From 31f386f05fe5cc231328d76d1157147f61a634b1 Mon Sep 17 00:00:00 2001
From: Peter Phanouvong <peterphanouvong@gmail.com>
Date: Tue, 31 May 2022 12:47:27 +1000
Subject: [PATCH] rename env variables

---
 bundle.js              |  2 +-
 src/config/index.js    | 10 +++++-----
 src/handlers/logout.js |  5 +----
 3 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/bundle.js b/bundle.js
index e6927de..69d206b 100644
--- a/bundle.js
+++ b/bundle.js
@@ -1 +1 @@
-"use strict";Object.defineProperty(exports,"__esModule",{value:!0});var e=require("react"),r=require("crypto-js");function t(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var s=t(e);const a=process.env.KINDE_REDIRECT_URL,o=process.env.KINDE_ISSUER_URL,c=process.env.KINDE_POST_LOGOUT_REDIRECT_ROUTE,i={initialState:{user:null,isLoading:!0,checkSession:null},SESSION_PREFIX:"pkce-verifier",redirectURL:a,issuerURL:o,clientID:process.env.KINDE_CLIENT_ID,clientSecret:process.env.KINDE_CLIENT_SECRET,responseType:"code",scope:"openid offline",codeChallengeMethod:"S256",redirectRoutes:{callback:"/api/auth/kinde_callback",postLogoutRedirect:c||""},issuerRoutes:{logout:"/logout",login:"/oauth2/auth",register:"/oauth2/auth",token:"/oauth2/token",profile:"/oauth2/user_profile"}},n=()=>{throw new Error("Oops! Seems like you forgot to wrap your app in <KindeProvider>.")},u=e.createContext({...i.initialState,user:n,isLoading:n,checkSession:n});const d=require("crypto"),l=()=>d.randomBytes(28).toString("hex");function h(){const e=l(),t=function(e){return r.SHA256(e).toString(r.enc.Base64url)}(e);return{code_verifier:e,code_challenge:t}}var p=require("cookie");const _=(e,r,t)=>{const s=l(),{code_challenge:a,code_verifier:o}=h();return r.setHeader("Set-Cookie",p.serialize(`${i.SESSION_PREFIX}-${s}`,o,{httpOnly:!0,maxAge:t})),{state:s,code_challenge:a}};var R=require("cookie");var g=require("cookie");var y=require("cookie");exports.AuthContext=u,exports.KindeProvider=({children:r,initialUser:t})=>{const[a,o]=e.useState({...i.initialState,user:t,isLoading:!t}),c="/api/auth/me",n=e.useCallback((async()=>{try{const e=await(async e=>{let r;try{r=await fetch(e)}catch{throw new RequestError(0)}if(r.ok)return r.json();r.status})(c);o((r=>({...r,user:e,error:void 0})))}catch(e){o((r=>({...r,error:e})))}}),[c]);e.useEffect((()=>{a.user||(async()=>{await n(),o((e=>({...e,isLoading:!1})))})()}),[a.user]);const{user:d,error:l,isLoading:h}=a;return s.default.createElement(u.Provider,{value:{user:d,error:l,isLoading:h,isAuthenticated:!!d}},r)},exports.handleAuth=()=>async function(e,r){let{query:{kindeAuth:t}}=e;switch(t=Array.isArray(t)?t[0]:t,t){case"login":return await(async(e,r)=>{const{state:t,code_challenge:s}=_(0,r,60),a=new URL(i.issuerURL+i.issuerRoutes.login);a.searchParams.append("response_type",i.responseType),a.searchParams.append("client_id",i.clientID),a.searchParams.append("redirect_uri",i.redirectURL+i.redirectRoutes.callback),a.searchParams.append("scope",i.scope),a.searchParams.set("state",t),a.searchParams.set("code_challenge",s),a.searchParams.set("code_challenge_method",i.codeChallengeMethod),r.redirect(a.href)})(0,r);case"register":return await(async(e,r)=>{const{state:t,code_challenge:s}=_(0,r,180),a=new URL(i.issuerURL+i.issuerRoutes.register);a.searchParams.append("response_type",i.responseType),a.searchParams.append("client_id",i.clientID),a.searchParams.append("redirect_uri",i.redirectURL+i.redirectRoutes.callback),a.searchParams.append("scope",i.scope),a.searchParams.append("start_page","registration"),a.searchParams.set("state",t),a.searchParams.set("code_challenge",s),a.searchParams.set("code_challenge_method",i.codeChallengeMethod),r.redirect(a.href)})(0,r);case"me":return await(async(e,r)=>{const t=g.parse(e.headers.cookie||"").kinde_token;if(t){const e=JSON.parse(t);try{const t=await fetch(i.issuerURL+i.issuerRoutes.profile,{headers:new Headers({Authorization:"Bearer "+e.access_token})}),s=await t.json();r.send(s)}catch(e){console.log(e)}}else r.status(401).send("Unauthorized")})(e,r);case"logout":return await(async(e,r)=>{r.setHeader("Set-Cookie",R.serialize("kinde_token",null,{httpOnly:!0,maxAge:0}));const t=new URL(i.issuerURL+i.issuerRoutes.logout);t.searchParams.set("redirect",i.redirectURL+i.redirectRoutes.postLogoutRedirect),r.redirect(t.href)})(0,r);case"kinde_callback":return await(async(e,r)=>{const{code:t,state:s}=e.query,a=y.parse(e.headers.cookie||"")[`${i.SESSION_PREFIX}-${s}`];if(a){try{const e=await fetch(i.issuerURL+i.issuerRoutes.token,{method:"POST",headers:new Headers({"Content-type":"application/x-www-form-urlencoded; charset=UTF-8"}),body:new URLSearchParams({client_id:i.clientID,client_secret:i.clientSecret,code:t,code_verifier:a,grant_type:"authorization_code",redirect_uri:i.redirectURL+i.redirectRoutes.callback})}),s=await e.json();r.setHeader("Set-Cookie",y.serialize("kinde_token",JSON.stringify(s),{httpOnly:!0,maxAge:Number(s.expires_in)}))}catch(e){console.log(e)}r.redirect(i.redirectURL)}else r.redirect(i.redirectURL)})(e,r);default:return r.status(404).end()}},exports.useKindeAuth=()=>e.useContext(u);
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0});var e=require("react"),r=require("crypto-js");function t(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var s=t(e);const a=process.env.KINDE_SITE_URL,o=process.env.KINDE_ISSUER_URL,c=process.env.KINDE_POST_LOGOUT_REDIRECT_URL,i={initialState:{user:null,isLoading:!0,checkSession:null},SESSION_PREFIX:"pkce-verifier",redirectURL:a,issuerURL:o,clientID:process.env.KINDE_CLIENT_ID,clientSecret:process.env.KINDE_CLIENT_SECRET,postLogoutRedirectURL:c,responseType:"code",scope:"openid offline",codeChallengeMethod:"S256",redirectRoutes:{callback:"/api/auth/kinde_callback"},issuerRoutes:{logout:"/logout",login:"/oauth2/auth",register:"/oauth2/auth",token:"/oauth2/token",profile:"/oauth2/user_profile"}},n=()=>{throw new Error("Oops! Seems like you forgot to wrap your app in <KindeProvider>.")},u=e.createContext({...i.initialState,user:n,isLoading:n,checkSession:n});const d=require("crypto"),l=()=>d.randomBytes(28).toString("hex");function h(){const e=l(),t=function(e){return r.SHA256(e).toString(r.enc.Base64url)}(e);return{code_verifier:e,code_challenge:t}}var p=require("cookie");const _=(e,r,t)=>{const s=l(),{code_challenge:a,code_verifier:o}=h();return r.setHeader("Set-Cookie",p.serialize(`${i.SESSION_PREFIX}-${s}`,o,{httpOnly:!0,maxAge:t})),{state:s,code_challenge:a}};var g=require("cookie");var R=require("cookie");var y=require("cookie");exports.AuthContext=u,exports.KindeProvider=({children:r,initialUser:t})=>{const[a,o]=e.useState({...i.initialState,user:t,isLoading:!t}),c="/api/auth/me",n=e.useCallback((async()=>{try{const e=await(async e=>{let r;try{r=await fetch(e)}catch{throw new RequestError(0)}if(r.ok)return r.json();r.status})(c);o((r=>({...r,user:e,error:void 0})))}catch(e){o((r=>({...r,error:e})))}}),[c]);e.useEffect((()=>{a.user||(async()=>{await n(),o((e=>({...e,isLoading:!1})))})()}),[a.user]);const{user:d,error:l,isLoading:h}=a;return s.default.createElement(u.Provider,{value:{user:d,error:l,isLoading:h,isAuthenticated:!!d}},r)},exports.handleAuth=()=>async function(e,r){let{query:{kindeAuth:t}}=e;switch(t=Array.isArray(t)?t[0]:t,t){case"login":return await(async(e,r)=>{const{state:t,code_challenge:s}=_(0,r,60),a=new URL(i.issuerURL+i.issuerRoutes.login);a.searchParams.append("response_type",i.responseType),a.searchParams.append("client_id",i.clientID),a.searchParams.append("redirect_uri",i.redirectURL+i.redirectRoutes.callback),a.searchParams.append("scope",i.scope),a.searchParams.set("state",t),a.searchParams.set("code_challenge",s),a.searchParams.set("code_challenge_method",i.codeChallengeMethod),r.redirect(a.href)})(0,r);case"register":return await(async(e,r)=>{const{state:t,code_challenge:s}=_(0,r,180),a=new URL(i.issuerURL+i.issuerRoutes.register);a.searchParams.append("response_type",i.responseType),a.searchParams.append("client_id",i.clientID),a.searchParams.append("redirect_uri",i.redirectURL+i.redirectRoutes.callback),a.searchParams.append("scope",i.scope),a.searchParams.append("start_page","registration"),a.searchParams.set("state",t),a.searchParams.set("code_challenge",s),a.searchParams.set("code_challenge_method",i.codeChallengeMethod),r.redirect(a.href)})(0,r);case"me":return await(async(e,r)=>{const t=R.parse(e.headers.cookie||"").kinde_token;if(t){const e=JSON.parse(t);try{const t=await fetch(i.issuerURL+i.issuerRoutes.profile,{headers:new Headers({Authorization:"Bearer "+e.access_token})}),s=await t.json();r.send(s)}catch(e){console.log(e)}}else r.status(401).send("Unauthorized")})(e,r);case"logout":return await(async(e,r)=>{r.setHeader("Set-Cookie",g.serialize("kinde_token",null,{httpOnly:!0,maxAge:0}));const t=new URL(i.issuerURL+i.issuerRoutes.logout);t.searchParams.set("redirect",i.postLogoutRedirectURL),r.redirect(t.href)})(0,r);case"kinde_callback":return await(async(e,r)=>{const{code:t,state:s}=e.query,a=y.parse(e.headers.cookie||"")[`${i.SESSION_PREFIX}-${s}`];if(a){try{const e=await fetch(i.issuerURL+i.issuerRoutes.token,{method:"POST",headers:new Headers({"Content-type":"application/x-www-form-urlencoded; charset=UTF-8"}),body:new URLSearchParams({client_id:i.clientID,client_secret:i.clientSecret,code:t,code_verifier:a,grant_type:"authorization_code",redirect_uri:i.redirectURL+i.redirectRoutes.callback})}),s=await e.json();r.setHeader("Set-Cookie",y.serialize("kinde_token",JSON.stringify(s),{httpOnly:!0,maxAge:Number(s.expires_in)}))}catch(e){console.log(e)}r.redirect(i.redirectURL)}else r.redirect(i.redirectURL)})(e,r);default:return r.status(404).end()}},exports.useKindeAuth=()=>e.useContext(u);
diff --git a/src/config/index.js b/src/config/index.js
index 43d103a..079b2b0 100644
--- a/src/config/index.js
+++ b/src/config/index.js
@@ -6,26 +6,26 @@ const initialState = {
 
 const SESSION_PREFIX = "pkce-verifier";
 
-const KINDE_REDIRECT_URL = process.env.KINDE_REDIRECT_URL;
+const KINDE_SITE_URL = process.env.KINDE_SITE_URL;
 const KINDE_ISSUER_URL = process.env.KINDE_ISSUER_URL;
-const KINDE_POST_LOGOUT_REDIRECT_ROUTE =
-  process.env.KINDE_POST_LOGOUT_REDIRECT_ROUTE;
+const KINDE_POST_LOGOUT_REDIRECT_URL =
+  process.env.KINDE_POST_LOGOUT_REDIRECT_URL;
 const KINDE_CLIENT_ID = process.env.KINDE_CLIENT_ID;
 const KINDE_CLIENT_SECRET = process.env.KINDE_CLIENT_SECRET;
 
 export const config = {
   initialState,
   SESSION_PREFIX,
-  redirectURL: KINDE_REDIRECT_URL,
+  redirectURL: KINDE_SITE_URL,
   issuerURL: KINDE_ISSUER_URL,
   clientID: KINDE_CLIENT_ID,
   clientSecret: KINDE_CLIENT_SECRET,
+  postLogoutRedirectURL: KINDE_POST_LOGOUT_REDIRECT_URL,
   responseType: "code",
   scope: "openid offline",
   codeChallengeMethod: "S256",
   redirectRoutes: {
     callback: "/api/auth/kinde_callback",
-    postLogoutRedirect: KINDE_POST_LOGOUT_REDIRECT_ROUTE || "",
   },
   issuerRoutes: {
     logout: "/logout",
diff --git a/src/handlers/logout.js b/src/handlers/logout.js
index e2a1968..3995650 100644
--- a/src/handlers/logout.js
+++ b/src/handlers/logout.js
@@ -13,10 +13,7 @@ export const logout = async (req, res) => {
 
   const logoutURL = new URL(config.issuerURL + config.issuerRoutes.logout);
 
-  logoutURL.searchParams.set(
-    "redirect",
-    config.redirectURL + config.redirectRoutes.postLogoutRedirect
-  );
+  logoutURL.searchParams.set("redirect", config.postLogoutRedirectURL);
 
   res.redirect(logoutURL.href);
 };