@thinkingcat/auth-utils 1.0.21 → 1.0.22
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +39 -24
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -886,22 +886,44 @@ async function handleJWTCallback(token, user, account, options) {
|
|
|
886
886
|
debugLog('handleJWTCallback', 'Initial login, creating token from user data');
|
|
887
887
|
return createInitialJWTToken(token, user, account);
|
|
888
888
|
}
|
|
889
|
-
// 2. 토큰
|
|
889
|
+
// 2. 커스텀 토큰 쿠키 우선 체크 (middleware에서 refresh한 토큰이 있을 수 있음)
|
|
890
|
+
if (secret && licenseKey && serviceId) {
|
|
891
|
+
const cookieNameToUse = cookieName || `${serviceId}_access_token`;
|
|
892
|
+
debugLog('handleJWTCallback', 'Checking custom token cookie first:', cookieNameToUse);
|
|
893
|
+
const customJwt = await getJWTFromCustomTokenCookie(cookieNameToUse, secret, serviceId, licenseKey);
|
|
894
|
+
if (customJwt) {
|
|
895
|
+
debugLog('handleJWTCallback', 'Found valid custom token cookie, using it');
|
|
896
|
+
// refreshToken이 있으면 유지
|
|
897
|
+
if (token.refreshToken) {
|
|
898
|
+
customJwt.refreshToken = token.refreshToken;
|
|
899
|
+
}
|
|
900
|
+
return customJwt;
|
|
901
|
+
}
|
|
902
|
+
debugLog('handleJWTCallback', 'No valid custom token cookie found');
|
|
903
|
+
}
|
|
904
|
+
// 3. 토큰 유효성 체크
|
|
890
905
|
const now = Date.now();
|
|
891
906
|
const expires = token.accessTokenExpires;
|
|
892
907
|
const hasValidToken = token.id && expires && expires > now;
|
|
893
908
|
const refreshToken = token.refreshToken;
|
|
894
|
-
|
|
909
|
+
debugLog('handleJWTCallback', 'Token status:', {
|
|
910
|
+
hasId: !!token.id,
|
|
911
|
+
hasExpires: !!expires,
|
|
912
|
+
expiresIn: expires ? Math.round((expires - now) / 1000) + 's' : 'N/A',
|
|
913
|
+
hasValidToken,
|
|
914
|
+
hasRefreshToken: !!refreshToken,
|
|
915
|
+
});
|
|
916
|
+
// 3-1. nextauth token이 있고 만료되지 않았으면 그대로 사용
|
|
895
917
|
if (hasValidToken) {
|
|
896
918
|
debugLog('handleJWTCallback', 'Token is still valid, using existing token');
|
|
897
919
|
return token;
|
|
898
920
|
}
|
|
899
|
-
//
|
|
921
|
+
// 3-2. nextauth token이 없거나 만료됨 → refresh token으로 갱신 시도
|
|
900
922
|
// (refreshToken이 있고 SSO 설정이 있을 때만)
|
|
901
923
|
if (refreshToken && ssoBaseURL && authServiceKey && secret) {
|
|
902
|
-
debugLog('handleJWTCallback', 'Token invalid or expired, attempting refresh');
|
|
924
|
+
debugLog('handleJWTCallback', 'Token invalid or expired, attempting SSO refresh');
|
|
903
925
|
try {
|
|
904
|
-
debugLog('handleJWTCallback', 'Calling SSO refresh endpoint');
|
|
926
|
+
debugLog('handleJWTCallback', 'Calling SSO refresh endpoint:', `${ssoBaseURL}/api/sso/refresh`);
|
|
905
927
|
const response = await fetch(`${ssoBaseURL}/api/sso/refresh`, {
|
|
906
928
|
method: 'POST',
|
|
907
929
|
headers: {
|
|
@@ -910,10 +932,11 @@ async function handleJWTCallback(token, user, account, options) {
|
|
|
910
932
|
},
|
|
911
933
|
body: JSON.stringify({ refreshToken }),
|
|
912
934
|
});
|
|
935
|
+
debugLog('handleJWTCallback', 'SSO refresh response status:', response.status);
|
|
913
936
|
if (response.ok) {
|
|
914
937
|
const result = await response.json();
|
|
915
938
|
if (result.success && result.accessToken) {
|
|
916
|
-
debugLog('handleJWTCallback', 'Successfully refreshed token');
|
|
939
|
+
debugLog('handleJWTCallback', 'Successfully refreshed token from SSO');
|
|
917
940
|
// 새 액세스 토큰 검증 및 페이로드 추출
|
|
918
941
|
const tokenResult = await verifyToken(result.accessToken, secret);
|
|
919
942
|
if (tokenResult) {
|
|
@@ -926,35 +949,27 @@ async function handleJWTCallback(token, user, account, options) {
|
|
|
926
949
|
}
|
|
927
950
|
}
|
|
928
951
|
}
|
|
929
|
-
debugLog('handleJWTCallback', 'Failed to refresh token
|
|
952
|
+
debugLog('handleJWTCallback', 'Failed to refresh token from SSO');
|
|
930
953
|
}
|
|
931
954
|
catch (error) {
|
|
932
955
|
console.error('[handleJWTCallback] Error refreshing token:', error);
|
|
933
956
|
}
|
|
934
957
|
}
|
|
935
958
|
else {
|
|
936
|
-
debugLog('handleJWTCallback', 'Cannot refresh - missing
|
|
959
|
+
debugLog('handleJWTCallback', 'Cannot refresh - missing requirements:', {
|
|
960
|
+
hasRefreshToken: !!refreshToken,
|
|
961
|
+
hasSSO: !!ssoBaseURL,
|
|
962
|
+
hasAuthKey: !!authServiceKey,
|
|
963
|
+
hasSecret: !!secret,
|
|
964
|
+
});
|
|
937
965
|
}
|
|
938
|
-
//
|
|
966
|
+
// 4. refresh 실패 시 - 기존 토큰이 있으면 반환
|
|
939
967
|
if (token.id) {
|
|
940
968
|
debugLog('handleJWTCallback', 'Refresh failed, returning existing token (possibly expired)');
|
|
941
969
|
return token;
|
|
942
970
|
}
|
|
943
|
-
//
|
|
944
|
-
debugLog('handleJWTCallback', '
|
|
945
|
-
if (secret && licenseKey && serviceId) {
|
|
946
|
-
const cookieNameToUse = cookieName || `${serviceId}_access_token`;
|
|
947
|
-
const jwt = await getJWTFromCustomTokenCookie(cookieNameToUse, secret, serviceId, licenseKey);
|
|
948
|
-
if (jwt) {
|
|
949
|
-
debugLog('handleJWTCallback', 'Successfully created JWT from custom token cookie');
|
|
950
|
-
return jwt;
|
|
951
|
-
}
|
|
952
|
-
debugLog('handleJWTCallback', 'Failed to create JWT from custom token cookie');
|
|
953
|
-
}
|
|
954
|
-
else {
|
|
955
|
-
debugLog('handleJWTCallback', 'Missing required parameters for custom token reading');
|
|
956
|
-
}
|
|
957
|
-
debugLog('handleJWTCallback', 'Returning original token');
|
|
971
|
+
// 5. 모든 시도 실패 - 빈 토큰 반환
|
|
972
|
+
debugLog('handleJWTCallback', 'All attempts failed, returning empty token');
|
|
958
973
|
return token;
|
|
959
974
|
}
|
|
960
975
|
/**
|
package/package.json
CHANGED