@tern-secure/nextjs 5.1.4 → 5.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/app-router/admin/sessionHandler.js +2 -2
- package/dist/cjs/app-router/admin/sessionHandler.js.map +1 -1
- package/dist/cjs/global.d.js +2 -0
- package/dist/cjs/global.d.js.map +1 -0
- package/dist/cjs/server/jwt-edge.js +0 -4
- package/dist/cjs/server/jwt-edge.js.map +1 -1
- package/dist/cjs/utils/allNextProviderProps.js +0 -3
- package/dist/cjs/utils/allNextProviderProps.js.map +1 -1
- package/dist/esm/app-router/admin/sessionHandler.js +1 -1
- package/dist/esm/app-router/admin/sessionHandler.js.map +1 -1
- package/dist/esm/global.d.js +1 -0
- package/dist/esm/global.d.js.map +1 -0
- package/dist/esm/server/jwt-edge.js +0 -4
- package/dist/esm/server/jwt-edge.js.map +1 -1
- package/dist/esm/utils/allNextProviderProps.js +0 -3
- package/dist/esm/utils/allNextProviderProps.js.map +1 -1
- package/dist/types/utils/allNextProviderProps.d.ts.map +1 -1
- package/package.json +5 -5
|
@@ -22,7 +22,7 @@ __export(sessionHandler_exports, {
|
|
|
22
22
|
});
|
|
23
23
|
module.exports = __toCommonJS(sessionHandler_exports);
|
|
24
24
|
var import_server = require("next/server");
|
|
25
|
-
var
|
|
25
|
+
var import_react = require("@tern-secure/react");
|
|
26
26
|
async function createSessionHandler(request) {
|
|
27
27
|
try {
|
|
28
28
|
const body = await request.json();
|
|
@@ -47,7 +47,7 @@ async function createSessionHandler(request) {
|
|
|
47
47
|
{ status: 400 }
|
|
48
48
|
);
|
|
49
49
|
}
|
|
50
|
-
const res = await (0,
|
|
50
|
+
const res = await (0, import_react.createSessionCookie)(idToken);
|
|
51
51
|
if (!res.success) {
|
|
52
52
|
console.error("[createSessionHandler] Error creating session cookie:", {
|
|
53
53
|
error: res.error,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/app-router/admin/sessionHandler.ts"],"sourcesContent":["import { NextRequest, NextResponse } from \"next/server\"\nimport { createSessionCookie } from \"@tern-secure/
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/admin/sessionHandler.ts"],"sourcesContent":["import { NextRequest, NextResponse } from \"next/server\"\nimport { createSessionCookie } from \"@tern-secure/react\"\n\nexport async function createSessionHandler(request: NextRequest): Promise<NextResponse> {\n try {\n const body = await request.json()\n const { idToken, csrfToken } = body\n\n if (!idToken) {\n return NextResponse.json(\n {\n success: false, \n message: 'ID token is required', \n error: 'INVALID_TOKEN'\n },\n { status: 400 }\n );\n }\n\n if (!csrfToken) {\n return NextResponse.json(\n {\n success: false, \n message: 'CSRF token is required', \n error: 'INVALID_CSRF_TOKEN'\n },\n { status: 400 }\n );\n }\n\n const res = await createSessionCookie(idToken);\n\n if (!res.success) {\n console.error('[createSessionHandler] Error creating session cookie:', {\n error: res.error,\n message: res.message,\n cookieSet: res.cookieSet\n });\n }\n\n const statusCode = res.success ? 200 : \n res.error === 'INVALID_TOKEN' ? 400 :\n res.error === 'EXPIRED_TOKEN' ? 401 : 500;\n\n return NextResponse.json(res, { status: statusCode })\n\n } catch (error) {\n return NextResponse.json(\n {\n success: false,\n message: 'Invalid request format'\n },\n { status: 400 }\n )\n }\n}"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAA0C;AAC1C,mBAAoC;AAEpC,eAAsB,qBAAqB,SAA6C;AACpF,MAAI;AACA,UAAM,OAAO,MAAM,QAAQ,KAAK;AAChC,UAAM,EAAE,SAAS,UAAU,IAAI;AAE/B,QAAI,CAAC,SAAS;AACV,aAAO,2BAAa;AAAA,QAChB;AAAA,UACI,SAAS;AAAA,UACT,SAAS;AAAA,UACT,OAAO;AAAA,QACX;AAAA,QACA,EAAE,QAAQ,IAAI;AAAA,MAClB;AAAA,IACJ;AAEA,QAAI,CAAC,WAAW;AACZ,aAAO,2BAAa;AAAA,QAChB;AAAA,UACI,SAAS;AAAA,UACT,SAAS;AAAA,UACT,OAAO;AAAA,QACX;AAAA,QACA,EAAE,QAAQ,IAAI;AAAA,MAClB;AAAA,IACJ;AAEA,UAAM,MAAM,UAAM,kCAAoB,OAAO;AAE7C,QAAI,CAAC,IAAI,SAAS;AACd,cAAQ,MAAM,yDAAyD;AAAA,QACnE,OAAO,IAAI;AAAA,QACX,SAAS,IAAI;AAAA,QACb,WAAW,IAAI;AAAA,MACnB,CAAC;AAAA,IACL;AAEA,UAAM,aAAa,IAAI,UAAU,MACd,IAAI,UAAU,kBAAkB,MAC/B,IAAI,UAAU,kBAAkB,MAAM;AAE1D,WAAO,2BAAa,KAAK,KAAK,EAAE,QAAQ,WAAW,CAAC;AAAA,EAExD,SAAS,OAAO;AACZ,WAAO,2BAAa;AAAA,MAChB;AAAA,QACI,SAAS;AAAA,QACT,SAAS;AAAA,MACb;AAAA,MACA,EAAE,QAAQ,IAAI;AAAA,IAClB;AAAA,EACJ;AACJ;","names":[]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
|
|
@@ -66,10 +66,6 @@ async function verifyFirebaseToken(token, isSessionCookie = false) {
|
|
|
66
66
|
if (!decoded) {
|
|
67
67
|
throw new Error("Invalid token format");
|
|
68
68
|
}
|
|
69
|
-
console.log("Token details:", {
|
|
70
|
-
header: decoded.header,
|
|
71
|
-
type: isSessionCookie ? "session_cookie" : "id_token"
|
|
72
|
-
});
|
|
73
69
|
const JWKS = isSessionCookie ? await getSessionJWKS() : await getIdTokenJWKS();
|
|
74
70
|
const { payload } = await (0, import_jose.jwtVerify)(token, JWKS, {
|
|
75
71
|
issuer: isSessionCookie ? "https://session.firebase.google.com/" + projectId : "https://securetoken.google.com/" + projectId,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/server/jwt-edge.ts"],"sourcesContent":["import { jwtVerify, createRemoteJWKSet } from \"jose\"\r\nimport { cache } from \"react\"\r\n\r\ninterface FirebaseIdTokenPayload {\r\n iss: string\r\n aud: string\r\n auth_time: number\r\n user_id: string\r\n sub: string\r\n iat: number\r\n exp: number\r\n email?: string\r\n email_verified?: boolean\r\n firebase: {\r\n identities: {\r\n [key: string]: any\r\n }\r\n sign_in_provider: string\r\n }\r\n}\r\n\r\n// Firebase public key endpoints\r\nconst FIREBASE_ID_TOKEN_URL = \"https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com\"\r\nconst FIREBASE_SESSION_CERT_URL = \"https://identitytoolkit.googleapis.com/v1/sessionCookiePublicKeys\"\r\n\r\n// Cache the JWKS using React cache\r\nconst getIdTokenJWKS = cache(() => {\r\n return createRemoteJWKSet(new URL(FIREBASE_ID_TOKEN_URL), {\r\n cacheMaxAge: 3600000, // 1 hour\r\n timeoutDuration: 5000, // 5 seconds\r\n cooldownDuration: 30000, // 30 seconds between retries\r\n })\r\n})\r\n\r\nconst getSessionJWKS = cache(() => {\r\n return createRemoteJWKSet(new URL(FIREBASE_SESSION_CERT_URL), {\r\n cacheMaxAge: 3600000, // 1 hour\r\n timeoutDuration: 5000, // 5 seconds\r\n cooldownDuration: 30000, // 30 seconds between retries\r\n })\r\n})\r\n\r\n// Helper to decode JWT without verification\r\nfunction decodeJwt(token: string) {\r\n try {\r\n const [headerB64, payloadB64] = token.split(\".\")\r\n const header = JSON.parse(Buffer.from(headerB64, \"base64\").toString())\r\n const payload = JSON.parse(Buffer.from(payloadB64, \"base64\").toString())\r\n return { header, payload }\r\n } catch (error) {\r\n console.error(\"Error decoding JWT:\", error)\r\n return null\r\n }\r\n}\r\n\r\nexport async function verifyFirebaseToken(token: string, isSessionCookie = false) {\r\n try {\r\n const projectId = process.env.NEXT_PUBLIC_FIREBASE_PROJECT_ID\r\n if (!projectId) {\r\n throw new Error(\"Firebase Project ID is not configured\")\r\n }\r\n\r\n // Decode token for debugging and type checking\r\n const decoded = decodeJwt(token)\r\n if (!decoded) {\r\n throw new Error(\"Invalid token format\")\r\n }\r\n\r\n console.log(\"Token details:\", {\r\n
|
|
1
|
+
{"version":3,"sources":["../../../src/server/jwt-edge.ts"],"sourcesContent":["import { jwtVerify, createRemoteJWKSet } from \"jose\"\r\nimport { cache } from \"react\"\r\n\r\ninterface FirebaseIdTokenPayload {\r\n iss: string\r\n aud: string\r\n auth_time: number\r\n user_id: string\r\n sub: string\r\n iat: number\r\n exp: number\r\n email?: string\r\n email_verified?: boolean\r\n firebase: {\r\n identities: {\r\n [key: string]: any\r\n }\r\n sign_in_provider: string\r\n }\r\n}\r\n\r\n// Firebase public key endpoints\r\nconst FIREBASE_ID_TOKEN_URL = \"https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com\"\r\nconst FIREBASE_SESSION_CERT_URL = \"https://identitytoolkit.googleapis.com/v1/sessionCookiePublicKeys\"\r\n\r\n// Cache the JWKS using React cache\r\nconst getIdTokenJWKS = cache(() => {\r\n return createRemoteJWKSet(new URL(FIREBASE_ID_TOKEN_URL), {\r\n cacheMaxAge: 3600000, // 1 hour\r\n timeoutDuration: 5000, // 5 seconds\r\n cooldownDuration: 30000, // 30 seconds between retries\r\n })\r\n})\r\n\r\nconst getSessionJWKS = cache(() => {\r\n return createRemoteJWKSet(new URL(FIREBASE_SESSION_CERT_URL), {\r\n cacheMaxAge: 3600000, // 1 hour\r\n timeoutDuration: 5000, // 5 seconds\r\n cooldownDuration: 30000, // 30 seconds between retries\r\n })\r\n})\r\n\r\n// Helper to decode JWT without verification\r\nfunction decodeJwt(token: string) {\r\n try {\r\n const [headerB64, payloadB64] = token.split(\".\")\r\n const header = JSON.parse(Buffer.from(headerB64, \"base64\").toString())\r\n const payload = JSON.parse(Buffer.from(payloadB64, \"base64\").toString())\r\n return { header, payload }\r\n } catch (error) {\r\n console.error(\"Error decoding JWT:\", error)\r\n return null\r\n }\r\n}\r\n\r\nexport async function verifyFirebaseToken(token: string, isSessionCookie = false) {\r\n try {\r\n const projectId = process.env.NEXT_PUBLIC_FIREBASE_PROJECT_ID\r\n if (!projectId) {\r\n throw new Error(\"Firebase Project ID is not configured\")\r\n }\r\n\r\n // Decode token for debugging and type checking\r\n const decoded = decodeJwt(token)\r\n if (!decoded) {\r\n throw new Error(\"Invalid token format\")\r\n }\r\n\r\n //console.log(\"Token details:\", {\r\n // header: decoded.header,\r\n // type: isSessionCookie ? \"session_cookie\" : \"id_token\",\r\n //})\r\n\r\n\r\n // Use different JWKS based on token type\r\n const JWKS = isSessionCookie ? await getSessionJWKS() : await getIdTokenJWKS()\r\n\r\n const { payload } = await jwtVerify(token, JWKS, {\r\n issuer: isSessionCookie\r\n ? \"https://session.firebase.google.com/\" + projectId\r\n : \"https://securetoken.google.com/\" + projectId,\r\n audience: projectId,\r\n algorithms: [\"RS256\"],\r\n })\r\n\r\n const firebasePayload = payload as unknown as FirebaseIdTokenPayload\r\n const now = Math.floor(Date.now() / 1000)\r\n\r\n\r\n if (!firebasePayload.sub) {\r\n throw new Error(\"Token subject is empty\")\r\n }\r\n\r\n return {\r\n valid: true,\r\n uid: firebasePayload.sub,\r\n email: firebasePayload.email,\r\n emailVerified: firebasePayload.email_verified,\r\n authTime: firebasePayload.auth_time,\r\n issuedAt: firebasePayload.iat,\r\n expiresAt: firebasePayload.exp,\r\n }\r\n } catch (error) {\r\n console.error(\"Token verification details:\", {\r\n error:\r\n error instanceof Error\r\n ? {\r\n name: error.name,\r\n message: error.message,\r\n stack: error.stack,\r\n }\r\n : error,\r\n decoded: decodeJwt(token),\r\n //projectId,\r\n isSessionCookie,\r\n })\r\n \r\n return {\r\n valid: false,\r\n error: error instanceof Error ? error.message : \"Invalid token\",\r\n }\r\n }\r\n }"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,kBAA8C;AAC9C,mBAAsB;AAqBtB,MAAM,wBAAwB;AAC9B,MAAM,4BAA4B;AAGlC,MAAM,qBAAiB,oBAAM,MAAM;AACjC,aAAO,gCAAmB,IAAI,IAAI,qBAAqB,GAAG;AAAA,IACxD,aAAa;AAAA;AAAA,IACb,iBAAiB;AAAA;AAAA,IACjB,kBAAkB;AAAA;AAAA,EACpB,CAAC;AACH,CAAC;AAED,MAAM,qBAAiB,oBAAM,MAAM;AACjC,aAAO,gCAAmB,IAAI,IAAI,yBAAyB,GAAG;AAAA,IAC5D,aAAa;AAAA;AAAA,IACb,iBAAiB;AAAA;AAAA,IACjB,kBAAkB;AAAA;AAAA,EACpB,CAAC;AACH,CAAC;AAGD,SAAS,UAAU,OAAe;AAChC,MAAI;AACF,UAAM,CAAC,WAAW,UAAU,IAAI,MAAM,MAAM,GAAG;AAC/C,UAAM,SAAS,KAAK,MAAM,OAAO,KAAK,WAAW,QAAQ,EAAE,SAAS,CAAC;AACrE,UAAM,UAAU,KAAK,MAAM,OAAO,KAAK,YAAY,QAAQ,EAAE,SAAS,CAAC;AACvE,WAAO,EAAE,QAAQ,QAAQ;AAAA,EAC3B,SAAS,OAAO;AACd,YAAQ,MAAM,uBAAuB,KAAK;AAC1C,WAAO;AAAA,EACT;AACF;AAEA,eAAsB,oBAAoB,OAAe,kBAAkB,OAAO;AAChF,MAAI;AACF,UAAM,YAAY,QAAQ,IAAI;AAC9B,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,MAAM,uCAAuC;AAAA,IACzD;AAGA,UAAM,UAAU,UAAU,KAAK;AAC/B,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,MAAM,sBAAsB;AAAA,IACxC;AASA,UAAM,OAAO,kBAAkB,MAAM,eAAe,IAAI,MAAM,eAAe;AAE7E,UAAM,EAAE,QAAQ,IAAI,UAAM,uBAAU,OAAO,MAAM;AAAA,MAC3C,QAAQ,kBACJ,yCAAyC,YACzC,oCAAoC;AAAA,MACxC,UAAU;AAAA,MACV,YAAY,CAAC,OAAO;AAAA,IAC1B,CAAC;AAED,UAAM,kBAAkB;AACxB,UAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AAGxC,QAAI,CAAC,gBAAgB,KAAK;AACpB,YAAM,IAAI,MAAM,wBAAwB;AAAA,IAC9C;AAEA,WAAO;AAAA,MACD,OAAO;AAAA,MACP,KAAK,gBAAgB;AAAA,MACrB,OAAO,gBAAgB;AAAA,MACvB,eAAe,gBAAgB;AAAA,MAC/B,UAAU,gBAAgB;AAAA,MAC1B,UAAU,gBAAgB;AAAA,MAC1B,WAAW,gBAAgB;AAAA,IAC7B;AAAA,EACJ,SAAS,OAAO;AACZ,YAAQ,MAAM,+BAA+B;AAAA,MAC3C,OACE,iBAAiB,QACb;AAAA,QACE,MAAM,MAAM;AAAA,QACZ,SAAS,MAAM;AAAA,QACf,OAAO,MAAM;AAAA,MACf,IACA;AAAA,MACN,SAAS,UAAU,KAAK;AAAA;AAAA,MAExB;AAAA,IACF,CAAC;AAED,WAAO;AAAA,MACL,OAAO;AAAA,MACP,OAAO,iBAAiB,QAAQ,MAAM,UAAU;AAAA,IAClD;AAAA,EACF;AACF;","names":[]}
|
|
@@ -31,7 +31,6 @@ const allNextProviderPropsWithEnv = (nextProps) => {
|
|
|
31
31
|
projectId: propsProjectId,
|
|
32
32
|
customDomain: propsCustomDomain,
|
|
33
33
|
proxyUrl: propsProxyUrl,
|
|
34
|
-
environment: propsEnvironment,
|
|
35
34
|
requiresVerification: propsRequiresVerification,
|
|
36
35
|
isTernSecureDev: propsIsTernSecureDev,
|
|
37
36
|
enableServiceWorker: propsEnableServiceWorker,
|
|
@@ -66,7 +65,6 @@ const allNextProviderPropsWithEnv = (nextProps) => {
|
|
|
66
65
|
const finalProjectId = propsProjectId ?? envConfig.projectId;
|
|
67
66
|
const finalCustomDomain = propsCustomDomain ?? envConfig.customDomain;
|
|
68
67
|
const finalProxyUrl = propsProxyUrl ?? envConfig.proxyUrl;
|
|
69
|
-
const finalEnvironment = propsEnvironment ?? envConfig.environment;
|
|
70
68
|
const finalSignInUrl = signInUrl ?? envConfig.signInUrl;
|
|
71
69
|
const finalSignUpUrl = signUpUrl ?? envConfig.signUpUrl;
|
|
72
70
|
const finalSignInForceRedirectUrl = propsSignInForceRedirectUrl ?? envConfig.signInForceRedirectUrl;
|
|
@@ -78,7 +76,6 @@ const allNextProviderPropsWithEnv = (nextProps) => {
|
|
|
78
76
|
projectId: finalProjectId,
|
|
79
77
|
customDomain: finalCustomDomain,
|
|
80
78
|
proxyUrl: finalProxyUrl,
|
|
81
|
-
environment: finalEnvironment,
|
|
82
79
|
// Set the Firebase configuration properties
|
|
83
80
|
ternSecureConfig,
|
|
84
81
|
// Set properties explicitly taken from TernSecureNextProps (props version)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/utils/allNextProviderProps.ts"],"sourcesContent":["import type { TernSecureNextProps } from \"../types\";\nimport type { \n TernSecureProviderProps, \n IsomorphicTernSecureOptions \n} from \"@tern-secure/react\";\n\n// Helper type for the return value, as children are handled by the consuming component\ntype NextProviderProcessedProps = Omit<TernSecureProviderProps, 'children'>;\n\nexport const allNextProviderPropsWithEnv = (\n nextProps: Omit<TernSecureNextProps, 'children'>\n): NextProviderProcessedProps => {\n const {\n signInUrl,\n signUpUrl,\n signInForceRedirectUrl: propsSignInForceRedirectUrl,\n signUpForceRedirectUrl: propsSignUpForceRedirectUrl,\n apiKey: propsApiKey,\n projectId: propsProjectId,\n customDomain: propsCustomDomain,\n proxyUrl: propsProxyUrl,\n
|
|
1
|
+
{"version":3,"sources":["../../../src/utils/allNextProviderProps.ts"],"sourcesContent":["import type { TernSecureNextProps } from \"../types\";\nimport type { \n TernSecureProviderProps, \n IsomorphicTernSecureOptions \n} from \"@tern-secure/react\";\n\n// Helper type for the return value, as children are handled by the consuming component\ntype NextProviderProcessedProps = Omit<TernSecureProviderProps, 'children'>;\n\nexport const allNextProviderPropsWithEnv = (\n nextProps: Omit<TernSecureNextProps, 'children'>\n): NextProviderProcessedProps => {\n const {\n signInUrl,\n signUpUrl,\n signInForceRedirectUrl: propsSignInForceRedirectUrl,\n signUpForceRedirectUrl: propsSignUpForceRedirectUrl,\n apiKey: propsApiKey,\n projectId: propsProjectId,\n customDomain: propsCustomDomain,\n proxyUrl: propsProxyUrl,\n requiresVerification: propsRequiresVerification,\n isTernSecureDev: propsIsTernSecureDev,\n enableServiceWorker: propsEnableServiceWorker,\n loadingComponent: propsLoadingComponent,\n ...baseProps \n } = nextProps;\n\n const envConfig = {\n apiKey: process.env.NEXT_PUBLIC_TERN_API_KEY,\n projectId: process.env.NEXT_PUBLIC_TERN_PROJECT_ID,\n customDomain: process.env.NEXT_PUBLIC_TERN_CUSTOM_DOMAIN,\n proxyUrl: process.env.NEXT_PUBLIC_TERN_PROXY_URL,\n environment: process.env.NEXT_PUBLIC_TERN_ENVIRONMENT,\n signInUrl: process.env.NEXT_PUBLIC_SIGN_IN_URL,\n signUpUrl: process.env.NEXT_PUBLIC_SIGN_UP_URL,\n signInForceRedirectUrl: process.env.NEXT_PUBLIC_SIGN_IN_FORCE_REDIRECT_URL,\n signUpForceRedirectUrl: process.env.NEXT_PUBLIC_SIGN_UP_FORCE_REDIRECT_URL,\n projectIdAdmin: process.env.FIREBASE_PROJECT_ID,\n clientEmail: process.env.FIREBASE_CLIENT_EMAIL,\n privateKey: process.env.FIREBASE_PRIVATE_KEY,\n };\n\n const ternSecureConfig = {\n apiKey: process.env.NEXT_PUBLIC_FIREBASE_API_KEY || '',\n authDomain: process.env.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN || '',\n appName: process.env.NEXT_PUBLIC_FIREBASE_APP_NAME || '',\n projectId: process.env.NEXT_PUBLIC_FIREBASE_PROJECT_ID || '',\n storageBucket: process.env.NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET || '',\n messagingSenderId: process.env.NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID || '',\n appId: process.env.NEXT_PUBLIC_FIREBASE_APP_ID || '',\n measurementId: process.env.NEXT_PUBLIC_FIREBASE_MEASUREMENTID\n };\n\n // Merge config values: props take precedence over environment variables\n const finalApiKey = propsApiKey ?? envConfig.apiKey;\n const finalProjectId = propsProjectId ?? envConfig.projectId;\n const finalCustomDomain = propsCustomDomain ?? envConfig.customDomain;\n const finalProxyUrl = propsProxyUrl ?? envConfig.proxyUrl;\n const finalSignInUrl = signInUrl ?? envConfig.signInUrl;\n const finalSignUpUrl = signUpUrl ?? envConfig.signUpUrl;\n const finalSignInForceRedirectUrl = propsSignInForceRedirectUrl ?? envConfig.signInForceRedirectUrl;\n const finalSignUpForceRedirectUrl = propsSignUpForceRedirectUrl ?? envConfig.signUpForceRedirectUrl\n\n // Construct the result, ensuring it conforms to NextProviderProcessedProps\n // (Omit<TernSecureProviderProps, 'children'>)\n const result: NextProviderProcessedProps = {\n ...(baseProps as Omit<TernSecureProviderProps, 'children' | keyof IsomorphicTernSecureOptions | 'requiresVerification' | 'loadingComponent'>),\n \n // Set the merged/prioritized instance configuration properties\n apiKey: finalApiKey,\n projectId: finalProjectId,\n customDomain: finalCustomDomain,\n proxyUrl: finalProxyUrl,\n\n // Set the Firebase configuration properties\n ternSecureConfig,\n \n // Set properties explicitly taken from TernSecureNextProps (props version)\n // These are part of the TernSecureProviderProps interface.\n requiresVerification: propsRequiresVerification,\n isTernSecureDev: propsIsTernSecureDev,\n enableServiceWorker: propsEnableServiceWorker,\n loadingComponent: propsLoadingComponent,\n\n //TernSecure: baseProps.Instance,\n initialState: baseProps.initialState,\n bypassApiKey: baseProps.bypassApiKey,\n initialSession: baseProps.initialSession,\n defaultAppearance: baseProps.defaultAppearance,\n signInUrl: finalSignInUrl,\n signUpUrl: finalSignUpUrl,\n signInForceRedirectUrl: finalSignInForceRedirectUrl,\n signUpForceRedirectUrl: finalSignUpForceRedirectUrl,\n mode: baseProps.mode,\n onAuthStateChanged: baseProps.onAuthStateChanged,\n onError: baseProps.onError,\n };\n\n // Clean up undefined keys that might have resulted from spreading if not present in baseProps\n // and also not set by merged values (e.g. if env var is also undefined)\n Object.keys(result).forEach(key => {\n if (result[key as keyof NextProviderProcessedProps] === undefined) {\n delete result[key as keyof NextProviderProcessedProps];\n }\n });\n\n return result;\n};"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AASO,MAAM,8BAA8B,CACzC,cAC+B;AAC/B,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA,wBAAwB;AAAA,IACxB,wBAAwB;AAAA,IACxB,QAAQ;AAAA,IACR,WAAW;AAAA,IACX,cAAc;AAAA,IACd,UAAU;AAAA,IACV,sBAAsB;AAAA,IACtB,iBAAiB;AAAA,IACjB,qBAAqB;AAAA,IACrB,kBAAkB;AAAA,IAClB,GAAG;AAAA,EACL,IAAI;AAEJ,QAAM,YAAY;AAAA,IAChB,QAAQ,QAAQ,IAAI;AAAA,IACpB,WAAW,QAAQ,IAAI;AAAA,IACvB,cAAc,QAAQ,IAAI;AAAA,IAC1B,UAAU,QAAQ,IAAI;AAAA,IACtB,aAAa,QAAQ,IAAI;AAAA,IACzB,WAAW,QAAQ,IAAI;AAAA,IACvB,WAAW,QAAQ,IAAI;AAAA,IACvB,wBAAwB,QAAQ,IAAI;AAAA,IACpC,wBAAwB,QAAQ,IAAI;AAAA,IACpC,gBAAgB,QAAQ,IAAI;AAAA,IAC5B,aAAa,QAAQ,IAAI;AAAA,IACzB,YAAY,QAAQ,IAAI;AAAA,EAC1B;AAEA,QAAM,mBAAmB;AAAA,IACvB,QAAQ,QAAQ,IAAI,gCAAgC;AAAA,IACpD,YAAY,QAAQ,IAAI,oCAAoC;AAAA,IAC5D,SAAS,QAAQ,IAAI,iCAAiC;AAAA,IACtD,WAAW,QAAQ,IAAI,mCAAmC;AAAA,IAC1D,eAAe,QAAQ,IAAI,uCAAuC;AAAA,IAClE,mBAAmB,QAAQ,IAAI,4CAA4C;AAAA,IAC3E,OAAO,QAAQ,IAAI,+BAA+B;AAAA,IAClD,eAAe,QAAQ,IAAI;AAAA,EAC7B;AAGA,QAAM,cAAc,eAAe,UAAU;AAC7C,QAAM,iBAAiB,kBAAkB,UAAU;AACnD,QAAM,oBAAoB,qBAAqB,UAAU;AACzD,QAAM,gBAAgB,iBAAiB,UAAU;AACjD,QAAM,iBAAiB,aAAa,UAAU;AAC9C,QAAM,iBAAiB,aAAa,UAAU;AAC9C,QAAM,8BAA8B,+BAA+B,UAAU;AAC7E,QAAM,8BAA8B,+BAA+B,UAAU;AAI7E,QAAM,SAAqC;AAAA,IACzC,GAAI;AAAA;AAAA,IAGJ,QAAQ;AAAA,IACR,WAAW;AAAA,IACX,cAAc;AAAA,IACd,UAAU;AAAA;AAAA,IAGV;AAAA;AAAA;AAAA,IAIA,sBAAsB;AAAA,IACtB,iBAAiB;AAAA,IACjB,qBAAqB;AAAA,IACrB,kBAAkB;AAAA;AAAA,IAGlB,cAAc,UAAU;AAAA,IACxB,cAAc,UAAU;AAAA,IACxB,gBAAgB,UAAU;AAAA,IAC1B,mBAAmB,UAAU;AAAA,IAC7B,WAAW;AAAA,IACX,WAAW;AAAA,IACX,wBAAwB;AAAA,IACxB,wBAAwB;AAAA,IACxB,MAAM,UAAU;AAAA,IAChB,oBAAoB,UAAU;AAAA,IAC9B,SAAS,UAAU;AAAA,EACrB;AAIA,SAAO,KAAK,MAAM,EAAE,QAAQ,SAAO;AACjC,QAAI,OAAO,GAAuC,MAAM,QAAW;AACjE,aAAO,OAAO,GAAuC;AAAA,IACvD;AAAA,EACF,CAAC;AAED,SAAO;AACT;","names":[]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/app-router/admin/sessionHandler.ts"],"sourcesContent":["import { NextRequest, NextResponse } from \"next/server\"\nimport { createSessionCookie } from \"@tern-secure/
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/admin/sessionHandler.ts"],"sourcesContent":["import { NextRequest, NextResponse } from \"next/server\"\nimport { createSessionCookie } from \"@tern-secure/react\"\n\nexport async function createSessionHandler(request: NextRequest): Promise<NextResponse> {\n try {\n const body = await request.json()\n const { idToken, csrfToken } = body\n\n if (!idToken) {\n return NextResponse.json(\n {\n success: false, \n message: 'ID token is required', \n error: 'INVALID_TOKEN'\n },\n { status: 400 }\n );\n }\n\n if (!csrfToken) {\n return NextResponse.json(\n {\n success: false, \n message: 'CSRF token is required', \n error: 'INVALID_CSRF_TOKEN'\n },\n { status: 400 }\n );\n }\n\n const res = await createSessionCookie(idToken);\n\n if (!res.success) {\n console.error('[createSessionHandler] Error creating session cookie:', {\n error: res.error,\n message: res.message,\n cookieSet: res.cookieSet\n });\n }\n\n const statusCode = res.success ? 200 : \n res.error === 'INVALID_TOKEN' ? 400 :\n res.error === 'EXPIRED_TOKEN' ? 401 : 500;\n\n return NextResponse.json(res, { status: statusCode })\n\n } catch (error) {\n return NextResponse.json(\n {\n success: false,\n message: 'Invalid request format'\n },\n { status: 400 }\n )\n }\n}"],"mappings":"AAAA,SAAsB,oBAAoB;AAC1C,SAAS,2BAA2B;AAEpC,eAAsB,qBAAqB,SAA6C;AACpF,MAAI;AACA,UAAM,OAAO,MAAM,QAAQ,KAAK;AAChC,UAAM,EAAE,SAAS,UAAU,IAAI;AAE/B,QAAI,CAAC,SAAS;AACV,aAAO,aAAa;AAAA,QAChB;AAAA,UACI,SAAS;AAAA,UACT,SAAS;AAAA,UACT,OAAO;AAAA,QACX;AAAA,QACA,EAAE,QAAQ,IAAI;AAAA,MAClB;AAAA,IACJ;AAEA,QAAI,CAAC,WAAW;AACZ,aAAO,aAAa;AAAA,QAChB;AAAA,UACI,SAAS;AAAA,UACT,SAAS;AAAA,UACT,OAAO;AAAA,QACX;AAAA,QACA,EAAE,QAAQ,IAAI;AAAA,MAClB;AAAA,IACJ;AAEA,UAAM,MAAM,MAAM,oBAAoB,OAAO;AAE7C,QAAI,CAAC,IAAI,SAAS;AACd,cAAQ,MAAM,yDAAyD;AAAA,QACnE,OAAO,IAAI;AAAA,QACX,SAAS,IAAI;AAAA,QACb,WAAW,IAAI;AAAA,MACnB,CAAC;AAAA,IACL;AAEA,UAAM,aAAa,IAAI,UAAU,MACd,IAAI,UAAU,kBAAkB,MAC/B,IAAI,UAAU,kBAAkB,MAAM;AAE1D,WAAO,aAAa,KAAK,KAAK,EAAE,QAAQ,WAAW,CAAC;AAAA,EAExD,SAAS,OAAO;AACZ,WAAO,aAAa;AAAA,MAChB;AAAA,QACI,SAAS;AAAA,QACT,SAAS;AAAA,MACb;AAAA,MACA,EAAE,QAAQ,IAAI;AAAA,IAClB;AAAA,EACJ;AACJ;","names":[]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
//# sourceMappingURL=global.d.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
|
|
@@ -43,10 +43,6 @@ async function verifyFirebaseToken(token, isSessionCookie = false) {
|
|
|
43
43
|
if (!decoded) {
|
|
44
44
|
throw new Error("Invalid token format");
|
|
45
45
|
}
|
|
46
|
-
console.log("Token details:", {
|
|
47
|
-
header: decoded.header,
|
|
48
|
-
type: isSessionCookie ? "session_cookie" : "id_token"
|
|
49
|
-
});
|
|
50
46
|
const JWKS = isSessionCookie ? await getSessionJWKS() : await getIdTokenJWKS();
|
|
51
47
|
const { payload } = await jwtVerify(token, JWKS, {
|
|
52
48
|
issuer: isSessionCookie ? "https://session.firebase.google.com/" + projectId : "https://securetoken.google.com/" + projectId,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/server/jwt-edge.ts"],"sourcesContent":["import { jwtVerify, createRemoteJWKSet } from \"jose\"\r\nimport { cache } from \"react\"\r\n\r\ninterface FirebaseIdTokenPayload {\r\n iss: string\r\n aud: string\r\n auth_time: number\r\n user_id: string\r\n sub: string\r\n iat: number\r\n exp: number\r\n email?: string\r\n email_verified?: boolean\r\n firebase: {\r\n identities: {\r\n [key: string]: any\r\n }\r\n sign_in_provider: string\r\n }\r\n}\r\n\r\n// Firebase public key endpoints\r\nconst FIREBASE_ID_TOKEN_URL = \"https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com\"\r\nconst FIREBASE_SESSION_CERT_URL = \"https://identitytoolkit.googleapis.com/v1/sessionCookiePublicKeys\"\r\n\r\n// Cache the JWKS using React cache\r\nconst getIdTokenJWKS = cache(() => {\r\n return createRemoteJWKSet(new URL(FIREBASE_ID_TOKEN_URL), {\r\n cacheMaxAge: 3600000, // 1 hour\r\n timeoutDuration: 5000, // 5 seconds\r\n cooldownDuration: 30000, // 30 seconds between retries\r\n })\r\n})\r\n\r\nconst getSessionJWKS = cache(() => {\r\n return createRemoteJWKSet(new URL(FIREBASE_SESSION_CERT_URL), {\r\n cacheMaxAge: 3600000, // 1 hour\r\n timeoutDuration: 5000, // 5 seconds\r\n cooldownDuration: 30000, // 30 seconds between retries\r\n })\r\n})\r\n\r\n// Helper to decode JWT without verification\r\nfunction decodeJwt(token: string) {\r\n try {\r\n const [headerB64, payloadB64] = token.split(\".\")\r\n const header = JSON.parse(Buffer.from(headerB64, \"base64\").toString())\r\n const payload = JSON.parse(Buffer.from(payloadB64, \"base64\").toString())\r\n return { header, payload }\r\n } catch (error) {\r\n console.error(\"Error decoding JWT:\", error)\r\n return null\r\n }\r\n}\r\n\r\nexport async function verifyFirebaseToken(token: string, isSessionCookie = false) {\r\n try {\r\n const projectId = process.env.NEXT_PUBLIC_FIREBASE_PROJECT_ID\r\n if (!projectId) {\r\n throw new Error(\"Firebase Project ID is not configured\")\r\n }\r\n\r\n // Decode token for debugging and type checking\r\n const decoded = decodeJwt(token)\r\n if (!decoded) {\r\n throw new Error(\"Invalid token format\")\r\n }\r\n\r\n console.log(\"Token details:\", {\r\n
|
|
1
|
+
{"version":3,"sources":["../../../src/server/jwt-edge.ts"],"sourcesContent":["import { jwtVerify, createRemoteJWKSet } from \"jose\"\r\nimport { cache } from \"react\"\r\n\r\ninterface FirebaseIdTokenPayload {\r\n iss: string\r\n aud: string\r\n auth_time: number\r\n user_id: string\r\n sub: string\r\n iat: number\r\n exp: number\r\n email?: string\r\n email_verified?: boolean\r\n firebase: {\r\n identities: {\r\n [key: string]: any\r\n }\r\n sign_in_provider: string\r\n }\r\n}\r\n\r\n// Firebase public key endpoints\r\nconst FIREBASE_ID_TOKEN_URL = \"https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com\"\r\nconst FIREBASE_SESSION_CERT_URL = \"https://identitytoolkit.googleapis.com/v1/sessionCookiePublicKeys\"\r\n\r\n// Cache the JWKS using React cache\r\nconst getIdTokenJWKS = cache(() => {\r\n return createRemoteJWKSet(new URL(FIREBASE_ID_TOKEN_URL), {\r\n cacheMaxAge: 3600000, // 1 hour\r\n timeoutDuration: 5000, // 5 seconds\r\n cooldownDuration: 30000, // 30 seconds between retries\r\n })\r\n})\r\n\r\nconst getSessionJWKS = cache(() => {\r\n return createRemoteJWKSet(new URL(FIREBASE_SESSION_CERT_URL), {\r\n cacheMaxAge: 3600000, // 1 hour\r\n timeoutDuration: 5000, // 5 seconds\r\n cooldownDuration: 30000, // 30 seconds between retries\r\n })\r\n})\r\n\r\n// Helper to decode JWT without verification\r\nfunction decodeJwt(token: string) {\r\n try {\r\n const [headerB64, payloadB64] = token.split(\".\")\r\n const header = JSON.parse(Buffer.from(headerB64, \"base64\").toString())\r\n const payload = JSON.parse(Buffer.from(payloadB64, \"base64\").toString())\r\n return { header, payload }\r\n } catch (error) {\r\n console.error(\"Error decoding JWT:\", error)\r\n return null\r\n }\r\n}\r\n\r\nexport async function verifyFirebaseToken(token: string, isSessionCookie = false) {\r\n try {\r\n const projectId = process.env.NEXT_PUBLIC_FIREBASE_PROJECT_ID\r\n if (!projectId) {\r\n throw new Error(\"Firebase Project ID is not configured\")\r\n }\r\n\r\n // Decode token for debugging and type checking\r\n const decoded = decodeJwt(token)\r\n if (!decoded) {\r\n throw new Error(\"Invalid token format\")\r\n }\r\n\r\n //console.log(\"Token details:\", {\r\n // header: decoded.header,\r\n // type: isSessionCookie ? \"session_cookie\" : \"id_token\",\r\n //})\r\n\r\n\r\n // Use different JWKS based on token type\r\n const JWKS = isSessionCookie ? await getSessionJWKS() : await getIdTokenJWKS()\r\n\r\n const { payload } = await jwtVerify(token, JWKS, {\r\n issuer: isSessionCookie\r\n ? \"https://session.firebase.google.com/\" + projectId\r\n : \"https://securetoken.google.com/\" + projectId,\r\n audience: projectId,\r\n algorithms: [\"RS256\"],\r\n })\r\n\r\n const firebasePayload = payload as unknown as FirebaseIdTokenPayload\r\n const now = Math.floor(Date.now() / 1000)\r\n\r\n\r\n if (!firebasePayload.sub) {\r\n throw new Error(\"Token subject is empty\")\r\n }\r\n\r\n return {\r\n valid: true,\r\n uid: firebasePayload.sub,\r\n email: firebasePayload.email,\r\n emailVerified: firebasePayload.email_verified,\r\n authTime: firebasePayload.auth_time,\r\n issuedAt: firebasePayload.iat,\r\n expiresAt: firebasePayload.exp,\r\n }\r\n } catch (error) {\r\n console.error(\"Token verification details:\", {\r\n error:\r\n error instanceof Error\r\n ? {\r\n name: error.name,\r\n message: error.message,\r\n stack: error.stack,\r\n }\r\n : error,\r\n decoded: decodeJwt(token),\r\n //projectId,\r\n isSessionCookie,\r\n })\r\n \r\n return {\r\n valid: false,\r\n error: error instanceof Error ? error.message : \"Invalid token\",\r\n }\r\n }\r\n }"],"mappings":"AAAA,SAAS,WAAW,0BAA0B;AAC9C,SAAS,aAAa;AAqBtB,MAAM,wBAAwB;AAC9B,MAAM,4BAA4B;AAGlC,MAAM,iBAAiB,MAAM,MAAM;AACjC,SAAO,mBAAmB,IAAI,IAAI,qBAAqB,GAAG;AAAA,IACxD,aAAa;AAAA;AAAA,IACb,iBAAiB;AAAA;AAAA,IACjB,kBAAkB;AAAA;AAAA,EACpB,CAAC;AACH,CAAC;AAED,MAAM,iBAAiB,MAAM,MAAM;AACjC,SAAO,mBAAmB,IAAI,IAAI,yBAAyB,GAAG;AAAA,IAC5D,aAAa;AAAA;AAAA,IACb,iBAAiB;AAAA;AAAA,IACjB,kBAAkB;AAAA;AAAA,EACpB,CAAC;AACH,CAAC;AAGD,SAAS,UAAU,OAAe;AAChC,MAAI;AACF,UAAM,CAAC,WAAW,UAAU,IAAI,MAAM,MAAM,GAAG;AAC/C,UAAM,SAAS,KAAK,MAAM,OAAO,KAAK,WAAW,QAAQ,EAAE,SAAS,CAAC;AACrE,UAAM,UAAU,KAAK,MAAM,OAAO,KAAK,YAAY,QAAQ,EAAE,SAAS,CAAC;AACvE,WAAO,EAAE,QAAQ,QAAQ;AAAA,EAC3B,SAAS,OAAO;AACd,YAAQ,MAAM,uBAAuB,KAAK;AAC1C,WAAO;AAAA,EACT;AACF;AAEA,eAAsB,oBAAoB,OAAe,kBAAkB,OAAO;AAChF,MAAI;AACF,UAAM,YAAY,QAAQ,IAAI;AAC9B,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,MAAM,uCAAuC;AAAA,IACzD;AAGA,UAAM,UAAU,UAAU,KAAK;AAC/B,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,MAAM,sBAAsB;AAAA,IACxC;AASA,UAAM,OAAO,kBAAkB,MAAM,eAAe,IAAI,MAAM,eAAe;AAE7E,UAAM,EAAE,QAAQ,IAAI,MAAM,UAAU,OAAO,MAAM;AAAA,MAC3C,QAAQ,kBACJ,yCAAyC,YACzC,oCAAoC;AAAA,MACxC,UAAU;AAAA,MACV,YAAY,CAAC,OAAO;AAAA,IAC1B,CAAC;AAED,UAAM,kBAAkB;AACxB,UAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AAGxC,QAAI,CAAC,gBAAgB,KAAK;AACpB,YAAM,IAAI,MAAM,wBAAwB;AAAA,IAC9C;AAEA,WAAO;AAAA,MACD,OAAO;AAAA,MACP,KAAK,gBAAgB;AAAA,MACrB,OAAO,gBAAgB;AAAA,MACvB,eAAe,gBAAgB;AAAA,MAC/B,UAAU,gBAAgB;AAAA,MAC1B,UAAU,gBAAgB;AAAA,MAC1B,WAAW,gBAAgB;AAAA,IAC7B;AAAA,EACJ,SAAS,OAAO;AACZ,YAAQ,MAAM,+BAA+B;AAAA,MAC3C,OACE,iBAAiB,QACb;AAAA,QACE,MAAM,MAAM;AAAA,QACZ,SAAS,MAAM;AAAA,QACf,OAAO,MAAM;AAAA,MACf,IACA;AAAA,MACN,SAAS,UAAU,KAAK;AAAA;AAAA,MAExB;AAAA,IACF,CAAC;AAED,WAAO;AAAA,MACL,OAAO;AAAA,MACP,OAAO,iBAAiB,QAAQ,MAAM,UAAU;AAAA,IAClD;AAAA,EACF;AACF;","names":[]}
|
|
@@ -8,7 +8,6 @@ const allNextProviderPropsWithEnv = (nextProps) => {
|
|
|
8
8
|
projectId: propsProjectId,
|
|
9
9
|
customDomain: propsCustomDomain,
|
|
10
10
|
proxyUrl: propsProxyUrl,
|
|
11
|
-
environment: propsEnvironment,
|
|
12
11
|
requiresVerification: propsRequiresVerification,
|
|
13
12
|
isTernSecureDev: propsIsTernSecureDev,
|
|
14
13
|
enableServiceWorker: propsEnableServiceWorker,
|
|
@@ -43,7 +42,6 @@ const allNextProviderPropsWithEnv = (nextProps) => {
|
|
|
43
42
|
const finalProjectId = propsProjectId ?? envConfig.projectId;
|
|
44
43
|
const finalCustomDomain = propsCustomDomain ?? envConfig.customDomain;
|
|
45
44
|
const finalProxyUrl = propsProxyUrl ?? envConfig.proxyUrl;
|
|
46
|
-
const finalEnvironment = propsEnvironment ?? envConfig.environment;
|
|
47
45
|
const finalSignInUrl = signInUrl ?? envConfig.signInUrl;
|
|
48
46
|
const finalSignUpUrl = signUpUrl ?? envConfig.signUpUrl;
|
|
49
47
|
const finalSignInForceRedirectUrl = propsSignInForceRedirectUrl ?? envConfig.signInForceRedirectUrl;
|
|
@@ -55,7 +53,6 @@ const allNextProviderPropsWithEnv = (nextProps) => {
|
|
|
55
53
|
projectId: finalProjectId,
|
|
56
54
|
customDomain: finalCustomDomain,
|
|
57
55
|
proxyUrl: finalProxyUrl,
|
|
58
|
-
environment: finalEnvironment,
|
|
59
56
|
// Set the Firebase configuration properties
|
|
60
57
|
ternSecureConfig,
|
|
61
58
|
// Set properties explicitly taken from TernSecureNextProps (props version)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/utils/allNextProviderProps.ts"],"sourcesContent":["import type { TernSecureNextProps } from \"../types\";\nimport type { \n TernSecureProviderProps, \n IsomorphicTernSecureOptions \n} from \"@tern-secure/react\";\n\n// Helper type for the return value, as children are handled by the consuming component\ntype NextProviderProcessedProps = Omit<TernSecureProviderProps, 'children'>;\n\nexport const allNextProviderPropsWithEnv = (\n nextProps: Omit<TernSecureNextProps, 'children'>\n): NextProviderProcessedProps => {\n const {\n signInUrl,\n signUpUrl,\n signInForceRedirectUrl: propsSignInForceRedirectUrl,\n signUpForceRedirectUrl: propsSignUpForceRedirectUrl,\n apiKey: propsApiKey,\n projectId: propsProjectId,\n customDomain: propsCustomDomain,\n proxyUrl: propsProxyUrl,\n
|
|
1
|
+
{"version":3,"sources":["../../../src/utils/allNextProviderProps.ts"],"sourcesContent":["import type { TernSecureNextProps } from \"../types\";\nimport type { \n TernSecureProviderProps, \n IsomorphicTernSecureOptions \n} from \"@tern-secure/react\";\n\n// Helper type for the return value, as children are handled by the consuming component\ntype NextProviderProcessedProps = Omit<TernSecureProviderProps, 'children'>;\n\nexport const allNextProviderPropsWithEnv = (\n nextProps: Omit<TernSecureNextProps, 'children'>\n): NextProviderProcessedProps => {\n const {\n signInUrl,\n signUpUrl,\n signInForceRedirectUrl: propsSignInForceRedirectUrl,\n signUpForceRedirectUrl: propsSignUpForceRedirectUrl,\n apiKey: propsApiKey,\n projectId: propsProjectId,\n customDomain: propsCustomDomain,\n proxyUrl: propsProxyUrl,\n requiresVerification: propsRequiresVerification,\n isTernSecureDev: propsIsTernSecureDev,\n enableServiceWorker: propsEnableServiceWorker,\n loadingComponent: propsLoadingComponent,\n ...baseProps \n } = nextProps;\n\n const envConfig = {\n apiKey: process.env.NEXT_PUBLIC_TERN_API_KEY,\n projectId: process.env.NEXT_PUBLIC_TERN_PROJECT_ID,\n customDomain: process.env.NEXT_PUBLIC_TERN_CUSTOM_DOMAIN,\n proxyUrl: process.env.NEXT_PUBLIC_TERN_PROXY_URL,\n environment: process.env.NEXT_PUBLIC_TERN_ENVIRONMENT,\n signInUrl: process.env.NEXT_PUBLIC_SIGN_IN_URL,\n signUpUrl: process.env.NEXT_PUBLIC_SIGN_UP_URL,\n signInForceRedirectUrl: process.env.NEXT_PUBLIC_SIGN_IN_FORCE_REDIRECT_URL,\n signUpForceRedirectUrl: process.env.NEXT_PUBLIC_SIGN_UP_FORCE_REDIRECT_URL,\n projectIdAdmin: process.env.FIREBASE_PROJECT_ID,\n clientEmail: process.env.FIREBASE_CLIENT_EMAIL,\n privateKey: process.env.FIREBASE_PRIVATE_KEY,\n };\n\n const ternSecureConfig = {\n apiKey: process.env.NEXT_PUBLIC_FIREBASE_API_KEY || '',\n authDomain: process.env.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN || '',\n appName: process.env.NEXT_PUBLIC_FIREBASE_APP_NAME || '',\n projectId: process.env.NEXT_PUBLIC_FIREBASE_PROJECT_ID || '',\n storageBucket: process.env.NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET || '',\n messagingSenderId: process.env.NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID || '',\n appId: process.env.NEXT_PUBLIC_FIREBASE_APP_ID || '',\n measurementId: process.env.NEXT_PUBLIC_FIREBASE_MEASUREMENTID\n };\n\n // Merge config values: props take precedence over environment variables\n const finalApiKey = propsApiKey ?? envConfig.apiKey;\n const finalProjectId = propsProjectId ?? envConfig.projectId;\n const finalCustomDomain = propsCustomDomain ?? envConfig.customDomain;\n const finalProxyUrl = propsProxyUrl ?? envConfig.proxyUrl;\n const finalSignInUrl = signInUrl ?? envConfig.signInUrl;\n const finalSignUpUrl = signUpUrl ?? envConfig.signUpUrl;\n const finalSignInForceRedirectUrl = propsSignInForceRedirectUrl ?? envConfig.signInForceRedirectUrl;\n const finalSignUpForceRedirectUrl = propsSignUpForceRedirectUrl ?? envConfig.signUpForceRedirectUrl\n\n // Construct the result, ensuring it conforms to NextProviderProcessedProps\n // (Omit<TernSecureProviderProps, 'children'>)\n const result: NextProviderProcessedProps = {\n ...(baseProps as Omit<TernSecureProviderProps, 'children' | keyof IsomorphicTernSecureOptions | 'requiresVerification' | 'loadingComponent'>),\n \n // Set the merged/prioritized instance configuration properties\n apiKey: finalApiKey,\n projectId: finalProjectId,\n customDomain: finalCustomDomain,\n proxyUrl: finalProxyUrl,\n\n // Set the Firebase configuration properties\n ternSecureConfig,\n \n // Set properties explicitly taken from TernSecureNextProps (props version)\n // These are part of the TernSecureProviderProps interface.\n requiresVerification: propsRequiresVerification,\n isTernSecureDev: propsIsTernSecureDev,\n enableServiceWorker: propsEnableServiceWorker,\n loadingComponent: propsLoadingComponent,\n\n //TernSecure: baseProps.Instance,\n initialState: baseProps.initialState,\n bypassApiKey: baseProps.bypassApiKey,\n initialSession: baseProps.initialSession,\n defaultAppearance: baseProps.defaultAppearance,\n signInUrl: finalSignInUrl,\n signUpUrl: finalSignUpUrl,\n signInForceRedirectUrl: finalSignInForceRedirectUrl,\n signUpForceRedirectUrl: finalSignUpForceRedirectUrl,\n mode: baseProps.mode,\n onAuthStateChanged: baseProps.onAuthStateChanged,\n onError: baseProps.onError,\n };\n\n // Clean up undefined keys that might have resulted from spreading if not present in baseProps\n // and also not set by merged values (e.g. if env var is also undefined)\n Object.keys(result).forEach(key => {\n if (result[key as keyof NextProviderProcessedProps] === undefined) {\n delete result[key as keyof NextProviderProcessedProps];\n }\n });\n\n return result;\n};"],"mappings":"AASO,MAAM,8BAA8B,CACzC,cAC+B;AAC/B,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA,wBAAwB;AAAA,IACxB,wBAAwB;AAAA,IACxB,QAAQ;AAAA,IACR,WAAW;AAAA,IACX,cAAc;AAAA,IACd,UAAU;AAAA,IACV,sBAAsB;AAAA,IACtB,iBAAiB;AAAA,IACjB,qBAAqB;AAAA,IACrB,kBAAkB;AAAA,IAClB,GAAG;AAAA,EACL,IAAI;AAEJ,QAAM,YAAY;AAAA,IAChB,QAAQ,QAAQ,IAAI;AAAA,IACpB,WAAW,QAAQ,IAAI;AAAA,IACvB,cAAc,QAAQ,IAAI;AAAA,IAC1B,UAAU,QAAQ,IAAI;AAAA,IACtB,aAAa,QAAQ,IAAI;AAAA,IACzB,WAAW,QAAQ,IAAI;AAAA,IACvB,WAAW,QAAQ,IAAI;AAAA,IACvB,wBAAwB,QAAQ,IAAI;AAAA,IACpC,wBAAwB,QAAQ,IAAI;AAAA,IACpC,gBAAgB,QAAQ,IAAI;AAAA,IAC5B,aAAa,QAAQ,IAAI;AAAA,IACzB,YAAY,QAAQ,IAAI;AAAA,EAC1B;AAEA,QAAM,mBAAmB;AAAA,IACvB,QAAQ,QAAQ,IAAI,gCAAgC;AAAA,IACpD,YAAY,QAAQ,IAAI,oCAAoC;AAAA,IAC5D,SAAS,QAAQ,IAAI,iCAAiC;AAAA,IACtD,WAAW,QAAQ,IAAI,mCAAmC;AAAA,IAC1D,eAAe,QAAQ,IAAI,uCAAuC;AAAA,IAClE,mBAAmB,QAAQ,IAAI,4CAA4C;AAAA,IAC3E,OAAO,QAAQ,IAAI,+BAA+B;AAAA,IAClD,eAAe,QAAQ,IAAI;AAAA,EAC7B;AAGA,QAAM,cAAc,eAAe,UAAU;AAC7C,QAAM,iBAAiB,kBAAkB,UAAU;AACnD,QAAM,oBAAoB,qBAAqB,UAAU;AACzD,QAAM,gBAAgB,iBAAiB,UAAU;AACjD,QAAM,iBAAiB,aAAa,UAAU;AAC9C,QAAM,iBAAiB,aAAa,UAAU;AAC9C,QAAM,8BAA8B,+BAA+B,UAAU;AAC7E,QAAM,8BAA8B,+BAA+B,UAAU;AAI7E,QAAM,SAAqC;AAAA,IACzC,GAAI;AAAA;AAAA,IAGJ,QAAQ;AAAA,IACR,WAAW;AAAA,IACX,cAAc;AAAA,IACd,UAAU;AAAA;AAAA,IAGV;AAAA;AAAA;AAAA,IAIA,sBAAsB;AAAA,IACtB,iBAAiB;AAAA,IACjB,qBAAqB;AAAA,IACrB,kBAAkB;AAAA;AAAA,IAGlB,cAAc,UAAU;AAAA,IACxB,cAAc,UAAU;AAAA,IACxB,gBAAgB,UAAU;AAAA,IAC1B,mBAAmB,UAAU;AAAA,IAC7B,WAAW;AAAA,IACX,WAAW;AAAA,IACX,wBAAwB;AAAA,IACxB,wBAAwB;AAAA,IACxB,MAAM,UAAU;AAAA,IAChB,oBAAoB,UAAU;AAAA,IAC9B,SAAS,UAAU;AAAA,EACrB;AAIA,SAAO,KAAK,MAAM,EAAE,QAAQ,SAAO;AACjC,QAAI,OAAO,GAAuC,MAAM,QAAW;AACjE,aAAO,OAAO,GAAuC;AAAA,IACvD;AAAA,EACF,CAAC;AAED,SAAO;AACT;","names":[]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"allNextProviderProps.d.ts","sourceRoot":"","sources":["../../../src/utils/allNextProviderProps.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AACpD,OAAO,KAAK,EACV,uBAAuB,EAExB,MAAM,oBAAoB,CAAC;AAG5B,KAAK,0BAA0B,GAAG,IAAI,CAAC,uBAAuB,EAAE,UAAU,CAAC,CAAC;AAE5E,eAAO,MAAM,2BAA2B,GACtC,WAAW,IAAI,CAAC,mBAAmB,EAAE,UAAU,CAAC,KAC/C,
|
|
1
|
+
{"version":3,"file":"allNextProviderProps.d.ts","sourceRoot":"","sources":["../../../src/utils/allNextProviderProps.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AACpD,OAAO,KAAK,EACV,uBAAuB,EAExB,MAAM,oBAAoB,CAAC;AAG5B,KAAK,0BAA0B,GAAG,IAAI,CAAC,uBAAuB,EAAE,UAAU,CAAC,CAAC;AAE5E,eAAO,MAAM,2BAA2B,GACtC,WAAW,IAAI,CAAC,mBAAmB,EAAE,UAAU,CAAC,KAC/C,0BAiGF,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@tern-secure/nextjs",
|
|
3
|
-
"version": "5.1.
|
|
3
|
+
"version": "5.1.6",
|
|
4
4
|
"publishConfig": {
|
|
5
5
|
"access": "public"
|
|
6
6
|
},
|
|
@@ -54,12 +54,12 @@
|
|
|
54
54
|
"dependencies": {
|
|
55
55
|
"jose": "^5.9.6",
|
|
56
56
|
"tslib": "2.4.1",
|
|
57
|
-
"@tern-secure/
|
|
58
|
-
"@tern-secure/react": "1.1.
|
|
59
|
-
"@tern-secure/shared": "1.
|
|
60
|
-
"@tern-secure/types": "1.0.3"
|
|
57
|
+
"@tern-secure/types": "1.0.4",
|
|
58
|
+
"@tern-secure/react": "1.1.3",
|
|
59
|
+
"@tern-secure/shared": "1.2.0"
|
|
61
60
|
},
|
|
62
61
|
"peerDependencies": {
|
|
62
|
+
"firebase-admin": "^12.7.0",
|
|
63
63
|
"next": "^13.0.0 || ^14.0.0 || ^15.0.0",
|
|
64
64
|
"react": "^19",
|
|
65
65
|
"react-dom": "^19"
|