@insforge/sdk 1.4.1 → 1.4.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +122 -9
- package/SDK-REFERENCE.md +29 -19
- package/dist/{client-DoWwzWnh.d.ts → client-BR9o-WUm.d.ts} +2 -1
- package/dist/{client-hYdj36T6.d.mts → client-C-qBRoea.d.mts} +2 -1
- package/dist/index.d.mts +4 -4
- package/dist/index.d.ts +4 -4
- package/dist/index.js +20 -6
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +20 -6
- package/dist/index.mjs.map +1 -1
- package/dist/{middleware-BxJ0PzUT.d.mts → middleware-K59XjpUX.d.mts} +2 -2
- package/dist/{middleware-DLZiheYP.d.ts → middleware-Tu_RlUAt.d.ts} +2 -2
- package/dist/ssr/middleware.d.mts +2 -2
- package/dist/ssr/middleware.d.ts +2 -2
- package/dist/ssr/middleware.js.map +1 -1
- package/dist/ssr/middleware.mjs.map +1 -1
- package/dist/ssr.d.mts +46 -6
- package/dist/ssr.d.ts +46 -6
- package/dist/ssr.js +129 -7
- package/dist/ssr.js.map +1 -1
- package/dist/ssr.mjs +128 -7
- package/dist/ssr.mjs.map +1 -1
- package/dist/{types-NjykhyRq.d.mts → types-Dk-44JJf.d.mts} +12 -0
- package/dist/{types-NjykhyRq.d.ts → types-Dk-44JJf.d.ts} +12 -0
- package/package.json +1 -1
package/dist/ssr.js
CHANGED
|
@@ -34,6 +34,7 @@ __export(ssr_exports, {
|
|
|
34
34
|
DEFAULT_REFRESH_TOKEN_COOKIE: () => DEFAULT_REFRESH_TOKEN_COOKIE,
|
|
35
35
|
accessTokenCookieOptions: () => accessTokenCookieOptions,
|
|
36
36
|
clearAuthCookies: () => clearAuthCookies,
|
|
37
|
+
createAuthActions: () => createAuthActions,
|
|
37
38
|
createBrowserClient: () => createBrowserClient,
|
|
38
39
|
createRefreshAuthRouter: () => createRefreshAuthRouter,
|
|
39
40
|
createServerClient: () => createServerClient,
|
|
@@ -881,19 +882,32 @@ var HttpClient = class {
|
|
|
881
882
|
|
|
882
883
|
// src/modules/auth/helpers.ts
|
|
883
884
|
var PKCE_VERIFIER_KEY = "insforge_pkce_verifier";
|
|
885
|
+
async function getWebCrypto() {
|
|
886
|
+
const webCrypto = globalThis.crypto;
|
|
887
|
+
if (typeof webCrypto?.getRandomValues === "function" && webCrypto.subtle) {
|
|
888
|
+
return webCrypto;
|
|
889
|
+
}
|
|
890
|
+
if (typeof process !== "undefined" && process.versions?.node) {
|
|
891
|
+
const { webcrypto } = await import("crypto");
|
|
892
|
+
return webcrypto;
|
|
893
|
+
}
|
|
894
|
+
throw new Error("Web Crypto API is not available in this environment");
|
|
895
|
+
}
|
|
884
896
|
function base64UrlEncode(buffer) {
|
|
885
897
|
const base64 = btoa(String.fromCharCode(...buffer));
|
|
886
898
|
return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
|
|
887
899
|
}
|
|
888
|
-
function generateCodeVerifier() {
|
|
900
|
+
async function generateCodeVerifier() {
|
|
901
|
+
const webCrypto = await getWebCrypto();
|
|
889
902
|
const array = new Uint8Array(32);
|
|
890
|
-
|
|
903
|
+
webCrypto.getRandomValues(array);
|
|
891
904
|
return base64UrlEncode(array);
|
|
892
905
|
}
|
|
893
906
|
async function generateCodeChallenge(verifier) {
|
|
907
|
+
const webCrypto = await getWebCrypto();
|
|
894
908
|
const encoder = new TextEncoder();
|
|
895
909
|
const data = encoder.encode(verifier);
|
|
896
|
-
const hash = await
|
|
910
|
+
const hash = await webCrypto.subtle.digest("SHA-256", data);
|
|
897
911
|
return base64UrlEncode(new Uint8Array(hash));
|
|
898
912
|
}
|
|
899
913
|
function storePkceVerifier(verifier) {
|
|
@@ -940,7 +954,7 @@ var Auth = class {
|
|
|
940
954
|
this.http = http;
|
|
941
955
|
this.tokenManager = tokenManager;
|
|
942
956
|
this.options = options;
|
|
943
|
-
this.authCallbackHandled = this.detectAuthCallback();
|
|
957
|
+
this.authCallbackHandled = options.detectOAuthCallback === false ? Promise.resolve() : this.detectAuthCallback();
|
|
944
958
|
}
|
|
945
959
|
isServerMode() {
|
|
946
960
|
return !!this.options.isServerMode;
|
|
@@ -1086,7 +1100,7 @@ var Auth = class {
|
|
|
1086
1100
|
}
|
|
1087
1101
|
const { provider } = signInOptions;
|
|
1088
1102
|
const providerKey = encodeURIComponent(provider.toLowerCase());
|
|
1089
|
-
const codeVerifier = generateCodeVerifier();
|
|
1103
|
+
const codeVerifier = await generateCodeVerifier();
|
|
1090
1104
|
const codeChallenge = await generateCodeChallenge(codeVerifier);
|
|
1091
1105
|
storePkceVerifier(codeVerifier);
|
|
1092
1106
|
const params = {
|
|
@@ -2808,7 +2822,8 @@ var InsForgeClient = class {
|
|
|
2808
2822
|
this.tokenManager.setAccessToken(accessToken);
|
|
2809
2823
|
}
|
|
2810
2824
|
this.auth = new Auth(this.http, this.tokenManager, {
|
|
2811
|
-
isServerMode: config.isServerMode ?? !!accessToken
|
|
2825
|
+
isServerMode: config.isServerMode ?? !!accessToken,
|
|
2826
|
+
detectOAuthCallback: config.auth?.detectOAuthCallback
|
|
2812
2827
|
});
|
|
2813
2828
|
this.database = new Database(this.http);
|
|
2814
2829
|
this.storage = new Storage(this.http);
|
|
@@ -3217,7 +3232,10 @@ function createBrowserClient(options = {}) {
|
|
|
3217
3232
|
fetch: ssrFetch,
|
|
3218
3233
|
// Browser clients manage tokens via the refresh route, not a static
|
|
3219
3234
|
// config token; shadow any untyped accessToken in the options spread.
|
|
3220
|
-
accessToken: void 0
|
|
3235
|
+
accessToken: void 0,
|
|
3236
|
+
auth: {
|
|
3237
|
+
detectOAuthCallback: false
|
|
3238
|
+
}
|
|
3221
3239
|
});
|
|
3222
3240
|
const setAccessToken = client.setAccessToken.bind(client);
|
|
3223
3241
|
client.setAccessToken = (token) => {
|
|
@@ -3422,6 +3440,109 @@ function createRefreshAuthRouter(options = {}) {
|
|
|
3422
3440
|
};
|
|
3423
3441
|
}
|
|
3424
3442
|
|
|
3443
|
+
// src/ssr/auth-actions.ts
|
|
3444
|
+
function persistSessionCookies(cookies, data, settings) {
|
|
3445
|
+
if (!data?.accessToken) return;
|
|
3446
|
+
setAuthCookies(
|
|
3447
|
+
cookies,
|
|
3448
|
+
{
|
|
3449
|
+
accessToken: data.accessToken,
|
|
3450
|
+
refreshToken: data.refreshToken
|
|
3451
|
+
},
|
|
3452
|
+
settings
|
|
3453
|
+
);
|
|
3454
|
+
}
|
|
3455
|
+
function sanitizeAuthData(data) {
|
|
3456
|
+
if (!data) return null;
|
|
3457
|
+
const {
|
|
3458
|
+
accessToken: _accessToken,
|
|
3459
|
+
refreshToken: _refreshToken,
|
|
3460
|
+
csrfToken: _csrfToken,
|
|
3461
|
+
...safeData
|
|
3462
|
+
} = data;
|
|
3463
|
+
return safeData;
|
|
3464
|
+
}
|
|
3465
|
+
function toSafeAuthResult(result) {
|
|
3466
|
+
return {
|
|
3467
|
+
data: sanitizeAuthData(result.data),
|
|
3468
|
+
error: result.error
|
|
3469
|
+
};
|
|
3470
|
+
}
|
|
3471
|
+
function createAuthActions(options = {}) {
|
|
3472
|
+
const {
|
|
3473
|
+
cookies,
|
|
3474
|
+
requestCookies,
|
|
3475
|
+
responseCookies,
|
|
3476
|
+
names,
|
|
3477
|
+
options: cookieOptions,
|
|
3478
|
+
...clientOptions
|
|
3479
|
+
} = options;
|
|
3480
|
+
const readCookies = requestCookies ?? cookies;
|
|
3481
|
+
const writeCookies = responseCookies ?? cookies;
|
|
3482
|
+
if (!writeCookies?.set) {
|
|
3483
|
+
throw new Error(
|
|
3484
|
+
"createAuthActions() requires a writable cookie store. Pass cookies in Server Actions or responseCookies in Route Handlers."
|
|
3485
|
+
);
|
|
3486
|
+
}
|
|
3487
|
+
const cookieSettings = {
|
|
3488
|
+
names,
|
|
3489
|
+
options: cookieOptions
|
|
3490
|
+
};
|
|
3491
|
+
const createClient = () => createServerClient({
|
|
3492
|
+
...clientOptions,
|
|
3493
|
+
names,
|
|
3494
|
+
options: cookieOptions,
|
|
3495
|
+
cookies: readCookies
|
|
3496
|
+
});
|
|
3497
|
+
return {
|
|
3498
|
+
signUp: async (request) => {
|
|
3499
|
+
const result = await createClient().auth.signUp(request);
|
|
3500
|
+
persistSessionCookies(writeCookies, result.data, cookieSettings);
|
|
3501
|
+
return toSafeAuthResult(result);
|
|
3502
|
+
},
|
|
3503
|
+
signInWithPassword: async (request) => {
|
|
3504
|
+
const result = await createClient().auth.signInWithPassword(request);
|
|
3505
|
+
persistSessionCookies(writeCookies, result.data, cookieSettings);
|
|
3506
|
+
return toSafeAuthResult(
|
|
3507
|
+
result
|
|
3508
|
+
);
|
|
3509
|
+
},
|
|
3510
|
+
signInWithOAuth: async (providerOrOptions, signInOptions) => {
|
|
3511
|
+
return createClient().auth.signInWithOAuth(
|
|
3512
|
+
providerOrOptions,
|
|
3513
|
+
signInOptions
|
|
3514
|
+
);
|
|
3515
|
+
},
|
|
3516
|
+
signInWithIdToken: async (credentials) => {
|
|
3517
|
+
const result = await createClient().auth.signInWithIdToken(credentials);
|
|
3518
|
+
persistSessionCookies(writeCookies, result.data, cookieSettings);
|
|
3519
|
+
return toSafeAuthResult(
|
|
3520
|
+
result
|
|
3521
|
+
);
|
|
3522
|
+
},
|
|
3523
|
+
exchangeOAuthCode: async (code, codeVerifier) => {
|
|
3524
|
+
const result = await createClient().auth.exchangeOAuthCode(
|
|
3525
|
+
code,
|
|
3526
|
+
codeVerifier
|
|
3527
|
+
);
|
|
3528
|
+
persistSessionCookies(writeCookies, result.data, cookieSettings);
|
|
3529
|
+
return toSafeAuthResult(
|
|
3530
|
+
result
|
|
3531
|
+
);
|
|
3532
|
+
},
|
|
3533
|
+
verifyEmail: async (request) => {
|
|
3534
|
+
const result = await createClient().auth.verifyEmail(request);
|
|
3535
|
+
persistSessionCookies(writeCookies, result.data, cookieSettings);
|
|
3536
|
+
return toSafeAuthResult(result);
|
|
3537
|
+
},
|
|
3538
|
+
signOut: async () => {
|
|
3539
|
+
const result = await createClient().auth.signOut();
|
|
3540
|
+
clearAuthCookies(writeCookies, cookieSettings);
|
|
3541
|
+
return result;
|
|
3542
|
+
}
|
|
3543
|
+
};
|
|
3544
|
+
}
|
|
3545
|
+
|
|
3425
3546
|
// src/ssr/update-session.ts
|
|
3426
3547
|
async function updateSession(options) {
|
|
3427
3548
|
const accessCookieName = getAccessTokenCookieName(options.names);
|
|
@@ -3483,6 +3604,7 @@ async function updateSession(options) {
|
|
|
3483
3604
|
DEFAULT_REFRESH_TOKEN_COOKIE,
|
|
3484
3605
|
accessTokenCookieOptions,
|
|
3485
3606
|
clearAuthCookies,
|
|
3607
|
+
createAuthActions,
|
|
3486
3608
|
createBrowserClient,
|
|
3487
3609
|
createRefreshAuthRouter,
|
|
3488
3610
|
createServerClient,
|