@smg-automotive/auth 8.2.0 → 8.2.1-instrumentation-with-debug.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +66 -0
- package/dist/cjs/server/helpers/getAccessToken.js +12 -0
- package/dist/cjs/server/helpers/getAccessToken.js.map +1 -1
- package/dist/cjs/server/helpers/getUser.js +39 -7
- package/dist/cjs/server/helpers/getUser.js.map +1 -1
- package/dist/cjs/server/middleware/index.js +33 -1
- package/dist/cjs/server/middleware/index.js.map +1 -1
- package/dist/cjs/server/middleware/logout.js +35 -11
- package/dist/cjs/server/middleware/logout.js.map +1 -1
- package/dist/cjs/server/middleware/proactivelyRefreshAccessToken.js +27 -3
- package/dist/cjs/server/middleware/proactivelyRefreshAccessToken.js.map +1 -1
- package/dist/cjs/server/middleware/profile.js +27 -2
- package/dist/cjs/server/middleware/profile.js.map +1 -1
- package/dist/cjs/server/middleware/protectRoute.js +26 -1
- package/dist/cjs/server/middleware/protectRoute.js.map +1 -1
- package/dist/cjs/server/middleware/requestId.d.ts +8 -0
- package/dist/cjs/server/middleware/requestId.js +29 -0
- package/dist/cjs/server/middleware/requestId.js.map +1 -0
- package/dist/cjs/server/middleware/token.js +20 -0
- package/dist/cjs/server/middleware/token.js.map +1 -1
- package/dist/esm/server/helpers/getAccessToken.js +8 -0
- package/dist/esm/server/helpers/getAccessToken.js.map +1 -1
- package/dist/esm/server/helpers/getUser.js +35 -7
- package/dist/esm/server/helpers/getUser.js.map +1 -1
- package/dist/esm/server/middleware/index.js +29 -1
- package/dist/esm/server/middleware/index.js.map +1 -1
- package/dist/esm/server/middleware/logout.js +31 -11
- package/dist/esm/server/middleware/logout.js.map +1 -1
- package/dist/esm/server/middleware/proactivelyRefreshAccessToken.js +23 -3
- package/dist/esm/server/middleware/proactivelyRefreshAccessToken.js.map +1 -1
- package/dist/esm/server/middleware/profile.js +23 -2
- package/dist/esm/server/middleware/profile.js.map +1 -1
- package/dist/esm/server/middleware/protectRoute.js +22 -1
- package/dist/esm/server/middleware/protectRoute.js.map +1 -1
- package/dist/esm/server/middleware/requestId.d.ts +8 -0
- package/dist/esm/server/middleware/requestId.js +26 -0
- package/dist/esm/server/middleware/requestId.js.map +1 -0
- package/dist/esm/server/middleware/token.js +16 -0
- package/dist/esm/server/middleware/token.js.map +1 -1
- package/package.json +3 -1
|
@@ -1,7 +1,10 @@
|
|
|
1
1
|
import { NextResponse } from 'next/server';
|
|
2
|
+
import debug from 'debug';
|
|
2
3
|
import { getLoginLink } from '../../lib/authLinks.js';
|
|
4
|
+
import { getOrCreateRequestId } from './requestId.js';
|
|
3
5
|
import { proactivelyRefreshAccessToken } from './proactivelyRefreshAccessToken.js';
|
|
4
6
|
|
|
7
|
+
const log = debug('@smg-automotive/auth:protectRoute');
|
|
5
8
|
const redirectToLogin = ({ auth0Config, language, returnTo, origin, }) => {
|
|
6
9
|
const loginUrl = getLoginLink({
|
|
7
10
|
auth0Config,
|
|
@@ -13,12 +16,23 @@ const redirectToLogin = ({ auth0Config, language, returnTo, origin, }) => {
|
|
|
13
16
|
});
|
|
14
17
|
};
|
|
15
18
|
const protectRoute = async ({ isProtected, auth0Instance, auth0Config, language, request, response, onError, }) => {
|
|
16
|
-
const
|
|
19
|
+
const requestId = getOrCreateRequestId(request);
|
|
17
20
|
const { pathname, search, origin } = request.nextUrl;
|
|
21
|
+
log('Checking route protection', { requestId, pathname, isProtected });
|
|
22
|
+
const session = await auth0Instance.getSession(request);
|
|
23
|
+
log('Session check', {
|
|
24
|
+
requestId,
|
|
25
|
+
hasSession: !!session,
|
|
26
|
+
hasUser: !!session?.user,
|
|
27
|
+
});
|
|
18
28
|
if (!isProtected && !session?.user) {
|
|
29
|
+
log('Route not protected and no user session, allowing', { requestId });
|
|
19
30
|
return response;
|
|
20
31
|
}
|
|
21
32
|
if (!session && isProtected) {
|
|
33
|
+
log('Protected route without session, redirecting to login', {
|
|
34
|
+
requestId,
|
|
35
|
+
});
|
|
22
36
|
return redirectToLogin({
|
|
23
37
|
auth0Config,
|
|
24
38
|
language,
|
|
@@ -27,15 +41,22 @@ const protectRoute = async ({ isProtected, auth0Instance, auth0Config, language,
|
|
|
27
41
|
});
|
|
28
42
|
}
|
|
29
43
|
try {
|
|
44
|
+
log('Refreshing token for protected route', { requestId });
|
|
30
45
|
await proactivelyRefreshAccessToken({
|
|
31
46
|
request,
|
|
32
47
|
response,
|
|
33
48
|
auth0Instance,
|
|
34
49
|
auth0Config,
|
|
35
50
|
});
|
|
51
|
+
log('Token refreshed successfully, allowing access', { requestId });
|
|
36
52
|
}
|
|
37
53
|
catch (error) {
|
|
38
54
|
const authError = error;
|
|
55
|
+
log('Token refresh failed for protected route', {
|
|
56
|
+
requestId,
|
|
57
|
+
message: authError.message,
|
|
58
|
+
code: authError.code,
|
|
59
|
+
});
|
|
39
60
|
onError?.(authError);
|
|
40
61
|
return redirectToLogin({
|
|
41
62
|
auth0Config,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;AAYA,MAAM,GAAG,GAAG,KAAK,CAAC,mCAAmC,CAAC;AAEtD,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAkB;IACjB,MAAM,QAAQ,GAAG,YAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAO,YAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ,CAAC;MAEY,YAAY,GAAG,OAAO,EACjC,WAAW,EACX,aAAa,EACb,WAAW,EACX,QAAQ,EACR,OAAO,EACP,QAAQ,EACR,OAAO,GASR,KAAkC;AACjC,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;IAC/C,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;IACpD,GAAG,CAAC,2BAA2B,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;IAEtE,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,GAAG,CAAC,eAAe,EAAE;QACnB,SAAS;QACT,UAAU,EAAE,CAAC,CAAC,OAAO;AACrB,QAAA,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,IAAI;AACzB,KAAA,CAAC;IAEF,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClC,QAAA,GAAG,CAAC,mDAAmD,EAAE,EAAE,SAAS,EAAE,CAAC;AACvE,QAAA,OAAO,QAAQ;IACjB;AAEA,IAAA,IAAI,CAAC,OAAO,IAAI,WAAW,EAAE;QAC3B,GAAG,CAAC,uDAAuD,EAAE;YAC3D,SAAS;AACV,SAAA,CAAC;AACF,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;AAC1D,QAAA,MAAM,6BAA6B,CAAC;YAClC,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;AACF,QAAA,GAAG,CAAC,+CAA+C,EAAE,EAAE,SAAS,EAAE,CAAC;IACrE;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,0CAA0C,EAAE;YAC9C,SAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AAEpB,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AACF;;;;"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { NextRequest } from 'next/server';
|
|
2
|
+
export declare const requestIdHeader = "x-automotive-request-id";
|
|
3
|
+
/**
|
|
4
|
+
* Reads the request ID from the request header.
|
|
5
|
+
* Returns undefined if not present.
|
|
6
|
+
*/
|
|
7
|
+
export declare const getRequestId: (request: NextRequest) => string | undefined;
|
|
8
|
+
export declare const getOrCreateRequestId: (request: NextRequest) => string;
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
const requestIdHeader = 'x-automotive-request-id';
|
|
2
|
+
const generateRequestId = () => {
|
|
3
|
+
// UUID v4 format: xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx
|
|
4
|
+
// where x is any hex digit and y is one of 8, 9, A, B
|
|
5
|
+
return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, (c) => {
|
|
6
|
+
// eslint-disable-next-line sonarjs/pseudo-random
|
|
7
|
+
const r = (Math.random() * 16) | 0;
|
|
8
|
+
const v = c === 'x' ? r : (r & 0x3) | 0x8;
|
|
9
|
+
return v.toString(16);
|
|
10
|
+
});
|
|
11
|
+
};
|
|
12
|
+
const getRequestIdFromHeader = (request) => {
|
|
13
|
+
return request.headers.get(requestIdHeader) || undefined;
|
|
14
|
+
};
|
|
15
|
+
const getOrCreateRequestId = (request) => {
|
|
16
|
+
const idFromHeader = getRequestIdFromHeader(request);
|
|
17
|
+
if (idFromHeader) {
|
|
18
|
+
return idFromHeader;
|
|
19
|
+
}
|
|
20
|
+
const newId = generateRequestId();
|
|
21
|
+
request.headers.set(requestIdHeader, newId);
|
|
22
|
+
return newId;
|
|
23
|
+
};
|
|
24
|
+
|
|
25
|
+
export { getOrCreateRequestId, requestIdHeader };
|
|
26
|
+
//# sourceMappingURL=requestId.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"requestId.js","sources":["../../../../../src/server/middleware/requestId.ts"],"sourcesContent":[null],"names":[],"mappings":"AAEO,MAAM,eAAe,GAAG;AAE/B,MAAM,iBAAiB,GAAG,MAAa;;;IAGrC,OAAO,sCAAsC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,KAAI;;AAEnE,QAAA,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC;AAClC,QAAA,MAAM,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,IAAI,GAAG;AACzC,QAAA,OAAO,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;AACvB,IAAA,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,sBAAsB,GAAG,CAAC,OAAoB,KAAwB;IAC1E,OAAO,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,SAAS;AAC1D,CAAC;AAUM,MAAM,oBAAoB,GAAG,CAAC,OAAoB,KAAY;AACnE,IAAA,MAAM,YAAY,GAAG,sBAAsB,CAAC,OAAO,CAAC;IAEpD,IAAI,YAAY,EAAE;AAChB,QAAA,OAAO,YAAY;IACrB;AAEA,IAAA,MAAM,KAAK,GAAG,iBAAiB,EAAE;IACjC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,CAAC;AAC3C,IAAA,OAAO,KAAK;AACd;;;;"}
|
|
@@ -1,15 +1,24 @@
|
|
|
1
1
|
import { NextResponse } from 'next/server';
|
|
2
|
+
import debug from 'debug';
|
|
2
3
|
import { AccessTokenErrorCode } from '@auth0/nextjs-auth0/errors';
|
|
4
|
+
import { getOrCreateRequestId } from './requestId.js';
|
|
3
5
|
import { proactivelyRefreshAccessToken } from './proactivelyRefreshAccessToken.js';
|
|
4
6
|
import { combineHeaders } from './combineHeaders.js';
|
|
5
7
|
import { combineCookies } from './combineCookies.js';
|
|
6
8
|
import { addCachingHeaders } from './addCachingHeaders.js';
|
|
7
9
|
|
|
10
|
+
const log = debug('@smg-automotive/auth:token');
|
|
8
11
|
const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth0Config, onError, }) => {
|
|
9
12
|
if (request.nextUrl.pathname !== auth0Config.tokenEndpoint)
|
|
10
13
|
return;
|
|
14
|
+
const requestId = getOrCreateRequestId(request);
|
|
15
|
+
log('Handling access token request', {
|
|
16
|
+
requestId,
|
|
17
|
+
pathname: request.nextUrl.pathname,
|
|
18
|
+
});
|
|
11
19
|
const session = await auth0Instance.getSession(request);
|
|
12
20
|
if (!session) {
|
|
21
|
+
log('Access token request failed: no session', { requestId });
|
|
13
22
|
return NextResponse.json({
|
|
14
23
|
error: {
|
|
15
24
|
message: 'The user does not have an active session.',
|
|
@@ -20,12 +29,14 @@ const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth
|
|
|
20
29
|
});
|
|
21
30
|
}
|
|
22
31
|
try {
|
|
32
|
+
log('Refreshing access token', { requestId });
|
|
23
33
|
const { token, expiresAt } = await proactivelyRefreshAccessToken({
|
|
24
34
|
request,
|
|
25
35
|
response,
|
|
26
36
|
auth0Instance,
|
|
27
37
|
auth0Config,
|
|
28
38
|
});
|
|
39
|
+
log('Access token refreshed successfully', { requestId, expiresAt });
|
|
29
40
|
const tokenResponse = NextResponse.json({
|
|
30
41
|
token,
|
|
31
42
|
expiresAt,
|
|
@@ -45,6 +56,11 @@ const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth
|
|
|
45
56
|
}
|
|
46
57
|
catch (error) {
|
|
47
58
|
const authError = error;
|
|
59
|
+
log('Access token request error', {
|
|
60
|
+
requestId,
|
|
61
|
+
message: authError.message,
|
|
62
|
+
code: authError.code,
|
|
63
|
+
});
|
|
48
64
|
onError?.(authError);
|
|
49
65
|
return NextResponse.json({ error: { message: authError.message, code: authError.code } }, { status: 401 });
|
|
50
66
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token.js","sources":["../../../../../src/server/middleware/token.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"token.js","sources":["../../../../../src/server/middleware/token.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;;AAaA,MAAM,GAAG,GAAG,KAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,wBAAwB,GAAG,OAAO,EAC7C,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,EACX,OAAO,GAOR,KAAkC;IACjC,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,WAAW,CAAC,aAAa;QAAE;AAE5D,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;IAC/C,GAAG,CAAC,+BAA+B,EAAE;QACnC,SAAS;AACT,QAAA,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ;AACnC,KAAA,CAAC;IACF,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,GAAG,CAAC,yCAAyC,EAAE,EAAE,SAAS,EAAE,CAAC;QAC7D,OAAO,YAAY,CAAC,IAAI,CACtB;AACE,YAAA,KAAK,EAAE;AACL,gBAAA,OAAO,EAAE,2CAA2C;gBACpD,IAAI,EAAE,oBAAoB,CAAC,eAAe;AAC3C,aAAA;SACF,EACD;AACE,YAAA,MAAM,EAAE,GAAG;AACZ,SAAA,CACF;IACH;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,yBAAyB,EAAE,EAAE,SAAS,EAAE,CAAC;QAC7C,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,MAAM,6BAA6B,CAAC;YAC/D,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;QACF,GAAG,CAAC,qCAAqC,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;AACpE,QAAA,MAAM,aAAa,GAAG,YAAY,CAAC,IAAI,CAAC;YACtC,KAAK;YACL,SAAS;AACV,SAAA,CAAC;QACF,MAAM,2BAA2B,GAAG,cAAc,CAAC;AACjD,YAAA,kBAAkB,EAAE,aAAa;AACjC,YAAA,YAAY,EAAE,QAAQ;AACtB,YAAA,eAAe,EAAE,IAAI;AACtB,SAAA,CAAC;QACF,iBAAiB,CAAC,2BAA2B,CAAC;;AAE9C,QAAA,cAAc,CAAC;AACb,YAAA,cAAc,EAAE,QAAQ;AACxB,YAAA,cAAc,EAAE,2BAA2B;AAC5C,SAAA,CAAC;AACF,QAAA,OAAO,2BAA2B;IACpC;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,4BAA4B,EAAE;YAChC,SAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AACpB,QAAA,OAAO,YAAY,CAAC,IAAI,CACtB,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,EAC/D,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB;IACH;AACF;;;;"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@smg-automotive/auth",
|
|
3
|
-
"version": "8.2.
|
|
3
|
+
"version": "8.2.1-instrumentation-with-debug.2",
|
|
4
4
|
"description": "SMG Automotive auth package",
|
|
5
5
|
"exports": {
|
|
6
6
|
".": {
|
|
@@ -68,6 +68,7 @@
|
|
|
68
68
|
"@testing-library/jest-dom": "6.9.1",
|
|
69
69
|
"@testing-library/react": "16.3.0",
|
|
70
70
|
"@testing-library/user-event": "14.6.1",
|
|
71
|
+
"@types/debug": "4.1.12",
|
|
71
72
|
"@types/react": "19.2.2",
|
|
72
73
|
"dotenv": "17.2.3",
|
|
73
74
|
"jest": "30.2.0",
|
|
@@ -92,6 +93,7 @@
|
|
|
92
93
|
"@auth0/nextjs-auth0": "4.9.0",
|
|
93
94
|
"@smg-automotive/api-client-pkg": "4.5.0",
|
|
94
95
|
"@smg-automotive/i18n-pkg": "2.0.0",
|
|
96
|
+
"debug": "4.4.3",
|
|
95
97
|
"jose": "6.1.0",
|
|
96
98
|
"redis": "5.9.0"
|
|
97
99
|
},
|