@smg-automotive/auth 8.2.4 → 8.3.0-lschuerch-FED-782-sync-tenant.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/server/helpers/redirectToLogin.d.ts +11 -0
- package/dist/cjs/server/helpers/redirectToLogin.js +20 -0
- package/dist/cjs/server/helpers/redirectToLogin.js.map +1 -0
- package/dist/cjs/server/middleware/crossApplicationStateSynchronization.d.ts +10 -0
- package/dist/cjs/server/middleware/crossApplicationStateSynchronization.js +48 -0
- package/dist/cjs/server/middleware/crossApplicationStateSynchronization.js.map +1 -0
- package/dist/cjs/server/middleware/index.js +17 -0
- package/dist/cjs/server/middleware/index.js.map +1 -1
- package/dist/cjs/server/middleware/protectRoute.js +3 -14
- package/dist/cjs/server/middleware/protectRoute.js.map +1 -1
- package/dist/esm/server/helpers/redirectToLogin.d.ts +11 -0
- package/dist/esm/server/helpers/redirectToLogin.js +18 -0
- package/dist/esm/server/helpers/redirectToLogin.js.map +1 -0
- package/dist/esm/server/middleware/crossApplicationStateSynchronization.d.ts +10 -0
- package/dist/esm/server/middleware/crossApplicationStateSynchronization.js +46 -0
- package/dist/esm/server/middleware/crossApplicationStateSynchronization.js.map +1 -0
- package/dist/esm/server/middleware/index.js +17 -0
- package/dist/esm/server/middleware/index.js.map +1 -1
- package/dist/esm/server/middleware/protectRoute.js +1 -12
- package/dist/esm/server/middleware/protectRoute.js.map +1 -1
- package/package.json +1 -1
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { NextResponse } from 'next/server';
|
|
2
|
+
import { Language } from '@smg-automotive/i18n-pkg';
|
|
3
|
+
import { Auth0Config } from 'src/types';
|
|
4
|
+
export declare const redirectToLogin: ({ auth0Config, language, returnTo, origin, selectedSellerId, impersonateSellerId, }: {
|
|
5
|
+
auth0Config: Auth0Config;
|
|
6
|
+
language: Language;
|
|
7
|
+
returnTo: string;
|
|
8
|
+
origin: string;
|
|
9
|
+
selectedSellerId?: string;
|
|
10
|
+
impersonateSellerId?: string;
|
|
11
|
+
}) => NextResponse;
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var server = require('next/server');
|
|
4
|
+
var authLinks = require('../../lib/authLinks.js');
|
|
5
|
+
|
|
6
|
+
const redirectToLogin = ({ auth0Config, language, returnTo, origin, selectedSellerId, impersonateSellerId, }) => {
|
|
7
|
+
const loginUrl = authLinks.getLoginLink({
|
|
8
|
+
auth0Config,
|
|
9
|
+
language,
|
|
10
|
+
returnTo,
|
|
11
|
+
selectedSellerId,
|
|
12
|
+
impersonateSellerId,
|
|
13
|
+
});
|
|
14
|
+
return server.NextResponse.redirect(new URL(loginUrl, origin), {
|
|
15
|
+
status: 307,
|
|
16
|
+
});
|
|
17
|
+
};
|
|
18
|
+
|
|
19
|
+
exports.redirectToLogin = redirectToLogin;
|
|
20
|
+
//# sourceMappingURL=redirectToLogin.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"redirectToLogin.js","sources":["../../../../../src/server/helpers/redirectToLogin.ts"],"sourcesContent":[null],"names":["getLoginLink","NextResponse"],"mappings":";;;;;AAMO,MAAM,eAAe,GAAG,CAAC,EAC9B,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,EACN,gBAAgB,EAChB,mBAAmB,GAQpB,KAAkB;IACjB,MAAM,QAAQ,GAAGA,sBAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;QACR,gBAAgB;QAChB,mBAAmB;AACpB,KAAA,CAAC;IAEF,OAAOC,mBAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ;;;;"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { NextRequest, NextResponse } from 'next/server';
|
|
2
|
+
import { Language } from '@smg-automotive/i18n-pkg';
|
|
3
|
+
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
4
|
+
import { Auth0Config } from 'src/types';
|
|
5
|
+
export declare const crossApplicationStateSynchronization: ({ request, language, auth0Instance, auth0Config, }: {
|
|
6
|
+
request: NextRequest;
|
|
7
|
+
language: Language;
|
|
8
|
+
auth0Instance: Auth0Client;
|
|
9
|
+
auth0Config: Auth0Config;
|
|
10
|
+
}) => Promise<NextResponse | null>;
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var redirectToLogin = require('../helpers/redirectToLogin.js');
|
|
4
|
+
|
|
5
|
+
const crossApplicationStateSynchronization = async ({ request, language, auth0Instance, auth0Config, }) => {
|
|
6
|
+
const session = await auth0Instance.getSession(request);
|
|
7
|
+
const { pathname, search, origin } = request.nextUrl;
|
|
8
|
+
if (!session?.user) {
|
|
9
|
+
return null;
|
|
10
|
+
}
|
|
11
|
+
const impersonatedSellerIdFromCookie = request.cookies.get(auth0Config.impersonatedSellerIdCookie.name)?.value;
|
|
12
|
+
console.log('impersonatedSellerIdFromCookie', impersonatedSellerIdFromCookie);
|
|
13
|
+
console.log('!session?.user', session?.user);
|
|
14
|
+
if (!session?.user.isMultiTenantUser && !impersonatedSellerIdFromCookie) {
|
|
15
|
+
console.log('User is not multi-tenant and no impersonation, no action needed');
|
|
16
|
+
return null;
|
|
17
|
+
}
|
|
18
|
+
let impersonateSellerId;
|
|
19
|
+
if (session.user.sellerId !== impersonatedSellerIdFromCookie) {
|
|
20
|
+
console.log('Impersonated seller ID out of sync, redirecting to login to resync');
|
|
21
|
+
impersonateSellerId = impersonatedSellerIdFromCookie;
|
|
22
|
+
}
|
|
23
|
+
console.log('!session?.user', session?.user);
|
|
24
|
+
const sellerIdFromCookie = request.cookies.get(auth0Config.selectedSellerIdCookie.name)?.value;
|
|
25
|
+
let selectedSellerId;
|
|
26
|
+
if (session.user.sellerId !== sellerIdFromCookie && !impersonateSellerId) {
|
|
27
|
+
console.log('Selected seller ID out of sync, redirecting to login to resync');
|
|
28
|
+
selectedSellerId = sellerIdFromCookie;
|
|
29
|
+
}
|
|
30
|
+
console.log('!sellerIdFromCookie', sellerIdFromCookie);
|
|
31
|
+
if (!selectedSellerId && !impersonateSellerId) {
|
|
32
|
+
console.log('All in sync, no action needed');
|
|
33
|
+
return null;
|
|
34
|
+
}
|
|
35
|
+
console.log('Redirecting to login for resynchronization');
|
|
36
|
+
console.log(redirectToLogin.redirectToLogin);
|
|
37
|
+
return redirectToLogin.redirectToLogin({
|
|
38
|
+
auth0Config,
|
|
39
|
+
language,
|
|
40
|
+
returnTo: `${pathname}${search}`,
|
|
41
|
+
origin,
|
|
42
|
+
impersonateSellerId,
|
|
43
|
+
selectedSellerId,
|
|
44
|
+
});
|
|
45
|
+
};
|
|
46
|
+
|
|
47
|
+
exports.crossApplicationStateSynchronization = crossApplicationStateSynchronization;
|
|
48
|
+
//# sourceMappingURL=crossApplicationStateSynchronization.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"crossApplicationStateSynchronization.js","sources":["../../../../../src/server/middleware/crossApplicationStateSynchronization.ts"],"sourcesContent":[null],"names":["redirectToLogin"],"mappings":";;;;AASO,MAAM,oCAAoC,GAAG,OAAO,EACzD,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,GAMZ,KAAkC;IACjC,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;AAEpD,IAAA,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClB,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,8BAA8B,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CACxD,WAAW,CAAC,0BAA0B,CAAC,IAAI,CAC5C,EAAE,KAAK;AAER,IAAA,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,8BAA8B,CAAC;IAC7E,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,OAAO,EAAE,IAAI,CAAC;IAE5C,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,iBAAiB,IAAI,CAAC,8BAA8B,EAAE;AACvE,QAAA,OAAO,CAAC,GAAG,CACT,iEAAiE,CAClE;AACD,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,IAAI,mBAAuC;IAC3C,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,KAAK,8BAA8B,EAAE;AAC5D,QAAA,OAAO,CAAC,GAAG,CACT,oEAAoE,CACrE;QACD,mBAAmB,GAAG,8BAA8B;IACtD;IAEA,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,OAAO,EAAE,IAAI,CAAC;AAE5C,IAAA,MAAM,kBAAkB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAC5C,WAAW,CAAC,sBAAsB,CAAC,IAAI,CACxC,EAAE,KAAK;AACR,IAAA,IAAI,gBAAoC;IACxC,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,KAAK,kBAAkB,IAAI,CAAC,mBAAmB,EAAE;AACxE,QAAA,OAAO,CAAC,GAAG,CACT,gEAAgE,CACjE;QACD,gBAAgB,GAAG,kBAAkB;IACvC;AAEA,IAAA,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,kBAAkB,CAAC;AAEtD,IAAA,IAAI,CAAC,gBAAgB,IAAI,CAAC,mBAAmB,EAAE;AAC7C,QAAA,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC;AAC5C,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC;AAEzD,IAAA,OAAO,CAAC,GAAG,CAACA,+BAAe,CAAC;AAC5B,IAAA,OAAOA,+BAAe,CAAC;QACrB,WAAW;QACX,QAAQ;AACR,QAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;QAChC,MAAM;QACN,mBAAmB;QACnB,gBAAgB;AACjB,KAAA,CAAC;AACJ;;;;"}
|
|
@@ -10,6 +10,7 @@ var protectRoute = require('./protectRoute.js');
|
|
|
10
10
|
var profile = require('./profile.js');
|
|
11
11
|
var logout = require('./logout.js');
|
|
12
12
|
var login = require('./login.js');
|
|
13
|
+
var crossApplicationStateSynchronization = require('./crossApplicationStateSynchronization.js');
|
|
13
14
|
var combineHeaders = require('./combineHeaders.js');
|
|
14
15
|
|
|
15
16
|
function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e : { default: e }; }
|
|
@@ -55,6 +56,7 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
55
56
|
log('Cross-domain logout detected, redirecting', { requestId: requestId$1 });
|
|
56
57
|
return crossDomainLogoutResult;
|
|
57
58
|
}
|
|
59
|
+
// Login endpoint - /api/auth/login
|
|
58
60
|
login.addLoginParams({
|
|
59
61
|
request,
|
|
60
62
|
auth0Config,
|
|
@@ -63,12 +65,14 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
63
65
|
const authResponse = await auth0Instance.middleware(request);
|
|
64
66
|
authResponse.headers.set(requestId.requestIdHeader, requestId$1);
|
|
65
67
|
log('Auth0 middleware completed', { requestId: requestId$1, status: authResponse.status });
|
|
68
|
+
// Logout endpoint - api/auth/logout
|
|
66
69
|
logout.deleteRelatedSessionCookies({
|
|
67
70
|
host,
|
|
68
71
|
request,
|
|
69
72
|
response: authResponse,
|
|
70
73
|
auth0Config,
|
|
71
74
|
});
|
|
75
|
+
// Access token handling - /api/auth/access-token
|
|
72
76
|
const accessTokenRequestResult = await token.handleAccessTokenRequest({
|
|
73
77
|
request,
|
|
74
78
|
response: authResponse,
|
|
@@ -80,6 +84,7 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
80
84
|
log('Access token request handled', { requestId: requestId$1 });
|
|
81
85
|
return accessTokenRequestResult;
|
|
82
86
|
}
|
|
87
|
+
// User profile handling - /api/auth/profile
|
|
83
88
|
const handleUserProfileResult = await profile.handleUserProfile({
|
|
84
89
|
request,
|
|
85
90
|
response: authResponse,
|
|
@@ -91,10 +96,22 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
91
96
|
log('User profile request handled', { requestId: requestId$1 });
|
|
92
97
|
return handleUserProfileResult;
|
|
93
98
|
}
|
|
99
|
+
// Auth routes handling - /api/auth/*
|
|
94
100
|
if (isAuthRoute(pathname, auth0Config) || isAuthErrorRoute) {
|
|
95
101
|
log('Auth route, returning response', { requestId: requestId$1 });
|
|
96
102
|
return authResponse;
|
|
97
103
|
}
|
|
104
|
+
// Check if selected and impersonated seller are in sync across applications
|
|
105
|
+
const syncResponse = await crossApplicationStateSynchronization.crossApplicationStateSynchronization({
|
|
106
|
+
request,
|
|
107
|
+
language,
|
|
108
|
+
auth0Instance,
|
|
109
|
+
auth0Config,
|
|
110
|
+
});
|
|
111
|
+
if (syncResponse) {
|
|
112
|
+
return syncResponse;
|
|
113
|
+
}
|
|
114
|
+
// Protected route handling
|
|
98
115
|
const isProtected = !isAuthErrorRoute && isProtectedRoute(pathname);
|
|
99
116
|
log('Route protection check', { requestId: requestId$1, pathname, isProtected });
|
|
100
117
|
const protectRouteResult = await protectRoute.protectRoute({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":["debug","requestId","getOrCreateRequestId","getAuth0Instance","getAuth0Config","handleCrossDomainLogout","requestIdHeader","addLoginParams","deleteRelatedSessionCookies","handleAccessTokenRequest","handleUserProfile","protectRoute","combineHeaders","NextResponse"],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":["debug","requestId","getOrCreateRequestId","getAuth0Instance","getAuth0Config","handleCrossDomainLogout","requestIdHeader","addLoginParams","deleteRelatedSessionCookies","handleAccessTokenRequest","handleUserProfile","crossApplicationStateSynchronization","protectRoute","combineHeaders","NextResponse"],"mappings":";;;;;;;;;;;;;;;;;;;AAkBA,MAAM,GAAG,GAAGA,sBAAK,CAAC,iCAAiC,CAAC;AAEpD,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,KAAK,GASN,KAA2B;AAC1B,IAAA,MAAMC,WAAS,GAAGC,8BAAoB,CAAC,OAAO,CAAC;AAE/C,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO;IACpC,GAAG,CAAC,oBAAoB,EAAE;mBACxBD,WAAS;QACT,QAAQ;QACR,IAAI;QACJ,QAAQ;QACR,MAAM,EAAE,OAAO,CAAC,MAAM;AACvB,KAAA,CAAC;IAEF,MAAM,aAAa,GAAGE,iCAAgB,CAAC;QACrC,IAAI;QACJ,QAAQ;AACT,KAAA,CAAC;AAEF,IAAA,MAAM,WAAW,GAAGC,oBAAc,EAAE;IACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC3E,GAAG,CAAC,kBAAkB,EAAE,aAAEH,WAAS,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC;IAElE,MAAM,uBAAuB,GAAGI,8BAAuB,CAAC;QACtD,IAAI;QACJ,QAAQ;QACR,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;QAC3B,uBAAuB,CAAC,OAAO,CAAC,GAAG,CAACC,yBAAe,EAAEL,WAAS,CAAC;AAC/D,QAAA,GAAG,CAAC,2CAA2C,EAAE,aAAEA,WAAS,EAAE,CAAC;AAC/D,QAAA,OAAO,uBAAuB;IAChC;;AAGA,IAAAM,oBAAc,CAAC;QACb,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,GAAG,CAAC,0BAA0B,EAAE,aAAEN,WAAS,EAAE,CAAC;IAC9C,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAC5D,YAAY,CAAC,OAAO,CAAC,GAAG,CAACK,yBAAe,EAAEL,WAAS,CAAC;AACpD,IAAA,GAAG,CAAC,4BAA4B,EAAE,aAAEA,WAAS,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,EAAE,CAAC;;AAG7E,IAAAO,kCAA2B,CAAC;QAC1B,IAAI;QACJ,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,WAAW;AACZ,KAAA,CAAC;;AAGF,IAAA,MAAM,wBAAwB,GAAG,MAAMC,8BAAwB,CAAC;QAC9D,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,OAAO;AACR,KAAA,CAAC;IACF,IAAI,wBAAwB,EAAE;AAC5B,QAAA,GAAG,CAAC,8BAA8B,EAAE,aAAER,WAAS,EAAE,CAAC;AAClD,QAAA,OAAO,wBAAwB;IACjC;;AAGA,IAAA,MAAM,uBAAuB,GAAG,MAAMS,yBAAiB,CAAC;QACtD,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,KAAK;AACN,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;AAC3B,QAAA,GAAG,CAAC,8BAA8B,EAAE,aAAET,WAAS,EAAE,CAAC;AAClD,QAAA,OAAO,uBAAuB;IAChC;;IAGA,IAAI,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,IAAI,gBAAgB,EAAE;AAC1D,QAAA,GAAG,CAAC,gCAAgC,EAAE,aAAEA,WAAS,EAAE,CAAC;AACpD,QAAA,OAAO,YAAY;IACrB;;AAGA,IAAA,MAAM,YAAY,GAAG,MAAMU,yEAAoC,CAAC;QAC9D,OAAO;QACP,QAAQ;QACR,aAAa;QACb,WAAW;AACZ,KAAA,CAAC;IACF,IAAI,YAAY,EAAE;AAChB,QAAA,OAAO,YAAY;IACrB;;IAGA,MAAM,WAAW,GAAG,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,QAAQ,CAAC;IACnE,GAAG,CAAC,wBAAwB,EAAE,aAAEV,WAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;AACnE,IAAA,MAAM,kBAAkB,GAAG,MAAMW,yBAAY,CAAC;QAC5C,WAAW;QACX,aAAa;QACb,WAAW;QACX,QAAQ;QACR,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,OAAO;AACR,KAAA,CAAC;IACF,IAAI,kBAAkB,EAAE;QACtB,GAAG,CAAC,0BAA0B,EAAE;uBAC9BX,WAAS;AACT,YAAA,UAAU,EAAE,kBAAkB,CAAC,MAAM,KAAK,GAAG;AAC9C,SAAA,CAAC;AACF,QAAA,OAAO,kBAAkB;IAC3B;AAEA,IAAA,GAAG,CAAC,sCAAsC,EAAE,aAAEA,WAAS,EAAE,CAAC;IAC1D,MAAM,aAAa,GAAGY,6BAAc,CAAC;AACnC,QAAA,kBAAkB,EAAEC,mBAAY,CAAC,IAAI,CAAC;AACpC,YAAA,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;AACzB,aAAA;SACF,CAAC;QACF,YAAY;AACb,KAAA,CAAC;IACF,aAAa,CAAC,OAAO,CAAC,GAAG,CAACR,yBAAe,EAAEL,WAAS,CAAC;AACrD,IAAA,OAAO,aAAa;AACtB;;;;"}
|
|
@@ -1,8 +1,7 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
var server = require('next/server');
|
|
4
3
|
var debug = require('debug');
|
|
5
|
-
var
|
|
4
|
+
var redirectToLogin = require('../helpers/redirectToLogin.js');
|
|
6
5
|
var requestId = require('./requestId.js');
|
|
7
6
|
var proactivelyRefreshAccessToken = require('./proactivelyRefreshAccessToken.js');
|
|
8
7
|
|
|
@@ -11,16 +10,6 @@ function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'defau
|
|
|
11
10
|
var debug__default = /*#__PURE__*/_interopDefaultCompat(debug);
|
|
12
11
|
|
|
13
12
|
const log = debug__default.default('@smg-automotive/auth:protectRoute');
|
|
14
|
-
const redirectToLogin = ({ auth0Config, language, returnTo, origin, }) => {
|
|
15
|
-
const loginUrl = authLinks.getLoginLink({
|
|
16
|
-
auth0Config,
|
|
17
|
-
language,
|
|
18
|
-
returnTo,
|
|
19
|
-
});
|
|
20
|
-
return server.NextResponse.redirect(new URL(loginUrl, origin), {
|
|
21
|
-
status: 307,
|
|
22
|
-
});
|
|
23
|
-
};
|
|
24
13
|
const protectRoute = async ({ isProtected, auth0Instance, auth0Config, language, request, response, onError, }) => {
|
|
25
14
|
const requestId$1 = requestId.getOrCreateRequestId(request);
|
|
26
15
|
const { pathname, search, origin } = request.nextUrl;
|
|
@@ -39,7 +28,7 @@ const protectRoute = async ({ isProtected, auth0Instance, auth0Config, language,
|
|
|
39
28
|
log('Protected route without session, redirecting to login', {
|
|
40
29
|
requestId: requestId$1,
|
|
41
30
|
});
|
|
42
|
-
return redirectToLogin({
|
|
31
|
+
return redirectToLogin.redirectToLogin({
|
|
43
32
|
auth0Config,
|
|
44
33
|
language,
|
|
45
34
|
returnTo: `${pathname}${search}`,
|
|
@@ -64,7 +53,7 @@ const protectRoute = async ({ isProtected, auth0Instance, auth0Config, language,
|
|
|
64
53
|
code: authError.code,
|
|
65
54
|
});
|
|
66
55
|
onError?.(authError);
|
|
67
|
-
return redirectToLogin({
|
|
56
|
+
return redirectToLogin.redirectToLogin({
|
|
68
57
|
auth0Config,
|
|
69
58
|
language,
|
|
70
59
|
returnTo: `${pathname}${search}`,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":["debug","
|
|
1
|
+
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":["debug","requestId","getOrCreateRequestId","redirectToLogin","proactivelyRefreshAccessToken"],"mappings":";;;;;;;;;;;AAYA,MAAM,GAAG,GAAGA,sBAAK,CAAC,mCAAmC,CAAC;MAEzC,YAAY,GAAG,OAAO,EACjC,WAAW,EACX,aAAa,EACb,WAAW,EACX,QAAQ,EACR,OAAO,EACP,QAAQ,EACR,OAAO,GASR,KAAkC;AACjC,IAAA,MAAMC,WAAS,GAAGC,8BAAoB,CAAC,OAAO,CAAC;IAC/C,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;IACpD,GAAG,CAAC,2BAA2B,EAAE,aAAED,WAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;IAEtE,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,GAAG,CAAC,eAAe,EAAE;mBACnBA,WAAS;QACT,UAAU,EAAE,CAAC,CAAC,OAAO;AACrB,QAAA,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,IAAI;AACzB,KAAA,CAAC;IAEF,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClC,QAAA,GAAG,CAAC,mDAAmD,EAAE,aAAEA,WAAS,EAAE,CAAC;AACvE,QAAA,OAAO,QAAQ;IACjB;AAEA,IAAA,IAAI,CAAC,OAAO,IAAI,WAAW,EAAE;QAC3B,GAAG,CAAC,uDAAuD,EAAE;uBAC3DA,WAAS;AACV,SAAA,CAAC;AACF,QAAA,OAAOE,+BAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,sCAAsC,EAAE,aAAEF,WAAS,EAAE,CAAC;AAC1D,QAAA,MAAMG,2DAA6B,CAAC;YAClC,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;AACF,QAAA,GAAG,CAAC,+CAA+C,EAAE,aAAEH,WAAS,EAAE,CAAC;IACrE;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,0CAA0C,EAAE;uBAC9CA,WAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AAEpB,QAAA,OAAOE,+BAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AACF;;;;"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { NextResponse } from 'next/server';
|
|
2
|
+
import { Language } from '@smg-automotive/i18n-pkg';
|
|
3
|
+
import { Auth0Config } from 'src/types';
|
|
4
|
+
export declare const redirectToLogin: ({ auth0Config, language, returnTo, origin, selectedSellerId, impersonateSellerId, }: {
|
|
5
|
+
auth0Config: Auth0Config;
|
|
6
|
+
language: Language;
|
|
7
|
+
returnTo: string;
|
|
8
|
+
origin: string;
|
|
9
|
+
selectedSellerId?: string;
|
|
10
|
+
impersonateSellerId?: string;
|
|
11
|
+
}) => NextResponse;
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import { NextResponse } from 'next/server';
|
|
2
|
+
import { getLoginLink } from '../../lib/authLinks.js';
|
|
3
|
+
|
|
4
|
+
const redirectToLogin = ({ auth0Config, language, returnTo, origin, selectedSellerId, impersonateSellerId, }) => {
|
|
5
|
+
const loginUrl = getLoginLink({
|
|
6
|
+
auth0Config,
|
|
7
|
+
language,
|
|
8
|
+
returnTo,
|
|
9
|
+
selectedSellerId,
|
|
10
|
+
impersonateSellerId,
|
|
11
|
+
});
|
|
12
|
+
return NextResponse.redirect(new URL(loginUrl, origin), {
|
|
13
|
+
status: 307,
|
|
14
|
+
});
|
|
15
|
+
};
|
|
16
|
+
|
|
17
|
+
export { redirectToLogin };
|
|
18
|
+
//# sourceMappingURL=redirectToLogin.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"redirectToLogin.js","sources":["../../../../../src/server/helpers/redirectToLogin.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAMO,MAAM,eAAe,GAAG,CAAC,EAC9B,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,MAAM,EACN,gBAAgB,EAChB,mBAAmB,GAQpB,KAAkB;IACjB,MAAM,QAAQ,GAAG,YAAY,CAAC;QAC5B,WAAW;QACX,QAAQ;QACR,QAAQ;QACR,gBAAgB;QAChB,mBAAmB;AACpB,KAAA,CAAC;IAEF,OAAO,YAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE;AACtD,QAAA,MAAM,EAAE,GAAG;AACZ,KAAA,CAAC;AACJ;;;;"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { NextRequest, NextResponse } from 'next/server';
|
|
2
|
+
import { Language } from '@smg-automotive/i18n-pkg';
|
|
3
|
+
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
4
|
+
import { Auth0Config } from 'src/types';
|
|
5
|
+
export declare const crossApplicationStateSynchronization: ({ request, language, auth0Instance, auth0Config, }: {
|
|
6
|
+
request: NextRequest;
|
|
7
|
+
language: Language;
|
|
8
|
+
auth0Instance: Auth0Client;
|
|
9
|
+
auth0Config: Auth0Config;
|
|
10
|
+
}) => Promise<NextResponse | null>;
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
import { redirectToLogin } from '../helpers/redirectToLogin.js';
|
|
2
|
+
|
|
3
|
+
const crossApplicationStateSynchronization = async ({ request, language, auth0Instance, auth0Config, }) => {
|
|
4
|
+
const session = await auth0Instance.getSession(request);
|
|
5
|
+
const { pathname, search, origin } = request.nextUrl;
|
|
6
|
+
if (!session?.user) {
|
|
7
|
+
return null;
|
|
8
|
+
}
|
|
9
|
+
const impersonatedSellerIdFromCookie = request.cookies.get(auth0Config.impersonatedSellerIdCookie.name)?.value;
|
|
10
|
+
console.log('impersonatedSellerIdFromCookie', impersonatedSellerIdFromCookie);
|
|
11
|
+
console.log('!session?.user', session?.user);
|
|
12
|
+
if (!session?.user.isMultiTenantUser && !impersonatedSellerIdFromCookie) {
|
|
13
|
+
console.log('User is not multi-tenant and no impersonation, no action needed');
|
|
14
|
+
return null;
|
|
15
|
+
}
|
|
16
|
+
let impersonateSellerId;
|
|
17
|
+
if (session.user.sellerId !== impersonatedSellerIdFromCookie) {
|
|
18
|
+
console.log('Impersonated seller ID out of sync, redirecting to login to resync');
|
|
19
|
+
impersonateSellerId = impersonatedSellerIdFromCookie;
|
|
20
|
+
}
|
|
21
|
+
console.log('!session?.user', session?.user);
|
|
22
|
+
const sellerIdFromCookie = request.cookies.get(auth0Config.selectedSellerIdCookie.name)?.value;
|
|
23
|
+
let selectedSellerId;
|
|
24
|
+
if (session.user.sellerId !== sellerIdFromCookie && !impersonateSellerId) {
|
|
25
|
+
console.log('Selected seller ID out of sync, redirecting to login to resync');
|
|
26
|
+
selectedSellerId = sellerIdFromCookie;
|
|
27
|
+
}
|
|
28
|
+
console.log('!sellerIdFromCookie', sellerIdFromCookie);
|
|
29
|
+
if (!selectedSellerId && !impersonateSellerId) {
|
|
30
|
+
console.log('All in sync, no action needed');
|
|
31
|
+
return null;
|
|
32
|
+
}
|
|
33
|
+
console.log('Redirecting to login for resynchronization');
|
|
34
|
+
console.log(redirectToLogin);
|
|
35
|
+
return redirectToLogin({
|
|
36
|
+
auth0Config,
|
|
37
|
+
language,
|
|
38
|
+
returnTo: `${pathname}${search}`,
|
|
39
|
+
origin,
|
|
40
|
+
impersonateSellerId,
|
|
41
|
+
selectedSellerId,
|
|
42
|
+
});
|
|
43
|
+
};
|
|
44
|
+
|
|
45
|
+
export { crossApplicationStateSynchronization };
|
|
46
|
+
//# sourceMappingURL=crossApplicationStateSynchronization.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"crossApplicationStateSynchronization.js","sources":["../../../../../src/server/middleware/crossApplicationStateSynchronization.ts"],"sourcesContent":[null],"names":[],"mappings":";;AASO,MAAM,oCAAoC,GAAG,OAAO,EACzD,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,GAMZ,KAAkC;IACjC,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;AAEpD,IAAA,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClB,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,8BAA8B,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CACxD,WAAW,CAAC,0BAA0B,CAAC,IAAI,CAC5C,EAAE,KAAK;AAER,IAAA,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,8BAA8B,CAAC;IAC7E,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,OAAO,EAAE,IAAI,CAAC;IAE5C,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,iBAAiB,IAAI,CAAC,8BAA8B,EAAE;AACvE,QAAA,OAAO,CAAC,GAAG,CACT,iEAAiE,CAClE;AACD,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,IAAI,mBAAuC;IAC3C,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,KAAK,8BAA8B,EAAE;AAC5D,QAAA,OAAO,CAAC,GAAG,CACT,oEAAoE,CACrE;QACD,mBAAmB,GAAG,8BAA8B;IACtD;IAEA,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,OAAO,EAAE,IAAI,CAAC;AAE5C,IAAA,MAAM,kBAAkB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAC5C,WAAW,CAAC,sBAAsB,CAAC,IAAI,CACxC,EAAE,KAAK;AACR,IAAA,IAAI,gBAAoC;IACxC,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,KAAK,kBAAkB,IAAI,CAAC,mBAAmB,EAAE;AACxE,QAAA,OAAO,CAAC,GAAG,CACT,gEAAgE,CACjE;QACD,gBAAgB,GAAG,kBAAkB;IACvC;AAEA,IAAA,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,kBAAkB,CAAC;AAEtD,IAAA,IAAI,CAAC,gBAAgB,IAAI,CAAC,mBAAmB,EAAE;AAC7C,QAAA,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC;AAC5C,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC;AAEzD,IAAA,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;AAC5B,IAAA,OAAO,eAAe,CAAC;QACrB,WAAW;QACX,QAAQ;AACR,QAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;QAChC,MAAM;QACN,mBAAmB;QACnB,gBAAgB;AACjB,KAAA,CAAC;AACJ;;;;"}
|
|
@@ -8,6 +8,7 @@ import { protectRoute } from './protectRoute.js';
|
|
|
8
8
|
import { handleUserProfile } from './profile.js';
|
|
9
9
|
import { handleCrossDomainLogout, deleteRelatedSessionCookies } from './logout.js';
|
|
10
10
|
import { addLoginParams } from './login.js';
|
|
11
|
+
import { crossApplicationStateSynchronization } from './crossApplicationStateSynchronization.js';
|
|
11
12
|
import { combineHeaders } from './combineHeaders.js';
|
|
12
13
|
|
|
13
14
|
const log = debug('@smg-automotive/auth:middleware');
|
|
@@ -49,6 +50,7 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
49
50
|
log('Cross-domain logout detected, redirecting', { requestId });
|
|
50
51
|
return crossDomainLogoutResult;
|
|
51
52
|
}
|
|
53
|
+
// Login endpoint - /api/auth/login
|
|
52
54
|
addLoginParams({
|
|
53
55
|
request,
|
|
54
56
|
auth0Config,
|
|
@@ -57,12 +59,14 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
57
59
|
const authResponse = await auth0Instance.middleware(request);
|
|
58
60
|
authResponse.headers.set(requestIdHeader, requestId);
|
|
59
61
|
log('Auth0 middleware completed', { requestId, status: authResponse.status });
|
|
62
|
+
// Logout endpoint - api/auth/logout
|
|
60
63
|
deleteRelatedSessionCookies({
|
|
61
64
|
host,
|
|
62
65
|
request,
|
|
63
66
|
response: authResponse,
|
|
64
67
|
auth0Config,
|
|
65
68
|
});
|
|
69
|
+
// Access token handling - /api/auth/access-token
|
|
66
70
|
const accessTokenRequestResult = await handleAccessTokenRequest({
|
|
67
71
|
request,
|
|
68
72
|
response: authResponse,
|
|
@@ -74,6 +78,7 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
74
78
|
log('Access token request handled', { requestId });
|
|
75
79
|
return accessTokenRequestResult;
|
|
76
80
|
}
|
|
81
|
+
// User profile handling - /api/auth/profile
|
|
77
82
|
const handleUserProfileResult = await handleUserProfile({
|
|
78
83
|
request,
|
|
79
84
|
response: authResponse,
|
|
@@ -85,10 +90,22 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
85
90
|
log('User profile request handled', { requestId });
|
|
86
91
|
return handleUserProfileResult;
|
|
87
92
|
}
|
|
93
|
+
// Auth routes handling - /api/auth/*
|
|
88
94
|
if (isAuthRoute(pathname, auth0Config) || isAuthErrorRoute) {
|
|
89
95
|
log('Auth route, returning response', { requestId });
|
|
90
96
|
return authResponse;
|
|
91
97
|
}
|
|
98
|
+
// Check if selected and impersonated seller are in sync across applications
|
|
99
|
+
const syncResponse = await crossApplicationStateSynchronization({
|
|
100
|
+
request,
|
|
101
|
+
language,
|
|
102
|
+
auth0Instance,
|
|
103
|
+
auth0Config,
|
|
104
|
+
});
|
|
105
|
+
if (syncResponse) {
|
|
106
|
+
return syncResponse;
|
|
107
|
+
}
|
|
108
|
+
// Protected route handling
|
|
92
109
|
const isProtected = !isAuthErrorRoute && isProtectedRoute(pathname);
|
|
93
110
|
log('Route protection check', { requestId, pathname, isProtected });
|
|
94
111
|
const protectRouteResult = await protectRoute({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;;;;;;AAkBA,MAAM,GAAG,GAAG,KAAK,CAAC,iCAAiC,CAAC;AAEpD,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,KAAK,GASN,KAA2B;AAC1B,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;AAE/C,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO;IACpC,GAAG,CAAC,oBAAoB,EAAE;QACxB,SAAS;QACT,QAAQ;QACR,IAAI;QACJ,QAAQ;QACR,MAAM,EAAE,OAAO,CAAC,MAAM;AACvB,KAAA,CAAC;IAEF,MAAM,aAAa,GAAG,gBAAgB,CAAC;QACrC,IAAI;QACJ,QAAQ;AACT,KAAA,CAAC;AAEF,IAAA,MAAM,WAAW,GAAG,cAAc,EAAE;IACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC3E,GAAG,CAAC,kBAAkB,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC;IAElE,MAAM,uBAAuB,GAAG,uBAAuB,CAAC;QACtD,IAAI;QACJ,QAAQ;QACR,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;QAC3B,uBAAuB,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC;AAC/D,QAAA,GAAG,CAAC,2CAA2C,EAAE,EAAE,SAAS,EAAE,CAAC;AAC/D,QAAA,OAAO,uBAAuB;IAChC;;AAGA,IAAA,cAAc,CAAC;QACb,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,GAAG,CAAC,0BAA0B,EAAE,EAAE,SAAS,EAAE,CAAC;IAC9C,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAC5D,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC;AACpD,IAAA,GAAG,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,EAAE,CAAC;;AAG7E,IAAA,2BAA2B,CAAC;QAC1B,IAAI;QACJ,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,WAAW;AACZ,KAAA,CAAC;;AAGF,IAAA,MAAM,wBAAwB,GAAG,MAAM,wBAAwB,CAAC;QAC9D,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,OAAO;AACR,KAAA,CAAC;IACF,IAAI,wBAAwB,EAAE;AAC5B,QAAA,GAAG,CAAC,8BAA8B,EAAE,EAAE,SAAS,EAAE,CAAC;AAClD,QAAA,OAAO,wBAAwB;IACjC;;AAGA,IAAA,MAAM,uBAAuB,GAAG,MAAM,iBAAiB,CAAC;QACtD,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,KAAK;AACN,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;AAC3B,QAAA,GAAG,CAAC,8BAA8B,EAAE,EAAE,SAAS,EAAE,CAAC;AAClD,QAAA,OAAO,uBAAuB;IAChC;;IAGA,IAAI,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,IAAI,gBAAgB,EAAE;AAC1D,QAAA,GAAG,CAAC,gCAAgC,EAAE,EAAE,SAAS,EAAE,CAAC;AACpD,QAAA,OAAO,YAAY;IACrB;;AAGA,IAAA,MAAM,YAAY,GAAG,MAAM,oCAAoC,CAAC;QAC9D,OAAO;QACP,QAAQ;QACR,aAAa;QACb,WAAW;AACZ,KAAA,CAAC;IACF,IAAI,YAAY,EAAE;AAChB,QAAA,OAAO,YAAY;IACrB;;IAGA,MAAM,WAAW,GAAG,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,QAAQ,CAAC;IACnE,GAAG,CAAC,wBAAwB,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;AACnE,IAAA,MAAM,kBAAkB,GAAG,MAAM,YAAY,CAAC;QAC5C,WAAW;QACX,aAAa;QACb,WAAW;QACX,QAAQ;QACR,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,OAAO;AACR,KAAA,CAAC;IACF,IAAI,kBAAkB,EAAE;QACtB,GAAG,CAAC,0BAA0B,EAAE;YAC9B,SAAS;AACT,YAAA,UAAU,EAAE,kBAAkB,CAAC,MAAM,KAAK,GAAG;AAC9C,SAAA,CAAC;AACF,QAAA,OAAO,kBAAkB;IAC3B;AAEA,IAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;IAC1D,MAAM,aAAa,GAAG,cAAc,CAAC;AACnC,QAAA,kBAAkB,EAAE,YAAY,CAAC,IAAI,CAAC;AACpC,YAAA,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;AACzB,aAAA;SACF,CAAC;QACF,YAAY;AACb,KAAA,CAAC;IACF,aAAa,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC;AACrD,IAAA,OAAO,aAAa;AACtB;;;;"}
|
|
@@ -1,20 +1,9 @@
|
|
|
1
|
-
import { NextResponse } from 'next/server';
|
|
2
1
|
import debug from 'debug';
|
|
3
|
-
import {
|
|
2
|
+
import { redirectToLogin } from '../helpers/redirectToLogin.js';
|
|
4
3
|
import { getOrCreateRequestId } from './requestId.js';
|
|
5
4
|
import { proactivelyRefreshAccessToken } from './proactivelyRefreshAccessToken.js';
|
|
6
5
|
|
|
7
6
|
const log = debug('@smg-automotive/auth:protectRoute');
|
|
8
|
-
const redirectToLogin = ({ auth0Config, language, returnTo, origin, }) => {
|
|
9
|
-
const loginUrl = getLoginLink({
|
|
10
|
-
auth0Config,
|
|
11
|
-
language,
|
|
12
|
-
returnTo,
|
|
13
|
-
});
|
|
14
|
-
return NextResponse.redirect(new URL(loginUrl, origin), {
|
|
15
|
-
status: 307,
|
|
16
|
-
});
|
|
17
|
-
};
|
|
18
7
|
const protectRoute = async ({ isProtected, auth0Instance, auth0Config, language, request, response, onError, }) => {
|
|
19
8
|
const requestId = getOrCreateRequestId(request);
|
|
20
9
|
const { pathname, search, origin } = request.nextUrl;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"protectRoute.js","sources":["../../../../../src/server/middleware/protectRoute.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAYA,MAAM,GAAG,GAAG,KAAK,CAAC,mCAAmC,CAAC;MAEzC,YAAY,GAAG,OAAO,EACjC,WAAW,EACX,aAAa,EACb,WAAW,EACX,QAAQ,EACR,OAAO,EACP,QAAQ,EACR,OAAO,GASR,KAAkC;AACjC,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;IAC/C,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;IACpD,GAAG,CAAC,2BAA2B,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;IAEtE,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,GAAG,CAAC,eAAe,EAAE;QACnB,SAAS;QACT,UAAU,EAAE,CAAC,CAAC,OAAO;AACrB,QAAA,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,IAAI;AACzB,KAAA,CAAC;IAEF,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClC,QAAA,GAAG,CAAC,mDAAmD,EAAE,EAAE,SAAS,EAAE,CAAC;AACvE,QAAA,OAAO,QAAQ;IACjB;AAEA,IAAA,IAAI,CAAC,OAAO,IAAI,WAAW,EAAE;QAC3B,GAAG,CAAC,uDAAuD,EAAE;YAC3D,SAAS;AACV,SAAA,CAAC;AACF,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI;AACF,QAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;AAC1D,QAAA,MAAM,6BAA6B,CAAC;YAClC,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;AACZ,SAAA,CAAC;AACF,QAAA,GAAG,CAAC,+CAA+C,EAAE,EAAE,SAAS,EAAE,CAAC;IACrE;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,SAAS,GAAG,KAAiB;QACnC,GAAG,CAAC,0CAA0C,EAAE;YAC9C,SAAS;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;AACrB,SAAA,CAAC;AACF,QAAA,OAAO,GAAG,SAAS,CAAC;AAEpB,QAAA,OAAO,eAAe,CAAC;YACrB,WAAW;YACX,QAAQ;AACR,YAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;YAChC,MAAM;AACP,SAAA,CAAC;IACJ;AACF;;;;"}
|