@onelyid/express 0.2.1 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +0 -1
- package/dist/index.js.map +1 -1
- package/package.json +2 -2
package/dist/index.js
CHANGED
|
@@ -151,7 +151,6 @@ var authProxyMiddleware = (req, res, next) => {
|
|
|
151
151
|
if (!authProxyPaths.includes(req.path)) {
|
|
152
152
|
return next();
|
|
153
153
|
} else {
|
|
154
|
-
console.log(`[Proxy] ${req.method} ${req.url}`);
|
|
155
154
|
}
|
|
156
155
|
const targetUrl = new URL(req.url, authProxyTargetOrigin);
|
|
157
156
|
const client = targetUrl.protocol === "https:" ? import_node_https.default : import_node_http.default;
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts","../src/middleware.ts","../src/auth.ts","../src/proxy-middleware.ts"],"sourcesContent":["import './types/globals.d.ts'\nexport { authMiddleware, redirect, setAuth } from './middleware'\nexport type { AuthMiddlewareConfig, UserInfo } from './types/common'\n","import express from 'express';\nimport type { Request, Response, RequestHandler } from 'express'\nimport { Environment, assertPath, assertRequestMode } from '@onelyid/common'\nimport { destroySession, getSessionUser, initAuthFlow } from './auth';\nimport { authProxyMiddleware } from './proxy-middleware';\nimport { AuthMiddlewareConfig, UserInfo } from './types/common';\n\nexport const authMiddleware = (config?: AuthMiddlewareConfig): RequestHandler => {\n const router = express.Router()\n\n // gate middleware\n router.use(async (req, res, next) => {\n req.mode = assertRequestMode(config?.mode) || Environment.Prod\n\n req.authFlow = () => initAuthFlow(req, res, config)\n req.getAuth = () => setReqAuth(req)\n\n res.clearAuth = () => deleteSession(req, res)\n\n // custom json response\n res.json = (data: unknown) => sendJson(res, data)\n\n next()\n })\n\n router.use(authProxyMiddleware)\n\n return router\n}\n\nexport const setAuth: RequestHandler = async (req, _res, next) => {\n await setReqAuth(req)\n next()\n};\n\nexport const redirect: (path: string) => RequestHandler = (redirectPath: string) => (async (req, res, next) => {\n await setReqAuth(req)\n if (!req.auth) {\n const path = assertPath(redirectPath ?? '/');\n return res.redirect(path)\n }\n next()\n}) satisfies RequestHandler;\n\nasync function setReqAuth(req: Request): Promise<UserInfo | null> {\n if (req.auth) {\n return req.auth\n }\n\n const { user, error } = await getSessionUser(req)\n if (error) {\n console.error('[setReqAuth]', error)\n }\n\n if (!error && user) {\n req.auth = user\n }\n if (!req.auth) {\n req.auth = null\n }\n return req.auth\n}\n\nasync function deleteSession(req: Request, res: Response) {\n const { ok, error } = await destroySession(req, res)\n if (!ok || error) {\n console.error('[deleteSession]', { ok, error });\n }\n}\n\nfunction sendJson(res: Response, data: unknown) {\n const dataStr = JSON.stringify(data, null, 2)\n return res.type('json').send(dataStr)\n}\n","import type { Request, Response } from 'express'\nimport { Environment, assertPath, getAuthClientMountPath, getAuthOrigin, getCustomHeaderNames, getMainAuthDomainVariants, getOrigin } from '@onelyid/common'\nimport { AuthMiddlewareConfig, UserInfo } from './types/common';\n\nexport async function initAuthFlow(req: Request, res: Response, config: AuthMiddlewareConfig | undefined) {\n const searchParams = new URLSearchParams(req.query as Record<string, string>)\n const redirectUrl = searchParams.get('continue') || '/'\n if (await req.getAuth()) {\n return res.redirect(redirectUrl)\n }\n\n const authOriginObj = getAuthOrigin(req)\n const authClientMountPath = getAuthClientMountPath()\n const { isMainAuthDomainVariant } = getMainAuthDomainVariants(req)\n\n if (authOriginObj && !isMainAuthDomainVariant) {\n const authOrigin = authOriginObj.authOrigin\n let continueUrl = config?.loginRedirect\n if (!continueUrl) {\n continueUrl = req.get('referer')\n }\n if (!continueUrl) {\n continueUrl = `${getOrigin(req)}${req.originalUrl}`\n }\n const redirectUrl = new URL(`${authOrigin}${authClientMountPath}/login/redirect`)\n redirectUrl.searchParams.set('continue', continueUrl)\n if (req.mode) {\n redirectUrl.searchParams.set('request_mode', req.mode)\n }\n return res.redirect(redirectUrl.href)\n }\n res.redirect('/')\n}\n\nasync function authSessionApi<T extends object>(route: string, req: Request, res?: Response, body?: object | null) {\n type RetType = Partial<T & { ok?: boolean, error?: string }>\n\n const isPost = typeof body !== 'undefined'\n const authClientMountPath = getAuthClientMountPath()\n const customHeaders = getCustomHeaderNames()\n\n const authOriginObj = getAuthOrigin(req);\n if (!authOriginObj) {\n return { ok: true } as RetType\n }\n\n const routePath = assertPath(route)\n if (authOriginObj && routePath) {\n const authOrigin = authOriginObj.authOrigin\n const apiUrl = `${authOrigin}${authClientMountPath}${routePath}`\n try {\n const resp = await fetch(apiUrl, {\n method: isPost ? 'POST' : 'GET',\n headers: {\n Cookie: req.headers.cookie ?? '',\n Accept: 'application/json',\n [customHeaders.requestMode]: req.mode || Environment.Prod,\n },\n ...(body ? { body: JSON.stringify(body) } : {}),\n })\n if (res) {\n const setCookie = resp.headers.getSetCookie().find(v => v.startsWith('sid='))\n if (setCookie) {\n res.setHeader('set-cookie', setCookie)\n }\n }\n\n let data: RetType | null = null;\n try {\n data = (await resp.json()) as RetType\n } catch(e) {}\n\n if (typeof data?.ok !== 'undefined') {\n return data\n } else {\n return { error: `Invalid response for api call for ${apiUrl} [${req.path}]` } as RetType\n }\n } catch(err: any) {\n console.error(err);\n // console.error(`${err.name}: ${err.message}`);\n return { error: `Error during auth session api call for ${apiUrl} [${req.path}]` } as RetType\n }\n }\n\n return { error: `Invalid auth session api call for ${authOriginObj?.authOrigin} [${routePath}]` } as RetType\n}\n\nexport async function getSessionUser(req: Request) {\n return authSessionApi<{ user?: UserInfo | null }>('/userinfo', req)\n}\n\nexport async function destroySession(req: Request, res: Response) {\n return authSessionApi<{}>('/logout', req, res, null)\n}\n","import type { Request, Response, NextFunction} from 'express';\nimport https from 'node:https';\nimport http from 'node:http';\nimport { getAuthClientMountPath, getAuthOrigin, getCustomHeaderNames, getMainAuthDomain, getOrigin } from '@onelyid/common';\n\nconst authClientMountPath = getAuthClientMountPath()\nconst authProxyPaths = [\n // '/',\n // '/public/styles.css',\n // '/login',\n // '/logout',\n '/oauth-client-metadata.json',\n `${authClientMountPath}/login/redirect`,\n `${authClientMountPath}/login`,\n `${authClientMountPath}/callback`,\n `${authClientMountPath}/transfer-local-session`,\n `${authClientMountPath}/userinfo`,\n `${authClientMountPath}/logout`,\n];\n\nexport const authProxyMiddleware = (req: Request, res: Response, next: NextFunction) => {\n const origin = getOrigin(req)\n const authOriginObj = getAuthOrigin(req)\n const useProxy = (origin && origin === authOriginObj?.authOrigin) || authOriginObj?.isLocalhost\n if (!useProxy) {\n return next()\n } \n\n const mainAuthDomain = getMainAuthDomain(req)\n const authProxyTargetOrigin = `https://${mainAuthDomain}`;\n\n if (!authProxyPaths.includes(req.path)) {\n // console.log(`[OK] No Proxy`);\n return next();\n } else {\n console.log(`[Proxy] ${req.method} ${req.url}`);\n }\n\n // Parse the target URL\n const targetUrl = new URL(req.url, authProxyTargetOrigin);\n \n // Choose http or https module based on 'target url' protocol\n const client = targetUrl.protocol === 'https:' ? https : http;\n\n const customHeaders = getCustomHeaderNames()\n \n // Prepare request options\n const options = {\n hostname: targetUrl.hostname, // TCP target\n servername: targetUrl.hostname, // TLS SNI (optional, otherwise defaults to headers.host)\n port: targetUrl.port,\n path: targetUrl.pathname + targetUrl.search,\n method: req.method,\n headers: {\n ...req.headers,\n host: targetUrl.hostname, // Override host header\n [customHeaders.proxyOrigin]: `${req.protocol}://${req.get('host')}`\n },\n };\n \n // Make the request to the target server\n const proxyReq = client.request(options, (proxyRes) => {\n // Forward status code\n res.status(proxyRes.statusCode ?? 500);\n \n // Forward headers\n Object.keys(proxyRes.headers).forEach(key => {\n res.setHeader(key, proxyRes.headers[key] as string);\n });\n \n // Pipe the response back to client\n proxyRes.pipe(res);\n });\n \n // Handle errors\n proxyReq.on('error', (err) => {\n console.error('Proxy error:', err);\n res.status(500).send('Proxy error');\n });\n \n // Pipe the request body (for POST, PUT, etc.)\n req.pipe(proxyReq);\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,qBAAoB;AAEpB,IAAAA,iBAA2D;;;ACD3D,oBAA2I;AAG3I,eAAsB,aAAa,KAAc,KAAe,QAA0C;AACxG,QAAM,eAAe,IAAI,gBAAgB,IAAI,KAA+B;AAC5E,QAAM,cAAc,aAAa,IAAI,UAAU,KAAK;AACpD,MAAI,MAAM,IAAI,QAAQ,GAAG;AACvB,WAAO,IAAI,SAAS,WAAW;AAAA,EACjC;AAEA,QAAM,oBAAgB,6BAAc,GAAG;AACvC,QAAMC,2BAAsB,sCAAuB;AACnD,QAAM,EAAE,wBAAwB,QAAI,yCAA0B,GAAG;AAEjE,MAAI,iBAAiB,CAAC,yBAAyB;AAC7C,UAAM,aAAa,cAAc;AACjC,QAAI,cAAc,QAAQ;AAC1B,QAAI,CAAC,aAAa;AAChB,oBAAc,IAAI,IAAI,SAAS;AAAA,IACjC;AACA,QAAI,CAAC,aAAa;AAChB,oBAAc,OAAG,yBAAU,GAAG,CAAC,GAAG,IAAI,WAAW;AAAA,IACnD;AACA,UAAMC,eAAc,IAAI,IAAI,GAAG,UAAU,GAAGD,oBAAmB,iBAAiB;AAChF,IAAAC,aAAY,aAAa,IAAI,YAAY,WAAW;AACpD,QAAI,IAAI,MAAM;AACZ,MAAAA,aAAY,aAAa,IAAI,gBAAgB,IAAI,IAAI;AAAA,IACvD;AACA,WAAO,IAAI,SAASA,aAAY,IAAI;AAAA,EACtC;AACA,MAAI,SAAS,GAAG;AAClB;AAEA,eAAe,eAAiC,OAAe,KAAc,KAAgB,MAAsB;AAGjH,QAAM,SAAS,OAAO,SAAS;AAC/B,QAAMD,2BAAsB,sCAAuB;AACnD,QAAM,oBAAgB,oCAAqB;AAE3C,QAAM,oBAAgB,6BAAc,GAAG;AACvC,MAAI,CAAC,eAAe;AAClB,WAAO,EAAE,IAAI,KAAK;AAAA,EACpB;AAEA,QAAM,gBAAY,0BAAW,KAAK;AAClC,MAAI,iBAAiB,WAAW;AAC9B,UAAM,aAAa,cAAc;AACjC,UAAM,SAAS,GAAG,UAAU,GAAGA,oBAAmB,GAAG,SAAS;AAC9D,QAAI;AACF,YAAM,OAAO,MAAM,MAAM,QAAQ;AAAA,QAC/B,QAAQ,SAAS,SAAS;AAAA,QAC1B,SAAS;AAAA,UACP,QAAQ,IAAI,QAAQ,UAAU;AAAA,UAC9B,QAAQ;AAAA,UACR,CAAC,cAAc,WAAW,GAAG,IAAI,QAAQ,0BAAY;AAAA,QACvD;AAAA,QACA,GAAI,OAAO,EAAE,MAAM,KAAK,UAAU,IAAI,EAAE,IAAI,CAAC;AAAA,MAC/C,CAAC;AACD,UAAI,KAAK;AACP,cAAM,YAAY,KAAK,QAAQ,aAAa,EAAE,KAAK,OAAK,EAAE,WAAW,MAAM,CAAC;AAC5E,YAAI,WAAW;AACb,cAAI,UAAU,cAAc,SAAS;AAAA,QACvC;AAAA,MACF;AAEA,UAAI,OAAuB;AAC3B,UAAI;AACF,eAAQ,MAAM,KAAK,KAAK;AAAA,MAC1B,SAAQ,GAAG;AAAA,MAAC;AAEZ,UAAI,OAAO,MAAM,OAAO,aAAa;AACnC,eAAO;AAAA,MACT,OAAO;AACL,eAAO,EAAE,OAAO,qCAAqC,MAAM,KAAK,IAAI,IAAI,IAAI;AAAA,MAC9E;AAAA,IACF,SAAQ,KAAU;AAChB,cAAQ,MAAM,GAAG;AAEjB,aAAO,EAAE,OAAO,0CAA0C,MAAM,KAAK,IAAI,IAAI,IAAI;AAAA,IACnF;AAAA,EACF;AAEA,SAAO,EAAE,OAAO,qCAAqC,eAAe,UAAU,KAAK,SAAS,IAAI;AAClG;AAEA,eAAsB,eAAe,KAAc;AACjD,SAAO,eAA2C,aAAa,GAAG;AACpE;AAEA,eAAsB,eAAe,KAAc,KAAe;AAChE,SAAO,eAAmB,WAAW,KAAK,KAAK,IAAI;AACrD;;;AC5FA,wBAAkB;AAClB,uBAAiB;AACjB,IAAAE,iBAA0G;AAE1G,IAAM,0BAAsB,uCAAuB;AACnD,IAAM,iBAAiB;AAAA;AAAA;AAAA;AAAA;AAAA,EAKrB;AAAA,EACA,GAAG,mBAAmB;AAAA,EACtB,GAAG,mBAAmB;AAAA,EACtB,GAAG,mBAAmB;AAAA,EACtB,GAAG,mBAAmB;AAAA,EACtB,GAAG,mBAAmB;AAAA,EACtB,GAAG,mBAAmB;AACxB;AAEO,IAAM,sBAAsB,CAAC,KAAc,KAAe,SAAuB;AACtF,QAAM,aAAS,0BAAU,GAAG;AAC5B,QAAM,oBAAgB,8BAAc,GAAG;AACvC,QAAM,WAAY,UAAU,WAAW,eAAe,cAAe,eAAe;AACpF,MAAI,CAAC,UAAU;AACb,WAAO,KAAK;AAAA,EACd;AAEA,QAAM,qBAAiB,kCAAkB,GAAG;AAC5C,QAAM,wBAAwB,WAAW,cAAc;AAEvD,MAAI,CAAC,eAAe,SAAS,IAAI,IAAI,GAAG;AAEtC,WAAO,KAAK;AAAA,EACd,OAAO;AACL,YAAQ,IAAI,WAAW,IAAI,MAAM,IAAI,IAAI,GAAG,EAAE;AAAA,EAChD;AAGA,QAAM,YAAY,IAAI,IAAI,IAAI,KAAK,qBAAqB;AAGxD,QAAM,SAAS,UAAU,aAAa,WAAW,kBAAAC,UAAQ,iBAAAC;AAEzD,QAAM,oBAAgB,qCAAqB;AAG3C,QAAM,UAAU;AAAA,IACd,UAAU,UAAU;AAAA;AAAA,IACpB,YAAY,UAAU;AAAA;AAAA,IACtB,MAAM,UAAU;AAAA,IAChB,MAAM,UAAU,WAAW,UAAU;AAAA,IACrC,QAAQ,IAAI;AAAA,IACZ,SAAS;AAAA,MACP,GAAG,IAAI;AAAA,MACP,MAAM,UAAU;AAAA;AAAA,MAChB,CAAC,cAAc,WAAW,GAAG,GAAG,IAAI,QAAQ,MAAM,IAAI,IAAI,MAAM,CAAC;AAAA,IACnE;AAAA,EACF;AAGA,QAAM,WAAW,OAAO,QAAQ,SAAS,CAAC,aAAa;AAErD,QAAI,OAAO,SAAS,cAAc,GAAG;AAGrC,WAAO,KAAK,SAAS,OAAO,EAAE,QAAQ,SAAO;AAC3C,UAAI,UAAU,KAAK,SAAS,QAAQ,GAAG,CAAW;AAAA,IACpD,CAAC;AAGD,aAAS,KAAK,GAAG;AAAA,EACnB,CAAC;AAGD,WAAS,GAAG,SAAS,CAAC,QAAQ;AAC5B,YAAQ,MAAM,gBAAgB,GAAG;AACjC,QAAI,OAAO,GAAG,EAAE,KAAK,aAAa;AAAA,EACpC,CAAC;AAGD,MAAI,KAAK,QAAQ;AACnB;;;AF3EO,IAAM,iBAAiB,CAAC,WAAkD;AAC/E,QAAM,SAAS,eAAAC,QAAQ,OAAO;AAG9B,SAAO,IAAI,OAAO,KAAK,KAAK,SAAS;AACnC,QAAI,WAAO,kCAAkB,QAAQ,IAAI,KAAK,2BAAY;AAE1D,QAAI,WAAW,MAAM,aAAa,KAAK,KAAK,MAAM;AAClD,QAAI,UAAU,MAAM,WAAW,GAAG;AAElC,QAAI,YAAY,MAAM,cAAc,KAAK,GAAG;AAG5C,QAAI,OAAO,CAAC,SAAkB,SAAS,KAAK,IAAI;AAEhD,SAAK;AAAA,EACP,CAAC;AAED,SAAO,IAAI,mBAAmB;AAE9B,SAAO;AACT;AAEO,IAAM,UAA0B,OAAO,KAAK,MAAM,SAAS;AAChE,QAAM,WAAW,GAAG;AACpB,OAAK;AACP;AAEO,IAAM,WAA6C,CAAC,kBAA0B,OAAO,KAAK,KAAK,SAAS;AAC7G,QAAM,WAAW,GAAG;AACpB,MAAI,CAAC,IAAI,MAAM;AACb,UAAM,WAAO,2BAAW,gBAAgB,GAAG;AAC3C,WAAO,IAAI,SAAS,IAAI;AAAA,EAC1B;AACA,OAAK;AACP;AAEA,eAAe,WAAW,KAAwC;AAChE,MAAI,IAAI,MAAM;AACZ,WAAO,IAAI;AAAA,EACb;AAEA,QAAM,EAAE,MAAM,MAAM,IAAI,MAAM,eAAe,GAAG;AAChD,MAAI,OAAO;AACT,YAAQ,MAAM,gBAAgB,KAAK;AAAA,EACrC;AAEA,MAAI,CAAC,SAAS,MAAM;AAClB,QAAI,OAAO;AAAA,EACb;AACA,MAAI,CAAC,IAAI,MAAM;AACb,QAAI,OAAO;AAAA,EACb;AACA,SAAO,IAAI;AACb;AAEA,eAAe,cAAc,KAAc,KAAe;AACxD,QAAM,EAAE,IAAI,MAAM,IAAI,MAAM,eAAe,KAAK,GAAG;AACnD,MAAI,CAAC,MAAM,OAAO;AAChB,YAAQ,MAAM,mBAAmB,EAAE,IAAI,MAAM,CAAC;AAAA,EAChD;AACF;AAEA,SAAS,SAAS,KAAe,MAAe;AAC9C,QAAM,UAAU,KAAK,UAAU,MAAM,MAAM,CAAC;AAC5C,SAAO,IAAI,KAAK,MAAM,EAAE,KAAK,OAAO;AACtC;","names":["import_common","authClientMountPath","redirectUrl","import_common","https","http","express"]}
|
|
1
|
+
{"version":3,"sources":["../src/index.ts","../src/middleware.ts","../src/auth.ts","../src/proxy-middleware.ts"],"sourcesContent":["import './types/globals.d.ts'\nexport { authMiddleware, redirect, setAuth } from './middleware'\nexport type { AuthMiddlewareConfig, UserInfo } from './types/common'\n","import express from 'express';\nimport type { Request, Response, RequestHandler } from 'express'\nimport { Environment, assertPath, assertRequestMode } from '@onelyid/common'\nimport { destroySession, getSessionUser, initAuthFlow } from './auth';\nimport { authProxyMiddleware } from './proxy-middleware';\nimport { AuthMiddlewareConfig, UserInfo } from './types/common';\n\nexport const authMiddleware = (config?: AuthMiddlewareConfig): RequestHandler => {\n const router = express.Router()\n\n // gate middleware\n router.use(async (req, res, next) => {\n req.mode = assertRequestMode(config?.mode) || Environment.Prod\n\n req.authFlow = () => initAuthFlow(req, res, config)\n req.getAuth = () => setReqAuth(req)\n\n res.clearAuth = () => deleteSession(req, res)\n\n // custom json response\n res.json = (data: unknown) => sendJson(res, data)\n\n next()\n })\n\n router.use(authProxyMiddleware)\n\n return router\n}\n\nexport const setAuth: RequestHandler = async (req, _res, next) => {\n await setReqAuth(req)\n next()\n};\n\nexport const redirect: (path: string) => RequestHandler = (redirectPath: string) => (async (req, res, next) => {\n await setReqAuth(req)\n if (!req.auth) {\n const path = assertPath(redirectPath ?? '/');\n return res.redirect(path)\n }\n next()\n}) satisfies RequestHandler;\n\nasync function setReqAuth(req: Request): Promise<UserInfo | null> {\n if (req.auth) {\n return req.auth\n }\n\n const { user, error } = await getSessionUser(req)\n if (error) {\n console.error('[setReqAuth]', error)\n }\n\n if (!error && user) {\n req.auth = user\n }\n if (!req.auth) {\n req.auth = null\n }\n return req.auth\n}\n\nasync function deleteSession(req: Request, res: Response) {\n const { ok, error } = await destroySession(req, res)\n if (!ok || error) {\n console.error('[deleteSession]', { ok, error });\n }\n}\n\nfunction sendJson(res: Response, data: unknown) {\n const dataStr = JSON.stringify(data, null, 2)\n return res.type('json').send(dataStr)\n}\n","import type { Request, Response } from 'express'\nimport { Environment, assertPath, getAuthClientMountPath, getAuthOrigin, getCustomHeaderNames, getMainAuthDomainVariants, getOrigin } from '@onelyid/common'\nimport { AuthMiddlewareConfig, UserInfo } from './types/common';\n\nexport async function initAuthFlow(req: Request, res: Response, config: AuthMiddlewareConfig | undefined) {\n const searchParams = new URLSearchParams(req.query as Record<string, string>)\n const redirectUrl = searchParams.get('continue') || '/'\n if (await req.getAuth()) {\n return res.redirect(redirectUrl)\n }\n\n const authOriginObj = getAuthOrigin(req)\n const authClientMountPath = getAuthClientMountPath()\n const { isMainAuthDomainVariant } = getMainAuthDomainVariants(req)\n\n if (authOriginObj && !isMainAuthDomainVariant) {\n const authOrigin = authOriginObj.authOrigin\n let continueUrl = config?.loginRedirect\n if (!continueUrl) {\n continueUrl = req.get('referer')\n }\n if (!continueUrl) {\n continueUrl = `${getOrigin(req)}${req.originalUrl}`\n }\n const redirectUrl = new URL(`${authOrigin}${authClientMountPath}/login/redirect`)\n redirectUrl.searchParams.set('continue', continueUrl)\n if (req.mode) {\n redirectUrl.searchParams.set('request_mode', req.mode)\n }\n return res.redirect(redirectUrl.href)\n }\n res.redirect('/')\n}\n\nasync function authSessionApi<T extends object>(route: string, req: Request, res?: Response, body?: object | null) {\n type RetType = Partial<T & { ok?: boolean, error?: string }>\n\n const isPost = typeof body !== 'undefined'\n const authClientMountPath = getAuthClientMountPath()\n const customHeaders = getCustomHeaderNames()\n\n const authOriginObj = getAuthOrigin(req);\n if (!authOriginObj) {\n return { ok: true } as RetType\n }\n\n const routePath = assertPath(route)\n if (authOriginObj && routePath) {\n const authOrigin = authOriginObj.authOrigin\n const apiUrl = `${authOrigin}${authClientMountPath}${routePath}`\n try {\n const resp = await fetch(apiUrl, {\n method: isPost ? 'POST' : 'GET',\n headers: {\n Cookie: req.headers.cookie ?? '',\n Accept: 'application/json',\n [customHeaders.requestMode]: req.mode || Environment.Prod,\n },\n ...(body ? { body: JSON.stringify(body) } : {}),\n })\n if (res) {\n const setCookie = resp.headers.getSetCookie().find(v => v.startsWith('sid='))\n if (setCookie) {\n res.setHeader('set-cookie', setCookie)\n }\n }\n\n let data: RetType | null = null;\n try {\n data = (await resp.json()) as RetType\n } catch(e) {}\n\n if (typeof data?.ok !== 'undefined') {\n return data\n } else {\n return { error: `Invalid response for api call for ${apiUrl} [${req.path}]` } as RetType\n }\n } catch(err: any) {\n console.error(err);\n // console.error(`${err.name}: ${err.message}`);\n return { error: `Error during auth session api call for ${apiUrl} [${req.path}]` } as RetType\n }\n }\n\n return { error: `Invalid auth session api call for ${authOriginObj?.authOrigin} [${routePath}]` } as RetType\n}\n\nexport async function getSessionUser(req: Request) {\n return authSessionApi<{ user?: UserInfo | null }>('/userinfo', req)\n}\n\nexport async function destroySession(req: Request, res: Response) {\n return authSessionApi<{}>('/logout', req, res, null)\n}\n","import type { Request, Response, NextFunction} from 'express';\nimport https from 'node:https';\nimport http from 'node:http';\nimport { getAuthClientMountPath, getAuthOrigin, getCustomHeaderNames, getMainAuthDomain, getOrigin } from '@onelyid/common';\n\nconst authClientMountPath = getAuthClientMountPath()\nconst authProxyPaths = [\n // '/',\n // '/public/styles.css',\n // '/login',\n // '/logout',\n '/oauth-client-metadata.json',\n `${authClientMountPath}/login/redirect`,\n `${authClientMountPath}/login`,\n `${authClientMountPath}/callback`,\n `${authClientMountPath}/transfer-local-session`,\n `${authClientMountPath}/userinfo`,\n `${authClientMountPath}/logout`,\n];\n\nexport const authProxyMiddleware = (req: Request, res: Response, next: NextFunction) => {\n const origin = getOrigin(req)\n const authOriginObj = getAuthOrigin(req)\n const useProxy = (origin && origin === authOriginObj?.authOrigin) || authOriginObj?.isLocalhost\n if (!useProxy) {\n return next()\n } \n\n const mainAuthDomain = getMainAuthDomain(req)\n const authProxyTargetOrigin = `https://${mainAuthDomain}`;\n\n if (!authProxyPaths.includes(req.path)) {\n // console.log(`[OK] No Proxy`);\n return next();\n } else {\n // console.log(`[Proxy] ${req.method} ${req.url}`);\n }\n\n // Parse the target URL\n const targetUrl = new URL(req.url, authProxyTargetOrigin);\n \n // Choose http or https module based on 'target url' protocol\n const client = targetUrl.protocol === 'https:' ? https : http;\n\n const customHeaders = getCustomHeaderNames()\n \n // Prepare request options\n const options = {\n hostname: targetUrl.hostname, // TCP target\n servername: targetUrl.hostname, // TLS SNI (optional, otherwise defaults to headers.host)\n port: targetUrl.port,\n path: targetUrl.pathname + targetUrl.search,\n method: req.method,\n headers: {\n ...req.headers,\n host: targetUrl.hostname, // Override host header\n [customHeaders.proxyOrigin]: `${req.protocol}://${req.get('host')}`\n },\n };\n \n // Make the request to the target server\n const proxyReq = client.request(options, (proxyRes) => {\n // Forward status code\n res.status(proxyRes.statusCode ?? 500);\n \n // Forward headers\n Object.keys(proxyRes.headers).forEach(key => {\n res.setHeader(key, proxyRes.headers[key] as string);\n });\n \n // Pipe the response back to client\n proxyRes.pipe(res);\n });\n \n // Handle errors\n proxyReq.on('error', (err) => {\n console.error('Proxy error:', err);\n res.status(500).send('Proxy error');\n });\n \n // Pipe the request body (for POST, PUT, etc.)\n req.pipe(proxyReq);\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,qBAAoB;AAEpB,IAAAA,iBAA2D;;;ACD3D,oBAA2I;AAG3I,eAAsB,aAAa,KAAc,KAAe,QAA0C;AACxG,QAAM,eAAe,IAAI,gBAAgB,IAAI,KAA+B;AAC5E,QAAM,cAAc,aAAa,IAAI,UAAU,KAAK;AACpD,MAAI,MAAM,IAAI,QAAQ,GAAG;AACvB,WAAO,IAAI,SAAS,WAAW;AAAA,EACjC;AAEA,QAAM,oBAAgB,6BAAc,GAAG;AACvC,QAAMC,2BAAsB,sCAAuB;AACnD,QAAM,EAAE,wBAAwB,QAAI,yCAA0B,GAAG;AAEjE,MAAI,iBAAiB,CAAC,yBAAyB;AAC7C,UAAM,aAAa,cAAc;AACjC,QAAI,cAAc,QAAQ;AAC1B,QAAI,CAAC,aAAa;AAChB,oBAAc,IAAI,IAAI,SAAS;AAAA,IACjC;AACA,QAAI,CAAC,aAAa;AAChB,oBAAc,OAAG,yBAAU,GAAG,CAAC,GAAG,IAAI,WAAW;AAAA,IACnD;AACA,UAAMC,eAAc,IAAI,IAAI,GAAG,UAAU,GAAGD,oBAAmB,iBAAiB;AAChF,IAAAC,aAAY,aAAa,IAAI,YAAY,WAAW;AACpD,QAAI,IAAI,MAAM;AACZ,MAAAA,aAAY,aAAa,IAAI,gBAAgB,IAAI,IAAI;AAAA,IACvD;AACA,WAAO,IAAI,SAASA,aAAY,IAAI;AAAA,EACtC;AACA,MAAI,SAAS,GAAG;AAClB;AAEA,eAAe,eAAiC,OAAe,KAAc,KAAgB,MAAsB;AAGjH,QAAM,SAAS,OAAO,SAAS;AAC/B,QAAMD,2BAAsB,sCAAuB;AACnD,QAAM,oBAAgB,oCAAqB;AAE3C,QAAM,oBAAgB,6BAAc,GAAG;AACvC,MAAI,CAAC,eAAe;AAClB,WAAO,EAAE,IAAI,KAAK;AAAA,EACpB;AAEA,QAAM,gBAAY,0BAAW,KAAK;AAClC,MAAI,iBAAiB,WAAW;AAC9B,UAAM,aAAa,cAAc;AACjC,UAAM,SAAS,GAAG,UAAU,GAAGA,oBAAmB,GAAG,SAAS;AAC9D,QAAI;AACF,YAAM,OAAO,MAAM,MAAM,QAAQ;AAAA,QAC/B,QAAQ,SAAS,SAAS;AAAA,QAC1B,SAAS;AAAA,UACP,QAAQ,IAAI,QAAQ,UAAU;AAAA,UAC9B,QAAQ;AAAA,UACR,CAAC,cAAc,WAAW,GAAG,IAAI,QAAQ,0BAAY;AAAA,QACvD;AAAA,QACA,GAAI,OAAO,EAAE,MAAM,KAAK,UAAU,IAAI,EAAE,IAAI,CAAC;AAAA,MAC/C,CAAC;AACD,UAAI,KAAK;AACP,cAAM,YAAY,KAAK,QAAQ,aAAa,EAAE,KAAK,OAAK,EAAE,WAAW,MAAM,CAAC;AAC5E,YAAI,WAAW;AACb,cAAI,UAAU,cAAc,SAAS;AAAA,QACvC;AAAA,MACF;AAEA,UAAI,OAAuB;AAC3B,UAAI;AACF,eAAQ,MAAM,KAAK,KAAK;AAAA,MAC1B,SAAQ,GAAG;AAAA,MAAC;AAEZ,UAAI,OAAO,MAAM,OAAO,aAAa;AACnC,eAAO;AAAA,MACT,OAAO;AACL,eAAO,EAAE,OAAO,qCAAqC,MAAM,KAAK,IAAI,IAAI,IAAI;AAAA,MAC9E;AAAA,IACF,SAAQ,KAAU;AAChB,cAAQ,MAAM,GAAG;AAEjB,aAAO,EAAE,OAAO,0CAA0C,MAAM,KAAK,IAAI,IAAI,IAAI;AAAA,IACnF;AAAA,EACF;AAEA,SAAO,EAAE,OAAO,qCAAqC,eAAe,UAAU,KAAK,SAAS,IAAI;AAClG;AAEA,eAAsB,eAAe,KAAc;AACjD,SAAO,eAA2C,aAAa,GAAG;AACpE;AAEA,eAAsB,eAAe,KAAc,KAAe;AAChE,SAAO,eAAmB,WAAW,KAAK,KAAK,IAAI;AACrD;;;AC5FA,wBAAkB;AAClB,uBAAiB;AACjB,IAAAE,iBAA0G;AAE1G,IAAM,0BAAsB,uCAAuB;AACnD,IAAM,iBAAiB;AAAA;AAAA;AAAA;AAAA;AAAA,EAKrB;AAAA,EACA,GAAG,mBAAmB;AAAA,EACtB,GAAG,mBAAmB;AAAA,EACtB,GAAG,mBAAmB;AAAA,EACtB,GAAG,mBAAmB;AAAA,EACtB,GAAG,mBAAmB;AAAA,EACtB,GAAG,mBAAmB;AACxB;AAEO,IAAM,sBAAsB,CAAC,KAAc,KAAe,SAAuB;AACtF,QAAM,aAAS,0BAAU,GAAG;AAC5B,QAAM,oBAAgB,8BAAc,GAAG;AACvC,QAAM,WAAY,UAAU,WAAW,eAAe,cAAe,eAAe;AACpF,MAAI,CAAC,UAAU;AACb,WAAO,KAAK;AAAA,EACd;AAEA,QAAM,qBAAiB,kCAAkB,GAAG;AAC5C,QAAM,wBAAwB,WAAW,cAAc;AAEvD,MAAI,CAAC,eAAe,SAAS,IAAI,IAAI,GAAG;AAEtC,WAAO,KAAK;AAAA,EACd,OAAO;AAAA,EAEP;AAGA,QAAM,YAAY,IAAI,IAAI,IAAI,KAAK,qBAAqB;AAGxD,QAAM,SAAS,UAAU,aAAa,WAAW,kBAAAC,UAAQ,iBAAAC;AAEzD,QAAM,oBAAgB,qCAAqB;AAG3C,QAAM,UAAU;AAAA,IACd,UAAU,UAAU;AAAA;AAAA,IACpB,YAAY,UAAU;AAAA;AAAA,IACtB,MAAM,UAAU;AAAA,IAChB,MAAM,UAAU,WAAW,UAAU;AAAA,IACrC,QAAQ,IAAI;AAAA,IACZ,SAAS;AAAA,MACP,GAAG,IAAI;AAAA,MACP,MAAM,UAAU;AAAA;AAAA,MAChB,CAAC,cAAc,WAAW,GAAG,GAAG,IAAI,QAAQ,MAAM,IAAI,IAAI,MAAM,CAAC;AAAA,IACnE;AAAA,EACF;AAGA,QAAM,WAAW,OAAO,QAAQ,SAAS,CAAC,aAAa;AAErD,QAAI,OAAO,SAAS,cAAc,GAAG;AAGrC,WAAO,KAAK,SAAS,OAAO,EAAE,QAAQ,SAAO;AAC3C,UAAI,UAAU,KAAK,SAAS,QAAQ,GAAG,CAAW;AAAA,IACpD,CAAC;AAGD,aAAS,KAAK,GAAG;AAAA,EACnB,CAAC;AAGD,WAAS,GAAG,SAAS,CAAC,QAAQ;AAC5B,YAAQ,MAAM,gBAAgB,GAAG;AACjC,QAAI,OAAO,GAAG,EAAE,KAAK,aAAa;AAAA,EACpC,CAAC;AAGD,MAAI,KAAK,QAAQ;AACnB;;;AF3EO,IAAM,iBAAiB,CAAC,WAAkD;AAC/E,QAAM,SAAS,eAAAC,QAAQ,OAAO;AAG9B,SAAO,IAAI,OAAO,KAAK,KAAK,SAAS;AACnC,QAAI,WAAO,kCAAkB,QAAQ,IAAI,KAAK,2BAAY;AAE1D,QAAI,WAAW,MAAM,aAAa,KAAK,KAAK,MAAM;AAClD,QAAI,UAAU,MAAM,WAAW,GAAG;AAElC,QAAI,YAAY,MAAM,cAAc,KAAK,GAAG;AAG5C,QAAI,OAAO,CAAC,SAAkB,SAAS,KAAK,IAAI;AAEhD,SAAK;AAAA,EACP,CAAC;AAED,SAAO,IAAI,mBAAmB;AAE9B,SAAO;AACT;AAEO,IAAM,UAA0B,OAAO,KAAK,MAAM,SAAS;AAChE,QAAM,WAAW,GAAG;AACpB,OAAK;AACP;AAEO,IAAM,WAA6C,CAAC,kBAA0B,OAAO,KAAK,KAAK,SAAS;AAC7G,QAAM,WAAW,GAAG;AACpB,MAAI,CAAC,IAAI,MAAM;AACb,UAAM,WAAO,2BAAW,gBAAgB,GAAG;AAC3C,WAAO,IAAI,SAAS,IAAI;AAAA,EAC1B;AACA,OAAK;AACP;AAEA,eAAe,WAAW,KAAwC;AAChE,MAAI,IAAI,MAAM;AACZ,WAAO,IAAI;AAAA,EACb;AAEA,QAAM,EAAE,MAAM,MAAM,IAAI,MAAM,eAAe,GAAG;AAChD,MAAI,OAAO;AACT,YAAQ,MAAM,gBAAgB,KAAK;AAAA,EACrC;AAEA,MAAI,CAAC,SAAS,MAAM;AAClB,QAAI,OAAO;AAAA,EACb;AACA,MAAI,CAAC,IAAI,MAAM;AACb,QAAI,OAAO;AAAA,EACb;AACA,SAAO,IAAI;AACb;AAEA,eAAe,cAAc,KAAc,KAAe;AACxD,QAAM,EAAE,IAAI,MAAM,IAAI,MAAM,eAAe,KAAK,GAAG;AACnD,MAAI,CAAC,MAAM,OAAO;AAChB,YAAQ,MAAM,mBAAmB,EAAE,IAAI,MAAM,CAAC;AAAA,EAChD;AACF;AAEA,SAAS,SAAS,KAAe,MAAe;AAC9C,QAAM,UAAU,KAAK,UAAU,MAAM,MAAM,CAAC;AAC5C,SAAO,IAAI,KAAK,MAAM,EAAE,KAAK,OAAO;AACtC;","names":["import_common","authClientMountPath","redirectUrl","import_common","https","http","express"]}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@onelyid/express",
|
|
3
|
-
"version": "0.2.
|
|
3
|
+
"version": "0.2.2",
|
|
4
4
|
"description": "ATProto Auth client for Express.js",
|
|
5
5
|
"author": "abraj",
|
|
6
6
|
"license": "MIT",
|
|
@@ -32,7 +32,7 @@
|
|
|
32
32
|
"backend"
|
|
33
33
|
],
|
|
34
34
|
"dependencies": {
|
|
35
|
-
"@onelyid/common": "0.2.
|
|
35
|
+
"@onelyid/common": "0.2.2"
|
|
36
36
|
},
|
|
37
37
|
"peerDependencies": {
|
|
38
38
|
"express": "^4.22.1"
|