@seamless-auth/express 0.0.2-beta.13 → 0.0.2-beta.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +3 -5
- package/dist/index.js +14 -12
- package/package.json +1 -1
package/dist/index.d.ts
CHANGED
|
@@ -4,6 +4,8 @@ type SeamlessAuthServerOptions = {
|
|
|
4
4
|
authServerUrl: string;
|
|
5
5
|
cookieSecret: string;
|
|
6
6
|
serviceSecret: string;
|
|
7
|
+
issuer: string;
|
|
8
|
+
audience: string;
|
|
7
9
|
jwksKid?: string;
|
|
8
10
|
cookieDomain?: string;
|
|
9
11
|
accessCookieName?: string;
|
|
@@ -181,10 +183,6 @@ interface EnsureCookiesMiddlewareOptions {
|
|
|
181
183
|
}
|
|
182
184
|
declare function createEnsureCookiesMiddleware(opts: EnsureCookiesMiddlewareOptions): (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
183
185
|
|
|
184
|
-
declare function getSeamlessUser(req: Request, opts:
|
|
185
|
-
authServerUrl: string;
|
|
186
|
-
cookieSecret: string;
|
|
187
|
-
cookieName?: string;
|
|
188
|
-
}): Promise<any>;
|
|
186
|
+
declare function getSeamlessUser(req: Request, opts: SeamlessAuthServerOptions): Promise<any>;
|
|
189
187
|
|
|
190
188
|
export { type SeamlessAuthServerOptions, createEnsureCookiesMiddleware, createSeamlessAuthServer as default, getSeamlessUser, requireAuth, requireRole };
|
package/dist/index.js
CHANGED
|
@@ -138,16 +138,16 @@ import { finishLoginHandler } from "@seamless-auth/core/handlers/finishLogin";
|
|
|
138
138
|
|
|
139
139
|
// src/internal/buildAuthorization.ts
|
|
140
140
|
import { createServiceToken } from "@seamless-auth/core";
|
|
141
|
-
function buildServiceAuthorization(req) {
|
|
141
|
+
function buildServiceAuthorization(req, opts) {
|
|
142
142
|
if (!req.cookiePayload?.sub && !req.user.sub) {
|
|
143
143
|
return void 0;
|
|
144
144
|
}
|
|
145
145
|
const token = createServiceToken({
|
|
146
146
|
subject: req.cookiePayload?.sub || req.user.sub,
|
|
147
|
-
issuer:
|
|
148
|
-
audience:
|
|
149
|
-
serviceSecret:
|
|
150
|
-
keyId:
|
|
147
|
+
issuer: opts.issuer,
|
|
148
|
+
audience: opts.audience,
|
|
149
|
+
serviceSecret: opts.serviceSecret,
|
|
150
|
+
keyId: opts.jwksKid
|
|
151
151
|
});
|
|
152
152
|
return `Bearer ${token}`;
|
|
153
153
|
}
|
|
@@ -159,7 +159,7 @@ async function finishLogin(req, res, opts) {
|
|
|
159
159
|
secure: process.env.NODE_ENV === "production",
|
|
160
160
|
sameSite: process.env.NODE_ENV === "production" ? "none" : "lax"
|
|
161
161
|
};
|
|
162
|
-
const authorization = buildServiceAuthorization(req);
|
|
162
|
+
const authorization = buildServiceAuthorization(req, opts);
|
|
163
163
|
const result = await finishLoginHandler(
|
|
164
164
|
{ body: req.body, authorization },
|
|
165
165
|
{
|
|
@@ -239,7 +239,7 @@ async function finishRegister(req, res, opts) {
|
|
|
239
239
|
secure: process.env.NODE_ENV === "production",
|
|
240
240
|
sameSite: process.env.NODE_ENV === "production" ? "none" : "lax"
|
|
241
241
|
};
|
|
242
|
-
const authorization = buildServiceAuthorization(req);
|
|
242
|
+
const authorization = buildServiceAuthorization(req, opts);
|
|
243
243
|
const result = await finishRegisterHandler(
|
|
244
244
|
{ body: req.body, authorization },
|
|
245
245
|
{
|
|
@@ -275,7 +275,7 @@ async function finishRegister(req, res, opts) {
|
|
|
275
275
|
// src/handlers/me.ts
|
|
276
276
|
import { meHandler } from "@seamless-auth/core/handlers/me";
|
|
277
277
|
async function me(req, res, opts) {
|
|
278
|
-
const authorization = buildServiceAuthorization(req);
|
|
278
|
+
const authorization = buildServiceAuthorization(req, opts);
|
|
279
279
|
const result = await meHandler({
|
|
280
280
|
authServerUrl: opts.authServerUrl,
|
|
281
281
|
preAuthCookieName: opts.preAuthCookieName,
|
|
@@ -315,6 +315,8 @@ function createSeamlessAuthServer(opts) {
|
|
|
315
315
|
r.use(cookieParser());
|
|
316
316
|
const resolvedOpts = {
|
|
317
317
|
authServerUrl: opts.authServerUrl,
|
|
318
|
+
issuer: opts.issuer,
|
|
319
|
+
audience: opts.audience,
|
|
318
320
|
cookieSecret: opts.cookieSecret,
|
|
319
321
|
serviceSecret: opts.serviceSecret,
|
|
320
322
|
jwksKid: opts.jwksKid ?? "dev-main",
|
|
@@ -341,7 +343,7 @@ function createSeamlessAuthServer(opts) {
|
|
|
341
343
|
res.status(401).json({ error: "registeration session required" });
|
|
342
344
|
return;
|
|
343
345
|
}
|
|
344
|
-
const authorization = buildServiceAuthorization(req);
|
|
346
|
+
const authorization = buildServiceAuthorization(req, resolvedOpts);
|
|
345
347
|
const options = method == "GET" ? { method, authorization } : { method, authorization, body: req.body };
|
|
346
348
|
const upstream = await authFetch(
|
|
347
349
|
`${resolvedOpts.authServerUrl}/${path}`,
|
|
@@ -360,7 +362,7 @@ function createSeamlessAuthServer(opts) {
|
|
|
360
362
|
preAuthCookieName: resolvedOpts.preAuthCookieName,
|
|
361
363
|
cookieSecret: resolvedOpts.cookieSecret,
|
|
362
364
|
serviceSecret: resolvedOpts.serviceSecret,
|
|
363
|
-
issuer:
|
|
365
|
+
issuer: resolvedOpts.issuer,
|
|
364
366
|
audience: resolvedOpts.authServerUrl,
|
|
365
367
|
keyId: resolvedOpts.jwksKid
|
|
366
368
|
})
|
|
@@ -478,11 +480,11 @@ import {
|
|
|
478
480
|
getSeamlessUser as getSeamlessUserCore
|
|
479
481
|
} from "@seamless-auth/core";
|
|
480
482
|
async function getSeamlessUser(req, opts) {
|
|
481
|
-
const authorization = buildServiceAuthorization(req);
|
|
483
|
+
const authorization = buildServiceAuthorization(req, opts);
|
|
482
484
|
return getSeamlessUserCore(req.cookies ?? {}, {
|
|
483
485
|
authServerUrl: opts.authServerUrl,
|
|
484
486
|
cookieSecret: opts.cookieSecret,
|
|
485
|
-
cookieName: opts.
|
|
487
|
+
cookieName: opts.accessCookieName ?? "seamless-access",
|
|
486
488
|
authorization
|
|
487
489
|
});
|
|
488
490
|
}
|