@sourceregistry/sveltekit-oidc 1.6.1 → 1.6.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/server/index.js +28 -20
- package/dist/server/types.d.ts +5 -0
- package/package.json +1 -1
package/dist/server/index.js
CHANGED
|
@@ -8,7 +8,8 @@ import { absoluteUrl, base64UrlEncode, buildCookieOptions, collectGroups, create
|
|
|
8
8
|
export { createInMemoryBackChannelLogoutStore, createInMemorySessionStore } from './store.js';
|
|
9
9
|
import { createInMemoryBackChannelLogoutStore, createInMemorySessionStore } from './store.js';
|
|
10
10
|
function buildLogger(logger) {
|
|
11
|
-
const noop = () => {
|
|
11
|
+
const noop = () => {
|
|
12
|
+
};
|
|
12
13
|
if (logger === false)
|
|
13
14
|
return { debug: noop, info: noop, warn: noop, error: noop };
|
|
14
15
|
if (logger)
|
|
@@ -269,13 +270,13 @@ export function createOIDC(options) {
|
|
|
269
270
|
}
|
|
270
271
|
return backChannelLogoutStore.isRevoked(session);
|
|
271
272
|
}
|
|
272
|
-
async function maybeRefreshSession(
|
|
273
|
+
async function maybeRefreshSession(cookies, persisted) {
|
|
273
274
|
const session = persisted?.session ?? null;
|
|
274
275
|
if (!session) {
|
|
275
276
|
return null;
|
|
276
277
|
}
|
|
277
278
|
if (await isRevoked(session)) {
|
|
278
|
-
await clearPersistedSession(
|
|
279
|
+
await clearPersistedSession(cookies, persisted?.id);
|
|
279
280
|
return null;
|
|
280
281
|
}
|
|
281
282
|
if (!shouldRefresh(session, refreshToleranceSeconds)) {
|
|
@@ -309,17 +310,17 @@ export function createOIDC(options) {
|
|
|
309
310
|
isRefresh: true
|
|
310
311
|
})
|
|
311
312
|
: nextSession;
|
|
312
|
-
await writePersistedSession(
|
|
313
|
+
await writePersistedSession(cookies, finalSession, persisted?.id);
|
|
313
314
|
return finalSession;
|
|
314
315
|
}
|
|
315
316
|
catch (err) {
|
|
316
317
|
log.error('Token refresh failed — clearing session', err);
|
|
317
|
-
await clearPersistedSession(
|
|
318
|
+
await clearPersistedSession(cookies, persisted?.id);
|
|
318
319
|
return null;
|
|
319
320
|
}
|
|
320
321
|
}
|
|
321
322
|
async function getSession(event) {
|
|
322
|
-
return maybeRefreshSession(event, await readPersistedSession(event.cookies));
|
|
323
|
+
return maybeRefreshSession(event.cookies, await readPersistedSession(event.cookies));
|
|
323
324
|
}
|
|
324
325
|
async function signIn(event, loginOptions = {}) {
|
|
325
326
|
const metadata = await getMetadata();
|
|
@@ -473,22 +474,28 @@ export function createOIDC(options) {
|
|
|
473
474
|
throw redirect(302, `${absoluteUrl(event, loginPath)}?returnTo=${encodeURIComponent(returnTo ?? `${event.url.pathname}${event.url.search}`)}`);
|
|
474
475
|
}
|
|
475
476
|
const handle = async ({ event, resolve }) => {
|
|
476
|
-
const
|
|
477
|
-
event.locals.oidc =
|
|
478
|
-
isAuthenticated: Boolean(session),
|
|
479
|
-
session,
|
|
480
|
-
user: session?.user,
|
|
481
|
-
claims: session?.claims,
|
|
482
|
-
requireAuth: async () => {
|
|
483
|
-
if (!session) {
|
|
484
|
-
throw error(401, { message: 'Authentication required' });
|
|
485
|
-
}
|
|
486
|
-
return session;
|
|
487
|
-
},
|
|
488
|
-
clearSession: async () => clearPersistedSession(event.cookies)
|
|
489
|
-
};
|
|
477
|
+
const { oidc } = await hook(event);
|
|
478
|
+
event.locals.oidc = oidc;
|
|
490
479
|
return resolve(event);
|
|
491
480
|
};
|
|
481
|
+
async function hook(event) {
|
|
482
|
+
const session = await getSession(event);
|
|
483
|
+
return {
|
|
484
|
+
oidc: {
|
|
485
|
+
isAuthenticated: Boolean(session),
|
|
486
|
+
session,
|
|
487
|
+
user: session?.user,
|
|
488
|
+
claims: session?.claims,
|
|
489
|
+
requireAuth: async () => {
|
|
490
|
+
if (!session) {
|
|
491
|
+
throw error(401, { message: 'Authentication required' });
|
|
492
|
+
}
|
|
493
|
+
return session;
|
|
494
|
+
},
|
|
495
|
+
clearSession: async () => clearPersistedSession(event.cookies)
|
|
496
|
+
}
|
|
497
|
+
};
|
|
498
|
+
}
|
|
492
499
|
function loginHandler(defaults = {}) {
|
|
493
500
|
return async (event) => {
|
|
494
501
|
const returnTo = event.url.searchParams.get('returnTo') ?? defaults.returnTo;
|
|
@@ -565,6 +572,7 @@ export function createOIDC(options) {
|
|
|
565
572
|
}
|
|
566
573
|
return {
|
|
567
574
|
handle,
|
|
575
|
+
hook,
|
|
568
576
|
getMetadata,
|
|
569
577
|
getSession,
|
|
570
578
|
getPublicSession: async (event) => toPublicSession(await getSession(event)),
|
package/dist/server/types.d.ts
CHANGED
|
@@ -242,6 +242,11 @@ export type OIDCPersistedSession<TClaims extends OIDCUserClaims = OIDCUserClaims
|
|
|
242
242
|
};
|
|
243
243
|
export type OIDCInstance<TClaims extends OIDCUserClaims = OIDCUserClaims, TSession extends OIDCSession<TClaims> = OIDCSession<TClaims>> = {
|
|
244
244
|
handle: Handle;
|
|
245
|
+
hook: (event: {
|
|
246
|
+
cookies: RequestEvent['cookies'];
|
|
247
|
+
}) => Promise<{
|
|
248
|
+
oidc: OIDCHandleLocals<TClaims, TSession>;
|
|
249
|
+
}>;
|
|
245
250
|
getMetadata: () => Promise<OIDCDiscoveryDocument>;
|
|
246
251
|
getSession: (event: RequestEvent) => Promise<TSession | null>;
|
|
247
252
|
getPublicSession: (event: RequestEvent) => Promise<OIDCPublicSession<TClaims> | null>;
|