@propelauth/nextjs 0.0.113 → 0.0.115

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/dist/client/index.d.ts +15 -9
  2. package/dist/client/index.js +41 -17
  3. package/dist/client/index.js.map +1 -1
  4. package/dist/client/index.mjs +41 -17
  5. package/dist/client/index.mjs.map +1 -1
  6. package/dist/server/index.d.ts +1 -1
  7. package/dist/server/index.js.map +1 -1
  8. package/dist/server/pages/index.d.ts +1 -1
  9. package/dist/server/pages/index.js +2 -2
  10. package/dist/server/pages/index.js.map +1 -1
  11. package/dist/server/pages/index.mjs +2 -2
  12. package/dist/server/pages/index.mjs.map +1 -1
  13. package/package.json +2 -2
package/dist/client/index.d.ts CHANGED
@@ -115,10 +115,15 @@ type UseUser = UseUserLoading | UseUserLoggedIn | UseUserNotLoggedIn;
115
115
  declare function useUser(): UseUser;
116
116
 
117
117
  interface RedirectToSignupOptions {
118
- postSignupRedirectPath: string;
118
+ postSignupRedirectPath?: string;
119
+ userSignupQueryParameters?: Record<string, string>;
119
120
  }
120
121
  interface RedirectToLoginOptions {
121
- postLoginRedirectPath: string;
122
+ postLoginRedirectPath?: string;
123
+ userSignupQueryParameters?: Record<string, string>;
124
+ }
125
+ interface RedirectOptions {
126
+ redirectBackToUrl?: string;
122
127
  }
123
128
  type AuthProviderProps = {
124
129
  authUrl: string;
@@ -130,10 +135,10 @@ declare const AuthProvider: (props: AuthProviderProps) => React.JSX.Element;
130
135
  declare function useHostedPageUrls(): {
131
136
  getLoginPageUrl: (opts?: RedirectToLoginOptions | undefined) => string;
132
137
  getSignupPageUrl: (opts?: RedirectToSignupOptions | undefined) => string;
133
- getAccountPageUrl: () => string;
134
- getOrgPageUrl: (orgId?: string | undefined) => string;
135
- getCreateOrgPageUrl: () => string;
136
- getSetupSAMLPageUrl: (orgId: string) => string;
138
+ getAccountPageUrl: (opts?: RedirectOptions | undefined) => string;
139
+ getOrgPageUrl: (orgId?: string | undefined, opts?: RedirectOptions | undefined) => string;
140
+ getCreateOrgPageUrl: (opts?: RedirectOptions | undefined) => string;
141
+ getSetupSAMLPageUrl: (orgId: string, opts?: RedirectOptions | undefined) => string;
137
142
  };
138
143
 
139
144
  declare function useLogoutFunction(): () => Promise<void>;
@@ -141,9 +146,10 @@ declare function useLogoutFunction(): () => Promise<void>;
141
146
  declare function useRedirectFunctions(): {
142
147
  redirectToSignupPage: (opts?: RedirectToSignupOptions | undefined) => void;
143
148
  redirectToLoginPage: (opts?: RedirectToLoginOptions | undefined) => void;
144
- redirectToAccountPage: () => void;
145
- redirectToOrgPage: (orgId?: string | undefined) => void;
146
- redirectToCreateOrgPage: () => void;
149
+ redirectToAccountPage: (opts?: RedirectOptions | undefined) => void;
150
+ redirectToOrgPage: (orgId?: string | undefined, opts?: RedirectOptions | undefined) => void;
151
+ redirectToCreateOrgPage: (opts?: RedirectOptions | undefined) => void;
152
+ redirectToSetupSAMLPage: (orgId: string, opts?: RedirectOptions | undefined) => void;
147
153
  };
148
154
  interface RedirectProps {
149
155
  children?: React.ReactNode;
package/dist/client/index.js CHANGED
@@ -521,25 +521,31 @@ var AuthProvider = (props) => {
521
521
  }
522
522
  return "/api/auth/signup";
523
523
  };
524
- const getAccountPageUrl = (0, import_react2.useCallback)(() => {
525
- return `${props.authUrl}/account`;
526
- }, [props.authUrl]);
524
+ const getAccountPageUrl = (0, import_react2.useCallback)(
525
+ (opts) => {
526
+ return addReturnToPath(`${props.authUrl}/account`, opts == null ? void 0 : opts.redirectBackToUrl);
527
+ },
528
+ [props.authUrl]
529
+ );
527
530
  const getOrgPageUrl = (0, import_react2.useCallback)(
528
- (orgId) => {
531
+ (orgId, opts) => {
529
532
  if (orgId) {
530
- return `${props.authUrl}/org?id=${orgId}`;
533
+ return addReturnToPath(`${props.authUrl}/org?id=${orgId}`, opts == null ? void 0 : opts.redirectBackToUrl);
531
534
  } else {
532
- return `${props.authUrl}/org`;
535
+ return addReturnToPath(`${props.authUrl}/org`, opts == null ? void 0 : opts.redirectBackToUrl);
533
536
  }
534
537
  },
535
538
  [props.authUrl]
536
539
  );
537
- const getCreateOrgPageUrl = (0, import_react2.useCallback)(() => {
538
- return `${props.authUrl}/create_org`;
539
- }, [props.authUrl]);
540
+ const getCreateOrgPageUrl = (0, import_react2.useCallback)(
541
+ (opts) => {
542
+ return addReturnToPath(`${props.authUrl}/create_org`, opts == null ? void 0 : opts.redirectBackToUrl);
543
+ },
544
+ [props.authUrl]
545
+ );
540
546
  const getSetupSAMLPageUrl = (0, import_react2.useCallback)(
541
- (orgId) => {
542
- return `${props.authUrl}/saml?id=${orgId}`;
547
+ (orgId, opts) => {
548
+ return addReturnToPath(`${props.authUrl}/saml?id=${orgId}`, opts == null ? void 0 : opts.redirectBackToUrl);
543
549
  },
544
550
  [props.authUrl]
545
551
  );
@@ -548,10 +554,10 @@ var AuthProvider = (props) => {
548
554
  };
549
555
  const redirectToLoginPage = (opts) => redirectTo(getLoginPageUrl(opts));
550
556
  const redirectToSignupPage = (opts) => redirectTo(getSignupPageUrl(opts));
551
- const redirectToAccountPage = () => redirectTo(getAccountPageUrl());
552
- const redirectToOrgPage = (orgId) => redirectTo(getOrgPageUrl(orgId));
553
- const redirectToCreateOrgPage = () => redirectTo(getCreateOrgPageUrl());
554
- const redirectToSetupSAMLPage = (orgId) => redirectTo(getSetupSAMLPageUrl(orgId));
557
+ const redirectToAccountPage = (opts) => redirectTo(getAccountPageUrl(opts));
558
+ const redirectToOrgPage = (orgId, opts) => redirectTo(getOrgPageUrl(orgId, opts));
559
+ const redirectToCreateOrgPage = (opts) => redirectTo(getCreateOrgPageUrl(opts));
560
+ const redirectToSetupSAMLPage = (orgId, opts) => redirectTo(getSetupSAMLPageUrl(orgId, opts));
555
561
  const refreshAuthInfo = () => __async(void 0, null, function* () {
556
562
  const action = yield apiGetUserInfo();
557
563
  if (action.error) {
@@ -624,6 +630,22 @@ function apiGetUserInfo() {
624
630
  }
625
631
  });
626
632
  }
633
+ var encodeBase64 = (str) => {
634
+ const encode = window ? window.btoa : btoa;
635
+ return encode(str);
636
+ };
637
+ var addReturnToPath = (url, returnToPath) => {
638
+ if (!returnToPath) {
639
+ return url;
640
+ }
641
+ let qs = new URLSearchParams();
642
+ qs.set("rt", encodeBase64(returnToPath));
643
+ if (url.includes("?")) {
644
+ return `${url}&${qs.toString()}`;
645
+ } else {
646
+ return `${url}?${qs.toString()}`;
647
+ }
648
+ };
627
649
 
628
650
  // src/client/useHostedPageUrls.tsx
629
651
  var import_react3 = require("react");
@@ -673,14 +695,16 @@ function useRedirectFunctions() {
673
695
  redirectToSignupPage,
674
696
  redirectToLoginPage,
675
697
  redirectToOrgPage,
676
- redirectToCreateOrgPage
698
+ redirectToCreateOrgPage,
699
+ redirectToSetupSAMLPage
677
700
  } = context;
678
701
  return {
679
702
  redirectToSignupPage,
680
703
  redirectToLoginPage,
681
704
  redirectToAccountPage,
682
705
  redirectToOrgPage,
683
- redirectToCreateOrgPage
706
+ redirectToCreateOrgPage,
707
+ redirectToSetupSAMLPage
684
708
  };
685
709
  }
686
710
  function RedirectToSignup({ children }) {
package/dist/client/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/client/index.ts","../../src/user.ts","../../src/client/AuthProvider.tsx","../../src/client/utils.ts","../../src/client/useUser.tsx","../../src/client/useHostedPageUrls.tsx","../../src/client/useLogoutFunction.ts","../../src/client/useRedirectFunctions.tsx","../../src/client/useRefreshAuth.ts"],"sourcesContent":["export type {OrgIdToOrgMemberInfo} from \"../user\"\nexport {UserFromToken, OrgMemberInfo} from \"../user\"\nexport {AuthProvider} from \"./AuthProvider\"\nexport type {AuthProviderProps, RedirectToLoginOptions, RedirectToSignupOptions} from \"./AuthProvider\"\nexport {useUser, User} from \"./useUser\"\nexport type {UseUser, UseUserLoading, UseUserLoggedIn, UseUserNotLoggedIn} from \"./useUser\"\nexport {useHostedPageUrls} from \"./useHostedPageUrls\"\nexport {useLogoutFunction} from \"./useLogoutFunction\"\nexport {useRedirectFunctions, RedirectToLogin, RedirectToSignup} from \"./useRedirectFunctions\"\nexport type {RedirectProps} from \"./useRedirectFunctions\"\nexport {useRefreshAuth} from \"./useRefreshAuth\"","export class UserFromToken {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n public properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string,\n properties?: { [key: string]: unknown },\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n\n this.properties = properties\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): UserFromToken {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new UserFromToken(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId,\n obj.properties,\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n public userAssignedRole: string\n public userInheritedRolesPlusCurrentRole: string[]\n public userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n return new UserFromToken(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId,\n snake_case.properties,\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","'use client'\n\nimport React, { useCallback, useEffect, useReducer } from 'react'\nimport { doesLocalStorageMatch, hasWindow, isEqual, saveUserToLocalStorage, USER_INFO_KEY } from './utils'\nimport { useRouter } from 'next/navigation.js'\nimport { User } from './useUser'\nimport { toOrgIdToOrgMemberInfo } from '../user'\n\nexport interface RedirectToSignupOptions {\n postSignupRedirectPath: string\n}\nexport interface RedirectToLoginOptions {\n postLoginRedirectPath: string\n}\n\ninterface InternalAuthState {\n loading: boolean\n userAndAccessToken: UserAndAccessToken\n\n logout: () => Promise<void>\n\n redirectToLoginPage: (opts?: RedirectToLoginOptions) => void\n redirectToSignupPage: (opts?: RedirectToSignupOptions) => void\n redirectToAccountPage: () => void\n redirectToOrgPage: (orgId?: string) => void\n redirectToCreateOrgPage: () => void\n redirectToSetupSAMLPage: (orgId: string) => void\n\n getSignupPageUrl(opts?: RedirectToSignupOptions): string\n getLoginPageUrl(opts?: RedirectToLoginOptions): string\n getAccountPageUrl(): string\n getOrgPageUrl(orgId?: string): string\n getCreateOrgPageUrl(): string\n getSetupSAMLPageUrl(orgId: string): string\n\n refreshAuthInfo: () => Promise<User | undefined>\n}\n\nexport type AuthProviderProps = {\n authUrl: string\n reloadOnAuthChange?: boolean\n children?: React.ReactNode\n}\n\nexport const AuthContext = React.createContext<InternalAuthState | undefined>(undefined)\n\ntype UserAndAccessToken =\n | {\n user: User\n accessToken: string\n }\n | {\n user: undefined\n accessToken: undefined\n }\n\ntype AuthState = {\n loading: boolean\n userAndAccessToken: UserAndAccessToken\n\n // There's no good way to trigger server components to reload outside of router.refresh()\n // This is our workaround until the app router has something better\n authChangeDetected: boolean\n}\n\nconst initialAuthState = {\n loading: true,\n userAndAccessToken: {\n user: undefined,\n accessToken: undefined,\n },\n authChangeDetected: false,\n}\n\ntype AuthStateAction =\n | {\n user: User\n accessToken: string\n }\n | {\n user: undefined\n accessToken: undefined\n }\n\nfunction authStateReducer(_state: AuthState, action: AuthStateAction): AuthState {\n const newUserForEqualityChecking = { ...action.user, lastActiveAt: undefined }\n const existingUserForEqualityChecking = { ..._state.userAndAccessToken.user, lastActiveAt: undefined }\n const authChangeDetected = !_state.loading && !isEqual(newUserForEqualityChecking, existingUserForEqualityChecking)\n\n if (!action.user) {\n return {\n loading: false,\n userAndAccessToken: {\n user: undefined,\n accessToken: undefined,\n },\n authChangeDetected,\n }\n } else if (_state.loading) {\n return {\n loading: false,\n userAndAccessToken: {\n user: action.user,\n accessToken: action.accessToken,\n },\n authChangeDetected,\n }\n } else {\n return {\n loading: false,\n userAndAccessToken: {\n user: action.user,\n accessToken: action.accessToken,\n },\n authChangeDetected,\n }\n }\n}\n\nexport const AuthProvider = (props: AuthProviderProps) => {\n const [authState, dispatchInner] = useReducer(authStateReducer, initialAuthState)\n const router = useRouter()\n const reloadOnAuthChange = props.reloadOnAuthChange ?? true\n\n const dispatch = useCallback(\n (action: AuthStateAction) => {\n dispatchInner(action)\n saveUserToLocalStorage(action.user)\n },\n [dispatchInner]\n )\n\n // This is because we don't have a good way to trigger server components to reload outside of router.refresh()\n // Once server actions isn't alpha, we can hopefully use that instead\n useEffect(() => {\n if (reloadOnAuthChange && authState.authChangeDetected) {\n router.refresh()\n }\n }, [authState.authChangeDetected, reloadOnAuthChange, router])\n\n // Trigger an initial refresh\n useEffect(() => {\n let didCancel = false\n\n async function refreshAuthInfo() {\n const action = await apiGetUserInfo()\n if (!didCancel && !action.error) {\n dispatch(action)\n }\n }\n\n refreshAuthInfo()\n return () => {\n didCancel = true\n }\n }, [])\n\n // Periodically refresh the token\n useEffect(() => {\n let didCancel = false\n let retryTimer: NodeJS.Timeout | undefined = undefined\n\n function clearAndSetRetryTimer() {\n if (retryTimer) {\n clearTimeout(retryTimer)\n }\n retryTimer = setTimeout(refreshToken, 30 * 1000)\n }\n\n async function refreshToken() {\n const action = await apiGetUserInfo()\n if (didCancel) {\n return\n }\n if (!action.error) {\n dispatch(action)\n } else if (action.error === 'unexpected') {\n clearAndSetRetryTimer()\n }\n }\n\n async function onStorageEvent(event: StorageEvent) {\n if (\n event.key === USER_INFO_KEY &&\n !doesLocalStorageMatch(event.newValue, authState.userAndAccessToken.user)\n ) {\n await refreshToken()\n }\n }\n\n const interval = setInterval(refreshToken, 5 * 60 * 1000)\n\n if (hasWindow()) {\n window.addEventListener('storage', onStorageEvent)\n window.addEventListener('online', refreshToken)\n window.addEventListener('focus', refreshToken)\n }\n\n return () => {\n didCancel = true\n clearInterval(interval)\n if (retryTimer) {\n clearTimeout(retryTimer)\n }\n if (hasWindow()) {\n window.removeEventListener('storage', onStorageEvent)\n window.removeEventListener('online', refreshToken)\n window.removeEventListener('focus', refreshToken)\n }\n }\n }, [dispatch, authState.userAndAccessToken.user])\n\n const logout = useCallback(async () => {\n await fetch('/api/auth/logout', {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n credentials: 'include',\n })\n dispatch({ user: undefined, accessToken: undefined })\n }, [dispatch])\n\n const getLoginPageUrl = (opts?: RedirectToLoginOptions) => {\n if (opts?.postLoginRedirectPath) {\n return `/api/auth/login?return_to_path=${encodeURIComponent(opts.postLoginRedirectPath)}`\n }\n\n return '/api/auth/login'\n }\n const getSignupPageUrl = (opts?: RedirectToSignupOptions) => {\n if (opts?.postSignupRedirectPath) {\n return `/api/auth/signup?return_to_path=${encodeURIComponent(opts.postSignupRedirectPath)}`\n }\n\n return '/api/auth/signup'\n }\n const getAccountPageUrl = useCallback(() => {\n return `${props.authUrl}/account`\n }, [props.authUrl])\n const getOrgPageUrl = useCallback(\n (orgId?: string) => {\n if (orgId) {\n return `${props.authUrl}/org?id=${orgId}`\n } else {\n return `${props.authUrl}/org`\n }\n },\n [props.authUrl]\n )\n const getCreateOrgPageUrl = useCallback(() => {\n return `${props.authUrl}/create_org`\n }, [props.authUrl])\n\n const getSetupSAMLPageUrl = useCallback(\n (orgId: string) => {\n return `${props.authUrl}/saml?id=${orgId}`\n },\n [props.authUrl]\n )\n\n const redirectTo = (url: string) => {\n window.location.href = url\n }\n\n const redirectToLoginPage = (opts?: RedirectToLoginOptions) => redirectTo(getLoginPageUrl(opts))\n const redirectToSignupPage = (opts?: RedirectToSignupOptions) => redirectTo(getSignupPageUrl(opts))\n const redirectToAccountPage = () => redirectTo(getAccountPageUrl())\n const redirectToOrgPage = (orgId?: string) => redirectTo(getOrgPageUrl(orgId))\n const redirectToCreateOrgPage = () => redirectTo(getCreateOrgPageUrl())\n const redirectToSetupSAMLPage = (orgId: string) => redirectTo(getSetupSAMLPageUrl(orgId))\n\n const refreshAuthInfo = async () => {\n const action = await apiGetUserInfo()\n if (action.error) {\n throw new Error('Failed to refresh token')\n } else {\n dispatch(action)\n return action.user\n }\n }\n\n const value = {\n loading: authState.loading,\n userAndAccessToken: authState.userAndAccessToken,\n logout,\n redirectToLoginPage,\n redirectToSignupPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n redirectToSetupSAMLPage,\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n refreshAuthInfo,\n }\n return <AuthContext.Provider value={value}>{props.children}</AuthContext.Provider>\n}\n\ntype UserInfoResponse =\n | {\n error: undefined\n user: User\n accessToken: string\n }\n | {\n error: undefined\n user: undefined\n accessToken: undefined\n }\n | {\n error: 'unexpected'\n }\n\nasync function apiGetUserInfo(): Promise<UserInfoResponse> {\n try {\n const userInfoResponse = await fetch('/api/auth/userinfo', {\n method: 'GET',\n headers: {\n 'Content-Type': 'application/json',\n },\n credentials: 'include',\n })\n\n if (userInfoResponse.ok) {\n const { userinfo, accessToken, impersonatorUserId } = await userInfoResponse.json()\n const user = new User({\n userId: userinfo.user_id,\n email: userinfo.email,\n emailConfirmed: userinfo.email_confirmed,\n hasPassword: userinfo.has_password,\n username: userinfo.username,\n firstName: userinfo.first_name,\n lastName: userinfo.last_name,\n pictureUrl: userinfo.picture_url,\n orgIdToOrgMemberInfo: toOrgIdToOrgMemberInfo(userinfo.org_id_to_org_info),\n mfaEnabled: userinfo.mfa_enabled,\n canCreateOrgs: userinfo.can_create_orgs,\n updatePasswordRequired: userinfo.update_password_required,\n createdAt: userinfo.created_at,\n lastActiveAt: userinfo.last_active_at,\n properties: userinfo.properties,\n impersonatorUserId,\n })\n\n return { user, accessToken, error: undefined }\n } else if (userInfoResponse.status === 401) {\n return { user: undefined, accessToken: undefined, error: undefined }\n } else {\n console.info('Failed to refresh token', userInfoResponse)\n return { error: 'unexpected' }\n }\n } catch (e) {\n console.info('Failed to refresh token', e)\n return { error: 'unexpected' }\n }\n}\n","import {UserFromToken} from \"../user\";\nimport {User} from \"./useUser\";\n\nexport const USER_INFO_KEY = \"__PROPEL_AUTH_USER_INFO\"\n\nexport function hasWindow(): boolean {\n return typeof window !== \"undefined\"\n}\n\nexport function saveUserToLocalStorage(user: User | undefined) {\n if (user) {\n localStorage.setItem(USER_INFO_KEY, JSON.stringify(user))\n } else {\n localStorage.setItem(USER_INFO_KEY, \"{}\")\n }\n}\n\nexport function doesLocalStorageMatch(newValue: string | null, user: UserFromToken | undefined): boolean {\n if (!newValue) {\n return false\n } else if (!user) {\n return newValue === \"{}\"\n }\n\n const parsed = JSON.parse(newValue)\n if (!parsed) {\n return false\n }\n\n return isEqual(parsed, user)\n}\n\nexport function isEqual(a: any, b: any): boolean {\n if (typeof a !== typeof b) {\n return false\n }\n\n if (Array.isArray(a) !== Array.isArray(b)) {\n return false\n }\n\n if (Array.isArray(a)) {\n const aArray = a as any[]\n const bArray = b as any[]\n if (aArray.length !== bArray.length) {\n return false\n }\n\n for (let i = 0; i < aArray.length; i++) {\n if (!isEqual(aArray[i], bArray[i])) {\n return false\n }\n }\n\n return true\n }\n\n if (typeof a === \"object\") {\n const aKeys = Object.keys(a)\n const bKeys = Object.keys(b)\n if (aKeys.length !== bKeys.length) {\n return false\n }\n\n for (const key of aKeys) {\n if (!isEqual(a[key], b[key])) {\n return false\n }\n }\n\n return true\n } else {\n return a === b\n }\n}","'use client'\n\nimport {useContext} from \"react\"\nimport {AuthContext} from \"./AuthProvider\"\nimport {OrgIdToOrgMemberInfo, OrgMemberInfo} from \"../user\";\n\nexport class User {\n public userId: string\n public email: string\n public emailConfirmed: boolean\n public hasPassword: boolean\n\n public username?: string\n public firstName?: string\n public lastName?: string\n public pictureUrl?: string\n\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n public mfaEnabled: boolean\n public canCreateOrgs: boolean\n public updatePasswordRequired: boolean\n\n public createdAt: number\n public lastActiveAt: number\n\n public properties?: {[key: string]: unknown}\n\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor({\n userId,\n email,\n emailConfirmed,\n hasPassword,\n username,\n firstName,\n lastName,\n pictureUrl,\n orgIdToOrgMemberInfo,\n mfaEnabled,\n canCreateOrgs,\n updatePasswordRequired,\n createdAt,\n lastActiveAt,\n legacyUserId,\n properties,\n impersonatorUserId,\n }: {\n userId: string\n email: string\n emailConfirmed: boolean\n hasPassword: boolean\n username?: string\n firstName?: string\n lastName?: string\n pictureUrl?: string\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n mfaEnabled: boolean\n canCreateOrgs: boolean\n updatePasswordRequired: boolean\n createdAt: number\n lastActiveAt: number\n legacyUserId?: string\n properties?: {[key: string]: unknown}\n impersonatorUserId?: string\n }) {\n this.userId = userId\n this.email = email\n this.emailConfirmed = emailConfirmed\n this.hasPassword = hasPassword\n this.username = username\n this.firstName = firstName\n this.lastName = lastName\n this.pictureUrl = pictureUrl\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n this.mfaEnabled = mfaEnabled\n this.canCreateOrgs = canCreateOrgs\n this.updatePasswordRequired = updatePasswordRequired\n this.createdAt = createdAt\n this.lastActiveAt = lastActiveAt\n this.legacyUserId = legacyUserId\n this.properties = properties\n this.impersonatorUserId = impersonatorUserId\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n return this.orgIdToOrgMemberInfo?.[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n}\n\nexport type UseUserLoading = {\n loading: true\n isLoggedIn: never\n user: never\n accessToken: never\n}\n\nexport type UseUserLoggedIn = {\n loading: false\n isLoggedIn: true\n user: User\n accessToken: string\n}\n\nexport type UseUserNotLoggedIn = {\n loading: false\n isLoggedIn: false\n user: undefined\n accessToken: undefined\n}\n\nexport type UseUser = UseUserLoading | UseUserLoggedIn | UseUserNotLoggedIn\n\nexport function useUser(): UseUser {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useUser must be used within an AuthProvider\")\n }\n\n const {loading, userAndAccessToken} = context\n if (loading) {\n return {\n loading: true,\n isLoggedIn: undefined as never,\n user: undefined as never,\n accessToken: undefined as never,\n }\n } else if (userAndAccessToken.user) {\n return {\n loading: false,\n isLoggedIn: true,\n user: userAndAccessToken.user,\n accessToken: userAndAccessToken.accessToken,\n }\n } else {\n return {\n loading: false,\n isLoggedIn: false,\n user: undefined,\n accessToken: undefined,\n }\n }\n}","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useHostedPageUrls() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useHostedPageUrls must be used within an AuthProvider\")\n }\n const {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n } = context\n return {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n }\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useLogoutFunction() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useLogoutFunction must be used within an AuthProvider\")\n }\n const { logout } = context\n return logout\n}\n","import React, { useContext, useEffect } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRedirectFunctions() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useRedirectFunctions must be used within an AuthProvider\")\n }\n const {\n redirectToAccountPage,\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n } = context\n return {\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n }\n}\n\nexport interface RedirectProps {\n children?: React.ReactNode\n}\n\nexport function RedirectToSignup({ children }: RedirectProps) {\n const { redirectToSignupPage } = useRedirectFunctions()\n\n useEffect(() => {\n redirectToSignupPage()\n }, [])\n\n return <>{children}</>\n}\n\nexport function RedirectToLogin({ children }: RedirectProps) {\n const { redirectToLoginPage } = useRedirectFunctions()\n useEffect(() => {\n redirectToLoginPage()\n }, [])\n return <>{children}</>\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRefreshAuth() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useRefreshAuth must be used within an AuthProvider\")\n }\n const { refreshAuthInfo } = context\n return refreshAuthInfo\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAO,IAAM,gBAAN,MAAoB;AAAA,EAgBvB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACA,YACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAE1B,SAAK,aAAa;AAAA,EACtB;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA0CO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;AChPA,IAAAA,gBAA0D;;;ACCnD,IAAM,gBAAgB;AAEtB,SAAS,YAAqB;AACjC,SAAO,OAAO,WAAW;AAC7B;AAEO,SAAS,uBAAuB,MAAwB;AAC3D,MAAI,MAAM;AACN,iBAAa,QAAQ,eAAe,KAAK,UAAU,IAAI,CAAC;AAAA,EAC5D,OAAO;AACH,iBAAa,QAAQ,eAAe,IAAI;AAAA,EAC5C;AACJ;AAEO,SAAS,sBAAsB,UAAyB,MAA0C;AACrG,MAAI,CAAC,UAAU;AACX,WAAO;AAAA,EACX,WAAW,CAAC,MAAM;AACd,WAAO,aAAa;AAAA,EACxB;AAEA,QAAM,SAAS,KAAK,MAAM,QAAQ;AAClC,MAAI,CAAC,QAAQ;AACT,WAAO;AAAA,EACX;AAEA,SAAO,QAAQ,QAAQ,IAAI;AAC/B;AAEO,SAAS,QAAQ,GAAQ,GAAiB;AAC7C,MAAI,OAAO,MAAM,OAAO,GAAG;AACvB,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,GAAG;AACvC,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,GAAG;AAClB,UAAM,SAAS;AACf,UAAM,SAAS;AACf,QAAI,OAAO,WAAW,OAAO,QAAQ;AACjC,aAAO;AAAA,IACX;AAEA,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACpC,UAAI,CAAC,QAAQ,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG;AAChC,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAEA,MAAI,OAAO,MAAM,UAAU;AACvB,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,QAAI,MAAM,WAAW,MAAM,QAAQ;AAC/B,aAAO;AAAA,IACX;AAEA,eAAW,OAAO,OAAO;AACrB,UAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,EAAE,GAAG,CAAC,GAAG;AAC1B,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX,OAAO;AACH,WAAO,MAAM;AAAA,EACjB;AACJ;;;ADtEA,wBAA0B;;;AEF1B,mBAAyB;AAIlB,IAAM,OAAN,MAAW;AAAA,EAyBd,YAAY;AAAA,IACI;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,GAkBT;AACC,SAAK,SAAS;AACd,SAAK,QAAQ;AACb,SAAK,iBAAiB;AACtB,SAAK,cAAc;AACnB,SAAK,WAAW;AAChB,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,aAAa;AAClB,SAAK,uBAAuB;AAC5B,SAAK,aAAa;AAClB,SAAK,gBAAgB;AACrB,SAAK,yBAAyB;AAC9B,SAAK,YAAY;AACjB,SAAK,eAAe;AACpB,SAAK,eAAe;AACpB,SAAK,aAAa;AAClB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AAvF5D;AAwFQ,YAAO,UAAK,yBAAL,mBAA4B;AAAA,EACvC;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AACJ;AAyBO,SAAS,UAAmB;AAC/B,QAAM,cAAU,yBAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EACjE;AAEA,QAAM,EAAC,SAAS,mBAAkB,IAAI;AACtC,MAAI,SAAS;AACT,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ,WAAW,mBAAmB,MAAM;AAChC,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM,mBAAmB;AAAA,MACzB,aAAa,mBAAmB;AAAA,IACpC;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ;AACJ;;;AFhIO,IAAM,cAAc,cAAAC,QAAM,cAA6C,MAAS;AAqBvF,IAAM,mBAAmB;AAAA,EACrB,SAAS;AAAA,EACT,oBAAoB;AAAA,IAChB,MAAM;AAAA,IACN,aAAa;AAAA,EACjB;AAAA,EACA,oBAAoB;AACxB;AAYA,SAAS,iBAAiB,QAAmB,QAAoC;AAC7E,QAAM,6BAA6B,iCAAK,OAAO,OAAZ,EAAkB,cAAc,OAAU;AAC7E,QAAM,kCAAkC,iCAAK,OAAO,mBAAmB,OAA/B,EAAqC,cAAc,OAAU;AACrG,QAAM,qBAAqB,CAAC,OAAO,WAAW,CAAC,QAAQ,4BAA4B,+BAA+B;AAElH,MAAI,CAAC,OAAO,MAAM;AACd,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM;AAAA,QACN,aAAa;AAAA,MACjB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,WAAW,OAAO,SAAS;AACvB,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ;AACJ;AAEO,IAAM,eAAe,CAAC,UAA6B;AAvH1D;AAwHI,QAAM,CAAC,WAAW,aAAa,QAAI,0BAAW,kBAAkB,gBAAgB;AAChF,QAAM,aAAS,6BAAU;AACzB,QAAM,sBAAqB,WAAM,uBAAN,YAA4B;AAEvD,QAAM,eAAW;AAAA,IACb,CAAC,WAA4B;AACzB,oBAAc,MAAM;AACpB,6BAAuB,OAAO,IAAI;AAAA,IACtC;AAAA,IACA,CAAC,aAAa;AAAA,EAClB;AAIA,+BAAU,MAAM;AACZ,QAAI,sBAAsB,UAAU,oBAAoB;AACpD,aAAO,QAAQ;AAAA,IACnB;AAAA,EACJ,GAAG,CAAC,UAAU,oBAAoB,oBAAoB,MAAM,CAAC;AAG7D,+BAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAeC,mBAAkB;AAAA;AAC7B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,CAAC,aAAa,CAAC,OAAO,OAAO;AAC7B,mBAAS,MAAM;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,IAAAA,iBAAgB;AAChB,WAAO,MAAM;AACT,kBAAY;AAAA,IAChB;AAAA,EACJ,GAAG,CAAC,CAAC;AAGL,+BAAU,MAAM;AACZ,QAAI,YAAY;AAChB,QAAI,aAAyC;AAE7C,aAAS,wBAAwB;AAC7B,UAAI,YAAY;AACZ,qBAAa,UAAU;AAAA,MAC3B;AACA,mBAAa,WAAW,cAAc,KAAK,GAAI;AAAA,IACnD;AAEA,aAAe,eAAe;AAAA;AAC1B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,WAAW;AACX;AAAA,QACJ;AACA,YAAI,CAAC,OAAO,OAAO;AACf,mBAAS,MAAM;AAAA,QACnB,WAAW,OAAO,UAAU,cAAc;AACtC,gCAAsB;AAAA,QAC1B;AAAA,MACJ;AAAA;AAEA,aAAe,eAAe,OAAqB;AAAA;AAC/C,YACI,MAAM,QAAQ,iBACd,CAAC,sBAAsB,MAAM,UAAU,UAAU,mBAAmB,IAAI,GAC1E;AACE,gBAAM,aAAa;AAAA,QACvB;AAAA,MACJ;AAAA;AAEA,UAAM,WAAW,YAAY,cAAc,IAAI,KAAK,GAAI;AAExD,QAAI,UAAU,GAAG;AACb,aAAO,iBAAiB,WAAW,cAAc;AACjD,aAAO,iBAAiB,UAAU,YAAY;AAC9C,aAAO,iBAAiB,SAAS,YAAY;AAAA,IACjD;AAEA,WAAO,MAAM;AACT,kBAAY;AACZ,oBAAc,QAAQ;AACtB,UAAI,YAAY;AACZ,qBAAa,UAAU;AAAA,MAC3B;AACA,UAAI,UAAU,GAAG;AACb,eAAO,oBAAoB,WAAW,cAAc;AACpD,eAAO,oBAAoB,UAAU,YAAY;AACjD,eAAO,oBAAoB,SAAS,YAAY;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,GAAG,CAAC,UAAU,UAAU,mBAAmB,IAAI,CAAC;AAEhD,QAAM,aAAS,2BAAY,MAAY;AACnC,UAAM,MAAM,oBAAoB;AAAA,MAC5B,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,gBAAgB;AAAA,MACpB;AAAA,MACA,aAAa;AAAA,IACjB,CAAC;AACD,aAAS,EAAE,MAAM,QAAW,aAAa,OAAU,CAAC;AAAA,EACxD,IAAG,CAAC,QAAQ,CAAC;AAEb,QAAM,kBAAkB,CAAC,SAAkC;AACvD,QAAI,6BAAM,uBAAuB;AAC7B,aAAO,kCAAkC,mBAAmB,KAAK,qBAAqB;AAAA,IAC1F;AAEA,WAAO;AAAA,EACX;AACA,QAAM,mBAAmB,CAAC,SAAmC;AACzD,QAAI,6BAAM,wBAAwB;AAC9B,aAAO,mCAAmC,mBAAmB,KAAK,sBAAsB;AAAA,IAC5F;AAEA,WAAO;AAAA,EACX;AACA,QAAM,wBAAoB,2BAAY,MAAM;AACxC,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAClB,QAAM,oBAAgB;AAAA,IAClB,CAAC,UAAmB;AAChB,UAAI,OAAO;AACP,eAAO,GAAG,MAAM,kBAAkB;AAAA,MACtC,OAAO;AACH,eAAO,GAAG,MAAM;AAAA,MACpB;AAAA,IACJ;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AACA,QAAM,0BAAsB,2BAAY,MAAM;AAC1C,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAElB,QAAM,0BAAsB;AAAA,IACxB,CAAC,UAAkB;AACf,aAAO,GAAG,MAAM,mBAAmB;AAAA,IACvC;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AAEA,QAAM,aAAa,CAAC,QAAgB;AAChC,WAAO,SAAS,OAAO;AAAA,EAC3B;AAEA,QAAM,sBAAsB,CAAC,SAAkC,WAAW,gBAAgB,IAAI,CAAC;AAC/F,QAAM,uBAAuB,CAAC,SAAmC,WAAW,iBAAiB,IAAI,CAAC;AAClG,QAAM,wBAAwB,MAAM,WAAW,kBAAkB,CAAC;AAClE,QAAM,oBAAoB,CAAC,UAAmB,WAAW,cAAc,KAAK,CAAC;AAC7E,QAAM,0BAA0B,MAAM,WAAW,oBAAoB,CAAC;AACtE,QAAM,0BAA0B,CAAC,UAAkB,WAAW,oBAAoB,KAAK,CAAC;AAExF,QAAM,kBAAkB,MAAY;AAChC,UAAM,SAAS,MAAM,eAAe;AACpC,QAAI,OAAO,OAAO;AACd,YAAM,IAAI,MAAM,yBAAyB;AAAA,IAC7C,OAAO;AACH,eAAS,MAAM;AACf,aAAO,OAAO;AAAA,IAClB;AAAA,EACJ;AAEA,QAAM,QAAQ;AAAA,IACV,SAAS,UAAU;AAAA,IACnB,oBAAoB,UAAU;AAAA,IAC9B;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACA,SAAO,8BAAAD,QAAA,cAAC,YAAY,UAAZ,EAAqB,SAAe,MAAM,QAAS;AAC/D;AAiBA,SAAe,iBAA4C;AAAA;AACvD,QAAI;AACA,YAAM,mBAAmB,MAAM,MAAM,sBAAsB;AAAA,QACvD,QAAQ;AAAA,QACR,SAAS;AAAA,UACL,gBAAgB;AAAA,QACpB;AAAA,QACA,aAAa;AAAA,MACjB,CAAC;AAED,UAAI,iBAAiB,IAAI;AACrB,cAAM,EAAE,UAAU,aAAa,mBAAmB,IAAI,MAAM,iBAAiB,KAAK;AAClF,cAAM,OAAO,IAAI,KAAK;AAAA,UAClB,QAAQ,SAAS;AAAA,UACjB,OAAO,SAAS;AAAA,UAChB,gBAAgB,SAAS;AAAA,UACzB,aAAa,SAAS;AAAA,UACtB,UAAU,SAAS;AAAA,UACnB,WAAW,SAAS;AAAA,UACpB,UAAU,SAAS;AAAA,UACnB,YAAY,SAAS;AAAA,UACrB,sBAAsB,uBAAuB,SAAS,kBAAkB;AAAA,UACxE,YAAY,SAAS;AAAA,UACrB,eAAe,SAAS;AAAA,UACxB,wBAAwB,SAAS;AAAA,UACjC,WAAW,SAAS;AAAA,UACpB,cAAc,SAAS;AAAA,UACvB,YAAY,SAAS;AAAA,UACrB;AAAA,QACJ,CAAC;AAED,eAAO,EAAE,MAAM,aAAa,OAAO,OAAU;AAAA,MACjD,WAAW,iBAAiB,WAAW,KAAK;AACxC,eAAO,EAAE,MAAM,QAAW,aAAa,QAAW,OAAO,OAAU;AAAA,MACvE,OAAO;AACH,gBAAQ,KAAK,2BAA2B,gBAAgB;AACxD,eAAO,EAAE,OAAO,aAAa;AAAA,MACjC;AAAA,IACJ,SAAS,GAAP;AACE,cAAQ,KAAK,2BAA2B,CAAC;AACzC,aAAO,EAAE,OAAO,aAAa;AAAA,IACjC;AAAA,EACJ;AAAA;;;AGxWA,IAAAE,gBAA2B;AAGpB,SAAS,oBAAoB;AAChC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;;;ACxBA,IAAAC,gBAA2B;AAGpB,SAAS,oBAAoB;AAChC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,SAAO;AACX;;;ACVA,IAAAC,gBAA6C;AAGtC,SAAS,uBAAuB;AACnC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,0DAA0D;AAAA,EAC9E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAMO,SAAS,iBAAiB,EAAE,SAAS,GAAkB;AAC1D,QAAM,EAAE,qBAAqB,IAAI,qBAAqB;AAEtD,+BAAU,MAAM;AACZ,yBAAqB;AAAA,EACzB,GAAG,CAAC,CAAC;AAEL,SAAO,8BAAAC,QAAA,4BAAAA,QAAA,gBAAG,QAAS;AACvB;AAEO,SAAS,gBAAgB,EAAE,SAAS,GAAkB;AACzD,QAAM,EAAE,oBAAoB,IAAI,qBAAqB;AACrD,+BAAU,MAAM;AACZ,wBAAoB;AAAA,EACxB,GAAG,CAAC,CAAC;AACL,SAAO,8BAAAA,QAAA,4BAAAA,QAAA,gBAAG,QAAS;AACvB;;;AC5CA,IAAAC,gBAA2B;AAGpB,SAAS,iBAAiB;AAC7B,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,oDAAoD;AAAA,EACxE;AACA,QAAM,EAAE,gBAAgB,IAAI;AAC5B,SAAO;AACX;","names":["import_react","React","refreshAuthInfo","import_react","import_react","import_react","React","import_react"]}
1
+ {"version":3,"sources":["../../src/client/index.ts","../../src/user.ts","../../src/client/AuthProvider.tsx","../../src/client/utils.ts","../../src/client/useUser.tsx","../../src/client/useHostedPageUrls.tsx","../../src/client/useLogoutFunction.ts","../../src/client/useRedirectFunctions.tsx","../../src/client/useRefreshAuth.ts"],"sourcesContent":["export type {OrgIdToOrgMemberInfo} from \"../user\"\nexport {UserFromToken, OrgMemberInfo} from \"../user\"\nexport {AuthProvider} from \"./AuthProvider\"\nexport type {AuthProviderProps, RedirectToLoginOptions, RedirectToSignupOptions} from \"./AuthProvider\"\nexport {useUser, User} from \"./useUser\"\nexport type {UseUser, UseUserLoading, UseUserLoggedIn, UseUserNotLoggedIn} from \"./useUser\"\nexport {useHostedPageUrls} from \"./useHostedPageUrls\"\nexport {useLogoutFunction} from \"./useLogoutFunction\"\nexport {useRedirectFunctions, RedirectToLogin, RedirectToSignup} from \"./useRedirectFunctions\"\nexport type {RedirectProps} from \"./useRedirectFunctions\"\nexport {useRefreshAuth} from \"./useRefreshAuth\"","export class UserFromToken {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n public properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string,\n properties?: { [key: string]: unknown },\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n\n this.properties = properties\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): UserFromToken {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new UserFromToken(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId,\n obj.properties,\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n public userAssignedRole: string\n public userInheritedRolesPlusCurrentRole: string[]\n public userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n return new UserFromToken(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId,\n snake_case.properties,\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","'use client'\n\nimport React, { useCallback, useEffect, useReducer } from 'react'\nimport { doesLocalStorageMatch, hasWindow, isEqual, saveUserToLocalStorage, USER_INFO_KEY } from './utils'\nimport { useRouter } from 'next/navigation.js'\nimport { User } from './useUser'\nimport { toOrgIdToOrgMemberInfo } from '../user'\n\nexport interface RedirectToSignupOptions {\n postSignupRedirectPath?: string\n userSignupQueryParameters?: Record<string, string>\n}\nexport interface RedirectToLoginOptions {\n postLoginRedirectPath?: string\n userSignupQueryParameters?: Record<string, string>\n}\nexport interface RedirectOptions {\n redirectBackToUrl?: string\n}\n\ninterface InternalAuthState {\n loading: boolean\n userAndAccessToken: UserAndAccessToken\n\n logout: () => Promise<void>\n\n redirectToLoginPage: (opts?: RedirectToLoginOptions) => void\n redirectToSignupPage: (opts?: RedirectToSignupOptions) => void\n redirectToAccountPage: (opts?: RedirectOptions) => void\n redirectToOrgPage: (orgId?: string, opts?: RedirectOptions) => void\n redirectToCreateOrgPage: (opts?: RedirectOptions) => void\n redirectToSetupSAMLPage: (orgId: string, opts?: RedirectOptions) => void\n\n getSignupPageUrl(opts?: RedirectToSignupOptions): string\n getLoginPageUrl(opts?: RedirectToLoginOptions): string\n getAccountPageUrl(opts?: RedirectOptions): string\n getOrgPageUrl(orgId?: string, opts?: RedirectOptions): string\n getCreateOrgPageUrl(opts?: RedirectOptions): string\n getSetupSAMLPageUrl(orgId: string, opts?: RedirectOptions): string\n\n refreshAuthInfo: () => Promise<User | undefined>\n}\n\nexport type AuthProviderProps = {\n authUrl: string\n reloadOnAuthChange?: boolean\n children?: React.ReactNode\n}\n\nexport const AuthContext = React.createContext<InternalAuthState | undefined>(undefined)\n\ntype UserAndAccessToken =\n | {\n user: User\n accessToken: string\n }\n | {\n user: undefined\n accessToken: undefined\n }\n\ntype AuthState = {\n loading: boolean\n userAndAccessToken: UserAndAccessToken\n\n // There's no good way to trigger server components to reload outside of router.refresh()\n // This is our workaround until the app router has something better\n authChangeDetected: boolean\n}\n\nconst initialAuthState = {\n loading: true,\n userAndAccessToken: {\n user: undefined,\n accessToken: undefined,\n },\n authChangeDetected: false,\n}\n\ntype AuthStateAction =\n | {\n user: User\n accessToken: string\n }\n | {\n user: undefined\n accessToken: undefined\n }\n\nfunction authStateReducer(_state: AuthState, action: AuthStateAction): AuthState {\n const newUserForEqualityChecking = { ...action.user, lastActiveAt: undefined }\n const existingUserForEqualityChecking = { ..._state.userAndAccessToken.user, lastActiveAt: undefined }\n const authChangeDetected = !_state.loading && !isEqual(newUserForEqualityChecking, existingUserForEqualityChecking)\n\n if (!action.user) {\n return {\n loading: false,\n userAndAccessToken: {\n user: undefined,\n accessToken: undefined,\n },\n authChangeDetected,\n }\n } else if (_state.loading) {\n return {\n loading: false,\n userAndAccessToken: {\n user: action.user,\n accessToken: action.accessToken,\n },\n authChangeDetected,\n }\n } else {\n return {\n loading: false,\n userAndAccessToken: {\n user: action.user,\n accessToken: action.accessToken,\n },\n authChangeDetected,\n }\n }\n}\n\nexport const AuthProvider = (props: AuthProviderProps) => {\n const [authState, dispatchInner] = useReducer(authStateReducer, initialAuthState)\n const router = useRouter()\n const reloadOnAuthChange = props.reloadOnAuthChange ?? true\n\n const dispatch = useCallback(\n (action: AuthStateAction) => {\n dispatchInner(action)\n saveUserToLocalStorage(action.user)\n },\n [dispatchInner]\n )\n\n // This is because we don't have a good way to trigger server components to reload outside of router.refresh()\n // Once server actions isn't alpha, we can hopefully use that instead\n useEffect(() => {\n if (reloadOnAuthChange && authState.authChangeDetected) {\n router.refresh()\n }\n }, [authState.authChangeDetected, reloadOnAuthChange, router])\n\n // Trigger an initial refresh\n useEffect(() => {\n let didCancel = false\n\n async function refreshAuthInfo() {\n const action = await apiGetUserInfo()\n if (!didCancel && !action.error) {\n dispatch(action)\n }\n }\n\n refreshAuthInfo()\n return () => {\n didCancel = true\n }\n }, [])\n\n // Periodically refresh the token\n useEffect(() => {\n let didCancel = false\n let retryTimer: NodeJS.Timeout | undefined = undefined\n\n function clearAndSetRetryTimer() {\n if (retryTimer) {\n clearTimeout(retryTimer)\n }\n retryTimer = setTimeout(refreshToken, 30 * 1000)\n }\n\n async function refreshToken() {\n const action = await apiGetUserInfo()\n if (didCancel) {\n return\n }\n if (!action.error) {\n dispatch(action)\n } else if (action.error === 'unexpected') {\n clearAndSetRetryTimer()\n }\n }\n\n async function onStorageEvent(event: StorageEvent) {\n if (\n event.key === USER_INFO_KEY &&\n !doesLocalStorageMatch(event.newValue, authState.userAndAccessToken.user)\n ) {\n await refreshToken()\n }\n }\n\n const interval = setInterval(refreshToken, 5 * 60 * 1000)\n\n if (hasWindow()) {\n window.addEventListener('storage', onStorageEvent)\n window.addEventListener('online', refreshToken)\n window.addEventListener('focus', refreshToken)\n }\n\n return () => {\n didCancel = true\n clearInterval(interval)\n if (retryTimer) {\n clearTimeout(retryTimer)\n }\n if (hasWindow()) {\n window.removeEventListener('storage', onStorageEvent)\n window.removeEventListener('online', refreshToken)\n window.removeEventListener('focus', refreshToken)\n }\n }\n }, [dispatch, authState.userAndAccessToken.user])\n\n const logout = useCallback(async () => {\n await fetch('/api/auth/logout', {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n credentials: 'include',\n })\n dispatch({ user: undefined, accessToken: undefined })\n }, [dispatch])\n\n const getLoginPageUrl = (opts?: RedirectToLoginOptions) => {\n if (opts?.postLoginRedirectPath) {\n return `/api/auth/login?return_to_path=${encodeURIComponent(opts.postLoginRedirectPath)}`\n }\n\n return '/api/auth/login'\n }\n const getSignupPageUrl = (opts?: RedirectToSignupOptions) => {\n if (opts?.postSignupRedirectPath) {\n return `/api/auth/signup?return_to_path=${encodeURIComponent(opts.postSignupRedirectPath)}`\n }\n\n return '/api/auth/signup'\n }\n const getAccountPageUrl = useCallback(\n (opts?: RedirectOptions) => {\n return addReturnToPath(`${props.authUrl}/account`, opts?.redirectBackToUrl)\n },\n [props.authUrl]\n )\n const getOrgPageUrl = useCallback(\n (orgId?: string, opts?: RedirectOptions) => {\n if (orgId) {\n return addReturnToPath(`${props.authUrl}/org?id=${orgId}`, opts?.redirectBackToUrl)\n } else {\n return addReturnToPath(`${props.authUrl}/org`, opts?.redirectBackToUrl)\n }\n },\n [props.authUrl]\n )\n const getCreateOrgPageUrl = useCallback(\n (opts?: RedirectOptions) => {\n return addReturnToPath(`${props.authUrl}/create_org`, opts?.redirectBackToUrl)\n },\n [props.authUrl]\n )\n\n const getSetupSAMLPageUrl = useCallback(\n (orgId: string, opts?: RedirectOptions) => {\n return addReturnToPath(`${props.authUrl}/saml?id=${orgId}`, opts?.redirectBackToUrl)\n },\n [props.authUrl]\n )\n\n const redirectTo = (url: string) => {\n window.location.href = url\n }\n\n const redirectToLoginPage = (opts?: RedirectToLoginOptions) => redirectTo(getLoginPageUrl(opts))\n const redirectToSignupPage = (opts?: RedirectToSignupOptions) => redirectTo(getSignupPageUrl(opts))\n const redirectToAccountPage = (opts?: RedirectOptions) => redirectTo(getAccountPageUrl(opts))\n const redirectToOrgPage = (orgId?: string, opts?: RedirectOptions) => redirectTo(getOrgPageUrl(orgId, opts))\n const redirectToCreateOrgPage = (opts?: RedirectOptions) => redirectTo(getCreateOrgPageUrl(opts))\n const redirectToSetupSAMLPage = (orgId: string, opts?: RedirectOptions) =>\n redirectTo(getSetupSAMLPageUrl(orgId, opts))\n\n const refreshAuthInfo = async () => {\n const action = await apiGetUserInfo()\n if (action.error) {\n throw new Error('Failed to refresh token')\n } else {\n dispatch(action)\n return action.user\n }\n }\n\n const value = {\n loading: authState.loading,\n userAndAccessToken: authState.userAndAccessToken,\n logout,\n redirectToLoginPage,\n redirectToSignupPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n redirectToSetupSAMLPage,\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n refreshAuthInfo,\n }\n return <AuthContext.Provider value={value}>{props.children}</AuthContext.Provider>\n}\n\ntype UserInfoResponse =\n | {\n error: undefined\n user: User\n accessToken: string\n }\n | {\n error: undefined\n user: undefined\n accessToken: undefined\n }\n | {\n error: 'unexpected'\n }\n\nasync function apiGetUserInfo(): Promise<UserInfoResponse> {\n try {\n const userInfoResponse = await fetch('/api/auth/userinfo', {\n method: 'GET',\n headers: {\n 'Content-Type': 'application/json',\n },\n credentials: 'include',\n })\n\n if (userInfoResponse.ok) {\n const { userinfo, accessToken, impersonatorUserId } = await userInfoResponse.json()\n const user = new User({\n userId: userinfo.user_id,\n email: userinfo.email,\n emailConfirmed: userinfo.email_confirmed,\n hasPassword: userinfo.has_password,\n username: userinfo.username,\n firstName: userinfo.first_name,\n lastName: userinfo.last_name,\n pictureUrl: userinfo.picture_url,\n orgIdToOrgMemberInfo: toOrgIdToOrgMemberInfo(userinfo.org_id_to_org_info),\n mfaEnabled: userinfo.mfa_enabled,\n canCreateOrgs: userinfo.can_create_orgs,\n updatePasswordRequired: userinfo.update_password_required,\n createdAt: userinfo.created_at,\n lastActiveAt: userinfo.last_active_at,\n properties: userinfo.properties,\n impersonatorUserId,\n })\n\n return { user, accessToken, error: undefined }\n } else if (userInfoResponse.status === 401) {\n return { user: undefined, accessToken: undefined, error: undefined }\n } else {\n console.info('Failed to refresh token', userInfoResponse)\n return { error: 'unexpected' }\n }\n } catch (e) {\n console.info('Failed to refresh token', e)\n return { error: 'unexpected' }\n }\n}\n\nconst encodeBase64 = (str: string) => {\n const encode = window ? window.btoa : btoa\n return encode(str)\n}\n\nconst addReturnToPath = (url: string, returnToPath?: string) => {\n if (!returnToPath) {\n return url\n }\n\n let qs = new URLSearchParams()\n qs.set('rt', encodeBase64(returnToPath))\n if (url.includes('?')) {\n return `${url}&${qs.toString()}`\n } else {\n return `${url}?${qs.toString()}`\n }\n}\n","import {UserFromToken} from \"../user\";\nimport {User} from \"./useUser\";\n\nexport const USER_INFO_KEY = \"__PROPEL_AUTH_USER_INFO\"\n\nexport function hasWindow(): boolean {\n return typeof window !== \"undefined\"\n}\n\nexport function saveUserToLocalStorage(user: User | undefined) {\n if (user) {\n localStorage.setItem(USER_INFO_KEY, JSON.stringify(user))\n } else {\n localStorage.setItem(USER_INFO_KEY, \"{}\")\n }\n}\n\nexport function doesLocalStorageMatch(newValue: string | null, user: UserFromToken | undefined): boolean {\n if (!newValue) {\n return false\n } else if (!user) {\n return newValue === \"{}\"\n }\n\n const parsed = JSON.parse(newValue)\n if (!parsed) {\n return false\n }\n\n return isEqual(parsed, user)\n}\n\nexport function isEqual(a: any, b: any): boolean {\n if (typeof a !== typeof b) {\n return false\n }\n\n if (Array.isArray(a) !== Array.isArray(b)) {\n return false\n }\n\n if (Array.isArray(a)) {\n const aArray = a as any[]\n const bArray = b as any[]\n if (aArray.length !== bArray.length) {\n return false\n }\n\n for (let i = 0; i < aArray.length; i++) {\n if (!isEqual(aArray[i], bArray[i])) {\n return false\n }\n }\n\n return true\n }\n\n if (typeof a === \"object\") {\n const aKeys = Object.keys(a)\n const bKeys = Object.keys(b)\n if (aKeys.length !== bKeys.length) {\n return false\n }\n\n for (const key of aKeys) {\n if (!isEqual(a[key], b[key])) {\n return false\n }\n }\n\n return true\n } else {\n return a === b\n }\n}","'use client'\n\nimport {useContext} from \"react\"\nimport {AuthContext} from \"./AuthProvider\"\nimport {OrgIdToOrgMemberInfo, OrgMemberInfo} from \"../user\";\n\nexport class User {\n public userId: string\n public email: string\n public emailConfirmed: boolean\n public hasPassword: boolean\n\n public username?: string\n public firstName?: string\n public lastName?: string\n public pictureUrl?: string\n\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n public mfaEnabled: boolean\n public canCreateOrgs: boolean\n public updatePasswordRequired: boolean\n\n public createdAt: number\n public lastActiveAt: number\n\n public properties?: {[key: string]: unknown}\n\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor({\n userId,\n email,\n emailConfirmed,\n hasPassword,\n username,\n firstName,\n lastName,\n pictureUrl,\n orgIdToOrgMemberInfo,\n mfaEnabled,\n canCreateOrgs,\n updatePasswordRequired,\n createdAt,\n lastActiveAt,\n legacyUserId,\n properties,\n impersonatorUserId,\n }: {\n userId: string\n email: string\n emailConfirmed: boolean\n hasPassword: boolean\n username?: string\n firstName?: string\n lastName?: string\n pictureUrl?: string\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n mfaEnabled: boolean\n canCreateOrgs: boolean\n updatePasswordRequired: boolean\n createdAt: number\n lastActiveAt: number\n legacyUserId?: string\n properties?: {[key: string]: unknown}\n impersonatorUserId?: string\n }) {\n this.userId = userId\n this.email = email\n this.emailConfirmed = emailConfirmed\n this.hasPassword = hasPassword\n this.username = username\n this.firstName = firstName\n this.lastName = lastName\n this.pictureUrl = pictureUrl\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n this.mfaEnabled = mfaEnabled\n this.canCreateOrgs = canCreateOrgs\n this.updatePasswordRequired = updatePasswordRequired\n this.createdAt = createdAt\n this.lastActiveAt = lastActiveAt\n this.legacyUserId = legacyUserId\n this.properties = properties\n this.impersonatorUserId = impersonatorUserId\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n return this.orgIdToOrgMemberInfo?.[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n}\n\nexport type UseUserLoading = {\n loading: true\n isLoggedIn: never\n user: never\n accessToken: never\n}\n\nexport type UseUserLoggedIn = {\n loading: false\n isLoggedIn: true\n user: User\n accessToken: string\n}\n\nexport type UseUserNotLoggedIn = {\n loading: false\n isLoggedIn: false\n user: undefined\n accessToken: undefined\n}\n\nexport type UseUser = UseUserLoading | UseUserLoggedIn | UseUserNotLoggedIn\n\nexport function useUser(): UseUser {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useUser must be used within an AuthProvider\")\n }\n\n const {loading, userAndAccessToken} = context\n if (loading) {\n return {\n loading: true,\n isLoggedIn: undefined as never,\n user: undefined as never,\n accessToken: undefined as never,\n }\n } else if (userAndAccessToken.user) {\n return {\n loading: false,\n isLoggedIn: true,\n user: userAndAccessToken.user,\n accessToken: userAndAccessToken.accessToken,\n }\n } else {\n return {\n loading: false,\n isLoggedIn: false,\n user: undefined,\n accessToken: undefined,\n }\n }\n}","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useHostedPageUrls() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useHostedPageUrls must be used within an AuthProvider\")\n }\n const {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n } = context\n return {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n }\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useLogoutFunction() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useLogoutFunction must be used within an AuthProvider\")\n }\n const { logout } = context\n return logout\n}\n","import React, { useContext, useEffect } from 'react'\nimport { AuthContext } from './AuthProvider'\n\nexport function useRedirectFunctions() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error('useRedirectFunctions must be used within an AuthProvider')\n }\n const {\n redirectToAccountPage,\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n redirectToSetupSAMLPage,\n } = context\n return {\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n redirectToSetupSAMLPage,\n }\n}\n\nexport interface RedirectProps {\n children?: React.ReactNode\n}\n\nexport function RedirectToSignup({ children }: RedirectProps) {\n const { redirectToSignupPage } = useRedirectFunctions()\n\n useEffect(() => {\n redirectToSignupPage()\n }, [])\n\n return <>{children}</>\n}\n\nexport function RedirectToLogin({ children }: RedirectProps) {\n const { redirectToLoginPage } = useRedirectFunctions()\n useEffect(() => {\n redirectToLoginPage()\n }, [])\n return <>{children}</>\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRefreshAuth() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useRefreshAuth must be used within an AuthProvider\")\n }\n const { refreshAuthInfo } = context\n return refreshAuthInfo\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAO,IAAM,gBAAN,MAAoB;AAAA,EAgBvB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACA,YACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAE1B,SAAK,aAAa;AAAA,EACtB;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA0CO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;AChPA,IAAAA,gBAA0D;;;ACCnD,IAAM,gBAAgB;AAEtB,SAAS,YAAqB;AACjC,SAAO,OAAO,WAAW;AAC7B;AAEO,SAAS,uBAAuB,MAAwB;AAC3D,MAAI,MAAM;AACN,iBAAa,QAAQ,eAAe,KAAK,UAAU,IAAI,CAAC;AAAA,EAC5D,OAAO;AACH,iBAAa,QAAQ,eAAe,IAAI;AAAA,EAC5C;AACJ;AAEO,SAAS,sBAAsB,UAAyB,MAA0C;AACrG,MAAI,CAAC,UAAU;AACX,WAAO;AAAA,EACX,WAAW,CAAC,MAAM;AACd,WAAO,aAAa;AAAA,EACxB;AAEA,QAAM,SAAS,KAAK,MAAM,QAAQ;AAClC,MAAI,CAAC,QAAQ;AACT,WAAO;AAAA,EACX;AAEA,SAAO,QAAQ,QAAQ,IAAI;AAC/B;AAEO,SAAS,QAAQ,GAAQ,GAAiB;AAC7C,MAAI,OAAO,MAAM,OAAO,GAAG;AACvB,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,GAAG;AACvC,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,GAAG;AAClB,UAAM,SAAS;AACf,UAAM,SAAS;AACf,QAAI,OAAO,WAAW,OAAO,QAAQ;AACjC,aAAO;AAAA,IACX;AAEA,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACpC,UAAI,CAAC,QAAQ,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG;AAChC,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAEA,MAAI,OAAO,MAAM,UAAU;AACvB,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,QAAI,MAAM,WAAW,MAAM,QAAQ;AAC/B,aAAO;AAAA,IACX;AAEA,eAAW,OAAO,OAAO;AACrB,UAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,EAAE,GAAG,CAAC,GAAG;AAC1B,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX,OAAO;AACH,WAAO,MAAM;AAAA,EACjB;AACJ;;;ADtEA,wBAA0B;;;AEF1B,mBAAyB;AAIlB,IAAM,OAAN,MAAW;AAAA,EAyBd,YAAY;AAAA,IACI;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,GAkBT;AACC,SAAK,SAAS;AACd,SAAK,QAAQ;AACb,SAAK,iBAAiB;AACtB,SAAK,cAAc;AACnB,SAAK,WAAW;AAChB,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,aAAa;AAClB,SAAK,uBAAuB;AAC5B,SAAK,aAAa;AAClB,SAAK,gBAAgB;AACrB,SAAK,yBAAyB;AAC9B,SAAK,YAAY;AACjB,SAAK,eAAe;AACpB,SAAK,eAAe;AACpB,SAAK,aAAa;AAClB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AAvF5D;AAwFQ,YAAO,UAAK,yBAAL,mBAA4B;AAAA,EACvC;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AACJ;AAyBO,SAAS,UAAmB;AAC/B,QAAM,cAAU,yBAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EACjE;AAEA,QAAM,EAAC,SAAS,mBAAkB,IAAI;AACtC,MAAI,SAAS;AACT,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ,WAAW,mBAAmB,MAAM;AAChC,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM,mBAAmB;AAAA,MACzB,aAAa,mBAAmB;AAAA,IACpC;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ;AACJ;;;AF3HO,IAAM,cAAc,cAAAC,QAAM,cAA6C,MAAS;AAqBvF,IAAM,mBAAmB;AAAA,EACrB,SAAS;AAAA,EACT,oBAAoB;AAAA,IAChB,MAAM;AAAA,IACN,aAAa;AAAA,EACjB;AAAA,EACA,oBAAoB;AACxB;AAYA,SAAS,iBAAiB,QAAmB,QAAoC;AAC7E,QAAM,6BAA6B,iCAAK,OAAO,OAAZ,EAAkB,cAAc,OAAU;AAC7E,QAAM,kCAAkC,iCAAK,OAAO,mBAAmB,OAA/B,EAAqC,cAAc,OAAU;AACrG,QAAM,qBAAqB,CAAC,OAAO,WAAW,CAAC,QAAQ,4BAA4B,+BAA+B;AAElH,MAAI,CAAC,OAAO,MAAM;AACd,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM;AAAA,QACN,aAAa;AAAA,MACjB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,WAAW,OAAO,SAAS;AACvB,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ;AACJ;AAEO,IAAM,eAAe,CAAC,UAA6B;AA5H1D;AA6HI,QAAM,CAAC,WAAW,aAAa,QAAI,0BAAW,kBAAkB,gBAAgB;AAChF,QAAM,aAAS,6BAAU;AACzB,QAAM,sBAAqB,WAAM,uBAAN,YAA4B;AAEvD,QAAM,eAAW;AAAA,IACb,CAAC,WAA4B;AACzB,oBAAc,MAAM;AACpB,6BAAuB,OAAO,IAAI;AAAA,IACtC;AAAA,IACA,CAAC,aAAa;AAAA,EAClB;AAIA,+BAAU,MAAM;AACZ,QAAI,sBAAsB,UAAU,oBAAoB;AACpD,aAAO,QAAQ;AAAA,IACnB;AAAA,EACJ,GAAG,CAAC,UAAU,oBAAoB,oBAAoB,MAAM,CAAC;AAG7D,+BAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAeC,mBAAkB;AAAA;AAC7B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,CAAC,aAAa,CAAC,OAAO,OAAO;AAC7B,mBAAS,MAAM;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,IAAAA,iBAAgB;AAChB,WAAO,MAAM;AACT,kBAAY;AAAA,IAChB;AAAA,EACJ,GAAG,CAAC,CAAC;AAGL,+BAAU,MAAM;AACZ,QAAI,YAAY;AAChB,QAAI,aAAyC;AAE7C,aAAS,wBAAwB;AAC7B,UAAI,YAAY;AACZ,qBAAa,UAAU;AAAA,MAC3B;AACA,mBAAa,WAAW,cAAc,KAAK,GAAI;AAAA,IACnD;AAEA,aAAe,eAAe;AAAA;AAC1B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,WAAW;AACX;AAAA,QACJ;AACA,YAAI,CAAC,OAAO,OAAO;AACf,mBAAS,MAAM;AAAA,QACnB,WAAW,OAAO,UAAU,cAAc;AACtC,gCAAsB;AAAA,QAC1B;AAAA,MACJ;AAAA;AAEA,aAAe,eAAe,OAAqB;AAAA;AAC/C,YACI,MAAM,QAAQ,iBACd,CAAC,sBAAsB,MAAM,UAAU,UAAU,mBAAmB,IAAI,GAC1E;AACE,gBAAM,aAAa;AAAA,QACvB;AAAA,MACJ;AAAA;AAEA,UAAM,WAAW,YAAY,cAAc,IAAI,KAAK,GAAI;AAExD,QAAI,UAAU,GAAG;AACb,aAAO,iBAAiB,WAAW,cAAc;AACjD,aAAO,iBAAiB,UAAU,YAAY;AAC9C,aAAO,iBAAiB,SAAS,YAAY;AAAA,IACjD;AAEA,WAAO,MAAM;AACT,kBAAY;AACZ,oBAAc,QAAQ;AACtB,UAAI,YAAY;AACZ,qBAAa,UAAU;AAAA,MAC3B;AACA,UAAI,UAAU,GAAG;AACb,eAAO,oBAAoB,WAAW,cAAc;AACpD,eAAO,oBAAoB,UAAU,YAAY;AACjD,eAAO,oBAAoB,SAAS,YAAY;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,GAAG,CAAC,UAAU,UAAU,mBAAmB,IAAI,CAAC;AAEhD,QAAM,aAAS,2BAAY,MAAY;AACnC,UAAM,MAAM,oBAAoB;AAAA,MAC5B,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,gBAAgB;AAAA,MACpB;AAAA,MACA,aAAa;AAAA,IACjB,CAAC;AACD,aAAS,EAAE,MAAM,QAAW,aAAa,OAAU,CAAC;AAAA,EACxD,IAAG,CAAC,QAAQ,CAAC;AAEb,QAAM,kBAAkB,CAAC,SAAkC;AACvD,QAAI,6BAAM,uBAAuB;AAC7B,aAAO,kCAAkC,mBAAmB,KAAK,qBAAqB;AAAA,IAC1F;AAEA,WAAO;AAAA,EACX;AACA,QAAM,mBAAmB,CAAC,SAAmC;AACzD,QAAI,6BAAM,wBAAwB;AAC9B,aAAO,mCAAmC,mBAAmB,KAAK,sBAAsB;AAAA,IAC5F;AAEA,WAAO;AAAA,EACX;AACA,QAAM,wBAAoB;AAAA,IACtB,CAAC,SAA2B;AACxB,aAAO,gBAAgB,GAAG,MAAM,mBAAmB,6BAAM,iBAAiB;AAAA,IAC9E;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AACA,QAAM,oBAAgB;AAAA,IAClB,CAAC,OAAgB,SAA2B;AACxC,UAAI,OAAO;AACP,eAAO,gBAAgB,GAAG,MAAM,kBAAkB,SAAS,6BAAM,iBAAiB;AAAA,MACtF,OAAO;AACH,eAAO,gBAAgB,GAAG,MAAM,eAAe,6BAAM,iBAAiB;AAAA,MAC1E;AAAA,IACJ;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AACA,QAAM,0BAAsB;AAAA,IACxB,CAAC,SAA2B;AACxB,aAAO,gBAAgB,GAAG,MAAM,sBAAsB,6BAAM,iBAAiB;AAAA,IACjF;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AAEA,QAAM,0BAAsB;AAAA,IACxB,CAAC,OAAe,SAA2B;AACvC,aAAO,gBAAgB,GAAG,MAAM,mBAAmB,SAAS,6BAAM,iBAAiB;AAAA,IACvF;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AAEA,QAAM,aAAa,CAAC,QAAgB;AAChC,WAAO,SAAS,OAAO;AAAA,EAC3B;AAEA,QAAM,sBAAsB,CAAC,SAAkC,WAAW,gBAAgB,IAAI,CAAC;AAC/F,QAAM,uBAAuB,CAAC,SAAmC,WAAW,iBAAiB,IAAI,CAAC;AAClG,QAAM,wBAAwB,CAAC,SAA2B,WAAW,kBAAkB,IAAI,CAAC;AAC5F,QAAM,oBAAoB,CAAC,OAAgB,SAA2B,WAAW,cAAc,OAAO,IAAI,CAAC;AAC3G,QAAM,0BAA0B,CAAC,SAA2B,WAAW,oBAAoB,IAAI,CAAC;AAChG,QAAM,0BAA0B,CAAC,OAAe,SAC5C,WAAW,oBAAoB,OAAO,IAAI,CAAC;AAE/C,QAAM,kBAAkB,MAAY;AAChC,UAAM,SAAS,MAAM,eAAe;AACpC,QAAI,OAAO,OAAO;AACd,YAAM,IAAI,MAAM,yBAAyB;AAAA,IAC7C,OAAO;AACH,eAAS,MAAM;AACf,aAAO,OAAO;AAAA,IAClB;AAAA,EACJ;AAEA,QAAM,QAAQ;AAAA,IACV,SAAS,UAAU;AAAA,IACnB,oBAAoB,UAAU;AAAA,IAC9B;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACA,SAAO,8BAAAD,QAAA,cAAC,YAAY,UAAZ,EAAqB,SAAe,MAAM,QAAS;AAC/D;AAiBA,SAAe,iBAA4C;AAAA;AACvD,QAAI;AACA,YAAM,mBAAmB,MAAM,MAAM,sBAAsB;AAAA,QACvD,QAAQ;AAAA,QACR,SAAS;AAAA,UACL,gBAAgB;AAAA,QACpB;AAAA,QACA,aAAa;AAAA,MACjB,CAAC;AAED,UAAI,iBAAiB,IAAI;AACrB,cAAM,EAAE,UAAU,aAAa,mBAAmB,IAAI,MAAM,iBAAiB,KAAK;AAClF,cAAM,OAAO,IAAI,KAAK;AAAA,UAClB,QAAQ,SAAS;AAAA,UACjB,OAAO,SAAS;AAAA,UAChB,gBAAgB,SAAS;AAAA,UACzB,aAAa,SAAS;AAAA,UACtB,UAAU,SAAS;AAAA,UACnB,WAAW,SAAS;AAAA,UACpB,UAAU,SAAS;AAAA,UACnB,YAAY,SAAS;AAAA,UACrB,sBAAsB,uBAAuB,SAAS,kBAAkB;AAAA,UACxE,YAAY,SAAS;AAAA,UACrB,eAAe,SAAS;AAAA,UACxB,wBAAwB,SAAS;AAAA,UACjC,WAAW,SAAS;AAAA,UACpB,cAAc,SAAS;AAAA,UACvB,YAAY,SAAS;AAAA,UACrB;AAAA,QACJ,CAAC;AAED,eAAO,EAAE,MAAM,aAAa,OAAO,OAAU;AAAA,MACjD,WAAW,iBAAiB,WAAW,KAAK;AACxC,eAAO,EAAE,MAAM,QAAW,aAAa,QAAW,OAAO,OAAU;AAAA,MACvE,OAAO;AACH,gBAAQ,KAAK,2BAA2B,gBAAgB;AACxD,eAAO,EAAE,OAAO,aAAa;AAAA,MACjC;AAAA,IACJ,SAAS,GAAP;AACE,cAAQ,KAAK,2BAA2B,CAAC;AACzC,aAAO,EAAE,OAAO,aAAa;AAAA,IACjC;AAAA,EACJ;AAAA;AAEA,IAAM,eAAe,CAAC,QAAgB;AAClC,QAAM,SAAS,SAAS,OAAO,OAAO;AACtC,SAAO,OAAO,GAAG;AACrB;AAEA,IAAM,kBAAkB,CAAC,KAAa,iBAA0B;AAC5D,MAAI,CAAC,cAAc;AACf,WAAO;AAAA,EACX;AAEA,MAAI,KAAK,IAAI,gBAAgB;AAC7B,KAAG,IAAI,MAAM,aAAa,YAAY,CAAC;AACvC,MAAI,IAAI,SAAS,GAAG,GAAG;AACnB,WAAO,GAAG,OAAO,GAAG,SAAS;AAAA,EACjC,OAAO;AACH,WAAO,GAAG,OAAO,GAAG,SAAS;AAAA,EACjC;AACJ;;;AGvYA,IAAAE,gBAA2B;AAGpB,SAAS,oBAAoB;AAChC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;;;ACxBA,IAAAC,gBAA2B;AAGpB,SAAS,oBAAoB;AAChC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,SAAO;AACX;;;ACVA,IAAAC,gBAA6C;AAGtC,SAAS,uBAAuB;AACnC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,0DAA0D;AAAA,EAC9E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAMO,SAAS,iBAAiB,EAAE,SAAS,GAAkB;AAC1D,QAAM,EAAE,qBAAqB,IAAI,qBAAqB;AAEtD,+BAAU,MAAM;AACZ,yBAAqB;AAAA,EACzB,GAAG,CAAC,CAAC;AAEL,SAAO,8BAAAC,QAAA,4BAAAA,QAAA,gBAAG,QAAS;AACvB;AAEO,SAAS,gBAAgB,EAAE,SAAS,GAAkB;AACzD,QAAM,EAAE,oBAAoB,IAAI,qBAAqB;AACrD,+BAAU,MAAM;AACZ,wBAAoB;AAAA,EACxB,GAAG,CAAC,CAAC;AACL,SAAO,8BAAAA,QAAA,4BAAAA,QAAA,gBAAG,QAAS;AACvB;;;AC9CA,IAAAC,gBAA2B;AAGpB,SAAS,iBAAiB;AAC7B,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,oDAAoD;AAAA,EACxE;AACA,QAAM,EAAE,gBAAgB,IAAI;AAC5B,SAAO;AACX;","names":["import_react","React","refreshAuthInfo","import_react","import_react","import_react","React","import_react"]}
package/dist/client/index.mjs CHANGED
@@ -478,25 +478,31 @@ var AuthProvider = (props) => {
478
478
  }
479
479
  return "/api/auth/signup";
480
480
  };
481
- const getAccountPageUrl = useCallback(() => {
482
- return `${props.authUrl}/account`;
483
- }, [props.authUrl]);
481
+ const getAccountPageUrl = useCallback(
482
+ (opts) => {
483
+ return addReturnToPath(`${props.authUrl}/account`, opts == null ? void 0 : opts.redirectBackToUrl);
484
+ },
485
+ [props.authUrl]
486
+ );
484
487
  const getOrgPageUrl = useCallback(
485
- (orgId) => {
488
+ (orgId, opts) => {
486
489
  if (orgId) {
487
- return `${props.authUrl}/org?id=${orgId}`;
490
+ return addReturnToPath(`${props.authUrl}/org?id=${orgId}`, opts == null ? void 0 : opts.redirectBackToUrl);
488
491
  } else {
489
- return `${props.authUrl}/org`;
492
+ return addReturnToPath(`${props.authUrl}/org`, opts == null ? void 0 : opts.redirectBackToUrl);
490
493
  }
491
494
  },
492
495
  [props.authUrl]
493
496
  );
494
- const getCreateOrgPageUrl = useCallback(() => {
495
- return `${props.authUrl}/create_org`;
496
- }, [props.authUrl]);
497
+ const getCreateOrgPageUrl = useCallback(
498
+ (opts) => {
499
+ return addReturnToPath(`${props.authUrl}/create_org`, opts == null ? void 0 : opts.redirectBackToUrl);
500
+ },
501
+ [props.authUrl]
502
+ );
497
503
  const getSetupSAMLPageUrl = useCallback(
498
- (orgId) => {
499
- return `${props.authUrl}/saml?id=${orgId}`;
504
+ (orgId, opts) => {
505
+ return addReturnToPath(`${props.authUrl}/saml?id=${orgId}`, opts == null ? void 0 : opts.redirectBackToUrl);
500
506
  },
501
507
  [props.authUrl]
502
508
  );
@@ -505,10 +511,10 @@ var AuthProvider = (props) => {
505
511
  };
506
512
  const redirectToLoginPage = (opts) => redirectTo(getLoginPageUrl(opts));
507
513
  const redirectToSignupPage = (opts) => redirectTo(getSignupPageUrl(opts));
508
- const redirectToAccountPage = () => redirectTo(getAccountPageUrl());
509
- const redirectToOrgPage = (orgId) => redirectTo(getOrgPageUrl(orgId));
510
- const redirectToCreateOrgPage = () => redirectTo(getCreateOrgPageUrl());
511
- const redirectToSetupSAMLPage = (orgId) => redirectTo(getSetupSAMLPageUrl(orgId));
514
+ const redirectToAccountPage = (opts) => redirectTo(getAccountPageUrl(opts));
515
+ const redirectToOrgPage = (orgId, opts) => redirectTo(getOrgPageUrl(orgId, opts));
516
+ const redirectToCreateOrgPage = (opts) => redirectTo(getCreateOrgPageUrl(opts));
517
+ const redirectToSetupSAMLPage = (orgId, opts) => redirectTo(getSetupSAMLPageUrl(orgId, opts));
512
518
  const refreshAuthInfo = () => __async(void 0, null, function* () {
513
519
  const action = yield apiGetUserInfo();
514
520
  if (action.error) {
@@ -581,6 +587,22 @@ function apiGetUserInfo() {
581
587
  }
582
588
  });
583
589
  }
590
+ var encodeBase64 = (str) => {
591
+ const encode = window ? window.btoa : btoa;
592
+ return encode(str);
593
+ };
594
+ var addReturnToPath = (url, returnToPath) => {
595
+ if (!returnToPath) {
596
+ return url;
597
+ }
598
+ let qs = new URLSearchParams();
599
+ qs.set("rt", encodeBase64(returnToPath));
600
+ if (url.includes("?")) {
601
+ return `${url}&${qs.toString()}`;
602
+ } else {
603
+ return `${url}?${qs.toString()}`;
604
+ }
605
+ };
584
606
 
585
607
  // src/client/useHostedPageUrls.tsx
586
608
  import { useContext as useContext2 } from "react";
@@ -630,14 +652,16 @@ function useRedirectFunctions() {
630
652
  redirectToSignupPage,
631
653
  redirectToLoginPage,
632
654
  redirectToOrgPage,
633
- redirectToCreateOrgPage
655
+ redirectToCreateOrgPage,
656
+ redirectToSetupSAMLPage
634
657
  } = context;
635
658
  return {
636
659
  redirectToSignupPage,
637
660
  redirectToLoginPage,
638
661
  redirectToAccountPage,
639
662
  redirectToOrgPage,
640
- redirectToCreateOrgPage
663
+ redirectToCreateOrgPage,
664
+ redirectToSetupSAMLPage
641
665
  };
642
666
  }
643
667
  function RedirectToSignup({ children }) {
package/dist/client/index.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/user.ts","../../src/client/AuthProvider.tsx","../../src/client/utils.ts","../../src/client/useUser.tsx","../../src/client/useHostedPageUrls.tsx","../../src/client/useLogoutFunction.ts","../../src/client/useRedirectFunctions.tsx","../../src/client/useRefreshAuth.ts"],"sourcesContent":["export class UserFromToken {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n public properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string,\n properties?: { [key: string]: unknown },\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n\n this.properties = properties\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): UserFromToken {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new UserFromToken(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId,\n obj.properties,\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n public userAssignedRole: string\n public userInheritedRolesPlusCurrentRole: string[]\n public userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n return new UserFromToken(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId,\n snake_case.properties,\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","'use client'\n\nimport React, { useCallback, useEffect, useReducer } from 'react'\nimport { doesLocalStorageMatch, hasWindow, isEqual, saveUserToLocalStorage, USER_INFO_KEY } from './utils'\nimport { useRouter } from 'next/navigation.js'\nimport { User } from './useUser'\nimport { toOrgIdToOrgMemberInfo } from '../user'\n\nexport interface RedirectToSignupOptions {\n postSignupRedirectPath: string\n}\nexport interface RedirectToLoginOptions {\n postLoginRedirectPath: string\n}\n\ninterface InternalAuthState {\n loading: boolean\n userAndAccessToken: UserAndAccessToken\n\n logout: () => Promise<void>\n\n redirectToLoginPage: (opts?: RedirectToLoginOptions) => void\n redirectToSignupPage: (opts?: RedirectToSignupOptions) => void\n redirectToAccountPage: () => void\n redirectToOrgPage: (orgId?: string) => void\n redirectToCreateOrgPage: () => void\n redirectToSetupSAMLPage: (orgId: string) => void\n\n getSignupPageUrl(opts?: RedirectToSignupOptions): string\n getLoginPageUrl(opts?: RedirectToLoginOptions): string\n getAccountPageUrl(): string\n getOrgPageUrl(orgId?: string): string\n getCreateOrgPageUrl(): string\n getSetupSAMLPageUrl(orgId: string): string\n\n refreshAuthInfo: () => Promise<User | undefined>\n}\n\nexport type AuthProviderProps = {\n authUrl: string\n reloadOnAuthChange?: boolean\n children?: React.ReactNode\n}\n\nexport const AuthContext = React.createContext<InternalAuthState | undefined>(undefined)\n\ntype UserAndAccessToken =\n | {\n user: User\n accessToken: string\n }\n | {\n user: undefined\n accessToken: undefined\n }\n\ntype AuthState = {\n loading: boolean\n userAndAccessToken: UserAndAccessToken\n\n // There's no good way to trigger server components to reload outside of router.refresh()\n // This is our workaround until the app router has something better\n authChangeDetected: boolean\n}\n\nconst initialAuthState = {\n loading: true,\n userAndAccessToken: {\n user: undefined,\n accessToken: undefined,\n },\n authChangeDetected: false,\n}\n\ntype AuthStateAction =\n | {\n user: User\n accessToken: string\n }\n | {\n user: undefined\n accessToken: undefined\n }\n\nfunction authStateReducer(_state: AuthState, action: AuthStateAction): AuthState {\n const newUserForEqualityChecking = { ...action.user, lastActiveAt: undefined }\n const existingUserForEqualityChecking = { ..._state.userAndAccessToken.user, lastActiveAt: undefined }\n const authChangeDetected = !_state.loading && !isEqual(newUserForEqualityChecking, existingUserForEqualityChecking)\n\n if (!action.user) {\n return {\n loading: false,\n userAndAccessToken: {\n user: undefined,\n accessToken: undefined,\n },\n authChangeDetected,\n }\n } else if (_state.loading) {\n return {\n loading: false,\n userAndAccessToken: {\n user: action.user,\n accessToken: action.accessToken,\n },\n authChangeDetected,\n }\n } else {\n return {\n loading: false,\n userAndAccessToken: {\n user: action.user,\n accessToken: action.accessToken,\n },\n authChangeDetected,\n }\n }\n}\n\nexport const AuthProvider = (props: AuthProviderProps) => {\n const [authState, dispatchInner] = useReducer(authStateReducer, initialAuthState)\n const router = useRouter()\n const reloadOnAuthChange = props.reloadOnAuthChange ?? true\n\n const dispatch = useCallback(\n (action: AuthStateAction) => {\n dispatchInner(action)\n saveUserToLocalStorage(action.user)\n },\n [dispatchInner]\n )\n\n // This is because we don't have a good way to trigger server components to reload outside of router.refresh()\n // Once server actions isn't alpha, we can hopefully use that instead\n useEffect(() => {\n if (reloadOnAuthChange && authState.authChangeDetected) {\n router.refresh()\n }\n }, [authState.authChangeDetected, reloadOnAuthChange, router])\n\n // Trigger an initial refresh\n useEffect(() => {\n let didCancel = false\n\n async function refreshAuthInfo() {\n const action = await apiGetUserInfo()\n if (!didCancel && !action.error) {\n dispatch(action)\n }\n }\n\n refreshAuthInfo()\n return () => {\n didCancel = true\n }\n }, [])\n\n // Periodically refresh the token\n useEffect(() => {\n let didCancel = false\n let retryTimer: NodeJS.Timeout | undefined = undefined\n\n function clearAndSetRetryTimer() {\n if (retryTimer) {\n clearTimeout(retryTimer)\n }\n retryTimer = setTimeout(refreshToken, 30 * 1000)\n }\n\n async function refreshToken() {\n const action = await apiGetUserInfo()\n if (didCancel) {\n return\n }\n if (!action.error) {\n dispatch(action)\n } else if (action.error === 'unexpected') {\n clearAndSetRetryTimer()\n }\n }\n\n async function onStorageEvent(event: StorageEvent) {\n if (\n event.key === USER_INFO_KEY &&\n !doesLocalStorageMatch(event.newValue, authState.userAndAccessToken.user)\n ) {\n await refreshToken()\n }\n }\n\n const interval = setInterval(refreshToken, 5 * 60 * 1000)\n\n if (hasWindow()) {\n window.addEventListener('storage', onStorageEvent)\n window.addEventListener('online', refreshToken)\n window.addEventListener('focus', refreshToken)\n }\n\n return () => {\n didCancel = true\n clearInterval(interval)\n if (retryTimer) {\n clearTimeout(retryTimer)\n }\n if (hasWindow()) {\n window.removeEventListener('storage', onStorageEvent)\n window.removeEventListener('online', refreshToken)\n window.removeEventListener('focus', refreshToken)\n }\n }\n }, [dispatch, authState.userAndAccessToken.user])\n\n const logout = useCallback(async () => {\n await fetch('/api/auth/logout', {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n credentials: 'include',\n })\n dispatch({ user: undefined, accessToken: undefined })\n }, [dispatch])\n\n const getLoginPageUrl = (opts?: RedirectToLoginOptions) => {\n if (opts?.postLoginRedirectPath) {\n return `/api/auth/login?return_to_path=${encodeURIComponent(opts.postLoginRedirectPath)}`\n }\n\n return '/api/auth/login'\n }\n const getSignupPageUrl = (opts?: RedirectToSignupOptions) => {\n if (opts?.postSignupRedirectPath) {\n return `/api/auth/signup?return_to_path=${encodeURIComponent(opts.postSignupRedirectPath)}`\n }\n\n return '/api/auth/signup'\n }\n const getAccountPageUrl = useCallback(() => {\n return `${props.authUrl}/account`\n }, [props.authUrl])\n const getOrgPageUrl = useCallback(\n (orgId?: string) => {\n if (orgId) {\n return `${props.authUrl}/org?id=${orgId}`\n } else {\n return `${props.authUrl}/org`\n }\n },\n [props.authUrl]\n )\n const getCreateOrgPageUrl = useCallback(() => {\n return `${props.authUrl}/create_org`\n }, [props.authUrl])\n\n const getSetupSAMLPageUrl = useCallback(\n (orgId: string) => {\n return `${props.authUrl}/saml?id=${orgId}`\n },\n [props.authUrl]\n )\n\n const redirectTo = (url: string) => {\n window.location.href = url\n }\n\n const redirectToLoginPage = (opts?: RedirectToLoginOptions) => redirectTo(getLoginPageUrl(opts))\n const redirectToSignupPage = (opts?: RedirectToSignupOptions) => redirectTo(getSignupPageUrl(opts))\n const redirectToAccountPage = () => redirectTo(getAccountPageUrl())\n const redirectToOrgPage = (orgId?: string) => redirectTo(getOrgPageUrl(orgId))\n const redirectToCreateOrgPage = () => redirectTo(getCreateOrgPageUrl())\n const redirectToSetupSAMLPage = (orgId: string) => redirectTo(getSetupSAMLPageUrl(orgId))\n\n const refreshAuthInfo = async () => {\n const action = await apiGetUserInfo()\n if (action.error) {\n throw new Error('Failed to refresh token')\n } else {\n dispatch(action)\n return action.user\n }\n }\n\n const value = {\n loading: authState.loading,\n userAndAccessToken: authState.userAndAccessToken,\n logout,\n redirectToLoginPage,\n redirectToSignupPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n redirectToSetupSAMLPage,\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n refreshAuthInfo,\n }\n return <AuthContext.Provider value={value}>{props.children}</AuthContext.Provider>\n}\n\ntype UserInfoResponse =\n | {\n error: undefined\n user: User\n accessToken: string\n }\n | {\n error: undefined\n user: undefined\n accessToken: undefined\n }\n | {\n error: 'unexpected'\n }\n\nasync function apiGetUserInfo(): Promise<UserInfoResponse> {\n try {\n const userInfoResponse = await fetch('/api/auth/userinfo', {\n method: 'GET',\n headers: {\n 'Content-Type': 'application/json',\n },\n credentials: 'include',\n })\n\n if (userInfoResponse.ok) {\n const { userinfo, accessToken, impersonatorUserId } = await userInfoResponse.json()\n const user = new User({\n userId: userinfo.user_id,\n email: userinfo.email,\n emailConfirmed: userinfo.email_confirmed,\n hasPassword: userinfo.has_password,\n username: userinfo.username,\n firstName: userinfo.first_name,\n lastName: userinfo.last_name,\n pictureUrl: userinfo.picture_url,\n orgIdToOrgMemberInfo: toOrgIdToOrgMemberInfo(userinfo.org_id_to_org_info),\n mfaEnabled: userinfo.mfa_enabled,\n canCreateOrgs: userinfo.can_create_orgs,\n updatePasswordRequired: userinfo.update_password_required,\n createdAt: userinfo.created_at,\n lastActiveAt: userinfo.last_active_at,\n properties: userinfo.properties,\n impersonatorUserId,\n })\n\n return { user, accessToken, error: undefined }\n } else if (userInfoResponse.status === 401) {\n return { user: undefined, accessToken: undefined, error: undefined }\n } else {\n console.info('Failed to refresh token', userInfoResponse)\n return { error: 'unexpected' }\n }\n } catch (e) {\n console.info('Failed to refresh token', e)\n return { error: 'unexpected' }\n }\n}\n","import {UserFromToken} from \"../user\";\nimport {User} from \"./useUser\";\n\nexport const USER_INFO_KEY = \"__PROPEL_AUTH_USER_INFO\"\n\nexport function hasWindow(): boolean {\n return typeof window !== \"undefined\"\n}\n\nexport function saveUserToLocalStorage(user: User | undefined) {\n if (user) {\n localStorage.setItem(USER_INFO_KEY, JSON.stringify(user))\n } else {\n localStorage.setItem(USER_INFO_KEY, \"{}\")\n }\n}\n\nexport function doesLocalStorageMatch(newValue: string | null, user: UserFromToken | undefined): boolean {\n if (!newValue) {\n return false\n } else if (!user) {\n return newValue === \"{}\"\n }\n\n const parsed = JSON.parse(newValue)\n if (!parsed) {\n return false\n }\n\n return isEqual(parsed, user)\n}\n\nexport function isEqual(a: any, b: any): boolean {\n if (typeof a !== typeof b) {\n return false\n }\n\n if (Array.isArray(a) !== Array.isArray(b)) {\n return false\n }\n\n if (Array.isArray(a)) {\n const aArray = a as any[]\n const bArray = b as any[]\n if (aArray.length !== bArray.length) {\n return false\n }\n\n for (let i = 0; i < aArray.length; i++) {\n if (!isEqual(aArray[i], bArray[i])) {\n return false\n }\n }\n\n return true\n }\n\n if (typeof a === \"object\") {\n const aKeys = Object.keys(a)\n const bKeys = Object.keys(b)\n if (aKeys.length !== bKeys.length) {\n return false\n }\n\n for (const key of aKeys) {\n if (!isEqual(a[key], b[key])) {\n return false\n }\n }\n\n return true\n } else {\n return a === b\n }\n}","'use client'\n\nimport {useContext} from \"react\"\nimport {AuthContext} from \"./AuthProvider\"\nimport {OrgIdToOrgMemberInfo, OrgMemberInfo} from \"../user\";\n\nexport class User {\n public userId: string\n public email: string\n public emailConfirmed: boolean\n public hasPassword: boolean\n\n public username?: string\n public firstName?: string\n public lastName?: string\n public pictureUrl?: string\n\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n public mfaEnabled: boolean\n public canCreateOrgs: boolean\n public updatePasswordRequired: boolean\n\n public createdAt: number\n public lastActiveAt: number\n\n public properties?: {[key: string]: unknown}\n\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor({\n userId,\n email,\n emailConfirmed,\n hasPassword,\n username,\n firstName,\n lastName,\n pictureUrl,\n orgIdToOrgMemberInfo,\n mfaEnabled,\n canCreateOrgs,\n updatePasswordRequired,\n createdAt,\n lastActiveAt,\n legacyUserId,\n properties,\n impersonatorUserId,\n }: {\n userId: string\n email: string\n emailConfirmed: boolean\n hasPassword: boolean\n username?: string\n firstName?: string\n lastName?: string\n pictureUrl?: string\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n mfaEnabled: boolean\n canCreateOrgs: boolean\n updatePasswordRequired: boolean\n createdAt: number\n lastActiveAt: number\n legacyUserId?: string\n properties?: {[key: string]: unknown}\n impersonatorUserId?: string\n }) {\n this.userId = userId\n this.email = email\n this.emailConfirmed = emailConfirmed\n this.hasPassword = hasPassword\n this.username = username\n this.firstName = firstName\n this.lastName = lastName\n this.pictureUrl = pictureUrl\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n this.mfaEnabled = mfaEnabled\n this.canCreateOrgs = canCreateOrgs\n this.updatePasswordRequired = updatePasswordRequired\n this.createdAt = createdAt\n this.lastActiveAt = lastActiveAt\n this.legacyUserId = legacyUserId\n this.properties = properties\n this.impersonatorUserId = impersonatorUserId\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n return this.orgIdToOrgMemberInfo?.[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n}\n\nexport type UseUserLoading = {\n loading: true\n isLoggedIn: never\n user: never\n accessToken: never\n}\n\nexport type UseUserLoggedIn = {\n loading: false\n isLoggedIn: true\n user: User\n accessToken: string\n}\n\nexport type UseUserNotLoggedIn = {\n loading: false\n isLoggedIn: false\n user: undefined\n accessToken: undefined\n}\n\nexport type UseUser = UseUserLoading | UseUserLoggedIn | UseUserNotLoggedIn\n\nexport function useUser(): UseUser {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useUser must be used within an AuthProvider\")\n }\n\n const {loading, userAndAccessToken} = context\n if (loading) {\n return {\n loading: true,\n isLoggedIn: undefined as never,\n user: undefined as never,\n accessToken: undefined as never,\n }\n } else if (userAndAccessToken.user) {\n return {\n loading: false,\n isLoggedIn: true,\n user: userAndAccessToken.user,\n accessToken: userAndAccessToken.accessToken,\n }\n } else {\n return {\n loading: false,\n isLoggedIn: false,\n user: undefined,\n accessToken: undefined,\n }\n }\n}","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useHostedPageUrls() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useHostedPageUrls must be used within an AuthProvider\")\n }\n const {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n } = context\n return {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n }\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useLogoutFunction() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useLogoutFunction must be used within an AuthProvider\")\n }\n const { logout } = context\n return logout\n}\n","import React, { useContext, useEffect } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRedirectFunctions() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useRedirectFunctions must be used within an AuthProvider\")\n }\n const {\n redirectToAccountPage,\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n } = context\n return {\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n }\n}\n\nexport interface RedirectProps {\n children?: React.ReactNode\n}\n\nexport function RedirectToSignup({ children }: RedirectProps) {\n const { redirectToSignupPage } = useRedirectFunctions()\n\n useEffect(() => {\n redirectToSignupPage()\n }, [])\n\n return <>{children}</>\n}\n\nexport function RedirectToLogin({ children }: RedirectProps) {\n const { redirectToLoginPage } = useRedirectFunctions()\n useEffect(() => {\n redirectToLoginPage()\n }, [])\n return <>{children}</>\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRefreshAuth() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useRefreshAuth must be used within an AuthProvider\")\n }\n const { refreshAuthInfo } = context\n return refreshAuthInfo\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAO,IAAM,gBAAN,MAAoB;AAAA,EAgBvB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACA,YACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAE1B,SAAK,aAAa;AAAA,EACtB;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA0CO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;AChPA,OAAO,SAAS,aAAa,WAAW,kBAAkB;;;ACCnD,IAAM,gBAAgB;AAEtB,SAAS,YAAqB;AACjC,SAAO,OAAO,WAAW;AAC7B;AAEO,SAAS,uBAAuB,MAAwB;AAC3D,MAAI,MAAM;AACN,iBAAa,QAAQ,eAAe,KAAK,UAAU,IAAI,CAAC;AAAA,EAC5D,OAAO;AACH,iBAAa,QAAQ,eAAe,IAAI;AAAA,EAC5C;AACJ;AAEO,SAAS,sBAAsB,UAAyB,MAA0C;AACrG,MAAI,CAAC,UAAU;AACX,WAAO;AAAA,EACX,WAAW,CAAC,MAAM;AACd,WAAO,aAAa;AAAA,EACxB;AAEA,QAAM,SAAS,KAAK,MAAM,QAAQ;AAClC,MAAI,CAAC,QAAQ;AACT,WAAO;AAAA,EACX;AAEA,SAAO,QAAQ,QAAQ,IAAI;AAC/B;AAEO,SAAS,QAAQ,GAAQ,GAAiB;AAC7C,MAAI,OAAO,MAAM,OAAO,GAAG;AACvB,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,GAAG;AACvC,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,GAAG;AAClB,UAAM,SAAS;AACf,UAAM,SAAS;AACf,QAAI,OAAO,WAAW,OAAO,QAAQ;AACjC,aAAO;AAAA,IACX;AAEA,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACpC,UAAI,CAAC,QAAQ,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG;AAChC,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAEA,MAAI,OAAO,MAAM,UAAU;AACvB,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,QAAI,MAAM,WAAW,MAAM,QAAQ;AAC/B,aAAO;AAAA,IACX;AAEA,eAAW,OAAO,OAAO;AACrB,UAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,EAAE,GAAG,CAAC,GAAG;AAC1B,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX,OAAO;AACH,WAAO,MAAM;AAAA,EACjB;AACJ;;;ADtEA,SAAS,iBAAiB;;;AEF1B,SAAQ,kBAAiB;AAIlB,IAAM,OAAN,MAAW;AAAA,EAyBd,YAAY;AAAA,IACI;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,GAkBT;AACC,SAAK,SAAS;AACd,SAAK,QAAQ;AACb,SAAK,iBAAiB;AACtB,SAAK,cAAc;AACnB,SAAK,WAAW;AAChB,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,aAAa;AAClB,SAAK,uBAAuB;AAC5B,SAAK,aAAa;AAClB,SAAK,gBAAgB;AACrB,SAAK,yBAAyB;AAC9B,SAAK,YAAY;AACjB,SAAK,eAAe;AACpB,SAAK,eAAe;AACpB,SAAK,aAAa;AAClB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AAvF5D;AAwFQ,YAAO,UAAK,yBAAL,mBAA4B;AAAA,EACvC;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AACJ;AAyBO,SAAS,UAAmB;AAC/B,QAAM,UAAU,WAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EACjE;AAEA,QAAM,EAAC,SAAS,mBAAkB,IAAI;AACtC,MAAI,SAAS;AACT,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ,WAAW,mBAAmB,MAAM;AAChC,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM,mBAAmB;AAAA,MACzB,aAAa,mBAAmB;AAAA,IACpC;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ;AACJ;;;AFhIO,IAAM,cAAc,MAAM,cAA6C,MAAS;AAqBvF,IAAM,mBAAmB;AAAA,EACrB,SAAS;AAAA,EACT,oBAAoB;AAAA,IAChB,MAAM;AAAA,IACN,aAAa;AAAA,EACjB;AAAA,EACA,oBAAoB;AACxB;AAYA,SAAS,iBAAiB,QAAmB,QAAoC;AAC7E,QAAM,6BAA6B,iCAAK,OAAO,OAAZ,EAAkB,cAAc,OAAU;AAC7E,QAAM,kCAAkC,iCAAK,OAAO,mBAAmB,OAA/B,EAAqC,cAAc,OAAU;AACrG,QAAM,qBAAqB,CAAC,OAAO,WAAW,CAAC,QAAQ,4BAA4B,+BAA+B;AAElH,MAAI,CAAC,OAAO,MAAM;AACd,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM;AAAA,QACN,aAAa;AAAA,MACjB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,WAAW,OAAO,SAAS;AACvB,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ;AACJ;AAEO,IAAM,eAAe,CAAC,UAA6B;AAvH1D;AAwHI,QAAM,CAAC,WAAW,aAAa,IAAI,WAAW,kBAAkB,gBAAgB;AAChF,QAAM,SAAS,UAAU;AACzB,QAAM,sBAAqB,WAAM,uBAAN,YAA4B;AAEvD,QAAM,WAAW;AAAA,IACb,CAAC,WAA4B;AACzB,oBAAc,MAAM;AACpB,6BAAuB,OAAO,IAAI;AAAA,IACtC;AAAA,IACA,CAAC,aAAa;AAAA,EAClB;AAIA,YAAU,MAAM;AACZ,QAAI,sBAAsB,UAAU,oBAAoB;AACpD,aAAO,QAAQ;AAAA,IACnB;AAAA,EACJ,GAAG,CAAC,UAAU,oBAAoB,oBAAoB,MAAM,CAAC;AAG7D,YAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAeA,mBAAkB;AAAA;AAC7B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,CAAC,aAAa,CAAC,OAAO,OAAO;AAC7B,mBAAS,MAAM;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,IAAAA,iBAAgB;AAChB,WAAO,MAAM;AACT,kBAAY;AAAA,IAChB;AAAA,EACJ,GAAG,CAAC,CAAC;AAGL,YAAU,MAAM;AACZ,QAAI,YAAY;AAChB,QAAI,aAAyC;AAE7C,aAAS,wBAAwB;AAC7B,UAAI,YAAY;AACZ,qBAAa,UAAU;AAAA,MAC3B;AACA,mBAAa,WAAW,cAAc,KAAK,GAAI;AAAA,IACnD;AAEA,aAAe,eAAe;AAAA;AAC1B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,WAAW;AACX;AAAA,QACJ;AACA,YAAI,CAAC,OAAO,OAAO;AACf,mBAAS,MAAM;AAAA,QACnB,WAAW,OAAO,UAAU,cAAc;AACtC,gCAAsB;AAAA,QAC1B;AAAA,MACJ;AAAA;AAEA,aAAe,eAAe,OAAqB;AAAA;AAC/C,YACI,MAAM,QAAQ,iBACd,CAAC,sBAAsB,MAAM,UAAU,UAAU,mBAAmB,IAAI,GAC1E;AACE,gBAAM,aAAa;AAAA,QACvB;AAAA,MACJ;AAAA;AAEA,UAAM,WAAW,YAAY,cAAc,IAAI,KAAK,GAAI;AAExD,QAAI,UAAU,GAAG;AACb,aAAO,iBAAiB,WAAW,cAAc;AACjD,aAAO,iBAAiB,UAAU,YAAY;AAC9C,aAAO,iBAAiB,SAAS,YAAY;AAAA,IACjD;AAEA,WAAO,MAAM;AACT,kBAAY;AACZ,oBAAc,QAAQ;AACtB,UAAI,YAAY;AACZ,qBAAa,UAAU;AAAA,MAC3B;AACA,UAAI,UAAU,GAAG;AACb,eAAO,oBAAoB,WAAW,cAAc;AACpD,eAAO,oBAAoB,UAAU,YAAY;AACjD,eAAO,oBAAoB,SAAS,YAAY;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,GAAG,CAAC,UAAU,UAAU,mBAAmB,IAAI,CAAC;AAEhD,QAAM,SAAS,YAAY,MAAY;AACnC,UAAM,MAAM,oBAAoB;AAAA,MAC5B,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,gBAAgB;AAAA,MACpB;AAAA,MACA,aAAa;AAAA,IACjB,CAAC;AACD,aAAS,EAAE,MAAM,QAAW,aAAa,OAAU,CAAC;AAAA,EACxD,IAAG,CAAC,QAAQ,CAAC;AAEb,QAAM,kBAAkB,CAAC,SAAkC;AACvD,QAAI,6BAAM,uBAAuB;AAC7B,aAAO,kCAAkC,mBAAmB,KAAK,qBAAqB;AAAA,IAC1F;AAEA,WAAO;AAAA,EACX;AACA,QAAM,mBAAmB,CAAC,SAAmC;AACzD,QAAI,6BAAM,wBAAwB;AAC9B,aAAO,mCAAmC,mBAAmB,KAAK,sBAAsB;AAAA,IAC5F;AAEA,WAAO;AAAA,EACX;AACA,QAAM,oBAAoB,YAAY,MAAM;AACxC,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAClB,QAAM,gBAAgB;AAAA,IAClB,CAAC,UAAmB;AAChB,UAAI,OAAO;AACP,eAAO,GAAG,MAAM,kBAAkB;AAAA,MACtC,OAAO;AACH,eAAO,GAAG,MAAM;AAAA,MACpB;AAAA,IACJ;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AACA,QAAM,sBAAsB,YAAY,MAAM;AAC1C,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAElB,QAAM,sBAAsB;AAAA,IACxB,CAAC,UAAkB;AACf,aAAO,GAAG,MAAM,mBAAmB;AAAA,IACvC;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AAEA,QAAM,aAAa,CAAC,QAAgB;AAChC,WAAO,SAAS,OAAO;AAAA,EAC3B;AAEA,QAAM,sBAAsB,CAAC,SAAkC,WAAW,gBAAgB,IAAI,CAAC;AAC/F,QAAM,uBAAuB,CAAC,SAAmC,WAAW,iBAAiB,IAAI,CAAC;AAClG,QAAM,wBAAwB,MAAM,WAAW,kBAAkB,CAAC;AAClE,QAAM,oBAAoB,CAAC,UAAmB,WAAW,cAAc,KAAK,CAAC;AAC7E,QAAM,0BAA0B,MAAM,WAAW,oBAAoB,CAAC;AACtE,QAAM,0BAA0B,CAAC,UAAkB,WAAW,oBAAoB,KAAK,CAAC;AAExF,QAAM,kBAAkB,MAAY;AAChC,UAAM,SAAS,MAAM,eAAe;AACpC,QAAI,OAAO,OAAO;AACd,YAAM,IAAI,MAAM,yBAAyB;AAAA,IAC7C,OAAO;AACH,eAAS,MAAM;AACf,aAAO,OAAO;AAAA,IAClB;AAAA,EACJ;AAEA,QAAM,QAAQ;AAAA,IACV,SAAS,UAAU;AAAA,IACnB,oBAAoB,UAAU;AAAA,IAC9B;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACA,SAAO,oCAAC,YAAY,UAAZ,EAAqB,SAAe,MAAM,QAAS;AAC/D;AAiBA,SAAe,iBAA4C;AAAA;AACvD,QAAI;AACA,YAAM,mBAAmB,MAAM,MAAM,sBAAsB;AAAA,QACvD,QAAQ;AAAA,QACR,SAAS;AAAA,UACL,gBAAgB;AAAA,QACpB;AAAA,QACA,aAAa;AAAA,MACjB,CAAC;AAED,UAAI,iBAAiB,IAAI;AACrB,cAAM,EAAE,UAAU,aAAa,mBAAmB,IAAI,MAAM,iBAAiB,KAAK;AAClF,cAAM,OAAO,IAAI,KAAK;AAAA,UAClB,QAAQ,SAAS;AAAA,UACjB,OAAO,SAAS;AAAA,UAChB,gBAAgB,SAAS;AAAA,UACzB,aAAa,SAAS;AAAA,UACtB,UAAU,SAAS;AAAA,UACnB,WAAW,SAAS;AAAA,UACpB,UAAU,SAAS;AAAA,UACnB,YAAY,SAAS;AAAA,UACrB,sBAAsB,uBAAuB,SAAS,kBAAkB;AAAA,UACxE,YAAY,SAAS;AAAA,UACrB,eAAe,SAAS;AAAA,UACxB,wBAAwB,SAAS;AAAA,UACjC,WAAW,SAAS;AAAA,UACpB,cAAc,SAAS;AAAA,UACvB,YAAY,SAAS;AAAA,UACrB;AAAA,QACJ,CAAC;AAED,eAAO,EAAE,MAAM,aAAa,OAAO,OAAU;AAAA,MACjD,WAAW,iBAAiB,WAAW,KAAK;AACxC,eAAO,EAAE,MAAM,QAAW,aAAa,QAAW,OAAO,OAAU;AAAA,MACvE,OAAO;AACH,gBAAQ,KAAK,2BAA2B,gBAAgB;AACxD,eAAO,EAAE,OAAO,aAAa;AAAA,MACjC;AAAA,IACJ,SAAS,GAAP;AACE,cAAQ,KAAK,2BAA2B,CAAC;AACzC,aAAO,EAAE,OAAO,aAAa;AAAA,IACjC;AAAA,EACJ;AAAA;;;AGxWA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,oBAAoB;AAChC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;;;ACxBA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,oBAAoB;AAChC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,SAAO;AACX;;;ACVA,OAAOC,UAAS,cAAAC,aAAY,aAAAC,kBAAiB;AAGtC,SAAS,uBAAuB;AACnC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,0DAA0D;AAAA,EAC9E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAMO,SAAS,iBAAiB,EAAE,SAAS,GAAkB;AAC1D,QAAM,EAAE,qBAAqB,IAAI,qBAAqB;AAEtD,EAAAC,WAAU,MAAM;AACZ,yBAAqB;AAAA,EACzB,GAAG,CAAC,CAAC;AAEL,SAAO,gBAAAC,OAAA,cAAAA,OAAA,gBAAG,QAAS;AACvB;AAEO,SAAS,gBAAgB,EAAE,SAAS,GAAkB;AACzD,QAAM,EAAE,oBAAoB,IAAI,qBAAqB;AACrD,EAAAD,WAAU,MAAM;AACZ,wBAAoB;AAAA,EACxB,GAAG,CAAC,CAAC;AACL,SAAO,gBAAAC,OAAA,cAAAA,OAAA,gBAAG,QAAS;AACvB;;;AC5CA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,iBAAiB;AAC7B,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,oDAAoD;AAAA,EACxE;AACA,QAAM,EAAE,gBAAgB,IAAI;AAC5B,SAAO;AACX;","names":["refreshAuthInfo","useContext","useContext","useContext","useContext","React","useContext","useEffect","useContext","useEffect","React","useContext","useContext"]}
1
+ {"version":3,"sources":["../../src/user.ts","../../src/client/AuthProvider.tsx","../../src/client/utils.ts","../../src/client/useUser.tsx","../../src/client/useHostedPageUrls.tsx","../../src/client/useLogoutFunction.ts","../../src/client/useRedirectFunctions.tsx","../../src/client/useRefreshAuth.ts"],"sourcesContent":["export class UserFromToken {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n public properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string,\n properties?: { [key: string]: unknown },\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n\n this.properties = properties\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): UserFromToken {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new UserFromToken(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId,\n obj.properties,\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n public userAssignedRole: string\n public userInheritedRolesPlusCurrentRole: string[]\n public userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n return new UserFromToken(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId,\n snake_case.properties,\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","'use client'\n\nimport React, { useCallback, useEffect, useReducer } from 'react'\nimport { doesLocalStorageMatch, hasWindow, isEqual, saveUserToLocalStorage, USER_INFO_KEY } from './utils'\nimport { useRouter } from 'next/navigation.js'\nimport { User } from './useUser'\nimport { toOrgIdToOrgMemberInfo } from '../user'\n\nexport interface RedirectToSignupOptions {\n postSignupRedirectPath?: string\n userSignupQueryParameters?: Record<string, string>\n}\nexport interface RedirectToLoginOptions {\n postLoginRedirectPath?: string\n userSignupQueryParameters?: Record<string, string>\n}\nexport interface RedirectOptions {\n redirectBackToUrl?: string\n}\n\ninterface InternalAuthState {\n loading: boolean\n userAndAccessToken: UserAndAccessToken\n\n logout: () => Promise<void>\n\n redirectToLoginPage: (opts?: RedirectToLoginOptions) => void\n redirectToSignupPage: (opts?: RedirectToSignupOptions) => void\n redirectToAccountPage: (opts?: RedirectOptions) => void\n redirectToOrgPage: (orgId?: string, opts?: RedirectOptions) => void\n redirectToCreateOrgPage: (opts?: RedirectOptions) => void\n redirectToSetupSAMLPage: (orgId: string, opts?: RedirectOptions) => void\n\n getSignupPageUrl(opts?: RedirectToSignupOptions): string\n getLoginPageUrl(opts?: RedirectToLoginOptions): string\n getAccountPageUrl(opts?: RedirectOptions): string\n getOrgPageUrl(orgId?: string, opts?: RedirectOptions): string\n getCreateOrgPageUrl(opts?: RedirectOptions): string\n getSetupSAMLPageUrl(orgId: string, opts?: RedirectOptions): string\n\n refreshAuthInfo: () => Promise<User | undefined>\n}\n\nexport type AuthProviderProps = {\n authUrl: string\n reloadOnAuthChange?: boolean\n children?: React.ReactNode\n}\n\nexport const AuthContext = React.createContext<InternalAuthState | undefined>(undefined)\n\ntype UserAndAccessToken =\n | {\n user: User\n accessToken: string\n }\n | {\n user: undefined\n accessToken: undefined\n }\n\ntype AuthState = {\n loading: boolean\n userAndAccessToken: UserAndAccessToken\n\n // There's no good way to trigger server components to reload outside of router.refresh()\n // This is our workaround until the app router has something better\n authChangeDetected: boolean\n}\n\nconst initialAuthState = {\n loading: true,\n userAndAccessToken: {\n user: undefined,\n accessToken: undefined,\n },\n authChangeDetected: false,\n}\n\ntype AuthStateAction =\n | {\n user: User\n accessToken: string\n }\n | {\n user: undefined\n accessToken: undefined\n }\n\nfunction authStateReducer(_state: AuthState, action: AuthStateAction): AuthState {\n const newUserForEqualityChecking = { ...action.user, lastActiveAt: undefined }\n const existingUserForEqualityChecking = { ..._state.userAndAccessToken.user, lastActiveAt: undefined }\n const authChangeDetected = !_state.loading && !isEqual(newUserForEqualityChecking, existingUserForEqualityChecking)\n\n if (!action.user) {\n return {\n loading: false,\n userAndAccessToken: {\n user: undefined,\n accessToken: undefined,\n },\n authChangeDetected,\n }\n } else if (_state.loading) {\n return {\n loading: false,\n userAndAccessToken: {\n user: action.user,\n accessToken: action.accessToken,\n },\n authChangeDetected,\n }\n } else {\n return {\n loading: false,\n userAndAccessToken: {\n user: action.user,\n accessToken: action.accessToken,\n },\n authChangeDetected,\n }\n }\n}\n\nexport const AuthProvider = (props: AuthProviderProps) => {\n const [authState, dispatchInner] = useReducer(authStateReducer, initialAuthState)\n const router = useRouter()\n const reloadOnAuthChange = props.reloadOnAuthChange ?? true\n\n const dispatch = useCallback(\n (action: AuthStateAction) => {\n dispatchInner(action)\n saveUserToLocalStorage(action.user)\n },\n [dispatchInner]\n )\n\n // This is because we don't have a good way to trigger server components to reload outside of router.refresh()\n // Once server actions isn't alpha, we can hopefully use that instead\n useEffect(() => {\n if (reloadOnAuthChange && authState.authChangeDetected) {\n router.refresh()\n }\n }, [authState.authChangeDetected, reloadOnAuthChange, router])\n\n // Trigger an initial refresh\n useEffect(() => {\n let didCancel = false\n\n async function refreshAuthInfo() {\n const action = await apiGetUserInfo()\n if (!didCancel && !action.error) {\n dispatch(action)\n }\n }\n\n refreshAuthInfo()\n return () => {\n didCancel = true\n }\n }, [])\n\n // Periodically refresh the token\n useEffect(() => {\n let didCancel = false\n let retryTimer: NodeJS.Timeout | undefined = undefined\n\n function clearAndSetRetryTimer() {\n if (retryTimer) {\n clearTimeout(retryTimer)\n }\n retryTimer = setTimeout(refreshToken, 30 * 1000)\n }\n\n async function refreshToken() {\n const action = await apiGetUserInfo()\n if (didCancel) {\n return\n }\n if (!action.error) {\n dispatch(action)\n } else if (action.error === 'unexpected') {\n clearAndSetRetryTimer()\n }\n }\n\n async function onStorageEvent(event: StorageEvent) {\n if (\n event.key === USER_INFO_KEY &&\n !doesLocalStorageMatch(event.newValue, authState.userAndAccessToken.user)\n ) {\n await refreshToken()\n }\n }\n\n const interval = setInterval(refreshToken, 5 * 60 * 1000)\n\n if (hasWindow()) {\n window.addEventListener('storage', onStorageEvent)\n window.addEventListener('online', refreshToken)\n window.addEventListener('focus', refreshToken)\n }\n\n return () => {\n didCancel = true\n clearInterval(interval)\n if (retryTimer) {\n clearTimeout(retryTimer)\n }\n if (hasWindow()) {\n window.removeEventListener('storage', onStorageEvent)\n window.removeEventListener('online', refreshToken)\n window.removeEventListener('focus', refreshToken)\n }\n }\n }, [dispatch, authState.userAndAccessToken.user])\n\n const logout = useCallback(async () => {\n await fetch('/api/auth/logout', {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n credentials: 'include',\n })\n dispatch({ user: undefined, accessToken: undefined })\n }, [dispatch])\n\n const getLoginPageUrl = (opts?: RedirectToLoginOptions) => {\n if (opts?.postLoginRedirectPath) {\n return `/api/auth/login?return_to_path=${encodeURIComponent(opts.postLoginRedirectPath)}`\n }\n\n return '/api/auth/login'\n }\n const getSignupPageUrl = (opts?: RedirectToSignupOptions) => {\n if (opts?.postSignupRedirectPath) {\n return `/api/auth/signup?return_to_path=${encodeURIComponent(opts.postSignupRedirectPath)}`\n }\n\n return '/api/auth/signup'\n }\n const getAccountPageUrl = useCallback(\n (opts?: RedirectOptions) => {\n return addReturnToPath(`${props.authUrl}/account`, opts?.redirectBackToUrl)\n },\n [props.authUrl]\n )\n const getOrgPageUrl = useCallback(\n (orgId?: string, opts?: RedirectOptions) => {\n if (orgId) {\n return addReturnToPath(`${props.authUrl}/org?id=${orgId}`, opts?.redirectBackToUrl)\n } else {\n return addReturnToPath(`${props.authUrl}/org`, opts?.redirectBackToUrl)\n }\n },\n [props.authUrl]\n )\n const getCreateOrgPageUrl = useCallback(\n (opts?: RedirectOptions) => {\n return addReturnToPath(`${props.authUrl}/create_org`, opts?.redirectBackToUrl)\n },\n [props.authUrl]\n )\n\n const getSetupSAMLPageUrl = useCallback(\n (orgId: string, opts?: RedirectOptions) => {\n return addReturnToPath(`${props.authUrl}/saml?id=${orgId}`, opts?.redirectBackToUrl)\n },\n [props.authUrl]\n )\n\n const redirectTo = (url: string) => {\n window.location.href = url\n }\n\n const redirectToLoginPage = (opts?: RedirectToLoginOptions) => redirectTo(getLoginPageUrl(opts))\n const redirectToSignupPage = (opts?: RedirectToSignupOptions) => redirectTo(getSignupPageUrl(opts))\n const redirectToAccountPage = (opts?: RedirectOptions) => redirectTo(getAccountPageUrl(opts))\n const redirectToOrgPage = (orgId?: string, opts?: RedirectOptions) => redirectTo(getOrgPageUrl(orgId, opts))\n const redirectToCreateOrgPage = (opts?: RedirectOptions) => redirectTo(getCreateOrgPageUrl(opts))\n const redirectToSetupSAMLPage = (orgId: string, opts?: RedirectOptions) =>\n redirectTo(getSetupSAMLPageUrl(orgId, opts))\n\n const refreshAuthInfo = async () => {\n const action = await apiGetUserInfo()\n if (action.error) {\n throw new Error('Failed to refresh token')\n } else {\n dispatch(action)\n return action.user\n }\n }\n\n const value = {\n loading: authState.loading,\n userAndAccessToken: authState.userAndAccessToken,\n logout,\n redirectToLoginPage,\n redirectToSignupPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n redirectToSetupSAMLPage,\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n refreshAuthInfo,\n }\n return <AuthContext.Provider value={value}>{props.children}</AuthContext.Provider>\n}\n\ntype UserInfoResponse =\n | {\n error: undefined\n user: User\n accessToken: string\n }\n | {\n error: undefined\n user: undefined\n accessToken: undefined\n }\n | {\n error: 'unexpected'\n }\n\nasync function apiGetUserInfo(): Promise<UserInfoResponse> {\n try {\n const userInfoResponse = await fetch('/api/auth/userinfo', {\n method: 'GET',\n headers: {\n 'Content-Type': 'application/json',\n },\n credentials: 'include',\n })\n\n if (userInfoResponse.ok) {\n const { userinfo, accessToken, impersonatorUserId } = await userInfoResponse.json()\n const user = new User({\n userId: userinfo.user_id,\n email: userinfo.email,\n emailConfirmed: userinfo.email_confirmed,\n hasPassword: userinfo.has_password,\n username: userinfo.username,\n firstName: userinfo.first_name,\n lastName: userinfo.last_name,\n pictureUrl: userinfo.picture_url,\n orgIdToOrgMemberInfo: toOrgIdToOrgMemberInfo(userinfo.org_id_to_org_info),\n mfaEnabled: userinfo.mfa_enabled,\n canCreateOrgs: userinfo.can_create_orgs,\n updatePasswordRequired: userinfo.update_password_required,\n createdAt: userinfo.created_at,\n lastActiveAt: userinfo.last_active_at,\n properties: userinfo.properties,\n impersonatorUserId,\n })\n\n return { user, accessToken, error: undefined }\n } else if (userInfoResponse.status === 401) {\n return { user: undefined, accessToken: undefined, error: undefined }\n } else {\n console.info('Failed to refresh token', userInfoResponse)\n return { error: 'unexpected' }\n }\n } catch (e) {\n console.info('Failed to refresh token', e)\n return { error: 'unexpected' }\n }\n}\n\nconst encodeBase64 = (str: string) => {\n const encode = window ? window.btoa : btoa\n return encode(str)\n}\n\nconst addReturnToPath = (url: string, returnToPath?: string) => {\n if (!returnToPath) {\n return url\n }\n\n let qs = new URLSearchParams()\n qs.set('rt', encodeBase64(returnToPath))\n if (url.includes('?')) {\n return `${url}&${qs.toString()}`\n } else {\n return `${url}?${qs.toString()}`\n }\n}\n","import {UserFromToken} from \"../user\";\nimport {User} from \"./useUser\";\n\nexport const USER_INFO_KEY = \"__PROPEL_AUTH_USER_INFO\"\n\nexport function hasWindow(): boolean {\n return typeof window !== \"undefined\"\n}\n\nexport function saveUserToLocalStorage(user: User | undefined) {\n if (user) {\n localStorage.setItem(USER_INFO_KEY, JSON.stringify(user))\n } else {\n localStorage.setItem(USER_INFO_KEY, \"{}\")\n }\n}\n\nexport function doesLocalStorageMatch(newValue: string | null, user: UserFromToken | undefined): boolean {\n if (!newValue) {\n return false\n } else if (!user) {\n return newValue === \"{}\"\n }\n\n const parsed = JSON.parse(newValue)\n if (!parsed) {\n return false\n }\n\n return isEqual(parsed, user)\n}\n\nexport function isEqual(a: any, b: any): boolean {\n if (typeof a !== typeof b) {\n return false\n }\n\n if (Array.isArray(a) !== Array.isArray(b)) {\n return false\n }\n\n if (Array.isArray(a)) {\n const aArray = a as any[]\n const bArray = b as any[]\n if (aArray.length !== bArray.length) {\n return false\n }\n\n for (let i = 0; i < aArray.length; i++) {\n if (!isEqual(aArray[i], bArray[i])) {\n return false\n }\n }\n\n return true\n }\n\n if (typeof a === \"object\") {\n const aKeys = Object.keys(a)\n const bKeys = Object.keys(b)\n if (aKeys.length !== bKeys.length) {\n return false\n }\n\n for (const key of aKeys) {\n if (!isEqual(a[key], b[key])) {\n return false\n }\n }\n\n return true\n } else {\n return a === b\n }\n}","'use client'\n\nimport {useContext} from \"react\"\nimport {AuthContext} from \"./AuthProvider\"\nimport {OrgIdToOrgMemberInfo, OrgMemberInfo} from \"../user\";\n\nexport class User {\n public userId: string\n public email: string\n public emailConfirmed: boolean\n public hasPassword: boolean\n\n public username?: string\n public firstName?: string\n public lastName?: string\n public pictureUrl?: string\n\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n public mfaEnabled: boolean\n public canCreateOrgs: boolean\n public updatePasswordRequired: boolean\n\n public createdAt: number\n public lastActiveAt: number\n\n public properties?: {[key: string]: unknown}\n\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor({\n userId,\n email,\n emailConfirmed,\n hasPassword,\n username,\n firstName,\n lastName,\n pictureUrl,\n orgIdToOrgMemberInfo,\n mfaEnabled,\n canCreateOrgs,\n updatePasswordRequired,\n createdAt,\n lastActiveAt,\n legacyUserId,\n properties,\n impersonatorUserId,\n }: {\n userId: string\n email: string\n emailConfirmed: boolean\n hasPassword: boolean\n username?: string\n firstName?: string\n lastName?: string\n pictureUrl?: string\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n mfaEnabled: boolean\n canCreateOrgs: boolean\n updatePasswordRequired: boolean\n createdAt: number\n lastActiveAt: number\n legacyUserId?: string\n properties?: {[key: string]: unknown}\n impersonatorUserId?: string\n }) {\n this.userId = userId\n this.email = email\n this.emailConfirmed = emailConfirmed\n this.hasPassword = hasPassword\n this.username = username\n this.firstName = firstName\n this.lastName = lastName\n this.pictureUrl = pictureUrl\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n this.mfaEnabled = mfaEnabled\n this.canCreateOrgs = canCreateOrgs\n this.updatePasswordRequired = updatePasswordRequired\n this.createdAt = createdAt\n this.lastActiveAt = lastActiveAt\n this.legacyUserId = legacyUserId\n this.properties = properties\n this.impersonatorUserId = impersonatorUserId\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n return this.orgIdToOrgMemberInfo?.[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n}\n\nexport type UseUserLoading = {\n loading: true\n isLoggedIn: never\n user: never\n accessToken: never\n}\n\nexport type UseUserLoggedIn = {\n loading: false\n isLoggedIn: true\n user: User\n accessToken: string\n}\n\nexport type UseUserNotLoggedIn = {\n loading: false\n isLoggedIn: false\n user: undefined\n accessToken: undefined\n}\n\nexport type UseUser = UseUserLoading | UseUserLoggedIn | UseUserNotLoggedIn\n\nexport function useUser(): UseUser {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useUser must be used within an AuthProvider\")\n }\n\n const {loading, userAndAccessToken} = context\n if (loading) {\n return {\n loading: true,\n isLoggedIn: undefined as never,\n user: undefined as never,\n accessToken: undefined as never,\n }\n } else if (userAndAccessToken.user) {\n return {\n loading: false,\n isLoggedIn: true,\n user: userAndAccessToken.user,\n accessToken: userAndAccessToken.accessToken,\n }\n } else {\n return {\n loading: false,\n isLoggedIn: false,\n user: undefined,\n accessToken: undefined,\n }\n }\n}","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useHostedPageUrls() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useHostedPageUrls must be used within an AuthProvider\")\n }\n const {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n } = context\n return {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n }\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useLogoutFunction() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useLogoutFunction must be used within an AuthProvider\")\n }\n const { logout } = context\n return logout\n}\n","import React, { useContext, useEffect } from 'react'\nimport { AuthContext } from './AuthProvider'\n\nexport function useRedirectFunctions() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error('useRedirectFunctions must be used within an AuthProvider')\n }\n const {\n redirectToAccountPage,\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n redirectToSetupSAMLPage,\n } = context\n return {\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n redirectToSetupSAMLPage,\n }\n}\n\nexport interface RedirectProps {\n children?: React.ReactNode\n}\n\nexport function RedirectToSignup({ children }: RedirectProps) {\n const { redirectToSignupPage } = useRedirectFunctions()\n\n useEffect(() => {\n redirectToSignupPage()\n }, [])\n\n return <>{children}</>\n}\n\nexport function RedirectToLogin({ children }: RedirectProps) {\n const { redirectToLoginPage } = useRedirectFunctions()\n useEffect(() => {\n redirectToLoginPage()\n }, [])\n return <>{children}</>\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRefreshAuth() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useRefreshAuth must be used within an AuthProvider\")\n }\n const { refreshAuthInfo } = context\n return refreshAuthInfo\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAO,IAAM,gBAAN,MAAoB;AAAA,EAgBvB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACA,YACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAE1B,SAAK,aAAa;AAAA,EACtB;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA0CO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;AChPA,OAAO,SAAS,aAAa,WAAW,kBAAkB;;;ACCnD,IAAM,gBAAgB;AAEtB,SAAS,YAAqB;AACjC,SAAO,OAAO,WAAW;AAC7B;AAEO,SAAS,uBAAuB,MAAwB;AAC3D,MAAI,MAAM;AACN,iBAAa,QAAQ,eAAe,KAAK,UAAU,IAAI,CAAC;AAAA,EAC5D,OAAO;AACH,iBAAa,QAAQ,eAAe,IAAI;AAAA,EAC5C;AACJ;AAEO,SAAS,sBAAsB,UAAyB,MAA0C;AACrG,MAAI,CAAC,UAAU;AACX,WAAO;AAAA,EACX,WAAW,CAAC,MAAM;AACd,WAAO,aAAa;AAAA,EACxB;AAEA,QAAM,SAAS,KAAK,MAAM,QAAQ;AAClC,MAAI,CAAC,QAAQ;AACT,WAAO;AAAA,EACX;AAEA,SAAO,QAAQ,QAAQ,IAAI;AAC/B;AAEO,SAAS,QAAQ,GAAQ,GAAiB;AAC7C,MAAI,OAAO,MAAM,OAAO,GAAG;AACvB,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,GAAG;AACvC,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,GAAG;AAClB,UAAM,SAAS;AACf,UAAM,SAAS;AACf,QAAI,OAAO,WAAW,OAAO,QAAQ;AACjC,aAAO;AAAA,IACX;AAEA,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACpC,UAAI,CAAC,QAAQ,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG;AAChC,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAEA,MAAI,OAAO,MAAM,UAAU;AACvB,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,QAAI,MAAM,WAAW,MAAM,QAAQ;AAC/B,aAAO;AAAA,IACX;AAEA,eAAW,OAAO,OAAO;AACrB,UAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,EAAE,GAAG,CAAC,GAAG;AAC1B,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX,OAAO;AACH,WAAO,MAAM;AAAA,EACjB;AACJ;;;ADtEA,SAAS,iBAAiB;;;AEF1B,SAAQ,kBAAiB;AAIlB,IAAM,OAAN,MAAW;AAAA,EAyBd,YAAY;AAAA,IACI;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,GAkBT;AACC,SAAK,SAAS;AACd,SAAK,QAAQ;AACb,SAAK,iBAAiB;AACtB,SAAK,cAAc;AACnB,SAAK,WAAW;AAChB,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,aAAa;AAClB,SAAK,uBAAuB;AAC5B,SAAK,aAAa;AAClB,SAAK,gBAAgB;AACrB,SAAK,yBAAyB;AAC9B,SAAK,YAAY;AACjB,SAAK,eAAe;AACpB,SAAK,eAAe;AACpB,SAAK,aAAa;AAClB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AAvF5D;AAwFQ,YAAO,UAAK,yBAAL,mBAA4B;AAAA,EACvC;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AACJ;AAyBO,SAAS,UAAmB;AAC/B,QAAM,UAAU,WAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EACjE;AAEA,QAAM,EAAC,SAAS,mBAAkB,IAAI;AACtC,MAAI,SAAS;AACT,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ,WAAW,mBAAmB,MAAM;AAChC,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM,mBAAmB;AAAA,MACzB,aAAa,mBAAmB;AAAA,IACpC;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,MACN,aAAa;AAAA,IACjB;AAAA,EACJ;AACJ;;;AF3HO,IAAM,cAAc,MAAM,cAA6C,MAAS;AAqBvF,IAAM,mBAAmB;AAAA,EACrB,SAAS;AAAA,EACT,oBAAoB;AAAA,IAChB,MAAM;AAAA,IACN,aAAa;AAAA,EACjB;AAAA,EACA,oBAAoB;AACxB;AAYA,SAAS,iBAAiB,QAAmB,QAAoC;AAC7E,QAAM,6BAA6B,iCAAK,OAAO,OAAZ,EAAkB,cAAc,OAAU;AAC7E,QAAM,kCAAkC,iCAAK,OAAO,mBAAmB,OAA/B,EAAqC,cAAc,OAAU;AACrG,QAAM,qBAAqB,CAAC,OAAO,WAAW,CAAC,QAAQ,4BAA4B,+BAA+B;AAElH,MAAI,CAAC,OAAO,MAAM;AACd,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM;AAAA,QACN,aAAa;AAAA,MACjB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,WAAW,OAAO,SAAS;AACvB,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,oBAAoB;AAAA,QAChB,MAAM,OAAO;AAAA,QACb,aAAa,OAAO;AAAA,MACxB;AAAA,MACA;AAAA,IACJ;AAAA,EACJ;AACJ;AAEO,IAAM,eAAe,CAAC,UAA6B;AA5H1D;AA6HI,QAAM,CAAC,WAAW,aAAa,IAAI,WAAW,kBAAkB,gBAAgB;AAChF,QAAM,SAAS,UAAU;AACzB,QAAM,sBAAqB,WAAM,uBAAN,YAA4B;AAEvD,QAAM,WAAW;AAAA,IACb,CAAC,WAA4B;AACzB,oBAAc,MAAM;AACpB,6BAAuB,OAAO,IAAI;AAAA,IACtC;AAAA,IACA,CAAC,aAAa;AAAA,EAClB;AAIA,YAAU,MAAM;AACZ,QAAI,sBAAsB,UAAU,oBAAoB;AACpD,aAAO,QAAQ;AAAA,IACnB;AAAA,EACJ,GAAG,CAAC,UAAU,oBAAoB,oBAAoB,MAAM,CAAC;AAG7D,YAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAeA,mBAAkB;AAAA;AAC7B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,CAAC,aAAa,CAAC,OAAO,OAAO;AAC7B,mBAAS,MAAM;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,IAAAA,iBAAgB;AAChB,WAAO,MAAM;AACT,kBAAY;AAAA,IAChB;AAAA,EACJ,GAAG,CAAC,CAAC;AAGL,YAAU,MAAM;AACZ,QAAI,YAAY;AAChB,QAAI,aAAyC;AAE7C,aAAS,wBAAwB;AAC7B,UAAI,YAAY;AACZ,qBAAa,UAAU;AAAA,MAC3B;AACA,mBAAa,WAAW,cAAc,KAAK,GAAI;AAAA,IACnD;AAEA,aAAe,eAAe;AAAA;AAC1B,cAAM,SAAS,MAAM,eAAe;AACpC,YAAI,WAAW;AACX;AAAA,QACJ;AACA,YAAI,CAAC,OAAO,OAAO;AACf,mBAAS,MAAM;AAAA,QACnB,WAAW,OAAO,UAAU,cAAc;AACtC,gCAAsB;AAAA,QAC1B;AAAA,MACJ;AAAA;AAEA,aAAe,eAAe,OAAqB;AAAA;AAC/C,YACI,MAAM,QAAQ,iBACd,CAAC,sBAAsB,MAAM,UAAU,UAAU,mBAAmB,IAAI,GAC1E;AACE,gBAAM,aAAa;AAAA,QACvB;AAAA,MACJ;AAAA;AAEA,UAAM,WAAW,YAAY,cAAc,IAAI,KAAK,GAAI;AAExD,QAAI,UAAU,GAAG;AACb,aAAO,iBAAiB,WAAW,cAAc;AACjD,aAAO,iBAAiB,UAAU,YAAY;AAC9C,aAAO,iBAAiB,SAAS,YAAY;AAAA,IACjD;AAEA,WAAO,MAAM;AACT,kBAAY;AACZ,oBAAc,QAAQ;AACtB,UAAI,YAAY;AACZ,qBAAa,UAAU;AAAA,MAC3B;AACA,UAAI,UAAU,GAAG;AACb,eAAO,oBAAoB,WAAW,cAAc;AACpD,eAAO,oBAAoB,UAAU,YAAY;AACjD,eAAO,oBAAoB,SAAS,YAAY;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,GAAG,CAAC,UAAU,UAAU,mBAAmB,IAAI,CAAC;AAEhD,QAAM,SAAS,YAAY,MAAY;AACnC,UAAM,MAAM,oBAAoB;AAAA,MAC5B,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,gBAAgB;AAAA,MACpB;AAAA,MACA,aAAa;AAAA,IACjB,CAAC;AACD,aAAS,EAAE,MAAM,QAAW,aAAa,OAAU,CAAC;AAAA,EACxD,IAAG,CAAC,QAAQ,CAAC;AAEb,QAAM,kBAAkB,CAAC,SAAkC;AACvD,QAAI,6BAAM,uBAAuB;AAC7B,aAAO,kCAAkC,mBAAmB,KAAK,qBAAqB;AAAA,IAC1F;AAEA,WAAO;AAAA,EACX;AACA,QAAM,mBAAmB,CAAC,SAAmC;AACzD,QAAI,6BAAM,wBAAwB;AAC9B,aAAO,mCAAmC,mBAAmB,KAAK,sBAAsB;AAAA,IAC5F;AAEA,WAAO;AAAA,EACX;AACA,QAAM,oBAAoB;AAAA,IACtB,CAAC,SAA2B;AACxB,aAAO,gBAAgB,GAAG,MAAM,mBAAmB,6BAAM,iBAAiB;AAAA,IAC9E;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AACA,QAAM,gBAAgB;AAAA,IAClB,CAAC,OAAgB,SAA2B;AACxC,UAAI,OAAO;AACP,eAAO,gBAAgB,GAAG,MAAM,kBAAkB,SAAS,6BAAM,iBAAiB;AAAA,MACtF,OAAO;AACH,eAAO,gBAAgB,GAAG,MAAM,eAAe,6BAAM,iBAAiB;AAAA,MAC1E;AAAA,IACJ;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AACA,QAAM,sBAAsB;AAAA,IACxB,CAAC,SAA2B;AACxB,aAAO,gBAAgB,GAAG,MAAM,sBAAsB,6BAAM,iBAAiB;AAAA,IACjF;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AAEA,QAAM,sBAAsB;AAAA,IACxB,CAAC,OAAe,SAA2B;AACvC,aAAO,gBAAgB,GAAG,MAAM,mBAAmB,SAAS,6BAAM,iBAAiB;AAAA,IACvF;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AAEA,QAAM,aAAa,CAAC,QAAgB;AAChC,WAAO,SAAS,OAAO;AAAA,EAC3B;AAEA,QAAM,sBAAsB,CAAC,SAAkC,WAAW,gBAAgB,IAAI,CAAC;AAC/F,QAAM,uBAAuB,CAAC,SAAmC,WAAW,iBAAiB,IAAI,CAAC;AAClG,QAAM,wBAAwB,CAAC,SAA2B,WAAW,kBAAkB,IAAI,CAAC;AAC5F,QAAM,oBAAoB,CAAC,OAAgB,SAA2B,WAAW,cAAc,OAAO,IAAI,CAAC;AAC3G,QAAM,0BAA0B,CAAC,SAA2B,WAAW,oBAAoB,IAAI,CAAC;AAChG,QAAM,0BAA0B,CAAC,OAAe,SAC5C,WAAW,oBAAoB,OAAO,IAAI,CAAC;AAE/C,QAAM,kBAAkB,MAAY;AAChC,UAAM,SAAS,MAAM,eAAe;AACpC,QAAI,OAAO,OAAO;AACd,YAAM,IAAI,MAAM,yBAAyB;AAAA,IAC7C,OAAO;AACH,eAAS,MAAM;AACf,aAAO,OAAO;AAAA,IAClB;AAAA,EACJ;AAEA,QAAM,QAAQ;AAAA,IACV,SAAS,UAAU;AAAA,IACnB,oBAAoB,UAAU;AAAA,IAC9B;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACA,SAAO,oCAAC,YAAY,UAAZ,EAAqB,SAAe,MAAM,QAAS;AAC/D;AAiBA,SAAe,iBAA4C;AAAA;AACvD,QAAI;AACA,YAAM,mBAAmB,MAAM,MAAM,sBAAsB;AAAA,QACvD,QAAQ;AAAA,QACR,SAAS;AAAA,UACL,gBAAgB;AAAA,QACpB;AAAA,QACA,aAAa;AAAA,MACjB,CAAC;AAED,UAAI,iBAAiB,IAAI;AACrB,cAAM,EAAE,UAAU,aAAa,mBAAmB,IAAI,MAAM,iBAAiB,KAAK;AAClF,cAAM,OAAO,IAAI,KAAK;AAAA,UAClB,QAAQ,SAAS;AAAA,UACjB,OAAO,SAAS;AAAA,UAChB,gBAAgB,SAAS;AAAA,UACzB,aAAa,SAAS;AAAA,UACtB,UAAU,SAAS;AAAA,UACnB,WAAW,SAAS;AAAA,UACpB,UAAU,SAAS;AAAA,UACnB,YAAY,SAAS;AAAA,UACrB,sBAAsB,uBAAuB,SAAS,kBAAkB;AAAA,UACxE,YAAY,SAAS;AAAA,UACrB,eAAe,SAAS;AAAA,UACxB,wBAAwB,SAAS;AAAA,UACjC,WAAW,SAAS;AAAA,UACpB,cAAc,SAAS;AAAA,UACvB,YAAY,SAAS;AAAA,UACrB;AAAA,QACJ,CAAC;AAED,eAAO,EAAE,MAAM,aAAa,OAAO,OAAU;AAAA,MACjD,WAAW,iBAAiB,WAAW,KAAK;AACxC,eAAO,EAAE,MAAM,QAAW,aAAa,QAAW,OAAO,OAAU;AAAA,MACvE,OAAO;AACH,gBAAQ,KAAK,2BAA2B,gBAAgB;AACxD,eAAO,EAAE,OAAO,aAAa;AAAA,MACjC;AAAA,IACJ,SAAS,GAAP;AACE,cAAQ,KAAK,2BAA2B,CAAC;AACzC,aAAO,EAAE,OAAO,aAAa;AAAA,IACjC;AAAA,EACJ;AAAA;AAEA,IAAM,eAAe,CAAC,QAAgB;AAClC,QAAM,SAAS,SAAS,OAAO,OAAO;AACtC,SAAO,OAAO,GAAG;AACrB;AAEA,IAAM,kBAAkB,CAAC,KAAa,iBAA0B;AAC5D,MAAI,CAAC,cAAc;AACf,WAAO;AAAA,EACX;AAEA,MAAI,KAAK,IAAI,gBAAgB;AAC7B,KAAG,IAAI,MAAM,aAAa,YAAY,CAAC;AACvC,MAAI,IAAI,SAAS,GAAG,GAAG;AACnB,WAAO,GAAG,OAAO,GAAG,SAAS;AAAA,EACjC,OAAO;AACH,WAAO,GAAG,OAAO,GAAG,SAAS;AAAA,EACjC;AACJ;;;AGvYA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,oBAAoB;AAChC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;;;ACxBA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,oBAAoB;AAChC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,SAAO;AACX;;;ACVA,OAAOC,UAAS,cAAAC,aAAY,aAAAC,kBAAiB;AAGtC,SAAS,uBAAuB;AACnC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,0DAA0D;AAAA,EAC9E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAMO,SAAS,iBAAiB,EAAE,SAAS,GAAkB;AAC1D,QAAM,EAAE,qBAAqB,IAAI,qBAAqB;AAEtD,EAAAC,WAAU,MAAM;AACZ,yBAAqB;AAAA,EACzB,GAAG,CAAC,CAAC;AAEL,SAAO,gBAAAC,OAAA,cAAAA,OAAA,gBAAG,QAAS;AACvB;AAEO,SAAS,gBAAgB,EAAE,SAAS,GAAkB;AACzD,QAAM,EAAE,oBAAoB,IAAI,qBAAqB;AACrD,EAAAD,WAAU,MAAM;AACZ,wBAAoB;AAAA,EACxB,GAAG,CAAC,CAAC;AACL,SAAO,gBAAAC,OAAA,cAAAA,OAAA,gBAAG,QAAS;AACvB;;;AC9CA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,iBAAiB;AAC7B,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,oDAAoD;AAAA,EACxE;AACA,QAAM,EAAE,gBAAgB,IAAI;AAC5B,SAAO;AACX;","names":["refreshAuthInfo","useContext","useContext","useContext","useContext","React","useContext","useEffect","useContext","useEffect","React","useContext","useContext"]}
package/dist/server/index.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  import * as _propelauth_node_apis from '@propelauth/node-apis';
2
- export { AccessToken, AccessTokenCreationException, AddUserToOrgException, AddUserToOrgRequest, ApiKeyCreateException, ApiKeyDeleteException, ApiKeyFetchException, ApiKeyFull, ApiKeyNew, ApiKeyResultPage, ApiKeyUpdateException, ApiKeyUpdateRequest, ApiKeyValidateException, ApiKeyValidation, ApiKeysCreateRequest, ApiKeysQueryRequest, BadRequestException, ChangeUserRoleInOrgException, CreateAccessTokenRequest, CreateMagicLinkRequest, CreateOrgException, CreateOrgRequest, CreateUserException, CreateUserRequest, ForbiddenException, InviteUserToOrgRequest, MagicLink, MagicLinkCreationException, MigrateUserException, MigrateUserFromExternalSourceRequest, OrgApiKeyValidation, OrgQuery, OrgQueryResponse, PersonalApiKeyValidation, RemoveUserFromOrgException, RemoveUserFromOrgRequest, TokenVerificationMetadata, UnexpectedException, UpdateOrgException, UpdateOrgRequest, UpdateUserEmailException, UpdateUserEmailRequest, UpdateUserMetadataException, UpdateUserMetadataRequest, UpdateUserPasswordException, UpdateUserPasswordRequest, UserNotFoundException, UsersInOrgQuery, UsersPagedResponse, UsersQuery } from '@propelauth/node-apis';
2
+ export { AccessToken, AccessTokenCreationException, AddUserToOrgException, AddUserToOrgRequest, ApiKeyCreateException, ApiKeyDeleteException, ApiKeyFetchException, ApiKeyFull, ApiKeyNew, ApiKeyResultPage, ApiKeyUpdateException, ApiKeyUpdateRequest, ApiKeyValidateException, ApiKeyValidation, ApiKeysCreateRequest, ApiKeysQueryRequest, ChangeUserRoleInOrgException, CreateAccessTokenRequest, CreateMagicLinkRequest, CreateOrgException, CreateOrgRequest, CreateUserException, CreateUserRequest, ForbiddenException, MagicLink, MagicLinkCreationException, MigrateUserException, MigrateUserFromExternalSourceRequest, OrgApiKeyValidation, OrgQuery, OrgQueryResponse, PersonalApiKeyValidation, RemoveUserFromOrgException, RemoveUserFromOrgRequest, TokenVerificationMetadata, UnexpectedException, UpdateOrgException, UpdateOrgRequest, UpdateUserEmailException, UpdateUserEmailRequest, UpdateUserMetadataException, UpdateUserMetadataRequest, UpdateUserPasswordException, UpdateUserPasswordRequest, UserNotFoundException, UsersInOrgQuery, UsersPagedResponse, UsersQuery } from '@propelauth/node-apis';
3
3
 
4
4
  declare class UserFromToken {
5
5
  userId: string;
package/dist/server/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/server/index.ts","../../src/user.ts","../../src/server/exceptions.ts","../../src/server/shared.ts","../../src/server/api.ts"],"sourcesContent":["export {validateAccessToken, validateAccessTokenOrUndefined} from \"./shared\"\nexport type {OrgIdToOrgMemberInfo} from \"../user\"\nexport {UserFromToken, OrgMemberInfo} from \"../user\"\nexport {UnauthorizedException, ConfigurationException} from \"./exceptions\"\nexport {getPropelAuthApis} from \"./api\"\nexport type {\n AccessToken,\n AccessTokenCreationException,\n AddUserToOrgException,\n AddUserToOrgRequest,\n ApiKeyCreateException,\n ApiKeyDeleteException,\n ApiKeyFetchException,\n ApiKeyFull,\n ApiKeyNew,\n ApiKeyResultPage,\n ApiKeyUpdateException,\n ApiKeyUpdateRequest,\n ApiKeyValidateException,\n ApiKeyValidation,\n ApiKeysCreateRequest,\n ApiKeysQueryRequest,\n BadRequestException,\n ChangeUserRoleInOrgException,\n CreateAccessTokenRequest,\n CreateMagicLinkRequest,\n CreateOrgException,\n CreateOrgRequest,\n CreateUserException,\n CreateUserRequest,\n ForbiddenException,\n InviteUserToOrgRequest,\n MagicLink,\n MagicLinkCreationException,\n MigrateUserException,\n MigrateUserFromExternalSourceRequest,\n OrgApiKeyValidation,\n OrgQuery,\n OrgQueryResponse,\n PersonalApiKeyValidation,\n RemoveUserFromOrgException,\n RemoveUserFromOrgRequest,\n TokenVerificationMetadata,\n UnexpectedException,\n UpdateOrgException,\n UpdateOrgRequest,\n UpdateUserEmailException,\n UpdateUserEmailRequest,\n UpdateUserMetadataException,\n UpdateUserMetadataRequest,\n UpdateUserPasswordException,\n UpdateUserPasswordRequest,\n UserNotFoundException,\n UsersInOrgQuery,\n UsersPagedResponse,\n UsersQuery,\n} from \"@propelauth/node-apis\"\n","export class UserFromToken {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n public properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string,\n properties?: { [key: string]: unknown },\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n\n this.properties = properties\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): UserFromToken {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new UserFromToken(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId,\n obj.properties,\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n public userAssignedRole: string\n public userInheritedRolesPlusCurrentRole: string[]\n public userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n return new UserFromToken(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId,\n snake_case.properties,\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","export class UnauthorizedException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 401\n }\n}\n\nexport class ConfigurationException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 500\n }\n}\n","import {ResponseCookie} from \"next/dist/compiled/@edge-runtime/cookies\";\nimport {InternalUser, toUser, UserFromToken} from \"../user\";\nimport {ConfigurationException, UnauthorizedException} from \"./exceptions\";\nimport * as jose from \"jose\";\n\ntype RefreshAndAccessTokens = {\n refreshToken: string\n accessToken: string\n error: \"none\"\n}\n\ntype RefreshAndAccessTokensUnauthorizedError = {\n error: \"unauthorized\"\n}\n\ntype RefreshAndAccessTokensUnexpectedError = {\n error: \"unexpected\"\n}\n\nexport type RefreshTokenResponse =\n RefreshAndAccessTokens\n | RefreshAndAccessTokensUnauthorizedError\n | RefreshAndAccessTokensUnexpectedError\n\nexport const LOGIN_PATH = \"/api/auth/login\"\nexport const CALLBACK_PATH = \"/api/auth/callback\"\nexport const USERINFO_PATH = \"/api/auth/userinfo\"\nexport const LOGOUT_PATH = \"/api/auth/logout\"\nexport const ACCESS_TOKEN_COOKIE_NAME = \"__pa_at\"\nexport const REFRESH_TOKEN_COOKIE_NAME = \"__pa_rt\"\nexport const STATE_COOKIE_NAME = \"__pa_state\"\nexport const CUSTOM_HEADER_FOR_ACCESS_TOKEN = \"x-propelauth-access-token\"\nexport const RETURN_TO_PATH_COOKIE_NAME = \"__pa_return_to_path\"\n\nexport const COOKIE_OPTIONS: Partial<ResponseCookie> = {\n httpOnly: true,\n sameSite: \"lax\",\n secure: true,\n path: \"/\",\n}\n\nexport function getAuthUrlOrigin() {\n return getAuthUrl().origin\n}\n\nexport function getAuthUrl() {\n const authUrl = process.env.NEXT_PUBLIC_AUTH_URL\n if (!authUrl) {\n throw new Error(\"NEXT_PUBLIC_AUTH_URL is not set\")\n }\n return new URL(authUrl)\n}\n\nexport function getRedirectUri() {\n const redirectUri = process.env.PROPELAUTH_REDIRECT_URI\n if (!redirectUri) {\n throw new Error(\"PROPELAUTH_REDIRECT_URI is not set\")\n }\n return redirectUri\n}\n\nexport function getIntegrationApiKey() {\n const integrationApiKey = process.env.PROPELAUTH_API_KEY\n if (!integrationApiKey) {\n throw new Error(\"PROPELAUTH_API_KEY is not set\")\n }\n return integrationApiKey\n}\n\nexport function getVerifierKey() {\n const verifierKey = process.env.PROPELAUTH_VERIFIER_KEY\n if (!verifierKey) {\n throw new Error(\"PROPELAUTH_VERIFIER_KEY is not set\")\n }\n return verifierKey.replace(/\\\\n/g, \"\\n\")\n}\n\nexport async function refreshTokenWithAccessAndRefreshToken(refreshToken: string): Promise<RefreshTokenResponse> {\n const body = {\n refresh_token: refreshToken,\n }\n const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(body),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + getIntegrationApiKey(),\n },\n })\n\n if (response.ok) {\n const data = await response.json()\n const newRefreshToken = data.refresh_token\n const {\n access_token: accessToken,\n expires_at_seconds: expiresAtSeconds,\n } = data.access_token\n\n return {\n refreshToken: newRefreshToken,\n accessToken,\n error: \"none\",\n }\n } else if (response.status === 400 || response.status === 401) {\n return {error: \"unauthorized\"}\n } else {\n return {error: \"unexpected\"}\n }\n}\n\nexport async function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<UserFromToken | undefined> {\n try {\n return await validateAccessToken(accessToken)\n } catch (err) {\n if (err instanceof ConfigurationException) {\n throw err\n } else if (err instanceof UnauthorizedException) {\n return undefined\n } else {\n console.info(\"Error validating access token\", err)\n return undefined\n }\n }\n}\n\nexport async function validateAccessToken(accessToken: string | undefined): Promise<UserFromToken> {\n let publicKey\n try {\n publicKey = await jose.importSPKI(getVerifierKey(), \"RS256\")\n } catch (err) {\n console.error(\"Verifier key is invalid. Make sure it's specified correctly, including the newlines.\", err)\n throw new ConfigurationException(\"Invalid verifier key\")\n }\n\n if (!accessToken) {\n throw new UnauthorizedException(\"No access token provided\")\n }\n\n let accessTokenWithoutBearer = accessToken\n if (accessToken.toLowerCase().startsWith(\"bearer \")) {\n accessTokenWithoutBearer = accessToken.substring(\"bearer \".length)\n }\n\n try {\n const {payload} = await jose.jwtVerify(accessTokenWithoutBearer, publicKey, {\n issuer: getAuthUrlOrigin(),\n algorithms: [\"RS256\"],\n })\n\n return toUser(<InternalUser>payload)\n } catch (e) {\n if (e instanceof Error) {\n throw new UnauthorizedException(e.message)\n } else {\n throw new UnauthorizedException(\"Unable to decode jwt\")\n }\n }\n}\n","import {getApis} from \"@propelauth/node-apis\";\nimport {getAuthUrl, getIntegrationApiKey} from \"./shared\";\n\nexport const getPropelAuthApis = () => {\n const authUrl = getAuthUrl()\n const integrationApiKey = getIntegrationApiKey()\n\n return getApis(authUrl, integrationApiKey)\n}"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAO,IAAM,gBAAN,MAAoB;AAAA,EAgBvB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACA,YACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAE1B,SAAK,aAAa;AAAA,EACtB;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA4BO,SAAS,OAAO,YAAyC;AAC5D,SAAO,IAAI;AAAA,IACP,WAAW;AAAA,IACX,WAAW;AAAA,IACX,uBAAuB,WAAW,yBAAyB;AAAA,IAC3D,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,EACf;AACJ;AAEO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;AClPO,IAAM,wBAAN,cAAoC,MAAM;AAAA,EAI7C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;AAEO,IAAM,yBAAN,cAAqC,MAAM;AAAA,EAI9C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;;;ACjBA,WAAsB;AAsCf,SAAS,mBAAmB;AAC/B,SAAO,WAAW,EAAE;AACxB;AAEO,SAAS,aAAa;AACzB,QAAM,UAAU,QAAQ,IAAI;AAC5B,MAAI,CAAC,SAAS;AACV,UAAM,IAAI,MAAM,iCAAiC;AAAA,EACrD;AACA,SAAO,IAAI,IAAI,OAAO;AAC1B;AAUO,SAAS,uBAAuB;AACnC,QAAM,oBAAoB,QAAQ,IAAI;AACtC,MAAI,CAAC,mBAAmB;AACpB,UAAM,IAAI,MAAM,+BAA+B;AAAA,EACnD;AACA,SAAO;AACX;AAEO,SAAS,iBAAiB;AAC7B,QAAM,cAAc,QAAQ,IAAI;AAChC,MAAI,CAAC,aAAa;AACd,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACxD;AACA,SAAO,YAAY,QAAQ,QAAQ,IAAI;AAC3C;AAoCA,SAAsB,+BAA+B,aAAqE;AAAA;AACtH,QAAI;AACA,aAAO,MAAM,oBAAoB,WAAW;AAAA,IAChD,SAAS,KAAP;AACE,UAAI,eAAe,wBAAwB;AACvC,cAAM;AAAA,MACV,WAAW,eAAe,uBAAuB;AAC7C,eAAO;AAAA,MACX,OAAO;AACH,gBAAQ,KAAK,iCAAiC,GAAG;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAAA,EACJ;AAAA;AAEA,SAAsB,oBAAoB,aAAyD;AAAA;AAC/F,QAAI;AACJ,QAAI;AACA,kBAAY,MAAW,gBAAW,eAAe,GAAG,OAAO;AAAA,IAC/D,SAAS,KAAP;AACE,cAAQ,MAAM,wFAAwF,GAAG;AACzG,YAAM,IAAI,uBAAuB,sBAAsB;AAAA,IAC3D;AAEA,QAAI,CAAC,aAAa;AACd,YAAM,IAAI,sBAAsB,0BAA0B;AAAA,IAC9D;AAEA,QAAI,2BAA2B;AAC/B,QAAI,YAAY,YAAY,EAAE,WAAW,SAAS,GAAG;AACjD,iCAA2B,YAAY,UAAU,UAAU,MAAM;AAAA,IACrE;AAEA,QAAI;AACA,YAAM,EAAC,QAAO,IAAI,MAAW,eAAU,0BAA0B,WAAW;AAAA,QACxE,QAAQ,iBAAiB;AAAA,QACzB,YAAY,CAAC,OAAO;AAAA,MACxB,CAAC;AAED,aAAO,OAAqB,OAAO;AAAA,IACvC,SAAS,GAAP;AACE,UAAI,aAAa,OAAO;AACpB,cAAM,IAAI,sBAAsB,EAAE,OAAO;AAAA,MAC7C,OAAO;AACH,cAAM,IAAI,sBAAsB,sBAAsB;AAAA,MAC1D;AAAA,IACJ;AAAA,EACJ;AAAA;;;AC9JA,uBAAsB;AAGf,IAAM,oBAAoB,MAAM;AACnC,QAAM,UAAU,WAAW;AAC3B,QAAM,oBAAoB,qBAAqB;AAE/C,aAAO,0BAAQ,SAAS,iBAAiB;AAC7C;","names":[]}
1
+ {"version":3,"sources":["../../src/server/index.ts","../../src/user.ts","../../src/server/exceptions.ts","../../src/server/shared.ts","../../src/server/api.ts"],"sourcesContent":["export { validateAccessToken, validateAccessTokenOrUndefined } from './shared'\nexport type { OrgIdToOrgMemberInfo } from '../user'\nexport { UserFromToken, OrgMemberInfo } from '../user'\nexport { UnauthorizedException, ConfigurationException } from './exceptions'\nexport { getPropelAuthApis } from './api'\nexport type {\n AccessToken,\n AccessTokenCreationException,\n AddUserToOrgException,\n AddUserToOrgRequest,\n ApiKeyCreateException,\n ApiKeyDeleteException,\n ApiKeyFetchException,\n ApiKeyFull,\n ApiKeyNew,\n ApiKeyResultPage,\n ApiKeyUpdateException,\n ApiKeyUpdateRequest,\n ApiKeyValidateException,\n ApiKeyValidation,\n ApiKeysCreateRequest,\n ApiKeysQueryRequest,\n ChangeUserRoleInOrgException,\n CreateAccessTokenRequest,\n CreateMagicLinkRequest,\n CreateOrgException,\n CreateOrgRequest,\n CreateUserException,\n CreateUserRequest,\n ForbiddenException,\n MagicLink,\n MagicLinkCreationException,\n MigrateUserException,\n MigrateUserFromExternalSourceRequest,\n OrgApiKeyValidation,\n OrgQuery,\n OrgQueryResponse,\n PersonalApiKeyValidation,\n RemoveUserFromOrgException,\n RemoveUserFromOrgRequest,\n TokenVerificationMetadata,\n UnexpectedException,\n UpdateOrgException,\n UpdateOrgRequest,\n UpdateUserEmailException,\n UpdateUserEmailRequest,\n UpdateUserMetadataException,\n UpdateUserMetadataRequest,\n UpdateUserPasswordException,\n UpdateUserPasswordRequest,\n UserNotFoundException,\n UsersInOrgQuery,\n UsersPagedResponse,\n UsersQuery,\n} from '@propelauth/node-apis'\n","export class UserFromToken {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n public properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string,\n properties?: { [key: string]: unknown },\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n\n this.properties = properties\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): UserFromToken {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new UserFromToken(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId,\n obj.properties,\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n public userAssignedRole: string\n public userInheritedRolesPlusCurrentRole: string[]\n public userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n return new UserFromToken(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId,\n snake_case.properties,\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","export class UnauthorizedException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 401\n }\n}\n\nexport class ConfigurationException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 500\n }\n}\n","import {ResponseCookie} from \"next/dist/compiled/@edge-runtime/cookies\";\nimport {InternalUser, toUser, UserFromToken} from \"../user\";\nimport {ConfigurationException, UnauthorizedException} from \"./exceptions\";\nimport * as jose from \"jose\";\n\ntype RefreshAndAccessTokens = {\n refreshToken: string\n accessToken: string\n error: \"none\"\n}\n\ntype RefreshAndAccessTokensUnauthorizedError = {\n error: \"unauthorized\"\n}\n\ntype RefreshAndAccessTokensUnexpectedError = {\n error: \"unexpected\"\n}\n\nexport type RefreshTokenResponse =\n RefreshAndAccessTokens\n | RefreshAndAccessTokensUnauthorizedError\n | RefreshAndAccessTokensUnexpectedError\n\nexport const LOGIN_PATH = \"/api/auth/login\"\nexport const CALLBACK_PATH = \"/api/auth/callback\"\nexport const USERINFO_PATH = \"/api/auth/userinfo\"\nexport const LOGOUT_PATH = \"/api/auth/logout\"\nexport const ACCESS_TOKEN_COOKIE_NAME = \"__pa_at\"\nexport const REFRESH_TOKEN_COOKIE_NAME = \"__pa_rt\"\nexport const STATE_COOKIE_NAME = \"__pa_state\"\nexport const CUSTOM_HEADER_FOR_ACCESS_TOKEN = \"x-propelauth-access-token\"\nexport const RETURN_TO_PATH_COOKIE_NAME = \"__pa_return_to_path\"\n\nexport const COOKIE_OPTIONS: Partial<ResponseCookie> = {\n httpOnly: true,\n sameSite: \"lax\",\n secure: true,\n path: \"/\",\n}\n\nexport function getAuthUrlOrigin() {\n return getAuthUrl().origin\n}\n\nexport function getAuthUrl() {\n const authUrl = process.env.NEXT_PUBLIC_AUTH_URL\n if (!authUrl) {\n throw new Error(\"NEXT_PUBLIC_AUTH_URL is not set\")\n }\n return new URL(authUrl)\n}\n\nexport function getRedirectUri() {\n const redirectUri = process.env.PROPELAUTH_REDIRECT_URI\n if (!redirectUri) {\n throw new Error(\"PROPELAUTH_REDIRECT_URI is not set\")\n }\n return redirectUri\n}\n\nexport function getIntegrationApiKey() {\n const integrationApiKey = process.env.PROPELAUTH_API_KEY\n if (!integrationApiKey) {\n throw new Error(\"PROPELAUTH_API_KEY is not set\")\n }\n return integrationApiKey\n}\n\nexport function getVerifierKey() {\n const verifierKey = process.env.PROPELAUTH_VERIFIER_KEY\n if (!verifierKey) {\n throw new Error(\"PROPELAUTH_VERIFIER_KEY is not set\")\n }\n return verifierKey.replace(/\\\\n/g, \"\\n\")\n}\n\nexport async function refreshTokenWithAccessAndRefreshToken(refreshToken: string): Promise<RefreshTokenResponse> {\n const body = {\n refresh_token: refreshToken,\n }\n const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(body),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + getIntegrationApiKey(),\n },\n })\n\n if (response.ok) {\n const data = await response.json()\n const newRefreshToken = data.refresh_token\n const {\n access_token: accessToken,\n expires_at_seconds: expiresAtSeconds,\n } = data.access_token\n\n return {\n refreshToken: newRefreshToken,\n accessToken,\n error: \"none\",\n }\n } else if (response.status === 400 || response.status === 401) {\n return {error: \"unauthorized\"}\n } else {\n return {error: \"unexpected\"}\n }\n}\n\nexport async function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<UserFromToken | undefined> {\n try {\n return await validateAccessToken(accessToken)\n } catch (err) {\n if (err instanceof ConfigurationException) {\n throw err\n } else if (err instanceof UnauthorizedException) {\n return undefined\n } else {\n console.info(\"Error validating access token\", err)\n return undefined\n }\n }\n}\n\nexport async function validateAccessToken(accessToken: string | undefined): Promise<UserFromToken> {\n let publicKey\n try {\n publicKey = await jose.importSPKI(getVerifierKey(), \"RS256\")\n } catch (err) {\n console.error(\"Verifier key is invalid. Make sure it's specified correctly, including the newlines.\", err)\n throw new ConfigurationException(\"Invalid verifier key\")\n }\n\n if (!accessToken) {\n throw new UnauthorizedException(\"No access token provided\")\n }\n\n let accessTokenWithoutBearer = accessToken\n if (accessToken.toLowerCase().startsWith(\"bearer \")) {\n accessTokenWithoutBearer = accessToken.substring(\"bearer \".length)\n }\n\n try {\n const {payload} = await jose.jwtVerify(accessTokenWithoutBearer, publicKey, {\n issuer: getAuthUrlOrigin(),\n algorithms: [\"RS256\"],\n })\n\n return toUser(<InternalUser>payload)\n } catch (e) {\n if (e instanceof Error) {\n throw new UnauthorizedException(e.message)\n } else {\n throw new UnauthorizedException(\"Unable to decode jwt\")\n }\n }\n}\n","import {getApis} from \"@propelauth/node-apis\";\nimport {getAuthUrl, getIntegrationApiKey} from \"./shared\";\n\nexport const getPropelAuthApis = () => {\n const authUrl = getAuthUrl()\n const integrationApiKey = getIntegrationApiKey()\n\n return getApis(authUrl, integrationApiKey)\n}"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAO,IAAM,gBAAN,MAAoB;AAAA,EAgBvB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACA,YACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAE1B,SAAK,aAAa;AAAA,EACtB;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA4BO,SAAS,OAAO,YAAyC;AAC5D,SAAO,IAAI;AAAA,IACP,WAAW;AAAA,IACX,WAAW;AAAA,IACX,uBAAuB,WAAW,yBAAyB;AAAA,IAC3D,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,EACf;AACJ;AAEO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;AClPO,IAAM,wBAAN,cAAoC,MAAM;AAAA,EAI7C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;AAEO,IAAM,yBAAN,cAAqC,MAAM;AAAA,EAI9C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;;;ACjBA,WAAsB;AAsCf,SAAS,mBAAmB;AAC/B,SAAO,WAAW,EAAE;AACxB;AAEO,SAAS,aAAa;AACzB,QAAM,UAAU,QAAQ,IAAI;AAC5B,MAAI,CAAC,SAAS;AACV,UAAM,IAAI,MAAM,iCAAiC;AAAA,EACrD;AACA,SAAO,IAAI,IAAI,OAAO;AAC1B;AAUO,SAAS,uBAAuB;AACnC,QAAM,oBAAoB,QAAQ,IAAI;AACtC,MAAI,CAAC,mBAAmB;AACpB,UAAM,IAAI,MAAM,+BAA+B;AAAA,EACnD;AACA,SAAO;AACX;AAEO,SAAS,iBAAiB;AAC7B,QAAM,cAAc,QAAQ,IAAI;AAChC,MAAI,CAAC,aAAa;AACd,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACxD;AACA,SAAO,YAAY,QAAQ,QAAQ,IAAI;AAC3C;AAoCA,SAAsB,+BAA+B,aAAqE;AAAA;AACtH,QAAI;AACA,aAAO,MAAM,oBAAoB,WAAW;AAAA,IAChD,SAAS,KAAP;AACE,UAAI,eAAe,wBAAwB;AACvC,cAAM;AAAA,MACV,WAAW,eAAe,uBAAuB;AAC7C,eAAO;AAAA,MACX,OAAO;AACH,gBAAQ,KAAK,iCAAiC,GAAG;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAAA,EACJ;AAAA;AAEA,SAAsB,oBAAoB,aAAyD;AAAA;AAC/F,QAAI;AACJ,QAAI;AACA,kBAAY,MAAW,gBAAW,eAAe,GAAG,OAAO;AAAA,IAC/D,SAAS,KAAP;AACE,cAAQ,MAAM,wFAAwF,GAAG;AACzG,YAAM,IAAI,uBAAuB,sBAAsB;AAAA,IAC3D;AAEA,QAAI,CAAC,aAAa;AACd,YAAM,IAAI,sBAAsB,0BAA0B;AAAA,IAC9D;AAEA,QAAI,2BAA2B;AAC/B,QAAI,YAAY,YAAY,EAAE,WAAW,SAAS,GAAG;AACjD,iCAA2B,YAAY,UAAU,UAAU,MAAM;AAAA,IACrE;AAEA,QAAI;AACA,YAAM,EAAC,QAAO,IAAI,MAAW,eAAU,0BAA0B,WAAW;AAAA,QACxE,QAAQ,iBAAiB;AAAA,QACzB,YAAY,CAAC,OAAO;AAAA,MACxB,CAAC;AAED,aAAO,OAAqB,OAAO;AAAA,IACvC,SAAS,GAAP;AACE,UAAI,aAAa,OAAO;AACpB,cAAM,IAAI,sBAAsB,EAAE,OAAO;AAAA,MAC7C,OAAO;AACH,cAAM,IAAI,sBAAsB,sBAAsB;AAAA,MAC1D;AAAA,IACJ;AAAA,EACJ;AAAA;;;AC9JA,uBAAsB;AAGf,IAAM,oBAAoB,MAAM;AACnC,QAAM,UAAU,WAAW;AAC3B,QAAM,oBAAoB,qBAAqB;AAE/C,aAAO,0BAAQ,SAAS,iBAAiB;AAC7C;","names":[]}
package/dist/server/pages/index.d.ts CHANGED
@@ -48,6 +48,6 @@ declare class OrgMemberInfo {
48
48
  }
49
49
 
50
50
  declare function getUserFromServerSideProps(props: GetServerSidePropsContext, forceRefresh?: boolean): Promise<UserFromToken | undefined>;
51
- declare function getUserFromApiRouteRequest(req: NextApiRequest, res: NextApiResponse): Promise<UserFromToken | undefined>;
51
+ declare function getUserFromApiRouteRequest(req: NextApiRequest, res: NextApiResponse, forceRefresh?: boolean): Promise<UserFromToken | undefined>;
52
52
 
53
53
  export { getUserFromApiRouteRequest, getUserFromServerSideProps };
package/dist/server/pages/index.js CHANGED
@@ -356,11 +356,11 @@ function getUserFromServerSideProps(props, forceRefresh = false) {
356
356
  return void 0;
357
357
  });
358
358
  }
359
- function getUserFromApiRouteRequest(req, res) {
359
+ function getUserFromApiRouteRequest(req, res, forceRefresh = false) {
360
360
  return __async(this, null, function* () {
361
361
  const accessToken = req.cookies[ACCESS_TOKEN_COOKIE_NAME];
362
362
  const refreshToken = req.cookies[REFRESH_TOKEN_COOKIE_NAME];
363
- if (accessToken) {
363
+ if (accessToken && !forceRefresh) {
364
364
  const user = yield validateAccessTokenOrUndefined(accessToken);
365
365
  if (user) {
366
366
  return user;
package/dist/server/pages/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/server/pages-index.ts","../../../src/user.ts","../../../src/server/exceptions.ts","../../../src/server/shared.ts","../../../src/server/pages.ts"],"sourcesContent":["export {getUserFromServerSideProps, getUserFromApiRouteRequest} from \"./pages\"","export class UserFromToken {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n public properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string,\n properties?: { [key: string]: unknown },\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n\n this.properties = properties\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): UserFromToken {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new UserFromToken(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId,\n obj.properties,\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n public userAssignedRole: string\n public userInheritedRolesPlusCurrentRole: string[]\n public userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n return new UserFromToken(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId,\n snake_case.properties,\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","export class UnauthorizedException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 401\n }\n}\n\nexport class ConfigurationException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 500\n }\n}\n","import {ResponseCookie} from \"next/dist/compiled/@edge-runtime/cookies\";\nimport {InternalUser, toUser, UserFromToken} from \"../user\";\nimport {ConfigurationException, UnauthorizedException} from \"./exceptions\";\nimport * as jose from \"jose\";\n\ntype RefreshAndAccessTokens = {\n refreshToken: string\n accessToken: string\n error: \"none\"\n}\n\ntype RefreshAndAccessTokensUnauthorizedError = {\n error: \"unauthorized\"\n}\n\ntype RefreshAndAccessTokensUnexpectedError = {\n error: \"unexpected\"\n}\n\nexport type RefreshTokenResponse =\n RefreshAndAccessTokens\n | RefreshAndAccessTokensUnauthorizedError\n | RefreshAndAccessTokensUnexpectedError\n\nexport const LOGIN_PATH = \"/api/auth/login\"\nexport const CALLBACK_PATH = \"/api/auth/callback\"\nexport const USERINFO_PATH = \"/api/auth/userinfo\"\nexport const LOGOUT_PATH = \"/api/auth/logout\"\nexport const ACCESS_TOKEN_COOKIE_NAME = \"__pa_at\"\nexport const REFRESH_TOKEN_COOKIE_NAME = \"__pa_rt\"\nexport const STATE_COOKIE_NAME = \"__pa_state\"\nexport const CUSTOM_HEADER_FOR_ACCESS_TOKEN = \"x-propelauth-access-token\"\nexport const RETURN_TO_PATH_COOKIE_NAME = \"__pa_return_to_path\"\n\nexport const COOKIE_OPTIONS: Partial<ResponseCookie> = {\n httpOnly: true,\n sameSite: \"lax\",\n secure: true,\n path: \"/\",\n}\n\nexport function getAuthUrlOrigin() {\n return getAuthUrl().origin\n}\n\nexport function getAuthUrl() {\n const authUrl = process.env.NEXT_PUBLIC_AUTH_URL\n if (!authUrl) {\n throw new Error(\"NEXT_PUBLIC_AUTH_URL is not set\")\n }\n return new URL(authUrl)\n}\n\nexport function getRedirectUri() {\n const redirectUri = process.env.PROPELAUTH_REDIRECT_URI\n if (!redirectUri) {\n throw new Error(\"PROPELAUTH_REDIRECT_URI is not set\")\n }\n return redirectUri\n}\n\nexport function getIntegrationApiKey() {\n const integrationApiKey = process.env.PROPELAUTH_API_KEY\n if (!integrationApiKey) {\n throw new Error(\"PROPELAUTH_API_KEY is not set\")\n }\n return integrationApiKey\n}\n\nexport function getVerifierKey() {\n const verifierKey = process.env.PROPELAUTH_VERIFIER_KEY\n if (!verifierKey) {\n throw new Error(\"PROPELAUTH_VERIFIER_KEY is not set\")\n }\n return verifierKey.replace(/\\\\n/g, \"\\n\")\n}\n\nexport async function refreshTokenWithAccessAndRefreshToken(refreshToken: string): Promise<RefreshTokenResponse> {\n const body = {\n refresh_token: refreshToken,\n }\n const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(body),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + getIntegrationApiKey(),\n },\n })\n\n if (response.ok) {\n const data = await response.json()\n const newRefreshToken = data.refresh_token\n const {\n access_token: accessToken,\n expires_at_seconds: expiresAtSeconds,\n } = data.access_token\n\n return {\n refreshToken: newRefreshToken,\n accessToken,\n error: \"none\",\n }\n } else if (response.status === 400 || response.status === 401) {\n return {error: \"unauthorized\"}\n } else {\n return {error: \"unexpected\"}\n }\n}\n\nexport async function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<UserFromToken | undefined> {\n try {\n return await validateAccessToken(accessToken)\n } catch (err) {\n if (err instanceof ConfigurationException) {\n throw err\n } else if (err instanceof UnauthorizedException) {\n return undefined\n } else {\n console.info(\"Error validating access token\", err)\n return undefined\n }\n }\n}\n\nexport async function validateAccessToken(accessToken: string | undefined): Promise<UserFromToken> {\n let publicKey\n try {\n publicKey = await jose.importSPKI(getVerifierKey(), \"RS256\")\n } catch (err) {\n console.error(\"Verifier key is invalid. Make sure it's specified correctly, including the newlines.\", err)\n throw new ConfigurationException(\"Invalid verifier key\")\n }\n\n if (!accessToken) {\n throw new UnauthorizedException(\"No access token provided\")\n }\n\n let accessTokenWithoutBearer = accessToken\n if (accessToken.toLowerCase().startsWith(\"bearer \")) {\n accessTokenWithoutBearer = accessToken.substring(\"bearer \".length)\n }\n\n try {\n const {payload} = await jose.jwtVerify(accessTokenWithoutBearer, publicKey, {\n issuer: getAuthUrlOrigin(),\n algorithms: [\"RS256\"],\n })\n\n return toUser(<InternalUser>payload)\n } catch (e) {\n if (e instanceof Error) {\n throw new UnauthorizedException(e.message)\n } else {\n throw new UnauthorizedException(\"Unable to decode jwt\")\n }\n }\n}\n","import {GetServerSidePropsContext, NextApiRequest, NextApiResponse} from \"next\";\nimport {\n ACCESS_TOKEN_COOKIE_NAME,\n REFRESH_TOKEN_COOKIE_NAME,\n refreshTokenWithAccessAndRefreshToken, validateAccessToken,\n validateAccessTokenOrUndefined\n} from \"./shared\";\n\nexport async function getUserFromServerSideProps(props: GetServerSidePropsContext, forceRefresh: boolean = false) {\n const accessToken = props.req.cookies[ACCESS_TOKEN_COOKIE_NAME]\n const refreshToken = props.req.cookies[REFRESH_TOKEN_COOKIE_NAME]\n\n // If we are authenticated, we can continue\n if (accessToken && !forceRefresh) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return user\n }\n }\n\n // Otherwise, we need to refresh the access token\n if (refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === \"unexpected\") {\n throw new Error(\"Unexpected error while refreshing access token\")\n } else if (response.error === \"unauthorized\") {\n props.res.setHeader(\"Set-Cookie\", [\n `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n ])\n return undefined\n } else {\n const user = await validateAccessToken(response.accessToken)\n props.res.setHeader(\"Set-Cookie\", [\n `${ACCESS_TOKEN_COOKIE_NAME}=${response.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n `${REFRESH_TOKEN_COOKIE_NAME}=${response.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n ])\n return user\n }\n }\n\n return undefined\n}\n\nexport async function getUserFromApiRouteRequest(req: NextApiRequest, res: NextApiResponse) {\n const accessToken = req.cookies[ACCESS_TOKEN_COOKIE_NAME]\n const refreshToken = req.cookies[REFRESH_TOKEN_COOKIE_NAME]\n\n // If we are authenticated, we can continue\n if (accessToken) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return user\n }\n }\n\n // Otherwise, we need to refresh the access token\n if (refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === \"unexpected\") {\n throw new Error(\"Unexpected error while refreshing access token\")\n } else if (response.error === \"unauthorized\") {\n res.setHeader(\"Set-Cookie\", [\n `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n ])\n return undefined\n } else {\n const user = await validateAccessToken(response.accessToken)\n res.setHeader(\"Set-Cookie\", [\n `${ACCESS_TOKEN_COOKIE_NAME}=${response.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n `${REFRESH_TOKEN_COOKIE_NAME}=${response.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n ])\n return user\n }\n }\n\n return undefined\n\n}"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAO,IAAM,gBAAN,MAAoB;AAAA,EAgBvB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACA,YACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAE1B,SAAK,aAAa;AAAA,EACtB;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA4BO,SAAS,OAAO,YAAyC;AAC5D,SAAO,IAAI;AAAA,IACP,WAAW;AAAA,IACX,WAAW;AAAA,IACX,uBAAuB,WAAW,yBAAyB;AAAA,IAC3D,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,EACf;AACJ;AAEO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;AClPO,IAAM,wBAAN,cAAoC,MAAM;AAAA,EAI7C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;AAEO,IAAM,yBAAN,cAAqC,MAAM;AAAA,EAI9C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;;;ACjBA,WAAsB;AAyBf,IAAM,2BAA2B;AACjC,IAAM,4BAA4B;AAYlC,SAAS,mBAAmB;AAC/B,SAAO,WAAW,EAAE;AACxB;AAEO,SAAS,aAAa;AACzB,QAAM,UAAU,QAAQ,IAAI;AAC5B,MAAI,CAAC,SAAS;AACV,UAAM,IAAI,MAAM,iCAAiC;AAAA,EACrD;AACA,SAAO,IAAI,IAAI,OAAO;AAC1B;AAUO,SAAS,uBAAuB;AACnC,QAAM,oBAAoB,QAAQ,IAAI;AACtC,MAAI,CAAC,mBAAmB;AACpB,UAAM,IAAI,MAAM,+BAA+B;AAAA,EACnD;AACA,SAAO;AACX;AAEO,SAAS,iBAAiB;AAC7B,QAAM,cAAc,QAAQ,IAAI;AAChC,MAAI,CAAC,aAAa;AACd,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACxD;AACA,SAAO,YAAY,QAAQ,QAAQ,IAAI;AAC3C;AAEA,SAAsB,sCAAsC,cAAqD;AAAA;AAC7G,UAAM,OAAO;AAAA,MACT,eAAe;AAAA,IACnB;AACA,UAAM,MAAM,GAAG,iBAAiB;AAChC,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAC9B,QAAQ;AAAA,MACR,MAAM,KAAK,UAAU,IAAI;AAAA,MACzB,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,eAAe,YAAY,qBAAqB;AAAA,MACpD;AAAA,IACJ,CAAC;AAED,QAAI,SAAS,IAAI;AACb,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,YAAM,kBAAkB,KAAK;AAC7B,YAAM;AAAA,QACF,cAAc;AAAA,QACd,oBAAoB;AAAA,MACxB,IAAI,KAAK;AAET,aAAO;AAAA,QACH,cAAc;AAAA,QACd;AAAA,QACA,OAAO;AAAA,MACX;AAAA,IACJ,WAAW,SAAS,WAAW,OAAO,SAAS,WAAW,KAAK;AAC3D,aAAO,EAAC,OAAO,eAAc;AAAA,IACjC,OAAO;AACH,aAAO,EAAC,OAAO,aAAY;AAAA,IAC/B;AAAA,EACJ;AAAA;AAEA,SAAsB,+BAA+B,aAAqE;AAAA;AACtH,QAAI;AACA,aAAO,MAAM,oBAAoB,WAAW;AAAA,IAChD,SAAS,KAAP;AACE,UAAI,eAAe,wBAAwB;AACvC,cAAM;AAAA,MACV,WAAW,eAAe,uBAAuB;AAC7C,eAAO;AAAA,MACX,OAAO;AACH,gBAAQ,KAAK,iCAAiC,GAAG;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAAA,EACJ;AAAA;AAEA,SAAsB,oBAAoB,aAAyD;AAAA;AAC/F,QAAI;AACJ,QAAI;AACA,kBAAY,MAAW,gBAAW,eAAe,GAAG,OAAO;AAAA,IAC/D,SAAS,KAAP;AACE,cAAQ,MAAM,wFAAwF,GAAG;AACzG,YAAM,IAAI,uBAAuB,sBAAsB;AAAA,IAC3D;AAEA,QAAI,CAAC,aAAa;AACd,YAAM,IAAI,sBAAsB,0BAA0B;AAAA,IAC9D;AAEA,QAAI,2BAA2B;AAC/B,QAAI,YAAY,YAAY,EAAE,WAAW,SAAS,GAAG;AACjD,iCAA2B,YAAY,UAAU,UAAU,MAAM;AAAA,IACrE;AAEA,QAAI;AACA,YAAM,EAAC,QAAO,IAAI,MAAW,eAAU,0BAA0B,WAAW;AAAA,QACxE,QAAQ,iBAAiB;AAAA,QACzB,YAAY,CAAC,OAAO;AAAA,MACxB,CAAC;AAED,aAAO,OAAqB,OAAO;AAAA,IACvC,SAAS,GAAP;AACE,UAAI,aAAa,OAAO;AACpB,cAAM,IAAI,sBAAsB,EAAE,OAAO;AAAA,MAC7C,OAAO;AACH,cAAM,IAAI,sBAAsB,sBAAsB;AAAA,MAC1D;AAAA,IACJ;AAAA,EACJ;AAAA;;;ACtJA,SAAsB,2BAA2B,OAAkC,eAAwB,OAAO;AAAA;AAC9G,UAAM,cAAc,MAAM,IAAI,QAAQ,wBAAwB;AAC9D,UAAM,eAAe,MAAM,IAAI,QAAQ,yBAAyB;AAGhE,QAAI,eAAe,CAAC,cAAc;AAC9B,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO;AAAA,MACX;AAAA,IACJ;AAGA,QAAI,cAAc;AACd,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,cAAM,IAAI,UAAU,cAAc;AAAA,UAC9B,GAAG;AAAA,UACH,GAAG;AAAA,QACP,CAAC;AACD,eAAO;AAAA,MACX,OAAO;AACH,cAAM,OAAO,MAAM,oBAAoB,SAAS,WAAW;AAC3D,cAAM,IAAI,UAAU,cAAc;AAAA,UAC9B,GAAG,4BAA4B,SAAS;AAAA,UACxC,GAAG,6BAA6B,SAAS;AAAA,QAC7C,CAAC;AACD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA;AAEA,SAAsB,2BAA2B,KAAqB,KAAsB;AAAA;AACxF,UAAM,cAAc,IAAI,QAAQ,wBAAwB;AACxD,UAAM,eAAe,IAAI,QAAQ,yBAAyB;AAG1D,QAAI,aAAa;AACb,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO;AAAA,MACX;AAAA,IACJ;AAGA,QAAI,cAAc;AACd,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,YAAI,UAAU,cAAc;AAAA,UACxB,GAAG;AAAA,UACH,GAAG;AAAA,QACP,CAAC;AACD,eAAO;AAAA,MACX,OAAO;AACH,cAAM,OAAO,MAAM,oBAAoB,SAAS,WAAW;AAC3D,YAAI,UAAU,cAAc;AAAA,UACxB,GAAG,4BAA4B,SAAS;AAAA,UACxC,GAAG,6BAA6B,SAAS;AAAA,QAC7C,CAAC;AACD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EAEX;AAAA;","names":[]}
1
+ {"version":3,"sources":["../../../src/server/pages-index.ts","../../../src/user.ts","../../../src/server/exceptions.ts","../../../src/server/shared.ts","../../../src/server/pages.ts"],"sourcesContent":["export {getUserFromServerSideProps, getUserFromApiRouteRequest} from \"./pages\"","export class UserFromToken {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n public properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string,\n properties?: { [key: string]: unknown },\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n\n this.properties = properties\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): UserFromToken {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new UserFromToken(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId,\n obj.properties,\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n public userAssignedRole: string\n public userInheritedRolesPlusCurrentRole: string[]\n public userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n return new UserFromToken(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId,\n snake_case.properties,\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","export class UnauthorizedException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 401\n }\n}\n\nexport class ConfigurationException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 500\n }\n}\n","import {ResponseCookie} from \"next/dist/compiled/@edge-runtime/cookies\";\nimport {InternalUser, toUser, UserFromToken} from \"../user\";\nimport {ConfigurationException, UnauthorizedException} from \"./exceptions\";\nimport * as jose from \"jose\";\n\ntype RefreshAndAccessTokens = {\n refreshToken: string\n accessToken: string\n error: \"none\"\n}\n\ntype RefreshAndAccessTokensUnauthorizedError = {\n error: \"unauthorized\"\n}\n\ntype RefreshAndAccessTokensUnexpectedError = {\n error: \"unexpected\"\n}\n\nexport type RefreshTokenResponse =\n RefreshAndAccessTokens\n | RefreshAndAccessTokensUnauthorizedError\n | RefreshAndAccessTokensUnexpectedError\n\nexport const LOGIN_PATH = \"/api/auth/login\"\nexport const CALLBACK_PATH = \"/api/auth/callback\"\nexport const USERINFO_PATH = \"/api/auth/userinfo\"\nexport const LOGOUT_PATH = \"/api/auth/logout\"\nexport const ACCESS_TOKEN_COOKIE_NAME = \"__pa_at\"\nexport const REFRESH_TOKEN_COOKIE_NAME = \"__pa_rt\"\nexport const STATE_COOKIE_NAME = \"__pa_state\"\nexport const CUSTOM_HEADER_FOR_ACCESS_TOKEN = \"x-propelauth-access-token\"\nexport const RETURN_TO_PATH_COOKIE_NAME = \"__pa_return_to_path\"\n\nexport const COOKIE_OPTIONS: Partial<ResponseCookie> = {\n httpOnly: true,\n sameSite: \"lax\",\n secure: true,\n path: \"/\",\n}\n\nexport function getAuthUrlOrigin() {\n return getAuthUrl().origin\n}\n\nexport function getAuthUrl() {\n const authUrl = process.env.NEXT_PUBLIC_AUTH_URL\n if (!authUrl) {\n throw new Error(\"NEXT_PUBLIC_AUTH_URL is not set\")\n }\n return new URL(authUrl)\n}\n\nexport function getRedirectUri() {\n const redirectUri = process.env.PROPELAUTH_REDIRECT_URI\n if (!redirectUri) {\n throw new Error(\"PROPELAUTH_REDIRECT_URI is not set\")\n }\n return redirectUri\n}\n\nexport function getIntegrationApiKey() {\n const integrationApiKey = process.env.PROPELAUTH_API_KEY\n if (!integrationApiKey) {\n throw new Error(\"PROPELAUTH_API_KEY is not set\")\n }\n return integrationApiKey\n}\n\nexport function getVerifierKey() {\n const verifierKey = process.env.PROPELAUTH_VERIFIER_KEY\n if (!verifierKey) {\n throw new Error(\"PROPELAUTH_VERIFIER_KEY is not set\")\n }\n return verifierKey.replace(/\\\\n/g, \"\\n\")\n}\n\nexport async function refreshTokenWithAccessAndRefreshToken(refreshToken: string): Promise<RefreshTokenResponse> {\n const body = {\n refresh_token: refreshToken,\n }\n const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(body),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + getIntegrationApiKey(),\n },\n })\n\n if (response.ok) {\n const data = await response.json()\n const newRefreshToken = data.refresh_token\n const {\n access_token: accessToken,\n expires_at_seconds: expiresAtSeconds,\n } = data.access_token\n\n return {\n refreshToken: newRefreshToken,\n accessToken,\n error: \"none\",\n }\n } else if (response.status === 400 || response.status === 401) {\n return {error: \"unauthorized\"}\n } else {\n return {error: \"unexpected\"}\n }\n}\n\nexport async function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<UserFromToken | undefined> {\n try {\n return await validateAccessToken(accessToken)\n } catch (err) {\n if (err instanceof ConfigurationException) {\n throw err\n } else if (err instanceof UnauthorizedException) {\n return undefined\n } else {\n console.info(\"Error validating access token\", err)\n return undefined\n }\n }\n}\n\nexport async function validateAccessToken(accessToken: string | undefined): Promise<UserFromToken> {\n let publicKey\n try {\n publicKey = await jose.importSPKI(getVerifierKey(), \"RS256\")\n } catch (err) {\n console.error(\"Verifier key is invalid. Make sure it's specified correctly, including the newlines.\", err)\n throw new ConfigurationException(\"Invalid verifier key\")\n }\n\n if (!accessToken) {\n throw new UnauthorizedException(\"No access token provided\")\n }\n\n let accessTokenWithoutBearer = accessToken\n if (accessToken.toLowerCase().startsWith(\"bearer \")) {\n accessTokenWithoutBearer = accessToken.substring(\"bearer \".length)\n }\n\n try {\n const {payload} = await jose.jwtVerify(accessTokenWithoutBearer, publicKey, {\n issuer: getAuthUrlOrigin(),\n algorithms: [\"RS256\"],\n })\n\n return toUser(<InternalUser>payload)\n } catch (e) {\n if (e instanceof Error) {\n throw new UnauthorizedException(e.message)\n } else {\n throw new UnauthorizedException(\"Unable to decode jwt\")\n }\n }\n}\n","import { GetServerSidePropsContext, NextApiRequest, NextApiResponse } from 'next'\nimport {\n ACCESS_TOKEN_COOKIE_NAME,\n REFRESH_TOKEN_COOKIE_NAME,\n refreshTokenWithAccessAndRefreshToken,\n validateAccessToken,\n validateAccessTokenOrUndefined,\n} from './shared'\n\nexport async function getUserFromServerSideProps(props: GetServerSidePropsContext, forceRefresh: boolean = false) {\n const accessToken = props.req.cookies[ACCESS_TOKEN_COOKIE_NAME]\n const refreshToken = props.req.cookies[REFRESH_TOKEN_COOKIE_NAME]\n\n // If we are authenticated, we can continue\n if (accessToken && !forceRefresh) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return user\n }\n }\n\n // Otherwise, we need to refresh the access token\n if (refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === 'unexpected') {\n throw new Error('Unexpected error while refreshing access token')\n } else if (response.error === 'unauthorized') {\n props.res.setHeader('Set-Cookie', [\n `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n ])\n return undefined\n } else {\n const user = await validateAccessToken(response.accessToken)\n props.res.setHeader('Set-Cookie', [\n `${ACCESS_TOKEN_COOKIE_NAME}=${response.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n `${REFRESH_TOKEN_COOKIE_NAME}=${response.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n ])\n return user\n }\n }\n\n return undefined\n}\n\nexport async function getUserFromApiRouteRequest(\n req: NextApiRequest,\n res: NextApiResponse,\n forceRefresh: boolean = false\n) {\n const accessToken = req.cookies[ACCESS_TOKEN_COOKIE_NAME]\n const refreshToken = req.cookies[REFRESH_TOKEN_COOKIE_NAME]\n\n // If we are authenticated, we can continue\n if (accessToken && !forceRefresh) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return user\n }\n }\n\n // Otherwise, we need to refresh the access token\n if (refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === 'unexpected') {\n throw new Error('Unexpected error while refreshing access token')\n } else if (response.error === 'unauthorized') {\n res.setHeader('Set-Cookie', [\n `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n ])\n return undefined\n } else {\n const user = await validateAccessToken(response.accessToken)\n res.setHeader('Set-Cookie', [\n `${ACCESS_TOKEN_COOKIE_NAME}=${response.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n `${REFRESH_TOKEN_COOKIE_NAME}=${response.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n ])\n return user\n }\n }\n\n return undefined\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAO,IAAM,gBAAN,MAAoB;AAAA,EAgBvB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACA,YACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAE1B,SAAK,aAAa;AAAA,EACtB;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA4BO,SAAS,OAAO,YAAyC;AAC5D,SAAO,IAAI;AAAA,IACP,WAAW;AAAA,IACX,WAAW;AAAA,IACX,uBAAuB,WAAW,yBAAyB;AAAA,IAC3D,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,EACf;AACJ;AAEO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;AClPO,IAAM,wBAAN,cAAoC,MAAM;AAAA,EAI7C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;AAEO,IAAM,yBAAN,cAAqC,MAAM;AAAA,EAI9C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;;;ACjBA,WAAsB;AAyBf,IAAM,2BAA2B;AACjC,IAAM,4BAA4B;AAYlC,SAAS,mBAAmB;AAC/B,SAAO,WAAW,EAAE;AACxB;AAEO,SAAS,aAAa;AACzB,QAAM,UAAU,QAAQ,IAAI;AAC5B,MAAI,CAAC,SAAS;AACV,UAAM,IAAI,MAAM,iCAAiC;AAAA,EACrD;AACA,SAAO,IAAI,IAAI,OAAO;AAC1B;AAUO,SAAS,uBAAuB;AACnC,QAAM,oBAAoB,QAAQ,IAAI;AACtC,MAAI,CAAC,mBAAmB;AACpB,UAAM,IAAI,MAAM,+BAA+B;AAAA,EACnD;AACA,SAAO;AACX;AAEO,SAAS,iBAAiB;AAC7B,QAAM,cAAc,QAAQ,IAAI;AAChC,MAAI,CAAC,aAAa;AACd,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACxD;AACA,SAAO,YAAY,QAAQ,QAAQ,IAAI;AAC3C;AAEA,SAAsB,sCAAsC,cAAqD;AAAA;AAC7G,UAAM,OAAO;AAAA,MACT,eAAe;AAAA,IACnB;AACA,UAAM,MAAM,GAAG,iBAAiB;AAChC,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAC9B,QAAQ;AAAA,MACR,MAAM,KAAK,UAAU,IAAI;AAAA,MACzB,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,eAAe,YAAY,qBAAqB;AAAA,MACpD;AAAA,IACJ,CAAC;AAED,QAAI,SAAS,IAAI;AACb,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,YAAM,kBAAkB,KAAK;AAC7B,YAAM;AAAA,QACF,cAAc;AAAA,QACd,oBAAoB;AAAA,MACxB,IAAI,KAAK;AAET,aAAO;AAAA,QACH,cAAc;AAAA,QACd;AAAA,QACA,OAAO;AAAA,MACX;AAAA,IACJ,WAAW,SAAS,WAAW,OAAO,SAAS,WAAW,KAAK;AAC3D,aAAO,EAAC,OAAO,eAAc;AAAA,IACjC,OAAO;AACH,aAAO,EAAC,OAAO,aAAY;AAAA,IAC/B;AAAA,EACJ;AAAA;AAEA,SAAsB,+BAA+B,aAAqE;AAAA;AACtH,QAAI;AACA,aAAO,MAAM,oBAAoB,WAAW;AAAA,IAChD,SAAS,KAAP;AACE,UAAI,eAAe,wBAAwB;AACvC,cAAM;AAAA,MACV,WAAW,eAAe,uBAAuB;AAC7C,eAAO;AAAA,MACX,OAAO;AACH,gBAAQ,KAAK,iCAAiC,GAAG;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAAA,EACJ;AAAA;AAEA,SAAsB,oBAAoB,aAAyD;AAAA;AAC/F,QAAI;AACJ,QAAI;AACA,kBAAY,MAAW,gBAAW,eAAe,GAAG,OAAO;AAAA,IAC/D,SAAS,KAAP;AACE,cAAQ,MAAM,wFAAwF,GAAG;AACzG,YAAM,IAAI,uBAAuB,sBAAsB;AAAA,IAC3D;AAEA,QAAI,CAAC,aAAa;AACd,YAAM,IAAI,sBAAsB,0BAA0B;AAAA,IAC9D;AAEA,QAAI,2BAA2B;AAC/B,QAAI,YAAY,YAAY,EAAE,WAAW,SAAS,GAAG;AACjD,iCAA2B,YAAY,UAAU,UAAU,MAAM;AAAA,IACrE;AAEA,QAAI;AACA,YAAM,EAAC,QAAO,IAAI,MAAW,eAAU,0BAA0B,WAAW;AAAA,QACxE,QAAQ,iBAAiB;AAAA,QACzB,YAAY,CAAC,OAAO;AAAA,MACxB,CAAC;AAED,aAAO,OAAqB,OAAO;AAAA,IACvC,SAAS,GAAP;AACE,UAAI,aAAa,OAAO;AACpB,cAAM,IAAI,sBAAsB,EAAE,OAAO;AAAA,MAC7C,OAAO;AACH,cAAM,IAAI,sBAAsB,sBAAsB;AAAA,MAC1D;AAAA,IACJ;AAAA,EACJ;AAAA;;;ACrJA,SAAsB,2BAA2B,OAAkC,eAAwB,OAAO;AAAA;AAC9G,UAAM,cAAc,MAAM,IAAI,QAAQ,wBAAwB;AAC9D,UAAM,eAAe,MAAM,IAAI,QAAQ,yBAAyB;AAGhE,QAAI,eAAe,CAAC,cAAc;AAC9B,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO;AAAA,MACX;AAAA,IACJ;AAGA,QAAI,cAAc;AACd,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,cAAM,IAAI,UAAU,cAAc;AAAA,UAC9B,GAAG;AAAA,UACH,GAAG;AAAA,QACP,CAAC;AACD,eAAO;AAAA,MACX,OAAO;AACH,cAAM,OAAO,MAAM,oBAAoB,SAAS,WAAW;AAC3D,cAAM,IAAI,UAAU,cAAc;AAAA,UAC9B,GAAG,4BAA4B,SAAS;AAAA,UACxC,GAAG,6BAA6B,SAAS;AAAA,QAC7C,CAAC;AACD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA;AAEA,SAAsB,2BAClB,KACA,KACA,eAAwB,OAC1B;AAAA;AACE,UAAM,cAAc,IAAI,QAAQ,wBAAwB;AACxD,UAAM,eAAe,IAAI,QAAQ,yBAAyB;AAG1D,QAAI,eAAe,CAAC,cAAc;AAC9B,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO;AAAA,MACX;AAAA,IACJ;AAGA,QAAI,cAAc;AACd,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,YAAI,UAAU,cAAc;AAAA,UACxB,GAAG;AAAA,UACH,GAAG;AAAA,QACP,CAAC;AACD,eAAO;AAAA,MACX,OAAO;AACH,cAAM,OAAO,MAAM,oBAAoB,SAAS,WAAW;AAC3D,YAAI,UAAU,cAAc;AAAA,UACxB,GAAG,4BAA4B,SAAS;AAAA,UACxC,GAAG,6BAA6B,SAAS;AAAA,QAC7C,CAAC;AACD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA;","names":[]}
package/dist/server/pages/index.mjs CHANGED
@@ -320,11 +320,11 @@ function getUserFromServerSideProps(props, forceRefresh = false) {
320
320
  return void 0;
321
321
  });
322
322
  }
323
- function getUserFromApiRouteRequest(req, res) {
323
+ function getUserFromApiRouteRequest(req, res, forceRefresh = false) {
324
324
  return __async(this, null, function* () {
325
325
  const accessToken = req.cookies[ACCESS_TOKEN_COOKIE_NAME];
326
326
  const refreshToken = req.cookies[REFRESH_TOKEN_COOKIE_NAME];
327
- if (accessToken) {
327
+ if (accessToken && !forceRefresh) {
328
328
  const user = yield validateAccessTokenOrUndefined(accessToken);
329
329
  if (user) {
330
330
  return user;
package/dist/server/pages/index.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/user.ts","../../../src/server/exceptions.ts","../../../src/server/shared.ts","../../../src/server/pages.ts"],"sourcesContent":["export class UserFromToken {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n public properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string,\n properties?: { [key: string]: unknown },\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n\n this.properties = properties\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): UserFromToken {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new UserFromToken(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId,\n obj.properties,\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n public userAssignedRole: string\n public userInheritedRolesPlusCurrentRole: string[]\n public userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n return new UserFromToken(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId,\n snake_case.properties,\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","export class UnauthorizedException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 401\n }\n}\n\nexport class ConfigurationException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 500\n }\n}\n","import {ResponseCookie} from \"next/dist/compiled/@edge-runtime/cookies\";\nimport {InternalUser, toUser, UserFromToken} from \"../user\";\nimport {ConfigurationException, UnauthorizedException} from \"./exceptions\";\nimport * as jose from \"jose\";\n\ntype RefreshAndAccessTokens = {\n refreshToken: string\n accessToken: string\n error: \"none\"\n}\n\ntype RefreshAndAccessTokensUnauthorizedError = {\n error: \"unauthorized\"\n}\n\ntype RefreshAndAccessTokensUnexpectedError = {\n error: \"unexpected\"\n}\n\nexport type RefreshTokenResponse =\n RefreshAndAccessTokens\n | RefreshAndAccessTokensUnauthorizedError\n | RefreshAndAccessTokensUnexpectedError\n\nexport const LOGIN_PATH = \"/api/auth/login\"\nexport const CALLBACK_PATH = \"/api/auth/callback\"\nexport const USERINFO_PATH = \"/api/auth/userinfo\"\nexport const LOGOUT_PATH = \"/api/auth/logout\"\nexport const ACCESS_TOKEN_COOKIE_NAME = \"__pa_at\"\nexport const REFRESH_TOKEN_COOKIE_NAME = \"__pa_rt\"\nexport const STATE_COOKIE_NAME = \"__pa_state\"\nexport const CUSTOM_HEADER_FOR_ACCESS_TOKEN = \"x-propelauth-access-token\"\nexport const RETURN_TO_PATH_COOKIE_NAME = \"__pa_return_to_path\"\n\nexport const COOKIE_OPTIONS: Partial<ResponseCookie> = {\n httpOnly: true,\n sameSite: \"lax\",\n secure: true,\n path: \"/\",\n}\n\nexport function getAuthUrlOrigin() {\n return getAuthUrl().origin\n}\n\nexport function getAuthUrl() {\n const authUrl = process.env.NEXT_PUBLIC_AUTH_URL\n if (!authUrl) {\n throw new Error(\"NEXT_PUBLIC_AUTH_URL is not set\")\n }\n return new URL(authUrl)\n}\n\nexport function getRedirectUri() {\n const redirectUri = process.env.PROPELAUTH_REDIRECT_URI\n if (!redirectUri) {\n throw new Error(\"PROPELAUTH_REDIRECT_URI is not set\")\n }\n return redirectUri\n}\n\nexport function getIntegrationApiKey() {\n const integrationApiKey = process.env.PROPELAUTH_API_KEY\n if (!integrationApiKey) {\n throw new Error(\"PROPELAUTH_API_KEY is not set\")\n }\n return integrationApiKey\n}\n\nexport function getVerifierKey() {\n const verifierKey = process.env.PROPELAUTH_VERIFIER_KEY\n if (!verifierKey) {\n throw new Error(\"PROPELAUTH_VERIFIER_KEY is not set\")\n }\n return verifierKey.replace(/\\\\n/g, \"\\n\")\n}\n\nexport async function refreshTokenWithAccessAndRefreshToken(refreshToken: string): Promise<RefreshTokenResponse> {\n const body = {\n refresh_token: refreshToken,\n }\n const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(body),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + getIntegrationApiKey(),\n },\n })\n\n if (response.ok) {\n const data = await response.json()\n const newRefreshToken = data.refresh_token\n const {\n access_token: accessToken,\n expires_at_seconds: expiresAtSeconds,\n } = data.access_token\n\n return {\n refreshToken: newRefreshToken,\n accessToken,\n error: \"none\",\n }\n } else if (response.status === 400 || response.status === 401) {\n return {error: \"unauthorized\"}\n } else {\n return {error: \"unexpected\"}\n }\n}\n\nexport async function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<UserFromToken | undefined> {\n try {\n return await validateAccessToken(accessToken)\n } catch (err) {\n if (err instanceof ConfigurationException) {\n throw err\n } else if (err instanceof UnauthorizedException) {\n return undefined\n } else {\n console.info(\"Error validating access token\", err)\n return undefined\n }\n }\n}\n\nexport async function validateAccessToken(accessToken: string | undefined): Promise<UserFromToken> {\n let publicKey\n try {\n publicKey = await jose.importSPKI(getVerifierKey(), \"RS256\")\n } catch (err) {\n console.error(\"Verifier key is invalid. Make sure it's specified correctly, including the newlines.\", err)\n throw new ConfigurationException(\"Invalid verifier key\")\n }\n\n if (!accessToken) {\n throw new UnauthorizedException(\"No access token provided\")\n }\n\n let accessTokenWithoutBearer = accessToken\n if (accessToken.toLowerCase().startsWith(\"bearer \")) {\n accessTokenWithoutBearer = accessToken.substring(\"bearer \".length)\n }\n\n try {\n const {payload} = await jose.jwtVerify(accessTokenWithoutBearer, publicKey, {\n issuer: getAuthUrlOrigin(),\n algorithms: [\"RS256\"],\n })\n\n return toUser(<InternalUser>payload)\n } catch (e) {\n if (e instanceof Error) {\n throw new UnauthorizedException(e.message)\n } else {\n throw new UnauthorizedException(\"Unable to decode jwt\")\n }\n }\n}\n","import {GetServerSidePropsContext, NextApiRequest, NextApiResponse} from \"next\";\nimport {\n ACCESS_TOKEN_COOKIE_NAME,\n REFRESH_TOKEN_COOKIE_NAME,\n refreshTokenWithAccessAndRefreshToken, validateAccessToken,\n validateAccessTokenOrUndefined\n} from \"./shared\";\n\nexport async function getUserFromServerSideProps(props: GetServerSidePropsContext, forceRefresh: boolean = false) {\n const accessToken = props.req.cookies[ACCESS_TOKEN_COOKIE_NAME]\n const refreshToken = props.req.cookies[REFRESH_TOKEN_COOKIE_NAME]\n\n // If we are authenticated, we can continue\n if (accessToken && !forceRefresh) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return user\n }\n }\n\n // Otherwise, we need to refresh the access token\n if (refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === \"unexpected\") {\n throw new Error(\"Unexpected error while refreshing access token\")\n } else if (response.error === \"unauthorized\") {\n props.res.setHeader(\"Set-Cookie\", [\n `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n ])\n return undefined\n } else {\n const user = await validateAccessToken(response.accessToken)\n props.res.setHeader(\"Set-Cookie\", [\n `${ACCESS_TOKEN_COOKIE_NAME}=${response.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n `${REFRESH_TOKEN_COOKIE_NAME}=${response.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n ])\n return user\n }\n }\n\n return undefined\n}\n\nexport async function getUserFromApiRouteRequest(req: NextApiRequest, res: NextApiResponse) {\n const accessToken = req.cookies[ACCESS_TOKEN_COOKIE_NAME]\n const refreshToken = req.cookies[REFRESH_TOKEN_COOKIE_NAME]\n\n // If we are authenticated, we can continue\n if (accessToken) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return user\n }\n }\n\n // Otherwise, we need to refresh the access token\n if (refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === \"unexpected\") {\n throw new Error(\"Unexpected error while refreshing access token\")\n } else if (response.error === \"unauthorized\") {\n res.setHeader(\"Set-Cookie\", [\n `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n ])\n return undefined\n } else {\n const user = await validateAccessToken(response.accessToken)\n res.setHeader(\"Set-Cookie\", [\n `${ACCESS_TOKEN_COOKIE_NAME}=${response.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n `${REFRESH_TOKEN_COOKIE_NAME}=${response.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n ])\n return user\n }\n }\n\n return undefined\n\n}"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAO,IAAM,gBAAN,MAAoB;AAAA,EAgBvB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACA,YACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAE1B,SAAK,aAAa;AAAA,EACtB;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA4BO,SAAS,OAAO,YAAyC;AAC5D,SAAO,IAAI;AAAA,IACP,WAAW;AAAA,IACX,WAAW;AAAA,IACX,uBAAuB,WAAW,yBAAyB;AAAA,IAC3D,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,EACf;AACJ;AAEO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;AClPO,IAAM,wBAAN,cAAoC,MAAM;AAAA,EAI7C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;AAEO,IAAM,yBAAN,cAAqC,MAAM;AAAA,EAI9C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;;;ACjBA,YAAY,UAAU;AAyBf,IAAM,2BAA2B;AACjC,IAAM,4BAA4B;AAYlC,SAAS,mBAAmB;AAC/B,SAAO,WAAW,EAAE;AACxB;AAEO,SAAS,aAAa;AACzB,QAAM,UAAU,QAAQ,IAAI;AAC5B,MAAI,CAAC,SAAS;AACV,UAAM,IAAI,MAAM,iCAAiC;AAAA,EACrD;AACA,SAAO,IAAI,IAAI,OAAO;AAC1B;AAUO,SAAS,uBAAuB;AACnC,QAAM,oBAAoB,QAAQ,IAAI;AACtC,MAAI,CAAC,mBAAmB;AACpB,UAAM,IAAI,MAAM,+BAA+B;AAAA,EACnD;AACA,SAAO;AACX;AAEO,SAAS,iBAAiB;AAC7B,QAAM,cAAc,QAAQ,IAAI;AAChC,MAAI,CAAC,aAAa;AACd,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACxD;AACA,SAAO,YAAY,QAAQ,QAAQ,IAAI;AAC3C;AAEA,SAAsB,sCAAsC,cAAqD;AAAA;AAC7G,UAAM,OAAO;AAAA,MACT,eAAe;AAAA,IACnB;AACA,UAAM,MAAM,GAAG,iBAAiB;AAChC,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAC9B,QAAQ;AAAA,MACR,MAAM,KAAK,UAAU,IAAI;AAAA,MACzB,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,eAAe,YAAY,qBAAqB;AAAA,MACpD;AAAA,IACJ,CAAC;AAED,QAAI,SAAS,IAAI;AACb,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,YAAM,kBAAkB,KAAK;AAC7B,YAAM;AAAA,QACF,cAAc;AAAA,QACd,oBAAoB;AAAA,MACxB,IAAI,KAAK;AAET,aAAO;AAAA,QACH,cAAc;AAAA,QACd;AAAA,QACA,OAAO;AAAA,MACX;AAAA,IACJ,WAAW,SAAS,WAAW,OAAO,SAAS,WAAW,KAAK;AAC3D,aAAO,EAAC,OAAO,eAAc;AAAA,IACjC,OAAO;AACH,aAAO,EAAC,OAAO,aAAY;AAAA,IAC/B;AAAA,EACJ;AAAA;AAEA,SAAsB,+BAA+B,aAAqE;AAAA;AACtH,QAAI;AACA,aAAO,MAAM,oBAAoB,WAAW;AAAA,IAChD,SAAS,KAAP;AACE,UAAI,eAAe,wBAAwB;AACvC,cAAM;AAAA,MACV,WAAW,eAAe,uBAAuB;AAC7C,eAAO;AAAA,MACX,OAAO;AACH,gBAAQ,KAAK,iCAAiC,GAAG;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAAA,EACJ;AAAA;AAEA,SAAsB,oBAAoB,aAAyD;AAAA;AAC/F,QAAI;AACJ,QAAI;AACA,kBAAY,MAAW,gBAAW,eAAe,GAAG,OAAO;AAAA,IAC/D,SAAS,KAAP;AACE,cAAQ,MAAM,wFAAwF,GAAG;AACzG,YAAM,IAAI,uBAAuB,sBAAsB;AAAA,IAC3D;AAEA,QAAI,CAAC,aAAa;AACd,YAAM,IAAI,sBAAsB,0BAA0B;AAAA,IAC9D;AAEA,QAAI,2BAA2B;AAC/B,QAAI,YAAY,YAAY,EAAE,WAAW,SAAS,GAAG;AACjD,iCAA2B,YAAY,UAAU,UAAU,MAAM;AAAA,IACrE;AAEA,QAAI;AACA,YAAM,EAAC,QAAO,IAAI,MAAW,eAAU,0BAA0B,WAAW;AAAA,QACxE,QAAQ,iBAAiB;AAAA,QACzB,YAAY,CAAC,OAAO;AAAA,MACxB,CAAC;AAED,aAAO,OAAqB,OAAO;AAAA,IACvC,SAAS,GAAP;AACE,UAAI,aAAa,OAAO;AACpB,cAAM,IAAI,sBAAsB,EAAE,OAAO;AAAA,MAC7C,OAAO;AACH,cAAM,IAAI,sBAAsB,sBAAsB;AAAA,MAC1D;AAAA,IACJ;AAAA,EACJ;AAAA;;;ACtJA,SAAsB,2BAA2B,OAAkC,eAAwB,OAAO;AAAA;AAC9G,UAAM,cAAc,MAAM,IAAI,QAAQ,wBAAwB;AAC9D,UAAM,eAAe,MAAM,IAAI,QAAQ,yBAAyB;AAGhE,QAAI,eAAe,CAAC,cAAc;AAC9B,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO;AAAA,MACX;AAAA,IACJ;AAGA,QAAI,cAAc;AACd,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,cAAM,IAAI,UAAU,cAAc;AAAA,UAC9B,GAAG;AAAA,UACH,GAAG;AAAA,QACP,CAAC;AACD,eAAO;AAAA,MACX,OAAO;AACH,cAAM,OAAO,MAAM,oBAAoB,SAAS,WAAW;AAC3D,cAAM,IAAI,UAAU,cAAc;AAAA,UAC9B,GAAG,4BAA4B,SAAS;AAAA,UACxC,GAAG,6BAA6B,SAAS;AAAA,QAC7C,CAAC;AACD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA;AAEA,SAAsB,2BAA2B,KAAqB,KAAsB;AAAA;AACxF,UAAM,cAAc,IAAI,QAAQ,wBAAwB;AACxD,UAAM,eAAe,IAAI,QAAQ,yBAAyB;AAG1D,QAAI,aAAa;AACb,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO;AAAA,MACX;AAAA,IACJ;AAGA,QAAI,cAAc;AACd,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,YAAI,UAAU,cAAc;AAAA,UACxB,GAAG;AAAA,UACH,GAAG;AAAA,QACP,CAAC;AACD,eAAO;AAAA,MACX,OAAO;AACH,cAAM,OAAO,MAAM,oBAAoB,SAAS,WAAW;AAC3D,YAAI,UAAU,cAAc;AAAA,UACxB,GAAG,4BAA4B,SAAS;AAAA,UACxC,GAAG,6BAA6B,SAAS;AAAA,QAC7C,CAAC;AACD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EAEX;AAAA;","names":[]}
1
+ {"version":3,"sources":["../../../src/user.ts","../../../src/server/exceptions.ts","../../../src/server/shared.ts","../../../src/server/pages.ts"],"sourcesContent":["export class UserFromToken {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n public properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string,\n properties?: { [key: string]: unknown },\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n\n this.properties = properties\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): UserFromToken {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new UserFromToken(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId,\n obj.properties,\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n public userAssignedRole: string\n public userInheritedRolesPlusCurrentRole: string[]\n public userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n properties?: { [key: string]: unknown }\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): UserFromToken {\n return new UserFromToken(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId,\n snake_case.properties,\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","export class UnauthorizedException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 401\n }\n}\n\nexport class ConfigurationException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 500\n }\n}\n","import {ResponseCookie} from \"next/dist/compiled/@edge-runtime/cookies\";\nimport {InternalUser, toUser, UserFromToken} from \"../user\";\nimport {ConfigurationException, UnauthorizedException} from \"./exceptions\";\nimport * as jose from \"jose\";\n\ntype RefreshAndAccessTokens = {\n refreshToken: string\n accessToken: string\n error: \"none\"\n}\n\ntype RefreshAndAccessTokensUnauthorizedError = {\n error: \"unauthorized\"\n}\n\ntype RefreshAndAccessTokensUnexpectedError = {\n error: \"unexpected\"\n}\n\nexport type RefreshTokenResponse =\n RefreshAndAccessTokens\n | RefreshAndAccessTokensUnauthorizedError\n | RefreshAndAccessTokensUnexpectedError\n\nexport const LOGIN_PATH = \"/api/auth/login\"\nexport const CALLBACK_PATH = \"/api/auth/callback\"\nexport const USERINFO_PATH = \"/api/auth/userinfo\"\nexport const LOGOUT_PATH = \"/api/auth/logout\"\nexport const ACCESS_TOKEN_COOKIE_NAME = \"__pa_at\"\nexport const REFRESH_TOKEN_COOKIE_NAME = \"__pa_rt\"\nexport const STATE_COOKIE_NAME = \"__pa_state\"\nexport const CUSTOM_HEADER_FOR_ACCESS_TOKEN = \"x-propelauth-access-token\"\nexport const RETURN_TO_PATH_COOKIE_NAME = \"__pa_return_to_path\"\n\nexport const COOKIE_OPTIONS: Partial<ResponseCookie> = {\n httpOnly: true,\n sameSite: \"lax\",\n secure: true,\n path: \"/\",\n}\n\nexport function getAuthUrlOrigin() {\n return getAuthUrl().origin\n}\n\nexport function getAuthUrl() {\n const authUrl = process.env.NEXT_PUBLIC_AUTH_URL\n if (!authUrl) {\n throw new Error(\"NEXT_PUBLIC_AUTH_URL is not set\")\n }\n return new URL(authUrl)\n}\n\nexport function getRedirectUri() {\n const redirectUri = process.env.PROPELAUTH_REDIRECT_URI\n if (!redirectUri) {\n throw new Error(\"PROPELAUTH_REDIRECT_URI is not set\")\n }\n return redirectUri\n}\n\nexport function getIntegrationApiKey() {\n const integrationApiKey = process.env.PROPELAUTH_API_KEY\n if (!integrationApiKey) {\n throw new Error(\"PROPELAUTH_API_KEY is not set\")\n }\n return integrationApiKey\n}\n\nexport function getVerifierKey() {\n const verifierKey = process.env.PROPELAUTH_VERIFIER_KEY\n if (!verifierKey) {\n throw new Error(\"PROPELAUTH_VERIFIER_KEY is not set\")\n }\n return verifierKey.replace(/\\\\n/g, \"\\n\")\n}\n\nexport async function refreshTokenWithAccessAndRefreshToken(refreshToken: string): Promise<RefreshTokenResponse> {\n const body = {\n refresh_token: refreshToken,\n }\n const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(body),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + getIntegrationApiKey(),\n },\n })\n\n if (response.ok) {\n const data = await response.json()\n const newRefreshToken = data.refresh_token\n const {\n access_token: accessToken,\n expires_at_seconds: expiresAtSeconds,\n } = data.access_token\n\n return {\n refreshToken: newRefreshToken,\n accessToken,\n error: \"none\",\n }\n } else if (response.status === 400 || response.status === 401) {\n return {error: \"unauthorized\"}\n } else {\n return {error: \"unexpected\"}\n }\n}\n\nexport async function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<UserFromToken | undefined> {\n try {\n return await validateAccessToken(accessToken)\n } catch (err) {\n if (err instanceof ConfigurationException) {\n throw err\n } else if (err instanceof UnauthorizedException) {\n return undefined\n } else {\n console.info(\"Error validating access token\", err)\n return undefined\n }\n }\n}\n\nexport async function validateAccessToken(accessToken: string | undefined): Promise<UserFromToken> {\n let publicKey\n try {\n publicKey = await jose.importSPKI(getVerifierKey(), \"RS256\")\n } catch (err) {\n console.error(\"Verifier key is invalid. Make sure it's specified correctly, including the newlines.\", err)\n throw new ConfigurationException(\"Invalid verifier key\")\n }\n\n if (!accessToken) {\n throw new UnauthorizedException(\"No access token provided\")\n }\n\n let accessTokenWithoutBearer = accessToken\n if (accessToken.toLowerCase().startsWith(\"bearer \")) {\n accessTokenWithoutBearer = accessToken.substring(\"bearer \".length)\n }\n\n try {\n const {payload} = await jose.jwtVerify(accessTokenWithoutBearer, publicKey, {\n issuer: getAuthUrlOrigin(),\n algorithms: [\"RS256\"],\n })\n\n return toUser(<InternalUser>payload)\n } catch (e) {\n if (e instanceof Error) {\n throw new UnauthorizedException(e.message)\n } else {\n throw new UnauthorizedException(\"Unable to decode jwt\")\n }\n }\n}\n","import { GetServerSidePropsContext, NextApiRequest, NextApiResponse } from 'next'\nimport {\n ACCESS_TOKEN_COOKIE_NAME,\n REFRESH_TOKEN_COOKIE_NAME,\n refreshTokenWithAccessAndRefreshToken,\n validateAccessToken,\n validateAccessTokenOrUndefined,\n} from './shared'\n\nexport async function getUserFromServerSideProps(props: GetServerSidePropsContext, forceRefresh: boolean = false) {\n const accessToken = props.req.cookies[ACCESS_TOKEN_COOKIE_NAME]\n const refreshToken = props.req.cookies[REFRESH_TOKEN_COOKIE_NAME]\n\n // If we are authenticated, we can continue\n if (accessToken && !forceRefresh) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return user\n }\n }\n\n // Otherwise, we need to refresh the access token\n if (refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === 'unexpected') {\n throw new Error('Unexpected error while refreshing access token')\n } else if (response.error === 'unauthorized') {\n props.res.setHeader('Set-Cookie', [\n `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n ])\n return undefined\n } else {\n const user = await validateAccessToken(response.accessToken)\n props.res.setHeader('Set-Cookie', [\n `${ACCESS_TOKEN_COOKIE_NAME}=${response.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n `${REFRESH_TOKEN_COOKIE_NAME}=${response.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n ])\n return user\n }\n }\n\n return undefined\n}\n\nexport async function getUserFromApiRouteRequest(\n req: NextApiRequest,\n res: NextApiResponse,\n forceRefresh: boolean = false\n) {\n const accessToken = req.cookies[ACCESS_TOKEN_COOKIE_NAME]\n const refreshToken = req.cookies[REFRESH_TOKEN_COOKIE_NAME]\n\n // If we are authenticated, we can continue\n if (accessToken && !forceRefresh) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return user\n }\n }\n\n // Otherwise, we need to refresh the access token\n if (refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === 'unexpected') {\n throw new Error('Unexpected error while refreshing access token')\n } else if (response.error === 'unauthorized') {\n res.setHeader('Set-Cookie', [\n `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n ])\n return undefined\n } else {\n const user = await validateAccessToken(response.accessToken)\n res.setHeader('Set-Cookie', [\n `${ACCESS_TOKEN_COOKIE_NAME}=${response.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n `${REFRESH_TOKEN_COOKIE_NAME}=${response.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n ])\n return user\n }\n }\n\n return undefined\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAO,IAAM,gBAAN,MAAoB;AAAA,EAgBvB,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACA,YACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAE1B,SAAK,aAAa;AAAA,EACtB;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA4BO,SAAS,OAAO,YAAyC;AAC5D,SAAO,IAAI;AAAA,IACP,WAAW;AAAA,IACX,WAAW;AAAA,IACX,uBAAuB,WAAW,yBAAyB;AAAA,IAC3D,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,EACf;AACJ;AAEO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;AClPO,IAAM,wBAAN,cAAoC,MAAM;AAAA,EAI7C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;AAEO,IAAM,yBAAN,cAAqC,MAAM;AAAA,EAI9C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;;;ACjBA,YAAY,UAAU;AAyBf,IAAM,2BAA2B;AACjC,IAAM,4BAA4B;AAYlC,SAAS,mBAAmB;AAC/B,SAAO,WAAW,EAAE;AACxB;AAEO,SAAS,aAAa;AACzB,QAAM,UAAU,QAAQ,IAAI;AAC5B,MAAI,CAAC,SAAS;AACV,UAAM,IAAI,MAAM,iCAAiC;AAAA,EACrD;AACA,SAAO,IAAI,IAAI,OAAO;AAC1B;AAUO,SAAS,uBAAuB;AACnC,QAAM,oBAAoB,QAAQ,IAAI;AACtC,MAAI,CAAC,mBAAmB;AACpB,UAAM,IAAI,MAAM,+BAA+B;AAAA,EACnD;AACA,SAAO;AACX;AAEO,SAAS,iBAAiB;AAC7B,QAAM,cAAc,QAAQ,IAAI;AAChC,MAAI,CAAC,aAAa;AACd,UAAM,IAAI,MAAM,oCAAoC;AAAA,EACxD;AACA,SAAO,YAAY,QAAQ,QAAQ,IAAI;AAC3C;AAEA,SAAsB,sCAAsC,cAAqD;AAAA;AAC7G,UAAM,OAAO;AAAA,MACT,eAAe;AAAA,IACnB;AACA,UAAM,MAAM,GAAG,iBAAiB;AAChC,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAC9B,QAAQ;AAAA,MACR,MAAM,KAAK,UAAU,IAAI;AAAA,MACzB,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,eAAe,YAAY,qBAAqB;AAAA,MACpD;AAAA,IACJ,CAAC;AAED,QAAI,SAAS,IAAI;AACb,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,YAAM,kBAAkB,KAAK;AAC7B,YAAM;AAAA,QACF,cAAc;AAAA,QACd,oBAAoB;AAAA,MACxB,IAAI,KAAK;AAET,aAAO;AAAA,QACH,cAAc;AAAA,QACd;AAAA,QACA,OAAO;AAAA,MACX;AAAA,IACJ,WAAW,SAAS,WAAW,OAAO,SAAS,WAAW,KAAK;AAC3D,aAAO,EAAC,OAAO,eAAc;AAAA,IACjC,OAAO;AACH,aAAO,EAAC,OAAO,aAAY;AAAA,IAC/B;AAAA,EACJ;AAAA;AAEA,SAAsB,+BAA+B,aAAqE;AAAA;AACtH,QAAI;AACA,aAAO,MAAM,oBAAoB,WAAW;AAAA,IAChD,SAAS,KAAP;AACE,UAAI,eAAe,wBAAwB;AACvC,cAAM;AAAA,MACV,WAAW,eAAe,uBAAuB;AAC7C,eAAO;AAAA,MACX,OAAO;AACH,gBAAQ,KAAK,iCAAiC,GAAG;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAAA,EACJ;AAAA;AAEA,SAAsB,oBAAoB,aAAyD;AAAA;AAC/F,QAAI;AACJ,QAAI;AACA,kBAAY,MAAW,gBAAW,eAAe,GAAG,OAAO;AAAA,IAC/D,SAAS,KAAP;AACE,cAAQ,MAAM,wFAAwF,GAAG;AACzG,YAAM,IAAI,uBAAuB,sBAAsB;AAAA,IAC3D;AAEA,QAAI,CAAC,aAAa;AACd,YAAM,IAAI,sBAAsB,0BAA0B;AAAA,IAC9D;AAEA,QAAI,2BAA2B;AAC/B,QAAI,YAAY,YAAY,EAAE,WAAW,SAAS,GAAG;AACjD,iCAA2B,YAAY,UAAU,UAAU,MAAM;AAAA,IACrE;AAEA,QAAI;AACA,YAAM,EAAC,QAAO,IAAI,MAAW,eAAU,0BAA0B,WAAW;AAAA,QACxE,QAAQ,iBAAiB;AAAA,QACzB,YAAY,CAAC,OAAO;AAAA,MACxB,CAAC;AAED,aAAO,OAAqB,OAAO;AAAA,IACvC,SAAS,GAAP;AACE,UAAI,aAAa,OAAO;AACpB,cAAM,IAAI,sBAAsB,EAAE,OAAO;AAAA,MAC7C,OAAO;AACH,cAAM,IAAI,sBAAsB,sBAAsB;AAAA,MAC1D;AAAA,IACJ;AAAA,EACJ;AAAA;;;ACrJA,SAAsB,2BAA2B,OAAkC,eAAwB,OAAO;AAAA;AAC9G,UAAM,cAAc,MAAM,IAAI,QAAQ,wBAAwB;AAC9D,UAAM,eAAe,MAAM,IAAI,QAAQ,yBAAyB;AAGhE,QAAI,eAAe,CAAC,cAAc;AAC9B,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO;AAAA,MACX;AAAA,IACJ;AAGA,QAAI,cAAc;AACd,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,cAAM,IAAI,UAAU,cAAc;AAAA,UAC9B,GAAG;AAAA,UACH,GAAG;AAAA,QACP,CAAC;AACD,eAAO;AAAA,MACX,OAAO;AACH,cAAM,OAAO,MAAM,oBAAoB,SAAS,WAAW;AAC3D,cAAM,IAAI,UAAU,cAAc;AAAA,UAC9B,GAAG,4BAA4B,SAAS;AAAA,UACxC,GAAG,6BAA6B,SAAS;AAAA,QAC7C,CAAC;AACD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA;AAEA,SAAsB,2BAClB,KACA,KACA,eAAwB,OAC1B;AAAA;AACE,UAAM,cAAc,IAAI,QAAQ,wBAAwB;AACxD,UAAM,eAAe,IAAI,QAAQ,yBAAyB;AAG1D,QAAI,eAAe,CAAC,cAAc;AAC9B,YAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,UAAI,MAAM;AACN,eAAO;AAAA,MACX;AAAA,IACJ;AAGA,QAAI,cAAc;AACd,YAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,UAAI,SAAS,UAAU,cAAc;AACjC,cAAM,IAAI,MAAM,gDAAgD;AAAA,MACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,YAAI,UAAU,cAAc;AAAA,UACxB,GAAG;AAAA,UACH,GAAG;AAAA,QACP,CAAC;AACD,eAAO;AAAA,MACX,OAAO;AACH,cAAM,OAAO,MAAM,oBAAoB,SAAS,WAAW;AAC3D,YAAI,UAAU,cAAc;AAAA,UACxB,GAAG,4BAA4B,SAAS;AAAA,UACxC,GAAG,6BAA6B,SAAS;AAAA,QAC7C,CAAC;AACD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA;","names":[]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@propelauth/nextjs",
3
- "version": "0.0.113",
3
+ "version": "0.0.115",
4
4
  "exports": {
5
5
  "./server": {
6
6
  "browser": "./dist/server/index.mjs",
@@ -69,6 +69,6 @@
69
69
  },
70
70
  "dependencies": {
71
71
  "@propelauth/node-apis": "^2.1.4",
72
- "jose": "^4.14.4"
72
+ "jose": "^4.15.5"
73
73
  }
74
74
  }