authhero 0.152.0 → 0.153.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/authhero.cjs +3 -3
- package/dist/authhero.d.ts +12 -0
- package/dist/authhero.mjs +15 -2
- package/package.json +2 -2
package/dist/authhero.d.ts
CHANGED
|
@@ -8595,6 +8595,8 @@ export declare const codeInsertSchema: z.ZodObject<{
|
|
|
8595
8595
|
"S256"
|
|
8596
8596
|
]>>;
|
|
8597
8597
|
redirect_uri: z.ZodOptional<z.ZodString>;
|
|
8598
|
+
nonce: z.ZodOptional<z.ZodString>;
|
|
8599
|
+
state: z.ZodOptional<z.ZodString>;
|
|
8598
8600
|
expires_at: z.ZodString;
|
|
8599
8601
|
used_at: z.ZodOptional<z.ZodString>;
|
|
8600
8602
|
user_id: z.ZodOptional<z.ZodString>;
|
|
@@ -8605,6 +8607,8 @@ export declare const codeInsertSchema: z.ZodObject<{
|
|
|
8605
8607
|
expires_at: string;
|
|
8606
8608
|
user_id?: string | undefined;
|
|
8607
8609
|
redirect_uri?: string | undefined;
|
|
8610
|
+
state?: string | undefined;
|
|
8611
|
+
nonce?: string | undefined;
|
|
8608
8612
|
code_challenge_method?: "S256" | "plain" | undefined;
|
|
8609
8613
|
code_challenge?: string | undefined;
|
|
8610
8614
|
connection_id?: string | undefined;
|
|
@@ -8617,6 +8621,8 @@ export declare const codeInsertSchema: z.ZodObject<{
|
|
|
8617
8621
|
expires_at: string;
|
|
8618
8622
|
user_id?: string | undefined;
|
|
8619
8623
|
redirect_uri?: string | undefined;
|
|
8624
|
+
state?: string | undefined;
|
|
8625
|
+
nonce?: string | undefined;
|
|
8620
8626
|
code_challenge_method?: "S256" | "plain" | undefined;
|
|
8621
8627
|
code_challenge?: string | undefined;
|
|
8622
8628
|
connection_id?: string | undefined;
|
|
@@ -8644,6 +8650,8 @@ export declare const codeSchema: z.ZodObject<{
|
|
|
8644
8650
|
"S256"
|
|
8645
8651
|
]>>;
|
|
8646
8652
|
redirect_uri: z.ZodOptional<z.ZodString>;
|
|
8653
|
+
nonce: z.ZodOptional<z.ZodString>;
|
|
8654
|
+
state: z.ZodOptional<z.ZodString>;
|
|
8647
8655
|
expires_at: z.ZodString;
|
|
8648
8656
|
used_at: z.ZodOptional<z.ZodString>;
|
|
8649
8657
|
user_id: z.ZodOptional<z.ZodString>;
|
|
@@ -8655,6 +8663,8 @@ export declare const codeSchema: z.ZodObject<{
|
|
|
8655
8663
|
expires_at: string;
|
|
8656
8664
|
user_id?: string | undefined;
|
|
8657
8665
|
redirect_uri?: string | undefined;
|
|
8666
|
+
state?: string | undefined;
|
|
8667
|
+
nonce?: string | undefined;
|
|
8658
8668
|
code_challenge_method?: "S256" | "plain" | undefined;
|
|
8659
8669
|
code_challenge?: string | undefined;
|
|
8660
8670
|
connection_id?: string | undefined;
|
|
@@ -8668,6 +8678,8 @@ export declare const codeSchema: z.ZodObject<{
|
|
|
8668
8678
|
expires_at: string;
|
|
8669
8679
|
user_id?: string | undefined;
|
|
8670
8680
|
redirect_uri?: string | undefined;
|
|
8681
|
+
state?: string | undefined;
|
|
8682
|
+
nonce?: string | undefined;
|
|
8671
8683
|
code_challenge_method?: "S256" | "plain" | undefined;
|
|
8672
8684
|
code_challenge?: string | undefined;
|
|
8673
8685
|
connection_id?: string | undefined;
|
package/dist/authhero.mjs
CHANGED
|
@@ -1855,6 +1855,12 @@ const k1 = o.enum([
|
|
|
1855
1855
|
redirect_uri: o.string().optional().openapi({
|
|
1856
1856
|
description: "The redirect URI associated with the code"
|
|
1857
1857
|
}),
|
|
1858
|
+
nonce: o.string().optional().openapi({
|
|
1859
|
+
description: "The nonce value used for security in OIDC flows"
|
|
1860
|
+
}),
|
|
1861
|
+
state: o.string().optional().openapi({
|
|
1862
|
+
description: "The state parameter used for CSRF protection in OAuth flows"
|
|
1863
|
+
}),
|
|
1858
1864
|
expires_at: o.string(),
|
|
1859
1865
|
used_at: o.string().optional(),
|
|
1860
1866
|
user_id: o.string().optional()
|
|
@@ -5983,7 +5989,9 @@ async function Fh(t, e) {
|
|
|
5983
5989
|
).toISOString(),
|
|
5984
5990
|
code_challenge: e.authParams.code_challenge,
|
|
5985
5991
|
code_challenge_method: e.authParams.code_challenge_method,
|
|
5986
|
-
redirect_uri: e.authParams.redirect_uri
|
|
5992
|
+
redirect_uri: e.authParams.redirect_uri,
|
|
5993
|
+
state: e.authParams.state,
|
|
5994
|
+
nonce: e.authParams.nonce
|
|
5987
5995
|
})).code_id,
|
|
5988
5996
|
state: e.authParams.state
|
|
5989
5997
|
};
|
|
@@ -6073,7 +6081,9 @@ async function Zt(t, e) {
|
|
|
6073
6081
|
login_id: e.loginSession.id,
|
|
6074
6082
|
expires_at: new Date(Date.now() + m_).toISOString(),
|
|
6075
6083
|
code_verifier: [b, v].join("|"),
|
|
6076
|
-
redirect_uri: n.redirect_uri
|
|
6084
|
+
redirect_uri: n.redirect_uri,
|
|
6085
|
+
state: n.state,
|
|
6086
|
+
nonce: n.nonce
|
|
6077
6087
|
});
|
|
6078
6088
|
return t.json({
|
|
6079
6089
|
login_ticket: E.code_id,
|
|
@@ -19845,6 +19855,9 @@ async function pb(t, e) {
|
|
|
19845
19855
|
loginSession: i,
|
|
19846
19856
|
authParams: {
|
|
19847
19857
|
...i.authParams,
|
|
19858
|
+
// Use the state and nonce from the code as it might differ if it's a silent auth login
|
|
19859
|
+
state: r.state,
|
|
19860
|
+
nonce: r.nonce,
|
|
19848
19861
|
// Ensure WEB_MESSAGE is explicitly passed, as createAuthResponse relies on it
|
|
19849
19862
|
response_mode: an.WEB_MESSAGE,
|
|
19850
19863
|
// Pass through other relevant authParams from the loginSession or original request if necessary
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "authhero",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.153.0",
|
|
4
4
|
"files": [
|
|
5
5
|
"dist"
|
|
6
6
|
],
|
|
@@ -49,7 +49,7 @@
|
|
|
49
49
|
"libphonenumber-js": "^1.12.8",
|
|
50
50
|
"nanoid": "^5.0.8",
|
|
51
51
|
"oslo": "^1.2.1",
|
|
52
|
-
"@authhero/adapter-interfaces": "^0.
|
|
52
|
+
"@authhero/adapter-interfaces": "^0.70.0"
|
|
53
53
|
},
|
|
54
54
|
"peerDependencies": {
|
|
55
55
|
"@hono/zod-openapi": "^0.19.2",
|