@smg-automotive/auth 8.2.0-lschuerch-FED-883-user-endpoint.1 → 8.2.1-instrumentation-with-debug.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +66 -0
- package/dist/cjs/client/hooks/useUser.js +2 -2
- package/dist/cjs/client/hooks/useUser.js.map +1 -1
- package/dist/cjs/server/helpers/getAccessToken.js +12 -0
- package/dist/cjs/server/helpers/getAccessToken.js.map +1 -1
- package/dist/cjs/server/helpers/getUser.js +39 -7
- package/dist/cjs/server/helpers/getUser.js.map +1 -1
- package/dist/cjs/server/hooks/onCallbackFactory.d.ts +1 -1
- package/dist/cjs/server/hooks/onCallbackFactory.js +14 -1
- package/dist/cjs/server/hooks/onCallbackFactory.js.map +1 -1
- package/dist/cjs/server/middleware/index.js +42 -0
- package/dist/cjs/server/middleware/index.js.map +1 -1
- package/dist/cjs/server/middleware/logout.d.ts +4 -2
- package/dist/cjs/server/middleware/logout.js +34 -13
- package/dist/cjs/server/middleware/logout.js.map +1 -1
- package/dist/cjs/server/middleware/proactivelyRefreshAccessToken.d.ts +2 -1
- package/dist/cjs/server/middleware/proactivelyRefreshAccessToken.js +26 -4
- package/dist/cjs/server/middleware/proactivelyRefreshAccessToken.js.map +1 -1
- package/dist/cjs/server/middleware/profile.d.ts +2 -1
- package/dist/cjs/server/middleware/profile.js +27 -3
- package/dist/cjs/server/middleware/profile.js.map +1 -1
- package/dist/cjs/server/middleware/protectRoute.d.ts +2 -1
- package/dist/cjs/server/middleware/protectRoute.js +26 -2
- package/dist/cjs/server/middleware/protectRoute.js.map +1 -1
- package/dist/cjs/server/middleware/token.d.ts +2 -1
- package/dist/cjs/server/middleware/token.js +20 -1
- package/dist/cjs/server/middleware/token.js.map +1 -1
- package/dist/esm/client/hooks/useUser.js +2 -2
- package/dist/esm/client/hooks/useUser.js.map +1 -1
- package/dist/esm/server/helpers/getAccessToken.js +8 -0
- package/dist/esm/server/helpers/getAccessToken.js.map +1 -1
- package/dist/esm/server/helpers/getUser.js +35 -7
- package/dist/esm/server/helpers/getUser.js.map +1 -1
- package/dist/esm/server/hooks/onCallbackFactory.d.ts +1 -1
- package/dist/esm/server/hooks/onCallbackFactory.js +14 -1
- package/dist/esm/server/hooks/onCallbackFactory.js.map +1 -1
- package/dist/esm/server/middleware/index.js +38 -0
- package/dist/esm/server/middleware/index.js.map +1 -1
- package/dist/esm/server/middleware/logout.d.ts +4 -2
- package/dist/esm/server/middleware/logout.js +30 -13
- package/dist/esm/server/middleware/logout.js.map +1 -1
- package/dist/esm/server/middleware/proactivelyRefreshAccessToken.d.ts +2 -1
- package/dist/esm/server/middleware/proactivelyRefreshAccessToken.js +22 -4
- package/dist/esm/server/middleware/proactivelyRefreshAccessToken.js.map +1 -1
- package/dist/esm/server/middleware/profile.d.ts +2 -1
- package/dist/esm/server/middleware/profile.js +23 -3
- package/dist/esm/server/middleware/profile.js.map +1 -1
- package/dist/esm/server/middleware/protectRoute.d.ts +2 -1
- package/dist/esm/server/middleware/protectRoute.js +22 -2
- package/dist/esm/server/middleware/protectRoute.js.map +1 -1
- package/dist/esm/server/middleware/token.d.ts +2 -1
- package/dist/esm/server/middleware/token.js +16 -1
- package/dist/esm/server/middleware/token.js.map +1 -1
- package/package.json +6 -4
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
import { NextResponse } from 'next/server';
|
|
2
|
+
import debug from 'debug';
|
|
2
3
|
|
|
4
|
+
const log = debug('@smg-automotive/auth:logout');
|
|
3
5
|
const validateReturnTo = ({ pathOrUrl, host, protocol, otherDomainHost, crossDomainLogout, }) => {
|
|
4
6
|
if (typeof pathOrUrl !== 'string')
|
|
5
7
|
return false;
|
|
@@ -41,12 +43,14 @@ const getOtherDomainHost = (currentHost) => {
|
|
|
41
43
|
}
|
|
42
44
|
return currentHost;
|
|
43
45
|
};
|
|
44
|
-
const handleCrossDomainLogout = ({ host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }) => {
|
|
46
|
+
const handleCrossDomainLogout = ({ requestId, host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }) => {
|
|
45
47
|
if (request.nextUrl.pathname !== logoutEndpoint)
|
|
46
48
|
return;
|
|
49
|
+
log('Handling logout request', { requestId, host, protocol });
|
|
47
50
|
const searchParams = new URLSearchParams(request.nextUrl.search);
|
|
48
51
|
const specifiedReturnTo = searchParams.get('returnTo') || '';
|
|
49
52
|
const crossDomainLogout = searchParams.get('crossDomain') === 'true';
|
|
53
|
+
log('Logout parameters', { requestId, specifiedReturnTo, crossDomainLogout });
|
|
50
54
|
const otherDomainHost = getOtherDomainHost(host);
|
|
51
55
|
const currentDomainUrl = `${protocol}://${host}`;
|
|
52
56
|
const locale = searchParams.get('locale');
|
|
@@ -58,16 +62,23 @@ const handleCrossDomainLogout = ({ host, protocol, request, auth0Config: { langu
|
|
|
58
62
|
pathOrUrl: specifiedReturnTo,
|
|
59
63
|
crossDomainLogout,
|
|
60
64
|
});
|
|
65
|
+
log('ReturnTo validation', { requestId, isSafePath, specifiedReturnTo });
|
|
61
66
|
if (isSafePath && specifiedReturnTo) {
|
|
62
67
|
returnTo = specifiedReturnTo;
|
|
63
68
|
}
|
|
64
69
|
if (!crossDomainLogout && otherDomainHost && otherDomainHost !== host) {
|
|
70
|
+
log('Initiating cross-domain logout', { requestId, otherDomainHost });
|
|
65
71
|
const backToCurrentDomainUrl = new URL(logoutEndpoint, currentDomainUrl);
|
|
66
72
|
backToCurrentDomainUrl.searchParams.set('returnTo', returnTo);
|
|
67
73
|
backToCurrentDomainUrl.searchParams.set('crossDomain', 'true');
|
|
68
74
|
const otherDomainLogoutUrl = new URL(logoutEndpoint, `${protocol}://${otherDomainHost}`);
|
|
69
75
|
otherDomainLogoutUrl.searchParams.set('crossDomain', 'true');
|
|
70
76
|
otherDomainLogoutUrl.searchParams.set('returnTo', backToCurrentDomainUrl.toString());
|
|
77
|
+
log('Redirecting to other domain for logout', {
|
|
78
|
+
requestId,
|
|
79
|
+
otherDomainHost,
|
|
80
|
+
returnUrl: backToCurrentDomainUrl.toString(),
|
|
81
|
+
});
|
|
71
82
|
return NextResponse.redirect(otherDomainLogoutUrl, {
|
|
72
83
|
status: 302,
|
|
73
84
|
});
|
|
@@ -91,27 +102,32 @@ const getLegacyCookieDomain = (hostname) => {
|
|
|
91
102
|
const base = parts.slice(-2).join('.');
|
|
92
103
|
return `.${base}`;
|
|
93
104
|
};
|
|
94
|
-
const deleteRelatedSessionCookies = ({ host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }) => {
|
|
105
|
+
const deleteRelatedSessionCookies = ({ requestId, host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }) => {
|
|
95
106
|
if (request.nextUrl.pathname !== logoutEndpoint || !response)
|
|
96
107
|
return;
|
|
97
|
-
authCookieNames.
|
|
108
|
+
const cookiesToDelete = authCookieNames.flatMap((cookieName) => [
|
|
109
|
+
cookieName,
|
|
110
|
+
`${cookieName}__0`,
|
|
111
|
+
`${cookieName}__1`,
|
|
112
|
+
]);
|
|
113
|
+
log('Deleting session cookies', {
|
|
114
|
+
requestId,
|
|
115
|
+
host,
|
|
116
|
+
cookies: cookiesToDelete,
|
|
117
|
+
});
|
|
118
|
+
cookiesToDelete.forEach((cookieName) => {
|
|
98
119
|
response.cookies.delete({
|
|
99
120
|
name: cookieName,
|
|
100
121
|
maxAge: 0,
|
|
101
122
|
path: '/',
|
|
102
123
|
});
|
|
103
|
-
response.cookies.delete({
|
|
104
|
-
name: `${cookieName}__0`,
|
|
105
|
-
maxAge: 0,
|
|
106
|
-
path: '/',
|
|
107
|
-
});
|
|
108
|
-
response.cookies.delete({
|
|
109
|
-
name: `${cookieName}__1`,
|
|
110
|
-
maxAge: 0,
|
|
111
|
-
path: '/',
|
|
112
|
-
});
|
|
113
124
|
});
|
|
114
125
|
const legacyCookieDomain = getLegacyCookieDomain(host);
|
|
126
|
+
log('Deleting legacy cookies', {
|
|
127
|
+
requestId,
|
|
128
|
+
cookies: [legacyAccessTokenName, legacyRefreshTokenName],
|
|
129
|
+
legacyCookieDomain,
|
|
130
|
+
});
|
|
115
131
|
response.cookies.delete({
|
|
116
132
|
name: legacyAccessTokenName,
|
|
117
133
|
maxAge: 0,
|
|
@@ -124,6 +140,7 @@ const deleteRelatedSessionCookies = ({ host, request, response, auth0Config: { l
|
|
|
124
140
|
path: '/',
|
|
125
141
|
domain: legacyCookieDomain,
|
|
126
142
|
});
|
|
143
|
+
log('All session cookies deleted', { requestId });
|
|
127
144
|
};
|
|
128
145
|
|
|
129
146
|
export { deleteRelatedSessionCookies, handleCrossDomainLogout };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logout.js","sources":["../../../../../src/server/middleware/logout.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"logout.js","sources":["../../../../../src/server/middleware/logout.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAKA,MAAM,GAAG,GAAG,KAAK,CAAC,6BAA6B,CAAC;AAEhD,MAAM,gBAAgB,GAAG,CAAC,EACxB,SAAS,EACT,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,iBAAiB,GAOlB,KAAI;IACH,IAAI,OAAO,SAAS,KAAK,QAAQ;AAAE,QAAA,OAAO,KAAK;AAC/C,IAAA,IAAI,SAAS,CAAC,MAAM,GAAG,IAAI;AAAE,QAAA,OAAO,KAAK;AAEzC,IAAA,IAAI;AACF,QAAA,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,SAAS,CAAC;QACtD,MAAM,KAAK,GAAG,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC;QACjD,MAAM,eAAe,GAAG,IAAI,GAAG,CAC7B,KAAK,GAAG,gBAAgB,GAAG,GAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,CAAA,EAAG,gBAAgB,CAAA,CAAE,CACtE;AACD,QAAA,MAAM,WAAW,GAAG,eAAe,CAAC,QAAQ;AAE5C,QAAA,IACE,iBAAiB;YACjB,KAAK;AACL,YAAA,eAAe,CAAC,IAAI,KAAK,eAAe,EACxC;AACA,YAAA,OAAO,KAAK;QACd;QAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,CAAC,IAAI,KAAK,IAAI,EAAE;AACvD,YAAA,OAAO,KAAK;QACd;AAEA,QAAA,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;AAChE,YAAA,OAAO,KAAK;QACd;;;QAIA,MAAM,eAAe,GAAG,yBAAyB;AACjD,QAAA,OAAO,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC;IAC1C;IAAE,OAAO,KAAK,EAAE;;AAEd,QAAA,OAAO,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,CAAC;AACjD,QAAA,OAAO,KAAK;IACd;AACF,CAAC;AAED,MAAM,kBAAkB,GAAG,CAAC,WAAmB,KAAY;AACzD,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,OAAO,WAAW;AACpB,CAAC;MAEY,uBAAuB,GAAG,CAAC,EACtC,SAAS,EACT,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,WAAW,EAAE,EAAE,cAAc,EAAE,cAAc,EAAE,GAOhD,KAAyB;AACxB,IAAA,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,cAAc;QAAE;IAEjD,GAAG,CAAC,yBAAyB,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAC7D,MAAM,YAAY,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC;IAEhE,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE;IAC5D,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CAAC,aAAa,CAAC,KAAK,MAAM;IACpE,GAAG,CAAC,mBAAmB,EAAE,EAAE,SAAS,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,CAAC;AAE7E,IAAA,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,CAAC;AAChD,IAAA,MAAM,gBAAgB,GAAG,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,EAAE;IAChD,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC;AACzC,IAAA,IAAI,QAAQ,GAAG,MAAM,GAAG,CAAA,CAAA,EAAI,MAAM,CAAA,CAAE,GAAG,CAAA,CAAA,EAAI,cAAc,CAAC,OAAO,EAAE;IACnE,MAAM,UAAU,GAAG,gBAAgB,CAAC;QAClC,QAAQ;QACR,IAAI;QACJ,eAAe;AACf,QAAA,SAAS,EAAE,iBAAiB;QAC5B,iBAAiB;AAClB,KAAA,CAAC;IACF,GAAG,CAAC,qBAAqB,EAAE,EAAE,SAAS,EAAE,UAAU,EAAE,iBAAiB,EAAE,CAAC;AACxE,IAAA,IAAI,UAAU,IAAI,iBAAiB,EAAE;QACnC,QAAQ,GAAG,iBAAiB;IAC9B;IAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,IAAI,eAAe,KAAK,IAAI,EAAE;QACrE,GAAG,CAAC,gCAAgC,EAAE,EAAE,SAAS,EAAE,eAAe,EAAE,CAAC;QACrE,MAAM,sBAAsB,GAAG,IAAI,GAAG,CAAC,cAAc,EAAE,gBAAgB,CAAC;QACxE,sBAAsB,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC;QAC7D,sBAAsB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC;AAE9D,QAAA,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAClC,cAAc,EACd,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,eAAe,CAAA,CAAE,CACnC;QACD,oBAAoB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC;AAC5D,QAAA,oBAAoB,CAAC,YAAY,CAAC,GAAG,CACnC,UAAU,EACV,sBAAsB,CAAC,QAAQ,EAAE,CAClC;QAED,GAAG,CAAC,wCAAwC,EAAE;YAC5C,SAAS;YACT,eAAe;AACf,YAAA,SAAS,EAAE,sBAAsB,CAAC,QAAQ,EAAE;AAC7C,SAAA,CAAC;AACF,QAAA,OAAO,YAAY,CAAC,QAAQ,CAAC,oBAAoB,EAAE;AACjD,YAAA,MAAM,EAAE,GAAG;AACZ,SAAA,CAAC;IACJ;IAEA,IAAI,aAAa,GAAG,KAAK;AACzB,IAAA,IAAI;AACF,QAAA,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC;AACpD,QAAA,aAAa,GAAG,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC;IACpD;IAAE,OAAO,KAAK,EAAE;;AAEd,QAAA,OAAO,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,CAAC;IACjD;AAEA,IAAA,YAAY,CAAC,GAAG,CACd,UAAU,EACV,aAAa,GAAG,QAAQ,GAAG,CAAA,EAAG,gBAAgB,GAAG,QAAQ,CAAA,CAAE,CAC5D;IACD,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,YAAY,CAAC,QAAQ,EAAE;AAClD;AAEA,MAAM,qBAAqB,GAAG,CAAC,QAAgB,KAAI;IACjD,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC;AACjC,IAAA,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAE;AAE3C,IAAA,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;IACtC,OAAO,CAAA,CAAA,EAAI,IAAI,CAAA,CAAE;AACnB,CAAC;AAEM,MAAM,2BAA2B,GAAG,CAAC,EAC1C,SAAS,EACT,IAAI,EACJ,OAAO,EACP,QAAQ,EACR,WAAW,EAAE,EACX,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,sBAAsB,GACvB,GAOF,KAAI;IACH,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,cAAc,IAAI,CAAC,QAAQ;QAAE;IAE9D,MAAM,eAAe,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC,UAAU,KAAK;QAC9D,UAAU;AACV,QAAA,CAAA,EAAG,UAAU,CAAA,GAAA,CAAK;AAClB,QAAA,CAAA,EAAG,UAAU,CAAA,GAAA,CAAK;AACnB,KAAA,CAAC;IACF,GAAG,CAAC,0BAA0B,EAAE;QAC9B,SAAS;QACT,IAAI;AACJ,QAAA,OAAO,EAAE,eAAe;AACzB,KAAA,CAAC;AACF,IAAA,eAAe,CAAC,OAAO,CAAC,CAAC,UAAU,KAAI;AACrC,QAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,YAAA,IAAI,EAAE,UAAU;AAChB,YAAA,MAAM,EAAE,CAAC;AACT,YAAA,IAAI,EAAE,GAAG;AACV,SAAA,CAAC;AACJ,IAAA,CAAC,CAAC;AAEF,IAAA,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,IAAI,CAAC;IACtD,GAAG,CAAC,yBAAyB,EAAE;QAC7B,SAAS;AACT,QAAA,OAAO,EAAE,CAAC,qBAAqB,EAAE,sBAAsB,CAAC;QACxD,kBAAkB;AACnB,KAAA,CAAC;AACF,IAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,QAAA,IAAI,EAAE,qBAAqB;AAC3B,QAAA,MAAM,EAAE,CAAC;AACT,QAAA,IAAI,EAAE,GAAG;AACT,QAAA,MAAM,EAAE,kBAAkB;AAC3B,KAAA,CAAC;AACF,IAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,QAAA,IAAI,EAAE,sBAAsB;AAC5B,QAAA,MAAM,EAAE,CAAC;AACT,QAAA,IAAI,EAAE,GAAG;AACT,QAAA,MAAM,EAAE,kBAAkB;AAC3B,KAAA,CAAC;AACF,IAAA,GAAG,CAAC,6BAA6B,EAAE,EAAE,SAAS,EAAE,CAAC;AACnD;;;;"}
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
2
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
3
3
|
import { Auth0Config } from 'src/types/auth0/config';
|
|
4
|
-
export declare const proactivelyRefreshAccessToken: ({ request, response, auth0Instance, auth0Config, }: {
|
|
4
|
+
export declare const proactivelyRefreshAccessToken: ({ requestId, request, response, auth0Instance, auth0Config, }: {
|
|
5
|
+
requestId: string;
|
|
5
6
|
request: NextRequest;
|
|
6
7
|
response: NextResponse;
|
|
7
8
|
auth0Instance: Auth0Client;
|
|
@@ -1,10 +1,28 @@
|
|
|
1
|
-
|
|
1
|
+
import debug from 'debug';
|
|
2
|
+
|
|
3
|
+
const log = debug('@smg-automotive/auth:token');
|
|
4
|
+
const proactivelyRefreshAccessToken = async ({ requestId, request, response, auth0Instance, auth0Config, }) => {
|
|
5
|
+
log('Checking if token refresh is needed', { requestId });
|
|
2
6
|
const session = await auth0Instance.getSession(request);
|
|
3
|
-
const
|
|
4
|
-
|
|
5
|
-
|
|
7
|
+
const expiresAt = session?.tokenSet.expiresAt || 0;
|
|
8
|
+
const expiresInSeconds = expiresAt - Date.now() / 1000;
|
|
9
|
+
const shouldRefresh = auth0Config.debugForceTokenRefresh || expiresAt < Date.now() / 1000 + 30;
|
|
10
|
+
log('Token refresh decision', {
|
|
11
|
+
requestId,
|
|
12
|
+
shouldRefresh,
|
|
13
|
+
expiresInSeconds: Math.round(expiresInSeconds),
|
|
14
|
+
debugForceRefresh: auth0Config.debugForceTokenRefresh,
|
|
15
|
+
hasSession: !!session,
|
|
16
|
+
});
|
|
17
|
+
const result = await auth0Instance.getAccessToken(request, response, {
|
|
6
18
|
refresh: shouldRefresh,
|
|
7
19
|
});
|
|
20
|
+
log('Access token retrieved', {
|
|
21
|
+
requestId,
|
|
22
|
+
expiresAt: result.expiresAt,
|
|
23
|
+
tokenLength: result.token.length,
|
|
24
|
+
});
|
|
25
|
+
return result;
|
|
8
26
|
};
|
|
9
27
|
|
|
10
28
|
export { proactivelyRefreshAccessToken };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAMA,MAAM,GAAG,GAAG,KAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,6BAA6B,GAAG,OAAO,EAClD,SAAS,EACT,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,GAOZ,KAAmD;AAClD,IAAA,GAAG,CAAC,qCAAqC,EAAE,EAAE,SAAS,EAAE,CAAC;IACzD,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,MAAM,SAAS,GAAG,OAAO,EAAE,QAAQ,CAAC,SAAS,IAAI,CAAC;IAClD,MAAM,gBAAgB,GAAG,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI;AACtD,IAAA,MAAM,aAAa,GACjB,WAAW,CAAC,sBAAsB,IAAI,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,EAAE;IAE1E,GAAG,CAAC,wBAAwB,EAAE;QAC5B,SAAS;QACT,aAAa;AACb,QAAA,gBAAgB,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC;QAC9C,iBAAiB,EAAE,WAAW,CAAC,sBAAsB;QACrD,UAAU,EAAE,CAAC,CAAC,OAAO;AACtB,KAAA,CAAC;IAEF,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,EAAE,QAAQ,EAAE;AACnE,QAAA,OAAO,EAAE,aAAa;AACvB,KAAA,CAAC;IAEF,GAAG,CAAC,wBAAwB,EAAE;QAC5B,SAAS;QACT,SAAS,EAAE,MAAM,CAAC,SAAS;AAC3B,QAAA,WAAW,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM;AACjC,KAAA,CAAC;AAEF,IAAA,OAAO,MAAM;AACf;;;;"}
|
|
@@ -2,7 +2,8 @@ import { NextRequest, NextResponse } from 'next/server';
|
|
|
2
2
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
3
3
|
import { Brand } from 'src/types/brand';
|
|
4
4
|
import { Auth0Config } from 'src/types';
|
|
5
|
-
export declare const handleUserProfile: ({ request, response, auth0Instance, auth0Config, brand, }: {
|
|
5
|
+
export declare const handleUserProfile: ({ requestId, request, response, auth0Instance, auth0Config, brand, }: {
|
|
6
|
+
requestId: string;
|
|
6
7
|
request: NextRequest;
|
|
7
8
|
response: NextResponse;
|
|
8
9
|
auth0Instance: Auth0Client;
|
|
@@ -1,21 +1,25 @@
|
|
|
1
1
|
import { NextResponse } from 'next/server';
|
|
2
|
+
import debug from 'debug';
|
|
2
3
|
import { enrichUser } from '../../lib/enrichUser/session.js';
|
|
3
4
|
import { proactivelyRefreshAccessToken } from './proactivelyRefreshAccessToken.js';
|
|
4
5
|
import { combineHeaders } from './combineHeaders.js';
|
|
5
6
|
import { combineCookies } from './combineCookies.js';
|
|
6
7
|
import { addCachingHeaders } from './addCachingHeaders.js';
|
|
7
8
|
|
|
9
|
+
const log = debug('@smg-automotive/auth:profile');
|
|
8
10
|
const responseHeaders = {
|
|
9
11
|
Vary: 'Cookie, Authorization',
|
|
10
12
|
'Cache-Control': 'private, no-cache, no-store, must-revalidate, max-age=0',
|
|
11
13
|
Pragma: 'no-cache',
|
|
12
14
|
Expires: '0',
|
|
13
15
|
};
|
|
14
|
-
const handleUserProfile = async ({ request, response, auth0Instance, auth0Config, brand, }) => {
|
|
16
|
+
const handleUserProfile = async ({ requestId, request, response, auth0Instance, auth0Config, brand, }) => {
|
|
15
17
|
if (request.nextUrl.pathname !== auth0Config.userProfileEndpoint)
|
|
16
18
|
return;
|
|
19
|
+
log('Handling user profile request', { requestId, brand });
|
|
17
20
|
const session = await auth0Instance.getSession(request);
|
|
18
21
|
if (!session) {
|
|
22
|
+
log('No session found for profile request', { requestId });
|
|
19
23
|
return new NextResponse(null, {
|
|
20
24
|
status: 204,
|
|
21
25
|
headers: responseHeaders,
|
|
@@ -23,17 +27,30 @@ const handleUserProfile = async ({ request, response, auth0Instance, auth0Config
|
|
|
23
27
|
}
|
|
24
28
|
try {
|
|
25
29
|
const user = session.user;
|
|
30
|
+
log('User found, refreshing token and enriching', {
|
|
31
|
+
requestId,
|
|
32
|
+
userId: user.userId,
|
|
33
|
+
sellerId: user.sellerId,
|
|
34
|
+
});
|
|
26
35
|
const { token } = await proactivelyRefreshAccessToken({
|
|
36
|
+
requestId,
|
|
27
37
|
request,
|
|
28
38
|
response,
|
|
29
39
|
auth0Instance,
|
|
30
40
|
auth0Config,
|
|
31
41
|
});
|
|
42
|
+
log('Token refreshed, enriching user', { requestId });
|
|
32
43
|
const enrichedUser = await enrichUser({
|
|
33
44
|
user,
|
|
34
45
|
accessToken: token,
|
|
35
46
|
brand,
|
|
36
47
|
});
|
|
48
|
+
log('User enriched successfully', {
|
|
49
|
+
requestId,
|
|
50
|
+
userId: enrichedUser.userId,
|
|
51
|
+
sellerId: enrichedUser.sellerId,
|
|
52
|
+
hasEntitlements: !!enrichedUser.entitlements,
|
|
53
|
+
});
|
|
37
54
|
const userResponse = NextResponse.json(enrichedUser);
|
|
38
55
|
const responseWithCombinedHeaders = combineHeaders({
|
|
39
56
|
middlewareResponse: userResponse,
|
|
@@ -49,8 +66,11 @@ const handleUserProfile = async ({ request, response, auth0Instance, auth0Config
|
|
|
49
66
|
return responseWithCombinedHeaders;
|
|
50
67
|
}
|
|
51
68
|
catch (error) {
|
|
52
|
-
|
|
53
|
-
|
|
69
|
+
log('User Profile error loading entitlements', {
|
|
70
|
+
requestId,
|
|
71
|
+
error: error instanceof Error ? error.message : String(error),
|
|
72
|
+
stack: error instanceof Error ? error.stack : undefined,
|
|
73
|
+
});
|
|
54
74
|
let responseCode = 'UNKNOWN_AUTH_ERROR';
|
|
55
75
|
if (error &&
|
|
56
76
|
typeof error === 'object' &&
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"profile.js","sources":["../../../../../src/server/middleware/profile.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"profile.js","sources":["../../../../../src/server/middleware/profile.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;AAaA,MAAM,GAAG,GAAG,KAAK,CAAC,8BAA8B,CAAC;AAEjD,MAAM,eAAe,GAAG;AACtB,IAAA,IAAI,EAAE,uBAAuB;AAC7B,IAAA,eAAe,EAAE,yDAAyD;AAC1E,IAAA,MAAM,EAAE,UAAU;AAClB,IAAA,OAAO,EAAE,GAAG;CACb;MAEY,iBAAiB,GAAG,OAAO,EACtC,SAAS,EACT,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,EACX,KAAK,GAQN,KAAkC;IACjC,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,WAAW,CAAC,mBAAmB;QAAE;IAElE,GAAG,CAAC,+BAA+B,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;IAC1D,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;AAC1D,QAAA,OAAO,IAAI,YAAY,CAAC,IAAI,EAAE;AAC5B,YAAA,MAAM,EAAE,GAAG;AACX,YAAA,OAAO,EAAE,eAAe;AACzB,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;AACF,QAAA,MAAM,IAAI,GAAG,OAAO,CAAC,IAAmB;QACxC,GAAG,CAAC,4CAA4C,EAAE;YAChD,SAAS;YACT,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;AACxB,SAAA,CAAC;AACF,QAAA,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,6BAA6B,CAAC;YACpD,SAAS;YACT,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;AACF,QAAA,GAAG,CAAC,iCAAiC,EAAE,EAAE,SAAS,EAAE,CAAC;AACrD,QAAA,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC;YACpC,IAAI;AACJ,YAAA,WAAW,EAAE,KAAK;YAClB,KAAK;AACN,SAAA,CAAC;QAEF,GAAG,CAAC,4BAA4B,EAAE;YAChC,SAAS;YACT,MAAM,EAAE,YAAY,CAAC,MAAM;YAC3B,QAAQ,EAAE,YAAY,CAAC,QAAQ;AAC/B,YAAA,eAAe,EAAE,CAAC,CAAC,YAAY,CAAC,YAAY;AAC7C,SAAA,CAAC;QACF,MAAM,YAAY,GAAG,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC;QACpD,MAAM,2BAA2B,GAAG,cAAc,CAAC;AACjD,YAAA,kBAAkB,EAAE,YAAY;AAChC,YAAA,YAAY,EAAE,QAAQ;AACtB,YAAA,eAAe,EAAE,IAAI;AACtB,SAAA,CAAC;QACF,iBAAiB,CAAC,2BAA2B,CAAC;;AAE9C,QAAA,cAAc,CAAC;AACb,YAAA,cAAc,EAAE,QAAQ;AACxB,YAAA,cAAc,EAAE,2BAA2B;AAC5C,SAAA,CAAC;AACF,QAAA,OAAO,2BAA2B;IACpC;IAAE,OAAO,KAAc,EAAE;QACvB,GAAG,CAAC,yCAAyC,EAAE;YAC7C,SAAS;AACT,YAAA,KAAK,EAAE,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC7D,YAAA,KAAK,EAAE,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,KAAK,GAAG,SAAS;AACxD,SAAA,CAAC;QAEF,IAAI,YAAY,GAAG,oBAAoB;AACvC,QAAA,IACE,KAAK;YACL,OAAO,KAAK,KAAK,QAAQ;AACzB,YAAA,MAAM,IAAI,KAAK;AACf,YAAA,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAC9B;AACA,YAAA,YAAY,GAAG,KAAK,CAAC,IAAI;QAC3B;AAEA,QAAA,OAAO,YAAY,CAAC,IAAI,CACtB,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,EAAE,EACjC;AACE,YAAA,MAAM,EAAE,GAAG;AACX,YAAA,OAAO,EAAE,eAAe;AACzB,SAAA,CACF;IACH;AACF;;;;"}
|
|
@@ -2,7 +2,8 @@ import { NextRequest, NextResponse } from 'next/server';
|
|
|
2
2
|
import { Language } from '@smg-automotive/i18n-pkg';
|
|
3
3
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
4
4
|
import { Auth0Config } from 'src/types';
|
|
5
|
-
export declare const protectRoute: ({ isProtected, auth0Instance, auth0Config, language, request, response, onError, }: {
|
|
5
|
+
export declare const protectRoute: ({ requestId, isProtected, auth0Instance, auth0Config, language, request, response, onError, }: {
|
|
6
|
+
requestId: string;
|
|
6
7
|
isProtected: boolean;
|
|
7
8
|
auth0Instance: Auth0Client;
|
|
8
9
|
auth0Config: Auth0Config;
|
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
import { NextResponse } from 'next/server';
|
|
2
|
+
import debug from 'debug';
|
|
2
3
|
import { getLoginLink } from '../../lib/authLinks.js';
|
|
3
4
|
import { proactivelyRefreshAccessToken } from './proactivelyRefreshAccessToken.js';
|
|
4
5
|
|
|
6
|
+
const log = debug('@smg-automotive/auth:protectRoute');
|
|
5
7
|
const redirectToLogin = ({ auth0Config, language, returnTo, origin, }) => {
|
|
6
8
|
const loginUrl = getLoginLink({
|
|
7
9
|
auth0Config,
|
|
@@ -12,13 +14,23 @@ const redirectToLogin = ({ auth0Config, language, returnTo, origin, }) => {
|
|
|
12
14
|
status: 307,
|
|
13
15
|
});
|
|
14
16
|
};
|
|
15
|
-
const protectRoute = async ({ isProtected, auth0Instance, auth0Config, language, request, response, onError, }) => {
|
|
16
|
-
const session = await auth0Instance.getSession(request);
|
|
17
|
+
const protectRoute = async ({ requestId, isProtected, auth0Instance, auth0Config, language, request, response, onError, }) => {
|
|
17
18
|
const { pathname, search, origin } = request.nextUrl;
|
|
19
|
+
log('Checking route protection', { requestId, pathname, isProtected });
|
|
20
|
+
const session = await auth0Instance.getSession(request);
|
|
21
|
+
log('Session check', {
|
|
22
|
+
requestId,
|
|
23
|
+
hasSession: !!session,
|
|
24
|
+
hasUser: !!session?.user,
|
|
25
|
+
});
|
|
18
26
|
if (!isProtected && !session?.user) {
|
|
27
|
+
log('Route not protected and no user session, allowing', { requestId });
|
|
19
28
|
return response;
|
|
20
29
|
}
|
|
21
30
|
if (!session && isProtected) {
|
|
31
|
+
log('Protected route without session, redirecting to login', {
|
|
32
|
+
requestId,
|
|
33
|
+
});
|
|
22
34
|
return redirectToLogin({
|
|
23
35
|
auth0Config,
|
|
24
36
|
language,
|
|
@@ -27,15 +39,23 @@ const protectRoute = async ({ isProtected, auth0Instance, auth0Config, language,
|
|
|
27
39
|
});
|
|
28
40
|
}
|
|
29
41
|
try {
|
|
42
|
+
log('Refreshing token for protected route', { requestId });
|
|
30
43
|
await proactivelyRefreshAccessToken({
|
|
44
|
+
requestId,
|
|
31
45
|
request,
|
|
32
46
|
response,
|
|
33
47
|
auth0Instance,
|
|
34
48
|
auth0Config,
|
|
35
49
|
});
|
|
50
|
+
log('Token refreshed successfully, allowing access', { requestId });
|
|
36
51
|
}
|
|
37
52
|
catch (error) {
|
|
38
53
|
const authError = error;
|
|
54
|
+
log('Token refresh failed for protected route', {
|
|
55
|
+
requestId,
|
|
56
|
+
message: authError.message,
|
|
57
|
+
code: authError.code,
|
|
58
|
+
});
|
|
39
59
|
onError?.(authError);
|
|
40
60
|
return redirectToLogin({
|
|
41
61
|
auth0Config,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAWA,MAAM,GAAG,GAAG,KAAK,CAAC,mCAAmC,CAAC;AAEtD,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAkB;IACjB,MAAM,QAAQ,GAAG,YAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAO,YAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ,CAAC;AAEM,MAAM,YAAY,GAAG,OAAO,EACjC,SAAS,EACT,WAAW,EACX,aAAa,EACb,WAAW,EACX,QAAQ,EACR,OAAO,EACP,QAAQ,EACR,OAAO,GAUR,KAAkC;IACjC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;IACpD,GAAG,CAAC,2BAA2B,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;IAEtE,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,GAAG,CAAC,eAAe,EAAE;QACnB,SAAS;QACT,UAAU,EAAE,CAAC,CAAC,OAAO;AACrB,QAAA,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,IAAI;AACzB,KAAA,CAAC;IAEF,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClC,QAAA,GAAG,CAAC,mDAAmD,EAAE,EAAE,SAAS,EAAE,CAAC;AACvE,QAAA,OAAO,QAAQ;IACjB;AAEA,IAAA,IAAI,CAAC,OAAO,IAAI,WAAW,EAAE;QAC3B,GAAG,CAAC,uDAAuD,EAAE;YAC3D,SAAS;AACV,SAAA,CAAC;AACF,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;AAC1D,QAAA,MAAM,6BAA6B,CAAC;YAClC,SAAS;YACT,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;AACF,QAAA,GAAG,CAAC,+CAA+C,EAAE,EAAE,SAAS,EAAE,CAAC;IACrE;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,0CAA0C,EAAE;YAC9C,SAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AAEpB,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AACF;;;;"}
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
2
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
3
3
|
import { Auth0Config } from 'src/types';
|
|
4
|
-
export declare const handleAccessTokenRequest: ({ request, response, auth0Instance, auth0Config, onError, }: {
|
|
4
|
+
export declare const handleAccessTokenRequest: ({ requestId, request, response, auth0Instance, auth0Config, onError, }: {
|
|
5
|
+
requestId: string;
|
|
5
6
|
request: NextRequest;
|
|
6
7
|
response: NextResponse;
|
|
7
8
|
auth0Instance: Auth0Client;
|
|
@@ -1,15 +1,22 @@
|
|
|
1
1
|
import { NextResponse } from 'next/server';
|
|
2
|
+
import debug from 'debug';
|
|
2
3
|
import { AccessTokenErrorCode } from '@auth0/nextjs-auth0/errors';
|
|
3
4
|
import { proactivelyRefreshAccessToken } from './proactivelyRefreshAccessToken.js';
|
|
4
5
|
import { combineHeaders } from './combineHeaders.js';
|
|
5
6
|
import { combineCookies } from './combineCookies.js';
|
|
6
7
|
import { addCachingHeaders } from './addCachingHeaders.js';
|
|
7
8
|
|
|
8
|
-
const
|
|
9
|
+
const log = debug('@smg-automotive/auth:token');
|
|
10
|
+
const handleAccessTokenRequest = async ({ requestId, request, response, auth0Instance, auth0Config, onError, }) => {
|
|
9
11
|
if (request.nextUrl.pathname !== auth0Config.tokenEndpoint)
|
|
10
12
|
return;
|
|
13
|
+
log('Handling access token request', {
|
|
14
|
+
requestId,
|
|
15
|
+
pathname: request.nextUrl.pathname,
|
|
16
|
+
});
|
|
11
17
|
const session = await auth0Instance.getSession(request);
|
|
12
18
|
if (!session) {
|
|
19
|
+
log('Access token request failed: no session', { requestId });
|
|
13
20
|
return NextResponse.json({
|
|
14
21
|
error: {
|
|
15
22
|
message: 'The user does not have an active session.',
|
|
@@ -20,12 +27,15 @@ const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth
|
|
|
20
27
|
});
|
|
21
28
|
}
|
|
22
29
|
try {
|
|
30
|
+
log('Refreshing access token', { requestId });
|
|
23
31
|
const { token, expiresAt } = await proactivelyRefreshAccessToken({
|
|
32
|
+
requestId,
|
|
24
33
|
request,
|
|
25
34
|
response,
|
|
26
35
|
auth0Instance,
|
|
27
36
|
auth0Config,
|
|
28
37
|
});
|
|
38
|
+
log('Access token refreshed successfully', { requestId, expiresAt });
|
|
29
39
|
const tokenResponse = NextResponse.json({
|
|
30
40
|
token,
|
|
31
41
|
expiresAt,
|
|
@@ -45,6 +55,11 @@ const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth
|
|
|
45
55
|
}
|
|
46
56
|
catch (error) {
|
|
47
57
|
const authError = error;
|
|
58
|
+
log('Access token request error', {
|
|
59
|
+
requestId,
|
|
60
|
+
message: authError.message,
|
|
61
|
+
code: authError.code,
|
|
62
|
+
});
|
|
48
63
|
onError?.(authError);
|
|
49
64
|
return NextResponse.json({ error: { message: authError.message, code: authError.code } }, { status: 401 });
|
|
50
65
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token.js","sources":["../../../../../src/server/middleware/token.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"token.js","sources":["../../../../../src/server/middleware/token.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;AAYA,MAAM,GAAG,GAAG,KAAK,CAAC,4BAA4B,CAAC;MAElC,wBAAwB,GAAG,OAAO,EAC7C,SAAS,EACT,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,EACX,OAAO,GAQR,KAAkC;IACjC,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,WAAW,CAAC,aAAa;QAAE;IAE5D,GAAG,CAAC,+BAA+B,EAAE;QACnC,SAAS;AACT,QAAA,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ;AACnC,KAAA,CAAC;IACF,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,GAAG,CAAC,yCAAyC,EAAE,EAAE,SAAS,EAAE,CAAC;QAC7D,OAAO,YAAY,CAAC,IAAI,CACtB;AACE,YAAA,KAAK,EAAE;AACL,gBAAA,OAAO,EAAE,2CAA2C;gBACpD,IAAI,EAAE,oBAAoB,CAAC,eAAe;AAC3C,aAAA;SACF,EACD;AACE,YAAA,MAAM,EAAE,GAAG;AACZ,SAAA,CACF;IACH;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,yBAAyB,EAAE,EAAE,SAAS,EAAE,CAAC;QAC7C,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,MAAM,6BAA6B,CAAC;YAC/D,SAAS;YACT,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;QACF,GAAG,CAAC,qCAAqC,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;AACpE,QAAA,MAAM,aAAa,GAAG,YAAY,CAAC,IAAI,CAAC;YACtC,KAAK;YACL,SAAS;AACV,SAAA,CAAC;QACF,MAAM,2BAA2B,GAAG,cAAc,CAAC;AACjD,YAAA,kBAAkB,EAAE,aAAa;AACjC,YAAA,YAAY,EAAE,QAAQ;AACtB,YAAA,eAAe,EAAE,IAAI;AACtB,SAAA,CAAC;QACF,iBAAiB,CAAC,2BAA2B,CAAC;;AAE9C,QAAA,cAAc,CAAC;AACb,YAAA,cAAc,EAAE,QAAQ;AACxB,YAAA,cAAc,EAAE,2BAA2B;AAC5C,SAAA,CAAC;AACF,QAAA,OAAO,2BAA2B;IACpC;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,4BAA4B,EAAE;YAChC,SAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AACpB,QAAA,OAAO,YAAY,CAAC,IAAI,CACtB,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,EAC/D,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB;IACH;AACF;;;;"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@smg-automotive/auth",
|
|
3
|
-
"version": "8.2.
|
|
3
|
+
"version": "8.2.1-instrumentation-with-debug.1",
|
|
4
4
|
"description": "SMG Automotive auth package",
|
|
5
5
|
"exports": {
|
|
6
6
|
".": {
|
|
@@ -60,14 +60,15 @@
|
|
|
60
60
|
},
|
|
61
61
|
"homepage": "https://github.com/smg-automotive/auth-pkg#readme",
|
|
62
62
|
"devDependencies": {
|
|
63
|
-
"@rollup/plugin-commonjs": "
|
|
63
|
+
"@rollup/plugin-commonjs": "29.0.0",
|
|
64
64
|
"@rollup/plugin-node-resolve": "16.0.3",
|
|
65
65
|
"@rollup/plugin-typescript": "12.3.0",
|
|
66
|
-
"@smg-automotive/eslint-config": "5.2.
|
|
66
|
+
"@smg-automotive/eslint-config": "5.2.3",
|
|
67
67
|
"@testing-library/dom": "10.4.1",
|
|
68
68
|
"@testing-library/jest-dom": "6.9.1",
|
|
69
69
|
"@testing-library/react": "16.3.0",
|
|
70
70
|
"@testing-library/user-event": "14.6.1",
|
|
71
|
+
"@types/debug": "4.1.12",
|
|
71
72
|
"@types/react": "19.2.2",
|
|
72
73
|
"dotenv": "17.2.3",
|
|
73
74
|
"jest": "30.2.0",
|
|
@@ -76,7 +77,7 @@
|
|
|
76
77
|
"next": "15.5.6",
|
|
77
78
|
"react": "19.2.0",
|
|
78
79
|
"react-dom": "19.2.0",
|
|
79
|
-
"rimraf": "6.0
|
|
80
|
+
"rimraf": "6.1.0",
|
|
80
81
|
"rollup": "4.52.5",
|
|
81
82
|
"rollup-plugin-dts": "6.2.3",
|
|
82
83
|
"rollup-plugin-peer-deps-external": "2.2.4",
|
|
@@ -92,6 +93,7 @@
|
|
|
92
93
|
"@auth0/nextjs-auth0": "4.9.0",
|
|
93
94
|
"@smg-automotive/api-client-pkg": "4.5.0",
|
|
94
95
|
"@smg-automotive/i18n-pkg": "2.0.0",
|
|
96
|
+
"debug": "4.4.3",
|
|
95
97
|
"jose": "6.1.0",
|
|
96
98
|
"redis": "5.9.0"
|
|
97
99
|
},
|