@tern-secure/nextjs 5.2.0-canary.v20251020032343 → 5.2.0-canary.v20251023005301
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/app-router/admin/actions.js +4 -2
- package/dist/cjs/app-router/admin/actions.js.map +1 -1
- package/dist/cjs/app-router/admin/cookieOptionsHelper.js +51 -0
- package/dist/cjs/app-router/admin/cookieOptionsHelper.js.map +1 -0
- package/dist/cjs/app-router/admin/request.js +2 -6
- package/dist/cjs/app-router/admin/request.js.map +1 -1
- package/dist/cjs/app-router/admin/types.js +1 -0
- package/dist/cjs/app-router/admin/types.js.map +1 -1
- package/dist/cjs/app-router/client/TernSecureProvider.js +11 -1
- package/dist/cjs/app-router/client/TernSecureProvider.js.map +1 -1
- package/dist/cjs/app-router/client/useAwaitablePush.js +39 -0
- package/dist/cjs/app-router/client/useAwaitablePush.js.map +1 -0
- package/dist/cjs/app-router/client/useAwaitableReplace.js +39 -0
- package/dist/cjs/app-router/client/useAwaitableReplace.js.map +1 -0
- package/dist/cjs/app-router/client/useInternalNavFun.js +73 -0
- package/dist/cjs/app-router/client/useInternalNavFun.js.map +1 -0
- package/dist/cjs/app-router/server/auth.js +1 -2
- package/dist/cjs/app-router/server/auth.js.map +1 -1
- package/dist/cjs/index.js.map +1 -1
- package/dist/cjs/server/node/ternSecureNodeMiddleware.js +2 -3
- package/dist/cjs/server/node/ternSecureNodeMiddleware.js.map +1 -1
- package/dist/cjs/server/protect.js.map +1 -1
- package/dist/cjs/server/ternSecureEdgeMiddleware.js +5 -11
- package/dist/cjs/server/ternSecureEdgeMiddleware.js.map +1 -1
- package/dist/cjs/utils/allNextProviderProps.js +18 -2
- package/dist/cjs/utils/allNextProviderProps.js.map +1 -1
- package/dist/cjs/utils/removeBasePath.js +36 -0
- package/dist/cjs/utils/removeBasePath.js.map +1 -0
- package/dist/esm/app-router/admin/actions.js +4 -2
- package/dist/esm/app-router/admin/actions.js.map +1 -1
- package/dist/esm/app-router/admin/cookieOptionsHelper.js +26 -0
- package/dist/esm/app-router/admin/cookieOptionsHelper.js.map +1 -0
- package/dist/esm/app-router/admin/request.js +2 -6
- package/dist/esm/app-router/admin/request.js.map +1 -1
- package/dist/esm/app-router/admin/types.js +1 -0
- package/dist/esm/app-router/admin/types.js.map +1 -1
- package/dist/esm/app-router/client/TernSecureProvider.js +11 -1
- package/dist/esm/app-router/client/TernSecureProvider.js.map +1 -1
- package/dist/esm/app-router/client/useAwaitablePush.js +15 -0
- package/dist/esm/app-router/client/useAwaitablePush.js.map +1 -0
- package/dist/esm/app-router/client/useAwaitableReplace.js +15 -0
- package/dist/esm/app-router/client/useAwaitableReplace.js.map +1 -0
- package/dist/esm/app-router/client/useInternalNavFun.js +49 -0
- package/dist/esm/app-router/client/useInternalNavFun.js.map +1 -0
- package/dist/esm/app-router/server/auth.js +1 -2
- package/dist/esm/app-router/server/auth.js.map +1 -1
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/server/node/ternSecureNodeMiddleware.js +1 -2
- package/dist/esm/server/node/ternSecureNodeMiddleware.js.map +1 -1
- package/dist/esm/server/protect.js.map +1 -1
- package/dist/esm/server/ternSecureEdgeMiddleware.js +5 -11
- package/dist/esm/server/ternSecureEdgeMiddleware.js.map +1 -1
- package/dist/esm/utils/allNextProviderProps.js +18 -2
- package/dist/esm/utils/allNextProviderProps.js.map +1 -1
- package/dist/esm/utils/removeBasePath.js +12 -0
- package/dist/esm/utils/removeBasePath.js.map +1 -0
- package/dist/types/app-router/admin/actions.d.ts +5 -4
- package/dist/types/app-router/admin/actions.d.ts.map +1 -1
- package/dist/types/app-router/admin/cookieOptionsHelper.d.ts +23 -0
- package/dist/types/app-router/admin/cookieOptionsHelper.d.ts.map +1 -0
- package/dist/types/app-router/admin/request.d.ts.map +1 -1
- package/dist/types/app-router/admin/types.d.ts.map +1 -1
- package/dist/types/app-router/client/TernSecureProvider.d.ts.map +1 -1
- package/dist/types/app-router/client/useAwaitablePush.d.ts +13 -0
- package/dist/types/app-router/client/useAwaitablePush.d.ts.map +1 -0
- package/dist/types/app-router/client/useAwaitableReplace.d.ts +13 -0
- package/dist/types/app-router/client/useAwaitableReplace.d.ts.map +1 -0
- package/dist/types/app-router/client/useInternalNavFun.d.ts +7 -0
- package/dist/types/app-router/client/useInternalNavFun.d.ts.map +1 -0
- package/dist/types/app-router/server/auth.d.ts +1 -2
- package/dist/types/app-router/server/auth.d.ts.map +1 -1
- package/dist/types/index.d.ts +2 -2
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/server/node/ternSecureNodeMiddleware.d.ts.map +1 -1
- package/dist/types/server/protect.d.ts +1 -2
- package/dist/types/server/protect.d.ts.map +1 -1
- package/dist/types/server/ternSecureEdgeMiddleware.d.ts +1 -2
- package/dist/types/server/ternSecureEdgeMiddleware.d.ts.map +1 -1
- package/dist/types/utils/allNextProviderProps.d.ts +2 -2
- package/dist/types/utils/allNextProviderProps.d.ts.map +1 -1
- package/dist/types/utils/removeBasePath.d.ts +7 -0
- package/dist/types/utils/removeBasePath.d.ts.map +1 -0
- package/package.json +5 -5
- package/dist/cjs/server/redirect.js +0 -84
- package/dist/cjs/server/redirect.js.map +0 -1
- package/dist/esm/server/redirect.js +0 -60
- package/dist/esm/server/redirect.js.map +0 -1
- package/dist/types/server/redirect.d.ts +0 -20
- package/dist/types/server/redirect.d.ts.map +0 -1
|
@@ -30,6 +30,7 @@ module.exports = __toCommonJS(actions_exports);
|
|
|
30
30
|
var import_admin = require("@tern-secure/backend/admin");
|
|
31
31
|
var import_NextCookieAdapter = require("../../utils/NextCookieAdapter");
|
|
32
32
|
var import_constants = require("./constants");
|
|
33
|
+
var import_cookieOptionsHelper = require("./cookieOptionsHelper");
|
|
33
34
|
async function createSessionCookieServer(idToken) {
|
|
34
35
|
const cookieStore = new import_NextCookieAdapter.NextCookieStore();
|
|
35
36
|
return (0, import_admin.createSessionCookie)(idToken, cookieStore);
|
|
@@ -38,8 +39,9 @@ async function clearSessionCookieServer() {
|
|
|
38
39
|
const cookieStore = new import_NextCookieAdapter.NextCookieStore();
|
|
39
40
|
return (0, import_admin.clearSessionCookie)(cookieStore);
|
|
40
41
|
}
|
|
41
|
-
async function clearNextSessionCookie() {
|
|
42
|
-
|
|
42
|
+
async function clearNextSessionCookie(options) {
|
|
43
|
+
const deleteOptions = (0, import_cookieOptionsHelper.getDeleteOptions)(options);
|
|
44
|
+
return (0, import_admin.ClearNextSessionCookie)(import_constants.TENANT_ID, deleteOptions);
|
|
43
45
|
}
|
|
44
46
|
async function setNextServerSession(idToken) {
|
|
45
47
|
return (0, import_admin.SetNextServerSession)(idToken);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/app-router/admin/actions.ts"],"sourcesContent":["'use server'
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/admin/actions.ts"],"sourcesContent":["'use server';\n\nimport {\n ClearNextSessionCookie,\n clearSessionCookie,\n CreateNextSessionCookie,\n createSessionCookie,\n SetNextServerSession,\n SetNextServerToken,\n} from '@tern-secure/backend/admin';\n\nimport { NextCookieStore } from '../../utils/NextCookieAdapter';\nimport { TENANT_ID } from './constants';\nimport { getDeleteOptions } from './cookieOptionsHelper';\nimport type { TernSecureHandlerOptions } from './types';\n\nexport async function createSessionCookieServer(idToken: string) {\n const cookieStore = new NextCookieStore();\n return createSessionCookie(idToken, cookieStore);\n}\n\nexport async function clearSessionCookieServer() {\n const cookieStore = new NextCookieStore();\n return clearSessionCookie(cookieStore);\n}\n\nexport async function clearNextSessionCookie(options?: {\n cookies?: TernSecureHandlerOptions['cookies'];\n revokeRefreshTokensOnSignOut?: boolean;\n}) {\n const deleteOptions = getDeleteOptions(options);\n return ClearNextSessionCookie(TENANT_ID, deleteOptions);\n}\n\nexport async function setNextServerSession(idToken: string) {\n return SetNextServerSession(idToken);\n}\n\nexport async function setNextServerToken(token: string) {\n return SetNextServerToken(token);\n}\n\nexport async function createNextSessionCookie(idToken: string) {\n return CreateNextSessionCookie(idToken);\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAEA,mBAOO;AAEP,+BAAgC;AAChC,uBAA0B;AAC1B,iCAAiC;AAGjC,eAAsB,0BAA0B,SAAiB;AAC/D,QAAM,cAAc,IAAI,yCAAgB;AACxC,aAAO,kCAAoB,SAAS,WAAW;AACjD;AAEA,eAAsB,2BAA2B;AAC/C,QAAM,cAAc,IAAI,yCAAgB;AACxC,aAAO,iCAAmB,WAAW;AACvC;AAEA,eAAsB,uBAAuB,SAG1C;AACD,QAAM,oBAAgB,6CAAiB,OAAO;AAC9C,aAAO,qCAAuB,4BAAW,aAAa;AACxD;AAEA,eAAsB,qBAAqB,SAAiB;AAC1D,aAAO,mCAAqB,OAAO;AACrC;AAEA,eAAsB,mBAAmB,OAAe;AACtD,aAAO,iCAAmB,KAAK;AACjC;AAEA,eAAsB,wBAAwB,SAAiB;AAC7D,aAAO,sCAAwB,OAAO;AACxC;","names":[]}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __defProp = Object.defineProperty;
|
|
3
|
+
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
4
|
+
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
5
|
+
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
6
|
+
var __export = (target, all) => {
|
|
7
|
+
for (var name in all)
|
|
8
|
+
__defProp(target, name, { get: all[name], enumerable: true });
|
|
9
|
+
};
|
|
10
|
+
var __copyProps = (to, from, except, desc) => {
|
|
11
|
+
if (from && typeof from === "object" || typeof from === "function") {
|
|
12
|
+
for (let key of __getOwnPropNames(from))
|
|
13
|
+
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
14
|
+
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
15
|
+
}
|
|
16
|
+
return to;
|
|
17
|
+
};
|
|
18
|
+
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
19
|
+
var cookieOptionsHelper_exports = {};
|
|
20
|
+
__export(cookieOptionsHelper_exports, {
|
|
21
|
+
getCookieOptions: () => getCookieOptions,
|
|
22
|
+
getDeleteOptions: () => getDeleteOptions
|
|
23
|
+
});
|
|
24
|
+
module.exports = __toCommonJS(cookieOptionsHelper_exports);
|
|
25
|
+
var import_types = require("./types");
|
|
26
|
+
function getCookieOptions(config) {
|
|
27
|
+
return {
|
|
28
|
+
path: config?.cookies?.path ?? import_types.DEFAULT_COOKIE_OPTIONS.path ?? "/",
|
|
29
|
+
httpOnly: config?.cookies?.httpOnly ?? import_types.DEFAULT_COOKIE_OPTIONS.httpOnly ?? true,
|
|
30
|
+
secure: config?.cookies?.secure ?? import_types.DEFAULT_COOKIE_OPTIONS.secure ?? process.env.NODE_ENV === "production",
|
|
31
|
+
sameSite: config?.cookies?.sameSite ?? import_types.DEFAULT_COOKIE_OPTIONS.sameSite ?? "strict",
|
|
32
|
+
maxAge: config?.cookies?.maxAge ?? import_types.DEFAULT_COOKIE_OPTIONS.maxAge,
|
|
33
|
+
priority: config?.cookies?.priority ?? import_types.DEFAULT_COOKIE_OPTIONS.priority
|
|
34
|
+
};
|
|
35
|
+
}
|
|
36
|
+
function getDeleteOptions(options) {
|
|
37
|
+
return {
|
|
38
|
+
path: options?.cookies?.path ?? import_types.DEFAULT_COOKIE_OPTIONS.path ?? "/",
|
|
39
|
+
httpOnly: options?.cookies?.httpOnly ?? import_types.DEFAULT_COOKIE_OPTIONS.httpOnly ?? true,
|
|
40
|
+
secure: options?.cookies?.secure ?? import_types.DEFAULT_COOKIE_OPTIONS.secure ?? process.env.NODE_ENV === "production",
|
|
41
|
+
sameSite: options?.cookies?.sameSite ?? import_types.DEFAULT_COOKIE_OPTIONS.sameSite ?? "strict",
|
|
42
|
+
revokeRefreshTokensOnSignOut: options?.revokeRefreshTokensOnSignOut ?? true
|
|
43
|
+
// Domain is intentionally omitted to use current domain
|
|
44
|
+
};
|
|
45
|
+
}
|
|
46
|
+
// Annotate the CommonJS export names for ESM import in node:
|
|
47
|
+
0 && (module.exports = {
|
|
48
|
+
getCookieOptions,
|
|
49
|
+
getDeleteOptions
|
|
50
|
+
});
|
|
51
|
+
//# sourceMappingURL=cookieOptionsHelper.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/admin/cookieOptionsHelper.ts"],"sourcesContent":["import type { CookieOptions, TernSecureHandlerOptions } from '@tern-secure/types';\n\nimport { DEFAULT_COOKIE_OPTIONS } from './types';\n\n/**\n * Creates complete cookie options by merging config with defaults\n * Used for both setting and deleting cookies to ensure consistency\n */\nexport function getCookieOptions(\n config?: TernSecureHandlerOptions,\n): Required<Pick<CookieOptions, 'path' | 'httpOnly' | 'secure' | 'sameSite'>> &\n Pick<CookieOptions, 'maxAge' | 'priority'> {\n return {\n path: config?.cookies?.path ?? DEFAULT_COOKIE_OPTIONS.path ?? '/',\n httpOnly: config?.cookies?.httpOnly ?? DEFAULT_COOKIE_OPTIONS.httpOnly ?? true,\n secure:\n config?.cookies?.secure ?? DEFAULT_COOKIE_OPTIONS.secure ?? process.env.NODE_ENV === 'production',\n sameSite: config?.cookies?.sameSite ?? DEFAULT_COOKIE_OPTIONS.sameSite ?? 'strict',\n maxAge: config?.cookies?.maxAge ?? DEFAULT_COOKIE_OPTIONS.maxAge,\n priority: config?.cookies?.priority ?? DEFAULT_COOKIE_OPTIONS.priority,\n };\n}\n\n/**\n * Extracts options needed for cookie deletion\n * For __HOST- prefixed cookies, all security attributes must match\n * @param options - Object containing cookies config and revokeRefreshTokensOnSignOut flag\n */\nexport function getDeleteOptions(options?: {\n cookies?: TernSecureHandlerOptions['cookies'];\n revokeRefreshTokensOnSignOut?: boolean;\n}): {\n path: string;\n httpOnly?: boolean;\n secure?: boolean;\n domain?: string;\n sameSite?: 'lax' | 'strict' | 'none';\n revokeRefreshTokensOnSignOut?: boolean;\n} {\n return {\n path: options?.cookies?.path ?? DEFAULT_COOKIE_OPTIONS.path ?? '/',\n httpOnly: options?.cookies?.httpOnly ?? DEFAULT_COOKIE_OPTIONS.httpOnly ?? true,\n secure:\n options?.cookies?.secure ?? DEFAULT_COOKIE_OPTIONS.secure ?? process.env.NODE_ENV === 'production',\n sameSite: options?.cookies?.sameSite ?? DEFAULT_COOKIE_OPTIONS.sameSite ?? 'strict',\n revokeRefreshTokensOnSignOut: options?.revokeRefreshTokensOnSignOut ?? true,\n // Domain is intentionally omitted to use current domain\n };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAEA,mBAAuC;AAMhC,SAAS,iBACd,QAE2C;AAC3C,SAAO;AAAA,IACL,MAAM,QAAQ,SAAS,QAAQ,oCAAuB,QAAQ;AAAA,IAC9D,UAAU,QAAQ,SAAS,YAAY,oCAAuB,YAAY;AAAA,IAC1E,QACE,QAAQ,SAAS,UAAU,oCAAuB,UAAU,QAAQ,IAAI,aAAa;AAAA,IACvF,UAAU,QAAQ,SAAS,YAAY,oCAAuB,YAAY;AAAA,IAC1E,QAAQ,QAAQ,SAAS,UAAU,oCAAuB;AAAA,IAC1D,UAAU,QAAQ,SAAS,YAAY,oCAAuB;AAAA,EAChE;AACF;AAOO,SAAS,iBAAiB,SAU/B;AACA,SAAO;AAAA,IACL,MAAM,SAAS,SAAS,QAAQ,oCAAuB,QAAQ;AAAA,IAC/D,UAAU,SAAS,SAAS,YAAY,oCAAuB,YAAY;AAAA,IAC3E,QACE,SAAS,SAAS,UAAU,oCAAuB,UAAU,QAAQ,IAAI,aAAa;AAAA,IACxF,UAAU,SAAS,SAAS,YAAY,oCAAuB,YAAY;AAAA,IAC3E,8BAA8B,SAAS,gCAAgC;AAAA;AAAA,EAEzE;AACF;","names":[]}
|
|
@@ -26,6 +26,7 @@ var import_auth = require("@tern-secure/backend/auth");
|
|
|
26
26
|
var import_cookie = require("@tern-secure/shared/cookie");
|
|
27
27
|
var import_ternsecureClient = require("../../server/ternsecureClient");
|
|
28
28
|
var import_constants = require("./constants");
|
|
29
|
+
var import_cookieOptionsHelper = require("./cookieOptionsHelper");
|
|
29
30
|
async function refreshCookieWithIdToken(idToken, cookieStore, config, referrer) {
|
|
30
31
|
const backendClient = await (0, import_ternsecureClient.ternSecureBackendClient)();
|
|
31
32
|
const authOptions = {
|
|
@@ -40,12 +41,7 @@ async function refreshCookieWithIdToken(idToken, cookieStore, config, referrer)
|
|
|
40
41
|
},
|
|
41
42
|
apiClient: backendClient
|
|
42
43
|
};
|
|
43
|
-
const COOKIE_OPTIONS =
|
|
44
|
-
httpOnly: config?.cookies?.httpOnly,
|
|
45
|
-
secure: config?.cookies?.secure,
|
|
46
|
-
sameSite: config?.cookies?.sameSite,
|
|
47
|
-
maxAge: config?.cookies?.maxAge
|
|
48
|
-
};
|
|
44
|
+
const COOKIE_OPTIONS = (0, import_cookieOptionsHelper.getCookieOptions)(config);
|
|
49
45
|
const { createCustomIdAndRefreshToken } = (0, import_auth.getAuth)(authOptions);
|
|
50
46
|
const customTokens = await createCustomIdAndRefreshToken(idToken, { referer: referrer });
|
|
51
47
|
const cookiePrefix = (0, import_cookie.getCookiePrefix)();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/app-router/admin/request.ts"],"sourcesContent":["import type { AuthenticateRequestOptions } from '@tern-secure/backend';\nimport { constants } from '@tern-secure/backend';\nimport { getAuth } from '@tern-secure/backend/auth';\nimport { getCookieName, getCookiePrefix } from '@tern-secure/shared/cookie';\n\nimport { ternSecureBackendClient } from '../../server/ternsecureClient';\nimport type { NextCookieStore } from '../../utils/NextCookieAdapter';\nimport {\n FIREBASE_API_KEY,\n FIREBASE_APP_ID,\n FIREBASE_AUTH_DOMAIN,\n FIREBASE_MESSAGING_SENDER_ID,\n FIREBASE_PROJECT_ID,\n FIREBASE_STORAGE_BUCKET,\n} from './constants';\nimport type { TernSecureHandlerOptions } from './types';\n\nexport async function refreshCookieWithIdToken(\n idToken: string,\n cookieStore: NextCookieStore,\n config?: TernSecureHandlerOptions,\n referrer?: string,\n): Promise<void> {\n const backendClient = await ternSecureBackendClient();\n\n const authOptions: AuthenticateRequestOptions = {\n firebaseConfig: {\n apiKey: FIREBASE_API_KEY,\n authDomain: FIREBASE_AUTH_DOMAIN,\n projectId: FIREBASE_PROJECT_ID,\n storageBucket: FIREBASE_STORAGE_BUCKET,\n messagingSenderId: FIREBASE_MESSAGING_SENDER_ID,\n appId: FIREBASE_APP_ID,\n tenantId: config?.tenantId || undefined,\n },\n apiClient: backendClient,\n };\n\n const COOKIE_OPTIONS =
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/admin/request.ts"],"sourcesContent":["import type { AuthenticateRequestOptions } from '@tern-secure/backend';\nimport { constants } from '@tern-secure/backend';\nimport { getAuth } from '@tern-secure/backend/auth';\nimport { getCookieName, getCookiePrefix } from '@tern-secure/shared/cookie';\n\nimport { ternSecureBackendClient } from '../../server/ternsecureClient';\nimport type { NextCookieStore } from '../../utils/NextCookieAdapter';\nimport {\n FIREBASE_API_KEY,\n FIREBASE_APP_ID,\n FIREBASE_AUTH_DOMAIN,\n FIREBASE_MESSAGING_SENDER_ID,\n FIREBASE_PROJECT_ID,\n FIREBASE_STORAGE_BUCKET,\n} from './constants';\nimport { getCookieOptions } from './cookieOptionsHelper';\nimport type { TernSecureHandlerOptions } from './types';\n\nexport async function refreshCookieWithIdToken(\n idToken: string,\n cookieStore: NextCookieStore,\n config?: TernSecureHandlerOptions,\n referrer?: string,\n): Promise<void> {\n const backendClient = await ternSecureBackendClient();\n\n const authOptions: AuthenticateRequestOptions = {\n firebaseConfig: {\n apiKey: FIREBASE_API_KEY,\n authDomain: FIREBASE_AUTH_DOMAIN,\n projectId: FIREBASE_PROJECT_ID,\n storageBucket: FIREBASE_STORAGE_BUCKET,\n messagingSenderId: FIREBASE_MESSAGING_SENDER_ID,\n appId: FIREBASE_APP_ID,\n tenantId: config?.tenantId || undefined,\n },\n apiClient: backendClient,\n };\n\n const COOKIE_OPTIONS = getCookieOptions(config);\n\n const { createCustomIdAndRefreshToken } = getAuth(authOptions);\n\n const customTokens = await createCustomIdAndRefreshToken(idToken, { referer: referrer });\n\n const cookiePrefix = getCookiePrefix();\n\n const cookiePromises = [\n cookieStore.set(\n getCookieName(constants.Cookies.IdToken, cookiePrefix),\n customTokens.idToken,\n COOKIE_OPTIONS,\n ),\n cookieStore.set(\n getCookieName(constants.Cookies.Refresh, cookiePrefix),\n customTokens.refreshToken,\n COOKIE_OPTIONS,\n ),\n ];\n\n if (config?.enableCustomToken) {\n cookiePromises.push(\n cookieStore.set(constants.Cookies.Custom, customTokens.customToken, COOKIE_OPTIONS),\n );\n }\n\n await Promise.all(cookiePromises);\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AACA,qBAA0B;AAC1B,kBAAwB;AACxB,oBAA+C;AAE/C,8BAAwC;AAExC,uBAOO;AACP,iCAAiC;AAGjC,eAAsB,yBACpB,SACA,aACA,QACA,UACe;AACf,QAAM,gBAAgB,UAAM,iDAAwB;AAEpD,QAAM,cAA0C;AAAA,IAC9C,gBAAgB;AAAA,MACd,QAAQ;AAAA,MACR,YAAY;AAAA,MACZ,WAAW;AAAA,MACX,eAAe;AAAA,MACf,mBAAmB;AAAA,MACnB,OAAO;AAAA,MACP,UAAU,QAAQ,YAAY;AAAA,IAChC;AAAA,IACA,WAAW;AAAA,EACb;AAEA,QAAM,qBAAiB,6CAAiB,MAAM;AAE9C,QAAM,EAAE,8BAA8B,QAAI,qBAAQ,WAAW;AAE7D,QAAM,eAAe,MAAM,8BAA8B,SAAS,EAAE,SAAS,SAAS,CAAC;AAEvF,QAAM,mBAAe,+BAAgB;AAErC,QAAM,iBAAiB;AAAA,IACrB,YAAY;AAAA,UACV,6BAAc,yBAAU,QAAQ,SAAS,YAAY;AAAA,MACrD,aAAa;AAAA,MACb;AAAA,IACF;AAAA,IACA,YAAY;AAAA,UACV,6BAAc,yBAAU,QAAQ,SAAS,YAAY;AAAA,MACrD,aAAa;AAAA,MACb;AAAA,IACF;AAAA,EACF;AAEA,MAAI,QAAQ,mBAAmB;AAC7B,mBAAe;AAAA,MACb,YAAY,IAAI,yBAAU,QAAQ,QAAQ,aAAa,aAAa,cAAc;AAAA,IACpF;AAAA,EACF;AAEA,QAAM,QAAQ,IAAI,cAAc;AAClC;","names":[]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/app-router/admin/types.ts"],"sourcesContent":["import type {\n AuthEndpoint,\n CookieEndpointConfig,\n CookieOpts as CookieOptions,\n CorsOptions,\n EndpointConfig,\n SecurityOptions,\n SessionEndpointConfig,\n SessionSubEndpoint,\n TernSecureHandlerOptions,\n TokenCookieConfig,\n} from '@tern-secure/types';\nimport { type NextResponse } from 'next/server';\n\nexport const DEFAULT_CORS_OPTIONS: CorsOptions = {\n allowedOrigins: [],\n allowedMethods: ['GET', 'POST'],\n allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With'],\n allowCredentials: true,\n maxAge: 86400, // 24 hours\n};\n\nexport const DEFAULT_COOKIE_OPTIONS: CookieOptions = {\n httpOnly: true,\n path: '/',\n secure: process.env.NODE_ENV === 'production',\n sameSite: 'strict',\n maxAge: 12 * 60 * 60 * 24, // twelve days\n priority: 'high',\n};\n\n\nexport const FIXED_TOKEN_CONFIGS = {\n id: {\n path: '/',\n httpOnly: true,\n sameSite: 'lax' as const,\n maxAge: 3600, // 1 hour\n },\n refresh: {\n path: '/',\n httpOnly: true,\n sameSite: 'lax' as const,\n maxAge: 3600 * 24 * 30, // 30 days (changes when user events occur)\n },\n signature: {\n path: '/',\n httpOnly: true,\n sameSite: 'lax' as const,\n maxAge: 3600 * 24 * 7, // 1 week (as needed)\n },\n custom: {\n path: '/',\n httpOnly: true,\n sameSite: 'lax' as const,\n maxAge: 3600 * 24 * 7, // 1 week (as needed)\n },\n} as const;\n\nexport const DEFAULT_SECURITY_OPTIONS: SecurityOptions = {\n requireCSRF: true,\n allowedReferers: [],\n requiredHeaders: {},\n ipWhitelist: [],\n userAgent: {\n block: [],\n allow: [],\n },\n};\n\nexport const DEFAULT_ENDPOINT_CONFIG: EndpointConfig = {\n enabled: true,\n methods: ['GET', 'POST'],\n requireAuth: false,\n security: DEFAULT_SECURITY_OPTIONS,\n};\n\nexport const DEFAULT_COOKIE_REQUEST_CONFIG: CookieEndpointConfig = {\n ...DEFAULT_ENDPOINT_CONFIG,\n subEndpoints: {\n get: {\n enabled: true,\n methods: ['GET'],\n requireAuth: false,\n security: {\n requireCSRF: true,\n allowedReferers: [],\n },\n },\n },\n};\n\nexport const DEFAULT_SESSIONS_CONFIG: SessionEndpointConfig = {\n ...DEFAULT_ENDPOINT_CONFIG,\n subEndpoints: {\n verify: {\n enabled: true,\n methods: ['GET'],\n requireAuth: false,\n security: {\n requireCSRF: true,\n allowedReferers: [],\n },\n },\n createsession: {\n enabled: true,\n methods: ['POST'],\n requireAuth: false,\n security: {\n requireCSRF: true,\n },\n },\n refresh: {\n enabled: true,\n methods: ['POST'],\n requireAuth: true,\n security: {\n requireCSRF: true,\n },\n },\n revoke: {\n enabled: true,\n methods: ['POST'],\n requireAuth: true,\n security: {\n requireCSRF: true,\n },\n },\n },\n};\n\nexport const DEFAULT_HANDLER_OPTIONS: Required<TernSecureHandlerOptions> & {\n endpoints: Required<NonNullable<TernSecureHandlerOptions['endpoints']>>;\n} = {\n cors: DEFAULT_CORS_OPTIONS,\n cookies: DEFAULT_COOKIE_OPTIONS,\n rateLimit: {\n windowMs: 15 * 60 * 1000, // 15 minutes\n maxRequests: 100,\n skipSuccessful: false,\n skipFailedRequests: false,\n },\n security: DEFAULT_SECURITY_OPTIONS,\n endpoints: {\n cookies: DEFAULT_COOKIE_REQUEST_CONFIG,\n sessions: DEFAULT_SESSIONS_CONFIG,\n },\n tenantId: '',\n enableCustomToken: false,\n debug: false,\n environment: 'production',\n basePath: '/api/auth',\n};\n\nexport interface ValidationResult {\n error?: NextResponse;\n data?: any;\n}\n\nexport interface ValidationConfig {\n cors?: CorsOptions;\n security?: SecurityOptions;\n endpoint?: {\n name: AuthEndpoint;\n config: EndpointConfig;\n };\n subEndpoint?: {\n name: SessionSubEndpoint;\n config: EndpointConfig;\n };\n requireIdToken?: boolean;\n requireCsrfToken?: boolean;\n}\n\nexport interface ComprehensiveValidationResult {\n isValid: boolean;\n error?: Response;\n corsResponse?: Response;\n sessionData?: {\n body: any;\n idToken?: string;\n csrfToken?: string;\n };\n}\n\nexport type suffix = 'session' | 'id' | 'refresh' | 'signature' | 'custom';\n\nexport class CookieUtils {\n static getCookieName(namePrefix: string, tokenType: suffix): string {\n return `${namePrefix}.${tokenType}`;\n }\n\n static getCookieNames(namePrefix: string) {\n return {\n session: this.getCookieName(namePrefix, 'session'),\n id: this.getCookieName(namePrefix, 'id'),\n refresh: this.getCookieName(namePrefix, 'refresh'),\n signature: this.getCookieName(namePrefix, 'signature'),\n custom: this.getCookieName(namePrefix, 'custom'),\n };\n }\n\n static getSessionConfig(cookieOptions: CookieOptions): TokenCookieConfig {\n const sessionConfig = cookieOptions.session || {};\n const defaultSession = DEFAULT_COOKIE_OPTIONS.session || {};\n\n return {\n path: sessionConfig.path ?? cookieOptions.path ?? '/',\n httpOnly: sessionConfig.httpOnly ?? cookieOptions.httpOnly ?? true,\n sameSite: sessionConfig.sameSite ?? cookieOptions.sameSite ?? 'lax',\n maxAge: sessionConfig.maxAge ?? defaultSession.maxAge ?? 3600 * 24 * 7,\n };\n }\n\n static getFixedTokenConfig(\n tokenType: Exclude<suffix, 'session'>,\n ): TokenCookieConfig {\n const fixedConfig = FIXED_TOKEN_CONFIGS[tokenType];\n\n return {\n path: fixedConfig.path,\n httpOnly: fixedConfig.httpOnly,\n sameSite: fixedConfig.sameSite,\n maxAge: fixedConfig.maxAge,\n };\n }\n\n static validateSessionMaxAge(maxAge: number): boolean {\n const minAge = 300; // 5 minutes\n const maxAgeLimit = 3600 * 24 * 14; // 2 weeks\n return maxAge >= minAge && maxAge <= maxAgeLimit;\n }\n}\n\nexport {\n AuthEndpoint,\n CookieOptions,\n CorsOptions,\n SecurityOptions,\n SessionSubEndpoint,\n EndpointConfig,\n SessionEndpointConfig,\n TernSecureHandlerOptions,\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAcO,MAAM,uBAAoC;AAAA,EAC/C,gBAAgB,CAAC;AAAA,EACjB,gBAAgB,CAAC,OAAO,MAAM;AAAA,EAC9B,gBAAgB,CAAC,gBAAgB,iBAAiB,kBAAkB;AAAA,EACpE,kBAAkB;AAAA,EAClB,QAAQ;AAAA;AACV;AAEO,MAAM,yBAAwC;AAAA,EACnD,UAAU;AAAA,EACV,MAAM;AAAA,EACN,QAAQ,QAAQ,IAAI,aAAa;AAAA,EACjC,UAAU;AAAA,EACV,QAAQ,KAAK,KAAK,KAAK;AAAA;AAAA,EACvB,UAAU;AACZ;AAGO,MAAM,sBAAsB;AAAA,EACjC,IAAI;AAAA,IACF,MAAM;AAAA,IACN,UAAU;AAAA,IACV,UAAU;AAAA,IACV,QAAQ;AAAA;AAAA,EACV;AAAA,EACA,SAAS;AAAA,IACP,MAAM;AAAA,IACN,UAAU;AAAA,IACV,UAAU;AAAA,IACV,QAAQ,OAAO,KAAK;AAAA;AAAA,EACtB;AAAA,EACA,WAAW;AAAA,IACT,MAAM;AAAA,IACN,UAAU;AAAA,IACV,UAAU;AAAA,IACV,QAAQ,OAAO,KAAK;AAAA;AAAA,EACtB;AAAA,EACA,QAAQ;AAAA,IACN,MAAM;AAAA,IACN,UAAU;AAAA,IACV,UAAU;AAAA,IACV,QAAQ,OAAO,KAAK;AAAA;AAAA,EACtB;AACF;AAEO,MAAM,2BAA4C;AAAA,EACvD,aAAa;AAAA,EACb,iBAAiB,CAAC;AAAA,EAClB,iBAAiB,CAAC;AAAA,EAClB,aAAa,CAAC;AAAA,EACd,WAAW;AAAA,IACT,OAAO,CAAC;AAAA,IACR,OAAO,CAAC;AAAA,EACV;AACF;AAEO,MAAM,0BAA0C;AAAA,EACrD,SAAS;AAAA,EACT,SAAS,CAAC,OAAO,MAAM;AAAA,EACvB,aAAa;AAAA,EACb,UAAU;AACZ;AAEO,MAAM,gCAAsD;AAAA,EACjE,GAAG;AAAA,EACH,cAAc;AAAA,IACZ,KAAK;AAAA,MACH,SAAS;AAAA,MACT,SAAS,CAAC,KAAK;AAAA,MACf,aAAa;AAAA,MACb,UAAU;AAAA,QACR,aAAa;AAAA,QACb,iBAAiB,CAAC;AAAA,MACpB;AAAA,IACF;AAAA,EACF;AACF;AAEO,MAAM,0BAAiD;AAAA,EAC5D,GAAG;AAAA,EACH,cAAc;AAAA,IACZ,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,SAAS,CAAC,KAAK;AAAA,MACf,aAAa;AAAA,MACb,UAAU;AAAA,QACR,aAAa;AAAA,QACb,iBAAiB,CAAC;AAAA,MACpB;AAAA,IACF;AAAA,IACA,eAAe;AAAA,MACb,SAAS;AAAA,MACT,SAAS,CAAC,MAAM;AAAA,MAChB,aAAa;AAAA,MACb,UAAU;AAAA,QACR,aAAa;AAAA,MACf;AAAA,IACF;AAAA,IACA,SAAS;AAAA,MACP,SAAS;AAAA,MACT,SAAS,CAAC,MAAM;AAAA,MAChB,aAAa;AAAA,MACb,UAAU;AAAA,QACR,aAAa;AAAA,MACf;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,SAAS,CAAC,MAAM;AAAA,MAChB,aAAa;AAAA,MACb,UAAU;AAAA,QACR,aAAa;AAAA,MACf;AAAA,IACF;AAAA,EACF;AACF;AAEO,MAAM,0BAET;AAAA,EACF,MAAM;AAAA,EACN,SAAS;AAAA,EACT,WAAW;AAAA,IACT,UAAU,KAAK,KAAK;AAAA;AAAA,IACpB,aAAa;AAAA,IACb,gBAAgB;AAAA,IAChB,oBAAoB;AAAA,EACtB;AAAA,EACA,UAAU;AAAA,EACV,WAAW;AAAA,IACT,SAAS;AAAA,IACT,UAAU;AAAA,EACZ;AAAA,EACA,UAAU;AAAA,EACV,mBAAmB;AAAA,EACnB,OAAO;AAAA,EACP,aAAa;AAAA,EACb,UAAU;AACZ;AAmCO,MAAM,YAAY;AAAA,EACvB,OAAO,cAAc,YAAoB,WAA2B;AAClE,WAAO,GAAG,UAAU,IAAI,SAAS;AAAA,EACnC;AAAA,EAEA,OAAO,eAAe,YAAoB;AACxC,WAAO;AAAA,MACL,SAAS,KAAK,cAAc,YAAY,SAAS;AAAA,MACjD,IAAI,KAAK,cAAc,YAAY,IAAI;AAAA,MACvC,SAAS,KAAK,cAAc,YAAY,SAAS;AAAA,MACjD,WAAW,KAAK,cAAc,YAAY,WAAW;AAAA,MACrD,QAAQ,KAAK,cAAc,YAAY,QAAQ;AAAA,IACjD;AAAA,EACF;AAAA,EAEA,OAAO,iBAAiB,eAAiD;AACvE,UAAM,gBAAgB,cAAc,WAAW,CAAC;AAChD,UAAM,iBAAiB,uBAAuB,WAAW,CAAC;AAE1D,WAAO;AAAA,MACL,MAAM,cAAc,QAAQ,cAAc,QAAQ;AAAA,MAClD,UAAU,cAAc,YAAY,cAAc,YAAY;AAAA,MAC9D,UAAU,cAAc,YAAY,cAAc,YAAY;AAAA,MAC9D,QAAQ,cAAc,UAAU,eAAe,UAAU,OAAO,KAAK;AAAA,IACvE;AAAA,EACF;AAAA,EAEA,OAAO,oBACL,WACmB;AACnB,UAAM,cAAc,oBAAoB,SAAS;AAEjD,WAAO;AAAA,MACL,MAAM,YAAY;AAAA,MAClB,UAAU,YAAY;AAAA,MACtB,UAAU,YAAY;AAAA,MACtB,QAAQ,YAAY;AAAA,IACtB;AAAA,EACF;AAAA,EAEA,OAAO,sBAAsB,QAAyB;AACpD,UAAM,SAAS;AACf,UAAM,cAAc,OAAO,KAAK;AAChC,WAAO,UAAU,UAAU,UAAU;AAAA,EACvC;AACF;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/admin/types.ts"],"sourcesContent":["import type {\n AuthEndpoint,\n CookieEndpointConfig,\n CookieOpts as CookieOptions,\n CorsOptions,\n EndpointConfig,\n SecurityOptions,\n SessionEndpointConfig,\n SessionSubEndpoint,\n TernSecureHandlerOptions,\n TokenCookieConfig,\n} from '@tern-secure/types';\nimport { type NextResponse } from 'next/server';\n\nexport const DEFAULT_CORS_OPTIONS: CorsOptions = {\n allowedOrigins: [],\n allowedMethods: ['GET', 'POST'],\n allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With'],\n allowCredentials: true,\n maxAge: 86400, // 24 hours\n};\n\nexport const DEFAULT_COOKIE_OPTIONS: CookieOptions = {\n httpOnly: true,\n path: '/',\n secure: process.env.NODE_ENV === 'production',\n sameSite: 'strict',\n maxAge: 12 * 60 * 60 * 24, // twelve days\n priority: 'high',\n};\n\n\nexport const FIXED_TOKEN_CONFIGS = {\n id: {\n path: '/',\n httpOnly: true,\n sameSite: 'lax' as const,\n maxAge: 3600, // 1 hour\n },\n refresh: {\n path: '/',\n httpOnly: true,\n sameSite: 'lax' as const,\n maxAge: 3600 * 24 * 30, // 30 days (changes when user events occur)\n },\n signature: {\n path: '/',\n httpOnly: true,\n sameSite: 'lax' as const,\n maxAge: 3600 * 24 * 7, // 1 week (as needed)\n },\n custom: {\n path: '/',\n httpOnly: true,\n sameSite: 'lax' as const,\n maxAge: 3600 * 24 * 7, // 1 week (as needed)\n },\n} as const;\n\nexport const DEFAULT_SECURITY_OPTIONS: SecurityOptions = {\n requireCSRF: true,\n allowedReferers: [],\n requiredHeaders: {},\n ipWhitelist: [],\n userAgent: {\n block: [],\n allow: [],\n },\n};\n\nexport const DEFAULT_ENDPOINT_CONFIG: EndpointConfig = {\n enabled: true,\n methods: ['GET', 'POST'],\n requireAuth: false,\n security: DEFAULT_SECURITY_OPTIONS,\n};\n\nexport const DEFAULT_COOKIE_REQUEST_CONFIG: CookieEndpointConfig = {\n ...DEFAULT_ENDPOINT_CONFIG,\n subEndpoints: {\n get: {\n enabled: true,\n methods: ['GET'],\n requireAuth: false,\n security: {\n requireCSRF: true,\n allowedReferers: [],\n },\n },\n },\n};\n\nexport const DEFAULT_SESSIONS_CONFIG: SessionEndpointConfig = {\n ...DEFAULT_ENDPOINT_CONFIG,\n subEndpoints: {\n verify: {\n enabled: true,\n methods: ['GET'],\n requireAuth: false,\n security: {\n requireCSRF: true,\n allowedReferers: [],\n },\n },\n createsession: {\n enabled: true,\n methods: ['POST'],\n requireAuth: false,\n security: {\n requireCSRF: true,\n },\n },\n refresh: {\n enabled: true,\n methods: ['POST'],\n requireAuth: true,\n security: {\n requireCSRF: true,\n },\n },\n revoke: {\n enabled: true,\n methods: ['POST'],\n requireAuth: true,\n security: {\n requireCSRF: true,\n },\n },\n },\n};\n\nexport const DEFAULT_HANDLER_OPTIONS: Required<TernSecureHandlerOptions> & {\n endpoints: Required<NonNullable<TernSecureHandlerOptions['endpoints']>>;\n} = {\n cors: DEFAULT_CORS_OPTIONS,\n cookies: DEFAULT_COOKIE_OPTIONS,\n rateLimit: {\n windowMs: 15 * 60 * 1000, // 15 minutes\n maxRequests: 100,\n skipSuccessful: false,\n skipFailedRequests: false,\n },\n security: DEFAULT_SECURITY_OPTIONS,\n endpoints: {\n cookies: DEFAULT_COOKIE_REQUEST_CONFIG,\n sessions: DEFAULT_SESSIONS_CONFIG,\n },\n tenantId: '',\n revokeRefreshTokensOnSignOut: true,\n enableCustomToken: false,\n debug: false,\n environment: 'production',\n basePath: '/api/auth',\n};\n\nexport interface ValidationResult {\n error?: NextResponse;\n data?: any;\n}\n\nexport interface ValidationConfig {\n cors?: CorsOptions;\n security?: SecurityOptions;\n endpoint?: {\n name: AuthEndpoint;\n config: EndpointConfig;\n };\n subEndpoint?: {\n name: SessionSubEndpoint;\n config: EndpointConfig;\n };\n requireIdToken?: boolean;\n requireCsrfToken?: boolean;\n}\n\nexport interface ComprehensiveValidationResult {\n isValid: boolean;\n error?: Response;\n corsResponse?: Response;\n sessionData?: {\n body: any;\n idToken?: string;\n csrfToken?: string;\n };\n}\n\nexport type suffix = 'session' | 'id' | 'refresh' | 'signature' | 'custom';\n\nexport class CookieUtils {\n static getCookieName(namePrefix: string, tokenType: suffix): string {\n return `${namePrefix}.${tokenType}`;\n }\n\n static getCookieNames(namePrefix: string) {\n return {\n session: this.getCookieName(namePrefix, 'session'),\n id: this.getCookieName(namePrefix, 'id'),\n refresh: this.getCookieName(namePrefix, 'refresh'),\n signature: this.getCookieName(namePrefix, 'signature'),\n custom: this.getCookieName(namePrefix, 'custom'),\n };\n }\n\n static getSessionConfig(cookieOptions: CookieOptions): TokenCookieConfig {\n const sessionConfig = cookieOptions.session || {};\n const defaultSession = DEFAULT_COOKIE_OPTIONS.session || {};\n\n return {\n path: sessionConfig.path ?? cookieOptions.path ?? '/',\n httpOnly: sessionConfig.httpOnly ?? cookieOptions.httpOnly ?? true,\n sameSite: sessionConfig.sameSite ?? cookieOptions.sameSite ?? 'lax',\n maxAge: sessionConfig.maxAge ?? defaultSession.maxAge ?? 3600 * 24 * 7,\n };\n }\n\n static getFixedTokenConfig(\n tokenType: Exclude<suffix, 'session'>,\n ): TokenCookieConfig {\n const fixedConfig = FIXED_TOKEN_CONFIGS[tokenType];\n\n return {\n path: fixedConfig.path,\n httpOnly: fixedConfig.httpOnly,\n sameSite: fixedConfig.sameSite,\n maxAge: fixedConfig.maxAge,\n };\n }\n\n static validateSessionMaxAge(maxAge: number): boolean {\n const minAge = 300; // 5 minutes\n const maxAgeLimit = 3600 * 24 * 14; // 2 weeks\n return maxAge >= minAge && maxAge <= maxAgeLimit;\n }\n}\n\nexport {\n AuthEndpoint,\n CookieOptions,\n CorsOptions,\n SecurityOptions,\n SessionSubEndpoint,\n EndpointConfig,\n SessionEndpointConfig,\n TernSecureHandlerOptions,\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAcO,MAAM,uBAAoC;AAAA,EAC/C,gBAAgB,CAAC;AAAA,EACjB,gBAAgB,CAAC,OAAO,MAAM;AAAA,EAC9B,gBAAgB,CAAC,gBAAgB,iBAAiB,kBAAkB;AAAA,EACpE,kBAAkB;AAAA,EAClB,QAAQ;AAAA;AACV;AAEO,MAAM,yBAAwC;AAAA,EACnD,UAAU;AAAA,EACV,MAAM;AAAA,EACN,QAAQ,QAAQ,IAAI,aAAa;AAAA,EACjC,UAAU;AAAA,EACV,QAAQ,KAAK,KAAK,KAAK;AAAA;AAAA,EACvB,UAAU;AACZ;AAGO,MAAM,sBAAsB;AAAA,EACjC,IAAI;AAAA,IACF,MAAM;AAAA,IACN,UAAU;AAAA,IACV,UAAU;AAAA,IACV,QAAQ;AAAA;AAAA,EACV;AAAA,EACA,SAAS;AAAA,IACP,MAAM;AAAA,IACN,UAAU;AAAA,IACV,UAAU;AAAA,IACV,QAAQ,OAAO,KAAK;AAAA;AAAA,EACtB;AAAA,EACA,WAAW;AAAA,IACT,MAAM;AAAA,IACN,UAAU;AAAA,IACV,UAAU;AAAA,IACV,QAAQ,OAAO,KAAK;AAAA;AAAA,EACtB;AAAA,EACA,QAAQ;AAAA,IACN,MAAM;AAAA,IACN,UAAU;AAAA,IACV,UAAU;AAAA,IACV,QAAQ,OAAO,KAAK;AAAA;AAAA,EACtB;AACF;AAEO,MAAM,2BAA4C;AAAA,EACvD,aAAa;AAAA,EACb,iBAAiB,CAAC;AAAA,EAClB,iBAAiB,CAAC;AAAA,EAClB,aAAa,CAAC;AAAA,EACd,WAAW;AAAA,IACT,OAAO,CAAC;AAAA,IACR,OAAO,CAAC;AAAA,EACV;AACF;AAEO,MAAM,0BAA0C;AAAA,EACrD,SAAS;AAAA,EACT,SAAS,CAAC,OAAO,MAAM;AAAA,EACvB,aAAa;AAAA,EACb,UAAU;AACZ;AAEO,MAAM,gCAAsD;AAAA,EACjE,GAAG;AAAA,EACH,cAAc;AAAA,IACZ,KAAK;AAAA,MACH,SAAS;AAAA,MACT,SAAS,CAAC,KAAK;AAAA,MACf,aAAa;AAAA,MACb,UAAU;AAAA,QACR,aAAa;AAAA,QACb,iBAAiB,CAAC;AAAA,MACpB;AAAA,IACF;AAAA,EACF;AACF;AAEO,MAAM,0BAAiD;AAAA,EAC5D,GAAG;AAAA,EACH,cAAc;AAAA,IACZ,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,SAAS,CAAC,KAAK;AAAA,MACf,aAAa;AAAA,MACb,UAAU;AAAA,QACR,aAAa;AAAA,QACb,iBAAiB,CAAC;AAAA,MACpB;AAAA,IACF;AAAA,IACA,eAAe;AAAA,MACb,SAAS;AAAA,MACT,SAAS,CAAC,MAAM;AAAA,MAChB,aAAa;AAAA,MACb,UAAU;AAAA,QACR,aAAa;AAAA,MACf;AAAA,IACF;AAAA,IACA,SAAS;AAAA,MACP,SAAS;AAAA,MACT,SAAS,CAAC,MAAM;AAAA,MAChB,aAAa;AAAA,MACb,UAAU;AAAA,QACR,aAAa;AAAA,MACf;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,SAAS,CAAC,MAAM;AAAA,MAChB,aAAa;AAAA,MACb,UAAU;AAAA,QACR,aAAa;AAAA,MACf;AAAA,IACF;AAAA,EACF;AACF;AAEO,MAAM,0BAET;AAAA,EACF,MAAM;AAAA,EACN,SAAS;AAAA,EACT,WAAW;AAAA,IACT,UAAU,KAAK,KAAK;AAAA;AAAA,IACpB,aAAa;AAAA,IACb,gBAAgB;AAAA,IAChB,oBAAoB;AAAA,EACtB;AAAA,EACA,UAAU;AAAA,EACV,WAAW;AAAA,IACT,SAAS;AAAA,IACT,UAAU;AAAA,EACZ;AAAA,EACA,UAAU;AAAA,EACV,8BAA8B;AAAA,EAC9B,mBAAmB;AAAA,EACnB,OAAO;AAAA,EACP,aAAa;AAAA,EACb,UAAU;AACZ;AAmCO,MAAM,YAAY;AAAA,EACvB,OAAO,cAAc,YAAoB,WAA2B;AAClE,WAAO,GAAG,UAAU,IAAI,SAAS;AAAA,EACnC;AAAA,EAEA,OAAO,eAAe,YAAoB;AACxC,WAAO;AAAA,MACL,SAAS,KAAK,cAAc,YAAY,SAAS;AAAA,MACjD,IAAI,KAAK,cAAc,YAAY,IAAI;AAAA,MACvC,SAAS,KAAK,cAAc,YAAY,SAAS;AAAA,MACjD,WAAW,KAAK,cAAc,YAAY,WAAW;AAAA,MACrD,QAAQ,KAAK,cAAc,YAAY,QAAQ;AAAA,IACjD;AAAA,EACF;AAAA,EAEA,OAAO,iBAAiB,eAAiD;AACvE,UAAM,gBAAgB,cAAc,WAAW,CAAC;AAChD,UAAM,iBAAiB,uBAAuB,WAAW,CAAC;AAE1D,WAAO;AAAA,MACL,MAAM,cAAc,QAAQ,cAAc,QAAQ;AAAA,MAClD,UAAU,cAAc,YAAY,cAAc,YAAY;AAAA,MAC9D,UAAU,cAAc,YAAY,cAAc,YAAY;AAAA,MAC9D,QAAQ,cAAc,UAAU,eAAe,UAAU,OAAO,KAAK;AAAA,IACvE;AAAA,EACF;AAAA,EAEA,OAAO,oBACL,WACmB;AACnB,UAAM,cAAc,oBAAoB,SAAS;AAEjD,WAAO;AAAA,MACL,MAAM,YAAY;AAAA,MAClB,UAAU,YAAY;AAAA,MACtB,UAAU,YAAY;AAAA,MACtB,QAAQ,YAAY;AAAA,IACtB;AAAA,EACF;AAAA,EAEA,OAAO,sBAAsB,QAAyB;AACpD,UAAM,SAAS;AACf,UAAM,cAAc,OAAO,KAAK;AAChC,WAAO,UAAU,UAAU,UAAU;AAAA,EACvC;AACF;","names":[]}
|
|
@@ -26,13 +26,23 @@ var import_jsx_runtime = require("react/jsx-runtime");
|
|
|
26
26
|
var import_react = require("@tern-secure/react");
|
|
27
27
|
var import_NextOptionsCtx = require("../../boundary/NextOptionsCtx");
|
|
28
28
|
var import_allNextProviderProps = require("../../utils/allNextProviderProps");
|
|
29
|
+
var import_useAwaitablePush = require("./useAwaitablePush");
|
|
30
|
+
var import_useAwaitableReplace = require("./useAwaitableReplace");
|
|
29
31
|
const NextClientProvider = (props) => {
|
|
30
32
|
const { children } = props;
|
|
33
|
+
const push = (0, import_useAwaitablePush.useAwaitablePush)();
|
|
34
|
+
const replace = (0, import_useAwaitableReplace.useAwaitableReplace)();
|
|
31
35
|
const isNested = Boolean((0, import_NextOptionsCtx.useTernNextOptions)());
|
|
32
36
|
if (isNested) {
|
|
33
37
|
return props.children;
|
|
34
38
|
}
|
|
35
|
-
const providerProps = (0, import_allNextProviderProps.allNextProviderPropsWithEnv)({
|
|
39
|
+
const providerProps = (0, import_allNextProviderProps.allNextProviderPropsWithEnv)({
|
|
40
|
+
...props,
|
|
41
|
+
// @ts-expect-error Error because of the stricter types of internal `push`
|
|
42
|
+
routerPush: push,
|
|
43
|
+
// @ts-expect-error Error because of the stricter types of internal `replace`
|
|
44
|
+
routerReplace: replace
|
|
45
|
+
});
|
|
36
46
|
return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_NextOptionsCtx.TernNextOptionsProvider, { options: providerProps, children: /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_react.TernSecureProvider, { ...providerProps, children }) });
|
|
37
47
|
};
|
|
38
48
|
const ClientTernSecureProvider = (props) => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/app-router/client/TernSecureProvider.tsx"],"sourcesContent":["'use client';\r\n\r\nimport { TernSecureProvider as TernSecureReactProvider } from '@tern-secure/react';\r\n\r\nimport { TernNextOptionsProvider, useTernNextOptions } from '../../boundary/NextOptionsCtx';\r\nimport type { TernSecureNextProps } from '../../types';\r\nimport { allNextProviderPropsWithEnv } from '../../utils/allNextProviderProps';\r\n\r\nconst NextClientProvider = (props: TernSecureNextProps) => {\r\n const { children } = props;\r\n\r\n const isNested = Boolean(useTernNextOptions());\r\n if (isNested) {\r\n return props.children;\r\n }\r\n\r\n const providerProps = allNextProviderPropsWithEnv({...props});\r\n return (\r\n <TernNextOptionsProvider options={providerProps}>\r\n <TernSecureReactProvider {...providerProps}>\r\n {children}\r\n </TernSecureReactProvider>\r\n </TernNextOptionsProvider>\r\n );\r\n};\r\n\r\nexport const ClientTernSecureProvider = (props: TernSecureNextProps) => {\r\n const { children, ...rest } = props;\r\n return
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/client/TernSecureProvider.tsx"],"sourcesContent":["'use client';\r\n\r\nimport { TernSecureProvider as TernSecureReactProvider } from '@tern-secure/react';\r\n\r\nimport { TernNextOptionsProvider, useTernNextOptions } from '../../boundary/NextOptionsCtx';\r\nimport type { TernSecureNextProps } from '../../types';\r\nimport { allNextProviderPropsWithEnv } from '../../utils/allNextProviderProps';\r\nimport { useAwaitablePush } from './useAwaitablePush';\r\nimport { useAwaitableReplace } from './useAwaitableReplace';\r\n\r\n\r\nconst NextClientProvider = (props: TernSecureNextProps) => {\r\n const { children } = props;\r\n\r\n const push = useAwaitablePush();\r\n const replace = useAwaitableReplace();\r\n\r\n const isNested = Boolean(useTernNextOptions());\r\n if (isNested) {\r\n return props.children;\r\n }\r\n\r\n const providerProps = allNextProviderPropsWithEnv({\r\n ...props,\r\n // @ts-expect-error Error because of the stricter types of internal `push`\r\n routerPush: push,\r\n // @ts-expect-error Error because of the stricter types of internal `replace`\r\n routerReplace: replace,\r\n });\r\n return (\r\n <TernNextOptionsProvider options={providerProps}>\r\n <TernSecureReactProvider {...providerProps}>\r\n {children}\r\n </TernSecureReactProvider>\r\n </TernNextOptionsProvider>\r\n );\r\n};\r\n\r\nexport const ClientTernSecureProvider = (props: TernSecureNextProps) => {\r\n const { children, ...rest } = props;\r\n return <NextClientProvider {...rest}>{children}</NextClientProvider>;\r\n};\r\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AA+BM;AA7BN,mBAA8D;AAE9D,4BAA4D;AAE5D,kCAA4C;AAC5C,8BAAiC;AACjC,iCAAoC;AAGpC,MAAM,qBAAqB,CAAC,UAA+B;AACzD,QAAM,EAAE,SAAS,IAAI;AAErB,QAAM,WAAO,0CAAiB;AAC9B,QAAM,cAAU,gDAAoB;AAEpC,QAAM,WAAW,YAAQ,0CAAmB,CAAC;AAC7C,MAAI,UAAU;AACZ,WAAO,MAAM;AAAA,EACf;AAEA,QAAM,oBAAgB,yDAA4B;AAAA,IAChD,GAAG;AAAA;AAAA,IAEH,YAAY;AAAA;AAAA,IAEZ,eAAe;AAAA,EACjB,CAAC;AACD,SACE,4CAAC,iDAAwB,SAAS,eAChC,sDAAC,aAAAA,oBAAA,EAAyB,GAAG,eAC1B,UACH,GACF;AAEJ;AAEO,MAAM,2BAA2B,CAAC,UAA+B;AACtE,QAAM,EAAE,UAAU,GAAG,KAAK,IAAI;AAC9B,SAAO,4CAAC,sBAAoB,GAAG,MAAO,UAAS;AACjD;","names":["TernSecureReactProvider"]}
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
"use client";
|
|
3
|
+
var __defProp = Object.defineProperty;
|
|
4
|
+
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
5
|
+
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
6
|
+
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
7
|
+
var __export = (target, all) => {
|
|
8
|
+
for (var name in all)
|
|
9
|
+
__defProp(target, name, { get: all[name], enumerable: true });
|
|
10
|
+
};
|
|
11
|
+
var __copyProps = (to, from, except, desc) => {
|
|
12
|
+
if (from && typeof from === "object" || typeof from === "function") {
|
|
13
|
+
for (let key of __getOwnPropNames(from))
|
|
14
|
+
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
15
|
+
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
16
|
+
}
|
|
17
|
+
return to;
|
|
18
|
+
};
|
|
19
|
+
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
20
|
+
var useAwaitablePush_exports = {};
|
|
21
|
+
__export(useAwaitablePush_exports, {
|
|
22
|
+
useAwaitablePush: () => useAwaitablePush
|
|
23
|
+
});
|
|
24
|
+
module.exports = __toCommonJS(useAwaitablePush_exports);
|
|
25
|
+
var import_navigation = require("next/navigation");
|
|
26
|
+
var import_useInternalNavFun = require("./useInternalNavFun");
|
|
27
|
+
const useAwaitablePush = () => {
|
|
28
|
+
const router = (0, import_navigation.useRouter)();
|
|
29
|
+
return (0, import_useInternalNavFun.useInternalNavFun)({
|
|
30
|
+
windowNav: typeof window !== "undefined" ? window.history.pushState.bind(window.history) : void 0,
|
|
31
|
+
routerNav: router.push.bind(router),
|
|
32
|
+
name: "push"
|
|
33
|
+
});
|
|
34
|
+
};
|
|
35
|
+
// Annotate the CommonJS export names for ESM import in node:
|
|
36
|
+
0 && (module.exports = {
|
|
37
|
+
useAwaitablePush
|
|
38
|
+
});
|
|
39
|
+
//# sourceMappingURL=useAwaitablePush.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/client/useAwaitablePush.ts"],"sourcesContent":["'use client';\n\nimport { useRouter } from 'next/navigation';\n\nimport { useInternalNavFun } from './useInternalNavFun';\n\n/**\n * Creates an \"awaitable\" navigation function that will do its best effort to wait for Next.js to finish its route transition.\n * This is accomplished by wrapping the call to `router.push` in `startTransition()`, which should rely on React to coordinate the pending state. We key off of\n * `isPending` to flush the stored promises and ensure the navigates \"resolve\".\n */\nexport const useAwaitablePush = () => {\n const router = useRouter();\n\n return useInternalNavFun({\n windowNav: typeof window !== 'undefined' ? window.history.pushState.bind(window.history) : undefined,\n routerNav: router.push.bind(router),\n name: 'push',\n });\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAEA,wBAA0B;AAE1B,+BAAkC;AAO3B,MAAM,mBAAmB,MAAM;AACpC,QAAM,aAAS,6BAAU;AAEzB,aAAO,4CAAkB;AAAA,IACvB,WAAW,OAAO,WAAW,cAAc,OAAO,QAAQ,UAAU,KAAK,OAAO,OAAO,IAAI;AAAA,IAC3F,WAAW,OAAO,KAAK,KAAK,MAAM;AAAA,IAClC,MAAM;AAAA,EACR,CAAC;AACH;","names":[]}
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
"use client";
|
|
3
|
+
var __defProp = Object.defineProperty;
|
|
4
|
+
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
5
|
+
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
6
|
+
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
7
|
+
var __export = (target, all) => {
|
|
8
|
+
for (var name in all)
|
|
9
|
+
__defProp(target, name, { get: all[name], enumerable: true });
|
|
10
|
+
};
|
|
11
|
+
var __copyProps = (to, from, except, desc) => {
|
|
12
|
+
if (from && typeof from === "object" || typeof from === "function") {
|
|
13
|
+
for (let key of __getOwnPropNames(from))
|
|
14
|
+
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
15
|
+
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
16
|
+
}
|
|
17
|
+
return to;
|
|
18
|
+
};
|
|
19
|
+
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
20
|
+
var useAwaitableReplace_exports = {};
|
|
21
|
+
__export(useAwaitableReplace_exports, {
|
|
22
|
+
useAwaitableReplace: () => useAwaitableReplace
|
|
23
|
+
});
|
|
24
|
+
module.exports = __toCommonJS(useAwaitableReplace_exports);
|
|
25
|
+
var import_navigation = require("next/navigation");
|
|
26
|
+
var import_useInternalNavFun = require("./useInternalNavFun");
|
|
27
|
+
const useAwaitableReplace = () => {
|
|
28
|
+
const router = (0, import_navigation.useRouter)();
|
|
29
|
+
return (0, import_useInternalNavFun.useInternalNavFun)({
|
|
30
|
+
windowNav: typeof window !== "undefined" ? window.history.replaceState.bind(window.history) : void 0,
|
|
31
|
+
routerNav: router.replace.bind(router),
|
|
32
|
+
name: "replace"
|
|
33
|
+
});
|
|
34
|
+
};
|
|
35
|
+
// Annotate the CommonJS export names for ESM import in node:
|
|
36
|
+
0 && (module.exports = {
|
|
37
|
+
useAwaitableReplace
|
|
38
|
+
});
|
|
39
|
+
//# sourceMappingURL=useAwaitableReplace.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/client/useAwaitableReplace.ts"],"sourcesContent":["'use client';\n\nimport { useRouter } from 'next/navigation';\n\nimport { useInternalNavFun } from './useInternalNavFun';\n\n/**\n * Creates an \"awaitable\" navigation function that will do its best effort to wait for Next.js to finish its route transition.\n * This is accomplished by wrapping the call to `router.replace` in `startTransition()`, which should rely on React to coordinate the pending state. We key off of\n * `isPending` to flush the stored promises and ensure the navigates \"resolve\".\n */\nexport const useAwaitableReplace = () => {\n const router = useRouter();\n\n return useInternalNavFun({\n windowNav: typeof window !== 'undefined' ? window.history.replaceState.bind(window.history) : undefined,\n routerNav: router.replace.bind(router),\n name: 'replace',\n });\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAEA,wBAA0B;AAE1B,+BAAkC;AAO3B,MAAM,sBAAsB,MAAM;AACvC,QAAM,aAAS,6BAAU;AAEzB,aAAO,4CAAkB;AAAA,IACvB,WAAW,OAAO,WAAW,cAAc,OAAO,QAAQ,aAAa,KAAK,OAAO,OAAO,IAAI;AAAA,IAC9F,WAAW,OAAO,QAAQ,KAAK,MAAM;AAAA,IACrC,MAAM;AAAA,EACR,CAAC;AACH;","names":[]}
|
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __defProp = Object.defineProperty;
|
|
3
|
+
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
4
|
+
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
5
|
+
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
6
|
+
var __export = (target, all) => {
|
|
7
|
+
for (var name in all)
|
|
8
|
+
__defProp(target, name, { get: all[name], enumerable: true });
|
|
9
|
+
};
|
|
10
|
+
var __copyProps = (to, from, except, desc) => {
|
|
11
|
+
if (from && typeof from === "object" || typeof from === "function") {
|
|
12
|
+
for (let key of __getOwnPropNames(from))
|
|
13
|
+
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
14
|
+
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
15
|
+
}
|
|
16
|
+
return to;
|
|
17
|
+
};
|
|
18
|
+
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
19
|
+
var useInternalNavFun_exports = {};
|
|
20
|
+
__export(useInternalNavFun_exports, {
|
|
21
|
+
useInternalNavFun: () => useInternalNavFun
|
|
22
|
+
});
|
|
23
|
+
module.exports = __toCommonJS(useInternalNavFun_exports);
|
|
24
|
+
var import_navigation = require("next/navigation");
|
|
25
|
+
var import_react = require("react");
|
|
26
|
+
var import_removeBasePath = require("../../utils/removeBasePath");
|
|
27
|
+
const getTernNavigationObject = (name) => {
|
|
28
|
+
window.__tern_internal_navigations ??= {};
|
|
29
|
+
window.__tern_internal_navigations[name] ??= {};
|
|
30
|
+
return window.__tern_internal_navigations[name];
|
|
31
|
+
};
|
|
32
|
+
const useInternalNavFun = (props) => {
|
|
33
|
+
const { windowNav, routerNav, name } = props;
|
|
34
|
+
const pathname = (0, import_navigation.usePathname)();
|
|
35
|
+
const [isPending, startTransition] = (0, import_react.useTransition)();
|
|
36
|
+
if (windowNav) {
|
|
37
|
+
getTernNavigationObject(name).fun = (to, opts) => {
|
|
38
|
+
return new Promise((res) => {
|
|
39
|
+
getTernNavigationObject(name).promisesBuffer ??= [];
|
|
40
|
+
getTernNavigationObject(name).promisesBuffer?.push(res);
|
|
41
|
+
startTransition(() => {
|
|
42
|
+
if (opts?.__internal_metadata?.navigationType === "internal") {
|
|
43
|
+
const state = (window.next?.version ?? "") < "14.1.0" ? history.state : null;
|
|
44
|
+
windowNav(state, "", to);
|
|
45
|
+
} else {
|
|
46
|
+
routerNav((0, import_removeBasePath.removeBasePath)(to));
|
|
47
|
+
}
|
|
48
|
+
});
|
|
49
|
+
});
|
|
50
|
+
};
|
|
51
|
+
}
|
|
52
|
+
const flushPromises = () => {
|
|
53
|
+
getTernNavigationObject(name).promisesBuffer?.forEach((resolve) => resolve());
|
|
54
|
+
getTernNavigationObject(name).promisesBuffer = [];
|
|
55
|
+
};
|
|
56
|
+
(0, import_react.useEffect)(() => {
|
|
57
|
+
flushPromises();
|
|
58
|
+
return flushPromises;
|
|
59
|
+
}, []);
|
|
60
|
+
(0, import_react.useEffect)(() => {
|
|
61
|
+
if (!isPending) {
|
|
62
|
+
flushPromises();
|
|
63
|
+
}
|
|
64
|
+
}, [pathname, isPending]);
|
|
65
|
+
return (0, import_react.useCallback)((to, metadata) => {
|
|
66
|
+
return getTernNavigationObject(name).fun(to, metadata);
|
|
67
|
+
}, []);
|
|
68
|
+
};
|
|
69
|
+
// Annotate the CommonJS export names for ESM import in node:
|
|
70
|
+
0 && (module.exports = {
|
|
71
|
+
useInternalNavFun
|
|
72
|
+
});
|
|
73
|
+
//# sourceMappingURL=useInternalNavFun.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/client/useInternalNavFun.ts"],"sourcesContent":["import type { AppRouterInstance } from 'next/dist/shared/lib/app-router-context.shared-runtime';\nimport { usePathname } from 'next/navigation';\nimport { useCallback, useEffect, useTransition } from 'react';\n\nimport { removeBasePath } from '../../utils/removeBasePath';\n\nconst getTernNavigationObject = (name: string) => {\n window.__tern_internal_navigations ??= {};\n // @ts-ignore\n window.__tern_internal_navigations[name] ??= {};\n return window.__tern_internal_navigations[name];\n};\n\nexport const useInternalNavFun = (props: {\n windowNav: typeof window.history.pushState | typeof window.history.replaceState | undefined;\n routerNav: AppRouterInstance['push'] | AppRouterInstance['replace'];\n name: string;\n}): NavigationFunction => {\n const { windowNav, routerNav, name } = props;\n const pathname = usePathname();\n const [isPending, startTransition] = useTransition();\n\n if (windowNav) {\n getTernNavigationObject(name).fun = (to, opts) => {\n return new Promise<void>(res => {\n // We need to use window to store the reference to the buffer,\n // as TernSecureProvider might be unmounted and remounted during navigations\n // If we use a ref, it will be reset when TernSecureProvider is unmounted\n getTernNavigationObject(name).promisesBuffer ??= [];\n getTernNavigationObject(name).promisesBuffer?.push(res);\n startTransition(() => {\n // If the navigation is internal, we should use the history API to navigate\n // as this is the way to perform a shallow navigation in Next.js App Router\n // without unmounting/remounting the page or fetching data from the server.\n if (opts?.__internal_metadata?.navigationType === 'internal') {\n // In 14.1.0, useSearchParams becomes reactive to shallow updates,\n // but only if passing `null` as the history state.\n // Older versions need to maintain the history state for push/replace to work,\n // without affecting how the Next router works.\n const state = ((window as any).next?.version ?? '') < '14.1.0' ? history.state : null;\n windowNav(state, '', to);\n } else {\n // If the navigation is external (usually when navigating away from the component but still within the app),\n // we should use the Next.js router to navigate as it will handle updating the URL and also\n // fetching the new page if necessary.\n routerNav(removeBasePath(to));\n }\n });\n });\n };\n }\n\n const flushPromises = () => {\n getTernNavigationObject(name).promisesBuffer?.forEach(resolve => resolve());\n getTernNavigationObject(name).promisesBuffer = [];\n };\n\n // Flush any pending promises on mount/unmount\n useEffect(() => {\n flushPromises();\n return flushPromises;\n }, []);\n\n // Handle flushing the promise buffer when a navigation happens\n useEffect(() => {\n if (!isPending) {\n flushPromises();\n }\n }, [pathname, isPending]);\n\n return useCallback<NavigationFunction>((to, metadata) => {\n return getTernNavigationObject(name).fun(to, metadata);\n // We are not expecting name to change\n // eslint-disable-next-line react-hooks/exhaustive-deps\n }, []);\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AACA,wBAA4B;AAC5B,mBAAsD;AAEtD,4BAA+B;AAE/B,MAAM,0BAA0B,CAAC,SAAiB;AAChD,SAAO,gCAAgC,CAAC;AAExC,SAAO,4BAA4B,IAAI,MAAM,CAAC;AAC9C,SAAO,OAAO,4BAA4B,IAAI;AAChD;AAEO,MAAM,oBAAoB,CAAC,UAIR;AACxB,QAAM,EAAE,WAAW,WAAW,KAAK,IAAI;AACvC,QAAM,eAAW,+BAAY;AAC7B,QAAM,CAAC,WAAW,eAAe,QAAI,4BAAc;AAEnD,MAAI,WAAW;AACb,4BAAwB,IAAI,EAAE,MAAM,CAAC,IAAI,SAAS;AAChD,aAAO,IAAI,QAAc,SAAO;AAI9B,gCAAwB,IAAI,EAAE,mBAAmB,CAAC;AAClD,gCAAwB,IAAI,EAAE,gBAAgB,KAAK,GAAG;AACtD,wBAAgB,MAAM;AAIpB,cAAI,MAAM,qBAAqB,mBAAmB,YAAY;AAK5D,kBAAM,SAAU,OAAe,MAAM,WAAW,MAAM,WAAW,QAAQ,QAAQ;AACjF,sBAAU,OAAO,IAAI,EAAE;AAAA,UACzB,OAAO;AAIL,0BAAU,sCAAe,EAAE,CAAC;AAAA,UAC9B;AAAA,QACF,CAAC;AAAA,MACH,CAAC;AAAA,IACH;AAAA,EACF;AAEA,QAAM,gBAAgB,MAAM;AAC1B,4BAAwB,IAAI,EAAE,gBAAgB,QAAQ,aAAW,QAAQ,CAAC;AAC1E,4BAAwB,IAAI,EAAE,iBAAiB,CAAC;AAAA,EAClD;AAGA,8BAAU,MAAM;AACd,kBAAc;AACd,WAAO;AAAA,EACT,GAAG,CAAC,CAAC;AAGL,8BAAU,MAAM;AACd,QAAI,CAAC,WAAW;AACd,oBAAc;AAAA,IAChB;AAAA,EACF,GAAG,CAAC,UAAU,SAAS,CAAC;AAExB,aAAO,0BAAgC,CAAC,IAAI,aAAa;AACvD,WAAO,wBAAwB,IAAI,EAAE,IAAI,IAAI,QAAQ;AAAA,EAGvD,GAAG,CAAC,CAAC;AACP;","names":[]}
|
|
@@ -27,7 +27,6 @@ var import_constant = require("../../server/constant");
|
|
|
27
27
|
var import_getAuthDataFromRequest = require("../../server/data/getAuthDataFromRequest");
|
|
28
28
|
var import_headers_utils = require("../../server/headers-utils");
|
|
29
29
|
var import_protect = require("../../server/protect");
|
|
30
|
-
var import_redirect = require("../../server/redirect");
|
|
31
30
|
var import_utils = require("./utils");
|
|
32
31
|
const createAuthObject = () => {
|
|
33
32
|
return async (req) => {
|
|
@@ -43,7 +42,7 @@ const auth = async () => {
|
|
|
43
42
|
const { returnBackUrl } = args[0] || {};
|
|
44
43
|
const ternSecureRequest = (0, import_backend.createTernSecureRequest)(request);
|
|
45
44
|
return [
|
|
46
|
-
(0,
|
|
45
|
+
(0, import_backend.createRedirect)({
|
|
47
46
|
redirectAdapter: import_navigation.redirect,
|
|
48
47
|
baseUrl: ternSecureRequest.ternUrl.toString(),
|
|
49
48
|
signInUrl: import_constant.SIGN_IN_URL,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/app-router/server/auth.ts"],"sourcesContent":["import type { AuthObject } from '@tern-secure/backend';\r\nimport { createTernSecureRequest } from '@tern-secure/backend';\r\nimport { notFound, redirect } from 'next/navigation';\r\n\r\nimport { SIGN_IN_URL, SIGN_UP_URL } from '../../server/constant';\r\nimport { getAuthDataFromRequest } from '../../server/data/getAuthDataFromRequest';\r\nimport { getAuthKeyFromRequest } from '../../server/headers-utils';\r\nimport { type AuthProtect, createProtect } from '../../server/protect';\r\nimport
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/server/auth.ts"],"sourcesContent":["import type { AuthObject, RedirectFun } from '@tern-secure/backend';\r\nimport { createRedirect, createTernSecureRequest } from '@tern-secure/backend';\r\nimport { notFound, redirect } from 'next/navigation';\r\n\r\nimport { SIGN_IN_URL, SIGN_UP_URL } from '../../server/constant';\r\nimport { getAuthDataFromRequest } from '../../server/data/getAuthDataFromRequest';\r\nimport { getAuthKeyFromRequest } from '../../server/headers-utils';\r\nimport { type AuthProtect, createProtect } from '../../server/protect';\r\nimport type { BaseUser, RequestLike } from '../../server/types';\r\nimport { buildRequestLike } from './utils';\r\n\r\nexport interface AuthResult {\r\n user: BaseUser | null;\r\n error: Error | null;\r\n}\r\n\r\n/**\r\n * `Auth` object of the currently active user and the `redirectToSignIn()` method.\r\n */\r\ntype Auth = AuthObject & {\r\n redirectToSignIn: RedirectFun<ReturnType<typeof redirect>>;\r\n redirectToSignUp: RedirectFun<ReturnType<typeof redirect>>;\r\n};\r\n\r\nexport interface AuthFn {\r\n (): Promise<Auth>;\r\n\r\n protect: AuthProtect;\r\n}\r\n\r\nconst createAuthObject = () => {\r\n return async (req: RequestLike) => {\r\n return getAuthDataFromRequest(req);\r\n };\r\n};\r\n\r\n/**\r\n * Get the current authenticated user from the session or token\r\n */\r\nexport const auth: AuthFn = async () => {\r\n // eslint-disable-next-line @typescript-eslint/no-require-imports\r\n require('server-only');\r\n\r\n const request = await buildRequestLike();\r\n\r\n const authObject = await createAuthObject()(request);\r\n\r\n const ternUrl = getAuthKeyFromRequest(request, 'TernSecureUrl');\r\n\r\n const createRedirectForRequest = (...args: Parameters<RedirectFun<never>>) => {\r\n const { returnBackUrl } = args[0] || {};\r\n const ternSecureRequest = createTernSecureRequest(request);\r\n\r\n return [\r\n createRedirect({\r\n redirectAdapter: redirect,\r\n baseUrl: ternSecureRequest.ternUrl.toString(),\r\n signInUrl: SIGN_IN_URL,\r\n signUpUrl: SIGN_UP_URL,\r\n }),\r\n returnBackUrl === null ? '' : returnBackUrl || ternUrl?.toString(),\r\n ] as const;\r\n };\r\n\r\n const redirectToSignIn: RedirectFun<never> = (opts = {}) => {\r\n const [r, returnBackUrl] = createRedirectForRequest(opts);\r\n return r.redirectToSignIn({\r\n returnBackUrl,\r\n });\r\n };\r\n\r\n const redirectToSignUp: RedirectFun<never> = (opts = {}) => {\r\n const [r, returnBackUrl] = createRedirectForRequest(opts);\r\n return r.redirectToSignUp({\r\n returnBackUrl,\r\n });\r\n };\r\n\r\n return Object.assign(authObject, { redirectToSignIn, redirectToSignUp });\r\n};\r\n\r\nauth.protect = async (...args: any[]) => {\r\n // eslint-disable-next-line @typescript-eslint/no-require-imports\r\n require('server-only');\r\n\r\n const request = await buildRequestLike();\r\n const authObject = await auth();\r\n\r\n const protect = createProtect({\r\n request,\r\n authObject,\r\n redirectToSignIn: authObject.redirectToSignIn,\r\n notFound,\r\n redirect,\r\n });\r\n\r\n return protect(...args);\r\n};\r\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AACA,qBAAwD;AACxD,wBAAmC;AAEnC,sBAAyC;AACzC,oCAAuC;AACvC,2BAAsC;AACtC,qBAAgD;AAEhD,mBAAiC;AAqBjC,MAAM,mBAAmB,MAAM;AAC7B,SAAO,OAAO,QAAqB;AACjC,eAAO,sDAAuB,GAAG;AAAA,EACnC;AACF;AAKO,MAAM,OAAe,YAAY;AAEtC,UAAQ,aAAa;AAErB,QAAM,UAAU,UAAM,+BAAiB;AAEvC,QAAM,aAAa,MAAM,iBAAiB,EAAE,OAAO;AAEnD,QAAM,cAAU,4CAAsB,SAAS,eAAe;AAE9D,QAAM,2BAA2B,IAAI,SAAyC;AAC5E,UAAM,EAAE,cAAc,IAAI,KAAK,CAAC,KAAK,CAAC;AACtC,UAAM,wBAAoB,wCAAwB,OAAO;AAEzD,WAAO;AAAA,UACL,+BAAe;AAAA,QACb,iBAAiB;AAAA,QACjB,SAAS,kBAAkB,QAAQ,SAAS;AAAA,QAC5C,WAAW;AAAA,QACX,WAAW;AAAA,MACb,CAAC;AAAA,MACD,kBAAkB,OAAO,KAAK,iBAAiB,SAAS,SAAS;AAAA,IACnE;AAAA,EACF;AAEA,QAAM,mBAAuC,CAAC,OAAO,CAAC,MAAM;AAC1D,UAAM,CAAC,GAAG,aAAa,IAAI,yBAAyB,IAAI;AACxD,WAAO,EAAE,iBAAiB;AAAA,MACxB;AAAA,IACF,CAAC;AAAA,EACH;AAEA,QAAM,mBAAuC,CAAC,OAAO,CAAC,MAAM;AAC1D,UAAM,CAAC,GAAG,aAAa,IAAI,yBAAyB,IAAI;AACxD,WAAO,EAAE,iBAAiB;AAAA,MACxB;AAAA,IACF,CAAC;AAAA,EACH;AAEA,SAAO,OAAO,OAAO,YAAY,EAAE,kBAAkB,iBAAiB,CAAC;AACzE;AAEA,KAAK,UAAU,UAAU,SAAgB;AAEvC,UAAQ,aAAa;AAErB,QAAM,UAAU,UAAM,+BAAiB;AACvC,QAAM,aAAa,MAAM,KAAK;AAE9B,QAAM,cAAU,8BAAc;AAAA,IAC5B;AAAA,IACA;AAAA,IACA,kBAAkB,WAAW;AAAA,IAC7B;AAAA,IACA;AAAA,EACF,CAAC;AAED,SAAO,QAAQ,GAAG,IAAI;AACxB;","names":[]}
|
package/dist/cjs/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/index.ts"],"sourcesContent":["export { TernSecureProvider } from './app-router/server/TernSecureProvider'
|
|
1
|
+
{"version":3,"sources":["../../src/index.ts"],"sourcesContent":["export { TernSecureProvider } from './app-router/server/TernSecureProvider';\r\nexport {\r\n useAuth,\r\n useIdToken,\r\n useSession,\r\n useSignIn,\r\n signIn,\r\n useSignInContext,\r\n useTernSecure,\r\n SignInProvider,\r\n //SignIn,\r\n //SignOut,\r\n //SignOutButton,\r\n //SignUp,\r\n} from './boundary/components';\r\n\r\nexport type {\r\n TernSecureUser,\r\n TernSecureUserData,\r\n SignInResponse,\r\n SocialProviderOptions,\r\n} from '@tern-secure/types';\r\n\r\nexport type { UserInfo, SessionResult } from './types';\r\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,gCAAmC;AACnC,wBAaO;","names":[]}
|
|
@@ -27,7 +27,6 @@ var import_admin = require("@tern-secure/backend/admin");
|
|
|
27
27
|
var import_server = require("next/server");
|
|
28
28
|
var import_constant = require("../constant");
|
|
29
29
|
var import_nextErrors = require("../nextErrors");
|
|
30
|
-
var import_redirect = require("../redirect");
|
|
31
30
|
const createRouteMatcher = (patterns) => {
|
|
32
31
|
return (request) => {
|
|
33
32
|
const { pathname } = request.nextUrl;
|
|
@@ -154,7 +153,7 @@ const handleControlError = (error, ternSecureRequest, nextrequest) => {
|
|
|
154
153
|
}
|
|
155
154
|
if ((0, import_nextErrors.isRedirectToSignInError)(error)) {
|
|
156
155
|
const redirectAdapter = (url) => import_server.NextResponse.redirect(new URL(url, nextrequest.url));
|
|
157
|
-
const { redirectToSignIn } = (0,
|
|
156
|
+
const { redirectToSignIn } = (0, import_backend.createRedirect)({
|
|
158
157
|
redirectAdapter,
|
|
159
158
|
baseUrl: ternSecureRequest.ternUrl.origin,
|
|
160
159
|
signInUrl: import_constant.SIGN_IN_URL,
|
|
@@ -164,7 +163,7 @@ const handleControlError = (error, ternSecureRequest, nextrequest) => {
|
|
|
164
163
|
}
|
|
165
164
|
if ((0, import_nextErrors.isRedirectToSignUpError)(error)) {
|
|
166
165
|
const redirectAdapter = (url) => import_server.NextResponse.redirect(new URL(url, nextrequest.url));
|
|
167
|
-
const { redirectToSignUp } = (0,
|
|
166
|
+
const { redirectToSignUp } = (0, import_backend.createRedirect)({
|
|
168
167
|
redirectAdapter,
|
|
169
168
|
baseUrl: ternSecureRequest.ternUrl.origin,
|
|
170
169
|
signInUrl: import_constant.SIGN_IN_URL,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/server/node/ternSecureNodeMiddleware.ts"],"sourcesContent":["import {createTernSecureRequest, type TernSecureRequest } from \"@tern-secure/backend\";\nimport {\n createBackendInstance,\n} from \"@tern-secure/backend/admin\";\nimport type { NextMiddleware,NextRequest } from \"next/server\";\nimport {NextResponse } from \"next/server\";\n\nimport { SIGN_IN_URL, SIGN_UP_URL } from \"../constant\";\nimport {\n isNextjsNotFoundError,\n isRedirectToSignInError,\n isRedirectToSignUpError,\n redirectToSignInError,\n redirectToSignUpError,\n} from \"../nextErrors\";\nimport { createRedirect } from \"../redirect\";\nimport type { BaseUser ,\n NextMiddlewareEvtParam,\n NextMiddlewareRequestParam,\n NextMiddlewareReturn,\n} from \"../types\";\n\ntype RedirectToParams = { returnBackUrl?: string | URL | null };\nexport type RedirectFun<ReturnType> = (params?: RedirectToParams) => ReturnType;\n\nexport type AuthObject = {\n user: BaseUser | null;\n session: string | null;\n};\n\nexport interface MiddlewareAuth extends AuthObject {\n (): Promise<MiddlewareAuthObject>;\n protect: () => Promise<void>;\n}\n\ntype MiddlewareHandler = (\n auth: MiddlewareAuth,\n request: NextMiddlewareRequestParam,\n event: NextMiddlewareEvtParam\n) => NextMiddlewareReturn;\n\nexport type MiddlewareAuthObject = AuthObject & {\n redirectToSignIn: RedirectFun<Response>;\n redirectToSignUp: RedirectFun<Response>;\n};\n\n/**\n * Create a route matcher function for public paths\n */\nexport const createRouteMatcher = (patterns: string[]) => {\n return (request: NextRequest): boolean => {\n const { pathname } = request.nextUrl;\n return patterns.some((pattern) => {\n const regexPattern = pattern\n .replace(/[.*+?^${}()|[\\]\\\\]/g, \"\\\\$&\")\n .replace(/\\\\\\*/g, \".*\");\n\n return new RegExp(`^${regexPattern}$`).test(pathname);\n });\n };\n};\n\nconst authenticateMiddlewareRequest = async (\n request: NextRequest\n): Promise<AuthObject> => {\n try {\n const requestState = await createBackendInstance(request);\n const authResult = requestState.requestState.auth();\n\n return {\n user: {\n uid: authResult.session.uid,\n email: authResult.session.email || null,\n tenantId: authResult.session.firebase?.tenant || \"default\",\n authTime: authResult.session.auth_time,\n },\n session: requestState.requestState.token,\n };\n } catch (error) {\n console.error(\n \"Auth check error:\",\n error instanceof Error ? error.message : \"Unknown error\"\n );\n return {\n user: null,\n session: null,\n };\n }\n};\n\nexport interface MiddlewareOptions {\n signInUrl?: string;\n signUpUrl?: string;\n debug?: boolean;\n}\ntype MiddlewareOptionsCallback = (\n req: NextRequest\n) => MiddlewareOptions | Promise<MiddlewareOptions>;\n\ninterface TernSecureMiddleware {\n /**\n * @example\n * export default ternSecureMiddleware((auth, request, event) => { ... }, options);\n */\n (handler: MiddlewareHandler, options?: MiddlewareOptions): NextMiddleware;\n\n /**\n * @example\n * export default ternSecureMiddleware((auth, request, event) => { ... }, (req) => options);\n */\n (\n handler: MiddlewareHandler,\n options?: MiddlewareOptionsCallback\n ): NextMiddleware;\n\n /**\n * @example\n * export default ternSecureMiddleware(options);\n */\n (options?: MiddlewareOptions): NextMiddleware;\n /**\n * @example\n * export default ternSecureMiddleware;\n */\n (\n request: NextMiddlewareRequestParam,\n event: NextMiddlewareEvtParam\n ): NextMiddlewareReturn;\n}\n\nexport const ternSecureMiddleware = ((\n ...args: unknown[]\n): NextMiddleware | NextMiddlewareReturn => {\n const [request, event] = parseRequestAndEvent(args);\n const [handler, params] = parseHandlerAndOptions(args);\n\n const middleware = () => {\n const withAuthNextMiddleware: NextMiddleware = async (request, event) => {\n const resolvedParams =\n typeof params === \"function\" ? await params(request) : params;\n\n const signInUrl = resolvedParams.signInUrl || SIGN_IN_URL;\n const signUpUrl = resolvedParams.signUpUrl || SIGN_UP_URL;\n\n let handlerResult: Response = NextResponse.next();\n\n if (handler) {\n const createAuthHandler = async (): Promise<MiddlewareAuth> => {\n const authObject = await authenticateMiddlewareRequest(request);\n\n const getAuth = async (): Promise<MiddlewareAuthObject> => {\n const ternSecureRequest = createTernSecureRequest(request);\n const { redirectToSignIn, redirectToSignUp } =\n createMiddlewareRedirects(\n ternSecureRequest,\n signInUrl,\n signUpUrl\n );\n\n return {\n ...authObject,\n redirectToSignIn,\n redirectToSignUp,\n };\n };\n\n const protect = async (): Promise<void> => {\n if (!authObject.user || !authObject.session) {\n const redirectUrl = new URL(signInUrl || \"/sign-in\", request.url);\n redirectUrl.searchParams.set(\n \"redirect\",\n request.nextUrl.pathname\n );\n redirectToSignInError(redirectUrl.toString());\n }\n };\n\n // Return the MiddlewareAuth object with direct property access\n const authHandler = Object.assign(getAuth, {\n protect,\n user: authObject.user,\n session: authObject.session,\n });\n\n return authHandler as MiddlewareAuth;\n };\n\n try {\n const auth = await createAuthHandler();\n const userHandlerResult = await handler(auth, request, event);\n handlerResult = userHandlerResult || handlerResult;\n } catch (error) {\n const ternSecureRequest = createTernSecureRequest(request);\n handlerResult = handleControlError(error, ternSecureRequest, request);\n }\n\n return handlerResult;\n }\n\n return handlerResult;\n };\n\n const nextMiddleware: NextMiddleware = async (request, event) => {\n return withAuthNextMiddleware(request, event);\n };\n\n if (request && event) {\n return nextMiddleware(request, event);\n }\n\n return nextMiddleware;\n };\n return middleware();\n}) as TernSecureMiddleware;\n\nconst parseRequestAndEvent = (args: unknown[]) => {\n return [\n args[0] instanceof Request ? args[0] : undefined,\n args[0] instanceof Request ? args[1] : undefined,\n ] as [\n NextMiddlewareRequestParam | undefined,\n NextMiddlewareEvtParam | undefined,\n ];\n};\n\nconst parseHandlerAndOptions = (args: unknown[]) => {\n return [\n typeof args[0] === \"function\" ? args[0] : undefined,\n (args.length === 2\n ? args[1]\n : typeof args[0] === \"function\"\n ? {}\n : args[0]) || {},\n ] as [\n MiddlewareHandler | undefined,\n MiddlewareOptions | MiddlewareOptionsCallback,\n ];\n};\n\n/**\n * Create middleware redirect functions\n */\nconst createMiddlewareRedirects = (\n ternSecureRequest: TernSecureRequest,\n signInUrl: string,\n signUpUrl: string\n) => {\n const redirectToSignIn: MiddlewareAuthObject[\"redirectToSignIn\"] = (\n opts = {}\n ) => {\n const url = signInUrl || ternSecureRequest.ternUrl.toString();\n redirectToSignInError(url, opts.returnBackUrl);\n };\n\n const redirectToSignUp: MiddlewareAuthObject[\"redirectToSignUp\"] = (\n opts = {}\n ) => {\n const url = signUpUrl || ternSecureRequest.ternUrl.toString();\n redirectToSignUpError(url, opts.returnBackUrl);\n };\n\n return { redirectToSignIn, redirectToSignUp };\n};\n\n/**\n * Handle control flow errors in middleware\n */\nconst handleControlError = (\n error: any,\n ternSecureRequest: TernSecureRequest,\n nextrequest: NextRequest\n): Response => {\n if (isNextjsNotFoundError(error)) {\n return NextResponse.rewrite(new URL(\"/404\", nextrequest.url));\n }\n\n // Handle redirect to sign in errors\n if (isRedirectToSignInError(error)) {\n const redirectAdapter = (url: string) =>\n NextResponse.redirect(new URL(url, nextrequest.url));\n const { redirectToSignIn } = createRedirect({\n redirectAdapter,\n baseUrl: ternSecureRequest.ternUrl.origin,\n signInUrl: SIGN_IN_URL,\n signUpUrl: SIGN_UP_URL,\n });\n\n return redirectToSignIn({ returnBackUrl: error.returnBackUrl });\n }\n\n // Handle redirect to sign up errors\n if (isRedirectToSignUpError(error)) {\n const redirectAdapter = (url: string) =>\n NextResponse.redirect(new URL(url, nextrequest.url));\n const { redirectToSignUp } = createRedirect({\n redirectAdapter,\n baseUrl: ternSecureRequest.ternUrl.origin,\n signInUrl: SIGN_IN_URL,\n signUpUrl: SIGN_UP_URL,\n });\n\n return redirectToSignUp({ returnBackUrl: error.returnBackUrl });\n }\n\n throw error;\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,qBAAgE;AAChE,mBAEO;AAEP,oBAA4B;AAE5B,sBAAyC;AACzC,wBAMO;AACP,sBAA+B;AAkCxB,MAAM,qBAAqB,CAAC,aAAuB;AACxD,SAAO,CAAC,YAAkC;AACxC,UAAM,EAAE,SAAS,IAAI,QAAQ;AAC7B,WAAO,SAAS,KAAK,CAAC,YAAY;AAChC,YAAM,eAAe,QAClB,QAAQ,uBAAuB,MAAM,EACrC,QAAQ,SAAS,IAAI;AAExB,aAAO,IAAI,OAAO,IAAI,YAAY,GAAG,EAAE,KAAK,QAAQ;AAAA,IACtD,CAAC;AAAA,EACH;AACF;AAEA,MAAM,gCAAgC,OACpC,YACwB;AACxB,MAAI;AACF,UAAM,eAAe,UAAM,oCAAsB,OAAO;AACxD,UAAM,aAAa,aAAa,aAAa,KAAK;AAElD,WAAO;AAAA,MACL,MAAM;AAAA,QACJ,KAAK,WAAW,QAAQ;AAAA,QACxB,OAAO,WAAW,QAAQ,SAAS;AAAA,QACnC,UAAU,WAAW,QAAQ,UAAU,UAAU;AAAA,QACjD,UAAU,WAAW,QAAQ;AAAA,MAC/B;AAAA,MACA,SAAS,aAAa,aAAa;AAAA,IACrC;AAAA,EACF,SAAS,OAAO;AACd,YAAQ;AAAA,MACN;AAAA,MACA,iBAAiB,QAAQ,MAAM,UAAU;AAAA,IAC3C;AACA,WAAO;AAAA,MACL,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,EACF;AACF;AA0CO,MAAM,uBAAwB,IAChC,SACuC;AAC1C,QAAM,CAAC,SAAS,KAAK,IAAI,qBAAqB,IAAI;AAClD,QAAM,CAAC,SAAS,MAAM,IAAI,uBAAuB,IAAI;AAErD,QAAM,aAAa,MAAM;AACvB,UAAM,yBAAyC,OAAOA,UAASC,WAAU;AACvE,YAAM,iBACJ,OAAO,WAAW,aAAa,MAAM,OAAOD,QAAO,IAAI;AAEzD,YAAM,YAAY,eAAe,aAAa;AAC9C,YAAM,YAAY,eAAe,aAAa;AAE9C,UAAI,gBAA0B,2BAAa,KAAK;AAEhD,UAAI,SAAS;AACX,cAAM,oBAAoB,YAAqC;AAC7D,gBAAM,aAAa,MAAM,8BAA8BA,QAAO;AAE9D,gBAAM,UAAU,YAA2C;AACzD,kBAAM,wBAAoB,wCAAwBA,QAAO;AACzD,kBAAM,EAAE,kBAAkB,iBAAiB,IACzC;AAAA,cACE;AAAA,cACA;AAAA,cACA;AAAA,YACF;AAEF,mBAAO;AAAA,cACL,GAAG;AAAA,cACH;AAAA,cACA;AAAA,YACF;AAAA,UACF;AAEA,gBAAM,UAAU,YAA2B;AACzC,gBAAI,CAAC,WAAW,QAAQ,CAAC,WAAW,SAAS;AAC3C,oBAAM,cAAc,IAAI,IAAI,aAAa,YAAYA,SAAQ,GAAG;AAChE,0BAAY,aAAa;AAAA,gBACvB;AAAA,gBACAA,SAAQ,QAAQ;AAAA,cAClB;AACA,2DAAsB,YAAY,SAAS,CAAC;AAAA,YAC9C;AAAA,UACF;AAGA,gBAAM,cAAc,OAAO,OAAO,SAAS;AAAA,YACzC;AAAA,YACA,MAAM,WAAW;AAAA,YACjB,SAAS,WAAW;AAAA,UACtB,CAAC;AAED,iBAAO;AAAA,QACT;AAEA,YAAI;AACF,gBAAM,OAAO,MAAM,kBAAkB;AACrC,gBAAM,oBAAoB,MAAM,QAAQ,MAAMA,UAASC,MAAK;AAC5D,0BAAgB,qBAAqB;AAAA,QACvC,SAAS,OAAO;AACd,gBAAM,wBAAoB,wCAAwBD,QAAO;AACzD,0BAAgB,mBAAmB,OAAO,mBAAmBA,QAAO;AAAA,QACtE;AAEA,eAAO;AAAA,MACT;AAEA,aAAO;AAAA,IACT;AAEA,UAAM,iBAAiC,OAAOA,UAASC,WAAU;AAC/D,aAAO,uBAAuBD,UAASC,MAAK;AAAA,IAC9C;AAEA,QAAI,WAAW,OAAO;AACpB,aAAO,eAAe,SAAS,KAAK;AAAA,IACtC;AAEA,WAAO;AAAA,EACT;AACA,SAAO,WAAW;AACpB;AAEA,MAAM,uBAAuB,CAAC,SAAoB;AAChD,SAAO;AAAA,IACL,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,IACvC,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,EACzC;AAIF;AAEA,MAAM,yBAAyB,CAAC,SAAoB;AAClD,SAAO;AAAA,IACL,OAAO,KAAK,CAAC,MAAM,aAAa,KAAK,CAAC,IAAI;AAAA,KACzC,KAAK,WAAW,IACb,KAAK,CAAC,IACN,OAAO,KAAK,CAAC,MAAM,aACjB,CAAC,IACD,KAAK,CAAC,MAAM,CAAC;AAAA,EACrB;AAIF;AAKA,MAAM,4BAA4B,CAChC,mBACA,WACA,cACG;AACH,QAAM,mBAA6D,CACjE,OAAO,CAAC,MACL;AACH,UAAM,MAAM,aAAa,kBAAkB,QAAQ,SAAS;AAC5D,iDAAsB,KAAK,KAAK,aAAa;AAAA,EAC/C;AAEA,QAAM,mBAA6D,CACjE,OAAO,CAAC,MACL;AACH,UAAM,MAAM,aAAa,kBAAkB,QAAQ,SAAS;AAC5D,iDAAsB,KAAK,KAAK,aAAa;AAAA,EAC/C;AAEA,SAAO,EAAE,kBAAkB,iBAAiB;AAC9C;AAKA,MAAM,qBAAqB,CACzB,OACA,mBACA,gBACa;AACb,UAAI,yCAAsB,KAAK,GAAG;AAChC,WAAO,2BAAa,QAAQ,IAAI,IAAI,QAAQ,YAAY,GAAG,CAAC;AAAA,EAC9D;AAGA,UAAI,2CAAwB,KAAK,GAAG;AAClC,UAAM,kBAAkB,CAAC,QACvB,2BAAa,SAAS,IAAI,IAAI,KAAK,YAAY,GAAG,CAAC;AACrD,UAAM,EAAE,iBAAiB,QAAI,gCAAe;AAAA,MAC1C;AAAA,MACA,SAAS,kBAAkB,QAAQ;AAAA,MACnC,WAAW;AAAA,MACX,WAAW;AAAA,IACb,CAAC;AAED,WAAO,iBAAiB,EAAE,eAAe,MAAM,cAAc,CAAC;AAAA,EAChE;AAGA,UAAI,2CAAwB,KAAK,GAAG;AAClC,UAAM,kBAAkB,CAAC,QACvB,2BAAa,SAAS,IAAI,IAAI,KAAK,YAAY,GAAG,CAAC;AACrD,UAAM,EAAE,iBAAiB,QAAI,gCAAe;AAAA,MAC1C;AAAA,MACA,SAAS,kBAAkB,QAAQ;AAAA,MACnC,WAAW;AAAA,MACX,WAAW;AAAA,IACb,CAAC;AAED,WAAO,iBAAiB,EAAE,eAAe,MAAM,cAAc,CAAC;AAAA,EAChE;AAEA,QAAM;AACR;","names":["request","event"]}
|
|
1
|
+
{"version":3,"sources":["../../../../src/server/node/ternSecureNodeMiddleware.ts"],"sourcesContent":["import {createRedirect, createTernSecureRequest, type TernSecureRequest } from \"@tern-secure/backend\";\nimport {\n createBackendInstance,\n} from \"@tern-secure/backend/admin\";\nimport type { NextMiddleware,NextRequest } from \"next/server\";\nimport {NextResponse } from \"next/server\";\n\nimport { SIGN_IN_URL, SIGN_UP_URL } from \"../constant\";\nimport {\n isNextjsNotFoundError,\n isRedirectToSignInError,\n isRedirectToSignUpError,\n redirectToSignInError,\n redirectToSignUpError,\n} from \"../nextErrors\";\nimport type { BaseUser ,\n NextMiddlewareEvtParam,\n NextMiddlewareRequestParam,\n NextMiddlewareReturn,\n} from \"../types\";\n\ntype RedirectToParams = { returnBackUrl?: string | URL | null };\nexport type RedirectFun<ReturnType> = (params?: RedirectToParams) => ReturnType;\n\nexport type AuthObject = {\n user: BaseUser | null;\n session: string | null;\n};\n\nexport interface MiddlewareAuth extends AuthObject {\n (): Promise<MiddlewareAuthObject>;\n protect: () => Promise<void>;\n}\n\ntype MiddlewareHandler = (\n auth: MiddlewareAuth,\n request: NextMiddlewareRequestParam,\n event: NextMiddlewareEvtParam\n) => NextMiddlewareReturn;\n\nexport type MiddlewareAuthObject = AuthObject & {\n redirectToSignIn: RedirectFun<Response>;\n redirectToSignUp: RedirectFun<Response>;\n};\n\n/**\n * Create a route matcher function for public paths\n */\nexport const createRouteMatcher = (patterns: string[]) => {\n return (request: NextRequest): boolean => {\n const { pathname } = request.nextUrl;\n return patterns.some((pattern) => {\n const regexPattern = pattern\n .replace(/[.*+?^${}()|[\\]\\\\]/g, \"\\\\$&\")\n .replace(/\\\\\\*/g, \".*\");\n\n return new RegExp(`^${regexPattern}$`).test(pathname);\n });\n };\n};\n\nconst authenticateMiddlewareRequest = async (\n request: NextRequest\n): Promise<AuthObject> => {\n try {\n const requestState = await createBackendInstance(request);\n const authResult = requestState.requestState.auth();\n\n return {\n user: {\n uid: authResult.session.uid,\n email: authResult.session.email || null,\n tenantId: authResult.session.firebase?.tenant || \"default\",\n authTime: authResult.session.auth_time,\n },\n session: requestState.requestState.token,\n };\n } catch (error) {\n console.error(\n \"Auth check error:\",\n error instanceof Error ? error.message : \"Unknown error\"\n );\n return {\n user: null,\n session: null,\n };\n }\n};\n\nexport interface MiddlewareOptions {\n signInUrl?: string;\n signUpUrl?: string;\n debug?: boolean;\n}\ntype MiddlewareOptionsCallback = (\n req: NextRequest\n) => MiddlewareOptions | Promise<MiddlewareOptions>;\n\ninterface TernSecureMiddleware {\n /**\n * @example\n * export default ternSecureMiddleware((auth, request, event) => { ... }, options);\n */\n (handler: MiddlewareHandler, options?: MiddlewareOptions): NextMiddleware;\n\n /**\n * @example\n * export default ternSecureMiddleware((auth, request, event) => { ... }, (req) => options);\n */\n (\n handler: MiddlewareHandler,\n options?: MiddlewareOptionsCallback\n ): NextMiddleware;\n\n /**\n * @example\n * export default ternSecureMiddleware(options);\n */\n (options?: MiddlewareOptions): NextMiddleware;\n /**\n * @example\n * export default ternSecureMiddleware;\n */\n (\n request: NextMiddlewareRequestParam,\n event: NextMiddlewareEvtParam\n ): NextMiddlewareReturn;\n}\n\nexport const ternSecureMiddleware = ((\n ...args: unknown[]\n): NextMiddleware | NextMiddlewareReturn => {\n const [request, event] = parseRequestAndEvent(args);\n const [handler, params] = parseHandlerAndOptions(args);\n\n const middleware = () => {\n const withAuthNextMiddleware: NextMiddleware = async (request, event) => {\n const resolvedParams =\n typeof params === \"function\" ? await params(request) : params;\n\n const signInUrl = resolvedParams.signInUrl || SIGN_IN_URL;\n const signUpUrl = resolvedParams.signUpUrl || SIGN_UP_URL;\n\n let handlerResult: Response = NextResponse.next();\n\n if (handler) {\n const createAuthHandler = async (): Promise<MiddlewareAuth> => {\n const authObject = await authenticateMiddlewareRequest(request);\n\n const getAuth = async (): Promise<MiddlewareAuthObject> => {\n const ternSecureRequest = createTernSecureRequest(request);\n const { redirectToSignIn, redirectToSignUp } =\n createMiddlewareRedirects(\n ternSecureRequest,\n signInUrl,\n signUpUrl\n );\n\n return {\n ...authObject,\n redirectToSignIn,\n redirectToSignUp,\n };\n };\n\n const protect = async (): Promise<void> => {\n if (!authObject.user || !authObject.session) {\n const redirectUrl = new URL(signInUrl || \"/sign-in\", request.url);\n redirectUrl.searchParams.set(\n \"redirect\",\n request.nextUrl.pathname\n );\n redirectToSignInError(redirectUrl.toString());\n }\n };\n\n // Return the MiddlewareAuth object with direct property access\n const authHandler = Object.assign(getAuth, {\n protect,\n user: authObject.user,\n session: authObject.session,\n });\n\n return authHandler as MiddlewareAuth;\n };\n\n try {\n const auth = await createAuthHandler();\n const userHandlerResult = await handler(auth, request, event);\n handlerResult = userHandlerResult || handlerResult;\n } catch (error) {\n const ternSecureRequest = createTernSecureRequest(request);\n handlerResult = handleControlError(error, ternSecureRequest, request);\n }\n\n return handlerResult;\n }\n\n return handlerResult;\n };\n\n const nextMiddleware: NextMiddleware = async (request, event) => {\n return withAuthNextMiddleware(request, event);\n };\n\n if (request && event) {\n return nextMiddleware(request, event);\n }\n\n return nextMiddleware;\n };\n return middleware();\n}) as TernSecureMiddleware;\n\nconst parseRequestAndEvent = (args: unknown[]) => {\n return [\n args[0] instanceof Request ? args[0] : undefined,\n args[0] instanceof Request ? args[1] : undefined,\n ] as [\n NextMiddlewareRequestParam | undefined,\n NextMiddlewareEvtParam | undefined,\n ];\n};\n\nconst parseHandlerAndOptions = (args: unknown[]) => {\n return [\n typeof args[0] === \"function\" ? args[0] : undefined,\n (args.length === 2\n ? args[1]\n : typeof args[0] === \"function\"\n ? {}\n : args[0]) || {},\n ] as [\n MiddlewareHandler | undefined,\n MiddlewareOptions | MiddlewareOptionsCallback,\n ];\n};\n\n/**\n * Create middleware redirect functions\n */\nconst createMiddlewareRedirects = (\n ternSecureRequest: TernSecureRequest,\n signInUrl: string,\n signUpUrl: string\n) => {\n const redirectToSignIn: MiddlewareAuthObject[\"redirectToSignIn\"] = (\n opts = {}\n ) => {\n const url = signInUrl || ternSecureRequest.ternUrl.toString();\n redirectToSignInError(url, opts.returnBackUrl);\n };\n\n const redirectToSignUp: MiddlewareAuthObject[\"redirectToSignUp\"] = (\n opts = {}\n ) => {\n const url = signUpUrl || ternSecureRequest.ternUrl.toString();\n redirectToSignUpError(url, opts.returnBackUrl);\n };\n\n return { redirectToSignIn, redirectToSignUp };\n};\n\n/**\n * Handle control flow errors in middleware\n */\nconst handleControlError = (\n error: any,\n ternSecureRequest: TernSecureRequest,\n nextrequest: NextRequest\n): Response => {\n if (isNextjsNotFoundError(error)) {\n return NextResponse.rewrite(new URL(\"/404\", nextrequest.url));\n }\n\n // Handle redirect to sign in errors\n if (isRedirectToSignInError(error)) {\n const redirectAdapter = (url: string) =>\n NextResponse.redirect(new URL(url, nextrequest.url));\n const { redirectToSignIn } = createRedirect({\n redirectAdapter,\n baseUrl: ternSecureRequest.ternUrl.origin,\n signInUrl: SIGN_IN_URL,\n signUpUrl: SIGN_UP_URL,\n });\n\n return redirectToSignIn({ returnBackUrl: error.returnBackUrl });\n }\n\n // Handle redirect to sign up errors\n if (isRedirectToSignUpError(error)) {\n const redirectAdapter = (url: string) =>\n NextResponse.redirect(new URL(url, nextrequest.url));\n const { redirectToSignUp } = createRedirect({\n redirectAdapter,\n baseUrl: ternSecureRequest.ternUrl.origin,\n signInUrl: SIGN_IN_URL,\n signUpUrl: SIGN_UP_URL,\n });\n\n return redirectToSignUp({ returnBackUrl: error.returnBackUrl });\n }\n\n throw error;\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,qBAAgF;AAChF,mBAEO;AAEP,oBAA4B;AAE5B,sBAAyC;AACzC,wBAMO;AAkCA,MAAM,qBAAqB,CAAC,aAAuB;AACxD,SAAO,CAAC,YAAkC;AACxC,UAAM,EAAE,SAAS,IAAI,QAAQ;AAC7B,WAAO,SAAS,KAAK,CAAC,YAAY;AAChC,YAAM,eAAe,QAClB,QAAQ,uBAAuB,MAAM,EACrC,QAAQ,SAAS,IAAI;AAExB,aAAO,IAAI,OAAO,IAAI,YAAY,GAAG,EAAE,KAAK,QAAQ;AAAA,IACtD,CAAC;AAAA,EACH;AACF;AAEA,MAAM,gCAAgC,OACpC,YACwB;AACxB,MAAI;AACF,UAAM,eAAe,UAAM,oCAAsB,OAAO;AACxD,UAAM,aAAa,aAAa,aAAa,KAAK;AAElD,WAAO;AAAA,MACL,MAAM;AAAA,QACJ,KAAK,WAAW,QAAQ;AAAA,QACxB,OAAO,WAAW,QAAQ,SAAS;AAAA,QACnC,UAAU,WAAW,QAAQ,UAAU,UAAU;AAAA,QACjD,UAAU,WAAW,QAAQ;AAAA,MAC/B;AAAA,MACA,SAAS,aAAa,aAAa;AAAA,IACrC;AAAA,EACF,SAAS,OAAO;AACd,YAAQ;AAAA,MACN;AAAA,MACA,iBAAiB,QAAQ,MAAM,UAAU;AAAA,IAC3C;AACA,WAAO;AAAA,MACL,MAAM;AAAA,MACN,SAAS;AAAA,IACX;AAAA,EACF;AACF;AA0CO,MAAM,uBAAwB,IAChC,SACuC;AAC1C,QAAM,CAAC,SAAS,KAAK,IAAI,qBAAqB,IAAI;AAClD,QAAM,CAAC,SAAS,MAAM,IAAI,uBAAuB,IAAI;AAErD,QAAM,aAAa,MAAM;AACvB,UAAM,yBAAyC,OAAOA,UAASC,WAAU;AACvE,YAAM,iBACJ,OAAO,WAAW,aAAa,MAAM,OAAOD,QAAO,IAAI;AAEzD,YAAM,YAAY,eAAe,aAAa;AAC9C,YAAM,YAAY,eAAe,aAAa;AAE9C,UAAI,gBAA0B,2BAAa,KAAK;AAEhD,UAAI,SAAS;AACX,cAAM,oBAAoB,YAAqC;AAC7D,gBAAM,aAAa,MAAM,8BAA8BA,QAAO;AAE9D,gBAAM,UAAU,YAA2C;AACzD,kBAAM,wBAAoB,wCAAwBA,QAAO;AACzD,kBAAM,EAAE,kBAAkB,iBAAiB,IACzC;AAAA,cACE;AAAA,cACA;AAAA,cACA;AAAA,YACF;AAEF,mBAAO;AAAA,cACL,GAAG;AAAA,cACH;AAAA,cACA;AAAA,YACF;AAAA,UACF;AAEA,gBAAM,UAAU,YAA2B;AACzC,gBAAI,CAAC,WAAW,QAAQ,CAAC,WAAW,SAAS;AAC3C,oBAAM,cAAc,IAAI,IAAI,aAAa,YAAYA,SAAQ,GAAG;AAChE,0BAAY,aAAa;AAAA,gBACvB;AAAA,gBACAA,SAAQ,QAAQ;AAAA,cAClB;AACA,2DAAsB,YAAY,SAAS,CAAC;AAAA,YAC9C;AAAA,UACF;AAGA,gBAAM,cAAc,OAAO,OAAO,SAAS;AAAA,YACzC;AAAA,YACA,MAAM,WAAW;AAAA,YACjB,SAAS,WAAW;AAAA,UACtB,CAAC;AAED,iBAAO;AAAA,QACT;AAEA,YAAI;AACF,gBAAM,OAAO,MAAM,kBAAkB;AACrC,gBAAM,oBAAoB,MAAM,QAAQ,MAAMA,UAASC,MAAK;AAC5D,0BAAgB,qBAAqB;AAAA,QACvC,SAAS,OAAO;AACd,gBAAM,wBAAoB,wCAAwBD,QAAO;AACzD,0BAAgB,mBAAmB,OAAO,mBAAmBA,QAAO;AAAA,QACtE;AAEA,eAAO;AAAA,MACT;AAEA,aAAO;AAAA,IACT;AAEA,UAAM,iBAAiC,OAAOA,UAASC,WAAU;AAC/D,aAAO,uBAAuBD,UAASC,MAAK;AAAA,IAC9C;AAEA,QAAI,WAAW,OAAO;AACpB,aAAO,eAAe,SAAS,KAAK;AAAA,IACtC;AAEA,WAAO;AAAA,EACT;AACA,SAAO,WAAW;AACpB;AAEA,MAAM,uBAAuB,CAAC,SAAoB;AAChD,SAAO;AAAA,IACL,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,IACvC,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,EACzC;AAIF;AAEA,MAAM,yBAAyB,CAAC,SAAoB;AAClD,SAAO;AAAA,IACL,OAAO,KAAK,CAAC,MAAM,aAAa,KAAK,CAAC,IAAI;AAAA,KACzC,KAAK,WAAW,IACb,KAAK,CAAC,IACN,OAAO,KAAK,CAAC,MAAM,aACjB,CAAC,IACD,KAAK,CAAC,MAAM,CAAC;AAAA,EACrB;AAIF;AAKA,MAAM,4BAA4B,CAChC,mBACA,WACA,cACG;AACH,QAAM,mBAA6D,CACjE,OAAO,CAAC,MACL;AACH,UAAM,MAAM,aAAa,kBAAkB,QAAQ,SAAS;AAC5D,iDAAsB,KAAK,KAAK,aAAa;AAAA,EAC/C;AAEA,QAAM,mBAA6D,CACjE,OAAO,CAAC,MACL;AACH,UAAM,MAAM,aAAa,kBAAkB,QAAQ,SAAS;AAC5D,iDAAsB,KAAK,KAAK,aAAa;AAAA,EAC/C;AAEA,SAAO,EAAE,kBAAkB,iBAAiB;AAC9C;AAKA,MAAM,qBAAqB,CACzB,OACA,mBACA,gBACa;AACb,UAAI,yCAAsB,KAAK,GAAG;AAChC,WAAO,2BAAa,QAAQ,IAAI,IAAI,QAAQ,YAAY,GAAG,CAAC;AAAA,EAC9D;AAGA,UAAI,2CAAwB,KAAK,GAAG;AAClC,UAAM,kBAAkB,CAAC,QACvB,2BAAa,SAAS,IAAI,IAAI,KAAK,YAAY,GAAG,CAAC;AACrD,UAAM,EAAE,iBAAiB,QAAI,+BAAe;AAAA,MAC1C;AAAA,MACA,SAAS,kBAAkB,QAAQ;AAAA,MACnC,WAAW;AAAA,MACX,WAAW;AAAA,IACb,CAAC;AAED,WAAO,iBAAiB,EAAE,eAAe,MAAM,cAAc,CAAC;AAAA,EAChE;AAGA,UAAI,2CAAwB,KAAK,GAAG;AAClC,UAAM,kBAAkB,CAAC,QACvB,2BAAa,SAAS,IAAI,IAAI,KAAK,YAAY,GAAG,CAAC;AACrD,UAAM,EAAE,iBAAiB,QAAI,+BAAe;AAAA,MAC1C;AAAA,MACA,SAAS,kBAAkB,QAAQ;AAAA,MACnC,WAAW;AAAA,MACX,WAAW;AAAA,IACb,CAAC;AAED,WAAO,iBAAiB,EAAE,eAAe,MAAM,cAAc,CAAC;AAAA,EAChE;AAEA,QAAM;AACR;","names":["request","event"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/server/protect.ts"],"sourcesContent":["import type { AuthObject, SignedInAuthObject } from \"@tern-secure/backend\";\nimport { constants } from \"@tern-secure/backend\";\nimport type { CheckAuthorizationFromSessionClaims } from \"@tern-secure/types\";\n\nimport { constants as nextConstants } from \"../constants\";\nimport { isNextFetcher } from \"./nextFetcher\";\
|
|
1
|
+
{"version":3,"sources":["../../../src/server/protect.ts"],"sourcesContent":["import type { AuthObject, RedirectFun, SignedInAuthObject } from \"@tern-secure/backend\";\nimport { constants } from \"@tern-secure/backend\";\nimport type { CheckAuthorizationFromSessionClaims } from \"@tern-secure/types\";\n\nimport { constants as nextConstants } from \"../constants\";\nimport { isNextFetcher } from \"./nextFetcher\";\n\ntype AuthProtectOptions = {\n /**\n * The URL to redirect the user to if they are not authorized.\n */\n unauthorizedUrl?: string;\n /**\n * The URL to redirect the user to if they are not authenticated.\n */\n unauthenticatedUrl?: string;\n};\n\nexport interface AuthProtect {\n (\n params?: (require: CheckAuthorizationFromSessionClaims) => boolean,\n options?: AuthProtectOptions\n ): Promise<SignedInAuthObject>;\n (options?: AuthProtectOptions): Promise<SignedInAuthObject>;\n}\n\nexport function createProtect(opts: {\n request: Request;\n authObject: AuthObject;\n notFound: () => never;\n redirect: (url: string) => void;\n redirectToSignIn: RedirectFun<unknown>;\n}): AuthProtect {\n const { redirectToSignIn, authObject, redirect, notFound, request } = opts;\n\n return (async (...args: any[]) => {\n const optionValuesAsParam =\n args[0]?.unauthenticatedUrl || args[0]?.unauthorizedUrl;\n const paramsOrFunction = optionValuesAsParam ? undefined : (args[0] as \n | CheckAuthorizationFromSessionClaims\n | ((require: CheckAuthorizationFromSessionClaims) => boolean));\n const unauthenticatedUrl = (args[0]?.unauthenticatedUrl ||\n args[1]?.unauthenticatedUrl) as string | undefined;\n const unauthorizedUrl = (args[0]?.unauthorizedUrl ||\n args[1]?.unauthorizedUrl) as string | undefined;\n\n const handleUnauthenticated = () => {\n if (unauthenticatedUrl) {\n redirect(unauthenticatedUrl);\n }\n if (isPageRequest(request)) {\n return redirectToSignIn();\n }\n return notFound();\n };\n\n const handleUnauthorized = () => {\n if (unauthorizedUrl) {\n redirect(unauthorizedUrl);\n }\n notFound();\n };\n\n if (!authObject.userId) {\n handleUnauthenticated();\n }\n\n if (!paramsOrFunction) {\n return authObject;\n }\n\n if (typeof paramsOrFunction === \"function\") {\n if (paramsOrFunction(authObject.require)) {\n return authObject;\n }\n return handleUnauthorized();\n }\n\n if (authObject.require(paramsOrFunction)) {\n return authObject;\n }\n }) as AuthProtect;\n}\n\nconst isServerActionRequest = (req: Request) => {\n return (\n !!req.headers.get(nextConstants.Headers.NextUrl) &&\n (req.headers.get(constants.Headers.Accept)?.includes(\"text/x-component\") ||\n req.headers\n .get(constants.Headers.ContentType)\n ?.includes(\"multipart/form-data\") ||\n !!req.headers.get(nextConstants.Headers.NextAction))\n );\n};\n\nconst isPageRequest = (req: Request): boolean => {\n return (\n req.headers.get(constants.Headers.SecFetchDest) === \"document\" ||\n req.headers.get(constants.Headers.SecFetchDest) === \"iframe\" ||\n req.headers.get(constants.Headers.Accept)?.includes(\"text/html\") ||\n isAppRouterInternalNavigation(req) ||\n isPagesRouterInternalNavigation(req)\n );\n};\n\nconst isAppRouterInternalNavigation = (req: Request) =>\n (!!req.headers.get(nextConstants.Headers.NextUrl) &&\n !isServerActionRequest(req)) ||\n isPagePathAvailable();\n\nconst isPagePathAvailable = () => {\n const __fetch = globalThis.fetch;\n\n if (!isNextFetcher(__fetch)) {\n return false;\n }\n\n const { page, pagePath } = __fetch.__nextGetStaticStore().getStore() || {};\n\n return Boolean(\n // available on next@14\n pagePath ||\n // available on next@15\n page\n );\n};\n\nconst isPagesRouterInternalNavigation = (req: Request) =>\n !!req.headers.get(nextConstants.Headers.NextjsData);\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AACA,qBAA0B;AAG1B,uBAA2C;AAC3C,yBAA8B;AAqBvB,SAAS,cAAc,MAMd;AACd,QAAM,EAAE,kBAAkB,YAAY,UAAU,UAAU,QAAQ,IAAI;AAEtE,SAAQ,UAAU,SAAgB;AAChC,UAAM,sBACJ,KAAK,CAAC,GAAG,sBAAsB,KAAK,CAAC,GAAG;AAC1C,UAAM,mBAAmB,sBAAsB,SAAa,KAAK,CAAC;AAGlE,UAAM,qBAAsB,KAAK,CAAC,GAAG,sBACnC,KAAK,CAAC,GAAG;AACX,UAAM,kBAAmB,KAAK,CAAC,GAAG,mBAChC,KAAK,CAAC,GAAG;AAEX,UAAM,wBAAwB,MAAM;AAClC,UAAI,oBAAoB;AACtB,iBAAS,kBAAkB;AAAA,MAC7B;AACA,UAAI,cAAc,OAAO,GAAG;AAC1B,eAAO,iBAAiB;AAAA,MAC1B;AACA,aAAO,SAAS;AAAA,IAClB;AAEA,UAAM,qBAAqB,MAAM;AAC/B,UAAI,iBAAiB;AACnB,iBAAS,eAAe;AAAA,MAC1B;AACA,eAAS;AAAA,IACX;AAEA,QAAI,CAAC,WAAW,QAAQ;AACtB,4BAAsB;AAAA,IACxB;AAEA,QAAI,CAAC,kBAAkB;AACrB,aAAO;AAAA,IACT;AAEA,QAAI,OAAO,qBAAqB,YAAY;AAC1C,UAAI,iBAAiB,WAAW,OAAO,GAAG;AACxC,eAAO;AAAA,MACT;AACA,aAAO,mBAAmB;AAAA,IAC5B;AAEA,QAAI,WAAW,QAAQ,gBAAgB,GAAG;AACxC,aAAO;AAAA,IACT;AAAA,EACF;AACF;AAEA,MAAM,wBAAwB,CAAC,QAAiB;AAC9C,SACE,CAAC,CAAC,IAAI,QAAQ,IAAI,iBAAAA,UAAc,QAAQ,OAAO,MAC9C,IAAI,QAAQ,IAAI,yBAAU,QAAQ,MAAM,GAAG,SAAS,kBAAkB,KACrE,IAAI,QACD,IAAI,yBAAU,QAAQ,WAAW,GAChC,SAAS,qBAAqB,KAClC,CAAC,CAAC,IAAI,QAAQ,IAAI,iBAAAA,UAAc,QAAQ,UAAU;AAExD;AAEA,MAAM,gBAAgB,CAAC,QAA0B;AAC/C,SACE,IAAI,QAAQ,IAAI,yBAAU,QAAQ,YAAY,MAAM,cACpD,IAAI,QAAQ,IAAI,yBAAU,QAAQ,YAAY,MAAM,YACpD,IAAI,QAAQ,IAAI,yBAAU,QAAQ,MAAM,GAAG,SAAS,WAAW,KAC/D,8BAA8B,GAAG,KACjC,gCAAgC,GAAG;AAEvC;AAEA,MAAM,gCAAgC,CAAC,QACpC,CAAC,CAAC,IAAI,QAAQ,IAAI,iBAAAA,UAAc,QAAQ,OAAO,KAC9C,CAAC,sBAAsB,GAAG,KAC5B,oBAAoB;AAEtB,MAAM,sBAAsB,MAAM;AAChC,QAAM,UAAU,WAAW;AAE3B,MAAI,KAAC,kCAAc,OAAO,GAAG;AAC3B,WAAO;AAAA,EACT;AAEA,QAAM,EAAE,MAAM,SAAS,IAAI,QAAQ,qBAAqB,EAAE,SAAS,KAAK,CAAC;AAEzE,SAAO;AAAA;AAAA,IAEL;AAAA,IAEE;AAAA,EACJ;AACF;AAEA,MAAM,kCAAkC,CAAC,QACvC,CAAC,CAAC,IAAI,QAAQ,IAAI,iBAAAA,UAAc,QAAQ,UAAU;","names":["nextConstants"]}
|