@axa-fr/oidc-client 7.13.16 → 7.14.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +31 -0
- package/dist/checkSession.d.ts +2 -1
- package/dist/checkSession.d.ts.map +1 -1
- package/dist/index.js +658 -642
- package/dist/index.umd.cjs +2 -2
- package/dist/initSession.d.ts +1 -1
- package/dist/initSession.d.ts.map +1 -1
- package/dist/initWorker.d.ts +1 -1
- package/dist/initWorker.d.ts.map +1 -1
- package/dist/jwt.d.ts +10 -6
- package/dist/jwt.d.ts.map +1 -1
- package/dist/keepSession.d.ts +3 -0
- package/dist/keepSession.d.ts.map +1 -0
- package/dist/login.d.ts +2 -1
- package/dist/login.d.ts.map +1 -1
- package/dist/logout.d.ts.map +1 -1
- package/dist/oidc.d.ts +5 -10
- package/dist/oidc.d.ts.map +1 -1
- package/dist/renewTokens.d.ts +18 -2
- package/dist/renewTokens.d.ts.map +1 -1
- package/dist/types.d.ts +8 -0
- package/dist/types.d.ts.map +1 -1
- package/dist/user.d.ts +2 -1
- package/dist/user.d.ts.map +1 -1
- package/dist/version.d.ts +1 -1
- package/dist/version.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/checkSession.ts +2 -1
- package/src/initSession.ts +1 -1
- package/src/initWorker.ts +1 -1
- package/src/jwt.ts +111 -93
- package/src/keepSession.ts +78 -0
- package/src/login.ts +4 -3
- package/src/logout.ts +1 -0
- package/src/oidc.ts +30 -136
- package/src/parseTokens.ts +1 -1
- package/src/renewTokens.ts +61 -3
- package/src/requests.ts +1 -1
- package/src/types.ts +9 -0
- package/src/user.ts +2 -1
- package/src/version.ts +1 -1
package/src/renewTokens.ts
CHANGED
|
@@ -3,9 +3,9 @@ import {initWorkerAsync} from './initWorker.js';
|
|
|
3
3
|
import Oidc from './oidc.js';
|
|
4
4
|
import {computeTimeLeft, setTokens} from './parseTokens.js';
|
|
5
5
|
import timer from './timer.js';
|
|
6
|
-
import {StringMap} from './types.js';
|
|
6
|
+
import {OidcConfiguration, StringMap} from './types.js';
|
|
7
7
|
|
|
8
|
-
async function syncTokens(oidc, refreshToken, forceRefresh: boolean, extras: StringMap) {
|
|
8
|
+
async function syncTokens(oidc:Oidc, refreshToken, forceRefresh: boolean, extras: StringMap) {
|
|
9
9
|
const updateTokens = (tokens) => {
|
|
10
10
|
oidc.tokens = tokens;
|
|
11
11
|
};
|
|
@@ -72,7 +72,7 @@ export async function renewTokensAndStartTimerAsync(oidc, refreshToken, forceRef
|
|
|
72
72
|
return oidc.tokens;
|
|
73
73
|
}
|
|
74
74
|
|
|
75
|
-
export const autoRenewTokens = (oidc, refreshToken, expiresAt, extras:StringMap = null) => {
|
|
75
|
+
export const autoRenewTokens = (oidc:Oidc, refreshToken, expiresAt, extras:StringMap = null) => {
|
|
76
76
|
const refreshTimeBeforeTokensExpirationInSecond = oidc.configuration.refresh_time_before_tokens_expiration_in_second;
|
|
77
77
|
return timer.setTimeout(async () => {
|
|
78
78
|
const timeLeft = computeTimeLeft(refreshTimeBeforeTokensExpirationInSecond, expiresAt);
|
|
@@ -81,3 +81,61 @@ export const autoRenewTokens = (oidc, refreshToken, expiresAt, extras:StringMap
|
|
|
81
81
|
await renewTokensAndStartTimerAsync(oidc, refreshToken, false, extras);
|
|
82
82
|
}, 1000);
|
|
83
83
|
};
|
|
84
|
+
|
|
85
|
+
export const synchroniseTokensStatus ={
|
|
86
|
+
'SESSION_LOST': 'SESSION_LOST',
|
|
87
|
+
'NOT_CONNECTED':'NOT_CONNECTED',
|
|
88
|
+
'TOKENS_VALID':'TOKENS_VALID',
|
|
89
|
+
'TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID': 'TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID',
|
|
90
|
+
'LOGOUT_FROM_ANOTHER_TAB': 'LOGOUT_FROM_ANOTHER_TAB',
|
|
91
|
+
'REQUIRE_SYNC_TOKENS': 'REQUIRE_SYNC_TOKENS'
|
|
92
|
+
};
|
|
93
|
+
|
|
94
|
+
export const syncTokensInfoAsync = (oidc: Oidc) => async (configuration:OidcConfiguration, configurationName: string, currentTokens, forceRefresh = false) => {
|
|
95
|
+
// Service Worker can be killed by the browser (when it wants,for example after 10 seconds of inactivity, so we retreieve the session if it happen)
|
|
96
|
+
// const configuration = this.configuration;
|
|
97
|
+
const nullNonce = { nonce: null };
|
|
98
|
+
if (!currentTokens) {
|
|
99
|
+
return { tokens: null, status: 'NOT_CONNECTED', nonce: nullNonce };
|
|
100
|
+
}
|
|
101
|
+
let nonce = nullNonce;
|
|
102
|
+
const oidcServerConfiguration = await oidc.initAsync(configuration.authority, configuration.authority_configuration);
|
|
103
|
+
const serviceWorker = await initWorkerAsync(configuration, configurationName);
|
|
104
|
+
if (serviceWorker) {
|
|
105
|
+
const { status, tokens } = await serviceWorker.initAsync(oidcServerConfiguration, 'syncTokensAsync', configuration);
|
|
106
|
+
if (status === 'LOGGED_OUT') {
|
|
107
|
+
return { tokens: null, status: 'LOGOUT_FROM_ANOTHER_TAB', nonce: nullNonce };
|
|
108
|
+
} else if (status === 'SESSIONS_LOST') {
|
|
109
|
+
return { tokens: null, status: 'SESSIONS_LOST', nonce: nullNonce };
|
|
110
|
+
} else if (!status || !tokens) {
|
|
111
|
+
return { tokens: null, status: 'REQUIRE_SYNC_TOKENS', nonce: nullNonce };
|
|
112
|
+
} else if (tokens.issuedAt !== currentTokens.issuedAt) {
|
|
113
|
+
const timeLeft = computeTimeLeft(configuration.refresh_time_before_tokens_expiration_in_second, tokens.expiresAt);
|
|
114
|
+
const status = (timeLeft > 0) ? 'TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID' : 'TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID';
|
|
115
|
+
const nonce = await serviceWorker.getNonceAsync();
|
|
116
|
+
return { tokens, status, nonce };
|
|
117
|
+
}
|
|
118
|
+
nonce = await serviceWorker.getNonceAsync();
|
|
119
|
+
} else {
|
|
120
|
+
const session = initSession(configurationName, configuration.storage ?? sessionStorage);
|
|
121
|
+
const { tokens, status } = await session.initAsync();
|
|
122
|
+
if (!tokens) {
|
|
123
|
+
return { tokens: null, status: 'LOGOUT_FROM_ANOTHER_TAB', nonce: nullNonce };
|
|
124
|
+
} else if (status === 'SESSIONS_LOST') {
|
|
125
|
+
return { tokens: null, status: 'SESSIONS_LOST', nonce: nullNonce };
|
|
126
|
+
} else if (tokens.issuedAt !== currentTokens.issuedAt) {
|
|
127
|
+
const timeLeft = computeTimeLeft(configuration.refresh_time_before_tokens_expiration_in_second, tokens.expiresAt);
|
|
128
|
+
const status = (timeLeft > 0) ? 'TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID' : 'TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID';
|
|
129
|
+
const nonce = await session.getNonceAsync();
|
|
130
|
+
return { tokens, status, nonce };
|
|
131
|
+
}
|
|
132
|
+
nonce = await session.getNonceAsync();
|
|
133
|
+
}
|
|
134
|
+
|
|
135
|
+
const timeLeft = computeTimeLeft(configuration.refresh_time_before_tokens_expiration_in_second, currentTokens.expiresAt);
|
|
136
|
+
const status = (timeLeft > 0) ? 'TOKENS_VALID' : 'TOKENS_INVALID';
|
|
137
|
+
if (forceRefresh) {
|
|
138
|
+
return { tokens: currentTokens, status: 'FORCE_REFRESH', nonce };
|
|
139
|
+
}
|
|
140
|
+
return { tokens: currentTokens, status, nonce };
|
|
141
|
+
}
|
package/src/requests.ts
CHANGED
|
@@ -27,7 +27,7 @@ export const fetchFromIssuer = (fetch) => async (openIdIssuerUrl: string, timeCa
|
|
|
27
27
|
return new OidcAuthorizationServiceConfiguration(result);
|
|
28
28
|
};
|
|
29
29
|
|
|
30
|
-
const internalFetch = (fetch) => async (url, headers = {}, timeoutMs = 10000, numberRetry = 0) : Promise<Response> => {
|
|
30
|
+
const internalFetch = (fetch) => async (url:string, headers = {}, timeoutMs = 10000, numberRetry = 0) : Promise<Response> => {
|
|
31
31
|
let response;
|
|
32
32
|
try {
|
|
33
33
|
const controller = new AbortController();
|
package/src/types.ts
CHANGED
|
@@ -33,8 +33,17 @@ export type OidcConfiguration = {
|
|
|
33
33
|
token_renew_mode?: string;
|
|
34
34
|
logout_tokens_to_invalidate?:Array<LogoutToken>;
|
|
35
35
|
demonstrating_proof_of_possession?:boolean;
|
|
36
|
+
demonstrating_proof_of_possession_configuration?: DemonstratingProofOfPossessionConfiguration;
|
|
36
37
|
};
|
|
37
38
|
|
|
39
|
+
export interface DemonstratingProofOfPossessionConfiguration {
|
|
40
|
+
generateKeyAlgorithm: RsaHashedKeyGenParams | EcKeyGenParams,
|
|
41
|
+
digestAlgorithm: AlgorithmIdentifier,
|
|
42
|
+
importKeyAlgorithm: AlgorithmIdentifier | RsaHashedImportParams | EcKeyImportParams | HmacImportParams | AesKeyAlgorithm,
|
|
43
|
+
signAlgorithm: AlgorithmIdentifier | RsaPssParams | EcdsaParams,
|
|
44
|
+
jwtHeaderAlgorithm: string
|
|
45
|
+
}
|
|
46
|
+
|
|
38
47
|
export interface StringMap {
|
|
39
48
|
[key: string]: string;
|
|
40
49
|
}
|
package/src/user.ts
CHANGED
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
import { sleepAsync } from './initWorker.js';
|
|
2
2
|
import { isTokensValid } from './parseTokens.js';
|
|
3
|
+
import Oidc from "./oidc";
|
|
3
4
|
|
|
4
|
-
export const userInfoAsync = (oidc) => async (noCache = false) => {
|
|
5
|
+
export const userInfoAsync = (oidc:Oidc) => async (noCache = false) => {
|
|
5
6
|
if (oidc.userInfo != null && !noCache) {
|
|
6
7
|
return oidc.userInfo;
|
|
7
8
|
}
|
package/src/version.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
export default '7.
|
|
1
|
+
export default '7.14.0';
|