Skip to content

Commit

Permalink
feat(web): expose Web API compatible version of next-auth (#5536)
Browse files Browse the repository at this point in the history
* WIP use `Request` and `Response` for core

* bump Next.js

* rename ts types

* refactor

* simplify

* upgrade Next.js

* implement body reader

* use `Request`/`Response` in `next-auth/next`

* make linter happy

* revert

* fix tests

* remove workaround for middleware return type

* return session in protected api route example

* don't export internal handler

* fall back host to localhost

* refactor `getBody`

* refactor `next-auth/next`

* chore: add `@edge-runtime/jest-environment`

* fix tests, using Node 18 as runtime

* fix test

* remove patch

* upgrade/add dependencies

* type and default import on one line

* don't import all adapters by default in dev

* simplify internal endpoint config

Instead of passing url and params around as a string and an object,
we parse them into a `URL` instance.

* assert if both endpoint and issuer config is missing

* allow internal redirect to be `URL`

* mark clientId as always internally, fix comments

* add web-compatible authorization URL handling

* fix type

* fix neo4j build

* remove new-line

* reduce file changes in the PR

* simplify types

* refactor `crypto` usage

In Node.js, inject `globalThis.crypto` instead of import

* add `next-auth/web`

* refactor

* send header instead of body to indicate redirect response

* fix eslint

* fix tests

* chore: upgrade dep

* fix import

* refactor: more renames

* wip core

* support OIDC

* remove `openid-client`

* temprarily remove duplicate logos

* revert

* move redirect logic to core

* wip fix css

* revert Logo component

* output ESM

* fix logout

* deprecate OAuth 1,  simplify internals, improve defaults

* refactor providers, test facebook

* fix providers

* target es2020

* fix CSS

* update lock file

* make logos optional

* sync with `next-auth`

* clean up `next-auth/edge`

* sync

* remove uuid

* make secret required in dev

* remove todo comments

* pass through OAuth client options

* generate declaration map

* default env secret to AUTH_SECRET

* temporary Headers fix

* move pages to lib

* move errors to lib

* move pages/index to lib

* move routes to lib

* move init to lib

* move styles to lib

* move types to lib

* move utils to lib

* fix imports

* update ignore/clean patterns

* fix imports

* update styles ts

* update gitignore

* update exports field

* revert `next-auth`

* remove extra tsconfig files

* remove `private` from package.json

* remove unused file, expose type

* move gitignore, reduce exposed types

* add back tsconfig files

* remove leftover

* revert gitignore

* remove test script
  • Loading branch information
balazsorban44 authored Dec 13, 2022
1 parent 092ab9c commit a7b6a29
Show file tree
Hide file tree
Showing 115 changed files with 9,531 additions and 214 deletions.
9 changes: 8 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -78,4 +78,11 @@ test.schema.gql

# docusaurus
docs/.docusaurus
docs/providers.json
docs/providers.json

# Core
packages/core/adapters.*
packages/core/index.*
packages/core/jwt
packages/core/lib
packages/core/providers
1 change: 1 addition & 0 deletions apps/dev/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
"faunadb": "^4",
"next": "13.0.6",
"next-auth": "workspace:*",
"@auth/core": "workspace:*",
"nodemailer": "^6",
"react": "^18",
"react-dom": "^18"
Expand Down
127 changes: 77 additions & 50 deletions apps/dev/pages/api/auth/[...nextauth].ts
Original file line number Diff line number Diff line change
@@ -1,39 +1,39 @@
import NextAuth, { type NextAuthOptions } from "next-auth"
import { AuthHandler, type AuthOptions } from "@auth/core"

// Providers
import Apple from "next-auth/providers/apple"
import Auth0 from "next-auth/providers/auth0"
import AzureAD from "next-auth/providers/azure-ad"
import AzureB2C from "next-auth/providers/azure-ad-b2c"
import BoxyHQSAML from "next-auth/providers/boxyhq-saml"
import Cognito from "next-auth/providers/cognito"
import Credentials from "next-auth/providers/credentials"
import Discord from "next-auth/providers/discord"
import DuendeIDS6 from "next-auth/providers/duende-identity-server6"
import Email from "next-auth/providers/email"
import Facebook from "next-auth/providers/facebook"
import Foursquare from "next-auth/providers/foursquare"
import Freshbooks from "next-auth/providers/freshbooks"
import GitHub from "next-auth/providers/github"
import Gitlab from "next-auth/providers/gitlab"
import Google from "next-auth/providers/google"
import IDS4 from "next-auth/providers/identity-server4"
import Instagram from "next-auth/providers/instagram"
import Keycloak from "next-auth/providers/keycloak"
import Line from "next-auth/providers/line"
import LinkedIn from "next-auth/providers/linkedin"
import Mailchimp from "next-auth/providers/mailchimp"
import Okta from "next-auth/providers/okta"
import Osu from "next-auth/providers/osu"
import Patreon from "next-auth/providers/patreon"
import Slack from "next-auth/providers/slack"
import Spotify from "next-auth/providers/spotify"
import Trakt from "next-auth/providers/trakt"
import Twitch from "next-auth/providers/twitch"
import Twitter, { TwitterLegacy } from "next-auth/providers/twitter"
import Vk from "next-auth/providers/vk"
import Wikimedia from "next-auth/providers/wikimedia"
import WorkOS from "next-auth/providers/workos"
import Apple from "@auth/core/providers/apple"
import Auth0 from "@auth/core/providers/auth0"
import AzureAD from "@auth/core/providers/azure-ad"
import AzureB2C from "@auth/core/providers/azure-ad-b2c"
import BoxyHQSAML from "@auth/core/providers/boxyhq-saml"
// import Cognito from "@auth/core/providers/cognito"
import Credentials from "@auth/core/providers/credentials"
import Discord from "@auth/core/providers/discord"
import DuendeIDS6 from "@auth/core/providers/duende-identity-server6"
// import Email from "@auth/core/providers/email"
import Facebook from "@auth/core/providers/facebook"
import Foursquare from "@auth/core/providers/foursquare"
import Freshbooks from "@auth/core/providers/freshbooks"
import GitHub from "@auth/core/providers/github"
import Gitlab from "@auth/core/providers/gitlab"
import Google from "@auth/core/providers/google"
// import IDS4 from "@auth/core/providers/identity-server4"
import Instagram from "@auth/core/providers/instagram"
// import Keycloak from "@auth/core/providers/keycloak"
import Line from "@auth/core/providers/line"
import LinkedIn from "@auth/core/providers/linkedin"
import Mailchimp from "@auth/core/providers/mailchimp"
// import Okta from "@auth/core/providers/okta"
import Osu from "@auth/core/providers/osu"
import Patreon from "@auth/core/providers/patreon"
import Slack from "@auth/core/providers/slack"
import Spotify from "@auth/core/providers/spotify"
import Trakt from "@auth/core/providers/trakt"
import Twitch from "@auth/core/providers/twitch"
import Twitter from "@auth/core/providers/twitter"
import Vk from "@auth/core/providers/vk"
import Wikimedia from "@auth/core/providers/wikimedia"
import WorkOS from "@auth/core/providers/workos"

// // Prisma
// import { PrismaClient } from "@prisma/client"
Expand Down Expand Up @@ -66,9 +66,9 @@ import WorkOS from "next-auth/providers/workos"
// secret: process.env.SUPABASE_SERVICE_ROLE_KEY,
// })

export const authOptions: NextAuthOptions = {
export const authOptions: AuthOptions = {
// adapter,
debug: process.env.NODE_ENV !== "production",
// debug: process.env.NODE_ENV !== "production",
theme: {
logo: "https://next-auth.js.org/img/logo/logo-sm.png",
brandColor: "#1786fb",
Expand All @@ -78,15 +78,19 @@ export const authOptions: NextAuthOptions = {
credentials: { password: { label: "Password", type: "password" } },
async authorize(credentials) {
if (credentials.password !== "pw") return null
return { name: "Fill Murray", email: "bill@fillmurray.com", image: "https://www.fillmurray.com/64/64" }
return { name: "Fill Murray", email: "bill@fillmurray.com", image: "https://www.fillmurray.com/64/64", id: "1", foo: "" }
},
}),
Apple({ clientId: process.env.APPLE_ID, clientSecret: process.env.APPLE_SECRET }),
Auth0({ clientId: process.env.AUTH0_ID, clientSecret: process.env.AUTH0_SECRET, issuer: process.env.AUTH0_ISSUER }),
AzureAD({ clientId: process.env.AZURE_AD_CLIENT_ID, clientSecret: process.env.AZURE_AD_CLIENT_SECRET, tenantId: process.env.AZURE_AD_TENANT_ID }),
AzureAD({
clientId: process.env.AZURE_AD_CLIENT_ID,
clientSecret: process.env.AZURE_AD_CLIENT_SECRET,
tenantId: process.env.AZURE_AD_TENANT_ID,
}),
AzureB2C({ clientId: process.env.AZURE_B2C_ID, clientSecret: process.env.AZURE_B2C_SECRET, issuer: process.env.AZURE_B2C_ISSUER }),
BoxyHQSAML({ issuer: "https://jackson-demo.boxyhq.com", clientId: "tenant=boxyhq.com&product=saml-demo.boxyhq.com", clientSecret: "dummy" }),
Cognito({ clientId: process.env.COGNITO_ID, clientSecret: process.env.COGNITO_SECRET, issuer: process.env.COGNITO_ISSUER }),
// Cognito({ clientId: process.env.COGNITO_ID, clientSecret: process.env.COGNITO_SECRET, issuer: process.env.COGNITO_ISSUER }),
Discord({ clientId: process.env.DISCORD_ID, clientSecret: process.env.DISCORD_SECRET }),
DuendeIDS6({ clientId: "interactive.confidential", clientSecret: "secret", issuer: "https://demo.duendesoftware.com" }),
Facebook({ clientId: process.env.FACEBOOK_ID, clientSecret: process.env.FACEBOOK_SECRET }),
Expand All @@ -95,33 +99,56 @@ export const authOptions: NextAuthOptions = {
GitHub({ clientId: process.env.GITHUB_ID, clientSecret: process.env.GITHUB_SECRET }),
Gitlab({ clientId: process.env.GITLAB_ID, clientSecret: process.env.GITLAB_SECRET }),
Google({ clientId: process.env.GOOGLE_ID, clientSecret: process.env.GOOGLE_SECRET }),
IDS4({ clientId: process.env.IDS4_ID, clientSecret: process.env.IDS4_SECRET, issuer: process.env.IDS4_ISSUER }),
// IDS4({ clientId: process.env.IDS4_ID, clientSecret: process.env.IDS4_SECRET, issuer: process.env.IDS4_ISSUER }),
Instagram({ clientId: process.env.INSTAGRAM_ID, clientSecret: process.env.INSTAGRAM_SECRET }),
Keycloak({ clientId: process.env.KEYCLOAK_ID, clientSecret: process.env.KEYCLOAK_SECRET, issuer: process.env.KEYCLOAK_ISSUER }),
// Keycloak({ clientId: process.env.KEYCLOAK_ID, clientSecret: process.env.KEYCLOAK_SECRET, issuer: process.env.KEYCLOAK_ISSUER }),
Line({ clientId: process.env.LINE_ID, clientSecret: process.env.LINE_SECRET }),
LinkedIn({ clientId: process.env.LINKEDIN_ID, clientSecret: process.env.LINKEDIN_SECRET }),
Mailchimp({ clientId: process.env.MAILCHIMP_ID, clientSecret: process.env.MAILCHIMP_SECRET }),
Okta({ clientId: process.env.OKTA_ID, clientSecret: process.env.OKTA_SECRET, issuer: process.env.OKTA_ISSUER }),
// Okta({ clientId: process.env.OKTA_ID, clientSecret: process.env.OKTA_SECRET, issuer: process.env.OKTA_ISSUER }),
Osu({ clientId: process.env.OSU_CLIENT_ID, clientSecret: process.env.OSU_CLIENT_SECRET }),
Patreon({ clientId: process.env.PATREON_ID, clientSecret: process.env.PATREON_SECRET }),
Slack({ clientId: process.env.SLACK_ID, clientSecret: process.env.SLACK_SECRET }),
Spotify({ clientId: process.env.SPOTIFY_ID, clientSecret: process.env.SPOTIFY_SECRET }),
Trakt({ clientId: process.env.TRAKT_ID, clientSecret: process.env.TRAKT_SECRET }),
Twitch({ clientId: process.env.TWITCH_ID, clientSecret: process.env.TWITCH_SECRET }),
Twitter({ version: "2.0", clientId: process.env.TWITTER_ID, clientSecret: process.env.TWITTER_SECRET }),
TwitterLegacy({ clientId: process.env.TWITTER_LEGACY_ID, clientSecret: process.env.TWITTER_LEGACY_SECRET }),
Twitter({ clientId: process.env.TWITTER_ID, clientSecret: process.env.TWITTER_SECRET }),
// TwitterLegacy({ clientId: process.env.TWITTER_LEGACY_ID, clientSecret: process.env.TWITTER_LEGACY_SECRET }),
Vk({ clientId: process.env.VK_ID, clientSecret: process.env.VK_SECRET }),
Wikimedia({ clientId: process.env.WIKIMEDIA_ID, clientSecret: process.env.WIKIMEDIA_SECRET }),
WorkOS({ clientId: process.env.WORKOS_ID, clientSecret: process.env.WORKOS_SECRET }),
],
}

if (authOptions.adapter) {
authOptions.providers.unshift(
// NOTE: You can start a fake e-mail server with `pnpm email`
// and then go to `http://localhost:1080` in the browser
Email({ server: "smtp://127.0.0.1:1025?tls.rejectUnauthorized=false" })
)
// TODO:
// authOptions.providers.unshift(
// // NOTE: You can start a fake e-mail server with `pnpm email`
// // and then go to `http://localhost:1080` in the browser
// Email({ server: "smtp://127.0.0.1:1025?tls.rejectUnauthorized=false" })
// )
}

// TODO: move to next-auth/edge
function Auth(...args: any[]) {
const envSecret = process.env.AUTH_SECRET ?? process.env.NEXTAUTH_SECRET
const envTrustHost = !!(process.env.NEXTAUTH_URL ?? process.env.AUTH_TRUST_HOST ?? process.env.VERCEL ?? process.env.NODE_ENV !== "production")
if (args.length === 1) {
return async (req: Request) => {
args[0].secret ??= envSecret
args[0].trustHost ??= envTrustHost
return await AuthHandler(req, args[0])
}
}
args[1].secret ??= envSecret
args[1].trustHost ??= envTrustHost
return AuthHandler(args[0], args[1])
}

// export default Auth(authOptions)

export default function handle(request: Request) {
return Auth(request, authOptions)
}

export default NextAuth(authOptions)
export const config = { runtime: "experimental-edge" }
75 changes: 75 additions & 0 deletions packages/core/package.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
{
"name": "@auth/core",
"version": "0.0.0",
"description": "Authentication for the web.",
"homepage": "https://next-auth.js.org",
"repository": "https://github.com/nextauthjs/next-auth.git",
"author": "Balázs Orbán <info@balazsorban.com>",
"contributors": [
"Balázs Orbán <info@balazsorban.com>",
"Nico Domino <yo@ndo.dev>",
"Lluis Agusti <hi@llu.lu>",
"Thang Huu Vu <thvu@hey.com>",
"Iain Collins <me@iaincollins.com"
],
"type": "module",
"types": "./index.d.ts",
"files": [
"adapters.*",
"index.*",
"jwt",
"lib",
"providers",
"src"
],
"exports": {
".": {
"types": "./index.d.ts",
"import": "./index.js"
},
"./adapters": {
"types": "./adapters.d.ts"
},
"./jwt": {
"types": "./jwt/index.d.ts",
"import": "./jwt/index.js"
},
"./providers/*": {
"types": "./providers/*.d.ts",
"import": "./providers/*.js"
}
},
"license": "ISC",
"dependencies": {
"@panva/hkdf": "1.0.2",
"cookie": "0.5.0",
"jose": "4.11.1",
"oauth4webapi": "2.0.4",
"preact": "10.11.3",
"preact-render-to-string": "5.2.3"
},
"peerDependencies": {
"nodemailer": "6.8.0"
},
"peerDependenciesMeta": {
"nodemailer": {
"optional": true
}
},
"scripts": {
"build": "pnpm clean && tsc && pnpm css",
"clean": "rm -rf adapters.* index.* jwt lib providers",
"css": "node ./scripts/generate-css.js",
"dev": "pnpm css && tsc -w"
},
"devDependencies": {
"@next-auth/tsconfig": "workspace:*",
"@types/node": "18.11.10",
"@types/nodemailer": "6.4.6",
"@types/react": "18.0.26",
"autoprefixer": "10.4.13",
"cssnano": "5.1.14",
"postcss": "8.4.19",
"postcss-nested": "6.0.0"
}
}
22 changes: 22 additions & 0 deletions packages/core/scripts/generate-css.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
import fs from "fs"
import path from "path"
import postcss from "postcss"

import autoprefixer from "autoprefixer"
import postCssNested from "postcss-nested"
import cssNano from "cssnano"

const from = path.join(process.cwd(), "src/lib/styles/index.css")
const css = fs.readFileSync(from)

const processedCss = await postcss([
autoprefixer,
postCssNested,
cssNano({ preset: "default" }),
]).process(css, { from })

fs.writeFileSync(
path.join(process.cwd(), "src/lib/styles/index.ts"),
`export default \`${processedCss.css}\`
// Generated by \`pnpm css\``
)
Loading

0 comments on commit a7b6a29

Please sign in to comment.