@propelauth/nextjs 0.0.60 → 0.0.63

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. package/README.md +66 -26
  2. package/dist/client/index.js +7 -3
  3. package/dist/client/index.js.map +1 -1
  4. package/dist/client/index.mjs +5 -3
  5. package/dist/client/index.mjs.map +1 -1
  6. package/dist/server/index.d.ts +2 -0
  7. package/dist/server/index.js +56 -21
  8. package/dist/server/index.js.map +1 -1
  9. package/dist/server/index.mjs +54 -21
  10. package/dist/server/index.mjs.map +1 -1
  11. package/package.json +1 -1
package/README.md CHANGED
@@ -1,8 +1,8 @@
1
- # PropelAuth Next.js (v13 / AppRouter) Library
1
+ # PropelAuth Next.js (v13+) Library
2
2
 
3
3
  [PropelAuth](https://www.propelauth.com?utm_source=github&utm_medium=library&utm_campaign=nextjs) is a user management and authentication service for your B2B/multi-tenant applications.
4
4
 
5
- This library provides a simple way to integrate your Next.js application with PropelAuth.
5
+ This library provides a simple way to integrate your Next.js application (either AppRouter or Pages) with PropelAuth.
6
6
 
7
7
  ## Installation
8
8
 
@@ -31,6 +31,7 @@ export const {
31
31
  postRouteHandler,
32
32
  getUser,
33
33
  getUserOrRedirect,
34
+ getUserFromServerSideProps,
34
35
  validateAccessToken,
35
36
  validateAccessTokenOrUndefined,
36
37
  authMiddleware,
@@ -40,28 +41,7 @@ export const {
40
41
  This file exports all of our server-side functions that you will need to use in your application.
41
42
  You can find all the env variables for your application in the PropelAuth Dashboard under **Backend Integration**.
42
43
 
43
- ### 1. Set up middleware
44
-
45
- In your `src/middleware.ts` file, add the following:
46
-
47
- ```typescript
48
- import {authMiddleware} from "@/auth";
49
-
50
- export const middleware = authMiddleware
51
-
52
- // The middleware is responsible for keeping the user session up to date.
53
- // It should be called on every request that requires authentication AND /api/auth/.* routes.
54
- export const config = {
55
- matcher: [
56
- // REQUIRED: Match all request paths that start with /api/auth/
57
- '/api/auth/(.*)',
58
- // OPTIONAL: Don't match any static assets
59
- '/((?!_next/static|_next/image|favicon.ico).*)',
60
- ],
61
- }
62
- ```
63
-
64
- ### 2. Set up routes (AppRouter)
44
+ ### 1. Set up routes
65
45
 
66
46
  In your `src/app/api/auth/[slug]` directory, create a file called `route.ts` with the following content:
67
47
 
@@ -72,7 +52,9 @@ export const GET = getRouteHandler
72
52
  export const POST = postRouteHandler
73
53
  ```
74
54
 
75
- ### 3. Set up AuthProvider (AppRouter)
55
+ ### 2. Set up AuthProvider
56
+
57
+ #### AppRouter Version
76
58
 
77
59
  In your root layout, `src/app/layout.tsx`, add the `AuthProvider`:
78
60
 
@@ -88,9 +70,44 @@ export default async function RootLayout({children}: {children: React.ReactNode}
88
70
  }
89
71
  ```
90
72
 
73
+ #### Pages Version
74
+
75
+ In your `_app.tsx` file, add the `AuthProvider`:
76
+
77
+ ```typescript jsx
78
+ export default function MyApp({Component, pageProps}: AppProps) {
79
+ return (
80
+ <AuthProvider authUrl={process.env.NEXT_PUBLIC_AUTH_URL}>
81
+ <Component {...pageProps} />
82
+ </AuthProvider>
83
+ )
84
+ }
85
+ ```
86
+
87
+ ### 3. Set up middleware (AppRouter only - skip if using Pages)
88
+
89
+ In your `src/middleware.ts` file, add the following:
90
+
91
+ ```typescript
92
+ import {authMiddleware} from "@/auth";
93
+
94
+ export const middleware = authMiddleware
95
+
96
+ // The middleware is responsible for keeping the user session up to date.
97
+ // It should be called on every request that requires authentication AND /api/auth/.* routes.
98
+ export const config = {
99
+ matcher: [
100
+ // REQUIRED: Match all request paths that start with /api/auth/
101
+ '/api/auth/(.*)',
102
+ // OPTIONAL: Don't match any static assets
103
+ '/((?!_next/static|_next/image|favicon.ico).*)',
104
+ ],
105
+ }
106
+ ```
107
+
91
108
  ## Usage
92
109
 
93
- ### Get the user in Server Components
110
+ ### Get the user in Server Components (AppRouter example)
94
111
 
95
112
  ```tsx
96
113
  import {getUser} from "@/auth";
@@ -117,6 +134,29 @@ const WelcomeMessage = () => {
117
134
  }
118
135
  ```
119
136
 
137
+ ### Get the user in getServerSideProps (Pages example)
138
+
139
+ ```tsx
140
+ import {GetServerSideProps, InferGetServerSidePropsType} from "next";
141
+ import {getUserFromServerSideProps} from "@/auth";
142
+ import {User} from "@propelauth/nextjs/client";
143
+
144
+ export default function WelcomeMessage({userJson}: InferGetServerSidePropsType<typeof getServerSideProps>) {
145
+ // Deserialize the user from the JSON string so you can call functions like user.getOrg()
146
+ const user = User.fromJSON(userJson)
147
+ return <div>Hello, {user.firstName}</div>
148
+ }
149
+
150
+ export const getServerSideProps: GetServerSideProps = async (context) => {
151
+ const user = await getUserFromServerSideProps(context)
152
+ if (!user) {
153
+ return {redirect: {destination: '/api/auth/login', permanent: false}}
154
+ }
155
+ return { props: {userJson: JSON.stringify(user) } }
156
+ }
157
+ ```
158
+
159
+
120
160
  ### Get the user in Client Components
121
161
 
122
162
  ```tsx
package/dist/client/index.js CHANGED
@@ -52,8 +52,10 @@ var __async = (__this, __arguments, generator) => {
52
52
  var client_exports = {};
53
53
  __export(client_exports, {
54
54
  AuthProvider: () => AuthProvider,
55
+ OrgMemberInfo: () => OrgMemberInfo,
55
56
  RedirectToLogin: () => RedirectToLogin,
56
57
  RedirectToSignup: () => RedirectToSignup,
58
+ User: () => User,
57
59
  useHostedPageUrls: () => useHostedPageUrls,
58
60
  useLogoutFunction: () => useLogoutFunction,
59
61
  useRedirectFunctions: () => useRedirectFunctions,
@@ -62,9 +64,6 @@ __export(client_exports, {
62
64
  });
63
65
  module.exports = __toCommonJS(client_exports);
64
66
 
65
- // src/client/AuthProvider.tsx
66
- var import_react = __toESM(require("react"));
67
-
68
67
  // src/user.ts
69
68
  var User = class {
70
69
  constructor(userId, email, orgIdToOrgMemberInfo, firstName, lastName, username, legacyUserId, impersonatorUserId) {
@@ -172,6 +171,9 @@ var OrgMemberInfo = class {
172
171
  }
173
172
  };
174
173
 
174
+ // src/client/AuthProvider.tsx
175
+ var import_react = __toESM(require("react"));
176
+
175
177
  // src/client/utils.ts
176
178
  var USER_INFO_KEY = "__PROPEL_AUTH_USER_INFO";
177
179
  function hasWindow() {
@@ -532,8 +534,10 @@ function useRefreshAuth() {
532
534
  // Annotate the CommonJS export names for ESM import in node:
533
535
  0 && (module.exports = {
534
536
  AuthProvider,
537
+ OrgMemberInfo,
535
538
  RedirectToLogin,
536
539
  RedirectToSignup,
540
+ User,
537
541
  useHostedPageUrls,
538
542
  useLogoutFunction,
539
543
  useRedirectFunctions,
package/dist/client/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/client/index.ts","../../src/client/AuthProvider.tsx","../../src/user.ts","../../src/client/utils.ts","../../src/client/useUser.tsx","../../src/client/useHostedPageUrls.tsx","../../src/client/useLogoutFunction.ts","../../src/client/useRedirectFunctions.tsx","../../src/client/useRefreshAuth.ts"],"sourcesContent":["export type {OrgIdToOrgMemberInfo, OrgMemberInfo, User} from \"../user\"\nexport {AuthProvider} from \"./AuthProvider\"\nexport type {AuthProviderProps} from \"./AuthProvider\"\nexport {useUser} from \"./useUser\"\nexport type {UseUser, UseUserLoading, UseUserLoggedIn, UseUserNotLoggedIn} from \"./useUser\"\nexport {useHostedPageUrls} from \"./useHostedPageUrls\"\nexport {useLogoutFunction} from \"./useLogoutFunction\"\nexport {useRedirectFunctions, RedirectToLogin, RedirectToSignup} from \"./useRedirectFunctions\"\nexport type {RedirectProps} from \"./useRedirectFunctions\"\nexport {useRefreshAuth} from \"./useRefreshAuth\"","'use client'\n\nimport React, {useCallback, useEffect, useReducer} from \"react\"\nimport {User} from \"../user\"\nimport {doesLocalStorageMatch, hasWindow, isEqual, saveUserToLocalStorage, USER_INFO_KEY} from \"./utils\";\nimport {useRouter} from \"next/navigation\";\n\ninterface InternalAuthState {\n loading: boolean\n user?: User\n\n logout: () => Promise<void>\n\n redirectToLoginPage: () => void\n redirectToSignupPage: () => void\n redirectToAccountPage: () => void\n redirectToOrgPage: (orgId?: string) => void\n redirectToCreateOrgPage: () => void\n redirectToSetupSAMLPage: (orgId: string) => void\n\n getSignupPageUrl(): string\n\n getLoginPageUrl(): string\n\n getAccountPageUrl(): string\n\n getOrgPageUrl(orgId?: string): string\n\n getCreateOrgPageUrl(): string\n\n getSetupSAMLPageUrl(orgId: string): string\n\n refreshAuthInfo: () => Promise<User | undefined>\n}\n\nexport type AuthProviderProps = {\n authUrl: string\n children?: React.ReactNode\n}\n\nexport const AuthContext = React.createContext<InternalAuthState | undefined>(undefined)\n\ntype AuthState = {\n loading: boolean\n user?: User\n\n // There's no good way to trigger server components to reload outside of router.refresh()\n // This is our workaround until the app router has something better\n authChangeDetected: boolean\n}\n\nconst initialAuthState = {\n loading: true,\n user: undefined,\n authChangeDetected: false,\n}\n\ntype AuthStateAction = {\n user?: User\n}\n\nfunction authStateReducer(_state: AuthState, action: AuthStateAction): AuthState {\n const authChangeDetected = !_state.loading && !isEqual(action.user, _state.user)\n\n if (!action.user) {\n return {\n loading: false,\n user: undefined,\n authChangeDetected,\n }\n } else if (_state.loading) {\n return {\n loading: false,\n user: action.user,\n authChangeDetected,\n }\n } else {\n return {\n loading: false,\n user: action.user,\n authChangeDetected\n }\n }\n}\n\nexport const AuthProvider = (props: AuthProviderProps) => {\n const [authState, dispatchInner] = useReducer(authStateReducer, initialAuthState)\n const router = useRouter()\n\n const dispatch = useCallback((action: AuthStateAction) => {\n dispatchInner(action)\n saveUserToLocalStorage(action.user)\n }, [dispatchInner])\n\n // This is because we don't have a good way to trigger server components to reload outside of router.refresh()\n // Once server actions isn't alpha, we can hopefully use that instead\n useEffect(() => {\n if (authState.authChangeDetected) {\n router.refresh()\n }\n }, [authState.authChangeDetected, router])\n\n // Trigger an initial refresh\n useEffect(() => {\n let didCancel = false\n\n async function refreshAuthInfo() {\n const {user} = await apiGetUserInfo()\n if (!didCancel) {\n dispatch({user})\n }\n }\n\n refreshAuthInfo()\n return () => {\n didCancel = true\n }\n }, [])\n\n\n // Periodically refresh the token\n useEffect(() => {\n let didCancel = false\n\n async function refreshToken() {\n const {user} = await apiGetUserInfo()\n if (!didCancel) {\n dispatch({user})\n }\n }\n\n async function onStorageEvent(event: StorageEvent) {\n if (event.key === USER_INFO_KEY && !doesLocalStorageMatch(event.newValue, authState.user)) {\n await refreshToken()\n }\n }\n\n // TODO: Retry logic if the request fails\n const interval = setInterval(refreshToken, 5 * 60 * 1000)\n\n if (hasWindow()) {\n window.addEventListener(\"storage\", onStorageEvent)\n window.addEventListener(\"online\", refreshToken)\n window.addEventListener(\"focus\", refreshToken)\n }\n\n return () => {\n didCancel = true\n clearInterval(interval)\n if (hasWindow()) {\n window.removeEventListener(\"storage\", onStorageEvent)\n window.removeEventListener(\"online\", refreshToken)\n window.removeEventListener(\"focus\", refreshToken)\n }\n }\n }, [dispatch, authState.user])\n\n\n const logout = useCallback(async () => {\n await fetch(\"/api/auth/logout\", {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n },\n credentials: \"include\",\n })\n dispatch({user: undefined})\n }, [dispatch])\n\n const getLoginPageUrl = () => \"/api/auth/login\"\n const getSignupPageUrl = () => \"/api/auth/signup\"\n const getAccountPageUrl = useCallback(() => {\n return `${props.authUrl}/account`\n }, [props.authUrl])\n const getOrgPageUrl = useCallback(\n (orgId?: string) => {\n if (orgId) {\n return `${props.authUrl}/org?id=${orgId}`\n } else {\n return `${props.authUrl}/org`\n }\n },\n [props.authUrl]\n )\n const getCreateOrgPageUrl = useCallback(() => {\n return `${props.authUrl}/create_org`\n }, [props.authUrl])\n\n const getSetupSAMLPageUrl = useCallback(\n (orgId: string) => {\n return `${props.authUrl}/saml?id=${orgId}`\n },\n [props.authUrl]\n )\n\n const redirectTo = (url: string) => {\n window.location.href = url\n }\n\n const redirectToLoginPage = () => redirectTo(getLoginPageUrl())\n const redirectToSignupPage = () => redirectTo(getSignupPageUrl())\n const redirectToAccountPage = () => redirectTo(getAccountPageUrl())\n const redirectToOrgPage = (orgId?: string) => redirectTo(getOrgPageUrl(orgId))\n const redirectToCreateOrgPage = () => redirectTo(getCreateOrgPageUrl())\n const redirectToSetupSAMLPage = (orgId: string) => redirectTo(getSetupSAMLPageUrl(orgId))\n\n const refreshAuthInfo = async () => {\n const {user} = await apiGetUserInfo()\n dispatch({user})\n return user\n }\n\n const value = {\n loading: authState.loading,\n user: authState.user,\n logout,\n redirectToLoginPage,\n redirectToSignupPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n redirectToSetupSAMLPage,\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n refreshAuthInfo,\n }\n return <AuthContext.Provider value={value}>{props.children}</AuthContext.Provider>\n}\n\ntype UserInfoResponse = { user?: User }\n\nasync function apiGetUserInfo(): Promise<UserInfoResponse> {\n try {\n const userInfoResponse = await fetch(\"/api/auth/userinfo\", {\n method: \"GET\",\n headers: {\n \"Content-Type\": \"application/json\",\n },\n credentials: \"include\",\n })\n\n if (userInfoResponse.ok) {\n const userJson = await userInfoResponse.text()\n const user = User.fromJSON(userJson)\n return {user}\n } else if (userInfoResponse.status === 401) {\n return {user: undefined}\n } else {\n console.log(\"Failed to refresh token\", userInfoResponse)\n }\n } catch (e) {\n console.log(\"Failed to refresh token\", e)\n }\n throw new Error(\"Failed to refresh token\")\n}\n","export class User {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): User {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new User(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n private userAssignedRole: string\n private userInheritedRolesPlusCurrentRole: string[]\n private userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): User {\n return new User(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","import {User} from \"../user\";\n\nexport const USER_INFO_KEY = \"__PROPEL_AUTH_USER_INFO\"\n\nexport function hasWindow(): boolean {\n return typeof window !== \"undefined\"\n}\n\nexport function saveUserToLocalStorage(user: User | undefined) {\n if (user) {\n localStorage.setItem(USER_INFO_KEY, JSON.stringify(user))\n } else {\n localStorage.setItem(USER_INFO_KEY, \"{}\")\n }\n}\n\nexport function doesLocalStorageMatch(newValue: string | null, user: User | undefined): boolean {\n if (!newValue) {\n return false\n } else if (!user) {\n return newValue === \"{}\"\n }\n\n const parsed = JSON.parse(newValue)\n if (!parsed) {\n return false\n }\n\n return isEqual(parsed, user)\n}\n\n\nexport function isEqual(a: any, b: any): boolean {\n if (typeof a !== typeof b) {\n return false\n }\n\n if (Array.isArray(a) !== Array.isArray(b)) {\n return false\n }\n\n if (Array.isArray(a)) {\n const aArray = a as any[]\n const bArray = b as any[]\n if (aArray.length !== bArray.length) {\n return false\n }\n\n for (let i = 0; i < aArray.length; i++) {\n if (!isEqual(aArray[i], bArray[i])) {\n return false\n }\n }\n\n return true\n }\n\n if (typeof a === \"object\") {\n const aKeys = Object.keys(a)\n const bKeys = Object.keys(b)\n if (aKeys.length !== bKeys.length) {\n return false\n }\n\n for (const key of aKeys) {\n if (!isEqual(a[key], b[key])) {\n return false\n }\n }\n\n return true\n } else {\n return a === b\n }\n}","'use client'\n\nimport {useContext} from \"react\"\nimport {User} from \"../user\"\nimport {AuthContext} from \"./AuthProvider\"\n\nexport type UseUserLoading = {\n loading: true\n isLoggedIn: never\n user: never\n}\n\nexport type UseUserLoggedIn = {\n loading: false\n isLoggedIn: true\n user: User\n}\n\nexport type UseUserNotLoggedIn = {\n loading: false\n isLoggedIn: false\n user: undefined\n}\n\nexport type UseUser = UseUserLoading | UseUserLoggedIn | UseUserNotLoggedIn\n\nexport function useUser(): UseUser {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useUser must be used within an AuthProvider\")\n }\n\n const {loading, user} = context\n if (loading) {\n return {\n loading: true,\n isLoggedIn: undefined as never,\n user: undefined as never,\n }\n } else if (user) {\n return {\n loading: false,\n isLoggedIn: true,\n user,\n }\n } else {\n return {\n loading: false,\n isLoggedIn: false,\n user: undefined,\n }\n }\n}","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useHostedPageUrls() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useHostedPageUrls must be used within an AuthProvider\")\n }\n const {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n } = context\n return {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n }\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useLogoutFunction() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useLogoutFunction must be used within an AuthProvider\")\n }\n const { logout } = context\n return logout\n}\n","import React, { useContext, useEffect } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRedirectFunctions() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useRedirectFunctions must be used within an AuthProvider\")\n }\n const {\n redirectToAccountPage,\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n } = context\n return {\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n }\n}\n\nexport interface RedirectProps {\n children?: React.ReactNode\n}\n\nexport function RedirectToSignup({ children }: RedirectProps) {\n const { redirectToSignupPage } = useRedirectFunctions()\n\n useEffect(() => {\n redirectToSignupPage()\n }, [])\n\n return <>{children}</>\n}\n\nexport function RedirectToLogin({ children }: RedirectProps) {\n const { redirectToLoginPage } = useRedirectFunctions()\n useEffect(() => {\n redirectToLoginPage()\n }, [])\n return <>{children}</>\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRefreshAuth() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useRefreshAuth must be used within an AuthProvider\")\n }\n const { refreshAuthInfo } = context\n return refreshAuthInfo\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACEA,mBAAwD;;;ACFjD,IAAM,OAAN,MAAW;AAAA,EAed,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAAoB;AACvC,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;;;ACzKO,IAAM,gBAAgB;AAEtB,SAAS,YAAqB;AACjC,SAAO,OAAO,WAAW;AAC7B;AAEO,SAAS,uBAAuB,MAAwB;AAC3D,MAAI,MAAM;AACN,iBAAa,QAAQ,eAAe,KAAK,UAAU,IAAI,CAAC;AAAA,EAC5D,OAAO;AACH,iBAAa,QAAQ,eAAe,IAAI;AAAA,EAC5C;AACJ;AAEO,SAAS,sBAAsB,UAAyB,MAAiC;AAC5F,MAAI,CAAC,UAAU;AACX,WAAO;AAAA,EACX,WAAW,CAAC,MAAM;AACd,WAAO,aAAa;AAAA,EACxB;AAEA,QAAM,SAAS,KAAK,MAAM,QAAQ;AAClC,MAAI,CAAC,QAAQ;AACT,WAAO;AAAA,EACX;AAEA,SAAO,QAAQ,QAAQ,IAAI;AAC/B;AAGO,SAAS,QAAQ,GAAQ,GAAiB;AAC7C,MAAI,OAAO,MAAM,OAAO,GAAG;AACvB,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,GAAG;AACvC,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,GAAG;AAClB,UAAM,SAAS;AACf,UAAM,SAAS;AACf,QAAI,OAAO,WAAW,OAAO,QAAQ;AACjC,aAAO;AAAA,IACX;AAEA,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACpC,UAAI,CAAC,QAAQ,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG;AAChC,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAEA,MAAI,OAAO,MAAM,UAAU;AACvB,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,QAAI,MAAM,WAAW,MAAM,QAAQ;AAC/B,aAAO;AAAA,IACX;AAEA,eAAW,OAAO,OAAO;AACrB,UAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,EAAE,GAAG,CAAC,GAAG;AAC1B,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX,OAAO;AACH,WAAO,MAAM;AAAA,EACjB;AACJ;;;AFrEA,wBAAwB;AAmCjB,IAAM,cAAc,aAAAA,QAAM,cAA6C,MAAS;AAWvF,IAAM,mBAAmB;AAAA,EACrB,SAAS;AAAA,EACT,MAAM;AAAA,EACN,oBAAoB;AACxB;AAMA,SAAS,iBAAiB,QAAmB,QAAoC;AAC7E,QAAM,qBAAqB,CAAC,OAAO,WAAW,CAAC,QAAQ,OAAO,MAAM,OAAO,IAAI;AAE/E,MAAI,CAAC,OAAO,MAAM;AACd,WAAO;AAAA,MACH,SAAS;AAAA,MACT,MAAM;AAAA,MACN;AAAA,IACJ;AAAA,EACJ,WAAW,OAAO,SAAS;AACvB,WAAO;AAAA,MACH,SAAS;AAAA,MACT,MAAM,OAAO;AAAA,MACb;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,MAAM,OAAO;AAAA,MACb;AAAA,IACJ;AAAA,EACJ;AACJ;AAEO,IAAM,eAAe,CAAC,UAA6B;AACtD,QAAM,CAAC,WAAW,aAAa,QAAI,yBAAW,kBAAkB,gBAAgB;AAChF,QAAM,aAAS,6BAAU;AAEzB,QAAM,eAAW,0BAAY,CAAC,WAA4B;AACtD,kBAAc,MAAM;AACpB,2BAAuB,OAAO,IAAI;AAAA,EACtC,GAAG,CAAC,aAAa,CAAC;AAIlB,8BAAU,MAAM;AACZ,QAAI,UAAU,oBAAoB;AAC9B,aAAO,QAAQ;AAAA,IACnB;AAAA,EACJ,GAAG,CAAC,UAAU,oBAAoB,MAAM,CAAC;AAGzC,8BAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAeC,mBAAkB;AAAA;AAC7B,cAAM,EAAC,KAAI,IAAI,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,EAAC,KAAI,CAAC;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,IAAAA,iBAAgB;AAChB,WAAO,MAAM;AACT,kBAAY;AAAA,IAChB;AAAA,EACJ,GAAG,CAAC,CAAC;AAIL,8BAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAe,eAAe;AAAA;AAC1B,cAAM,EAAC,KAAI,IAAI,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,EAAC,KAAI,CAAC;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,aAAe,eAAe,OAAqB;AAAA;AAC/C,YAAI,MAAM,QAAQ,iBAAiB,CAAC,sBAAsB,MAAM,UAAU,UAAU,IAAI,GAAG;AACvF,gBAAM,aAAa;AAAA,QACvB;AAAA,MACJ;AAAA;AAGA,UAAM,WAAW,YAAY,cAAc,IAAI,KAAK,GAAI;AAExD,QAAI,UAAU,GAAG;AACb,aAAO,iBAAiB,WAAW,cAAc;AACjD,aAAO,iBAAiB,UAAU,YAAY;AAC9C,aAAO,iBAAiB,SAAS,YAAY;AAAA,IACjD;AAEA,WAAO,MAAM;AACT,kBAAY;AACZ,oBAAc,QAAQ;AACtB,UAAI,UAAU,GAAG;AACb,eAAO,oBAAoB,WAAW,cAAc;AACpD,eAAO,oBAAoB,UAAU,YAAY;AACjD,eAAO,oBAAoB,SAAS,YAAY;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,GAAG,CAAC,UAAU,UAAU,IAAI,CAAC;AAG7B,QAAM,aAAS,0BAAY,MAAY;AACnC,UAAM,MAAM,oBAAoB;AAAA,MAC5B,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,gBAAgB;AAAA,MACpB;AAAA,MACA,aAAa;AAAA,IACjB,CAAC;AACD,aAAS,EAAC,MAAM,OAAS,CAAC;AAAA,EAC9B,IAAG,CAAC,QAAQ,CAAC;AAEb,QAAM,kBAAkB,MAAM;AAC9B,QAAM,mBAAmB,MAAM;AAC/B,QAAM,wBAAoB,0BAAY,MAAM;AACxC,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAClB,QAAM,oBAAgB;AAAA,IAClB,CAAC,UAAmB;AAChB,UAAI,OAAO;AACP,eAAO,GAAG,MAAM,kBAAkB;AAAA,MACtC,OAAO;AACH,eAAO,GAAG,MAAM;AAAA,MACpB;AAAA,IACJ;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AACA,QAAM,0BAAsB,0BAAY,MAAM;AAC1C,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAElB,QAAM,0BAAsB;AAAA,IACxB,CAAC,UAAkB;AACf,aAAO,GAAG,MAAM,mBAAmB;AAAA,IACvC;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AAEA,QAAM,aAAa,CAAC,QAAgB;AAChC,WAAO,SAAS,OAAO;AAAA,EAC3B;AAEA,QAAM,sBAAsB,MAAM,WAAW,gBAAgB,CAAC;AAC9D,QAAM,uBAAuB,MAAM,WAAW,iBAAiB,CAAC;AAChE,QAAM,wBAAwB,MAAM,WAAW,kBAAkB,CAAC;AAClE,QAAM,oBAAoB,CAAC,UAAmB,WAAW,cAAc,KAAK,CAAC;AAC7E,QAAM,0BAA0B,MAAM,WAAW,oBAAoB,CAAC;AACtE,QAAM,0BAA0B,CAAC,UAAkB,WAAW,oBAAoB,KAAK,CAAC;AAExF,QAAM,kBAAkB,MAAY;AAChC,UAAM,EAAC,KAAI,IAAI,MAAM,eAAe;AACpC,aAAS,EAAC,KAAI,CAAC;AACf,WAAO;AAAA,EACX;AAEA,QAAM,QAAQ;AAAA,IACV,SAAS,UAAU;AAAA,IACnB,MAAM,UAAU;AAAA,IAChB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACA,SAAO,6BAAAD,QAAA,cAAC,YAAY,UAAZ,EAAqB,SAAe,MAAM,QAAS;AAC/D;AAIA,SAAe,iBAA4C;AAAA;AACvD,QAAI;AACA,YAAM,mBAAmB,MAAM,MAAM,sBAAsB;AAAA,QACvD,QAAQ;AAAA,QACR,SAAS;AAAA,UACL,gBAAgB;AAAA,QACpB;AAAA,QACA,aAAa;AAAA,MACjB,CAAC;AAED,UAAI,iBAAiB,IAAI;AACrB,cAAM,WAAW,MAAM,iBAAiB,KAAK;AAC7C,cAAM,OAAO,KAAK,SAAS,QAAQ;AACnC,eAAO,EAAC,KAAI;AAAA,MAChB,WAAW,iBAAiB,WAAW,KAAK;AACxC,eAAO,EAAC,MAAM,OAAS;AAAA,MAC3B,OAAO;AACH,gBAAQ,IAAI,2BAA2B,gBAAgB;AAAA,MAC3D;AAAA,IACJ,SAAS,GAAP;AACE,cAAQ,IAAI,2BAA2B,CAAC;AAAA,IAC5C;AACA,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC7C;AAAA;;;AGhQA,IAAAE,gBAAyB;AAwBlB,SAAS,UAAmB;AAC/B,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EACjE;AAEA,QAAM,EAAC,SAAS,KAAI,IAAI;AACxB,MAAI,SAAS;AACT,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,IACV;AAAA,EACJ,WAAW,MAAM;AACb,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,IACV;AAAA,EACJ;AACJ;;;ACpDA,IAAAC,gBAA2B;AAGpB,SAAS,oBAAoB;AAChC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;;;ACxBA,IAAAC,gBAA2B;AAGpB,SAAS,oBAAoB;AAChC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,SAAO;AACX;;;ACVA,IAAAC,gBAA6C;AAGtC,SAAS,uBAAuB;AACnC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,0DAA0D;AAAA,EAC9E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAMO,SAAS,iBAAiB,EAAE,SAAS,GAAkB;AAC1D,QAAM,EAAE,qBAAqB,IAAI,qBAAqB;AAEtD,+BAAU,MAAM;AACZ,yBAAqB;AAAA,EACzB,GAAG,CAAC,CAAC;AAEL,SAAO,8BAAAC,QAAA,4BAAAA,QAAA,gBAAG,QAAS;AACvB;AAEO,SAAS,gBAAgB,EAAE,SAAS,GAAkB;AACzD,QAAM,EAAE,oBAAoB,IAAI,qBAAqB;AACrD,+BAAU,MAAM;AACZ,wBAAoB;AAAA,EACxB,GAAG,CAAC,CAAC;AACL,SAAO,8BAAAA,QAAA,4BAAAA,QAAA,gBAAG,QAAS;AACvB;;;AC5CA,IAAAC,gBAA2B;AAGpB,SAAS,iBAAiB;AAC7B,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,oDAAoD;AAAA,EACxE;AACA,QAAM,EAAE,gBAAgB,IAAI;AAC5B,SAAO;AACX;","names":["React","refreshAuthInfo","import_react","import_react","import_react","import_react","React","import_react"]}
1
+ {"version":3,"sources":["../../src/client/index.ts","../../src/user.ts","../../src/client/AuthProvider.tsx","../../src/client/utils.ts","../../src/client/useUser.tsx","../../src/client/useHostedPageUrls.tsx","../../src/client/useLogoutFunction.ts","../../src/client/useRedirectFunctions.tsx","../../src/client/useRefreshAuth.ts"],"sourcesContent":["export type {OrgIdToOrgMemberInfo} from \"../user\"\nexport {User, OrgMemberInfo} from \"../user\"\nexport {AuthProvider} from \"./AuthProvider\"\nexport type {AuthProviderProps} from \"./AuthProvider\"\nexport {useUser} from \"./useUser\"\nexport type {UseUser, UseUserLoading, UseUserLoggedIn, UseUserNotLoggedIn} from \"./useUser\"\nexport {useHostedPageUrls} from \"./useHostedPageUrls\"\nexport {useLogoutFunction} from \"./useLogoutFunction\"\nexport {useRedirectFunctions, RedirectToLogin, RedirectToSignup} from \"./useRedirectFunctions\"\nexport type {RedirectProps} from \"./useRedirectFunctions\"\nexport {useRefreshAuth} from \"./useRefreshAuth\"","export class User {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): User {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new User(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n private userAssignedRole: string\n private userInheritedRolesPlusCurrentRole: string[]\n private userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): User {\n return new User(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","'use client'\n\nimport React, {useCallback, useEffect, useReducer} from \"react\"\nimport {User} from \"../user\"\nimport {doesLocalStorageMatch, hasWindow, isEqual, saveUserToLocalStorage, USER_INFO_KEY} from \"./utils\";\nimport {useRouter} from \"next/navigation\";\n\ninterface InternalAuthState {\n loading: boolean\n user?: User\n\n logout: () => Promise<void>\n\n redirectToLoginPage: () => void\n redirectToSignupPage: () => void\n redirectToAccountPage: () => void\n redirectToOrgPage: (orgId?: string) => void\n redirectToCreateOrgPage: () => void\n redirectToSetupSAMLPage: (orgId: string) => void\n\n getSignupPageUrl(): string\n\n getLoginPageUrl(): string\n\n getAccountPageUrl(): string\n\n getOrgPageUrl(orgId?: string): string\n\n getCreateOrgPageUrl(): string\n\n getSetupSAMLPageUrl(orgId: string): string\n\n refreshAuthInfo: () => Promise<User | undefined>\n}\n\nexport type AuthProviderProps = {\n authUrl: string\n children?: React.ReactNode\n}\n\nexport const AuthContext = React.createContext<InternalAuthState | undefined>(undefined)\n\ntype AuthState = {\n loading: boolean\n user?: User\n\n // There's no good way to trigger server components to reload outside of router.refresh()\n // This is our workaround until the app router has something better\n authChangeDetected: boolean\n}\n\nconst initialAuthState = {\n loading: true,\n user: undefined,\n authChangeDetected: false,\n}\n\ntype AuthStateAction = {\n user?: User\n}\n\nfunction authStateReducer(_state: AuthState, action: AuthStateAction): AuthState {\n const authChangeDetected = !_state.loading && !isEqual(action.user, _state.user)\n\n if (!action.user) {\n return {\n loading: false,\n user: undefined,\n authChangeDetected,\n }\n } else if (_state.loading) {\n return {\n loading: false,\n user: action.user,\n authChangeDetected,\n }\n } else {\n return {\n loading: false,\n user: action.user,\n authChangeDetected\n }\n }\n}\n\nexport const AuthProvider = (props: AuthProviderProps) => {\n const [authState, dispatchInner] = useReducer(authStateReducer, initialAuthState)\n const router = useRouter()\n\n const dispatch = useCallback((action: AuthStateAction) => {\n dispatchInner(action)\n saveUserToLocalStorage(action.user)\n }, [dispatchInner])\n\n // This is because we don't have a good way to trigger server components to reload outside of router.refresh()\n // Once server actions isn't alpha, we can hopefully use that instead\n useEffect(() => {\n if (authState.authChangeDetected) {\n router.refresh()\n }\n }, [authState.authChangeDetected, router])\n\n // Trigger an initial refresh\n useEffect(() => {\n let didCancel = false\n\n async function refreshAuthInfo() {\n const {user} = await apiGetUserInfo()\n if (!didCancel) {\n dispatch({user})\n }\n }\n\n refreshAuthInfo()\n return () => {\n didCancel = true\n }\n }, [])\n\n\n // Periodically refresh the token\n useEffect(() => {\n let didCancel = false\n\n async function refreshToken() {\n const {user} = await apiGetUserInfo()\n if (!didCancel) {\n dispatch({user})\n }\n }\n\n async function onStorageEvent(event: StorageEvent) {\n if (event.key === USER_INFO_KEY && !doesLocalStorageMatch(event.newValue, authState.user)) {\n await refreshToken()\n }\n }\n\n // TODO: Retry logic if the request fails\n const interval = setInterval(refreshToken, 5 * 60 * 1000)\n\n if (hasWindow()) {\n window.addEventListener(\"storage\", onStorageEvent)\n window.addEventListener(\"online\", refreshToken)\n window.addEventListener(\"focus\", refreshToken)\n }\n\n return () => {\n didCancel = true\n clearInterval(interval)\n if (hasWindow()) {\n window.removeEventListener(\"storage\", onStorageEvent)\n window.removeEventListener(\"online\", refreshToken)\n window.removeEventListener(\"focus\", refreshToken)\n }\n }\n }, [dispatch, authState.user])\n\n\n const logout = useCallback(async () => {\n await fetch(\"/api/auth/logout\", {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n },\n credentials: \"include\",\n })\n dispatch({user: undefined})\n }, [dispatch])\n\n const getLoginPageUrl = () => \"/api/auth/login\"\n const getSignupPageUrl = () => \"/api/auth/signup\"\n const getAccountPageUrl = useCallback(() => {\n return `${props.authUrl}/account`\n }, [props.authUrl])\n const getOrgPageUrl = useCallback(\n (orgId?: string) => {\n if (orgId) {\n return `${props.authUrl}/org?id=${orgId}`\n } else {\n return `${props.authUrl}/org`\n }\n },\n [props.authUrl]\n )\n const getCreateOrgPageUrl = useCallback(() => {\n return `${props.authUrl}/create_org`\n }, [props.authUrl])\n\n const getSetupSAMLPageUrl = useCallback(\n (orgId: string) => {\n return `${props.authUrl}/saml?id=${orgId}`\n },\n [props.authUrl]\n )\n\n const redirectTo = (url: string) => {\n window.location.href = url\n }\n\n const redirectToLoginPage = () => redirectTo(getLoginPageUrl())\n const redirectToSignupPage = () => redirectTo(getSignupPageUrl())\n const redirectToAccountPage = () => redirectTo(getAccountPageUrl())\n const redirectToOrgPage = (orgId?: string) => redirectTo(getOrgPageUrl(orgId))\n const redirectToCreateOrgPage = () => redirectTo(getCreateOrgPageUrl())\n const redirectToSetupSAMLPage = (orgId: string) => redirectTo(getSetupSAMLPageUrl(orgId))\n\n const refreshAuthInfo = async () => {\n const {user} = await apiGetUserInfo()\n dispatch({user})\n return user\n }\n\n const value = {\n loading: authState.loading,\n user: authState.user,\n logout,\n redirectToLoginPage,\n redirectToSignupPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n redirectToSetupSAMLPage,\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n refreshAuthInfo,\n }\n return <AuthContext.Provider value={value}>{props.children}</AuthContext.Provider>\n}\n\ntype UserInfoResponse = { user?: User }\n\nasync function apiGetUserInfo(): Promise<UserInfoResponse> {\n try {\n const userInfoResponse = await fetch(\"/api/auth/userinfo\", {\n method: \"GET\",\n headers: {\n \"Content-Type\": \"application/json\",\n },\n credentials: \"include\",\n })\n\n if (userInfoResponse.ok) {\n const userJson = await userInfoResponse.text()\n const user = User.fromJSON(userJson)\n return {user}\n } else if (userInfoResponse.status === 401) {\n return {user: undefined}\n } else {\n console.log(\"Failed to refresh token\", userInfoResponse)\n }\n } catch (e) {\n console.log(\"Failed to refresh token\", e)\n }\n throw new Error(\"Failed to refresh token\")\n}\n","import {User} from \"../user\";\n\nexport const USER_INFO_KEY = \"__PROPEL_AUTH_USER_INFO\"\n\nexport function hasWindow(): boolean {\n return typeof window !== \"undefined\"\n}\n\nexport function saveUserToLocalStorage(user: User | undefined) {\n if (user) {\n localStorage.setItem(USER_INFO_KEY, JSON.stringify(user))\n } else {\n localStorage.setItem(USER_INFO_KEY, \"{}\")\n }\n}\n\nexport function doesLocalStorageMatch(newValue: string | null, user: User | undefined): boolean {\n if (!newValue) {\n return false\n } else if (!user) {\n return newValue === \"{}\"\n }\n\n const parsed = JSON.parse(newValue)\n if (!parsed) {\n return false\n }\n\n return isEqual(parsed, user)\n}\n\n\nexport function isEqual(a: any, b: any): boolean {\n if (typeof a !== typeof b) {\n return false\n }\n\n if (Array.isArray(a) !== Array.isArray(b)) {\n return false\n }\n\n if (Array.isArray(a)) {\n const aArray = a as any[]\n const bArray = b as any[]\n if (aArray.length !== bArray.length) {\n return false\n }\n\n for (let i = 0; i < aArray.length; i++) {\n if (!isEqual(aArray[i], bArray[i])) {\n return false\n }\n }\n\n return true\n }\n\n if (typeof a === \"object\") {\n const aKeys = Object.keys(a)\n const bKeys = Object.keys(b)\n if (aKeys.length !== bKeys.length) {\n return false\n }\n\n for (const key of aKeys) {\n if (!isEqual(a[key], b[key])) {\n return false\n }\n }\n\n return true\n } else {\n return a === b\n }\n}","'use client'\n\nimport {useContext} from \"react\"\nimport {User} from \"../user\"\nimport {AuthContext} from \"./AuthProvider\"\n\nexport type UseUserLoading = {\n loading: true\n isLoggedIn: never\n user: never\n}\n\nexport type UseUserLoggedIn = {\n loading: false\n isLoggedIn: true\n user: User\n}\n\nexport type UseUserNotLoggedIn = {\n loading: false\n isLoggedIn: false\n user: undefined\n}\n\nexport type UseUser = UseUserLoading | UseUserLoggedIn | UseUserNotLoggedIn\n\nexport function useUser(): UseUser {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useUser must be used within an AuthProvider\")\n }\n\n const {loading, user} = context\n if (loading) {\n return {\n loading: true,\n isLoggedIn: undefined as never,\n user: undefined as never,\n }\n } else if (user) {\n return {\n loading: false,\n isLoggedIn: true,\n user,\n }\n } else {\n return {\n loading: false,\n isLoggedIn: false,\n user: undefined,\n }\n }\n}","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useHostedPageUrls() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useHostedPageUrls must be used within an AuthProvider\")\n }\n const {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n } = context\n return {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n }\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useLogoutFunction() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useLogoutFunction must be used within an AuthProvider\")\n }\n const { logout } = context\n return logout\n}\n","import React, { useContext, useEffect } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRedirectFunctions() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useRedirectFunctions must be used within an AuthProvider\")\n }\n const {\n redirectToAccountPage,\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n } = context\n return {\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n }\n}\n\nexport interface RedirectProps {\n children?: React.ReactNode\n}\n\nexport function RedirectToSignup({ children }: RedirectProps) {\n const { redirectToSignupPage } = useRedirectFunctions()\n\n useEffect(() => {\n redirectToSignupPage()\n }, [])\n\n return <>{children}</>\n}\n\nexport function RedirectToLogin({ children }: RedirectProps) {\n const { redirectToLoginPage } = useRedirectFunctions()\n useEffect(() => {\n redirectToLoginPage()\n }, [])\n return <>{children}</>\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRefreshAuth() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useRefreshAuth must be used within an AuthProvider\")\n }\n const { refreshAuthInfo } = context\n return refreshAuthInfo\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAO,IAAM,OAAN,MAAW;AAAA,EAed,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAAoB;AACvC,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;;;ACzKA,mBAAwD;;;ACAjD,IAAM,gBAAgB;AAEtB,SAAS,YAAqB;AACjC,SAAO,OAAO,WAAW;AAC7B;AAEO,SAAS,uBAAuB,MAAwB;AAC3D,MAAI,MAAM;AACN,iBAAa,QAAQ,eAAe,KAAK,UAAU,IAAI,CAAC;AAAA,EAC5D,OAAO;AACH,iBAAa,QAAQ,eAAe,IAAI;AAAA,EAC5C;AACJ;AAEO,SAAS,sBAAsB,UAAyB,MAAiC;AAC5F,MAAI,CAAC,UAAU;AACX,WAAO;AAAA,EACX,WAAW,CAAC,MAAM;AACd,WAAO,aAAa;AAAA,EACxB;AAEA,QAAM,SAAS,KAAK,MAAM,QAAQ;AAClC,MAAI,CAAC,QAAQ;AACT,WAAO;AAAA,EACX;AAEA,SAAO,QAAQ,QAAQ,IAAI;AAC/B;AAGO,SAAS,QAAQ,GAAQ,GAAiB;AAC7C,MAAI,OAAO,MAAM,OAAO,GAAG;AACvB,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,GAAG;AACvC,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,GAAG;AAClB,UAAM,SAAS;AACf,UAAM,SAAS;AACf,QAAI,OAAO,WAAW,OAAO,QAAQ;AACjC,aAAO;AAAA,IACX;AAEA,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACpC,UAAI,CAAC,QAAQ,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG;AAChC,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAEA,MAAI,OAAO,MAAM,UAAU;AACvB,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,QAAI,MAAM,WAAW,MAAM,QAAQ;AAC/B,aAAO;AAAA,IACX;AAEA,eAAW,OAAO,OAAO;AACrB,UAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,EAAE,GAAG,CAAC,GAAG;AAC1B,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX,OAAO;AACH,WAAO,MAAM;AAAA,EACjB;AACJ;;;ADrEA,wBAAwB;AAmCjB,IAAM,cAAc,aAAAA,QAAM,cAA6C,MAAS;AAWvF,IAAM,mBAAmB;AAAA,EACrB,SAAS;AAAA,EACT,MAAM;AAAA,EACN,oBAAoB;AACxB;AAMA,SAAS,iBAAiB,QAAmB,QAAoC;AAC7E,QAAM,qBAAqB,CAAC,OAAO,WAAW,CAAC,QAAQ,OAAO,MAAM,OAAO,IAAI;AAE/E,MAAI,CAAC,OAAO,MAAM;AACd,WAAO;AAAA,MACH,SAAS;AAAA,MACT,MAAM;AAAA,MACN;AAAA,IACJ;AAAA,EACJ,WAAW,OAAO,SAAS;AACvB,WAAO;AAAA,MACH,SAAS;AAAA,MACT,MAAM,OAAO;AAAA,MACb;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,MAAM,OAAO;AAAA,MACb;AAAA,IACJ;AAAA,EACJ;AACJ;AAEO,IAAM,eAAe,CAAC,UAA6B;AACtD,QAAM,CAAC,WAAW,aAAa,QAAI,yBAAW,kBAAkB,gBAAgB;AAChF,QAAM,aAAS,6BAAU;AAEzB,QAAM,eAAW,0BAAY,CAAC,WAA4B;AACtD,kBAAc,MAAM;AACpB,2BAAuB,OAAO,IAAI;AAAA,EACtC,GAAG,CAAC,aAAa,CAAC;AAIlB,8BAAU,MAAM;AACZ,QAAI,UAAU,oBAAoB;AAC9B,aAAO,QAAQ;AAAA,IACnB;AAAA,EACJ,GAAG,CAAC,UAAU,oBAAoB,MAAM,CAAC;AAGzC,8BAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAeC,mBAAkB;AAAA;AAC7B,cAAM,EAAC,KAAI,IAAI,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,EAAC,KAAI,CAAC;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,IAAAA,iBAAgB;AAChB,WAAO,MAAM;AACT,kBAAY;AAAA,IAChB;AAAA,EACJ,GAAG,CAAC,CAAC;AAIL,8BAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAe,eAAe;AAAA;AAC1B,cAAM,EAAC,KAAI,IAAI,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,EAAC,KAAI,CAAC;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,aAAe,eAAe,OAAqB;AAAA;AAC/C,YAAI,MAAM,QAAQ,iBAAiB,CAAC,sBAAsB,MAAM,UAAU,UAAU,IAAI,GAAG;AACvF,gBAAM,aAAa;AAAA,QACvB;AAAA,MACJ;AAAA;AAGA,UAAM,WAAW,YAAY,cAAc,IAAI,KAAK,GAAI;AAExD,QAAI,UAAU,GAAG;AACb,aAAO,iBAAiB,WAAW,cAAc;AACjD,aAAO,iBAAiB,UAAU,YAAY;AAC9C,aAAO,iBAAiB,SAAS,YAAY;AAAA,IACjD;AAEA,WAAO,MAAM;AACT,kBAAY;AACZ,oBAAc,QAAQ;AACtB,UAAI,UAAU,GAAG;AACb,eAAO,oBAAoB,WAAW,cAAc;AACpD,eAAO,oBAAoB,UAAU,YAAY;AACjD,eAAO,oBAAoB,SAAS,YAAY;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,GAAG,CAAC,UAAU,UAAU,IAAI,CAAC;AAG7B,QAAM,aAAS,0BAAY,MAAY;AACnC,UAAM,MAAM,oBAAoB;AAAA,MAC5B,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,gBAAgB;AAAA,MACpB;AAAA,MACA,aAAa;AAAA,IACjB,CAAC;AACD,aAAS,EAAC,MAAM,OAAS,CAAC;AAAA,EAC9B,IAAG,CAAC,QAAQ,CAAC;AAEb,QAAM,kBAAkB,MAAM;AAC9B,QAAM,mBAAmB,MAAM;AAC/B,QAAM,wBAAoB,0BAAY,MAAM;AACxC,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAClB,QAAM,oBAAgB;AAAA,IAClB,CAAC,UAAmB;AAChB,UAAI,OAAO;AACP,eAAO,GAAG,MAAM,kBAAkB;AAAA,MACtC,OAAO;AACH,eAAO,GAAG,MAAM;AAAA,MACpB;AAAA,IACJ;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AACA,QAAM,0BAAsB,0BAAY,MAAM;AAC1C,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAElB,QAAM,0BAAsB;AAAA,IACxB,CAAC,UAAkB;AACf,aAAO,GAAG,MAAM,mBAAmB;AAAA,IACvC;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AAEA,QAAM,aAAa,CAAC,QAAgB;AAChC,WAAO,SAAS,OAAO;AAAA,EAC3B;AAEA,QAAM,sBAAsB,MAAM,WAAW,gBAAgB,CAAC;AAC9D,QAAM,uBAAuB,MAAM,WAAW,iBAAiB,CAAC;AAChE,QAAM,wBAAwB,MAAM,WAAW,kBAAkB,CAAC;AAClE,QAAM,oBAAoB,CAAC,UAAmB,WAAW,cAAc,KAAK,CAAC;AAC7E,QAAM,0BAA0B,MAAM,WAAW,oBAAoB,CAAC;AACtE,QAAM,0BAA0B,CAAC,UAAkB,WAAW,oBAAoB,KAAK,CAAC;AAExF,QAAM,kBAAkB,MAAY;AAChC,UAAM,EAAC,KAAI,IAAI,MAAM,eAAe;AACpC,aAAS,EAAC,KAAI,CAAC;AACf,WAAO;AAAA,EACX;AAEA,QAAM,QAAQ;AAAA,IACV,SAAS,UAAU;AAAA,IACnB,MAAM,UAAU;AAAA,IAChB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACA,SAAO,6BAAAD,QAAA,cAAC,YAAY,UAAZ,EAAqB,SAAe,MAAM,QAAS;AAC/D;AAIA,SAAe,iBAA4C;AAAA;AACvD,QAAI;AACA,YAAM,mBAAmB,MAAM,MAAM,sBAAsB;AAAA,QACvD,QAAQ;AAAA,QACR,SAAS;AAAA,UACL,gBAAgB;AAAA,QACpB;AAAA,QACA,aAAa;AAAA,MACjB,CAAC;AAED,UAAI,iBAAiB,IAAI;AACrB,cAAM,WAAW,MAAM,iBAAiB,KAAK;AAC7C,cAAM,OAAO,KAAK,SAAS,QAAQ;AACnC,eAAO,EAAC,KAAI;AAAA,MAChB,WAAW,iBAAiB,WAAW,KAAK;AACxC,eAAO,EAAC,MAAM,OAAS;AAAA,MAC3B,OAAO;AACH,gBAAQ,IAAI,2BAA2B,gBAAgB;AAAA,MAC3D;AAAA,IACJ,SAAS,GAAP;AACE,cAAQ,IAAI,2BAA2B,CAAC;AAAA,IAC5C;AACA,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC7C;AAAA;;;AEhQA,IAAAE,gBAAyB;AAwBlB,SAAS,UAAmB;AAC/B,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EACjE;AAEA,QAAM,EAAC,SAAS,KAAI,IAAI;AACxB,MAAI,SAAS;AACT,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,IACV;AAAA,EACJ,WAAW,MAAM;AACb,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,IACV;AAAA,EACJ;AACJ;;;ACpDA,IAAAC,gBAA2B;AAGpB,SAAS,oBAAoB;AAChC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;;;ACxBA,IAAAC,gBAA2B;AAGpB,SAAS,oBAAoB;AAChC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,SAAO;AACX;;;ACVA,IAAAC,gBAA6C;AAGtC,SAAS,uBAAuB;AACnC,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,0DAA0D;AAAA,EAC9E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAMO,SAAS,iBAAiB,EAAE,SAAS,GAAkB;AAC1D,QAAM,EAAE,qBAAqB,IAAI,qBAAqB;AAEtD,+BAAU,MAAM;AACZ,yBAAqB;AAAA,EACzB,GAAG,CAAC,CAAC;AAEL,SAAO,8BAAAC,QAAA,4BAAAA,QAAA,gBAAG,QAAS;AACvB;AAEO,SAAS,gBAAgB,EAAE,SAAS,GAAkB;AACzD,QAAM,EAAE,oBAAoB,IAAI,qBAAqB;AACrD,+BAAU,MAAM;AACZ,wBAAoB;AAAA,EACxB,GAAG,CAAC,CAAC;AACL,SAAO,8BAAAA,QAAA,4BAAAA,QAAA,gBAAG,QAAS;AACvB;;;AC5CA,IAAAC,gBAA2B;AAGpB,SAAS,iBAAiB;AAC7B,QAAM,cAAU,0BAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,oDAAoD;AAAA,EACxE;AACA,QAAM,EAAE,gBAAgB,IAAI;AAC5B,SAAO;AACX;","names":["React","refreshAuthInfo","import_react","import_react","import_react","import_react","React","import_react"]}
package/dist/client/index.mjs CHANGED
@@ -20,9 +20,6 @@ var __async = (__this, __arguments, generator) => {
20
20
  });
21
21
  };
22
22
 
23
- // src/client/AuthProvider.tsx
24
- import React, { useCallback, useEffect, useReducer } from "react";
25
-
26
23
  // src/user.ts
27
24
  var User = class {
28
25
  constructor(userId, email, orgIdToOrgMemberInfo, firstName, lastName, username, legacyUserId, impersonatorUserId) {
@@ -130,6 +127,9 @@ var OrgMemberInfo = class {
130
127
  }
131
128
  };
132
129
 
130
+ // src/client/AuthProvider.tsx
131
+ import React, { useCallback, useEffect, useReducer } from "react";
132
+
133
133
  // src/client/utils.ts
134
134
  var USER_INFO_KEY = "__PROPEL_AUTH_USER_INFO";
135
135
  function hasWindow() {
@@ -489,8 +489,10 @@ function useRefreshAuth() {
489
489
  }
490
490
  export {
491
491
  AuthProvider,
492
+ OrgMemberInfo,
492
493
  RedirectToLogin,
493
494
  RedirectToSignup,
495
+ User,
494
496
  useHostedPageUrls,
495
497
  useLogoutFunction,
496
498
  useRedirectFunctions,
package/dist/client/index.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/client/AuthProvider.tsx","../../src/user.ts","../../src/client/utils.ts","../../src/client/useUser.tsx","../../src/client/useHostedPageUrls.tsx","../../src/client/useLogoutFunction.ts","../../src/client/useRedirectFunctions.tsx","../../src/client/useRefreshAuth.ts"],"sourcesContent":["'use client'\n\nimport React, {useCallback, useEffect, useReducer} from \"react\"\nimport {User} from \"../user\"\nimport {doesLocalStorageMatch, hasWindow, isEqual, saveUserToLocalStorage, USER_INFO_KEY} from \"./utils\";\nimport {useRouter} from \"next/navigation\";\n\ninterface InternalAuthState {\n loading: boolean\n user?: User\n\n logout: () => Promise<void>\n\n redirectToLoginPage: () => void\n redirectToSignupPage: () => void\n redirectToAccountPage: () => void\n redirectToOrgPage: (orgId?: string) => void\n redirectToCreateOrgPage: () => void\n redirectToSetupSAMLPage: (orgId: string) => void\n\n getSignupPageUrl(): string\n\n getLoginPageUrl(): string\n\n getAccountPageUrl(): string\n\n getOrgPageUrl(orgId?: string): string\n\n getCreateOrgPageUrl(): string\n\n getSetupSAMLPageUrl(orgId: string): string\n\n refreshAuthInfo: () => Promise<User | undefined>\n}\n\nexport type AuthProviderProps = {\n authUrl: string\n children?: React.ReactNode\n}\n\nexport const AuthContext = React.createContext<InternalAuthState | undefined>(undefined)\n\ntype AuthState = {\n loading: boolean\n user?: User\n\n // There's no good way to trigger server components to reload outside of router.refresh()\n // This is our workaround until the app router has something better\n authChangeDetected: boolean\n}\n\nconst initialAuthState = {\n loading: true,\n user: undefined,\n authChangeDetected: false,\n}\n\ntype AuthStateAction = {\n user?: User\n}\n\nfunction authStateReducer(_state: AuthState, action: AuthStateAction): AuthState {\n const authChangeDetected = !_state.loading && !isEqual(action.user, _state.user)\n\n if (!action.user) {\n return {\n loading: false,\n user: undefined,\n authChangeDetected,\n }\n } else if (_state.loading) {\n return {\n loading: false,\n user: action.user,\n authChangeDetected,\n }\n } else {\n return {\n loading: false,\n user: action.user,\n authChangeDetected\n }\n }\n}\n\nexport const AuthProvider = (props: AuthProviderProps) => {\n const [authState, dispatchInner] = useReducer(authStateReducer, initialAuthState)\n const router = useRouter()\n\n const dispatch = useCallback((action: AuthStateAction) => {\n dispatchInner(action)\n saveUserToLocalStorage(action.user)\n }, [dispatchInner])\n\n // This is because we don't have a good way to trigger server components to reload outside of router.refresh()\n // Once server actions isn't alpha, we can hopefully use that instead\n useEffect(() => {\n if (authState.authChangeDetected) {\n router.refresh()\n }\n }, [authState.authChangeDetected, router])\n\n // Trigger an initial refresh\n useEffect(() => {\n let didCancel = false\n\n async function refreshAuthInfo() {\n const {user} = await apiGetUserInfo()\n if (!didCancel) {\n dispatch({user})\n }\n }\n\n refreshAuthInfo()\n return () => {\n didCancel = true\n }\n }, [])\n\n\n // Periodically refresh the token\n useEffect(() => {\n let didCancel = false\n\n async function refreshToken() {\n const {user} = await apiGetUserInfo()\n if (!didCancel) {\n dispatch({user})\n }\n }\n\n async function onStorageEvent(event: StorageEvent) {\n if (event.key === USER_INFO_KEY && !doesLocalStorageMatch(event.newValue, authState.user)) {\n await refreshToken()\n }\n }\n\n // TODO: Retry logic if the request fails\n const interval = setInterval(refreshToken, 5 * 60 * 1000)\n\n if (hasWindow()) {\n window.addEventListener(\"storage\", onStorageEvent)\n window.addEventListener(\"online\", refreshToken)\n window.addEventListener(\"focus\", refreshToken)\n }\n\n return () => {\n didCancel = true\n clearInterval(interval)\n if (hasWindow()) {\n window.removeEventListener(\"storage\", onStorageEvent)\n window.removeEventListener(\"online\", refreshToken)\n window.removeEventListener(\"focus\", refreshToken)\n }\n }\n }, [dispatch, authState.user])\n\n\n const logout = useCallback(async () => {\n await fetch(\"/api/auth/logout\", {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n },\n credentials: \"include\",\n })\n dispatch({user: undefined})\n }, [dispatch])\n\n const getLoginPageUrl = () => \"/api/auth/login\"\n const getSignupPageUrl = () => \"/api/auth/signup\"\n const getAccountPageUrl = useCallback(() => {\n return `${props.authUrl}/account`\n }, [props.authUrl])\n const getOrgPageUrl = useCallback(\n (orgId?: string) => {\n if (orgId) {\n return `${props.authUrl}/org?id=${orgId}`\n } else {\n return `${props.authUrl}/org`\n }\n },\n [props.authUrl]\n )\n const getCreateOrgPageUrl = useCallback(() => {\n return `${props.authUrl}/create_org`\n }, [props.authUrl])\n\n const getSetupSAMLPageUrl = useCallback(\n (orgId: string) => {\n return `${props.authUrl}/saml?id=${orgId}`\n },\n [props.authUrl]\n )\n\n const redirectTo = (url: string) => {\n window.location.href = url\n }\n\n const redirectToLoginPage = () => redirectTo(getLoginPageUrl())\n const redirectToSignupPage = () => redirectTo(getSignupPageUrl())\n const redirectToAccountPage = () => redirectTo(getAccountPageUrl())\n const redirectToOrgPage = (orgId?: string) => redirectTo(getOrgPageUrl(orgId))\n const redirectToCreateOrgPage = () => redirectTo(getCreateOrgPageUrl())\n const redirectToSetupSAMLPage = (orgId: string) => redirectTo(getSetupSAMLPageUrl(orgId))\n\n const refreshAuthInfo = async () => {\n const {user} = await apiGetUserInfo()\n dispatch({user})\n return user\n }\n\n const value = {\n loading: authState.loading,\n user: authState.user,\n logout,\n redirectToLoginPage,\n redirectToSignupPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n redirectToSetupSAMLPage,\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n refreshAuthInfo,\n }\n return <AuthContext.Provider value={value}>{props.children}</AuthContext.Provider>\n}\n\ntype UserInfoResponse = { user?: User }\n\nasync function apiGetUserInfo(): Promise<UserInfoResponse> {\n try {\n const userInfoResponse = await fetch(\"/api/auth/userinfo\", {\n method: \"GET\",\n headers: {\n \"Content-Type\": \"application/json\",\n },\n credentials: \"include\",\n })\n\n if (userInfoResponse.ok) {\n const userJson = await userInfoResponse.text()\n const user = User.fromJSON(userJson)\n return {user}\n } else if (userInfoResponse.status === 401) {\n return {user: undefined}\n } else {\n console.log(\"Failed to refresh token\", userInfoResponse)\n }\n } catch (e) {\n console.log(\"Failed to refresh token\", e)\n }\n throw new Error(\"Failed to refresh token\")\n}\n","export class User {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): User {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new User(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n private userAssignedRole: string\n private userInheritedRolesPlusCurrentRole: string[]\n private userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): User {\n return new User(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","import {User} from \"../user\";\n\nexport const USER_INFO_KEY = \"__PROPEL_AUTH_USER_INFO\"\n\nexport function hasWindow(): boolean {\n return typeof window !== \"undefined\"\n}\n\nexport function saveUserToLocalStorage(user: User | undefined) {\n if (user) {\n localStorage.setItem(USER_INFO_KEY, JSON.stringify(user))\n } else {\n localStorage.setItem(USER_INFO_KEY, \"{}\")\n }\n}\n\nexport function doesLocalStorageMatch(newValue: string | null, user: User | undefined): boolean {\n if (!newValue) {\n return false\n } else if (!user) {\n return newValue === \"{}\"\n }\n\n const parsed = JSON.parse(newValue)\n if (!parsed) {\n return false\n }\n\n return isEqual(parsed, user)\n}\n\n\nexport function isEqual(a: any, b: any): boolean {\n if (typeof a !== typeof b) {\n return false\n }\n\n if (Array.isArray(a) !== Array.isArray(b)) {\n return false\n }\n\n if (Array.isArray(a)) {\n const aArray = a as any[]\n const bArray = b as any[]\n if (aArray.length !== bArray.length) {\n return false\n }\n\n for (let i = 0; i < aArray.length; i++) {\n if (!isEqual(aArray[i], bArray[i])) {\n return false\n }\n }\n\n return true\n }\n\n if (typeof a === \"object\") {\n const aKeys = Object.keys(a)\n const bKeys = Object.keys(b)\n if (aKeys.length !== bKeys.length) {\n return false\n }\n\n for (const key of aKeys) {\n if (!isEqual(a[key], b[key])) {\n return false\n }\n }\n\n return true\n } else {\n return a === b\n }\n}","'use client'\n\nimport {useContext} from \"react\"\nimport {User} from \"../user\"\nimport {AuthContext} from \"./AuthProvider\"\n\nexport type UseUserLoading = {\n loading: true\n isLoggedIn: never\n user: never\n}\n\nexport type UseUserLoggedIn = {\n loading: false\n isLoggedIn: true\n user: User\n}\n\nexport type UseUserNotLoggedIn = {\n loading: false\n isLoggedIn: false\n user: undefined\n}\n\nexport type UseUser = UseUserLoading | UseUserLoggedIn | UseUserNotLoggedIn\n\nexport function useUser(): UseUser {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useUser must be used within an AuthProvider\")\n }\n\n const {loading, user} = context\n if (loading) {\n return {\n loading: true,\n isLoggedIn: undefined as never,\n user: undefined as never,\n }\n } else if (user) {\n return {\n loading: false,\n isLoggedIn: true,\n user,\n }\n } else {\n return {\n loading: false,\n isLoggedIn: false,\n user: undefined,\n }\n }\n}","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useHostedPageUrls() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useHostedPageUrls must be used within an AuthProvider\")\n }\n const {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n } = context\n return {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n }\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useLogoutFunction() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useLogoutFunction must be used within an AuthProvider\")\n }\n const { logout } = context\n return logout\n}\n","import React, { useContext, useEffect } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRedirectFunctions() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useRedirectFunctions must be used within an AuthProvider\")\n }\n const {\n redirectToAccountPage,\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n } = context\n return {\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n }\n}\n\nexport interface RedirectProps {\n children?: React.ReactNode\n}\n\nexport function RedirectToSignup({ children }: RedirectProps) {\n const { redirectToSignupPage } = useRedirectFunctions()\n\n useEffect(() => {\n redirectToSignupPage()\n }, [])\n\n return <>{children}</>\n}\n\nexport function RedirectToLogin({ children }: RedirectProps) {\n const { redirectToLoginPage } = useRedirectFunctions()\n useEffect(() => {\n redirectToLoginPage()\n }, [])\n return <>{children}</>\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRefreshAuth() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useRefreshAuth must be used within an AuthProvider\")\n }\n const { refreshAuthInfo } = context\n return refreshAuthInfo\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAEA,OAAO,SAAQ,aAAa,WAAW,kBAAiB;;;ACFjD,IAAM,OAAN,MAAW;AAAA,EAed,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAAoB;AACvC,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;;;ACzKO,IAAM,gBAAgB;AAEtB,SAAS,YAAqB;AACjC,SAAO,OAAO,WAAW;AAC7B;AAEO,SAAS,uBAAuB,MAAwB;AAC3D,MAAI,MAAM;AACN,iBAAa,QAAQ,eAAe,KAAK,UAAU,IAAI,CAAC;AAAA,EAC5D,OAAO;AACH,iBAAa,QAAQ,eAAe,IAAI;AAAA,EAC5C;AACJ;AAEO,SAAS,sBAAsB,UAAyB,MAAiC;AAC5F,MAAI,CAAC,UAAU;AACX,WAAO;AAAA,EACX,WAAW,CAAC,MAAM;AACd,WAAO,aAAa;AAAA,EACxB;AAEA,QAAM,SAAS,KAAK,MAAM,QAAQ;AAClC,MAAI,CAAC,QAAQ;AACT,WAAO;AAAA,EACX;AAEA,SAAO,QAAQ,QAAQ,IAAI;AAC/B;AAGO,SAAS,QAAQ,GAAQ,GAAiB;AAC7C,MAAI,OAAO,MAAM,OAAO,GAAG;AACvB,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,GAAG;AACvC,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,GAAG;AAClB,UAAM,SAAS;AACf,UAAM,SAAS;AACf,QAAI,OAAO,WAAW,OAAO,QAAQ;AACjC,aAAO;AAAA,IACX;AAEA,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACpC,UAAI,CAAC,QAAQ,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG;AAChC,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAEA,MAAI,OAAO,MAAM,UAAU;AACvB,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,QAAI,MAAM,WAAW,MAAM,QAAQ;AAC/B,aAAO;AAAA,IACX;AAEA,eAAW,OAAO,OAAO;AACrB,UAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,EAAE,GAAG,CAAC,GAAG;AAC1B,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX,OAAO;AACH,WAAO,MAAM;AAAA,EACjB;AACJ;;;AFrEA,SAAQ,iBAAgB;AAmCjB,IAAM,cAAc,MAAM,cAA6C,MAAS;AAWvF,IAAM,mBAAmB;AAAA,EACrB,SAAS;AAAA,EACT,MAAM;AAAA,EACN,oBAAoB;AACxB;AAMA,SAAS,iBAAiB,QAAmB,QAAoC;AAC7E,QAAM,qBAAqB,CAAC,OAAO,WAAW,CAAC,QAAQ,OAAO,MAAM,OAAO,IAAI;AAE/E,MAAI,CAAC,OAAO,MAAM;AACd,WAAO;AAAA,MACH,SAAS;AAAA,MACT,MAAM;AAAA,MACN;AAAA,IACJ;AAAA,EACJ,WAAW,OAAO,SAAS;AACvB,WAAO;AAAA,MACH,SAAS;AAAA,MACT,MAAM,OAAO;AAAA,MACb;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,MAAM,OAAO;AAAA,MACb;AAAA,IACJ;AAAA,EACJ;AACJ;AAEO,IAAM,eAAe,CAAC,UAA6B;AACtD,QAAM,CAAC,WAAW,aAAa,IAAI,WAAW,kBAAkB,gBAAgB;AAChF,QAAM,SAAS,UAAU;AAEzB,QAAM,WAAW,YAAY,CAAC,WAA4B;AACtD,kBAAc,MAAM;AACpB,2BAAuB,OAAO,IAAI;AAAA,EACtC,GAAG,CAAC,aAAa,CAAC;AAIlB,YAAU,MAAM;AACZ,QAAI,UAAU,oBAAoB;AAC9B,aAAO,QAAQ;AAAA,IACnB;AAAA,EACJ,GAAG,CAAC,UAAU,oBAAoB,MAAM,CAAC;AAGzC,YAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAeA,mBAAkB;AAAA;AAC7B,cAAM,EAAC,KAAI,IAAI,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,EAAC,KAAI,CAAC;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,IAAAA,iBAAgB;AAChB,WAAO,MAAM;AACT,kBAAY;AAAA,IAChB;AAAA,EACJ,GAAG,CAAC,CAAC;AAIL,YAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAe,eAAe;AAAA;AAC1B,cAAM,EAAC,KAAI,IAAI,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,EAAC,KAAI,CAAC;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,aAAe,eAAe,OAAqB;AAAA;AAC/C,YAAI,MAAM,QAAQ,iBAAiB,CAAC,sBAAsB,MAAM,UAAU,UAAU,IAAI,GAAG;AACvF,gBAAM,aAAa;AAAA,QACvB;AAAA,MACJ;AAAA;AAGA,UAAM,WAAW,YAAY,cAAc,IAAI,KAAK,GAAI;AAExD,QAAI,UAAU,GAAG;AACb,aAAO,iBAAiB,WAAW,cAAc;AACjD,aAAO,iBAAiB,UAAU,YAAY;AAC9C,aAAO,iBAAiB,SAAS,YAAY;AAAA,IACjD;AAEA,WAAO,MAAM;AACT,kBAAY;AACZ,oBAAc,QAAQ;AACtB,UAAI,UAAU,GAAG;AACb,eAAO,oBAAoB,WAAW,cAAc;AACpD,eAAO,oBAAoB,UAAU,YAAY;AACjD,eAAO,oBAAoB,SAAS,YAAY;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,GAAG,CAAC,UAAU,UAAU,IAAI,CAAC;AAG7B,QAAM,SAAS,YAAY,MAAY;AACnC,UAAM,MAAM,oBAAoB;AAAA,MAC5B,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,gBAAgB;AAAA,MACpB;AAAA,MACA,aAAa;AAAA,IACjB,CAAC;AACD,aAAS,EAAC,MAAM,OAAS,CAAC;AAAA,EAC9B,IAAG,CAAC,QAAQ,CAAC;AAEb,QAAM,kBAAkB,MAAM;AAC9B,QAAM,mBAAmB,MAAM;AAC/B,QAAM,oBAAoB,YAAY,MAAM;AACxC,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAClB,QAAM,gBAAgB;AAAA,IAClB,CAAC,UAAmB;AAChB,UAAI,OAAO;AACP,eAAO,GAAG,MAAM,kBAAkB;AAAA,MACtC,OAAO;AACH,eAAO,GAAG,MAAM;AAAA,MACpB;AAAA,IACJ;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AACA,QAAM,sBAAsB,YAAY,MAAM;AAC1C,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAElB,QAAM,sBAAsB;AAAA,IACxB,CAAC,UAAkB;AACf,aAAO,GAAG,MAAM,mBAAmB;AAAA,IACvC;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AAEA,QAAM,aAAa,CAAC,QAAgB;AAChC,WAAO,SAAS,OAAO;AAAA,EAC3B;AAEA,QAAM,sBAAsB,MAAM,WAAW,gBAAgB,CAAC;AAC9D,QAAM,uBAAuB,MAAM,WAAW,iBAAiB,CAAC;AAChE,QAAM,wBAAwB,MAAM,WAAW,kBAAkB,CAAC;AAClE,QAAM,oBAAoB,CAAC,UAAmB,WAAW,cAAc,KAAK,CAAC;AAC7E,QAAM,0BAA0B,MAAM,WAAW,oBAAoB,CAAC;AACtE,QAAM,0BAA0B,CAAC,UAAkB,WAAW,oBAAoB,KAAK,CAAC;AAExF,QAAM,kBAAkB,MAAY;AAChC,UAAM,EAAC,KAAI,IAAI,MAAM,eAAe;AACpC,aAAS,EAAC,KAAI,CAAC;AACf,WAAO;AAAA,EACX;AAEA,QAAM,QAAQ;AAAA,IACV,SAAS,UAAU;AAAA,IACnB,MAAM,UAAU;AAAA,IAChB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACA,SAAO,oCAAC,YAAY,UAAZ,EAAqB,SAAe,MAAM,QAAS;AAC/D;AAIA,SAAe,iBAA4C;AAAA;AACvD,QAAI;AACA,YAAM,mBAAmB,MAAM,MAAM,sBAAsB;AAAA,QACvD,QAAQ;AAAA,QACR,SAAS;AAAA,UACL,gBAAgB;AAAA,QACpB;AAAA,QACA,aAAa;AAAA,MACjB,CAAC;AAED,UAAI,iBAAiB,IAAI;AACrB,cAAM,WAAW,MAAM,iBAAiB,KAAK;AAC7C,cAAM,OAAO,KAAK,SAAS,QAAQ;AACnC,eAAO,EAAC,KAAI;AAAA,MAChB,WAAW,iBAAiB,WAAW,KAAK;AACxC,eAAO,EAAC,MAAM,OAAS;AAAA,MAC3B,OAAO;AACH,gBAAQ,IAAI,2BAA2B,gBAAgB;AAAA,MAC3D;AAAA,IACJ,SAAS,GAAP;AACE,cAAQ,IAAI,2BAA2B,CAAC;AAAA,IAC5C;AACA,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC7C;AAAA;;;AGhQA,SAAQ,kBAAiB;AAwBlB,SAAS,UAAmB;AAC/B,QAAM,UAAU,WAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EACjE;AAEA,QAAM,EAAC,SAAS,KAAI,IAAI;AACxB,MAAI,SAAS;AACT,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,IACV;AAAA,EACJ,WAAW,MAAM;AACb,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,IACV;AAAA,EACJ;AACJ;;;ACpDA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,oBAAoB;AAChC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;;;ACxBA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,oBAAoB;AAChC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,SAAO;AACX;;;ACVA,OAAOC,UAAS,cAAAC,aAAY,aAAAC,kBAAiB;AAGtC,SAAS,uBAAuB;AACnC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,0DAA0D;AAAA,EAC9E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAMO,SAAS,iBAAiB,EAAE,SAAS,GAAkB;AAC1D,QAAM,EAAE,qBAAqB,IAAI,qBAAqB;AAEtD,EAAAC,WAAU,MAAM;AACZ,yBAAqB;AAAA,EACzB,GAAG,CAAC,CAAC;AAEL,SAAO,gBAAAC,OAAA,cAAAA,OAAA,gBAAG,QAAS;AACvB;AAEO,SAAS,gBAAgB,EAAE,SAAS,GAAkB;AACzD,QAAM,EAAE,oBAAoB,IAAI,qBAAqB;AACrD,EAAAD,WAAU,MAAM;AACZ,wBAAoB;AAAA,EACxB,GAAG,CAAC,CAAC;AACL,SAAO,gBAAAC,OAAA,cAAAA,OAAA,gBAAG,QAAS;AACvB;;;AC5CA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,iBAAiB;AAC7B,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,oDAAoD;AAAA,EACxE;AACA,QAAM,EAAE,gBAAgB,IAAI;AAC5B,SAAO;AACX;","names":["refreshAuthInfo","useContext","useContext","useContext","useContext","React","useContext","useEffect","useContext","useEffect","React","useContext","useContext"]}
1
+ {"version":3,"sources":["../../src/user.ts","../../src/client/AuthProvider.tsx","../../src/client/utils.ts","../../src/client/useUser.tsx","../../src/client/useHostedPageUrls.tsx","../../src/client/useLogoutFunction.ts","../../src/client/useRedirectFunctions.tsx","../../src/client/useRefreshAuth.ts"],"sourcesContent":["export class User {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): User {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new User(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n private userAssignedRole: string\n private userInheritedRolesPlusCurrentRole: string[]\n private userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): User {\n return new User(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","'use client'\n\nimport React, {useCallback, useEffect, useReducer} from \"react\"\nimport {User} from \"../user\"\nimport {doesLocalStorageMatch, hasWindow, isEqual, saveUserToLocalStorage, USER_INFO_KEY} from \"./utils\";\nimport {useRouter} from \"next/navigation\";\n\ninterface InternalAuthState {\n loading: boolean\n user?: User\n\n logout: () => Promise<void>\n\n redirectToLoginPage: () => void\n redirectToSignupPage: () => void\n redirectToAccountPage: () => void\n redirectToOrgPage: (orgId?: string) => void\n redirectToCreateOrgPage: () => void\n redirectToSetupSAMLPage: (orgId: string) => void\n\n getSignupPageUrl(): string\n\n getLoginPageUrl(): string\n\n getAccountPageUrl(): string\n\n getOrgPageUrl(orgId?: string): string\n\n getCreateOrgPageUrl(): string\n\n getSetupSAMLPageUrl(orgId: string): string\n\n refreshAuthInfo: () => Promise<User | undefined>\n}\n\nexport type AuthProviderProps = {\n authUrl: string\n children?: React.ReactNode\n}\n\nexport const AuthContext = React.createContext<InternalAuthState | undefined>(undefined)\n\ntype AuthState = {\n loading: boolean\n user?: User\n\n // There's no good way to trigger server components to reload outside of router.refresh()\n // This is our workaround until the app router has something better\n authChangeDetected: boolean\n}\n\nconst initialAuthState = {\n loading: true,\n user: undefined,\n authChangeDetected: false,\n}\n\ntype AuthStateAction = {\n user?: User\n}\n\nfunction authStateReducer(_state: AuthState, action: AuthStateAction): AuthState {\n const authChangeDetected = !_state.loading && !isEqual(action.user, _state.user)\n\n if (!action.user) {\n return {\n loading: false,\n user: undefined,\n authChangeDetected,\n }\n } else if (_state.loading) {\n return {\n loading: false,\n user: action.user,\n authChangeDetected,\n }\n } else {\n return {\n loading: false,\n user: action.user,\n authChangeDetected\n }\n }\n}\n\nexport const AuthProvider = (props: AuthProviderProps) => {\n const [authState, dispatchInner] = useReducer(authStateReducer, initialAuthState)\n const router = useRouter()\n\n const dispatch = useCallback((action: AuthStateAction) => {\n dispatchInner(action)\n saveUserToLocalStorage(action.user)\n }, [dispatchInner])\n\n // This is because we don't have a good way to trigger server components to reload outside of router.refresh()\n // Once server actions isn't alpha, we can hopefully use that instead\n useEffect(() => {\n if (authState.authChangeDetected) {\n router.refresh()\n }\n }, [authState.authChangeDetected, router])\n\n // Trigger an initial refresh\n useEffect(() => {\n let didCancel = false\n\n async function refreshAuthInfo() {\n const {user} = await apiGetUserInfo()\n if (!didCancel) {\n dispatch({user})\n }\n }\n\n refreshAuthInfo()\n return () => {\n didCancel = true\n }\n }, [])\n\n\n // Periodically refresh the token\n useEffect(() => {\n let didCancel = false\n\n async function refreshToken() {\n const {user} = await apiGetUserInfo()\n if (!didCancel) {\n dispatch({user})\n }\n }\n\n async function onStorageEvent(event: StorageEvent) {\n if (event.key === USER_INFO_KEY && !doesLocalStorageMatch(event.newValue, authState.user)) {\n await refreshToken()\n }\n }\n\n // TODO: Retry logic if the request fails\n const interval = setInterval(refreshToken, 5 * 60 * 1000)\n\n if (hasWindow()) {\n window.addEventListener(\"storage\", onStorageEvent)\n window.addEventListener(\"online\", refreshToken)\n window.addEventListener(\"focus\", refreshToken)\n }\n\n return () => {\n didCancel = true\n clearInterval(interval)\n if (hasWindow()) {\n window.removeEventListener(\"storage\", onStorageEvent)\n window.removeEventListener(\"online\", refreshToken)\n window.removeEventListener(\"focus\", refreshToken)\n }\n }\n }, [dispatch, authState.user])\n\n\n const logout = useCallback(async () => {\n await fetch(\"/api/auth/logout\", {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n },\n credentials: \"include\",\n })\n dispatch({user: undefined})\n }, [dispatch])\n\n const getLoginPageUrl = () => \"/api/auth/login\"\n const getSignupPageUrl = () => \"/api/auth/signup\"\n const getAccountPageUrl = useCallback(() => {\n return `${props.authUrl}/account`\n }, [props.authUrl])\n const getOrgPageUrl = useCallback(\n (orgId?: string) => {\n if (orgId) {\n return `${props.authUrl}/org?id=${orgId}`\n } else {\n return `${props.authUrl}/org`\n }\n },\n [props.authUrl]\n )\n const getCreateOrgPageUrl = useCallback(() => {\n return `${props.authUrl}/create_org`\n }, [props.authUrl])\n\n const getSetupSAMLPageUrl = useCallback(\n (orgId: string) => {\n return `${props.authUrl}/saml?id=${orgId}`\n },\n [props.authUrl]\n )\n\n const redirectTo = (url: string) => {\n window.location.href = url\n }\n\n const redirectToLoginPage = () => redirectTo(getLoginPageUrl())\n const redirectToSignupPage = () => redirectTo(getSignupPageUrl())\n const redirectToAccountPage = () => redirectTo(getAccountPageUrl())\n const redirectToOrgPage = (orgId?: string) => redirectTo(getOrgPageUrl(orgId))\n const redirectToCreateOrgPage = () => redirectTo(getCreateOrgPageUrl())\n const redirectToSetupSAMLPage = (orgId: string) => redirectTo(getSetupSAMLPageUrl(orgId))\n\n const refreshAuthInfo = async () => {\n const {user} = await apiGetUserInfo()\n dispatch({user})\n return user\n }\n\n const value = {\n loading: authState.loading,\n user: authState.user,\n logout,\n redirectToLoginPage,\n redirectToSignupPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n redirectToSetupSAMLPage,\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n refreshAuthInfo,\n }\n return <AuthContext.Provider value={value}>{props.children}</AuthContext.Provider>\n}\n\ntype UserInfoResponse = { user?: User }\n\nasync function apiGetUserInfo(): Promise<UserInfoResponse> {\n try {\n const userInfoResponse = await fetch(\"/api/auth/userinfo\", {\n method: \"GET\",\n headers: {\n \"Content-Type\": \"application/json\",\n },\n credentials: \"include\",\n })\n\n if (userInfoResponse.ok) {\n const userJson = await userInfoResponse.text()\n const user = User.fromJSON(userJson)\n return {user}\n } else if (userInfoResponse.status === 401) {\n return {user: undefined}\n } else {\n console.log(\"Failed to refresh token\", userInfoResponse)\n }\n } catch (e) {\n console.log(\"Failed to refresh token\", e)\n }\n throw new Error(\"Failed to refresh token\")\n}\n","import {User} from \"../user\";\n\nexport const USER_INFO_KEY = \"__PROPEL_AUTH_USER_INFO\"\n\nexport function hasWindow(): boolean {\n return typeof window !== \"undefined\"\n}\n\nexport function saveUserToLocalStorage(user: User | undefined) {\n if (user) {\n localStorage.setItem(USER_INFO_KEY, JSON.stringify(user))\n } else {\n localStorage.setItem(USER_INFO_KEY, \"{}\")\n }\n}\n\nexport function doesLocalStorageMatch(newValue: string | null, user: User | undefined): boolean {\n if (!newValue) {\n return false\n } else if (!user) {\n return newValue === \"{}\"\n }\n\n const parsed = JSON.parse(newValue)\n if (!parsed) {\n return false\n }\n\n return isEqual(parsed, user)\n}\n\n\nexport function isEqual(a: any, b: any): boolean {\n if (typeof a !== typeof b) {\n return false\n }\n\n if (Array.isArray(a) !== Array.isArray(b)) {\n return false\n }\n\n if (Array.isArray(a)) {\n const aArray = a as any[]\n const bArray = b as any[]\n if (aArray.length !== bArray.length) {\n return false\n }\n\n for (let i = 0; i < aArray.length; i++) {\n if (!isEqual(aArray[i], bArray[i])) {\n return false\n }\n }\n\n return true\n }\n\n if (typeof a === \"object\") {\n const aKeys = Object.keys(a)\n const bKeys = Object.keys(b)\n if (aKeys.length !== bKeys.length) {\n return false\n }\n\n for (const key of aKeys) {\n if (!isEqual(a[key], b[key])) {\n return false\n }\n }\n\n return true\n } else {\n return a === b\n }\n}","'use client'\n\nimport {useContext} from \"react\"\nimport {User} from \"../user\"\nimport {AuthContext} from \"./AuthProvider\"\n\nexport type UseUserLoading = {\n loading: true\n isLoggedIn: never\n user: never\n}\n\nexport type UseUserLoggedIn = {\n loading: false\n isLoggedIn: true\n user: User\n}\n\nexport type UseUserNotLoggedIn = {\n loading: false\n isLoggedIn: false\n user: undefined\n}\n\nexport type UseUser = UseUserLoading | UseUserLoggedIn | UseUserNotLoggedIn\n\nexport function useUser(): UseUser {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useUser must be used within an AuthProvider\")\n }\n\n const {loading, user} = context\n if (loading) {\n return {\n loading: true,\n isLoggedIn: undefined as never,\n user: undefined as never,\n }\n } else if (user) {\n return {\n loading: false,\n isLoggedIn: true,\n user,\n }\n } else {\n return {\n loading: false,\n isLoggedIn: false,\n user: undefined,\n }\n }\n}","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useHostedPageUrls() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useHostedPageUrls must be used within an AuthProvider\")\n }\n const {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n } = context\n return {\n getLoginPageUrl,\n getSignupPageUrl,\n getAccountPageUrl,\n getOrgPageUrl,\n getCreateOrgPageUrl,\n getSetupSAMLPageUrl,\n }\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useLogoutFunction() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useLogoutFunction must be used within an AuthProvider\")\n }\n const { logout } = context\n return logout\n}\n","import React, { useContext, useEffect } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRedirectFunctions() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useRedirectFunctions must be used within an AuthProvider\")\n }\n const {\n redirectToAccountPage,\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n } = context\n return {\n redirectToSignupPage,\n redirectToLoginPage,\n redirectToAccountPage,\n redirectToOrgPage,\n redirectToCreateOrgPage,\n }\n}\n\nexport interface RedirectProps {\n children?: React.ReactNode\n}\n\nexport function RedirectToSignup({ children }: RedirectProps) {\n const { redirectToSignupPage } = useRedirectFunctions()\n\n useEffect(() => {\n redirectToSignupPage()\n }, [])\n\n return <>{children}</>\n}\n\nexport function RedirectToLogin({ children }: RedirectProps) {\n const { redirectToLoginPage } = useRedirectFunctions()\n useEffect(() => {\n redirectToLoginPage()\n }, [])\n return <>{children}</>\n}\n","import { useContext } from \"react\"\nimport { AuthContext } from \"./AuthProvider\"\n\nexport function useRefreshAuth() {\n const context = useContext(AuthContext)\n if (context === undefined) {\n throw new Error(\"useRefreshAuth must be used within an AuthProvider\")\n }\n const { refreshAuthInfo } = context\n return refreshAuthInfo\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAAO,IAAM,OAAN,MAAW;AAAA,EAed,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAAoB;AACvC,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;;;ACzKA,OAAO,SAAQ,aAAa,WAAW,kBAAiB;;;ACAjD,IAAM,gBAAgB;AAEtB,SAAS,YAAqB;AACjC,SAAO,OAAO,WAAW;AAC7B;AAEO,SAAS,uBAAuB,MAAwB;AAC3D,MAAI,MAAM;AACN,iBAAa,QAAQ,eAAe,KAAK,UAAU,IAAI,CAAC;AAAA,EAC5D,OAAO;AACH,iBAAa,QAAQ,eAAe,IAAI;AAAA,EAC5C;AACJ;AAEO,SAAS,sBAAsB,UAAyB,MAAiC;AAC5F,MAAI,CAAC,UAAU;AACX,WAAO;AAAA,EACX,WAAW,CAAC,MAAM;AACd,WAAO,aAAa;AAAA,EACxB;AAEA,QAAM,SAAS,KAAK,MAAM,QAAQ;AAClC,MAAI,CAAC,QAAQ;AACT,WAAO;AAAA,EACX;AAEA,SAAO,QAAQ,QAAQ,IAAI;AAC/B;AAGO,SAAS,QAAQ,GAAQ,GAAiB;AAC7C,MAAI,OAAO,MAAM,OAAO,GAAG;AACvB,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,MAAM,MAAM,QAAQ,CAAC,GAAG;AACvC,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,QAAQ,CAAC,GAAG;AAClB,UAAM,SAAS;AACf,UAAM,SAAS;AACf,QAAI,OAAO,WAAW,OAAO,QAAQ;AACjC,aAAO;AAAA,IACX;AAEA,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACpC,UAAI,CAAC,QAAQ,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG;AAChC,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAEA,MAAI,OAAO,MAAM,UAAU;AACvB,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,UAAM,QAAQ,OAAO,KAAK,CAAC;AAC3B,QAAI,MAAM,WAAW,MAAM,QAAQ;AAC/B,aAAO;AAAA,IACX;AAEA,eAAW,OAAO,OAAO;AACrB,UAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,EAAE,GAAG,CAAC,GAAG;AAC1B,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX,OAAO;AACH,WAAO,MAAM;AAAA,EACjB;AACJ;;;ADrEA,SAAQ,iBAAgB;AAmCjB,IAAM,cAAc,MAAM,cAA6C,MAAS;AAWvF,IAAM,mBAAmB;AAAA,EACrB,SAAS;AAAA,EACT,MAAM;AAAA,EACN,oBAAoB;AACxB;AAMA,SAAS,iBAAiB,QAAmB,QAAoC;AAC7E,QAAM,qBAAqB,CAAC,OAAO,WAAW,CAAC,QAAQ,OAAO,MAAM,OAAO,IAAI;AAE/E,MAAI,CAAC,OAAO,MAAM;AACd,WAAO;AAAA,MACH,SAAS;AAAA,MACT,MAAM;AAAA,MACN;AAAA,IACJ;AAAA,EACJ,WAAW,OAAO,SAAS;AACvB,WAAO;AAAA,MACH,SAAS;AAAA,MACT,MAAM,OAAO;AAAA,MACb;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,MAAM,OAAO;AAAA,MACb;AAAA,IACJ;AAAA,EACJ;AACJ;AAEO,IAAM,eAAe,CAAC,UAA6B;AACtD,QAAM,CAAC,WAAW,aAAa,IAAI,WAAW,kBAAkB,gBAAgB;AAChF,QAAM,SAAS,UAAU;AAEzB,QAAM,WAAW,YAAY,CAAC,WAA4B;AACtD,kBAAc,MAAM;AACpB,2BAAuB,OAAO,IAAI;AAAA,EACtC,GAAG,CAAC,aAAa,CAAC;AAIlB,YAAU,MAAM;AACZ,QAAI,UAAU,oBAAoB;AAC9B,aAAO,QAAQ;AAAA,IACnB;AAAA,EACJ,GAAG,CAAC,UAAU,oBAAoB,MAAM,CAAC;AAGzC,YAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAeA,mBAAkB;AAAA;AAC7B,cAAM,EAAC,KAAI,IAAI,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,EAAC,KAAI,CAAC;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,IAAAA,iBAAgB;AAChB,WAAO,MAAM;AACT,kBAAY;AAAA,IAChB;AAAA,EACJ,GAAG,CAAC,CAAC;AAIL,YAAU,MAAM;AACZ,QAAI,YAAY;AAEhB,aAAe,eAAe;AAAA;AAC1B,cAAM,EAAC,KAAI,IAAI,MAAM,eAAe;AACpC,YAAI,CAAC,WAAW;AACZ,mBAAS,EAAC,KAAI,CAAC;AAAA,QACnB;AAAA,MACJ;AAAA;AAEA,aAAe,eAAe,OAAqB;AAAA;AAC/C,YAAI,MAAM,QAAQ,iBAAiB,CAAC,sBAAsB,MAAM,UAAU,UAAU,IAAI,GAAG;AACvF,gBAAM,aAAa;AAAA,QACvB;AAAA,MACJ;AAAA;AAGA,UAAM,WAAW,YAAY,cAAc,IAAI,KAAK,GAAI;AAExD,QAAI,UAAU,GAAG;AACb,aAAO,iBAAiB,WAAW,cAAc;AACjD,aAAO,iBAAiB,UAAU,YAAY;AAC9C,aAAO,iBAAiB,SAAS,YAAY;AAAA,IACjD;AAEA,WAAO,MAAM;AACT,kBAAY;AACZ,oBAAc,QAAQ;AACtB,UAAI,UAAU,GAAG;AACb,eAAO,oBAAoB,WAAW,cAAc;AACpD,eAAO,oBAAoB,UAAU,YAAY;AACjD,eAAO,oBAAoB,SAAS,YAAY;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,GAAG,CAAC,UAAU,UAAU,IAAI,CAAC;AAG7B,QAAM,SAAS,YAAY,MAAY;AACnC,UAAM,MAAM,oBAAoB;AAAA,MAC5B,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,gBAAgB;AAAA,MACpB;AAAA,MACA,aAAa;AAAA,IACjB,CAAC;AACD,aAAS,EAAC,MAAM,OAAS,CAAC;AAAA,EAC9B,IAAG,CAAC,QAAQ,CAAC;AAEb,QAAM,kBAAkB,MAAM;AAC9B,QAAM,mBAAmB,MAAM;AAC/B,QAAM,oBAAoB,YAAY,MAAM;AACxC,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAClB,QAAM,gBAAgB;AAAA,IAClB,CAAC,UAAmB;AAChB,UAAI,OAAO;AACP,eAAO,GAAG,MAAM,kBAAkB;AAAA,MACtC,OAAO;AACH,eAAO,GAAG,MAAM;AAAA,MACpB;AAAA,IACJ;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AACA,QAAM,sBAAsB,YAAY,MAAM;AAC1C,WAAO,GAAG,MAAM;AAAA,EACpB,GAAG,CAAC,MAAM,OAAO,CAAC;AAElB,QAAM,sBAAsB;AAAA,IACxB,CAAC,UAAkB;AACf,aAAO,GAAG,MAAM,mBAAmB;AAAA,IACvC;AAAA,IACA,CAAC,MAAM,OAAO;AAAA,EAClB;AAEA,QAAM,aAAa,CAAC,QAAgB;AAChC,WAAO,SAAS,OAAO;AAAA,EAC3B;AAEA,QAAM,sBAAsB,MAAM,WAAW,gBAAgB,CAAC;AAC9D,QAAM,uBAAuB,MAAM,WAAW,iBAAiB,CAAC;AAChE,QAAM,wBAAwB,MAAM,WAAW,kBAAkB,CAAC;AAClE,QAAM,oBAAoB,CAAC,UAAmB,WAAW,cAAc,KAAK,CAAC;AAC7E,QAAM,0BAA0B,MAAM,WAAW,oBAAoB,CAAC;AACtE,QAAM,0BAA0B,CAAC,UAAkB,WAAW,oBAAoB,KAAK,CAAC;AAExF,QAAM,kBAAkB,MAAY;AAChC,UAAM,EAAC,KAAI,IAAI,MAAM,eAAe;AACpC,aAAS,EAAC,KAAI,CAAC;AACf,WAAO;AAAA,EACX;AAEA,QAAM,QAAQ;AAAA,IACV,SAAS,UAAU;AAAA,IACnB,MAAM,UAAU;AAAA,IAChB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACA,SAAO,oCAAC,YAAY,UAAZ,EAAqB,SAAe,MAAM,QAAS;AAC/D;AAIA,SAAe,iBAA4C;AAAA;AACvD,QAAI;AACA,YAAM,mBAAmB,MAAM,MAAM,sBAAsB;AAAA,QACvD,QAAQ;AAAA,QACR,SAAS;AAAA,UACL,gBAAgB;AAAA,QACpB;AAAA,QACA,aAAa;AAAA,MACjB,CAAC;AAED,UAAI,iBAAiB,IAAI;AACrB,cAAM,WAAW,MAAM,iBAAiB,KAAK;AAC7C,cAAM,OAAO,KAAK,SAAS,QAAQ;AACnC,eAAO,EAAC,KAAI;AAAA,MAChB,WAAW,iBAAiB,WAAW,KAAK;AACxC,eAAO,EAAC,MAAM,OAAS;AAAA,MAC3B,OAAO;AACH,gBAAQ,IAAI,2BAA2B,gBAAgB;AAAA,MAC3D;AAAA,IACJ,SAAS,GAAP;AACE,cAAQ,IAAI,2BAA2B,CAAC;AAAA,IAC5C;AACA,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC7C;AAAA;;;AEhQA,SAAQ,kBAAiB;AAwBlB,SAAS,UAAmB;AAC/B,QAAM,UAAU,WAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EACjE;AAEA,QAAM,EAAC,SAAS,KAAI,IAAI;AACxB,MAAI,SAAS;AACT,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,IACV;AAAA,EACJ,WAAW,MAAM;AACb,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ;AAAA,IACJ;AAAA,EACJ,OAAO;AACH,WAAO;AAAA,MACH,SAAS;AAAA,MACT,YAAY;AAAA,MACZ,MAAM;AAAA,IACV;AAAA,EACJ;AACJ;;;ACpDA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,oBAAoB;AAChC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;;;ACxBA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,oBAAoB;AAChC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,SAAO;AACX;;;ACVA,OAAOC,UAAS,cAAAC,aAAY,aAAAC,kBAAiB;AAGtC,SAAS,uBAAuB;AACnC,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,0DAA0D;AAAA,EAC9E;AACA,QAAM;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,IAAI;AACJ,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAMO,SAAS,iBAAiB,EAAE,SAAS,GAAkB;AAC1D,QAAM,EAAE,qBAAqB,IAAI,qBAAqB;AAEtD,EAAAC,WAAU,MAAM;AACZ,yBAAqB;AAAA,EACzB,GAAG,CAAC,CAAC;AAEL,SAAO,gBAAAC,OAAA,cAAAA,OAAA,gBAAG,QAAS;AACvB;AAEO,SAAS,gBAAgB,EAAE,SAAS,GAAkB;AACzD,QAAM,EAAE,oBAAoB,IAAI,qBAAqB;AACrD,EAAAD,WAAU,MAAM;AACZ,wBAAoB;AAAA,EACxB,GAAG,CAAC,CAAC;AACL,SAAO,gBAAAC,OAAA,cAAAA,OAAA,gBAAG,QAAS;AACvB;;;AC5CA,SAAS,cAAAC,mBAAkB;AAGpB,SAAS,iBAAiB;AAC7B,QAAM,UAAUC,YAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACvB,UAAM,IAAI,MAAM,oDAAoD;AAAA,EACxE;AACA,QAAM,EAAE,gBAAgB,IAAI;AAC5B,SAAO;AACX;","names":["refreshAuthInfo","useContext","useContext","useContext","useContext","React","useContext","useEffect","useContext","useEffect","React","useContext","useContext"]}
package/dist/server/index.d.ts CHANGED
@@ -1,4 +1,5 @@
1
1
  import { NextRequest } from 'next/server';
2
+ import { GetServerSidePropsContext } from 'next';
2
3
 
3
4
  declare class User {
4
5
  userId: string;
@@ -56,6 +57,7 @@ declare class ConfigurationException extends Error {
56
57
  type ServerActions = {
57
58
  getUser: () => Promise<User | undefined>;
58
59
  getUserOrRedirect: () => Promise<User>;
60
+ getUserFromServerSideProps: (context: GetServerSidePropsContext) => Promise<User | undefined>;
59
61
  validateAccessToken: (accessToken: string) => Promise<User>;
60
62
  validateAccessTokenOrUndefined: (accessToken: string) => Promise<User | undefined>;
61
63
  getRouteHandler: (req: NextRequest, { params }: {
package/dist/server/index.js CHANGED
@@ -51,32 +51,13 @@ var __async = (__this, __arguments, generator) => {
51
51
  var server_exports = {};
52
52
  __export(server_exports, {
53
53
  ConfigurationException: () => ConfigurationException,
54
+ OrgMemberInfo: () => OrgMemberInfo,
54
55
  UnauthorizedException: () => UnauthorizedException,
56
+ User: () => User,
55
57
  initializeAuth: () => initializeAuth
56
58
  });
57
59
  module.exports = __toCommonJS(server_exports);
58
60
 
59
- // src/server/exceptions.ts
60
- var UnauthorizedException = class extends Error {
61
- constructor(message) {
62
- super(message);
63
- this.message = message;
64
- this.status = 401;
65
- }
66
- };
67
- var ConfigurationException = class extends Error {
68
- constructor(message) {
69
- super(message);
70
- this.message = message;
71
- this.status = 500;
72
- }
73
- };
74
-
75
- // src/server/server-actions.ts
76
- var jose = __toESM(require("jose"));
77
- var import_headers = require("next/headers");
78
- var import_navigation = require("next/navigation");
79
-
80
61
  // src/user.ts
81
62
  var User = class {
82
63
  constructor(userId, email, orgIdToOrgMemberInfo, firstName, lastName, username, legacyUserId, impersonatorUserId) {
@@ -217,7 +198,26 @@ function toOrgIdToOrgMemberInfo(snake_case) {
217
198
  return camelCase;
218
199
  }
219
200
 
201
+ // src/server/exceptions.ts
202
+ var UnauthorizedException = class extends Error {
203
+ constructor(message) {
204
+ super(message);
205
+ this.message = message;
206
+ this.status = 401;
207
+ }
208
+ };
209
+ var ConfigurationException = class extends Error {
210
+ constructor(message) {
211
+ super(message);
212
+ this.message = message;
213
+ this.status = 500;
214
+ }
215
+ };
216
+
220
217
  // src/server/server-actions.ts
218
+ var jose = __toESM(require("jose"));
219
+ var import_headers = require("next/headers");
220
+ var import_navigation = require("next/navigation");
221
221
  var import_server = require("next/server");
222
222
  var LOGIN_PATH = "/api/auth/login";
223
223
  var CALLBACK_PATH = "/api/auth/callback";
@@ -461,6 +461,38 @@ function getServerActions({
461
461
  return new Response(null, { status: 401 });
462
462
  });
463
463
  }
464
+ function getUserFromServerSideProps(props) {
465
+ return __async(this, null, function* () {
466
+ const accessToken = props.req.cookies[ACCESS_TOKEN_COOKIE_NAME];
467
+ const refreshToken = props.req.cookies[REFRESH_TOKEN_COOKIE_NAME];
468
+ if (accessToken) {
469
+ const user = yield validateAccessTokenOrUndefined(accessToken);
470
+ if (user) {
471
+ return user;
472
+ }
473
+ }
474
+ if (refreshToken) {
475
+ const response = yield refreshTokenWithAccessAndRefreshToken(refreshToken);
476
+ if (response.error === "unexpected") {
477
+ throw new Error("Unexpected error while refreshing access token");
478
+ } else if (response.error === "unauthorized") {
479
+ props.res.setHeader("Set-Cookie", [
480
+ `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,
481
+ `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
482
+ ]);
483
+ return void 0;
484
+ } else {
485
+ const user = yield validateAccessToken(response.accessToken);
486
+ props.res.setHeader("Set-Cookie", [
487
+ `${ACCESS_TOKEN_COOKIE_NAME}=${response.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,
488
+ `${REFRESH_TOKEN_COOKIE_NAME}=${response.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`
489
+ ]);
490
+ return user;
491
+ }
492
+ }
493
+ return void 0;
494
+ });
495
+ }
464
496
  function refreshTokenWithAccessAndRefreshToken(refreshToken) {
465
497
  return __async(this, null, function* () {
466
498
  const body = {
@@ -577,6 +609,7 @@ function getServerActions({
577
609
  return {
578
610
  getUser,
579
611
  getUserOrRedirect,
612
+ getUserFromServerSideProps,
580
613
  validateAccessToken,
581
614
  validateAccessTokenOrUndefined,
582
615
  getRouteHandler,
@@ -616,7 +649,9 @@ function initializeAuth(opts) {
616
649
  // Annotate the CommonJS export names for ESM import in node:
617
650
  0 && (module.exports = {
618
651
  ConfigurationException,
652
+ OrgMemberInfo,
619
653
  UnauthorizedException,
654
+ User,
620
655
  initializeAuth
621
656
  });
622
657
  //# sourceMappingURL=index.js.map
package/dist/server/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/server/index.ts","../../src/server/exceptions.ts","../../src/server/server-actions.ts","../../src/user.ts","../../src/server/validators.ts","../../src/server/auth.ts"],"sourcesContent":["export type {OrgIdToOrgMemberInfo, OrgMemberInfo, User} from \"../user\"\nexport {UnauthorizedException, ConfigurationException} from \"./exceptions\"\nexport type {ServerActions} from \"./server-actions\"\nexport {initializeAuth} from \"./auth\"\nexport type {InitializeAuthOptions} from \"./auth\"\nexport type {LoggedInProps, LoggedOutProps} from \"../status-types\"\n","export class UnauthorizedException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 401\n }\n}\n\nexport class ConfigurationException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 500\n }\n}\n","import * as jose from \"jose\"\nimport {cookies, headers} from \"next/headers\"\nimport {redirect} from \"next/navigation\"\nimport {ConfigurationException, UnauthorizedException} from \"./exceptions\"\nimport {InternalUser, OrgMemberInfo, toOrgIdToOrgMemberInfo, toUser, User} from \"../user\"\nimport {NextRequest, NextResponse} from \"next/server\";\nimport {ResponseCookie} from \"next/dist/compiled/@edge-runtime/cookies\";\n\ntype RefreshAndAccessTokens = {\n refreshToken: string\n accessToken: string\n error: \"none\"\n}\n\ntype RefreshAndAccessTokensUnauthorizedError = {\n error: \"unauthorized\"\n}\n\ntype RefreshAndAccessTokensUnexpectedError = {\n error: \"unexpected\"\n}\n\ntype RefreshTokenResponse = RefreshAndAccessTokens | RefreshAndAccessTokensUnauthorizedError | RefreshAndAccessTokensUnexpectedError\n\nexport const LOGIN_PATH = \"/api/auth/login\"\nexport const CALLBACK_PATH = \"/api/auth/callback\"\nexport const USERINFO_PATH= \"/api/auth/userinfo\"\nexport const LOGOUT_PATH = \"/api/auth/logout\"\nexport const ACCESS_TOKEN_COOKIE_NAME = \"__pa_at\"\nexport const REFRESH_TOKEN_COOKIE_NAME = \"__pa_rt\"\nexport const STATE_COOKIE_NAME = \"__pa_state\"\nexport const CUSTOM_HEADER_FOR_ACCESS_TOKEN = \"x-propelauth-access-token\"\n\nconst COOKIE_OPTIONS: Partial<ResponseCookie> = {\n httpOnly: true,\n sameSite: \"lax\",\n secure: true,\n path: \"/\",\n}\n\nexport type ServerActionArgs = {\n authUrlOrigin: string\n redirectUri: string\n integrationApiKey: string\n verifierKey: string\n postLoginPathFn: (user: User) => string\n}\n\n\nexport type ServerActions = {\n getUser: () => Promise<User | undefined>\n getUserOrRedirect: () => Promise<User>\n validateAccessToken: (accessToken: string) => Promise<User>\n validateAccessTokenOrUndefined: (accessToken: string) => Promise<User | undefined>\n getRouteHandler: (req: NextRequest, { params }: { params: { slug: string } }) => Response | Promise<Response>\n postRouteHandler: (req: NextRequest, { params }: { params: { slug: string } }) => Response | Promise<Response>\n authMiddleware: (req: NextRequest) => Promise<Response>\n}\n\nexport function getServerActions({\n authUrlOrigin,\n postLoginPathFn,\n verifierKey,\n integrationApiKey,\n redirectUri,\n}: ServerActionArgs): ServerActions {\n const publicKeyPromise = jose.importSPKI(verifierKey, \"RS256\")\n async function getUserOrRedirect(): Promise<User> {\n const user = await getUser()\n if (user) {\n return user\n } else {\n redirect(LOGIN_PATH)\n throw new Error(\"Redirecting to login\")\n }\n }\n\n async function getUser(): Promise<User | undefined> {\n const accessToken = headers().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || cookies().get(ACCESS_TOKEN_COOKIE_NAME)?.value\n if (accessToken) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return user\n }\n }\n return undefined\n }\n\n // Purpose of this middleware is just to keep the access token cookie alive\n // In an ideal world, this could be done in `getUser`, however, you can't\n // set a cookie in a server component.\n // There also doesn't seem to be any way right now to set a cookie in a\n // middleware and pass it forward (you can only set them on the response).\n // You CAN, however, pass in custom headers,\n // so we'll use CUSTOM_HEADER_FOR_ACCESS_TOKEN as a workaround\n async function authMiddleware(req: NextRequest): Promise<Response> {\n if (req.headers.has(CUSTOM_HEADER_FOR_ACCESS_TOKEN)) {\n throw new Error(`${CUSTOM_HEADER_FOR_ACCESS_TOKEN} is set which is for internal use only`)\n } else if (req.nextUrl.pathname === CALLBACK_PATH || req.nextUrl.pathname === LOGOUT_PATH) {\n // Don't do anything for the callback or logout paths, as they will modify the cookies themselves\n return NextResponse.next()\n }\n\n const accessToken = req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n const refreshToken = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n\n // For the userinfo endpoint, we want to get the most up-to-date info, so we'll refresh the access token\n if (req.nextUrl.pathname === USERINFO_PATH && refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === \"unexpected\") {\n throw new Error(\"Unexpected error while refreshing access token\")\n } else if (response.error === \"unauthorized\") {\n const headers = new Headers()\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n return new Response(\"Unauthorized\", {status: 401, headers})\n } else {\n const headers = new Headers(req.headers)\n // Pass along the new access token in a header since cookies don't work\n headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n const nextResponse = NextResponse.next({\n request: {\n headers\n }\n })\n nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n return nextResponse\n }\n }\n\n // If we are authenticated, we can continue\n if (accessToken) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return NextResponse.next()\n }\n }\n\n // Otherwise, we need to refresh the access token\n if (refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === \"unexpected\") {\n throw new Error(\"Unexpected error while refreshing access token\")\n } else if (response.error === \"unauthorized\") {\n const response = NextResponse.next()\n response.cookies.delete(ACCESS_TOKEN_COOKIE_NAME)\n response.cookies.delete(REFRESH_TOKEN_COOKIE_NAME)\n return response\n } else {\n const headers = new Headers(req.headers)\n // Pass along the new access token in a header since cookies don't work\n headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n const nextResponse = NextResponse.next({\n request: {\n headers\n }\n })\n nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n return nextResponse\n }\n }\n\n return NextResponse.next()\n }\n\n function getRouteHandler(req: NextRequest, { params }: { params: { slug: string } }) {\n if (params.slug === \"login\") {\n return loginGetHandler()\n } else if (params.slug === \"signup\") {\n return signupGetHandler()\n } else if (params.slug === \"callback\") {\n return callbackGetHandler(req)\n } else if (params.slug === \"userinfo\") {\n return userinfoGetHandler(req)\n } else {\n return new Response(\"\", { status: 404 })\n }\n }\n\n function postRouteHandler(req: NextRequest, { params }: { params: { slug: string } }) {\n if (params.slug === \"logout\") {\n return logoutPostHandler(req)\n } else {\n return new Response(\"\", { status: 404 })\n }\n }\n\n function loginGetHandler() {\n const state = randomState()\n const authorize_url =\n authUrlOrigin + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state\n return new Response(null, {\n status: 302,\n headers: {\n Location: authorize_url,\n \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n }\n })\n }\n\n function signupGetHandler() {\n const state = randomState()\n const authorize_url =\n authUrlOrigin + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state + \"&signup=true\"\n return new Response(null, {\n status: 302,\n headers: {\n Location: authorize_url,\n \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n }\n })\n }\n\n async function callbackGetHandler(req: NextRequest) {\n const oauthState = req.cookies.get(STATE_COOKIE_NAME)?.value\n if (!oauthState || oauthState.length !== 64) {\n console.log(\"No oauth state found\")\n return new Response(null, { status: 302, headers: { Location: LOGIN_PATH } })\n }\n\n const queryParams = req.nextUrl.searchParams\n const state = queryParams.get(\"state\")\n const code = queryParams.get(\"code\")\n if (state !== oauthState) {\n console.log(\"Mismatch between states, redirecting to login\")\n return new Response(null, { status: 302, headers: { Location: LOGIN_PATH } })\n }\n\n const oauth_token_body = {\n redirect_uri: redirectUri,\n code,\n }\n const url = `${authUrlOrigin}/propelauth/ssr/token`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(oauth_token_body),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + integrationApiKey,\n },\n })\n\n if (response.ok) {\n const data = await response.json()\n\n const accessToken = data.access_token\n const user = await validateAccessToken(accessToken)\n const path = postLoginPathFn(user)\n if (!path) {\n console.log(\"postLoginPathFn returned undefined\")\n return new Response(\"Unexpected error\", { status: 500 })\n }\n\n const headers = new Headers()\n headers.append(\"Location\", path)\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=${accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=${data.refresh_token}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n return new Response(null, {\n status: 302,\n headers\n })\n } else if (response.status === 401) {\n return new Response(\"Unexpected error\", { status: 500 })\n } else {\n return new Response(\"Unexpected error\", { status: 500 })\n }\n }\n\n async function userinfoGetHandler(req: NextRequest) {\n const accessToken = req.headers.get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n if (accessToken) {\n const path = `${authUrlOrigin}/propelauth/oauth/userinfo`\n const response = await fetch(path, {\n headers: {\n \"Content-Type\": \"application/json\",\n \"Authorization\": \"Bearer \" + accessToken,\n }\n })\n if (response.ok) {\n const data = await response.json()\n\n const user = new User(\n data.user_id,\n data.email,\n toOrgIdToOrgMemberInfo(data.org_id_to_org_info),\n data.first_name,\n data.last_name,\n data.username,\n data.legacy_user_id,\n data.impersonator_user_id,\n )\n\n return new Response(JSON.stringify(user), {\n status: 200,\n headers: {\n \"Content-Type\": \"application/json\",\n }\n })\n } else if (response.status === 401) {\n return new Response(null, { status: 401 })\n } else {\n return new Response(null, { status: 500 })\n }\n }\n return new Response(null, { status: 401 })\n }\n\n async function refreshTokenWithAccessAndRefreshToken(refreshToken: string): Promise<RefreshTokenResponse> {\n const body = {\n refresh_token: refreshToken,\n }\n const url = `${authUrlOrigin}/api/backend/v1/refresh_token`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(body),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + integrationApiKey,\n },\n })\n\n if (response.ok) {\n const data = await response.json()\n const newRefreshToken = data.refresh_token\n const {\n access_token: accessToken,\n expires_at_seconds: expiresAtSeconds,\n } = data.access_token\n\n return {\n refreshToken: newRefreshToken,\n accessToken,\n error: \"none\",\n }\n } else if (response.status === 400) {\n return { error: \"unauthorized\" }\n } else {\n return { error: \"unexpected\" }\n }\n }\n\n async function logoutPostHandler(req: NextRequest) {\n const refresh_token = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n if (!refresh_token) {\n const headers = new Headers()\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n return new Response(null, { status: 200, headers })\n }\n\n const logoutBody = { refresh_token }\n const url = `${authUrlOrigin}/api/backend/v1/logout`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(logoutBody),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + integrationApiKey,\n },\n })\n\n if (!response.ok) {\n console.log(\n \"Unable to logout, clearing cookies and continuing anyway\",\n response.status,\n response.statusText\n )\n }\n const headers = new Headers()\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n return new Response(null, { status: 200, headers })\n }\n\n async function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<User | undefined> {\n try {\n return await validateAccessToken(accessToken)\n } catch (err) {\n if (err instanceof ConfigurationException) {\n throw err\n } else if (err instanceof UnauthorizedException) {\n return undefined\n } else {\n console.log(\"Error validating access token\", err)\n return undefined\n }\n }\n }\n\n async function validateAccessToken(accessToken: string | undefined): Promise<User> {\n let publicKey\n try {\n publicKey = await publicKeyPromise\n } catch (err) {\n console.error(\"Verifier key is invalid. Make sure it's specified correctly, including the newlines.\", err)\n throw new ConfigurationException(\"Invalid verifier key\")\n }\n\n if (!accessToken) {\n throw new UnauthorizedException(\"No access token provided\")\n }\n\n let accessTokenWithoutBearer = accessToken\n if (accessToken.toLowerCase().startsWith(\"bearer \")) {\n accessTokenWithoutBearer = accessToken.substring(\"bearer \".length)\n }\n\n try {\n const { payload } = await jose.jwtVerify(accessTokenWithoutBearer, publicKey, {\n issuer: authUrlOrigin,\n algorithms: [\"RS256\"],\n })\n\n return toUser(<InternalUser>payload)\n } catch (e) {\n if (e instanceof Error) {\n throw new UnauthorizedException(e.message)\n } else {\n throw new UnauthorizedException(\"Unable to decode jwt\")\n }\n }\n }\n\n return {\n getUser,\n getUserOrRedirect,\n validateAccessToken,\n validateAccessTokenOrUndefined,\n getRouteHandler,\n postRouteHandler,\n authMiddleware,\n }\n}\n\nfunction randomState(): string {\n const randomBytes = crypto.getRandomValues(new Uint8Array(32))\n return Array.from(randomBytes)\n .map((b) => b.toString(16).padStart(2, \"0\"))\n .join(\"\")\n}","export class User {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): User {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new User(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n private userAssignedRole: string\n private userInheritedRolesPlusCurrentRole: string[]\n private userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): User {\n return new User(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","export function validateAuthUrl(authUrl: string): URL {\n try {\n return new URL(authUrl)\n } catch (e) {\n console.error(\"Invalid authUrl\", e)\n throw new Error(\"Unable to initialize auth client\")\n }\n}\n","import { getServerActions } from \"./server-actions\"\nimport { User } from \"../user\"\nimport { validateAuthUrl } from \"./validators\"\n\nexport type InitializeAuthOptions = {\n authUrl: string\n redirectUri: string\n integrationApiKey: string\n verifierKey: string\n postLoginRedirectPathFn?: (user: User) => string\n}\n\nexport function initializeAuth(opts: InitializeAuthOptions) {\n const authUrl = validateAuthUrl(opts.authUrl).origin\n const postLoginPathFn =\n opts.postLoginRedirectPathFn ||\n function () {\n return \"/\"\n }\n\n return getServerActions({\n authUrlOrigin: authUrl,\n verifierKey: opts.verifierKey,\n redirectUri: opts.redirectUri,\n integrationApiKey: opts.integrationApiKey,\n postLoginPathFn,\n })\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAO,IAAM,wBAAN,cAAoC,MAAM;AAAA,EAI7C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;AAEO,IAAM,yBAAN,cAAqC,MAAM;AAAA,EAI9C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;;;ACpBA,WAAsB;AACtB,qBAA+B;AAC/B,wBAAuB;;;ACFhB,IAAM,OAAN,MAAW;AAAA,EAed,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAAoB;AACvC,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA2BO,SAAS,OAAO,YAAgC;AACnD,SAAO,IAAI;AAAA,IACP,WAAW;AAAA,IACX,WAAW;AAAA,IACX,uBAAuB,WAAW,yBAAyB;AAAA,IAC3D,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,EACf;AACJ;AAEO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;ADtOA,oBAAwC;AAmBjC,IAAM,aAAa;AACnB,IAAM,gBAAgB;AACtB,IAAM,gBAAe;AACrB,IAAM,cAAc;AACpB,IAAM,2BAA2B;AACjC,IAAM,4BAA4B;AAClC,IAAM,oBAAoB;AAC1B,IAAM,iCAAiC;AAE9C,IAAM,iBAA0C;AAAA,EAC5C,UAAU;AAAA,EACV,UAAU;AAAA,EACV,QAAQ;AAAA,EACR,MAAM;AACV;AAqBO,SAAS,iBAAiB;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACJ,GAAoC;AAChC,QAAM,mBAAwB,gBAAW,aAAa,OAAO;AAC7D,WAAe,oBAAmC;AAAA;AAC9C,YAAM,OAAO,MAAM,QAAQ;AAC3B,UAAI,MAAM;AACN,eAAO;AAAA,MACX,OAAO;AACH,wCAAS,UAAU;AACnB,cAAM,IAAI,MAAM,sBAAsB;AAAA,MAC1C;AAAA,IACJ;AAAA;AAEA,WAAe,UAAqC;AAAA;AA7ExD;AA8EQ,YAAM,kBAAc,wBAAQ,EAAE,IAAI,8BAA8B,OAAK,iCAAQ,EAAE,IAAI,wBAAwB,MAAtC,mBAAyC;AAC9G,UAAI,aAAa;AACb,cAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,YAAI,MAAM;AACN,iBAAO;AAAA,QACX;AAAA,MACJ;AACA,aAAO;AAAA,IACX;AAAA;AASA,WAAe,eAAe,KAAqC;AAAA;AA/FvE;AAgGQ,UAAI,IAAI,QAAQ,IAAI,8BAA8B,GAAG;AACjD,cAAM,IAAI,MAAM,GAAG,sEAAsE;AAAA,MAC7F,WAAW,IAAI,QAAQ,aAAa,iBAAiB,IAAI,QAAQ,aAAa,aAAa;AAEvF,eAAO,2BAAa,KAAK;AAAA,MAC7B;AAEA,YAAM,eAAc,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAC/D,YAAM,gBAAe,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAGjE,UAAI,IAAI,QAAQ,aAAa,iBAAiB,cAAc;AACxD,cAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,YAAI,SAAS,UAAU,cAAc;AACjC,gBAAM,IAAI,MAAM,gDAAgD;AAAA,QACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,gBAAMA,WAAU,IAAI,QAAQ;AAC5B,UAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,UAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,iBAAO,IAAI,SAAS,gBAAgB,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,QAC9D,OAAO;AACH,gBAAMA,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,UAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,gBAAM,eAAe,2BAAa,KAAK;AAAA,YACnC,SAAS;AAAA,cACL,SAAAA;AAAA,YACJ;AAAA,UACJ,CAAC;AACD,uBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,uBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,iBAAO;AAAA,QACX;AAAA,MACJ;AAGA,UAAI,aAAa;AACb,cAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,YAAI,MAAM;AACN,iBAAO,2BAAa,KAAK;AAAA,QAC7B;AAAA,MACJ;AAGA,UAAI,cAAc;AACd,cAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,YAAI,SAAS,UAAU,cAAc;AACjC,gBAAM,IAAI,MAAM,gDAAgD;AAAA,QACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,gBAAMC,YAAW,2BAAa,KAAK;AACnC,UAAAA,UAAS,QAAQ,OAAO,wBAAwB;AAChD,UAAAA,UAAS,QAAQ,OAAO,yBAAyB;AACjD,iBAAOA;AAAA,QACX,OAAO;AACH,gBAAMD,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,UAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,gBAAM,eAAe,2BAAa,KAAK;AAAA,YACnC,SAAS;AAAA,cACL,SAAAA;AAAA,YACJ;AAAA,UACJ,CAAC;AACD,uBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,uBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,iBAAO;AAAA,QACX;AAAA,MACJ;AAEA,aAAO,2BAAa,KAAK;AAAA,IAC7B;AAAA;AAEA,WAAS,gBAAgB,KAAkB,EAAE,OAAO,GAAiC;AACjF,QAAI,OAAO,SAAS,SAAS;AACzB,aAAO,gBAAgB;AAAA,IAC3B,WAAW,OAAO,SAAS,UAAU;AACjC,aAAO,iBAAiB;AAAA,IAC5B,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC3C;AAAA,EACJ;AAEA,WAAS,iBAAiB,KAAkB,EAAE,OAAO,GAAiC;AAClF,QAAI,OAAO,SAAS,UAAU;AAC1B,aAAO,kBAAkB,GAAG;AAAA,IAChC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC3C;AAAA,EACJ;AAEA,WAAS,kBAAkB;AACvB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,gBAAgB,4CAA4C,cAAc,YAAY;AAC1F,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAS,mBAAmB;AACxB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,gBAAgB,4CAA4C,cAAc,YAAY,QAAQ;AAClG,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AAvNxD;AAwNQ,YAAM,cAAa,SAAI,QAAQ,IAAI,iBAAiB,MAAjC,mBAAoC;AACvD,UAAI,CAAC,cAAc,WAAW,WAAW,IAAI;AACzC,gBAAQ,IAAI,sBAAsB;AAClC,eAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAS,EAAE,UAAU,WAAW,EAAE,CAAC;AAAA,MAChF;AAEA,YAAM,cAAc,IAAI,QAAQ;AAChC,YAAM,QAAQ,YAAY,IAAI,OAAO;AACrC,YAAM,OAAO,YAAY,IAAI,MAAM;AACnC,UAAI,UAAU,YAAY;AACtB,gBAAQ,IAAI,+CAA+C;AAC3D,eAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAS,EAAE,UAAU,WAAW,EAAE,CAAC;AAAA,MAChF;AAEA,YAAM,mBAAmB;AAAA,QACrB,cAAc;AAAA,QACd;AAAA,MACJ;AACA,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,gBAAgB;AAAA,QACrC,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,SAAS,IAAI;AACb,cAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,cAAM,cAAc,KAAK;AACzB,cAAM,OAAO,MAAM,oBAAoB,WAAW;AAClD,cAAM,OAAO,gBAAgB,IAAI;AACjC,YAAI,CAAC,MAAM;AACP,kBAAQ,IAAI,oCAAoC;AAChD,iBAAO,IAAI,SAAS,oBAAoB,EAAE,QAAQ,IAAI,CAAC;AAAA,QAC3D;AAEA,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,YAAY,IAAI;AAC/B,QAAAA,SAAQ,OAAO,cAAc,GAAG,4BAA4B,qDAAqD;AACjH,QAAAA,SAAQ,OAAO,cAAc,GAAG,6BAA6B,KAAK,uDAAuD;AACzH,eAAO,IAAI,SAAS,MAAM;AAAA,UACtB,QAAQ;AAAA,UACR,SAAAA;AAAA,QACJ,CAAC;AAAA,MACL,WAAW,SAAS,WAAW,KAAK;AAChC,eAAO,IAAI,SAAS,oBAAoB,EAAE,QAAQ,IAAI,CAAC;AAAA,MAC3D,OAAO;AACH,eAAO,IAAI,SAAS,oBAAoB,EAAE,QAAQ,IAAI,CAAC;AAAA,MAC3D;AAAA,IACJ;AAAA;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AA9QxD;AA+QQ,YAAM,cAAc,IAAI,QAAQ,IAAI,8BAA8B,OAAK,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAClH,UAAI,aAAa;AACb,cAAM,OAAO,GAAG;AAChB,cAAM,WAAW,MAAM,MAAM,MAAM;AAAA,UAC/B,SAAS;AAAA,YACL,gBAAgB;AAAA,YAChB,iBAAiB,YAAY;AAAA,UACjC;AAAA,QACJ,CAAC;AACD,YAAI,SAAS,IAAI;AACb,gBAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,gBAAM,OAAO,IAAI;AAAA,YACb,KAAK;AAAA,YACL,KAAK;AAAA,YACL,uBAAuB,KAAK,kBAAkB;AAAA,YAC9C,KAAK;AAAA,YACL,KAAK;AAAA,YACL,KAAK;AAAA,YACL,KAAK;AAAA,YACL,KAAK;AAAA,UACT;AAEA,iBAAO,IAAI,SAAS,KAAK,UAAU,IAAI,GAAG;AAAA,YACtC,QAAQ;AAAA,YACR,SAAS;AAAA,cACL,gBAAgB;AAAA,YACpB;AAAA,UACJ,CAAC;AAAA,QACL,WAAW,SAAS,WAAW,KAAK;AAChC,iBAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,CAAC;AAAA,QAC7C,OAAO;AACH,iBAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,CAAC;AAAA,QAC7C;AAAA,MACJ;AACA,aAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC7C;AAAA;AAEA,WAAe,sCAAsC,cAAqD;AAAA;AACtG,YAAM,OAAO;AAAA,QACT,eAAe;AAAA,MACnB;AACA,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,IAAI;AAAA,QACzB,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,SAAS,IAAI;AACb,cAAM,OAAO,MAAM,SAAS,KAAK;AACjC,cAAM,kBAAkB,KAAK;AAC7B,cAAM;AAAA,UACF,cAAc;AAAA,UACd,oBAAoB;AAAA,QACxB,IAAI,KAAK;AAET,eAAO;AAAA,UACH,cAAc;AAAA,UACd;AAAA,UACA,OAAO;AAAA,QACX;AAAA,MACJ,WAAW,SAAS,WAAW,KAAK;AAChC,eAAO,EAAE,OAAO,eAAe;AAAA,MACnC,OAAO;AACH,eAAO,EAAE,OAAO,aAAa;AAAA,MACjC;AAAA,IACJ;AAAA;AAEA,WAAe,kBAAkB,KAAkB;AAAA;AAvVvD;AAwVQ,YAAM,iBAAgB,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAClE,UAAI,CAAC,eAAe;AAChB,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,QAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,eAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAAA,SAAQ,CAAC;AAAA,MACtD;AAEA,YAAM,aAAa,EAAE,cAAc;AACnC,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,UAAU;AAAA,QAC/B,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AACd,gBAAQ;AAAA,UACJ;AAAA,UACA,SAAS;AAAA,UACT,SAAS;AAAA,QACb;AAAA,MACJ;AACA,YAAMA,WAAU,IAAI,QAAQ;AAC5B,MAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,MAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,aAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAAA,SAAQ,CAAC;AAAA,IACtD;AAAA;AAEA,WAAe,+BAA+B,aAA4D;AAAA;AACtG,UAAI;AACA,eAAO,MAAM,oBAAoB,WAAW;AAAA,MAChD,SAAS,KAAP;AACE,YAAI,eAAe,wBAAwB;AACvC,gBAAM;AAAA,QACV,WAAW,eAAe,uBAAuB;AAC7C,iBAAO;AAAA,QACX,OAAO;AACH,kBAAQ,IAAI,iCAAiC,GAAG;AAChD,iBAAO;AAAA,QACX;AAAA,MACJ;AAAA,IACJ;AAAA;AAEA,WAAe,oBAAoB,aAAgD;AAAA;AAC/E,UAAI;AACJ,UAAI;AACA,oBAAY,MAAM;AAAA,MACtB,SAAS,KAAP;AACE,gBAAQ,MAAM,wFAAwF,GAAG;AACzG,cAAM,IAAI,uBAAuB,sBAAsB;AAAA,MAC3D;AAEA,UAAI,CAAC,aAAa;AACd,cAAM,IAAI,sBAAsB,0BAA0B;AAAA,MAC9D;AAEA,UAAI,2BAA2B;AAC/B,UAAI,YAAY,YAAY,EAAE,WAAW,SAAS,GAAG;AACjD,mCAA2B,YAAY,UAAU,UAAU,MAAM;AAAA,MACrE;AAEA,UAAI;AACA,cAAM,EAAE,QAAQ,IAAI,MAAW,eAAU,0BAA0B,WAAW;AAAA,UAC1E,QAAQ;AAAA,UACR,YAAY,CAAC,OAAO;AAAA,QACxB,CAAC;AAED,eAAO,OAAqB,OAAO;AAAA,MACvC,SAAS,GAAP;AACE,YAAI,aAAa,OAAO;AACpB,gBAAM,IAAI,sBAAsB,EAAE,OAAO;AAAA,QAC7C,OAAO;AACH,gBAAM,IAAI,sBAAsB,sBAAsB;AAAA,QAC1D;AAAA,MACJ;AAAA,IACJ;AAAA;AAEA,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAEA,SAAS,cAAsB;AAC3B,QAAM,cAAc,OAAO,gBAAgB,IAAI,WAAW,EAAE,CAAC;AAC7D,SAAO,MAAM,KAAK,WAAW,EACxB,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAC1C,KAAK,EAAE;AAChB;;;AEzbO,SAAS,gBAAgB,SAAsB;AAClD,MAAI;AACA,WAAO,IAAI,IAAI,OAAO;AAAA,EAC1B,SAAS,GAAP;AACE,YAAQ,MAAM,mBAAmB,CAAC;AAClC,UAAM,IAAI,MAAM,kCAAkC;AAAA,EACtD;AACJ;;;ACKO,SAAS,eAAe,MAA6B;AACxD,QAAM,UAAU,gBAAgB,KAAK,OAAO,EAAE;AAC9C,QAAM,kBACF,KAAK,2BACL,WAAY;AACR,WAAO;AAAA,EACX;AAEJ,SAAO,iBAAiB;AAAA,IACpB,eAAe;AAAA,IACf,aAAa,KAAK;AAAA,IAClB,aAAa,KAAK;AAAA,IAClB,mBAAmB,KAAK;AAAA,IACxB;AAAA,EACJ,CAAC;AACL;","names":["headers","response"]}
1
+ {"version":3,"sources":["../../src/server/index.ts","../../src/user.ts","../../src/server/exceptions.ts","../../src/server/server-actions.ts","../../src/server/validators.ts","../../src/server/auth.ts"],"sourcesContent":["export type {OrgIdToOrgMemberInfo} from \"../user\"\nexport {User, OrgMemberInfo} from \"../user\"\nexport {UnauthorizedException, ConfigurationException} from \"./exceptions\"\nexport type {ServerActions} from \"./server-actions\"\nexport {initializeAuth} from \"./auth\"\nexport type {InitializeAuthOptions} from \"./auth\"\nexport type {LoggedInProps, LoggedOutProps} from \"../status-types\"\n","export class User {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): User {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new User(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n private userAssignedRole: string\n private userInheritedRolesPlusCurrentRole: string[]\n private userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): User {\n return new User(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","export class UnauthorizedException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 401\n }\n}\n\nexport class ConfigurationException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 500\n }\n}\n","import * as jose from \"jose\"\nimport {cookies, headers} from \"next/headers\"\nimport {redirect} from \"next/navigation\"\nimport {ConfigurationException, UnauthorizedException} from \"./exceptions\"\nimport {InternalUser, OrgMemberInfo, toOrgIdToOrgMemberInfo, toUser, User} from \"../user\"\nimport {NextRequest, NextResponse} from \"next/server\";\nimport {ResponseCookie} from \"next/dist/compiled/@edge-runtime/cookies\";\nimport {GetServerSidePropsContext} from \"next\";\n\ntype RefreshAndAccessTokens = {\n refreshToken: string\n accessToken: string\n error: \"none\"\n}\n\ntype RefreshAndAccessTokensUnauthorizedError = {\n error: \"unauthorized\"\n}\n\ntype RefreshAndAccessTokensUnexpectedError = {\n error: \"unexpected\"\n}\n\ntype RefreshTokenResponse = RefreshAndAccessTokens | RefreshAndAccessTokensUnauthorizedError | RefreshAndAccessTokensUnexpectedError\n\nexport const LOGIN_PATH = \"/api/auth/login\"\nexport const CALLBACK_PATH = \"/api/auth/callback\"\nexport const USERINFO_PATH= \"/api/auth/userinfo\"\nexport const LOGOUT_PATH = \"/api/auth/logout\"\nexport const ACCESS_TOKEN_COOKIE_NAME = \"__pa_at\"\nexport const REFRESH_TOKEN_COOKIE_NAME = \"__pa_rt\"\nexport const STATE_COOKIE_NAME = \"__pa_state\"\nexport const CUSTOM_HEADER_FOR_ACCESS_TOKEN = \"x-propelauth-access-token\"\n\nconst COOKIE_OPTIONS: Partial<ResponseCookie> = {\n httpOnly: true,\n sameSite: \"lax\",\n secure: true,\n path: \"/\",\n}\n\nexport type ServerActionArgs = {\n authUrlOrigin: string\n redirectUri: string\n integrationApiKey: string\n verifierKey: string\n postLoginPathFn: (user: User) => string\n}\n\n\nexport type ServerActions = {\n getUser: () => Promise<User | undefined>\n getUserOrRedirect: () => Promise<User>\n getUserFromServerSideProps: (context: GetServerSidePropsContext) => Promise<User | undefined>\n validateAccessToken: (accessToken: string) => Promise<User>\n validateAccessTokenOrUndefined: (accessToken: string) => Promise<User | undefined>\n getRouteHandler: (req: NextRequest, { params }: { params: { slug: string } }) => Response | Promise<Response>\n postRouteHandler: (req: NextRequest, { params }: { params: { slug: string } }) => Response | Promise<Response>\n authMiddleware: (req: NextRequest) => Promise<Response>\n}\n\nexport function getServerActions({\n authUrlOrigin,\n postLoginPathFn,\n verifierKey,\n integrationApiKey,\n redirectUri,\n}: ServerActionArgs): ServerActions {\n const publicKeyPromise = jose.importSPKI(verifierKey, \"RS256\")\n async function getUserOrRedirect(): Promise<User> {\n const user = await getUser()\n if (user) {\n return user\n } else {\n redirect(LOGIN_PATH)\n throw new Error(\"Redirecting to login\")\n }\n }\n\n async function getUser(): Promise<User | undefined> {\n const accessToken = headers().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || cookies().get(ACCESS_TOKEN_COOKIE_NAME)?.value\n if (accessToken) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return user\n }\n }\n return undefined\n }\n\n // Purpose of this middleware is just to keep the access token cookie alive\n // In an ideal world, this could be done in `getUser`, however, you can't\n // set a cookie in a server component.\n // There also doesn't seem to be any way right now to set a cookie in a\n // middleware and pass it forward (you can only set them on the response).\n // You CAN, however, pass in custom headers,\n // so we'll use CUSTOM_HEADER_FOR_ACCESS_TOKEN as a workaround\n async function authMiddleware(req: NextRequest): Promise<Response> {\n if (req.headers.has(CUSTOM_HEADER_FOR_ACCESS_TOKEN)) {\n throw new Error(`${CUSTOM_HEADER_FOR_ACCESS_TOKEN} is set which is for internal use only`)\n } else if (req.nextUrl.pathname === CALLBACK_PATH || req.nextUrl.pathname === LOGOUT_PATH) {\n // Don't do anything for the callback or logout paths, as they will modify the cookies themselves\n return NextResponse.next()\n }\n\n const accessToken = req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n const refreshToken = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n\n // For the userinfo endpoint, we want to get the most up-to-date info, so we'll refresh the access token\n if (req.nextUrl.pathname === USERINFO_PATH && refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === \"unexpected\") {\n throw new Error(\"Unexpected error while refreshing access token\")\n } else if (response.error === \"unauthorized\") {\n const headers = new Headers()\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n return new Response(\"Unauthorized\", {status: 401, headers})\n } else {\n const headers = new Headers(req.headers)\n // Pass along the new access token in a header since cookies don't work\n headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n const nextResponse = NextResponse.next({\n request: {\n headers\n }\n })\n nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n return nextResponse\n }\n }\n\n // If we are authenticated, we can continue\n if (accessToken) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return NextResponse.next()\n }\n }\n\n // Otherwise, we need to refresh the access token\n if (refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === \"unexpected\") {\n throw new Error(\"Unexpected error while refreshing access token\")\n } else if (response.error === \"unauthorized\") {\n const response = NextResponse.next()\n response.cookies.delete(ACCESS_TOKEN_COOKIE_NAME)\n response.cookies.delete(REFRESH_TOKEN_COOKIE_NAME)\n return response\n } else {\n const headers = new Headers(req.headers)\n // Pass along the new access token in a header since cookies don't work\n headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n const nextResponse = NextResponse.next({\n request: {\n headers\n }\n })\n nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n return nextResponse\n }\n }\n\n return NextResponse.next()\n }\n\n function getRouteHandler(req: NextRequest, { params }: { params: { slug: string } }) {\n if (params.slug === \"login\") {\n return loginGetHandler()\n } else if (params.slug === \"signup\") {\n return signupGetHandler()\n } else if (params.slug === \"callback\") {\n return callbackGetHandler(req)\n } else if (params.slug === \"userinfo\") {\n return userinfoGetHandler(req)\n } else {\n return new Response(\"\", { status: 404 })\n }\n }\n\n function postRouteHandler(req: NextRequest, { params }: { params: { slug: string } }) {\n if (params.slug === \"logout\") {\n return logoutPostHandler(req)\n } else {\n return new Response(\"\", { status: 404 })\n }\n }\n\n function loginGetHandler() {\n const state = randomState()\n const authorize_url =\n authUrlOrigin + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state\n return new Response(null, {\n status: 302,\n headers: {\n Location: authorize_url,\n \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n }\n })\n }\n\n function signupGetHandler() {\n const state = randomState()\n const authorize_url =\n authUrlOrigin + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state + \"&signup=true\"\n return new Response(null, {\n status: 302,\n headers: {\n Location: authorize_url,\n \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n }\n })\n }\n\n async function callbackGetHandler(req: NextRequest) {\n const oauthState = req.cookies.get(STATE_COOKIE_NAME)?.value\n if (!oauthState || oauthState.length !== 64) {\n console.log(\"No oauth state found\")\n return new Response(null, { status: 302, headers: { Location: LOGIN_PATH } })\n }\n\n const queryParams = req.nextUrl.searchParams\n const state = queryParams.get(\"state\")\n const code = queryParams.get(\"code\")\n if (state !== oauthState) {\n console.log(\"Mismatch between states, redirecting to login\")\n return new Response(null, { status: 302, headers: { Location: LOGIN_PATH } })\n }\n\n const oauth_token_body = {\n redirect_uri: redirectUri,\n code,\n }\n const url = `${authUrlOrigin}/propelauth/ssr/token`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(oauth_token_body),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + integrationApiKey,\n },\n })\n\n if (response.ok) {\n const data = await response.json()\n\n const accessToken = data.access_token\n const user = await validateAccessToken(accessToken)\n const path = postLoginPathFn(user)\n if (!path) {\n console.log(\"postLoginPathFn returned undefined\")\n return new Response(\"Unexpected error\", { status: 500 })\n }\n\n const headers = new Headers()\n headers.append(\"Location\", path)\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=${accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=${data.refresh_token}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n return new Response(null, {\n status: 302,\n headers\n })\n } else if (response.status === 401) {\n return new Response(\"Unexpected error\", { status: 500 })\n } else {\n return new Response(\"Unexpected error\", { status: 500 })\n }\n }\n\n async function userinfoGetHandler(req: NextRequest) {\n const accessToken = req.headers.get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n if (accessToken) {\n const path = `${authUrlOrigin}/propelauth/oauth/userinfo`\n const response = await fetch(path, {\n headers: {\n \"Content-Type\": \"application/json\",\n \"Authorization\": \"Bearer \" + accessToken,\n }\n })\n if (response.ok) {\n const data = await response.json()\n\n const user = new User(\n data.user_id,\n data.email,\n toOrgIdToOrgMemberInfo(data.org_id_to_org_info),\n data.first_name,\n data.last_name,\n data.username,\n data.legacy_user_id,\n data.impersonator_user_id,\n )\n\n return new Response(JSON.stringify(user), {\n status: 200,\n headers: {\n \"Content-Type\": \"application/json\",\n }\n })\n } else if (response.status === 401) {\n return new Response(null, { status: 401 })\n } else {\n return new Response(null, { status: 500 })\n }\n }\n return new Response(null, { status: 401 })\n }\n\n async function getUserFromServerSideProps(props: GetServerSidePropsContext) {\n const accessToken = props.req.cookies[ACCESS_TOKEN_COOKIE_NAME]\n const refreshToken = props.req.cookies[REFRESH_TOKEN_COOKIE_NAME]\n\n // If we are authenticated, we can continue\n if (accessToken) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return user\n }\n }\n\n // Otherwise, we need to refresh the access token\n if (refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === \"unexpected\") {\n throw new Error(\"Unexpected error while refreshing access token\")\n } else if (response.error === \"unauthorized\") {\n props.res.setHeader(\"Set-Cookie\", [\n `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n ])\n return undefined\n } else {\n const user = await validateAccessToken(response.accessToken)\n props.res.setHeader(\"Set-Cookie\", [\n `${ACCESS_TOKEN_COOKIE_NAME}=${response.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n `${REFRESH_TOKEN_COOKIE_NAME}=${response.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n ])\n return user\n }\n }\n\n return undefined\n }\n\n async function refreshTokenWithAccessAndRefreshToken(refreshToken: string): Promise<RefreshTokenResponse> {\n const body = {\n refresh_token: refreshToken,\n }\n const url = `${authUrlOrigin}/api/backend/v1/refresh_token`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(body),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + integrationApiKey,\n },\n })\n\n if (response.ok) {\n const data = await response.json()\n const newRefreshToken = data.refresh_token\n const {\n access_token: accessToken,\n expires_at_seconds: expiresAtSeconds,\n } = data.access_token\n\n return {\n refreshToken: newRefreshToken,\n accessToken,\n error: \"none\",\n }\n } else if (response.status === 400) {\n return { error: \"unauthorized\" }\n } else {\n return { error: \"unexpected\" }\n }\n }\n\n async function logoutPostHandler(req: NextRequest) {\n const refresh_token = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n if (!refresh_token) {\n const headers = new Headers()\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n return new Response(null, { status: 200, headers })\n }\n\n const logoutBody = { refresh_token }\n const url = `${authUrlOrigin}/api/backend/v1/logout`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(logoutBody),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + integrationApiKey,\n },\n })\n\n if (!response.ok) {\n console.log(\n \"Unable to logout, clearing cookies and continuing anyway\",\n response.status,\n response.statusText\n )\n }\n const headers = new Headers()\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n return new Response(null, { status: 200, headers })\n }\n\n async function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<User | undefined> {\n try {\n return await validateAccessToken(accessToken)\n } catch (err) {\n if (err instanceof ConfigurationException) {\n throw err\n } else if (err instanceof UnauthorizedException) {\n return undefined\n } else {\n console.log(\"Error validating access token\", err)\n return undefined\n }\n }\n }\n\n async function validateAccessToken(accessToken: string | undefined): Promise<User> {\n let publicKey\n try {\n publicKey = await publicKeyPromise\n } catch (err) {\n console.error(\"Verifier key is invalid. Make sure it's specified correctly, including the newlines.\", err)\n throw new ConfigurationException(\"Invalid verifier key\")\n }\n\n if (!accessToken) {\n throw new UnauthorizedException(\"No access token provided\")\n }\n\n let accessTokenWithoutBearer = accessToken\n if (accessToken.toLowerCase().startsWith(\"bearer \")) {\n accessTokenWithoutBearer = accessToken.substring(\"bearer \".length)\n }\n\n try {\n const { payload } = await jose.jwtVerify(accessTokenWithoutBearer, publicKey, {\n issuer: authUrlOrigin,\n algorithms: [\"RS256\"],\n })\n\n return toUser(<InternalUser>payload)\n } catch (e) {\n if (e instanceof Error) {\n throw new UnauthorizedException(e.message)\n } else {\n throw new UnauthorizedException(\"Unable to decode jwt\")\n }\n }\n }\n\n return {\n getUser,\n getUserOrRedirect,\n getUserFromServerSideProps,\n validateAccessToken,\n validateAccessTokenOrUndefined,\n getRouteHandler,\n postRouteHandler,\n authMiddleware,\n }\n}\n\nfunction randomState(): string {\n const randomBytes = crypto.getRandomValues(new Uint8Array(32))\n return Array.from(randomBytes)\n .map((b) => b.toString(16).padStart(2, \"0\"))\n .join(\"\")\n}","export function validateAuthUrl(authUrl: string): URL {\n try {\n return new URL(authUrl)\n } catch (e) {\n console.error(\"Invalid authUrl\", e)\n throw new Error(\"Unable to initialize auth client\")\n }\n}\n","import { getServerActions } from \"./server-actions\"\nimport { User } from \"../user\"\nimport { validateAuthUrl } from \"./validators\"\n\nexport type InitializeAuthOptions = {\n authUrl: string\n redirectUri: string\n integrationApiKey: string\n verifierKey: string\n postLoginRedirectPathFn?: (user: User) => string\n}\n\nexport function initializeAuth(opts: InitializeAuthOptions) {\n const authUrl = validateAuthUrl(opts.authUrl).origin\n const postLoginPathFn =\n opts.postLoginRedirectPathFn ||\n function () {\n return \"/\"\n }\n\n return getServerActions({\n authUrlOrigin: authUrl,\n verifierKey: opts.verifierKey,\n redirectUri: opts.redirectUri,\n integrationApiKey: opts.integrationApiKey,\n postLoginPathFn,\n })\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAO,IAAM,OAAN,MAAW;AAAA,EAed,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAAoB;AACvC,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA2BO,SAAS,OAAO,YAAgC;AACnD,SAAO,IAAI;AAAA,IACP,WAAW;AAAA,IACX,WAAW;AAAA,IACX,uBAAuB,WAAW,yBAAyB;AAAA,IAC3D,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,EACf;AACJ;AAEO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;AC3OO,IAAM,wBAAN,cAAoC,MAAM;AAAA,EAI7C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;AAEO,IAAM,yBAAN,cAAqC,MAAM;AAAA,EAI9C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;;;ACpBA,WAAsB;AACtB,qBAA+B;AAC/B,wBAAuB;AAGvB,oBAAwC;AAoBjC,IAAM,aAAa;AACnB,IAAM,gBAAgB;AACtB,IAAM,gBAAe;AACrB,IAAM,cAAc;AACpB,IAAM,2BAA2B;AACjC,IAAM,4BAA4B;AAClC,IAAM,oBAAoB;AAC1B,IAAM,iCAAiC;AAE9C,IAAM,iBAA0C;AAAA,EAC5C,UAAU;AAAA,EACV,UAAU;AAAA,EACV,QAAQ;AAAA,EACR,MAAM;AACV;AAsBO,SAAS,iBAAiB;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACJ,GAAoC;AAChC,QAAM,mBAAwB,gBAAW,aAAa,OAAO;AAC7D,WAAe,oBAAmC;AAAA;AAC9C,YAAM,OAAO,MAAM,QAAQ;AAC3B,UAAI,MAAM;AACN,eAAO;AAAA,MACX,OAAO;AACH,wCAAS,UAAU;AACnB,cAAM,IAAI,MAAM,sBAAsB;AAAA,MAC1C;AAAA,IACJ;AAAA;AAEA,WAAe,UAAqC;AAAA;AA/ExD;AAgFQ,YAAM,kBAAc,wBAAQ,EAAE,IAAI,8BAA8B,OAAK,iCAAQ,EAAE,IAAI,wBAAwB,MAAtC,mBAAyC;AAC9G,UAAI,aAAa;AACb,cAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,YAAI,MAAM;AACN,iBAAO;AAAA,QACX;AAAA,MACJ;AACA,aAAO;AAAA,IACX;AAAA;AASA,WAAe,eAAe,KAAqC;AAAA;AAjGvE;AAkGQ,UAAI,IAAI,QAAQ,IAAI,8BAA8B,GAAG;AACjD,cAAM,IAAI,MAAM,GAAG,sEAAsE;AAAA,MAC7F,WAAW,IAAI,QAAQ,aAAa,iBAAiB,IAAI,QAAQ,aAAa,aAAa;AAEvF,eAAO,2BAAa,KAAK;AAAA,MAC7B;AAEA,YAAM,eAAc,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAC/D,YAAM,gBAAe,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAGjE,UAAI,IAAI,QAAQ,aAAa,iBAAiB,cAAc;AACxD,cAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,YAAI,SAAS,UAAU,cAAc;AACjC,gBAAM,IAAI,MAAM,gDAAgD;AAAA,QACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,gBAAMA,WAAU,IAAI,QAAQ;AAC5B,UAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,UAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,iBAAO,IAAI,SAAS,gBAAgB,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,QAC9D,OAAO;AACH,gBAAMA,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,UAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,gBAAM,eAAe,2BAAa,KAAK;AAAA,YACnC,SAAS;AAAA,cACL,SAAAA;AAAA,YACJ;AAAA,UACJ,CAAC;AACD,uBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,uBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,iBAAO;AAAA,QACX;AAAA,MACJ;AAGA,UAAI,aAAa;AACb,cAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,YAAI,MAAM;AACN,iBAAO,2BAAa,KAAK;AAAA,QAC7B;AAAA,MACJ;AAGA,UAAI,cAAc;AACd,cAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,YAAI,SAAS,UAAU,cAAc;AACjC,gBAAM,IAAI,MAAM,gDAAgD;AAAA,QACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,gBAAMC,YAAW,2BAAa,KAAK;AACnC,UAAAA,UAAS,QAAQ,OAAO,wBAAwB;AAChD,UAAAA,UAAS,QAAQ,OAAO,yBAAyB;AACjD,iBAAOA;AAAA,QACX,OAAO;AACH,gBAAMD,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,UAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,gBAAM,eAAe,2BAAa,KAAK;AAAA,YACnC,SAAS;AAAA,cACL,SAAAA;AAAA,YACJ;AAAA,UACJ,CAAC;AACD,uBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,uBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,iBAAO;AAAA,QACX;AAAA,MACJ;AAEA,aAAO,2BAAa,KAAK;AAAA,IAC7B;AAAA;AAEA,WAAS,gBAAgB,KAAkB,EAAE,OAAO,GAAiC;AACjF,QAAI,OAAO,SAAS,SAAS;AACzB,aAAO,gBAAgB;AAAA,IAC3B,WAAW,OAAO,SAAS,UAAU;AACjC,aAAO,iBAAiB;AAAA,IAC5B,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC3C;AAAA,EACJ;AAEA,WAAS,iBAAiB,KAAkB,EAAE,OAAO,GAAiC;AAClF,QAAI,OAAO,SAAS,UAAU;AAC1B,aAAO,kBAAkB,GAAG;AAAA,IAChC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC3C;AAAA,EACJ;AAEA,WAAS,kBAAkB;AACvB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,gBAAgB,4CAA4C,cAAc,YAAY;AAC1F,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAS,mBAAmB;AACxB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,gBAAgB,4CAA4C,cAAc,YAAY,QAAQ;AAClG,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AAzNxD;AA0NQ,YAAM,cAAa,SAAI,QAAQ,IAAI,iBAAiB,MAAjC,mBAAoC;AACvD,UAAI,CAAC,cAAc,WAAW,WAAW,IAAI;AACzC,gBAAQ,IAAI,sBAAsB;AAClC,eAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAS,EAAE,UAAU,WAAW,EAAE,CAAC;AAAA,MAChF;AAEA,YAAM,cAAc,IAAI,QAAQ;AAChC,YAAM,QAAQ,YAAY,IAAI,OAAO;AACrC,YAAM,OAAO,YAAY,IAAI,MAAM;AACnC,UAAI,UAAU,YAAY;AACtB,gBAAQ,IAAI,+CAA+C;AAC3D,eAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAS,EAAE,UAAU,WAAW,EAAE,CAAC;AAAA,MAChF;AAEA,YAAM,mBAAmB;AAAA,QACrB,cAAc;AAAA,QACd;AAAA,MACJ;AACA,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,gBAAgB;AAAA,QACrC,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,SAAS,IAAI;AACb,cAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,cAAM,cAAc,KAAK;AACzB,cAAM,OAAO,MAAM,oBAAoB,WAAW;AAClD,cAAM,OAAO,gBAAgB,IAAI;AACjC,YAAI,CAAC,MAAM;AACP,kBAAQ,IAAI,oCAAoC;AAChD,iBAAO,IAAI,SAAS,oBAAoB,EAAE,QAAQ,IAAI,CAAC;AAAA,QAC3D;AAEA,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,YAAY,IAAI;AAC/B,QAAAA,SAAQ,OAAO,cAAc,GAAG,4BAA4B,qDAAqD;AACjH,QAAAA,SAAQ,OAAO,cAAc,GAAG,6BAA6B,KAAK,uDAAuD;AACzH,eAAO,IAAI,SAAS,MAAM;AAAA,UACtB,QAAQ;AAAA,UACR,SAAAA;AAAA,QACJ,CAAC;AAAA,MACL,WAAW,SAAS,WAAW,KAAK;AAChC,eAAO,IAAI,SAAS,oBAAoB,EAAE,QAAQ,IAAI,CAAC;AAAA,MAC3D,OAAO;AACH,eAAO,IAAI,SAAS,oBAAoB,EAAE,QAAQ,IAAI,CAAC;AAAA,MAC3D;AAAA,IACJ;AAAA;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AAhRxD;AAiRQ,YAAM,cAAc,IAAI,QAAQ,IAAI,8BAA8B,OAAK,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAClH,UAAI,aAAa;AACb,cAAM,OAAO,GAAG;AAChB,cAAM,WAAW,MAAM,MAAM,MAAM;AAAA,UAC/B,SAAS;AAAA,YACL,gBAAgB;AAAA,YAChB,iBAAiB,YAAY;AAAA,UACjC;AAAA,QACJ,CAAC;AACD,YAAI,SAAS,IAAI;AACb,gBAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,gBAAM,OAAO,IAAI;AAAA,YACb,KAAK;AAAA,YACL,KAAK;AAAA,YACL,uBAAuB,KAAK,kBAAkB;AAAA,YAC9C,KAAK;AAAA,YACL,KAAK;AAAA,YACL,KAAK;AAAA,YACL,KAAK;AAAA,YACL,KAAK;AAAA,UACT;AAEA,iBAAO,IAAI,SAAS,KAAK,UAAU,IAAI,GAAG;AAAA,YACtC,QAAQ;AAAA,YACR,SAAS;AAAA,cACL,gBAAgB;AAAA,YACpB;AAAA,UACJ,CAAC;AAAA,QACL,WAAW,SAAS,WAAW,KAAK;AAChC,iBAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,CAAC;AAAA,QAC7C,OAAO;AACH,iBAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,CAAC;AAAA,QAC7C;AAAA,MACJ;AACA,aAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC7C;AAAA;AAEA,WAAe,2BAA2B,OAAkC;AAAA;AACxE,YAAM,cAAc,MAAM,IAAI,QAAQ,wBAAwB;AAC9D,YAAM,eAAe,MAAM,IAAI,QAAQ,yBAAyB;AAGhE,UAAI,aAAa;AACb,cAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,YAAI,MAAM;AACN,iBAAO;AAAA,QACX;AAAA,MACJ;AAGA,UAAI,cAAc;AACd,cAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,YAAI,SAAS,UAAU,cAAc;AACjC,gBAAM,IAAI,MAAM,gDAAgD;AAAA,QACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,gBAAM,IAAI,UAAU,cAAc;AAAA,YAC9B,GAAG;AAAA,YACH,GAAG;AAAA,UACP,CAAC;AACD,iBAAO;AAAA,QACX,OAAO;AACH,gBAAM,OAAO,MAAM,oBAAoB,SAAS,WAAW;AAC3D,gBAAM,IAAI,UAAU,cAAc;AAAA,YAC9B,GAAG,4BAA4B,SAAS;AAAA,YACxC,GAAG,6BAA6B,SAAS;AAAA,UAC7C,CAAC;AACD,iBAAO;AAAA,QACX;AAAA,MACJ;AAEA,aAAO;AAAA,IACX;AAAA;AAEA,WAAe,sCAAsC,cAAqD;AAAA;AACtG,YAAM,OAAO;AAAA,QACT,eAAe;AAAA,MACnB;AACA,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,IAAI;AAAA,QACzB,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,SAAS,IAAI;AACb,cAAM,OAAO,MAAM,SAAS,KAAK;AACjC,cAAM,kBAAkB,KAAK;AAC7B,cAAM;AAAA,UACF,cAAc;AAAA,UACd,oBAAoB;AAAA,QACxB,IAAI,KAAK;AAET,eAAO;AAAA,UACH,cAAc;AAAA,UACd;AAAA,UACA,OAAO;AAAA,QACX;AAAA,MACJ,WAAW,SAAS,WAAW,KAAK;AAChC,eAAO,EAAE,OAAO,eAAe;AAAA,MACnC,OAAO;AACH,eAAO,EAAE,OAAO,aAAa;AAAA,MACjC;AAAA,IACJ;AAAA;AAEA,WAAe,kBAAkB,KAAkB;AAAA;AA7XvD;AA8XQ,YAAM,iBAAgB,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAClE,UAAI,CAAC,eAAe;AAChB,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,QAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,eAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAAA,SAAQ,CAAC;AAAA,MACtD;AAEA,YAAM,aAAa,EAAE,cAAc;AACnC,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,UAAU;AAAA,QAC/B,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AACd,gBAAQ;AAAA,UACJ;AAAA,UACA,SAAS;AAAA,UACT,SAAS;AAAA,QACb;AAAA,MACJ;AACA,YAAMA,WAAU,IAAI,QAAQ;AAC5B,MAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,MAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,aAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAAA,SAAQ,CAAC;AAAA,IACtD;AAAA;AAEA,WAAe,+BAA+B,aAA4D;AAAA;AACtG,UAAI;AACA,eAAO,MAAM,oBAAoB,WAAW;AAAA,MAChD,SAAS,KAAP;AACE,YAAI,eAAe,wBAAwB;AACvC,gBAAM;AAAA,QACV,WAAW,eAAe,uBAAuB;AAC7C,iBAAO;AAAA,QACX,OAAO;AACH,kBAAQ,IAAI,iCAAiC,GAAG;AAChD,iBAAO;AAAA,QACX;AAAA,MACJ;AAAA,IACJ;AAAA;AAEA,WAAe,oBAAoB,aAAgD;AAAA;AAC/E,UAAI;AACJ,UAAI;AACA,oBAAY,MAAM;AAAA,MACtB,SAAS,KAAP;AACE,gBAAQ,MAAM,wFAAwF,GAAG;AACzG,cAAM,IAAI,uBAAuB,sBAAsB;AAAA,MAC3D;AAEA,UAAI,CAAC,aAAa;AACd,cAAM,IAAI,sBAAsB,0BAA0B;AAAA,MAC9D;AAEA,UAAI,2BAA2B;AAC/B,UAAI,YAAY,YAAY,EAAE,WAAW,SAAS,GAAG;AACjD,mCAA2B,YAAY,UAAU,UAAU,MAAM;AAAA,MACrE;AAEA,UAAI;AACA,cAAM,EAAE,QAAQ,IAAI,MAAW,eAAU,0BAA0B,WAAW;AAAA,UAC1E,QAAQ;AAAA,UACR,YAAY,CAAC,OAAO;AAAA,QACxB,CAAC;AAED,eAAO,OAAqB,OAAO;AAAA,MACvC,SAAS,GAAP;AACE,YAAI,aAAa,OAAO;AACpB,gBAAM,IAAI,sBAAsB,EAAE,OAAO;AAAA,QAC7C,OAAO;AACH,gBAAM,IAAI,sBAAsB,sBAAsB;AAAA,QAC1D;AAAA,MACJ;AAAA,IACJ;AAAA;AAEA,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAEA,SAAS,cAAsB;AAC3B,QAAM,cAAc,OAAO,gBAAgB,IAAI,WAAW,EAAE,CAAC;AAC7D,SAAO,MAAM,KAAK,WAAW,EACxB,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAC1C,KAAK,EAAE;AAChB;;;ACheO,SAAS,gBAAgB,SAAsB;AAClD,MAAI;AACA,WAAO,IAAI,IAAI,OAAO;AAAA,EAC1B,SAAS,GAAP;AACE,YAAQ,MAAM,mBAAmB,CAAC;AAClC,UAAM,IAAI,MAAM,kCAAkC;AAAA,EACtD;AACJ;;;ACKO,SAAS,eAAe,MAA6B;AACxD,QAAM,UAAU,gBAAgB,KAAK,OAAO,EAAE;AAC9C,QAAM,kBACF,KAAK,2BACL,WAAY;AACR,WAAO;AAAA,EACX;AAEJ,SAAO,iBAAiB;AAAA,IACpB,eAAe;AAAA,IACf,aAAa,KAAK;AAAA,IAClB,aAAa,KAAK;AAAA,IAClB,mBAAmB,KAAK;AAAA,IACxB;AAAA,EACJ,CAAC;AACL;","names":["headers","response"]}
package/dist/server/index.mjs CHANGED
@@ -19,27 +19,6 @@ var __async = (__this, __arguments, generator) => {
19
19
  });
20
20
  };
21
21
 
22
- // src/server/exceptions.ts
23
- var UnauthorizedException = class extends Error {
24
- constructor(message) {
25
- super(message);
26
- this.message = message;
27
- this.status = 401;
28
- }
29
- };
30
- var ConfigurationException = class extends Error {
31
- constructor(message) {
32
- super(message);
33
- this.message = message;
34
- this.status = 500;
35
- }
36
- };
37
-
38
- // src/server/server-actions.ts
39
- import * as jose from "jose";
40
- import { cookies, headers } from "next/headers";
41
- import { redirect } from "next/navigation";
42
-
43
22
  // src/user.ts
44
23
  var User = class {
45
24
  constructor(userId, email, orgIdToOrgMemberInfo, firstName, lastName, username, legacyUserId, impersonatorUserId) {
@@ -180,7 +159,26 @@ function toOrgIdToOrgMemberInfo(snake_case) {
180
159
  return camelCase;
181
160
  }
182
161
 
162
+ // src/server/exceptions.ts
163
+ var UnauthorizedException = class extends Error {
164
+ constructor(message) {
165
+ super(message);
166
+ this.message = message;
167
+ this.status = 401;
168
+ }
169
+ };
170
+ var ConfigurationException = class extends Error {
171
+ constructor(message) {
172
+ super(message);
173
+ this.message = message;
174
+ this.status = 500;
175
+ }
176
+ };
177
+
183
178
  // src/server/server-actions.ts
179
+ import * as jose from "jose";
180
+ import { cookies, headers } from "next/headers";
181
+ import { redirect } from "next/navigation";
184
182
  import { NextResponse } from "next/server";
185
183
  var LOGIN_PATH = "/api/auth/login";
186
184
  var CALLBACK_PATH = "/api/auth/callback";
@@ -424,6 +422,38 @@ function getServerActions({
424
422
  return new Response(null, { status: 401 });
425
423
  });
426
424
  }
425
+ function getUserFromServerSideProps(props) {
426
+ return __async(this, null, function* () {
427
+ const accessToken = props.req.cookies[ACCESS_TOKEN_COOKIE_NAME];
428
+ const refreshToken = props.req.cookies[REFRESH_TOKEN_COOKIE_NAME];
429
+ if (accessToken) {
430
+ const user = yield validateAccessTokenOrUndefined(accessToken);
431
+ if (user) {
432
+ return user;
433
+ }
434
+ }
435
+ if (refreshToken) {
436
+ const response = yield refreshTokenWithAccessAndRefreshToken(refreshToken);
437
+ if (response.error === "unexpected") {
438
+ throw new Error("Unexpected error while refreshing access token");
439
+ } else if (response.error === "unauthorized") {
440
+ props.res.setHeader("Set-Cookie", [
441
+ `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,
442
+ `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
443
+ ]);
444
+ return void 0;
445
+ } else {
446
+ const user = yield validateAccessToken(response.accessToken);
447
+ props.res.setHeader("Set-Cookie", [
448
+ `${ACCESS_TOKEN_COOKIE_NAME}=${response.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,
449
+ `${REFRESH_TOKEN_COOKIE_NAME}=${response.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`
450
+ ]);
451
+ return user;
452
+ }
453
+ }
454
+ return void 0;
455
+ });
456
+ }
427
457
  function refreshTokenWithAccessAndRefreshToken(refreshToken) {
428
458
  return __async(this, null, function* () {
429
459
  const body = {
@@ -540,6 +570,7 @@ function getServerActions({
540
570
  return {
541
571
  getUser,
542
572
  getUserOrRedirect,
573
+ getUserFromServerSideProps,
543
574
  validateAccessToken,
544
575
  validateAccessTokenOrUndefined,
545
576
  getRouteHandler,
@@ -578,7 +609,9 @@ function initializeAuth(opts) {
578
609
  }
579
610
  export {
580
611
  ConfigurationException,
612
+ OrgMemberInfo,
581
613
  UnauthorizedException,
614
+ User,
582
615
  initializeAuth
583
616
  };
584
617
  //# sourceMappingURL=index.mjs.map
package/dist/server/index.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/server/exceptions.ts","../../src/server/server-actions.ts","../../src/user.ts","../../src/server/validators.ts","../../src/server/auth.ts"],"sourcesContent":["export class UnauthorizedException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 401\n }\n}\n\nexport class ConfigurationException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 500\n }\n}\n","import * as jose from \"jose\"\nimport {cookies, headers} from \"next/headers\"\nimport {redirect} from \"next/navigation\"\nimport {ConfigurationException, UnauthorizedException} from \"./exceptions\"\nimport {InternalUser, OrgMemberInfo, toOrgIdToOrgMemberInfo, toUser, User} from \"../user\"\nimport {NextRequest, NextResponse} from \"next/server\";\nimport {ResponseCookie} from \"next/dist/compiled/@edge-runtime/cookies\";\n\ntype RefreshAndAccessTokens = {\n refreshToken: string\n accessToken: string\n error: \"none\"\n}\n\ntype RefreshAndAccessTokensUnauthorizedError = {\n error: \"unauthorized\"\n}\n\ntype RefreshAndAccessTokensUnexpectedError = {\n error: \"unexpected\"\n}\n\ntype RefreshTokenResponse = RefreshAndAccessTokens | RefreshAndAccessTokensUnauthorizedError | RefreshAndAccessTokensUnexpectedError\n\nexport const LOGIN_PATH = \"/api/auth/login\"\nexport const CALLBACK_PATH = \"/api/auth/callback\"\nexport const USERINFO_PATH= \"/api/auth/userinfo\"\nexport const LOGOUT_PATH = \"/api/auth/logout\"\nexport const ACCESS_TOKEN_COOKIE_NAME = \"__pa_at\"\nexport const REFRESH_TOKEN_COOKIE_NAME = \"__pa_rt\"\nexport const STATE_COOKIE_NAME = \"__pa_state\"\nexport const CUSTOM_HEADER_FOR_ACCESS_TOKEN = \"x-propelauth-access-token\"\n\nconst COOKIE_OPTIONS: Partial<ResponseCookie> = {\n httpOnly: true,\n sameSite: \"lax\",\n secure: true,\n path: \"/\",\n}\n\nexport type ServerActionArgs = {\n authUrlOrigin: string\n redirectUri: string\n integrationApiKey: string\n verifierKey: string\n postLoginPathFn: (user: User) => string\n}\n\n\nexport type ServerActions = {\n getUser: () => Promise<User | undefined>\n getUserOrRedirect: () => Promise<User>\n validateAccessToken: (accessToken: string) => Promise<User>\n validateAccessTokenOrUndefined: (accessToken: string) => Promise<User | undefined>\n getRouteHandler: (req: NextRequest, { params }: { params: { slug: string } }) => Response | Promise<Response>\n postRouteHandler: (req: NextRequest, { params }: { params: { slug: string } }) => Response | Promise<Response>\n authMiddleware: (req: NextRequest) => Promise<Response>\n}\n\nexport function getServerActions({\n authUrlOrigin,\n postLoginPathFn,\n verifierKey,\n integrationApiKey,\n redirectUri,\n}: ServerActionArgs): ServerActions {\n const publicKeyPromise = jose.importSPKI(verifierKey, \"RS256\")\n async function getUserOrRedirect(): Promise<User> {\n const user = await getUser()\n if (user) {\n return user\n } else {\n redirect(LOGIN_PATH)\n throw new Error(\"Redirecting to login\")\n }\n }\n\n async function getUser(): Promise<User | undefined> {\n const accessToken = headers().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || cookies().get(ACCESS_TOKEN_COOKIE_NAME)?.value\n if (accessToken) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return user\n }\n }\n return undefined\n }\n\n // Purpose of this middleware is just to keep the access token cookie alive\n // In an ideal world, this could be done in `getUser`, however, you can't\n // set a cookie in a server component.\n // There also doesn't seem to be any way right now to set a cookie in a\n // middleware and pass it forward (you can only set them on the response).\n // You CAN, however, pass in custom headers,\n // so we'll use CUSTOM_HEADER_FOR_ACCESS_TOKEN as a workaround\n async function authMiddleware(req: NextRequest): Promise<Response> {\n if (req.headers.has(CUSTOM_HEADER_FOR_ACCESS_TOKEN)) {\n throw new Error(`${CUSTOM_HEADER_FOR_ACCESS_TOKEN} is set which is for internal use only`)\n } else if (req.nextUrl.pathname === CALLBACK_PATH || req.nextUrl.pathname === LOGOUT_PATH) {\n // Don't do anything for the callback or logout paths, as they will modify the cookies themselves\n return NextResponse.next()\n }\n\n const accessToken = req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n const refreshToken = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n\n // For the userinfo endpoint, we want to get the most up-to-date info, so we'll refresh the access token\n if (req.nextUrl.pathname === USERINFO_PATH && refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === \"unexpected\") {\n throw new Error(\"Unexpected error while refreshing access token\")\n } else if (response.error === \"unauthorized\") {\n const headers = new Headers()\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n return new Response(\"Unauthorized\", {status: 401, headers})\n } else {\n const headers = new Headers(req.headers)\n // Pass along the new access token in a header since cookies don't work\n headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n const nextResponse = NextResponse.next({\n request: {\n headers\n }\n })\n nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n return nextResponse\n }\n }\n\n // If we are authenticated, we can continue\n if (accessToken) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return NextResponse.next()\n }\n }\n\n // Otherwise, we need to refresh the access token\n if (refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === \"unexpected\") {\n throw new Error(\"Unexpected error while refreshing access token\")\n } else if (response.error === \"unauthorized\") {\n const response = NextResponse.next()\n response.cookies.delete(ACCESS_TOKEN_COOKIE_NAME)\n response.cookies.delete(REFRESH_TOKEN_COOKIE_NAME)\n return response\n } else {\n const headers = new Headers(req.headers)\n // Pass along the new access token in a header since cookies don't work\n headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n const nextResponse = NextResponse.next({\n request: {\n headers\n }\n })\n nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n return nextResponse\n }\n }\n\n return NextResponse.next()\n }\n\n function getRouteHandler(req: NextRequest, { params }: { params: { slug: string } }) {\n if (params.slug === \"login\") {\n return loginGetHandler()\n } else if (params.slug === \"signup\") {\n return signupGetHandler()\n } else if (params.slug === \"callback\") {\n return callbackGetHandler(req)\n } else if (params.slug === \"userinfo\") {\n return userinfoGetHandler(req)\n } else {\n return new Response(\"\", { status: 404 })\n }\n }\n\n function postRouteHandler(req: NextRequest, { params }: { params: { slug: string } }) {\n if (params.slug === \"logout\") {\n return logoutPostHandler(req)\n } else {\n return new Response(\"\", { status: 404 })\n }\n }\n\n function loginGetHandler() {\n const state = randomState()\n const authorize_url =\n authUrlOrigin + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state\n return new Response(null, {\n status: 302,\n headers: {\n Location: authorize_url,\n \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n }\n })\n }\n\n function signupGetHandler() {\n const state = randomState()\n const authorize_url =\n authUrlOrigin + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state + \"&signup=true\"\n return new Response(null, {\n status: 302,\n headers: {\n Location: authorize_url,\n \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n }\n })\n }\n\n async function callbackGetHandler(req: NextRequest) {\n const oauthState = req.cookies.get(STATE_COOKIE_NAME)?.value\n if (!oauthState || oauthState.length !== 64) {\n console.log(\"No oauth state found\")\n return new Response(null, { status: 302, headers: { Location: LOGIN_PATH } })\n }\n\n const queryParams = req.nextUrl.searchParams\n const state = queryParams.get(\"state\")\n const code = queryParams.get(\"code\")\n if (state !== oauthState) {\n console.log(\"Mismatch between states, redirecting to login\")\n return new Response(null, { status: 302, headers: { Location: LOGIN_PATH } })\n }\n\n const oauth_token_body = {\n redirect_uri: redirectUri,\n code,\n }\n const url = `${authUrlOrigin}/propelauth/ssr/token`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(oauth_token_body),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + integrationApiKey,\n },\n })\n\n if (response.ok) {\n const data = await response.json()\n\n const accessToken = data.access_token\n const user = await validateAccessToken(accessToken)\n const path = postLoginPathFn(user)\n if (!path) {\n console.log(\"postLoginPathFn returned undefined\")\n return new Response(\"Unexpected error\", { status: 500 })\n }\n\n const headers = new Headers()\n headers.append(\"Location\", path)\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=${accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=${data.refresh_token}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n return new Response(null, {\n status: 302,\n headers\n })\n } else if (response.status === 401) {\n return new Response(\"Unexpected error\", { status: 500 })\n } else {\n return new Response(\"Unexpected error\", { status: 500 })\n }\n }\n\n async function userinfoGetHandler(req: NextRequest) {\n const accessToken = req.headers.get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n if (accessToken) {\n const path = `${authUrlOrigin}/propelauth/oauth/userinfo`\n const response = await fetch(path, {\n headers: {\n \"Content-Type\": \"application/json\",\n \"Authorization\": \"Bearer \" + accessToken,\n }\n })\n if (response.ok) {\n const data = await response.json()\n\n const user = new User(\n data.user_id,\n data.email,\n toOrgIdToOrgMemberInfo(data.org_id_to_org_info),\n data.first_name,\n data.last_name,\n data.username,\n data.legacy_user_id,\n data.impersonator_user_id,\n )\n\n return new Response(JSON.stringify(user), {\n status: 200,\n headers: {\n \"Content-Type\": \"application/json\",\n }\n })\n } else if (response.status === 401) {\n return new Response(null, { status: 401 })\n } else {\n return new Response(null, { status: 500 })\n }\n }\n return new Response(null, { status: 401 })\n }\n\n async function refreshTokenWithAccessAndRefreshToken(refreshToken: string): Promise<RefreshTokenResponse> {\n const body = {\n refresh_token: refreshToken,\n }\n const url = `${authUrlOrigin}/api/backend/v1/refresh_token`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(body),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + integrationApiKey,\n },\n })\n\n if (response.ok) {\n const data = await response.json()\n const newRefreshToken = data.refresh_token\n const {\n access_token: accessToken,\n expires_at_seconds: expiresAtSeconds,\n } = data.access_token\n\n return {\n refreshToken: newRefreshToken,\n accessToken,\n error: \"none\",\n }\n } else if (response.status === 400) {\n return { error: \"unauthorized\" }\n } else {\n return { error: \"unexpected\" }\n }\n }\n\n async function logoutPostHandler(req: NextRequest) {\n const refresh_token = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n if (!refresh_token) {\n const headers = new Headers()\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n return new Response(null, { status: 200, headers })\n }\n\n const logoutBody = { refresh_token }\n const url = `${authUrlOrigin}/api/backend/v1/logout`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(logoutBody),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + integrationApiKey,\n },\n })\n\n if (!response.ok) {\n console.log(\n \"Unable to logout, clearing cookies and continuing anyway\",\n response.status,\n response.statusText\n )\n }\n const headers = new Headers()\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n return new Response(null, { status: 200, headers })\n }\n\n async function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<User | undefined> {\n try {\n return await validateAccessToken(accessToken)\n } catch (err) {\n if (err instanceof ConfigurationException) {\n throw err\n } else if (err instanceof UnauthorizedException) {\n return undefined\n } else {\n console.log(\"Error validating access token\", err)\n return undefined\n }\n }\n }\n\n async function validateAccessToken(accessToken: string | undefined): Promise<User> {\n let publicKey\n try {\n publicKey = await publicKeyPromise\n } catch (err) {\n console.error(\"Verifier key is invalid. Make sure it's specified correctly, including the newlines.\", err)\n throw new ConfigurationException(\"Invalid verifier key\")\n }\n\n if (!accessToken) {\n throw new UnauthorizedException(\"No access token provided\")\n }\n\n let accessTokenWithoutBearer = accessToken\n if (accessToken.toLowerCase().startsWith(\"bearer \")) {\n accessTokenWithoutBearer = accessToken.substring(\"bearer \".length)\n }\n\n try {\n const { payload } = await jose.jwtVerify(accessTokenWithoutBearer, publicKey, {\n issuer: authUrlOrigin,\n algorithms: [\"RS256\"],\n })\n\n return toUser(<InternalUser>payload)\n } catch (e) {\n if (e instanceof Error) {\n throw new UnauthorizedException(e.message)\n } else {\n throw new UnauthorizedException(\"Unable to decode jwt\")\n }\n }\n }\n\n return {\n getUser,\n getUserOrRedirect,\n validateAccessToken,\n validateAccessTokenOrUndefined,\n getRouteHandler,\n postRouteHandler,\n authMiddleware,\n }\n}\n\nfunction randomState(): string {\n const randomBytes = crypto.getRandomValues(new Uint8Array(32))\n return Array.from(randomBytes)\n .map((b) => b.toString(16).padStart(2, \"0\"))\n .join(\"\")\n}","export class User {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): User {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new User(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n private userAssignedRole: string\n private userInheritedRolesPlusCurrentRole: string[]\n private userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): User {\n return new User(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","export function validateAuthUrl(authUrl: string): URL {\n try {\n return new URL(authUrl)\n } catch (e) {\n console.error(\"Invalid authUrl\", e)\n throw new Error(\"Unable to initialize auth client\")\n }\n}\n","import { getServerActions } from \"./server-actions\"\nimport { User } from \"../user\"\nimport { validateAuthUrl } from \"./validators\"\n\nexport type InitializeAuthOptions = {\n authUrl: string\n redirectUri: string\n integrationApiKey: string\n verifierKey: string\n postLoginRedirectPathFn?: (user: User) => string\n}\n\nexport function initializeAuth(opts: InitializeAuthOptions) {\n const authUrl = validateAuthUrl(opts.authUrl).origin\n const postLoginPathFn =\n opts.postLoginRedirectPathFn ||\n function () {\n return \"/\"\n }\n\n return getServerActions({\n authUrlOrigin: authUrl,\n verifierKey: opts.verifierKey,\n redirectUri: opts.redirectUri,\n integrationApiKey: opts.integrationApiKey,\n postLoginPathFn,\n })\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAO,IAAM,wBAAN,cAAoC,MAAM;AAAA,EAI7C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;AAEO,IAAM,yBAAN,cAAqC,MAAM;AAAA,EAI9C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;;;ACpBA,YAAY,UAAU;AACtB,SAAQ,SAAS,eAAc;AAC/B,SAAQ,gBAAe;;;ACFhB,IAAM,OAAN,MAAW;AAAA,EAed,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAAoB;AACvC,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA2BO,SAAS,OAAO,YAAgC;AACnD,SAAO,IAAI;AAAA,IACP,WAAW;AAAA,IACX,WAAW;AAAA,IACX,uBAAuB,WAAW,yBAAyB;AAAA,IAC3D,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,EACf;AACJ;AAEO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;ADtOA,SAAqB,oBAAmB;AAmBjC,IAAM,aAAa;AACnB,IAAM,gBAAgB;AACtB,IAAM,gBAAe;AACrB,IAAM,cAAc;AACpB,IAAM,2BAA2B;AACjC,IAAM,4BAA4B;AAClC,IAAM,oBAAoB;AAC1B,IAAM,iCAAiC;AAE9C,IAAM,iBAA0C;AAAA,EAC5C,UAAU;AAAA,EACV,UAAU;AAAA,EACV,QAAQ;AAAA,EACR,MAAM;AACV;AAqBO,SAAS,iBAAiB;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACJ,GAAoC;AAChC,QAAM,mBAAwB,gBAAW,aAAa,OAAO;AAC7D,WAAe,oBAAmC;AAAA;AAC9C,YAAM,OAAO,MAAM,QAAQ;AAC3B,UAAI,MAAM;AACN,eAAO;AAAA,MACX,OAAO;AACH,iBAAS,UAAU;AACnB,cAAM,IAAI,MAAM,sBAAsB;AAAA,MAC1C;AAAA,IACJ;AAAA;AAEA,WAAe,UAAqC;AAAA;AA7ExD;AA8EQ,YAAM,cAAc,QAAQ,EAAE,IAAI,8BAA8B,OAAK,aAAQ,EAAE,IAAI,wBAAwB,MAAtC,mBAAyC;AAC9G,UAAI,aAAa;AACb,cAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,YAAI,MAAM;AACN,iBAAO;AAAA,QACX;AAAA,MACJ;AACA,aAAO;AAAA,IACX;AAAA;AASA,WAAe,eAAe,KAAqC;AAAA;AA/FvE;AAgGQ,UAAI,IAAI,QAAQ,IAAI,8BAA8B,GAAG;AACjD,cAAM,IAAI,MAAM,GAAG,sEAAsE;AAAA,MAC7F,WAAW,IAAI,QAAQ,aAAa,iBAAiB,IAAI,QAAQ,aAAa,aAAa;AAEvF,eAAO,aAAa,KAAK;AAAA,MAC7B;AAEA,YAAM,eAAc,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAC/D,YAAM,gBAAe,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAGjE,UAAI,IAAI,QAAQ,aAAa,iBAAiB,cAAc;AACxD,cAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,YAAI,SAAS,UAAU,cAAc;AACjC,gBAAM,IAAI,MAAM,gDAAgD;AAAA,QACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,gBAAMA,WAAU,IAAI,QAAQ;AAC5B,UAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,UAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,iBAAO,IAAI,SAAS,gBAAgB,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,QAC9D,OAAO;AACH,gBAAMA,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,UAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,gBAAM,eAAe,aAAa,KAAK;AAAA,YACnC,SAAS;AAAA,cACL,SAAAA;AAAA,YACJ;AAAA,UACJ,CAAC;AACD,uBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,uBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,iBAAO;AAAA,QACX;AAAA,MACJ;AAGA,UAAI,aAAa;AACb,cAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,YAAI,MAAM;AACN,iBAAO,aAAa,KAAK;AAAA,QAC7B;AAAA,MACJ;AAGA,UAAI,cAAc;AACd,cAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,YAAI,SAAS,UAAU,cAAc;AACjC,gBAAM,IAAI,MAAM,gDAAgD;AAAA,QACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,gBAAMC,YAAW,aAAa,KAAK;AACnC,UAAAA,UAAS,QAAQ,OAAO,wBAAwB;AAChD,UAAAA,UAAS,QAAQ,OAAO,yBAAyB;AACjD,iBAAOA;AAAA,QACX,OAAO;AACH,gBAAMD,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,UAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,gBAAM,eAAe,aAAa,KAAK;AAAA,YACnC,SAAS;AAAA,cACL,SAAAA;AAAA,YACJ;AAAA,UACJ,CAAC;AACD,uBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,uBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,iBAAO;AAAA,QACX;AAAA,MACJ;AAEA,aAAO,aAAa,KAAK;AAAA,IAC7B;AAAA;AAEA,WAAS,gBAAgB,KAAkB,EAAE,OAAO,GAAiC;AACjF,QAAI,OAAO,SAAS,SAAS;AACzB,aAAO,gBAAgB;AAAA,IAC3B,WAAW,OAAO,SAAS,UAAU;AACjC,aAAO,iBAAiB;AAAA,IAC5B,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC3C;AAAA,EACJ;AAEA,WAAS,iBAAiB,KAAkB,EAAE,OAAO,GAAiC;AAClF,QAAI,OAAO,SAAS,UAAU;AAC1B,aAAO,kBAAkB,GAAG;AAAA,IAChC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC3C;AAAA,EACJ;AAEA,WAAS,kBAAkB;AACvB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,gBAAgB,4CAA4C,cAAc,YAAY;AAC1F,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAS,mBAAmB;AACxB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,gBAAgB,4CAA4C,cAAc,YAAY,QAAQ;AAClG,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AAvNxD;AAwNQ,YAAM,cAAa,SAAI,QAAQ,IAAI,iBAAiB,MAAjC,mBAAoC;AACvD,UAAI,CAAC,cAAc,WAAW,WAAW,IAAI;AACzC,gBAAQ,IAAI,sBAAsB;AAClC,eAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAS,EAAE,UAAU,WAAW,EAAE,CAAC;AAAA,MAChF;AAEA,YAAM,cAAc,IAAI,QAAQ;AAChC,YAAM,QAAQ,YAAY,IAAI,OAAO;AACrC,YAAM,OAAO,YAAY,IAAI,MAAM;AACnC,UAAI,UAAU,YAAY;AACtB,gBAAQ,IAAI,+CAA+C;AAC3D,eAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAS,EAAE,UAAU,WAAW,EAAE,CAAC;AAAA,MAChF;AAEA,YAAM,mBAAmB;AAAA,QACrB,cAAc;AAAA,QACd;AAAA,MACJ;AACA,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,gBAAgB;AAAA,QACrC,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,SAAS,IAAI;AACb,cAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,cAAM,cAAc,KAAK;AACzB,cAAM,OAAO,MAAM,oBAAoB,WAAW;AAClD,cAAM,OAAO,gBAAgB,IAAI;AACjC,YAAI,CAAC,MAAM;AACP,kBAAQ,IAAI,oCAAoC;AAChD,iBAAO,IAAI,SAAS,oBAAoB,EAAE,QAAQ,IAAI,CAAC;AAAA,QAC3D;AAEA,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,YAAY,IAAI;AAC/B,QAAAA,SAAQ,OAAO,cAAc,GAAG,4BAA4B,qDAAqD;AACjH,QAAAA,SAAQ,OAAO,cAAc,GAAG,6BAA6B,KAAK,uDAAuD;AACzH,eAAO,IAAI,SAAS,MAAM;AAAA,UACtB,QAAQ;AAAA,UACR,SAAAA;AAAA,QACJ,CAAC;AAAA,MACL,WAAW,SAAS,WAAW,KAAK;AAChC,eAAO,IAAI,SAAS,oBAAoB,EAAE,QAAQ,IAAI,CAAC;AAAA,MAC3D,OAAO;AACH,eAAO,IAAI,SAAS,oBAAoB,EAAE,QAAQ,IAAI,CAAC;AAAA,MAC3D;AAAA,IACJ;AAAA;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AA9QxD;AA+QQ,YAAM,cAAc,IAAI,QAAQ,IAAI,8BAA8B,OAAK,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAClH,UAAI,aAAa;AACb,cAAM,OAAO,GAAG;AAChB,cAAM,WAAW,MAAM,MAAM,MAAM;AAAA,UAC/B,SAAS;AAAA,YACL,gBAAgB;AAAA,YAChB,iBAAiB,YAAY;AAAA,UACjC;AAAA,QACJ,CAAC;AACD,YAAI,SAAS,IAAI;AACb,gBAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,gBAAM,OAAO,IAAI;AAAA,YACb,KAAK;AAAA,YACL,KAAK;AAAA,YACL,uBAAuB,KAAK,kBAAkB;AAAA,YAC9C,KAAK;AAAA,YACL,KAAK;AAAA,YACL,KAAK;AAAA,YACL,KAAK;AAAA,YACL,KAAK;AAAA,UACT;AAEA,iBAAO,IAAI,SAAS,KAAK,UAAU,IAAI,GAAG;AAAA,YACtC,QAAQ;AAAA,YACR,SAAS;AAAA,cACL,gBAAgB;AAAA,YACpB;AAAA,UACJ,CAAC;AAAA,QACL,WAAW,SAAS,WAAW,KAAK;AAChC,iBAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,CAAC;AAAA,QAC7C,OAAO;AACH,iBAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,CAAC;AAAA,QAC7C;AAAA,MACJ;AACA,aAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC7C;AAAA;AAEA,WAAe,sCAAsC,cAAqD;AAAA;AACtG,YAAM,OAAO;AAAA,QACT,eAAe;AAAA,MACnB;AACA,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,IAAI;AAAA,QACzB,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,SAAS,IAAI;AACb,cAAM,OAAO,MAAM,SAAS,KAAK;AACjC,cAAM,kBAAkB,KAAK;AAC7B,cAAM;AAAA,UACF,cAAc;AAAA,UACd,oBAAoB;AAAA,QACxB,IAAI,KAAK;AAET,eAAO;AAAA,UACH,cAAc;AAAA,UACd;AAAA,UACA,OAAO;AAAA,QACX;AAAA,MACJ,WAAW,SAAS,WAAW,KAAK;AAChC,eAAO,EAAE,OAAO,eAAe;AAAA,MACnC,OAAO;AACH,eAAO,EAAE,OAAO,aAAa;AAAA,MACjC;AAAA,IACJ;AAAA;AAEA,WAAe,kBAAkB,KAAkB;AAAA;AAvVvD;AAwVQ,YAAM,iBAAgB,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAClE,UAAI,CAAC,eAAe;AAChB,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,QAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,eAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAAA,SAAQ,CAAC;AAAA,MACtD;AAEA,YAAM,aAAa,EAAE,cAAc;AACnC,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,UAAU;AAAA,QAC/B,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AACd,gBAAQ;AAAA,UACJ;AAAA,UACA,SAAS;AAAA,UACT,SAAS;AAAA,QACb;AAAA,MACJ;AACA,YAAMA,WAAU,IAAI,QAAQ;AAC5B,MAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,MAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,aAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAAA,SAAQ,CAAC;AAAA,IACtD;AAAA;AAEA,WAAe,+BAA+B,aAA4D;AAAA;AACtG,UAAI;AACA,eAAO,MAAM,oBAAoB,WAAW;AAAA,MAChD,SAAS,KAAP;AACE,YAAI,eAAe,wBAAwB;AACvC,gBAAM;AAAA,QACV,WAAW,eAAe,uBAAuB;AAC7C,iBAAO;AAAA,QACX,OAAO;AACH,kBAAQ,IAAI,iCAAiC,GAAG;AAChD,iBAAO;AAAA,QACX;AAAA,MACJ;AAAA,IACJ;AAAA;AAEA,WAAe,oBAAoB,aAAgD;AAAA;AAC/E,UAAI;AACJ,UAAI;AACA,oBAAY,MAAM;AAAA,MACtB,SAAS,KAAP;AACE,gBAAQ,MAAM,wFAAwF,GAAG;AACzG,cAAM,IAAI,uBAAuB,sBAAsB;AAAA,MAC3D;AAEA,UAAI,CAAC,aAAa;AACd,cAAM,IAAI,sBAAsB,0BAA0B;AAAA,MAC9D;AAEA,UAAI,2BAA2B;AAC/B,UAAI,YAAY,YAAY,EAAE,WAAW,SAAS,GAAG;AACjD,mCAA2B,YAAY,UAAU,UAAU,MAAM;AAAA,MACrE;AAEA,UAAI;AACA,cAAM,EAAE,QAAQ,IAAI,MAAW,eAAU,0BAA0B,WAAW;AAAA,UAC1E,QAAQ;AAAA,UACR,YAAY,CAAC,OAAO;AAAA,QACxB,CAAC;AAED,eAAO,OAAqB,OAAO;AAAA,MACvC,SAAS,GAAP;AACE,YAAI,aAAa,OAAO;AACpB,gBAAM,IAAI,sBAAsB,EAAE,OAAO;AAAA,QAC7C,OAAO;AACH,gBAAM,IAAI,sBAAsB,sBAAsB;AAAA,QAC1D;AAAA,MACJ;AAAA,IACJ;AAAA;AAEA,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAEA,SAAS,cAAsB;AAC3B,QAAM,cAAc,OAAO,gBAAgB,IAAI,WAAW,EAAE,CAAC;AAC7D,SAAO,MAAM,KAAK,WAAW,EACxB,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAC1C,KAAK,EAAE;AAChB;;;AEzbO,SAAS,gBAAgB,SAAsB;AAClD,MAAI;AACA,WAAO,IAAI,IAAI,OAAO;AAAA,EAC1B,SAAS,GAAP;AACE,YAAQ,MAAM,mBAAmB,CAAC;AAClC,UAAM,IAAI,MAAM,kCAAkC;AAAA,EACtD;AACJ;;;ACKO,SAAS,eAAe,MAA6B;AACxD,QAAM,UAAU,gBAAgB,KAAK,OAAO,EAAE;AAC9C,QAAM,kBACF,KAAK,2BACL,WAAY;AACR,WAAO;AAAA,EACX;AAEJ,SAAO,iBAAiB;AAAA,IACpB,eAAe;AAAA,IACf,aAAa,KAAK;AAAA,IAClB,aAAa,KAAK;AAAA,IAClB,mBAAmB,KAAK;AAAA,IACxB;AAAA,EACJ,CAAC;AACL;","names":["headers","response"]}
1
+ {"version":3,"sources":["../../src/user.ts","../../src/server/exceptions.ts","../../src/server/server-actions.ts","../../src/server/validators.ts","../../src/server/auth.ts"],"sourcesContent":["export class User {\n public userId: string\n public orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo\n\n // Metadata about the user\n public email: string\n public firstName?: string\n public lastName?: string\n public username?: string\n\n // If you used our migration APIs to migrate this user from a different system,\n // this is their original ID from that system.\n public legacyUserId?: string\n public impersonatorUserId?: string\n\n constructor(\n userId: string,\n email: string,\n orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo,\n firstName?: string,\n lastName?: string,\n username?: string,\n legacyUserId?: string,\n impersonatorUserId?: string\n ) {\n this.userId = userId\n this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo\n\n this.email = email\n this.firstName = firstName\n this.lastName = lastName\n this.username = username\n\n this.legacyUserId = legacyUserId\n this.impersonatorUserId = impersonatorUserId\n }\n\n public getOrg(orgId: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n return this.orgIdToOrgMemberInfo[orgId]\n }\n\n public getOrgByName(orgName: string): OrgMemberInfo | undefined {\n if (!this.orgIdToOrgMemberInfo) {\n return undefined\n }\n\n const urlSafeOrgName = orgName.toLowerCase().replace(/ /g, \"-\")\n for (const orgId in this.orgIdToOrgMemberInfo) {\n const orgMemberInfo = this.orgIdToOrgMemberInfo[orgId]\n if (orgMemberInfo.urlSafeOrgName === urlSafeOrgName) {\n return orgMemberInfo\n }\n }\n\n return undefined\n }\n\n public getOrgs(): OrgMemberInfo[] {\n if (!this.orgIdToOrgMemberInfo) {\n return []\n }\n\n return Object.values(this.orgIdToOrgMemberInfo)\n }\n\n public isImpersonating(): boolean {\n return !!this.impersonatorUserId\n }\n\n public static fromJSON(json: string): User {\n const obj = JSON.parse(json)\n const orgIdToOrgMemberInfo: OrgIdToOrgMemberInfo = {}\n for (const orgId in obj.orgIdToOrgMemberInfo) {\n orgIdToOrgMemberInfo[orgId] = OrgMemberInfo.fromJSON(\n JSON.stringify(obj.orgIdToOrgMemberInfo[orgId])\n )\n }\n return new User(\n obj.userId,\n obj.email,\n orgIdToOrgMemberInfo,\n obj.firstName,\n obj.lastName,\n obj.username,\n obj.legacyUserId,\n obj.impersonatorUserId\n )\n }\n}\n\nexport type OrgIdToOrgMemberInfo = {\n [orgId: string]: OrgMemberInfo\n}\n\nexport class OrgMemberInfo {\n public orgId: string\n public orgName: string\n public orgMetadata: { [key: string]: any }\n public urlSafeOrgName: string\n\n private userAssignedRole: string\n private userInheritedRolesPlusCurrentRole: string[]\n private userPermissions: string[]\n\n constructor(\n orgId: string,\n orgName: string,\n orgMetadata: { [key: string]: any },\n urlSafeOrgName: string,\n userAssignedRole: string,\n userInheritedRolesPlusCurrentRole: string[],\n userPermissions: string[]\n ) {\n this.orgId = orgId\n this.orgName = orgName\n this.orgMetadata = orgMetadata\n this.urlSafeOrgName = urlSafeOrgName\n\n this.userAssignedRole = userAssignedRole\n this.userInheritedRolesPlusCurrentRole = userInheritedRolesPlusCurrentRole\n this.userPermissions = userPermissions\n }\n\n // validation methods\n\n public isRole(role: string): boolean {\n return this.userAssignedRole === role\n }\n\n public isAtLeastRole(role: string): boolean {\n return this.userInheritedRolesPlusCurrentRole.includes(role)\n }\n\n public hasPermission(permission: string): boolean {\n return this.userPermissions.includes(permission)\n }\n\n public hasAllPermissions(permissions: string[]): boolean {\n return permissions.every((permission) => this.hasPermission(permission))\n }\n\n public static fromJSON(json: string): OrgMemberInfo {\n const obj = JSON.parse(json)\n return new OrgMemberInfo(\n obj.orgId,\n obj.orgName,\n obj.orgMetadata,\n obj.urlSafeOrgName,\n obj.userAssignedRole,\n obj.userInheritedRolesPlusCurrentRole,\n obj.userPermissions\n )\n }\n\n // getters for the private fields\n\n get assignedRole(): string {\n return this.userAssignedRole\n }\n\n get inheritedRolesPlusCurrentRole(): string[] {\n return this.userInheritedRolesPlusCurrentRole\n }\n\n get permissions(): string[] {\n return this.userPermissions\n }\n}\n\n// These Internal types exist since the server returns snake case, but typescript/javascript\n// convention is camelCase.\nexport type InternalOrgMemberInfo = {\n org_id: string\n org_name: string\n org_metadata: { [key: string]: any }\n url_safe_org_name: string\n user_role: string\n inherited_user_roles_plus_current_role: string[]\n user_permissions: string[]\n}\nexport type InternalUser = {\n user_id: string\n org_id_to_org_member_info?: { [org_id: string]: InternalOrgMemberInfo }\n\n email: string\n first_name?: string\n last_name?: string\n username?: string\n\n // If you used our migration APIs to migrate this user from a different system, this is their original ID from that system.\n legacy_user_id?: string\n impersonatorUserId?: string\n}\n\nexport function toUser(snake_case: InternalUser): User {\n return new User(\n snake_case.user_id,\n snake_case.email,\n toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),\n snake_case.first_name,\n snake_case.last_name,\n snake_case.username,\n snake_case.legacy_user_id,\n snake_case.impersonatorUserId\n )\n}\n\nexport function toOrgIdToOrgMemberInfo(snake_case?: {\n [org_id: string]: InternalOrgMemberInfo\n}): OrgIdToOrgMemberInfo | undefined {\n if (snake_case === undefined) {\n return undefined\n }\n const camelCase: OrgIdToOrgMemberInfo = {}\n\n for (const key of Object.keys(snake_case)) {\n const snakeCaseValue = snake_case[key]\n if (snakeCaseValue) {\n camelCase[key] = new OrgMemberInfo(\n snakeCaseValue.org_id,\n snakeCaseValue.org_name,\n snakeCaseValue.org_metadata,\n snakeCaseValue.url_safe_org_name,\n snakeCaseValue.user_role,\n snakeCaseValue.inherited_user_roles_plus_current_role,\n snakeCaseValue.user_permissions\n )\n }\n }\n\n return camelCase\n}\n","export class UnauthorizedException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 401\n }\n}\n\nexport class ConfigurationException extends Error {\n readonly message: string\n readonly status: number\n\n constructor(message: string) {\n super(message)\n this.message = message\n this.status = 500\n }\n}\n","import * as jose from \"jose\"\nimport {cookies, headers} from \"next/headers\"\nimport {redirect} from \"next/navigation\"\nimport {ConfigurationException, UnauthorizedException} from \"./exceptions\"\nimport {InternalUser, OrgMemberInfo, toOrgIdToOrgMemberInfo, toUser, User} from \"../user\"\nimport {NextRequest, NextResponse} from \"next/server\";\nimport {ResponseCookie} from \"next/dist/compiled/@edge-runtime/cookies\";\nimport {GetServerSidePropsContext} from \"next\";\n\ntype RefreshAndAccessTokens = {\n refreshToken: string\n accessToken: string\n error: \"none\"\n}\n\ntype RefreshAndAccessTokensUnauthorizedError = {\n error: \"unauthorized\"\n}\n\ntype RefreshAndAccessTokensUnexpectedError = {\n error: \"unexpected\"\n}\n\ntype RefreshTokenResponse = RefreshAndAccessTokens | RefreshAndAccessTokensUnauthorizedError | RefreshAndAccessTokensUnexpectedError\n\nexport const LOGIN_PATH = \"/api/auth/login\"\nexport const CALLBACK_PATH = \"/api/auth/callback\"\nexport const USERINFO_PATH= \"/api/auth/userinfo\"\nexport const LOGOUT_PATH = \"/api/auth/logout\"\nexport const ACCESS_TOKEN_COOKIE_NAME = \"__pa_at\"\nexport const REFRESH_TOKEN_COOKIE_NAME = \"__pa_rt\"\nexport const STATE_COOKIE_NAME = \"__pa_state\"\nexport const CUSTOM_HEADER_FOR_ACCESS_TOKEN = \"x-propelauth-access-token\"\n\nconst COOKIE_OPTIONS: Partial<ResponseCookie> = {\n httpOnly: true,\n sameSite: \"lax\",\n secure: true,\n path: \"/\",\n}\n\nexport type ServerActionArgs = {\n authUrlOrigin: string\n redirectUri: string\n integrationApiKey: string\n verifierKey: string\n postLoginPathFn: (user: User) => string\n}\n\n\nexport type ServerActions = {\n getUser: () => Promise<User | undefined>\n getUserOrRedirect: () => Promise<User>\n getUserFromServerSideProps: (context: GetServerSidePropsContext) => Promise<User | undefined>\n validateAccessToken: (accessToken: string) => Promise<User>\n validateAccessTokenOrUndefined: (accessToken: string) => Promise<User | undefined>\n getRouteHandler: (req: NextRequest, { params }: { params: { slug: string } }) => Response | Promise<Response>\n postRouteHandler: (req: NextRequest, { params }: { params: { slug: string } }) => Response | Promise<Response>\n authMiddleware: (req: NextRequest) => Promise<Response>\n}\n\nexport function getServerActions({\n authUrlOrigin,\n postLoginPathFn,\n verifierKey,\n integrationApiKey,\n redirectUri,\n}: ServerActionArgs): ServerActions {\n const publicKeyPromise = jose.importSPKI(verifierKey, \"RS256\")\n async function getUserOrRedirect(): Promise<User> {\n const user = await getUser()\n if (user) {\n return user\n } else {\n redirect(LOGIN_PATH)\n throw new Error(\"Redirecting to login\")\n }\n }\n\n async function getUser(): Promise<User | undefined> {\n const accessToken = headers().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || cookies().get(ACCESS_TOKEN_COOKIE_NAME)?.value\n if (accessToken) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return user\n }\n }\n return undefined\n }\n\n // Purpose of this middleware is just to keep the access token cookie alive\n // In an ideal world, this could be done in `getUser`, however, you can't\n // set a cookie in a server component.\n // There also doesn't seem to be any way right now to set a cookie in a\n // middleware and pass it forward (you can only set them on the response).\n // You CAN, however, pass in custom headers,\n // so we'll use CUSTOM_HEADER_FOR_ACCESS_TOKEN as a workaround\n async function authMiddleware(req: NextRequest): Promise<Response> {\n if (req.headers.has(CUSTOM_HEADER_FOR_ACCESS_TOKEN)) {\n throw new Error(`${CUSTOM_HEADER_FOR_ACCESS_TOKEN} is set which is for internal use only`)\n } else if (req.nextUrl.pathname === CALLBACK_PATH || req.nextUrl.pathname === LOGOUT_PATH) {\n // Don't do anything for the callback or logout paths, as they will modify the cookies themselves\n return NextResponse.next()\n }\n\n const accessToken = req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n const refreshToken = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n\n // For the userinfo endpoint, we want to get the most up-to-date info, so we'll refresh the access token\n if (req.nextUrl.pathname === USERINFO_PATH && refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === \"unexpected\") {\n throw new Error(\"Unexpected error while refreshing access token\")\n } else if (response.error === \"unauthorized\") {\n const headers = new Headers()\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n return new Response(\"Unauthorized\", {status: 401, headers})\n } else {\n const headers = new Headers(req.headers)\n // Pass along the new access token in a header since cookies don't work\n headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n const nextResponse = NextResponse.next({\n request: {\n headers\n }\n })\n nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n return nextResponse\n }\n }\n\n // If we are authenticated, we can continue\n if (accessToken) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return NextResponse.next()\n }\n }\n\n // Otherwise, we need to refresh the access token\n if (refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === \"unexpected\") {\n throw new Error(\"Unexpected error while refreshing access token\")\n } else if (response.error === \"unauthorized\") {\n const response = NextResponse.next()\n response.cookies.delete(ACCESS_TOKEN_COOKIE_NAME)\n response.cookies.delete(REFRESH_TOKEN_COOKIE_NAME)\n return response\n } else {\n const headers = new Headers(req.headers)\n // Pass along the new access token in a header since cookies don't work\n headers.append(CUSTOM_HEADER_FOR_ACCESS_TOKEN, response.accessToken)\n const nextResponse = NextResponse.next({\n request: {\n headers\n }\n })\n nextResponse.cookies.set(ACCESS_TOKEN_COOKIE_NAME, response.accessToken, COOKIE_OPTIONS)\n nextResponse.cookies.set(REFRESH_TOKEN_COOKIE_NAME, response.refreshToken, COOKIE_OPTIONS)\n return nextResponse\n }\n }\n\n return NextResponse.next()\n }\n\n function getRouteHandler(req: NextRequest, { params }: { params: { slug: string } }) {\n if (params.slug === \"login\") {\n return loginGetHandler()\n } else if (params.slug === \"signup\") {\n return signupGetHandler()\n } else if (params.slug === \"callback\") {\n return callbackGetHandler(req)\n } else if (params.slug === \"userinfo\") {\n return userinfoGetHandler(req)\n } else {\n return new Response(\"\", { status: 404 })\n }\n }\n\n function postRouteHandler(req: NextRequest, { params }: { params: { slug: string } }) {\n if (params.slug === \"logout\") {\n return logoutPostHandler(req)\n } else {\n return new Response(\"\", { status: 404 })\n }\n }\n\n function loginGetHandler() {\n const state = randomState()\n const authorize_url =\n authUrlOrigin + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state\n return new Response(null, {\n status: 302,\n headers: {\n Location: authorize_url,\n \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n }\n })\n }\n\n function signupGetHandler() {\n const state = randomState()\n const authorize_url =\n authUrlOrigin + \"/propelauth/ssr/authorize?redirect_uri=\" + redirectUri + \"&state=\" + state + \"&signup=true\"\n return new Response(null, {\n status: 302,\n headers: {\n Location: authorize_url,\n \"Set-Cookie\": `${STATE_COOKIE_NAME}=${state}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n }\n })\n }\n\n async function callbackGetHandler(req: NextRequest) {\n const oauthState = req.cookies.get(STATE_COOKIE_NAME)?.value\n if (!oauthState || oauthState.length !== 64) {\n console.log(\"No oauth state found\")\n return new Response(null, { status: 302, headers: { Location: LOGIN_PATH } })\n }\n\n const queryParams = req.nextUrl.searchParams\n const state = queryParams.get(\"state\")\n const code = queryParams.get(\"code\")\n if (state !== oauthState) {\n console.log(\"Mismatch between states, redirecting to login\")\n return new Response(null, { status: 302, headers: { Location: LOGIN_PATH } })\n }\n\n const oauth_token_body = {\n redirect_uri: redirectUri,\n code,\n }\n const url = `${authUrlOrigin}/propelauth/ssr/token`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(oauth_token_body),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + integrationApiKey,\n },\n })\n\n if (response.ok) {\n const data = await response.json()\n\n const accessToken = data.access_token\n const user = await validateAccessToken(accessToken)\n const path = postLoginPathFn(user)\n if (!path) {\n console.log(\"postLoginPathFn returned undefined\")\n return new Response(\"Unexpected error\", { status: 500 })\n }\n\n const headers = new Headers()\n headers.append(\"Location\", path)\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=${accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=${data.refresh_token}; Path=/; HttpOnly; Secure; SameSite=Lax`)\n return new Response(null, {\n status: 302,\n headers\n })\n } else if (response.status === 401) {\n return new Response(\"Unexpected error\", { status: 500 })\n } else {\n return new Response(\"Unexpected error\", { status: 500 })\n }\n }\n\n async function userinfoGetHandler(req: NextRequest) {\n const accessToken = req.headers.get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || req.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value\n if (accessToken) {\n const path = `${authUrlOrigin}/propelauth/oauth/userinfo`\n const response = await fetch(path, {\n headers: {\n \"Content-Type\": \"application/json\",\n \"Authorization\": \"Bearer \" + accessToken,\n }\n })\n if (response.ok) {\n const data = await response.json()\n\n const user = new User(\n data.user_id,\n data.email,\n toOrgIdToOrgMemberInfo(data.org_id_to_org_info),\n data.first_name,\n data.last_name,\n data.username,\n data.legacy_user_id,\n data.impersonator_user_id,\n )\n\n return new Response(JSON.stringify(user), {\n status: 200,\n headers: {\n \"Content-Type\": \"application/json\",\n }\n })\n } else if (response.status === 401) {\n return new Response(null, { status: 401 })\n } else {\n return new Response(null, { status: 500 })\n }\n }\n return new Response(null, { status: 401 })\n }\n\n async function getUserFromServerSideProps(props: GetServerSidePropsContext) {\n const accessToken = props.req.cookies[ACCESS_TOKEN_COOKIE_NAME]\n const refreshToken = props.req.cookies[REFRESH_TOKEN_COOKIE_NAME]\n\n // If we are authenticated, we can continue\n if (accessToken) {\n const user = await validateAccessTokenOrUndefined(accessToken)\n if (user) {\n return user\n }\n }\n\n // Otherwise, we need to refresh the access token\n if (refreshToken) {\n const response = await refreshTokenWithAccessAndRefreshToken(refreshToken)\n if (response.error === \"unexpected\") {\n throw new Error(\"Unexpected error while refreshing access token\")\n } else if (response.error === \"unauthorized\") {\n props.res.setHeader(\"Set-Cookie\", [\n `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`,\n ])\n return undefined\n } else {\n const user = await validateAccessToken(response.accessToken)\n props.res.setHeader(\"Set-Cookie\", [\n `${ACCESS_TOKEN_COOKIE_NAME}=${response.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n `${REFRESH_TOKEN_COOKIE_NAME}=${response.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`,\n ])\n return user\n }\n }\n\n return undefined\n }\n\n async function refreshTokenWithAccessAndRefreshToken(refreshToken: string): Promise<RefreshTokenResponse> {\n const body = {\n refresh_token: refreshToken,\n }\n const url = `${authUrlOrigin}/api/backend/v1/refresh_token`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(body),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + integrationApiKey,\n },\n })\n\n if (response.ok) {\n const data = await response.json()\n const newRefreshToken = data.refresh_token\n const {\n access_token: accessToken,\n expires_at_seconds: expiresAtSeconds,\n } = data.access_token\n\n return {\n refreshToken: newRefreshToken,\n accessToken,\n error: \"none\",\n }\n } else if (response.status === 400) {\n return { error: \"unauthorized\" }\n } else {\n return { error: \"unexpected\" }\n }\n }\n\n async function logoutPostHandler(req: NextRequest) {\n const refresh_token = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value\n if (!refresh_token) {\n const headers = new Headers()\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n return new Response(null, { status: 200, headers })\n }\n\n const logoutBody = { refresh_token }\n const url = `${authUrlOrigin}/api/backend/v1/logout`\n const response = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(logoutBody),\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: \"Bearer \" + integrationApiKey,\n },\n })\n\n if (!response.ok) {\n console.log(\n \"Unable to logout, clearing cookies and continuing anyway\",\n response.status,\n response.statusText\n )\n }\n const headers = new Headers()\n headers.append(\"Set-Cookie\", `${ACCESS_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n headers.append(\"Set-Cookie\", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`)\n return new Response(null, { status: 200, headers })\n }\n\n async function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<User | undefined> {\n try {\n return await validateAccessToken(accessToken)\n } catch (err) {\n if (err instanceof ConfigurationException) {\n throw err\n } else if (err instanceof UnauthorizedException) {\n return undefined\n } else {\n console.log(\"Error validating access token\", err)\n return undefined\n }\n }\n }\n\n async function validateAccessToken(accessToken: string | undefined): Promise<User> {\n let publicKey\n try {\n publicKey = await publicKeyPromise\n } catch (err) {\n console.error(\"Verifier key is invalid. Make sure it's specified correctly, including the newlines.\", err)\n throw new ConfigurationException(\"Invalid verifier key\")\n }\n\n if (!accessToken) {\n throw new UnauthorizedException(\"No access token provided\")\n }\n\n let accessTokenWithoutBearer = accessToken\n if (accessToken.toLowerCase().startsWith(\"bearer \")) {\n accessTokenWithoutBearer = accessToken.substring(\"bearer \".length)\n }\n\n try {\n const { payload } = await jose.jwtVerify(accessTokenWithoutBearer, publicKey, {\n issuer: authUrlOrigin,\n algorithms: [\"RS256\"],\n })\n\n return toUser(<InternalUser>payload)\n } catch (e) {\n if (e instanceof Error) {\n throw new UnauthorizedException(e.message)\n } else {\n throw new UnauthorizedException(\"Unable to decode jwt\")\n }\n }\n }\n\n return {\n getUser,\n getUserOrRedirect,\n getUserFromServerSideProps,\n validateAccessToken,\n validateAccessTokenOrUndefined,\n getRouteHandler,\n postRouteHandler,\n authMiddleware,\n }\n}\n\nfunction randomState(): string {\n const randomBytes = crypto.getRandomValues(new Uint8Array(32))\n return Array.from(randomBytes)\n .map((b) => b.toString(16).padStart(2, \"0\"))\n .join(\"\")\n}","export function validateAuthUrl(authUrl: string): URL {\n try {\n return new URL(authUrl)\n } catch (e) {\n console.error(\"Invalid authUrl\", e)\n throw new Error(\"Unable to initialize auth client\")\n }\n}\n","import { getServerActions } from \"./server-actions\"\nimport { User } from \"../user\"\nimport { validateAuthUrl } from \"./validators\"\n\nexport type InitializeAuthOptions = {\n authUrl: string\n redirectUri: string\n integrationApiKey: string\n verifierKey: string\n postLoginRedirectPathFn?: (user: User) => string\n}\n\nexport function initializeAuth(opts: InitializeAuthOptions) {\n const authUrl = validateAuthUrl(opts.authUrl).origin\n const postLoginPathFn =\n opts.postLoginRedirectPathFn ||\n function () {\n return \"/\"\n }\n\n return getServerActions({\n authUrlOrigin: authUrl,\n verifierKey: opts.verifierKey,\n redirectUri: opts.redirectUri,\n integrationApiKey: opts.integrationApiKey,\n postLoginPathFn,\n })\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAO,IAAM,OAAN,MAAW;AAAA,EAed,YACI,QACA,OACA,sBACA,WACA,UACA,UACA,cACA,oBACF;AACE,SAAK,SAAS;AACd,SAAK,uBAAuB;AAE5B,SAAK,QAAQ;AACb,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,WAAW;AAEhB,SAAK,eAAe;AACpB,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEO,OAAO,OAA0C;AACpD,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,WAAO,KAAK,qBAAqB,KAAK;AAAA,EAC1C;AAAA,EAEO,aAAa,SAA4C;AAC5D,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO;AAAA,IACX;AAEA,UAAM,iBAAiB,QAAQ,YAAY,EAAE,QAAQ,MAAM,GAAG;AAC9D,eAAW,SAAS,KAAK,sBAAsB;AAC3C,YAAM,gBAAgB,KAAK,qBAAqB,KAAK;AACrD,UAAI,cAAc,mBAAmB,gBAAgB;AACjD,eAAO;AAAA,MACX;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEO,UAA2B;AAC9B,QAAI,CAAC,KAAK,sBAAsB;AAC5B,aAAO,CAAC;AAAA,IACZ;AAEA,WAAO,OAAO,OAAO,KAAK,oBAAoB;AAAA,EAClD;AAAA,EAEO,kBAA2B;AAC9B,WAAO,CAAC,CAAC,KAAK;AAAA,EAClB;AAAA,EAEA,OAAc,SAAS,MAAoB;AACvC,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,UAAM,uBAA6C,CAAC;AACpD,eAAW,SAAS,IAAI,sBAAsB;AAC1C,2BAAqB,KAAK,IAAI,cAAc;AAAA,QACxC,KAAK,UAAU,IAAI,qBAAqB,KAAK,CAAC;AAAA,MAClD;AAAA,IACJ;AACA,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AACJ;AAMO,IAAM,gBAAN,MAAoB;AAAA,EAUvB,YACI,OACA,SACA,aACA,gBACA,kBACA,mCACA,iBACF;AACE,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AAEtB,SAAK,mBAAmB;AACxB,SAAK,oCAAoC;AACzC,SAAK,kBAAkB;AAAA,EAC3B;AAAA;AAAA,EAIO,OAAO,MAAuB;AACjC,WAAO,KAAK,qBAAqB;AAAA,EACrC;AAAA,EAEO,cAAc,MAAuB;AACxC,WAAO,KAAK,kCAAkC,SAAS,IAAI;AAAA,EAC/D;AAAA,EAEO,cAAc,YAA6B;AAC9C,WAAO,KAAK,gBAAgB,SAAS,UAAU;AAAA,EACnD;AAAA,EAEO,kBAAkB,aAAgC;AACrD,WAAO,YAAY,MAAM,CAAC,eAAe,KAAK,cAAc,UAAU,CAAC;AAAA,EAC3E;AAAA,EAEA,OAAc,SAAS,MAA6B;AAChD,UAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,WAAO,IAAI;AAAA,MACP,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACR;AAAA,EACJ;AAAA;AAAA,EAIA,IAAI,eAAuB;AACvB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAA0C;AAC1C,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AACJ;AA2BO,SAAS,OAAO,YAAgC;AACnD,SAAO,IAAI;AAAA,IACP,WAAW;AAAA,IACX,WAAW;AAAA,IACX,uBAAuB,WAAW,yBAAyB;AAAA,IAC3D,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,IACX,WAAW;AAAA,EACf;AACJ;AAEO,SAAS,uBAAuB,YAEF;AACjC,MAAI,eAAe,QAAW;AAC1B,WAAO;AAAA,EACX;AACA,QAAM,YAAkC,CAAC;AAEzC,aAAW,OAAO,OAAO,KAAK,UAAU,GAAG;AACvC,UAAM,iBAAiB,WAAW,GAAG;AACrC,QAAI,gBAAgB;AAChB,gBAAU,GAAG,IAAI,IAAI;AAAA,QACjB,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,QACf,eAAe;AAAA,MACnB;AAAA,IACJ;AAAA,EACJ;AAEA,SAAO;AACX;;;AC3OO,IAAM,wBAAN,cAAoC,MAAM;AAAA,EAI7C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;AAEO,IAAM,yBAAN,cAAqC,MAAM;AAAA,EAI9C,YAAY,SAAiB;AACzB,UAAM,OAAO;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAClB;AACJ;;;ACpBA,YAAY,UAAU;AACtB,SAAQ,SAAS,eAAc;AAC/B,SAAQ,gBAAe;AAGvB,SAAqB,oBAAmB;AAoBjC,IAAM,aAAa;AACnB,IAAM,gBAAgB;AACtB,IAAM,gBAAe;AACrB,IAAM,cAAc;AACpB,IAAM,2BAA2B;AACjC,IAAM,4BAA4B;AAClC,IAAM,oBAAoB;AAC1B,IAAM,iCAAiC;AAE9C,IAAM,iBAA0C;AAAA,EAC5C,UAAU;AAAA,EACV,UAAU;AAAA,EACV,QAAQ;AAAA,EACR,MAAM;AACV;AAsBO,SAAS,iBAAiB;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACJ,GAAoC;AAChC,QAAM,mBAAwB,gBAAW,aAAa,OAAO;AAC7D,WAAe,oBAAmC;AAAA;AAC9C,YAAM,OAAO,MAAM,QAAQ;AAC3B,UAAI,MAAM;AACN,eAAO;AAAA,MACX,OAAO;AACH,iBAAS,UAAU;AACnB,cAAM,IAAI,MAAM,sBAAsB;AAAA,MAC1C;AAAA,IACJ;AAAA;AAEA,WAAe,UAAqC;AAAA;AA/ExD;AAgFQ,YAAM,cAAc,QAAQ,EAAE,IAAI,8BAA8B,OAAK,aAAQ,EAAE,IAAI,wBAAwB,MAAtC,mBAAyC;AAC9G,UAAI,aAAa;AACb,cAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,YAAI,MAAM;AACN,iBAAO;AAAA,QACX;AAAA,MACJ;AACA,aAAO;AAAA,IACX;AAAA;AASA,WAAe,eAAe,KAAqC;AAAA;AAjGvE;AAkGQ,UAAI,IAAI,QAAQ,IAAI,8BAA8B,GAAG;AACjD,cAAM,IAAI,MAAM,GAAG,sEAAsE;AAAA,MAC7F,WAAW,IAAI,QAAQ,aAAa,iBAAiB,IAAI,QAAQ,aAAa,aAAa;AAEvF,eAAO,aAAa,KAAK;AAAA,MAC7B;AAEA,YAAM,eAAc,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAC/D,YAAM,gBAAe,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAGjE,UAAI,IAAI,QAAQ,aAAa,iBAAiB,cAAc;AACxD,cAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,YAAI,SAAS,UAAU,cAAc;AACjC,gBAAM,IAAI,MAAM,gDAAgD;AAAA,QACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,gBAAMA,WAAU,IAAI,QAAQ;AAC5B,UAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,UAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,iBAAO,IAAI,SAAS,gBAAgB,EAAC,QAAQ,KAAK,SAAAA,SAAO,CAAC;AAAA,QAC9D,OAAO;AACH,gBAAMA,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,UAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,gBAAM,eAAe,aAAa,KAAK;AAAA,YACnC,SAAS;AAAA,cACL,SAAAA;AAAA,YACJ;AAAA,UACJ,CAAC;AACD,uBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,uBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,iBAAO;AAAA,QACX;AAAA,MACJ;AAGA,UAAI,aAAa;AACb,cAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,YAAI,MAAM;AACN,iBAAO,aAAa,KAAK;AAAA,QAC7B;AAAA,MACJ;AAGA,UAAI,cAAc;AACd,cAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,YAAI,SAAS,UAAU,cAAc;AACjC,gBAAM,IAAI,MAAM,gDAAgD;AAAA,QACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,gBAAMC,YAAW,aAAa,KAAK;AACnC,UAAAA,UAAS,QAAQ,OAAO,wBAAwB;AAChD,UAAAA,UAAS,QAAQ,OAAO,yBAAyB;AACjD,iBAAOA;AAAA,QACX,OAAO;AACH,gBAAMD,WAAU,IAAI,QAAQ,IAAI,OAAO;AAEvC,UAAAA,SAAQ,OAAO,gCAAgC,SAAS,WAAW;AACnE,gBAAM,eAAe,aAAa,KAAK;AAAA,YACnC,SAAS;AAAA,cACL,SAAAA;AAAA,YACJ;AAAA,UACJ,CAAC;AACD,uBAAa,QAAQ,IAAI,0BAA0B,SAAS,aAAa,cAAc;AACvF,uBAAa,QAAQ,IAAI,2BAA2B,SAAS,cAAc,cAAc;AACzF,iBAAO;AAAA,QACX;AAAA,MACJ;AAEA,aAAO,aAAa,KAAK;AAAA,IAC7B;AAAA;AAEA,WAAS,gBAAgB,KAAkB,EAAE,OAAO,GAAiC;AACjF,QAAI,OAAO,SAAS,SAAS;AACzB,aAAO,gBAAgB;AAAA,IAC3B,WAAW,OAAO,SAAS,UAAU;AACjC,aAAO,iBAAiB;AAAA,IAC5B,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,WAAW,OAAO,SAAS,YAAY;AACnC,aAAO,mBAAmB,GAAG;AAAA,IACjC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC3C;AAAA,EACJ;AAEA,WAAS,iBAAiB,KAAkB,EAAE,OAAO,GAAiC;AAClF,QAAI,OAAO,SAAS,UAAU;AAC1B,aAAO,kBAAkB,GAAG;AAAA,IAChC,OAAO;AACH,aAAO,IAAI,SAAS,IAAI,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC3C;AAAA,EACJ;AAEA,WAAS,kBAAkB;AACvB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,gBAAgB,4CAA4C,cAAc,YAAY;AAC1F,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAS,mBAAmB;AACxB,UAAM,QAAQ,YAAY;AAC1B,UAAM,gBACF,gBAAgB,4CAA4C,cAAc,YAAY,QAAQ;AAClG,WAAO,IAAI,SAAS,MAAM;AAAA,MACtB,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,UAAU;AAAA,QACV,cAAc,GAAG,qBAAqB;AAAA,MAC1C;AAAA,IACJ,CAAC;AAAA,EACL;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AAzNxD;AA0NQ,YAAM,cAAa,SAAI,QAAQ,IAAI,iBAAiB,MAAjC,mBAAoC;AACvD,UAAI,CAAC,cAAc,WAAW,WAAW,IAAI;AACzC,gBAAQ,IAAI,sBAAsB;AAClC,eAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAS,EAAE,UAAU,WAAW,EAAE,CAAC;AAAA,MAChF;AAEA,YAAM,cAAc,IAAI,QAAQ;AAChC,YAAM,QAAQ,YAAY,IAAI,OAAO;AACrC,YAAM,OAAO,YAAY,IAAI,MAAM;AACnC,UAAI,UAAU,YAAY;AACtB,gBAAQ,IAAI,+CAA+C;AAC3D,eAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAS,EAAE,UAAU,WAAW,EAAE,CAAC;AAAA,MAChF;AAEA,YAAM,mBAAmB;AAAA,QACrB,cAAc;AAAA,QACd;AAAA,MACJ;AACA,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,gBAAgB;AAAA,QACrC,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,SAAS,IAAI;AACb,cAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,cAAM,cAAc,KAAK;AACzB,cAAM,OAAO,MAAM,oBAAoB,WAAW;AAClD,cAAM,OAAO,gBAAgB,IAAI;AACjC,YAAI,CAAC,MAAM;AACP,kBAAQ,IAAI,oCAAoC;AAChD,iBAAO,IAAI,SAAS,oBAAoB,EAAE,QAAQ,IAAI,CAAC;AAAA,QAC3D;AAEA,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,YAAY,IAAI;AAC/B,QAAAA,SAAQ,OAAO,cAAc,GAAG,4BAA4B,qDAAqD;AACjH,QAAAA,SAAQ,OAAO,cAAc,GAAG,6BAA6B,KAAK,uDAAuD;AACzH,eAAO,IAAI,SAAS,MAAM;AAAA,UACtB,QAAQ;AAAA,UACR,SAAAA;AAAA,QACJ,CAAC;AAAA,MACL,WAAW,SAAS,WAAW,KAAK;AAChC,eAAO,IAAI,SAAS,oBAAoB,EAAE,QAAQ,IAAI,CAAC;AAAA,MAC3D,OAAO;AACH,eAAO,IAAI,SAAS,oBAAoB,EAAE,QAAQ,IAAI,CAAC;AAAA,MAC3D;AAAA,IACJ;AAAA;AAEA,WAAe,mBAAmB,KAAkB;AAAA;AAhRxD;AAiRQ,YAAM,cAAc,IAAI,QAAQ,IAAI,8BAA8B,OAAK,SAAI,QAAQ,IAAI,wBAAwB,MAAxC,mBAA2C;AAClH,UAAI,aAAa;AACb,cAAM,OAAO,GAAG;AAChB,cAAM,WAAW,MAAM,MAAM,MAAM;AAAA,UAC/B,SAAS;AAAA,YACL,gBAAgB;AAAA,YAChB,iBAAiB,YAAY;AAAA,UACjC;AAAA,QACJ,CAAC;AACD,YAAI,SAAS,IAAI;AACb,gBAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,gBAAM,OAAO,IAAI;AAAA,YACb,KAAK;AAAA,YACL,KAAK;AAAA,YACL,uBAAuB,KAAK,kBAAkB;AAAA,YAC9C,KAAK;AAAA,YACL,KAAK;AAAA,YACL,KAAK;AAAA,YACL,KAAK;AAAA,YACL,KAAK;AAAA,UACT;AAEA,iBAAO,IAAI,SAAS,KAAK,UAAU,IAAI,GAAG;AAAA,YACtC,QAAQ;AAAA,YACR,SAAS;AAAA,cACL,gBAAgB;AAAA,YACpB;AAAA,UACJ,CAAC;AAAA,QACL,WAAW,SAAS,WAAW,KAAK;AAChC,iBAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,CAAC;AAAA,QAC7C,OAAO;AACH,iBAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,CAAC;AAAA,QAC7C;AAAA,MACJ;AACA,aAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC7C;AAAA;AAEA,WAAe,2BAA2B,OAAkC;AAAA;AACxE,YAAM,cAAc,MAAM,IAAI,QAAQ,wBAAwB;AAC9D,YAAM,eAAe,MAAM,IAAI,QAAQ,yBAAyB;AAGhE,UAAI,aAAa;AACb,cAAM,OAAO,MAAM,+BAA+B,WAAW;AAC7D,YAAI,MAAM;AACN,iBAAO;AAAA,QACX;AAAA,MACJ;AAGA,UAAI,cAAc;AACd,cAAM,WAAW,MAAM,sCAAsC,YAAY;AACzE,YAAI,SAAS,UAAU,cAAc;AACjC,gBAAM,IAAI,MAAM,gDAAgD;AAAA,QACpE,WAAW,SAAS,UAAU,gBAAgB;AAC1C,gBAAM,IAAI,UAAU,cAAc;AAAA,YAC9B,GAAG;AAAA,YACH,GAAG;AAAA,UACP,CAAC;AACD,iBAAO;AAAA,QACX,OAAO;AACH,gBAAM,OAAO,MAAM,oBAAoB,SAAS,WAAW;AAC3D,gBAAM,IAAI,UAAU,cAAc;AAAA,YAC9B,GAAG,4BAA4B,SAAS;AAAA,YACxC,GAAG,6BAA6B,SAAS;AAAA,UAC7C,CAAC;AACD,iBAAO;AAAA,QACX;AAAA,MACJ;AAEA,aAAO;AAAA,IACX;AAAA;AAEA,WAAe,sCAAsC,cAAqD;AAAA;AACtG,YAAM,OAAO;AAAA,QACT,eAAe;AAAA,MACnB;AACA,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,IAAI;AAAA,QACzB,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,SAAS,IAAI;AACb,cAAM,OAAO,MAAM,SAAS,KAAK;AACjC,cAAM,kBAAkB,KAAK;AAC7B,cAAM;AAAA,UACF,cAAc;AAAA,UACd,oBAAoB;AAAA,QACxB,IAAI,KAAK;AAET,eAAO;AAAA,UACH,cAAc;AAAA,UACd;AAAA,UACA,OAAO;AAAA,QACX;AAAA,MACJ,WAAW,SAAS,WAAW,KAAK;AAChC,eAAO,EAAE,OAAO,eAAe;AAAA,MACnC,OAAO;AACH,eAAO,EAAE,OAAO,aAAa;AAAA,MACjC;AAAA,IACJ;AAAA;AAEA,WAAe,kBAAkB,KAAkB;AAAA;AA7XvD;AA8XQ,YAAM,iBAAgB,SAAI,QAAQ,IAAI,yBAAyB,MAAzC,mBAA4C;AAClE,UAAI,CAAC,eAAe;AAChB,cAAMA,WAAU,IAAI,QAAQ;AAC5B,QAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,QAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,eAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAAA,SAAQ,CAAC;AAAA,MACtD;AAEA,YAAM,aAAa,EAAE,cAAc;AACnC,YAAM,MAAM,GAAG;AACf,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAC9B,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU,UAAU;AAAA,QAC/B,SAAS;AAAA,UACL,gBAAgB;AAAA,UAChB,eAAe,YAAY;AAAA,QAC/B;AAAA,MACJ,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AACd,gBAAQ;AAAA,UACJ;AAAA,UACA,SAAS;AAAA,UACT,SAAS;AAAA,QACb;AAAA,MACJ;AACA,YAAMA,WAAU,IAAI,QAAQ;AAC5B,MAAAA,SAAQ,OAAO,cAAc,GAAG,8EAA8E;AAC9G,MAAAA,SAAQ,OAAO,cAAc,GAAG,+EAA+E;AAC/G,aAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,SAAAA,SAAQ,CAAC;AAAA,IACtD;AAAA;AAEA,WAAe,+BAA+B,aAA4D;AAAA;AACtG,UAAI;AACA,eAAO,MAAM,oBAAoB,WAAW;AAAA,MAChD,SAAS,KAAP;AACE,YAAI,eAAe,wBAAwB;AACvC,gBAAM;AAAA,QACV,WAAW,eAAe,uBAAuB;AAC7C,iBAAO;AAAA,QACX,OAAO;AACH,kBAAQ,IAAI,iCAAiC,GAAG;AAChD,iBAAO;AAAA,QACX;AAAA,MACJ;AAAA,IACJ;AAAA;AAEA,WAAe,oBAAoB,aAAgD;AAAA;AAC/E,UAAI;AACJ,UAAI;AACA,oBAAY,MAAM;AAAA,MACtB,SAAS,KAAP;AACE,gBAAQ,MAAM,wFAAwF,GAAG;AACzG,cAAM,IAAI,uBAAuB,sBAAsB;AAAA,MAC3D;AAEA,UAAI,CAAC,aAAa;AACd,cAAM,IAAI,sBAAsB,0BAA0B;AAAA,MAC9D;AAEA,UAAI,2BAA2B;AAC/B,UAAI,YAAY,YAAY,EAAE,WAAW,SAAS,GAAG;AACjD,mCAA2B,YAAY,UAAU,UAAU,MAAM;AAAA,MACrE;AAEA,UAAI;AACA,cAAM,EAAE,QAAQ,IAAI,MAAW,eAAU,0BAA0B,WAAW;AAAA,UAC1E,QAAQ;AAAA,UACR,YAAY,CAAC,OAAO;AAAA,QACxB,CAAC;AAED,eAAO,OAAqB,OAAO;AAAA,MACvC,SAAS,GAAP;AACE,YAAI,aAAa,OAAO;AACpB,gBAAM,IAAI,sBAAsB,EAAE,OAAO;AAAA,QAC7C,OAAO;AACH,gBAAM,IAAI,sBAAsB,sBAAsB;AAAA,QAC1D;AAAA,MACJ;AAAA,IACJ;AAAA;AAEA,SAAO;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ;AACJ;AAEA,SAAS,cAAsB;AAC3B,QAAM,cAAc,OAAO,gBAAgB,IAAI,WAAW,EAAE,CAAC;AAC7D,SAAO,MAAM,KAAK,WAAW,EACxB,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAC1C,KAAK,EAAE;AAChB;;;ACheO,SAAS,gBAAgB,SAAsB;AAClD,MAAI;AACA,WAAO,IAAI,IAAI,OAAO;AAAA,EAC1B,SAAS,GAAP;AACE,YAAQ,MAAM,mBAAmB,CAAC;AAClC,UAAM,IAAI,MAAM,kCAAkC;AAAA,EACtD;AACJ;;;ACKO,SAAS,eAAe,MAA6B;AACxD,QAAM,UAAU,gBAAgB,KAAK,OAAO,EAAE;AAC9C,QAAM,kBACF,KAAK,2BACL,WAAY;AACR,WAAO;AAAA,EACX;AAEJ,SAAO,iBAAiB;AAAA,IACpB,eAAe;AAAA,IACf,aAAa,KAAK;AAAA,IAClB,aAAa,KAAK;AAAA,IAClB,mBAAmB,KAAK;AAAA,IACxB;AAAA,EACJ,CAAC;AACL;","names":["headers","response"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@propelauth/nextjs",
3
- "version": "0.0.60",
3
+ "version": "0.0.63",
4
4
  "exports": {
5
5
  "./server": {
6
6
  "browser": "./dist/server/index.mjs",