npm - @thinkingcat/auth-utils - Versions diffs - 1.0.17 → 1.0.19 - Mend

@thinkingcat/auth-utils 1.0.17 → 1.0.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -1,6 +1,6 @@
-import { JWT } from "next-auth/jwt";
+import type { JWT } from "next-auth/jwt";
 import type { Session } from "next-auth";
-import { NextResponse, NextRequest } from 'next/server';
+import type { NextResponse, NextRequest } from 'next/server';
 export interface ResponseLike {
     cookies: {
         delete(name: string): void;
@@ -239,7 +239,7 @@ export declare function verifyAndRefreshToken(req: NextRequest, secret: string,
  * @param errorPath 에러 페이지 경로 (기본값: '/error')
  * @returns NextResponse 리다이렉트 응답
  */
-export declare function redirectToError(req: NextRequest, code: string, message: string, errorPath?: string): NextResponse;
+export declare function redirectToError(req: NextRequest, code: string, message: string, errorPath?: string): Promise<NextResponse>;
 /**
  * 인증 쿠키를 삭제하는 헬퍼 함수
  * @param response NextResponse 객체
@@ -491,7 +491,7 @@ export declare function checkRoleAccess(pathname: string, role: string, roleConf
  * @param ssoBaseURL SSO 서버 기본 URL (필수)
  * @returns NextResponse 리다이렉트 응답
  */
-export declare function redirectToSSOLogin(req: NextRequest, serviceId: string, ssoBaseURL: string): NextResponse;
+export declare function redirectToSSOLogin(req: NextRequest, serviceId: string, ssoBaseURL: string): Promise<NextResponse>;
 /**
  * 역할별 대시보드 경로로 리다이렉트하는 헬퍼 함수
  * @param req NextRequest 객체
@@ -500,7 +500,7 @@ export declare function redirectToSSOLogin(req: NextRequest, serviceId: string,
  * @param defaultPath 기본 경로 (기본값: '/admin')
  * @returns NextResponse 리다이렉트 응답
  */
-export declare function redirectToRoleDashboard(req: NextRequest, role: string, rolePaths: Record<string, string>, defaultPath?: string): NextResponse;
+export declare function redirectToRoleDashboard(req: NextRequest, role: string, rolePaths: Record<string, string>, defaultPath?: string): Promise<NextResponse>;
 /**
  * 토큰이 만료되었는지 확인하는 함수
  * @param token NextAuth JWT 객체

package/dist/index.js CHANGED Viewed

@@ -71,9 +71,7 @@ exports.checkAuthentication = checkAuthentication;
 exports.verifyAndRefreshTokenWithNextAuth = verifyAndRefreshTokenWithNextAuth;
 exports.createMiddlewareConfig = createMiddlewareConfig;
 exports.handleMiddleware = handleMiddleware;
-const jwt_1 = require("next-auth/jwt");
 const jose_1 = require("jose");
-const server_1 = require("next/server");
 // ============================================================================
 // UTILITY FUNCTIONS
 // ============================================================================
@@ -100,6 +98,12 @@ async function createHashSHA256(data) {
     const hashArray = Array.from(new Uint8Array(hashBuffer));
     return hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
 }
+/**
+ * Edge Runtime 호환을 위해 next/server를 동적 import
+ */
+async function getNextServer() {
+    return await Promise.resolve().then(() => __importStar(require('next/server')));
+}
 /**
  * NextAuth 세션 토큰 쿠키를 삭제하는 헬퍼 함수
  */
@@ -208,8 +212,9 @@ function createNextAuthJWT(payload, serviceId) {
  */
 async function encodeNextAuthToken(jwt, secret, maxAge = 30 * 24 * 60 * 60) {
     try {
-        // next-auth/jwt의 encode 함수 사용 (Node.js 런타임에서만 작동)
-        return await (0, jwt_1.encode)({
+        // next-auth/jwt의 encode 함수를 동적 import로 사용 (Edge Runtime 호환)
+        const { encode } = await Promise.resolve().then(() => __importStar(require('next-auth/jwt')));
+        return await encode({
             token: jwt,
             secret: secret,
             maxAge: maxAge,
@@ -428,7 +433,8 @@ async function createAuthResponse(accessToken, secret, options) {
         ? createRedirectHTML(redirectPath, displayText)
         : createRedirectHTML('', displayText).replace("window.location.href = ''", "window.location.reload()");
     // 6. Response 생성
-    const response = new server_1.NextResponse(html, {
+    const { NextResponse: NextResponseClass } = await getNextServer();
+    const response = new NextResponseClass(html, {
         status: 200,
         headers: {
             'Content-Type': 'text/html',
@@ -617,14 +623,16 @@ async function verifyAndRefreshToken(req, secret, options) {
             }
             else {
                 debugLog('verifyAndRefreshToken', 'Refresh failed, clearing all cookies');
-                const response = server_1.NextResponse.next();
+                const { NextResponse: NextResponseClass } = await getNextServer();
+                const response = NextResponseClass.next();
                 clearAllAuthCookies(response, options.cookiePrefix, options.isProduction);
                 return { isValid: false, response, error: 'REFRESH_FAILED' };
             }
         }
         catch (error) {
             debugError('verifyAndRefreshToken', 'Token refresh error:', error);
-            const response = server_1.NextResponse.next();
+            const { NextResponse: NextResponseClass } = await getNextServer();
+            const response = NextResponseClass.next();
             clearAllAuthCookies(response, options.cookiePrefix, options.isProduction);
             return { isValid: false, response, error: 'REFRESH_ERROR' };
         }
@@ -642,11 +650,12 @@ async function verifyAndRefreshToken(req, secret, options) {
  * @param errorPath 에러 페이지 경로 (기본값: '/error')
  * @returns NextResponse 리다이렉트 응답
  */
-function redirectToError(req, code, message, errorPath = '/error') {
+async function redirectToError(req, code, message, errorPath = '/error') {
     const url = new URL(errorPath, req.url);
     url.searchParams.set('code', code);
     url.searchParams.set('message', message);
-    return server_1.NextResponse.redirect(url);
+    const { NextResponse: NextResponseClass } = await getNextServer();
+    return NextResponseClass.redirect(url);
 }
 /**
  * 인증 쿠키를 삭제하는 헬퍼 함수
@@ -971,8 +980,9 @@ function checkRoleAccess(pathname, role, roleConfig) {
  * @param ssoBaseURL SSO 서버 기본 URL (필수)
  * @returns NextResponse 리다이렉트 응답
  */
-function redirectToSSOLogin(req, serviceId, ssoBaseURL) {
-    return server_1.NextResponse.redirect(new URL(`${ssoBaseURL}/auth/login?serviceId=${serviceId}`, req.url));
+async function redirectToSSOLogin(req, serviceId, ssoBaseURL) {
+    const { NextResponse: NextResponseClass } = await getNextServer();
+    return NextResponseClass.redirect(new URL(`${ssoBaseURL}/auth/login?serviceId=${serviceId}`, req.url));
 }
 /**
  * 역할별 대시보드 경로로 리다이렉트하는 헬퍼 함수
@@ -982,9 +992,10 @@ function redirectToSSOLogin(req, serviceId, ssoBaseURL) {
  * @param defaultPath 기본 경로 (기본값: '/admin')
  * @returns NextResponse 리다이렉트 응답
  */
-function redirectToRoleDashboard(req, role, rolePaths, defaultPath = '/admin') {
+async function redirectToRoleDashboard(req, role, rolePaths, defaultPath = '/admin') {
     const redirectPath = rolePaths[role] || defaultPath;
-    return server_1.NextResponse.redirect(new URL(redirectPath, req.url));
+    const { NextResponse: NextResponseClass } = await getNextServer();
+    return NextResponseClass.redirect(new URL(redirectPath, req.url));
 }
 // ============================================================================
 // TOKEN VALIDATION UTILITIES
@@ -1250,6 +1261,8 @@ function createMiddlewareConfig(config, defaults) {
  * @returns NextResponse 또는 null (다음 미들웨어로 진행)
  */
 async function handleMiddleware(req, config, options) {
+    // Edge Runtime 호환을 위해 next/server를 한 번만 import
+    const { NextResponse: NextResponseClass } = await getNextServer();
     try {
         const pathname = req.nextUrl.pathname;
         const { secret, isProduction, cookieDomain, getNextAuthToken, licenseKey } = options;
@@ -1282,10 +1295,10 @@ async function handleMiddleware(req, config, options) {
         // 1. API 요청 처리
         if (pathname.startsWith('/api/')) {
             if (config.authApiPaths.includes(pathname)) {
-                return server_1.NextResponse.next();
+                return NextResponseClass.next();
             }
             if (config.subscriptionExemptApiPaths.some((path) => pathname.startsWith(path))) {
-                return server_1.NextResponse.next();
+                return NextResponseClass.next();
             }
             const authCheck = await verifyAndRefreshTokenWithNextAuth(req, token, secret, {
                 cookiePrefix,
@@ -1301,10 +1314,10 @@ async function handleMiddleware(req, config, options) {
                 return authCheck.response;
             }
             if (!authCheck.isValid) {
-                const response = redirectToError(req, 'UNAUTHORIZED', '인증이 필요합니다.', config.errorPath);
+                const response = await redirectToError(req, 'UNAUTHORIZED', '인증이 필요합니다.', config.errorPath);
                 return clearAuthCookies(response, cookiePrefix);
             }
-            return server_1.NextResponse.next();
+            return NextResponseClass.next();
         }
         // 2. 루트 경로 처리 - SSO 토큰 처리 (인증 체크보다 먼저!)
         if (pathname === '/') {
@@ -1347,26 +1360,26 @@ async function handleMiddleware(req, config, options) {
                 catch (error) {
                     debugError('handleMiddleware', 'Error processing token:', error);
                     const ssoBaseURL = options.ssoBaseURL;
-                    return redirectToSSOLogin(req, serviceId, ssoBaseURL);
+                    return await redirectToSSOLogin(req, serviceId, ssoBaseURL);
                 }
             }
             // 토큰이 없고 이미 인증된 경우 역할별 대시보드로 리다이렉트
             if (token && effectiveRole) {
-                return redirectToRoleDashboard(req, effectiveRole, config.rolePaths);
+                return await redirectToRoleDashboard(req, effectiveRole, config.rolePaths);
             }
             // 인증되지 않은 경우 SSO 로그인 페이지로 리다이렉트
             const ssoBaseURL = options.ssoBaseURL;
-            return redirectToSSOLogin(req, serviceId, ssoBaseURL);
+            return await redirectToSSOLogin(req, serviceId, ssoBaseURL);
         }
         // 3. 공개 경로 처리
         if (config.publicPaths.some((path) => pathname === path || pathname.startsWith(path))) {
             if (pathname === '/error' || pathname === '/verification') {
-                return server_1.NextResponse.next();
+                return NextResponseClass.next();
             }
             if (token && effectiveRole) {
-                return redirectToRoleDashboard(req, effectiveRole, config.rolePaths);
+                return await redirectToRoleDashboard(req, effectiveRole, config.rolePaths);
             }
-            return server_1.NextResponse.next();
+            return NextResponseClass.next();
         }
         // 4. 인증 체크
         const authCheck = await verifyAndRefreshTokenWithNextAuth(req, token, secret, {
@@ -1384,7 +1397,7 @@ async function handleMiddleware(req, config, options) {
         }
         if (!authCheck.isValid) {
             const ssoBaseURL = options.ssoBaseURL;
-            return redirectToSSOLogin(req, serviceId, ssoBaseURL);
+            return await redirectToSSOLogin(req, serviceId, ssoBaseURL);
         }
         // 5. 토큰 확인 및 변환
         let finalToken = token;
@@ -1413,24 +1426,24 @@ async function handleMiddleware(req, config, options) {
         }
         if (!finalToken) {
             const ssoBaseURL = options.ssoBaseURL;
-            return redirectToSSOLogin(req, serviceId, ssoBaseURL);
+            return await redirectToSSOLogin(req, serviceId, ssoBaseURL);
         }
         // 6. 토큰 에러 체크
         if (finalToken.error === "RefreshAccessTokenError") {
             const ssoBaseURL = options.ssoBaseURL;
-            return redirectToSSOLogin(req, serviceId, ssoBaseURL);
+            return await redirectToSSOLogin(req, serviceId, ssoBaseURL);
         }
         // 7. 토큰 유효성 체크
         if (!finalToken.role || !finalToken.email) {
             const ssoBaseURL = options.ssoBaseURL;
-            return redirectToSSOLogin(req, serviceId, ssoBaseURL);
+            return await redirectToSSOLogin(req, serviceId, ssoBaseURL);
         }
         // 8. 역할 기반 접근 제어
         const finalEffectiveRole = finalToken.role || getEffectiveRole(finalToken, serviceId) || effectiveRole || '';
         if (config.roleAccessConfig && Object.keys(config.roleAccessConfig).length > 0 && finalEffectiveRole) {
             const roleCheck = checkRoleAccess(pathname, finalEffectiveRole, config.roleAccessConfig);
             if (!roleCheck.allowed) {
-                return redirectToError(req, 'ACCESS_DENIED', roleCheck.message || '접근 권한이 없습니다.', config.errorPath);
+                return await redirectToError(req, 'ACCESS_DENIED', roleCheck.message || '접근 권한이 없습니다.', config.errorPath);
             }
         }
         // 9. 구독 상태 확인 (시스템 관리자 제외)
@@ -1442,13 +1455,13 @@ async function handleMiddleware(req, config, options) {
             }
             const subscriptionCheck = validateServiceSubscription(services, serviceId, ssoBaseURL);
             if (!subscriptionCheck.isValid) {
-                return server_1.NextResponse.redirect(subscriptionCheck.redirectUrl);
+                return NextResponseClass.redirect(subscriptionCheck.redirectUrl);
             }
         }
         return null;
     }
     catch (error) {
         debugError('handleMiddleware', 'Middleware error:', error);
-        return redirectToError(req, 'INTERNAL_ERROR', '서버 오류가 발생했습니다.', config.errorPath);
+        return await redirectToError(req, 'INTERNAL_ERROR', '서버 오류가 발생했습니다.', config.errorPath);
     }
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@thinkingcat/auth-utils",
-  "version": "1.0.17",
+  "version": "1.0.19",
   "description": "Authentication utilities for ThinkingCat SSO services with conditional logging",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -40,6 +40,3 @@
     ".env.example"
   ]
 }