if the session is invalid.\n`;\n\n/**\n * getSessionOnEdge is deprecated, please use handleSessionOnEdge instead example:\n *\n * ```ts\n * import { NextRequest } from 'next/server';\n * import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n *\n * export const middleware = async (request: NextRequest) => {\n * const { pathname, searchParams } = request.nextUrl;\n * const headers = request.headers;\n *\n * // Additional logic if needed\n *\n * return handleSessionOnEdge({ request, pathname, searchParams, headers });\n * };\n *\n * export const config = {\n * matcher: '/(.*)',\n * };\n * ```\n * @deprecated\n */\n\nexport const getSessionOnEdge = (\n req: IncomingMessage | Request,\n disableWarning = false\n): Promise<FronteggNextJSSession | undefined> => {\n const logger = fronteggLogger.child({ tag: 'EdgeRuntime.getSessionOnEdge' });\n const cookies = CookieManager.getSessionCookieFromRequest(req);\n if (!disableWarning) {\n logger.info(GET_SESSION_ON_EDGE_DEPRECATED_WARN);\n }\n return createSession(cookies, encryptionEdge);\n};\n\n/**\n * Check session on edge and return session if exists this method does not redirect to login page\n * Example:\n *\n * ```ts\n * import { NextRequest } from 'next/server';\n * import { handleSessionOnEdge } from '@frontegg/nextjs/edge';\n *\n * export const middleware = async (request: NextRequest) => {\n * const { pathname, searchParams } = request.nextUrl;\n * const headers = request.headers;\n *\n * // Additional logic if needed\n *\n * // check if it's a hosted login callback\n * if (isHostedLoginCallback(pathname, searchParams)) {\n * return handleHostedLoginCallback(request, pathname, searchParams);\n * }\n *\n * // check if we should bypass the middleware\n * if (shouldByPassMiddleware(pathname)) {\n * return NextResponse.next();\n * }\n *\n * // check session\n * const session = await checkSessionOnEdge(request);\n *\n * if (!session) {\n * return redirectToLogin(pathname);\n * }\n *\n * // if headers are present forward them to the next response / request\n * if (session.headers) {\n * return NextResponse.next({\n * headers: edgeSession.headers,\n * request:{\n * headers: edgeSession.forwardedHeaders\n * }\n * });\n * }\n * return NextResponse.next();\n * };\n * ```\n *\n *\n * @param req\n */\nexport const checkSessionOnEdge = async (req: IncomingMessage | Request): Promise<FronteggEdgeSession | undefined> => {\n const sessionCookies = CookieManager.getSessionCookieFromRequest(req);\n let existingSession = await createSession(sessionCookies, encryptionEdge);\n if (existingSession) {\n logger.debug('session resolved from session cookie');\n return {\n session: existingSession,\n };\n }\n\n logger.debug('Failed to resolve session from cookie, going to refresh token');\n return refreshAccessTokenIfNeededOnEdge(req);\n};\n\nasync function createSessionFromAccessTokenEdge(data: any): Promise<[string, any, string] | []> {\n const accessToken = data.accessToken ?? data.access_token;\n const refreshToken = data.refreshToken ?? data.refresh_token;\n const { payload: decodedJwt }: any = await JwtManager.verify(accessToken);\n decodedJwt.expiresIn = Math.floor((decodedJwt.exp * 1000 - Date.now()) / 1000);\n\n const tokens = { accessToken, refreshToken };\n const session = await encryptionEdge.sealTokens(tokens, decodedJwt.exp);\n return [session, decodedJwt, refreshToken];\n}\n\nexport const handleHostedLoginCallback = async (\n req: IncomingMessage | Request,\n pathname: string,\n searchParams: URLSearchParams\n): Promise<NextResponse> => {\n if (!isHostedLoginCallback(pathname, searchParams)) {\n return NextResponse.next();\n }\n\n const code = searchParams.get('code') ?? '';\n\n let headers: Record<string, string> = {};\n let clientIp: string | undefined = undefined;\n if (typeof req.headers?.get === 'function') {\n console.log('req.headers.get(cf-connecting-ip)', req.headers.get('cf-connecting-ip'));\n console.log('req.headers.get(x-forwarded-for)', req.headers.get('x-forwarded-for'));\n clientIp =\n getClientIp(req.headers.get('cf-connecting-ip') || req.headers.get('x-forwarded-for')) ||\n (req as any).socket?.remoteAddress;\n } else if (typeof req.headers === 'object') {\n let requestHeaders: any = { ...req.headers };\n console.log('requestHeaders[cf-connecting-ip]', requestHeaders['cf-connecting-ip']);\n console.log('requestHeaders[x-forwarded-for]', requestHeaders['x-forwarded-for']);\n clientIp =\n getClientIp(requestHeaders['cf-connecting-ip'] || requestHeaders['x-forwarded-for']) ||\n (req as any).socket?.remoteAddress;\n }\n\n if (clientIp && config.shouldForwardIp) {\n console.log('inside handleHostedLoginCallback', process.env.VERCEL);\n\n headers[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n headers[FRONTEGG_HEADERS_VERIFIER_HEADER] = config.sharedSecret ?? '';\n headers[FRONTEGG_VENDOR_ID_HEADER] = config.clientId;\n }\n\n const response = await api.exchangeHostedLoginToken(\n buildRequestHeaders(headers),\n code,\n config.clientId,\n config.clientSecret!\n );\n\n const data = await response.json();\n\n const [session, decodedJwt, refreshToken] = await createSessionFromAccessTokenEdge(data);\n\n if (!session) {\n return NextResponse.redirect(config.appUrl);\n }\n const isSecured = config.isSSL;\n const cookieValue = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n });\n\n let cookieName = `fe_refresh_${config.clientId.replace('-', '')}`;\n if (config.rewriteCookieByAppId && config.appId) {\n cookieName = `fe_refresh_${config.appId.replace('-', '')}`;\n }\n const refreshCookie = CookieManager.create({\n cookieName,\n value: refreshToken ?? '',\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n });\n const sessionCookieHeaders: [string, string][] = cookieValue.map((cookie) => ['set-cookie', cookie]);\n const refreshCookieHeaders: [string, string][] = refreshCookie.map((cookie) => ['set-cookie', cookie]);\n\n return NextResponse.redirect(config.appUrl, {\n headers: [...sessionCookieHeaders, ...refreshCookieHeaders],\n });\n};\n\nexport const isHostedLoginCallback = (pathname: string, searchParams: URLSearchParams): boolean => {\n if (config.secureJwtEnabled) {\n if (pathname.startsWith('/oauth/callback')) {\n return searchParams.get('code') != null;\n }\n }\n return false;\n};\n"],"mappings":";;;;;;;;AAEA,IAAAA,QAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,cAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,eAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,IAAA,GAAAJ,sBAAA,CAAAC,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAN,sBAAA,CAAAC,OAAA;AACA,IAAAM,IAAA,GAAAP,sBAAA,CAAAC,OAAA;AACA,IAAAO,MAAA,GAAAP,OAAA;AAOA,IAAAQ,eAAA,GAAAT,sBAAA,CAAAC,OAAA;AACA,IAAAS,iCAAA,GAAAT,OAAA;AACA,IAAAU,gBAAA,GAAAV,OAAA;AACA,IAAAW,uBAAA,GAAAX,OAAA;AAEA,MAAMY,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;EAAEC,GAAG,EAAE;AAA+B,CAAC,CAAC;AASrE,MAAMC,mBAAmB,GAAG,MAAOC,MAA2B,IAA4B;EAC/F,MAAM;IAAEC,OAAO;IAAEC,QAAQ;IAAEC,YAAY;IAAEC;EAAQ,CAAC,GAAGJ,MAAM;EAE3D,IAAIK,qBAAqB,CAACH,QAAQ,EAAEC,YAAY,CAAC,EAAE;IACjD,OAAOG,yBAAyB,CAACL,OAAO,EAAEC,QAAQ,EAAEC,YAAY,CAAC;EACnE;EAEA,IAAI,IAAAI,8CAAsB,EAACL,QAAQ,EAAEE,OAAO,CAAC,6CAA6C,CAAC,EAAE;IAC3F,OAAOI,oBAAY,CAACC,IAAI,CAAC,CAAC;EAC5B;EAEA,MAAMC,WAAW,GAAG,MAAMC,kBAAkB,CAACV,OAAO,CAAC;EACrD,IAAI,CAACS,WAAW,EAAE;IAChB,OAAO,IAAAE,gCAAe,EAACV,QAAQ,EAAEC,YAAY,CAAC;EAChD;EACA,IAAIO,WAAW,CAACN,OAAO,EAAE;IACvB,OAAOI,oBAAY,CAACC,IAAI,CAAC;MACvBL,OAAO,EAAEM,WAAW,CAACN,OAAO;MAC5BH,OAAO,EAAE;QACPG,OAAO,EAAEM,WAAW,CAACG;MACvB;IACF,CAAC,CAAC;EACJ;EACA,OAAOL,oBAAY,CAACC,IAAI,CAAC,CAAC;AAC5B,CAAC;AAACK,OAAA,CAAAf,mBAAA,GAAAA,mBAAA;AAEF,MAAMgB,mCAAmC,GAAG;AAC5C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEO,MAAMC,gBAAgB,GAAGA,CAC9BC,GAA8B,EAC9BC,cAAc,GAAG,KAAK,KACyB;EAC/C,MAAMvB,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA+B,CAAC,CAAC;EAC5E,MAAMqB,OAAO,GAAGC,gBAAa,CAACC,2BAA2B,CAACJ,GAAG,CAAC;EAC9D,IAAI,CAACC,cAAc,EAAE;IACnBvB,MAAM,CAAC2B,IAAI,CAACP,mCAAmC,CAAC;EAClD;EACA,OAAO,IAAAQ,sBAAa,EAACJ,OAAO,EAAEK,uBAAc,CAAC;AAC/C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA9CAV,OAAA,CAAAE,gBAAA,GAAAA,gBAAA;AA+CO,MAAML,kBAAkB,GAAG,MAAOM,GAA8B,IAA+C;EACpH,MAAMQ,cAAc,GAAGL,gBAAa,CAACC,2BAA2B,CAACJ,GAAG,CAAC;EACrE,IAAIS,eAAe,GAAG,MAAM,IAAAH,sBAAa,EAACE,cAAc,EAAED,uBAAc,CAAC;EACzE,IAAIE,eAAe,EAAE;IACnB/B,MAAM,CAACgC,KAAK,CAAC,sCAAsC,CAAC;IACpD,OAAO;MACLC,OAAO,EAAEF;IACX,CAAC;EACH;EAEA/B,MAAM,CAACgC,KAAK,CAAC,+DAA+D,CAAC;EAC7E,OAAO,IAAAE,kEAAgC,EAACZ,GAAG,CAAC;AAC9C,CAAC;AAACH,OAAA,CAAAH,kBAAA,GAAAA,kBAAA;AAEF,eAAemB,gCAAgCA,CAACC,IAAS,EAAuC;EAAA,IAAAC,iBAAA,EAAAC,kBAAA;EAC9F,MAAMC,WAAW,IAAAF,iBAAA,GAAGD,IAAI,CAACG,WAAW,YAAAF,iBAAA,GAAID,IAAI,CAACI,YAAY;EACzD,MAAMC,YAAY,IAAAH,kBAAA,GAAGF,IAAI,CAACK,YAAY,YAAAH,kBAAA,GAAIF,IAAI,CAACM,aAAa;EAC5D,MAAM;IAAEC,OAAO,EAAEC;EAAgB,CAAC,GAAG,MAAMC,YAAU,CAACC,MAAM,CAACP,WAAW,CAAC;EACzEK,UAAU,CAACG,SAAS,GAAGC,IAAI,CAACC,KAAK,CAAC,CAACL,UAAU,CAACM,GAAG,GAAG,IAAI,GAAGC,IAAI,CAACC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC;EAE9E,MAAMC,MAAM,GAAG;IAAEd,WAAW;IAAEE;EAAa,CAAC;EAC5C,MAAMR,OAAO,GAAG,MAAMJ,uBAAc,CAACyB,UAAU,CAACD,MAAM,EAAET,UAAU,CAACM,GAAG,CAAC;EACvE,OAAO,CAACjB,OAAO,EAAEW,UAAU,EAAEH,YAAY,CAAC;AAC5C;AAEO,MAAM9B,yBAAyB,GAAG,MAAAA,CACvCW,GAA8B,EAC9Bf,QAAgB,EAChBC,YAA6B,KACH;EAAA,IAAA+C,iBAAA,EAAAC,YAAA;EAC1B,IAAI,CAAC9C,qBAAqB,CAACH,QAAQ,EAAEC,YAAY,CAAC,EAAE;IAClD,OAAOK,oBAAY,CAACC,IAAI,CAAC,CAAC;EAC5B;EAEA,MAAM2C,IAAI,IAAAF,iBAAA,GAAG/C,YAAY,CAACkD,GAAG,CAAC,MAAM,CAAC,YAAAH,iBAAA,GAAI,EAAE;EAE3C,IAAI9C,OAA+B,GAAG,CAAC,CAAC;EACxC,IAAIkD,QAA4B,GAAGC,SAAS;EAC5C,IAAI,SAAAJ,YAAA,GAAOlC,GAAG,CAACb,OAAO,qBAAX+C,YAAA,CAAaE,GAAG,MAAK,UAAU,EAAE;IAAA,IAAAG,OAAA;IAC1CC,OAAO,CAACC,GAAG,CAAC,mCAAmC,EAAEzC,GAAG,CAACb,OAAO,CAACiD,GAAG,CAAC,kBAAkB,CAAC,CAAC;IACrFI,OAAO,CAACC,GAAG,CAAC,kCAAkC,EAAEzC,GAAG,CAACb,OAAO,CAACiD,GAAG,CAAC,iBAAiB,CAAC,CAAC;IACnFC,QAAQ,GACN,IAAAK,kBAAW,EAAC1C,GAAG,CAACb,OAAO,CAACiD,GAAG,CAAC,kBAAkB,CAAC,IAAIpC,GAAG,CAACb,OAAO,CAACiD,GAAG,CAAC,iBAAiB,CAAC,CAAC,MAAAG,OAAA,GACrFvC,GAAG,CAAS2C,MAAM,qBAAnBJ,OAAA,CAAqBK,aAAa;EACtC,CAAC,MAAM,IAAI,OAAO5C,GAAG,CAACb,OAAO,KAAK,QAAQ,EAAE;IAAA,IAAA0D,QAAA;IAC1C,IAAIC,cAAmB,OAAAC,SAAA,CAAAC,OAAA,MAAQhD,GAAG,CAACb,OAAO,CAAE;IAC5CqD,OAAO,CAACC,GAAG,CAAC,kCAAkC,EAAEK,cAAc,CAAC,kBAAkB,CAAC,CAAC;IACnFN,OAAO,CAACC,GAAG,CAAC,iCAAiC,EAAEK,cAAc,CAAC,iBAAiB,CAAC,CAAC;IACjFT,QAAQ,GACN,IAAAK,kBAAW,EAACI,cAAc,CAAC,kBAAkB,CAAC,IAAIA,cAAc,CAAC,iBAAiB,CAAC,CAAC,MAAAD,QAAA,GACnF7C,GAAG,CAAS2C,MAAM,qBAAnBE,QAAA,CAAqBD,aAAa;EACtC;EAEA,IAAIP,QAAQ,IAAIY,eAAM,CAACC,eAAe,EAAE;IAAA,IAAAC,oBAAA;IACtCX,OAAO,CAACC,GAAG,CAAC,kCAAkC,EAAEW,OAAO,CAACC,GAAG,CAACC,MAAM,CAAC;IAEnEnE,OAAO,CAACoE,iCAA0B,CAAC,GAAGlB,QAAQ;IAC9ClD,OAAO,CAACqE,uCAAgC,CAAC,IAAAL,oBAAA,GAAGF,eAAM,CAACQ,YAAY,YAAAN,oBAAA,GAAI,EAAE;IACrEhE,OAAO,CAACuE,gCAAyB,CAAC,GAAGT,eAAM,CAACU,QAAQ;EACtD;EAEA,MAAMC,QAAQ,GAAG,MAAMC,YAAG,CAACC,wBAAwB,CACjD,IAAAC,0BAAmB,EAAC5E,OAAO,CAAC,EAC5BgD,IAAI,EACJc,eAAM,CAACU,QAAQ,EACfV,eAAM,CAACe,YACT,CAAC;EAED,MAAMlD,IAAI,GAAG,MAAM8C,QAAQ,CAACK,IAAI,CAAC,CAAC;EAElC,MAAM,CAACtD,OAAO,EAAEW,UAAU,EAAEH,YAAY,CAAC,GAAG,MAAMN,gCAAgC,CAACC,IAAI,CAAC;EAExF,IAAI,CAACH,OAAO,EAAE;IACZ,OAAOpB,oBAAY,CAAC2E,QAAQ,CAACjB,eAAM,CAACkB,MAAM,CAAC;EAC7C;EACA,MAAMC,SAAS,GAAGnB,eAAM,CAACoB,KAAK;EAC9B,MAAMC,WAAW,GAAGnE,gBAAa,CAACoE,MAAM,CAAC;IACvCC,KAAK,EAAE7D,OAAO;IACd8D,OAAO,EAAE,IAAI5C,IAAI,CAACP,UAAU,CAACM,GAAG,GAAG,IAAI,CAAC;IACxC8C,MAAM,EAAEN;EACV,CAAC,CAAC;EAEF,IAAIO,UAAU,GAAG,cAAc1B,eAAM,CAACU,QAAQ,CAACiB,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;EACjE,IAAI3B,eAAM,CAAC4B,oBAAoB,IAAI5B,eAAM,CAAC6B,KAAK,EAAE;IAC/CH,UAAU,GAAG,cAAc1B,eAAM,CAAC6B,KAAK,CAACF,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;EAC5D;EACA,MAAMG,aAAa,GAAG5E,gBAAa,CAACoE,MAAM,CAAC;IACzCI,UAAU;IACVH,KAAK,EAAErD,YAAY,WAAZA,YAAY,GAAI,EAAE;IACzBsD,OAAO,EAAE,IAAI5C,IAAI,CAACP,UAAU,CAACM,GAAG,GAAG,IAAI,CAAC;IACxC8C,MAAM,EAAEN;EACV,CAAC,CAAC;EACF,MAAMY,oBAAwC,GAAGV,WAAW,CAACW,GAAG,CAAEC,MAAM,IAAK,CAAC,YAAY,EAAEA,MAAM,CAAC,CAAC;EACpG,MAAMC,oBAAwC,GAAGJ,aAAa,CAACE,GAAG,CAAEC,MAAM,IAAK,CAAC,YAAY,EAAEA,MAAM,CAAC,CAAC;EAEtG,OAAO3F,oBAAY,CAAC2E,QAAQ,CAACjB,eAAM,CAACkB,MAAM,EAAE;IAC1ChF,OAAO,EAAE,CAAC,GAAG6F,oBAAoB,EAAE,GAAGG,oBAAoB;EAC5D,CAAC,CAAC;AACJ,CAAC;AAACtF,OAAA,CAAAR,yBAAA,GAAAA,yBAAA;AAEK,MAAMD,qBAAqB,GAAGA,CAACH,QAAgB,EAAEC,YAA6B,KAAc;EACjG,IAAI+D,eAAM,CAACmC,gBAAgB,EAAE;IAC3B,IAAInG,QAAQ,CAACoG,UAAU,CAAC,iBAAiB,CAAC,EAAE;MAC1C,OAAOnG,YAAY,CAACkD,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI;IACzC;EACF;EACA,OAAO,KAAK;AACd,CAAC;AAACvC,OAAA,CAAAT,qBAAA,GAAAA,qBAAA","ignoreList":[]}
|
package/index.js
CHANGED
|
@@ -24,7 +24,7 @@ const logger = _fronteggLogger.default.child({
|
|
|
24
24
|
*/
|
|
25
25
|
const ProxyRequestCallback = (proxyReq, req) => {
|
|
26
26
|
try {
|
|
27
|
-
var _req$headers$xFronte, _req$headers$xFronte2;
|
|
27
|
+
var _req$headers$xFronte, _req$headers$xFronte2, _req$url;
|
|
28
28
|
logger.info(`${req.url} | Going to proxy request`);
|
|
29
29
|
logger.debug(`${req.url} | parsing request cookies`);
|
|
30
30
|
const allCookies = _cookies.default.parseCookieHeader(req);
|
|
@@ -57,11 +57,18 @@ const ProxyRequestCallback = (proxyReq, req) => {
|
|
|
57
57
|
const clientIp = (0, _utils.getClientIp)(req.headers['cf-connecting-ip'] || req.headers['x-forwarded-for']);
|
|
58
58
|
if (clientIp && _config.default.shouldForwardIp) {
|
|
59
59
|
var _config$sharedSecret;
|
|
60
|
+
console.log('inside ProxyRequestCallback', process.env.VERCEL);
|
|
61
|
+
console.log('req.headers[cf-connecting-ip]', req.headers['cf-connecting-ip']);
|
|
62
|
+
console.log('req.headers[x-forwarded-for]', req.headers['x-forwarded-for']);
|
|
63
|
+
console.log('req.headers[x-forwarded-for]', req.headers['x-real-ip']);
|
|
60
64
|
proxyReq.setHeader(_utils.FRONTEGG_FORWARD_IP_HEADER, clientIp);
|
|
61
65
|
proxyReq.setHeader(_utils.FRONTEGG_HEADERS_VERIFIER_HEADER, (_config$sharedSecret = _config.default.sharedSecret) != null ? _config$sharedSecret : '');
|
|
62
66
|
proxyReq.setHeader(_utils.FRONTEGG_VENDOR_ID_HEADER, _config.default.clientId);
|
|
63
67
|
}
|
|
64
68
|
_constants.headersToRemove.map(header => proxyReq.removeHeader(header));
|
|
69
|
+
if ((_req$url = req.url) != null && _req$url.includes('/sso/prelogin')) {
|
|
70
|
+
proxyReq.removeHeader('cookie');
|
|
71
|
+
}
|
|
65
72
|
logger.debug(`${req.url} | check if request has body`);
|
|
66
73
|
if (req.method !== 'GET' && req.body) {
|
|
67
74
|
logger.debug(`${req.url} | writing request body to proxyReq`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ProxyRequestCallback.js","names":["_package","_interopRequireDefault","require","_sdkVersion","_config","_cookies","_fronteggLogger","_utils","_constants","logger","fronteggLogger","child","tag","ProxyRequestCallback","proxyReq","req","_req$headers$xFronte","_req$headers$xFronte2","info","url","debug","allCookies","CookieManager","parseCookieHeader","fronteggCookiesNames","Object","keys","filter","cookieName","startsWith","config","join","modifiedCookies","forEach","requestCookieName","rewriteCookieByAppId","appId","replace","clientId","setHeader","headers","NextJsPkg","version","sdkVersion","clientIp","getClientIp","shouldForwardIp","_config$sharedSecret","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","sharedSecret","FRONTEGG_VENDOR_ID_HEADER","headersToRemove","map","header","removeHeader","method","body","bodyData","JSON","stringify","Buffer","byteLength","write","e","error","_default","exports","default"],"sources":["../../../../packages/nextjs/src/middleware/ProxyRequestCallback.ts"],"sourcesContent":["import NextJsPkg from 'next/package.json';\nimport { ProxyReqCallback } from 'http-proxy';\nimport { ClientRequest } from 'http';\nimport { NextApiRequest } from 'next';\nimport sdkVersion from '../sdkVersion';\nimport config from '../config';\nimport CookieManager from '../utils/cookies';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport {\n FRONTEGG_HEADERS_VERIFIER_HEADER,\n FRONTEGG_FORWARD_IP_HEADER,\n getClientIp,\n FRONTEGG_VENDOR_ID_HEADER,\n} from '../api/utils';\nimport { headersToRemove } from './constants';\n\nconst logger = fronteggLogger.child({ tag: 'FronteggApiMiddleware.ProxyRequestCallback' });\n/**\n * Proxy request callback fired on before each request to Frontegg services,\n * to transport frontegg cookies.\n *\n * @param {ClientRequest} proxyReq - Proxy request to be sent\n * @param {NextApiRequest} req - Next.js incoming request\n */\nconst ProxyRequestCallback: ProxyReqCallback<ClientRequest, NextApiRequest> = (proxyReq, req) => {\n try {\n logger.info(`${req.url} | Going to proxy request`);\n logger.debug(`${req.url} | parsing request cookies`);\n const allCookies = CookieManager.parseCookieHeader(req);\n logger.debug(`${req.url} | found ${allCookies} cookies`);\n const fronteggCookiesNames = Object.keys(allCookies).filter((cookieName) => {\n return cookieName.startsWith('fe_') && !cookieName.startsWith(config.cookieName);\n });\n\n logger.debug(`${req.url} | proxy FronteggCookies (${fronteggCookiesNames.join(', ')})`);\n let modifiedCookies = ``;\n\n fronteggCookiesNames.forEach((requestCookieName: string) => {\n let cookieName = requestCookieName;\n if (config.rewriteCookieByAppId && config.appId) {\n cookieName = requestCookieName\n .replace(config.appId, config.clientId)\n .replace(config.appId.replace(/-/g, ''), config.clientId.replace(/-/g, ''))\n .replace(config.appId.replace('-', ''), config.clientId.replace('-', ''));\n\n logger.debug(`cookieName ${requestCookieName} replaced with appId ${cookieName}`);\n }\n\n logger.debug(`PROXY_ADDING_COOKIE ${cookieName}, ${allCookies[requestCookieName]}`);\n modifiedCookies += `${cookieName}=${allCookies[requestCookieName]}; `;\n });\n proxyReq.setHeader('cookie', modifiedCookies);\n\n proxyReq.setHeader('x-frontegg-framework', req.headers['x-frontegg-framework'] ?? `next@${NextJsPkg.version}`);\n proxyReq.setHeader('x-frontegg-sdk', req.headers['x-frontegg-sdk'] ?? `@frontegg/nextjs@${sdkVersion.version}`);\n proxyReq.setHeader('x-frontegg-middleware', 'true');\n\n /**\n * Request uncompressed responses to avoid handling compression in middleware.\n * This ensures consistent behavior across different environments and simplifies response processing.\n * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Encoding\n */\n proxyReq.setHeader('Accept-Encoding', 'identity');\n\n const clientIp = getClientIp(req.headers['cf-connecting-ip'] || req.headers['x-forwarded-for']);\n\n if (clientIp && config.shouldForwardIp) {\n proxyReq.setHeader(FRONTEGG_FORWARD_IP_HEADER, clientIp);\n proxyReq.setHeader(FRONTEGG_HEADERS_VERIFIER_HEADER, config.sharedSecret ?? '');\n proxyReq.setHeader(FRONTEGG_VENDOR_ID_HEADER, config.clientId);\n }\n\n headersToRemove.map((header) => proxyReq.removeHeader(header));\n\n logger.debug(`${req.url} | check if request has body`);\n if (req.method !== 'GET' && req.body) {\n logger.debug(`${req.url} | writing request body to proxyReq`);\n const bodyData = JSON.stringify(req.body);\n // in case if content-type is application/x-www-form-urlencoded -> we need to change to application/json\n proxyReq.setHeader('Content-Type', 'application/json');\n proxyReq.setHeader('Content-Length', Buffer.byteLength(bodyData));\n // stream the content\n proxyReq.write(bodyData);\n }\n } catch (e) {\n logger.error(`${req.url} | Failed to proxy request`, e);\n }\n};\n\nexport default ProxyRequestCallback;\n"],"mappings":";;;;;;;AAAA,IAAAA,QAAA,GAAAC,sBAAA,CAAAC,OAAA;AAIA,IAAAC,WAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,OAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,QAAA,GAAAJ,sBAAA,CAAAC,OAAA;AACA,IAAAI,eAAA,GAAAL,sBAAA,CAAAC,OAAA;AACA,IAAAK,MAAA,GAAAL,OAAA;AAMA,IAAAM,UAAA,GAAAN,OAAA;AAEA,MAAMO,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;EAAEC,GAAG,EAAE;AAA6C,CAAC,CAAC;AAC1F;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,oBAAqE,GAAGA,CAACC,QAAQ,EAAEC,GAAG,KAAK;EAC/F,IAAI;IAAA,IAAAC,oBAAA,EAAAC,qBAAA;
|
|
1
|
+
{"version":3,"file":"ProxyRequestCallback.js","names":["_package","_interopRequireDefault","require","_sdkVersion","_config","_cookies","_fronteggLogger","_utils","_constants","logger","fronteggLogger","child","tag","ProxyRequestCallback","proxyReq","req","_req$headers$xFronte","_req$headers$xFronte2","_req$url","info","url","debug","allCookies","CookieManager","parseCookieHeader","fronteggCookiesNames","Object","keys","filter","cookieName","startsWith","config","join","modifiedCookies","forEach","requestCookieName","rewriteCookieByAppId","appId","replace","clientId","setHeader","headers","NextJsPkg","version","sdkVersion","clientIp","getClientIp","shouldForwardIp","_config$sharedSecret","console","log","process","env","VERCEL","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","sharedSecret","FRONTEGG_VENDOR_ID_HEADER","headersToRemove","map","header","removeHeader","includes","method","body","bodyData","JSON","stringify","Buffer","byteLength","write","e","error","_default","exports","default"],"sources":["../../../../packages/nextjs/src/middleware/ProxyRequestCallback.ts"],"sourcesContent":["import NextJsPkg from 'next/package.json';\nimport { ProxyReqCallback } from 'http-proxy';\nimport { ClientRequest } from 'http';\nimport { NextApiRequest } from 'next';\nimport sdkVersion from '../sdkVersion';\nimport config from '../config';\nimport CookieManager from '../utils/cookies';\nimport fronteggLogger from '../utils/fronteggLogger';\nimport {\n FRONTEGG_HEADERS_VERIFIER_HEADER,\n FRONTEGG_FORWARD_IP_HEADER,\n getClientIp,\n FRONTEGG_VENDOR_ID_HEADER,\n} from '../api/utils';\nimport { headersToRemove } from './constants';\n\nconst logger = fronteggLogger.child({ tag: 'FronteggApiMiddleware.ProxyRequestCallback' });\n/**\n * Proxy request callback fired on before each request to Frontegg services,\n * to transport frontegg cookies.\n *\n * @param {ClientRequest} proxyReq - Proxy request to be sent\n * @param {NextApiRequest} req - Next.js incoming request\n */\nconst ProxyRequestCallback: ProxyReqCallback<ClientRequest, NextApiRequest> = (proxyReq, req) => {\n try {\n logger.info(`${req.url} | Going to proxy request`);\n logger.debug(`${req.url} | parsing request cookies`);\n const allCookies = CookieManager.parseCookieHeader(req);\n logger.debug(`${req.url} | found ${allCookies} cookies`);\n const fronteggCookiesNames = Object.keys(allCookies).filter((cookieName) => {\n return cookieName.startsWith('fe_') && !cookieName.startsWith(config.cookieName);\n });\n\n logger.debug(`${req.url} | proxy FronteggCookies (${fronteggCookiesNames.join(', ')})`);\n let modifiedCookies = ``;\n\n fronteggCookiesNames.forEach((requestCookieName: string) => {\n let cookieName = requestCookieName;\n if (config.rewriteCookieByAppId && config.appId) {\n cookieName = requestCookieName\n .replace(config.appId, config.clientId)\n .replace(config.appId.replace(/-/g, ''), config.clientId.replace(/-/g, ''))\n .replace(config.appId.replace('-', ''), config.clientId.replace('-', ''));\n\n logger.debug(`cookieName ${requestCookieName} replaced with appId ${cookieName}`);\n }\n\n logger.debug(`PROXY_ADDING_COOKIE ${cookieName}, ${allCookies[requestCookieName]}`);\n modifiedCookies += `${cookieName}=${allCookies[requestCookieName]}; `;\n });\n proxyReq.setHeader('cookie', modifiedCookies);\n\n proxyReq.setHeader('x-frontegg-framework', req.headers['x-frontegg-framework'] ?? `next@${NextJsPkg.version}`);\n proxyReq.setHeader('x-frontegg-sdk', req.headers['x-frontegg-sdk'] ?? `@frontegg/nextjs@${sdkVersion.version}`);\n proxyReq.setHeader('x-frontegg-middleware', 'true');\n\n /**\n * Request uncompressed responses to avoid handling compression in middleware.\n * This ensures consistent behavior across different environments and simplifies response processing.\n * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Encoding\n */\n proxyReq.setHeader('Accept-Encoding', 'identity');\n\n const clientIp = getClientIp(req.headers['cf-connecting-ip'] || req.headers['x-forwarded-for']);\n\n if (clientIp && config.shouldForwardIp) {\n console.log('inside ProxyRequestCallback', process.env.VERCEL);\n console.log('req.headers[cf-connecting-ip]', req.headers['cf-connecting-ip']);\n console.log('req.headers[x-forwarded-for]', req.headers['x-forwarded-for']);\n console.log('req.headers[x-forwarded-for]', req.headers['x-real-ip']);\n proxyReq.setHeader(FRONTEGG_FORWARD_IP_HEADER, clientIp);\n proxyReq.setHeader(FRONTEGG_HEADERS_VERIFIER_HEADER, config.sharedSecret ?? '');\n proxyReq.setHeader(FRONTEGG_VENDOR_ID_HEADER, config.clientId);\n }\n\n headersToRemove.map((header) => proxyReq.removeHeader(header));\n\n if (req.url?.includes('/sso/prelogin')) {\n proxyReq.removeHeader('cookie');\n }\n\n logger.debug(`${req.url} | check if request has body`);\n if (req.method !== 'GET' && req.body) {\n logger.debug(`${req.url} | writing request body to proxyReq`);\n const bodyData = JSON.stringify(req.body);\n // in case if content-type is application/x-www-form-urlencoded -> we need to change to application/json\n proxyReq.setHeader('Content-Type', 'application/json');\n proxyReq.setHeader('Content-Length', Buffer.byteLength(bodyData));\n // stream the content\n proxyReq.write(bodyData);\n }\n } catch (e) {\n logger.error(`${req.url} | Failed to proxy request`, e);\n }\n};\n\nexport default ProxyRequestCallback;\n"],"mappings":";;;;;;;AAAA,IAAAA,QAAA,GAAAC,sBAAA,CAAAC,OAAA;AAIA,IAAAC,WAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,OAAA,GAAAH,sBAAA,CAAAC,OAAA;AACA,IAAAG,QAAA,GAAAJ,sBAAA,CAAAC,OAAA;AACA,IAAAI,eAAA,GAAAL,sBAAA,CAAAC,OAAA;AACA,IAAAK,MAAA,GAAAL,OAAA;AAMA,IAAAM,UAAA,GAAAN,OAAA;AAEA,MAAMO,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;EAAEC,GAAG,EAAE;AAA6C,CAAC,CAAC;AAC1F;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,oBAAqE,GAAGA,CAACC,QAAQ,EAAEC,GAAG,KAAK;EAC/F,IAAI;IAAA,IAAAC,oBAAA,EAAAC,qBAAA,EAAAC,QAAA;IACFT,MAAM,CAACU,IAAI,CAAC,GAAGJ,GAAG,CAACK,GAAG,2BAA2B,CAAC;IAClDX,MAAM,CAACY,KAAK,CAAC,GAAGN,GAAG,CAACK,GAAG,4BAA4B,CAAC;IACpD,MAAME,UAAU,GAAGC,gBAAa,CAACC,iBAAiB,CAACT,GAAG,CAAC;IACvDN,MAAM,CAACY,KAAK,CAAC,GAAGN,GAAG,CAACK,GAAG,YAAYE,UAAU,UAAU,CAAC;IACxD,MAAMG,oBAAoB,GAAGC,MAAM,CAACC,IAAI,CAACL,UAAU,CAAC,CAACM,MAAM,CAAEC,UAAU,IAAK;MAC1E,OAAOA,UAAU,CAACC,UAAU,CAAC,KAAK,CAAC,IAAI,CAACD,UAAU,CAACC,UAAU,CAACC,eAAM,CAACF,UAAU,CAAC;IAClF,CAAC,CAAC;IAEFpB,MAAM,CAACY,KAAK,CAAC,GAAGN,GAAG,CAACK,GAAG,6BAA6BK,oBAAoB,CAACO,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;IACvF,IAAIC,eAAe,GAAG,EAAE;IAExBR,oBAAoB,CAACS,OAAO,CAAEC,iBAAyB,IAAK;MAC1D,IAAIN,UAAU,GAAGM,iBAAiB;MAClC,IAAIJ,eAAM,CAACK,oBAAoB,IAAIL,eAAM,CAACM,KAAK,EAAE;QAC/CR,UAAU,GAAGM,iBAAiB,CAC3BG,OAAO,CAACP,eAAM,CAACM,KAAK,EAAEN,eAAM,CAACQ,QAAQ,CAAC,CACtCD,OAAO,CAACP,eAAM,CAACM,KAAK,CAACC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,EAAEP,eAAM,CAACQ,QAAQ,CAACD,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAC1EA,OAAO,CAACP,eAAM,CAACM,KAAK,CAACC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,EAAEP,eAAM,CAACQ,QAAQ,CAACD,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAE3E7B,MAAM,CAACY,KAAK,CAAC,cAAcc,iBAAiB,wBAAwBN,UAAU,EAAE,CAAC;MACnF;MAEApB,MAAM,CAACY,KAAK,CAAC,uBAAuBQ,UAAU,KAAKP,UAAU,CAACa,iBAAiB,CAAC,EAAE,CAAC;MACnFF,eAAe,IAAI,GAAGJ,UAAU,IAAIP,UAAU,CAACa,iBAAiB,CAAC,IAAI;IACvE,CAAC,CAAC;IACFrB,QAAQ,CAAC0B,SAAS,CAAC,QAAQ,EAAEP,eAAe,CAAC;IAE7CnB,QAAQ,CAAC0B,SAAS,CAAC,sBAAsB,GAAAxB,oBAAA,GAAED,GAAG,CAAC0B,OAAO,CAAC,sBAAsB,CAAC,YAAAzB,oBAAA,GAAI,QAAQ0B,gBAAS,CAACC,OAAO,EAAE,CAAC;IAC9G7B,QAAQ,CAAC0B,SAAS,CAAC,gBAAgB,GAAAvB,qBAAA,GAAEF,GAAG,CAAC0B,OAAO,CAAC,gBAAgB,CAAC,YAAAxB,qBAAA,GAAI,oBAAoB2B,mBAAU,CAACD,OAAO,EAAE,CAAC;IAC/G7B,QAAQ,CAAC0B,SAAS,CAAC,uBAAuB,EAAE,MAAM,CAAC;;IAEnD;AACJ;AACA;AACA;AACA;IACI1B,QAAQ,CAAC0B,SAAS,CAAC,iBAAiB,EAAE,UAAU,CAAC;IAEjD,MAAMK,QAAQ,GAAG,IAAAC,kBAAW,EAAC/B,GAAG,CAAC0B,OAAO,CAAC,kBAAkB,CAAC,IAAI1B,GAAG,CAAC0B,OAAO,CAAC,iBAAiB,CAAC,CAAC;IAE/F,IAAII,QAAQ,IAAId,eAAM,CAACgB,eAAe,EAAE;MAAA,IAAAC,oBAAA;MACtCC,OAAO,CAACC,GAAG,CAAC,6BAA6B,EAAEC,OAAO,CAACC,GAAG,CAACC,MAAM,CAAC;MAC9DJ,OAAO,CAACC,GAAG,CAAC,+BAA+B,EAAEnC,GAAG,CAAC0B,OAAO,CAAC,kBAAkB,CAAC,CAAC;MAC7EQ,OAAO,CAACC,GAAG,CAAC,8BAA8B,EAAEnC,GAAG,CAAC0B,OAAO,CAAC,iBAAiB,CAAC,CAAC;MAC3EQ,OAAO,CAACC,GAAG,CAAC,8BAA8B,EAAEnC,GAAG,CAAC0B,OAAO,CAAC,WAAW,CAAC,CAAC;MACrE3B,QAAQ,CAAC0B,SAAS,CAACc,iCAA0B,EAAET,QAAQ,CAAC;MACxD/B,QAAQ,CAAC0B,SAAS,CAACe,uCAAgC,GAAAP,oBAAA,GAAEjB,eAAM,CAACyB,YAAY,YAAAR,oBAAA,GAAI,EAAE,CAAC;MAC/ElC,QAAQ,CAAC0B,SAAS,CAACiB,gCAAyB,EAAE1B,eAAM,CAACQ,QAAQ,CAAC;IAChE;IAEAmB,0BAAe,CAACC,GAAG,CAAEC,MAAM,IAAK9C,QAAQ,CAAC+C,YAAY,CAACD,MAAM,CAAC,CAAC;IAE9D,KAAA1C,QAAA,GAAIH,GAAG,CAACK,GAAG,aAAPF,QAAA,CAAS4C,QAAQ,CAAC,eAAe,CAAC,EAAE;MACtChD,QAAQ,CAAC+C,YAAY,CAAC,QAAQ,CAAC;IACjC;IAEApD,MAAM,CAACY,KAAK,CAAC,GAAGN,GAAG,CAACK,GAAG,8BAA8B,CAAC;IACtD,IAAIL,GAAG,CAACgD,MAAM,KAAK,KAAK,IAAIhD,GAAG,CAACiD,IAAI,EAAE;MACpCvD,MAAM,CAACY,KAAK,CAAC,GAAGN,GAAG,CAACK,GAAG,qCAAqC,CAAC;MAC7D,MAAM6C,QAAQ,GAAGC,IAAI,CAACC,SAAS,CAACpD,GAAG,CAACiD,IAAI,CAAC;MACzC;MACAlD,QAAQ,CAAC0B,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC;MACtD1B,QAAQ,CAAC0B,SAAS,CAAC,gBAAgB,EAAE4B,MAAM,CAACC,UAAU,CAACJ,QAAQ,CAAC,CAAC;MACjE;MACAnD,QAAQ,CAACwD,KAAK,CAACL,QAAQ,CAAC;IAC1B;EACF,CAAC,CAAC,OAAOM,CAAC,EAAE;IACV9D,MAAM,CAAC+D,KAAK,CAAC,GAAGzD,GAAG,CAACK,GAAG,4BAA4B,EAAEmD,CAAC,CAAC;EACzD;AACF,CAAC;AAAC,IAAAE,QAAA,GAAAC,OAAA,CAAAC,OAAA,GAEa9D,oBAAoB","ignoreList":[]}
|
package/package.json
CHANGED
package/sdkVersion.js
CHANGED
package/sdkVersion.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sdkVersion.js","names":["version"],"sources":["../../../packages/nextjs/src/sdkVersion.ts"],"sourcesContent":["export default { version: '9.2.
|
|
1
|
+
{"version":3,"file":"sdkVersion.js","names":["version"],"sources":["../../../packages/nextjs/src/sdkVersion.ts"],"sourcesContent":["export default { version: '9.2.8-alpha.15876559484' };\n"],"mappings":";;;;;;iCAAe;EAAEA,OAAO,EAAE;AAA0B,CAAC","ignoreList":[]}
|
|
@@ -37,6 +37,11 @@ async function fetchUserData(options) {
|
|
|
37
37
|
headers[_utils.FRONTEGG_APPLICATION_ID_HEADER] = _config.default.appId;
|
|
38
38
|
}
|
|
39
39
|
if (_config.default.shouldForwardIp) {
|
|
40
|
+
console.log('inside fetchUserData', process.env.VERCEL);
|
|
41
|
+
console.log('reqHeaders[cf-connecting-ip]', reqHeaders['cf-connecting-ip']);
|
|
42
|
+
console.log('reqHeaders[x-vercel-proxied-for]', reqHeaders['x-vercel-proxied-for']);
|
|
43
|
+
console.log('reqHeaders[x-real-ip]', reqHeaders['x-real-ip']);
|
|
44
|
+
console.log('reqHeaders[x-forwarded-for]', reqHeaders['x-forwarded-for']);
|
|
40
45
|
logger.debug('Retrieving forwarded IP...');
|
|
41
46
|
const clientIp = (0, _utils.getClientIp)(reqHeaders['cf-connecting-ip'] || reqHeaders['x-vercel-proxied-for'] || reqHeaders['x-real-ip'] || reqHeaders['x-forwarded-for']);
|
|
42
47
|
if (clientIp) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":["_api","require","_common","_fronteggLogger","_interopRequireDefault","_config","_utils","FULFILLED_STATUS","fetchUserData","options","getSession","getHeaders","logger","fronteggLogger","child","tag","session","info","accessToken","reqHeaders","headers","_extends2","default","authorization","config","appId","FRONTEGG_APPLICATION_ID_HEADER","shouldForwardIp","debug","clientIp","getClientIp","FRONTEGG_FORWARD_IP_HEADER","baseUserResult","tenantsResult","entitlementsResult","meAuthorizationResult","Promise","allSettled","getMe","getTenants","getEntitlements","getMeAuthorization","status","baseUser","value","tenantsResponse","meAuthorizationResponse","entitlementsResponse","undefined","user","entitlements","expiresIn","calculateExpiresInFromExp","exp","tenants","activeTenant","e"],"sources":["../../../../../packages/nextjs/src/utils/fetchUserData/index.ts"],"sourcesContent":["import { AllUserData, FronteggNextJSSession } from '../../types';\nimport { getTenants, getMe, getMeAuthorization, getEntitlements } from '../../api';\nimport { calculateExpiresInFromExp } from '../common';\nimport fronteggLogger from '../fronteggLogger';\nimport config from '../../config';\nimport { FRONTEGG_APPLICATION_ID_HEADER, FRONTEGG_FORWARD_IP_HEADER, getClientIp } from '../../api/utils';\n\nconst FULFILLED_STATUS = 'fulfilled';\n\ntype FetchUserDataOptions = {\n getSession: () => Promise<FronteggNextJSSession | undefined | null>;\n getHeaders: () => Promise<Record<string, string | string[] | undefined>>;\n};\n\nexport default async function fetchUserData(options: FetchUserDataOptions): Promise<AllUserData> {\n const { getSession, getHeaders } = options;\n\n const logger = fronteggLogger.child({ tag: 'fetchUserData.getAllUserData' });\n try {\n const session = await getSession();\n if (!session) {\n logger.info('No session found');\n return {};\n }\n\n const { accessToken } = session;\n const reqHeaders = await getHeaders();\n const headers: Record<string, string> = { ...reqHeaders, authorization: `Bearer ${accessToken}` };\n\n if (config.appId) {\n headers[FRONTEGG_APPLICATION_ID_HEADER] = config.appId;\n }\n\n if (config.shouldForwardIp) {\n logger.debug('Retrieving forwarded IP...');\n const clientIp = getClientIp(\n reqHeaders['cf-connecting-ip'] ||\n reqHeaders['x-vercel-proxied-for'] ||\n reqHeaders['x-real-ip'] ||\n reqHeaders['x-forwarded-for']\n );\n\n if (clientIp) {\n headers[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n }\n }\n\n logger.debug('Retrieving user data...');\n const [baseUserResult, tenantsResult, entitlementsResult, meAuthorizationResult] = await Promise.allSettled([\n getMe(headers),\n getTenants(headers),\n getEntitlements(headers),\n getMeAuthorization(headers),\n ]);\n\n logger.debug(\n 'Retrieved user data:',\n 'baseUserResult: ',\n baseUserResult.status,\n 'tenantsResult:',\n tenantsResult.status,\n 'entitlements:',\n entitlementsResult.status\n );\n\n const baseUser = baseUserResult.status === FULFILLED_STATUS ? baseUserResult.value : null;\n const tenantsResponse = tenantsResult.status === FULFILLED_STATUS ? tenantsResult.value : null;\n const meAuthorizationResponse =\n meAuthorizationResult.status === FULFILLED_STATUS ? meAuthorizationResult.value : null;\n const entitlementsResponse = entitlementsResult.status === FULFILLED_STATUS ? entitlementsResult.value : undefined;\n\n if (!baseUser || !tenantsResponse) {\n logger.info('No base user or tenants found');\n return {};\n }\n\n const user = {\n ...session.user,\n ...baseUser!,\n ...meAuthorizationResponse,\n entitlements: entitlementsResponse,\n expiresIn: calculateExpiresInFromExp(session.user.exp),\n };\n\n logger.info('Retrieved all user data successfully');\n\n const { tenants, activeTenant } = tenantsResponse;\n return { user, session, tenants, activeTenant };\n } catch (e: any) {\n // logger.error(e.message, e);\n return {};\n }\n}\n"],"mappings":";;;;;;;;AACA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,eAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,OAAA,GAAAD,sBAAA,CAAAH,OAAA;AACA,IAAAK,MAAA,GAAAL,OAAA;AAEA,MAAMM,gBAAgB,GAAG,WAAW;AAOrB,eAAeC,aAAaA,CAACC,OAA6B,EAAwB;EAC/F,MAAM;IAAEC,UAAU;IAAEC;EAAW,CAAC,GAAGF,OAAO;EAE1C,MAAMG,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA+B,CAAC,CAAC;EAC5E,IAAI;IACF,MAAMC,OAAO,GAAG,MAAMN,UAAU,CAAC,CAAC;IAClC,IAAI,CAACM,OAAO,EAAE;MACZJ,MAAM,CAACK,IAAI,CAAC,kBAAkB,CAAC;MAC/B,OAAO,CAAC,CAAC;IACX;IAEA,MAAM;MAAEC;IAAY,CAAC,GAAGF,OAAO;IAC/B,MAAMG,UAAU,GAAG,MAAMR,UAAU,CAAC,CAAC;IACrC,MAAMS,OAA+B,OAAAC,SAAA,CAAAC,OAAA,MAAQH,UAAU;MAAEI,aAAa,EAAE,UAAUL,WAAW;IAAE,EAAE;IAEjG,IAAIM,eAAM,CAACC,KAAK,EAAE;MAChBL,OAAO,CAACM,qCAA8B,CAAC,GAAGF,eAAM,CAACC,KAAK;IACxD;IAEA,IAAID,eAAM,CAACG,eAAe,EAAE;
|
|
1
|
+
{"version":3,"file":"index.js","names":["_api","require","_common","_fronteggLogger","_interopRequireDefault","_config","_utils","FULFILLED_STATUS","fetchUserData","options","getSession","getHeaders","logger","fronteggLogger","child","tag","session","info","accessToken","reqHeaders","headers","_extends2","default","authorization","config","appId","FRONTEGG_APPLICATION_ID_HEADER","shouldForwardIp","console","log","process","env","VERCEL","debug","clientIp","getClientIp","FRONTEGG_FORWARD_IP_HEADER","baseUserResult","tenantsResult","entitlementsResult","meAuthorizationResult","Promise","allSettled","getMe","getTenants","getEntitlements","getMeAuthorization","status","baseUser","value","tenantsResponse","meAuthorizationResponse","entitlementsResponse","undefined","user","entitlements","expiresIn","calculateExpiresInFromExp","exp","tenants","activeTenant","e"],"sources":["../../../../../packages/nextjs/src/utils/fetchUserData/index.ts"],"sourcesContent":["import { AllUserData, FronteggNextJSSession } from '../../types';\nimport { getTenants, getMe, getMeAuthorization, getEntitlements } from '../../api';\nimport { calculateExpiresInFromExp } from '../common';\nimport fronteggLogger from '../fronteggLogger';\nimport config from '../../config';\nimport { FRONTEGG_APPLICATION_ID_HEADER, FRONTEGG_FORWARD_IP_HEADER, getClientIp } from '../../api/utils';\n\nconst FULFILLED_STATUS = 'fulfilled';\n\ntype FetchUserDataOptions = {\n getSession: () => Promise<FronteggNextJSSession | undefined | null>;\n getHeaders: () => Promise<Record<string, string | string[] | undefined>>;\n};\n\nexport default async function fetchUserData(options: FetchUserDataOptions): Promise<AllUserData> {\n const { getSession, getHeaders } = options;\n\n const logger = fronteggLogger.child({ tag: 'fetchUserData.getAllUserData' });\n try {\n const session = await getSession();\n if (!session) {\n logger.info('No session found');\n return {};\n }\n\n const { accessToken } = session;\n const reqHeaders = await getHeaders();\n const headers: Record<string, string> = { ...reqHeaders, authorization: `Bearer ${accessToken}` };\n\n if (config.appId) {\n headers[FRONTEGG_APPLICATION_ID_HEADER] = config.appId;\n }\n\n if (config.shouldForwardIp) {\n console.log('inside fetchUserData', process.env.VERCEL);\n console.log('reqHeaders[cf-connecting-ip]', reqHeaders['cf-connecting-ip']);\n console.log('reqHeaders[x-vercel-proxied-for]', reqHeaders['x-vercel-proxied-for']);\n console.log('reqHeaders[x-real-ip]', reqHeaders['x-real-ip']);\n console.log('reqHeaders[x-forwarded-for]', reqHeaders['x-forwarded-for']);\n logger.debug('Retrieving forwarded IP...');\n const clientIp = getClientIp(\n reqHeaders['cf-connecting-ip'] ||\n reqHeaders['x-vercel-proxied-for'] ||\n reqHeaders['x-real-ip'] ||\n reqHeaders['x-forwarded-for']\n );\n\n if (clientIp) {\n headers[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n }\n }\n\n logger.debug('Retrieving user data...');\n const [baseUserResult, tenantsResult, entitlementsResult, meAuthorizationResult] = await Promise.allSettled([\n getMe(headers),\n getTenants(headers),\n getEntitlements(headers),\n getMeAuthorization(headers),\n ]);\n\n logger.debug(\n 'Retrieved user data:',\n 'baseUserResult: ',\n baseUserResult.status,\n 'tenantsResult:',\n tenantsResult.status,\n 'entitlements:',\n entitlementsResult.status\n );\n\n const baseUser = baseUserResult.status === FULFILLED_STATUS ? baseUserResult.value : null;\n const tenantsResponse = tenantsResult.status === FULFILLED_STATUS ? tenantsResult.value : null;\n const meAuthorizationResponse =\n meAuthorizationResult.status === FULFILLED_STATUS ? meAuthorizationResult.value : null;\n const entitlementsResponse = entitlementsResult.status === FULFILLED_STATUS ? entitlementsResult.value : undefined;\n\n if (!baseUser || !tenantsResponse) {\n logger.info('No base user or tenants found');\n return {};\n }\n\n const user = {\n ...session.user,\n ...baseUser!,\n ...meAuthorizationResponse,\n entitlements: entitlementsResponse,\n expiresIn: calculateExpiresInFromExp(session.user.exp),\n };\n\n logger.info('Retrieved all user data successfully');\n\n const { tenants, activeTenant } = tenantsResponse;\n return { user, session, tenants, activeTenant };\n } catch (e: any) {\n // logger.error(e.message, e);\n return {};\n }\n}\n"],"mappings":";;;;;;;;AACA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,eAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,OAAA,GAAAD,sBAAA,CAAAH,OAAA;AACA,IAAAK,MAAA,GAAAL,OAAA;AAEA,MAAMM,gBAAgB,GAAG,WAAW;AAOrB,eAAeC,aAAaA,CAACC,OAA6B,EAAwB;EAC/F,MAAM;IAAEC,UAAU;IAAEC;EAAW,CAAC,GAAGF,OAAO;EAE1C,MAAMG,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA+B,CAAC,CAAC;EAC5E,IAAI;IACF,MAAMC,OAAO,GAAG,MAAMN,UAAU,CAAC,CAAC;IAClC,IAAI,CAACM,OAAO,EAAE;MACZJ,MAAM,CAACK,IAAI,CAAC,kBAAkB,CAAC;MAC/B,OAAO,CAAC,CAAC;IACX;IAEA,MAAM;MAAEC;IAAY,CAAC,GAAGF,OAAO;IAC/B,MAAMG,UAAU,GAAG,MAAMR,UAAU,CAAC,CAAC;IACrC,MAAMS,OAA+B,OAAAC,SAAA,CAAAC,OAAA,MAAQH,UAAU;MAAEI,aAAa,EAAE,UAAUL,WAAW;IAAE,EAAE;IAEjG,IAAIM,eAAM,CAACC,KAAK,EAAE;MAChBL,OAAO,CAACM,qCAA8B,CAAC,GAAGF,eAAM,CAACC,KAAK;IACxD;IAEA,IAAID,eAAM,CAACG,eAAe,EAAE;MAC1BC,OAAO,CAACC,GAAG,CAAC,sBAAsB,EAAEC,OAAO,CAACC,GAAG,CAACC,MAAM,CAAC;MACvDJ,OAAO,CAACC,GAAG,CAAC,8BAA8B,EAAEV,UAAU,CAAC,kBAAkB,CAAC,CAAC;MAC3ES,OAAO,CAACC,GAAG,CAAC,kCAAkC,EAAEV,UAAU,CAAC,sBAAsB,CAAC,CAAC;MACnFS,OAAO,CAACC,GAAG,CAAC,uBAAuB,EAAEV,UAAU,CAAC,WAAW,CAAC,CAAC;MAC7DS,OAAO,CAACC,GAAG,CAAC,6BAA6B,EAAEV,UAAU,CAAC,iBAAiB,CAAC,CAAC;MACzEP,MAAM,CAACqB,KAAK,CAAC,4BAA4B,CAAC;MAC1C,MAAMC,QAAQ,GAAG,IAAAC,kBAAW,EAC1BhB,UAAU,CAAC,kBAAkB,CAAC,IAC5BA,UAAU,CAAC,sBAAsB,CAAC,IAClCA,UAAU,CAAC,WAAW,CAAC,IACvBA,UAAU,CAAC,iBAAiB,CAChC,CAAC;MAED,IAAIe,QAAQ,EAAE;QACZd,OAAO,CAACgB,iCAA0B,CAAC,GAAGF,QAAQ;MAChD;IACF;IAEAtB,MAAM,CAACqB,KAAK,CAAC,yBAAyB,CAAC;IACvC,MAAM,CAACI,cAAc,EAAEC,aAAa,EAAEC,kBAAkB,EAAEC,qBAAqB,CAAC,GAAG,MAAMC,OAAO,CAACC,UAAU,CAAC,CAC1G,IAAAC,UAAK,EAACvB,OAAO,CAAC,EACd,IAAAwB,eAAU,EAACxB,OAAO,CAAC,EACnB,IAAAyB,oBAAe,EAACzB,OAAO,CAAC,EACxB,IAAA0B,uBAAkB,EAAC1B,OAAO,CAAC,CAC5B,CAAC;IAEFR,MAAM,CAACqB,KAAK,CACV,sBAAsB,EACtB,kBAAkB,EAClBI,cAAc,CAACU,MAAM,EACrB,gBAAgB,EAChBT,aAAa,CAACS,MAAM,EACpB,eAAe,EACfR,kBAAkB,CAACQ,MACrB,CAAC;IAED,MAAMC,QAAQ,GAAGX,cAAc,CAACU,MAAM,KAAKxC,gBAAgB,GAAG8B,cAAc,CAACY,KAAK,GAAG,IAAI;IACzF,MAAMC,eAAe,GAAGZ,aAAa,CAACS,MAAM,KAAKxC,gBAAgB,GAAG+B,aAAa,CAACW,KAAK,GAAG,IAAI;IAC9F,MAAME,uBAAuB,GAC3BX,qBAAqB,CAACO,MAAM,KAAKxC,gBAAgB,GAAGiC,qBAAqB,CAACS,KAAK,GAAG,IAAI;IACxF,MAAMG,oBAAoB,GAAGb,kBAAkB,CAACQ,MAAM,KAAKxC,gBAAgB,GAAGgC,kBAAkB,CAACU,KAAK,GAAGI,SAAS;IAElH,IAAI,CAACL,QAAQ,IAAI,CAACE,eAAe,EAAE;MACjCtC,MAAM,CAACK,IAAI,CAAC,+BAA+B,CAAC;MAC5C,OAAO,CAAC,CAAC;IACX;IAEA,MAAMqC,IAAI,OAAAjC,SAAA,CAAAC,OAAA,MACLN,OAAO,CAACsC,IAAI,EACZN,QAAQ,EACRG,uBAAuB;MAC1BI,YAAY,EAAEH,oBAAoB;MAClCI,SAAS,EAAE,IAAAC,iCAAyB,EAACzC,OAAO,CAACsC,IAAI,CAACI,GAAG;IAAC,EACvD;IAED9C,MAAM,CAACK,IAAI,CAAC,sCAAsC,CAAC;IAEnD,MAAM;MAAE0C,OAAO;MAAEC;IAAa,CAAC,GAAGV,eAAe;IACjD,OAAO;MAAEI,IAAI;MAAEtC,OAAO;MAAE2C,OAAO;MAAEC;IAAa,CAAC;EACjD,CAAC,CAAC,OAAOC,CAAM,EAAE;IACf;IACA,OAAO,CAAC,CAAC;EACX;AACF","ignoreList":[]}
|
|
@@ -78,6 +78,9 @@ async function refreshAccessTokenIfNeeded(ctx) {
|
|
|
78
78
|
const clientIp = (0, _utils.getClientIp)(nextJsRequest.headers['cf-connecting-ip'] || nextJsRequest.headers['x-forwarded-for']) || ((_nextJsRequest$socket = nextJsRequest.socket) == null ? void 0 : _nextJsRequest$socket.remoteAddress);
|
|
79
79
|
if (clientIp && _config.default.shouldForwardIp) {
|
|
80
80
|
var _config$sharedSecret;
|
|
81
|
+
console.log('inside refreshAccessTokenIfNeeded', process.env.VERCEL);
|
|
82
|
+
console.log('nextJsRequest.headers[cf-connecting-ip]', nextJsRequest.headers['cf-connecting-ip']);
|
|
83
|
+
console.log('nextJsRequest.headers[x-forwarded-for]', nextJsRequest.headers['x-forwarded-for']);
|
|
81
84
|
nextJsRequest.headers[_utils.FRONTEGG_FORWARD_IP_HEADER] = clientIp;
|
|
82
85
|
nextJsRequest.headers[_utils.FRONTEGG_HEADERS_VERIFIER_HEADER] = (_config$sharedSecret = _config.default.sharedSecret) != null ? _config$sharedSecret : '';
|
|
83
86
|
nextJsRequest.headers[_utils.FRONTEGG_VENDOR_ID_HEADER] = _config.default.clientId;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":["_common","require","_config","_interopRequireDefault","_cookies","_helpers","_fronteggLogger","_encryption","_createSession","_utils","refreshAccessTokenIfNeeded","ctx","logger","fronteggLogger","child","tag","info","pathname","nextJsRequest","req","nextJsResponse","res","url","debug","hasSetSessionCookie","getHeader","cookies","CookieManager","getSessionCookieFromRedirectedResponse","session","createSession","encryption","getForwardedSession","_nextJsRequest$socket","_ref","_ref2","_response$headers$raw","_response$headers","_response$headers$raw2","_response$headers2","_response$headers2$ge","_response$headers3","_response$headers3$ge","_CookieManager$modify","_data$accessToken","isRuntimeNextRequest","config","disableInitialPropsRefreshToken","getSessionCookieFromRequest","isHostedLogin","isOauthCallback","removeCookies","isSecured","isSSL","cookieDomain","isSamlCallback","clientIp","getClientIp","headers","socket","remoteAddress","shouldForwardIp","_config$sharedSecret","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","sharedSecret","FRONTEGG_VENDOR_ID_HEADER","clientId","response","refreshAccessTokenHostedLogin","refreshAccessTokenEmbedded","ok","data","json","cookieHeader","raw","call","getSetCookie","get","newSetCookie","modifySetCookie","decodedJwt","refreshToken","createSessionFromAccessToken","cookieValue","create","value","expires","Date","exp","secure","push","setHeader","fronteggSession","accessToken","access_token","user","saveForwardedSession","e","error"],"sources":["../../../../../packages/nextjs/src/utils/refreshAccessTokenIfNeeded/index.ts"],"sourcesContent":["import type { NextPageContext } from 'next/dist/shared/lib/utils';\nimport type { FronteggNextJSSession } from '../../types';\nimport { createSessionFromAccessToken } from '../../common';\nimport config from '../../config';\nimport CookieManager from '../cookies';\nimport {\n isOauthCallback,\n hasSetSessionCookie,\n isRuntimeNextRequest,\n isSamlCallback,\n refreshAccessTokenEmbedded,\n refreshAccessTokenHostedLogin,\n saveForwardedSession,\n getForwardedSession,\n} from './helpers';\nimport fronteggLogger from '../fronteggLogger';\nimport encryption from '../encryption';\nimport createSession from '../createSession';\nimport {\n FRONTEGG_HEADERS_VERIFIER_HEADER,\n FRONTEGG_FORWARD_IP_HEADER,\n getClientIp,\n FRONTEGG_VENDOR_ID_HEADER,\n} from '../../api/utils';\n\nexport { isRuntimeNextRequest };\n/**\n * Refreshes the access token for the current session.\n *\n * @param {NextPageContext} ctx - The Next.js Page Context object.\n * @returns {Promise<FronteggNextJSSession | null>} A Promise that resolves to the updated session object, or `null` if the refresh failed.\n */\nexport default async function refreshAccessTokenIfNeeded(ctx: NextPageContext): Promise<FronteggNextJSSession | null> {\n const logger = fronteggLogger.child({ tag: 'refreshAccessTokenIfNeeded' });\n\n logger.info(`Refreshing token by for PageContext ${ctx.pathname}`);\n const nextJsRequest = ctx.req;\n const nextJsResponse = ctx.res;\n const url = nextJsRequest?.url;\n if (!nextJsResponse || !nextJsRequest || !url) {\n logger.debug(`abandon refreshToken due to PageContext.req = null`);\n return null;\n }\n\n if (hasSetSessionCookie(nextJsResponse.getHeader('set-cookie'))) {\n const cookies = CookieManager.getSessionCookieFromRedirectedResponse(nextJsResponse);\n const session = await createSession(cookies, encryption);\n logger.debug('Abandon refreshToken due to a previous redirect to /_error or other server-side redirect.');\n return session ?? getForwardedSession(nextJsResponse);\n }\n\n try {\n logger.info(`Check if should request made from first application load`);\n\n if (isRuntimeNextRequest(url) || config.disableInitialPropsRefreshToken) {\n logger.debug(`Detect runtime next.js request, resolving existing session from cookies if exists`);\n\n const cookies = CookieManager.getSessionCookieFromRequest(nextJsRequest);\n const session = await createSession(cookies, encryption);\n\n if (session) {\n logger.debug(`session resolved from session cookie`);\n return session;\n } else {\n logger.info('Failed to resolve session from cookie, going to refresh token');\n }\n }\n\n if (config.isHostedLogin) {\n // hosted login bypassed urls\n if (isOauthCallback(url)) {\n logger.debug(`abandon refreshToken for HostedLogin Callback ${url}`);\n CookieManager.removeCookies({\n isSecured: config.isSSL,\n cookieDomain: config.cookieDomain,\n res: nextJsResponse,\n req: nextJsRequest,\n });\n }\n } else {\n // embedded login bypassed urls\n if (isSamlCallback(url)) {\n logger.debug(`abandon refreshToken for Saml Callback ${url}`);\n return null;\n }\n }\n\n const clientIp =\n getClientIp(nextJsRequest.headers['cf-connecting-ip'] || nextJsRequest.headers['x-forwarded-for']) ||\n nextJsRequest.socket?.remoteAddress;\n\n if (clientIp && config.shouldForwardIp) {\n nextJsRequest.headers[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n nextJsRequest.headers[FRONTEGG_HEADERS_VERIFIER_HEADER] = config.sharedSecret ?? '';\n nextJsRequest.headers[FRONTEGG_VENDOR_ID_HEADER] = config.clientId;\n }\n\n let response: Response | null;\n if (config.isHostedLogin) {\n response = await refreshAccessTokenHostedLogin(nextJsRequest);\n } else {\n response = await refreshAccessTokenEmbedded(nextJsRequest);\n }\n\n const isSecured = config.isSSL;\n if (response === null || !response.ok) {\n CookieManager.removeCookies({\n cookieDomain: config.cookieDomain,\n isSecured,\n req: nextJsRequest,\n res: nextJsResponse,\n });\n return null;\n }\n\n const data = await response.json();\n\n const cookieHeader: string[] =\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n response.headers?.raw?.()['set-cookie'] ??\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n response.headers?.getSetCookie?.() ??\n response.headers?.get?.('set-cookie') ??\n [];\n\n const newSetCookie = CookieManager.modifySetCookie(cookieHeader, isSecured) ?? [];\n const [session, decodedJwt, refreshToken] = await createSessionFromAccessToken(data);\n\n if (!session) {\n return null;\n }\n const cookieValue = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n req: nextJsRequest,\n });\n newSetCookie.push(...cookieValue);\n nextJsResponse.setHeader('set-cookie', newSetCookie);\n\n const fronteggSession = {\n accessToken: data.accessToken ?? data.access_token,\n user: decodedJwt,\n refreshToken,\n };\n\n saveForwardedSession(nextJsResponse, fronteggSession);\n return fronteggSession;\n } catch (e) {\n logger.error('[refreshToken] Failed to create session e', e);\n return null;\n }\n}\n"],"mappings":";;;;;;;;;;;;;AAEA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,QAAA,GAAAD,sBAAA,CAAAF,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AAUA,IAAAK,eAAA,GAAAH,sBAAA,CAAAF,OAAA;AACA,IAAAM,WAAA,GAAAJ,sBAAA,CAAAF,OAAA;AACA,IAAAO,cAAA,GAAAL,sBAAA,CAAAF,OAAA;AACA,IAAAQ,MAAA,GAAAR,OAAA;AAQA;AACA;AACA;AACA;AACA;AACA;AACe,eAAeS,0BAA0BA,CAACC,GAAoB,EAAyC;EACpH,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA6B,CAAC,CAAC;EAE1EH,MAAM,CAACI,IAAI,CAAC,uCAAuCL,GAAG,CAACM,QAAQ,EAAE,CAAC;EAClE,MAAMC,aAAa,GAAGP,GAAG,CAACQ,GAAG;EAC7B,MAAMC,cAAc,GAAGT,GAAG,CAACU,GAAG;EAC9B,MAAMC,GAAG,GAAGJ,aAAa,oBAAbA,aAAa,CAAEI,GAAG;EAC9B,IAAI,CAACF,cAAc,IAAI,CAACF,aAAa,IAAI,CAACI,GAAG,EAAE;IAC7CV,MAAM,CAACW,KAAK,CAAC,oDAAoD,CAAC;IAClE,OAAO,IAAI;EACb;EAEA,IAAI,IAAAC,4BAAmB,EAACJ,cAAc,CAACK,SAAS,CAAC,YAAY,CAAC,CAAC,EAAE;IAC/D,MAAMC,OAAO,GAAGC,gBAAa,CAACC,sCAAsC,CAACR,cAAc,CAAC;IACpF,MAAMS,OAAO,GAAG,MAAM,IAAAC,sBAAa,EAACJ,OAAO,EAAEK,mBAAU,CAAC;IACxDnB,MAAM,CAACW,KAAK,CAAC,2FAA2F,CAAC;IACzG,OAAOM,OAAO,WAAPA,OAAO,GAAI,IAAAG,4BAAmB,EAACZ,cAAc,CAAC;EACvD;EAEA,IAAI;IAAA,IAAAa,qBAAA,EAAAC,IAAA,EAAAC,KAAA,EAAAC,qBAAA,EAAAC,iBAAA,EAAAC,sBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,iBAAA;IACFhC,MAAM,CAACI,IAAI,CAAC,0DAA0D,CAAC;IAEvE,IAAI,IAAA6B,6BAAoB,EAACvB,GAAG,CAAC,IAAIwB,eAAM,CAACC,+BAA+B,EAAE;MACvEnC,MAAM,CAACW,KAAK,CAAC,mFAAmF,CAAC;MAEjG,MAAMG,OAAO,GAAGC,gBAAa,CAACqB,2BAA2B,CAAC9B,aAAa,CAAC;MACxE,MAAMW,OAAO,GAAG,MAAM,IAAAC,sBAAa,EAACJ,OAAO,EAAEK,mBAAU,CAAC;MAExD,IAAIF,OAAO,EAAE;QACXjB,MAAM,CAACW,KAAK,CAAC,sCAAsC,CAAC;QACpD,OAAOM,OAAO;MAChB,CAAC,MAAM;QACLjB,MAAM,CAACI,IAAI,CAAC,+DAA+D,CAAC;MAC9E;IACF;IAEA,IAAI8B,eAAM,CAACG,aAAa,EAAE;MACxB;MACA,IAAI,IAAAC,wBAAe,EAAC5B,GAAG,CAAC,EAAE;QACxBV,MAAM,CAACW,KAAK,CAAC,iDAAiDD,GAAG,EAAE,CAAC;QACpEK,gBAAa,CAACwB,aAAa,CAAC;UAC1BC,SAAS,EAAEN,eAAM,CAACO,KAAK;UACvBC,YAAY,EAAER,eAAM,CAACQ,YAAY;UACjCjC,GAAG,EAAED,cAAc;UACnBD,GAAG,EAAED;QACP,CAAC,CAAC;MACJ;IACF,CAAC,MAAM;MACL;MACA,IAAI,IAAAqC,uBAAc,EAACjC,GAAG,CAAC,EAAE;QACvBV,MAAM,CAACW,KAAK,CAAC,0CAA0CD,GAAG,EAAE,CAAC;QAC7D,OAAO,IAAI;MACb;IACF;IAEA,MAAMkC,QAAQ,GACZ,IAAAC,kBAAW,EAACvC,aAAa,CAACwC,OAAO,CAAC,kBAAkB,CAAC,IAAIxC,aAAa,CAACwC,OAAO,CAAC,iBAAiB,CAAC,CAAC,MAAAzB,qBAAA,GAClGf,aAAa,CAACyC,MAAM,qBAApB1B,qBAAA,CAAsB2B,aAAa;IAErC,IAAIJ,QAAQ,IAAIV,eAAM,CAACe,eAAe,EAAE;MAAA,IAAAC,oBAAA;MACtC5C,aAAa,CAACwC,OAAO,CAACK,iCAA0B,CAAC,GAAGP,QAAQ;MAC5DtC,aAAa,CAACwC,OAAO,CAACM,uCAAgC,CAAC,IAAAF,oBAAA,GAAGhB,eAAM,CAACmB,YAAY,YAAAH,oBAAA,GAAI,EAAE;MACnF5C,aAAa,CAACwC,OAAO,CAACQ,gCAAyB,CAAC,GAAGpB,eAAM,CAACqB,QAAQ;IACpE;IAEA,IAAIC,QAAyB;IAC7B,IAAItB,eAAM,CAACG,aAAa,EAAE;MACxBmB,QAAQ,GAAG,MAAM,IAAAC,sCAA6B,EAACnD,aAAa,CAAC;IAC/D,CAAC,MAAM;MACLkD,QAAQ,GAAG,MAAM,IAAAE,mCAA0B,EAACpD,aAAa,CAAC;IAC5D;IAEA,MAAMkC,SAAS,GAAGN,eAAM,CAACO,KAAK;IAC9B,IAAIe,QAAQ,KAAK,IAAI,IAAI,CAACA,QAAQ,CAACG,EAAE,EAAE;MACrC5C,gBAAa,CAACwB,aAAa,CAAC;QAC1BG,YAAY,EAAER,eAAM,CAACQ,YAAY;QACjCF,SAAS;QACTjC,GAAG,EAAED,aAAa;QAClBG,GAAG,EAAED;MACP,CAAC,CAAC;MACF,OAAO,IAAI;IACb;IAEA,MAAMoD,IAAI,GAAG,MAAMJ,QAAQ,CAACK,IAAI,CAAC,CAAC;IAElC,MAAMC,YAAsB,GAC1B;IAAA,CAAAxC,IAAA,IAAAC,KAAA,IAAAC,qBAAA,IAAAC,iBAAA,GACA+B,QAAQ,CAACV,OAAO,cAAApB,sBAAA,GAAhBD,iBAAA,CAAkBsC,GAAG,qBAArBrC,sBAAA,CAAAsC,IAAA,CAAAvC,iBAAwB,CAAC,CAAC,YAAY,CAAC,YAAAD,qBAAA,GACvC;IAAA,CAAAG,kBAAA,GACA6B,QAAQ,CAACV,OAAO,cAAAlB,qBAAA,GAAhBD,kBAAA,CAAkBsC,YAAY,qBAA9BrC,qBAAA,CAAAoC,IAAA,CAAArC,kBAAiC,CAAC,YAAAJ,KAAA,IAAAM,kBAAA,GAClC2B,QAAQ,CAACV,OAAO,cAAAhB,qBAAA,GAAhBD,kBAAA,CAAkBqC,GAAG,qBAArBpC,qBAAA,CAAAkC,IAAA,CAAAnC,kBAAA,EAAwB,YAAY,CAAC,YAAAP,IAAA,GACrC,EAAE;IAEJ,MAAM6C,YAAY,IAAApC,qBAAA,GAAGhB,gBAAa,CAACqD,eAAe,CAACN,YAAY,EAAEtB,SAAS,CAAC,YAAAT,qBAAA,GAAI,EAAE;IACjF,MAAM,CAACd,OAAO,EAAEoD,UAAU,EAAEC,YAAY,CAAC,GAAG,MAAM,IAAAC,oCAA4B,EAACX,IAAI,CAAC;IAEpF,IAAI,CAAC3C,OAAO,EAAE;MACZ,OAAO,IAAI;IACb;IACA,MAAMuD,WAAW,GAAGzD,gBAAa,CAAC0D,MAAM,CAAC;MACvCC,KAAK,EAAEzD,OAAO;MACd0D,OAAO,EAAE,IAAIC,IAAI,CAACP,UAAU,CAACQ,GAAG,GAAG,IAAI,CAAC;MACxCC,MAAM,EAAEtC,SAAS;MACjBjC,GAAG,EAAED;IACP,CAAC,CAAC;IACF6D,YAAY,CAACY,IAAI,CAAC,GAAGP,WAAW,CAAC;IACjChE,cAAc,CAACwE,SAAS,CAAC,YAAY,EAAEb,YAAY,CAAC;IAEpD,MAAMc,eAAe,GAAG;MACtBC,WAAW,GAAAlD,iBAAA,GAAE4B,IAAI,CAACsB,WAAW,YAAAlD,iBAAA,GAAI4B,IAAI,CAACuB,YAAY;MAClDC,IAAI,EAAEf,UAAU;MAChBC;IACF,CAAC;IAED,IAAAe,6BAAoB,EAAC7E,cAAc,EAAEyE,eAAe,CAAC;IACrD,OAAOA,eAAe;EACxB,CAAC,CAAC,OAAOK,CAAC,EAAE;IACVtF,MAAM,CAACuF,KAAK,CAAC,2CAA2C,EAAED,CAAC,CAAC;IAC5D,OAAO,IAAI;EACb;AACF","ignoreList":[]}
|
|
1
|
+
{"version":3,"file":"index.js","names":["_common","require","_config","_interopRequireDefault","_cookies","_helpers","_fronteggLogger","_encryption","_createSession","_utils","refreshAccessTokenIfNeeded","ctx","logger","fronteggLogger","child","tag","info","pathname","nextJsRequest","req","nextJsResponse","res","url","debug","hasSetSessionCookie","getHeader","cookies","CookieManager","getSessionCookieFromRedirectedResponse","session","createSession","encryption","getForwardedSession","_nextJsRequest$socket","_ref","_ref2","_response$headers$raw","_response$headers","_response$headers$raw2","_response$headers2","_response$headers2$ge","_response$headers3","_response$headers3$ge","_CookieManager$modify","_data$accessToken","isRuntimeNextRequest","config","disableInitialPropsRefreshToken","getSessionCookieFromRequest","isHostedLogin","isOauthCallback","removeCookies","isSecured","isSSL","cookieDomain","isSamlCallback","clientIp","getClientIp","headers","socket","remoteAddress","shouldForwardIp","_config$sharedSecret","console","log","process","env","VERCEL","FRONTEGG_FORWARD_IP_HEADER","FRONTEGG_HEADERS_VERIFIER_HEADER","sharedSecret","FRONTEGG_VENDOR_ID_HEADER","clientId","response","refreshAccessTokenHostedLogin","refreshAccessTokenEmbedded","ok","data","json","cookieHeader","raw","call","getSetCookie","get","newSetCookie","modifySetCookie","decodedJwt","refreshToken","createSessionFromAccessToken","cookieValue","create","value","expires","Date","exp","secure","push","setHeader","fronteggSession","accessToken","access_token","user","saveForwardedSession","e","error"],"sources":["../../../../../packages/nextjs/src/utils/refreshAccessTokenIfNeeded/index.ts"],"sourcesContent":["import type { NextPageContext } from 'next/dist/shared/lib/utils';\nimport type { FronteggNextJSSession } from '../../types';\nimport { createSessionFromAccessToken } from '../../common';\nimport config from '../../config';\nimport CookieManager from '../cookies';\nimport {\n isOauthCallback,\n hasSetSessionCookie,\n isRuntimeNextRequest,\n isSamlCallback,\n refreshAccessTokenEmbedded,\n refreshAccessTokenHostedLogin,\n saveForwardedSession,\n getForwardedSession,\n} from './helpers';\nimport fronteggLogger from '../fronteggLogger';\nimport encryption from '../encryption';\nimport createSession from '../createSession';\nimport {\n FRONTEGG_HEADERS_VERIFIER_HEADER,\n FRONTEGG_FORWARD_IP_HEADER,\n getClientIp,\n FRONTEGG_VENDOR_ID_HEADER,\n} from '../../api/utils';\n\nexport { isRuntimeNextRequest };\n/**\n * Refreshes the access token for the current session.\n *\n * @param {NextPageContext} ctx - The Next.js Page Context object.\n * @returns {Promise<FronteggNextJSSession | null>} A Promise that resolves to the updated session object, or `null` if the refresh failed.\n */\nexport default async function refreshAccessTokenIfNeeded(ctx: NextPageContext): Promise<FronteggNextJSSession | null> {\n const logger = fronteggLogger.child({ tag: 'refreshAccessTokenIfNeeded' });\n\n logger.info(`Refreshing token by for PageContext ${ctx.pathname}`);\n const nextJsRequest = ctx.req;\n const nextJsResponse = ctx.res;\n const url = nextJsRequest?.url;\n if (!nextJsResponse || !nextJsRequest || !url) {\n logger.debug(`abandon refreshToken due to PageContext.req = null`);\n return null;\n }\n\n if (hasSetSessionCookie(nextJsResponse.getHeader('set-cookie'))) {\n const cookies = CookieManager.getSessionCookieFromRedirectedResponse(nextJsResponse);\n const session = await createSession(cookies, encryption);\n logger.debug('Abandon refreshToken due to a previous redirect to /_error or other server-side redirect.');\n return session ?? getForwardedSession(nextJsResponse);\n }\n\n try {\n logger.info(`Check if should request made from first application load`);\n\n if (isRuntimeNextRequest(url) || config.disableInitialPropsRefreshToken) {\n logger.debug(`Detect runtime next.js request, resolving existing session from cookies if exists`);\n\n const cookies = CookieManager.getSessionCookieFromRequest(nextJsRequest);\n const session = await createSession(cookies, encryption);\n\n if (session) {\n logger.debug(`session resolved from session cookie`);\n return session;\n } else {\n logger.info('Failed to resolve session from cookie, going to refresh token');\n }\n }\n\n if (config.isHostedLogin) {\n // hosted login bypassed urls\n if (isOauthCallback(url)) {\n logger.debug(`abandon refreshToken for HostedLogin Callback ${url}`);\n CookieManager.removeCookies({\n isSecured: config.isSSL,\n cookieDomain: config.cookieDomain,\n res: nextJsResponse,\n req: nextJsRequest,\n });\n }\n } else {\n // embedded login bypassed urls\n if (isSamlCallback(url)) {\n logger.debug(`abandon refreshToken for Saml Callback ${url}`);\n return null;\n }\n }\n\n const clientIp =\n getClientIp(nextJsRequest.headers['cf-connecting-ip'] || nextJsRequest.headers['x-forwarded-for']) ||\n nextJsRequest.socket?.remoteAddress;\n\n if (clientIp && config.shouldForwardIp) {\n console.log('inside refreshAccessTokenIfNeeded', process.env.VERCEL);\n console.log('nextJsRequest.headers[cf-connecting-ip]', nextJsRequest.headers['cf-connecting-ip']);\n console.log('nextJsRequest.headers[x-forwarded-for]', nextJsRequest.headers['x-forwarded-for']);\n nextJsRequest.headers[FRONTEGG_FORWARD_IP_HEADER] = clientIp;\n nextJsRequest.headers[FRONTEGG_HEADERS_VERIFIER_HEADER] = config.sharedSecret ?? '';\n nextJsRequest.headers[FRONTEGG_VENDOR_ID_HEADER] = config.clientId;\n }\n\n let response: Response | null;\n if (config.isHostedLogin) {\n response = await refreshAccessTokenHostedLogin(nextJsRequest);\n } else {\n response = await refreshAccessTokenEmbedded(nextJsRequest);\n }\n\n const isSecured = config.isSSL;\n if (response === null || !response.ok) {\n CookieManager.removeCookies({\n cookieDomain: config.cookieDomain,\n isSecured,\n req: nextJsRequest,\n res: nextJsResponse,\n });\n return null;\n }\n\n const data = await response.json();\n\n const cookieHeader: string[] =\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n response.headers?.raw?.()['set-cookie'] ??\n // @ts-ignore the first argument \"raw\" will only work before nextjs 13.4 and the second argument \"getSetCookie\" will only work after\n response.headers?.getSetCookie?.() ??\n response.headers?.get?.('set-cookie') ??\n [];\n\n const newSetCookie = CookieManager.modifySetCookie(cookieHeader, isSecured) ?? [];\n const [session, decodedJwt, refreshToken] = await createSessionFromAccessToken(data);\n\n if (!session) {\n return null;\n }\n const cookieValue = CookieManager.create({\n value: session,\n expires: new Date(decodedJwt.exp * 1000),\n secure: isSecured,\n req: nextJsRequest,\n });\n newSetCookie.push(...cookieValue);\n nextJsResponse.setHeader('set-cookie', newSetCookie);\n\n const fronteggSession = {\n accessToken: data.accessToken ?? data.access_token,\n user: decodedJwt,\n refreshToken,\n };\n\n saveForwardedSession(nextJsResponse, fronteggSession);\n return fronteggSession;\n } catch (e) {\n logger.error('[refreshToken] Failed to create session e', e);\n return null;\n }\n}\n"],"mappings":";;;;;;;;;;;;;AAEA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,QAAA,GAAAD,sBAAA,CAAAF,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AAUA,IAAAK,eAAA,GAAAH,sBAAA,CAAAF,OAAA;AACA,IAAAM,WAAA,GAAAJ,sBAAA,CAAAF,OAAA;AACA,IAAAO,cAAA,GAAAL,sBAAA,CAAAF,OAAA;AACA,IAAAQ,MAAA,GAAAR,OAAA;AAQA;AACA;AACA;AACA;AACA;AACA;AACe,eAAeS,0BAA0BA,CAACC,GAAoB,EAAyC;EACpH,MAAMC,MAAM,GAAGC,uBAAc,CAACC,KAAK,CAAC;IAAEC,GAAG,EAAE;EAA6B,CAAC,CAAC;EAE1EH,MAAM,CAACI,IAAI,CAAC,uCAAuCL,GAAG,CAACM,QAAQ,EAAE,CAAC;EAClE,MAAMC,aAAa,GAAGP,GAAG,CAACQ,GAAG;EAC7B,MAAMC,cAAc,GAAGT,GAAG,CAACU,GAAG;EAC9B,MAAMC,GAAG,GAAGJ,aAAa,oBAAbA,aAAa,CAAEI,GAAG;EAC9B,IAAI,CAACF,cAAc,IAAI,CAACF,aAAa,IAAI,CAACI,GAAG,EAAE;IAC7CV,MAAM,CAACW,KAAK,CAAC,oDAAoD,CAAC;IAClE,OAAO,IAAI;EACb;EAEA,IAAI,IAAAC,4BAAmB,EAACJ,cAAc,CAACK,SAAS,CAAC,YAAY,CAAC,CAAC,EAAE;IAC/D,MAAMC,OAAO,GAAGC,gBAAa,CAACC,sCAAsC,CAACR,cAAc,CAAC;IACpF,MAAMS,OAAO,GAAG,MAAM,IAAAC,sBAAa,EAACJ,OAAO,EAAEK,mBAAU,CAAC;IACxDnB,MAAM,CAACW,KAAK,CAAC,2FAA2F,CAAC;IACzG,OAAOM,OAAO,WAAPA,OAAO,GAAI,IAAAG,4BAAmB,EAACZ,cAAc,CAAC;EACvD;EAEA,IAAI;IAAA,IAAAa,qBAAA,EAAAC,IAAA,EAAAC,KAAA,EAAAC,qBAAA,EAAAC,iBAAA,EAAAC,sBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,kBAAA,EAAAC,qBAAA,EAAAC,qBAAA,EAAAC,iBAAA;IACFhC,MAAM,CAACI,IAAI,CAAC,0DAA0D,CAAC;IAEvE,IAAI,IAAA6B,6BAAoB,EAACvB,GAAG,CAAC,IAAIwB,eAAM,CAACC,+BAA+B,EAAE;MACvEnC,MAAM,CAACW,KAAK,CAAC,mFAAmF,CAAC;MAEjG,MAAMG,OAAO,GAAGC,gBAAa,CAACqB,2BAA2B,CAAC9B,aAAa,CAAC;MACxE,MAAMW,OAAO,GAAG,MAAM,IAAAC,sBAAa,EAACJ,OAAO,EAAEK,mBAAU,CAAC;MAExD,IAAIF,OAAO,EAAE;QACXjB,MAAM,CAACW,KAAK,CAAC,sCAAsC,CAAC;QACpD,OAAOM,OAAO;MAChB,CAAC,MAAM;QACLjB,MAAM,CAACI,IAAI,CAAC,+DAA+D,CAAC;MAC9E;IACF;IAEA,IAAI8B,eAAM,CAACG,aAAa,EAAE;MACxB;MACA,IAAI,IAAAC,wBAAe,EAAC5B,GAAG,CAAC,EAAE;QACxBV,MAAM,CAACW,KAAK,CAAC,iDAAiDD,GAAG,EAAE,CAAC;QACpEK,gBAAa,CAACwB,aAAa,CAAC;UAC1BC,SAAS,EAAEN,eAAM,CAACO,KAAK;UACvBC,YAAY,EAAER,eAAM,CAACQ,YAAY;UACjCjC,GAAG,EAAED,cAAc;UACnBD,GAAG,EAAED;QACP,CAAC,CAAC;MACJ;IACF,CAAC,MAAM;MACL;MACA,IAAI,IAAAqC,uBAAc,EAACjC,GAAG,CAAC,EAAE;QACvBV,MAAM,CAACW,KAAK,CAAC,0CAA0CD,GAAG,EAAE,CAAC;QAC7D,OAAO,IAAI;MACb;IACF;IAEA,MAAMkC,QAAQ,GACZ,IAAAC,kBAAW,EAACvC,aAAa,CAACwC,OAAO,CAAC,kBAAkB,CAAC,IAAIxC,aAAa,CAACwC,OAAO,CAAC,iBAAiB,CAAC,CAAC,MAAAzB,qBAAA,GAClGf,aAAa,CAACyC,MAAM,qBAApB1B,qBAAA,CAAsB2B,aAAa;IAErC,IAAIJ,QAAQ,IAAIV,eAAM,CAACe,eAAe,EAAE;MAAA,IAAAC,oBAAA;MACtCC,OAAO,CAACC,GAAG,CAAC,mCAAmC,EAAEC,OAAO,CAACC,GAAG,CAACC,MAAM,CAAC;MACpEJ,OAAO,CAACC,GAAG,CAAC,yCAAyC,EAAE9C,aAAa,CAACwC,OAAO,CAAC,kBAAkB,CAAC,CAAC;MACjGK,OAAO,CAACC,GAAG,CAAC,wCAAwC,EAAE9C,aAAa,CAACwC,OAAO,CAAC,iBAAiB,CAAC,CAAC;MAC/FxC,aAAa,CAACwC,OAAO,CAACU,iCAA0B,CAAC,GAAGZ,QAAQ;MAC5DtC,aAAa,CAACwC,OAAO,CAACW,uCAAgC,CAAC,IAAAP,oBAAA,GAAGhB,eAAM,CAACwB,YAAY,YAAAR,oBAAA,GAAI,EAAE;MACnF5C,aAAa,CAACwC,OAAO,CAACa,gCAAyB,CAAC,GAAGzB,eAAM,CAAC0B,QAAQ;IACpE;IAEA,IAAIC,QAAyB;IAC7B,IAAI3B,eAAM,CAACG,aAAa,EAAE;MACxBwB,QAAQ,GAAG,MAAM,IAAAC,sCAA6B,EAACxD,aAAa,CAAC;IAC/D,CAAC,MAAM;MACLuD,QAAQ,GAAG,MAAM,IAAAE,mCAA0B,EAACzD,aAAa,CAAC;IAC5D;IAEA,MAAMkC,SAAS,GAAGN,eAAM,CAACO,KAAK;IAC9B,IAAIoB,QAAQ,KAAK,IAAI,IAAI,CAACA,QAAQ,CAACG,EAAE,EAAE;MACrCjD,gBAAa,CAACwB,aAAa,CAAC;QAC1BG,YAAY,EAAER,eAAM,CAACQ,YAAY;QACjCF,SAAS;QACTjC,GAAG,EAAED,aAAa;QAClBG,GAAG,EAAED;MACP,CAAC,CAAC;MACF,OAAO,IAAI;IACb;IAEA,MAAMyD,IAAI,GAAG,MAAMJ,QAAQ,CAACK,IAAI,CAAC,CAAC;IAElC,MAAMC,YAAsB,GAC1B;IAAA,CAAA7C,IAAA,IAAAC,KAAA,IAAAC,qBAAA,IAAAC,iBAAA,GACAoC,QAAQ,CAACf,OAAO,cAAApB,sBAAA,GAAhBD,iBAAA,CAAkB2C,GAAG,qBAArB1C,sBAAA,CAAA2C,IAAA,CAAA5C,iBAAwB,CAAC,CAAC,YAAY,CAAC,YAAAD,qBAAA,GACvC;IAAA,CAAAG,kBAAA,GACAkC,QAAQ,CAACf,OAAO,cAAAlB,qBAAA,GAAhBD,kBAAA,CAAkB2C,YAAY,qBAA9B1C,qBAAA,CAAAyC,IAAA,CAAA1C,kBAAiC,CAAC,YAAAJ,KAAA,IAAAM,kBAAA,GAClCgC,QAAQ,CAACf,OAAO,cAAAhB,qBAAA,GAAhBD,kBAAA,CAAkB0C,GAAG,qBAArBzC,qBAAA,CAAAuC,IAAA,CAAAxC,kBAAA,EAAwB,YAAY,CAAC,YAAAP,IAAA,GACrC,EAAE;IAEJ,MAAMkD,YAAY,IAAAzC,qBAAA,GAAGhB,gBAAa,CAAC0D,eAAe,CAACN,YAAY,EAAE3B,SAAS,CAAC,YAAAT,qBAAA,GAAI,EAAE;IACjF,MAAM,CAACd,OAAO,EAAEyD,UAAU,EAAEC,YAAY,CAAC,GAAG,MAAM,IAAAC,oCAA4B,EAACX,IAAI,CAAC;IAEpF,IAAI,CAAChD,OAAO,EAAE;MACZ,OAAO,IAAI;IACb;IACA,MAAM4D,WAAW,GAAG9D,gBAAa,CAAC+D,MAAM,CAAC;MACvCC,KAAK,EAAE9D,OAAO;MACd+D,OAAO,EAAE,IAAIC,IAAI,CAACP,UAAU,CAACQ,GAAG,GAAG,IAAI,CAAC;MACxCC,MAAM,EAAE3C,SAAS;MACjBjC,GAAG,EAAED;IACP,CAAC,CAAC;IACFkE,YAAY,CAACY,IAAI,CAAC,GAAGP,WAAW,CAAC;IACjCrE,cAAc,CAAC6E,SAAS,CAAC,YAAY,EAAEb,YAAY,CAAC;IAEpD,MAAMc,eAAe,GAAG;MACtBC,WAAW,GAAAvD,iBAAA,GAAEiC,IAAI,CAACsB,WAAW,YAAAvD,iBAAA,GAAIiC,IAAI,CAACuB,YAAY;MAClDC,IAAI,EAAEf,UAAU;MAChBC;IACF,CAAC;IAED,IAAAe,6BAAoB,EAAClF,cAAc,EAAE8E,eAAe,CAAC;IACrD,OAAOA,eAAe;EACxB,CAAC,CAAC,OAAOK,CAAC,EAAE;IACV3F,MAAM,CAAC4F,KAAK,CAAC,2CAA2C,EAAED,CAAC,CAAC;IAC5D,OAAO,IAAI;EACb;AACF","ignoreList":[]}
|