@axa-fr/oidc-client 7.22.18 → 7.22.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (73) hide show
  1. package/README.md +31 -39
  2. package/bin/copy-service-worker-files.mjs +24 -17
  3. package/dist/OidcTrustedDomains.js +14 -12
  4. package/dist/cache.d.ts.map +1 -1
  5. package/dist/checkSession.d.ts +1 -1
  6. package/dist/checkSession.d.ts.map +1 -1
  7. package/dist/checkSessionIFrame.d.ts.map +1 -1
  8. package/dist/crypto.d.ts.map +1 -1
  9. package/dist/fetch.d.ts +2 -1
  10. package/dist/fetch.d.ts.map +1 -1
  11. package/dist/index.d.ts +5 -5
  12. package/dist/index.d.ts.map +1 -1
  13. package/dist/index.js +935 -601
  14. package/dist/index.umd.cjs +2 -2
  15. package/dist/initSession.d.ts +1 -1
  16. package/dist/initSession.d.ts.map +1 -1
  17. package/dist/initWorker.d.ts +2 -2
  18. package/dist/initWorker.d.ts.map +1 -1
  19. package/dist/initWorkerOption.d.ts.map +1 -1
  20. package/dist/jwt.d.ts +2 -2
  21. package/dist/jwt.d.ts.map +1 -1
  22. package/dist/keepSession.d.ts.map +1 -1
  23. package/dist/location.d.ts.map +1 -1
  24. package/dist/login.d.ts +1 -1
  25. package/dist/login.d.ts.map +1 -1
  26. package/dist/logout.d.ts +1 -1
  27. package/dist/logout.d.ts.map +1 -1
  28. package/dist/oidc.d.ts +1 -1
  29. package/dist/oidc.d.ts.map +1 -1
  30. package/dist/oidcClient.d.ts +2 -2
  31. package/dist/oidcClient.d.ts.map +1 -1
  32. package/dist/parseTokens.d.ts.map +1 -1
  33. package/dist/renewTokens.d.ts.map +1 -1
  34. package/dist/requests.d.ts +1 -1
  35. package/dist/requests.d.ts.map +1 -1
  36. package/dist/silentLogin.d.ts.map +1 -1
  37. package/dist/timer.d.ts.map +1 -1
  38. package/dist/types.d.ts +1 -1
  39. package/dist/types.d.ts.map +1 -1
  40. package/dist/user.d.ts.map +1 -1
  41. package/dist/version.d.ts +1 -1
  42. package/package.json +2 -2
  43. package/src/cache.ts +21 -18
  44. package/src/checkSession.ts +89 -54
  45. package/src/checkSessionIFrame.ts +70 -69
  46. package/src/crypto.ts +27 -25
  47. package/src/events.ts +28 -28
  48. package/src/fetch.ts +40 -21
  49. package/src/index.ts +6 -17
  50. package/src/iniWorker.spec.ts +26 -16
  51. package/src/initSession.ts +115 -113
  52. package/src/initWorker.ts +299 -212
  53. package/src/initWorkerOption.ts +121 -114
  54. package/src/jwt.ts +150 -136
  55. package/src/keepSession.ts +100 -81
  56. package/src/location.ts +24 -26
  57. package/src/login.ts +246 -189
  58. package/src/logout.spec.ts +131 -76
  59. package/src/logout.ts +130 -115
  60. package/src/oidc.ts +426 -337
  61. package/src/oidcClient.ts +129 -105
  62. package/src/parseTokens.spec.ts +198 -179
  63. package/src/parseTokens.ts +221 -186
  64. package/src/renewTokens.ts +397 -284
  65. package/src/requests.spec.ts +5 -7
  66. package/src/requests.ts +142 -114
  67. package/src/route-utils.spec.ts +17 -19
  68. package/src/route-utils.ts +29 -26
  69. package/src/silentLogin.ts +145 -127
  70. package/src/timer.ts +10 -11
  71. package/src/types.ts +56 -46
  72. package/src/user.ts +17 -12
  73. package/src/version.ts +1 -1
@@ -4,157 +4,175 @@ import { autoRenewTokens } from './renewTokens.js';
4
4
  import timer from './timer.js';
5
5
  import { OidcConfiguration, StringMap } from './types.js';
6
6
  export type SilentLoginResponse = {
7
- tokens:Tokens;
8
- sessionState:string;
9
- error:string;
7
+ tokens: Tokens;
8
+ sessionState: string;
9
+ error: string;
10
10
  };
11
11
 
12
12
  // eslint-disable-next-line @typescript-eslint/ban-types
13
- export const _silentLoginAsync = (configurationName:string, configuration:OidcConfiguration, publishEvent:Function) => (extras:StringMap = null, state:string = null, scope:string = null):Promise<SilentLoginResponse> => {
13
+ export const _silentLoginAsync =
14
+ (configurationName: string, configuration: OidcConfiguration, publishEvent: Function) =>
15
+ (
16
+ extras: StringMap = null,
17
+ state: string = null,
18
+ scope: string = null,
19
+ ): Promise<SilentLoginResponse> => {
14
20
  if (!configuration.silent_redirect_uri || !configuration.silent_login_uri) {
15
- return Promise.resolve(null);
21
+ return Promise.resolve(null);
16
22
  }
17
23
 
18
24
  try {
19
- publishEvent(eventNames.silentLoginAsync_begin, {});
20
- let queries = '';
25
+ publishEvent(eventNames.silentLoginAsync_begin, {});
26
+ let queries = '';
21
27
 
22
- if (state) {
23
- if (extras == null) {
24
- extras = {};
25
- }
26
- extras.state = state;
28
+ if (state) {
29
+ if (extras == null) {
30
+ extras = {};
27
31
  }
32
+ extras.state = state;
33
+ }
28
34
 
29
- if (scope) {
30
- if (extras == null) {
31
- extras = {};
32
- }
33
- extras.scope = scope;
35
+ if (scope) {
36
+ if (extras == null) {
37
+ extras = {};
34
38
  }
35
-
36
- if (extras != null) {
37
- for (const [key, value] of Object.entries(extras)) {
38
- if (queries === '') {
39
- queries = `?${encodeURIComponent(key)}=${encodeURIComponent(value)}`;
40
- } else {
41
- queries += `&${encodeURIComponent(key)}=${encodeURIComponent(value)}`;
42
- }
43
- }
39
+ extras.scope = scope;
40
+ }
41
+
42
+ if (extras != null) {
43
+ for (const [key, value] of Object.entries(extras)) {
44
+ if (queries === '') {
45
+ queries = `?${encodeURIComponent(key)}=${encodeURIComponent(value)}`;
46
+ } else {
47
+ queries += `&${encodeURIComponent(key)}=${encodeURIComponent(value)}`;
48
+ }
44
49
  }
45
- const link = configuration.silent_login_uri + queries;
46
- const idx = link.indexOf('/', link.indexOf('//') + 2);
47
- const iFrameOrigin = link.substring(0, idx);
48
- const iframe = document.createElement('iframe');
49
- iframe.width = '0px';
50
- iframe.height = '0px';
51
-
52
- iframe.id = `${configurationName}_oidc_iframe`;
53
- iframe.setAttribute('src', link);
54
- document.body.appendChild(iframe);
55
- return new Promise((resolve, reject) => {
56
- let isResolved = false;
57
-
58
- const clear = () => {
59
- window.removeEventListener('message', listener);
60
- iframe.remove();
61
- isResolved = true;
62
- };
63
-
64
- const listener = (e: MessageEvent<any>) => {
65
- if (e.origin === iFrameOrigin &&
66
- e.source === iframe.contentWindow
67
- ) {
68
- const key = `${configurationName}_oidc_tokens:`;
69
- const key_error = `${configurationName}_oidc_error:`;
70
- const key_exception = `${configurationName}_oidc_exception:`;
71
- const data = e.data;
72
-
73
- if (data && typeof (data) === 'string') {
74
- if (!isResolved) {
75
- if (data.startsWith(key)) {
76
- const result = JSON.parse(e.data.replace(key, ''));
77
- publishEvent(eventNames.silentLoginAsync_end, {});
78
- resolve(result);
79
- clear();
80
- } else if (data.startsWith(key_error)) {
81
- const result = JSON.parse(e.data.replace(key_error, ''));
82
- publishEvent(eventNames.silentLoginAsync_error, result);
83
- resolve({error: 'oidc_' + result.error, tokens: null, sessionState: null});
84
- clear();
85
- } else if (data.startsWith(key_exception)) {
86
- const result = JSON.parse(e.data.replace(key_exception, ''));
87
- publishEvent(eventNames.silentLoginAsync_error, result);
88
- reject(new Error(result.error));
89
- clear();
90
- }
91
-
92
- }
93
- }
50
+ }
51
+ const link = configuration.silent_login_uri + queries;
52
+ const idx = link.indexOf('/', link.indexOf('//') + 2);
53
+ const iFrameOrigin = link.substring(0, idx);
54
+ const iframe = document.createElement('iframe');
55
+ iframe.width = '0px';
56
+ iframe.height = '0px';
57
+
58
+ iframe.id = `${configurationName}_oidc_iframe`;
59
+ iframe.setAttribute('src', link);
60
+ document.body.appendChild(iframe);
61
+ return new Promise((resolve, reject) => {
62
+ let isResolved = false;
63
+
64
+ const clear = () => {
65
+ window.removeEventListener('message', listener);
66
+ iframe.remove();
67
+ isResolved = true;
68
+ };
69
+
70
+ const listener = (e: MessageEvent) => {
71
+ if (e.origin === iFrameOrigin && e.source === iframe.contentWindow) {
72
+ const key = `${configurationName}_oidc_tokens:`;
73
+ const key_error = `${configurationName}_oidc_error:`;
74
+ const key_exception = `${configurationName}_oidc_exception:`;
75
+ const data = e.data;
76
+
77
+ if (data && typeof data === 'string') {
78
+ if (!isResolved) {
79
+ if (data.startsWith(key)) {
80
+ const result = JSON.parse(e.data.replace(key, ''));
81
+ publishEvent(eventNames.silentLoginAsync_end, {});
82
+ resolve(result);
83
+ clear();
84
+ } else if (data.startsWith(key_error)) {
85
+ const result = JSON.parse(e.data.replace(key_error, ''));
86
+ publishEvent(eventNames.silentLoginAsync_error, result);
87
+ resolve({ error: 'oidc_' + result.error, tokens: null, sessionState: null });
88
+ clear();
89
+ } else if (data.startsWith(key_exception)) {
90
+ const result = JSON.parse(e.data.replace(key_exception, ''));
91
+ publishEvent(eventNames.silentLoginAsync_error, result);
92
+ reject(new Error(result.error));
93
+ clear();
94
94
  }
95
- };
96
-
97
- try {
98
- window.addEventListener('message', listener);
99
-
100
- const silentSigninTimeout = configuration.silent_login_timeout;
101
- setTimeout(() => {
102
- if (!isResolved) {
103
- clear();
104
- publishEvent(eventNames.silentLoginAsync_error, { reason: 'timeout' });
105
- reject(new Error('timeout'));
106
- }
107
- }, silentSigninTimeout);
108
- } catch (e) {
109
- clear();
110
- publishEvent(eventNames.silentLoginAsync_error, e);
111
- reject(e);
95
+ }
112
96
  }
113
- });
97
+ }
98
+ };
99
+
100
+ try {
101
+ window.addEventListener('message', listener);
102
+
103
+ const silentSigninTimeout = configuration.silent_login_timeout;
104
+ setTimeout(() => {
105
+ if (!isResolved) {
106
+ clear();
107
+ publishEvent(eventNames.silentLoginAsync_error, { reason: 'timeout' });
108
+ reject(new Error('timeout'));
109
+ }
110
+ }, silentSigninTimeout);
111
+ } catch (e) {
112
+ clear();
113
+ publishEvent(eventNames.silentLoginAsync_error, e);
114
+ reject(e);
115
+ }
116
+ });
114
117
  } catch (e) {
115
- publishEvent(eventNames.silentLoginAsync_error, e);
116
- throw e;
118
+ publishEvent(eventNames.silentLoginAsync_error, e);
119
+ throw e;
117
120
  }
118
- };
119
-
120
- // eslint-disable-next-line @typescript-eslint/ban-types
121
- export const defaultSilentLoginAsync = (window, configurationName, configuration:OidcConfiguration, publishEvent :(string, any)=>void, oidc:any) => (extras:StringMap = null, scope:string = undefined) => {
121
+ };
122
+
123
+ export const defaultSilentLoginAsync =
124
+ (
125
+ window,
126
+ configurationName,
127
+ configuration: OidcConfiguration,
128
+ publishEvent: (string, any) => void,
129
+ oidc: any,
130
+ ) =>
131
+ (extras: StringMap = null, scope: string = undefined) => {
122
132
  extras = { ...extras };
123
133
 
124
134
  const silentLoginAsync = (extras, state, scope) => {
125
- return _silentLoginAsync(configurationName, configuration, publishEvent.bind(oidc))(extras, state, scope);
135
+ return _silentLoginAsync(configurationName, configuration, publishEvent.bind(oidc))(
136
+ extras,
137
+ state,
138
+ scope,
139
+ );
126
140
  };
127
141
 
128
142
  const loginLocalAsync = async () => {
129
- if (oidc.timeoutId) {
130
- timer.clearTimeout(oidc.timeoutId);
131
- }
132
-
133
- let state;
134
- if (extras && 'state' in extras) {
135
- state = extras.state;
136
- delete extras.state;
137
- }
138
-
139
- try {
140
- const extraFinal = !configuration.extras ? extras : { ...configuration.extras, ...extras };
141
- const silentResult = await silentLoginAsync({
142
- ...extraFinal,
143
- prompt: 'none',
144
- }, state, scope);
145
-
146
- if (silentResult) {
147
- oidc.tokens = silentResult.tokens;
148
- publishEvent(eventNames.token_aquired, {});
149
- // @ts-ignore
150
- oidc.timeoutId = autoRenewTokens(oidc, oidc.tokens.expiresAt, extras);
151
- return {};
152
- }
153
- } catch (e) {
154
- return e;
143
+ if (oidc.timeoutId) {
144
+ timer.clearTimeout(oidc.timeoutId);
145
+ }
146
+
147
+ let state;
148
+ if (extras && 'state' in extras) {
149
+ state = extras.state;
150
+ delete extras.state;
151
+ }
152
+
153
+ try {
154
+ const extraFinal = !configuration.extras ? extras : { ...configuration.extras, ...extras };
155
+ const silentResult = await silentLoginAsync(
156
+ {
157
+ ...extraFinal,
158
+ prompt: 'none',
159
+ },
160
+ state,
161
+ scope,
162
+ );
163
+
164
+ if (silentResult) {
165
+ oidc.tokens = silentResult.tokens;
166
+ publishEvent(eventNames.token_aquired, {});
167
+ // @ts-ignore
168
+ oidc.timeoutId = autoRenewTokens(oidc, oidc.tokens.expiresAt, extras);
169
+ return {};
155
170
  }
171
+ } catch (e) {
172
+ return e;
173
+ }
156
174
  };
157
175
  return loginLocalAsync();
158
- };
176
+ };
159
177
 
160
178
  export default defaultSilentLoginAsync;
package/src/timer.ts CHANGED
@@ -1,14 +1,13 @@
1
1
  const timer = (function () {
2
- // In NextJS with SSR (Server Side Rendering) during rending in Node JS, the window object is undefined,
3
- // the global object is used instead as it is the closest approximation of a browsers window object.
4
- const bindContext = (typeof window === 'undefined') ? global : window;
5
- return {
6
- setTimeout: setTimeout.bind(bindContext),
7
- clearTimeout: clearTimeout.bind(bindContext),
8
- setInterval: setInterval.bind(bindContext),
9
- clearInterval: clearInterval.bind(bindContext),
10
- };
11
-
12
- }());
2
+ // In NextJS with SSR (Server Side Rendering) during rending in Node JS, the window object is undefined,
3
+ // the global object is used instead as it is the closest approximation of a browsers window object.
4
+ const bindContext = typeof window === 'undefined' ? global : window;
5
+ return {
6
+ setTimeout: setTimeout.bind(bindContext),
7
+ clearTimeout: clearTimeout.bind(bindContext),
8
+ setInterval: setInterval.bind(bindContext),
9
+ clearInterval: clearInterval.bind(bindContext),
10
+ };
11
+ })();
13
12
 
14
13
  export default timer;
package/src/types.ts CHANGED
@@ -2,65 +2,75 @@ export type Fetch = typeof window.fetch;
2
2
 
3
3
  export type LogoutToken = 'access_token' | 'refresh_token';
4
4
 
5
- export type ServiceWorkerUpdateRequireCallback = (registration:any, stopKeepAlive:Function) => Promise<void>;
6
- export type ServiceWorkerRegister = (serviceWorkerRelativeUrl:string) => Promise<ServiceWorkerRegistration>;
5
+ export type ServiceWorkerUpdateRequireCallback = (
6
+ registration: any,
7
+ stopKeepAlive: () => void,
8
+ ) => Promise<void>;
9
+ export type ServiceWorkerRegister = (
10
+ serviceWorkerRelativeUrl: string,
11
+ ) => Promise<ServiceWorkerRegistration>;
7
12
  export type ServiceWorkerActivate = () => boolean;
8
13
 
9
14
  export enum TokenAutomaticRenewMode {
10
- AutomaticBeforeTokenExpiration = 'AutomaticBeforeTokensExpiration',
11
- AutomaticOnlyWhenFetchExecuted = 'AutomaticOnlyWhenFetchExecuted'
15
+ AutomaticBeforeTokenExpiration = 'AutomaticBeforeTokensExpiration',
16
+ AutomaticOnlyWhenFetchExecuted = 'AutomaticOnlyWhenFetchExecuted',
12
17
  }
13
18
 
14
19
  export type OidcConfiguration = {
15
- client_id: string;
16
- redirect_uri: string;
17
- silent_redirect_uri?:string;
18
- silent_login_uri?:string;
19
- silent_login_timeout?:number;
20
- scope: string;
21
- authority: string;
22
- authority_time_cache_wellknowurl_in_second?: number;
23
- authority_timeout_wellknowurl_in_millisecond?: number;
24
- authority_configuration?: AuthorityConfiguration;
25
- refresh_time_before_tokens_expiration_in_second?: number;
26
- token_automatic_renew_mode?: TokenAutomaticRenewMode;
27
- token_request_timeout?: number;
28
- service_worker_relative_url?:string;
29
- service_worker_register?:ServiceWorkerRegister;
30
- service_worker_keep_alive_path?:string;
31
- service_worker_activate?:ServiceWorkerActivate;
32
- service_worker_only?:boolean;
33
- service_worker_convert_all_requests_to_cors?:boolean;
34
- service_worker_update_require_callback?:ServiceWorkerUpdateRequireCallback;
35
- extras?:StringMap;
36
- token_request_extras?:StringMap;
37
- storage?: Storage;
38
- monitor_session?: boolean;
39
- token_renew_mode?: string;
40
- logout_tokens_to_invalidate?:Array<LogoutToken>;
41
- demonstrating_proof_of_possession?:boolean;
42
- demonstrating_proof_of_possession_configuration?: DemonstratingProofOfPossessionConfiguration;
43
- preload_user_info?:boolean;
20
+ client_id: string;
21
+ redirect_uri: string;
22
+ silent_redirect_uri?: string;
23
+ silent_login_uri?: string;
24
+ silent_login_timeout?: number;
25
+ scope: string;
26
+ authority: string;
27
+ authority_time_cache_wellknowurl_in_second?: number;
28
+ authority_timeout_wellknowurl_in_millisecond?: number;
29
+ authority_configuration?: AuthorityConfiguration;
30
+ refresh_time_before_tokens_expiration_in_second?: number;
31
+ token_automatic_renew_mode?: TokenAutomaticRenewMode;
32
+ token_request_timeout?: number;
33
+ service_worker_relative_url?: string;
34
+ service_worker_register?: ServiceWorkerRegister;
35
+ service_worker_keep_alive_path?: string;
36
+ service_worker_activate?: ServiceWorkerActivate;
37
+ service_worker_only?: boolean;
38
+ service_worker_convert_all_requests_to_cors?: boolean;
39
+ service_worker_update_require_callback?: ServiceWorkerUpdateRequireCallback;
40
+ extras?: StringMap;
41
+ token_request_extras?: StringMap;
42
+ storage?: Storage;
43
+ monitor_session?: boolean;
44
+ token_renew_mode?: string;
45
+ logout_tokens_to_invalidate?: Array<LogoutToken>;
46
+ demonstrating_proof_of_possession?: boolean;
47
+ demonstrating_proof_of_possession_configuration?: DemonstratingProofOfPossessionConfiguration;
48
+ preload_user_info?: boolean;
44
49
  };
45
50
 
46
51
  export interface DemonstratingProofOfPossessionConfiguration {
47
- generateKeyAlgorithm: RsaHashedKeyGenParams | EcKeyGenParams,
48
- digestAlgorithm: AlgorithmIdentifier,
49
- importKeyAlgorithm: AlgorithmIdentifier | RsaHashedImportParams | EcKeyImportParams | HmacImportParams | AesKeyAlgorithm,
50
- signAlgorithm: AlgorithmIdentifier | RsaPssParams | EcdsaParams,
51
- jwtHeaderAlgorithm: string
52
+ generateKeyAlgorithm: RsaHashedKeyGenParams | EcKeyGenParams;
53
+ digestAlgorithm: AlgorithmIdentifier;
54
+ importKeyAlgorithm:
55
+ | AlgorithmIdentifier
56
+ | RsaHashedImportParams
57
+ | EcKeyImportParams
58
+ | HmacImportParams
59
+ | AesKeyAlgorithm;
60
+ signAlgorithm: AlgorithmIdentifier | RsaPssParams | EcdsaParams;
61
+ jwtHeaderAlgorithm: string;
52
62
  }
53
63
 
54
64
  export interface StringMap {
55
- [key: string]: string;
65
+ [key: string]: string;
56
66
  }
57
67
 
58
68
  export interface AuthorityConfiguration {
59
- authorization_endpoint: string;
60
- token_endpoint: string;
61
- revocation_endpoint: string;
62
- end_session_endpoint?: string;
63
- userinfo_endpoint?: string;
64
- check_session_iframe?:string;
65
- issuer:string;
69
+ authorization_endpoint: string;
70
+ token_endpoint: string;
71
+ revocation_endpoint: string;
72
+ end_session_endpoint?: string;
73
+ userinfo_endpoint?: string;
74
+ check_session_iframe?: string;
75
+ issuer: string;
66
76
  }
package/src/user.ts CHANGED
@@ -1,22 +1,27 @@
1
- import Oidc from "./oidc";
2
- import {fetchWithTokens} from "./fetch";
1
+ import { fetchWithTokens } from './fetch';
2
+ import Oidc from './oidc';
3
3
 
4
- export const userInfoAsync = (oidc:Oidc) => async (noCache = false, demonstrating_proof_of_possession=false) => {
4
+ export const userInfoAsync =
5
+ (oidc: Oidc) =>
6
+ async (noCache = false, demonstrating_proof_of_possession = false) => {
5
7
  if (oidc.userInfo != null && !noCache) {
6
- return oidc.userInfo;
8
+ return oidc.userInfo;
7
9
  }
8
10
  const configuration = oidc.configuration;
9
- const oidcServerConfiguration = await oidc.initAsync(configuration.authority, configuration.authority_configuration);
11
+ const oidcServerConfiguration = await oidc.initAsync(
12
+ configuration.authority,
13
+ configuration.authority_configuration,
14
+ );
10
15
  const url = oidcServerConfiguration.userInfoEndpoint;
11
16
  const fetchUserInfo = async () => {
12
- const oidcFetch = fetchWithTokens(fetch, oidc, demonstrating_proof_of_possession);
13
- const response = await oidcFetch(url);
14
- if (response.status !== 200) {
15
- return null;
16
- }
17
- return response.json();
17
+ const oidcFetch = fetchWithTokens(fetch, oidc, demonstrating_proof_of_possession);
18
+ const response = await oidcFetch(url);
19
+ if (response.status !== 200) {
20
+ return null;
21
+ }
22
+ return response.json();
18
23
  };
19
24
  const userInfo = await fetchUserInfo();
20
25
  oidc.userInfo = userInfo;
21
26
  return userInfo;
22
- };
27
+ };
package/src/version.ts CHANGED
@@ -1 +1 @@
1
- export default '7.22.18';
1
+ export default '7.22.19';