@shad-claiborne/hono-middleware-oidc 1.1.1 → 1.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +7 -7
- package/dist/index.js +30 -32
- package/package.json +1 -1
package/dist/index.d.ts
CHANGED
|
@@ -1,11 +1,4 @@
|
|
|
1
1
|
import { MiddlewareHandler } from "hono";
|
|
2
|
-
/**
|
|
3
|
-
* handleFlow
|
|
4
|
-
* @param c
|
|
5
|
-
* @param next
|
|
6
|
-
* @returns
|
|
7
|
-
*/
|
|
8
|
-
export declare const handleFlow: MiddlewareHandler;
|
|
9
2
|
/**
|
|
10
3
|
* addIdentity
|
|
11
4
|
* @param c
|
|
@@ -19,6 +12,13 @@ export declare const addIdentity: MiddlewareHandler;
|
|
|
19
12
|
* @returns
|
|
20
13
|
*/
|
|
21
14
|
export declare const checkIdentity: MiddlewareHandler;
|
|
15
|
+
/**
|
|
16
|
+
* handleFlow
|
|
17
|
+
* @param c
|
|
18
|
+
* @param next
|
|
19
|
+
* @returns
|
|
20
|
+
*/
|
|
21
|
+
export declare const handleFlow: MiddlewareHandler;
|
|
22
22
|
/**
|
|
23
23
|
* receiveAuth
|
|
24
24
|
* @param c
|
package/dist/index.js
CHANGED
|
@@ -23,36 +23,6 @@ const activateToken = async (c, provider, tokenResponse) => {
|
|
|
23
23
|
await setSignedCookie(c, HONO_OIDC_ID_TOKEN_COOKIE, tokenResponse.id_token, HONO_OIDC_COOKIE_SECRET, { httpOnly: true, secure: true, sameSite: 'Lax', maxAge });
|
|
24
24
|
}
|
|
25
25
|
};
|
|
26
|
-
/**
|
|
27
|
-
* handleFlow
|
|
28
|
-
* @param c
|
|
29
|
-
* @param next
|
|
30
|
-
* @returns
|
|
31
|
-
*/
|
|
32
|
-
export const handleFlow = async (c, next) => {
|
|
33
|
-
const { HONO_OIDC_ISSUER, HONO_OIDC_CLIENT_ID, HONO_OIDC_CLIENT_SECRET, HONO_OIDC_REDIRECT_URI, HONO_OIDC_COOKIE_SECRET, HONO_OIDC_CODE_VERIFIER_COOKIE, } = env(c);
|
|
34
|
-
const provider = await createIdentityProvider(HONO_OIDC_ISSUER);
|
|
35
|
-
const client = provider.createClient(HONO_OIDC_CLIENT_ID, HONO_OIDC_CLIENT_SECRET);
|
|
36
|
-
let id = c.get('identity');
|
|
37
|
-
if (!id) {
|
|
38
|
-
const stateId = randomstring.generate(5);
|
|
39
|
-
const state = { originUrl: c.get('originUrl') || c.req.url };
|
|
40
|
-
await setSignedCookie(c, `_authstate-${stateId}`, JSON.stringify(state), HONO_OIDC_COOKIE_SECRET, { httpOnly: true, secure: true, sameSite: 'Lax' });
|
|
41
|
-
const codeVerifier = randomstring.generate(16);
|
|
42
|
-
await setSignedCookie(c, HONO_OIDC_CODE_VERIFIER_COOKIE, codeVerifier, HONO_OIDC_COOKIE_SECRET, { httpOnly: true, secure: true, sameSite: 'Lax' });
|
|
43
|
-
const authRequest = client
|
|
44
|
-
.newAuthorizationRequest()
|
|
45
|
-
.setRedirectUri(HONO_OIDC_REDIRECT_URI)
|
|
46
|
-
.setResponseMode("query")
|
|
47
|
-
.setResponseType("code id_token")
|
|
48
|
-
.setScope(["profile"])
|
|
49
|
-
.setCodeChallenge(codeVerifier)
|
|
50
|
-
.setState(stateId);
|
|
51
|
-
const authRequestURL = authRequest.toURL();
|
|
52
|
-
return c.redirect(authRequestURL.toString());
|
|
53
|
-
}
|
|
54
|
-
await next();
|
|
55
|
-
};
|
|
56
26
|
/**
|
|
57
27
|
* addIdentity
|
|
58
28
|
* @param c
|
|
@@ -73,7 +43,6 @@ export const addIdentity = async (c, next) => {
|
|
|
73
43
|
id = await provider.getIdentity(tokenSet);
|
|
74
44
|
}
|
|
75
45
|
catch (err) {
|
|
76
|
-
console.error(err);
|
|
77
46
|
}
|
|
78
47
|
if (!id) {
|
|
79
48
|
try {
|
|
@@ -82,7 +51,6 @@ export const addIdentity = async (c, next) => {
|
|
|
82
51
|
await activateToken(c, provider, tokenResponse);
|
|
83
52
|
}
|
|
84
53
|
catch (err) {
|
|
85
|
-
console.error(err);
|
|
86
54
|
}
|
|
87
55
|
}
|
|
88
56
|
if (id) {
|
|
@@ -101,6 +69,36 @@ export const checkIdentity = async (c, next) => {
|
|
|
101
69
|
throw new HTTPException(401, { message: 'Unauthorized' });
|
|
102
70
|
await next();
|
|
103
71
|
};
|
|
72
|
+
/**
|
|
73
|
+
* handleFlow
|
|
74
|
+
* @param c
|
|
75
|
+
* @param next
|
|
76
|
+
* @returns
|
|
77
|
+
*/
|
|
78
|
+
export const handleFlow = async (c, next) => {
|
|
79
|
+
const { HONO_OIDC_ISSUER, HONO_OIDC_CLIENT_ID, HONO_OIDC_CLIENT_SECRET, HONO_OIDC_REDIRECT_URI, HONO_OIDC_COOKIE_SECRET, HONO_OIDC_CODE_VERIFIER_COOKIE, } = env(c);
|
|
80
|
+
const provider = await createIdentityProvider(HONO_OIDC_ISSUER);
|
|
81
|
+
const client = provider.createClient(HONO_OIDC_CLIENT_ID, HONO_OIDC_CLIENT_SECRET);
|
|
82
|
+
let id = c.get('identity');
|
|
83
|
+
if (!id) {
|
|
84
|
+
const stateId = randomstring.generate(5);
|
|
85
|
+
const state = { originUrl: c.get('originUrl') || c.req.url };
|
|
86
|
+
await setSignedCookie(c, `_authstate-${stateId}`, JSON.stringify(state), HONO_OIDC_COOKIE_SECRET, { httpOnly: true, secure: true, sameSite: 'Lax' });
|
|
87
|
+
const codeVerifier = randomstring.generate(16);
|
|
88
|
+
await setSignedCookie(c, HONO_OIDC_CODE_VERIFIER_COOKIE, codeVerifier, HONO_OIDC_COOKIE_SECRET, { httpOnly: true, secure: true, sameSite: 'Lax' });
|
|
89
|
+
const authRequest = client
|
|
90
|
+
.newAuthorizationRequest()
|
|
91
|
+
.setRedirectUri(HONO_OIDC_REDIRECT_URI)
|
|
92
|
+
.setResponseMode("query")
|
|
93
|
+
.setResponseType("code id_token")
|
|
94
|
+
.setScope(["profile"])
|
|
95
|
+
.setCodeChallenge(codeVerifier)
|
|
96
|
+
.setState(stateId);
|
|
97
|
+
const authRequestURL = authRequest.toURL();
|
|
98
|
+
return c.redirect(authRequestURL.toString());
|
|
99
|
+
}
|
|
100
|
+
await next();
|
|
101
|
+
};
|
|
104
102
|
/**
|
|
105
103
|
* receiveAuth
|
|
106
104
|
* @param c
|