@hemia/auth-sdk 0.0.11 → 0.0.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/hemia-auth-sdk.esm.js +23 -13
  2. package/dist/hemia-auth-sdk.js +23 -13
  3. package/dist/types/controllers/auth.controller.d.ts +1 -0
  4. package/dist/types/types/auth-config.interface.d.ts +2 -0
  5. package/package.json +5 -5
package/dist/hemia-auth-sdk.esm.js CHANGED
@@ -143,7 +143,8 @@ let AuthService = class AuthService {
143
143
  state: state,
144
144
  code_challenge: codeChallenge,
145
145
  code_challenge_method: 'S256',
146
- auto: auto
146
+ auto: auto,
147
+ aud: this.config.aud || ''
147
148
  });
148
149
  const loginUrl = `${this.config.ssoBaseUrl}${this.config.ssoAuthUrl}?${params.toString()}`;
149
150
  const tempState = {
@@ -185,11 +186,11 @@ let AuthService = class AuthService {
185
186
  const sessionId = randomBytes(16).toString('hex');
186
187
  const sessionData = {
187
188
  accessToken: access_token,
188
- refreshToken: refresh_token,
189
- idToken: id_token,
189
+ refreshToken: refresh_token || '',
190
+ idToken: id_token || '',
190
191
  expiresAt: Date.now() + (expires_in * 1000),
191
192
  createdAt: new Date().toISOString(),
192
- ssoSessionId: session_id
193
+ sessionId: session_id
193
194
  };
194
195
  await this.storage.set(`x-session:${sessionId}`, sessionData, expires_in);
195
196
  return {
@@ -262,7 +263,10 @@ let AuthService = class AuthService {
262
263
  }
263
264
  }
264
265
  try {
265
- const verify = this.jwtManager.verify(session.accessToken);
266
+ const verify = this.jwtManager.verify(session.accessToken, this.config.clientSecret, {
267
+ issuer: this.config.iss,
268
+ audience: this.config.aud
269
+ });
266
270
  if (!verify) {
267
271
  throw new SessionInvalidError();
268
272
  }
@@ -306,7 +310,7 @@ let AuthService = class AuthService {
306
310
  if (session) {
307
311
  try {
308
312
  await this.networkServices.post(this.config.ssoLogoutEndpoint, {
309
- ssoSessionId: session.sessionId
313
+ sessionId: session.sessionId
310
314
  });
311
315
  }
312
316
  catch (e) { /* Silent error */ }
@@ -350,7 +354,8 @@ let AuthService = class AuthService {
350
354
  clientId: this.config.clientId,
351
355
  clientSecret: this.config.clientSecret,
352
356
  refreshToken: session.refreshToken,
353
- sessionId: session.ssoSessionId
357
+ sessionId: session.sessionId,
358
+ aud: this.config.aud || ''
354
359
  });
355
360
  if (response.status !== 200) {
356
361
  throw new CustomHttpError('Token refresh failed', response.status, 'token_refresh_failed');
@@ -386,6 +391,7 @@ const AUTH_SERVICE_ID = Symbol.for('HemiaAuthService');
386
391
  let AuthSDKController = class AuthSDKController {
387
392
  constructor(authService) {
388
393
  this.authService = authService;
394
+ this.COOKIE_NAME = process.env.AUTH_COOKIE_NAME || 'x-session';
389
395
  }
390
396
  async login(req, res) {
391
397
  try {
@@ -413,12 +419,12 @@ let AuthSDKController = class AuthSDKController {
413
419
  }
414
420
  const storedState = JSON.parse(authFlowCookie);
415
421
  const result = await this.authService.handleCallback(code, state, storedState);
416
- res.cookie('x-session', result.sessionId, {
422
+ res.cookie(this.COOKIE_NAME, result.sessionId, {
417
423
  httpOnly: true,
418
424
  secure: process.env.NODE_ENV === 'production',
419
425
  sameSite: 'lax',
420
426
  maxAge: result.expiresIn * 1000,
421
- path: '/'
427
+ path: '/',
422
428
  });
423
429
  res.clearCookie('auth_flow');
424
430
  res.redirect(result.redirectUrl);
@@ -441,7 +447,11 @@ let AuthSDKController = class AuthSDKController {
441
447
  }
442
448
  }
443
449
  async me(req, res) {
444
- const sessionId = req.cookies['x-session'];
450
+ const sessionId = req.cookies[this.COOKIE_NAME];
451
+ console.log(`🔍 [App Cookie Name]: ${this.COOKIE_NAME}`);
452
+ console.log('🔍 [App Port]:', req.headers.origin || 'unknown');
453
+ console.log('🔍 [SessionId]:', sessionId);
454
+ console.log('🔍 [All Cookies]:', req.cookies);
445
455
  if (!sessionId) {
446
456
  return res.status(401).json({
447
457
  success: false,
@@ -463,7 +473,7 @@ let AuthSDKController = class AuthSDKController {
463
473
  });
464
474
  }
465
475
  catch (error) {
466
- res.clearCookie('x-session', {
476
+ res.clearCookie(this.COOKIE_NAME, {
467
477
  httpOnly: true,
468
478
  secure: process.env.NODE_ENV === 'production',
469
479
  sameSite: 'lax',
@@ -491,11 +501,11 @@ let AuthSDKController = class AuthSDKController {
491
501
  }
492
502
  }
493
503
  async logout(req, res) {
494
- const sessionId = req.cookies['x-session'];
504
+ const sessionId = req.cookies[this.COOKIE_NAME];
495
505
  if (sessionId) {
496
506
  await this.authService.logout(sessionId);
497
507
  }
498
- res.clearCookie('x-session', {
508
+ res.clearCookie(this.COOKIE_NAME, {
499
509
  httpOnly: true,
500
510
  secure: process.env.NODE_ENV === 'production',
501
511
  sameSite: 'lax',
package/dist/hemia-auth-sdk.js CHANGED
@@ -145,7 +145,8 @@ exports.AuthService = class AuthService {
145
145
  state: state,
146
146
  code_challenge: codeChallenge,
147
147
  code_challenge_method: 'S256',
148
- auto: auto
148
+ auto: auto,
149
+ aud: this.config.aud || ''
149
150
  });
150
151
  const loginUrl = `${this.config.ssoBaseUrl}${this.config.ssoAuthUrl}?${params.toString()}`;
151
152
  const tempState = {
@@ -187,11 +188,11 @@ exports.AuthService = class AuthService {
187
188
  const sessionId = crypto.randomBytes(16).toString('hex');
188
189
  const sessionData = {
189
190
  accessToken: access_token,
190
- refreshToken: refresh_token,
191
- idToken: id_token,
191
+ refreshToken: refresh_token || '',
192
+ idToken: id_token || '',
192
193
  expiresAt: Date.now() + (expires_in * 1000),
193
194
  createdAt: new Date().toISOString(),
194
- ssoSessionId: session_id
195
+ sessionId: session_id
195
196
  };
196
197
  await this.storage.set(`x-session:${sessionId}`, sessionData, expires_in);
197
198
  return {
@@ -264,7 +265,10 @@ exports.AuthService = class AuthService {
264
265
  }
265
266
  }
266
267
  try {
267
- const verify = this.jwtManager.verify(session.accessToken);
268
+ const verify = this.jwtManager.verify(session.accessToken, this.config.clientSecret, {
269
+ issuer: this.config.iss,
270
+ audience: this.config.aud
271
+ });
268
272
  if (!verify) {
269
273
  throw new SessionInvalidError();
270
274
  }
@@ -308,7 +312,7 @@ exports.AuthService = class AuthService {
308
312
  if (session) {
309
313
  try {
310
314
  await this.networkServices.post(this.config.ssoLogoutEndpoint, {
311
- ssoSessionId: session.sessionId
315
+ sessionId: session.sessionId
312
316
  });
313
317
  }
314
318
  catch (e) { /* Silent error */ }
@@ -352,7 +356,8 @@ exports.AuthService = class AuthService {
352
356
  clientId: this.config.clientId,
353
357
  clientSecret: this.config.clientSecret,
354
358
  refreshToken: session.refreshToken,
355
- sessionId: session.ssoSessionId
359
+ sessionId: session.sessionId,
360
+ aud: this.config.aud || ''
356
361
  });
357
362
  if (response.status !== 200) {
358
363
  throw new common.CustomHttpError('Token refresh failed', response.status, 'token_refresh_failed');
@@ -388,6 +393,7 @@ const AUTH_SERVICE_ID = Symbol.for('HemiaAuthService');
388
393
  exports.AuthSDKController = class AuthSDKController {
389
394
  constructor(authService) {
390
395
  this.authService = authService;
396
+ this.COOKIE_NAME = process.env.AUTH_COOKIE_NAME || 'x-session';
391
397
  }
392
398
  async login(req, res) {
393
399
  try {
@@ -415,12 +421,12 @@ exports.AuthSDKController = class AuthSDKController {
415
421
  }
416
422
  const storedState = JSON.parse(authFlowCookie);
417
423
  const result = await this.authService.handleCallback(code, state, storedState);
418
- res.cookie('x-session', result.sessionId, {
424
+ res.cookie(this.COOKIE_NAME, result.sessionId, {
419
425
  httpOnly: true,
420
426
  secure: process.env.NODE_ENV === 'production',
421
427
  sameSite: 'lax',
422
428
  maxAge: result.expiresIn * 1000,
423
- path: '/'
429
+ path: '/',
424
430
  });
425
431
  res.clearCookie('auth_flow');
426
432
  res.redirect(result.redirectUrl);
@@ -443,7 +449,11 @@ exports.AuthSDKController = class AuthSDKController {
443
449
  }
444
450
  }
445
451
  async me(req, res) {
446
- const sessionId = req.cookies['x-session'];
452
+ const sessionId = req.cookies[this.COOKIE_NAME];
453
+ console.log(`🔍 [App Cookie Name]: ${this.COOKIE_NAME}`);
454
+ console.log('🔍 [App Port]:', req.headers.origin || 'unknown');
455
+ console.log('🔍 [SessionId]:', sessionId);
456
+ console.log('🔍 [All Cookies]:', req.cookies);
447
457
  if (!sessionId) {
448
458
  return res.status(401).json({
449
459
  success: false,
@@ -465,7 +475,7 @@ exports.AuthSDKController = class AuthSDKController {
465
475
  });
466
476
  }
467
477
  catch (error) {
468
- res.clearCookie('x-session', {
478
+ res.clearCookie(this.COOKIE_NAME, {
469
479
  httpOnly: true,
470
480
  secure: process.env.NODE_ENV === 'production',
471
481
  sameSite: 'lax',
@@ -493,11 +503,11 @@ exports.AuthSDKController = class AuthSDKController {
493
503
  }
494
504
  }
495
505
  async logout(req, res) {
496
- const sessionId = req.cookies['x-session'];
506
+ const sessionId = req.cookies[this.COOKIE_NAME];
497
507
  if (sessionId) {
498
508
  await this.authService.logout(sessionId);
499
509
  }
500
- res.clearCookie('x-session', {
510
+ res.clearCookie(this.COOKIE_NAME, {
501
511
  httpOnly: true,
502
512
  secure: process.env.NODE_ENV === 'production',
503
513
  sameSite: 'lax',
package/dist/types/controllers/auth.controller.d.ts CHANGED
@@ -6,6 +6,7 @@ import { AuthService } from "../services/auth.service";
6
6
  */
7
7
  export declare class AuthSDKController {
8
8
  private readonly authService;
9
+ private readonly COOKIE_NAME;
9
10
  constructor(authService: AuthService);
10
11
  login(req: Request, res: Response): Promise<void>;
11
12
  callback(req: Request, res: Response): Promise<void>;
package/dist/types/types/auth-config.interface.d.ts CHANGED
@@ -9,4 +9,6 @@ export interface IAuthConfig {
9
9
  uiBaseUrl?: string;
10
10
  cookieDomain?: string;
11
11
  isProduction: boolean;
12
+ iss?: string;
13
+ aud?: string;
12
14
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@hemia/auth-sdk",
3
- "version": "0.0.11",
3
+ "version": "0.0.13",
4
4
  "description": "Hemia SDK for authentication",
5
5
  "main": "dist/hemia-auth-sdk.js",
6
6
  "module": "dist/hemia-auth-sdk.esm.js",
@@ -16,8 +16,8 @@
16
16
  },
17
17
  "devDependencies": {
18
18
  "@hemia/cache-manager": "^0.0.5",
19
- "@hemia/common": "^0.0.12",
20
- "@hemia/jwt-manager": "^0.0.4",
19
+ "@hemia/common": "^0.0.14",
20
+ "@hemia/jwt-manager": "^0.0.6",
21
21
  "@hemia/network-services": "^0.0.3",
22
22
  "@rollup/plugin-commonjs": "^26.0.1",
23
23
  "@rollup/plugin-json": "^6.1.0",
@@ -44,8 +44,8 @@
44
44
  ],
45
45
  "peerDependencies": {
46
46
  "@hemia/cache-manager": "^0.0.5",
47
- "@hemia/common": "^0.0.10",
48
- "@hemia/jwt-manager": "^0.0.4",
47
+ "@hemia/common": "^0.0.14",
48
+ "@hemia/jwt-manager": "^0.0.6",
49
49
  "@hemia/network-services": "^0.0.3",
50
50
  "inversify": "^7.11.0",
51
51
  "reflect-metadata": "^0.2.2"