nuxt-auther 1.0.2 → 1.0.3

package/dist/runtime/providers/laravel-jwt.mjs

@@ -0,0 +1,47 @@
+import { assignDefaults, assignAbsoluteEndpoints, addLocalAuthorize } from "../../utils/provider";
+import { LOCALDEFAULTS } from "../inc/index.mjs";
+export function laravelJWT(nuxt, strategy) {
+  const { url } = strategy;
+  if (!url) {
+    throw new Error("url is required for laravel jwt!");
+  }
+  const DEFAULTS = Object.assign(LOCALDEFAULTS, {
+    name: "laravelJWT",
+    scheme: "laravelJWT",
+    endpoints: {
+      login: {
+        url: url + "/api/auth/login"
+      },
+      refresh: {
+        url: url + "/api/auth/refresh"
+      },
+      logout: {
+        url: url + "/api/auth/logout"
+      },
+      user: {
+        url: url + "/api/auth/user"
+      }
+    },
+    token: {
+      property: "access_token",
+      maxAge: 3600
+    },
+    refreshToken: {
+      property: false,
+      data: false,
+      maxAge: 1209600,
+      required: false,
+      tokenRequired: true
+    },
+    user: {
+      property: false
+    },
+    clientId: false,
+    grantType: false
+  });
+  assignDefaults(strategy, DEFAULTS);
+  assignAbsoluteEndpoints(strategy);
+  if (strategy.ssr) {
+    addLocalAuthorize(nuxt, strategy);
+  }
+}

package/dist/runtime/providers/laravel-passport.d.ts

@@ -0,0 +1,12 @@
+import type { ProviderPartialOptions, ProviderOptions } from '../../types';
+import type { Oauth2SchemeOptions, RefreshSchemeOptions } from '..';
+import type { Nuxt } from '@nuxt/schema';
+export interface LaravelPassportProviderOptions extends ProviderOptions, Oauth2SchemeOptions {
+    url: string;
+}
+export interface LaravelPassportPasswordProviderOptions extends ProviderOptions, RefreshSchemeOptions {
+    url: string;
+}
+export type PartialPassportOptions = ProviderPartialOptions<LaravelPassportProviderOptions>;
+export type PartialPassportPasswordOptions = ProviderPartialOptions<LaravelPassportPasswordProviderOptions>;
+export declare function laravelPassport(nuxt: Nuxt, strategy: PartialPassportOptions | PartialPassportPasswordOptions): void;

package/dist/runtime/providers/laravel-passport.mjs

@@ -0,0 +1,69 @@
+import { assignDefaults, addAuthorize, initializePasswordGrantFlow, assignAbsoluteEndpoints } from "../../utils/provider";
+import { LOCALDEFAULTS } from "../inc/index.mjs";
+function isPasswordGrant(strategy) {
+  return strategy.grantType === "password";
+}
+export function laravelPassport(nuxt, strategy) {
+  const { url } = strategy;
+  if (!url) {
+    throw new Error("url is required is laravel passport!");
+  }
+  const defaults = Object.assign(LOCALDEFAULTS, {
+    name: "laravelPassport",
+    token: {
+      property: "access_token",
+      type: "Bearer",
+      name: "Authorization",
+      maxAge: 60 * 60 * 24 * 365
+    },
+    refreshToken: {
+      property: "refresh_token",
+      data: "refresh_token",
+      maxAge: 60 * 60 * 24 * 30
+    },
+    user: {
+      property: false
+    }
+  });
+  let DEFAULTS;
+  if (isPasswordGrant(strategy)) {
+    DEFAULTS = {
+      ...defaults,
+      scheme: "refresh",
+      endpoints: {
+        token: url + "/oauth/token",
+        login: {
+          baseURL: ""
+        },
+        refresh: {
+          baseURL: ""
+        },
+        logout: false,
+        user: {
+          url: url + "/api/auth/user"
+        }
+      },
+      grantType: "password"
+    };
+    assignDefaults(strategy, DEFAULTS);
+    assignAbsoluteEndpoints(strategy);
+    initializePasswordGrantFlow(nuxt, strategy);
+  } else {
+    DEFAULTS = {
+      ...defaults,
+      scheme: "oauth2",
+      endpoints: {
+        authorization: url + "/oauth/authorize",
+        token: url + "/oauth/token",
+        userInfo: url + "/api/auth/user",
+        logout: false
+      },
+      responseType: "code",
+      grantType: "authorization_code",
+      scope: "*"
+    };
+    assignDefaults(strategy, DEFAULTS);
+    assignAbsoluteEndpoints(strategy);
+    addAuthorize(nuxt, strategy);
+  }
+}

package/dist/runtime/providers/laravel-sanctum.d.ts

@@ -0,0 +1,6 @@
+import type { ProviderPartialOptions, ProviderOptions } from '../../types';
+import type { CookieSchemeOptions } from '..';
+import type { Nuxt } from '@nuxt/schema';
+export interface LaravelSanctumProviderOptions extends ProviderOptions, CookieSchemeOptions {
+}
+export declare function laravelSanctum(nuxt: Nuxt, strategy: ProviderPartialOptions<LaravelSanctumProviderOptions>): void;

package/dist/runtime/providers/laravel-sanctum.mjs

@@ -0,0 +1,52 @@
+import { assignAbsoluteEndpoints, assignDefaults, addLocalAuthorize } from "../../utils/provider";
+import { LOCALDEFAULTS } from "../inc/index.mjs";
+export function laravelSanctum(nuxt, strategy) {
+  const { url } = strategy;
+  if (!url) {
+    throw new Error("URL is required with Laravel Sanctum!");
+  }
+  const endpointDefaults = {
+    credentials: "include"
+  };
+  const DEFAULTS = Object.assign(LOCALDEFAULTS, {
+    scheme: "cookie",
+    name: "laravelSanctum",
+    cookie: {
+      name: "XSRF-TOKEN"
+    },
+    endpoints: {
+      csrf: {
+        ...endpointDefaults,
+        url: "/sanctum/csrf-cookie"
+      },
+      login: {
+        ...endpointDefaults,
+        url: "/login"
+      },
+      refresh: {
+        ...endpointDefaults,
+        url: "/refresh"
+      },
+      logout: {
+        ...endpointDefaults,
+        url: "/logout"
+      },
+      user: {
+        ...endpointDefaults,
+        url: "/api/user"
+      }
+    },
+    user: {
+      property: false,
+      autoFetch: true
+    },
+    token: {
+      type: "Bearer"
+    }
+  });
+  assignDefaults(strategy, DEFAULTS);
+  assignAbsoluteEndpoints(strategy);
+  if (strategy.ssr) {
+    addLocalAuthorize(nuxt, strategy);
+  }
+}

package/dist/runtime/schemes/auth0.d.ts

@@ -0,0 +1,4 @@
+import { Oauth2Scheme } from '../schemes/oauth2';
+export declare class Auth0Scheme extends Oauth2Scheme {
+    logout(): void;
+}

package/dist/runtime/schemes/auth0.mjs

@@ -0,0 +1,13 @@
+import { withQuery } from "ufo";
+import { Oauth2Scheme } from "../schemes/oauth2.mjs";
+export class Auth0Scheme extends Oauth2Scheme {
+  logout() {
+    this.$auth.reset();
+    const opts = {
+      client_id: this.options.clientId,
+      returnTo: this.logoutRedirectURI
+    };
+    const url = withQuery(this.options.endpoints.logout, opts);
+    window.location.replace(url);
+  }
+}

package/dist/runtime/schemes/base.d.ts

@@ -0,0 +1,8 @@
+import type { SchemeOptions } from '../../types';
+import type { Auth } from '..';
+export declare class BaseScheme<OptionsT extends SchemeOptions> {
+    $auth: Auth;
+    options: OptionsT;
+    constructor($auth: Auth, ...options: OptionsT[]);
+    get name(): string;
+}

package/dist/runtime/schemes/base.mjs

@@ -0,0 +1,11 @@
+import { defu } from "defu";
+export class BaseScheme {
+  constructor($auth, ...options) {
+    this.$auth = $auth;
+    this.options = options.reduce((p, c) => defu(p, c), {});
+  }
+  options;
+  get name() {
+    return this.options.name;
+  }
+}

package/dist/runtime/schemes/cookie.d.ts

@@ -0,0 +1,23 @@
+import type { SchemePartialOptions, SchemeCheck, TokenableScheme, HTTPRequest, HTTPResponse } from '../../types';
+import type { Auth } from '..';
+import { LocalScheme, type LocalSchemeEndpoints, type LocalSchemeOptions } from './local';
+export interface CookieSchemeEndpoints extends LocalSchemeEndpoints {
+    csrf?: HTTPRequest | false;
+}
+export interface CookieSchemeCookie {
+    name: string;
+}
+export interface CookieSchemeOptions extends LocalSchemeOptions {
+    url?: string;
+    endpoints: CookieSchemeEndpoints;
+    cookie: CookieSchemeCookie;
+}
+export declare class CookieScheme<OptionsT extends CookieSchemeOptions> extends LocalScheme<OptionsT> implements TokenableScheme<OptionsT> {
+    checkStatus: boolean;
+    constructor($auth: Auth, options: SchemePartialOptions<CookieSchemeOptions>);
+    mounted(): Promise<HTTPResponse<any> | void>;
+    check(): SchemeCheck;
+    login(endpoint: HTTPRequest): Promise<HTTPResponse<any> | void>;
+    fetchUser(endpoint?: HTTPRequest): Promise<HTTPResponse<any> | void>;
+    reset(): void;
+}

package/dist/runtime/schemes/cookie.mjs

@@ -0,0 +1,111 @@
+import { LocalScheme } from "./local.mjs";
+import { getProp } from "../../utils";
+const DEFAULTS = {
+  name: "cookie",
+  cookie: {
+    name: void 0
+  },
+  endpoints: {
+    csrf: false
+  },
+  token: {
+    type: false,
+    property: "",
+    maxAge: false,
+    global: false,
+    required: false
+  },
+  user: {
+    property: false,
+    autoFetch: true
+  }
+};
+export class CookieScheme extends LocalScheme {
+  checkStatus = false;
+  constructor($auth, options) {
+    super($auth, options, DEFAULTS);
+  }
+  async mounted() {
+    if (process.server) {
+      this.$auth.ctx.$http.setHeader("referer", this.$auth.ctx.ssrContext.event.node.req.headers.host);
+    }
+    if (this.options.token?.type) {
+      return super.mounted();
+    }
+    this.checkStatus = true;
+    return this.$auth.fetchUserOnce();
+  }
+  check() {
+    const response = { valid: false };
+    if (!super.check().valid && this.options.token?.type) {
+      return response;
+    }
+    if (!this.checkStatus) {
+      response.valid = true;
+      return response;
+    }
+    if (this.options.cookie.name) {
+      const cookies = this.$auth.$storage.getCookies();
+      response.valid = Boolean(cookies[this.options.cookie.name]);
+      return response;
+    }
+    response.valid = true;
+    return response;
+  }
+  async login(endpoint) {
+    this.$auth.reset();
+    if (this.options.endpoints.csrf) {
+      await this.$auth.request(this.options.endpoints.csrf);
+    }
+    if (this.options.token?.type) {
+      return super.login(endpoint, { reset: false });
+    }
+    if (!this.options.endpoints.login) {
+      return;
+    }
+    if (this.options.ssr) {
+      endpoint.baseURL = "";
+    }
+    const response = await this.$auth.request(endpoint, this.options.endpoints.login);
+    if (this.options.user.autoFetch) {
+      if (this.checkStatus) {
+        this.checkStatus = false;
+      }
+      await this.fetchUser();
+    }
+    return response;
+  }
+  async fetchUser(endpoint) {
+    if (!this.check().valid) {
+      return Promise.resolve();
+    }
+    if (!this.options.endpoints.user) {
+      this.$auth.setUser({});
+      return Promise.resolve();
+    }
+    if (this.checkStatus) {
+      this.checkStatus = false;
+    }
+    return this.$auth.requestWith(endpoint, this.options.endpoints.user).then((response) => {
+      const userData = getProp(response._data, this.options.user.property);
+      if (!userData) {
+        const error = new Error(`User Data response does not contain field ${this.options.user.property}`);
+        return Promise.reject(error);
+      }
+      this.$auth.setUser(userData);
+      return response;
+    }).catch((error) => {
+      this.$auth.callOnError(error, { method: "fetchUser" });
+      return Promise.reject(error);
+    });
+  }
+  reset() {
+    if (this.options.cookie.name) {
+      this.$auth.$storage.setCookie(this.options.cookie.name, null);
+    }
+    if (this.options.token?.type) {
+      return super.reset();
+    }
+    this.$auth.setUser(false);
+  }
+}

package/dist/runtime/schemes/index.d.ts

@@ -0,0 +1,8 @@
+export * from './base';
+export * from './cookie';
+export * from './local';
+export * from './oauth2';
+export * from './openIDConnect';
+export * from './refresh';
+export * from './auth0';
+export * from './laravel-jwt';

package/dist/runtime/schemes/index.mjs

@@ -0,0 +1,8 @@
+export * from "./base.mjs";
+export * from "./cookie.mjs";
+export * from "./local.mjs";
+export * from "./oauth2.mjs";
+export * from "./openIDConnect.mjs";
+export * from "./refresh.mjs";
+export * from "./auth0.mjs";
+export * from "./laravel-jwt.mjs";

package/dist/runtime/schemes/laravel-jwt.d.ts

@@ -0,0 +1,5 @@
+import type { HTTPResponse } from '../../types';
+import { RefreshScheme } from './refresh';
+export declare class LaravelJWTScheme extends RefreshScheme {
+    protected updateTokens(response: HTTPResponse<any>): void;
+}

package/dist/runtime/schemes/laravel-jwt.mjs

@@ -0,0 +1,6 @@
+import { RefreshScheme } from "./refresh.mjs";
+export class LaravelJWTScheme extends RefreshScheme {
+  updateTokens(response) {
+    super.updateTokens(response);
+  }
+}

package/dist/runtime/schemes/local.d.ts

@@ -0,0 +1,38 @@
+import type { EndpointsOption, SchemePartialOptions, TokenableSchemeOptions, TokenableScheme, UserOptions, HTTPRequest, HTTPResponse, SchemeCheck } from '../../types';
+import type { Auth } from '..';
+import { Token, RequestHandler } from '../inc';
+import { BaseScheme } from './base';
+export interface LocalSchemeEndpoints extends EndpointsOption {
+    login: HTTPRequest;
+    logout: HTTPRequest | false;
+    user: HTTPRequest | false;
+}
+export interface LocalSchemeOptions extends TokenableSchemeOptions {
+    endpoints: LocalSchemeEndpoints;
+    user: UserOptions;
+    clientId: string;
+    grantType: 'implicit' | 'authorization_code' | 'client_credentials' | 'password' | 'refresh_token' | 'urn:ietf:params:oauth:grant-type:device_code';
+    scope: string | string[];
+}
+export declare class LocalScheme<OptionsT extends LocalSchemeOptions = LocalSchemeOptions> extends BaseScheme<OptionsT> implements TokenableScheme<OptionsT> {
+    token: Token;
+    requestHandler: RequestHandler;
+    constructor($auth: Auth, options: SchemePartialOptions<LocalSchemeOptions>, ...defaults: SchemePartialOptions<LocalSchemeOptions>[]);
+    check(checkStatus?: boolean): SchemeCheck;
+    mounted({ tokenCallback, refreshTokenCallback }?: {
+        tokenCallback?: (() => void) | undefined;
+        refreshTokenCallback?: (() => undefined) | undefined;
+    }): Promise<HTTPResponse<any> | void>;
+    login(endpoint: HTTPRequest, { reset }?: {
+        reset?: boolean | undefined;
+    }): Promise<HTTPResponse<any> | void>;
+    setUserToken(token: string): Promise<HTTPResponse<any> | void>;
+    fetchUser(endpoint?: HTTPRequest): Promise<HTTPResponse<any> | void>;
+    logout(endpoint?: HTTPRequest): Promise<void>;
+    reset({ resetInterceptor }?: {
+        resetInterceptor?: boolean | undefined;
+    }): void;
+    protected extractToken(response: HTTPResponse<any>): string;
+    protected updateTokens(response: HTTPResponse<any>): void;
+    protected initializeRequestInterceptor(): void;
+}

package/dist/runtime/schemes/local.mjs

@@ -0,0 +1,160 @@
+import { getProp } from "../../utils";
+import { Token, RequestHandler } from "../inc/index.mjs";
+import { BaseScheme } from "./base.mjs";
+const DEFAULTS = {
+  name: "local",
+  endpoints: {
+    login: {
+      url: "/api/auth/login",
+      method: "post"
+    },
+    logout: {
+      url: "/api/auth/logout",
+      method: "post"
+    },
+    user: {
+      url: "/api/auth/user",
+      method: "get"
+    }
+  },
+  token: {
+    expiresProperty: "expires_in",
+    property: "token",
+    type: "Bearer",
+    name: "Authorization",
+    maxAge: false,
+    global: true,
+    required: true,
+    prefix: "_token.",
+    expirationPrefix: "_token_expiration."
+  },
+  user: {
+    property: "user",
+    autoFetch: true
+  },
+  clientId: void 0,
+  grantType: void 0,
+  scope: void 0
+};
+export class LocalScheme extends BaseScheme {
+  token;
+  requestHandler;
+  constructor($auth, options, ...defaults) {
+    super($auth, options, ...defaults, DEFAULTS);
+    this.token = new Token(this, this.$auth.$storage);
+    this.requestHandler = new RequestHandler(this, process.server ? this.$auth.ctx.ssrContext.event.$http : this.$auth.ctx.$http, $auth);
+  }
+  check(checkStatus = false) {
+    const response = {
+      valid: false,
+      tokenExpired: false
+    };
+    const token = this.token.sync();
+    if (!token) {
+      return response;
+    }
+    if (!checkStatus) {
+      response.valid = true;
+      return response;
+    }
+    const tokenStatus = this.token.status();
+    if (tokenStatus.expired()) {
+      response.tokenExpired = true;
+      return response;
+    }
+    response.valid = true;
+    return response;
+  }
+  mounted({ tokenCallback = () => this.$auth.reset(), refreshTokenCallback = () => void 0 } = {}) {
+    const { tokenExpired, refreshTokenExpired } = this.check(true);
+    if (refreshTokenExpired && typeof refreshTokenCallback === "function") {
+      refreshTokenCallback();
+    } else if (tokenExpired && typeof tokenCallback === "function") {
+      tokenCallback();
+    }
+    this.initializeRequestInterceptor();
+    return this.$auth.fetchUserOnce();
+  }
+  async login(endpoint, { reset = true } = {}) {
+    if (!this.options.endpoints.login) {
+      return;
+    }
+    if (reset) {
+      this.$auth.reset({ resetInterceptor: false });
+    }
+    endpoint = endpoint || {};
+    endpoint.body = endpoint.body || {};
+    if (this.options.clientId) {
+      endpoint.body.client_id = this.options.clientId;
+    }
+    if (this.options.grantType) {
+      endpoint.body.grant_type = this.options.grantType;
+    }
+    if (this.options.scope) {
+      endpoint.body.scope = this.options.scope;
+    }
+    if (this.options.ssr) {
+      endpoint.baseURL = "";
+    }
+    const response = await this.$auth.request(endpoint, this.options.endpoints.login);
+    this.updateTokens(response);
+    if (!this.requestHandler.requestInterceptor) {
+      this.initializeRequestInterceptor();
+    }
+    if (this.options.user.autoFetch) {
+      await this.fetchUser();
+    }
+    return response;
+  }
+  setUserToken(token) {
+    this.token.set(token);
+    return this.fetchUser();
+  }
+  async fetchUser(endpoint) {
+    if (!this.check().valid) {
+      return Promise.resolve();
+    }
+    if (!this.options.endpoints.user) {
+      this.$auth.setUser({});
+      return Promise.resolve();
+    }
+    return this.$auth.requestWith(endpoint, this.options.endpoints.user).then((response) => {
+      const userData = getProp(response._data, this.options.user.property);
+      if (!userData) {
+        const error = new Error(`User Data response does not contain field ${this.options.user.property}`);
+        return Promise.reject(error);
+      }
+      this.$auth.setUser(userData);
+      return response;
+    }).catch((error) => {
+      this.$auth.callOnError(error, { method: "fetchUser" });
+      return Promise.reject(error);
+    });
+  }
+  async logout(endpoint = {}) {
+    if (this.options.endpoints.logout) {
+      await this.$auth.requestWith(endpoint, this.options.endpoints.logout).catch((err) => console.error(err));
+    }
+    this.$auth.reset();
+    this.$auth.redirect("logout");
+  }
+  reset({ resetInterceptor = true } = {}) {
+    this.$auth.setUser(false);
+    this.token.reset();
+    if (resetInterceptor) {
+      this.requestHandler.reset();
+    }
+  }
+  extractToken(response) {
+    return getProp(response._data, this.options.token.property);
+  }
+  updateTokens(response) {
+    let tokenExpiresIn = false;
+    const token = this.options.token?.required ? this.extractToken(response) : true;
+    tokenExpiresIn = this.options.token?.maxAge || getProp(response._data, this.options.token.expiresProperty);
+    this.token.set(token, tokenExpiresIn);
+  }
+  initializeRequestInterceptor() {
+    this.requestHandler.initializeRequestInterceptor();
+  }
+}

package/dist/runtime/schemes/oauth2.d.ts

@@ -0,0 +1,61 @@
+import type { RefreshableScheme, SchemePartialOptions, SchemeCheck, RefreshableSchemeOptions, UserOptions, SchemeOptions, HTTPResponse, EndpointsOption, TokenableSchemeOptions } from '../../types';
+import type { IncomingMessage } from 'node:http';
+import type { Auth } from '../core';
+import { RefreshController, RequestHandler, Token, RefreshToken } from '../inc';
+import { BaseScheme } from './base';
+export interface Oauth2SchemeEndpoints extends EndpointsOption {
+    authorization: string;
+    token: string;
+    userInfo: string;
+    logout: string | false;
+}
+export interface Oauth2SchemeOptions extends SchemeOptions, TokenableSchemeOptions, RefreshableSchemeOptions {
+    endpoints: Oauth2SchemeEndpoints;
+    user: UserOptions;
+    responseMode: 'query.jwt' | 'fragment.jwt' | 'form_post.jwt' | 'jwt' | '';
+    responseType: 'code' | 'token' | 'id_token' | 'none' | string;
+    grantType: 'implicit' | 'authorization_code' | 'client_credentials' | 'password' | 'refresh_token' | 'urn:ietf:params:oauth:grant-type:device_code';
+    accessType: 'online' | 'offline';
+    redirectUri: string;
+    logoutRedirectUri: string;
+    clientId: string;
+    clientSecretTransport: 'body' | 'aurthorization_header';
+    scope: string | string[];
+    state: string;
+    codeChallengeMethod: 'implicit' | 'S256' | 'plain' | '' | false;
+    acrValues: string;
+    audience: string;
+    autoLogout: boolean;
+    clientWindow: boolean;
+    clientWindowWidth: number;
+    clientWindowHeight: number;
+    organization?: string;
+}
+export declare class Oauth2Scheme<OptionsT extends Oauth2SchemeOptions = Oauth2SchemeOptions> extends BaseScheme<OptionsT> implements RefreshableScheme {
+    #private;
+    req: IncomingMessage | undefined;
+    token: Token;
+    refreshToken: RefreshToken;
+    refreshController: RefreshController;
+    requestHandler: RequestHandler;
+    constructor($auth: Auth, options: SchemePartialOptions<Oauth2SchemeOptions>, ...defaults: SchemePartialOptions<Oauth2SchemeOptions>[]);
+    protected get scope(): string;
+    protected get redirectURI(): string;
+    protected get logoutRedirectURI(): string;
+    check(checkStatus?: boolean): SchemeCheck;
+    mounted(): Promise<HTTPResponse<any> | void>;
+    reset(): void;
+    login(options?: {
+        state?: string;
+        params?: any;
+        nonce?: string;
+    }): Promise<void>;
+    clientWindowCallback(event: MessageEvent): void;
+    clientWindowFeatures(clientWindowWidth: number, clientWindowHeight: number): string;
+    logout(): void;
+    fetchUser(): Promise<void>;
+    refreshTokens(): Promise<HTTPResponse<any> | void>;
+    protected updateTokens(response: HTTPResponse<any>): void;
+    protected pkceChallengeFromVerifier(v: string, hashValue: boolean): Promise<string>;
+    generateRandomString(): string;
+}