@tern-secure/nextjs 5.2.0-canary.v20251028151628 → 5.2.0-canary.v20251030165007
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/app-router/server/TernSecureProvider.js +1 -1
- package/dist/cjs/app-router/server/TernSecureProvider.js.map +1 -1
- package/dist/cjs/app-router/server/TernSecureProviderNode.js +92 -0
- package/dist/cjs/app-router/server/TernSecureProviderNode.js.map +1 -0
- package/dist/cjs/app-router/server/auth.js +1 -1
- package/dist/cjs/app-router/server/auth.js.map +1 -1
- package/dist/cjs/app-router/server/auth_new.js +41 -0
- package/dist/cjs/app-router/server/auth_new.js.map +1 -0
- package/dist/cjs/boundary/PromiseAuthProvider.js.map +1 -1
- package/dist/cjs/boundary/PromiseAuthProviderNode.js +68 -0
- package/dist/cjs/boundary/PromiseAuthProviderNode.js.map +1 -0
- package/dist/cjs/index.js +3 -0
- package/dist/cjs/index.js.map +1 -1
- package/dist/cjs/server/constant.js +21 -0
- package/dist/cjs/server/constant.js.map +1 -1
- package/dist/cjs/server/data/getAuthDataFromRequest.js +105 -2
- package/dist/cjs/server/data/getAuthDataFromRequest.js.map +1 -1
- package/dist/cjs/server/index.js +6 -0
- package/dist/cjs/server/index.js.map +1 -1
- package/dist/cjs/server/instrumentation.js +52 -0
- package/dist/cjs/server/instrumentation.js.map +1 -0
- package/dist/esm/app-router/server/TernSecureProvider.js +2 -2
- package/dist/esm/app-router/server/TernSecureProvider.js.map +1 -1
- package/dist/esm/app-router/server/TernSecureProviderNode.js +58 -0
- package/dist/esm/app-router/server/TernSecureProviderNode.js.map +1 -0
- package/dist/esm/app-router/server/auth.js +2 -2
- package/dist/esm/app-router/server/auth.js.map +1 -1
- package/dist/esm/app-router/server/auth_new.js +17 -0
- package/dist/esm/app-router/server/auth_new.js.map +1 -0
- package/dist/esm/boundary/PromiseAuthProvider.js.map +1 -1
- package/dist/esm/boundary/PromiseAuthProviderNode.js +33 -0
- package/dist/esm/boundary/PromiseAuthProviderNode.js.map +1 -0
- package/dist/esm/index.js +2 -0
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/server/constant.js +14 -0
- package/dist/esm/server/constant.js.map +1 -1
- package/dist/esm/server/data/getAuthDataFromRequest.js +101 -1
- package/dist/esm/server/data/getAuthDataFromRequest.js.map +1 -1
- package/dist/esm/server/index.js +6 -0
- package/dist/esm/server/index.js.map +1 -1
- package/dist/esm/server/instrumentation.js +28 -0
- package/dist/esm/server/instrumentation.js.map +1 -0
- package/dist/types/app-router/server/TernSecureProviderNode.d.ts +4 -0
- package/dist/types/app-router/server/TernSecureProviderNode.d.ts.map +1 -0
- package/dist/types/app-router/server/auth.d.ts +5 -1
- package/dist/types/app-router/server/auth.d.ts.map +1 -1
- package/dist/types/app-router/server/auth_new.d.ts +14 -0
- package/dist/types/app-router/server/auth_new.d.ts.map +1 -0
- package/dist/types/boundary/PromiseAuthProvider.d.ts +2 -2
- package/dist/types/boundary/PromiseAuthProvider.d.ts.map +1 -1
- package/dist/types/boundary/PromiseAuthProviderNode.d.ts +14 -0
- package/dist/types/boundary/PromiseAuthProviderNode.d.ts.map +1 -0
- package/dist/types/index.d.ts +1 -0
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/server/constant.d.ts +7 -0
- package/dist/types/server/constant.d.ts.map +1 -1
- package/dist/types/server/data/getAuthDataFromRequest.d.ts +32 -0
- package/dist/types/server/data/getAuthDataFromRequest.d.ts.map +1 -1
- package/dist/types/server/index.d.ts +2 -0
- package/dist/types/server/index.d.ts.map +1 -1
- package/dist/types/server/instrumentation.d.ts +27 -0
- package/dist/types/server/instrumentation.d.ts.map +1 -0
- package/package.json +8 -7
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../src/server/instrumentation.ts"],"sourcesContent":["/**\n * Patches global.fetch to add Referer header for Firebase Identity Toolkit requests.\n * This is required for Firebase Auth to work properly on the server side.\n * \n * @param appUrl - Optional URL of your application. If not provided, uses NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN env variable.\n * You must provide either the parameter or set the environment variable.\n * \n * @throws {Error} If no appUrl is provided and NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN is not set.\n * \n * @example\n * ```typescript\n * // In your app's instrumentation.ts\n * import { ternSecureInstrumentation } from '@tern-secure/nextjs/server';\n * \n * export async function register() {\n * if (process.env.NEXT_RUNTIME === 'nodejs') {\n * // Option 1: Use environment variable\n * ternSecureInstrumentation();\n * \n * // Option 2: Provide URL explicitly\n * ternSecureInstrumentation('http://localhost:3000');\n * }\n * }\n * ```\n */\nexport function ternSecureInstrumentation(appUrl?: string): void {\n const resolvedAppUrl = appUrl || process.env.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN;\n\n if (!resolvedAppUrl) {\n throw new Error(\n 'ternSecureInstrumentation: appUrl must be provided either as a parameter or via NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN environment variable.'\n );\n }\n\n const originalFetch = global.fetch;\n\n global.fetch = async (input: RequestInfo | URL, init?: RequestInit) => {\n const url =\n typeof input === \"string\"\n ? input\n : input instanceof URL\n ? input.href\n : input.url;\n const urlObj = new URL(url);\n\n if (urlObj.hostname === \"identitytoolkit.googleapis.com\") {\n const modifiedInit = {\n ...init,\n headers: {\n ...(init?.headers || {}),\n Referer: resolvedAppUrl,\n },\n };\n return originalFetch(input, modifiedInit);\n }\n return originalFetch(input, init);\n };\n}"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAyBO,SAAS,0BAA0B,QAAuB;AAC7D,QAAM,iBAAiB,UAAU,QAAQ,IAAI;AAE7C,MAAI,CAAC,gBAAgB;AACjB,UAAM,IAAI;AAAA,MACN;AAAA,IACJ;AAAA,EACJ;AAEA,QAAM,gBAAgB,OAAO;AAE7B,SAAO,QAAQ,OAAO,OAA0B,SAAuB;AACnE,UAAM,MACF,OAAO,UAAU,WACX,QACA,iBAAiB,MACb,MAAM,OACN,MAAM;AACpB,UAAM,SAAS,IAAI,IAAI,GAAG;AAE1B,QAAI,OAAO,aAAa,kCAAkC;AACtD,YAAM,eAAe;AAAA,QACjB,GAAG;AAAA,QACH,SAAS;AAAA,UACL,GAAI,MAAM,WAAW,CAAC;AAAA,UACtB,SAAS;AAAA,QACb;AAAA,MACJ;AACA,aAAO,cAAc,OAAO,YAAY;AAAA,IAC5C;AACA,WAAO,cAAc,OAAO,IAAI;AAAA,EACpC;AACJ;","names":[]}
|
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
import { jsx } from "react/jsx-runtime";
|
|
2
2
|
import React from "react";
|
|
3
3
|
import { PromiseAuthProvider } from "../../boundary/PromiseAuthProvider";
|
|
4
|
-
import {
|
|
4
|
+
import { getTernSecureAuthDataNode } from "../../server/data/getAuthDataFromRequest";
|
|
5
5
|
import { isNext13 } from "../../server/sdk-versions";
|
|
6
6
|
import { allNextProviderPropsWithEnv } from "../../utils/allNextProviderProps";
|
|
7
7
|
import { ClientTernSecureProvider } from "../client/TernSecureProvider";
|
|
8
8
|
import { buildRequestLike } from "./utils";
|
|
9
9
|
const getTernSecureState = React.cache(async function getTernSecureState2() {
|
|
10
10
|
const request = await buildRequestLike();
|
|
11
|
-
const data =
|
|
11
|
+
const data = getTernSecureAuthDataNode(request);
|
|
12
12
|
return data;
|
|
13
13
|
});
|
|
14
14
|
async function TernSecureProvider(props) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/app-router/server/TernSecureProvider.tsx"],"sourcesContent":["import type {
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/server/TernSecureProvider.tsx"],"sourcesContent":["import type { TernSecureInitialState } from '@tern-secure/types';\nimport type { ReactNode } from 'react';\nimport React from 'react';\n\nimport { PromiseAuthProvider } from '../../boundary/PromiseAuthProvider';\nimport { getTernSecureAuthDataNode } from '../../server/data/getAuthDataFromRequest';\nimport { isNext13 } from '../../server/sdk-versions';\nimport type { TernSecureNextProps } from '../../types';\nimport { allNextProviderPropsWithEnv } from '../../utils/allNextProviderProps';\nimport { ClientTernSecureProvider } from '../client/TernSecureProvider';\nimport { buildRequestLike } from './utils';\n\nconst getTernSecureState = React.cache(async function getTernSecureState() {\n const request = await buildRequestLike();\n const data = getTernSecureAuthDataNode(request);\n return data;\n});\n\nexport async function TernSecureProvider(props: TernSecureNextProps) {\n const { children, ...rest } = props;\n const { persistence } = rest;\n\n const browserCookiePersistence = persistence === 'browserCookie';\n\n async function generateStatePromise() {\n if (!browserCookiePersistence) {\n return Promise.resolve(undefined);\n }\n if (isNext13) {\n return Promise.resolve(await getTernSecureState());\n }\n return getTernSecureState();\n }\n\n const providerProps = allNextProviderPropsWithEnv({ ...rest });\n\n let output: ReactNode;\n\n if (browserCookiePersistence) {\n output = (\n <PromiseAuthProvider\n authPromise={generateStatePromise() as unknown as Promise<TernSecureInitialState>}\n >\n <ClientTernSecureProvider\n {...providerProps}\n initialState={await generateStatePromise()}\n >\n {children}\n </ClientTernSecureProvider>\n </PromiseAuthProvider>\n );\n } else {\n output = (\n <ClientTernSecureProvider\n {...providerProps}\n >\n {children}\n </ClientTernSecureProvider>\n );\n }\n\n return output;\n}\n"],"mappings":"AA2CQ;AAzCR,OAAO,WAAW;AAElB,SAAS,2BAA2B;AACpC,SAAS,iCAAiC;AAC1C,SAAS,gBAAgB;AAEzB,SAAS,mCAAmC;AAC5C,SAAS,gCAAgC;AACzC,SAAS,wBAAwB;AAEjC,MAAM,qBAAqB,MAAM,MAAM,eAAeA,sBAAqB;AACzE,QAAM,UAAU,MAAM,iBAAiB;AACvC,QAAM,OAAO,0BAA0B,OAAO;AAC9C,SAAO;AACT,CAAC;AAED,eAAsB,mBAAmB,OAA4B;AACnE,QAAM,EAAE,UAAU,GAAG,KAAK,IAAI;AAC9B,QAAM,EAAE,YAAY,IAAI;AAExB,QAAM,2BAA2B,gBAAgB;AAEjD,iBAAe,uBAAuB;AACpC,QAAI,CAAC,0BAA0B;AAC7B,aAAO,QAAQ,QAAQ,MAAS;AAAA,IAClC;AACA,QAAI,UAAU;AACZ,aAAO,QAAQ,QAAQ,MAAM,mBAAmB,CAAC;AAAA,IACnD;AACA,WAAO,mBAAmB;AAAA,EAC5B;AAEA,QAAM,gBAAgB,4BAA4B,EAAE,GAAG,KAAK,CAAC;AAE7D,MAAI;AAEJ,MAAI,0BAA0B;AAC5B,aACE;AAAA,MAAC;AAAA;AAAA,QACC,aAAa,qBAAqB;AAAA,QAElC;AAAA,UAAC;AAAA;AAAA,YACE,GAAG;AAAA,YACJ,cAAc,MAAM,qBAAqB;AAAA,YAExC;AAAA;AAAA,QACH;AAAA;AAAA,IACF;AAAA,EAEJ,OAAO;AACL,aACE;AAAA,MAAC;AAAA;AAAA,QACE,GAAG;AAAA,QAEH;AAAA;AAAA,IACH;AAAA,EAEJ;AAEA,SAAO;AACT;","names":["getTernSecureState"]}
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
import { jsx } from "react/jsx-runtime";
|
|
2
|
+
import React from "react";
|
|
3
|
+
import { PromiseAuthProviderNode } from "../../boundary/PromiseAuthProviderNode";
|
|
4
|
+
import { getTernSecureAuthDataNode } from "../../server/data/getAuthDataFromRequest";
|
|
5
|
+
import { isNext13 } from "../../server/sdk-versions";
|
|
6
|
+
import { allNextProviderPropsWithEnv } from "../../utils/allNextProviderProps";
|
|
7
|
+
import { ClientTernSecureProvider } from "../client/TernSecureProvider";
|
|
8
|
+
import { buildRequestLike } from "./utils";
|
|
9
|
+
const getTernSecureState = React.cache(async function getTernSecureState2() {
|
|
10
|
+
const request = await buildRequestLike();
|
|
11
|
+
const data = getTernSecureAuthDataNode(request);
|
|
12
|
+
return data;
|
|
13
|
+
});
|
|
14
|
+
async function TernSecureProviderNode(props) {
|
|
15
|
+
const { children, ...rest } = props;
|
|
16
|
+
const { persistence } = rest;
|
|
17
|
+
const browserCookiePersistence = persistence === "browserCookie";
|
|
18
|
+
async function generateStatePromise() {
|
|
19
|
+
if (!browserCookiePersistence) {
|
|
20
|
+
return Promise.resolve(void 0);
|
|
21
|
+
}
|
|
22
|
+
if (isNext13) {
|
|
23
|
+
return Promise.resolve(await getTernSecureState());
|
|
24
|
+
}
|
|
25
|
+
return getTernSecureState();
|
|
26
|
+
}
|
|
27
|
+
const providerProps = allNextProviderPropsWithEnv({ ...rest });
|
|
28
|
+
let output;
|
|
29
|
+
if (browserCookiePersistence) {
|
|
30
|
+
output = /* @__PURE__ */ jsx(
|
|
31
|
+
PromiseAuthProviderNode,
|
|
32
|
+
{
|
|
33
|
+
authPromise: generateStatePromise(),
|
|
34
|
+
children: /* @__PURE__ */ jsx(
|
|
35
|
+
ClientTernSecureProvider,
|
|
36
|
+
{
|
|
37
|
+
...providerProps,
|
|
38
|
+
initialState: await generateStatePromise(),
|
|
39
|
+
children
|
|
40
|
+
}
|
|
41
|
+
)
|
|
42
|
+
}
|
|
43
|
+
);
|
|
44
|
+
} else {
|
|
45
|
+
output = /* @__PURE__ */ jsx(
|
|
46
|
+
ClientTernSecureProvider,
|
|
47
|
+
{
|
|
48
|
+
...providerProps,
|
|
49
|
+
children
|
|
50
|
+
}
|
|
51
|
+
);
|
|
52
|
+
}
|
|
53
|
+
return output;
|
|
54
|
+
}
|
|
55
|
+
export {
|
|
56
|
+
TernSecureProviderNode
|
|
57
|
+
};
|
|
58
|
+
//# sourceMappingURL=TernSecureProviderNode.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/server/TernSecureProviderNode.tsx"],"sourcesContent":["import type { DecodedIdToken, TernSecureUser } from '@tern-secure/types';\nimport type { ReactNode } from 'react';\nimport React from 'react';\n\nimport { PromiseAuthProviderNode } from '../../boundary/PromiseAuthProviderNode';\nimport { getTernSecureAuthDataNode } from '../../server/data/getAuthDataFromRequest';\nimport { isNext13 } from '../../server/sdk-versions';\nimport type { TernSecureNextProps } from '../../types';\nimport { allNextProviderPropsWithEnv } from '../../utils/allNextProviderProps';\nimport { ClientTernSecureProvider } from '../client/TernSecureProvider';\nimport { buildRequestLike } from './utils';\n\ntype TernSecureInitialState = {\n user?: TernSecureUser | null;\n token?: string | null;\n sessionClaims?: DecodedIdToken | null;\n};\n\nconst getTernSecureState = React.cache(async function getTernSecureState() {\n const request = await buildRequestLike();\n const data = getTernSecureAuthDataNode(request);\n return data;\n});\n\nexport async function TernSecureProviderNode(props: TernSecureNextProps) {\n const { children, ...rest } = props;\n const { persistence } = rest;\n\n const browserCookiePersistence = persistence === 'browserCookie';\n\n async function generateStatePromise() {\n if (!browserCookiePersistence) {\n return Promise.resolve(undefined);\n }\n if (isNext13) {\n return Promise.resolve(await getTernSecureState());\n }\n return getTernSecureState();\n }\n\n const providerProps = allNextProviderPropsWithEnv({ ...rest });\n\n let output: ReactNode;\n\n if (browserCookiePersistence) {\n output = (\n <PromiseAuthProviderNode\n authPromise={generateStatePromise() as unknown as Promise<TernSecureInitialState>}\n >\n <ClientTernSecureProvider\n {...providerProps}\n initialState={await generateStatePromise()}\n >\n {children}\n </ClientTernSecureProvider>\n </PromiseAuthProviderNode>\n );\n } else {\n output = (\n <ClientTernSecureProvider\n {...providerProps}\n >\n {children}\n </ClientTernSecureProvider>\n );\n }\n\n return output;\n}"],"mappings":"AAiDQ;AA/CR,OAAO,WAAW;AAElB,SAAS,+BAA+B;AACxC,SAAS,iCAAiC;AAC1C,SAAS,gBAAgB;AAEzB,SAAS,mCAAmC;AAC5C,SAAS,gCAAgC;AACzC,SAAS,wBAAwB;AAQjC,MAAM,qBAAqB,MAAM,MAAM,eAAeA,sBAAqB;AACzE,QAAM,UAAU,MAAM,iBAAiB;AACvC,QAAM,OAAO,0BAA0B,OAAO;AAC9C,SAAO;AACT,CAAC;AAED,eAAsB,uBAAuB,OAA4B;AACvE,QAAM,EAAE,UAAU,GAAG,KAAK,IAAI;AAC9B,QAAM,EAAE,YAAY,IAAI;AAExB,QAAM,2BAA2B,gBAAgB;AAEjD,iBAAe,uBAAuB;AACpC,QAAI,CAAC,0BAA0B;AAC7B,aAAO,QAAQ,QAAQ,MAAS;AAAA,IAClC;AACA,QAAI,UAAU;AACZ,aAAO,QAAQ,QAAQ,MAAM,mBAAmB,CAAC;AAAA,IACnD;AACA,WAAO,mBAAmB;AAAA,EAC5B;AAEA,QAAM,gBAAgB,4BAA4B,EAAE,GAAG,KAAK,CAAC;AAE7D,MAAI;AAEJ,MAAI,0BAA0B;AAC5B,aACE;AAAA,MAAC;AAAA;AAAA,QACC,aAAa,qBAAqB;AAAA,QAElC;AAAA,UAAC;AAAA;AAAA,YACE,GAAG;AAAA,YACJ,cAAc,MAAM,qBAAqB;AAAA,YAExC;AAAA;AAAA,QACH;AAAA;AAAA,IACF;AAAA,EAEJ,OAAO;AACL,aACE;AAAA,MAAC;AAAA;AAAA,QACE,GAAG;AAAA,QAEH;AAAA;AAAA,IACH;AAAA,EAEJ;AAEA,SAAO;AACT;","names":["getTernSecureState"]}
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
import { createRedirect, createTernSecureRequest } from "@tern-secure/backend";
|
|
2
2
|
import { notFound, redirect } from "next/navigation";
|
|
3
3
|
import { SIGN_IN_URL, SIGN_UP_URL } from "../../server/constant";
|
|
4
|
-
import {
|
|
4
|
+
import { getAuthDataFromRequestNode } from "../../server/data/getAuthDataFromRequest";
|
|
5
5
|
import { getAuthKeyFromRequest } from "../../server/headers-utils";
|
|
6
6
|
import { createProtect } from "../../server/protect";
|
|
7
7
|
import { buildRequestLike } from "./utils";
|
|
8
8
|
const createAuthObject = () => {
|
|
9
9
|
return async (req) => {
|
|
10
|
-
return
|
|
10
|
+
return getAuthDataFromRequestNode(req);
|
|
11
11
|
};
|
|
12
12
|
};
|
|
13
13
|
const auth = async () => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/app-router/server/auth.ts"],"sourcesContent":["import type { AuthObject, RedirectFun } from '@tern-secure/backend';\r\nimport { createRedirect, createTernSecureRequest } from '@tern-secure/backend';\r\nimport { notFound, redirect } from 'next/navigation';\r\n\r\nimport { SIGN_IN_URL, SIGN_UP_URL } from '../../server/constant';\r\nimport {
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/server/auth.ts"],"sourcesContent":["import type { AuthObject, RedirectFun } from '@tern-secure/backend';\r\nimport { createRedirect, createTernSecureRequest } from '@tern-secure/backend';\r\nimport { notFound, redirect } from 'next/navigation';\r\n\r\nimport { SIGN_IN_URL, SIGN_UP_URL } from '../../server/constant';\r\nimport { type Aobj, getAuthDataFromRequestNode } from '../../server/data/getAuthDataFromRequest';\r\nimport { getAuthKeyFromRequest } from '../../server/headers-utils';\r\nimport { type AuthProtect, createProtect } from '../../server/protect';\r\nimport type { BaseUser, RequestLike } from '../../server/types';\r\nimport { buildRequestLike } from './utils';\r\n\r\n/**\r\n * @deprecated will be removed in future versions.\r\n*/\r\nexport interface AuthResult {\r\n user: BaseUser | null;\r\n error: Error | null;\r\n}\r\n\r\n/**\r\n * `Auth` object of the currently active user and the `redirectToSignIn()` method.\r\n */\r\ntype Auth = AuthObject & Aobj & {\r\n redirectToSignIn: RedirectFun<ReturnType<typeof redirect>>;\r\n redirectToSignUp: RedirectFun<ReturnType<typeof redirect>>;\r\n};\r\n\r\nexport interface AuthFn {\r\n (): Promise<Auth>;\r\n\r\n protect: AuthProtect;\r\n}\r\n\r\nconst createAuthObject = () => {\r\n return async (req: RequestLike) => {\r\n return getAuthDataFromRequestNode(req);\r\n };\r\n};\r\n\r\n/**\r\n * Get the current authenticated user from the session or token\r\n */\r\nexport const auth: AuthFn = async () => {\r\n // eslint-disable-next-line @typescript-eslint/no-require-imports\r\n require('server-only');\r\n\r\n const request = await buildRequestLike();\r\n\r\n const authObject = await createAuthObject()(request);\r\n\r\n const ternUrl = getAuthKeyFromRequest(request, 'TernSecureUrl');\r\n\r\n const createRedirectForRequest = (...args: Parameters<RedirectFun<never>>) => {\r\n const { returnBackUrl } = args[0] || {};\r\n const ternSecureRequest = createTernSecureRequest(request);\r\n\r\n return [\r\n createRedirect({\r\n redirectAdapter: redirect,\r\n baseUrl: ternSecureRequest.ternUrl.toString(),\r\n signInUrl: SIGN_IN_URL,\r\n signUpUrl: SIGN_UP_URL,\r\n }),\r\n returnBackUrl === null ? '' : returnBackUrl || ternUrl?.toString(),\r\n ] as const;\r\n };\r\n\r\n const redirectToSignIn: RedirectFun<never> = (opts = {}) => {\r\n const [r, returnBackUrl] = createRedirectForRequest(opts);\r\n return r.redirectToSignIn({\r\n returnBackUrl,\r\n });\r\n };\r\n\r\n const redirectToSignUp: RedirectFun<never> = (opts = {}) => {\r\n const [r, returnBackUrl] = createRedirectForRequest(opts);\r\n return r.redirectToSignUp({\r\n returnBackUrl,\r\n });\r\n };\r\n\r\n return Object.assign(authObject, { redirectToSignIn, redirectToSignUp });\r\n};\r\n\r\nauth.protect = async (...args: any[]) => {\r\n // eslint-disable-next-line @typescript-eslint/no-require-imports\r\n require('server-only');\r\n\r\n const request = await buildRequestLike();\r\n const authObject = await auth();\r\n\r\n const protect = createProtect({\r\n request,\r\n authObject,\r\n redirectToSignIn: authObject.redirectToSignIn,\r\n notFound,\r\n redirect,\r\n });\r\n\r\n return protect(...args);\r\n};\r\n"],"mappings":"AACA,SAAS,gBAAgB,+BAA+B;AACxD,SAAS,UAAU,gBAAgB;AAEnC,SAAS,aAAa,mBAAmB;AACzC,SAAoB,kCAAkC;AACtD,SAAS,6BAA6B;AACtC,SAA2B,qBAAqB;AAEhD,SAAS,wBAAwB;AAwBjC,MAAM,mBAAmB,MAAM;AAC7B,SAAO,OAAO,QAAqB;AACjC,WAAO,2BAA2B,GAAG;AAAA,EACvC;AACF;AAKO,MAAM,OAAe,YAAY;AAEtC,UAAQ,aAAa;AAErB,QAAM,UAAU,MAAM,iBAAiB;AAEvC,QAAM,aAAa,MAAM,iBAAiB,EAAE,OAAO;AAEnD,QAAM,UAAU,sBAAsB,SAAS,eAAe;AAE9D,QAAM,2BAA2B,IAAI,SAAyC;AAC5E,UAAM,EAAE,cAAc,IAAI,KAAK,CAAC,KAAK,CAAC;AACtC,UAAM,oBAAoB,wBAAwB,OAAO;AAEzD,WAAO;AAAA,MACL,eAAe;AAAA,QACb,iBAAiB;AAAA,QACjB,SAAS,kBAAkB,QAAQ,SAAS;AAAA,QAC5C,WAAW;AAAA,QACX,WAAW;AAAA,MACb,CAAC;AAAA,MACD,kBAAkB,OAAO,KAAK,iBAAiB,SAAS,SAAS;AAAA,IACnE;AAAA,EACF;AAEA,QAAM,mBAAuC,CAAC,OAAO,CAAC,MAAM;AAC1D,UAAM,CAAC,GAAG,aAAa,IAAI,yBAAyB,IAAI;AACxD,WAAO,EAAE,iBAAiB;AAAA,MACxB;AAAA,IACF,CAAC;AAAA,EACH;AAEA,QAAM,mBAAuC,CAAC,OAAO,CAAC,MAAM;AAC1D,UAAM,CAAC,GAAG,aAAa,IAAI,yBAAyB,IAAI;AACxD,WAAO,EAAE,iBAAiB;AAAA,MACxB;AAAA,IACF,CAAC;AAAA,EACH;AAEA,SAAO,OAAO,OAAO,YAAY,EAAE,kBAAkB,iBAAiB,CAAC;AACzE;AAEA,KAAK,UAAU,UAAU,SAAgB;AAEvC,UAAQ,aAAa;AAErB,QAAM,UAAU,MAAM,iBAAiB;AACvC,QAAM,aAAa,MAAM,KAAK;AAE9B,QAAM,UAAU,cAAc;AAAA,IAC5B;AAAA,IACA;AAAA,IACA,kBAAkB,WAAW;AAAA,IAC7B;AAAA,IACA;AAAA,EACF,CAAC;AAED,SAAO,QAAQ,GAAG,IAAI;AACxB;","names":[]}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
import { getAuthDataFromRequestNode } from "../../server/data/getAuthDataFromRequest";
|
|
2
|
+
import { buildRequestLike } from "./utils";
|
|
3
|
+
const createAuthObject = () => {
|
|
4
|
+
return async (req) => {
|
|
5
|
+
return getAuthDataFromRequestNode(req);
|
|
6
|
+
};
|
|
7
|
+
};
|
|
8
|
+
const authNew = async () => {
|
|
9
|
+
require("server-only");
|
|
10
|
+
const request = await buildRequestLike();
|
|
11
|
+
const authObject = await createAuthObject()(request);
|
|
12
|
+
return Object.assign(authObject);
|
|
13
|
+
};
|
|
14
|
+
export {
|
|
15
|
+
authNew
|
|
16
|
+
};
|
|
17
|
+
//# sourceMappingURL=auth_new.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../../src/app-router/server/auth_new.ts"],"sourcesContent":["import type { Aobj, TernSecureUser} from '../../server/data/getAuthDataFromRequest';\nimport { getAuthDataFromRequestNode } from '../../server/data/getAuthDataFromRequest';\nimport type { RequestLike } from '../../server/types';\nimport { buildRequestLike } from './utils';\n\n/**\n * `Auth` object of the currently active user and the `redirectToSignIn()` method.\n */\ntype Auth = Aobj;\n\nexport interface AuthFn {\n (): Promise<Auth>;\n}\n\nconst createAuthObject = () => {\n return async (req: RequestLike) => {\n return getAuthDataFromRequestNode(req);\n };\n};\n\n/**\n * Get the current authenticated user from the session cookies\n */\nexport const authNew: AuthFn = async () => {\n // eslint-disable-next-line @typescript-eslint/no-require-imports\n require('server-only');\n\n const request = await buildRequestLike();\n\n const authObject = await createAuthObject()(request);\n\n return Object.assign(authObject);\n};\n\n\nexport { TernSecureUser }"],"mappings":"AACA,SAAS,kCAAkC;AAE3C,SAAS,wBAAwB;AAWjC,MAAM,mBAAmB,MAAM;AAC7B,SAAO,OAAO,QAAqB;AACjC,WAAO,2BAA2B,GAAG;AAAA,EACvC;AACF;AAKO,MAAM,UAAkB,YAAY;AAEzC,UAAQ,aAAa;AAErB,QAAM,UAAU,MAAM,iBAAiB;AAEvC,QAAM,aAAa,MAAM,iBAAiB,EAAE,OAAO;AAEnD,SAAO,OAAO,OAAO,UAAU;AACjC;","names":[]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/boundary/PromiseAuthProvider.tsx"],"sourcesContent":["'use client';\n\nimport { useAuth, useDeriveAuth } from '@tern-secure/react';\nimport type {
|
|
1
|
+
{"version":3,"sources":["../../../src/boundary/PromiseAuthProvider.tsx"],"sourcesContent":["'use client';\n\nimport { useAuth, useDeriveAuth } from '@tern-secure/react';\nimport type { TernSecureInitialState } from '@tern-secure/types';\nimport { useRouter } from 'next/compat/router';\nimport React from 'react';\n\nconst PromiseAuthContext = React.createContext<\n Promise<TernSecureInitialState> | TernSecureInitialState | null\n>(null);\n\nexport function PromiseAuthProvider({\n authPromise,\n children,\n}: {\n authPromise: Promise<TernSecureInitialState> | TernSecureInitialState;\n children: React.ReactNode;\n}) {\n return <PromiseAuthContext.Provider value={authPromise}>{children}</PromiseAuthContext.Provider>;\n}\n\nexport function usePromiseAuth() {\n const isPagesRouter = useRouter();\n const valueFromContext = React.useContext(PromiseAuthContext);\n\n let resolvedData = valueFromContext;\n if (valueFromContext && 'then' in valueFromContext) {\n resolvedData = React.use(valueFromContext);\n }\n\n if (typeof window === 'undefined') {\n // Pages router should always use useAuth as it is able to grab initial auth state from context during SSR.\n if (isPagesRouter) {\n return useAuth();\n }\n\n return useDeriveAuth({ ...resolvedData });\n } else {\n return useAuth();\n }\n}\n"],"mappings":";AAkBS;AAhBT,SAAS,SAAS,qBAAqB;AAEvC,SAAS,iBAAiB;AAC1B,OAAO,WAAW;AAElB,MAAM,qBAAqB,MAAM,cAE/B,IAAI;AAEC,SAAS,oBAAoB;AAAA,EAClC;AAAA,EACA;AACF,GAGG;AACD,SAAO,oBAAC,mBAAmB,UAAnB,EAA4B,OAAO,aAAc,UAAS;AACpE;AAEO,SAAS,iBAAiB;AAC/B,QAAM,gBAAgB,UAAU;AAChC,QAAM,mBAAmB,MAAM,WAAW,kBAAkB;AAE5D,MAAI,eAAe;AACnB,MAAI,oBAAoB,UAAU,kBAAkB;AAClD,mBAAe,MAAM,IAAI,gBAAgB;AAAA,EAC3C;AAEA,MAAI,OAAO,WAAW,aAAa;AAEjC,QAAI,eAAe;AACjB,aAAO,QAAQ;AAAA,IACjB;AAEA,WAAO,cAAc,EAAE,GAAG,aAAa,CAAC;AAAA,EAC1C,OAAO;AACL,WAAO,QAAQ;AAAA,EACjB;AACF;","names":[]}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
"use client";
|
|
2
|
+
import { jsx } from "react/jsx-runtime";
|
|
3
|
+
import { useAuth, useDeriveAuth } from "@tern-secure/react";
|
|
4
|
+
import { useRouter } from "next/compat/router";
|
|
5
|
+
import React from "react";
|
|
6
|
+
const PromiseAuthContext = React.createContext(null);
|
|
7
|
+
function PromiseAuthProviderNode({
|
|
8
|
+
authPromise,
|
|
9
|
+
children
|
|
10
|
+
}) {
|
|
11
|
+
return /* @__PURE__ */ jsx(PromiseAuthContext.Provider, { value: authPromise, children });
|
|
12
|
+
}
|
|
13
|
+
function usePromiseAuthNode() {
|
|
14
|
+
const isPagesRouter = useRouter();
|
|
15
|
+
const valueFromContext = React.useContext(PromiseAuthContext);
|
|
16
|
+
let resolvedData = valueFromContext;
|
|
17
|
+
if (valueFromContext && "then" in valueFromContext) {
|
|
18
|
+
resolvedData = React.use(valueFromContext);
|
|
19
|
+
}
|
|
20
|
+
if (typeof window === "undefined") {
|
|
21
|
+
if (isPagesRouter) {
|
|
22
|
+
return useAuth();
|
|
23
|
+
}
|
|
24
|
+
return useDeriveAuth({ ...resolvedData });
|
|
25
|
+
} else {
|
|
26
|
+
return useAuth({ ...resolvedData });
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
export {
|
|
30
|
+
PromiseAuthProviderNode,
|
|
31
|
+
usePromiseAuthNode
|
|
32
|
+
};
|
|
33
|
+
//# sourceMappingURL=PromiseAuthProviderNode.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../src/boundary/PromiseAuthProviderNode.tsx"],"sourcesContent":["'use client';\n\nimport { useAuth, useDeriveAuth } from '@tern-secure/react';\nimport type { DecodedIdToken, TernSecureUser } from '@tern-secure/types';\nimport { useRouter } from 'next/compat/router';\nimport React from 'react';\n\ntype TernSecureInitialState = {\n user?: TernSecureUser | null;\n token?: string | null;\n sessionClaims?: DecodedIdToken | null;\n};\n\nconst PromiseAuthContext = React.createContext<\n Promise<TernSecureInitialState> | TernSecureInitialState | null\n>(null);\n\nexport function PromiseAuthProviderNode({\n authPromise,\n children,\n}: {\n authPromise: Promise<TernSecureInitialState> | TernSecureInitialState;\n children: React.ReactNode;\n}) {\n return <PromiseAuthContext.Provider value={authPromise}>{children}</PromiseAuthContext.Provider>;\n}\n\nexport function usePromiseAuthNode() {\n const isPagesRouter = useRouter();\n const valueFromContext = React.useContext(PromiseAuthContext);\n\n let resolvedData = valueFromContext;\n if (valueFromContext && 'then' in valueFromContext) {\n resolvedData = React.use(valueFromContext);\n }\n\n if (typeof window === 'undefined') {\n // Pages router should always use useAuth as it is able to grab initial auth state from context during SSR.\n if (isPagesRouter) {\n return useAuth();\n }\n\n return useDeriveAuth({ ...resolvedData });\n } else {\n return useAuth({ ...resolvedData });\n }\n}"],"mappings":";AAwBS;AAtBT,SAAS,SAAS,qBAAqB;AAEvC,SAAS,iBAAiB;AAC1B,OAAO,WAAW;AAQlB,MAAM,qBAAqB,MAAM,cAE/B,IAAI;AAEC,SAAS,wBAAwB;AAAA,EACtC;AAAA,EACA;AACF,GAGG;AACD,SAAO,oBAAC,mBAAmB,UAAnB,EAA4B,OAAO,aAAc,UAAS;AACpE;AAEO,SAAS,qBAAqB;AACnC,QAAM,gBAAgB,UAAU;AAChC,QAAM,mBAAmB,MAAM,WAAW,kBAAkB;AAE5D,MAAI,eAAe;AACnB,MAAI,oBAAoB,UAAU,kBAAkB;AAClD,mBAAe,MAAM,IAAI,gBAAgB;AAAA,EAC3C;AAEA,MAAI,OAAO,WAAW,aAAa;AAEjC,QAAI,eAAe;AACjB,aAAO,QAAQ;AAAA,IACjB;AAEA,WAAO,cAAc,EAAE,GAAG,aAAa,CAAC;AAAA,EAC1C,OAAO;AACL,WAAO,QAAQ,EAAE,GAAG,aAAa,CAAC;AAAA,EACpC;AACF;","names":[]}
|
package/dist/esm/index.js
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { TernSecureProvider } from "./app-router/server/TernSecureProvider";
|
|
2
|
+
import { TernSecureProviderNode } from "./app-router/server/TernSecureProviderNode";
|
|
2
3
|
import {
|
|
3
4
|
useAuth,
|
|
4
5
|
useIdToken,
|
|
@@ -16,6 +17,7 @@ export {
|
|
|
16
17
|
SignInProvider,
|
|
17
18
|
SignUpProvider,
|
|
18
19
|
TernSecureProvider,
|
|
20
|
+
TernSecureProviderNode,
|
|
19
21
|
signIn,
|
|
20
22
|
useAuth,
|
|
21
23
|
useIdToken,
|
package/dist/esm/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/index.ts"],"sourcesContent":["export { TernSecureProvider } from './app-router/server/TernSecureProvider';\r\nexport {\r\n useAuth,\r\n useIdToken,\r\n useSession,\r\n useSignIn,\r\n useSignUp,\r\n signIn,\r\n useSignInContext,\r\n useSignUpContext,\r\n useTernSecure,\r\n SignInProvider,\r\n SignUpProvider,\r\n //SignIn,\r\n //SignOut,\r\n //SignOutButton,\r\n //SignUp,\r\n} from './boundary/components';\r\n\r\nexport type {\r\n TernSecureUser,\r\n TernSecureUserData,\r\n SignInResponse,\r\n SignUpResponse,\r\n SocialProviderOptions,\r\n} from '@tern-secure/types';\r\n\r\nexport type { UserInfo, SessionResult } from './types';\r\n"],"mappings":"AAAA,SAAS,0BAA0B;AACnC;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OAKK;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../../src/index.ts"],"sourcesContent":["export { TernSecureProvider } from './app-router/server/TernSecureProvider';\r\nexport { TernSecureProviderNode } from './app-router/server/TernSecureProviderNode';\r\nexport {\r\n useAuth,\r\n useIdToken,\r\n useSession,\r\n useSignIn,\r\n useSignUp,\r\n signIn,\r\n useSignInContext,\r\n useSignUpContext,\r\n useTernSecure,\r\n SignInProvider,\r\n SignUpProvider,\r\n //SignIn,\r\n //SignOut,\r\n //SignOutButton,\r\n //SignUp,\r\n} from './boundary/components';\r\n\r\nexport type {\r\n TernSecureUser,\r\n TernSecureUserData,\r\n SignInResponse,\r\n SignUpResponse,\r\n SocialProviderOptions,\r\n} from '@tern-secure/types';\r\n\r\nexport type { UserInfo, SessionResult } from './types';\r\n"],"mappings":"AAAA,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OAKK;","names":[]}
|
|
@@ -1,3 +1,10 @@
|
|
|
1
|
+
const FIREBASE_API_KEY = process.env.NEXT_PUBLIC_FIREBASE_API_KEY || "";
|
|
2
|
+
const FIREBASE_AUTH_DOMAIN = process.env.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN || "";
|
|
3
|
+
const FIREBASE_PROJECT_ID = process.env.NEXT_PUBLIC_FIREBASE_PROJECT_ID || "";
|
|
4
|
+
const FIREBASE_STORAGE_BUCKET = process.env.NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET || "";
|
|
5
|
+
const FIREBASE_MESSAGING_SENDER_ID = process.env.NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID || "";
|
|
6
|
+
const FIREBASE_APP_ID = process.env.NEXT_PUBLIC_FIREBASE_APP_ID || "";
|
|
7
|
+
const FIREBASE_MEASUREMENT_ID = process.env.NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID || "";
|
|
1
8
|
const API_KEY = process.env.NEXT_PUBLIC_FIREBASE_API_KEY || "";
|
|
2
9
|
const API_URL = process.env.TERNSECURE_API_URL || "";
|
|
3
10
|
const API_VERSION = process.env.TERNSECURE_API_VERSION || "v1";
|
|
@@ -7,6 +14,13 @@ export {
|
|
|
7
14
|
API_KEY,
|
|
8
15
|
API_URL,
|
|
9
16
|
API_VERSION,
|
|
17
|
+
FIREBASE_API_KEY,
|
|
18
|
+
FIREBASE_APP_ID,
|
|
19
|
+
FIREBASE_AUTH_DOMAIN,
|
|
20
|
+
FIREBASE_MEASUREMENT_ID,
|
|
21
|
+
FIREBASE_MESSAGING_SENDER_ID,
|
|
22
|
+
FIREBASE_PROJECT_ID,
|
|
23
|
+
FIREBASE_STORAGE_BUCKET,
|
|
10
24
|
SIGN_IN_URL,
|
|
11
25
|
SIGN_UP_URL
|
|
12
26
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/server/constant.ts"],"sourcesContent":["export const API_KEY = process.env.NEXT_PUBLIC_FIREBASE_API_KEY || '';\nexport const API_URL = process.env.TERNSECURE_API_URL || '';\nexport const API_VERSION = process.env.TERNSECURE_API_VERSION || 'v1';\nexport const SIGN_IN_URL = process.env.NEXT_PUBLIC_SIGN_IN_URL || '';\nexport const SIGN_UP_URL = process.env.NEXT_PUBLIC_SIGN_UP_URL || '';"],"mappings":"AAAO,MAAM,UAAU,QAAQ,IAAI,gCAAgC;AAC5D,MAAM,UAAU,QAAQ,IAAI,sBAAsB;AAClD,MAAM,cAAc,QAAQ,IAAI,0BAA0B;AAC1D,MAAM,cAAc,QAAQ,IAAI,2BAA2B;AAC3D,MAAM,cAAc,QAAQ,IAAI,2BAA2B;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../../../src/server/constant.ts"],"sourcesContent":["export const FIREBASE_API_KEY = process.env.NEXT_PUBLIC_FIREBASE_API_KEY || '';\nexport const FIREBASE_AUTH_DOMAIN = process.env.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN || '';\nexport const FIREBASE_PROJECT_ID = process.env.NEXT_PUBLIC_FIREBASE_PROJECT_ID || '';\nexport const FIREBASE_STORAGE_BUCKET = process.env.NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET || '';\nexport const FIREBASE_MESSAGING_SENDER_ID = process.env.NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID || '';\nexport const FIREBASE_APP_ID = process.env.NEXT_PUBLIC_FIREBASE_APP_ID || '';\nexport const FIREBASE_MEASUREMENT_ID = process.env.NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID || '';\n\nexport const API_KEY = process.env.NEXT_PUBLIC_FIREBASE_API_KEY || '';\nexport const API_URL = process.env.TERNSECURE_API_URL || '';\nexport const API_VERSION = process.env.TERNSECURE_API_VERSION || 'v1';\nexport const SIGN_IN_URL = process.env.NEXT_PUBLIC_SIGN_IN_URL || '';\nexport const SIGN_UP_URL = process.env.NEXT_PUBLIC_SIGN_UP_URL || '';"],"mappings":"AAAO,MAAM,mBAAmB,QAAQ,IAAI,gCAAgC;AACrE,MAAM,uBAAuB,QAAQ,IAAI,oCAAoC;AAC7E,MAAM,sBAAsB,QAAQ,IAAI,mCAAmC;AAC3E,MAAM,0BAA0B,QAAQ,IAAI,uCAAuC;AACnF,MAAM,+BAA+B,QAAQ,IAAI,4CAA4C;AAC7F,MAAM,kBAAkB,QAAQ,IAAI,+BAA+B;AACnE,MAAM,0BAA0B,QAAQ,IAAI,uCAAuC;AAEnF,MAAM,UAAU,QAAQ,IAAI,gCAAgC;AAC5D,MAAM,UAAU,QAAQ,IAAI,sBAAsB;AAClD,MAAM,cAAc,QAAQ,IAAI,0BAA0B;AAC1D,MAAM,cAAc,QAAQ,IAAI,2BAA2B;AAC3D,MAAM,cAAc,QAAQ,IAAI,2BAA2B;","names":[]}
|
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
import { AuthStatus, signedInAuthObject, signedOutAuthObject } from "@tern-secure/backend";
|
|
2
2
|
import { ternDecodeJwt } from "@tern-secure/backend/jwt";
|
|
3
|
+
import { initializeServerApp } from "firebase/app";
|
|
4
|
+
import { getAuth } from "firebase/auth";
|
|
3
5
|
import { getAuthKeyFromRequest } from "../../server/headers-utils";
|
|
6
|
+
import { FIREBASE_API_KEY, FIREBASE_APP_ID, FIREBASE_AUTH_DOMAIN, FIREBASE_MEASUREMENT_ID, FIREBASE_MESSAGING_SENDER_ID, FIREBASE_PROJECT_ID, FIREBASE_STORAGE_BUCKET } from "../constant";
|
|
4
7
|
const authObjectToSerializable = (obj) => {
|
|
5
8
|
const { require: require2, ...rest } = obj;
|
|
6
9
|
return rest;
|
|
@@ -23,9 +26,106 @@ function getAuthDataFromRequest(req) {
|
|
|
23
26
|
}
|
|
24
27
|
return authObject;
|
|
25
28
|
}
|
|
29
|
+
const authObjectToSerializableNode = (obj) => {
|
|
30
|
+
const { require: require2, ...rest } = obj;
|
|
31
|
+
return rest;
|
|
32
|
+
};
|
|
33
|
+
async function getTernSecureAuthDataNode(req, initialState = {}) {
|
|
34
|
+
const authObject = await getAuthDataFromRequestNode(req);
|
|
35
|
+
return authObjectToSerializableNode({ ...initialState, ...authObject });
|
|
36
|
+
}
|
|
37
|
+
async function getAuthDataFromRequestNode(req) {
|
|
38
|
+
const authStatus = getAuthKeyFromRequest(req, "AuthStatus");
|
|
39
|
+
const authToken = getAuthKeyFromRequest(req, "AuthToken");
|
|
40
|
+
if (!authStatus || authStatus !== AuthStatus.SignedIn) {
|
|
41
|
+
return {
|
|
42
|
+
...signedOutAuthObject(),
|
|
43
|
+
user: null,
|
|
44
|
+
userId: null
|
|
45
|
+
};
|
|
46
|
+
}
|
|
47
|
+
const firebaseUser = await authenticateRequest(authToken, req);
|
|
48
|
+
if (!firebaseUser || !firebaseUser.claims) {
|
|
49
|
+
return {
|
|
50
|
+
...signedOutAuthObject(),
|
|
51
|
+
user: null,
|
|
52
|
+
userId: null
|
|
53
|
+
};
|
|
54
|
+
}
|
|
55
|
+
const { user, claims } = firebaseUser;
|
|
56
|
+
const authObject = signedInAuthObject(authToken, claims);
|
|
57
|
+
return {
|
|
58
|
+
...authObject,
|
|
59
|
+
user: user || null
|
|
60
|
+
};
|
|
61
|
+
}
|
|
62
|
+
const authenticateRequest = async (token, request) => {
|
|
63
|
+
try {
|
|
64
|
+
const origin = new URL(request.url).origin;
|
|
65
|
+
const requestHeaders = new Headers(request.headers);
|
|
66
|
+
requestHeaders.set("referer", origin);
|
|
67
|
+
requestHeaders.set("Referer", origin);
|
|
68
|
+
const mockRequest = {
|
|
69
|
+
headers: requestHeaders
|
|
70
|
+
};
|
|
71
|
+
const config = {
|
|
72
|
+
apiKey: FIREBASE_API_KEY,
|
|
73
|
+
authDomain: FIREBASE_AUTH_DOMAIN,
|
|
74
|
+
projectId: FIREBASE_PROJECT_ID,
|
|
75
|
+
storageBucket: FIREBASE_STORAGE_BUCKET,
|
|
76
|
+
messagingSenderId: FIREBASE_MESSAGING_SENDER_ID,
|
|
77
|
+
appId: FIREBASE_APP_ID,
|
|
78
|
+
measurementId: FIREBASE_MEASUREMENT_ID
|
|
79
|
+
};
|
|
80
|
+
const firebaseServerApp = initializeServerApp(
|
|
81
|
+
config,
|
|
82
|
+
{
|
|
83
|
+
authIdToken: token,
|
|
84
|
+
releaseOnDeref: mockRequest
|
|
85
|
+
}
|
|
86
|
+
);
|
|
87
|
+
const auth = getAuth(firebaseServerApp);
|
|
88
|
+
await auth.authStateReady();
|
|
89
|
+
if (auth.currentUser) {
|
|
90
|
+
const idTokenResult = await auth.currentUser.getIdTokenResult();
|
|
91
|
+
const claims = idTokenResult.claims;
|
|
92
|
+
const userObj = {
|
|
93
|
+
uid: auth.currentUser.uid,
|
|
94
|
+
email: auth.currentUser.email,
|
|
95
|
+
emailVerified: auth.currentUser.emailVerified,
|
|
96
|
+
displayName: auth.currentUser.displayName,
|
|
97
|
+
isAnonymous: auth.currentUser.isAnonymous,
|
|
98
|
+
phoneNumber: auth.currentUser.phoneNumber,
|
|
99
|
+
photoURL: auth.currentUser.photoURL,
|
|
100
|
+
providerId: auth.currentUser.providerId,
|
|
101
|
+
tenantId: auth.currentUser.tenantId,
|
|
102
|
+
refreshToken: auth.currentUser.refreshToken,
|
|
103
|
+
metadata: {
|
|
104
|
+
creationTime: auth.currentUser.metadata.creationTime,
|
|
105
|
+
lastSignInTime: auth.currentUser.metadata.lastSignInTime
|
|
106
|
+
},
|
|
107
|
+
providerData: auth.currentUser.providerData.map((provider) => ({
|
|
108
|
+
uid: provider.uid,
|
|
109
|
+
displayName: provider.displayName,
|
|
110
|
+
email: provider.email,
|
|
111
|
+
phoneNumber: provider.phoneNumber,
|
|
112
|
+
photoURL: provider.photoURL,
|
|
113
|
+
providerId: provider.providerId
|
|
114
|
+
}))
|
|
115
|
+
};
|
|
116
|
+
return { user: userObj, claims };
|
|
117
|
+
}
|
|
118
|
+
return null;
|
|
119
|
+
} catch (error) {
|
|
120
|
+
return null;
|
|
121
|
+
}
|
|
122
|
+
};
|
|
26
123
|
export {
|
|
27
124
|
authObjectToSerializable,
|
|
125
|
+
authObjectToSerializableNode,
|
|
28
126
|
getAuthDataFromRequest,
|
|
29
|
-
|
|
127
|
+
getAuthDataFromRequestNode,
|
|
128
|
+
getTernSecureAuthData,
|
|
129
|
+
getTernSecureAuthDataNode
|
|
30
130
|
};
|
|
31
131
|
//# sourceMappingURL=getAuthDataFromRequest.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/server/data/getAuthDataFromRequest.ts"],"sourcesContent":["import type { AuthObject } from '@tern-secure/backend';\nimport { AuthStatus, signedInAuthObject, signedOutAuthObject } from '@tern-secure/backend';\nimport { ternDecodeJwt } from '@tern-secure/backend/jwt';\n\nimport { getAuthKeyFromRequest } from '../../server/headers-utils';\nimport type { RequestLike } from '../../server/types';\n\n\n/**\n * Auth objects moving through the server -> client boundary need to be serializable\n * as we need to ensure that they can be transferred via the network as pure strings.\n * Some frameworks like Remix or Next (/pages dir only) handle this serialization by simply\n * ignoring any non-serializable keys, however Nextjs /app directory is stricter and\n * throws an error if a non-serializable value is found.\n * @internal\n */\nexport const authObjectToSerializable = <T extends Record<string, unknown>>(obj: T): T => {\n // remove any non-serializable props from the returned object\n\n const { require, ...rest } = obj as unknown as AuthObject;\n return rest as unknown as T;\n};\n\nexport function getTernSecureAuthData(req: RequestLike, initialState = {}) {\n const authObject = getAuthDataFromRequest(req);\n return authObjectToSerializable({ ...initialState, ...authObject });\n}\n\nexport function getAuthDataFromRequest(req: RequestLike): AuthObject {\n const authStatus = getAuthKeyFromRequest(req, 'AuthStatus');\n const authToken = getAuthKeyFromRequest(req, 'AuthToken');\n const authSignature = getAuthKeyFromRequest(req, 'AuthSignature');\n const authReason = getAuthKeyFromRequest(req, 'AuthReason');\n\n let authObject;\n if (!authStatus || authStatus !== AuthStatus.SignedIn) {\n authObject = signedOutAuthObject();\n } else {\n const jwt = ternDecodeJwt(authToken as string);\n\n authObject = signedInAuthObject(jwt.raw.text, jwt.payload);\n }\n return authObject;\n}\n"],"mappings":"AACA,SAAS,YAAY,oBAAoB,2BAA2B;AACpE,SAAS,qBAAqB;
|
|
1
|
+
{"version":3,"sources":["../../../../src/server/data/getAuthDataFromRequest.ts"],"sourcesContent":["import type { AuthObject } from '@tern-secure/backend';\nimport { AuthStatus, signedInAuthObject, signedOutAuthObject } from '@tern-secure/backend';\nimport { ternDecodeJwt } from '@tern-secure/backend/jwt';\nimport type { ParsedToken, TernSecureConfig, TernSecureUser } from '@tern-secure/types';\nimport type { FirebaseServerApp } from \"firebase/app\";\nimport { initializeServerApp } from \"firebase/app\";\nimport type { Auth } from \"firebase/auth\";\nimport { getAuth } from \"firebase/auth\";\n\nimport { getAuthKeyFromRequest } from '../../server/headers-utils';\nimport type { RequestLike } from '../../server/types';\nimport { FIREBASE_API_KEY, FIREBASE_APP_ID, FIREBASE_AUTH_DOMAIN, FIREBASE_MEASUREMENT_ID, FIREBASE_MESSAGING_SENDER_ID, FIREBASE_PROJECT_ID, FIREBASE_STORAGE_BUCKET } from \"../constant\";\n\n\n/**\n * Auth objects moving through the server -> client boundary need to be serializable\n * as we need to ensure that they can be transferred via the network as pure strings.\n * Some frameworks like Remix or Next (/pages dir only) handle this serialization by simply\n * ignoring any non-serializable keys, however Nextjs /app directory is stricter and\n * throws an error if a non-serializable value is found.\n * @internal\n */\nexport const authObjectToSerializable = <T extends Record<string, unknown>>(obj: T): T => {\n // remove any non-serializable props from the returned object\n\n const { require, ...rest } = obj as unknown as AuthObject;\n return rest as unknown as T;\n};\n\nexport function getTernSecureAuthData(req: RequestLike, initialState = {}) {\n const authObject = getAuthDataFromRequest(req);\n return authObjectToSerializable({ ...initialState, ...authObject });\n}\n\nexport function getAuthDataFromRequest(req: RequestLike): AuthObject {\n const authStatus = getAuthKeyFromRequest(req, 'AuthStatus');\n const authToken = getAuthKeyFromRequest(req, 'AuthToken');\n const authSignature = getAuthKeyFromRequest(req, 'AuthSignature');\n const authReason = getAuthKeyFromRequest(req, 'AuthReason');\n\n let authObject;\n if (!authStatus || authStatus !== AuthStatus.SignedIn) {\n authObject = signedOutAuthObject();\n } else {\n const jwt = ternDecodeJwt(authToken as string);\n\n authObject = signedInAuthObject(jwt.raw.text, jwt.payload);\n }\n return authObject;\n}\n\n\nexport type SerializableTernSecureUser = Omit<TernSecureUser, 'delete' | 'getIdToken' | 'getIdTokenResult' | 'reload' | 'toJSON'>;\n\nexport type Aobj = {\n user: SerializableTernSecureUser | null\n userId: string | null\n}\n\n\n// Serializable auth object type\n/**\n * Auth objects moving through the server -> client boundary need to be serializable\n * as we need to ensure that they can be transferred via the network as pure strings.\n * Some frameworks like Remix or Next (/pages dir only) handle this serialization by simply\n * ignoring any non-serializable keys, however Nextjs /app directory is stricter and\n * throws an error if a non-serializable value is found.\n * @internal\n */\nexport const authObjectToSerializableNode = <T extends Record<string, unknown>>(\n obj: T\n): T => {\n // remove any non-serializable props from the returned object\n\n const { require, ...rest } = obj as unknown as AuthObject;\n return rest as unknown as T;\n};\n\nexport async function getTernSecureAuthDataNode(\n req: RequestLike,\n initialState = {}\n) {\n const authObject = await getAuthDataFromRequestNode(req);\n return authObjectToSerializableNode({ ...initialState, ...authObject });\n}\n\nexport async function getAuthDataFromRequestNode(req: RequestLike): Promise<AuthObject & Aobj> {\n const authStatus = getAuthKeyFromRequest(req, \"AuthStatus\");\n const authToken = getAuthKeyFromRequest(req, \"AuthToken\");\n\n if (!authStatus || authStatus !== AuthStatus.SignedIn) {\n return {\n ...signedOutAuthObject(),\n user: null,\n userId: null\n }\n }\n\n const firebaseUser = await authenticateRequest(authToken as string, req as any);\n if (!firebaseUser || !firebaseUser.claims) {\n return {\n ...signedOutAuthObject(),\n user: null,\n userId: null\n }\n }\n const { user, claims } = firebaseUser;\n const authObject = signedInAuthObject(authToken as string, claims as any);\n return {\n ...authObject,\n user: user || null,\n };\n}\n\nconst authenticateRequest = async (\n token: string,\n request: Request\n): Promise<{ user: SerializableTernSecureUser; claims: ParsedToken } | null> => {\n try {\n const origin = new URL(request.url).origin;\n\n const requestHeaders = new Headers(request.headers);\n requestHeaders.set(\"referer\", origin);\n requestHeaders.set(\"Referer\", origin);\n\n const mockRequest = {\n headers: requestHeaders,\n };\n\n const config: TernSecureConfig = {\n apiKey: FIREBASE_API_KEY,\n authDomain: FIREBASE_AUTH_DOMAIN,\n projectId: FIREBASE_PROJECT_ID,\n storageBucket: FIREBASE_STORAGE_BUCKET,\n messagingSenderId: FIREBASE_MESSAGING_SENDER_ID,\n appId: FIREBASE_APP_ID,\n measurementId: FIREBASE_MEASUREMENT_ID,\n };\n\n const firebaseServerApp: FirebaseServerApp = initializeServerApp(\n config,\n {\n authIdToken: token,\n releaseOnDeref: mockRequest,\n }\n );\n\n const auth: Auth = getAuth(firebaseServerApp);\n await auth.authStateReady();\n\n if (auth.currentUser) {\n const idTokenResult = await auth.currentUser.getIdTokenResult();\n const claims = idTokenResult.claims;\n\n const userObj: SerializableTernSecureUser = {\n uid: auth.currentUser.uid,\n email: auth.currentUser.email,\n emailVerified: auth.currentUser.emailVerified,\n displayName: auth.currentUser.displayName,\n isAnonymous: auth.currentUser.isAnonymous,\n phoneNumber: auth.currentUser.phoneNumber,\n photoURL: auth.currentUser.photoURL,\n providerId: auth.currentUser.providerId,\n tenantId: auth.currentUser.tenantId,\n refreshToken: auth.currentUser.refreshToken,\n metadata: {\n creationTime: auth.currentUser.metadata.creationTime,\n lastSignInTime: auth.currentUser.metadata.lastSignInTime,\n },\n providerData: auth.currentUser.providerData.map((provider) => ({\n uid: provider.uid,\n displayName: provider.displayName,\n email: provider.email,\n phoneNumber: provider.phoneNumber,\n photoURL: provider.photoURL,\n providerId: provider.providerId,\n })),\n };\n\n return { user: userObj, claims };\n }\n\n return null;\n } catch (error) {\n return null;\n }\n};\n\nexport { TernSecureUser }\n"],"mappings":"AACA,SAAS,YAAY,oBAAoB,2BAA2B;AACpE,SAAS,qBAAqB;AAG9B,SAAS,2BAA2B;AAEpC,SAAS,eAAe;AAExB,SAAS,6BAA6B;AAEtC,SAAS,kBAAkB,iBAAiB,sBAAsB,yBAAyB,8BAA8B,qBAAqB,+BAA+B;AAWtK,MAAM,2BAA2B,CAAoC,QAAc;AAGxF,QAAM,EAAE,SAAAA,UAAS,GAAG,KAAK,IAAI;AAC7B,SAAO;AACT;AAEO,SAAS,sBAAsB,KAAkB,eAAe,CAAC,GAAG;AACzE,QAAM,aAAa,uBAAuB,GAAG;AAC7C,SAAO,yBAAyB,EAAE,GAAG,cAAc,GAAG,WAAW,CAAC;AACpE;AAEO,SAAS,uBAAuB,KAA8B;AACnE,QAAM,aAAa,sBAAsB,KAAK,YAAY;AAC1D,QAAM,YAAY,sBAAsB,KAAK,WAAW;AACxD,QAAM,gBAAgB,sBAAsB,KAAK,eAAe;AAChE,QAAM,aAAa,sBAAsB,KAAK,YAAY;AAE1D,MAAI;AACJ,MAAI,CAAC,cAAc,eAAe,WAAW,UAAU;AACrD,iBAAa,oBAAoB;AAAA,EACnC,OAAO;AACL,UAAM,MAAM,cAAc,SAAmB;AAE7C,iBAAa,mBAAmB,IAAI,IAAI,MAAM,IAAI,OAAO;AAAA,EAC3D;AACA,SAAO;AACT;AAoBO,MAAM,+BAA+B,CAC1C,QACM;AAGN,QAAM,EAAE,SAAAA,UAAS,GAAG,KAAK,IAAI;AAC7B,SAAO;AACT;AAEA,eAAsB,0BACpB,KACA,eAAe,CAAC,GAChB;AACA,QAAM,aAAa,MAAM,2BAA2B,GAAG;AACvD,SAAO,6BAA6B,EAAE,GAAG,cAAc,GAAG,WAAW,CAAC;AACxE;AAEA,eAAsB,2BAA2B,KAA8C;AAC7F,QAAM,aAAa,sBAAsB,KAAK,YAAY;AAC1D,QAAM,YAAY,sBAAsB,KAAK,WAAW;AAExD,MAAI,CAAC,cAAc,eAAe,WAAW,UAAU;AACrD,WAAO;AAAA,MACL,GAAG,oBAAoB;AAAA,MACvB,MAAM;AAAA,MACN,QAAQ;AAAA,IACV;AAAA,EACF;AAEA,QAAM,eAAe,MAAM,oBAAoB,WAAqB,GAAU;AAC9E,MAAI,CAAC,gBAAgB,CAAC,aAAa,QAAQ;AACzC,WAAO;AAAA,MACL,GAAG,oBAAoB;AAAA,MACvB,MAAM;AAAA,MACN,QAAQ;AAAA,IACV;AAAA,EACF;AACA,QAAM,EAAE,MAAM,OAAO,IAAI;AACzB,QAAM,aAAa,mBAAmB,WAAqB,MAAa;AACxE,SAAO;AAAA,IACL,GAAG;AAAA,IACH,MAAM,QAAQ;AAAA,EAChB;AACF;AAEA,MAAM,sBAAsB,OAC1B,OACA,YAC8E;AAC9E,MAAI;AACF,UAAM,SAAS,IAAI,IAAI,QAAQ,GAAG,EAAE;AAEpC,UAAM,iBAAiB,IAAI,QAAQ,QAAQ,OAAO;AAClD,mBAAe,IAAI,WAAW,MAAM;AACpC,mBAAe,IAAI,WAAW,MAAM;AAEpC,UAAM,cAAc;AAAA,MAClB,SAAS;AAAA,IACX;AAEA,UAAM,SAA2B;AAAA,MAC/B,QAAQ;AAAA,MACR,YAAY;AAAA,MACZ,WAAW;AAAA,MACX,eAAe;AAAA,MACf,mBAAmB;AAAA,MACnB,OAAO;AAAA,MACP,eAAe;AAAA,IACjB;AAEA,UAAM,oBAAuC;AAAA,MAC3C;AAAA,MACA;AAAA,QACE,aAAa;AAAA,QACb,gBAAgB;AAAA,MAClB;AAAA,IACF;AAEA,UAAM,OAAa,QAAQ,iBAAiB;AAC5C,UAAM,KAAK,eAAe;AAE1B,QAAI,KAAK,aAAa;AACpB,YAAM,gBAAgB,MAAM,KAAK,YAAY,iBAAiB;AAC9D,YAAM,SAAS,cAAc;AAE7B,YAAM,UAAsC;AAAA,QAC1C,KAAK,KAAK,YAAY;AAAA,QACtB,OAAO,KAAK,YAAY;AAAA,QACxB,eAAe,KAAK,YAAY;AAAA,QAChC,aAAa,KAAK,YAAY;AAAA,QAC9B,aAAa,KAAK,YAAY;AAAA,QAC9B,aAAa,KAAK,YAAY;AAAA,QAC9B,UAAU,KAAK,YAAY;AAAA,QAC3B,YAAY,KAAK,YAAY;AAAA,QAC7B,UAAU,KAAK,YAAY;AAAA,QAC3B,cAAc,KAAK,YAAY;AAAA,QAC/B,UAAU;AAAA,UACR,cAAc,KAAK,YAAY,SAAS;AAAA,UACxC,gBAAgB,KAAK,YAAY,SAAS;AAAA,QAC5C;AAAA,QACA,cAAc,KAAK,YAAY,aAAa,IAAI,CAAC,cAAc;AAAA,UAC7D,KAAK,SAAS;AAAA,UACd,aAAa,SAAS;AAAA,UACtB,OAAO,SAAS;AAAA,UAChB,aAAa,SAAS;AAAA,UACtB,UAAU,SAAS;AAAA,UACnB,YAAY,SAAS;AAAA,QACvB,EAAE;AAAA,MACJ;AAEA,aAAO,EAAE,MAAM,SAAS,OAAO;AAAA,IACjC;AAEA,WAAO;AAAA,EACT,SAAS,OAAO;AACd,WAAO;AAAA,EACT;AACF;","names":["require"]}
|
package/dist/esm/server/index.js
CHANGED
|
@@ -1,17 +1,23 @@
|
|
|
1
1
|
import {
|
|
2
2
|
ternSecureMiddleware
|
|
3
3
|
} from "./ternSecureEdgeMiddleware";
|
|
4
|
+
import { ternSecureInstrumentation } from "./instrumentation";
|
|
4
5
|
import { createRouteMatcher } from "./routeMatcher";
|
|
5
6
|
import { ternSecureBackendClient } from "./ternsecureClient";
|
|
6
7
|
import {
|
|
7
8
|
auth
|
|
8
9
|
} from "../app-router/server/auth";
|
|
10
|
+
import {
|
|
11
|
+
authNew
|
|
12
|
+
} from "../app-router/server/auth_new";
|
|
9
13
|
import { NextCookieStore } from "../utils/NextCookieAdapter";
|
|
10
14
|
export {
|
|
11
15
|
NextCookieStore,
|
|
12
16
|
auth,
|
|
17
|
+
authNew,
|
|
13
18
|
createRouteMatcher,
|
|
14
19
|
ternSecureBackendClient,
|
|
20
|
+
ternSecureInstrumentation,
|
|
15
21
|
ternSecureMiddleware
|
|
16
22
|
};
|
|
17
23
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../src/server/index.ts"],"sourcesContent":["export {\r\n ternSecureMiddleware,\r\n} from \"./ternSecureEdgeMiddleware\";\r\nexport { createRouteMatcher } from \"./routeMatcher\";\r\nexport { ternSecureBackendClient } from \"./ternsecureClient\";\r\nexport {\r\n auth\r\n} from \"../app-router/server/auth\";\r\nexport type { AuthResult } from \"../app-router/server/auth\";\r\nexport type { BaseUser, SessionResult } from \"./types\";\r\nexport { NextCookieStore } from \"../utils/NextCookieAdapter\";\r\n"],"mappings":"AAAA;AAAA,EACE;AAAA,OACK;AACP,SAAS,0BAA0B;AACnC,SAAS,+BAA+B;AACxC;AAAA,EACE;AAAA,OACK;AAGP,SAAS,uBAAuB;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../../../src/server/index.ts"],"sourcesContent":["export {\r\n ternSecureMiddleware,\r\n} from \"./ternSecureEdgeMiddleware\";\r\nexport { ternSecureInstrumentation } from \"./instrumentation\";\r\nexport { createRouteMatcher } from \"./routeMatcher\";\r\nexport { ternSecureBackendClient } from \"./ternsecureClient\";\r\nexport {\r\n auth\r\n} from \"../app-router/server/auth\";\r\nexport {\r\n authNew\r\n} from \"../app-router/server/auth_new\";\r\nexport type { AuthResult } from \"../app-router/server/auth\";\r\nexport type { BaseUser, SessionResult } from \"./types\";\r\nexport { NextCookieStore } from \"../utils/NextCookieAdapter\";\r\n"],"mappings":"AAAA;AAAA,EACE;AAAA,OACK;AACP,SAAS,iCAAiC;AAC1C,SAAS,0BAA0B;AACnC,SAAS,+BAA+B;AACxC;AAAA,EACE;AAAA,OACK;AACP;AAAA,EACE;AAAA,OACK;AAGP,SAAS,uBAAuB;","names":[]}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
function ternSecureInstrumentation(appUrl) {
|
|
2
|
+
const resolvedAppUrl = appUrl || process.env.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN;
|
|
3
|
+
if (!resolvedAppUrl) {
|
|
4
|
+
throw new Error(
|
|
5
|
+
"ternSecureInstrumentation: appUrl must be provided either as a parameter or via NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN environment variable."
|
|
6
|
+
);
|
|
7
|
+
}
|
|
8
|
+
const originalFetch = global.fetch;
|
|
9
|
+
global.fetch = async (input, init) => {
|
|
10
|
+
const url = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
|
|
11
|
+
const urlObj = new URL(url);
|
|
12
|
+
if (urlObj.hostname === "identitytoolkit.googleapis.com") {
|
|
13
|
+
const modifiedInit = {
|
|
14
|
+
...init,
|
|
15
|
+
headers: {
|
|
16
|
+
...init?.headers || {},
|
|
17
|
+
Referer: resolvedAppUrl
|
|
18
|
+
}
|
|
19
|
+
};
|
|
20
|
+
return originalFetch(input, modifiedInit);
|
|
21
|
+
}
|
|
22
|
+
return originalFetch(input, init);
|
|
23
|
+
};
|
|
24
|
+
}
|
|
25
|
+
export {
|
|
26
|
+
ternSecureInstrumentation
|
|
27
|
+
};
|
|
28
|
+
//# sourceMappingURL=instrumentation.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../src/server/instrumentation.ts"],"sourcesContent":["/**\n * Patches global.fetch to add Referer header for Firebase Identity Toolkit requests.\n * This is required for Firebase Auth to work properly on the server side.\n * \n * @param appUrl - Optional URL of your application. If not provided, uses NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN env variable.\n * You must provide either the parameter or set the environment variable.\n * \n * @throws {Error} If no appUrl is provided and NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN is not set.\n * \n * @example\n * ```typescript\n * // In your app's instrumentation.ts\n * import { ternSecureInstrumentation } from '@tern-secure/nextjs/server';\n * \n * export async function register() {\n * if (process.env.NEXT_RUNTIME === 'nodejs') {\n * // Option 1: Use environment variable\n * ternSecureInstrumentation();\n * \n * // Option 2: Provide URL explicitly\n * ternSecureInstrumentation('http://localhost:3000');\n * }\n * }\n * ```\n */\nexport function ternSecureInstrumentation(appUrl?: string): void {\n const resolvedAppUrl = appUrl || process.env.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN;\n\n if (!resolvedAppUrl) {\n throw new Error(\n 'ternSecureInstrumentation: appUrl must be provided either as a parameter or via NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN environment variable.'\n );\n }\n\n const originalFetch = global.fetch;\n\n global.fetch = async (input: RequestInfo | URL, init?: RequestInit) => {\n const url =\n typeof input === \"string\"\n ? input\n : input instanceof URL\n ? input.href\n : input.url;\n const urlObj = new URL(url);\n\n if (urlObj.hostname === \"identitytoolkit.googleapis.com\") {\n const modifiedInit = {\n ...init,\n headers: {\n ...(init?.headers || {}),\n Referer: resolvedAppUrl,\n },\n };\n return originalFetch(input, modifiedInit);\n }\n return originalFetch(input, init);\n };\n}"],"mappings":"AAyBO,SAAS,0BAA0B,QAAuB;AAC7D,QAAM,iBAAiB,UAAU,QAAQ,IAAI;AAE7C,MAAI,CAAC,gBAAgB;AACjB,UAAM,IAAI;AAAA,MACN;AAAA,IACJ;AAAA,EACJ;AAEA,QAAM,gBAAgB,OAAO;AAE7B,SAAO,QAAQ,OAAO,OAA0B,SAAuB;AACnE,UAAM,MACF,OAAO,UAAU,WACX,QACA,iBAAiB,MACb,MAAM,OACN,MAAM;AACpB,UAAM,SAAS,IAAI,IAAI,GAAG;AAE1B,QAAI,OAAO,aAAa,kCAAkC;AACtD,YAAM,eAAe;AAAA,QACjB,GAAG;AAAA,QACH,SAAS;AAAA,UACL,GAAI,MAAM,WAAW,CAAC;AAAA,UACtB,SAAS;AAAA,QACb;AAAA,MACJ;AACA,aAAO,cAAc,OAAO,YAAY;AAAA,IAC5C;AACA,WAAO,cAAc,OAAO,IAAI;AAAA,EACpC;AACJ;","names":[]}
|
|
@@ -0,0 +1,4 @@
|
|
|
1
|
+
import React from 'react';
|
|
2
|
+
import type { TernSecureNextProps } from '../../types';
|
|
3
|
+
export declare function TernSecureProviderNode(props: TernSecureNextProps): Promise<React.ReactElement<unknown, string | React.JSXElementConstructor<any>>>;
|
|
4
|
+
//# sourceMappingURL=TernSecureProviderNode.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"TernSecureProviderNode.d.ts","sourceRoot":"","sources":["../../../../src/app-router/server/TernSecureProviderNode.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,MAAM,OAAO,CAAC;AAK1B,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAiBvD,wBAAsB,sBAAsB,CAAC,KAAK,EAAE,mBAAmB,mFA4CtE"}
|
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
import type { AuthObject, RedirectFun } from '@tern-secure/backend';
|
|
2
2
|
import { redirect } from 'next/navigation';
|
|
3
|
+
import { type Aobj } from '../../server/data/getAuthDataFromRequest';
|
|
3
4
|
import { type AuthProtect } from '../../server/protect';
|
|
4
5
|
import type { BaseUser } from '../../server/types';
|
|
6
|
+
/**
|
|
7
|
+
* @deprecated will be removed in future versions.
|
|
8
|
+
*/
|
|
5
9
|
export interface AuthResult {
|
|
6
10
|
user: BaseUser | null;
|
|
7
11
|
error: Error | null;
|
|
@@ -9,7 +13,7 @@ export interface AuthResult {
|
|
|
9
13
|
/**
|
|
10
14
|
* `Auth` object of the currently active user and the `redirectToSignIn()` method.
|
|
11
15
|
*/
|
|
12
|
-
type Auth = AuthObject & {
|
|
16
|
+
type Auth = AuthObject & Aobj & {
|
|
13
17
|
redirectToSignIn: RedirectFun<ReturnType<typeof redirect>>;
|
|
14
18
|
redirectToSignUp: RedirectFun<ReturnType<typeof redirect>>;
|
|
15
19
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../../src/app-router/server/auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAEpE,OAAO,EAAY,QAAQ,EAAE,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../../src/app-router/server/auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAEpE,OAAO,EAAY,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAGrD,OAAO,EAAE,KAAK,IAAI,EAA8B,MAAM,0CAA0C,CAAC;AAEjG,OAAO,EAAE,KAAK,WAAW,EAAiB,MAAM,sBAAsB,CAAC;AACvE,OAAO,KAAK,EAAE,QAAQ,EAAe,MAAM,oBAAoB,CAAC;AAGhE;;EAEE;AACF,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAC;IACtB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;CACrB;AAED;;GAEG;AACH,KAAK,IAAI,GAAG,UAAU,GAAG,IAAI,GAAG;IAC9B,gBAAgB,EAAE,WAAW,CAAC,UAAU,CAAC,OAAO,QAAQ,CAAC,CAAC,CAAC;IAC3D,gBAAgB,EAAE,WAAW,CAAC,UAAU,CAAC,OAAO,QAAQ,CAAC,CAAC,CAAC;CAC5D,CAAC;AAEF,MAAM,WAAW,MAAM;IACrB,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAElB,OAAO,EAAE,WAAW,CAAC;CACtB;AAQD;;GAEG;AACH,eAAO,MAAM,IAAI,EAAE,MAwClB,CAAC"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import type { Aobj, TernSecureUser } from '../../server/data/getAuthDataFromRequest';
|
|
2
|
+
/**
|
|
3
|
+
* `Auth` object of the currently active user and the `redirectToSignIn()` method.
|
|
4
|
+
*/
|
|
5
|
+
type Auth = Aobj;
|
|
6
|
+
export interface AuthFn {
|
|
7
|
+
(): Promise<Auth>;
|
|
8
|
+
}
|
|
9
|
+
/**
|
|
10
|
+
* Get the current authenticated user from the session cookies
|
|
11
|
+
*/
|
|
12
|
+
export declare const authNew: AuthFn;
|
|
13
|
+
export { TernSecureUser };
|
|
14
|
+
//# sourceMappingURL=auth_new.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth_new.d.ts","sourceRoot":"","sources":["../../../../src/app-router/server/auth_new.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,cAAc,EAAC,MAAM,0CAA0C,CAAC;AAKpF;;GAEG;AACH,KAAK,IAAI,GAAG,IAAI,CAAC;AAEjB,MAAM,WAAW,MAAM;IACrB,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CACnB;AAQD;;GAEG;AACH,eAAO,MAAM,OAAO,EAAE,MASrB,CAAC;AAGF,OAAO,EAAE,cAAc,EAAE,CAAA"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
import type {
|
|
1
|
+
import type { TernSecureInitialState } from '@tern-secure/types';
|
|
2
2
|
import React from 'react';
|
|
3
3
|
export declare function PromiseAuthProvider({ authPromise, children, }: {
|
|
4
|
-
authPromise: Promise<
|
|
4
|
+
authPromise: Promise<TernSecureInitialState> | TernSecureInitialState;
|
|
5
5
|
children: React.ReactNode;
|
|
6
6
|
}): import("react/jsx-runtime").JSX.Element;
|
|
7
7
|
export declare function usePromiseAuth(): import("@tern-secure/types").UseAuthReturn;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"PromiseAuthProvider.d.ts","sourceRoot":"","sources":["../../../src/boundary/PromiseAuthProvider.tsx"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,
|
|
1
|
+
{"version":3,"file":"PromiseAuthProvider.d.ts","sourceRoot":"","sources":["../../../src/boundary/PromiseAuthProvider.tsx"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,oBAAoB,CAAC;AAEjE,OAAO,KAAK,MAAM,OAAO,CAAC;AAM1B,wBAAgB,mBAAmB,CAAC,EAClC,WAAW,EACX,QAAQ,GACT,EAAE;IACD,WAAW,EAAE,OAAO,CAAC,sBAAsB,CAAC,GAAG,sBAAsB,CAAC;IACtE,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;CAC3B,2CAEA;AAED,wBAAgB,cAAc,+CAmB7B"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import type { DecodedIdToken, TernSecureUser } from '@tern-secure/types';
|
|
2
|
+
import React from 'react';
|
|
3
|
+
type TernSecureInitialState = {
|
|
4
|
+
user?: TernSecureUser | null;
|
|
5
|
+
token?: string | null;
|
|
6
|
+
sessionClaims?: DecodedIdToken | null;
|
|
7
|
+
};
|
|
8
|
+
export declare function PromiseAuthProviderNode({ authPromise, children, }: {
|
|
9
|
+
authPromise: Promise<TernSecureInitialState> | TernSecureInitialState;
|
|
10
|
+
children: React.ReactNode;
|
|
11
|
+
}): import("react/jsx-runtime").JSX.Element;
|
|
12
|
+
export declare function usePromiseAuthNode(): import("@tern-secure/types").UseAuthReturn;
|
|
13
|
+
export {};
|
|
14
|
+
//# sourceMappingURL=PromiseAuthProviderNode.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"PromiseAuthProviderNode.d.ts","sourceRoot":"","sources":["../../../src/boundary/PromiseAuthProviderNode.tsx"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAEzE,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,KAAK,sBAAsB,GAAG;IAC5B,IAAI,CAAC,EAAE,cAAc,GAAG,IAAI,CAAC;IAC7B,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,aAAa,CAAC,EAAE,cAAc,GAAG,IAAI,CAAC;CACvC,CAAC;AAMF,wBAAgB,uBAAuB,CAAC,EACtC,WAAW,EACX,QAAQ,GACT,EAAE;IACD,WAAW,EAAE,OAAO,CAAC,sBAAsB,CAAC,GAAG,sBAAsB,CAAC;IACtE,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;CAC3B,2CAEA;AAED,wBAAgB,kBAAkB,+CAmBjC"}
|
package/dist/types/index.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
export { TernSecureProvider } from './app-router/server/TernSecureProvider';
|
|
2
|
+
export { TernSecureProviderNode } from './app-router/server/TernSecureProviderNode';
|
|
2
3
|
export { useAuth, useIdToken, useSession, useSignIn, useSignUp, signIn, useSignInContext, useSignUpContext, useTernSecure, SignInProvider, SignUpProvider, } from './boundary/components';
|
|
3
4
|
export type { TernSecureUser, TernSecureUserData, SignInResponse, SignUpResponse, SocialProviderOptions, } from '@tern-secure/types';
|
|
4
5
|
export type { UserInfo, SessionResult } from './types';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,wCAAwC,CAAC;AAC5E,OAAO,EACL,OAAO,EACP,UAAU,EACV,UAAU,EACV,SAAS,EACT,SAAS,EACT,MAAM,EACN,gBAAgB,EAChB,gBAAgB,EAChB,aAAa,EACb,cAAc,EACd,cAAc,GAKf,MAAM,uBAAuB,CAAC;AAE/B,YAAY,EACV,cAAc,EACd,kBAAkB,EAClB,cAAc,EACd,cAAc,EACd,qBAAqB,GACtB,MAAM,oBAAoB,CAAC;AAE5B,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,wCAAwC,CAAC;AAC5E,OAAO,EAAE,sBAAsB,EAAE,MAAM,4CAA4C,CAAC;AACpF,OAAO,EACL,OAAO,EACP,UAAU,EACV,UAAU,EACV,SAAS,EACT,SAAS,EACT,MAAM,EACN,gBAAgB,EAChB,gBAAgB,EAChB,aAAa,EACb,cAAc,EACd,cAAc,GAKf,MAAM,uBAAuB,CAAC;AAE/B,YAAY,EACV,cAAc,EACd,kBAAkB,EAClB,cAAc,EACd,cAAc,EACd,qBAAqB,GACtB,MAAM,oBAAoB,CAAC;AAE5B,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC"}
|