diff --git a/src/server/auth-client.test.ts b/src/server/auth-client.test.ts index 7395ad81..d688841f 100644 --- a/src/server/auth-client.test.ts +++ b/src/server/auth-client.test.ts @@ -2146,6 +2146,7 @@ ca/T0LLtgmbMmxSv/MmzIg== tokenSet: { accessToken: DEFAULT.accessToken, refreshToken: DEFAULT.refreshToken, + idToken: expect.stringMatching(/^eyJhbGciOiJSUzI1NiJ9\..+\..+$/), expiresAt: expect.any(Number) }, internal: { @@ -2253,6 +2254,7 @@ ca/T0LLtgmbMmxSv/MmzIg== }, tokenSet: { accessToken: DEFAULT.accessToken, + idToken: expect.any(String), refreshToken: DEFAULT.refreshToken, expiresAt: expect.any(Number) }, @@ -2597,6 +2599,7 @@ ca/T0LLtgmbMmxSv/MmzIg== tokenSet: { accessToken: DEFAULT.accessToken, refreshToken: DEFAULT.refreshToken, + idToken: expect.any(String), expiresAt: expect.any(Number) }, internal: { @@ -2990,6 +2993,7 @@ ca/T0LLtgmbMmxSv/MmzIg== tokenSet: { accessToken: DEFAULT.accessToken, refreshToken: DEFAULT.refreshToken, + idToken: expect.any(String), expiresAt: expect.any(Number) }, internal: { @@ -3084,6 +3088,7 @@ ca/T0LLtgmbMmxSv/MmzIg== tokenSet: { accessToken: DEFAULT.accessToken, refreshToken: DEFAULT.refreshToken, + idToken: expect.any(String), expiresAt: expect.any(Number) }, internal: { @@ -3213,6 +3218,7 @@ ca/T0LLtgmbMmxSv/MmzIg== tokenSet: { accessToken: DEFAULT.accessToken, refreshToken: DEFAULT.refreshToken, + idToken: expect.any(String), expiresAt: expect.any(Number) }, internal: { diff --git a/src/server/auth-client.ts b/src/server/auth-client.ts index 4664cc9e..2b3a594c 100644 --- a/src/server/auth-client.ts +++ b/src/server/auth-client.ts @@ -476,6 +476,7 @@ export class AuthClient { user: idTokenClaims, tokenSet: { accessToken: oidcRes.access_token, + idToken: oidcRes.id_token, scope: oidcRes.scope, refreshToken: oidcRes.refresh_token, expiresAt: Math.floor(Date.now() / 1000) + Number(oidcRes.expires_in) @@ -551,7 +552,6 @@ export class AuthClient { } ); } - const res = NextResponse.json({ token: updatedTokenSet.accessToken, scope: updatedTokenSet.scope, @@ -670,6 +670,7 @@ export class AuthClient { const updatedTokenSet = { ...tokenSet, // contains the existing `iat` claim to maintain the session lifetime accessToken: oauthRes.access_token, + idToken: oauthRes.id_token, expiresAt: accessTokenExpiresAt }; diff --git a/src/types/index.ts b/src/types/index.ts index 4f937442..90dedf4d 100644 --- a/src/types/index.ts +++ b/src/types/index.ts @@ -1,5 +1,6 @@ export interface TokenSet { accessToken: string; + idToken?: string; scope?: string; refreshToken?: string; expiresAt: number; // the time at which the access token expires in seconds since epoch