@axa-fr/oidc-client 6.26.6

package/dist/vanillaOidc.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"vanillaOidc.d.ts","sourceRoot":"","sources":["../src/src/vanillaOidc.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAChD,OAAO,EAAsB,MAAM,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEjE,MAAM,WAAW,eAAe;IAC5B,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAC,GAAG,OAAE;CAC5B;AAED,qBAAa,WAAW;IACpB,OAAO,CAAC,KAAK,CAAO;gBACR,IAAI,EAAE,IAAI;IAItB,eAAe,CAAC,IAAI,EAAC,eAAe,GAAE,MAAM;IAI5C,uBAAuB,CAAC,EAAE,EAAC,MAAM,GAAE,IAAI;IAIvC,YAAY,CAAC,SAAS,EAAC,MAAM,EAAE,IAAI,EAAC,GAAG,GAAI,IAAI;IAI/C,MAAM,CAAC,WAAW,aAAe,MAAM,KAAK,qBAAoB,iBAAiB,oBAAqB,WAAW,CAE/G;IAEF,MAAM,CAAC,GAAG,CAAC,IAAI,SAAY,GAAE,WAAW;IAIxC,MAAM,CAAC,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;MAAmB;IACpC,2BAA2B,IAAG,OAAO,CAAC,OAAO,CAAC;IAI9C,UAAU,CAAC,YAAY,GAAC,MAAkB,EAAE,MAAM,GAAC,SAAgB,EAAE,cAAc,UAAQ,EAAE,KAAK,GAAC,MAAkB,EAAE,eAAe,UAAQ,GAAE,OAAO,CAAC,OAAO,CAAC;IAIhK,WAAW,CAAC,iBAAiB,GAAE,MAAM,GAAG,IAAI,GAAG,SAAqB,EAAE,MAAM,GAAE,SAAgB,GAAE,OAAO,CAAC,IAAI,CAAC;IAI7G,wBAAwB,IAAG,OAAO,CAAC,IAAI,CAAC;IAIxC,gBAAgB,CAAC,MAAM,GAAC,SAAgB,GAAE,OAAO,CAAC,IAAI,CAAC;IAIvD,kBAAkB,IAAG,OAAO,CAAC,aAAa,CAAC;IAI3C,IAAI,MAAM,IAAG,MAAM,CAElB;IAED,IAAI,aAAa,IAAG,iBAAiB,CAEpC;IAEK,kBAAkB,CAAC,MAAM,SAAM,EAAE,UAAU,SAAK,GAAG,OAAO,CAAC,UAAU,CAAC;IAItE,aAAa,CAAC,CAAC,SAAS,YAAY,GAAG,YAAY,EAAE,OAAO,UAAQ,GAAE,OAAO,CAAC,CAAC,CAAC;CAGzF;AAED,MAAM,WAAW,YAAY;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC,OAAO,CAAC,EAAE,gBAAgB,CAAC;IAC3B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACrB;AAED,MAAM,WAAW,gBAAgB;IAC7B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;CACpB"}

package/package.json

@@ -0,0 +1,60 @@
+{
+  "name": "@axa-fr/oidc-client",
+  "version": "6.26.6",
+  "private": false,
+  "type": "module",
+  "main": "./dist/index.umd.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "description": "OpenID Connect & OAuth authentication using native javascript only, compatible with angular, react, vue, svelte, next, etc.",
+  "files": [
+    "dist",
+    "bin",
+    "src",
+    "README.md",
+    "package.json",
+    "package-lock.json"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/AxaGuilDEv/react-oidc.git"
+  },
+  "dependencies": {
+    "@axa-fr/oidc-client-service-worker": "6.26.6"
+  },
+  "devDependencies": {
+    "@testing-library/dom": "^9.3.1",
+    "@testing-library/jest-dom": "^5.16.5",
+    "@testing-library/react": "13.3.0",
+    "@vitest/coverage-v8": "^0.33.0",
+    "base64-js": "^1.5.1",
+    "cpy": "^10.1.0",
+    "cpy-cli": "^5.0.0",
+    "rimraf": "5.0.1",
+    "typescript": "5.1.6",
+    "vite": "^4.4.4",
+    "vite-plugin-dts": "^3.3.0",
+    "vitest": "^0.33.0"
+  },
+  "keywords": [
+    "oidc",
+    "OpenID Connect",
+    "openid",
+    "oauth2",
+    "oauth",
+    "vanilla"
+  ],
+  "scripts": {
+    "clean": "rimraf dist",
+    "copy-service-worker": "cpy ./node_modules/@axa-fr/oidc-client-service-worker/dist/OidcTrustedDomains.js ./node_modules/@axa-fr/oidc-client-service-worker/dist/OidcServiceWorker.js ./dist",
+    "build": "tsc && vite build",
+    "test": "vitest --root . --coverage",
+    "prepare": "pnpm run clean && pnpm run copy-service-worker && pnpm run build",
+    "postinstall": "node ./bin/post-install.mjs"
+  },
+  "license": "MIT",
+  "publishConfig": {
+    "access": "public",
+    "registry": "https://registry.npmjs.org/"
+  }
+}

package/src/cache.ts

@@ -0,0 +1,26 @@
+const fetchFromIssuerCache = {};
+
+export const getFromCache = (localStorageKey, storage = window.sessionStorage, timeCacheSecond) => {
+    if (!fetchFromIssuerCache[localStorageKey]) {
+        if (storage) {
+            const cacheJson = storage.getItem(localStorageKey);
+            if (cacheJson) {
+                fetchFromIssuerCache[localStorageKey] = JSON.parse(cacheJson);
+            }
+        }
+    }
+    const oneHourMinisecond = 1000 * timeCacheSecond;
+    // @ts-ignore
+    if (fetchFromIssuerCache[localStorageKey] && (fetchFromIssuerCache[localStorageKey].timestamp + oneHourMinisecond) > Date.now()) {
+        return fetchFromIssuerCache[localStorageKey].result;
+    }
+    return null;
+};
+
+export const setCache = (localStorageKey, result, storage = window.sessionStorage) => {
+    const timestamp = Date.now();
+    fetchFromIssuerCache[localStorageKey] = { result, timestamp };
+    if (storage) {
+        storage.setItem(localStorageKey, JSON.stringify({ result, timestamp }));
+    }
+};

package/src/checkSession.ts

@@ -0,0 +1,60 @@
+import { CheckSessionIFrame } from './checkSessionIFrame.js';
+import { _silentLoginAsync, SilentLoginResponse } from './silentLogin.js';
+import { OidcConfiguration } from './types.js';
+
+// eslint-disable-next-line @typescript-eslint/ban-types
+export const startCheckSessionAsync = (oidc:any, oidcDatabase:any, configuration :OidcConfiguration) => (checkSessionIFrameUri, clientId, sessionState, isSilentSignin = false) => {
+    const silentLoginAsync = (extras, state = undefined, scope = undefined):Promise<SilentLoginResponse> => {
+        return _silentLoginAsync(oidc.configurationName, configuration, oidc.publishEvent.bind(oidc))(extras, state, scope);
+    };
+
+    return new Promise<CheckSessionIFrame>((resolve, reject): void => {
+        if (configuration.silent_login_uri && configuration.silent_redirect_uri && configuration.monitor_session && checkSessionIFrameUri && sessionState && !isSilentSignin) {
+            const checkSessionCallback = () => {
+                oidc.checkSessionIFrame.stop();
+                const tokens = oidc.tokens;
+                if (tokens === null) {
+                    return;
+                }
+                const idToken = tokens.idToken;
+                const idTokenPayload = tokens.idTokenPayload;
+                return silentLoginAsync({
+                    prompt: 'none',
+                    id_token_hint: idToken,
+                    scope: configuration.scope || 'openid',
+                }).then((silentSigninResponse) => {
+                    const iFrameIdTokenPayload = silentSigninResponse.tokens.idTokenPayload;
+                    if (idTokenPayload.sub === iFrameIdTokenPayload.sub) {
+                        const sessionState = silentSigninResponse.sessionState;
+                        oidc.checkSessionIFrame.start(silentSigninResponse.sessionState);
+                        if (idTokenPayload.sid === iFrameIdTokenPayload.sid) {
+                            console.debug('SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:', sessionState);
+                        } else {
+                            console.debug('SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:', sessionState);
+                        }
+                    } else {
+                        console.debug('SessionMonitor._callback: Different subject signed into OP:', iFrameIdTokenPayload.sub);
+                    }
+                    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+                }).catch(async (e) => {
+                    console.warn('SessionMonitor._callback: Silent login failed, logging out other tabs:', e);
+                    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+                    for (const [key, oidc] of Object.entries(oidcDatabase)) {
+                        // @ts-ignore
+                        await oidc.logoutOtherTabAsync(configuration.client_id, idTokenPayload.sub);
+                    }
+                });
+            };
+
+            oidc.checkSessionIFrame = new CheckSessionIFrame(checkSessionCallback, clientId, checkSessionIFrameUri);
+            oidc.checkSessionIFrame.load().then(() => {
+                oidc.checkSessionIFrame.start(sessionState);
+                resolve(oidc.checkSessionIFrame);
+            }).catch((e) => {
+                reject(e);
+            });
+        } else {
+            resolve(null);
+        }
+    });
+};

package/src/checkSessionIFrame.ts

@@ -0,0 +1,83 @@
+const DefaultInterval = 2000;
+
+const Log = console;
+
+export class CheckSessionIFrame {
+    private readonly _client_id: any;
+    private readonly _callback: any;
+    private _url: any;
+    private readonly _interval: number;
+    private readonly _stopOnError: boolean;
+    private readonly _frame_origin: string;
+    private readonly _frame: HTMLIFrameElement;
+    private _boundMessageEvent: any;
+    private _timer: number;
+    constructor(callback, client_id, url, interval = DefaultInterval, stopOnError = true) {
+        this._callback = callback;
+        this._client_id = client_id;
+        this._url = url;
+        this._interval = interval || DefaultInterval;
+        this._stopOnError = stopOnError;
+        const idx = url.indexOf('/', url.indexOf('//') + 2);
+        this._frame_origin = url.substr(0, idx);
+        this._frame = window.document.createElement('iframe');
+        this._frame.style.visibility = 'hidden';
+        this._frame.style.position = 'absolute';
+        this._frame.style.display = 'none';
+        // @ts-ignore
+        this._frame.width = 0;
+        // @ts-ignore
+        this._frame.height = 0;
+
+        this._frame.src = url;
+    }
+
+    load() {
+        return new Promise<void>((resolve) => {
+            this._frame.onload = () => {
+                resolve();
+            };
+            window.document.body.appendChild(this._frame);
+            this._boundMessageEvent = this._message.bind(this);
+            window.addEventListener('message', this._boundMessageEvent, false);
+        });
+    }
+
+    _message(e) {
+        if (e.origin === this._frame_origin &&
+            e.source === this._frame.contentWindow
+        ) {
+            if (e.data === 'error') {
+                Log.error('CheckSessionIFrame: error message from check session op iframe');
+                if (this._stopOnError) {
+                    this.stop();
+                }
+            } else if (e.data === 'changed') {
+                Log.debug(e);
+                Log.debug('CheckSessionIFrame: changed message from check session op iframe');
+                this.stop();
+                this._callback();
+            } else {
+                Log.debug('CheckSessionIFrame: ' + e.data + ' message from check session op iframe');
+            }
+        }
+    }
+
+    start(session_state) {
+            Log.debug('CheckSessionIFrame.start :' + session_state);
+            this.stop();
+            const send = () => {
+                this._frame.contentWindow.postMessage(this._client_id + ' ' + session_state, this._frame_origin);
+            };
+            send();
+            this._timer = window.setInterval(send, this._interval);
+    }
+
+    stop() {
+        if (this._timer) {
+            Log.debug('CheckSessionIFrame.stop');
+            window.clearInterval(this._timer);
+            this._timer = null;
+        }
+    }
+}

package/src/crypto.ts

@@ -0,0 +1,61 @@
+import * as base64 from 'base64-js';
+
+const cryptoInfo = () => {
+  const hasCrypto = typeof window !== 'undefined' && !!(window.crypto as any);
+  const hasSubtleCrypto = hasCrypto && !!(window.crypto.subtle as any);
+  return { hasCrypto, hasSubtleCrypto };
+};
+const charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
+
+const bufferToString = (buffer: Uint8Array) => {
+  const state = [];
+  for (let i = 0; i < buffer.byteLength; i += 1) {
+    const index = buffer[i] % charset.length;
+    state.push(charset[index]);
+  }
+  return state.join('');
+};
+
+const urlSafe = (buffer: Uint8Array): string => {
+  const encoded = base64.fromByteArray(new Uint8Array(buffer));
+  return encoded.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
+};
+
+export const generateRandom = (size: number) => {
+    const buffer = new Uint8Array(size);
+    const { hasCrypto } = cryptoInfo();
+    if (hasCrypto) {
+      window.crypto.getRandomValues(buffer);
+    } else {
+      // fall back to Math.random() if nothing else is available
+      for (let i = 0; i < size; i += 1) {
+        buffer[i] = (Math.random() * charset.length) | 0;
+      }
+    }
+    return bufferToString(buffer);
+  };
+
+export function textEncodeLite(str: string) {
+  const buf = new ArrayBuffer(str.length);
+  const bufView = new Uint8Array(buf);
+
+  for (let i = 0; i < str.length; i++) {
+    bufView[i] = str.charCodeAt(i);
+  }
+  return bufView;
+}
+  export const deriveChallengeAsync = (code: string): Promise<string> => {
+    if (code.length < 43 || code.length > 128) {
+      return Promise.reject(new Error('Invalid code length.'));
+    }
+    const { hasSubtleCrypto } = cryptoInfo();
+    if (!hasSubtleCrypto) {
+      return Promise.reject(new Error('window.crypto.subtle is unavailable.'));
+    }
+
+    return new Promise((resolve, reject) => {
+      crypto.subtle.digest('SHA-256', textEncodeLite(code)).then(buffer => {
+        return resolve(urlSafe(new Uint8Array(buffer)));
+      }, error => reject(error));
+    });
+};

package/src/events.ts

@@ -0,0 +1,28 @@
+export const eventNames = {
+    service_worker_not_supported_by_browser: 'service_worker_not_supported_by_browser',
+    token_aquired: 'token_aquired',
+    logout_from_another_tab: 'logout_from_another_tab',
+    logout_from_same_tab: 'logout_from_same_tab',
+    token_renewed: 'token_renewed',
+    token_timer: 'token_timer',
+    loginAsync_begin: 'loginAsync_begin',
+    loginAsync_error: 'loginAsync_error',
+    loginCallbackAsync_begin: 'loginCallbackAsync_begin',
+    loginCallbackAsync_end: 'loginCallbackAsync_end',
+    loginCallbackAsync_error: 'loginCallbackAsync_error',
+    refreshTokensAsync_begin: 'refreshTokensAsync_begin',
+    refreshTokensAsync: 'refreshTokensAsync',
+    refreshTokensAsync_end: 'refreshTokensAsync_end',
+    refreshTokensAsync_error: 'refreshTokensAsync_error',
+    refreshTokensAsync_silent_error: 'refreshTokensAsync_silent_error',
+    tryKeepExistingSessionAsync_begin: 'tryKeepExistingSessionAsync_begin',
+    tryKeepExistingSessionAsync_end: 'tryKeepExistingSessionAsync_end',
+    tryKeepExistingSessionAsync_error: 'tryKeepExistingSessionAsync_error',
+    silentLoginAsync_begin: 'silentLoginAsync_begin',
+    silentLoginAsync: 'silentLoginAsync',
+    silentLoginAsync_end: 'silentLoginAsync_end',
+    silentLoginAsync_error: 'silentLoginAsync_error',
+    syncTokensAsync_begin: 'syncTokensAsync_begin',
+    syncTokensAsync_end: 'syncTokensAsync_end',
+    syncTokensAsync_error: 'syncTokensAsync_error',
+};

package/src/index.ts

@@ -0,0 +1,10 @@
+export { getFetchDefault } from './oidc.js';
+export { TokenRenewMode } from './parseTokens.js';
+export { getParseQueryStringFromLocation, getPath } from './route-utils';
+export type {
+  AuthorityConfiguration,
+  Fetch,
+  OidcConfiguration,
+  StringMap,
+} from './types.js';
+export { type OidcUserInfo, VanillaOidc } from './vanillaOidc.js';

package/src/iniWorker.spec.ts

@@ -0,0 +1,21 @@
+import { describe, expect,it } from 'vitest';
+
+import { excludeOs, getOperatingSystem } from './initWorker';
+
+describe('initWorker test Suite', () => {
+
+    it.each([['Mozilla/5.0 (iPhone; CPU iPhone OS 12_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1', 'iOS', '12.1.0'],
+    ['Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/69.0.3497.105 Mobile/15E148 Safari/605.1', 'Mac OS X', '10_15_6'],
+    ])(
+        'getOperatingSystem should return OS for Version',
+        (userAgent, expectedOs, expectedVersion) => {
+            const operatingSystem = getOperatingSystem({ userAgent, appVersion: 'OS ' + expectedVersion.replaceAll('.', '_') });
+            expect(expectedOs).toBe(operatingSystem.os);
+            expect(expectedVersion).toBe(operatingSystem.osVersion);
+    
+            const isExcluded = excludeOs(operatingSystem);
+            expect(isExcluded).toBe(true);
+        },
+    );
+
+});

package/src/initSession.ts

@@ -0,0 +1,89 @@
+export const initSession = (configurationName, storage = sessionStorage) => {
+    const clearAsync = (status) => {
+        storage[`oidc.${configurationName}`] = JSON.stringify({ tokens: null, status });
+        return Promise.resolve();
+    };
+
+    const initAsync = async () => {
+        if (!storage[`oidc.${configurationName}`]) {
+            storage[`oidc.${configurationName}`] = JSON.stringify({ tokens: null, status: null });
+            return { tokens: null, status: null };
+        }
+        const data = JSON.parse(storage[`oidc.${configurationName}`]);
+        return Promise.resolve({ tokens: data.tokens, status: data.status });
+    };
+
+    const setTokens = (tokens) => {
+        storage[`oidc.${configurationName}`] = JSON.stringify({ tokens });
+    };
+
+    const setSessionStateAsync = async (sessionState) => {
+        storage[`oidc.session_state.${configurationName}`] = sessionState;
+    };
+
+    const getSessionStateAsync = async () => {
+        return storage[`oidc.session_state.${configurationName}`];
+    };
+
+    const setNonceAsync = (nonce) => {
+        localStorage[`oidc.nonce.${configurationName}`] = nonce.nonce;
+    };
+
+    const getNonceAsync = async () => {
+        // @ts-ignore
+        return { nonce: localStorage[`oidc.nonce.${configurationName}`] };
+    };
+
+    const getTokens = () => {
+        if (!storage[`oidc.${configurationName}`]) {
+            return null;
+        }
+        return JSON.stringify({ tokens: JSON.parse(storage[`oidc.${configurationName}`]).tokens });
+    };
+
+    let getLoginParamsCache = null;
+    const setLoginParams = (configurationName:string, data) => {
+        getLoginParamsCache = data;
+        storage[`oidc.login.${configurationName}`] = JSON.stringify(data);
+    };
+    const getLoginParams = (configurationName) => {
+        const dataString = storage[`oidc.login.${configurationName}`];
+        if (!getLoginParamsCache) {
+            getLoginParamsCache = JSON.parse(dataString);
+        }
+        return getLoginParamsCache;
+    };
+
+    const getStateAsync = async () => {
+        return storage[`oidc.state.${configurationName}`];
+    };
+
+    const setStateAsync = async (state:string) => {
+        storage[`oidc.state.${configurationName}`] = state;
+    };
+
+    const getCodeVerifierAsync = async () => {
+        return storage[`oidc.code_verifier.${configurationName}`];
+    };
+
+    const setCodeVerifierAsync = async (codeVerifier) => {
+        storage[`oidc.code_verifier.${configurationName}`] = codeVerifier;
+    };
+
+    return {
+        clearAsync,
+        initAsync,
+        setTokens,
+        getTokens,
+        setSessionStateAsync,
+        getSessionStateAsync,
+        setNonceAsync,
+        getNonceAsync,
+        setLoginParams,
+        getLoginParams,
+        getStateAsync,
+        setStateAsync,
+        getCodeVerifierAsync,
+        setCodeVerifierAsync,
+    };
+};