From f37ebd12140fa114d8df0ed6e6de84b122378bcc Mon Sep 17 00:00:00 2001 From: akhisud3195 Date: Tue, 16 Sep 2025 11:42:48 +0400 Subject: [PATCH] Fix next js compilation issue when auth0 configs are not found in env --- apps/rowboat/app/lib/auth0.ts | 51 ++++++++++++++++++++++++----------- apps/rowboat/middleware.ts | 12 ++++++--- 2 files changed, 43 insertions(+), 20 deletions(-) diff --git a/apps/rowboat/app/lib/auth0.ts b/apps/rowboat/app/lib/auth0.ts index cefb6ae0..3fef2ee0 100644 --- a/apps/rowboat/app/lib/auth0.ts +++ b/apps/rowboat/app/lib/auth0.ts @@ -1,21 +1,40 @@ // lib/auth0.js +import { NextResponse } from "next/server"; import { Auth0Client } from "@auth0/nextjs-auth0/server"; +import { USE_AUTH } from "../lib/feature_flags"; -// Initialize the Auth0 client -export const auth0 = new Auth0Client({ - // Options are loaded from environment variables by default - // Ensure necessary environment variables are properly set - domain: process.env.AUTH0_ISSUER_BASE_URL, - clientId: process.env.AUTH0_CLIENT_ID, - clientSecret: process.env.AUTH0_CLIENT_SECRET, - appBaseUrl: process.env.AUTH0_BASE_URL, - secret: process.env.AUTH0_SECRET, +// Treat config as present only when all required pieces exist +const auth0Domain = process.env.AUTH0_DOMAIN || process.env.AUTH0_ISSUER_BASE_URL; +const auth0ClientId = process.env.AUTH0_CLIENT_ID; +const auth0ClientSecret = process.env.AUTH0_CLIENT_SECRET || process.env.AUTH0_CLIENT_ASSERTION_SIGNING_KEY; +const auth0BaseUrl = process.env.AUTH0_BASE_URL; +const auth0Secret = process.env.AUTH0_SECRET; - authorizationParameters: { - // In v4, the AUTH0_SCOPE and AUTH0_AUDIENCE environment variables for API authorized applications are no longer automatically picked up by the SDK. - // Instead, we need to provide the values explicitly. - scope: process.env.AUTH0_SCOPE, - audience: process.env.AUTH0_AUDIENCE, - } -}); \ No newline at end of file +const isAuthConfigured = Boolean( + auth0Domain && auth0ClientId && auth0BaseUrl && auth0Secret && auth0ClientSecret +); + +// When auth is disabled or misconfigured, export a safe no-op shim so imports won't crash +const createAuth0Shim = () => ({ + async getSession(_req?: unknown) { + return null; + }, + async middleware(_req?: unknown) { + return NextResponse.next(); + }, +}); + +export const auth0 = USE_AUTH && isAuthConfigured + ? new Auth0Client({ + domain: auth0Domain, + clientId: auth0ClientId, + clientSecret: process.env.AUTH0_CLIENT_SECRET, + appBaseUrl: auth0BaseUrl, + secret: auth0Secret, + authorizationParameters: { + scope: process.env.AUTH0_SCOPE, + audience: process.env.AUTH0_AUDIENCE, + } + }) + : createAuth0Shim(); \ No newline at end of file diff --git a/apps/rowboat/middleware.ts b/apps/rowboat/middleware.ts index fac06262..8e5961a5 100644 --- a/apps/rowboat/middleware.ts +++ b/apps/rowboat/middleware.ts @@ -1,5 +1,6 @@ import { NextFetchEvent, NextRequest, NextResponse } from "next/server"; import { auth0 } from "./app/lib/auth0"; +import { USE_AUTH } from "./app/lib/feature_flags"; const corsOptions = { 'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, OPTIONS', @@ -17,9 +18,13 @@ async function authCheck(request: NextRequest) { } export async function middleware(request: NextRequest, event: NextFetchEvent) { - // Check if the request path starts with /api/auth/ + // Check if the request path starts with /auth if (request.nextUrl.pathname.startsWith('/auth')) { - return await auth0.middleware(request); + // Only delegate to Auth0 when auth is enabled; otherwise allow through + if (USE_AUTH) { + return await auth0.middleware(request); + } + return NextResponse.next(); } // Check if the request path starts with /api/ @@ -49,8 +54,7 @@ export async function middleware(request: NextRequest, event: NextFetchEvent) { if (request.nextUrl.pathname.startsWith('/projects') || request.nextUrl.pathname.startsWith('/billing') || request.nextUrl.pathname.startsWith('/onboarding')) { - // Skip auth check if USE_AUTH is not enabled - if (process.env.USE_AUTH === 'true') { + if (USE_AUTH) { return await authCheck(request); } }