sanity-plugin-iframe-pane 2.5.3 → 2.5.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/_chunks/{is-valid-secret-ffcae61b.cjs → is-valid-secret-6020b622.cjs} +20 -5
- package/lib/_chunks/is-valid-secret-6020b622.cjs.map +1 -0
- package/lib/_chunks/{is-valid-secret-d0fb874f.js → is-valid-secret-be2288e3.js} +20 -5
- package/lib/_chunks/is-valid-secret-be2288e3.js.map +1 -0
- package/lib/_chunks/{utils-0d463b2b.cjs → utils-4805e537.cjs} +2 -2
- package/lib/_chunks/{utils-0d463b2b.cjs.map → utils-4805e537.cjs.map} +1 -1
- package/lib/_chunks/{utils-7d21c3cd.js → utils-95f4ad1b.js} +2 -2
- package/lib/_chunks/{utils-7d21c3cd.js.map → utils-95f4ad1b.js.map} +1 -1
- package/lib/index.cjs +2 -2
- package/lib/index.js +3 -3
- package/lib/is-valid-secret.cjs +1 -1
- package/lib/is-valid-secret.js +1 -1
- package/lib/preview-url.cjs +2 -2
- package/lib/preview-url.js +2 -2
- package/package.json +5 -8
- package/src/isValidSecret.tsx +18 -5
- package/lib/_chunks/is-valid-secret-d0fb874f.js.map +0 -1
- package/lib/_chunks/is-valid-secret-ffcae61b.cjs.map +0 -1
- package/lib/is-valid-secret.cjs.js +0 -4
|
@@ -6,6 +6,7 @@ const fetchSecretQuery = /* groq */
|
|
|
6
6
|
"*[_id == $id && dateTime(_updatedAt) > dateTime(now()) - ".concat(SECRET_TTL, "][0]{secret, _updatedAt}");
|
|
7
7
|
const tag = name;
|
|
8
8
|
const apiVersion = "2023-08-08";
|
|
9
|
+
const isDev = process.env.NODE_ENV === "development";
|
|
9
10
|
async function isValidSecret(client, urlSecretId, urlSecret) {
|
|
10
11
|
if (!urlSecret) {
|
|
11
12
|
throw new TypeError("`urlSecret` is required");
|
|
@@ -29,17 +30,31 @@ async function isValidSecret(client, urlSecretId, urlSecret) {
|
|
|
29
30
|
});
|
|
30
31
|
const data = await customClient.fetch(fetchSecretQuery, {
|
|
31
32
|
id: urlSecretId
|
|
32
|
-
},
|
|
33
|
+
},
|
|
34
|
+
// @ts-expect-error -- the `cache` option is valid, but not in the types when NextJS typings aren't installed
|
|
35
|
+
{
|
|
36
|
+
cache: "no-store",
|
|
33
37
|
tag
|
|
34
38
|
});
|
|
35
|
-
if (!(data == null ? void 0 : data.secret)) {
|
|
36
|
-
|
|
39
|
+
if (!(data == null ? void 0 : data.secret) && isDev) {
|
|
40
|
+
const exists = await client.fetch( /* groq */
|
|
41
|
+
"*[_id == $id][0]", {
|
|
42
|
+
id: urlSecretId
|
|
43
|
+
},
|
|
44
|
+
// @ts-expect-error -- the `cache` option is valid, but not in the types when NextJS typings aren't installed
|
|
45
|
+
{
|
|
46
|
+
cache: "no-store",
|
|
47
|
+
tag
|
|
48
|
+
});
|
|
49
|
+
if (!exists) {
|
|
50
|
+
throw new TypeError("Unable to find a secret in the dataset, with the id `".concat(urlSecretId, "`. Have you set the `urlSecretId` option in your `Iframe` and `previewUrl` configurations?"));
|
|
51
|
+
}
|
|
37
52
|
}
|
|
38
|
-
return data.secret === urlSecret;
|
|
53
|
+
return (data == null ? void 0 : data.secret) === urlSecret;
|
|
39
54
|
}
|
|
40
55
|
exports.SECRET_TTL = SECRET_TTL;
|
|
41
56
|
exports.apiVersion = apiVersion;
|
|
42
57
|
exports.fetchSecretQuery = fetchSecretQuery;
|
|
43
58
|
exports.isValidSecret = isValidSecret;
|
|
44
59
|
exports.tag = tag;
|
|
45
|
-
//# sourceMappingURL=is-valid-secret-
|
|
60
|
+
//# sourceMappingURL=is-valid-secret-6020b622.cjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"is-valid-secret-6020b622.cjs","sources":["../../src/isValidSecret.tsx"],"sourcesContent":["import {name} from '../package.json'\n\nexport type UrlSecretId = `${string}.${string}`\n\n// updated within the hour, if it's older it'll create a new secret or return null\nexport const SECRET_TTL = 60 * 60\n\nexport const fetchSecretQuery = /* groq */ `*[_id == $id && dateTime(_updatedAt) > dateTime(now()) - ${SECRET_TTL}][0]{secret, _updatedAt}`\nexport type FetchSecretResponse = {\n secret: string | null\n _updatedAt: string | null\n} | null\n\nexport const tag = name\n\nexport const apiVersion = '2023-08-08'\n\nexport type SanityClientLike = {\n config(): {token?: string}\n withConfig(config: {apiVersion?: string; useCdn?: boolean; perspective: 'raw'}): SanityClientLike\n fetch<\n R,\n Q = {\n [key: string]: any\n },\n >(\n query: string,\n params: Q,\n options: {tag?: string},\n ): Promise<R>\n}\n\nconst isDev = process.env.NODE_ENV === 'development'\n\nexport async function isValidSecret(\n client: SanityClientLike,\n urlSecretId: UrlSecretId,\n urlSecret: string,\n): Promise<boolean> {\n if (!urlSecret) {\n throw new TypeError('`urlSecret` is required')\n }\n if (!urlSecretId) {\n throw new TypeError('`urlSecretId` is required')\n }\n if (!urlSecretId.includes('.')) {\n throw new TypeError(\n `\\`urlSecretId\\` must have a dot prefix, \\`${urlSecretId}\\` is not secure, add a prefix, for example \\`preview.${urlSecretId}\\` `,\n )\n }\n if (!client) {\n throw new TypeError('`client` is required')\n }\n if (!client.config().token) {\n throw new TypeError('`client` must have a `token` specified')\n }\n\n const customClient = client.withConfig({\n apiVersion,\n useCdn: false,\n perspective: 'raw',\n })\n const data = await customClient.fetch<FetchSecretResponse>(\n fetchSecretQuery,\n {id: urlSecretId},\n // @ts-expect-error -- the `cache` option is valid, but not in the types when NextJS typings aren't installed\n {cache: 'no-store', tag},\n )\n // eslint-disable-next-line no-process-env\n if (!data?.secret && isDev) {\n const exists = await client.fetch<null | Record<string, any>>(\n /* groq */ `*[_id == $id][0]`,\n {id: urlSecretId},\n // @ts-expect-error -- the `cache` option is valid, but not in the types when NextJS typings aren't installed\n {cache: 'no-store', tag},\n )\n if (!exists) {\n throw new TypeError(\n `Unable to find a secret in the dataset, with the id \\`${urlSecretId}\\`. Have you set the \\`urlSecretId\\` option in your \\`Iframe\\` and \\`previewUrl\\` configurations?`,\n )\n }\n }\n\n return data?.secret === urlSecret\n}\n"],"names":["SECRET_TTL","fetchSecretQuery","concat","tag","name","apiVersion","isDev","process","env","NODE_ENV","isValidSecret","client","urlSecretId","urlSecret","TypeError","includes","config","token","customClient","withConfig","useCdn","perspective","data","fetch","id","cache","secret","exists"],"mappings":";;;AAKO,MAAMA,aAAa,EAAK,GAAA,EAAA;AAElB,MAAAC,gBAAA,GAAA;AAA8B,4DAA4DC,MAAU,CAAAF,UAAA,EAAA,0BAAA,CAAA;AAM1G,MAAMG,GAAM,GAAAC,IAAA;AAEZ,MAAMC,UAAa,GAAA,YAAA;AAiB1B,MAAMC,KAAA,GAAQC,OAAQ,CAAAC,GAAA,CAAIC,QAAa,KAAA,aAAA;AAEjB,eAAAC,aAAAA,CACpBC,MACA,EAAAC,WAAA,EACAC,SACkB,EAAA;EAClB,IAAI,CAACA,SAAW,EAAA;IACR,MAAA,IAAIC,UAAU,yBAAyB,CAAA;EAC/C;EACA,IAAI,CAACF,WAAa,EAAA;IACV,MAAA,IAAIE,UAAU,2BAA2B,CAAA;EACjD;EACA,IAAI,CAACF,WAAA,CAAYG,QAAS,CAAA,GAAG,CAAG,EAAA;IAC9B,MAAM,IAAID,SAAA,CACR,yCAAA,CAA6CZ,MAAW,CAAAU,WAAA,EAAA,sDAAA,CAAA,CAAyDV,MAAW,CAAAU,WAAA,EAAA,IAAA,CAAA,CAC9H;EACF;EACA,IAAI,CAACD,MAAQ,EAAA;IACL,MAAA,IAAIG,UAAU,sBAAsB,CAAA;EAC5C;EACA,IAAI,CAACH,MAAA,CAAOK,MAAO,CAAA,CAAA,CAAEC,KAAO,EAAA;IACpB,MAAA,IAAIH,UAAU,wCAAwC,CAAA;EAC9D;EAEM,MAAAI,YAAA,GAAeP,OAAOQ,UAAW,CAAA;IACrCd,UAAA;IACAe,MAAQ,EAAA,KAAA;IACRC,WAAa,EAAA;EAAA,CACd,CAAA;EACK,MAAAC,IAAA,GAAO,MAAMJ,YAAa,CAAAK,KAAA,CAC9BtB,gBAAA,EACA;IAACuB,IAAIZ;EAAW,CAAA;EAAA;EAEhB;IAACa,KAAO,EAAA,UAAA;IAAYtB;EAAG,CAAA,CACzB;EAEI,IAAA,EAACmB,IAAM,IAAA,IAAA,GAAA,KAAA,CAAA,GAAAA,IAAA,CAAAI,MAAA,CAAA,IAAUpB,KAAO,EAAA;IACpB,MAAAqB,MAAA,GAAS,MAAMhB,MAAO,CAAAY,KAAA,EAAA;IACf,kBAAA,EACX;MAACC,IAAIZ;IAAW,CAAA;IAAA;IAEhB;MAACa,KAAO,EAAA,UAAA;MAAYtB;IAAG,CAAA,CACzB;IACA,IAAI,CAACwB,MAAQ,EAAA;MACX,MAAM,IAAIb,SAAA,CACR,wDAAyDZ,MAAW,CAAAU,WAAA,EAAA,4FAAA,CAAA,CACtE;IACF;EACF;EAEA,OAAA,CAAOU,6BAAMI,MAAW,MAAAb,SAAA;AAC1B;;;;;"}
|
|
@@ -4,6 +4,7 @@ const fetchSecretQuery = /* groq */
|
|
|
4
4
|
"*[_id == $id && dateTime(_updatedAt) > dateTime(now()) - ".concat(SECRET_TTL, "][0]{secret, _updatedAt}");
|
|
5
5
|
const tag = name;
|
|
6
6
|
const apiVersion = "2023-08-08";
|
|
7
|
+
const isDev = process.env.NODE_ENV === "development";
|
|
7
8
|
async function isValidSecret(client, urlSecretId, urlSecret) {
|
|
8
9
|
if (!urlSecret) {
|
|
9
10
|
throw new TypeError("`urlSecret` is required");
|
|
@@ -27,13 +28,27 @@ async function isValidSecret(client, urlSecretId, urlSecret) {
|
|
|
27
28
|
});
|
|
28
29
|
const data = await customClient.fetch(fetchSecretQuery, {
|
|
29
30
|
id: urlSecretId
|
|
30
|
-
},
|
|
31
|
+
},
|
|
32
|
+
// @ts-expect-error -- the `cache` option is valid, but not in the types when NextJS typings aren't installed
|
|
33
|
+
{
|
|
34
|
+
cache: "no-store",
|
|
31
35
|
tag
|
|
32
36
|
});
|
|
33
|
-
if (!(data == null ? void 0 : data.secret)) {
|
|
34
|
-
|
|
37
|
+
if (!(data == null ? void 0 : data.secret) && isDev) {
|
|
38
|
+
const exists = await client.fetch( /* groq */
|
|
39
|
+
"*[_id == $id][0]", {
|
|
40
|
+
id: urlSecretId
|
|
41
|
+
},
|
|
42
|
+
// @ts-expect-error -- the `cache` option is valid, but not in the types when NextJS typings aren't installed
|
|
43
|
+
{
|
|
44
|
+
cache: "no-store",
|
|
45
|
+
tag
|
|
46
|
+
});
|
|
47
|
+
if (!exists) {
|
|
48
|
+
throw new TypeError("Unable to find a secret in the dataset, with the id `".concat(urlSecretId, "`. Have you set the `urlSecretId` option in your `Iframe` and `previewUrl` configurations?"));
|
|
49
|
+
}
|
|
35
50
|
}
|
|
36
|
-
return data.secret === urlSecret;
|
|
51
|
+
return (data == null ? void 0 : data.secret) === urlSecret;
|
|
37
52
|
}
|
|
38
53
|
export { SECRET_TTL, apiVersion, fetchSecretQuery, isValidSecret, tag };
|
|
39
|
-
//# sourceMappingURL=is-valid-secret-
|
|
54
|
+
//# sourceMappingURL=is-valid-secret-be2288e3.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"is-valid-secret-be2288e3.js","sources":["../../src/isValidSecret.tsx"],"sourcesContent":["import {name} from '../package.json'\n\nexport type UrlSecretId = `${string}.${string}`\n\n// updated within the hour, if it's older it'll create a new secret or return null\nexport const SECRET_TTL = 60 * 60\n\nexport const fetchSecretQuery = /* groq */ `*[_id == $id && dateTime(_updatedAt) > dateTime(now()) - ${SECRET_TTL}][0]{secret, _updatedAt}`\nexport type FetchSecretResponse = {\n secret: string | null\n _updatedAt: string | null\n} | null\n\nexport const tag = name\n\nexport const apiVersion = '2023-08-08'\n\nexport type SanityClientLike = {\n config(): {token?: string}\n withConfig(config: {apiVersion?: string; useCdn?: boolean; perspective: 'raw'}): SanityClientLike\n fetch<\n R,\n Q = {\n [key: string]: any\n },\n >(\n query: string,\n params: Q,\n options: {tag?: string},\n ): Promise<R>\n}\n\nconst isDev = process.env.NODE_ENV === 'development'\n\nexport async function isValidSecret(\n client: SanityClientLike,\n urlSecretId: UrlSecretId,\n urlSecret: string,\n): Promise<boolean> {\n if (!urlSecret) {\n throw new TypeError('`urlSecret` is required')\n }\n if (!urlSecretId) {\n throw new TypeError('`urlSecretId` is required')\n }\n if (!urlSecretId.includes('.')) {\n throw new TypeError(\n `\\`urlSecretId\\` must have a dot prefix, \\`${urlSecretId}\\` is not secure, add a prefix, for example \\`preview.${urlSecretId}\\` `,\n )\n }\n if (!client) {\n throw new TypeError('`client` is required')\n }\n if (!client.config().token) {\n throw new TypeError('`client` must have a `token` specified')\n }\n\n const customClient = client.withConfig({\n apiVersion,\n useCdn: false,\n perspective: 'raw',\n })\n const data = await customClient.fetch<FetchSecretResponse>(\n fetchSecretQuery,\n {id: urlSecretId},\n // @ts-expect-error -- the `cache` option is valid, but not in the types when NextJS typings aren't installed\n {cache: 'no-store', tag},\n )\n // eslint-disable-next-line no-process-env\n if (!data?.secret && isDev) {\n const exists = await client.fetch<null | Record<string, any>>(\n /* groq */ `*[_id == $id][0]`,\n {id: urlSecretId},\n // @ts-expect-error -- the `cache` option is valid, but not in the types when NextJS typings aren't installed\n {cache: 'no-store', tag},\n )\n if (!exists) {\n throw new TypeError(\n `Unable to find a secret in the dataset, with the id \\`${urlSecretId}\\`. Have you set the \\`urlSecretId\\` option in your \\`Iframe\\` and \\`previewUrl\\` configurations?`,\n )\n }\n }\n\n return data?.secret === urlSecret\n}\n"],"names":["SECRET_TTL","fetchSecretQuery","concat","tag","name","apiVersion","isDev","process","env","NODE_ENV","isValidSecret","client","urlSecretId","urlSecret","TypeError","includes","config","token","customClient","withConfig","useCdn","perspective","data","fetch","id","cache","secret","exists"],"mappings":";AAKO,MAAMA,aAAa,EAAK,GAAA,EAAA;AAElB,MAAAC,gBAAA,GAAA;AAA8B,4DAA4DC,MAAU,CAAAF,UAAA,EAAA,0BAAA,CAAA;AAM1G,MAAMG,GAAM,GAAAC,IAAA;AAEZ,MAAMC,UAAa,GAAA,YAAA;AAiB1B,MAAMC,KAAA,GAAQC,OAAQ,CAAAC,GAAA,CAAIC,QAAa,KAAA,aAAA;AAEjB,eAAAC,aAAAA,CACpBC,MACA,EAAAC,WAAA,EACAC,SACkB,EAAA;EAClB,IAAI,CAACA,SAAW,EAAA;IACR,MAAA,IAAIC,UAAU,yBAAyB,CAAA;EAC/C;EACA,IAAI,CAACF,WAAa,EAAA;IACV,MAAA,IAAIE,UAAU,2BAA2B,CAAA;EACjD;EACA,IAAI,CAACF,WAAA,CAAYG,QAAS,CAAA,GAAG,CAAG,EAAA;IAC9B,MAAM,IAAID,SAAA,CACR,yCAAA,CAA6CZ,MAAW,CAAAU,WAAA,EAAA,sDAAA,CAAA,CAAyDV,MAAW,CAAAU,WAAA,EAAA,IAAA,CAAA,CAC9H;EACF;EACA,IAAI,CAACD,MAAQ,EAAA;IACL,MAAA,IAAIG,UAAU,sBAAsB,CAAA;EAC5C;EACA,IAAI,CAACH,MAAA,CAAOK,MAAO,CAAA,CAAA,CAAEC,KAAO,EAAA;IACpB,MAAA,IAAIH,UAAU,wCAAwC,CAAA;EAC9D;EAEM,MAAAI,YAAA,GAAeP,OAAOQ,UAAW,CAAA;IACrCd,UAAA;IACAe,MAAQ,EAAA,KAAA;IACRC,WAAa,EAAA;EAAA,CACd,CAAA;EACK,MAAAC,IAAA,GAAO,MAAMJ,YAAa,CAAAK,KAAA,CAC9BtB,gBAAA,EACA;IAACuB,IAAIZ;EAAW,CAAA;EAAA;EAEhB;IAACa,KAAO,EAAA,UAAA;IAAYtB;EAAG,CAAA,CACzB;EAEI,IAAA,EAACmB,IAAM,IAAA,IAAA,GAAA,KAAA,CAAA,GAAAA,IAAA,CAAAI,MAAA,CAAA,IAAUpB,KAAO,EAAA;IACpB,MAAAqB,MAAA,GAAS,MAAMhB,MAAO,CAAAY,KAAA,EAAA;IACf,kBAAA,EACX;MAACC,IAAIZ;IAAW,CAAA;IAAA;IAEhB;MAACa,KAAO,EAAA,UAAA;MAAYtB;IAAG,CAAA,CACzB;IACA,IAAI,CAACwB,MAAQ,EAAA;MACX,MAAM,IAAIb,SAAA,CACR,wDAAyDZ,MAAW,CAAAU,WAAA,EAAA,4FAAA,CAAA,CACtE;IACF;EACF;EAEA,OAAA,CAAOU,6BAAMI,MAAW,MAAAb,SAAA;AAC1B;"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
var isValidSecret = require('./is-valid-secret-
|
|
3
|
+
var isValidSecret = require('./is-valid-secret-6020b622.cjs');
|
|
4
4
|
const MissingSlug = Symbol("MissingSlug");
|
|
5
5
|
function defineUrlResolver(options) {
|
|
6
6
|
const {
|
|
@@ -57,4 +57,4 @@ exports.MissingSlug = MissingSlug;
|
|
|
57
57
|
exports.defineUrlResolver = defineUrlResolver;
|
|
58
58
|
exports.getExpiresAt = getExpiresAt;
|
|
59
59
|
exports.patchUrlSecret = patchUrlSecret;
|
|
60
|
-
//# sourceMappingURL=utils-
|
|
60
|
+
//# sourceMappingURL=utils-4805e537.cjs.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils-
|
|
1
|
+
{"version":3,"file":"utils-4805e537.cjs","sources":["../../src/types.ts","../../src/defineUrlResolver.tsx","../../src/utils.ts"],"sourcesContent":["export const MissingSlug = Symbol('MissingSlug')\n\nexport type UrlState = string | typeof MissingSlug\n\nexport type IframeSizeKey = keyof SizeProps\n\nexport type Size = 'desktop' | 'mobile'\n\nexport type SizeProps = {\n // eslint-disable-next-line no-unused-vars\n [key in Size]: {\n width: string | number\n height: string | number\n }\n}\n\nexport type SetError = (error: unknown) => void\n","import type {SanityDocument} from 'sanity'\n\nimport {MissingSlug, UrlState} from './types'\n\nexport type {UrlState}\n\nexport type UrlResolver = (\n document: SanityDocument,\n urlSecret: string | null | undefined,\n signal?: AbortSignal,\n) => UrlState | Promise<UrlState>\n\nexport interface DefineUrlResolverOptions {\n base: string | URL\n requiresSlug?: string[]\n}\nexport function defineUrlResolver(options: DefineUrlResolverOptions): UrlResolver {\n const {base, requiresSlug = []} = options\n return (document, urlSecret) => {\n const url = new URL(base, location.origin)\n url.searchParams.set('type', document._type)\n const slug = (document?.slug as any)?.current\n if (slug) {\n url.searchParams.set('slug', slug)\n } else if (requiresSlug.includes(document._type)) {\n return MissingSlug\n }\n if (urlSecret) {\n url.searchParams.set('secret', urlSecret)\n }\n return url.toString()\n }\n}\n","import type {SanityClient} from 'sanity'\n\nimport {SECRET_TTL, tag, UrlSecretId} from './isValidSecret'\n\nexport function getExpiresAt(_updatedAt: Date) {\n return new Date(_updatedAt.getTime() + 1000 * SECRET_TTL)\n}\n\nfunction generateUrlSecret() {\n // Try using WebCrypto if available\n if (typeof crypto !== 'undefined') {\n // Generate a random array of 16 bytes\n const array = new Uint8Array(16)\n crypto.getRandomValues(array)\n\n // Convert the array to a URL-safe string\n let key = ''\n for (let i = 0; i < array.length; i++) {\n // Convert each byte to a 2-digit hexadecimal number\n key += array[i].toString(16).padStart(2, '0')\n }\n\n // Replace '+' and '/' from base64url to '-' and '_'\n key = btoa(key).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/[=]+$/, '')\n\n return key\n }\n // If not fallback to Math.random\n return Math.random().toString(36).slice(2)\n}\n\nexport async function patchUrlSecret(\n client: SanityClient,\n urlSecretId: UrlSecretId,\n signal?: AbortSignal,\n): Promise<string> {\n const newSecret = generateUrlSecret()\n const patch = client.patch(urlSecretId).set({secret: newSecret})\n await client\n .transaction()\n .createIfNotExists({_id: urlSecretId, _type: urlSecretId})\n .patch(patch)\n .commit({tag, signal})\n return newSecret\n}\n"],"names":["MissingSlug","Symbol","defineUrlResolver","options","base","requiresSlug","document","urlSecret","_a","url","URL","location","origin","searchParams","set","_type","slug","current","includes","toString","getExpiresAt","_updatedAt","Date","getTime","SECRET_TTL","generateUrlSecret","crypto","array","Uint8Array","getRandomValues","key","i","length","padStart","btoa","replace","Math","random","slice","patchUrlSecret","client","urlSecretId","signal","newSecret","patch","secret","transaction","createIfNotExists","_id","commit","tag"],"mappings":";;;AAAa,MAAAA,WAAA,GAAcC,OAAO,aAAa,CAAA;ACgBxC,SAASC,kBAAkBC,OAAgD,EAAA;EAChF,MAAM;IAACC,IAAA;IAAMC,YAAe,GAAA;GAAM,GAAAF,OAAA;EAC3B,OAAA,CAACG,UAAUC,SAAc,KAAA;IAlBlC,IAAAC,EAAA;IAmBI,MAAMC,GAAM,GAAA,IAAIC,GAAI,CAAAN,IAAA,EAAMO,SAASC,MAAM,CAAA;IACzCH,GAAA,CAAII,YAAa,CAAAC,GAAA,CAAI,MAAQ,EAAAR,QAAA,CAASS,KAAK,CAAA;IACrC,MAAAC,IAAA,GAAA,CAAQR,EAAU,GAAAF,QAAA,IAAA,IAAA,GAAA,KAAA,CAAA,GAAAA,QAAA,CAAAU,IAAA,KAAV,IAAwB,GAAA,KAAA,CAAA,GAAAR,EAAA,CAAAS,OAAA;IACtC,IAAID,IAAM,EAAA;MACJP,GAAA,CAAAI,YAAA,CAAaC,GAAI,CAAA,MAAA,EAAQE,IAAI,CAAA;IACxB,CAAA,MAAA,IAAAX,YAAA,CAAaa,QAAS,CAAAZ,QAAA,CAASS,KAAK,CAAG,EAAA;MACzC,OAAAf,WAAA;IACT;IACA,IAAIO,SAAW,EAAA;MACTE,GAAA,CAAAI,YAAA,CAAaC,GAAI,CAAA,QAAA,EAAUP,SAAS,CAAA;IAC1C;IACA,OAAOE,IAAIU,QAAS,EAAA;EAAA,CACtB;AACF;AC5BO,SAASC,aAAaC,UAAkB,EAAA;EAC7C,OAAO,IAAIC,IAAK,CAAAD,UAAA,CAAWE,OAAQ,CAAA,CAAA,GAAI,MAAOC,aAAAA,CAAAA,UAAU,CAAA;AAC1D;AAEA,SAASC,iBAAoBA,CAAA,EAAA;EAEvB,IAAA,OAAOC,WAAW,WAAa,EAAA;IAE3B,MAAAC,KAAA,GAAQ,IAAIC,UAAA,CAAW,EAAE,CAAA;IAC/BF,MAAA,CAAOG,gBAAgBF,KAAK,CAAA;IAG5B,IAAIG,GAAM,GAAA,EAAA;IACV,KAAA,IAASC,CAAI,GAAA,CAAA,EAAGA,CAAI,GAAAJ,KAAA,CAAMK,QAAQD,CAAK,EAAA,EAAA;MAE9BD,GAAA,IAAAH,KAAA,CAAMI,CAAC,CAAE,CAAAZ,QAAA,CAAS,EAAE,CAAE,CAAAc,QAAA,CAAS,GAAG,GAAG,CAAA;IAC9C;IAGAH,GAAA,GAAMI,IAAK,CAAAJ,GAAG,CAAE,CAAAK,OAAA,CAAQ,KAAO,EAAA,GAAG,CAAE,CAAAA,OAAA,CAAQ,KAAO,EAAA,GAAG,CAAE,CAAAA,OAAA,CAAQ,SAAS,EAAE,CAAA;IAEpE,OAAAL,GAAA;EACT;EAEA,OAAOM,KAAKC,MAAO,EAAA,CAAElB,SAAS,EAAE,CAAA,CAAEmB,MAAM,CAAC,CAAA;AAC3C;AAEsB,eAAAC,cAAAA,CACpBC,MACA,EAAAC,WAAA,EACAC,MACiB,EAAA;EACjB,MAAMC,YAAYlB,iBAAkB,EAAA;EAC9B,MAAAmB,KAAA,GAAQJ,OAAOI,KAAM,CAAAH,WAAW,EAAE3B,GAAI,CAAA;IAAC+B,MAAQ,EAAAF;EAAA,CAAU,CAAA;EAC/D,MAAMH,OACHM,WAAY,EAAA,CACZC,kBAAkB;IAACC,GAAA,EAAKP;IAAa1B,KAAO,EAAA0B;EAAY,CAAA,CAAA,CACxDG,MAAMA,KAAK,CAAA,CACXK,OAAO;IAAAC,GAAA,EAACA,aAAA,CAAAA,GAAA;IAAKR;GAAO,CAAA;EAChB,OAAAC,SAAA;AACT;;;;"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { tag, SECRET_TTL } from './is-valid-secret-
|
|
1
|
+
import { tag, SECRET_TTL } from './is-valid-secret-be2288e3.js';
|
|
2
2
|
const MissingSlug = Symbol("MissingSlug");
|
|
3
3
|
function defineUrlResolver(options) {
|
|
4
4
|
const {
|
|
@@ -52,4 +52,4 @@ async function patchUrlSecret(client, urlSecretId, signal) {
|
|
|
52
52
|
return newSecret;
|
|
53
53
|
}
|
|
54
54
|
export { MissingSlug, defineUrlResolver, getExpiresAt, patchUrlSecret };
|
|
55
|
-
//# sourceMappingURL=utils-
|
|
55
|
+
//# sourceMappingURL=utils-95f4ad1b.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils-
|
|
1
|
+
{"version":3,"file":"utils-95f4ad1b.js","sources":["../../src/types.ts","../../src/defineUrlResolver.tsx","../../src/utils.ts"],"sourcesContent":["export const MissingSlug = Symbol('MissingSlug')\n\nexport type UrlState = string | typeof MissingSlug\n\nexport type IframeSizeKey = keyof SizeProps\n\nexport type Size = 'desktop' | 'mobile'\n\nexport type SizeProps = {\n // eslint-disable-next-line no-unused-vars\n [key in Size]: {\n width: string | number\n height: string | number\n }\n}\n\nexport type SetError = (error: unknown) => void\n","import type {SanityDocument} from 'sanity'\n\nimport {MissingSlug, UrlState} from './types'\n\nexport type {UrlState}\n\nexport type UrlResolver = (\n document: SanityDocument,\n urlSecret: string | null | undefined,\n signal?: AbortSignal,\n) => UrlState | Promise<UrlState>\n\nexport interface DefineUrlResolverOptions {\n base: string | URL\n requiresSlug?: string[]\n}\nexport function defineUrlResolver(options: DefineUrlResolverOptions): UrlResolver {\n const {base, requiresSlug = []} = options\n return (document, urlSecret) => {\n const url = new URL(base, location.origin)\n url.searchParams.set('type', document._type)\n const slug = (document?.slug as any)?.current\n if (slug) {\n url.searchParams.set('slug', slug)\n } else if (requiresSlug.includes(document._type)) {\n return MissingSlug\n }\n if (urlSecret) {\n url.searchParams.set('secret', urlSecret)\n }\n return url.toString()\n }\n}\n","import type {SanityClient} from 'sanity'\n\nimport {SECRET_TTL, tag, UrlSecretId} from './isValidSecret'\n\nexport function getExpiresAt(_updatedAt: Date) {\n return new Date(_updatedAt.getTime() + 1000 * SECRET_TTL)\n}\n\nfunction generateUrlSecret() {\n // Try using WebCrypto if available\n if (typeof crypto !== 'undefined') {\n // Generate a random array of 16 bytes\n const array = new Uint8Array(16)\n crypto.getRandomValues(array)\n\n // Convert the array to a URL-safe string\n let key = ''\n for (let i = 0; i < array.length; i++) {\n // Convert each byte to a 2-digit hexadecimal number\n key += array[i].toString(16).padStart(2, '0')\n }\n\n // Replace '+' and '/' from base64url to '-' and '_'\n key = btoa(key).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/[=]+$/, '')\n\n return key\n }\n // If not fallback to Math.random\n return Math.random().toString(36).slice(2)\n}\n\nexport async function patchUrlSecret(\n client: SanityClient,\n urlSecretId: UrlSecretId,\n signal?: AbortSignal,\n): Promise<string> {\n const newSecret = generateUrlSecret()\n const patch = client.patch(urlSecretId).set({secret: newSecret})\n await client\n .transaction()\n .createIfNotExists({_id: urlSecretId, _type: urlSecretId})\n .patch(patch)\n .commit({tag, signal})\n return newSecret\n}\n"],"names":["MissingSlug","Symbol","defineUrlResolver","options","base","requiresSlug","document","urlSecret","_a","url","URL","location","origin","searchParams","set","_type","slug","current","includes","toString","getExpiresAt","_updatedAt","Date","getTime","SECRET_TTL","generateUrlSecret","crypto","array","Uint8Array","getRandomValues","key","i","length","padStart","btoa","replace","Math","random","slice","patchUrlSecret","client","urlSecretId","signal","newSecret","patch","secret","transaction","createIfNotExists","_id","commit","tag"],"mappings":";AAAa,MAAAA,WAAA,GAAcC,OAAO,aAAa,CAAA;ACgBxC,SAASC,kBAAkBC,OAAgD,EAAA;EAChF,MAAM;IAACC,IAAA;IAAMC,YAAe,GAAA;GAAM,GAAAF,OAAA;EAC3B,OAAA,CAACG,UAAUC,SAAc,KAAA;IAlBlC,IAAAC,EAAA;IAmBI,MAAMC,GAAM,GAAA,IAAIC,GAAI,CAAAN,IAAA,EAAMO,SAASC,MAAM,CAAA;IACzCH,GAAA,CAAII,YAAa,CAAAC,GAAA,CAAI,MAAQ,EAAAR,QAAA,CAASS,KAAK,CAAA;IACrC,MAAAC,IAAA,GAAA,CAAQR,EAAU,GAAAF,QAAA,IAAA,IAAA,GAAA,KAAA,CAAA,GAAAA,QAAA,CAAAU,IAAA,KAAV,IAAwB,GAAA,KAAA,CAAA,GAAAR,EAAA,CAAAS,OAAA;IACtC,IAAID,IAAM,EAAA;MACJP,GAAA,CAAAI,YAAA,CAAaC,GAAI,CAAA,MAAA,EAAQE,IAAI,CAAA;IACxB,CAAA,MAAA,IAAAX,YAAA,CAAaa,QAAS,CAAAZ,QAAA,CAASS,KAAK,CAAG,EAAA;MACzC,OAAAf,WAAA;IACT;IACA,IAAIO,SAAW,EAAA;MACTE,GAAA,CAAAI,YAAA,CAAaC,GAAI,CAAA,QAAA,EAAUP,SAAS,CAAA;IAC1C;IACA,OAAOE,IAAIU,QAAS,EAAA;EAAA,CACtB;AACF;AC5BO,SAASC,aAAaC,UAAkB,EAAA;EAC7C,OAAO,IAAIC,IAAK,CAAAD,UAAA,CAAWE,OAAQ,CAAA,CAAA,GAAI,MAAOC,UAAU,CAAA;AAC1D;AAEA,SAASC,iBAAoBA,CAAA,EAAA;EAEvB,IAAA,OAAOC,WAAW,WAAa,EAAA;IAE3B,MAAAC,KAAA,GAAQ,IAAIC,UAAA,CAAW,EAAE,CAAA;IAC/BF,MAAA,CAAOG,gBAAgBF,KAAK,CAAA;IAG5B,IAAIG,GAAM,GAAA,EAAA;IACV,KAAA,IAASC,CAAI,GAAA,CAAA,EAAGA,CAAI,GAAAJ,KAAA,CAAMK,QAAQD,CAAK,EAAA,EAAA;MAE9BD,GAAA,IAAAH,KAAA,CAAMI,CAAC,CAAE,CAAAZ,QAAA,CAAS,EAAE,CAAE,CAAAc,QAAA,CAAS,GAAG,GAAG,CAAA;IAC9C;IAGAH,GAAA,GAAMI,IAAK,CAAAJ,GAAG,CAAE,CAAAK,OAAA,CAAQ,KAAO,EAAA,GAAG,CAAE,CAAAA,OAAA,CAAQ,KAAO,EAAA,GAAG,CAAE,CAAAA,OAAA,CAAQ,SAAS,EAAE,CAAA;IAEpE,OAAAL,GAAA;EACT;EAEA,OAAOM,KAAKC,MAAO,EAAA,CAAElB,SAAS,EAAE,CAAA,CAAEmB,MAAM,CAAC,CAAA;AAC3C;AAEsB,eAAAC,cAAAA,CACpBC,MACA,EAAAC,WAAA,EACAC,MACiB,EAAA;EACjB,MAAMC,YAAYlB,iBAAkB,EAAA;EAC9B,MAAAmB,KAAA,GAAQJ,OAAOI,KAAM,CAAAH,WAAW,EAAE3B,GAAI,CAAA;IAAC+B,MAAQ,EAAAF;EAAA,CAAU,CAAA;EAC/D,MAAMH,OACHM,WAAY,EAAA,CACZC,kBAAkB;IAACC,GAAA,EAAKP;IAAa1B,KAAO,EAAA0B;EAAY,CAAA,CAAA,CACxDG,MAAMA,KAAK,CAAA,CACXK,OAAO;IAACC,GAAA;IAAKR;GAAO,CAAA;EAChB,OAAAC,SAAA;AACT;"}
|
package/lib/index.cjs
CHANGED
|
@@ -3,14 +3,14 @@
|
|
|
3
3
|
Object.defineProperty(exports, '__esModule', {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
var utils = require('./_chunks/utils-
|
|
6
|
+
var utils = require('./_chunks/utils-4805e537.cjs');
|
|
7
7
|
var jsxRuntime = require('react/jsx-runtime');
|
|
8
8
|
var icons = require('@sanity/icons');
|
|
9
9
|
var ui = require('@sanity/ui');
|
|
10
10
|
var framerMotion = require('framer-motion');
|
|
11
11
|
var react = require('react');
|
|
12
12
|
var sanity = require('sanity');
|
|
13
|
-
var isValidSecret = require('./_chunks/is-valid-secret-
|
|
13
|
+
var isValidSecret = require('./_chunks/is-valid-secret-6020b622.cjs');
|
|
14
14
|
var usehooksTs = require('usehooks-ts');
|
|
15
15
|
function GetUrlSecret(props) {
|
|
16
16
|
const {
|
package/lib/index.js
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
|
-
import { patchUrlSecret, getExpiresAt, MissingSlug } from './_chunks/utils-
|
|
2
|
-
export { defineUrlResolver } from './_chunks/utils-
|
|
1
|
+
import { patchUrlSecret, getExpiresAt, MissingSlug } from './_chunks/utils-95f4ad1b.js';
|
|
2
|
+
export { defineUrlResolver } from './_chunks/utils-95f4ad1b.js';
|
|
3
3
|
import { jsx, jsxs, Fragment } from 'react/jsx-runtime';
|
|
4
4
|
import { MobileDeviceIcon, UndoIcon, ClipboardIcon, LaunchIcon, WarningOutlineIcon } from '@sanity/icons';
|
|
5
5
|
import { Text, useToast, Card, Flex, Tooltip, Button, Box, Spinner, usePrefersReducedMotion, Container, Stack } from '@sanity/ui';
|
|
6
6
|
import { motion, AnimatePresence, MotionConfig } from 'framer-motion';
|
|
7
7
|
import { useState, useEffect, useMemo, useRef, forwardRef, useCallback, useDeferredValue } from 'react';
|
|
8
8
|
import { useClient } from 'sanity';
|
|
9
|
-
import { apiVersion, fetchSecretQuery, tag } from './_chunks/is-valid-secret-
|
|
9
|
+
import { apiVersion, fetchSecretQuery, tag } from './_chunks/is-valid-secret-be2288e3.js';
|
|
10
10
|
import { useCopyToClipboard } from 'usehooks-ts';
|
|
11
11
|
function GetUrlSecret(props) {
|
|
12
12
|
const {
|
package/lib/is-valid-secret.cjs
CHANGED
|
@@ -3,6 +3,6 @@
|
|
|
3
3
|
Object.defineProperty(exports, '__esModule', {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
var isValidSecret = require('./_chunks/is-valid-secret-
|
|
6
|
+
var isValidSecret = require('./_chunks/is-valid-secret-6020b622.cjs');
|
|
7
7
|
exports.isValidSecret = isValidSecret.isValidSecret;
|
|
8
8
|
//# sourceMappingURL=is-valid-secret.cjs.map
|
package/lib/is-valid-secret.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export { isValidSecret } from './_chunks/is-valid-secret-
|
|
1
|
+
export { isValidSecret } from './_chunks/is-valid-secret-be2288e3.js';
|
|
2
2
|
//# sourceMappingURL=is-valid-secret.js.map
|
package/lib/preview-url.cjs
CHANGED
|
@@ -4,8 +4,8 @@ Object.defineProperty(exports, '__esModule', {
|
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
6
|
var sanity = require('sanity');
|
|
7
|
-
var utils = require('./_chunks/utils-
|
|
8
|
-
var isValidSecret = require('./_chunks/is-valid-secret-
|
|
7
|
+
var utils = require('./_chunks/utils-4805e537.cjs');
|
|
8
|
+
var isValidSecret = require('./_chunks/is-valid-secret-6020b622.cjs');
|
|
9
9
|
const previewUrl = sanity.definePlugin(_ref => {
|
|
10
10
|
let {
|
|
11
11
|
urlSecretId,
|
package/lib/preview-url.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { definePlugin } from 'sanity';
|
|
2
|
-
import { patchUrlSecret, MissingSlug, defineUrlResolver } from './_chunks/utils-
|
|
3
|
-
import { apiVersion, fetchSecretQuery, tag } from './_chunks/is-valid-secret-
|
|
2
|
+
import { patchUrlSecret, MissingSlug, defineUrlResolver } from './_chunks/utils-95f4ad1b.js';
|
|
3
|
+
import { apiVersion, fetchSecretQuery, tag } from './_chunks/is-valid-secret-be2288e3.js';
|
|
4
4
|
const previewUrl = definePlugin(_ref => {
|
|
5
5
|
let {
|
|
6
6
|
urlSecretId,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "sanity-plugin-iframe-pane",
|
|
3
|
-
"version": "2.5.
|
|
3
|
+
"version": "2.5.5",
|
|
4
4
|
"description": "Display any URL in a View Pane, along with helpful buttons to Copy the URL or open in a new tab",
|
|
5
5
|
"homepage": "https://github.com/sanity-io/sanity-plugin-iframe-pane#readme",
|
|
6
6
|
"bugs": {
|
|
@@ -28,11 +28,8 @@
|
|
|
28
28
|
"./is-valid-secret": {
|
|
29
29
|
"types": "./lib/is-valid-secret.d.ts",
|
|
30
30
|
"source": "./src/is-valid-secret.ts",
|
|
31
|
-
"require": "./lib/is-valid-secret.cjs",
|
|
32
|
-
"node": {
|
|
33
|
-
"import": "./lib/is-valid-secret.cjs.js"
|
|
34
|
-
},
|
|
35
31
|
"import": "./lib/is-valid-secret.js",
|
|
32
|
+
"require": "./lib/is-valid-secret.cjs",
|
|
36
33
|
"default": "./lib/is-valid-secret.js"
|
|
37
34
|
},
|
|
38
35
|
"./preview-url": {
|
|
@@ -87,9 +84,9 @@
|
|
|
87
84
|
"usehooks-ts": "2.9.1"
|
|
88
85
|
},
|
|
89
86
|
"devDependencies": {
|
|
90
|
-
"@commitlint/cli": "^17.
|
|
91
|
-
"@commitlint/config-conventional": "^17.
|
|
92
|
-
"@sanity/pkg-utils": "^2.4.
|
|
87
|
+
"@commitlint/cli": "^17.7.0",
|
|
88
|
+
"@commitlint/config-conventional": "^17.7.0",
|
|
89
|
+
"@sanity/pkg-utils": "^2.4.5",
|
|
93
90
|
"@sanity/plugin-kit": "^3.1.7",
|
|
94
91
|
"@sanity/semantic-release-preset": "^4.1.3",
|
|
95
92
|
"@typescript-eslint/eslint-plugin": "^5.62.0",
|
package/src/isValidSecret.tsx
CHANGED
|
@@ -29,6 +29,9 @@ export type SanityClientLike = {
|
|
|
29
29
|
options: {tag?: string},
|
|
30
30
|
): Promise<R>
|
|
31
31
|
}
|
|
32
|
+
|
|
33
|
+
const isDev = process.env.NODE_ENV === 'development'
|
|
34
|
+
|
|
32
35
|
export async function isValidSecret(
|
|
33
36
|
client: SanityClientLike,
|
|
34
37
|
urlSecretId: UrlSecretId,
|
|
@@ -60,13 +63,23 @@ export async function isValidSecret(
|
|
|
60
63
|
const data = await customClient.fetch<FetchSecretResponse>(
|
|
61
64
|
fetchSecretQuery,
|
|
62
65
|
{id: urlSecretId},
|
|
63
|
-
|
|
66
|
+
// @ts-expect-error -- the `cache` option is valid, but not in the types when NextJS typings aren't installed
|
|
67
|
+
{cache: 'no-store', tag},
|
|
64
68
|
)
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
69
|
+
// eslint-disable-next-line no-process-env
|
|
70
|
+
if (!data?.secret && isDev) {
|
|
71
|
+
const exists = await client.fetch<null | Record<string, any>>(
|
|
72
|
+
/* groq */ `*[_id == $id][0]`,
|
|
73
|
+
{id: urlSecretId},
|
|
74
|
+
// @ts-expect-error -- the `cache` option is valid, but not in the types when NextJS typings aren't installed
|
|
75
|
+
{cache: 'no-store', tag},
|
|
68
76
|
)
|
|
77
|
+
if (!exists) {
|
|
78
|
+
throw new TypeError(
|
|
79
|
+
`Unable to find a secret in the dataset, with the id \`${urlSecretId}\`. Have you set the \`urlSecretId\` option in your \`Iframe\` and \`previewUrl\` configurations?`,
|
|
80
|
+
)
|
|
81
|
+
}
|
|
69
82
|
}
|
|
70
83
|
|
|
71
|
-
return data
|
|
84
|
+
return data?.secret === urlSecret
|
|
72
85
|
}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"is-valid-secret-d0fb874f.js","sources":["../../src/isValidSecret.tsx"],"sourcesContent":["import {name} from '../package.json'\n\nexport type UrlSecretId = `${string}.${string}`\n\n// updated within the hour, if it's older it'll create a new secret or return null\nexport const SECRET_TTL = 60 * 60\n\nexport const fetchSecretQuery = /* groq */ `*[_id == $id && dateTime(_updatedAt) > dateTime(now()) - ${SECRET_TTL}][0]{secret, _updatedAt}`\nexport type FetchSecretResponse = {\n secret: string | null\n _updatedAt: string | null\n} | null\n\nexport const tag = name\n\nexport const apiVersion = '2023-08-08'\n\nexport type SanityClientLike = {\n config(): {token?: string}\n withConfig(config: {apiVersion?: string; useCdn?: boolean; perspective: 'raw'}): SanityClientLike\n fetch<\n R,\n Q = {\n [key: string]: any\n },\n >(\n query: string,\n params: Q,\n options: {tag?: string},\n ): Promise<R>\n}\nexport async function isValidSecret(\n client: SanityClientLike,\n urlSecretId: UrlSecretId,\n urlSecret: string,\n): Promise<boolean> {\n if (!urlSecret) {\n throw new TypeError('`urlSecret` is required')\n }\n if (!urlSecretId) {\n throw new TypeError('`urlSecretId` is required')\n }\n if (!urlSecretId.includes('.')) {\n throw new TypeError(\n `\\`urlSecretId\\` must have a dot prefix, \\`${urlSecretId}\\` is not secure, add a prefix, for example \\`preview.${urlSecretId}\\` `,\n )\n }\n if (!client) {\n throw new TypeError('`client` is required')\n }\n if (!client.config().token) {\n throw new TypeError('`client` must have a `token` specified')\n }\n\n const customClient = client.withConfig({\n apiVersion,\n useCdn: false,\n perspective: 'raw',\n })\n const data = await customClient.fetch<FetchSecretResponse>(\n fetchSecretQuery,\n {id: urlSecretId},\n {tag},\n )\n if (!data?.secret) {\n throw new TypeError(\n `Unable to find a secret in the dataset, with the id \\`${urlSecretId}\\`. Have you set the \\`urlSecretId\\` option in your \\`Iframe\\` and \\`previewUrl\\` configurations?`,\n )\n }\n\n return data.secret === urlSecret\n}\n"],"names":["SECRET_TTL","fetchSecretQuery","concat","tag","name","apiVersion","isValidSecret","client","urlSecretId","urlSecret","TypeError","includes","config","token","customClient","withConfig","useCdn","perspective","data","fetch","id","secret"],"mappings":";AAKO,MAAMA,aAAa,EAAK,GAAA,EAAA;AAElB,MAAAC,gBAAA,GAAA;AAA8B,4DAA4DC,MAAU,CAAAF,UAAA,EAAA,0BAAA,CAAA;AAM1G,MAAMG,GAAM,GAAAC,IAAA;AAEZ,MAAMC,UAAa,GAAA,YAAA;AAgBJ,eAAAC,aAAAA,CACpBC,MACA,EAAAC,WAAA,EACAC,SACkB,EAAA;EAClB,IAAI,CAACA,SAAW,EAAA;IACR,MAAA,IAAIC,UAAU,yBAAyB,CAAA;EAC/C;EACA,IAAI,CAACF,WAAa,EAAA;IACV,MAAA,IAAIE,UAAU,2BAA2B,CAAA;EACjD;EACA,IAAI,CAACF,WAAA,CAAYG,QAAS,CAAA,GAAG,CAAG,EAAA;IAC9B,MAAM,IAAID,SAAA,CACR,yCAAA,CAA6CR,MAAW,CAAAM,WAAA,EAAA,sDAAA,CAAA,CAAyDN,MAAW,CAAAM,WAAA,EAAA,IAAA,CAAA,CAC9H;EACF;EACA,IAAI,CAACD,MAAQ,EAAA;IACL,MAAA,IAAIG,UAAU,sBAAsB,CAAA;EAC5C;EACA,IAAI,CAACH,MAAA,CAAOK,MAAO,CAAA,CAAA,CAAEC,KAAO,EAAA;IACpB,MAAA,IAAIH,UAAU,wCAAwC,CAAA;EAC9D;EAEM,MAAAI,YAAA,GAAeP,OAAOQ,UAAW,CAAA;IACrCV,UAAA;IACAW,MAAQ,EAAA,KAAA;IACRC,WAAa,EAAA;EAAA,CACd,CAAA;EACK,MAAAC,IAAA,GAAO,MAAMJ,YAAa,CAAAK,KAAA,CAC9BlB,gBAAA,EACA;IAACmB,IAAIZ;EAAW,CAAA,EAChB;IAACL;EAAG,CAAA,CACN;EACI,IAAA,EAACe,6BAAMG,MAAQ,CAAA,EAAA;IACjB,MAAM,IAAIX,SAAA,CACR,wDAAyDR,MAAW,CAAAM,WAAA,EAAA,4FAAA,CAAA,CACtE;EACF;EAEA,OAAOU,KAAKG,MAAW,KAAAZ,SAAA;AACzB;"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"is-valid-secret-ffcae61b.cjs","sources":["../../src/isValidSecret.tsx"],"sourcesContent":["import {name} from '../package.json'\n\nexport type UrlSecretId = `${string}.${string}`\n\n// updated within the hour, if it's older it'll create a new secret or return null\nexport const SECRET_TTL = 60 * 60\n\nexport const fetchSecretQuery = /* groq */ `*[_id == $id && dateTime(_updatedAt) > dateTime(now()) - ${SECRET_TTL}][0]{secret, _updatedAt}`\nexport type FetchSecretResponse = {\n secret: string | null\n _updatedAt: string | null\n} | null\n\nexport const tag = name\n\nexport const apiVersion = '2023-08-08'\n\nexport type SanityClientLike = {\n config(): {token?: string}\n withConfig(config: {apiVersion?: string; useCdn?: boolean; perspective: 'raw'}): SanityClientLike\n fetch<\n R,\n Q = {\n [key: string]: any\n },\n >(\n query: string,\n params: Q,\n options: {tag?: string},\n ): Promise<R>\n}\nexport async function isValidSecret(\n client: SanityClientLike,\n urlSecretId: UrlSecretId,\n urlSecret: string,\n): Promise<boolean> {\n if (!urlSecret) {\n throw new TypeError('`urlSecret` is required')\n }\n if (!urlSecretId) {\n throw new TypeError('`urlSecretId` is required')\n }\n if (!urlSecretId.includes('.')) {\n throw new TypeError(\n `\\`urlSecretId\\` must have a dot prefix, \\`${urlSecretId}\\` is not secure, add a prefix, for example \\`preview.${urlSecretId}\\` `,\n )\n }\n if (!client) {\n throw new TypeError('`client` is required')\n }\n if (!client.config().token) {\n throw new TypeError('`client` must have a `token` specified')\n }\n\n const customClient = client.withConfig({\n apiVersion,\n useCdn: false,\n perspective: 'raw',\n })\n const data = await customClient.fetch<FetchSecretResponse>(\n fetchSecretQuery,\n {id: urlSecretId},\n {tag},\n )\n if (!data?.secret) {\n throw new TypeError(\n `Unable to find a secret in the dataset, with the id \\`${urlSecretId}\\`. Have you set the \\`urlSecretId\\` option in your \\`Iframe\\` and \\`previewUrl\\` configurations?`,\n )\n }\n\n return data.secret === urlSecret\n}\n"],"names":["SECRET_TTL","fetchSecretQuery","concat","tag","name","apiVersion","isValidSecret","client","urlSecretId","urlSecret","TypeError","includes","config","token","customClient","withConfig","useCdn","perspective","data","fetch","id","secret"],"mappings":";;;AAKO,MAAMA,aAAa,EAAK,GAAA,EAAA;AAElB,MAAAC,gBAAA,GAAA;AAA8B,4DAA4DC,MAAU,CAAAF,UAAA,EAAA,0BAAA,CAAA;AAM1G,MAAMG,GAAM,GAAAC,IAAA;AAEZ,MAAMC,UAAa,GAAA,YAAA;AAgBJ,eAAAC,aAAAA,CACpBC,MACA,EAAAC,WAAA,EACAC,SACkB,EAAA;EAClB,IAAI,CAACA,SAAW,EAAA;IACR,MAAA,IAAIC,UAAU,yBAAyB,CAAA;EAC/C;EACA,IAAI,CAACF,WAAa,EAAA;IACV,MAAA,IAAIE,UAAU,2BAA2B,CAAA;EACjD;EACA,IAAI,CAACF,WAAA,CAAYG,QAAS,CAAA,GAAG,CAAG,EAAA;IAC9B,MAAM,IAAID,SAAA,CACR,yCAAA,CAA6CR,MAAW,CAAAM,WAAA,EAAA,sDAAA,CAAA,CAAyDN,MAAW,CAAAM,WAAA,EAAA,IAAA,CAAA,CAC9H;EACF;EACA,IAAI,CAACD,MAAQ,EAAA;IACL,MAAA,IAAIG,UAAU,sBAAsB,CAAA;EAC5C;EACA,IAAI,CAACH,MAAA,CAAOK,MAAO,CAAA,CAAA,CAAEC,KAAO,EAAA;IACpB,MAAA,IAAIH,UAAU,wCAAwC,CAAA;EAC9D;EAEM,MAAAI,YAAA,GAAeP,OAAOQ,UAAW,CAAA;IACrCV,UAAA;IACAW,MAAQ,EAAA,KAAA;IACRC,WAAa,EAAA;EAAA,CACd,CAAA;EACK,MAAAC,IAAA,GAAO,MAAMJ,YAAa,CAAAK,KAAA,CAC9BlB,gBAAA,EACA;IAACmB,IAAIZ;EAAW,CAAA,EAChB;IAACL;EAAG,CAAA,CACN;EACI,IAAA,EAACe,6BAAMG,MAAQ,CAAA,EAAA;IACjB,MAAM,IAAIX,SAAA,CACR,wDAAyDR,MAAW,CAAAM,WAAA,EAAA,4FAAA,CAAA,CACtE;EACF;EAEA,OAAOU,KAAKG,MAAW,KAAAZ,SAAA;AACzB;;;;;"}
|