@smg-automotive/auth 6.8.0-auth0-update-root.2 → 6.8.0-auth0-update-root.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/api/baseUrl.js +10 -0
- package/dist/cjs/api/baseUrl.js.map +1 -0
- package/dist/cjs/api/seller/client.js +14 -0
- package/dist/cjs/api/seller/client.js.map +1 -0
- package/dist/cjs/api/seller/getSeller.js +21 -0
- package/dist/cjs/api/seller/getSeller.js.map +1 -0
- package/dist/cjs/lib/enrichUser/auth0.d.ts +6 -0
- package/dist/cjs/lib/enrichUser/auth0.js +39 -0
- package/dist/cjs/lib/enrichUser/auth0.js.map +1 -0
- package/dist/cjs/server/getAuth0Instance.js +4 -0
- package/dist/cjs/server/getAuth0Instance.js.map +1 -1
- package/dist/cjs/server/hooks/beforeSessionSavedFactory.d.ts +3 -0
- package/dist/cjs/server/hooks/beforeSessionSavedFactory.js +22 -0
- package/dist/cjs/server/hooks/beforeSessionSavedFactory.js.map +1 -0
- package/dist/cjs/server/hooks/onCallbackFactory.d.ts +8 -0
- package/dist/cjs/server/hooks/onCallbackFactory.js +42 -0
- package/dist/cjs/server/hooks/onCallbackFactory.js.map +1 -0
- package/dist/cjs/server/middleware.js +9 -4
- package/dist/cjs/server/middleware.js.map +1 -1
- package/dist/esm/api/baseUrl.js +8 -0
- package/dist/esm/api/baseUrl.js.map +1 -0
- package/dist/esm/api/seller/client.js +12 -0
- package/dist/esm/api/seller/client.js.map +1 -0
- package/dist/esm/api/seller/getSeller.js +19 -0
- package/dist/esm/api/seller/getSeller.js.map +1 -0
- package/dist/esm/lib/enrichUser/auth0.d.ts +6 -0
- package/dist/esm/lib/enrichUser/auth0.js +37 -0
- package/dist/esm/lib/enrichUser/auth0.js.map +1 -0
- package/dist/esm/server/getAuth0Instance.js +4 -0
- package/dist/esm/server/getAuth0Instance.js.map +1 -1
- package/dist/esm/server/hooks/beforeSessionSavedFactory.d.ts +3 -0
- package/dist/esm/server/hooks/beforeSessionSavedFactory.js +20 -0
- package/dist/esm/server/hooks/beforeSessionSavedFactory.js.map +1 -0
- package/dist/esm/server/hooks/onCallbackFactory.d.ts +8 -0
- package/dist/esm/server/hooks/onCallbackFactory.js +40 -0
- package/dist/esm/server/hooks/onCallbackFactory.js.map +1 -0
- package/dist/esm/server/middleware.js +9 -4
- package/dist/esm/server/middleware.js.map +1 -1
- package/package.json +1 -1
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"baseUrl.js","sources":["../../../../src/api/baseUrl.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAA,MAAM,SAAS,GAAG;AAChB,IAAA,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ;AAC7B,IAAA,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,WAAW;CAC3B;AAEH,MAAM,OAAO,GAAG,CAAA,QAAA,EAAW,SAAS,CAAC,OAAO,CAAA,CAAA,EAAI,SAAS,CAAC,UAAU;;;;"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var apiClientPkg = require('@smg-automotive/api-client-pkg');
|
|
4
|
+
var baseUrl = require('../baseUrl.js');
|
|
5
|
+
|
|
6
|
+
const sellerClient = apiClientPkg.ApiClient({
|
|
7
|
+
baseUrl: baseUrl.baseUrl,
|
|
8
|
+
headers: {
|
|
9
|
+
'Content-Type': 'application/json',
|
|
10
|
+
},
|
|
11
|
+
});
|
|
12
|
+
|
|
13
|
+
exports.sellerClient = sellerClient;
|
|
14
|
+
//# sourceMappingURL=client.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"client.js","sources":["../../../../../src/api/seller/client.ts"],"sourcesContent":[null],"names":["ApiClient","baseUrl"],"mappings":";;;;;AAeO,MAAM,YAAY,GAErBA,sBAAS,CAA4B;aACvCC,eAAO;AACP,IAAA,OAAO,EAAE;AACP,QAAA,cAAc,EAAE,kBAAkB;AACnC,KAAA;AACF,CAAA;;;;"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var client = require('./client.js');
|
|
4
|
+
|
|
5
|
+
const getSeller = async ({ sellerId }) => {
|
|
6
|
+
const response = await client.sellerClient
|
|
7
|
+
.path('sellers/{sellerId}', {
|
|
8
|
+
sellerId,
|
|
9
|
+
})
|
|
10
|
+
.get();
|
|
11
|
+
if (response.ok) {
|
|
12
|
+
return response.body;
|
|
13
|
+
}
|
|
14
|
+
if (response.status === 404) {
|
|
15
|
+
return null;
|
|
16
|
+
}
|
|
17
|
+
throw new Error(response.statusText);
|
|
18
|
+
};
|
|
19
|
+
|
|
20
|
+
exports.getSeller = getSeller;
|
|
21
|
+
//# sourceMappingURL=getSeller.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"getSeller.js","sources":["../../../../../src/api/seller/getSeller.ts"],"sourcesContent":[null],"names":["sellerClient"],"mappings":";;;;AAEO,MAAM,SAAS,GAAG,OAAO,EAAE,QAAQ,EAAwB,KAAI;IACpE,MAAM,QAAQ,GAAG,MAAMA;SACpB,IAAI,CAAC,oBAAoB,EAAE;QAC1B,QAAQ;KACT;AACA,SAAA,GAAG,EAAE;AAER,IAAA,IAAI,QAAQ,CAAC,EAAE,EAAE;QACf,OAAO,QAAQ,CAAC,IAAI;IACtB;AAEA,IAAA,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;AAC3B,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC;AACtC;;;;"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { Auth0User, type IncompleteSessionUser, type SessionUser } from 'src/types';
|
|
2
|
+
export declare const enrichUser: ({ auth0User, accessToken, userHasSelectedSeller, }: {
|
|
3
|
+
auth0User: Auth0User;
|
|
4
|
+
accessToken: string | null;
|
|
5
|
+
userHasSelectedSeller: boolean;
|
|
6
|
+
}) => Promise<SessionUser | IncompleteSessionUser>;
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var jose = require('jose');
|
|
4
|
+
var user = require('../../types/auth0/user.js');
|
|
5
|
+
var getSeller = require('../../api/seller/getSeller.js');
|
|
6
|
+
require('../../api/seller/client.js');
|
|
7
|
+
|
|
8
|
+
const enrichUser = async ({ auth0User, accessToken, userHasSelectedSeller = false, }) => {
|
|
9
|
+
if (!accessToken) {
|
|
10
|
+
throw new Error('Please provide an access token to enrich the user');
|
|
11
|
+
}
|
|
12
|
+
const decodedToken = jose.decodeJwt(accessToken);
|
|
13
|
+
const isMultiTenantUser = !!decodedToken.isMultiTenantUser;
|
|
14
|
+
const forceTenantSelection = isMultiTenantUser && !userHasSelectedSeller;
|
|
15
|
+
const sellerId = parseInt(decodedToken.sellerIds[0], 10);
|
|
16
|
+
const commonUser = {
|
|
17
|
+
...auth0User,
|
|
18
|
+
isImpersonated: !!decodedToken.isImpersonated,
|
|
19
|
+
userId: decodedToken.user_id.toString(),
|
|
20
|
+
forceTenantSelection,
|
|
21
|
+
isMultiTenantUser,
|
|
22
|
+
};
|
|
23
|
+
const seller = await getSeller.getSeller({
|
|
24
|
+
sellerId: Number(sellerId),
|
|
25
|
+
});
|
|
26
|
+
if (!seller) {
|
|
27
|
+
// eslint-disable-next-line no-console
|
|
28
|
+
console.warn(`[Auth-package] Could not load seller for sellerId ${sellerId}`);
|
|
29
|
+
}
|
|
30
|
+
const enrichedUser = {
|
|
31
|
+
...commonUser,
|
|
32
|
+
userType: seller?.type ?? user.Auth0UserType.Private,
|
|
33
|
+
sellerId: sellerId.toString(),
|
|
34
|
+
};
|
|
35
|
+
return enrichedUser;
|
|
36
|
+
};
|
|
37
|
+
|
|
38
|
+
exports.enrichUser = enrichUser;
|
|
39
|
+
//# sourceMappingURL=auth0.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth0.js","sources":["../../../../../src/lib/enrichUser/auth0.ts"],"sourcesContent":[null],"names":["decodeJwt","getSeller","Auth0UserType"],"mappings":";;;;;;;AAWO,MAAM,UAAU,GAAG,OAAO,EAC/B,SAAS,EACT,WAAW,EACX,qBAAqB,GAAG,KAAK,GAK9B,KAAkD;IACjD,IAAI,CAAC,WAAW,EAAE;AAChB,QAAA,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC;IACtE;AAEA,IAAA,MAAM,YAAY,GAAGA,cAAS,CAAkB,WAAW,CAAC;AAC5D,IAAA,MAAM,iBAAiB,GAAG,CAAC,CAAC,YAAY,CAAC,iBAAiB;AAC1D,IAAA,MAAM,oBAAoB,GAAG,iBAAiB,IAAI,CAAC,qBAAqB;AACxE,IAAA,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;AACxD,IAAA,MAAM,UAAU,GAA0B;AACxC,QAAA,GAAG,SAAS;AACZ,QAAA,cAAc,EAAE,CAAC,CAAC,YAAY,CAAC,cAAc;AAC7C,QAAA,MAAM,EAAE,YAAY,CAAC,OAAO,CAAC,QAAQ,EAAE;QACvC,oBAAoB;QACpB,iBAAiB;KAClB;AAED,IAAA,MAAM,MAAM,GAAG,MAAMC,mBAAS,CAAC;AAC7B,QAAA,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC;AAC3B,KAAA,CAAC;IAEF,IAAI,CAAC,MAAM,EAAE;;AAEX,QAAA,OAAO,CAAC,IAAI,CACV,qDAAqD,QAAQ,CAAA,CAAE,CAChE;IACH;AAEA,IAAA,MAAM,YAAY,GAAgB;AAChC,QAAA,GAAG,UAAU;AACb,QAAA,QAAQ,EAAE,MAAM,EAAE,IAAI,IAAIC,kBAAa,CAAC,OAAO;AAC/C,QAAA,QAAQ,EAAE,QAAQ,CAAC,QAAQ,EAAE;KAC9B;AACD,IAAA,OAAO,YAAY;AACrB;;;;"}
|
|
@@ -2,6 +2,8 @@
|
|
|
2
2
|
|
|
3
3
|
var server = require('@auth0/nextjs-auth0/server');
|
|
4
4
|
var auth0 = require('../config/auth0.js');
|
|
5
|
+
var onCallbackFactory = require('./hooks/onCallbackFactory.js');
|
|
6
|
+
var beforeSessionSavedFactory = require('./hooks/beforeSessionSavedFactory.js');
|
|
5
7
|
|
|
6
8
|
const instances = {};
|
|
7
9
|
const buildInstanceKey = ({ host, isProxied, protocol, }) => {
|
|
@@ -31,6 +33,8 @@ const getAuth0Instance = ({ protocol, host, isProxied, }) => {
|
|
|
31
33
|
scope: auth0Config.scopes,
|
|
32
34
|
audience: auth0Config.audience,
|
|
33
35
|
},
|
|
36
|
+
beforeSessionSaved: beforeSessionSavedFactory.beforeSessionSavedFactory(auth0Config),
|
|
37
|
+
onCallback: onCallbackFactory.onCallbackFactory({ auth0Config, appBaseUrl }),
|
|
34
38
|
});
|
|
35
39
|
instances[key] = newInstance;
|
|
36
40
|
return newInstance;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getAuth0Instance.js","sources":["../../../../src/server/getAuth0Instance.ts"],"sourcesContent":[null],"names":["getAuth0Config","Auth0Client"],"mappings":"
|
|
1
|
+
{"version":3,"file":"getAuth0Instance.js","sources":["../../../../src/server/getAuth0Instance.ts"],"sourcesContent":[null],"names":["getAuth0Config","Auth0Client","beforeSessionSavedFactory","onCallbackFactory"],"mappings":";;;;;;;AAQA,MAAM,SAAS,GAAmB,EAAE;AAQpC,MAAM,gBAAgB,GAAG,CAAC,EACxB,IAAI,EACJ,SAAS,EACT,QAAQ,GACgB,KAAI;AAC5B,IAAA,OAAO,GAAG,QAAQ,CAAA,CAAA,EAAI,IAAI,CAAA,WAAA,EAAc,SAAS,EAAE;AACrD,CAAC;AAEM,MAAM,gBAAgB,GAAG,CAAC,EAC/B,QAAQ,EACR,IAAI,EACJ,SAAS,GACe,KAAiB;AACzC,IAAA,MAAM,GAAG,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AAC3D,IAAA,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC;IAC/B,IAAI,QAAQ,EAAE;AACZ,QAAA,OAAO,QAAQ;IACjB;IAEA,MAAM,WAAW,GAAGA,oBAAc,CAAC,EAAE,SAAS,EAAE,CAAC;AACjD,IAAA,MAAM,UAAU,GAAG,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,EAAE;AAC1C,IAAA,MAAM,WAAW,GAAG,IAAIC,kBAAW,CAAC;QAClC,UAAU;AACV,QAAA,MAAM,EAAE;YACN,KAAK,EAAE,WAAW,CAAC,aAAa;YAChC,MAAM,EAAE,WAAW,CAAC,cAAc;YAClC,QAAQ,EAAE,WAAW,CAAC,gBAAgB;AACvC,SAAA;AACD,QAAA,OAAO,EAAE;AACP,YAAA,MAAM,EAAE;gBACN,IAAI,EAAE,WAAW,CAAC,iBAAiB;AACpC,aAAA;AACF,SAAA;AACD,QAAA,uBAAuB,EAAE;YACvB,KAAK,EAAE,WAAW,CAAC,MAAM;YACzB,QAAQ,EAAE,WAAW,CAAC,QAAQ;AAC/B,SAAA;AACD,QAAA,kBAAkB,EAAEC,mDAAyB,CAAC,WAAW,CAAC;QAC1D,UAAU,EAAEC,mCAAiB,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE,CAAC;AAC3D,KAAA,CAAC;AACF,IAAA,SAAS,CAAC,GAAG,CAAC,GAAG,WAAW;AAC5B,IAAA,OAAO,WAAW;AACpB;;;;"}
|
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
import { SessionData } from '@auth0/nextjs-auth0/types';
|
|
2
|
+
import { Auth0Config } from 'src/types';
|
|
3
|
+
export declare const beforeSessionSavedFactory: (auth0Config: Auth0Config) => ({ user, internal, tokenSet: { accessToken, refreshToken, expiresAt }, }: SessionData) => Promise<SessionData>;
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var headers = require('next/headers');
|
|
4
|
+
var auth0 = require('../../lib/enrichUser/auth0.js');
|
|
5
|
+
|
|
6
|
+
const beforeSessionSavedFactory = (auth0Config) => async ({ user, internal, tokenSet: { accessToken, refreshToken, expiresAt }, }) => {
|
|
7
|
+
const cookieStore = await headers.cookies();
|
|
8
|
+
const selectedSellerId = cookieStore.get(auth0Config.selectedSellerIdCookie.name)?.value ?? null;
|
|
9
|
+
const enrichedUser = await auth0.enrichUser({
|
|
10
|
+
accessToken,
|
|
11
|
+
auth0User: user,
|
|
12
|
+
userHasSelectedSeller: !!selectedSellerId,
|
|
13
|
+
});
|
|
14
|
+
return {
|
|
15
|
+
user: enrichedUser,
|
|
16
|
+
tokenSet: { accessToken, refreshToken, expiresAt },
|
|
17
|
+
internal,
|
|
18
|
+
};
|
|
19
|
+
};
|
|
20
|
+
|
|
21
|
+
exports.beforeSessionSavedFactory = beforeSessionSavedFactory;
|
|
22
|
+
//# sourceMappingURL=beforeSessionSavedFactory.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"beforeSessionSavedFactory.js","sources":["../../../../../src/server/hooks/beforeSessionSavedFactory.ts"],"sourcesContent":[null],"names":["cookies","enrichUser"],"mappings":";;;;;AAMO,MAAM,yBAAyB,GACpC,CAAC,WAAwB,KACzB,OAAO,EACL,IAAI,EACJ,QAAQ,EACR,QAAQ,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE,GACtC,KAA0B;AACtC,IAAA,MAAM,WAAW,GAAG,MAAMA,eAAO,EAAE;AACnC,IAAA,MAAM,gBAAgB,GACpB,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,KAAK,IAAI,IAAI;AAEzE,IAAA,MAAM,YAAY,GAAG,MAAMC,gBAAU,CAAC;QACpC,WAAW;AACX,QAAA,SAAS,EAAE,IAAiB;QAC5B,qBAAqB,EAAE,CAAC,CAAC,gBAAgB;AAC1C,KAAA,CAAC;IAEF,OAAO;AACL,QAAA,IAAI,EAAE,YAAY;AAClB,QAAA,QAAQ,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE;QAClD,QAAQ;KACT;AACH;;;;"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { NextResponse } from 'next/server';
|
|
2
|
+
import type { OnCallbackContext, SessionData } from '@auth0/nextjs-auth0/types';
|
|
3
|
+
import type { SdkError } from '@auth0/nextjs-auth0/errors';
|
|
4
|
+
import { Auth0Config } from 'src/types';
|
|
5
|
+
export declare const onCallbackFactory: ({ auth0Config, appBaseUrl, }: {
|
|
6
|
+
auth0Config: Auth0Config;
|
|
7
|
+
appBaseUrl: string;
|
|
8
|
+
}) => (_error: SdkError | null, context: OnCallbackContext, session: SessionData | null) => Promise<NextResponse>;
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var server = require('next/server');
|
|
4
|
+
var headers = require('next/headers');
|
|
5
|
+
var jose = require('jose');
|
|
6
|
+
|
|
7
|
+
const createCallbackResponse = (context, appBaseUrl) => server.NextResponse.redirect(new URL(context.returnTo || '/', appBaseUrl));
|
|
8
|
+
const onCallbackFactory = ({ auth0Config, appBaseUrl, }) => async (_error, context, session) => {
|
|
9
|
+
if (!session?.tokenSet?.accessToken) {
|
|
10
|
+
return createCallbackResponse(context, appBaseUrl);
|
|
11
|
+
}
|
|
12
|
+
const cookieStore = await headers.cookies();
|
|
13
|
+
let selectedSellerId = cookieStore.get(auth0Config.selectedSellerIdCookie.name)?.value ?? null;
|
|
14
|
+
const decodedToken = session.tokenSet.accessToken
|
|
15
|
+
? jose.decodeJwt(session.tokenSet.accessToken)
|
|
16
|
+
: null;
|
|
17
|
+
const availableSellerIds = decodedToken?.sellerIds ?? null;
|
|
18
|
+
if (availableSellerIds &&
|
|
19
|
+
selectedSellerId &&
|
|
20
|
+
Array.isArray(availableSellerIds) &&
|
|
21
|
+
availableSellerIds.length > 0 &&
|
|
22
|
+
!availableSellerIds.includes(selectedSellerId)) {
|
|
23
|
+
// for the edge case where the selected seller id is not in the list of available seller ids
|
|
24
|
+
// force update the cookie to the first available seller id
|
|
25
|
+
// they may happen when a user uses multiple accounts with different seller ids
|
|
26
|
+
selectedSellerId = availableSellerIds[0].toString();
|
|
27
|
+
}
|
|
28
|
+
const response = createCallbackResponse(context, appBaseUrl);
|
|
29
|
+
if (selectedSellerId) {
|
|
30
|
+
response.cookies.set(auth0Config.selectedSellerIdCookie.name, selectedSellerId, auth0Config.selectedSellerIdCookie);
|
|
31
|
+
}
|
|
32
|
+
const impersonatedSellerId = decodedToken?.isImpersonated
|
|
33
|
+
? decodedToken.sellerIds[0]
|
|
34
|
+
: null;
|
|
35
|
+
if (impersonatedSellerId) {
|
|
36
|
+
response.cookies.set(auth0Config.impersonatedSellerIdCookie.name, impersonatedSellerId, auth0Config.impersonatedSellerIdCookie);
|
|
37
|
+
}
|
|
38
|
+
return response;
|
|
39
|
+
};
|
|
40
|
+
|
|
41
|
+
exports.onCallbackFactory = onCallbackFactory;
|
|
42
|
+
//# sourceMappingURL=onCallbackFactory.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"onCallbackFactory.js","sources":["../../../../../src/server/hooks/onCallbackFactory.ts"],"sourcesContent":[null],"names":["NextResponse","cookies","decodeJwt"],"mappings":";;;;;;AASA,MAAM,sBAAsB,GAAG,CAC7B,OAA0B,EAC1B,UAAkB,KACfA,mBAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,GAAG,EAAE,UAAU,CAAC,CAAC;MAE3D,iBAAiB,GAC5B,CAAC,EACC,WAAW,EACX,UAAU,GAIX,KACD,OACE,MAAuB,EACvB,OAA0B,EAC1B,OAA2B,KACF;AACzB,IAAA,IAAI,CAAC,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE;AACnC,QAAA,OAAO,sBAAsB,CAAC,OAAO,EAAE,UAAU,CAAC;IACpD;AAEA,IAAA,MAAM,WAAW,GAAG,MAAMC,eAAO,EAAE;AACnC,IAAA,IAAI,gBAAgB,GAClB,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,KAAK,IAAI,IAAI;AAEzE,IAAA,MAAM,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC;UAClCC,cAAS,CAAkB,OAAO,CAAC,QAAQ,CAAC,WAAW;UACvD,IAAI;AACR,IAAA,MAAM,kBAAkB,GAAG,YAAY,EAAE,SAAS,IAAI,IAAI;AAE1D,IAAA,IACE,kBAAkB;QAClB,gBAAgB;AAChB,QAAA,KAAK,CAAC,OAAO,CAAC,kBAAkB,CAAC;QACjC,kBAAkB,CAAC,MAAM,GAAG,CAAC;AAC7B,QAAA,CAAC,kBAAkB,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAC9C;;;;QAIA,gBAAgB,GAAG,kBAAkB,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACrD;IAEA,MAAM,QAAQ,GAAG,sBAAsB,CAAC,OAAO,EAAE,UAAU,CAAC;IAE5D,IAAI,gBAAgB,EAAE;AACpB,QAAA,QAAQ,CAAC,OAAO,CAAC,GAAG,CAClB,WAAW,CAAC,sBAAsB,CAAC,IAAI,EACvC,gBAAgB,EAChB,WAAW,CAAC,sBAAsB,CACnC;IACH;AAEA,IAAA,MAAM,oBAAoB,GAAG,YAAY,EAAE;AACzC,UAAE,YAAY,CAAC,SAAS,CAAC,CAAC;UACxB,IAAI;IAER,IAAI,oBAAoB,EAAE;AACxB,QAAA,QAAQ,CAAC,OAAO,CAAC,GAAG,CAClB,WAAW,CAAC,0BAA0B,CAAC,IAAI,EAC3C,oBAAoB,EACpB,WAAW,CAAC,0BAA0B,CACvC;IACH;AAEA,IAAA,OAAO,QAAQ;AACjB;;;;"}
|
|
@@ -30,14 +30,16 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
30
30
|
const auth0Instance = getAuth0Instance.getAuth0Instance({ host, protocol, isProxied });
|
|
31
31
|
const auth0Config = auth0.getAuth0Config({ isProxied });
|
|
32
32
|
const isAuthErrorRoute = pathname.endsWith(auth0Config.globalAuthErrorPath);
|
|
33
|
+
const isProtected = !isAuthErrorRoute && isProtectedRoute(pathname);
|
|
33
34
|
const authResponse = await auth0Instance.middleware(request);
|
|
34
|
-
if (
|
|
35
|
-
isAuthRoute(pathname, auth0Config) ||
|
|
36
|
-
!isProtectedRoute(pathname)) {
|
|
35
|
+
if (isAuthRoute(pathname, auth0Config)) {
|
|
37
36
|
return authResponse;
|
|
38
37
|
}
|
|
39
38
|
const session = await auth0Instance.getSession(request);
|
|
40
|
-
if (!session) {
|
|
39
|
+
if (!isProtected && !session?.user) {
|
|
40
|
+
return authResponse;
|
|
41
|
+
}
|
|
42
|
+
if (!session && isProtected) {
|
|
41
43
|
return redirectToLogin({
|
|
42
44
|
auth0Config,
|
|
43
45
|
language,
|
|
@@ -52,6 +54,9 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
52
54
|
catch (error) {
|
|
53
55
|
const authError = error;
|
|
54
56
|
onError?.(authError);
|
|
57
|
+
if (!isProtected) {
|
|
58
|
+
return authResponse;
|
|
59
|
+
}
|
|
55
60
|
return redirectToLogin({
|
|
56
61
|
auth0Config,
|
|
57
62
|
language,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.js","sources":["../../../../src/server/middleware.ts"],"sourcesContent":[null],"names":["getLoginLink","NextResponse","getAuth0Instance","getAuth0Config"],"mappings":";;;;;;;AAWA,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAI;IACH,MAAM,QAAQ,GAAGA,sBAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAOC,mBAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ,CAAC;AAED,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,SAAS,EACT,OAAO,GASR,KAA2B;IAC1B,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;AACpD,IAAA,MAAM,aAAa,GAAGC,iCAAgB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAErE,MAAM,WAAW,GAAGC,oBAAc,CAAC,EAAE,SAAS,EAAE,CAAC;IACjD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;
|
|
1
|
+
{"version":3,"file":"middleware.js","sources":["../../../../src/server/middleware.ts"],"sourcesContent":[null],"names":["getLoginLink","NextResponse","getAuth0Instance","getAuth0Config"],"mappings":";;;;;;;AAWA,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAI;IACH,MAAM,QAAQ,GAAGA,sBAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAOC,mBAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ,CAAC;AAED,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,SAAS,EACT,OAAO,GASR,KAA2B;IAC1B,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;AACpD,IAAA,MAAM,aAAa,GAAGC,iCAAgB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAErE,MAAM,WAAW,GAAGC,oBAAc,CAAC,EAAE,SAAS,EAAE,CAAC;IACjD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC3E,MAAM,WAAW,GAAG,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,QAAQ,CAAC;IAEnE,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;AAE5D,IAAA,IAAI,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE;AACtC,QAAA,OAAO,YAAY;IACrB;IAEA,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClC,QAAA,OAAO,YAAY;IACrB;AAEA,IAAA,IAAI,CAAC,OAAO,IAAI,WAAW,EAAE;AAC3B,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;;QAEF,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,CAAC;IAC3D;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;AACnC,QAAA,OAAO,GAAG,SAAS,CAAC;QAEpB,IAAI,CAAC,WAAW,EAAE;AAChB,YAAA,OAAO,YAAY;QACrB;AAEA,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,MAAM,2BAA2B,GAAGF,mBAAY,CAAC,IAAI,CAAC;AACpD,QAAA,OAAO,EAAE;YACP,OAAO,EAAE,OAAO,CAAC,OAAO;AACzB,SAAA;AACF,KAAA,CAAC;IACF,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,KAAI;QAC1C,2BAA2B,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC;AACrD,IAAA,CAAC,CAAC;AAEF,IAAA,OAAO,2BAA2B;AACpC;;;;"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"baseUrl.js","sources":["../../../../src/api/baseUrl.ts"],"sourcesContent":[null],"names":[],"mappings":"AAAA,MAAM,SAAS,GAAG;AAChB,IAAA,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ;AAC7B,IAAA,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,WAAW;CAC3B;AAEH,MAAM,OAAO,GAAG,CAAA,QAAA,EAAW,SAAS,CAAC,OAAO,CAAA,CAAA,EAAI,SAAS,CAAC,UAAU;;;;"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { ApiClient } from '@smg-automotive/api-client-pkg';
|
|
2
|
+
import { baseUrl } from '../baseUrl.js';
|
|
3
|
+
|
|
4
|
+
const sellerClient = ApiClient({
|
|
5
|
+
baseUrl,
|
|
6
|
+
headers: {
|
|
7
|
+
'Content-Type': 'application/json',
|
|
8
|
+
},
|
|
9
|
+
});
|
|
10
|
+
|
|
11
|
+
export { sellerClient };
|
|
12
|
+
//# sourceMappingURL=client.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"client.js","sources":["../../../../../src/api/seller/client.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAeO,MAAM,YAAY,GAErB,SAAS,CAA4B;IACvC,OAAO;AACP,IAAA,OAAO,EAAE;AACP,QAAA,cAAc,EAAE,kBAAkB;AACnC,KAAA;AACF,CAAA;;;;"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import { sellerClient } from './client.js';
|
|
2
|
+
|
|
3
|
+
const getSeller = async ({ sellerId }) => {
|
|
4
|
+
const response = await sellerClient
|
|
5
|
+
.path('sellers/{sellerId}', {
|
|
6
|
+
sellerId,
|
|
7
|
+
})
|
|
8
|
+
.get();
|
|
9
|
+
if (response.ok) {
|
|
10
|
+
return response.body;
|
|
11
|
+
}
|
|
12
|
+
if (response.status === 404) {
|
|
13
|
+
return null;
|
|
14
|
+
}
|
|
15
|
+
throw new Error(response.statusText);
|
|
16
|
+
};
|
|
17
|
+
|
|
18
|
+
export { getSeller };
|
|
19
|
+
//# sourceMappingURL=getSeller.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"getSeller.js","sources":["../../../../../src/api/seller/getSeller.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAEO,MAAM,SAAS,GAAG,OAAO,EAAE,QAAQ,EAAwB,KAAI;IACpE,MAAM,QAAQ,GAAG,MAAM;SACpB,IAAI,CAAC,oBAAoB,EAAE;QAC1B,QAAQ;KACT;AACA,SAAA,GAAG,EAAE;AAER,IAAA,IAAI,QAAQ,CAAC,EAAE,EAAE;QACf,OAAO,QAAQ,CAAC,IAAI;IACtB;AAEA,IAAA,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;AAC3B,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC;AACtC;;;;"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { Auth0User, type IncompleteSessionUser, type SessionUser } from 'src/types';
|
|
2
|
+
export declare const enrichUser: ({ auth0User, accessToken, userHasSelectedSeller, }: {
|
|
3
|
+
auth0User: Auth0User;
|
|
4
|
+
accessToken: string | null;
|
|
5
|
+
userHasSelectedSeller: boolean;
|
|
6
|
+
}) => Promise<SessionUser | IncompleteSessionUser>;
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
import { decodeJwt } from 'jose';
|
|
2
|
+
import { Auth0UserType } from '../../types/auth0/user.js';
|
|
3
|
+
import { getSeller } from '../../api/seller/getSeller.js';
|
|
4
|
+
import '../../api/seller/client.js';
|
|
5
|
+
|
|
6
|
+
const enrichUser = async ({ auth0User, accessToken, userHasSelectedSeller = false, }) => {
|
|
7
|
+
if (!accessToken) {
|
|
8
|
+
throw new Error('Please provide an access token to enrich the user');
|
|
9
|
+
}
|
|
10
|
+
const decodedToken = decodeJwt(accessToken);
|
|
11
|
+
const isMultiTenantUser = !!decodedToken.isMultiTenantUser;
|
|
12
|
+
const forceTenantSelection = isMultiTenantUser && !userHasSelectedSeller;
|
|
13
|
+
const sellerId = parseInt(decodedToken.sellerIds[0], 10);
|
|
14
|
+
const commonUser = {
|
|
15
|
+
...auth0User,
|
|
16
|
+
isImpersonated: !!decodedToken.isImpersonated,
|
|
17
|
+
userId: decodedToken.user_id.toString(),
|
|
18
|
+
forceTenantSelection,
|
|
19
|
+
isMultiTenantUser,
|
|
20
|
+
};
|
|
21
|
+
const seller = await getSeller({
|
|
22
|
+
sellerId: Number(sellerId),
|
|
23
|
+
});
|
|
24
|
+
if (!seller) {
|
|
25
|
+
// eslint-disable-next-line no-console
|
|
26
|
+
console.warn(`[Auth-package] Could not load seller for sellerId ${sellerId}`);
|
|
27
|
+
}
|
|
28
|
+
const enrichedUser = {
|
|
29
|
+
...commonUser,
|
|
30
|
+
userType: seller?.type ?? Auth0UserType.Private,
|
|
31
|
+
sellerId: sellerId.toString(),
|
|
32
|
+
};
|
|
33
|
+
return enrichedUser;
|
|
34
|
+
};
|
|
35
|
+
|
|
36
|
+
export { enrichUser };
|
|
37
|
+
//# sourceMappingURL=auth0.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth0.js","sources":["../../../../../src/lib/enrichUser/auth0.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAWO,MAAM,UAAU,GAAG,OAAO,EAC/B,SAAS,EACT,WAAW,EACX,qBAAqB,GAAG,KAAK,GAK9B,KAAkD;IACjD,IAAI,CAAC,WAAW,EAAE;AAChB,QAAA,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC;IACtE;AAEA,IAAA,MAAM,YAAY,GAAG,SAAS,CAAkB,WAAW,CAAC;AAC5D,IAAA,MAAM,iBAAiB,GAAG,CAAC,CAAC,YAAY,CAAC,iBAAiB;AAC1D,IAAA,MAAM,oBAAoB,GAAG,iBAAiB,IAAI,CAAC,qBAAqB;AACxE,IAAA,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;AACxD,IAAA,MAAM,UAAU,GAA0B;AACxC,QAAA,GAAG,SAAS;AACZ,QAAA,cAAc,EAAE,CAAC,CAAC,YAAY,CAAC,cAAc;AAC7C,QAAA,MAAM,EAAE,YAAY,CAAC,OAAO,CAAC,QAAQ,EAAE;QACvC,oBAAoB;QACpB,iBAAiB;KAClB;AAED,IAAA,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC;AAC7B,QAAA,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC;AAC3B,KAAA,CAAC;IAEF,IAAI,CAAC,MAAM,EAAE;;AAEX,QAAA,OAAO,CAAC,IAAI,CACV,qDAAqD,QAAQ,CAAA,CAAE,CAChE;IACH;AAEA,IAAA,MAAM,YAAY,GAAgB;AAChC,QAAA,GAAG,UAAU;AACb,QAAA,QAAQ,EAAE,MAAM,EAAE,IAAI,IAAI,aAAa,CAAC,OAAO;AAC/C,QAAA,QAAQ,EAAE,QAAQ,CAAC,QAAQ,EAAE;KAC9B;AACD,IAAA,OAAO,YAAY;AACrB;;;;"}
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
2
2
|
import { getAuth0Config } from '../config/auth0.js';
|
|
3
|
+
import { onCallbackFactory } from './hooks/onCallbackFactory.js';
|
|
4
|
+
import { beforeSessionSavedFactory } from './hooks/beforeSessionSavedFactory.js';
|
|
3
5
|
|
|
4
6
|
const instances = {};
|
|
5
7
|
const buildInstanceKey = ({ host, isProxied, protocol, }) => {
|
|
@@ -29,6 +31,8 @@ const getAuth0Instance = ({ protocol, host, isProxied, }) => {
|
|
|
29
31
|
scope: auth0Config.scopes,
|
|
30
32
|
audience: auth0Config.audience,
|
|
31
33
|
},
|
|
34
|
+
beforeSessionSaved: beforeSessionSavedFactory(auth0Config),
|
|
35
|
+
onCallback: onCallbackFactory({ auth0Config, appBaseUrl }),
|
|
32
36
|
});
|
|
33
37
|
instances[key] = newInstance;
|
|
34
38
|
return newInstance;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getAuth0Instance.js","sources":["../../../../src/server/getAuth0Instance.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"getAuth0Instance.js","sources":["../../../../src/server/getAuth0Instance.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAQA,MAAM,SAAS,GAAmB,EAAE;AAQpC,MAAM,gBAAgB,GAAG,CAAC,EACxB,IAAI,EACJ,SAAS,EACT,QAAQ,GACgB,KAAI;AAC5B,IAAA,OAAO,GAAG,QAAQ,CAAA,CAAA,EAAI,IAAI,CAAA,WAAA,EAAc,SAAS,EAAE;AACrD,CAAC;AAEM,MAAM,gBAAgB,GAAG,CAAC,EAC/B,QAAQ,EACR,IAAI,EACJ,SAAS,GACe,KAAiB;AACzC,IAAA,MAAM,GAAG,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AAC3D,IAAA,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC;IAC/B,IAAI,QAAQ,EAAE;AACZ,QAAA,OAAO,QAAQ;IACjB;IAEA,MAAM,WAAW,GAAG,cAAc,CAAC,EAAE,SAAS,EAAE,CAAC;AACjD,IAAA,MAAM,UAAU,GAAG,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,EAAE;AAC1C,IAAA,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC;QAClC,UAAU;AACV,QAAA,MAAM,EAAE;YACN,KAAK,EAAE,WAAW,CAAC,aAAa;YAChC,MAAM,EAAE,WAAW,CAAC,cAAc;YAClC,QAAQ,EAAE,WAAW,CAAC,gBAAgB;AACvC,SAAA;AACD,QAAA,OAAO,EAAE;AACP,YAAA,MAAM,EAAE;gBACN,IAAI,EAAE,WAAW,CAAC,iBAAiB;AACpC,aAAA;AACF,SAAA;AACD,QAAA,uBAAuB,EAAE;YACvB,KAAK,EAAE,WAAW,CAAC,MAAM;YACzB,QAAQ,EAAE,WAAW,CAAC,QAAQ;AAC/B,SAAA;AACD,QAAA,kBAAkB,EAAE,yBAAyB,CAAC,WAAW,CAAC;QAC1D,UAAU,EAAE,iBAAiB,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE,CAAC;AAC3D,KAAA,CAAC;AACF,IAAA,SAAS,CAAC,GAAG,CAAC,GAAG,WAAW;AAC5B,IAAA,OAAO,WAAW;AACpB;;;;"}
|
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
import { SessionData } from '@auth0/nextjs-auth0/types';
|
|
2
|
+
import { Auth0Config } from 'src/types';
|
|
3
|
+
export declare const beforeSessionSavedFactory: (auth0Config: Auth0Config) => ({ user, internal, tokenSet: { accessToken, refreshToken, expiresAt }, }: SessionData) => Promise<SessionData>;
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import { cookies } from 'next/headers';
|
|
2
|
+
import { enrichUser } from '../../lib/enrichUser/auth0.js';
|
|
3
|
+
|
|
4
|
+
const beforeSessionSavedFactory = (auth0Config) => async ({ user, internal, tokenSet: { accessToken, refreshToken, expiresAt }, }) => {
|
|
5
|
+
const cookieStore = await cookies();
|
|
6
|
+
const selectedSellerId = cookieStore.get(auth0Config.selectedSellerIdCookie.name)?.value ?? null;
|
|
7
|
+
const enrichedUser = await enrichUser({
|
|
8
|
+
accessToken,
|
|
9
|
+
auth0User: user,
|
|
10
|
+
userHasSelectedSeller: !!selectedSellerId,
|
|
11
|
+
});
|
|
12
|
+
return {
|
|
13
|
+
user: enrichedUser,
|
|
14
|
+
tokenSet: { accessToken, refreshToken, expiresAt },
|
|
15
|
+
internal,
|
|
16
|
+
};
|
|
17
|
+
};
|
|
18
|
+
|
|
19
|
+
export { beforeSessionSavedFactory };
|
|
20
|
+
//# sourceMappingURL=beforeSessionSavedFactory.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"beforeSessionSavedFactory.js","sources":["../../../../../src/server/hooks/beforeSessionSavedFactory.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAMO,MAAM,yBAAyB,GACpC,CAAC,WAAwB,KACzB,OAAO,EACL,IAAI,EACJ,QAAQ,EACR,QAAQ,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE,GACtC,KAA0B;AACtC,IAAA,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE;AACnC,IAAA,MAAM,gBAAgB,GACpB,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,KAAK,IAAI,IAAI;AAEzE,IAAA,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC;QACpC,WAAW;AACX,QAAA,SAAS,EAAE,IAAiB;QAC5B,qBAAqB,EAAE,CAAC,CAAC,gBAAgB;AAC1C,KAAA,CAAC;IAEF,OAAO;AACL,QAAA,IAAI,EAAE,YAAY;AAClB,QAAA,QAAQ,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE;QAClD,QAAQ;KACT;AACH;;;;"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { NextResponse } from 'next/server';
|
|
2
|
+
import type { OnCallbackContext, SessionData } from '@auth0/nextjs-auth0/types';
|
|
3
|
+
import type { SdkError } from '@auth0/nextjs-auth0/errors';
|
|
4
|
+
import { Auth0Config } from 'src/types';
|
|
5
|
+
export declare const onCallbackFactory: ({ auth0Config, appBaseUrl, }: {
|
|
6
|
+
auth0Config: Auth0Config;
|
|
7
|
+
appBaseUrl: string;
|
|
8
|
+
}) => (_error: SdkError | null, context: OnCallbackContext, session: SessionData | null) => Promise<NextResponse>;
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
import { NextResponse } from 'next/server';
|
|
2
|
+
import { cookies } from 'next/headers';
|
|
3
|
+
import { decodeJwt } from 'jose';
|
|
4
|
+
|
|
5
|
+
const createCallbackResponse = (context, appBaseUrl) => NextResponse.redirect(new URL(context.returnTo || '/', appBaseUrl));
|
|
6
|
+
const onCallbackFactory = ({ auth0Config, appBaseUrl, }) => async (_error, context, session) => {
|
|
7
|
+
if (!session?.tokenSet?.accessToken) {
|
|
8
|
+
return createCallbackResponse(context, appBaseUrl);
|
|
9
|
+
}
|
|
10
|
+
const cookieStore = await cookies();
|
|
11
|
+
let selectedSellerId = cookieStore.get(auth0Config.selectedSellerIdCookie.name)?.value ?? null;
|
|
12
|
+
const decodedToken = session.tokenSet.accessToken
|
|
13
|
+
? decodeJwt(session.tokenSet.accessToken)
|
|
14
|
+
: null;
|
|
15
|
+
const availableSellerIds = decodedToken?.sellerIds ?? null;
|
|
16
|
+
if (availableSellerIds &&
|
|
17
|
+
selectedSellerId &&
|
|
18
|
+
Array.isArray(availableSellerIds) &&
|
|
19
|
+
availableSellerIds.length > 0 &&
|
|
20
|
+
!availableSellerIds.includes(selectedSellerId)) {
|
|
21
|
+
// for the edge case where the selected seller id is not in the list of available seller ids
|
|
22
|
+
// force update the cookie to the first available seller id
|
|
23
|
+
// they may happen when a user uses multiple accounts with different seller ids
|
|
24
|
+
selectedSellerId = availableSellerIds[0].toString();
|
|
25
|
+
}
|
|
26
|
+
const response = createCallbackResponse(context, appBaseUrl);
|
|
27
|
+
if (selectedSellerId) {
|
|
28
|
+
response.cookies.set(auth0Config.selectedSellerIdCookie.name, selectedSellerId, auth0Config.selectedSellerIdCookie);
|
|
29
|
+
}
|
|
30
|
+
const impersonatedSellerId = decodedToken?.isImpersonated
|
|
31
|
+
? decodedToken.sellerIds[0]
|
|
32
|
+
: null;
|
|
33
|
+
if (impersonatedSellerId) {
|
|
34
|
+
response.cookies.set(auth0Config.impersonatedSellerIdCookie.name, impersonatedSellerId, auth0Config.impersonatedSellerIdCookie);
|
|
35
|
+
}
|
|
36
|
+
return response;
|
|
37
|
+
};
|
|
38
|
+
|
|
39
|
+
export { onCallbackFactory };
|
|
40
|
+
//# sourceMappingURL=onCallbackFactory.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"onCallbackFactory.js","sources":["../../../../../src/server/hooks/onCallbackFactory.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;AASA,MAAM,sBAAsB,GAAG,CAC7B,OAA0B,EAC1B,UAAkB,KACf,YAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,GAAG,EAAE,UAAU,CAAC,CAAC;MAE3D,iBAAiB,GAC5B,CAAC,EACC,WAAW,EACX,UAAU,GAIX,KACD,OACE,MAAuB,EACvB,OAA0B,EAC1B,OAA2B,KACF;AACzB,IAAA,IAAI,CAAC,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE;AACnC,QAAA,OAAO,sBAAsB,CAAC,OAAO,EAAE,UAAU,CAAC;IACpD;AAEA,IAAA,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE;AACnC,IAAA,IAAI,gBAAgB,GAClB,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,KAAK,IAAI,IAAI;AAEzE,IAAA,MAAM,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC;UAClC,SAAS,CAAkB,OAAO,CAAC,QAAQ,CAAC,WAAW;UACvD,IAAI;AACR,IAAA,MAAM,kBAAkB,GAAG,YAAY,EAAE,SAAS,IAAI,IAAI;AAE1D,IAAA,IACE,kBAAkB;QAClB,gBAAgB;AAChB,QAAA,KAAK,CAAC,OAAO,CAAC,kBAAkB,CAAC;QACjC,kBAAkB,CAAC,MAAM,GAAG,CAAC;AAC7B,QAAA,CAAC,kBAAkB,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAC9C;;;;QAIA,gBAAgB,GAAG,kBAAkB,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACrD;IAEA,MAAM,QAAQ,GAAG,sBAAsB,CAAC,OAAO,EAAE,UAAU,CAAC;IAE5D,IAAI,gBAAgB,EAAE;AACpB,QAAA,QAAQ,CAAC,OAAO,CAAC,GAAG,CAClB,WAAW,CAAC,sBAAsB,CAAC,IAAI,EACvC,gBAAgB,EAChB,WAAW,CAAC,sBAAsB,CACnC;IACH;AAEA,IAAA,MAAM,oBAAoB,GAAG,YAAY,EAAE;AACzC,UAAE,YAAY,CAAC,SAAS,CAAC,CAAC;UACxB,IAAI;IAER,IAAI,oBAAoB,EAAE;AACxB,QAAA,QAAQ,CAAC,OAAO,CAAC,GAAG,CAClB,WAAW,CAAC,0BAA0B,CAAC,IAAI,EAC3C,oBAAoB,EACpB,WAAW,CAAC,0BAA0B,CACvC;IACH;AAEA,IAAA,OAAO,QAAQ;AACjB;;;;"}
|
|
@@ -28,14 +28,16 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
28
28
|
const auth0Instance = getAuth0Instance({ host, protocol, isProxied });
|
|
29
29
|
const auth0Config = getAuth0Config({ isProxied });
|
|
30
30
|
const isAuthErrorRoute = pathname.endsWith(auth0Config.globalAuthErrorPath);
|
|
31
|
+
const isProtected = !isAuthErrorRoute && isProtectedRoute(pathname);
|
|
31
32
|
const authResponse = await auth0Instance.middleware(request);
|
|
32
|
-
if (
|
|
33
|
-
isAuthRoute(pathname, auth0Config) ||
|
|
34
|
-
!isProtectedRoute(pathname)) {
|
|
33
|
+
if (isAuthRoute(pathname, auth0Config)) {
|
|
35
34
|
return authResponse;
|
|
36
35
|
}
|
|
37
36
|
const session = await auth0Instance.getSession(request);
|
|
38
|
-
if (!session) {
|
|
37
|
+
if (!isProtected && !session?.user) {
|
|
38
|
+
return authResponse;
|
|
39
|
+
}
|
|
40
|
+
if (!session && isProtected) {
|
|
39
41
|
return redirectToLogin({
|
|
40
42
|
auth0Config,
|
|
41
43
|
language,
|
|
@@ -50,6 +52,9 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
50
52
|
catch (error) {
|
|
51
53
|
const authError = error;
|
|
52
54
|
onError?.(authError);
|
|
55
|
+
if (!isProtected) {
|
|
56
|
+
return authResponse;
|
|
57
|
+
}
|
|
53
58
|
return redirectToLogin({
|
|
54
59
|
auth0Config,
|
|
55
60
|
language,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.js","sources":["../../../../src/server/middleware.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAWA,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAI;IACH,MAAM,QAAQ,GAAG,YAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAO,YAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ,CAAC;AAED,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,SAAS,EACT,OAAO,GASR,KAA2B;IAC1B,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;AACpD,IAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAErE,MAAM,WAAW,GAAG,cAAc,CAAC,EAAE,SAAS,EAAE,CAAC;IACjD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;
|
|
1
|
+
{"version":3,"file":"middleware.js","sources":["../../../../src/server/middleware.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAWA,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAI;IACH,MAAM,QAAQ,GAAG,YAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAO,YAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ,CAAC;AAED,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,SAAS,EACT,OAAO,GASR,KAA2B;IAC1B,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;AACpD,IAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAErE,MAAM,WAAW,GAAG,cAAc,CAAC,EAAE,SAAS,EAAE,CAAC;IACjD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC3E,MAAM,WAAW,GAAG,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,QAAQ,CAAC;IAEnE,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;AAE5D,IAAA,IAAI,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE;AACtC,QAAA,OAAO,YAAY;IACrB;IAEA,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClC,QAAA,OAAO,YAAY;IACrB;AAEA,IAAA,IAAI,CAAC,OAAO,IAAI,WAAW,EAAE;AAC3B,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;;QAEF,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,CAAC;IAC3D;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;AACnC,QAAA,OAAO,GAAG,SAAS,CAAC;QAEpB,IAAI,CAAC,WAAW,EAAE;AAChB,YAAA,OAAO,YAAY;QACrB;AAEA,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,MAAM,2BAA2B,GAAG,YAAY,CAAC,IAAI,CAAC;AACpD,QAAA,OAAO,EAAE;YACP,OAAO,EAAE,OAAO,CAAC,OAAO;AACzB,SAAA;AACF,KAAA,CAAC;IACF,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,KAAI;QAC1C,2BAA2B,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC;AACrD,IAAA,CAAC,CAAC;AAEF,IAAA,OAAO,2BAA2B;AACpC;;;;"}
|