@smg-automotive/auth 8.2.0 → 8.2.1-instrumentation-with-debug.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +66 -0
- package/dist/cjs/server/helpers/getAccessToken.js +12 -0
- package/dist/cjs/server/helpers/getAccessToken.js.map +1 -1
- package/dist/cjs/server/helpers/getUser.js +39 -7
- package/dist/cjs/server/helpers/getUser.js.map +1 -1
- package/dist/cjs/server/middleware/index.js +33 -1
- package/dist/cjs/server/middleware/index.js.map +1 -1
- package/dist/cjs/server/middleware/logout.js +35 -11
- package/dist/cjs/server/middleware/logout.js.map +1 -1
- package/dist/cjs/server/middleware/proactivelyRefreshAccessToken.js +27 -3
- package/dist/cjs/server/middleware/proactivelyRefreshAccessToken.js.map +1 -1
- package/dist/cjs/server/middleware/profile.js +27 -2
- package/dist/cjs/server/middleware/profile.js.map +1 -1
- package/dist/cjs/server/middleware/protectRoute.js +26 -1
- package/dist/cjs/server/middleware/protectRoute.js.map +1 -1
- package/dist/cjs/server/middleware/requestId.d.ts +8 -0
- package/dist/cjs/server/middleware/requestId.js +29 -0
- package/dist/cjs/server/middleware/requestId.js.map +1 -0
- package/dist/cjs/server/middleware/token.js +20 -0
- package/dist/cjs/server/middleware/token.js.map +1 -1
- package/dist/esm/server/helpers/getAccessToken.js +8 -0
- package/dist/esm/server/helpers/getAccessToken.js.map +1 -1
- package/dist/esm/server/helpers/getUser.js +35 -7
- package/dist/esm/server/helpers/getUser.js.map +1 -1
- package/dist/esm/server/middleware/index.js +29 -1
- package/dist/esm/server/middleware/index.js.map +1 -1
- package/dist/esm/server/middleware/logout.js +31 -11
- package/dist/esm/server/middleware/logout.js.map +1 -1
- package/dist/esm/server/middleware/proactivelyRefreshAccessToken.js +23 -3
- package/dist/esm/server/middleware/proactivelyRefreshAccessToken.js.map +1 -1
- package/dist/esm/server/middleware/profile.js +23 -2
- package/dist/esm/server/middleware/profile.js.map +1 -1
- package/dist/esm/server/middleware/protectRoute.js +22 -1
- package/dist/esm/server/middleware/protectRoute.js.map +1 -1
- package/dist/esm/server/middleware/requestId.d.ts +8 -0
- package/dist/esm/server/middleware/requestId.js +26 -0
- package/dist/esm/server/middleware/requestId.js.map +1 -0
- package/dist/esm/server/middleware/token.js +16 -0
- package/dist/esm/server/middleware/token.js.map +1 -1
- package/package.json +3 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":["getLoginLink","NextResponse","proactivelyRefreshAccessToken"],"mappings":"
|
|
1
|
+
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":["debug","getLoginLink","NextResponse","requestId","getOrCreateRequestId","proactivelyRefreshAccessToken"],"mappings":";;;;;;;;;;;;AAYA,MAAM,GAAG,GAAGA,sBAAK,CAAC,mCAAmC,CAAC;AAEtD,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAkB;IACjB,MAAM,QAAQ,GAAGC,sBAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAOC,mBAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ,CAAC;MAEY,YAAY,GAAG,OAAO,EACjC,WAAW,EACX,aAAa,EACb,WAAW,EACX,QAAQ,EACR,OAAO,EACP,QAAQ,EACR,OAAO,GASR,KAAkC;AACjC,IAAA,MAAMC,WAAS,GAAGC,8BAAoB,CAAC,OAAO,CAAC;IAC/C,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;IACpD,GAAG,CAAC,2BAA2B,EAAE,aAAED,WAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;IAEtE,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,GAAG,CAAC,eAAe,EAAE;mBACnBA,WAAS;QACT,UAAU,EAAE,CAAC,CAAC,OAAO;AACrB,QAAA,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,IAAI;AACzB,KAAA,CAAC;IAEF,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClC,QAAA,GAAG,CAAC,mDAAmD,EAAE,aAAEA,WAAS,EAAE,CAAC;AACvE,QAAA,OAAO,QAAQ;IACjB;AAEA,IAAA,IAAI,CAAC,OAAO,IAAI,WAAW,EAAE;QAC3B,GAAG,CAAC,uDAAuD,EAAE;uBAC3DA,WAAS;AACV,SAAA,CAAC;AACF,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,sCAAsC,EAAE,aAAEA,WAAS,EAAE,CAAC;AAC1D,QAAA,MAAME,2DAA6B,CAAC;YAClC,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;AACF,QAAA,GAAG,CAAC,+CAA+C,EAAE,aAAEF,WAAS,EAAE,CAAC;IACrE;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,0CAA0C,EAAE;uBAC9CA,WAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AAEpB,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AACF;;;;"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { NextRequest } from 'next/server';
|
|
2
|
+
export declare const requestIdHeader = "x-automotive-request-id";
|
|
3
|
+
/**
|
|
4
|
+
* Reads the request ID from the request header.
|
|
5
|
+
* Returns undefined if not present.
|
|
6
|
+
*/
|
|
7
|
+
export declare const getRequestId: (request: NextRequest) => string | undefined;
|
|
8
|
+
export declare const getOrCreateRequestId: (request: NextRequest) => string;
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const requestIdHeader = 'x-automotive-request-id';
|
|
4
|
+
const generateRequestId = () => {
|
|
5
|
+
// UUID v4 format: xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx
|
|
6
|
+
// where x is any hex digit and y is one of 8, 9, A, B
|
|
7
|
+
return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, (c) => {
|
|
8
|
+
// eslint-disable-next-line sonarjs/pseudo-random
|
|
9
|
+
const r = (Math.random() * 16) | 0;
|
|
10
|
+
const v = c === 'x' ? r : (r & 0x3) | 0x8;
|
|
11
|
+
return v.toString(16);
|
|
12
|
+
});
|
|
13
|
+
};
|
|
14
|
+
const getRequestIdFromHeader = (request) => {
|
|
15
|
+
return request.headers.get(requestIdHeader) || undefined;
|
|
16
|
+
};
|
|
17
|
+
const getOrCreateRequestId = (request) => {
|
|
18
|
+
const idFromHeader = getRequestIdFromHeader(request);
|
|
19
|
+
if (idFromHeader) {
|
|
20
|
+
return idFromHeader;
|
|
21
|
+
}
|
|
22
|
+
const newId = generateRequestId();
|
|
23
|
+
request.headers.set(requestIdHeader, newId);
|
|
24
|
+
return newId;
|
|
25
|
+
};
|
|
26
|
+
|
|
27
|
+
exports.getOrCreateRequestId = getOrCreateRequestId;
|
|
28
|
+
exports.requestIdHeader = requestIdHeader;
|
|
29
|
+
//# sourceMappingURL=requestId.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"requestId.js","sources":["../../../../../src/server/middleware/requestId.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAEO,MAAM,eAAe,GAAG;AAE/B,MAAM,iBAAiB,GAAG,MAAa;;;IAGrC,OAAO,sCAAsC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,KAAI;;AAEnE,QAAA,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC;AAClC,QAAA,MAAM,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,IAAI,GAAG;AACzC,QAAA,OAAO,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;AACvB,IAAA,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,sBAAsB,GAAG,CAAC,OAAoB,KAAwB;IAC1E,OAAO,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,SAAS;AAC1D,CAAC;AAUM,MAAM,oBAAoB,GAAG,CAAC,OAAoB,KAAY;AACnE,IAAA,MAAM,YAAY,GAAG,sBAAsB,CAAC,OAAO,CAAC;IAEpD,IAAI,YAAY,EAAE;AAChB,QAAA,OAAO,YAAY;IACrB;AAEA,IAAA,MAAM,KAAK,GAAG,iBAAiB,EAAE;IACjC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,CAAC;AAC3C,IAAA,OAAO,KAAK;AACd;;;;;"}
|
|
@@ -1,17 +1,30 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
3
|
var server = require('next/server');
|
|
4
|
+
var debug = require('debug');
|
|
4
5
|
var errors = require('@auth0/nextjs-auth0/errors');
|
|
6
|
+
var requestId = require('./requestId.js');
|
|
5
7
|
var proactivelyRefreshAccessToken = require('./proactivelyRefreshAccessToken.js');
|
|
6
8
|
var combineHeaders = require('./combineHeaders.js');
|
|
7
9
|
var combineCookies = require('./combineCookies.js');
|
|
8
10
|
var addCachingHeaders = require('./addCachingHeaders.js');
|
|
9
11
|
|
|
12
|
+
function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e : { default: e }; }
|
|
13
|
+
|
|
14
|
+
var debug__default = /*#__PURE__*/_interopDefaultCompat(debug);
|
|
15
|
+
|
|
16
|
+
const log = debug__default.default('@smg-automotive/auth:token');
|
|
10
17
|
const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth0Config, onError, }) => {
|
|
11
18
|
if (request.nextUrl.pathname !== auth0Config.tokenEndpoint)
|
|
12
19
|
return;
|
|
20
|
+
const requestId$1 = requestId.getOrCreateRequestId(request);
|
|
21
|
+
log('Handling access token request', {
|
|
22
|
+
requestId: requestId$1,
|
|
23
|
+
pathname: request.nextUrl.pathname,
|
|
24
|
+
});
|
|
13
25
|
const session = await auth0Instance.getSession(request);
|
|
14
26
|
if (!session) {
|
|
27
|
+
log('Access token request failed: no session', { requestId: requestId$1 });
|
|
15
28
|
return server.NextResponse.json({
|
|
16
29
|
error: {
|
|
17
30
|
message: 'The user does not have an active session.',
|
|
@@ -22,12 +35,14 @@ const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth
|
|
|
22
35
|
});
|
|
23
36
|
}
|
|
24
37
|
try {
|
|
38
|
+
log('Refreshing access token', { requestId: requestId$1 });
|
|
25
39
|
const { token, expiresAt } = await proactivelyRefreshAccessToken.proactivelyRefreshAccessToken({
|
|
26
40
|
request,
|
|
27
41
|
response,
|
|
28
42
|
auth0Instance,
|
|
29
43
|
auth0Config,
|
|
30
44
|
});
|
|
45
|
+
log('Access token refreshed successfully', { requestId: requestId$1, expiresAt });
|
|
31
46
|
const tokenResponse = server.NextResponse.json({
|
|
32
47
|
token,
|
|
33
48
|
expiresAt,
|
|
@@ -47,6 +62,11 @@ const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth
|
|
|
47
62
|
}
|
|
48
63
|
catch (error) {
|
|
49
64
|
const authError = error;
|
|
65
|
+
log('Access token request error', {
|
|
66
|
+
requestId: requestId$1,
|
|
67
|
+
message: authError.message,
|
|
68
|
+
code: authError.code,
|
|
69
|
+
});
|
|
50
70
|
onError?.(authError);
|
|
51
71
|
return server.NextResponse.json({ error: { message: authError.message, code: authError.code } }, { status: 401 });
|
|
52
72
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token.js","sources":["../../../../../src/server/middleware/token.ts"],"sourcesContent":[null],"names":["NextResponse","AccessTokenErrorCode","proactivelyRefreshAccessToken","combineHeaders","addCachingHeaders","combineCookies"],"mappings":"
|
|
1
|
+
{"version":3,"file":"token.js","sources":["../../../../../src/server/middleware/token.ts"],"sourcesContent":[null],"names":["debug","requestId","getOrCreateRequestId","NextResponse","AccessTokenErrorCode","proactivelyRefreshAccessToken","combineHeaders","addCachingHeaders","combineCookies"],"mappings":";;;;;;;;;;;;;;;AAaA,MAAM,GAAG,GAAGA,sBAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,wBAAwB,GAAG,OAAO,EAC7C,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,EACX,OAAO,GAOR,KAAkC;IACjC,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,WAAW,CAAC,aAAa;QAAE;AAE5D,IAAA,MAAMC,WAAS,GAAGC,8BAAoB,CAAC,OAAO,CAAC;IAC/C,GAAG,CAAC,+BAA+B,EAAE;mBACnCD,WAAS;AACT,QAAA,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ;AACnC,KAAA,CAAC;IACF,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,GAAG,CAAC,yCAAyC,EAAE,aAAEA,WAAS,EAAE,CAAC;QAC7D,OAAOE,mBAAY,CAAC,IAAI,CACtB;AACE,YAAA,KAAK,EAAE;AACL,gBAAA,OAAO,EAAE,2CAA2C;gBACpD,IAAI,EAAEC,2BAAoB,CAAC,eAAe;AAC3C,aAAA;SACF,EACD;AACE,YAAA,MAAM,EAAE,GAAG;AACZ,SAAA,CACF;IACH;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,yBAAyB,EAAE,aAAEH,WAAS,EAAE,CAAC;QAC7C,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,MAAMI,2DAA6B,CAAC;YAC/D,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;QACF,GAAG,CAAC,qCAAqC,EAAE,aAAEJ,WAAS,EAAE,SAAS,EAAE,CAAC;AACpE,QAAA,MAAM,aAAa,GAAGE,mBAAY,CAAC,IAAI,CAAC;YACtC,KAAK;YACL,SAAS;AACV,SAAA,CAAC;QACF,MAAM,2BAA2B,GAAGG,6BAAc,CAAC;AACjD,YAAA,kBAAkB,EAAE,aAAa;AACjC,YAAA,YAAY,EAAE,QAAQ;AACtB,YAAA,eAAe,EAAE,IAAI;AACtB,SAAA,CAAC;QACFC,mCAAiB,CAAC,2BAA2B,CAAC;;AAE9C,QAAAC,6BAAc,CAAC;AACb,YAAA,cAAc,EAAE,QAAQ;AACxB,YAAA,cAAc,EAAE,2BAA2B;AAC5C,SAAA,CAAC;AACF,QAAA,OAAO,2BAA2B;IACpC;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,4BAA4B,EAAE;uBAChCP,WAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AACpB,QAAA,OAAOE,mBAAY,CAAC,IAAI,CACtB,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,EAC/D,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB;IACH;AACF;;;;"}
|
|
@@ -1,10 +1,18 @@
|
|
|
1
|
+
import debug from 'debug';
|
|
1
2
|
import { getAuth0Instance } from '../getAuth0Instance.js';
|
|
2
3
|
|
|
4
|
+
const log = debug('@smg-automotive/auth:token');
|
|
3
5
|
const getAccessToken = async ({ protocol, host, context, }) => {
|
|
6
|
+
log('Getting access token', {
|
|
7
|
+
host,
|
|
8
|
+
protocol,
|
|
9
|
+
hasRequest: !!context?.request,
|
|
10
|
+
});
|
|
4
11
|
const auth0Instance = getAuth0Instance({ protocol, host });
|
|
5
12
|
const { token } = context?.request
|
|
6
13
|
? await auth0Instance.getAccessToken(context.request, context.response)
|
|
7
14
|
: await auth0Instance.getAccessToken();
|
|
15
|
+
log('Access token retrieved', { tokenLength: token?.length || 0 });
|
|
8
16
|
return token;
|
|
9
17
|
};
|
|
10
18
|
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getAccessToken.js","sources":["../../../../../src/server/helpers/getAccessToken.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"getAccessToken.js","sources":["../../../../../src/server/helpers/getAccessToken.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAMA,MAAM,GAAG,GAAG,KAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,cAAc,GAAG,OAAO,EACnC,QAAQ,EACR,IAAI,EACJ,OAAO,GACwC,KAAI;IACnD,GAAG,CAAC,sBAAsB,EAAE;QAC1B,IAAI;QACJ,QAAQ;AACR,QAAA,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO;AAC/B,KAAA,CAAC;IACF,MAAM,aAAa,GAAG,gBAAgB,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;AAC1D,IAAA,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,EAAE;AACzB,UAAE,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,QAAQ;AACtE,UAAE,MAAM,aAAa,CAAC,cAAc,EAAE;AACxC,IAAA,GAAG,CAAC,wBAAwB,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,IAAI,CAAC,EAAE,CAAC;AAClE,IAAA,OAAO,KAAK;AACd;;;;"}
|
|
@@ -1,33 +1,61 @@
|
|
|
1
|
+
import debug from 'debug';
|
|
1
2
|
import { getAccessToken } from './getAccessToken.js';
|
|
2
3
|
import { getAuth0Instance } from '../getAuth0Instance.js';
|
|
3
4
|
import { enrichUser } from '../../lib/enrichUser/session.js';
|
|
4
5
|
|
|
6
|
+
const log = debug('@smg-automotive/auth:user');
|
|
5
7
|
const getSessionData = async ({ protocol, host, context, }) => {
|
|
8
|
+
log('Retrieving session data', {
|
|
9
|
+
host,
|
|
10
|
+
protocol,
|
|
11
|
+
hasRequest: !!context?.request,
|
|
12
|
+
});
|
|
6
13
|
const auth0Instance = getAuth0Instance({ host, protocol });
|
|
7
|
-
|
|
8
|
-
? auth0Instance.getSession(context.request)
|
|
9
|
-
: auth0Instance.getSession();
|
|
14
|
+
const session = context?.request
|
|
15
|
+
? await auth0Instance.getSession(context.request)
|
|
16
|
+
: await auth0Instance.getSession();
|
|
17
|
+
log('Session retrieved', { hasSession: !!session, hasUser: !!session?.user });
|
|
18
|
+
return session;
|
|
10
19
|
};
|
|
11
20
|
const getUser = async ({ context, host, protocol, }) => {
|
|
21
|
+
log('Getting user', { host, protocol });
|
|
12
22
|
const sessionData = await getSessionData({ host, protocol, context });
|
|
13
|
-
if (!sessionData || !sessionData.user)
|
|
23
|
+
if (!sessionData || !sessionData.user) {
|
|
24
|
+
log('No session or user found');
|
|
14
25
|
return null;
|
|
15
|
-
|
|
26
|
+
}
|
|
27
|
+
const user = sessionData.user;
|
|
28
|
+
log('User retrieved', {
|
|
29
|
+
userId: user.userId,
|
|
30
|
+
sellerId: user.sellerId,
|
|
31
|
+
});
|
|
32
|
+
return user;
|
|
16
33
|
};
|
|
17
34
|
const getEnrichedUser = async ({ brand, context, host, protocol, }) => {
|
|
35
|
+
log('Getting enriched user', { brand, host, protocol });
|
|
18
36
|
const user = await getUser({ host, protocol, context });
|
|
19
|
-
if (!user)
|
|
37
|
+
if (!user) {
|
|
38
|
+
log('No user found, cannot enrich');
|
|
20
39
|
return null;
|
|
40
|
+
}
|
|
41
|
+
log('Retrieving access token for enrichment');
|
|
21
42
|
const accessToken = await getAccessToken({
|
|
22
43
|
host,
|
|
23
44
|
protocol,
|
|
24
45
|
context,
|
|
25
46
|
});
|
|
26
|
-
|
|
47
|
+
log('Access token retrieved, enriching user');
|
|
48
|
+
const enrichedUser = await enrichUser({
|
|
27
49
|
user,
|
|
28
50
|
accessToken,
|
|
29
51
|
brand,
|
|
30
52
|
});
|
|
53
|
+
log('User enriched successfully', {
|
|
54
|
+
userId: enrichedUser.userId,
|
|
55
|
+
sellerId: enrichedUser.sellerId,
|
|
56
|
+
hasEntitlements: !!enrichedUser.entitlements,
|
|
57
|
+
});
|
|
58
|
+
return enrichedUser;
|
|
31
59
|
};
|
|
32
60
|
|
|
33
61
|
export { getEnrichedUser, getUser };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getUser.js","sources":["../../../../../src/server/helpers/getUser.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"getUser.js","sources":["../../../../../src/server/helpers/getUser.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAYA,MAAM,GAAG,GAAG,KAAK,CAAC,2BAA2B,CAAC;AAE9C,MAAM,cAAc,GAAG,OAAO,EAC5B,QAAQ,EACR,IAAI,EACJ,OAAO,GACwC,KAAI;IACnD,GAAG,CAAC,yBAAyB,EAAE;QAC7B,IAAI;QACJ,QAAQ;AACR,QAAA,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO;AAC/B,KAAA,CAAC;IACF,MAAM,aAAa,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AAE1D,IAAA,MAAM,OAAO,GAAG,OAAO,EAAE;UACrB,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO;AAChD,UAAE,MAAM,aAAa,CAAC,UAAU,EAAE;AAEpC,IAAA,GAAG,CAAC,mBAAmB,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC;AAC7E,IAAA,OAAO,OAAO;AAChB,CAAC;AAEM,MAAM,OAAO,GAAG,OAAO,EAC5B,OAAO,EACP,IAAI,EACJ,QAAQ,GAEY,KAAiC;IACrD,GAAG,CAAC,cAAc,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AACvC,IAAA,MAAM,WAAW,GAAG,MAAM,cAAc,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;IACrE,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE;QACrC,GAAG,CAAC,0BAA0B,CAAC;AAC/B,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,IAAI,GAAG,WAAW,CAAC,IAAmB;IAC5C,GAAG,CAAC,gBAAgB,EAAE;QACpB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;AACxB,KAAA,CAAC;AACF,IAAA,OAAO,IAAI;AACb;AAEO,MAAM,eAAe,GAAG,OAAO,EACpC,KAAK,EACL,OAAO,EACP,IAAI,EACJ,QAAQ,GAIP,KAAyC;IAC1C,GAAG,CAAC,uBAAuB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AACvD,IAAA,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;IACvD,IAAI,CAAC,IAAI,EAAE;QACT,GAAG,CAAC,8BAA8B,CAAC;AACnC,QAAA,OAAO,IAAI;IACb;IAEA,GAAG,CAAC,wCAAwC,CAAC;AAC7C,IAAA,MAAM,WAAW,GAAG,MAAM,cAAc,CAAC;QACvC,IAAI;QACJ,QAAQ;QACR,OAAO;AACR,KAAA,CAAC;IACF,GAAG,CAAC,wCAAwC,CAAC;AAC7C,IAAA,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC;QACpC,IAAI;QACJ,WAAW;QACX,KAAK;AACN,KAAA,CAAC;IACF,GAAG,CAAC,4BAA4B,EAAE;QAChC,MAAM,EAAE,YAAY,CAAC,MAAM;QAC3B,QAAQ,EAAE,YAAY,CAAC,QAAQ;AAC/B,QAAA,eAAe,EAAE,CAAC,CAAC,YAAY,CAAC,YAAY;AAC7C,KAAA,CAAC;AACF,IAAA,OAAO,YAAY;AACrB;;;;"}
|
|
@@ -1,13 +1,16 @@
|
|
|
1
1
|
import { NextResponse } from 'next/server';
|
|
2
|
+
import debug from 'debug';
|
|
2
3
|
import { getAuth0Config } from '../../config/auth0.js';
|
|
3
4
|
import { getAuth0Instance } from '../getAuth0Instance.js';
|
|
4
5
|
import { handleAccessTokenRequest } from './token.js';
|
|
6
|
+
import { getOrCreateRequestId, requestIdHeader } from './requestId.js';
|
|
5
7
|
import { protectRoute } from './protectRoute.js';
|
|
6
8
|
import { handleUserProfile } from './profile.js';
|
|
7
9
|
import { handleCrossDomainLogout, deleteRelatedSessionCookies } from './logout.js';
|
|
8
10
|
import { addLoginParams } from './login.js';
|
|
9
11
|
import { combineHeaders } from './combineHeaders.js';
|
|
10
12
|
|
|
13
|
+
const log = debug('@smg-automotive/auth:middleware');
|
|
11
14
|
const isAuthRoute = (pathname, auth0Config) => {
|
|
12
15
|
const { loginEndpoint, logoutEndpoint, callbackEndpoint, userProfileEndpoint, tokenEndpoint, } = auth0Config;
|
|
13
16
|
return [
|
|
@@ -19,13 +22,22 @@ const isAuthRoute = (pathname, auth0Config) => {
|
|
|
19
22
|
].includes(pathname);
|
|
20
23
|
};
|
|
21
24
|
const authMiddleware = async ({ request, isProtectedRoute, language, host, protocol, onError, brand, }) => {
|
|
25
|
+
const requestId = getOrCreateRequestId(request);
|
|
22
26
|
const { pathname } = request.nextUrl;
|
|
27
|
+
log('Processing request', {
|
|
28
|
+
requestId,
|
|
29
|
+
pathname,
|
|
30
|
+
host,
|
|
31
|
+
protocol,
|
|
32
|
+
method: request.method,
|
|
33
|
+
});
|
|
23
34
|
const auth0Instance = getAuth0Instance({
|
|
24
35
|
host,
|
|
25
36
|
protocol,
|
|
26
37
|
});
|
|
27
38
|
const auth0Config = getAuth0Config();
|
|
28
39
|
const isAuthErrorRoute = pathname.endsWith(auth0Config.globalAuthErrorPath);
|
|
40
|
+
log('Auth route check', { requestId, pathname, isAuthErrorRoute });
|
|
29
41
|
const crossDomainLogoutResult = handleCrossDomainLogout({
|
|
30
42
|
host,
|
|
31
43
|
protocol,
|
|
@@ -33,13 +45,18 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
33
45
|
auth0Config,
|
|
34
46
|
});
|
|
35
47
|
if (crossDomainLogoutResult) {
|
|
48
|
+
crossDomainLogoutResult.headers.set(requestIdHeader, requestId);
|
|
49
|
+
log('Cross-domain logout detected, redirecting', { requestId });
|
|
36
50
|
return crossDomainLogoutResult;
|
|
37
51
|
}
|
|
38
52
|
addLoginParams({
|
|
39
53
|
request,
|
|
40
54
|
auth0Config,
|
|
41
55
|
});
|
|
56
|
+
log('Calling Auth0 middleware', { requestId });
|
|
42
57
|
const authResponse = await auth0Instance.middleware(request);
|
|
58
|
+
authResponse.headers.set(requestIdHeader, requestId);
|
|
59
|
+
log('Auth0 middleware completed', { requestId, status: authResponse.status });
|
|
43
60
|
deleteRelatedSessionCookies({
|
|
44
61
|
host,
|
|
45
62
|
request,
|
|
@@ -54,6 +71,7 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
54
71
|
onError,
|
|
55
72
|
});
|
|
56
73
|
if (accessTokenRequestResult) {
|
|
74
|
+
log('Access token request handled', { requestId });
|
|
57
75
|
return accessTokenRequestResult;
|
|
58
76
|
}
|
|
59
77
|
const handleUserProfileResult = await handleUserProfile({
|
|
@@ -64,12 +82,15 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
64
82
|
brand,
|
|
65
83
|
});
|
|
66
84
|
if (handleUserProfileResult) {
|
|
85
|
+
log('User profile request handled', { requestId });
|
|
67
86
|
return handleUserProfileResult;
|
|
68
87
|
}
|
|
69
88
|
if (isAuthRoute(pathname, auth0Config) || isAuthErrorRoute) {
|
|
89
|
+
log('Auth route, returning response', { requestId });
|
|
70
90
|
return authResponse;
|
|
71
91
|
}
|
|
72
92
|
const isProtected = !isAuthErrorRoute && isProtectedRoute(pathname);
|
|
93
|
+
log('Route protection check', { requestId, pathname, isProtected });
|
|
73
94
|
const protectRouteResult = await protectRoute({
|
|
74
95
|
isProtected,
|
|
75
96
|
auth0Instance,
|
|
@@ -80,9 +101,14 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
80
101
|
onError,
|
|
81
102
|
});
|
|
82
103
|
if (protectRouteResult) {
|
|
104
|
+
log('Route protection handled', {
|
|
105
|
+
requestId,
|
|
106
|
+
redirected: protectRouteResult.status === 307,
|
|
107
|
+
});
|
|
83
108
|
return protectRouteResult;
|
|
84
109
|
}
|
|
85
|
-
|
|
110
|
+
log('Request completed, combining headers', { requestId });
|
|
111
|
+
const finalResponse = combineHeaders({
|
|
86
112
|
middlewareResponse: NextResponse.next({
|
|
87
113
|
request: {
|
|
88
114
|
headers: request.headers,
|
|
@@ -90,6 +116,8 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
90
116
|
}),
|
|
91
117
|
authResponse,
|
|
92
118
|
});
|
|
119
|
+
finalResponse.headers.set(requestIdHeader, requestId);
|
|
120
|
+
return finalResponse;
|
|
93
121
|
};
|
|
94
122
|
|
|
95
123
|
export { authMiddleware };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;;;;;AAiBA,MAAM,GAAG,GAAG,KAAK,CAAC,iCAAiC,CAAC;AAEpD,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,KAAK,GASN,KAA2B;AAC1B,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;AAE/C,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO;IACpC,GAAG,CAAC,oBAAoB,EAAE;QACxB,SAAS;QACT,QAAQ;QACR,IAAI;QACJ,QAAQ;QACR,MAAM,EAAE,OAAO,CAAC,MAAM;AACvB,KAAA,CAAC;IAEF,MAAM,aAAa,GAAG,gBAAgB,CAAC;QACrC,IAAI;QACJ,QAAQ;AACT,KAAA,CAAC;AAEF,IAAA,MAAM,WAAW,GAAG,cAAc,EAAE;IACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC3E,GAAG,CAAC,kBAAkB,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC;IAElE,MAAM,uBAAuB,GAAG,uBAAuB,CAAC;QACtD,IAAI;QACJ,QAAQ;QACR,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;QAC3B,uBAAuB,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC;AAC/D,QAAA,GAAG,CAAC,2CAA2C,EAAE,EAAE,SAAS,EAAE,CAAC;AAC/D,QAAA,OAAO,uBAAuB;IAChC;AAEA,IAAA,cAAc,CAAC;QACb,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,GAAG,CAAC,0BAA0B,EAAE,EAAE,SAAS,EAAE,CAAC;IAC9C,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAC5D,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC;AACpD,IAAA,GAAG,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,EAAE,CAAC;AAE7E,IAAA,2BAA2B,CAAC;QAC1B,IAAI;QACJ,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,MAAM,wBAAwB,GAAG,MAAM,wBAAwB,CAAC;QAC9D,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,OAAO;AACR,KAAA,CAAC;IACF,IAAI,wBAAwB,EAAE;AAC5B,QAAA,GAAG,CAAC,8BAA8B,EAAE,EAAE,SAAS,EAAE,CAAC;AAClD,QAAA,OAAO,wBAAwB;IACjC;AAEA,IAAA,MAAM,uBAAuB,GAAG,MAAM,iBAAiB,CAAC;QACtD,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,KAAK;AACN,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;AAC3B,QAAA,GAAG,CAAC,8BAA8B,EAAE,EAAE,SAAS,EAAE,CAAC;AAClD,QAAA,OAAO,uBAAuB;IAChC;IAEA,IAAI,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,IAAI,gBAAgB,EAAE;AAC1D,QAAA,GAAG,CAAC,gCAAgC,EAAE,EAAE,SAAS,EAAE,CAAC;AACpD,QAAA,OAAO,YAAY;IACrB;IAEA,MAAM,WAAW,GAAG,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,QAAQ,CAAC;IACnE,GAAG,CAAC,wBAAwB,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;AACnE,IAAA,MAAM,kBAAkB,GAAG,MAAM,YAAY,CAAC;QAC5C,WAAW;QACX,aAAa;QACb,WAAW;QACX,QAAQ;QACR,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,OAAO;AACR,KAAA,CAAC;IACF,IAAI,kBAAkB,EAAE;QACtB,GAAG,CAAC,0BAA0B,EAAE;YAC9B,SAAS;AACT,YAAA,UAAU,EAAE,kBAAkB,CAAC,MAAM,KAAK,GAAG;AAC9C,SAAA,CAAC;AACF,QAAA,OAAO,kBAAkB;IAC3B;AAEA,IAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;IAC1D,MAAM,aAAa,GAAG,cAAc,CAAC;AACnC,QAAA,kBAAkB,EAAE,YAAY,CAAC,IAAI,CAAC;AACpC,YAAA,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;AACzB,aAAA;SACF,CAAC;QACF,YAAY;AACb,KAAA,CAAC;IACF,aAAa,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC;AACrD,IAAA,OAAO,aAAa;AACtB;;;;"}
|
|
@@ -1,5 +1,8 @@
|
|
|
1
1
|
import { NextResponse } from 'next/server';
|
|
2
|
+
import debug from 'debug';
|
|
3
|
+
import { getOrCreateRequestId } from './requestId.js';
|
|
2
4
|
|
|
5
|
+
const log = debug('@smg-automotive/auth:logout');
|
|
3
6
|
const validateReturnTo = ({ pathOrUrl, host, protocol, otherDomainHost, crossDomainLogout, }) => {
|
|
4
7
|
if (typeof pathOrUrl !== 'string')
|
|
5
8
|
return false;
|
|
@@ -44,9 +47,12 @@ const getOtherDomainHost = (currentHost) => {
|
|
|
44
47
|
const handleCrossDomainLogout = ({ host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }) => {
|
|
45
48
|
if (request.nextUrl.pathname !== logoutEndpoint)
|
|
46
49
|
return;
|
|
50
|
+
const requestId = getOrCreateRequestId(request);
|
|
51
|
+
log('Handling logout request', { requestId, host, protocol });
|
|
47
52
|
const searchParams = new URLSearchParams(request.nextUrl.search);
|
|
48
53
|
const specifiedReturnTo = searchParams.get('returnTo') || '';
|
|
49
54
|
const crossDomainLogout = searchParams.get('crossDomain') === 'true';
|
|
55
|
+
log('Logout parameters', { requestId, specifiedReturnTo, crossDomainLogout });
|
|
50
56
|
const otherDomainHost = getOtherDomainHost(host);
|
|
51
57
|
const currentDomainUrl = `${protocol}://${host}`;
|
|
52
58
|
const locale = searchParams.get('locale');
|
|
@@ -58,16 +64,23 @@ const handleCrossDomainLogout = ({ host, protocol, request, auth0Config: { langu
|
|
|
58
64
|
pathOrUrl: specifiedReturnTo,
|
|
59
65
|
crossDomainLogout,
|
|
60
66
|
});
|
|
67
|
+
log('ReturnTo validation', { requestId, isSafePath, specifiedReturnTo });
|
|
61
68
|
if (isSafePath && specifiedReturnTo) {
|
|
62
69
|
returnTo = specifiedReturnTo;
|
|
63
70
|
}
|
|
64
71
|
if (!crossDomainLogout && otherDomainHost && otherDomainHost !== host) {
|
|
72
|
+
log('Initiating cross-domain logout', { requestId, otherDomainHost });
|
|
65
73
|
const backToCurrentDomainUrl = new URL(logoutEndpoint, currentDomainUrl);
|
|
66
74
|
backToCurrentDomainUrl.searchParams.set('returnTo', returnTo);
|
|
67
75
|
backToCurrentDomainUrl.searchParams.set('crossDomain', 'true');
|
|
68
76
|
const otherDomainLogoutUrl = new URL(logoutEndpoint, `${protocol}://${otherDomainHost}`);
|
|
69
77
|
otherDomainLogoutUrl.searchParams.set('crossDomain', 'true');
|
|
70
78
|
otherDomainLogoutUrl.searchParams.set('returnTo', backToCurrentDomainUrl.toString());
|
|
79
|
+
log('Redirecting to other domain for logout', {
|
|
80
|
+
requestId,
|
|
81
|
+
otherDomainHost,
|
|
82
|
+
returnUrl: backToCurrentDomainUrl.toString(),
|
|
83
|
+
});
|
|
71
84
|
return NextResponse.redirect(otherDomainLogoutUrl, {
|
|
72
85
|
status: 302,
|
|
73
86
|
});
|
|
@@ -94,24 +107,30 @@ const getLegacyCookieDomain = (hostname) => {
|
|
|
94
107
|
const deleteRelatedSessionCookies = ({ host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }) => {
|
|
95
108
|
if (request.nextUrl.pathname !== logoutEndpoint || !response)
|
|
96
109
|
return;
|
|
97
|
-
|
|
110
|
+
const requestId = getOrCreateRequestId(request);
|
|
111
|
+
const cookiesToDelete = authCookieNames.flatMap((cookieName) => [
|
|
112
|
+
cookieName,
|
|
113
|
+
`${cookieName}__0`,
|
|
114
|
+
`${cookieName}__1`,
|
|
115
|
+
]);
|
|
116
|
+
log('Deleting session cookies', {
|
|
117
|
+
requestId,
|
|
118
|
+
host,
|
|
119
|
+
cookies: cookiesToDelete,
|
|
120
|
+
});
|
|
121
|
+
cookiesToDelete.forEach((cookieName) => {
|
|
98
122
|
response.cookies.delete({
|
|
99
123
|
name: cookieName,
|
|
100
124
|
maxAge: 0,
|
|
101
125
|
path: '/',
|
|
102
126
|
});
|
|
103
|
-
response.cookies.delete({
|
|
104
|
-
name: `${cookieName}__0`,
|
|
105
|
-
maxAge: 0,
|
|
106
|
-
path: '/',
|
|
107
|
-
});
|
|
108
|
-
response.cookies.delete({
|
|
109
|
-
name: `${cookieName}__1`,
|
|
110
|
-
maxAge: 0,
|
|
111
|
-
path: '/',
|
|
112
|
-
});
|
|
113
127
|
});
|
|
114
128
|
const legacyCookieDomain = getLegacyCookieDomain(host);
|
|
129
|
+
log('Deleting legacy cookies', {
|
|
130
|
+
requestId,
|
|
131
|
+
cookies: [legacyAccessTokenName, legacyRefreshTokenName],
|
|
132
|
+
legacyCookieDomain,
|
|
133
|
+
});
|
|
115
134
|
response.cookies.delete({
|
|
116
135
|
name: legacyAccessTokenName,
|
|
117
136
|
maxAge: 0,
|
|
@@ -124,6 +143,7 @@ const deleteRelatedSessionCookies = ({ host, request, response, auth0Config: { l
|
|
|
124
143
|
path: '/',
|
|
125
144
|
domain: legacyCookieDomain,
|
|
126
145
|
});
|
|
146
|
+
log('All session cookies deleted', { requestId });
|
|
127
147
|
};
|
|
128
148
|
|
|
129
149
|
export { deleteRelatedSessionCookies, handleCrossDomainLogout };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logout.js","sources":["../../../../../src/server/middleware/logout.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"logout.js","sources":["../../../../../src/server/middleware/logout.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;AAOA,MAAM,GAAG,GAAG,KAAK,CAAC,6BAA6B,CAAC;AAEhD,MAAM,gBAAgB,GAAG,CAAC,EACxB,SAAS,EACT,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,iBAAiB,GAOlB,KAAI;IACH,IAAI,OAAO,SAAS,KAAK,QAAQ;AAAE,QAAA,OAAO,KAAK;AAC/C,IAAA,IAAI,SAAS,CAAC,MAAM,GAAG,IAAI;AAAE,QAAA,OAAO,KAAK;AAEzC,IAAA,IAAI;AACF,QAAA,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,SAAS,CAAC;QACtD,MAAM,KAAK,GAAG,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC;QACjD,MAAM,eAAe,GAAG,IAAI,GAAG,CAC7B,KAAK,GAAG,gBAAgB,GAAG,GAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,CAAA,EAAG,gBAAgB,CAAA,CAAE,CACtE;AACD,QAAA,MAAM,WAAW,GAAG,eAAe,CAAC,QAAQ;AAE5C,QAAA,IACE,iBAAiB;YACjB,KAAK;AACL,YAAA,eAAe,CAAC,IAAI,KAAK,eAAe,EACxC;AACA,YAAA,OAAO,KAAK;QACd;QAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,CAAC,IAAI,KAAK,IAAI,EAAE;AACvD,YAAA,OAAO,KAAK;QACd;AAEA,QAAA,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;AAChE,YAAA,OAAO,KAAK;QACd;;;QAIA,MAAM,eAAe,GAAG,yBAAyB;AACjD,QAAA,OAAO,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC;IAC1C;IAAE,OAAO,KAAK,EAAE;;AAEd,QAAA,OAAO,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,CAAC;AACjD,QAAA,OAAO,KAAK;IACd;AACF,CAAC;AAED,MAAM,kBAAkB,GAAG,CAAC,WAAmB,KAAY;AACzD,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,OAAO,WAAW;AACpB,CAAC;MAEY,uBAAuB,GAAG,CAAC,EACtC,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,WAAW,EAAE,EAAE,cAAc,EAAE,cAAc,EAAE,GAMhD,KAAyB;AACxB,IAAA,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,cAAc;QAAE;AAEjD,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;IAC/C,GAAG,CAAC,yBAAyB,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAC7D,MAAM,YAAY,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC;IAEhE,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE;IAC5D,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CAAC,aAAa,CAAC,KAAK,MAAM;IACpE,GAAG,CAAC,mBAAmB,EAAE,EAAE,SAAS,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,CAAC;AAE7E,IAAA,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,CAAC;AAChD,IAAA,MAAM,gBAAgB,GAAG,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,EAAE;IAChD,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC;AACzC,IAAA,IAAI,QAAQ,GAAG,MAAM,GAAG,CAAA,CAAA,EAAI,MAAM,CAAA,CAAE,GAAG,CAAA,CAAA,EAAI,cAAc,CAAC,OAAO,EAAE;IACnE,MAAM,UAAU,GAAG,gBAAgB,CAAC;QAClC,QAAQ;QACR,IAAI;QACJ,eAAe;AACf,QAAA,SAAS,EAAE,iBAAiB;QAC5B,iBAAiB;AAClB,KAAA,CAAC;IACF,GAAG,CAAC,qBAAqB,EAAE,EAAE,SAAS,EAAE,UAAU,EAAE,iBAAiB,EAAE,CAAC;AACxE,IAAA,IAAI,UAAU,IAAI,iBAAiB,EAAE;QACnC,QAAQ,GAAG,iBAAiB;IAC9B;IAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,IAAI,eAAe,KAAK,IAAI,EAAE;QACrE,GAAG,CAAC,gCAAgC,EAAE,EAAE,SAAS,EAAE,eAAe,EAAE,CAAC;QACrE,MAAM,sBAAsB,GAAG,IAAI,GAAG,CAAC,cAAc,EAAE,gBAAgB,CAAC;QACxE,sBAAsB,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC;QAC7D,sBAAsB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC;AAE9D,QAAA,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAClC,cAAc,EACd,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,eAAe,CAAA,CAAE,CACnC;QACD,oBAAoB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC;AAC5D,QAAA,oBAAoB,CAAC,YAAY,CAAC,GAAG,CACnC,UAAU,EACV,sBAAsB,CAAC,QAAQ,EAAE,CAClC;QAED,GAAG,CAAC,wCAAwC,EAAE;YAC5C,SAAS;YACT,eAAe;AACf,YAAA,SAAS,EAAE,sBAAsB,CAAC,QAAQ,EAAE;AAC7C,SAAA,CAAC;AACF,QAAA,OAAO,YAAY,CAAC,QAAQ,CAAC,oBAAoB,EAAE;AACjD,YAAA,MAAM,EAAE,GAAG;AACZ,SAAA,CAAC;IACJ;IAEA,IAAI,aAAa,GAAG,KAAK;AACzB,IAAA,IAAI;AACF,QAAA,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC;AACpD,QAAA,aAAa,GAAG,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC;IACpD;IAAE,OAAO,KAAK,EAAE;;AAEd,QAAA,OAAO,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,CAAC;IACjD;AAEA,IAAA,YAAY,CAAC,GAAG,CACd,UAAU,EACV,aAAa,GAAG,QAAQ,GAAG,CAAA,EAAG,gBAAgB,GAAG,QAAQ,CAAA,CAAE,CAC5D;IACD,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,YAAY,CAAC,QAAQ,EAAE;AAClD;AAEA,MAAM,qBAAqB,GAAG,CAAC,QAAgB,KAAI;IACjD,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC;AACjC,IAAA,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAE;AAE3C,IAAA,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;IACtC,OAAO,CAAA,CAAA,EAAI,IAAI,CAAA,CAAE;AACnB,CAAC;AAEM,MAAM,2BAA2B,GAAG,CAAC,EAC1C,IAAI,EACJ,OAAO,EACP,QAAQ,EACR,WAAW,EAAE,EACX,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,sBAAsB,GACvB,GAMF,KAAI;IACH,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,cAAc,IAAI,CAAC,QAAQ;QAAE;AAE9D,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;IAC/C,MAAM,eAAe,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC,UAAU,KAAK;QAC9D,UAAU;AACV,QAAA,CAAA,EAAG,UAAU,CAAA,GAAA,CAAK;AAClB,QAAA,CAAA,EAAG,UAAU,CAAA,GAAA,CAAK;AACnB,KAAA,CAAC;IACF,GAAG,CAAC,0BAA0B,EAAE;QAC9B,SAAS;QACT,IAAI;AACJ,QAAA,OAAO,EAAE,eAAe;AACzB,KAAA,CAAC;AACF,IAAA,eAAe,CAAC,OAAO,CAAC,CAAC,UAAU,KAAI;AACrC,QAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,YAAA,IAAI,EAAE,UAAU;AAChB,YAAA,MAAM,EAAE,CAAC;AACT,YAAA,IAAI,EAAE,GAAG;AACV,SAAA,CAAC;AACJ,IAAA,CAAC,CAAC;AAEF,IAAA,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,IAAI,CAAC;IACtD,GAAG,CAAC,yBAAyB,EAAE;QAC7B,SAAS;AACT,QAAA,OAAO,EAAE,CAAC,qBAAqB,EAAE,sBAAsB,CAAC;QACxD,kBAAkB;AACnB,KAAA,CAAC;AACF,IAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,QAAA,IAAI,EAAE,qBAAqB;AAC3B,QAAA,MAAM,EAAE,CAAC;AACT,QAAA,IAAI,EAAE,GAAG;AACT,QAAA,MAAM,EAAE,kBAAkB;AAC3B,KAAA,CAAC;AACF,IAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,QAAA,IAAI,EAAE,sBAAsB;AAC5B,QAAA,MAAM,EAAE,CAAC;AACT,QAAA,IAAI,EAAE,GAAG;AACT,QAAA,MAAM,EAAE,kBAAkB;AAC3B,KAAA,CAAC;AACF,IAAA,GAAG,CAAC,6BAA6B,EAAE,EAAE,SAAS,EAAE,CAAC;AACnD;;;;"}
|
|
@@ -1,10 +1,30 @@
|
|
|
1
|
+
import debug from 'debug';
|
|
2
|
+
import { getOrCreateRequestId } from './requestId.js';
|
|
3
|
+
|
|
4
|
+
const log = debug('@smg-automotive/auth:token');
|
|
1
5
|
const proactivelyRefreshAccessToken = async ({ request, response, auth0Instance, auth0Config, }) => {
|
|
6
|
+
const requestId = getOrCreateRequestId(request);
|
|
7
|
+
log('Checking if token refresh is needed', { requestId });
|
|
2
8
|
const session = await auth0Instance.getSession(request);
|
|
3
|
-
const
|
|
4
|
-
|
|
5
|
-
|
|
9
|
+
const expiresAt = session?.tokenSet.expiresAt || 0;
|
|
10
|
+
const expiresInSeconds = expiresAt - Date.now() / 1000;
|
|
11
|
+
const shouldRefresh = auth0Config.debugForceTokenRefresh || expiresAt < Date.now() / 1000 + 30;
|
|
12
|
+
log('Token refresh decision', {
|
|
13
|
+
requestId,
|
|
14
|
+
shouldRefresh,
|
|
15
|
+
expiresInSeconds: Math.round(expiresInSeconds),
|
|
16
|
+
debugForceRefresh: auth0Config.debugForceTokenRefresh,
|
|
17
|
+
hasSession: !!session,
|
|
18
|
+
});
|
|
19
|
+
const result = await auth0Instance.getAccessToken(request, response, {
|
|
6
20
|
refresh: shouldRefresh,
|
|
7
21
|
});
|
|
22
|
+
log('Access token retrieved', {
|
|
23
|
+
requestId,
|
|
24
|
+
expiresAt: result.expiresAt,
|
|
25
|
+
tokenLength: result.token.length,
|
|
26
|
+
});
|
|
27
|
+
return result;
|
|
8
28
|
};
|
|
9
29
|
|
|
10
30
|
export { proactivelyRefreshAccessToken };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAQA,MAAM,GAAG,GAAG,KAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,6BAA6B,GAAG,OAAO,EAClD,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,GAMZ,KAAmD;AAClD,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;AAC/C,IAAA,GAAG,CAAC,qCAAqC,EAAE,EAAE,SAAS,EAAE,CAAC;IACzD,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,MAAM,SAAS,GAAG,OAAO,EAAE,QAAQ,CAAC,SAAS,IAAI,CAAC;IAClD,MAAM,gBAAgB,GAAG,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI;AACtD,IAAA,MAAM,aAAa,GACjB,WAAW,CAAC,sBAAsB,IAAI,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,EAAE;IAE1E,GAAG,CAAC,wBAAwB,EAAE;QAC5B,SAAS;QACT,aAAa;AACb,QAAA,gBAAgB,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC;QAC9C,iBAAiB,EAAE,WAAW,CAAC,sBAAsB;QACrD,UAAU,EAAE,CAAC,CAAC,OAAO;AACtB,KAAA,CAAC;IAEF,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,EAAE,QAAQ,EAAE;AACnE,QAAA,OAAO,EAAE,aAAa;AACvB,KAAA,CAAC;IAEF,GAAG,CAAC,wBAAwB,EAAE;QAC5B,SAAS;QACT,SAAS,EAAE,MAAM,CAAC,SAAS;AAC3B,QAAA,WAAW,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM;AACjC,KAAA,CAAC;AAEF,IAAA,OAAO,MAAM;AACf;;;;"}
|
|
@@ -1,10 +1,13 @@
|
|
|
1
1
|
import { NextResponse } from 'next/server';
|
|
2
|
+
import debug from 'debug';
|
|
2
3
|
import { enrichUser } from '../../lib/enrichUser/session.js';
|
|
4
|
+
import { getOrCreateRequestId } from './requestId.js';
|
|
3
5
|
import { proactivelyRefreshAccessToken } from './proactivelyRefreshAccessToken.js';
|
|
4
6
|
import { combineHeaders } from './combineHeaders.js';
|
|
5
7
|
import { combineCookies } from './combineCookies.js';
|
|
6
8
|
import { addCachingHeaders } from './addCachingHeaders.js';
|
|
7
9
|
|
|
10
|
+
const log = debug('@smg-automotive/auth:profile');
|
|
8
11
|
const responseHeaders = {
|
|
9
12
|
Vary: 'Cookie, Authorization',
|
|
10
13
|
'Cache-Control': 'private, no-cache, no-store, must-revalidate, max-age=0',
|
|
@@ -14,8 +17,11 @@ const responseHeaders = {
|
|
|
14
17
|
const handleUserProfile = async ({ request, response, auth0Instance, auth0Config, brand, }) => {
|
|
15
18
|
if (request.nextUrl.pathname !== auth0Config.userProfileEndpoint)
|
|
16
19
|
return;
|
|
20
|
+
const requestId = getOrCreateRequestId(request);
|
|
21
|
+
log('Handling user profile request', { requestId, brand });
|
|
17
22
|
const session = await auth0Instance.getSession(request);
|
|
18
23
|
if (!session) {
|
|
24
|
+
log('No session found for profile request', { requestId });
|
|
19
25
|
return new NextResponse(null, {
|
|
20
26
|
status: 204,
|
|
21
27
|
headers: responseHeaders,
|
|
@@ -23,17 +29,29 @@ const handleUserProfile = async ({ request, response, auth0Instance, auth0Config
|
|
|
23
29
|
}
|
|
24
30
|
try {
|
|
25
31
|
const user = session.user;
|
|
32
|
+
log('User found, refreshing token and enriching', {
|
|
33
|
+
requestId,
|
|
34
|
+
userId: user.userId,
|
|
35
|
+
sellerId: user.sellerId,
|
|
36
|
+
});
|
|
26
37
|
const { token } = await proactivelyRefreshAccessToken({
|
|
27
38
|
request,
|
|
28
39
|
response,
|
|
29
40
|
auth0Instance,
|
|
30
41
|
auth0Config,
|
|
31
42
|
});
|
|
43
|
+
log('Token refreshed, enriching user', { requestId });
|
|
32
44
|
const enrichedUser = await enrichUser({
|
|
33
45
|
user,
|
|
34
46
|
accessToken: token,
|
|
35
47
|
brand,
|
|
36
48
|
});
|
|
49
|
+
log('User enriched successfully', {
|
|
50
|
+
requestId,
|
|
51
|
+
userId: enrichedUser.userId,
|
|
52
|
+
sellerId: enrichedUser.sellerId,
|
|
53
|
+
hasEntitlements: !!enrichedUser.entitlements,
|
|
54
|
+
});
|
|
37
55
|
const userResponse = NextResponse.json(enrichedUser);
|
|
38
56
|
const responseWithCombinedHeaders = combineHeaders({
|
|
39
57
|
middlewareResponse: userResponse,
|
|
@@ -49,8 +67,11 @@ const handleUserProfile = async ({ request, response, auth0Instance, auth0Config
|
|
|
49
67
|
return responseWithCombinedHeaders;
|
|
50
68
|
}
|
|
51
69
|
catch (error) {
|
|
52
|
-
|
|
53
|
-
|
|
70
|
+
log('User Profile error loading entitlements', {
|
|
71
|
+
requestId,
|
|
72
|
+
error: error instanceof Error ? error.message : String(error),
|
|
73
|
+
stack: error instanceof Error ? error.stack : undefined,
|
|
74
|
+
});
|
|
54
75
|
let responseCode = 'UNKNOWN_AUTH_ERROR';
|
|
55
76
|
if (error &&
|
|
56
77
|
typeof error === 'object' &&
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"profile.js","sources":["../../../../../src/server/middleware/profile.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"profile.js","sources":["../../../../../src/server/middleware/profile.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;;AAcA,MAAM,GAAG,GAAG,KAAK,CAAC,8BAA8B,CAAC;AAEjD,MAAM,eAAe,GAAG;AACtB,IAAA,IAAI,EAAE,uBAAuB;AAC7B,IAAA,eAAe,EAAE,yDAAyD;AAC1E,IAAA,MAAM,EAAE,UAAU;AAClB,IAAA,OAAO,EAAE,GAAG;CACb;AAEM,MAAM,iBAAiB,GAAG,OAAO,EACtC,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,EACX,KAAK,GAON,KAAkC;IACjC,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,WAAW,CAAC,mBAAmB;QAAE;AAElE,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;IAC/C,GAAG,CAAC,+BAA+B,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;IAC1D,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;AAC1D,QAAA,OAAO,IAAI,YAAY,CAAC,IAAI,EAAE;AAC5B,YAAA,MAAM,EAAE,GAAG;AACX,YAAA,OAAO,EAAE,eAAe;AACzB,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;AACF,QAAA,MAAM,IAAI,GAAG,OAAO,CAAC,IAAmB;QACxC,GAAG,CAAC,4CAA4C,EAAE;YAChD,SAAS;YACT,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;AACxB,SAAA,CAAC;AACF,QAAA,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,6BAA6B,CAAC;YACpD,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;AACF,QAAA,GAAG,CAAC,iCAAiC,EAAE,EAAE,SAAS,EAAE,CAAC;AACrD,QAAA,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC;YACpC,IAAI;AACJ,YAAA,WAAW,EAAE,KAAK;YAClB,KAAK;AACN,SAAA,CAAC;QAEF,GAAG,CAAC,4BAA4B,EAAE;YAChC,SAAS;YACT,MAAM,EAAE,YAAY,CAAC,MAAM;YAC3B,QAAQ,EAAE,YAAY,CAAC,QAAQ;AAC/B,YAAA,eAAe,EAAE,CAAC,CAAC,YAAY,CAAC,YAAY;AAC7C,SAAA,CAAC;QACF,MAAM,YAAY,GAAG,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC;QACpD,MAAM,2BAA2B,GAAG,cAAc,CAAC;AACjD,YAAA,kBAAkB,EAAE,YAAY;AAChC,YAAA,YAAY,EAAE,QAAQ;AACtB,YAAA,eAAe,EAAE,IAAI;AACtB,SAAA,CAAC;QACF,iBAAiB,CAAC,2BAA2B,CAAC;;AAE9C,QAAA,cAAc,CAAC;AACb,YAAA,cAAc,EAAE,QAAQ;AACxB,YAAA,cAAc,EAAE,2BAA2B;AAC5C,SAAA,CAAC;AACF,QAAA,OAAO,2BAA2B;IACpC;IAAE,OAAO,KAAc,EAAE;QACvB,GAAG,CAAC,yCAAyC,EAAE;YAC7C,SAAS;AACT,YAAA,KAAK,EAAE,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC7D,YAAA,KAAK,EAAE,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,KAAK,GAAG,SAAS;AACxD,SAAA,CAAC;QAEF,IAAI,YAAY,GAAG,oBAAoB;AACvC,QAAA,IACE,KAAK;YACL,OAAO,KAAK,KAAK,QAAQ;AACzB,YAAA,MAAM,IAAI,KAAK;AACf,YAAA,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAC9B;AACA,YAAA,YAAY,GAAG,KAAK,CAAC,IAAI;QAC3B;AAEA,QAAA,OAAO,YAAY,CAAC,IAAI,CACtB,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,EAAE,EACjC;AACE,YAAA,MAAM,EAAE,GAAG;AACX,YAAA,OAAO,EAAE,eAAe;AACzB,SAAA,CACF;IACH;AACF;;;;"}
|