@thinkingcat/auth-utils 2.0.0 → 2.0.2

package/README.md

@@ -91,7 +91,7 @@ npm install @thinkingcat/auth-utils
 ```json
 {
   "dependencies": {
-    "@thinkingcat/auth-utils": "^1.0.17"
+    "@thinkingcat/auth-utils": "^2.0.2"
   }
 }
 ```
@@ -237,7 +237,7 @@ const response = await handleMiddleware(req, middlewareConfig, {
 
 ### 토큰 검증 및 생성
 
-#### `verifyToken(accessToken: string, secret: string, licenseKey: string)`
+#### `verifyToken(accessToken: string, secret: string)`
 
 JWT access token을 검증하고 디코딩합니다.
 
@@ -245,7 +245,6 @@ JWT access token을 검증하고 디코딩합니다.
 
 - `accessToken`: 검증할 JWT 토큰
 - `secret`: JWT 서명에 사용할 secret key
-- `licenseKey`: 라이센스 키 (필수)
 
 **반환값:**
 
@@ -256,8 +255,7 @@ JWT access token을 검증하고 디코딩합니다.
 
 ```typescript
 const secret = process.env.NEXTAUTH_SECRET!;
-const licenseKey = process.env.LICENSE_KEY!;
-const result = await verifyToken(accessToken, secret, licenseKey);
+const result = await verifyToken(accessToken, secret);
 
 if (result) {
   const { payload } = result;
@@ -1054,8 +1052,8 @@ export async function GET(req: NextRequest) {
   }
 
   const secret = process.env.NEXTAUTH_SECRET!;
-  const licenseKey = process.env.LICENSE_KEY!;
-  const tokenResult = await verifyToken(tokenParam, secret, licenseKey);
+
+  const tokenResult = await verifyToken(tokenParam, secret);
 
   if (!tokenResult) {
     return NextResponse.redirect("/login");
@@ -1096,8 +1094,8 @@ export async function GET(req: NextRequest) {
   }
 
   const secret = process.env.NEXTAUTH_SECRET!;
-  const licenseKey = process.env.LICENSE_KEY!;
-  const tokenResult = await verifyToken(tokenParam, secret, licenseKey);
+
+  const tokenResult = await verifyToken(tokenParam, secret);
 
   if (!tokenResult) {
     return NextResponse.redirect("/login");
@@ -1140,10 +1138,10 @@ export async function GET(req: NextRequest) {
   }
 
   const secret = process.env.NEXTAUTH_SECRET!;
-  const licenseKey = process.env.LICENSE_KEY!;
+
   const isProduction = process.env.NODE_ENV === "production";
 
-  const tokenResult = await verifyToken(tokenParam, secret, licenseKey);
+  const tokenResult = await verifyToken(tokenParam, secret);
   if (!tokenResult) {
     return NextResponse.redirect("/login");
   }
@@ -1490,31 +1488,27 @@ const response = await handleMiddleware(req, middlewareConfig, {
 ## 📦 패키지 정보
 
 - **패키지명**: `@thinkingcat/auth-utils`
-- **버전**: `1.0.17`
+- **버전**: `2.0.2`
 - **라이선스**: MIT
 - **저장소**: npm registry
 
 ## 📝 변경 이력 (Changelog)
 
-### v1.0.17 (2024-11-15)
+### v2.0.2 (2025-12-24)
 
 **새로운 기능:**
 
-- 조건부 로깅 시스템 추가 (`debugLog`, `debugError`)
-- 환경 변수 `AUTH_UTILS_DEBUG` 지원
-- 프로덕션 환경에서 로그 출력 최적화
+- SSO 로그인 URL 경로 최적화 (`/login` -> `/auth/login`)
+- 라이센스 키(LICENSE_KEY) 필수화 및 가용성 확대
+- 타입 정의 및 미들웨어 핸들러의 안정성 강화
 
 **개선 사항:**
 
-- 코드 구조 개선 (15개 기능별 섹션으로 그룹화)
-- 중복 코드 제거 (`deleteNextAuthSessionCookie`, `clearAllAuthCookies` 헬퍼 추가)
-- 로그 메시지 간소화 및 가독성 향상
-- 불필요한 주석 제거
-
-**성능 최적화:**
+- `verifyToken` 함수에서 `licenseKey` 파라미터 제거 (내부 로직 최적화)
+- `README.md`를 최신 소스 코드 API에 맞게 전체 업데이트
+- 미들웨어 설정(`MiddlewareConfig`) 및 옵션(`MiddlewareOptions`) 상세화
 
-- 프로덕션 환경에서 로그 출력 비활성화로 성능 향상
-- 조건부 로깅으로 런타임 오버헤드 감소
+### v1.0.17 (2024-11-15)
 
 ## 🤝 기여 (Contributing)
 

package/dist/core/auth-response.js

@@ -1,41 +1,41 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.createAuthResponse = createAuthResponse;
-const license_1 = require("../utils/license");
-const jwt_1 = require("./jwt");
-const server_1 = require("../utils/server");
-const cookies_1 = require("./cookies");
-const logger_1 = require("../utils/logger");
+const license_js_1 = require("../utils/license.js");
+const jwt_js_1 = require("./jwt.js");
+const server_js_1 = require("../utils/server.js");
+const cookies_js_1 = require("./cookies.js");
+const logger_js_1 = require("../utils/logger.js");
 /**
  * access token과 refresh token을 사용하여 완전한 인증 세션 생성
  */
 async function createAuthResponse(accessToken, secret, options) {
-    await (0, license_1.checkLicenseKey)(options.licenseKey);
+    await (0, license_js_1.checkLicenseKey)(options.licenseKey);
     const { req, refreshToken, redirectPath, text, cookiePrefix, isProduction = false, cookieDomain, serviceId, } = options;
-    const tokenResult = await (0, jwt_1.verifyToken)(accessToken, secret);
+    const tokenResult = await (0, jwt_js_1.verifyToken)(accessToken, secret);
     if (!tokenResult) {
         throw new Error('Invalid token');
     }
     const { payload } = tokenResult;
-    const jwt = (0, jwt_1.createNextAuthJWT)(payload, serviceId);
+    const jwt = (0, jwt_js_1.createNextAuthJWT)(payload, serviceId);
     if (refreshToken) {
         jwt.refreshToken = refreshToken;
     }
     jwt.accessTokenExpires = Date.now() + (15 * 60 * 1000);
-    (0, logger_1.debugLog)('createAuthResponse', 'JWT prepared', { jwtId: jwt?.id });
-    const { NextResponse: NextResponseClass } = await (0, server_1.getNextServer)();
+    (0, logger_js_1.debugLog)('createAuthResponse', 'JWT prepared', { jwtId: jwt?.id });
+    const { NextResponse: NextResponseClass } = await (0, server_js_1.getNextServer)();
     const response = redirectPath
         ? NextResponseClass.redirect(new URL(redirectPath, req.url), { status: 302 })
         : NextResponseClass.json({ success: true, message: text || 'Authentication successful' }, { status: 200 });
     if (refreshToken) {
-        (0, cookies_1.setCustomTokens)(response, accessToken, refreshToken, {
+        (0, cookies_js_1.setCustomTokens)(response, accessToken, refreshToken, {
             cookiePrefix,
             isProduction,
             cookieDomain,
         });
     }
     else {
-        (0, cookies_1.setCustomTokens)(response, accessToken, {
+        (0, cookies_js_1.setCustomTokens)(response, accessToken, {
             cookiePrefix,
             isProduction,
             cookieDomain,

package/dist/core/cookies.d.ts

@@ -1,4 +1,4 @@
-import type { ResponseLike } from '../types';
+import type { ResponseLike } from '../types/index.js';
 /**
  * NextAuth 세션 토큰 쿠키를 삭제하는 헬퍼 함수
  */

package/dist/core/cookies.js

@@ -5,7 +5,7 @@ exports.clearAuthCookies = clearAuthCookies;
 exports.clearAllAuthCookies = clearAllAuthCookies;
 exports.setCustomTokens = setCustomTokens;
 exports.setNextAuthToken = setNextAuthToken;
-const logger_1 = require("../utils/logger");
+const logger_js_1 = require("../utils/logger.js");
 /**
  * NextAuth 세션 토큰 쿠키를 삭제하는 헬퍼 함수
  */
@@ -70,7 +70,7 @@ function setCustomTokens(response, accessToken, optionsOrRefreshToken, options)
     const accessTokenName = `${cookiePrefix}_access_token`;
     response.cookies.delete(accessTokenName);
     response.cookies.set(accessTokenName, accessToken, cookieOptions);
-    (0, logger_1.debugLog)('setCustomTokens', `Set ${accessTokenName} cookie`, { domain: cookieOptions.domain });
+    (0, logger_js_1.debugLog)('setCustomTokens', `Set ${accessTokenName} cookie`, { domain: cookieOptions.domain });
     if (refreshTokenValue) {
         const refreshTokenName = `${cookiePrefix}_refresh_token`;
         const refreshCookieOptions = {

package/dist/core/jwt.d.ts

@@ -1,5 +1,5 @@
 import type { JWT } from "next-auth/jwt";
-import type { JWTPayload } from '../types';
+import type { JWTPayload } from '../types/index.js';
 /**
  * 토큰 검증 및 디코딩
  */

package/dist/core/jwt.js

@@ -40,8 +40,8 @@ exports.encodeNextAuthToken = encodeNextAuthToken;
 exports.isTokenExpired = isTokenExpired;
 exports.isValidToken = isValidToken;
 const jose_1 = require("jose");
-const logger_1 = require("../utils/logger");
-const crypto_1 = require("../utils/crypto");
+const logger_js_1 = require("../utils/logger.js");
+const crypto_js_1 = require("../utils/crypto.js");
 /**
  * 토큰 검증 및 디코딩
  */
@@ -121,7 +121,7 @@ function createNextAuthJWT(payload, serviceId) {
 async function encodeNextAuthToken(jwt, secret, maxAge = 30 * 24 * 60 * 60) {
     try {
         const { encode } = await Promise.resolve().then(() => __importStar(require('next-auth/jwt')));
-        (0, logger_1.debugLog)('encodeNextAuthToken', 'Using next-auth/jwt encode');
+        (0, logger_js_1.debugLog)('encodeNextAuthToken', 'Using next-auth/jwt encode');
         const encoded = await encode({
             token: jwt,
             secret: secret,
@@ -130,8 +130,8 @@ async function encodeNextAuthToken(jwt, secret, maxAge = 30 * 24 * 60 * 60) {
         return encoded;
     }
     catch (error) {
-        (0, logger_1.debugLog)('encodeNextAuthToken', 'NextAuth encode failed, using jose EncryptJWT fallback', error);
-        const secretHash = await (0, crypto_1.createHashSHA256)(secret);
+        (0, logger_js_1.debugLog)('encodeNextAuthToken', 'NextAuth encode failed, using jose EncryptJWT fallback', error);
+        const secretHash = await (0, crypto_js_1.createHashSHA256)(secret);
         const keyBytes = new Uint8Array(32);
         for (let i = 0; i < 32; i++) {
             keyBytes[i] = parseInt(secretHash.slice(i * 2, i * 2 + 2), 16);
@@ -150,7 +150,7 @@ async function encodeNextAuthToken(jwt, secret, maxAge = 30 * 24 * 60 * 60) {
             return token;
         }
         catch (encryptError) {
-            (0, logger_1.debugError)('encodeNextAuthToken', 'EncryptJWT also failed:', encryptError);
+            (0, logger_js_1.debugError)('encodeNextAuthToken', 'EncryptJWT also failed:', encryptError);
             throw new Error(`Failed to encode NextAuth token: ${error instanceof Error ? error.message : String(error)}`);
         }
     }

package/dist/core/roles.d.ts

@@ -1,5 +1,5 @@
 import type { JWT } from "next-auth/jwt";
-import type { RoleAccessConfig } from '../types';
+import type { RoleAccessConfig } from '../types/index.js';
 /**
  * JWT에서 서비스별 역할을 추출하는 헬퍼 함수
  */

package/dist/core/roles.js

@@ -30,8 +30,9 @@ function requiresSubscription(pathname, role, subscriptionRequiredPaths, systemA
  * 역할 기반 접근 제어 확인
  */
 function checkRoleAccess(pathname, role, roleConfig) {
-    for (const [configRole, config] of Object.entries(roleConfig)) {
-        const isPathMatch = config.paths.some(path => pathname.startsWith(path));
+    for (const [configRole, configEntry] of Object.entries(roleConfig)) {
+        const config = configEntry;
+        const isPathMatch = config.paths.some((path) => pathname.startsWith(path));
         if (isPathMatch) {
             if (role === configRole || config.allowedRoles?.includes(role)) {
                 return { allowed: true };

package/dist/core/verify.d.ts

@@ -1,5 +1,5 @@
 import type { NextRequest, NextResponse } from 'next/server';
-import type { JWTPayload } from '../types';
+import type { JWTPayload } from '../types/index';
 /**
  * 토큰 검증 및 갱신 시도
  */

package/dist/index.d.ts

@@ -1,4 +1,4 @@
-export * from './types';
+export * from './types/index';
 export * from './utils/logger';
 export * from './utils/crypto';
 export * from './utils/server';

package/dist/index.js

@@ -14,7 +14,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./types"), exports);
+__exportStar(require("./types/index"), exports);
 __exportStar(require("./utils/logger"), exports);
 __exportStar(require("./utils/crypto"), exports);
 __exportStar(require("./utils/server"), exports);

package/dist/middleware/config.d.ts

@@ -1,4 +1,4 @@
-import type { MiddlewareConfig } from '../types';
+import type { MiddlewareConfig } from '../types/index.js';
 /**
  * 기본 미들웨어 설정을 생성하는 함수
  */

package/dist/middleware/handler.d.ts

@@ -1,5 +1,5 @@
 import type { NextRequest, NextResponse } from 'next/server';
-import type { MiddlewareConfig, MiddlewareOptions } from '../types';
+import type { MiddlewareConfig, MiddlewareOptions } from '../types/index.js';
 /**
  * 통합 미들웨어 핸들러 함수
  */

package/dist/middleware/handler.js

@@ -34,25 +34,25 @@ var __importStar = (this && this.__importStar) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.handleMiddleware = handleMiddleware;
-const server_1 = require("../utils/server");
-const license_1 = require("../utils/license");
-const logger_1 = require("../utils/logger");
-const roles_1 = require("../core/roles");
-const verify_1 = require("../core/verify");
-const jwt_1 = require("../core/jwt");
-const api_1 = require("../sso/api");
-const auth_response_1 = require("../core/auth-response");
-const redirect_1 = require("../utils/redirect");
-const cookies_1 = require("../core/cookies");
+const server_js_1 = require("../utils/server.js");
+const license_js_1 = require("../utils/license.js");
+const logger_js_1 = require("../utils/logger.js");
+const roles_js_1 = require("../core/roles.js");
+const verify_js_1 = require("../core/verify.js");
+const jwt_js_1 = require("../core/jwt.js");
+const api_js_1 = require("../sso/api.js");
+const auth_response_js_1 = require("../core/auth-response.js");
+const redirect_js_1 = require("../utils/redirect.js");
+const cookies_js_1 = require("../core/cookies.js");
 /**
  * 통합 미들웨어 핸들러 함수
  */
 async function handleMiddleware(req, config, options) {
-    const { NextResponse: NextResponseClass } = await (0, server_1.getNextServer)();
+    const { NextResponse: NextResponseClass } = await (0, server_js_1.getNextServer)();
     try {
         const pathname = req.nextUrl.pathname;
         const { secret, isProduction, cookieDomain, getNextAuthToken, licenseKey } = options;
-        await (0, license_1.checkLicenseKey)(licenseKey);
+        await (0, license_js_1.checkLicenseKey)(licenseKey);
         if (!config.serviceId) {
             throw new Error('serviceId is required in middleware config');
         }
@@ -68,10 +68,10 @@ async function handleMiddleware(req, config, options) {
                 token = await getToken({ req, secret });
             }
             catch (error) {
-                (0, logger_1.debugLog)('handleMiddleware', 'getToken failed', error);
+                (0, logger_js_1.debugLog)('handleMiddleware', 'getToken failed', error);
             }
         }
-        const effectiveRole = (0, roles_1.getEffectiveRole)(token, serviceId);
+        const effectiveRole = (0, roles_js_1.getEffectiveRole)(token, serviceId);
         // 1. API 요청 처리
         if (pathname.startsWith('/api/')) {
             if (config.authApiPaths.includes(pathname)) {
@@ -80,7 +80,7 @@ async function handleMiddleware(req, config, options) {
             if (config.subscriptionExemptApiPaths.some((path) => pathname.startsWith(path))) {
                 return NextResponseClass.next();
             }
-            const authCheck = await (0, verify_1.verifyAndRefreshTokenWithNextAuth)(req, token, secret, {
+            const authCheck = await (0, verify_js_1.verifyAndRefreshTokenWithNextAuth)(req, token, secret, {
                 cookiePrefix,
                 serviceId,
                 isProduction,
@@ -93,8 +93,8 @@ async function handleMiddleware(req, config, options) {
             if (authCheck.response)
                 return authCheck.response;
             if (!authCheck.isValid) {
-                const response = await (0, redirect_1.redirectToError)(req, 'UNAUTHORIZED', '인증이 필요합니다.', config.errorPath);
-                (0, cookies_1.clearAuthCookies)(response, cookiePrefix);
+                const response = await (0, redirect_js_1.redirectToError)(req, 'UNAUTHORIZED', '인증이 필요합니다.', config.errorPath);
+                (0, cookies_js_1.clearAuthCookies)(response, cookiePrefix);
                 return response;
             }
             return NextResponseClass.next();
@@ -104,27 +104,27 @@ async function handleMiddleware(req, config, options) {
             const tokenParam = req.nextUrl.searchParams.get('token');
             if (tokenParam) {
                 try {
-                    const tokenResult = await (0, jwt_1.verifyToken)(tokenParam, secret);
+                    const tokenResult = await (0, jwt_js_1.verifyToken)(tokenParam, secret);
                     if (!tokenResult)
                         throw new Error('Invalid token');
                     const { payload } = tokenResult;
                     const defaultRole = Object.keys(config.rolePaths)[0] || 'ADMIN';
-                    const tokenRole = (0, jwt_1.extractRoleFromPayload)(payload, serviceId, defaultRole);
+                    const tokenRole = (0, jwt_js_1.extractRoleFromPayload)(payload, serviceId, defaultRole);
                     const userId = payload.id || payload.sub || payload.userId || '';
                     const ssoBaseURL = options.ssoBaseURL;
                     const authServiceKey = options.authServiceKey;
                     let refreshToken = '';
                     if (authServiceKey && userId) {
                         try {
-                            const refreshTokenResult = await (0, api_1.getRefreshTokenFromSSO)(userId, tokenParam, { ssoBaseURL, authServiceKey });
+                            const refreshTokenResult = await (0, api_js_1.getRefreshTokenFromSSO)(userId, tokenParam, { ssoBaseURL, authServiceKey });
                             refreshToken = refreshTokenResult || '';
                         }
                         catch (error) {
-                            (0, logger_1.debugError)('handleMiddleware', 'Failed to get refresh token', error);
+                            (0, logger_js_1.debugError)('handleMiddleware', 'Failed to get refresh token', error);
                         }
                     }
                     const redirectPath = config.rolePaths[tokenRole] || config.rolePaths[defaultRole] || '/admin';
-                    return await (0, auth_response_1.createAuthResponse)(tokenParam, secret, {
+                    return await (0, auth_response_js_1.createAuthResponse)(tokenParam, secret, {
                         req,
                         refreshToken: refreshToken || undefined,
                         redirectPath,
@@ -137,16 +137,16 @@ async function handleMiddleware(req, config, options) {
                     });
                 }
                 catch (error) {
-                    (0, logger_1.debugError)('handleMiddleware', 'Error processing token', error);
+                    (0, logger_js_1.debugError)('handleMiddleware', 'Error processing token', error);
                     const ssoBaseURL = options.ssoBaseURL;
-                    return await (0, redirect_1.redirectToSSOLogin)(req, serviceId, ssoBaseURL);
+                    return await (0, redirect_js_1.redirectToSSOLogin)(req, serviceId, ssoBaseURL);
                 }
             }
             if (token && effectiveRole) {
-                return await (0, redirect_1.redirectToRoleDashboard)(req, effectiveRole, config.rolePaths);
+                return await (0, redirect_js_1.redirectToRoleDashboard)(req, effectiveRole, config.rolePaths);
             }
             const ssoBaseURL = options.ssoBaseURL;
-            return await (0, redirect_1.redirectToSSOLogin)(req, serviceId, ssoBaseURL);
+            return await (0, redirect_js_1.redirectToSSOLogin)(req, serviceId, ssoBaseURL);
         }
         // 3. 공개 경로 처리
         if (config.publicPaths.some((path) => pathname === path || pathname.startsWith(path))) {
@@ -154,12 +154,12 @@ async function handleMiddleware(req, config, options) {
                 return NextResponseClass.next();
             }
             if (token && effectiveRole) {
-                return await (0, redirect_1.redirectToRoleDashboard)(req, effectiveRole, config.rolePaths);
+                return await (0, redirect_js_1.redirectToRoleDashboard)(req, effectiveRole, config.rolePaths);
             }
             return NextResponseClass.next();
         }
         // 4. 인증 체크
-        const authCheck = await (0, verify_1.verifyAndRefreshTokenWithNextAuth)(req, token, secret, {
+        const authCheck = await (0, verify_js_1.verifyAndRefreshTokenWithNextAuth)(req, token, secret, {
             cookiePrefix,
             serviceId,
             isProduction,
@@ -173,7 +173,7 @@ async function handleMiddleware(req, config, options) {
             return authCheck.response;
         if (!authCheck.isValid) {
             const ssoBaseURL = options.ssoBaseURL;
-            return await (0, redirect_1.redirectToSSOLogin)(req, serviceId, ssoBaseURL);
+            return await (0, redirect_js_1.redirectToSSOLogin)(req, serviceId, ssoBaseURL);
         }
         let finalToken = authCheck.token || token;
         if (!finalToken && authCheck.isValid) {
@@ -192,29 +192,29 @@ async function handleMiddleware(req, config, options) {
         }
         if (!finalToken) {
             const ssoBaseURL = options.ssoBaseURL;
-            return await (0, redirect_1.redirectToSSOLogin)(req, serviceId, ssoBaseURL);
+            return await (0, redirect_js_1.redirectToSSOLogin)(req, serviceId, ssoBaseURL);
         }
         if (finalToken.error === "RefreshAccessTokenError") {
             const ssoBaseURL = options.ssoBaseURL;
-            return await (0, redirect_1.redirectToSSOLogin)(req, serviceId, ssoBaseURL);
+            return await (0, redirect_js_1.redirectToSSOLogin)(req, serviceId, ssoBaseURL);
         }
         if (!finalToken.role || !finalToken.email) {
             const ssoBaseURL = options.ssoBaseURL;
-            return await (0, redirect_1.redirectToSSOLogin)(req, serviceId, ssoBaseURL);
+            return await (0, redirect_js_1.redirectToSSOLogin)(req, serviceId, ssoBaseURL);
         }
-        const finalEffectiveRole = finalToken.role || (0, roles_1.getEffectiveRole)(finalToken, serviceId) || effectiveRole || '';
+        const finalEffectiveRole = finalToken.role || (0, roles_js_1.getEffectiveRole)(finalToken, serviceId) || effectiveRole || '';
         if (config.roleAccessConfig && Object.keys(config.roleAccessConfig).length > 0 && finalEffectiveRole) {
-            const roleCheck = (0, roles_1.checkRoleAccess)(pathname, finalEffectiveRole, config.roleAccessConfig);
+            const roleCheck = (0, roles_js_1.checkRoleAccess)(pathname, finalEffectiveRole, config.roleAccessConfig);
             if (!roleCheck.allowed) {
-                return await (0, redirect_1.redirectToError)(req, 'ACCESS_DENIED', roleCheck.message || '접근 권한이 없습니다.', config.errorPath);
+                return await (0, redirect_js_1.redirectToError)(req, 'ACCESS_DENIED', roleCheck.message || '접근 권한이 없습니다.', config.errorPath);
             }
         }
-        if (finalEffectiveRole && (0, roles_1.requiresSubscription)(pathname, finalEffectiveRole, config.subscriptionRequiredPaths, config.systemAdminRole)) {
+        if (finalEffectiveRole && (0, roles_js_1.requiresSubscription)(pathname, finalEffectiveRole, config.subscriptionRequiredPaths, config.systemAdminRole)) {
             const services = finalToken.services || [];
             const ssoBaseURL = options.ssoBaseURL;
             if (!ssoBaseURL)
                 throw new Error('ssoBaseURL is required');
-            const subscriptionCheck = (0, api_1.validateServiceSubscription)(services, serviceId, ssoBaseURL);
+            const subscriptionCheck = (0, api_js_1.validateServiceSubscription)(services, serviceId, ssoBaseURL);
             if (!subscriptionCheck.isValid) {
                 return NextResponseClass.redirect(subscriptionCheck.redirectUrl);
             }
@@ -222,7 +222,7 @@ async function handleMiddleware(req, config, options) {
         return null;
     }
     catch (error) {
-        (0, logger_1.debugError)('handleMiddleware', 'Middleware error', error);
-        return await (0, redirect_1.redirectToError)(req, 'INTERNAL_ERROR', '서버 오류가 발생했습니다.', config.errorPath);
+        (0, logger_js_1.debugError)('handleMiddleware', 'Middleware error', error);
+        return await (0, redirect_js_1.redirectToError)(req, 'INTERNAL_ERROR', '서버 오류가 발생했습니다.', config.errorPath);
     }
 }

package/dist/nextauth/callbacks.js

@@ -36,8 +36,8 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.createInitialJWTToken = createInitialJWTToken;
 exports.getJWTFromCustomTokenCookie = getJWTFromCustomTokenCookie;
 exports.handleJWTCallback = handleJWTCallback;
-const jwt_1 = require("../core/jwt");
-const license_1 = require("../utils/license");
+const jwt_js_1 = require("../core/jwt.js");
+const license_js_1 = require("../utils/license.js");
 /**
  * JWT 콜백에서 초기 로그인 시 토큰 생성 헬퍼
  */
@@ -69,12 +69,12 @@ async function getJWTFromCustomTokenCookie(cookieName, secret, serviceId, licens
         const accessToken = cookieStore.get(cookieName)?.value;
         if (!accessToken)
             return null;
-        await (0, license_1.checkLicenseKey)(licenseKey);
-        const tokenResult = await (0, jwt_1.verifyToken)(accessToken, secret);
+        await (0, license_js_1.checkLicenseKey)(licenseKey);
+        const tokenResult = await (0, jwt_js_1.verifyToken)(accessToken, secret);
         if (!tokenResult)
             return null;
         const { payload } = tokenResult;
-        const jwt = (0, jwt_1.createNextAuthJWT)(payload, serviceId);
+        const jwt = (0, jwt_js_1.createNextAuthJWT)(payload, serviceId);
         jwt.accessTokenExpires = Date.now() + (15 * 60 * 1000);
         const refreshTokenCookieName = cookieName.replace('_access_token', '_refresh_token');
         const refreshToken = cookieStore.get(refreshTokenCookieName)?.value;
@@ -123,9 +123,9 @@ async function handleJWTCallback(token, user, account, options) {
             if (response.ok) {
                 const result = await response.json();
                 if (result.success && result.accessToken) {
-                    const tokenResult = await (0, jwt_1.verifyToken)(result.accessToken, secret);
+                    const tokenResult = await (0, jwt_js_1.verifyToken)(result.accessToken, secret);
                     if (tokenResult) {
-                        const newJWT = (0, jwt_1.createNextAuthJWT)(tokenResult.payload, serviceId || '');
+                        const newJWT = (0, jwt_js_1.createNextAuthJWT)(tokenResult.payload, serviceId || '');
                         return {
                             ...newJWT,
                             refreshToken,

package/dist/sso/api.d.ts

@@ -1,4 +1,4 @@
-import type { ServiceInfo, SSORefreshTokenResponse } from '../types';
+import type { ServiceInfo, SSORefreshTokenResponse } from '../types/index.js';
 /**
  * 서비스 구독 유효성 확인 함수
  */

package/dist/utils/license.js

@@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.checkLicenseKey = checkLicenseKey;
-const crypto_1 = require("./crypto");
+const crypto_js_1 = require("./crypto.js");
 // 유효한 라이센스 키 해시 목록
 const VALID_LICENSE_KEY_HASHES = new Set([
     '73bce4f3b64804c255cdab450d759a8b53038f9edb59ae42d9988b08dfd007e2',
@@ -13,7 +13,7 @@ async function checkLicenseKey(licenseKey) {
     if (!licenseKey || licenseKey.length < 10) {
         throw new Error('License key is required');
     }
-    const keyHash = await (0, crypto_1.createHashSHA256)(licenseKey);
+    const keyHash = await (0, crypto_js_1.createHashSHA256)(licenseKey);
     if (!VALID_LICENSE_KEY_HASHES.has(keyHash)) {
         throw new Error('Invalid license key');
     }

package/dist/utils/redirect.d.ts

@@ -1,20 +1,17 @@
 import type { NextRequest, NextResponse } from 'next/server';
 /**
- * 리다이렉트용 HTML 생성
- * @param redirectPath 리다이렉트할 경로
- * @param text 표시할 텍스트 (필수)
- * @returns HTML 문자열
+ * 리다이렉트를 위한 HTML 생성
  */
-export declare function createRedirectHTML(redirectPath: string, text: string): string;
+export declare function createRedirectHTML(url: string): string;
 /**
- * 에러 페이지로 리다이렉트하는 헬퍼 함수
+ * 에러 페이지로 리다이렉트
  */
 export declare function redirectToError(req: NextRequest, code: string, message: string, errorPath?: string): Promise<NextResponse>;
 /**
- * SSO 로그인 페이지로 리다이렉트하는 헬퍼 함수
+ * SSO 로그인 페이지로 리다이렉트
  */
-export declare function redirectToSSOLogin(req: NextRequest, serviceId: string, ssoBaseURL: string): Promise<NextResponse>;
+export declare function redirectToSSOLogin(req: NextRequest, serviceId: string, ssoBaseURL?: string): Promise<NextResponse>;
 /**
- * 역할별 대시보드 경로로 리다이렉트하는 헬퍼 함수
+ * 역할별 대시보드로 리다이렉트
  */
-export declare function redirectToRoleDashboard(req: NextRequest, role: string, rolePaths: Record<string, string>, defaultPath?: string): Promise<NextResponse>;
+export declare function redirectToRoleDashboard(req: NextRequest, role: string, rolePaths: Record<string, string>): Promise<NextResponse>;

package/dist/utils/redirect.js

@@ -4,103 +4,47 @@ exports.createRedirectHTML = createRedirectHTML;
 exports.redirectToError = redirectToError;
 exports.redirectToSSOLogin = redirectToSSOLogin;
 exports.redirectToRoleDashboard = redirectToRoleDashboard;
-const server_1 = require("./server");
+const server_js_1 = require("./server.js");
 /**
- * 리다이렉트용 HTML 생성
- * @param redirectPath 리다이렉트할 경로
- * @param text 표시할 텍스트 (필수)
- * @returns HTML 문자열
+ * 리다이렉트를 위한 HTML 생성
  */
-function createRedirectHTML(redirectPath, text) {
+function createRedirectHTML(url) {
     return `
-    <!DOCTYPE html>
     <html>
       <head>
-        <meta charset="utf-8">
-        <title>Redirecting...</title>
-        <style>
-          * { margin: 0; padding: 0; box-sizing: border-box; }
-          html, body {
-            width: 100%;
-            height: 100%;
-            overflow: hidden;
-          }
-          body {
-            display: flex;
-            align-items: flex-start;
-            justify-content: flex-start;
-            padding-left: 10%;
-            padding-top: 20%;
-            background: #fff;
-          }
-          .typing-text {
-            font-family: 'Courier New', monospace;
-            font-size: 2.5rem;
-            font-weight: bold;
-            color: #667eea;
-            letter-spacing: 0.1em;
-          }
-          .cursor {
-            display: inline-block;
-            width: 3px;
-            height: 2.5rem;
-            background-color: #667eea;
-            margin-left: 2px;
-            animation: blink 0.7s infinite;
-          }
-          @keyframes blink {
-            0%, 50% { opacity: 1; }
-            51%, 100% { opacity: 0; }
-          }
-        </style>
+        <meta http-equiv="refresh" content="0;url=${url}">
       </head>
       <body>
-        <div class="typing-text">
-          <span id="text"></span><span class="cursor"></span>
-        </div>
-        <script>
-          const text = '${text}';
-          let index = 0;
-          const speed = 100;
-          
-          function type() {
-            if (index < text.length) {
-              document.getElementById('text').textContent += text.charAt(index);
-              index++;
-              setTimeout(type, speed);
-            } else {
-              setTimeout(() => window.location.href = '${redirectPath}', 200);
-            }
-          }
-          
-          type();
-        </script>
+        <p>Redirecting to <a href="${url}">${url}</a>...</p>
+        <script>window.location.href = "${url}";</script>
       </body>
     </html>
   `;
 }
 /**
- * 에러 페이지로 리다이렉트하는 헬퍼 함수
+ * 에러 페이지로 리다이렉트
  */
 async function redirectToError(req, code, message, errorPath = '/error') {
+    const { NextResponse: NextResponseClass } = await (0, server_js_1.getNextServer)();
     const url = new URL(errorPath, req.url);
     url.searchParams.set('code', code);
     url.searchParams.set('message', message);
-    const { NextResponse: NextResponseClass } = await (0, server_1.getNextServer)();
     return NextResponseClass.redirect(url);
 }
 /**
- * SSO 로그인 페이지로 리다이렉트하는 헬퍼 함수
+ * SSO 로그인 페이지로 리다이렉트
  */
 async function redirectToSSOLogin(req, serviceId, ssoBaseURL) {
-    const { NextResponse: NextResponseClass } = await (0, server_1.getNextServer)();
-    return NextResponseClass.redirect(new URL(`${ssoBaseURL}/auth/login?serviceId=${serviceId}`, req.url));
+    const { NextResponse: NextResponseClass } = await (0, server_js_1.getNextServer)();
+    const baseUrl = ssoBaseURL || 'https://sso.thinkingcat.com';
+    const callbackUrl = encodeURIComponent(req.url);
+    return NextResponseClass.redirect(`${baseUrl}/auth/login?serviceId=${serviceId}&callbackUrl=${callbackUrl}`);
 }
 /**
- * 역할별 대시보드 경로로 리다이렉트하는 헬퍼 함수
+ * 역할별 대시보드로 리다이렉트
  */
-async function redirectToRoleDashboard(req, role, rolePaths, defaultPath = '/admin') {
-    const redirectPath = rolePaths[role] || defaultPath;
-    const { NextResponse: NextResponseClass } = await (0, server_1.getNextServer)();
-    return NextResponseClass.redirect(new URL(redirectPath, req.url));
+async function redirectToRoleDashboard(req, role, rolePaths) {
+    const { NextResponse: NextResponseClass } = await (0, server_js_1.getNextServer)();
+    const path = rolePaths[role] || rolePaths['ADMIN'] || '/admin';
+    return NextResponseClass.redirect(new URL(path, req.url));
 }

package/dist/utils/server.d.ts

@@ -3,13 +3,6 @@
  */
 export declare function getNextServer(): Promise<{
     default: typeof import("next/server");
-    NextFetchEvent: typeof import("next/server").NextFetchEvent;
     NextRequest: typeof import("next/server").NextRequest;
     NextResponse: typeof import("next/server").NextResponse;
-    userAgentFromString: typeof import("next/server").userAgentFromString;
-    userAgent: typeof import("next/server").userAgent;
-    URLPattern: typeof import("next/server").URLPattern;
-    ImageResponse: typeof import("next/server").ImageResponse;
-    after: typeof import("next/server").after;
-    connection: typeof import("next/server").connection;
 }>;

package/package.json

@@ -1,13 +1,12 @@
 {
   "name": "@thinkingcat/auth-utils",
-  "version": "2.0.0",
+  "version": "2.0.2",
   "description": "Authentication utilities for ThinkingCat SSO services with conditional logging",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "exports": {
     ".": {
       "types": "./dist/index.d.ts",
-      "edge-light": "./dist/index.js",
       "default": "./dist/index.js"
     }
   },
@@ -30,7 +29,10 @@
   },
   "devDependencies": {
     "@types/node": "^20",
-    "typescript": "^5"
+    "typescript": "^5",
+    "next": ">=13.0.0",
+    "@types/react": "^18",
+    "@types/react-dom": "^18"
   },
   "peerDependencies": {
     "next": ">=13.0.0"