@smg-automotive/auth 5.0.6 → 5.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/dist/cjs/index.js +892 -847
  2. package/dist/cjs/index.js.map +1 -1
  3. package/dist/esm/context/Auth.js +643 -613
  4. package/dist/esm/context/Auth.js.map +1 -1
  5. package/dist/esm/helpers/deriveUserAndTokenFromCookieHeader.js +242 -226
  6. package/dist/esm/helpers/deriveUserAndTokenFromCookieHeader.js.map +1 -1
  7. package/dist/esm/middleware/ensureTokenFreshness.js +4 -5
  8. package/dist/esm/middleware/ensureTokenFreshness.js.map +1 -1
  9. package/package.json +13 -13
package/dist/cjs/index.js CHANGED
@@ -19,15 +19,15 @@ PERFORMANCE OF THIS SOFTWARE.
19
19
  /* global Reflect, Promise */
20
20
 
21
21
 
22
- var __assign$2 = function() {
23
- __assign$2 = Object.assign || function __assign(t) {
22
+ var __assign = function() {
23
+ __assign = Object.assign || function __assign(t) {
24
24
  for (var s, i = 1, n = arguments.length; i < n; i++) {
25
25
  s = arguments[i];
26
26
  for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) t[p] = s[p];
27
27
  }
28
28
  return t;
29
29
  };
30
- return __assign$2.apply(this, arguments);
30
+ return __assign.apply(this, arguments);
31
31
  };
32
32
 
33
33
  function __awaiter(thisArg, _arguments, P, generator) {
@@ -68,11 +68,9 @@ function __generator(thisArg, body) {
68
68
  }
69
69
  }
70
70
 
71
- var commonjsGlobal = typeof globalThis !== 'undefined' ? globalThis : typeof window !== 'undefined' ? window : typeof global !== 'undefined' ? global : typeof self !== 'undefined' ? self : {};
72
-
73
71
  var dist$1 = {};
74
72
 
75
- var cookie$1 = {};
73
+ var cookie = {};
76
74
 
77
75
  /*!
78
76
  * cookie
@@ -81,615 +79,648 @@ var cookie$1 = {};
81
79
  * MIT Licensed
82
80
  */
83
81
 
84
- /**
85
- * Module exports.
86
- * @public
87
- */
88
-
89
- cookie$1.parse = parse$2;
90
- cookie$1.serialize = serialize$1;
91
-
92
- /**
93
- * Module variables.
94
- * @private
95
- */
96
-
97
- var decode$1 = decodeURIComponent;
98
- var encode = encodeURIComponent;
99
-
100
- /**
101
- * RegExp to match field-content in RFC 7230 sec 3.2
102
- *
103
- * field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ]
104
- * field-vchar = VCHAR / obs-text
105
- * obs-text = %x80-FF
106
- */
107
-
108
- var fieldContentRegExp = /^[\u0009\u0020-\u007e\u0080-\u00ff]+$/;
109
-
110
- /**
111
- * Parse a cookie header.
112
- *
113
- * Parse the given cookie header string into an object
114
- * The object has the various cookies as keys(names) => values
115
- *
116
- * @param {string} str
117
- * @param {object} [options]
118
- * @return {object}
119
- * @public
120
- */
121
-
122
- function parse$2(str, options) {
123
- if (typeof str !== 'string') {
124
- throw new TypeError('argument str must be a string');
125
- }
126
-
127
- var obj = {};
128
- var opt = options || {};
129
- var pairs = str.split(';');
130
- var dec = opt.decode || decode$1;
131
-
132
- for (var i = 0; i < pairs.length; i++) {
133
- var pair = pairs[i];
134
- var index = pair.indexOf('=');
135
-
136
- // skip things that don't look like key=value
137
- if (index < 0) {
138
- continue;
139
- }
140
-
141
- var key = pair.substring(0, index).trim();
142
-
143
- // only assign once
144
- if (undefined == obj[key]) {
145
- var val = pair.substring(index + 1, pair.length).trim();
146
-
147
- // quoted values
148
- if (val[0] === '"') {
149
- val = val.slice(1, -1);
150
- }
151
-
152
- obj[key] = tryDecode(val, dec);
153
- }
154
- }
155
-
156
- return obj;
82
+ var hasRequiredCookie;
83
+
84
+ function requireCookie () {
85
+ if (hasRequiredCookie) return cookie;
86
+ hasRequiredCookie = 1;
87
+
88
+ /**
89
+ * Module exports.
90
+ * @public
91
+ */
92
+
93
+ cookie.parse = parse;
94
+ cookie.serialize = serialize;
95
+
96
+ /**
97
+ * Module variables.
98
+ * @private
99
+ */
100
+
101
+ var decode = decodeURIComponent;
102
+ var encode = encodeURIComponent;
103
+
104
+ /**
105
+ * RegExp to match field-content in RFC 7230 sec 3.2
106
+ *
107
+ * field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ]
108
+ * field-vchar = VCHAR / obs-text
109
+ * obs-text = %x80-FF
110
+ */
111
+
112
+ var fieldContentRegExp = /^[\u0009\u0020-\u007e\u0080-\u00ff]+$/;
113
+
114
+ /**
115
+ * Parse a cookie header.
116
+ *
117
+ * Parse the given cookie header string into an object
118
+ * The object has the various cookies as keys(names) => values
119
+ *
120
+ * @param {string} str
121
+ * @param {object} [options]
122
+ * @return {object}
123
+ * @public
124
+ */
125
+
126
+ function parse(str, options) {
127
+ if (typeof str !== 'string') {
128
+ throw new TypeError('argument str must be a string');
129
+ }
130
+
131
+ var obj = {};
132
+ var opt = options || {};
133
+ var pairs = str.split(';');
134
+ var dec = opt.decode || decode;
135
+
136
+ for (var i = 0; i < pairs.length; i++) {
137
+ var pair = pairs[i];
138
+ var index = pair.indexOf('=');
139
+
140
+ // skip things that don't look like key=value
141
+ if (index < 0) {
142
+ continue;
143
+ }
144
+
145
+ var key = pair.substring(0, index).trim();
146
+
147
+ // only assign once
148
+ if (undefined == obj[key]) {
149
+ var val = pair.substring(index + 1, pair.length).trim();
150
+
151
+ // quoted values
152
+ if (val[0] === '"') {
153
+ val = val.slice(1, -1);
154
+ }
155
+
156
+ obj[key] = tryDecode(val, dec);
157
+ }
158
+ }
159
+
160
+ return obj;
161
+ }
162
+
163
+ /**
164
+ * Serialize data into a cookie header.
165
+ *
166
+ * Serialize the a name value pair into a cookie string suitable for
167
+ * http headers. An optional options object specified cookie parameters.
168
+ *
169
+ * serialize('foo', 'bar', { httpOnly: true })
170
+ * => "foo=bar; httpOnly"
171
+ *
172
+ * @param {string} name
173
+ * @param {string} val
174
+ * @param {object} [options]
175
+ * @return {string}
176
+ * @public
177
+ */
178
+
179
+ function serialize(name, val, options) {
180
+ var opt = options || {};
181
+ var enc = opt.encode || encode;
182
+
183
+ if (typeof enc !== 'function') {
184
+ throw new TypeError('option encode is invalid');
185
+ }
186
+
187
+ if (!fieldContentRegExp.test(name)) {
188
+ throw new TypeError('argument name is invalid');
189
+ }
190
+
191
+ var value = enc(val);
192
+
193
+ if (value && !fieldContentRegExp.test(value)) {
194
+ throw new TypeError('argument val is invalid');
195
+ }
196
+
197
+ var str = name + '=' + value;
198
+
199
+ if (null != opt.maxAge) {
200
+ var maxAge = opt.maxAge - 0;
201
+
202
+ if (isNaN(maxAge) || !isFinite(maxAge)) {
203
+ throw new TypeError('option maxAge is invalid')
204
+ }
205
+
206
+ str += '; Max-Age=' + Math.floor(maxAge);
207
+ }
208
+
209
+ if (opt.domain) {
210
+ if (!fieldContentRegExp.test(opt.domain)) {
211
+ throw new TypeError('option domain is invalid');
212
+ }
213
+
214
+ str += '; Domain=' + opt.domain;
215
+ }
216
+
217
+ if (opt.path) {
218
+ if (!fieldContentRegExp.test(opt.path)) {
219
+ throw new TypeError('option path is invalid');
220
+ }
221
+
222
+ str += '; Path=' + opt.path;
223
+ }
224
+
225
+ if (opt.expires) {
226
+ if (typeof opt.expires.toUTCString !== 'function') {
227
+ throw new TypeError('option expires is invalid');
228
+ }
229
+
230
+ str += '; Expires=' + opt.expires.toUTCString();
231
+ }
232
+
233
+ if (opt.httpOnly) {
234
+ str += '; HttpOnly';
235
+ }
236
+
237
+ if (opt.secure) {
238
+ str += '; Secure';
239
+ }
240
+
241
+ if (opt.sameSite) {
242
+ var sameSite = typeof opt.sameSite === 'string'
243
+ ? opt.sameSite.toLowerCase() : opt.sameSite;
244
+
245
+ switch (sameSite) {
246
+ case true:
247
+ str += '; SameSite=Strict';
248
+ break;
249
+ case 'lax':
250
+ str += '; SameSite=Lax';
251
+ break;
252
+ case 'strict':
253
+ str += '; SameSite=Strict';
254
+ break;
255
+ case 'none':
256
+ str += '; SameSite=None';
257
+ break;
258
+ default:
259
+ throw new TypeError('option sameSite is invalid');
260
+ }
261
+ }
262
+
263
+ return str;
264
+ }
265
+
266
+ /**
267
+ * Try decoding a string using a decoding function.
268
+ *
269
+ * @param {string} str
270
+ * @param {function} decode
271
+ * @private
272
+ */
273
+
274
+ function tryDecode(str, decode) {
275
+ try {
276
+ return decode(str);
277
+ } catch (e) {
278
+ return str;
279
+ }
280
+ }
281
+ return cookie;
157
282
  }
158
283
 
159
- /**
160
- * Serialize data into a cookie header.
161
- *
162
- * Serialize the a name value pair into a cookie string suitable for
163
- * http headers. An optional options object specified cookie parameters.
164
- *
165
- * serialize('foo', 'bar', { httpOnly: true })
166
- * => "foo=bar; httpOnly"
167
- *
168
- * @param {string} name
169
- * @param {string} val
170
- * @param {object} [options]
171
- * @return {string}
172
- * @public
173
- */
174
-
175
- function serialize$1(name, val, options) {
176
- var opt = options || {};
177
- var enc = opt.encode || encode;
178
-
179
- if (typeof enc !== 'function') {
180
- throw new TypeError('option encode is invalid');
181
- }
182
-
183
- if (!fieldContentRegExp.test(name)) {
184
- throw new TypeError('argument name is invalid');
185
- }
186
-
187
- var value = enc(val);
188
-
189
- if (value && !fieldContentRegExp.test(value)) {
190
- throw new TypeError('argument val is invalid');
191
- }
192
-
193
- var str = name + '=' + value;
194
-
195
- if (null != opt.maxAge) {
196
- var maxAge = opt.maxAge - 0;
197
-
198
- if (isNaN(maxAge) || !isFinite(maxAge)) {
199
- throw new TypeError('option maxAge is invalid')
200
- }
201
-
202
- str += '; Max-Age=' + Math.floor(maxAge);
203
- }
204
-
205
- if (opt.domain) {
206
- if (!fieldContentRegExp.test(opt.domain)) {
207
- throw new TypeError('option domain is invalid');
208
- }
209
-
210
- str += '; Domain=' + opt.domain;
211
- }
212
-
213
- if (opt.path) {
214
- if (!fieldContentRegExp.test(opt.path)) {
215
- throw new TypeError('option path is invalid');
216
- }
217
-
218
- str += '; Path=' + opt.path;
219
- }
220
-
221
- if (opt.expires) {
222
- if (typeof opt.expires.toUTCString !== 'function') {
223
- throw new TypeError('option expires is invalid');
224
- }
225
-
226
- str += '; Expires=' + opt.expires.toUTCString();
227
- }
228
-
229
- if (opt.httpOnly) {
230
- str += '; HttpOnly';
231
- }
232
-
233
- if (opt.secure) {
234
- str += '; Secure';
235
- }
236
-
237
- if (opt.sameSite) {
238
- var sameSite = typeof opt.sameSite === 'string'
239
- ? opt.sameSite.toLowerCase() : opt.sameSite;
240
-
241
- switch (sameSite) {
242
- case true:
243
- str += '; SameSite=Strict';
244
- break;
245
- case 'lax':
246
- str += '; SameSite=Lax';
247
- break;
248
- case 'strict':
249
- str += '; SameSite=Strict';
250
- break;
251
- case 'none':
252
- str += '; SameSite=None';
253
- break;
254
- default:
255
- throw new TypeError('option sameSite is invalid');
256
- }
257
- }
258
-
259
- return str;
260
- }
261
-
262
- /**
263
- * Try decoding a string using a decoding function.
264
- *
265
- * @param {string} str
266
- * @param {function} decode
267
- * @private
268
- */
269
-
270
- function tryDecode(str, decode) {
271
- try {
272
- return decode(str);
273
- } catch (e) {
274
- return str;
275
- }
276
- }
277
-
278
- var setCookie$1 = {exports: {}};
279
-
280
- var defaultParseOptions = {
281
- decodeValues: true,
282
- map: false,
283
- silent: false,
284
- };
285
-
286
- function isNonEmptyString(str) {
287
- return typeof str === "string" && !!str.trim();
288
- }
289
-
290
- function parseString(setCookieValue, options) {
291
- var parts = setCookieValue.split(";").filter(isNonEmptyString);
292
-
293
- var nameValuePairStr = parts.shift();
294
- var parsed = parseNameValuePair(nameValuePairStr);
295
- var name = parsed.name;
296
- var value = parsed.value;
297
-
298
- options = options
299
- ? Object.assign({}, defaultParseOptions, options)
300
- : defaultParseOptions;
301
-
302
- try {
303
- value = options.decodeValues ? decodeURIComponent(value) : value; // decode cookie value
304
- } catch (e) {
305
- console.error(
306
- "set-cookie-parser encountered an error while decoding a cookie with value '" +
307
- value +
308
- "'. Set options.decodeValues to false to disable this feature.",
309
- e
310
- );
311
- }
312
-
313
- var cookie = {
314
- name: name,
315
- value: value,
316
- };
317
-
318
- parts.forEach(function (part) {
319
- var sides = part.split("=");
320
- var key = sides.shift().trimLeft().toLowerCase();
321
- var value = sides.join("=");
322
- if (key === "expires") {
323
- cookie.expires = new Date(value);
324
- } else if (key === "max-age") {
325
- cookie.maxAge = parseInt(value, 10);
326
- } else if (key === "secure") {
327
- cookie.secure = true;
328
- } else if (key === "httponly") {
329
- cookie.httpOnly = true;
330
- } else if (key === "samesite") {
331
- cookie.sameSite = value;
332
- } else {
333
- cookie[key] = value;
334
- }
335
- });
336
-
337
- return cookie;
338
- }
339
-
340
- function parseNameValuePair(nameValuePairStr) {
341
- // Parses name-value-pair according to rfc6265bis draft
342
-
343
- var name = "";
344
- var value = "";
345
- var nameValueArr = nameValuePairStr.split("=");
346
- if (nameValueArr.length > 1) {
347
- name = nameValueArr.shift();
348
- value = nameValueArr.join("="); // everything after the first =, joined by a "=" if there was more than one part
349
- } else {
350
- value = nameValuePairStr;
351
- }
352
-
353
- return { name: name, value: value };
284
+ var setCookie = {exports: {}};
285
+
286
+ var hasRequiredSetCookie;
287
+
288
+ function requireSetCookie () {
289
+ if (hasRequiredSetCookie) return setCookie.exports;
290
+ hasRequiredSetCookie = 1;
291
+
292
+ var defaultParseOptions = {
293
+ decodeValues: true,
294
+ map: false,
295
+ silent: false,
296
+ };
297
+
298
+ function isNonEmptyString(str) {
299
+ return typeof str === "string" && !!str.trim();
300
+ }
301
+
302
+ function parseString(setCookieValue, options) {
303
+ var parts = setCookieValue.split(";").filter(isNonEmptyString);
304
+
305
+ var nameValuePairStr = parts.shift();
306
+ var parsed = parseNameValuePair(nameValuePairStr);
307
+ var name = parsed.name;
308
+ var value = parsed.value;
309
+
310
+ options = options
311
+ ? Object.assign({}, defaultParseOptions, options)
312
+ : defaultParseOptions;
313
+
314
+ try {
315
+ value = options.decodeValues ? decodeURIComponent(value) : value; // decode cookie value
316
+ } catch (e) {
317
+ console.error(
318
+ "set-cookie-parser encountered an error while decoding a cookie with value '" +
319
+ value +
320
+ "'. Set options.decodeValues to false to disable this feature.",
321
+ e
322
+ );
323
+ }
324
+
325
+ var cookie = {
326
+ name: name,
327
+ value: value,
328
+ };
329
+
330
+ parts.forEach(function (part) {
331
+ var sides = part.split("=");
332
+ var key = sides.shift().trimLeft().toLowerCase();
333
+ var value = sides.join("=");
334
+ if (key === "expires") {
335
+ cookie.expires = new Date(value);
336
+ } else if (key === "max-age") {
337
+ cookie.maxAge = parseInt(value, 10);
338
+ } else if (key === "secure") {
339
+ cookie.secure = true;
340
+ } else if (key === "httponly") {
341
+ cookie.httpOnly = true;
342
+ } else if (key === "samesite") {
343
+ cookie.sameSite = value;
344
+ } else {
345
+ cookie[key] = value;
346
+ }
347
+ });
348
+
349
+ return cookie;
350
+ }
351
+
352
+ function parseNameValuePair(nameValuePairStr) {
353
+ // Parses name-value-pair according to rfc6265bis draft
354
+
355
+ var name = "";
356
+ var value = "";
357
+ var nameValueArr = nameValuePairStr.split("=");
358
+ if (nameValueArr.length > 1) {
359
+ name = nameValueArr.shift();
360
+ value = nameValueArr.join("="); // everything after the first =, joined by a "=" if there was more than one part
361
+ } else {
362
+ value = nameValuePairStr;
363
+ }
364
+
365
+ return { name: name, value: value };
366
+ }
367
+
368
+ function parse(input, options) {
369
+ options = options
370
+ ? Object.assign({}, defaultParseOptions, options)
371
+ : defaultParseOptions;
372
+
373
+ if (!input) {
374
+ if (!options.map) {
375
+ return [];
376
+ } else {
377
+ return {};
378
+ }
379
+ }
380
+
381
+ if (input.headers && input.headers["set-cookie"]) {
382
+ // fast-path for node.js (which automatically normalizes header names to lower-case
383
+ input = input.headers["set-cookie"];
384
+ } else if (input.headers) {
385
+ // slow-path for other environments - see #25
386
+ var sch =
387
+ input.headers[
388
+ Object.keys(input.headers).find(function (key) {
389
+ return key.toLowerCase() === "set-cookie";
390
+ })
391
+ ];
392
+ // warn if called on a request-like object with a cookie header rather than a set-cookie header - see #34, 36
393
+ if (!sch && input.headers.cookie && !options.silent) {
394
+ console.warn(
395
+ "Warning: set-cookie-parser appears to have been called on a request object. It is designed to parse Set-Cookie headers from responses, not Cookie headers from requests. Set the option {silent: true} to suppress this warning."
396
+ );
397
+ }
398
+ input = sch;
399
+ }
400
+ if (!Array.isArray(input)) {
401
+ input = [input];
402
+ }
403
+
404
+ options = options
405
+ ? Object.assign({}, defaultParseOptions, options)
406
+ : defaultParseOptions;
407
+
408
+ if (!options.map) {
409
+ return input.filter(isNonEmptyString).map(function (str) {
410
+ return parseString(str, options);
411
+ });
412
+ } else {
413
+ var cookies = {};
414
+ return input.filter(isNonEmptyString).reduce(function (cookies, str) {
415
+ var cookie = parseString(str, options);
416
+ cookies[cookie.name] = cookie;
417
+ return cookies;
418
+ }, cookies);
419
+ }
420
+ }
421
+
422
+ /*
423
+ Set-Cookie header field-values are sometimes comma joined in one string. This splits them without choking on commas
424
+ that are within a single set-cookie field-value, such as in the Expires portion.
425
+
426
+ This is uncommon, but explicitly allowed - see https://tools.ietf.org/html/rfc2616#section-4.2
427
+ Node.js does this for every header *except* set-cookie - see https://github.com/nodejs/node/blob/d5e363b77ebaf1caf67cd7528224b651c86815c1/lib/_http_incoming.js#L128
428
+ React Native's fetch does this for *every* header, including set-cookie.
429
+
430
+ Based on: https://github.com/google/j2objc/commit/16820fdbc8f76ca0c33472810ce0cb03d20efe25
431
+ Credits to: https://github.com/tomball for original and https://github.com/chrusart for JavaScript implementation
432
+ */
433
+ function splitCookiesString(cookiesString) {
434
+ if (Array.isArray(cookiesString)) {
435
+ return cookiesString;
436
+ }
437
+ if (typeof cookiesString !== "string") {
438
+ return [];
439
+ }
440
+
441
+ var cookiesStrings = [];
442
+ var pos = 0;
443
+ var start;
444
+ var ch;
445
+ var lastComma;
446
+ var nextStart;
447
+ var cookiesSeparatorFound;
448
+
449
+ function skipWhitespace() {
450
+ while (pos < cookiesString.length && /\s/.test(cookiesString.charAt(pos))) {
451
+ pos += 1;
452
+ }
453
+ return pos < cookiesString.length;
454
+ }
455
+
456
+ function notSpecialChar() {
457
+ ch = cookiesString.charAt(pos);
458
+
459
+ return ch !== "=" && ch !== ";" && ch !== ",";
460
+ }
461
+
462
+ while (pos < cookiesString.length) {
463
+ start = pos;
464
+ cookiesSeparatorFound = false;
465
+
466
+ while (skipWhitespace()) {
467
+ ch = cookiesString.charAt(pos);
468
+ if (ch === ",") {
469
+ // ',' is a cookie separator if we have later first '=', not ';' or ','
470
+ lastComma = pos;
471
+ pos += 1;
472
+
473
+ skipWhitespace();
474
+ nextStart = pos;
475
+
476
+ while (pos < cookiesString.length && notSpecialChar()) {
477
+ pos += 1;
478
+ }
479
+
480
+ // currently special character
481
+ if (pos < cookiesString.length && cookiesString.charAt(pos) === "=") {
482
+ // we found cookies separator
483
+ cookiesSeparatorFound = true;
484
+ // pos is inside the next cookie, so back up and return it.
485
+ pos = nextStart;
486
+ cookiesStrings.push(cookiesString.substring(start, lastComma));
487
+ start = pos;
488
+ } else {
489
+ // in param ',' or param separator ';',
490
+ // we continue from that comma
491
+ pos = lastComma + 1;
492
+ }
493
+ } else {
494
+ pos += 1;
495
+ }
496
+ }
497
+
498
+ if (!cookiesSeparatorFound || pos >= cookiesString.length) {
499
+ cookiesStrings.push(cookiesString.substring(start, cookiesString.length));
500
+ }
501
+ }
502
+
503
+ return cookiesStrings;
504
+ }
505
+
506
+ setCookie.exports = parse;
507
+ setCookie.exports.parse = parse;
508
+ setCookie.exports.parseString = parseString;
509
+ setCookie.exports.splitCookiesString = splitCookiesString;
510
+ return setCookie.exports;
354
511
  }
355
512
 
356
- function parse$1(input, options) {
357
- options = options
358
- ? Object.assign({}, defaultParseOptions, options)
359
- : defaultParseOptions;
513
+ var utils = {};
360
514
 
361
- if (!input) {
362
- if (!options.map) {
363
- return [];
364
- } else {
365
- return {};
366
- }
367
- }
368
-
369
- if (input.headers && input.headers["set-cookie"]) {
370
- // fast-path for node.js (which automatically normalizes header names to lower-case
371
- input = input.headers["set-cookie"];
372
- } else if (input.headers) {
373
- // slow-path for other environments - see #25
374
- var sch =
375
- input.headers[
376
- Object.keys(input.headers).find(function (key) {
377
- return key.toLowerCase() === "set-cookie";
378
- })
379
- ];
380
- // warn if called on a request-like object with a cookie header rather than a set-cookie header - see #34, 36
381
- if (!sch && input.headers.cookie && !options.silent) {
382
- console.warn(
383
- "Warning: set-cookie-parser appears to have been called on a request object. It is designed to parse Set-Cookie headers from responses, not Cookie headers from requests. Set the option {silent: true} to suppress this warning."
384
- );
385
- }
386
- input = sch;
387
- }
388
- if (!Array.isArray(input)) {
389
- input = [input];
390
- }
391
-
392
- options = options
393
- ? Object.assign({}, defaultParseOptions, options)
394
- : defaultParseOptions;
395
-
396
- if (!options.map) {
397
- return input.filter(isNonEmptyString).map(function (str) {
398
- return parseString(str, options);
399
- });
400
- } else {
401
- var cookies = {};
402
- return input.filter(isNonEmptyString).reduce(function (cookies, str) {
403
- var cookie = parseString(str, options);
404
- cookies[cookie.name] = cookie;
405
- return cookies;
406
- }, cookies);
407
- }
515
+ var hasRequiredUtils;
516
+
517
+ function requireUtils () {
518
+ if (hasRequiredUtils) return utils;
519
+ hasRequiredUtils = 1;
520
+ var __assign = (utils && utils.__assign) || function () {
521
+ __assign = Object.assign || function(t) {
522
+ for (var s, i = 1, n = arguments.length; i < n; i++) {
523
+ s = arguments[i];
524
+ for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
525
+ t[p] = s[p];
526
+ }
527
+ return t;
528
+ };
529
+ return __assign.apply(this, arguments);
530
+ };
531
+ Object.defineProperty(utils, "__esModule", { value: true });
532
+ utils.areCookiesEqual = utils.hasSameProperties = utils.createCookie = utils.isBrowser = void 0;
533
+ /**
534
+ * Tells whether we are in a browser or server.
535
+ */
536
+ function isBrowser() {
537
+ return typeof window !== 'undefined';
538
+ }
539
+ utils.isBrowser = isBrowser;
540
+ /**
541
+ * Create an instance of the Cookie interface
542
+ */
543
+ function createCookie(name, value, options) {
544
+ var sameSite = options.sameSite;
545
+ if (sameSite === true) {
546
+ sameSite = 'strict';
547
+ }
548
+ if (sameSite === undefined || sameSite === false) {
549
+ sameSite = 'lax';
550
+ }
551
+ var cookieToSet = __assign(__assign({}, options), { sameSite: sameSite });
552
+ delete cookieToSet.encode;
553
+ return __assign({ name: name, value: value }, cookieToSet);
554
+ }
555
+ utils.createCookie = createCookie;
556
+ /**
557
+ * Tells whether given objects have the same properties.
558
+ */
559
+ function hasSameProperties(a, b) {
560
+ var aProps = Object.getOwnPropertyNames(a);
561
+ var bProps = Object.getOwnPropertyNames(b);
562
+ if (aProps.length !== bProps.length) {
563
+ return false;
564
+ }
565
+ for (var i = 0; i < aProps.length; i++) {
566
+ var propName = aProps[i];
567
+ if (a[propName] !== b[propName]) {
568
+ return false;
569
+ }
570
+ }
571
+ return true;
572
+ }
573
+ utils.hasSameProperties = hasSameProperties;
574
+ /**
575
+ * Compare the cookie and return true if the cookies have equivalent
576
+ * options and the cookies would be overwritten in the browser storage.
577
+ *
578
+ * @param a first Cookie for comparison
579
+ * @param b second Cookie for comparison
580
+ */
581
+ function areCookiesEqual(a, b) {
582
+ var sameSiteSame = a.sameSite === b.sameSite;
583
+ if (typeof a.sameSite === 'string' && typeof b.sameSite === 'string') {
584
+ sameSiteSame = a.sameSite.toLowerCase() === b.sameSite.toLowerCase();
585
+ }
586
+ return (hasSameProperties(__assign(__assign({}, a), { sameSite: undefined }), __assign(__assign({}, b), { sameSite: undefined })) && sameSiteSame);
587
+ }
588
+ utils.areCookiesEqual = areCookiesEqual;
589
+ /* Functions */
590
+
591
+ return utils;
408
592
  }
409
593
 
410
- /*
411
- Set-Cookie header field-values are sometimes comma joined in one string. This splits them without choking on commas
412
- that are within a single set-cookie field-value, such as in the Expires portion.
413
-
414
- This is uncommon, but explicitly allowed - see https://tools.ietf.org/html/rfc2616#section-4.2
415
- Node.js does this for every header *except* set-cookie - see https://github.com/nodejs/node/blob/d5e363b77ebaf1caf67cd7528224b651c86815c1/lib/_http_incoming.js#L128
416
- React Native's fetch does this for *every* header, including set-cookie.
417
-
418
- Based on: https://github.com/google/j2objc/commit/16820fdbc8f76ca0c33472810ce0cb03d20efe25
419
- Credits to: https://github.com/tomball for original and https://github.com/chrusart for JavaScript implementation
420
- */
421
- function splitCookiesString(cookiesString) {
422
- if (Array.isArray(cookiesString)) {
423
- return cookiesString;
424
- }
425
- if (typeof cookiesString !== "string") {
426
- return [];
427
- }
428
-
429
- var cookiesStrings = [];
430
- var pos = 0;
431
- var start;
432
- var ch;
433
- var lastComma;
434
- var nextStart;
435
- var cookiesSeparatorFound;
436
-
437
- function skipWhitespace() {
438
- while (pos < cookiesString.length && /\s/.test(cookiesString.charAt(pos))) {
439
- pos += 1;
440
- }
441
- return pos < cookiesString.length;
442
- }
443
-
444
- function notSpecialChar() {
445
- ch = cookiesString.charAt(pos);
446
-
447
- return ch !== "=" && ch !== ";" && ch !== ",";
448
- }
449
-
450
- while (pos < cookiesString.length) {
451
- start = pos;
452
- cookiesSeparatorFound = false;
453
-
454
- while (skipWhitespace()) {
455
- ch = cookiesString.charAt(pos);
456
- if (ch === ",") {
457
- // ',' is a cookie separator if we have later first '=', not ';' or ','
458
- lastComma = pos;
459
- pos += 1;
460
-
461
- skipWhitespace();
462
- nextStart = pos;
463
-
464
- while (pos < cookiesString.length && notSpecialChar()) {
465
- pos += 1;
466
- }
467
-
468
- // currently special character
469
- if (pos < cookiesString.length && cookiesString.charAt(pos) === "=") {
470
- // we found cookies separator
471
- cookiesSeparatorFound = true;
472
- // pos is inside the next cookie, so back up and return it.
473
- pos = nextStart;
474
- cookiesStrings.push(cookiesString.substring(start, lastComma));
475
- start = pos;
476
- } else {
477
- // in param ',' or param separator ';',
478
- // we continue from that comma
479
- pos = lastComma + 1;
480
- }
481
- } else {
482
- pos += 1;
483
- }
484
- }
485
-
486
- if (!cookiesSeparatorFound || pos >= cookiesString.length) {
487
- cookiesStrings.push(cookiesString.substring(start, cookiesString.length));
488
- }
489
- }
490
-
491
- return cookiesStrings;
594
+ var hasRequiredDist$1;
595
+
596
+ function requireDist$1 () {
597
+ if (hasRequiredDist$1) return dist$1;
598
+ hasRequiredDist$1 = 1;
599
+ var __assign = (dist$1 && dist$1.__assign) || function () {
600
+ __assign = Object.assign || function(t) {
601
+ for (var s, i = 1, n = arguments.length; i < n; i++) {
602
+ s = arguments[i];
603
+ for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
604
+ t[p] = s[p];
605
+ }
606
+ return t;
607
+ };
608
+ return __assign.apply(this, arguments);
609
+ };
610
+ Object.defineProperty(dist$1, "__esModule", { value: true });
611
+ dist$1.destroyCookie = dist$1.setCookie = dist$1.parseCookies = void 0;
612
+ var cookie = requireCookie();
613
+ var setCookieParser = /*@__PURE__*/ requireSetCookie();
614
+ var utils_1 = requireUtils();
615
+ /**
616
+ * Parses cookies.
617
+ *
618
+ * @param ctx NextJS page or API context, express context, null or undefined.
619
+ * @param options Options that we pass down to `cookie` library.
620
+ */
621
+ function parseCookies(ctx, options) {
622
+ var _a, _b;
623
+ if ((_b = (_a = ctx === null || ctx === void 0 ? void 0 : ctx.req) === null || _a === void 0 ? void 0 : _a.headers) === null || _b === void 0 ? void 0 : _b.cookie) {
624
+ return cookie.parse(ctx.req.headers.cookie, options);
625
+ }
626
+ if (utils_1.isBrowser()) {
627
+ return cookie.parse(document.cookie, options);
628
+ }
629
+ return {};
630
+ }
631
+ dist$1.parseCookies = parseCookies;
632
+ /**
633
+ * Sets a cookie.
634
+ *
635
+ * @param ctx NextJS page or API context, express context, null or undefined.
636
+ * @param name The name of your cookie.
637
+ * @param value The value of your cookie.
638
+ * @param options Options that we pass down to `cookie` library.
639
+ */
640
+ function setCookie(ctx, name, value, options) {
641
+ var _a, _b;
642
+ if (options === void 0) { options = {}; }
643
+ // SSR
644
+ if (((_a = ctx === null || ctx === void 0 ? void 0 : ctx.res) === null || _a === void 0 ? void 0 : _a.getHeader) && ctx.res.setHeader) {
645
+ // Check if response has finished and warn about it.
646
+ if ((_b = ctx === null || ctx === void 0 ? void 0 : ctx.res) === null || _b === void 0 ? void 0 : _b.finished) {
647
+ console.warn("Not setting \"" + name + "\" cookie. Response has finished.");
648
+ console.warn("You should set cookie before res.send()");
649
+ return {};
650
+ }
651
+ /**
652
+ * Load existing cookies from the header and parse them.
653
+ */
654
+ var cookies = ctx.res.getHeader('Set-Cookie') || [];
655
+ if (typeof cookies === 'string')
656
+ cookies = [cookies];
657
+ if (typeof cookies === 'number')
658
+ cookies = [];
659
+ /**
660
+ * Parse cookies but ignore values - we've already encoded
661
+ * them in the previous call.
662
+ */
663
+ var parsedCookies = setCookieParser.parse(cookies, {
664
+ decodeValues: false,
665
+ });
666
+ /**
667
+ * We create the new cookie and make sure that none of
668
+ * the existing cookies match it.
669
+ */
670
+ var newCookie_1 = utils_1.createCookie(name, value, options);
671
+ var cookiesToSet_1 = [];
672
+ parsedCookies.forEach(function (parsedCookie) {
673
+ if (!utils_1.areCookiesEqual(parsedCookie, newCookie_1)) {
674
+ /**
675
+ * We serialize the cookie back to the original format
676
+ * if it isn't the same as the new one.
677
+ */
678
+ var serializedCookie = cookie.serialize(parsedCookie.name, parsedCookie.value, __assign({
679
+ // we prevent reencoding by default, but you might override it
680
+ encode: function (val) { return val; } }, parsedCookie));
681
+ cookiesToSet_1.push(serializedCookie);
682
+ }
683
+ });
684
+ cookiesToSet_1.push(cookie.serialize(name, value, options));
685
+ // Update the header.
686
+ ctx.res.setHeader('Set-Cookie', cookiesToSet_1);
687
+ }
688
+ // Browser
689
+ if (utils_1.isBrowser()) {
690
+ if (options && options.httpOnly) {
691
+ throw new Error('Can not set a httpOnly cookie in the browser.');
692
+ }
693
+ document.cookie = cookie.serialize(name, value, options);
694
+ }
695
+ return {};
696
+ }
697
+ dist$1.setCookie = setCookie;
698
+ /**
699
+ * Destroys a cookie with a particular name.
700
+ *
701
+ * @param ctx NextJS page or API context, express context, null or undefined.
702
+ * @param name Cookie name.
703
+ * @param options Options that we pass down to `cookie` library.
704
+ */
705
+ function destroyCookie(ctx, name, options) {
706
+ /**
707
+ * We forward the request destroy to setCookie function
708
+ * as it is the same function with modified maxAge value.
709
+ */
710
+ return setCookie(ctx, name, '', __assign(__assign({}, (options || {})), { maxAge: -1 }));
711
+ }
712
+ dist$1.destroyCookie = destroyCookie;
713
+ /* Utility Exports */
714
+ dist$1.default = {
715
+ set: setCookie,
716
+ get: parseCookies,
717
+ destroy: destroyCookie,
718
+ };
719
+
720
+ return dist$1;
492
721
  }
493
722
 
494
- setCookie$1.exports = parse$1;
495
- setCookie$1.exports.parse = parse$1;
496
- setCookie$1.exports.parseString = parseString;
497
- setCookie$1.exports.splitCookiesString = splitCookiesString;
498
-
499
- var setCookieExports = setCookie$1.exports;
500
-
501
- var utils = {};
502
-
503
- var __assign$1 = (commonjsGlobal && commonjsGlobal.__assign) || function () {
504
- __assign$1 = Object.assign || function(t) {
505
- for (var s, i = 1, n = arguments.length; i < n; i++) {
506
- s = arguments[i];
507
- for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
508
- t[p] = s[p];
509
- }
510
- return t;
511
- };
512
- return __assign$1.apply(this, arguments);
513
- };
514
- Object.defineProperty(utils, "__esModule", { value: true });
515
- utils.areCookiesEqual = utils.hasSameProperties = utils.createCookie = utils.isBrowser = void 0;
516
- /**
517
- * Tells whether we are in a browser or server.
518
- */
519
- function isBrowser() {
520
- return typeof window !== 'undefined';
521
- }
522
- utils.isBrowser = isBrowser;
523
- /**
524
- * Create an instance of the Cookie interface
525
- */
526
- function createCookie(name, value, options) {
527
- var sameSite = options.sameSite;
528
- if (sameSite === true) {
529
- sameSite = 'strict';
530
- }
531
- if (sameSite === undefined || sameSite === false) {
532
- sameSite = 'lax';
533
- }
534
- var cookieToSet = __assign$1(__assign$1({}, options), { sameSite: sameSite });
535
- delete cookieToSet.encode;
536
- return __assign$1({ name: name, value: value }, cookieToSet);
537
- }
538
- utils.createCookie = createCookie;
539
- /**
540
- * Tells whether given objects have the same properties.
541
- */
542
- function hasSameProperties(a, b) {
543
- var aProps = Object.getOwnPropertyNames(a);
544
- var bProps = Object.getOwnPropertyNames(b);
545
- if (aProps.length !== bProps.length) {
546
- return false;
547
- }
548
- for (var i = 0; i < aProps.length; i++) {
549
- var propName = aProps[i];
550
- if (a[propName] !== b[propName]) {
551
- return false;
552
- }
553
- }
554
- return true;
555
- }
556
- utils.hasSameProperties = hasSameProperties;
557
- /**
558
- * Compare the cookie and return true if the cookies have equivalent
559
- * options and the cookies would be overwritten in the browser storage.
560
- *
561
- * @param a first Cookie for comparison
562
- * @param b second Cookie for comparison
563
- */
564
- function areCookiesEqual(a, b) {
565
- var sameSiteSame = a.sameSite === b.sameSite;
566
- if (typeof a.sameSite === 'string' && typeof b.sameSite === 'string') {
567
- sameSiteSame = a.sameSite.toLowerCase() === b.sameSite.toLowerCase();
568
- }
569
- return (hasSameProperties(__assign$1(__assign$1({}, a), { sameSite: undefined }), __assign$1(__assign$1({}, b), { sameSite: undefined })) && sameSiteSame);
570
- }
571
- utils.areCookiesEqual = areCookiesEqual;
572
-
573
- var __assign = (commonjsGlobal && commonjsGlobal.__assign) || function () {
574
- __assign = Object.assign || function(t) {
575
- for (var s, i = 1, n = arguments.length; i < n; i++) {
576
- s = arguments[i];
577
- for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
578
- t[p] = s[p];
579
- }
580
- return t;
581
- };
582
- return __assign.apply(this, arguments);
583
- };
584
- Object.defineProperty(dist$1, "__esModule", { value: true });
585
- dist$1.destroyCookie = dist$1.setCookie = parseCookies_1 = dist$1.parseCookies = void 0;
586
- var cookie = cookie$1;
587
- var setCookieParser = setCookieExports;
588
- var utils_1 = utils;
589
- /**
590
- * Parses cookies.
591
- *
592
- * @param ctx NextJS page or API context, express context, null or undefined.
593
- * @param options Options that we pass down to `cookie` library.
594
- */
595
- function parseCookies(ctx, options) {
596
- var _a, _b;
597
- if ((_b = (_a = ctx === null || ctx === void 0 ? void 0 : ctx.req) === null || _a === void 0 ? void 0 : _a.headers) === null || _b === void 0 ? void 0 : _b.cookie) {
598
- return cookie.parse(ctx.req.headers.cookie, options);
599
- }
600
- if (utils_1.isBrowser()) {
601
- return cookie.parse(document.cookie, options);
602
- }
603
- return {};
604
- }
605
- var parseCookies_1 = dist$1.parseCookies = parseCookies;
606
- /**
607
- * Sets a cookie.
608
- *
609
- * @param ctx NextJS page or API context, express context, null or undefined.
610
- * @param name The name of your cookie.
611
- * @param value The value of your cookie.
612
- * @param options Options that we pass down to `cookie` library.
613
- */
614
- function setCookie(ctx, name, value, options) {
615
- var _a, _b;
616
- if (options === void 0) { options = {}; }
617
- // SSR
618
- if (((_a = ctx === null || ctx === void 0 ? void 0 : ctx.res) === null || _a === void 0 ? void 0 : _a.getHeader) && ctx.res.setHeader) {
619
- // Check if response has finished and warn about it.
620
- if ((_b = ctx === null || ctx === void 0 ? void 0 : ctx.res) === null || _b === void 0 ? void 0 : _b.finished) {
621
- console.warn("Not setting \"" + name + "\" cookie. Response has finished.");
622
- console.warn("You should set cookie before res.send()");
623
- return {};
624
- }
625
- /**
626
- * Load existing cookies from the header and parse them.
627
- */
628
- var cookies = ctx.res.getHeader('Set-Cookie') || [];
629
- if (typeof cookies === 'string')
630
- cookies = [cookies];
631
- if (typeof cookies === 'number')
632
- cookies = [];
633
- /**
634
- * Parse cookies but ignore values - we've already encoded
635
- * them in the previous call.
636
- */
637
- var parsedCookies = setCookieParser.parse(cookies, {
638
- decodeValues: false,
639
- });
640
- /**
641
- * We create the new cookie and make sure that none of
642
- * the existing cookies match it.
643
- */
644
- var newCookie_1 = utils_1.createCookie(name, value, options);
645
- var cookiesToSet_1 = [];
646
- parsedCookies.forEach(function (parsedCookie) {
647
- if (!utils_1.areCookiesEqual(parsedCookie, newCookie_1)) {
648
- /**
649
- * We serialize the cookie back to the original format
650
- * if it isn't the same as the new one.
651
- */
652
- var serializedCookie = cookie.serialize(parsedCookie.name, parsedCookie.value, __assign({
653
- // we prevent reencoding by default, but you might override it
654
- encode: function (val) { return val; } }, parsedCookie));
655
- cookiesToSet_1.push(serializedCookie);
656
- }
657
- });
658
- cookiesToSet_1.push(cookie.serialize(name, value, options));
659
- // Update the header.
660
- ctx.res.setHeader('Set-Cookie', cookiesToSet_1);
661
- }
662
- // Browser
663
- if (utils_1.isBrowser()) {
664
- if (options && options.httpOnly) {
665
- throw new Error('Can not set a httpOnly cookie in the browser.');
666
- }
667
- document.cookie = cookie.serialize(name, value, options);
668
- }
669
- return {};
670
- }
671
- dist$1.setCookie = setCookie;
672
- /**
673
- * Destroys a cookie with a particular name.
674
- *
675
- * @param ctx NextJS page or API context, express context, null or undefined.
676
- * @param name Cookie name.
677
- * @param options Options that we pass down to `cookie` library.
678
- */
679
- function destroyCookie(ctx, name, options) {
680
- /**
681
- * We forward the request destroy to setCookie function
682
- * as it is the same function with modified maxAge value.
683
- */
684
- return setCookie(ctx, name, '', __assign(__assign({}, (options || {})), { maxAge: -1 }));
685
- }
686
- dist$1.destroyCookie = destroyCookie;
687
- /* Utility Exports */
688
- dist$1.default = {
689
- set: setCookie,
690
- get: parseCookies,
691
- destroy: destroyCookie,
692
- };
723
+ var distExports$1 = requireDist$1();
693
724
 
694
725
  var decodeJWT = function (token) {
695
726
  if (token === null || token === undefined)
@@ -752,7 +783,7 @@ var getUserDataAndTokensFromCookies = function (_a) {
752
783
  : null;
753
784
  var user = decodeJWT(accessToken);
754
785
  var mergedUser = user
755
- ? __assign$2({ id: user.id, email: user.email, exp: user.exp, sellerId: (_b = user.sellerIds) === null || _b === void 0 ? void 0 : _b[0], sellerIds: user.sellerIds, isImpersonated: user.isImpersonated ? user.isImpersonated : false }, userDataCookieObject) : null;
786
+ ? __assign({ id: user.id, email: user.email, exp: user.exp, sellerId: (_b = user.sellerIds) === null || _b === void 0 ? void 0 : _b[0], sellerIds: user.sellerIds, isImpersonated: user.isImpersonated ? user.isImpersonated : false }, userDataCookieObject) : null;
756
787
  return {
757
788
  user: mergedUser,
758
789
  accessToken: accessToken,
@@ -778,11 +809,11 @@ var AuthProvider = function (_a) {
778
809
  }, []);
779
810
  var triggerRefreshTokenApiUrl = memoizedAuthConfig.triggerRefreshTokenApiUrl, subMinutesFromExpirationTime = memoizedAuthConfig.subMinutesFromExpirationTime;
780
811
  var errorHandler = authConfig.errorHandler;
781
- var cookies = parseCookies_1();
812
+ var cookies = distExports$1.parseCookies();
782
813
  var _b = getUserDataAndTokensFromCookies({
783
814
  cookies: cookies,
784
815
  passedAccessToken: passedAccessToken,
785
- authConfig: __assign$2(__assign$2({}, memoizedAuthConfig), { errorHandler: errorHandler }),
816
+ authConfig: __assign(__assign({}, memoizedAuthConfig), { errorHandler: errorHandler }),
786
817
  }), cookieUser = _b.user, cookieAccessToken = _b.accessToken;
787
818
  var memoizedUser = React.useMemo(function () {
788
819
  if (!passedUser) {
@@ -805,21 +836,20 @@ var AuthProvider = function (_a) {
805
836
  case 1:
806
837
  response = _a.sent();
807
838
  if (!response.ok) {
808
- errorHandler &&
809
- errorHandler(new Error('Failed to trigger refresh token api'), {
810
- extra: { response: response },
811
- });
839
+ errorHandler === null || errorHandler === void 0 ? void 0 : errorHandler(new Error('Failed to trigger refresh token api'), {
840
+ extra: { response: response },
841
+ });
812
842
  }
813
- updatedCookies = parseCookies_1();
843
+ updatedCookies = distExports$1.parseCookies();
814
844
  refreshedUser = getUserDataAndTokensFromCookies({
815
845
  cookies: updatedCookies,
816
- authConfig: __assign$2(__assign$2({}, memoizedAuthConfig), { errorHandler: errorHandler }),
846
+ authConfig: __assign(__assign({}, memoizedAuthConfig), { errorHandler: errorHandler }),
817
847
  }).user;
818
848
  setUser(refreshedUser);
819
849
  return [3 /*break*/, 3];
820
850
  case 2:
821
851
  error_1 = _a.sent();
822
- errorHandler && errorHandler(error_1);
852
+ errorHandler === null || errorHandler === void 0 ? void 0 : errorHandler(error_1);
823
853
  return [3 /*break*/, 3];
824
854
  case 3: return [2 /*return*/];
825
855
  }
@@ -932,10 +962,9 @@ var ensureTokenFreshness = function (_a) { return __awaiter(void 0, [_a], void 0
932
962
  res.cookies.delete(tokenNames.access);
933
963
  res.cookies.delete(tokenNames.refresh);
934
964
  res.cookies.delete(userDataCookieName);
935
- errorHandler &&
936
- errorHandler(new Error('Failed to refresh token'), {
937
- extra: { response: response },
938
- });
965
+ errorHandler === null || errorHandler === void 0 ? void 0 : errorHandler(new Error('Failed to refresh token'), {
966
+ extra: { response: response },
967
+ });
939
968
  return [2 /*return*/, res];
940
969
  }
941
970
  return [4 /*yield*/, response.json()];
@@ -970,7 +999,7 @@ var ensureTokenFreshness = function (_a) { return __awaiter(void 0, [_a], void 0
970
999
  return [2 /*return*/, res];
971
1000
  case 4:
972
1001
  error_1 = _e.sent();
973
- errorHandler && errorHandler(error_1);
1002
+ errorHandler === null || errorHandler === void 0 ? void 0 : errorHandler(error_1);
974
1003
  return [3 /*break*/, 5];
975
1004
  case 5:
976
1005
  res.cookies.delete(userDataCookieName);
@@ -983,238 +1012,254 @@ var ensureTokenFreshness = function (_a) { return __awaiter(void 0, [_a], void 0
983
1012
 
984
1013
  var dist = {};
985
1014
 
986
- Object.defineProperty(dist, "__esModule", { value: true });
987
- var parse_1 = dist.parse = parse;
988
- dist.serialize = serialize;
989
- /**
990
- * RegExp to match cookie-name in RFC 6265 sec 4.1.1
991
- * This refers out to the obsoleted definition of token in RFC 2616 sec 2.2
992
- * which has been replaced by the token definition in RFC 7230 appendix B.
993
- *
994
- * cookie-name = token
995
- * token = 1*tchar
996
- * tchar = "!" / "#" / "$" / "%" / "&" / "'" /
997
- * "*" / "+" / "-" / "." / "^" / "_" /
998
- * "`" / "|" / "~" / DIGIT / ALPHA
999
- */
1000
- const cookieNameRegExp = /^[!#$%&'*+\-.^_`|~0-9A-Za-z]+$/;
1001
- /**
1002
- * RegExp to match cookie-value in RFC 6265 sec 4.1.1
1003
- *
1004
- * cookie-value = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE )
1005
- * cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E
1006
- * ; US-ASCII characters excluding CTLs,
1007
- * ; whitespace DQUOTE, comma, semicolon,
1008
- * ; and backslash
1009
- */
1010
- const cookieValueRegExp = /^("?)[\u0021\u0023-\u002B\u002D-\u003A\u003C-\u005B\u005D-\u007E]*\1$/;
1011
- /**
1012
- * RegExp to match domain-value in RFC 6265 sec 4.1.1
1013
- *
1014
- * domain-value = <subdomain>
1015
- * ; defined in [RFC1034], Section 3.5, as
1016
- * ; enhanced by [RFC1123], Section 2.1
1017
- * <subdomain> = <label> | <subdomain> "." <label>
1018
- * <label> = <let-dig> [ [ <ldh-str> ] <let-dig> ]
1019
- * Labels must be 63 characters or less.
1020
- * 'let-dig' not 'letter' in the first char, per RFC1123
1021
- * <ldh-str> = <let-dig-hyp> | <let-dig-hyp> <ldh-str>
1022
- * <let-dig-hyp> = <let-dig> | "-"
1023
- * <let-dig> = <letter> | <digit>
1024
- * <letter> = any one of the 52 alphabetic characters A through Z in
1025
- * upper case and a through z in lower case
1026
- * <digit> = any one of the ten digits 0 through 9
1027
- *
1028
- * Keep support for leading dot: https://github.com/jshttp/cookie/issues/173
1029
- *
1030
- * > (Note that a leading %x2E ("."), if present, is ignored even though that
1031
- * character is not permitted, but a trailing %x2E ("."), if present, will
1032
- * cause the user agent to ignore the attribute.)
1033
- */
1034
- const domainValueRegExp = /^([.]?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)([.][a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)*$/i;
1035
- /**
1036
- * RegExp to match path-value in RFC 6265 sec 4.1.1
1037
- *
1038
- * path-value = <any CHAR except CTLs or ";">
1039
- * CHAR = %x01-7F
1040
- * ; defined in RFC 5234 appendix B.1
1041
- */
1042
- const pathValueRegExp = /^[\u0020-\u003A\u003D-\u007E]*$/;
1043
- const __toString = Object.prototype.toString;
1044
- const NullObject = /* @__PURE__ */ (() => {
1045
- const C = function () { };
1046
- C.prototype = Object.create(null);
1047
- return C;
1048
- })();
1049
- /**
1050
- * Parse a cookie header.
1051
- *
1052
- * Parse the given cookie header string into an object
1053
- * The object has the various cookies as keys(names) => values
1054
- */
1055
- function parse(str, options) {
1056
- const obj = new NullObject();
1057
- const len = str.length;
1058
- // RFC 6265 sec 4.1.1, RFC 2616 2.2 defines a cookie name consists of one char minimum, plus '='.
1059
- if (len < 2)
1060
- return obj;
1061
- const dec = options?.decode || decode;
1062
- let index = 0;
1063
- do {
1064
- const eqIdx = str.indexOf("=", index);
1065
- if (eqIdx === -1)
1066
- break; // No more cookie pairs.
1067
- const colonIdx = str.indexOf(";", index);
1068
- const endIdx = colonIdx === -1 ? len : colonIdx;
1069
- if (eqIdx > endIdx) {
1070
- // backtrack on prior semicolon
1071
- index = str.lastIndexOf(";", eqIdx - 1) + 1;
1072
- continue;
1073
- }
1074
- const keyStartIdx = startIndex(str, index, eqIdx);
1075
- const keyEndIdx = endIndex(str, eqIdx, keyStartIdx);
1076
- const key = str.slice(keyStartIdx, keyEndIdx);
1077
- // only assign once
1078
- if (obj[key] === undefined) {
1079
- let valStartIdx = startIndex(str, eqIdx + 1, endIdx);
1080
- let valEndIdx = endIndex(str, endIdx, valStartIdx);
1081
- const value = dec(str.slice(valStartIdx, valEndIdx));
1082
- obj[key] = value;
1083
- }
1084
- index = endIdx + 1;
1085
- } while (index < len);
1086
- return obj;
1087
- }
1088
- function startIndex(str, index, max) {
1089
- do {
1090
- const code = str.charCodeAt(index);
1091
- if (code !== 0x20 /* */ && code !== 0x09 /* \t */)
1092
- return index;
1093
- } while (++index < max);
1094
- return max;
1095
- }
1096
- function endIndex(str, index, min) {
1097
- while (index > min) {
1098
- const code = str.charCodeAt(--index);
1099
- if (code !== 0x20 /* */ && code !== 0x09 /* \t */)
1100
- return index + 1;
1101
- }
1102
- return min;
1103
- }
1104
- /**
1105
- * Serialize data into a cookie header.
1106
- *
1107
- * Serialize a name value pair into a cookie string suitable for
1108
- * http headers. An optional options object specifies cookie parameters.
1109
- *
1110
- * serialize('foo', 'bar', { httpOnly: true })
1111
- * => "foo=bar; httpOnly"
1112
- */
1113
- function serialize(name, val, options) {
1114
- const enc = options?.encode || encodeURIComponent;
1115
- if (!cookieNameRegExp.test(name)) {
1116
- throw new TypeError(`argument name is invalid: ${name}`);
1117
- }
1118
- const value = enc(val);
1119
- if (!cookieValueRegExp.test(value)) {
1120
- throw new TypeError(`argument val is invalid: ${val}`);
1121
- }
1122
- let str = name + "=" + value;
1123
- if (!options)
1124
- return str;
1125
- if (options.maxAge !== undefined) {
1126
- if (!Number.isInteger(options.maxAge)) {
1127
- throw new TypeError(`option maxAge is invalid: ${options.maxAge}`);
1128
- }
1129
- str += "; Max-Age=" + options.maxAge;
1130
- }
1131
- if (options.domain) {
1132
- if (!domainValueRegExp.test(options.domain)) {
1133
- throw new TypeError(`option domain is invalid: ${options.domain}`);
1134
- }
1135
- str += "; Domain=" + options.domain;
1136
- }
1137
- if (options.path) {
1138
- if (!pathValueRegExp.test(options.path)) {
1139
- throw new TypeError(`option path is invalid: ${options.path}`);
1140
- }
1141
- str += "; Path=" + options.path;
1142
- }
1143
- if (options.expires) {
1144
- if (!isDate(options.expires) ||
1145
- !Number.isFinite(options.expires.valueOf())) {
1146
- throw new TypeError(`option expires is invalid: ${options.expires}`);
1147
- }
1148
- str += "; Expires=" + options.expires.toUTCString();
1149
- }
1150
- if (options.httpOnly) {
1151
- str += "; HttpOnly";
1152
- }
1153
- if (options.secure) {
1154
- str += "; Secure";
1155
- }
1156
- if (options.partitioned) {
1157
- str += "; Partitioned";
1158
- }
1159
- if (options.priority) {
1160
- switch (options.priority) {
1161
- case "low":
1162
- str += "; Priority=Low";
1163
- break;
1164
- case "medium":
1165
- str += "; Priority=Medium";
1166
- break;
1167
- case "high":
1168
- str += "; Priority=High";
1169
- break;
1170
- default:
1171
- throw new TypeError(`option priority is invalid: ${options.priority}`);
1172
- }
1173
- }
1174
- if (options.sameSite) {
1175
- switch (options.sameSite) {
1176
- case true:
1177
- case "strict":
1178
- str += "; SameSite=Strict";
1179
- break;
1180
- case "lax":
1181
- str += "; SameSite=Lax";
1182
- break;
1183
- case "none":
1184
- str += "; SameSite=None";
1185
- break;
1186
- default:
1187
- throw new TypeError(`option sameSite is invalid: ${options.sameSite}`);
1188
- }
1189
- }
1190
- return str;
1191
- }
1192
- /**
1193
- * URL-decode string value. Optimized to skip native call when no %.
1194
- */
1195
- function decode(str) {
1196
- if (str.indexOf("%") === -1)
1197
- return str;
1198
- try {
1199
- return decodeURIComponent(str);
1200
- }
1201
- catch (e) {
1202
- return str;
1203
- }
1204
- }
1205
- /**
1206
- * Determine if value is a Date.
1207
- */
1208
- function isDate(val) {
1209
- return __toString.call(val) === "[object Date]";
1015
+ var hasRequiredDist;
1016
+
1017
+ function requireDist () {
1018
+ if (hasRequiredDist) return dist;
1019
+ hasRequiredDist = 1;
1020
+ Object.defineProperty(dist, "__esModule", { value: true });
1021
+ dist.parse = parse;
1022
+ dist.serialize = serialize;
1023
+ /**
1024
+ * RegExp to match cookie-name in RFC 6265 sec 4.1.1
1025
+ * This refers out to the obsoleted definition of token in RFC 2616 sec 2.2
1026
+ * which has been replaced by the token definition in RFC 7230 appendix B.
1027
+ *
1028
+ * cookie-name = token
1029
+ * token = 1*tchar
1030
+ * tchar = "!" / "#" / "$" / "%" / "&" / "'" /
1031
+ * "*" / "+" / "-" / "." / "^" / "_" /
1032
+ * "`" / "|" / "~" / DIGIT / ALPHA
1033
+ */
1034
+ const cookieNameRegExp = /^[!#$%&'*+\-.^_`|~0-9A-Za-z]+$/;
1035
+ /**
1036
+ * RegExp to match cookie-value in RFC 6265 sec 4.1.1
1037
+ *
1038
+ * cookie-value = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE )
1039
+ * cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E
1040
+ * ; US-ASCII characters excluding CTLs,
1041
+ * ; whitespace DQUOTE, comma, semicolon,
1042
+ * ; and backslash
1043
+ */
1044
+ const cookieValueRegExp = /^("?)[\u0021\u0023-\u002B\u002D-\u003A\u003C-\u005B\u005D-\u007E]*\1$/;
1045
+ /**
1046
+ * RegExp to match domain-value in RFC 6265 sec 4.1.1
1047
+ *
1048
+ * domain-value = <subdomain>
1049
+ * ; defined in [RFC1034], Section 3.5, as
1050
+ * ; enhanced by [RFC1123], Section 2.1
1051
+ * <subdomain> = <label> | <subdomain> "." <label>
1052
+ * <label> = <let-dig> [ [ <ldh-str> ] <let-dig> ]
1053
+ * Labels must be 63 characters or less.
1054
+ * 'let-dig' not 'letter' in the first char, per RFC1123
1055
+ * <ldh-str> = <let-dig-hyp> | <let-dig-hyp> <ldh-str>
1056
+ * <let-dig-hyp> = <let-dig> | "-"
1057
+ * <let-dig> = <letter> | <digit>
1058
+ * <letter> = any one of the 52 alphabetic characters A through Z in
1059
+ * upper case and a through z in lower case
1060
+ * <digit> = any one of the ten digits 0 through 9
1061
+ *
1062
+ * Keep support for leading dot: https://github.com/jshttp/cookie/issues/173
1063
+ *
1064
+ * > (Note that a leading %x2E ("."), if present, is ignored even though that
1065
+ * character is not permitted, but a trailing %x2E ("."), if present, will
1066
+ * cause the user agent to ignore the attribute.)
1067
+ */
1068
+ const domainValueRegExp = /^([.]?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)([.][a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)*$/i;
1069
+ /**
1070
+ * RegExp to match path-value in RFC 6265 sec 4.1.1
1071
+ *
1072
+ * path-value = <any CHAR except CTLs or ";">
1073
+ * CHAR = %x01-7F
1074
+ * ; defined in RFC 5234 appendix B.1
1075
+ */
1076
+ const pathValueRegExp = /^[\u0020-\u003A\u003D-\u007E]*$/;
1077
+ const __toString = Object.prototype.toString;
1078
+ const NullObject = /* @__PURE__ */ (() => {
1079
+ const C = function () { };
1080
+ C.prototype = Object.create(null);
1081
+ return C;
1082
+ })();
1083
+ /**
1084
+ * Parse a cookie header.
1085
+ *
1086
+ * Parse the given cookie header string into an object
1087
+ * The object has the various cookies as keys(names) => values
1088
+ */
1089
+ function parse(str, options) {
1090
+ const obj = new NullObject();
1091
+ const len = str.length;
1092
+ // RFC 6265 sec 4.1.1, RFC 2616 2.2 defines a cookie name consists of one char minimum, plus '='.
1093
+ if (len < 2)
1094
+ return obj;
1095
+ const dec = options?.decode || decode;
1096
+ let index = 0;
1097
+ do {
1098
+ const eqIdx = str.indexOf("=", index);
1099
+ if (eqIdx === -1)
1100
+ break; // No more cookie pairs.
1101
+ const colonIdx = str.indexOf(";", index);
1102
+ const endIdx = colonIdx === -1 ? len : colonIdx;
1103
+ if (eqIdx > endIdx) {
1104
+ // backtrack on prior semicolon
1105
+ index = str.lastIndexOf(";", eqIdx - 1) + 1;
1106
+ continue;
1107
+ }
1108
+ const keyStartIdx = startIndex(str, index, eqIdx);
1109
+ const keyEndIdx = endIndex(str, eqIdx, keyStartIdx);
1110
+ const key = str.slice(keyStartIdx, keyEndIdx);
1111
+ // only assign once
1112
+ if (obj[key] === undefined) {
1113
+ let valStartIdx = startIndex(str, eqIdx + 1, endIdx);
1114
+ let valEndIdx = endIndex(str, endIdx, valStartIdx);
1115
+ const value = dec(str.slice(valStartIdx, valEndIdx));
1116
+ obj[key] = value;
1117
+ }
1118
+ index = endIdx + 1;
1119
+ } while (index < len);
1120
+ return obj;
1121
+ }
1122
+ function startIndex(str, index, max) {
1123
+ do {
1124
+ const code = str.charCodeAt(index);
1125
+ if (code !== 0x20 /* */ && code !== 0x09 /* \t */)
1126
+ return index;
1127
+ } while (++index < max);
1128
+ return max;
1129
+ }
1130
+ function endIndex(str, index, min) {
1131
+ while (index > min) {
1132
+ const code = str.charCodeAt(--index);
1133
+ if (code !== 0x20 /* */ && code !== 0x09 /* \t */)
1134
+ return index + 1;
1135
+ }
1136
+ return min;
1137
+ }
1138
+ /**
1139
+ * Serialize data into a cookie header.
1140
+ *
1141
+ * Serialize a name value pair into a cookie string suitable for
1142
+ * http headers. An optional options object specifies cookie parameters.
1143
+ *
1144
+ * serialize('foo', 'bar', { httpOnly: true })
1145
+ * => "foo=bar; httpOnly"
1146
+ */
1147
+ function serialize(name, val, options) {
1148
+ const enc = options?.encode || encodeURIComponent;
1149
+ if (!cookieNameRegExp.test(name)) {
1150
+ throw new TypeError(`argument name is invalid: ${name}`);
1151
+ }
1152
+ const value = enc(val);
1153
+ if (!cookieValueRegExp.test(value)) {
1154
+ throw new TypeError(`argument val is invalid: ${val}`);
1155
+ }
1156
+ let str = name + "=" + value;
1157
+ if (!options)
1158
+ return str;
1159
+ if (options.maxAge !== undefined) {
1160
+ if (!Number.isInteger(options.maxAge)) {
1161
+ throw new TypeError(`option maxAge is invalid: ${options.maxAge}`);
1162
+ }
1163
+ str += "; Max-Age=" + options.maxAge;
1164
+ }
1165
+ if (options.domain) {
1166
+ if (!domainValueRegExp.test(options.domain)) {
1167
+ throw new TypeError(`option domain is invalid: ${options.domain}`);
1168
+ }
1169
+ str += "; Domain=" + options.domain;
1170
+ }
1171
+ if (options.path) {
1172
+ if (!pathValueRegExp.test(options.path)) {
1173
+ throw new TypeError(`option path is invalid: ${options.path}`);
1174
+ }
1175
+ str += "; Path=" + options.path;
1176
+ }
1177
+ if (options.expires) {
1178
+ if (!isDate(options.expires) ||
1179
+ !Number.isFinite(options.expires.valueOf())) {
1180
+ throw new TypeError(`option expires is invalid: ${options.expires}`);
1181
+ }
1182
+ str += "; Expires=" + options.expires.toUTCString();
1183
+ }
1184
+ if (options.httpOnly) {
1185
+ str += "; HttpOnly";
1186
+ }
1187
+ if (options.secure) {
1188
+ str += "; Secure";
1189
+ }
1190
+ if (options.partitioned) {
1191
+ str += "; Partitioned";
1192
+ }
1193
+ if (options.priority) {
1194
+ const priority = typeof options.priority === "string"
1195
+ ? options.priority.toLowerCase()
1196
+ : options.sameSite;
1197
+ switch (priority) {
1198
+ case "low":
1199
+ str += "; Priority=Low";
1200
+ break;
1201
+ case "medium":
1202
+ str += "; Priority=Medium";
1203
+ break;
1204
+ case "high":
1205
+ str += "; Priority=High";
1206
+ break;
1207
+ default:
1208
+ throw new TypeError(`option priority is invalid: ${options.priority}`);
1209
+ }
1210
+ }
1211
+ if (options.sameSite) {
1212
+ const sameSite = typeof options.sameSite === "string"
1213
+ ? options.sameSite.toLowerCase()
1214
+ : options.sameSite;
1215
+ switch (sameSite) {
1216
+ case true:
1217
+ case "strict":
1218
+ str += "; SameSite=Strict";
1219
+ break;
1220
+ case "lax":
1221
+ str += "; SameSite=Lax";
1222
+ break;
1223
+ case "none":
1224
+ str += "; SameSite=None";
1225
+ break;
1226
+ default:
1227
+ throw new TypeError(`option sameSite is invalid: ${options.sameSite}`);
1228
+ }
1229
+ }
1230
+ return str;
1231
+ }
1232
+ /**
1233
+ * URL-decode string value. Optimized to skip native call when no %.
1234
+ */
1235
+ function decode(str) {
1236
+ if (str.indexOf("%") === -1)
1237
+ return str;
1238
+ try {
1239
+ return decodeURIComponent(str);
1240
+ }
1241
+ catch (e) {
1242
+ return str;
1243
+ }
1244
+ }
1245
+ /**
1246
+ * Determine if value is a Date.
1247
+ */
1248
+ function isDate(val) {
1249
+ return __toString.call(val) === "[object Date]";
1250
+ }
1251
+
1252
+ return dist;
1210
1253
  }
1211
1254
 
1255
+ var distExports = requireDist();
1256
+
1212
1257
  var deriveUserAndTokenFromCookieHeader = function (_a) {
1213
1258
  var cookieHeader = _a.cookieHeader, setCookieHeader = _a.setCookieHeader, authConfig = _a.authConfig;
1214
1259
  if (!cookieHeader) {
1215
1260
  return { accessToken: null, user: null };
1216
1261
  }
1217
- var cookies = parse_1(cookieHeader);
1262
+ var cookies = distExports.parse(cookieHeader);
1218
1263
  if (setCookieHeader) {
1219
1264
  var setCookie = setCookieHeader;
1220
1265
  if (!Array.isArray(setCookieHeader)) {
@@ -1222,7 +1267,7 @@ var deriveUserAndTokenFromCookieHeader = function (_a) {
1222
1267
  }
1223
1268
  var cookiesFromSetCookieHeader = setCookie.reduce(function (acc, current) {
1224
1269
  var _a, _b;
1225
- var parsedCookie = parse_1(current);
1270
+ var parsedCookie = distExports.parse(current);
1226
1271
  if (Object.hasOwn(parsedCookie, authConfig.userDataCookieName)) {
1227
1272
  acc.userDataCookie =
1228
1273
  (_a = parsedCookie[authConfig.userDataCookieName]) !== null && _a !== void 0 ? _a : '';