@monocloud/auth-node-core 0.1.1 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/README.md +1 -0
  2. package/dist/index.cjs +37 -24
  3. package/dist/index.cjs.map +1 -1
  4. package/dist/index.d.cts +18 -4
  5. package/dist/index.d.mts +18 -4
  6. package/dist/index.mjs +38 -25
  7. package/dist/index.mjs.map +1 -1
  8. package/package.json +2 -2
package/README.md CHANGED
@@ -20,6 +20,7 @@ The SDK handles:
20
20
  ## 📘 Documentation
21
21
 
22
22
  - **Documentation:** [https://www.monocloud.com/docs](https://www.monocloud.com/docs?utm_source=github&utm_medium=auth_js)
23
+ - **API Reference:** [https://monocloud.github.io/auth-js](https://monocloud.github.io/auth-js?utm_source=github&utm_medium=auth_js)
23
24
 
24
25
  ## Supported Platforms
25
26
 
package/dist/index.cjs CHANGED
@@ -266,6 +266,7 @@ const DEFAULT_OPTIONS = {
266
266
  scopes: "openid profile email",
267
267
  responseType: "code"
268
268
  },
269
+ allowQueryParamOverrides: false,
269
270
  session: {
270
271
  cookie: {
271
272
  httpOnly: true,
@@ -400,6 +401,7 @@ const optionsSchema = joi.default.object({
400
401
  federatedSignOut: boolRequired,
401
402
  userInfo: boolRequired,
402
403
  refetchUserInfo: boolRequired,
404
+ allowQueryParamOverrides: boolRequired,
403
405
  defaultAuthParams: authParamSchema,
404
406
  resources: joi.default.array().items(indicatorOptionsSchema).optional(),
405
407
  session: sessionSchema,
@@ -466,6 +468,7 @@ const getOptions = (options, throwOnError = true) => {
466
468
  const MONOCLOUD_AUTH_FEDERATED_SIGNOUT = process.env.MONOCLOUD_AUTH_FEDERATED_SIGNOUT;
467
469
  const MONOCLOUD_AUTH_USER_INFO = process.env.MONOCLOUD_AUTH_USER_INFO;
468
470
  const MONOCLOUD_AUTH_REFETCH_USER_INFO = process.env.MONOCLOUD_AUTH_REFETCH_USER_INFO;
471
+ const MONOCLOUD_AUTH_ALLOW_QUERY_PARAM_OVERRIDES = process.env.MONOCLOUD_AUTH_ALLOW_QUERY_PARAM_OVERRIDES;
469
472
  const MONOCLOUD_AUTH_SESSION_COOKIE_NAME = process.env.MONOCLOUD_AUTH_SESSION_COOKIE_NAME;
470
473
  const MONOCLOUD_AUTH_SESSION_COOKIE_PATH = process.env.MONOCLOUD_AUTH_SESSION_COOKIE_PATH;
471
474
  const MONOCLOUD_AUTH_SESSION_COOKIE_DOMAIN = process.env.MONOCLOUD_AUTH_SESSION_COOKIE_DOMAIN;
@@ -514,6 +517,7 @@ const getOptions = (options, throwOnError = true) => {
514
517
  federatedSignOut: (options === null || options === void 0 ? void 0 : options.federatedSignOut) ?? (0, _monocloud_auth_core_internal.getBoolean)(MONOCLOUD_AUTH_FEDERATED_SIGNOUT) ?? DEFAULT_OPTIONS.federatedSignOut,
515
518
  userInfo: (options === null || options === void 0 ? void 0 : options.userInfo) ?? (0, _monocloud_auth_core_internal.getBoolean)(MONOCLOUD_AUTH_USER_INFO) ?? DEFAULT_OPTIONS.userInfo,
516
519
  refetchUserInfo: (options === null || options === void 0 ? void 0 : options.refetchUserInfo) ?? (0, _monocloud_auth_core_internal.getBoolean)(MONOCLOUD_AUTH_REFETCH_USER_INFO) ?? DEFAULT_OPTIONS.refetchUserInfo,
520
+ allowQueryParamOverrides: (options === null || options === void 0 ? void 0 : options.allowQueryParamOverrides) ?? (0, _monocloud_auth_core_internal.getBoolean)(MONOCLOUD_AUTH_ALLOW_QUERY_PARAM_OVERRIDES) ?? DEFAULT_OPTIONS.allowQueryParamOverrides,
517
521
  session: {
518
522
  cookie: {
519
523
  name: (options === null || options === void 0 || (_options$session = options.session) === null || _options$session === void 0 || (_options$session = _options$session.cookie) === null || _options$session === void 0 ? void 0 : _options$session.name) ?? MONOCLOUD_AUTH_SESSION_COOKIE_NAME ?? DEFAULT_OPTIONS.session.cookie.name,
@@ -592,7 +596,7 @@ var MonoCloudCoreClient = class {
592
596
  *
593
597
  * @param request - MonoCloud request object.
594
598
  * @param response - MonoCloud response object.
595
- * @param signInOptions - Optional configuration to customize the sign-in behavior.
599
+ * @param signInOptions - Configuration to customize the sign-in behavior.
596
600
  * @returns A promise that resolves when the callback processing and redirection are complete.
597
601
  *
598
602
  * @throws {@link MonoCloudValidationError} When validation of parameters or state fails.
@@ -626,18 +630,26 @@ var MonoCloudCoreClient = class {
626
630
  appState = await this.options.onSetApplicationState(request);
627
631
  if (appState === null || appState === void 0 || typeof appState !== "object" || Array.isArray(appState)) throw new _monocloud_auth_core.MonoCloudValidationError("Invalid Application State. Expected state to be an object");
628
632
  }
629
- const retUrl = request.getQuery("return_url") ?? opt.returnUrl;
633
+ const query = this.options.allowQueryParamOverrides ? {
634
+ returnUrl: request.getQuery("return_url"),
635
+ authenticatorHint: request.getQuery("authenticator_hint"),
636
+ scope: request.getQuery("scope"),
637
+ resource: request.getQuery("resource"),
638
+ display: request.getQuery("display"),
639
+ uiLocales: request.getQuery("ui_locales"),
640
+ acrValues: request.getQuery("acr_values"),
641
+ loginHint: request.getQuery("login_hint"),
642
+ prompt: request.getQuery("prompt"),
643
+ maxAge: parseInt(request.getQuery("max_age"), 10)
644
+ } : {};
645
+ const retUrl = query.returnUrl ?? opt.returnUrl;
630
646
  if (typeof retUrl === "string" && retUrl && (!(0, _monocloud_auth_core_internal.isAbsoluteUrl)(retUrl) || (0, _monocloud_auth_core_internal.isSameHost)(this.options.appUrl, retUrl))) opt.returnUrl = retUrl;
631
647
  const { error } = signInOptionsSchema.validate(opt, { abortEarly: true });
632
648
  if (error) throw new _monocloud_auth_core.MonoCloudValidationError(error.details[0].message);
633
649
  const state = (0, _monocloud_auth_core_utils.generateState)();
634
650
  const nonce = (0, _monocloud_auth_core_utils.generateNonce)();
635
651
  const { codeChallenge, codeVerifier } = await (0, _monocloud_auth_core_utils.generatePKCE)();
636
- const maxAgeQuery = request.getQuery("max_age");
637
- if (typeof maxAgeQuery === "string" && maxAgeQuery) {
638
- const parsedMaxAge = parseInt(maxAgeQuery, 10);
639
- if (!isNaN(parsedMaxAge)) opt.authParams.maxAge = parsedMaxAge;
640
- }
652
+ if (!isNaN(query.maxAge)) opt.authParams.maxAge = query.maxAge;
641
653
  const returnUrl = encodeURIComponent(opt.returnUrl ?? this.options.appUrl);
642
654
  let params = {
643
655
  redirectUri: `${this.options.appUrl}${(0, _monocloud_auth_core_internal.ensureLeadingSlash)(this.options.routes.callback)}`,
@@ -646,30 +658,28 @@ var MonoCloudCoreClient = class {
646
658
  state,
647
659
  codeChallenge
648
660
  };
649
- const authenticatorHint = request.getQuery("authenticator_hint") ?? opt.authParams.authenticatorHint;
661
+ const authenticatorHint = query.authenticatorHint ?? opt.authParams.authenticatorHint;
650
662
  if (typeof authenticatorHint === "string" && authenticatorHint) params.authenticatorHint = authenticatorHint;
651
- const reqScope = request.getQuery("scope");
652
- const scopes = (typeof reqScope === "string" ? reqScope : void 0) ?? opt.authParams.scopes;
663
+ const scopes = (typeof query.scope === "string" ? query.scope : void 0) ?? opt.authParams.scopes;
653
664
  if (scopes) {
654
665
  const { error: e } = scopesValidationSchema.validate(scopes, { abortEarly: true });
655
666
  if (!e) params.scopes = scopes;
656
667
  }
657
- const reqResource = request.getQuery("resource");
658
- const resource = (typeof reqResource === "string" ? reqResource : void 0) ?? opt.authParams.resource;
668
+ const resource = (typeof query.resource === "string" ? query.resource : void 0) ?? opt.authParams.resource;
659
669
  if (resource) {
660
670
  const { error: e } = resourceValidationSchema.validate(resource, { abortEarly: true });
661
671
  if (!e) params.resource = resource;
662
672
  }
663
- const display = request.getQuery("display") ?? opt.authParams.display;
673
+ const display = query.display ?? opt.authParams.display;
664
674
  if (typeof display === "string" && display) params.display = display;
665
- const uiLocales = request.getQuery("ui_locales") ?? opt.authParams.uiLocales;
675
+ const uiLocales = query.uiLocales ?? opt.authParams.uiLocales;
666
676
  if (typeof uiLocales === "string" && uiLocales) params.uiLocales = uiLocales;
667
- const acrValues = request.getQuery("acr_values") ?? opt.authParams.acrValues;
677
+ const acrValues = query.acrValues ?? opt.authParams.acrValues;
668
678
  if (typeof acrValues === "string" && acrValues) params.acrValues = acrValues.split(" ").map((x) => x.trim()).filter((x) => x !== "");
669
- const loginHint = request.getQuery("login_hint") ?? opt.authParams.loginHint;
679
+ const loginHint = query.loginHint ?? opt.authParams.loginHint;
670
680
  if (typeof loginHint === "string" && loginHint) params.loginHint = loginHint;
671
681
  let prompt;
672
- if (typeof request.getQuery("prompt") === "string") prompt = request.getQuery("prompt");
682
+ if (typeof query.prompt === "string") prompt = query.prompt;
673
683
  else prompt = opt.register ? "create" : opt.authParams.prompt;
674
684
  if (prompt) params.prompt = prompt;
675
685
  /* v8 ignore next -- @preserve */
@@ -729,6 +739,7 @@ var MonoCloudCoreClient = class {
729
739
  if (!(0, _monocloud_auth_core_internal.isAbsoluteUrl)(url)) fullUrl = `${this.options.appUrl}${(0, _monocloud_auth_core_internal.ensureLeadingSlash)(url)}`;
730
740
  const callbackParams = (0, _monocloud_auth_core_utils.parseCallbackParams)(method.toLowerCase() === "post" ? new URLSearchParams(body) : new URL(fullUrl).searchParams);
731
741
  if (callbackParams.state !== monoCloudState.state) throw new _monocloud_auth_core.MonoCloudValidationError("Invalid state");
742
+ if ((0, _monocloud_auth_core_internal.isPresent)(callbackParams.error)) throw new _monocloud_auth_core.MonoCloudOPError(callbackParams.error, callbackParams.errorDescription);
732
743
  const redirectUri = (callbackOptions === null || callbackOptions === void 0 ? void 0 : callbackOptions.redirectUri) ?? `${this.options.appUrl}${(0, _monocloud_auth_core_internal.ensureLeadingSlash)(this.options.routes.callback)}`;
733
744
  if (!callbackParams.code) throw new _monocloud_auth_core.MonoCloudValidationError("Authorization code not found in callback params");
734
745
  const appState = JSON.parse(monoCloudState.appState);
@@ -762,7 +773,6 @@ var MonoCloudCoreClient = class {
762
773
  return response.done();
763
774
  }
764
775
  } catch {}
765
- /* c8 ignore stop */
766
776
  response.redirect(this.options.appUrl);
767
777
  } catch (error) {
768
778
  if (typeof (callbackOptions === null || callbackOptions === void 0 ? void 0 : callbackOptions.onError) === "function") return callbackOptions.onError(error);
@@ -795,7 +805,7 @@ var MonoCloudCoreClient = class {
795
805
  const { error } = userInfoOptionsSchema.validate(userinfoOptions, { abortEarly: true });
796
806
  if (error) throw new _monocloud_auth_core.MonoCloudValidationError(error.details[0].message);
797
807
  }
798
- const refetchUserInfo = (userinfoOptions === null || userinfoOptions === void 0 ? void 0 : userinfoOptions.refresh) ?? this.options.refetchUserInfo;
808
+ const refetchUserInfo = (this.options.allowQueryParamOverrides ? { refresh: (0, _monocloud_auth_core_internal.getBoolean)(request.getQuery("refresh")) } : {}).refresh ?? (userinfoOptions === null || userinfoOptions === void 0 ? void 0 : userinfoOptions.refresh) ?? this.options.refetchUserInfo;
799
809
  const session = await this.sessionService.getSession(request, response, !refetchUserInfo);
800
810
  if (!session) {
801
811
  response.setNoCache();
@@ -842,11 +852,14 @@ var MonoCloudCoreClient = class {
842
852
  const { error } = signOutOptionsSchema.validate(signOutOptions, { abortEarly: true });
843
853
  if (error) throw new _monocloud_auth_core.MonoCloudValidationError(error.details[0].message);
844
854
  }
855
+ const query = this.options.allowQueryParamOverrides ? {
856
+ postLogoutUrl: request.getQuery("post_logout_url"),
857
+ federated: (0, _monocloud_auth_core_internal.getBoolean)(request.getQuery("federated"))
858
+ } : {};
845
859
  let returnUrl = this.options.postLogoutRedirectUri ?? (signOutOptions === null || signOutOptions === void 0 ? void 0 : signOutOptions.postLogoutRedirectUri) ?? this.options.appUrl;
846
- const retUrl = request.getQuery("post_logout_url");
847
- if (typeof retUrl === "string" && retUrl) {
848
- const { error } = signOutOptionsSchema.validate({ postLogoutRedirectUri: retUrl });
849
- if (!error) returnUrl = retUrl;
860
+ if (query.postLogoutUrl) {
861
+ const { error } = signOutOptionsSchema.validate({ postLogoutRedirectUri: query.postLogoutUrl });
862
+ if (!error) returnUrl = query.postLogoutUrl;
850
863
  }
851
864
  if (!(0, _monocloud_auth_core_internal.isAbsoluteUrl)(returnUrl)) returnUrl = `${this.options.appUrl}${(0, _monocloud_auth_core_internal.ensureLeadingSlash)(returnUrl)}`;
852
865
  const session = await this.sessionService.getSession(request, response, false);
@@ -855,7 +868,7 @@ var MonoCloudCoreClient = class {
855
868
  return response.done();
856
869
  }
857
870
  await this.sessionService.removeSession(request, response);
858
- if (!((signOutOptions === null || signOutOptions === void 0 ? void 0 : signOutOptions.federatedSignOut) ?? this.options.federatedSignOut)) {
871
+ if (!(query.federated ?? (signOutOptions === null || signOutOptions === void 0 ? void 0 : signOutOptions.federatedSignOut) ?? this.options.federatedSignOut)) {
859
872
  response.redirect(returnUrl);
860
873
  return response.done();
861
874
  }