authhero 0.229.0 → 0.230.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/authhero.cjs +2 -2
- package/dist/authhero.mjs +9 -7
- package/package.json +1 -1
package/dist/authhero.mjs
CHANGED
|
@@ -22664,7 +22664,7 @@ function wf(t, e = [], n = {}) {
|
|
|
22664
22664
|
return a5(
|
|
22665
22665
|
r,
|
|
22666
22666
|
new URL(i),
|
|
22667
|
-
n
|
|
22667
|
+
n
|
|
22668
22668
|
);
|
|
22669
22669
|
} catch {
|
|
22670
22670
|
return !1;
|
|
@@ -22674,16 +22674,16 @@ function wf(t, e = [], n = {}) {
|
|
|
22674
22674
|
return !1;
|
|
22675
22675
|
}
|
|
22676
22676
|
}
|
|
22677
|
-
function a5(t, e, n) {
|
|
22677
|
+
function a5(t, e, n = {}) {
|
|
22678
22678
|
if (t.protocol !== e.protocol)
|
|
22679
22679
|
return !1;
|
|
22680
|
-
if (n && e.pathname.includes("*")) {
|
|
22680
|
+
if (n.allowPathWildcards && e.pathname.includes("*")) {
|
|
22681
22681
|
const r = e.pathname.replace(/\*/g, ".*").replace(/\//g, "\\/");
|
|
22682
22682
|
if (!new RegExp(`^${r}$`).test(t.pathname))
|
|
22683
22683
|
return !1;
|
|
22684
22684
|
} else if (t.pathname !== e.pathname)
|
|
22685
22685
|
return !1;
|
|
22686
|
-
if (e.hostname.startsWith("*.") && e.hostname.split(".").length > 2 && ["http:", "https:"].includes(e.protocol)) {
|
|
22686
|
+
if (n.enableSubDomainWildcards && e.hostname.startsWith("*.") && e.hostname.split(".").length > 2 && ["http:", "https:"].includes(e.protocol)) {
|
|
22687
22687
|
const r = e.hostname.split(".").slice(1).join(".");
|
|
22688
22688
|
return t.hostname.endsWith(r);
|
|
22689
22689
|
}
|
|
@@ -22724,7 +22724,7 @@ const c5 = new be().openapi(
|
|
|
22724
22724
|
...r.allowed_logout_urls || [],
|
|
22725
22725
|
...(i == null ? void 0 : i.allowed_logout_urls) || []
|
|
22726
22726
|
],
|
|
22727
|
-
{ allowPathWildcards: !0 }
|
|
22727
|
+
{ allowPathWildcards: !0, enableSubDomainWildcards: !0 }
|
|
22728
22728
|
))
|
|
22729
22729
|
throw new E(400, {
|
|
22730
22730
|
message: "Invalid redirect uri"
|
|
@@ -26370,7 +26370,8 @@ const BE = ["email", "sms", "Username-Password-Authentication"], LE = new be().o
|
|
|
26370
26370
|
if (K.redirect_uri) {
|
|
26371
26371
|
const F = M.callbacks || [];
|
|
26372
26372
|
if (t.var.host && (F.push(`${pl(t.env)}/*`), F.push(`${ft(t.env)}/*`)), !wf(K.redirect_uri, F, {
|
|
26373
|
-
allowPathWildcards: !0
|
|
26373
|
+
allowPathWildcards: !0,
|
|
26374
|
+
enableSubDomainWildcards: !0
|
|
26374
26375
|
}))
|
|
26375
26376
|
throw new E(400, {
|
|
26376
26377
|
message: `Invalid redirect URI - ${K.redirect_uri}`
|
|
@@ -26484,7 +26485,8 @@ const BE = ["email", "sms", "Username-Password-Authentication"], LE = new be().o
|
|
|
26484
26485
|
if (l.redirect_uri) {
|
|
26485
26486
|
const A = a.callbacks || [];
|
|
26486
26487
|
if (t.var.host && (A.push(`${pl(t.env)}/*`), A.push(`${ft(t.env)}/*`)), !wf(l.redirect_uri, A, {
|
|
26487
|
-
allowPathWildcards: !0
|
|
26488
|
+
allowPathWildcards: !0,
|
|
26489
|
+
enableSubDomainWildcards: !0
|
|
26488
26490
|
}))
|
|
26489
26491
|
throw new E(400, {
|
|
26490
26492
|
message: `Invalid redirect URI - ${l.redirect_uri}`
|