@smg-automotive/auth 8.3.0-lschuerch-FED-782-sync-tenant.2 → 8.3.0-lschuerch-FED-782-sync-tenant.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/lib/enrichUser/session.js +12 -0
- package/dist/cjs/lib/enrichUser/session.js.map +1 -1
- package/dist/cjs/server/helpers/getAccessToken.js.map +1 -1
- package/dist/cjs/server/middleware/crossApplicationStateSynchronization.js +29 -7
- package/dist/cjs/server/middleware/crossApplicationStateSynchronization.js.map +1 -1
- package/dist/cjs/server/middleware/index.js +15 -0
- package/dist/cjs/server/middleware/index.js.map +1 -1
- package/dist/cjs/server/middleware/proactivelyRefreshAccessToken.js +9 -0
- package/dist/cjs/server/middleware/proactivelyRefreshAccessToken.js.map +1 -1
- package/dist/esm/lib/enrichUser/session.js +8 -0
- package/dist/esm/lib/enrichUser/session.js.map +1 -1
- package/dist/esm/server/helpers/getAccessToken.js.map +1 -1
- package/dist/esm/server/middleware/crossApplicationStateSynchronization.js +29 -7
- package/dist/esm/server/middleware/crossApplicationStateSynchronization.js.map +1 -1
- package/dist/esm/server/middleware/index.js +15 -0
- package/dist/esm/server/middleware/index.js.map +1 -1
- package/dist/esm/server/middleware/proactivelyRefreshAccessToken.js +9 -0
- package/dist/esm/server/middleware/proactivelyRefreshAccessToken.js.map +1 -1
- package/package.json +1 -1
|
@@ -1,11 +1,20 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
+
var debug = require('debug');
|
|
3
4
|
var getManagedSellers = require('../../api/user/getManagedSellers.js');
|
|
4
5
|
require('../../api/user/client.js');
|
|
5
6
|
var getEntitlements = require('../../api/entitlements/getEntitlements.js');
|
|
6
7
|
require('../../api/entitlements/client.js');
|
|
7
8
|
|
|
9
|
+
function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e : { default: e }; }
|
|
10
|
+
|
|
11
|
+
var debug__default = /*#__PURE__*/_interopDefaultCompat(debug);
|
|
12
|
+
|
|
13
|
+
const log = debug__default.default('@smg-automotive/auth:user');
|
|
8
14
|
const enrichUser = async ({ user, accessToken, brand, }) => {
|
|
15
|
+
if (user.isMultiTenantUser) {
|
|
16
|
+
log('Fetching managed sellers for user');
|
|
17
|
+
}
|
|
9
18
|
const managedSellersResponse = user.isMultiTenantUser
|
|
10
19
|
? await getManagedSellers.getManagedSellers({
|
|
11
20
|
userId: user.userId,
|
|
@@ -20,11 +29,13 @@ const enrichUser = async ({ user, accessToken, brand, }) => {
|
|
|
20
29
|
});
|
|
21
30
|
// We can not load entitlements without a selected sellerId
|
|
22
31
|
if (user.forceTenantSelection) {
|
|
32
|
+
log('Returning user to force multi-tenant selection without entitlements');
|
|
23
33
|
return Object.assign(user, {
|
|
24
34
|
managedSellers: sortedManagedSellers,
|
|
25
35
|
entitlements: null,
|
|
26
36
|
});
|
|
27
37
|
}
|
|
38
|
+
log('Fetching entitlements for user');
|
|
28
39
|
const fullEntitlements = await getEntitlements.getEntitlements({
|
|
29
40
|
sellerId: parseInt(user.sellerId, 10),
|
|
30
41
|
accessToken,
|
|
@@ -32,6 +43,7 @@ const enrichUser = async ({ user, accessToken, brand, }) => {
|
|
|
32
43
|
const entitlements = fullEntitlements && fullEntitlements[brand]
|
|
33
44
|
? fullEntitlements[brand]
|
|
34
45
|
: null;
|
|
46
|
+
log('Returning enriched user');
|
|
35
47
|
return Object.assign(user, {
|
|
36
48
|
managedSellers: sortedManagedSellers,
|
|
37
49
|
entitlements,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"session.js","sources":["../../../../../src/lib/enrichUser/session.ts"],"sourcesContent":[null],"names":["getManagedSellers","getEntitlements"],"mappings":"
|
|
1
|
+
{"version":3,"file":"session.js","sources":["../../../../../src/lib/enrichUser/session.ts"],"sourcesContent":[null],"names":["debug","getManagedSellers","getEntitlements"],"mappings":";;;;;;;;;;;;AAOA,MAAM,GAAG,GAAGA,sBAAK,CAAC,2BAA2B,CAAC;AAEvC,MAAM,UAAU,GAAG,OAAO,EAC/B,IAAI,EACJ,WAAW,EACX,KAAK,GAKN,KAAkC;AACjC,IAAA,IAAI,IAAI,CAAC,iBAAiB,EAAE;QAC1B,GAAG,CAAC,mCAAmC,CAAC;IAC1C;AACA,IAAA,MAAM,sBAAsB,GAAG,IAAI,CAAC;UAChC,MAAMC,mCAAiB,CAAC;YACtB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,WAAW;SACZ;UACD,IAAI;AACR,IAAA,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG;AAClC,UAAE;AACF,UAAE,EAAE,OAAO,EAAE,EAA0B,EAAE;IAC3C,MAAM,oBAAoB,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,KAAI;AACxD,QAAA,OAAO,CAAC,CAAC,CAAC,WAAW,IAAI,EAAE,EAAE,aAAa,CAAC,CAAC,CAAC,WAAW,IAAI,EAAE,CAAC;AACjE,IAAA,CAAC,CAAC;;AAGF,IAAA,IAAI,IAAI,CAAC,oBAAoB,EAAE;QAC7B,GAAG,CAAC,qEAAqE,CAAC;AAE1E,QAAA,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE;AACzB,YAAA,cAAc,EAAE,oBAAoB;AACpC,YAAA,YAAY,EAAE,IAAI;AACnB,SAAA,CAAC;IACJ;IAEA,GAAG,CAAC,gCAAgC,CAAC;AACrC,IAAA,MAAM,gBAAgB,GAAG,MAAMC,+BAAe,CAAC;QAC7C,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC;QACrC,WAAW;AACZ,KAAA,CAAC;AACF,IAAA,MAAM,YAAY,GAChB,gBAAgB,IAAI,gBAAgB,CAAC,KAAK;AACxC,UAAE,gBAAgB,CAAC,KAAK;UACtB,IAAI;IAEV,GAAG,CAAC,yBAAyB,CAAC;AAC9B,IAAA,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE;AACzB,QAAA,cAAc,EAAE,oBAAoB;QACpC,YAAY;AACb,KAAA,CAAC;AACJ;;;;"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getAccessToken.js","sources":["../../../../../src/server/helpers/getAccessToken.ts"],"sourcesContent":[null],"names":["debug","getAuth0Instance"],"mappings":";;;;;;;;;AAMA,MAAM,GAAG,GAAGA,sBAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,cAAc,GAAG,OAAO,EACnC,QAAQ,EACR,IAAI,EACJ,OAAO,GACwC,KAAI;IACnD,GAAG,CAAC,sBAAsB,EAAE;QAC1B,IAAI;QACJ,QAAQ;AACR,QAAA,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO;AAC/B,KAAA,CAAC;
|
|
1
|
+
{"version":3,"file":"getAccessToken.js","sources":["../../../../../src/server/helpers/getAccessToken.ts"],"sourcesContent":[null],"names":["debug","getAuth0Instance"],"mappings":";;;;;;;;;AAMA,MAAM,GAAG,GAAGA,sBAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,cAAc,GAAG,OAAO,EACnC,QAAQ,EACR,IAAI,EACJ,OAAO,GACwC,KAAI;IACnD,GAAG,CAAC,sBAAsB,EAAE;QAC1B,IAAI;QACJ,QAAQ;AACR,QAAA,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO;AAC/B,KAAA,CAAC;IAEF,MAAM,aAAa,GAAGC,iCAAgB,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;AAC1D,IAAA,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,EAAE;AACzB,UAAE,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,QAAQ;AACtE,UAAE,MAAM,aAAa,CAAC,cAAc,EAAE;AACxC,IAAA,GAAG,CAAC,wBAAwB,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,IAAI,CAAC,EAAE,CAAC;AAClE,IAAA,OAAO,KAAK;AACd;;;;"}
|
|
@@ -10,31 +10,43 @@ const crossApplicationStateSynchronization = async ({ request, language, auth0In
|
|
|
10
10
|
}
|
|
11
11
|
const impersonatedSellerIdFromCookie = request.cookies.get(auth0Config.impersonatedSellerIdCookie.name)?.value;
|
|
12
12
|
console.log('impersonatedSellerIdFromCookie', impersonatedSellerIdFromCookie);
|
|
13
|
-
console.log('
|
|
13
|
+
console.log('typeof impersonatedSellerIdFromCookie', typeof impersonatedSellerIdFromCookie);
|
|
14
|
+
console.log('user.sellerId', typeof session?.user.sellerId);
|
|
15
|
+
console.log('typeof user.sellerId', typeof session?.user.sellerId);
|
|
16
|
+
console.log('session?.user.isMultiTenantUser', session?.user.isMultiTenantUser);
|
|
17
|
+
console.log('user: ', session?.user);
|
|
14
18
|
if (!session?.user.isMultiTenantUser && !impersonatedSellerIdFromCookie) {
|
|
15
19
|
console.log('User is not multi-tenant and no impersonation, no action needed');
|
|
16
20
|
return null;
|
|
17
21
|
}
|
|
18
22
|
let impersonateSellerId;
|
|
19
|
-
if (
|
|
23
|
+
if (impersonatedSellerIdFromCookie &&
|
|
24
|
+
session.user.sellerId !== impersonatedSellerIdFromCookie) {
|
|
20
25
|
console.log('Impersonated seller ID out of sync, redirecting to login to resync');
|
|
21
26
|
impersonateSellerId = impersonatedSellerIdFromCookie;
|
|
22
27
|
}
|
|
23
|
-
console.log('!session?.user', session?.user);
|
|
24
28
|
const sellerIdFromCookie = request.cookies.get(auth0Config.selectedSellerIdCookie.name)?.value;
|
|
29
|
+
console.log('sellerIdFromCookie', sellerIdFromCookie);
|
|
30
|
+
console.log('typeof sellerIdFromCookie', typeof sellerIdFromCookie);
|
|
25
31
|
let selectedSellerId;
|
|
26
|
-
if (
|
|
32
|
+
if (sellerIdFromCookie &&
|
|
33
|
+
session.user.sellerId !== sellerIdFromCookie &&
|
|
34
|
+
!impersonateSellerId) {
|
|
27
35
|
console.log('Selected seller ID out of sync, redirecting to login to resync');
|
|
28
36
|
selectedSellerId = sellerIdFromCookie;
|
|
29
37
|
}
|
|
30
|
-
console.log('!sellerIdFromCookie', sellerIdFromCookie);
|
|
31
38
|
if (!selectedSellerId && !impersonateSellerId) {
|
|
32
39
|
console.log('All in sync, no action needed');
|
|
33
40
|
return null;
|
|
34
41
|
}
|
|
35
|
-
console.log('Redirecting to login for resynchronization'
|
|
42
|
+
console.log('Redirecting to login for resynchronization', {
|
|
43
|
+
impersonateSellerId,
|
|
44
|
+
selectedSellerId,
|
|
45
|
+
currentSellerId: session.user.sellerId,
|
|
46
|
+
});
|
|
47
|
+
// Like that???
|
|
36
48
|
console.log(redirectToLogin.redirectToLogin);
|
|
37
|
-
|
|
49
|
+
const response = redirectToLogin.redirectToLogin({
|
|
38
50
|
auth0Config,
|
|
39
51
|
language,
|
|
40
52
|
returnTo: `${pathname}${search}`,
|
|
@@ -42,6 +54,16 @@ const crossApplicationStateSynchronization = async ({ request, language, auth0In
|
|
|
42
54
|
impersonateSellerId,
|
|
43
55
|
selectedSellerId,
|
|
44
56
|
});
|
|
57
|
+
// Clear session to prevent refreshes with outdated sellerId
|
|
58
|
+
session.tokenSet = {
|
|
59
|
+
accessToken: '',
|
|
60
|
+
expiresAt: 0,
|
|
61
|
+
};
|
|
62
|
+
await auth0Instance.updateSession(request, response, {
|
|
63
|
+
...session,
|
|
64
|
+
updatedAt: Date.now(),
|
|
65
|
+
});
|
|
66
|
+
return response;
|
|
45
67
|
};
|
|
46
68
|
|
|
47
69
|
exports.crossApplicationStateSynchronization = crossApplicationStateSynchronization;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"crossApplicationStateSynchronization.js","sources":["../../../../../src/server/middleware/crossApplicationStateSynchronization.ts"],"sourcesContent":[null],"names":["redirectToLogin"],"mappings":";;;;AASO,MAAM,oCAAoC,GAAG,OAAO,EACzD,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,GAMZ,KAAkC;IACjC,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;AAEpD,IAAA,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClB,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,8BAA8B,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CACxD,WAAW,CAAC,0BAA0B,CAAC,IAAI,CAC5C,EAAE,KAAK;AAER,IAAA,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,8BAA8B,CAAC;IAC7E,OAAO,CAAC,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"crossApplicationStateSynchronization.js","sources":["../../../../../src/server/middleware/crossApplicationStateSynchronization.ts"],"sourcesContent":[null],"names":["redirectToLogin"],"mappings":";;;;AASO,MAAM,oCAAoC,GAAG,OAAO,EACzD,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,GAMZ,KAAkC;IACjC,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;AAEpD,IAAA,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClB,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,8BAA8B,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CACxD,WAAW,CAAC,0BAA0B,CAAC,IAAI,CAC5C,EAAE,KAAK;AAER,IAAA,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,8BAA8B,CAAC;IAC7E,OAAO,CAAC,GAAG,CACT,uCAAuC,EACvC,OAAO,8BAA8B,CACtC;AACD,IAAA,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC;AAC3D,IAAA,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC;IAClE,OAAO,CAAC,GAAG,CACT,iCAAiC,EACjC,OAAO,EAAE,IAAI,CAAC,iBAAiB,CAChC;IACD,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,CAAC;IAEpC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,iBAAiB,IAAI,CAAC,8BAA8B,EAAE;AACvE,QAAA,OAAO,CAAC,GAAG,CACT,iEAAiE,CAClE;AACD,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,IAAI,mBAAuC;AAC3C,IAAA,IACE,8BAA8B;AAC9B,QAAA,OAAO,CAAC,IAAI,CAAC,QAAQ,KAAK,8BAA8B,EACxD;AACA,QAAA,OAAO,CAAC,GAAG,CACT,oEAAoE,CACrE;QACD,mBAAmB,GAAG,8BAA8B;IACtD;AAEA,IAAA,MAAM,kBAAkB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAC5C,WAAW,CAAC,sBAAsB,CAAC,IAAI,CACxC,EAAE,KAAK;AACR,IAAA,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,kBAAkB,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,2BAA2B,EAAE,OAAO,kBAAkB,CAAC;AAEnE,IAAA,IAAI,gBAAoC;AACxC,IAAA,IACE,kBAAkB;AAClB,QAAA,OAAO,CAAC,IAAI,CAAC,QAAQ,KAAK,kBAAkB;QAC5C,CAAC,mBAAmB,EACpB;AACA,QAAA,OAAO,CAAC,GAAG,CACT,gEAAgE,CACjE;QACD,gBAAgB,GAAG,kBAAkB;IACvC;AAEA,IAAA,IAAI,CAAC,gBAAgB,IAAI,CAAC,mBAAmB,EAAE;AAC7C,QAAA,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC;AAC5C,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,OAAO,CAAC,GAAG,CAAC,4CAA4C,EAAE;QACxD,mBAAmB;QACnB,gBAAgB;AAChB,QAAA,eAAe,EAAE,OAAO,CAAC,IAAI,CAAC,QAAQ;AACvC,KAAA,CAAC;;AAGF,IAAA,OAAO,CAAC,GAAG,CAACA,+BAAe,CAAC;IAC5B,MAAM,QAAQ,GAAGA,+BAAe,CAAC;QAC/B,WAAW;QACX,QAAQ;AACR,QAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;QAChC,MAAM;QACN,mBAAmB;QACnB,gBAAgB;AACjB,KAAA,CAAC;;IAGF,OAAO,CAAC,QAAQ,GAAG;AACjB,QAAA,WAAW,EAAE,EAAE;AACf,QAAA,SAAS,EAAE,CAAC;KACb;AACD,IAAA,MAAM,aAAa,CAAC,aAAa,CAAC,OAAO,EAAE,QAAQ,EAAE;AACnD,QAAA,GAAG,OAAO;AACV,QAAA,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;AACtB,KAAA,CAAC;AAEF,IAAA,OAAO,QAAQ;AACjB;;;;"}
|
|
@@ -72,6 +72,9 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
72
72
|
response: authResponse,
|
|
73
73
|
auth0Config,
|
|
74
74
|
});
|
|
75
|
+
// FIXME: if we are out of since while using force refresh / the token is expired,
|
|
76
|
+
// the token set will get rotated with the wrong sellerId reusulting in a bad session where
|
|
77
|
+
// we detect the missmatch on a page route the but the XHR chain rotates with the outdated seller
|
|
75
78
|
// Access token handling - /api/auth/access-token
|
|
76
79
|
const accessTokenRequestResult = await token.handleAccessTokenRequest({
|
|
77
80
|
request,
|
|
@@ -101,6 +104,18 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
101
104
|
log('Auth route, returning response', { requestId: requestId$1 });
|
|
102
105
|
return authResponse;
|
|
103
106
|
}
|
|
107
|
+
// // Like that???
|
|
108
|
+
// console.log(redirectToLogin);
|
|
109
|
+
// const response = redirectToLogin({
|
|
110
|
+
// auth0Config,
|
|
111
|
+
// language,
|
|
112
|
+
// returnTo: `${pathname}${search}`,
|
|
113
|
+
// origin,
|
|
114
|
+
// impersonateSellerId,
|
|
115
|
+
// selectedSellerId,
|
|
116
|
+
// });
|
|
117
|
+
// await auth0Instance.updateSession(request, response, session);
|
|
118
|
+
// return response;
|
|
104
119
|
// Check if selected and impersonated seller are in sync across applications
|
|
105
120
|
const syncResponse = await crossApplicationStateSynchronization.crossApplicationStateSynchronization({
|
|
106
121
|
request,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":["debug","requestId","getOrCreateRequestId","getAuth0Instance","getAuth0Config","handleCrossDomainLogout","requestIdHeader","addLoginParams","deleteRelatedSessionCookies","handleAccessTokenRequest","handleUserProfile","crossApplicationStateSynchronization","protectRoute","combineHeaders","NextResponse"],"mappings":";;;;;;;;;;;;;;;;;;;AAkBA,MAAM,GAAG,GAAGA,sBAAK,CAAC,iCAAiC,CAAC;AAEpD,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,KAAK,GASN,KAA2B;AAC1B,IAAA,MAAMC,WAAS,GAAGC,8BAAoB,CAAC,OAAO,CAAC;AAE/C,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO;IACpC,GAAG,CAAC,oBAAoB,EAAE;mBACxBD,WAAS;QACT,QAAQ;QACR,IAAI;QACJ,QAAQ;QACR,MAAM,EAAE,OAAO,CAAC,MAAM;AACvB,KAAA,CAAC;IAEF,MAAM,aAAa,GAAGE,iCAAgB,CAAC;QACrC,IAAI;QACJ,QAAQ;AACT,KAAA,CAAC;AAEF,IAAA,MAAM,WAAW,GAAGC,oBAAc,EAAE;IACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC3E,GAAG,CAAC,kBAAkB,EAAE,aAAEH,WAAS,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC;IAElE,MAAM,uBAAuB,GAAGI,8BAAuB,CAAC;QACtD,IAAI;QACJ,QAAQ;QACR,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;QAC3B,uBAAuB,CAAC,OAAO,CAAC,GAAG,CAACC,yBAAe,EAAEL,WAAS,CAAC;AAC/D,QAAA,GAAG,CAAC,2CAA2C,EAAE,aAAEA,WAAS,EAAE,CAAC;AAC/D,QAAA,OAAO,uBAAuB;IAChC;;AAGA,IAAAM,oBAAc,CAAC;QACb,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,GAAG,CAAC,0BAA0B,EAAE,aAAEN,WAAS,EAAE,CAAC;IAC9C,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAC5D,YAAY,CAAC,OAAO,CAAC,GAAG,CAACK,yBAAe,EAAEL,WAAS,CAAC;AACpD,IAAA,GAAG,CAAC,4BAA4B,EAAE,aAAEA,WAAS,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,EAAE,CAAC;;AAG7E,IAAAO,kCAA2B,CAAC;QAC1B,IAAI;QACJ,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,WAAW;AACZ,KAAA,CAAC
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":["debug","requestId","getOrCreateRequestId","getAuth0Instance","getAuth0Config","handleCrossDomainLogout","requestIdHeader","addLoginParams","deleteRelatedSessionCookies","handleAccessTokenRequest","handleUserProfile","crossApplicationStateSynchronization","protectRoute","combineHeaders","NextResponse"],"mappings":";;;;;;;;;;;;;;;;;;;AAkBA,MAAM,GAAG,GAAGA,sBAAK,CAAC,iCAAiC,CAAC;AAEpD,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,KAAK,GASN,KAA2B;AAC1B,IAAA,MAAMC,WAAS,GAAGC,8BAAoB,CAAC,OAAO,CAAC;AAE/C,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO;IACpC,GAAG,CAAC,oBAAoB,EAAE;mBACxBD,WAAS;QACT,QAAQ;QACR,IAAI;QACJ,QAAQ;QACR,MAAM,EAAE,OAAO,CAAC,MAAM;AACvB,KAAA,CAAC;IAEF,MAAM,aAAa,GAAGE,iCAAgB,CAAC;QACrC,IAAI;QACJ,QAAQ;AACT,KAAA,CAAC;AAEF,IAAA,MAAM,WAAW,GAAGC,oBAAc,EAAE;IACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC3E,GAAG,CAAC,kBAAkB,EAAE,aAAEH,WAAS,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC;IAElE,MAAM,uBAAuB,GAAGI,8BAAuB,CAAC;QACtD,IAAI;QACJ,QAAQ;QACR,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;QAC3B,uBAAuB,CAAC,OAAO,CAAC,GAAG,CAACC,yBAAe,EAAEL,WAAS,CAAC;AAC/D,QAAA,GAAG,CAAC,2CAA2C,EAAE,aAAEA,WAAS,EAAE,CAAC;AAC/D,QAAA,OAAO,uBAAuB;IAChC;;AAGA,IAAAM,oBAAc,CAAC;QACb,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,GAAG,CAAC,0BAA0B,EAAE,aAAEN,WAAS,EAAE,CAAC;IAC9C,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAC5D,YAAY,CAAC,OAAO,CAAC,GAAG,CAACK,yBAAe,EAAEL,WAAS,CAAC;AACpD,IAAA,GAAG,CAAC,4BAA4B,EAAE,aAAEA,WAAS,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,EAAE,CAAC;;AAG7E,IAAAO,kCAA2B,CAAC;QAC1B,IAAI;QACJ,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,WAAW;AACZ,KAAA,CAAC;;;;;AAOF,IAAA,MAAM,wBAAwB,GAAG,MAAMC,8BAAwB,CAAC;QAC9D,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,OAAO;AACR,KAAA,CAAC;IACF,IAAI,wBAAwB,EAAE;AAC5B,QAAA,GAAG,CAAC,8BAA8B,EAAE,aAAER,WAAS,EAAE,CAAC;AAClD,QAAA,OAAO,wBAAwB;IACjC;;AAGA,IAAA,MAAM,uBAAuB,GAAG,MAAMS,yBAAiB,CAAC;QACtD,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,KAAK;AACN,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;AAC3B,QAAA,GAAG,CAAC,8BAA8B,EAAE,aAAET,WAAS,EAAE,CAAC;AAClD,QAAA,OAAO,uBAAuB;IAChC;;IAGA,IAAI,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,IAAI,gBAAgB,EAAE;AAC1D,QAAA,GAAG,CAAC,gCAAgC,EAAE,aAAEA,WAAS,EAAE,CAAC;AACpD,QAAA,OAAO,YAAY;IACrB;;;;;;;;;;;;;;AAkBA,IAAA,MAAM,YAAY,GAAG,MAAMU,yEAAoC,CAAC;QAC9D,OAAO;QACP,QAAQ;QACR,aAAa;QACb,WAAW;AACZ,KAAA,CAAC;IACF,IAAI,YAAY,EAAE;AAChB,QAAA,OAAO,YAAY;IACrB;;IAGA,MAAM,WAAW,GAAG,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,QAAQ,CAAC;IACnE,GAAG,CAAC,wBAAwB,EAAE,aAAEV,WAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;AACnE,IAAA,MAAM,kBAAkB,GAAG,MAAMW,yBAAY,CAAC;QAC5C,WAAW;QACX,aAAa;QACb,WAAW;QACX,QAAQ;QACR,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,OAAO;AACR,KAAA,CAAC;IACF,IAAI,kBAAkB,EAAE;QACtB,GAAG,CAAC,0BAA0B,EAAE;uBAC9BX,WAAS;AACT,YAAA,UAAU,EAAE,kBAAkB,CAAC,MAAM,KAAK,GAAG;AAC9C,SAAA,CAAC;AACF,QAAA,OAAO,kBAAkB;IAC3B;AAEA,IAAA,GAAG,CAAC,sCAAsC,EAAE,aAAEA,WAAS,EAAE,CAAC;IAC1D,MAAM,aAAa,GAAGY,6BAAc,CAAC;AACnC,QAAA,kBAAkB,EAAEC,mBAAY,CAAC,IAAI,CAAC;AACpC,YAAA,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;AACzB,aAAA;SACF,CAAC;QACF,YAAY;AACb,KAAA,CAAC;IACF,aAAa,CAAC,OAAO,CAAC,GAAG,CAACR,yBAAe,EAAEL,WAAS,CAAC;AACrD,IAAA,OAAO,aAAa;AACtB;;;;"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
+
var jose = require('jose');
|
|
3
4
|
var debug = require('debug');
|
|
4
5
|
var requestId = require('./requestId.js');
|
|
5
6
|
|
|
@@ -22,6 +23,14 @@ const proactivelyRefreshAccessToken = async ({ request, response, auth0Instance,
|
|
|
22
23
|
debugForceRefresh: auth0Config.debugForceTokenRefresh,
|
|
23
24
|
hasSession: !!session,
|
|
24
25
|
});
|
|
26
|
+
const decodedToken = session?.tokenSet.accessToken
|
|
27
|
+
? jose.decodeJwt(session.tokenSet.accessToken)
|
|
28
|
+
: null;
|
|
29
|
+
// eslint-disable-next-line no-console
|
|
30
|
+
console.log('Decoded token info', {
|
|
31
|
+
requestId: requestId$1,
|
|
32
|
+
decodedToken,
|
|
33
|
+
});
|
|
25
34
|
const result = await auth0Instance.getAccessToken(request, response, {
|
|
26
35
|
refresh: shouldRefresh,
|
|
27
36
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":["debug","requestId","getOrCreateRequestId"],"mappings":"
|
|
1
|
+
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":["debug","requestId","getOrCreateRequestId","decodeJwt"],"mappings":";;;;;;;;;;AASA,MAAM,GAAG,GAAGA,sBAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,6BAA6B,GAAG,OAAO,EAClD,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,GAMZ,KAAmD;AAClD,IAAA,MAAMC,WAAS,GAAGC,8BAAoB,CAAC,OAAO,CAAC;AAC/C,IAAA,GAAG,CAAC,qCAAqC,EAAE,aAAED,WAAS,EAAE,CAAC;IACzD,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,MAAM,SAAS,GAAG,OAAO,EAAE,QAAQ,CAAC,SAAS,IAAI,CAAC;IAClD,MAAM,gBAAgB,GAAG,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI;AACtD,IAAA,MAAM,aAAa,GACjB,WAAW,CAAC,sBAAsB,IAAI,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,EAAE;IAE1E,GAAG,CAAC,wBAAwB,EAAE;mBAC5BA,WAAS;QACT,aAAa;AACb,QAAA,gBAAgB,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC;QAC9C,iBAAiB,EAAE,WAAW,CAAC,sBAAsB;QACrD,UAAU,EAAE,CAAC,CAAC,OAAO;AACtB,KAAA,CAAC;AAEF,IAAA,MAAM,YAAY,GAAG,OAAO,EAAE,QAAQ,CAAC;UACnCE,cAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW;UACtC,IAAI;;AAER,IAAA,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE;mBAChCF,WAAS;QACT,YAAY;AACb,KAAA,CAAC;IAEF,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,EAAE,QAAQ,EAAE;AACnE,QAAA,OAAO,EAAE,aAAa;AACvB,KAAA,CAAC;IAEF,GAAG,CAAC,wBAAwB,EAAE;mBAC5BA,WAAS;QACT,SAAS,EAAE,MAAM,CAAC,SAAS;AAC3B,QAAA,WAAW,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM;AACjC,KAAA,CAAC;AAEF,IAAA,OAAO,MAAM;AACf;;;;"}
|
|
@@ -1,9 +1,14 @@
|
|
|
1
|
+
import debug from 'debug';
|
|
1
2
|
import { getManagedSellers } from '../../api/user/getManagedSellers.js';
|
|
2
3
|
import '../../api/user/client.js';
|
|
3
4
|
import { getEntitlements } from '../../api/entitlements/getEntitlements.js';
|
|
4
5
|
import '../../api/entitlements/client.js';
|
|
5
6
|
|
|
7
|
+
const log = debug('@smg-automotive/auth:user');
|
|
6
8
|
const enrichUser = async ({ user, accessToken, brand, }) => {
|
|
9
|
+
if (user.isMultiTenantUser) {
|
|
10
|
+
log('Fetching managed sellers for user');
|
|
11
|
+
}
|
|
7
12
|
const managedSellersResponse = user.isMultiTenantUser
|
|
8
13
|
? await getManagedSellers({
|
|
9
14
|
userId: user.userId,
|
|
@@ -18,11 +23,13 @@ const enrichUser = async ({ user, accessToken, brand, }) => {
|
|
|
18
23
|
});
|
|
19
24
|
// We can not load entitlements without a selected sellerId
|
|
20
25
|
if (user.forceTenantSelection) {
|
|
26
|
+
log('Returning user to force multi-tenant selection without entitlements');
|
|
21
27
|
return Object.assign(user, {
|
|
22
28
|
managedSellers: sortedManagedSellers,
|
|
23
29
|
entitlements: null,
|
|
24
30
|
});
|
|
25
31
|
}
|
|
32
|
+
log('Fetching entitlements for user');
|
|
26
33
|
const fullEntitlements = await getEntitlements({
|
|
27
34
|
sellerId: parseInt(user.sellerId, 10),
|
|
28
35
|
accessToken,
|
|
@@ -30,6 +37,7 @@ const enrichUser = async ({ user, accessToken, brand, }) => {
|
|
|
30
37
|
const entitlements = fullEntitlements && fullEntitlements[brand]
|
|
31
38
|
? fullEntitlements[brand]
|
|
32
39
|
: null;
|
|
40
|
+
log('Returning enriched user');
|
|
33
41
|
return Object.assign(user, {
|
|
34
42
|
managedSellers: sortedManagedSellers,
|
|
35
43
|
entitlements,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"session.js","sources":["../../../../../src/lib/enrichUser/session.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"session.js","sources":["../../../../../src/lib/enrichUser/session.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;AAOA,MAAM,GAAG,GAAG,KAAK,CAAC,2BAA2B,CAAC;AAEvC,MAAM,UAAU,GAAG,OAAO,EAC/B,IAAI,EACJ,WAAW,EACX,KAAK,GAKN,KAAkC;AACjC,IAAA,IAAI,IAAI,CAAC,iBAAiB,EAAE;QAC1B,GAAG,CAAC,mCAAmC,CAAC;IAC1C;AACA,IAAA,MAAM,sBAAsB,GAAG,IAAI,CAAC;UAChC,MAAM,iBAAiB,CAAC;YACtB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,WAAW;SACZ;UACD,IAAI;AACR,IAAA,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG;AAClC,UAAE;AACF,UAAE,EAAE,OAAO,EAAE,EAA0B,EAAE;IAC3C,MAAM,oBAAoB,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,KAAI;AACxD,QAAA,OAAO,CAAC,CAAC,CAAC,WAAW,IAAI,EAAE,EAAE,aAAa,CAAC,CAAC,CAAC,WAAW,IAAI,EAAE,CAAC;AACjE,IAAA,CAAC,CAAC;;AAGF,IAAA,IAAI,IAAI,CAAC,oBAAoB,EAAE;QAC7B,GAAG,CAAC,qEAAqE,CAAC;AAE1E,QAAA,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE;AACzB,YAAA,cAAc,EAAE,oBAAoB;AACpC,YAAA,YAAY,EAAE,IAAI;AACnB,SAAA,CAAC;IACJ;IAEA,GAAG,CAAC,gCAAgC,CAAC;AACrC,IAAA,MAAM,gBAAgB,GAAG,MAAM,eAAe,CAAC;QAC7C,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC;QACrC,WAAW;AACZ,KAAA,CAAC;AACF,IAAA,MAAM,YAAY,GAChB,gBAAgB,IAAI,gBAAgB,CAAC,KAAK;AACxC,UAAE,gBAAgB,CAAC,KAAK;UACtB,IAAI;IAEV,GAAG,CAAC,yBAAyB,CAAC;AAC9B,IAAA,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE;AACzB,QAAA,cAAc,EAAE,oBAAoB;QACpC,YAAY;AACb,KAAA,CAAC;AACJ;;;;"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getAccessToken.js","sources":["../../../../../src/server/helpers/getAccessToken.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAMA,MAAM,GAAG,GAAG,KAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,cAAc,GAAG,OAAO,EACnC,QAAQ,EACR,IAAI,EACJ,OAAO,GACwC,KAAI;IACnD,GAAG,CAAC,sBAAsB,EAAE;QAC1B,IAAI;QACJ,QAAQ;AACR,QAAA,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO;AAC/B,KAAA,CAAC;
|
|
1
|
+
{"version":3,"file":"getAccessToken.js","sources":["../../../../../src/server/helpers/getAccessToken.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAMA,MAAM,GAAG,GAAG,KAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,cAAc,GAAG,OAAO,EACnC,QAAQ,EACR,IAAI,EACJ,OAAO,GACwC,KAAI;IACnD,GAAG,CAAC,sBAAsB,EAAE;QAC1B,IAAI;QACJ,QAAQ;AACR,QAAA,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,OAAO;AAC/B,KAAA,CAAC;IAEF,MAAM,aAAa,GAAG,gBAAgB,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;AAC1D,IAAA,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,EAAE;AACzB,UAAE,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,QAAQ;AACtE,UAAE,MAAM,aAAa,CAAC,cAAc,EAAE;AACxC,IAAA,GAAG,CAAC,wBAAwB,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,IAAI,CAAC,EAAE,CAAC;AAClE,IAAA,OAAO,KAAK;AACd;;;;"}
|
|
@@ -8,31 +8,43 @@ const crossApplicationStateSynchronization = async ({ request, language, auth0In
|
|
|
8
8
|
}
|
|
9
9
|
const impersonatedSellerIdFromCookie = request.cookies.get(auth0Config.impersonatedSellerIdCookie.name)?.value;
|
|
10
10
|
console.log('impersonatedSellerIdFromCookie', impersonatedSellerIdFromCookie);
|
|
11
|
-
console.log('
|
|
11
|
+
console.log('typeof impersonatedSellerIdFromCookie', typeof impersonatedSellerIdFromCookie);
|
|
12
|
+
console.log('user.sellerId', typeof session?.user.sellerId);
|
|
13
|
+
console.log('typeof user.sellerId', typeof session?.user.sellerId);
|
|
14
|
+
console.log('session?.user.isMultiTenantUser', session?.user.isMultiTenantUser);
|
|
15
|
+
console.log('user: ', session?.user);
|
|
12
16
|
if (!session?.user.isMultiTenantUser && !impersonatedSellerIdFromCookie) {
|
|
13
17
|
console.log('User is not multi-tenant and no impersonation, no action needed');
|
|
14
18
|
return null;
|
|
15
19
|
}
|
|
16
20
|
let impersonateSellerId;
|
|
17
|
-
if (
|
|
21
|
+
if (impersonatedSellerIdFromCookie &&
|
|
22
|
+
session.user.sellerId !== impersonatedSellerIdFromCookie) {
|
|
18
23
|
console.log('Impersonated seller ID out of sync, redirecting to login to resync');
|
|
19
24
|
impersonateSellerId = impersonatedSellerIdFromCookie;
|
|
20
25
|
}
|
|
21
|
-
console.log('!session?.user', session?.user);
|
|
22
26
|
const sellerIdFromCookie = request.cookies.get(auth0Config.selectedSellerIdCookie.name)?.value;
|
|
27
|
+
console.log('sellerIdFromCookie', sellerIdFromCookie);
|
|
28
|
+
console.log('typeof sellerIdFromCookie', typeof sellerIdFromCookie);
|
|
23
29
|
let selectedSellerId;
|
|
24
|
-
if (
|
|
30
|
+
if (sellerIdFromCookie &&
|
|
31
|
+
session.user.sellerId !== sellerIdFromCookie &&
|
|
32
|
+
!impersonateSellerId) {
|
|
25
33
|
console.log('Selected seller ID out of sync, redirecting to login to resync');
|
|
26
34
|
selectedSellerId = sellerIdFromCookie;
|
|
27
35
|
}
|
|
28
|
-
console.log('!sellerIdFromCookie', sellerIdFromCookie);
|
|
29
36
|
if (!selectedSellerId && !impersonateSellerId) {
|
|
30
37
|
console.log('All in sync, no action needed');
|
|
31
38
|
return null;
|
|
32
39
|
}
|
|
33
|
-
console.log('Redirecting to login for resynchronization'
|
|
40
|
+
console.log('Redirecting to login for resynchronization', {
|
|
41
|
+
impersonateSellerId,
|
|
42
|
+
selectedSellerId,
|
|
43
|
+
currentSellerId: session.user.sellerId,
|
|
44
|
+
});
|
|
45
|
+
// Like that???
|
|
34
46
|
console.log(redirectToLogin);
|
|
35
|
-
|
|
47
|
+
const response = redirectToLogin({
|
|
36
48
|
auth0Config,
|
|
37
49
|
language,
|
|
38
50
|
returnTo: `${pathname}${search}`,
|
|
@@ -40,6 +52,16 @@ const crossApplicationStateSynchronization = async ({ request, language, auth0In
|
|
|
40
52
|
impersonateSellerId,
|
|
41
53
|
selectedSellerId,
|
|
42
54
|
});
|
|
55
|
+
// Clear session to prevent refreshes with outdated sellerId
|
|
56
|
+
session.tokenSet = {
|
|
57
|
+
accessToken: '',
|
|
58
|
+
expiresAt: 0,
|
|
59
|
+
};
|
|
60
|
+
await auth0Instance.updateSession(request, response, {
|
|
61
|
+
...session,
|
|
62
|
+
updatedAt: Date.now(),
|
|
63
|
+
});
|
|
64
|
+
return response;
|
|
43
65
|
};
|
|
44
66
|
|
|
45
67
|
export { crossApplicationStateSynchronization };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"crossApplicationStateSynchronization.js","sources":["../../../../../src/server/middleware/crossApplicationStateSynchronization.ts"],"sourcesContent":[null],"names":[],"mappings":";;AASO,MAAM,oCAAoC,GAAG,OAAO,EACzD,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,GAMZ,KAAkC;IACjC,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;AAEpD,IAAA,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClB,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,8BAA8B,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CACxD,WAAW,CAAC,0BAA0B,CAAC,IAAI,CAC5C,EAAE,KAAK;AAER,IAAA,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,8BAA8B,CAAC;IAC7E,OAAO,CAAC,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"crossApplicationStateSynchronization.js","sources":["../../../../../src/server/middleware/crossApplicationStateSynchronization.ts"],"sourcesContent":[null],"names":[],"mappings":";;AASO,MAAM,oCAAoC,GAAG,OAAO,EACzD,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,GAMZ,KAAkC;IACjC,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IACvD,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO;AAEpD,IAAA,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE;AAClB,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,8BAA8B,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CACxD,WAAW,CAAC,0BAA0B,CAAC,IAAI,CAC5C,EAAE,KAAK;AAER,IAAA,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,8BAA8B,CAAC;IAC7E,OAAO,CAAC,GAAG,CACT,uCAAuC,EACvC,OAAO,8BAA8B,CACtC;AACD,IAAA,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC;AAC3D,IAAA,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC;IAClE,OAAO,CAAC,GAAG,CACT,iCAAiC,EACjC,OAAO,EAAE,IAAI,CAAC,iBAAiB,CAChC;IACD,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,CAAC;IAEpC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,iBAAiB,IAAI,CAAC,8BAA8B,EAAE;AACvE,QAAA,OAAO,CAAC,GAAG,CACT,iEAAiE,CAClE;AACD,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,IAAI,mBAAuC;AAC3C,IAAA,IACE,8BAA8B;AAC9B,QAAA,OAAO,CAAC,IAAI,CAAC,QAAQ,KAAK,8BAA8B,EACxD;AACA,QAAA,OAAO,CAAC,GAAG,CACT,oEAAoE,CACrE;QACD,mBAAmB,GAAG,8BAA8B;IACtD;AAEA,IAAA,MAAM,kBAAkB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAC5C,WAAW,CAAC,sBAAsB,CAAC,IAAI,CACxC,EAAE,KAAK;AACR,IAAA,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,kBAAkB,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,2BAA2B,EAAE,OAAO,kBAAkB,CAAC;AAEnE,IAAA,IAAI,gBAAoC;AACxC,IAAA,IACE,kBAAkB;AAClB,QAAA,OAAO,CAAC,IAAI,CAAC,QAAQ,KAAK,kBAAkB;QAC5C,CAAC,mBAAmB,EACpB;AACA,QAAA,OAAO,CAAC,GAAG,CACT,gEAAgE,CACjE;QACD,gBAAgB,GAAG,kBAAkB;IACvC;AAEA,IAAA,IAAI,CAAC,gBAAgB,IAAI,CAAC,mBAAmB,EAAE;AAC7C,QAAA,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC;AAC5C,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,OAAO,CAAC,GAAG,CAAC,4CAA4C,EAAE;QACxD,mBAAmB;QACnB,gBAAgB;AAChB,QAAA,eAAe,EAAE,OAAO,CAAC,IAAI,CAAC,QAAQ;AACvC,KAAA,CAAC;;AAGF,IAAA,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;IAC5B,MAAM,QAAQ,GAAG,eAAe,CAAC;QAC/B,WAAW;QACX,QAAQ;AACR,QAAA,QAAQ,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAG,MAAM,CAAA,CAAE;QAChC,MAAM;QACN,mBAAmB;QACnB,gBAAgB;AACjB,KAAA,CAAC;;IAGF,OAAO,CAAC,QAAQ,GAAG;AACjB,QAAA,WAAW,EAAE,EAAE;AACf,QAAA,SAAS,EAAE,CAAC;KACb;AACD,IAAA,MAAM,aAAa,CAAC,aAAa,CAAC,OAAO,EAAE,QAAQ,EAAE;AACnD,QAAA,GAAG,OAAO;AACV,QAAA,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;AACtB,KAAA,CAAC;AAEF,IAAA,OAAO,QAAQ;AACjB;;;;"}
|
|
@@ -66,6 +66,9 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
66
66
|
response: authResponse,
|
|
67
67
|
auth0Config,
|
|
68
68
|
});
|
|
69
|
+
// FIXME: if we are out of since while using force refresh / the token is expired,
|
|
70
|
+
// the token set will get rotated with the wrong sellerId reusulting in a bad session where
|
|
71
|
+
// we detect the missmatch on a page route the but the XHR chain rotates with the outdated seller
|
|
69
72
|
// Access token handling - /api/auth/access-token
|
|
70
73
|
const accessTokenRequestResult = await handleAccessTokenRequest({
|
|
71
74
|
request,
|
|
@@ -95,6 +98,18 @@ const authMiddleware = async ({ request, isProtectedRoute, language, host, proto
|
|
|
95
98
|
log('Auth route, returning response', { requestId });
|
|
96
99
|
return authResponse;
|
|
97
100
|
}
|
|
101
|
+
// // Like that???
|
|
102
|
+
// console.log(redirectToLogin);
|
|
103
|
+
// const response = redirectToLogin({
|
|
104
|
+
// auth0Config,
|
|
105
|
+
// language,
|
|
106
|
+
// returnTo: `${pathname}${search}`,
|
|
107
|
+
// origin,
|
|
108
|
+
// impersonateSellerId,
|
|
109
|
+
// selectedSellerId,
|
|
110
|
+
// });
|
|
111
|
+
// await auth0Instance.updateSession(request, response, session);
|
|
112
|
+
// return response;
|
|
98
113
|
// Check if selected and impersonated seller are in sync across applications
|
|
99
114
|
const syncResponse = await crossApplicationStateSynchronization({
|
|
100
115
|
request,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;;;;;;AAkBA,MAAM,GAAG,GAAG,KAAK,CAAC,iCAAiC,CAAC;AAEpD,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,KAAK,GASN,KAA2B;AAC1B,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;AAE/C,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO;IACpC,GAAG,CAAC,oBAAoB,EAAE;QACxB,SAAS;QACT,QAAQ;QACR,IAAI;QACJ,QAAQ;QACR,MAAM,EAAE,OAAO,CAAC,MAAM;AACvB,KAAA,CAAC;IAEF,MAAM,aAAa,GAAG,gBAAgB,CAAC;QACrC,IAAI;QACJ,QAAQ;AACT,KAAA,CAAC;AAEF,IAAA,MAAM,WAAW,GAAG,cAAc,EAAE;IACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC3E,GAAG,CAAC,kBAAkB,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC;IAElE,MAAM,uBAAuB,GAAG,uBAAuB,CAAC;QACtD,IAAI;QACJ,QAAQ;QACR,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;QAC3B,uBAAuB,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC;AAC/D,QAAA,GAAG,CAAC,2CAA2C,EAAE,EAAE,SAAS,EAAE,CAAC;AAC/D,QAAA,OAAO,uBAAuB;IAChC;;AAGA,IAAA,cAAc,CAAC;QACb,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,GAAG,CAAC,0BAA0B,EAAE,EAAE,SAAS,EAAE,CAAC;IAC9C,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAC5D,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC;AACpD,IAAA,GAAG,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,EAAE,CAAC;;AAG7E,IAAA,2BAA2B,CAAC;QAC1B,IAAI;QACJ,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,WAAW;AACZ,KAAA,CAAC
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../../../src/server/middleware/index.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;;;;;;AAkBA,MAAM,GAAG,GAAG,KAAK,CAAC,iCAAiC,CAAC;AAEpD,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,WAAwB,KAAI;AACjE,IAAA,MAAM,EACJ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,GACd,GAAG,WAAW;IAEf,OAAO;QACL,aAAa;QACb,cAAc;QACd,gBAAgB;QAChB,mBAAmB;QACnB,aAAa;AACd,KAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,CAAC;MAEY,cAAc,GAAG,OAAO,EACnC,OAAO,EACP,gBAAgB,EAChB,QAAQ,EACR,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,KAAK,GASN,KAA2B;AAC1B,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;AAE/C,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO;IACpC,GAAG,CAAC,oBAAoB,EAAE;QACxB,SAAS;QACT,QAAQ;QACR,IAAI;QACJ,QAAQ;QACR,MAAM,EAAE,OAAO,CAAC,MAAM;AACvB,KAAA,CAAC;IAEF,MAAM,aAAa,GAAG,gBAAgB,CAAC;QACrC,IAAI;QACJ,QAAQ;AACT,KAAA,CAAC;AAEF,IAAA,MAAM,WAAW,GAAG,cAAc,EAAE;IACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC3E,GAAG,CAAC,kBAAkB,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC;IAElE,MAAM,uBAAuB,GAAG,uBAAuB,CAAC;QACtD,IAAI;QACJ,QAAQ;QACR,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;QAC3B,uBAAuB,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC;AAC/D,QAAA,GAAG,CAAC,2CAA2C,EAAE,EAAE,SAAS,EAAE,CAAC;AAC/D,QAAA,OAAO,uBAAuB;IAChC;;AAGA,IAAA,cAAc,CAAC;QACb,OAAO;QACP,WAAW;AACZ,KAAA,CAAC;AAEF,IAAA,GAAG,CAAC,0BAA0B,EAAE,EAAE,SAAS,EAAE,CAAC;IAC9C,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAC5D,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC;AACpD,IAAA,GAAG,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,EAAE,CAAC;;AAG7E,IAAA,2BAA2B,CAAC;QAC1B,IAAI;QACJ,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,WAAW;AACZ,KAAA,CAAC;;;;;AAOF,IAAA,MAAM,wBAAwB,GAAG,MAAM,wBAAwB,CAAC;QAC9D,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,OAAO;AACR,KAAA,CAAC;IACF,IAAI,wBAAwB,EAAE;AAC5B,QAAA,GAAG,CAAC,8BAA8B,EAAE,EAAE,SAAS,EAAE,CAAC;AAClD,QAAA,OAAO,wBAAwB;IACjC;;AAGA,IAAA,MAAM,uBAAuB,GAAG,MAAM,iBAAiB,CAAC;QACtD,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,aAAa;QACb,WAAW;QACX,KAAK;AACN,KAAA,CAAC;IACF,IAAI,uBAAuB,EAAE;AAC3B,QAAA,GAAG,CAAC,8BAA8B,EAAE,EAAE,SAAS,EAAE,CAAC;AAClD,QAAA,OAAO,uBAAuB;IAChC;;IAGA,IAAI,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,IAAI,gBAAgB,EAAE;AAC1D,QAAA,GAAG,CAAC,gCAAgC,EAAE,EAAE,SAAS,EAAE,CAAC;AACpD,QAAA,OAAO,YAAY;IACrB;;;;;;;;;;;;;;AAkBA,IAAA,MAAM,YAAY,GAAG,MAAM,oCAAoC,CAAC;QAC9D,OAAO;QACP,QAAQ;QACR,aAAa;QACb,WAAW;AACZ,KAAA,CAAC;IACF,IAAI,YAAY,EAAE;AAChB,QAAA,OAAO,YAAY;IACrB;;IAGA,MAAM,WAAW,GAAG,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,QAAQ,CAAC;IACnE,GAAG,CAAC,wBAAwB,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;AACnE,IAAA,MAAM,kBAAkB,GAAG,MAAM,YAAY,CAAC;QAC5C,WAAW;QACX,aAAa;QACb,WAAW;QACX,QAAQ;QACR,OAAO;AACP,QAAA,QAAQ,EAAE,YAAY;QACtB,OAAO;AACR,KAAA,CAAC;IACF,IAAI,kBAAkB,EAAE;QACtB,GAAG,CAAC,0BAA0B,EAAE;YAC9B,SAAS;AACT,YAAA,UAAU,EAAE,kBAAkB,CAAC,MAAM,KAAK,GAAG;AAC9C,SAAA,CAAC;AACF,QAAA,OAAO,kBAAkB;IAC3B;AAEA,IAAA,GAAG,CAAC,sCAAsC,EAAE,EAAE,SAAS,EAAE,CAAC;IAC1D,MAAM,aAAa,GAAG,cAAc,CAAC;AACnC,QAAA,kBAAkB,EAAE,YAAY,CAAC,IAAI,CAAC;AACpC,YAAA,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;AACzB,aAAA;SACF,CAAC;QACF,YAAY;AACb,KAAA,CAAC;IACF,aAAa,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC;AACrD,IAAA,OAAO,aAAa;AACtB;;;;"}
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { decodeJwt } from 'jose';
|
|
1
2
|
import debug from 'debug';
|
|
2
3
|
import { getOrCreateRequestId } from './requestId.js';
|
|
3
4
|
|
|
@@ -16,6 +17,14 @@ const proactivelyRefreshAccessToken = async ({ request, response, auth0Instance,
|
|
|
16
17
|
debugForceRefresh: auth0Config.debugForceTokenRefresh,
|
|
17
18
|
hasSession: !!session,
|
|
18
19
|
});
|
|
20
|
+
const decodedToken = session?.tokenSet.accessToken
|
|
21
|
+
? decodeJwt(session.tokenSet.accessToken)
|
|
22
|
+
: null;
|
|
23
|
+
// eslint-disable-next-line no-console
|
|
24
|
+
console.log('Decoded token info', {
|
|
25
|
+
requestId,
|
|
26
|
+
decodedToken,
|
|
27
|
+
});
|
|
19
28
|
const result = await auth0Instance.getAccessToken(request, response, {
|
|
20
29
|
refresh: shouldRefresh,
|
|
21
30
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"proactivelyRefreshAccessToken.js","sources":["../../../../../src/server/middleware/proactivelyRefreshAccessToken.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;AASA,MAAM,GAAG,GAAG,KAAK,CAAC,4BAA4B,CAAC;AAExC,MAAM,6BAA6B,GAAG,OAAO,EAClD,OAAO,EACP,QAAQ,EACR,aAAa,EACb,WAAW,GAMZ,KAAmD;AAClD,IAAA,MAAM,SAAS,GAAG,oBAAoB,CAAC,OAAO,CAAC;AAC/C,IAAA,GAAG,CAAC,qCAAqC,EAAE,EAAE,SAAS,EAAE,CAAC;IACzD,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC;IAEvD,MAAM,SAAS,GAAG,OAAO,EAAE,QAAQ,CAAC,SAAS,IAAI,CAAC;IAClD,MAAM,gBAAgB,GAAG,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI;AACtD,IAAA,MAAM,aAAa,GACjB,WAAW,CAAC,sBAAsB,IAAI,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,EAAE;IAE1E,GAAG,CAAC,wBAAwB,EAAE;QAC5B,SAAS;QACT,aAAa;AACb,QAAA,gBAAgB,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC;QAC9C,iBAAiB,EAAE,WAAW,CAAC,sBAAsB;QACrD,UAAU,EAAE,CAAC,CAAC,OAAO;AACtB,KAAA,CAAC;AAEF,IAAA,MAAM,YAAY,GAAG,OAAO,EAAE,QAAQ,CAAC;UACnC,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW;UACtC,IAAI;;AAER,IAAA,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE;QAChC,SAAS;QACT,YAAY;AACb,KAAA,CAAC;IAEF,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,cAAc,CAAC,OAAO,EAAE,QAAQ,EAAE;AACnE,QAAA,OAAO,EAAE,aAAa;AACvB,KAAA,CAAC;IAEF,GAAG,CAAC,wBAAwB,EAAE;QAC5B,SAAS;QACT,SAAS,EAAE,MAAM,CAAC,SAAS;AAC3B,QAAA,WAAW,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM;AACjC,KAAA,CAAC;AAEF,IAAA,OAAO,MAAM;AACf;;;;"}
|