UNPKG

@clerk/express

Version:

Clerk server SDK for usage with Express

273 lines (260 loc) • 9.61 kB
"use strict"; var __defProp = Object.defineProperty; var __getOwnPropDesc = Object.getOwnPropertyDescriptor; var __getOwnPropNames = Object.getOwnPropertyNames; var __hasOwnProp = Object.prototype.hasOwnProperty; var __export = (target, all) => { for (var name in all) __defProp(target, name, { get: all[name], enumerable: true }); }; var __copyProps = (to, from, except, desc) => { if (from && typeof from === "object" || typeof from === "function") { for (let key of __getOwnPropNames(from)) if (!__hasOwnProp.call(to, key) && key !== except) __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); } return to; }; var __reExport = (target, mod, secondTarget) => (__copyProps(target, mod, "default"), secondTarget && __copyProps(secondTarget, mod, "default")); var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); // src/index.ts var index_exports = {}; __export(index_exports, { authenticateRequest: () => authenticateRequest, clerkClient: () => clerkClient, clerkMiddleware: () => clerkMiddleware, getAuth: () => getAuth, requireAuth: () => requireAuth }); module.exports = __toCommonJS(index_exports); __reExport(index_exports, require("@clerk/backend"), module.exports); // src/clerkClient.ts var import_backend = require("@clerk/backend"); // src/utils.ts var import_underscore = require("@clerk/shared/underscore"); var requestHasAuthObject = (req) => { return "auth" in req; }; var loadClientEnv = () => { return { publishableKey: process.env.CLERK_PUBLISHABLE_KEY || "", clerkJSUrl: process.env.CLERK_JS || "", clerkJSVersion: process.env.CLERK_JS_VERSION || "" }; }; var loadApiEnv = () => { return { secretKey: process.env.CLERK_SECRET_KEY || "", apiUrl: process.env.CLERK_API_URL || "https://api.clerk.com", apiVersion: process.env.CLERK_API_VERSION || "v1", domain: process.env.CLERK_DOMAIN || "", proxyUrl: process.env.CLERK_PROXY_URL || "", signInUrl: process.env.CLERK_SIGN_IN_URL || "", isSatellite: (0, import_underscore.isTruthy)(process.env.CLERK_IS_SATELLITE), jwtKey: process.env.CLERK_JWT_KEY || "", sdkMetadata: { name: "@clerk/express", version: "1.7.15", environment: process.env.NODE_ENV }, telemetry: { disabled: (0, import_underscore.isTruthy)(process.env.CLERK_TELEMETRY_DISABLED), debug: (0, import_underscore.isTruthy)(process.env.CLERK_TELEMETRY_DEBUG) } }; }; var incomingMessageToRequest = (req) => { const headers = Object.keys(req.headers).reduce((acc, key) => Object.assign(acc, { [key]: req?.headers[key] }), {}); const protocol = req.connection?.encrypted ? "https" : "http"; const dummyOriginReqUrl = new URL(req.originalUrl || req.url || "", `${protocol}://clerk-dummy`); return new Request(dummyOriginReqUrl, { method: req.method, headers: new Headers(headers) }); }; // src/clerkClient.ts var clerkClientSingleton = {}; var clerkClient = new Proxy(clerkClientSingleton, { get(_target, property) { if (property in clerkClientSingleton) { return clerkClientSingleton[property]; } const env = { ...loadApiEnv(), ...loadClientEnv() }; const client = (0, import_backend.createClerkClient)({ ...env, userAgent: `${"@clerk/express"}@${"1.7.15"}` }); if (env.secretKey) { clerkClientSingleton = client; } return client[property]; }, set() { return false; } }); // src/authenticateRequest.ts var import_internal = require("@clerk/backend/internal"); var import_deprecated = require("@clerk/shared/deprecated"); var import_keys = require("@clerk/shared/keys"); var import_proxy = require("@clerk/shared/proxy"); var import_utils2 = require("@clerk/shared/utils"); // src/errors.ts var createErrorMessage = (msg) => { return `\u{1F512} Clerk: ${msg.trim()} For more info, check out the docs: https://clerk.com/docs, or come say hi in our discord server: https://clerk.com/discord `; }; var middlewareRequired = (fnName) => createErrorMessage(`The "clerkMiddleware" should be registered before using "${fnName}". Example: import express from 'express'; import { clerkMiddleware } from '@clerk/express'; const app = express(); app.use(clerkMiddleware()); `); var satelliteAndMissingProxyUrlAndDomain = "Missing domain and proxyUrl. A satellite application needs to specify a domain or a proxyUrl"; var satelliteAndMissingSignInUrl = ` Invalid signInUrl. A satellite application requires a signInUrl for development instances. Check if signInUrl is missing from your configuration or if it is not an absolute URL.`; // src/authenticateRequest.ts var authenticateRequest = (opts) => { const { clerkClient: clerkClient2, request, options } = opts; const { jwtKey, authorizedParties, audience, acceptsToken } = options || {}; const clerkRequest = (0, import_internal.createClerkRequest)(incomingMessageToRequest(request)); const env = { ...loadApiEnv(), ...loadClientEnv() }; const secretKey = options?.secretKey || env.secretKey; const publishableKey = options?.publishableKey || env.publishableKey; const isSatellite = (0, import_utils2.handleValueOrFn)(options?.isSatellite, clerkRequest.clerkUrl, env.isSatellite); const domain = (0, import_utils2.handleValueOrFn)(options?.domain, clerkRequest.clerkUrl) || env.domain; const signInUrl = options?.signInUrl || env.signInUrl; const proxyUrl = absoluteProxyUrl( (0, import_utils2.handleValueOrFn)(options?.proxyUrl, clerkRequest.clerkUrl, env.proxyUrl), clerkRequest.clerkUrl.toString() ); if (isSatellite && !proxyUrl && !domain) { throw new Error(satelliteAndMissingProxyUrlAndDomain); } if (isSatellite && !(0, import_proxy.isHttpOrHttps)(signInUrl) && (0, import_keys.isDevelopmentFromSecretKey)(secretKey || "")) { throw new Error(satelliteAndMissingSignInUrl); } return clerkClient2.authenticateRequest(clerkRequest, { audience, secretKey, publishableKey, jwtKey, authorizedParties, proxyUrl, isSatellite, domain, signInUrl, acceptsToken }); }; var setResponseHeaders = (requestState, res) => { if (requestState.headers) { requestState.headers.forEach((value, key) => res.appendHeader(key, value)); } return setResponseForHandshake(requestState, res); }; var setResponseForHandshake = (requestState, res) => { const hasLocationHeader = requestState.headers.get("location"); if (hasLocationHeader) { res.status(307).end(); return; } if (requestState.status === import_internal.AuthStatus.Handshake) { return new Error("Clerk: unexpected handshake without redirect"); } return; }; var absoluteProxyUrl = (relativeOrAbsoluteUrl, baseUrl) => { if (!relativeOrAbsoluteUrl || !(0, import_proxy.isValidProxyUrl)(relativeOrAbsoluteUrl) || !(0, import_proxy.isProxyUrlRelative)(relativeOrAbsoluteUrl)) { return relativeOrAbsoluteUrl; } return new URL(relativeOrAbsoluteUrl, baseUrl).toString(); }; var authenticateAndDecorateRequest = (options = {}) => { const clerkClient2 = options.clerkClient || clerkClient; const enableHandshake = options.enableHandshake ?? true; const middleware = async (request, response, next) => { if (request.auth) { return next(); } try { const requestState = await authenticateRequest({ clerkClient: clerkClient2, request, options }); if (enableHandshake) { const err = setResponseHeaders(requestState, response); if (err) { return next(err); } if (response.writableEnded) { return; } } const authHandler = (opts) => requestState.toAuth(opts); const authObject = requestState.toAuth(); const auth = new Proxy(authHandler, { get(target, prop, receiver) { (0, import_deprecated.deprecated)("req.auth", "Use `req.auth()` as a function instead."); if (prop in target) return Reflect.get(target, prop, receiver); return authObject?.[prop]; } }); Object.assign(request, { auth }); next(); } catch (err) { next(err); } }; return middleware; }; // src/clerkMiddleware.ts var clerkMiddleware = (options = {}) => { const authMiddleware = authenticateAndDecorateRequest({ ...options, acceptsToken: "any" }); return (request, response, next) => { authMiddleware(request, response, next); }; }; // src/getAuth.ts var import_internal2 = require("@clerk/backend/internal"); var getAuth = (req, options) => { if (!requestHasAuthObject(req)) { throw new Error(middlewareRequired("getAuth")); } const authObject = req.auth(options); return (0, import_internal2.getAuthObjectForAcceptedToken)({ authObject, acceptsToken: options?.acceptsToken }); }; // src/requireAuth.ts var requireAuth = (options = {}) => { const authMiddleware = authenticateAndDecorateRequest({ ...options, acceptsToken: "any" }); return (request, response, next) => { authMiddleware(request, response, (err) => { if (err) { return next(err); } const signInUrl = options.signInUrl || process.env.CLERK_SIGN_IN_URL || "/"; if (!request.auth()?.userId) { return response.redirect(signInUrl); } next(); }); }; }; // Annotate the CommonJS export names for ESM import in node: 0 && (module.exports = { authenticateRequest, clerkClient, clerkMiddleware, getAuth, requireAuth, ...require("@clerk/backend") }); //# sourceMappingURL=index.js.map