@axa-fr/oidc-client 7.26.7 → 7.27.0

package/src/initSession.ts

@@ -1,7 +1,19 @@
-export const initSession = (configurationName, storage = sessionStorage) => {
+export const initSession = (
+  configurationName,
+  storage = sessionStorage,
+  loginStateStorage?: Storage,
+) => {
+  const loginStorage = loginStateStorage ?? storage;
+
   const clearAsync = status => {
     storage[`oidc.${configurationName}`] = JSON.stringify({ tokens: null, status });
     delete storage[`oidc.${configurationName}.userInfo`];
+    if (loginStateStorage && loginStateStorage !== storage) {
+      delete loginStorage[`oidc.login.${configurationName}`];
+      delete loginStorage[`oidc.state.${configurationName}`];
+      delete loginStorage[`oidc.code_verifier.${configurationName}`];
+      delete loginStorage[`oidc.nonce.${configurationName}`];
+    }
     return Promise.resolve();
   };
 
@@ -27,7 +39,7 @@ export const initSession = (configurationName, storage = sessionStorage) => {
   };
 
   const setNonceAsync = nonce => {
-    storage[`oidc.nonce.${configurationName}`] = nonce.nonce;
+    loginStorage[`oidc.nonce.${configurationName}`] = nonce.nonce;
   };
 
   const setDemonstratingProofOfPossessionJwkAsync = (jwk: JsonWebKey) => {
@@ -40,7 +52,7 @@ export const initSession = (configurationName, storage = sessionStorage) => {
 
   const getNonceAsync = async () => {
     // @ts-ignore
-    return { nonce: storage[`oidc.nonce.${configurationName}`] };
+    return { nonce: loginStorage[`oidc.nonce.${configurationName}`] };
   };
 
   const setDemonstratingProofOfPossessionNonce = async (dpopNonce: string) => {
@@ -61,10 +73,10 @@ export const initSession = (configurationName, storage = sessionStorage) => {
   const getLoginParamsCache = {};
   const setLoginParams = data => {
     getLoginParamsCache[configurationName] = data;
-    storage[`oidc.login.${configurationName}`] = JSON.stringify(data);
+    loginStorage[`oidc.login.${configurationName}`] = JSON.stringify(data);
   };
   const getLoginParams = () => {
-    const dataString = storage[`oidc.login.${configurationName}`];
+    const dataString = loginStorage[`oidc.login.${configurationName}`];
 
     if (!dataString) {
       console.warn(
@@ -80,19 +92,19 @@ export const initSession = (configurationName, storage = sessionStorage) => {
   };
 
   const getStateAsync = async () => {
-    return storage[`oidc.state.${configurationName}`];
+    return loginStorage[`oidc.state.${configurationName}`];
   };
 
   const setStateAsync = async (state: string) => {
-    storage[`oidc.state.${configurationName}`] = state;
+    loginStorage[`oidc.state.${configurationName}`] = state;
   };
 
   const getCodeVerifierAsync = async () => {
-    return storage[`oidc.code_verifier.${configurationName}`];
+    return loginStorage[`oidc.code_verifier.${configurationName}`];
   };
 
   const setCodeVerifierAsync = async codeVerifier => {
-    storage[`oidc.code_verifier.${configurationName}`] = codeVerifier;
+    loginStorage[`oidc.code_verifier.${configurationName}`] = codeVerifier;
   };
 
   return {

package/src/initWorker.ts

@@ -181,38 +181,56 @@ export const initWorkerAsync = async (
     });
   }
 
-  // (Optional but useful on Safari) ask for update early
-  try {
-    await registration.update();
-  } catch (ex) {
-    console.error(ex);
-  }
+  const versionMismatchKey = `oidc.sw.version_mismatch_reload.${configurationName}`;
 
-  // 1) Détection updatefound
-  registration.addEventListener('updatefound', () => {
-    const newSW = registration.installing;
+  const sendSkipWaiting = async () => {
     stopKeepAlive();
+    console.log('New SW waiting – SKIP_WAITING');
+    try {
+      await sendMessageAsync(registration, { timeoutMs: 8000 })({
+        type: 'SKIP_WAITING',
+        configurationName,
+        data: null,
+      });
+    } catch (e) {
+      console.warn('SKIP_WAITING failed', e);
+    }
+  };
 
-    newSW?.addEventListener('statechange', async () => {
+  const trackInstallingWorker = (newSW: ServiceWorker) => {
+    stopKeepAlive();
+    newSW.addEventListener('statechange', async () => {
       if (newSW.state === 'installed' && navigator.serviceWorker.controller) {
-        stopKeepAlive();
-        console.log('New SW waiting – SKIP_WAITING');
-
-        try {
-          // Use MessageChannel to avoid “fire and forget” hangs
-          await sendMessageAsync(registration, { timeoutMs: 8000 })({
-            type: 'SKIP_WAITING',
-            configurationName,
-            data: null,
-          });
-        } catch (e) {
-          console.warn('SKIP_WAITING failed', e);
-        }
+        await sendSkipWaiting();
       }
     });
+  };
+
+  // 1) Détection updatefound – registered BEFORE update() to avoid missing the event
+  registration.addEventListener('updatefound', () => {
+    const newSW = registration.installing;
+    if (newSW) {
+      trackInstallingWorker(newSW);
+    }
   });
 
-  // 2) Quand le SW actif change, on reload (once)
+  // Handle a SW that is already installing or waiting (e.g. when the listener above was
+  // registered after the updatefound event already fired in a previous call)
+  if (registration.installing) {
+    trackInstallingWorker(registration.installing);
+  } else if (registration.waiting && navigator.serviceWorker.controller) {
+    // A new SW is already waiting – activate it straight away
+    sendSkipWaiting();
+  }
+
+  // (Optional but useful on Safari) ask for update early
+  try {
+    await registration.update();
+  } catch (ex) {
+    console.error(ex);
+  }
+
+  // 2) Quand le SW actif change, on reload (once per session)
   const reloadKey = `oidc.sw.controllerchange.reloaded.${configurationName}`;
   navigator.serviceWorker.addEventListener('controllerchange', () => {
     try {
@@ -275,6 +293,35 @@ export const initWorkerAsync = async (
       console.warn(
         `Service worker ${serviceWorkerVersion} version mismatch with js client version ${codeVersion}, unregistering and reloading`,
       );
+
+      const reloadCount = parseInt(sessionStorage.getItem(versionMismatchKey) ?? '0', 10);
+      if (reloadCount < 3) {
+        sessionStorage.setItem(versionMismatchKey, String(reloadCount + 1));
+        // If a new SW is already waiting, skip it into activation so controllerchange triggers reload
+        if (registration.waiting) {
+          await sendSkipWaiting();
+        } else {
+          // No waiting SW – force a fresh update and reload
+          stopKeepAlive();
+          try {
+            await registration.update();
+          } catch (ex) {
+            console.error(ex);
+          }
+          const isSuccess = await registration.unregister();
+          console.log(`Service worker unregistering ${isSuccess}`);
+          await sleepAsync({ milliseconds: 2000 });
+          window.location.reload();
+        }
+      } else {
+        console.error(
+          `Service worker version mismatch persists after ${reloadCount} attempt(s). Continuing with mismatched version.`,
+        );
+        sessionStorage.removeItem(versionMismatchKey);
+      }
+    } else {
+      // Version matches – clear any leftover mismatch counter
+      sessionStorage.removeItem(versionMismatchKey);
     }
 
     // @ts-ignore

package/src/keepSession.ts

@@ -1,4 +1,4 @@
-import { eventNames } from './events';
+import { eventNames } from './events';
 import { initSession } from './initSession';
 import { initWorkerAsync } from './initWorker';
 import Oidc from './oidc';
@@ -62,7 +62,11 @@ export const tryKeepSessionAsync = async (oidc: Oidc) => {
           message: 'service worker is not supported by this browser',
         });
       }
-      const session = initSession(oidc.configurationName, configuration.storage ?? sessionStorage);
+      const session = initSession(
+        oidc.configurationName,
+        configuration.storage ?? sessionStorage,
+        configuration.login_state_storage ?? configuration.storage ?? sessionStorage,
+      );
       const { tokens } = await session.initAsync();
       if (tokens) {
         // @ts-ignore

package/src/login.ts

@@ -69,7 +69,11 @@ export const defaultLoginAsync =
           serviceWorker.startKeepAliveServiceWorker();
           storage = serviceWorker;
         } else {
-          const session = initSession(configurationName, configuration.storage ?? sessionStorage);
+          const session = initSession(
+            configurationName,
+            configuration.storage ?? sessionStorage,
+            configuration.login_state_storage ?? configuration.storage ?? sessionStorage,
+          );
           session.setLoginParams({ callbackPath: url, extras: originExtras, scope: scope });
           await session.setNonceAsync(nonce);
           storage = session;
@@ -131,6 +135,7 @@ export const loginCallbackAsync =
         const session = initSession(
           oidc.configurationName,
           configuration.storage ?? sessionStorage,
+          configuration.login_state_storage ?? configuration.storage ?? sessionStorage,
         );
         await session.setSessionStateAsync(sessionState);
         nonceData = await session.getNonceAsync();
@@ -186,7 +191,11 @@ export const loginCallbackAsync =
           const jwk = await generateJwkAsync(window)(
             configuration.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm,
           );
-          const session = initSession(oidc.configurationName, configuration.storage);
+          const session = initSession(
+            oidc.configurationName,
+            configuration.storage,
+            configuration.login_state_storage ?? configuration.storage,
+          );
           await session.setDemonstratingProofOfPossessionJwkAsync(jwk);
           headersExtras['DPoP'] = await generateJwtDemonstratingProofOfPossessionAsync(window)(
             configuration.demonstrating_proof_of_possession_configuration,
@@ -251,7 +260,11 @@ export const loginCallbackAsync =
           );
         }
       } else {
-        const session = initSession(oidc.configurationName, configuration.storage);
+        const session = initSession(
+          oidc.configurationName,
+          configuration.storage,
+          configuration.login_state_storage ?? configuration.storage,
+        );
         loginParams = session.getLoginParams();
         if (demonstratingProofOfPossessionNonce) {
           await session.setDemonstratingProofOfPossessionNonce(demonstratingProofOfPossessionNonce);

package/src/logout.ts

@@ -46,7 +46,11 @@ export const destroyAsync = oidc => async status => {
   }
   const serviceWorker = await initWorkerAsync(oidc.configuration, oidc.configurationName);
   if (!serviceWorker) {
-    const session = initSession(oidc.configurationName, oidc.configuration.storage);
+    const session = initSession(
+      oidc.configurationName,
+      oidc.configuration.storage,
+      oidc.configuration.login_state_storage ?? oidc.configuration.storage,
+    );
     await session.clearAsync(status);
   } else {
     await serviceWorker.clearAsync(status);

package/src/oidc.ts

@@ -348,7 +348,11 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
       this.tokens = parsedTokens;
       const serviceWorker = await initWorkerAsync(this.configuration, this.configurationName);
       if (!serviceWorker) {
-        const session = initSession(this.configurationName, this.configuration.storage);
+        const session = initSession(
+          this.configurationName,
+          this.configuration.storage,
+          this.configuration.login_state_storage ?? this.configuration.storage,
+        );
         session.setTokens(parsedTokens);
       }
       this.publishEvent(Oidc.eventNames.token_acquired, parsedTokens);
@@ -388,7 +392,11 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
       return `DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${this.configurationName}#tabId=${getTabId(this.configurationName)}`;
     }
 
-    const session = initSession(this.configurationName, configuration.storage);
+    const session = initSession(
+      this.configurationName,
+      configuration.storage,
+      configuration.login_state_storage ?? configuration.storage,
+    );
     const jwk = await session.getDemonstratingProofOfPossessionJwkAsync();
     const demonstratingProofOfPossessionNonce = session.getDemonstratingProofOfPossessionNonce();
 

package/src/renewTokens.ts

@@ -28,7 +28,11 @@ async function syncTokens(
 
   const serviceWorker = await initWorkerAsync(oidc.configuration, oidc.configurationName);
   if (!serviceWorker) {
-    const session = initSession(oidc.configurationName, oidc.configuration.storage);
+    const session = initSession(
+      oidc.configurationName,
+      oidc.configuration.storage,
+      oidc.configuration.login_state_storage ?? oidc.configuration.storage,
+    );
     session.setTokens(oidc.tokens);
   }
 
@@ -169,7 +173,11 @@ export const syncTokensInfoAsync =
       }
       nonce = await serviceWorker.getNonceAsync();
     } else {
-      const session = initSession(configurationName, configuration.storage ?? sessionStorage);
+      const session = initSession(
+        configurationName,
+        configuration.storage ?? sessionStorage,
+        configuration.login_state_storage ?? configuration.storage ?? sessionStorage,
+      );
       const initAsyncResponse = await session.initAsync();
       let { tokens } = initAsyncResponse;
       const { status } = initAsyncResponse;
@@ -263,7 +271,11 @@ const synchroniseTokensAsync =
         if (serviceWorker) {
           loginParams = serviceWorker.getLoginParams();
         } else {
-          const session = initSession(oidc.configurationName, configuration.storage);
+          const session = initSession(
+            oidc.configurationName,
+            configuration.storage,
+            configuration.login_state_storage ?? configuration.storage,
+          );
           loginParams = session.getLoginParams();
         }
         const silentLoginInput = {};
@@ -454,7 +466,11 @@ const synchroniseTokensAsync =
                     tokenResponse.demonstratingProofOfPossessionNonce,
                   );
                 } else {
-                  const session = initSession(oidc.configurationName, configuration.storage);
+                  const session = initSession(
+                    oidc.configurationName,
+                    configuration.storage,
+                    configuration.login_state_storage ?? configuration.storage,
+                  );
                   await session.setDemonstratingProofOfPossessionNonce(
                     tokenResponse.demonstratingProofOfPossessionNonce,
                   );

package/src/types.ts

@@ -39,6 +39,7 @@ export type OidcConfiguration = {
   extras?: StringMap;
   token_request_extras?: StringMap;
   storage?: Storage;
+  login_state_storage?: Storage;
   monitor_session?: boolean;
   token_renew_mode?: string;
   logout_tokens_to_invalidate?: Array<LogoutToken>;

package/src/version.ts

@@ -1 +1 @@
-export default '7.26.7';
+export default '7.27.0';