@thinkingcat/auth-utils 1.0.20 → 1.0.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/index.js +48 -48
  2. package/package.json +1 -1
package/dist/index.js CHANGED
@@ -886,61 +886,61 @@ async function handleJWTCallback(token, user, account, options) {
886
886
  debugLog('handleJWTCallback', 'Initial login, creating token from user data');
887
887
  return createInitialJWTToken(token, user, account);
888
888
  }
889
- // 2. 이미 토큰에 정보가 있는 경우 - 만료 체크 및 갱신
890
- if (token.id) {
891
- const now = Date.now();
892
- const expires = token.accessTokenExpires;
893
- // 2-1. 토큰이 만료되지 않았으면 그대로 사용
894
- if (expires && expires > now) {
895
- debugLog('handleJWTCallback', 'Token is still valid, using existing token');
896
- return token;
897
- }
898
- // 2-2. 토큰이 만료되었으면 refresh token으로 갱신 시도
899
- debugLog('handleJWTCallback', 'Token expired or no expiry, attempting refresh');
900
- const refreshToken = token.refreshToken;
901
- if (refreshToken && ssoBaseURL && authServiceKey) {
902
- try {
903
- debugLog('handleJWTCallback', 'Calling SSO refresh endpoint');
904
- const response = await fetch(`${ssoBaseURL}/api/sso/refresh`, {
905
- method: 'POST',
906
- headers: {
907
- 'Content-Type': 'application/json',
908
- 'x-auth-service-key': authServiceKey,
909
- },
910
- body: JSON.stringify({ refreshToken }),
911
- });
912
- if (response.ok) {
913
- const result = await response.json();
914
- if (result.success && result.accessToken) {
915
- debugLog('handleJWTCallback', 'Successfully refreshed token');
916
- // 액세스 토큰 검증 및 페이로드 추출
917
- if (secret) {
918
- const tokenResult = await verifyToken(result.accessToken, secret);
919
- if (tokenResult) {
920
- const newJWT = createNextAuthJWT(tokenResult.payload, serviceId || '');
921
- return {
922
- ...newJWT,
923
- refreshToken, // 기존 refresh token 유지
924
- accessTokenExpires: Date.now() + (15 * 60 * 1000), // 15분
925
- };
926
- }
927
- }
889
+ // 2. 토큰 유효성 체크
890
+ const now = Date.now();
891
+ const expires = token.accessTokenExpires;
892
+ const hasValidToken = token.id && expires && expires > now;
893
+ const refreshToken = token.refreshToken;
894
+ // 2-1. nextauth token이 있고 만료되지 않았으면 그대로 사용
895
+ if (hasValidToken) {
896
+ debugLog('handleJWTCallback', 'Token is still valid, using existing token');
897
+ return token;
898
+ }
899
+ // 2-2. nextauth token이 없거나 만료됨 refresh token으로 갱신 시도
900
+ // (refreshToken 있고 SSO 설정이 있을 때만)
901
+ if (refreshToken && ssoBaseURL && authServiceKey && secret) {
902
+ debugLog('handleJWTCallback', 'Token invalid or expired, attempting refresh');
903
+ try {
904
+ debugLog('handleJWTCallback', 'Calling SSO refresh endpoint');
905
+ const response = await fetch(`${ssoBaseURL}/api/sso/refresh`, {
906
+ method: 'POST',
907
+ headers: {
908
+ 'Content-Type': 'application/json',
909
+ 'x-auth-service-key': authServiceKey,
910
+ },
911
+ body: JSON.stringify({ refreshToken }),
912
+ });
913
+ if (response.ok) {
914
+ const result = await response.json();
915
+ if (result.success && result.accessToken) {
916
+ debugLog('handleJWTCallback', 'Successfully refreshed token');
917
+ // 액세스 토큰 검증 및 페이로드 추출
918
+ const tokenResult = await verifyToken(result.accessToken, secret);
919
+ if (tokenResult) {
920
+ const newJWT = createNextAuthJWT(tokenResult.payload, serviceId || '');
921
+ return {
922
+ ...newJWT,
923
+ refreshToken, // 기존 refresh token 유지
924
+ accessTokenExpires: Date.now() + (15 * 60 * 1000), // 15분
925
+ };
928
926
  }
929
927
  }
930
- debugLog('handleJWTCallback', 'Failed to refresh token, SSO response not ok');
931
- }
932
- catch (error) {
933
- console.error('[handleJWTCallback] Error refreshing token:', error);
934
928
  }
929
+ debugLog('handleJWTCallback', 'Failed to refresh token, SSO response not ok');
935
930
  }
936
- else {
937
- debugLog('handleJWTCallback', 'Missing refresh token or SSO config, cannot refresh');
931
+ catch (error) {
932
+ console.error('[handleJWTCallback] Error refreshing token:', error);
938
933
  }
939
- // 갱신 실패 시 기존 토큰 반환 (만료되었지만)
940
- debugLog('handleJWTCallback', 'Returning existing token (possibly expired)');
934
+ }
935
+ else {
936
+ debugLog('handleJWTCallback', 'Cannot refresh - missing refresh token or SSO config');
937
+ }
938
+ // 3. refresh 실패 시 - 기존 토큰이 있으면 반환
939
+ if (token.id) {
940
+ debugLog('handleJWTCallback', 'Refresh failed, returning existing token (possibly expired)');
941
941
  return token;
942
942
  }
943
- // 3. 토큰에 id가 없는 경우 - 커스텀 토큰 쿠키에서 정보 읽기
943
+ // 4. 토큰에 id가 없는 경우 - 커스텀 토큰 쿠키에서 정보 읽기
944
944
  debugLog('handleJWTCallback', 'Token has no id, checking custom token cookie');
945
945
  if (secret && licenseKey && serviceId) {
946
946
  const cookieNameToUse = cookieName || `${serviceId}_access_token`;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@thinkingcat/auth-utils",
3
- "version": "1.0.20",
3
+ "version": "1.0.21",
4
4
  "description": "Authentication utilities for ThinkingCat SSO services with conditional logging",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",