@phila/sso-nuxt 0.0.2 → 0.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/README.md +145 -0
  2. package/dist/module.js +6 -1
  3. package/dist/module.js.map +1 -1
  4. package/dist/runtime/middleware.auth.js +8 -3
  5. package/dist/runtime/middleware.auth.js.map +1 -1
  6. package/dist/runtime/plugin.client.js +7 -1
  7. package/dist/runtime/plugin.client.js.map +1 -1
  8. package/package.json +7 -3
package/README.md ADDED
@@ -0,0 +1,145 @@
1
+ # @phila/sso-nuxt
2
+
3
+ Nuxt 3 module for Azure AD B2C authentication. Installs Pinia, registers a client plugin, auto-imports `useAuth` and `useSSOStore`, and optionally guards all routes.
4
+
5
+ ## Installation
6
+
7
+ ```bash
8
+ pnpm add @phila/sso-nuxt @phila/sso-core @phila/sso-vue @azure/msal-browser
9
+ ```
10
+
11
+ ## Setup
12
+
13
+ Add the module to your `nuxt.config.ts`:
14
+
15
+ ```ts
16
+ export default defineNuxtConfig({
17
+ modules: ["@phila/sso-nuxt"],
18
+
19
+ sso: {
20
+ globalAuth: true,
21
+ loginPath: "/login",
22
+ excludePaths: ["/logout"],
23
+ },
24
+ });
25
+ ```
26
+
27
+ ## Module Options
28
+
29
+ | Option | Type | Default | Description |
30
+ | --------------------- | ---------- | ------------------------- | ----------------------------------------------------------------------- |
31
+ | `globalAuth` | `boolean` | `true` | Register a global route middleware that redirects unauthenticated users |
32
+ | `loginPath` | `string` | `"/login"` | Path to redirect unauthenticated users to |
33
+ | `excludePaths` | `string[]` | `["/logout"]` | Paths that bypass the auth middleware (matched with `startsWith`) |
34
+ | `signInPolicy` | `string` | `"B2C_1A_AD_SIGNIN_ONLY"` | B2C sign-in user flow |
35
+ | `resetPasswordPolicy` | `string` | `"B2C_1A_PASSWORDRESET"` | B2C password reset user flow |
36
+
37
+ ## Runtime Configuration
38
+
39
+ The module exposes all SSO settings via Nuxt runtime config. Set them in `nuxt.config.ts` or override with environment variables:
40
+
41
+ | Runtime Config Key | Environment Variable | Default |
42
+ | ------------------------ | --------------------------------------- | ---------------------------- |
43
+ | `ssoClientId` | `NUXT_PUBLIC_SSO_CLIENT_ID` | `""` |
44
+ | `ssoRedirectUri` | `NUXT_PUBLIC_SSO_REDIRECT_URI` | `"http://localhost:3000"` |
45
+ | `ssoTenant` | `NUXT_PUBLIC_SSO_TENANT` | `"PhilaB2CDev"` |
46
+ | `ssoAuthorityDomain` | `NUXT_PUBLIC_SSO_AUTHORITY_DOMAIN` | `"PhilaB2CDev.b2clogin.com"` |
47
+ | `ssoApiScope` | `NUXT_PUBLIC_SSO_API_SCOPE` | `""` |
48
+ | `ssoSignInPolicy` | `NUXT_PUBLIC_SSO_SIGN_IN_POLICY` | from module options |
49
+ | `ssoResetPasswordPolicy` | `NUXT_PUBLIC_SSO_RESET_PASSWORD_POLICY` | from module options |
50
+ | `ssoLoginPath` | `NUXT_PUBLIC_SSO_LOGIN_PATH` | from module options |
51
+ | `ssoExcludePaths` | `NUXT_PUBLIC_SSO_EXCLUDE_PATHS` | from module options |
52
+
53
+ Example `.env`:
54
+
55
+ ```env
56
+ NUXT_PUBLIC_SSO_CLIENT_ID=your-client-id
57
+ NUXT_PUBLIC_SSO_TENANT=YourTenant
58
+ NUXT_PUBLIC_SSO_AUTHORITY_DOMAIN=YourTenant.b2clogin.com
59
+ NUXT_PUBLIC_SSO_REDIRECT_URI=http://localhost:3000
60
+ NUXT_PUBLIC_SSO_API_SCOPE=https://YourTenant.onmicrosoft.com/api/read
61
+ ```
62
+
63
+ ### API Scopes
64
+
65
+ `ssoApiScope` accepts a comma-separated string. The module splits it into an array at runtime:
66
+
67
+ ```env
68
+ NUXT_PUBLIC_SSO_API_SCOPE=https://tenant.onmicrosoft.com/api/read,https://tenant.onmicrosoft.com/api/write
69
+ ```
70
+
71
+ ## Auto-Imports
72
+
73
+ The module auto-imports these composables globally:
74
+
75
+ - `useAuth()` — primary auth composable (state, actions, utilities)
76
+ - `useSSOStore()` — direct Pinia store access
77
+
78
+ No `import` statements needed in your components:
79
+
80
+ ```vue
81
+ <script setup>
82
+ const { isAuthenticated, userName, authReady, signIn, signOut } = useAuth();
83
+ </script>
84
+
85
+ <template>
86
+ <div v-if="!authReady">Loading...</div>
87
+ <div v-else-if="isAuthenticated">
88
+ <p>Welcome, {{ userName }}</p>
89
+ <button @click="signOut()">Sign out</button>
90
+ </div>
91
+ <div v-else>
92
+ <button @click="signIn()">Sign in</button>
93
+ </div>
94
+ </template>
95
+ ```
96
+
97
+ ## Route Middleware
98
+
99
+ When `globalAuth: true` (default), the module registers a global route middleware that:
100
+
101
+ 1. Waits for auth initialization (`authReady`) before making decisions
102
+ 2. Allows navigation to `loginPath` and all `excludePaths`
103
+ 3. Redirects unauthenticated users to `loginPath`
104
+
105
+ ### Excluding Paths
106
+
107
+ Paths in `excludePaths` are matched using `startsWith`, so `/public` also matches `/public/about`:
108
+
109
+ ```ts
110
+ export default defineNuxtConfig({
111
+ sso: {
112
+ excludePaths: ["/logout", "/public", "/callback"],
113
+ },
114
+ });
115
+ ```
116
+
117
+ The `loginPath` is always excluded automatically.
118
+
119
+ ### Disabling the Middleware
120
+
121
+ Set `globalAuth: false` to disable the global middleware and handle auth checks manually:
122
+
123
+ ```ts
124
+ export default defineNuxtConfig({
125
+ sso: {
126
+ globalAuth: false,
127
+ },
128
+ });
129
+ ```
130
+
131
+ ## What the Module Does
132
+
133
+ During setup, the module automatically:
134
+
135
+ 1. Installs `@pinia/nuxt` (apps don't need to add it separately)
136
+ 2. Adds `@phila/sso-core` and `@phila/sso-vue` to the Vite transpile list
137
+ 3. Configures Vite dev server to serve files from the monorepo root
138
+ 4. Declares all SSO keys in `runtimeConfig.public`
139
+ 5. Registers a client-only plugin that initializes the B2C auth client
140
+ 6. Auto-imports `useAuth` and `useSSOStore`
141
+ 7. Registers the global auth route middleware (when `globalAuth: true`)
142
+
143
+ ## License
144
+
145
+ MIT
package/dist/module.js CHANGED
@@ -4,7 +4,7 @@ import { dirname, resolve } from "node:path";
4
4
  import { defu } from "defu";
5
5
  const __dirname$1 = dirname(fileURLToPath(import.meta.url));
6
6
  const philaIdentityRoot = resolve(__dirname$1, "../../..");
7
- defineNuxtModule({
7
+ const module$1 = defineNuxtModule({
8
8
  meta: {
9
9
  name: "@phila/sso-nuxt",
10
10
  configKey: "sso"
@@ -30,6 +30,7 @@ defineNuxtModule({
30
30
  ssoRedirectUri: "http://localhost:3000",
31
31
  ssoTenant: "PhilaB2CDev",
32
32
  ssoAuthorityDomain: "PhilaB2CDev.b2clogin.com",
33
+ ssoApiScope: "",
33
34
  ssoSignInPolicy: options.signInPolicy,
34
35
  ssoResetPasswordPolicy: options.resetPasswordPolicy,
35
36
  ssoLoginPath: options.loginPath,
@@ -37,6 +38,7 @@ defineNuxtModule({
37
38
  });
38
39
  addPlugin({ src: resolver.resolve("./runtime/plugin.client"), mode: "client" });
39
40
  addImports({ name: "useAuth", as: "useAuth", from: "@phila/sso-vue" });
41
+ addImports({ name: "useSSOStore", as: "useSSOStore", from: "@phila/sso-vue" });
40
42
  if (options.globalAuth) {
41
43
  addRouteMiddleware({
42
44
  name: "auth",
@@ -46,4 +48,7 @@ defineNuxtModule({
46
48
  }
47
49
  }
48
50
  });
51
+ export {
52
+ module$1 as default
53
+ };
49
54
  //# sourceMappingURL=module.js.map
package/dist/module.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"module.js","sources":["../src/module.ts"],"sourcesContent":["// ABOUTME: Nuxt module that wires up phila-identity SSO with zero app boilerplate\n// ABOUTME: Installs pinia, registers the client plugin, auto-imports useAuth, and optionally guards routes\n\nimport {\n defineNuxtModule,\n addPlugin,\n addImports,\n addRouteMiddleware,\n installModule,\n createResolver,\n extendViteConfig,\n} from \"@nuxt/kit\";\nimport { fileURLToPath } from \"node:url\";\nimport { dirname, resolve } from \"node:path\";\nimport { defu } from \"defu\";\n\nconst __dirname = dirname(fileURLToPath(import.meta.url));\n// packages/sso-nuxt/src → packages/sso-nuxt → packages → phila-identity\nconst philaIdentityRoot = resolve(__dirname, \"../../..\");\n\nexport interface ModuleOptions {\n globalAuth?: boolean;\n loginPath?: string;\n excludePaths?: string[];\n signInPolicy?: string;\n resetPasswordPolicy?: string;\n}\n\nexport default defineNuxtModule<ModuleOptions>({\n meta: {\n name: \"@phila/sso-nuxt\",\n configKey: \"sso\",\n },\n defaults: {\n globalAuth: true,\n loginPath: \"/login\",\n excludePaths: [\"/logout\"],\n signInPolicy: \"B2C_1A_AD_SIGNIN_ONLY\",\n resetPasswordPolicy: \"B2C_1A_PASSWORDRESET\",\n },\n async setup(options, nuxt) {\n const resolver = createResolver(import.meta.url);\n\n // 1. Install @pinia/nuxt so apps don't need to list it explicitly\n await installModule(\"@pinia/nuxt\");\n\n // 2. Transpile local file: linked packages so Vite/SSR can process them\n nuxt.options.build.transpile.push(\"@phila/sso-core\", \"@phila/sso-vue\");\n\n // 3. Allow Vite dev server to serve files from phila-identity source tree\n extendViteConfig(config => {\n config.server = config.server ?? {};\n config.server.fs = config.server.fs ?? {};\n config.server.fs.allow = [...(config.server.fs.allow ?? []), philaIdentityRoot];\n });\n\n // 4 & 5. Declare SSO keys in runtimeConfig.public (env vars override at runtime)\n nuxt.options.runtimeConfig.public = defu(nuxt.options.runtimeConfig.public, {\n ssoClientId: \"\",\n ssoRedirectUri: \"http://localhost:3000\",\n ssoTenant: \"PhilaB2CDev\",\n ssoAuthorityDomain: \"PhilaB2CDev.b2clogin.com\",\n ssoSignInPolicy: options.signInPolicy,\n ssoResetPasswordPolicy: options.resetPasswordPolicy,\n ssoLoginPath: options.loginPath,\n ssoExcludePaths: options.excludePaths,\n });\n\n // 6. Register client-only plugin that initialises the B2C auth client\n addPlugin({ src: resolver.resolve(\"./runtime/plugin.client\"), mode: \"client\" });\n\n // 7. Auto-import useAuth so components don't need an explicit import\n addImports({ name: \"useAuth\", as: \"useAuth\", from: \"@phila/sso-vue\" });\n\n // 8. Optionally register global route guard\n if (options.globalAuth) {\n addRouteMiddleware({\n name: \"auth\",\n path: resolver.resolve(\"./runtime/middleware.auth\"),\n global: true,\n });\n }\n },\n});\n"],"names":["__dirname"],"mappings":";;;;AAgBA,MAAMA,cAAY,QAAQ,cAAc,YAAY,GAAG,CAAC;AAExD,MAAM,oBAAoB,QAAQA,aAAW,UAAU;AAUxC,iBAAgC;AAAA,EAC7C,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,WAAW;AAAA,EAAA;AAAA,EAEb,UAAU;AAAA,IACR,YAAY;AAAA,IACZ,WAAW;AAAA,IACX,cAAc,CAAC,SAAS;AAAA,IACxB,cAAc;AAAA,IACd,qBAAqB;AAAA,EAAA;AAAA,EAEvB,MAAM,MAAM,SAAS,MAAM;AACzB,UAAM,WAAW,eAAe,YAAY,GAAG;AAG/C,UAAM,cAAc,aAAa;AAGjC,SAAK,QAAQ,MAAM,UAAU,KAAK,mBAAmB,gBAAgB;AAGrE,qBAAiB,CAAA,WAAU;AACzB,aAAO,SAAS,OAAO,UAAU,CAAA;AACjC,aAAO,OAAO,KAAK,OAAO,OAAO,MAAM,CAAA;AACvC,aAAO,OAAO,GAAG,QAAQ,CAAC,GAAI,OAAO,OAAO,GAAG,SAAS,CAAA,GAAK,iBAAiB;AAAA,IAChF,CAAC;AAGD,SAAK,QAAQ,cAAc,SAAS,KAAK,KAAK,QAAQ,cAAc,QAAQ;AAAA,MAC1E,aAAa;AAAA,MACb,gBAAgB;AAAA,MAChB,WAAW;AAAA,MACX,oBAAoB;AAAA,MACpB,iBAAiB,QAAQ;AAAA,MACzB,wBAAwB,QAAQ;AAAA,MAChC,cAAc,QAAQ;AAAA,MACtB,iBAAiB,QAAQ;AAAA,IAAA,CAC1B;AAGD,cAAU,EAAE,KAAK,SAAS,QAAQ,yBAAyB,GAAG,MAAM,UAAU;AAG9E,eAAW,EAAE,MAAM,WAAW,IAAI,WAAW,MAAM,kBAAkB;AAGrE,QAAI,QAAQ,YAAY;AACtB,yBAAmB;AAAA,QACjB,MAAM;AAAA,QACN,MAAM,SAAS,QAAQ,2BAA2B;AAAA,QAClD,QAAQ;AAAA,MAAA,CACT;AAAA,IACH;AAAA,EACF;AACF,CAAC;"}
1
+ {"version":3,"file":"module.js","sources":["../src/module.ts"],"sourcesContent":["// ABOUTME: Nuxt module that wires up phila-identity SSO with zero app boilerplate\n// ABOUTME: Installs pinia, registers the client plugin, auto-imports useAuth, and optionally guards routes\n\nimport {\n defineNuxtModule,\n addPlugin,\n addImports,\n addRouteMiddleware,\n installModule,\n createResolver,\n extendViteConfig,\n} from \"@nuxt/kit\";\nimport { fileURLToPath } from \"node:url\";\nimport { dirname, resolve } from \"node:path\";\nimport { defu } from \"defu\";\n\nconst __dirname = dirname(fileURLToPath(import.meta.url));\n// packages/sso-nuxt/src → packages/sso-nuxt → packages → phila-identity\nconst philaIdentityRoot = resolve(__dirname, \"../../..\");\n\nexport interface ModuleOptions {\n globalAuth?: boolean;\n loginPath?: string;\n excludePaths?: string[];\n signInPolicy?: string;\n resetPasswordPolicy?: string;\n}\n\nexport default defineNuxtModule<ModuleOptions>({\n meta: {\n name: \"@phila/sso-nuxt\",\n configKey: \"sso\",\n },\n defaults: {\n globalAuth: true,\n loginPath: \"/login\",\n excludePaths: [\"/logout\"],\n signInPolicy: \"B2C_1A_AD_SIGNIN_ONLY\",\n resetPasswordPolicy: \"B2C_1A_PASSWORDRESET\",\n },\n async setup(options, nuxt) {\n const resolver = createResolver(import.meta.url);\n\n // 1. Install @pinia/nuxt so apps don't need to list it explicitly\n await installModule(\"@pinia/nuxt\");\n\n // 2. Transpile local file: linked packages so Vite/SSR can process them\n nuxt.options.build.transpile.push(\"@phila/sso-core\", \"@phila/sso-vue\");\n\n // 3. Allow Vite dev server to serve files from phila-identity source tree\n extendViteConfig(config => {\n config.server = config.server ?? {};\n config.server.fs = config.server.fs ?? {};\n config.server.fs.allow = [...(config.server.fs.allow ?? []), philaIdentityRoot];\n });\n\n // 4 & 5. Declare SSO keys in runtimeConfig.public (env vars override at runtime)\n nuxt.options.runtimeConfig.public = defu(nuxt.options.runtimeConfig.public, {\n ssoClientId: \"\",\n ssoRedirectUri: \"http://localhost:3000\",\n ssoTenant: \"PhilaB2CDev\",\n ssoAuthorityDomain: \"PhilaB2CDev.b2clogin.com\",\n ssoApiScope: \"\",\n ssoSignInPolicy: options.signInPolicy,\n ssoResetPasswordPolicy: options.resetPasswordPolicy,\n ssoLoginPath: options.loginPath,\n ssoExcludePaths: options.excludePaths,\n });\n\n // 6. Register client-only plugin that initialises the B2C auth client\n addPlugin({ src: resolver.resolve(\"./runtime/plugin.client\"), mode: \"client\" });\n\n // 7. Auto-import useAuth so components don't need an explicit import\n addImports({ name: \"useAuth\", as: \"useAuth\", from: \"@phila/sso-vue\" });\n addImports({ name: \"useSSOStore\", as: \"useSSOStore\", from: \"@phila/sso-vue\" });\n\n // 8. Optionally register global route guard\n if (options.globalAuth) {\n addRouteMiddleware({\n name: \"auth\",\n path: resolver.resolve(\"./runtime/middleware.auth\"),\n global: true,\n });\n }\n },\n});\n"],"names":["__dirname"],"mappings":";;;;AAgBA,MAAMA,cAAY,QAAQ,cAAc,YAAY,GAAG,CAAC;AAExD,MAAM,oBAAoB,QAAQA,aAAW,UAAU;AAUvD,MAAA,WAAe,iBAAgC;AAAA,EAC7C,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,WAAW;AAAA,EAAA;AAAA,EAEb,UAAU;AAAA,IACR,YAAY;AAAA,IACZ,WAAW;AAAA,IACX,cAAc,CAAC,SAAS;AAAA,IACxB,cAAc;AAAA,IACd,qBAAqB;AAAA,EAAA;AAAA,EAEvB,MAAM,MAAM,SAAS,MAAM;AACzB,UAAM,WAAW,eAAe,YAAY,GAAG;AAG/C,UAAM,cAAc,aAAa;AAGjC,SAAK,QAAQ,MAAM,UAAU,KAAK,mBAAmB,gBAAgB;AAGrE,qBAAiB,CAAA,WAAU;AACzB,aAAO,SAAS,OAAO,UAAU,CAAA;AACjC,aAAO,OAAO,KAAK,OAAO,OAAO,MAAM,CAAA;AACvC,aAAO,OAAO,GAAG,QAAQ,CAAC,GAAI,OAAO,OAAO,GAAG,SAAS,CAAA,GAAK,iBAAiB;AAAA,IAChF,CAAC;AAGD,SAAK,QAAQ,cAAc,SAAS,KAAK,KAAK,QAAQ,cAAc,QAAQ;AAAA,MAC1E,aAAa;AAAA,MACb,gBAAgB;AAAA,MAChB,WAAW;AAAA,MACX,oBAAoB;AAAA,MACpB,aAAa;AAAA,MACb,iBAAiB,QAAQ;AAAA,MACzB,wBAAwB,QAAQ;AAAA,MAChC,cAAc,QAAQ;AAAA,MACtB,iBAAiB,QAAQ;AAAA,IAAA,CAC1B;AAGD,cAAU,EAAE,KAAK,SAAS,QAAQ,yBAAyB,GAAG,MAAM,UAAU;AAG9E,eAAW,EAAE,MAAM,WAAW,IAAI,WAAW,MAAM,kBAAkB;AACrE,eAAW,EAAE,MAAM,eAAe,IAAI,eAAe,MAAM,kBAAkB;AAG7E,QAAI,QAAQ,YAAY;AACtB,yBAAmB;AAAA,QACjB,MAAM;AAAA,QACN,MAAM,SAAS,QAAQ,2BAA2B;AAAA,QAClD,QAAQ;AAAA,MAAA,CACT;AAAA,IACH;AAAA,EACF;AACF,CAAC;"}
package/dist/runtime/middleware.auth.js CHANGED
@@ -1,11 +1,16 @@
1
1
  import { defineNuxtRouteMiddleware, useRuntimeConfig, navigateTo } from "nuxt/app";
2
2
  import { useSSOStore } from "@phila/sso-vue";
3
- defineNuxtRouteMiddleware((to) => {
3
+ const middleware_auth = defineNuxtRouteMiddleware((to) => {
4
4
  const config = useRuntimeConfig().public;
5
5
  const store = useSSOStore();
6
6
  if (!store.authReady) return;
7
- const excluded = [config.ssoLoginPath, ...config.ssoExcludePaths];
8
- if (excluded.some((p) => to.path.startsWith(p))) return;
7
+ const rawExclude = config.ssoExcludePaths;
8
+ const excludePaths = Array.isArray(rawExclude) ? rawExclude : [];
9
+ const excluded = [config.ssoLoginPath, ...excludePaths];
10
+ if (excluded.some((p) => p && to.path.startsWith(p))) return;
9
11
  if (!store.isAuthenticated) return navigateTo({ path: config.ssoLoginPath });
10
12
  });
13
+ export {
14
+ middleware_auth as default
15
+ };
11
16
  //# sourceMappingURL=middleware.auth.js.map
package/dist/runtime/middleware.auth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"middleware.auth.js","sources":["../../src/runtime/middleware.auth.ts"],"sourcesContent":["// ABOUTME: Route middleware registered by @phila/sso-nuxt module\n// ABOUTME: Redirects unauthenticated users to the configured login path\nimport { defineNuxtRouteMiddleware, useRuntimeConfig, navigateTo } from \"nuxt/app\";\nimport { useSSOStore } from \"@phila/sso-vue\";\n\nexport default defineNuxtRouteMiddleware(to => {\n const config = useRuntimeConfig().public;\n const store = useSSOStore();\n\n // Don't redirect while auth is still initialising\n if (!store.authReady) return;\n\n const excluded = [config.ssoLoginPath as string, ...(config.ssoExcludePaths as string[])];\n if (excluded.some(p => to.path.startsWith(p))) return;\n\n if (!store.isAuthenticated) return navigateTo({ path: config.ssoLoginPath as string });\n});\n"],"names":[],"mappings":";;AAKe,0BAA0B,CAAA,OAAM;AAC7C,QAAM,SAAS,mBAAmB;AAClC,QAAM,QAAQ,YAAA;AAGd,MAAI,CAAC,MAAM,UAAW;AAEtB,QAAM,WAAW,CAAC,OAAO,cAAwB,GAAI,OAAO,eAA4B;AACxF,MAAI,SAAS,KAAK,CAAA,MAAK,GAAG,KAAK,WAAW,CAAC,CAAC,EAAG;AAE/C,MAAI,CAAC,MAAM,gBAAiB,QAAO,WAAW,EAAE,MAAM,OAAO,cAAwB;AACvF,CAAC;"}
1
+ {"version":3,"file":"middleware.auth.js","sources":["../../src/runtime/middleware.auth.ts"],"sourcesContent":["// ABOUTME: Route middleware registered by @phila/sso-nuxt module\n// ABOUTME: Redirects unauthenticated users to the configured login path\nimport { defineNuxtRouteMiddleware, useRuntimeConfig, navigateTo } from \"nuxt/app\";\nimport { useSSOStore } from \"@phila/sso-vue\";\n\nexport default defineNuxtRouteMiddleware(to => {\n const config = useRuntimeConfig().public;\n const store = useSSOStore();\n\n // Don't redirect while auth is still initialising\n if (!store.authReady) return;\n\n const rawExclude = config.ssoExcludePaths;\n const excludePaths = Array.isArray(rawExclude) ? rawExclude : [];\n const excluded = [config.ssoLoginPath as string, ...excludePaths];\n if (excluded.some(p => p && to.path.startsWith(p))) return;\n\n if (!store.isAuthenticated) return navigateTo({ path: config.ssoLoginPath as string });\n});\n"],"names":[],"mappings":";;AAKA,MAAA,kBAAe,0BAA0B,CAAA,OAAM;AAC7C,QAAM,SAAS,mBAAmB;AAClC,QAAM,QAAQ,YAAA;AAGd,MAAI,CAAC,MAAM,UAAW;AAEtB,QAAM,aAAa,OAAO;AAC1B,QAAM,eAAe,MAAM,QAAQ,UAAU,IAAI,aAAa,CAAA;AAC9D,QAAM,WAAW,CAAC,OAAO,cAAwB,GAAG,YAAY;AAChE,MAAI,SAAS,KAAK,CAAA,MAAK,KAAK,GAAG,KAAK,WAAW,CAAC,CAAC,EAAG;AAEpD,MAAI,CAAC,MAAM,gBAAiB,QAAO,WAAW,EAAE,MAAM,OAAO,cAAwB;AACvF,CAAC;"}
package/dist/runtime/plugin.client.js CHANGED
@@ -1,8 +1,10 @@
1
1
  import { defineNuxtPlugin, useRuntimeConfig } from "nuxt/app";
2
2
  import { createSSOPlugin } from "@phila/sso-vue";
3
3
  import { B2CProvider } from "@phila/sso-core";
4
- defineNuxtPlugin((nuxtApp) => {
4
+ const plugin_client = defineNuxtPlugin((nuxtApp) => {
5
5
  const config = useRuntimeConfig().public;
6
+ const apiScope = config.ssoApiScope || "";
7
+ const apiScopes = apiScope ? apiScope.split(",").map((s) => s.trim()) : [];
6
8
  const plugin = createSSOPlugin({
7
9
  clientConfig: {
8
10
  provider: new B2CProvider({
@@ -10,6 +12,7 @@ defineNuxtPlugin((nuxtApp) => {
10
12
  b2cEnvironment: config.ssoTenant,
11
13
  authorityDomain: config.ssoAuthorityDomain,
12
14
  redirectUri: config.ssoRedirectUri,
15
+ apiScopes,
13
16
  policies: {
14
17
  signUpSignIn: config.ssoSignInPolicy,
15
18
  signInOnly: config.ssoSignInPolicy,
@@ -21,4 +24,7 @@ defineNuxtPlugin((nuxtApp) => {
21
24
  });
22
25
  nuxtApp.vueApp.use(plugin);
23
26
  });
27
+ export {
28
+ plugin_client as default
29
+ };
24
30
  //# sourceMappingURL=plugin.client.js.map
package/dist/runtime/plugin.client.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"plugin.client.js","sources":["../../src/runtime/plugin.client.ts"],"sourcesContent":["// ABOUTME: Client-only Nuxt plugin registered by @phila/sso-nuxt module\n// ABOUTME: Initializes Azure AD B2C authentication on the Nuxt app instance\nimport { defineNuxtPlugin, useRuntimeConfig } from \"nuxt/app\";\nimport { createSSOPlugin } from \"@phila/sso-vue\";\nimport { B2CProvider } from \"@phila/sso-core\";\n\nexport default defineNuxtPlugin(nuxtApp => {\n const config = useRuntimeConfig().public;\n const plugin = createSSOPlugin({\n clientConfig: {\n provider: new B2CProvider({\n clientId: config.ssoClientId as string,\n b2cEnvironment: config.ssoTenant as string,\n authorityDomain: config.ssoAuthorityDomain as string,\n redirectUri: config.ssoRedirectUri as string,\n policies: {\n signUpSignIn: config.ssoSignInPolicy as string,\n signInOnly: config.ssoSignInPolicy as string,\n resetPassword: config.ssoResetPasswordPolicy as string,\n },\n }),\n debug: import.meta.dev,\n },\n });\n nuxtApp.vueApp.use(plugin);\n});\n"],"names":[],"mappings":";;;AAMe,iBAAiB,CAAA,YAAW;AACzC,QAAM,SAAS,mBAAmB;AAClC,QAAM,SAAS,gBAAgB;AAAA,IAC7B,cAAc;AAAA,MACZ,UAAU,IAAI,YAAY;AAAA,QACxB,UAAU,OAAO;AAAA,QACjB,gBAAgB,OAAO;AAAA,QACvB,iBAAiB,OAAO;AAAA,QACxB,aAAa,OAAO;AAAA,QACpB,UAAU;AAAA,UACR,cAAc,OAAO;AAAA,UACrB,YAAY,OAAO;AAAA,UACnB,eAAe,OAAO;AAAA,QAAA;AAAA,MACxB,CACD;AAAA,MACD,OAAO,YAAY;AAAA,IAAA;AAAA,EACrB,CACD;AACD,UAAQ,OAAO,IAAI,MAAM;AAC3B,CAAC;"}
1
+ {"version":3,"file":"plugin.client.js","sources":["../../src/runtime/plugin.client.ts"],"sourcesContent":["// ABOUTME: Client-only Nuxt plugin registered by @phila/sso-nuxt module\n// ABOUTME: Initializes Azure AD B2C authentication on the Nuxt app instance\nimport { defineNuxtPlugin, useRuntimeConfig } from \"nuxt/app\";\nimport { createSSOPlugin } from \"@phila/sso-vue\";\nimport { B2CProvider } from \"@phila/sso-core\";\n\nexport default defineNuxtPlugin(nuxtApp => {\n const config = useRuntimeConfig().public;\n const apiScope = (config.ssoApiScope as string) || \"\";\n const apiScopes = apiScope ? apiScope.split(\",\").map(s => s.trim()) : [];\n\n const plugin = createSSOPlugin({\n clientConfig: {\n provider: new B2CProvider({\n clientId: config.ssoClientId as string,\n b2cEnvironment: config.ssoTenant as string,\n authorityDomain: config.ssoAuthorityDomain as string,\n redirectUri: config.ssoRedirectUri as string,\n apiScopes,\n policies: {\n signUpSignIn: config.ssoSignInPolicy as string,\n signInOnly: config.ssoSignInPolicy as string,\n resetPassword: config.ssoResetPasswordPolicy as string,\n },\n }),\n debug: import.meta.dev,\n },\n });\n nuxtApp.vueApp.use(plugin);\n});\n"],"names":[],"mappings":";;;AAMA,MAAA,gBAAe,iBAAiB,CAAA,YAAW;AACzC,QAAM,SAAS,mBAAmB;AAClC,QAAM,WAAY,OAAO,eAA0B;AACnD,QAAM,YAAY,WAAW,SAAS,MAAM,GAAG,EAAE,IAAI,CAAA,MAAK,EAAE,KAAA,CAAM,IAAI,CAAA;AAEtE,QAAM,SAAS,gBAAgB;AAAA,IAC7B,cAAc;AAAA,MACZ,UAAU,IAAI,YAAY;AAAA,QACxB,UAAU,OAAO;AAAA,QACjB,gBAAgB,OAAO;AAAA,QACvB,iBAAiB,OAAO;AAAA,QACxB,aAAa,OAAO;AAAA,QACpB;AAAA,QACA,UAAU;AAAA,UACR,cAAc,OAAO;AAAA,UACrB,YAAY,OAAO;AAAA,UACnB,eAAe,OAAO;AAAA,QAAA;AAAA,MACxB,CACD;AAAA,MACD,OAAO,YAAY;AAAA,IAAA;AAAA,EACrB,CACD;AACD,UAAQ,OAAO,IAAI,MAAM;AAC3B,CAAC;"}
package/package.json CHANGED
@@ -1,11 +1,15 @@
1
1
  {
2
2
  "name": "@phila/sso-nuxt",
3
- "version": "0.0.2",
3
+ "version": "0.0.4",
4
4
  "type": "module",
5
5
  "exports": {
6
6
  ".": {
7
7
  "types": "./dist/module.d.ts",
8
8
  "import": "./dist/module.js"
9
+ },
10
+ "./module": {
11
+ "types": "./dist/module.d.ts",
12
+ "import": "./dist/module.js"
9
13
  }
10
14
  },
11
15
  "files": [
@@ -14,8 +18,8 @@
14
18
  "dependencies": {
15
19
  "@nuxt/kit": "^3.0.0",
16
20
  "defu": "^6.0.0",
17
- "@phila/sso-core": "0.0.2",
18
- "@phila/sso-vue": "0.0.2"
21
+ "@phila/sso-core": "0.0.4",
22
+ "@phila/sso-vue": "0.0.4"
19
23
  },
20
24
  "peerDependencies": {
21
25
  "nuxt": "^3.0.0"