@workos-inc/authkit-nextjs 0.5.0 → 0.5.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/auth.d.ts +4 -0
- package/dist/cjs/auth.js +21 -0
- package/dist/cjs/auth.js.map +1 -0
- package/dist/cjs/authkit-callback-route.d.ts +3 -0
- package/dist/cjs/authkit-callback-route.js +53 -0
- package/dist/cjs/authkit-callback-route.js.map +1 -0
- package/dist/cjs/button.d.ts +3 -0
- package/dist/cjs/button.js +25 -0
- package/dist/cjs/button.js.map +1 -0
- package/dist/cjs/cookie.d.ts +8 -0
- package/dist/cjs/cookie.js +16 -0
- package/dist/cjs/cookie.js.map +1 -0
- package/dist/cjs/env-variables.d.ts +5 -0
- package/dist/cjs/env-variables.js +22 -0
- package/dist/cjs/env-variables.js.map +1 -0
- package/dist/cjs/get-authorization-url.d.ts +3 -0
- package/dist/cjs/get-authorization-url.js +17 -0
- package/dist/cjs/get-authorization-url.js.map +1 -0
- package/dist/cjs/impersonation.d.ts +6 -0
- package/dist/cjs/impersonation.js +119 -0
- package/dist/cjs/impersonation.js.map +1 -0
- package/dist/cjs/index.d.ts +6 -0
- package/dist/cjs/index.js +16 -0
- package/dist/cjs/index.js.map +1 -0
- package/dist/cjs/interfaces.d.ts +45 -0
- package/dist/cjs/interfaces.js +3 -0
- package/dist/cjs/interfaces.js.map +1 -0
- package/dist/cjs/middleware.d.ts +3 -0
- package/dist/cjs/middleware.js +11 -0
- package/dist/cjs/middleware.js.map +1 -0
- package/dist/cjs/min-max-button.d.ts +7 -0
- package/dist/cjs/min-max-button.js +15 -0
- package/dist/cjs/min-max-button.js.map +1 -0
- package/dist/cjs/session.d.ts +12 -0
- package/dist/cjs/session.js +163 -0
- package/dist/cjs/session.js.map +1 -0
- package/dist/cjs/workos.d.ts +3 -0
- package/dist/cjs/workos.js +10 -0
- package/dist/cjs/workos.js.map +1 -0
- package/package.json +1 -3
- package/src/authkit-callback-route.ts +1 -9
- package/src/session.ts +3 -1
package/dist/cjs/auth.js
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.signOut = exports.getSignUpUrl = exports.getSignInUrl = void 0;
|
|
4
|
+
const get_authorization_url_js_1 = require("./get-authorization-url.js");
|
|
5
|
+
const headers_1 = require("next/headers");
|
|
6
|
+
const cookie_js_1 = require("./cookie.js");
|
|
7
|
+
const session_js_1 = require("./session.js");
|
|
8
|
+
async function getSignInUrl() {
|
|
9
|
+
return (0, get_authorization_url_js_1.getAuthorizationUrl)({ screenHint: 'sign-in' });
|
|
10
|
+
}
|
|
11
|
+
exports.getSignInUrl = getSignInUrl;
|
|
12
|
+
async function getSignUpUrl() {
|
|
13
|
+
return (0, get_authorization_url_js_1.getAuthorizationUrl)({ screenHint: 'sign-up' });
|
|
14
|
+
}
|
|
15
|
+
exports.getSignUpUrl = getSignUpUrl;
|
|
16
|
+
async function signOut() {
|
|
17
|
+
(0, headers_1.cookies)().delete(cookie_js_1.cookieName);
|
|
18
|
+
await (0, session_js_1.terminateSession)();
|
|
19
|
+
}
|
|
20
|
+
exports.signOut = signOut;
|
|
21
|
+
//# sourceMappingURL=auth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/auth.ts"],"names":[],"mappings":";;;AAAA,yEAAiE;AACjE,0CAAuC;AACvC,2CAAyC;AACzC,6CAAgD;AAEhD,KAAK,UAAU,YAAY;IACzB,OAAO,IAAA,8CAAmB,EAAC,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC,CAAC;AACxD,CAAC;AAWQ,oCAAY;AATrB,KAAK,UAAU,YAAY;IACzB,OAAO,IAAA,8CAAmB,EAAC,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC,CAAC;AACxD,CAAC;AAOsB,oCAAY;AALnC,KAAK,UAAU,OAAO;IACpB,IAAA,iBAAO,GAAE,CAAC,MAAM,CAAC,sBAAU,CAAC,CAAC;IAC7B,MAAM,IAAA,6BAAgB,GAAE,CAAC;AAC3B,CAAC;AAEoC,0BAAO"}
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.handleAuth = void 0;
|
|
4
|
+
const server_1 = require("next/server");
|
|
5
|
+
const headers_1 = require("next/headers");
|
|
6
|
+
const workos_js_1 = require("./workos.js");
|
|
7
|
+
const env_variables_js_1 = require("./env-variables.js");
|
|
8
|
+
const session_js_1 = require("./session.js");
|
|
9
|
+
const cookie_js_1 = require("./cookie.js");
|
|
10
|
+
function handleAuth(options = {}) {
|
|
11
|
+
const { returnPathname: returnPathnameOption = '/' } = options;
|
|
12
|
+
return async function GET(request) {
|
|
13
|
+
const code = request.nextUrl.searchParams.get('code');
|
|
14
|
+
const state = request.nextUrl.searchParams.get('state');
|
|
15
|
+
const returnPathname = state ? JSON.parse(atob(state)).returnPathname : null;
|
|
16
|
+
if (code) {
|
|
17
|
+
try {
|
|
18
|
+
// Use the code returned to us by AuthKit and authenticate the user with WorkOS
|
|
19
|
+
const { accessToken, refreshToken, user, impersonator } = await workos_js_1.workos.userManagement.authenticateWithCode({
|
|
20
|
+
clientId: env_variables_js_1.WORKOS_CLIENT_ID,
|
|
21
|
+
code,
|
|
22
|
+
});
|
|
23
|
+
// Redirect to the requested path and store the session
|
|
24
|
+
const response = server_1.NextResponse.redirect(returnPathname !== null && returnPathname !== void 0 ? returnPathname : returnPathnameOption);
|
|
25
|
+
if (!accessToken || !refreshToken)
|
|
26
|
+
throw new Error('response is missing tokens');
|
|
27
|
+
// The refreshToken should never be accesible publicly, hence why we encrypt it in the cookie session
|
|
28
|
+
// Alternatively you could persist the refresh token in a backend database
|
|
29
|
+
const session = await (0, session_js_1.encryptSession)({ accessToken, refreshToken, user, impersonator });
|
|
30
|
+
(0, headers_1.cookies)().set(cookie_js_1.cookieName, session, cookie_js_1.cookieOptions);
|
|
31
|
+
return response;
|
|
32
|
+
}
|
|
33
|
+
catch (error) {
|
|
34
|
+
const errorRes = {
|
|
35
|
+
error: error instanceof Error ? error.message : String(error),
|
|
36
|
+
};
|
|
37
|
+
console.error(errorRes);
|
|
38
|
+
return errorResponse();
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
return errorResponse();
|
|
42
|
+
};
|
|
43
|
+
function errorResponse() {
|
|
44
|
+
return server_1.NextResponse.json({
|
|
45
|
+
error: {
|
|
46
|
+
message: 'Something went wrong',
|
|
47
|
+
description: 'Couldn’t sign in. If you are not sure what happened, please contact your organization admin.',
|
|
48
|
+
},
|
|
49
|
+
}, { status: 500 });
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
exports.handleAuth = handleAuth;
|
|
53
|
+
//# sourceMappingURL=authkit-callback-route.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"authkit-callback-route.js","sourceRoot":"","sources":["../../src/authkit-callback-route.ts"],"names":[],"mappings":";;;AAAA,wCAAwD;AACxD,0CAAuC;AACvC,2CAAqC;AACrC,yDAAsD;AACtD,6CAA8C;AAC9C,2CAAwD;AAGxD,SAAgB,UAAU,CAAC,UAA6B,EAAE;IACxD,MAAM,EAAE,cAAc,EAAE,oBAAoB,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC;IAE/D,OAAO,KAAK,UAAU,GAAG,CAAC,OAAoB;QAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACtD,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACxD,MAAM,cAAc,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC;QAE7E,IAAI,IAAI,EAAE,CAAC;YACT,IAAI,CAAC;gBACH,+EAA+E;gBAC/E,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,MAAM,kBAAM,CAAC,cAAc,CAAC,oBAAoB,CAAC;oBACzG,QAAQ,EAAE,mCAAgB;oBAC1B,IAAI;iBACL,CAAC,CAAC;gBAEH,uDAAuD;gBACvD,MAAM,QAAQ,GAAG,qBAAY,CAAC,QAAQ,CAAC,cAAc,aAAd,cAAc,cAAd,cAAc,GAAI,oBAAoB,CAAC,CAAC;gBAE/E,IAAI,CAAC,WAAW,IAAI,CAAC,YAAY;oBAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;gBAEjF,qGAAqG;gBACrG,0EAA0E;gBAC1E,MAAM,OAAO,GAAG,MAAM,IAAA,2BAAc,EAAC,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC;gBACxF,IAAA,iBAAO,GAAE,CAAC,GAAG,CAAC,sBAAU,EAAE,OAAO,EAAE,yBAAa,CAAC,CAAC;gBAElD,OAAO,QAAQ,CAAC;YAClB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,QAAQ,GAAG;oBACf,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;iBAC9D,CAAC;gBAEF,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;gBAExB,OAAO,aAAa,EAAE,CAAC;YACzB,CAAC;QACH,CAAC;QAED,OAAO,aAAa,EAAE,CAAC;IACzB,CAAC,CAAC;IAEF,SAAS,aAAa;QACpB,OAAO,qBAAY,CAAC,IAAI,CACtB;YACE,KAAK,EAAE;gBACL,OAAO,EAAE,sBAAsB;gBAC/B,WAAW,EAAE,8FAA8F;aAC5G;SACF,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;IACJ,CAAC;AACH,CAAC;AApDD,gCAoDC"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.Button = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const React = tslib_1.__importStar(require("react"));
|
|
6
|
+
const Button = React.forwardRef((props, forwardedRef) => {
|
|
7
|
+
return (React.createElement("button", { ref: forwardedRef, type: "button", ...props, style: {
|
|
8
|
+
display: 'inline-flex',
|
|
9
|
+
alignItems: 'center',
|
|
10
|
+
justifyContent: 'center',
|
|
11
|
+
flexShrink: 0,
|
|
12
|
+
height: '1.714em',
|
|
13
|
+
padding: '0 0.6em',
|
|
14
|
+
fontFamily: 'inherit',
|
|
15
|
+
fontSize: 'inherit',
|
|
16
|
+
borderRadius: 'min(max(calc(var(--wi-s) * 0.6), 1px), 7px)',
|
|
17
|
+
border: 'none',
|
|
18
|
+
backgroundColor: 'var(--wi-c)',
|
|
19
|
+
color: 'white',
|
|
20
|
+
...props.style,
|
|
21
|
+
} }));
|
|
22
|
+
});
|
|
23
|
+
exports.Button = Button;
|
|
24
|
+
Button.displayName = 'Button';
|
|
25
|
+
//# sourceMappingURL=button.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"button.js","sourceRoot":"","sources":["../../src/button.tsx"],"names":[],"mappings":";;;;AAAA,qDAA+B;AAE/B,MAAM,MAAM,GAAG,KAAK,CAAC,UAAU,CAA8D,CAAC,KAAK,EAAE,YAAY,EAAE,EAAE;IACnH,OAAO,CACL,gCACE,GAAG,EAAE,YAAY,EACjB,IAAI,EAAC,QAAQ,KACT,KAAK,EACT,KAAK,EAAE;YACL,OAAO,EAAE,aAAa;YACtB,UAAU,EAAE,QAAQ;YACpB,cAAc,EAAE,QAAQ;YACxB,UAAU,EAAE,CAAC;YACb,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,SAAS;YAElB,UAAU,EAAE,SAAS;YACrB,QAAQ,EAAE,SAAS;YACnB,YAAY,EAAE,6CAA6C;YAC3D,MAAM,EAAE,MAAM;YACd,eAAe,EAAE,aAAa;YAC9B,KAAK,EAAE,OAAO;YAEd,GAAG,KAAK,CAAC,KAAK;SACf,GACD,CACH,CAAC;AACJ,CAAC,CAAC,CAAC;AAIM,wBAAM;AAFf,MAAM,CAAC,WAAW,GAAG,QAAQ,CAAC"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.cookieOptions = exports.cookieName = void 0;
|
|
4
|
+
const env_variables_js_1 = require("./env-variables.js");
|
|
5
|
+
const redirectUrl = new URL(env_variables_js_1.WORKOS_REDIRECT_URI);
|
|
6
|
+
const isSecureProtocol = redirectUrl.protocol === 'https:';
|
|
7
|
+
const cookieName = 'wos-session';
|
|
8
|
+
exports.cookieName = cookieName;
|
|
9
|
+
const cookieOptions = {
|
|
10
|
+
path: '/',
|
|
11
|
+
httpOnly: true,
|
|
12
|
+
secure: isSecureProtocol,
|
|
13
|
+
sameSite: 'lax',
|
|
14
|
+
};
|
|
15
|
+
exports.cookieOptions = cookieOptions;
|
|
16
|
+
//# sourceMappingURL=cookie.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"cookie.js","sourceRoot":"","sources":["../../src/cookie.ts"],"names":[],"mappings":";;;AAAA,yDAAyD;AAEzD,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,sCAAmB,CAAC,CAAC;AACjD,MAAM,gBAAgB,GAAG,WAAW,CAAC,QAAQ,KAAK,QAAQ,CAAC;AAE3D,MAAM,UAAU,GAAG,aAAa,CAAC;AAQxB,gCAAU;AAPnB,MAAM,aAAa,GAAG;IACpB,IAAI,EAAE,GAAG;IACT,QAAQ,EAAE,IAAI;IACd,MAAM,EAAE,gBAAgB;IACxB,QAAQ,EAAE,KAAc;CACzB,CAAC;AAEmB,sCAAa"}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.WORKOS_COOKIE_PASSWORD = exports.WORKOS_REDIRECT_URI = exports.WORKOS_API_KEY = exports.WORKOS_CLIENT_ID = void 0;
|
|
4
|
+
function getEnvVariable(name) {
|
|
5
|
+
const envVariable = process.env[name];
|
|
6
|
+
if (!envVariable) {
|
|
7
|
+
throw new Error(`${name} environment variable is not set`);
|
|
8
|
+
}
|
|
9
|
+
return envVariable;
|
|
10
|
+
}
|
|
11
|
+
const WORKOS_CLIENT_ID = getEnvVariable('WORKOS_CLIENT_ID');
|
|
12
|
+
exports.WORKOS_CLIENT_ID = WORKOS_CLIENT_ID;
|
|
13
|
+
const WORKOS_API_KEY = getEnvVariable('WORKOS_API_KEY');
|
|
14
|
+
exports.WORKOS_API_KEY = WORKOS_API_KEY;
|
|
15
|
+
const WORKOS_REDIRECT_URI = getEnvVariable('WORKOS_REDIRECT_URI');
|
|
16
|
+
exports.WORKOS_REDIRECT_URI = WORKOS_REDIRECT_URI;
|
|
17
|
+
const WORKOS_COOKIE_PASSWORD = getEnvVariable('WORKOS_COOKIE_PASSWORD');
|
|
18
|
+
exports.WORKOS_COOKIE_PASSWORD = WORKOS_COOKIE_PASSWORD;
|
|
19
|
+
if (WORKOS_COOKIE_PASSWORD.length < 32) {
|
|
20
|
+
throw new Error('WORKOS_COOKIE_PASSWORD must be at least 32 characters long');
|
|
21
|
+
}
|
|
22
|
+
//# sourceMappingURL=env-variables.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"env-variables.js","sourceRoot":"","sources":["../../src/env-variables.ts"],"names":[],"mappings":";;;AAAA,SAAS,cAAc,CAAC,IAAY;IAClC,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACtC,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,kCAAkC,CAAC,CAAC;IAC7D,CAAC;IACD,OAAO,WAAW,CAAC;AACrB,CAAC;AAED,MAAM,gBAAgB,GAAG,cAAc,CAAC,kBAAkB,CAAC,CAAC;AASnD,4CAAgB;AARzB,MAAM,cAAc,GAAG,cAAc,CAAC,gBAAgB,CAAC,CAAC;AAQ7B,wCAAc;AAPzC,MAAM,mBAAmB,GAAG,cAAc,CAAC,qBAAqB,CAAC,CAAC;AAOvB,kDAAmB;AAN9D,MAAM,sBAAsB,GAAG,cAAc,CAAC,wBAAwB,CAAC,CAAC;AAMR,wDAAsB;AAJtF,IAAI,sBAAsB,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;IACvC,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;AAChF,CAAC"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.getAuthorizationUrl = void 0;
|
|
4
|
+
const workos_js_1 = require("./workos.js");
|
|
5
|
+
const env_variables_js_1 = require("./env-variables.js");
|
|
6
|
+
async function getAuthorizationUrl(options = {}) {
|
|
7
|
+
const { returnPathname, screenHint } = options;
|
|
8
|
+
return workos_js_1.workos.userManagement.getAuthorizationUrl({
|
|
9
|
+
provider: 'authkit',
|
|
10
|
+
clientId: env_variables_js_1.WORKOS_CLIENT_ID,
|
|
11
|
+
redirectUri: env_variables_js_1.WORKOS_REDIRECT_URI,
|
|
12
|
+
state: returnPathname ? btoa(JSON.stringify({ returnPathname })) : undefined,
|
|
13
|
+
screenHint,
|
|
14
|
+
});
|
|
15
|
+
}
|
|
16
|
+
exports.getAuthorizationUrl = getAuthorizationUrl;
|
|
17
|
+
//# sourceMappingURL=get-authorization-url.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"get-authorization-url.js","sourceRoot":"","sources":["../../src/get-authorization-url.ts"],"names":[],"mappings":";;;AAAA,2CAAqC;AACrC,yDAA2E;AAG3E,KAAK,UAAU,mBAAmB,CAAC,UAA6B,EAAE;IAChE,MAAM,EAAE,cAAc,EAAE,UAAU,EAAE,GAAG,OAAO,CAAC;IAE/C,OAAO,kBAAM,CAAC,cAAc,CAAC,mBAAmB,CAAC;QAC/C,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,mCAAgB;QAC1B,WAAW,EAAE,sCAAmB;QAChC,KAAK,EAAE,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;QAC5E,UAAU;KACX,CAAC,CAAC;AACL,CAAC;AAEQ,kDAAmB"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import * as React from 'react';
|
|
2
|
+
interface ImpersonationProps extends React.ComponentPropsWithoutRef<'div'> {
|
|
3
|
+
side?: 'top' | 'bottom';
|
|
4
|
+
}
|
|
5
|
+
export declare function Impersonation({ side, ...props }: ImpersonationProps): Promise<React.JSX.Element | null>;
|
|
6
|
+
export {};
|
|
@@ -0,0 +1,119 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.Impersonation = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const React = tslib_1.__importStar(require("react"));
|
|
6
|
+
const session_js_1 = require("./session.js");
|
|
7
|
+
const auth_js_1 = require("./auth.js");
|
|
8
|
+
const workos_js_1 = require("./workos.js");
|
|
9
|
+
const button_js_1 = require("./button.js");
|
|
10
|
+
const min_max_button_js_1 = require("./min-max-button.js");
|
|
11
|
+
async function Impersonation({ side = 'bottom', ...props }) {
|
|
12
|
+
const { impersonator, user, organizationId } = await (0, session_js_1.getUser)();
|
|
13
|
+
if (!impersonator)
|
|
14
|
+
return null;
|
|
15
|
+
const organization = organizationId ? await workos_js_1.workos.organizations.getOrganization(organizationId) : null;
|
|
16
|
+
return (React.createElement("div", { ...props, "data-workos-impersonation-root": "", style: {
|
|
17
|
+
'position': 'fixed',
|
|
18
|
+
'inset': 0,
|
|
19
|
+
'pointerEvents': 'none',
|
|
20
|
+
'zIndex': 9999,
|
|
21
|
+
// short properties with defaults for authoring convenience
|
|
22
|
+
'--wi-minimized': '0',
|
|
23
|
+
'--wi-s': 'min(max(var(--workos-impersonation-size, 4px), 2px), 15px)',
|
|
24
|
+
'--wi-bgc': 'var(--workos-impersonation-background-color, #fce654)',
|
|
25
|
+
'--wi-c': 'var(--workos-impersonation-color, #1a1600)',
|
|
26
|
+
'--wi-bc': 'var(--workos-impersonation-border-color, #e0c36c)',
|
|
27
|
+
'--wi-bw': 'var(--workos-impersonation-border-width, 1px)',
|
|
28
|
+
...props.style,
|
|
29
|
+
} },
|
|
30
|
+
React.createElement("div", { style: {
|
|
31
|
+
'--wi-frame-size': 'calc(var(--wi-s) * (1 - var(--wi-minimized)) + var(--wi-minimized) * var(--wi-bw) * -1)',
|
|
32
|
+
'position': 'absolute',
|
|
33
|
+
'inset': 'calc(var(--wi-frame-size) * -1)',
|
|
34
|
+
'borderRadius': 'calc(var(--wi-frame-size) * 3)',
|
|
35
|
+
'boxShadow': `
|
|
36
|
+
inset 0 0 0 calc(var(--wi-frame-size) * 2) var(--wi-bgc),
|
|
37
|
+
inset 0 0 0 calc(var(--wi-frame-size) * 2 + var(--wi-bw)) var(--wi-bc)
|
|
38
|
+
`,
|
|
39
|
+
'transition': 'all 500ms cubic-bezier(0.16, 1, 0.3, 1)',
|
|
40
|
+
} }),
|
|
41
|
+
React.createElement("div", { style: {
|
|
42
|
+
display: 'flex',
|
|
43
|
+
justifyContent: 'center',
|
|
44
|
+
position: 'fixed',
|
|
45
|
+
left: 0,
|
|
46
|
+
right: 0,
|
|
47
|
+
...(side === 'top' && { top: 'var(--wi-s)' }),
|
|
48
|
+
...(side === 'bottom' && { bottom: 'var(--wi-s)' }),
|
|
49
|
+
fontFamily: "system-ui, -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell, 'Open Sans', 'Helvetica Neue', sans-serif",
|
|
50
|
+
fontSize: 'calc(12px + var(--wi-s) * 0.5)',
|
|
51
|
+
lineHeight: '1.4',
|
|
52
|
+
} },
|
|
53
|
+
React.createElement("form", { action: async () => {
|
|
54
|
+
'use server';
|
|
55
|
+
await (0, auth_js_1.signOut)();
|
|
56
|
+
}, style: {
|
|
57
|
+
display: 'flex',
|
|
58
|
+
alignItems: 'baseline',
|
|
59
|
+
paddingLeft: 'var(--wi-s)',
|
|
60
|
+
paddingRight: 'var(--wi-s)',
|
|
61
|
+
position: 'relative',
|
|
62
|
+
marginLeft: 'calc(var(--wi-s) * 2)',
|
|
63
|
+
marginRight: 'calc(var(--wi-s) * 2)',
|
|
64
|
+
pointerEvents: 'auto',
|
|
65
|
+
backgroundColor: 'var(--wi-bgc)',
|
|
66
|
+
borderStyle: 'solid',
|
|
67
|
+
borderColor: 'var(--wi-bc)',
|
|
68
|
+
borderLeftWidth: 'var(--wi-bw)',
|
|
69
|
+
borderRightWidth: 'var(--wi-bw)',
|
|
70
|
+
transition: 'all 500ms cubic-bezier(0.16, 1, 0.3, 1)',
|
|
71
|
+
transform: `translateX(calc(var(--wi-minimized) * (var(--wi-s) * 10 - 5%)))`,
|
|
72
|
+
opacity: 'calc(1 - var(--wi-minimized))',
|
|
73
|
+
zIndex: 'calc(1 - var(--wi-minimized))',
|
|
74
|
+
...(side === 'top' && {
|
|
75
|
+
paddingTop: 0,
|
|
76
|
+
paddingBottom: 'var(--wi-s)',
|
|
77
|
+
borderTopWidth: 0,
|
|
78
|
+
borderBottomWidth: 'var(--wi-bw)',
|
|
79
|
+
borderBottomLeftRadius: 'var(--wi-s)',
|
|
80
|
+
borderBottomRightRadius: 'var(--wi-s)',
|
|
81
|
+
}),
|
|
82
|
+
...(side === 'bottom' && {
|
|
83
|
+
paddingTop: 'var(--wi-s)',
|
|
84
|
+
paddingBottom: 0,
|
|
85
|
+
borderTopWidth: 'var(--wi-bw)',
|
|
86
|
+
borderBottomWidth: 0,
|
|
87
|
+
borderTopLeftRadius: 'var(--wi-s)',
|
|
88
|
+
borderTopRightRadius: 'var(--wi-s)',
|
|
89
|
+
}),
|
|
90
|
+
} },
|
|
91
|
+
React.createElement("p", { style: { all: 'unset', color: 'var(--wi-c)', textWrap: 'balance', marginLeft: 'var(--wi-s)' } },
|
|
92
|
+
"You are impersonating ",
|
|
93
|
+
React.createElement("b", null, user.email),
|
|
94
|
+
' ',
|
|
95
|
+
organization !== null && (React.createElement(React.Fragment, null,
|
|
96
|
+
"within the ",
|
|
97
|
+
React.createElement("b", null, organization.name),
|
|
98
|
+
" organization"))),
|
|
99
|
+
React.createElement(button_js_1.Button, { type: "submit", style: { marginLeft: 'calc(var(--wi-s) * 2)', marginRight: 'var(--wi-s)' } }, "Stop"),
|
|
100
|
+
React.createElement(min_max_button_js_1.MinMaxButton, { minimizedValue: "1" }, side === 'top' ? '↗' : '↘')),
|
|
101
|
+
React.createElement("div", { style: {
|
|
102
|
+
padding: 'var(--wi-s)',
|
|
103
|
+
position: 'fixed',
|
|
104
|
+
right: 'var(--wi-s)',
|
|
105
|
+
pointerEvents: 'auto',
|
|
106
|
+
backgroundColor: 'var(--wi-bgc)',
|
|
107
|
+
border: 'var(--wi-bw) solid var(--wi-bc)',
|
|
108
|
+
borderRadius: 'var(--wi-s)',
|
|
109
|
+
transition: 'all 500ms cubic-bezier(0.16, 1, 0.3, 1)',
|
|
110
|
+
transform: 'translateX(calc((1 - var(--wi-minimized)) * var(--wi-s) * -5))',
|
|
111
|
+
opacity: 'var(--wi-minimized)',
|
|
112
|
+
zIndex: 'var(--wi-minimized)',
|
|
113
|
+
...(side === 'top' && { top: 'var(--wi-s)' }),
|
|
114
|
+
...(side === 'bottom' && { bottom: 'var(--wi-s)' }),
|
|
115
|
+
} },
|
|
116
|
+
React.createElement(min_max_button_js_1.MinMaxButton, { minimizedValue: "0" }, side === 'top' ? '↙' : '↖')))));
|
|
117
|
+
}
|
|
118
|
+
exports.Impersonation = Impersonation;
|
|
119
|
+
//# sourceMappingURL=impersonation.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"impersonation.js","sourceRoot":"","sources":["../../src/impersonation.tsx"],"names":[],"mappings":";;;;AAAA,qDAA+B;AAC/B,6CAAuC;AACvC,uCAAoC;AACpC,2CAAqC;AACrC,2CAAqC;AACrC,2DAAmD;AAM5C,KAAK,UAAU,aAAa,CAAC,EAAE,IAAI,GAAG,QAAQ,EAAE,GAAG,KAAK,EAAsB;IACnF,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,GAAG,MAAM,IAAA,oBAAO,GAAE,CAAC;IAE/D,IAAI,CAAC,YAAY;QAAE,OAAO,IAAI,CAAC;IAE/B,MAAM,YAAY,GAAG,cAAc,CAAC,CAAC,CAAC,MAAM,kBAAM,CAAC,aAAa,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAExG,OAAO,CACL,gCACM,KAAK,oCACsB,EAAE,EACjC,KAAK,EAAE;YACL,UAAU,EAAE,OAAO;YACnB,OAAO,EAAE,CAAC;YACV,eAAe,EAAE,MAAM;YACvB,QAAQ,EAAE,IAAI;YAEd,2DAA2D;YAC3D,gBAAgB,EAAE,GAAG;YACrB,QAAQ,EAAE,4DAA4D;YACtE,UAAU,EAAE,uDAAuD;YACnE,QAAQ,EAAE,4CAA4C;YACtD,SAAS,EAAE,mDAAmD;YAC9D,SAAS,EAAE,+CAA+C;YAE1D,GAAG,KAAK,CAAC,KAAK;SACf;QAED,6BACE,KAAK,EAAE;gBACL,iBAAiB,EAAE,yFAAyF;gBAC5G,UAAU,EAAE,UAAU;gBACtB,OAAO,EAAE,iCAAiC;gBAC1C,cAAc,EAAE,gCAAgC;gBAChD,WAAW,EAAE;;;MAGjB;gBACI,YAAY,EAAE,yCAAyC;aACxD,GACD;QAEF,6BACE,KAAK,EAAE;gBACL,OAAO,EAAE,MAAM;gBACf,cAAc,EAAE,QAAQ;gBAExB,QAAQ,EAAE,OAAO;gBACjB,IAAI,EAAE,CAAC;gBACP,KAAK,EAAE,CAAC;gBACR,GAAG,CAAC,IAAI,KAAK,KAAK,IAAI,EAAE,GAAG,EAAE,aAAa,EAAE,CAAC;gBAC7C,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;gBAEnD,UAAU,EACR,wIAAwI;gBAC1I,QAAQ,EAAE,gCAAgC;gBAC1C,UAAU,EAAE,KAAK;aAClB;YAED,8BACE,MAAM,EAAE,KAAK,IAAI,EAAE;oBACjB,YAAY,CAAC;oBACb,MAAM,IAAA,iBAAO,GAAE,CAAC;gBAClB,CAAC,EACD,KAAK,EAAE;oBACL,OAAO,EAAE,MAAM;oBACf,UAAU,EAAE,UAAU;oBACtB,WAAW,EAAE,aAAa;oBAC1B,YAAY,EAAE,aAAa;oBAE3B,QAAQ,EAAE,UAAU;oBACpB,UAAU,EAAE,uBAAuB;oBACnC,WAAW,EAAE,uBAAuB;oBAEpC,aAAa,EAAE,MAAM;oBACrB,eAAe,EAAE,eAAe;oBAChC,WAAW,EAAE,OAAO;oBACpB,WAAW,EAAE,cAAc;oBAC3B,eAAe,EAAE,cAAc;oBAC/B,gBAAgB,EAAE,cAAc;oBAEhC,UAAU,EAAE,yCAAyC;oBACrD,SAAS,EAAE,iEAAiE;oBAC5E,OAAO,EAAE,+BAA+B;oBACxC,MAAM,EAAE,+BAA+B;oBAEvC,GAAG,CAAC,IAAI,KAAK,KAAK,IAAI;wBACpB,UAAU,EAAE,CAAC;wBACb,aAAa,EAAE,aAAa;wBAC5B,cAAc,EAAE,CAAC;wBACjB,iBAAiB,EAAE,cAAc;wBACjC,sBAAsB,EAAE,aAAa;wBACrC,uBAAuB,EAAE,aAAa;qBACvC,CAAC;oBAEF,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI;wBACvB,UAAU,EAAE,aAAa;wBACzB,aAAa,EAAE,CAAC;wBAChB,cAAc,EAAE,cAAc;wBAC9B,iBAAiB,EAAE,CAAC;wBACpB,mBAAmB,EAAE,aAAa;wBAClC,oBAAoB,EAAE,aAAa;qBACpC,CAAC;iBACH;gBAED,2BAAG,KAAK,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,aAAa,EAAE;;oBACxE,+BAAI,IAAI,CAAC,KAAK,CAAK;oBAAC,GAAG;oBAC5C,YAAY,KAAK,IAAI,IAAI,CACxB;;wBACa,+BAAI,YAAY,CAAC,IAAI,CAAK;wCACpC,CACJ,CACC;gBACJ,oBAAC,kBAAM,IAAC,IAAI,EAAC,QAAQ,EAAC,KAAK,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE,WAAW,EAAE,aAAa,EAAE,WAEvF;gBACT,oBAAC,gCAAY,IAAC,cAAc,EAAC,GAAG,IAAE,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAgB,CACvE;YAEP,6BACE,KAAK,EAAE;oBACL,OAAO,EAAE,aAAa;oBAEtB,QAAQ,EAAE,OAAO;oBACjB,KAAK,EAAE,aAAa;oBAEpB,aAAa,EAAE,MAAM;oBACrB,eAAe,EAAE,eAAe;oBAChC,MAAM,EAAE,iCAAiC;oBACzC,YAAY,EAAE,aAAa;oBAE3B,UAAU,EAAE,yCAAyC;oBACrD,SAAS,EAAE,gEAAgE;oBAC3E,OAAO,EAAE,qBAAqB;oBAC9B,MAAM,EAAE,qBAAqB;oBAE7B,GAAG,CAAC,IAAI,KAAK,KAAK,IAAI,EAAE,GAAG,EAAE,aAAa,EAAE,CAAC;oBAC7C,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;iBACpD;gBAED,oBAAC,gCAAY,IAAC,cAAc,EAAC,GAAG,IAAE,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAgB,CACxE,CACF,CACF,CACP,CAAC;AACJ,CAAC;AAjJD,sCAiJC"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { handleAuth } from './authkit-callback-route.js';
|
|
2
|
+
import { authkitMiddleware } from './middleware.js';
|
|
3
|
+
import { getUser } from './session.js';
|
|
4
|
+
import { getSignInUrl, getSignUpUrl, signOut } from './auth.js';
|
|
5
|
+
import { Impersonation } from './impersonation.js';
|
|
6
|
+
export { handleAuth, authkitMiddleware, getSignInUrl, getSignUpUrl, getUser, signOut, Impersonation, };
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.Impersonation = exports.signOut = exports.getUser = exports.getSignUpUrl = exports.getSignInUrl = exports.authkitMiddleware = exports.handleAuth = void 0;
|
|
4
|
+
const authkit_callback_route_js_1 = require("./authkit-callback-route.js");
|
|
5
|
+
Object.defineProperty(exports, "handleAuth", { enumerable: true, get: function () { return authkit_callback_route_js_1.handleAuth; } });
|
|
6
|
+
const middleware_js_1 = require("./middleware.js");
|
|
7
|
+
Object.defineProperty(exports, "authkitMiddleware", { enumerable: true, get: function () { return middleware_js_1.authkitMiddleware; } });
|
|
8
|
+
const session_js_1 = require("./session.js");
|
|
9
|
+
Object.defineProperty(exports, "getUser", { enumerable: true, get: function () { return session_js_1.getUser; } });
|
|
10
|
+
const auth_js_1 = require("./auth.js");
|
|
11
|
+
Object.defineProperty(exports, "getSignInUrl", { enumerable: true, get: function () { return auth_js_1.getSignInUrl; } });
|
|
12
|
+
Object.defineProperty(exports, "getSignUpUrl", { enumerable: true, get: function () { return auth_js_1.getSignUpUrl; } });
|
|
13
|
+
Object.defineProperty(exports, "signOut", { enumerable: true, get: function () { return auth_js_1.signOut; } });
|
|
14
|
+
const impersonation_js_1 = require("./impersonation.js");
|
|
15
|
+
Object.defineProperty(exports, "Impersonation", { enumerable: true, get: function () { return impersonation_js_1.Impersonation; } });
|
|
16
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;AAAA,2EAAyD;AAOvD,2FAPO,sCAAU,OAOP;AANZ,mDAAoD;AAQlD,kGARO,iCAAiB,OAQP;AAPnB,6CAAuC;AAWrC,wFAXO,oBAAO,OAWP;AAVT,uCAAgE;AAQ9D,6FARO,sBAAY,OAQP;AACZ,6FATqB,sBAAY,OASrB;AAEZ,wFAXmC,iBAAO,OAWnC;AAVT,yDAAmD;AAYjD,8FAZO,gCAAa,OAYP"}
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
import { User } from '@workos-inc/node';
|
|
2
|
+
export interface HandleAuthOptions {
|
|
3
|
+
returnPathname?: string;
|
|
4
|
+
}
|
|
5
|
+
export interface Impersonator {
|
|
6
|
+
email: string;
|
|
7
|
+
reason: string | null;
|
|
8
|
+
}
|
|
9
|
+
export interface Session {
|
|
10
|
+
accessToken: string;
|
|
11
|
+
refreshToken: string;
|
|
12
|
+
user: User;
|
|
13
|
+
impersonator?: Impersonator;
|
|
14
|
+
}
|
|
15
|
+
export interface UserInfo {
|
|
16
|
+
user: User;
|
|
17
|
+
sessionId: string;
|
|
18
|
+
organizationId?: string;
|
|
19
|
+
role?: string;
|
|
20
|
+
impersonator?: Impersonator;
|
|
21
|
+
}
|
|
22
|
+
export interface NoUserInfo {
|
|
23
|
+
user: null;
|
|
24
|
+
sessionId?: undefined;
|
|
25
|
+
organizationId?: undefined;
|
|
26
|
+
role?: undefined;
|
|
27
|
+
impersonator?: undefined;
|
|
28
|
+
}
|
|
29
|
+
export interface AccessToken {
|
|
30
|
+
sid: string;
|
|
31
|
+
org_id?: string;
|
|
32
|
+
role?: string;
|
|
33
|
+
}
|
|
34
|
+
export interface GetAuthURLOptions {
|
|
35
|
+
screenHint?: 'sign-up' | 'sign-in';
|
|
36
|
+
returnPathname?: string;
|
|
37
|
+
}
|
|
38
|
+
export interface AuthkitMiddlewareAuth {
|
|
39
|
+
enabled: boolean;
|
|
40
|
+
unauthenticatedPaths: string[];
|
|
41
|
+
}
|
|
42
|
+
export interface AuthkitMiddlewareOptions {
|
|
43
|
+
debug?: boolean;
|
|
44
|
+
middlewareAuth?: AuthkitMiddlewareAuth;
|
|
45
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.authkitMiddleware = void 0;
|
|
4
|
+
const session_js_1 = require("./session.js");
|
|
5
|
+
function authkitMiddleware({ debug = false, middlewareAuth = { enabled: false, unauthenticatedPaths: [] }, } = {}) {
|
|
6
|
+
return function (request) {
|
|
7
|
+
return (0, session_js_1.updateSession)(request, debug, middlewareAuth);
|
|
8
|
+
};
|
|
9
|
+
}
|
|
10
|
+
exports.authkitMiddleware = authkitMiddleware;
|
|
11
|
+
//# sourceMappingURL=middleware.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":";;;AACA,6CAA6C;AAG7C,SAAgB,iBAAiB,CAAC,EAChC,KAAK,GAAG,KAAK,EACb,cAAc,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,EAAE,MACjC,EAAE;IAC9B,OAAO,UAAU,OAAO;QACtB,OAAO,IAAA,0BAAa,EAAC,OAAO,EAAE,KAAK,EAAE,cAAc,CAAC,CAAC;IACvD,CAAC,CAAC;AACJ,CAAC;AAPD,8CAOC"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
'use client';
|
|
3
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
|
+
exports.MinMaxButton = void 0;
|
|
5
|
+
const tslib_1 = require("tslib");
|
|
6
|
+
const React = tslib_1.__importStar(require("react"));
|
|
7
|
+
const button_js_1 = require("./button.js");
|
|
8
|
+
function MinMaxButton({ children, minimizedValue }) {
|
|
9
|
+
return (React.createElement(button_js_1.Button, { onClick: () => {
|
|
10
|
+
const root = document.querySelector('[data-workos-impersonation-root]');
|
|
11
|
+
root === null || root === void 0 ? void 0 : root.style.setProperty('--wi-minimized', minimizedValue);
|
|
12
|
+
}, style: { padding: 0, width: '1.714em' } }, children));
|
|
13
|
+
}
|
|
14
|
+
exports.MinMaxButton = MinMaxButton;
|
|
15
|
+
//# sourceMappingURL=min-max-button.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"min-max-button.js","sourceRoot":"","sources":["../../src/min-max-button.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;AAEb,qDAA+B;AAC/B,2CAAqC;AAOrC,SAAgB,YAAY,CAAC,EAAE,QAAQ,EAAE,cAAc,EAAqB;IAC1E,OAAO,CACL,oBAAC,kBAAM,IACL,OAAO,EAAE,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,QAAQ,CAAC,aAAa,CAAC,kCAAkC,CAAuB,CAAC;YAC9F,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,KAAK,CAAC,WAAW,CAAC,gBAAgB,EAAE,cAAc,CAAC,CAAC;QAC5D,CAAC,EACD,KAAK,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,IAEtC,QAAQ,CACF,CACV,CAAC;AACJ,CAAC;AAZD,oCAYC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { NextRequest, NextResponse } from 'next/server';
|
|
2
|
+
import { AuthkitMiddlewareAuth, NoUserInfo, Session, UserInfo } from './interfaces.js';
|
|
3
|
+
declare function encryptSession(session: Session): Promise<string>;
|
|
4
|
+
declare function updateSession(request: NextRequest, debug: boolean, middlewareAuth: AuthkitMiddlewareAuth): Promise<NextResponse<unknown>>;
|
|
5
|
+
declare function getUser(options?: {
|
|
6
|
+
ensureSignedIn: false;
|
|
7
|
+
}): Promise<UserInfo | NoUserInfo>;
|
|
8
|
+
declare function getUser(options: {
|
|
9
|
+
ensureSignedIn: true;
|
|
10
|
+
}): Promise<UserInfo>;
|
|
11
|
+
declare function terminateSession(): Promise<void>;
|
|
12
|
+
export { encryptSession, updateSession, getUser, terminateSession };
|
|
@@ -0,0 +1,163 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.terminateSession = exports.getUser = exports.updateSession = exports.encryptSession = void 0;
|
|
4
|
+
const navigation_1 = require("next/navigation");
|
|
5
|
+
const headers_1 = require("next/headers");
|
|
6
|
+
const server_1 = require("next/server");
|
|
7
|
+
const jose_1 = require("jose");
|
|
8
|
+
const iron_session_1 = require("iron-session");
|
|
9
|
+
const cookie_js_1 = require("./cookie.js");
|
|
10
|
+
const workos_js_1 = require("./workos.js");
|
|
11
|
+
const env_variables_js_1 = require("./env-variables.js");
|
|
12
|
+
const get_authorization_url_js_1 = require("./get-authorization-url.js");
|
|
13
|
+
const path_to_regexp_1 = require("path-to-regexp");
|
|
14
|
+
const sessionHeaderName = 'x-workos-session';
|
|
15
|
+
const middlewareHeaderName = 'x-workos-middleware';
|
|
16
|
+
const JWKS = (0, jose_1.createRemoteJWKSet)(new URL(workos_js_1.workos.userManagement.getJwksUrl(env_variables_js_1.WORKOS_CLIENT_ID)));
|
|
17
|
+
async function encryptSession(session) {
|
|
18
|
+
return (0, iron_session_1.sealData)(session, { password: env_variables_js_1.WORKOS_COOKIE_PASSWORD });
|
|
19
|
+
}
|
|
20
|
+
exports.encryptSession = encryptSession;
|
|
21
|
+
async function updateSession(request, debug, middlewareAuth) {
|
|
22
|
+
const session = await getSessionFromCookie();
|
|
23
|
+
const newRequestHeaders = new Headers(request.headers);
|
|
24
|
+
// We store the current request url in a custom header, so we can always have access to it
|
|
25
|
+
// This is because on hard navigations we don't have access to `next-url` but need to get the current
|
|
26
|
+
// `pathname` to be able to return the users where they came from before sign-in
|
|
27
|
+
newRequestHeaders.set('x-url', request.url);
|
|
28
|
+
// Record that the request was routed through the middleware so we can check later for DX purposes
|
|
29
|
+
newRequestHeaders.set(middlewareHeaderName, 'true');
|
|
30
|
+
newRequestHeaders.delete(sessionHeaderName);
|
|
31
|
+
const matchedPaths = middlewareAuth.unauthenticatedPaths.filter((pathGlob) => {
|
|
32
|
+
const pathRegex = getMiddlewareAuthPathRegex(pathGlob);
|
|
33
|
+
return pathRegex.exec(request.nextUrl.pathname);
|
|
34
|
+
});
|
|
35
|
+
// If the user is logged out and this path isn't on the allowlist for logged out paths, redirect to AuthKit.
|
|
36
|
+
if (middlewareAuth.enabled && matchedPaths.length === 0 && !session) {
|
|
37
|
+
if (debug)
|
|
38
|
+
console.log('Unauthenticated user on protected route, redirecting to AuthKit');
|
|
39
|
+
return server_1.NextResponse.redirect(await (0, get_authorization_url_js_1.getAuthorizationUrl)({ returnPathname: new URL(request.url).pathname }));
|
|
40
|
+
}
|
|
41
|
+
// If no session, just continue
|
|
42
|
+
if (!session) {
|
|
43
|
+
return server_1.NextResponse.next({
|
|
44
|
+
request: { headers: newRequestHeaders },
|
|
45
|
+
});
|
|
46
|
+
}
|
|
47
|
+
const hasValidSession = await verifyAccessToken(session.accessToken);
|
|
48
|
+
if (hasValidSession) {
|
|
49
|
+
if (debug)
|
|
50
|
+
console.log('Session is valid');
|
|
51
|
+
// set the x-workos-session header according to the current cookie value
|
|
52
|
+
newRequestHeaders.set(sessionHeaderName, (0, headers_1.cookies)().get(cookie_js_1.cookieName).value);
|
|
53
|
+
return server_1.NextResponse.next({
|
|
54
|
+
request: { headers: newRequestHeaders },
|
|
55
|
+
});
|
|
56
|
+
}
|
|
57
|
+
try {
|
|
58
|
+
if (debug)
|
|
59
|
+
console.log('Session invalid. Attempting refresh', session.refreshToken);
|
|
60
|
+
// If the session is invalid (i.e. the access token has expired) attempt to re-authenticate with the refresh token
|
|
61
|
+
const { accessToken, refreshToken } = await workos_js_1.workos.userManagement.authenticateWithRefreshToken({
|
|
62
|
+
clientId: env_variables_js_1.WORKOS_CLIENT_ID,
|
|
63
|
+
refreshToken: session.refreshToken,
|
|
64
|
+
});
|
|
65
|
+
if (debug)
|
|
66
|
+
console.log('Refresh successful:', refreshToken);
|
|
67
|
+
// Encrypt session with new access and refresh tokens
|
|
68
|
+
const encryptedSession = await encryptSession({
|
|
69
|
+
accessToken,
|
|
70
|
+
refreshToken,
|
|
71
|
+
user: session.user,
|
|
72
|
+
impersonator: session.impersonator,
|
|
73
|
+
});
|
|
74
|
+
newRequestHeaders.set(sessionHeaderName, encryptedSession);
|
|
75
|
+
const response = server_1.NextResponse.next({
|
|
76
|
+
request: { headers: newRequestHeaders },
|
|
77
|
+
});
|
|
78
|
+
// update the cookie
|
|
79
|
+
response.cookies.set(cookie_js_1.cookieName, encryptedSession, cookie_js_1.cookieOptions);
|
|
80
|
+
return response;
|
|
81
|
+
}
|
|
82
|
+
catch (e) {
|
|
83
|
+
console.warn('Failed to refresh', e);
|
|
84
|
+
const response = server_1.NextResponse.next({
|
|
85
|
+
request: { headers: newRequestHeaders },
|
|
86
|
+
});
|
|
87
|
+
response.cookies.delete(cookie_js_1.cookieName);
|
|
88
|
+
return response;
|
|
89
|
+
}
|
|
90
|
+
}
|
|
91
|
+
exports.updateSession = updateSession;
|
|
92
|
+
function getMiddlewareAuthPathRegex(pathGlob) {
|
|
93
|
+
let regex;
|
|
94
|
+
try {
|
|
95
|
+
// Redirect URI is only used to construct the URL
|
|
96
|
+
const url = new URL(pathGlob, env_variables_js_1.WORKOS_REDIRECT_URI);
|
|
97
|
+
const path = `${url.pathname}${url.hash || ''}`;
|
|
98
|
+
const tokens = (0, path_to_regexp_1.parse)(path);
|
|
99
|
+
regex = (0, path_to_regexp_1.tokensToRegexp)(tokens).source;
|
|
100
|
+
return new RegExp(regex);
|
|
101
|
+
}
|
|
102
|
+
catch (err) {
|
|
103
|
+
const message = err instanceof Error ? err.message : String(err);
|
|
104
|
+
throw new Error(`Error parsing routes for middleware auth. Reason: ${message}`);
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
async function getUser({ ensureSignedIn = false } = {}) {
|
|
108
|
+
const hasMiddleware = Boolean((0, headers_1.headers)().get(middlewareHeaderName));
|
|
109
|
+
if (!hasMiddleware) {
|
|
110
|
+
throw new Error('You are calling `getUser` on a path that isn’t covered by the AuthKit middleware. Make sure it is running on all paths you are calling `getUser` from by updating your middleware config in `middleware.(js|ts)`.');
|
|
111
|
+
}
|
|
112
|
+
const session = await getSessionFromHeader();
|
|
113
|
+
if (!session) {
|
|
114
|
+
if (ensureSignedIn) {
|
|
115
|
+
const url = (0, headers_1.headers)().get('x-url');
|
|
116
|
+
const returnPathname = url ? new URL(url).pathname : undefined;
|
|
117
|
+
(0, navigation_1.redirect)(await (0, get_authorization_url_js_1.getAuthorizationUrl)({ returnPathname }));
|
|
118
|
+
}
|
|
119
|
+
return { user: null };
|
|
120
|
+
}
|
|
121
|
+
const { sid: sessionId, org_id: organizationId, role } = (0, jose_1.decodeJwt)(session.accessToken);
|
|
122
|
+
return {
|
|
123
|
+
sessionId,
|
|
124
|
+
user: session.user,
|
|
125
|
+
organizationId,
|
|
126
|
+
role,
|
|
127
|
+
impersonator: session.impersonator,
|
|
128
|
+
};
|
|
129
|
+
}
|
|
130
|
+
exports.getUser = getUser;
|
|
131
|
+
async function terminateSession() {
|
|
132
|
+
const { sessionId } = await getUser();
|
|
133
|
+
if (sessionId) {
|
|
134
|
+
(0, navigation_1.redirect)(workos_js_1.workos.userManagement.getLogoutUrl({ sessionId }));
|
|
135
|
+
}
|
|
136
|
+
(0, navigation_1.redirect)('/');
|
|
137
|
+
}
|
|
138
|
+
exports.terminateSession = terminateSession;
|
|
139
|
+
async function verifyAccessToken(accessToken) {
|
|
140
|
+
try {
|
|
141
|
+
await (0, jose_1.jwtVerify)(accessToken, JWKS);
|
|
142
|
+
return true;
|
|
143
|
+
}
|
|
144
|
+
catch (e) {
|
|
145
|
+
console.warn('Failed to verify session:', e);
|
|
146
|
+
return false;
|
|
147
|
+
}
|
|
148
|
+
}
|
|
149
|
+
async function getSessionFromCookie() {
|
|
150
|
+
const cookie = (0, headers_1.cookies)().get(cookie_js_1.cookieName);
|
|
151
|
+
if (cookie) {
|
|
152
|
+
return (0, iron_session_1.unsealData)(cookie.value, {
|
|
153
|
+
password: env_variables_js_1.WORKOS_COOKIE_PASSWORD,
|
|
154
|
+
});
|
|
155
|
+
}
|
|
156
|
+
}
|
|
157
|
+
async function getSessionFromHeader() {
|
|
158
|
+
const authHeader = (0, headers_1.headers)().get(sessionHeaderName);
|
|
159
|
+
if (!authHeader)
|
|
160
|
+
return;
|
|
161
|
+
return (0, iron_session_1.unsealData)(authHeader, { password: env_variables_js_1.WORKOS_COOKIE_PASSWORD });
|
|
162
|
+
}
|
|
163
|
+
//# sourceMappingURL=session.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"session.js","sourceRoot":"","sources":["../../src/session.ts"],"names":[],"mappings":";;;AAAA,gDAA2C;AAC3C,0CAAgD;AAChD,wCAAwD;AACxD,+BAAgE;AAChE,+CAAoD;AACpD,2CAAwD;AACxD,2CAAqC;AACrC,yDAAmG;AACnG,yEAAiE;AAGjE,mDAAuD;AAEvD,MAAM,iBAAiB,GAAG,kBAAkB,CAAC;AAC7C,MAAM,oBAAoB,GAAG,qBAAqB,CAAC;AAEnD,MAAM,IAAI,GAAG,IAAA,yBAAkB,EAAC,IAAI,GAAG,CAAC,kBAAM,CAAC,cAAc,CAAC,UAAU,CAAC,mCAAgB,CAAC,CAAC,CAAC,CAAC;AAE7F,KAAK,UAAU,cAAc,CAAC,OAAgB;IAC5C,OAAO,IAAA,uBAAQ,EAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,yCAAsB,EAAE,CAAC,CAAC;AACjE,CAAC;AA0KQ,wCAAc;AAxKvB,KAAK,UAAU,aAAa,CAAC,OAAoB,EAAE,KAAc,EAAE,cAAqC;IACtG,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAC7C,MAAM,iBAAiB,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAEvD,0FAA0F;IAC1F,qGAAqG;IACrG,gFAAgF;IAChF,iBAAiB,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;IAE5C,kGAAkG;IAClG,iBAAiB,CAAC,GAAG,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;IAEpD,iBAAiB,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAE5C,MAAM,YAAY,GAAa,cAAc,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,EAAE;QACrF,MAAM,SAAS,GAAG,0BAA0B,CAAC,QAAQ,CAAC,CAAC;QAEvD,OAAO,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,4GAA4G;IAC5G,IAAI,cAAc,CAAC,OAAO,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QACpE,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAC;QAC1F,OAAO,qBAAY,CAAC,QAAQ,CAAC,MAAM,IAAA,8CAAmB,EAAC,EAAE,cAAc,EAAE,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;IAC7G,CAAC;IAED,+BAA+B;IAC/B,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,qBAAY,CAAC,IAAI,CAAC;YACvB,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC,CAAC,CAAC;IACL,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IAErE,IAAI,eAAe,EAAE,CAAC;QACpB,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QAC3C,wEAAwE;QACxE,iBAAiB,CAAC,GAAG,CAAC,iBAAiB,EAAE,IAAA,iBAAO,GAAE,CAAC,GAAG,CAAC,sBAAU,CAAE,CAAC,KAAK,CAAC,CAAC;QAC3E,OAAO,qBAAY,CAAC,IAAI,CAAC;YACvB,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC,CAAC,CAAC;IACL,CAAC;IAED,IAAI,CAAC;QACH,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,qCAAqC,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;QAEpF,kHAAkH;QAClH,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,MAAM,kBAAM,CAAC,cAAc,CAAC,4BAA4B,CAAC;YAC7F,QAAQ,EAAE,mCAAgB;YAC1B,YAAY,EAAE,OAAO,CAAC,YAAY;SACnC,CAAC,CAAC;QAEH,IAAI,KAAK;YAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,YAAY,CAAC,CAAC;QAE5D,qDAAqD;QACrD,MAAM,gBAAgB,GAAG,MAAM,cAAc,CAAC;YAC5C,WAAW;YACX,YAAY;YACZ,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,YAAY,EAAE,OAAO,CAAC,YAAY;SACnC,CAAC,CAAC;QAEH,iBAAiB,CAAC,GAAG,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,CAAC;QAE3D,MAAM,QAAQ,GAAG,qBAAY,CAAC,IAAI,CAAC;YACjC,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC,CAAC,CAAC;QACH,oBAAoB;QACpB,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAU,EAAE,gBAAgB,EAAE,yBAAa,CAAC,CAAC;QAClE,OAAO,QAAQ,CAAC;IAClB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC,CAAC,CAAC;QACrC,MAAM,QAAQ,GAAG,qBAAY,CAAC,IAAI,CAAC;YACjC,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC,CAAC,CAAC;QACH,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,sBAAU,CAAC,CAAC;QACpC,OAAO,QAAQ,CAAC;IAClB,CAAC;AACH,CAAC;AAyFwB,sCAAa;AAvFtC,SAAS,0BAA0B,CAAC,QAAgB;IAClD,IAAI,KAAa,CAAC;IAElB,IAAI,CAAC;QACH,iDAAiD;QACjD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,EAAE,sCAAmB,CAAC,CAAC;QACnD,MAAM,IAAI,GAAG,GAAG,GAAG,CAAC,QAAS,GAAG,GAAG,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC;QAEjD,MAAM,MAAM,GAAG,IAAA,sBAAK,EAAC,IAAI,CAAC,CAAC;QAC3B,KAAK,GAAG,IAAA,+BAAc,EAAC,MAAM,CAAC,CAAC,MAAM,CAAC;QAEtC,OAAO,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAEjE,MAAM,IAAI,KAAK,CAAC,qDAAqD,OAAO,EAAE,CAAC,CAAC;IAClF,CAAC;AACH,CAAC;AAMD,KAAK,UAAU,OAAO,CAAC,EAAE,cAAc,GAAG,KAAK,EAAE,GAAG,EAAE;IACpD,MAAM,aAAa,GAAG,OAAO,CAAC,IAAA,iBAAO,GAAE,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC,CAAC;IAEnE,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CACb,mNAAmN,CACpN,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAC7C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,GAAG,GAAG,IAAA,iBAAO,GAAE,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACnC,MAAM,cAAc,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC/D,IAAA,qBAAQ,EAAC,MAAM,IAAA,8CAAmB,EAAC,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACxB,CAAC;IAED,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,GAAG,IAAA,gBAAS,EAAc,OAAO,CAAC,WAAW,CAAC,CAAC;IAErG,OAAO;QACL,SAAS;QACT,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,cAAc;QACd,IAAI;QACJ,YAAY,EAAE,OAAO,CAAC,YAAY;KACnC,CAAC;AACJ,CAAC;AAoCuC,0BAAO;AAlC/C,KAAK,UAAU,gBAAgB;IAC7B,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,OAAO,EAAE,CAAC;IACtC,IAAI,SAAS,EAAE,CAAC;QACd,IAAA,qBAAQ,EAAC,kBAAM,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;IAC9D,CAAC;IACD,IAAA,qBAAQ,EAAC,GAAG,CAAC,CAAC;AAChB,CAAC;AA4BgD,4CAAgB;AA1BjE,KAAK,UAAU,iBAAiB,CAAC,WAAmB;IAClD,IAAI,CAAC;QACH,MAAM,IAAA,gBAAS,EAAC,WAAW,EAAE,IAAI,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,CAAC,IAAI,CAAC,2BAA2B,EAAE,CAAC,CAAC,CAAC;QAC7C,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,KAAK,UAAU,oBAAoB;IACjC,MAAM,MAAM,GAAG,IAAA,iBAAO,GAAE,CAAC,GAAG,CAAC,sBAAU,CAAC,CAAC;IACzC,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,IAAA,yBAAU,EAAU,MAAM,CAAC,KAAK,EAAE;YACvC,QAAQ,EAAE,yCAAsB;SACjC,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED,KAAK,UAAU,oBAAoB;IACjC,MAAM,UAAU,GAAG,IAAA,iBAAO,GAAE,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;IACpD,IAAI,CAAC,UAAU;QAAE,OAAO;IAExB,OAAO,IAAA,yBAAU,EAAU,UAAU,EAAE,EAAE,QAAQ,EAAE,yCAAsB,EAAE,CAAC,CAAC;AAC/E,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.workos = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const node_1 = tslib_1.__importDefault(require("@workos-inc/node"));
|
|
6
|
+
const env_variables_js_1 = require("./env-variables.js");
|
|
7
|
+
// Initialize the WorkOS client
|
|
8
|
+
const workos = new node_1.default(env_variables_js_1.WORKOS_API_KEY);
|
|
9
|
+
exports.workos = workos;
|
|
10
|
+
//# sourceMappingURL=workos.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"workos.js","sourceRoot":"","sources":["../../src/workos.ts"],"names":[],"mappings":";;;;AAAA,oEAAsC;AACtC,yDAAoD;AAEpD,+BAA+B;AAC/B,MAAM,MAAM,GAAG,IAAI,cAAM,CAAC,iCAAc,CAAC,CAAC;AAEjC,wBAAM"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@workos-inc/authkit-nextjs",
|
|
3
|
-
"version": "0.5.
|
|
3
|
+
"version": "0.5.2",
|
|
4
4
|
"description": "Authentication and session helpers for using WorkOS & AuthKit with Next.js",
|
|
5
5
|
"sideEffects": false,
|
|
6
6
|
"type": "commonjs",
|
|
@@ -16,8 +16,6 @@
|
|
|
16
16
|
"clean": "rm -rf dist",
|
|
17
17
|
"prebuild": "npm run clean",
|
|
18
18
|
"build": "tsc --project tsconfig-cjs.json",
|
|
19
|
-
"preversion": "npm run build",
|
|
20
|
-
"postversion": "git push --follow-tags",
|
|
21
19
|
"prepublishOnly": "npm run lint",
|
|
22
20
|
"lint": "eslint \"src/**/*.ts*\"",
|
|
23
21
|
"test": "echo \"Error: no test specified\" && exit 1"
|
|
@@ -22,16 +22,8 @@ export function handleAuth(options: HandleAuthOptions = {}) {
|
|
|
22
22
|
code,
|
|
23
23
|
});
|
|
24
24
|
|
|
25
|
-
const url = request.nextUrl.clone();
|
|
26
|
-
|
|
27
|
-
// Cleanup params
|
|
28
|
-
url.searchParams.delete('code');
|
|
29
|
-
url.searchParams.delete('state');
|
|
30
|
-
|
|
31
25
|
// Redirect to the requested path and store the session
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
const response = NextResponse.redirect(url);
|
|
26
|
+
const response = NextResponse.redirect(returnPathname ?? returnPathnameOption);
|
|
35
27
|
|
|
36
28
|
if (!accessToken || !refreshToken) throw new Error('response is missing tokens');
|
|
37
29
|
|
package/src/session.ts
CHANGED
|
@@ -114,7 +114,9 @@ function getMiddlewareAuthPathRegex(pathGlob: string) {
|
|
|
114
114
|
|
|
115
115
|
return new RegExp(regex);
|
|
116
116
|
} catch (err) {
|
|
117
|
-
|
|
117
|
+
const message = err instanceof Error ? err.message : String(err);
|
|
118
|
+
|
|
119
|
+
throw new Error(`Error parsing routes for middleware auth. Reason: ${message}`);
|
|
118
120
|
}
|
|
119
121
|
}
|
|
120
122
|
|