diff --git a/packages/browser/package.json b/packages/browser/package.json index 7aeb44d..abff652 100644 --- a/packages/browser/package.json +++ b/packages/browser/package.json @@ -14,11 +14,11 @@ "author": "WSO2", "license": "Apache-2.0", "type": "module", - "main": "dist/cjs/index.js", + "main": "dist/cjs/index.cjs", "module": "dist/index.js", "exports": { "import": "./dist/index.js", - "require": "./dist/cjs/index.js" + "require": "./dist/cjs/index.cjs" }, "files": [ "dist", diff --git a/packages/browser/rolldown.config.js b/packages/browser/rolldown.config.js index 00edf54..52e1b99 100644 --- a/packages/browser/rolldown.config.js +++ b/packages/browser/rolldown.config.js @@ -100,7 +100,7 @@ await esmBundle.close(); const cjsBundle = await rolldown(commonOptions); await cjsBundle.write({ banner: `const { Buffer } = require('buffer/index.js');\nif (typeof window !== 'undefined' && !window.Buffer) { window.Buffer = Buffer; }`, - file: 'dist/cjs/index.js', + file: 'dist/cjs/index.cjs', format: 'cjs', sourcemap: true, }); diff --git a/packages/express/package.json b/packages/express/package.json index cd5177c..d08ed12 100644 --- a/packages/express/package.json +++ b/packages/express/package.json @@ -16,10 +16,10 @@ "type": "module", "main": "dist/index.js", "module": "dist/index.js", - "commonjs": "dist/cjs/index.js", + "commonjs": "dist/cjs/index.cjs", "exports": { "import": "./dist/index.js", - "require": "./dist/cjs/index.js" + "require": "./dist/cjs/index.cjs" }, "files": [ "dist", diff --git a/packages/javascript/src/ThunderIDJavaScriptClient.ts b/packages/javascript/src/ThunderIDJavaScriptClient.ts index b4358dd..f63c041 100644 --- a/packages/javascript/src/ThunderIDJavaScriptClient.ts +++ b/packages/javascript/src/ThunderIDJavaScriptClient.ts @@ -342,30 +342,72 @@ class ThunderIDJavaScriptClient implements ThunderIDClient { (discovery?.wellKnown?.enabled !== false && baseUrl ? `${baseUrl}${WELL_KNOWN_PATH}` : undefined); if (resolvedWellKnownEndpoint) { - let response: Response; + let response: Response | undefined; try { response = await fetch(resolvedWellKnownEndpoint); - if (response.status !== 200 || !response.ok) { - throw new Error(); + if (!response.ok || response.status !== 200) { + response = undefined; } } catch { + response = undefined; + } + + if (response) { + let discoveryResolved = false; + try { + await this.storageManager.setOIDCProviderMetaData( + await this.authHelper.resolveEndpoints(await response.json()), + ); + discoveryResolved = true; + } catch { + // Parsing or endpoint resolution failed; fall through to baseUrl fallback. + } + + if (!discoveryResolved) { + if (baseUrl) { + try { + await this.storageManager.setOIDCProviderMetaData(await this.authHelper.resolveEndpointsByBaseURL()); + } catch (error: unknown) { + throw new ThunderIDAuthException( + 'JS-AUTH_CORE-GOPMD-IV02', + 'Resolving endpoints failed.', + error instanceof Error ? error.message : 'Resolving endpoints by base url failed.', + ); + } + } else { + throw new ThunderIDAuthException( + 'JS-AUTH_CORE-GOPMD-HE01', + 'Invalid well-known response', + 'The well known endpoint response has been failed with an error.', + ); + } + } + } else if (baseUrl) { + try { + await this.storageManager.setOIDCProviderMetaData(await this.authHelper.resolveEndpointsByBaseURL()); + } catch (error: unknown) { + throw new ThunderIDAuthException( + 'JS-AUTH_CORE-GOPMD-IV02', + 'Resolving endpoints failed.', + error instanceof Error ? error.message : 'Resolving endpoints by base url failed.', + ); + } + } else { throw new ThunderIDAuthException( 'JS-AUTH_CORE-GOPMD-HE01', 'Invalid well-known response', 'The well known endpoint response has been failed with an error.', ); } - - await this.storageManager.setOIDCProviderMetaData(await this.authHelper.resolveEndpoints(await response.json())); } else if (baseUrl) { try { await this.storageManager.setOIDCProviderMetaData(await this.authHelper.resolveEndpointsByBaseURL()); - } catch (error: any) { + } catch (error: unknown) { throw new ThunderIDAuthException( 'JS-AUTH_CORE-GOPMD-IV02', 'Resolving endpoints failed.', - error ?? 'Resolving endpoints by base url failed.', + error instanceof Error ? error.message : 'Resolving endpoints by base url failed.', ); } } else { diff --git a/packages/nuxt/src/module.ts b/packages/nuxt/src/module.ts index 1436365..0fa5813 100644 --- a/packages/nuxt/src/module.ts +++ b/packages/nuxt/src/module.ts @@ -174,8 +174,6 @@ export default defineNuxtModule({ method: 'patch' as const, route: '/api/auth/user/profile', }, - // ── Branding ────────────────────────────────────────────────────── - {handler: resolve('./runtime/server/routes/auth/branding/branding.get'), route: '/api/auth/branding'}, ]; serverRoutes.forEach((sr: ServerRoute): void => { diff --git a/packages/react-router/package.json b/packages/react-router/package.json index 5e9c9de..71be4e9 100644 --- a/packages/react-router/package.json +++ b/packages/react-router/package.json @@ -15,11 +15,11 @@ "author": "WSO2", "license": "Apache-2.0", "type": "module", - "main": "dist/cjs/index.js", + "main": "dist/cjs/index.cjs", "module": "dist/index.js", "exports": { "import": "./dist/index.js", - "require": "./dist/cjs/index.js" + "require": "./dist/cjs/index.cjs" }, "files": [ "dist", diff --git a/packages/react-router/rolldown.config.js b/packages/react-router/rolldown.config.js index a7195c9..1429a6c 100644 --- a/packages/react-router/rolldown.config.js +++ b/packages/react-router/rolldown.config.js @@ -40,7 +40,7 @@ await esmBundle.close(); const cjsBundle = await rolldown(commonOptions); await cjsBundle.write({ - file: 'dist/cjs/index.js', + file: 'dist/cjs/index.cjs', format: 'cjs', sourcemap: true, }); diff --git a/packages/tanstack-router/package.json b/packages/tanstack-router/package.json index 31b8bf4..13c6142 100644 --- a/packages/tanstack-router/package.json +++ b/packages/tanstack-router/package.json @@ -15,11 +15,11 @@ "author": "WSO2", "license": "Apache-2.0", "type": "module", - "main": "dist/cjs/index.js", + "main": "dist/cjs/index.cjs", "module": "dist/index.js", "exports": { "import": "./dist/index.js", - "require": "./dist/cjs/index.js" + "require": "./dist/cjs/index.cjs" }, "files": [ "dist", diff --git a/packages/tanstack-router/rolldown.config.js b/packages/tanstack-router/rolldown.config.js index d3ae08a..3a4c072 100644 --- a/packages/tanstack-router/rolldown.config.js +++ b/packages/tanstack-router/rolldown.config.js @@ -39,7 +39,7 @@ await esmBundle.close(); const cjsBundle = await rolldown(commonOptions); await cjsBundle.write({ - file: 'dist/cjs/index.js', + file: 'dist/cjs/index.cjs', format: 'cjs', sourcemap: true, }); diff --git a/samples/browser/quickstart/src/pages/home.js b/samples/browser/quickstart/src/pages/home.js index 0167717..22bb403 100644 --- a/samples/browser/quickstart/src/pages/home.js +++ b/samples/browser/quickstart/src/pages/home.js @@ -95,7 +95,7 @@ export function renderSignedOut() { v1.0 · Open source -

Auth for the Modern Dev

+

Auth for Modern Apps and Agents

ThunderID gives you OAuth 2.0, PKCE, MFA, and JWT out of the box. Clone the Quickstart and ship auth before lunch. diff --git a/samples/express/quickstart/.env.example b/samples/express/quickstart/.env.example index afb9813..6e80aa4 100644 --- a/samples/express/quickstart/.env.example +++ b/samples/express/quickstart/.env.example @@ -1,3 +1,5 @@ THUNDERID_CLIENT_ID=your-client-id-here THUNDERID_CLIENT_SECRET=your-client-secret-here THUNDERID_BASE_URL=https://localhost:8090 +# DANGER: Disables ALL TLS verification. Only for local development with self-signed certs. NEVER use in production. +NODE_TLS_REJECT_UNAUTHORIZED=0 diff --git a/samples/nextjs/quickstart/.env.example b/samples/nextjs/quickstart/.env.example index b542468..e36a6cb 100644 --- a/samples/nextjs/quickstart/.env.example +++ b/samples/nextjs/quickstart/.env.example @@ -1,4 +1,7 @@ NEXT_PUBLIC_THUNDERID_BASE_URL=https://localhost:8090 NEXT_PUBLIC_THUNDERID_CLIENT_ID=your-client-id-here +NEXT_PUBLIC_THUNDERID_APPLICATION_ID=your-application-id-here THUNDERID_CLIENT_SECRET=your-client-secret-here THUNDERID_SECRET=generate-with-openssl-rand-base64-32 +# DANGER: Disables ALL TLS verification. Only for local development with self-signed certs. NEVER use in production. +NODE_TLS_REJECT_UNAUTHORIZED=0 diff --git a/samples/nextjs/quickstart/app/page.tsx b/samples/nextjs/quickstart/app/page.tsx index bf6e80c..fb75a61 100644 --- a/samples/nextjs/quickstart/app/page.tsx +++ b/samples/nextjs/quickstart/app/page.tsx @@ -227,7 +227,7 @@ export default function HomePage() { -

Auth for the Modern Dev

+

Auth for Modern Apps and Agents

ThunderID gives you OAuth 2.0, PKCE, MFA, and JWT out of diff --git a/samples/node/quickstart/.env.example b/samples/node/quickstart/.env.example index afb9813..6e80aa4 100644 --- a/samples/node/quickstart/.env.example +++ b/samples/node/quickstart/.env.example @@ -1,3 +1,5 @@ THUNDERID_CLIENT_ID=your-client-id-here THUNDERID_CLIENT_SECRET=your-client-secret-here THUNDERID_BASE_URL=https://localhost:8090 +# DANGER: Disables ALL TLS verification. Only for local development with self-signed certs. NEVER use in production. +NODE_TLS_REJECT_UNAUTHORIZED=0 diff --git a/samples/nuxt/quickstart/.env.example b/samples/nuxt/quickstart/.env.example index 82bd380..5f12159 100644 --- a/samples/nuxt/quickstart/.env.example +++ b/samples/nuxt/quickstart/.env.example @@ -2,3 +2,5 @@ NUXT_PUBLIC_THUNDERID_BASE_URL=https://localhost:8090 NUXT_PUBLIC_THUNDERID_CLIENT_ID=your-client-id-here THUNDERID_CLIENT_SECRET=your-client-secret-here THUNDERID_SESSION_SECRET=generate-with-openssl-rand-base64-32 +# DANGER: Disables ALL TLS verification. Only for local development with self-signed certs. NEVER use in production. +NODE_TLS_REJECT_UNAUTHORIZED=0 diff --git a/samples/nuxt/quickstart/pages/index.vue b/samples/nuxt/quickstart/pages/index.vue index ad16fc1..5f5b916 100644 --- a/samples/nuxt/quickstart/pages/index.vue +++ b/samples/nuxt/quickstart/pages/index.vue @@ -101,7 +101,7 @@ onUnmounted(() => { -

Auth for the Modern Dev

+

Auth for Modern Apps and Agents

ThunderID gives you OAuth 2.0, PKCE, MFA, and JWT out of diff --git a/samples/react/quickstart/src/App.jsx b/samples/react/quickstart/src/App.jsx index 15388d9..0b3d9b4 100644 --- a/samples/react/quickstart/src/App.jsx +++ b/samples/react/quickstart/src/App.jsx @@ -1,5 +1,5 @@ import { createBrowserRouter, RouterProvider } from 'react-router' -import { ProtectedRoute, CallbackRoute } from '@thunderid/react-router' +import { ProtectedRoute } from '@thunderid/react-router' import Nav from './components/Nav' import HomePage from './pages/HomePage' import ProfilePage from './pages/ProfilePage' @@ -13,7 +13,6 @@ const router = createBrowserRouter([ { path: '/', element: }, { path: '/profile', element: }, { path: '/token', element: }, - { path: '/callback', element: }, ], }, ]) diff --git a/samples/react/quickstart/src/main.jsx b/samples/react/quickstart/src/main.jsx index d42f87b..763e1a3 100644 --- a/samples/react/quickstart/src/main.jsx +++ b/samples/react/quickstart/src/main.jsx @@ -9,7 +9,6 @@ createRoot(document.getElementById('root')).render( diff --git a/samples/react/quickstart/src/pages/HomePage.jsx b/samples/react/quickstart/src/pages/HomePage.jsx index aba19fa..f828d59 100644 --- a/samples/react/quickstart/src/pages/HomePage.jsx +++ b/samples/react/quickstart/src/pages/HomePage.jsx @@ -215,7 +215,7 @@ export default function HomePage() { -

Auth for the Modern Dev

+

Auth for Modern Apps and Agents

ThunderID gives you OAuth 2.0, PKCE, MFA, and JWT out of the box. diff --git a/samples/vue/quickstart/src/pages/HomePage.vue b/samples/vue/quickstart/src/pages/HomePage.vue index 5bd1498..ee89cf8 100644 --- a/samples/vue/quickstart/src/pages/HomePage.vue +++ b/samples/vue/quickstart/src/pages/HomePage.vue @@ -103,7 +103,7 @@ onUnmounted(() => { -

Auth for the Modern Dev

+

Auth for Modern Apps and Agents

ThunderID gives you OAuth 2.0, PKCE, MFA, and JWT out of the box. diff --git a/templates/nextjs/nextjs-template/app/page.tsx b/templates/nextjs/nextjs-template/app/page.tsx index f077e8d..b34c501 100644 --- a/templates/nextjs/nextjs-template/app/page.tsx +++ b/templates/nextjs/nextjs-template/app/page.tsx @@ -6,7 +6,7 @@ export default function Home() {

Welcome

- + Sign In
{(user) =>

Hello, {user.given_name || user.username}.

}
diff --git a/templates/react/vite-react-template/src/App.jsx b/templates/react/vite-react-template/src/App.jsx index 1ea3622..694d34d 100644 --- a/templates/react/vite-react-template/src/App.jsx +++ b/templates/react/vite-react-template/src/App.jsx @@ -1,10 +1,18 @@ import { createBrowserRouter, RouterProvider } from 'react-router' -import { CallbackRoute } from '@thunderid/react-router' +import { ProtectedRoute } from '@thunderid/react-router' import Home from './Home.jsx' +import Dashboard from './Dashboard.jsx' const router = createBrowserRouter([ { path: '/', element: }, - { path: '/callback', element: }, + { + path: '/dashboard', + element: ( + + + + ), + }, ]) export default function App() { diff --git a/templates/react/vite-react-template/src/Dashboard.jsx b/templates/react/vite-react-template/src/Dashboard.jsx new file mode 100644 index 0000000..54f829c --- /dev/null +++ b/templates/react/vite-react-template/src/Dashboard.jsx @@ -0,0 +1,9 @@ +import { UserDropdown } from '@thunderid/react' + +export default function Dashboard() { + return ( +
+ +
+ ) +} diff --git a/templates/react/vite-react-template/src/Home.jsx b/templates/react/vite-react-template/src/Home.jsx index 18e6ba2..486a9fc 100644 --- a/templates/react/vite-react-template/src/Home.jsx +++ b/templates/react/vite-react-template/src/Home.jsx @@ -1,16 +1,9 @@ -import { SignedIn, SignedOut, SignInButton, SignOutButton, User } from '@thunderid/react' +import { SignInButton } from '@thunderid/react' export default function Home() { return (
- -

Welcome

- -
- - {(user) =>

Hello, {user.given_name || user.username}.

}
- -
+ Sign In
) } diff --git a/templates/react/vite-react-template/src/main.jsx b/templates/react/vite-react-template/src/main.jsx index 002f4b1..f218e72 100644 --- a/templates/react/vite-react-template/src/main.jsx +++ b/templates/react/vite-react-template/src/main.jsx @@ -9,7 +9,6 @@ createRoot(document.getElementById('root')).render( diff --git a/templates/vue/vite-vue-template/src/App.vue b/templates/vue/vite-vue-template/src/App.vue index 7cbc20a..7dabf11 100644 --- a/templates/vue/vite-vue-template/src/App.vue +++ b/templates/vue/vite-vue-template/src/App.vue @@ -10,7 +10,7 @@ const baseUrl = import.meta.env.VITE_THUNDERID_BASE_URL

Welcome

- + Sign In