@smg-automotive/auth 8.1.5-instrumentation-with-debug.1 → 8.1.5-instrumentation-with-debug.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/cjs/server/helpers/getUser.js +0 -1
- package/dist/cjs/server/helpers/getUser.js.map +1 -1
- package/dist/cjs/server/middleware/index.js +27 -9
- package/dist/cjs/server/middleware/index.js.map +1 -1
- package/dist/cjs/server/middleware/logout.d.ts +4 -2
- package/dist/cjs/server/middleware/logout.js +10 -8
- package/dist/cjs/server/middleware/logout.js.map +1 -1
- package/dist/cjs/server/middleware/proactivelyRefreshAccessToken.d.ts +2 -1
- package/dist/cjs/server/middleware/proactivelyRefreshAccessToken.js +4 -2
- package/dist/cjs/server/middleware/proactivelyRefreshAccessToken.js.map +1 -1
- package/dist/cjs/server/middleware/profile.d.ts +2 -1
- package/dist/cjs/server/middleware/profile.js +8 -4
- package/dist/cjs/server/middleware/profile.js.map +1 -1
- package/dist/cjs/server/middleware/protectRoute.d.ts +2 -1
- package/dist/cjs/server/middleware/protectRoute.js +15 -7
- package/dist/cjs/server/middleware/protectRoute.js.map +1 -1
- package/dist/cjs/server/middleware/token.d.ts +2 -1
- package/dist/cjs/server/middleware/token.js +10 -5
- package/dist/cjs/server/middleware/token.js.map +1 -1
- package/dist/esm/server/helpers/getUser.js +0 -1
- package/dist/esm/server/helpers/getUser.js.map +1 -1
- package/dist/esm/server/middleware/index.js +27 -9
- package/dist/esm/server/middleware/index.js.map +1 -1
- package/dist/esm/server/middleware/logout.d.ts +4 -2
- package/dist/esm/server/middleware/logout.js +10 -8
- package/dist/esm/server/middleware/logout.js.map +1 -1
- package/dist/esm/server/middleware/proactivelyRefreshAccessToken.d.ts +2 -1
- package/dist/esm/server/middleware/proactivelyRefreshAccessToken.js +4 -2
- package/dist/esm/server/middleware/proactivelyRefreshAccessToken.js.map +1 -1
- package/dist/esm/server/middleware/profile.d.ts +2 -1
- package/dist/esm/server/middleware/profile.js +8 -4
- package/dist/esm/server/middleware/profile.js.map +1 -1
- package/dist/esm/server/middleware/protectRoute.d.ts +2 -1
- package/dist/esm/server/middleware/protectRoute.js +15 -7
- package/dist/esm/server/middleware/protectRoute.js.map +1 -1
- package/dist/esm/server/middleware/token.d.ts +2 -1
- package/dist/esm/server/middleware/token.js +10 -5
- package/dist/esm/server/middleware/token.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -273,7 +273,7 @@ Enable specific namespaces:
|
|
|
273
273
|
DEBUG=@smg-automotive/auth:middleware,@smg-automotive/auth:token
|
|
274
274
|
|
|
275
275
|
# Enable user and profile debugging
|
|
276
|
-
DEBUG=@smg-automotive/auth:user
|
|
276
|
+
DEBUG=@smg-automotive/auth:user,@smg-automotive/auth:profile
|
|
277
277
|
```
|
|
278
278
|
|
|
279
279
|
Enable debugging in your Next.js application by setting the environment variable:
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getUser.js","sources":["../../../../../src/server/helpers/getUser.ts"],"sourcesContent":[null],"names":["debug","getAuth0Instance","getAccessToken","enrichUser"],"mappings":";;;;;;;;;;;AAYA,MAAM,GAAG,GAAGA,sBAAK,CAAC,2BAA2B,CAAC;AAE9C,MAAM,cAAc,GAAG,OAAO,EAC5B,QAAQ,EACR,IAAI,EACJ,OAAO,GACwC,KAAI;IACnD,GAAG,CAAC,yBAAyB,EAAE;QAC7B,IAAI;QACJ,QAAQ;AACR,QAAA,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO;AAC/B,KAAA,CAAC;IACF,MAAM,aAAa,GAAGC,iCAAgB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AAE1D,IAAA,MAAM,OAAO,GAAG,OAAO,EAAE;UACrB,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO;AAChD,UAAE,MAAM,aAAa,CAAC,UAAU,EAAE;AAEpC,IAAA,GAAG,CAAC,mBAAmB,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC;AAC7E,IAAA,OAAO,OAAO;AAChB,CAAC;AAEM,MAAM,OAAO,GAAG,OAAO,EAC5B,OAAO,EACP,IAAI,EACJ,QAAQ,GAEY,KAAiC;IACrD,GAAG,CAAC,cAAc,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AACvC,IAAA,MAAM,WAAW,GAAG,MAAM,cAAc,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;IACrE,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE;QACrC,GAAG,CAAC,0BAA0B,CAAC;AAC/B,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,IAAI,GAAG,WAAW,CAAC,IAAmB;IAC5C,GAAG,CAAC,gBAAgB,EAAE;QACpB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;
|
|
1
|
+
{"version":3,"file":"getUser.js","sources":["../../../../../src/server/helpers/getUser.ts"],"sourcesContent":[null],"names":["debug","getAuth0Instance","getAccessToken","enrichUser"],"mappings":";;;;;;;;;;;AAYA,MAAM,GAAG,GAAGA,sBAAK,CAAC,2BAA2B,CAAC;AAE9C,MAAM,cAAc,GAAG,OAAO,EAC5B,QAAQ,EACR,IAAI,EACJ,OAAO,GACwC,KAAI;IACnD,GAAG,CAAC,yBAAyB,EAAE;QAC7B,IAAI;QACJ,QAAQ;AACR,QAAA,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO;AAC/B,KAAA,CAAC;IACF,MAAM,aAAa,GAAGC,iCAAgB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AAE1D,IAAA,MAAM,OAAO,GAAG,OAAO,EAAE;UACrB,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO;AAChD,UAAE,MAAM,aAAa,CAAC,UAAU,EAAE;AAEpC,IAAA,GAAG,CAAC,mBAAmB,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC;AAC7E,IAAA,OAAO,OAAO;AAChB,CAAC;AAEM,MAAM,OAAO,GAAG,OAAO,EAC5B,OAAO,EACP,IAAI,EACJ,QAAQ,GAEY,KAAiC;IACrD,GAAG,CAAC,cAAc,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AACvC,IAAA,MAAM,WAAW,GAAG,MAAM,cAAc,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;IACrE,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE;QACrC,GAAG,CAAC,0BAA0B,CAAC;AAC/B,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,IAAI,GAAG,WAAW,CAAC,IAAmB;IAC5C,GAAG,CAAC,gBAAgB,EAAE;QACpB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;AACxB,KAAA,CAAC;AACF,IAAA,OAAO,IAAI;AACb;AAEO,MAAM,eAAe,GAAG,OAAO,EACpC,KAAK,EACL,OAAO,EACP,IAAI,EACJ,QAAQ,GAIP,KAAyC;IAC1C,GAAG,CAAC,uBAAuB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AACvD,IAAA,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;IACvD,IAAI,CAAC,IAAI,EAAE;QACT,GAAG,CAAC,8BAA8B,CAAC;AACnC,QAAA,OAAO,IAAI;IACb;IAEA,GAAG,CAAC,wCAAwC,CAAC;AAC7C,IAAA,MAAM,WAAW,GAAG,MAAMC,6BAAc,CAAC;QACvC,IAAI;QACJ,QAAQ;QACR,OAAO;AACR,KAAA,CAAC;IACF,GAAG,CAAC,wCAAwC,CAAC;AAC7C,IAAA,MAAM,YAAY,GAAG,MAAMC,kBAAU,CAAC;QACpC,IAAI;QACJ,WAAW;QACX,KAAK;AACN,KAAA,CAAC;IACF,GAAG,CAAC,4BAA4B,EAAE;QAChC,MAAM,EAAE,YAAY,CAAC,MAAM;QAC3B,QAAQ,EAAE,YAAY,CAAC,QAAQ;AAC/B,QAAA,eAAe,EAAE,CAAC,CAAC,YAAY,CAAC,YAAY;AAC7C,KAAA,CAAC;AACF,IAAA,OAAO,YAAY;AACrB;;;;;"}
|
|
@@ -16,6 +16,16 @@ function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'defau
|
|
|
16
16
|
var debug__default = /*#__PURE__*/_interopDefaultCompat(debug);
|
|
17
17
|
|
|
18
18
|
const log = debug__default.default('@smg-automotive/auth:middleware');
|
|
19
|
+
const generateRequestId = () => {
|
|
20
|
+
// UUID v4 format: xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx
|
|
21
|
+
// where x is any hex digit and y is one of 8, 9, A, B
|
|
22
|
+
return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, (c) => {
|
|
23
|
+
// eslint-disable-next-line sonarjs/pseudo-random
|
|
24
|
+
const r = (Math.random() * 16) | 0;
|
|
25
|
+
const v = c === 'x' ? r : (r & 0x3) | 0x8;
|
|
26
|
+
return v.toString(16);
|
|
27
|
+
});
|
|
28
|
+
};
|
|
19
29
|
const isAuthRoute = (pathname, auth0Config) => {
|
|
20
30
|
const { loginEndpoint, logoutEndpoint, callbackEndpoint, userProfileEndpoint, tokenEndpoint, } = auth0Config;
|
|
21
31
|
return [
|
|
@@ -27,8 +37,10 @@ const isAuthRoute = (pathname, auth0Config) => {
|
|
|
27
37
|
].includes(pathname);
|
|
28
38
|
};
|
|
29
39
|
const authMiddleware = async ({ request, isProtectedRoute, language, host, protocol, onError, brand, }) => {
|
|
40
|
+
const requestId = generateRequestId();
|
|
30
41
|
const { pathname } = request.nextUrl;
|
|
31
42
|
log('Processing request', {
|
|
43
|
+
requestId,
|
|
32
44
|
pathname,
|
|
33
45
|
host,
|
|
34
46
|
protocol,
|
|
@@ -40,31 +52,34 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
40
52
|
});
|
|
41
53
|
const auth0Config = auth0.getAuth0Config();
|
|
42
54
|
const isAuthErrorRoute = pathname.endsWith(auth0Config.globalAuthErrorPath);
|
|
43
|
-
log('Auth route check', { pathname, isAuthErrorRoute });
|
|
55
|
+
log('Auth route check', { requestId, pathname, isAuthErrorRoute });
|
|
44
56
|
const crossDomainLogoutResult = logout.handleCrossDomainLogout({
|
|
57
|
+
requestId,
|
|
45
58
|
host,
|
|
46
59
|
protocol,
|
|
47
60
|
request,
|
|
48
61
|
auth0Config,
|
|
49
62
|
});
|
|
50
63
|
if (crossDomainLogoutResult) {
|
|
51
|
-
log('Cross-domain logout detected, redirecting');
|
|
64
|
+
log('Cross-domain logout detected, redirecting', { requestId });
|
|
52
65
|
return crossDomainLogoutResult;
|
|
53
66
|
}
|
|
54
67
|
login.addLoginParams({
|
|
55
68
|
request,
|
|
56
69
|
auth0Config,
|
|
57
70
|
});
|
|
58
|
-
log('Calling Auth0 middleware');
|
|
71
|
+
log('Calling Auth0 middleware', { requestId });
|
|
59
72
|
const authResponse = await auth0Instance.middleware(request);
|
|
60
|
-
log('Auth0 middleware completed', { status: authResponse.status });
|
|
73
|
+
log('Auth0 middleware completed', { requestId, status: authResponse.status });
|
|
61
74
|
logout.deleteRelatedSessionCookies({
|
|
75
|
+
requestId,
|
|
62
76
|
host,
|
|
63
77
|
request,
|
|
64
78
|
response: authResponse,
|
|
65
79
|
auth0Config,
|
|
66
80
|
});
|
|
67
81
|
const accessTokenRequestResult = await token.handleAccessTokenRequest({
|
|
82
|
+
requestId,
|
|
68
83
|
request,
|
|
69
84
|
response: authResponse,
|
|
70
85
|
auth0Instance,
|
|
@@ -72,10 +87,11 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
72
87
|
onError,
|
|
73
88
|
});
|
|
74
89
|
if (accessTokenRequestResult) {
|
|
75
|
-
log('Access token request handled');
|
|
90
|
+
log('Access token request handled', { requestId });
|
|
76
91
|
return accessTokenRequestResult;
|
|
77
92
|
}
|
|
78
93
|
const handleUserProfileResult = await profile.handleUserProfile({
|
|
94
|
+
requestId,
|
|
79
95
|
request,
|
|
80
96
|
response: authResponse,
|
|
81
97
|
auth0Instance,
|
|
@@ -83,16 +99,17 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
83
99
|
brand,
|
|
84
100
|
});
|
|
85
101
|
if (handleUserProfileResult) {
|
|
86
|
-
log('User profile request handled');
|
|
102
|
+
log('User profile request handled', { requestId });
|
|
87
103
|
return handleUserProfileResult;
|
|
88
104
|
}
|
|
89
105
|
if (isAuthRoute(pathname, auth0Config) || isAuthErrorRoute) {
|
|
90
|
-
log('Auth route, returning response');
|
|
106
|
+
log('Auth route, returning response', { requestId });
|
|
91
107
|
return authResponse;
|
|
92
108
|
}
|
|
93
109
|
const isProtected = !isAuthErrorRoute && isProtectedRoute(pathname);
|
|
94
|
-
log('Route protection check', { pathname, isProtected });
|
|
110
|
+
log('Route protection check', { requestId, pathname, isProtected });
|
|
95
111
|
const protectRouteResult = await protectRoute.protectRoute({
|
|
112
|
+
requestId,
|
|
96
113
|
isProtected,
|
|
97
114
|
auth0Instance,
|
|
98
115
|
auth0Config,
|
|
@@ -103,11 +120,12 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
103
120
|
});
|
|
104
121
|
if (protectRouteResult) {
|
|
105
122
|
log('Route protection handled', {
|
|
123
|
+
requestId,
|
|
106
124
|
redirected: protectRouteResult.status === 307,
|
|
107
125
|
});
|
|
108
126
|
return protectRouteResult;
|
|
109
127
|
}
|
|
110
|
-
log('Request completed, combining headers');
|
|
128
|
+
log('Request completed, combining headers', { requestId });
|
|
111
129
|
return combineHeaders.combineHeaders({
|
|
112
130
|
middlewareResponse: server.NextResponse.next({
|
|
113
131
|
request: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":["debug","getAuth0Instance","getAuth0Config","handleCrossDomainLogout","addLoginParams","deleteRelatedSessionCookies","handleAccessTokenRequest","handleUserProfile","protectRoute","combineHeaders","NextResponse"],"mappings":";;;;;;;;;;;;;;;;;AAgBA,MAAM,GAAG,GAAGA,sBAAK,CAAC,iCAAiC,CAAC;AAEpD,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,KAAK,GASN,KAA2B;AAC1B,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO;IACpC,GAAG,CAAC,oBAAoB,EAAE;QACxB,QAAQ;QACR,IAAI;QACJ,QAAQ;QACR,MAAM,EAAE,OAAO,CAAC,MAAM;AACvB,KAAA,CAAC;IAEF,MAAM,aAAa,GAAGC,iCAAgB,CAAC;QACrC,IAAI;QACJ,QAAQ;AACT,KAAA,CAAC;AAEF,IAAA,MAAM,WAAW,GAAGC,oBAAc,EAAE;IACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC3E,GAAG,CAAC,kBAAkB,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":["debug","getAuth0Instance","getAuth0Config","handleCrossDomainLogout","addLoginParams","deleteRelatedSessionCookies","handleAccessTokenRequest","handleUserProfile","protectRoute","combineHeaders","NextResponse"],"mappings":";;;;;;;;;;;;;;;;;AAgBA,MAAM,GAAG,GAAGA,sBAAK,CAAC,iCAAiC,CAAC;AAEpD,MAAM,iBAAiB,GAAG,MAAa;;;IAGrC,OAAO,sCAAsC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,KAAI;;AAEnE,QAAA,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC;AAClC,QAAA,MAAM,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,IAAI,GAAG;AACzC,QAAA,OAAO,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;AACvB,IAAA,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,KAAK,GASN,KAA2B;AAC1B,IAAA,MAAM,SAAS,GAAG,iBAAiB,EAAE;AACrC,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO;IACpC,GAAG,CAAC,oBAAoB,EAAE;QACxB,SAAS;QACT,QAAQ;QACR,IAAI;QACJ,QAAQ;QACR,MAAM,EAAE,OAAO,CAAC,MAAM;AACvB,KAAA,CAAC;IAEF,MAAM,aAAa,GAAGC,iCAAgB,CAAC;QACrC,IAAI;QACJ,QAAQ;AACT,KAAA,CAAC;AAEF,IAAA,MAAM,WAAW,GAAGC,oBAAc,EAAE;IACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC3E,GAAG,CAAC,kBAAkB,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC;IAElE,MAAM,uBAAuB,GAAGC,8BAAuB,CAAC;QACtD,SAAS;QACT,IAAI;QACJ,QAAQ;QACR,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;AAC3B,QAAA,GAAG,CAAC,2CAA2C,EAAE,EAAE,SAAS,EAAE,CAAC;AAC/D,QAAA,OAAO,uBAAuB;IAChC;AAEA,IAAAC,oBAAc,CAAC;QACb,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,GAAG,CAAC,0BAA0B,EAAE,EAAE,SAAS,EAAE,CAAC;IAC9C,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;AAC5D,IAAA,GAAG,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,EAAE,CAAC;AAE7E,IAAAC,kCAA2B,CAAC;QAC1B,SAAS;QACT,IAAI;QACJ,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,MAAM,wBAAwB,GAAG,MAAMC,8BAAwB,CAAC;QAC9D,SAAS;QACT,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,OAAO;AACR,KAAA,CAAC;IACF,IAAI,wBAAwB,EAAE;AAC5B,QAAA,GAAG,CAAC,8BAA8B,EAAE,EAAE,SAAS,EAAE,CAAC;AAClD,QAAA,OAAO,wBAAwB;IACjC;AAEA,IAAA,MAAM,uBAAuB,GAAG,MAAMC,yBAAiB,CAAC;QACtD,SAAS;QACT,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,KAAK;AACN,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;AAC3B,QAAA,GAAG,CAAC,8BAA8B,EAAE,EAAE,SAAS,EAAE,CAAC;AAClD,QAAA,OAAO,uBAAuB;IAChC;IAEA,IAAI,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,IAAI,gBAAgB,EAAE;AAC1D,QAAA,GAAG,CAAC,gCAAgC,EAAE,EAAE,SAAS,EAAE,CAAC;AACpD,QAAA,OAAO,YAAY;IACrB;IAEA,MAAM,WAAW,GAAG,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,QAAQ,CAAC;IACnE,GAAG,CAAC,wBAAwB,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;AACnE,IAAA,MAAM,kBAAkB,GAAG,MAAMC,yBAAY,CAAC;QAC5C,SAAS;QACT,WAAW;QACX,aAAa;QACb,WAAW;QACX,QAAQ;QACR,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,OAAO;AACR,KAAA,CAAC;IACF,IAAI,kBAAkB,EAAE;QACtB,GAAG,CAAC,0BAA0B,EAAE;YAC9B,SAAS;AACT,YAAA,UAAU,EAAE,kBAAkB,CAAC,MAAM,KAAK,GAAG;AAC9C,SAAA,CAAC;AACF,QAAA,OAAO,kBAAkB;IAC3B;AAEA,IAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;AAC1D,IAAA,OAAOC,6BAAc,CAAC;AACpB,QAAA,kBAAkB,EAAEC,mBAAY,CAAC,IAAI,CAAC;AACpC,YAAA,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;AACzB,aAAA;SACF,CAAC;QACF,YAAY;AACb,KAAA,CAAC;AACJ;;;;"}
|
|
@@ -1,12 +1,14 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
2
|
import { Auth0Config } from 'src/types';
|
|
3
|
-
export declare const handleCrossDomainLogout: ({ host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }: {
|
|
3
|
+
export declare const handleCrossDomainLogout: ({ requestId, host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }: {
|
|
4
|
+
requestId: string;
|
|
4
5
|
host: string;
|
|
5
6
|
protocol: string;
|
|
6
7
|
request: NextRequest;
|
|
7
8
|
auth0Config: Auth0Config;
|
|
8
9
|
}) => NextResponse | void;
|
|
9
|
-
export declare const deleteRelatedSessionCookies: ({ host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }: {
|
|
10
|
+
export declare const deleteRelatedSessionCookies: ({ requestId, host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }: {
|
|
11
|
+
requestId: string;
|
|
10
12
|
host: string;
|
|
11
13
|
request: NextRequest;
|
|
12
14
|
response: NextResponse;
|
|
@@ -49,14 +49,14 @@ const getOtherDomainHost = (currentHost) => {
|
|
|
49
49
|
}
|
|
50
50
|
return currentHost;
|
|
51
51
|
};
|
|
52
|
-
const handleCrossDomainLogout = ({ host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }) => {
|
|
52
|
+
const handleCrossDomainLogout = ({ requestId, host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }) => {
|
|
53
53
|
if (request.nextUrl.pathname !== logoutEndpoint)
|
|
54
54
|
return;
|
|
55
|
-
log('Handling logout request', { host, protocol });
|
|
55
|
+
log('Handling logout request', { requestId, host, protocol });
|
|
56
56
|
const searchParams = new URLSearchParams(request.nextUrl.search);
|
|
57
57
|
const specifiedReturnTo = searchParams.get('returnTo') || '';
|
|
58
58
|
const crossDomainLogout = searchParams.get('crossDomain') === 'true';
|
|
59
|
-
log('Logout parameters', { specifiedReturnTo, crossDomainLogout });
|
|
59
|
+
log('Logout parameters', { requestId, specifiedReturnTo, crossDomainLogout });
|
|
60
60
|
const otherDomainHost = getOtherDomainHost(host);
|
|
61
61
|
const currentDomainUrl = `${protocol}://${host}`;
|
|
62
62
|
const locale = searchParams.get('locale');
|
|
@@ -68,12 +68,12 @@ const handleCrossDomainLogout = ({ host, protocol, request, auth0Config: { langu
|
|
|
68
68
|
pathOrUrl: specifiedReturnTo,
|
|
69
69
|
crossDomainLogout,
|
|
70
70
|
});
|
|
71
|
-
log('ReturnTo validation', { isSafePath, specifiedReturnTo });
|
|
71
|
+
log('ReturnTo validation', { requestId, isSafePath, specifiedReturnTo });
|
|
72
72
|
if (isSafePath && specifiedReturnTo) {
|
|
73
73
|
returnTo = specifiedReturnTo;
|
|
74
74
|
}
|
|
75
75
|
if (!crossDomainLogout && otherDomainHost && otherDomainHost !== host) {
|
|
76
|
-
log('Initiating cross-domain logout', { otherDomainHost });
|
|
76
|
+
log('Initiating cross-domain logout', { requestId, otherDomainHost });
|
|
77
77
|
const backToCurrentDomainUrl = new URL(logoutEndpoint, currentDomainUrl);
|
|
78
78
|
backToCurrentDomainUrl.searchParams.set('returnTo', returnTo);
|
|
79
79
|
backToCurrentDomainUrl.searchParams.set('crossDomain', 'true');
|
|
@@ -81,6 +81,7 @@ const handleCrossDomainLogout = ({ host, protocol, request, auth0Config: { langu
|
|
|
81
81
|
otherDomainLogoutUrl.searchParams.set('crossDomain', 'true');
|
|
82
82
|
otherDomainLogoutUrl.searchParams.set('returnTo', backToCurrentDomainUrl.toString());
|
|
83
83
|
log('Redirecting to other domain for logout', {
|
|
84
|
+
requestId,
|
|
84
85
|
otherDomainHost,
|
|
85
86
|
returnUrl: backToCurrentDomainUrl.toString(),
|
|
86
87
|
});
|
|
@@ -107,10 +108,11 @@ const getLegacyCookieDomain = (hostname) => {
|
|
|
107
108
|
const base = parts.slice(-2).join('.');
|
|
108
109
|
return `.${base}`;
|
|
109
110
|
};
|
|
110
|
-
const deleteRelatedSessionCookies = ({ host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }) => {
|
|
111
|
+
const deleteRelatedSessionCookies = ({ requestId, host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }) => {
|
|
111
112
|
if (request.nextUrl.pathname !== logoutEndpoint || !response)
|
|
112
113
|
return;
|
|
113
114
|
log('Deleting session cookies', {
|
|
115
|
+
requestId,
|
|
114
116
|
host,
|
|
115
117
|
cookieCount: authCookieNames.length,
|
|
116
118
|
});
|
|
@@ -132,7 +134,7 @@ const deleteRelatedSessionCookies = ({ host, request, response, auth0Config: { l
|
|
|
132
134
|
});
|
|
133
135
|
});
|
|
134
136
|
const legacyCookieDomain = getLegacyCookieDomain(host);
|
|
135
|
-
log('Deleting legacy cookies', { legacyCookieDomain });
|
|
137
|
+
log('Deleting legacy cookies', { requestId, legacyCookieDomain });
|
|
136
138
|
response.cookies.delete({
|
|
137
139
|
name: legacyAccessTokenName,
|
|
138
140
|
maxAge: 0,
|
|
@@ -145,7 +147,7 @@ const deleteRelatedSessionCookies = ({ host, request, response, auth0Config: { l
|
|
|
145
147
|
path: '/',
|
|
146
148
|
domain: legacyCookieDomain,
|
|
147
149
|
});
|
|
148
|
-
log('All session cookies deleted');
|
|
150
|
+
log('All session cookies deleted', { requestId });
|
|
149
151
|
};
|
|
150
152
|
|
|
151
153
|
exports.deleteRelatedSessionCookies = deleteRelatedSessionCookies;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logout.js","sources":["../../../../../src/server/middleware/logout.ts"],"sourcesContent":[null],"names":["debug","NextResponse"],"mappings":";;;;;;;;;AAKA,MAAM,GAAG,GAAGA,sBAAK,CAAC,6BAA6B,CAAC;AAEhD,MAAM,gBAAgB,GAAG,CAAC,EACxB,SAAS,EACT,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,iBAAiB,GAOlB,KAAI;IACH,IAAI,OAAO,SAAS,KAAK,QAAQ;AAAE,QAAA,OAAO,KAAK;AAC/C,IAAA,IAAI,SAAS,CAAC,MAAM,GAAG,IAAI;AAAE,QAAA,OAAO,KAAK;AAEzC,IAAA,IAAI;AACF,QAAA,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,SAAS,CAAC;QACtD,MAAM,KAAK,GAAG,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC;QACjD,MAAM,eAAe,GAAG,IAAI,GAAG,CAC7B,KAAK,GAAG,gBAAgB,GAAG,GAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,CAAA,EAAG,gBAAgB,CAAA,CAAE,CACtE;AACD,QAAA,MAAM,WAAW,GAAG,eAAe,CAAC,QAAQ;AAE5C,QAAA,IACE,iBAAiB;YACjB,KAAK;AACL,YAAA,eAAe,CAAC,IAAI,KAAK,eAAe,EACxC;AACA,YAAA,OAAO,KAAK;QACd;QAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,CAAC,IAAI,KAAK,IAAI,EAAE;AACvD,YAAA,OAAO,KAAK;QACd;AAEA,QAAA,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;AAChE,YAAA,OAAO,KAAK;QACd;;;QAIA,MAAM,eAAe,GAAG,yBAAyB;AACjD,QAAA,OAAO,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC;IAC1C;IAAE,OAAO,KAAK,EAAE;;AAEd,QAAA,OAAO,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,CAAC;AACjD,QAAA,OAAO,KAAK;IACd;AACF,CAAC;AAED,MAAM,kBAAkB,GAAG,CAAC,WAAmB,KAAY;AACzD,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,OAAO,WAAW;AACpB,CAAC;MAEY,uBAAuB,GAAG,CAAC,EACtC,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,WAAW,EAAE,EAAE,cAAc,EAAE,cAAc,EAAE,
|
|
1
|
+
{"version":3,"file":"logout.js","sources":["../../../../../src/server/middleware/logout.ts"],"sourcesContent":[null],"names":["debug","NextResponse"],"mappings":";;;;;;;;;AAKA,MAAM,GAAG,GAAGA,sBAAK,CAAC,6BAA6B,CAAC;AAEhD,MAAM,gBAAgB,GAAG,CAAC,EACxB,SAAS,EACT,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,iBAAiB,GAOlB,KAAI;IACH,IAAI,OAAO,SAAS,KAAK,QAAQ;AAAE,QAAA,OAAO,KAAK;AAC/C,IAAA,IAAI,SAAS,CAAC,MAAM,GAAG,IAAI;AAAE,QAAA,OAAO,KAAK;AAEzC,IAAA,IAAI;AACF,QAAA,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,SAAS,CAAC;QACtD,MAAM,KAAK,GAAG,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC;QACjD,MAAM,eAAe,GAAG,IAAI,GAAG,CAC7B,KAAK,GAAG,gBAAgB,GAAG,GAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,CAAA,EAAG,gBAAgB,CAAA,CAAE,CACtE;AACD,QAAA,MAAM,WAAW,GAAG,eAAe,CAAC,QAAQ;AAE5C,QAAA,IACE,iBAAiB;YACjB,KAAK;AACL,YAAA,eAAe,CAAC,IAAI,KAAK,eAAe,EACxC;AACA,YAAA,OAAO,KAAK;QACd;QAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,CAAC,IAAI,KAAK,IAAI,EAAE;AACvD,YAAA,OAAO,KAAK;QACd;AAEA,QAAA,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;AAChE,YAAA,OAAO,KAAK;QACd;;;QAIA,MAAM,eAAe,GAAG,yBAAyB;AACjD,QAAA,OAAO,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC;IAC1C;IAAE,OAAO,KAAK,EAAE;;AAEd,QAAA,OAAO,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,CAAC;AACjD,QAAA,OAAO,KAAK;IACd;AACF,CAAC;AAED,MAAM,kBAAkB,GAAG,CAAC,WAAmB,KAAY;AACzD,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,OAAO,WAAW;AACpB,CAAC;MAEY,uBAAuB,GAAG,CAAC,EACtC,SAAS,EACT,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,WAAW,EAAE,EAAE,cAAc,EAAE,cAAc,EAAE,GAOhD,KAAyB;AACxB,IAAA,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,cAAc;QAAE;IAEjD,GAAG,CAAC,yBAAyB,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAC7D,MAAM,YAAY,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC;IAEhE,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE;IAC5D,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CAAC,aAAa,CAAC,KAAK,MAAM;IACpE,GAAG,CAAC,mBAAmB,EAAE,EAAE,SAAS,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,CAAC;AAE7E,IAAA,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,CAAC;AAChD,IAAA,MAAM,gBAAgB,GAAG,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,EAAE;IAChD,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC;AACzC,IAAA,IAAI,QAAQ,GAAG,MAAM,GAAG,CAAA,CAAA,EAAI,MAAM,CAAA,CAAE,GAAG,CAAA,CAAA,EAAI,cAAc,CAAC,OAAO,EAAE;IACnE,MAAM,UAAU,GAAG,gBAAgB,CAAC;QAClC,QAAQ;QACR,IAAI;QACJ,eAAe;AACf,QAAA,SAAS,EAAE,iBAAiB;QAC5B,iBAAiB;AAClB,KAAA,CAAC;IACF,GAAG,CAAC,qBAAqB,EAAE,EAAE,SAAS,EAAE,UAAU,EAAE,iBAAiB,EAAE,CAAC;AACxE,IAAA,IAAI,UAAU,IAAI,iBAAiB,EAAE;QACnC,QAAQ,GAAG,iBAAiB;IAC9B;IAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,IAAI,eAAe,KAAK,IAAI,EAAE;QACrE,GAAG,CAAC,gCAAgC,EAAE,EAAE,SAAS,EAAE,eAAe,EAAE,CAAC;QACrE,MAAM,sBAAsB,GAAG,IAAI,GAAG,CAAC,cAAc,EAAE,gBAAgB,CAAC;QACxE,sBAAsB,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC;QAC7D,sBAAsB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC;AAE9D,QAAA,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAClC,cAAc,EACd,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,eAAe,CAAA,CAAE,CACnC;QACD,oBAAoB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC;AAC5D,QAAA,oBAAoB,CAAC,YAAY,CAAC,GAAG,CACnC,UAAU,EACV,sBAAsB,CAAC,QAAQ,EAAE,CAClC;QAED,GAAG,CAAC,wCAAwC,EAAE;YAC5C,SAAS;YACT,eAAe;AACf,YAAA,SAAS,EAAE,sBAAsB,CAAC,QAAQ,EAAE;AAC7C,SAAA,CAAC;AACF,QAAA,OAAOC,mBAAY,CAAC,QAAQ,CAAC,oBAAoB,EAAE;AACjD,YAAA,MAAM,EAAE,GAAG;AACZ,SAAA,CAAC;IACJ;IAEA,IAAI,aAAa,GAAG,KAAK;AACzB,IAAA,IAAI;AACF,QAAA,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC;AACpD,QAAA,aAAa,GAAG,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC;IACpD;IAAE,OAAO,KAAK,EAAE;;AAEd,QAAA,OAAO,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,CAAC;IACjD;AAEA,IAAA,YAAY,CAAC,GAAG,CACd,UAAU,EACV,aAAa,GAAG,QAAQ,GAAG,CAAA,EAAG,gBAAgB,GAAG,QAAQ,CAAA,CAAE,CAC5D;IACD,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,YAAY,CAAC,QAAQ,EAAE;AAClD;AAEA,MAAM,qBAAqB,GAAG,CAAC,QAAgB,KAAI;IACjD,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC;AACjC,IAAA,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAE;AAE3C,IAAA,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;IACtC,OAAO,CAAA,CAAA,EAAI,IAAI,CAAA,CAAE;AACnB,CAAC;AAEM,MAAM,2BAA2B,GAAG,CAAC,EAC1C,SAAS,EACT,IAAI,EACJ,OAAO,EACP,QAAQ,EACR,WAAW,EAAE,EACX,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,sBAAsB,GACvB,GAOF,KAAI;IACH,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,cAAc,IAAI,CAAC,QAAQ;QAAE;IAE9D,GAAG,CAAC,0BAA0B,EAAE;QAC9B,SAAS;QACT,IAAI;QACJ,WAAW,EAAE,eAAe,CAAC,MAAM;AACpC,KAAA,CAAC;AACF,IAAA,eAAe,CAAC,OAAO,CAAC,CAAC,UAAU,KAAI;AACrC,QAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,YAAA,IAAI,EAAE,UAAU;AAChB,YAAA,MAAM,EAAE,CAAC;AACT,YAAA,IAAI,EAAE,GAAG;AACV,SAAA,CAAC;AACF,QAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;YACtB,IAAI,EAAE,CAAA,EAAG,UAAU,CAAA,GAAA,CAAK;AACxB,YAAA,MAAM,EAAE,CAAC;AACT,YAAA,IAAI,EAAE,GAAG;AACV,SAAA,CAAC;AACF,QAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;YACtB,IAAI,EAAE,CAAA,EAAG,UAAU,CAAA,GAAA,CAAK;AACxB,YAAA,MAAM,EAAE,CAAC;AACT,YAAA,IAAI,EAAE,GAAG;AACV,SAAA,CAAC;AACJ,IAAA,CAAC,CAAC;AAEF,IAAA,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,IAAI,CAAC;IACtD,GAAG,CAAC,yBAAyB,EAAE,EAAE,SAAS,EAAE,kBAAkB,EAAE,CAAC;AACjE,IAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,QAAA,IAAI,EAAE,qBAAqB;AAC3B,QAAA,MAAM,EAAE,CAAC;AACT,QAAA,IAAI,EAAE,GAAG;AACT,QAAA,MAAM,EAAE,kBAAkB;AAC3B,KAAA,CAAC;AACF,IAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,QAAA,IAAI,EAAE,sBAAsB;AAC5B,QAAA,MAAM,EAAE,CAAC;AACT,QAAA,IAAI,EAAE,GAAG;AACT,QAAA,MAAM,EAAE,kBAAkB;AAC3B,KAAA,CAAC;AACF,IAAA,GAAG,CAAC,6BAA6B,EAAE,EAAE,SAAS,EAAE,CAAC;AACnD;;;;;"}
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
2
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
3
3
|
import { Auth0Config } from 'src/types/auth0/config';
|
|
4
|
-
export declare const proactivelyRefreshAccessToken: ({ request, response, auth0Instance, auth0Config, }: {
|
|
4
|
+
export declare const proactivelyRefreshAccessToken: ({ requestId, request, response, auth0Instance, auth0Config, }: {
|
|
5
|
+
requestId: string;
|
|
5
6
|
request: NextRequest;
|
|
6
7
|
response: NextResponse;
|
|
7
8
|
auth0Instance: Auth0Client;
|
|
@@ -7,13 +7,14 @@ function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'defau
|
|
|
7
7
|
var debug__default = /*#__PURE__*/_interopDefaultCompat(debug);
|
|
8
8
|
|
|
9
9
|
const log = debug__default.default('@smg-automotive/auth:token');
|
|
10
|
-
const proactivelyRefreshAccessToken = async ({ request, response, auth0Instance, auth0Config, }) => {
|
|
11
|
-
log('Checking if token refresh is needed');
|
|
10
|
+
const proactivelyRefreshAccessToken = async ({ requestId, request, response, auth0Instance, auth0Config, }) => {
|
|
11
|
+
log('Checking if token refresh is needed', { requestId });
|
|
12
12
|
const session = await auth0Instance.getSession(request);
|
|
13
13
|
const expiresAt = session?.tokenSet.expiresAt || 0;
|
|
14
14
|
const expiresInSeconds = expiresAt - Date.now() / 1000;
|
|
15
15
|
const shouldRefresh = auth0Config.debugForceTokenRefresh || expiresAt < Date.now() / 1000 + 30;
|
|
16
16
|
log('Token refresh decision', {
|
|
17
|
+
requestId,
|
|
17
18
|
shouldRefresh,
|
|
18
19
|
expiresInSeconds: Math.round(expiresInSeconds),
|
|
19
20
|
debugForceRefresh: auth0Config.debugForceTokenRefresh,
|
|
@@ -23,6 +24,7 @@ const proactivelyRefreshAccessToken = async ({ request, response, auth0Instance,
|
|
|
23
24
|
refresh: shouldRefresh,
|
|
24
25
|
});
|
|
25
26
|
log('Access token retrieved', {
|
|
27
|
+
requestId,
|
|
26
28
|
expiresAt: result.expiresAt,
|
|
27
29
|
tokenLength: result.token.length,
|
|
28
30
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":["debug"],"mappings":";;;;;;;;AAMA,MAAM,GAAG,GAAGA,sBAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,6BAA6B,GAAG,OAAO,EAClD,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,
|
|
1
|
+
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":["debug"],"mappings":";;;;;;;;AAMA,MAAM,GAAG,GAAGA,sBAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,6BAA6B,GAAG,OAAO,EAClD,SAAS,EACT,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,GAOZ,KAAmD;AAClD,IAAA,GAAG,CAAC,qCAAqC,EAAE,EAAE,SAAS,EAAE,CAAC;IACzD,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,MAAM,SAAS,GAAG,OAAO,EAAE,QAAQ,CAAC,SAAS,IAAI,CAAC;IAClD,MAAM,gBAAgB,GAAG,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI;AACtD,IAAA,MAAM,aAAa,GACjB,WAAW,CAAC,sBAAsB,IAAI,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,EAAE;IAE1E,GAAG,CAAC,wBAAwB,EAAE;QAC5B,SAAS;QACT,aAAa;AACb,QAAA,gBAAgB,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC;QAC9C,iBAAiB,EAAE,WAAW,CAAC,sBAAsB;QACrD,UAAU,EAAE,CAAC,CAAC,OAAO;AACtB,KAAA,CAAC;IAEF,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,EAAE,QAAQ,EAAE;AACnE,QAAA,OAAO,EAAE,aAAa;AACvB,KAAA,CAAC;IAEF,GAAG,CAAC,wBAAwB,EAAE;QAC5B,SAAS;QACT,SAAS,EAAE,MAAM,CAAC,SAAS;AAC3B,QAAA,WAAW,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM;AACjC,KAAA,CAAC;AAEF,IAAA,OAAO,MAAM;AACf;;;;"}
|
|
@@ -2,7 +2,8 @@ import { NextRequest, NextResponse } from 'next/server';
|
|
|
2
2
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
3
3
|
import { Brand } from 'src/types/brand';
|
|
4
4
|
import { Auth0Config } from 'src/types';
|
|
5
|
-
export declare const handleUserProfile: ({ request, response, auth0Instance, auth0Config, brand, }: {
|
|
5
|
+
export declare const handleUserProfile: ({ requestId, request, response, auth0Instance, auth0Config, brand, }: {
|
|
6
|
+
requestId: string;
|
|
6
7
|
request: NextRequest;
|
|
7
8
|
response: NextResponse;
|
|
8
9
|
auth0Instance: Auth0Client;
|
|
@@ -23,34 +23,37 @@ const returnEmptyResponse = () => {
|
|
|
23
23
|
},
|
|
24
24
|
});
|
|
25
25
|
};
|
|
26
|
-
const handleUserProfile = async ({ request, response, auth0Instance, auth0Config, brand, }) => {
|
|
26
|
+
const handleUserProfile = async ({ requestId, request, response, auth0Instance, auth0Config, brand, }) => {
|
|
27
27
|
if (request.nextUrl.pathname !== auth0Config.userProfileEndpoint)
|
|
28
28
|
return;
|
|
29
|
-
log('Handling user profile request', { brand });
|
|
29
|
+
log('Handling user profile request', { requestId, brand });
|
|
30
30
|
const session$1 = await auth0Instance.getSession(request);
|
|
31
31
|
if (!session$1) {
|
|
32
|
-
log('No session found for profile request');
|
|
32
|
+
log('No session found for profile request', { requestId });
|
|
33
33
|
return returnEmptyResponse();
|
|
34
34
|
}
|
|
35
35
|
try {
|
|
36
36
|
const user = session$1.user;
|
|
37
37
|
log('User found, refreshing token and enriching', {
|
|
38
|
+
requestId,
|
|
38
39
|
userId: user.userId,
|
|
39
40
|
sellerId: user.sellerId,
|
|
40
41
|
});
|
|
41
42
|
const { token } = await proactivelyRefreshAccessToken.proactivelyRefreshAccessToken({
|
|
43
|
+
requestId,
|
|
42
44
|
request,
|
|
43
45
|
response,
|
|
44
46
|
auth0Instance,
|
|
45
47
|
auth0Config,
|
|
46
48
|
});
|
|
47
|
-
log('Token refreshed, enriching user');
|
|
49
|
+
log('Token refreshed, enriching user', { requestId });
|
|
48
50
|
const enrichedUser = await session.enrichUser({
|
|
49
51
|
user,
|
|
50
52
|
accessToken: token,
|
|
51
53
|
brand,
|
|
52
54
|
});
|
|
53
55
|
log('User enriched successfully', {
|
|
56
|
+
requestId,
|
|
54
57
|
userId: enrichedUser.userId,
|
|
55
58
|
sellerId: enrichedUser.sellerId,
|
|
56
59
|
hasEntitlements: !!enrichedUser.entitlements,
|
|
@@ -70,6 +73,7 @@ const handleUserProfile = async ({ request, response, auth0Instance, auth0Config
|
|
|
70
73
|
}
|
|
71
74
|
catch (error) {
|
|
72
75
|
log('User Profile error loading entitlements', {
|
|
76
|
+
requestId,
|
|
73
77
|
error: error instanceof Error ? error.message : String(error),
|
|
74
78
|
stack: error instanceof Error ? error.stack : undefined,
|
|
75
79
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"profile.js","sources":["../../../../../src/server/middleware/profile.ts"],"sourcesContent":[null],"names":["debug","NextResponse","session","proactivelyRefreshAccessToken","enrichUser","combineHeaders","addCachingHeaders"],"mappings":";;;;;;;;;;;;;AAYA,MAAM,GAAG,GAAGA,sBAAK,CAAC,8BAA8B,CAAC;AAEjD,MAAM,mBAAmB,GAAG,MAAmB;AAC7C,IAAA,OAAO,IAAIC,mBAAY,CAAC,IAAI,EAAE;AAC5B,QAAA,MAAM,EAAE,GAAG;AACX,QAAA,OAAO,EAAE;AACP,YAAA,IAAI,EAAE,uBAAuB;AAC7B,YAAA,eAAe,EACb,yDAAyD;AAC3D,YAAA,MAAM,EAAE,UAAU;AAClB,YAAA,OAAO,EAAE,GAAG;AACb,SAAA;AACF,KAAA,CAAC;AACJ,CAAC;
|
|
1
|
+
{"version":3,"file":"profile.js","sources":["../../../../../src/server/middleware/profile.ts"],"sourcesContent":[null],"names":["debug","NextResponse","session","proactivelyRefreshAccessToken","enrichUser","combineHeaders","addCachingHeaders"],"mappings":";;;;;;;;;;;;;AAYA,MAAM,GAAG,GAAGA,sBAAK,CAAC,8BAA8B,CAAC;AAEjD,MAAM,mBAAmB,GAAG,MAAmB;AAC7C,IAAA,OAAO,IAAIC,mBAAY,CAAC,IAAI,EAAE;AAC5B,QAAA,MAAM,EAAE,GAAG;AACX,QAAA,OAAO,EAAE;AACP,YAAA,IAAI,EAAE,uBAAuB;AAC7B,YAAA,eAAe,EACb,yDAAyD;AAC3D,YAAA,MAAM,EAAE,UAAU;AAClB,YAAA,OAAO,EAAE,GAAG;AACb,SAAA;AACF,KAAA,CAAC;AACJ,CAAC;MAEY,iBAAiB,GAAG,OAAO,EACtC,SAAS,EACT,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,EACX,KAAK,GAQN,KAAkC;IACjC,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,WAAW,CAAC,mBAAmB;QAAE;IAElE,GAAG,CAAC,+BAA+B,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;IAC1D,MAAMC,SAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAACA,SAAO,EAAE;AACZ,QAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;QAC1D,OAAO,mBAAmB,EAAE;IAC9B;AAEA,IAAA,IAAI;AACF,QAAA,MAAM,IAAI,GAAGA,SAAO,CAAC,IAAmB;QACxC,GAAG,CAAC,4CAA4C,EAAE;YAChD,SAAS;YACT,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;AACxB,SAAA,CAAC;AACF,QAAA,MAAM,EAAE,KAAK,EAAE,GAAG,MAAMC,2DAA6B,CAAC;YACpD,SAAS;YACT,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;AACF,QAAA,GAAG,CAAC,iCAAiC,EAAE,EAAE,SAAS,EAAE,CAAC;AACrD,QAAA,MAAM,YAAY,GAAG,MAAMC,kBAAU,CAAC;YACpC,IAAI;AACJ,YAAA,WAAW,EAAE,KAAK;YAClB,KAAK;AACN,SAAA,CAAC;QAEF,GAAG,CAAC,4BAA4B,EAAE;YAChC,SAAS;YACT,MAAM,EAAE,YAAY,CAAC,MAAM;YAC3B,QAAQ,EAAE,YAAY,CAAC,QAAQ;AAC/B,YAAA,eAAe,EAAE,CAAC,CAAC,YAAY,CAAC,YAAY;AAC7C,SAAA,CAAC;QACF,MAAM,YAAY,GAAGH,mBAAY,CAAC,IAAI,CAAC,YAAY,CAAC;QACpD,MAAM,2BAA2B,GAAGI,6BAAc,CAAC;AACjD,YAAA,kBAAkB,EAAE,YAAY;AAChC,YAAA,YAAY,EAAE,QAAQ;AACtB,YAAA,eAAe,EAAE,IAAI;AACtB,SAAA,CAAC;QACFC,mCAAiB,CAAC,2BAA2B,CAAC;;QAE9C,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE;AAC9C,YAAA,2BAA2B,CAAC,OAAO,CAAC,GAAG,CACrC,MAAM,CAAC,IAAI,EACX,MAAM,CAAC,KAAK,EACZ,MAAM,CACP;QACH;AACA,QAAA,OAAO,2BAA2B;IACpC;IAAE,OAAO,KAAK,EAAE;QACd,GAAG,CAAC,yCAAyC,EAAE;YAC7C,SAAS;AACT,YAAA,KAAK,EAAE,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC7D,YAAA,KAAK,EAAE,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,KAAK,GAAG,SAAS;AACxD,SAAA,CAAC;QAEF,OAAO,mBAAmB,EAAE;IAC9B;AACF;;;;"}
|
|
@@ -2,7 +2,8 @@ import { NextRequest, NextResponse } from 'next/server';
|
|
|
2
2
|
import { Language } from '@smg-automotive/i18n-pkg';
|
|
3
3
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
4
4
|
import { Auth0Config } from 'src/types';
|
|
5
|
-
export declare const protectRoute: ({ isProtected, auth0Instance, auth0Config, language, request, response, onError, }: {
|
|
5
|
+
export declare const protectRoute: ({ requestId, isProtected, auth0Instance, auth0Config, language, request, response, onError, }: {
|
|
6
|
+
requestId: string;
|
|
6
7
|
isProtected: boolean;
|
|
7
8
|
auth0Instance: Auth0Client;
|
|
8
9
|
auth0Config: Auth0Config;
|
|
@@ -20,17 +20,23 @@ const redirectToLogin = ({ auth0Config, language, returnTo, origin, }) => {
|
|
|
20
20
|
status: 307,
|
|
21
21
|
});
|
|
22
22
|
};
|
|
23
|
-
const protectRoute = async ({ isProtected, auth0Instance, auth0Config, language, request, response, onError, }) => {
|
|
23
|
+
const protectRoute = async ({ requestId, isProtected, auth0Instance, auth0Config, language, request, response, onError, }) => {
|
|
24
24
|
const { pathname, search, origin } = request.nextUrl;
|
|
25
|
-
log('Checking route protection', { pathname, isProtected });
|
|
25
|
+
log('Checking route protection', { requestId, pathname, isProtected });
|
|
26
26
|
const session = await auth0Instance.getSession(request);
|
|
27
|
-
log('Session check', {
|
|
27
|
+
log('Session check', {
|
|
28
|
+
requestId,
|
|
29
|
+
hasSession: !!session,
|
|
30
|
+
hasUser: !!session?.user,
|
|
31
|
+
});
|
|
28
32
|
if (!isProtected && !session?.user) {
|
|
29
|
-
log('Route not protected and no user session, allowing');
|
|
33
|
+
log('Route not protected and no user session, allowing', { requestId });
|
|
30
34
|
return response;
|
|
31
35
|
}
|
|
32
36
|
if (!session && isProtected) {
|
|
33
|
-
log('Protected route without session, redirecting to login'
|
|
37
|
+
log('Protected route without session, redirecting to login', {
|
|
38
|
+
requestId,
|
|
39
|
+
});
|
|
34
40
|
return redirectToLogin({
|
|
35
41
|
auth0Config,
|
|
36
42
|
language,
|
|
@@ -39,18 +45,20 @@ const protectRoute = async ({ isProtected, auth0Instance, auth0Config, language,
|
|
|
39
45
|
});
|
|
40
46
|
}
|
|
41
47
|
try {
|
|
42
|
-
log('Refreshing token for protected route');
|
|
48
|
+
log('Refreshing token for protected route', { requestId });
|
|
43
49
|
await proactivelyRefreshAccessToken.proactivelyRefreshAccessToken({
|
|
50
|
+
requestId,
|
|
44
51
|
request,
|
|
45
52
|
response,
|
|
46
53
|
auth0Instance,
|
|
47
54
|
auth0Config,
|
|
48
55
|
});
|
|
49
|
-
log('Token refreshed successfully, allowing access');
|
|
56
|
+
log('Token refreshed successfully, allowing access', { requestId });
|
|
50
57
|
}
|
|
51
58
|
catch (error) {
|
|
52
59
|
const authError = error;
|
|
53
60
|
log('Token refresh failed for protected route', {
|
|
61
|
+
requestId,
|
|
54
62
|
message: authError.message,
|
|
55
63
|
code: authError.code,
|
|
56
64
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":["debug","getLoginLink","NextResponse","proactivelyRefreshAccessToken"],"mappings":";;;;;;;;;;;AAWA,MAAM,GAAG,GAAGA,sBAAK,CAAC,mCAAmC,CAAC;AAEtD,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAkB;IACjB,MAAM,QAAQ,GAAGC,sBAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAOC,mBAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ,CAAC;
|
|
1
|
+
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":["debug","getLoginLink","NextResponse","proactivelyRefreshAccessToken"],"mappings":";;;;;;;;;;;AAWA,MAAM,GAAG,GAAGA,sBAAK,CAAC,mCAAmC,CAAC;AAEtD,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAkB;IACjB,MAAM,QAAQ,GAAGC,sBAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAOC,mBAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ,CAAC;AAEM,MAAM,YAAY,GAAG,OAAO,EACjC,SAAS,EACT,WAAW,EACX,aAAa,EACb,WAAW,EACX,QAAQ,EACR,OAAO,EACP,QAAQ,EACR,OAAO,GAUR,KAAkC;IACjC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;IACpD,GAAG,CAAC,2BAA2B,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;IAEtE,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,GAAG,CAAC,eAAe,EAAE;QACnB,SAAS;QACT,UAAU,EAAE,CAAC,CAAC,OAAO;AACrB,QAAA,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,IAAI;AACzB,KAAA,CAAC;IAEF,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClC,QAAA,GAAG,CAAC,mDAAmD,EAAE,EAAE,SAAS,EAAE,CAAC;AACvE,QAAA,OAAO,QAAQ;IACjB;AAEA,IAAA,IAAI,CAAC,OAAO,IAAI,WAAW,EAAE;QAC3B,GAAG,CAAC,uDAAuD,EAAE;YAC3D,SAAS;AACV,SAAA,CAAC;AACF,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;AAC1D,QAAA,MAAMC,2DAA6B,CAAC;YAClC,SAAS;YACT,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;AACF,QAAA,GAAG,CAAC,+CAA+C,EAAE,EAAE,SAAS,EAAE,CAAC;IACrE;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,0CAA0C,EAAE;YAC9C,SAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AAEpB,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AACF;;;;"}
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
2
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
3
3
|
import { Auth0Config } from 'src/types';
|
|
4
|
-
export declare const handleAccessTokenRequest: ({ request, response, auth0Instance, auth0Config, onError, }: {
|
|
4
|
+
export declare const handleAccessTokenRequest: ({ requestId, request, response, auth0Instance, auth0Config, onError, }: {
|
|
5
|
+
requestId: string;
|
|
5
6
|
request: NextRequest;
|
|
6
7
|
response: NextResponse;
|
|
7
8
|
auth0Instance: Auth0Client;
|
|
@@ -12,13 +12,16 @@ function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'defau
|
|
|
12
12
|
var debug__default = /*#__PURE__*/_interopDefaultCompat(debug);
|
|
13
13
|
|
|
14
14
|
const log = debug__default.default('@smg-automotive/auth:token');
|
|
15
|
-
const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth0Config, onError, }) => {
|
|
15
|
+
const handleAccessTokenRequest = async ({ requestId, request, response, auth0Instance, auth0Config, onError, }) => {
|
|
16
16
|
if (request.nextUrl.pathname !== auth0Config.tokenEndpoint)
|
|
17
17
|
return;
|
|
18
|
-
log('Handling access token request', {
|
|
18
|
+
log('Handling access token request', {
|
|
19
|
+
requestId,
|
|
20
|
+
pathname: request.nextUrl.pathname,
|
|
21
|
+
});
|
|
19
22
|
const session = await auth0Instance.getSession(request);
|
|
20
23
|
if (!session) {
|
|
21
|
-
log('Access token request failed: no session');
|
|
24
|
+
log('Access token request failed: no session', { requestId });
|
|
22
25
|
return server.NextResponse.json({
|
|
23
26
|
error: {
|
|
24
27
|
message: 'The user does not have an active session.',
|
|
@@ -29,14 +32,15 @@ const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth
|
|
|
29
32
|
});
|
|
30
33
|
}
|
|
31
34
|
try {
|
|
32
|
-
log('Refreshing access token');
|
|
35
|
+
log('Refreshing access token', { requestId });
|
|
33
36
|
const { token, expiresAt } = await proactivelyRefreshAccessToken.proactivelyRefreshAccessToken({
|
|
37
|
+
requestId,
|
|
34
38
|
request,
|
|
35
39
|
response,
|
|
36
40
|
auth0Instance,
|
|
37
41
|
auth0Config,
|
|
38
42
|
});
|
|
39
|
-
log('Access token refreshed successfully', { expiresAt });
|
|
43
|
+
log('Access token refreshed successfully', { requestId, expiresAt });
|
|
40
44
|
const tokenResponse = server.NextResponse.json({
|
|
41
45
|
token,
|
|
42
46
|
expiresAt,
|
|
@@ -56,6 +60,7 @@ const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth
|
|
|
56
60
|
catch (error) {
|
|
57
61
|
const authError = error;
|
|
58
62
|
log('Access token request error', {
|
|
63
|
+
requestId,
|
|
59
64
|
message: authError.message,
|
|
60
65
|
code: authError.code,
|
|
61
66
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token.js","sources":["../../../../../src/server/middleware/token.ts"],"sourcesContent":[null],"names":["debug","NextResponse","AccessTokenErrorCode","proactivelyRefreshAccessToken","combineHeaders","addCachingHeaders"],"mappings":";;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"token.js","sources":["../../../../../src/server/middleware/token.ts"],"sourcesContent":[null],"names":["debug","NextResponse","AccessTokenErrorCode","proactivelyRefreshAccessToken","combineHeaders","addCachingHeaders"],"mappings":";;;;;;;;;;;;;AAWA,MAAM,GAAG,GAAGA,sBAAK,CAAC,4BAA4B,CAAC;MAElC,wBAAwB,GAAG,OAAO,EAC7C,SAAS,EACT,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,EACX,OAAO,GAQR,KAAkC;IACjC,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,WAAW,CAAC,aAAa;QAAE;IAE5D,GAAG,CAAC,+BAA+B,EAAE;QACnC,SAAS;AACT,QAAA,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ;AACnC,KAAA,CAAC;IACF,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,GAAG,CAAC,yCAAyC,EAAE,EAAE,SAAS,EAAE,CAAC;QAC7D,OAAOC,mBAAY,CAAC,IAAI,CACtB;AACE,YAAA,KAAK,EAAE;AACL,gBAAA,OAAO,EAAE,2CAA2C;gBACpD,IAAI,EAAEC,2BAAoB,CAAC,eAAe;AAC3C,aAAA;SACF,EACD;AACE,YAAA,MAAM,EAAE,GAAG;AACZ,SAAA,CACF;IACH;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,yBAAyB,EAAE,EAAE,SAAS,EAAE,CAAC;QAC7C,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,MAAMC,2DAA6B,CAAC;YAC/D,SAAS;YACT,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;QACF,GAAG,CAAC,qCAAqC,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;AACpE,QAAA,MAAM,aAAa,GAAGF,mBAAY,CAAC,IAAI,CAAC;YACtC,KAAK;YACL,SAAS;AACV,SAAA,CAAC;QACF,MAAM,2BAA2B,GAAGG,6BAAc,CAAC;AACjD,YAAA,kBAAkB,EAAE,aAAa;AACjC,YAAA,YAAY,EAAE,QAAQ;AACtB,YAAA,eAAe,EAAE,IAAI;AACtB,SAAA,CAAC;QACFC,mCAAiB,CAAC,2BAA2B,CAAC;;QAE9C,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE;AAC9C,YAAA,2BAA2B,CAAC,OAAO,CAAC,GAAG,CACrC,MAAM,CAAC,IAAI,EACX,MAAM,CAAC,KAAK,EACZ,MAAM,CACP;QACH;AACA,QAAA,OAAO,2BAA2B;IACpC;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,4BAA4B,EAAE;YAChC,SAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AACpB,QAAA,OAAOJ,mBAAY,CAAC,IAAI,CACtB,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,EAC/D,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB;IACH;AACF;;;;"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getUser.js","sources":["../../../../../src/server/helpers/getUser.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAYA,MAAM,GAAG,GAAG,KAAK,CAAC,2BAA2B,CAAC;AAE9C,MAAM,cAAc,GAAG,OAAO,EAC5B,QAAQ,EACR,IAAI,EACJ,OAAO,GACwC,KAAI;IACnD,GAAG,CAAC,yBAAyB,EAAE;QAC7B,IAAI;QACJ,QAAQ;AACR,QAAA,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO;AAC/B,KAAA,CAAC;IACF,MAAM,aAAa,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AAE1D,IAAA,MAAM,OAAO,GAAG,OAAO,EAAE;UACrB,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO;AAChD,UAAE,MAAM,aAAa,CAAC,UAAU,EAAE;AAEpC,IAAA,GAAG,CAAC,mBAAmB,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC;AAC7E,IAAA,OAAO,OAAO;AAChB,CAAC;AAEM,MAAM,OAAO,GAAG,OAAO,EAC5B,OAAO,EACP,IAAI,EACJ,QAAQ,GAEY,KAAiC;IACrD,GAAG,CAAC,cAAc,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AACvC,IAAA,MAAM,WAAW,GAAG,MAAM,cAAc,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;IACrE,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE;QACrC,GAAG,CAAC,0BAA0B,CAAC;AAC/B,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,IAAI,GAAG,WAAW,CAAC,IAAmB;IAC5C,GAAG,CAAC,gBAAgB,EAAE;QACpB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;
|
|
1
|
+
{"version":3,"file":"getUser.js","sources":["../../../../../src/server/helpers/getUser.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAYA,MAAM,GAAG,GAAG,KAAK,CAAC,2BAA2B,CAAC;AAE9C,MAAM,cAAc,GAAG,OAAO,EAC5B,QAAQ,EACR,IAAI,EACJ,OAAO,GACwC,KAAI;IACnD,GAAG,CAAC,yBAAyB,EAAE;QAC7B,IAAI;QACJ,QAAQ;AACR,QAAA,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO;AAC/B,KAAA,CAAC;IACF,MAAM,aAAa,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AAE1D,IAAA,MAAM,OAAO,GAAG,OAAO,EAAE;UACrB,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO;AAChD,UAAE,MAAM,aAAa,CAAC,UAAU,EAAE;AAEpC,IAAA,GAAG,CAAC,mBAAmB,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC;AAC7E,IAAA,OAAO,OAAO;AAChB,CAAC;AAEM,MAAM,OAAO,GAAG,OAAO,EAC5B,OAAO,EACP,IAAI,EACJ,QAAQ,GAEY,KAAiC;IACrD,GAAG,CAAC,cAAc,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AACvC,IAAA,MAAM,WAAW,GAAG,MAAM,cAAc,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;IACrE,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE;QACrC,GAAG,CAAC,0BAA0B,CAAC;AAC/B,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,IAAI,GAAG,WAAW,CAAC,IAAmB;IAC5C,GAAG,CAAC,gBAAgB,EAAE;QACpB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;AACxB,KAAA,CAAC;AACF,IAAA,OAAO,IAAI;AACb;AAEO,MAAM,eAAe,GAAG,OAAO,EACpC,KAAK,EACL,OAAO,EACP,IAAI,EACJ,QAAQ,GAIP,KAAyC;IAC1C,GAAG,CAAC,uBAAuB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AACvD,IAAA,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;IACvD,IAAI,CAAC,IAAI,EAAE;QACT,GAAG,CAAC,8BAA8B,CAAC;AACnC,QAAA,OAAO,IAAI;IACb;IAEA,GAAG,CAAC,wCAAwC,CAAC;AAC7C,IAAA,MAAM,WAAW,GAAG,MAAM,cAAc,CAAC;QACvC,IAAI;QACJ,QAAQ;QACR,OAAO;AACR,KAAA,CAAC;IACF,GAAG,CAAC,wCAAwC,CAAC;AAC7C,IAAA,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC;QACpC,IAAI;QACJ,WAAW;QACX,KAAK;AACN,KAAA,CAAC;IACF,GAAG,CAAC,4BAA4B,EAAE;QAChC,MAAM,EAAE,YAAY,CAAC,MAAM;QAC3B,QAAQ,EAAE,YAAY,CAAC,QAAQ;AAC/B,QAAA,eAAe,EAAE,CAAC,CAAC,YAAY,CAAC,YAAY;AAC7C,KAAA,CAAC;AACF,IAAA,OAAO,YAAY;AACrB;;;;"}
|
|
@@ -10,6 +10,16 @@ import { addLoginParams } from './login.js';
|
|
|
10
10
|
import { combineHeaders } from './combineHeaders.js';
|
|
11
11
|
|
|
12
12
|
const log = debug('@smg-automotive/auth:middleware');
|
|
13
|
+
const generateRequestId = () => {
|
|
14
|
+
// UUID v4 format: xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx
|
|
15
|
+
// where x is any hex digit and y is one of 8, 9, A, B
|
|
16
|
+
return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, (c) => {
|
|
17
|
+
// eslint-disable-next-line sonarjs/pseudo-random
|
|
18
|
+
const r = (Math.random() * 16) | 0;
|
|
19
|
+
const v = c === 'x' ? r : (r & 0x3) | 0x8;
|
|
20
|
+
return v.toString(16);
|
|
21
|
+
});
|
|
22
|
+
};
|
|
13
23
|
const isAuthRoute = (pathname, auth0Config) => {
|
|
14
24
|
const { loginEndpoint, logoutEndpoint, callbackEndpoint, userProfileEndpoint, tokenEndpoint, } = auth0Config;
|
|
15
25
|
return [
|
|
@@ -21,8 +31,10 @@ const isAuthRoute = (pathname, auth0Config) => {
|
|
|
21
31
|
].includes(pathname);
|
|
22
32
|
};
|
|
23
33
|
const authMiddleware = async ({ request, isProtectedRoute, language, host, protocol, onError, brand, }) => {
|
|
34
|
+
const requestId = generateRequestId();
|
|
24
35
|
const { pathname } = request.nextUrl;
|
|
25
36
|
log('Processing request', {
|
|
37
|
+
requestId,
|
|
26
38
|
pathname,
|
|
27
39
|
host,
|
|
28
40
|
protocol,
|
|
@@ -34,31 +46,34 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
34
46
|
});
|
|
35
47
|
const auth0Config = getAuth0Config();
|
|
36
48
|
const isAuthErrorRoute = pathname.endsWith(auth0Config.globalAuthErrorPath);
|
|
37
|
-
log('Auth route check', { pathname, isAuthErrorRoute });
|
|
49
|
+
log('Auth route check', { requestId, pathname, isAuthErrorRoute });
|
|
38
50
|
const crossDomainLogoutResult = handleCrossDomainLogout({
|
|
51
|
+
requestId,
|
|
39
52
|
host,
|
|
40
53
|
protocol,
|
|
41
54
|
request,
|
|
42
55
|
auth0Config,
|
|
43
56
|
});
|
|
44
57
|
if (crossDomainLogoutResult) {
|
|
45
|
-
log('Cross-domain logout detected, redirecting');
|
|
58
|
+
log('Cross-domain logout detected, redirecting', { requestId });
|
|
46
59
|
return crossDomainLogoutResult;
|
|
47
60
|
}
|
|
48
61
|
addLoginParams({
|
|
49
62
|
request,
|
|
50
63
|
auth0Config,
|
|
51
64
|
});
|
|
52
|
-
log('Calling Auth0 middleware');
|
|
65
|
+
log('Calling Auth0 middleware', { requestId });
|
|
53
66
|
const authResponse = await auth0Instance.middleware(request);
|
|
54
|
-
log('Auth0 middleware completed', { status: authResponse.status });
|
|
67
|
+
log('Auth0 middleware completed', { requestId, status: authResponse.status });
|
|
55
68
|
deleteRelatedSessionCookies({
|
|
69
|
+
requestId,
|
|
56
70
|
host,
|
|
57
71
|
request,
|
|
58
72
|
response: authResponse,
|
|
59
73
|
auth0Config,
|
|
60
74
|
});
|
|
61
75
|
const accessTokenRequestResult = await handleAccessTokenRequest({
|
|
76
|
+
requestId,
|
|
62
77
|
request,
|
|
63
78
|
response: authResponse,
|
|
64
79
|
auth0Instance,
|
|
@@ -66,10 +81,11 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
66
81
|
onError,
|
|
67
82
|
});
|
|
68
83
|
if (accessTokenRequestResult) {
|
|
69
|
-
log('Access token request handled');
|
|
84
|
+
log('Access token request handled', { requestId });
|
|
70
85
|
return accessTokenRequestResult;
|
|
71
86
|
}
|
|
72
87
|
const handleUserProfileResult = await handleUserProfile({
|
|
88
|
+
requestId,
|
|
73
89
|
request,
|
|
74
90
|
response: authResponse,
|
|
75
91
|
auth0Instance,
|
|
@@ -77,16 +93,17 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
77
93
|
brand,
|
|
78
94
|
});
|
|
79
95
|
if (handleUserProfileResult) {
|
|
80
|
-
log('User profile request handled');
|
|
96
|
+
log('User profile request handled', { requestId });
|
|
81
97
|
return handleUserProfileResult;
|
|
82
98
|
}
|
|
83
99
|
if (isAuthRoute(pathname, auth0Config) || isAuthErrorRoute) {
|
|
84
|
-
log('Auth route, returning response');
|
|
100
|
+
log('Auth route, returning response', { requestId });
|
|
85
101
|
return authResponse;
|
|
86
102
|
}
|
|
87
103
|
const isProtected = !isAuthErrorRoute && isProtectedRoute(pathname);
|
|
88
|
-
log('Route protection check', { pathname, isProtected });
|
|
104
|
+
log('Route protection check', { requestId, pathname, isProtected });
|
|
89
105
|
const protectRouteResult = await protectRoute({
|
|
106
|
+
requestId,
|
|
90
107
|
isProtected,
|
|
91
108
|
auth0Instance,
|
|
92
109
|
auth0Config,
|
|
@@ -97,11 +114,12 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
97
114
|
});
|
|
98
115
|
if (protectRouteResult) {
|
|
99
116
|
log('Route protection handled', {
|
|
117
|
+
requestId,
|
|
100
118
|
redirected: protectRouteResult.status === 307,
|
|
101
119
|
});
|
|
102
120
|
return protectRouteResult;
|
|
103
121
|
}
|
|
104
|
-
log('Request completed, combining headers');
|
|
122
|
+
log('Request completed, combining headers', { requestId });
|
|
105
123
|
return combineHeaders({
|
|
106
124
|
middlewareResponse: NextResponse.next({
|
|
107
125
|
request: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;;;;AAgBA,MAAM,GAAG,GAAG,KAAK,CAAC,iCAAiC,CAAC;AAEpD,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,KAAK,GASN,KAA2B;AAC1B,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO;IACpC,GAAG,CAAC,oBAAoB,EAAE;QACxB,QAAQ;QACR,IAAI;QACJ,QAAQ;QACR,MAAM,EAAE,OAAO,CAAC,MAAM;AACvB,KAAA,CAAC;IAEF,MAAM,aAAa,GAAG,gBAAgB,CAAC;QACrC,IAAI;QACJ,QAAQ;AACT,KAAA,CAAC;AAEF,IAAA,MAAM,WAAW,GAAG,cAAc,EAAE;IACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC3E,GAAG,CAAC,kBAAkB,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;;;;AAgBA,MAAM,GAAG,GAAG,KAAK,CAAC,iCAAiC,CAAC;AAEpD,MAAM,iBAAiB,GAAG,MAAa;;;IAGrC,OAAO,sCAAsC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,KAAI;;AAEnE,QAAA,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC;AAClC,QAAA,MAAM,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,IAAI,GAAG;AACzC,QAAA,OAAO,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;AACvB,IAAA,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,KAAK,GASN,KAA2B;AAC1B,IAAA,MAAM,SAAS,GAAG,iBAAiB,EAAE;AACrC,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO;IACpC,GAAG,CAAC,oBAAoB,EAAE;QACxB,SAAS;QACT,QAAQ;QACR,IAAI;QACJ,QAAQ;QACR,MAAM,EAAE,OAAO,CAAC,MAAM;AACvB,KAAA,CAAC;IAEF,MAAM,aAAa,GAAG,gBAAgB,CAAC;QACrC,IAAI;QACJ,QAAQ;AACT,KAAA,CAAC;AAEF,IAAA,MAAM,WAAW,GAAG,cAAc,EAAE;IACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC3E,GAAG,CAAC,kBAAkB,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC;IAElE,MAAM,uBAAuB,GAAG,uBAAuB,CAAC;QACtD,SAAS;QACT,IAAI;QACJ,QAAQ;QACR,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;AAC3B,QAAA,GAAG,CAAC,2CAA2C,EAAE,EAAE,SAAS,EAAE,CAAC;AAC/D,QAAA,OAAO,uBAAuB;IAChC;AAEA,IAAA,cAAc,CAAC;QACb,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,GAAG,CAAC,0BAA0B,EAAE,EAAE,SAAS,EAAE,CAAC;IAC9C,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;AAC5D,IAAA,GAAG,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,EAAE,CAAC;AAE7E,IAAA,2BAA2B,CAAC;QAC1B,SAAS;QACT,IAAI;QACJ,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,MAAM,wBAAwB,GAAG,MAAM,wBAAwB,CAAC;QAC9D,SAAS;QACT,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,OAAO;AACR,KAAA,CAAC;IACF,IAAI,wBAAwB,EAAE;AAC5B,QAAA,GAAG,CAAC,8BAA8B,EAAE,EAAE,SAAS,EAAE,CAAC;AAClD,QAAA,OAAO,wBAAwB;IACjC;AAEA,IAAA,MAAM,uBAAuB,GAAG,MAAM,iBAAiB,CAAC;QACtD,SAAS;QACT,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,KAAK;AACN,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;AAC3B,QAAA,GAAG,CAAC,8BAA8B,EAAE,EAAE,SAAS,EAAE,CAAC;AAClD,QAAA,OAAO,uBAAuB;IAChC;IAEA,IAAI,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,IAAI,gBAAgB,EAAE;AAC1D,QAAA,GAAG,CAAC,gCAAgC,EAAE,EAAE,SAAS,EAAE,CAAC;AACpD,QAAA,OAAO,YAAY;IACrB;IAEA,MAAM,WAAW,GAAG,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,QAAQ,CAAC;IACnE,GAAG,CAAC,wBAAwB,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;AACnE,IAAA,MAAM,kBAAkB,GAAG,MAAM,YAAY,CAAC;QAC5C,SAAS;QACT,WAAW;QACX,aAAa;QACb,WAAW;QACX,QAAQ;QACR,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,OAAO;AACR,KAAA,CAAC;IACF,IAAI,kBAAkB,EAAE;QACtB,GAAG,CAAC,0BAA0B,EAAE;YAC9B,SAAS;AACT,YAAA,UAAU,EAAE,kBAAkB,CAAC,MAAM,KAAK,GAAG;AAC9C,SAAA,CAAC;AACF,QAAA,OAAO,kBAAkB;IAC3B;AAEA,IAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;AAC1D,IAAA,OAAO,cAAc,CAAC;AACpB,QAAA,kBAAkB,EAAE,YAAY,CAAC,IAAI,CAAC;AACpC,YAAA,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;AACzB,aAAA;SACF,CAAC;QACF,YAAY;AACb,KAAA,CAAC;AACJ;;;;"}
|
|
@@ -1,12 +1,14 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
2
|
import { Auth0Config } from 'src/types';
|
|
3
|
-
export declare const handleCrossDomainLogout: ({ host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }: {
|
|
3
|
+
export declare const handleCrossDomainLogout: ({ requestId, host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }: {
|
|
4
|
+
requestId: string;
|
|
4
5
|
host: string;
|
|
5
6
|
protocol: string;
|
|
6
7
|
request: NextRequest;
|
|
7
8
|
auth0Config: Auth0Config;
|
|
8
9
|
}) => NextResponse | void;
|
|
9
|
-
export declare const deleteRelatedSessionCookies: ({ host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }: {
|
|
10
|
+
export declare const deleteRelatedSessionCookies: ({ requestId, host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }: {
|
|
11
|
+
requestId: string;
|
|
10
12
|
host: string;
|
|
11
13
|
request: NextRequest;
|
|
12
14
|
response: NextResponse;
|
|
@@ -43,14 +43,14 @@ const getOtherDomainHost = (currentHost) => {
|
|
|
43
43
|
}
|
|
44
44
|
return currentHost;
|
|
45
45
|
};
|
|
46
|
-
const handleCrossDomainLogout = ({ host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }) => {
|
|
46
|
+
const handleCrossDomainLogout = ({ requestId, host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }) => {
|
|
47
47
|
if (request.nextUrl.pathname !== logoutEndpoint)
|
|
48
48
|
return;
|
|
49
|
-
log('Handling logout request', { host, protocol });
|
|
49
|
+
log('Handling logout request', { requestId, host, protocol });
|
|
50
50
|
const searchParams = new URLSearchParams(request.nextUrl.search);
|
|
51
51
|
const specifiedReturnTo = searchParams.get('returnTo') || '';
|
|
52
52
|
const crossDomainLogout = searchParams.get('crossDomain') === 'true';
|
|
53
|
-
log('Logout parameters', { specifiedReturnTo, crossDomainLogout });
|
|
53
|
+
log('Logout parameters', { requestId, specifiedReturnTo, crossDomainLogout });
|
|
54
54
|
const otherDomainHost = getOtherDomainHost(host);
|
|
55
55
|
const currentDomainUrl = `${protocol}://${host}`;
|
|
56
56
|
const locale = searchParams.get('locale');
|
|
@@ -62,12 +62,12 @@ const handleCrossDomainLogout = ({ host, protocol, request, auth0Config: { langu
|
|
|
62
62
|
pathOrUrl: specifiedReturnTo,
|
|
63
63
|
crossDomainLogout,
|
|
64
64
|
});
|
|
65
|
-
log('ReturnTo validation', { isSafePath, specifiedReturnTo });
|
|
65
|
+
log('ReturnTo validation', { requestId, isSafePath, specifiedReturnTo });
|
|
66
66
|
if (isSafePath && specifiedReturnTo) {
|
|
67
67
|
returnTo = specifiedReturnTo;
|
|
68
68
|
}
|
|
69
69
|
if (!crossDomainLogout && otherDomainHost && otherDomainHost !== host) {
|
|
70
|
-
log('Initiating cross-domain logout', { otherDomainHost });
|
|
70
|
+
log('Initiating cross-domain logout', { requestId, otherDomainHost });
|
|
71
71
|
const backToCurrentDomainUrl = new URL(logoutEndpoint, currentDomainUrl);
|
|
72
72
|
backToCurrentDomainUrl.searchParams.set('returnTo', returnTo);
|
|
73
73
|
backToCurrentDomainUrl.searchParams.set('crossDomain', 'true');
|
|
@@ -75,6 +75,7 @@ const handleCrossDomainLogout = ({ host, protocol, request, auth0Config: { langu
|
|
|
75
75
|
otherDomainLogoutUrl.searchParams.set('crossDomain', 'true');
|
|
76
76
|
otherDomainLogoutUrl.searchParams.set('returnTo', backToCurrentDomainUrl.toString());
|
|
77
77
|
log('Redirecting to other domain for logout', {
|
|
78
|
+
requestId,
|
|
78
79
|
otherDomainHost,
|
|
79
80
|
returnUrl: backToCurrentDomainUrl.toString(),
|
|
80
81
|
});
|
|
@@ -101,10 +102,11 @@ const getLegacyCookieDomain = (hostname) => {
|
|
|
101
102
|
const base = parts.slice(-2).join('.');
|
|
102
103
|
return `.${base}`;
|
|
103
104
|
};
|
|
104
|
-
const deleteRelatedSessionCookies = ({ host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }) => {
|
|
105
|
+
const deleteRelatedSessionCookies = ({ requestId, host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }) => {
|
|
105
106
|
if (request.nextUrl.pathname !== logoutEndpoint || !response)
|
|
106
107
|
return;
|
|
107
108
|
log('Deleting session cookies', {
|
|
109
|
+
requestId,
|
|
108
110
|
host,
|
|
109
111
|
cookieCount: authCookieNames.length,
|
|
110
112
|
});
|
|
@@ -126,7 +128,7 @@ const deleteRelatedSessionCookies = ({ host, request, response, auth0Config: { l
|
|
|
126
128
|
});
|
|
127
129
|
});
|
|
128
130
|
const legacyCookieDomain = getLegacyCookieDomain(host);
|
|
129
|
-
log('Deleting legacy cookies', { legacyCookieDomain });
|
|
131
|
+
log('Deleting legacy cookies', { requestId, legacyCookieDomain });
|
|
130
132
|
response.cookies.delete({
|
|
131
133
|
name: legacyAccessTokenName,
|
|
132
134
|
maxAge: 0,
|
|
@@ -139,7 +141,7 @@ const deleteRelatedSessionCookies = ({ host, request, response, auth0Config: { l
|
|
|
139
141
|
path: '/',
|
|
140
142
|
domain: legacyCookieDomain,
|
|
141
143
|
});
|
|
142
|
-
log('All session cookies deleted');
|
|
144
|
+
log('All session cookies deleted', { requestId });
|
|
143
145
|
};
|
|
144
146
|
|
|
145
147
|
export { deleteRelatedSessionCookies, handleCrossDomainLogout };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logout.js","sources":["../../../../../src/server/middleware/logout.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAKA,MAAM,GAAG,GAAG,KAAK,CAAC,6BAA6B,CAAC;AAEhD,MAAM,gBAAgB,GAAG,CAAC,EACxB,SAAS,EACT,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,iBAAiB,GAOlB,KAAI;IACH,IAAI,OAAO,SAAS,KAAK,QAAQ;AAAE,QAAA,OAAO,KAAK;AAC/C,IAAA,IAAI,SAAS,CAAC,MAAM,GAAG,IAAI;AAAE,QAAA,OAAO,KAAK;AAEzC,IAAA,IAAI;AACF,QAAA,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,SAAS,CAAC;QACtD,MAAM,KAAK,GAAG,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC;QACjD,MAAM,eAAe,GAAG,IAAI,GAAG,CAC7B,KAAK,GAAG,gBAAgB,GAAG,GAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,CAAA,EAAG,gBAAgB,CAAA,CAAE,CACtE;AACD,QAAA,MAAM,WAAW,GAAG,eAAe,CAAC,QAAQ;AAE5C,QAAA,IACE,iBAAiB;YACjB,KAAK;AACL,YAAA,eAAe,CAAC,IAAI,KAAK,eAAe,EACxC;AACA,YAAA,OAAO,KAAK;QACd;QAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,CAAC,IAAI,KAAK,IAAI,EAAE;AACvD,YAAA,OAAO,KAAK;QACd;AAEA,QAAA,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;AAChE,YAAA,OAAO,KAAK;QACd;;;QAIA,MAAM,eAAe,GAAG,yBAAyB;AACjD,QAAA,OAAO,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC;IAC1C;IAAE,OAAO,KAAK,EAAE;;AAEd,QAAA,OAAO,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,CAAC;AACjD,QAAA,OAAO,KAAK;IACd;AACF,CAAC;AAED,MAAM,kBAAkB,GAAG,CAAC,WAAmB,KAAY;AACzD,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,OAAO,WAAW;AACpB,CAAC;MAEY,uBAAuB,GAAG,CAAC,EACtC,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,WAAW,EAAE,EAAE,cAAc,EAAE,cAAc,EAAE,
|
|
1
|
+
{"version":3,"file":"logout.js","sources":["../../../../../src/server/middleware/logout.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAKA,MAAM,GAAG,GAAG,KAAK,CAAC,6BAA6B,CAAC;AAEhD,MAAM,gBAAgB,GAAG,CAAC,EACxB,SAAS,EACT,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,iBAAiB,GAOlB,KAAI;IACH,IAAI,OAAO,SAAS,KAAK,QAAQ;AAAE,QAAA,OAAO,KAAK;AAC/C,IAAA,IAAI,SAAS,CAAC,MAAM,GAAG,IAAI;AAAE,QAAA,OAAO,KAAK;AAEzC,IAAA,IAAI;AACF,QAAA,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,SAAS,CAAC;QACtD,MAAM,KAAK,GAAG,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC;QACjD,MAAM,eAAe,GAAG,IAAI,GAAG,CAC7B,KAAK,GAAG,gBAAgB,GAAG,GAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,CAAA,EAAG,gBAAgB,CAAA,CAAE,CACtE;AACD,QAAA,MAAM,WAAW,GAAG,eAAe,CAAC,QAAQ;AAE5C,QAAA,IACE,iBAAiB;YACjB,KAAK;AACL,YAAA,eAAe,CAAC,IAAI,KAAK,eAAe,EACxC;AACA,YAAA,OAAO,KAAK;QACd;QAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,CAAC,IAAI,KAAK,IAAI,EAAE;AACvD,YAAA,OAAO,KAAK;QACd;AAEA,QAAA,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;AAChE,YAAA,OAAO,KAAK;QACd;;;QAIA,MAAM,eAAe,GAAG,yBAAyB;AACjD,QAAA,OAAO,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC;IAC1C;IAAE,OAAO,KAAK,EAAE;;AAEd,QAAA,OAAO,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,CAAC;AACjD,QAAA,OAAO,KAAK;IACd;AACF,CAAC;AAED,MAAM,kBAAkB,GAAG,CAAC,WAAmB,KAAY;AACzD,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,OAAO,WAAW;AACpB,CAAC;MAEY,uBAAuB,GAAG,CAAC,EACtC,SAAS,EACT,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,WAAW,EAAE,EAAE,cAAc,EAAE,cAAc,EAAE,GAOhD,KAAyB;AACxB,IAAA,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,cAAc;QAAE;IAEjD,GAAG,CAAC,yBAAyB,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAC7D,MAAM,YAAY,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC;IAEhE,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE;IAC5D,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CAAC,aAAa,CAAC,KAAK,MAAM;IACpE,GAAG,CAAC,mBAAmB,EAAE,EAAE,SAAS,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,CAAC;AAE7E,IAAA,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,CAAC;AAChD,IAAA,MAAM,gBAAgB,GAAG,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,EAAE;IAChD,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC;AACzC,IAAA,IAAI,QAAQ,GAAG,MAAM,GAAG,CAAA,CAAA,EAAI,MAAM,CAAA,CAAE,GAAG,CAAA,CAAA,EAAI,cAAc,CAAC,OAAO,EAAE;IACnE,MAAM,UAAU,GAAG,gBAAgB,CAAC;QAClC,QAAQ;QACR,IAAI;QACJ,eAAe;AACf,QAAA,SAAS,EAAE,iBAAiB;QAC5B,iBAAiB;AAClB,KAAA,CAAC;IACF,GAAG,CAAC,qBAAqB,EAAE,EAAE,SAAS,EAAE,UAAU,EAAE,iBAAiB,EAAE,CAAC;AACxE,IAAA,IAAI,UAAU,IAAI,iBAAiB,EAAE;QACnC,QAAQ,GAAG,iBAAiB;IAC9B;IAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,IAAI,eAAe,KAAK,IAAI,EAAE;QACrE,GAAG,CAAC,gCAAgC,EAAE,EAAE,SAAS,EAAE,eAAe,EAAE,CAAC;QACrE,MAAM,sBAAsB,GAAG,IAAI,GAAG,CAAC,cAAc,EAAE,gBAAgB,CAAC;QACxE,sBAAsB,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC;QAC7D,sBAAsB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC;AAE9D,QAAA,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAClC,cAAc,EACd,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,eAAe,CAAA,CAAE,CACnC;QACD,oBAAoB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC;AAC5D,QAAA,oBAAoB,CAAC,YAAY,CAAC,GAAG,CACnC,UAAU,EACV,sBAAsB,CAAC,QAAQ,EAAE,CAClC;QAED,GAAG,CAAC,wCAAwC,EAAE;YAC5C,SAAS;YACT,eAAe;AACf,YAAA,SAAS,EAAE,sBAAsB,CAAC,QAAQ,EAAE;AAC7C,SAAA,CAAC;AACF,QAAA,OAAO,YAAY,CAAC,QAAQ,CAAC,oBAAoB,EAAE;AACjD,YAAA,MAAM,EAAE,GAAG;AACZ,SAAA,CAAC;IACJ;IAEA,IAAI,aAAa,GAAG,KAAK;AACzB,IAAA,IAAI;AACF,QAAA,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC;AACpD,QAAA,aAAa,GAAG,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC;IACpD;IAAE,OAAO,KAAK,EAAE;;AAEd,QAAA,OAAO,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,CAAC;IACjD;AAEA,IAAA,YAAY,CAAC,GAAG,CACd,UAAU,EACV,aAAa,GAAG,QAAQ,GAAG,CAAA,EAAG,gBAAgB,GAAG,QAAQ,CAAA,CAAE,CAC5D;IACD,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,YAAY,CAAC,QAAQ,EAAE;AAClD;AAEA,MAAM,qBAAqB,GAAG,CAAC,QAAgB,KAAI;IACjD,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC;AACjC,IAAA,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAE;AAE3C,IAAA,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;IACtC,OAAO,CAAA,CAAA,EAAI,IAAI,CAAA,CAAE;AACnB,CAAC;AAEM,MAAM,2BAA2B,GAAG,CAAC,EAC1C,SAAS,EACT,IAAI,EACJ,OAAO,EACP,QAAQ,EACR,WAAW,EAAE,EACX,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,sBAAsB,GACvB,GAOF,KAAI;IACH,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,cAAc,IAAI,CAAC,QAAQ;QAAE;IAE9D,GAAG,CAAC,0BAA0B,EAAE;QAC9B,SAAS;QACT,IAAI;QACJ,WAAW,EAAE,eAAe,CAAC,MAAM;AACpC,KAAA,CAAC;AACF,IAAA,eAAe,CAAC,OAAO,CAAC,CAAC,UAAU,KAAI;AACrC,QAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,YAAA,IAAI,EAAE,UAAU;AAChB,YAAA,MAAM,EAAE,CAAC;AACT,YAAA,IAAI,EAAE,GAAG;AACV,SAAA,CAAC;AACF,QAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;YACtB,IAAI,EAAE,CAAA,EAAG,UAAU,CAAA,GAAA,CAAK;AACxB,YAAA,MAAM,EAAE,CAAC;AACT,YAAA,IAAI,EAAE,GAAG;AACV,SAAA,CAAC;AACF,QAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;YACtB,IAAI,EAAE,CAAA,EAAG,UAAU,CAAA,GAAA,CAAK;AACxB,YAAA,MAAM,EAAE,CAAC;AACT,YAAA,IAAI,EAAE,GAAG;AACV,SAAA,CAAC;AACJ,IAAA,CAAC,CAAC;AAEF,IAAA,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,IAAI,CAAC;IACtD,GAAG,CAAC,yBAAyB,EAAE,EAAE,SAAS,EAAE,kBAAkB,EAAE,CAAC;AACjE,IAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,QAAA,IAAI,EAAE,qBAAqB;AAC3B,QAAA,MAAM,EAAE,CAAC;AACT,QAAA,IAAI,EAAE,GAAG;AACT,QAAA,MAAM,EAAE,kBAAkB;AAC3B,KAAA,CAAC;AACF,IAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,QAAA,IAAI,EAAE,sBAAsB;AAC5B,QAAA,MAAM,EAAE,CAAC;AACT,QAAA,IAAI,EAAE,GAAG;AACT,QAAA,MAAM,EAAE,kBAAkB;AAC3B,KAAA,CAAC;AACF,IAAA,GAAG,CAAC,6BAA6B,EAAE,EAAE,SAAS,EAAE,CAAC;AACnD;;;;"}
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
2
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
3
3
|
import { Auth0Config } from 'src/types/auth0/config';
|
|
4
|
-
export declare const proactivelyRefreshAccessToken: ({ request, response, auth0Instance, auth0Config, }: {
|
|
4
|
+
export declare const proactivelyRefreshAccessToken: ({ requestId, request, response, auth0Instance, auth0Config, }: {
|
|
5
|
+
requestId: string;
|
|
5
6
|
request: NextRequest;
|
|
6
7
|
response: NextResponse;
|
|
7
8
|
auth0Instance: Auth0Client;
|
|
@@ -1,13 +1,14 @@
|
|
|
1
1
|
import debug from 'debug';
|
|
2
2
|
|
|
3
3
|
const log = debug('@smg-automotive/auth:token');
|
|
4
|
-
const proactivelyRefreshAccessToken = async ({ request, response, auth0Instance, auth0Config, }) => {
|
|
5
|
-
log('Checking if token refresh is needed');
|
|
4
|
+
const proactivelyRefreshAccessToken = async ({ requestId, request, response, auth0Instance, auth0Config, }) => {
|
|
5
|
+
log('Checking if token refresh is needed', { requestId });
|
|
6
6
|
const session = await auth0Instance.getSession(request);
|
|
7
7
|
const expiresAt = session?.tokenSet.expiresAt || 0;
|
|
8
8
|
const expiresInSeconds = expiresAt - Date.now() / 1000;
|
|
9
9
|
const shouldRefresh = auth0Config.debugForceTokenRefresh || expiresAt < Date.now() / 1000 + 30;
|
|
10
10
|
log('Token refresh decision', {
|
|
11
|
+
requestId,
|
|
11
12
|
shouldRefresh,
|
|
12
13
|
expiresInSeconds: Math.round(expiresInSeconds),
|
|
13
14
|
debugForceRefresh: auth0Config.debugForceTokenRefresh,
|
|
@@ -17,6 +18,7 @@ const proactivelyRefreshAccessToken = async ({ request, response, auth0Instance,
|
|
|
17
18
|
refresh: shouldRefresh,
|
|
18
19
|
});
|
|
19
20
|
log('Access token retrieved', {
|
|
21
|
+
requestId,
|
|
20
22
|
expiresAt: result.expiresAt,
|
|
21
23
|
tokenLength: result.token.length,
|
|
22
24
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAMA,MAAM,GAAG,GAAG,KAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,6BAA6B,GAAG,OAAO,EAClD,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,
|
|
1
|
+
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAMA,MAAM,GAAG,GAAG,KAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,6BAA6B,GAAG,OAAO,EAClD,SAAS,EACT,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,GAOZ,KAAmD;AAClD,IAAA,GAAG,CAAC,qCAAqC,EAAE,EAAE,SAAS,EAAE,CAAC;IACzD,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,MAAM,SAAS,GAAG,OAAO,EAAE,QAAQ,CAAC,SAAS,IAAI,CAAC;IAClD,MAAM,gBAAgB,GAAG,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI;AACtD,IAAA,MAAM,aAAa,GACjB,WAAW,CAAC,sBAAsB,IAAI,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,EAAE;IAE1E,GAAG,CAAC,wBAAwB,EAAE;QAC5B,SAAS;QACT,aAAa;AACb,QAAA,gBAAgB,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC;QAC9C,iBAAiB,EAAE,WAAW,CAAC,sBAAsB;QACrD,UAAU,EAAE,CAAC,CAAC,OAAO;AACtB,KAAA,CAAC;IAEF,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,EAAE,QAAQ,EAAE;AACnE,QAAA,OAAO,EAAE,aAAa;AACvB,KAAA,CAAC;IAEF,GAAG,CAAC,wBAAwB,EAAE;QAC5B,SAAS;QACT,SAAS,EAAE,MAAM,CAAC,SAAS;AAC3B,QAAA,WAAW,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM;AACjC,KAAA,CAAC;AAEF,IAAA,OAAO,MAAM;AACf;;;;"}
|
|
@@ -2,7 +2,8 @@ import { NextRequest, NextResponse } from 'next/server';
|
|
|
2
2
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
3
3
|
import { Brand } from 'src/types/brand';
|
|
4
4
|
import { Auth0Config } from 'src/types';
|
|
5
|
-
export declare const handleUserProfile: ({ request, response, auth0Instance, auth0Config, brand, }: {
|
|
5
|
+
export declare const handleUserProfile: ({ requestId, request, response, auth0Instance, auth0Config, brand, }: {
|
|
6
|
+
requestId: string;
|
|
6
7
|
request: NextRequest;
|
|
7
8
|
response: NextResponse;
|
|
8
9
|
auth0Instance: Auth0Client;
|
|
@@ -17,34 +17,37 @@ const returnEmptyResponse = () => {
|
|
|
17
17
|
},
|
|
18
18
|
});
|
|
19
19
|
};
|
|
20
|
-
const handleUserProfile = async ({ request, response, auth0Instance, auth0Config, brand, }) => {
|
|
20
|
+
const handleUserProfile = async ({ requestId, request, response, auth0Instance, auth0Config, brand, }) => {
|
|
21
21
|
if (request.nextUrl.pathname !== auth0Config.userProfileEndpoint)
|
|
22
22
|
return;
|
|
23
|
-
log('Handling user profile request', { brand });
|
|
23
|
+
log('Handling user profile request', { requestId, brand });
|
|
24
24
|
const session = await auth0Instance.getSession(request);
|
|
25
25
|
if (!session) {
|
|
26
|
-
log('No session found for profile request');
|
|
26
|
+
log('No session found for profile request', { requestId });
|
|
27
27
|
return returnEmptyResponse();
|
|
28
28
|
}
|
|
29
29
|
try {
|
|
30
30
|
const user = session.user;
|
|
31
31
|
log('User found, refreshing token and enriching', {
|
|
32
|
+
requestId,
|
|
32
33
|
userId: user.userId,
|
|
33
34
|
sellerId: user.sellerId,
|
|
34
35
|
});
|
|
35
36
|
const { token } = await proactivelyRefreshAccessToken({
|
|
37
|
+
requestId,
|
|
36
38
|
request,
|
|
37
39
|
response,
|
|
38
40
|
auth0Instance,
|
|
39
41
|
auth0Config,
|
|
40
42
|
});
|
|
41
|
-
log('Token refreshed, enriching user');
|
|
43
|
+
log('Token refreshed, enriching user', { requestId });
|
|
42
44
|
const enrichedUser = await enrichUser({
|
|
43
45
|
user,
|
|
44
46
|
accessToken: token,
|
|
45
47
|
brand,
|
|
46
48
|
});
|
|
47
49
|
log('User enriched successfully', {
|
|
50
|
+
requestId,
|
|
48
51
|
userId: enrichedUser.userId,
|
|
49
52
|
sellerId: enrichedUser.sellerId,
|
|
50
53
|
hasEntitlements: !!enrichedUser.entitlements,
|
|
@@ -64,6 +67,7 @@ const handleUserProfile = async ({ request, response, auth0Instance, auth0Config
|
|
|
64
67
|
}
|
|
65
68
|
catch (error) {
|
|
66
69
|
log('User Profile error loading entitlements', {
|
|
70
|
+
requestId,
|
|
67
71
|
error: error instanceof Error ? error.message : String(error),
|
|
68
72
|
stack: error instanceof Error ? error.stack : undefined,
|
|
69
73
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"profile.js","sources":["../../../../../src/server/middleware/profile.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;AAYA,MAAM,GAAG,GAAG,KAAK,CAAC,8BAA8B,CAAC;AAEjD,MAAM,mBAAmB,GAAG,MAAmB;AAC7C,IAAA,OAAO,IAAI,YAAY,CAAC,IAAI,EAAE;AAC5B,QAAA,MAAM,EAAE,GAAG;AACX,QAAA,OAAO,EAAE;AACP,YAAA,IAAI,EAAE,uBAAuB;AAC7B,YAAA,eAAe,EACb,yDAAyD;AAC3D,YAAA,MAAM,EAAE,UAAU;AAClB,YAAA,OAAO,EAAE,GAAG;AACb,SAAA;AACF,KAAA,CAAC;AACJ,CAAC;
|
|
1
|
+
{"version":3,"file":"profile.js","sources":["../../../../../src/server/middleware/profile.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;AAYA,MAAM,GAAG,GAAG,KAAK,CAAC,8BAA8B,CAAC;AAEjD,MAAM,mBAAmB,GAAG,MAAmB;AAC7C,IAAA,OAAO,IAAI,YAAY,CAAC,IAAI,EAAE;AAC5B,QAAA,MAAM,EAAE,GAAG;AACX,QAAA,OAAO,EAAE;AACP,YAAA,IAAI,EAAE,uBAAuB;AAC7B,YAAA,eAAe,EACb,yDAAyD;AAC3D,YAAA,MAAM,EAAE,UAAU;AAClB,YAAA,OAAO,EAAE,GAAG;AACb,SAAA;AACF,KAAA,CAAC;AACJ,CAAC;MAEY,iBAAiB,GAAG,OAAO,EACtC,SAAS,EACT,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,EACX,KAAK,GAQN,KAAkC;IACjC,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,WAAW,CAAC,mBAAmB;QAAE;IAElE,GAAG,CAAC,+BAA+B,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;IAC1D,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;QAC1D,OAAO,mBAAmB,EAAE;IAC9B;AAEA,IAAA,IAAI;AACF,QAAA,MAAM,IAAI,GAAG,OAAO,CAAC,IAAmB;QACxC,GAAG,CAAC,4CAA4C,EAAE;YAChD,SAAS;YACT,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;AACxB,SAAA,CAAC;AACF,QAAA,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,6BAA6B,CAAC;YACpD,SAAS;YACT,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;AACF,QAAA,GAAG,CAAC,iCAAiC,EAAE,EAAE,SAAS,EAAE,CAAC;AACrD,QAAA,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC;YACpC,IAAI;AACJ,YAAA,WAAW,EAAE,KAAK;YAClB,KAAK;AACN,SAAA,CAAC;QAEF,GAAG,CAAC,4BAA4B,EAAE;YAChC,SAAS;YACT,MAAM,EAAE,YAAY,CAAC,MAAM;YAC3B,QAAQ,EAAE,YAAY,CAAC,QAAQ;AAC/B,YAAA,eAAe,EAAE,CAAC,CAAC,YAAY,CAAC,YAAY;AAC7C,SAAA,CAAC;QACF,MAAM,YAAY,GAAG,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC;QACpD,MAAM,2BAA2B,GAAG,cAAc,CAAC;AACjD,YAAA,kBAAkB,EAAE,YAAY;AAChC,YAAA,YAAY,EAAE,QAAQ;AACtB,YAAA,eAAe,EAAE,IAAI;AACtB,SAAA,CAAC;QACF,iBAAiB,CAAC,2BAA2B,CAAC;;QAE9C,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE;AAC9C,YAAA,2BAA2B,CAAC,OAAO,CAAC,GAAG,CACrC,MAAM,CAAC,IAAI,EACX,MAAM,CAAC,KAAK,EACZ,MAAM,CACP;QACH;AACA,QAAA,OAAO,2BAA2B;IACpC;IAAE,OAAO,KAAK,EAAE;QACd,GAAG,CAAC,yCAAyC,EAAE;YAC7C,SAAS;AACT,YAAA,KAAK,EAAE,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC7D,YAAA,KAAK,EAAE,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,KAAK,GAAG,SAAS;AACxD,SAAA,CAAC;QAEF,OAAO,mBAAmB,EAAE;IAC9B;AACF;;;;"}
|
|
@@ -2,7 +2,8 @@ import { NextRequest, NextResponse } from 'next/server';
|
|
|
2
2
|
import { Language } from '@smg-automotive/i18n-pkg';
|
|
3
3
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
4
4
|
import { Auth0Config } from 'src/types';
|
|
5
|
-
export declare const protectRoute: ({ isProtected, auth0Instance, auth0Config, language, request, response, onError, }: {
|
|
5
|
+
export declare const protectRoute: ({ requestId, isProtected, auth0Instance, auth0Config, language, request, response, onError, }: {
|
|
6
|
+
requestId: string;
|
|
6
7
|
isProtected: boolean;
|
|
7
8
|
auth0Instance: Auth0Client;
|
|
8
9
|
auth0Config: Auth0Config;
|
|
@@ -14,17 +14,23 @@ const redirectToLogin = ({ auth0Config, language, returnTo, origin, }) => {
|
|
|
14
14
|
status: 307,
|
|
15
15
|
});
|
|
16
16
|
};
|
|
17
|
-
const protectRoute = async ({ isProtected, auth0Instance, auth0Config, language, request, response, onError, }) => {
|
|
17
|
+
const protectRoute = async ({ requestId, isProtected, auth0Instance, auth0Config, language, request, response, onError, }) => {
|
|
18
18
|
const { pathname, search, origin } = request.nextUrl;
|
|
19
|
-
log('Checking route protection', { pathname, isProtected });
|
|
19
|
+
log('Checking route protection', { requestId, pathname, isProtected });
|
|
20
20
|
const session = await auth0Instance.getSession(request);
|
|
21
|
-
log('Session check', {
|
|
21
|
+
log('Session check', {
|
|
22
|
+
requestId,
|
|
23
|
+
hasSession: !!session,
|
|
24
|
+
hasUser: !!session?.user,
|
|
25
|
+
});
|
|
22
26
|
if (!isProtected && !session?.user) {
|
|
23
|
-
log('Route not protected and no user session, allowing');
|
|
27
|
+
log('Route not protected and no user session, allowing', { requestId });
|
|
24
28
|
return response;
|
|
25
29
|
}
|
|
26
30
|
if (!session && isProtected) {
|
|
27
|
-
log('Protected route without session, redirecting to login'
|
|
31
|
+
log('Protected route without session, redirecting to login', {
|
|
32
|
+
requestId,
|
|
33
|
+
});
|
|
28
34
|
return redirectToLogin({
|
|
29
35
|
auth0Config,
|
|
30
36
|
language,
|
|
@@ -33,18 +39,20 @@ const protectRoute = async ({ isProtected, auth0Instance, auth0Config, language,
|
|
|
33
39
|
});
|
|
34
40
|
}
|
|
35
41
|
try {
|
|
36
|
-
log('Refreshing token for protected route');
|
|
42
|
+
log('Refreshing token for protected route', { requestId });
|
|
37
43
|
await proactivelyRefreshAccessToken({
|
|
44
|
+
requestId,
|
|
38
45
|
request,
|
|
39
46
|
response,
|
|
40
47
|
auth0Instance,
|
|
41
48
|
auth0Config,
|
|
42
49
|
});
|
|
43
|
-
log('Token refreshed successfully, allowing access');
|
|
50
|
+
log('Token refreshed successfully, allowing access', { requestId });
|
|
44
51
|
}
|
|
45
52
|
catch (error) {
|
|
46
53
|
const authError = error;
|
|
47
54
|
log('Token refresh failed for protected route', {
|
|
55
|
+
requestId,
|
|
48
56
|
message: authError.message,
|
|
49
57
|
code: authError.code,
|
|
50
58
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAWA,MAAM,GAAG,GAAG,KAAK,CAAC,mCAAmC,CAAC;AAEtD,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAkB;IACjB,MAAM,QAAQ,GAAG,YAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAO,YAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ,CAAC;
|
|
1
|
+
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAWA,MAAM,GAAG,GAAG,KAAK,CAAC,mCAAmC,CAAC;AAEtD,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAkB;IACjB,MAAM,QAAQ,GAAG,YAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAO,YAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ,CAAC;AAEM,MAAM,YAAY,GAAG,OAAO,EACjC,SAAS,EACT,WAAW,EACX,aAAa,EACb,WAAW,EACX,QAAQ,EACR,OAAO,EACP,QAAQ,EACR,OAAO,GAUR,KAAkC;IACjC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;IACpD,GAAG,CAAC,2BAA2B,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;IAEtE,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,GAAG,CAAC,eAAe,EAAE;QACnB,SAAS;QACT,UAAU,EAAE,CAAC,CAAC,OAAO;AACrB,QAAA,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,IAAI;AACzB,KAAA,CAAC;IAEF,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClC,QAAA,GAAG,CAAC,mDAAmD,EAAE,EAAE,SAAS,EAAE,CAAC;AACvE,QAAA,OAAO,QAAQ;IACjB;AAEA,IAAA,IAAI,CAAC,OAAO,IAAI,WAAW,EAAE;QAC3B,GAAG,CAAC,uDAAuD,EAAE;YAC3D,SAAS;AACV,SAAA,CAAC;AACF,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;AAC1D,QAAA,MAAM,6BAA6B,CAAC;YAClC,SAAS;YACT,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;AACF,QAAA,GAAG,CAAC,+CAA+C,EAAE,EAAE,SAAS,EAAE,CAAC;IACrE;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,0CAA0C,EAAE;YAC9C,SAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AAEpB,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AACF;;;;"}
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
2
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
3
3
|
import { Auth0Config } from 'src/types';
|
|
4
|
-
export declare const handleAccessTokenRequest: ({ request, response, auth0Instance, auth0Config, onError, }: {
|
|
4
|
+
export declare const handleAccessTokenRequest: ({ requestId, request, response, auth0Instance, auth0Config, onError, }: {
|
|
5
|
+
requestId: string;
|
|
5
6
|
request: NextRequest;
|
|
6
7
|
response: NextResponse;
|
|
7
8
|
auth0Instance: Auth0Client;
|
|
@@ -6,13 +6,16 @@ import { combineHeaders } from './combineHeaders.js';
|
|
|
6
6
|
import { addCachingHeaders } from './addCachingHeaders.js';
|
|
7
7
|
|
|
8
8
|
const log = debug('@smg-automotive/auth:token');
|
|
9
|
-
const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth0Config, onError, }) => {
|
|
9
|
+
const handleAccessTokenRequest = async ({ requestId, request, response, auth0Instance, auth0Config, onError, }) => {
|
|
10
10
|
if (request.nextUrl.pathname !== auth0Config.tokenEndpoint)
|
|
11
11
|
return;
|
|
12
|
-
log('Handling access token request', {
|
|
12
|
+
log('Handling access token request', {
|
|
13
|
+
requestId,
|
|
14
|
+
pathname: request.nextUrl.pathname,
|
|
15
|
+
});
|
|
13
16
|
const session = await auth0Instance.getSession(request);
|
|
14
17
|
if (!session) {
|
|
15
|
-
log('Access token request failed: no session');
|
|
18
|
+
log('Access token request failed: no session', { requestId });
|
|
16
19
|
return NextResponse.json({
|
|
17
20
|
error: {
|
|
18
21
|
message: 'The user does not have an active session.',
|
|
@@ -23,14 +26,15 @@ const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth
|
|
|
23
26
|
});
|
|
24
27
|
}
|
|
25
28
|
try {
|
|
26
|
-
log('Refreshing access token');
|
|
29
|
+
log('Refreshing access token', { requestId });
|
|
27
30
|
const { token, expiresAt } = await proactivelyRefreshAccessToken({
|
|
31
|
+
requestId,
|
|
28
32
|
request,
|
|
29
33
|
response,
|
|
30
34
|
auth0Instance,
|
|
31
35
|
auth0Config,
|
|
32
36
|
});
|
|
33
|
-
log('Access token refreshed successfully', { expiresAt });
|
|
37
|
+
log('Access token refreshed successfully', { requestId, expiresAt });
|
|
34
38
|
const tokenResponse = NextResponse.json({
|
|
35
39
|
token,
|
|
36
40
|
expiresAt,
|
|
@@ -50,6 +54,7 @@ const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth
|
|
|
50
54
|
catch (error) {
|
|
51
55
|
const authError = error;
|
|
52
56
|
log('Access token request error', {
|
|
57
|
+
requestId,
|
|
53
58
|
message: authError.message,
|
|
54
59
|
code: authError.code,
|
|
55
60
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token.js","sources":["../../../../../src/server/middleware/token.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;
|
|
1
|
+
{"version":3,"file":"token.js","sources":["../../../../../src/server/middleware/token.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;AAWA,MAAM,GAAG,GAAG,KAAK,CAAC,4BAA4B,CAAC;MAElC,wBAAwB,GAAG,OAAO,EAC7C,SAAS,EACT,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,EACX,OAAO,GAQR,KAAkC;IACjC,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,WAAW,CAAC,aAAa;QAAE;IAE5D,GAAG,CAAC,+BAA+B,EAAE;QACnC,SAAS;AACT,QAAA,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ;AACnC,KAAA,CAAC;IACF,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,GAAG,CAAC,yCAAyC,EAAE,EAAE,SAAS,EAAE,CAAC;QAC7D,OAAO,YAAY,CAAC,IAAI,CACtB;AACE,YAAA,KAAK,EAAE;AACL,gBAAA,OAAO,EAAE,2CAA2C;gBACpD,IAAI,EAAE,oBAAoB,CAAC,eAAe;AAC3C,aAAA;SACF,EACD;AACE,YAAA,MAAM,EAAE,GAAG;AACZ,SAAA,CACF;IACH;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,yBAAyB,EAAE,EAAE,SAAS,EAAE,CAAC;QAC7C,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,MAAM,6BAA6B,CAAC;YAC/D,SAAS;YACT,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;QACF,GAAG,CAAC,qCAAqC,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;AACpE,QAAA,MAAM,aAAa,GAAG,YAAY,CAAC,IAAI,CAAC;YACtC,KAAK;YACL,SAAS;AACV,SAAA,CAAC;QACF,MAAM,2BAA2B,GAAG,cAAc,CAAC;AACjD,YAAA,kBAAkB,EAAE,aAAa;AACjC,YAAA,YAAY,EAAE,QAAQ;AACtB,YAAA,eAAe,EAAE,IAAI;AACtB,SAAA,CAAC;QACF,iBAAiB,CAAC,2BAA2B,CAAC;;QAE9C,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE;AAC9C,YAAA,2BAA2B,CAAC,OAAO,CAAC,GAAG,CACrC,MAAM,CAAC,IAAI,EACX,MAAM,CAAC,KAAK,EACZ,MAAM,CACP;QACH;AACA,QAAA,OAAO,2BAA2B;IACpC;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,4BAA4B,EAAE;YAChC,SAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AACpB,QAAA,OAAO,YAAY,CAAC,IAAI,CACtB,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,EAC/D,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB;IACH;AACF;;;;"}
|