@smg-automotive/auth 8.2.1-instrumentation-with-debug.1 → 8.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/server/middleware/index.js +18 -28
- package/dist/cjs/server/middleware/index.js.map +1 -1
- package/dist/cjs/server/middleware/logout.d.ts +2 -4
- package/dist/cjs/server/middleware/logout.js +13 -10
- package/dist/cjs/server/middleware/logout.js.map +1 -1
- package/dist/cjs/server/middleware/proactivelyRefreshAccessToken.d.ts +1 -2
- package/dist/cjs/server/middleware/proactivelyRefreshAccessToken.js +6 -4
- package/dist/cjs/server/middleware/proactivelyRefreshAccessToken.js.map +1 -1
- package/dist/cjs/server/middleware/profile.d.ts +1 -2
- package/dist/cjs/server/middleware/profile.js +9 -8
- package/dist/cjs/server/middleware/profile.js.map +1 -1
- package/dist/cjs/server/middleware/protectRoute.d.ts +1 -2
- package/dist/cjs/server/middleware/protectRoute.js +10 -9
- package/dist/cjs/server/middleware/protectRoute.js.map +1 -1
- package/dist/cjs/server/middleware/requestId.d.ts +8 -0
- package/dist/cjs/server/middleware/requestId.js +29 -0
- package/dist/cjs/server/middleware/requestId.js.map +1 -0
- package/dist/cjs/server/middleware/token.d.ts +1 -2
- package/dist/cjs/server/middleware/token.js +8 -7
- package/dist/cjs/server/middleware/token.js.map +1 -1
- package/dist/esm/server/middleware/index.js +7 -17
- package/dist/esm/server/middleware/index.js.map +1 -1
- package/dist/esm/server/middleware/logout.d.ts +2 -4
- package/dist/esm/server/middleware/logout.js +5 -2
- package/dist/esm/server/middleware/logout.js.map +1 -1
- package/dist/esm/server/middleware/proactivelyRefreshAccessToken.d.ts +1 -2
- package/dist/esm/server/middleware/proactivelyRefreshAccessToken.js +3 -1
- package/dist/esm/server/middleware/proactivelyRefreshAccessToken.js.map +1 -1
- package/dist/esm/server/middleware/profile.d.ts +1 -2
- package/dist/esm/server/middleware/profile.js +3 -2
- package/dist/esm/server/middleware/profile.js.map +1 -1
- package/dist/esm/server/middleware/protectRoute.d.ts +1 -2
- package/dist/esm/server/middleware/protectRoute.js +3 -2
- package/dist/esm/server/middleware/protectRoute.js.map +1 -1
- package/dist/esm/server/middleware/requestId.d.ts +8 -0
- package/dist/esm/server/middleware/requestId.js +26 -0
- package/dist/esm/server/middleware/requestId.js.map +1 -0
- package/dist/esm/server/middleware/token.d.ts +1 -2
- package/dist/esm/server/middleware/token.js +3 -2
- package/dist/esm/server/middleware/token.js.map +1 -1
- package/package.json +1 -1
|
@@ -5,6 +5,7 @@ var debug = require('debug');
|
|
|
5
5
|
var auth0 = require('../../config/auth0.js');
|
|
6
6
|
var getAuth0Instance = require('../getAuth0Instance.js');
|
|
7
7
|
var token = require('./token.js');
|
|
8
|
+
var requestId = require('./requestId.js');
|
|
8
9
|
var protectRoute = require('./protectRoute.js');
|
|
9
10
|
var profile = require('./profile.js');
|
|
10
11
|
var logout = require('./logout.js');
|
|
@@ -16,16 +17,6 @@ function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'defau
|
|
|
16
17
|
var debug__default = /*#__PURE__*/_interopDefaultCompat(debug);
|
|
17
18
|
|
|
18
19
|
const log = debug__default.default('@smg-automotive/auth:middleware');
|
|
19
|
-
const generateRequestId = () => {
|
|
20
|
-
// UUID v4 format: xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx
|
|
21
|
-
// where x is any hex digit and y is one of 8, 9, A, B
|
|
22
|
-
return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, (c) => {
|
|
23
|
-
// eslint-disable-next-line sonarjs/pseudo-random
|
|
24
|
-
const r = (Math.random() * 16) | 0;
|
|
25
|
-
const v = c === 'x' ? r : (r & 0x3) | 0x8;
|
|
26
|
-
return v.toString(16);
|
|
27
|
-
});
|
|
28
|
-
};
|
|
29
20
|
const isAuthRoute = (pathname, auth0Config) => {
|
|
30
21
|
const { loginEndpoint, logoutEndpoint, callbackEndpoint, userProfileEndpoint, tokenEndpoint, } = auth0Config;
|
|
31
22
|
return [
|
|
@@ -37,10 +28,10 @@ const isAuthRoute = (pathname, auth0Config) => {
|
|
|
37
28
|
].includes(pathname);
|
|
38
29
|
};
|
|
39
30
|
const authMiddleware = async ({ request, isProtectedRoute, language, host, protocol, onError, brand, }) => {
|
|
40
|
-
const requestId =
|
|
31
|
+
const requestId$1 = requestId.getOrCreateRequestId(request);
|
|
41
32
|
const { pathname } = request.nextUrl;
|
|
42
33
|
log('Processing request', {
|
|
43
|
-
requestId,
|
|
34
|
+
requestId: requestId$1,
|
|
44
35
|
pathname,
|
|
45
36
|
host,
|
|
46
37
|
protocol,
|
|
@@ -52,34 +43,33 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
52
43
|
});
|
|
53
44
|
const auth0Config = auth0.getAuth0Config();
|
|
54
45
|
const isAuthErrorRoute = pathname.endsWith(auth0Config.globalAuthErrorPath);
|
|
55
|
-
log('Auth route check', { requestId, pathname, isAuthErrorRoute });
|
|
46
|
+
log('Auth route check', { requestId: requestId$1, pathname, isAuthErrorRoute });
|
|
56
47
|
const crossDomainLogoutResult = logout.handleCrossDomainLogout({
|
|
57
|
-
requestId,
|
|
58
48
|
host,
|
|
59
49
|
protocol,
|
|
60
50
|
request,
|
|
61
51
|
auth0Config,
|
|
62
52
|
});
|
|
63
53
|
if (crossDomainLogoutResult) {
|
|
64
|
-
|
|
54
|
+
crossDomainLogoutResult.headers.set(requestId.requestIdHeader, requestId$1);
|
|
55
|
+
log('Cross-domain logout detected, redirecting', { requestId: requestId$1 });
|
|
65
56
|
return crossDomainLogoutResult;
|
|
66
57
|
}
|
|
67
58
|
login.addLoginParams({
|
|
68
59
|
request,
|
|
69
60
|
auth0Config,
|
|
70
61
|
});
|
|
71
|
-
log('Calling Auth0 middleware', { requestId });
|
|
62
|
+
log('Calling Auth0 middleware', { requestId: requestId$1 });
|
|
72
63
|
const authResponse = await auth0Instance.middleware(request);
|
|
73
|
-
|
|
64
|
+
authResponse.headers.set(requestId.requestIdHeader, requestId$1);
|
|
65
|
+
log('Auth0 middleware completed', { requestId: requestId$1, status: authResponse.status });
|
|
74
66
|
logout.deleteRelatedSessionCookies({
|
|
75
|
-
requestId,
|
|
76
67
|
host,
|
|
77
68
|
request,
|
|
78
69
|
response: authResponse,
|
|
79
70
|
auth0Config,
|
|
80
71
|
});
|
|
81
72
|
const accessTokenRequestResult = await token.handleAccessTokenRequest({
|
|
82
|
-
requestId,
|
|
83
73
|
request,
|
|
84
74
|
response: authResponse,
|
|
85
75
|
auth0Instance,
|
|
@@ -87,11 +77,10 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
87
77
|
onError,
|
|
88
78
|
});
|
|
89
79
|
if (accessTokenRequestResult) {
|
|
90
|
-
log('Access token request handled', { requestId });
|
|
80
|
+
log('Access token request handled', { requestId: requestId$1 });
|
|
91
81
|
return accessTokenRequestResult;
|
|
92
82
|
}
|
|
93
83
|
const handleUserProfileResult = await profile.handleUserProfile({
|
|
94
|
-
requestId,
|
|
95
84
|
request,
|
|
96
85
|
response: authResponse,
|
|
97
86
|
auth0Instance,
|
|
@@ -99,17 +88,16 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
99
88
|
brand,
|
|
100
89
|
});
|
|
101
90
|
if (handleUserProfileResult) {
|
|
102
|
-
log('User profile request handled', { requestId });
|
|
91
|
+
log('User profile request handled', { requestId: requestId$1 });
|
|
103
92
|
return handleUserProfileResult;
|
|
104
93
|
}
|
|
105
94
|
if (isAuthRoute(pathname, auth0Config) || isAuthErrorRoute) {
|
|
106
|
-
log('Auth route, returning response', { requestId });
|
|
95
|
+
log('Auth route, returning response', { requestId: requestId$1 });
|
|
107
96
|
return authResponse;
|
|
108
97
|
}
|
|
109
98
|
const isProtected = !isAuthErrorRoute && isProtectedRoute(pathname);
|
|
110
|
-
log('Route protection check', { requestId, pathname, isProtected });
|
|
99
|
+
log('Route protection check', { requestId: requestId$1, pathname, isProtected });
|
|
111
100
|
const protectRouteResult = await protectRoute.protectRoute({
|
|
112
|
-
requestId,
|
|
113
101
|
isProtected,
|
|
114
102
|
auth0Instance,
|
|
115
103
|
auth0Config,
|
|
@@ -120,13 +108,13 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
120
108
|
});
|
|
121
109
|
if (protectRouteResult) {
|
|
122
110
|
log('Route protection handled', {
|
|
123
|
-
requestId,
|
|
111
|
+
requestId: requestId$1,
|
|
124
112
|
redirected: protectRouteResult.status === 307,
|
|
125
113
|
});
|
|
126
114
|
return protectRouteResult;
|
|
127
115
|
}
|
|
128
|
-
log('Request completed, combining headers', { requestId });
|
|
129
|
-
|
|
116
|
+
log('Request completed, combining headers', { requestId: requestId$1 });
|
|
117
|
+
const finalResponse = combineHeaders.combineHeaders({
|
|
130
118
|
middlewareResponse: server.NextResponse.next({
|
|
131
119
|
request: {
|
|
132
120
|
headers: request.headers,
|
|
@@ -134,6 +122,8 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
134
122
|
}),
|
|
135
123
|
authResponse,
|
|
136
124
|
});
|
|
125
|
+
finalResponse.headers.set(requestId.requestIdHeader, requestId$1);
|
|
126
|
+
return finalResponse;
|
|
137
127
|
};
|
|
138
128
|
|
|
139
129
|
exports.authMiddleware = authMiddleware;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":["debug","getAuth0Instance","getAuth0Config","handleCrossDomainLogout","addLoginParams","deleteRelatedSessionCookies","handleAccessTokenRequest","handleUserProfile","protectRoute","combineHeaders","NextResponse"],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":["debug","requestId","getOrCreateRequestId","getAuth0Instance","getAuth0Config","handleCrossDomainLogout","requestIdHeader","addLoginParams","deleteRelatedSessionCookies","handleAccessTokenRequest","handleUserProfile","protectRoute","combineHeaders","NextResponse"],"mappings":";;;;;;;;;;;;;;;;;;AAiBA,MAAM,GAAG,GAAGA,sBAAK,CAAC,iCAAiC,CAAC;AAEpD,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,KAAK,GASN,KAA2B;AAC1B,IAAA,MAAMC,WAAS,GAAGC,8BAAoB,CAAC,OAAO,CAAC;AAE/C,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO;IACpC,GAAG,CAAC,oBAAoB,EAAE;mBACxBD,WAAS;QACT,QAAQ;QACR,IAAI;QACJ,QAAQ;QACR,MAAM,EAAE,OAAO,CAAC,MAAM;AACvB,KAAA,CAAC;IAEF,MAAM,aAAa,GAAGE,iCAAgB,CAAC;QACrC,IAAI;QACJ,QAAQ;AACT,KAAA,CAAC;AAEF,IAAA,MAAM,WAAW,GAAGC,oBAAc,EAAE;IACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC3E,GAAG,CAAC,kBAAkB,EAAE,aAAEH,WAAS,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC;IAElE,MAAM,uBAAuB,GAAGI,8BAAuB,CAAC;QACtD,IAAI;QACJ,QAAQ;QACR,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;QAC3B,uBAAuB,CAAC,OAAO,CAAC,GAAG,CAACC,yBAAe,EAAEL,WAAS,CAAC;AAC/D,QAAA,GAAG,CAAC,2CAA2C,EAAE,aAAEA,WAAS,EAAE,CAAC;AAC/D,QAAA,OAAO,uBAAuB;IAChC;AAEA,IAAAM,oBAAc,CAAC;QACb,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,GAAG,CAAC,0BAA0B,EAAE,aAAEN,WAAS,EAAE,CAAC;IAC9C,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAC5D,YAAY,CAAC,OAAO,CAAC,GAAG,CAACK,yBAAe,EAAEL,WAAS,CAAC;AACpD,IAAA,GAAG,CAAC,4BAA4B,EAAE,aAAEA,WAAS,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,EAAE,CAAC;AAE7E,IAAAO,kCAA2B,CAAC;QAC1B,IAAI;QACJ,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,MAAM,wBAAwB,GAAG,MAAMC,8BAAwB,CAAC;QAC9D,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,OAAO;AACR,KAAA,CAAC;IACF,IAAI,wBAAwB,EAAE;AAC5B,QAAA,GAAG,CAAC,8BAA8B,EAAE,aAAER,WAAS,EAAE,CAAC;AAClD,QAAA,OAAO,wBAAwB;IACjC;AAEA,IAAA,MAAM,uBAAuB,GAAG,MAAMS,yBAAiB,CAAC;QACtD,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,KAAK;AACN,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;AAC3B,QAAA,GAAG,CAAC,8BAA8B,EAAE,aAAET,WAAS,EAAE,CAAC;AAClD,QAAA,OAAO,uBAAuB;IAChC;IAEA,IAAI,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,IAAI,gBAAgB,EAAE;AAC1D,QAAA,GAAG,CAAC,gCAAgC,EAAE,aAAEA,WAAS,EAAE,CAAC;AACpD,QAAA,OAAO,YAAY;IACrB;IAEA,MAAM,WAAW,GAAG,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,QAAQ,CAAC;IACnE,GAAG,CAAC,wBAAwB,EAAE,aAAEA,WAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;AACnE,IAAA,MAAM,kBAAkB,GAAG,MAAMU,yBAAY,CAAC;QAC5C,WAAW;QACX,aAAa;QACb,WAAW;QACX,QAAQ;QACR,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,OAAO;AACR,KAAA,CAAC;IACF,IAAI,kBAAkB,EAAE;QACtB,GAAG,CAAC,0BAA0B,EAAE;uBAC9BV,WAAS;AACT,YAAA,UAAU,EAAE,kBAAkB,CAAC,MAAM,KAAK,GAAG;AAC9C,SAAA,CAAC;AACF,QAAA,OAAO,kBAAkB;IAC3B;AAEA,IAAA,GAAG,CAAC,sCAAsC,EAAE,aAAEA,WAAS,EAAE,CAAC;IAC1D,MAAM,aAAa,GAAGW,6BAAc,CAAC;AACnC,QAAA,kBAAkB,EAAEC,mBAAY,CAAC,IAAI,CAAC;AACpC,YAAA,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;AACzB,aAAA;SACF,CAAC;QACF,YAAY;AACb,KAAA,CAAC;IACF,aAAa,CAAC,OAAO,CAAC,GAAG,CAACP,yBAAe,EAAEL,WAAS,CAAC;AACrD,IAAA,OAAO,aAAa;AACtB;;;;"}
|
|
@@ -1,14 +1,12 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
2
|
import { Auth0Config } from 'src/types';
|
|
3
|
-
export declare const handleCrossDomainLogout: ({
|
|
4
|
-
requestId: string;
|
|
3
|
+
export declare const handleCrossDomainLogout: ({ host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }: {
|
|
5
4
|
host: string;
|
|
6
5
|
protocol: string;
|
|
7
6
|
request: NextRequest;
|
|
8
7
|
auth0Config: Auth0Config;
|
|
9
8
|
}) => NextResponse | void;
|
|
10
|
-
export declare const deleteRelatedSessionCookies: ({
|
|
11
|
-
requestId: string;
|
|
9
|
+
export declare const deleteRelatedSessionCookies: ({ host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }: {
|
|
12
10
|
host: string;
|
|
13
11
|
request: NextRequest;
|
|
14
12
|
response: NextResponse;
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
var server = require('next/server');
|
|
4
4
|
var debug = require('debug');
|
|
5
|
+
var requestId = require('./requestId.js');
|
|
5
6
|
|
|
6
7
|
function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e : { default: e }; }
|
|
7
8
|
|
|
@@ -49,14 +50,15 @@ const getOtherDomainHost = (currentHost) => {
|
|
|
49
50
|
}
|
|
50
51
|
return currentHost;
|
|
51
52
|
};
|
|
52
|
-
const handleCrossDomainLogout = ({
|
|
53
|
+
const handleCrossDomainLogout = ({ host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }) => {
|
|
53
54
|
if (request.nextUrl.pathname !== logoutEndpoint)
|
|
54
55
|
return;
|
|
55
|
-
|
|
56
|
+
const requestId$1 = requestId.getOrCreateRequestId(request);
|
|
57
|
+
log('Handling logout request', { requestId: requestId$1, host, protocol });
|
|
56
58
|
const searchParams = new URLSearchParams(request.nextUrl.search);
|
|
57
59
|
const specifiedReturnTo = searchParams.get('returnTo') || '';
|
|
58
60
|
const crossDomainLogout = searchParams.get('crossDomain') === 'true';
|
|
59
|
-
log('Logout parameters', { requestId, specifiedReturnTo, crossDomainLogout });
|
|
61
|
+
log('Logout parameters', { requestId: requestId$1, specifiedReturnTo, crossDomainLogout });
|
|
60
62
|
const otherDomainHost = getOtherDomainHost(host);
|
|
61
63
|
const currentDomainUrl = `${protocol}://${host}`;
|
|
62
64
|
const locale = searchParams.get('locale');
|
|
@@ -68,12 +70,12 @@ const handleCrossDomainLogout = ({ requestId, host, protocol, request, auth0Conf
|
|
|
68
70
|
pathOrUrl: specifiedReturnTo,
|
|
69
71
|
crossDomainLogout,
|
|
70
72
|
});
|
|
71
|
-
log('ReturnTo validation', { requestId, isSafePath, specifiedReturnTo });
|
|
73
|
+
log('ReturnTo validation', { requestId: requestId$1, isSafePath, specifiedReturnTo });
|
|
72
74
|
if (isSafePath && specifiedReturnTo) {
|
|
73
75
|
returnTo = specifiedReturnTo;
|
|
74
76
|
}
|
|
75
77
|
if (!crossDomainLogout && otherDomainHost && otherDomainHost !== host) {
|
|
76
|
-
log('Initiating cross-domain logout', { requestId, otherDomainHost });
|
|
78
|
+
log('Initiating cross-domain logout', { requestId: requestId$1, otherDomainHost });
|
|
77
79
|
const backToCurrentDomainUrl = new URL(logoutEndpoint, currentDomainUrl);
|
|
78
80
|
backToCurrentDomainUrl.searchParams.set('returnTo', returnTo);
|
|
79
81
|
backToCurrentDomainUrl.searchParams.set('crossDomain', 'true');
|
|
@@ -81,7 +83,7 @@ const handleCrossDomainLogout = ({ requestId, host, protocol, request, auth0Conf
|
|
|
81
83
|
otherDomainLogoutUrl.searchParams.set('crossDomain', 'true');
|
|
82
84
|
otherDomainLogoutUrl.searchParams.set('returnTo', backToCurrentDomainUrl.toString());
|
|
83
85
|
log('Redirecting to other domain for logout', {
|
|
84
|
-
requestId,
|
|
86
|
+
requestId: requestId$1,
|
|
85
87
|
otherDomainHost,
|
|
86
88
|
returnUrl: backToCurrentDomainUrl.toString(),
|
|
87
89
|
});
|
|
@@ -108,16 +110,17 @@ const getLegacyCookieDomain = (hostname) => {
|
|
|
108
110
|
const base = parts.slice(-2).join('.');
|
|
109
111
|
return `.${base}`;
|
|
110
112
|
};
|
|
111
|
-
const deleteRelatedSessionCookies = ({
|
|
113
|
+
const deleteRelatedSessionCookies = ({ host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }) => {
|
|
112
114
|
if (request.nextUrl.pathname !== logoutEndpoint || !response)
|
|
113
115
|
return;
|
|
116
|
+
const requestId$1 = requestId.getOrCreateRequestId(request);
|
|
114
117
|
const cookiesToDelete = authCookieNames.flatMap((cookieName) => [
|
|
115
118
|
cookieName,
|
|
116
119
|
`${cookieName}__0`,
|
|
117
120
|
`${cookieName}__1`,
|
|
118
121
|
]);
|
|
119
122
|
log('Deleting session cookies', {
|
|
120
|
-
requestId,
|
|
123
|
+
requestId: requestId$1,
|
|
121
124
|
host,
|
|
122
125
|
cookies: cookiesToDelete,
|
|
123
126
|
});
|
|
@@ -130,7 +133,7 @@ const deleteRelatedSessionCookies = ({ requestId, host, request, response, auth0
|
|
|
130
133
|
});
|
|
131
134
|
const legacyCookieDomain = getLegacyCookieDomain(host);
|
|
132
135
|
log('Deleting legacy cookies', {
|
|
133
|
-
requestId,
|
|
136
|
+
requestId: requestId$1,
|
|
134
137
|
cookies: [legacyAccessTokenName, legacyRefreshTokenName],
|
|
135
138
|
legacyCookieDomain,
|
|
136
139
|
});
|
|
@@ -146,7 +149,7 @@ const deleteRelatedSessionCookies = ({ requestId, host, request, response, auth0
|
|
|
146
149
|
path: '/',
|
|
147
150
|
domain: legacyCookieDomain,
|
|
148
151
|
});
|
|
149
|
-
log('All session cookies deleted', { requestId });
|
|
152
|
+
log('All session cookies deleted', { requestId: requestId$1 });
|
|
150
153
|
};
|
|
151
154
|
|
|
152
155
|
exports.deleteRelatedSessionCookies = deleteRelatedSessionCookies;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logout.js","sources":["../../../../../src/server/middleware/logout.ts"],"sourcesContent":[null],"names":["debug","NextResponse"],"mappings":"
|
|
1
|
+
{"version":3,"file":"logout.js","sources":["../../../../../src/server/middleware/logout.ts"],"sourcesContent":[null],"names":["debug","requestId","getOrCreateRequestId","NextResponse"],"mappings":";;;;;;;;;;AAOA,MAAM,GAAG,GAAGA,sBAAK,CAAC,6BAA6B,CAAC;AAEhD,MAAM,gBAAgB,GAAG,CAAC,EACxB,SAAS,EACT,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,iBAAiB,GAOlB,KAAI;IACH,IAAI,OAAO,SAAS,KAAK,QAAQ;AAAE,QAAA,OAAO,KAAK;AAC/C,IAAA,IAAI,SAAS,CAAC,MAAM,GAAG,IAAI;AAAE,QAAA,OAAO,KAAK;AAEzC,IAAA,IAAI;AACF,QAAA,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,SAAS,CAAC;QACtD,MAAM,KAAK,GAAG,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC;QACjD,MAAM,eAAe,GAAG,IAAI,GAAG,CAC7B,KAAK,GAAG,gBAAgB,GAAG,GAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,CAAA,EAAG,gBAAgB,CAAA,CAAE,CACtE;AACD,QAAA,MAAM,WAAW,GAAG,eAAe,CAAC,QAAQ;AAE5C,QAAA,IACE,iBAAiB;YACjB,KAAK;AACL,YAAA,eAAe,CAAC,IAAI,KAAK,eAAe,EACxC;AACA,YAAA,OAAO,KAAK;QACd;QAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,CAAC,IAAI,KAAK,IAAI,EAAE;AACvD,YAAA,OAAO,KAAK;QACd;AAEA,QAAA,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;AAChE,YAAA,OAAO,KAAK;QACd;;;QAIA,MAAM,eAAe,GAAG,yBAAyB;AACjD,QAAA,OAAO,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC;IAC1C;IAAE,OAAO,KAAK,EAAE;;AAEd,QAAA,OAAO,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,CAAC;AACjD,QAAA,OAAO,KAAK;IACd;AACF,CAAC;AAED,MAAM,kBAAkB,GAAG,CAAC,WAAmB,KAAY;AACzD,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,OAAO,WAAW;AACpB,CAAC;MAEY,uBAAuB,GAAG,CAAC,EACtC,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,WAAW,EAAE,EAAE,cAAc,EAAE,cAAc,EAAE,GAMhD,KAAyB;AACxB,IAAA,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,cAAc;QAAE;AAEjD,IAAA,MAAMC,WAAS,GAAGC,8BAAoB,CAAC,OAAO,CAAC;IAC/C,GAAG,CAAC,yBAAyB,EAAE,aAAED,WAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAC7D,MAAM,YAAY,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC;IAEhE,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE;IAC5D,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CAAC,aAAa,CAAC,KAAK,MAAM;IACpE,GAAG,CAAC,mBAAmB,EAAE,aAAEA,WAAS,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,CAAC;AAE7E,IAAA,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,CAAC;AAChD,IAAA,MAAM,gBAAgB,GAAG,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,EAAE;IAChD,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC;AACzC,IAAA,IAAI,QAAQ,GAAG,MAAM,GAAG,CAAA,CAAA,EAAI,MAAM,CAAA,CAAE,GAAG,CAAA,CAAA,EAAI,cAAc,CAAC,OAAO,EAAE;IACnE,MAAM,UAAU,GAAG,gBAAgB,CAAC;QAClC,QAAQ;QACR,IAAI;QACJ,eAAe;AACf,QAAA,SAAS,EAAE,iBAAiB;QAC5B,iBAAiB;AAClB,KAAA,CAAC;IACF,GAAG,CAAC,qBAAqB,EAAE,aAAEA,WAAS,EAAE,UAAU,EAAE,iBAAiB,EAAE,CAAC;AACxE,IAAA,IAAI,UAAU,IAAI,iBAAiB,EAAE;QACnC,QAAQ,GAAG,iBAAiB;IAC9B;IAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,IAAI,eAAe,KAAK,IAAI,EAAE;QACrE,GAAG,CAAC,gCAAgC,EAAE,aAAEA,WAAS,EAAE,eAAe,EAAE,CAAC;QACrE,MAAM,sBAAsB,GAAG,IAAI,GAAG,CAAC,cAAc,EAAE,gBAAgB,CAAC;QACxE,sBAAsB,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC;QAC7D,sBAAsB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC;AAE9D,QAAA,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAClC,cAAc,EACd,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,eAAe,CAAA,CAAE,CACnC;QACD,oBAAoB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC;AAC5D,QAAA,oBAAoB,CAAC,YAAY,CAAC,GAAG,CACnC,UAAU,EACV,sBAAsB,CAAC,QAAQ,EAAE,CAClC;QAED,GAAG,CAAC,wCAAwC,EAAE;uBAC5CA,WAAS;YACT,eAAe;AACf,YAAA,SAAS,EAAE,sBAAsB,CAAC,QAAQ,EAAE;AAC7C,SAAA,CAAC;AACF,QAAA,OAAOE,mBAAY,CAAC,QAAQ,CAAC,oBAAoB,EAAE;AACjD,YAAA,MAAM,EAAE,GAAG;AACZ,SAAA,CAAC;IACJ;IAEA,IAAI,aAAa,GAAG,KAAK;AACzB,IAAA,IAAI;AACF,QAAA,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC;AACpD,QAAA,aAAa,GAAG,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC;IACpD;IAAE,OAAO,KAAK,EAAE;;AAEd,QAAA,OAAO,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,CAAC;IACjD;AAEA,IAAA,YAAY,CAAC,GAAG,CACd,UAAU,EACV,aAAa,GAAG,QAAQ,GAAG,CAAA,EAAG,gBAAgB,GAAG,QAAQ,CAAA,CAAE,CAC5D;IACD,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,YAAY,CAAC,QAAQ,EAAE;AAClD;AAEA,MAAM,qBAAqB,GAAG,CAAC,QAAgB,KAAI;IACjD,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC;AACjC,IAAA,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAE;AAE3C,IAAA,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;IACtC,OAAO,CAAA,CAAA,EAAI,IAAI,CAAA,CAAE;AACnB,CAAC;AAEM,MAAM,2BAA2B,GAAG,CAAC,EAC1C,IAAI,EACJ,OAAO,EACP,QAAQ,EACR,WAAW,EAAE,EACX,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,sBAAsB,GACvB,GAMF,KAAI;IACH,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,cAAc,IAAI,CAAC,QAAQ;QAAE;AAE9D,IAAA,MAAMF,WAAS,GAAGC,8BAAoB,CAAC,OAAO,CAAC;IAC/C,MAAM,eAAe,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC,UAAU,KAAK;QAC9D,UAAU;AACV,QAAA,CAAA,EAAG,UAAU,CAAA,GAAA,CAAK;AAClB,QAAA,CAAA,EAAG,UAAU,CAAA,GAAA,CAAK;AACnB,KAAA,CAAC;IACF,GAAG,CAAC,0BAA0B,EAAE;mBAC9BD,WAAS;QACT,IAAI;AACJ,QAAA,OAAO,EAAE,eAAe;AACzB,KAAA,CAAC;AACF,IAAA,eAAe,CAAC,OAAO,CAAC,CAAC,UAAU,KAAI;AACrC,QAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,YAAA,IAAI,EAAE,UAAU;AAChB,YAAA,MAAM,EAAE,CAAC;AACT,YAAA,IAAI,EAAE,GAAG;AACV,SAAA,CAAC;AACJ,IAAA,CAAC,CAAC;AAEF,IAAA,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,IAAI,CAAC;IACtD,GAAG,CAAC,yBAAyB,EAAE;mBAC7BA,WAAS;AACT,QAAA,OAAO,EAAE,CAAC,qBAAqB,EAAE,sBAAsB,CAAC;QACxD,kBAAkB;AACnB,KAAA,CAAC;AACF,IAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,QAAA,IAAI,EAAE,qBAAqB;AAC3B,QAAA,MAAM,EAAE,CAAC;AACT,QAAA,IAAI,EAAE,GAAG;AACT,QAAA,MAAM,EAAE,kBAAkB;AAC3B,KAAA,CAAC;AACF,IAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,QAAA,IAAI,EAAE,sBAAsB;AAC5B,QAAA,MAAM,EAAE,CAAC;AACT,QAAA,IAAI,EAAE,GAAG;AACT,QAAA,MAAM,EAAE,kBAAkB;AAC3B,KAAA,CAAC;AACF,IAAA,GAAG,CAAC,6BAA6B,EAAE,aAAEA,WAAS,EAAE,CAAC;AACnD;;;;;"}
|
|
@@ -1,8 +1,7 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
2
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
3
3
|
import { Auth0Config } from 'src/types/auth0/config';
|
|
4
|
-
export declare const proactivelyRefreshAccessToken: ({
|
|
5
|
-
requestId: string;
|
|
4
|
+
export declare const proactivelyRefreshAccessToken: ({ request, response, auth0Instance, auth0Config, }: {
|
|
6
5
|
request: NextRequest;
|
|
7
6
|
response: NextResponse;
|
|
8
7
|
auth0Instance: Auth0Client;
|
|
@@ -1,20 +1,22 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
3
|
var debug = require('debug');
|
|
4
|
+
var requestId = require('./requestId.js');
|
|
4
5
|
|
|
5
6
|
function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e : { default: e }; }
|
|
6
7
|
|
|
7
8
|
var debug__default = /*#__PURE__*/_interopDefaultCompat(debug);
|
|
8
9
|
|
|
9
10
|
const log = debug__default.default('@smg-automotive/auth:token');
|
|
10
|
-
const proactivelyRefreshAccessToken = async ({
|
|
11
|
-
|
|
11
|
+
const proactivelyRefreshAccessToken = async ({ request, response, auth0Instance, auth0Config, }) => {
|
|
12
|
+
const requestId$1 = requestId.getOrCreateRequestId(request);
|
|
13
|
+
log('Checking if token refresh is needed', { requestId: requestId$1 });
|
|
12
14
|
const session = await auth0Instance.getSession(request);
|
|
13
15
|
const expiresAt = session?.tokenSet.expiresAt || 0;
|
|
14
16
|
const expiresInSeconds = expiresAt - Date.now() / 1000;
|
|
15
17
|
const shouldRefresh = auth0Config.debugForceTokenRefresh || expiresAt < Date.now() / 1000 + 30;
|
|
16
18
|
log('Token refresh decision', {
|
|
17
|
-
requestId,
|
|
19
|
+
requestId: requestId$1,
|
|
18
20
|
shouldRefresh,
|
|
19
21
|
expiresInSeconds: Math.round(expiresInSeconds),
|
|
20
22
|
debugForceRefresh: auth0Config.debugForceTokenRefresh,
|
|
@@ -24,7 +26,7 @@ const proactivelyRefreshAccessToken = async ({ requestId, request, response, aut
|
|
|
24
26
|
refresh: shouldRefresh,
|
|
25
27
|
});
|
|
26
28
|
log('Access token retrieved', {
|
|
27
|
-
requestId,
|
|
29
|
+
requestId: requestId$1,
|
|
28
30
|
expiresAt: result.expiresAt,
|
|
29
31
|
tokenLength: result.token.length,
|
|
30
32
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":["debug"],"mappings":"
|
|
1
|
+
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":["debug","requestId","getOrCreateRequestId"],"mappings":";;;;;;;;;AAQA,MAAM,GAAG,GAAGA,sBAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,6BAA6B,GAAG,OAAO,EAClD,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,GAMZ,KAAmD;AAClD,IAAA,MAAMC,WAAS,GAAGC,8BAAoB,CAAC,OAAO,CAAC;AAC/C,IAAA,GAAG,CAAC,qCAAqC,EAAE,aAAED,WAAS,EAAE,CAAC;IACzD,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,MAAM,SAAS,GAAG,OAAO,EAAE,QAAQ,CAAC,SAAS,IAAI,CAAC;IAClD,MAAM,gBAAgB,GAAG,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI;AACtD,IAAA,MAAM,aAAa,GACjB,WAAW,CAAC,sBAAsB,IAAI,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,EAAE;IAE1E,GAAG,CAAC,wBAAwB,EAAE;mBAC5BA,WAAS;QACT,aAAa;AACb,QAAA,gBAAgB,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC;QAC9C,iBAAiB,EAAE,WAAW,CAAC,sBAAsB;QACrD,UAAU,EAAE,CAAC,CAAC,OAAO;AACtB,KAAA,CAAC;IAEF,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,EAAE,QAAQ,EAAE;AACnE,QAAA,OAAO,EAAE,aAAa;AACvB,KAAA,CAAC;IAEF,GAAG,CAAC,wBAAwB,EAAE;mBAC5BA,WAAS;QACT,SAAS,EAAE,MAAM,CAAC,SAAS;AAC3B,QAAA,WAAW,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM;AACjC,KAAA,CAAC;AAEF,IAAA,OAAO,MAAM;AACf;;;;"}
|
|
@@ -2,8 +2,7 @@ import { NextRequest, NextResponse } from 'next/server';
|
|
|
2
2
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
3
3
|
import { Brand } from 'src/types/brand';
|
|
4
4
|
import { Auth0Config } from 'src/types';
|
|
5
|
-
export declare const handleUserProfile: ({
|
|
6
|
-
requestId: string;
|
|
5
|
+
export declare const handleUserProfile: ({ request, response, auth0Instance, auth0Config, brand, }: {
|
|
7
6
|
request: NextRequest;
|
|
8
7
|
response: NextResponse;
|
|
9
8
|
auth0Instance: Auth0Client;
|
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
var server = require('next/server');
|
|
4
4
|
var debug = require('debug');
|
|
5
5
|
var session = require('../../lib/enrichUser/session.js');
|
|
6
|
+
var requestId = require('./requestId.js');
|
|
6
7
|
var proactivelyRefreshAccessToken = require('./proactivelyRefreshAccessToken.js');
|
|
7
8
|
var combineHeaders = require('./combineHeaders.js');
|
|
8
9
|
var combineCookies = require('./combineCookies.js');
|
|
@@ -19,13 +20,14 @@ const responseHeaders = {
|
|
|
19
20
|
Pragma: 'no-cache',
|
|
20
21
|
Expires: '0',
|
|
21
22
|
};
|
|
22
|
-
const handleUserProfile = async ({
|
|
23
|
+
const handleUserProfile = async ({ request, response, auth0Instance, auth0Config, brand, }) => {
|
|
23
24
|
if (request.nextUrl.pathname !== auth0Config.userProfileEndpoint)
|
|
24
25
|
return;
|
|
25
|
-
|
|
26
|
+
const requestId$1 = requestId.getOrCreateRequestId(request);
|
|
27
|
+
log('Handling user profile request', { requestId: requestId$1, brand });
|
|
26
28
|
const session$1 = await auth0Instance.getSession(request);
|
|
27
29
|
if (!session$1) {
|
|
28
|
-
log('No session found for profile request', { requestId });
|
|
30
|
+
log('No session found for profile request', { requestId: requestId$1 });
|
|
29
31
|
return new server.NextResponse(null, {
|
|
30
32
|
status: 204,
|
|
31
33
|
headers: responseHeaders,
|
|
@@ -34,25 +36,24 @@ const handleUserProfile = async ({ requestId, request, response, auth0Instance,
|
|
|
34
36
|
try {
|
|
35
37
|
const user = session$1.user;
|
|
36
38
|
log('User found, refreshing token and enriching', {
|
|
37
|
-
requestId,
|
|
39
|
+
requestId: requestId$1,
|
|
38
40
|
userId: user.userId,
|
|
39
41
|
sellerId: user.sellerId,
|
|
40
42
|
});
|
|
41
43
|
const { token } = await proactivelyRefreshAccessToken.proactivelyRefreshAccessToken({
|
|
42
|
-
requestId,
|
|
43
44
|
request,
|
|
44
45
|
response,
|
|
45
46
|
auth0Instance,
|
|
46
47
|
auth0Config,
|
|
47
48
|
});
|
|
48
|
-
log('Token refreshed, enriching user', { requestId });
|
|
49
|
+
log('Token refreshed, enriching user', { requestId: requestId$1 });
|
|
49
50
|
const enrichedUser = await session.enrichUser({
|
|
50
51
|
user,
|
|
51
52
|
accessToken: token,
|
|
52
53
|
brand,
|
|
53
54
|
});
|
|
54
55
|
log('User enriched successfully', {
|
|
55
|
-
requestId,
|
|
56
|
+
requestId: requestId$1,
|
|
56
57
|
userId: enrichedUser.userId,
|
|
57
58
|
sellerId: enrichedUser.sellerId,
|
|
58
59
|
hasEntitlements: !!enrichedUser.entitlements,
|
|
@@ -73,7 +74,7 @@ const handleUserProfile = async ({ requestId, request, response, auth0Instance,
|
|
|
73
74
|
}
|
|
74
75
|
catch (error) {
|
|
75
76
|
log('User Profile error loading entitlements', {
|
|
76
|
-
requestId,
|
|
77
|
+
requestId: requestId$1,
|
|
77
78
|
error: error instanceof Error ? error.message : String(error),
|
|
78
79
|
stack: error instanceof Error ? error.stack : undefined,
|
|
79
80
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"profile.js","sources":["../../../../../src/server/middleware/profile.ts"],"sourcesContent":[null],"names":["debug","session","NextResponse","proactivelyRefreshAccessToken","enrichUser","combineHeaders","addCachingHeaders","combineCookies"],"mappings":"
|
|
1
|
+
{"version":3,"file":"profile.js","sources":["../../../../../src/server/middleware/profile.ts"],"sourcesContent":[null],"names":["debug","requestId","getOrCreateRequestId","session","NextResponse","proactivelyRefreshAccessToken","enrichUser","combineHeaders","addCachingHeaders","combineCookies"],"mappings":";;;;;;;;;;;;;;;AAcA,MAAM,GAAG,GAAGA,sBAAK,CAAC,8BAA8B,CAAC;AAEjD,MAAM,eAAe,GAAG;AACtB,IAAA,IAAI,EAAE,uBAAuB;AAC7B,IAAA,eAAe,EAAE,yDAAyD;AAC1E,IAAA,MAAM,EAAE,UAAU;AAClB,IAAA,OAAO,EAAE,GAAG;CACb;AAEM,MAAM,iBAAiB,GAAG,OAAO,EACtC,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,EACX,KAAK,GAON,KAAkC;IACjC,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,WAAW,CAAC,mBAAmB;QAAE;AAElE,IAAA,MAAMC,WAAS,GAAGC,8BAAoB,CAAC,OAAO,CAAC;IAC/C,GAAG,CAAC,+BAA+B,EAAE,aAAED,WAAS,EAAE,KAAK,EAAE,CAAC;IAC1D,MAAME,SAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAACA,SAAO,EAAE;AACZ,QAAA,GAAG,CAAC,sCAAsC,EAAE,aAAEF,WAAS,EAAE,CAAC;AAC1D,QAAA,OAAO,IAAIG,mBAAY,CAAC,IAAI,EAAE;AAC5B,YAAA,MAAM,EAAE,GAAG;AACX,YAAA,OAAO,EAAE,eAAe;AACzB,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;AACF,QAAA,MAAM,IAAI,GAAGD,SAAO,CAAC,IAAmB;QACxC,GAAG,CAAC,4CAA4C,EAAE;uBAChDF,WAAS;YACT,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;AACxB,SAAA,CAAC;AACF,QAAA,MAAM,EAAE,KAAK,EAAE,GAAG,MAAMI,2DAA6B,CAAC;YACpD,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;AACF,QAAA,GAAG,CAAC,iCAAiC,EAAE,aAAEJ,WAAS,EAAE,CAAC;AACrD,QAAA,MAAM,YAAY,GAAG,MAAMK,kBAAU,CAAC;YACpC,IAAI;AACJ,YAAA,WAAW,EAAE,KAAK;YAClB,KAAK;AACN,SAAA,CAAC;QAEF,GAAG,CAAC,4BAA4B,EAAE;uBAChCL,WAAS;YACT,MAAM,EAAE,YAAY,CAAC,MAAM;YAC3B,QAAQ,EAAE,YAAY,CAAC,QAAQ;AAC/B,YAAA,eAAe,EAAE,CAAC,CAAC,YAAY,CAAC,YAAY;AAC7C,SAAA,CAAC;QACF,MAAM,YAAY,GAAGG,mBAAY,CAAC,IAAI,CAAC,YAAY,CAAC;QACpD,MAAM,2BAA2B,GAAGG,6BAAc,CAAC;AACjD,YAAA,kBAAkB,EAAE,YAAY;AAChC,YAAA,YAAY,EAAE,QAAQ;AACtB,YAAA,eAAe,EAAE,IAAI;AACtB,SAAA,CAAC;QACFC,mCAAiB,CAAC,2BAA2B,CAAC;;AAE9C,QAAAC,6BAAc,CAAC;AACb,YAAA,cAAc,EAAE,QAAQ;AACxB,YAAA,cAAc,EAAE,2BAA2B;AAC5C,SAAA,CAAC;AACF,QAAA,OAAO,2BAA2B;IACpC;IAAE,OAAO,KAAc,EAAE;QACvB,GAAG,CAAC,yCAAyC,EAAE;uBAC7CR,WAAS;AACT,YAAA,KAAK,EAAE,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC7D,YAAA,KAAK,EAAE,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,KAAK,GAAG,SAAS;AACxD,SAAA,CAAC;QAEF,IAAI,YAAY,GAAG,oBAAoB;AACvC,QAAA,IACE,KAAK;YACL,OAAO,KAAK,KAAK,QAAQ;AACzB,YAAA,MAAM,IAAI,KAAK;AACf,YAAA,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAC9B;AACA,YAAA,YAAY,GAAG,KAAK,CAAC,IAAI;QAC3B;AAEA,QAAA,OAAOG,mBAAY,CAAC,IAAI,CACtB,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,EAAE,EACjC;AACE,YAAA,MAAM,EAAE,GAAG;AACX,YAAA,OAAO,EAAE,eAAe;AACzB,SAAA,CACF;IACH;AACF;;;;"}
|
|
@@ -2,8 +2,7 @@ import { NextRequest, NextResponse } from 'next/server';
|
|
|
2
2
|
import { Language } from '@smg-automotive/i18n-pkg';
|
|
3
3
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
4
4
|
import { Auth0Config } from 'src/types';
|
|
5
|
-
export declare const protectRoute: ({
|
|
6
|
-
requestId: string;
|
|
5
|
+
export declare const protectRoute: ({ isProtected, auth0Instance, auth0Config, language, request, response, onError, }: {
|
|
7
6
|
isProtected: boolean;
|
|
8
7
|
auth0Instance: Auth0Client;
|
|
9
8
|
auth0Config: Auth0Config;
|
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
var server = require('next/server');
|
|
4
4
|
var debug = require('debug');
|
|
5
5
|
var authLinks = require('../../lib/authLinks.js');
|
|
6
|
+
var requestId = require('./requestId.js');
|
|
6
7
|
var proactivelyRefreshAccessToken = require('./proactivelyRefreshAccessToken.js');
|
|
7
8
|
|
|
8
9
|
function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e : { default: e }; }
|
|
@@ -20,22 +21,23 @@ const redirectToLogin = ({ auth0Config, language, returnTo, origin, }) => {
|
|
|
20
21
|
status: 307,
|
|
21
22
|
});
|
|
22
23
|
};
|
|
23
|
-
const protectRoute = async ({
|
|
24
|
+
const protectRoute = async ({ isProtected, auth0Instance, auth0Config, language, request, response, onError, }) => {
|
|
25
|
+
const requestId$1 = requestId.getOrCreateRequestId(request);
|
|
24
26
|
const { pathname, search, origin } = request.nextUrl;
|
|
25
|
-
log('Checking route protection', { requestId, pathname, isProtected });
|
|
27
|
+
log('Checking route protection', { requestId: requestId$1, pathname, isProtected });
|
|
26
28
|
const session = await auth0Instance.getSession(request);
|
|
27
29
|
log('Session check', {
|
|
28
|
-
requestId,
|
|
30
|
+
requestId: requestId$1,
|
|
29
31
|
hasSession: !!session,
|
|
30
32
|
hasUser: !!session?.user,
|
|
31
33
|
});
|
|
32
34
|
if (!isProtected && !session?.user) {
|
|
33
|
-
log('Route not protected and no user session, allowing', { requestId });
|
|
35
|
+
log('Route not protected and no user session, allowing', { requestId: requestId$1 });
|
|
34
36
|
return response;
|
|
35
37
|
}
|
|
36
38
|
if (!session && isProtected) {
|
|
37
39
|
log('Protected route without session, redirecting to login', {
|
|
38
|
-
requestId,
|
|
40
|
+
requestId: requestId$1,
|
|
39
41
|
});
|
|
40
42
|
return redirectToLogin({
|
|
41
43
|
auth0Config,
|
|
@@ -45,20 +47,19 @@ const protectRoute = async ({ requestId, isProtected, auth0Instance, auth0Config
|
|
|
45
47
|
});
|
|
46
48
|
}
|
|
47
49
|
try {
|
|
48
|
-
log('Refreshing token for protected route', { requestId });
|
|
50
|
+
log('Refreshing token for protected route', { requestId: requestId$1 });
|
|
49
51
|
await proactivelyRefreshAccessToken.proactivelyRefreshAccessToken({
|
|
50
|
-
requestId,
|
|
51
52
|
request,
|
|
52
53
|
response,
|
|
53
54
|
auth0Instance,
|
|
54
55
|
auth0Config,
|
|
55
56
|
});
|
|
56
|
-
log('Token refreshed successfully, allowing access', { requestId });
|
|
57
|
+
log('Token refreshed successfully, allowing access', { requestId: requestId$1 });
|
|
57
58
|
}
|
|
58
59
|
catch (error) {
|
|
59
60
|
const authError = error;
|
|
60
61
|
log('Token refresh failed for protected route', {
|
|
61
|
-
requestId,
|
|
62
|
+
requestId: requestId$1,
|
|
62
63
|
message: authError.message,
|
|
63
64
|
code: authError.code,
|
|
64
65
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":["debug","getLoginLink","NextResponse","proactivelyRefreshAccessToken"],"mappings":"
|
|
1
|
+
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":["debug","getLoginLink","NextResponse","requestId","getOrCreateRequestId","proactivelyRefreshAccessToken"],"mappings":";;;;;;;;;;;;AAYA,MAAM,GAAG,GAAGA,sBAAK,CAAC,mCAAmC,CAAC;AAEtD,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAkB;IACjB,MAAM,QAAQ,GAAGC,sBAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAOC,mBAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ,CAAC;MAEY,YAAY,GAAG,OAAO,EACjC,WAAW,EACX,aAAa,EACb,WAAW,EACX,QAAQ,EACR,OAAO,EACP,QAAQ,EACR,OAAO,GASR,KAAkC;AACjC,IAAA,MAAMC,WAAS,GAAGC,8BAAoB,CAAC,OAAO,CAAC;IAC/C,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;IACpD,GAAG,CAAC,2BAA2B,EAAE,aAAED,WAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;IAEtE,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,GAAG,CAAC,eAAe,EAAE;mBACnBA,WAAS;QACT,UAAU,EAAE,CAAC,CAAC,OAAO;AACrB,QAAA,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,IAAI;AACzB,KAAA,CAAC;IAEF,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClC,QAAA,GAAG,CAAC,mDAAmD,EAAE,aAAEA,WAAS,EAAE,CAAC;AACvE,QAAA,OAAO,QAAQ;IACjB;AAEA,IAAA,IAAI,CAAC,OAAO,IAAI,WAAW,EAAE;QAC3B,GAAG,CAAC,uDAAuD,EAAE;uBAC3DA,WAAS;AACV,SAAA,CAAC;AACF,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,sCAAsC,EAAE,aAAEA,WAAS,EAAE,CAAC;AAC1D,QAAA,MAAME,2DAA6B,CAAC;YAClC,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;AACF,QAAA,GAAG,CAAC,+CAA+C,EAAE,aAAEF,WAAS,EAAE,CAAC;IACrE;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,0CAA0C,EAAE;uBAC9CA,WAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AAEpB,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AACF;;;;"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { NextRequest } from 'next/server';
|
|
2
|
+
export declare const requestIdHeader = "x-automotive-request-id";
|
|
3
|
+
/**
|
|
4
|
+
* Reads the request ID from the request header.
|
|
5
|
+
* Returns undefined if not present.
|
|
6
|
+
*/
|
|
7
|
+
export declare const getRequestId: (request: NextRequest) => string | undefined;
|
|
8
|
+
export declare const getOrCreateRequestId: (request: NextRequest) => string;
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const requestIdHeader = 'x-automotive-request-id';
|
|
4
|
+
const generateRequestId = () => {
|
|
5
|
+
// UUID v4 format: xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx
|
|
6
|
+
// where x is any hex digit and y is one of 8, 9, A, B
|
|
7
|
+
return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, (c) => {
|
|
8
|
+
// eslint-disable-next-line sonarjs/pseudo-random
|
|
9
|
+
const r = (Math.random() * 16) | 0;
|
|
10
|
+
const v = c === 'x' ? r : (r & 0x3) | 0x8;
|
|
11
|
+
return v.toString(16);
|
|
12
|
+
});
|
|
13
|
+
};
|
|
14
|
+
const getRequestIdFromHeader = (request) => {
|
|
15
|
+
return request.headers.get(requestIdHeader) || undefined;
|
|
16
|
+
};
|
|
17
|
+
const getOrCreateRequestId = (request) => {
|
|
18
|
+
const idFromHeader = getRequestIdFromHeader(request);
|
|
19
|
+
if (idFromHeader) {
|
|
20
|
+
return idFromHeader;
|
|
21
|
+
}
|
|
22
|
+
const newId = generateRequestId();
|
|
23
|
+
request.headers.set(requestIdHeader, newId);
|
|
24
|
+
return newId;
|
|
25
|
+
};
|
|
26
|
+
|
|
27
|
+
exports.getOrCreateRequestId = getOrCreateRequestId;
|
|
28
|
+
exports.requestIdHeader = requestIdHeader;
|
|
29
|
+
//# sourceMappingURL=requestId.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"requestId.js","sources":["../../../../../src/server/middleware/requestId.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAEO,MAAM,eAAe,GAAG;AAE/B,MAAM,iBAAiB,GAAG,MAAa;;;IAGrC,OAAO,sCAAsC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,KAAI;;AAEnE,QAAA,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC;AAClC,QAAA,MAAM,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,IAAI,GAAG;AACzC,QAAA,OAAO,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;AACvB,IAAA,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,sBAAsB,GAAG,CAAC,OAAoB,KAAwB;IAC1E,OAAO,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,SAAS;AAC1D,CAAC;AAUM,MAAM,oBAAoB,GAAG,CAAC,OAAoB,KAAY;AACnE,IAAA,MAAM,YAAY,GAAG,sBAAsB,CAAC,OAAO,CAAC;IAEpD,IAAI,YAAY,EAAE;AAChB,QAAA,OAAO,YAAY;IACrB;AAEA,IAAA,MAAM,KAAK,GAAG,iBAAiB,EAAE;IACjC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,CAAC;AAC3C,IAAA,OAAO,KAAK;AACd;;;;;"}
|
|
@@ -1,8 +1,7 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
2
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
3
3
|
import { Auth0Config } from 'src/types';
|
|
4
|
-
export declare const handleAccessTokenRequest: ({
|
|
5
|
-
requestId: string;
|
|
4
|
+
export declare const handleAccessTokenRequest: ({ request, response, auth0Instance, auth0Config, onError, }: {
|
|
6
5
|
request: NextRequest;
|
|
7
6
|
response: NextResponse;
|
|
8
7
|
auth0Instance: Auth0Client;
|
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
var server = require('next/server');
|
|
4
4
|
var debug = require('debug');
|
|
5
5
|
var errors = require('@auth0/nextjs-auth0/errors');
|
|
6
|
+
var requestId = require('./requestId.js');
|
|
6
7
|
var proactivelyRefreshAccessToken = require('./proactivelyRefreshAccessToken.js');
|
|
7
8
|
var combineHeaders = require('./combineHeaders.js');
|
|
8
9
|
var combineCookies = require('./combineCookies.js');
|
|
@@ -13,16 +14,17 @@ function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'defau
|
|
|
13
14
|
var debug__default = /*#__PURE__*/_interopDefaultCompat(debug);
|
|
14
15
|
|
|
15
16
|
const log = debug__default.default('@smg-automotive/auth:token');
|
|
16
|
-
const handleAccessTokenRequest = async ({
|
|
17
|
+
const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth0Config, onError, }) => {
|
|
17
18
|
if (request.nextUrl.pathname !== auth0Config.tokenEndpoint)
|
|
18
19
|
return;
|
|
20
|
+
const requestId$1 = requestId.getOrCreateRequestId(request);
|
|
19
21
|
log('Handling access token request', {
|
|
20
|
-
requestId,
|
|
22
|
+
requestId: requestId$1,
|
|
21
23
|
pathname: request.nextUrl.pathname,
|
|
22
24
|
});
|
|
23
25
|
const session = await auth0Instance.getSession(request);
|
|
24
26
|
if (!session) {
|
|
25
|
-
log('Access token request failed: no session', { requestId });
|
|
27
|
+
log('Access token request failed: no session', { requestId: requestId$1 });
|
|
26
28
|
return server.NextResponse.json({
|
|
27
29
|
error: {
|
|
28
30
|
message: 'The user does not have an active session.',
|
|
@@ -33,15 +35,14 @@ const handleAccessTokenRequest = async ({ requestId, request, response, auth0Ins
|
|
|
33
35
|
});
|
|
34
36
|
}
|
|
35
37
|
try {
|
|
36
|
-
log('Refreshing access token', { requestId });
|
|
38
|
+
log('Refreshing access token', { requestId: requestId$1 });
|
|
37
39
|
const { token, expiresAt } = await proactivelyRefreshAccessToken.proactivelyRefreshAccessToken({
|
|
38
|
-
requestId,
|
|
39
40
|
request,
|
|
40
41
|
response,
|
|
41
42
|
auth0Instance,
|
|
42
43
|
auth0Config,
|
|
43
44
|
});
|
|
44
|
-
log('Access token refreshed successfully', { requestId, expiresAt });
|
|
45
|
+
log('Access token refreshed successfully', { requestId: requestId$1, expiresAt });
|
|
45
46
|
const tokenResponse = server.NextResponse.json({
|
|
46
47
|
token,
|
|
47
48
|
expiresAt,
|
|
@@ -62,7 +63,7 @@ const handleAccessTokenRequest = async ({ requestId, request, response, auth0Ins
|
|
|
62
63
|
catch (error) {
|
|
63
64
|
const authError = error;
|
|
64
65
|
log('Access token request error', {
|
|
65
|
-
requestId,
|
|
66
|
+
requestId: requestId$1,
|
|
66
67
|
message: authError.message,
|
|
67
68
|
code: authError.code,
|
|
68
69
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token.js","sources":["../../../../../src/server/middleware/token.ts"],"sourcesContent":[null],"names":["debug","NextResponse","AccessTokenErrorCode","proactivelyRefreshAccessToken","combineHeaders","addCachingHeaders","combineCookies"],"mappings":"
|
|
1
|
+
{"version":3,"file":"token.js","sources":["../../../../../src/server/middleware/token.ts"],"sourcesContent":[null],"names":["debug","requestId","getOrCreateRequestId","NextResponse","AccessTokenErrorCode","proactivelyRefreshAccessToken","combineHeaders","addCachingHeaders","combineCookies"],"mappings":";;;;;;;;;;;;;;;AAaA,MAAM,GAAG,GAAGA,sBAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,wBAAwB,GAAG,OAAO,EAC7C,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,EACX,OAAO,GAOR,KAAkC;IACjC,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,WAAW,CAAC,aAAa;QAAE;AAE5D,IAAA,MAAMC,WAAS,GAAGC,8BAAoB,CAAC,OAAO,CAAC;IAC/C,GAAG,CAAC,+BAA+B,EAAE;mBACnCD,WAAS;AACT,QAAA,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ;AACnC,KAAA,CAAC;IACF,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,GAAG,CAAC,yCAAyC,EAAE,aAAEA,WAAS,EAAE,CAAC;QAC7D,OAAOE,mBAAY,CAAC,IAAI,CACtB;AACE,YAAA,KAAK,EAAE;AACL,gBAAA,OAAO,EAAE,2CAA2C;gBACpD,IAAI,EAAEC,2BAAoB,CAAC,eAAe;AAC3C,aAAA;SACF,EACD;AACE,YAAA,MAAM,EAAE,GAAG;AACZ,SAAA,CACF;IACH;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,yBAAyB,EAAE,aAAEH,WAAS,EAAE,CAAC;QAC7C,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,MAAMI,2DAA6B,CAAC;YAC/D,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;QACF,GAAG,CAAC,qCAAqC,EAAE,aAAEJ,WAAS,EAAE,SAAS,EAAE,CAAC;AACpE,QAAA,MAAM,aAAa,GAAGE,mBAAY,CAAC,IAAI,CAAC;YACtC,KAAK;YACL,SAAS;AACV,SAAA,CAAC;QACF,MAAM,2BAA2B,GAAGG,6BAAc,CAAC;AACjD,YAAA,kBAAkB,EAAE,aAAa;AACjC,YAAA,YAAY,EAAE,QAAQ;AACtB,YAAA,eAAe,EAAE,IAAI;AACtB,SAAA,CAAC;QACFC,mCAAiB,CAAC,2BAA2B,CAAC;;AAE9C,QAAAC,6BAAc,CAAC;AACb,YAAA,cAAc,EAAE,QAAQ;AACxB,YAAA,cAAc,EAAE,2BAA2B;AAC5C,SAAA,CAAC;AACF,QAAA,OAAO,2BAA2B;IACpC;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,4BAA4B,EAAE;uBAChCP,WAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AACpB,QAAA,OAAOE,mBAAY,CAAC,IAAI,CACtB,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,EAC/D,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB;IACH;AACF;;;;"}
|
|
@@ -3,6 +3,7 @@ import debug from 'debug';
|
|
|
3
3
|
import { getAuth0Config } from '../../config/auth0.js';
|
|
4
4
|
import { getAuth0Instance } from '../getAuth0Instance.js';
|
|
5
5
|
import { handleAccessTokenRequest } from './token.js';
|
|
6
|
+
import { getOrCreateRequestId, requestIdHeader } from './requestId.js';
|
|
6
7
|
import { protectRoute } from './protectRoute.js';
|
|
7
8
|
import { handleUserProfile } from './profile.js';
|
|
8
9
|
import { handleCrossDomainLogout, deleteRelatedSessionCookies } from './logout.js';
|
|
@@ -10,16 +11,6 @@ import { addLoginParams } from './login.js';
|
|
|
10
11
|
import { combineHeaders } from './combineHeaders.js';
|
|
11
12
|
|
|
12
13
|
const log = debug('@smg-automotive/auth:middleware');
|
|
13
|
-
const generateRequestId = () => {
|
|
14
|
-
// UUID v4 format: xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx
|
|
15
|
-
// where x is any hex digit and y is one of 8, 9, A, B
|
|
16
|
-
return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, (c) => {
|
|
17
|
-
// eslint-disable-next-line sonarjs/pseudo-random
|
|
18
|
-
const r = (Math.random() * 16) | 0;
|
|
19
|
-
const v = c === 'x' ? r : (r & 0x3) | 0x8;
|
|
20
|
-
return v.toString(16);
|
|
21
|
-
});
|
|
22
|
-
};
|
|
23
14
|
const isAuthRoute = (pathname, auth0Config) => {
|
|
24
15
|
const { loginEndpoint, logoutEndpoint, callbackEndpoint, userProfileEndpoint, tokenEndpoint, } = auth0Config;
|
|
25
16
|
return [
|
|
@@ -31,7 +22,7 @@ const isAuthRoute = (pathname, auth0Config) => {
|
|
|
31
22
|
].includes(pathname);
|
|
32
23
|
};
|
|
33
24
|
const authMiddleware = async ({ request, isProtectedRoute, language, host, protocol, onError, brand, }) => {
|
|
34
|
-
const requestId =
|
|
25
|
+
const requestId = getOrCreateRequestId(request);
|
|
35
26
|
const { pathname } = request.nextUrl;
|
|
36
27
|
log('Processing request', {
|
|
37
28
|
requestId,
|
|
@@ -48,13 +39,13 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
48
39
|
const isAuthErrorRoute = pathname.endsWith(auth0Config.globalAuthErrorPath);
|
|
49
40
|
log('Auth route check', { requestId, pathname, isAuthErrorRoute });
|
|
50
41
|
const crossDomainLogoutResult = handleCrossDomainLogout({
|
|
51
|
-
requestId,
|
|
52
42
|
host,
|
|
53
43
|
protocol,
|
|
54
44
|
request,
|
|
55
45
|
auth0Config,
|
|
56
46
|
});
|
|
57
47
|
if (crossDomainLogoutResult) {
|
|
48
|
+
crossDomainLogoutResult.headers.set(requestIdHeader, requestId);
|
|
58
49
|
log('Cross-domain logout detected, redirecting', { requestId });
|
|
59
50
|
return crossDomainLogoutResult;
|
|
60
51
|
}
|
|
@@ -64,16 +55,15 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
64
55
|
});
|
|
65
56
|
log('Calling Auth0 middleware', { requestId });
|
|
66
57
|
const authResponse = await auth0Instance.middleware(request);
|
|
58
|
+
authResponse.headers.set(requestIdHeader, requestId);
|
|
67
59
|
log('Auth0 middleware completed', { requestId, status: authResponse.status });
|
|
68
60
|
deleteRelatedSessionCookies({
|
|
69
|
-
requestId,
|
|
70
61
|
host,
|
|
71
62
|
request,
|
|
72
63
|
response: authResponse,
|
|
73
64
|
auth0Config,
|
|
74
65
|
});
|
|
75
66
|
const accessTokenRequestResult = await handleAccessTokenRequest({
|
|
76
|
-
requestId,
|
|
77
67
|
request,
|
|
78
68
|
response: authResponse,
|
|
79
69
|
auth0Instance,
|
|
@@ -85,7 +75,6 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
85
75
|
return accessTokenRequestResult;
|
|
86
76
|
}
|
|
87
77
|
const handleUserProfileResult = await handleUserProfile({
|
|
88
|
-
requestId,
|
|
89
78
|
request,
|
|
90
79
|
response: authResponse,
|
|
91
80
|
auth0Instance,
|
|
@@ -103,7 +92,6 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
103
92
|
const isProtected = !isAuthErrorRoute && isProtectedRoute(pathname);
|
|
104
93
|
log('Route protection check', { requestId, pathname, isProtected });
|
|
105
94
|
const protectRouteResult = await protectRoute({
|
|
106
|
-
requestId,
|
|
107
95
|
isProtected,
|
|
108
96
|
auth0Instance,
|
|
109
97
|
auth0Config,
|
|
@@ -120,7 +108,7 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
120
108
|
return protectRouteResult;
|
|
121
109
|
}
|
|
122
110
|
log('Request completed, combining headers', { requestId });
|
|
123
|
-
|
|
111
|
+
const finalResponse = combineHeaders({
|
|
124
112
|
middlewareResponse: NextResponse.next({
|
|
125
113
|
request: {
|
|
126
114
|
headers: request.headers,
|
|
@@ -128,6 +116,8 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
128
116
|
}),
|
|
129
117
|
authResponse,
|
|
130
118
|
});
|
|
119
|
+
finalResponse.headers.set(requestIdHeader, requestId);
|
|
120
|
+
return finalResponse;
|
|
131
121
|
};
|
|
132
122
|
|
|
133
123
|
export { authMiddleware };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;;;;;AAiBA,MAAM,GAAG,GAAG,KAAK,CAAC,iCAAiC,CAAC;AAEpD,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,KAAK,GASN,KAA2B;AAC1B,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;AAE/C,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO;IACpC,GAAG,CAAC,oBAAoB,EAAE;QACxB,SAAS;QACT,QAAQ;QACR,IAAI;QACJ,QAAQ;QACR,MAAM,EAAE,OAAO,CAAC,MAAM;AACvB,KAAA,CAAC;IAEF,MAAM,aAAa,GAAG,gBAAgB,CAAC;QACrC,IAAI;QACJ,QAAQ;AACT,KAAA,CAAC;AAEF,IAAA,MAAM,WAAW,GAAG,cAAc,EAAE;IACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC3E,GAAG,CAAC,kBAAkB,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC;IAElE,MAAM,uBAAuB,GAAG,uBAAuB,CAAC;QACtD,IAAI;QACJ,QAAQ;QACR,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;QAC3B,uBAAuB,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC;AAC/D,QAAA,GAAG,CAAC,2CAA2C,EAAE,EAAE,SAAS,EAAE,CAAC;AAC/D,QAAA,OAAO,uBAAuB;IAChC;AAEA,IAAA,cAAc,CAAC;QACb,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,GAAG,CAAC,0BAA0B,EAAE,EAAE,SAAS,EAAE,CAAC;IAC9C,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAC5D,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC;AACpD,IAAA,GAAG,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,EAAE,CAAC;AAE7E,IAAA,2BAA2B,CAAC;QAC1B,IAAI;QACJ,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,MAAM,wBAAwB,GAAG,MAAM,wBAAwB,CAAC;QAC9D,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,OAAO;AACR,KAAA,CAAC;IACF,IAAI,wBAAwB,EAAE;AAC5B,QAAA,GAAG,CAAC,8BAA8B,EAAE,EAAE,SAAS,EAAE,CAAC;AAClD,QAAA,OAAO,wBAAwB;IACjC;AAEA,IAAA,MAAM,uBAAuB,GAAG,MAAM,iBAAiB,CAAC;QACtD,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,KAAK;AACN,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;AAC3B,QAAA,GAAG,CAAC,8BAA8B,EAAE,EAAE,SAAS,EAAE,CAAC;AAClD,QAAA,OAAO,uBAAuB;IAChC;IAEA,IAAI,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,IAAI,gBAAgB,EAAE;AAC1D,QAAA,GAAG,CAAC,gCAAgC,EAAE,EAAE,SAAS,EAAE,CAAC;AACpD,QAAA,OAAO,YAAY;IACrB;IAEA,MAAM,WAAW,GAAG,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,QAAQ,CAAC;IACnE,GAAG,CAAC,wBAAwB,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;AACnE,IAAA,MAAM,kBAAkB,GAAG,MAAM,YAAY,CAAC;QAC5C,WAAW;QACX,aAAa;QACb,WAAW;QACX,QAAQ;QACR,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,OAAO;AACR,KAAA,CAAC;IACF,IAAI,kBAAkB,EAAE;QACtB,GAAG,CAAC,0BAA0B,EAAE;YAC9B,SAAS;AACT,YAAA,UAAU,EAAE,kBAAkB,CAAC,MAAM,KAAK,GAAG;AAC9C,SAAA,CAAC;AACF,QAAA,OAAO,kBAAkB;IAC3B;AAEA,IAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;IAC1D,MAAM,aAAa,GAAG,cAAc,CAAC;AACnC,QAAA,kBAAkB,EAAE,YAAY,CAAC,IAAI,CAAC;AACpC,YAAA,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;AACzB,aAAA;SACF,CAAC;QACF,YAAY;AACb,KAAA,CAAC;IACF,aAAa,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC;AACrD,IAAA,OAAO,aAAa;AACtB;;;;"}
|
|
@@ -1,14 +1,12 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
2
|
import { Auth0Config } from 'src/types';
|
|
3
|
-
export declare const handleCrossDomainLogout: ({
|
|
4
|
-
requestId: string;
|
|
3
|
+
export declare const handleCrossDomainLogout: ({ host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }: {
|
|
5
4
|
host: string;
|
|
6
5
|
protocol: string;
|
|
7
6
|
request: NextRequest;
|
|
8
7
|
auth0Config: Auth0Config;
|
|
9
8
|
}) => NextResponse | void;
|
|
10
|
-
export declare const deleteRelatedSessionCookies: ({
|
|
11
|
-
requestId: string;
|
|
9
|
+
export declare const deleteRelatedSessionCookies: ({ host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }: {
|
|
12
10
|
host: string;
|
|
13
11
|
request: NextRequest;
|
|
14
12
|
response: NextResponse;
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { NextResponse } from 'next/server';
|
|
2
2
|
import debug from 'debug';
|
|
3
|
+
import { getOrCreateRequestId } from './requestId.js';
|
|
3
4
|
|
|
4
5
|
const log = debug('@smg-automotive/auth:logout');
|
|
5
6
|
const validateReturnTo = ({ pathOrUrl, host, protocol, otherDomainHost, crossDomainLogout, }) => {
|
|
@@ -43,9 +44,10 @@ const getOtherDomainHost = (currentHost) => {
|
|
|
43
44
|
}
|
|
44
45
|
return currentHost;
|
|
45
46
|
};
|
|
46
|
-
const handleCrossDomainLogout = ({
|
|
47
|
+
const handleCrossDomainLogout = ({ host, protocol, request, auth0Config: { languageConfig, logoutEndpoint }, }) => {
|
|
47
48
|
if (request.nextUrl.pathname !== logoutEndpoint)
|
|
48
49
|
return;
|
|
50
|
+
const requestId = getOrCreateRequestId(request);
|
|
49
51
|
log('Handling logout request', { requestId, host, protocol });
|
|
50
52
|
const searchParams = new URLSearchParams(request.nextUrl.search);
|
|
51
53
|
const specifiedReturnTo = searchParams.get('returnTo') || '';
|
|
@@ -102,9 +104,10 @@ const getLegacyCookieDomain = (hostname) => {
|
|
|
102
104
|
const base = parts.slice(-2).join('.');
|
|
103
105
|
return `.${base}`;
|
|
104
106
|
};
|
|
105
|
-
const deleteRelatedSessionCookies = ({
|
|
107
|
+
const deleteRelatedSessionCookies = ({ host, request, response, auth0Config: { logoutEndpoint, authCookieNames, legacyAccessTokenName, legacyRefreshTokenName, }, }) => {
|
|
106
108
|
if (request.nextUrl.pathname !== logoutEndpoint || !response)
|
|
107
109
|
return;
|
|
110
|
+
const requestId = getOrCreateRequestId(request);
|
|
108
111
|
const cookiesToDelete = authCookieNames.flatMap((cookieName) => [
|
|
109
112
|
cookieName,
|
|
110
113
|
`${cookieName}__0`,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logout.js","sources":["../../../../../src/server/middleware/logout.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"logout.js","sources":["../../../../../src/server/middleware/logout.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;AAOA,MAAM,GAAG,GAAG,KAAK,CAAC,6BAA6B,CAAC;AAEhD,MAAM,gBAAgB,GAAG,CAAC,EACxB,SAAS,EACT,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,iBAAiB,GAOlB,KAAI;IACH,IAAI,OAAO,SAAS,KAAK,QAAQ;AAAE,QAAA,OAAO,KAAK;AAC/C,IAAA,IAAI,SAAS,CAAC,MAAM,GAAG,IAAI;AAAE,QAAA,OAAO,KAAK;AAEzC,IAAA,IAAI;AACF,QAAA,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,SAAS,CAAC;QACtD,MAAM,KAAK,GAAG,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC;QACjD,MAAM,eAAe,GAAG,IAAI,GAAG,CAC7B,KAAK,GAAG,gBAAgB,GAAG,GAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,CAAA,EAAG,gBAAgB,CAAA,CAAE,CACtE;AACD,QAAA,MAAM,WAAW,GAAG,eAAe,CAAC,QAAQ;AAE5C,QAAA,IACE,iBAAiB;YACjB,KAAK;AACL,YAAA,eAAe,CAAC,IAAI,KAAK,eAAe,EACxC;AACA,YAAA,OAAO,KAAK;QACd;QAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,CAAC,IAAI,KAAK,IAAI,EAAE;AACvD,YAAA,OAAO,KAAK;QACd;AAEA,QAAA,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;AAChE,YAAA,OAAO,KAAK;QACd;;;QAIA,MAAM,eAAe,GAAG,yBAAyB;AACjD,QAAA,OAAO,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC;IAC1C;IAAE,OAAO,KAAK,EAAE;;AAEd,QAAA,OAAO,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,CAAC;AACjD,QAAA,OAAO,KAAK;IACd;AACF,CAAC;AAED,MAAM,kBAAkB,GAAG,CAAC,WAAmB,KAAY;AACzD,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvC,OAAO,WAAW,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC;IAC1D;AACA,IAAA,OAAO,WAAW;AACpB,CAAC;MAEY,uBAAuB,GAAG,CAAC,EACtC,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,WAAW,EAAE,EAAE,cAAc,EAAE,cAAc,EAAE,GAMhD,KAAyB;AACxB,IAAA,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,cAAc;QAAE;AAEjD,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;IAC/C,GAAG,CAAC,yBAAyB,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAC7D,MAAM,YAAY,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC;IAEhE,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE;IAC5D,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CAAC,aAAa,CAAC,KAAK,MAAM;IACpE,GAAG,CAAC,mBAAmB,EAAE,EAAE,SAAS,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,CAAC;AAE7E,IAAA,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,CAAC;AAChD,IAAA,MAAM,gBAAgB,GAAG,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,EAAE;IAChD,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC;AACzC,IAAA,IAAI,QAAQ,GAAG,MAAM,GAAG,CAAA,CAAA,EAAI,MAAM,CAAA,CAAE,GAAG,CAAA,CAAA,EAAI,cAAc,CAAC,OAAO,EAAE;IACnE,MAAM,UAAU,GAAG,gBAAgB,CAAC;QAClC,QAAQ;QACR,IAAI;QACJ,eAAe;AACf,QAAA,SAAS,EAAE,iBAAiB;QAC5B,iBAAiB;AAClB,KAAA,CAAC;IACF,GAAG,CAAC,qBAAqB,EAAE,EAAE,SAAS,EAAE,UAAU,EAAE,iBAAiB,EAAE,CAAC;AACxE,IAAA,IAAI,UAAU,IAAI,iBAAiB,EAAE;QACnC,QAAQ,GAAG,iBAAiB;IAC9B;IAEA,IAAI,CAAC,iBAAiB,IAAI,eAAe,IAAI,eAAe,KAAK,IAAI,EAAE;QACrE,GAAG,CAAC,gCAAgC,EAAE,EAAE,SAAS,EAAE,eAAe,EAAE,CAAC;QACrE,MAAM,sBAAsB,GAAG,IAAI,GAAG,CAAC,cAAc,EAAE,gBAAgB,CAAC;QACxE,sBAAsB,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC;QAC7D,sBAAsB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC;AAE9D,QAAA,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAClC,cAAc,EACd,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,eAAe,CAAA,CAAE,CACnC;QACD,oBAAoB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC;AAC5D,QAAA,oBAAoB,CAAC,YAAY,CAAC,GAAG,CACnC,UAAU,EACV,sBAAsB,CAAC,QAAQ,EAAE,CAClC;QAED,GAAG,CAAC,wCAAwC,EAAE;YAC5C,SAAS;YACT,eAAe;AACf,YAAA,SAAS,EAAE,sBAAsB,CAAC,QAAQ,EAAE;AAC7C,SAAA,CAAC;AACF,QAAA,OAAO,YAAY,CAAC,QAAQ,CAAC,oBAAoB,EAAE;AACjD,YAAA,MAAM,EAAE,GAAG;AACZ,SAAA,CAAC;IACJ;IAEA,IAAI,aAAa,GAAG,KAAK;AACzB,IAAA,IAAI;AACF,QAAA,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC;AACpD,QAAA,aAAa,GAAG,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC;IACpD;IAAE,OAAO,KAAK,EAAE;;AAEd,QAAA,OAAO,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,CAAC;IACjD;AAEA,IAAA,YAAY,CAAC,GAAG,CACd,UAAU,EACV,aAAa,GAAG,QAAQ,GAAG,CAAA,EAAG,gBAAgB,GAAG,QAAQ,CAAA,CAAE,CAC5D;IACD,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,YAAY,CAAC,QAAQ,EAAE;AAClD;AAEA,MAAM,qBAAqB,GAAG,CAAC,QAAgB,KAAI;IACjD,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC;AACjC,IAAA,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAE;AAE3C,IAAA,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;IACtC,OAAO,CAAA,CAAA,EAAI,IAAI,CAAA,CAAE;AACnB,CAAC;AAEM,MAAM,2BAA2B,GAAG,CAAC,EAC1C,IAAI,EACJ,OAAO,EACP,QAAQ,EACR,WAAW,EAAE,EACX,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,sBAAsB,GACvB,GAMF,KAAI;IACH,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,cAAc,IAAI,CAAC,QAAQ;QAAE;AAE9D,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;IAC/C,MAAM,eAAe,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC,UAAU,KAAK;QAC9D,UAAU;AACV,QAAA,CAAA,EAAG,UAAU,CAAA,GAAA,CAAK;AAClB,QAAA,CAAA,EAAG,UAAU,CAAA,GAAA,CAAK;AACnB,KAAA,CAAC;IACF,GAAG,CAAC,0BAA0B,EAAE;QAC9B,SAAS;QACT,IAAI;AACJ,QAAA,OAAO,EAAE,eAAe;AACzB,KAAA,CAAC;AACF,IAAA,eAAe,CAAC,OAAO,CAAC,CAAC,UAAU,KAAI;AACrC,QAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,YAAA,IAAI,EAAE,UAAU;AAChB,YAAA,MAAM,EAAE,CAAC;AACT,YAAA,IAAI,EAAE,GAAG;AACV,SAAA,CAAC;AACJ,IAAA,CAAC,CAAC;AAEF,IAAA,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,IAAI,CAAC;IACtD,GAAG,CAAC,yBAAyB,EAAE;QAC7B,SAAS;AACT,QAAA,OAAO,EAAE,CAAC,qBAAqB,EAAE,sBAAsB,CAAC;QACxD,kBAAkB;AACnB,KAAA,CAAC;AACF,IAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,QAAA,IAAI,EAAE,qBAAqB;AAC3B,QAAA,MAAM,EAAE,CAAC;AACT,QAAA,IAAI,EAAE,GAAG;AACT,QAAA,MAAM,EAAE,kBAAkB;AAC3B,KAAA,CAAC;AACF,IAAA,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;AACtB,QAAA,IAAI,EAAE,sBAAsB;AAC5B,QAAA,MAAM,EAAE,CAAC;AACT,QAAA,IAAI,EAAE,GAAG;AACT,QAAA,MAAM,EAAE,kBAAkB;AAC3B,KAAA,CAAC;AACF,IAAA,GAAG,CAAC,6BAA6B,EAAE,EAAE,SAAS,EAAE,CAAC;AACnD;;;;"}
|
|
@@ -1,8 +1,7 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
2
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
3
3
|
import { Auth0Config } from 'src/types/auth0/config';
|
|
4
|
-
export declare const proactivelyRefreshAccessToken: ({
|
|
5
|
-
requestId: string;
|
|
4
|
+
export declare const proactivelyRefreshAccessToken: ({ request, response, auth0Instance, auth0Config, }: {
|
|
6
5
|
request: NextRequest;
|
|
7
6
|
response: NextResponse;
|
|
8
7
|
auth0Instance: Auth0Client;
|
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
import debug from 'debug';
|
|
2
|
+
import { getOrCreateRequestId } from './requestId.js';
|
|
2
3
|
|
|
3
4
|
const log = debug('@smg-automotive/auth:token');
|
|
4
|
-
const proactivelyRefreshAccessToken = async ({
|
|
5
|
+
const proactivelyRefreshAccessToken = async ({ request, response, auth0Instance, auth0Config, }) => {
|
|
6
|
+
const requestId = getOrCreateRequestId(request);
|
|
5
7
|
log('Checking if token refresh is needed', { requestId });
|
|
6
8
|
const session = await auth0Instance.getSession(request);
|
|
7
9
|
const expiresAt = session?.tokenSet.expiresAt || 0;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAQA,MAAM,GAAG,GAAG,KAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,6BAA6B,GAAG,OAAO,EAClD,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,GAMZ,KAAmD;AAClD,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;AAC/C,IAAA,GAAG,CAAC,qCAAqC,EAAE,EAAE,SAAS,EAAE,CAAC;IACzD,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,MAAM,SAAS,GAAG,OAAO,EAAE,QAAQ,CAAC,SAAS,IAAI,CAAC;IAClD,MAAM,gBAAgB,GAAG,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI;AACtD,IAAA,MAAM,aAAa,GACjB,WAAW,CAAC,sBAAsB,IAAI,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,EAAE;IAE1E,GAAG,CAAC,wBAAwB,EAAE;QAC5B,SAAS;QACT,aAAa;AACb,QAAA,gBAAgB,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC;QAC9C,iBAAiB,EAAE,WAAW,CAAC,sBAAsB;QACrD,UAAU,EAAE,CAAC,CAAC,OAAO;AACtB,KAAA,CAAC;IAEF,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,EAAE,QAAQ,EAAE;AACnE,QAAA,OAAO,EAAE,aAAa;AACvB,KAAA,CAAC;IAEF,GAAG,CAAC,wBAAwB,EAAE;QAC5B,SAAS;QACT,SAAS,EAAE,MAAM,CAAC,SAAS;AAC3B,QAAA,WAAW,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM;AACjC,KAAA,CAAC;AAEF,IAAA,OAAO,MAAM;AACf;;;;"}
|
|
@@ -2,8 +2,7 @@ import { NextRequest, NextResponse } from 'next/server';
|
|
|
2
2
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
3
3
|
import { Brand } from 'src/types/brand';
|
|
4
4
|
import { Auth0Config } from 'src/types';
|
|
5
|
-
export declare const handleUserProfile: ({
|
|
6
|
-
requestId: string;
|
|
5
|
+
export declare const handleUserProfile: ({ request, response, auth0Instance, auth0Config, brand, }: {
|
|
7
6
|
request: NextRequest;
|
|
8
7
|
response: NextResponse;
|
|
9
8
|
auth0Instance: Auth0Client;
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { NextResponse } from 'next/server';
|
|
2
2
|
import debug from 'debug';
|
|
3
3
|
import { enrichUser } from '../../lib/enrichUser/session.js';
|
|
4
|
+
import { getOrCreateRequestId } from './requestId.js';
|
|
4
5
|
import { proactivelyRefreshAccessToken } from './proactivelyRefreshAccessToken.js';
|
|
5
6
|
import { combineHeaders } from './combineHeaders.js';
|
|
6
7
|
import { combineCookies } from './combineCookies.js';
|
|
@@ -13,9 +14,10 @@ const responseHeaders = {
|
|
|
13
14
|
Pragma: 'no-cache',
|
|
14
15
|
Expires: '0',
|
|
15
16
|
};
|
|
16
|
-
const handleUserProfile = async ({
|
|
17
|
+
const handleUserProfile = async ({ request, response, auth0Instance, auth0Config, brand, }) => {
|
|
17
18
|
if (request.nextUrl.pathname !== auth0Config.userProfileEndpoint)
|
|
18
19
|
return;
|
|
20
|
+
const requestId = getOrCreateRequestId(request);
|
|
19
21
|
log('Handling user profile request', { requestId, brand });
|
|
20
22
|
const session = await auth0Instance.getSession(request);
|
|
21
23
|
if (!session) {
|
|
@@ -33,7 +35,6 @@ const handleUserProfile = async ({ requestId, request, response, auth0Instance,
|
|
|
33
35
|
sellerId: user.sellerId,
|
|
34
36
|
});
|
|
35
37
|
const { token } = await proactivelyRefreshAccessToken({
|
|
36
|
-
requestId,
|
|
37
38
|
request,
|
|
38
39
|
response,
|
|
39
40
|
auth0Instance,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"profile.js","sources":["../../../../../src/server/middleware/profile.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"profile.js","sources":["../../../../../src/server/middleware/profile.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;;AAcA,MAAM,GAAG,GAAG,KAAK,CAAC,8BAA8B,CAAC;AAEjD,MAAM,eAAe,GAAG;AACtB,IAAA,IAAI,EAAE,uBAAuB;AAC7B,IAAA,eAAe,EAAE,yDAAyD;AAC1E,IAAA,MAAM,EAAE,UAAU;AAClB,IAAA,OAAO,EAAE,GAAG;CACb;AAEM,MAAM,iBAAiB,GAAG,OAAO,EACtC,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,EACX,KAAK,GAON,KAAkC;IACjC,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,WAAW,CAAC,mBAAmB;QAAE;AAElE,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;IAC/C,GAAG,CAAC,+BAA+B,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;IAC1D,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;AAC1D,QAAA,OAAO,IAAI,YAAY,CAAC,IAAI,EAAE;AAC5B,YAAA,MAAM,EAAE,GAAG;AACX,YAAA,OAAO,EAAE,eAAe;AACzB,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;AACF,QAAA,MAAM,IAAI,GAAG,OAAO,CAAC,IAAmB;QACxC,GAAG,CAAC,4CAA4C,EAAE;YAChD,SAAS;YACT,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;AACxB,SAAA,CAAC;AACF,QAAA,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,6BAA6B,CAAC;YACpD,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;AACF,QAAA,GAAG,CAAC,iCAAiC,EAAE,EAAE,SAAS,EAAE,CAAC;AACrD,QAAA,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC;YACpC,IAAI;AACJ,YAAA,WAAW,EAAE,KAAK;YAClB,KAAK;AACN,SAAA,CAAC;QAEF,GAAG,CAAC,4BAA4B,EAAE;YAChC,SAAS;YACT,MAAM,EAAE,YAAY,CAAC,MAAM;YAC3B,QAAQ,EAAE,YAAY,CAAC,QAAQ;AAC/B,YAAA,eAAe,EAAE,CAAC,CAAC,YAAY,CAAC,YAAY;AAC7C,SAAA,CAAC;QACF,MAAM,YAAY,GAAG,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC;QACpD,MAAM,2BAA2B,GAAG,cAAc,CAAC;AACjD,YAAA,kBAAkB,EAAE,YAAY;AAChC,YAAA,YAAY,EAAE,QAAQ;AACtB,YAAA,eAAe,EAAE,IAAI;AACtB,SAAA,CAAC;QACF,iBAAiB,CAAC,2BAA2B,CAAC;;AAE9C,QAAA,cAAc,CAAC;AACb,YAAA,cAAc,EAAE,QAAQ;AACxB,YAAA,cAAc,EAAE,2BAA2B;AAC5C,SAAA,CAAC;AACF,QAAA,OAAO,2BAA2B;IACpC;IAAE,OAAO,KAAc,EAAE;QACvB,GAAG,CAAC,yCAAyC,EAAE;YAC7C,SAAS;AACT,YAAA,KAAK,EAAE,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC7D,YAAA,KAAK,EAAE,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,KAAK,GAAG,SAAS;AACxD,SAAA,CAAC;QAEF,IAAI,YAAY,GAAG,oBAAoB;AACvC,QAAA,IACE,KAAK;YACL,OAAO,KAAK,KAAK,QAAQ;AACzB,YAAA,MAAM,IAAI,KAAK;AACf,YAAA,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAC9B;AACA,YAAA,YAAY,GAAG,KAAK,CAAC,IAAI;QAC3B;AAEA,QAAA,OAAO,YAAY,CAAC,IAAI,CACtB,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,EAAE,EACjC;AACE,YAAA,MAAM,EAAE,GAAG;AACX,YAAA,OAAO,EAAE,eAAe;AACzB,SAAA,CACF;IACH;AACF;;;;"}
|
|
@@ -2,8 +2,7 @@ import { NextRequest, NextResponse } from 'next/server';
|
|
|
2
2
|
import { Language } from '@smg-automotive/i18n-pkg';
|
|
3
3
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
4
4
|
import { Auth0Config } from 'src/types';
|
|
5
|
-
export declare const protectRoute: ({
|
|
6
|
-
requestId: string;
|
|
5
|
+
export declare const protectRoute: ({ isProtected, auth0Instance, auth0Config, language, request, response, onError, }: {
|
|
7
6
|
isProtected: boolean;
|
|
8
7
|
auth0Instance: Auth0Client;
|
|
9
8
|
auth0Config: Auth0Config;
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { NextResponse } from 'next/server';
|
|
2
2
|
import debug from 'debug';
|
|
3
3
|
import { getLoginLink } from '../../lib/authLinks.js';
|
|
4
|
+
import { getOrCreateRequestId } from './requestId.js';
|
|
4
5
|
import { proactivelyRefreshAccessToken } from './proactivelyRefreshAccessToken.js';
|
|
5
6
|
|
|
6
7
|
const log = debug('@smg-automotive/auth:protectRoute');
|
|
@@ -14,7 +15,8 @@ const redirectToLogin = ({ auth0Config, language, returnTo, origin, }) => {
|
|
|
14
15
|
status: 307,
|
|
15
16
|
});
|
|
16
17
|
};
|
|
17
|
-
const protectRoute = async ({
|
|
18
|
+
const protectRoute = async ({ isProtected, auth0Instance, auth0Config, language, request, response, onError, }) => {
|
|
19
|
+
const requestId = getOrCreateRequestId(request);
|
|
18
20
|
const { pathname, search, origin } = request.nextUrl;
|
|
19
21
|
log('Checking route protection', { requestId, pathname, isProtected });
|
|
20
22
|
const session = await auth0Instance.getSession(request);
|
|
@@ -41,7 +43,6 @@ const protectRoute = async ({ requestId, isProtected, auth0Instance, auth0Config
|
|
|
41
43
|
try {
|
|
42
44
|
log('Refreshing token for protected route', { requestId });
|
|
43
45
|
await proactivelyRefreshAccessToken({
|
|
44
|
-
requestId,
|
|
45
46
|
request,
|
|
46
47
|
response,
|
|
47
48
|
auth0Instance,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;AAYA,MAAM,GAAG,GAAG,KAAK,CAAC,mCAAmC,CAAC;AAEtD,MAAM,eAAe,GAAG,CAAC,EACvB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,GAMP,KAAkB;IACjB,MAAM,QAAQ,GAAG,YAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;AACT,KAAA,CAAC;IAEF,OAAO,YAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ,CAAC;MAEY,YAAY,GAAG,OAAO,EACjC,WAAW,EACX,aAAa,EACb,WAAW,EACX,QAAQ,EACR,OAAO,EACP,QAAQ,EACR,OAAO,GASR,KAAkC;AACjC,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;IAC/C,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;IACpD,GAAG,CAAC,2BAA2B,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;IAEtE,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,GAAG,CAAC,eAAe,EAAE;QACnB,SAAS;QACT,UAAU,EAAE,CAAC,CAAC,OAAO;AACrB,QAAA,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,IAAI;AACzB,KAAA,CAAC;IAEF,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClC,QAAA,GAAG,CAAC,mDAAmD,EAAE,EAAE,SAAS,EAAE,CAAC;AACvE,QAAA,OAAO,QAAQ;IACjB;AAEA,IAAA,IAAI,CAAC,OAAO,IAAI,WAAW,EAAE;QAC3B,GAAG,CAAC,uDAAuD,EAAE;YAC3D,SAAS;AACV,SAAA,CAAC;AACF,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;AAC1D,QAAA,MAAM,6BAA6B,CAAC;YAClC,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;AACF,QAAA,GAAG,CAAC,+CAA+C,EAAE,EAAE,SAAS,EAAE,CAAC;IACrE;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,0CAA0C,EAAE;YAC9C,SAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AAEpB,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AACF;;;;"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { NextRequest } from 'next/server';
|
|
2
|
+
export declare const requestIdHeader = "x-automotive-request-id";
|
|
3
|
+
/**
|
|
4
|
+
* Reads the request ID from the request header.
|
|
5
|
+
* Returns undefined if not present.
|
|
6
|
+
*/
|
|
7
|
+
export declare const getRequestId: (request: NextRequest) => string | undefined;
|
|
8
|
+
export declare const getOrCreateRequestId: (request: NextRequest) => string;
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
const requestIdHeader = 'x-automotive-request-id';
|
|
2
|
+
const generateRequestId = () => {
|
|
3
|
+
// UUID v4 format: xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx
|
|
4
|
+
// where x is any hex digit and y is one of 8, 9, A, B
|
|
5
|
+
return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, (c) => {
|
|
6
|
+
// eslint-disable-next-line sonarjs/pseudo-random
|
|
7
|
+
const r = (Math.random() * 16) | 0;
|
|
8
|
+
const v = c === 'x' ? r : (r & 0x3) | 0x8;
|
|
9
|
+
return v.toString(16);
|
|
10
|
+
});
|
|
11
|
+
};
|
|
12
|
+
const getRequestIdFromHeader = (request) => {
|
|
13
|
+
return request.headers.get(requestIdHeader) || undefined;
|
|
14
|
+
};
|
|
15
|
+
const getOrCreateRequestId = (request) => {
|
|
16
|
+
const idFromHeader = getRequestIdFromHeader(request);
|
|
17
|
+
if (idFromHeader) {
|
|
18
|
+
return idFromHeader;
|
|
19
|
+
}
|
|
20
|
+
const newId = generateRequestId();
|
|
21
|
+
request.headers.set(requestIdHeader, newId);
|
|
22
|
+
return newId;
|
|
23
|
+
};
|
|
24
|
+
|
|
25
|
+
export { getOrCreateRequestId, requestIdHeader };
|
|
26
|
+
//# sourceMappingURL=requestId.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"requestId.js","sources":["../../../../../src/server/middleware/requestId.ts"],"sourcesContent":[null],"names":[],"mappings":"AAEO,MAAM,eAAe,GAAG;AAE/B,MAAM,iBAAiB,GAAG,MAAa;;;IAGrC,OAAO,sCAAsC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,KAAI;;AAEnE,QAAA,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC;AAClC,QAAA,MAAM,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,IAAI,GAAG;AACzC,QAAA,OAAO,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;AACvB,IAAA,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,sBAAsB,GAAG,CAAC,OAAoB,KAAwB;IAC1E,OAAO,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,SAAS;AAC1D,CAAC;AAUM,MAAM,oBAAoB,GAAG,CAAC,OAAoB,KAAY;AACnE,IAAA,MAAM,YAAY,GAAG,sBAAsB,CAAC,OAAO,CAAC;IAEpD,IAAI,YAAY,EAAE;AAChB,QAAA,OAAO,YAAY;IACrB;AAEA,IAAA,MAAM,KAAK,GAAG,iBAAiB,EAAE;IACjC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,CAAC;AAC3C,IAAA,OAAO,KAAK;AACd;;;;"}
|
|
@@ -1,8 +1,7 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
2
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
3
3
|
import { Auth0Config } from 'src/types';
|
|
4
|
-
export declare const handleAccessTokenRequest: ({
|
|
5
|
-
requestId: string;
|
|
4
|
+
export declare const handleAccessTokenRequest: ({ request, response, auth0Instance, auth0Config, onError, }: {
|
|
6
5
|
request: NextRequest;
|
|
7
6
|
response: NextResponse;
|
|
8
7
|
auth0Instance: Auth0Client;
|
|
@@ -1,15 +1,17 @@
|
|
|
1
1
|
import { NextResponse } from 'next/server';
|
|
2
2
|
import debug from 'debug';
|
|
3
3
|
import { AccessTokenErrorCode } from '@auth0/nextjs-auth0/errors';
|
|
4
|
+
import { getOrCreateRequestId } from './requestId.js';
|
|
4
5
|
import { proactivelyRefreshAccessToken } from './proactivelyRefreshAccessToken.js';
|
|
5
6
|
import { combineHeaders } from './combineHeaders.js';
|
|
6
7
|
import { combineCookies } from './combineCookies.js';
|
|
7
8
|
import { addCachingHeaders } from './addCachingHeaders.js';
|
|
8
9
|
|
|
9
10
|
const log = debug('@smg-automotive/auth:token');
|
|
10
|
-
const handleAccessTokenRequest = async ({
|
|
11
|
+
const handleAccessTokenRequest = async ({ request, response, auth0Instance, auth0Config, onError, }) => {
|
|
11
12
|
if (request.nextUrl.pathname !== auth0Config.tokenEndpoint)
|
|
12
13
|
return;
|
|
14
|
+
const requestId = getOrCreateRequestId(request);
|
|
13
15
|
log('Handling access token request', {
|
|
14
16
|
requestId,
|
|
15
17
|
pathname: request.nextUrl.pathname,
|
|
@@ -29,7 +31,6 @@ const handleAccessTokenRequest = async ({ requestId, request, response, auth0Ins
|
|
|
29
31
|
try {
|
|
30
32
|
log('Refreshing access token', { requestId });
|
|
31
33
|
const { token, expiresAt } = await proactivelyRefreshAccessToken({
|
|
32
|
-
requestId,
|
|
33
34
|
request,
|
|
34
35
|
response,
|
|
35
36
|
auth0Instance,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token.js","sources":["../../../../../src/server/middleware/token.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"token.js","sources":["../../../../../src/server/middleware/token.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;;AAaA,MAAM,GAAG,GAAG,KAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,wBAAwB,GAAG,OAAO,EAC7C,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,EACX,OAAO,GAOR,KAAkC;IACjC,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,WAAW,CAAC,aAAa;QAAE;AAE5D,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;IAC/C,GAAG,CAAC,+BAA+B,EAAE;QACnC,SAAS;AACT,QAAA,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ;AACnC,KAAA,CAAC;IACF,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,GAAG,CAAC,yCAAyC,EAAE,EAAE,SAAS,EAAE,CAAC;QAC7D,OAAO,YAAY,CAAC,IAAI,CACtB;AACE,YAAA,KAAK,EAAE;AACL,gBAAA,OAAO,EAAE,2CAA2C;gBACpD,IAAI,EAAE,oBAAoB,CAAC,eAAe;AAC3C,aAAA;SACF,EACD;AACE,YAAA,MAAM,EAAE,GAAG;AACZ,SAAA,CACF;IACH;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,yBAAyB,EAAE,EAAE,SAAS,EAAE,CAAC;QAC7C,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,MAAM,6BAA6B,CAAC;YAC/D,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;QACF,GAAG,CAAC,qCAAqC,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;AACpE,QAAA,MAAM,aAAa,GAAG,YAAY,CAAC,IAAI,CAAC;YACtC,KAAK;YACL,SAAS;AACV,SAAA,CAAC;QACF,MAAM,2BAA2B,GAAG,cAAc,CAAC;AACjD,YAAA,kBAAkB,EAAE,aAAa;AACjC,YAAA,YAAY,EAAE,QAAQ;AACtB,YAAA,eAAe,EAAE,IAAI;AACtB,SAAA,CAAC;QACF,iBAAiB,CAAC,2BAA2B,CAAC;;AAE9C,QAAA,cAAc,CAAC;AACb,YAAA,cAAc,EAAE,QAAQ;AACxB,YAAA,cAAc,EAAE,2BAA2B;AAC5C,SAAA,CAAC;AACF,QAAA,OAAO,2BAA2B;IACpC;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,4BAA4B,EAAE;YAChC,SAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AACpB,QAAA,OAAO,YAAY,CAAC,IAAI,CACtB,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,EAC/D,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB;IACH;AACF;;;;"}
|