npm - @openape/nuxt-auth-sp - Versions diffs - 0.1.3 → 0.1.5 - Mend

@openape/nuxt-auth-sp 0.1.3 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/dist/module.d.mts +2 -2
package/dist/module.d.ts +2 -2
package/dist/module.json +2 -2
package/dist/module.mjs +1 -1
package/dist/runtime/middleware/openape-auth.js +0 -1
package/dist/runtime/server/api/callback.get.js +0 -3
package/dist/runtime/server/api/login.post.js +0 -2
package/dist/runtime/server/api/logout.post.js +0 -2
package/dist/runtime/server/api/me.get.js +0 -2
package/dist/runtime/server/routes/well-known/sp-manifest.json.get.js +1 -3
package/dist/runtime/server/utils/sp-config.js +1 -3
package/dist/runtime/server/utils/sp-session.js +0 -2
package/package.json +6 -14
package/LICENSE +0 -21
package/README.md +0 -122

package/dist/module.d.mts CHANGED Viewed

@@ -1,4 +1,4 @@
-import * as nuxt_schema from 'nuxt/schema';
+import * as _nuxt_schema from '@nuxt/schema';
 interface ModuleOptions {
     spId: string;
@@ -6,7 +6,7 @@ interface ModuleOptions {
     sessionSecret: string;
     openapeUrl: string;
 }
-declare const _default: nuxt_schema.NuxtModule<ModuleOptions, ModuleOptions, false>;
+declare const _default: _nuxt_schema.NuxtModule<ModuleOptions, ModuleOptions, false>;
 export { _default as default };
 export type { ModuleOptions };

package/dist/module.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import * as nuxt_schema from 'nuxt/schema';
+import * as _nuxt_schema from '@nuxt/schema';
 interface ModuleOptions {
     spId: string;
@@ -6,7 +6,7 @@ interface ModuleOptions {
     sessionSecret: string;
     openapeUrl: string;
 }
-declare const _default: nuxt_schema.NuxtModule<ModuleOptions, ModuleOptions, false>;
+declare const _default: _nuxt_schema.NuxtModule<ModuleOptions, ModuleOptions, false>;
 export { _default as default };
 export type { ModuleOptions };

package/dist/module.json CHANGED Viewed

@@ -1,9 +1,9 @@
 {
   "name": "@openape/nuxt-auth-sp",
   "configKey": "openapeSp",
-  "version": "0.1.3",
+  "version": "0.1.0",
   "builder": {
     "@nuxt/module-builder": "0.8.4",
-    "unbuild": "unknown"
+    "unbuild": "2.0.0"
   }
 }

package/dist/module.mjs CHANGED Viewed

@@ -8,7 +8,7 @@ const module = defineNuxtModule({
   },
   defaults: {
     spId: "",
-    spName: "OpenApe Service Provider",
+    spName: "OpenAPE Service Provider",
     sessionSecret: "change-me-sp-secret-at-least-32-chars-long",
     openapeUrl: ""
   },

package/dist/runtime/middleware/openape-auth.js CHANGED Viewed

@@ -1,5 +1,4 @@
 import { defineNuxtRouteMiddleware, navigateTo } from "#imports";
-import { useOpenApeAuth } from "../composables/useOpenApeAuth.js";
 export default defineNuxtRouteMiddleware(async () => {
   const { user, fetchUser, loading } = useOpenApeAuth();
   if (loading.value) await fetchUser();

package/dist/runtime/server/api/callback.get.js CHANGED Viewed

@@ -1,7 +1,4 @@
-import { defineEventHandler, getQuery, getRequestURL, sendRedirect } from "h3";
 import { handleCallback } from "@openape/auth";
-import { getFlowState, getSpConfig, clearFlowState } from "../utils/sp-config.js";
-import { getSpSession } from "../utils/sp-session.js";
 export default defineEventHandler(async (event) => {
   const query = getQuery(event);
   const { code, state, error, error_description } = query;

package/dist/runtime/server/api/login.post.js CHANGED Viewed

@@ -1,6 +1,4 @@
-import { createError, defineEventHandler, getRequestURL, readBody } from "h3";
 import { createAuthorizationURL, discoverIdP } from "@openape/auth";
-import { getSpConfig, saveFlowState } from "../utils/sp-config.js";
 export default defineEventHandler(async (event) => {
   const body = await readBody(event);
   const { spId, openapeUrl } = getSpConfig();

package/dist/runtime/server/api/logout.post.js CHANGED Viewed

@@ -1,5 +1,3 @@
-import { defineEventHandler } from "h3";
-import { getSpSession } from "../utils/sp-session.js";
 export default defineEventHandler(async (event) => {
   const session = await getSpSession(event);
   await session.clear();

package/dist/runtime/server/api/me.get.js CHANGED Viewed

@@ -1,5 +1,3 @@
-import { createError, defineEventHandler } from "h3";
-import { getSpSession } from "../utils/sp-session.js";
 export default defineEventHandler(async (event) => {
   const session = await getSpSession(event);
   const data = session.data;

package/dist/runtime/server/routes/well-known/sp-manifest.json.get.js CHANGED Viewed

@@ -1,6 +1,4 @@
-import { defineEventHandler, getRequestURL } from "h3";
 import { createSPManifest } from "@openape/auth";
-import { getSpConfig } from "../../utils/sp-config.js";
 export default defineEventHandler((event) => {
   const { spId, spName } = getSpConfig();
   const origin = getRequestURL(event).origin;
@@ -8,6 +6,6 @@ export default defineEventHandler((event) => {
     sp_id: spId,
     name: spName,
     redirect_uris: [`${origin}/api/callback`],
-    description: `${spName} \u2014 OpenApe Service Provider`
+    description: `${spName} \u2014 OpenAPE Service Provider`
   });
 });

package/dist/runtime/server/utils/sp-config.js CHANGED Viewed

@@ -1,12 +1,10 @@
-import { useSession } from "h3";
-import { useRuntimeConfig } from "nitropack/runtime";
 const FLOW_COOKIE = "openape-flow";
 export function getSpConfig() {
   const config = useRuntimeConfig();
   return {
     spId: config.openapeSp.spId || "sp.example.com",
     openapeUrl: config.openapeSp.openapeUrl || "",
-    spName: config.openapeSp.spName || "OpenApe Service Provider"
+    spName: config.openapeSp.spName || "OpenAPE Service Provider"
   };
 }
 export async function saveFlowState(event, state, flow) {

package/dist/runtime/server/utils/sp-session.js CHANGED Viewed

@@ -1,5 +1,3 @@
-import { useSession } from "h3";
-import { useRuntimeConfig } from "nitropack/runtime";
 export async function getSpSession(event) {
   const config = useRuntimeConfig();
   return await useSession(event, {

package/package.json CHANGED Viewed

@@ -1,9 +1,9 @@
 {
   "name": "@openape/nuxt-auth-sp",
   "type": "module",
-  "version": "0.1.3",
-  "description": "OpenApe Service Provider Nuxt module — adds OIDC login via DNS-based IdP discovery",
-  "author": "Patrick Hofmann",
+  "version": "0.1.5",
+  "description": "OpenAPE Service Provider Nuxt module \u2014 adds OIDC login via DNS-based IdP discovery",
+  "author": "Delta Mind GmbH",
   "license": "MIT",
   "exports": {
     ".": {
@@ -23,10 +23,9 @@
   },
   "dependencies": {
     "@nuxt/kit": "^3.16.0",
-    "@openape/auth": "^0.1.0",
-    "@openape/core": "^0.1.0",
-    "defu": "^6.1.4",
-    "h3": "^1.15.0"
+    "@openape/auth": "^0.1.2",
+    "@openape/core": "^0.1.2",
+    "defu": "^6.1.4"
   },
   "peerDependencies": {
     "nuxt": "^4.0.0"
@@ -35,12 +34,5 @@
     "@nuxt/module-builder": "^0.8.4",
     "nuxt": "^4.3.1",
     "typescript": "^5.7.0"
-  },
-  "publishConfig": {
-    "access": "public"
-  },
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/openape-ai/nuxt-auth-sp.git"
   }
 }

package/LICENSE DELETED Viewed

@@ -1,21 +0,0 @@
-MIT License
-Copyright (c) 2024-2025 Patrick Hofmann
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.

package/README.md DELETED Viewed

@@ -1,122 +0,0 @@
-# @openape/nuxt-auth-sp
-Nuxt module that adds **DDISA-based login** to your application. Users enter their email, the module discovers their Identity Provider via DNS, and handles the full authorization flow — no pre-configured IdP list needed.
-## Installation
-```bash
-npm install @openape/nuxt-auth-sp
-```
-```typescript
-// nuxt.config.ts
-export default defineNuxtConfig({
-  modules: ['@openape/nuxt-auth-sp'],
-  openapeSp: {
-    spId: 'sp.example.com',
-    spName: 'My Service',
-    sessionSecret: 'your-secret-min-32-chars...',
-  },
-})
-```
-## Configuration
-| Option | Type | Default | Description |
-|--------|------|---------|-------------|
-| `spId` | `string` | — | **Required.** Service Provider identifier (typically your domain) |
-| `spName` | `string` | `'OpenApe Service Provider'` | Display name shown during authorization |
-| `sessionSecret` | `string` | `'change-me-sp-secret-...'` | Session encryption key |
-| `openapeUrl` | `string` | — | Override IdP URL (bypasses DNS discovery) |
-## Routes
-| Method | Path | Description |
-|--------|------|-------------|
-| `POST` | `/api/login` | Start login — `{ email }` → `{ redirectUrl }` |
-| `GET` | `/api/callback` | Handle callback from IdP |
-| `POST` | `/api/logout` | End session |
-| `GET` | `/api/me` | Get current user (`DDISAAssertionClaims`) |
-| `GET` | `/.well-known/sp-manifest.json` | SP manifest for IdP discovery |
-## Composables
-### `useOpenApeAuth()`
-```typescript
-const { user, loading, fetchUser, login, logout } = useOpenApeAuth()
-// user: Ref<DDISAAssertionClaims | null>
-// DDISAAssertionClaims: { sub, iss, aud, act, iat, exp, nonce, ... }
-await login('user@example.com')  // Redirects to user's IdP
-await logout()                   // Clears session, navigates to /
-```
-## Middleware
-The module provides an `openape-auth` middleware that protects pages from unauthenticated access.
-```typescript
-// pages/dashboard.vue
-definePageMeta({
-  middleware: 'openape-auth',
-})
-```
-Unauthenticated users are redirected to the login page.
-## DNS Discovery
-When a user logs in with `user@example.com`, the module:
-1. Extracts the domain (`example.com`)
-2. Looks up the `_ddisa.example.com` TXT record
-3. Parses the DDISA record to find the IdP URL
-4. Redirects the user to the IdP's authorization endpoint with PKCE
-5. Handles the callback and validates the signed assertion
-This means any domain with a DDISA DNS record can authenticate — no pre-registration needed.
-For details on DNS resolution, see [`@openape/core`](../core).
-## Quick Start
-```typescript
-// nuxt.config.ts
-export default defineNuxtConfig({
-  modules: ['@openape/nuxt-auth-sp'],
-  openapeSp: {
-    spId: 'localhost:3001',
-    spName: 'My App',
-    sessionSecret: 'at-least-32-characters-long-secret-here',
-  },
-})
-```
-```vue
-<!-- pages/index.vue -->
-<script setup>
-const { user, login, logout } = useOpenApeAuth()
-const email = ref('')
-</script>
-<template>
-  <div v-if="user">
-    Logged in as {{ user.sub }}
-    <button @click="logout">Logout</button>
-  </div>
-  <form v-else @submit.prevent="login(email)">
-    <input v-model="email" type="email" placeholder="you@example.com" />
-    <button type="submit">Login</button>
-  </form>
-</template>
-```
-See the [examples](../examples) directory for a fully working SP setup.
-## License
-[MIT](./LICENSE)