@wix/astro 1.0.16 → 1.0.18

package/build-runtime/context/non-elevated.js

@@ -1,20 +1,32 @@
+import {
+  authAsyncLocalStorage
+} from "../chunk-C3QOE2TZ.js";
+
 // src/context/non-elevated.ts
 import { createClient, OAuthStrategy } from "@wix/sdk";
 import { WIX_CLIENT_ID } from "astro:env/client";
-
-// src/utils/authAsyncLocalStorage.ts
-import { AsyncLocalStorage } from "node:async_hooks";
-var authAsyncLocalStorage = new AsyncLocalStorage();
-
-// src/context/non-elevated.ts
-var contextClient = createClient({
-  get auth() {
-    const store = authAsyncLocalStorage.getStore();
-    const auth = OAuthStrategy({
-      clientId: WIX_CLIENT_ID,
-      tokens: store?.sessionTokens?.tokens
-    });
-    return auth;
+var authProxy = new Proxy(
+  {},
+  {
+    get(target, prop) {
+      const auth = OAuthStrategy({
+        clientId: WIX_CLIENT_ID
+      });
+      const value = auth[prop];
+      if (typeof value !== "function") {
+        return value;
+      }
+      return function(...args) {
+        const store = authAsyncLocalStorage.getStore();
+        if (store?.sessionTokens) {
+          auth.setTokens(store.sessionTokens.tokens);
+        }
+        return value.apply(auth, args);
+      };
+    }
   }
+);
+var contextClient = createClient({
+  auth: authProxy
 });
 contextClient.enableContext("global");

package/build-runtime/middleware/auth.js

@@ -1,6 +1,9 @@
-// src/utils/authAsyncLocalStorage.ts
-import { AsyncLocalStorage } from "node:async_hooks";
-var authAsyncLocalStorage = new AsyncLocalStorage();
+import {
+  authAsyncLocalStorage
+} from "../chunk-C3QOE2TZ.js";
+import {
+  saveSessionTokensToCookie
+} from "../chunk-HVACFX6T.js";
 
 // src/utils/generateVisitorTokens.ts
 import { OAuthStrategy } from "@wix/sdk";
@@ -42,21 +45,6 @@ function getSessionTokensFromCookie(context) {
   return null;
 }
 
-// src/utils/saveSessionTokensToCookie.ts
-import { WIX_CLIENT_ID as WIX_CLIENT_ID3 } from "astro:env/client";
-function sessionCookieJson(tokens) {
-  return {
-    clientId: WIX_CLIENT_ID3,
-    tokens
-  };
-}
-function saveSessionTokensToCookie(context, tokens) {
-  context.cookies.set("wixSession", sessionCookieJson(tokens), {
-    path: "/",
-    secure: true
-  });
-}
-
 // src/middleware/auth.ts
 var onRequest = async (context, next) => {
   const store = {

package/build-runtime/routes/auth/callback.d.ts

@@ -0,0 +1,5 @@
+import { APIContext } from 'astro';
+
+declare function GET(context: APIContext): Promise<Response>;
+
+export { GET };

package/build-runtime/routes/auth/callback.js

@@ -0,0 +1,48 @@
+import {
+  saveSessionTokensToCookie
+} from "../../chunk-HVACFX6T.js";
+import {
+  z
+} from "../../chunk-YMZMZCBN.js";
+import {
+  auth,
+  oAuthStateCookieName
+} from "../../chunk-UZPSWWI5.js";
+
+// src/routes/auth/callback.ts
+var oauthCookieSchema = z.object({
+  codeChallenge: z.string(),
+  codeVerifier: z.string(),
+  originalUri: z.string(),
+  redirectUri: z.string(),
+  state: z.string()
+});
+async function GET(context) {
+  const oauthStateCookie = context.cookies.get(oAuthStateCookieName);
+  if (oauthStateCookie == null) {
+    throw new Error(`Missing \`${oAuthStateCookieName}\` cookie`);
+  }
+  const oauthData = oauthCookieSchema.parse(JSON.parse(oauthStateCookie.value));
+  if (!oauthData.originalUri.startsWith("/")) {
+    throw new Error("Invalid `originalUri` cookie param");
+  }
+  const { code, error, errorDescription, state } = auth.parseFromUrl(
+    context.url.toString(),
+    "query"
+  );
+  if (error != null) {
+    throw new Error(`Error while authenticating: \`${errorDescription}\``);
+  }
+  const memberTokens = await auth.getMemberTokens(code, state, oauthData);
+  context.cookies.delete(oAuthStateCookieName, {
+    httpOnly: true,
+    path: "/",
+    sameSite: "lax",
+    secure: true
+  });
+  saveSessionTokensToCookie(context, memberTokens);
+  return context.redirect(oauthData.originalUri);
+}
+export {
+  GET
+};

package/build-runtime/routes/auth/login.d.ts

@@ -0,0 +1,5 @@
+import { APIContext } from 'astro';
+
+declare function GET({ url }: APIContext): Promise<Response>;
+
+export { GET };

package/build-runtime/routes/auth/login.js

@@ -0,0 +1,38 @@
+import {
+  z
+} from "../../chunk-YMZMZCBN.js";
+import {
+  auth,
+  oAuthStateCookieName
+} from "../../chunk-UZPSWWI5.js";
+
+// src/routes/auth/login.ts
+var loginSearchParams = z.object({
+  prompt: z.enum(["login", "none"]).optional(),
+  returnToUrl: z.string().optional()
+});
+async function GET({ url }) {
+  const { prompt, returnToUrl } = loginSearchParams.parse(
+    Object.fromEntries(url.searchParams.entries())
+  );
+  const oauthData = auth.generateOAuthData(
+    new URL("/api/auth/callback", url).toString(),
+    returnToUrl
+  );
+  const { authUrl } = await auth.getAuthUrl(oauthData, {
+    prompt,
+    responseMode: "query"
+  });
+  return new Response(null, {
+    headers: {
+      Location: authUrl,
+      "Set-Cookie": `${oAuthStateCookieName}=${JSON.stringify(
+        oauthData
+      )}; Max-Age=1800; Path=/; HttpOnly; Secure; SameSite=Lax`
+    },
+    status: 302
+  });
+}
+export {
+  GET
+};

package/build-runtime/routes/auth/logout-callback.d.ts

@@ -0,0 +1,5 @@
+import { APIRoute } from 'astro';
+
+declare const GET: APIRoute;
+
+export { GET };

package/build-runtime/routes/auth/logout-callback.js

@@ -0,0 +1,20 @@
+import {
+  saveSessionTokensToCookie
+} from "../../chunk-HVACFX6T.js";
+import {
+  auth,
+  returnToQueryParamName
+} from "../../chunk-UZPSWWI5.js";
+
+// src/routes/auth/logout-callback.ts
+var GET = async (context) => {
+  const returnTo = context.url.searchParams.get(returnToQueryParamName) ?? "/";
+  if (!returnTo.startsWith("/")) {
+    throw new Error(`Invalid \`${returnToQueryParamName}\` query param`);
+  }
+  saveSessionTokensToCookie(context, await auth.generateVisitorTokens());
+  return context.redirect(returnTo);
+};
+export {
+  GET
+};

package/build-runtime/routes/auth/logout.d.ts

@@ -0,0 +1,5 @@
+import { APIContext } from 'astro';
+
+declare function POST({ redirect, request }: APIContext): Promise<Response>;
+
+export { POST };

package/build-runtime/routes/auth/logout.js

@@ -0,0 +1,17 @@
+import {
+  auth,
+  returnToQueryParamName
+} from "../../chunk-UZPSWWI5.js";
+
+// src/routes/auth/logout.ts
+async function POST({ redirect, request }) {
+  const returnTo = request.headers.get("Referer") ?? "/";
+  const baseUrl = `${new URL(request.url).origin}/${import.meta.env.BASE_URL}`;
+  const postFlowUrl = new URL("/api/auth/logout-callback", baseUrl);
+  postFlowUrl.searchParams.set(returnToQueryParamName, returnTo);
+  const { logoutUrl } = await auth.logout(postFlowUrl.toString());
+  return redirect(logoutUrl);
+}
+export {
+  POST
+};

package/package.json

@@ -1,9 +1,11 @@
 {
   "name": "@wix/astro",
-  "version": "1.0.16",
+  "version": "1.0.18",
   "devDependencies": {
     "@wix/dashboard": "^1.3.35",
-    "@wix/sdk": "^1.15.17",
+    "@wix/essentials": "^0.1.23",
+    "@wix/sdk": "^1.15.23",
+    "@wix/sdk-context": "^0.0.1",
     "astro": "^5.7.4",
     "chalk": "^5.4.1",
     "chokidar": "^3.6.0",
@@ -17,12 +19,12 @@
   },
   "exports": {
     ".": "./build/index.js",
-    "./context/before-hydration": "./build-browser-runtime/before-hydration.js",
-    "./context/page": "./build-browser-runtime/page.js"
+    "./context/setup": "./build-browser-runtime/setup.js"
   },
   "peerDependencies": {
     "@wix/dashboard": "^1.3.35",
-    "@wix/sdk": "^1.15.17",
+    "@wix/essentials": "^0.1.23",
+    "@wix/sdk": "^1.15.23",
     "astro": "^5.0.0"
   },
   "publishConfig": {
@@ -46,5 +48,5 @@
       ]
     }
   },
-  "falconPackageHash": "6148e131e45c16f42c1c8b3fa4778e5d51ffc096a593673996084c97"
+  "falconPackageHash": "f4b9fa1e979f7c356f0c70b13e628a4056b3205c3cbcbde60c7005de"
 }

package/src/constants.ts

@@ -0,0 +1,2 @@
+export const oAuthStateCookieName = 'oAuthState';
+export const returnToQueryParamName = 'returnTo';

package/src/context/non-elevated.ts

@@ -1,18 +1,40 @@
+import type { IOAuthStrategy } from '@wix/sdk';
 import { createClient, OAuthStrategy } from '@wix/sdk';
 import { WIX_CLIENT_ID } from 'astro:env/client';
 import { authAsyncLocalStorage } from '../utils/authAsyncLocalStorage.js';
 
-const contextClient = createClient({
-  get auth() {
-    const store = authAsyncLocalStorage.getStore();
+const authProxy = new Proxy(
+  {},
+  {
+    get(target, prop) {
+      const auth = OAuthStrategy({
+        clientId: WIX_CLIENT_ID,
+      });
+
+      const value = auth[prop as keyof typeof auth];
+
+      if (typeof value !== 'function') {
+        return value;
+      }
 
-    const auth = OAuthStrategy({
-      clientId: WIX_CLIENT_ID,
-      tokens: store?.sessionTokens?.tokens,
-    });
+      // it's important that the store is accessed only when the middleware has a chance
+      // to set the async local storage
+      return function (...args: unknown[]) {
+        const store = authAsyncLocalStorage.getStore();
 
-    return auth;
-  },
+        if (store?.sessionTokens) {
+          auth.setTokens(store.sessionTokens.tokens);
+        }
+
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-function-type
+        return (value as Function).apply(auth, args);
+      };
+    },
+  }
+) as IOAuthStrategy;
+
+const contextClient = createClient({
+  auth: authProxy,
 });
 
 contextClient.enableContext('global');

package/src/context/setup.ts

@@ -0,0 +1,14 @@
+import { wixContext } from '@wix/sdk-context';
+import { getSessionClient } from './utils.js';
+
+export function setup(options: { clientId: string }) {
+  // check untyped global context which may be necessary if
+  // both `page` and `before-hydration` hooks have been loaded together
+  if (wixContext.client != null) {
+    return;
+  }
+
+  if (!location.pathname.startsWith('/_wix/extensions/backoffice')) {
+    getSessionClient(options).enableContext('module');
+  }
+}

package/src/context/utils.ts

@@ -1,10 +1,6 @@
 import { createClient } from '@wix/sdk';
 import { SiteSessionAuth } from '@wix/sdk/auth/site-session';
 
-export const isBackofficeExtension = location.pathname.startsWith(
-  '/_wix/extensions/backoffice'
-);
-
 function getCookieAsJson(name: string) {
   const cookies = document.cookie.split('; ');
   const cookie = cookies.find((row) => row.startsWith(`${name}=`));

package/src/directories.ts

@@ -1,5 +1,5 @@
 import { join } from 'node:path';
 
-export const SRC_DIR = 'src';
+const SRC_DIR = 'src';
 export const GIT_IGNORED_DIR = '.wix';
 export const EXTENSIONS_DIR = join(SRC_DIR, 'extensions');

package/src/env.d.ts

@@ -1,3 +1,5 @@
+/// <reference types="astro/env" />
+
 declare module 'astro:env/client' {
   export const WIX_CLIENT_ID: string;
 }

package/src/index.ts

@@ -20,7 +20,13 @@ import { writeVirtualBackofficeExtensionFiles } from './utils/writeVirtualBackof
 import { writeVirtualServicePluginExtensionFiles } from './utils/writeVirtualServicePluginExtensionFiles.js';
 import { writeVirtualWebhookExtensionFiles } from './utils/writeVirtualWebhookExtensionFiles.js';
 
-const createIntegration = (): AstroIntegration => {
+const createIntegration = (
+  options: {
+    enableAuthRoutes?: boolean;
+  } = {
+    enableAuthRoutes: true,
+  }
+): AstroIntegration => {
   let _config: AstroConfig;
   let model: Model | null = null;
 
@@ -67,7 +73,7 @@ const createIntegration = (): AstroIntegration => {
           'before-hydration',
           outdent`
             import { WIX_CLIENT_ID } from 'astro:env/client';
-            import { setup } from '@wix/astro/context/before-hydration';
+            import { setup } from '@wix/astro/context/setup';
 
             setup({ clientId: WIX_CLIENT_ID });
           `
@@ -77,7 +83,7 @@ const createIntegration = (): AstroIntegration => {
           'page',
           outdent`
             import { WIX_CLIENT_ID } from 'astro:env/client';
-            import { setup } from '@wix/astro/context/page';
+            import { setup } from '@wix/astro/context/setup';
 
             setup({ clientId: WIX_CLIENT_ID });
           `
@@ -121,11 +127,49 @@ const createIntegration = (): AstroIntegration => {
             plugins: [
               patchGlobal(),
               patchAstroInlineScripts(),
-              setupSsrContext(rootDir),
+              setupSsrContext(),
             ],
           },
         });
 
+        if (options.enableAuthRoutes) {
+          injectRoute({
+            entrypoint: new URL(
+              '../build-runtime/routes/auth/login.js',
+              import.meta.url
+            ),
+            pattern: '/api/auth/login',
+            prerender: false,
+          });
+
+          injectRoute({
+            entrypoint: new URL(
+              '../build-runtime/routes/auth/logout.js',
+              import.meta.url
+            ),
+            pattern: '/api/auth/logout',
+            prerender: false,
+          });
+
+          injectRoute({
+            entrypoint: new URL(
+              '../build-runtime/routes/auth/callback.js',
+              import.meta.url
+            ),
+            pattern: '/api/auth/callback',
+            prerender: false,
+          });
+
+          injectRoute({
+            entrypoint: new URL(
+              '../build-runtime/routes/auth/logout-callback.js',
+              import.meta.url
+            ),
+            pattern: '/api/auth/logout-callback',
+            prerender: false,
+          });
+        }
+
         // add support for webhook extensions
         const webhookCodegenDir = join(codegenDir, 'extensions/webhooks');
         await outputDir(webhookCodegenDir);

package/src/plugins/setupSsrContext.ts

@@ -1,11 +1,8 @@
 import { extname, join } from 'node:path';
 import type { PluginOption } from 'vite';
 import { outdent } from 'outdent';
-import { SRC_DIR } from '../directories.js';
-
-export function setupSsrContext(rootDir: string): PluginOption {
-  const srcDir = join(rootDir, SRC_DIR);
 
+export function setupSsrContext(): PluginOption {
   const nonElevatedSetupUrl = new URL(
     '../build-runtime/context/non-elevated.js',
     import.meta.url
@@ -21,12 +18,17 @@ export function setupSsrContext(rootDir: string): PluginOption {
     },
     name: 'setup-ssr-context',
     transform(code, id) {
-      if (!id.startsWith(srcDir)) {
+      const extension = extname(id);
+
+      if (
+        // ignore node_modules
+        id.includes('node_modules') &&
+        // but allow injected runtime
+        !id.includes(join('node_modules', '@wix', 'astro'))
+      ) {
         return null;
       }
 
-      const extension = extname(id);
-
       if (
         extension !== '.js' &&
         extension !== '.astro' &&

package/src/routes/auth/callback.ts

@@ -0,0 +1,49 @@
+import type { APIContext } from 'astro';
+import { z } from 'zod';
+import { oAuthStateCookieName } from '../../constants.js';
+import { auth } from '../../utils/contextualAuth.js';
+import { saveSessionTokensToCookie } from '../../utils/saveSessionTokensToCookie.js';
+
+const oauthCookieSchema = z.object({
+  codeChallenge: z.string(),
+  codeVerifier: z.string(),
+  originalUri: z.string(),
+  redirectUri: z.string(),
+  state: z.string(),
+});
+
+export async function GET(context: APIContext) {
+  const oauthStateCookie = context.cookies.get(oAuthStateCookieName);
+
+  if (oauthStateCookie == null) {
+    throw new Error(`Missing \`${oAuthStateCookieName}\` cookie`);
+  }
+
+  const oauthData = oauthCookieSchema.parse(JSON.parse(oauthStateCookie.value));
+
+  if (!oauthData.originalUri.startsWith('/')) {
+    throw new Error('Invalid `originalUri` cookie param');
+  }
+
+  const { code, error, errorDescription, state } = auth.parseFromUrl(
+    context.url.toString(),
+    'query'
+  );
+
+  if (error != null) {
+    throw new Error(`Error while authenticating: \`${errorDescription}\``);
+  }
+
+  const memberTokens = await auth.getMemberTokens(code, state, oauthData);
+
+  context.cookies.delete(oAuthStateCookieName, {
+    httpOnly: true,
+    path: '/',
+    sameSite: 'lax',
+    secure: true,
+  });
+
+  saveSessionTokensToCookie(context, memberTokens);
+
+  return context.redirect(oauthData.originalUri);
+}

package/src/routes/auth/login.ts

@@ -0,0 +1,35 @@
+import type { APIContext } from 'astro';
+import { z } from 'zod';
+import { oAuthStateCookieName } from '../../constants.js';
+import { auth } from '../../utils/contextualAuth.js';
+
+const loginSearchParams = z.object({
+  prompt: z.enum(['login', 'none']).optional(),
+  returnToUrl: z.string().optional(),
+});
+
+export async function GET({ url }: APIContext) {
+  const { prompt, returnToUrl } = loginSearchParams.parse(
+    Object.fromEntries(url.searchParams.entries())
+  );
+
+  const oauthData = auth.generateOAuthData(
+    new URL('/api/auth/callback', url).toString(),
+    returnToUrl
+  );
+
+  const { authUrl } = await auth.getAuthUrl(oauthData, {
+    prompt,
+    responseMode: 'query',
+  });
+
+  return new Response(null, {
+    headers: {
+      Location: authUrl,
+      'Set-Cookie': `${oAuthStateCookieName}=${JSON.stringify(
+        oauthData
+      )}; Max-Age=1800; Path=/; HttpOnly; Secure; SameSite=Lax`,
+    },
+    status: 302,
+  });
+}

package/src/routes/auth/logout-callback.ts

@@ -0,0 +1,16 @@
+import type { APIRoute } from 'astro';
+import { returnToQueryParamName } from '../../constants.js';
+import { auth } from '../../utils/contextualAuth.js';
+import { saveSessionTokensToCookie } from '../../utils/saveSessionTokensToCookie.js';
+
+export const GET: APIRoute = async (context) => {
+  const returnTo = context.url.searchParams.get(returnToQueryParamName) ?? '/';
+
+  if (!returnTo.startsWith('/')) {
+    throw new Error(`Invalid \`${returnToQueryParamName}\` query param`);
+  }
+
+  saveSessionTokensToCookie(context, await auth.generateVisitorTokens());
+
+  return context.redirect(returnTo);
+};

package/src/routes/auth/logout.ts

@@ -0,0 +1,14 @@
+import type { APIContext } from 'astro';
+import { returnToQueryParamName } from '../../constants.js';
+import { auth } from '../../utils/contextualAuth.js';
+
+export async function POST({ redirect, request }: APIContext) {
+  const returnTo = request.headers.get('Referer') ?? '/';
+  const baseUrl = `${new URL(request.url).origin}/${import.meta.env.BASE_URL}`;
+  const postFlowUrl = new URL('/api/auth/logout-callback', baseUrl);
+  postFlowUrl.searchParams.set(returnToQueryParamName, returnTo);
+
+  const { logoutUrl } = await auth.logout(postFlowUrl.toString());
+
+  return redirect(logoutUrl);
+}

package/src/utils/contextualAuth.ts

@@ -0,0 +1,4 @@
+import type { IOAuthStrategy } from '@wix/sdk';
+import { auth as originalAuth } from '@wix/essentials';
+
+export const auth = originalAuth.getContextualAuth<IOAuthStrategy>();

package/src/utils/writeVirtualBackofficeExtensionFiles.ts

@@ -36,6 +36,22 @@ export async function writeVirtualBackofficeExtensionFiles(
   for (const component of backofficeComponents) {
     const entryFilename = resolveEntry(component);
     const originalEntrypoint = resolve(model.rootDir, entryFilename);
+
+    const virtualHocEntrypoint = join(
+      codegenDir,
+      `hoc_${component.manifest.compId}.tsx`
+    );
+
+    await writeFile(
+      virtualHocEntrypoint,
+      outdent`
+        import Component from '${toRelativePath(virtualHocEntrypoint, originalEntrypoint)}';
+        import { withContextualWixClient } from '@wix/dashboard/internal';
+
+        export const WrappedComponent = withContextualWixClient(Component);
+      `
+    );
+
     const virtualEntrypoint = join(
       codegenDir,
       `${component.manifest.compId}.astro`
@@ -45,11 +61,11 @@ export async function writeVirtualBackofficeExtensionFiles(
       virtualEntrypoint,
       outdent`
         ---
-        import Component from '${toRelativePath(virtualEntrypoint, originalEntrypoint)}';
+        import { WrappedComponent } from '${toRelativePath(virtualEntrypoint, virtualHocEntrypoint)}';
         ---
 
         <div>
-          <Component client:only="react" />
+          <WrappedComponent client:only="react" />
         </div>
       `
     );