@thinkingcat/auth-utils 1.0.30 → 1.0.32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/index.js +47 -16
  2. package/package.json +1 -1
package/dist/index.js CHANGED
@@ -214,16 +214,19 @@ async function encodeNextAuthToken(jwt, secret, maxAge = 30 * 24 * 60 * 60) {
214
214
  try {
215
215
  // next-auth/jwt의 encode 함수를 동적 import로 사용 (Edge Runtime 호환)
216
216
  const { encode } = await Promise.resolve().then(() => __importStar(require('next-auth/jwt')));
217
- return await encode({
217
+ debugLog('encodeNextAuthToken', 'Using next-auth/jwt encode');
218
+ const encoded = await encode({
218
219
  token: jwt,
219
220
  secret: secret,
220
221
  maxAge: maxAge,
221
222
  });
223
+ debugLog('encodeNextAuthToken', 'Encode successful, length:', encoded.length);
224
+ return encoded;
222
225
  }
223
226
  catch (error) {
224
227
  // Edge Runtime에서 encode가 작동하지 않을 수 있으므로
225
228
  // jose의 EncryptJWT를 사용하여 JWE 토큰 생성 (NextAuth가 기대하는 형식)
226
- debugLog('encodeNextAuthToken', 'encode failed, using EncryptJWT fallback');
229
+ debugLog('encodeNextAuthToken', 'encode failed, using EncryptJWT fallback', error);
227
230
  // NextAuth는 secret을 SHA-256 해시하여 32바이트 키로 사용
228
231
  // jose의 EncryptJWT는 'dir' 알고리즘에서 Uint8Array 키를 직접 사용
229
232
  const secretHash = await createHashSHA256(secret);
@@ -651,20 +654,48 @@ async function verifyAndRefreshToken(req, secret, options) {
651
654
  catch {
652
655
  // 토큰 검증 실패
653
656
  }
654
- debugLog('verifyAndRefreshToken', 'Creating auth response...');
655
- // 현재 경로로 리다이렉트하여 새로운 쿠키로 다시 요청하도록 함
656
- const currentPath = req.nextUrl.pathname + req.nextUrl.search;
657
- const response = await createAuthResponse(refreshResult.accessToken, secret, {
658
- req,
659
- refreshToken: newRefreshToken,
660
- redirectPath: currentPath,
661
- text: text || serviceId,
662
- cookiePrefix,
663
- isProduction,
664
- cookieDomain,
665
- serviceId,
666
- licenseKey: options.licenseKey,
667
- });
657
+ debugLog('verifyAndRefreshToken', 'Updating cookies without redirect...');
658
+ // NextResponse.next()를 생성하고 쿠키만 설정
659
+ const { NextResponse: NextResponseClass } = await getNextServer();
660
+ const response = NextResponseClass.next();
661
+ // NextAuth JWT 생성
662
+ const jwt = createNextAuthJWT(payload, serviceId);
663
+ if (newRefreshToken) {
664
+ jwt.refreshToken = newRefreshToken;
665
+ }
666
+ jwt.accessTokenExpires = Date.now() + (15 * 60 * 1000);
667
+ // NextAuth 세션 쿠키 설정
668
+ const nextAuthToken = await encodeNextAuthToken(jwt, secret);
669
+ const nextAuthCookieName = isProduction
670
+ ? '__Secure-next-auth.session-token'
671
+ : 'next-auth.session-token';
672
+ const cookieOptions = {
673
+ httpOnly: true,
674
+ secure: isProduction,
675
+ sameSite: isProduction ? 'none' : 'lax',
676
+ path: '/',
677
+ maxAge: 30 * 24 * 60 * 60,
678
+ };
679
+ if (cookieDomain) {
680
+ cookieOptions.domain = cookieDomain;
681
+ }
682
+ response.cookies.set(nextAuthCookieName, nextAuthToken, cookieOptions);
683
+ // 커스텀 토큰 쿠키 설정
684
+ if (newRefreshToken) {
685
+ setCustomTokens(response, refreshResult.accessToken, newRefreshToken, {
686
+ cookiePrefix,
687
+ isProduction,
688
+ cookieDomain,
689
+ });
690
+ }
691
+ else {
692
+ setCustomTokens(response, refreshResult.accessToken, {
693
+ cookiePrefix,
694
+ isProduction,
695
+ cookieDomain,
696
+ });
697
+ }
698
+ debugLog('verifyAndRefreshToken', 'Cookies updated, continuing with current request');
668
699
  return { isValid: true, response, payload };
669
700
  }
670
701
  catch (error) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@thinkingcat/auth-utils",
3
- "version": "1.0.30",
3
+ "version": "1.0.32",
4
4
  "description": "Authentication utilities for ThinkingCat SSO services with conditional logging",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",