@aws-amplify/adapter-nextjs - npm Package Compare versions

Comparing version 1.5.2-unstable.318c84e.0 to 1.5.2-unstable.677f466.0

dist/cjs/auth/handlers/handleSignInCallbackRequest.js

@@ -58,3 +58,3 @@ 'use strict';
         userPoolClientId,
-    }), (0, utils_1.createTokenCookiesSetOptions)(setCookieOptions));
+    }), (0, utils_1.createTokenCookiesSetOptions)(setCookieOptions, origin));
     (0, utils_1.appendSetCookieHeaders)(headers, (0, utils_1.createSignInFlowProofCookies)({ state: '', pkce: '' }), (0, utils_1.createAuthFlowProofCookiesRemoveOptions)(setCookieOptions));
@@ -61,0 +61,0 @@ // When Cognito redirects back to `/sign-in-callback`, the referer is Cognito

dist/cjs/auth/handlers/handleSignInCallbackRequestForPagesRouter.js

@@ -55,3 +55,3 @@ 'use strict';
         userPoolClientId,
-    }), (0, utils_1.createTokenCookiesSetOptions)(setCookieOptions));
+    }), (0, utils_1.createTokenCookiesSetOptions)(setCookieOptions, origin));
     (0, utils_1.appendSetCookieHeadersToNextApiResponse)(response, (0, utils_1.createSignInFlowProofCookies)({ state: '', pkce: '' }), (0, utils_1.createAuthFlowProofCookiesRemoveOptions)(setCookieOptions));
@@ -58,0 +58,0 @@ // When Cognito redirects back to `/sign-in-callback`, the referer is Cognito

dist/cjs/auth/handlers/handleSignInSignUpRequest.js

@@ -22,5 +22,3 @@ 'use strict';
         : (0, utils_1.createSignUpEndpoint)(oAuthConfig.domain, redirectUrlSearchParams));
-    (0, utils_1.appendSetCookieHeaders)(headers, (0, utils_1.createSignInFlowProofCookies)({ state, pkce: codeVerifier.value }), (0, utils_1.createAuthFlowProofCookiesSetOptions)(setCookieOptions, {
-        secure: (0, utils_1.isSSLOrigin)(origin),
-    }));
+    (0, utils_1.appendSetCookieHeaders)(headers, (0, utils_1.createSignInFlowProofCookies)({ state, pkce: codeVerifier.value }), (0, utils_1.createAuthFlowProofCookiesSetOptions)(setCookieOptions, origin));
     return new Response(null, {
@@ -27,0 +25,0 @@ status: 302,

dist/cjs/auth/handlers/handleSignInSignUpRequestForPagesRouter.js

@@ -18,5 +18,3 @@ 'use strict';
     });
-    (0, utils_1.appendSetCookieHeadersToNextApiResponse)(response, (0, utils_1.createSignInFlowProofCookies)({ state, pkce: codeVerifier.value }), (0, utils_1.createAuthFlowProofCookiesSetOptions)(setCookieOptions, {
-        secure: (0, utils_1.isSSLOrigin)(origin),
-    }));
+    (0, utils_1.appendSetCookieHeadersToNextApiResponse)(response, (0, utils_1.createSignInFlowProofCookies)({ state, pkce: codeVerifier.value }), (0, utils_1.createAuthFlowProofCookiesSetOptions)(setCookieOptions, origin));
     const redirectUrl = type === 'signIn'
@@ -23,0 +21,0 @@ ? (0, utils_1.createAuthorizeEndpoint)(oAuthConfig.domain, redirectUrlSearchParams)

dist/cjs/auth/handlers/handleSignOutRequest.js

@@ -15,5 +15,3 @@ 'use strict';
     headers.set('Location', (0, utils_1.createLogoutEndpoint)(oAuthConfig.domain, urlSearchParams));
-    (0, utils_1.appendSetCookieHeaders)(headers, (0, utils_1.createSignOutFlowProofCookies)(), (0, utils_1.createAuthFlowProofCookiesSetOptions)(setCookieOptions, {
-        secure: (0, utils_1.isSSLOrigin)(origin),
-    }));
+    (0, utils_1.appendSetCookieHeaders)(headers, (0, utils_1.createSignOutFlowProofCookies)(), (0, utils_1.createAuthFlowProofCookiesSetOptions)(setCookieOptions, origin));
     return new Response(null, {
@@ -20,0 +18,0 @@ status: 302,

dist/cjs/auth/handlers/handleSignOutRequestForPagesRouter.js

@@ -13,5 +13,3 @@ 'use strict';
     });
-    (0, utils_1.appendSetCookieHeadersToNextApiResponse)(response, (0, utils_1.createSignOutFlowProofCookies)(), (0, utils_1.createAuthFlowProofCookiesSetOptions)(setCookieOptions, {
-        secure: (0, utils_1.isSSLOrigin)(origin),
-    }));
+    (0, utils_1.appendSetCookieHeadersToNextApiResponse)(response, (0, utils_1.createSignOutFlowProofCookies)(), (0, utils_1.createAuthFlowProofCookiesSetOptions)(setCookieOptions, origin));
     response.redirect(302, (0, utils_1.createLogoutEndpoint)(oAuthConfig.domain, urlSearchParams));
@@ -18,0 +16,0 @@ };

dist/cjs/auth/utils/authFlowProofCookies.js

@@ -8,2 +8,3 @@ 'use strict';
 const constant_1 = require("../constant");
+const origin_1 = require("./origin");
 const createSignInFlowProofCookies = ({ state, pkce, }) => [
@@ -27,7 +28,7 @@ {
 exports.createSignOutFlowProofCookies = createSignOutFlowProofCookies;
-const createAuthFlowProofCookiesSetOptions = (setCookieOptions, overrides) => ({
+const createAuthFlowProofCookiesSetOptions = (setCookieOptions, origin) => ({
     domain: setCookieOptions?.domain,
     path: '/',
     httpOnly: true,
-    secure: overrides?.secure ?? true,
+    secure: (0, origin_1.isSSLOrigin)(origin),
     sameSite: 'lax',
@@ -34,0 +35,0 @@ maxAge: constant_1.AUTH_FLOW_PROOF_MAX_AGE,

dist/cjs/auth/utils/tokenCookies.js

@@ -10,2 +10,3 @@ 'use strict';
 const getAccessTokenUsername_1 = require("./getAccessTokenUsername");
+const origin_1 = require("./origin");
 const createTokenCookies = ({ tokensPayload, userPoolClientId, }) => {
@@ -37,3 +38,3 @@ const { access_token, id_token, refresh_token } = tokensPayload;
 exports.createTokenRemoveCookies = createTokenRemoveCookies;
-const createTokenCookiesSetOptions = ({ domain, sameSite, expires, maxAge }, overrides) => {
+const createTokenCookiesSetOptions = ({ domain, sameSite, expires, maxAge }, origin) => {
     const result = {
@@ -43,3 +44,3 @@ domain,
         httpOnly: true,
-        secure: overrides?.secure ?? true,
+        secure: (0, origin_1.isSSLOrigin)(origin),
         sameSite: sameSite ?? 'strict',
@@ -46,0 +47,0 @@ expires,

dist/esm/auth/utils/authFlowProofCookies.d.ts

@@ -13,3 +13,3 @@ import { CookieStorage } from 'aws-amplify/adapter-core';
 }[];
-export declare const createAuthFlowProofCookiesSetOptions: (setCookieOptions: CookieStorage.SetCookieOptions, overrides?: Pick<CookieStorage.SetCookieOptions, 'secure'>) => {
+export declare const createAuthFlowProofCookiesSetOptions: (setCookieOptions: CookieStorage.SetCookieOptions, origin: string) => {
     domain: string | undefined;
@@ -16,0 +16,0 @@ path: string;

dist/esm/auth/utils/tokenCookies.d.ts

@@ -14,3 +14,3 @@ import { CookieStorage } from 'aws-amplify/adapter-core';
 }[];
-export declare const createTokenCookiesSetOptions: ({ domain, sameSite, expires, maxAge }: CookieStorage.SetCookieOptions, overrides?: Pick<CookieStorage.SetCookieOptions, 'secure'>) => {
+export declare const createTokenCookiesSetOptions: ({ domain, sameSite, expires, maxAge }: CookieStorage.SetCookieOptions, origin: string) => {
     domain: string | undefined;
@@ -17,0 +17,0 @@ path: string;

package.json

 {
   "author": "Amazon Web Services",
   "name": "@aws-amplify/adapter-nextjs",
-  "version": "1.5.2-unstable.318c84e.0+318c84e",
+  "version": "1.5.2-unstable.677f466.0+677f466",
   "description": "The adapter for the supporting of using Amplify APIs in Next.js.",
   "peerDependencies": {
-    "aws-amplify": "6.13.2-unstable.318c84e.0+318c84e",
+    "aws-amplify": "6.13.2-unstable.677f466.0+677f466",
     "next": ">=13.5.0 <16.0.0"
@@ -17,3 +17,3 @@ },
     "@types/react-dom": "^18.2.6",
-    "aws-amplify": "6.13.2-unstable.318c84e.0+318c84e",
+    "aws-amplify": "6.13.2-unstable.677f466.0+677f466",
     "jest-fetch-mock": "3.0.3",
@@ -73,3 +73,3 @@ "next": ">= 13.5.0 < 15.0.0",
   },
-  "gitHead": "318c84ea9098385016849dcc93392ad589c9f8f4"
+  "gitHead": "677f466716c2467f441642c357a7bbe33f5a1dbe"
 }

src/auth/handlers/handleSignInCallbackRequest.ts

@@ -99,3 +99,3 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 		}),
-		createTokenCookiesSetOptions(setCookieOptions),
+		createTokenCookiesSetOptions(setCookieOptions, origin),
 	);
@@ -102,0 +102,0 @@ appendSetCookieHeaders(

src/auth/handlers/handleSignInCallbackRequestForPagesRouter.ts

@@ -107,3 +107,3 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 			}),
-			createTokenCookiesSetOptions(setCookieOptions),
+			createTokenCookiesSetOptions(setCookieOptions, origin),
 		);
@@ -110,0 +110,0 @@ appendSetCookieHeadersToNextApiResponse(

src/auth/handlers/handleSignInSignUpRequest.ts

@@ -12,3 +12,2 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 	createUrlSearchParamsForSignInSignUp,
-	isSSLOrigin,
 } from '../utils';
@@ -48,5 +47,3 @@
 		createSignInFlowProofCookies({ state, pkce: codeVerifier.value }),
-		createAuthFlowProofCookiesSetOptions(setCookieOptions, {
-			secure: isSSLOrigin(origin),
-		}),
+		createAuthFlowProofCookiesSetOptions(setCookieOptions, origin),
 	);
@@ -53,0 +50,0 @@

src/auth/handlers/handleSignInSignUpRequestForPagesRouter.ts

@@ -12,3 +12,2 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 	createUrlSearchParamsForSignInSignUp,
-	isSSLOrigin,
 } from '../utils';
@@ -42,5 +41,3 @@
 			createSignInFlowProofCookies({ state, pkce: codeVerifier.value }),
-			createAuthFlowProofCookiesSetOptions(setCookieOptions, {
-				secure: isSSLOrigin(origin),
-			}),
+			createAuthFlowProofCookiesSetOptions(setCookieOptions, origin),
 		);
@@ -47,0 +44,0 @@

src/auth/handlers/handleSignOutRequest.ts

@@ -9,3 +9,2 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 	createSignOutFlowProofCookies,
-	isSSLOrigin,
 	resolveRedirectSignOutUrl,
@@ -35,5 +34,3 @@ } from '../utils';
 		createSignOutFlowProofCookies(),
-		createAuthFlowProofCookiesSetOptions(setCookieOptions, {
-			secure: isSSLOrigin(origin),
-		}),
+		createAuthFlowProofCookiesSetOptions(setCookieOptions, origin),
 	);
@@ -40,0 +37,0 @@

src/auth/handlers/handleSignOutRequestForPagesRouter.ts

@@ -9,3 +9,2 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 	createSignOutFlowProofCookies,
-	isSSLOrigin,
 	resolveRedirectSignOutUrl,
@@ -26,5 +25,3 @@ } from '../utils';
 			createSignOutFlowProofCookies(),
-			createAuthFlowProofCookiesSetOptions(setCookieOptions, {
-				secure: isSSLOrigin(origin),
-			}),
+			createAuthFlowProofCookiesSetOptions(setCookieOptions, origin),
 		);
@@ -31,0 +28,0 @@

src/auth/utils/authFlowProofCookies.ts

@@ -14,2 +14,4 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 
+import { isSSLOrigin } from './origin';
+
 export const createSignInFlowProofCookies = ({
@@ -41,3 +43,3 @@ state,
 	setCookieOptions: CookieStorage.SetCookieOptions,
-	overrides?: Pick<CookieStorage.SetCookieOptions, 'secure'>,
+	origin: string,
 ) => ({
@@ -47,3 +49,3 @@ domain: setCookieOptions?.domain,
 	httpOnly: true,
-	secure: overrides?.secure ?? true,
+	secure: isSSLOrigin(origin),
 	sameSite: 'lax' as const,
@@ -50,0 +52,0 @@ maxAge: AUTH_FLOW_PROOF_MAX_AGE,

src/auth/utils/tokenCookies.ts

@@ -18,2 +18,3 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 import { getAccessTokenUsername } from './getAccessTokenUsername';
+import { isSSLOrigin } from './origin';
 
@@ -59,3 +60,3 @@ export const createTokenCookies = ({
 	{ domain, sameSite, expires, maxAge }: CookieStorage.SetCookieOptions,
-	overrides?: Pick<CookieStorage.SetCookieOptions, 'secure'>,
+	origin: string,
 ) => {
@@ -66,3 +67,3 @@ const result = {
 		httpOnly: true,
-		secure: overrides?.secure ?? true,
+		secure: isSSLOrigin(origin),
 		sameSite: sameSite ?? 'strict',
@@ -69,0 +70,0 @@ expires,

New alerts

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

Fixed alerts

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

620739

decreased by-0.19%

Lines of code

7102

decreased by-0.36%

No dependency changes