sidebase · zoey-kaiser · Nov 21, 2024 · Sep 14, 2024 · Sep 17, 2024 · Sep 18, 2024
diff --git a/docs/guide/local/quick-start.md b/docs/guide/local/quick-start.md
@@ -224,6 +224,7 @@ export default defineNuxtConfig({
         refreshOnlyToken: true,
         token: {
           signInResponseRefreshTokenPointer: '/refresh-token',
+          refreshResponseTokenPointer: '',
           refreshRequestTokenPointer: '/refresh-token',
           cookieName: 'auth.token',
           maxAgeInSeconds: 1800,
@@ -291,6 +292,19 @@ E.g., setting this to `/token/refreshToken` and returning an object like `{ toke
 
 This follows the JSON Pointer standard, see its RFC6901 here: https://www.rfc-editor.org/rfc/rfc6901
 
+#### `refreshResponseTokenPointer`
+
+- **Type:** `string`
+- **Default:** `''`
+
+How to extract the authentication-token from the refresh response.
+
+E.g., setting this to `/token/bearer` and returning an object like `{ token: { bearer: 'THE_AUTH_TOKEN' }, timestamp: '2023' }` from the `refresh` endpoint will result in `nuxt-auth` extracting and storing `THE_AUTH_TOKEN`.
+
+If not set, `token.signInResponseTokenPointer` will be used instead.
+
+This follows the JSON Pointer standard, see its RFC6901 here: https://www.rfc-editor.org/rfc/rfc6901
+
 #### `refreshRequestTokenPointer`
 
 - **Type:** `string`

diff --git a/playground-local/nuxt.config.ts b/playground-local/nuxt.config.ts
@@ -27,6 +27,7 @@ export default defineNuxtConfig({
         endpoint: { path: '/refresh', method: 'post' },
         token: {
           signInResponseRefreshTokenPointer: '/token/refreshToken',
+          refreshResponseTokenPointer: '',
           refreshRequestTokenPointer: '/refreshToken'
         },
       }

diff --git a/src/module.ts b/src/module.ts
@@ -77,6 +77,7 @@ const defaultsByBackend: {
       refreshOnlyToken: true,
       token: {
         signInResponseRefreshTokenPointer: '/refreshToken',
+        refreshResponseTokenPointer: '',
         refreshRequestTokenPointer: '/refreshToken',
         cookieName: 'auth.refresh-token',
         maxAgeInSeconds: 60 * 60 * 24 * 7, // 7 days

diff --git a/src/runtime/composables/local/useAuth.ts b/src/runtime/composables/local/useAuth.ts
@@ -199,11 +199,12 @@ async function refresh(getSessionOptions?: GetSessionOptions) {
   })
 
   // Extract the new token from the refresh response
-  const extractedToken = jsonPointerGet(response, config.token.signInResponseTokenPointer)
+  const tokenPointer = config.refresh.token.refreshResponseTokenPointer || config.token.signInResponseTokenPointer
+  const extractedToken = jsonPointerGet(response, tokenPointer)
   if (typeof extractedToken !== 'string') {
     console.error(
       `Auth: string token expected, received instead: ${JSON.stringify(extractedToken)}. `
-      + `Tried to find token at ${config.token.signInResponseTokenPointer} in ${JSON.stringify(response)}`
+      + `Tried to find token at ${tokenPointer} in ${JSON.stringify(response)}`
     )
     return
   }

diff --git a/src/runtime/plugins/refresh-token.server.ts b/src/runtime/plugins/refresh-token.server.ts
@@ -32,16 +32,16 @@ export default defineNuxtPlugin({
           headers
         })
 
+        const tokenPointer = provider.refresh.token.refreshResponseTokenPointer || provider.token.signInResponseTokenPointer
         const extractedToken = jsonPointerGet(
           response,
-          provider.token.signInResponseTokenPointer
+          tokenPointer
         )
         if (typeof extractedToken !== 'string') {
           console.error(
             `Auth: string token expected, received instead: ${JSON.stringify(
               extractedToken
-            )}. Tried to find token at ${
-              provider.token.signInResponseTokenPointer
+            )}. Tried to find token at ${tokenPointer
             } in ${JSON.stringify(response)}`
           )
           return
@@ -57,8 +57,7 @@ export default defineNuxtPlugin({
             console.error(
               `Auth: string token expected, received instead: ${JSON.stringify(
                 extractedRefreshToken
-              )}. Tried to find token at ${
-                provider.refresh.token.signInResponseRefreshTokenPointer
+              )}. Tried to find token at ${provider.refresh.token.signInResponseRefreshTokenPointer
               } in ${JSON.stringify(response)}`
             )
             return

diff --git a/src/runtime/types.ts b/src/runtime/types.ts
@@ -255,6 +255,21 @@ export interface ProviderLocal {
        * @example /       Access the root of the sign-in response object, useful when your endpoint returns a plain, non-object string as the token
        */
       signInResponseRefreshTokenPointer?: string
+      /**
+       * How to extract the authentication-token from the refresh response.
+       *
+       *
+       * E.g., setting this to `/token/bearer` and returning an object like `{ token: { bearer: 'THE_AUTH_TOKEN' }, timestamp: '2023' }` from the `refresh` endpoint will
+       * result in `nuxt-auth` extracting and storing `THE_AUTH_TOKEN`.
+       *
+       * If not set, `token.signInResponseTokenPointer` will be used instead.
+       *
+       * This follows the JSON Pointer standard, see it's RFC6901 here: https://www.rfc-editor.org/rfc/rfc6901
+       *
+       * @default ''
+       * @example /       Access the root of the refresh response object, useful when your endpoint returns a plain, non-object string as the token
+       */
+      refreshResponseTokenPointer?: string
       /**
        * How to do a fetch for the refresh token.
        *