UNPKG

@auth0/nextjs-auth0

Version:

Auth0 Next.js SDK

github.com/auth0/nextjs-auth0

auth0/nextjs-auth0

105 lines (104 loc) 4.81 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
import { NextResponse, type NextRequest } from "next/server"; import * as jose from "jose"; import { AccessTokenForConnectionError, SdkError } from "../errors"; import { AccessTokenForConnectionOptions, AuthorizationParameters, ConnectionTokenSet, SessionData, StartInteractiveLoginOptions, TokenSet } from "../types"; import { AbstractSessionStore } from "./session/abstract-session-store"; import { TransactionStore } from "./transaction-store"; export type BeforeSessionSavedHook = (session: SessionData, idToken: string | null) => Promise<SessionData>; export type OnCallbackContext = { returnTo?: string; }; export type OnCallbackHook = (error: SdkError | null, ctx: OnCallbackContext, session: SessionData | null) => Promise<NextResponse>; export interface Routes { login: string; logout: string; callback: string; profile: string; accessToken: string; backChannelLogout: string; } export type RoutesOptions = Partial<Pick<Routes, "login" | "callback" | "logout" | "backChannelLogout">>; export interface AuthClientOptions { transactionStore: TransactionStore; sessionStore: AbstractSessionStore; domain: string; clientId: string; clientSecret?: string; clientAssertionSigningKey?: string | CryptoKey; clientAssertionSigningAlg?: string; authorizationParameters?: AuthorizationParameters; pushedAuthorizationRequests?: boolean; secret: string; appBaseUrl: string; signInReturnToPath?: string; beforeSessionSaved?: BeforeSessionSavedHook; onCallback?: OnCallbackHook; routes?: RoutesOptions; fetch?: typeof fetch; jwksCache?: jose.JWKSCacheInput; allowInsecureRequests?: boolean; httpTimeout?: number; enableTelemetry?: boolean; enableAccessTokenEndpoint?: boolean; } export declare class AuthClient { private transactionStore; private sessionStore; private clientMetadata; private clientSecret?; private clientAssertionSigningKey?; private clientAssertionSigningAlg; private domain; private authorizationParameters; private pushedAuthorizationRequests; private appBaseUrl; private signInReturnToPath; private beforeSessionSaved?; private onCallback; private routes; private fetch; private jwksCache; private allowInsecureRequests; private httpOptions; private authorizationServerMetadata?; private readonly enableAccessTokenEndpoint; constructor(options: AuthClientOptions); handler(req: NextRequest): Promise<NextResponse>; startInteractiveLogin(options?: StartInteractiveLoginOptions): Promise<NextResponse>; handleLogin(req: NextRequest): Promise<NextResponse>; handleLogout(req: NextRequest): Promise<NextResponse>; handleCallback(req: NextRequest): Promise<NextResponse>; handleProfile(req: NextRequest): Promise<NextResponse>; handleAccessToken(req: NextRequest): Promise<NextResponse>; handleBackChannelLogout(req: NextRequest): Promise<NextResponse>; /** * getTokenSet returns a valid token set. If the access token has expired, it will attempt to * refresh it using the refresh token, if available. */ getTokenSet(tokenSet: TokenSet, forceRefresh?: boolean | undefined): Promise<[null, TokenSet] | [SdkError, null]>; private discoverAuthorizationServerMetadata; private defaultOnCallback; private verifyLogoutToken; private authorizationUrl; private getClientAuth; private get issuer(); /** * Exchanges a refresh token for an access token for a connection. * * This method performs a token exchange using the provided refresh token and connection details. * It first checks if the refresh token is present in the `tokenSet`. If not, it returns an error. * Then, it constructs the necessary parameters for the token exchange request and performs * the request to the authorization server's token endpoint. * * @returns {Promise<[AccessTokenForConnectionError, null] | [null, ConnectionTokenSet]>} A promise that resolves to a tuple. * The first element is either an `AccessTokenForConnectionError` if an error occurred, or `null` if the request was successful. * The second element is either `null` if an error occurred, or a `ConnectionTokenSet` object * containing the access token, expiration time, and scope if the request was successful. * * @throws {AccessTokenForConnectionError} If the refresh token is missing or if there is an error during the token exchange process. */ getConnectionTokenSet(tokenSet: TokenSet, connectionTokenSet: ConnectionTokenSet | undefined, options: AccessTokenForConnectionOptions): Promise<[ AccessTokenForConnectionError, null ] | [null, ConnectionTokenSet]>; }