npm - @thinkingcat/auth-utils - Versions diffs - 1.0.38 → 1.0.39 - Mend

@thinkingcat/auth-utils 1.0.38 → 1.0.39

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.js +42 -29
package/package.json +1 -1

package/dist/index.js CHANGED Viewed

@@ -211,36 +211,49 @@ function createNextAuthJWT(payload, serviceId) {
  * @returns 인코딩된 세션 토큰
  */
 async function encodeNextAuthToken(jwt, secret, maxAge = 30 * 24 * 60 * 60) {
-    // Edge Runtime과 Node.js Runtime 간 호환성을 위해
-    // next-auth/jwt의 encode 대신 jose를 직접 사용
-    // (Edge Runtime에서 encode한 토큰을 Node.js Runtime에서 decode 못하는 문제 방지)
-    debugLog('encodeNextAuthToken', 'Using jose EncryptJWT for cross-runtime compatibility');
-    // NextAuth는 secret을 SHA-256 해시하여 32바이트 키로 사용
-    const secretHash = await createHashSHA256(secret);
-    // SHA-256 해시는 64자 hex 문자열이므로, 32바이트로 변환
-    const keyBytes = new Uint8Array(32);
-    for (let i = 0; i < 32; i++) {
-        keyBytes[i] = parseInt(secretHash.slice(i * 2, i * 2 + 2), 16);
-    }
-    const now = Math.floor(Date.now() / 1000);
-    // EncryptJWT를 사용하여 JWE 토큰 생성
-    // NextAuth는 'dir' 키 관리와 'A256GCM' 암호화를 사용
+    // NextAuth의 encode() 함수를 우선적으로 사용 (가장 호환성 좋음)
     try {
-        const token = await new jose_1.EncryptJWT(jwt)
-            .setProtectedHeader({
-            alg: 'dir', // Direct key agreement
-            enc: 'A256GCM' // AES-256-GCM encryption
-        })
-            .setIssuedAt(now)
-            .setExpirationTime(now + maxAge)
-            .setJti(crypto.randomUUID())
-            .encrypt(keyBytes);
-        debugLog('encodeNextAuthToken', 'EncryptJWT successful, length:', token.length);
-        return token;
+        const { encode } = await Promise.resolve().then(() => __importStar(require('next-auth/jwt')));
+        debugLog('encodeNextAuthToken', 'Using next-auth/jwt encode');
+        const encoded = await encode({
+            token: jwt,
+            secret: secret,
+            maxAge: maxAge,
+        });
+        debugLog('encodeNextAuthToken', 'NextAuth encode successful, length:', encoded.length);
+        return encoded;
     }
     catch (error) {
-        debugError('encodeNextAuthToken', 'EncryptJWT failed:', error);
-        throw new Error(`Failed to encode NextAuth token: ${error instanceof Error ? error.message : String(error)}`);
+        // Edge Runtime에서 encode가 작동하지 않을 수 있으므로
+        // jose의 EncryptJWT를 fallback으로 사용
+        debugLog('encodeNextAuthToken', 'NextAuth encode failed, using jose EncryptJWT fallback', error);
+        // NextAuth는 secret을 SHA-256 해시하여 32바이트 키로 사용
+        const secretHash = await createHashSHA256(secret);
+        // SHA-256 해시는 64자 hex 문자열이므로, 32바이트로 변환
+        const keyBytes = new Uint8Array(32);
+        for (let i = 0; i < 32; i++) {
+            keyBytes[i] = parseInt(secretHash.slice(i * 2, i * 2 + 2), 16);
+        }
+        const now = Math.floor(Date.now() / 1000);
+        // EncryptJWT를 사용하여 JWE 토큰 생성
+        // NextAuth는 'dir' 키 관리와 'A256GCM' 암호화를 사용
+        try {
+            const token = await new jose_1.EncryptJWT(jwt)
+                .setProtectedHeader({
+                alg: 'dir', // Direct key agreement
+                enc: 'A256GCM' // AES-256-GCM encryption
+            })
+                .setIssuedAt(now)
+                .setExpirationTime(now + maxAge)
+                .setJti(crypto.randomUUID())
+                .encrypt(keyBytes);
+            debugLog('encodeNextAuthToken', 'EncryptJWT fallback successful, length:', token.length);
+            return token;
+        }
+        catch (encryptError) {
+            debugError('encodeNextAuthToken', 'EncryptJWT also failed:', encryptError);
+            throw new Error(`Failed to encode NextAuth token: ${error instanceof Error ? error.message : String(error)}`);
+        }
     }
 }
 function setCustomTokens(response, accessToken, optionsOrRefreshToken, options) {
@@ -441,7 +454,7 @@ async function createAuthResponse(accessToken, secret, options) {
         hasRole: !!jwt.role,
         hasRefreshToken: !!jwt.refreshToken,
     });
-    // 3. NextAuth 세션 쿠키 생성 (jose 사용)
+    // 3. NextAuth 세션 쿠키 생성 (NextAuth encode() 우선 사용)
     const nextAuthToken = await encodeNextAuthToken(jwt, secret);
     debugLog('createAuthResponse', 'NextAuth session token encoded:', {
         tokenLength: nextAuthToken.length,
@@ -647,7 +660,7 @@ async function verifyAndRefreshToken(req, secret, options) {
                         jwt.refreshToken = newRefreshToken;
                     }
                     jwt.accessTokenExpires = Date.now() + (15 * 60 * 1000);
-                    // NextAuth 세션 쿠키 생성 (jose 사용)
+                    // NextAuth 세션 쿠키 생성 (NextAuth encode() 우선 사용)
                     try {
                         const nextAuthToken = await encodeNextAuthToken(jwt, secret);
                         const nextAuthCookieName = isProduction

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@thinkingcat/auth-utils",
-  "version": "1.0.38",
+  "version": "1.0.39",
   "description": "Authentication utilities for ThinkingCat SSO services with conditional logging",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",