scandic/web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: SW-158 Enabled support for authjs nonce

Browse Source
This commit is contained in:
Hrishikesh Vaipurkar
2024-07-09 16:07:13 +02:00
parent e36f5cd122
commit 2ce21626b9
2 changed files with 18 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
app/[lang]/(live)/(public)/verifymagiclink/route.ts
View File

@@ -6,6 +6,7 @@ import { env } from "@/env/server"
import { internalServerError } from "@/server/errors/next" import { internalServerError } from "@/server/errors/next"
import { signIn } from "@/auth" import { signIn } from "@/auth"
// import { encode } from "@auth/core/jwt"
export async function GET( export async function GET(
request: NextRequest, request: NextRequest,
@@ -13,7 +14,6 @@ export async function GET(
) { ) {
let redirectHeaders: Headers | undefined = undefined let redirectHeaders: Headers | undefined = undefined
let redirectTo: string let redirectTo: string
let nonce: string
let value: string let value: string
redirectTo = redirectTo =
@@ -35,7 +35,6 @@ export async function GET(
"set-cookie", "set-cookie",
"redirectTo=; Expires=Thu, 01 Jan 1970 00:00:00 UTC; Path=/; HttpOnly; SameSite=Lax" "redirectTo=; Expires=Thu, 01 Jan 1970 00:00:00 UTC; Path=/; HttpOnly; SameSite=Lax"
) )
nonce = "" + request.nextUrl.searchParams.get("nonce")?.toString()
value = "" + request.nextUrl.searchParams.get("nonce")?.toString() value = "" + request.nextUrl.searchParams.get("nonce")?.toString()
try { try {
@@ -53,12 +52,27 @@ export async function GET(
}, },
[ [
["ui_locales", context.params.lang], ["ui_locales", context.params.lang],
["nonce", nonce], ["nonce", value],
["acr_values", "cat"], ["acr_values", "cat"],
] ]
) )
if (redirectUrl) { if (redirectUrl) {
// Check if needed based on discussion with Curity support for custom nonce
// const token = { value };
// const secret = env.NEXTAUTH_SECRET;
// const maxAge = 60 * 15;
// const name = "authjs.nonce";
// const testingCookie = await encode({ secret, maxAge, token, salt: name });
// console.log(testingCookie);
// const expires = new Date();
// expires.setTime(expires.getTime() + maxAge * 1000);
// redirectHeaders.append(
// "set-cookie",
// "authjs.nonce=" + testingCookie + "; Expires=" + expires + "; Path=/; HttpOnly; SameSite=Lax"
// )
// redirectUrl = redirectUrl.replace(/nonce=.*&code_challenge=/gi, "nonce="+value+"&code_challenge=");
return NextResponse.redirect(redirectUrl, { return NextResponse.redirect(redirectUrl, {
headers: redirectHeaders, headers: redirectHeaders,
}) })

1
auth.ts
View File

@@ -95,6 +95,7 @@ const curityProvider = {
authorization: { authorization: {
url: `${env.CURITY_ISSUER_USER}/oauth/v2/authorize`, url: `${env.CURITY_ISSUER_USER}/oauth/v2/authorize`,
}, },
checks: ["pkce", "nonce"],
token: { token: {
url: `${env.CURITY_ISSUER_USER}/oauth/v2/token`, url: `${env.CURITY_ISSUER_USER}/oauth/v2/token`,
}, },