@lwrjs/auth-middleware 0.7.0-alpha.2 → 0.7.0-alpha.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/build/cjs/utils.cjs +5 -1
  2. package/build/cjs/web-server.cjs +3 -2
  3. package/build/es/types.d.ts +2 -5
  4. package/build/es/utils.d.ts +2 -2
  5. package/build/es/utils.js +7 -2
  6. package/build/es/web-server.js +5 -2
  7. package/package.json +8 -6
package/build/cjs/utils.cjs CHANGED
@@ -55,10 +55,14 @@ function getOauthInfoFromCookie(req) {
55
55
  const oauthInfoStr = req.cookie(COOKIE_NAME);
56
56
  return oauthInfoStr ? JSON.parse(oauthInfoStr) : void 0;
57
57
  }
58
- function buildProxyRequest(req, {access_token, instance_url}) {
58
+ function buildProxyRequest(req, {access_token, instance_url}, existingHeader) {
59
59
  const headers = {
60
+ ...existingHeader,
60
61
  Authorization: `Bearer ${access_token}`
61
62
  };
63
+ delete headers.host;
64
+ delete headers.origin;
65
+ delete headers.referer;
62
66
  let body;
63
67
  if (req.method !== "GET" && req.body) {
64
68
  body = JSON.stringify(req.body);
package/build/cjs/web-server.cjs CHANGED
@@ -47,7 +47,8 @@ function platformWebServerAuthMiddleware(server, {proxyEndpoint = import_utils.P
47
47
  headers: {"Content-Type": "application/x-www-form-urlencoded", Accept: "application/json"},
48
48
  body: `grant_type=authorization_code&code=${code}&client_id=${clientKey}&client_secret=${clientSecret}&redirect_uri=${redirectUri}`
49
49
  });
50
- const data = await response.json();
50
+ const contentType = response.headers.get("Content-Type") || "";
51
+ const data = await (contentType.includes("application/json") ? response.json() : response.text());
51
52
  if (response.ok) {
52
53
  const {access_token, instance_url} = data;
53
54
  res.cookie(import_utils.COOKIE_NAME, JSON.stringify({access_token, instance_url}), {httpOnly: true});
@@ -62,7 +63,7 @@ function platformWebServerAuthMiddleware(server, {proxyEndpoint = import_utils.P
62
63
  server.all(`${proxyEndpoint}/${server.getRegexWildcard()}`, async (req, res) => {
63
64
  const oauthInfo = (0, import_utils.getOauthInfoFromCookie)(req);
64
65
  if (oauthInfo) {
65
- const {url, options} = (0, import_utils.buildProxyRequest)(req, oauthInfo);
66
+ const {url, options} = (0, import_utils.buildProxyRequest)(req, oauthInfo, req.headers);
66
67
  const proxyRes = await (0, import_node_fetch.default)(url, options);
67
68
  const contentType = proxyRes.headers.get("Content-Type") || "";
68
69
  const data = await (contentType.includes("application/json") ? proxyRes.json() : proxyRes.text());
package/build/es/types.d.ts CHANGED
@@ -1,3 +1,4 @@
1
+ import type { RequestInit } from 'node-fetch';
1
2
  export interface PlatformWebServerInput {
2
3
  /** base URL to the Connected App, e.g. "https://lwr.lightning.force.com" (no trailing slash) */
3
4
  myDomain: string;
@@ -18,10 +19,6 @@ export interface OAuthInfo {
18
19
  }
19
20
  export interface RequestOptions {
20
21
  url: string;
21
- options: {
22
- method: string;
23
- headers?: Record<string, string>;
24
- body?: string;
25
- };
22
+ options: RequestInit;
26
23
  }
27
24
  //# sourceMappingURL=types.d.ts.map
package/build/es/utils.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import type { MiddlewareRequest } from '@lwrjs/types';
1
+ import type { MiddlewareRequest, Headers } from '@lwrjs/types';
2
2
  import type { OAuthInfo, RequestOptions, PlatformWebServerInput } from './types.js';
3
3
  export declare const LOGIN_ENDPOINT = "/login";
4
4
  export declare const REDIRECT_ENDPOINT = "/oauth";
@@ -8,5 +8,5 @@ export declare function buildRedirectUrl(req: MiddlewareRequest): string;
8
8
  export declare function getPlatformWebServerEnvVars(): PlatformWebServerInput;
9
9
  export declare function getAppPathAsState(req: MiddlewareRequest): string;
10
10
  export declare function getOauthInfoFromCookie(req: MiddlewareRequest): OAuthInfo | undefined;
11
- export declare function buildProxyRequest(req: MiddlewareRequest, { access_token, instance_url }: OAuthInfo): RequestOptions;
11
+ export declare function buildProxyRequest(req: MiddlewareRequest, { access_token, instance_url }: OAuthInfo, existingHeader: Headers): RequestOptions;
12
12
  //# sourceMappingURL=utils.d.ts.map
package/build/es/utils.js CHANGED
@@ -42,11 +42,16 @@ export function getOauthInfoFromCookie(req) {
42
42
  return oauthInfoStr ? JSON.parse(oauthInfoStr) : undefined;
43
43
  }
44
44
  // Build an authenticated request based on a request to the proxy endpoint
45
- export function buildProxyRequest(req, { access_token, instance_url }) {
46
- // Add the oauth header, future: forward any headers from the client?
45
+ export function buildProxyRequest(req, { access_token, instance_url }, existingHeader) {
46
+ // Add the oauth header to existing headers
47
47
  const headers = {
48
+ ...existingHeader,
48
49
  Authorization: `Bearer ${access_token}`, // add the oauth header
49
50
  };
51
+ // must delete certain headers to satisfy CORS
52
+ delete headers.host;
53
+ delete headers.origin;
54
+ delete headers.referer;
50
55
  // Pull the body from non-GET requests
51
56
  let body;
52
57
  if (req.method !== 'GET' && req.body) {
package/build/es/web-server.js CHANGED
@@ -37,7 +37,10 @@ export function platformWebServerAuthMiddleware(server, { proxyEndpoint = PROXY_
37
37
  body: `grant_type=authorization_code&code=${code}&client_id=${clientKey}&client_secret=${clientSecret}&redirect_uri=${redirectUri}`,
38
38
  });
39
39
  // Response handling
40
- const data = await response.json();
40
+ const contentType = response.headers.get('Content-Type') || ''; // parse as json or text
41
+ const data = await (contentType.includes('application/json')
42
+ ? response.json()
43
+ : response.text());
41
44
  if (response.ok) {
42
45
  // Store the OAuth info in a cookie and redirect to the app
43
46
  const { access_token, instance_url } = data;
@@ -57,7 +60,7 @@ export function platformWebServerAuthMiddleware(server, { proxyEndpoint = PROXY_
57
60
  server.all(`${proxyEndpoint}/${server.getRegexWildcard()}`, async (req, res) => {
58
61
  const oauthInfo = getOauthInfoFromCookie(req);
59
62
  if (oauthInfo) {
60
- const { url, options } = buildProxyRequest(req, oauthInfo);
63
+ const { url, options } = buildProxyRequest(req, oauthInfo, req.headers);
61
64
  const proxyRes = await fetch(url, options);
62
65
  const contentType = proxyRes.headers.get('Content-Type') || ''; // parse as json or text
63
66
  const data = await (contentType.includes('application/json') ? proxyRes.json() : proxyRes.text());
package/package.json CHANGED
@@ -4,7 +4,7 @@
4
4
  "publishConfig": {
5
5
  "access": "public"
6
6
  },
7
- "version": "0.7.0-alpha.2",
7
+ "version": "0.7.0-alpha.5",
8
8
  "homepage": "https://developer.salesforce.com/docs/platform/lwr/overview",
9
9
  "repository": {
10
10
  "type": "git",
@@ -29,14 +29,16 @@
29
29
  "build/**/*.cjs",
30
30
  "build/**/*.d.ts"
31
31
  ],
32
- "devDependencies": {
33
- "@lwrjs/server": "0.7.0-alpha.2",
34
- "@lwrjs/types": "0.7.0-alpha.2",
35
- "@types/node-fetch": "^2.5.12",
32
+ "dependencies": {
36
33
  "node-fetch": "^2.6.1"
37
34
  },
35
+ "devDependencies": {
36
+ "@lwrjs/server": "0.7.0-alpha.5",
37
+ "@lwrjs/types": "0.7.0-alpha.5",
38
+ "@types/node-fetch": "^2.5.12"
39
+ },
38
40
  "engines": {
39
41
  "node": ">=14.15.4 <17"
40
42
  },
41
- "gitHead": "fc3a13d1c5440833eb2ec17fbf0e294554bafa08"
43
+ "gitHead": "4be785ee5e0da8fbbf29bf18993bbd77febf5a2c"
42
44
  }