npm - @thinkingcat/auth-utils - Versions diffs - 1.0.12 → 1.0.13 - Mend

@thinkingcat/auth-utils 1.0.12 → 1.0.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -139,7 +139,7 @@ import {
   createMiddlewareConfig,
   handleMiddleware,
   verifyAndRefreshTokenWithNextAuth,
   // 라이센스
   checkLicenseKey,
@@ -166,7 +166,8 @@ const response = await handleMiddleware(req, middlewareConfig, {
 });
 ```
-**중요**:
+**중요**:
 - 라이센스 키는 모든 함수 호출 시 필수 파라미터입니다.
 - 라이센스 키가 없거나 유효하지 않으면 함수가 에러를 발생시킵니다.
 - 라이센스 키는 SHA-256 해시로 변환되어 모듈 내부의 유효한 키 목록과 비교됩니다.

package/dist/index.d.ts CHANGED Viewed

@@ -325,7 +325,7 @@ export interface MiddlewareOptions {
     /** 라이센스 키 (필수) */
     licenseKey: string;
 }
-export declare function checkLicenseKey(licenseKey: string): void;
+export declare function checkLicenseKey(licenseKey: string): Promise<void>;
 export declare function checkRoleAccess(pathname: string, role: string, roleConfig: RoleAccessConfig): {
     allowed: boolean;
     message?: string;

package/dist/index.js CHANGED Viewed

@@ -67,7 +67,14 @@ exports.handleMiddleware = handleMiddleware;
 const jwt_1 = require("next-auth/jwt");
 const jose_1 = require("jose");
 const server_1 = require("next/server");
-const crypto_1 = require("crypto");
+// Edge Runtime 호환을 위해 Web Crypto API 사용
+async function createHashSHA256(data) {
+    const encoder = new TextEncoder();
+    const dataBuffer = encoder.encode(data);
+    const hashBuffer = await crypto.subtle.digest('SHA-256', dataBuffer);
+    const hashArray = Array.from(new Uint8Array(hashBuffer));
+    return hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
+}
 /**
  * 토큰 검증 및 디코딩
  * @param accessToken JWT access token
@@ -331,7 +338,7 @@ function createRedirectHTML(redirectPath, text) {
  * @returns NextResponse 객체
  */
 async function createAuthResponse(accessToken, secret, options) {
-    checkLicenseKey(options.licenseKey);
+    await checkLicenseKey(options.licenseKey);
     const { refreshToken, redirectPath, text, cookiePrefix, isProduction = false, cookieDomain, serviceId, } = options;
     // 1. 토큰 검증
     const tokenResult = await verifyToken(accessToken, secret);
@@ -600,11 +607,11 @@ function requiresSubscription(pathname, role, subscriptionRequiredPaths, systemA
 const VALID_LICENSE_KEY_HASHES = new Set([
     '73bce4f3b64804c255cdab450d759a8b53038f9edb59ae42d9988b08dfd007e2',
 ]);
-function checkLicenseKey(licenseKey) {
+async function checkLicenseKey(licenseKey) {
     if (!licenseKey || licenseKey.length < 10) {
         throw new Error('License key is required');
     }
-    const keyHash = (0, crypto_1.createHash)('sha256').update(licenseKey).digest('hex');
+    const keyHash = await createHashSHA256(licenseKey);
     if (!VALID_LICENSE_KEY_HASHES.has(keyHash)) {
         throw new Error('Invalid license key');
     }
@@ -858,7 +865,7 @@ async function handleMiddleware(req, config, options) {
     try {
         const pathname = req.nextUrl.pathname;
         const { secret, isProduction, cookieDomain, getNextAuthToken, licenseKey } = options;
-        checkLicenseKey(licenseKey);
+        await checkLicenseKey(licenseKey);
         if (!config.serviceId) {
             throw new Error('serviceId is required in middleware config');
         }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@thinkingcat/auth-utils",
-  "version": "1.0.12",
+  "version": "1.0.13",
   "description": "Authentication utilities for ThinkingCat SSO services",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",