npm - next-auth-heksso - Versions diffs - 1.0.7 → 1.0.9 - Mend

next-auth-heksso 1.0.7 → 1.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/api/nextAuthConfig.d.ts +1 -1
package/api/nextAuthConfig.js +50 -52
package/package.json +1 -1
package/react/KeycloakSessionContext.d.ts +1 -0
package/react/KeycloakSessionContext.js +6 -2
package/src/api/nextAuthConfig.ts +58 -49
package/src/react/KeycloakSessionContext.tsx +6 -2
package/tsconfig.json +1 -1

package/api/nextAuthConfig.d.ts CHANGED Viewed

@@ -2,4 +2,4 @@ import { NextAuthOptions } from "next-auth";
 /**
  * Provides authOptions for next-auth that configures it for use with the typical HEKsso setup
  */
-export declare const authOptions: NextAuthOptions;
+export declare function configureAuthOptions(options?: NextAuthOptions): NextAuthOptions;

package/api/nextAuthConfig.js CHANGED Viewed

@@ -12,61 +12,59 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.authOptions = void 0;
+exports.configureAuthOptions = void 0;
 const keycloak_1 = __importDefault(require("next-auth/providers/keycloak"));
 const refreshAccessToken_1 = require("./refreshAccessToken");
 /**
  * Provides authOptions for next-auth that configures it for use with the typical HEKsso setup
  */
-exports.authOptions = {
-    secret: process.env.NEXTAUTH_SECRET,
-    providers: [
-        (0, keycloak_1.default)({
-            clientId: process.env.KEYCLOAK_CLIENT_ID || "",
-            clientSecret: process.env.KEYCLOAK_CLIENT_SECRET || "",
-            issuer: process.env.KEYCLOAK_ISSUER,
-            authorization: { params: { scope: "openid email profile roles" } }
-        })
-    ],
-    pages: {
-        signIn: "/",
-    },
-    callbacks: {
-        jwt(data) {
-            var _a, _b;
-            return __awaiter(this, void 0, void 0, function* () {
-                const hekGroups = (_a = data.profile) === null || _a === void 0 ? void 0 : _a.hekGroups;
-                // Persist the OAuth access_token to the token right after signin
-                if (data.account && data.user) {
-                    data.token.idToken = (_b = data.account) === null || _b === void 0 ? void 0 : _b.id_token;
-                    data.token.accessToken = data.account.access_token;
-                    data.token.hekGroups = hekGroups;
-                    data.token.username = data.profile.preferred_username;
-                    if (data.account.expires_at)
-                        data.token.accessTokenExpires = data.account.expires_at * 1000;
-                    data.token.refreshToken = data.account.refresh_token;
-                    return data.token;
-                }
-                // Return previous token if the access token has not expired yet
-                if (Date.now() < data.token.accessTokenExpires) {
-                    return data.token;
-                }
-                // Access token has expired, try to update it
-                return (0, refreshAccessToken_1.refreshAccessToken)(data.token);
-            });
-        },
-        session({ session, token }) {
-            return __awaiter(this, void 0, void 0, function* () {
-                // Send properties to the client, like an access_token from a provider.
-                const _session = session;
-                _session.accessToken = token.accessToken;
-                _session.accessTokenExpires = token.accessTokenExpires;
-                _session.hekGroups = token.hekGroups || [];
-                _session.username = token.username;
-                if (token.error)
-                    _session.error = token.error;
-                return _session;
-            });
-        }
+function configureAuthOptions(options) {
+    let callbacks = undefined;
+    if (options && "callbacks" in options) {
+        callbacks = options.callbacks;
     }
-};
+    return Object.assign(Object.assign({}, options), { secret: process.env.NEXTAUTH_SECRET, providers: [
+            (0, keycloak_1.default)({
+                clientId: process.env.KEYCLOAK_CLIENT_ID || "",
+                clientSecret: process.env.KEYCLOAK_CLIENT_SECRET || "",
+                issuer: process.env.KEYCLOAK_ISSUER,
+                authorization: { params: { scope: "openid email profile roles" } }
+            })
+        ], callbacks: Object.assign({ jwt(data) {
+                var _a, _b;
+                return __awaiter(this, void 0, void 0, function* () {
+                    const hekGroups = (_a = data.profile) === null || _a === void 0 ? void 0 : _a.hekGroups;
+                    // Persist the OAuth access_token to the token right after signin
+                    if (data.account && data.user) {
+                        data.token.idToken = (_b = data.account) === null || _b === void 0 ? void 0 : _b.id_token;
+                        data.token.accessToken = data.account.access_token;
+                        data.token.hekGroups = hekGroups;
+                        data.token.username = data.profile.preferred_username;
+                        if (data.account.expires_at)
+                            data.token.accessTokenExpires = data.account.expires_at * 1000;
+                        data.token.refreshToken = data.account.refresh_token;
+                        return data.token;
+                    }
+                    // Return previous token if the access token has not expired yet
+                    if (Date.now() < data.token.accessTokenExpires) {
+                        return data.token;
+                    }
+                    // Access token has expired, try to update it
+                    return (0, refreshAccessToken_1.refreshAccessToken)(data.token);
+                });
+            },
+            session({ session, token }) {
+                return __awaiter(this, void 0, void 0, function* () {
+                    // Send properties to the client, like an access_token from a provider.
+                    const _session = session;
+                    _session.accessToken = token.accessToken;
+                    _session.accessTokenExpires = token.accessTokenExpires;
+                    _session.hekGroups = token.hekGroups || [];
+                    _session.username = token.username;
+                    if (token.error)
+                        _session.error = token.error;
+                    return _session;
+                });
+            } }, callbacks) });
+}
+exports.configureAuthOptions = configureAuthOptions;

package/package.json CHANGED Viewed

@@ -5,7 +5,7 @@
     "email": "contact@voakie.com"
   },
   "license": "MIT",
-  "version": "1.0.7",
+  "version": "1.0.9",
   "scripts": {
     "prepublish": "rm api/ -r && rm react/ -r && tsc",
     "build": "tsc",

package/react/KeycloakSessionContext.d.ts CHANGED Viewed

@@ -5,6 +5,7 @@ export interface KeycloakSession {
     getAccessToken: () => Promise<string>;
 }
 export declare const KeycloakSessionContext: React.Context<KeycloakSession>;
+export declare function useKeycloakSession(): KeycloakSession;
 export declare function KeycloakSessionProvider(props: {
     children: ReactNode | ReactNode[];
     signInPage?: string;

package/react/KeycloakSessionContext.js CHANGED Viewed

@@ -32,7 +32,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.KeycloakSessionProvider = exports.KeycloakSessionContext = void 0;
+exports.KeycloakSessionProvider = exports.useKeycloakSession = exports.KeycloakSessionContext = void 0;
 const react_1 = require("next-auth/react");
 const router_1 = require("next/router");
 const react_2 = __importStar(require("react"));
@@ -43,6 +43,10 @@ exports.KeycloakSessionContext = (0, react_2.createContext)({
         return "";
     })
 });
+function useKeycloakSession() {
+    return (0, react_2.useContext)(exports.KeycloakSessionContext);
+}
+exports.useKeycloakSession = useKeycloakSession;
 function refreshAccessToken() {
     return __awaiter(this, void 0, void 0, function* () {
         try {
@@ -106,7 +110,7 @@ function KeycloakSessionProvider(props) {
     // we check for a valid refresh token here
     (0, react_2.useEffect)(() => {
         var _a, _b, _c, _d;
-        if (!router.asPath.startsWith(props.signInPage || "/auth/signin") &&
+        if (!(router.asPath.split("?")[0] === (props.signInPage || "/auth/signin")) &&
             (session.status === "unauthenticated" || accessTokenError)) {
             router.push(props.signInPage || "/auth/signin");
             return;

package/src/api/nextAuthConfig.ts CHANGED Viewed

@@ -1,58 +1,67 @@
-import NextAuth, { NextAuthOptions } from "next-auth"
+import { NextAuthOptions } from "next-auth"
 import KeycloakProvider from "next-auth/providers/keycloak"
 import { refreshAccessToken } from "./refreshAccessToken"
 /**
  * Provides authOptions for next-auth that configures it for use with the typical HEKsso setup
  */
-export const authOptions: NextAuthOptions = {
-    secret: process.env.NEXTAUTH_SECRET,
-    providers: [
-        KeycloakProvider({
-            clientId: process.env.KEYCLOAK_CLIENT_ID || "",
-            clientSecret: process.env.KEYCLOAK_CLIENT_SECRET || "",
-            issuer: process.env.KEYCLOAK_ISSUER, // something like "http://localhost:8080/realms/master"
-            authorization: { params: { scope: "openid email profile roles" } }
-        })
-    ],
-    pages: {
-        signIn: "/",
-    },
-    callbacks: {
-        async jwt(data) {
-            const hekGroups = (data.profile as any)?.hekGroups
-            // Persist the OAuth access_token to the token right after signin
-            if (data.account && data.user) {
-                data.token.idToken = data.account?.id_token
-                data.token.accessToken = data.account.access_token
-                data.token.hekGroups = hekGroups
-                data.token.username = (data.profile as { [key: string]: string }).preferred_username
-                if (data.account.expires_at)
-                    data.token.accessTokenExpires = data.account.expires_at * 1000
-                data.token.refreshToken = data.account.refresh_token
-                return data.token
-            }
-            // Return previous token if the access token has not expired yet
-            if (Date.now() < (data.token.accessTokenExpires as number)) {
-                return data.token
-            }
-            // Access token has expired, try to update it
-            return refreshAccessToken(data.token)
-        },
-        async session({ session, token }) {
-            // Send properties to the client, like an access_token from a provider.
-            const _session = session as any
-            _session.accessToken = token.accessToken
-            _session.accessTokenExpires = token.accessTokenExpires
-            _session.hekGroups = token.hekGroups || []
-            _session.username = token.username
-            if (token.error) _session.error = token.error
-            return _session
+export function configureAuthOptions(options?: NextAuthOptions): NextAuthOptions {
+    let callbacks: NextAuthOptions["callbacks"] | undefined = undefined
+    if (options && "callbacks" in options) {
+        callbacks = options.callbacks
+    }
+    return {
+        ...options,
+        secret: process.env.NEXTAUTH_SECRET,
+        providers: [
+            KeycloakProvider({
+                clientId: process.env.KEYCLOAK_CLIENT_ID || "",
+                clientSecret: process.env.KEYCLOAK_CLIENT_SECRET || "",
+                issuer: process.env.KEYCLOAK_ISSUER, // something like "http://localhost:8080/realms/master"
+                authorization: { params: { scope: "openid email profile roles" } }
+            })
+        ],
+        callbacks: {
+            async jwt(data) {
+                const hekGroups = (data.profile as any)?.hekGroups
+                // Persist the OAuth access_token to the token right after signin
+                if (data.account && data.user) {
+                    data.token.idToken = data.account?.id_token
+                    data.token.accessToken = data.account.access_token
+                    data.token.hekGroups = hekGroups
+                    data.token.username = (
+                        data.profile as { [key: string]: string }
+                    ).preferred_username
+                    if (data.account.expires_at)
+                        data.token.accessTokenExpires = data.account.expires_at * 1000
+                    data.token.refreshToken = data.account.refresh_token
+                    return data.token
+                }
+                // Return previous token if the access token has not expired yet
+                if (Date.now() < (data.token.accessTokenExpires as number)) {
+                    return data.token
+                }
+                // Access token has expired, try to update it
+                return refreshAccessToken(data.token)
+            },
+            async session({ session, token }) {
+                // Send properties to the client, like an access_token from a provider.
+                const _session = session as any
+                _session.accessToken = token.accessToken
+                _session.accessTokenExpires = token.accessTokenExpires
+                _session.hekGroups = token.hekGroups || []
+                _session.username = token.username
+                if (token.error) _session.error = token.error
+                return _session
+            },
+            ...callbacks
         }
     }
 }

package/src/react/KeycloakSessionContext.tsx CHANGED Viewed

@@ -1,6 +1,6 @@
 import { signOut, useSession } from "next-auth/react"
 import { useRouter } from "next/router"
-import React, { createContext, ReactNode, useCallback, useEffect, useMemo, useState } from "react"
+import React, { createContext, ReactNode, useCallback, useContext, useEffect, useMemo, useState } from "react"
 export interface KeycloakSession {
     isAuthenticated: boolean
@@ -16,6 +16,10 @@ export const KeycloakSessionContext = createContext<KeycloakSession>({
     }
 })
+export function useKeycloakSession() {
+    return useContext(KeycloakSessionContext)
+}
 async function refreshAccessToken() {
     try {
         const response = await fetch("/api/auth/session", {
@@ -83,7 +87,7 @@ export function KeycloakSessionProvider(props: {
     // we check for a valid refresh token here
     useEffect(() => {
         if (
-            !router.asPath.startsWith(props.signInPage || "/auth/signin") &&
+            !(router.asPath.split("?")[0] === (props.signInPage || "/auth/signin")) &&
             (session.status === "unauthenticated" || accessTokenError)
         ) {
             router.push(props.signInPage || "/auth/signin")

package/tsconfig.json CHANGED Viewed

@@ -100,5 +100,5 @@
     // "skipDefaultLibCheck": true,                      /* Skip type checking .d.ts files that are included with TypeScript. */
     "skipLibCheck": true                                 /* Skip type checking all .d.ts files. */
   },
-  "exclude": ["lib", "node_modules"]
+  "exclude": ["api", "react", "node_modules"]
 }