@workos-inc/authkit-nextjs 3.0.0-beta.1 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +276 -102
- package/dist/esm/actions.js +35 -4
- package/dist/esm/actions.js.map +1 -1
- package/dist/esm/auth.js +51 -20
- package/dist/esm/auth.js.map +1 -1
- package/dist/esm/authkit-callback-route.js +82 -93
- package/dist/esm/authkit-callback-route.js.map +1 -1
- package/dist/esm/components/authkit-provider.js +36 -15
- package/dist/esm/components/authkit-provider.js.map +1 -1
- package/dist/esm/components/impersonation.js +17 -15
- package/dist/esm/components/impersonation.js.map +1 -1
- package/dist/esm/components/min-max-button.js +1 -1
- package/dist/esm/components/min-max-button.js.map +1 -1
- package/dist/esm/components/tokenStore.js +28 -19
- package/dist/esm/components/tokenStore.js.map +1 -1
- package/dist/esm/components/useAccessToken.js +1 -1
- package/dist/esm/components/useAccessToken.js.map +1 -1
- package/dist/esm/components/useTokenClaims.js +1 -1
- package/dist/esm/components/useTokenClaims.js.map +1 -1
- package/dist/esm/cookie.js +16 -5
- package/dist/esm/cookie.js.map +1 -1
- package/dist/esm/env-variables.js +6 -6
- package/dist/esm/env-variables.js.map +1 -1
- package/dist/esm/errors.js +36 -0
- package/dist/esm/errors.js.map +1 -0
- package/dist/esm/get-authorization-url.js +51 -12
- package/dist/esm/get-authorization-url.js.map +1 -1
- package/dist/esm/index.js +5 -2
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/interfaces.js +7 -1
- package/dist/esm/interfaces.js.map +1 -1
- package/dist/esm/middleware-helpers.js +102 -0
- package/dist/esm/middleware-helpers.js.map +1 -0
- package/dist/esm/middleware.js +3 -1
- package/dist/esm/middleware.js.map +1 -1
- package/dist/esm/pkce.js +38 -0
- package/dist/esm/pkce.js.map +1 -0
- package/dist/esm/session.js +73 -35
- package/dist/esm/session.js.map +1 -1
- package/dist/esm/test-helpers.js +1 -1
- package/dist/esm/test-helpers.js.map +1 -1
- package/dist/esm/types/actions.d.ts +34 -5
- package/dist/esm/types/auth.d.ts +7 -15
- package/dist/esm/types/components/authkit-provider.d.ts +6 -2
- package/dist/esm/types/components/impersonation.d.ts +2 -1
- package/dist/esm/types/cookie.d.ts +8 -0
- package/dist/esm/types/env-variables.d.ts +2 -1
- package/dist/esm/types/errors.d.ts +15 -0
- package/dist/esm/types/get-authorization-url.d.ts +2 -2
- package/dist/esm/types/index.d.ts +5 -2
- package/dist/esm/types/interfaces.d.ts +12 -0
- package/dist/esm/types/jwt.d.ts +9 -9
- package/dist/esm/types/middleware-helpers.d.ts +27 -0
- package/dist/esm/types/middleware.d.ts +3 -1
- package/dist/esm/types/pkce.d.ts +12 -0
- package/dist/esm/types/session.d.ts +1 -1
- package/dist/esm/types/utils.d.ts +5 -0
- package/dist/esm/types/validate-api-key.d.ts +1 -0
- package/dist/esm/types/workos.d.ts +1 -1
- package/dist/esm/utils.js +10 -2
- package/dist/esm/utils.js.map +1 -1
- package/dist/esm/validate-api-key.js +16 -0
- package/dist/esm/validate-api-key.js.map +1 -0
- package/dist/esm/workos.js +1 -1
- package/package.json +32 -34
- package/src/actions.spec.ts +94 -17
- package/src/actions.ts +44 -5
- package/src/auth.spec.ts +60 -29
- package/src/auth.ts +55 -41
- package/src/authkit-callback-route.spec.ts +310 -58
- package/src/authkit-callback-route.ts +106 -103
- package/src/components/authkit-provider.spec.tsx +264 -70
- package/src/components/authkit-provider.tsx +40 -15
- package/src/components/button.spec.tsx +4 -6
- package/src/components/impersonation.spec.tsx +152 -35
- package/src/components/impersonation.tsx +37 -30
- package/src/components/min-max-button.spec.tsx +2 -1
- package/src/components/tokenStore.spec.ts +59 -44
- package/src/components/tokenStore.ts +11 -3
- package/src/components/useAccessToken.spec.tsx +82 -83
- package/src/components/useTokenClaims.spec.tsx +23 -22
- package/src/cookie.spec.ts +14 -9
- package/src/cookie.ts +29 -0
- package/src/env-variables.ts +2 -0
- package/src/errors.spec.ts +108 -0
- package/src/errors.ts +46 -0
- package/src/get-authorization-url.spec.ts +170 -15
- package/src/get-authorization-url.ts +69 -23
- package/src/index.ts +20 -2
- package/src/interfaces.ts +15 -0
- package/src/jwt.ts +9 -9
- package/src/middleware-helpers.spec.ts +238 -0
- package/src/middleware-helpers.ts +134 -0
- package/src/middleware.spec.ts +25 -0
- package/src/middleware.ts +4 -1
- package/src/pkce.spec.ts +125 -0
- package/src/pkce.ts +42 -0
- package/src/session.spec.ts +87 -89
- package/src/session.ts +91 -27
- package/src/test-helpers.ts +1 -1
- package/src/utils.spec.ts +14 -31
- package/src/utils.ts +9 -0
- package/src/validate-api-key.spec.ts +111 -0
- package/src/validate-api-key.ts +19 -0
- package/src/workos.spec.ts +2 -2
- package/src/workos.ts +1 -1
|
@@ -1,27 +1,20 @@
|
|
|
1
1
|
import { getAccessTokenAction, refreshAccessTokenAction } from '../actions.js';
|
|
2
2
|
import { decodeJwt } from '../jwt.js';
|
|
3
|
+
function unwrapRefreshResult(result) {
|
|
4
|
+
if (result.error) {
|
|
5
|
+
throw new Error(result.error);
|
|
6
|
+
}
|
|
7
|
+
return result.accessToken;
|
|
8
|
+
}
|
|
3
9
|
const TOKEN_EXPIRY_BUFFER_SECONDS = 60;
|
|
4
10
|
const MIN_REFRESH_DELAY_SECONDS = 15;
|
|
5
11
|
const MAX_REFRESH_DELAY_SECONDS = 24 * 60 * 60;
|
|
6
12
|
const RETRY_DELAY_SECONDS = 300; // 5 minutes for retry on error
|
|
7
13
|
const jwtCookieName = 'workos-access-token';
|
|
8
14
|
export class TokenStore {
|
|
15
|
+
state;
|
|
16
|
+
serverSnapshot;
|
|
9
17
|
constructor() {
|
|
10
|
-
this.listeners = new Set();
|
|
11
|
-
this.refreshPromise = null;
|
|
12
|
-
this.fastCookieConsumed = false;
|
|
13
|
-
this.subscribe = (listener) => {
|
|
14
|
-
this.listeners.add(listener);
|
|
15
|
-
return () => {
|
|
16
|
-
this.listeners.delete(listener);
|
|
17
|
-
if (this.listeners.size === 0 && this.refreshTimeout) {
|
|
18
|
-
clearTimeout(this.refreshTimeout);
|
|
19
|
-
this.refreshTimeout = undefined;
|
|
20
|
-
}
|
|
21
|
-
};
|
|
22
|
-
};
|
|
23
|
-
this.getSnapshot = () => this.state;
|
|
24
|
-
this.getServerSnapshot = () => this.serverSnapshot;
|
|
25
18
|
// Initialize state with token from cookie if available
|
|
26
19
|
const initialToken = typeof window !== 'undefined' ? this.getInitialTokenFromCookie() : undefined;
|
|
27
20
|
this.state = {
|
|
@@ -46,6 +39,22 @@ export class TokenStore {
|
|
|
46
39
|
}
|
|
47
40
|
}
|
|
48
41
|
}
|
|
42
|
+
listeners = new Set();
|
|
43
|
+
refreshPromise = null;
|
|
44
|
+
refreshTimeout;
|
|
45
|
+
fastCookieConsumed = false;
|
|
46
|
+
subscribe = (listener) => {
|
|
47
|
+
this.listeners.add(listener);
|
|
48
|
+
return () => {
|
|
49
|
+
this.listeners.delete(listener);
|
|
50
|
+
if (this.listeners.size === 0 && this.refreshTimeout) {
|
|
51
|
+
clearTimeout(this.refreshTimeout);
|
|
52
|
+
this.refreshTimeout = undefined;
|
|
53
|
+
}
|
|
54
|
+
};
|
|
55
|
+
};
|
|
56
|
+
getSnapshot = () => this.state;
|
|
57
|
+
getServerSnapshot = () => this.serverSnapshot;
|
|
49
58
|
notify() {
|
|
50
59
|
this.listeners.forEach((listener) => listener());
|
|
51
60
|
}
|
|
@@ -161,7 +170,7 @@ export class TokenStore {
|
|
|
161
170
|
timeUntilExpiry,
|
|
162
171
|
};
|
|
163
172
|
}
|
|
164
|
-
catch
|
|
173
|
+
catch {
|
|
165
174
|
return null;
|
|
166
175
|
}
|
|
167
176
|
}
|
|
@@ -244,7 +253,7 @@ export class TokenStore {
|
|
|
244
253
|
let token;
|
|
245
254
|
if (!silent) {
|
|
246
255
|
// Manual refresh - always force refresh
|
|
247
|
-
token = await refreshAccessTokenAction();
|
|
256
|
+
token = unwrapRefreshResult(await refreshAccessTokenAction());
|
|
248
257
|
}
|
|
249
258
|
else {
|
|
250
259
|
// Silent refresh - only fetch from server if we don't have a local token
|
|
@@ -262,7 +271,7 @@ export class TokenStore {
|
|
|
262
271
|
}
|
|
263
272
|
// If the token from server is expiring, refresh it
|
|
264
273
|
if (!token || (tokenData && tokenData.isExpiring)) {
|
|
265
|
-
const refreshedToken = await refreshAccessTokenAction();
|
|
274
|
+
const refreshedToken = unwrapRefreshResult(await refreshAccessTokenAction());
|
|
266
275
|
if (refreshedToken) {
|
|
267
276
|
token = refreshedToken;
|
|
268
277
|
}
|
|
@@ -270,7 +279,7 @@ export class TokenStore {
|
|
|
270
279
|
}
|
|
271
280
|
else {
|
|
272
281
|
// We have a local token that needs refreshing (already checked by getAccessTokenSilently)
|
|
273
|
-
token = await refreshAccessTokenAction();
|
|
282
|
+
token = unwrapRefreshResult(await refreshAccessTokenAction());
|
|
274
283
|
}
|
|
275
284
|
}
|
|
276
285
|
// Only update state if token actually changed or if loading was true
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tokenStore.js","sourceRoot":"","sources":["../../../src/components/tokenStore.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"tokenStore.js","sourceRoot":"","sources":["../../../src/components/tokenStore.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,eAAe,CAAC;AAE/E,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAEtC,SAAS,mBAAmB,CAAC,MAAsC;IACjE,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC;IACD,OAAO,MAAM,CAAC,WAAW,CAAC;AAC5B,CAAC;AAQD,MAAM,2BAA2B,GAAG,EAAE,CAAC;AACvC,MAAM,yBAAyB,GAAG,EAAE,CAAC;AACrC,MAAM,yBAAyB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AAC/C,MAAM,mBAAmB,GAAG,GAAG,CAAC,CAAC,+BAA+B;AAChE,MAAM,aAAa,GAAG,qBAAqB,CAAC;AAE5C,MAAM,OAAO,UAAU;IACb,KAAK,CAAa;IAClB,cAAc,CAAa;IAEnC;QACE,uDAAuD;QACvD,MAAM,YAAY,GAAG,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,yBAAyB,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;QAClG,IAAI,CAAC,KAAK,GAAG;YACX,KAAK,EAAE,YAAY;YACnB,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,IAAI;SACZ,CAAC;QAEF,2DAA2D;QAC3D,IAAI,CAAC,cAAc,GAAG;YACpB,KAAK,EAAE,SAAS;YAChB,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,IAAI;SACZ,CAAC;QAEF,0BAA0B;QAC1B,IAAI,YAAY,EAAE,CAAC;YACjB,uCAAuC;YACvC,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC;YAC/B,yCAAyC;YACzC,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;YAChD,IAAI,SAAS,EAAE,CAAC;gBACd,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;YAClD,CAAC;QACH,CAAC;IACH,CAAC;IAEO,SAAS,GAAG,IAAI,GAAG,EAAc,CAAC;IAClC,cAAc,GAAuC,IAAI,CAAC;IAC1D,cAAc,CAA4C;IAC1D,kBAAkB,GAAG,KAAK,CAAC;IAEnC,SAAS,GAAG,CAAC,QAAoB,EAAE,EAAE;QACnC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC7B,OAAO,GAAG,EAAE;YACV,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAChC,IAAI,IAAI,CAAC,SAAS,CAAC,IAAI,KAAK,CAAC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBACrD,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;gBAClC,IAAI,CAAC,cAAc,GAAG,SAAS,CAAC;YAClC,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,CAAC;IAEF,WAAW,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC;IAE/B,iBAAiB,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC;IAEtC,MAAM;QACZ,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,EAAE,CAAC,CAAC;IACnD,CAAC;IAEO,QAAQ,CAAC,OAA4B;QAC3C,IAAI,CAAC,KAAK,GAAG,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE,GAAG,OAAO,EAAE,CAAC;QAC3C,IAAI,CAAC,MAAM,EAAE,CAAC;IAChB,CAAC;IAEO,eAAe,CAAC,eAAwB;QAC9C,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YAClC,IAAI,CAAC,cAAc,GAAG,SAAS,CAAC;QAClC,CAAC;QAED,MAAM,KAAK,GACT,OAAO,eAAe,KAAK,WAAW,CAAC,CAAC,CAAC,mBAAmB,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,eAAe,CAAC,CAAC;QAE9G,IAAI,CAAC,cAAc,GAAG,UAAU;QAC9B,0BAA0B,CAAC,GAAG,EAAE;YAC9B,KAAK,IAAI,CAAC,sBAAsB,EAAE,CAAC,KAAK,CAAC,0BAA0B,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAChF,CAAC,EACD,KAAK,CACN,CAAC;IACJ,CAAC;IAEO,eAAe,CAAC,eAAuB;QAC7C,IAAI,eAAe,IAAI,2BAA2B,EAAE,CAAC;YACnD,OAAO,CAAC,CAAC,CAAC,oBAAoB;QAChC,CAAC;QAED,MAAM,UAAU,GAAG,CAAC,eAAe,GAAG,2BAA2B,CAAC,GAAG,IAAI,CAAC;QAE1E,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,yBAAyB,GAAG,IAAI,CAAC,EAAE,yBAAyB,GAAG,IAAI,CAAC,CAAC;IAC5G,CAAC;IAEO,YAAY;QAClB,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,KAAK,QAAQ,CAAC;QAEvD,8DAA8D;QAC9D,2DAA2D;QAC3D,kEAAkE;QAClE,MAAM,cAAc,GAAG,QAAQ;YAC7B,CAAC,CAAC,GAAG,aAAa,oCAAoC;YACtD,CAAC,CAAC,GAAG,aAAa,4BAA4B,CAAC;QAEjD,QAAQ,CAAC,MAAM,GAAG,cAAc,CAAC;QAEjC,uEAAuE;QACvE,0EAA0E;IAC5E,CAAC;IAEO,yBAAyB;QAC/B,IAAI,OAAO,QAAQ,KAAK,WAAW,IAAI,OAAO,QAAQ,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YAC9E,OAAO;QACT,CAAC;QAED,8BAA8B;QAC9B,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAC/C,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE;YACd,MAAM,CAAC,IAAI,EAAE,GAAG,UAAU,CAAC,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACvD,IAAI,IAAI,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAClC,MAAM,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,iCAAiC;gBACrE,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC/C,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC,EACD,EAA4B,CAC7B,CAAC;QAEF,MAAM,KAAK,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;QACrC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO;QACT,CAAC;QAED,iDAAiD;QACjD,IAAI,CAAC,YAAY,EAAE,CAAC;QAEpB,OAAO,KAAK,CAAC;IACf,CAAC;IAEO,iBAAiB;QACvB,yCAAyC;QACzC,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC5B,OAAO;QACT,CAAC;QAED,IAAI,OAAO,QAAQ,KAAK,WAAW,IAAI,OAAO,QAAQ,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;YAC9E,OAAO;QACT,CAAC;QAED,8BAA8B;QAC9B,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAC/C,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE;YACd,MAAM,CAAC,IAAI,EAAE,GAAG,UAAU,CAAC,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACvD,IAAI,IAAI,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAClC,MAAM,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,iCAAiC;gBACrE,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC/C,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC,EACD,EAA4B,CAC7B,CAAC;QAEF,MAAM,QAAQ,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;QACxC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,+DAA+D;YAC/D,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC;YAC/B,OAAO;QACT,CAAC;QAED,8DAA8D;QAC9D,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC;QAE/B,kDAAkD;QAClD,IAAI,CAAC,YAAY,EAAE,CAAC;QAEpB,IAAI,QAAQ,KAAK,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YAClC,OAAO,QAAQ,CAAC;QAClB,CAAC;IACH,CAAC;IAED,UAAU,CAAC,KAAyB;QAClC,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QAExB,IAAI,CAAC;YACH,MAAM,EAAE,OAAO,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;YACrC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAE1C,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;gBACpC,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,eAAe,GAAG,OAAO,CAAC,GAAG,GAAG,GAAG,CAAC;YAE1C,+DAA+D;YAC/D,qEAAqE;YACrE,IAAI,aAAa,GAAG,2BAA2B,CAAC;YAChD,MAAM,kBAAkB,GAAG,OAAO,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC;YAE9D,IAAI,kBAAkB,IAAI,GAAG,EAAE,CAAC;gBAC9B,6DAA6D;gBAC7D,aAAa,GAAG,EAAE,CAAC;YACrB,CAAC;YAED,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,GAAG,GAAG,GAAG,aAAa,CAAC;YAErD,OAAO;gBACL,OAAO;gBACP,SAAS,EAAE,OAAO,CAAC,GAAG;gBACtB,UAAU;gBACV,eAAe;aAChB,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,YAAY;QACV,OAAO,IAAI,CAAC,cAAc,KAAK,IAAI,CAAC;IACtC,CAAC;IAED,UAAU;QACR,IAAI,CAAC,QAAQ,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;QACjE,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YAClC,IAAI,CAAC,cAAc,GAAG,SAAS,CAAC;QAClC,CAAC;IACH,CAAC;IAED,KAAK,CAAC,cAAc;QAClB,MAAM,SAAS,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAE3C,IAAI,SAAS,EAAE,CAAC;YACd,IAAI,CAAC,QAAQ,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;YACjE,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAEpD,wDAAwD;QACxD,IAAI,SAAS,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC;YACvC,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC;QAC1B,CAAC;QAED,mEAAmE;QACnE,IAAI,IAAI,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,SAAS,EAAE,CAAC;YACnC,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC;QAC1B,CAAC;QAED,+CAA+C;QAC/C,OAAO,IAAI,CAAC,oBAAoB,EAAE,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,sBAAsB;QAC1B,MAAM,SAAS,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAE3C,IAAI,SAAS,EAAE,CAAC;YACd,IAAI,CAAC,QAAQ,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;YAEjE,yCAAyC;YACzC,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;YAC7C,IAAI,SAAS,EAAE,CAAC;gBACd,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;YAClD,CAAC;YAED,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAEpD,wDAAwD;QACxD,IAAI,SAAS,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC;YACvC,mEAAmE;YACnE,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC;QAC1B,CAAC;QAED,mEAAmE;QACnE,IAAI,IAAI,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,SAAS,EAAE,CAAC;YACnC,yDAAyD;YACzD,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC;QAC1B,CAAC;QAED,+CAA+C;QAC/C,OAAO,IAAI,CAAC,oBAAoB,EAAE,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,YAAY;QAChB,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;IACnC,CAAC;IAEO,KAAK,CAAC,oBAAoB;QAChC,OAAO,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IAClC,CAAC;IAEO,KAAK,CAAC,aAAa,CAAC,MAAe;QACzC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC,cAAc,CAAC;QAC7B,CAAC;QAED,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC;QAEvC,0EAA0E;QAC1E,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,IAAI,CAAC,QAAQ,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAChD,CAAC;aAAM,CAAC;YACN,yDAAyD;YACzD,IAAI,CAAC,QAAQ,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,CAAC,cAAc,GAAG,CAAC,KAAK,IAAI,EAAE;YAChC,IAAI,CAAC;gBACH,2DAA2D;gBAC3D,wEAAwE;gBACxE,IAAI,KAAyB,CAAC;gBAE9B,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,wCAAwC;oBACxC,KAAK,GAAG,mBAAmB,CAAC,MAAM,wBAAwB,EAAE,CAAC,CAAC;gBAChE,CAAC;qBAAM,CAAC;oBACN,yEAAyE;oBACzE,IAAI,CAAC,aAAa,EAAE,CAAC;wBACnB,uCAAuC;wBACvC,KAAK,GAAG,MAAM,oBAAoB,EAAE,CAAC;wBACrC,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;wBAEzC,4EAA4E;wBAC5E,IAAI,KAAK,IAAI,KAAK,KAAK,aAAa,EAAE,CAAC;4BACrC,IAAI,CAAC,QAAQ,CAAC;gCACZ,KAAK;gCACL,OAAO,EAAE,KAAK;gCACd,KAAK,EAAE,IAAI;6BACZ,CAAC,CAAC;wBACL,CAAC;wBAED,mDAAmD;wBACnD,IAAI,CAAC,KAAK,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,UAAU,CAAC,EAAE,CAAC;4BAClD,MAAM,cAAc,GAAG,mBAAmB,CAAC,MAAM,wBAAwB,EAAE,CAAC,CAAC;4BAC7E,IAAI,cAAc,EAAE,CAAC;gCACnB,KAAK,GAAG,cAAc,CAAC;4BACzB,CAAC;wBACH,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,0FAA0F;wBAC1F,KAAK,GAAG,mBAAmB,CAAC,MAAM,wBAAwB,EAAE,CAAC,CAAC;oBAChE,CAAC;gBACH,CAAC;gBAED,qEAAqE;gBACrE,IAAI,KAAK,KAAK,aAAa,IAAI,CAAC,MAAM,EAAE,CAAC;oBACvC,IAAI,CAAC,QAAQ,CAAC;wBACZ,KAAK;wBACL,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,IAAI;qBACZ,CAAC,CAAC;gBACL,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;gBACzC,IAAI,SAAS,EAAE,CAAC;oBACd,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;gBAClD,CAAC;gBACD,wEAAwE;gBAExE,OAAO,KAAK,CAAC;YACf,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,wEAAwE;gBACxE,IAAI,CAAC,QAAQ,CAAC;oBACZ,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;iBACjE,CAAC,CAAC;gBAEH,+BAA+B;gBAC/B,IAAI,CAAC,eAAe,EAAE,CAAC;gBAEvB,MAAM,KAAK,CAAC;YACd,CAAC;oBAAS,CAAC;gBACT,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;YAC7B,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IAED,KAAK;QACH,IAAI,CAAC,KAAK,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;QAC/D,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC3B,IAAI,CAAC,kBAAkB,GAAG,KAAK,CAAC;QAChC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YAClC,IAAI,CAAC,cAAc,GAAG,SAAS,CAAC;QAClC,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;IACzB,CAAC;CACF;AAED,MAAM,CAAC,MAAM,UAAU,GAAG,IAAI,UAAU,EAAE,CAAC"}
|
|
@@ -7,7 +7,7 @@ import { tokenStore } from './tokenStore.js';
|
|
|
7
7
|
*/
|
|
8
8
|
export function useAccessToken() {
|
|
9
9
|
const { user, sessionId } = useAuth();
|
|
10
|
-
const userId = user
|
|
10
|
+
const userId = user?.id;
|
|
11
11
|
const userRef = useRef(user);
|
|
12
12
|
userRef.current = user;
|
|
13
13
|
const prevSessionRef = useRef(sessionId);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"useAccessToken.js","sourceRoot":"","sources":["../../../src/components/useAccessToken.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,oBAAoB,EAAE,MAAM,OAAO,CAAC;AACvF,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AA6B7C;;GAEG;AACH,MAAM,UAAU,cAAc;IAC5B,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,OAAO,EAAE,CAAC;IACtC,MAAM,MAAM,GAAG,IAAI,
|
|
1
|
+
{"version":3,"file":"useAccessToken.js","sourceRoot":"","sources":["../../../src/components/useAccessToken.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,oBAAoB,EAAE,MAAM,OAAO,CAAC;AACvF,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AA6B7C;;GAEG;AACH,MAAM,UAAU,cAAc;IAC5B,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,OAAO,EAAE,CAAC;IACtC,MAAM,MAAM,GAAG,IAAI,EAAE,EAAE,CAAC;IACxB,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC;IAC7B,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IACvB,MAAM,cAAc,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;IACzC,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;IAErC,MAAM,UAAU,GAAG,oBAAoB,CAAC,UAAU,CAAC,SAAS,EAAE,UAAU,CAAC,WAAW,EAAE,UAAU,CAAC,iBAAiB,CAAC,CAAC;IAEpH,0EAA0E;IAC1E,wDAAwD;IACxD,MAAM,CAAC,qBAAqB,EAAE,wBAAwB,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE;QACtE,uDAAuD;QACvD,OAAO,OAAO,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,wBAAwB,CAAC,KAAK,CAAC,CAAC;YAChC,iCAAiC;YACjC,IAAI,aAAa,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;gBACxC,UAAU,CAAC,UAAU,EAAE,CAAC;YAC1B,CAAC;YACD,aAAa,CAAC,OAAO,GAAG,SAAS,CAAC;YAClC,cAAc,CAAC,OAAO,GAAG,SAAS,CAAC;YACnC,OAAO;QACT,CAAC;QAED,8EAA8E;QAC9E,MAAM,cAAc,GAAG,cAAc,CAAC,OAAO,KAAK,SAAS,IAAI,cAAc,CAAC,OAAO,KAAK,SAAS,CAAC;QACpG,MAAM,WAAW,GAAG,aAAa,CAAC,OAAO,KAAK,SAAS,IAAI,aAAa,CAAC,OAAO,KAAK,MAAM,CAAC;QAE5F,IAAI,cAAc,IAAI,WAAW,EAAE,CAAC;YAClC,UAAU,CAAC,UAAU,EAAE,CAAC;QAC1B,CAAC;QAED,cAAc,CAAC,OAAO,GAAG,SAAS,CAAC;QACnC,aAAa,CAAC,OAAO,GAAG,MAAM,CAAC;QAE/B,+EAA+E;QAC/E,MAAM,YAAY,GAAG,UAAU,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC;QACpD,MAAM,SAAS,GAAG,YAAY,CAAC,CAAC,CAAC,UAAU,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC5E,MAAM,iBAAiB,GAAG,CAAC,YAAY,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,UAAU,CAAC,CAAC;QAE/E,qDAAqD;QACrD,IAAI,iBAAiB,EAAE,CAAC;YACtB,wBAAwB,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,0BAA0B;QAC1B,UAAU;aACP,sBAAsB,EAAE;aACxB,KAAK,CAAC,GAAG,EAAE;YACV,gCAAgC;QAClC,CAAC,CAAC;aACD,OAAO,CAAC,GAAG,EAAE;YACZ,iDAAiD;YACjD,IAAI,iBAAiB,EAAE,CAAC;gBACtB,wBAAwB,CAAC,KAAK,CAAC,CAAC;YAClC,CAAC;QACH,CAAC,CAAC,CAAC;IACP,CAAC,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC;IAExB,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,IAAI,IAAI,OAAO,QAAQ,KAAK,WAAW,EAAE,CAAC;YAC7C,OAAO;QACT,CAAC;QAED,0BAA0B;QAC1B,MAAM,eAAe,GAAG,GAAG,EAAE;YAC3B,UAAU,CAAC,sBAAsB,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE;gBAC7C,gCAAgC;YAClC,CAAC,CAAC,CAAC;QACL,CAAC,CAAC;QAEF,0BAA0B;QAC1B,MAAM,UAAU,GAAG,CAAC,KAAY,EAAE,EAAE;YAClC,IAAI,KAAK,CAAC,IAAI,KAAK,kBAAkB,IAAI,QAAQ,CAAC,eAAe,KAAK,SAAS,EAAE,CAAC;gBAChF,eAAe,EAAE,CAAC;YACpB,CAAC;QACH,CAAC,CAAC;QAEF,QAAQ,CAAC,gBAAgB,CAAC,kBAAkB,EAAE,UAAU,CAAC,CAAC;QAC1D,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAC7C,MAAM,CAAC,gBAAgB,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QAC9C,MAAM,CAAC,gBAAgB,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAEhD,OAAO,GAAG,EAAE;YACV,QAAQ,CAAC,mBAAmB,CAAC,kBAAkB,EAAE,UAAU,CAAC,CAAC;YAC7D,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;YAChD,MAAM,CAAC,mBAAmB,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;YACjD,MAAM,CAAC,mBAAmB,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QACrD,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC;IAExB,MAAM,cAAc,GAAG,WAAW,CAAC,KAAK,IAAiC,EAAE;QACzE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrB,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,UAAU,CAAC,cAAc,EAAE,CAAC;IACrC,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,0BAA0B;IAC1B,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,IAAiC,EAAE;QAClE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrB,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,UAAU,CAAC,YAAY,EAAE,CAAC;IACnC,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,wEAAwE;IACxE,MAAM,SAAS,GAAG,qBAAqB,IAAI,UAAU,CAAC,OAAO,CAAC;IAE9D,OAAO;QACL,WAAW,EAAE,UAAU,CAAC,KAAK;QAC7B,OAAO,EAAE,SAAS;QAClB,KAAK,EAAE,UAAU,CAAC,KAAK;QACvB,OAAO;QACP,cAAc;KACf,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"useTokenClaims.js","sourceRoot":"","sources":["../../../src/components/useTokenClaims.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,OAAO,CAAC;AAChC,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,SAAS,EAAoB,MAAM,WAAW,CAAC;AAExD;;;;;;;;GAQG;AACH,MAAM,UAAU,cAAc;IAC5B,MAAM,EAAE,WAAW,EAAE,GAAG,cAAc,EAAE,CAAC;IAEzC,OAAO,OAAO,CAAC,GAAG,EAAE;QAClB,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,IAAI,CAAC;YACH,OAAO,SAAS,CAAI,WAAW,CAAC,CAAC,OAAO,CAAC;QAC3C,CAAC;QAAC,
|
|
1
|
+
{"version":3,"file":"useTokenClaims.js","sourceRoot":"","sources":["../../../src/components/useTokenClaims.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,OAAO,CAAC;AAChC,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,SAAS,EAAoB,MAAM,WAAW,CAAC;AAExD;;;;;;;;GAQG;AACH,MAAM,UAAU,cAAc;IAC5B,MAAM,EAAE,WAAW,EAAE,GAAG,cAAc,EAAE,CAAC;IAEzC,OAAO,OAAO,CAAC,GAAG,EAAE;QAClB,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,IAAI,CAAC;YACH,OAAO,SAAS,CAAI,WAAW,CAAC,CAAC,OAAO,CAAC;QAC3C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;AACpB,CAAC"}
|
package/dist/esm/cookie.js
CHANGED
|
@@ -21,7 +21,7 @@ export function getCookieOptions(redirectUri, asString = false, expired = false)
|
|
|
21
21
|
const url = new URL(urlString);
|
|
22
22
|
secure = url.protocol === 'https:';
|
|
23
23
|
}
|
|
24
|
-
catch
|
|
24
|
+
catch {
|
|
25
25
|
// Invalid URL - default to secure
|
|
26
26
|
secure = true;
|
|
27
27
|
}
|
|
@@ -63,8 +63,19 @@ export function getCookieOptions(redirectUri, asString = false, expired = false)
|
|
|
63
63
|
domain: WORKOS_COOKIE_DOMAIN || '',
|
|
64
64
|
};
|
|
65
65
|
}
|
|
66
|
+
export function getPKCECookieOptions(redirectUri, asString = false, expired = false) {
|
|
67
|
+
if (asString) {
|
|
68
|
+
const options = getCookieOptions(redirectUri, true, expired);
|
|
69
|
+
return options.replace(/SameSite=Strict/i, 'SameSite=Lax');
|
|
70
|
+
}
|
|
71
|
+
const options = getCookieOptions(redirectUri);
|
|
72
|
+
return {
|
|
73
|
+
...options,
|
|
74
|
+
sameSite: options.sameSite.toLowerCase() === 'strict' ? 'lax' : options.sameSite,
|
|
75
|
+
};
|
|
76
|
+
}
|
|
66
77
|
export function getJwtCookie(body, requestUrlOrRedirectUri, expired) {
|
|
67
|
-
const cookie = `${JWT_COOKIE_NAME}=${expired ? '' : (body
|
|
78
|
+
const cookie = `${JWT_COOKIE_NAME}=${expired ? '' : (body ?? '')}`;
|
|
68
79
|
// Force Secure in production, except for localhost
|
|
69
80
|
let secure = false;
|
|
70
81
|
const isProduction = process.env.NODE_ENV === 'production';
|
|
@@ -75,7 +86,7 @@ export function getJwtCookie(body, requestUrlOrRedirectUri, expired) {
|
|
|
75
86
|
// In production, always use Secure unless explicitly on localhost
|
|
76
87
|
secure = isProduction ? !isLocalhost : url.protocol === 'https:';
|
|
77
88
|
}
|
|
78
|
-
catch
|
|
89
|
+
catch {
|
|
79
90
|
// If URL parsing fails, default to secure in production
|
|
80
91
|
secure = isProduction;
|
|
81
92
|
// If it's not a valid URL, fall back to WORKOS_REDIRECT_URI
|
|
@@ -85,7 +96,7 @@ export function getJwtCookie(body, requestUrlOrRedirectUri, expired) {
|
|
|
85
96
|
const url = new URL(fallbackUrl);
|
|
86
97
|
secure = url.protocol === 'https:';
|
|
87
98
|
}
|
|
88
|
-
catch
|
|
99
|
+
catch {
|
|
89
100
|
secure = false;
|
|
90
101
|
}
|
|
91
102
|
}
|
|
@@ -97,7 +108,7 @@ export function getJwtCookie(body, requestUrlOrRedirectUri, expired) {
|
|
|
97
108
|
const url = new URL(WORKOS_REDIRECT_URI);
|
|
98
109
|
secure = url.protocol === 'https:';
|
|
99
110
|
}
|
|
100
|
-
catch
|
|
111
|
+
catch {
|
|
101
112
|
secure = false;
|
|
102
113
|
}
|
|
103
114
|
}
|
package/dist/esm/cookie.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cookie.js","sourceRoot":"","sources":["../../src/cookie.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EACrB,oBAAoB,EACpB,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAK5B,MAAM,kBAAkB,GAAG,EAAE,CAAC,CAAC,UAAU;AACzC,MAAM,eAAe,GAAG,qBAAqB,CAAC;AAE9C,SAAS,kBAAkB,CAAC,QAAgB;IAC1C,IAAI,CAAC,CAAC,KAAK,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QAChE,MAAM,IAAI,KAAK,CAAC,2BAA2B,QAAQ,EAAE,CAAC,CAAC;IACzD,CAAC;AACH,CAAC;AAeD,MAAM,UAAU,gBAAgB,CAC9B,WAA2B,EAC3B,WAAoB,KAAK,EACzB,UAAmB,KAAK;IAExB,MAAM,QAAQ,GAAG,sBAAsB,IAAI,KAAK,CAAC;IACjD,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IAE7B,MAAM,SAAS,GAAG,WAAW,IAAI,mBAAmB,CAAC;IACrD,oEAAoE;IACpE,iEAAiE;IACjE,IAAI,MAAe,CAAC;IACpB,IAAI,QAAQ,CAAC,WAAW,EAAE,KAAK,MAAM,EAAE,CAAC;QACtC,MAAM,GAAG,IAAI,CAAC;IAChB,CAAC;SAAM,IAAI,SAAS,EAAE,CAAC;QACrB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;YAC/B,MAAM,GAAG,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC;QACrC,CAAC;QAAC,
|
|
1
|
+
{"version":3,"file":"cookie.js","sourceRoot":"","sources":["../../src/cookie.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EACrB,oBAAoB,EACpB,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAK5B,MAAM,kBAAkB,GAAG,EAAE,CAAC,CAAC,UAAU;AACzC,MAAM,eAAe,GAAG,qBAAqB,CAAC;AAE9C,SAAS,kBAAkB,CAAC,QAAgB;IAC1C,IAAI,CAAC,CAAC,KAAK,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QAChE,MAAM,IAAI,KAAK,CAAC,2BAA2B,QAAQ,EAAE,CAAC,CAAC;IACzD,CAAC;AACH,CAAC;AAeD,MAAM,UAAU,gBAAgB,CAC9B,WAA2B,EAC3B,WAAoB,KAAK,EACzB,UAAmB,KAAK;IAExB,MAAM,QAAQ,GAAG,sBAAsB,IAAI,KAAK,CAAC;IACjD,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IAE7B,MAAM,SAAS,GAAG,WAAW,IAAI,mBAAmB,CAAC;IACrD,oEAAoE;IACpE,iEAAiE;IACjE,IAAI,MAAe,CAAC;IACpB,IAAI,QAAQ,CAAC,WAAW,EAAE,KAAK,MAAM,EAAE,CAAC;QACtC,MAAM,GAAG,IAAI,CAAC;IAChB,CAAC;SAAM,IAAI,SAAS,EAAE,CAAC;QACrB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;YAC/B,MAAM,GAAG,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC;QACrC,CAAC;QAAC,MAAM,CAAC;YACP,kCAAkC;YAClC,MAAM,GAAG,IAAI,CAAC;QAChB,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,IAAI,CAAC;IAChB,CAAC;IAED,IAAI,MAAc,CAAC;IACnB,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,GAAG,CAAC,CAAC;IACb,CAAC;SAAM,IAAI,qBAAqB,EAAE,CAAC;QACjC,MAAM,MAAM,GAAG,QAAQ,CAAC,qBAAqB,EAAE,EAAE,CAAC,CAAC;QACnD,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC;IACjE,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC;IAC9B,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,mBAAmB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;QAC/F,MAAM,KAAK,GAAG,CAAC,QAAQ,EAAE,UAAU,EAAE,YAAY,mBAAmB,EAAE,EAAE,WAAW,MAAM,EAAE,CAAC,CAAC;QAC7F,IAAI,oBAAoB,EAAE,CAAC;YACzB,KAAK,CAAC,IAAI,CAAC,UAAU,oBAAoB,EAAE,CAAC,CAAC;QAC/C,CAAC;QACD,IAAI,MAAM,EAAE,CAAC;YACX,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvB,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,OAAO;QACL,IAAI,EAAE,GAAG;QACT,QAAQ,EAAE,IAAI;QACd,MAAM;QACN,QAAQ;QACR,sDAAsD;QACtD,2EAA2E;QAC3E,yDAAyD;QACzD,MAAM;QACN,MAAM,EAAE,oBAAoB,IAAI,EAAE;KACnC,CAAC;AACJ,CAAC;AAcD,MAAM,UAAU,oBAAoB,CAClC,WAA2B,EAC3B,WAAoB,KAAK,EACzB,UAAmB,KAAK;IAExB,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,gBAAgB,CAAC,WAAW,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;QAC7D,OAAO,OAAO,CAAC,OAAO,CAAC,kBAAkB,EAAE,cAAc,CAAC,CAAC;IAC7D,CAAC;IAED,MAAM,OAAO,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAC;IAC9C,OAAO;QACL,GAAG,OAAO;QACV,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ;KACjF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,IAAmB,EAAE,uBAAuC,EAAE,OAAiB;IAC1G,MAAM,MAAM,GAAG,GAAG,eAAe,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,EAAE,CAAC;IAEnE,mDAAmD;IACnD,IAAI,MAAM,GAAG,KAAK,CAAC;IACnB,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;IAE3D,IAAI,uBAAuB,EAAE,CAAC;QAC5B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,uBAAuB,CAAC,CAAC;YAC7C,MAAM,WAAW,GAAG,GAAG,CAAC,QAAQ,KAAK,WAAW,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,CAAC;YACjF,kEAAkE;YAClE,MAAM,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC;QACnE,CAAC;QAAC,MAAM,CAAC;YACP,wDAAwD;YACxD,MAAM,GAAG,YAAY,CAAC;YACtB,4DAA4D;YAC5D,MAAM,WAAW,GAAG,mBAAmB,CAAC;YACxC,IAAI,WAAW,EAAE,CAAC;gBAChB,IAAI,CAAC;oBACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;oBACjC,MAAM,GAAG,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC;gBACrC,CAAC;gBAAC,MAAM,CAAC;oBACP,MAAM,GAAG,KAAK,CAAC;gBACjB,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;SAAM,IAAI,mBAAmB,EAAE,CAAC;QAC/B,6CAA6C;QAC7C,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,mBAAmB,CAAC,CAAC;YACzC,MAAM,GAAG,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC;QACrC,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,GAAG,KAAK,CAAC;QACjB,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,kBAAkB,CAAC;IAEhD,MAAM,KAAK,GAAG,CAAC,MAAM,EAAE,cAAc,EAAE,WAAW,MAAM,EAAE,CAAC,CAAC;IAE5D,mCAAmC;IACnC,IAAI,MAAM,EAAE,CAAC;QACX,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACvB,CAAC;IAED,IAAI,OAAO,EAAE,CAAC;QACZ,KAAK,CAAC,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;IACrD,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
/* istanbul ignore file */
|
|
2
|
-
var _a, _b, _c, _d;
|
|
3
2
|
function getEnvVariable(name) {
|
|
4
3
|
return process.env[name];
|
|
5
4
|
}
|
|
@@ -11,10 +10,11 @@ const WORKOS_COOKIE_DOMAIN = getEnvVariable('WORKOS_COOKIE_DOMAIN');
|
|
|
11
10
|
const WORKOS_COOKIE_MAX_AGE = getEnvVariable('WORKOS_COOKIE_MAX_AGE');
|
|
12
11
|
const WORKOS_COOKIE_NAME = getEnvVariable('WORKOS_COOKIE_NAME');
|
|
13
12
|
const WORKOS_COOKIE_SAMESITE = getEnvVariable('WORKOS_COOKIE_SAMESITE');
|
|
13
|
+
const WORKOS_CLAIM_TOKEN = getEnvVariable('WORKOS_CLAIM_TOKEN');
|
|
14
14
|
// Required env variables
|
|
15
|
-
const WORKOS_API_KEY =
|
|
16
|
-
const WORKOS_CLIENT_ID =
|
|
17
|
-
const WORKOS_COOKIE_PASSWORD =
|
|
18
|
-
const WORKOS_REDIRECT_URI =
|
|
19
|
-
export { WORKOS_API_HOSTNAME, WORKOS_API_HTTPS, WORKOS_API_KEY, WORKOS_API_PORT, WORKOS_CLIENT_ID, WORKOS_COOKIE_DOMAIN, WORKOS_COOKIE_MAX_AGE, WORKOS_COOKIE_NAME, WORKOS_COOKIE_PASSWORD, WORKOS_REDIRECT_URI, WORKOS_COOKIE_SAMESITE, };
|
|
15
|
+
const WORKOS_API_KEY = getEnvVariable('WORKOS_API_KEY') ?? '';
|
|
16
|
+
const WORKOS_CLIENT_ID = getEnvVariable('WORKOS_CLIENT_ID') ?? '';
|
|
17
|
+
const WORKOS_COOKIE_PASSWORD = getEnvVariable('WORKOS_COOKIE_PASSWORD') ?? '';
|
|
18
|
+
const WORKOS_REDIRECT_URI = process.env.NEXT_PUBLIC_WORKOS_REDIRECT_URI ?? '';
|
|
19
|
+
export { WORKOS_API_HOSTNAME, WORKOS_API_HTTPS, WORKOS_API_KEY, WORKOS_API_PORT, WORKOS_CLAIM_TOKEN, WORKOS_CLIENT_ID, WORKOS_COOKIE_DOMAIN, WORKOS_COOKIE_MAX_AGE, WORKOS_COOKIE_NAME, WORKOS_COOKIE_PASSWORD, WORKOS_REDIRECT_URI, WORKOS_COOKIE_SAMESITE, };
|
|
20
20
|
//# sourceMappingURL=env-variables.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"env-variables.js","sourceRoot":"","sources":["../../src/env-variables.ts"],"names":[],"mappings":"AAAA,0BAA0B
|
|
1
|
+
{"version":3,"file":"env-variables.js","sourceRoot":"","sources":["../../src/env-variables.ts"],"names":[],"mappings":"AAAA,0BAA0B;AAE1B,SAAS,cAAc,CAAC,IAAY;IAClC,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAC3B,CAAC;AAED,yBAAyB;AACzB,MAAM,mBAAmB,GAAG,cAAc,CAAC,qBAAqB,CAAC,CAAC;AAClE,MAAM,gBAAgB,GAAG,cAAc,CAAC,kBAAkB,CAAC,CAAC;AAC5D,MAAM,eAAe,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAC;AAC1D,MAAM,oBAAoB,GAAG,cAAc,CAAC,sBAAsB,CAAC,CAAC;AACpE,MAAM,qBAAqB,GAAG,cAAc,CAAC,uBAAuB,CAAC,CAAC;AACtE,MAAM,kBAAkB,GAAG,cAAc,CAAC,oBAAoB,CAAC,CAAC;AAChE,MAAM,sBAAsB,GAAG,cAAc,CAAC,wBAAwB,CAA0C,CAAC;AACjH,MAAM,kBAAkB,GAAG,cAAc,CAAC,oBAAoB,CAAC,CAAC;AAEhE,yBAAyB;AACzB,MAAM,cAAc,GAAG,cAAc,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC;AAC9D,MAAM,gBAAgB,GAAG,cAAc,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAC;AAClE,MAAM,sBAAsB,GAAG,cAAc,CAAC,wBAAwB,CAAC,IAAI,EAAE,CAAC;AAC9E,MAAM,mBAAmB,GAAG,OAAO,CAAC,GAAG,CAAC,+BAA+B,IAAI,EAAE,CAAC;AAE9E,OAAO,EACL,mBAAmB,EACnB,gBAAgB,EAChB,cAAc,EACd,eAAe,EACf,kBAAkB,EAClB,gBAAgB,EAChB,oBAAoB,EACpB,qBAAqB,EACrB,kBAAkB,EAClB,sBAAsB,EACtB,mBAAmB,EACnB,sBAAsB,GACvB,CAAC"}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
import { decodeJwt } from './jwt.js';
|
|
2
|
+
export class AuthKitError extends Error {
|
|
3
|
+
data;
|
|
4
|
+
constructor(message, cause, data) {
|
|
5
|
+
super(message);
|
|
6
|
+
this.name = 'AuthKitError';
|
|
7
|
+
this.cause = cause;
|
|
8
|
+
this.data = data;
|
|
9
|
+
}
|
|
10
|
+
}
|
|
11
|
+
export class TokenRefreshError extends AuthKitError {
|
|
12
|
+
userId;
|
|
13
|
+
sessionId;
|
|
14
|
+
constructor(message, cause, context) {
|
|
15
|
+
super(message, cause);
|
|
16
|
+
this.name = 'TokenRefreshError';
|
|
17
|
+
this.userId = context?.userId;
|
|
18
|
+
this.sessionId = context?.sessionId;
|
|
19
|
+
}
|
|
20
|
+
}
|
|
21
|
+
export function getSessionErrorContext(session) {
|
|
22
|
+
if (!session?.accessToken) {
|
|
23
|
+
return {};
|
|
24
|
+
}
|
|
25
|
+
try {
|
|
26
|
+
const { payload } = decodeJwt(session.accessToken);
|
|
27
|
+
return {
|
|
28
|
+
userId: payload.sub,
|
|
29
|
+
sessionId: payload.sid,
|
|
30
|
+
};
|
|
31
|
+
}
|
|
32
|
+
catch {
|
|
33
|
+
return {};
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
//# sourceMappingURL=errors.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/errors.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAErC,MAAM,OAAO,YAAa,SAAQ,KAAK;IACrC,IAAI,CAA2B;IAE/B,YAAY,OAAe,EAAE,KAAe,EAAE,IAA8B;QAC1E,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,cAAc,CAAC;QAC3B,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;CACF;AAOD,MAAM,OAAO,iBAAkB,SAAQ,YAAY;IACxC,MAAM,CAAU;IAChB,SAAS,CAAU;IAE5B,YAAY,OAAe,EAAE,KAAe,EAAE,OAAkC;QAC9E,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACtB,IAAI,CAAC,IAAI,GAAG,mBAAmB,CAAC;QAChC,IAAI,CAAC,MAAM,GAAG,OAAO,EAAE,MAAM,CAAC;QAC9B,IAAI,CAAC,SAAS,GAAG,OAAO,EAAE,SAAS,CAAC;IACtC,CAAC;CACF;AAED,MAAM,UAAU,sBAAsB,CAAC,OAAwB;IAC7D,IAAI,CAAC,OAAO,EAAE,WAAW,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,EAAE,OAAO,EAAE,GAAG,SAAS,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QACnD,OAAO;YACL,MAAM,EAAE,OAAO,CAAC,GAAG;YACnB,SAAS,EAAE,OAAO,CAAC,GAAG;SACvB,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC"}
|
|
@@ -1,23 +1,62 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { WORKOS_CLIENT_ID, WORKOS_REDIRECT_URI } from './env-variables.js';
|
|
1
|
+
import { sealData } from 'iron-session';
|
|
3
2
|
import { headers } from 'next/headers';
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
3
|
+
import { WORKOS_CLAIM_TOKEN, WORKOS_CLIENT_ID, WORKOS_COOKIE_PASSWORD, WORKOS_REDIRECT_URI } from './env-variables.js';
|
|
4
|
+
import { getWorkOS } from './workos.js';
|
|
5
|
+
async function fetchClaimNonce(baseURL) {
|
|
6
|
+
try {
|
|
7
|
+
const response = await fetch(`${baseURL}/x/one-shot-environments/claim-nonces`, {
|
|
8
|
+
method: 'POST',
|
|
9
|
+
headers: { 'Content-Type': 'application/json' },
|
|
10
|
+
body: JSON.stringify({
|
|
11
|
+
client_id: WORKOS_CLIENT_ID,
|
|
12
|
+
claim_token: WORKOS_CLAIM_TOKEN,
|
|
13
|
+
}),
|
|
14
|
+
});
|
|
15
|
+
if (!response.ok) {
|
|
16
|
+
if (response.status !== 409) {
|
|
17
|
+
console.warn(`[authkit-nextjs]: Failed to exchange WORKOS_CLAIM_TOKEN (${response.status}). Try removing WORKOS_CLAIM_TOKEN from your environment variables.`);
|
|
18
|
+
}
|
|
19
|
+
return null;
|
|
20
|
+
}
|
|
21
|
+
const data = await response.json();
|
|
22
|
+
return data.nonce;
|
|
23
|
+
}
|
|
24
|
+
catch (error) {
|
|
25
|
+
console.warn('[authkit-nextjs]: Failed to exchange WORKOS_CLAIM_TOKEN. Try removing WORKOS_CLAIM_TOKEN from your environment variables.', error);
|
|
26
|
+
return null;
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
async function getAuthorizationUrl({ returnPathname, screenHint, organizationId, loginHint, prompt, state: customState, redirectUri, } = {}) {
|
|
30
|
+
const redirectUriToUse = await (async () => {
|
|
31
|
+
if (redirectUri) {
|
|
32
|
+
return redirectUri;
|
|
33
|
+
}
|
|
34
|
+
const headersList = await headers();
|
|
35
|
+
return headersList.get('x-redirect-uri') ?? undefined;
|
|
36
|
+
})();
|
|
37
|
+
const pkce = await getWorkOS().pkce.generate();
|
|
38
|
+
const claimNonce = WORKOS_CLAIM_TOKEN ? await fetchClaimNonce(getWorkOS().baseURL) : null;
|
|
39
|
+
const state = {
|
|
40
|
+
nonce: crypto.randomUUID(),
|
|
41
|
+
codeVerifier: pkce.codeVerifier,
|
|
42
|
+
customState,
|
|
43
|
+
returnPathname,
|
|
44
|
+
};
|
|
45
|
+
const sealedState = await sealData(state, { password: WORKOS_COOKIE_PASSWORD, ttl: 600 });
|
|
46
|
+
const url = getWorkOS().userManagement.getAuthorizationUrl({
|
|
12
47
|
provider: 'authkit',
|
|
13
48
|
clientId: WORKOS_CLIENT_ID,
|
|
14
|
-
redirectUri:
|
|
15
|
-
state: finalState,
|
|
49
|
+
redirectUri: redirectUriToUse ?? WORKOS_REDIRECT_URI,
|
|
16
50
|
screenHint,
|
|
17
51
|
organizationId,
|
|
18
52
|
loginHint,
|
|
19
53
|
prompt,
|
|
54
|
+
state: sealedState,
|
|
55
|
+
codeChallenge: pkce.codeChallenge,
|
|
56
|
+
codeChallengeMethod: pkce.codeChallengeMethod,
|
|
57
|
+
...(claimNonce && { claimNonce }),
|
|
20
58
|
});
|
|
59
|
+
return { url, sealedState };
|
|
21
60
|
}
|
|
22
61
|
export { getAuthorizationUrl };
|
|
23
62
|
//# sourceMappingURL=get-authorization-url.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get-authorization-url.js","sourceRoot":"","sources":["../../src/get-authorization-url.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"get-authorization-url.js","sourceRoot":"","sources":["../../src/get-authorization-url.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AACxC,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAEvH,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAExC,KAAK,UAAU,eAAe,CAAC,OAAe;IAC5C,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,uCAAuC,EAAE;YAC9E,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,SAAS,EAAE,gBAAgB;gBAC3B,WAAW,EAAE,kBAAkB;aAChC,CAAC;SACH,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,OAAO,CAAC,IAAI,CACV,4DAA4D,QAAQ,CAAC,MAAM,qEAAqE,CACjJ,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QACnC,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,IAAI,CACV,2HAA2H,EAC3H,KAAK,CACN,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,mBAAmB,CAAC,EACjC,cAAc,EACd,UAAU,EACV,cAAc,EACd,SAAS,EACT,MAAM,EACN,KAAK,EAAE,WAAW,EAClB,WAAW,MACU,EAAE;IACvB,MAAM,gBAAgB,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE;QACzC,IAAI,WAAW,EAAE,CAAC;YAChB,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;QACpC,OAAO,WAAW,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,SAAS,CAAC;IACxD,CAAC,CAAC,EAAE,CAAC;IAEL,MAAM,IAAI,GAAG,MAAM,SAAS,EAAE,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;IAC/C,MAAM,UAAU,GAAG,kBAAkB,CAAC,CAAC,CAAC,MAAM,eAAe,CAAC,SAAS,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAE1F,MAAM,KAAK,GAAG;QACZ,KAAK,EAAE,MAAM,CAAC,UAAU,EAAE;QAC1B,YAAY,EAAE,IAAI,CAAC,YAAY;QAC/B,WAAW;QACX,cAAc;KACC,CAAC;IAElB,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,sBAAsB,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;IAE1F,MAAM,GAAG,GAAG,SAAS,EAAE,CAAC,cAAc,CAAC,mBAAmB,CAAC;QACzD,QAAQ,EAAE,SAAkB;QAC5B,QAAQ,EAAE,gBAAgB;QAC1B,WAAW,EAAE,gBAAgB,IAAI,mBAAmB;QACpD,UAAU;QACV,cAAc;QACd,SAAS;QACT,MAAM;QACN,KAAK,EAAE,WAAW;QAClB,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;QAC7C,GAAG,CAAC,UAAU,IAAI,EAAE,UAAU,EAAE,CAAC;KAClC,CAAC,CAAC;IAEH,OAAO,EAAE,GAAG,EAAE,WAAW,EAAE,CAAC;AAC9B,CAAC;AAED,OAAO,EAAE,mBAAmB,EAAE,CAAC"}
|
package/dist/esm/index.js
CHANGED
|
@@ -1,8 +1,11 @@
|
|
|
1
1
|
import { getSignInUrl, getSignUpUrl, signOut, switchToOrganization } from './auth.js';
|
|
2
2
|
import { handleAuth } from './authkit-callback-route.js';
|
|
3
|
-
import {
|
|
3
|
+
import { AuthKitError, TokenRefreshError } from './errors.js';
|
|
4
|
+
import { authkit, authkitMiddleware, authkitProxy } from './middleware.js';
|
|
5
|
+
export { applyResponseHeaders, handleAuthkitHeaders, handleAuthkitProxy, partitionAuthkitHeaders, isAuthkitRequestHeader, AUTHKIT_REQUEST_HEADERS, } from './middleware-helpers.js';
|
|
4
6
|
import { getTokenClaims, refreshSession, saveSession, withAuth } from './session.js';
|
|
7
|
+
import { validateApiKey } from './validate-api-key.js';
|
|
5
8
|
import { getWorkOS } from './workos.js';
|
|
6
9
|
export * from './interfaces.js';
|
|
7
|
-
export { authkit, authkitMiddleware, getSignInUrl, getSignUpUrl, getWorkOS, handleAuth, refreshSession, saveSession, signOut, switchToOrganization,
|
|
10
|
+
export { AuthKitError, TokenRefreshError, authkit, authkitMiddleware, authkitProxy, getSignInUrl, getSignUpUrl, getTokenClaims, getWorkOS, handleAuth, refreshSession, saveSession, signOut, switchToOrganization, validateApiKey, withAuth, };
|
|
8
11
|
//# sourceMappingURL=index.js.map
|
package/dist/esm/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,OAAO,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAC;AACtF,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,OAAO,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAC;AACtF,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAC9D,OAAO,EAAE,OAAO,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC3E,OAAO,EACL,oBAAoB,EACpB,oBAAoB,EACpB,kBAAkB,EAClB,uBAAuB,EACvB,sBAAsB,EACtB,uBAAuB,GAKxB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AACrF,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAExC,cAAc,iBAAiB,CAAC;AAEhC,OAAO,EACL,YAAY,EACZ,iBAAiB,EACjB,OAAO,EACP,iBAAiB,EACjB,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,SAAS,EACT,UAAU,EACV,cAAc,EACd,WAAW,EACX,OAAO,EACP,oBAAoB,EACpB,cAAc,EACd,QAAQ,GACT,CAAC"}
|
package/dist/esm/interfaces.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":""}
|
|
1
|
+
{"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../src/interfaces.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AA8D7B,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,CAAC,MAAM,CAAC;IAClC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;IACjB,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACnC,cAAc,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACtC,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;CACzB,CAAC,CAAC"}
|
|
@@ -0,0 +1,102 @@
|
|
|
1
|
+
import { NextResponse } from 'next/server';
|
|
2
|
+
/** Internal AuthKit headers - forwarded to downstream requests but never sent to browser. */
|
|
3
|
+
export const AUTHKIT_REQUEST_HEADERS = [
|
|
4
|
+
'x-workos-middleware',
|
|
5
|
+
'x-url',
|
|
6
|
+
'x-redirect-uri',
|
|
7
|
+
'x-sign-up-paths',
|
|
8
|
+
'x-workos-session',
|
|
9
|
+
];
|
|
10
|
+
const ALLOWED_RESPONSE_HEADERS = [
|
|
11
|
+
'set-cookie',
|
|
12
|
+
'cache-control',
|
|
13
|
+
'vary',
|
|
14
|
+
'www-authenticate',
|
|
15
|
+
'proxy-authenticate',
|
|
16
|
+
'link',
|
|
17
|
+
'x-middleware-cache',
|
|
18
|
+
];
|
|
19
|
+
const MULTI_VALUE_HEADERS = ['set-cookie', 'www-authenticate', 'proxy-authenticate', 'link'];
|
|
20
|
+
export function isAuthkitRequestHeader(name) {
|
|
21
|
+
const lower = name.toLowerCase();
|
|
22
|
+
return AUTHKIT_REQUEST_HEADERS.includes(lower) || lower.startsWith('x-workos-');
|
|
23
|
+
}
|
|
24
|
+
function setHeader(headers, name, value) {
|
|
25
|
+
const lower = name.toLowerCase();
|
|
26
|
+
if (MULTI_VALUE_HEADERS.includes(lower)) {
|
|
27
|
+
headers.append(name, value);
|
|
28
|
+
}
|
|
29
|
+
else if (lower === 'vary') {
|
|
30
|
+
const existing = headers.get(name);
|
|
31
|
+
const merged = new Set([
|
|
32
|
+
...(existing ? existing.split(',').map((v) => v.trim()) : []),
|
|
33
|
+
...value.split(',').map((v) => v.trim()),
|
|
34
|
+
]);
|
|
35
|
+
headers.set(name, [...merged].join(', '));
|
|
36
|
+
}
|
|
37
|
+
else {
|
|
38
|
+
headers.set(name, value);
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
/**
|
|
42
|
+
* Partitions AuthKit headers into request headers (for withAuth) and response headers (for browser).
|
|
43
|
+
*/
|
|
44
|
+
export function partitionAuthkitHeaders(request, authkitHeaders) {
|
|
45
|
+
const headers = new Headers(authkitHeaders);
|
|
46
|
+
const requestHeaders = new Headers(request.headers);
|
|
47
|
+
// Snapshot keys before iterating, since we delete headers during the loop
|
|
48
|
+
const requestHeaderKeys = Array.from(requestHeaders.keys());
|
|
49
|
+
for (const name of requestHeaderKeys) {
|
|
50
|
+
if (isAuthkitRequestHeader(name)) {
|
|
51
|
+
requestHeaders.delete(name);
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
for (const headerName of AUTHKIT_REQUEST_HEADERS) {
|
|
55
|
+
const value = headers.get(headerName);
|
|
56
|
+
if (value != null) {
|
|
57
|
+
requestHeaders.set(headerName, value);
|
|
58
|
+
}
|
|
59
|
+
}
|
|
60
|
+
// Build response headers from allowlist only
|
|
61
|
+
const responseHeaders = new Headers();
|
|
62
|
+
for (const [name, value] of headers) {
|
|
63
|
+
const lower = name.toLowerCase();
|
|
64
|
+
if (!isAuthkitRequestHeader(lower) && ALLOWED_RESPONSE_HEADERS.includes(lower)) {
|
|
65
|
+
setHeader(responseHeaders, name, value);
|
|
66
|
+
}
|
|
67
|
+
}
|
|
68
|
+
// Auto-add cache-control when setting cookies
|
|
69
|
+
if (responseHeaders.has('set-cookie') && !responseHeaders.has('cache-control')) {
|
|
70
|
+
responseHeaders.set('cache-control', 'no-store');
|
|
71
|
+
}
|
|
72
|
+
return { requestHeaders, responseHeaders };
|
|
73
|
+
}
|
|
74
|
+
export function applyResponseHeaders(response, responseHeaders) {
|
|
75
|
+
for (const [name, value] of responseHeaders) {
|
|
76
|
+
setHeader(response.headers, name, value);
|
|
77
|
+
}
|
|
78
|
+
return response;
|
|
79
|
+
}
|
|
80
|
+
/**
|
|
81
|
+
* Creates a NextResponse with properly merged AuthKit headers.
|
|
82
|
+
*/
|
|
83
|
+
export function handleAuthkitProxy(request, authkitHeaders, options = {}) {
|
|
84
|
+
const { requestHeaders, responseHeaders } = partitionAuthkitHeaders(request, authkitHeaders);
|
|
85
|
+
const { redirect, redirectStatus } = options;
|
|
86
|
+
if (redirect != null && redirect !== '') {
|
|
87
|
+
let redirectUrl;
|
|
88
|
+
try {
|
|
89
|
+
redirectUrl = redirect instanceof URL ? redirect : new URL(redirect, request.url);
|
|
90
|
+
}
|
|
91
|
+
catch {
|
|
92
|
+
throw new Error(`Invalid redirect URL: "${redirect}". Must be a valid absolute or relative URL.`);
|
|
93
|
+
}
|
|
94
|
+
const method = request.method.toUpperCase();
|
|
95
|
+
const status = redirectStatus ?? (method === 'GET' || method === 'HEAD' ? 307 : 303);
|
|
96
|
+
return applyResponseHeaders(NextResponse.redirect(redirectUrl, status), responseHeaders);
|
|
97
|
+
}
|
|
98
|
+
return applyResponseHeaders(NextResponse.next({ request: { headers: requestHeaders } }), responseHeaders);
|
|
99
|
+
}
|
|
100
|
+
/** @deprecated Use `handleAuthkitProxy` instead. */
|
|
101
|
+
export const handleAuthkitHeaders = handleAuthkitProxy;
|
|
102
|
+
//# sourceMappingURL=middleware-helpers.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"middleware-helpers.js","sourceRoot":"","sources":["../../src/middleware-helpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAe,YAAY,EAAE,MAAM,aAAa,CAAC;AAExD,6FAA6F;AAC7F,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,qBAAqB;IACrB,OAAO;IACP,gBAAgB;IAChB,iBAAiB;IACjB,kBAAkB;CACV,CAAC;AAIX,MAAM,wBAAwB,GAAsB;IAClD,YAAY;IACZ,eAAe;IACf,MAAM;IACN,kBAAkB;IAClB,oBAAoB;IACpB,MAAM;IACN,oBAAoB;CACrB,CAAC;AAEF,MAAM,mBAAmB,GAAsB,CAAC,YAAY,EAAE,kBAAkB,EAAE,oBAAoB,EAAE,MAAM,CAAC,CAAC;AAEhH,MAAM,UAAU,sBAAsB,CAAC,IAAY;IACjD,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IACjC,OAAQ,uBAA6C,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;AACzG,CAAC;AAED,SAAS,SAAS,CAAC,OAAgB,EAAE,IAAY,EAAE,KAAa;IAC9D,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IACjC,IAAI,mBAAmB,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACxC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC9B,CAAC;SAAM,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACnC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC;YACrB,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7D,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACzC,CAAC,CAAC;QACH,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAC5C,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC3B,CAAC;AACH,CAAC;AAOD;;GAEG;AACH,MAAM,UAAU,uBAAuB,CAAC,OAAoB,EAAE,cAAuB;IACnF,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,cAAc,CAAC,CAAC;IAC5C,MAAM,cAAc,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAEpD,0EAA0E;IAC1E,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,CAAC;IAC5D,KAAK,MAAM,IAAI,IAAI,iBAAiB,EAAE,CAAC;QACrC,IAAI,sBAAsB,CAAC,IAAI,CAAC,EAAE,CAAC;YACjC,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC;IACD,KAAK,MAAM,UAAU,IAAI,uBAAuB,EAAE,CAAC;QACjD,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACtC,IAAI,KAAK,IAAI,IAAI,EAAE,CAAC;YAClB,cAAc,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED,6CAA6C;IAC7C,MAAM,eAAe,GAAG,IAAI,OAAO,EAAE,CAAC;IACtC,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,OAAO,EAAE,CAAC;QACpC,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACjC,IAAI,CAAC,sBAAsB,CAAC,KAAK,CAAC,IAAI,wBAAwB,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/E,SAAS,CAAC,eAAe,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC;IAED,8CAA8C;IAC9C,IAAI,eAAe,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC;QAC/E,eAAe,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;IACnD,CAAC;IAED,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,CAAC;AAC7C,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,QAAsB,EAAE,eAAwB;IACnF,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,eAAe,EAAE,CAAC;QAC5C,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;IAC3C,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAYD;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAChC,OAAoB,EACpB,cAAuB,EACvB,UAAuC,EAAE;IAEzC,MAAM,EAAE,cAAc,EAAE,eAAe,EAAE,GAAG,uBAAuB,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;IAC7F,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,GAAG,OAAO,CAAC;IAE7C,IAAI,QAAQ,IAAI,IAAI,IAAI,QAAQ,KAAK,EAAE,EAAE,CAAC;QACxC,IAAI,WAAgB,CAAC;QACrB,IAAI,CAAC;YACH,WAAW,GAAG,QAAQ,YAAY,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;QACpF,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CAAC,0BAA0B,QAAQ,8CAA8C,CAAC,CAAC;QACpG,CAAC;QACD,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;QAC5C,MAAM,MAAM,GAAG,cAAc,IAAI,CAAC,MAAM,KAAK,KAAK,IAAI,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrF,OAAO,oBAAoB,CAAC,YAAY,CAAC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC,EAAE,eAAe,CAAC,CAAC;IAC3F,CAAC;IAED,OAAO,oBAAoB,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE,EAAE,CAAC,EAAE,eAAe,CAAC,CAAC;AAC5G,CAAC;AAED,oDAAoD;AACpD,MAAM,CAAC,MAAM,oBAAoB,GAA8B,kBAAkB,CAAC"}
|
package/dist/esm/middleware.js
CHANGED
|
@@ -1,10 +1,12 @@
|
|
|
1
1
|
import { updateSessionMiddleware, updateSession } from './session.js';
|
|
2
2
|
import { WORKOS_REDIRECT_URI } from './env-variables.js';
|
|
3
|
-
export function
|
|
3
|
+
export function authkitProxy({ debug = false, middlewareAuth = { enabled: false, unauthenticatedPaths: [] }, redirectUri = WORKOS_REDIRECT_URI, signUpPaths = [], eagerAuth = false, } = {}) {
|
|
4
4
|
return function (request) {
|
|
5
5
|
return updateSessionMiddleware(request, debug, middlewareAuth, redirectUri, signUpPaths, eagerAuth);
|
|
6
6
|
};
|
|
7
7
|
}
|
|
8
|
+
/** @deprecated Use `authkitProxy` instead. */
|
|
9
|
+
export const authkitMiddleware = authkitProxy;
|
|
8
10
|
export async function authkit(request, options = {}) {
|
|
9
11
|
return await updateSession(request, options);
|
|
10
12
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,uBAAuB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAEtE,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAEzD,MAAM,UAAU,
|
|
1
|
+
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,uBAAuB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAEtE,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAEzD,MAAM,UAAU,YAAY,CAAC,EAC3B,KAAK,GAAG,KAAK,EACb,cAAc,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,EAAE,EAC7D,WAAW,GAAG,mBAAmB,EACjC,WAAW,GAAG,EAAE,EAChB,SAAS,GAAG,KAAK,MACW,EAAE;IAC9B,OAAO,UAAU,OAAO;QACtB,OAAO,uBAAuB,CAAC,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC;IACtG,CAAC,CAAC;AACJ,CAAC;AAED,8CAA8C;AAC9C,MAAM,CAAC,MAAM,iBAAiB,GAAwB,YAAY,CAAC;AAEnE,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,OAAoB,EAAE,UAA0B,EAAE;IAC9E,OAAO,MAAM,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;AAC/C,CAAC"}
|