payload-zitadel-plugin 0.3.1 → 0.3.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/components/Avatar.d.ts +2 -1
- package/dist/components/Avatar.d.ts.map +1 -1
- package/dist/components/Avatar.js +2 -4
- package/dist/components/Avatar.js.map +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +6 -1
- package/dist/index.js.map +1 -1
- package/dist/strategy.d.ts.map +1 -1
- package/dist/strategy.js +5 -2
- package/dist/strategy.js.map +1 -1
- package/package.json +12 -12
package/README.md
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Avatar.d.ts","sourceRoot":"","sources":["../../src/components/Avatar.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,KAAK,MAAM,OAAO,CAAA;
|
|
1
|
+
{"version":3,"file":"Avatar.d.ts","sourceRoot":"","sources":["../../src/components/Avatar.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,KAAK,MAAM,OAAO,CAAA;AAI9B,eAAO,MAAM,MAAM,+BAA8B;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,cAAc,EAAE,MAAM,CAAA;CAAE,sBAiB3F,CAAA"}
|
|
@@ -1,11 +1,9 @@
|
|
|
1
1
|
'use client';
|
|
2
2
|
import * as React from 'react';
|
|
3
3
|
import { DefaultAccountIcon } from '@payloadcms/ui/graphics/Account/Default';
|
|
4
|
-
import { useAuth
|
|
5
|
-
export const Avatar = ({ active })=>{
|
|
4
|
+
import { useAuth } from '@payloadcms/ui';
|
|
5
|
+
export const Avatar = ({ active, imageFieldName })=>{
|
|
6
6
|
const { user } = useAuth();
|
|
7
|
-
const { config: { admin: { custom } } } = useConfig();
|
|
8
|
-
const { zitadel: { imageFieldName } } = custom;
|
|
9
7
|
return user && user[imageFieldName] ? /*#__PURE__*/ React.createElement(React.Fragment, null, /*#__PURE__*/ React.createElement("style", null, 'zitadel-avatar:hover { filter: brightness(1.2); }'), /*#__PURE__*/ React.createElement("img", {
|
|
10
8
|
className: "zitadel-avatar",
|
|
11
9
|
src: user[imageFieldName],
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/components/Avatar.tsx"],"sourcesContent":["'use client'\n\nimport * as React from 'react'\nimport {DefaultAccountIcon} from '@payloadcms/ui/graphics/Account/Default'\nimport {useAuth
|
|
1
|
+
{"version":3,"sources":["../../src/components/Avatar.tsx"],"sourcesContent":["'use client'\n\nimport * as React from 'react'\nimport {DefaultAccountIcon} from '@payloadcms/ui/graphics/Account/Default'\nimport {useAuth} from '@payloadcms/ui'\n\nexport const Avatar = ({active, imageFieldName}: { active: boolean, imageFieldName: string }) => {\n\n const {user} = useAuth()\n\n return (\n user && user[imageFieldName] ?\n <>\n <style>{'zitadel-avatar:hover { filter: brightness(1.2); }'}</style>\n <img className=\"zitadel-avatar\" src={user[imageFieldName]} height={25} width={25} alt=\"Profile Picture\"\n style={{\n borderRadius: '100%',\n ...(active ? {filter: 'brightness(.8)'} : {})\n }}/>\n </> :\n <DefaultAccountIcon active={active}/>\n )\n\n}\n"],"names":["React","DefaultAccountIcon","useAuth","Avatar","active","imageFieldName","user","style","img","className","src","height","width","alt","borderRadius","filter"],"mappings":"AAAA;AAEA,YAAYA,WAAW,QAAO;AAC9B,SAAQC,kBAAkB,QAAO,0CAAyC;AAC1E,SAAQC,OAAO,QAAO,iBAAgB;AAEtC,OAAO,MAAMC,SAAS,CAAC,EAACC,MAAM,EAAEC,cAAc,EAA8C;IAExF,MAAM,EAACC,IAAI,EAAC,GAAGJ;IAEf,OACII,QAAQA,IAAI,CAACD,eAAe,iBACxB,wDACI,oBAACE,eAAO,oEACR,oBAACC;QAAIC,WAAU;QAAiBC,KAAKJ,IAAI,CAACD,eAAe;QAAEM,QAAQ;QAAIC,OAAO;QAAIC,KAAI;QACjFN,OAAO;YACHO,cAAc;YACd,GAAIV,SAAS;gBAACW,QAAQ;YAAgB,IAAI,CAAC,CAAC;QAChD;wBAET,oBAACd;QAAmBG,QAAQA;;AAGxC,EAAC"}
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAIA,OAAO,EAA6C,iBAAiB,EAAC,MAAM,YAAY,CAAA;AAIxF,eAAO,MAAM,aAAa,EAAE,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAIA,OAAO,EAA6C,iBAAiB,EAAC,MAAM,YAAY,CAAA;AAIxF,eAAO,MAAM,aAAa,EAAE,iBAgM3B,CAAA"}
|
package/dist/index.js
CHANGED
|
@@ -29,7 +29,12 @@ export const ZitadelPlugin = ({ fieldsConfig: _fieldsConfig, disableAvatar, disa
|
|
|
29
29
|
...incomingConfig.admin,
|
|
30
30
|
...disableAvatar ? {} : {
|
|
31
31
|
avatar: {
|
|
32
|
-
Component:
|
|
32
|
+
Component: {
|
|
33
|
+
path: 'payload-zitadel-plugin/components#Avatar',
|
|
34
|
+
clientProps: {
|
|
35
|
+
imageFieldName: fieldsConfig.image.name
|
|
36
|
+
}
|
|
37
|
+
}
|
|
33
38
|
}
|
|
34
39
|
},
|
|
35
40
|
...disableDefaultLoginButton ? {} : {
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts"],"sourcesContent":["import {cookies} from 'next/headers.js'\nimport {COOKIES, DEFAULT_CONFIG, ERROR_MESSAGES, ROUTES} from './constants.js'\nimport {authorize, callback} from './handlers/index.js'\nimport {zitadelStrategy} from './strategy.js'\nimport {PayloadConfigWithZitadel, ZitadelOnSuccess, ZitadelPluginType} from './types.js'\nimport {translations} from './translations.js'\nimport {NextResponse} from 'next/server.js'\n\nexport const ZitadelPlugin: ZitadelPluginType = ({\n fieldsConfig: _fieldsConfig,\n disableAvatar,\n disableDefaultLoginButton,\n strategyName = DEFAULT_CONFIG.strategyName,\n label = DEFAULT_CONFIG.label,\n issuerURL,\n clientId,\n enableAPI,\n apiClientId,\n apiKeyId,\n apiKey,\n onSuccess\n }) => {\n\n if (!issuerURL)\n throw new Error(ERROR_MESSAGES.issuerURL)\n if (!clientId)\n throw new Error(ERROR_MESSAGES.clientId)\n if (enableAPI) {\n if (!apiClientId)\n throw new Error(ERROR_MESSAGES.apiClientId)\n if (!apiKeyId)\n throw new Error(ERROR_MESSAGES.apiKey)\n if (!apiKey)\n throw new Error(ERROR_MESSAGES.apiKey)\n }\n\n const fieldsConfig = {...DEFAULT_CONFIG.fields, ..._fieldsConfig}\n\n return (incomingConfig) => {\n\n const serverURL = incomingConfig.serverURL ?? 'http://localhost'\n\n const authSlug = incomingConfig.admin?.user ?? 'users'\n\n const authBaseURL = `${serverURL}/api/${authSlug}`\n const authorizeURL = authBaseURL + ROUTES.authorize\n const callbackURL = authBaseURL + ROUTES.callback\n\n const defaultOnSuccess: ZitadelOnSuccess = (state) =>\n NextResponse.redirect(serverURL + (state.get('redirect') ?? ''))\n\n return {\n ...incomingConfig,\n admin: {\n ...incomingConfig.admin,\n ...disableAvatar ? {} : {\n avatar: {\n Component: 'payload-zitadel-plugin/components#Avatar'\n }\n },\n ...disableDefaultLoginButton ? {} : {\n components: {\n ...incomingConfig.admin?.components,\n afterLogin: [\n ...incomingConfig.admin?.components?.afterLogin ?? [],\n {\n path: 'payload-zitadel-plugin/components#LoginButton',\n serverProps: {\n authorizeURL,\n label\n }\n }\n ]\n }\n },\n custom: {\n ...incomingConfig.admin?.custom,\n zitadel: {\n issuerURL,\n clientId,\n callbackURL,\n imageFieldName: fieldsConfig.image.name\n }\n }\n },\n collections: (incomingConfig.collections || []).map((collection) => {\n\n const authConfig = typeof collection.auth == 'boolean' ? {} : collection.auth\n\n return {\n ...collection,\n ...collection.slug == authSlug ? {\n auth: {\n ...authConfig,\n disableLocalStrategy: true,\n strategies: [\n ...authConfig?.strategies ?? [],\n zitadelStrategy({\n authSlug,\n fieldsConfig,\n strategyName: strategyName,\n issuerURL: issuerURL as string,\n clientId: clientId as string,\n ...(enableAPI ? {\n enableAPI: true,\n apiClientId: apiClientId!,\n apiKeyId: apiClientId!,\n apiKey: apiKey!\n } : {enableAPI: undefined})\n })\n ]\n },\n hooks: {\n afterLogout: [async () => (await cookies()).delete(COOKIES.idToken)]\n },\n endpoints: [\n {\n path: ROUTES.authorize,\n method: 'get',\n handler: authorize\n },\n {\n path: ROUTES.callback,\n method: 'get',\n handler: callback(onSuccess ?? defaultOnSuccess)\n }\n ],\n fields: [\n ...collection.fields,\n {\n ...fieldsConfig.id,\n type: 'text',\n admin: {\n readOnly: true\n },\n index: true,\n unique: true,\n required: true\n },\n {\n ...fieldsConfig.name,\n type: 'text',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.email,\n type: 'email',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.image,\n type: 'text',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.roles,\n type: 'array',\n admin: {\n readOnly: true\n },\n fields: [\n {\n ...fieldsConfig.roleFields.name,\n type: 'text'\n }\n ]\n }\n ]\n } : {}\n }\n }),\n i18n: {\n ...incomingConfig.i18n,\n translations: {\n ...incomingConfig.i18n?.translations,\n de: {\n ...incomingConfig.i18n?.translations?.de,\n ...translations.de\n },\n en: {\n ...incomingConfig.i18n?.translations?.en,\n ...translations.en\n }\n }\n }\n } satisfies PayloadConfigWithZitadel\n\n }\n\n}"],"names":["cookies","COOKIES","DEFAULT_CONFIG","ERROR_MESSAGES","ROUTES","authorize","callback","zitadelStrategy","translations","NextResponse","ZitadelPlugin","fieldsConfig","_fieldsConfig","disableAvatar","disableDefaultLoginButton","strategyName","label","issuerURL","clientId","enableAPI","apiClientId","apiKeyId","apiKey","onSuccess","Error","fields","incomingConfig","serverURL","authSlug","admin","user","authBaseURL","authorizeURL","callbackURL","defaultOnSuccess","state","redirect","get","avatar","Component","components","afterLogin","path","serverProps","custom","zitadel","imageFieldName","image","name","collections","map","collection","authConfig","auth","slug","disableLocalStrategy","strategies","undefined","hooks","afterLogout","delete","idToken","endpoints","method","handler","id","type","readOnly","index","unique","required","email","roles","roleFields","i18n","de","en"],"mappings":"AAAA,SAAQA,OAAO,QAAO,kBAAiB;AACvC,SAAQC,OAAO,EAAEC,cAAc,EAAEC,cAAc,EAAEC,MAAM,QAAO,iBAAgB;AAC9E,SAAQC,SAAS,EAAEC,QAAQ,QAAO,sBAAqB;AACvD,SAAQC,eAAe,QAAO,gBAAe;AAE7C,SAAQC,YAAY,QAAO,oBAAmB;AAC9C,SAAQC,YAAY,QAAO,iBAAgB;AAE3C,OAAO,MAAMC,gBAAmC,CAAC,EACIC,cAAcC,aAAa,EAC3BC,aAAa,EACbC,yBAAyB,EACzBC,eAAeb,eAAea,YAAY,EAC1CC,QAAQd,eAAec,KAAK,EAC5BC,SAAS,EACTC,QAAQ,EACRC,SAAS,EACTC,WAAW,EACXC,QAAQ,EACRC,MAAM,EACNC,SAAS,EACZ;IAE9C,IAAI,CAACN,WACD,MAAM,IAAIO,MAAMrB,eAAec,SAAS;IAC5C,IAAI,CAACC,UACD,MAAM,IAAIM,MAAMrB,eAAee,QAAQ;IAC3C,IAAIC,WAAW;QACX,IAAI,CAACC,aACD,MAAM,IAAII,MAAMrB,eAAeiB,WAAW;QAC9C,IAAI,CAACC,UACD,MAAM,IAAIG,MAAMrB,eAAemB,MAAM;QACzC,IAAI,CAACA,QACD,MAAM,IAAIE,MAAMrB,eAAemB,MAAM;IAC7C;IAEA,MAAMX,eAAe;QAAC,GAAGT,eAAeuB,MAAM;QAAE,GAAGb,aAAa;IAAA;IAEhE,OAAO,CAACc;QAEJ,MAAMC,YAAYD,eAAeC,SAAS,IAAI;QAE9C,MAAMC,WAAWF,eAAeG,KAAK,EAAEC,QAAQ;QAE/C,MAAMC,cAAc,GAAGJ,UAAU,KAAK,EAAEC,UAAU;QAClD,MAAMI,eAAeD,cAAc3B,OAAOC,SAAS;QACnD,MAAM4B,cAAcF,cAAc3B,OAAOE,QAAQ;QAEjD,MAAM4B,mBAAqC,CAACC,QACxC1B,aAAa2B,QAAQ,CAACT,YAAaQ,CAAAA,MAAME,GAAG,CAAC,eAAe,EAAC;QAEjE,OAAO;YACH,GAAGX,cAAc;YACjBG,OAAO;gBACH,GAAGH,eAAeG,KAAK;gBACvB,GAAGhB,gBAAgB,CAAC,IAAI;oBACpByB,QAAQ;wBACJC,WAAW;oBACf;gBACJ,CAAC;gBACD,GAAGzB,4BAA4B,CAAC,IAAI;oBAChC0B,YAAY;wBACR,GAAGd,eAAeG,KAAK,EAAEW,UAAU;wBACnCC,YAAY;+BACLf,eAAeG,KAAK,EAAEW,YAAYC,cAAc,EAAE;4BACrD;gCACIC,MAAM;gCACNC,aAAa;oCACTX;oCACAhB;gCACJ;4BACJ;yBACH;oBACL;gBACJ,CAAC;gBACD4B,QAAQ;oBACJ,GAAGlB,eAAeG,KAAK,EAAEe,MAAM;oBAC/BC,SAAS;wBACL5B;wBACAC;wBACAe;wBACAa,gBAAgBnC,aAAaoC,KAAK,CAACC,IAAI;oBAC3C;gBACJ;YACJ;YACAC,aAAa,AAACvB,CAAAA,eAAeuB,WAAW,IAAI,EAAE,AAAD,EAAGC,GAAG,CAAC,CAACC;gBAEjD,MAAMC,aAAa,OAAOD,WAAWE,IAAI,IAAI,YAAY,CAAC,IAAIF,WAAWE,IAAI;gBAE7E,OAAO;oBACH,GAAGF,UAAU;oBACb,GAAGA,WAAWG,IAAI,IAAI1B,WAAW;wBAC7ByB,MAAM;4BACF,GAAGD,UAAU;4BACbG,sBAAsB;4BACtBC,YAAY;mCACLJ,YAAYI,cAAc,EAAE;gCAC/BjD,gBAAgB;oCACZqB;oCACAjB;oCACAI,cAAcA;oCACdE,WAAWA;oCACXC,UAAUA;oCACV,GAAIC,YAAY;wCACZA,WAAW;wCACXC,aAAaA;wCACbC,UAAUD;wCACVE,QAAQA;oCACZ,IAAI;wCAACH,WAAWsC;oCAAS,CAAC;gCAC9B;6BACH;wBACL;wBACAC,OAAO;4BACHC,aAAa;gCAAC,UAAY,AAAC,CAAA,MAAM3D,SAAQ,EAAG4D,MAAM,CAAC3D,QAAQ4D,OAAO;6BAAE;wBACxE;wBACAC,WAAW;4BACP;gCACIpB,MAAMtC,OAAOC,SAAS;gCACtB0D,QAAQ;gCACRC,SAAS3D;4BACb;4BACA;gCACIqC,MAAMtC,OAAOE,QAAQ;gCACrByD,QAAQ;gCACRC,SAAS1D,SAASiB,aAAaW;4BACnC;yBACH;wBACDT,QAAQ;+BACD0B,WAAW1B,MAAM;4BACpB;gCACI,GAAGd,aAAasD,EAAE;gCAClBC,MAAM;gCACNrC,OAAO;oCACHsC,UAAU;gCACd;gCACAC,OAAO;gCACPC,QAAQ;gCACRC,UAAU;4BACd;4BACA;gCACI,GAAG3D,aAAaqC,IAAI;gCACpBkB,MAAM;gCACNrC,OAAO;oCACHsC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGxD,aAAa4D,KAAK;gCACrBL,MAAM;gCACNrC,OAAO;oCACHsC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGxD,aAAaoC,KAAK;gCACrBmB,MAAM;gCACNrC,OAAO;oCACHsC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGxD,aAAa6D,KAAK;gCACrBN,MAAM;gCACNrC,OAAO;oCACHsC,UAAU;gCACd;gCACA1C,QAAQ;oCACJ;wCACI,GAAGd,aAAa8D,UAAU,CAACzB,IAAI;wCAC/BkB,MAAM;oCACV;iCACH;4BACL;yBACH;oBACL,IAAI,CAAC,CAAC;gBACV;YACJ;YACAQ,MAAM;gBACF,GAAGhD,eAAegD,IAAI;gBACtBlE,cAAc;oBACV,GAAGkB,eAAegD,IAAI,EAAElE,YAAY;oBACpCmE,IAAI;wBACA,GAAGjD,eAAegD,IAAI,EAAElE,cAAcmE,EAAE;wBACxC,GAAGnE,aAAamE,EAAE;oBACtB;oBACAC,IAAI;wBACA,GAAGlD,eAAegD,IAAI,EAAElE,cAAcoE,EAAE;wBACxC,GAAGpE,aAAaoE,EAAE;oBACtB;gBACJ;YACJ;QACJ;IAEJ;AAEJ,EAAC"}
|
|
1
|
+
{"version":3,"sources":["../src/index.ts"],"sourcesContent":["import {cookies} from 'next/headers.js'\nimport {COOKIES, DEFAULT_CONFIG, ERROR_MESSAGES, ROUTES} from './constants.js'\nimport {authorize, callback} from './handlers/index.js'\nimport {zitadelStrategy} from './strategy.js'\nimport {PayloadConfigWithZitadel, ZitadelOnSuccess, ZitadelPluginType} from './types.js'\nimport {translations} from './translations.js'\nimport {NextResponse} from 'next/server.js'\n\nexport const ZitadelPlugin: ZitadelPluginType = ({\n fieldsConfig: _fieldsConfig,\n disableAvatar,\n disableDefaultLoginButton,\n strategyName = DEFAULT_CONFIG.strategyName,\n label = DEFAULT_CONFIG.label,\n issuerURL,\n clientId,\n enableAPI,\n apiClientId,\n apiKeyId,\n apiKey,\n onSuccess\n }) => {\n\n if (!issuerURL)\n throw new Error(ERROR_MESSAGES.issuerURL)\n if (!clientId)\n throw new Error(ERROR_MESSAGES.clientId)\n if (enableAPI) {\n if (!apiClientId)\n throw new Error(ERROR_MESSAGES.apiClientId)\n if (!apiKeyId)\n throw new Error(ERROR_MESSAGES.apiKey)\n if (!apiKey)\n throw new Error(ERROR_MESSAGES.apiKey)\n }\n\n const fieldsConfig = {...DEFAULT_CONFIG.fields, ..._fieldsConfig}\n\n return (incomingConfig) => {\n\n const serverURL = incomingConfig.serverURL ?? 'http://localhost'\n\n const authSlug = incomingConfig.admin?.user ?? 'users'\n\n const authBaseURL = `${serverURL}/api/${authSlug}`\n const authorizeURL = authBaseURL + ROUTES.authorize\n const callbackURL = authBaseURL + ROUTES.callback\n\n const defaultOnSuccess: ZitadelOnSuccess = (state) =>\n NextResponse.redirect(serverURL + (state.get('redirect') ?? ''))\n\n return {\n ...incomingConfig,\n admin: {\n ...incomingConfig.admin,\n ...disableAvatar ? {} : {\n avatar: {\n Component: {\n path: 'payload-zitadel-plugin/components#Avatar',\n clientProps: {\n imageFieldName: fieldsConfig.image.name\n }\n }\n }\n },\n ...disableDefaultLoginButton ? {} : {\n components: {\n ...incomingConfig.admin?.components,\n afterLogin: [\n ...incomingConfig.admin?.components?.afterLogin ?? [],\n {\n path: 'payload-zitadel-plugin/components#LoginButton',\n serverProps: {\n authorizeURL,\n label\n }\n }\n ]\n }\n },\n custom: {\n ...incomingConfig.admin?.custom,\n zitadel: {\n issuerURL,\n clientId,\n callbackURL,\n imageFieldName: fieldsConfig.image.name\n }\n }\n },\n collections: (incomingConfig.collections || []).map((collection) => {\n\n const authConfig = typeof collection.auth == 'boolean' ? {} : collection.auth\n\n return {\n ...collection,\n ...collection.slug == authSlug ? {\n auth: {\n ...authConfig,\n disableLocalStrategy: true,\n strategies: [\n ...authConfig?.strategies ?? [],\n zitadelStrategy({\n authSlug,\n fieldsConfig,\n strategyName: strategyName,\n issuerURL: issuerURL as string,\n clientId: clientId as string,\n ...(enableAPI ? {\n enableAPI: true,\n apiClientId: apiClientId!,\n apiKeyId: apiClientId!,\n apiKey: apiKey!\n } : {enableAPI: undefined})\n })\n ]\n },\n hooks: {\n afterLogout: [async () => (await cookies()).delete(COOKIES.idToken)]\n },\n endpoints: [\n {\n path: ROUTES.authorize,\n method: 'get',\n handler: authorize\n },\n {\n path: ROUTES.callback,\n method: 'get',\n handler: callback(onSuccess ?? defaultOnSuccess)\n }\n ],\n fields: [\n ...collection.fields,\n {\n ...fieldsConfig.id,\n type: 'text',\n admin: {\n readOnly: true\n },\n index: true,\n unique: true,\n required: true\n },\n {\n ...fieldsConfig.name,\n type: 'text',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.email,\n type: 'email',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.image,\n type: 'text',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.roles,\n type: 'array',\n admin: {\n readOnly: true\n },\n fields: [\n {\n ...fieldsConfig.roleFields.name,\n type: 'text'\n }\n ]\n }\n ]\n } : {}\n }\n }),\n i18n: {\n ...incomingConfig.i18n,\n translations: {\n ...incomingConfig.i18n?.translations,\n de: {\n ...incomingConfig.i18n?.translations?.de,\n ...translations.de\n },\n en: {\n ...incomingConfig.i18n?.translations?.en,\n ...translations.en\n }\n }\n }\n } satisfies PayloadConfigWithZitadel\n\n }\n\n}"],"names":["cookies","COOKIES","DEFAULT_CONFIG","ERROR_MESSAGES","ROUTES","authorize","callback","zitadelStrategy","translations","NextResponse","ZitadelPlugin","fieldsConfig","_fieldsConfig","disableAvatar","disableDefaultLoginButton","strategyName","label","issuerURL","clientId","enableAPI","apiClientId","apiKeyId","apiKey","onSuccess","Error","fields","incomingConfig","serverURL","authSlug","admin","user","authBaseURL","authorizeURL","callbackURL","defaultOnSuccess","state","redirect","get","avatar","Component","path","clientProps","imageFieldName","image","name","components","afterLogin","serverProps","custom","zitadel","collections","map","collection","authConfig","auth","slug","disableLocalStrategy","strategies","undefined","hooks","afterLogout","delete","idToken","endpoints","method","handler","id","type","readOnly","index","unique","required","email","roles","roleFields","i18n","de","en"],"mappings":"AAAA,SAAQA,OAAO,QAAO,kBAAiB;AACvC,SAAQC,OAAO,EAAEC,cAAc,EAAEC,cAAc,EAAEC,MAAM,QAAO,iBAAgB;AAC9E,SAAQC,SAAS,EAAEC,QAAQ,QAAO,sBAAqB;AACvD,SAAQC,eAAe,QAAO,gBAAe;AAE7C,SAAQC,YAAY,QAAO,oBAAmB;AAC9C,SAAQC,YAAY,QAAO,iBAAgB;AAE3C,OAAO,MAAMC,gBAAmC,CAAC,EACIC,cAAcC,aAAa,EAC3BC,aAAa,EACbC,yBAAyB,EACzBC,eAAeb,eAAea,YAAY,EAC1CC,QAAQd,eAAec,KAAK,EAC5BC,SAAS,EACTC,QAAQ,EACRC,SAAS,EACTC,WAAW,EACXC,QAAQ,EACRC,MAAM,EACNC,SAAS,EACZ;IAE9C,IAAI,CAACN,WACD,MAAM,IAAIO,MAAMrB,eAAec,SAAS;IAC5C,IAAI,CAACC,UACD,MAAM,IAAIM,MAAMrB,eAAee,QAAQ;IAC3C,IAAIC,WAAW;QACX,IAAI,CAACC,aACD,MAAM,IAAII,MAAMrB,eAAeiB,WAAW;QAC9C,IAAI,CAACC,UACD,MAAM,IAAIG,MAAMrB,eAAemB,MAAM;QACzC,IAAI,CAACA,QACD,MAAM,IAAIE,MAAMrB,eAAemB,MAAM;IAC7C;IAEA,MAAMX,eAAe;QAAC,GAAGT,eAAeuB,MAAM;QAAE,GAAGb,aAAa;IAAA;IAEhE,OAAO,CAACc;QAEJ,MAAMC,YAAYD,eAAeC,SAAS,IAAI;QAE9C,MAAMC,WAAWF,eAAeG,KAAK,EAAEC,QAAQ;QAE/C,MAAMC,cAAc,GAAGJ,UAAU,KAAK,EAAEC,UAAU;QAClD,MAAMI,eAAeD,cAAc3B,OAAOC,SAAS;QACnD,MAAM4B,cAAcF,cAAc3B,OAAOE,QAAQ;QAEjD,MAAM4B,mBAAqC,CAACC,QACxC1B,aAAa2B,QAAQ,CAACT,YAAaQ,CAAAA,MAAME,GAAG,CAAC,eAAe,EAAC;QAEjE,OAAO;YACH,GAAGX,cAAc;YACjBG,OAAO;gBACH,GAAGH,eAAeG,KAAK;gBACvB,GAAGhB,gBAAgB,CAAC,IAAI;oBACpByB,QAAQ;wBACJC,WAAW;4BACPC,MAAM;4BACNC,aAAa;gCACTC,gBAAgB/B,aAAagC,KAAK,CAACC,IAAI;4BAC3C;wBACJ;oBACJ;gBACJ,CAAC;gBACD,GAAG9B,4BAA4B,CAAC,IAAI;oBAChC+B,YAAY;wBACR,GAAGnB,eAAeG,KAAK,EAAEgB,UAAU;wBACnCC,YAAY;+BACLpB,eAAeG,KAAK,EAAEgB,YAAYC,cAAc,EAAE;4BACrD;gCACIN,MAAM;gCACNO,aAAa;oCACTf;oCACAhB;gCACJ;4BACJ;yBACH;oBACL;gBACJ,CAAC;gBACDgC,QAAQ;oBACJ,GAAGtB,eAAeG,KAAK,EAAEmB,MAAM;oBAC/BC,SAAS;wBACLhC;wBACAC;wBACAe;wBACAS,gBAAgB/B,aAAagC,KAAK,CAACC,IAAI;oBAC3C;gBACJ;YACJ;YACAM,aAAa,AAACxB,CAAAA,eAAewB,WAAW,IAAI,EAAE,AAAD,EAAGC,GAAG,CAAC,CAACC;gBAEjD,MAAMC,aAAa,OAAOD,WAAWE,IAAI,IAAI,YAAY,CAAC,IAAIF,WAAWE,IAAI;gBAE7E,OAAO;oBACH,GAAGF,UAAU;oBACb,GAAGA,WAAWG,IAAI,IAAI3B,WAAW;wBAC7B0B,MAAM;4BACF,GAAGD,UAAU;4BACbG,sBAAsB;4BACtBC,YAAY;mCACLJ,YAAYI,cAAc,EAAE;gCAC/BlD,gBAAgB;oCACZqB;oCACAjB;oCACAI,cAAcA;oCACdE,WAAWA;oCACXC,UAAUA;oCACV,GAAIC,YAAY;wCACZA,WAAW;wCACXC,aAAaA;wCACbC,UAAUD;wCACVE,QAAQA;oCACZ,IAAI;wCAACH,WAAWuC;oCAAS,CAAC;gCAC9B;6BACH;wBACL;wBACAC,OAAO;4BACHC,aAAa;gCAAC,UAAY,AAAC,CAAA,MAAM5D,SAAQ,EAAG6D,MAAM,CAAC5D,QAAQ6D,OAAO;6BAAE;wBACxE;wBACAC,WAAW;4BACP;gCACIvB,MAAMpC,OAAOC,SAAS;gCACtB2D,QAAQ;gCACRC,SAAS5D;4BACb;4BACA;gCACImC,MAAMpC,OAAOE,QAAQ;gCACrB0D,QAAQ;gCACRC,SAAS3D,SAASiB,aAAaW;4BACnC;yBACH;wBACDT,QAAQ;+BACD2B,WAAW3B,MAAM;4BACpB;gCACI,GAAGd,aAAauD,EAAE;gCAClBC,MAAM;gCACNtC,OAAO;oCACHuC,UAAU;gCACd;gCACAC,OAAO;gCACPC,QAAQ;gCACRC,UAAU;4BACd;4BACA;gCACI,GAAG5D,aAAaiC,IAAI;gCACpBuB,MAAM;gCACNtC,OAAO;oCACHuC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGzD,aAAa6D,KAAK;gCACrBL,MAAM;gCACNtC,OAAO;oCACHuC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGzD,aAAagC,KAAK;gCACrBwB,MAAM;gCACNtC,OAAO;oCACHuC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGzD,aAAa8D,KAAK;gCACrBN,MAAM;gCACNtC,OAAO;oCACHuC,UAAU;gCACd;gCACA3C,QAAQ;oCACJ;wCACI,GAAGd,aAAa+D,UAAU,CAAC9B,IAAI;wCAC/BuB,MAAM;oCACV;iCACH;4BACL;yBACH;oBACL,IAAI,CAAC,CAAC;gBACV;YACJ;YACAQ,MAAM;gBACF,GAAGjD,eAAeiD,IAAI;gBACtBnE,cAAc;oBACV,GAAGkB,eAAeiD,IAAI,EAAEnE,YAAY;oBACpCoE,IAAI;wBACA,GAAGlD,eAAeiD,IAAI,EAAEnE,cAAcoE,EAAE;wBACxC,GAAGpE,aAAaoE,EAAE;oBACtB;oBACAC,IAAI;wBACA,GAAGnD,eAAeiD,IAAI,EAAEnE,cAAcqE,EAAE;wBACxC,GAAGrE,aAAaqE,EAAE;oBACtB;gBACJ;YACJ;QACJ;IAEJ;AAEJ,EAAC"}
|
package/dist/strategy.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"strategy.d.ts","sourceRoot":"","sources":["../src/strategy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAiB,mBAAmB,EAAC,MAAM,YAAY,CAAA;AAK9D,eAAO,MAAM,eAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"strategy.d.ts","sourceRoot":"","sources":["../src/strategy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAiB,mBAAmB,EAAC,MAAM,YAAY,CAAA;AAK9D,eAAO,MAAM,eAAe,EAAE,mBAkG5B,CAAA"}
|
package/dist/strategy.js
CHANGED
|
@@ -34,8 +34,11 @@ export const zitadelStrategy = ({ authSlug, fieldsConfig, strategyName, issuerUR
|
|
|
34
34
|
}
|
|
35
35
|
// in case of normal browsing
|
|
36
36
|
if (!idp_id && cookieStore.has(COOKIES.idToken)) {
|
|
37
|
-
|
|
38
|
-
|
|
37
|
+
const { payload: jwtPayload } = await jwtVerify(cookieStore.get(COOKIES.idToken)?.value ?? '', new TextEncoder().encode(payload.secret));
|
|
38
|
+
if (jwtPayload.sub) {
|
|
39
|
+
id_token = jwtPayload;
|
|
40
|
+
idp_id = jwtPayload.sub;
|
|
41
|
+
}
|
|
39
42
|
}
|
|
40
43
|
// search for associated user; if not found, create one
|
|
41
44
|
if (idp_id) {
|
package/dist/strategy.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/strategy.ts"],"sourcesContent":["import {ZitadelIdToken, ZitadelStrategyType} from './types.js'\nimport {SignJWT, jwtVerify} from 'jose'\nimport {cookies} from 'next/headers.js'\nimport {COOKIES} from './constants.js'\n\nexport const zitadelStrategy: ZitadelStrategyType = ({\n authSlug,\n fieldsConfig,\n strategyName,\n issuerURL,\n enableAPI,\n apiClientId,\n apiKeyId,\n apiKey\n }) => ({\n name: strategyName,\n authenticate: async ({headers, payload}) => {\n\n let id, idp_id, id_token\n\n const cookieStore = await cookies()\n\n if (enableAPI) {\n // in case of incoming API call from the app\n const authHeader = headers.get('Authorization')\n if (authHeader?.includes('Bearer')) {\n const introspect = await fetch(`${issuerURL}/oauth/v2/introspect`, {\n method: 'post',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded'\n },\n body: new URLSearchParams({\n 'client_assertion_type': 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',\n 'client_assertion': await new SignJWT()\n .setProtectedHeader({alg: 'RS256', kid: apiKeyId})\n .setIssuer(apiClientId)\n .setAudience(issuerURL)\n .setSubject(apiClientId)\n .setIssuedAt()\n .setExpirationTime('1h')\n .sign(new TextEncoder().encode(apiKey)),\n 'token': authHeader.split(' ')[1]\n })\n })\n if (introspect.ok) {\n const data = await introspect.json()\n if (data?.active) {\n idp_id = data.sub\n }\n }\n }\n }\n\n // in case of normal browsing\n if (!idp_id && cookieStore.has(COOKIES.idToken)) {\n
|
|
1
|
+
{"version":3,"sources":["../src/strategy.ts"],"sourcesContent":["import {ZitadelIdToken, ZitadelStrategyType} from './types.js'\nimport {SignJWT, jwtVerify} from 'jose'\nimport {cookies} from 'next/headers.js'\nimport {COOKIES} from './constants.js'\n\nexport const zitadelStrategy: ZitadelStrategyType = ({\n authSlug,\n fieldsConfig,\n strategyName,\n issuerURL,\n enableAPI,\n apiClientId,\n apiKeyId,\n apiKey\n }) => ({\n name: strategyName,\n authenticate: async ({headers, payload}) => {\n\n let id, idp_id, id_token\n\n const cookieStore = await cookies()\n\n if (enableAPI) {\n // in case of incoming API call from the app\n const authHeader = headers.get('Authorization')\n if (authHeader?.includes('Bearer')) {\n const introspect = await fetch(`${issuerURL}/oauth/v2/introspect`, {\n method: 'post',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded'\n },\n body: new URLSearchParams({\n 'client_assertion_type': 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',\n 'client_assertion': await new SignJWT()\n .setProtectedHeader({alg: 'RS256', kid: apiKeyId})\n .setIssuer(apiClientId)\n .setAudience(issuerURL)\n .setSubject(apiClientId)\n .setIssuedAt()\n .setExpirationTime('1h')\n .sign(new TextEncoder().encode(apiKey)),\n 'token': authHeader.split(' ')[1]\n })\n })\n if (introspect.ok) {\n const data = await introspect.json()\n if (data?.active) {\n idp_id = data.sub\n }\n }\n }\n }\n\n // in case of normal browsing\n if (!idp_id && cookieStore.has(COOKIES.idToken)) {\n const {payload: jwtPayload} = await jwtVerify<ZitadelIdToken>(cookieStore.get(COOKIES.idToken)?.value ?? '', new TextEncoder().encode(payload.secret))\n if (jwtPayload.sub) {\n id_token = jwtPayload\n idp_id = jwtPayload.sub\n }\n }\n\n // search for associated user; if not found, create one\n if (idp_id) {\n const {docs, totalDocs} = await payload.find({\n collection: authSlug,\n where: {\n [fieldsConfig.id.name]: {\n equals: idp_id\n }\n }\n })\n id = totalDocs ? docs[0].id : (await payload.create({\n collection: authSlug,\n data: {\n [fieldsConfig.id.name]: idp_id\n }\n })).id\n }\n\n // update user information if possible\n if (id && id_token) {\n await payload.update({\n collection: authSlug,\n id,\n data: {\n [fieldsConfig.name.name]: id_token.name,\n [fieldsConfig.email.name]: id_token.email,\n [fieldsConfig.image.name]: id_token.picture,\n [fieldsConfig.roles.name]: Object.keys(id_token['urn:zitadel:iam:org:project:roles'] ?? {})\n .map(key => ({[fieldsConfig.roleFields.name.name]: key}))\n }\n })\n }\n\n return {\n user: id ? {\n collection: authSlug,\n id\n } : null\n }\n\n }\n})"],"names":["SignJWT","jwtVerify","cookies","COOKIES","zitadelStrategy","authSlug","fieldsConfig","strategyName","issuerURL","enableAPI","apiClientId","apiKeyId","apiKey","name","authenticate","headers","payload","id","idp_id","id_token","cookieStore","authHeader","get","includes","introspect","fetch","method","body","URLSearchParams","setProtectedHeader","alg","kid","setIssuer","setAudience","setSubject","setIssuedAt","setExpirationTime","sign","TextEncoder","encode","split","ok","data","json","active","sub","has","idToken","jwtPayload","value","secret","docs","totalDocs","find","collection","where","equals","create","update","email","image","picture","roles","Object","keys","map","key","roleFields","user"],"mappings":"AACA,SAAQA,OAAO,EAAEC,SAAS,QAAO,OAAM;AACvC,SAAQC,OAAO,QAAO,kBAAiB;AACvC,SAAQC,OAAO,QAAO,iBAAgB;AAEtC,OAAO,MAAMC,kBAAuC,CAAC,EACIC,QAAQ,EACRC,YAAY,EACZC,YAAY,EACZC,SAAS,EACTC,SAAS,EACTC,WAAW,EACXC,QAAQ,EACRC,MAAM,EACT,GAAM,CAAA;QACxDC,MAAMN;QACNO,cAAc,OAAO,EAACC,OAAO,EAAEC,OAAO,EAAC;YAEnC,IAAIC,IAAIC,QAAQC;YAEhB,MAAMC,cAAc,MAAMlB;YAE1B,IAAIO,WAAW;gBACX,4CAA4C;gBAC5C,MAAMY,aAAaN,QAAQO,GAAG,CAAC;gBAC/B,IAAID,YAAYE,SAAS,WAAW;oBAChC,MAAMC,aAAa,MAAMC,MAAM,GAAGjB,UAAU,oBAAoB,CAAC,EAAE;wBAC/DkB,QAAQ;wBACRX,SAAS;4BACL,gBAAgB;wBACpB;wBACAY,MAAM,IAAIC,gBAAgB;4BACtB,yBAAyB;4BACzB,oBAAoB,MAAM,IAAI5B,UACzB6B,kBAAkB,CAAC;gCAACC,KAAK;gCAASC,KAAKpB;4BAAQ,GAC/CqB,SAAS,CAACtB,aACVuB,WAAW,CAACzB,WACZ0B,UAAU,CAACxB,aACXyB,WAAW,GACXC,iBAAiB,CAAC,MAClBC,IAAI,CAAC,IAAIC,cAAcC,MAAM,CAAC3B;4BACnC,SAASS,WAAWmB,KAAK,CAAC,IAAI,CAAC,EAAE;wBACrC;oBACJ;oBACA,IAAIhB,WAAWiB,EAAE,EAAE;wBACf,MAAMC,OAAO,MAAMlB,WAAWmB,IAAI;wBAClC,IAAID,MAAME,QAAQ;4BACd1B,SAASwB,KAAKG,GAAG;wBACrB;oBACJ;gBACJ;YACJ;YAEA,6BAA6B;YAC7B,IAAI,CAAC3B,UAAUE,YAAY0B,GAAG,CAAC3C,QAAQ4C,OAAO,GAAG;gBAC7C,MAAM,EAAC/B,SAASgC,UAAU,EAAC,GAAG,MAAM/C,UAA0BmB,YAAYE,GAAG,CAACnB,QAAQ4C,OAAO,GAAGE,SAAS,IAAI,IAAIX,cAAcC,MAAM,CAACvB,QAAQkC,MAAM;gBACpJ,IAAIF,WAAWH,GAAG,EAAE;oBAChB1B,WAAW6B;oBACX9B,SAAS8B,WAAWH,GAAG;gBAC3B;YACJ;YAEA,uDAAuD;YACvD,IAAI3B,QAAQ;gBACR,MAAM,EAACiC,IAAI,EAAEC,SAAS,EAAC,GAAG,MAAMpC,QAAQqC,IAAI,CAAC;oBACzCC,YAAYjD;oBACZkD,OAAO;wBACH,CAACjD,aAAaW,EAAE,CAACJ,IAAI,CAAC,EAAE;4BACpB2C,QAAQtC;wBACZ;oBACJ;gBACJ;gBACAD,KAAKmC,YAAYD,IAAI,CAAC,EAAE,CAAClC,EAAE,GAAG,AAAC,CAAA,MAAMD,QAAQyC,MAAM,CAAC;oBAChDH,YAAYjD;oBACZqC,MAAM;wBACF,CAACpC,aAAaW,EAAE,CAACJ,IAAI,CAAC,EAAEK;oBAC5B;gBACJ,EAAC,EAAGD,EAAE;YACV;YAEA,sCAAsC;YACtC,IAAIA,MAAME,UAAU;gBAChB,MAAMH,QAAQ0C,MAAM,CAAC;oBACjBJ,YAAYjD;oBACZY;oBACAyB,MAAM;wBACF,CAACpC,aAAaO,IAAI,CAACA,IAAI,CAAC,EAAEM,SAASN,IAAI;wBACvC,CAACP,aAAaqD,KAAK,CAAC9C,IAAI,CAAC,EAAEM,SAASwC,KAAK;wBACzC,CAACrD,aAAasD,KAAK,CAAC/C,IAAI,CAAC,EAAEM,SAAS0C,OAAO;wBAC3C,CAACvD,aAAawD,KAAK,CAACjD,IAAI,CAAC,EAAEkD,OAAOC,IAAI,CAAC7C,QAAQ,CAAC,oCAAoC,IAAI,CAAC,GACpF8C,GAAG,CAACC,CAAAA,MAAQ,CAAA;gCAAC,CAAC5D,aAAa6D,UAAU,CAACtD,IAAI,CAACA,IAAI,CAAC,EAAEqD;4BAAG,CAAA;oBAC9D;gBACJ;YACJ;YAEA,OAAO;gBACHE,MAAMnD,KAAK;oBACPqC,YAAYjD;oBACZY;gBACJ,IAAI;YACR;QAEJ;IACJ,CAAA,EAAE"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "payload-zitadel-plugin",
|
|
3
|
-
"version": "0.3.
|
|
3
|
+
"version": "0.3.3",
|
|
4
4
|
"description": "plugin for Payload CMS, which enables authentication via Zitadel IdP",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"license": "MIT",
|
|
@@ -36,26 +36,26 @@
|
|
|
36
36
|
"dist"
|
|
37
37
|
],
|
|
38
38
|
"dependencies": {
|
|
39
|
-
"@payloadcms/next": "^3.
|
|
40
|
-
"@payloadcms/translations": "^3.
|
|
41
|
-
"@payloadcms/ui": "^3.
|
|
39
|
+
"@payloadcms/next": "^3.4.0",
|
|
40
|
+
"@payloadcms/translations": "^3.4.0",
|
|
41
|
+
"@payloadcms/ui": "^3.4.0",
|
|
42
42
|
"jose": "^5.9.6",
|
|
43
43
|
"next": "^15.0.3",
|
|
44
|
-
"payload": "^3.
|
|
45
|
-
"react": "19.0.0-rc-
|
|
46
|
-
"react-dom": "19.0.0-rc-
|
|
44
|
+
"payload": "^3.4.0",
|
|
45
|
+
"react": "19.0.0-rc-de68d2f4-20241204",
|
|
46
|
+
"react-dom": "19.0.0-rc-de68d2f4-20241204"
|
|
47
47
|
},
|
|
48
48
|
"devDependencies": {
|
|
49
|
-
"@swc/cli": "^0.5.
|
|
50
|
-
"@swc/core": "^1.
|
|
51
|
-
"@types/node": "^22.10.
|
|
52
|
-
"@types/react": "^18.3.
|
|
49
|
+
"@swc/cli": "^0.5.2",
|
|
50
|
+
"@swc/core": "^1.10.0",
|
|
51
|
+
"@types/node": "^22.10.1",
|
|
52
|
+
"@types/react": "^18.3.13",
|
|
53
53
|
"@types/react-dom": "^18.3.1",
|
|
54
54
|
"rimraf": "^6.0.1",
|
|
55
55
|
"typescript": "^5.7.2"
|
|
56
56
|
},
|
|
57
57
|
"engines": {
|
|
58
|
-
"node": "^22.
|
|
58
|
+
"node": "^22.12.0"
|
|
59
59
|
},
|
|
60
60
|
"exports": {
|
|
61
61
|
".": {
|