@thinkingcat/auth-utils 1.0.11 → 1.0.13

package/README.md

@@ -60,7 +60,7 @@ npm install @thinkingcat/auth-utils
 ```json
 {
   "dependencies": {
-    "@thinkingcat/auth-utils": "^1.0.11"
+    "@thinkingcat/auth-utils": "^1.0.12"
   }
 }
 ```
@@ -139,7 +139,7 @@ import {
   createMiddlewareConfig,
   handleMiddleware,
   verifyAndRefreshTokenWithNextAuth,
-  
+
   // 라이센스
   checkLicenseKey,
 
@@ -166,7 +166,8 @@ const response = await handleMiddleware(req, middlewareConfig, {
 });
 ```
 
-**중요**: 
+**중요**:
+
 - 라이센스 키는 모든 함수 호출 시 필수 파라미터입니다.
 - 라이센스 키가 없거나 유효하지 않으면 함수가 에러를 발생시킵니다.
 - 라이센스 키는 SHA-256 해시로 변환되어 모듈 내부의 유효한 키 목록과 비교됩니다.
@@ -1307,7 +1308,7 @@ const response = await handleMiddleware(req, middlewareConfig, {
 ## 📦 패키지 정보
 
 - **패키지명**: `@thinkingcat/auth-utils`
-- **버전**: `1.0.11`
+- **버전**: `1.0.12`
 - **라이선스**: MIT
 - **저장소**: npm registry
 

package/dist/index.d.ts

@@ -325,7 +325,7 @@ export interface MiddlewareOptions {
     /** 라이센스 키 (필수) */
     licenseKey: string;
 }
-export declare function checkLicenseKey(licenseKey: string): void;
+export declare function checkLicenseKey(licenseKey: string): Promise<void>;
 export declare function checkRoleAccess(pathname: string, role: string, roleConfig: RoleAccessConfig): {
     allowed: boolean;
     message?: string;

package/dist/index.js

@@ -67,7 +67,14 @@ exports.handleMiddleware = handleMiddleware;
 const jwt_1 = require("next-auth/jwt");
 const jose_1 = require("jose");
 const server_1 = require("next/server");
-const crypto_1 = require("crypto");
+// Edge Runtime 호환을 위해 Web Crypto API 사용
+async function createHashSHA256(data) {
+    const encoder = new TextEncoder();
+    const dataBuffer = encoder.encode(data);
+    const hashBuffer = await crypto.subtle.digest('SHA-256', dataBuffer);
+    const hashArray = Array.from(new Uint8Array(hashBuffer));
+    return hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
+}
 /**
  * 토큰 검증 및 디코딩
  * @param accessToken JWT access token
@@ -331,7 +338,7 @@ function createRedirectHTML(redirectPath, text) {
  * @returns NextResponse 객체
  */
 async function createAuthResponse(accessToken, secret, options) {
-    checkLicenseKey(options.licenseKey);
+    await checkLicenseKey(options.licenseKey);
     const { refreshToken, redirectPath, text, cookiePrefix, isProduction = false, cookieDomain, serviceId, } = options;
     // 1. 토큰 검증
     const tokenResult = await verifyToken(accessToken, secret);
@@ -600,11 +607,11 @@ function requiresSubscription(pathname, role, subscriptionRequiredPaths, systemA
 const VALID_LICENSE_KEY_HASHES = new Set([
     '73bce4f3b64804c255cdab450d759a8b53038f9edb59ae42d9988b08dfd007e2',
 ]);
-function checkLicenseKey(licenseKey) {
+async function checkLicenseKey(licenseKey) {
     if (!licenseKey || licenseKey.length < 10) {
         throw new Error('License key is required');
     }
-    const keyHash = (0, crypto_1.createHash)('sha256').update(licenseKey).digest('hex');
+    const keyHash = await createHashSHA256(licenseKey);
     if (!VALID_LICENSE_KEY_HASHES.has(keyHash)) {
         throw new Error('Invalid license key');
     }
@@ -858,7 +865,7 @@ async function handleMiddleware(req, config, options) {
     try {
         const pathname = req.nextUrl.pathname;
         const { secret, isProduction, cookieDomain, getNextAuthToken, licenseKey } = options;
-        checkLicenseKey(licenseKey);
+        await checkLicenseKey(licenseKey);
         if (!config.serviceId) {
             throw new Error('serviceId is required in middleware config');
         }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@thinkingcat/auth-utils",
-  "version": "1.0.11",
+  "version": "1.0.13",
   "description": "Authentication utilities for ThinkingCat SSO services",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",