nuxt-auther 1.0.1 → 1.0.3

package/dist/runtime/schemes/refresh.mjs

@@ -0,0 +1,141 @@
+import { cleanObj, getProp } from "../../utils";
+import { RefreshController, RefreshToken, ExpiredAuthSessionError } from "../inc/index.mjs";
+import { LocalScheme } from "./local.mjs";
+const DEFAULTS = {
+  name: "refresh",
+  endpoints: {
+    refresh: {
+      url: "/api/auth/refresh",
+      method: "POST"
+    }
+  },
+  refreshToken: {
+    property: "refresh_token",
+    data: "refresh_token",
+    maxAge: 60 * 60 * 24 * 30,
+    required: true,
+    tokenRequired: false,
+    prefix: "_refresh_token.",
+    expirationPrefix: "_refresh_token_expiration.",
+    httpOnly: false
+  },
+  autoLogout: false
+};
+export class RefreshScheme extends LocalScheme {
+  refreshToken;
+  refreshController;
+  constructor($auth, options) {
+    super($auth, options, DEFAULTS);
+    this.refreshToken = new RefreshToken(this, this.$auth.$storage);
+    this.refreshController = new RefreshController(this);
+  }
+  check(checkStatus = false) {
+    const response = {
+      valid: false,
+      tokenExpired: false,
+      refreshTokenExpired: false,
+      isRefreshable: true
+    };
+    const token = this.token.sync();
+    this.refreshToken.sync();
+    if (!token) {
+      return response;
+    }
+    if (!checkStatus) {
+      response.valid = true;
+      return response;
+    }
+    const tokenStatus = this.token.status();
+    const refreshTokenStatus = this.refreshToken.status();
+    if (refreshTokenStatus.expired()) {
+      response.refreshTokenExpired = true;
+      return response;
+    }
+    if (tokenStatus.expired()) {
+      response.tokenExpired = true;
+      return response;
+    }
+    response.valid = true;
+    return response;
+  }
+  mounted() {
+    return super.mounted({
+      tokenCallback: () => {
+        if (this.options.autoLogout) {
+          this.$auth.reset();
+        }
+      },
+      refreshTokenCallback: () => {
+        this.$auth.reset();
+      }
+    });
+  }
+  async refreshTokens() {
+    if (!this.options.endpoints.refresh) {
+      return Promise.resolve();
+    }
+    if (!this.check().valid) {
+      return Promise.resolve();
+    }
+    const refreshTokenStatus = this.refreshToken.status();
+    if (refreshTokenStatus.expired()) {
+      this.$auth.reset();
+      throw new ExpiredAuthSessionError();
+    }
+    if (!this.options.refreshToken.tokenRequired) {
+      this.requestHandler.clearHeader();
+    }
+    const endpoint = {
+      body: {
+        client_id: void 0,
+        grant_type: void 0
+      }
+    };
+    if (this.options.refreshToken.required && this.options.refreshToken.data && !this.options.refreshToken.httpOnly) {
+      endpoint.body[this.options.refreshToken.data] = this.refreshToken.get();
+    }
+    if (this.options.clientId) {
+      endpoint.body.client_id = this.options.clientId;
+    }
+    endpoint.body.grant_type = "refresh_token";
+    cleanObj(endpoint.body);
+    if (this.options.ssr) {
+      endpoint.baseURL = "";
+    }
+    const response = await this.$auth.request(endpoint, this.options.endpoints.refresh);
+    this.updateTokens(response);
+  }
+  setUserToken(token, refreshToken) {
+    this.token.set(token);
+    if (refreshToken) {
+      this.refreshToken.set(refreshToken);
+    }
+    return this.fetchUser();
+  }
+  reset({ resetInterceptor = true } = {}) {
+    this.$auth.setUser(false);
+    this.token.reset();
+    this.refreshToken.reset();
+    if (resetInterceptor) {
+      this.requestHandler.reset();
+    }
+  }
+  extractRefreshToken(response) {
+    return getProp(response._data, this.options.refreshToken.property);
+  }
+  updateTokens(response) {
+    let tokenExpiresIn = false;
+    const token = this.options.token?.required ? this.extractToken(response) : true;
+    const refreshToken = this.options.refreshToken.required ? this.extractRefreshToken(response) : true;
+    tokenExpiresIn = this.options.token?.maxAge || getProp(response._data, this.options.token.expiresProperty);
+    this.token.set(token, tokenExpiresIn);
+    if (refreshToken) {
+      this.refreshToken.set(refreshToken);
+    }
+  }
+  initializeRequestInterceptor() {
+    this.requestHandler.initializeRequestInterceptor(
+      this.options.endpoints.refresh.url
+    );
+  }
+}

package/dist/runtime/token-nitro.d.ts

@@ -0,0 +1,2 @@
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<void>>;
+export default _default;

package/dist/runtime/token-nitro.mjs

@@ -0,0 +1,9 @@
+import { readBody, defineEventHandler, deleteCookie } from "h3";
+import { config } from "#nuxt-auth-options";
+export default defineEventHandler(async (event) => {
+  const body = await readBody(event);
+  const token = config.stores?.cookie?.prefix + body?.token;
+  if (token) {
+    deleteCookie(event, token, { ...config.stores.cookie.options });
+  }
+});

package/dist/types/index.d.ts

@@ -0,0 +1,42 @@
+import type { ModuleOptions } from './options';
+import type { Auth } from '../runtime';
+import * as NuxtSchema from '@nuxt/schema';
+
+export * from './openIDConnectConfigurationDocument';
+export * from './provider';
+export * from './request';
+export * from './router';
+export * from './scheme';
+export * from './strategy';
+export * from './utils';
+export * from './options';
+export * from './store'
+
+declare module '#app' {
+    interface NuxtApp {
+        $auth: Auth;
+    }
+}
+
+declare module 'vue-router' {
+    interface RouteMeta {
+        auth?: 'guest' | false
+    }
+}
+
+declare module '@nuxt/schema' {
+    interface NuxtConfig {
+        ['auth']?: Partial<ModuleOptions>
+    }
+    interface NuxtOptions {
+        ['auth']?: ModuleOptions
+    }
+}
+
+declare const NuxtAuth: NuxtSchema.NuxtModule<ModuleOptions>
+
+export {
+    ModuleOptions,
+    NuxtAuth as default
+};
+

package/dist/types/openIDConnectConfigurationDocument.d.ts

@@ -0,0 +1,31 @@
+export type OpenIDConnectConfigurationDocument = {
+    issuer?: string;
+    authorization_endpoint?: string;
+    token_endpoint?: string;
+    token_endpoint_auth_methods_supported?: string[];
+    token_endpoint_auth_signing_alg_values_supported?: string[];
+    userinfo_endpoint?: string;
+    check_session_iframe?: string;
+    end_session_endpoint?: string;
+    jwks_uri?: string;
+    registration_endpoint?: string;
+    scopes_supported?: string[];
+    response_types_supported?: string[];
+    acr_values_supported?: string[];
+    response_modes_supported?: string[];
+    grant_types_supported?: string[];
+    subject_types_supported?: string[];
+    userinfo_signing_alg_values_supported?: string[];
+    userinfo_encryption_alg_values_supported?: string[];
+    userinfo_encryption_enc_values_supported?: string[];
+    id_token_signing_alg_values_supported?: string[];
+    id_token_encryption_alg_values_supported?: string[];
+    id_token_encryption_enc_values_supported?: string[];
+    request_object_signing_alg_values_supported?: string[];
+    display_values_supported?: string[];
+    claim_types_supported?: string[];
+    claims_supported?: string[];
+    claims_parameter_supported?: boolean;
+    service_documentation?: string;
+    ui_locales_supported?: string[];
+};

package/dist/types/options.d.ts

@@ -0,0 +1,125 @@
+import type { Strategy, StrategyOptions } from './strategy';
+import type { NuxtPlugin } from '@nuxt/schema';
+import type { AuthState, RefreshableScheme, TokenableScheme } from './index';
+import type { CookieSerializeOptions } from 'cookie-es';
+import type { Auth } from '../runtime'
+
+export interface ModuleOptions {
+    /**
+     * Whether the global middleware is enabled or not.
+     * This option is disabled if `enableMiddleware` is `false`
+     */
+    globalMiddleware?: boolean;
+
+    /**
+     * Whether middleware is enabled or not.
+     */
+    enableMiddleware?: boolean;
+
+    /**
+     * Plugins to be used by the module.
+     */
+    plugins?: (NuxtPlugin | string)[];
+
+    /**
+     * Authentication strategies used by the module.
+     */
+    strategies?: Record<string, StrategyOptions>;
+
+    /**
+     * Whether exceptions should be ignored or not.
+     */
+    ignoreExceptions: boolean;
+
+    /**
+     * Whether the auth module should reset login data on an error.
+     */
+    resetOnError: boolean | ((...args: any[]) => boolean);
+
+    /**
+     * Whether to reset on a response error.
+     */
+    resetOnResponseError: boolean | ((error: any, auth: Auth, scheme: TokenableScheme | RefreshableScheme) => void);
+
+    /**
+     * Default authentication strategy to be used by the module.
+     * This is used internally.
+     */
+    defaultStrategy: string | undefined;
+
+    /**
+     * Whether to watch user logged in state or not.
+     */
+    watchLoggedIn: boolean;
+
+    /**
+     * Interval for token validation.
+     */
+    tokenValidationInterval: boolean | number;
+
+    /**
+     * Whether to rewrite redirects or not.
+     */
+    rewriteRedirects: boolean;
+    
+    /**
+     * Whether to redirect with full path or not.
+     */
+    fullPathRedirect: boolean;
+
+    /**
+     * Redirect strategy to be used: 'query' or 'storage'
+     */
+    redirectStrategy?: 'query' | 'storage';
+
+    /**
+     * Key for scope.
+     */
+    scopeKey: string;
+
+    /**
+     * Store options for the auth module. The `pinia` store will not
+     * be utilized unless you enable it. By default `useState()` will be
+     * used instead.
+     */
+    stores: Partial<{
+        state: {
+            namespace?: string
+        };
+        pinia: {
+            enabled?: boolean;
+            namespace?: string;
+        };
+        cookie: {
+            enabled?: boolean;
+            prefix?: string;
+            options?: CookieSerializeOptions;
+        };
+        local: { 
+            enabled: boolean;
+            prefix?: string; 
+        };
+        session: { 
+            enabled?: boolean;
+            prefix?: string;
+        };
+    }>;
+
+    /**
+     * Redirect URL for login, logout, callback and home.
+     * 
+     * *Note:* The `trans` argument is only available if 
+     * `nuxt/i18n` is available. 
+     */
+    redirect: {
+        login: string | ((auth: Auth, trans?: Function) => string);
+        logout: string | ((auth: Auth, trans?: Function) => string);
+        callback: string | ((auth: Auth, trans?: Function) => string);
+        home: string | ((auth: Auth, trans?: Function) => string);
+    };
+
+    /**
+     * Initial state for Auth. This is used Internally.
+     */
+    initialState?: AuthState;
+}

package/dist/types/provider.d.ts

@@ -0,0 +1,21 @@
+import type { SchemeOptions, SchemeNames } from './scheme';
+import type { StrategyOptions } from './strategy';
+import type { PartialExcept } from './utils';
+import type { Nuxt } from '@nuxt/schema';
+
+export type ProviderNames<N = ''> = 'laravel/sanctum' | 'laravel/jwt' | 'laravel/passport' | 'google' | 'github' | 'facebook' | 'discord' | 'auth0' | N | ((nuxt: Nuxt, strategy: StrategyOptions, ...args: any[]) => void);
+
+export interface ImportOptions {
+    name: string;
+    as: string;
+    from: string;
+}
+
+export interface ProviderOptions {
+    scheme?: SchemeNames;
+    clientSecret: string | number;
+}
+
+export type ProviderOptionsKeys = Exclude<keyof ProviderOptions, 'clientSecret'>;
+
+export type ProviderPartialOptions<Options extends ProviderOptions & SchemeOptions> = PartialExcept<Options, ProviderOptionsKeys>;

package/dist/types/request.d.ts

@@ -0,0 +1,8 @@
+import { type FetchConfig } from '@refactorjs/ofetch';
+import { type FetchResponse } from 'ofetch';
+
+export type HTTPRequest = FetchConfig & {
+    body?: Record<string, any>;
+};
+
+export type HTTPResponse<T> = FetchResponse<T>;

package/dist/types/router.d.ts

@@ -0,0 +1,7 @@
+import type { RouteLocationNormalized } from '#vue-router'
+
+export type Route = RouteLocationNormalized;
+export interface RedirectRouterOptions {
+    type?: 'window' | 'router'
+}
+

package/dist/types/scheme.d.ts

@@ -0,0 +1,108 @@
+import type { HTTPRequest, HTTPResponse } from '.';
+import type { Auth } from '../runtime/core';
+import type { Token, IdToken, RefreshToken, RefreshController, RequestHandler } from '../runtime/inc';
+import type { PartialExcept } from './utils';
+
+export type SchemeNames<N = ''> = 'local' | 'cookie' | 'laravelJWT' | 'openIDConnect' | 'refresh' | 'oauth2' | 'auth0' | `~/${string}` | N
+
+export interface UserOptions {
+    property: string | false;
+    autoFetch: boolean;
+}
+
+export interface EndpointsOption {
+    [endpoint: string]: string | HTTPRequest | false | undefined;
+}
+
+// Scheme
+
+export interface SchemeOptions {
+    name?: string;
+    ssr?: boolean;
+}
+
+export type SchemePartialOptions<Options extends SchemeOptions> = PartialExcept<Options, keyof SchemeOptions>;
+
+export interface SchemeCheck {
+    valid: boolean;
+    tokenExpired?: boolean;
+    refreshTokenExpired?: boolean;
+    idTokenExpired?: boolean;
+    isRefreshable?: boolean;
+}
+
+export interface Scheme<OptionsT extends SchemeOptions = SchemeOptions> {
+    options: OptionsT;
+    name?: string;
+    $auth: Auth;
+    mounted?(...args: any[]): Promise<HTTPResponse<any> | void>;
+    check?(checkStatus?: boolean): SchemeCheck;
+    login(...args: any[]): Promise<HTTPResponse<any> | void>;
+    fetchUser(endpoint?: HTTPRequest): Promise<HTTPResponse<any> | void>;
+    setUserToken?(
+        token: string | boolean,
+        refreshToken?: string | boolean
+    ): Promise<HTTPResponse<any> | void>;
+    logout?(endpoint?: HTTPRequest): Promise<void> | void;
+    reset?(options?: { resetInterceptor: boolean }): void;
+}
+
+// Token
+
+export interface TokenOptions {
+    property: string;
+    expiresProperty: string;
+    type: string | false;
+    name: string;
+    maxAge: number | false;
+    global: boolean;
+    required: boolean;
+    prefix: string;
+    expirationPrefix: string;
+    httpOnly: boolean
+}
+
+export interface TokenableSchemeOptions extends SchemeOptions {
+    token?: TokenOptions;
+    endpoints: EndpointsOption;
+}
+
+export interface TokenableScheme<OptionsT extends TokenableSchemeOptions = TokenableSchemeOptions> extends Scheme<OptionsT> {
+    token?: Token;
+    requestHandler: RequestHandler;
+}
+
+// ID Token
+
+export interface IdTokenableSchemeOptions extends SchemeOptions {
+    idToken: TokenOptions;
+}
+
+export interface IdTokenableScheme<OptionsT extends IdTokenableSchemeOptions = IdTokenableSchemeOptions> extends Scheme<OptionsT> {
+    idToken: IdToken;
+    requestHandler: RequestHandler;
+}
+
+// Refrash
+
+export interface RefreshTokenOptions {
+    property: string | false;
+    type: string | false;
+    data: string | false;
+    maxAge: number | false;
+    required: boolean;
+    tokenRequired: boolean;
+    prefix: string;
+    expirationPrefix: string;
+    httpOnly: boolean;
+}
+
+export interface RefreshableSchemeOptions extends TokenableSchemeOptions {
+    refreshToken: RefreshTokenOptions;
+}
+
+export interface RefreshableScheme<OptionsT extends RefreshableSchemeOptions = RefreshableSchemeOptions> extends TokenableScheme<OptionsT> {
+    refreshToken: RefreshToken;
+    refreshController: RefreshController;
+    refreshTokens(): Promise<HTTPResponse<any> | void>;
+}

package/dist/types/store.d.ts

@@ -0,0 +1,30 @@
+import type { _StoreWithState } from 'pinia';
+import type { CookieSerializeOptions } from 'cookie-es';
+
+export type AuthStore = _StoreWithState<string, AuthState, {}, {}> & {
+    [key: string]: AuthState
+}
+
+export type StoreMethod = 'cookie' | 'session' | 'local';
+
+export interface StoreIncludeOptions {
+    cookie?: boolean | CookieSerializeOptions;
+    session?: boolean;
+    local?: boolean;
+}
+
+export interface UserInfo {
+    [key: string]: unknown;
+}
+
+export type AuthState = {
+    [key: string]: unknown;
+    // user object
+    user?: UserInfo;
+    // indicates whether the user is logged in
+    loggedIn?: boolean;
+    // indicates the strategy of authentication used
+    strategy?: string;
+    // indicates if the authentication system is busy performing tasks, may not be defined initially
+    busy?: boolean;
+}

package/dist/types/strategy.d.ts

@@ -0,0 +1,16 @@
+import type { SchemePartialOptions, RefreshableSchemeOptions, SchemeOptions, SchemeNames } from './scheme';
+import type { CookieSchemeOptions, Oauth2SchemeOptions, OpenIDConnectSchemeOptions } from '../runtime/schemes';
+import type { ProviderPartialOptions, ProviderOptions, ProviderNames } from './provider';
+import type { RecursivePartial } from './utils';
+
+export type Strategy<S = {}> = S & Strategies;
+
+// @ts-ignore: endpoints dont match
+export interface AuthSchemeOptions extends RefreshableSchemeOptions, Oauth2SchemeOptions, CookieSchemeOptions, OpenIDConnectSchemeOptions {}
+
+export interface Strategies {
+    provider?: ProviderNames;
+    enabled?: boolean;
+}
+
+export type StrategyOptions<SOptions extends RecursivePartial<AuthSchemeOptions> = RecursivePartial<AuthSchemeOptions>> = ProviderPartialOptions<ProviderOptions & SOptions & Strategy>;

package/dist/types/utils.d.ts

@@ -0,0 +1,5 @@
+export type RecursivePartial<T> = {
+    [P in keyof T]?: T[P] extends (infer U)[] ? RecursivePartial<U>[any] : RecursivePartial<T[P]>;
+};
+
+export type PartialExcept<T, K extends keyof T> = RecursivePartial<T> &Pick<T, K>;

package/dist/utils/index.d.ts

@@ -0,0 +1,28 @@
+import type { RouteComponent, RouteLocationNormalized } from '#vue-router';
+import type { RecursivePartial } from '../types';
+import type { NuxtApp } from '#app';
+import type { H3Event } from 'h3';
+export declare const isUnset: (o: any) => boolean;
+export declare const isSet: (o: any) => boolean;
+export declare function parseQuery(queryString: string): Record<string, unknown>;
+export declare function isRelativeURL(u: string): boolean | "" | 0;
+export declare function routeMeta(route: RouteLocationNormalized, key: string, value: string | boolean): boolean;
+export declare function getMatchedComponents(route: RouteLocationNormalized, matches?: unknown[]): RouteComponent[][];
+export declare function normalizePath(path: string | undefined, ctx: NuxtApp): string;
+export declare function encodeValue(val: any): string;
+export declare function decodeValue(val: any): any;
+/**
+ * Get property defined by dot notation in string.
+ * Based on  https://github.com/dy/dotprop (MIT)
+ *
+ * @param  { Object } holder   Target object where to look property up
+ * @param  { string } propName Dot notation, like 'this.a.b.c'
+ * @return { * } A property value
+ */
+export declare function getProp(holder: any, propName: string | false): any;
+export declare function addTokenPrefix(token: string | boolean, tokenType: string | false): string | boolean;
+export declare function removeTokenPrefix(token: string | boolean, tokenType: string | false): string | boolean;
+export declare function cleanObj<T extends Record<string, any>>(obj: T): RecursivePartial<T>;
+export declare function randomString(length: number): string;
+export declare function setH3Cookie(event: H3Event, serializedCookie: string): void;
+export declare const hasOwn: <O extends object, K extends PropertyKey>(object: O, key: K) => any;