@stackframe/js 2.8.54 → 2.8.56
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +20 -0
- package/dist/esm/lib/cookie.js +50 -15
- package/dist/esm/lib/cookie.js.map +1 -1
- package/dist/esm/lib/stack-app/apps/implementations/client-app-impl.js +7 -6
- package/dist/esm/lib/stack-app/apps/implementations/client-app-impl.js.map +1 -1
- package/dist/esm/lib/stack-app/apps/implementations/common.js +1 -1
- package/dist/esm/lib/stack-app/apps/implementations/common.js.map +1 -1
- package/dist/lib/cookie.js +50 -15
- package/dist/lib/cookie.js.map +1 -1
- package/dist/lib/stack-app/apps/implementations/client-app-impl.js +6 -5
- package/dist/lib/stack-app/apps/implementations/client-app-impl.js.map +1 -1
- package/dist/lib/stack-app/apps/implementations/common.js +1 -1
- package/dist/lib/stack-app/apps/implementations/common.js.map +1 -1
- package/package.json +2 -2
|
@@ -7,7 +7,7 @@ import { Result } from "@stackframe/stack-shared/dist/utils/results";
|
|
|
7
7
|
import { Store } from "@stackframe/stack-shared/dist/utils/stores";
|
|
8
8
|
import { stackAppInternalsSymbol } from "../../common.js";
|
|
9
9
|
var process = globalThis.process ?? { env: {} };
|
|
10
|
-
var clientVersion = "js @stackframe/js@2.8.
|
|
10
|
+
var clientVersion = "js @stackframe/js@2.8.56";
|
|
11
11
|
if (clientVersion.startsWith("STACK_COMPILE_TIME")) {
|
|
12
12
|
throw new StackAssertionError("Client version was not replaced. Something went wrong during build!");
|
|
13
13
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../../../src/lib/stack-app/apps/implementations/common.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { InternalSession } from \"@stackframe/stack-shared/dist/sessions\";\nimport { AsyncCache } from \"@stackframe/stack-shared/dist/utils/caches\";\nimport { isBrowserLike } from \"@stackframe/stack-shared/dist/utils/env\";\nimport { StackAssertionError, concatStacktraces, throwErr } from \"@stackframe/stack-shared/dist/utils/errors\";\nimport { getGlobal } from \"@stackframe/stack-shared/dist/utils/globals\";\nimport { filterUndefined, omit } from \"@stackframe/stack-shared/dist/utils/objects\";\nimport { ReactPromise } from \"@stackframe/stack-shared/dist/utils/promises\";\nimport { suspendIfSsr, use } from \"@stackframe/stack-shared/dist/utils/react\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { Store } from \"@stackframe/stack-shared/dist/utils/stores\";\nimport { HandlerUrls, stackAppInternalsSymbol } from \"../../common\";\n\n// hack to make sure process is defined in non-node environments\nconst process = (globalThis as any).process ?? { env: {} }; // THIS_LINE_PLATFORM js react\n\nexport const clientVersion = \"js @stackframe/js@2.8.54\";\nif (clientVersion.startsWith(\"STACK_COMPILE_TIME\")) {\n throw new StackAssertionError(\"Client version was not replaced. Something went wrong during build!\");\n}\n\nconst replaceStackPortPrefix = <T extends string | undefined>(input: T): T => {\n if (!input) return input;\n const prefix = process.env.NEXT_PUBLIC_STACK_PORT_PREFIX;\n return prefix ? input.replace(/\\$\\{NEXT_PUBLIC_STACK_PORT_PREFIX:-81\\}/g, prefix) as T : input;\n};\n\n\nexport const createCache = <D extends any[], T>(fetcher: (dependencies: D) => Promise<T>) => {\n return new AsyncCache<D, Result<T>>(\n async (dependencies) => await Result.fromThrowingAsync(async () => await fetcher(dependencies)),\n {},\n );\n};\n\nexport const createCacheBySession = <D extends any[], T>(fetcher: (session: InternalSession, extraDependencies: D) => Promise<T> ) => {\n return new AsyncCache<[InternalSession, ...D], Result<T>>(\n async ([session, ...extraDependencies]) => await Result.fromThrowingAsync(async () => await fetcher(session, extraDependencies)),\n {\n onSubscribe: ([session], refresh) => {\n const handler = session.onInvalidate(() => refresh());\n return () => handler.unsubscribe();\n },\n },\n );\n};\n\n\ntype AppLike = { [stackAppInternalsSymbol]: { getConstructorOptions: () => any } };\nexport function resolveConstructorOptions<T extends { inheritsFrom?: AppLike }>(options: T): T & { inheritsFrom?: undefined } {\n return {\n ...options.inheritsFrom?.[stackAppInternalsSymbol].getConstructorOptions() ?? {},\n ...filterUndefined(omit(options, [\"inheritsFrom\"])),\n };\n}\n\nexport function getUrls(partial: Partial<HandlerUrls>): HandlerUrls {\n const handler = partial.handler ?? \"/handler\";\n const home = partial.home ?? \"/\";\n const afterSignIn = partial.afterSignIn ?? home;\n return {\n handler,\n signIn: `${handler}/sign-in`,\n afterSignIn: home,\n signUp: `${handler}/sign-up`,\n afterSignUp: afterSignIn,\n signOut: `${handler}/sign-out`,\n afterSignOut: home,\n emailVerification: `${handler}/email-verification`,\n passwordReset: `${handler}/password-reset`,\n forgotPassword: `${handler}/forgot-password`,\n oauthCallback: `${handler}/oauth-callback`,\n magicLinkCallback: `${handler}/magic-link-callback`,\n home: home,\n accountSettings: `${handler}/account-settings`,\n error: `${handler}/error`,\n teamInvitation: `${handler}/team-invitation`,\n mfa: `${handler}/mfa`,\n ...filterUndefined(partial),\n };\n}\n\nexport function getDefaultProjectId() {\n return process.env.NEXT_PUBLIC_STACK_PROJECT_ID || process.env.STACK_PROJECT_ID || throwErr(new Error(\"Welcome to Stack Auth! It seems that you haven't provided a project ID. Please create a project on the Stack dashboard at https://app.stack-auth.com and put it in the NEXT_PUBLIC_STACK_PROJECT_ID environment variable.\"));\n}\n\nexport function getDefaultPublishableClientKey() {\n return process.env.NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY || process.env.STACK_PUBLISHABLE_CLIENT_KEY || throwErr(new Error(\"Welcome to Stack Auth! It seems that you haven't provided a publishable client key. Please create an API key for your project on the Stack dashboard at https://app.stack-auth.com and copy your publishable client key into the NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY environment variable.\"));\n}\n\nexport function getDefaultSecretServerKey() {\n return process.env.STACK_SECRET_SERVER_KEY || throwErr(new Error(\"No secret server key provided. Please copy your key from the Stack dashboard and put it in the STACK_SECRET_SERVER_KEY environment variable.\"));\n}\n\nexport function getDefaultSuperSecretAdminKey() {\n return process.env.STACK_SUPER_SECRET_ADMIN_KEY || throwErr(new Error(\"No super secret admin key provided. Please copy your key from the Stack dashboard and put it in the STACK_SUPER_SECRET_ADMIN_KEY environment variable.\"));\n}\n\nexport function getDefaultExtraRequestHeaders() {\n return JSON.parse(process.env.NEXT_PUBLIC_STACK_EXTRA_REQUEST_HEADERS || process.env.STACK_EXTRA_REQUEST_HEADERS || '{}');\n}\n\n/**\n * Returns the base URL for the Stack API.\n *\n * The URL can be specified in several ways, in order of precedence:\n * 1. Directly through userSpecifiedBaseUrl parameter as string or browser/server object\n * 2. Through environment variables:\n * - Browser: NEXT_PUBLIC_BROWSER_STACK_API_URL\n * - Server: NEXT_PUBLIC_SERVER_STACK_API_URL\n * - Fallback: NEXT_PUBLIC_STACK_API_URL or NEXT_PUBLIC_STACK_URL\n * 3. Default base URL if none of the above are specified\n *\n * The function also ensures the URL doesn't end with a trailing slash\n * by removing it if present.\n *\n * @param userSpecifiedBaseUrl - Optional URL override as string or {browser, server} object\n * @returns The configured base URL without trailing slash\n\n */\nexport function getBaseUrl(userSpecifiedBaseUrl: string | { browser: string, server: string } | undefined) {\n let url;\n if (userSpecifiedBaseUrl) {\n if (typeof userSpecifiedBaseUrl === \"string\") {\n url = userSpecifiedBaseUrl;\n } else {\n if (isBrowserLike()) {\n url = userSpecifiedBaseUrl.browser;\n } else {\n url = userSpecifiedBaseUrl.server;\n }\n }\n } else {\n // note: NEXT_PUBLIC_BROWSER_STACK_API_URL was renamed to NEXT_PUBLIC_STACK_API_URL_BROWSER, and NEXT_PUBLIC_STACK_URL to NEXT_PUBLIC_STACK_API_URL\n if (isBrowserLike()) {\n url = process.env.NEXT_PUBLIC_BROWSER_STACK_API_URL || process.env.NEXT_PUBLIC_STACK_API_URL_BROWSER || process.env.STACK_API_URL_BROWSER;\n } else {\n url = process.env.NEXT_PUBLIC_SERVER_STACK_API_URL || process.env.NEXT_PUBLIC_STACK_API_URL_SERVER || process.env.STACK_API_URL_SERVER;\n }\n url = url || process.env.NEXT_PUBLIC_STACK_API_URL || process.env.STACK_API_URL || process.env.NEXT_PUBLIC_STACK_URL || defaultBaseUrl;\n }\n\n return replaceStackPortPrefix(url.endsWith('/') ? url.slice(0, -1) : url);\n}\nexport const defaultBaseUrl = \"https://api.stack-auth.com\";\n\nexport type TokenObject = {\n accessToken: string | null,\n refreshToken: string | null,\n};\n\nexport function createEmptyTokenStore() {\n return new Store<TokenObject>({\n refreshToken: null,\n accessToken: null,\n });\n}\n\n\n"],"mappings":";AAKA,SAAS,kBAAkB;AAC3B,SAAS,qBAAqB;AAC9B,SAAS,qBAAwC,gBAAgB;AAEjE,SAAS,iBAAiB,YAAY;AAGtC,SAAS,cAAc;AACvB,SAAS,aAAa;AACtB,SAAsB,+BAA+B;AAGrD,IAAM,UAAW,WAAmB,WAAW,EAAE,KAAK,CAAC,EAAE;AAElD,IAAM,gBAAgB;AAC7B,IAAI,cAAc,WAAW,oBAAoB,GAAG;AAClD,QAAM,IAAI,oBAAoB,qEAAqE;AACrG;AAEA,IAAM,yBAAyB,CAA+B,UAAgB;AAC5E,MAAI,CAAC,MAAO,QAAO;AACnB,QAAM,SAAS,QAAQ,IAAI;AAC3B,SAAO,SAAS,MAAM,QAAQ,4CAA4C,MAAM,IAAS;AAC3F;AAGO,IAAM,cAAc,CAAqB,YAA6C;AAC3F,SAAO,IAAI;AAAA,IACT,OAAO,iBAAiB,MAAM,OAAO,kBAAkB,YAAY,MAAM,QAAQ,YAAY,CAAC;AAAA,IAC9F,CAAC;AAAA,EACH;AACF;AAEO,IAAM,uBAAuB,CAAqB,YAA6E;AACpI,SAAO,IAAI;AAAA,IACT,OAAO,CAAC,SAAY,oBAAiB,MAAM,MAAM,OAAO,kBAAkB,YAAY,MAAM,QAAQ,SAAS,iBAAiB,CAAC;AAAA,IAC/H;AAAA,MACE,aAAa,CAAC,CAAC,OAAO,GAAG,YAAY;AACnC,cAAM,UAAU,QAAQ,aAAa,MAAM,QAAQ,CAAC;AACpD,eAAO,MAAM,QAAQ,YAAY;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AACF;AAIO,SAAS,0BAAgE,SAA8C;AAC5H,SAAO;AAAA,IACL,GAAG,QAAQ,eAAe,uBAAuB,EAAE,sBAAsB,KAAK,CAAC;AAAA,IAC/E,GAAG,gBAAgB,KAAK,SAAS,CAAC,cAAc,CAAC,CAAC;AAAA,EACpD;AACF;AAEO,SAAS,QAAQ,SAA4C;AAClE,QAAM,UAAU,QAAQ,WAAW;AACnC,QAAM,OAAO,QAAQ,QAAQ;AAC7B,QAAM,cAAc,QAAQ,eAAe;AAC3C,SAAO;AAAA,IACL;AAAA,IACA,QAAQ,GAAG,OAAO;AAAA,IAClB,aAAa;AAAA,IACb,QAAQ,GAAG,OAAO;AAAA,IAClB,aAAa;AAAA,IACb,SAAS,GAAG,OAAO;AAAA,IACnB,cAAc;AAAA,IACd,mBAAmB,GAAG,OAAO;AAAA,IAC7B,eAAe,GAAG,OAAO;AAAA,IACzB,gBAAgB,GAAG,OAAO;AAAA,IAC1B,eAAe,GAAG,OAAO;AAAA,IACzB,mBAAmB,GAAG,OAAO;AAAA,IAC7B;AAAA,IACA,iBAAiB,GAAG,OAAO;AAAA,IAC3B,OAAO,GAAG,OAAO;AAAA,IACjB,gBAAgB,GAAG,OAAO;AAAA,IAC1B,KAAK,GAAG,OAAO;AAAA,IACf,GAAG,gBAAgB,OAAO;AAAA,EAC5B;AACF;AAEO,SAAS,sBAAsB;AACpC,SAAO,QAAQ,IAAI,gCAAgC,QAAQ,IAAI,oBAAoB,SAAS,IAAI,MAAM,2NAA2N,CAAC;AACpU;AAEO,SAAS,iCAAiC;AAC/C,SAAO,QAAQ,IAAI,4CAA4C,QAAQ,IAAI,gCAAgC,SAAS,IAAI,MAAM,iSAAiS,CAAC;AACla;AAEO,SAAS,4BAA4B;AAC1C,SAAO,QAAQ,IAAI,2BAA2B,SAAS,IAAI,MAAM,8IAA8I,CAAC;AAClN;AAEO,SAAS,gCAAgC;AAC9C,SAAO,QAAQ,IAAI,gCAAgC,SAAS,IAAI,MAAM,wJAAwJ,CAAC;AACjO;AAEO,SAAS,gCAAgC;AAC9C,SAAO,KAAK,MAAM,QAAQ,IAAI,2CAA2C,QAAQ,IAAI,+BAA+B,IAAI;AAC1H;AAoBO,SAAS,WAAW,sBAAgF;AACzG,MAAI;AACJ,MAAI,sBAAsB;AACxB,QAAI,OAAO,yBAAyB,UAAU;AAC5C,YAAM;AAAA,IACR,OAAO;AACL,UAAI,cAAc,GAAG;AACnB,cAAM,qBAAqB;AAAA,MAC7B,OAAO;AACL,cAAM,qBAAqB;AAAA,MAC7B;AAAA,IACF;AAAA,EACF,OAAO;AAEL,QAAI,cAAc,GAAG;AACnB,YAAM,QAAQ,IAAI,qCAAqC,QAAQ,IAAI,qCAAqC,QAAQ,IAAI;AAAA,IACtH,OAAO;AACL,YAAM,QAAQ,IAAI,oCAAoC,QAAQ,IAAI,oCAAoC,QAAQ,IAAI;AAAA,IACpH;AACA,UAAM,OAAO,QAAQ,IAAI,6BAA6B,QAAQ,IAAI,iBAAiB,QAAQ,IAAI,yBAAyB;AAAA,EAC1H;AAEA,SAAO,uBAAuB,IAAI,SAAS,GAAG,IAAI,IAAI,MAAM,GAAG,EAAE,IAAI,GAAG;AAC1E;AACO,IAAM,iBAAiB;AAOvB,SAAS,wBAAwB;AACtC,SAAO,IAAI,MAAmB;AAAA,IAC5B,cAAc;AAAA,IACd,aAAa;AAAA,EACf,CAAC;AACH;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../../../../../../src/lib/stack-app/apps/implementations/common.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { InternalSession } from \"@stackframe/stack-shared/dist/sessions\";\nimport { AsyncCache } from \"@stackframe/stack-shared/dist/utils/caches\";\nimport { isBrowserLike } from \"@stackframe/stack-shared/dist/utils/env\";\nimport { StackAssertionError, concatStacktraces, throwErr } from \"@stackframe/stack-shared/dist/utils/errors\";\nimport { getGlobal } from \"@stackframe/stack-shared/dist/utils/globals\";\nimport { filterUndefined, omit } from \"@stackframe/stack-shared/dist/utils/objects\";\nimport { ReactPromise } from \"@stackframe/stack-shared/dist/utils/promises\";\nimport { suspendIfSsr, use } from \"@stackframe/stack-shared/dist/utils/react\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { Store } from \"@stackframe/stack-shared/dist/utils/stores\";\nimport { HandlerUrls, stackAppInternalsSymbol } from \"../../common\";\n\n// hack to make sure process is defined in non-node environments\nconst process = (globalThis as any).process ?? { env: {} }; // THIS_LINE_PLATFORM js react\n\nexport const clientVersion = \"js @stackframe/js@2.8.56\";\nif (clientVersion.startsWith(\"STACK_COMPILE_TIME\")) {\n throw new StackAssertionError(\"Client version was not replaced. Something went wrong during build!\");\n}\n\nconst replaceStackPortPrefix = <T extends string | undefined>(input: T): T => {\n if (!input) return input;\n const prefix = process.env.NEXT_PUBLIC_STACK_PORT_PREFIX;\n return prefix ? input.replace(/\\$\\{NEXT_PUBLIC_STACK_PORT_PREFIX:-81\\}/g, prefix) as T : input;\n};\n\n\nexport const createCache = <D extends any[], T>(fetcher: (dependencies: D) => Promise<T>) => {\n return new AsyncCache<D, Result<T>>(\n async (dependencies) => await Result.fromThrowingAsync(async () => await fetcher(dependencies)),\n {},\n );\n};\n\nexport const createCacheBySession = <D extends any[], T>(fetcher: (session: InternalSession, extraDependencies: D) => Promise<T> ) => {\n return new AsyncCache<[InternalSession, ...D], Result<T>>(\n async ([session, ...extraDependencies]) => await Result.fromThrowingAsync(async () => await fetcher(session, extraDependencies)),\n {\n onSubscribe: ([session], refresh) => {\n const handler = session.onInvalidate(() => refresh());\n return () => handler.unsubscribe();\n },\n },\n );\n};\n\n\ntype AppLike = { [stackAppInternalsSymbol]: { getConstructorOptions: () => any } };\nexport function resolveConstructorOptions<T extends { inheritsFrom?: AppLike }>(options: T): T & { inheritsFrom?: undefined } {\n return {\n ...options.inheritsFrom?.[stackAppInternalsSymbol].getConstructorOptions() ?? {},\n ...filterUndefined(omit(options, [\"inheritsFrom\"])),\n };\n}\n\nexport function getUrls(partial: Partial<HandlerUrls>): HandlerUrls {\n const handler = partial.handler ?? \"/handler\";\n const home = partial.home ?? \"/\";\n const afterSignIn = partial.afterSignIn ?? home;\n return {\n handler,\n signIn: `${handler}/sign-in`,\n afterSignIn: home,\n signUp: `${handler}/sign-up`,\n afterSignUp: afterSignIn,\n signOut: `${handler}/sign-out`,\n afterSignOut: home,\n emailVerification: `${handler}/email-verification`,\n passwordReset: `${handler}/password-reset`,\n forgotPassword: `${handler}/forgot-password`,\n oauthCallback: `${handler}/oauth-callback`,\n magicLinkCallback: `${handler}/magic-link-callback`,\n home: home,\n accountSettings: `${handler}/account-settings`,\n error: `${handler}/error`,\n teamInvitation: `${handler}/team-invitation`,\n mfa: `${handler}/mfa`,\n ...filterUndefined(partial),\n };\n}\n\nexport function getDefaultProjectId() {\n return process.env.NEXT_PUBLIC_STACK_PROJECT_ID || process.env.STACK_PROJECT_ID || throwErr(new Error(\"Welcome to Stack Auth! It seems that you haven't provided a project ID. Please create a project on the Stack dashboard at https://app.stack-auth.com and put it in the NEXT_PUBLIC_STACK_PROJECT_ID environment variable.\"));\n}\n\nexport function getDefaultPublishableClientKey() {\n return process.env.NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY || process.env.STACK_PUBLISHABLE_CLIENT_KEY || throwErr(new Error(\"Welcome to Stack Auth! It seems that you haven't provided a publishable client key. Please create an API key for your project on the Stack dashboard at https://app.stack-auth.com and copy your publishable client key into the NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY environment variable.\"));\n}\n\nexport function getDefaultSecretServerKey() {\n return process.env.STACK_SECRET_SERVER_KEY || throwErr(new Error(\"No secret server key provided. Please copy your key from the Stack dashboard and put it in the STACK_SECRET_SERVER_KEY environment variable.\"));\n}\n\nexport function getDefaultSuperSecretAdminKey() {\n return process.env.STACK_SUPER_SECRET_ADMIN_KEY || throwErr(new Error(\"No super secret admin key provided. Please copy your key from the Stack dashboard and put it in the STACK_SUPER_SECRET_ADMIN_KEY environment variable.\"));\n}\n\nexport function getDefaultExtraRequestHeaders() {\n return JSON.parse(process.env.NEXT_PUBLIC_STACK_EXTRA_REQUEST_HEADERS || process.env.STACK_EXTRA_REQUEST_HEADERS || '{}');\n}\n\n/**\n * Returns the base URL for the Stack API.\n *\n * The URL can be specified in several ways, in order of precedence:\n * 1. Directly through userSpecifiedBaseUrl parameter as string or browser/server object\n * 2. Through environment variables:\n * - Browser: NEXT_PUBLIC_BROWSER_STACK_API_URL\n * - Server: NEXT_PUBLIC_SERVER_STACK_API_URL\n * - Fallback: NEXT_PUBLIC_STACK_API_URL or NEXT_PUBLIC_STACK_URL\n * 3. Default base URL if none of the above are specified\n *\n * The function also ensures the URL doesn't end with a trailing slash\n * by removing it if present.\n *\n * @param userSpecifiedBaseUrl - Optional URL override as string or {browser, server} object\n * @returns The configured base URL without trailing slash\n\n */\nexport function getBaseUrl(userSpecifiedBaseUrl: string | { browser: string, server: string } | undefined) {\n let url;\n if (userSpecifiedBaseUrl) {\n if (typeof userSpecifiedBaseUrl === \"string\") {\n url = userSpecifiedBaseUrl;\n } else {\n if (isBrowserLike()) {\n url = userSpecifiedBaseUrl.browser;\n } else {\n url = userSpecifiedBaseUrl.server;\n }\n }\n } else {\n // note: NEXT_PUBLIC_BROWSER_STACK_API_URL was renamed to NEXT_PUBLIC_STACK_API_URL_BROWSER, and NEXT_PUBLIC_STACK_URL to NEXT_PUBLIC_STACK_API_URL\n if (isBrowserLike()) {\n url = process.env.NEXT_PUBLIC_BROWSER_STACK_API_URL || process.env.NEXT_PUBLIC_STACK_API_URL_BROWSER || process.env.STACK_API_URL_BROWSER;\n } else {\n url = process.env.NEXT_PUBLIC_SERVER_STACK_API_URL || process.env.NEXT_PUBLIC_STACK_API_URL_SERVER || process.env.STACK_API_URL_SERVER;\n }\n url = url || process.env.NEXT_PUBLIC_STACK_API_URL || process.env.STACK_API_URL || process.env.NEXT_PUBLIC_STACK_URL || defaultBaseUrl;\n }\n\n return replaceStackPortPrefix(url.endsWith('/') ? url.slice(0, -1) : url);\n}\nexport const defaultBaseUrl = \"https://api.stack-auth.com\";\n\nexport type TokenObject = {\n accessToken: string | null,\n refreshToken: string | null,\n};\n\nexport function createEmptyTokenStore() {\n return new Store<TokenObject>({\n refreshToken: null,\n accessToken: null,\n });\n}\n\n\n"],"mappings":";AAKA,SAAS,kBAAkB;AAC3B,SAAS,qBAAqB;AAC9B,SAAS,qBAAwC,gBAAgB;AAEjE,SAAS,iBAAiB,YAAY;AAGtC,SAAS,cAAc;AACvB,SAAS,aAAa;AACtB,SAAsB,+BAA+B;AAGrD,IAAM,UAAW,WAAmB,WAAW,EAAE,KAAK,CAAC,EAAE;AAElD,IAAM,gBAAgB;AAC7B,IAAI,cAAc,WAAW,oBAAoB,GAAG;AAClD,QAAM,IAAI,oBAAoB,qEAAqE;AACrG;AAEA,IAAM,yBAAyB,CAA+B,UAAgB;AAC5E,MAAI,CAAC,MAAO,QAAO;AACnB,QAAM,SAAS,QAAQ,IAAI;AAC3B,SAAO,SAAS,MAAM,QAAQ,4CAA4C,MAAM,IAAS;AAC3F;AAGO,IAAM,cAAc,CAAqB,YAA6C;AAC3F,SAAO,IAAI;AAAA,IACT,OAAO,iBAAiB,MAAM,OAAO,kBAAkB,YAAY,MAAM,QAAQ,YAAY,CAAC;AAAA,IAC9F,CAAC;AAAA,EACH;AACF;AAEO,IAAM,uBAAuB,CAAqB,YAA6E;AACpI,SAAO,IAAI;AAAA,IACT,OAAO,CAAC,SAAY,oBAAiB,MAAM,MAAM,OAAO,kBAAkB,YAAY,MAAM,QAAQ,SAAS,iBAAiB,CAAC;AAAA,IAC/H;AAAA,MACE,aAAa,CAAC,CAAC,OAAO,GAAG,YAAY;AACnC,cAAM,UAAU,QAAQ,aAAa,MAAM,QAAQ,CAAC;AACpD,eAAO,MAAM,QAAQ,YAAY;AAAA,MACnC;AAAA,IACF;AAAA,EACF;AACF;AAIO,SAAS,0BAAgE,SAA8C;AAC5H,SAAO;AAAA,IACL,GAAG,QAAQ,eAAe,uBAAuB,EAAE,sBAAsB,KAAK,CAAC;AAAA,IAC/E,GAAG,gBAAgB,KAAK,SAAS,CAAC,cAAc,CAAC,CAAC;AAAA,EACpD;AACF;AAEO,SAAS,QAAQ,SAA4C;AAClE,QAAM,UAAU,QAAQ,WAAW;AACnC,QAAM,OAAO,QAAQ,QAAQ;AAC7B,QAAM,cAAc,QAAQ,eAAe;AAC3C,SAAO;AAAA,IACL;AAAA,IACA,QAAQ,GAAG,OAAO;AAAA,IAClB,aAAa;AAAA,IACb,QAAQ,GAAG,OAAO;AAAA,IAClB,aAAa;AAAA,IACb,SAAS,GAAG,OAAO;AAAA,IACnB,cAAc;AAAA,IACd,mBAAmB,GAAG,OAAO;AAAA,IAC7B,eAAe,GAAG,OAAO;AAAA,IACzB,gBAAgB,GAAG,OAAO;AAAA,IAC1B,eAAe,GAAG,OAAO;AAAA,IACzB,mBAAmB,GAAG,OAAO;AAAA,IAC7B;AAAA,IACA,iBAAiB,GAAG,OAAO;AAAA,IAC3B,OAAO,GAAG,OAAO;AAAA,IACjB,gBAAgB,GAAG,OAAO;AAAA,IAC1B,KAAK,GAAG,OAAO;AAAA,IACf,GAAG,gBAAgB,OAAO;AAAA,EAC5B;AACF;AAEO,SAAS,sBAAsB;AACpC,SAAO,QAAQ,IAAI,gCAAgC,QAAQ,IAAI,oBAAoB,SAAS,IAAI,MAAM,2NAA2N,CAAC;AACpU;AAEO,SAAS,iCAAiC;AAC/C,SAAO,QAAQ,IAAI,4CAA4C,QAAQ,IAAI,gCAAgC,SAAS,IAAI,MAAM,iSAAiS,CAAC;AACla;AAEO,SAAS,4BAA4B;AAC1C,SAAO,QAAQ,IAAI,2BAA2B,SAAS,IAAI,MAAM,8IAA8I,CAAC;AAClN;AAEO,SAAS,gCAAgC;AAC9C,SAAO,QAAQ,IAAI,gCAAgC,SAAS,IAAI,MAAM,wJAAwJ,CAAC;AACjO;AAEO,SAAS,gCAAgC;AAC9C,SAAO,KAAK,MAAM,QAAQ,IAAI,2CAA2C,QAAQ,IAAI,+BAA+B,IAAI;AAC1H;AAoBO,SAAS,WAAW,sBAAgF;AACzG,MAAI;AACJ,MAAI,sBAAsB;AACxB,QAAI,OAAO,yBAAyB,UAAU;AAC5C,YAAM;AAAA,IACR,OAAO;AACL,UAAI,cAAc,GAAG;AACnB,cAAM,qBAAqB;AAAA,MAC7B,OAAO;AACL,cAAM,qBAAqB;AAAA,MAC7B;AAAA,IACF;AAAA,EACF,OAAO;AAEL,QAAI,cAAc,GAAG;AACnB,YAAM,QAAQ,IAAI,qCAAqC,QAAQ,IAAI,qCAAqC,QAAQ,IAAI;AAAA,IACtH,OAAO;AACL,YAAM,QAAQ,IAAI,oCAAoC,QAAQ,IAAI,oCAAoC,QAAQ,IAAI;AAAA,IACpH;AACA,UAAM,OAAO,QAAQ,IAAI,6BAA6B,QAAQ,IAAI,iBAAiB,QAAQ,IAAI,yBAAyB;AAAA,EAC1H;AAEA,SAAO,uBAAuB,IAAI,SAAS,GAAG,IAAI,IAAI,MAAM,GAAG,EAAE,IAAI,GAAG;AAC1E;AACO,IAAM,iBAAiB;AAOvB,SAAS,wBAAwB;AACtC,SAAO,IAAI,MAAmB;AAAA,IAC5B,cAAc;AAAA,IACd,aAAa;AAAA,EACf,CAAC;AACH;","names":[]}
|
package/dist/lib/cookie.js
CHANGED
|
@@ -90,7 +90,7 @@ function getCookieClient(name) {
|
|
|
90
90
|
}
|
|
91
91
|
function getAllCookiesClient() {
|
|
92
92
|
ensureClient();
|
|
93
|
-
import_js_cookie.default.set("stack-is-https", "true", { secure: true });
|
|
93
|
+
import_js_cookie.default.set("stack-is-https", "true", { secure: true, expires: new Date(Date.now() + 1e3 * 60 * 60 * 24 * 365) });
|
|
94
94
|
return import_js_cookie.default.get();
|
|
95
95
|
}
|
|
96
96
|
async function getCookie(name) {
|
|
@@ -106,21 +106,56 @@ async function isSecure() {
|
|
|
106
106
|
function determineSecureFromClientContext() {
|
|
107
107
|
return typeof window !== "undefined" && window.location.protocol === "https:";
|
|
108
108
|
}
|
|
109
|
-
|
|
109
|
+
var _shouldSetPartitionedClientCache = void 0;
|
|
110
|
+
function shouldSetPartitionedClient() {
|
|
111
|
+
return _shouldSetPartitionedClientCache ??= _internalShouldSetPartitionedClient();
|
|
112
|
+
}
|
|
113
|
+
function _internalShouldSetPartitionedClient() {
|
|
114
|
+
ensureClient();
|
|
115
|
+
if (!determineSecureFromClientContext()) {
|
|
116
|
+
return false;
|
|
117
|
+
}
|
|
118
|
+
const cookie1Name = "__Host-stack-temporary-chips-test-" + Math.random().toString(36).substring(2, 15);
|
|
119
|
+
document.cookie = `${cookie1Name}=value1; Secure; path=/`;
|
|
120
|
+
const cookies1 = document.cookie.split("; ");
|
|
121
|
+
document.cookie = `${cookie1Name}=delete1; Secure; path=/; expires=Thu, 01 Jan 1970 00:00:00 UTC;`;
|
|
122
|
+
if (cookies1.some((c) => c.startsWith(cookie1Name + "="))) {
|
|
123
|
+
return false;
|
|
124
|
+
}
|
|
125
|
+
const cookie2Name = "__Host-stack-temporary-chips-test-" + Math.random().toString(36).substring(2, 15);
|
|
126
|
+
document.cookie = `${cookie2Name}=delete1; Secure; SameSite=None; Partitioned; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;
|
|
127
|
+
document.cookie = `${cookie2Name}=delete2; Secure; SameSite=None; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;
|
|
128
|
+
document.cookie = `${cookie2Name}=set1; Secure; SameSite=None; Partitioned; path=/`;
|
|
129
|
+
document.cookie = `${cookie2Name}=set2; Secure; SameSite=None; path=/`;
|
|
130
|
+
const cookies2 = document.cookie.split("; ");
|
|
131
|
+
const numberOfCookiesWithThisName = cookies2.filter((c) => c.startsWith(cookie2Name + "=")).length;
|
|
132
|
+
document.cookie = `${cookie2Name}=delete3; Secure; SameSite=None; Partitioned; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;
|
|
133
|
+
document.cookie = `${cookie2Name}=delete4; Secure; SameSite=None; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;
|
|
134
|
+
return numberOfCookiesWithThisName === 2;
|
|
135
|
+
}
|
|
136
|
+
function setCookieClientInternal(name, value, options) {
|
|
110
137
|
const secure = options.secure ?? determineSecureFromClientContext();
|
|
138
|
+
const partitioned = shouldSetPartitionedClient();
|
|
111
139
|
import_js_cookie.default.set(name, value, {
|
|
112
|
-
expires: options.maxAge ===
|
|
140
|
+
expires: options.maxAge === "session" ? void 0 : new Date(Date.now() + options.maxAge * 1e3),
|
|
113
141
|
domain: options.domain,
|
|
114
|
-
secure
|
|
142
|
+
secure,
|
|
143
|
+
sameSite: "Lax",
|
|
144
|
+
...partitioned ? {
|
|
145
|
+
partitioned,
|
|
146
|
+
sameSite: "None"
|
|
147
|
+
} : {}
|
|
115
148
|
});
|
|
116
149
|
}
|
|
117
|
-
function deleteCookieClientInternal(name, options
|
|
118
|
-
|
|
119
|
-
|
|
150
|
+
function deleteCookieClientInternal(name, options) {
|
|
151
|
+
for (const partitioned of [true, false]) {
|
|
152
|
+
if (options.domain !== void 0) {
|
|
153
|
+
import_js_cookie.default.remove(name, { domain: options.domain, secure: determineSecureFromClientContext(), partitioned });
|
|
154
|
+
}
|
|
155
|
+
import_js_cookie.default.remove(name, { secure: determineSecureFromClientContext(), partitioned });
|
|
120
156
|
}
|
|
121
|
-
import_js_cookie.default.remove(name, { secure: determineSecureFromClientContext() });
|
|
122
157
|
}
|
|
123
|
-
function setOrDeleteCookieClient(name, value, options
|
|
158
|
+
function setOrDeleteCookieClient(name, value, options) {
|
|
124
159
|
ensureClient();
|
|
125
160
|
if (value === null) {
|
|
126
161
|
deleteCookieClientInternal(name, options);
|
|
@@ -128,23 +163,23 @@ function setOrDeleteCookieClient(name, value, options = {}) {
|
|
|
128
163
|
setCookieClientInternal(name, value, options);
|
|
129
164
|
}
|
|
130
165
|
}
|
|
131
|
-
async function setOrDeleteCookie(name, value, options
|
|
166
|
+
async function setOrDeleteCookie(name, value, options) {
|
|
132
167
|
const cookieHelper = await createCookieHelper();
|
|
133
168
|
cookieHelper.setOrDelete(name, value, options);
|
|
134
169
|
}
|
|
135
|
-
function deleteCookieClient(name, options
|
|
170
|
+
function deleteCookieClient(name, options) {
|
|
136
171
|
ensureClient();
|
|
137
172
|
deleteCookieClientInternal(name, options);
|
|
138
173
|
}
|
|
139
|
-
async function deleteCookie(name, options
|
|
174
|
+
async function deleteCookie(name, options) {
|
|
140
175
|
const cookieHelper = await createCookieHelper();
|
|
141
176
|
cookieHelper.delete(name, options);
|
|
142
177
|
}
|
|
143
|
-
function setCookieClient(name, value, options
|
|
178
|
+
function setCookieClient(name, value, options) {
|
|
144
179
|
ensureClient();
|
|
145
180
|
setCookieClientInternal(name, value, options);
|
|
146
181
|
}
|
|
147
|
-
async function setCookie(name, value, options
|
|
182
|
+
async function setCookie(name, value, options) {
|
|
148
183
|
const cookieHelper = await createCookieHelper();
|
|
149
184
|
cookieHelper.set(name, value, options);
|
|
150
185
|
}
|
|
@@ -165,7 +200,7 @@ function consumeVerifierAndStateCookie(state) {
|
|
|
165
200
|
if (!codeVerifier) {
|
|
166
201
|
return null;
|
|
167
202
|
}
|
|
168
|
-
deleteCookieClient(cookieName);
|
|
203
|
+
deleteCookieClient(cookieName, {});
|
|
169
204
|
return {
|
|
170
205
|
codeVerifier
|
|
171
206
|
};
|
package/dist/lib/cookie.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/lib/cookie.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { isBrowserLike } from '@stackframe/stack-shared/dist/utils/env';\nimport { StackAssertionError } from '@stackframe/stack-shared/dist/utils/errors';\nimport Cookies from \"js-cookie\";\nimport { calculatePKCECodeChallenge, generateRandomCodeVerifier, generateRandomState } from \"oauth4webapi\";\n\ntype SetCookieOptions = { maxAge?: number, noOpIfServerComponent?: boolean, domain?: string, secure?: boolean };\ntype DeleteCookieOptions = { noOpIfServerComponent?: boolean, domain?: string };\n\nfunction ensureClient() {\n if (!isBrowserLike()) {\n throw new Error(\"cookieClient functions can only be called in a browser environment, yet window is undefined\");\n }\n}\n\nexport type CookieHelper = {\n get: (name: string) => string | null,\n getAll: () => Record<string, string>,\n set: (name: string, value: string, options: SetCookieOptions) => void,\n setOrDelete: (name: string, value: string | null, options: SetCookieOptions & DeleteCookieOptions) => void,\n delete: (name: string, options: DeleteCookieOptions) => void,\n};\n\nconst placeholderCookieHelperIdentity = { \"placeholder cookie helper identity\": true };\nexport async function createPlaceholderCookieHelper(): Promise<CookieHelper> {\n function throwError(): never {\n throw new StackAssertionError(\"Throwing cookie helper is just a placeholder. This should never be called\");\n }\n return {\n get: throwError,\n getAll: throwError,\n set: throwError,\n setOrDelete: throwError,\n delete: throwError,\n };\n}\n\nexport async function createCookieHelper(): Promise<CookieHelper> {\n if (isBrowserLike()) {\n return createBrowserCookieHelper();\n } else {\n return await createPlaceholderCookieHelper();\n }\n}\n\nexport function createBrowserCookieHelper(): CookieHelper {\n return {\n get: getCookieClient,\n getAll: getAllCookiesClient,\n set: setCookieClient,\n setOrDelete: setOrDeleteCookieClient,\n delete: deleteCookieClient,\n };\n}\n\nfunction handleCookieError(e: unknown, options: DeleteCookieOptions | SetCookieOptions) {\n if (e instanceof Error && e.message.includes(\"Cookies can only be modified in\")) {\n if (options.noOpIfServerComponent) {\n // ignore\n } else {\n throw new StackAssertionError(\"Attempted to set cookie in server component. Pass { noOpIfServerComponent: true } in the options of Stack's cookie functions if this is intentional and you want to ignore this error. Read more: https://nextjs.org/docs/app/api-reference/functions/cookies#options\");\n }\n } else {\n throw e;\n }\n}\n\n\nexport function getCookieClient(name: string): string | null {\n const all = getAllCookiesClient();\n return all[name] ?? null;\n}\n\nexport function getAllCookiesClient(): Record<string, string> {\n ensureClient();\n // set a helper cookie, see comment in `NextCookieHelper.set` above\n Cookies.set(\"stack-is-https\", \"true\", { secure: true });\n return Cookies.get();\n}\n\nexport async function getCookie(name: string): Promise<string | null> {\n const cookieHelper = await createCookieHelper();\n return cookieHelper.get(name);\n}\n\nexport async function isSecure(): Promise<boolean> {\n if (isBrowserLike()) {\n return determineSecureFromClientContext();\n }\n return false;\n}\n\nfunction determineSecureFromClientContext(): boolean {\n return typeof window !== \"undefined\" && window.location.protocol === \"https:\";\n}\n\nfunction setCookieClientInternal(name: string, value: string, options: SetCookieOptions = {}) {\n const secure = options.secure ?? determineSecureFromClientContext();\n Cookies.set(name, value, {\n expires: options.maxAge === undefined ? undefined : new Date(Date.now() + (options.maxAge) * 1000),\n domain: options.domain,\n secure,\n });\n}\n\nfunction deleteCookieClientInternal(name: string, options: DeleteCookieOptions = {}) {\n if (options.domain !== undefined) {\n Cookies.remove(name, { domain: options.domain, secure: determineSecureFromClientContext() });\n }\n Cookies.remove(name, { secure: determineSecureFromClientContext() });\n}\n\nexport function setOrDeleteCookieClient(name: string, value: string | null, options: SetCookieOptions & DeleteCookieOptions = {}) {\n ensureClient();\n if (value === null) {\n deleteCookieClientInternal(name, options);\n } else {\n setCookieClientInternal(name, value, options);\n }\n}\n\nexport async function setOrDeleteCookie(name: string, value: string | null, options: SetCookieOptions & DeleteCookieOptions = {}) {\n const cookieHelper = await createCookieHelper();\n cookieHelper.setOrDelete(name, value, options);\n}\n\nexport function deleteCookieClient(name: string, options: DeleteCookieOptions = {}) {\n ensureClient();\n deleteCookieClientInternal(name, options);\n}\n\nexport async function deleteCookie(name: string, options: DeleteCookieOptions = {}) {\n const cookieHelper = await createCookieHelper();\n cookieHelper.delete(name, options);\n}\n\nexport function setCookieClient(name: string, value: string, options: SetCookieOptions = {}) {\n ensureClient();\n setCookieClientInternal(name, value, options);\n}\n\nexport async function setCookie(name: string, value: string, options: SetCookieOptions = {}) {\n const cookieHelper = await createCookieHelper();\n cookieHelper.set(name, value, options);\n}\n\nexport async function saveVerifierAndState() {\n const codeVerifier = generateRandomCodeVerifier();\n const codeChallenge = await calculatePKCECodeChallenge(codeVerifier);\n const state = generateRandomState();\n\n await setCookie(\"stack-oauth-outer-\" + state, codeVerifier, { maxAge: 60 * 60 });\n\n return {\n codeChallenge,\n state,\n };\n}\n\nexport function consumeVerifierAndStateCookie(state: string) {\n ensureClient();\n const cookieName = \"stack-oauth-outer-\" + state;\n const codeVerifier = getCookieClient(cookieName);\n if (!codeVerifier) {\n return null;\n }\n deleteCookieClient(cookieName);\n return {\n codeVerifier,\n };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAIA,iBAA8B;AAC9B,oBAAoC;AACpC,uBAAoB;AACpB,0BAA4F;AAK5F,SAAS,eAAe;AACtB,MAAI,KAAC,0BAAc,GAAG;AACpB,UAAM,IAAI,MAAM,6FAA6F;AAAA,EAC/G;AACF;AAWA,eAAsB,gCAAuD;AAC3E,WAAS,aAAoB;AAC3B,UAAM,IAAI,kCAAoB,2EAA2E;AAAA,EAC3G;AACA,SAAO;AAAA,IACL,KAAK;AAAA,IACL,QAAQ;AAAA,IACR,KAAK;AAAA,IACL,aAAa;AAAA,IACb,QAAQ;AAAA,EACV;AACF;AAEA,eAAsB,qBAA4C;AAChE,UAAI,0BAAc,GAAG;AACnB,WAAO,0BAA0B;AAAA,EACnC,OAAO;AACL,WAAO,MAAM,8BAA8B;AAAA,EAC7C;AACF;AAEO,SAAS,4BAA0C;AACxD,SAAO;AAAA,IACL,KAAK;AAAA,IACL,QAAQ;AAAA,IACR,KAAK;AAAA,IACL,aAAa;AAAA,IACb,QAAQ;AAAA,EACV;AACF;AAeO,SAAS,gBAAgB,MAA6B;AAC3D,QAAM,MAAM,oBAAoB;AAChC,SAAO,IAAI,IAAI,KAAK;AACtB;AAEO,SAAS,sBAA8C;AAC5D,eAAa;AAEb,mBAAAA,QAAQ,IAAI,kBAAkB,QAAQ,EAAE,QAAQ,KAAK,CAAC;AACtD,SAAO,iBAAAA,QAAQ,IAAI;AACrB;AAEA,eAAsB,UAAU,MAAsC;AACpE,QAAM,eAAe,MAAM,mBAAmB;AAC9C,SAAO,aAAa,IAAI,IAAI;AAC9B;AAEA,eAAsB,WAA6B;AACjD,UAAI,0BAAc,GAAG;AACnB,WAAO,iCAAiC;AAAA,EAC1C;AACA,SAAO;AACT;AAEA,SAAS,mCAA4C;AACnD,SAAO,OAAO,WAAW,eAAe,OAAO,SAAS,aAAa;AACvE;AAEA,SAAS,wBAAwB,MAAc,OAAe,UAA4B,CAAC,GAAG;AAC5F,QAAM,SAAS,QAAQ,UAAU,iCAAiC;AAClE,mBAAAA,QAAQ,IAAI,MAAM,OAAO;AAAA,IACvB,SAAS,QAAQ,WAAW,SAAY,SAAY,IAAI,KAAK,KAAK,IAAI,IAAK,QAAQ,SAAU,GAAI;AAAA,IACjG,QAAQ,QAAQ;AAAA,IAChB;AAAA,EACF,CAAC;AACH;AAEA,SAAS,2BAA2B,MAAc,UAA+B,CAAC,GAAG;AACnF,MAAI,QAAQ,WAAW,QAAW;AAChC,qBAAAA,QAAQ,OAAO,MAAM,EAAE,QAAQ,QAAQ,QAAQ,QAAQ,iCAAiC,EAAE,CAAC;AAAA,EAC7F;AACA,mBAAAA,QAAQ,OAAO,MAAM,EAAE,QAAQ,iCAAiC,EAAE,CAAC;AACrE;AAEO,SAAS,wBAAwB,MAAc,OAAsB,UAAkD,CAAC,GAAG;AAChI,eAAa;AACb,MAAI,UAAU,MAAM;AAClB,+BAA2B,MAAM,OAAO;AAAA,EAC1C,OAAO;AACL,4BAAwB,MAAM,OAAO,OAAO;AAAA,EAC9C;AACF;AAEA,eAAsB,kBAAkB,MAAc,OAAsB,UAAkD,CAAC,GAAG;AAChI,QAAM,eAAe,MAAM,mBAAmB;AAC9C,eAAa,YAAY,MAAM,OAAO,OAAO;AAC/C;AAEO,SAAS,mBAAmB,MAAc,UAA+B,CAAC,GAAG;AAClF,eAAa;AACb,6BAA2B,MAAM,OAAO;AAC1C;AAEA,eAAsB,aAAa,MAAc,UAA+B,CAAC,GAAG;AAClF,QAAM,eAAe,MAAM,mBAAmB;AAC9C,eAAa,OAAO,MAAM,OAAO;AACnC;AAEO,SAAS,gBAAgB,MAAc,OAAe,UAA4B,CAAC,GAAG;AAC3F,eAAa;AACb,0BAAwB,MAAM,OAAO,OAAO;AAC9C;AAEA,eAAsB,UAAU,MAAc,OAAe,UAA4B,CAAC,GAAG;AAC3F,QAAM,eAAe,MAAM,mBAAmB;AAC9C,eAAa,IAAI,MAAM,OAAO,OAAO;AACvC;AAEA,eAAsB,uBAAuB;AAC3C,QAAM,mBAAe,gDAA2B;AAChD,QAAM,gBAAgB,UAAM,gDAA2B,YAAY;AACnE,QAAM,YAAQ,yCAAoB;AAElC,QAAM,UAAU,uBAAuB,OAAO,cAAc,EAAE,QAAQ,KAAK,GAAG,CAAC;AAE/E,SAAO;AAAA,IACL;AAAA,IACA;AAAA,EACF;AACF;AAEO,SAAS,8BAA8B,OAAe;AAC3D,eAAa;AACb,QAAM,aAAa,uBAAuB;AAC1C,QAAM,eAAe,gBAAgB,UAAU;AAC/C,MAAI,CAAC,cAAc;AACjB,WAAO;AAAA,EACT;AACA,qBAAmB,UAAU;AAC7B,SAAO;AAAA,IACL;AAAA,EACF;AACF;","names":["Cookies"]}
|
|
1
|
+
{"version":3,"sources":["../../src/lib/cookie.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { isBrowserLike } from '@stackframe/stack-shared/dist/utils/env';\nimport { StackAssertionError } from '@stackframe/stack-shared/dist/utils/errors';\nimport Cookies from \"js-cookie\";\nimport { calculatePKCECodeChallenge, generateRandomCodeVerifier, generateRandomState } from \"oauth4webapi\";\n\n\n// INFO: This file is used to manage cookies. It also sets some cookie flags automatically, see this description.\n//\n// It provides asynchronous setCookie, getCookie, deleteCookie, etc. functions that can be used in various environments\n// (browser + Next.js for now). Under the hood, they just get a CookieHelper object and then set the cookies there.\n//\n// The CookieHelper object is a simple object that lets you set, get and delete cookies synchronously. Acquiring one\n// is asynchronous (except for browser environments, where they can be acquired synchronously), but once you have it,\n// you can use it synchronously. This function is useful if you cannot await in the calling code, but otherwise you\n// should prefer to await the functions directly.\n//\n// Some cookie flags are set automatically by the CookieHelper (and hence also the <xyz>Cookie functions).\n// In particular:\n// - SameSite is set to `Lax` by default, which is already true in Chromium-based browsers, so this creates\n// compatibility with other browsers that use either Strict or None (particularly Safari and Firefox, and older\n// versions of Chrome). If Partitioned is automatically set (as described below), then this value is set to `None`\n// instead.\n// - Secure is set depending on whether we could successfully determine that the client is on HTTPS. For this, we use a\n// set of heuristics:\n// - In a browser environment, we check window.location.protocol which is always accurate\n// - In a Next.js server environment:\n// - First we check the `stack-is-https` cookie, which is set in various places on the\n// client with a Secure attribute. If that one is passed on to the server, we know that the client is on HTTPS\n// and we can set the Secure flag on the cookie. TODO: Should we also do this with a second cookie with a\n// __Host- prefix, so a malicious subdomain of the current domain cannot forcibly enable HTTPS mode and\n// therefore prevent new cookies from being set?\n// - Otherwise, we check the X-Forwarded-Proto header. If that one is `https`, we know that the client is\n// (pretending to be) on HTTPS and we can set the Secure flag on the cookie. Note that this header is\n// spoofable by malicious clients (so is the cookie actually), but since setting this value can only *increase*\n// security (and therefore prevent setting of a cookie), and requires a malicious client, this is still safe.\n// - If neither of the above is true, we don't set the Secure flag on the cookie.\n// - Partitioned is set depending on whether it is needed & supported. Unfortunately, the fact that Partitioned\n// cookies require SameSite=None, browsers that don't support it will still set them as normal third-party cookies,\n// which are fundamentally unsafe. Therefore, we need to take extra care that we only ever set Partitioned cookies\n// if we know for sure that the browser supports it.\n// - In a browser environment, we check:\n// - Whether `Secure` is set. If it's not, we don't set Partitioned.\n// - Whether we can set & retrieve cookies without Partitioned being set. If this is the case, we are likely in a\n// top-level context or a browser that partitions cookies by default (eg. Firefox). In this case, we don't need\n// Partitioned and can just proceed as normal.\n// - Whether CHIPS is supported. To prevent the case where CHIPS is not supported but third-party cookies are (in\n// which we would accidentally set SameSite=None without Partitioned as the latter requires the former), we\n// check this by running a simple test with document.cookie.\n// - Whether the browser supports Partitioned cookies. If yes, set Partitioned. Otherwise, don't set Partitioned.\n// Since there's no easy cross-compat way to do this (CookieStore and document.cookie do not return whether a\n// cookie is partitioned on some/all versions of Safari and Firefox), we use a heuristic; we run this test by\n// creating two cookies with the same name: One with Partitioned and one without. If there are two resulting\n// cookies, that means they were put into different jars, implying that the browser supports Partitioned cookies\n// (but doesn't partition cookies by default). If they result in just one cookie, that could mean that the\n// browser doesn't support Partitioned cookies, or that the browser doesn't put partitioned cookies into\n// different jars by default, in which case we still don't know. This heuristic works on Chrome, but may\n// incorrectly conclude that some other browsers don't support Partitioned. But from a security perspective,\n// that is better than accidentally setting SameSite=None without Partitioned. TODO: Find a better heuristic to\n// to determine whether the browser supports Partitioned cookies or not.\n// - In a Next.js server environment, right now we do nothing because of the complexity involved :( TODO: In the\n// future, we could improve this for example by setting hint cookies from the client, but we need to make sure that\n// no malicious actor (eg. on a malicious subdomain) can forcefully enable Partitioned cookies on a browser that\n// does not support it.\n\n\ntype SetCookieOptions = { maxAge: number | \"session\", noOpIfServerComponent?: boolean, domain?: string, secure?: boolean };\ntype DeleteCookieOptions = { noOpIfServerComponent?: boolean, domain?: string };\n\nfunction ensureClient() {\n if (!isBrowserLike()) {\n throw new Error(\"cookieClient functions can only be called in a browser environment, yet window is undefined\");\n }\n}\n\nexport type CookieHelper = {\n get: (name: string) => string | null,\n getAll: () => Record<string, string>,\n set: (name: string, value: string, options: SetCookieOptions) => void,\n setOrDelete: (name: string, value: string | null, options: SetCookieOptions & DeleteCookieOptions) => void,\n delete: (name: string, options: DeleteCookieOptions) => void,\n};\n\nconst placeholderCookieHelperIdentity = { \"placeholder cookie helper identity\": true };\nexport async function createPlaceholderCookieHelper(): Promise<CookieHelper> {\n function throwError(): never {\n throw new StackAssertionError(\"Throwing cookie helper is just a placeholder. This should never be called\");\n }\n return {\n get: throwError,\n getAll: throwError,\n set: throwError,\n setOrDelete: throwError,\n delete: throwError,\n };\n}\n\nexport async function createCookieHelper(): Promise<CookieHelper> {\n if (isBrowserLike()) {\n return createBrowserCookieHelper();\n } else {\n return await createPlaceholderCookieHelper();\n }\n}\n\nexport function createBrowserCookieHelper(): CookieHelper {\n return {\n get: getCookieClient,\n getAll: getAllCookiesClient,\n set: setCookieClient,\n setOrDelete: setOrDeleteCookieClient,\n delete: deleteCookieClient,\n };\n}\n\nfunction handleCookieError(e: unknown, options: DeleteCookieOptions | SetCookieOptions) {\n if (e instanceof Error && e.message.includes(\"Cookies can only be modified in\")) {\n if (options.noOpIfServerComponent) {\n // ignore\n } else {\n throw new StackAssertionError(\"Attempted to set cookie in server component. Pass { noOpIfServerComponent: true } in the options of Stack's cookie functions if this is intentional and you want to ignore this error. Read more: https://nextjs.org/docs/app/api-reference/functions/cookies#options\");\n }\n } else {\n throw e;\n }\n}\n\n\nexport function getCookieClient(name: string): string | null {\n const all = getAllCookiesClient();\n return all[name] ?? null;\n}\n\nexport function getAllCookiesClient(): Record<string, string> {\n ensureClient();\n // set a helper cookie, see comment in `NextCookieHelper.set` above\n Cookies.set(\"stack-is-https\", \"true\", { secure: true, expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 365) });\n return Cookies.get();\n}\n\nexport async function getCookie(name: string): Promise<string | null> {\n const cookieHelper = await createCookieHelper();\n return cookieHelper.get(name);\n}\n\nexport async function isSecure(): Promise<boolean> {\n if (isBrowserLike()) {\n return determineSecureFromClientContext();\n }\n return false;\n}\n\nfunction determineSecureFromClientContext(): boolean {\n return typeof window !== \"undefined\" && window.location.protocol === \"https:\";\n}\n\n\nlet _shouldSetPartitionedClientCache: boolean | undefined = undefined;\nfunction shouldSetPartitionedClient() {\n return _shouldSetPartitionedClientCache ??= _internalShouldSetPartitionedClient();\n}\nfunction _internalShouldSetPartitionedClient() {\n ensureClient();\n\n if (!(determineSecureFromClientContext())) {\n return false;\n }\n\n // check whether we can set & retrieve normal cookies (either because we're on a top-level/same-origin context or the browser partitions cookies by default)\n const cookie1Name = \"__Host-stack-temporary-chips-test-\" + Math.random().toString(36).substring(2, 15);\n document.cookie = `${cookie1Name}=value1; Secure; path=/`;\n const cookies1 = document.cookie.split(\"; \");\n document.cookie = `${cookie1Name}=delete1; Secure; path=/; expires=Thu, 01 Jan 1970 00:00:00 UTC;`;\n if (cookies1.some((c) => c.startsWith(cookie1Name + \"=\"))) {\n return false;\n }\n\n\n // check whether Partitioned cookies are supported by the browser\n // TODO: See comment at the top. Feels like we should find a better way to do this\n const cookie2Name = \"__Host-stack-temporary-chips-test-\" + Math.random().toString(36).substring(2, 15);\n\n // just to be safe, delete the cookie first to avoid weird RNG-prediction attacks\n // I don't know what they look like (since this is a host cookie) but better safe than sorry\n // (this function should be 100% bulletproof so we don't accidentally fall back to non-partitioned third party cookies on unsupported browsers)\n document.cookie = `${cookie2Name}=delete1; Secure; SameSite=None; Partitioned; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;\n document.cookie = `${cookie2Name}=delete2; Secure; SameSite=None; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;\n\n // set the cookie, once partitioned and once not partitioned\n document.cookie = `${cookie2Name}=set1; Secure; SameSite=None; Partitioned; path=/`;\n document.cookie = `${cookie2Name}=set2; Secure; SameSite=None; path=/`;\n\n // check if there are two cookies\n const cookies2 = document.cookie.split(\"; \");\n const numberOfCookiesWithThisName = cookies2.filter((c) => c.startsWith(cookie2Name + \"=\")).length;\n\n // clean up\n document.cookie = `${cookie2Name}=delete3; Secure; SameSite=None; Partitioned; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;\n document.cookie = `${cookie2Name}=delete4; Secure; SameSite=None; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;\n\n return numberOfCookiesWithThisName === 2;\n}\n\nfunction setCookieClientInternal(name: string, value: string, options: SetCookieOptions) {\n const secure = options.secure ?? determineSecureFromClientContext();\n const partitioned = shouldSetPartitionedClient();\n Cookies.set(name, value, {\n expires: options.maxAge === \"session\" ? undefined : new Date(Date.now() + (options.maxAge) * 1000),\n domain: options.domain,\n secure,\n sameSite: \"Lax\",\n ...(partitioned ? {\n partitioned,\n sameSite: \"None\",\n } : {}),\n });\n}\n\nfunction deleteCookieClientInternal(name: string, options: DeleteCookieOptions) {\n for (const partitioned of [true, false]) {\n if (options.domain !== undefined) {\n Cookies.remove(name, { domain: options.domain, secure: determineSecureFromClientContext(), partitioned });\n }\n Cookies.remove(name, { secure: determineSecureFromClientContext(), partitioned });\n }\n}\n\nexport function setOrDeleteCookieClient(name: string, value: string | null, options: SetCookieOptions & DeleteCookieOptions) {\n ensureClient();\n if (value === null) {\n deleteCookieClientInternal(name, options);\n } else {\n setCookieClientInternal(name, value, options);\n }\n}\n\nexport async function setOrDeleteCookie(name: string, value: string | null, options: SetCookieOptions & DeleteCookieOptions) {\n const cookieHelper = await createCookieHelper();\n cookieHelper.setOrDelete(name, value, options);\n}\n\nexport function deleteCookieClient(name: string, options: DeleteCookieOptions) {\n ensureClient();\n deleteCookieClientInternal(name, options);\n}\n\nexport async function deleteCookie(name: string, options: DeleteCookieOptions) {\n const cookieHelper = await createCookieHelper();\n cookieHelper.delete(name, options);\n}\n\nexport function setCookieClient(name: string, value: string, options: SetCookieOptions) {\n ensureClient();\n setCookieClientInternal(name, value, options);\n}\n\nexport async function setCookie(name: string, value: string, options: SetCookieOptions) {\n const cookieHelper = await createCookieHelper();\n cookieHelper.set(name, value, options);\n}\n\nexport async function saveVerifierAndState() {\n const codeVerifier = generateRandomCodeVerifier();\n const codeChallenge = await calculatePKCECodeChallenge(codeVerifier);\n const state = generateRandomState();\n\n await setCookie(\"stack-oauth-outer-\" + state, codeVerifier, { maxAge: 60 * 60 });\n\n return {\n codeChallenge,\n state,\n };\n}\n\nexport function consumeVerifierAndStateCookie(state: string) {\n ensureClient();\n const cookieName = \"stack-oauth-outer-\" + state;\n const codeVerifier = getCookieClient(cookieName);\n if (!codeVerifier) {\n return null;\n }\n deleteCookieClient(cookieName, {});\n return {\n codeVerifier,\n };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAIA,iBAA8B;AAC9B,oBAAoC;AACpC,uBAAoB;AACpB,0BAA4F;AAiE5F,SAAS,eAAe;AACtB,MAAI,KAAC,0BAAc,GAAG;AACpB,UAAM,IAAI,MAAM,6FAA6F;AAAA,EAC/G;AACF;AAWA,eAAsB,gCAAuD;AAC3E,WAAS,aAAoB;AAC3B,UAAM,IAAI,kCAAoB,2EAA2E;AAAA,EAC3G;AACA,SAAO;AAAA,IACL,KAAK;AAAA,IACL,QAAQ;AAAA,IACR,KAAK;AAAA,IACL,aAAa;AAAA,IACb,QAAQ;AAAA,EACV;AACF;AAEA,eAAsB,qBAA4C;AAChE,UAAI,0BAAc,GAAG;AACnB,WAAO,0BAA0B;AAAA,EACnC,OAAO;AACL,WAAO,MAAM,8BAA8B;AAAA,EAC7C;AACF;AAEO,SAAS,4BAA0C;AACxD,SAAO;AAAA,IACL,KAAK;AAAA,IACL,QAAQ;AAAA,IACR,KAAK;AAAA,IACL,aAAa;AAAA,IACb,QAAQ;AAAA,EACV;AACF;AAeO,SAAS,gBAAgB,MAA6B;AAC3D,QAAM,MAAM,oBAAoB;AAChC,SAAO,IAAI,IAAI,KAAK;AACtB;AAEO,SAAS,sBAA8C;AAC5D,eAAa;AAEb,mBAAAA,QAAQ,IAAI,kBAAkB,QAAQ,EAAE,QAAQ,MAAM,SAAS,IAAI,KAAK,KAAK,IAAI,IAAI,MAAO,KAAK,KAAK,KAAK,GAAG,EAAE,CAAC;AACjH,SAAO,iBAAAA,QAAQ,IAAI;AACrB;AAEA,eAAsB,UAAU,MAAsC;AACpE,QAAM,eAAe,MAAM,mBAAmB;AAC9C,SAAO,aAAa,IAAI,IAAI;AAC9B;AAEA,eAAsB,WAA6B;AACjD,UAAI,0BAAc,GAAG;AACnB,WAAO,iCAAiC;AAAA,EAC1C;AACA,SAAO;AACT;AAEA,SAAS,mCAA4C;AACnD,SAAO,OAAO,WAAW,eAAe,OAAO,SAAS,aAAa;AACvE;AAGA,IAAI,mCAAwD;AAC5D,SAAS,6BAA6B;AACpC,SAAO,qCAAqC,oCAAoC;AAClF;AACA,SAAS,sCAAsC;AAC7C,eAAa;AAEb,MAAI,CAAE,iCAAiC,GAAI;AACzC,WAAO;AAAA,EACT;AAGA,QAAM,cAAc,uCAAuC,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,UAAU,GAAG,EAAE;AACrG,WAAS,SAAS,GAAG,WAAW;AAChC,QAAM,WAAW,SAAS,OAAO,MAAM,IAAI;AAC3C,WAAS,SAAS,GAAG,WAAW;AAChC,MAAI,SAAS,KAAK,CAAC,MAAM,EAAE,WAAW,cAAc,GAAG,CAAC,GAAG;AACzD,WAAO;AAAA,EACT;AAKA,QAAM,cAAc,uCAAuC,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,UAAU,GAAG,EAAE;AAKrG,WAAS,SAAS,GAAG,WAAW;AAChC,WAAS,SAAS,GAAG,WAAW;AAGhC,WAAS,SAAS,GAAG,WAAW;AAChC,WAAS,SAAS,GAAG,WAAW;AAGhC,QAAM,WAAW,SAAS,OAAO,MAAM,IAAI;AAC3C,QAAM,8BAA8B,SAAS,OAAO,CAAC,MAAM,EAAE,WAAW,cAAc,GAAG,CAAC,EAAE;AAG5F,WAAS,SAAS,GAAG,WAAW;AAChC,WAAS,SAAS,GAAG,WAAW;AAEhC,SAAO,gCAAgC;AACzC;AAEA,SAAS,wBAAwB,MAAc,OAAe,SAA2B;AACvF,QAAM,SAAS,QAAQ,UAAU,iCAAiC;AAClE,QAAM,cAAc,2BAA2B;AAC/C,mBAAAA,QAAQ,IAAI,MAAM,OAAO;AAAA,IACvB,SAAS,QAAQ,WAAW,YAAY,SAAY,IAAI,KAAK,KAAK,IAAI,IAAK,QAAQ,SAAU,GAAI;AAAA,IACjG,QAAQ,QAAQ;AAAA,IAChB;AAAA,IACA,UAAU;AAAA,IACV,GAAI,cAAc;AAAA,MAChB;AAAA,MACA,UAAU;AAAA,IACZ,IAAI,CAAC;AAAA,EACP,CAAC;AACH;AAEA,SAAS,2BAA2B,MAAc,SAA8B;AAC9E,aAAW,eAAe,CAAC,MAAM,KAAK,GAAG;AACvC,QAAI,QAAQ,WAAW,QAAW;AAChC,uBAAAA,QAAQ,OAAO,MAAM,EAAE,QAAQ,QAAQ,QAAQ,QAAQ,iCAAiC,GAAG,YAAY,CAAC;AAAA,IAC1G;AACA,qBAAAA,QAAQ,OAAO,MAAM,EAAE,QAAQ,iCAAiC,GAAG,YAAY,CAAC;AAAA,EAClF;AACF;AAEO,SAAS,wBAAwB,MAAc,OAAsB,SAAiD;AAC3H,eAAa;AACb,MAAI,UAAU,MAAM;AAClB,+BAA2B,MAAM,OAAO;AAAA,EAC1C,OAAO;AACL,4BAAwB,MAAM,OAAO,OAAO;AAAA,EAC9C;AACF;AAEA,eAAsB,kBAAkB,MAAc,OAAsB,SAAiD;AAC3H,QAAM,eAAe,MAAM,mBAAmB;AAC9C,eAAa,YAAY,MAAM,OAAO,OAAO;AAC/C;AAEO,SAAS,mBAAmB,MAAc,SAA8B;AAC7E,eAAa;AACb,6BAA2B,MAAM,OAAO;AAC1C;AAEA,eAAsB,aAAa,MAAc,SAA8B;AAC7E,QAAM,eAAe,MAAM,mBAAmB;AAC9C,eAAa,OAAO,MAAM,OAAO;AACnC;AAEO,SAAS,gBAAgB,MAAc,OAAe,SAA2B;AACtF,eAAa;AACb,0BAAwB,MAAM,OAAO,OAAO;AAC9C;AAEA,eAAsB,UAAU,MAAc,OAAe,SAA2B;AACtF,QAAM,eAAe,MAAM,mBAAmB;AAC9C,eAAa,IAAI,MAAM,OAAO,OAAO;AACvC;AAEA,eAAsB,uBAAuB;AAC3C,QAAM,mBAAe,gDAA2B;AAChD,QAAM,gBAAgB,UAAM,gDAA2B,YAAY;AACnE,QAAM,YAAQ,yCAAoB;AAElC,QAAM,UAAU,uBAAuB,OAAO,cAAc,EAAE,QAAQ,KAAK,GAAG,CAAC;AAE/E,SAAO;AAAA,IACL;AAAA,IACA;AAAA,EACF;AACF;AAEO,SAAS,8BAA8B,OAAe;AAC3D,eAAa;AACb,QAAM,aAAa,uBAAuB;AAC1C,QAAM,eAAe,gBAAgB,UAAU;AAC/C,MAAI,CAAC,cAAc;AACjB,WAAO;AAAA,EACT;AACA,qBAAmB,YAAY,CAAC,CAAC;AACjC,SAAO;AAAA,IACL;AAAA,EACF;AACF;","names":["Cookies"]}
|
|
@@ -39,6 +39,7 @@ var import_sessions = require("@stackframe/stack-shared/dist/sessions");
|
|
|
39
39
|
var import_bytes = require("@stackframe/stack-shared/dist/utils/bytes");
|
|
40
40
|
var import_env = require("@stackframe/stack-shared/dist/utils/env");
|
|
41
41
|
var import_errors = require("@stackframe/stack-shared/dist/utils/errors");
|
|
42
|
+
var import_json = require("@stackframe/stack-shared/dist/utils/json");
|
|
42
43
|
var import_maps = require("@stackframe/stack-shared/dist/utils/maps");
|
|
43
44
|
var import_objects = require("@stackframe/stack-shared/dist/utils/objects");
|
|
44
45
|
var import_promises = require("@stackframe/stack-shared/dist/utils/promises");
|
|
@@ -58,7 +59,6 @@ var import_projects = require("../../projects/index.js");
|
|
|
58
59
|
var import_teams = require("../../teams/index.js");
|
|
59
60
|
var import_users = require("../../users/index.js");
|
|
60
61
|
var import_common2 = require("./common.js");
|
|
61
|
-
var import_json = require("@stackframe/stack-shared/dist/utils/json");
|
|
62
62
|
var isReactServer = false;
|
|
63
63
|
var process = globalThis.process ?? { env: {} };
|
|
64
64
|
var allClientApps = /* @__PURE__ */ new Map();
|
|
@@ -483,9 +483,10 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
|
|
|
483
483
|
return;
|
|
484
484
|
}
|
|
485
485
|
const domain = await this._trustedParentDomainCache.getOrWait([hostname], "read-write");
|
|
486
|
+
const cookieOptions = { maxAge: 60 * 60 * 24 * 365, noOpIfServerComponent: true };
|
|
486
487
|
const setCookie = async (targetDomain, value2) => {
|
|
487
488
|
const name = this._getCustomRefreshCookieName(targetDomain);
|
|
488
|
-
const options = {
|
|
489
|
+
const options = { ...cookieOptions, domain: targetDomain };
|
|
489
490
|
if (context === "browser") {
|
|
490
491
|
(0, import_cookie.setOrDeleteCookieClient)(name, value2, options);
|
|
491
492
|
} else {
|
|
@@ -498,7 +499,7 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
|
|
|
498
499
|
const value = refreshToken && updatedAt ? this._formatRefreshCookieValue(refreshToken, updatedAt) : null;
|
|
499
500
|
await setCookie(domain.data, value);
|
|
500
501
|
const isSecure = await (0, import_cookie.isSecure)();
|
|
501
|
-
await (0, import_cookie.setOrDeleteCookie)(this._getRefreshTokenDefaultCookieNameForSecure(isSecure), null);
|
|
502
|
+
await (0, import_cookie.setOrDeleteCookie)(this._getRefreshTokenDefaultCookieNameForSecure(isSecure), null, cookieOptions);
|
|
502
503
|
});
|
|
503
504
|
}
|
|
504
505
|
async _getTrustedParentDomain(currentDomain) {
|
|
@@ -550,7 +551,7 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
|
|
|
550
551
|
);
|
|
551
552
|
(0, import_cookie.setOrDeleteCookieClient)(defaultName, refreshCookieValue, { maxAge: 60 * 60 * 24 * 365, secure });
|
|
552
553
|
(0, import_cookie.setOrDeleteCookieClient)(this._accessTokenCookieName, accessTokenPayload, { maxAge: 60 * 60 * 24 });
|
|
553
|
-
cookieNamesToDelete.forEach((name) => (0, import_cookie.deleteCookieClient)(name));
|
|
554
|
+
cookieNamesToDelete.forEach((name) => (0, import_cookie.deleteCookieClient)(name, {}));
|
|
554
555
|
this._queueCustomRefreshCookieUpdate(refreshToken, updatedAt, "browser");
|
|
555
556
|
hasSucceededInWriting = true;
|
|
556
557
|
} catch (e) {
|
|
@@ -594,7 +595,7 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
|
|
|
594
595
|
if (cookieNamesToDelete.length > 0) {
|
|
595
596
|
await Promise.all(
|
|
596
597
|
cookieNamesToDelete.map(
|
|
597
|
-
(name) => (0, import_cookie.
|
|
598
|
+
(name) => (0, import_cookie.deleteCookie)(name, { noOpIfServerComponent: true })
|
|
598
599
|
)
|
|
599
600
|
);
|
|
600
601
|
}
|