@auth/core - npm Package Compare versions

Comparing version 0.28.0 to 0.28.1

adapters.d.ts

		@@ -137,3 +137,3 @@ /**
		*
		* There is a test suite [available](https://github.com/nextauthjs/next-auth/tree/main/packages/utils/adapter/index.ts)
		* There is a test suite [available](https://github.com/nextauthjs/next-auth/blob/main/packages/utils/adapter.ts)
		* to ensure that your adapter is compatible with Auth.js.
		@@ -140,0 +140,0 @@ *

adapters.js

		@@ -137,3 +137,3 @@ /**
		*
		* There is a test suite [available](https://github.com/nextauthjs/next-auth/tree/main/packages/utils/adapter/index.ts)
		* There is a test suite [available](https://github.com/nextauthjs/next-auth/blob/main/packages/utils/adapter.ts)
		* to ensure that your adapter is compatible with Auth.js.
		@@ -140,0 +140,0 @@ *

errors.js

		@@ -29,3 +29,3 @@ /**
		const url = `https://errors.authjs.dev#${this.type.toLowerCase()}`;
		this.message += `${this.message ? " ." : ""}Read more at ${url}`;
		this.message += `${this.message ? ". " : ""}Read more at ${url}`;
		}
		@@ -32,0 +32,0 @@ }

index.d.ts

		@@ -184,5 +184,6 @@ /**
		* ```ts
		* // /pages/api/auth/[...nextauth].js
		* // /auth.ts
		* import log from "logging-service"
		* export default NextAuth({
		*
		* export const { handlers, auth, signIn, signOut } = NextAuth({
		* logger: {
		@@ -298,3 +299,3 @@ * error(code, ...message) {
		*
		* @default "/auth"
		* @default "/api/auth" in "next-auth"; "/auth" with all other frameworks
		*/
		@@ -301,0 +302,0 @@ basePath?: string;

index.js

		@@ -134,4 +134,4 @@ /**
		const pageKind = (isAuthError && error.kind) \|\| "error";
		const pagePath = config.pages?.[pageKind] ?? `/${pageKind.toLowerCase()}`;
		const url = `${internalRequest.url.origin}${config.basePath}${pagePath}?${params}`;
		const pagePath = config.pages?.[pageKind] ?? `${config.basePath}/${pageKind.toLowerCase()}`;
		const url = `${internalRequest.url.origin}${pagePath}?${params}`;
		if (isRedirect)
		@@ -138,0 +138,0 @@ return Response.json({ url });

lib/actions/callback/oauth/csrf-token.js

		@@ -38,3 +38,3 @@ import { createHash, randomString } from "../../../utils/web.js";
		return;
		throw new MissingCSRF(`CSRF token was missing during an action ${action}.`);
		throw new MissingCSRF(`CSRF token was missing during an action ${action}`);
		}

lib/utils/env.js

		@@ -0,1 +1,3 @@
		import { MissingSecret } from "../../errors.js";
		import { logger } from "./logger.js";
		/** Set default env variables on the config object */
		@@ -24,2 +26,5 @@ export function setEnvDefaults(envObject, config) {
		}
		if (!config.secret?.length) {
		throw new MissingSecret("Missing secret, please set AUTH_SECRET or config.secret");
		}
		config.redirectProxyUrl ?? (config.redirectProxyUrl = envObject.AUTH_REDIRECT_PROXY_URL);
		@@ -48,11 +53,26 @@ config.trustHost ?? (config.trustHost = !!(envObject.AUTH_URL ??
		export function createActionURL(action, protocol, headers, envObject, basePath) {
		let url = envObject.AUTH_URL ?? envObject.NEXTAUTH_URL;
		if (!url) {
		const host = headers.get("x-forwarded-host") ?? headers.get("host");
		if (!host)
		throw new TypeError("Missing host");
		const proto = headers.get("x-forwarded-proto") ?? protocol;
		url = `${proto === "http" ? "http" : "https"}://${host}${basePath}`;
		let envUrl = envObject.AUTH_URL ?? envObject.NEXTAUTH_URL;
		let url;
		if (envUrl) {
		url = new URL(envUrl);
		if (basePath && basePath !== "/" && url.pathname !== "/") {
		logger.warn(url.pathname === basePath
		? "env-url-basepath-redundant"
		: "env-url-basepath-mismatch");
		url.pathname = "/";
		}
		}
		return new URL(`${url.replace(/\/$/, "")}/${action}`);
		else {
		const detectedHost = headers.get("x-forwarded-host") ?? headers.get("host");
		const detectedProtocol = headers.get("x-forwarded-proto") ?? protocol ?? "https";
		url = new URL(`${detectedProtocol}://${detectedHost}`);
		}
		// remove trailing slash
		const sanitizedUrl = url.toString().replace(/\/$/, "");
		if (basePath) {
		// remove leading and trailing slash
		const sanitizedBasePath = basePath?.replace(/(^\/\|\/$)/g, "") ?? "";
		return new URL(`${sanitizedUrl}/${sanitizedBasePath}/${action}`);
		}
		return new URL(`${sanitizedUrl}/${action}`);
		}

lib/utils/logger.d.ts

		@@ -1,2 +0,2 @@
		export type WarningCode = "debug-enabled" \| "csrf-disabled" \| "experimental-webauthn";
		export type WarningCode = "debug-enabled" \| "csrf-disabled" \| "experimental-webauthn" \| "env-url-basepath-redundant" \| "env-url-basepath-mismatch";
		/**
		@@ -3,0 +3,0 @@ * Override any of the methods, and the rest will use the default logger.

lib/utils/webauthn-utils.js

		@@ -121,3 +121,3 @@ import { AdapterError, AuthError, InvalidProvider, MissingAdapter, WebAuthnVerificationError, } from "../../errors.js";
		typeof data.id !== "string") {
		throw new AuthError("Invalid WebAuthn Authentication response.");
		throw new AuthError("Invalid WebAuthn Authentication response");
		}
		@@ -199,3 +199,3 @@ // Reset the ID so we smooth out implementation differences
		typeof data.id !== "string") {
		throw new AuthError("Invalid WebAuthn Registration response.");
		throw new AuthError("Invalid WebAuthn Registration response");
		}
		@@ -205,3 +205,3 @@ // Get challenge from request cookies
		if (!user) {
		throw new AuthError("Missing user registration data in WebAuthn challenge cookie.");
		throw new AuthError("Missing user registration data in WebAuthn challenge cookie");
		}
		@@ -225,3 +225,3 @@ // Verify the response
		if (!verification.verified \|\| !verification.registrationInfo) {
		throw new WebAuthnVerificationError("WebAuthn registration response could not be verified.");
		throw new WebAuthnVerificationError("WebAuthn registration response could not be verified");
		}
		@@ -228,0 +228,0 @@ // Build a new account

package.json

		{
		"name": "@auth/core",
		"version": "0.28.0",
		"version": "0.28.1",
		"description": "Authentication for the Web.",
		@@ -5,0 +5,0 @@ "keywords": [

providers/credentials.d.ts

		@@ -46,3 +46,5 @@ import type { CommonProviderOptions } from "./index.js";
		* async authorize(credentials, request) { // you have access to the original request as well
		* if(!isValidCredentials(credentials)) return null
		* if(!isValidCredentials(credentials)) {
		* throw new CustomError()
		* }
		* return await getUser(credentials) // assuming it returns a User or null
		@@ -49,0 +51,0 @@ * }

src/adapters.ts

		@@ -137,3 +137,3 @@ /**
		*
		* There is a test suite [available](https://github.com/nextauthjs/next-auth/tree/main/packages/utils/adapter/index.ts)
		* There is a test suite [available](https://github.com/nextauthjs/next-auth/blob/main/packages/utils/adapter.ts)
		* to ensure that your adapter is compatible with Auth.js.
		@@ -140,0 +140,0 @@ *

src/errors.ts

		@@ -76,3 +76,3 @@ type ErrorOptions = Error \| Record<string, unknown>
		const url = `https://errors.authjs.dev#${this.type.toLowerCase()}`
		this.message += `${this.message ? " ." : ""}Read more at ${url}`
		this.message += `${this.message ? ". " : ""}Read more at ${url}`
		}
		@@ -79,0 +79,0 @@ }

src/index.ts

		@@ -186,4 +186,5 @@ /**
		const pageKind = (isAuthError && error.kind) \|\| "error"
		const pagePath = config.pages?.[pageKind] ?? `/${pageKind.toLowerCase()}`
		const url = `${internalRequest.url.origin}${config.basePath}${pagePath}?${params}`
		const pagePath =
		config.pages?.[pageKind] ?? `${config.basePath}/${pageKind.toLowerCase()}`
		const url = `${internalRequest.url.origin}${pagePath}?${params}`

		@@ -328,5 +329,6 @@ if (isRedirect) return Response.json({ url })
		* ```ts
		* // /pages/api/auth/[...nextauth].js
		* // /auth.ts
		* import log from "logging-service"
		* export default NextAuth({
		*
		* export const { handlers, auth, signIn, signOut } = NextAuth({
		* logger: {
		@@ -443,5 +445,5 @@ * error(code, ...message) {
		*
		* @default "/auth"
		* @default "/api/auth" in "next-auth"; "/auth" with all other frameworks
		*/
		basePath?: string
		}

src/lib/actions/callback/oauth/csrf-token.ts

		@@ -59,3 +59,3 @@ import { createHash, randomString } from "../../../utils/web.js"
		if (verified) return
		throw new MissingCSRF(`CSRF token was missing during an action ${action}.`)
		throw new MissingCSRF(`CSRF token was missing during an action ${action}`)
		}

src/lib/utils/env.ts

		import type { AuthAction, AuthConfig } from "../../types.js"
		import { MissingSecret } from "../../errors.js"
		import { logger } from "./logger.js"

		@@ -23,2 +25,8 @@ /** Set default env variables on the config object */

		if (!config.secret?.length) {
		throw new MissingSecret(
		"Missing secret, please set AUTH_SECRET or config.secret"
		)
		}

		config.redirectProxyUrl ??= envObject.AUTH_REDIRECT_PROXY_URL
		@@ -55,11 +63,32 @@ config.trustHost ??= !!(
		): URL {
		let url = envObject.AUTH_URL ?? envObject.NEXTAUTH_URL
		if (!url) {
		const host = headers.get("x-forwarded-host") ?? headers.get("host")
		if (!host) throw new TypeError("Missing host")
		const proto = headers.get("x-forwarded-proto") ?? protocol
		url = `${proto === "http" ? "http" : "https"}://${host}${basePath}`
		let envUrl = envObject.AUTH_URL ?? envObject.NEXTAUTH_URL

		let url: URL
		if (envUrl) {
		url = new URL(envUrl)
		if (basePath && basePath !== "/" && url.pathname !== "/") {
		logger.warn(
		url.pathname === basePath
		? "env-url-basepath-redundant"
		: "env-url-basepath-mismatch"
		)
		url.pathname = "/"
		}
		} else {
		const detectedHost = headers.get("x-forwarded-host") ?? headers.get("host")
		const detectedProtocol =
		headers.get("x-forwarded-proto") ?? protocol ?? "https"

		url = new URL(`${detectedProtocol}://${detectedHost}`)
		}

		return new URL(`${url.replace(/\/$/, "")}/${action}`)
		// remove trailing slash
		const sanitizedUrl = url.toString().replace(/\/$/, "")

		if (basePath) {
		// remove leading and trailing slash
		const sanitizedBasePath = basePath?.replace(/(^\/\|\/$)/g, "") ?? ""
		return new URL(`${sanitizedUrl}/${sanitizedBasePath}/${action}`)
		}
		return new URL(`${sanitizedUrl}/${action}`)
		}

src/lib/utils/logger.ts

		import { AuthError } from "../../errors.js"

		export type WarningCode = "debug-enabled" \| "csrf-disabled" \| "experimental-webauthn"
		export type WarningCode =
		\| "debug-enabled"
		\| "csrf-disabled"
		\| "experimental-webauthn"
		\| "env-url-basepath-redundant"
		\| "env-url-basepath-mismatch"


		/**
		@@ -6,0 +12,0 @@ * Override any of the methods, and the rest will use the default logger.

src/lib/utils/webauthn-utils.ts

		@@ -221,3 +221,3 @@ import type { WebAuthnProviderType } from "../../providers/webauthn.js"
		) {
		throw new AuthError("Invalid WebAuthn Authentication response.")
		throw new AuthError("Invalid WebAuthn Authentication response")
		}
		@@ -339,3 +339,3 @@
		) {
		throw new AuthError("Invalid WebAuthn Registration response.")
		throw new AuthError("Invalid WebAuthn Registration response")
		}
		@@ -348,3 +348,3 @@
		throw new AuthError(
		"Missing user registration data in WebAuthn challenge cookie."
		"Missing user registration data in WebAuthn challenge cookie"
		)
		@@ -371,3 +371,3 @@ }
		throw new WebAuthnVerificationError(
		"WebAuthn registration response could not be verified."
		"WebAuthn registration response could not be verified"
		)
		@@ -374,0 +374,0 @@ }

src/providers/credentials.ts

		@@ -54,3 +54,5 @@ import type { CommonProviderOptions } from "./index.js"
		* async authorize(credentials, request) { // you have access to the original request as well
		* if(!isValidCredentials(credentials)) return null
		* if(!isValidCredentials(credentials)) {
		* throw new CustomError()
		* }
		* return await getUser(credentials) // assuming it returns a User or null
		@@ -57,0 +59,0 @@ * }

index.d.ts.map