Socket
Socket
Sign inDemoInstall

@propelauth/nextjs

Package Overview
Dependencies
Maintainers
3
Versions
49
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@propelauth/nextjs - npm Package Compare versions

Comparing version 0.0.118 to 0.0.119

71

dist/client/index.d.ts

@@ -23,2 +23,30 @@ import React from 'react';

}
type InternalPasswordLoginMethod = {
login_method: 'password';
};
type InternalMagicLinkLoginMethod = {
login_method: 'magic_link';
};
type InternalSocialSsoLoginMethod = {
login_method: 'social_sso';
provider: SocialLoginProvider;
};
type InternalEmailConfirmationLinkLoginMethod = {
login_method: 'email_confirmation_link';
};
type InternalSamlSsoLoginMethod = {
login_method: 'saml_sso';
provider: SamlLoginProvider;
org_id: string;
};
type InternalImpersonationLoginMethod = {
login_method: 'impersonation';
};
type InternalGeneratedFromBackendApiLoginMethod = {
login_method: 'generated_from_backend_api';
};
type InternalUnknownLoginMethod = {
login_method: 'unknown';
};
type InternalLoginMethod = InternalPasswordLoginMethod | InternalMagicLinkLoginMethod | InternalSocialSsoLoginMethod | InternalEmailConfirmationLinkLoginMethod | InternalSamlSsoLoginMethod | InternalImpersonationLoginMethod | InternalGeneratedFromBackendApiLoginMethod | InternalUnknownLoginMethod;
type PasswordLoginMethod = {

@@ -55,2 +83,3 @@ loginMethod: 'password';

userId: string;
activeOrgId?: string;
orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo;

@@ -69,3 +98,5 @@ email: string;

[key: string]: unknown;
}, loginMethod?: LoginMethod);
}, activeOrgId?: string, loginMethod?: LoginMethod);
getActiveOrg(): OrgMemberInfo | undefined;
getActiveOrgId(): string | undefined;
getOrg(orgId: string): OrgMemberInfo | undefined;

@@ -76,2 +107,3 @@ getOrgByName(orgName: string): OrgMemberInfo | undefined;

static fromJSON(json: string): UserFromToken;
static fromJwtPayload(payload: InternalUser): UserFromToken;
}

@@ -103,2 +135,30 @@ type OrgIdToOrgMemberInfo = {

}
type InternalOrgMemberInfo = {
org_id: string;
org_name: string;
org_metadata: {
[key: string]: any;
};
url_safe_org_name: string;
user_role: string;
inherited_user_roles_plus_current_role: string[];
user_permissions: string[];
};
type InternalUser = {
user_id: string;
org_member_info?: InternalOrgMemberInfo;
org_id_to_org_member_info?: {
[org_id: string]: InternalOrgMemberInfo;
};
email: string;
first_name?: string;
last_name?: string;
username?: string;
properties?: {
[key: string]: unknown;
};
login_method?: InternalLoginMethod;
legacy_user_id?: string;
impersonatorUserId?: string;
};

@@ -115,2 +175,3 @@ declare class User {

orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo;
activeOrgId?: string;
mfaEnabled: boolean;

@@ -126,3 +187,3 @@ canCreateOrgs: boolean;

impersonatorUserId?: string;
constructor({ userId, email, emailConfirmed, hasPassword, username, firstName, lastName, pictureUrl, orgIdToOrgMemberInfo, mfaEnabled, canCreateOrgs, updatePasswordRequired, createdAt, lastActiveAt, legacyUserId, properties, impersonatorUserId, }: {
constructor({ userId, email, emailConfirmed, hasPassword, username, firstName, lastName, pictureUrl, orgIdToOrgMemberInfo, activeOrgId, mfaEnabled, canCreateOrgs, updatePasswordRequired, createdAt, lastActiveAt, legacyUserId, properties, impersonatorUserId, }: {
userId: string;

@@ -137,2 +198,3 @@ email: string;

orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo;
activeOrgId?: string;
mfaEnabled: boolean;

@@ -149,2 +211,4 @@ canCreateOrgs: boolean;

});
getActiveOrg(): OrgMemberInfo | undefined;
getActiveOrgId(): string | undefined;
getOrg(orgId: string): OrgMemberInfo | undefined;

@@ -160,2 +224,3 @@ getOrgByName(orgName: string): OrgMemberInfo | undefined;

accessToken: never;
setActiveOrg: never;
};

@@ -167,2 +232,3 @@ type UseUserLoggedIn = {

accessToken: string;
setActiveOrg: (orgId: string) => Promise<User | undefined>;
};

@@ -174,2 +240,3 @@ type UseUserNotLoggedIn = {

accessToken: undefined;
setActiveOrg: never;
};

@@ -176,0 +243,0 @@ type UseUser = UseUserLoading | UseUserLoggedIn | UseUserNotLoggedIn;

150

dist/client/index.js

@@ -85,6 +85,32 @@ "use client";

// src/loginMethod.ts
function toLoginMethod(snake_case) {
if (!snake_case) {
return { loginMethod: "unknown" };
}
switch (snake_case.login_method) {
case "password":
return { loginMethod: "password" };
case "magic_link":
return { loginMethod: "magic_link" };
case "social_sso":
return { loginMethod: "social_sso", provider: snake_case.provider };
case "email_confirmation_link":
return { loginMethod: "email_confirmation_link" };
case "saml_sso":
return { loginMethod: "saml_sso", provider: snake_case.provider, orgId: snake_case.org_id };
case "impersonation":
return { loginMethod: "impersonation" };
case "generated_from_backend_api":
return { loginMethod: "generated_from_backend_api" };
default:
return { loginMethod: "unknown" };
}
}
// src/user.ts
var UserFromToken = class {
constructor(userId, email, orgIdToOrgMemberInfo, firstName, lastName, username, legacyUserId, impersonatorUserId, properties, loginMethod) {
constructor(userId, email, orgIdToOrgMemberInfo, firstName, lastName, username, legacyUserId, impersonatorUserId, properties, activeOrgId, loginMethod) {
this.userId = userId;
this.activeOrgId = activeOrgId;
this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo;

@@ -100,2 +126,11 @@ this.email = email;

}
getActiveOrg() {
if (!this.activeOrgId || !this.orgIdToOrgMemberInfo) {
return void 0;
}
return this.orgIdToOrgMemberInfo[this.activeOrgId];
}
getActiveOrgId() {
return this.activeOrgId;
}
getOrg(orgId) {

@@ -145,5 +180,31 @@ if (!this.orgIdToOrgMemberInfo) {

obj.properties,
obj.activeOrgId,
obj.loginMethod
);
}
static fromJwtPayload(payload) {
let activeOrgId;
let orgIdToOrgMemberInfo;
if (payload.org_member_info) {
activeOrgId = payload.org_member_info.org_id;
orgIdToOrgMemberInfo = toOrgIdToOrgMemberInfo({ [activeOrgId]: payload.org_member_info });
} else {
activeOrgId = void 0;
orgIdToOrgMemberInfo = toOrgIdToOrgMemberInfo(payload.org_id_to_org_member_info);
}
const loginMethod = toLoginMethod(payload.login_method);
return new UserFromToken(
payload.user_id,
payload.email,
orgIdToOrgMemberInfo,
payload.first_name,
payload.last_name,
payload.username,
payload.legacy_user_id,
payload.impersonatorUserId,
payload.properties,
activeOrgId,
loginMethod
);
}
};

@@ -298,2 +359,3 @@ var OrgMemberInfo = class {

orgIdToOrgMemberInfo,
activeOrgId,
mfaEnabled,

@@ -317,2 +379,3 @@ canCreateOrgs,

this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo;
this.activeOrgId = activeOrgId;
this.mfaEnabled = mfaEnabled;

@@ -327,2 +390,11 @@ this.canCreateOrgs = canCreateOrgs;

}
getActiveOrg() {
if (!this.activeOrgId) {
return void 0;
}
return this.getOrg(this.activeOrgId);
}
getActiveOrgId() {
return this.activeOrgId;
}
getOrg(orgId) {

@@ -366,3 +438,4 @@ var _a;

user: void 0,
accessToken: void 0
accessToken: void 0,
setActiveOrg: void 0
};

@@ -374,3 +447,4 @@ } else if (userAndAccessToken.user) {

user: userAndAccessToken.user,
accessToken: userAndAccessToken.accessToken
accessToken: userAndAccessToken.accessToken,
setActiveOrg: context.setActiveOrg
};

@@ -382,3 +456,4 @@ } else {

user: void 0,
accessToken: void 0
accessToken: void 0,
setActiveOrg: void 0
};

@@ -570,3 +645,3 @@ }

const redirectToSetupSAMLPage = (orgId, opts) => redirectTo(getSetupSAMLPageUrl(orgId, opts));
const refreshAuthInfo = () => __async(void 0, null, function* () {
const refreshAuthInfo = (0, import_react2.useCallback)(() => __async(void 0, null, function* () {
const action = yield apiGetUserInfo();

@@ -579,3 +654,15 @@ if (action.error) {

}
});
}), [dispatch]);
const setActiveOrg = (0, import_react2.useCallback)(
(orgId) => __async(void 0, null, function* () {
const action = yield apiPostSetActiveOrg(orgId);
if (action.error === "not_in_org") {
return void 0;
} else {
dispatch(action);
return action.user;
}
}),
[dispatch]
);
const value = {

@@ -597,3 +684,4 @@ loading: authState.loading,

getSetupSAMLPageUrl,
refreshAuthInfo
refreshAuthInfo,
setActiveOrg
};

@@ -613,3 +701,3 @@ return /* @__PURE__ */ import_react2.default.createElement(AuthContext.Provider, { value }, props.children);

if (userInfoResponse.ok) {
const { userinfo, accessToken, impersonatorUserId } = yield userInfoResponse.json();
const { userinfo, accessToken, impersonatorUserId, activeOrgId } = yield userInfoResponse.json();
const user = new User({

@@ -625,2 +713,3 @@ userId: userinfo.user_id,

orgIdToOrgMemberInfo: toOrgIdToOrgMemberInfo(userinfo.org_id_to_org_info),
activeOrgId,
mfaEnabled: userinfo.mfa_enabled,

@@ -647,2 +736,47 @@ canCreateOrgs: userinfo.can_create_orgs,

}
function apiPostSetActiveOrg(orgId) {
return __async(this, null, function* () {
try {
const queryParams = new URLSearchParams({ active_org_id: orgId }).toString();
const url = `/api/auth/set-active-org?${queryParams}`;
const userInfoResponse = yield fetch(url, {
method: "POST",
headers: {
"Content-Type": "application/json"
},
credentials: "include"
});
if (userInfoResponse.ok) {
const { userinfo, accessToken, impersonatorUserId, activeOrgId } = yield userInfoResponse.json();
const user = new User({
userId: userinfo.user_id,
email: userinfo.email,
emailConfirmed: userinfo.email_confirmed,
hasPassword: userinfo.has_password,
username: userinfo.username,
firstName: userinfo.first_name,
lastName: userinfo.last_name,
pictureUrl: userinfo.picture_url,
orgIdToOrgMemberInfo: toOrgIdToOrgMemberInfo(userinfo.org_id_to_org_info),
activeOrgId,
mfaEnabled: userinfo.mfa_enabled,
canCreateOrgs: userinfo.can_create_orgs,
updatePasswordRequired: userinfo.update_password_required,
createdAt: userinfo.created_at,
lastActiveAt: userinfo.last_active_at,
properties: userinfo.properties,
impersonatorUserId
});
return { user, accessToken, error: void 0 };
} else if (userInfoResponse.status === 401) {
return { error: "not_in_org" };
} else {
console.info("Failed to set active org", userInfoResponse);
}
} catch (e) {
console.info("Failed to set active org", e);
}
throw new Error("Failed to set active org");
});
}
var encodeBase64 = (str) => {

@@ -649,0 +783,0 @@ const encode = window ? window.btoa : btoa;

65

dist/server/app-router/index.d.ts

@@ -34,2 +34,30 @@ import { NextRequest } from 'next/server.js';

}
type InternalPasswordLoginMethod = {
login_method: 'password';
};
type InternalMagicLinkLoginMethod = {
login_method: 'magic_link';
};
type InternalSocialSsoLoginMethod = {
login_method: 'social_sso';
provider: SocialLoginProvider;
};
type InternalEmailConfirmationLinkLoginMethod = {
login_method: 'email_confirmation_link';
};
type InternalSamlSsoLoginMethod = {
login_method: 'saml_sso';
provider: SamlLoginProvider;
org_id: string;
};
type InternalImpersonationLoginMethod = {
login_method: 'impersonation';
};
type InternalGeneratedFromBackendApiLoginMethod = {
login_method: 'generated_from_backend_api';
};
type InternalUnknownLoginMethod = {
login_method: 'unknown';
};
type InternalLoginMethod = InternalPasswordLoginMethod | InternalMagicLinkLoginMethod | InternalSocialSsoLoginMethod | InternalEmailConfirmationLinkLoginMethod | InternalSamlSsoLoginMethod | InternalImpersonationLoginMethod | InternalGeneratedFromBackendApiLoginMethod | InternalUnknownLoginMethod;
type PasswordLoginMethod = {

@@ -66,2 +94,3 @@ loginMethod: 'password';

userId: string;
activeOrgId?: string;
orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo;

@@ -80,3 +109,5 @@ email: string;

[key: string]: unknown;
}, loginMethod?: LoginMethod);
}, activeOrgId?: string, loginMethod?: LoginMethod);
getActiveOrg(): OrgMemberInfo | undefined;
getActiveOrgId(): string | undefined;
getOrg(orgId: string): OrgMemberInfo | undefined;

@@ -87,2 +118,3 @@ getOrgByName(orgName: string): OrgMemberInfo | undefined;

static fromJSON(json: string): UserFromToken;
static fromJwtPayload(payload: InternalUser): UserFromToken;
}

@@ -114,9 +146,38 @@ type OrgIdToOrgMemberInfo = {

}
type InternalOrgMemberInfo = {
org_id: string;
org_name: string;
org_metadata: {
[key: string]: any;
};
url_safe_org_name: string;
user_role: string;
inherited_user_roles_plus_current_role: string[];
user_permissions: string[];
};
type InternalUser = {
user_id: string;
org_member_info?: InternalOrgMemberInfo;
org_id_to_org_member_info?: {
[org_id: string]: InternalOrgMemberInfo;
};
email: string;
first_name?: string;
last_name?: string;
username?: string;
properties?: {
[key: string]: unknown;
};
login_method?: InternalLoginMethod;
legacy_user_id?: string;
impersonatorUserId?: string;
};
declare function getUserOrRedirect(): Promise<UserFromToken>;
declare function getUser(): Promise<UserFromToken | undefined>;
declare function getAccessToken(): Promise<string | undefined>;
declare function getAccessToken(): string | undefined;
declare function authMiddleware(req: NextRequest): Promise<Response>;
type RouteHandlerArgs = {
postLoginRedirectPathFn?: (req: NextRequest) => string;
getDefaultActiveOrgId?: (req: NextRequest, user: UserFromToken) => string | undefined;
};

@@ -123,0 +184,0 @@ declare function getRouteHandlers(args?: RouteHandlerArgs): {

236

dist/server/app-router/index.js

@@ -111,4 +111,5 @@ "use strict";

var UserFromToken = class {
constructor(userId, email, orgIdToOrgMemberInfo, firstName, lastName, username, legacyUserId, impersonatorUserId, properties, loginMethod) {
constructor(userId, email, orgIdToOrgMemberInfo, firstName, lastName, username, legacyUserId, impersonatorUserId, properties, activeOrgId, loginMethod) {
this.userId = userId;
this.activeOrgId = activeOrgId;
this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo;

@@ -124,2 +125,11 @@ this.email = email;

}
getActiveOrg() {
if (!this.activeOrgId || !this.orgIdToOrgMemberInfo) {
return void 0;
}
return this.orgIdToOrgMemberInfo[this.activeOrgId];
}
getActiveOrgId() {
return this.activeOrgId;
}
getOrg(orgId) {

@@ -169,5 +179,31 @@ if (!this.orgIdToOrgMemberInfo) {

obj.properties,
obj.activeOrgId,
obj.loginMethod
);
}
static fromJwtPayload(payload) {
let activeOrgId;
let orgIdToOrgMemberInfo;
if (payload.org_member_info) {
activeOrgId = payload.org_member_info.org_id;
orgIdToOrgMemberInfo = toOrgIdToOrgMemberInfo({ [activeOrgId]: payload.org_member_info });
} else {
activeOrgId = void 0;
orgIdToOrgMemberInfo = toOrgIdToOrgMemberInfo(payload.org_id_to_org_member_info);
}
const loginMethod = toLoginMethod(payload.login_method);
return new UserFromToken(
payload.user_id,
payload.email,
orgIdToOrgMemberInfo,
payload.first_name,
payload.last_name,
payload.username,
payload.legacy_user_id,
payload.impersonatorUserId,
payload.properties,
activeOrgId,
loginMethod
);
}
};

@@ -221,14 +257,3 @@ var OrgMemberInfo = class {

function toUser(snake_case) {
return new UserFromToken(
snake_case.user_id,
snake_case.email,
toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),
snake_case.first_name,
snake_case.last_name,
snake_case.username,
snake_case.legacy_user_id,
snake_case.impersonatorUserId,
snake_case.properties,
toLoginMethod(snake_case.login_method)
);
return UserFromToken.fromJwtPayload(snake_case);
}

@@ -305,3 +330,3 @@ function toOrgIdToOrgMemberInfo(snake_case) {

}
function refreshTokenWithAccessAndRefreshToken(refreshToken) {
function refreshTokenWithAccessAndRefreshToken(refreshToken, activeOrgId) {
return __async(this, null, function* () {

@@ -311,3 +336,8 @@ const body = {

};
const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token`;
const queryParams = new URLSearchParams();
if (activeOrgId) {
queryParams.set("with_active_org_support", "true");
queryParams.set("active_org_id", activeOrgId);
}
const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token?${queryParams.toString()}`;
const response = yield fetch(url, {

@@ -324,6 +354,3 @@ method: "POST",

const newRefreshToken = data.refresh_token;
const {
access_token: accessToken,
expires_at_seconds: expiresAtSeconds
} = data.access_token;
const { access_token: accessToken, expires_at_seconds: expiresAtSeconds } = data.access_token;
return {

@@ -389,2 +416,5 @@ refreshToken: newRefreshToken,

// src/shared.ts
var ACTIVE_ORG_ID_COOKIE_NAME = "__pa_org_id";
// src/server/app-router.ts

@@ -404,4 +434,3 @@ function getUserOrRedirect() {

return __async(this, null, function* () {
var _a;
const accessToken = (0, import_headers.headers)().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || ((_a = (0, import_headers.cookies)().get(ACCESS_TOKEN_COOKIE_NAME)) == null ? void 0 : _a.value);
const accessToken = getAccessToken();
if (accessToken) {

@@ -417,10 +446,8 @@ const user = yield validateAccessTokenOrUndefined(accessToken);

function getAccessToken() {
return __async(this, null, function* () {
var _a;
return (0, import_headers.headers)().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || ((_a = (0, import_headers.cookies)().get(ACCESS_TOKEN_COOKIE_NAME)) == null ? void 0 : _a.value);
});
var _a;
return (0, import_headers.headers)().get(CUSTOM_HEADER_FOR_ACCESS_TOKEN) || ((_a = (0, import_headers.cookies)().get(ACCESS_TOKEN_COOKIE_NAME)) == null ? void 0 : _a.value);
}
function authMiddleware(req) {
return __async(this, null, function* () {
var _a, _b;
var _a, _b, _c;
if (req.headers.has(CUSTOM_HEADER_FOR_ACCESS_TOKEN)) {

@@ -433,2 +460,3 @@ throw new Error(`${CUSTOM_HEADER_FOR_ACCESS_TOKEN} is set which is for internal use only`);

const refreshToken = (_b = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)) == null ? void 0 : _b.value;
const activeOrgId = (_c = req.cookies.get(ACTIVE_ORG_ID_COOKIE_NAME)) == null ? void 0 : _c.value;
if (accessToken) {

@@ -441,3 +469,3 @@ const user = yield validateAccessTokenOrUndefined(accessToken);

if (refreshToken) {
const response = yield refreshTokenWithAccessAndRefreshToken(refreshToken);
const response = yield refreshTokenWithAccessAndRefreshToken(refreshToken, activeOrgId);
if (response.error === "unexpected") {

@@ -503,3 +531,3 @@ throw new Error("Unexpected error while refreshing access token");

return __async(this, null, function* () {
var _a, _b;
var _a, _b, _c;
const oauthState = (_a = req.cookies.get(STATE_COOKIE_NAME)) == null ? void 0 : _a.value;

@@ -540,2 +568,45 @@ if (!oauthState || oauthState.length !== 64) {

}
const currentActiveOrgId = (_c = req.cookies.get(ACTIVE_ORG_ID_COOKIE_NAME)) == null ? void 0 : _c.value;
const user = yield validateAccessToken(accessToken);
const isUserInCurrentActiveOrg = !!currentActiveOrgId && !!user.getOrg(currentActiveOrgId);
let activeOrgId = void 0;
if (isUserInCurrentActiveOrg) {
activeOrgId = currentActiveOrgId;
} else if (args == null ? void 0 : args.getDefaultActiveOrgId) {
activeOrgId = args.getDefaultActiveOrgId(req, user);
}
if (activeOrgId) {
const response2 = yield refreshTokenWithAccessAndRefreshToken(data.refresh_token, activeOrgId);
if (response2.error === "unexpected") {
throw new Error("Unexpected error while setting active org");
} else if (response2.error === "unauthorized") {
console.error(
"Unauthorized error while setting active org. Your user may not have access to this org"
);
return new Response("Unauthorized", { status: 401 });
} else {
const headers3 = new Headers();
headers3.append("Location", returnToPath);
headers3.append(
"Set-Cookie",
`${ACCESS_TOKEN_COOKIE_NAME}=${response2.accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`
);
headers3.append(
"Set-Cookie",
`${REFRESH_TOKEN_COOKIE_NAME}=${response2.refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`
);
headers3.append(
"Set-Cookie",
`${ACTIVE_ORG_ID_COOKIE_NAME}=${activeOrgId}; Path=/; HttpOnly; Secure; SameSite=Lax`
);
headers3.append(
"Set-Cookie",
`${RETURN_TO_PATH_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
);
return new Response(null, {
status: 302,
headers: headers3
});
}
}
const headers2 = new Headers();

@@ -553,2 +624,6 @@ headers2.append("Location", returnToPath);

"Set-Cookie",
`${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
);
headers2.append(
"Set-Cookie",
`${RETURN_TO_PATH_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`

@@ -572,6 +647,7 @@ );

return __async(this, null, function* () {
var _a;
var _a, _b;
const oldRefreshToken = (_a = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)) == null ? void 0 : _a.value;
const activeOrgId = (_b = req.cookies.get(ACTIVE_ORG_ID_COOKIE_NAME)) == null ? void 0 : _b.value;
if (oldRefreshToken) {
const refreshResponse = yield refreshTokenWithAccessAndRefreshToken(oldRefreshToken);
const refreshResponse = yield refreshTokenWithAccessAndRefreshToken(oldRefreshToken, activeOrgId);
if (refreshResponse.error === "unexpected") {

@@ -589,2 +665,6 @@ throw new Error("Unexpected error while refreshing access token");

);
headers3.append(
"Set-Cookie",
`${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
);
return new Response("Unauthorized", { status: 401, headers: headers3 });

@@ -608,3 +688,4 @@ }

accessToken,
impersonatorUserId: userFromToken.impersonatorUserId
impersonatorUserId: userFromToken.impersonatorUserId,
activeOrgId
};

@@ -635,2 +716,6 @@ const headers3 = new Headers();

);
headers3.append(
"Set-Cookie",
`${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
);
return new Response(null, {

@@ -647,2 +732,3 @@ status: 401,

headers2.append("Set-Cookie", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`);
headers2.append("Set-Cookie", `${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`);
return new Response(null, { status: 401 });

@@ -653,3 +739,3 @@ });

return __async(this, null, function* () {
var _a;
var _a, _b;
const path = (args == null ? void 0 : args.postLoginRedirectPathFn) ? args.postLoginRedirectPathFn(req) : "/";

@@ -672,2 +758,6 @@ if (!path) {

);
headers2.append(
"Set-Cookie",
`${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
);
return new Response(null, {

@@ -678,3 +768,4 @@ status: 302,

}
const refreshResponse = yield refreshTokenWithAccessAndRefreshToken(refreshToken);
const activeOrgId = (_b = req.cookies.get(ACTIVE_ORG_ID_COOKIE_NAME)) == null ? void 0 : _b.value;
const refreshResponse = yield refreshTokenWithAccessAndRefreshToken(refreshToken, activeOrgId);
if (refreshResponse.error === "unexpected") {

@@ -694,2 +785,6 @@ console.error("Unexpected error while refreshing access token");

);
headers2.append(
"Set-Cookie",
`${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
);
return new Response(null, {

@@ -723,2 +818,6 @@ status: 302,

);
headers3.append(
"Set-Cookie",
`${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
);
return new Response(null, { status: 200, headers: headers3 });

@@ -748,5 +847,74 @@ }

headers2.append("Set-Cookie", `${REFRESH_TOKEN_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`);
headers2.append("Set-Cookie", `${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`);
return new Response(null, { status: 200, headers: headers2 });
});
}
function setActiveOrgHandler(req) {
return __async(this, null, function* () {
var _a;
const oldRefreshToken = (_a = req.cookies.get(REFRESH_TOKEN_COOKIE_NAME)) == null ? void 0 : _a.value;
const activeOrgId = req.nextUrl.searchParams.get("active_org_id");
if (!oldRefreshToken) {
const headers2 = new Headers();
headers2.append(
"Set-Cookie",
`${ACTIVE_ORG_ID_COOKIE_NAME}=; Path=/; HttpOnly; Secure; SameSite=Lax; Max-Age=0`
);
return new Response(null, { status: 401, headers: headers2 });
}
if (!activeOrgId) {
return new Response(null, { status: 400 });
}
const refreshResponse = yield refreshTokenWithAccessAndRefreshToken(oldRefreshToken, activeOrgId);
if (refreshResponse.error === "unexpected") {
throw new Error("Unexpected error while setting active org id");
} else if (refreshResponse.error === "unauthorized") {
return new Response("Unauthorized", { status: 401 });
}
const refreshToken = refreshResponse.refreshToken;
const accessToken = refreshResponse.accessToken;
const authUrlOrigin = getAuthUrlOrigin();
const path = `${authUrlOrigin}/propelauth/oauth/userinfo`;
const response = yield fetch(path, {
headers: {
"Content-Type": "application/json",
Authorization: "Bearer " + accessToken
}
});
if (response.ok) {
const userFromToken = yield validateAccessToken(accessToken);
const data = yield response.json();
const jsonResponse = {
userinfo: data,
accessToken,
impersonatorUserId: userFromToken.impersonatorUserId,
activeOrgId
};
const headers2 = new Headers();
headers2.append(
"Set-Cookie",
`${ACCESS_TOKEN_COOKIE_NAME}=${accessToken}; Path=/; HttpOnly; Secure; SameSite=Lax`
);
headers2.append(
"Set-Cookie",
`${REFRESH_TOKEN_COOKIE_NAME}=${refreshToken}; Path=/; HttpOnly; Secure; SameSite=Lax`
);
headers2.append(
"Set-Cookie",
`${ACTIVE_ORG_ID_COOKIE_NAME}=${activeOrgId}; Path=/; HttpOnly; Secure; SameSite=Lax`
);
headers2.append("Content-Type", "application/json");
return new Response(JSON.stringify(jsonResponse), {
status: 200,
headers: headers2
});
} else if (response.status === 401) {
return new Response(null, {
status: 401
});
} else {
return new Response(null, { status: 500 });
}
});
}
function getRouteHandler(req, { params }) {

@@ -770,2 +938,4 @@ if (params.slug === "login") {

return logoutPostHandler(req);
} else if (params.slug === "set-active-org") {
return setActiveOrgHandler(req);
} else {

@@ -772,0 +942,0 @@ return new Response("", { status: 404 });

62

dist/server/index.d.ts

@@ -24,2 +24,30 @@ import * as _propelauth_node_apis from '@propelauth/node-apis';

}
type InternalPasswordLoginMethod = {
login_method: 'password';
};
type InternalMagicLinkLoginMethod = {
login_method: 'magic_link';
};
type InternalSocialSsoLoginMethod = {
login_method: 'social_sso';
provider: SocialLoginProvider;
};
type InternalEmailConfirmationLinkLoginMethod = {
login_method: 'email_confirmation_link';
};
type InternalSamlSsoLoginMethod = {
login_method: 'saml_sso';
provider: SamlLoginProvider;
org_id: string;
};
type InternalImpersonationLoginMethod = {
login_method: 'impersonation';
};
type InternalGeneratedFromBackendApiLoginMethod = {
login_method: 'generated_from_backend_api';
};
type InternalUnknownLoginMethod = {
login_method: 'unknown';
};
type InternalLoginMethod = InternalPasswordLoginMethod | InternalMagicLinkLoginMethod | InternalSocialSsoLoginMethod | InternalEmailConfirmationLinkLoginMethod | InternalSamlSsoLoginMethod | InternalImpersonationLoginMethod | InternalGeneratedFromBackendApiLoginMethod | InternalUnknownLoginMethod;
type PasswordLoginMethod = {

@@ -56,2 +84,3 @@ loginMethod: 'password';

userId: string;
activeOrgId?: string;
orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo;

@@ -70,3 +99,5 @@ email: string;

[key: string]: unknown;
}, loginMethod?: LoginMethod);
}, activeOrgId?: string, loginMethod?: LoginMethod);
getActiveOrg(): OrgMemberInfo | undefined;
getActiveOrgId(): string | undefined;
getOrg(orgId: string): OrgMemberInfo | undefined;

@@ -77,2 +108,3 @@ getOrgByName(orgName: string): OrgMemberInfo | undefined;

static fromJSON(json: string): UserFromToken;
static fromJwtPayload(payload: InternalUser): UserFromToken;
}

@@ -104,2 +136,30 @@ type OrgIdToOrgMemberInfo = {

}
type InternalOrgMemberInfo = {
org_id: string;
org_name: string;
org_metadata: {
[key: string]: any;
};
url_safe_org_name: string;
user_role: string;
inherited_user_roles_plus_current_role: string[];
user_permissions: string[];
};
type InternalUser = {
user_id: string;
org_member_info?: InternalOrgMemberInfo;
org_id_to_org_member_info?: {
[org_id: string]: InternalOrgMemberInfo;
};
email: string;
first_name?: string;
last_name?: string;
username?: string;
properties?: {
[key: string]: unknown;
};
login_method?: InternalLoginMethod;
legacy_user_id?: string;
impersonatorUserId?: string;
};

@@ -106,0 +166,0 @@ declare function validateAccessTokenOrUndefined(accessToken: string | undefined): Promise<UserFromToken | undefined>;

51

dist/server/index.js

@@ -90,4 +90,5 @@ "use strict";

var UserFromToken = class {
constructor(userId, email, orgIdToOrgMemberInfo, firstName, lastName, username, legacyUserId, impersonatorUserId, properties, loginMethod) {
constructor(userId, email, orgIdToOrgMemberInfo, firstName, lastName, username, legacyUserId, impersonatorUserId, properties, activeOrgId, loginMethod) {
this.userId = userId;
this.activeOrgId = activeOrgId;
this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo;

@@ -103,2 +104,11 @@ this.email = email;

}
getActiveOrg() {
if (!this.activeOrgId || !this.orgIdToOrgMemberInfo) {
return void 0;
}
return this.orgIdToOrgMemberInfo[this.activeOrgId];
}
getActiveOrgId() {
return this.activeOrgId;
}
getOrg(orgId) {

@@ -148,5 +158,31 @@ if (!this.orgIdToOrgMemberInfo) {

obj.properties,
obj.activeOrgId,
obj.loginMethod
);
}
static fromJwtPayload(payload) {
let activeOrgId;
let orgIdToOrgMemberInfo;
if (payload.org_member_info) {
activeOrgId = payload.org_member_info.org_id;
orgIdToOrgMemberInfo = toOrgIdToOrgMemberInfo({ [activeOrgId]: payload.org_member_info });
} else {
activeOrgId = void 0;
orgIdToOrgMemberInfo = toOrgIdToOrgMemberInfo(payload.org_id_to_org_member_info);
}
const loginMethod = toLoginMethod(payload.login_method);
return new UserFromToken(
payload.user_id,
payload.email,
orgIdToOrgMemberInfo,
payload.first_name,
payload.last_name,
payload.username,
payload.legacy_user_id,
payload.impersonatorUserId,
payload.properties,
activeOrgId,
loginMethod
);
}
};

@@ -200,14 +236,3 @@ var OrgMemberInfo = class {

function toUser(snake_case) {
return new UserFromToken(
snake_case.user_id,
snake_case.email,
toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),
snake_case.first_name,
snake_case.last_name,
snake_case.username,
snake_case.legacy_user_id,
snake_case.impersonatorUserId,
snake_case.properties,
toLoginMethod(snake_case.login_method)
);
return UserFromToken.fromJwtPayload(snake_case);
}

@@ -214,0 +239,0 @@ function toOrgIdToOrgMemberInfo(snake_case) {

62

dist/server/pages/index.d.ts

@@ -23,2 +23,30 @@ import { GetServerSidePropsContext, NextApiRequest, NextApiResponse } from 'next';

}
type InternalPasswordLoginMethod = {
login_method: 'password';
};
type InternalMagicLinkLoginMethod = {
login_method: 'magic_link';
};
type InternalSocialSsoLoginMethod = {
login_method: 'social_sso';
provider: SocialLoginProvider;
};
type InternalEmailConfirmationLinkLoginMethod = {
login_method: 'email_confirmation_link';
};
type InternalSamlSsoLoginMethod = {
login_method: 'saml_sso';
provider: SamlLoginProvider;
org_id: string;
};
type InternalImpersonationLoginMethod = {
login_method: 'impersonation';
};
type InternalGeneratedFromBackendApiLoginMethod = {
login_method: 'generated_from_backend_api';
};
type InternalUnknownLoginMethod = {
login_method: 'unknown';
};
type InternalLoginMethod = InternalPasswordLoginMethod | InternalMagicLinkLoginMethod | InternalSocialSsoLoginMethod | InternalEmailConfirmationLinkLoginMethod | InternalSamlSsoLoginMethod | InternalImpersonationLoginMethod | InternalGeneratedFromBackendApiLoginMethod | InternalUnknownLoginMethod;
type PasswordLoginMethod = {

@@ -55,2 +83,3 @@ loginMethod: 'password';

userId: string;
activeOrgId?: string;
orgIdToOrgMemberInfo?: OrgIdToOrgMemberInfo;

@@ -69,3 +98,5 @@ email: string;

[key: string]: unknown;
}, loginMethod?: LoginMethod);
}, activeOrgId?: string, loginMethod?: LoginMethod);
getActiveOrg(): OrgMemberInfo | undefined;
getActiveOrgId(): string | undefined;
getOrg(orgId: string): OrgMemberInfo | undefined;

@@ -76,2 +107,3 @@ getOrgByName(orgName: string): OrgMemberInfo | undefined;

static fromJSON(json: string): UserFromToken;
static fromJwtPayload(payload: InternalUser): UserFromToken;
}

@@ -103,2 +135,30 @@ type OrgIdToOrgMemberInfo = {

}
type InternalOrgMemberInfo = {
org_id: string;
org_name: string;
org_metadata: {
[key: string]: any;
};
url_safe_org_name: string;
user_role: string;
inherited_user_roles_plus_current_role: string[];
user_permissions: string[];
};
type InternalUser = {
user_id: string;
org_member_info?: InternalOrgMemberInfo;
org_id_to_org_member_info?: {
[org_id: string]: InternalOrgMemberInfo;
};
email: string;
first_name?: string;
last_name?: string;
username?: string;
properties?: {
[key: string]: unknown;
};
login_method?: InternalLoginMethod;
legacy_user_id?: string;
impersonatorUserId?: string;
};

@@ -105,0 +165,0 @@ declare function getUserFromServerSideProps(props: GetServerSidePropsContext, forceRefresh?: boolean): Promise<UserFromToken | undefined>;

74

dist/server/pages/index.js

@@ -85,4 +85,5 @@ "use strict";

var UserFromToken = class {
constructor(userId, email, orgIdToOrgMemberInfo, firstName, lastName, username, legacyUserId, impersonatorUserId, properties, loginMethod) {
constructor(userId, email, orgIdToOrgMemberInfo, firstName, lastName, username, legacyUserId, impersonatorUserId, properties, activeOrgId, loginMethod) {
this.userId = userId;
this.activeOrgId = activeOrgId;
this.orgIdToOrgMemberInfo = orgIdToOrgMemberInfo;

@@ -98,2 +99,11 @@ this.email = email;

}
getActiveOrg() {
if (!this.activeOrgId || !this.orgIdToOrgMemberInfo) {
return void 0;
}
return this.orgIdToOrgMemberInfo[this.activeOrgId];
}
getActiveOrgId() {
return this.activeOrgId;
}
getOrg(orgId) {

@@ -143,5 +153,31 @@ if (!this.orgIdToOrgMemberInfo) {

obj.properties,
obj.activeOrgId,
obj.loginMethod
);
}
static fromJwtPayload(payload) {
let activeOrgId;
let orgIdToOrgMemberInfo;
if (payload.org_member_info) {
activeOrgId = payload.org_member_info.org_id;
orgIdToOrgMemberInfo = toOrgIdToOrgMemberInfo({ [activeOrgId]: payload.org_member_info });
} else {
activeOrgId = void 0;
orgIdToOrgMemberInfo = toOrgIdToOrgMemberInfo(payload.org_id_to_org_member_info);
}
const loginMethod = toLoginMethod(payload.login_method);
return new UserFromToken(
payload.user_id,
payload.email,
orgIdToOrgMemberInfo,
payload.first_name,
payload.last_name,
payload.username,
payload.legacy_user_id,
payload.impersonatorUserId,
payload.properties,
activeOrgId,
loginMethod
);
}
};

@@ -195,14 +231,3 @@ var OrgMemberInfo = class {

function toUser(snake_case) {
return new UserFromToken(
snake_case.user_id,
snake_case.email,
toOrgIdToOrgMemberInfo(snake_case.org_id_to_org_member_info),
snake_case.first_name,
snake_case.last_name,
snake_case.username,
snake_case.legacy_user_id,
snake_case.impersonatorUserId,
snake_case.properties,
toLoginMethod(snake_case.login_method)
);
return UserFromToken.fromJwtPayload(snake_case);
}

@@ -275,3 +300,3 @@ function toOrgIdToOrgMemberInfo(snake_case) {

}
function refreshTokenWithAccessAndRefreshToken(refreshToken) {
function refreshTokenWithAccessAndRefreshToken(refreshToken, activeOrgId) {
return __async(this, null, function* () {

@@ -281,3 +306,8 @@ const body = {

};
const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token`;
const queryParams = new URLSearchParams();
if (activeOrgId) {
queryParams.set("with_active_org_support", "true");
queryParams.set("active_org_id", activeOrgId);
}
const url = `${getAuthUrlOrigin()}/api/backend/v1/refresh_token?${queryParams.toString()}`;
const response = yield fetch(url, {

@@ -294,6 +324,3 @@ method: "POST",

const newRefreshToken = data.refresh_token;
const {
access_token: accessToken,
expires_at_seconds: expiresAtSeconds
} = data.access_token;
const { access_token: accessToken, expires_at_seconds: expiresAtSeconds } = data.access_token;
return {

@@ -359,2 +386,5 @@ refreshToken: newRefreshToken,

// src/shared.ts
var ACTIVE_ORG_ID_COOKIE_NAME = "__pa_org_id";
// src/server/pages.ts

@@ -365,2 +395,3 @@ function getUserFromServerSideProps(props, forceRefresh = false) {

const refreshToken = props.req.cookies[REFRESH_TOKEN_COOKIE_NAME];
const activeOrgId = props.req.cookies[ACTIVE_ORG_ID_COOKIE_NAME];
if (accessToken && !forceRefresh) {

@@ -373,3 +404,3 @@ const user = yield validateAccessTokenOrUndefined(accessToken);

if (refreshToken) {
const response = yield refreshTokenWithAccessAndRefreshToken(refreshToken);
const response = yield refreshTokenWithAccessAndRefreshToken(refreshToken, activeOrgId);
if (response.error === "unexpected") {

@@ -399,2 +430,3 @@ throw new Error("Unexpected error while refreshing access token");

const refreshToken = req.cookies[REFRESH_TOKEN_COOKIE_NAME];
const activeOrgId = req.cookies[ACTIVE_ORG_ID_COOKIE_NAME];
if (accessToken && !forceRefresh) {

@@ -407,3 +439,3 @@ const user = yield validateAccessTokenOrUndefined(accessToken);

if (refreshToken) {
const response = yield refreshTokenWithAccessAndRefreshToken(refreshToken);
const response = yield refreshTokenWithAccessAndRefreshToken(refreshToken, activeOrgId);
if (response.error === "unexpected") {

@@ -410,0 +442,0 @@ throw new Error("Unexpected error while refreshing access token");

2

package.json
{
"name": "@propelauth/nextjs",
"version": "0.0.118",
"version": "0.0.119",
"exports": {

@@ -5,0 +5,0 @@ "./server": {

dist/client/index.js.map

Sorry, the diff of this file is not supported yet

dist/client/index.mjs

Sorry, the diff of this file is not supported yet

dist/client/index.mjs.map

Sorry, the diff of this file is not supported yet

dist/server/app-router/index.js.map

Sorry, the diff of this file is not supported yet

dist/server/app-router/index.mjs

Sorry, the diff of this file is not supported yet

dist/server/app-router/index.mjs.map

Sorry, the diff of this file is not supported yet

dist/server/index.js.map

Sorry, the diff of this file is not supported yet

dist/server/index.mjs

Sorry, the diff of this file is not supported yet

dist/server/index.mjs.map

Sorry, the diff of this file is not supported yet

dist/server/pages/index.js.map

Sorry, the diff of this file is not supported yet

dist/server/pages/index.mjs

Sorry, the diff of this file is not supported yet

dist/server/pages/index.mjs.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc