payload-zitadel-plugin 0.3.2 → 0.3.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/components/client/Avatar.d.ts +4 -0
- package/dist/components/client/Avatar.d.ts.map +1 -0
- package/dist/components/{Avatar.js → client/Avatar.js} +3 -5
- package/dist/components/client/Avatar.js.map +1 -0
- package/dist/components/client/index.d.ts +6 -0
- package/dist/components/client/index.d.ts.map +1 -0
- package/dist/components/client/index.js +8 -0
- package/dist/components/client/index.js.map +1 -0
- package/dist/components/index.d.ts +2 -2
- package/dist/components/index.d.ts.map +1 -1
- package/dist/components/index.js +2 -2
- package/dist/components/index.js.map +1 -1
- package/dist/components/server/LoginButton.d.ts +4 -0
- package/dist/components/server/LoginButton.d.ts.map +1 -0
- package/dist/components/{LoginButton.js → server/LoginButton.js} +1 -1
- package/dist/components/server/LoginButton.js.map +1 -0
- package/dist/components/server/index.d.ts +6 -0
- package/dist/components/server/index.d.ts.map +1 -0
- package/dist/components/server/index.js +8 -0
- package/dist/components/server/index.js.map +1 -0
- package/dist/constants.d.ts +1 -0
- package/dist/constants.d.ts.map +1 -1
- package/dist/constants.js +1 -0
- package/dist/constants.js.map +1 -1
- package/dist/handlers/authorize.d.ts +1 -1
- package/dist/handlers/authorize.d.ts.map +1 -1
- package/dist/handlers/authorize.js +1 -2
- package/dist/handlers/authorize.js.map +1 -1
- package/dist/handlers/callback.d.ts +2 -2
- package/dist/handlers/callback.d.ts.map +1 -1
- package/dist/handlers/callback.js +1 -1
- package/dist/handlers/callback.js.map +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +9 -3
- package/dist/index.js.map +1 -1
- package/dist/strategy.d.ts +1 -1
- package/dist/strategy.d.ts.map +1 -1
- package/dist/strategy.js +1 -1
- package/dist/strategy.js.map +1 -1
- package/dist/types.d.ts +7 -3
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js.map +1 -1
- package/package.json +19 -14
- package/dist/components/Avatar.d.ts +0 -5
- package/dist/components/Avatar.d.ts.map +0 -1
- package/dist/components/Avatar.js.map +0 -1
- package/dist/components/LoginButton.d.ts +0 -4
- package/dist/components/LoginButton.d.ts.map +0 -1
- package/dist/components/LoginButton.js.map +0 -1
package/README.md
CHANGED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Avatar.d.ts","sourceRoot":"","sources":["../../../src/components/client/Avatar.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,MAAM,OAAO,CAAA;AAGzB,OAAO,KAAK,EAAC,kBAAkB,EAAC,MAAM,gBAAgB,CAAA;AAEtD,eAAO,MAAM,MAAM,+BAA8B,kBAAkB,sBAiBlE,CAAA"}
|
|
@@ -1,11 +1,9 @@
|
|
|
1
1
|
'use client';
|
|
2
|
-
import
|
|
2
|
+
import React from 'react';
|
|
3
3
|
import { DefaultAccountIcon } from '@payloadcms/ui/graphics/Account/Default';
|
|
4
|
-
import { useAuth
|
|
5
|
-
export const Avatar = ({ active })=>{
|
|
4
|
+
import { useAuth } from '@payloadcms/ui';
|
|
5
|
+
export const Avatar = ({ active, imageFieldName })=>{
|
|
6
6
|
const { user } = useAuth();
|
|
7
|
-
const { config: { admin: { custom } } } = useConfig();
|
|
8
|
-
const { zitadel: { imageFieldName } } = custom;
|
|
9
7
|
return user && user[imageFieldName] ? /*#__PURE__*/ React.createElement(React.Fragment, null, /*#__PURE__*/ React.createElement("style", null, 'zitadel-avatar:hover { filter: brightness(1.2); }'), /*#__PURE__*/ React.createElement("img", {
|
|
10
8
|
className: "zitadel-avatar",
|
|
11
9
|
src: user[imageFieldName],
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../src/components/client/Avatar.tsx"],"sourcesContent":["'use client'\n\nimport React from 'react'\nimport {DefaultAccountIcon} from '@payloadcms/ui/graphics/Account/Default'\nimport {useAuth} from '@payloadcms/ui'\nimport type {ZitadelAvatarProps} from '../../types.js'\n\nexport const Avatar = ({active, imageFieldName}: ZitadelAvatarProps) => {\n\n const {user} = useAuth()\n\n return (\n user && user[imageFieldName] ?\n <>\n <style>{'zitadel-avatar:hover { filter: brightness(1.2); }'}</style>\n <img className=\"zitadel-avatar\" src={user[imageFieldName]} height={25} width={25} alt=\"Profile Picture\"\n style={{\n borderRadius: '100%',\n ...(active ? {filter: 'brightness(.8)'} : {})\n }}/>\n </> :\n <DefaultAccountIcon active={active}/>\n )\n\n}\n"],"names":["React","DefaultAccountIcon","useAuth","Avatar","active","imageFieldName","user","style","img","className","src","height","width","alt","borderRadius","filter"],"mappings":"AAAA;AAEA,OAAOA,WAAW,QAAO;AACzB,SAAQC,kBAAkB,QAAO,0CAAyC;AAC1E,SAAQC,OAAO,QAAO,iBAAgB;AAGtC,OAAO,MAAMC,SAAS,CAAC,EAACC,MAAM,EAAEC,cAAc,EAAqB;IAE/D,MAAM,EAACC,IAAI,EAAC,GAAGJ;IAEf,OACII,QAAQA,IAAI,CAACD,eAAe,iBACxB,wDACI,oBAACE,eAAO,oEACR,oBAACC;QAAIC,WAAU;QAAiBC,KAAKJ,IAAI,CAACD,eAAe;QAAEM,QAAQ;QAAIC,OAAO;QAAIC,KAAI;QACjFN,OAAO;YACHO,cAAc;YACd,GAAIV,SAAS;gBAACW,QAAQ;YAAgB,IAAI,CAAC,CAAC;QAChD;wBAET,oBAACd;QAAmBG,QAAQA;;AAGxC,EAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/components/client/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAC,MAAM,EAAC,MAAM,aAAa,CAAA;AAElC,eAAO,MAAM,eAAe;;;CAGD,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../src/components/client/index.ts"],"sourcesContent":["import type {CustomComponent} from 'payload'\nimport {COMPONENTS_PATH} from '../../constants.js'\n\nexport {Avatar} from './Avatar.js'\n\nexport const AvatarComponent = {\n path: `${COMPONENTS_PATH}/client`,\n exportName: 'Avatar'\n} satisfies CustomComponent"],"names":["COMPONENTS_PATH","Avatar","AvatarComponent","path","exportName"],"mappings":"AACA,SAAQA,eAAe,QAAO,qBAAoB;AAElD,SAAQC,MAAM,QAAO,cAAa;AAElC,OAAO,MAAMC,kBAAkB;IAC3BC,MAAM,GAAGH,gBAAgB,OAAO,CAAC;IACjCI,YAAY;AAChB,EAA2B"}
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
export {
|
|
2
|
-
export {
|
|
1
|
+
export { AvatarComponent } from './client/index.js';
|
|
2
|
+
export { LoginButtonComponent } from './server/index.js';
|
|
3
3
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/components/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/components/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,eAAe,EAAC,MAAM,mBAAmB,CAAA;AACjD,OAAO,EAAC,oBAAoB,EAAC,MAAM,mBAAmB,CAAA"}
|
package/dist/components/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/components/index.ts"],"sourcesContent":["export {
|
|
1
|
+
{"version":3,"sources":["../../src/components/index.ts"],"sourcesContent":["export {AvatarComponent} from './client/index.js'\nexport {LoginButtonComponent} from './server/index.js'"],"names":["AvatarComponent","LoginButtonComponent"],"mappings":"AAAA,SAAQA,eAAe,QAAO,oBAAmB;AACjD,SAAQC,oBAAoB,QAAO,oBAAmB"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"LoginButton.d.ts","sourceRoot":"","sources":["../../../src/components/server/LoginButton.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAA;AAEzB,OAAO,KAAK,EAAC,uBAAuB,EAAC,MAAM,gBAAgB,CAAA;AAE3D,eAAO,MAAM,WAAW,kCAAuC,uBAAuB,+BAK5E,CAAA"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import React from 'react';
|
|
2
2
|
import { Button } from '@payloadcms/ui';
|
|
3
|
-
export const LoginButton = ({ i18n, authorizeURL, label })=>/*#__PURE__*/ React.createElement("div", {
|
|
3
|
+
export const LoginButton = async ({ i18n, authorizeURL, label })=>/*#__PURE__*/ React.createElement("div", {
|
|
4
4
|
style: {
|
|
5
5
|
display: 'flex',
|
|
6
6
|
justifyContent: 'center'
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../src/components/server/LoginButton.tsx"],"sourcesContent":["import React from 'react'\nimport {Button} from '@payloadcms/ui'\nimport type {ZitadelLoginButtonProps} from '../../types.js'\n\nexport const LoginButton = async ({i18n, authorizeURL, label}: ZitadelLoginButtonProps) =>\n <div style={{display: 'flex', justifyContent: 'center'}}>\n <Button el=\"anchor\" url={authorizeURL}>\n {i18n.t('zitadelPlugin:signIn', {label})}\n </Button>\n </div>"],"names":["React","Button","LoginButton","i18n","authorizeURL","label","div","style","display","justifyContent","el","url","t"],"mappings":"AAAA,OAAOA,WAAW,QAAO;AACzB,SAAQC,MAAM,QAAO,iBAAgB;AAGrC,OAAO,MAAMC,cAAc,OAAO,EAACC,IAAI,EAAEC,YAAY,EAAEC,KAAK,EAA0B,iBAClF,oBAACC;QAAIC,OAAO;YAACC,SAAS;YAAQC,gBAAgB;QAAQ;qBAClD,oBAACR;QAAOS,IAAG;QAASC,KAAKP;OACpBD,KAAKS,CAAC,CAAC,wBAAwB;QAACP;IAAK,KAExC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/components/server/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAC,WAAW,EAAC,MAAM,kBAAkB,CAAA;AAE5C,eAAO,MAAM,oBAAoB;;;CAGN,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../src/components/server/index.ts"],"sourcesContent":["import type {CustomComponent} from 'payload'\nimport {COMPONENTS_PATH} from '../../constants.js'\n\nexport {LoginButton} from './LoginButton.js'\n\nexport const LoginButtonComponent = {\n path: `${COMPONENTS_PATH}/server`,\n exportName: 'LoginButton'\n} satisfies CustomComponent"],"names":["COMPONENTS_PATH","LoginButton","LoginButtonComponent","path","exportName"],"mappings":"AACA,SAAQA,eAAe,QAAO,qBAAoB;AAElD,SAAQC,WAAW,QAAO,mBAAkB;AAE5C,OAAO,MAAMC,uBAAuB;IAChCC,MAAM,GAAGH,gBAAgB,OAAO,CAAC;IACjCI,YAAY;AAChB,EAA2B"}
|
package/dist/constants.d.ts
CHANGED
package/dist/constants.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,OAAO;;;;CAInB,CAAA;AAED,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAsC1B,CAAA;AAED,eAAO,MAAM,cAAc;;;;;;CAM1B,CAAA;AACD,eAAO,MAAM,MAAM;;;;CAIlB,CAAA"}
|
|
1
|
+
{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,eAAe,sCAAsC,CAAA;AAElE,eAAO,MAAM,OAAO;;;;CAInB,CAAA;AAED,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAsC1B,CAAA;AAED,eAAO,MAAM,cAAc;;;;;;CAM1B,CAAA;AACD,eAAO,MAAM,MAAM;;;;CAIlB,CAAA"}
|
package/dist/constants.js
CHANGED
package/dist/constants.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/constants.ts"],"sourcesContent":["import {ZitadelFieldsConfig} from './types.js'\n\nexport const COOKIES = {\n pkce: 'zitadel_pkce_code_verifier',\n idToken: 'zitadel_id_token',\n state: 'zitadel_state'\n}\n\nexport const DEFAULT_CONFIG = {\n fields: {\n id: {\n name: 'idp_id',\n label: {\n de: 'Identifikation im System des Identitätsanbieters',\n en: 'Identifier in the system of the Identity Provider'\n }\n },\n name: {\n name: 'name',\n label: {de: 'Name', en: 'Name'}\n },\n email: {\n name: 'email',\n label: {de: 'E-Mail', en: 'Email'}\n },\n image: {\n name: 'image',\n label: {de: 'Profilbild-URL', en: 'Profile picture URL'}\n },\n roles: {\n name: 'roles',\n label: {de: 'Rollen', en: 'Roles'},\n labels: {\n singular: {de: 'Rolle', en: 'Role'},\n plural: {de: 'Rollen', en: 'Roles'}\n }\n },\n roleFields: {\n name: {\n name: 'name',\n label: {de: 'Name', en: 'Name'}\n }\n }\n } satisfies ZitadelFieldsConfig,\n strategyName: 'zitadel',\n label: 'Zitadel'\n}\n\nexport const ERROR_MESSAGES = {\n issuerURL: 'ZITADEL-PLUGIN: ISSUER-URL IS EMPTY',\n clientId: 'ZITADEL-PLUGIN: CLIENT-ID IS EMPTY',\n apiClientId: 'ZITADEL-PLUGIN: API ENABLED, BUT API-CLIENT-ID IS EMPTY',\n apiKeyId: 'ZITADEL-PLUGIN: API ENABLED, BUT API-KEY-ID IS EMPTY',\n apiKey: 'ZITADEL-PLUGIN: API ENABLED, BUT API-KEY IS EMPTY'\n}\nexport const ROUTES = {\n authorize: '/authorize',\n callback: '/callback',\n redirect: '/redirect'\n}\n\n"],"names":["COOKIES","pkce","idToken","state","DEFAULT_CONFIG","fields","id","name","label","de","en","email","image","roles","labels","singular","plural","roleFields","strategyName","ERROR_MESSAGES","issuerURL","clientId","apiClientId","apiKeyId","apiKey","ROUTES","authorize","callback","redirect"],"mappings":"AAEA,OAAO,MAAMA,UAAU;IACnBC,MAAM;IACNC,SAAS;IACTC,OAAO;AACX,EAAC;AAED,OAAO,MAAMC,iBAAiB;IAC1BC,QAAQ;QACJC,IAAI;YACAC,MAAM;YACNC,OAAO;gBACHC,IAAI;gBACJC,IAAI;YACR;QACJ;QACAH,MAAM;YACFA,MAAM;YACNC,OAAO;gBAACC,IAAI;gBAAQC,IAAI;YAAM;QAClC;QACAC,OAAO;YACHJ,MAAM;YACNC,OAAO;gBAACC,IAAI;gBAAUC,IAAI;YAAO;QACrC;QACAE,OAAO;YACHL,MAAM;YACNC,OAAO;gBAACC,IAAI;gBAAkBC,IAAI;YAAqB;QAC3D;QACAG,OAAO;YACHN,MAAM;YACNC,OAAO;gBAACC,IAAI;gBAAUC,IAAI;YAAO;YACjCI,QAAQ;gBACJC,UAAU;oBAACN,IAAI;oBAASC,IAAI;gBAAM;gBAClCM,QAAQ;oBAACP,IAAI;oBAAUC,IAAI;gBAAO;YACtC;QACJ;QACAO,YAAY;YACRV,MAAM;gBACFA,MAAM;gBACNC,OAAO;oBAACC,IAAI;oBAAQC,IAAI;gBAAM;YAClC;QACJ;IACJ;IACAQ,cAAc;IACdV,OAAO;AACX,EAAC;AAED,OAAO,MAAMW,iBAAiB;IAC1BC,WAAW;IACXC,UAAU;IACVC,aAAa;IACbC,UAAU;IACVC,QAAQ;AACZ,EAAC;AACD,OAAO,MAAMC,SAAS;IAClBC,WAAW;IACXC,UAAU;IACVC,UAAU;AACd,EAAC"}
|
|
1
|
+
{"version":3,"sources":["../src/constants.ts"],"sourcesContent":["import type {ZitadelFieldsConfig} from './types.js'\n\nexport const COMPONENTS_PATH = 'payload-zitadel-plugin/components'\n\nexport const COOKIES = {\n pkce: 'zitadel_pkce_code_verifier',\n idToken: 'zitadel_id_token',\n state: 'zitadel_state'\n}\n\nexport const DEFAULT_CONFIG = {\n fields: {\n id: {\n name: 'idp_id',\n label: {\n de: 'Identifikation im System des Identitätsanbieters',\n en: 'Identifier in the system of the Identity Provider'\n }\n },\n name: {\n name: 'name',\n label: {de: 'Name', en: 'Name'}\n },\n email: {\n name: 'email',\n label: {de: 'E-Mail', en: 'Email'}\n },\n image: {\n name: 'image',\n label: {de: 'Profilbild-URL', en: 'Profile picture URL'}\n },\n roles: {\n name: 'roles',\n label: {de: 'Rollen', en: 'Roles'},\n labels: {\n singular: {de: 'Rolle', en: 'Role'},\n plural: {de: 'Rollen', en: 'Roles'}\n }\n },\n roleFields: {\n name: {\n name: 'name',\n label: {de: 'Name', en: 'Name'}\n }\n }\n } satisfies ZitadelFieldsConfig,\n strategyName: 'zitadel',\n label: 'Zitadel'\n}\n\nexport const ERROR_MESSAGES = {\n issuerURL: 'ZITADEL-PLUGIN: ISSUER-URL IS EMPTY',\n clientId: 'ZITADEL-PLUGIN: CLIENT-ID IS EMPTY',\n apiClientId: 'ZITADEL-PLUGIN: API ENABLED, BUT API-CLIENT-ID IS EMPTY',\n apiKeyId: 'ZITADEL-PLUGIN: API ENABLED, BUT API-KEY-ID IS EMPTY',\n apiKey: 'ZITADEL-PLUGIN: API ENABLED, BUT API-KEY IS EMPTY'\n}\nexport const ROUTES = {\n authorize: '/authorize',\n callback: '/callback',\n redirect: '/redirect'\n}\n\n"],"names":["COMPONENTS_PATH","COOKIES","pkce","idToken","state","DEFAULT_CONFIG","fields","id","name","label","de","en","email","image","roles","labels","singular","plural","roleFields","strategyName","ERROR_MESSAGES","issuerURL","clientId","apiClientId","apiKeyId","apiKey","ROUTES","authorize","callback","redirect"],"mappings":"AAEA,OAAO,MAAMA,kBAAkB,oCAAmC;AAElE,OAAO,MAAMC,UAAU;IACnBC,MAAM;IACNC,SAAS;IACTC,OAAO;AACX,EAAC;AAED,OAAO,MAAMC,iBAAiB;IAC1BC,QAAQ;QACJC,IAAI;YACAC,MAAM;YACNC,OAAO;gBACHC,IAAI;gBACJC,IAAI;YACR;QACJ;QACAH,MAAM;YACFA,MAAM;YACNC,OAAO;gBAACC,IAAI;gBAAQC,IAAI;YAAM;QAClC;QACAC,OAAO;YACHJ,MAAM;YACNC,OAAO;gBAACC,IAAI;gBAAUC,IAAI;YAAO;QACrC;QACAE,OAAO;YACHL,MAAM;YACNC,OAAO;gBAACC,IAAI;gBAAkBC,IAAI;YAAqB;QAC3D;QACAG,OAAO;YACHN,MAAM;YACNC,OAAO;gBAACC,IAAI;gBAAUC,IAAI;YAAO;YACjCI,QAAQ;gBACJC,UAAU;oBAACN,IAAI;oBAASC,IAAI;gBAAM;gBAClCM,QAAQ;oBAACP,IAAI;oBAAUC,IAAI;gBAAO;YACtC;QACJ;QACAO,YAAY;YACRV,MAAM;gBACFA,MAAM;gBACNC,OAAO;oBAACC,IAAI;oBAAQC,IAAI;gBAAM;YAClC;QACJ;IACJ;IACAQ,cAAc;IACdV,OAAO;AACX,EAAC;AAED,OAAO,MAAMW,iBAAiB;IAC1BC,WAAW;IACXC,UAAU;IACVC,aAAa;IACbC,UAAU;IACVC,QAAQ;AACZ,EAAC;AACD,OAAO,MAAMC,SAAS;IAClBC,WAAW;IACXC,UAAU;IACVC,UAAU;AACd,EAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authorize.d.ts","sourceRoot":"","sources":["../../src/handlers/authorize.ts"],"names":[],"mappings":"AAGA,OAAO,EAAC,cAAc,EAAC,MAAM,SAAS,CAAA;
|
|
1
|
+
{"version":3,"file":"authorize.d.ts","sourceRoot":"","sources":["../../src/handlers/authorize.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,SAAS,CAAA;AAI3C,eAAO,MAAM,SAAS,EAAE,cA8BvB,CAAA"}
|
|
@@ -1,8 +1,7 @@
|
|
|
1
|
-
'use server';
|
|
2
1
|
import process from 'node:process';
|
|
2
|
+
import { cookies } from 'next/headers.js';
|
|
3
3
|
import { NextResponse } from 'next/server.js';
|
|
4
4
|
import { COOKIES } from '../constants.js';
|
|
5
|
-
import { cookies } from 'next/headers.js';
|
|
6
5
|
export const authorize = async ({ searchParams, payload: { config } })=>{
|
|
7
6
|
const { admin: { custom: { zitadel: { issuerURL, clientId, callbackURL } } } } = config;
|
|
8
7
|
const code_verifier = Buffer.from(crypto.getRandomValues(new Uint8Array(24))).toString('base64url');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/handlers/authorize.ts"],"sourcesContent":["
|
|
1
|
+
{"version":3,"sources":["../../src/handlers/authorize.ts"],"sourcesContent":["import process from 'node:process'\nimport {cookies} from 'next/headers.js'\nimport {NextResponse} from 'next/server.js'\nimport type {PayloadHandler} from 'payload'\nimport type {PayloadConfigWithZitadel} from '../types.js'\nimport {COOKIES} from '../constants.js'\n\nexport const authorize: PayloadHandler = async ({searchParams, payload: {config}}) => {\n\n const {admin: {custom: {zitadel: {issuerURL, clientId, callbackURL}}}} = config as PayloadConfigWithZitadel\n\n const code_verifier = Buffer.from(crypto.getRandomValues(new Uint8Array(24))).toString('base64url')\n\n const code_challenge = Buffer.from(await crypto.subtle.digest('SHA-256', new TextEncoder().encode(code_verifier))).toString('base64url')\n\n const cookieStore = await cookies()\n\n cookieStore.set({\n name: COOKIES.pkce,\n value: code_verifier,\n httpOnly: true,\n sameSite: 'lax',\n path: '/',\n maxAge: 300,\n secure: process.env.NODE_ENV == 'production'\n })\n\n return NextResponse.redirect(`${issuerURL}/oauth/v2/authorize?${new URLSearchParams({\n client_id: clientId,\n redirect_uri: callbackURL,\n response_type: 'code',\n scope: 'openid email profile',\n state: btoa(searchParams.toString()),\n code_challenge,\n code_challenge_method: 'S256'\n })}`)\n\n}\n"],"names":["process","cookies","NextResponse","COOKIES","authorize","searchParams","payload","config","admin","custom","zitadel","issuerURL","clientId","callbackURL","code_verifier","Buffer","from","crypto","getRandomValues","Uint8Array","toString","code_challenge","subtle","digest","TextEncoder","encode","cookieStore","set","name","pkce","value","httpOnly","sameSite","path","maxAge","secure","env","NODE_ENV","redirect","URLSearchParams","client_id","redirect_uri","response_type","scope","state","btoa","code_challenge_method"],"mappings":"AAAA,OAAOA,aAAa,eAAc;AAClC,SAAQC,OAAO,QAAO,kBAAiB;AACvC,SAAQC,YAAY,QAAO,iBAAgB;AAG3C,SAAQC,OAAO,QAAO,kBAAiB;AAEvC,OAAO,MAAMC,YAA4B,OAAO,EAACC,YAAY,EAAEC,SAAS,EAACC,MAAM,EAAC,EAAC;IAE7E,MAAM,EAACC,OAAO,EAACC,QAAQ,EAACC,SAAS,EAACC,SAAS,EAAEC,QAAQ,EAAEC,WAAW,EAAC,EAAC,EAAC,EAAC,GAAGN;IAEzE,MAAMO,gBAAgBC,OAAOC,IAAI,CAACC,OAAOC,eAAe,CAAC,IAAIC,WAAW,MAAMC,QAAQ,CAAC;IAEvF,MAAMC,iBAAiBN,OAAOC,IAAI,CAAC,MAAMC,OAAOK,MAAM,CAACC,MAAM,CAAC,WAAW,IAAIC,cAAcC,MAAM,CAACX,iBAAiBM,QAAQ,CAAC;IAE5H,MAAMM,cAAc,MAAMzB;IAE1ByB,YAAYC,GAAG,CAAC;QACZC,MAAMzB,QAAQ0B,IAAI;QAClBC,OAAOhB;QACPiB,UAAU;QACVC,UAAU;QACVC,MAAM;QACNC,QAAQ;QACRC,QAAQnC,QAAQoC,GAAG,CAACC,QAAQ,IAAI;IACpC;IAEA,OAAOnC,aAAaoC,QAAQ,CAAC,GAAG3B,UAAU,oBAAoB,EAAE,IAAI4B,gBAAgB;QAChFC,WAAW5B;QACX6B,cAAc5B;QACd6B,eAAe;QACfC,OAAO;QACPC,OAAOC,KAAKxC,aAAae,QAAQ;QACjCC;QACAyB,uBAAuB;IAC3B,IAAI;AAER,EAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { PayloadHandler } from 'payload';
|
|
2
|
-
import { ZitadelOnSuccess } from '../types.js';
|
|
1
|
+
import type { PayloadHandler } from 'payload';
|
|
2
|
+
import type { ZitadelOnSuccess } from '../types.js';
|
|
3
3
|
export declare const callback: (onSuccess: ZitadelOnSuccess) => PayloadHandler;
|
|
4
4
|
//# sourceMappingURL=callback.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"callback.d.ts","sourceRoot":"","sources":["../../src/handlers/callback.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"callback.d.ts","sourceRoot":"","sources":["../../src/handlers/callback.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,SAAS,CAAA;AAC3C,OAAO,KAAK,EAA2C,gBAAgB,EAAC,MAAM,aAAa,CAAA;AAG3F,eAAO,MAAM,QAAQ,cAAe,gBAAgB,KAAG,cAoEtD,CAAA"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import { cookies } from 'next/headers.js';
|
|
2
1
|
import process from 'node:process';
|
|
3
2
|
import { SignJWT, decodeJwt } from 'jose';
|
|
3
|
+
import { cookies } from 'next/headers.js';
|
|
4
4
|
import { COOKIES } from '../constants.js';
|
|
5
5
|
export const callback = (onSuccess)=>async ({ payload: { config, secret }, query: { code, state } })=>{
|
|
6
6
|
const { admin: { custom: { zitadel: { issuerURL, clientId, callbackURL } } } } = config;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/handlers/callback.ts"],"sourcesContent":["import {
|
|
1
|
+
{"version":3,"sources":["../../src/handlers/callback.ts"],"sourcesContent":["import process from 'node:process'\nimport {SignJWT, decodeJwt} from 'jose'\nimport {cookies} from 'next/headers.js'\nimport type {PayloadHandler} from 'payload'\nimport type {PayloadConfigWithZitadel, ZitadelIdToken, ZitadelOnSuccess} from '../types.js'\nimport {COOKIES} from '../constants.js'\n\nexport const callback = (onSuccess: ZitadelOnSuccess): PayloadHandler => async ({\n payload: {config, secret},\n query: {code, state}\n }) => {\n\n const {admin: {custom: {zitadel: {issuerURL, clientId, callbackURL}}}} = config as PayloadConfigWithZitadel\n\n const cookieStore = await cookies()\n\n const code_verifier = cookieStore.get(COOKIES.pkce)?.value\n\n if (code_verifier) {\n\n const response = await fetch(new URL(`${issuerURL}/oauth/v2/token`), {\n method: 'POST',\n body: new URLSearchParams({\n grant_type: 'authorization_code',\n code: code as string,\n redirect_uri: callbackURL,\n client_id: clientId,\n code_verifier\n })\n })\n\n if (response.ok) {\n\n const {id_token} = await response.json()\n\n if (id_token) {\n\n cookieStore.delete(COOKIES.pkce)\n\n cookieStore.set({\n name: COOKIES.idToken,\n value: await new SignJWT(decodeJwt<ZitadelIdToken>(id_token))\n .setProtectedHeader({alg: 'HS256'})\n .setIssuedAt()\n .sign(new TextEncoder().encode(secret)),\n httpOnly: true,\n path: '/',\n sameSite: 'lax',\n maxAge: 900,\n secure: process.env.NODE_ENV == 'production'\n })\n\n return onSuccess(new URLSearchParams(atob(state as string ?? '')))\n\n }\n\n return Response.json({\n status: 'error',\n message: 'token could not be retrieved from the response'\n })\n\n }\n\n return Response.json({\n status: 'error',\n message: 'error while communicating with token endpoint'\n })\n\n }\n\n return Response.json({\n status: 'error',\n message: 'code verifier not found (associated http-only cookie is empty)'\n })\n\n}"],"names":["process","SignJWT","decodeJwt","cookies","COOKIES","callback","onSuccess","payload","config","secret","query","code","state","admin","custom","zitadel","issuerURL","clientId","callbackURL","cookieStore","code_verifier","get","pkce","value","response","fetch","URL","method","body","URLSearchParams","grant_type","redirect_uri","client_id","ok","id_token","json","delete","set","name","idToken","setProtectedHeader","alg","setIssuedAt","sign","TextEncoder","encode","httpOnly","path","sameSite","maxAge","secure","env","NODE_ENV","atob","Response","status","message"],"mappings":"AAAA,OAAOA,aAAa,eAAc;AAClC,SAAQC,OAAO,EAAEC,SAAS,QAAO,OAAM;AACvC,SAAQC,OAAO,QAAO,kBAAiB;AAGvC,SAAQC,OAAO,QAAO,kBAAiB;AAEvC,OAAO,MAAMC,WAAW,CAACC,YAAgD,OAAO,EACIC,SAAS,EAACC,MAAM,EAAEC,MAAM,EAAC,EACzBC,OAAO,EAACC,IAAI,EAAEC,KAAK,EAAC,EACvB;QAE7E,MAAM,EAACC,OAAO,EAACC,QAAQ,EAACC,SAAS,EAACC,SAAS,EAAEC,QAAQ,EAAEC,WAAW,EAAC,EAAC,EAAC,EAAC,GAAGV;QAEzE,MAAMW,cAAc,MAAMhB;QAE1B,MAAMiB,gBAAgBD,YAAYE,GAAG,CAACjB,QAAQkB,IAAI,GAAGC;QAErD,IAAIH,eAAe;YAEf,MAAMI,WAAW,MAAMC,MAAM,IAAIC,IAAI,GAAGV,UAAU,eAAe,CAAC,GAAG;gBACjEW,QAAQ;gBACRC,MAAM,IAAIC,gBAAgB;oBACtBC,YAAY;oBACZnB,MAAMA;oBACNoB,cAAcb;oBACdc,WAAWf;oBACXG;gBACJ;YACJ;YAEA,IAAII,SAASS,EAAE,EAAE;gBAEb,MAAM,EAACC,QAAQ,EAAC,GAAG,MAAMV,SAASW,IAAI;gBAEtC,IAAID,UAAU;oBAEVf,YAAYiB,MAAM,CAAChC,QAAQkB,IAAI;oBAE/BH,YAAYkB,GAAG,CAAC;wBACZC,MAAMlC,QAAQmC,OAAO;wBACrBhB,OAAO,MAAM,IAAItB,QAAQC,UAA0BgC,WAC9CM,kBAAkB,CAAC;4BAACC,KAAK;wBAAO,GAChCC,WAAW,GACXC,IAAI,CAAC,IAAIC,cAAcC,MAAM,CAACpC;wBACnCqC,UAAU;wBACVC,MAAM;wBACNC,UAAU;wBACVC,QAAQ;wBACRC,QAAQlD,QAAQmD,GAAG,CAACC,QAAQ,IAAI;oBACpC;oBAEA,OAAO9C,UAAU,IAAIuB,gBAAgBwB,KAAKzC,SAAmB;gBAEjE;gBAEA,OAAO0C,SAASnB,IAAI,CAAC;oBACjBoB,QAAQ;oBACRC,SAAS;gBACb;YAEJ;YAEA,OAAOF,SAASnB,IAAI,CAAC;gBACjBoB,QAAQ;gBACRC,SAAS;YACb;QAEJ;QAEA,OAAOF,SAASnB,IAAI,CAAC;YACjBoB,QAAQ;YACRC,SAAS;QACb;IAEJ,EAAC"}
|
package/dist/index.d.ts
CHANGED
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAA6C,iBAAiB,EAAC,MAAM,YAAY,CAAA;AAE7F,eAAO,MAAM,aAAa,EAAE,iBAgM3B,CAAA"}
|
package/dist/index.js
CHANGED
|
@@ -1,9 +1,10 @@
|
|
|
1
1
|
import { cookies } from 'next/headers.js';
|
|
2
|
+
import { NextResponse } from 'next/server.js';
|
|
2
3
|
import { COOKIES, DEFAULT_CONFIG, ERROR_MESSAGES, ROUTES } from './constants.js';
|
|
3
4
|
import { authorize, callback } from './handlers/index.js';
|
|
4
5
|
import { zitadelStrategy } from './strategy.js';
|
|
5
6
|
import { translations } from './translations.js';
|
|
6
|
-
import {
|
|
7
|
+
import { AvatarComponent, LoginButtonComponent } from './components/index.js';
|
|
7
8
|
export const ZitadelPlugin = ({ fieldsConfig: _fieldsConfig, disableAvatar, disableDefaultLoginButton, strategyName = DEFAULT_CONFIG.strategyName, label = DEFAULT_CONFIG.label, issuerURL, clientId, enableAPI, apiClientId, apiKeyId, apiKey, onSuccess })=>{
|
|
8
9
|
if (!issuerURL) throw new Error(ERROR_MESSAGES.issuerURL);
|
|
9
10
|
if (!clientId) throw new Error(ERROR_MESSAGES.clientId);
|
|
@@ -29,7 +30,12 @@ export const ZitadelPlugin = ({ fieldsConfig: _fieldsConfig, disableAvatar, disa
|
|
|
29
30
|
...incomingConfig.admin,
|
|
30
31
|
...disableAvatar ? {} : {
|
|
31
32
|
avatar: {
|
|
32
|
-
Component:
|
|
33
|
+
Component: {
|
|
34
|
+
...AvatarComponent,
|
|
35
|
+
clientProps: {
|
|
36
|
+
imageFieldName: fieldsConfig.image.name
|
|
37
|
+
}
|
|
38
|
+
}
|
|
33
39
|
}
|
|
34
40
|
},
|
|
35
41
|
...disableDefaultLoginButton ? {} : {
|
|
@@ -38,7 +44,7 @@ export const ZitadelPlugin = ({ fieldsConfig: _fieldsConfig, disableAvatar, disa
|
|
|
38
44
|
afterLogin: [
|
|
39
45
|
...incomingConfig.admin?.components?.afterLogin ?? [],
|
|
40
46
|
{
|
|
41
|
-
|
|
47
|
+
...LoginButtonComponent,
|
|
42
48
|
serverProps: {
|
|
43
49
|
authorizeURL,
|
|
44
50
|
label
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts"],"sourcesContent":["import {cookies} from 'next/headers.js'\nimport {COOKIES, DEFAULT_CONFIG, ERROR_MESSAGES, ROUTES} from './constants.js'\nimport {authorize, callback} from './handlers/index.js'\nimport {zitadelStrategy} from './strategy.js'\nimport {PayloadConfigWithZitadel, ZitadelOnSuccess, ZitadelPluginType} from './types.js'\nimport {translations} from './translations.js'\nimport {NextResponse} from 'next/server.js'\n\nexport const ZitadelPlugin: ZitadelPluginType = ({\n fieldsConfig: _fieldsConfig,\n disableAvatar,\n disableDefaultLoginButton,\n strategyName = DEFAULT_CONFIG.strategyName,\n label = DEFAULT_CONFIG.label,\n issuerURL,\n clientId,\n enableAPI,\n apiClientId,\n apiKeyId,\n apiKey,\n onSuccess\n }) => {\n\n if (!issuerURL)\n throw new Error(ERROR_MESSAGES.issuerURL)\n if (!clientId)\n throw new Error(ERROR_MESSAGES.clientId)\n if (enableAPI) {\n if (!apiClientId)\n throw new Error(ERROR_MESSAGES.apiClientId)\n if (!apiKeyId)\n throw new Error(ERROR_MESSAGES.apiKey)\n if (!apiKey)\n throw new Error(ERROR_MESSAGES.apiKey)\n }\n\n const fieldsConfig = {...DEFAULT_CONFIG.fields, ..._fieldsConfig}\n\n return (incomingConfig) => {\n\n const serverURL = incomingConfig.serverURL ?? 'http://localhost'\n\n const authSlug = incomingConfig.admin?.user ?? 'users'\n\n const authBaseURL = `${serverURL}/api/${authSlug}`\n const authorizeURL = authBaseURL + ROUTES.authorize\n const callbackURL = authBaseURL + ROUTES.callback\n\n const defaultOnSuccess: ZitadelOnSuccess = (state) =>\n NextResponse.redirect(serverURL + (state.get('redirect') ?? ''))\n\n return {\n ...incomingConfig,\n admin: {\n ...incomingConfig.admin,\n ...disableAvatar ? {} : {\n avatar: {\n Component: 'payload-zitadel-plugin/components#Avatar'\n }\n },\n ...disableDefaultLoginButton ? {} : {\n components: {\n ...incomingConfig.admin?.components,\n afterLogin: [\n ...incomingConfig.admin?.components?.afterLogin ?? [],\n {\n path: 'payload-zitadel-plugin/components#LoginButton',\n serverProps: {\n authorizeURL,\n label\n }\n }\n ]\n }\n },\n custom: {\n ...incomingConfig.admin?.custom,\n zitadel: {\n issuerURL,\n clientId,\n callbackURL,\n imageFieldName: fieldsConfig.image.name\n }\n }\n },\n collections: (incomingConfig.collections || []).map((collection) => {\n\n const authConfig = typeof collection.auth == 'boolean' ? {} : collection.auth\n\n return {\n ...collection,\n ...collection.slug == authSlug ? {\n auth: {\n ...authConfig,\n disableLocalStrategy: true,\n strategies: [\n ...authConfig?.strategies ?? [],\n zitadelStrategy({\n authSlug,\n fieldsConfig,\n strategyName: strategyName,\n issuerURL: issuerURL as string,\n clientId: clientId as string,\n ...(enableAPI ? {\n enableAPI: true,\n apiClientId: apiClientId!,\n apiKeyId: apiClientId!,\n apiKey: apiKey!\n } : {enableAPI: undefined})\n })\n ]\n },\n hooks: {\n afterLogout: [async () => (await cookies()).delete(COOKIES.idToken)]\n },\n endpoints: [\n {\n path: ROUTES.authorize,\n method: 'get',\n handler: authorize\n },\n {\n path: ROUTES.callback,\n method: 'get',\n handler: callback(onSuccess ?? defaultOnSuccess)\n }\n ],\n fields: [\n ...collection.fields,\n {\n ...fieldsConfig.id,\n type: 'text',\n admin: {\n readOnly: true\n },\n index: true,\n unique: true,\n required: true\n },\n {\n ...fieldsConfig.name,\n type: 'text',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.email,\n type: 'email',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.image,\n type: 'text',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.roles,\n type: 'array',\n admin: {\n readOnly: true\n },\n fields: [\n {\n ...fieldsConfig.roleFields.name,\n type: 'text'\n }\n ]\n }\n ]\n } : {}\n }\n }),\n i18n: {\n ...incomingConfig.i18n,\n translations: {\n ...incomingConfig.i18n?.translations,\n de: {\n ...incomingConfig.i18n?.translations?.de,\n ...translations.de\n },\n en: {\n ...incomingConfig.i18n?.translations?.en,\n ...translations.en\n }\n }\n }\n } satisfies PayloadConfigWithZitadel\n\n }\n\n}"],"names":["cookies","COOKIES","DEFAULT_CONFIG","ERROR_MESSAGES","ROUTES","authorize","callback","zitadelStrategy","translations","NextResponse","ZitadelPlugin","fieldsConfig","_fieldsConfig","disableAvatar","disableDefaultLoginButton","strategyName","label","issuerURL","clientId","enableAPI","apiClientId","apiKeyId","apiKey","onSuccess","Error","fields","incomingConfig","serverURL","authSlug","admin","user","authBaseURL","authorizeURL","callbackURL","defaultOnSuccess","state","redirect","get","avatar","Component","components","afterLogin","path","serverProps","custom","zitadel","imageFieldName","image","name","collections","map","collection","authConfig","auth","slug","disableLocalStrategy","strategies","undefined","hooks","afterLogout","delete","idToken","endpoints","method","handler","id","type","readOnly","index","unique","required","email","roles","roleFields","i18n","de","en"],"mappings":"AAAA,SAAQA,OAAO,QAAO,kBAAiB;AACvC,SAAQC,OAAO,EAAEC,cAAc,EAAEC,cAAc,EAAEC,MAAM,QAAO,iBAAgB;AAC9E,SAAQC,SAAS,EAAEC,QAAQ,QAAO,sBAAqB;AACvD,SAAQC,eAAe,QAAO,gBAAe;AAE7C,SAAQC,YAAY,QAAO,oBAAmB;AAC9C,SAAQC,YAAY,QAAO,iBAAgB;AAE3C,OAAO,MAAMC,gBAAmC,CAAC,EACIC,cAAcC,aAAa,EAC3BC,aAAa,EACbC,yBAAyB,EACzBC,eAAeb,eAAea,YAAY,EAC1CC,QAAQd,eAAec,KAAK,EAC5BC,SAAS,EACTC,QAAQ,EACRC,SAAS,EACTC,WAAW,EACXC,QAAQ,EACRC,MAAM,EACNC,SAAS,EACZ;IAE9C,IAAI,CAACN,WACD,MAAM,IAAIO,MAAMrB,eAAec,SAAS;IAC5C,IAAI,CAACC,UACD,MAAM,IAAIM,MAAMrB,eAAee,QAAQ;IAC3C,IAAIC,WAAW;QACX,IAAI,CAACC,aACD,MAAM,IAAII,MAAMrB,eAAeiB,WAAW;QAC9C,IAAI,CAACC,UACD,MAAM,IAAIG,MAAMrB,eAAemB,MAAM;QACzC,IAAI,CAACA,QACD,MAAM,IAAIE,MAAMrB,eAAemB,MAAM;IAC7C;IAEA,MAAMX,eAAe;QAAC,GAAGT,eAAeuB,MAAM;QAAE,GAAGb,aAAa;IAAA;IAEhE,OAAO,CAACc;QAEJ,MAAMC,YAAYD,eAAeC,SAAS,IAAI;QAE9C,MAAMC,WAAWF,eAAeG,KAAK,EAAEC,QAAQ;QAE/C,MAAMC,cAAc,GAAGJ,UAAU,KAAK,EAAEC,UAAU;QAClD,MAAMI,eAAeD,cAAc3B,OAAOC,SAAS;QACnD,MAAM4B,cAAcF,cAAc3B,OAAOE,QAAQ;QAEjD,MAAM4B,mBAAqC,CAACC,QACxC1B,aAAa2B,QAAQ,CAACT,YAAaQ,CAAAA,MAAME,GAAG,CAAC,eAAe,EAAC;QAEjE,OAAO;YACH,GAAGX,cAAc;YACjBG,OAAO;gBACH,GAAGH,eAAeG,KAAK;gBACvB,GAAGhB,gBAAgB,CAAC,IAAI;oBACpByB,QAAQ;wBACJC,WAAW;oBACf;gBACJ,CAAC;gBACD,GAAGzB,4BAA4B,CAAC,IAAI;oBAChC0B,YAAY;wBACR,GAAGd,eAAeG,KAAK,EAAEW,UAAU;wBACnCC,YAAY;+BACLf,eAAeG,KAAK,EAAEW,YAAYC,cAAc,EAAE;4BACrD;gCACIC,MAAM;gCACNC,aAAa;oCACTX;oCACAhB;gCACJ;4BACJ;yBACH;oBACL;gBACJ,CAAC;gBACD4B,QAAQ;oBACJ,GAAGlB,eAAeG,KAAK,EAAEe,MAAM;oBAC/BC,SAAS;wBACL5B;wBACAC;wBACAe;wBACAa,gBAAgBnC,aAAaoC,KAAK,CAACC,IAAI;oBAC3C;gBACJ;YACJ;YACAC,aAAa,AAACvB,CAAAA,eAAeuB,WAAW,IAAI,EAAE,AAAD,EAAGC,GAAG,CAAC,CAACC;gBAEjD,MAAMC,aAAa,OAAOD,WAAWE,IAAI,IAAI,YAAY,CAAC,IAAIF,WAAWE,IAAI;gBAE7E,OAAO;oBACH,GAAGF,UAAU;oBACb,GAAGA,WAAWG,IAAI,IAAI1B,WAAW;wBAC7ByB,MAAM;4BACF,GAAGD,UAAU;4BACbG,sBAAsB;4BACtBC,YAAY;mCACLJ,YAAYI,cAAc,EAAE;gCAC/BjD,gBAAgB;oCACZqB;oCACAjB;oCACAI,cAAcA;oCACdE,WAAWA;oCACXC,UAAUA;oCACV,GAAIC,YAAY;wCACZA,WAAW;wCACXC,aAAaA;wCACbC,UAAUD;wCACVE,QAAQA;oCACZ,IAAI;wCAACH,WAAWsC;oCAAS,CAAC;gCAC9B;6BACH;wBACL;wBACAC,OAAO;4BACHC,aAAa;gCAAC,UAAY,AAAC,CAAA,MAAM3D,SAAQ,EAAG4D,MAAM,CAAC3D,QAAQ4D,OAAO;6BAAE;wBACxE;wBACAC,WAAW;4BACP;gCACIpB,MAAMtC,OAAOC,SAAS;gCACtB0D,QAAQ;gCACRC,SAAS3D;4BACb;4BACA;gCACIqC,MAAMtC,OAAOE,QAAQ;gCACrByD,QAAQ;gCACRC,SAAS1D,SAASiB,aAAaW;4BACnC;yBACH;wBACDT,QAAQ;+BACD0B,WAAW1B,MAAM;4BACpB;gCACI,GAAGd,aAAasD,EAAE;gCAClBC,MAAM;gCACNrC,OAAO;oCACHsC,UAAU;gCACd;gCACAC,OAAO;gCACPC,QAAQ;gCACRC,UAAU;4BACd;4BACA;gCACI,GAAG3D,aAAaqC,IAAI;gCACpBkB,MAAM;gCACNrC,OAAO;oCACHsC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGxD,aAAa4D,KAAK;gCACrBL,MAAM;gCACNrC,OAAO;oCACHsC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGxD,aAAaoC,KAAK;gCACrBmB,MAAM;gCACNrC,OAAO;oCACHsC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGxD,aAAa6D,KAAK;gCACrBN,MAAM;gCACNrC,OAAO;oCACHsC,UAAU;gCACd;gCACA1C,QAAQ;oCACJ;wCACI,GAAGd,aAAa8D,UAAU,CAACzB,IAAI;wCAC/BkB,MAAM;oCACV;iCACH;4BACL;yBACH;oBACL,IAAI,CAAC,CAAC;gBACV;YACJ;YACAQ,MAAM;gBACF,GAAGhD,eAAegD,IAAI;gBACtBlE,cAAc;oBACV,GAAGkB,eAAegD,IAAI,EAAElE,YAAY;oBACpCmE,IAAI;wBACA,GAAGjD,eAAegD,IAAI,EAAElE,cAAcmE,EAAE;wBACxC,GAAGnE,aAAamE,EAAE;oBACtB;oBACAC,IAAI;wBACA,GAAGlD,eAAegD,IAAI,EAAElE,cAAcoE,EAAE;wBACxC,GAAGpE,aAAaoE,EAAE;oBACtB;gBACJ;YACJ;QACJ;IAEJ;AAEJ,EAAC"}
|
|
1
|
+
{"version":3,"sources":["../src/index.ts"],"sourcesContent":["import {cookies} from 'next/headers.js'\nimport {NextResponse} from 'next/server.js'\nimport {COOKIES, DEFAULT_CONFIG, ERROR_MESSAGES, ROUTES} from './constants.js'\nimport {authorize, callback} from './handlers/index.js'\nimport {zitadelStrategy} from './strategy.js'\nimport {translations} from './translations.js'\nimport {AvatarComponent, LoginButtonComponent} from './components/index.js'\nimport type {PayloadConfigWithZitadel, ZitadelOnSuccess, ZitadelPluginType} from './types.js'\n\nexport const ZitadelPlugin: ZitadelPluginType = ({\n fieldsConfig: _fieldsConfig,\n disableAvatar,\n disableDefaultLoginButton,\n strategyName = DEFAULT_CONFIG.strategyName,\n label = DEFAULT_CONFIG.label,\n issuerURL,\n clientId,\n enableAPI,\n apiClientId,\n apiKeyId,\n apiKey,\n onSuccess\n }) => {\n\n if (!issuerURL)\n throw new Error(ERROR_MESSAGES.issuerURL)\n if (!clientId)\n throw new Error(ERROR_MESSAGES.clientId)\n if (enableAPI) {\n if (!apiClientId)\n throw new Error(ERROR_MESSAGES.apiClientId)\n if (!apiKeyId)\n throw new Error(ERROR_MESSAGES.apiKey)\n if (!apiKey)\n throw new Error(ERROR_MESSAGES.apiKey)\n }\n\n const fieldsConfig = {...DEFAULT_CONFIG.fields, ..._fieldsConfig}\n\n return (incomingConfig) => {\n\n const serverURL = incomingConfig.serverURL ?? 'http://localhost'\n\n const authSlug = incomingConfig.admin?.user ?? 'users'\n\n const authBaseURL = `${serverURL}/api/${authSlug}`\n const authorizeURL = authBaseURL + ROUTES.authorize\n const callbackURL = authBaseURL + ROUTES.callback\n\n const defaultOnSuccess: ZitadelOnSuccess = (state) =>\n NextResponse.redirect(serverURL + (state.get('redirect') ?? ''))\n\n return {\n ...incomingConfig,\n admin: {\n ...incomingConfig.admin,\n ...disableAvatar ? {} : {\n avatar: {\n Component: {\n ...AvatarComponent,\n clientProps: {\n imageFieldName: fieldsConfig.image.name\n }\n }\n }\n },\n ...disableDefaultLoginButton ? {} : {\n components: {\n ...incomingConfig.admin?.components,\n afterLogin: [\n ...incomingConfig.admin?.components?.afterLogin ?? [],\n {\n ...LoginButtonComponent,\n serverProps: {\n authorizeURL,\n label\n }\n }\n ]\n }\n },\n custom: {\n ...incomingConfig.admin?.custom,\n zitadel: {\n issuerURL,\n clientId,\n callbackURL,\n imageFieldName: fieldsConfig.image.name\n }\n }\n },\n collections: (incomingConfig.collections || []).map((collection) => {\n\n const authConfig = typeof collection.auth == 'boolean' ? {} : collection.auth\n\n return {\n ...collection,\n ...collection.slug == authSlug ? {\n auth: {\n ...authConfig,\n disableLocalStrategy: true,\n strategies: [\n ...authConfig?.strategies ?? [],\n zitadelStrategy({\n authSlug,\n fieldsConfig,\n strategyName: strategyName,\n issuerURL: issuerURL as string,\n clientId: clientId as string,\n ...(enableAPI ? {\n enableAPI: true,\n apiClientId: apiClientId!,\n apiKeyId: apiClientId!,\n apiKey: apiKey!\n } : {enableAPI: undefined})\n })\n ]\n },\n hooks: {\n afterLogout: [async () => (await cookies()).delete(COOKIES.idToken)]\n },\n endpoints: [\n {\n path: ROUTES.authorize,\n method: 'get',\n handler: authorize\n },\n {\n path: ROUTES.callback,\n method: 'get',\n handler: callback(onSuccess ?? defaultOnSuccess)\n }\n ],\n fields: [\n ...collection.fields,\n {\n ...fieldsConfig.id,\n type: 'text',\n admin: {\n readOnly: true\n },\n index: true,\n unique: true,\n required: true\n },\n {\n ...fieldsConfig.name,\n type: 'text',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.email,\n type: 'email',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.image,\n type: 'text',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.roles,\n type: 'array',\n admin: {\n readOnly: true\n },\n fields: [\n {\n ...fieldsConfig.roleFields.name,\n type: 'text'\n }\n ]\n }\n ]\n } : {}\n }\n }),\n i18n: {\n ...incomingConfig.i18n,\n translations: {\n ...incomingConfig.i18n?.translations,\n de: {\n ...incomingConfig.i18n?.translations?.de,\n ...translations.de\n },\n en: {\n ...incomingConfig.i18n?.translations?.en,\n ...translations.en\n }\n }\n }\n } satisfies PayloadConfigWithZitadel\n\n }\n\n}"],"names":["cookies","NextResponse","COOKIES","DEFAULT_CONFIG","ERROR_MESSAGES","ROUTES","authorize","callback","zitadelStrategy","translations","AvatarComponent","LoginButtonComponent","ZitadelPlugin","fieldsConfig","_fieldsConfig","disableAvatar","disableDefaultLoginButton","strategyName","label","issuerURL","clientId","enableAPI","apiClientId","apiKeyId","apiKey","onSuccess","Error","fields","incomingConfig","serverURL","authSlug","admin","user","authBaseURL","authorizeURL","callbackURL","defaultOnSuccess","state","redirect","get","avatar","Component","clientProps","imageFieldName","image","name","components","afterLogin","serverProps","custom","zitadel","collections","map","collection","authConfig","auth","slug","disableLocalStrategy","strategies","undefined","hooks","afterLogout","delete","idToken","endpoints","path","method","handler","id","type","readOnly","index","unique","required","email","roles","roleFields","i18n","de","en"],"mappings":"AAAA,SAAQA,OAAO,QAAO,kBAAiB;AACvC,SAAQC,YAAY,QAAO,iBAAgB;AAC3C,SAAQC,OAAO,EAAEC,cAAc,EAAEC,cAAc,EAAEC,MAAM,QAAO,iBAAgB;AAC9E,SAAQC,SAAS,EAAEC,QAAQ,QAAO,sBAAqB;AACvD,SAAQC,eAAe,QAAO,gBAAe;AAC7C,SAAQC,YAAY,QAAO,oBAAmB;AAC9C,SAAQC,eAAe,EAAEC,oBAAoB,QAAO,wBAAuB;AAG3E,OAAO,MAAMC,gBAAmC,CAAC,EACIC,cAAcC,aAAa,EAC3BC,aAAa,EACbC,yBAAyB,EACzBC,eAAed,eAAec,YAAY,EAC1CC,QAAQf,eAAee,KAAK,EAC5BC,SAAS,EACTC,QAAQ,EACRC,SAAS,EACTC,WAAW,EACXC,QAAQ,EACRC,MAAM,EACNC,SAAS,EACZ;IAE9C,IAAI,CAACN,WACD,MAAM,IAAIO,MAAMtB,eAAee,SAAS;IAC5C,IAAI,CAACC,UACD,MAAM,IAAIM,MAAMtB,eAAegB,QAAQ;IAC3C,IAAIC,WAAW;QACX,IAAI,CAACC,aACD,MAAM,IAAII,MAAMtB,eAAekB,WAAW;QAC9C,IAAI,CAACC,UACD,MAAM,IAAIG,MAAMtB,eAAeoB,MAAM;QACzC,IAAI,CAACA,QACD,MAAM,IAAIE,MAAMtB,eAAeoB,MAAM;IAC7C;IAEA,MAAMX,eAAe;QAAC,GAAGV,eAAewB,MAAM;QAAE,GAAGb,aAAa;IAAA;IAEhE,OAAO,CAACc;QAEJ,MAAMC,YAAYD,eAAeC,SAAS,IAAI;QAE9C,MAAMC,WAAWF,eAAeG,KAAK,EAAEC,QAAQ;QAE/C,MAAMC,cAAc,GAAGJ,UAAU,KAAK,EAAEC,UAAU;QAClD,MAAMI,eAAeD,cAAc5B,OAAOC,SAAS;QACnD,MAAM6B,cAAcF,cAAc5B,OAAOE,QAAQ;QAEjD,MAAM6B,mBAAqC,CAACC,QACxCpC,aAAaqC,QAAQ,CAACT,YAAaQ,CAAAA,MAAME,GAAG,CAAC,eAAe,EAAC;QAEjE,OAAO;YACH,GAAGX,cAAc;YACjBG,OAAO;gBACH,GAAGH,eAAeG,KAAK;gBACvB,GAAGhB,gBAAgB,CAAC,IAAI;oBACpByB,QAAQ;wBACJC,WAAW;4BACP,GAAG/B,eAAe;4BAClBgC,aAAa;gCACTC,gBAAgB9B,aAAa+B,KAAK,CAACC,IAAI;4BAC3C;wBACJ;oBACJ;gBACJ,CAAC;gBACD,GAAG7B,4BAA4B,CAAC,IAAI;oBAChC8B,YAAY;wBACR,GAAGlB,eAAeG,KAAK,EAAEe,UAAU;wBACnCC,YAAY;+BACLnB,eAAeG,KAAK,EAAEe,YAAYC,cAAc,EAAE;4BACrD;gCACI,GAAGpC,oBAAoB;gCACvBqC,aAAa;oCACTd;oCACAhB;gCACJ;4BACJ;yBACH;oBACL;gBACJ,CAAC;gBACD+B,QAAQ;oBACJ,GAAGrB,eAAeG,KAAK,EAAEkB,MAAM;oBAC/BC,SAAS;wBACL/B;wBACAC;wBACAe;wBACAQ,gBAAgB9B,aAAa+B,KAAK,CAACC,IAAI;oBAC3C;gBACJ;YACJ;YACAM,aAAa,AAACvB,CAAAA,eAAeuB,WAAW,IAAI,EAAE,AAAD,EAAGC,GAAG,CAAC,CAACC;gBAEjD,MAAMC,aAAa,OAAOD,WAAWE,IAAI,IAAI,YAAY,CAAC,IAAIF,WAAWE,IAAI;gBAE7E,OAAO;oBACH,GAAGF,UAAU;oBACb,GAAGA,WAAWG,IAAI,IAAI1B,WAAW;wBAC7ByB,MAAM;4BACF,GAAGD,UAAU;4BACbG,sBAAsB;4BACtBC,YAAY;mCACLJ,YAAYI,cAAc,EAAE;gCAC/BlD,gBAAgB;oCACZsB;oCACAjB;oCACAI,cAAcA;oCACdE,WAAWA;oCACXC,UAAUA;oCACV,GAAIC,YAAY;wCACZA,WAAW;wCACXC,aAAaA;wCACbC,UAAUD;wCACVE,QAAQA;oCACZ,IAAI;wCAACH,WAAWsC;oCAAS,CAAC;gCAC9B;6BACH;wBACL;wBACAC,OAAO;4BACHC,aAAa;gCAAC,UAAY,AAAC,CAAA,MAAM7D,SAAQ,EAAG8D,MAAM,CAAC5D,QAAQ6D,OAAO;6BAAE;wBACxE;wBACAC,WAAW;4BACP;gCACIC,MAAM5D,OAAOC,SAAS;gCACtB4D,QAAQ;gCACRC,SAAS7D;4BACb;4BACA;gCACI2D,MAAM5D,OAAOE,QAAQ;gCACrB2D,QAAQ;gCACRC,SAAS5D,SAASkB,aAAaW;4BACnC;yBACH;wBACDT,QAAQ;+BACD0B,WAAW1B,MAAM;4BACpB;gCACI,GAAGd,aAAauD,EAAE;gCAClBC,MAAM;gCACNtC,OAAO;oCACHuC,UAAU;gCACd;gCACAC,OAAO;gCACPC,QAAQ;gCACRC,UAAU;4BACd;4BACA;gCACI,GAAG5D,aAAagC,IAAI;gCACpBwB,MAAM;gCACNtC,OAAO;oCACHuC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGzD,aAAa6D,KAAK;gCACrBL,MAAM;gCACNtC,OAAO;oCACHuC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGzD,aAAa+B,KAAK;gCACrByB,MAAM;gCACNtC,OAAO;oCACHuC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGzD,aAAa8D,KAAK;gCACrBN,MAAM;gCACNtC,OAAO;oCACHuC,UAAU;gCACd;gCACA3C,QAAQ;oCACJ;wCACI,GAAGd,aAAa+D,UAAU,CAAC/B,IAAI;wCAC/BwB,MAAM;oCACV;iCACH;4BACL;yBACH;oBACL,IAAI,CAAC,CAAC;gBACV;YACJ;YACAQ,MAAM;gBACF,GAAGjD,eAAeiD,IAAI;gBACtBpE,cAAc;oBACV,GAAGmB,eAAeiD,IAAI,EAAEpE,YAAY;oBACpCqE,IAAI;wBACA,GAAGlD,eAAeiD,IAAI,EAAEpE,cAAcqE,EAAE;wBACxC,GAAGrE,aAAaqE,EAAE;oBACtB;oBACAC,IAAI;wBACA,GAAGnD,eAAeiD,IAAI,EAAEpE,cAAcsE,EAAE;wBACxC,GAAGtE,aAAasE,EAAE;oBACtB;gBACJ;YACJ;QACJ;IAEJ;AAEJ,EAAC"}
|
package/dist/strategy.d.ts
CHANGED
package/dist/strategy.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"strategy.d.ts","sourceRoot":"","sources":["../src/strategy.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"strategy.d.ts","sourceRoot":"","sources":["../src/strategy.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAiB,mBAAmB,EAAC,MAAM,YAAY,CAAA;AAEnE,eAAO,MAAM,eAAe,EAAE,mBAkG5B,CAAA"}
|
package/dist/strategy.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { jwtVerify, SignJWT } from 'jose';
|
|
2
2
|
import { cookies } from 'next/headers.js';
|
|
3
3
|
import { COOKIES } from './constants.js';
|
|
4
4
|
export const zitadelStrategy = ({ authSlug, fieldsConfig, strategyName, issuerURL, enableAPI, apiClientId, apiKeyId, apiKey })=>({
|
package/dist/strategy.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/strategy.ts"],"sourcesContent":["import {
|
|
1
|
+
{"version":3,"sources":["../src/strategy.ts"],"sourcesContent":["import {jwtVerify, SignJWT} from 'jose'\nimport {cookies} from 'next/headers.js'\nimport {COOKIES} from './constants.js'\nimport type {ZitadelIdToken, ZitadelStrategyType} from './types.js'\n\nexport const zitadelStrategy: ZitadelStrategyType = ({\n authSlug,\n fieldsConfig,\n strategyName,\n issuerURL,\n enableAPI,\n apiClientId,\n apiKeyId,\n apiKey\n }) => ({\n name: strategyName,\n authenticate: async ({headers, payload}) => {\n\n let id, idp_id, id_token\n\n const cookieStore = await cookies()\n\n if (enableAPI) {\n // in case of incoming API call from the app\n const authHeader = headers.get('Authorization')\n if (authHeader?.includes('Bearer')) {\n const introspect = await fetch(`${issuerURL}/oauth/v2/introspect`, {\n method: 'post',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded'\n },\n body: new URLSearchParams({\n 'client_assertion_type': 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',\n 'client_assertion': await new SignJWT()\n .setProtectedHeader({alg: 'RS256', kid: apiKeyId})\n .setIssuer(apiClientId)\n .setAudience(issuerURL)\n .setSubject(apiClientId)\n .setIssuedAt()\n .setExpirationTime('1h')\n .sign(new TextEncoder().encode(apiKey)),\n 'token': authHeader.split(' ')[1]\n })\n })\n if (introspect.ok) {\n const data = await introspect.json()\n if (data?.active) {\n idp_id = data.sub\n }\n }\n }\n }\n\n // in case of normal browsing\n if (!idp_id && cookieStore.has(COOKIES.idToken)) {\n const {payload: jwtPayload} = await jwtVerify<ZitadelIdToken>(cookieStore.get(COOKIES.idToken)?.value ?? '', new TextEncoder().encode(payload.secret))\n if (jwtPayload.sub) {\n id_token = jwtPayload\n idp_id = jwtPayload.sub\n }\n }\n\n // search for associated user; if not found, create one\n if (idp_id) {\n const {docs, totalDocs} = await payload.find({\n collection: authSlug,\n where: {\n [fieldsConfig.id.name]: {\n equals: idp_id\n }\n }\n })\n id = totalDocs ? docs[0].id : (await payload.create({\n collection: authSlug,\n data: {\n [fieldsConfig.id.name]: idp_id\n }\n })).id\n }\n\n // update user information if possible\n if (id && id_token) {\n await payload.update({\n collection: authSlug,\n id,\n data: {\n [fieldsConfig.name.name]: id_token.name,\n [fieldsConfig.email.name]: id_token.email,\n [fieldsConfig.image.name]: id_token.picture,\n [fieldsConfig.roles.name]: Object.keys(id_token['urn:zitadel:iam:org:project:roles'] ?? {})\n .map(key => ({[fieldsConfig.roleFields.name.name]: key}))\n }\n })\n }\n\n return {\n user: id ? {\n collection: authSlug,\n id\n } : null\n }\n\n }\n})"],"names":["jwtVerify","SignJWT","cookies","COOKIES","zitadelStrategy","authSlug","fieldsConfig","strategyName","issuerURL","enableAPI","apiClientId","apiKeyId","apiKey","name","authenticate","headers","payload","id","idp_id","id_token","cookieStore","authHeader","get","includes","introspect","fetch","method","body","URLSearchParams","setProtectedHeader","alg","kid","setIssuer","setAudience","setSubject","setIssuedAt","setExpirationTime","sign","TextEncoder","encode","split","ok","data","json","active","sub","has","idToken","jwtPayload","value","secret","docs","totalDocs","find","collection","where","equals","create","update","email","image","picture","roles","Object","keys","map","key","roleFields","user"],"mappings":"AAAA,SAAQA,SAAS,EAAEC,OAAO,QAAO,OAAM;AACvC,SAAQC,OAAO,QAAO,kBAAiB;AACvC,SAAQC,OAAO,QAAO,iBAAgB;AAGtC,OAAO,MAAMC,kBAAuC,CAAC,EACIC,QAAQ,EACRC,YAAY,EACZC,YAAY,EACZC,SAAS,EACTC,SAAS,EACTC,WAAW,EACXC,QAAQ,EACRC,MAAM,EACT,GAAM,CAAA;QACxDC,MAAMN;QACNO,cAAc,OAAO,EAACC,OAAO,EAAEC,OAAO,EAAC;YAEnC,IAAIC,IAAIC,QAAQC;YAEhB,MAAMC,cAAc,MAAMlB;YAE1B,IAAIO,WAAW;gBACX,4CAA4C;gBAC5C,MAAMY,aAAaN,QAAQO,GAAG,CAAC;gBAC/B,IAAID,YAAYE,SAAS,WAAW;oBAChC,MAAMC,aAAa,MAAMC,MAAM,GAAGjB,UAAU,oBAAoB,CAAC,EAAE;wBAC/DkB,QAAQ;wBACRX,SAAS;4BACL,gBAAgB;wBACpB;wBACAY,MAAM,IAAIC,gBAAgB;4BACtB,yBAAyB;4BACzB,oBAAoB,MAAM,IAAI3B,UACzB4B,kBAAkB,CAAC;gCAACC,KAAK;gCAASC,KAAKpB;4BAAQ,GAC/CqB,SAAS,CAACtB,aACVuB,WAAW,CAACzB,WACZ0B,UAAU,CAACxB,aACXyB,WAAW,GACXC,iBAAiB,CAAC,MAClBC,IAAI,CAAC,IAAIC,cAAcC,MAAM,CAAC3B;4BACnC,SAASS,WAAWmB,KAAK,CAAC,IAAI,CAAC,EAAE;wBACrC;oBACJ;oBACA,IAAIhB,WAAWiB,EAAE,EAAE;wBACf,MAAMC,OAAO,MAAMlB,WAAWmB,IAAI;wBAClC,IAAID,MAAME,QAAQ;4BACd1B,SAASwB,KAAKG,GAAG;wBACrB;oBACJ;gBACJ;YACJ;YAEA,6BAA6B;YAC7B,IAAI,CAAC3B,UAAUE,YAAY0B,GAAG,CAAC3C,QAAQ4C,OAAO,GAAG;gBAC7C,MAAM,EAAC/B,SAASgC,UAAU,EAAC,GAAG,MAAMhD,UAA0BoB,YAAYE,GAAG,CAACnB,QAAQ4C,OAAO,GAAGE,SAAS,IAAI,IAAIX,cAAcC,MAAM,CAACvB,QAAQkC,MAAM;gBACpJ,IAAIF,WAAWH,GAAG,EAAE;oBAChB1B,WAAW6B;oBACX9B,SAAS8B,WAAWH,GAAG;gBAC3B;YACJ;YAEA,uDAAuD;YACvD,IAAI3B,QAAQ;gBACR,MAAM,EAACiC,IAAI,EAAEC,SAAS,EAAC,GAAG,MAAMpC,QAAQqC,IAAI,CAAC;oBACzCC,YAAYjD;oBACZkD,OAAO;wBACH,CAACjD,aAAaW,EAAE,CAACJ,IAAI,CAAC,EAAE;4BACpB2C,QAAQtC;wBACZ;oBACJ;gBACJ;gBACAD,KAAKmC,YAAYD,IAAI,CAAC,EAAE,CAAClC,EAAE,GAAG,AAAC,CAAA,MAAMD,QAAQyC,MAAM,CAAC;oBAChDH,YAAYjD;oBACZqC,MAAM;wBACF,CAACpC,aAAaW,EAAE,CAACJ,IAAI,CAAC,EAAEK;oBAC5B;gBACJ,EAAC,EAAGD,EAAE;YACV;YAEA,sCAAsC;YACtC,IAAIA,MAAME,UAAU;gBAChB,MAAMH,QAAQ0C,MAAM,CAAC;oBACjBJ,YAAYjD;oBACZY;oBACAyB,MAAM;wBACF,CAACpC,aAAaO,IAAI,CAACA,IAAI,CAAC,EAAEM,SAASN,IAAI;wBACvC,CAACP,aAAaqD,KAAK,CAAC9C,IAAI,CAAC,EAAEM,SAASwC,KAAK;wBACzC,CAACrD,aAAasD,KAAK,CAAC/C,IAAI,CAAC,EAAEM,SAAS0C,OAAO;wBAC3C,CAACvD,aAAawD,KAAK,CAACjD,IAAI,CAAC,EAAEkD,OAAOC,IAAI,CAAC7C,QAAQ,CAAC,oCAAoC,IAAI,CAAC,GACpF8C,GAAG,CAACC,CAAAA,MAAQ,CAAA;gCAAC,CAAC5D,aAAa6D,UAAU,CAACtD,IAAI,CAACA,IAAI,CAAC,EAAEqD;4BAAG,CAAA;oBAC9D;gBACJ;YACJ;YAEA,OAAO;gBACHE,MAAMnD,KAAK;oBACPqC,YAAYjD;oBACZY;gBACJ,IAAI;YACR;QAEJ;IACJ,CAAA,EAAE"}
|
package/dist/types.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import {
|
|
1
|
+
import type { NextResponse } from 'next/server.js';
|
|
2
|
+
import type { AuthStrategy, Config, SanitizedConfig, ServerProps } from 'payload';
|
|
3
|
+
import type { I18nClient, NestedKeysStripped } from '@payloadcms/translations';
|
|
3
4
|
import { translations } from './translations.js';
|
|
4
|
-
import { I18nClient, NestedKeysStripped } from '@payloadcms/translations';
|
|
5
5
|
export type ZitadelFieldConfig = {
|
|
6
6
|
hidden?: boolean;
|
|
7
7
|
name: string;
|
|
@@ -55,6 +55,10 @@ export type ZitadelIdToken = Partial<{
|
|
|
55
55
|
picture: string;
|
|
56
56
|
'urn:zitadel:iam:org:project:roles'?: Record<string, Record<string, string>>;
|
|
57
57
|
}>;
|
|
58
|
+
export type ZitadelAvatarProps = {
|
|
59
|
+
active: boolean;
|
|
60
|
+
imageFieldName: string;
|
|
61
|
+
};
|
|
58
62
|
export type ZitadelLoginButtonProps = ServerProps & {
|
|
59
63
|
i18n: I18nClient<typeof translations.en, NestedKeysStripped<typeof translations.en>>;
|
|
60
64
|
authorizeURL: string;
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,WAAW,EAAC,MAAM,SAAS,CAAA;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAC,YAAY,EAAC,MAAM,gBAAgB,CAAA;AAChD,OAAO,KAAK,EAAC,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,WAAW,EAAC,MAAM,SAAS,CAAA;AAC/E,OAAO,KAAK,EAAC,UAAU,EAAE,kBAAkB,EAAC,MAAM,0BAA0B,CAAA;AAC5E,OAAO,EAAC,YAAY,EAAC,MAAM,mBAAmB,CAAA;AAE9C,MAAM,MAAM,kBAAkB,GAAG;IAC7B,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC1C,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAC9B,EAAE,EAAE,kBAAkB,CAAC;IACvB,IAAI,EAAE,kBAAkB,CAAA;IACxB,KAAK,EAAE,kBAAkB,CAAC;IAC1B,KAAK,EAAE,kBAAkB,CAAC;IAC1B,KAAK,EAAE,kBAAkB,GAAG;QACxB,MAAM,EAAE;YACJ,QAAQ,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAC1C,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;SAC1C,CAAA;KACJ,CAAA;IACD,UAAU,EAAE;QACR,IAAI,EAAE,kBAAkB,CAAA;KAC3B,CAAA;CACJ,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG,OAAO,CAAC;IACrC,YAAY,EAAE,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAC3C,aAAa,EAAE,IAAI,CAAA;IACnB,yBAAyB,EAAE,IAAI,CAAA;IAC/B,uBAAuB,EAAE,MAAM,CAAA;IAC/B,KAAK,EAAE,MAAM,CAAA;IACb,SAAS,EAAE,gBAAgB,CAAA;CAC9B,CAAC,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAA;AAElC,MAAM,MAAM,iBAAiB,GAAG,CAAC,KAAK,EAAE,kBAAkB,KAAK,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,CAAA;AAEzF,MAAM,MAAM,eAAe,GAAG;IAC1B,SAAS,EAAE,IAAI,CAAA;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,oBAAoB,GAAG;IAC/B,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;CACnB,GAAG,CAAC,eAAe,GAAG;IACnB,SAAS,CAAC,EAAE,SAAS,CAAA;CACxB,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC,CAAA;AAE7B,MAAM,MAAM,mBAAmB,GAAG,CAAC,KAAK,EAAE,oBAAoB,GAAG;IAC7D,YAAY,EAAE,mBAAmB,CAAA;CACpC,KAAK,YAAY,CAAA;AAElB,MAAM,MAAM,cAAc,GAAG,OAAO,CAAC;IACjC,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,mCAAmC,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAA;CAC/E,CAAC,CAAA;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC7B,MAAM,EAAE,OAAO,CAAC;IAChB,cAAc,EAAE,MAAM,CAAC;CAC1B,CAAA;AAED,MAAM,MAAM,uBAAuB,GAAG,WAAW,GAAG;IAChD,IAAI,EAAE,UAAU,CAAC,OAAO,YAAY,CAAC,EAAE,EAAE,kBAAkB,CAAC,OAAO,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC;IACrF,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG,CAAC,KAAK,EAAE,eAAe,KAAK,YAAY,CAAA;AAEvE,MAAM,MAAM,0BAA0B,GAAG;IACrC,OAAO,EAAE;QACL,SAAS,EAAE,MAAM,CAAA;QACjB,QAAQ,EAAE,MAAM,CAAA;QAChB,WAAW,EAAE,MAAM,CAAC;QACpB,cAAc,EAAE,MAAM,CAAA;KACzB,CAAA;CACJ,CAAA;AAED,MAAM,MAAM,wBAAwB,GAAG,CAAC,MAAM,GAAG,eAAe,CAAC,GAAG;IAChE,KAAK,EAAE;QACH,MAAM,EAAE,0BAA0B,CAAA;KACrC,CAAA;CACJ,CAAA"}
|
package/dist/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/types.ts"],"sourcesContent":["import {AuthStrategy, Config, SanitizedConfig, ServerProps} from 'payload'\nimport {
|
|
1
|
+
{"version":3,"sources":["../src/types.ts"],"sourcesContent":["import type {NextResponse} from 'next/server.js'\nimport type {AuthStrategy, Config, SanitizedConfig, ServerProps} from 'payload'\nimport type {I18nClient, NestedKeysStripped} from '@payloadcms/translations'\nimport {translations} from './translations.js'\n\nexport type ZitadelFieldConfig = {\n hidden?: boolean,\n name: string,\n label: string | Record<string, string>,\n}\n\nexport type ZitadelFieldsConfig = {\n id: ZitadelFieldConfig,\n name: ZitadelFieldConfig\n email: ZitadelFieldConfig,\n image: ZitadelFieldConfig,\n roles: ZitadelFieldConfig & {\n labels: {\n singular: string | Record<string, string>,\n plural: string | Record<string, string>\n }\n }\n roleFields: {\n name: ZitadelFieldConfig\n }\n}\n\nexport type ZitadelPluginProps = Partial<{\n fieldsConfig: Partial<ZitadelFieldsConfig>,\n disableAvatar: true\n disableDefaultLoginButton: true\n defaultLoginButtonTitle: string\n label: string\n onSuccess: ZitadelOnSuccess\n}> & Partial<ZitadelStrategyProps>\n\nexport type ZitadelPluginType = (props: ZitadelPluginProps) => (config: Config) => Config\n\nexport type ZitadelAPIProps = {\n enableAPI: true\n apiClientId: string,\n apiKeyId: string,\n apiKey: string\n}\n\nexport type ZitadelStrategyProps = {\n strategyName: string,\n issuerURL: string,\n clientId: string\n authSlug: string\n} & (ZitadelAPIProps | {\n enableAPI?: undefined\n} & Partial<ZitadelAPIProps>)\n\nexport type ZitadelStrategyType = (props: ZitadelStrategyProps & {\n fieldsConfig: ZitadelFieldsConfig\n}) => AuthStrategy\n\nexport type ZitadelIdToken = Partial<{\n sub: string,\n name: string,\n email: string,\n picture: string,\n 'urn:zitadel:iam:org:project:roles'?: Record<string, Record<string, string>>\n}>\n\nexport type ZitadelAvatarProps = {\n active: boolean,\n imageFieldName: string,\n}\n\nexport type ZitadelLoginButtonProps = ServerProps & {\n i18n: I18nClient<typeof translations.en, NestedKeysStripped<typeof translations.en>>,\n authorizeURL: string,\n label: string\n}\n\nexport type ZitadelOnSuccess = (state: URLSearchParams) => NextResponse\n\nexport type ZitadelCustomConfigSegment = {\n zitadel: {\n issuerURL: string\n clientId: string\n callbackURL: string,\n imageFieldName: string\n }\n}\n\nexport type PayloadConfigWithZitadel = (Config | SanitizedConfig) & {\n admin: {\n custom: ZitadelCustomConfigSegment\n }\n}"],"names":[],"mappings":"AAwFA,WAIC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "payload-zitadel-plugin",
|
|
3
|
-
"version": "0.3.
|
|
3
|
+
"version": "0.3.4",
|
|
4
4
|
"description": "plugin for Payload CMS, which enables authentication via Zitadel IdP",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"license": "MIT",
|
|
@@ -36,21 +36,21 @@
|
|
|
36
36
|
"dist"
|
|
37
37
|
],
|
|
38
38
|
"dependencies": {
|
|
39
|
-
"@payloadcms/next": "^3.
|
|
40
|
-
"@payloadcms/translations": "^3.
|
|
41
|
-
"@payloadcms/ui": "^3.
|
|
39
|
+
"@payloadcms/next": "^3.5.0",
|
|
40
|
+
"@payloadcms/translations": "^3.5.0",
|
|
41
|
+
"@payloadcms/ui": "^3.5.0",
|
|
42
42
|
"jose": "^5.9.6",
|
|
43
|
-
"next": "^15.0.
|
|
44
|
-
"payload": "^3.
|
|
45
|
-
"react": "19.0.0
|
|
46
|
-
"react-dom": "19.0.0
|
|
43
|
+
"next": "^15.0.4",
|
|
44
|
+
"payload": "^3.5.0",
|
|
45
|
+
"react": "^19.0.0",
|
|
46
|
+
"react-dom": "^19.0.0"
|
|
47
47
|
},
|
|
48
48
|
"devDependencies": {
|
|
49
49
|
"@swc/cli": "^0.5.2",
|
|
50
50
|
"@swc/core": "^1.10.0",
|
|
51
51
|
"@types/node": "^22.10.1",
|
|
52
|
-
"@types/react": "^
|
|
53
|
-
"@types/react-dom": "^
|
|
52
|
+
"@types/react": "^19.0.1",
|
|
53
|
+
"@types/react-dom": "^19.0.1",
|
|
54
54
|
"rimraf": "^6.0.1",
|
|
55
55
|
"typescript": "^5.7.2"
|
|
56
56
|
},
|
|
@@ -63,10 +63,15 @@
|
|
|
63
63
|
"require": "./dist/index.js",
|
|
64
64
|
"types": "./dist/index.d.ts"
|
|
65
65
|
},
|
|
66
|
-
"./components": {
|
|
67
|
-
"import": "./dist/components/index.js",
|
|
68
|
-
"require": "./dist/components/index.js",
|
|
69
|
-
"types": "./dist/components/index.d.ts"
|
|
66
|
+
"./components/client": {
|
|
67
|
+
"import": "./dist/components/client/index.js",
|
|
68
|
+
"require": "./dist/components/client/index.js",
|
|
69
|
+
"types": "./dist/components/client/index.d.ts"
|
|
70
|
+
},
|
|
71
|
+
"./components/server": {
|
|
72
|
+
"import": "./dist/components/server/index.js",
|
|
73
|
+
"require": "./dist/components/server/index.js",
|
|
74
|
+
"types": "./dist/components/server/index.d.ts"
|
|
70
75
|
},
|
|
71
76
|
"./types": {
|
|
72
77
|
"import": "./dist/types.js",
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"Avatar.d.ts","sourceRoot":"","sources":["../../src/components/Avatar.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,KAAK,MAAM,OAAO,CAAA;AAK9B,eAAO,MAAM,MAAM,eAAc;IAAE,MAAM,EAAE,OAAO,CAAA;CAAE,sBAqBnD,CAAA"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/components/Avatar.tsx"],"sourcesContent":["'use client'\n\nimport * as React from 'react'\nimport {DefaultAccountIcon} from '@payloadcms/ui/graphics/Account/Default'\nimport {useAuth, useConfig} from '@payloadcms/ui'\nimport {ZitadelCustomConfigSegment} from '../types.js'\n\nexport const Avatar = ({active}: { active: boolean }) => {\n\n const {user} = useAuth()\n\n const {config: {admin: {custom}}} = useConfig()\n\n const {zitadel: {imageFieldName}} = custom as ZitadelCustomConfigSegment\n\n return (\n user && user[imageFieldName] ?\n <>\n <style>{'zitadel-avatar:hover { filter: brightness(1.2); }'}</style>\n <img className=\"zitadel-avatar\" src={user[imageFieldName]} height={25} width={25} alt=\"Profile Picture\"\n style={{\n borderRadius: '100%',\n ...(active ? {filter: 'brightness(.8)'} : {})\n }}/>\n </> :\n <DefaultAccountIcon active={active}/>\n )\n\n}\n"],"names":["React","DefaultAccountIcon","useAuth","useConfig","Avatar","active","user","config","admin","custom","zitadel","imageFieldName","style","img","className","src","height","width","alt","borderRadius","filter"],"mappings":"AAAA;AAEA,YAAYA,WAAW,QAAO;AAC9B,SAAQC,kBAAkB,QAAO,0CAAyC;AAC1E,SAAQC,OAAO,EAAEC,SAAS,QAAO,iBAAgB;AAGjD,OAAO,MAAMC,SAAS,CAAC,EAACC,MAAM,EAAsB;IAEhD,MAAM,EAACC,IAAI,EAAC,GAAGJ;IAEf,MAAM,EAACK,QAAQ,EAACC,OAAO,EAACC,MAAM,EAAC,EAAC,EAAC,GAAGN;IAEpC,MAAM,EAACO,SAAS,EAACC,cAAc,EAAC,EAAC,GAAGF;IAEpC,OACIH,QAAQA,IAAI,CAACK,eAAe,iBACxB,wDACI,oBAACC,eAAO,oEACR,oBAACC;QAAIC,WAAU;QAAiBC,KAAKT,IAAI,CAACK,eAAe;QAAEK,QAAQ;QAAIC,OAAO;QAAIC,KAAI;QACjFN,OAAO;YACHO,cAAc;YACd,GAAId,SAAS;gBAACe,QAAQ;YAAgB,IAAI,CAAC,CAAC;QAChD;wBAET,oBAACnB;QAAmBI,QAAQA;;AAGxC,EAAC"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"LoginButton.d.ts","sourceRoot":"","sources":["../../src/components/LoginButton.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAA;AAEzB,OAAO,EAAC,uBAAuB,EAAC,MAAM,aAAa,CAAA;AAEnD,eAAO,MAAM,WAAW,kCAAiC,uBAAuB,sBAKtE,CAAA"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/components/LoginButton.tsx"],"sourcesContent":["import React from 'react'\nimport {Button} from '@payloadcms/ui'\nimport {ZitadelLoginButtonProps} from '../types.js'\n\nexport const LoginButton = ({i18n, authorizeURL, label}: ZitadelLoginButtonProps) =>\n <div style={{display: 'flex', justifyContent: 'center'}}>\n <Button el=\"anchor\" url={authorizeURL}>\n {i18n.t('zitadelPlugin:signIn', {label})}\n </Button>\n </div>"],"names":["React","Button","LoginButton","i18n","authorizeURL","label","div","style","display","justifyContent","el","url","t"],"mappings":"AAAA,OAAOA,WAAW,QAAO;AACzB,SAAQC,MAAM,QAAO,iBAAgB;AAGrC,OAAO,MAAMC,cAAc,CAAC,EAACC,IAAI,EAAEC,YAAY,EAAEC,KAAK,EAA0B,iBAC5E,oBAACC;QAAIC,OAAO;YAACC,SAAS;YAAQC,gBAAgB;QAAQ;qBAClD,oBAACR;QAAOS,IAAG;QAASC,KAAKP;OACpBD,KAAKS,CAAC,CAAC,wBAAwB;QAACP;IAAK,KAExC"}
|