@propelauth/nextjs 0.0.112-beta.1 → 0.0.113
Sign up to get free protection for your applications and to get access to all the features.
- package/dist/client/index.d.ts +2 -40
- package/dist/client/index.js +38 -122
- package/dist/client/index.js.map +1 -1
- package/dist/client/index.mjs +38 -122
- package/dist/client/index.mjs.map +1 -1
- package/dist/server/app-router/index.d.ts +2 -34
- package/dist/server/app-router/index.js +35 -201
- package/dist/server/app-router/index.js.map +1 -1
- package/dist/server/app-router/index.mjs +35 -201
- package/dist/server/app-router/index.mjs.map +1 -1
- package/dist/server/index.d.ts +1 -32
- package/dist/server/index.js +15 -36
- package/dist/server/index.js.map +1 -1
- package/dist/server/index.mjs +15 -36
- package/dist/server/index.mjs.map +1 -1
- package/dist/server/pages/index.d.ts +1 -32
- package/dist/server/pages/index.js +23 -51
- package/dist/server/pages/index.js.map +1 -1
- package/dist/server/pages/index.mjs +23 -51
- package/dist/server/pages/index.mjs.map +1 -1
- package/package.json +1 -1
@@ -42,9 +42,8 @@ import { NextResponse } from "next/server.js";
|
|
42
42
|
|
43
43
|
// src/user.ts
|
44
44
|
var UserFromToken = class {
|
45
|
-
constructor(userId, email, orgIdToOrgMemberInfo, firstName, lastName, username, legacyUserId, impersonatorUserId, properties
|
45
|
+
constructor(userId, email, orgIdToOrgMemberInfo, firstName, lastName, username, legacyUserId, impersonatorUserId, properties) {
|
46
46
|
this.userId = userId;
|
47
|
-
this.activeOrgId = activeOrgId;
|
48
47
|
this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo;
|
49
48
|
this.email = email;
|
50
49
|
this.firstName = firstName;
|
@@ -54,15 +53,6 @@ var UserFromToken = class {
|
|
54
53
|
this.impersonatorUserId = impersonatorUserId;
|
55
54
|
this.properties = properties;
|
56
55
|
}
|
57
|
-
getActiveOrg() {
|
58
|
-
if (!this.activeOrgId || !this.orgIdToOrgMemberInfo) {
|
59
|
-
return void 0;
|
60
|
-
}
|
61
|
-
return this.orgIdToOrgMemberInfo[this.activeOrgId];
|
62
|
-
}
|
63
|
-
getActiveOrgId() {
|
64
|
-
return this.activeOrgId;
|
65
|
-
}
|
66
56
|
getOrg(orgId) {
|
67
57
|
if (!this.orgIdToOrgMemberInfo) {
|
68
58
|
return void 0;
|
@@ -95,7 +85,9 @@ var UserFromToken = class {
|
|
95
85
|
const obj = JSON.parse(json);
|
96
86
|
const orgIdToOrgMemberInfo = {};
|
97
87
|
for (const orgId in obj.orgIdToOrgMemberInfo) {
|
98
|
-
orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(
|
88
|
+
orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(
|
89
|
+
JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])
|
90
|
+
);
|
99
91
|
}
|
100
92
|
return new UserFromToken(
|
101
93
|
obj.userId,
|
@@ -109,29 +101,6 @@ var UserFromToken = class {
|
|
109
101
|
obj.properties
|
110
102
|
);
|
111
103
|
}
|
112
|
-
static fromJwtPayload(payload) {
|
113
|
-
let activeOrgId;
|
114
|
-
let orgIdToOrgMemberInfo;
|
115
|
-
if (payload.org_member_info) {
|
116
|
-
activeOrgId = payload.org_member_info.org_id;
|
117
|
-
orgIdToOrgMemberInfo = toOrgIdToOrgMemberInfo({ [activeOrgId]: payload.org_member_info });
|
118
|
-
} else {
|
119
|
-
activeOrgId = void 0;
|
120
|
-
orgIdToOrgMemberInfo = toOrgIdToOrgMemberInfo(payload.org_id_to_org_member_info);
|
121
|
-
}
|
122
|
-
return new UserFromToken(
|
123
|
-
payload.user_id,
|
124
|
-
payload.email,
|
125
|
-
orgIdToOrgMemberInfo,
|
126
|
-
payload.first_name,
|
127
|
-
payload.last_name,
|
128
|
-
payload.username,
|
129
|
-
payload.legacy_user_id,
|
130
|
-
payload.impersonatorUserId,
|
131
|
-
payload.properties,
|
132
|
-
activeOrgId
|
133
|
-
);
|
134
|
-
}
|
135
104
|
};
|
136
105
|
var OrgMemberInfo = class {
|
137
106
|
constructor(orgId, orgName, orgMetadata, urlSafeOrgName, userAssignedRole, userInheritedRolesPlusCurrentRole, userPermissions) {
|
@@ -180,7 +149,17 @@ var OrgMemberInfo = class {
|
|
180
149
|
}
|
181
150
|
};
|
182
151
|
function toUser(snake_case) {
|
183
|
-
return UserFromToken
|
152
|
+
return new UserFromToken(
|
153
|
+
snake_case.user_id,
|
154
|
+
snake_case.email,
|
155
|
+
toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),
|
156
|
+
snake_case.first_name,
|
157
|
+
snake_case.last_name,
|
158
|
+
snake_case.username,
|
159
|
+
snake_case.legacy_user_id,
|
160
|
+
snake_case.impersonatorUserId,
|
161
|
+
snake_case.properties
|
162
|
+
);
|
184
163
|
}
|
185
164
|
function toOrgIdToOrgMemberInfo(snake_case) {
|
186
165
|
if (snake_case === void 0) {
|
@@ -252,17 +231,12 @@ function getVerifierKey() {
|
|
252
231
|
}
|
253
232
|
return verifierKey.replace(/\\n/g, "\n");
|
254
233
|
}
|
255
|
-
function refreshTokenWithAccessAndRefreshToken(refreshToken
|
234
|
+
function refreshTokenWithAccessAndRefreshToken(refreshToken) {
|
256
235
|
return __async(this, null, function* () {
|
257
236
|
const body = {
|
258
237
|
refresh_token: refreshToken
|
259
238
|
};
|
260
|
-
const
|
261
|
-
if (activeOrgId) {
|
262
|
-
queryParams.set("with_active_org_support", "true");
|
263
|
-
queryParams.set("active_org_id", activeOrgId);
|
264
|
-
}
|
265
|
-
const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token?${queryParams.toString()}`;
|
239
|
+
const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token`;
|
266
240
|
const response = yield fetch(url, {
|
267
241
|
method: "POST",
|
268
242
|
body: JSON.stringify(body),
|
@@ -274,7 +248,10 @@ function refreshTokenWithAccessAndRefreshToken(refreshToken, activeOrgId) {
|
|
274
248
|
if (response.ok) {
|
275
249
|
const data = yield response.json();
|
276
250
|
const newRefreshToken = data.refresh_token;
|
277
|
-
const {
|
251
|
+
const {
|
252
|
+
access_token: accessToken,
|
253
|
+
expires_at_seconds: expiresAtSeconds
|
254
|
+
} = data.access_token;
|
278
255
|
return {
|
279
256
|
refreshToken: newRefreshToken,
|
280
257
|
accessToken,
|
@@ -335,9 +312,6 @@ function validateAccessToken(accessToken) {
|
|
335
312
|
});
|
336
313
|
}
|
337
314
|
|
338
|
-
// src/shared.ts
|
339
|
-
var ACTIVE_ORG_ID_COOKIE_NAME = "__pa_org_id";
|
340
|
-
|
341
315
|
// src/server/app-router.ts
|
342
316
|
function getUserOrRedirect() {
|
343
317
|
return __async(this, null, function* () {
|
@@ -352,7 +326,8 @@ function getUserOrRedirect() {
|
|
352
326
|
}
|
353
327
|
function getUser() {
|
354
328
|
return __async(this, null, function* () {
|
355
|
-
|
329
|
+
var _a;
|
330
|
+
const accessToken = headers().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || ((_a = cookies().get(ACCESS_TOKEN_COOKIE_NAME)) == null ? void 0 : _a.value);
|
356
331
|
if (accessToken) {
|
357
332
|
const user = yield validateAccessTokenOrUndefined(accessToken);
|
358
333
|
if (user) {
|
@@ -363,12 +338,14 @@ function getUser() {
|
|
363
338
|
});
|
364
339
|
}
|
365
340
|
function getAccessToken() {
|
366
|
-
|
367
|
-
|
341
|
+
return __async(this, null, function* () {
|
342
|
+
var _a;
|
343
|
+
return headers().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || ((_a = cookies().get(ACCESS_TOKEN_COOKIE_NAME)) == null ? void 0 : _a.value);
|
344
|
+
});
|
368
345
|
}
|
369
346
|
function authMiddleware(req) {
|
370
347
|
return __async(this, null, function* () {
|
371
|
-
var _a, _b
|
348
|
+
var _a, _b;
|
372
349
|
if (req.headers.has(CUSTOM_HEADER_FOR_ACCESS_TOKEN)) {
|
373
350
|
throw new Error(`${CUSTOM_HEADER_FOR_ACCESS_TOKEN} is set which is for internal use only`);
|
374
351
|
} else if (req.nextUrl.pathname === CALLBACK_PATH || req.nextUrl.pathname === LOGOUT_PATH || req.nextUrl.pathname === USERINFO_PATH) {
|
@@ -376,7 +353,6 @@ function authMiddleware(req) {
|
|
376
353
|
}
|
377
354
|
const accessToken = (_a = req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)) == null ? void 0 : _a.value;
|
378
355
|
const refreshToken = (_b = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)) == null ? void 0 : _b.value;
|
379
|
-
const activeOrgId = (_c = req.cookies.get(ACTIVE_ORG_ID_COOKIE_NAME)) == null ? void 0 : _c.value;
|
380
356
|
if (accessToken) {
|
381
357
|
const user = yield validateAccessTokenOrUndefined(accessToken);
|
382
358
|
if (user) {
|
@@ -384,7 +360,7 @@ function authMiddleware(req) {
|
|
384
360
|
}
|
385
361
|
}
|
386
362
|
if (refreshToken) {
|
387
|
-
const response = yield refreshTokenWithAccessAndRefreshToken(refreshToken
|
363
|
+
const response = yield refreshTokenWithAccessAndRefreshToken(refreshToken);
|
388
364
|
if (response.error === "unexpected") {
|
389
365
|
throw new Error("Unexpected error while refreshing access token");
|
390
366
|
} else if (response.error === "unauthorized") {
|
@@ -445,7 +421,7 @@ function getRouteHandlers(args) {
|
|
445
421
|
}
|
446
422
|
function callbackGetHandler(req) {
|
447
423
|
return __async(this, null, function* () {
|
448
|
-
var _a, _b
|
424
|
+
var _a, _b;
|
449
425
|
const oauthState = (_a = req.cookies.get(STATE_COOKIE_NAME)) == null ? void 0 : _a.value;
|
450
426
|
if (!oauthState || oauthState.length !== 64) {
|
451
427
|
return new Response(null, { status: 302, headers: { Location: LOGIN_PATH } });
|
@@ -481,49 +457,6 @@ function getRouteHandlers(args) {
|
|
481
457
|
console.error("postLoginRedirectPathFn returned undefined");
|
482
458
|
return new Response("Unexpected error", { status: 500 });
|
483
459
|
}
|
484
|
-
const currentActiveOrgId = (_c = req.cookies.get(ACTIVE_ORG_ID_COOKIE_NAME)) == null ? void 0 : _c.value;
|
485
|
-
const user = yield validateAccessToken(accessToken);
|
486
|
-
const isUserInCurrentActiveOrg = !!currentActiveOrgId && !!user.getOrg(currentActiveOrgId);
|
487
|
-
let activeOrgId = void 0;
|
488
|
-
if (isUserInCurrentActiveOrg) {
|
489
|
-
activeOrgId = currentActiveOrgId;
|
490
|
-
} else if (args == null ? void 0 : args.getDefaultActiveOrgId) {
|
491
|
-
activeOrgId = args.getDefaultActiveOrgId(req, user);
|
492
|
-
}
|
493
|
-
if (activeOrgId) {
|
494
|
-
const response2 = yield refreshTokenWithAccessAndRefreshToken(data.refresh_token, activeOrgId);
|
495
|
-
if (response2.error === "unexpected") {
|
496
|
-
throw new Error("Unexpected error while setting active org");
|
497
|
-
} else if (response2.error === "unauthorized") {
|
498
|
-
console.error(
|
499
|
-
"Unauthorized error while setting active org. Your user may not have access to this org"
|
500
|
-
);
|
501
|
-
return new Response("Unauthorized", { status: 401 });
|
502
|
-
} else {
|
503
|
-
const headers3 = new Headers();
|
504
|
-
headers3.append("Location", returnToPath);
|
505
|
-
headers3.append(
|
506
|
-
"Set-Cookie",
|
507
|
-
`${ACCESS_TOKEN_COOKIE_NAME}=${response2.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`
|
508
|
-
);
|
509
|
-
headers3.append(
|
510
|
-
"Set-Cookie",
|
511
|
-
`${REFRESH_TOKEN_COOKIE_NAME}=${response2.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`
|
512
|
-
);
|
513
|
-
headers3.append(
|
514
|
-
"Set-Cookie",
|
515
|
-
`${ACTIVE_ORG_ID_COOKIE_NAME}=${activeOrgId}; Path=/; HttpOnly; Secure; SameSite=Lax`
|
516
|
-
);
|
517
|
-
headers3.append(
|
518
|
-
"Set-Cookie",
|
519
|
-
`${RETURN_TO_PATH_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
|
520
|
-
);
|
521
|
-
return new Response(null, {
|
522
|
-
status: 302,
|
523
|
-
headers: headers3
|
524
|
-
});
|
525
|
-
}
|
526
|
-
}
|
527
460
|
const headers2 = new Headers();
|
528
461
|
headers2.append("Location", returnToPath);
|
529
462
|
headers2.append(
|
@@ -534,10 +467,6 @@ function getRouteHandlers(args) {
|
|
534
467
|
"Set-Cookie",
|
535
468
|
`${REFRESH_TOKEN_COOKIE_NAME}=${data.refresh_token}; Path=/; HttpOnly; Secure; SameSite=Lax`
|
536
469
|
);
|
537
|
-
headers2.append(
|
538
|
-
"Set-Cookie",
|
539
|
-
`${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
|
540
|
-
);
|
541
470
|
headers2.append(
|
542
471
|
"Set-Cookie",
|
543
472
|
`${RETURN_TO_PATH_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
|
@@ -558,11 +487,10 @@ function getRouteHandlers(args) {
|
|
558
487
|
}
|
559
488
|
function userinfoGetHandler(req) {
|
560
489
|
return __async(this, null, function* () {
|
561
|
-
var _a
|
490
|
+
var _a;
|
562
491
|
const oldRefreshToken = (_a = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)) == null ? void 0 : _a.value;
|
563
|
-
const activeOrgId = (_b = req.cookies.get(ACTIVE_ORG_ID_COOKIE_NAME)) == null ? void 0 : _b.value;
|
564
492
|
if (oldRefreshToken) {
|
565
|
-
const refreshResponse = yield refreshTokenWithAccessAndRefreshToken(oldRefreshToken
|
493
|
+
const refreshResponse = yield refreshTokenWithAccessAndRefreshToken(oldRefreshToken);
|
566
494
|
if (refreshResponse.error === "unexpected") {
|
567
495
|
throw new Error("Unexpected error while refreshing access token");
|
568
496
|
} else if (refreshResponse.error === "unauthorized") {
|
@@ -575,10 +503,6 @@ function getRouteHandlers(args) {
|
|
575
503
|
"Set-Cookie",
|
576
504
|
`${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
|
577
505
|
);
|
578
|
-
headers3.append(
|
579
|
-
"Set-Cookie",
|
580
|
-
`${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
|
581
|
-
);
|
582
506
|
return new Response("Unauthorized", { status: 401, headers: headers3 });
|
583
507
|
}
|
584
508
|
const refreshToken = refreshResponse.refreshToken;
|
@@ -597,8 +521,7 @@ function getRouteHandlers(args) {
|
|
597
521
|
const jsonResponse = {
|
598
522
|
userinfo: data,
|
599
523
|
accessToken,
|
600
|
-
impersonatorUserId: userFromToken.impersonatorUserId
|
601
|
-
activeOrgId
|
524
|
+
impersonatorUserId: userFromToken.impersonatorUserId
|
602
525
|
};
|
603
526
|
const headers3 = new Headers();
|
604
527
|
headers3.append(
|
@@ -624,10 +547,6 @@ function getRouteHandlers(args) {
|
|
624
547
|
"Set-Cookie",
|
625
548
|
`${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
|
626
549
|
);
|
627
|
-
headers3.append(
|
628
|
-
"Set-Cookie",
|
629
|
-
`${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
|
630
|
-
);
|
631
550
|
return new Response(null, {
|
632
551
|
status: 401,
|
633
552
|
headers: headers3
|
@@ -639,13 +558,12 @@ function getRouteHandlers(args) {
|
|
639
558
|
const headers2 = new Headers();
|
640
559
|
headers2.append("Set-Cookie", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`);
|
641
560
|
headers2.append("Set-Cookie", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`);
|
642
|
-
headers2.append("Set-Cookie", `${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`);
|
643
561
|
return new Response(null, { status: 401 });
|
644
562
|
});
|
645
563
|
}
|
646
564
|
function logoutGetHandler(req) {
|
647
565
|
return __async(this, null, function* () {
|
648
|
-
var _a
|
566
|
+
var _a;
|
649
567
|
const path = (args == null ? void 0 : args.postLoginRedirectPathFn) ? args.postLoginRedirectPathFn(req) : "/";
|
650
568
|
if (!path) {
|
651
569
|
console.error("postLoginPathFn returned undefined");
|
@@ -663,17 +581,12 @@ function getRouteHandlers(args) {
|
|
663
581
|
"Set-Cookie",
|
664
582
|
`${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
|
665
583
|
);
|
666
|
-
headers2.append(
|
667
|
-
"Set-Cookie",
|
668
|
-
`${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
|
669
|
-
);
|
670
584
|
return new Response(null, {
|
671
585
|
status: 302,
|
672
586
|
headers: headers2
|
673
587
|
});
|
674
588
|
}
|
675
|
-
const
|
676
|
-
const refreshResponse = yield refreshTokenWithAccessAndRefreshToken(refreshToken, activeOrgId);
|
589
|
+
const refreshResponse = yield refreshTokenWithAccessAndRefreshToken(refreshToken);
|
677
590
|
if (refreshResponse.error === "unexpected") {
|
678
591
|
console.error("Unexpected error while refreshing access token");
|
679
592
|
return new Response("Unexpected error", { status: 500 });
|
@@ -688,10 +601,6 @@ function getRouteHandlers(args) {
|
|
688
601
|
"Set-Cookie",
|
689
602
|
`${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
|
690
603
|
);
|
691
|
-
headers2.append(
|
692
|
-
"Set-Cookie",
|
693
|
-
`${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
|
694
|
-
);
|
695
604
|
return new Response(null, {
|
696
605
|
status: 302,
|
697
606
|
headers: headers2
|
@@ -720,10 +629,6 @@ function getRouteHandlers(args) {
|
|
720
629
|
"Set-Cookie",
|
721
630
|
`${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
|
722
631
|
);
|
723
|
-
headers3.append(
|
724
|
-
"Set-Cookie",
|
725
|
-
`${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
|
726
|
-
);
|
727
632
|
return new Response(null, { status: 200, headers: headers3 });
|
728
633
|
}
|
729
634
|
const authUrlOrigin = getAuthUrlOrigin();
|
@@ -748,78 +653,9 @@ function getRouteHandlers(args) {
|
|
748
653
|
const headers2 = new Headers();
|
749
654
|
headers2.append("Set-Cookie", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`);
|
750
655
|
headers2.append("Set-Cookie", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`);
|
751
|
-
headers2.append("Set-Cookie", `${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`);
|
752
656
|
return new Response(null, { status: 200, headers: headers2 });
|
753
657
|
});
|
754
658
|
}
|
755
|
-
function setActiveOrgHandler(req) {
|
756
|
-
return __async(this, null, function* () {
|
757
|
-
var _a;
|
758
|
-
const oldRefreshToken = (_a = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)) == null ? void 0 : _a.value;
|
759
|
-
const activeOrgId = req.nextUrl.searchParams.get("active_org_id");
|
760
|
-
if (!oldRefreshToken) {
|
761
|
-
const headers2 = new Headers();
|
762
|
-
headers2.append(
|
763
|
-
"Set-Cookie",
|
764
|
-
`${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
|
765
|
-
);
|
766
|
-
return new Response(null, { status: 401, headers: headers2 });
|
767
|
-
}
|
768
|
-
if (!activeOrgId) {
|
769
|
-
return new Response(null, { status: 400 });
|
770
|
-
}
|
771
|
-
const refreshResponse = yield refreshTokenWithAccessAndRefreshToken(oldRefreshToken, activeOrgId);
|
772
|
-
if (refreshResponse.error === "unexpected") {
|
773
|
-
throw new Error("Unexpected error while setting active org id");
|
774
|
-
} else if (refreshResponse.error === "unauthorized") {
|
775
|
-
return new Response("Unauthorized", { status: 401 });
|
776
|
-
}
|
777
|
-
const refreshToken = refreshResponse.refreshToken;
|
778
|
-
const accessToken = refreshResponse.accessToken;
|
779
|
-
const authUrlOrigin = getAuthUrlOrigin();
|
780
|
-
const path = `${authUrlOrigin}/propelauth/oauth/userinfo`;
|
781
|
-
const response = yield fetch(path, {
|
782
|
-
headers: {
|
783
|
-
"Content-Type": "application/json",
|
784
|
-
Authorization: "Bearer " + accessToken
|
785
|
-
}
|
786
|
-
});
|
787
|
-
if (response.ok) {
|
788
|
-
const userFromToken = yield validateAccessToken(accessToken);
|
789
|
-
const data = yield response.json();
|
790
|
-
const jsonResponse = {
|
791
|
-
userinfo: data,
|
792
|
-
accessToken,
|
793
|
-
impersonatorUserId: userFromToken.impersonatorUserId,
|
794
|
-
activeOrgId
|
795
|
-
};
|
796
|
-
const headers2 = new Headers();
|
797
|
-
headers2.append(
|
798
|
-
"Set-Cookie",
|
799
|
-
`${ACCESS_TOKEN_COOKIE_NAME}=${accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`
|
800
|
-
);
|
801
|
-
headers2.append(
|
802
|
-
"Set-Cookie",
|
803
|
-
`${REFRESH_TOKEN_COOKIE_NAME}=${refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`
|
804
|
-
);
|
805
|
-
headers2.append(
|
806
|
-
"Set-Cookie",
|
807
|
-
`${ACTIVE_ORG_ID_COOKIE_NAME}=${activeOrgId}; Path=/; HttpOnly; Secure; SameSite=Lax`
|
808
|
-
);
|
809
|
-
headers2.append("Content-Type", "application/json");
|
810
|
-
return new Response(JSON.stringify(jsonResponse), {
|
811
|
-
status: 200,
|
812
|
-
headers: headers2
|
813
|
-
});
|
814
|
-
} else if (response.status === 401) {
|
815
|
-
return new Response(null, {
|
816
|
-
status: 401
|
817
|
-
});
|
818
|
-
} else {
|
819
|
-
return new Response(null, { status: 500 });
|
820
|
-
}
|
821
|
-
});
|
822
|
-
}
|
823
659
|
function getRouteHandler(req, { params }) {
|
824
660
|
if (params.slug === "login") {
|
825
661
|
return loginGetHandler(req);
|
@@ -838,8 +674,6 @@ function getRouteHandlers(args) {
|
|
838
674
|
function postRouteHandler(req, { params }) {
|
839
675
|
if (params.slug === "logout") {
|
840
676
|
return logoutPostHandler(req);
|
841
|
-
} else if (params.slug === "set-active-org") {
|
842
|
-
return setActiveOrgHandler(req);
|
843
677
|
} else {
|
844
678
|
return new Response("", { status: 404 });
|
845
679
|
}
|