UNPKG

@tidecloak/nextjs

Version:

TideCloak nextjs SDK

github.com/tide-foundation/tidecloak-js

tide-foundation/tidecloak-js

78 lines 2.58 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
import { NextRequest, NextResponse } from 'next/server'; import { ProtectedRoutesMap } from './routerMatcher'; interface JWK { kid: string; kty: string; alg: string; use: string; crv: string; x: string; } export interface TidecloakConfig { realm: string; "auth-server-url": string; "ssl-required": string; resource: string; "public-client": boolean; "confidential-port": number; jwk: { keys: JWK[]; }; [key: string]: unknown; } /** * Configuration options for TideCloak middleware. * * - `config`: Your Tidecloak client adapter JSON. * - `protectedRoutes`: Map of path patterns to arrays of required roles. * - `onRequest`, `onSuccess`, `onFailure`, `onError`: Lifecycle hooks for custom logic. */ export interface TideMiddlewareOptions { /** Tidecloak client adapter JSON (downloaded from your Tidecloak realm settings) */ config: TidecloakConfig; /** Routes requiring a verified token and specific roles */ protectedRoutes?: ProtectedRoutesMap; /** Called before any auth logic; return a Response to short‑circuit */ onRequest?: (ctx: { token: string | null; }, req: NextRequest) => NextResponse | void; /** Called after successful auth and role checks; return a Response to override */ onSuccess?: (ctx: { payload: Record<string, any>; }, req: NextRequest) => NextResponse | void; /** Called when auth or role check fails; return a Response to override */ onFailure?: (ctx: { token: string | null; }, req: NextRequest) => NextResponse | void; /** Fallback for unhandled errors in middleware logic */ onError?: (err: any, req: NextRequest) => NextResponse; } /** * Returns a Next.js Edge Middleware function enforcing TideCloak auth. * * Example usage in your `middleware.ts`: * * ```ts * import tidecloakConfig from './tidecloakAdapter.json' * import { createTideMiddleware } from 'tidecloak-nextjs/server/tidecloakMiddleware' * * export default createTideMiddleware({ * config: tidecloakConfig, * protectedRoutes: { * '/admin/*': ['admin'], * '/api/private/*': ['user'] * } * }) * * export const config = { * matcher: [ * '/((?!_next|[^?]*\\.(?:html?|css|js(?!on)|jpe?g|webp|png|gif|svg|ttf|woff2?|ico)).*)', * '/(api|trpc)(.*)' * ], * runtime: 'edge' * } * ``` */ export declare function createTideCloakMiddleware(opts: TideMiddlewareOptions): (req: NextRequest) => Promise<NextResponse<unknown>>; export {}; //# sourceMappingURL=tidecloakMiddleware.d.ts.map