@saasak/kit-oauth 0.0.2 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/factory.js +3 -3
- package/dist/factory.js.map +1 -1
- package/dist/init.js +4 -4
- package/dist/init.js.map +1 -1
- package/dist/middleware.js +3 -3
- package/dist/middleware.js.map +1 -1
- package/dist/oauth.js +7 -7
- package/dist/oauth.js.map +1 -1
- package/dist/routes/callback.js +1 -1
- package/dist/routes/callback.js.map +1 -1
- package/dist/routes/logout.js +2 -2
- package/dist/routes/logout.js.map +1 -1
- package/dist/routes/refresh.js +1 -1
- package/dist/routes/refresh.js.map +1 -1
- package/dist/routes/set-team.js +1 -1
- package/dist/routes/set-team.js.map +1 -1
- package/dist/types.d.ts +5 -5
- package/package.json +1 -1
package/dist/factory.js
CHANGED
|
@@ -11,7 +11,7 @@ const DEFAULT_IAM_SESSION_COOKIES = [
|
|
|
11
11
|
'__Secure-better-auth.session_token'
|
|
12
12
|
];
|
|
13
13
|
function validateEnv(env) {
|
|
14
|
-
const required = ['
|
|
14
|
+
const required = ['iamUrl', 'appSeed', 'sessionSecret', 'origin'];
|
|
15
15
|
for (const key of required) {
|
|
16
16
|
if (!env[key])
|
|
17
17
|
throw new Error(`[kit-oauth] Missing required env: ${key}`);
|
|
@@ -24,12 +24,12 @@ export function createOAuthHandler(config) {
|
|
|
24
24
|
return ctx;
|
|
25
25
|
const env = config.env();
|
|
26
26
|
validateEnv(env);
|
|
27
|
-
const clientSecret = deriveSecret(env.
|
|
27
|
+
const clientSecret = deriveSecret(env.appSeed, config.clientId);
|
|
28
28
|
ctx = {
|
|
29
29
|
config,
|
|
30
30
|
env,
|
|
31
31
|
clientSecret,
|
|
32
|
-
secure: env.
|
|
32
|
+
secure: env.origin.startsWith('https://'),
|
|
33
33
|
cookieNames: {
|
|
34
34
|
session: `${config.cookiePrefix}_session`,
|
|
35
35
|
activeTeam: `${config.cookiePrefix}_active_team`,
|
package/dist/factory.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"factory.js","sourceRoot":"","sources":["../src/factory.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAEpD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAC3E,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAE5C,MAAM,2BAA2B,GAAG;IACnC,2BAA2B;IAC3B,oCAAoC;CACpC,CAAC;AAEF,SAAS,WAAW,CAAC,GAAgB;IACpC,MAAM,QAAQ,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"factory.js","sourceRoot":"","sources":["../src/factory.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAEpD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAC3E,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAE5C,MAAM,2BAA2B,GAAG;IACnC,2BAA2B;IAC3B,oCAAoC;CACpC,CAAC;AAEF,SAAS,WAAW,CAAC,GAAgB;IACpC,MAAM,QAAQ,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,eAAe,EAAE,QAAQ,CAAU,CAAC;IAC3E,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC5B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,GAAG,EAAE,CAAC,CAAC;IAC5E,CAAC;AACF,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,MAA0B;IAC5D,IAAI,GAAG,GAAwB,IAAI,CAAC;IAEpC,SAAS,UAAU;QAClB,IAAI,GAAG;YAAE,OAAO,GAAG,CAAC;QAEpB,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC;QACzB,WAAW,CAAC,GAAG,CAAC,CAAC;QAEjB,MAAM,YAAY,GAAG,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QAEhE,GAAG,GAAG;YACL,MAAM;YACN,GAAG;YACH,YAAY;YACZ,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,CAAC;YACzC,WAAW,EAAE;gBACZ,OAAO,EAAE,GAAG,MAAM,CAAC,YAAY,UAAU;gBACzC,UAAU,EAAE,GAAG,MAAM,CAAC,YAAY,cAAc;gBAChD,UAAU,EAAE,GAAG,MAAM,CAAC,YAAY,cAAc;aAChD;YACD,iBAAiB,EAAE,MAAM,CAAC,iBAAiB,IAAI,2BAA2B;YAC1E,OAAO,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;SAC1B,CAAC;QAEF,OAAO,GAAG,CAAC;IACZ,CAAC;IAED,MAAM,MAAM,GAAW,KAAK,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE;QACnD,MAAM,CAAC,GAAG,UAAU,EAAE,CAAC;QACvB,MAAM,QAAQ,GAAG,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC;QACpC,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;QAEpC,qDAAqD;QACrD,IAAI,QAAQ,KAAK,aAAa,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;YACpD,OAAO,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAC9B,CAAC;QACD,IAAI,QAAQ,KAAK,gBAAgB,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;YACvD,OAAO,cAAc,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QACjC,CAAC;QACD,IAAI,QAAQ,KAAK,cAAc,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtD,OAAO,YAAY,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAC/B,CAAC;QACD,IAAI,QAAQ,KAAK,eAAe,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACvD,OAAO,aAAa,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAChC,CAAC;QACD,IAAI,QAAQ,KAAK,gBAAgB,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACxD,OAAO,aAAa,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAChC,CAAC;QAED,mCAAmC;QACnC,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC;IACvB,CAAC,CAAC;IAEF,MAAM,IAAI,GAAe,KAAK,IAAI,EAAE;QACnC,MAAM,CAAC,GAAG,UAAU,EAAE,CAAC;QACvB,OAAO,eAAe,CAAC,CAAC,CAAC,CAAC;IAC3B,CAAC,CAAC;IAEF,mDAAmD;IACnD,IAAI,aAAa,GAAkD,IAAI,CAAC;IAExE,MAAM,OAAO,GAA4B,KAAK,EAAE,KAAK,EAAE,EAAE;QACxD,IAAI,CAAC,aAAa,EAAE,CAAC;YACpB,aAAa,GAAG,mBAAmB,CAAC,UAAU,EAAE,CAAC,CAAC;QACnD,CAAC;QACD,OAAO,aAAa,CAAC,KAAK,CAAC,CAAC;IAC7B,CAAC,CAAC;IAEF,MAAM,YAAY,GAAiC,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE;QAC/E,OAAO,mBAAmB,CAAC,KAAK,EAAE,UAAU,EAAE,EAAE,WAAW,CAAC,CAAC;IAC9D,CAAC,CAAC;IAEF,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC;AAChD,CAAC"}
|
package/dist/init.js
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
export async function registerWithIAM(ctx) {
|
|
2
2
|
const { env, config, clientSecret } = ctx;
|
|
3
|
-
if (!env.
|
|
3
|
+
if (!env.appSeed || !env.iamUrl)
|
|
4
4
|
return;
|
|
5
|
-
const redirectUri = `${env.
|
|
5
|
+
const redirectUri = `${env.origin}/auth/callback`;
|
|
6
6
|
const payload = JSON.stringify({
|
|
7
7
|
clientId: config.clientId,
|
|
8
8
|
redirectUris: [redirectUri],
|
|
@@ -16,11 +16,11 @@ export async function registerWithIAM(ctx) {
|
|
|
16
16
|
const maxAttempts = 5;
|
|
17
17
|
for (let attempt = 1; attempt <= maxAttempts; attempt++) {
|
|
18
18
|
try {
|
|
19
|
-
const res = await fetch(`${env.
|
|
19
|
+
const res = await fetch(`${env.iamUrl}/api/register-app`, {
|
|
20
20
|
method: 'POST',
|
|
21
21
|
headers: {
|
|
22
22
|
'Content-Type': 'application/json',
|
|
23
|
-
Authorization: `Bearer ${env.
|
|
23
|
+
Authorization: `Bearer ${env.appSeed}`
|
|
24
24
|
},
|
|
25
25
|
body: payload
|
|
26
26
|
});
|
package/dist/init.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,GAAiB;IACtD,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,GAAG,CAAC;IAE1C,IAAI,CAAC,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,GAAiB;IACtD,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,GAAG,CAAC;IAE1C,IAAI,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,GAAG,CAAC,MAAM;QAAE,OAAO;IAExC,MAAM,WAAW,GAAG,GAAG,GAAG,CAAC,MAAM,gBAAgB,CAAC;IAClD,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC;QAC9B,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,YAAY,EAAE,CAAC,WAAW,CAAC;QAC3B,IAAI,EAAE,MAAM,CAAC,WAAW;QACxB,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE,YAAY,IAAI,IAAI;QACvD,WAAW,EAAE,MAAM,CAAC,YAAY,EAAE,WAAW,IAAI,IAAI;QACrD,WAAW,EAAE,MAAM,CAAC,YAAY,EAAE,WAAW;QAC7C,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE,YAAY;KAC/C,CAAC,CAAC;IAEH,MAAM,WAAW,GAAG,CAAC,CAAC;IACtB,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,WAAW,EAAE,OAAO,EAAE,EAAE,CAAC;QACzD,IAAI,CAAC;YACJ,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,GAAG,CAAC,MAAM,mBAAmB,EAAE;gBACzD,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACR,cAAc,EAAE,kBAAkB;oBAClC,aAAa,EAAE,UAAU,GAAG,CAAC,OAAO,EAAE;iBACtC;gBACD,IAAI,EAAE,OAAO;aACb,CAAC,CAAC;YAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACb,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;gBACrD,MAAM,IAAI,KAAK,CAAC,QAAQ,GAAG,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC,CAAC;YAChD,CAAC;YAED,OAAO,CAAC,GAAG,CAAC,4CAA4C,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC3E,OAAO;QACR,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,IAAI,OAAO,GAAG,WAAW,EAAE,CAAC;gBAC3B,OAAO,CAAC,IAAI,CACX,iCAAiC,OAAO,IAAI,WAAW,sBAAsB,CAC7E,CAAC;gBACF,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;YAC/C,CAAC;iBAAM,CAAC;gBACP,MAAM,IAAI,KAAK,CACd,4CAA4C,WAAW,cAAc,GAAG,EAAE,CAC1E,CAAC;YACH,CAAC;QACF,CAAC;IACF,CAAC;AACF,CAAC"}
|
package/dist/middleware.js
CHANGED
|
@@ -20,7 +20,7 @@ function evictExpiredTokens() {
|
|
|
20
20
|
}
|
|
21
21
|
}
|
|
22
22
|
export function createSessionReader(ctx) {
|
|
23
|
-
const secret = new TextEncoder().encode(ctx.env.
|
|
23
|
+
const secret = new TextEncoder().encode(ctx.env.sessionSecret);
|
|
24
24
|
return async (event) => {
|
|
25
25
|
const isBearer = isBearerRequest(event.request);
|
|
26
26
|
const token = getSessionToken(event.request, event.cookies, ctx.cookieNames.session);
|
|
@@ -32,7 +32,7 @@ export function createSessionReader(ctx) {
|
|
|
32
32
|
return { user: cached.claims };
|
|
33
33
|
}
|
|
34
34
|
try {
|
|
35
|
-
const res = await fetch(`${ctx.env.
|
|
35
|
+
const res = await fetch(`${ctx.env.iamUrl}/api/auth/api-tokens/exchange`, {
|
|
36
36
|
method: 'POST',
|
|
37
37
|
headers: { 'Content-Type': 'application/json' },
|
|
38
38
|
body: JSON.stringify({ token, clientId: ctx.config.clientId })
|
|
@@ -142,7 +142,7 @@ export function createSessionReader(ctx) {
|
|
|
142
142
|
export async function forceRefreshSession(event, ctx, currentUser) {
|
|
143
143
|
if (!currentUser.refreshToken)
|
|
144
144
|
return null;
|
|
145
|
-
const secret = new TextEncoder().encode(ctx.env.
|
|
145
|
+
const secret = new TextEncoder().encode(ctx.env.sessionSecret);
|
|
146
146
|
try {
|
|
147
147
|
const tokens = await refreshTokens(ctx, currentUser.refreshToken);
|
|
148
148
|
let updatedClaims = {
|
package/dist/middleware.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAE7B,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AACxE,OAAO,EACN,WAAW,EACX,eAAe,EACf,aAAa,EACb,gBAAgB,EAChB,kBAAkB,EAClB,qBAAqB,EACrB,eAAe,EACf,UAAU,EACV,QAAQ,EACR,MAAM,cAAc,CAAC;AAOtB;;;;;;GAMG;AACH,mDAAmD;AACnD,MAAM,mBAAmB,GAAG,GAAG,CAAC,CAAC,YAAY;AAC7C,MAAM,mBAAmB,GAAG,IAAI,CAAC;AACjC,MAAM,aAAa,GAAG,IAAI,GAAG,EAAwD,CAAC;AAEtF,SAAS,kBAAkB;IAC1B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,aAAa,EAAE,CAAC;QAC1C,IAAI,KAAK,CAAC,SAAS,IAAI,GAAG;YAAE,aAAa,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACvD,CAAC;AACF,CAAC;AAED,MAAM,UAAU,mBAAmB,CAClC,GAAiB;IAEjB,MAAM,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAE7B,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AACxE,OAAO,EACN,WAAW,EACX,eAAe,EACf,aAAa,EACb,gBAAgB,EAChB,kBAAkB,EAClB,qBAAqB,EACrB,eAAe,EACf,UAAU,EACV,QAAQ,EACR,MAAM,cAAc,CAAC;AAOtB;;;;;;GAMG;AACH,mDAAmD;AACnD,MAAM,mBAAmB,GAAG,GAAG,CAAC,CAAC,YAAY;AAC7C,MAAM,mBAAmB,GAAG,IAAI,CAAC;AACjC,MAAM,aAAa,GAAG,IAAI,GAAG,EAAwD,CAAC;AAEtF,SAAS,kBAAkB;IAC1B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,aAAa,EAAE,CAAC;QAC1C,IAAI,KAAK,CAAC,SAAS,IAAI,GAAG;YAAE,aAAa,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACvD,CAAC;AACF,CAAC;AAED,MAAM,UAAU,mBAAmB,CAClC,GAAiB;IAEjB,MAAM,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAE/D,OAAO,KAAK,EAAE,KAAmB,EAAgC,EAAE;QAClE,MAAM,QAAQ,GAAG,eAAe,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAChD,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAErF,0CAA0C;QAC1C,IAAI,KAAK,IAAI,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,KAAK,CAAC;YACvB,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC3C,IAAI,MAAM,IAAI,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;gBAC7C,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC;YAChC,CAAC;YAED,IAAI,CAAC;gBACJ,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,+BAA+B,EAAE;oBACzE,MAAM,EAAE,MAAM;oBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;oBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;iBAC9D,CAAC,CAAC;gBAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;oBACb,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;gBACvB,CAAC;gBAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAA4B,CAAC;gBAC3D,MAAM,MAAM,GAAkB;oBAC7B,GAAG,EAAE,IAAI,CAAC,GAAa;oBACvB,KAAK,EAAE,IAAI,CAAC,KAAe;oBAC3B,IAAI,EAAE,IAAI,CAAC,IAAc;oBACzB,aAAa,EAAG,IAAI,CAAC,aAAyB,IAAI,KAAK;oBACvD,IAAI,EAAE,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAA0B;oBAChD,WAAW,EAAE,EAAE;oBACf,WAAW,EAAE,IAAI,CAAC,WAA2C;oBAC7D,cAAc,EAAE,IAAI,CAAC,cAAoC;oBACzD,QAAQ,EAAE,IAAI;oBACd,IAAI,EAAE,IAAI,CAAC,IAA6B;oBACxC,YAAY,EAAE,IAAI,CAAC,YAA6C;oBAChE,MAAM,EAAE,IAAI,CAAC,MAA8B;iBAC3C,CAAC;gBAEF,mBAAmB;gBACnB,IAAI,aAAa,CAAC,IAAI,IAAI,mBAAmB;oBAAE,kBAAkB,EAAE,CAAC;gBACpE,aAAa,CAAC,GAAG,CAAC,QAAQ,EAAE;oBAC3B,MAAM;oBACN,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,mBAAmB,GAAG,IAAI;iBAClD,CAAC,CAAC;gBAEH,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;YACzB,CAAC;YAAC,MAAM,CAAC;gBACR,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;YACvB,CAAC;QACF,CAAC;QAED,IAAI,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,MAAM,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAE3D,iFAAiF;QACjF,gEAAgE;QAChE,IAAI,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACvB,IAAI,SAA6B,CAAC;YAClC,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;gBAC1C,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;gBACpC,IAAI,SAAS;oBAAE,MAAM;YACtB,CAAC;YACD,IAAI,CAAC,SAAS,EAAE,CAAC;gBAChB,kBAAkB,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;gBAC3D,qBAAqB,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;gBACjE,IAAI,GAAG,IAAI,CAAC;YACb,CAAC;QACF,CAAC;QAED,IAAI,cAAkC,CAAC;QAEvC,oFAAoF;QACpF,IAAI,IAAI,EAAE,YAAY,IAAI,KAAK,EAAE,CAAC;YACjC,IAAI,CAAC;gBACJ,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBACtC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC;gBAC7B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,GAAG,CAAC;gBAEhD,IAAI,GAAG,GAAG,QAAQ,EAAE,CAAC;oBACpB,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;oBAE3D,IAAI,aAAa,GAAkB;wBAClC,GAAG,IAAI;wBACP,WAAW,EAAE,MAAM,CAAC,YAAY;qBAChC,CAAC;oBACF,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;wBAC1B,aAAa,CAAC,YAAY,GAAG,MAAM,CAAC,aAAa,CAAC;oBACnD,CAAC;oBAED,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;wBACrB,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;wBAC3D,aAAa,GAAG;4BACf,GAAG,aAAa;4BAChB,GAAG,EAAE,QAAQ,CAAC,GAAG;4BACjB,KAAK,EAAE,QAAQ,CAAC,KAAK;4BACrB,IAAI,EAAE,QAAQ,CAAC,IAAI;4BACnB,aAAa,EAAE,QAAQ,CAAC,cAAc;4BACtC,IAAI,EAAE,QAAQ,CAAC,IAAI;4BACnB,WAAW,EAAE,QAAQ,CAAC,WAAW;4BACjC,cAAc,EAAE,QAAQ,CAAC,cAAc;yBACvC,CAAC;oBACH,CAAC;oBAED,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;oBAC5D,gBAAgB,CACf,KAAK,CAAC,OAAO,EACb,GAAG,CAAC,WAAW,CAAC,OAAO,EACvB,QAAQ,EACR,GAAG,CAAC,MAAM,CACV,CAAC;oBACF,IAAI,GAAG,aAAa,CAAC;oBAErB,IAAI,QAAQ,EAAE,CAAC;wBACd,cAAc,GAAG,QAAQ,CAAC;oBAC3B,CAAC;gBACF,CAAC;YACF,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACd,IAAI,GAAG,YAAY,YAAY,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;oBAC1E,kBAAkB,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;oBAC3D,IAAI,GAAG,IAAI,CAAC;gBACb,CAAC;qBAAM,CAAC;oBACP,OAAO,CAAC,IAAI,CACX,IAAI,GAAG,CAAC,MAAM,CAAC,WAAW,wDAAwD,EAClF,GAAG,CACH,CAAC;gBACH,CAAC;YACF,CAAC;QACF,CAAC;QAED,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,CAAC;IACjC,CAAC,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACxC,KAAmB,EACnB,GAAiB,EACjB,WAA0B;IAE1B,IAAI,CAAC,WAAW,CAAC,YAAY;QAAE,OAAO,IAAI,CAAC;IAE3C,MAAM,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAE/D,IAAI,CAAC;QACJ,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,WAAW,CAAC,YAAY,CAAC,CAAC;QAClE,IAAI,aAAa,GAAkB;YAClC,GAAG,WAAW;YACd,WAAW,EAAE,MAAM,CAAC,YAAY;SAChC,CAAC;QACF,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;YAC1B,aAAa,CAAC,YAAY,GAAG,MAAM,CAAC,aAAa,CAAC;QACnD,CAAC;QACD,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACrB,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC3D,aAAa,GAAG;gBACf,GAAG,aAAa;gBAChB,GAAG,EAAE,QAAQ,CAAC,GAAG;gBACjB,KAAK,EAAE,QAAQ,CAAC,KAAK;gBACrB,IAAI,EAAE,QAAQ,CAAC,IAAI;gBACnB,aAAa,EAAE,QAAQ,CAAC,cAAc;gBACtC,IAAI,EAAE,QAAQ,CAAC,IAAI;gBACnB,WAAW,EAAE,QAAQ,CAAC,WAAW;gBACjC,cAAc,EAAE,QAAQ,CAAC,cAAc;aACvC,CAAC;QACH,CAAC;QACD,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;QAC5D,gBAAgB,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,OAAO,EAAE,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QAC/E,OAAO,aAAa,CAAC;IACtB,CAAC;IAAC,MAAM,CAAC;QACR,OAAO,IAAI,CAAC;IACb,CAAC;AACF,CAAC"}
|
package/dist/oauth.js
CHANGED
|
@@ -19,7 +19,7 @@ export async function computeS256Challenge(verifier) {
|
|
|
19
19
|
}
|
|
20
20
|
// --- OAuth operations (parameterized via context) ---
|
|
21
21
|
export function buildAuthorizeURL(ctx, state, codeChallenge, orgHint) {
|
|
22
|
-
const redirectUri = `${ctx.env.
|
|
22
|
+
const redirectUri = `${ctx.env.origin}/auth/callback`;
|
|
23
23
|
const params = new URLSearchParams({
|
|
24
24
|
response_type: 'code',
|
|
25
25
|
client_id: ctx.config.clientId,
|
|
@@ -32,11 +32,11 @@ export function buildAuthorizeURL(ctx, state, codeChallenge, orgHint) {
|
|
|
32
32
|
if (orgHint) {
|
|
33
33
|
params.set('org_hint', orgHint);
|
|
34
34
|
}
|
|
35
|
-
return `${ctx.env.
|
|
35
|
+
return `${ctx.env.iamUrl}/api/auth/oauth2/authorize?${params}`;
|
|
36
36
|
}
|
|
37
37
|
export async function exchangeCode(ctx, code, codeVerifier) {
|
|
38
|
-
const redirectUri = `${ctx.env.
|
|
39
|
-
const res = await fetch(`${ctx.env.
|
|
38
|
+
const redirectUri = `${ctx.env.origin}/auth/callback`;
|
|
39
|
+
const res = await fetch(`${ctx.env.iamUrl}/api/auth/oauth2/token`, {
|
|
40
40
|
method: 'POST',
|
|
41
41
|
headers: {
|
|
42
42
|
'Content-Type': 'application/x-www-form-urlencoded',
|
|
@@ -63,7 +63,7 @@ export class RefreshError extends Error {
|
|
|
63
63
|
}
|
|
64
64
|
}
|
|
65
65
|
export async function refreshTokens(ctx, refreshToken) {
|
|
66
|
-
const res = await fetch(`${ctx.env.
|
|
66
|
+
const res = await fetch(`${ctx.env.iamUrl}/api/auth/oauth2/token`, {
|
|
67
67
|
method: 'POST',
|
|
68
68
|
headers: {
|
|
69
69
|
'Content-Type': 'application/x-www-form-urlencoded',
|
|
@@ -82,10 +82,10 @@ export async function refreshTokens(ctx, refreshToken) {
|
|
|
82
82
|
}
|
|
83
83
|
export async function verifyIdToken(ctx, idToken) {
|
|
84
84
|
if (!ctx.jwksRef.current) {
|
|
85
|
-
ctx.jwksRef.current = jose.createRemoteJWKSet(new URL(`${ctx.env.
|
|
85
|
+
ctx.jwksRef.current = jose.createRemoteJWKSet(new URL(`${ctx.env.iamUrl}/api/auth/jwks`));
|
|
86
86
|
}
|
|
87
87
|
const { payload } = await jose.jwtVerify(idToken, ctx.jwksRef.current, {
|
|
88
|
-
issuer: `${ctx.env.
|
|
88
|
+
issuer: `${ctx.env.iamUrl}/api/auth`
|
|
89
89
|
});
|
|
90
90
|
const p = payload;
|
|
91
91
|
return {
|
package/dist/oauth.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../src/oauth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAG7B,gDAAgD;AAEhD,SAAS,SAAS,CAAC,KAAiB;IACnC,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,KAAK,MAAM,CAAC,IAAI,KAAK;QAAE,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACxD,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AAChF,CAAC;AAED,MAAM,UAAU,aAAa;IAC5B,OAAO,SAAS,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAC9D,CAAC;AAED,MAAM,UAAU,oBAAoB;IACnC,OAAO,SAAS,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAC9D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,QAAgB;IAC1D,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC9D,OAAO,SAAS,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;AAC1C,CAAC;AAED,uDAAuD;AAEvD,MAAM,UAAU,iBAAiB,CAChC,GAAiB,EACjB,KAAa,EACb,aAAqB,EACrB,OAAgB;IAEhB,MAAM,WAAW,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,gBAAgB,CAAC;IAEtD,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;QAClC,aAAa,EAAE,MAAM;QACrB,SAAS,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ;QAC9B,YAAY,EAAE,WAAW;QACzB,KAAK;QACL,cAAc,EAAE,aAAa;QAC7B,qBAAqB,EAAE,MAAM;QAC7B,KAAK,EAAE,sBAAsB;KAC7B,CAAC,CAAC;IAEH,IAAI,OAAO,EAAE,CAAC;QACb,MAAM,CAAC,GAAG,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../src/oauth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAG7B,gDAAgD;AAEhD,SAAS,SAAS,CAAC,KAAiB;IACnC,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,KAAK,MAAM,CAAC,IAAI,KAAK;QAAE,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACxD,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AAChF,CAAC;AAED,MAAM,UAAU,aAAa;IAC5B,OAAO,SAAS,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAC9D,CAAC;AAED,MAAM,UAAU,oBAAoB;IACnC,OAAO,SAAS,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAC9D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,QAAgB;IAC1D,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC9D,OAAO,SAAS,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;AAC1C,CAAC;AAED,uDAAuD;AAEvD,MAAM,UAAU,iBAAiB,CAChC,GAAiB,EACjB,KAAa,EACb,aAAqB,EACrB,OAAgB;IAEhB,MAAM,WAAW,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,gBAAgB,CAAC;IAEtD,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;QAClC,aAAa,EAAE,MAAM;QACrB,SAAS,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ;QAC9B,YAAY,EAAE,WAAW;QACzB,KAAK;QACL,cAAc,EAAE,aAAa;QAC7B,qBAAqB,EAAE,MAAM;QAC7B,KAAK,EAAE,sBAAsB;KAC7B,CAAC,CAAC;IAEH,IAAI,OAAO,EAAE,CAAC;QACb,MAAM,CAAC,GAAG,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,8BAA8B,MAAM,EAAE,CAAC;AAChE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,YAAY,CACjC,GAAiB,EACjB,IAAY,EACZ,YAAoB;IAEpB,MAAM,WAAW,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,gBAAgB,CAAC;IAEtD,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,wBAAwB,EAAE;QAClE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACR,cAAc,EAAE,mCAAmC;YACnD,aAAa,EAAE,SAAS,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC,EAAE;SAC5E;QACD,IAAI,EAAE,IAAI,eAAe,CAAC;YACzB,UAAU,EAAE,oBAAoB;YAChC,IAAI;YACJ,YAAY,EAAE,WAAW;YACzB,aAAa,EAAE,YAAY;SAC3B,CAAC;KACF,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACb,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,CAAC;QAC3D,MAAM,IAAI,KAAK,CAAC,0BAA0B,GAAG,CAAC,MAAM,MAAM,IAAI,EAAE,CAAC,CAAC;IACnE,CAAC;IAED,OAAO,GAAG,CAAC,IAAI,EAAE,CAAC;AACnB,CAAC;AAED,MAAM,OAAO,YAAa,SAAQ,KAAK;IACtC,YACC,OAAe,EACR,MAAc;QAErB,KAAK,CAAC,OAAO,CAAC,CAAC;QAFR,WAAM,GAAN,MAAM,CAAQ;QAGrB,IAAI,CAAC,IAAI,GAAG,cAAc,CAAC;IAC5B,CAAC;CACD;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CAClC,GAAiB,EACjB,YAAoB;IAEpB,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,wBAAwB,EAAE;QAClE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACR,cAAc,EAAE,mCAAmC;YACnD,aAAa,EAAE,SAAS,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC,EAAE;SAC5E;QACD,IAAI,EAAE,IAAI,eAAe,CAAC;YACzB,UAAU,EAAE,eAAe;YAC3B,aAAa,EAAE,YAAY;SAC3B,CAAC;KACF,CAAC,CAAC;IACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACb,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,CAAC;QAC3D,MAAM,IAAI,YAAY,CAAC,yBAAyB,GAAG,CAAC,MAAM,MAAM,IAAI,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IACrF,CAAC;IACD,OAAO,GAAG,CAAC,IAAI,EAAE,CAAC;AACnB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CAClC,GAAiB,EACjB,OAAe;IAUf,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;QAC1B,GAAG,CAAC,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,kBAAkB,CAC5C,IAAI,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,gBAAgB,CAAC,CAC1C,CAAC;IACH,CAAC;IAED,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE;QACtE,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,WAAW;KACpC,CAAC,CAAC;IAEH,MAAM,CAAC,GAAG,OAAkC,CAAC;IAE7C,OAAO;QACN,GAAG,EAAE,OAAO,CAAC,GAAI;QACjB,KAAK,EAAE,CAAC,CAAC,KAAe;QACxB,IAAI,EAAE,CAAC,CAAC,IAAc;QACtB,cAAc,EAAG,CAAC,CAAC,cAA0B,IAAI,KAAK;QACtD,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAoB;QAC9D,WAAW,EAAE,CAAC,CAAC,WAAmE;QAClF,cAAc,EAAE,CAAC,CAAC,cAAoC;KACtD,CAAC;AACH,CAAC"}
|
package/dist/routes/callback.js
CHANGED
|
@@ -45,7 +45,7 @@ export async function handleCallback(event, ctx) {
|
|
|
45
45
|
console.error(`[${ctx.config.displayName}] ID token verification failed:`, err);
|
|
46
46
|
error(502, 'Failed to verify ID token from IAM');
|
|
47
47
|
}
|
|
48
|
-
const secret = new TextEncoder().encode(ctx.env.
|
|
48
|
+
const secret = new TextEncoder().encode(ctx.env.sessionSecret);
|
|
49
49
|
let activeTeamId = null;
|
|
50
50
|
if (ctx.config.appModel === 'b2b' && claims.orgs.length > 0) {
|
|
51
51
|
const accessibleOrgs = claims.orgs.filter((o) => o.appAccess !== false);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"callback.js","sourceRoot":"","sources":["../../src/routes/callback.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAGhD,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAErF,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,KAAmB,EAAE,GAAiB;IAC1E,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAChD,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAEvD,IAAI,UAAU,EAAE,CAAC;QAChB,KAAK,CAAC,GAAG,EAAE,gBAAgB,UAAU,EAAE,CAAC,CAAC;IAC1C,CAAC;IAED,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACrB,KAAK,CAAC,GAAG,EAAE,iCAAiC,CAAC,CAAC;IAC/C,CAAC;IAED,MAAM,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;IACvE,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACvB,KAAK,CAAC,GAAG,EAAE,uDAAuD,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,UAMH,CAAC;IACF,IAAI,CAAC;QACJ,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAC3C,CAAC;IAAC,MAAM,CAAC;QACR,KAAK,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAC;IAC1C,CAAC;IAED,IAAI,UAAU,CAAC,KAAK,KAAK,KAAK,EAAE,CAAC;QAChC,KAAK,CAAC,GAAG,EAAE,sCAAsC,CAAC,CAAC;IACpD,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;IAEhE,IAAI,MAA2E,CAAC;IAChF,IAAI,CAAC;QACJ,MAAM,GAAG,MAAM,YAAY,CAAC,GAAG,EAAE,IAAI,EAAE,UAAU,CAAC,aAAa,CAAC,CAAC;IAClE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,WAAW,0BAA0B,EAAE,GAAG,CAAC,CAAC;QACzE,KAAK,CAAC,GAAG,EAAE,gDAAgD,CAAC,CAAC;IAC9D,CAAC;IAED,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QACtB,KAAK,CAAC,GAAG,EAAE,gCAAgC,CAAC,CAAC;IAC9C,CAAC;IAED,IAAI,MAAiD,CAAC;IACtD,IAAI,CAAC;QACJ,MAAM,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IACpD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,WAAW,iCAAiC,EAAE,GAAG,CAAC,CAAC;QAChF,KAAK,CAAC,GAAG,EAAE,oCAAoC,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"callback.js","sourceRoot":"","sources":["../../src/routes/callback.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAGhD,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAErF,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,KAAmB,EAAE,GAAiB;IAC1E,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAChD,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAEvD,IAAI,UAAU,EAAE,CAAC;QAChB,KAAK,CAAC,GAAG,EAAE,gBAAgB,UAAU,EAAE,CAAC,CAAC;IAC1C,CAAC;IAED,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACrB,KAAK,CAAC,GAAG,EAAE,iCAAiC,CAAC,CAAC;IAC/C,CAAC;IAED,MAAM,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;IACvE,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACvB,KAAK,CAAC,GAAG,EAAE,uDAAuD,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,UAMH,CAAC;IACF,IAAI,CAAC;QACJ,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAC3C,CAAC;IAAC,MAAM,CAAC;QACR,KAAK,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAC;IAC1C,CAAC;IAED,IAAI,UAAU,CAAC,KAAK,KAAK,KAAK,EAAE,CAAC;QAChC,KAAK,CAAC,GAAG,EAAE,sCAAsC,CAAC,CAAC;IACpD,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;IAEhE,IAAI,MAA2E,CAAC;IAChF,IAAI,CAAC;QACJ,MAAM,GAAG,MAAM,YAAY,CAAC,GAAG,EAAE,IAAI,EAAE,UAAU,CAAC,aAAa,CAAC,CAAC;IAClE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,WAAW,0BAA0B,EAAE,GAAG,CAAC,CAAC;QACzE,KAAK,CAAC,GAAG,EAAE,gDAAgD,CAAC,CAAC;IAC9D,CAAC;IAED,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QACtB,KAAK,CAAC,GAAG,EAAE,gCAAgC,CAAC,CAAC;IAC9C,CAAC;IAED,IAAI,MAAiD,CAAC;IACtD,IAAI,CAAC;QACJ,MAAM,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IACpD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,WAAW,iCAAiC,EAAE,GAAG,CAAC,CAAC;QAChF,KAAK,CAAC,GAAG,EAAE,oCAAoC,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAE/D,IAAI,YAAY,GAAkB,IAAI,CAAC;IACvC,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,KAAK,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7D,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,KAAK,CAAC,CAAC;QACxE,MAAM,MAAM,GAAG,UAAU,CAAC,QAAQ;YACjC,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,UAAU,CAAC,QAAQ,CAAC;YAC5D,CAAC,CAAC,SAAS,CAAC;QACb,MAAM,SAAS,GAAG,MAAM,IAAI,cAAc,CAAC,CAAC,CAAC,CAAC;QAC9C,YAAY,GAAG,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,IAAI,IAAI,CAAC;IACvE,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,MAAM,EAAE;QAChD,GAAG,EAAE,MAAM,CAAC,GAAG;QACf,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,aAAa,EAAE,MAAM,CAAC,cAAc;QACpC,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,WAAW,EAAE,MAAM,CAAC,YAAY;QAChC,YAAY,EAAE,MAAM,CAAC,aAAa;QAClC,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,cAAc,EAAE,MAAM,CAAC,cAAc;KACrC,CAAC,CAAC;IAEH,IAAI,UAAU,CAAC,MAAM,EAAE,CAAC;QACvB,MAAM,YAAY,GAAG,GAAG,CAAC,MAAM,CAAC,YAAY,IAAI,cAAc,GAAG,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;QACxF,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC;QAC5D,IAAI,YAAY;YAAE,MAAM,CAAC,GAAG,CAAC,cAAc,EAAE,YAAY,CAAC,CAAC;QAC3D,QAAQ,CAAC,GAAG,EAAE,GAAG,YAAY,WAAW,MAAM,EAAE,CAAC,CAAC;IACnD,CAAC;IAED,gBAAgB,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,OAAO,EAAE,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IACnF,mBAAmB,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,UAAU,EAAE,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAEzF,QAAQ,CAAC,GAAG,EAAE,UAAU,CAAC,QAAQ,IAAI,GAAG,CAAC,CAAC;AAC3C,CAAC"}
|
package/dist/routes/logout.js
CHANGED
|
@@ -15,7 +15,7 @@ export async function handleLogout(event, ctx) {
|
|
|
15
15
|
}
|
|
16
16
|
if (iamSessionCookie && iamCookieName) {
|
|
17
17
|
try {
|
|
18
|
-
await fetch(`${ctx.env.
|
|
18
|
+
await fetch(`${ctx.env.iamUrl}/api/auth/sign-out`, {
|
|
19
19
|
method: 'POST',
|
|
20
20
|
headers: {
|
|
21
21
|
cookie: `${iamCookieName}=${iamSessionCookie}`
|
|
@@ -29,7 +29,7 @@ export async function handleLogout(event, ctx) {
|
|
|
29
29
|
clearSessionCookie(event.cookies, ctx.cookieNames.session);
|
|
30
30
|
clearActiveTeamCookie(event.cookies, ctx.cookieNames.activeTeam);
|
|
31
31
|
// Clear cross-subdomain better-auth cookies
|
|
32
|
-
const cookieDomain = ctx.env.
|
|
32
|
+
const cookieDomain = ctx.env.authCookieDomain ?? '.lvh.me';
|
|
33
33
|
for (const name of ctx.iamSessionCookies) {
|
|
34
34
|
event.cookies.delete(name, { path: '/', domain: cookieDomain });
|
|
35
35
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logout.js","sourceRoot":"","sources":["../../src/routes/logout.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAG/C,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AAE3F,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,KAAmB,EAAE,GAAiB;IACxE,MAAM,QAAQ,GAAG,eAAe,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAEhD,kEAAkE;IAClE,IAAI,gBAAoC,CAAC;IACzC,IAAI,aAAiC,CAAC;IACtC,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;QAC1C,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACpC,IAAI,GAAG,EAAE,CAAC;YACT,gBAAgB,GAAG,GAAG,CAAC;YACvB,aAAa,GAAG,IAAI,CAAC;YACrB,MAAM;QACP,CAAC;IACF,CAAC;IAED,IAAI,gBAAgB,IAAI,aAAa,EAAE,CAAC;QACvC,IAAI,CAAC;YACJ,MAAM,KAAK,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"logout.js","sourceRoot":"","sources":["../../src/routes/logout.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAG/C,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AAE3F,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,KAAmB,EAAE,GAAiB;IACxE,MAAM,QAAQ,GAAG,eAAe,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAEhD,kEAAkE;IAClE,IAAI,gBAAoC,CAAC;IACzC,IAAI,aAAiC,CAAC;IACtC,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;QAC1C,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACpC,IAAI,GAAG,EAAE,CAAC;YACT,gBAAgB,GAAG,GAAG,CAAC;YACvB,aAAa,GAAG,IAAI,CAAC;YACrB,MAAM;QACP,CAAC;IACF,CAAC;IAED,IAAI,gBAAgB,IAAI,aAAa,EAAE,CAAC;QACvC,IAAI,CAAC;YACJ,MAAM,KAAK,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,oBAAoB,EAAE;gBAClD,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACR,MAAM,EAAE,GAAG,aAAa,IAAI,gBAAgB,EAAE;iBAC9C;aACD,CAAC,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACR,gDAAgD;QACjD,CAAC;IACF,CAAC;IAED,kBAAkB,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;IAC3D,qBAAqB,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;IAEjE,4CAA4C;IAC5C,MAAM,YAAY,GAAG,GAAG,CAAC,GAAG,CAAC,gBAAgB,IAAI,SAAS,CAAC;IAC3D,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;QAC1C,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC,CAAC;IACjE,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACd,OAAO,IAAI,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC;IACnC,CAAC;IAED,QAAQ,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;AAC9B,CAAC"}
|
package/dist/routes/refresh.js
CHANGED
|
@@ -2,7 +2,7 @@ import { json, error } from '@sveltejs/kit';
|
|
|
2
2
|
import { refreshTokens, verifyIdToken, RefreshError } from '../oauth.js';
|
|
3
3
|
import { readSession, getSessionToken, createSession, setSessionCookie, clearSessionCookie } from '../session.js';
|
|
4
4
|
export async function handleRefresh(event, ctx) {
|
|
5
|
-
const secret = new TextEncoder().encode(ctx.env.
|
|
5
|
+
const secret = new TextEncoder().encode(ctx.env.sessionSecret);
|
|
6
6
|
const token = getSessionToken(event.request, event.cookies, ctx.cookieNames.session);
|
|
7
7
|
const user = token ? await readSession(secret, token) : null;
|
|
8
8
|
if (!user) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"refresh.js","sourceRoot":"","sources":["../../src/routes/refresh.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAG5C,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AACzE,OAAO,EACN,WAAW,EACX,eAAe,EACf,aAAa,EACb,gBAAgB,EAChB,kBAAkB,EAClB,MAAM,eAAe,CAAC;AAEvB,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,KAAmB,EAAE,GAAiB;IACzE,MAAM,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"refresh.js","sourceRoot":"","sources":["../../src/routes/refresh.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAG5C,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AACzE,OAAO,EACN,WAAW,EACX,eAAe,EACf,aAAa,EACb,gBAAgB,EAChB,kBAAkB,EAClB,MAAM,eAAe,CAAC;AAEvB,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,KAAmB,EAAE,GAAiB;IACzE,MAAM,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC/D,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;IACrF,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,MAAM,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAE7D,IAAI,CAAC,IAAI,EAAE,CAAC;QACX,MAAM,KAAK,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;IAChC,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;QACxB,MAAM,KAAK,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAC;IAChD,CAAC;IAED,IAAI,CAAC;QACJ,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;QAE3D,IAAI,aAAa,GAAG,EAAE,GAAG,IAAI,EAAE,WAAW,EAAE,MAAM,CAAC,YAAY,EAAE,CAAC;QAClE,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;YAC1B,aAAa,CAAC,YAAY,GAAG,MAAM,CAAC,aAAa,CAAC;QACnD,CAAC;QAED,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACrB,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC3D,aAAa,GAAG;gBACf,GAAG,aAAa;gBAChB,GAAG,EAAE,QAAQ,CAAC,GAAG;gBACjB,KAAK,EAAE,QAAQ,CAAC,KAAK;gBACrB,IAAI,EAAE,QAAQ,CAAC,IAAI;gBACnB,aAAa,EAAE,QAAQ,CAAC,cAAc;gBACtC,IAAI,EAAE,QAAQ,CAAC,IAAI;gBACnB,WAAW,EAAE,QAAQ,CAAC,WAAW;aACjC,CAAC;QACH,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;QAC5D,gBAAgB,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,OAAO,EAAE,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QAE/E,OAAO,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;IACnD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACd,IAAI,GAAG,YAAY,YAAY,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YAC1E,kBAAkB,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YAC3D,MAAM,KAAK,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAC;QAChD,CAAC;QACD,MAAM,GAAG,CAAC;IACX,CAAC;AACF,CAAC"}
|
package/dist/routes/set-team.js
CHANGED
|
@@ -2,7 +2,7 @@ import { json, redirect } from '@sveltejs/kit';
|
|
|
2
2
|
import { readSession, getSessionToken, isBearerRequest, setActiveTeamCookie } from '../session.js';
|
|
3
3
|
export async function handleSetTeam(event, ctx) {
|
|
4
4
|
const isBearer = isBearerRequest(event.request);
|
|
5
|
-
const secret = new TextEncoder().encode(ctx.env.
|
|
5
|
+
const secret = new TextEncoder().encode(ctx.env.sessionSecret);
|
|
6
6
|
let teamId;
|
|
7
7
|
if (isBearer) {
|
|
8
8
|
let body;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"set-team.js","sourceRoot":"","sources":["../../src/routes/set-team.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAG/C,OAAO,EACN,WAAW,EACX,eAAe,EACf,eAAe,EACf,mBAAmB,EACnB,MAAM,eAAe,CAAC;AAEvB,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,KAAmB,EAAE,GAAiB;IACzE,MAAM,QAAQ,GAAG,eAAe,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"set-team.js","sourceRoot":"","sources":["../../src/routes/set-team.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAG/C,OAAO,EACN,WAAW,EACX,eAAe,EACf,eAAe,EACf,mBAAmB,EACnB,MAAM,eAAe,CAAC;AAEvB,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,KAAmB,EAAE,GAAiB;IACzE,MAAM,QAAQ,GAAG,eAAe,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAE/D,IAAI,MAAc,CAAC;IACnB,IAAI,QAAQ,EAAE,CAAC;QACd,IAAI,IAA6B,CAAC;QAClC,IAAI,CAAC;YACJ,IAAI,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QACnC,CAAC;QAAC,MAAM,CAAC;YACR,OAAO,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QAC9D,CAAC;QACD,MAAM,GAAI,IAAI,CAAC,MAAiB,IAAI,EAAE,CAAC;IACxC,CAAC;SAAM,CAAC;QACP,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;QAC5C,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC/C,CAAC;IAED,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;IACrF,IAAI,CAAC,KAAK,EAAE,CAAC;QACZ,IAAI,QAAQ;YAAE,OAAO,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QACtE,QAAQ,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;IAC9B,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IACjD,IAAI,CAAC,OAAO,EAAE,CAAC;QACd,IAAI,QAAQ;YAAE,OAAO,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QACtE,QAAQ,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;IAC9B,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,IAAI,IAAI,CAAC;IAEpC,IAAI,YAAY,EAAE,CAAC;QAClB,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAClC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,KAAK,IAAI,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,YAAY,CAAC,CAC3E,CAAC;QACF,IAAI,CAAC,SAAS,EAAE,CAAC;YAChB,IAAI,QAAQ;gBAAE,OAAO,IAAI,CAAC,EAAE,KAAK,EAAE,2BAA2B,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;YACnF,QAAQ,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QACpB,CAAC;IACF,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACd,OAAO,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC;IACzC,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,UAAU,EAAE,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAEzF,2DAA2D;IAC3D,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACrD,IAAI,UAAU,GAAG,GAAG,CAAC;IACrB,IAAI,OAAO,EAAE,CAAC;QACb,IAAI,CAAC;YACJ,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC;YACpC,IAAI,UAAU,CAAC,MAAM,KAAK,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC;gBAC5C,UAAU,GAAG,UAAU,CAAC,QAAQ,GAAG,UAAU,CAAC,MAAM,CAAC;YACtD,CAAC;QACF,CAAC;QAAC,MAAM,CAAC;YACR,oCAAoC;QACrC,CAAC;IACF,CAAC;IAED,QAAQ,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;AAC3B,CAAC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -58,11 +58,11 @@ export interface OAuthLocals {
|
|
|
58
58
|
}
|
|
59
59
|
export type AppModel = 'b2b' | 'b2c';
|
|
60
60
|
export interface ResolvedEnv {
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
61
|
+
iamUrl: string;
|
|
62
|
+
appSeed: string;
|
|
63
|
+
sessionSecret: string;
|
|
64
|
+
origin: string;
|
|
65
|
+
authCookieDomain?: string;
|
|
66
66
|
}
|
|
67
67
|
export interface OAuthHandlerConfig {
|
|
68
68
|
/** Package name used as OAuth clientId, e.g. '@saasak/app1' */
|
package/package.json
CHANGED