Skip to content

Commit ea5d9b8

Browse files
authored
v3.1.4 (#100)
* v3.1.4 - Account for idToken in SSR scenarios for httpOnly - Typing updates * update local refresh * typing update * Update package.json
1 parent 9ad54bd commit ea5d9b8

File tree

15 files changed

+137
-43
lines changed

15 files changed

+137
-43
lines changed

commands/build.ts

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
import type { NuxtModule } from '@nuxt/schema'
22
import { existsSync, promises as fsp } from 'node:fs'
3-
import { pathToFileURL } from 'url'
4-
import { resolve } from 'path'
3+
import { pathToFileURL } from 'node:url'
4+
import { resolve } from 'node:path'
55
import { defineCommand } from 'citty'
66

77
export default defineCommand({
@@ -57,9 +57,9 @@ export default defineCommand({
5757
},
5858
externals: [
5959
'#app',
60+
'#vue-router',
6061
'@refactorjs/ofetch',
6162
'ofetch',
62-
'vue-router',
6363
'@nuxt/schema',
6464
'@nuxt/schema-edge',
6565
'@nuxt/kit',

package.json

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "@nuxt-alt/auth",
3-
"version": "3.1.3",
3+
"version": "3.1.4",
44
"description": "An alternative module to @nuxtjs/auth",
55
"homepage": "https://github.com/nuxt-alt/auth",
66
"author": "Denoder",
@@ -37,7 +37,7 @@
3737
},
3838
"dependencies": {
3939
"@nuxt-alt/http": "latest",
40-
"@nuxt/kit": "^3.8.2",
40+
"@nuxt/kit": "^3.9.1",
4141
"@refactorjs/serialize": "latest",
4242
"cookie-es": "^1.0.0",
4343
"defu": "^6.1.3",
@@ -49,12 +49,11 @@
4949
},
5050
"devDependencies": {
5151
"@nuxt-alt/proxy": "^2.4.8",
52-
"@nuxt/schema": "^3.8.2",
53-
"@nuxt/ui": "^2.10.0",
52+
"@nuxt/schema": "^3.9.1",
5453
"@nuxtjs/i18n": "next",
5554
"@types/node": "^20",
5655
"jiti": "^1.21.0",
57-
"nuxt": "^3.9.0",
56+
"nuxt": "^3.9.1",
5857
"typescript": "^5.3.3",
5958
"unbuild": "^2.0.0"
6059
},

src/runtime/core/auth.ts

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,6 @@
11
import type { HTTPRequest, HTTPResponse, Scheme, SchemeCheck, TokenableScheme, RefreshableScheme, ModuleOptions, Route, AuthState, } from '../../types';
22
import { ExpiredAuthSessionError } from '../inc/expired-auth-session-error';
33
import type { NuxtApp } from '#app';
4-
import type { Router } from 'vue-router';
54
import { isSet, getProp, isRelativeURL, routeMeta, hasOwn } from '../../utils';
65
import { Storage } from './storage';
76
import { isSamePath, withQuery } from 'ufo';
@@ -190,7 +189,7 @@ export class Auth {
190189
const enableTokenValidation = !this.#tokenValidationInterval && this.refreshStrategy.token && this.options.tokenValidationInterval
191190

192191
this.$storage.watchState('loggedIn', (loggedIn: boolean) => {
193-
if (hasOwn((this.ctx.$router as Router).currentRoute.value.meta, 'auth') && !routeMeta((this.ctx.$router as Router).currentRoute.value, 'auth', false)) {
192+
if (hasOwn(this.ctx.$router.currentRoute.value.meta, 'auth') && !routeMeta(this.ctx.$router.currentRoute.value, 'auth', false)) {
194193
this.redirect(loggedIn ? 'home' : 'logout');
195194
}
196195

@@ -448,7 +447,7 @@ export class Auth {
448447
return;
449448
}
450449

451-
const currentRoute = (this.ctx.$router as Router).currentRoute.value;
450+
const currentRoute = this.ctx.$router.currentRoute.value;
452451
const nuxtRoute = this.options.fullPathRedirect ? currentRoute.fullPath : currentRoute.path
453452
const from = route ? (this.options.fullPathRedirect ? route.fullPath : route.path) : nuxtRoute;
454453

@@ -498,7 +497,7 @@ export class Auth {
498497
return globalThis.location.replace(to)
499498
}
500499
else {
501-
return (this.ctx.$router as Router).push(typeof this.ctx.$localePath === 'function' ? this.ctx.$localePath(to) : to);
500+
return this.ctx.$router.push(typeof this.ctx.$localePath === 'function' ? this.ctx.$localePath(to) : to);
502501
}
503502
}
504503

src/runtime/inc/configuration-document.ts

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,8 +5,7 @@ import { Storage } from '../core/storage';
55
import { defu } from 'defu';
66

77
// eslint-disable-next-line no-console
8-
const ConfigurationDocumentWarning = (message: string) =>
9-
console.warn(`[AUTH] [OPENID CONNECT] Invalid configuration. ${message}`);
8+
const ConfigurationDocumentWarning = (message: string) => console.warn(`[AUTH] [OPENID CONNECT] Invalid configuration. ${message}`);
109

1110
/**
1211
* A metadata document that contains most of the OpenID Provider's information,

src/runtime/inc/default-properties.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@ export const OAUTH2DEFAULTS = {
3131
maxAge: 1800,
3232
prefix: '_id_token.',
3333
expirationPrefix: '_id_token_expiration.',
34+
httpOnly: false,
3435
},
3536
refreshToken: {
3637
property: 'refresh_token',
@@ -84,6 +85,7 @@ export const LOCALDEFAULTS = {
8485
required: true,
8586
prefix: '_token.',
8687
expirationPrefix: '_token_expiration.',
88+
httpOnly: false
8789
},
8890
refreshToken: {
8991
property: 'refresh_token',

src/runtime/inc/id-token.ts

Lines changed: 18 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -28,32 +28,41 @@ export class IdToken {
2828
return idToken;
2929
}
3030

31-
sync(): string | boolean {
31+
sync(): string | boolean | void | null | undefined {
3232
const idToken = this.#syncToken();
3333
this.#syncExpiration();
3434

3535
return idToken;
3636
}
3737

3838
reset() {
39-
this.#setToken(false);
40-
this.#setExpiration(false);
39+
this.scheme.requestHandler!.clearHeader();
40+
this.#resetSSRToken();
41+
this.#setToken(undefined);
42+
this.#setExpiration(undefined);
4143
}
4244

4345
status(): TokenStatus {
4446
return new TokenStatus(this.get(), this.#getExpiration());
4547
}
4648

49+
#resetSSRToken(): void {
50+
if (this.scheme.options.ssr && this.scheme.options.idToken?.httpOnly) {
51+
const key = this.scheme.options.idToken!.prefix + this.scheme.name;
52+
this.scheme.$auth.request({ baseURL: '', url: '/_auth/reset', body: new URLSearchParams({ token: key }), method: 'POST' })
53+
}
54+
}
55+
4756
#getExpiration(): number | false {
4857
const key = this.scheme.options.idToken.expirationPrefix + this.scheme.name;
4958

5059
return this.$storage.getUniversal(key) as number | false;
5160
}
5261

53-
#setExpiration(expiration: number | false): number | false {
62+
#setExpiration(expiration: number | false | undefined | null): number | false | void | null | undefined {
5463
const key = this.scheme.options.idToken.expirationPrefix + this.scheme.name;
5564

56-
return this.$storage.setUniversal(key, expiration) as number | false;
65+
return this.$storage.setUniversal(key, expiration);
5766
}
5867

5968
#syncExpiration(): number | false {
@@ -63,7 +72,7 @@ export class IdToken {
6372
return this.$storage.syncUniversal(key) as number | false;
6473
}
6574

66-
#updateExpiration(idToken: string | boolean): number | false | void {
75+
#updateExpiration(idToken: string | boolean): number | false | void | null | undefined {
6776
let idTokenExpiration: number;
6877
const tokenIssuedAtMillis = Date.now();
6978
const tokenTTLMillis = Number(this.scheme.options.idToken.maxAge) * 1000;
@@ -85,16 +94,16 @@ export class IdToken {
8594
return this.#setExpiration(idTokenExpiration || false);
8695
}
8796

88-
#setToken(idToken: string | boolean): string | boolean {
97+
#setToken(idToken: string | boolean | undefined | null): string | boolean | void | null | undefined {
8998
const key = this.scheme.options.idToken.prefix + this.scheme.name;
9099

91100
return this.$storage.setUniversal(key, idToken) as string | boolean;
92101
}
93102

94-
#syncToken(): string | boolean {
103+
#syncToken(): string | boolean | void | null | undefined {
95104
const key = this.scheme.options.idToken.prefix + this.scheme.name;
96105

97-
return this.$storage.syncUniversal(key) as string | boolean;
106+
return this.$storage.syncUniversal(key)
98107
}
99108

100109
userInfo() {

src/runtime/inc/request-handler.ts

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -36,8 +36,8 @@ export class RequestHandler {
3636
initializeRequestInterceptor(refreshEndpoint?: string | Request): void {
3737
this.requestInterceptor = this.http.onRequest(
3838
async (config: FetchConfig) => {
39-
// Set the token on the client side
40-
if (this.scheme.options.token && this.scheme.options.token.httpOnly && this.currentToken) {
39+
// Set the token on the client side if not set
40+
if (this.scheme.options.token && this.currentToken) {
4141
this.setHeader(this.currentToken)
4242
}
4343

src/runtime/schemes/oauth2.ts

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,6 @@
11
import type { RefreshableScheme, SchemePartialOptions, SchemeCheck, RefreshableSchemeOptions, UserOptions, SchemeOptions, HTTPResponse, EndpointsOption, TokenableSchemeOptions } from '../../types';
22
import type { IncomingMessage } from 'node:http';
33
import type { Auth } from '../core';
4-
import type { Router } from 'vue-router';
54
import { getProp, normalizePath, randomString, removeTokenPrefix, parseQuery } from '../../utils';
65
import { RefreshController, RequestHandler, ExpiredAuthSessionError, Token, RefreshToken } from '../inc';
76
import { joinURL, withQuery } from 'ufo';
@@ -66,6 +65,7 @@ const DEFAULTS: SchemePartialOptions<Oauth2SchemeOptions> = {
6665
global: true,
6766
prefix: '_token.',
6867
expirationPrefix: '_token_expiration.',
68+
httpOnly: false
6969
},
7070
refreshToken: {
7171
property: 'refresh_token',
@@ -352,7 +352,7 @@ export class Oauth2Scheme<OptionsT extends Oauth2SchemeOptions = Oauth2SchemeOpt
352352
}
353353

354354
async #handleCallback(): Promise<boolean | void> {
355-
const route = (this.$auth.ctx.$router as Router).currentRoute.value
355+
const route = this.$auth.ctx.$router.currentRoute.value
356356

357357
// Handle callback only for specified route
358358
if (this.$auth.options.redirect && normalizePath(route.path, this.$auth.ctx) !== normalizePath(this.$auth.options.redirect.callback as string, this.$auth.ctx)) {
@@ -404,7 +404,7 @@ export class Oauth2Scheme<OptionsT extends Oauth2SchemeOptions = Oauth2SchemeOpt
404404
},
405405
body: new URLSearchParams({
406406
code: parsedQuery.code as string,
407-
client_id: this.options.clientId as string,
407+
client_id: this.options.clientId,
408408
redirect_uri: this.redirectURI,
409409
response_type: this.options.responseType,
410410
audience: this.options.audience,

src/runtime/schemes/openIDConnect.ts

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@ const DEFAULTS: SchemePartialOptions<OpenIDConnectSchemeOptions> = {
2626
maxAge: 1800,
2727
prefix: '_id_token.',
2828
expirationPrefix: '_id_token_expiration.',
29+
httpOnly: false,
2930
},
3031
fetchRemote: false,
3132
codeChallengeMethod: 'S256',
@@ -175,7 +176,7 @@ export class OpenIDConnectScheme<OptionsT extends OpenIDConnectSchemeOptions = O
175176
}
176177

177178
async #handleCallback() {
178-
const route = (this.$auth.ctx.$router as Router).currentRoute.value;
179+
const route = this.$auth.ctx.$router.currentRoute.value;
179180

180181
// Handle callback only for specified route
181182
if (this.$auth.options.redirect && normalizePath(route.path, this.$auth.ctx) !== normalizePath(this.$auth.options.redirect.callback as string, this.$auth.ctx)) {

src/runtime/schemes/refresh.ts

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -149,13 +149,10 @@ export class RefreshScheme<OptionsT extends RefreshSchemeOptions = RefreshScheme
149149
}
150150

151151
// Add grant type to payload if defined
152-
if (this.options.grantType) {
153-
endpoint.body!.grant_type = 'refresh_token';
154-
}
152+
endpoint.body!.grant_type = 'refresh_token';
155153

156154
cleanObj(endpoint.body!);
157155

158-
// @ts-ignore
159156
if (this.options.ssr) {
160157
endpoint.baseURL = ''
161158
}

0 commit comments

Comments
 (0)