sst 2.13.2 → 2.13.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/config.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { FunctionMetadata, SsrSiteMetadata } from "./constructs/Metadata.js";
1
+ import { FunctionMetadata, NextjsSiteMetadata, AstroSiteMetadata, RemixSiteMetadata, SolidStartSiteMetadata, SvelteKitSiteMetadata, SSRSiteMetadata } from "./constructs/Metadata.js";
2
2
  declare module "./bus.js" {
3
3
  interface Events {
4
4
  "config.secret.updated": {
@@ -47,9 +47,9 @@ export declare namespace Config {
47
47
  fallback?: boolean;
48
48
  }): Promise<void>;
49
49
  function restart(keys: string[]): Promise<{
50
- edgeSites: SsrSiteMetadata[];
51
- sites: SsrSiteMetadata[];
52
- placeholderSites: SsrSiteMetadata[];
50
+ edgeSites: (NextjsSiteMetadata | AstroSiteMetadata | RemixSiteMetadata | SolidStartSiteMetadata | SvelteKitSiteMetadata)[];
51
+ sites: SSRSiteMetadata[];
52
+ placeholderSites: (NextjsSiteMetadata | AstroSiteMetadata | RemixSiteMetadata | SolidStartSiteMetadata | SvelteKitSiteMetadata)[];
53
53
  functions: FunctionMetadata[];
54
54
  }>;
55
55
  }
@@ -22,4 +22,16 @@ export declare class AstroSite extends SsrSite {
22
22
  protected validateBuildOutput(): void;
23
23
  protected createFunctionForRegional(): CdkFunction;
24
24
  protected createFunctionForEdge(): EdgeFunction;
25
+ getConstructMetadata(): {
26
+ data: {
27
+ mode: "placeholder" | "deployed";
28
+ path: string;
29
+ customDomainUrl: string | undefined;
30
+ url: string | undefined;
31
+ edge: boolean | undefined;
32
+ server: string;
33
+ secrets: string[];
34
+ };
35
+ type: "AstroSite";
36
+ };
25
37
  }
@@ -67,4 +67,10 @@ export class AstroSite extends SsrSite {
67
67
  },
68
68
  });
69
69
  }
70
+ getConstructMetadata() {
71
+ return {
72
+ type: "AstroSite",
73
+ ...this.getConstructMetadataBase(),
74
+ };
75
+ }
70
76
  }
@@ -211,7 +211,9 @@ export declare class Job extends Construct implements SSTConstruct {
211
211
  constructor(scope: Construct, id: string, props: JobProps);
212
212
  getConstructMetadata(): {
213
213
  type: "Job";
214
- data: {};
214
+ data: {
215
+ handler: string;
216
+ };
215
217
  };
216
218
  /** @internal */
217
219
  getFunctionBinding(): FunctionBindingProps;
package/constructs/Job.js CHANGED
@@ -75,7 +75,9 @@ export class Job extends Construct {
75
75
  getConstructMetadata() {
76
76
  return {
77
77
  type: "Job",
78
- data: {},
78
+ data: {
79
+ handler: this.props.handler,
80
+ },
79
81
  };
80
82
  }
81
83
  /** @internal */
@@ -9,7 +9,7 @@ export type ApiMetadata = ExtractMetadata<Api<any>>;
9
9
  import type { ApiGatewayV1Api } from "./ApiGatewayV1Api.js";
10
10
  export type ApiGatewayV1ApiMetadata = ExtractMetadata<ApiGatewayV1Api<any>>;
11
11
  import type { Cognito } from "./Cognito.js";
12
- export type AuthMetadata = ExtractMetadata<Cognito>;
12
+ export type CognitoMetadata = ExtractMetadata<Cognito>;
13
13
  import type { AppSyncApi } from "./AppSyncApi.js";
14
14
  export type AppSyncApiMetadata = ExtractMetadata<AppSyncApi>;
15
15
  import type { Bucket } from "./Bucket.js";
@@ -22,16 +22,12 @@ import type { Function as Fn } from "./Function.js";
22
22
  export type FunctionMetadata = ExtractMetadata<Fn>;
23
23
  import type { KinesisStream } from "./KinesisStream.js";
24
24
  export type KinesisStreamMetadata = ExtractMetadata<KinesisStream>;
25
- import type { NextjsSite } from "./NextjsSite.js";
26
- export type NextjsMetadata = ExtractMetadata<NextjsSite>;
27
25
  import type { NextjsSite as SlsNextjsSite } from "./deprecated/NextjsSite.js";
28
26
  export type SlsNextjsMetadata = ExtractMetadata<SlsNextjsSite>;
29
27
  import type { Queue } from "./Queue.js";
30
28
  export type QueueMetadata = ExtractMetadata<Queue>;
31
29
  import type { StaticSite } from "./StaticSite.js";
32
30
  export type StaticSiteMetadata = ExtractMetadata<StaticSite>;
33
- import type { SsrSite } from "./SsrSite.js";
34
- export type SsrSiteMetadata = ExtractMetadata<SsrSite>;
35
31
  import type { Table } from "./Table.js";
36
32
  export type TableMetadata = ExtractMetadata<Table>;
37
33
  import type { Topic } from "./Topic.js";
@@ -40,5 +36,16 @@ import type { WebSocketApi } from "./WebSocketApi.js";
40
36
  export type WebSocketApiMetadata = ExtractMetadata<WebSocketApi>;
41
37
  import type { RDS } from "./RDS.js";
42
38
  export type RDSMetadata = ExtractMetadata<RDS>;
43
- export type Metadata = ApiMetadata | ApiGatewayV1ApiMetadata | AuthMetadata | AppSyncApiMetadata | BucketMetadata | CronMetadata | EventBusMetadata | FunctionMetadata | KinesisStreamMetadata | NextjsMetadata | SlsNextjsMetadata | QueueMetadata | StaticSiteMetadata | SsrSiteMetadata | TableMetadata | TopicMetadata | WebSocketApiMetadata | RDSMetadata;
39
+ import type { NextjsSite } from "./NextjsSite.js";
40
+ export type NextjsSiteMetadata = ExtractMetadata<NextjsSite>;
41
+ import type { AstroSite } from "./AstroSite.js";
42
+ export type AstroSiteMetadata = ExtractMetadata<AstroSite>;
43
+ import type { RemixSite } from "./RemixSite.js";
44
+ export type RemixSiteMetadata = ExtractMetadata<RemixSite>;
45
+ import type { SvelteKitSite } from "./SvelteKitSite.js";
46
+ export type SvelteKitSiteMetadata = ExtractMetadata<SvelteKitSite>;
47
+ import type { SolidStartSite } from "./SolidStartSite.js";
48
+ export type SolidStartSiteMetadata = ExtractMetadata<SolidStartSite>;
49
+ export type SSRSiteMetadata = NextjsSiteMetadata | AstroSiteMetadata | RemixSiteMetadata | SolidStartSiteMetadata | SvelteKitSiteMetadata;
50
+ export type Metadata = ApiMetadata | ApiGatewayV1ApiMetadata | CognitoMetadata | AppSyncApiMetadata | BucketMetadata | CronMetadata | EventBusMetadata | FunctionMetadata | KinesisStreamMetadata | SlsNextjsMetadata | QueueMetadata | StaticSiteMetadata | TableMetadata | TopicMetadata | WebSocketApiMetadata | RDSMetadata | SSRSiteMetadata;
44
51
  export {};
@@ -61,4 +61,16 @@ export declare class NextjsSite extends SsrSite {
61
61
  private buildDefaultNextjsBehaviorForRegional;
62
62
  private buildDefaultNextjsBehaviorForEdge;
63
63
  protected generateBuildId(): string;
64
+ getConstructMetadata(): {
65
+ data: {
66
+ mode: "placeholder" | "deployed";
67
+ path: string;
68
+ customDomainUrl: string | undefined;
69
+ url: string | undefined;
70
+ edge: boolean | undefined;
71
+ server: string;
72
+ secrets: string[];
73
+ };
74
+ type: "NextjsSite";
75
+ };
64
76
  }
@@ -383,4 +383,10 @@ export class NextjsSite extends SsrSite {
383
383
  const filePath = path.join(this.props.path, ".next/BUILD_ID");
384
384
  return fs.readFileSync(filePath).toString();
385
385
  }
386
+ getConstructMetadata() {
387
+ return {
388
+ type: "NextjsSite",
389
+ ...this.getConstructMetadataBase(),
390
+ };
391
+ }
386
392
  }
@@ -24,4 +24,16 @@ export declare class RemixSite extends SsrSite {
24
24
  private createServerLambdaBundle;
25
25
  protected createFunctionForRegional(): CdkFunction;
26
26
  protected createFunctionForEdge(): EdgeFunction;
27
+ getConstructMetadata(): {
28
+ data: {
29
+ mode: "placeholder" | "deployed";
30
+ path: string;
31
+ customDomainUrl: string | undefined;
32
+ url: string | undefined;
33
+ edge: boolean | undefined;
34
+ server: string;
35
+ secrets: string[];
36
+ };
37
+ type: "RemixSite";
38
+ };
27
39
  }
@@ -137,4 +137,10 @@ export class RemixSite extends SsrSite {
137
137
  },
138
138
  });
139
139
  }
140
+ getConstructMetadata() {
141
+ return {
142
+ type: "RemixSite",
143
+ ...this.getConstructMetadataBase(),
144
+ };
145
+ }
140
146
  }
@@ -99,7 +99,7 @@ export interface ScriptProps {
99
99
  * });
100
100
  * ```
101
101
  */
102
- export declare class Script extends Construct {
102
+ export declare class Script extends Construct implements SSTConstruct {
103
103
  /**
104
104
  * The internally created onCreate `Function` instance.
105
105
  */
@@ -113,6 +113,7 @@ export declare class Script extends Construct {
113
113
  */
114
114
  readonly deleteFunction?: Fn;
115
115
  protected readonly props: ScriptProps;
116
+ readonly id: string;
116
117
  constructor(scope: Construct, id: string, props: ScriptProps);
117
118
  /**
118
119
  * Binds additional resources to the script
@@ -136,4 +137,24 @@ export declare class Script extends Construct {
136
137
  private createCustomResourceFunction;
137
138
  private createCustomResource;
138
139
  private checkDeprecatedFunction;
140
+ /** @internal */
141
+ getConstructMetadata(): {
142
+ type: "Script";
143
+ data: {
144
+ createfn: {
145
+ node: string;
146
+ stack: string;
147
+ } | undefined;
148
+ deletefn: {
149
+ node: string;
150
+ stack: string;
151
+ } | undefined;
152
+ updatefn: {
153
+ node: string;
154
+ stack: string;
155
+ } | undefined;
156
+ };
157
+ };
158
+ /** @internal */
159
+ getFunctionBinding(): undefined;
139
160
  }
@@ -2,8 +2,11 @@ import path from "path";
2
2
  import url from "url";
3
3
  import { Construct } from "constructs";
4
4
  import { CustomResource, Duration } from "aws-cdk-lib/core";
5
- import * as lambda from "aws-cdk-lib/aws-lambda";
5
+ import { PolicyStatement } from "aws-cdk-lib/aws-iam";
6
+ import { Code, Runtime, Function as CdkFunction } from "aws-cdk-lib/aws-lambda";
7
+ import { Stack } from "./Stack.js";
6
8
  import { Function as Fn, } from "./Function.js";
9
+ import { getFunctionRef, } from "./Construct.js";
7
10
  const __dirname = path.dirname(url.fileURLToPath(import.meta.url));
8
11
  /////////////////////
9
12
  // Construct
@@ -37,8 +40,10 @@ export class Script extends Construct {
37
40
  */
38
41
  deleteFunction;
39
42
  props;
43
+ id;
40
44
  constructor(scope, id, props) {
41
45
  super(scope, id);
46
+ this.id = id;
42
47
  if (props.function)
43
48
  this.checkDeprecatedFunction();
44
49
  // Validate deprecated "function" prop
@@ -112,12 +117,18 @@ export class Script extends Construct {
112
117
  });
113
118
  }
114
119
  createCustomResourceFunction() {
115
- const handler = new lambda.Function(this, "ScriptHandler", {
116
- code: lambda.Code.fromAsset(path.join(__dirname, "../support/script-function")),
117
- runtime: lambda.Runtime.NODEJS_16_X,
120
+ const handler = new CdkFunction(this, "ScriptHandler", {
121
+ code: Code.fromAsset(path.join(__dirname, "../support/script-function")),
122
+ runtime: Runtime.NODEJS_16_X,
118
123
  handler: "index.handler",
119
124
  timeout: Duration.minutes(15),
120
125
  memorySize: 1024,
126
+ initialPolicy: [
127
+ new PolicyStatement({
128
+ actions: ["cloudformation:DescribeStacks"],
129
+ resources: [Stack.of(this).stackId],
130
+ }),
131
+ ],
121
132
  });
122
133
  this.createFunction?.grantInvoke(handler);
123
134
  this.updateFunction?.grantInvoke(handler);
@@ -151,4 +162,19 @@ export class Script extends Construct {
151
162
  checkDeprecatedFunction() {
152
163
  throw new Error(`The "function" property has been replaced by "onCreate" and "onUpdate". More details on upgrading - https://docs.sst.dev/constructs/Script#upgrading-to-v0460`);
153
164
  }
165
+ /** @internal */
166
+ getConstructMetadata() {
167
+ return {
168
+ type: "Script",
169
+ data: {
170
+ createfn: getFunctionRef(this.createFunction),
171
+ deletefn: getFunctionRef(this.deleteFunction),
172
+ updatefn: getFunctionRef(this.updateFunction),
173
+ },
174
+ };
175
+ }
176
+ /** @internal */
177
+ getFunctionBinding() {
178
+ return undefined;
179
+ }
154
180
  }
@@ -21,4 +21,16 @@ export declare class SolidStartSite extends SsrSite {
21
21
  };
22
22
  protected createFunctionForRegional(): CdkFunction;
23
23
  protected createFunctionForEdge(): EdgeFunction;
24
+ getConstructMetadata(): {
25
+ data: {
26
+ mode: "placeholder" | "deployed";
27
+ path: string;
28
+ customDomainUrl: string | undefined;
29
+ url: string | undefined;
30
+ edge: boolean | undefined;
31
+ server: string;
32
+ secrets: string[];
33
+ };
34
+ type: "SolidStartSite";
35
+ };
24
36
  }
@@ -58,4 +58,10 @@ export class SolidStartSite extends SsrSite {
58
58
  },
59
59
  });
60
60
  }
61
+ getConstructMetadata() {
62
+ return {
63
+ type: "SolidStartSite",
64
+ ...this.getConstructMetadataBase(),
65
+ };
66
+ }
61
67
  }
@@ -12,7 +12,6 @@ import { Size } from "./util/size.js";
12
12
  import { Duration } from "./util/duration.js";
13
13
  import { Permissions } from "./util/permission.js";
14
14
  import { FunctionBindingProps } from "./util/functionBinding.js";
15
- type SsrSiteType = "NextjsSite" | "RemixSite" | "AstroSite" | "SolidStartSite" | "SvelteKitSite";
16
15
  export type SsrBuildConfig = {
17
16
  typesPath: string;
18
17
  serverBuildOutputFile: string;
@@ -209,7 +208,7 @@ type SsrSiteNormalizedProps = SsrSiteProps & {
209
208
  * });
210
209
  * ```
211
210
  */
212
- export declare class SsrSite extends Construct implements SSTConstruct {
211
+ export declare abstract class SsrSite extends Construct implements SSTConstruct {
213
212
  readonly id: string;
214
213
  protected props: SsrSiteNormalizedProps;
215
214
  private doNotDeploy;
@@ -254,17 +253,18 @@ export declare class SsrSite extends Construct implements SSTConstruct {
254
253
  */
255
254
  attachPermissions(permissions: Permissions): void;
256
255
  /** @internal */
257
- getConstructMetadata(): {
258
- type: SsrSiteType;
256
+ protected getConstructMetadataBase(): {
259
257
  data: {
260
258
  mode: "placeholder" | "deployed";
261
259
  path: string;
262
260
  customDomainUrl: string | undefined;
261
+ url: string | undefined;
263
262
  edge: boolean | undefined;
264
263
  server: string;
265
264
  secrets: string[];
266
265
  };
267
266
  };
267
+ abstract getConstructMetadata(): ReturnType<SSTConstruct["getConstructMetadata"]>;
268
268
  /** @internal */
269
269
  getFunctionBinding(): FunctionBindingProps;
270
270
  protected initBuildConfig(): SsrBuildConfig;
@@ -306,10 +306,10 @@ export declare class SsrSite extends Construct implements SSTConstruct {
306
306
  protected generateBuildId(): string;
307
307
  }
308
308
  export declare const useSites: () => {
309
- add(name: string, type: SsrSiteType, props: SsrSiteNormalizedProps): void;
309
+ add(name: string, type: string, props: SsrSiteNormalizedProps): void;
310
310
  readonly all: {
311
311
  name: string;
312
- type: SsrSiteType;
312
+ type: string;
313
313
  props: SsrSiteNormalizedProps;
314
314
  }[];
315
315
  };
@@ -180,15 +180,15 @@ export class SsrSite extends Construct {
180
180
  attachPermissionsToRole(server?.role, permissions);
181
181
  }
182
182
  /** @internal */
183
- getConstructMetadata() {
183
+ getConstructMetadataBase() {
184
184
  return {
185
- type: this.constructor.name,
186
185
  data: {
187
186
  mode: this.doNotDeploy
188
187
  ? "placeholder"
189
188
  : "deployed",
190
189
  path: this.props.path,
191
190
  customDomainUrl: this.customDomainUrl,
191
+ url: this.url,
192
192
  edge: this.props.edge,
193
193
  server: (this.serverLambdaForDev ||
194
194
  this.serverLambdaForRegional ||
@@ -202,12 +202,8 @@ export class Stack extends CDKStack {
202
202
  });
203
203
  }
204
204
  static buildSynthesizer() {
205
- const config = useProject().config;
206
- const customSynethesizerKeys = Object.keys(config.cdk || {}).filter((key) => key.startsWith("qualifier"));
207
- if (customSynethesizerKeys.length === 0) {
208
- return;
209
- }
210
- return new DefaultStackSynthesizer({
205
+ const { config } = useProject();
206
+ const props = {
211
207
  qualifier: config.cdk?.qualifier,
212
208
  fileAssetsBucketName: config.cdk?.fileAssetsBucketName,
213
209
  deployRoleArn: config.cdk?.deployRoleArn,
@@ -215,7 +211,11 @@ export class Stack extends CDKStack {
215
211
  imageAssetPublishingRoleArn: config.cdk?.imageAssetPublishingRoleArn,
216
212
  cloudFormationExecutionRole: config.cdk?.cloudFormationExecutionRole,
217
213
  lookupRoleArn: config.cdk?.lookupRoleArn,
218
- });
214
+ };
215
+ const isEmpty = Object.values(props).every((v) => v === undefined);
216
+ if (isEmpty)
217
+ return;
218
+ return new DefaultStackSynthesizer(props);
219
219
  }
220
220
  // eslint-disable-next-line @typescript-eslint/no-explicit-any
221
221
  static checkForPropsIsConstruct(id, props) {
@@ -466,6 +466,9 @@ interface ImportMeta {
466
466
  viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
467
467
  functionAssociations: [
468
468
  {
469
+ // Note: this is required in Frameworks like Astro where `index.html`
470
+ // is required in the URL path.
471
+ // https://docs.astro.build/en/guides/deploy/aws/#cloudfront-functions-setup
469
472
  function: new CfFunction(this, "CloudFrontFunction", {
470
473
  code: CfFunctionCode.fromInline(`
471
474
  function handler(event) {
@@ -24,4 +24,16 @@ export declare class SvelteKitSite extends SsrSite {
24
24
  protected createFunctionForRegional(): CdkFunction;
25
25
  protected createFunctionForEdge(): EdgeFunction;
26
26
  protected generateBuildId(): string;
27
+ getConstructMetadata(): {
28
+ data: {
29
+ mode: "placeholder" | "deployed";
30
+ path: string;
31
+ customDomainUrl: string | undefined;
32
+ url: string | undefined;
33
+ edge: boolean | undefined;
34
+ server: string;
35
+ secrets: string[];
36
+ };
37
+ type: "SvelteKitSite";
38
+ };
27
39
  }
@@ -98,4 +98,10 @@ export class SvelteKitSite extends SsrSite {
98
98
  const content = fs.readFileSync(filePath).toString();
99
99
  return JSON.parse(content).version;
100
100
  }
101
+ getConstructMetadata() {
102
+ return {
103
+ type: "SvelteKitSite",
104
+ ...this.getConstructMetadataBase(),
105
+ };
106
+ }
101
107
  }
@@ -42,6 +42,7 @@ export declare const useResponse: () => {
42
42
  cookie(input: {
43
43
  key: string;
44
44
  value: string;
45
+ encrypted?: string;
45
46
  } & CookieOptions): any;
46
47
  status(code: number): any;
47
48
  header(key: string, value: string): any;
package/node/api/index.js CHANGED
@@ -75,6 +75,12 @@ export const useResponse = /* @__PURE__ */ Context.memo(() => {
75
75
  return result;
76
76
  },
77
77
  cookie(input) {
78
+ input = {
79
+ secure: true,
80
+ sameSite: "None",
81
+ httpOnly: true,
82
+ ...input,
83
+ };
78
84
  const value = encodeURIComponent(input.value);
79
85
  const parts = [input.key + "=" + value];
80
86
  if (input.domain)
@@ -0,0 +1,16 @@
1
+ import { APIGatewayProxyStructuredResultV2 } from "aws-lambda";
2
+ export declare function CodeAdapter(config: {
3
+ length?: number;
4
+ onCode: (code: string, claims: Record<string, any>) => Promise<APIGatewayProxyStructuredResultV2>;
5
+ }): () => Promise<{
6
+ type: "step";
7
+ properties: APIGatewayProxyStructuredResultV2;
8
+ } | {
9
+ type: "error";
10
+ properties?: undefined;
11
+ } | {
12
+ type: "success";
13
+ properties: {
14
+ claims: any;
15
+ };
16
+ }>;
@@ -0,0 +1,67 @@
1
+ import { useCookie, usePathParam, useQueryParam, useQueryParams, useResponse, } from "../../../api/index.js";
2
+ import { randomBytes } from "crypto";
3
+ import { decrypt, encrypt } from "../encryption.js";
4
+ export function CodeAdapter(config) {
5
+ const length = config.length || 6;
6
+ function generate() {
7
+ const buffer = randomBytes(length);
8
+ const otp = Array.from(buffer)
9
+ .map((byte) => byte % 10)
10
+ .join("");
11
+ return otp;
12
+ }
13
+ return async function () {
14
+ const step = usePathParam("step");
15
+ if (step === "authorize") {
16
+ const code = generate();
17
+ const claims = useQueryParams();
18
+ delete claims["client_id"];
19
+ delete claims["redirect_uri"];
20
+ delete claims["response_type"];
21
+ delete claims["provider"];
22
+ useResponse().cookies({
23
+ sst_code: encrypt(code),
24
+ sst_claims: encrypt(JSON.stringify(claims)),
25
+ }, {
26
+ maxAge: 3600,
27
+ secure: true,
28
+ sameSite: "None",
29
+ httpOnly: true,
30
+ });
31
+ return {
32
+ type: "step",
33
+ properties: await config.onCode(code, claims),
34
+ };
35
+ }
36
+ if (step === "callback") {
37
+ const code = decrypt(useCookie("sst_code"));
38
+ const claims = decrypt(useCookie("sst_claims"));
39
+ if (!code || !claims) {
40
+ return {
41
+ type: "error",
42
+ };
43
+ }
44
+ const compare = useQueryParam("code");
45
+ if (code !== compare) {
46
+ return {
47
+ type: "error",
48
+ };
49
+ }
50
+ useResponse().cookies({
51
+ sst_code: "",
52
+ sst_claims: "",
53
+ }, {
54
+ expires: new Date(1),
55
+ });
56
+ return {
57
+ type: "success",
58
+ properties: {
59
+ claims: JSON.parse(claims),
60
+ },
61
+ };
62
+ }
63
+ return {
64
+ type: "error",
65
+ };
66
+ };
67
+ }
@@ -0,0 +1,2 @@
1
+ export declare function encrypt(data: string): string;
2
+ export declare function decrypt(data: string): string | undefined;
@@ -0,0 +1,30 @@
1
+ import { createCipheriv, createDecipheriv, createHash, randomBytes, } from "crypto";
2
+ import { Config } from "../../config/index.js";
3
+ export function encrypt(data) {
4
+ // @ts-expect-error
5
+ const key = Config[process.env.AUTH_ID + "PrivateKey"];
6
+ const hashed = createHash("sha256").update(key).digest();
7
+ const iv = randomBytes(16); // Generate a random IV (Initialization Vector)
8
+ const cipher = createCipheriv("aes-256-cbc", hashed, iv);
9
+ let encrypted = cipher.update(data, "utf8", "hex");
10
+ encrypted += cipher.final("hex");
11
+ return JSON.stringify({
12
+ i: iv.toString("hex"),
13
+ d: encrypted,
14
+ });
15
+ }
16
+ export function decrypt(data) {
17
+ // @ts-expect-error
18
+ const key = Config[process.env.AUTH_ID + "PrivateKey"];
19
+ const hashed = createHash("sha256").update(key).digest();
20
+ try {
21
+ const parsed = JSON.parse(data);
22
+ const decipher = createDecipheriv("aes-256-cbc", hashed, Buffer.from(parsed.i, "hex"));
23
+ let decrypted = decipher.update(parsed.d, "hex", "utf8");
24
+ decrypted += decipher.final("utf8");
25
+ return decrypted;
26
+ }
27
+ catch {
28
+ return;
29
+ }
30
+ }
@@ -23,9 +23,6 @@ const onSuccessResponse = {
23
23
  Location: "/authorize?" +
24
24
  new URLSearchParams({
25
25
  provider,
26
- response_type: useCookie("response_type"),
27
- client_id: useCookie("client_id"),
28
- redirect_uri: useCookie("redirect_uri"),
29
26
  }).toString(),
30
27
  },
31
28
  },
@@ -128,7 +125,10 @@ export function AuthHandler(input) {
128
125
  body: "Missing provider",
129
126
  };
130
127
  }
131
- const { response_type, client_id, redirect_uri, state } = useQueryParams();
128
+ const { response_type, client_id, redirect_uri, state } = {
129
+ ...useCookies(),
130
+ ...useQueryParams(),
131
+ };
132
132
  if (!provider) {
133
133
  return {
134
134
  statusCode: 400,
@@ -199,13 +199,20 @@ export function AuthHandler(input) {
199
199
  type,
200
200
  properties,
201
201
  });
202
- useResponse().cookie({
202
+ useResponse()
203
+ .cookie({
203
204
  key: "sst_auth_token",
204
205
  value: token,
205
206
  maxAge: 10 * 365 * 24 * 60 * 60,
206
- secure: true,
207
- sameSite: "None",
208
- httpOnly: true,
207
+ })
208
+ .cookies({
209
+ provider: "",
210
+ response_type: "",
211
+ client_id: "",
212
+ redirect_uri: "",
213
+ state: "",
214
+ }, {
215
+ expires: new Date(1),
209
216
  });
210
217
  const { client_id, response_type, redirect_uri, state } = {
211
218
  ...useCookies(),
@@ -9,7 +9,9 @@ export * from "./adapter/facebook.js";
9
9
  export * from "./adapter/microsoft.js";
10
10
  export * from "./adapter/oauth.js";
11
11
  export * from "./adapter/spotify.js";
12
+ export * from "./adapter/code.js";
12
13
  export type { Adapter } from "./adapter/adapter.js";
13
14
  export * from "./session.js";
14
15
  export * from "./handler.js";
16
+ export * from "./encryption.js";
15
17
  export { Issuer } from "openid-client";