Merge branch 'master' into upgrade-admin-portal

CHANGELOG.md

@@ -1,76 +1,76 @@
-# Change Log
-
-## [9.1.1](https://github.com/frontegg/frontegg-nextjs/compare/v9.0.5...v9.1.1) (2024-11-12)
-
-- FR-18594 - Fixed blinking bug On IP and domain page
-- FR-18499 - Fixed otc page blink
-- FR-18005 - Fixed search api tokens with null descriptions 
-- FR-18499 - Fixed activate with code and password
-- FR-18582 - Fixed loader size and wrong massage
-
-
+# Change Log
+
+## [9.2.0](https://github.com/frontegg/frontegg-nextjs/compare/v9.1.1...v9.2.0) (2024-11-25)
+
+- FR-18699 - Removed entitlements automatic 30 seconds refresh mechanism
+- FR-18138 - Added logic to improve login box and admin portal stability and resiliency
+- FR-18646 - Fixed missing permissions with wildcard on custom roles
+- FR-18341 - Fixed Google Chrome Translate feature causes a crash
+- FR-16902 - Fixed login box scroll on mobile browsers
+
+
+### NextJS Wrapper 9.2.0:
+- FR-17280 - Fixed NextJS v15 build issue
+
+## [9.1.1](https://github.com/frontegg/frontegg-nextjs/compare/v9.0.5...v9.1.1) (2024-11-12)
+
+- FR-18594 - Fixed blinking bug On IP and domain page
+- FR-18499 - Fixed otc page blink
+- FR-18005 - Fixed search api tokens with null descriptions 
+- FR-18499 - Fixed activate with code and password
+- FR-18582 - Fixed loader size and wrong massage
 - FR-18561 - Fixed get ip metadata when app name is provided
 - FR-17091 - Fixed long name in groups and roles
-
-
-- FR-18529 - Fixed empty roles field bug when appName is provided
-
-
-- FR-18516 - Fixed redundant function
-- FR-18476 - Added url for beforeRequestInterceptor function
-
-
-- FR-18476 - Added request interceptor
-- FR-18472 - Fixed Google one tap login stuck after unmounting login/signup unmounted
-
-- FR-18436 - Fixed activate account with empty redirect bug
-
-
-- FR-17943 - Added code pages
-
-- FR-18427 - Added Support for triggering MFA after native passkeys / iOS apple login
-- FR-18211 - Fixed email overlapping roles field
-
-
-### NextJS Wrapper 9.1.1:
-- FR-17280 - fix next js 15 build & update example app project middleware
-- FR-18495 - refresh the token when it has expired
-- FR-18442 - Remove cookies when landing on oauth/callback to support after hosted login activate account succeeded
-- FR-18442 - Fix Nextjs session store injection and support SSG pages
-- Fix session abandoned when accessing not found page
-- Export FronteggAppRouterAsync to be imported by '@frontegg/nextjs/app'
-
-## [9.0.5](https://github.com/frontegg/frontegg-nextjs/compare/v9.0.4...v9.0.5) (2024-10-31)
-
-- FR-18476 - Added url for beforeRequestInterceptor function
-
-
-- FR-18476 - Added request interceptor
-- FR-18472 - Fixed Google one tap login stuck after unmounting login/signup unmounted
-
-- FR-18436 - Fixed activate account with empty redirect bug
-
-
-- FR-17943 - Added code pages
-
-- FR-18427 - Added Support for triggering MFA after native passkeys / iOS apple login
-- FR-18211 - Fixed email overlapping roles field
-
-- FR-18356 - Fixed validations localization override type
-
-
-### NextJS Wrapper 9.0.5:
-- FR-18442 - Remove cookies when landing on oauth/callback to support after hosted login activate account succeeded
-- FR-18442 - Fix Nextjs session store injection and support SSG pages
-- Fix session abandoned when accessing not found page
-- Export FronteggAppRouterAsync to be imported by '@frontegg/nextjs/app'
-- Add Support for NextJS 15
-
-## [9.0.4](https://github.com/frontegg/frontegg-nextjs/compare/v9.0.3...v9.0.4) (2024-10-22)
-
-- FR-18356 - Fixed validations localization override type
-
-
+- FR-18529 - Fixed empty roles field bug when appName is provided
+- FR-18516 - Fixed redundant function
+- FR-18476 - Added url for beforeRequestInterceptor function
+- FR-18476 - Added request interceptor
+- FR-18472 - Fixed Google one tap login stuck after unmounting login/signup unmounted
+- FR-18436 - Fixed activate account with empty redirect bug
+- FR-17943 - Added code pages
+- FR-18427 - Added Support for triggering MFA after native passkeys / iOS apple login
+- FR-18211 - Fixed email overlapping roles field
+
+
+### NextJS Wrapper 9.1.1:
+- FR-17280 - fix next js 15 build & update example app project middleware
+- FR-18495 - refresh the token when it has expired
+- FR-18442 - Remove cookies when landing on oauth/callback to support after hosted login activate account succeeded
+- FR-18442 - Fix Nextjs session store injection and support SSG pages
+- Fix session abandoned when accessing not found page
+- Export FronteggAppRouterAsync to be imported by '@frontegg/nextjs/app'
+
+## [9.0.5](https://github.com/frontegg/frontegg-nextjs/compare/v9.0.4...v9.0.5) (2024-10-31)
+
+- FR-18476 - Added url for beforeRequestInterceptor function
+
+
+- FR-18476 - Added request interceptor
+- FR-18472 - Fixed Google one tap login stuck after unmounting login/signup unmounted
+
+- FR-18436 - Fixed activate account with empty redirect bug
+
+
+- FR-17943 - Added code pages
+
+- FR-18427 - Added Support for triggering MFA after native passkeys / iOS apple login
+- FR-18211 - Fixed email overlapping roles field
+
+- FR-18356 - Fixed validations localization override type
+
+
+### NextJS Wrapper 9.0.5:
+- FR-18442 - Remove cookies when landing on oauth/callback to support after hosted login activate account succeeded
+- FR-18442 - Fix Nextjs session store injection and support SSG pages
+- Fix session abandoned when accessing not found page
+- Export FronteggAppRouterAsync to be imported by '@frontegg/nextjs/app'
+- Add Support for NextJS 15
+
+## [9.0.4](https://github.com/frontegg/frontegg-nextjs/compare/v9.0.3...v9.0.4) (2024-10-22)
+
+- FR-18356 - Fixed validations localization override type
+
+
 # Change Log
 
 ## [9.0.3](https://github.com/frontegg/frontegg-nextjs/compare/v9.0.2...v9.0.3) (2024-10-10)

lerna.json

@@ -2,10 +2,10 @@
   "packages": [
     "packages/*"
   ],
-  "version": "9.1.1",
+  "version": "9.2.0",
   "npmClient": "yarn",
   "publishConfig": {
     "registry": "https://registry.npmjs.org",
     "directory": "dist"
   }
-}
+}

packages/example-app-directory/app/page.tsx

@@ -11,8 +11,13 @@ export default function MainPage() {
       <br />
       <br />
       <Link href='/session'>check session</Link>
-
+      <br />
+      <br />
       <Link href='/no-ssr'>Go to SSG page</Link>
+
+      <br />
+      <Link href='/account/logout'>logout embedded</Link>
+      <br />
     </div>
   );
 }

packages/example-app-directory/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@frontegg/example-app-directory",
-  "version": "9.1.1",
+  "version": "9.2.0",
   "private": true,
   "scripts": {
     "clean": "rm -rf  ./node_modules && rm -rf ./.next",

packages/example-app-directory/pages/api/frontegg/[...frontegg-middleware].ts

@@ -1,6 +1,18 @@
 import { FronteggApiMiddleware } from '@frontegg/nextjs/middleware';
 
 export default FronteggApiMiddleware;
+
+/**
+ *  Option to support multiple origins in single nextjs backend
+ *
+ * export default FronteggApiMiddleware.cors({
+ *   allowedOrigins: ['http://localapp1.davidantoon.me:3000', 'http://localapp2.davidantoon.me:3000'],
+ *   allowCredentials: true,
+ *   allowedMethods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],
+ * });
+ *
+ */
+
 export const config = {
   api: {
     externalResolver: true,

packages/example-pages/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@frontegg/example-pages",
-  "version": "9.1.1",
+  "version": "9.2.0",
   "private": true,
   "scripts": {
     "clean": "rm -rf  ./node_modules && rm -rf ./.next",

packages/example-pages/pages/api/frontegg/[...frontegg-middleware].ts

@@ -5,28 +5,12 @@ export default FronteggApiMiddleware;
 /**
  *  Option to support multiple origins in single nextjs backend
  *
- *  import type { NextApiRequest, NextApiResponse } from 'next';
+ * export default FronteggApiMiddleware.cors({
+ *   allowedOrigins: ['http://localapp1.davidantoon.me:3000', 'http://localapp2.davidantoon.me:3000'],
+ *   allowCredentials: true,
+ *   allowedMethods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],
+ * });
  *
- * export default function handler(req: NextApiRequest, res: NextApiResponse): Promise<void> {
- *   // Add CORS headers after the handler has run
- *   const allowedOrigins = ['http://localapp1.davidantoon.me:3000', 'http://localapp2.davidantoon.me:3000'];
- *   const origin = req.headers.origin ?? '';
- *
- *   if (allowedOrigins.includes(origin)) {
- *     res.setHeader('Access-Control-Allow-Origin', origin);
- *   } else {
- *     res.removeHeader('Access-Control-Allow-Origin');
- *   }
- *
- *   res.setHeader('Access-Control-Allow-Methods', 'GET,POST,PUT,DELETE,PATCH,OPTIONS');
- *   res.setHeader(
- *     'Access-Control-Allow-Headers',
- *     'Content-Type, Authorization, x-frontegg-framework, x-frontegg-sdk, frontegg-source'
- *   );
- *   res.setHeader('Access-Control-Allow-Credentials', 'true');
- *
- *   return FronteggApiMiddleware(req, res);
- * }
  */
 
 export const config = {

packages/nextjs/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@frontegg/nextjs",
   "libName": "FronteggNextJs",
-  "version": "9.1.1",
+  "version": "9.2.0",
   "author": "Frontegg LTD",
   "license": "MIT",
   "repository": {

packages/nextjs/src/app/FronteggAppProvider.tsx

@@ -6,6 +6,8 @@ import fetchUserData from '../utils/fetchUserData';
 import { ClientFronteggProviderProps } from '../types';
 import { getAppUrlForCustomLoginWithSubdomain } from './getAppUrlForCustomLoginWithSubdomain';
 import { removeJwtSignatureFrom } from '../middleware/helpers';
+import fronteggLogger from '../utils/fronteggLogger';
+import { FRONTEGG_HOSTED_LOGIN_MIGRATION_WARNING } from './consts';
 
 export type FronteggAppProviderProps = PropsWithChildren<
   Omit<ClientFronteggProviderProps, 'contextOptions' | 'envAppUrl' | 'envBaseUrl' | 'envClientId'>
@@ -15,17 +17,23 @@ export const FronteggAppProvider = async (options: FronteggAppProviderProps) =>
   const { envAppUrl, ...appEnvConfig } = config.appEnvConfig;
   let userData = await fetchUserData({ getSession: getAppSession, getHeaders: getAppHeaders });
   const subDomainAppUrl = await getAppUrlForCustomLoginWithSubdomain(options.customLoginOptions?.subDomainIndex);
+  const logger = fronteggLogger.child({ tag: 'FronteggAppProvider' });
 
   if (process.env['FRONTEGG_SECURE_JWT_ENABLED'] === 'true' && userData) {
     userData = removeJwtSignatureFrom(userData);
     userData.session = removeJwtSignatureFrom(userData?.session);
   }
+  if (Object.hasOwn(options, 'hostedLoginBox')) {
+    logger.warn(FRONTEGG_HOSTED_LOGIN_MIGRATION_WARNING);
+  }
+
   const providerProps = {
     ...appEnvConfig,
     ...userData,
     ...options,
     envAppUrl: subDomainAppUrl ?? envAppUrl,
     secureJwtEnabled: options.secureJwtEnabled ?? false,
+    hostedLoginBox: appEnvConfig.envHostedLoginBox ?? options.hostedLoginBox ?? false,
   };
 
   return <ClientFronteggProvider {...providerProps} />;

packages/nextjs/src/app/consts.ts

@@ -0,0 +1 @@
+export const FRONTEGG_HOSTED_LOGIN_MIGRATION_WARNING = `\n**Deprecated**: The 'hostedLoginBox' prop is deprecated in frontegg NextJS SKD and will be removed in the next major version. Please use 'FRONTEGG_HOSTED_LOGIN' environment variable instead.`;

packages/nextjs/src/edge/getSessionOnEdge.ts

@@ -1,5 +1,5 @@
 import type { IncomingMessage } from 'http';
-import { FronteggEdgeSession } from '../types';
+import { FronteggEdgeSession, FronteggNextJSSession } from '../types';
 import CookieManager from '../utils/cookies';
 import createSession from '../utils/createSession';
 import encryptionEdge from '../utils/encryption-edge';
@@ -40,12 +40,15 @@ export const handleSessionOnEdge = async (params: HandleSessionOnEdge): Promise<
   if (edgeSession.headers) {
     return NextResponse.next({
       headers: edgeSession.headers,
+      request: {
+        headers: edgeSession.forwardedHeaders,
+      },
     });
   }
   return NextResponse.next();
 };
 
-const GET_SESSION_ON_EDGE_DEPRECATED_ERROR = `Deprecation Notice: getSessionOnEdge has been deprecated. Please use handleSessionOnEdge instead. For example:
+const GET_SESSION_ON_EDGE_DEPRECATED_WARN = `Deprecation Notice: getSessionOnEdge has been deprecated. Please use handleSessionOnEdge instead. For example:
 
 file: middleware.ts
 \`\`\`ts
@@ -93,8 +96,17 @@ Alternatively, to manually verify the session, you can use checkSessionOnEdge. N
  * ```
  * @deprecated
  */
-export const getSessionOnEdge = async (req: IncomingMessage | Request): Promise<FronteggEdgeSession | undefined> => {
-  throw new Error(GET_SESSION_ON_EDGE_DEPRECATED_ERROR);
+
+export const getSessionOnEdge = (
+  req: IncomingMessage | Request,
+  disableWarning = false
+): Promise<FronteggNextJSSession | undefined> => {
+  const logger = fronteggLogger.child({ tag: 'EdgeRuntime.getSessionOnEdge' });
+  const cookies = CookieManager.getSessionCookieFromRequest(req);
+  if (!disableWarning) {
+    logger.info(GET_SESSION_ON_EDGE_DEPRECATED_WARN);
+  }
+  return createSession(cookies, encryptionEdge);
 };
 
 /**
@@ -128,11 +140,14 @@ export const getSessionOnEdge = async (req: IncomingMessage | Request): Promise<
  *       return redirectToLogin(pathname);
  *     }
  *
- *     // if headers are present return them to the next response
+ *     // if headers are present forward them to the next response / request
  *     if (session.headers) {
- *       return NextResponse.next({
- *         headers: session.headers,
- *       });
+ *        return NextResponse.next({
+ *          headers: edgeSession.headers,
+ *          request:{
+ *            headers: edgeSession.forwardedHeaders
+ *          }
+ *        });
  *     }
  *     return NextResponse.next();
  *   };

packages/nextjs/src/edge/refreshAccessTokenIfNeededOnEdge.ts

@@ -88,6 +88,12 @@ export async function refreshAccessTokenIfNeededOnEdge(
   });
   newSetCookie.push(...cookieValue);
 
+  const forwardedHeaders = req.headers as Headers;
+  newSetCookie.forEach((cookie) => {
+    // get cookie name and value only
+    const [name, value] = cookie.split(';')[0].split('=');
+    forwardedHeaders.set('cookie', `${name}=${value}`);
+  });
   return {
     session: {
       accessToken: data.accessToken ?? data.access_token,
@@ -97,6 +103,7 @@ export async function refreshAccessTokenIfNeededOnEdge(
     headers: {
       'set-cookie': newSetCookie.join(', '),
     },
+    forwardedHeaders,
   };
 }