npm - @vtecx/vtecxnext - Versions diffs - 1.0.9 → 1.1.1 - Mend

@vtecx/vtecxnext 1.0.9 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/vtecxnext.d.ts CHANGED Viewed

@@ -5,6 +5,10 @@ import type { Readable } from 'node:stream';
  * Hello world.
  */
 export declare const hello: () => void;
+type StatusMessage = {
+    status: number;
+    message: string;
+};
 /**
  * X-Requested-With header check.
  * If not specified, set status 417 to the response.
@@ -29,26 +33,36 @@ export declare const sendMessage: (res: ServerResponse, statusCode: number, mess
  * @param res response
  * @param wsse WSSE
  * @param reCaptchaToken reCAPTCHA token
- * @return true if log in has been successful.
+ * @return status and message
  */
-export declare const login: (req: IncomingMessage, res: ServerResponse, wsse: string, reCaptchaToken?: string) => Promise<boolean>;
+export declare const login: (req: IncomingMessage, res: ServerResponse, wsse: string, reCaptchaToken?: string) => Promise<StatusMessage>;
 /**
  * login with RXID.
  * If the login is successful, sets the authentication information in a cookie.
  * @param req request
  * @param res response
  * @param rxid RXID
- * @return true if log in has been successful.
+ * @return status and message
  */
-export declare const loginWithRxid: (req: IncomingMessage, res: ServerResponse, rxid: string) => Promise<boolean>;
+export declare const loginWithRxid: (req: IncomingMessage, res: ServerResponse, rxid: string) => Promise<StatusMessage>;
+/**
+ * login with Time-based One Time Password.
+ * If the login is successful, sets the authentication information in a cookie.
+ * @param req request
+ * @param res response
+ * @param totp Time-based One Time Password
+ * @param isTrustedDevice true if trusted device
+ * @return status and message
+ */
+export declare const loginWithTotp: (req: IncomingMessage, res: ServerResponse, totp: string, isTrustedDevice: boolean) => Promise<StatusMessage>;
 /**
  * logout.
  * If the logout is successful, delete the authentication information in a cookie.
  * @param req request
  * @param res response
- * @return true if log out has been successful.
+ * @return status and message
  */
-export declare const logout: (req: IncomingMessage, res: ServerResponse) => Promise<boolean>;
+export declare const logout: (req: IncomingMessage, res: ServerResponse) => Promise<StatusMessage>;
 /**
  * get current datetime
  * @return current datetime
@@ -738,6 +752,38 @@ export declare const oauthCallbackLine: (req: IncomingMessage, res: ServerRespon
  * @returns buffer
  */
 export declare const buffer: (readable: Readable) => Promise<Buffer>;
+/**
+ * get TOTP link
+ * @param req request (for authentication)
+ * @param res response (for authentication)
+ * @param chs length of one side of QR code
+ * @return QR code URL in feed.title
+ */
+export declare const getTotpLink: (req: IncomingMessage, res: ServerResponse, chs?: number) => Promise<any>;
+/**
+ * create TOTP
+ * @param req request (for authentication)
+ * @param res response (for authentication)
+ * @param feed one-time password for feed.title when you do book registration
+ * @return message
+ */
+export declare const createTotp: (req: IncomingMessage, res: ServerResponse, feed: any) => Promise<any>;
+/**
+ * delete TOTP
+ * @param req request (for authentication)
+ * @param res response (for authentication)
+ * @param account target account (for service admin user)
+ * @return message
+ */
+export declare const deleteTotp: (req: IncomingMessage, res: ServerResponse, account?: string) => Promise<any>;
+/**
+ * change TDID (Trusted device ID)
+ * @param req request (for authentication)
+ * @param res response (for authentication)
+ * @param account target account (for service admin user)
+ * @return message
+ */
+export declare const changeTdid: (req: IncomingMessage, res: ServerResponse) => Promise<any>;
 /**
  * Error returned from vte.cx
  */
@@ -751,3 +797,4 @@ export declare class VtecxNextError extends Error {
 export declare class FetchError extends VtecxNextError {
     constructor(message: string);
 }
+export {};

package/dist/vtecxnext.js CHANGED Viewed

@@ -26,8 +26,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.deleteSignature = exports.putSignatures = exports.putSignature = exports.toPdf = exports.getBQCsv = exports.getBQ = exports.deleteBQ = exports.postBQ = exports.getPage = exports.pagination = exports.getSessionLong = exports.getSessionString = exports.getSessionEntry = exports.getSessionFeed = exports.deleteSessionLong = exports.deleteSessionString = exports.deleteSessionEntry = exports.deleteSessionFeed = exports.incrementSession = exports.setSessionLong = exports.setSessionString = exports.setSessionEntry = exports.setSessionFeed = exports.getRangeids = exports.rangeids = exports.setids = exports.getids = exports.addids = exports.allocids = exports.deleteFolder = exports.deleteEntry = exports.put = exports.post = exports.count = exports.getFeed = exports.getEntry = exports.log = exports.rxid = exports.service = exports.isLoggedin = exports.whoami = exports.account = exports.uid = exports.now = exports.logout = exports.loginWithRxid = exports.login = exports.sendMessage = exports.checkXRequestedWith = exports.hello = void 0;
-exports.FetchError = exports.VtecxNextError = exports.buffer = exports.oauthCallbackLine = exports.oauthLine = exports.removealias = exports.addalias = exports.removeacl = exports.addacl = exports.getcontent = exports.deletecontent = exports.putcontent = exports.savefiles = exports.deleteusers = exports.deleteuser = exports.canceluser = exports.activateusers = exports.activateuser = exports.revokeusers = exports.revokeuser = exports.userstatus = exports.changeaccount_verify = exports.changeaccount = exports.changepassByAdmin = exports.changepass = exports.passreset = exports.adduserByAdmin = exports.adduser = exports.isAdmin = exports.isGroupMember = exports.getGroups = exports.noGroupMember = exports.leaveGroup = exports.joinGroup = exports.getMessageQueue = exports.setMessageQueue = exports.setMessageQueueStatus = exports.pushNotification = exports.sendMail = exports.checkSignature = void 0;
+exports.putSignatures = exports.putSignature = exports.toPdf = exports.getBQCsv = exports.getBQ = exports.deleteBQ = exports.postBQ = exports.getPage = exports.pagination = exports.getSessionLong = exports.getSessionString = exports.getSessionEntry = exports.getSessionFeed = exports.deleteSessionLong = exports.deleteSessionString = exports.deleteSessionEntry = exports.deleteSessionFeed = exports.incrementSession = exports.setSessionLong = exports.setSessionString = exports.setSessionEntry = exports.setSessionFeed = exports.getRangeids = exports.rangeids = exports.setids = exports.getids = exports.addids = exports.allocids = exports.deleteFolder = exports.deleteEntry = exports.put = exports.post = exports.count = exports.getFeed = exports.getEntry = exports.log = exports.rxid = exports.service = exports.isLoggedin = exports.whoami = exports.account = exports.uid = exports.now = exports.logout = exports.loginWithTotp = exports.loginWithRxid = exports.login = exports.sendMessage = exports.checkXRequestedWith = exports.hello = void 0;
+exports.FetchError = exports.VtecxNextError = exports.changeTdid = exports.deleteTotp = exports.createTotp = exports.getTotpLink = exports.buffer = exports.oauthCallbackLine = exports.oauthLine = exports.removealias = exports.addalias = exports.removeacl = exports.addacl = exports.getcontent = exports.deletecontent = exports.putcontent = exports.savefiles = exports.deleteusers = exports.deleteuser = exports.canceluser = exports.activateusers = exports.activateuser = exports.revokeusers = exports.revokeuser = exports.userstatus = exports.changeaccount_verify = exports.changeaccount = exports.changepassByAdmin = exports.changepass = exports.passreset = exports.adduserByAdmin = exports.adduser = exports.isAdmin = exports.isGroupMember = exports.getGroups = exports.noGroupMember = exports.leaveGroup = exports.joinGroup = exports.getMessageQueue = exports.setMessageQueue = exports.setMessageQueueStatus = exports.pushNotification = exports.sendMail = exports.checkSignature = exports.deleteSignature = void 0;
 const sqlstring_1 = __importDefault(require("sqlstring"));
 const formidable_1 = __importDefault(require("formidable"));
 const fs_1 = __importDefault(require("fs"));
@@ -39,6 +39,9 @@ const hello = () => {
     console.log('Hello vtecxnext.');
 };
 exports.hello = hello;
+const SERVLETPATH_DATA = '/d';
+const SERVLETPATH_PROVIDER = '/p';
+const SERVLETPATH_OAUTH = '/o';
 /**
  * X-Requested-With header check.
  * If not specified, set status 417 to the response.
@@ -77,7 +80,7 @@ exports.sendMessage = sendMessage;
  * @param res response
  * @param wsse WSSE
  * @param reCaptchaToken reCAPTCHA token
- * @return true if log in has been successful.
+ * @return status and message
  */
 const login = async (req, res, wsse, reCaptchaToken) => {
     //console.log('[vtecxnext login] start.')
@@ -87,28 +90,19 @@ const login = async (req, res, wsse, reCaptchaToken) => {
     // reCAPTCHA tokenは任意
     const param = reCaptchaToken ? `&g-recaptcha-token=${reCaptchaToken}` : '';
     const method = 'GET';
-    const url = `/d/?_login${param}`;
+    const url = `${SERVLETPATH_DATA}/?_login${param}`;
     const headers = { 'X-WSSE': `${wsse}` };
     let response;
     try {
-        response = await fetchVtecx(method, url, headers);
+        response = await requestVtecx(method, url, req, null, headers);
     }
     catch (e) {
         throw newFetchError(e, true);
     }
-    //const feed = await response.json()
     // vte.cxからのset-cookieを転記
     setCookie(response, res);
-    // レスポンスのエラーチェック
-    let isLoggedin;
-    if (response.status < 400) {
-        isLoggedin = true;
-    }
-    else {
-        isLoggedin = false;
-    }
-    //console.log(`[vtecxnext login] end. status=${response.status} message=${feed.title}`)
-    return isLoggedin;
+    const data = await response.json();
+    return { status: response.status, message: data.feed.title };
 };
 exports.login = login;
 /**
@@ -117,7 +111,7 @@ exports.login = login;
  * @param req request
  * @param res response
  * @param rxid RXID
- * @return true if log in has been successful.
+ * @return status and message
  */
 const loginWithRxid = async (req, res, rxid) => {
     //console.log('[vtecxnext loginWithRxid] start.')
@@ -126,7 +120,7 @@ const loginWithRxid = async (req, res, rxid) => {
     // ログイン
     // reCAPTCHA tokenは任意
     const method = 'GET';
-    const url = `/d/?_login&_RXID=${rxid}`;
+    const url = `${SERVLETPATH_DATA}/?_login&_RXID=${rxid}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -134,27 +128,52 @@ const loginWithRxid = async (req, res, rxid) => {
     catch (e) {
         throw newFetchError(e, true);
     }
-    const feed = await response.json();
     // vte.cxからのset-cookieを転記
     setCookie(response, res);
-    // レスポンスのエラーチェック
-    let isLoggedin;
-    if (response.status < 400) {
-        isLoggedin = true;
+    const data = await response.json();
+    return { status: response.status, message: data.feed.title };
+};
+exports.loginWithRxid = loginWithRxid;
+/**
+ * login with Time-based One Time Password.
+ * If the login is successful, sets the authentication information in a cookie.
+ * @param req request
+ * @param res response
+ * @param totp Time-based One Time Password
+ * @param isTrustedDevice true if trusted device
+ * @return status and message
+ */
+const loginWithTotp = async (req, res, totp, isTrustedDevice) => {
+    //console.log('[vtecxnext loginWithTotp] start.')
+    // 入力チェック
+    checkNotNull(totp, 'Authentication information');
+    // ログイン
+    const method = 'GET';
+    const url = `${SERVLETPATH_DATA}/?_login`;
+    const headers = { 'Authorization': `TOTP ${totp}` };
+    if (isTrustedDevice) {
+        headers['X-TRUSTED-DEVICE'] = 'true';
     }
-    else {
-        isLoggedin = false;
+    //console.log(`[vtecxnext loginWithTotp] headers = ${JSON.stringify(headers)}`)
+    let response;
+    try {
+        response = await requestVtecx(method, url, req, null, headers);
     }
-    //console.log(`[vtecxnext loginWithRxid] end. status=${response.status} message=${feed.title}`)
-    return isLoggedin;
+    catch (e) {
+        throw newFetchError(e, true);
+    }
+    // vte.cxからのset-cookieを転記
+    setCookie(response, res);
+    const data = await response.json();
+    return { status: response.status, message: data.feed.title };
 };
-exports.loginWithRxid = loginWithRxid;
+exports.loginWithTotp = loginWithTotp;
 /**
  * logout.
  * If the logout is successful, delete the authentication information in a cookie.
  * @param req request
  * @param res response
- * @return true if log out has been successful.
+ * @return status and message
  */
 const logout = async (req, res) => {
     //console.log('[vtecxnext logout] start.')
@@ -177,7 +196,8 @@ const logout = async (req, res) => {
     // 戻り値
     const data = await getJson(response);
     //console.log(`[vtecxnext logout] response message : ${data.feed.title}`)
-    return true;
+    //return true
+    return { status: response.status, message: data.feed.title };
 };
 exports.logout = logout;
 /**
@@ -374,7 +394,7 @@ const log = async (req, res, message, title, subtitle) => {
     const logSubtitle = subtitle ?? 'INFO';
     const feed = [{ 'title': logTitle, 'subtitle': logSubtitle, 'summary': message }];
     const method = 'POST';
-    const url = `/p/?_log`;
+    const url = `${SERVLETPATH_PROVIDER}/?_log`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -405,7 +425,7 @@ const getEntry = async (req, res, uri, targetService) => {
     checkUri(uri);
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/p${uri}?e`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}?e`;
     let response;
     try {
         response = await requestVtecx(method, url, req, null, null, targetService);
@@ -435,7 +455,7 @@ const getFeed = async (req, res, uri, targetService) => {
     checkUri(uri);
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/p${uri}${uri.includes('?') ? '&' : '?'}f`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}${uri.includes('?') ? '&' : '?'}f`;
     let response;
     try {
         response = await requestVtecx(method, url, req, null, null, targetService);
@@ -465,7 +485,7 @@ const count = async (req, res, uri, targetService) => {
     checkUri(uri);
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/p${uri}${uri.includes('?') ? '&' : '?'}c`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}${uri.includes('?') ? '&' : '?'}c`;
     let response;
     try {
         response = await requestVtecx(method, url, req, null, null, targetService);
@@ -501,7 +521,7 @@ const post = async (req, res, feed, uri, targetService) => {
     }
     // vte.cxへリクエスト
     const method = 'POST';
-    const url = `/p${uri ? uri : '/'}?e`;
+    const url = `${SERVLETPATH_PROVIDER}${uri ? uri : '/'}?e`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed), null, targetService);
@@ -537,7 +557,7 @@ const put = async (req, res, feed, isbulk, parallel, async, targetService) => {
     if (isbulk) {
         additionalParam = (parallel ? '&_bulk' : '&_bulkserial') + (async ? '&_async' : '');
     }
-    const url = `/p/?e${additionalParam}`;
+    const url = `${SERVLETPATH_PROVIDER}/?e${additionalParam}`;
     //console.log(`[vtecxnext put] url=${url}`)
     let response;
     try {
@@ -569,7 +589,7 @@ const deleteEntry = async (req, res, uri, revision, targetService) => {
     // vte.cxへリクエスト
     const method = 'DELETE';
     const param = revision ? `&r=${revision}` : '';
-    const url = `/p${uri}?e${param}`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}?e${param}`;
     let response;
     try {
         response = await requestVtecx(method, url, req, null, null, targetService);
@@ -599,7 +619,7 @@ const deleteFolder = async (req, res, uri, async, targetService) => {
     checkUri(uri);
     // vte.cxへリクエスト
     const method = 'DELETE';
-    const url = `/p${uri}?_rf${async ? '&_async' : ''}`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}?_rf${async ? '&_async' : ''}`;
     let response;
     try {
         response = await requestVtecx(method, url, req, null, null, targetService);
@@ -630,7 +650,7 @@ const allocids = async (req, res, uri, num, targetService) => {
     checkNotNull(num, 'number to allocate');
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/p${uri}?_allocids=${num}`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}?_allocids=${num}`;
     let response;
     try {
         response = await requestVtecx(method, url, req, null, null, targetService);
@@ -663,7 +683,7 @@ const addids = async (req, res, uri, num, targetService) => {
     checkNotNull(num, 'number to add');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p${uri}?_addids=${num}`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}?_addids=${num}`;
     let response;
     try {
         response = await requestVtecx(method, url, req, null, null, targetService);
@@ -694,7 +714,7 @@ const getids = async (req, res, uri, targetService) => {
     checkUri(uri);
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/p${uri}?_getids`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}?_getids`;
     let response;
     try {
         response = await requestVtecx(method, url, req, null, null, targetService);
@@ -727,7 +747,7 @@ const setids = async (req, res, uri, num, targetService) => {
     checkNotNull(num, 'number to set');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p${uri}?_setids=${num}`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}?_setids=${num}`;
     let response;
     try {
         response = await requestVtecx(method, url, req, null, null, targetService);
@@ -760,7 +780,7 @@ const rangeids = async (req, res, uri, range) => {
     checkNotNull(range, 'range');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p${uri}?_rangeids`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}?_rangeids`;
     const feed = { feed: { 'title': range } };
     let response;
     try {
@@ -792,7 +812,7 @@ const getRangeids = async (req, res, uri) => {
     checkUri(uri);
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/p${uri}?_rangeids`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}?_rangeids`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -825,7 +845,7 @@ const setSessionFeed = async (req, res, name, feed) => {
     checkNotNull(feed, 'Feed');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p/?_sessionfeed=${name}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_sessionfeed=${name}`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -856,7 +876,7 @@ const setSessionEntry = async (req, res, name, entry) => {
     checkNotNull(entry, 'Entry');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p/?_sessionentry=${name}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_sessionentry=${name}`;
     const feed = { feed: { 'entry': entry } };
     let response;
     try {
@@ -888,7 +908,7 @@ const setSessionString = async (req, res, name, str) => {
     checkNotNull(str, 'String');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p/?_sessionstring=${name}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_sessionstring=${name}`;
     const feed = { feed: { 'title': str } };
     let response;
     try {
@@ -920,7 +940,7 @@ const setSessionLong = async (req, res, name, num) => {
     checkNotNull(num, 'Number');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p/?_sessionlong=${name}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_sessionlong=${name}`;
     const feed = { feed: { 'title': String(num) } };
     let response;
     try {
@@ -952,7 +972,7 @@ const incrementSession = async (req, res, name, num) => {
     checkNotNull(num, 'Number');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p/?_sessionincr=${name}&_num=${num}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_sessionincr=${name}&_num=${num}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -983,7 +1003,7 @@ const deleteSessionFeed = async (req, res, name) => {
     checkNotNull(name, 'Name');
     // vte.cxへリクエスト
     const method = 'DELETE';
-    const url = `/p/?_sessionfeed=${name}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_sessionfeed=${name}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1012,7 +1032,7 @@ const deleteSessionEntry = async (req, res, name) => {
     checkNotNull(name, 'Name');
     // vte.cxへリクエスト
     const method = 'DELETE';
-    const url = `/p/?_sessionentry=${name}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_sessionentry=${name}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1041,7 +1061,7 @@ const deleteSessionString = async (req, res, name) => {
     checkNotNull(name, 'Name');
     // vte.cxへリクエスト
     const method = 'DELETE';
-    const url = `/p/?_sessionstring=${name}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_sessionstring=${name}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1070,7 +1090,7 @@ const deleteSessionLong = async (req, res, name) => {
     checkNotNull(name, 'Name');
     // vte.cxへリクエスト
     const method = 'DELETE';
-    const url = `/p/?_sessionlong=${name}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_sessionlong=${name}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1099,7 +1119,7 @@ const getSessionFeed = async (req, res, name) => {
     checkNotNull(name, 'Name');
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/p/?_sessionfeed=${name}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_sessionfeed=${name}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1129,7 +1149,7 @@ const getSessionEntry = async (req, res, name) => {
     checkNotNull(name, 'Name');
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/p/?_sessionentry=${name}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_sessionentry=${name}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1159,7 +1179,7 @@ const getSessionString = async (req, res, name) => {
     checkNotNull(name, 'Name');
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/p/?_sessionstring=${name}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_sessionstring=${name}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1195,7 +1215,7 @@ const getSessionLong = async (req, res, name) => {
     checkNotNull(name, 'Name');
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/p/?_sessionlong=${name}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_sessionlong=${name}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1232,7 +1252,7 @@ const pagination = async (req, res, uri, pagerange, targetService) => {
     checkUri(uri);
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/p${uri}${uri.includes('?') ? '&' : '?'}_pagination=${pagerange}`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}${uri.includes('?') ? '&' : '?'}_pagination=${pagerange}`;
     let response;
     try {
         response = await requestVtecx(method, url, req, null, null, targetService);
@@ -1264,7 +1284,7 @@ const getPage = async (req, res, uri, num, targetService) => {
     checkNotNull(num, 'page number');
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/p${uri}${uri.includes('?') ? '&' : '?'}n=${num}`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}${uri.includes('?') ? '&' : '?'}n=${num}`;
     let response;
     try {
         response = await requestVtecx(method, url, req, null, null, targetService);
@@ -1303,7 +1323,7 @@ const postBQ = async (req, res, feed, async, tablenames) => {
     }
     // vte.cxへリクエスト
     const method = 'POST';
-    const url = `/p/?_bq${async ? '&_async' : ''}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_bq${async ? '&_async' : ''}`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(reqFeed));
@@ -1350,7 +1370,7 @@ const deleteBQ = async (req, res, keys, async, tablenames) => {
     //console.log(`[vtecxnext deleteBQ] feed=${feed}`)
     // vte.cxへリクエスト
     const method = 'DELETE';
-    const url = `/p/?_bq${async ? '&_async' : ''}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_bq${async ? '&_async' : ''}`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -1383,7 +1403,7 @@ const getBQ = async (req, res, sql, values, parent) => {
     const feed = editGetBqArgument(sql, values, parent);
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p/?_querybq`;
+    const url = `${SERVLETPATH_PROVIDER}/?_querybq`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -1420,7 +1440,7 @@ const getBQCsv = async (req, res, sql, values, filename, parent) => {
     const feed = editGetBqArgument(sql, values, parent);
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p/?_querybq&_csv${filename ? '=' + filename : ''}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_querybq&_csv${filename ? '=' + filename : ''}`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -1458,7 +1478,7 @@ const toPdf = async (req, res, htmlTemplate, filename) => {
     checkNotNull(htmlTemplate, 'PDF template');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p/?_pdf${filename ? '=' + filename : ''}`;
+    const url = `${SERVLETPATH_PROVIDER}/?_pdf${filename ? '=' + filename : ''}`;
     let response;
     try {
         response = await requestVtecx(method, url, req, htmlTemplate);
@@ -1495,7 +1515,7 @@ const putSignature = async (req, res, uri, revision) => {
     checkUri(uri);
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p${uri}?_signature${revision ? '&r=' + revision : ''}`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}?_signature${revision ? '&r=' + revision : ''}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1525,7 +1545,7 @@ const putSignatures = async (req, res, feed) => {
     checkNotNull(feed, 'Feed');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p/?_signature`;
+    const url = `${SERVLETPATH_PROVIDER}/?_signature`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -1556,7 +1576,7 @@ const deleteSignature = async (req, res, uri, revision) => {
     checkUri(uri);
     // vte.cxへリクエスト
     const method = 'DELETE';
-    const url = `/p${uri}?_signature${revision ? '&r=' + revision : ''}`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}?_signature${revision ? '&r=' + revision : ''}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1585,7 +1605,7 @@ const checkSignature = async (req, res, uri) => {
     checkUri(uri);
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/p${uri}?_signature`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}?_signature`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1646,7 +1666,7 @@ const sendMail = async (req, res, entry, to, cc, bcc, attachments) => {
     //console.log(`[vtecxnext sendMail] feed = ${JSON.stringify(feed)}`)
     // vte.cxへリクエスト
     const method = 'POST';
-    const url = `/p/?_sendmail`;
+    const url = `${SERVLETPATH_PROVIDER}/?_sendmail`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -1716,7 +1736,7 @@ const pushNotification = async (req, res, message, to, title, subtitle, imageUrl
     //console.log(`[vtecxnext pushNotification] feed = ${JSON.stringify(feed)}`)
     // vte.cxへリクエスト
     const method = 'POST';
-    const url = `/p/?_pushnotification`;
+    const url = `${SERVLETPATH_PROVIDER}/?_pushnotification`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -1745,7 +1765,7 @@ const setMessageQueueStatus = async (req, res, flag, channel) => {
     checkUri(channel);
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p${channel}?_mqstatus=${flag ? 'true' : 'false'}`;
+    const url = `${SERVLETPATH_PROVIDER}${channel}?_mqstatus=${flag ? 'true' : 'false'}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1776,7 +1796,7 @@ const setMessageQueue = async (req, res, feed, channel) => {
     checkNotNull(feed, 'Feed');
     // vte.cxへリクエスト
     const method = 'POST';
-    const url = `/p${channel}?_mq`;
+    const url = `${SERVLETPATH_PROVIDER}${channel}?_mq`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -1805,7 +1825,7 @@ const getMessageQueue = async (req, res, channel) => {
     checkUri(channel);
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/p${channel}?_mq`;
+    const url = `${SERVLETPATH_PROVIDER}${channel}?_mq`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1837,7 +1857,7 @@ const joinGroup = async (req, res, group, selfid) => {
     checkNotNull(selfid, 'selfid (hierarchical name under my group alias)');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p${group}?_joingroup&_selfid=${selfid}`;
+    const url = `${SERVLETPATH_PROVIDER}${group}?_joingroup&_selfid=${selfid}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1867,7 +1887,7 @@ const leaveGroup = async (req, res, group) => {
     checkUri(group);
     // vte.cxへリクエスト
     const method = 'DELETE';
-    const url = `/p${group}?_leavegroup`;
+    const url = `${SERVLETPATH_PROVIDER}${group}?_leavegroup`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1898,7 +1918,7 @@ const noGroupMember = async (req, res, uri) => {
     checkUri(uri);
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/d${uri}?_no_group_member`;
+    const url = `${SERVLETPATH_DATA}${uri}?_no_group_member`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1926,7 +1946,7 @@ const getGroups = async (req, res) => {
     //console.log('[vtecxnext getGroups] start.')
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/d/?_group`;
+    const url = `${SERVLETPATH_DATA}/?_group`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1956,7 +1976,7 @@ const isGroupMember = async (req, res, uri) => {
     checkUri(uri);
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/d${uri}?_is_group_member`;
+    const url = `${SERVLETPATH_DATA}${uri}?_is_group_member`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -1999,7 +2019,7 @@ const adduser = async (req, res, feed, reCaptchaToken) => {
     // vte.cxへリクエスト
     const method = 'POST';
     const param = reCaptchaToken ? `&g-recaptcha-token=${reCaptchaToken}` : '';
-    const url = `/d/?_adduser${param}`;
+    const url = `${SERVLETPATH_DATA}/?_adduser${param}`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -2029,7 +2049,7 @@ const adduserByAdmin = async (req, res, feed) => {
     checkNotNull(feed, 'Feed');
     // vte.cxへリクエスト
     const method = 'POST';
-    const url = `/d/?_adduserByAdmin`;
+    const url = `${SERVLETPATH_DATA}/?_adduserByAdmin`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -2060,7 +2080,7 @@ const passreset = async (req, res, feed, reCaptchaToken) => {
     // vte.cxへリクエスト
     const method = 'POST';
     const param = reCaptchaToken ? `&g-recaptcha-token=${reCaptchaToken}` : '';
-    const url = `/d/?_passreset${param}`;
+    const url = `${SERVLETPATH_DATA}/?_passreset${param}`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -2089,7 +2109,7 @@ const changepass = async (req, res, feed) => {
     checkNotNull(feed, 'Feed');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/d/?_changephash`;
+    const url = `${SERVLETPATH_DATA}/?_changephash`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -2118,7 +2138,7 @@ const changepassByAdmin = async (req, res, feed) => {
     checkNotNull(feed, 'Feed');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/d/?_changephashByAdmin`;
+    const url = `${SERVLETPATH_DATA}/?_changephashByAdmin`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -2147,7 +2167,7 @@ const changeaccount = async (req, res, feed) => {
     checkNotNull(feed, 'Feed');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/d/?_changeaccount`;
+    const url = `${SERVLETPATH_DATA}/?_changeaccount`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -2176,7 +2196,7 @@ const changeaccount_verify = async (req, res, verifyCode) => {
     checkNotNull(verifyCode, 'verify code');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/d/?_changeaccount_verify=${verifyCode}`;
+    const url = `${SERVLETPATH_DATA}/?_changeaccount_verify=${verifyCode}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -2204,7 +2224,7 @@ const userstatus = async (req, res, account) => {
     //console.log('[vtecxnext userstatus] start.')
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/d/?_userstatus${account ? '=' + account : ''}`;
+    const url = `${SERVLETPATH_DATA}/?_userstatus${account ? '=' + account : ''}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -2234,7 +2254,7 @@ const revokeuser = async (req, res, account) => {
     checkNotNull(account, 'account');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/d/?_revokeuser=${account}`;
+    const url = `${SERVLETPATH_DATA}/?_revokeuser=${account}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -2264,7 +2284,7 @@ const revokeusers = async (req, res, feed) => {
     checkNotNull(feed, 'Feed');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/d/?_revokeuser`;
+    const url = `${SERVLETPATH_DATA}/?_revokeuser`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -2293,7 +2313,7 @@ const activateuser = async (req, res, account) => {
     checkNotNull(account, 'account');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/d/?_activateuser=${account}`;
+    const url = `${SERVLETPATH_DATA}/?_activateuser=${account}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -2323,7 +2343,7 @@ const activateusers = async (req, res, feed) => {
     checkNotNull(feed, 'Feed');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/d/?_activateuser`;
+    const url = `${SERVLETPATH_DATA}/?_activateuser`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -2350,7 +2370,7 @@ const canceluser = async (req, res) => {
     //console.log('[vtecxnext canceluser] start.')
     // vte.cxへリクエスト
     const method = 'DELETE';
-    const url = `/d/?_canceluser`;
+    const url = `${SERVLETPATH_DATA}/?_canceluser`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -2380,7 +2400,7 @@ const deleteuser = async (req, res, account) => {
     checkNotNull(account, 'account');
     // vte.cxへリクエスト
     const method = 'DELETE';
-    const url = `/d/?_deleteuser=${account}`;
+    const url = `${SERVLETPATH_DATA}/?_deleteuser=${account}`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -2410,7 +2430,7 @@ const deleteusers = async (req, res, feed) => {
     checkNotNull(feed, 'Feed');
     // vte.cxへリクエスト
     const method = 'DELETE';
-    const url = `/d/?_deleteuser`;
+    const url = `${SERVLETPATH_DATA}/?_deleteuser`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -2469,7 +2489,7 @@ const savefiles = async (req, res, uri) => {
         // vte.cxへリクエスト
         const method = 'PUT';
         const contentUri = `${uri}${uri.endsWith('/') ? '' : '/'}${formidableFile.field}`;
-        const url = `/p${contentUri}?_content`;
+        const url = `${SERVLETPATH_PROVIDER}${contentUri}?_content`;
         const headers = { 'Content-Type': formidableFile.file.mimetype };
         //console.log(`[vtecxnext savefiles] request. url=${url}`)
         const promiseResponse = requestVtecx(method, url, req, fileBuffer, headers);
@@ -2504,7 +2524,7 @@ const savefiles = async (req, res, uri) => {
     // vte.cxへリクエスト
     const method = 'POST'
-    const url = `/p${uri}?_content`
+    const url = `${SERVLETPATH_PROVIDER}${uri}?_content`
     //console.log(`[vtecxnext savefiles] request. url=${url}`)
     const response = await requestVtecx(method, url, req, formData)
     //console.log(`[vtecxnext savefiles] response. status=${response.status}`)
@@ -2529,7 +2549,7 @@ const putcontent = async (req, res, uri) => {
     checkUri(uri);
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/p${uri}?_content`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}?_content`;
     //const headers = {'Content-Type' : req.headers['content-type'], 'Content-Length' : req.headers['content-length']}
     const headers = { 'Content-Type': req.headers['content-type'] };
     const buf = await (0, exports.buffer)(req);
@@ -2561,7 +2581,7 @@ const deletecontent = async (req, res, uri) => {
     checkUri(uri);
     // vte.cxへリクエスト
     const method = 'DELETE';
-    const url = `/p${uri}?_content`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}?_content`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -2591,7 +2611,7 @@ const getcontent = async (req, res, uri) => {
     checkUri(uri);
     // vte.cxへリクエスト
     const method = 'GET';
-    const url = `/p${uri}?_content`;
+    const url = `${SERVLETPATH_PROVIDER}${uri}?_content`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -2633,7 +2653,7 @@ const addacl = async (req, res, feed) => {
     checkNotNull(feed, 'Feed');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/d/?_addacl`;
+    const url = `${SERVLETPATH_DATA}/?_addacl`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -2663,7 +2683,7 @@ const removeacl = async (req, res, feed) => {
     checkNotNull(feed, 'Feed');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/d/?_removeacl`;
+    const url = `${SERVLETPATH_DATA}/?_removeacl`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -2693,7 +2713,7 @@ const addalias = async (req, res, feed) => {
     checkNotNull(feed, 'Feed');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/d/?_addalias`;
+    const url = `${SERVLETPATH_DATA}/?_addalias`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -2723,7 +2743,7 @@ const removealias = async (req, res, feed) => {
     checkNotNull(feed, 'Feed');
     // vte.cxへリクエスト
     const method = 'PUT';
-    const url = `/d/?_removealias`;
+    const url = `${SERVLETPATH_DATA}/?_removealias`;
     let response;
     try {
         response = await requestVtecx(method, url, req, JSON.stringify(feed));
@@ -2781,6 +2801,120 @@ const buffer = async (readable) => {
     return Buffer.concat(chunks);
 };
 exports.buffer = buffer;
+/**
+ * get TOTP link
+ * @param req request (for authentication)
+ * @param res response (for authentication)
+ * @param chs length of one side of QR code
+ * @return QR code URL in feed.title
+ */
+const getTotpLink = async (req, res, chs) => {
+    //console.log('[vtecxnext getTotpLink] start.')
+    // vte.cxへリクエスト
+    const method = 'POST';
+    const url = `${SERVLETPATH_DATA}/?_createtotp${chs ? '&_chs=' + String(chs) : ''}`;
+    let response;
+    try {
+        response = await requestVtecx(method, url, req);
+    }
+    catch (e) {
+        throw newFetchError(e, true);
+    }
+    //console.log(`[vtecxnext getTotpLink] response=${response}`)
+    // vte.cxからのset-cookieを転記
+    setCookie(response, res);
+    // レスポンスのエラーチェック
+    await checkVtecxResponse(response);
+    // 戻り値
+    return await getJson(response);
+};
+exports.getTotpLink = getTotpLink;
+/**
+ * create TOTP
+ * @param req request (for authentication)
+ * @param res response (for authentication)
+ * @param feed one-time password for feed.title when you do book registration
+ * @return message
+ */
+const createTotp = async (req, res, feed) => {
+    //console.log('[vtecxnext createTotp] start.')
+    // 入力チェック
+    checkNotNull(feed, 'Feed');
+    // vte.cxへリクエスト
+    const method = 'POST';
+    const url = `${SERVLETPATH_DATA}/?_createtotp`;
+    let response;
+    try {
+        response = await requestVtecx(method, url, req, JSON.stringify(feed));
+    }
+    catch (e) {
+        throw newFetchError(e, true);
+    }
+    //console.log(`[vtecxnext createTotp] response=${response}`)
+    // vte.cxからのset-cookieを転記
+    setCookie(response, res);
+    // レスポンスのエラーチェック
+    await checkVtecxResponse(response);
+    // 戻り値
+    return await getJson(response);
+};
+exports.createTotp = createTotp;
+/**
+ * delete TOTP
+ * @param req request (for authentication)
+ * @param res response (for authentication)
+ * @param account target account (for service admin user)
+ * @return message
+ */
+const deleteTotp = async (req, res, account) => {
+    //console.log('[vtecxnext deleteTotp] start.')
+    // vte.cxへリクエスト
+    const method = 'DELETE';
+    const url = `${SERVLETPATH_DATA}/?_deletetotp${account ? '=' + account : ''}`;
+    let response;
+    try {
+        response = await requestVtecx(method, url, req);
+    }
+    catch (e) {
+        throw newFetchError(e, true);
+    }
+    //console.log(`[vtecxnext deleteTotp] response=${response}`)
+    // vte.cxからのset-cookieを転記
+    setCookie(response, res);
+    // レスポンスのエラーチェック
+    await checkVtecxResponse(response);
+    // 戻り値
+    return await getJson(response);
+};
+exports.deleteTotp = deleteTotp;
+/**
+ * change TDID (Trusted device ID)
+ * @param req request (for authentication)
+ * @param res response (for authentication)
+ * @param account target account (for service admin user)
+ * @return message
+ */
+const changeTdid = async (req, res) => {
+    //console.log('[vtecxnext changeTdid] start.')
+    // vte.cxへリクエスト
+    const method = 'PUT';
+    const url = `${SERVLETPATH_DATA}/?_changetdid`;
+    let response;
+    try {
+        response = await requestVtecx(method, url, req);
+    }
+    catch (e) {
+        throw newFetchError(e, true);
+    }
+    //console.log(`[vtecxnext changeTdid] response=${response}`)
+    // vte.cxからのset-cookieを転記
+    setCookie(response, res);
+    // レスポンスのエラーチェック
+    await checkVtecxResponse(response);
+    // 戻り値
+    return await getJson(response);
+};
+exports.changeTdid = changeTdid;
 //---------------------------------------------
 /**
  * Error returned from vte.cx
@@ -2853,9 +2987,23 @@ const fetchVtecx = async (method, url, headers, body, mode) => {
     //console.log(`[vtecxnext fetchVtecx] url=${process.env.VTECX_URL}${url}`)
     headers['X-Requested-With'] = 'XMLHttpRequest';
     const apiKey = process.env.VTECX_APIKEY;
-    if (apiKey) {
-        headers['Authorization'] = `APIKey ${apiKey}`;
+    if (apiKey && !url.startsWith(SERVLETPATH_DATA)) {
+        //headers['Authorization'] = `APIKey ${apiKey}`
+        const apiKeyVal = `APIKey ${apiKey}`;
+        if (headers.Authorization) {
+            if (Array.isArray(headers.Authorization)) {
+                headers.Authorization.push(apiKeyVal);
+            }
+            else {
+                const tmp = headers.Authorization;
+                headers.Authorization = [tmp, apiKeyVal];
+            }
+        }
+        else {
+            headers.Authorization = apiKeyVal;
+        }
     }
+    //console.log(`[vtecxnext fetchVtecx] headers = ${JSON.stringify(headers)}`)
     const requestInit = {
         body: body,
         method: method,
@@ -2877,7 +3025,7 @@ const newFetchError = (e, isVtecx) => {
     else {
         errMsg = `Unexpected error.`;
     }
-    console.log(`[vtecxnext fetchProc] errMsg = ${errMsg}`);
+    //console.log(`[vtecxnext fetchProc] errMsg = ${errMsg}`)
     return new FetchError(errMsg);
 };
 /**
@@ -2896,14 +3044,50 @@ const fetchProc = (url, requestInit) => {
  * @param res ブラウザへのレスポンス
  */
 const setCookie = (response, res) => {
+    // 各レスポンスヘッダーについて、ヘッダー名をキーとする配列をログ出力します。
     let setCookieVal = response.headers.get('set-cookie');
     if (setCookieVal === '' || setCookieVal) {
-        if (setCookieVal !== '' && setCookieVal.indexOf('SameSite') < 0) {
-            setCookieVal += '; SameSite=Lax';
-        }
         //console.log(`[vtecxnext setCookie] value : ${setCookieVal}`)
-        res.setHeader('set-cookie', setCookieVal);
+        //res.setHeader('set-cookie', setCookieVal)
+        const setCookieVals = splitCookieValue(setCookieVal);
+        res.setHeader('set-cookie', setCookieVals);
+        /*
+        for (const val of setCookieVals) {
+          res.setHeader('set-cookie', val)
+        }
+        */
+    }
+};
+/**
+ * 複数のset-cookieの値を分割。
+ * fetchで受け取った際カンマ区切りで繋げられており、
+ * これをそのままset-cookieにセットするとブラウザでは2項目目以降が適用されないため。
+ * @param val set-cookieの値
+ * @returns 分割したset-cookieの値
+ */
+const splitCookieValue = (val) => {
+    //console.log(`[vtecxnext splitCookieValue] start. val = ${val}`)
+    const ret = [];
+    if (val) {
+        const parts = val.split(', ');
+        let tmp = '';
+        for (const part of parts) {
+            tmp += part;
+            // ; Expires=Thu, 09-Mar-2023 06:55:48 GMT 等のカンマは区切りとしない。
+            if (part.match('^.*; Expires=...$')) {
+                // 続きあり
+            }
+            else {
+                ret.push(tmp);
+                tmp = '';
+            }
+        }
+        if (tmp) {
+            ret.push(tmp);
+        }
     }
+    //console.log(`[vtecxnext splitCookieValue] return : ${JSON.stringify(ret)}`)
+    return ret;
 };
 /**
  * vte.cxからのallow-originを、ブラウザへレスポンスする。
@@ -2946,7 +3130,7 @@ const setResponseHeaders = (response, res) => {
  * @returns 戻り値はなし。エラーの場合VtecxNextErrorをスロー。
  */
 const checkVtecxResponse = async (response) => {
-    if (response.status < 400) {
+    if (response.status < 400 && response.status !== 203) {
         return;
     }
     else {
@@ -3002,6 +3186,7 @@ const getJson = async (response) => {
     catch (e) {
         let errMsg;
         if (e instanceof Error) {
+            //console.log(`[vtecxnext getJson] Error occured. ${e.name}: ${e.message}`)
             errMsg = `JsonError: ${e.message}`;
         }
         else {
@@ -3094,7 +3279,7 @@ const oauth = async (req, res, provider, oauthUrl) => {
     checkNotNull(provider, 'OAuth provider');
     // vte.cxへリクエスト (state取得)
     const method = 'POST';
-    const url = `/o/${provider}/create_state`;
+    const url = `${SERVLETPATH_OAUTH}/${provider}/create_state`;
     let response;
     try {
         response = await requestVtecx(method, url, req);
@@ -3150,7 +3335,7 @@ const oauthGetAccesstoken = async (req, res, provider, accesstokenUrl) => {
     }
     // vte.cxへリクエスト (stateチェック)
     const vtecxMethod = 'POST';
-    const vtecxUrl = `/o/${provider}/check_state?state=${state}`;
+    const vtecxUrl = `${SERVLETPATH_OAUTH}/${provider}/check_state?state=${state}`;
     //console.log(`[vtecxnext oauthGetAccesstoken] vtecxUrl=${vtecxUrl}`)
     let vtecxResponse;
     try {
@@ -3277,7 +3462,7 @@ const oauthLink = async (req, res, provider, userInfo) => {
     //const param = reCaptchaToken ? `&g-recaptcha-token=${reCaptchaToken}` : ''
     const param = '';
     const method = 'POST';
-    const url = `/o/${provider}/link?state=${userInfo.state}${param}`;
+    const url = `${SERVLETPATH_OAUTH}/${provider}/link?state=${userInfo.state}${param}`;
     const reqFeed = [{ 'title': userInfo.guid, 'subtitle': userInfo.nickname }];
     let response;
     try {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@vtecx/vtecxnext",
-  "version": "1.0.9",
+  "version": "1.1.1",
   "description": "vte.cx Next.js api",
   "main": "dist/index.js",
   "files": [