payload-zitadel-plugin 0.3.9 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +57 -25
- package/dist/components/server/LoginButton/index.d.ts +1 -1
- package/dist/components/server/LoginButton/index.d.ts.map +1 -1
- package/dist/components/server/LoginButton/index.js +4 -2
- package/dist/components/server/LoginButton/index.js.map +1 -1
- package/dist/constants.d.ts +34 -10
- package/dist/constants.d.ts.map +1 -1
- package/dist/constants.js +31 -10
- package/dist/constants.js.map +1 -1
- package/dist/handlers/authorize.d.ts +2 -2
- package/dist/handlers/authorize.d.ts.map +1 -1
- package/dist/handlers/authorize.js +18 -26
- package/dist/handlers/authorize.js.map +1 -1
- package/dist/handlers/callback.d.ts +2 -3
- package/dist/handlers/callback.d.ts.map +1 -1
- package/dist/handlers/callback.js +129 -39
- package/dist/handlers/callback.js.map +1 -1
- package/dist/index.d.ts +2 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +36 -51
- package/dist/index.js.map +1 -1
- package/dist/strategy.d.ts +2 -2
- package/dist/strategy.d.ts.map +1 -1
- package/dist/strategy.js +20 -42
- package/dist/strategy.js.map +1 -1
- package/dist/types.d.ts +62 -48
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js.map +1 -1
- package/dist/utils/index.d.ts +4 -0
- package/dist/utils/index.d.ts.map +1 -0
- package/dist/utils/index.js +5 -0
- package/dist/utils/index.js.map +1 -0
- package/dist/utils/redirects.d.ts +5 -0
- package/dist/utils/redirects.d.ts.map +1 -0
- package/dist/utils/redirects.js +20 -0
- package/dist/utils/redirects.js.map +1 -0
- package/dist/utils/state.d.ts +5 -0
- package/dist/utils/state.d.ts.map +1 -0
- package/dist/utils/state.js +7 -0
- package/dist/utils/state.js.map +1 -0
- package/dist/utils/urls.d.ts +5 -0
- package/dist/utils/urls.d.ts.map +1 -0
- package/dist/utils/urls.js +5 -0
- package/dist/utils/urls.js.map +1 -0
- package/package.json +3 -3
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/handlers/callback.ts"],"sourcesContent":["import
|
|
1
|
+
{"version":3,"sources":["../../src/handlers/callback.ts"],"sourcesContent":["import {SignJWT, decodeJwt} from 'jose'\nimport {cookies} from 'next/headers.js'\nimport {COOKIES, ENDPOINT_PATHS, ROLES_KEY, ROUTES} from '../constants.js'\nimport {ZitadelCallbackHandler, ZitadelCallbackQuery, ZitadelIdToken} from '../types.js'\nimport {getAuthBaseURL, getAuthSlug, getState} from '../utils/index.js'\n\nexport const callback: ZitadelCallbackHandler = ({\n issuerURL,\n clientId,\n fields,\n afterLogin,\n afterLogout\n }) => async (req) => {\n\n const {payload, query} = req\n\n const {config, secret} = payload\n\n const {code} = query as ZitadelCallbackQuery\n\n const state = getState(req)\n\n console.log('callback with state:', JSON.stringify(state))\n\n const cookieStore = await cookies()\n\n if (state.invokedBy == 'end_session') {\n\n [COOKIES.logout, COOKIES.idToken].forEach(cookie => cookieStore.delete(cookie))\n\n return afterLogout(req)\n\n }\n\n const codeVerifier = cookieStore.get(COOKIES.pkce.name)?.value\n\n if (!code) {\n return Response.json({\n status: 'error',\n message: 'no code provided to verify'\n })\n }\n\n if (!codeVerifier) {\n return Response.json({\n status: 'error',\n message: 'code verifier not found (associated http-only cookie is empty)'\n })\n }\n\n const tokenQueryData = {\n grant_type: 'authorization_code',\n code,\n redirect_uri: getAuthBaseURL(config) + ROUTES.callback,\n client_id: clientId,\n code_verifier: codeVerifier\n }\n\n const tokenEndpoint = issuerURL + ENDPOINT_PATHS.token\n\n const tokenResponse = await fetch(new URL(tokenEndpoint), {\n method: 'POST',\n body: new URLSearchParams(tokenQueryData)\n })\n\n if (!tokenResponse.ok) {\n return Response.json({\n status: 'error',\n message: 'error while communicating with token endpoint',\n details: {\n tokenEndpoint,\n tokenQuery: tokenQueryData,\n tokenResponseCode: `${tokenResponse.status} - ${tokenResponse.statusText}`\n }\n })\n }\n\n const tokenJson = await tokenResponse.json()\n\n const {id_token: idToken} = tokenJson\n\n if (!idToken) {\n return Response.json({\n status: 'error',\n message: 'token could not be retrieved from this response',\n details: {\n responseData: tokenJson\n }\n })\n }\n\n let decodedIdToken\n\n try {\n\n decodedIdToken = decodeJwt<ZitadelIdToken>(idToken)\n\n } catch (e) {\n\n return Response.json({\n status: 'error',\n message: `error during decoding: ${JSON.stringify(e)}`,\n details: {\n idToken\n }\n })\n\n }\n\n const idpId = decodedIdToken.sub\n\n const userData = {\n [fields.name.name]: decodedIdToken.name,\n [fields.email.name]: decodedIdToken.email,\n [fields.image.name]: decodedIdToken.picture,\n [fields.roles.name]: Object.keys(decodedIdToken[ROLES_KEY] ?? {})\n .map(key => ({[fields.roleFields.name.name]: key}))\n }\n\n if (!idpId) {\n return Response.json({\n status: 'error',\n message: 'token is not complete (id not found)',\n details: {\n idToken,\n decodedIdToken,\n idpId\n }\n })\n }\n\n try {\n\n const authSlug = getAuthSlug(config)\n\n const {docs, totalDocs} = await payload.find({\n collection: authSlug,\n where: {\n [fields.id.name]: {\n equals: idpId\n }\n }\n })\n\n if (totalDocs) {\n await payload.update({\n collection: authSlug,\n id: docs[0].id,\n data: userData\n })\n } else {\n await payload.create({\n collection: authSlug,\n data: {\n [fields.id.name]: idpId,\n ...userData\n }\n })\n }\n\n } catch (e) {\n\n return Response.json({\n status: 'error',\n message: `error while creating/updating user: ${JSON.stringify(e)}`,\n details: {\n idpId\n }\n })\n\n }\n\n cookieStore.delete(COOKIES.pkce)\n\n cookieStore.set({\n ...COOKIES.idToken,\n value: await new SignJWT(decodedIdToken)\n .setProtectedHeader({alg: 'HS256'})\n .setIssuedAt()\n .sign(new TextEncoder().encode(secret)),\n maxAge: 900\n })\n\n return afterLogin(req)\n\n}"],"names":["SignJWT","decodeJwt","cookies","COOKIES","ENDPOINT_PATHS","ROLES_KEY","ROUTES","getAuthBaseURL","getAuthSlug","getState","callback","issuerURL","clientId","fields","afterLogin","afterLogout","req","payload","query","config","secret","code","state","console","log","JSON","stringify","cookieStore","invokedBy","logout","idToken","forEach","cookie","delete","codeVerifier","get","pkce","name","value","Response","json","status","message","tokenQueryData","grant_type","redirect_uri","client_id","code_verifier","tokenEndpoint","token","tokenResponse","fetch","URL","method","body","URLSearchParams","ok","details","tokenQuery","tokenResponseCode","statusText","tokenJson","id_token","responseData","decodedIdToken","e","idpId","sub","userData","email","image","picture","roles","Object","keys","map","key","roleFields","authSlug","docs","totalDocs","find","collection","where","id","equals","update","data","create","set","setProtectedHeader","alg","setIssuedAt","sign","TextEncoder","encode","maxAge"],"mappings":"AAAA,SAAQA,OAAO,EAAEC,SAAS,QAAO,OAAM;AACvC,SAAQC,OAAO,QAAO,kBAAiB;AACvC,SAAQC,OAAO,EAAEC,cAAc,EAAEC,SAAS,EAAEC,MAAM,QAAO,kBAAiB;AAE1E,SAAQC,cAAc,EAAEC,WAAW,EAAEC,QAAQ,QAAO,oBAAmB;AAEvE,OAAO,MAAMC,WAAmC,CAAC,EACIC,SAAS,EACTC,QAAQ,EACRC,MAAM,EACNC,UAAU,EACVC,WAAW,EACd,GAAK,OAAOC;QAE1D,MAAM,EAACC,OAAO,EAAEC,KAAK,EAAC,GAAGF;QAEzB,MAAM,EAACG,MAAM,EAAEC,MAAM,EAAC,GAAGH;QAEzB,MAAM,EAACI,IAAI,EAAC,GAAGH;QAEf,MAAMI,QAAQb,SAASO;QAEvBO,QAAQC,GAAG,CAAC,wBAAwBC,KAAKC,SAAS,CAACJ;QAEnD,MAAMK,cAAc,MAAMzB;QAE1B,IAAIoB,MAAMM,SAAS,IAAI,eAAe;YAElC;gBAACzB,QAAQ0B,MAAM;gBAAE1B,QAAQ2B,OAAO;aAAC,CAACC,OAAO,CAACC,CAAAA,SAAUL,YAAYM,MAAM,CAACD;YAEvE,OAAOjB,YAAYC;QAEvB;QAEA,MAAMkB,eAAeP,YAAYQ,GAAG,CAAChC,QAAQiC,IAAI,CAACC,IAAI,GAAGC;QAEzD,IAAI,CAACjB,MAAM;YACP,OAAOkB,SAASC,IAAI,CAAC;gBACjBC,QAAQ;gBACRC,SAAS;YACb;QACJ;QAEA,IAAI,CAACR,cAAc;YACf,OAAOK,SAASC,IAAI,CAAC;gBACjBC,QAAQ;gBACRC,SAAS;YACb;QACJ;QAEA,MAAMC,iBAAiB;YACnBC,YAAY;YACZvB;YACAwB,cAActC,eAAeY,UAAUb,OAAOI,QAAQ;YACtDoC,WAAWlC;YACXmC,eAAeb;QACnB;QAEA,MAAMc,gBAAgBrC,YAAYP,eAAe6C,KAAK;QAEtD,MAAMC,gBAAgB,MAAMC,MAAM,IAAIC,IAAIJ,gBAAgB;YACtDK,QAAQ;YACRC,MAAM,IAAIC,gBAAgBZ;QAC9B;QAEA,IAAI,CAACO,cAAcM,EAAE,EAAE;YACnB,OAAOjB,SAASC,IAAI,CAAC;gBACjBC,QAAQ;gBACRC,SAAS;gBACTe,SAAS;oBACLT;oBACAU,YAAYf;oBACZgB,mBAAmB,GAAGT,cAAcT,MAAM,CAAC,GAAG,EAAES,cAAcU,UAAU,EAAE;gBAC9E;YACJ;QACJ;QAEA,MAAMC,YAAY,MAAMX,cAAcV,IAAI;QAE1C,MAAM,EAACsB,UAAUhC,OAAO,EAAC,GAAG+B;QAE5B,IAAI,CAAC/B,SAAS;YACV,OAAOS,SAASC,IAAI,CAAC;gBACjBC,QAAQ;gBACRC,SAAS;gBACTe,SAAS;oBACLM,cAAcF;gBAClB;YACJ;QACJ;QAEA,IAAIG;QAEJ,IAAI;YAEAA,iBAAiB/D,UAA0B6B;QAE/C,EAAE,OAAOmC,GAAG;YAER,OAAO1B,SAASC,IAAI,CAAC;gBACjBC,QAAQ;gBACRC,SAAS,CAAC,uBAAuB,EAAEjB,KAAKC,SAAS,CAACuC,IAAI;gBACtDR,SAAS;oBACL3B;gBACJ;YACJ;QAEJ;QAEA,MAAMoC,QAAQF,eAAeG,GAAG;QAEhC,MAAMC,WAAW;YACb,CAACvD,OAAOwB,IAAI,CAACA,IAAI,CAAC,EAAE2B,eAAe3B,IAAI;YACvC,CAACxB,OAAOwD,KAAK,CAAChC,IAAI,CAAC,EAAE2B,eAAeK,KAAK;YACzC,CAACxD,OAAOyD,KAAK,CAACjC,IAAI,CAAC,EAAE2B,eAAeO,OAAO;YAC3C,CAAC1D,OAAO2D,KAAK,CAACnC,IAAI,CAAC,EAAEoC,OAAOC,IAAI,CAACV,cAAc,CAAC3D,UAAU,IAAI,CAAC,GAC1DsE,GAAG,CAACC,CAAAA,MAAQ,CAAA;oBAAC,CAAC/D,OAAOgE,UAAU,CAACxC,IAAI,CAACA,IAAI,CAAC,EAAEuC;gBAAG,CAAA;QACxD;QAEA,IAAI,CAACV,OAAO;YACR,OAAO3B,SAASC,IAAI,CAAC;gBACjBC,QAAQ;gBACRC,SAAS;gBACTe,SAAS;oBACL3B;oBACAkC;oBACAE;gBACJ;YACJ;QACJ;QAEA,IAAI;YAEA,MAAMY,WAAWtE,YAAYW;YAE7B,MAAM,EAAC4D,IAAI,EAAEC,SAAS,EAAC,GAAG,MAAM/D,QAAQgE,IAAI,CAAC;gBACzCC,YAAYJ;gBACZK,OAAO;oBACH,CAACtE,OAAOuE,EAAE,CAAC/C,IAAI,CAAC,EAAE;wBACdgD,QAAQnB;oBACZ;gBACJ;YACJ;YAEA,IAAIc,WAAW;gBACX,MAAM/D,QAAQqE,MAAM,CAAC;oBACjBJ,YAAYJ;oBACZM,IAAIL,IAAI,CAAC,EAAE,CAACK,EAAE;oBACdG,MAAMnB;gBACV;YACJ,OAAO;gBACH,MAAMnD,QAAQuE,MAAM,CAAC;oBACjBN,YAAYJ;oBACZS,MAAM;wBACF,CAAC1E,OAAOuE,EAAE,CAAC/C,IAAI,CAAC,EAAE6B;wBAClB,GAAGE,QAAQ;oBACf;gBACJ;YACJ;QAEJ,EAAE,OAAOH,GAAG;YAER,OAAO1B,SAASC,IAAI,CAAC;gBACjBC,QAAQ;gBACRC,SAAS,CAAC,oCAAoC,EAAEjB,KAAKC,SAAS,CAACuC,IAAI;gBACnER,SAAS;oBACLS;gBACJ;YACJ;QAEJ;QAEAvC,YAAYM,MAAM,CAAC9B,QAAQiC,IAAI;QAE/BT,YAAY8D,GAAG,CAAC;YACZ,GAAGtF,QAAQ2B,OAAO;YAClBQ,OAAO,MAAM,IAAItC,QAAQgE,gBACpB0B,kBAAkB,CAAC;gBAACC,KAAK;YAAO,GAChCC,WAAW,GACXC,IAAI,CAAC,IAAIC,cAAcC,MAAM,CAAC3E;YACnC4E,QAAQ;QACZ;QAEA,OAAOlF,WAAWE;IAEtB,EAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
import
|
|
2
|
-
export declare const
|
|
1
|
+
import { ZitadelPlugin } from './types.js';
|
|
2
|
+
export declare const zitadelPlugin: ZitadelPlugin;
|
|
3
3
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAMA,OAAO,EAAqB,aAAa,EAAC,MAAM,YAAY,CAAA;AAG5D,eAAO,MAAM,aAAa,EAAE,aA4J3B,CAAA"}
|
package/dist/index.js
CHANGED
|
@@ -1,34 +1,20 @@
|
|
|
1
1
|
import { cookies } from 'next/headers.js';
|
|
2
|
-
import {
|
|
3
|
-
import { COOKIES, DEFAULT_CONFIG,
|
|
2
|
+
import { AvatarComponent, LoginButtonComponent } from './components/index.js';
|
|
3
|
+
import { COOKIES, DEFAULT_CONFIG, ROUTES } from './constants.js';
|
|
4
4
|
import { authorize, callback } from './handlers/index.js';
|
|
5
5
|
import { zitadelStrategy } from './strategy.js';
|
|
6
6
|
import { translations } from './translations.js';
|
|
7
|
-
import {
|
|
8
|
-
export const
|
|
9
|
-
if (!issuerURL) throw new Error(ERROR_MESSAGES.issuerURL);
|
|
10
|
-
if (!clientId) throw new Error(ERROR_MESSAGES.clientId);
|
|
11
|
-
if (enableAPI) {
|
|
12
|
-
if (!apiClientId) throw new Error(ERROR_MESSAGES.apiClientId);
|
|
13
|
-
if (!apiKeyId) throw new Error(ERROR_MESSAGES.apiKey);
|
|
14
|
-
if (!apiKey) throw new Error(ERROR_MESSAGES.apiKey);
|
|
15
|
-
}
|
|
7
|
+
import { defaultRedirect, getAuthSlug, requestRedirect } from './utils/index.js';
|
|
8
|
+
export const zitadelPlugin = ({ issuerURL, clientId, fields, strategyName = DEFAULT_CONFIG.strategyName, api, callbacks, components })=>{
|
|
16
9
|
const fieldsConfig = {
|
|
17
10
|
...DEFAULT_CONFIG.fields,
|
|
18
|
-
...
|
|
11
|
+
...fields
|
|
19
12
|
};
|
|
20
|
-
return (incomingConfig)=>{
|
|
21
|
-
const serverURL = incomingConfig.serverURL ?? 'http://localhost';
|
|
22
|
-
const authSlug = incomingConfig.admin?.user ?? 'users';
|
|
23
|
-
const authBaseURL = `${serverURL}/api/${authSlug}`;
|
|
24
|
-
const authorizeURL = authBaseURL + ROUTES.authorize;
|
|
25
|
-
const callbackURL = authBaseURL + ROUTES.callback;
|
|
26
|
-
const defaultOnSuccess = (state)=>NextResponse.redirect(serverURL + (state.get('redirect') ?? ''));
|
|
27
|
-
return {
|
|
13
|
+
return (incomingConfig)=>({
|
|
28
14
|
...incomingConfig,
|
|
29
15
|
admin: {
|
|
30
16
|
...incomingConfig.admin,
|
|
31
|
-
...
|
|
17
|
+
...components?.avatar ? {} : {
|
|
32
18
|
avatar: {
|
|
33
19
|
Component: {
|
|
34
20
|
...AvatarComponent,
|
|
@@ -38,7 +24,7 @@ export const ZitadelPlugin = ({ fieldsConfig: _fieldsConfig, disableAvatar, disa
|
|
|
38
24
|
}
|
|
39
25
|
}
|
|
40
26
|
},
|
|
41
|
-
...
|
|
27
|
+
...components?.loginButton ? {} : {
|
|
42
28
|
components: {
|
|
43
29
|
...incomingConfig.admin?.components,
|
|
44
30
|
afterLogin: [
|
|
@@ -46,65 +32,65 @@ export const ZitadelPlugin = ({ fieldsConfig: _fieldsConfig, disableAvatar, disa
|
|
|
46
32
|
{
|
|
47
33
|
...LoginButtonComponent,
|
|
48
34
|
serverProps: {
|
|
49
|
-
|
|
50
|
-
label
|
|
35
|
+
label: components?.loginButton?.label ?? DEFAULT_CONFIG.label
|
|
51
36
|
}
|
|
52
37
|
}
|
|
53
38
|
]
|
|
54
39
|
}
|
|
55
|
-
},
|
|
56
|
-
custom: {
|
|
57
|
-
...incomingConfig.admin?.custom,
|
|
58
|
-
zitadel: {
|
|
59
|
-
issuerURL,
|
|
60
|
-
clientId,
|
|
61
|
-
callbackURL,
|
|
62
|
-
imageFieldName: fieldsConfig.image.name
|
|
63
|
-
}
|
|
64
40
|
}
|
|
65
41
|
},
|
|
66
42
|
collections: (incomingConfig.collections || []).map((collection)=>{
|
|
67
43
|
const authConfig = typeof collection.auth == 'boolean' ? {} : collection.auth;
|
|
68
44
|
return {
|
|
69
45
|
...collection,
|
|
70
|
-
...collection.slug ==
|
|
46
|
+
...collection.slug == getAuthSlug(incomingConfig) ? {
|
|
71
47
|
auth: {
|
|
72
48
|
...authConfig,
|
|
73
49
|
disableLocalStrategy: true,
|
|
74
50
|
strategies: [
|
|
75
51
|
...authConfig?.strategies ?? [],
|
|
76
52
|
zitadelStrategy({
|
|
77
|
-
authSlug,
|
|
78
|
-
fieldsConfig,
|
|
79
53
|
strategyName: strategyName,
|
|
80
|
-
issuerURL
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
enableAPI: true,
|
|
84
|
-
apiClientId: apiClientId,
|
|
85
|
-
apiKeyId: apiClientId,
|
|
86
|
-
apiKey: apiKey
|
|
87
|
-
} : {
|
|
88
|
-
enableAPI: undefined
|
|
89
|
-
}
|
|
54
|
+
issuerURL,
|
|
55
|
+
fields: fieldsConfig,
|
|
56
|
+
api: api ?? false
|
|
90
57
|
})
|
|
91
58
|
]
|
|
92
59
|
},
|
|
93
60
|
hooks: {
|
|
94
61
|
afterLogout: [
|
|
95
|
-
async ()=>(await cookies()).
|
|
62
|
+
async ()=>(await cookies()).set(COOKIES.logout)
|
|
96
63
|
]
|
|
97
64
|
},
|
|
98
65
|
endpoints: [
|
|
99
66
|
{
|
|
100
67
|
path: ROUTES.authorize,
|
|
101
68
|
method: 'get',
|
|
102
|
-
handler: authorize
|
|
69
|
+
handler: authorize({
|
|
70
|
+
issuerURL,
|
|
71
|
+
clientId
|
|
72
|
+
})
|
|
103
73
|
},
|
|
104
74
|
{
|
|
105
75
|
path: ROUTES.callback,
|
|
106
76
|
method: 'get',
|
|
107
|
-
handler: callback(
|
|
77
|
+
handler: callback({
|
|
78
|
+
issuerURL,
|
|
79
|
+
clientId,
|
|
80
|
+
fields: fieldsConfig,
|
|
81
|
+
afterLogin: callbacks?.afterLogin ?? defaultRedirect,
|
|
82
|
+
afterLogout: callbacks?.afterLogout ?? defaultRedirect
|
|
83
|
+
})
|
|
84
|
+
},
|
|
85
|
+
{
|
|
86
|
+
path: ROUTES.end_session,
|
|
87
|
+
method: 'get',
|
|
88
|
+
handler: (req)=>requestRedirect({
|
|
89
|
+
req,
|
|
90
|
+
issuerURL,
|
|
91
|
+
clientId,
|
|
92
|
+
invokedBy: 'end_session'
|
|
93
|
+
})
|
|
108
94
|
}
|
|
109
95
|
],
|
|
110
96
|
fields: [
|
|
@@ -171,8 +157,7 @@ export const ZitadelPlugin = ({ fieldsConfig: _fieldsConfig, disableAvatar, disa
|
|
|
171
157
|
}
|
|
172
158
|
}
|
|
173
159
|
}
|
|
174
|
-
};
|
|
175
|
-
};
|
|
160
|
+
});
|
|
176
161
|
};
|
|
177
162
|
|
|
178
163
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts"],"sourcesContent":["import {cookies} from 'next/headers.js'\nimport {NextResponse} from 'next/server.js'\nimport {COOKIES, DEFAULT_CONFIG, ERROR_MESSAGES, ROUTES} from './constants.js'\nimport {authorize, callback} from './handlers/index.js'\nimport {zitadelStrategy} from './strategy.js'\nimport {translations} from './translations.js'\nimport {AvatarComponent, LoginButtonComponent} from './components/index.js'\nimport type {\n PayloadConfigWithZitadel,\n ZitadelAvatarProps,\n ZitadelLoginButtonProps,\n ZitadelOnSuccess,\n ZitadelPluginType\n} from './types.js'\n\nexport const ZitadelPlugin: ZitadelPluginType = ({\n fieldsConfig: _fieldsConfig,\n disableAvatar,\n disableDefaultLoginButton,\n strategyName = DEFAULT_CONFIG.strategyName,\n label = DEFAULT_CONFIG.label,\n issuerURL,\n clientId,\n enableAPI,\n apiClientId,\n apiKeyId,\n apiKey,\n onSuccess\n }) => {\n\n if (!issuerURL)\n throw new Error(ERROR_MESSAGES.issuerURL)\n if (!clientId)\n throw new Error(ERROR_MESSAGES.clientId)\n if (enableAPI) {\n if (!apiClientId)\n throw new Error(ERROR_MESSAGES.apiClientId)\n if (!apiKeyId)\n throw new Error(ERROR_MESSAGES.apiKey)\n if (!apiKey)\n throw new Error(ERROR_MESSAGES.apiKey)\n }\n\n const fieldsConfig = {...DEFAULT_CONFIG.fields, ..._fieldsConfig}\n\n return (incomingConfig) => {\n\n const serverURL = incomingConfig.serverURL ?? 'http://localhost'\n\n const authSlug = incomingConfig.admin?.user ?? 'users'\n\n const authBaseURL = `${serverURL}/api/${authSlug}`\n const authorizeURL = authBaseURL + ROUTES.authorize\n const callbackURL = authBaseURL + ROUTES.callback\n\n const defaultOnSuccess: ZitadelOnSuccess = (state) =>\n NextResponse.redirect(serverURL + (state.get('redirect') ?? ''))\n\n return {\n ...incomingConfig,\n admin: {\n ...incomingConfig.admin,\n ...disableAvatar ? {} : {\n avatar: {\n Component: {\n ...AvatarComponent,\n clientProps: {\n imageFieldName: fieldsConfig.image.name\n } satisfies ZitadelAvatarProps\n }\n }\n },\n ...disableDefaultLoginButton ? {} : {\n components: {\n ...incomingConfig.admin?.components,\n afterLogin: [\n ...incomingConfig.admin?.components?.afterLogin ?? [],\n {\n ...LoginButtonComponent,\n serverProps: {\n authorizeURL,\n label\n } satisfies Pick<ZitadelLoginButtonProps, 'authorizeURL' | 'label'>\n }\n ]\n }\n },\n custom: {\n ...incomingConfig.admin?.custom,\n zitadel: {\n issuerURL,\n clientId,\n callbackURL,\n imageFieldName: fieldsConfig.image.name\n }\n }\n },\n collections: (incomingConfig.collections || []).map((collection) => {\n\n const authConfig = typeof collection.auth == 'boolean' ? {} : collection.auth\n\n return {\n ...collection,\n ...collection.slug == authSlug ? {\n auth: {\n ...authConfig,\n disableLocalStrategy: true,\n strategies: [\n ...authConfig?.strategies ?? [],\n zitadelStrategy({\n authSlug,\n fieldsConfig,\n strategyName: strategyName,\n issuerURL: issuerURL as string,\n clientId: clientId as string,\n ...(enableAPI ? {\n enableAPI: true,\n apiClientId: apiClientId!,\n apiKeyId: apiClientId!,\n apiKey: apiKey!\n } : {enableAPI: undefined})\n })\n ]\n },\n hooks: {\n afterLogout: [async () => (await cookies()).delete(COOKIES.idToken)]\n },\n endpoints: [\n {\n path: ROUTES.authorize,\n method: 'get',\n handler: authorize\n },\n {\n path: ROUTES.callback,\n method: 'get',\n handler: callback(onSuccess ?? defaultOnSuccess)\n }\n ],\n fields: [\n ...collection.fields,\n {\n ...fieldsConfig.id,\n type: 'text',\n admin: {\n readOnly: true\n },\n index: true,\n unique: true,\n required: true\n },\n {\n ...fieldsConfig.name,\n type: 'text',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.email,\n type: 'email',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.image,\n type: 'text',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.roles,\n type: 'array',\n admin: {\n readOnly: true\n },\n fields: [\n {\n ...fieldsConfig.roleFields.name,\n type: 'text'\n }\n ]\n }\n ]\n } : {}\n }\n }),\n i18n: {\n ...incomingConfig.i18n,\n translations: {\n ...incomingConfig.i18n?.translations,\n de: {\n ...incomingConfig.i18n?.translations?.de,\n ...translations.de\n },\n en: {\n ...incomingConfig.i18n?.translations?.en,\n ...translations.en\n }\n }\n }\n } satisfies PayloadConfigWithZitadel\n\n }\n\n}"],"names":["cookies","NextResponse","COOKIES","DEFAULT_CONFIG","ERROR_MESSAGES","ROUTES","authorize","callback","zitadelStrategy","translations","AvatarComponent","LoginButtonComponent","ZitadelPlugin","fieldsConfig","_fieldsConfig","disableAvatar","disableDefaultLoginButton","strategyName","label","issuerURL","clientId","enableAPI","apiClientId","apiKeyId","apiKey","onSuccess","Error","fields","incomingConfig","serverURL","authSlug","admin","user","authBaseURL","authorizeURL","callbackURL","defaultOnSuccess","state","redirect","get","avatar","Component","clientProps","imageFieldName","image","name","components","afterLogin","serverProps","custom","zitadel","collections","map","collection","authConfig","auth","slug","disableLocalStrategy","strategies","undefined","hooks","afterLogout","delete","idToken","endpoints","path","method","handler","id","type","readOnly","index","unique","required","email","roles","roleFields","i18n","de","en"],"mappings":"AAAA,SAAQA,OAAO,QAAO,kBAAiB;AACvC,SAAQC,YAAY,QAAO,iBAAgB;AAC3C,SAAQC,OAAO,EAAEC,cAAc,EAAEC,cAAc,EAAEC,MAAM,QAAO,iBAAgB;AAC9E,SAAQC,SAAS,EAAEC,QAAQ,QAAO,sBAAqB;AACvD,SAAQC,eAAe,QAAO,gBAAe;AAC7C,SAAQC,YAAY,QAAO,oBAAmB;AAC9C,SAAQC,eAAe,EAAEC,oBAAoB,QAAO,wBAAuB;AAS3E,OAAO,MAAMC,gBAAmC,CAAC,EACIC,cAAcC,aAAa,EAC3BC,aAAa,EACbC,yBAAyB,EACzBC,eAAed,eAAec,YAAY,EAC1CC,QAAQf,eAAee,KAAK,EAC5BC,SAAS,EACTC,QAAQ,EACRC,SAAS,EACTC,WAAW,EACXC,QAAQ,EACRC,MAAM,EACNC,SAAS,EACZ;IAE9C,IAAI,CAACN,WACD,MAAM,IAAIO,MAAMtB,eAAee,SAAS;IAC5C,IAAI,CAACC,UACD,MAAM,IAAIM,MAAMtB,eAAegB,QAAQ;IAC3C,IAAIC,WAAW;QACX,IAAI,CAACC,aACD,MAAM,IAAII,MAAMtB,eAAekB,WAAW;QAC9C,IAAI,CAACC,UACD,MAAM,IAAIG,MAAMtB,eAAeoB,MAAM;QACzC,IAAI,CAACA,QACD,MAAM,IAAIE,MAAMtB,eAAeoB,MAAM;IAC7C;IAEA,MAAMX,eAAe;QAAC,GAAGV,eAAewB,MAAM;QAAE,GAAGb,aAAa;IAAA;IAEhE,OAAO,CAACc;QAEJ,MAAMC,YAAYD,eAAeC,SAAS,IAAI;QAE9C,MAAMC,WAAWF,eAAeG,KAAK,EAAEC,QAAQ;QAE/C,MAAMC,cAAc,GAAGJ,UAAU,KAAK,EAAEC,UAAU;QAClD,MAAMI,eAAeD,cAAc5B,OAAOC,SAAS;QACnD,MAAM6B,cAAcF,cAAc5B,OAAOE,QAAQ;QAEjD,MAAM6B,mBAAqC,CAACC,QACxCpC,aAAaqC,QAAQ,CAACT,YAAaQ,CAAAA,MAAME,GAAG,CAAC,eAAe,EAAC;QAEjE,OAAO;YACH,GAAGX,cAAc;YACjBG,OAAO;gBACH,GAAGH,eAAeG,KAAK;gBACvB,GAAGhB,gBAAgB,CAAC,IAAI;oBACpByB,QAAQ;wBACJC,WAAW;4BACP,GAAG/B,eAAe;4BAClBgC,aAAa;gCACTC,gBAAgB9B,aAAa+B,KAAK,CAACC,IAAI;4BAC3C;wBACJ;oBACJ;gBACJ,CAAC;gBACD,GAAG7B,4BAA4B,CAAC,IAAI;oBAChC8B,YAAY;wBACR,GAAGlB,eAAeG,KAAK,EAAEe,UAAU;wBACnCC,YAAY;+BACLnB,eAAeG,KAAK,EAAEe,YAAYC,cAAc,EAAE;4BACrD;gCACI,GAAGpC,oBAAoB;gCACvBqC,aAAa;oCACTd;oCACAhB;gCACJ;4BACJ;yBACH;oBACL;gBACJ,CAAC;gBACD+B,QAAQ;oBACJ,GAAGrB,eAAeG,KAAK,EAAEkB,MAAM;oBAC/BC,SAAS;wBACL/B;wBACAC;wBACAe;wBACAQ,gBAAgB9B,aAAa+B,KAAK,CAACC,IAAI;oBAC3C;gBACJ;YACJ;YACAM,aAAa,AAACvB,CAAAA,eAAeuB,WAAW,IAAI,EAAE,AAAD,EAAGC,GAAG,CAAC,CAACC;gBAEjD,MAAMC,aAAa,OAAOD,WAAWE,IAAI,IAAI,YAAY,CAAC,IAAIF,WAAWE,IAAI;gBAE7E,OAAO;oBACH,GAAGF,UAAU;oBACb,GAAGA,WAAWG,IAAI,IAAI1B,WAAW;wBAC7ByB,MAAM;4BACF,GAAGD,UAAU;4BACbG,sBAAsB;4BACtBC,YAAY;mCACLJ,YAAYI,cAAc,EAAE;gCAC/BlD,gBAAgB;oCACZsB;oCACAjB;oCACAI,cAAcA;oCACdE,WAAWA;oCACXC,UAAUA;oCACV,GAAIC,YAAY;wCACZA,WAAW;wCACXC,aAAaA;wCACbC,UAAUD;wCACVE,QAAQA;oCACZ,IAAI;wCAACH,WAAWsC;oCAAS,CAAC;gCAC9B;6BACH;wBACL;wBACAC,OAAO;4BACHC,aAAa;gCAAC,UAAY,AAAC,CAAA,MAAM7D,SAAQ,EAAG8D,MAAM,CAAC5D,QAAQ6D,OAAO;6BAAE;wBACxE;wBACAC,WAAW;4BACP;gCACIC,MAAM5D,OAAOC,SAAS;gCACtB4D,QAAQ;gCACRC,SAAS7D;4BACb;4BACA;gCACI2D,MAAM5D,OAAOE,QAAQ;gCACrB2D,QAAQ;gCACRC,SAAS5D,SAASkB,aAAaW;4BACnC;yBACH;wBACDT,QAAQ;+BACD0B,WAAW1B,MAAM;4BACpB;gCACI,GAAGd,aAAauD,EAAE;gCAClBC,MAAM;gCACNtC,OAAO;oCACHuC,UAAU;gCACd;gCACAC,OAAO;gCACPC,QAAQ;gCACRC,UAAU;4BACd;4BACA;gCACI,GAAG5D,aAAagC,IAAI;gCACpBwB,MAAM;gCACNtC,OAAO;oCACHuC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGzD,aAAa6D,KAAK;gCACrBL,MAAM;gCACNtC,OAAO;oCACHuC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGzD,aAAa+B,KAAK;gCACrByB,MAAM;gCACNtC,OAAO;oCACHuC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGzD,aAAa8D,KAAK;gCACrBN,MAAM;gCACNtC,OAAO;oCACHuC,UAAU;gCACd;gCACA3C,QAAQ;oCACJ;wCACI,GAAGd,aAAa+D,UAAU,CAAC/B,IAAI;wCAC/BwB,MAAM;oCACV;iCACH;4BACL;yBACH;oBACL,IAAI,CAAC,CAAC;gBACV;YACJ;YACAQ,MAAM;gBACF,GAAGjD,eAAeiD,IAAI;gBACtBpE,cAAc;oBACV,GAAGmB,eAAeiD,IAAI,EAAEpE,YAAY;oBACpCqE,IAAI;wBACA,GAAGlD,eAAeiD,IAAI,EAAEpE,cAAcqE,EAAE;wBACxC,GAAGrE,aAAaqE,EAAE;oBACtB;oBACAC,IAAI;wBACA,GAAGnD,eAAeiD,IAAI,EAAEpE,cAAcsE,EAAE;wBACxC,GAAGtE,aAAasE,EAAE;oBACtB;gBACJ;YACJ;QACJ;IAEJ;AAEJ,EAAC"}
|
|
1
|
+
{"version":3,"sources":["../src/index.ts"],"sourcesContent":["import {cookies} from 'next/headers.js'\nimport {AvatarComponent, LoginButtonComponent} from './components/index.js'\nimport {COOKIES, DEFAULT_CONFIG, ROUTES} from './constants.js'\nimport {authorize, callback} from './handlers/index.js'\nimport {zitadelStrategy} from './strategy.js'\nimport {translations} from './translations.js'\nimport {ZitadelAvatarProps, ZitadelPlugin} from './types.js'\nimport {defaultRedirect, getAuthSlug, requestRedirect} from './utils/index.js'\n\nexport const zitadelPlugin: ZitadelPlugin = ({\n issuerURL,\n clientId,\n fields,\n strategyName = DEFAULT_CONFIG.strategyName,\n api,\n callbacks,\n components\n }) => {\n\n const fieldsConfig = {...DEFAULT_CONFIG.fields, ...fields}\n\n return (incomingConfig) => ({\n ...incomingConfig,\n admin: {\n ...incomingConfig.admin,\n ...components?.avatar ? {} : {\n avatar: {\n Component: {\n ...AvatarComponent,\n clientProps: {\n imageFieldName: fieldsConfig.image.name\n } satisfies ZitadelAvatarProps\n }\n }\n },\n ...components?.loginButton ? {} : {\n components: {\n ...incomingConfig.admin?.components,\n afterLogin: [\n ...incomingConfig.admin?.components?.afterLogin ?? [],\n {\n ...LoginButtonComponent,\n serverProps: {\n label: components?.loginButton?.label ?? DEFAULT_CONFIG.label\n }\n }\n ]\n }\n }\n },\n collections: (incomingConfig.collections || []).map((collection) => {\n\n const authConfig = typeof collection.auth == 'boolean' ? {} : collection.auth\n\n return {\n ...collection,\n ...collection.slug == getAuthSlug(incomingConfig) ? {\n auth: {\n ...authConfig,\n disableLocalStrategy: true,\n strategies: [\n ...authConfig?.strategies ?? [],\n zitadelStrategy({\n strategyName: strategyName,\n issuerURL,\n fields: fieldsConfig,\n api: api ?? false\n })\n ]\n },\n hooks: {\n afterLogout: [async () => (await cookies()).set(COOKIES.logout)]\n },\n endpoints: [\n {\n path: ROUTES.authorize,\n method: 'get',\n handler: authorize({\n issuerURL,\n clientId\n })\n },\n {\n path: ROUTES.callback,\n method: 'get',\n handler: callback({\n issuerURL,\n clientId,\n fields: fieldsConfig,\n afterLogin: callbacks?.afterLogin ?? defaultRedirect,\n afterLogout: callbacks?.afterLogout ?? defaultRedirect\n })\n },\n {\n path: ROUTES.end_session,\n method: 'get',\n handler: (req) => requestRedirect({req, issuerURL, clientId, invokedBy: 'end_session'})\n }\n ],\n fields: [\n ...collection.fields,\n {\n ...fieldsConfig.id,\n type: 'text',\n admin: {\n readOnly: true\n },\n index: true,\n unique: true,\n required: true\n },\n {\n ...fieldsConfig.name,\n type: 'text',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.email,\n type: 'email',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.image,\n type: 'text',\n admin: {\n readOnly: true\n }\n },\n {\n ...fieldsConfig.roles,\n type: 'array',\n admin: {\n readOnly: true\n },\n fields: [\n {\n ...fieldsConfig.roleFields.name,\n type: 'text'\n }\n ]\n }\n ]\n } : {}\n }\n }),\n i18n: {\n ...incomingConfig.i18n,\n translations: {\n ...incomingConfig.i18n?.translations,\n de: {\n ...incomingConfig.i18n?.translations?.de,\n ...translations.de\n },\n en: {\n ...incomingConfig.i18n?.translations?.en,\n ...translations.en\n }\n }\n }\n })\n\n}"],"names":["cookies","AvatarComponent","LoginButtonComponent","COOKIES","DEFAULT_CONFIG","ROUTES","authorize","callback","zitadelStrategy","translations","defaultRedirect","getAuthSlug","requestRedirect","zitadelPlugin","issuerURL","clientId","fields","strategyName","api","callbacks","components","fieldsConfig","incomingConfig","admin","avatar","Component","clientProps","imageFieldName","image","name","loginButton","afterLogin","serverProps","label","collections","map","collection","authConfig","auth","slug","disableLocalStrategy","strategies","hooks","afterLogout","set","logout","endpoints","path","method","handler","end_session","req","invokedBy","id","type","readOnly","index","unique","required","email","roles","roleFields","i18n","de","en"],"mappings":"AAAA,SAAQA,OAAO,QAAO,kBAAiB;AACvC,SAAQC,eAAe,EAAEC,oBAAoB,QAAO,wBAAuB;AAC3E,SAAQC,OAAO,EAAEC,cAAc,EAAEC,MAAM,QAAO,iBAAgB;AAC9D,SAAQC,SAAS,EAAEC,QAAQ,QAAO,sBAAqB;AACvD,SAAQC,eAAe,QAAO,gBAAe;AAC7C,SAAQC,YAAY,QAAO,oBAAmB;AAE9C,SAAQC,eAAe,EAAEC,WAAW,EAAEC,eAAe,QAAO,mBAAkB;AAE9E,OAAO,MAAMC,gBAA+B,CAAC,EACIC,SAAS,EACTC,QAAQ,EACRC,MAAM,EACNC,eAAeb,eAAea,YAAY,EAC1CC,GAAG,EACHC,SAAS,EACTC,UAAU,EACb;IAE1C,MAAMC,eAAe;QAAC,GAAGjB,eAAeY,MAAM;QAAE,GAAGA,MAAM;IAAA;IAEzD,OAAO,CAACM,iBAAoB,CAAA;YACxB,GAAGA,cAAc;YACjBC,OAAO;gBACH,GAAGD,eAAeC,KAAK;gBACvB,GAAGH,YAAYI,SAAS,CAAC,IAAI;oBACzBA,QAAQ;wBACJC,WAAW;4BACP,GAAGxB,eAAe;4BAClByB,aAAa;gCACTC,gBAAgBN,aAAaO,KAAK,CAACC,IAAI;4BAC3C;wBACJ;oBACJ;gBACJ,CAAC;gBACD,GAAGT,YAAYU,cAAc,CAAC,IAAI;oBAC9BV,YAAY;wBACR,GAAGE,eAAeC,KAAK,EAAEH,UAAU;wBACnCW,YAAY;+BACLT,eAAeC,KAAK,EAAEH,YAAYW,cAAc,EAAE;4BACrD;gCACI,GAAG7B,oBAAoB;gCACvB8B,aAAa;oCACTC,OAAOb,YAAYU,aAAaG,SAAS7B,eAAe6B,KAAK;gCACjE;4BACJ;yBACH;oBACL;gBACJ,CAAC;YACL;YACAC,aAAa,AAACZ,CAAAA,eAAeY,WAAW,IAAI,EAAE,AAAD,EAAGC,GAAG,CAAC,CAACC;gBAEjD,MAAMC,aAAa,OAAOD,WAAWE,IAAI,IAAI,YAAY,CAAC,IAAIF,WAAWE,IAAI;gBAE7E,OAAO;oBACH,GAAGF,UAAU;oBACb,GAAGA,WAAWG,IAAI,IAAI5B,YAAYW,kBAAkB;wBAChDgB,MAAM;4BACF,GAAGD,UAAU;4BACbG,sBAAsB;4BACtBC,YAAY;mCACLJ,YAAYI,cAAc,EAAE;gCAC/BjC,gBAAgB;oCACZS,cAAcA;oCACdH;oCACAE,QAAQK;oCACRH,KAAKA,OAAO;gCAChB;6BACH;wBACL;wBACAwB,OAAO;4BACHC,aAAa;gCAAC,UAAY,AAAC,CAAA,MAAM3C,SAAQ,EAAG4C,GAAG,CAACzC,QAAQ0C,MAAM;6BAAE;wBACpE;wBACAC,WAAW;4BACP;gCACIC,MAAM1C,OAAOC,SAAS;gCACtB0C,QAAQ;gCACRC,SAAS3C,UAAU;oCACfQ;oCACAC;gCACJ;4BACJ;4BACA;gCACIgC,MAAM1C,OAAOE,QAAQ;gCACrByC,QAAQ;gCACRC,SAAS1C,SAAS;oCACdO;oCACAC;oCACAC,QAAQK;oCACRU,YAAYZ,WAAWY,cAAcrB;oCACrCiC,aAAaxB,WAAWwB,eAAejC;gCAC3C;4BACJ;4BACA;gCACIqC,MAAM1C,OAAO6C,WAAW;gCACxBF,QAAQ;gCACRC,SAAS,CAACE,MAAQvC,gBAAgB;wCAACuC;wCAAKrC;wCAAWC;wCAAUqC,WAAW;oCAAa;4BACzF;yBACH;wBACDpC,QAAQ;+BACDoB,WAAWpB,MAAM;4BACpB;gCACI,GAAGK,aAAagC,EAAE;gCAClBC,MAAM;gCACN/B,OAAO;oCACHgC,UAAU;gCACd;gCACAC,OAAO;gCACPC,QAAQ;gCACRC,UAAU;4BACd;4BACA;gCACI,GAAGrC,aAAaQ,IAAI;gCACpByB,MAAM;gCACN/B,OAAO;oCACHgC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGlC,aAAasC,KAAK;gCACrBL,MAAM;gCACN/B,OAAO;oCACHgC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGlC,aAAaO,KAAK;gCACrB0B,MAAM;gCACN/B,OAAO;oCACHgC,UAAU;gCACd;4BACJ;4BACA;gCACI,GAAGlC,aAAauC,KAAK;gCACrBN,MAAM;gCACN/B,OAAO;oCACHgC,UAAU;gCACd;gCACAvC,QAAQ;oCACJ;wCACI,GAAGK,aAAawC,UAAU,CAAChC,IAAI;wCAC/ByB,MAAM;oCACV;iCACH;4BACL;yBACH;oBACL,IAAI,CAAC,CAAC;gBACV;YACJ;YACAQ,MAAM;gBACF,GAAGxC,eAAewC,IAAI;gBACtBrD,cAAc;oBACV,GAAGa,eAAewC,IAAI,EAAErD,YAAY;oBACpCsD,IAAI;wBACA,GAAGzC,eAAewC,IAAI,EAAErD,cAAcsD,EAAE;wBACxC,GAAGtD,aAAasD,EAAE;oBACtB;oBACAC,IAAI;wBACA,GAAG1C,eAAewC,IAAI,EAAErD,cAAcuD,EAAE;wBACxC,GAAGvD,aAAauD,EAAE;oBACtB;gBACJ;YACJ;QACJ,CAAA;AAEJ,EAAC"}
|
package/dist/strategy.d.ts
CHANGED
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
import type {
|
|
2
|
-
export declare const zitadelStrategy:
|
|
1
|
+
import type { ZitadelStrategy } from './types.js';
|
|
2
|
+
export declare const zitadelStrategy: ZitadelStrategy;
|
|
3
3
|
//# sourceMappingURL=strategy.d.ts.map
|
package/dist/strategy.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"strategy.d.ts","sourceRoot":"","sources":["../src/strategy.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"strategy.d.ts","sourceRoot":"","sources":["../src/strategy.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAiB,eAAe,EAAC,MAAM,YAAY,CAAA;AAG/D,eAAO,MAAM,eAAe,EAAE,eA4E5B,CAAA"}
|
package/dist/strategy.js
CHANGED
|
@@ -1,16 +1,19 @@
|
|
|
1
1
|
import { jwtVerify, SignJWT } from 'jose';
|
|
2
2
|
import { cookies } from 'next/headers.js';
|
|
3
|
-
import { COOKIES } from './constants.js';
|
|
4
|
-
|
|
3
|
+
import { COOKIES, ENDPOINT_PATHS } from './constants.js';
|
|
4
|
+
import { getAuthSlug } from './utils/index.js';
|
|
5
|
+
export const zitadelStrategy = ({ strategyName, issuerURL, fields, api })=>({
|
|
5
6
|
name: strategyName,
|
|
6
7
|
authenticate: async ({ headers, payload })=>{
|
|
7
|
-
|
|
8
|
+
const authSlug = getAuthSlug(payload.config);
|
|
9
|
+
let idp_id;
|
|
10
|
+
let user = null;
|
|
8
11
|
const cookieStore = await cookies();
|
|
9
|
-
if (
|
|
10
|
-
// in case of
|
|
12
|
+
if (api) {
|
|
13
|
+
// in case of API call
|
|
11
14
|
const authHeader = headers.get('Authorization');
|
|
12
15
|
if (authHeader?.includes('Bearer')) {
|
|
13
|
-
const introspect = await fetch(
|
|
16
|
+
const introspect = await fetch(issuerURL + ENDPOINT_PATHS.introspect, {
|
|
14
17
|
method: 'post',
|
|
15
18
|
headers: {
|
|
16
19
|
'Content-Type': 'application/x-www-form-urlencoded'
|
|
@@ -19,8 +22,8 @@ export const zitadelStrategy = ({ authSlug, fieldsConfig, strategyName, issuerUR
|
|
|
19
22
|
'client_assertion_type': 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
|
|
20
23
|
'client_assertion': await new SignJWT().setProtectedHeader({
|
|
21
24
|
alg: 'RS256',
|
|
22
|
-
kid:
|
|
23
|
-
}).setIssuer(
|
|
25
|
+
kid: api.keyId
|
|
26
|
+
}).setIssuer(api.clientId).setAudience(issuerURL).setSubject(api.clientId).setIssuedAt().setExpirationTime('1h').sign(new TextEncoder().encode(api.key)),
|
|
24
27
|
'token': authHeader.split(' ')[1]
|
|
25
28
|
})
|
|
26
29
|
});
|
|
@@ -33,53 +36,28 @@ export const zitadelStrategy = ({ authSlug, fieldsConfig, strategyName, issuerUR
|
|
|
33
36
|
}
|
|
34
37
|
}
|
|
35
38
|
// in case of normal browsing
|
|
36
|
-
if (!idp_id && cookieStore.has(COOKIES.idToken)) {
|
|
37
|
-
const { payload: jwtPayload } = await jwtVerify(cookieStore.get(COOKIES.idToken)?.value ?? '', new TextEncoder().encode(payload.secret));
|
|
38
|
-
|
|
39
|
-
id_token = jwtPayload;
|
|
40
|
-
idp_id = jwtPayload.sub;
|
|
41
|
-
}
|
|
39
|
+
if (!idp_id && cookieStore.has(COOKIES.idToken.name)) {
|
|
40
|
+
const { payload: jwtPayload } = await jwtVerify(cookieStore.get(COOKIES.idToken.name)?.value ?? '', new TextEncoder().encode(payload.secret));
|
|
41
|
+
idp_id = jwtPayload.sub;
|
|
42
42
|
}
|
|
43
|
-
// search for associated user
|
|
43
|
+
// search for associated user
|
|
44
44
|
if (idp_id) {
|
|
45
45
|
const { docs, totalDocs } = await payload.find({
|
|
46
46
|
collection: authSlug,
|
|
47
47
|
where: {
|
|
48
|
-
[
|
|
48
|
+
[fields.id.name]: {
|
|
49
49
|
equals: idp_id
|
|
50
50
|
}
|
|
51
51
|
}
|
|
52
52
|
});
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
collection: authSlug,
|
|
56
|
-
data: {
|
|
57
|
-
[fieldsConfig.id.name]: idp_id
|
|
58
|
-
}
|
|
59
|
-
})).id;
|
|
60
|
-
} catch (e) {
|
|
61
|
-
console.error(e);
|
|
53
|
+
if (totalDocs) {
|
|
54
|
+
user = docs[0];
|
|
62
55
|
}
|
|
63
56
|
}
|
|
64
|
-
// update user information if possible
|
|
65
|
-
if (id && id_token) {
|
|
66
|
-
await payload.update({
|
|
67
|
-
collection: authSlug,
|
|
68
|
-
id,
|
|
69
|
-
data: {
|
|
70
|
-
[fieldsConfig.name.name]: id_token.name,
|
|
71
|
-
[fieldsConfig.email.name]: id_token.email,
|
|
72
|
-
[fieldsConfig.image.name]: id_token.picture,
|
|
73
|
-
[fieldsConfig.roles.name]: Object.keys(id_token['urn:zitadel:iam:org:project:roles'] ?? {}).map((key)=>({
|
|
74
|
-
[fieldsConfig.roleFields.name.name]: key
|
|
75
|
-
}))
|
|
76
|
-
}
|
|
77
|
-
});
|
|
78
|
-
}
|
|
79
57
|
return {
|
|
80
|
-
user:
|
|
58
|
+
user: user ? {
|
|
81
59
|
collection: authSlug,
|
|
82
|
-
|
|
60
|
+
...user
|
|
83
61
|
} : null
|
|
84
62
|
};
|
|
85
63
|
}
|
package/dist/strategy.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/strategy.ts"],"sourcesContent":["import {jwtVerify, SignJWT} from 'jose'\nimport {cookies} from 'next/headers.js'\nimport {COOKIES} from './constants.js'\nimport type {ZitadelIdToken,
|
|
1
|
+
{"version":3,"sources":["../src/strategy.ts"],"sourcesContent":["import {jwtVerify, SignJWT} from 'jose'\nimport {cookies} from 'next/headers.js'\nimport {TypeWithID} from 'payload'\nimport {COOKIES, ENDPOINT_PATHS} from './constants.js'\nimport type {ZitadelIdToken, ZitadelStrategy} from './types.js'\nimport {getAuthSlug} from './utils/index.js'\n\nexport const zitadelStrategy: ZitadelStrategy = ({\n strategyName,\n issuerURL,\n fields,\n api\n }) => ({\n name: strategyName,\n authenticate: async ({headers, payload}) => {\n\n const authSlug = getAuthSlug(payload.config)\n\n let idp_id\n let user: TypeWithID | null = null\n\n const cookieStore = await cookies()\n\n if (api) {\n // in case of API call\n const authHeader = headers.get('Authorization')\n if (authHeader?.includes('Bearer')) {\n const introspect = await fetch(issuerURL + ENDPOINT_PATHS.introspect, {\n method: 'post',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded'\n },\n body: new URLSearchParams({\n 'client_assertion_type': 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',\n 'client_assertion': await new SignJWT()\n .setProtectedHeader({alg: 'RS256', kid: api.keyId})\n .setIssuer(api.clientId)\n .setAudience(issuerURL)\n .setSubject(api.clientId)\n .setIssuedAt()\n .setExpirationTime('1h')\n .sign(new TextEncoder().encode(api.key)),\n 'token': authHeader.split(' ')[1]\n })\n })\n if (introspect.ok) {\n const data = await introspect.json()\n if (data?.active) {\n idp_id = data.sub\n }\n }\n }\n }\n\n // in case of normal browsing\n if (!idp_id && cookieStore.has(COOKIES.idToken.name)) {\n const {payload: jwtPayload} = await jwtVerify<ZitadelIdToken>(cookieStore.get(COOKIES.idToken.name)?.value ?? '', new TextEncoder().encode(payload.secret))\n idp_id = jwtPayload.sub\n }\n\n // search for associated user\n if (idp_id) {\n const {docs, totalDocs} = await payload.find({\n collection: authSlug,\n where: {\n [fields.id.name]: {\n equals: idp_id\n }\n }\n })\n if (totalDocs) {\n user = docs[0]\n }\n }\n\n return {\n user: user ? {\n collection: authSlug,\n ...user\n } : null\n }\n\n }\n})"],"names":["jwtVerify","SignJWT","cookies","COOKIES","ENDPOINT_PATHS","getAuthSlug","zitadelStrategy","strategyName","issuerURL","fields","api","name","authenticate","headers","payload","authSlug","config","idp_id","user","cookieStore","authHeader","get","includes","introspect","fetch","method","body","URLSearchParams","setProtectedHeader","alg","kid","keyId","setIssuer","clientId","setAudience","setSubject","setIssuedAt","setExpirationTime","sign","TextEncoder","encode","key","split","ok","data","json","active","sub","has","idToken","jwtPayload","value","secret","docs","totalDocs","find","collection","where","id","equals"],"mappings":"AAAA,SAAQA,SAAS,EAAEC,OAAO,QAAO,OAAM;AACvC,SAAQC,OAAO,QAAO,kBAAiB;AAEvC,SAAQC,OAAO,EAAEC,cAAc,QAAO,iBAAgB;AAEtD,SAAQC,WAAW,QAAO,mBAAkB;AAE5C,OAAO,MAAMC,kBAAmC,CAAC,EACIC,YAAY,EACZC,SAAS,EACTC,MAAM,EACNC,GAAG,EACN,GAAM,CAAA;QACpDC,MAAMJ;QACNK,cAAc,OAAO,EAACC,OAAO,EAAEC,OAAO,EAAC;YAEnC,MAAMC,WAAWV,YAAYS,QAAQE,MAAM;YAE3C,IAAIC;YACJ,IAAIC,OAA0B;YAE9B,MAAMC,cAAc,MAAMjB;YAE1B,IAAIQ,KAAK;gBACL,sBAAsB;gBACtB,MAAMU,aAAaP,QAAQQ,GAAG,CAAC;gBAC/B,IAAID,YAAYE,SAAS,WAAW;oBAChC,MAAMC,aAAa,MAAMC,MAAMhB,YAAYJ,eAAemB,UAAU,EAAE;wBAClEE,QAAQ;wBACRZ,SAAS;4BACL,gBAAgB;wBACpB;wBACAa,MAAM,IAAIC,gBAAgB;4BACtB,yBAAyB;4BACzB,oBAAoB,MAAM,IAAI1B,UACzB2B,kBAAkB,CAAC;gCAACC,KAAK;gCAASC,KAAKpB,IAAIqB,KAAK;4BAAA,GAChDC,SAAS,CAACtB,IAAIuB,QAAQ,EACtBC,WAAW,CAAC1B,WACZ2B,UAAU,CAACzB,IAAIuB,QAAQ,EACvBG,WAAW,GACXC,iBAAiB,CAAC,MAClBC,IAAI,CAAC,IAAIC,cAAcC,MAAM,CAAC9B,IAAI+B,GAAG;4BAC1C,SAASrB,WAAWsB,KAAK,CAAC,IAAI,CAAC,EAAE;wBACrC;oBACJ;oBACA,IAAInB,WAAWoB,EAAE,EAAE;wBACf,MAAMC,OAAO,MAAMrB,WAAWsB,IAAI;wBAClC,IAAID,MAAME,QAAQ;4BACd7B,SAAS2B,KAAKG,GAAG;wBACrB;oBACJ;gBACJ;YACJ;YAEA,6BAA6B;YAC7B,IAAI,CAAC9B,UAAUE,YAAY6B,GAAG,CAAC7C,QAAQ8C,OAAO,CAACtC,IAAI,GAAG;gBAClD,MAAM,EAACG,SAASoC,UAAU,EAAC,GAAG,MAAMlD,UAA0BmB,YAAYE,GAAG,CAAClB,QAAQ8C,OAAO,CAACtC,IAAI,GAAGwC,SAAS,IAAI,IAAIZ,cAAcC,MAAM,CAAC1B,QAAQsC,MAAM;gBACzJnC,SAASiC,WAAWH,GAAG;YAC3B;YAEA,6BAA6B;YAC7B,IAAI9B,QAAQ;gBACR,MAAM,EAACoC,IAAI,EAAEC,SAAS,EAAC,GAAG,MAAMxC,QAAQyC,IAAI,CAAC;oBACzCC,YAAYzC;oBACZ0C,OAAO;wBACH,CAAChD,OAAOiD,EAAE,CAAC/C,IAAI,CAAC,EAAE;4BACdgD,QAAQ1C;wBACZ;oBACJ;gBACJ;gBACA,IAAIqC,WAAW;oBACXpC,OAAOmC,IAAI,CAAC,EAAE;gBAClB;YACJ;YAEA,OAAO;gBACHnC,MAAMA,OAAO;oBACTsC,YAAYzC;oBACZ,GAAGG,IAAI;gBACX,IAAI;YACR;QAEJ;IACJ,CAAA,EAAE"}
|
package/dist/types.d.ts
CHANGED
|
@@ -1,8 +1,14 @@
|
|
|
1
|
-
import type {
|
|
2
|
-
import type { AuthStrategy, Config, SanitizedConfig, ServerProps } from 'payload';
|
|
1
|
+
import type { AuthStrategy, Config, PayloadHandler, PayloadRequest, ServerProps } from 'payload';
|
|
3
2
|
import type { I18nClient, NestedKeysStripped } from '@payloadcms/translations';
|
|
4
3
|
import { translations } from './translations.js';
|
|
5
|
-
export type
|
|
4
|
+
export type ZitadelIdToken = Partial<{
|
|
5
|
+
sub: string;
|
|
6
|
+
name: string;
|
|
7
|
+
email: string;
|
|
8
|
+
picture: string;
|
|
9
|
+
'urn:zitadel:iam:org:project:roles'?: Record<string, Record<string, string>>;
|
|
10
|
+
}>;
|
|
11
|
+
type ZitadelFieldConfig = {
|
|
6
12
|
hidden?: boolean;
|
|
7
13
|
name: string;
|
|
8
14
|
label: string | Record<string, string>;
|
|
@@ -22,59 +28,67 @@ export type ZitadelFieldsConfig = {
|
|
|
22
28
|
name: ZitadelFieldConfig;
|
|
23
29
|
};
|
|
24
30
|
};
|
|
25
|
-
|
|
26
|
-
fieldsConfig: Partial<ZitadelFieldsConfig>;
|
|
27
|
-
disableAvatar: true;
|
|
28
|
-
disableDefaultLoginButton: true;
|
|
29
|
-
defaultLoginButtonTitle: string;
|
|
30
|
-
label: string;
|
|
31
|
-
onSuccess: ZitadelOnSuccess;
|
|
32
|
-
}> & Partial<ZitadelStrategyProps>;
|
|
33
|
-
export type ZitadelPluginType = (props: ZitadelPluginProps) => (config: Config) => Config;
|
|
34
|
-
export type ZitadelAPIProps = {
|
|
35
|
-
enableAPI: true;
|
|
36
|
-
apiClientId: string;
|
|
37
|
-
apiKeyId: string;
|
|
38
|
-
apiKey: string;
|
|
39
|
-
};
|
|
40
|
-
export type ZitadelStrategyProps = {
|
|
41
|
-
strategyName: string;
|
|
31
|
+
type ZitadelBaseConfig = {
|
|
42
32
|
issuerURL: string;
|
|
43
33
|
clientId: string;
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
}
|
|
48
|
-
export type
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
export type ZitadelIdToken = Partial<{
|
|
52
|
-
sub: string;
|
|
53
|
-
name: string;
|
|
54
|
-
email: string;
|
|
55
|
-
picture: string;
|
|
56
|
-
'urn:zitadel:iam:org:project:roles'?: Record<string, Record<string, string>>;
|
|
34
|
+
};
|
|
35
|
+
type ZitadelUserConfig = {
|
|
36
|
+
fields: ZitadelFieldsConfig;
|
|
37
|
+
};
|
|
38
|
+
export type ZitadelCallbackQuery = Partial<{
|
|
39
|
+
code: string | null;
|
|
40
|
+
state: string | null;
|
|
57
41
|
}>;
|
|
42
|
+
type ZitadelInvoker = 'authorize' | 'end_session';
|
|
43
|
+
type ZitadelInvokedBy<InvokedBy extends ZitadelInvoker = ZitadelInvoker> = {
|
|
44
|
+
invokedBy: InvokedBy;
|
|
45
|
+
};
|
|
46
|
+
export type ZitadelCallbackState = Record<any, any> & ZitadelInvokedBy;
|
|
47
|
+
export type ZitadelCallbackConfig = {
|
|
48
|
+
afterLogin: PayloadHandler;
|
|
49
|
+
afterLogout: PayloadHandler;
|
|
50
|
+
};
|
|
51
|
+
export type ZitadelBaseHandler<ConfigExtension = {}> = (config: ZitadelBaseConfig & ConfigExtension) => PayloadHandler;
|
|
52
|
+
export type ZitadelCallbackHandler = ZitadelBaseHandler<ZitadelUserConfig & ZitadelCallbackConfig>;
|
|
53
|
+
type ZitadelAPIConfig = {
|
|
54
|
+
clientId: string;
|
|
55
|
+
key: string;
|
|
56
|
+
keyId: string;
|
|
57
|
+
};
|
|
58
|
+
type ZitadelStrategyConfig = {
|
|
59
|
+
strategyName: string;
|
|
60
|
+
api: ZitadelAPIConfig | false;
|
|
61
|
+
};
|
|
62
|
+
export type ZitadelStrategy = (config: Omit<ZitadelBaseConfig, 'clientId'> & ZitadelUserConfig & ZitadelStrategyConfig) => AuthStrategy;
|
|
63
|
+
type ZitadelAvatarConfig = {
|
|
64
|
+
disable: true;
|
|
65
|
+
};
|
|
58
66
|
export type ZitadelAvatarProps = {
|
|
59
67
|
imageFieldName: string;
|
|
60
68
|
};
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
authorizeURL: string;
|
|
69
|
+
type ZitadelLoginButtonConfig = {
|
|
70
|
+
disable: true;
|
|
64
71
|
label: string;
|
|
65
72
|
};
|
|
66
|
-
export type
|
|
67
|
-
|
|
68
|
-
zitadel: {
|
|
69
|
-
issuerURL: string;
|
|
70
|
-
clientId: string;
|
|
71
|
-
callbackURL: string;
|
|
72
|
-
imageFieldName: string;
|
|
73
|
-
};
|
|
73
|
+
export type ZitadelLoginButtonProps = ServerProps & Omit<ZitadelLoginButtonConfig, 'disable'> & {
|
|
74
|
+
i18n: I18nClient<typeof translations.en, NestedKeysStripped<typeof translations.en>>;
|
|
74
75
|
};
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
76
|
+
type ZitadelComponentsConfig = {
|
|
77
|
+
avatar: ZitadelAvatarConfig;
|
|
78
|
+
loginButton: ZitadelLoginButtonConfig;
|
|
79
|
+
};
|
|
80
|
+
type ZitadelPluginConfig = ZitadelBaseConfig & Partial<ZitadelUserConfig> & Partial<ZitadelStrategyConfig> & Partial<{
|
|
81
|
+
callbacks: Partial<ZitadelCallbackConfig>;
|
|
82
|
+
components: Partial<ZitadelComponentsConfig>;
|
|
83
|
+
}>;
|
|
84
|
+
export type ZitadelPlugin = (config: ZitadelPluginConfig) => (config: Config) => Config;
|
|
85
|
+
type ZitadelAuthorizeRequestConfig = {
|
|
86
|
+
codeChallenge: string;
|
|
79
87
|
};
|
|
88
|
+
type ZitadelRequestState = (ZitadelInvokedBy<'authorize'> & ZitadelAuthorizeRequestConfig) | (ZitadelInvokedBy<'end_session'> & Partial<ZitadelAuthorizeRequestConfig>);
|
|
89
|
+
type ZitadelRequestConfig = {
|
|
90
|
+
req: PayloadRequest;
|
|
91
|
+
} & ZitadelBaseConfig & ZitadelRequestState;
|
|
92
|
+
export type ZitadelRequestHandler = (config: ZitadelRequestConfig) => Response;
|
|
93
|
+
export {};
|
|
80
94
|
//# sourceMappingURL=types.d.ts.map
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAC,YAAY,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAC,YAAY,EAAE,MAAM,EAAE,cAAc,EAAE,cAAc,EAAE,WAAW,EAAC,MAAM,SAAS,CAAA;AAC9F,OAAO,KAAK,EAAC,UAAU,EAAE,kBAAkB,EAAC,MAAM,0BAA0B,CAAA;AAC5E,OAAO,EAAC,YAAY,EAAC,MAAM,mBAAmB,CAAA;AAE9C,MAAM,MAAM,cAAc,GAAG,OAAO,CAAC;IACjC,GAAG,EAAE,MAAM,CAAA;IACX,IAAI,EAAE,MAAM,CAAA;IACZ,KAAK,EAAE,MAAM,CAAA;IACb,OAAO,EAAE,MAAM,CAAA;IACf,mCAAmC,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAA;CAC/E,CAAC,CAAA;AAEF,KAAK,kBAAkB,GAAG;IACtB,MAAM,CAAC,EAAE,OAAO,CAAA;IAChB,IAAI,EAAE,MAAM,CAAA;IACZ,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CACzC,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAC9B,EAAE,EAAE,kBAAkB,CAAA;IACtB,IAAI,EAAE,kBAAkB,CAAA;IACxB,KAAK,EAAE,kBAAkB,CAAA;IACzB,KAAK,EAAE,kBAAkB,CAAA;IACzB,KAAK,EAAE,kBAAkB,GAAG;QACxB,MAAM,EAAE;YACJ,QAAQ,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;YACzC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;SAC1C,CAAA;KACJ,CAAA;IACD,UAAU,EAAE;QACR,IAAI,EAAE,kBAAkB,CAAA;KAC3B,CAAA;CACJ,CAAA;AAED,KAAK,iBAAiB,GAAG;IACrB,SAAS,EAAE,MAAM,CAAA;IACjB,QAAQ,EAAE,MAAM,CAAA;CACnB,CAAA;AAED,KAAK,iBAAiB,GAAG;IACrB,MAAM,EAAE,mBAAmB,CAAA;CAC9B,CAAA;AAED,MAAM,MAAM,oBAAoB,GAAG,OAAO,CAAC;IACvC,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACxB,CAAC,CAAA;AAEF,KAAK,cAAc,GAAG,WAAW,GAAG,aAAa,CAAA;AAEjD,KAAK,gBAAgB,CAAC,SAAS,SAAS,cAAc,GAAG,cAAc,IAAI;IACvE,SAAS,EAAE,SAAS,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,oBAAoB,GAAG,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,gBAAgB,CAAA;AAEtE,MAAM,MAAM,qBAAqB,GAAG;IAChC,UAAU,EAAE,cAAc,CAAA;IAC1B,WAAW,EAAE,cAAc,CAAA;CAC9B,CAAA;AAED,MAAM,MAAM,kBAAkB,CAAC,eAAe,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE,iBAAiB,GAAG,eAAe,KAAK,cAAc,CAAA;AAEtH,MAAM,MAAM,sBAAsB,GAAG,kBAAkB,CAAC,iBAAiB,GAAG,qBAAqB,CAAC,CAAA;AAElG,KAAK,gBAAgB,GAAG;IACpB,QAAQ,EAAE,MAAM,CAAA;IAChB,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,KAAK,qBAAqB,GAAG;IACzB,YAAY,EAAE,MAAM,CAAA;IACpB,GAAG,EAAE,gBAAgB,GAAG,KAAK,CAAA;CAChC,CAAA;AAED,MAAM,MAAM,eAAe,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,iBAAiB,EAAE,UAAU,CAAC,GAAG,iBAAiB,GAAG,qBAAqB,KAAK,YAAY,CAAA;AAEvI,KAAK,mBAAmB,GAAG;IACvB,OAAO,EAAE,IAAI,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC7B,cAAc,EAAE,MAAM,CAAA;CACzB,CAAA;AAED,KAAK,wBAAwB,GAAG;IAC5B,OAAO,EAAE,IAAI,CAAA;IACb,KAAK,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,uBAAuB,GAAG,WAAW,GAAG,IAAI,CAAC,wBAAwB,EAAE,SAAS,CAAC,GAAG;IAC5F,IAAI,EAAE,UAAU,CAAC,OAAO,YAAY,CAAC,EAAE,EAAE,kBAAkB,CAAC,OAAO,YAAY,CAAC,EAAE,CAAC,CAAC,CAAA;CACvF,CAAA;AAED,KAAK,uBAAuB,GAAG;IAC3B,MAAM,EAAE,mBAAmB,CAAA;IAC3B,WAAW,EAAE,wBAAwB,CAAA;CACxC,CAAA;AAED,KAAK,mBAAmB,GACpB,iBAAiB,GACf,OAAO,CAAC,iBAAiB,CAAC,GAC1B,OAAO,CAAC,qBAAqB,CAAC,GAC9B,OAAO,CAAC;IACV,SAAS,EAAE,OAAO,CAAC,qBAAqB,CAAC,CAAA;IACzC,UAAU,EAAE,OAAO,CAAC,uBAAuB,CAAC,CAAA;CAC/C,CAAC,CAAA;AAEF,MAAM,MAAM,aAAa,GAAG,CAAC,MAAM,EAAE,mBAAmB,KAAK,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,CAAA;AAEvF,KAAK,6BAA6B,GAAG;IACjC,aAAa,EAAE,MAAM,CAAA;CACxB,CAAA;AAGD,KAAK,mBAAmB,GACpB,CAAC,gBAAgB,CAAC,WAAW,CAAC,GAAG,6BAA6B,CAAC,GAC7D,CAAC,gBAAgB,CAAC,aAAa,CAAC,GAAG,OAAO,CAAC,6BAA6B,CAAC,CAAC,CAAA;AAEhF,KAAK,oBAAoB,GAAG;IACxB,GAAG,EAAE,cAAc,CAAA;CACtB,GAAG,iBAAiB,GAAG,mBAAmB,CAAA;AAE3C,MAAM,MAAM,qBAAqB,GAAG,CAAC,MAAM,EAAE,oBAAoB,KAAK,QAAQ,CAAA"}
|
package/dist/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/types.ts"],"sourcesContent":["import type {
|
|
1
|
+
{"version":3,"sources":["../src/types.ts"],"sourcesContent":["import type {AuthStrategy, Config, PayloadHandler, PayloadRequest, ServerProps} from 'payload'\nimport type {I18nClient, NestedKeysStripped} from '@payloadcms/translations'\nimport {translations} from './translations.js'\n\nexport type ZitadelIdToken = Partial<{\n sub: string\n name: string\n email: string\n picture: string\n 'urn:zitadel:iam:org:project:roles'?: Record<string, Record<string, string>>\n}>\n\ntype ZitadelFieldConfig = {\n hidden?: boolean\n name: string\n label: string | Record<string, string>\n}\n\nexport type ZitadelFieldsConfig = {\n id: ZitadelFieldConfig\n name: ZitadelFieldConfig\n email: ZitadelFieldConfig\n image: ZitadelFieldConfig\n roles: ZitadelFieldConfig & {\n labels: {\n singular: string | Record<string, string>\n plural: string | Record<string, string>\n }\n }\n roleFields: {\n name: ZitadelFieldConfig\n }\n}\n\ntype ZitadelBaseConfig = {\n issuerURL: string\n clientId: string\n}\n\ntype ZitadelUserConfig = {\n fields: ZitadelFieldsConfig\n}\n\nexport type ZitadelCallbackQuery = Partial<{\n code: string | null,\n state: string | null,\n}>\n\ntype ZitadelInvoker = 'authorize' | 'end_session'\n\ntype ZitadelInvokedBy<InvokedBy extends ZitadelInvoker = ZitadelInvoker> = {\n invokedBy: InvokedBy\n}\n\nexport type ZitadelCallbackState = Record<any, any> & ZitadelInvokedBy\n\nexport type ZitadelCallbackConfig = {\n afterLogin: PayloadHandler\n afterLogout: PayloadHandler\n}\n\nexport type ZitadelBaseHandler<ConfigExtension = {}> = (config: ZitadelBaseConfig & ConfigExtension) => PayloadHandler\n\nexport type ZitadelCallbackHandler = ZitadelBaseHandler<ZitadelUserConfig & ZitadelCallbackConfig>\n\ntype ZitadelAPIConfig = {\n clientId: string\n key: string\n keyId: string\n}\n\ntype ZitadelStrategyConfig = {\n strategyName: string\n api: ZitadelAPIConfig | false\n}\n\nexport type ZitadelStrategy = (config: Omit<ZitadelBaseConfig, 'clientId'> & ZitadelUserConfig & ZitadelStrategyConfig) => AuthStrategy\n\ntype ZitadelAvatarConfig = {\n disable: true\n}\n\nexport type ZitadelAvatarProps = {\n imageFieldName: string\n}\n\ntype ZitadelLoginButtonConfig = {\n disable: true\n label: string\n}\n\nexport type ZitadelLoginButtonProps = ServerProps & Omit<ZitadelLoginButtonConfig, 'disable'> & {\n i18n: I18nClient<typeof translations.en, NestedKeysStripped<typeof translations.en>>\n}\n\ntype ZitadelComponentsConfig = {\n avatar: ZitadelAvatarConfig\n loginButton: ZitadelLoginButtonConfig\n}\n\ntype ZitadelPluginConfig =\n ZitadelBaseConfig\n & Partial<ZitadelUserConfig>\n & Partial<ZitadelStrategyConfig>\n & Partial<{\n callbacks: Partial<ZitadelCallbackConfig>\n components: Partial<ZitadelComponentsConfig>\n}>\n\nexport type ZitadelPlugin = (config: ZitadelPluginConfig) => (config: Config) => Config\n\ntype ZitadelAuthorizeRequestConfig = {\n codeChallenge: string\n}\n\n\ntype ZitadelRequestState =\n (ZitadelInvokedBy<'authorize'> & ZitadelAuthorizeRequestConfig)\n | (ZitadelInvokedBy<'end_session'> & Partial<ZitadelAuthorizeRequestConfig>)\n\ntype ZitadelRequestConfig = {\n req: PayloadRequest\n} & ZitadelBaseConfig & ZitadelRequestState\n\nexport type ZitadelRequestHandler = (config: ZitadelRequestConfig) => Response\n\n\n"],"names":[],"mappings":"AA4HA,WAA8E"}
|