@smg-automotive/auth 6.8.0-auth0-update-instance-creation.1 → 6.8.0-auth0-update-middleware.1

package/dist/cjs/config/auth0.js

@@ -0,0 +1,107 @@
+'use strict';
+
+var utils = require('../lib/utils.js');
+
+const isDevelopmentEnvironment = process.env.CONFIG_ENV === 'development';
+const proxyPathSegment = utils.ensureString(process.env.PROXY_REQUEST_PATH_SEGMENT);
+const legacyAccessTokenName = utils.ensureString(process.env.AUTH0_CUSTOM_LEGACY_ACCESS_TOKEN_NAME);
+const legacyRefreshTokenName = utils.ensureString(process.env.AUTH0_CUSTOM_LEGACY_REFRESH_TOKEN_NAME);
+const defaultLocale = utils.ensureString(process.env.DEFAULT_LOCALE);
+const supportedLocales = utils.ensureString(process.env.SUPPORTED_LOCALES)
+    .split(',')
+    .filter(Boolean);
+const sessionCookieName = utils.ensureString(process.env.AUTH0_SESSION_NAME);
+const audience = utils.ensureString(process.env.AUTH0_AUDIENCE);
+const authCookieNames = utils.ensureString(process.env.AUTH0_CUSTOM_AUTH_COOKIE_NAMES)
+    .split(',')
+    .filter(Boolean);
+if (!defaultLocale) {
+    throw new Error('[Auth-package] DEFAULT_LOCALE is not set');
+}
+if (supportedLocales.length === 0) {
+    throw new Error('[Auth-package] SUPPORTED_LOCALES is not set');
+}
+const auth0Config = {
+    // Endpoint where the user gets redirected to auth0 universal login
+    loginEndpoint: '/api/auth/login',
+    // Endpoint where the user gets redirected to auth0 universal logout
+    logoutEndpoint: '/api/auth/logout',
+    // Endpoint to fetch and refresh token
+    // TODO: this is used client side and only configurable via env variable
+    tokenEndpoint: '/auth/token',
+    // Endpoint to fetch and refresh token
+    callbackEndpoint: '/api/auth/callback',
+    // Endpoint to fetch user profile
+    // TODO: this is used client side and only configurable via env variable
+    userProfileEndpoint: '/auth/profile',
+    // Interval delay to check if the token needs to be refreshed
+    intervalDelayInMs: 10000,
+    // If the token is valid for less than the specified time to app will rotate the token
+    refreshThresholdInMs: 300000,
+    // Segment to prefix on request when run in environments with a reverse proxy
+    proxyPathSegment: '',
+    // Legacy access token name
+    legacyAccessTokenName: '',
+    // Legacy refresh token name
+    legacyRefreshTokenName: '',
+    // Interval in MS to call function that checks if the token needs to be refreshed
+    providerInterval: 10000,
+    // Debug flag to force a token refresh on every interval
+    debugForceTokenRefresh: false,
+    // Language configuration
+    languageConfig: {
+        default: defaultLocale,
+        supported: supportedLocales,
+    },
+    // A domain wide cross project cookie storing the sellerId the user want's to act as in the system
+    // Used for Multi-tenant accounts capable of multiple sellers
+    selectedSellerIdCookie: {
+        name: 'selectedSellerId',
+        httpOnly: true,
+        maxAge: 30 * 24 * 60 * 60,
+        secure: true,
+        sameSite: 'lax',
+        path: '/',
+    },
+    // A domain wide cross project cookie storing impersonated sellerId
+    // Marks a restricted back-office functionality
+    impersonatedSellerIdCookie: {
+        name: 'impersonatedSellerId',
+        httpOnly: true,
+        maxAge: 1 * 60 * 60,
+        secure: true,
+        sameSite: 'lax',
+        path: '/',
+    },
+    // Auth scopes
+    scopes: 'openid email offline_access webapp.autoscout24.ch',
+    // Global path to redirect to for auth errors must only be implemented by one project and exposed trough the proxy
+    globalAuthErrorPath: '/errors/auth',
+    // List of auth related cookies to be cleared on logout
+    authCookieNames,
+    // Name of the session cookie
+    sessionCookieName,
+    // Audience of the auth0 application
+    audience,
+};
+const getAuth0Config = ({ isProxied, }) => {
+    const runtimeConfig = { ...auth0Config };
+    runtimeConfig.proxyPathSegment = utils.ensureSlash(proxyPathSegment);
+    runtimeConfig.legacyAccessTokenName = legacyAccessTokenName;
+    runtimeConfig.legacyRefreshTokenName = legacyRefreshTokenName;
+    runtimeConfig.selectedSellerIdCookie.secure = !isDevelopmentEnvironment;
+    if (!isProxied) {
+        return runtimeConfig;
+    }
+    return {
+        ...runtimeConfig,
+        loginEndpoint: `${runtimeConfig.proxyPathSegment}${runtimeConfig.loginEndpoint}`,
+        logoutEndpoint: `${runtimeConfig.proxyPathSegment}${runtimeConfig.logoutEndpoint}`,
+        tokenEndpoint: `${runtimeConfig.proxyPathSegment}${runtimeConfig.tokenEndpoint}`,
+        userProfileEndpoint: `${runtimeConfig.proxyPathSegment}${runtimeConfig.userProfileEndpoint}`,
+        callbackEndpoint: `${runtimeConfig.proxyPathSegment}${runtimeConfig.callbackEndpoint}`,
+    };
+};
+
+exports.getAuth0Config = getAuth0Config;
+//# sourceMappingURL=auth0.js.map

package/dist/cjs/config/auth0.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth0.js","sources":["../../../../src/config/auth0.ts"],"sourcesContent":[null],"names":["ensureString","ensureSlash"],"mappings":";;;;AAKA,MAAM,wBAAwB,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,KAAK,aAAa;AACzE,MAAM,gBAAgB,GAAGA,kBAAY,CAAC,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC;AAE7E,MAAM,qBAAqB,GAAGA,kBAAY,CACxC,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAClD;AACD,MAAM,sBAAsB,GAAGA,kBAAY,CACzC,OAAO,CAAC,GAAG,CAAC,sCAAsC,CACnD;AAED,MAAM,aAAa,GAAGA,kBAAY,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAa;AAC1E,MAAM,gBAAgB,GAAGA,kBAAY,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB;KAChE,KAAK,CAAC,GAAG;KACT,MAAM,CAAC,OAAO,CAAe;AAEhC,MAAM,iBAAiB,GAAGA,kBAAY,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;AACtE,MAAM,QAAQ,GAAGA,kBAAY,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;AAEzD,MAAM,eAAe,GAAGA,kBAAY,CAAC,OAAO,CAAC,GAAG,CAAC,8BAA8B;KAC5E,KAAK,CAAC,GAAG;KACT,MAAM,CAAC,OAAO,CAAC;AAElB,IAAI,CAAC,aAAa,EAAE;AAClB,IAAA,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC;AAC7D;AAEA,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE;AACjC,IAAA,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC;AAChE;AAEA,MAAM,WAAW,GAAgB;;AAE/B,IAAA,aAAa,EAAE,iBAAiB;;AAEhC,IAAA,cAAc,EAAE,kBAAkB;;;AAGlC,IAAA,aAAa,EAAE,aAAa;;AAE5B,IAAA,gBAAgB,EAAE,oBAAoB;;;AAGtC,IAAA,mBAAmB,EAAE,eAAe;;AAEpC,IAAA,iBAAiB,EAAE,KAAK;;AAExB,IAAA,oBAAoB,EAAE,MAAM;;AAE5B,IAAA,gBAAgB,EAAE,EAAE;;AAEpB,IAAA,qBAAqB,EAAE,EAAE;;AAEzB,IAAA,sBAAsB,EAAE,EAAE;;AAE1B,IAAA,gBAAgB,EAAE,KAAK;;AAEvB,IAAA,sBAAsB,EAAE,KAAK;;AAE7B,IAAA,cAAc,EAAE;AACd,QAAA,OAAO,EAAE,aAAa;AACtB,QAAA,SAAS,EAAE,gBAAgB;AAC5B,KAAA;;;AAGD,IAAA,sBAAsB,EAAE;AACtB,QAAA,IAAI,EAAE,kBAAkB;AACxB,QAAA,QAAQ,EAAE,IAAI;AACd,QAAA,MAAM,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE;AACzB,QAAA,MAAM,EAAE,IAAI;AACZ,QAAA,QAAQ,EAAE,KAAK;AACf,QAAA,IAAI,EAAE,GAAG;AACV,KAAA;;;AAGD,IAAA,0BAA0B,EAAE;AAC1B,QAAA,IAAI,EAAE,sBAAsB;AAC5B,QAAA,QAAQ,EAAE,IAAI;AACd,QAAA,MAAM,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE;AACnB,QAAA,MAAM,EAAE,IAAI;AACZ,QAAA,QAAQ,EAAE,KAAK;AACf,QAAA,IAAI,EAAE,GAAG;AACV,KAAA;;AAED,IAAA,MAAM,EAAE,mDAAmD;;AAE3D,IAAA,mBAAmB,EAAE,cAAc;;IAEnC,eAAe;;IAEf,iBAAiB;;IAEjB,QAAQ;CACT;MAEY,cAAc,GAAG,CAAC,EAC7B,SAAS,GAGV,KAAiB;AAChB,IAAA,MAAM,aAAa,GAAG,EAAE,GAAG,WAAW,EAAE;AACxC,IAAA,aAAa,CAAC,gBAAgB,GAAGC,iBAAW,CAAC,gBAAgB,CAAC;AAC9D,IAAA,aAAa,CAAC,qBAAqB,GAAG,qBAAqB;AAC3D,IAAA,aAAa,CAAC,sBAAsB,GAAG,sBAAsB;AAC7D,IAAA,aAAa,CAAC,sBAAsB,CAAC,MAAM,GAAG,CAAC,wBAAwB;IAEvE,IAAI,CAAC,SAAS,EAAE;AACd,QAAA,OAAO,aAAa;IACtB;IAEA,OAAO;AACL,QAAA,GAAG,aAAa;QAChB,aAAa,EAAE,GAAG,aAAa,CAAC,gBAAgB,CAAA,EAAG,aAAa,CAAC,aAAa,CAAA,CAAE;QAChF,cAAc,EAAE,GAAG,aAAa,CAAC,gBAAgB,CAAA,EAAG,aAAa,CAAC,cAAc,CAAA,CAAE;QAClF,aAAa,EAAE,GAAG,aAAa,CAAC,gBAAgB,CAAA,EAAG,aAAa,CAAC,aAAa,CAAA,CAAE;QAChF,mBAAmB,EAAE,GAAG,aAAa,CAAC,gBAAgB,CAAA,EAAG,aAAa,CAAC,mBAAmB,CAAA,CAAE;QAC5F,gBAAgB,EAAE,GAAG,aAAa,CAAC,gBAAgB,CAAA,EAAG,aAAa,CAAC,gBAAgB,CAAA,CAAE;KACvF;AACH;;;;"}

package/dist/cjs/lib/authLinks.d.ts

@@ -0,0 +1,12 @@
+import { Language } from '@smg-automotive/i18n-pkg';
+import { Auth0Config } from 'src/types';
+export declare const getLogoutLink: ({ returnTo, language, auth0Config, }: {
+    returnTo?: string;
+    language?: Language;
+    auth0Config: Auth0Config | null;
+}) => string;
+export declare const getLoginLink: ({ returnTo, language, auth0Config, }: {
+    returnTo?: string;
+    language?: Language;
+    auth0Config: Auth0Config | null;
+}) => string;

package/dist/cjs/lib/authLinks.js

@@ -0,0 +1,16 @@
+'use strict';
+
+var i18nPkg = require('@smg-automotive/i18n-pkg');
+
+const getLoginLink = ({ returnTo, language = i18nPkg.defaultLanguage, auth0Config, }) => {
+    if (!auth0Config) {
+        throw new Error('Missing auth0Config');
+    }
+    const encodedReturnTo = returnTo
+        ? `&returnTo=${encodeURIComponent(returnTo)}`
+        : '';
+    return `${auth0Config.loginEndpoint}?locale=${language}${encodedReturnTo}`;
+};
+
+exports.getLoginLink = getLoginLink;
+//# sourceMappingURL=authLinks.js.map

package/dist/cjs/lib/authLinks.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authLinks.js","sources":["../../../../src/lib/authLinks.ts"],"sourcesContent":[null],"names":["defaultLanguage"],"mappings":";;;;AAwBO,MAAM,YAAY,GAAG,CAAC,EAC3B,QAAQ,EACR,QAAQ,GAAGA,uBAAe,EAC1B,WAAW,GAKZ,KAAI;IACH,IAAI,CAAC,WAAW,EAAE;AAChB,QAAA,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC;IACxC;IACA,MAAM,eAAe,GAAG;AACtB,UAAE,CAAA,UAAA,EAAa,kBAAkB,CAAC,QAAQ,CAAC,CAAA;UACzC,EAAE;IAEN,OAAO,CAAA,EAAG,WAAW,CAAC,aAAa,WAAW,QAAQ,CAAA,EAAG,eAAe,CAAA,CAAE;AAC5E;;;;"}

package/dist/cjs/lib/utils.js

@@ -0,0 +1,18 @@
+'use strict';
+
+const ensureString = (value) => {
+    if (typeof value !== 'string') {
+        return '';
+    }
+    return value;
+};
+const ensureSlash = (path) => {
+    if (path.startsWith('/')) {
+        return path;
+    }
+    return `/${path}`;
+};
+
+exports.ensureSlash = ensureSlash;
+exports.ensureString = ensureString;
+//# sourceMappingURL=utils.js.map

package/dist/cjs/lib/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.js","sources":["../../../../src/lib/utils.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAO,MAAM,YAAY,GAAG,CAAC,KAAyB,KAAI;AACxD,IAAA,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;AAC7B,QAAA,OAAO,EAAE;IACX;AAEA,IAAA,OAAO,KAAK;AACd;AAEO,MAAM,WAAW,GAAG,CAAC,IAAY,KAAI;AAC1C,IAAA,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE;AACxB,QAAA,OAAO,IAAI;IACb;IAEA,OAAO,CAAA,CAAA,EAAI,IAAI,CAAA,CAAE;AACnB;;;;;"}

package/dist/cjs/server/getAuth0Instance.js

@@ -0,0 +1,40 @@
+'use strict';
+
+var server = require('@auth0/nextjs-auth0/server');
+var auth0 = require('../config/auth0.js');
+
+const instances = {};
+const buildInstanceKey = ({ host, isProxied, protocol, }) => {
+    return `${protocol}-${host}-isProxied-${isProxied}`;
+};
+const getAuth0Instance = ({ protocol, host, isProxied, }) => {
+    const key = buildInstanceKey({ host, isProxied, protocol });
+    const instance = instances[key];
+    if (instance) {
+        return instance;
+    }
+    const auth0Config = auth0.getAuth0Config({ isProxied });
+    const appBaseUrl = `${protocol}://${host}`;
+    const newInstance = new server.Auth0Client({
+        appBaseUrl,
+        routes: {
+            login: auth0Config.loginEndpoint,
+            logout: auth0Config.logoutEndpoint,
+            callback: auth0Config.callbackEndpoint,
+        },
+        session: {
+            cookie: {
+                name: auth0Config.sessionCookieName,
+            },
+        },
+        authorizationParameters: {
+            scope: auth0Config.scopes,
+            audience: auth0Config.audience,
+        },
+    });
+    instances[key] = newInstance;
+    return newInstance;
+};
+
+exports.getAuth0Instance = getAuth0Instance;
+//# sourceMappingURL=getAuth0Instance.js.map

package/dist/cjs/server/getAuth0Instance.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"getAuth0Instance.js","sources":["../../../../src/server/getAuth0Instance.ts"],"sourcesContent":[null],"names":["getAuth0Config","Auth0Client"],"mappings":";;;;;AAKA,MAAM,SAAS,GAAmB,EAAE;AAQpC,MAAM,gBAAgB,GAAG,CAAC,EACxB,IAAI,EACJ,SAAS,EACT,QAAQ,GACgB,KAAI;AAC5B,IAAA,OAAO,GAAG,QAAQ,CAAA,CAAA,EAAI,IAAI,CAAA,WAAA,EAAc,SAAS,EAAE;AACrD,CAAC;AAEM,MAAM,gBAAgB,GAAG,CAAC,EAC/B,QAAQ,EACR,IAAI,EACJ,SAAS,GACe,KAAiB;AACzC,IAAA,MAAM,GAAG,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AAC3D,IAAA,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC;IAC/B,IAAI,QAAQ,EAAE;AACZ,QAAA,OAAO,QAAQ;IACjB;IAEA,MAAM,WAAW,GAAGA,oBAAc,CAAC,EAAE,SAAS,EAAE,CAAC;AACjD,IAAA,MAAM,UAAU,GAAG,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,EAAE;AAC1C,IAAA,MAAM,WAAW,GAAG,IAAIC,kBAAW,CAAC;QAClC,UAAU;AACV,QAAA,MAAM,EAAE;YACN,KAAK,EAAE,WAAW,CAAC,aAAa;YAChC,MAAM,EAAE,WAAW,CAAC,cAAc;YAClC,QAAQ,EAAE,WAAW,CAAC,gBAAgB;AACvC,SAAA;AACD,QAAA,OAAO,EAAE;AACP,YAAA,MAAM,EAAE;gBACN,IAAI,EAAE,WAAW,CAAC,iBAAiB;AACpC,aAAA;AACF,SAAA;AACD,QAAA,uBAAuB,EAAE;YACvB,KAAK,EAAE,WAAW,CAAC,MAAM;YACzB,QAAQ,EAAE,WAAW,CAAC,QAAQ;AAC/B,SAAA;AACF,KAAA,CAAC;AACF,IAAA,SAAS,CAAC,GAAG,CAAC,GAAG,WAAW;AAC5B,IAAA,OAAO,WAAW;AACpB;;;;"}

package/dist/cjs/server/middleware.d.ts

@@ -0,0 +1,11 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { Language } from '@smg-automotive/i18n-pkg';
+export declare const authMiddleware: ({ request, isProtectedRoute, language, host, protocol, isProxied, onError, }: {
+    request: NextRequest;
+    isProtectedRoute: (path: string) => boolean;
+    language: Language;
+    host: string;
+    protocol: string;
+    isProxied: boolean;
+    onError?: (error: Error) => void;
+}) => Promise<NextResponse>;

package/dist/cjs/server/middleware.js

@@ -0,0 +1,74 @@
+'use strict';
+
+var server = require('next/server');
+var authLinks = require('../lib/authLinks.js');
+var auth0 = require('../config/auth0.js');
+var getAuth0Instance = require('./getAuth0Instance.js');
+
+const redirectToLogin = ({ auth0Config, language, returnTo, origin, }) => {
+    const loginUrl = authLinks.getLoginLink({
+        auth0Config,
+        language,
+        returnTo,
+    });
+    return server.NextResponse.redirect(new URL(loginUrl, origin), {
+        status: 307,
+    });
+};
+const isAuthRoute = (pathname, auth0Config) => {
+    const { loginEndpoint, logoutEndpoint, callbackEndpoint, userProfileEndpoint, tokenEndpoint, } = auth0Config;
+    return [
+        loginEndpoint,
+        logoutEndpoint,
+        callbackEndpoint,
+        userProfileEndpoint,
+        tokenEndpoint,
+    ].includes(pathname);
+};
+const authMiddleware = async ({ request, isProtectedRoute, language, host, protocol, isProxied, onError, }) => {
+    const { origin, pathname, search } = request.nextUrl;
+    const auth0Instance = getAuth0Instance.getAuth0Instance({ host, protocol, isProxied });
+    const auth0Config = auth0.getAuth0Config({ isProxied });
+    const isAuthErrorRoute = pathname.endsWith(auth0Config.globalAuthErrorPath);
+    const authResponse = await auth0Instance.middleware(request);
+    if (isAuthErrorRoute ||
+        isAuthRoute(pathname, auth0Config) ||
+        !isProtectedRoute(pathname)) {
+        return authResponse;
+    }
+    const session = await auth0Instance.getSession(request);
+    if (!session) {
+        return redirectToLogin({
+            auth0Config,
+            language,
+            returnTo: `${pathname}${search}`,
+            origin,
+        });
+    }
+    try {
+        // TODO: should this use a helper
+        await auth0Instance.getAccessToken(request, authResponse);
+    }
+    catch (error) {
+        const authError = error;
+        onError?.(authError);
+        return redirectToLogin({
+            auth0Config,
+            language,
+            returnTo: `${pathname}${search}`,
+            origin,
+        });
+    }
+    const responseWithCombinedHeaders = server.NextResponse.next({
+        request: {
+            headers: request.headers,
+        },
+    });
+    authResponse.headers.forEach((value, key) => {
+        responseWithCombinedHeaders.headers.set(key, value);
+    });
+    return responseWithCombinedHeaders;
+};
+
+exports.authMiddleware = authMiddleware;
+//# sourceMappingURL=middleware.js.map

package/dist/cjs/server/middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.js","sources":["../../../../src/server/middleware.ts"],"sourcesContent":[null],"names":["getLoginLink","NextResponse","getAuth0Instance","getAuth0Config"],"mappings":";;;;;;;AAWA,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAI;IACH,MAAM,QAAQ,GAAGA,sBAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAOC,mBAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ,CAAC;AAED,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,SAAS,EACT,OAAO,GASR,KAA2B;IAC1B,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;AACpD,IAAA,MAAM,aAAa,GAAGC,iCAAgB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAErE,MAAM,WAAW,GAAGC,oBAAc,CAAC,EAAE,SAAS,EAAE,CAAC;IACjD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAE3E,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;AAE5D,IAAA,IACE,gBAAgB;AAChB,QAAA,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC;AAClC,QAAA,CAAC,gBAAgB,CAAC,QAAQ,CAAC,EAC3B;AACA,QAAA,OAAO,YAAY;IACrB;IAEA,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;;QAEF,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,CAAC;IAC3D;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;AACnC,QAAA,OAAO,GAAG,SAAS,CAAC;AAEpB,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,MAAM,2BAA2B,GAAGF,mBAAY,CAAC,IAAI,CAAC;AACpD,QAAA,OAAO,EAAE;YACP,OAAO,EAAE,OAAO,CAAC,OAAO;AACzB,SAAA;AACF,KAAA,CAAC;IACF,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,KAAI;QAC1C,2BAA2B,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC;AACrD,IAAA,CAAC,CAAC;AAEF,IAAA,OAAO,2BAA2B;AACpC;;;;"}

package/dist/cjs/server.d.ts

@@ -0,0 +1 @@
+export { authMiddleware } from './server/middleware';

package/dist/cjs/server.js

@@ -1,4 +1,8 @@
-"use strict";
 'use strict';
 
+var middleware = require('./server/middleware.js');
+
+
+
+exports.authMiddleware = middleware.authMiddleware;
 //# sourceMappingURL=server.js.map

package/dist/cjs/server.js.map

@@ -1 +1 @@
-{"version":3,"file":"server.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;"}
+{"version":3,"file":"server.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;"}

package/dist/esm/config/auth0.js

@@ -0,0 +1,105 @@
+import { ensureString, ensureSlash } from '../lib/utils.js';
+
+const isDevelopmentEnvironment = process.env.CONFIG_ENV === 'development';
+const proxyPathSegment = ensureString(process.env.PROXY_REQUEST_PATH_SEGMENT);
+const legacyAccessTokenName = ensureString(process.env.AUTH0_CUSTOM_LEGACY_ACCESS_TOKEN_NAME);
+const legacyRefreshTokenName = ensureString(process.env.AUTH0_CUSTOM_LEGACY_REFRESH_TOKEN_NAME);
+const defaultLocale = ensureString(process.env.DEFAULT_LOCALE);
+const supportedLocales = ensureString(process.env.SUPPORTED_LOCALES)
+    .split(',')
+    .filter(Boolean);
+const sessionCookieName = ensureString(process.env.AUTH0_SESSION_NAME);
+const audience = ensureString(process.env.AUTH0_AUDIENCE);
+const authCookieNames = ensureString(process.env.AUTH0_CUSTOM_AUTH_COOKIE_NAMES)
+    .split(',')
+    .filter(Boolean);
+if (!defaultLocale) {
+    throw new Error('[Auth-package] DEFAULT_LOCALE is not set');
+}
+if (supportedLocales.length === 0) {
+    throw new Error('[Auth-package] SUPPORTED_LOCALES is not set');
+}
+const auth0Config = {
+    // Endpoint where the user gets redirected to auth0 universal login
+    loginEndpoint: '/api/auth/login',
+    // Endpoint where the user gets redirected to auth0 universal logout
+    logoutEndpoint: '/api/auth/logout',
+    // Endpoint to fetch and refresh token
+    // TODO: this is used client side and only configurable via env variable
+    tokenEndpoint: '/auth/token',
+    // Endpoint to fetch and refresh token
+    callbackEndpoint: '/api/auth/callback',
+    // Endpoint to fetch user profile
+    // TODO: this is used client side and only configurable via env variable
+    userProfileEndpoint: '/auth/profile',
+    // Interval delay to check if the token needs to be refreshed
+    intervalDelayInMs: 10000,
+    // If the token is valid for less than the specified time to app will rotate the token
+    refreshThresholdInMs: 300000,
+    // Segment to prefix on request when run in environments with a reverse proxy
+    proxyPathSegment: '',
+    // Legacy access token name
+    legacyAccessTokenName: '',
+    // Legacy refresh token name
+    legacyRefreshTokenName: '',
+    // Interval in MS to call function that checks if the token needs to be refreshed
+    providerInterval: 10000,
+    // Debug flag to force a token refresh on every interval
+    debugForceTokenRefresh: false,
+    // Language configuration
+    languageConfig: {
+        default: defaultLocale,
+        supported: supportedLocales,
+    },
+    // A domain wide cross project cookie storing the sellerId the user want's to act as in the system
+    // Used for Multi-tenant accounts capable of multiple sellers
+    selectedSellerIdCookie: {
+        name: 'selectedSellerId',
+        httpOnly: true,
+        maxAge: 30 * 24 * 60 * 60,
+        secure: true,
+        sameSite: 'lax',
+        path: '/',
+    },
+    // A domain wide cross project cookie storing impersonated sellerId
+    // Marks a restricted back-office functionality
+    impersonatedSellerIdCookie: {
+        name: 'impersonatedSellerId',
+        httpOnly: true,
+        maxAge: 1 * 60 * 60,
+        secure: true,
+        sameSite: 'lax',
+        path: '/',
+    },
+    // Auth scopes
+    scopes: 'openid email offline_access webapp.autoscout24.ch',
+    // Global path to redirect to for auth errors must only be implemented by one project and exposed trough the proxy
+    globalAuthErrorPath: '/errors/auth',
+    // List of auth related cookies to be cleared on logout
+    authCookieNames,
+    // Name of the session cookie
+    sessionCookieName,
+    // Audience of the auth0 application
+    audience,
+};
+const getAuth0Config = ({ isProxied, }) => {
+    const runtimeConfig = { ...auth0Config };
+    runtimeConfig.proxyPathSegment = ensureSlash(proxyPathSegment);
+    runtimeConfig.legacyAccessTokenName = legacyAccessTokenName;
+    runtimeConfig.legacyRefreshTokenName = legacyRefreshTokenName;
+    runtimeConfig.selectedSellerIdCookie.secure = !isDevelopmentEnvironment;
+    if (!isProxied) {
+        return runtimeConfig;
+    }
+    return {
+        ...runtimeConfig,
+        loginEndpoint: `${runtimeConfig.proxyPathSegment}${runtimeConfig.loginEndpoint}`,
+        logoutEndpoint: `${runtimeConfig.proxyPathSegment}${runtimeConfig.logoutEndpoint}`,
+        tokenEndpoint: `${runtimeConfig.proxyPathSegment}${runtimeConfig.tokenEndpoint}`,
+        userProfileEndpoint: `${runtimeConfig.proxyPathSegment}${runtimeConfig.userProfileEndpoint}`,
+        callbackEndpoint: `${runtimeConfig.proxyPathSegment}${runtimeConfig.callbackEndpoint}`,
+    };
+};
+
+export { getAuth0Config };
+//# sourceMappingURL=auth0.js.map

package/dist/esm/config/auth0.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth0.js","sources":["../../../../src/config/auth0.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAKA,MAAM,wBAAwB,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,KAAK,aAAa;AACzE,MAAM,gBAAgB,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC;AAE7E,MAAM,qBAAqB,GAAG,YAAY,CACxC,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAClD;AACD,MAAM,sBAAsB,GAAG,YAAY,CACzC,OAAO,CAAC,GAAG,CAAC,sCAAsC,CACnD;AAED,MAAM,aAAa,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAa;AAC1E,MAAM,gBAAgB,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB;KAChE,KAAK,CAAC,GAAG;KACT,MAAM,CAAC,OAAO,CAAe;AAEhC,MAAM,iBAAiB,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;AACtE,MAAM,QAAQ,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;AAEzD,MAAM,eAAe,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,8BAA8B;KAC5E,KAAK,CAAC,GAAG;KACT,MAAM,CAAC,OAAO,CAAC;AAElB,IAAI,CAAC,aAAa,EAAE;AAClB,IAAA,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC;AAC7D;AAEA,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE;AACjC,IAAA,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC;AAChE;AAEA,MAAM,WAAW,GAAgB;;AAE/B,IAAA,aAAa,EAAE,iBAAiB;;AAEhC,IAAA,cAAc,EAAE,kBAAkB;;;AAGlC,IAAA,aAAa,EAAE,aAAa;;AAE5B,IAAA,gBAAgB,EAAE,oBAAoB;;;AAGtC,IAAA,mBAAmB,EAAE,eAAe;;AAEpC,IAAA,iBAAiB,EAAE,KAAK;;AAExB,IAAA,oBAAoB,EAAE,MAAM;;AAE5B,IAAA,gBAAgB,EAAE,EAAE;;AAEpB,IAAA,qBAAqB,EAAE,EAAE;;AAEzB,IAAA,sBAAsB,EAAE,EAAE;;AAE1B,IAAA,gBAAgB,EAAE,KAAK;;AAEvB,IAAA,sBAAsB,EAAE,KAAK;;AAE7B,IAAA,cAAc,EAAE;AACd,QAAA,OAAO,EAAE,aAAa;AACtB,QAAA,SAAS,EAAE,gBAAgB;AAC5B,KAAA;;;AAGD,IAAA,sBAAsB,EAAE;AACtB,QAAA,IAAI,EAAE,kBAAkB;AACxB,QAAA,QAAQ,EAAE,IAAI;AACd,QAAA,MAAM,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE;AACzB,QAAA,MAAM,EAAE,IAAI;AACZ,QAAA,QAAQ,EAAE,KAAK;AACf,QAAA,IAAI,EAAE,GAAG;AACV,KAAA;;;AAGD,IAAA,0BAA0B,EAAE;AAC1B,QAAA,IAAI,EAAE,sBAAsB;AAC5B,QAAA,QAAQ,EAAE,IAAI;AACd,QAAA,MAAM,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE;AACnB,QAAA,MAAM,EAAE,IAAI;AACZ,QAAA,QAAQ,EAAE,KAAK;AACf,QAAA,IAAI,EAAE,GAAG;AACV,KAAA;;AAED,IAAA,MAAM,EAAE,mDAAmD;;AAE3D,IAAA,mBAAmB,EAAE,cAAc;;IAEnC,eAAe;;IAEf,iBAAiB;;IAEjB,QAAQ;CACT;MAEY,cAAc,GAAG,CAAC,EAC7B,SAAS,GAGV,KAAiB;AAChB,IAAA,MAAM,aAAa,GAAG,EAAE,GAAG,WAAW,EAAE;AACxC,IAAA,aAAa,CAAC,gBAAgB,GAAG,WAAW,CAAC,gBAAgB,CAAC;AAC9D,IAAA,aAAa,CAAC,qBAAqB,GAAG,qBAAqB;AAC3D,IAAA,aAAa,CAAC,sBAAsB,GAAG,sBAAsB;AAC7D,IAAA,aAAa,CAAC,sBAAsB,CAAC,MAAM,GAAG,CAAC,wBAAwB;IAEvE,IAAI,CAAC,SAAS,EAAE;AACd,QAAA,OAAO,aAAa;IACtB;IAEA,OAAO;AACL,QAAA,GAAG,aAAa;QAChB,aAAa,EAAE,GAAG,aAAa,CAAC,gBAAgB,CAAA,EAAG,aAAa,CAAC,aAAa,CAAA,CAAE;QAChF,cAAc,EAAE,GAAG,aAAa,CAAC,gBAAgB,CAAA,EAAG,aAAa,CAAC,cAAc,CAAA,CAAE;QAClF,aAAa,EAAE,GAAG,aAAa,CAAC,gBAAgB,CAAA,EAAG,aAAa,CAAC,aAAa,CAAA,CAAE;QAChF,mBAAmB,EAAE,GAAG,aAAa,CAAC,gBAAgB,CAAA,EAAG,aAAa,CAAC,mBAAmB,CAAA,CAAE;QAC5F,gBAAgB,EAAE,GAAG,aAAa,CAAC,gBAAgB,CAAA,EAAG,aAAa,CAAC,gBAAgB,CAAA,CAAE;KACvF;AACH;;;;"}

package/dist/esm/lib/authLinks.d.ts

@@ -0,0 +1,12 @@
+import { Language } from '@smg-automotive/i18n-pkg';
+import { Auth0Config } from 'src/types';
+export declare const getLogoutLink: ({ returnTo, language, auth0Config, }: {
+    returnTo?: string;
+    language?: Language;
+    auth0Config: Auth0Config | null;
+}) => string;
+export declare const getLoginLink: ({ returnTo, language, auth0Config, }: {
+    returnTo?: string;
+    language?: Language;
+    auth0Config: Auth0Config | null;
+}) => string;

package/dist/esm/lib/authLinks.js

@@ -0,0 +1,14 @@
+import { defaultLanguage } from '@smg-automotive/i18n-pkg';
+
+const getLoginLink = ({ returnTo, language = defaultLanguage, auth0Config, }) => {
+    if (!auth0Config) {
+        throw new Error('Missing auth0Config');
+    }
+    const encodedReturnTo = returnTo
+        ? `&returnTo=${encodeURIComponent(returnTo)}`
+        : '';
+    return `${auth0Config.loginEndpoint}?locale=${language}${encodedReturnTo}`;
+};
+
+export { getLoginLink };
+//# sourceMappingURL=authLinks.js.map

package/dist/esm/lib/authLinks.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authLinks.js","sources":["../../../../src/lib/authLinks.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAwBO,MAAM,YAAY,GAAG,CAAC,EAC3B,QAAQ,EACR,QAAQ,GAAG,eAAe,EAC1B,WAAW,GAKZ,KAAI;IACH,IAAI,CAAC,WAAW,EAAE;AAChB,QAAA,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC;IACxC;IACA,MAAM,eAAe,GAAG;AACtB,UAAE,CAAA,UAAA,EAAa,kBAAkB,CAAC,QAAQ,CAAC,CAAA;UACzC,EAAE;IAEN,OAAO,CAAA,EAAG,WAAW,CAAC,aAAa,WAAW,QAAQ,CAAA,EAAG,eAAe,CAAA,CAAE;AAC5E;;;;"}

package/dist/esm/lib/utils.js

@@ -0,0 +1,15 @@
+const ensureString = (value) => {
+    if (typeof value !== 'string') {
+        return '';
+    }
+    return value;
+};
+const ensureSlash = (path) => {
+    if (path.startsWith('/')) {
+        return path;
+    }
+    return `/${path}`;
+};
+
+export { ensureSlash, ensureString };
+//# sourceMappingURL=utils.js.map

package/dist/esm/lib/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.js","sources":["../../../../src/lib/utils.ts"],"sourcesContent":[null],"names":[],"mappings":"AAAO,MAAM,YAAY,GAAG,CAAC,KAAyB,KAAI;AACxD,IAAA,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;AAC7B,QAAA,OAAO,EAAE;IACX;AAEA,IAAA,OAAO,KAAK;AACd;AAEO,MAAM,WAAW,GAAG,CAAC,IAAY,KAAI;AAC1C,IAAA,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE;AACxB,QAAA,OAAO,IAAI;IACb;IAEA,OAAO,CAAA,CAAA,EAAI,IAAI,CAAA,CAAE;AACnB;;;;"}

package/dist/esm/server/getAuth0Instance.js

@@ -0,0 +1,38 @@
+import { Auth0Client } from '@auth0/nextjs-auth0/server';
+import { getAuth0Config } from '../config/auth0.js';
+
+const instances = {};
+const buildInstanceKey = ({ host, isProxied, protocol, }) => {
+    return `${protocol}-${host}-isProxied-${isProxied}`;
+};
+const getAuth0Instance = ({ protocol, host, isProxied, }) => {
+    const key = buildInstanceKey({ host, isProxied, protocol });
+    const instance = instances[key];
+    if (instance) {
+        return instance;
+    }
+    const auth0Config = getAuth0Config({ isProxied });
+    const appBaseUrl = `${protocol}://${host}`;
+    const newInstance = new Auth0Client({
+        appBaseUrl,
+        routes: {
+            login: auth0Config.loginEndpoint,
+            logout: auth0Config.logoutEndpoint,
+            callback: auth0Config.callbackEndpoint,
+        },
+        session: {
+            cookie: {
+                name: auth0Config.sessionCookieName,
+            },
+        },
+        authorizationParameters: {
+            scope: auth0Config.scopes,
+            audience: auth0Config.audience,
+        },
+    });
+    instances[key] = newInstance;
+    return newInstance;
+};
+
+export { getAuth0Instance };
+//# sourceMappingURL=getAuth0Instance.js.map

package/dist/esm/server/getAuth0Instance.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"getAuth0Instance.js","sources":["../../../../src/server/getAuth0Instance.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAKA,MAAM,SAAS,GAAmB,EAAE;AAQpC,MAAM,gBAAgB,GAAG,CAAC,EACxB,IAAI,EACJ,SAAS,EACT,QAAQ,GACgB,KAAI;AAC5B,IAAA,OAAO,GAAG,QAAQ,CAAA,CAAA,EAAI,IAAI,CAAA,WAAA,EAAc,SAAS,EAAE;AACrD,CAAC;AAEM,MAAM,gBAAgB,GAAG,CAAC,EAC/B,QAAQ,EACR,IAAI,EACJ,SAAS,GACe,KAAiB;AACzC,IAAA,MAAM,GAAG,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AAC3D,IAAA,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC;IAC/B,IAAI,QAAQ,EAAE;AACZ,QAAA,OAAO,QAAQ;IACjB;IAEA,MAAM,WAAW,GAAG,cAAc,CAAC,EAAE,SAAS,EAAE,CAAC;AACjD,IAAA,MAAM,UAAU,GAAG,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,EAAE;AAC1C,IAAA,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC;QAClC,UAAU;AACV,QAAA,MAAM,EAAE;YACN,KAAK,EAAE,WAAW,CAAC,aAAa;YAChC,MAAM,EAAE,WAAW,CAAC,cAAc;YAClC,QAAQ,EAAE,WAAW,CAAC,gBAAgB;AACvC,SAAA;AACD,QAAA,OAAO,EAAE;AACP,YAAA,MAAM,EAAE;gBACN,IAAI,EAAE,WAAW,CAAC,iBAAiB;AACpC,aAAA;AACF,SAAA;AACD,QAAA,uBAAuB,EAAE;YACvB,KAAK,EAAE,WAAW,CAAC,MAAM;YACzB,QAAQ,EAAE,WAAW,CAAC,QAAQ;AAC/B,SAAA;AACF,KAAA,CAAC;AACF,IAAA,SAAS,CAAC,GAAG,CAAC,GAAG,WAAW;AAC5B,IAAA,OAAO,WAAW;AACpB;;;;"}

package/dist/esm/server/middleware.d.ts

@@ -0,0 +1,11 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { Language } from '@smg-automotive/i18n-pkg';
+export declare const authMiddleware: ({ request, isProtectedRoute, language, host, protocol, isProxied, onError, }: {
+    request: NextRequest;
+    isProtectedRoute: (path: string) => boolean;
+    language: Language;
+    host: string;
+    protocol: string;
+    isProxied: boolean;
+    onError?: (error: Error) => void;
+}) => Promise<NextResponse>;

package/dist/esm/server/middleware.js

@@ -0,0 +1,72 @@
+import { NextResponse } from 'next/server';
+import { getLoginLink } from '../lib/authLinks.js';
+import { getAuth0Config } from '../config/auth0.js';
+import { getAuth0Instance } from './getAuth0Instance.js';
+
+const redirectToLogin = ({ auth0Config, language, returnTo, origin, }) => {
+    const loginUrl = getLoginLink({
+        auth0Config,
+        language,
+        returnTo,
+    });
+    return NextResponse.redirect(new URL(loginUrl, origin), {
+        status: 307,
+    });
+};
+const isAuthRoute = (pathname, auth0Config) => {
+    const { loginEndpoint, logoutEndpoint, callbackEndpoint, userProfileEndpoint, tokenEndpoint, } = auth0Config;
+    return [
+        loginEndpoint,
+        logoutEndpoint,
+        callbackEndpoint,
+        userProfileEndpoint,
+        tokenEndpoint,
+    ].includes(pathname);
+};
+const authMiddleware = async ({ request, isProtectedRoute, language, host, protocol, isProxied, onError, }) => {
+    const { origin, pathname, search } = request.nextUrl;
+    const auth0Instance = getAuth0Instance({ host, protocol, isProxied });
+    const auth0Config = getAuth0Config({ isProxied });
+    const isAuthErrorRoute = pathname.endsWith(auth0Config.globalAuthErrorPath);
+    const authResponse = await auth0Instance.middleware(request);
+    if (isAuthErrorRoute ||
+        isAuthRoute(pathname, auth0Config) ||
+        !isProtectedRoute(pathname)) {
+        return authResponse;
+    }
+    const session = await auth0Instance.getSession(request);
+    if (!session) {
+        return redirectToLogin({
+            auth0Config,
+            language,
+            returnTo: `${pathname}${search}`,
+            origin,
+        });
+    }
+    try {
+        // TODO: should this use a helper
+        await auth0Instance.getAccessToken(request, authResponse);
+    }
+    catch (error) {
+        const authError = error;
+        onError?.(authError);
+        return redirectToLogin({
+            auth0Config,
+            language,
+            returnTo: `${pathname}${search}`,
+            origin,
+        });
+    }
+    const responseWithCombinedHeaders = NextResponse.next({
+        request: {
+            headers: request.headers,
+        },
+    });
+    authResponse.headers.forEach((value, key) => {
+        responseWithCombinedHeaders.headers.set(key, value);
+    });
+    return responseWithCombinedHeaders;
+};
+
+export { authMiddleware };
+//# sourceMappingURL=middleware.js.map

package/dist/esm/server/middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.js","sources":["../../../../src/server/middleware.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAWA,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAI;IACH,MAAM,QAAQ,GAAG,YAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAO,YAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ,CAAC;AAED,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,SAAS,EACT,OAAO,GASR,KAA2B;IAC1B,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;AACpD,IAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAErE,MAAM,WAAW,GAAG,cAAc,CAAC,EAAE,SAAS,EAAE,CAAC;IACjD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAE3E,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;AAE5D,IAAA,IACE,gBAAgB;AAChB,QAAA,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC;AAClC,QAAA,CAAC,gBAAgB,CAAC,QAAQ,CAAC,EAC3B;AACA,QAAA,OAAO,YAAY;IACrB;IAEA,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;;QAEF,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,CAAC;IAC3D;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;AACnC,QAAA,OAAO,GAAG,SAAS,CAAC;AAEpB,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,MAAM,2BAA2B,GAAG,YAAY,CAAC,IAAI,CAAC;AACpD,QAAA,OAAO,EAAE;YACP,OAAO,EAAE,OAAO,CAAC,OAAO;AACzB,SAAA;AACF,KAAA,CAAC;IACF,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,KAAI;QAC1C,2BAA2B,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC;AACrD,IAAA,CAAC,CAAC;AAEF,IAAA,OAAO,2BAA2B;AACpC;;;;"}

package/dist/esm/server.d.ts

@@ -0,0 +1 @@
+export { authMiddleware } from './server/middleware';

package/dist/esm/server.js

@@ -1,2 +1,2 @@
-"use strict";
+export { authMiddleware } from './server/middleware.js';
 //# sourceMappingURL=server.js.map

package/dist/esm/server.js.map

@@ -1 +1 @@
-{"version":3,"file":"server.js","sources":[],"sourcesContent":[],"names":[],"mappings":";"}
+{"version":3,"file":"server.js","sources":[],"sourcesContent":[],"names":[],"mappings":""}

package/dist/server.d.ts

@@ -1,2 +1,14 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { Language } from '@smg-automotive/i18n-pkg';
 
-export { };
+declare const authMiddleware: ({ request, isProtectedRoute, language, host, protocol, isProxied, onError, }: {
+    request: NextRequest;
+    isProtectedRoute: (path: string) => boolean;
+    language: Language;
+    host: string;
+    protocol: string;
+    isProxied: boolean;
+    onError?: (error: Error) => void;
+}) => Promise<NextResponse>;
+
+export { authMiddleware };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@smg-automotive/auth",
-  "version": "6.8.0-auth0-update-instance-creation.1",
+  "version": "6.8.0-auth0-update-middleware.1",
   "description": "SMG Automotive auth package",
   "exports": {
     ".": {