UNPKG

@auth0/nextjs-auth0

Version:

Auth0 Next.js SDK

github.com/auth0/nextjs-auth0

auth0/nextjs-auth0

58 lines (57 loc) 2.88 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
import { InvalidConfigurationError } from "../errors/index.js"; import { DEFAULT_SCOPES } from "./constants.js"; /** * Determines the default scope based on the provided authorization parameters. * If no scope is defined, it defaults to a predefined set of scopes. * If the scope is defined as an object (map) and does not include a scope for the default audience, * it adds the default scopes for that audience. * @param authorizationParameters The authorization parameters to evaluate. * @returns The determined scope, either as a string or an updated map of scopes. */ export function ensureDefaultScope(authorizationParameters) { // When no scope is defined in the constructor, we default to a string set to DEFAULT_SCOPES. // We do not introduce a Map here as that would be a breaking change. if (!authorizationParameters.scope) { return DEFAULT_SCOPES; } // When the user defined scope as a Map, but did not define a scope for the default audience, // we need to default it to the DEFAULT_SCOPES if (typeof authorizationParameters.scope === "object" && !getScopeForAudience(authorizationParameters.scope, authorizationParameters.audience)) { const audience = authorizationParameters.audience; return { ...authorizationParameters.scope, [audience]: DEFAULT_SCOPES }; } return authorizationParameters.scope; } /** * Retrieves the appropriate scope for a given audience from a scope map. * Only considers the audience when the scope is of type Map<string, string>. * If the scope is a string, it is returned as-is. * If the scope is null or undefined, undefined is returned. * @param scope The scope, either as a string, null/undefined, or a Map of audience to scope. * @param audience The audience to look up in the scope map * @returns The scope string for the given audience, or undefined if not found or if scope is null/undefined. * @throws {InvalidConfigurationError} If scope is defined as a map but no audience is provided. */ export function getScopeForAudience(scope, audience) { // When the scope is null or undefined, we return undefined if (!scope) { return undefined; } // When the scope is a string, we return it as-is if (typeof scope === "string") { return scope; } // When no audience is provided, we cannot look up the scope in the Map // We throw an error to inform the user that an audience is required // Which is required to use MRRT altogether. if (!audience) { throw new InvalidConfigurationError("When defining scope as a Map, an audience is required to look up the correct scope."); } // When the scope is a Map, we return the scope for the provided audience // When no audience is provided, we default to the 'default' audience. return scope[audience]; }