@smg-automotive/auth 6.8.0-auth0-update-root.7 → 6.8.0-auth0-update-split-middleware.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/server/middleware/index.js +89 -0
- package/dist/cjs/server/middleware/index.js.map +1 -0
- package/dist/cjs/server/middleware/login.d.ts +7 -0
- package/dist/cjs/server/middleware/login.js +25 -0
- package/dist/cjs/server/middleware/login.js.map +1 -0
- package/dist/cjs/server/middleware/logout.d.ts +15 -0
- package/dist/cjs/server/middleware/logout.js +121 -0
- package/dist/cjs/server/middleware/logout.js.map +1 -0
- package/dist/cjs/server/middleware/protectRoute.d.ts +14 -0
- package/dist/cjs/server/middleware/protectRoute.js +61 -0
- package/dist/cjs/server/middleware/protectRoute.js.map +1 -0
- package/dist/cjs/server/middleware/token.d.ts +11 -0
- package/dist/cjs/server/middleware/token.js +29 -0
- package/dist/cjs/server/middleware/token.js.map +1 -0
- package/dist/cjs/server/middleware/types.d.ts +5 -0
- package/dist/cjs/server.js +2 -2
- package/dist/esm/server/middleware/index.js +87 -0
- package/dist/esm/server/middleware/index.js.map +1 -0
- package/dist/esm/server/middleware/login.d.ts +7 -0
- package/dist/esm/server/middleware/login.js +23 -0
- package/dist/esm/server/middleware/login.js.map +1 -0
- package/dist/esm/server/middleware/logout.d.ts +15 -0
- package/dist/esm/server/middleware/logout.js +118 -0
- package/dist/esm/server/middleware/logout.js.map +1 -0
- package/dist/esm/server/middleware/protectRoute.d.ts +14 -0
- package/dist/esm/server/middleware/protectRoute.js +59 -0
- package/dist/esm/server/middleware/protectRoute.js.map +1 -0
- package/dist/esm/server/middleware/token.d.ts +11 -0
- package/dist/esm/server/middleware/token.js +27 -0
- package/dist/esm/server/middleware/token.js.map +1 -0
- package/dist/esm/server/middleware/types.d.ts +5 -0
- package/dist/esm/server.js +1 -1
- package/package.json +1 -1
- package/dist/cjs/server/middleware.js +0 -219
- package/dist/cjs/server/middleware.js.map +0 -1
- package/dist/esm/server/middleware.js +0 -217
- package/dist/esm/server/middleware.js.map +0 -1
- /package/dist/cjs/server/{middleware.d.ts → middleware/index.d.ts} +0 -0
- /package/dist/esm/server/{middleware.d.ts → middleware/index.d.ts} +0 -0
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var server = require('next/server');
|
|
4
|
+
var auth0 = require('../../config/auth0.js');
|
|
5
|
+
var getAuth0Instance = require('../getAuth0Instance.js');
|
|
6
|
+
var token = require('./token.js');
|
|
7
|
+
var protectRoute = require('./protectRoute.js');
|
|
8
|
+
var logout = require('./logout.js');
|
|
9
|
+
var login = require('./login.js');
|
|
10
|
+
|
|
11
|
+
const isAuthRoute = (pathname, auth0Config) => {
|
|
12
|
+
const { loginEndpoint, logoutEndpoint, callbackEndpoint, userProfileEndpoint, tokenEndpoint, } = auth0Config;
|
|
13
|
+
return [
|
|
14
|
+
loginEndpoint,
|
|
15
|
+
logoutEndpoint,
|
|
16
|
+
callbackEndpoint,
|
|
17
|
+
userProfileEndpoint,
|
|
18
|
+
tokenEndpoint,
|
|
19
|
+
].includes(pathname);
|
|
20
|
+
};
|
|
21
|
+
const authMiddleware = async ({ request, isProtectedRoute, language, host, protocol, isProxied, onError, }) => {
|
|
22
|
+
const { pathname } = request.nextUrl;
|
|
23
|
+
const auth0Instance = getAuth0Instance.getAuth0Instance({ host, protocol, isProxied });
|
|
24
|
+
const auth0Config = auth0.getAuth0Config({ isProxied });
|
|
25
|
+
const isAuthErrorRoute = pathname.endsWith(auth0Config.globalAuthErrorPath);
|
|
26
|
+
const crossDomainLogoutResult = logout.handleCrossDomainLogout({
|
|
27
|
+
host,
|
|
28
|
+
protocol,
|
|
29
|
+
request,
|
|
30
|
+
auth0Config,
|
|
31
|
+
});
|
|
32
|
+
if (crossDomainLogoutResult?.isEarlyReturn) {
|
|
33
|
+
return crossDomainLogoutResult.response;
|
|
34
|
+
}
|
|
35
|
+
const addLoginParamsFromCookiesResult = login.addLoginParamsFromCookies({
|
|
36
|
+
request,
|
|
37
|
+
auth0Config,
|
|
38
|
+
});
|
|
39
|
+
if (addLoginParamsFromCookiesResult?.isEarlyReturn) {
|
|
40
|
+
return addLoginParamsFromCookiesResult.response;
|
|
41
|
+
}
|
|
42
|
+
const authResponse = await auth0Instance.middleware(request);
|
|
43
|
+
const deleteRelatedSessionCookiesResult = logout.deleteRelatedSessionCookies({
|
|
44
|
+
host,
|
|
45
|
+
request,
|
|
46
|
+
response: authResponse,
|
|
47
|
+
auth0Config,
|
|
48
|
+
});
|
|
49
|
+
if (deleteRelatedSessionCookiesResult?.isEarlyReturn) {
|
|
50
|
+
return deleteRelatedSessionCookiesResult.response;
|
|
51
|
+
}
|
|
52
|
+
const switchSelectedSellerIdResult = await token.switchSelectedSellerId({
|
|
53
|
+
request,
|
|
54
|
+
auth0Instance,
|
|
55
|
+
auth0Config,
|
|
56
|
+
language,
|
|
57
|
+
});
|
|
58
|
+
if (switchSelectedSellerIdResult?.isEarlyReturn) {
|
|
59
|
+
return switchSelectedSellerIdResult.response;
|
|
60
|
+
}
|
|
61
|
+
if (isAuthRoute(pathname, auth0Config) || isAuthErrorRoute) {
|
|
62
|
+
return authResponse;
|
|
63
|
+
}
|
|
64
|
+
const isProtected = !isAuthErrorRoute && isProtectedRoute(pathname);
|
|
65
|
+
const protectRouteResult = await protectRoute.protectRoute({
|
|
66
|
+
isProtected,
|
|
67
|
+
auth0Instance,
|
|
68
|
+
auth0Config,
|
|
69
|
+
language,
|
|
70
|
+
request,
|
|
71
|
+
response: authResponse,
|
|
72
|
+
onError,
|
|
73
|
+
});
|
|
74
|
+
if (protectRouteResult?.isEarlyReturn) {
|
|
75
|
+
return protectRouteResult.response;
|
|
76
|
+
}
|
|
77
|
+
const responseWithCombinedHeaders = server.NextResponse.next({
|
|
78
|
+
request: {
|
|
79
|
+
headers: request.headers,
|
|
80
|
+
},
|
|
81
|
+
});
|
|
82
|
+
authResponse.headers.forEach((value, key) => {
|
|
83
|
+
responseWithCombinedHeaders.headers.set(key, value);
|
|
84
|
+
});
|
|
85
|
+
return responseWithCombinedHeaders;
|
|
86
|
+
};
|
|
87
|
+
|
|
88
|
+
exports.authMiddleware = authMiddleware;
|
|
89
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":["getAuth0Instance","getAuth0Config","handleCrossDomainLogout","addLoginParamsFromCookies","deleteRelatedSessionCookies","switchSelectedSellerId","protectRoute","NextResponse"],"mappings":";;;;;;;;;;AAYA,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,SAAS,EACT,OAAO,GASR,KAA2B;AAC1B,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO;AACpC,IAAA,MAAM,aAAa,GAAGA,iCAAgB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAErE,MAAM,WAAW,GAAGC,oBAAc,CAAC,EAAE,SAAS,EAAE,CAAC;IACjD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAE3E,MAAM,uBAAuB,GAAGC,8BAAuB,CAAC;QACtD,IAAI;QACJ,QAAQ;QACR,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;AACF,IAAA,IAAI,uBAAuB,EAAE,aAAa,EAAE;QAC1C,OAAO,uBAAuB,CAAC,QAAQ;IACzC;IAEA,MAAM,+BAA+B,GAAGC,+BAAyB,CAAC;QAChE,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;AACF,IAAA,IAAI,+BAA+B,EAAE,aAAa,EAAE;QAClD,OAAO,+BAA+B,CAAC,QAAQ;IACjD;IAEA,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAE5D,MAAM,iCAAiC,GAAGC,kCAA2B,CAAC;QACpE,IAAI;QACJ,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,WAAW;AACZ,KAAA,CAAC;AACF,IAAA,IAAI,iCAAiC,EAAE,aAAa,EAAE;QACpD,OAAO,iCAAiC,CAAC,QAAQ;IACnD;AAEA,IAAA,MAAM,4BAA4B,GAAG,MAAMC,4BAAsB,CAAC;QAChE,OAAO;QACP,aAAa;QACb,WAAW;QACX,QAAQ;AACT,KAAA,CAAC;AACF,IAAA,IAAI,4BAA4B,EAAE,aAAa,EAAE;QAC/C,OAAO,4BAA4B,CAAC,QAAQ;IAC9C;IAEA,IAAI,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,IAAI,gBAAgB,EAAE;AAC1D,QAAA,OAAO,YAAY;IACrB;IAEA,MAAM,WAAW,GAAG,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,QAAQ,CAAC;AACnE,IAAA,MAAM,kBAAkB,GAAG,MAAMC,yBAAY,CAAC;QAC5C,WAAW;QACX,aAAa;QACb,WAAW;QACX,QAAQ;QACR,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,OAAO;AACR,KAAA,CAAC;AACF,IAAA,IAAI,kBAAkB,EAAE,aAAa,EAAE;QACrC,OAAO,kBAAkB,CAAC,QAAQ;IACpC;AAEA,IAAA,MAAM,2BAA2B,GAAGC,mBAAY,CAAC,IAAI,CAAC;AACpD,QAAA,OAAO,EAAE;YACP,OAAO,EAAE,OAAO,CAAC,OAAO;AACzB,SAAA;AACF,KAAA,CAAC;IACF,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,KAAI;QAC1C,2BAA2B,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC;AACrD,IAAA,CAAC,CAAC;AAEF,IAAA,OAAO,2BAA2B;AACpC;;;;"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { NextRequest } from 'next/server';
|
|
2
|
+
import { Auth0Config } from 'src/types';
|
|
3
|
+
import { MiddlewareRouteHandlerResult } from './types';
|
|
4
|
+
export declare const addLoginParamsFromCookies: ({ request, auth0Config: { selectedSellerIdCookie, impersonatedSellerIdCookie, loginEndpoint, }, }: {
|
|
5
|
+
request: NextRequest;
|
|
6
|
+
auth0Config: Auth0Config;
|
|
7
|
+
}) => MiddlewareRouteHandlerResult;
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const addLoginParamsFromCookies = ({ request, auth0Config: { selectedSellerIdCookie, impersonatedSellerIdCookie, loginEndpoint, }, }) => {
|
|
4
|
+
if (request.nextUrl.pathname !== loginEndpoint)
|
|
5
|
+
return;
|
|
6
|
+
const searchParams = new URLSearchParams(request.nextUrl.search);
|
|
7
|
+
const hasSellerId = searchParams.has('seller_id');
|
|
8
|
+
if (!hasSellerId) {
|
|
9
|
+
const sellerId = request.cookies.get(selectedSellerIdCookie.name)?.value;
|
|
10
|
+
if (sellerId) {
|
|
11
|
+
searchParams.set('seller_id', sellerId);
|
|
12
|
+
}
|
|
13
|
+
}
|
|
14
|
+
const hasImpersonateSellerId = searchParams.has('impersonate_seller_id');
|
|
15
|
+
if (!hasImpersonateSellerId) {
|
|
16
|
+
const impersonatedSellerId = request.cookies.get(impersonatedSellerIdCookie.name)?.value;
|
|
17
|
+
if (impersonatedSellerId) {
|
|
18
|
+
searchParams.set('impersonate_seller_id', impersonatedSellerId);
|
|
19
|
+
}
|
|
20
|
+
}
|
|
21
|
+
request.nextUrl.search = searchParams.toString();
|
|
22
|
+
};
|
|
23
|
+
|
|
24
|
+
exports.addLoginParamsFromCookies = addLoginParamsFromCookies;
|
|
25
|
+
//# sourceMappingURL=login.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"login.js","sources":["../../../../../src/server/middleware/login.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAMO,MAAM,yBAAyB,GAAG,CAAC,EACxC,OAAO,EACP,WAAW,EAAE,EACX,sBAAsB,EACtB,0BAA0B,EAC1B,aAAa,GACd,GAIF,KAAkC;AACjC,IAAA,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,aAAa;QAAE;IAEhD,MAAM,YAAY,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC;IAChE,MAAM,WAAW,GAAG,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC;IACjD,IAAI,CAAC,WAAW,EAAE;AAChB,QAAA,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,KAAK;QACxE,IAAI,QAAQ,EAAE;AACZ,YAAA,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC;QACzC;IACF;IAEA,MAAM,sBAAsB,GAAG,YAAY,CAAC,GAAG,CAAC,uBAAuB,CAAC;IACxE,IAAI,CAAC,sBAAsB,EAAE;AAC3B,QAAA,MAAM,oBAAoB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAC9C,0BAA0B,CAAC,IAAI,CAChC,EAAE,KAAK;QAER,IAAI,oBAAoB,EAAE;AACxB,YAAA,YAAY,CAAC,GAAG,CAAC,uBAAuB,EAAE,oBAAoB,CAAC;QACjE;IACF;IAEA,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,YAAY,CAAC,QAAQ,EAAE;AAClD;;;;"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import { NextRequest, NextResponse } from 'next/server';
|
|
2
|
+
import { Auth0Config } from 'src/types';
|
|
3
|
+
import { MiddlewareRouteHandlerResult } from './types';
|
|
4
|
+
export declare const handleCrossDomainLogout: ({ host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }: {
|
|
5
|
+
host: string;
|
|
6
|
+
protocol: string;
|
|
7
|
+
request: NextRequest;
|
|
8
|
+
auth0Config: Auth0Config;
|
|
9
|
+
}) => MiddlewareRouteHandlerResult;
|
|
10
|
+
export declare const deleteRelatedSessionCookies: ({ host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }: {
|
|
11
|
+
host: string;
|
|
12
|
+
request: NextRequest;
|
|
13
|
+
response: NextResponse;
|
|
14
|
+
auth0Config: Auth0Config;
|
|
15
|
+
}) => MiddlewareRouteHandlerResult;
|
|
@@ -0,0 +1,121 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var server = require('next/server');
|
|
4
|
+
|
|
5
|
+
const validateReturnTo = ({ pathOrUrl, host, protocol, otherDomainHost, crossDomainLogout, }) => {
|
|
6
|
+
if (typeof pathOrUrl !== 'string')
|
|
7
|
+
return false;
|
|
8
|
+
if (pathOrUrl.length > 2048)
|
|
9
|
+
return false;
|
|
10
|
+
try {
|
|
11
|
+
const decodedPathOrUrl = decodeURIComponent(pathOrUrl);
|
|
12
|
+
const isUrl = decodedPathOrUrl.startsWith('http');
|
|
13
|
+
const parsedUrlOrPath = new URL(isUrl ? decodedPathOrUrl : `${protocol}://${host}${decodedPathOrUrl}`);
|
|
14
|
+
const decodedPath = parsedUrlOrPath.pathname;
|
|
15
|
+
if (crossDomainLogout &&
|
|
16
|
+
isUrl &&
|
|
17
|
+
parsedUrlOrPath.host !== otherDomainHost) {
|
|
18
|
+
return false;
|
|
19
|
+
}
|
|
20
|
+
if (!crossDomainLogout && parsedUrlOrPath.host !== host) {
|
|
21
|
+
return false;
|
|
22
|
+
}
|
|
23
|
+
if (!decodedPath.startsWith('/') || decodedPath.startsWith('//')) {
|
|
24
|
+
return false;
|
|
25
|
+
}
|
|
26
|
+
// Limit chars in return to path to prevent injections
|
|
27
|
+
// eslint-disable-next-line @typescript-eslint/naming-convention
|
|
28
|
+
const SAFE_PATH_REGEX = /^\/[a-zA-Z0-9/_\-?.=]*$/;
|
|
29
|
+
return SAFE_PATH_REGEX.test(decodedPath);
|
|
30
|
+
}
|
|
31
|
+
catch (error) {
|
|
32
|
+
// eslint-disable-next-line no-console
|
|
33
|
+
console.warn('Error parsing URL or path:', error);
|
|
34
|
+
return false;
|
|
35
|
+
}
|
|
36
|
+
};
|
|
37
|
+
const getOtherDomainHost = (currentHost) => {
|
|
38
|
+
if (currentHost.includes('autoscout24')) {
|
|
39
|
+
return currentHost.replace('autoscout24', 'motoscout24');
|
|
40
|
+
}
|
|
41
|
+
if (currentHost.includes('motoscout24')) {
|
|
42
|
+
return currentHost.replace('motoscout24', 'autoscout24');
|
|
43
|
+
}
|
|
44
|
+
return currentHost;
|
|
45
|
+
};
|
|
46
|
+
const handleCrossDomainLogout = ({ host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }) => {
|
|
47
|
+
if (request.nextUrl.pathname !== logoutEndpoint)
|
|
48
|
+
return;
|
|
49
|
+
const searchParams = new URLSearchParams(request.nextUrl.search);
|
|
50
|
+
const specifiedReturnTo = searchParams.get('returnTo') || '';
|
|
51
|
+
const crossDomainLogout = searchParams.get('crossDomain') === 'true';
|
|
52
|
+
const otherDomainHost = getOtherDomainHost(host);
|
|
53
|
+
let returnTo = `/${searchParams.get('locale') || languageConfig.default}`;
|
|
54
|
+
const isSafePath = validateReturnTo({
|
|
55
|
+
protocol,
|
|
56
|
+
host,
|
|
57
|
+
otherDomainHost,
|
|
58
|
+
pathOrUrl: specifiedReturnTo,
|
|
59
|
+
crossDomainLogout,
|
|
60
|
+
});
|
|
61
|
+
if (isSafePath) {
|
|
62
|
+
returnTo = specifiedReturnTo;
|
|
63
|
+
}
|
|
64
|
+
if (!crossDomainLogout && otherDomainHost && otherDomainHost !== host) {
|
|
65
|
+
const currentDomainUrl = `${protocol}://${host}`;
|
|
66
|
+
const backToCurrentDomainUrl = new URL(logoutEndpoint, currentDomainUrl);
|
|
67
|
+
backToCurrentDomainUrl.searchParams.set('returnTo', returnTo);
|
|
68
|
+
backToCurrentDomainUrl.searchParams.set('crossDomain', 'true');
|
|
69
|
+
const otherDomainLogoutUrl = new URL(logoutEndpoint, `${protocol}://${otherDomainHost}`);
|
|
70
|
+
otherDomainLogoutUrl.searchParams.set('crossDomain', 'true');
|
|
71
|
+
otherDomainLogoutUrl.searchParams.set('returnTo', backToCurrentDomainUrl.toString());
|
|
72
|
+
return {
|
|
73
|
+
isEarlyReturn: true,
|
|
74
|
+
response: server.NextResponse.redirect(otherDomainLogoutUrl, {
|
|
75
|
+
status: 302,
|
|
76
|
+
}),
|
|
77
|
+
};
|
|
78
|
+
}
|
|
79
|
+
searchParams.set('returnTo', returnTo);
|
|
80
|
+
request.nextUrl.search = searchParams.toString();
|
|
81
|
+
};
|
|
82
|
+
const getLegacyCookieDomain = (hostname) => {
|
|
83
|
+
const parts = hostname.split('.');
|
|
84
|
+
if (parts.length < 2)
|
|
85
|
+
return `.${hostname}`;
|
|
86
|
+
const base = parts.slice(-2).join('.');
|
|
87
|
+
return `.${base}`;
|
|
88
|
+
};
|
|
89
|
+
const deleteRelatedSessionCookies = ({ host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }) => {
|
|
90
|
+
if (request.nextUrl.pathname !== logoutEndpoint || !response)
|
|
91
|
+
return;
|
|
92
|
+
authCookieNames.forEach((cookieName) => {
|
|
93
|
+
response.cookies.delete({
|
|
94
|
+
name: cookieName,
|
|
95
|
+
maxAge: 0,
|
|
96
|
+
path: '/',
|
|
97
|
+
});
|
|
98
|
+
response.cookies.delete({
|
|
99
|
+
name: `${cookieName}__0`,
|
|
100
|
+
maxAge: 0,
|
|
101
|
+
path: '/',
|
|
102
|
+
});
|
|
103
|
+
});
|
|
104
|
+
const legacyCookieDomain = getLegacyCookieDomain(host);
|
|
105
|
+
response.cookies.delete({
|
|
106
|
+
name: legacyAccessTokenName,
|
|
107
|
+
maxAge: 0,
|
|
108
|
+
path: '/',
|
|
109
|
+
domain: legacyCookieDomain,
|
|
110
|
+
});
|
|
111
|
+
response.cookies.delete({
|
|
112
|
+
name: legacyRefreshTokenName,
|
|
113
|
+
maxAge: 0,
|
|
114
|
+
path: '/',
|
|
115
|
+
domain: legacyCookieDomain,
|
|
116
|
+
});
|
|
117
|
+
};
|
|
118
|
+
|
|
119
|
+
exports.deleteRelatedSessionCookies = deleteRelatedSessionCookies;
|
|
120
|
+
exports.handleCrossDomainLogout = handleCrossDomainLogout;
|
|
121
|
+
//# sourceMappingURL=logout.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"logout.js","sources":["../../../../../src/server/middleware/logout.ts"],"sourcesContent":[null],"names":["NextResponse"],"mappings":";;;;AAMA,MAAM,gBAAgB,GAAG,CAAC,EACxB,SAAS,EACT,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,iBAAiB,GAOlB,KAAI;IACH,IAAI,OAAO,SAAS,KAAK,QAAQ;AAAE,QAAA,OAAO,KAAK;AAC/C,IAAA,IAAI,SAAS,CAAC,MAAM,GAAG,IAAI;AAAE,QAAA,OAAO,KAAK;AAEzC,IAAA,IAAI;AACF,QAAA,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,SAAS,CAAC;QACtD,MAAM,KAAK,GAAG,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC;QACjD,MAAM,eAAe,GAAG,IAAI,GAAG,CAC7B,KAAK,GAAG,gBAAgB,GAAG,GAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,CAAA,EAAG,gBAAgB,CAAA,CAAE,CACtE;AACD,QAAA,MAAM,WAAW,GAAG,eAAe,CAAC,QAAQ;AAE5C,QAAA,IACE,iBAAiB;YACjB,KAAK;AACL,YAAA,eAAe,CAAC,IAAI,KAAK,eAAe,EACxC;AACA,YAAA,OAAO,KAAK;QACd;QAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,CAAC,IAAI,KAAK,IAAI,EAAE;AACvD,YAAA,OAAO,KAAK;QACd;AAEA,QAAA,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;AAChE,YAAA,OAAO,KAAK;QACd;;;QAIA,MAAM,eAAe,GAAG,yBAAyB;AACjD,QAAA,OAAO,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC;IAC1C;IAAE,OAAO,KAAK,EAAE;;AAEd,QAAA,OAAO,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,CAAC;AACjD,QAAA,OAAO,KAAK;IACd;AACF,CAAC;AAED,MAAM,kBAAkB,GAAG,CAAC,WAAmB,KAAY;AACzD,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,OAAO,WAAW;AACpB,CAAC;MAEY,uBAAuB,GAAG,CAAC,EACtC,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,WAAW,EAAE,EAAE,cAAc,EAAE,cAAc,EAAE,GAMhD,KAAkC;AACjC,IAAA,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,cAAc;QAAE;IAEjD,MAAM,YAAY,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC;IAEhE,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE;IAC5D,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CAAC,aAAa,CAAC,KAAK,MAAM;AAEpE,IAAA,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,CAAC;AAChD,IAAA,IAAI,QAAQ,GAAG,CAAA,CAAA,EAAI,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,cAAc,CAAC,OAAO,EAAE;IACzE,MAAM,UAAU,GAAG,gBAAgB,CAAC;QAClC,QAAQ;QACR,IAAI;QACJ,eAAe;AACf,QAAA,SAAS,EAAE,iBAAiB;QAC5B,iBAAiB;AAClB,KAAA,CAAC;IACF,IAAI,UAAU,EAAE;QACd,QAAQ,GAAG,iBAAiB;IAC9B;IAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,IAAI,eAAe,KAAK,IAAI,EAAE;AACrE,QAAA,MAAM,gBAAgB,GAAG,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,EAAE;QAChD,MAAM,sBAAsB,GAAG,IAAI,GAAG,CAAC,cAAc,EAAE,gBAAgB,CAAC;QACxE,sBAAsB,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC;QAC7D,sBAAsB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC;AAE9D,QAAA,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAClC,cAAc,EACd,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,eAAe,CAAA,CAAE,CACnC;QACD,oBAAoB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC;AAC5D,QAAA,oBAAoB,CAAC,YAAY,CAAC,GAAG,CACnC,UAAU,EACV,sBAAsB,CAAC,QAAQ,EAAE,CAClC;QAED,OAAO;AACL,YAAA,aAAa,EAAE,IAAI;AACnB,YAAA,QAAQ,EAAEA,mBAAY,CAAC,QAAQ,CAAC,oBAAoB,EAAE;AACpD,gBAAA,MAAM,EAAE,GAAG;aACZ,CAAC;SACH;IACH;AAEA,IAAA,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC;IACtC,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,YAAY,CAAC,QAAQ,EAAE;AAClD;AAEA,MAAM,qBAAqB,GAAG,CAAC,QAAgB,KAAI;IACjD,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC;AACjC,IAAA,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAE;AAE3C,IAAA,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;IACtC,OAAO,CAAA,CAAA,EAAI,IAAI,CAAA,CAAE;AACnB,CAAC;AAEM,MAAM,2BAA2B,GAAG,CAAC,EAC1C,IAAI,EACJ,OAAO,EACP,QAAQ,EACR,WAAW,EAAE,EACX,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,sBAAsB,GACvB,GAMF,KAAkC;IACjC,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,cAAc,IAAI,CAAC,QAAQ;QAAE;AAE9D,IAAA,eAAe,CAAC,OAAO,CAAC,CAAC,UAAU,KAAI;AACrC,QAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,YAAA,IAAI,EAAE,UAAU;AAChB,YAAA,MAAM,EAAE,CAAC;AACT,YAAA,IAAI,EAAE,GAAG;AACV,SAAA,CAAC;AACF,QAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;YACtB,IAAI,EAAE,CAAA,EAAG,UAAU,CAAA,GAAA,CAAK;AACxB,YAAA,MAAM,EAAE,CAAC;AACT,YAAA,IAAI,EAAE,GAAG;AACV,SAAA,CAAC;AACJ,IAAA,CAAC,CAAC;AAEF,IAAA,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,IAAI,CAAC;AACtD,IAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,QAAA,IAAI,EAAE,qBAAqB;AAC3B,QAAA,MAAM,EAAE,CAAC;AACT,QAAA,IAAI,EAAE,GAAG;AACT,QAAA,MAAM,EAAE,kBAAkB;AAC3B,KAAA,CAAC;AACF,IAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,QAAA,IAAI,EAAE,sBAAsB;AAC5B,QAAA,MAAM,EAAE,CAAC;AACT,QAAA,IAAI,EAAE,GAAG;AACT,QAAA,MAAM,EAAE,kBAAkB;AAC3B,KAAA,CAAC;AACJ;;;;;"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { NextRequest, NextResponse } from 'next/server';
|
|
2
|
+
import { Language } from '@smg-automotive/i18n-pkg';
|
|
3
|
+
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
4
|
+
import { Auth0Config } from 'src/types';
|
|
5
|
+
import { MiddlewareRouteHandlerResult } from './types';
|
|
6
|
+
export declare const protectRoute: ({ isProtected, auth0Instance, auth0Config, language, request, response, onError, }: {
|
|
7
|
+
isProtected: boolean;
|
|
8
|
+
auth0Instance: Auth0Client;
|
|
9
|
+
auth0Config: Auth0Config;
|
|
10
|
+
language: Language;
|
|
11
|
+
request: NextRequest;
|
|
12
|
+
response: NextResponse;
|
|
13
|
+
onError?: (error: Error) => void;
|
|
14
|
+
}) => Promise<MiddlewareRouteHandlerResult>;
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var server = require('next/server');
|
|
4
|
+
var authLinks = require('../../lib/authLinks.js');
|
|
5
|
+
|
|
6
|
+
const redirectToLogin = ({ auth0Config, language, returnTo, origin, }) => {
|
|
7
|
+
const loginUrl = authLinks.getLoginLink({
|
|
8
|
+
auth0Config,
|
|
9
|
+
language,
|
|
10
|
+
returnTo,
|
|
11
|
+
});
|
|
12
|
+
return {
|
|
13
|
+
response: server.NextResponse.redirect(new URL(loginUrl, origin), {
|
|
14
|
+
status: 307,
|
|
15
|
+
}),
|
|
16
|
+
isEarlyReturn: true,
|
|
17
|
+
};
|
|
18
|
+
};
|
|
19
|
+
const protectRoute = async ({ isProtected, auth0Instance, auth0Config, language, request, response, onError, }) => {
|
|
20
|
+
const session = await auth0Instance.getSession(request);
|
|
21
|
+
const { pathname, search, origin } = request.nextUrl;
|
|
22
|
+
if (!isProtected && !session?.user) {
|
|
23
|
+
return {
|
|
24
|
+
response,
|
|
25
|
+
isEarlyReturn: true,
|
|
26
|
+
};
|
|
27
|
+
}
|
|
28
|
+
if (!session && isProtected) {
|
|
29
|
+
return redirectToLogin({
|
|
30
|
+
auth0Config,
|
|
31
|
+
language,
|
|
32
|
+
returnTo: `${pathname}${search}`,
|
|
33
|
+
origin,
|
|
34
|
+
});
|
|
35
|
+
}
|
|
36
|
+
try {
|
|
37
|
+
const shouldRefresh = (session?.tokenSet.expiresAt || 0) < Date.now() / 1000 + 30;
|
|
38
|
+
await auth0Instance.getAccessToken(request, response, {
|
|
39
|
+
refresh: shouldRefresh,
|
|
40
|
+
});
|
|
41
|
+
}
|
|
42
|
+
catch (error) {
|
|
43
|
+
const authError = error;
|
|
44
|
+
onError?.(authError);
|
|
45
|
+
if (!isProtected) {
|
|
46
|
+
return {
|
|
47
|
+
response,
|
|
48
|
+
isEarlyReturn: true,
|
|
49
|
+
};
|
|
50
|
+
}
|
|
51
|
+
return redirectToLogin({
|
|
52
|
+
auth0Config,
|
|
53
|
+
language,
|
|
54
|
+
returnTo: `${pathname}${search}`,
|
|
55
|
+
origin,
|
|
56
|
+
});
|
|
57
|
+
}
|
|
58
|
+
};
|
|
59
|
+
|
|
60
|
+
exports.protectRoute = protectRoute;
|
|
61
|
+
//# sourceMappingURL=protectRoute.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":["getLoginLink","NextResponse"],"mappings":";;;;;AAUA,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAkC;IACjC,MAAM,QAAQ,GAAGA,sBAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAO;AACL,QAAA,QAAQ,EAAEC,mBAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACzD,YAAA,MAAM,EAAE,GAAG;SACZ,CAAC;AACF,QAAA,aAAa,EAAE,IAAI;KACpB;AACH,CAAC;MAEY,YAAY,GAAG,OAAO,EACjC,WAAW,EACX,aAAa,EACb,WAAW,EACX,QAAQ,EACR,OAAO,EACP,QAAQ,EACR,OAAO,GASR,KAA2C;IAC1C,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;IAEpD,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;QAClC,OAAO;YACL,QAAQ;AACR,YAAA,aAAa,EAAE,IAAI;SACpB;IACH;AAEA,IAAA,IAAI,CAAC,OAAO,IAAI,WAAW,EAAE;AAC3B,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;QACF,MAAM,aAAa,GACjB,CAAC,OAAO,EAAE,QAAQ,CAAC,SAAS,IAAI,CAAC,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,EAAE;AAC7D,QAAA,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,EAAE,QAAQ,EAAE;AACpD,YAAA,OAAO,EAAE,aAAa;AACvB,SAAA,CAAC;IACJ;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;AACnC,QAAA,OAAO,GAAG,SAAS,CAAC;QAEpB,IAAI,CAAC,WAAW,EAAE;YAChB,OAAO;gBACL,QAAQ;AACR,gBAAA,aAAa,EAAE,IAAI;aACpB;QACH;AAEA,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AACF;;;;"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { NextRequest } from 'next/server';
|
|
2
|
+
import { Language } from '@smg-automotive/i18n-pkg';
|
|
3
|
+
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
4
|
+
import { Auth0Config } from 'src/types';
|
|
5
|
+
import { MiddlewareRouteHandlerResult } from './types';
|
|
6
|
+
export declare const switchSelectedSellerId: ({ language, request, auth0Instance, auth0Config, }: {
|
|
7
|
+
language: Language;
|
|
8
|
+
request: NextRequest;
|
|
9
|
+
auth0Instance: Auth0Client;
|
|
10
|
+
auth0Config: Auth0Config;
|
|
11
|
+
}) => Promise<MiddlewareRouteHandlerResult>;
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var server = require('next/server');
|
|
4
|
+
var authLinks = require('../../lib/authLinks.js');
|
|
5
|
+
|
|
6
|
+
const switchSelectedSellerId = async ({ language, request, auth0Instance, auth0Config, }) => {
|
|
7
|
+
if (request.nextUrl.pathname !== auth0Config.tokenEndpoint)
|
|
8
|
+
return;
|
|
9
|
+
const searchParams = new URLSearchParams(request.nextUrl.search);
|
|
10
|
+
const sellerId = searchParams.get('seller_id');
|
|
11
|
+
const session = await auth0Instance.getSession(request);
|
|
12
|
+
if (sellerId && session?.user) {
|
|
13
|
+
const loginUrl = authLinks.getLoginLink({
|
|
14
|
+
auth0Config,
|
|
15
|
+
language,
|
|
16
|
+
returnTo: auth0Config.tokenEndpoint,
|
|
17
|
+
selectedSellerId: sellerId,
|
|
18
|
+
});
|
|
19
|
+
return {
|
|
20
|
+
response: server.NextResponse.redirect(new URL(loginUrl, origin), {
|
|
21
|
+
status: 302,
|
|
22
|
+
}),
|
|
23
|
+
isEarlyReturn: true,
|
|
24
|
+
};
|
|
25
|
+
}
|
|
26
|
+
};
|
|
27
|
+
|
|
28
|
+
exports.switchSelectedSellerId = switchSelectedSellerId;
|
|
29
|
+
//# sourceMappingURL=token.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token.js","sources":["../../../../../src/server/middleware/token.ts"],"sourcesContent":[null],"names":["getLoginLink","NextResponse"],"mappings":";;;;;AASO,MAAM,sBAAsB,GAAG,OAAO,EAC3C,QAAQ,EACR,OAAO,EACP,aAAa,EACb,WAAW,GAMZ,KAA2C;IAC1C,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,WAAW,CAAC,aAAa;QAAE;IAE5D,MAAM,YAAY,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC;IAEhE,MAAM,QAAQ,GAAG,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC;IAC9C,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;AAEvD,IAAA,IAAI,QAAQ,IAAI,OAAO,EAAE,IAAI,EAAE;QAC7B,MAAM,QAAQ,GAAGA,sBAAY,CAAC;YAC5B,WAAW;YACX,QAAQ;YACR,QAAQ,EAAE,WAAW,CAAC,aAAa;AACnC,YAAA,gBAAgB,EAAE,QAAQ;AAC3B,SAAA,CAAC;QACF,OAAO;AACL,YAAA,QAAQ,EAAEC,mBAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACzD,gBAAA,MAAM,EAAE,GAAG;aACZ,CAAC;AACF,YAAA,aAAa,EAAE,IAAI;SACpB;IACH;AACF;;;;"}
|
package/dist/cjs/server.js
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
var
|
|
3
|
+
var index = require('./server/middleware/index.js');
|
|
4
4
|
|
|
5
5
|
|
|
6
6
|
|
|
7
|
-
exports.authMiddleware =
|
|
7
|
+
exports.authMiddleware = index.authMiddleware;
|
|
8
8
|
//# sourceMappingURL=server.js.map
|
|
@@ -0,0 +1,87 @@
|
|
|
1
|
+
import { NextResponse } from 'next/server';
|
|
2
|
+
import { getAuth0Config } from '../../config/auth0.js';
|
|
3
|
+
import { getAuth0Instance } from '../getAuth0Instance.js';
|
|
4
|
+
import { switchSelectedSellerId } from './token.js';
|
|
5
|
+
import { protectRoute } from './protectRoute.js';
|
|
6
|
+
import { handleCrossDomainLogout, deleteRelatedSessionCookies } from './logout.js';
|
|
7
|
+
import { addLoginParamsFromCookies } from './login.js';
|
|
8
|
+
|
|
9
|
+
const isAuthRoute = (pathname, auth0Config) => {
|
|
10
|
+
const { loginEndpoint, logoutEndpoint, callbackEndpoint, userProfileEndpoint, tokenEndpoint, } = auth0Config;
|
|
11
|
+
return [
|
|
12
|
+
loginEndpoint,
|
|
13
|
+
logoutEndpoint,
|
|
14
|
+
callbackEndpoint,
|
|
15
|
+
userProfileEndpoint,
|
|
16
|
+
tokenEndpoint,
|
|
17
|
+
].includes(pathname);
|
|
18
|
+
};
|
|
19
|
+
const authMiddleware = async ({ request, isProtectedRoute, language, host, protocol, isProxied, onError, }) => {
|
|
20
|
+
const { pathname } = request.nextUrl;
|
|
21
|
+
const auth0Instance = getAuth0Instance({ host, protocol, isProxied });
|
|
22
|
+
const auth0Config = getAuth0Config({ isProxied });
|
|
23
|
+
const isAuthErrorRoute = pathname.endsWith(auth0Config.globalAuthErrorPath);
|
|
24
|
+
const crossDomainLogoutResult = handleCrossDomainLogout({
|
|
25
|
+
host,
|
|
26
|
+
protocol,
|
|
27
|
+
request,
|
|
28
|
+
auth0Config,
|
|
29
|
+
});
|
|
30
|
+
if (crossDomainLogoutResult?.isEarlyReturn) {
|
|
31
|
+
return crossDomainLogoutResult.response;
|
|
32
|
+
}
|
|
33
|
+
const addLoginParamsFromCookiesResult = addLoginParamsFromCookies({
|
|
34
|
+
request,
|
|
35
|
+
auth0Config,
|
|
36
|
+
});
|
|
37
|
+
if (addLoginParamsFromCookiesResult?.isEarlyReturn) {
|
|
38
|
+
return addLoginParamsFromCookiesResult.response;
|
|
39
|
+
}
|
|
40
|
+
const authResponse = await auth0Instance.middleware(request);
|
|
41
|
+
const deleteRelatedSessionCookiesResult = deleteRelatedSessionCookies({
|
|
42
|
+
host,
|
|
43
|
+
request,
|
|
44
|
+
response: authResponse,
|
|
45
|
+
auth0Config,
|
|
46
|
+
});
|
|
47
|
+
if (deleteRelatedSessionCookiesResult?.isEarlyReturn) {
|
|
48
|
+
return deleteRelatedSessionCookiesResult.response;
|
|
49
|
+
}
|
|
50
|
+
const switchSelectedSellerIdResult = await switchSelectedSellerId({
|
|
51
|
+
request,
|
|
52
|
+
auth0Instance,
|
|
53
|
+
auth0Config,
|
|
54
|
+
language,
|
|
55
|
+
});
|
|
56
|
+
if (switchSelectedSellerIdResult?.isEarlyReturn) {
|
|
57
|
+
return switchSelectedSellerIdResult.response;
|
|
58
|
+
}
|
|
59
|
+
if (isAuthRoute(pathname, auth0Config) || isAuthErrorRoute) {
|
|
60
|
+
return authResponse;
|
|
61
|
+
}
|
|
62
|
+
const isProtected = !isAuthErrorRoute && isProtectedRoute(pathname);
|
|
63
|
+
const protectRouteResult = await protectRoute({
|
|
64
|
+
isProtected,
|
|
65
|
+
auth0Instance,
|
|
66
|
+
auth0Config,
|
|
67
|
+
language,
|
|
68
|
+
request,
|
|
69
|
+
response: authResponse,
|
|
70
|
+
onError,
|
|
71
|
+
});
|
|
72
|
+
if (protectRouteResult?.isEarlyReturn) {
|
|
73
|
+
return protectRouteResult.response;
|
|
74
|
+
}
|
|
75
|
+
const responseWithCombinedHeaders = NextResponse.next({
|
|
76
|
+
request: {
|
|
77
|
+
headers: request.headers,
|
|
78
|
+
},
|
|
79
|
+
});
|
|
80
|
+
authResponse.headers.forEach((value, key) => {
|
|
81
|
+
responseWithCombinedHeaders.headers.set(key, value);
|
|
82
|
+
});
|
|
83
|
+
return responseWithCombinedHeaders;
|
|
84
|
+
};
|
|
85
|
+
|
|
86
|
+
export { authMiddleware };
|
|
87
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;AAYA,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,SAAS,EACT,OAAO,GASR,KAA2B;AAC1B,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO;AACpC,IAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAErE,MAAM,WAAW,GAAG,cAAc,CAAC,EAAE,SAAS,EAAE,CAAC;IACjD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAE3E,MAAM,uBAAuB,GAAG,uBAAuB,CAAC;QACtD,IAAI;QACJ,QAAQ;QACR,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;AACF,IAAA,IAAI,uBAAuB,EAAE,aAAa,EAAE;QAC1C,OAAO,uBAAuB,CAAC,QAAQ;IACzC;IAEA,MAAM,+BAA+B,GAAG,yBAAyB,CAAC;QAChE,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;AACF,IAAA,IAAI,+BAA+B,EAAE,aAAa,EAAE;QAClD,OAAO,+BAA+B,CAAC,QAAQ;IACjD;IAEA,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAE5D,MAAM,iCAAiC,GAAG,2BAA2B,CAAC;QACpE,IAAI;QACJ,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,WAAW;AACZ,KAAA,CAAC;AACF,IAAA,IAAI,iCAAiC,EAAE,aAAa,EAAE;QACpD,OAAO,iCAAiC,CAAC,QAAQ;IACnD;AAEA,IAAA,MAAM,4BAA4B,GAAG,MAAM,sBAAsB,CAAC;QAChE,OAAO;QACP,aAAa;QACb,WAAW;QACX,QAAQ;AACT,KAAA,CAAC;AACF,IAAA,IAAI,4BAA4B,EAAE,aAAa,EAAE;QAC/C,OAAO,4BAA4B,CAAC,QAAQ;IAC9C;IAEA,IAAI,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,IAAI,gBAAgB,EAAE;AAC1D,QAAA,OAAO,YAAY;IACrB;IAEA,MAAM,WAAW,GAAG,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,QAAQ,CAAC;AACnE,IAAA,MAAM,kBAAkB,GAAG,MAAM,YAAY,CAAC;QAC5C,WAAW;QACX,aAAa;QACb,WAAW;QACX,QAAQ;QACR,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,OAAO;AACR,KAAA,CAAC;AACF,IAAA,IAAI,kBAAkB,EAAE,aAAa,EAAE;QACrC,OAAO,kBAAkB,CAAC,QAAQ;IACpC;AAEA,IAAA,MAAM,2BAA2B,GAAG,YAAY,CAAC,IAAI,CAAC;AACpD,QAAA,OAAO,EAAE;YACP,OAAO,EAAE,OAAO,CAAC,OAAO;AACzB,SAAA;AACF,KAAA,CAAC;IACF,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,KAAI;QAC1C,2BAA2B,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC;AACrD,IAAA,CAAC,CAAC;AAEF,IAAA,OAAO,2BAA2B;AACpC;;;;"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { NextRequest } from 'next/server';
|
|
2
|
+
import { Auth0Config } from 'src/types';
|
|
3
|
+
import { MiddlewareRouteHandlerResult } from './types';
|
|
4
|
+
export declare const addLoginParamsFromCookies: ({ request, auth0Config: { selectedSellerIdCookie, impersonatedSellerIdCookie, loginEndpoint, }, }: {
|
|
5
|
+
request: NextRequest;
|
|
6
|
+
auth0Config: Auth0Config;
|
|
7
|
+
}) => MiddlewareRouteHandlerResult;
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
const addLoginParamsFromCookies = ({ request, auth0Config: { selectedSellerIdCookie, impersonatedSellerIdCookie, loginEndpoint, }, }) => {
|
|
2
|
+
if (request.nextUrl.pathname !== loginEndpoint)
|
|
3
|
+
return;
|
|
4
|
+
const searchParams = new URLSearchParams(request.nextUrl.search);
|
|
5
|
+
const hasSellerId = searchParams.has('seller_id');
|
|
6
|
+
if (!hasSellerId) {
|
|
7
|
+
const sellerId = request.cookies.get(selectedSellerIdCookie.name)?.value;
|
|
8
|
+
if (sellerId) {
|
|
9
|
+
searchParams.set('seller_id', sellerId);
|
|
10
|
+
}
|
|
11
|
+
}
|
|
12
|
+
const hasImpersonateSellerId = searchParams.has('impersonate_seller_id');
|
|
13
|
+
if (!hasImpersonateSellerId) {
|
|
14
|
+
const impersonatedSellerId = request.cookies.get(impersonatedSellerIdCookie.name)?.value;
|
|
15
|
+
if (impersonatedSellerId) {
|
|
16
|
+
searchParams.set('impersonate_seller_id', impersonatedSellerId);
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
request.nextUrl.search = searchParams.toString();
|
|
20
|
+
};
|
|
21
|
+
|
|
22
|
+
export { addLoginParamsFromCookies };
|
|
23
|
+
//# sourceMappingURL=login.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"login.js","sources":["../../../../../src/server/middleware/login.ts"],"sourcesContent":[null],"names":[],"mappings":"AAMO,MAAM,yBAAyB,GAAG,CAAC,EACxC,OAAO,EACP,WAAW,EAAE,EACX,sBAAsB,EACtB,0BAA0B,EAC1B,aAAa,GACd,GAIF,KAAkC;AACjC,IAAA,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,aAAa;QAAE;IAEhD,MAAM,YAAY,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC;IAChE,MAAM,WAAW,GAAG,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC;IACjD,IAAI,CAAC,WAAW,EAAE;AAChB,QAAA,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,KAAK;QACxE,IAAI,QAAQ,EAAE;AACZ,YAAA,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC;QACzC;IACF;IAEA,MAAM,sBAAsB,GAAG,YAAY,CAAC,GAAG,CAAC,uBAAuB,CAAC;IACxE,IAAI,CAAC,sBAAsB,EAAE;AAC3B,QAAA,MAAM,oBAAoB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAC9C,0BAA0B,CAAC,IAAI,CAChC,EAAE,KAAK;QAER,IAAI,oBAAoB,EAAE;AACxB,YAAA,YAAY,CAAC,GAAG,CAAC,uBAAuB,EAAE,oBAAoB,CAAC;QACjE;IACF;IAEA,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,YAAY,CAAC,QAAQ,EAAE;AAClD;;;;"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import { NextRequest, NextResponse } from 'next/server';
|
|
2
|
+
import { Auth0Config } from 'src/types';
|
|
3
|
+
import { MiddlewareRouteHandlerResult } from './types';
|
|
4
|
+
export declare const handleCrossDomainLogout: ({ host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }: {
|
|
5
|
+
host: string;
|
|
6
|
+
protocol: string;
|
|
7
|
+
request: NextRequest;
|
|
8
|
+
auth0Config: Auth0Config;
|
|
9
|
+
}) => MiddlewareRouteHandlerResult;
|
|
10
|
+
export declare const deleteRelatedSessionCookies: ({ host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }: {
|
|
11
|
+
host: string;
|
|
12
|
+
request: NextRequest;
|
|
13
|
+
response: NextResponse;
|
|
14
|
+
auth0Config: Auth0Config;
|
|
15
|
+
}) => MiddlewareRouteHandlerResult;
|