-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathauth.ts
More file actions
118 lines (105 loc) · 4.22 KB
/
auth.ts
File metadata and controls
118 lines (105 loc) · 4.22 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
import NextAuth, { DefaultSession } from "next-auth"
const BASE_URL = "https://api.netodev.com/oauth/v2";
export const { handlers, signIn, signOut, auth } = NextAuth({
debug: process.env.NODE_ENV !== "production",
providers: [{
id: "neto",
name: "Neto",
type: "oidc", // "oidc" for OpenID or "oauth" for OAuth 2 providers
issuer: "https://api.netodev.com",
clientId: process.env.CLIENT_ID,
clientSecret: process.env.CLIENT_SECRET,
client: {
token_endpoint_auth_method: "client_secret_post",
userinfo_signed_response_alg: "RS256",
},
authorization: {
url: `${BASE_URL}/auth?version=2`,
params: { store_domain: "keylime.neto.com.au", response_type: "code" },
},
checks: ["state"],
token: {
url: `${BASE_URL}/token?version=2`,
async request(context: { provider: { clientId: string; clientSecret: string; callbackUrl: any; }; params: { code: string; }; }) {
const response = await fetch(`${BASE_URL}/token?version=2`, {
headers: { "Content-Type": "application/x-www-form-urlencoded" },
method: "POST",
body: new URLSearchParams({
client_id: context.provider.clientId as string,
client_secret: context.provider.clientSecret as string,
grant_type: "authorization_code",
code: context.params.code as string,
redirect_uri: context.provider.callbackUrl,
}),
})
return { tokens: await response.json() }
},
},
userinfo: {
url: `https://api.netodev.com/v2/stores`,
async request({ tokens, provider }: any) {
const url = `${provider.userinfo?.url}/${tokens.api_id}/users?username=${tokens.username}`
const profile = await fetch(url, {
headers: {
Authorization: `Bearer ${tokens.access_token}`,
"Content-Type": "application/json",
},
}).then(async (res) => await res.json())
return profile.result
},
},
profile(profile) {
return {
id: profile.sub,
name: profile.name ?? profile.username,
email: profile.email,
image: profile.image ?? "https://source.boringavatars.com/beam/120",
}
},
}],
callbacks: {
//authorized({ request, auth }) {
// const { pathname } = request.nextUrl
// if (pathname === "/middleware-example") return !!auth
// return true
// },
async redirect({ url, baseUrl }) {
// Allows relative callback URLs
if (url.startsWith("/")) return `${baseUrl}${url}`
// Allows callback URLs on the same origin
if (new URL(url).origin === baseUrl) return url
return baseUrl
},
async jwt({ token, trigger, session, account }) {
//if (trigger === "update") token.name = session.user.name
if (account?.provider === "neto") {
return { ...token, access_token: account.access_token, expires_at: account.expires_at, refresh_token: account.refresh_token, webstore_api_id: account.api_id }
}
return token
},
async session({ session, token }) {
if (token?.access_token) {
session.access_token = token.access_token as string
}
if (token?.webstore_api_id) {
session.webstore_api_id = token.webstore_api_id as string
}
if (token?.expires_at) {
session.expires_at = token.expires_at as number
}
if (token?.refresh_token) {
session.refresh_token = token.refresh_token as string
}
console.log(`AuthJS session created`)
return session
},
},
})
declare module 'next-auth' {
interface Session extends DefaultSession {
access_token?: string;
refresh_token?: string;
webstore_api_id?: string;
expires_at?: number;
}
}