From 47e619222073561833ffc81e85259de081b2b4bc Mon Sep 17 00:00:00 2001
From: Felix Ranesberger <52704891+felixranesberger@users.noreply.github.com>
Date: Tue, 5 Nov 2024 17:53:05 +0100
Subject: [PATCH 1/2] docs(fix): use correct process env variable for baseUrl
 (#940)

---
 docs/guide/advanced/deployment/vercel.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/guide/advanced/deployment/vercel.md b/docs/guide/advanced/deployment/vercel.md
index 9ee92a21..744e8dc8 100644
--- a/docs/guide/advanced/deployment/vercel.md
+++ b/docs/guide/advanced/deployment/vercel.md
@@ -12,7 +12,7 @@ This variable is avalible at both build and run-time. Therefore you can referenc
 export default defineNuxtConfig({
   modules: ['@sidebase/nuxt-auth'],
   auth: {
-    baseURL: process.env.VERCEL_URL ? `https://${VERCEL_URL}/api/auth` : undefined
+    baseURL: process.env.VERCEL_URL ? `https://${process.env.VERCEL_URL}/api/auth` : undefined
   }
 })
 ```

From 218a8465fd01fbf70562ab4cc1083dea3931d1a1 Mon Sep 17 00:00:00 2001
From: Marco Rizzato <rizzato.marco95@gmail.com>
Date: Thu, 21 Nov 2024 11:41:42 +0100
Subject: [PATCH 2/2] enh(#895): Custom refresh response token pointer (#910)

---
 docs/guide/local/quick-start.md             | 14 ++++++++++++++
 playground-local/nuxt.config.ts             |  1 +
 src/module.ts                               |  1 +
 src/runtime/composables/local/useAuth.ts    |  5 +++--
 src/runtime/plugins/refresh-token.server.ts |  9 ++++-----
 src/runtime/types.ts                        | 15 +++++++++++++++
 6 files changed, 38 insertions(+), 7 deletions(-)

diff --git a/docs/guide/local/quick-start.md b/docs/guide/local/quick-start.md
index 22d5295a..cbac5f16 100644
--- a/docs/guide/local/quick-start.md
+++ b/docs/guide/local/quick-start.md
@@ -224,6 +224,7 @@ export default defineNuxtConfig({
         refreshOnlyToken: true,
         token: {
           signInResponseRefreshTokenPointer: '/refresh-token',
+          refreshResponseTokenPointer: '',
           refreshRequestTokenPointer: '/refresh-token',
           cookieName: 'auth.token',
           maxAgeInSeconds: 1800,
@@ -291,6 +292,19 @@ E.g., setting this to `/token/refreshToken` and returning an object like `{ toke
 
 This follows the JSON Pointer standard, see its RFC6901 here: https://www.rfc-editor.org/rfc/rfc6901
 
+#### `refreshResponseTokenPointer`
+
+- **Type:** `string`
+- **Default:** `''`
+
+How to extract the authentication-token from the refresh response.
+
+E.g., setting this to `/token/bearer` and returning an object like `{ token: { bearer: 'THE_AUTH_TOKEN' }, timestamp: '2023' }` from the `refresh` endpoint will result in `nuxt-auth` extracting and storing `THE_AUTH_TOKEN`.
+
+If not set, `token.signInResponseTokenPointer` will be used instead.
+
+This follows the JSON Pointer standard, see its RFC6901 here: https://www.rfc-editor.org/rfc/rfc6901
+
 #### `refreshRequestTokenPointer`
 
 - **Type:** `string`
diff --git a/playground-local/nuxt.config.ts b/playground-local/nuxt.config.ts
index 4f6e5c5e..75392d66 100644
--- a/playground-local/nuxt.config.ts
+++ b/playground-local/nuxt.config.ts
@@ -27,6 +27,7 @@ export default defineNuxtConfig({
         endpoint: { path: '/refresh', method: 'post' },
         token: {
           signInResponseRefreshTokenPointer: '/token/refreshToken',
+          refreshResponseTokenPointer: '',
           refreshRequestTokenPointer: '/refreshToken'
         },
       }
diff --git a/src/module.ts b/src/module.ts
index 1ec9f43a..16d727fc 100644
--- a/src/module.ts
+++ b/src/module.ts
@@ -77,6 +77,7 @@ const defaultsByBackend: {
       refreshOnlyToken: true,
       token: {
         signInResponseRefreshTokenPointer: '/refreshToken',
+        refreshResponseTokenPointer: '',
         refreshRequestTokenPointer: '/refreshToken',
         cookieName: 'auth.refresh-token',
         maxAgeInSeconds: 60 * 60 * 24 * 7, // 7 days
diff --git a/src/runtime/composables/local/useAuth.ts b/src/runtime/composables/local/useAuth.ts
index 1b311dfc..60ce39ce 100644
--- a/src/runtime/composables/local/useAuth.ts
+++ b/src/runtime/composables/local/useAuth.ts
@@ -199,11 +199,12 @@ async function refresh(getSessionOptions?: GetSessionOptions) {
   })
 
   // Extract the new token from the refresh response
-  const extractedToken = jsonPointerGet(response, config.token.signInResponseTokenPointer)
+  const tokenPointer = config.refresh.token.refreshResponseTokenPointer || config.token.signInResponseTokenPointer
+  const extractedToken = jsonPointerGet(response, tokenPointer)
   if (typeof extractedToken !== 'string') {
     console.error(
       `Auth: string token expected, received instead: ${JSON.stringify(extractedToken)}. `
-      + `Tried to find token at ${config.token.signInResponseTokenPointer} in ${JSON.stringify(response)}`
+      + `Tried to find token at ${tokenPointer} in ${JSON.stringify(response)}`
     )
     return
   }
diff --git a/src/runtime/plugins/refresh-token.server.ts b/src/runtime/plugins/refresh-token.server.ts
index 1d05065d..aa45f77d 100644
--- a/src/runtime/plugins/refresh-token.server.ts
+++ b/src/runtime/plugins/refresh-token.server.ts
@@ -32,16 +32,16 @@ export default defineNuxtPlugin({
           headers
         })
 
+        const tokenPointer = provider.refresh.token.refreshResponseTokenPointer || provider.token.signInResponseTokenPointer
         const extractedToken = jsonPointerGet(
           response,
-          provider.token.signInResponseTokenPointer
+          tokenPointer
         )
         if (typeof extractedToken !== 'string') {
           console.error(
             `Auth: string token expected, received instead: ${JSON.stringify(
               extractedToken
-            )}. Tried to find token at ${
-              provider.token.signInResponseTokenPointer
+            )}. Tried to find token at ${tokenPointer
             } in ${JSON.stringify(response)}`
           )
           return
@@ -57,8 +57,7 @@ export default defineNuxtPlugin({
             console.error(
               `Auth: string token expected, received instead: ${JSON.stringify(
                 extractedRefreshToken
-              )}. Tried to find token at ${
-                provider.refresh.token.signInResponseRefreshTokenPointer
+              )}. Tried to find token at ${provider.refresh.token.signInResponseRefreshTokenPointer
               } in ${JSON.stringify(response)}`
             )
             return
diff --git a/src/runtime/types.ts b/src/runtime/types.ts
index 17152cec..dc225b69 100644
--- a/src/runtime/types.ts
+++ b/src/runtime/types.ts
@@ -255,6 +255,21 @@ export interface ProviderLocal {
        * @example /       Access the root of the sign-in response object, useful when your endpoint returns a plain, non-object string as the token
        */
       signInResponseRefreshTokenPointer?: string
+      /**
+       * How to extract the authentication-token from the refresh response.
+       *
+       *
+       * E.g., setting this to `/token/bearer` and returning an object like `{ token: { bearer: 'THE_AUTH_TOKEN' }, timestamp: '2023' }` from the `refresh` endpoint will
+       * result in `nuxt-auth` extracting and storing `THE_AUTH_TOKEN`.
+       *
+       * If not set, `token.signInResponseTokenPointer` will be used instead.
+       *
+       * This follows the JSON Pointer standard, see it's RFC6901 here: https://www.rfc-editor.org/rfc/rfc6901
+       *
+       * @default ''
+       * @example /       Access the root of the refresh response object, useful when your endpoint returns a plain, non-object string as the token
+       */
+      refreshResponseTokenPointer?: string
       /**
        * How to do a fetch for the refresh token.
        *