@nocobase/plugin-idp-oauth 2.1.0-alpha.16 → 2.1.0-alpha.17

package/dist/externalVersion.js

@@ -11,8 +11,8 @@ module.exports = {
   "antd": "5.24.2",
   "react": "18.2.0",
   "react-router-dom": "6.30.1",
-  "@nocobase/client": "2.1.0-alpha.16",
-  "@nocobase/flow-engine": "2.1.0-alpha.16",
-  "@nocobase/cache": "2.1.0-alpha.16",
-  "@nocobase/server": "2.1.0-alpha.16"
+  "@nocobase/client": "2.1.0-alpha.17",
+  "@nocobase/flow-engine": "2.1.0-alpha.17",
+  "@nocobase/cache": "2.1.0-alpha.17",
+  "@nocobase/server": "2.1.0-alpha.17"
 };

package/dist/node_modules/light-my-request/package.json

@@ -1 +1 @@
-{"name":"light-my-request","version":"6.6.0","description":"Fake HTTP injection library","main":"index.js","type":"commonjs","types":"types/index.d.ts","dependencies":{"cookie":"^1.0.1","process-warning":"^4.0.0","set-cookie-parser":"^2.6.0"},"devDependencies":{"@fastify/ajv-compiler":"^4.0.0","@fastify/pre-commit":"^2.1.0","@types/node":"^22.7.7","c8":"^10.1.2","end-of-stream":"^1.4.4","eslint":"^9.17.0","express":"^4.19.2","form-auto-content":"^3.2.1","form-data":"^4.0.0","formdata-node":"^6.0.3","multer":"^1.4.5-lts.1","neostandard":"^0.12.0","tinybench":"^3.0.0","tsd":"^0.31.0","undici":"^7.0.0"},"scripts":{"benchmark":"node benchmark/benchmark.js","coverage":"npm run unit -- --cov --coverage-report=html","lint":"eslint","lint:fix":"eslint --fix","test":"npm run lint && npm run test:unit && npm run test:typescript","test:typescript":"tsd","test:unit":"c8 --100 node --test"},"repository":{"type":"git","url":"git+https://github.com/fastify/light-my-request.git"},"keywords":["http","inject","fake","request","server"],"author":"Tomas Della Vedova - @delvedor (http://delved.org)","contributors":[{"name":"Matteo Collina","email":"hello@matteocollina.com"},{"name":"Manuel Spigolon","email":"behemoth89@gmail.com"},{"name":"Aras Abbasi","email":"aras.abbasi@gmail.com"},{"name":"Frazer Smith","email":"frazer.dev@icloud.com","url":"https://github.com/fdawgs"}],"license":"BSD-3-Clause","bugs":{"url":"https://github.com/fastify/light-my-request/issues"},"homepage":"https://github.com/fastify/light-my-request#readme","funding":[{"type":"github","url":"https://github.com/sponsors/fastify"},{"type":"opencollective","url":"https://opencollective.com/fastify"}],"_lastModified":"2026-04-14T00:04:26.987Z"}
+{"name":"light-my-request","version":"6.6.0","description":"Fake HTTP injection library","main":"index.js","type":"commonjs","types":"types/index.d.ts","dependencies":{"cookie":"^1.0.1","process-warning":"^4.0.0","set-cookie-parser":"^2.6.0"},"devDependencies":{"@fastify/ajv-compiler":"^4.0.0","@fastify/pre-commit":"^2.1.0","@types/node":"^22.7.7","c8":"^10.1.2","end-of-stream":"^1.4.4","eslint":"^9.17.0","express":"^4.19.2","form-auto-content":"^3.2.1","form-data":"^4.0.0","formdata-node":"^6.0.3","multer":"^1.4.5-lts.1","neostandard":"^0.12.0","tinybench":"^3.0.0","tsd":"^0.31.0","undici":"^7.0.0"},"scripts":{"benchmark":"node benchmark/benchmark.js","coverage":"npm run unit -- --cov --coverage-report=html","lint":"eslint","lint:fix":"eslint --fix","test":"npm run lint && npm run test:unit && npm run test:typescript","test:typescript":"tsd","test:unit":"c8 --100 node --test"},"repository":{"type":"git","url":"git+https://github.com/fastify/light-my-request.git"},"keywords":["http","inject","fake","request","server"],"author":"Tomas Della Vedova - @delvedor (http://delved.org)","contributors":[{"name":"Matteo Collina","email":"hello@matteocollina.com"},{"name":"Manuel Spigolon","email":"behemoth89@gmail.com"},{"name":"Aras Abbasi","email":"aras.abbasi@gmail.com"},{"name":"Frazer Smith","email":"frazer.dev@icloud.com","url":"https://github.com/fdawgs"}],"license":"BSD-3-Clause","bugs":{"url":"https://github.com/fastify/light-my-request/issues"},"homepage":"https://github.com/fastify/light-my-request#readme","funding":[{"type":"github","url":"https://github.com/sponsors/fastify"},{"type":"opencollective","url":"https://opencollective.com/fastify"}],"_lastModified":"2026-04-17T02:45:30.127Z"}

package/dist/server/plugin.d.ts

@@ -10,6 +10,7 @@ import { Plugin } from '@nocobase/server';
 import { IdpOauthService } from './service';
 export declare class PluginIdpOauthServer extends Plugin {
     service: IdpOauthService;
+    private registerDefaultApiResource;
     load(): Promise<void>;
     remove(): Promise<void>;
 }

package/dist/server/plugin.js

@@ -38,6 +38,16 @@ var import_service = require("./service");
 var import_utils = require("./utils");
 class PluginIdpOauthServer extends import_server.Plugin {
   service;
+  registerDefaultApiResource() {
+    this.service.registerResourceServer("api", {
+      path: "/",
+      scope: "api",
+      accessTokenFormat: "jwt",
+      jwt: {
+        sign: { alg: "RS256" }
+      }
+    });
+  }
   async load() {
     const bridgeTokenCache = await this.app.cacheManager.createCache({
       name: "idp-oauth-token",
@@ -45,6 +55,7 @@ class PluginIdpOauthServer extends import_server.Plugin {
       store: "memory"
     });
     this.service = new import_service.IdpOauthService(this.app, bridgeTokenCache);
+    this.registerDefaultApiResource();
     const paths = (0, import_paths.createIdpOauthPaths)();
     this.app.use(
       async (ctx, next) => {
@@ -99,6 +110,8 @@ class PluginIdpOauthServer extends import_server.Plugin {
     );
   }
   async remove() {
+    var _a, _b;
+    (_b = (_a = this.service) == null ? void 0 : _a.unregisterResourceServer) == null ? void 0 : _b.call(_a, "api");
   }
 }
 var plugin_default = PluginIdpOauthServer;

package/dist/server/service.js

@@ -62,6 +62,7 @@ function getJoseModule() {
 }
 const defaultSupportedScopes = ["openid", "offline_access", "profile", "email"];
 const envJwksKeys = ["IDP_OAUTH_JWKS", "OAUTH_JWKS"];
+const MAX_CACHE_TTL_MS = 2147483647;
 class IdpOauthService {
   constructor(app, bridgeTokenCache) {
     this.app = app;
@@ -214,9 +215,16 @@ class IdpOauthService {
     return `${(0, import_utils.normalizeBasePath)(process.env.API_BASE_PATH || "/api")}${normalizedPath}`;
   }
   getRequestResourceConfig(ctx) {
+    const requestPath = (0, import_utils.normalizeBasePath)(ctx.path || this.getRequestPath(ctx) || "/");
     for (const config of this.resourceServers.values()) {
-      const requestPath = this.getResourcePath(config);
-      if (requestPath && ctx.path === requestPath) {
+      const resourcePath = this.getResourcePath(config);
+      if (!resourcePath) {
+        continue;
+      }
+      const normalizedResourcePath = (0, import_utils.normalizeBasePath)(resourcePath);
+      const isRootResource = normalizedResourcePath === (0, import_utils.normalizeBasePath)(`${this.getApiBasePath()}/`);
+      const matches = requestPath === normalizedResourcePath || requestPath.startsWith(`${normalizedResourcePath}/`) || isRootResource && requestPath.startsWith(`${this.getApiBasePath()}/`);
+      if (matches) {
         return config;
       }
     }
@@ -432,7 +440,7 @@ class IdpOauthService {
     const cachedInternalToken = await this.bridgeTokenCache.get(bridgeTokenCacheKey);
     const internalToken = cachedInternalToken || await this.issueInternalToken(user.id, oauthExpiresInMs);
     if (!cachedInternalToken && typeof oauthExpiresInMs === "number" && oauthExpiresInMs > 0) {
-      await this.bridgeTokenCache.set(bridgeTokenCacheKey, internalToken, oauthExpiresInMs);
+      await this.bridgeTokenCache.set(bridgeTokenCacheKey, internalToken, Math.min(oauthExpiresInMs, MAX_CACHE_TTL_MS));
     }
     const authorizationHeader = `Bearer ${internalToken}`;
     ctx.req.headers.authorization = authorizationHeader;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nocobase/plugin-idp-oauth",
-  "version": "2.1.0-alpha.16",
+  "version": "2.1.0-alpha.17",
   "main": "dist/server/index.js",
   "displayName": "IdP: OAuth",
   "displayName.zh-CN": "IdP: OAuth",
@@ -20,5 +20,5 @@
   "keywords": [
     "Authentication"
   ],
-  "gitHead": "14cf3dbdb9f0a9669602de4ad21a9464fa27c105"
+  "gitHead": "586cb00f56557e66168b9720d0e0193a1b752067"
 }