🐞 fix

m1212e · m1212e · commit 35e87c3675e9 · 2025-03-03T19:02:37.000+01:00
diff --git a/src/api/services/OIDC.ts b/src/api/services/OIDC.ts
@@ -125,19 +125,27 @@ export async function resolveSignin(
   code_verifier: string,
   raw_state: string,
 ) {
+  console.info("Resolving Signin");
 
   //TODO https://github.com/gornostay25/svelte-adapter-bun/issues/62
   if (process.env.NODE_ENV === "production") {
     visitedUrl.protocol = "https:";
+    console.info("Fixed protocol:", visitedUrl);
   }
   const state = JSON.parse(raw_state) as OIDCFlowState;
+  console.info("Parsed state:", state);
   const tokens = await authorizationCodeGrant(config, visitedUrl, {
     pkceCodeVerifier: code_verifier,
     expectedState: JSON.stringify(state),
   });
+
+  console.info("Retrieved tokens");
+
   (state as any).random = undefined;
   const strippedState: Omit<OIDCFlowState, "random"> = { ...state };
 
+  console.info("Stripped state");
+
   return { tokens, state: strippedState };
 }
 
diff --git a/src/middleware.ts b/src/middleware.ts
@@ -10,6 +10,8 @@ import {
 } from "./api/services/OIDC";
 
 export async function middleware(request: NextRequest) {
+  console.info("Triggered middleware");
+
   const forwardedHost =
     request.headers.get("x-forwarded-host") || request.nextUrl.hostname;
   const forwardedProto = request.headers.get("x-forwarded-proto") || "http";
@@ -19,20 +21,28 @@ export async function middleware(request: NextRequest) {
     `${forwardedProto}://${forwardedHost}`,
   );
   const { pathname } = request.nextUrl;
+  console.info("Real visited URL: ", realVisitedUrl);
 
   let response = paraglide(request);
+  console.info("Created localized response");
 
   if (/^\/app(\/.*)?$/.test(pathname)) {
+    console.info("Detected app route");
     const tokenCookieValue = JSON.parse(
       request.cookies.get(tokensCookieName)?.value ?? "{}",
     );
+    console.info("Parsed token cookie value: ");
 
     try {
+      console.info("Validating tokens");
+
       await validateTokens({
         access_token: tokenCookieValue.access_token,
         id_token: tokenCookieValue.id_token,
       });
 
+      console.info("Validation succeeded, responding");
+
       return response;
     } catch (error) {
       console.warn("Could not validate tokens, starting login flow");
@@ -43,8 +53,12 @@ export async function middleware(request: NextRequest) {
       "/auth/resolve-login",
     );
 
+    console.info("Started login flow");
+
     response = NextResponse.redirect(redirect_uri.toString());
 
+    console.info("Created response with redirect", redirect_uri);
+
     response.cookies.set({
       name: codeVerifierCookieName,
       value: code_verifier,
@@ -65,10 +79,14 @@ export async function middleware(request: NextRequest) {
       httpOnly: true,
     });
 
+    console.info("Set cookies");
+    console.info("Responding with redirect and cookies");
+
     return response;
   }
 
   if (/^\/auth\/resolve-login(\/.*)?$/.test(pathname)) {
+    console.info("Detected resolve login route");
     const verifier = request.cookies.get(codeVerifierCookieName);
     if (!verifier || !verifier.value) {
       throw new Error("No code verifier cookie found.");
@@ -78,14 +96,20 @@ export async function middleware(request: NextRequest) {
       throw new Error("No oidc state cookie found.");
     }
 
+    console.info("Found verifier and state cookies. State:");
+
     const { state, tokens } = await resolveSignin(
       realVisitedUrl,
       verifier.value,
       oidcState.value,
     );
 
+    console.info("Resolved login flow with state", state);
+
     response = NextResponse.redirect(state.visitedUrl, 302);
 
+    console.info("Created response with redirect", state.visitedUrl);
+
     response.cookies.set({
       name: tokensCookieName,
       value: JSON.stringify(tokens),
@@ -96,12 +120,18 @@ export async function middleware(request: NextRequest) {
       httpOnly: true,
     });
 
+    console.info("Set tokens cookie");
+
     request.cookies.delete(codeVerifierCookieName);
     request.cookies.delete(oidcStateCookieName);
 
+    console.info("Deleted verifier and state cookies");
+    console.info("Responding with redirect to visited URL");
+
     return response;
   }
-
+  
+  console.info("Responding with default localized response");
   return response;
 }
 
