payload-zitadel-plugin 0.2.11 → 0.2.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/handlers/authorize.d.ts.map +1 -1
- package/dist/handlers/authorize.js +5 -7
- package/dist/handlers/authorize.js.map +1 -1
- package/dist/handlers/callback.d.ts +2 -1
- package/dist/handlers/callback.d.ts.map +1 -1
- package/dist/handlers/callback.js +36 -47
- package/dist/handlers/callback.js.map +1 -1
- package/dist/handlers/index.d.ts +0 -1
- package/dist/handlers/index.d.ts.map +1 -1
- package/dist/handlers/index.js +0 -1
- package/dist/handlers/index.js.map +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -7
- package/dist/index.js.map +1 -1
- package/dist/types.d.ts +3 -2
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js.map +1 -1
- package/package.json +4 -4
- package/dist/handlers/redirect.d.ts +0 -4
- package/dist/handlers/redirect.d.ts.map +0 -1
- package/dist/handlers/redirect.js +0 -10
- package/dist/handlers/redirect.js.map +0 -1
package/README.md
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authorize.d.ts","sourceRoot":"","sources":["../../src/handlers/authorize.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"authorize.d.ts","sourceRoot":"","sources":["../../src/handlers/authorize.ts"],"names":[],"mappings":"AAGA,OAAO,EAAC,cAAc,EAAC,MAAM,SAAS,CAAA;AAMtC,eAAO,MAAM,SAAS,EAAE,cA4BvB,CAAA"}
|
|
@@ -1,10 +1,12 @@
|
|
|
1
1
|
'use server';
|
|
2
|
-
import { cookies } from 'next/headers.js';
|
|
3
2
|
import process from 'node:process';
|
|
4
3
|
import { NextResponse } from 'next/server.js';
|
|
5
4
|
import { COOKIES } from '../constants.js';
|
|
6
|
-
|
|
5
|
+
import { cookies } from 'next/headers.js';
|
|
6
|
+
export const authorize = async ({ searchParams, payload: { config } })=>{
|
|
7
|
+
const { admin: { custom: { zitadel: { issuerURL, clientId, callbackURL } } } } = config;
|
|
7
8
|
const code_verifier = Buffer.from(crypto.getRandomValues(new Uint8Array(24))).toString('base64url');
|
|
9
|
+
const code_challenge = Buffer.from(await crypto.subtle.digest('SHA-256', new TextEncoder().encode(code_verifier))).toString('base64url');
|
|
8
10
|
cookies().set({
|
|
9
11
|
name: COOKIES.pkce,
|
|
10
12
|
value: code_verifier,
|
|
@@ -14,17 +16,13 @@ const genCodeChallenge = async ()=>{
|
|
|
14
16
|
maxAge: 300,
|
|
15
17
|
secure: process.env.NODE_ENV == 'production'
|
|
16
18
|
});
|
|
17
|
-
return Buffer.from(await crypto.subtle.digest('SHA-256', new TextEncoder().encode(code_verifier))).toString('base64url');
|
|
18
|
-
};
|
|
19
|
-
export const authorize = async ({ searchParams, payload: { config } })=>{
|
|
20
|
-
const { admin: { custom: { zitadel: { issuerURL, clientId, callbackURL } } } } = config;
|
|
21
19
|
return NextResponse.redirect(`${issuerURL}/oauth/v2/authorize?${new URLSearchParams({
|
|
22
20
|
client_id: clientId,
|
|
23
21
|
redirect_uri: callbackURL,
|
|
24
22
|
response_type: 'code',
|
|
25
23
|
scope: 'openid email profile',
|
|
26
24
|
state: btoa(searchParams.toString()),
|
|
27
|
-
code_challenge
|
|
25
|
+
code_challenge,
|
|
28
26
|
code_challenge_method: 'S256'
|
|
29
27
|
})}`);
|
|
30
28
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/handlers/authorize.ts"],"sourcesContent":["'use server'\n\nimport
|
|
1
|
+
{"version":3,"sources":["../../src/handlers/authorize.ts"],"sourcesContent":["'use server'\n\nimport process from 'node:process'\nimport {PayloadHandler} from 'payload'\nimport {NextResponse} from 'next/server.js'\nimport {PayloadConfigWithZitadel} from '../types.js'\nimport {COOKIES} from '../constants.js'\nimport {cookies} from 'next/headers.js'\n\nexport const authorize: PayloadHandler = async ({searchParams, payload: {config}}) => {\n\n const {admin: {custom: {zitadel: {issuerURL, clientId, callbackURL}}}} = config as PayloadConfigWithZitadel\n\n const code_verifier = Buffer.from(crypto.getRandomValues(new Uint8Array(24))).toString('base64url')\n\n const code_challenge = Buffer.from(await crypto.subtle.digest('SHA-256', new TextEncoder().encode(code_verifier))).toString('base64url')\n\n cookies().set({\n name: COOKIES.pkce,\n value: code_verifier,\n httpOnly: true,\n sameSite: 'lax',\n path: '/',\n maxAge: 300,\n secure: process.env.NODE_ENV == 'production'\n })\n\n return NextResponse.redirect(`${issuerURL}/oauth/v2/authorize?${new URLSearchParams({\n client_id: clientId,\n redirect_uri: callbackURL,\n response_type: 'code',\n scope: 'openid email profile',\n state: btoa(searchParams.toString()),\n code_challenge,\n code_challenge_method: 'S256'\n })}`)\n\n}\n"],"names":["process","NextResponse","COOKIES","cookies","authorize","searchParams","payload","config","admin","custom","zitadel","issuerURL","clientId","callbackURL","code_verifier","Buffer","from","crypto","getRandomValues","Uint8Array","toString","code_challenge","subtle","digest","TextEncoder","encode","set","name","pkce","value","httpOnly","sameSite","path","maxAge","secure","env","NODE_ENV","redirect","URLSearchParams","client_id","redirect_uri","response_type","scope","state","btoa","code_challenge_method"],"mappings":"AAAA;AAEA,OAAOA,aAAa,eAAc;AAElC,SAAQC,YAAY,QAAO,iBAAgB;AAE3C,SAAQC,OAAO,QAAO,kBAAiB;AACvC,SAAQC,OAAO,QAAO,kBAAiB;AAEvC,OAAO,MAAMC,YAA4B,OAAO,EAACC,YAAY,EAAEC,SAAS,EAACC,MAAM,EAAC,EAAC;IAE7E,MAAM,EAACC,OAAO,EAACC,QAAQ,EAACC,SAAS,EAACC,SAAS,EAAEC,QAAQ,EAAEC,WAAW,EAAC,EAAC,EAAC,EAAC,GAAGN;IAEzE,MAAMO,gBAAgBC,OAAOC,IAAI,CAACC,OAAOC,eAAe,CAAC,IAAIC,WAAW,MAAMC,QAAQ,CAAC;IAEvF,MAAMC,iBAAiBN,OAAOC,IAAI,CAAC,MAAMC,OAAOK,MAAM,CAACC,MAAM,CAAC,WAAW,IAAIC,cAAcC,MAAM,CAACX,iBAAiBM,QAAQ,CAAC;IAE5HjB,UAAUuB,GAAG,CAAC;QACVC,MAAMzB,QAAQ0B,IAAI;QAClBC,OAAOf;QACPgB,UAAU;QACVC,UAAU;QACVC,MAAM;QACNC,QAAQ;QACRC,QAAQlC,QAAQmC,GAAG,CAACC,QAAQ,IAAI;IACpC;IAEA,OAAOnC,aAAaoC,QAAQ,CAAC,CAAC,EAAE1B,UAAU,oBAAoB,EAAE,IAAI2B,gBAAgB;QAChFC,WAAW3B;QACX4B,cAAc3B;QACd4B,eAAe;QACfC,OAAO;QACPC,OAAOC,KAAKvC,aAAae,QAAQ;QACjCC;QACAwB,uBAAuB;IAC3B,GAAG,CAAC;AAER,EAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"callback.d.ts","sourceRoot":"","sources":["../../src/handlers/callback.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,cAAc,EAAC,MAAM,SAAS,CAAA;
|
|
1
|
+
{"version":3,"file":"callback.d.ts","sourceRoot":"","sources":["../../src/handlers/callback.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,cAAc,EAAC,MAAM,SAAS,CAAA;AAItC,OAAO,EAA2C,gBAAgB,EAAC,MAAM,aAAa,CAAA;AAGtF,eAAO,MAAM,QAAQ,cAAe,gBAAgB,KAAG,cAiEtD,CAAA"}
|
|
@@ -1,62 +1,51 @@
|
|
|
1
1
|
import { cookies } from 'next/headers.js';
|
|
2
2
|
import process from 'node:process';
|
|
3
3
|
import jwt from 'jsonwebtoken';
|
|
4
|
-
import { NextResponse } from 'next/server.js';
|
|
5
4
|
import { COOKIES } from '../constants.js';
|
|
6
|
-
export const callback = async ({ payload: { config, secret },
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
path: '/',
|
|
40
|
-
sameSite: 'lax',
|
|
41
|
-
maxAge: 300,
|
|
42
|
-
secure: process.env.NODE_ENV == 'production'
|
|
5
|
+
export const callback = (onSuccess)=>async ({ payload: { config, secret }, query: { code, state } })=>{
|
|
6
|
+
const { admin: { custom: { zitadel: { issuerURL, clientId, callbackURL } } } } = config;
|
|
7
|
+
const cookieStore = cookies();
|
|
8
|
+
const code_verifier = cookieStore.get(COOKIES.pkce)?.value;
|
|
9
|
+
if (code_verifier) {
|
|
10
|
+
const response = await fetch(new URL(`${issuerURL}/oauth/v2/token`), {
|
|
11
|
+
method: 'POST',
|
|
12
|
+
body: new URLSearchParams({
|
|
13
|
+
grant_type: 'authorization_code',
|
|
14
|
+
code: code,
|
|
15
|
+
redirect_uri: callbackURL,
|
|
16
|
+
client_id: clientId,
|
|
17
|
+
code_verifier
|
|
18
|
+
})
|
|
19
|
+
});
|
|
20
|
+
if (response.ok) {
|
|
21
|
+
const { id_token } = await response.json();
|
|
22
|
+
if (id_token) {
|
|
23
|
+
cookieStore.delete(COOKIES.pkce);
|
|
24
|
+
cookieStore.set({
|
|
25
|
+
name: COOKIES.idToken,
|
|
26
|
+
value: jwt.sign(jwt.decode(id_token), secret),
|
|
27
|
+
httpOnly: true,
|
|
28
|
+
path: '/',
|
|
29
|
+
sameSite: 'lax',
|
|
30
|
+
maxAge: 900,
|
|
31
|
+
secure: process.env.NODE_ENV == 'production'
|
|
32
|
+
});
|
|
33
|
+
return onSuccess(new URLSearchParams(atob(state ?? '')));
|
|
34
|
+
}
|
|
35
|
+
return Response.json({
|
|
36
|
+
status: 'error',
|
|
37
|
+
message: 'token could not be retrieved from the response'
|
|
43
38
|
});
|
|
44
|
-
return response;
|
|
45
39
|
}
|
|
46
40
|
return Response.json({
|
|
47
41
|
status: 'error',
|
|
48
|
-
message: '
|
|
42
|
+
message: 'error while communicating with token endpoint'
|
|
49
43
|
});
|
|
50
44
|
}
|
|
51
45
|
return Response.json({
|
|
52
46
|
status: 'error',
|
|
53
|
-
message: '
|
|
47
|
+
message: 'code verifier not found (associated http-only cookie is empty)'
|
|
54
48
|
});
|
|
55
|
-
}
|
|
56
|
-
return Response.json({
|
|
57
|
-
status: 'error',
|
|
58
|
-
message: 'code verifier not found (associated http-only cookie is empty)'
|
|
59
|
-
});
|
|
60
|
-
};
|
|
49
|
+
};
|
|
61
50
|
|
|
62
51
|
//# sourceMappingURL=callback.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/handlers/callback.ts"],"sourcesContent":["import {PayloadHandler} from 'payload'\nimport {cookies} from 'next/headers.js'\nimport process from 'node:process'\nimport jwt from 'jsonwebtoken'\nimport {PayloadConfigWithZitadel, ZitadelIdToken} from '../types.js'\nimport {
|
|
1
|
+
{"version":3,"sources":["../../src/handlers/callback.ts"],"sourcesContent":["import {PayloadHandler} from 'payload'\nimport {cookies} from 'next/headers.js'\nimport process from 'node:process'\nimport jwt from 'jsonwebtoken'\nimport {PayloadConfigWithZitadel, ZitadelIdToken, ZitadelOnSuccess} from '../types.js'\nimport {COOKIES} from '../constants.js'\n\nexport const callback = (onSuccess: ZitadelOnSuccess): PayloadHandler => async ({\n payload: {config, secret},\n query: {code, state}\n }) => {\n\n const {admin: {custom: {zitadel: {issuerURL, clientId, callbackURL}}}} = config as PayloadConfigWithZitadel\n\n const cookieStore = cookies()\n\n const code_verifier = cookieStore.get(COOKIES.pkce)?.value\n\n if (code_verifier) {\n\n const response = await fetch(new URL(`${issuerURL}/oauth/v2/token`), {\n method: 'POST',\n body: new URLSearchParams({\n grant_type: 'authorization_code',\n code: code as string,\n redirect_uri: callbackURL,\n client_id: clientId,\n code_verifier\n })\n })\n\n if (response.ok) {\n\n const {id_token} = await response.json()\n\n if (id_token) {\n\n cookieStore.delete(COOKIES.pkce)\n\n cookieStore.set({\n name: COOKIES.idToken,\n value: jwt.sign(jwt.decode(id_token) as ZitadelIdToken, secret),\n httpOnly: true,\n path: '/',\n sameSite: 'lax',\n maxAge: 900,\n secure: process.env.NODE_ENV == 'production'\n })\n\n return onSuccess(new URLSearchParams(atob(state as string ?? '')))\n\n }\n\n return Response.json({\n status: 'error',\n message: 'token could not be retrieved from the response'\n })\n\n }\n\n return Response.json({\n status: 'error',\n message: 'error while communicating with token endpoint'\n })\n\n }\n\n return Response.json({\n status: 'error',\n message: 'code verifier not found (associated http-only cookie is empty)'\n })\n\n}"],"names":["cookies","process","jwt","COOKIES","callback","onSuccess","payload","config","secret","query","code","state","admin","custom","zitadel","issuerURL","clientId","callbackURL","cookieStore","code_verifier","get","pkce","value","response","fetch","URL","method","body","URLSearchParams","grant_type","redirect_uri","client_id","ok","id_token","json","delete","set","name","idToken","sign","decode","httpOnly","path","sameSite","maxAge","secure","env","NODE_ENV","atob","Response","status","message"],"mappings":"AACA,SAAQA,OAAO,QAAO,kBAAiB;AACvC,OAAOC,aAAa,eAAc;AAClC,OAAOC,SAAS,eAAc;AAE9B,SAAQC,OAAO,QAAO,kBAAiB;AAEvC,OAAO,MAAMC,WAAW,CAACC,YAAgD,OAAO,EACIC,SAAS,EAACC,MAAM,EAAEC,MAAM,EAAC,EACzBC,OAAO,EAACC,IAAI,EAAEC,KAAK,EAAC,EACvB;QAE7E,MAAM,EAACC,OAAO,EAACC,QAAQ,EAACC,SAAS,EAACC,SAAS,EAAEC,QAAQ,EAAEC,WAAW,EAAC,EAAC,EAAC,EAAC,GAAGV;QAEzE,MAAMW,cAAclB;QAEpB,MAAMmB,gBAAgBD,YAAYE,GAAG,CAACjB,QAAQkB,IAAI,GAAGC;QAErD,IAAIH,eAAe;YAEf,MAAMI,WAAW,MAAMC,MAAM,IAAIC,IAAI,CAAC,EAAEV,UAAU,eAAe,CAAC,GAAG;gBACjEW,QAAQ;gBACRC,MAAM,IAAIC,gBAAgB;oBACtBC,YAAY;oBACZnB,MAAMA;oBACNoB,cAAcb;oBACdc,WAAWf;oBACXG;gBACJ;YACJ;YAEA,IAAII,SAASS,EAAE,EAAE;gBAEb,MAAM,EAACC,QAAQ,EAAC,GAAG,MAAMV,SAASW,IAAI;gBAEtC,IAAID,UAAU;oBAEVf,YAAYiB,MAAM,CAAChC,QAAQkB,IAAI;oBAE/BH,YAAYkB,GAAG,CAAC;wBACZC,MAAMlC,QAAQmC,OAAO;wBACrBhB,OAAOpB,IAAIqC,IAAI,CAACrC,IAAIsC,MAAM,CAACP,WAA6BzB;wBACxDiC,UAAU;wBACVC,MAAM;wBACNC,UAAU;wBACVC,QAAQ;wBACRC,QAAQ5C,QAAQ6C,GAAG,CAACC,QAAQ,IAAI;oBACpC;oBAEA,OAAO1C,UAAU,IAAIuB,gBAAgBoB,KAAKrC,SAAmB;gBAEjE;gBAEA,OAAOsC,SAASf,IAAI,CAAC;oBACjBgB,QAAQ;oBACRC,SAAS;gBACb;YAEJ;YAEA,OAAOF,SAASf,IAAI,CAAC;gBACjBgB,QAAQ;gBACRC,SAAS;YACb;QAEJ;QAEA,OAAOF,SAASf,IAAI,CAAC;YACjBgB,QAAQ;YACRC,SAAS;QACb;IAEJ,EAAC"}
|
package/dist/handlers/index.d.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/handlers/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,SAAS,EAAC,MAAM,gBAAgB,CAAA;AACxC,OAAO,EAAC,QAAQ,EAAC,MAAM,eAAe,CAAA
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/handlers/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,SAAS,EAAC,MAAM,gBAAgB,CAAA;AACxC,OAAO,EAAC,QAAQ,EAAC,MAAM,eAAe,CAAA"}
|
package/dist/handlers/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/handlers/index.ts"],"sourcesContent":["export {authorize} from './authorize.js'\nexport {callback} from './callback.js'
|
|
1
|
+
{"version":3,"sources":["../../src/handlers/index.ts"],"sourcesContent":["export {authorize} from './authorize.js'\nexport {callback} from './callback.js'"],"names":["authorize","callback"],"mappings":"AAAA,SAAQA,SAAS,QAAO,iBAAgB;AACxC,SAAQC,QAAQ,QAAO,gBAAe"}
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAKA,OAAO,EAA6C,iBAAiB,EAAC,MAAM,YAAY,CAAA;AAIxF,OAAO,EAAC,cAAc,EAAC,MAAM,kBAAkB,CAAA;AAE/C,eAAO,MAAM,aAAa,EAAE,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAKA,OAAO,EAA6C,iBAAiB,EAAC,MAAM,YAAY,CAAA;AAIxF,OAAO,EAAC,cAAc,EAAC,MAAM,kBAAkB,CAAA;AAE/C,eAAO,MAAM,aAAa,EAAE,iBAqM3B,CAAA"}
|
package/dist/index.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { cookies } from 'next/headers.js';
|
|
2
2
|
import { Avatar, LoginButton } from './components/index.js';
|
|
3
3
|
import { COOKIES, DEFAULT_CONFIG, DELETE_ME_USER, ERROR_MESSAGES, ROUTES } from './constants.js';
|
|
4
|
-
import { authorize, callback
|
|
4
|
+
import { authorize, callback } from './handlers/index.js';
|
|
5
5
|
import { zitadelStrategy } from './strategy.js';
|
|
6
6
|
import { translations } from './translations.js';
|
|
7
7
|
import { NextResponse } from 'next/server.js';
|
|
@@ -105,12 +105,7 @@ export const ZitadelPlugin = ({ associatedIdFieldName = DEFAULT_CONFIG.associate
|
|
|
105
105
|
{
|
|
106
106
|
path: ROUTES.callback,
|
|
107
107
|
method: 'get',
|
|
108
|
-
handler: callback
|
|
109
|
-
},
|
|
110
|
-
{
|
|
111
|
-
path: ROUTES.redirect,
|
|
112
|
-
method: 'get',
|
|
113
|
-
handler: redirect(onSuccess ?? defaultOnSuccess)
|
|
108
|
+
handler: callback(onSuccess ?? defaultOnSuccess)
|
|
114
109
|
}
|
|
115
110
|
],
|
|
116
111
|
fields: [
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts"],"sourcesContent":["import {cookies} from 'next/headers.js'\nimport {Avatar, LoginButton} from './components/index.js'\nimport {COOKIES, DEFAULT_CONFIG, DELETE_ME_USER, ERROR_MESSAGES, ROUTES} from './constants.js'\nimport {authorize, callback, redirect} from './handlers/index.js'\nimport {zitadelStrategy} from './strategy.js'\nimport {PayloadConfigWithZitadel, ZitadelOnSuccess, ZitadelPluginType} from './types.js'\nimport {translations} from './translations.js'\nimport {NextResponse} from 'next/server.js'\n\nexport {getCurrentUser} from './utils/index.js'\n\nexport const ZitadelPlugin: ZitadelPluginType = ({\n associatedIdFieldName = DEFAULT_CONFIG.associatedIdFieldName,\n disableAvatar,\n disableDefaultLoginButton,\n strategyName = DEFAULT_CONFIG.strategyName,\n label = DEFAULT_CONFIG.label,\n issuerURL,\n clientId,\n enableAPI,\n apiClientId,\n apiKeyId,\n apiKey,\n onSuccess\n }) => {\n\n if (!issuerURL)\n throw new Error(ERROR_MESSAGES.issuerURL)\n if (!clientId)\n throw new Error(ERROR_MESSAGES.clientId)\n if (enableAPI) {\n if (!apiClientId)\n throw new Error(ERROR_MESSAGES.apiClientId)\n if (!apiKeyId)\n throw new Error(ERROR_MESSAGES.apiKey)\n if (!apiKey)\n throw new Error(ERROR_MESSAGES.apiKey)\n }\n\n return (incomingConfig) => {\n\n const serverURL = incomingConfig.serverURL ?? 'http://localhost'\n\n const authSlug = incomingConfig.admin?.user ?? 'users'\n\n const authBaseURL = `${serverURL}/api/${authSlug}`\n\n const defaultOnSuccess: ZitadelOnSuccess = (state) =>\n NextResponse.redirect(serverURL + (state.get('redirect') ?? ''))\n\n return {\n ...incomingConfig,\n admin: {\n ...incomingConfig.admin,\n ...(disableAvatar ? {} : {avatar: Avatar}),\n components: {\n ...incomingConfig.admin?.components,\n afterLogin: [\n ...incomingConfig.admin?.components?.afterLogin || [],\n ...(disableDefaultLoginButton ? [] : [LoginButton])\n ]\n },\n custom: {\n zitadel: {\n issuerURL,\n clientId,\n label,\n authorizeURL: authBaseURL + ROUTES.authorize,\n callbackURL: authBaseURL + ROUTES.callback\n }\n }\n },\n collections: (incomingConfig.collections || []).map((collection) => {\n\n const authConfig = typeof collection.auth == 'boolean' ? {} : collection.auth\n\n return {\n ...collection,\n ...collection.slug == authSlug ? {\n auth: {\n ...authConfig,\n disableLocalStrategy: true,\n strategies: [\n ...authConfig?.strategies ?? [],\n zitadelStrategy({\n authSlug,\n associatedIdFieldName,\n strategyName: strategyName,\n issuerURL: issuerURL as string,\n clientId: clientId as string,\n ...(enableAPI ? {\n enableAPI: true,\n apiClientId: apiClientId!,\n apiKeyId: apiClientId!,\n apiKey: apiKey!\n } : {enableAPI: undefined})\n })\n ]\n },\n hooks: {\n afterLogout: [() => cookies().delete(COOKIES.idToken)],\n\n // current work around (see onInit)\n afterChange: [async ({req}) => {\n const response = await req.payload.find({collection: authSlug})\n // to minimize unnecessary checks after the first two real users\n if (response.totalDocs == 2) {\n await req.payload.delete({\n collection: authSlug,\n where: {\n [associatedIdFieldName]: {\n equals: DELETE_ME_USER.associatedId\n }\n }\n })\n }\n }]\n\n },\n endpoints: [\n {\n path: ROUTES.authorize,\n method: 'get',\n handler: authorize\n },\n {\n path: ROUTES.callback,\n method: 'get',\n handler: callback\n },\n {\n path: ROUTES.redirect,\n method: 'get',\n handler: redirect(onSuccess ?? defaultOnSuccess)\n }\n ],\n fields: [\n ...collection.fields,\n {\n name: associatedIdFieldName,\n type: 'text',\n admin: {\n readOnly: true\n },\n unique: true,\n required: true\n },\n {\n name: 'email',\n type: 'email',\n admin: {\n readOnly: true\n }\n },\n {\n name: 'name',\n type: 'text',\n admin: {\n readOnly: true\n }\n },\n {\n name: 'image',\n type: 'text',\n admin: {\n readOnly: true\n }\n }\n ]\n } : {}\n }\n }),\n\n // current work around on creating a non-functional first user, which will be deleted after first login\n async onInit(payload) {\n if (incomingConfig.onInit)\n await incomingConfig.onInit(payload)\n\n const existingUsers = await payload.find({\n collection: authSlug,\n limit: 1\n })\n\n if (existingUsers.docs.length === 0) {\n await payload.create({\n collection: authSlug,\n data: {\n email: DELETE_ME_USER.email,\n password: DELETE_ME_USER.password,\n [associatedIdFieldName]: DELETE_ME_USER.associatedId\n }\n })\n }\n },\n\n i18n: {\n ...incomingConfig.i18n,\n translations: {\n ...incomingConfig.i18n?.translations,\n de: {\n ...incomingConfig.i18n?.translations?.de,\n ...translations.de\n },\n en: {\n ...incomingConfig.i18n?.translations?.en,\n ...translations.en\n }\n }\n }\n } satisfies PayloadConfigWithZitadel\n\n }\n\n}"],"names":["cookies","Avatar","LoginButton","COOKIES","DEFAULT_CONFIG","DELETE_ME_USER","ERROR_MESSAGES","ROUTES","authorize","callback","redirect","zitadelStrategy","translations","NextResponse","getCurrentUser","ZitadelPlugin","associatedIdFieldName","disableAvatar","disableDefaultLoginButton","strategyName","label","issuerURL","clientId","enableAPI","apiClientId","apiKeyId","apiKey","onSuccess","Error","incomingConfig","serverURL","authSlug","admin","user","authBaseURL","defaultOnSuccess","state","get","avatar","components","afterLogin","custom","zitadel","authorizeURL","callbackURL","collections","map","collection","authConfig","auth","slug","disableLocalStrategy","strategies","undefined","hooks","afterLogout","delete","idToken","afterChange","req","response","payload","find","totalDocs","where","equals","associatedId","endpoints","path","method","handler","fields","name","type","readOnly","unique","required","onInit","existingUsers","limit","docs","length","create","data","email","password","i18n","de","en"],"mappings":"AAAA,SAAQA,OAAO,QAAO,kBAAiB;AACvC,SAAQC,MAAM,EAAEC,WAAW,QAAO,wBAAuB;AACzD,SAAQC,OAAO,EAAEC,cAAc,EAAEC,cAAc,EAAEC,cAAc,EAAEC,MAAM,QAAO,iBAAgB;AAC9F,SAAQC,SAAS,EAAEC,QAAQ,EAAEC,QAAQ,QAAO,sBAAqB;AACjE,SAAQC,eAAe,QAAO,gBAAe;AAE7C,SAAQC,YAAY,QAAO,oBAAmB;AAC9C,SAAQC,YAAY,QAAO,iBAAgB;AAE3C,SAAQC,cAAc,QAAO,mBAAkB;AAE/C,OAAO,MAAMC,gBAAmC,CAAC,EACIC,wBAAwBZ,eAAeY,qBAAqB,EAC5DC,aAAa,EACbC,yBAAyB,EACzBC,eAAef,eAAee,YAAY,EAC1CC,QAAQhB,eAAegB,KAAK,EAC5BC,SAAS,EACTC,QAAQ,EACRC,SAAS,EACTC,WAAW,EACXC,QAAQ,EACRC,MAAM,EACNC,SAAS,EACZ;IAE9C,IAAI,CAACN,WACD,MAAM,IAAIO,MAAMtB,eAAee,SAAS;IAC5C,IAAI,CAACC,UACD,MAAM,IAAIM,MAAMtB,eAAegB,QAAQ;IAC3C,IAAIC,WAAW;QACX,IAAI,CAACC,aACD,MAAM,IAAII,MAAMtB,eAAekB,WAAW;QAC9C,IAAI,CAACC,UACD,MAAM,IAAIG,MAAMtB,eAAeoB,MAAM;QACzC,IAAI,CAACA,QACD,MAAM,IAAIE,MAAMtB,eAAeoB,MAAM;IAC7C;IAEA,OAAO,CAACG;QAEJ,MAAMC,YAAYD,eAAeC,SAAS,IAAI;QAE9C,MAAMC,WAAWF,eAAeG,KAAK,EAAEC,QAAQ;QAE/C,MAAMC,cAAc,CAAC,EAAEJ,UAAU,KAAK,EAAEC,SAAS,CAAC;QAElD,MAAMI,mBAAqC,CAACC,QACxCvB,aAAaH,QAAQ,CAACoB,YAAaM,CAAAA,MAAMC,GAAG,CAAC,eAAe,EAAC;QAEjE,OAAO;YACH,GAAGR,cAAc;YACjBG,OAAO;gBACH,GAAGH,eAAeG,KAAK;gBACvB,GAAIf,gBAAgB,CAAC,IAAI;oBAACqB,QAAQrC;gBAAM,CAAC;gBACzCsC,YAAY;oBACR,GAAGV,eAAeG,KAAK,EAAEO,UAAU;oBACnCC,YAAY;2BACLX,eAAeG,KAAK,EAAEO,YAAYC,cAAc,EAAE;2BACjDtB,4BAA4B,EAAE,GAAG;4BAAChB;yBAAY;qBACrD;gBACL;gBACAuC,QAAQ;oBACJC,SAAS;wBACLrB;wBACAC;wBACAF;wBACAuB,cAAcT,cAAc3B,OAAOC,SAAS;wBAC5CoC,aAAaV,cAAc3B,OAAOE,QAAQ;oBAC9C;gBACJ;YACJ;YACAoC,aAAa,AAAChB,CAAAA,eAAegB,WAAW,IAAI,EAAE,AAAD,EAAGC,GAAG,CAAC,CAACC;gBAEjD,MAAMC,aAAa,OAAOD,WAAWE,IAAI,IAAI,YAAY,CAAC,IAAIF,WAAWE,IAAI;gBAE7E,OAAO;oBACH,GAAGF,UAAU;oBACb,GAAGA,WAAWG,IAAI,IAAInB,WAAW;wBAC7BkB,MAAM;4BACF,GAAGD,UAAU;4BACbG,sBAAsB;4BACtBC,YAAY;mCACLJ,YAAYI,cAAc,EAAE;gCAC/BzC,gBAAgB;oCACZoB;oCACAf;oCACAG,cAAcA;oCACdE,WAAWA;oCACXC,UAAUA;oCACV,GAAIC,YAAY;wCACZA,WAAW;wCACXC,aAAaA;wCACbC,UAAUD;wCACVE,QAAQA;oCACZ,IAAI;wCAACH,WAAW8B;oCAAS,CAAC;gCAC9B;6BACH;wBACL;wBACAC,OAAO;4BACHC,aAAa;gCAAC,IAAMvD,UAAUwD,MAAM,CAACrD,QAAQsD,OAAO;6BAAE;4BAEtD,mCAAmC;4BACnCC,aAAa;gCAAC,OAAO,EAACC,GAAG,EAAC;oCACtB,MAAMC,WAAW,MAAMD,IAAIE,OAAO,CAACC,IAAI,CAAC;wCAACf,YAAYhB;oCAAQ;oCAC7D,gEAAgE;oCAChE,IAAI6B,SAASG,SAAS,IAAI,GAAG;wCACzB,MAAMJ,IAAIE,OAAO,CAACL,MAAM,CAAC;4CACrBT,YAAYhB;4CACZiC,OAAO;gDACH,CAAChD,sBAAsB,EAAE;oDACrBiD,QAAQ5D,eAAe6D,YAAY;gDACvC;4CACJ;wCACJ;oCACJ;gCACJ;6BAAE;wBAEN;wBACAC,WAAW;4BACP;gCACIC,MAAM7D,OAAOC,SAAS;gCACtB6D,QAAQ;gCACRC,SAAS9D;4BACb;4BACA;gCACI4D,MAAM7D,OAAOE,QAAQ;gCACrB4D,QAAQ;gCACRC,SAAS7D;4BACb;4BACA;gCACI2D,MAAM7D,OAAOG,QAAQ;gCACrB2D,QAAQ;gCACRC,SAAS5D,SAASiB,aAAaQ;4BACnC;yBACH;wBACDoC,QAAQ;+BACDxB,WAAWwB,MAAM;4BACpB;gCACIC,MAAMxD;gCACNyD,MAAM;gCACNzC,OAAO;oCACH0C,UAAU;gCACd;gCACAC,QAAQ;gCACRC,UAAU;4BACd;4BACA;gCACIJ,MAAM;gCACNC,MAAM;gCACNzC,OAAO;oCACH0C,UAAU;gCACd;4BACJ;4BACA;gCACIF,MAAM;gCACNC,MAAM;gCACNzC,OAAO;oCACH0C,UAAU;gCACd;4BACJ;4BACA;gCACIF,MAAM;gCACNC,MAAM;gCACNzC,OAAO;oCACH0C,UAAU;gCACd;4BACJ;yBACH;oBACL,IAAI,CAAC,CAAC;gBACV;YACJ;YAEA,uGAAuG;YACvG,MAAMG,QAAOhB,OAAO;gBAChB,IAAIhC,eAAegD,MAAM,EACrB,MAAMhD,eAAegD,MAAM,CAAChB;gBAEhC,MAAMiB,gBAAgB,MAAMjB,QAAQC,IAAI,CAAC;oBACrCf,YAAYhB;oBACZgD,OAAO;gBACX;gBAEA,IAAID,cAAcE,IAAI,CAACC,MAAM,KAAK,GAAG;oBACjC,MAAMpB,QAAQqB,MAAM,CAAC;wBACjBnC,YAAYhB;wBACZoD,MAAM;4BACFC,OAAO/E,eAAe+E,KAAK;4BAC3BC,UAAUhF,eAAegF,QAAQ;4BACjC,CAACrE,sBAAsB,EAAEX,eAAe6D,YAAY;wBACxD;oBACJ;gBACJ;YACJ;YAEAoB,MAAM;gBACF,GAAGzD,eAAeyD,IAAI;gBACtB1E,cAAc;oBACV,GAAGiB,eAAeyD,IAAI,EAAE1E,YAAY;oBACpC2E,IAAI;wBACA,GAAG1D,eAAeyD,IAAI,EAAE1E,cAAc2E,EAAE;wBACxC,GAAG3E,aAAa2E,EAAE;oBACtB;oBACAC,IAAI;wBACA,GAAG3D,eAAeyD,IAAI,EAAE1E,cAAc4E,EAAE;wBACxC,GAAG5E,aAAa4E,EAAE;oBACtB;gBACJ;YACJ;QACJ;IAEJ;AAEJ,EAAC"}
|
|
1
|
+
{"version":3,"sources":["../src/index.ts"],"sourcesContent":["import {cookies} from 'next/headers.js'\nimport {Avatar, LoginButton} from './components/index.js'\nimport {COOKIES, DEFAULT_CONFIG, DELETE_ME_USER, ERROR_MESSAGES, ROUTES} from './constants.js'\nimport {authorize, callback} from './handlers/index.js'\nimport {zitadelStrategy} from './strategy.js'\nimport {PayloadConfigWithZitadel, ZitadelOnSuccess, ZitadelPluginType} from './types.js'\nimport {translations} from './translations.js'\nimport {NextResponse} from 'next/server.js'\n\nexport {getCurrentUser} from './utils/index.js'\n\nexport const ZitadelPlugin: ZitadelPluginType = ({\n associatedIdFieldName = DEFAULT_CONFIG.associatedIdFieldName,\n disableAvatar,\n disableDefaultLoginButton,\n strategyName = DEFAULT_CONFIG.strategyName,\n label = DEFAULT_CONFIG.label,\n issuerURL,\n clientId,\n enableAPI,\n apiClientId,\n apiKeyId,\n apiKey,\n onSuccess\n }) => {\n\n if (!issuerURL)\n throw new Error(ERROR_MESSAGES.issuerURL)\n if (!clientId)\n throw new Error(ERROR_MESSAGES.clientId)\n if (enableAPI) {\n if (!apiClientId)\n throw new Error(ERROR_MESSAGES.apiClientId)\n if (!apiKeyId)\n throw new Error(ERROR_MESSAGES.apiKey)\n if (!apiKey)\n throw new Error(ERROR_MESSAGES.apiKey)\n }\n\n return (incomingConfig) => {\n\n const serverURL = incomingConfig.serverURL ?? 'http://localhost'\n\n const authSlug = incomingConfig.admin?.user ?? 'users'\n\n const authBaseURL = `${serverURL}/api/${authSlug}`\n\n const defaultOnSuccess: ZitadelOnSuccess = (state) =>\n NextResponse.redirect(serverURL + (state.get('redirect') ?? ''))\n\n return {\n ...incomingConfig,\n admin: {\n ...incomingConfig.admin,\n ...(disableAvatar ? {} : {avatar: Avatar}),\n components: {\n ...incomingConfig.admin?.components,\n afterLogin: [\n ...incomingConfig.admin?.components?.afterLogin || [],\n ...(disableDefaultLoginButton ? [] : [LoginButton])\n ]\n },\n custom: {\n zitadel: {\n issuerURL,\n clientId,\n label,\n authorizeURL: authBaseURL + ROUTES.authorize,\n callbackURL: authBaseURL + ROUTES.callback\n }\n }\n },\n collections: (incomingConfig.collections || []).map((collection) => {\n\n const authConfig = typeof collection.auth == 'boolean' ? {} : collection.auth\n\n return {\n ...collection,\n ...collection.slug == authSlug ? {\n auth: {\n ...authConfig,\n disableLocalStrategy: true,\n strategies: [\n ...authConfig?.strategies ?? [],\n zitadelStrategy({\n authSlug,\n associatedIdFieldName,\n strategyName: strategyName,\n issuerURL: issuerURL as string,\n clientId: clientId as string,\n ...(enableAPI ? {\n enableAPI: true,\n apiClientId: apiClientId!,\n apiKeyId: apiClientId!,\n apiKey: apiKey!\n } : {enableAPI: undefined})\n })\n ]\n },\n hooks: {\n afterLogout: [() => cookies().delete(COOKIES.idToken)],\n\n // current work around (see onInit)\n afterChange: [async ({req}) => {\n const response = await req.payload.find({collection: authSlug})\n // to minimize unnecessary checks after the first two real users\n if (response.totalDocs == 2) {\n await req.payload.delete({\n collection: authSlug,\n where: {\n [associatedIdFieldName]: {\n equals: DELETE_ME_USER.associatedId\n }\n }\n })\n }\n }]\n\n },\n endpoints: [\n {\n path: ROUTES.authorize,\n method: 'get',\n handler: authorize\n },\n {\n path: ROUTES.callback,\n method: 'get',\n handler: callback(onSuccess ?? defaultOnSuccess)\n }\n ],\n fields: [\n ...collection.fields,\n {\n name: associatedIdFieldName,\n type: 'text',\n admin: {\n readOnly: true\n },\n unique: true,\n required: true\n },\n {\n name: 'email',\n type: 'email',\n admin: {\n readOnly: true\n }\n },\n {\n name: 'name',\n type: 'text',\n admin: {\n readOnly: true\n }\n },\n {\n name: 'image',\n type: 'text',\n admin: {\n readOnly: true\n }\n }\n ]\n } : {}\n }\n }),\n\n // current work around on creating a non-functional first user, which will be deleted after first login\n async onInit(payload) {\n if (incomingConfig.onInit)\n await incomingConfig.onInit(payload)\n\n const existingUsers = await payload.find({\n collection: authSlug,\n limit: 1\n })\n\n if (existingUsers.docs.length === 0) {\n await payload.create({\n collection: authSlug,\n data: {\n email: DELETE_ME_USER.email,\n password: DELETE_ME_USER.password,\n [associatedIdFieldName]: DELETE_ME_USER.associatedId\n }\n })\n }\n },\n\n i18n: {\n ...incomingConfig.i18n,\n translations: {\n ...incomingConfig.i18n?.translations,\n de: {\n ...incomingConfig.i18n?.translations?.de,\n ...translations.de\n },\n en: {\n ...incomingConfig.i18n?.translations?.en,\n ...translations.en\n }\n }\n }\n } satisfies PayloadConfigWithZitadel\n\n }\n\n}"],"names":["cookies","Avatar","LoginButton","COOKIES","DEFAULT_CONFIG","DELETE_ME_USER","ERROR_MESSAGES","ROUTES","authorize","callback","zitadelStrategy","translations","NextResponse","getCurrentUser","ZitadelPlugin","associatedIdFieldName","disableAvatar","disableDefaultLoginButton","strategyName","label","issuerURL","clientId","enableAPI","apiClientId","apiKeyId","apiKey","onSuccess","Error","incomingConfig","serverURL","authSlug","admin","user","authBaseURL","defaultOnSuccess","state","redirect","get","avatar","components","afterLogin","custom","zitadel","authorizeURL","callbackURL","collections","map","collection","authConfig","auth","slug","disableLocalStrategy","strategies","undefined","hooks","afterLogout","delete","idToken","afterChange","req","response","payload","find","totalDocs","where","equals","associatedId","endpoints","path","method","handler","fields","name","type","readOnly","unique","required","onInit","existingUsers","limit","docs","length","create","data","email","password","i18n","de","en"],"mappings":"AAAA,SAAQA,OAAO,QAAO,kBAAiB;AACvC,SAAQC,MAAM,EAAEC,WAAW,QAAO,wBAAuB;AACzD,SAAQC,OAAO,EAAEC,cAAc,EAAEC,cAAc,EAAEC,cAAc,EAAEC,MAAM,QAAO,iBAAgB;AAC9F,SAAQC,SAAS,EAAEC,QAAQ,QAAO,sBAAqB;AACvD,SAAQC,eAAe,QAAO,gBAAe;AAE7C,SAAQC,YAAY,QAAO,oBAAmB;AAC9C,SAAQC,YAAY,QAAO,iBAAgB;AAE3C,SAAQC,cAAc,QAAO,mBAAkB;AAE/C,OAAO,MAAMC,gBAAmC,CAAC,EACIC,wBAAwBX,eAAeW,qBAAqB,EAC5DC,aAAa,EACbC,yBAAyB,EACzBC,eAAed,eAAec,YAAY,EAC1CC,QAAQf,eAAee,KAAK,EAC5BC,SAAS,EACTC,QAAQ,EACRC,SAAS,EACTC,WAAW,EACXC,QAAQ,EACRC,MAAM,EACNC,SAAS,EACZ;IAE9C,IAAI,CAACN,WACD,MAAM,IAAIO,MAAMrB,eAAec,SAAS;IAC5C,IAAI,CAACC,UACD,MAAM,IAAIM,MAAMrB,eAAee,QAAQ;IAC3C,IAAIC,WAAW;QACX,IAAI,CAACC,aACD,MAAM,IAAII,MAAMrB,eAAeiB,WAAW;QAC9C,IAAI,CAACC,UACD,MAAM,IAAIG,MAAMrB,eAAemB,MAAM;QACzC,IAAI,CAACA,QACD,MAAM,IAAIE,MAAMrB,eAAemB,MAAM;IAC7C;IAEA,OAAO,CAACG;QAEJ,MAAMC,YAAYD,eAAeC,SAAS,IAAI;QAE9C,MAAMC,WAAWF,eAAeG,KAAK,EAAEC,QAAQ;QAE/C,MAAMC,cAAc,CAAC,EAAEJ,UAAU,KAAK,EAAEC,SAAS,CAAC;QAElD,MAAMI,mBAAqC,CAACC,QACxCvB,aAAawB,QAAQ,CAACP,YAAaM,CAAAA,MAAME,GAAG,CAAC,eAAe,EAAC;QAEjE,OAAO;YACH,GAAGT,cAAc;YACjBG,OAAO;gBACH,GAAGH,eAAeG,KAAK;gBACvB,GAAIf,gBAAgB,CAAC,IAAI;oBAACsB,QAAQrC;gBAAM,CAAC;gBACzCsC,YAAY;oBACR,GAAGX,eAAeG,KAAK,EAAEQ,UAAU;oBACnCC,YAAY;2BACLZ,eAAeG,KAAK,EAAEQ,YAAYC,cAAc,EAAE;2BACjDvB,4BAA4B,EAAE,GAAG;4BAACf;yBAAY;qBACrD;gBACL;gBACAuC,QAAQ;oBACJC,SAAS;wBACLtB;wBACAC;wBACAF;wBACAwB,cAAcV,cAAc1B,OAAOC,SAAS;wBAC5CoC,aAAaX,cAAc1B,OAAOE,QAAQ;oBAC9C;gBACJ;YACJ;YACAoC,aAAa,AAACjB,CAAAA,eAAeiB,WAAW,IAAI,EAAE,AAAD,EAAGC,GAAG,CAAC,CAACC;gBAEjD,MAAMC,aAAa,OAAOD,WAAWE,IAAI,IAAI,YAAY,CAAC,IAAIF,WAAWE,IAAI;gBAE7E,OAAO;oBACH,GAAGF,UAAU;oBACb,GAAGA,WAAWG,IAAI,IAAIpB,WAAW;wBAC7BmB,MAAM;4BACF,GAAGD,UAAU;4BACbG,sBAAsB;4BACtBC,YAAY;mCACLJ,YAAYI,cAAc,EAAE;gCAC/B1C,gBAAgB;oCACZoB;oCACAf;oCACAG,cAAcA;oCACdE,WAAWA;oCACXC,UAAUA;oCACV,GAAIC,YAAY;wCACZA,WAAW;wCACXC,aAAaA;wCACbC,UAAUD;wCACVE,QAAQA;oCACZ,IAAI;wCAACH,WAAW+B;oCAAS,CAAC;gCAC9B;6BACH;wBACL;wBACAC,OAAO;4BACHC,aAAa;gCAAC,IAAMvD,UAAUwD,MAAM,CAACrD,QAAQsD,OAAO;6BAAE;4BAEtD,mCAAmC;4BACnCC,aAAa;gCAAC,OAAO,EAACC,GAAG,EAAC;oCACtB,MAAMC,WAAW,MAAMD,IAAIE,OAAO,CAACC,IAAI,CAAC;wCAACf,YAAYjB;oCAAQ;oCAC7D,gEAAgE;oCAChE,IAAI8B,SAASG,SAAS,IAAI,GAAG;wCACzB,MAAMJ,IAAIE,OAAO,CAACL,MAAM,CAAC;4CACrBT,YAAYjB;4CACZkC,OAAO;gDACH,CAACjD,sBAAsB,EAAE;oDACrBkD,QAAQ5D,eAAe6D,YAAY;gDACvC;4CACJ;wCACJ;oCACJ;gCACJ;6BAAE;wBAEN;wBACAC,WAAW;4BACP;gCACIC,MAAM7D,OAAOC,SAAS;gCACtB6D,QAAQ;gCACRC,SAAS9D;4BACb;4BACA;gCACI4D,MAAM7D,OAAOE,QAAQ;gCACrB4D,QAAQ;gCACRC,SAAS7D,SAASiB,aAAaQ;4BACnC;yBACH;wBACDqC,QAAQ;+BACDxB,WAAWwB,MAAM;4BACpB;gCACIC,MAAMzD;gCACN0D,MAAM;gCACN1C,OAAO;oCACH2C,UAAU;gCACd;gCACAC,QAAQ;gCACRC,UAAU;4BACd;4BACA;gCACIJ,MAAM;gCACNC,MAAM;gCACN1C,OAAO;oCACH2C,UAAU;gCACd;4BACJ;4BACA;gCACIF,MAAM;gCACNC,MAAM;gCACN1C,OAAO;oCACH2C,UAAU;gCACd;4BACJ;4BACA;gCACIF,MAAM;gCACNC,MAAM;gCACN1C,OAAO;oCACH2C,UAAU;gCACd;4BACJ;yBACH;oBACL,IAAI,CAAC,CAAC;gBACV;YACJ;YAEA,uGAAuG;YACvG,MAAMG,QAAOhB,OAAO;gBAChB,IAAIjC,eAAeiD,MAAM,EACrB,MAAMjD,eAAeiD,MAAM,CAAChB;gBAEhC,MAAMiB,gBAAgB,MAAMjB,QAAQC,IAAI,CAAC;oBACrCf,YAAYjB;oBACZiD,OAAO;gBACX;gBAEA,IAAID,cAAcE,IAAI,CAACC,MAAM,KAAK,GAAG;oBACjC,MAAMpB,QAAQqB,MAAM,CAAC;wBACjBnC,YAAYjB;wBACZqD,MAAM;4BACFC,OAAO/E,eAAe+E,KAAK;4BAC3BC,UAAUhF,eAAegF,QAAQ;4BACjC,CAACtE,sBAAsB,EAAEV,eAAe6D,YAAY;wBACxD;oBACJ;gBACJ;YACJ;YAEAoB,MAAM;gBACF,GAAG1D,eAAe0D,IAAI;gBACtB3E,cAAc;oBACV,GAAGiB,eAAe0D,IAAI,EAAE3E,YAAY;oBACpC4E,IAAI;wBACA,GAAG3D,eAAe0D,IAAI,EAAE3E,cAAc4E,EAAE;wBACxC,GAAG5E,aAAa4E,EAAE;oBACtB;oBACAC,IAAI;wBACA,GAAG5D,eAAe0D,IAAI,EAAE3E,cAAc6E,EAAE;wBACxC,GAAG7E,aAAa6E,EAAE;oBACtB;gBACJ;YACJ;QACJ;IAEJ;AAEJ,EAAC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
import { AuthStrategy, Config,
|
|
1
|
+
import { AuthStrategy, Config, SanitizedConfig, TypeWithID } from 'payload';
|
|
2
|
+
import { NextResponse } from 'next/server.js';
|
|
2
3
|
export type ZitadelPluginProps = Partial<{
|
|
3
4
|
disableAvatar: true;
|
|
4
5
|
disableDefaultLoginButton: true;
|
|
@@ -35,7 +36,7 @@ export type ZitadelUser = TypeWithID & Partial<{
|
|
|
35
36
|
name: string | null;
|
|
36
37
|
image: string | null;
|
|
37
38
|
}>;
|
|
38
|
-
export type ZitadelOnSuccess = (state: URLSearchParams) =>
|
|
39
|
+
export type ZitadelOnSuccess = (state: URLSearchParams) => NextResponse;
|
|
39
40
|
export type PayloadConfigWithZitadel = (Config | SanitizedConfig) & {
|
|
40
41
|
admin: {
|
|
41
42
|
custom: {
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,YAAY,EAAE,MAAM,EAAE,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,UAAU,EAAC,MAAM,SAAS,CAAA;AACzE,OAAO,EAAC,YAAY,EAAC,MAAM,gBAAgB,CAAA;AAE3C,MAAM,MAAM,kBAAkB,GAAG,OAAO,CAAC;IACrC,aAAa,EAAE,IAAI,CAAA;IACnB,yBAAyB,EAAE,IAAI,CAAA;IAC/B,uBAAuB,EAAE,MAAM,CAAA;IAC/B,KAAK,EAAE,MAAM,CAAA;IACb,SAAS,EAAE,gBAAgB,CAAA;CAC9B,CAAC,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAA;AAElC,MAAM,MAAM,iBAAiB,GAAG,CAAC,KAAK,EAAE,kBAAkB,KAAK,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,CAAA;AAEzF,MAAM,MAAM,eAAe,GAAG;IAC1B,SAAS,EAAE,IAAI,CAAA;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,oBAAoB,GAAG;IAC/B,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAA;CACnB,GAAG;IACA,QAAQ,EAAE,MAAM,CAAC;IACjB,qBAAqB,EAAE,MAAM,CAAC;CACjC,GAAG,CAAC,eAAe,GAAG;IACnB,SAAS,CAAC,EAAE,SAAS,CAAA;CACxB,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC,CAAA;AAE7B,MAAM,MAAM,mBAAmB,GAAG,CAAC,KAAK,EAAE,oBAAoB,KAAK,YAAY,CAAA;AAE/E,MAAM,MAAM,cAAc,GAAG,OAAO,CAAC;IACjC,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAA;CAClB,CAAC,CAAA;AAEF,MAAM,MAAM,WAAW,GAAG,UAAU,GAAG,OAAO,CAAC;IAC3C,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACxB,CAAC,CAAA;AAEF,MAAM,MAAM,gBAAgB,GAAG,CAAC,KAAK,EAAE,eAAe,KAAK,YAAY,CAAA;AAEvE,MAAM,MAAM,wBAAwB,GAAG,CAAC,MAAM,GAAG,eAAe,CAAC,GAAG;IAChE,KAAK,EAAE;QACH,MAAM,EAAE;YACJ,OAAO,EAAE;gBACL,SAAS,EAAE,MAAM,CAAA;gBACjB,QAAQ,EAAE,MAAM,CAAA;gBAChB,KAAK,EAAE,MAAM,CAAA;gBACb,YAAY,EAAE,MAAM,CAAA;gBACpB,WAAW,EAAE,MAAM,CAAA;aACtB,CAAA;SACJ,CAAA;KACJ,CAAA;CACJ,CAAA"}
|
package/dist/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/types.ts"],"sourcesContent":["import {AuthStrategy, Config,
|
|
1
|
+
{"version":3,"sources":["../src/types.ts"],"sourcesContent":["import {AuthStrategy, Config, SanitizedConfig, TypeWithID} from 'payload'\nimport {NextResponse} from 'next/server.js'\n\nexport type ZitadelPluginProps = Partial<{\n disableAvatar: true\n disableDefaultLoginButton: true\n defaultLoginButtonTitle: string\n label: string\n onSuccess: ZitadelOnSuccess\n}> & Partial<ZitadelStrategyProps>\n\nexport type ZitadelPluginType = (props: ZitadelPluginProps) => (config: Config) => Config\n\nexport type ZitadelAPIProps = {\n enableAPI: true\n apiClientId: string,\n apiKeyId: string,\n apiKey: string\n}\n\nexport type ZitadelStrategyProps = {\n strategyName: string,\n issuerURL: string,\n clientId: string\n} & {\n authSlug: string,\n associatedIdFieldName: string,\n} & (ZitadelAPIProps | {\n enableAPI?: undefined\n} & Partial<ZitadelAPIProps>)\n\nexport type ZitadelStrategyType = (props: ZitadelStrategyProps) => AuthStrategy\n\nexport type ZitadelIdToken = Partial<{\n sub: string,\n name: string,\n email: string,\n picture: string\n}>\n\nexport type ZitadelUser = TypeWithID & Partial<{\n email: string | null,\n name: string | null,\n image: string | null,\n}>\n\nexport type ZitadelOnSuccess = (state: URLSearchParams) => NextResponse\n\nexport type PayloadConfigWithZitadel = (Config | SanitizedConfig) & {\n admin: {\n custom: {\n zitadel: {\n issuerURL: string\n clientId: string\n label: string\n authorizeURL: string\n callbackURL: string\n }\n }\n }\n}"],"names":[],"mappings":"AAgDA,WAYC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "payload-zitadel-plugin",
|
|
3
|
-
"version": "0.2.
|
|
3
|
+
"version": "0.2.12",
|
|
4
4
|
"description": "plugin for Payload CMS, which enables authentication via Zitadel IdP",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"license": "MIT",
|
|
@@ -40,16 +40,16 @@
|
|
|
40
40
|
"@payloadcms/translations": "3.0.0-beta.70",
|
|
41
41
|
"@payloadcms/ui": "3.0.0-beta.70",
|
|
42
42
|
"jsonwebtoken": "^9.0.2",
|
|
43
|
-
"next": "
|
|
43
|
+
"next": "15.0.0-canary.87",
|
|
44
44
|
"payload": "3.0.0-beta.70",
|
|
45
45
|
"react": "rc",
|
|
46
46
|
"react-dom": "rc"
|
|
47
47
|
},
|
|
48
48
|
"devDependencies": {
|
|
49
49
|
"@swc/cli": "^0.4.0",
|
|
50
|
-
"@swc/core": "^1.7.
|
|
50
|
+
"@swc/core": "^1.7.3",
|
|
51
51
|
"@types/jsonwebtoken": "^9.0.6",
|
|
52
|
-
"@types/node": "^
|
|
52
|
+
"@types/node": "^22.0.0",
|
|
53
53
|
"@types/react": "^18.3.3",
|
|
54
54
|
"@types/react-dom": "^18.3.0",
|
|
55
55
|
"rimraf": "^6.0.1",
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"redirect.d.ts","sourceRoot":"","sources":["../../src/handlers/redirect.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,cAAc,EAAC,MAAM,SAAS,CAAA;AAEtC,OAAO,EAAC,gBAAgB,EAAC,MAAM,aAAa,CAAA;AAG5C,eAAO,MAAM,QAAQ,cAAe,gBAAgB,KAAG,cAUtD,CAAA"}
|
|
@@ -1,10 +0,0 @@
|
|
|
1
|
-
import { cookies } from 'next/headers.js';
|
|
2
|
-
import { COOKIES } from '../constants.js';
|
|
3
|
-
export const redirect = (onSuccess)=>async ()=>{
|
|
4
|
-
const cookieStore = cookies();
|
|
5
|
-
const zitadelState = new URLSearchParams(atob(cookieStore.get(COOKIES.state)?.value ?? ''));
|
|
6
|
-
cookieStore.delete(COOKIES.state);
|
|
7
|
-
return onSuccess(zitadelState);
|
|
8
|
-
};
|
|
9
|
-
|
|
10
|
-
//# sourceMappingURL=redirect.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/handlers/redirect.ts"],"sourcesContent":["import {PayloadHandler} from 'payload'\nimport {cookies} from 'next/headers.js'\nimport {ZitadelOnSuccess} from '../types.js'\nimport {COOKIES} from '../constants.js'\n\nexport const redirect = (onSuccess: ZitadelOnSuccess): PayloadHandler => async () => {\n\n const cookieStore = cookies()\n\n const zitadelState = new URLSearchParams(atob(cookieStore.get(COOKIES.state)?.value ?? ''))\n\n cookieStore.delete(COOKIES.state)\n\n return onSuccess(zitadelState)\n\n}"],"names":["cookies","COOKIES","redirect","onSuccess","cookieStore","zitadelState","URLSearchParams","atob","get","state","value","delete"],"mappings":"AACA,SAAQA,OAAO,QAAO,kBAAiB;AAEvC,SAAQC,OAAO,QAAO,kBAAiB;AAEvC,OAAO,MAAMC,WAAW,CAACC,YAAgD;QAErE,MAAMC,cAAcJ;QAEpB,MAAMK,eAAe,IAAIC,gBAAgBC,KAAKH,YAAYI,GAAG,CAACP,QAAQQ,KAAK,GAAGC,SAAS;QAEvFN,YAAYO,MAAM,CAACV,QAAQQ,KAAK;QAEhC,OAAON,UAAUE;IAErB,EAAC"}
|