npm - @thinkingcat/auth-utils - Versions diffs - 1.0.46 → 1.0.48 - Mend

@thinkingcat/auth-utils 1.0.46 → 1.0.48

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.js +68 -130
package/package.json +1 -1

package/dist/index.js CHANGED Viewed

@@ -1,77 +1,4 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.verifyToken = verifyToken;
-exports.extractRoleFromPayload = extractRoleFromPayload;
-exports.createNextAuthJWT = createNextAuthJWT;
-exports.encodeNextAuthToken = encodeNextAuthToken;
-exports.setCustomTokens = setCustomTokens;
-exports.setNextAuthToken = setNextAuthToken;
-exports.createRedirectHTML = createRedirectHTML;
-exports.createAuthResponse = createAuthResponse;
-exports.validateServiceSubscription = validateServiceSubscription;
-exports.refreshSSOToken = refreshSSOToken;
-exports.getRefreshTokenFromSSO = getRefreshTokenFromSSO;
-exports.verifyAndRefreshToken = verifyAndRefreshToken;
-exports.redirectToError = redirectToError;
-exports.clearAuthCookies = clearAuthCookies;
-exports.getEffectiveRole = getEffectiveRole;
-exports.requiresSubscription = requiresSubscription;
-exports.createNextAuthCookies = createNextAuthCookies;
-exports.createNextAuthBaseConfig = createNextAuthBaseConfig;
-exports.createInitialJWTToken = createInitialJWTToken;
-exports.createEmptySession = createEmptySession;
-exports.mapTokenToSession = mapTokenToSession;
-exports.handleJWTCallback = handleJWTCallback;
-exports.getJWTFromCustomTokenCookie = getJWTFromCustomTokenCookie;
-exports.checkLicenseKey = checkLicenseKey;
-exports.checkRoleAccess = checkRoleAccess;
-exports.redirectToSSOLogin = redirectToSSOLogin;
-exports.redirectToRoleDashboard = redirectToRoleDashboard;
-exports.isTokenExpired = isTokenExpired;
-exports.isValidToken = isValidToken;
-exports.hasRole = hasRole;
-exports.hasAnyRole = hasAnyRole;
-exports.isPublicPath = isPublicPath;
-exports.isApiPath = isApiPath;
-exports.isProtectedApiPath = isProtectedApiPath;
-exports.checkAuthentication = checkAuthentication;
-exports.verifyAndRefreshTokenWithNextAuth = verifyAndRefreshTokenWithNextAuth;
-exports.createMiddlewareConfig = createMiddlewareConfig;
-exports.handleMiddleware = handleMiddleware;
-const jose_1 = require("jose");
+import { jwtVerify, EncryptJWT } from 'jose';
 // ============================================================================
 // UTILITY FUNCTIONS
 // ============================================================================
@@ -102,7 +29,7 @@ async function createHashSHA256(data) {
  * Edge Runtime 호환을 위해 next/server를 동적 import
  */
 async function getNextServer() {
-    return await Promise.resolve().then(() => __importStar(require('next/server')));
+    return await import('next/server');
 }
 /**
  * NextAuth 세션 토큰 쿠키를 삭제하는 헬퍼 함수
@@ -129,10 +56,10 @@ function clearAllAuthCookies(response, cookiePrefix, isProduction) {
  * @param secret JWT 서명에 사용할 secret key
  * @returns 검증된 payload 또는 null
  */
-async function verifyToken(accessToken, secret) {
+export async function verifyToken(accessToken, secret) {
     try {
         const secretBytes = new TextEncoder().encode(secret);
-        const { payload } = await (0, jose_1.jwtVerify)(accessToken, secretBytes);
+        const { payload } = await jwtVerify(accessToken, secretBytes);
         if (payload && typeof payload === 'object' && payload.email) {
             return { payload: payload };
         }
@@ -149,7 +76,7 @@ async function verifyToken(accessToken, secret) {
  * @param defaultRole 기본 역할 (기본값: 'ADMIN')
  * @returns 추출된 역할
  */
-function extractRoleFromPayload(payload, serviceId, defaultRole = 'ADMIN') {
+export function extractRoleFromPayload(payload, serviceId, defaultRole = 'ADMIN') {
     const services = payload.services || [];
     const service = services.find((s) => s.serviceId === serviceId);
     return service?.role || payload.role || defaultRole;
@@ -160,7 +87,7 @@ function extractRoleFromPayload(payload, serviceId, defaultRole = 'ADMIN') {
  * @param serviceId 서비스 ID (필수)
  * @returns NextAuth JWT 객체
  */
-function createNextAuthJWT(payload, serviceId) {
+export function createNextAuthJWT(payload, serviceId) {
     const services = payload.services || [];
     const service = services.find((s) => s.serviceId === serviceId);
     const effectiveRole = service?.role || payload.role || 'ADMIN';
@@ -216,10 +143,10 @@ function createNextAuthJWT(payload, serviceId) {
  * @param maxAge 토큰 유효 기간 (초, 기본값: 30일)
  * @returns 인코딩된 세션 토큰
  */
-async function encodeNextAuthToken(jwt, secret, maxAge = 30 * 24 * 60 * 60) {
+export async function encodeNextAuthToken(jwt, secret, maxAge = 30 * 24 * 60 * 60) {
     // NextAuth의 encode() 함수를 우선적으로 사용 (가장 호환성 좋음)
     try {
-        const { encode } = await Promise.resolve().then(() => __importStar(require('next-auth/jwt')));
+        const { encode } = await import('next-auth/jwt');
         debugLog('encodeNextAuthToken', 'Using next-auth/jwt encode');
         const encoded = await encode({
             token: jwt,
@@ -244,7 +171,7 @@ async function encodeNextAuthToken(jwt, secret, maxAge = 30 * 24 * 60 * 60) {
         // EncryptJWT를 사용하여 JWE 토큰 생성
         // NextAuth는 'dir' 키 관리와 'A256GCM' 암호화를 사용
         try {
-            const token = await new jose_1.EncryptJWT(jwt)
+            const token = await new EncryptJWT(jwt)
                 .setProtectedHeader({
                 alg: 'dir', // Direct key agreement
                 enc: 'A256GCM' // AES-256-GCM encryption
@@ -262,7 +189,7 @@ async function encodeNextAuthToken(jwt, secret, maxAge = 30 * 24 * 60 * 60) {
         }
     }
 }
-function setCustomTokens(response, accessToken, optionsOrRefreshToken, options) {
+export function setCustomTokens(response, accessToken, optionsOrRefreshToken, options) {
     // 옵션 파라미터 처리: refreshToken과 options를 분리
     let refreshTokenValue;
     let cookiePrefix;
@@ -335,7 +262,7 @@ function setCustomTokens(response, accessToken, optionsOrRefreshToken, options)
  * @param options.isProduction 프로덕션 환경 여부 (기본값: false)
  * @param options.cookieDomain 쿠키 도메인 (선택)
  */
-function setNextAuthToken(response, sessionToken, options = {}) {
+export function setNextAuthToken(response, sessionToken, options = {}) {
     const { isProduction = false, cookieDomain, } = options;
     // createNextAuthCookies와 동일한 로직 사용
     const cookies = createNextAuthCookies({ isProduction, cookieDomain });
@@ -353,7 +280,7 @@ function setNextAuthToken(response, sessionToken, options = {}) {
  * @param text 표시할 텍스트 (필수)
  * @returns HTML 문자열
  */
-function createRedirectHTML(redirectPath, text) {
+export function createRedirectHTML(redirectPath, text) {
     return `
     <!DOCTYPE html>
     <html>
@@ -437,7 +364,7 @@ function createRedirectHTML(redirectPath, text) {
  * @param options.licenseKey 라이센스 키 (필수)
  * @returns NextResponse 객체 (리다이렉트 또는 JSON 응답)
  */
-async function createAuthResponse(accessToken, secret, options) {
+export async function createAuthResponse(accessToken, secret, options) {
     await checkLicenseKey(options.licenseKey);
     const { req, refreshToken, redirectPath, text, cookiePrefix, isProduction = false, cookieDomain, serviceId, } = options;
     // 1. 토큰 검증
@@ -515,7 +442,7 @@ async function createAuthResponse(accessToken, secret, options) {
  * @param ssoBaseURL SSO 서버 기본 URL (필수)
  * @returns 구독 유효성 결과
  */
-function validateServiceSubscription(services, serviceId, ssoBaseURL) {
+export function validateServiceSubscription(services, serviceId, ssoBaseURL) {
     const filteredServices = services.filter(service => service.serviceId === serviceId);
     if (filteredServices.length === 0) {
         return {
@@ -544,7 +471,7 @@ function validateServiceSubscription(services, serviceId, ssoBaseURL) {
  * @param options.authServiceKey 인증 서비스 키 (기본값: 환경 변수)
  * @returns SSO refresh token 응답
  */
-async function refreshSSOToken(refreshToken, options) {
+export async function refreshSSOToken(refreshToken, options) {
     const { ssoBaseURL, authServiceKey } = options;
     if (!authServiceKey) {
         throw new Error('AUTH_SERVICE_SECRET_KEY not configured');
@@ -568,7 +495,7 @@ async function refreshSSOToken(refreshToken, options) {
  * @param options.authServiceKey 인증 서비스 키 (기본값: 환경 변수)
  * @returns refresh token 또는 null
  */
-async function getRefreshTokenFromSSO(userId, accessToken, options) {
+export async function getRefreshTokenFromSSO(userId, accessToken, options) {
     const { ssoBaseURL, authServiceKey } = options;
     if (!authServiceKey) {
         return null;
@@ -598,7 +525,7 @@ async function getRefreshTokenFromSSO(userId, accessToken, options) {
 // ============================================================================
 // TOKEN REFRESH & VERIFICATION FUNCTIONS
 // ============================================================================
-async function verifyAndRefreshToken(req, secret, options) {
+export async function verifyAndRefreshToken(req, secret, options) {
     const { cookiePrefix, serviceId, isProduction, cookieDomain, text, ssoBaseURL, authServiceKey, forceRefresh = false, } = options;
     // 1. access_token 쿠키 확인
     // forceRefresh가 true이면 access token이 있어도 refresh를 시도
@@ -607,7 +534,7 @@ async function verifyAndRefreshToken(req, secret, options) {
     if (accessToken && !forceRefresh) {
         try {
             const secretBytes = new TextEncoder().encode(secret);
-            const { payload } = await (0, jose_1.jwtVerify)(accessToken, secretBytes);
+            const { payload } = await jwtVerify(accessToken, secretBytes);
             if (payload && typeof payload === 'object' && payload.email) {
                 return { isValid: true, payload: payload };
             }
@@ -644,7 +571,7 @@ async function verifyAndRefreshToken(req, secret, options) {
                     let payload;
                     try {
                         const secretBytes = new TextEncoder().encode(secret);
-                        const { payload: tokenPayload } = await (0, jose_1.jwtVerify)(refreshResult.accessToken, secretBytes);
+                        const { payload: tokenPayload } = await jwtVerify(refreshResult.accessToken, secretBytes);
                         if (tokenPayload && typeof tokenPayload === 'object' && tokenPayload.email) {
                             payload = tokenPayload;
                         }
@@ -663,12 +590,23 @@ async function verifyAndRefreshToken(req, secret, options) {
                     }
                     jwt.accessTokenExpires = Date.now() + (15 * 60 * 1000);
                     // NextAuth 세션 쿠키 생성
-                    // 주의: NextAuth는 세션 쿠키를 자동으로 관리하므로, 직접 설정하는 것이 문제를 일으킬 수 있습니다.
-                    // 따라서 커스텀 토큰만 설정하고, NextAuth 세션은 JWT 콜백에서 처리하도록 합니다.
-                    debugLog('verifyAndRefreshToken', 'Skipping NextAuth session cookie - will be handled by NextAuth JWT callback', {
-                        hasJWT: !!jwt,
-                        jwtId: jwt?.id,
-                    });
+                    // 미들웨어에서는 NextAuth JWT callback이 실행되지 않으므로,
+                    // refresh 후 NextAuth 세션 쿠키를 직접 설정해야 합니다.
+                    try {
+                        const encodedSessionToken = await encodeNextAuthToken(jwt, secret, 30 * 24 * 60 * 60);
+                        setNextAuthToken(response, encodedSessionToken, {
+                            isProduction,
+                            cookieDomain,
+                        });
+                        debugLog('verifyAndRefreshToken', 'NextAuth session cookie set successfully', {
+                            hasJWT: !!jwt,
+                            jwtId: jwt?.id,
+                        });
+                    }
+                    catch (error) {
+                        debugError('verifyAndRefreshToken', 'Failed to set NextAuth session cookie:', error);
+                        // NextAuth 세션 쿠키 설정 실패해도 커스텀 토큰은 설정하므로 계속 진행
+                    }
                     // 커스텀 토큰 쿠키 설정
                     if (newRefreshToken) {
                         setCustomTokens(response, refreshResult.accessToken, newRefreshToken, {
@@ -721,7 +659,7 @@ async function verifyAndRefreshToken(req, secret, options) {
  * @param errorPath 에러 페이지 경로 (기본값: '/error')
  * @returns NextResponse 리다이렉트 응답
  */
-async function redirectToError(req, code, message, errorPath = '/error') {
+export async function redirectToError(req, code, message, errorPath = '/error') {
     const url = new URL(errorPath, req.url);
     url.searchParams.set('code', code);
     url.searchParams.set('message', message);
@@ -734,7 +672,7 @@ async function redirectToError(req, code, message, errorPath = '/error') {
  * @param cookiePrefix 쿠키 이름 접두사 (필수)
  * @returns NextResponse 객체
  */
-function clearAuthCookies(response, cookiePrefix) {
+export function clearAuthCookies(response, cookiePrefix) {
     response.cookies.delete(`${cookiePrefix}_access_token`);
     response.cookies.delete(`${cookiePrefix}_refresh_token`);
     return response;
@@ -745,7 +683,7 @@ function clearAuthCookies(response, cookiePrefix) {
  * @param serviceId 서비스 ID (필수)
  * @returns 추출된 역할 또는 undefined
  */
-function getEffectiveRole(token, serviceId) {
+export function getEffectiveRole(token, serviceId) {
     if (!token)
         return undefined;
     // token이 이미 JWT 객체인 경우 role을 직접 사용
@@ -765,7 +703,7 @@ function getEffectiveRole(token, serviceId) {
  * @param systemAdminRole 시스템 관리자 역할 (기본값: 'SYSTEM_ADMIN')
  * @returns 구독이 필요한지 여부
  */
-function requiresSubscription(pathname, role, subscriptionRequiredPaths, systemAdminRole = 'SYSTEM_ADMIN') {
+export function requiresSubscription(pathname, role, subscriptionRequiredPaths, systemAdminRole = 'SYSTEM_ADMIN') {
     // 시스템 관리자는 구독 확인 제외
     if (role === systemAdminRole) {
         return false;
@@ -787,7 +725,7 @@ const VALID_LICENSE_KEY_HASHES = new Set([
  * @param options.cookieDomain 쿠키 도메인 (선택)
  * @returns NextAuth 쿠키 설정 객체
  */
-function createNextAuthCookies(options) {
+export function createNextAuthCookies(options) {
     const { isProduction = false, cookieDomain } = options;
     const isSecure = isProduction;
     // cookieDomain이 설정되어 있으면 같은 도메인/서브도메인 간 쿠키 공유를 위해 'lax' 사용
@@ -839,7 +777,7 @@ function createNextAuthCookies(options) {
  * @param options.jwtMaxAge JWT 최대 유지 시간 (초, 기본값: 30일)
  * @returns NextAuth 기본 설정 객체
  */
-function createNextAuthBaseConfig(options) {
+export function createNextAuthBaseConfig(options) {
     const { secret, isProduction = false, cookieDomain, signInPath = '/login', errorPath = '/login', nextAuthUrl, sessionMaxAge = 30 * 24 * 60 * 60, // 30일
     jwtMaxAge = 30 * 24 * 60 * 60, // 30일
      } = options;
@@ -868,7 +806,7 @@ function createNextAuthBaseConfig(options) {
  * @param account 계정 정보
  * @returns 업데이트된 JWT 토큰
  */
-function createInitialJWTToken(token, user, account) {
+export function createInitialJWTToken(token, user, account) {
     return {
         ...token,
         id: user.id,
@@ -891,7 +829,7 @@ function createInitialJWTToken(token, user, account) {
  * @param session 기존 세션
  * @returns 빈 세션 객체
  */
-function createEmptySession(session) {
+export function createEmptySession(session) {
     return {
         ...session,
         user: {
@@ -909,7 +847,7 @@ function createEmptySession(session) {
  * @param token JWT 토큰
  * @returns 업데이트된 세션
  */
-function mapTokenToSession(session, token) {
+export function mapTokenToSession(session, token) {
     if (!session.user) {
         return session;
     }
@@ -941,7 +879,7 @@ function mapTokenToSession(session, token) {
  * @param options.debug 디버깅 로그 출력 여부 (기본값: false)
  * @returns 업데이트된 JWT 토큰
  */
-async function handleJWTCallback(token, user, account, options) {
+export async function handleJWTCallback(token, user, account, options) {
     const { secret, licenseKey, serviceId, cookieName, debug = false, ssoBaseURL, authServiceKey, } = options || {};
     // 디버깅 로그
     if (debug) {
@@ -1052,10 +990,10 @@ async function handleJWTCallback(token, user, account, options) {
  * @param licenseKey 라이센스 키 (필수)
  * @returns NextAuth JWT 객체 또는 null
  */
-async function getJWTFromCustomTokenCookie(cookieName, secret, serviceId, licenseKey) {
+export async function getJWTFromCustomTokenCookie(cookieName, secret, serviceId, licenseKey) {
     debugLog('getJWTFromCustomTokenCookie', `Reading cookie: ${cookieName}`);
     try {
-        const { cookies } = await Promise.resolve().then(() => __importStar(require('next/headers')));
+        const { cookies } = await import('next/headers');
         const cookieStore = await cookies();
         const accessToken = cookieStore.get(cookieName)?.value;
         if (!accessToken) {
@@ -1092,7 +1030,7 @@ async function getJWTFromCustomTokenCookie(cookieName, secret, serviceId, licens
 // ============================================================================
 // LICENSE & AUTHORIZATION FUNCTIONS
 // ============================================================================
-async function checkLicenseKey(licenseKey) {
+export async function checkLicenseKey(licenseKey) {
     if (!licenseKey || licenseKey.length < 10) {
         throw new Error('License key is required');
     }
@@ -1101,7 +1039,7 @@ async function checkLicenseKey(licenseKey) {
         throw new Error('Invalid license key');
     }
 }
-function checkRoleAccess(pathname, role, roleConfig) {
+export function checkRoleAccess(pathname, role, roleConfig) {
     // 각 역할 설정을 확인
     for (const [configRole, config] of Object.entries(roleConfig)) {
         const isPathMatch = config.paths.some(path => pathname.startsWith(path));
@@ -1127,7 +1065,7 @@ function checkRoleAccess(pathname, role, roleConfig) {
  * @param ssoBaseURL SSO 서버 기본 URL (필수)
  * @returns NextResponse 리다이렉트 응답
  */
-async function redirectToSSOLogin(req, serviceId, ssoBaseURL) {
+export async function redirectToSSOLogin(req, serviceId, ssoBaseURL) {
     const { NextResponse: NextResponseClass } = await getNextServer();
     return NextResponseClass.redirect(new URL(`${ssoBaseURL}/auth/login?serviceId=${serviceId}`, req.url));
 }
@@ -1139,7 +1077,7 @@ async function redirectToSSOLogin(req, serviceId, ssoBaseURL) {
  * @param defaultPath 기본 경로 (기본값: '/admin')
  * @returns NextResponse 리다이렉트 응답
  */
-async function redirectToRoleDashboard(req, role, rolePaths, defaultPath = '/admin') {
+export async function redirectToRoleDashboard(req, role, rolePaths, defaultPath = '/admin') {
     const redirectPath = rolePaths[role] || defaultPath;
     const { NextResponse: NextResponseClass } = await getNextServer();
     return NextResponseClass.redirect(new URL(redirectPath, req.url));
@@ -1152,7 +1090,7 @@ async function redirectToRoleDashboard(req, role, rolePaths, defaultPath = '/adm
  * @param token NextAuth JWT 객체
  * @returns 만료 여부
  */
-function isTokenExpired(token) {
+export function isTokenExpired(token) {
     if (!token)
         return true;
     if (token.exp && typeof token.exp === 'number' && token.exp < Math.floor(Date.now() / 1000)) {
@@ -1165,7 +1103,7 @@ function isTokenExpired(token) {
  * @param token NextAuth JWT 객체
  * @returns 유효성 여부
  */
-function isValidToken(token) {
+export function isValidToken(token) {
     if (!token)
         return false;
     if (isTokenExpired(token))
@@ -1181,7 +1119,7 @@ function isValidToken(token) {
  * @param serviceId 서비스 ID (필수)
  * @returns 역할 보유 여부
  */
-function hasRole(token, role, serviceId) {
+export function hasRole(token, role, serviceId) {
     if (!token)
         return false;
     const effectiveRole = getEffectiveRole(token, serviceId);
@@ -1194,7 +1132,7 @@ function hasRole(token, role, serviceId) {
  * @param serviceId 서비스 ID (필수)
  * @returns 역할 보유 여부
  */
-function hasAnyRole(token, roles, serviceId) {
+export function hasAnyRole(token, roles, serviceId) {
     if (!token)
         return false;
     const effectiveRole = getEffectiveRole(token, serviceId);
@@ -1209,7 +1147,7 @@ function hasAnyRole(token, roles, serviceId) {
  * @param publicPaths 공개 경로 배열
  * @returns 공개 경로 여부
  */
-function isPublicPath(pathname, publicPaths) {
+export function isPublicPath(pathname, publicPaths) {
     return publicPaths.some(path => pathname === path || pathname.startsWith(path));
 }
 /**
@@ -1217,7 +1155,7 @@ function isPublicPath(pathname, publicPaths) {
  * @param pathname 경로명
  * @returns API 경로 여부
  */
-function isApiPath(pathname) {
+export function isApiPath(pathname) {
     return pathname.startsWith('/api/');
 }
 /**
@@ -1226,7 +1164,7 @@ function isApiPath(pathname) {
  * @param exemptPaths 제외할 경로 배열
  * @returns 보호된 API 경로 여부
  */
-function isProtectedApiPath(pathname, exemptPaths = []) {
+export function isProtectedApiPath(pathname, exemptPaths = []) {
     if (!isApiPath(pathname))
         return false;
     return !exemptPaths.some(path => pathname.startsWith(path));
@@ -1241,7 +1179,7 @@ function isProtectedApiPath(pathname, exemptPaths = []) {
  * @param options 옵션
  * @returns 인증 결과
  */
-async function checkAuthentication(req, secret, options) {
+export async function checkAuthentication(req, secret, options) {
     const { cookiePrefix, serviceId, getNextAuthToken, } = options;
     let nextAuthToken = null;
     if (getNextAuthToken) {
@@ -1281,7 +1219,7 @@ async function checkAuthentication(req, secret, options) {
  * @param options 옵션
  * @returns 인증 결과
  */
-async function verifyAndRefreshTokenWithNextAuth(req, nextAuthToken, secret, options) {
+export async function verifyAndRefreshTokenWithNextAuth(req, nextAuthToken, secret, options) {
     const { cookiePrefix, isProduction } = options;
     // NextAuth 세션 토큰 쿠키 확인
     const nextAuthSessionTokenCookieName = isProduction
@@ -1304,7 +1242,7 @@ async function verifyAndRefreshTokenWithNextAuth(req, nextAuthToken, secret, opt
     if (accessToken) {
         try {
             const secretBytes = new TextEncoder().encode(secret);
-            const { payload } = await (0, jose_1.jwtVerify)(accessToken, secretBytes);
+            const { payload } = await jwtVerify(accessToken, secretBytes);
             if (payload && typeof payload === 'object' && payload.email) {
                 hasValidAccessToken = true;
             }
@@ -1330,7 +1268,7 @@ async function verifyAndRefreshTokenWithNextAuth(req, nextAuthToken, secret, opt
         if (accessToken) {
             try {
                 const secretBytes = new TextEncoder().encode(secret);
-                const result = await (0, jose_1.jwtVerify)(accessToken, secretBytes);
+                const result = await jwtVerify(accessToken, secretBytes);
                 payload = result.payload;
             }
             catch {
@@ -1369,7 +1307,7 @@ async function verifyAndRefreshTokenWithNextAuth(req, nextAuthToken, secret, opt
         if (accessToken && hasValidAccessToken) {
             try {
                 const secretBytes = new TextEncoder().encode(secret);
-                const result = await (0, jose_1.jwtVerify)(accessToken, secretBytes);
+                const result = await jwtVerify(accessToken, secretBytes);
                 payload = result.payload;
             }
             catch {
@@ -1394,7 +1332,7 @@ async function verifyAndRefreshTokenWithNextAuth(req, nextAuthToken, secret, opt
  * @param defaults 기본 설정값 (선택사항, 제공하지 않으면 최소 기본값 사용)
  * @returns 미들웨어 설정 객체
  */
-function createMiddlewareConfig(config, defaults) {
+export function createMiddlewareConfig(config, defaults) {
     // 기본값 설정
     const defaultPublicPaths = defaults?.publicPaths || [
         '/robots.txt',
@@ -1460,7 +1398,7 @@ function createMiddlewareConfig(config, defaults) {
  * @param options 미들웨어 실행 옵션 (secret 필수)
  * @returns NextResponse 또는 null (다음 미들웨어로 진행)
  */
-async function handleMiddleware(req, config, options) {
+export async function handleMiddleware(req, config, options) {
     // Edge Runtime 호환을 위해 next/server를 한 번만 import
     const { NextResponse: NextResponseClass } = await getNextServer();
     try {
@@ -1480,7 +1418,7 @@ async function handleMiddleware(req, config, options) {
         }
         else {
             try {
-                const { getToken } = await Promise.resolve().then(() => __importStar(require('next-auth/jwt')));
+                const { getToken } = await import('next-auth/jwt');
                 token = await getToken({ req, secret });
                 debugLog('handleMiddleware', 'getToken result:', { hasToken: !!token });
             }
@@ -1653,7 +1591,7 @@ async function handleMiddleware(req, config, options) {
             }
             else {
                 try {
-                    const { getToken } = await Promise.resolve().then(() => __importStar(require('next-auth/jwt')));
+                    const { getToken } = await import('next-auth/jwt');
                     finalToken = await getToken({ req, secret });
                 }
                 catch {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@thinkingcat/auth-utils",
-  "version": "1.0.46",
+  "version": "1.0.48",
   "description": "Authentication utilities for ThinkingCat SSO services with conditional logging",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",