UNPKG

@clerk/nextjs

Version:

Clerk SDK for NextJS

clerk.com

clerk/javascript

1 lines 3.31 kB
1
{"version":3,"sources":["../../../../src/server/data/getAuthDataFromRequest.ts"],"sourcesContent":["import type { AuthObject } from '@clerk/backend';\nimport { AuthStatus, constants, signedInAuthObject, signedOutAuthObject } from '@clerk/backend/internal';\nimport { decodeJwt } from '@clerk/backend/jwt';\n\nimport type { LoggerNoCommit } from '../../utils/debugLogger';\nimport { API_URL, API_VERSION, PUBLISHABLE_KEY, SECRET_KEY } from '../constants';\nimport { getAuthKeyFromRequest, getHeader } from '../headers-utils';\nimport type { RequestLike } from '../types';\nimport { assertTokenSignature, decryptClerkRequestData } from '../utils';\n\n/**\n * Given a request object, builds an auth object from the request data. Used in server-side environments to get access\n * to auth data for a given request.\n */\nexport function getAuthDataFromRequest(\n req: RequestLike,\n opts: { secretKey?: string; logger?: LoggerNoCommit } = {},\n): AuthObject {\n const authStatus = getAuthKeyFromRequest(req, 'AuthStatus');\n const authToken = getAuthKeyFromRequest(req, 'AuthToken');\n const authMessage = getAuthKeyFromRequest(req, 'AuthMessage');\n const authReason = getAuthKeyFromRequest(req, 'AuthReason');\n const authSignature = getAuthKeyFromRequest(req, 'AuthSignature');\n\n opts.logger?.debug('headers', { authStatus, authMessage, authReason });\n\n const encryptedRequestData = getHeader(req, constants.Headers.ClerkRequestData);\n const decryptedRequestData = decryptClerkRequestData(encryptedRequestData);\n\n const options = {\n secretKey: opts?.secretKey || decryptedRequestData.secretKey || SECRET_KEY,\n publishableKey: decryptedRequestData.publishableKey || PUBLISHABLE_KEY,\n apiUrl: API_URL,\n apiVersion: API_VERSION,\n authStatus,\n authMessage,\n authReason,\n };\n\n opts.logger?.debug('auth options', options);\n\n let authObject;\n if (!authStatus || authStatus !== AuthStatus.SignedIn) {\n authObject = signedOutAuthObject(options);\n } else {\n assertTokenSignature(authToken as string, options.secretKey, authSignature);\n\n const jwt = decodeJwt(authToken as string);\n\n opts.logger?.debug('jwt', jwt.raw);\n\n // @ts-expect-error -- Restrict parameter type of options to only list what's needed\n authObject = signedInAuthObject(options, jwt.raw.text, jwt.payload);\n }\n\n return authObject;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AACA,sBAA+E;AAC/E,iBAA0B;AAG1B,uBAAkE;AAClE,2BAAiD;AAEjD,mBAA8D;AAMvD,SAAS,uBACd,KACA,OAAwD,CAAC,GAC7C;AAjBd;AAkBE,QAAM,iBAAa,4CAAsB,KAAK,YAAY;AAC1D,QAAM,gBAAY,4CAAsB,KAAK,WAAW;AACxD,QAAM,kBAAc,4CAAsB,KAAK,aAAa;AAC5D,QAAM,iBAAa,4CAAsB,KAAK,YAAY;AAC1D,QAAM,oBAAgB,4CAAsB,KAAK,eAAe;AAEhE,aAAK,WAAL,mBAAa,MAAM,WAAW,EAAE,YAAY,aAAa,WAAW;AAEpE,QAAM,2BAAuB,gCAAU,KAAK,0BAAU,QAAQ,gBAAgB;AAC9E,QAAM,2BAAuB,sCAAwB,oBAAoB;AAEzE,QAAM,UAAU;AAAA,IACd,YAAW,6BAAM,cAAa,qBAAqB,aAAa;AAAA,IAChE,gBAAgB,qBAAqB,kBAAkB;AAAA,IACvD,QAAQ;AAAA,IACR,YAAY;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,aAAK,WAAL,mBAAa,MAAM,gBAAgB;AAEnC,MAAI;AACJ,MAAI,CAAC,cAAc,eAAe,2BAAW,UAAU;AACrD,qBAAa,qCAAoB,OAAO;AAAA,EAC1C,OAAO;AACL,2CAAqB,WAAqB,QAAQ,WAAW,aAAa;AAE1E,UAAM,UAAM,sBAAU,SAAmB;AAEzC,eAAK,WAAL,mBAAa,MAAM,OAAO,IAAI;AAG9B,qBAAa,oCAAmB,SAAS,IAAI,IAAI,MAAM,IAAI,OAAO;AAAA,EACpE;AAEA,SAAO;AACT;","names":[]}