auth0 · adamjmcgrath · Mar 1, 2024
@@ -70,6 +70,7 @@ export interface NextConfig extends BaseConfig {
  * - `AUTH0_SESSION_ROLLING_DURATION`: See {@link SessionConfig.rollingDuration}.
  * - `AUTH0_SESSION_ABSOLUTE_DURATION`: See {@link SessionConfig.absoluteDuration}.
  * - `AUTH0_SESSION_AUTO_SAVE`: See {@link SessionConfig.autoSave}.
+ * - `AUTH0_SESSION_STORE_ID_TOKEN`: See {@link SessionConfig.storeIDToken}.
  * - `AUTH0_COOKIE_DOMAIN`: See {@link CookieConfig.domain}.
  * - `AUTH0_COOKIE_PATH`: See {@link CookieConfig.path}.
  * - `AUTH0_COOKIE_TRANSIENT`: See {@link CookieConfig.transient}.

diff --git a/src/auth0-session/client/edge-client.ts b/src/auth0-session/client/edge-client.ts
    return authorizationUrl.toString();
  }

  async callbackParams(req: Auth0Request, expectedState: string) {
    const [as, client] = await this.getClient();
    const url =
      req.getMethod().toUpperCase() === 'GET' ? new URL(req.getUrl()) : new URLSearchParams(await req.getBody());
      this.config.idpLogout &&
      (this.config.auth0Logout || (issuerUrl.hostname.match('\\.auth0\\.com$') && this.config.auth0Logout !== false))
    ) {
      const { id_token_hint, post_logout_redirect_uri, ...extraParams } = parameters;
      const auth0LogoutUrl: URL = new URL(urlJoin(as.issuer, '/v2/logout'));
      post_logout_redirect_uri && auth0LogoutUrl.searchParams.set('returnTo', post_logout_redirect_uri);
      auth0LogoutUrl.searchParams.set('client_id', this.config.clientID);
diff --git a/src/auth0-session/client/node-client.ts b/src/auth0-session/client/node-client.ts
      ) {
        Object.defineProperty(this.client, 'endSessionUrl', {
          value(params: EndSessionParameters) {
            const { id_token_hint, post_logout_redirect_uri, ...extraParams } = params;
            const parsedUrl = new URL(urlJoin(issuer.metadata.issuer, '/v2/logout'));
            parsedUrl.searchParams.set('client_id', config.clientID);
            post_logout_redirect_uri && parsedUrl.searchParams.set('returnTo', post_logout_redirect_uri);
    return client.authorizationUrl(parameters);
  }

  async callbackParams(req: Auth0Request) {
    const client = await this.getClient();
    const obj: CallbackParamsType = client.callbackParams({
      method: req.getMethod(),
diff --git a/src/auth0-session/handlers/backchannel-logout.ts b/src/auth0-session/handlers/backchannel-logout.ts
    session: { store },
    backchannelLogout
  } = config;
  return typeof backchannelLogout === 'boolean' ? store! : backchannelLogout.store;
 };

 export type HandleBackchannelLogout = (req: Auth0Request, res: Auth0Response) => Promise<void>;
diff --git a/src/auth0-session/handlers/callback.ts b/src/auth0-session/handlers/callback.ts
      throw err;
    }

    const openidState: { returnTo?: string } = decodeState(expectedState as string)!;
    let session = await sessionCache.fromTokenEndpointResponse(req, res, tokenResponse);

    if (options?.afterCallback) {
diff --git a/src/auth0-session/http/node-request.ts b/src/auth0-session/http/node-request.ts
    super(req);
  }

  public getUrl() {
    return this.req.url as string;
  }

  public getMethod() {
    return this.req.method as string;
  }

  public getBody() {
    return (this.req as IncomingMessage & { body: Record<string, string> }).body;
  }

diff --git a/src/auth0-session/http/node-response.ts b/src/auth0-session/http/node-response.ts
    super(res);
  }

  public setCookie(name: string, value: string, options?: CookieSerializeOptions) {
    let cookies = this.res.getHeader('Set-Cookie') || [];
    if (!Array.isArray(cookies)) {
      cookies = [cookies as string];
	return authorizationUrl.toString();
	}

	async callbackParams(req: Auth0Request, expectedState: string) {
Check warning on line 123 in src/auth0-session/client/edge-client.ts GitHub Actions / Lint Code `Missing return type on function`
	const [as, client] = await this.getClient();
	const url =
	req.getMethod().toUpperCase() === 'GET' ? new URL(req.getUrl()) : new URLSearchParams(await req.getBody());
	this.config.idpLogout &&
	(this.config.auth0Logout \|\| (issuerUrl.hostname.match('\\.auth0\\.com$') && this.config.auth0Logout !== false))
	) {
	const { id_token_hint, post_logout_redirect_uri, ...extraParams } = parameters;
Check warning on line 196 in src/auth0-session/client/edge-client.ts GitHub Actions / Lint Code `'id_token_hint' is assigned a value but never used`
	const auth0LogoutUrl: URL = new URL(urlJoin(as.issuer, '/v2/logout'));
	post_logout_redirect_uri && auth0LogoutUrl.searchParams.set('returnTo', post_logout_redirect_uri);
	auth0LogoutUrl.searchParams.set('client_id', this.config.clientID);
	) {
	Object.defineProperty(this.client, 'endSessionUrl', {
	value(params: EndSessionParameters) {
	const { id_token_hint, post_logout_redirect_uri, ...extraParams } = params;
Check warning on line 150 in src/auth0-session/client/node-client.ts GitHub Actions / Lint Code `'id_token_hint' is assigned a value but never used`
	const parsedUrl = new URL(urlJoin(issuer.metadata.issuer, '/v2/logout'));
	parsedUrl.searchParams.set('client_id', config.clientID);
	post_logout_redirect_uri && parsedUrl.searchParams.set('returnTo', post_logout_redirect_uri);
	return client.authorizationUrl(parameters);
	}

	async callbackParams(req: Auth0Request) {
Check warning on line 182 in src/auth0-session/client/node-client.ts GitHub Actions / Lint Code `Missing return type on function`
	const client = await this.getClient();
	const obj: CallbackParamsType = client.callbackParams({
	method: req.getMethod(),
	session: { store },
	backchannelLogout
	} = config;
	return typeof backchannelLogout === 'boolean' ? store! : backchannelLogout.store;
Check warning on line 13 in src/auth0-session/handlers/backchannel-logout.ts GitHub Actions / Lint Code `Forbidden non-null assertion`
	};

	export type HandleBackchannelLogout = (req: Auth0Request, res: Auth0Response) => Promise<void>;
	throw err;
	}

	const openidState: { returnTo?: string } = decodeState(expectedState as string)!;
Check warning on line 96 in src/auth0-session/handlers/callback.ts GitHub Actions / Lint Code `Forbidden non-null assertion`
	let session = await sessionCache.fromTokenEndpointResponse(req, res, tokenResponse);

	if (options?.afterCallback) {
	super(req);
	}

	public getUrl() {
Check warning on line 11 in src/auth0-session/http/node-request.ts GitHub Actions / Lint Code `Missing return type on function`
	return this.req.url as string;
	}

	public getMethod() {
Check warning on line 15 in src/auth0-session/http/node-request.ts GitHub Actions / Lint Code `Missing return type on function`
	return this.req.method as string;
	}

	public getBody() {
Check warning on line 19 in src/auth0-session/http/node-request.ts GitHub Actions / Lint Code `Missing return type on function`
	return (this.req as IncomingMessage & { body: Record<string, string> }).body;
	}
	super(res);
	}

	public setCookie(name: string, value: string, options?: CookieSerializeOptions) {
Check warning on line 12 in src/auth0-session/http/node-response.ts GitHub Actions / Lint Code `Missing return type on function`
	let cookies = this.res.getHeader('Set-Cookie') \|\| [];
	if (!Array.isArray(cookies)) {
	cookies = [cookies as string];