@axa-fr/react-oidc 5.13.11 → 6.0.0-alpha0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -0
- package/dist/OidcProvider.d.ts +1 -0
- package/dist/OidcProvider.d.ts.map +1 -1
- package/dist/OidcProvider.js +13 -5
- package/dist/OidcProvider.js.map +1 -1
- package/dist/OidcServiceWorker.js +13 -0
- package/dist/ReactOidc.d.ts.map +1 -1
- package/dist/ReactOidc.js +29 -7
- package/dist/ReactOidc.js.map +1 -1
- package/dist/core/default-component/ServiceWorkerInstall.component.d.ts.map +1 -1
- package/dist/core/default-component/ServiceWorkerInstall.component.js +21 -9
- package/dist/core/default-component/ServiceWorkerInstall.component.js.map +1 -1
- package/dist/core/default-component/SilentCallback.component.d.ts.map +1 -1
- package/dist/core/default-component/SilentCallback.component.js +23 -15
- package/dist/core/default-component/SilentCallback.component.js.map +1 -1
- package/dist/core/default-component/SilentSignin.component.d.ts +4 -0
- package/dist/core/default-component/SilentSignin.component.d.ts.map +1 -0
- package/dist/core/default-component/SilentSignin.component.js +58 -0
- package/dist/core/default-component/SilentSignin.component.js.map +1 -0
- package/dist/core/routes/OidcRoutes.d.ts +1 -0
- package/dist/core/routes/OidcRoutes.d.ts.map +1 -1
- package/dist/core/routes/OidcRoutes.js +8 -2
- package/dist/core/routes/OidcRoutes.js.map +1 -1
- package/dist/vanilla/checkSessionIFrame.d.ts +17 -0
- package/dist/vanilla/checkSessionIFrame.d.ts.map +1 -0
- package/dist/vanilla/checkSessionIFrame.js +78 -0
- package/dist/vanilla/checkSessionIFrame.js.map +1 -0
- package/dist/vanilla/initSession.d.ts +3 -1
- package/dist/vanilla/initSession.d.ts.map +1 -1
- package/dist/vanilla/initSession.js +21 -11
- package/dist/vanilla/initSession.js.map +1 -1
- package/dist/vanilla/initWorker.d.ts +4 -0
- package/dist/vanilla/initWorker.d.ts.map +1 -1
- package/dist/vanilla/initWorker.js +31 -3
- package/dist/vanilla/initWorker.js.map +1 -1
- package/dist/vanilla/oidc.d.ts +25 -6
- package/dist/vanilla/oidc.d.ts.map +1 -1
- package/dist/vanilla/oidc.js +526 -246
- package/dist/vanilla/oidc.js.map +1 -1
- package/dist/vanilla/route-utils.d.ts +13 -0
- package/dist/vanilla/route-utils.d.ts.map +1 -0
- package/dist/vanilla/route-utils.js +65 -0
- package/dist/vanilla/route-utils.js.map +1 -0
- package/package.json +1 -1
- package/src/App.tsx +1 -1
- package/src/configurations.ts +8 -3
- package/src/oidc/OidcProvider.tsx +11 -0
- package/src/oidc/ReactOidc.tsx +32 -8
- package/src/oidc/core/default-component/ServiceWorkerInstall.component.tsx +15 -3
- package/src/oidc/core/default-component/SilentCallback.component.tsx +10 -15
- package/src/oidc/core/default-component/SilentSignin.component.tsx +35 -0
- package/src/oidc/core/routes/OidcRoutes.tsx +10 -1
- package/src/oidc/vanilla/OidcServiceWorker.js +13 -0
- package/src/oidc/vanilla/checkSessionIFrame.ts +82 -0
- package/src/oidc/vanilla/initSession.ts +23 -11
- package/src/oidc/vanilla/initWorker.ts +19 -2
- package/src/oidc/vanilla/oidc.ts +411 -148
- package/src/oidc/{core/routes → vanilla}/route-utils.spec.ts +0 -0
- package/src/oidc/vanilla/route-utils.ts +76 -0
- package/dist/core/routes/route-utils.d.ts +0 -2
- package/dist/core/routes/route-utils.d.ts.map +0 -1
- package/dist/core/routes/route-utils.js +0 -32
- package/dist/core/routes/route-utils.js.map +0 -1
- package/src/oidc/core/routes/route-utils.ts +0 -34
package/dist/vanilla/oidc.js
CHANGED
|
@@ -1,4 +1,19 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __extends = (this && this.__extends) || (function () {
|
|
3
|
+
var extendStatics = function (d, b) {
|
|
4
|
+
extendStatics = Object.setPrototypeOf ||
|
|
5
|
+
({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
|
|
6
|
+
function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };
|
|
7
|
+
return extendStatics(d, b);
|
|
8
|
+
};
|
|
9
|
+
return function (d, b) {
|
|
10
|
+
if (typeof b !== "function" && b !== null)
|
|
11
|
+
throw new TypeError("Class extends value " + String(b) + " is not a constructor or null");
|
|
12
|
+
extendStatics(d, b);
|
|
13
|
+
function __() { this.constructor = d; }
|
|
14
|
+
d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
|
|
15
|
+
};
|
|
16
|
+
})();
|
|
2
17
|
var __assign = (this && this.__assign) || function () {
|
|
3
18
|
__assign = Object.assign || function(t) {
|
|
4
19
|
for (var s, i = 1, n = arguments.length; i < n; i++) {
|
|
@@ -50,13 +65,29 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
50
65
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
51
66
|
};
|
|
52
67
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
|
-
exports.Oidc = exports.
|
|
68
|
+
exports.Oidc = exports.OidcAuthorizationServiceConfiguration = void 0;
|
|
54
69
|
var appauth_1 = require("@openid/appauth");
|
|
55
70
|
var noHashQueryStringUtils_1 = require("./noHashQueryStringUtils");
|
|
56
71
|
var initWorker_1 = require("./initWorker");
|
|
57
72
|
var memoryStorageBackend_1 = require("./memoryStorageBackend");
|
|
58
73
|
var initSession_1 = require("./initSession");
|
|
59
74
|
var timer_1 = __importDefault(require("./timer"));
|
|
75
|
+
var checkSessionIFrame_1 = require("./checkSessionIFrame");
|
|
76
|
+
var route_utils_1 = require("./route-utils");
|
|
77
|
+
var OidcAuthorizationServiceConfiguration = /** @class */ (function (_super) {
|
|
78
|
+
__extends(OidcAuthorizationServiceConfiguration, _super);
|
|
79
|
+
function OidcAuthorizationServiceConfiguration(request) {
|
|
80
|
+
var _this = _super.call(this, request) || this;
|
|
81
|
+
_this.authorizationEndpoint = request.authorization_endpoint;
|
|
82
|
+
_this.tokenEndpoint = request.token_endpoint;
|
|
83
|
+
_this.revocationEndpoint = request.revocation_endpoint;
|
|
84
|
+
_this.userInfoEndpoint = request.userinfo_endpoint;
|
|
85
|
+
_this.check_session_iframe = request.check_session_iframe;
|
|
86
|
+
return _this;
|
|
87
|
+
}
|
|
88
|
+
return OidcAuthorizationServiceConfiguration;
|
|
89
|
+
}(appauth_1.AuthorizationServiceConfiguration));
|
|
90
|
+
exports.OidcAuthorizationServiceConfiguration = OidcAuthorizationServiceConfiguration;
|
|
60
91
|
var isInIframe = function () {
|
|
61
92
|
try {
|
|
62
93
|
return window.self !== window.top;
|
|
@@ -92,7 +123,6 @@ var extractAccessTokenPayload = function (tokens) {
|
|
|
92
123
|
}
|
|
93
124
|
return null;
|
|
94
125
|
};
|
|
95
|
-
var refresh_token_scope = "offline_access";
|
|
96
126
|
var oidcDatabase = {};
|
|
97
127
|
var oidcFactory = function (configuration, name) {
|
|
98
128
|
if (name === void 0) { name = "default"; }
|
|
@@ -103,26 +133,14 @@ var oidcFactory = function (configuration, name) {
|
|
|
103
133
|
return oidcDatabase[name];
|
|
104
134
|
};
|
|
105
135
|
var loginCallbackWithAutoTokensRenewAsync = function (oidc) { return __awaiter(void 0, void 0, void 0, function () {
|
|
106
|
-
var
|
|
136
|
+
var _a, parsedTokens, state, callbackPath;
|
|
107
137
|
return __generator(this, function (_b) {
|
|
108
138
|
switch (_b.label) {
|
|
109
139
|
case 0: return [4 /*yield*/, oidc.loginCallbackAsync()];
|
|
110
140
|
case 1:
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
return [4 /*yield*/, setTokensAsync(oidc.serviceWorker, tokens)];
|
|
115
|
-
case 2:
|
|
116
|
-
_a.tokens = _b.sent();
|
|
117
|
-
if (!!oidc.serviceWorker) return [3 /*break*/, 4];
|
|
118
|
-
return [4 /*yield*/, oidc.session.setTokens(oidc.tokens)];
|
|
119
|
-
case 3:
|
|
120
|
-
_b.sent();
|
|
121
|
-
_b.label = 4;
|
|
122
|
-
case 4:
|
|
123
|
-
oidc.publishEvent(Oidc.eventNames.token_aquired, oidc.tokens);
|
|
124
|
-
oidc.timeoutId = autoRenewTokens(oidc, tokens.refreshToken, oidc.tokens.expiresAt);
|
|
125
|
-
return [2 /*return*/, { state: response.state, callbackPath: response.callbackPath }];
|
|
141
|
+
_a = _b.sent(), parsedTokens = _a.parsedTokens, state = _a.state, callbackPath = _a.callbackPath;
|
|
142
|
+
oidc.timeoutId = autoRenewTokens(oidc, parsedTokens.refreshToken, parsedTokens.expiresAt);
|
|
143
|
+
return [2 /*return*/, { state: state, callbackPath: callbackPath }];
|
|
126
144
|
}
|
|
127
145
|
});
|
|
128
146
|
}); };
|
|
@@ -152,6 +170,10 @@ var autoRenewTokens = function (oidc, refreshToken, expiresAt) {
|
|
|
152
170
|
_b.label = 4;
|
|
153
171
|
case 4:
|
|
154
172
|
if (!oidc.tokens) {
|
|
173
|
+
if (oidc.checkSessionIFrame) {
|
|
174
|
+
oidc.checkSessionIFrame.stop();
|
|
175
|
+
oidc.checkSessionIFrame = null;
|
|
176
|
+
}
|
|
155
177
|
return [2 /*return*/];
|
|
156
178
|
}
|
|
157
179
|
oidc.publishEvent(Oidc.eventNames.token_renewed, oidc.tokens);
|
|
@@ -171,10 +193,12 @@ var autoRenewTokens = function (oidc, refreshToken, expiresAt) {
|
|
|
171
193
|
});
|
|
172
194
|
}); }, 1000);
|
|
173
195
|
};
|
|
174
|
-
var
|
|
175
|
-
return
|
|
196
|
+
var getLoginSessionKey = function (configurationName, redirectUri) {
|
|
197
|
+
return "oidc_login.".concat(configurationName, ":").concat(redirectUri);
|
|
198
|
+
};
|
|
199
|
+
var getLoginParams = function (configurationName, redirectUri) {
|
|
200
|
+
return JSON.parse(sessionStorage[getLoginSessionKey(configurationName, redirectUri)]);
|
|
176
201
|
};
|
|
177
|
-
exports.getLoginParams = getLoginParams;
|
|
178
202
|
var userInfoAsync = function (oidc) { return __awaiter(void 0, void 0, void 0, function () {
|
|
179
203
|
var accessToken, oidcServerConfiguration, url, fetchUserInfo, userInfo;
|
|
180
204
|
return __generator(this, function (_a) {
|
|
@@ -224,7 +248,7 @@ var userInfoAsync = function (oidc) { return __awaiter(void 0, void 0, void 0, f
|
|
|
224
248
|
});
|
|
225
249
|
}); };
|
|
226
250
|
var setTokensAsync = function (serviceWorker, tokens) { return __awaiter(void 0, void 0, void 0, function () {
|
|
227
|
-
var accessTokenPayload, expiresAt;
|
|
251
|
+
var accessTokenPayload, _idTokenPayload, expiresAt;
|
|
228
252
|
return __generator(this, function (_a) {
|
|
229
253
|
switch (_a.label) {
|
|
230
254
|
case 0:
|
|
@@ -245,14 +269,16 @@ var setTokensAsync = function (serviceWorker, tokens) { return __awaiter(void 0,
|
|
|
245
269
|
accessTokenPayload = extractAccessTokenPayload(tokens);
|
|
246
270
|
_a.label = 6;
|
|
247
271
|
case 6:
|
|
248
|
-
|
|
249
|
-
|
|
272
|
+
_idTokenPayload = idTokenPayload(tokens.idToken);
|
|
273
|
+
expiresAt = (_idTokenPayload && _idTokenPayload.exp) ? _idTokenPayload.exp : tokens.issuedAt + tokens.expiresIn;
|
|
274
|
+
return [2 /*return*/, __assign(__assign({}, tokens), { idTokenPayload: _idTokenPayload, accessTokenPayload: accessTokenPayload, expiresAt: expiresAt })];
|
|
250
275
|
}
|
|
251
276
|
});
|
|
252
277
|
}); };
|
|
253
278
|
var eventNames = {
|
|
254
279
|
service_worker_not_supported_by_browser: "service_worker_not_supported_by_browser",
|
|
255
280
|
token_aquired: "token_aquired",
|
|
281
|
+
logout_from_another_tab: "logout_from_another_tab",
|
|
256
282
|
token_renewed: "token_renewed",
|
|
257
283
|
token_timer: "token_timer",
|
|
258
284
|
loginAsync_begin: "loginAsync_begin",
|
|
@@ -280,12 +306,61 @@ var eventNames = {
|
|
|
280
306
|
var getRandomInt = function (max) {
|
|
281
307
|
return Math.floor(Math.random() * max);
|
|
282
308
|
};
|
|
309
|
+
var WELL_KNOWN_PATH = '.well-known';
|
|
310
|
+
var OPENID_CONFIGURATION = 'openid-configuration';
|
|
311
|
+
var oneHourSecond = 60 * 60;
|
|
312
|
+
var fetchFromIssuer = function (openIdIssuerUrl, timeCacheSecond) {
|
|
313
|
+
if (timeCacheSecond === void 0) { timeCacheSecond = oneHourSecond; }
|
|
314
|
+
return __awaiter(void 0, void 0, void 0, function () {
|
|
315
|
+
var fullUrl, localStorageKey, cacheJson, oneHourMinisecond, res, result;
|
|
316
|
+
return __generator(this, function (_a) {
|
|
317
|
+
switch (_a.label) {
|
|
318
|
+
case 0:
|
|
319
|
+
fullUrl = "".concat(openIdIssuerUrl, "/").concat(WELL_KNOWN_PATH, "/").concat(OPENID_CONFIGURATION);
|
|
320
|
+
localStorageKey = "oidc.server:".concat(openIdIssuerUrl);
|
|
321
|
+
cacheJson = window.localStorage.getItem(localStorageKey);
|
|
322
|
+
oneHourMinisecond = 1000 * timeCacheSecond;
|
|
323
|
+
// @ts-ignore
|
|
324
|
+
if (cacheJson && (cacheJson.timestamp + oneHourMinisecond) > Date.now()) {
|
|
325
|
+
return [2 /*return*/, new OidcAuthorizationServiceConfiguration(JSON.parse(cacheJson))];
|
|
326
|
+
}
|
|
327
|
+
return [4 /*yield*/, fetch(fullUrl)];
|
|
328
|
+
case 1:
|
|
329
|
+
res = _a.sent();
|
|
330
|
+
if (res.status != 200) {
|
|
331
|
+
return [2 /*return*/, null];
|
|
332
|
+
}
|
|
333
|
+
return [4 /*yield*/, res.json()];
|
|
334
|
+
case 2:
|
|
335
|
+
result = _a.sent();
|
|
336
|
+
window.localStorage.setItem(localStorageKey, JSON.stringify({ result: result, timestamp: Date.now() }));
|
|
337
|
+
return [2 /*return*/, new OidcAuthorizationServiceConfiguration(result)];
|
|
338
|
+
}
|
|
339
|
+
});
|
|
340
|
+
});
|
|
341
|
+
};
|
|
342
|
+
var buildQueries = function (extras) {
|
|
343
|
+
var queries = '';
|
|
344
|
+
if (extras != null) {
|
|
345
|
+
for (var _i = 0, _a = Object.entries(extras); _i < _a.length; _i++) {
|
|
346
|
+
var _b = _a[_i], key = _b[0], value = _b[1];
|
|
347
|
+
if (queries === "") {
|
|
348
|
+
queries = "?".concat(encodeURIComponent(key), "=").concat(encodeURIComponent(value));
|
|
349
|
+
}
|
|
350
|
+
else {
|
|
351
|
+
queries += "&".concat(encodeURIComponent(key), "=").concat(encodeURIComponent(value));
|
|
352
|
+
}
|
|
353
|
+
}
|
|
354
|
+
}
|
|
355
|
+
return queries;
|
|
356
|
+
};
|
|
283
357
|
var Oidc = /** @class */ (function () {
|
|
284
358
|
function Oidc(configuration, configurationName) {
|
|
285
359
|
if (configurationName === void 0) { configurationName = "default"; }
|
|
286
|
-
this.iFrameSession = {};
|
|
287
360
|
this.initAsyncPromise = null;
|
|
288
361
|
this.tryKeepExistingSessionPromise = null;
|
|
362
|
+
this.loginPromise = null;
|
|
363
|
+
this.loginCallbackPromise = null;
|
|
289
364
|
this.syncTokensAsyncPromise = null;
|
|
290
365
|
this.loginCallbackWithAutoTokensRenewPromise = null;
|
|
291
366
|
this.configuration = configuration;
|
|
@@ -300,6 +375,7 @@ var Oidc = /** @class */ (function () {
|
|
|
300
375
|
this.loginCallbackWithAutoTokensRenewAsync.bind(this);
|
|
301
376
|
this.initAsync.bind(this);
|
|
302
377
|
this.loginCallbackAsync.bind(this);
|
|
378
|
+
this._loginCallbackAsync.bind(this);
|
|
303
379
|
this.subscriveEvents.bind(this);
|
|
304
380
|
this.removeEventSubscription.bind(this);
|
|
305
381
|
this.publishEvent.bind(this);
|
|
@@ -333,31 +409,67 @@ var Oidc = /** @class */ (function () {
|
|
|
333
409
|
};
|
|
334
410
|
Oidc.prototype.silentSigninCallbackFromIFrame = function () {
|
|
335
411
|
if (this.configuration.silent_redirect_uri) {
|
|
336
|
-
|
|
412
|
+
var queryParams = (0, route_utils_1.getParseQueryStringFromLocation)(window.location.href);
|
|
413
|
+
window.top.postMessage("".concat(this.configurationName, "_oidc_tokens:").concat(JSON.stringify({ tokens: this.tokens, sessionState: queryParams.session_state })), window.location.origin);
|
|
337
414
|
}
|
|
338
415
|
};
|
|
339
|
-
Oidc.prototype.
|
|
416
|
+
Oidc.prototype.silentSigninErrorCallbackFromIFrame = function () {
|
|
417
|
+
if (this.configuration.silent_redirect_uri) {
|
|
418
|
+
var queryParams = (0, route_utils_1.getParseQueryStringFromLocation)(window.location.href);
|
|
419
|
+
window.top.postMessage("".concat(this.configurationName, "_oidc_error:").concat(JSON.stringify({ error: queryParams.error })), window.location.origin);
|
|
420
|
+
}
|
|
421
|
+
};
|
|
422
|
+
Oidc.prototype.silentSigninAsync = function (extras, state, scope) {
|
|
423
|
+
if (extras === void 0) { extras = null; }
|
|
424
|
+
if (state === void 0) { state = null; }
|
|
425
|
+
if (scope === void 0) { scope = null; }
|
|
340
426
|
return __awaiter(this, void 0, void 0, function () {
|
|
341
|
-
var configuration_1, link, iframe_1, self_1;
|
|
342
|
-
return __generator(this, function (
|
|
343
|
-
switch (
|
|
427
|
+
var configuration_1, queries, _i, _a, _b, key, value, link, idx, iFrameOrigin_1, iframe_1, self_1;
|
|
428
|
+
return __generator(this, function (_c) {
|
|
429
|
+
switch (_c.label) {
|
|
344
430
|
case 0:
|
|
345
|
-
if (!this.configuration.silent_redirect_uri) {
|
|
431
|
+
if (!this.configuration.silent_redirect_uri || !this.configuration.silent_signin_uri) {
|
|
346
432
|
return [2 /*return*/, Promise.resolve(null)];
|
|
347
433
|
}
|
|
348
|
-
|
|
434
|
+
_c.label = 1;
|
|
349
435
|
case 1:
|
|
350
436
|
if (!document.hidden) return [3 /*break*/, 3];
|
|
351
437
|
return [4 /*yield*/, (0, initWorker_1.sleepAsync)(1000)];
|
|
352
438
|
case 2:
|
|
353
|
-
|
|
439
|
+
_c.sent();
|
|
354
440
|
this.publishEvent(eventNames.silentSigninAsync, { message: "wait because document is hidden" });
|
|
355
441
|
return [3 /*break*/, 1];
|
|
356
442
|
case 3:
|
|
357
443
|
try {
|
|
358
444
|
this.publishEvent(eventNames.silentSigninAsync_begin, {});
|
|
359
445
|
configuration_1 = this.configuration;
|
|
360
|
-
|
|
446
|
+
queries = "";
|
|
447
|
+
if (state) {
|
|
448
|
+
if (extras == null) {
|
|
449
|
+
extras = {};
|
|
450
|
+
}
|
|
451
|
+
extras.state = state;
|
|
452
|
+
}
|
|
453
|
+
if (scope) {
|
|
454
|
+
if (extras == null) {
|
|
455
|
+
extras = {};
|
|
456
|
+
}
|
|
457
|
+
extras.scope = scope;
|
|
458
|
+
}
|
|
459
|
+
if (extras != null) {
|
|
460
|
+
for (_i = 0, _a = Object.entries(extras); _i < _a.length; _i++) {
|
|
461
|
+
_b = _a[_i], key = _b[0], value = _b[1];
|
|
462
|
+
if (queries === "") {
|
|
463
|
+
queries = "?".concat(encodeURIComponent(key), "=").concat(encodeURIComponent(value));
|
|
464
|
+
}
|
|
465
|
+
else {
|
|
466
|
+
queries += "&".concat(encodeURIComponent(key), "=").concat(encodeURIComponent(value));
|
|
467
|
+
}
|
|
468
|
+
}
|
|
469
|
+
}
|
|
470
|
+
link = configuration_1.silent_signin_uri + queries;
|
|
471
|
+
idx = link.indexOf("/", link.indexOf("//") + 2);
|
|
472
|
+
iFrameOrigin_1 = link.substr(0, idx);
|
|
361
473
|
iframe_1 = document.createElement('iframe');
|
|
362
474
|
iframe_1.width = "0px";
|
|
363
475
|
iframe_1.height = "0px";
|
|
@@ -366,21 +478,36 @@ var Oidc = /** @class */ (function () {
|
|
|
366
478
|
document.body.appendChild(iframe_1);
|
|
367
479
|
self_1 = this;
|
|
368
480
|
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
481
|
+
var _a;
|
|
369
482
|
try {
|
|
370
483
|
var isResolved_1 = false;
|
|
371
484
|
window.onmessage = function (e) {
|
|
372
|
-
|
|
373
|
-
|
|
374
|
-
|
|
375
|
-
|
|
376
|
-
|
|
377
|
-
|
|
378
|
-
isResolved_1
|
|
379
|
-
|
|
485
|
+
if (e.origin === iFrameOrigin_1 &&
|
|
486
|
+
e.source === iframe_1.contentWindow) {
|
|
487
|
+
var key = "".concat(self_1.configurationName, "_oidc_tokens:");
|
|
488
|
+
var key_error = "".concat(self_1.configurationName, "_oidc_error:");
|
|
489
|
+
var data = e.data;
|
|
490
|
+
if (data && typeof (data) === "string") {
|
|
491
|
+
if (!isResolved_1) {
|
|
492
|
+
if (data.startsWith(key)) {
|
|
493
|
+
var result = JSON.parse(e.data.replace(key, ''));
|
|
494
|
+
self_1.publishEvent(eventNames.silentSigninAsync_end, result);
|
|
495
|
+
iframe_1.remove();
|
|
496
|
+
isResolved_1 = true;
|
|
497
|
+
resolve(result);
|
|
498
|
+
}
|
|
499
|
+
else if (data.startsWith(key_error)) {
|
|
500
|
+
var result = JSON.parse(e.data.replace(key_error, ''));
|
|
501
|
+
self_1.publishEvent(eventNames.silentSigninAsync_error, result);
|
|
502
|
+
iframe_1.remove();
|
|
503
|
+
isResolved_1 = true;
|
|
504
|
+
reject(result);
|
|
505
|
+
}
|
|
506
|
+
}
|
|
380
507
|
}
|
|
381
508
|
}
|
|
382
509
|
};
|
|
383
|
-
var silentSigninTimeout = configuration_1.silent_signin_timeout ?
|
|
510
|
+
var silentSigninTimeout = (_a = configuration_1.silent_signin_timeout) !== null && _a !== void 0 ? _a : 12000;
|
|
384
511
|
setTimeout(function () {
|
|
385
512
|
if (!isResolved_1) {
|
|
386
513
|
self_1.publishEvent(eventNames.silentSigninAsync_error, "timeout");
|
|
@@ -407,27 +534,29 @@ var Oidc = /** @class */ (function () {
|
|
|
407
534
|
});
|
|
408
535
|
};
|
|
409
536
|
Oidc.prototype.initAsync = function (authority, authorityConfiguration) {
|
|
537
|
+
var _a;
|
|
410
538
|
return __awaiter(this, void 0, void 0, function () {
|
|
411
|
-
var
|
|
412
|
-
return __generator(this, function (
|
|
413
|
-
switch (
|
|
539
|
+
var _b;
|
|
540
|
+
return __generator(this, function (_c) {
|
|
541
|
+
switch (_c.label) {
|
|
414
542
|
case 0:
|
|
415
543
|
if (authorityConfiguration != null) {
|
|
416
|
-
return [2 /*return*/, new
|
|
544
|
+
return [2 /*return*/, new OidcAuthorizationServiceConfiguration({
|
|
417
545
|
authorization_endpoint: authorityConfiguration.authorization_endpoint,
|
|
418
546
|
end_session_endpoint: authorityConfiguration.end_session_endpoint,
|
|
419
547
|
revocation_endpoint: authorityConfiguration.revocation_endpoint,
|
|
420
548
|
token_endpoint: authorityConfiguration.token_endpoint,
|
|
421
|
-
userinfo_endpoint: authorityConfiguration.userinfo_endpoint
|
|
549
|
+
userinfo_endpoint: authorityConfiguration.userinfo_endpoint,
|
|
550
|
+
check_session_iframe: authorityConfiguration.check_session_iframe,
|
|
422
551
|
})];
|
|
423
552
|
}
|
|
424
553
|
if (this.initAsyncPromise) {
|
|
425
554
|
return [2 /*return*/, this.initAsyncPromise];
|
|
426
555
|
}
|
|
427
|
-
|
|
428
|
-
return [4 /*yield*/,
|
|
556
|
+
_b = this;
|
|
557
|
+
return [4 /*yield*/, fetchFromIssuer(authority, (_a = this.configuration.authority_time_cache_wellknowurl_in_second) !== null && _a !== void 0 ? _a : 60 * 60)];
|
|
429
558
|
case 1:
|
|
430
|
-
|
|
559
|
+
_b.initAsyncPromise = _c.sent();
|
|
431
560
|
return [2 /*return*/, this.initAsyncPromise];
|
|
432
561
|
}
|
|
433
562
|
});
|
|
@@ -442,99 +571,114 @@ var Oidc = /** @class */ (function () {
|
|
|
442
571
|
return [2 /*return*/, this.tryKeepExistingSessionPromise];
|
|
443
572
|
}
|
|
444
573
|
funcAsync = function () { return __awaiter(_this, void 0, void 0, function () {
|
|
445
|
-
var serviceWorker, configuration, oidcServerConfiguration, tokens,
|
|
446
|
-
|
|
447
|
-
|
|
574
|
+
var serviceWorker, configuration, oidcServerConfiguration, tokens, sessionState, reformattedToken, _a, session, tokens, sessionState, _b, exception_1;
|
|
575
|
+
var _c;
|
|
576
|
+
return __generator(this, function (_d) {
|
|
577
|
+
switch (_d.label) {
|
|
448
578
|
case 0:
|
|
449
579
|
if (this.tokens != null) {
|
|
450
580
|
return [2 /*return*/, false];
|
|
451
581
|
}
|
|
452
582
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_begin, {});
|
|
453
|
-
|
|
583
|
+
_d.label = 1;
|
|
454
584
|
case 1:
|
|
455
|
-
|
|
585
|
+
_d.trys.push([1, 14, , 17]);
|
|
456
586
|
configuration = this.configuration;
|
|
457
587
|
return [4 /*yield*/, this.initAsync(configuration.authority, configuration.authority_configuration)];
|
|
458
588
|
case 2:
|
|
459
|
-
oidcServerConfiguration =
|
|
589
|
+
oidcServerConfiguration = _d.sent();
|
|
460
590
|
return [4 /*yield*/, (0, initWorker_1.initWorkerAsync)(configuration.service_worker_relative_url, this.configurationName)];
|
|
461
591
|
case 3:
|
|
462
|
-
serviceWorker =
|
|
463
|
-
if (!serviceWorker) return [3 /*break*/,
|
|
592
|
+
serviceWorker = _d.sent();
|
|
593
|
+
if (!serviceWorker) return [3 /*break*/, 9];
|
|
464
594
|
return [4 /*yield*/, serviceWorker.initAsync(oidcServerConfiguration, "tryKeepExistingSessionAsync")];
|
|
465
595
|
case 4:
|
|
466
|
-
tokens = (
|
|
467
|
-
if (!tokens) return [3 /*break*/,
|
|
596
|
+
tokens = (_d.sent()).tokens;
|
|
597
|
+
if (!tokens) return [3 /*break*/, 8];
|
|
468
598
|
serviceWorker.startKeepAliveServiceWorker();
|
|
469
|
-
return [4 /*yield*/,
|
|
599
|
+
return [4 /*yield*/, serviceWorker.getSessionStateAsync()];
|
|
470
600
|
case 5:
|
|
471
|
-
|
|
472
|
-
|
|
473
|
-
_a = this;
|
|
474
|
-
return [4 /*yield*/, setTokensAsync(serviceWorker, updatedTokens)];
|
|
601
|
+
sessionState = _d.sent();
|
|
602
|
+
return [4 /*yield*/, this.startCheckSessionAsync(oidcServerConfiguration.check_session_iframe, configuration.client_id, sessionState)];
|
|
475
603
|
case 6:
|
|
476
|
-
|
|
477
|
-
|
|
604
|
+
_d.sent();
|
|
605
|
+
reformattedToken = {
|
|
606
|
+
accessToken: tokens.access_token,
|
|
607
|
+
expiresIn: tokens.expires_in,
|
|
608
|
+
idToken: tokens.id_token,
|
|
609
|
+
scope: tokens.scope,
|
|
610
|
+
tokenType: tokens.token_type
|
|
611
|
+
};
|
|
612
|
+
_a = this;
|
|
613
|
+
return [4 /*yield*/, setTokensAsync(serviceWorker, reformattedToken)];
|
|
614
|
+
case 7:
|
|
615
|
+
_a.tokens = _d.sent();
|
|
478
616
|
this.serviceWorker = serviceWorker;
|
|
479
617
|
// @ts-ignore
|
|
480
|
-
this.timeoutId = autoRenewTokens(this,
|
|
618
|
+
this.timeoutId = autoRenewTokens(this, tokens.refreshToken, this.tokens.expiresAt);
|
|
481
619
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
|
|
482
620
|
success: true,
|
|
483
621
|
message: "tokens inside ServiceWorker are valid"
|
|
484
622
|
});
|
|
485
623
|
return [2 /*return*/, true];
|
|
486
|
-
case
|
|
624
|
+
case 8:
|
|
487
625
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
|
|
488
626
|
success: false,
|
|
489
627
|
message: "no exiting session found"
|
|
490
628
|
});
|
|
491
|
-
return [3 /*break*/,
|
|
492
|
-
case
|
|
629
|
+
return [3 /*break*/, 13];
|
|
630
|
+
case 9:
|
|
493
631
|
if (configuration.service_worker_relative_url) {
|
|
494
632
|
this.publishEvent(eventNames.service_worker_not_supported_by_browser, {
|
|
495
633
|
message: "service worker is not supported by this browser"
|
|
496
634
|
});
|
|
497
635
|
}
|
|
498
|
-
session = (0, initSession_1.initSession)(this.configurationName);
|
|
636
|
+
session = (0, initSession_1.initSession)(this.configurationName, configuration.redirect_uri, (_c = configuration.storage) !== null && _c !== void 0 ? _c : sessionStorage);
|
|
499
637
|
return [4 /*yield*/, session.initAsync()];
|
|
500
|
-
case 9:
|
|
501
|
-
tokens = (_c.sent()).tokens;
|
|
502
|
-
if (!tokens) return [3 /*break*/, 12];
|
|
503
|
-
return [4 /*yield*/, this.refreshTokensAsync(tokens.refreshToken, true)];
|
|
504
638
|
case 10:
|
|
505
|
-
|
|
639
|
+
tokens = (_d.sent()).tokens;
|
|
640
|
+
console.log("const {tokens} = await session.initAsync();");
|
|
641
|
+
console.log(tokens);
|
|
642
|
+
if (!tokens) return [3 /*break*/, 13];
|
|
643
|
+
sessionState = session.getSessionState();
|
|
644
|
+
return [4 /*yield*/, this.startCheckSessionAsync(oidcServerConfiguration.check_session_iframe, configuration.client_id, sessionState)];
|
|
645
|
+
case 11:
|
|
646
|
+
_d.sent();
|
|
647
|
+
//const updatedTokens = await this.refreshTokensAsync(tokens.refreshToken, true);
|
|
506
648
|
// @ts-ignore
|
|
507
649
|
_b = this;
|
|
508
|
-
return [4 /*yield*/, setTokensAsync(serviceWorker,
|
|
509
|
-
case
|
|
650
|
+
return [4 /*yield*/, setTokensAsync(serviceWorker, tokens)];
|
|
651
|
+
case 12:
|
|
652
|
+
//const updatedTokens = await this.refreshTokensAsync(tokens.refreshToken, true);
|
|
510
653
|
// @ts-ignore
|
|
511
|
-
_b.tokens =
|
|
512
|
-
session.setTokens(this.tokens);
|
|
654
|
+
_b.tokens = _d.sent();
|
|
655
|
+
//session.setTokens(this.tokens);
|
|
513
656
|
this.session = session;
|
|
514
657
|
// @ts-ignore
|
|
515
|
-
this.timeoutId = autoRenewTokens(this,
|
|
658
|
+
this.timeoutId = autoRenewTokens(this, tokens.refreshToken, this.tokens.expiresAt);
|
|
516
659
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
|
|
517
660
|
success: true,
|
|
518
|
-
message: "tokens inside
|
|
661
|
+
message: "tokens inside storage are valid"
|
|
519
662
|
});
|
|
520
663
|
return [2 /*return*/, true];
|
|
521
|
-
case
|
|
664
|
+
case 13:
|
|
522
665
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
|
|
523
666
|
success: false,
|
|
524
667
|
message: serviceWorker ? "service worker sessions not retrieved" : "session storage sessions not retrieved"
|
|
525
668
|
});
|
|
526
669
|
return [2 /*return*/, false];
|
|
527
|
-
case 13:
|
|
528
|
-
exception_1 = _c.sent();
|
|
529
|
-
if (!serviceWorker) return [3 /*break*/, 15];
|
|
530
|
-
return [4 /*yield*/, serviceWorker.clearAsync()];
|
|
531
670
|
case 14:
|
|
532
|
-
|
|
533
|
-
|
|
671
|
+
exception_1 = _d.sent();
|
|
672
|
+
console.error(exception_1);
|
|
673
|
+
if (!serviceWorker) return [3 /*break*/, 16];
|
|
674
|
+
return [4 /*yield*/, serviceWorker.clearAsync()];
|
|
534
675
|
case 15:
|
|
676
|
+
_d.sent();
|
|
677
|
+
_d.label = 16;
|
|
678
|
+
case 16:
|
|
535
679
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_error, "tokens inside ServiceWorker are invalid");
|
|
536
680
|
return [2 /*return*/, false];
|
|
537
|
-
case
|
|
681
|
+
case 17: return [2 /*return*/];
|
|
538
682
|
}
|
|
539
683
|
});
|
|
540
684
|
}); };
|
|
@@ -546,195 +690,245 @@ var Oidc = /** @class */ (function () {
|
|
|
546
690
|
});
|
|
547
691
|
});
|
|
548
692
|
};
|
|
549
|
-
Oidc.prototype.loginAsync = function (callbackPath, extras, installServiceWorker, state) {
|
|
693
|
+
Oidc.prototype.loginAsync = function (callbackPath, extras, installServiceWorker, state, isSilentSignin, scope) {
|
|
550
694
|
if (callbackPath === void 0) { callbackPath = undefined; }
|
|
551
695
|
if (extras === void 0) { extras = null; }
|
|
552
696
|
if (installServiceWorker === void 0) { installServiceWorker = true; }
|
|
553
697
|
if (state === void 0) { state = undefined; }
|
|
698
|
+
if (isSilentSignin === void 0) { isSilentSignin = false; }
|
|
699
|
+
if (scope === void 0) { scope = undefined; }
|
|
554
700
|
return __awaiter(this, void 0, void 0, function () {
|
|
555
|
-
var
|
|
701
|
+
var loginLocalAsync;
|
|
702
|
+
var _this = this;
|
|
556
703
|
return __generator(this, function (_a) {
|
|
557
|
-
|
|
558
|
-
|
|
559
|
-
_a.trys.push([0, 9, , 10]);
|
|
560
|
-
location_1 = window.location;
|
|
561
|
-
url = callbackPath || location_1.pathname + (location_1.search || '') + (location_1.hash || '');
|
|
562
|
-
this.publishEvent(eventNames.loginAsync_begin, {});
|
|
563
|
-
configuration = this.configuration;
|
|
564
|
-
// Security we cannot loggin from Iframe
|
|
565
|
-
if (!configuration.silent_redirect_uri && isInIframe()) {
|
|
566
|
-
throw new Error("Login from iframe is forbidden");
|
|
567
|
-
}
|
|
568
|
-
sessionStorage["oidc_login.".concat(this.configurationName)] = JSON.stringify({ callbackPath: url, extras: extras, state: state });
|
|
569
|
-
return [4 /*yield*/, (0, initWorker_1.initWorkerAsync)(configuration.service_worker_relative_url, this.configurationName)];
|
|
570
|
-
case 1:
|
|
571
|
-
serviceWorker = _a.sent();
|
|
572
|
-
return [4 /*yield*/, this.initAsync(configuration.authority, configuration.authority_configuration)];
|
|
573
|
-
case 2:
|
|
574
|
-
oidcServerConfiguration = _a.sent();
|
|
575
|
-
if (!(serviceWorker && installServiceWorker)) return [3 /*break*/, 4];
|
|
576
|
-
return [4 /*yield*/, serviceWorker.isServiceWorkerProxyActiveAsync()];
|
|
577
|
-
case 3:
|
|
578
|
-
isServiceWorkerProxyActive = _a.sent();
|
|
579
|
-
if (!isServiceWorkerProxyActive) {
|
|
580
|
-
window.location.href = "".concat(configuration.redirect_uri, "/service-worker-install");
|
|
581
|
-
return [2 /*return*/];
|
|
582
|
-
}
|
|
583
|
-
_a.label = 4;
|
|
584
|
-
case 4:
|
|
585
|
-
storage = void 0;
|
|
586
|
-
if (!serviceWorker) return [3 /*break*/, 7];
|
|
587
|
-
serviceWorker.startKeepAliveServiceWorker();
|
|
588
|
-
return [4 /*yield*/, serviceWorker.initAsync(oidcServerConfiguration, "loginAsync")];
|
|
589
|
-
case 5:
|
|
590
|
-
_a.sent();
|
|
591
|
-
storage = new memoryStorageBackend_1.MemoryStorageBackend(serviceWorker.saveItemsAsync, {});
|
|
592
|
-
return [4 /*yield*/, storage.setItem("dummy", {})];
|
|
593
|
-
case 6:
|
|
594
|
-
_a.sent();
|
|
595
|
-
return [3 /*break*/, 8];
|
|
596
|
-
case 7:
|
|
597
|
-
session = (0, initSession_1.initSession)(this.configurationName);
|
|
598
|
-
storage = new memoryStorageBackend_1.MemoryStorageBackend(session.saveItemsAsync, {});
|
|
599
|
-
_a.label = 8;
|
|
600
|
-
case 8:
|
|
601
|
-
queryStringUtil = configuration.redirect_uri.includes("#") ? new noHashQueryStringUtils_1.HashQueryStringUtils() : new noHashQueryStringUtils_1.NoHashQueryStringUtils();
|
|
602
|
-
authorizationHandler = new appauth_1.RedirectRequestHandler(storage, queryStringUtil, window.location, new appauth_1.DefaultCrypto());
|
|
603
|
-
authRequest = new appauth_1.AuthorizationRequest({
|
|
604
|
-
client_id: configuration.client_id,
|
|
605
|
-
redirect_uri: configuration.redirect_uri,
|
|
606
|
-
scope: configuration.scope,
|
|
607
|
-
response_type: appauth_1.AuthorizationRequest.RESPONSE_TYPE_CODE,
|
|
608
|
-
state: state,
|
|
609
|
-
extras: extras !== null && extras !== void 0 ? extras : configuration.extras
|
|
610
|
-
});
|
|
611
|
-
authorizationHandler.performAuthorizationRequest(oidcServerConfiguration, authRequest);
|
|
612
|
-
return [3 /*break*/, 10];
|
|
613
|
-
case 9:
|
|
614
|
-
exception_2 = _a.sent();
|
|
615
|
-
this.publishEvent(eventNames.loginAsync_error, exception_2);
|
|
616
|
-
throw exception_2;
|
|
617
|
-
case 10: return [2 /*return*/];
|
|
704
|
+
if (this.loginPromise !== null) {
|
|
705
|
+
return [2 /*return*/, this.loginPromise];
|
|
618
706
|
}
|
|
707
|
+
loginLocalAsync = function () { return __awaiter(_this, void 0, void 0, function () {
|
|
708
|
+
var location_1, url, configuration, redirectUri, sessionKey, serviceWorker, oidcServerConfiguration, storage, session, extraFinal, queryStringUtil, authorizationHandler, authRequest, exception_2;
|
|
709
|
+
var _a;
|
|
710
|
+
return __generator(this, function (_b) {
|
|
711
|
+
switch (_b.label) {
|
|
712
|
+
case 0:
|
|
713
|
+
_b.trys.push([0, 7, , 8]);
|
|
714
|
+
location_1 = window.location;
|
|
715
|
+
url = callbackPath || location_1.pathname + (location_1.search || '') + (location_1.hash || '');
|
|
716
|
+
this.publishEvent(eventNames.loginAsync_begin, {});
|
|
717
|
+
configuration = this.configuration;
|
|
718
|
+
redirectUri = isSilentSignin ? configuration.silent_redirect_uri : configuration.redirect_uri;
|
|
719
|
+
if (!scope) {
|
|
720
|
+
scope = configuration.scope;
|
|
721
|
+
}
|
|
722
|
+
sessionKey = getLoginSessionKey(this.configurationName, redirectUri);
|
|
723
|
+
sessionStorage[sessionKey] = JSON.stringify({ callbackPath: url, extras: extras, state: state });
|
|
724
|
+
return [4 /*yield*/, (0, initWorker_1.initWorkerAsync)(configuration.service_worker_relative_url, this.configurationName)];
|
|
725
|
+
case 1:
|
|
726
|
+
serviceWorker = _b.sent();
|
|
727
|
+
return [4 /*yield*/, this.initAsync(configuration.authority, configuration.authority_configuration)];
|
|
728
|
+
case 2:
|
|
729
|
+
oidcServerConfiguration = _b.sent();
|
|
730
|
+
storage = void 0;
|
|
731
|
+
if (!serviceWorker) return [3 /*break*/, 5];
|
|
732
|
+
serviceWorker.startKeepAliveServiceWorker();
|
|
733
|
+
return [4 /*yield*/, serviceWorker.initAsync(oidcServerConfiguration, "loginAsync")];
|
|
734
|
+
case 3:
|
|
735
|
+
_b.sent();
|
|
736
|
+
storage = new memoryStorageBackend_1.MemoryStorageBackend(serviceWorker.saveItemsAsync, {});
|
|
737
|
+
return [4 /*yield*/, storage.setItem("dummy", {})];
|
|
738
|
+
case 4:
|
|
739
|
+
_b.sent();
|
|
740
|
+
return [3 /*break*/, 6];
|
|
741
|
+
case 5:
|
|
742
|
+
session = (0, initSession_1.initSession)(this.configurationName, redirectUri);
|
|
743
|
+
storage = new memoryStorageBackend_1.MemoryStorageBackend(session.saveItemsAsync, {});
|
|
744
|
+
_b.label = 6;
|
|
745
|
+
case 6:
|
|
746
|
+
extraFinal = (_a = extras !== null && extras !== void 0 ? extras : configuration.extras) !== null && _a !== void 0 ? _a : {};
|
|
747
|
+
queryStringUtil = redirectUri.includes("#") ? new noHashQueryStringUtils_1.HashQueryStringUtils() : new noHashQueryStringUtils_1.NoHashQueryStringUtils();
|
|
748
|
+
authorizationHandler = new appauth_1.RedirectRequestHandler(storage, queryStringUtil, window.location, new appauth_1.DefaultCrypto());
|
|
749
|
+
authRequest = new appauth_1.AuthorizationRequest({
|
|
750
|
+
client_id: configuration.client_id,
|
|
751
|
+
redirect_uri: redirectUri,
|
|
752
|
+
scope: scope,
|
|
753
|
+
response_type: appauth_1.AuthorizationRequest.RESPONSE_TYPE_CODE,
|
|
754
|
+
state: state,
|
|
755
|
+
extras: extraFinal
|
|
756
|
+
});
|
|
757
|
+
authorizationHandler.performAuthorizationRequest(oidcServerConfiguration, authRequest);
|
|
758
|
+
return [3 /*break*/, 8];
|
|
759
|
+
case 7:
|
|
760
|
+
exception_2 = _b.sent();
|
|
761
|
+
this.publishEvent(eventNames.loginAsync_error, exception_2);
|
|
762
|
+
throw exception_2;
|
|
763
|
+
case 8: return [2 /*return*/];
|
|
764
|
+
}
|
|
765
|
+
});
|
|
766
|
+
}); };
|
|
767
|
+
this.loginPromise = loginLocalAsync();
|
|
768
|
+
return [2 /*return*/, this.loginPromise.then(function (result) {
|
|
769
|
+
_this.loginPromise = null;
|
|
770
|
+
return result;
|
|
771
|
+
})];
|
|
619
772
|
});
|
|
620
773
|
});
|
|
621
774
|
};
|
|
622
|
-
Oidc.prototype.
|
|
775
|
+
Oidc.prototype.startCheckSessionAsync = function (checkSessionIFrameUri, clientId, sessionState, isSilentSignin) {
|
|
776
|
+
if (isSilentSignin === void 0) { isSilentSignin = false; }
|
|
623
777
|
return __awaiter(this, void 0, void 0, function () {
|
|
624
|
-
var
|
|
625
|
-
return __generator(this, function (
|
|
626
|
-
|
|
627
|
-
|
|
628
|
-
|
|
629
|
-
|
|
630
|
-
|
|
631
|
-
|
|
632
|
-
|
|
633
|
-
|
|
634
|
-
|
|
635
|
-
|
|
636
|
-
|
|
637
|
-
|
|
638
|
-
|
|
639
|
-
|
|
640
|
-
|
|
641
|
-
|
|
642
|
-
|
|
643
|
-
|
|
644
|
-
|
|
645
|
-
|
|
646
|
-
|
|
647
|
-
|
|
648
|
-
|
|
649
|
-
|
|
650
|
-
|
|
651
|
-
|
|
652
|
-
|
|
653
|
-
|
|
654
|
-
|
|
655
|
-
|
|
656
|
-
|
|
657
|
-
|
|
658
|
-
|
|
659
|
-
|
|
660
|
-
|
|
661
|
-
|
|
662
|
-
|
|
663
|
-
|
|
778
|
+
var _this = this;
|
|
779
|
+
return __generator(this, function (_a) {
|
|
780
|
+
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
781
|
+
if (_this.configuration.silent_signin_uri && _this.configuration.silent_redirect_uri && _this.configuration.monitor_session && checkSessionIFrameUri && sessionState && !isSilentSignin) {
|
|
782
|
+
var checkSessionCallback = function () {
|
|
783
|
+
_this.checkSessionIFrame.stop();
|
|
784
|
+
if (_this.tokens === null) {
|
|
785
|
+
return;
|
|
786
|
+
}
|
|
787
|
+
// @ts-ignore
|
|
788
|
+
var idToken = _this.tokens.idToken;
|
|
789
|
+
// @ts-ignore
|
|
790
|
+
var idTokenPayload = _this.tokens.idTokenPayload;
|
|
791
|
+
_this.silentSigninAsync({
|
|
792
|
+
prompt: "none",
|
|
793
|
+
id_token_hint: idToken,
|
|
794
|
+
scope: "openid"
|
|
795
|
+
}).then(function (silentSigninResponse) {
|
|
796
|
+
var iFrameIdTokenPayload = silentSigninResponse.tokens.idTokenPayload;
|
|
797
|
+
if (idTokenPayload.sub === iFrameIdTokenPayload.sub) {
|
|
798
|
+
var sessionState_1 = silentSigninResponse.sessionState;
|
|
799
|
+
_this.checkSessionIFrame.start(silentSigninResponse.sessionState);
|
|
800
|
+
if (idTokenPayload.sid === iFrameIdTokenPayload.sid) {
|
|
801
|
+
console.debug("SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:", sessionState_1);
|
|
802
|
+
}
|
|
803
|
+
else {
|
|
804
|
+
console.debug("SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:", sessionState_1);
|
|
805
|
+
}
|
|
806
|
+
}
|
|
807
|
+
else {
|
|
808
|
+
console.debug("SessionMonitor._callback: Different subject signed into OP:", iFrameIdTokenPayload.sub);
|
|
809
|
+
}
|
|
810
|
+
}).catch(function (e) {
|
|
811
|
+
_this.publishEvent(eventNames.logout_from_another_tab, {});
|
|
812
|
+
_this.destroyAsync();
|
|
813
|
+
});
|
|
814
|
+
};
|
|
815
|
+
_this.checkSessionIFrame = new checkSessionIFrame_1.CheckSessionIFrame(checkSessionCallback, clientId, checkSessionIFrameUri);
|
|
816
|
+
_this.checkSessionIFrame.load().then(function () {
|
|
817
|
+
_this.checkSessionIFrame.start(sessionState);
|
|
818
|
+
resolve();
|
|
819
|
+
}).catch(function (e) {
|
|
820
|
+
reject(e);
|
|
821
|
+
});
|
|
664
822
|
}
|
|
665
|
-
|
|
666
|
-
|
|
667
|
-
case 9:
|
|
668
|
-
exceptionSilent_1 = _b.sent();
|
|
669
|
-
console.error(exceptionSilent_1);
|
|
670
|
-
this.publishEvent(eventNames.syncTokensAsync_error, exceptionSilent_1);
|
|
671
|
-
if (this.timeoutId) {
|
|
672
|
-
timer_1.default.clearTimeout(this.timeoutId);
|
|
673
|
-
this.timeoutId = null;
|
|
823
|
+
else {
|
|
824
|
+
resolve();
|
|
674
825
|
}
|
|
675
|
-
|
|
676
|
-
case 10:
|
|
677
|
-
this.syncTokensAsyncPromise = null;
|
|
678
|
-
this.publishEvent(eventNames.syncTokensAsync_end, {});
|
|
679
|
-
_b.label = 11;
|
|
680
|
-
case 11: return [2 /*return*/];
|
|
681
|
-
}
|
|
826
|
+
})];
|
|
682
827
|
});
|
|
683
828
|
});
|
|
684
829
|
};
|
|
685
|
-
Oidc.prototype.loginCallbackAsync = function () {
|
|
830
|
+
Oidc.prototype.loginCallbackAsync = function (isSilenSignin) {
|
|
831
|
+
if (isSilenSignin === void 0) { isSilenSignin = false; }
|
|
686
832
|
return __awaiter(this, void 0, void 0, function () {
|
|
687
|
-
var
|
|
833
|
+
var loginCallbackLocalAsync;
|
|
688
834
|
var _this = this;
|
|
689
835
|
return __generator(this, function (_a) {
|
|
690
|
-
|
|
836
|
+
if (this.loginCallbackPromise !== null) {
|
|
837
|
+
return [2 /*return*/, this.loginCallbackPromise];
|
|
838
|
+
}
|
|
839
|
+
loginCallbackLocalAsync = function () { return __awaiter(_this, void 0, void 0, function () {
|
|
840
|
+
var response, tokens, parsedTokens;
|
|
841
|
+
return __generator(this, function (_a) {
|
|
842
|
+
switch (_a.label) {
|
|
843
|
+
case 0: return [4 /*yield*/, this._loginCallbackAsync(isSilenSignin)];
|
|
844
|
+
case 1:
|
|
845
|
+
response = _a.sent();
|
|
846
|
+
tokens = response.tokens;
|
|
847
|
+
return [4 /*yield*/, setTokensAsync(this.serviceWorker, tokens)];
|
|
848
|
+
case 2:
|
|
849
|
+
parsedTokens = _a.sent();
|
|
850
|
+
this.tokens = parsedTokens;
|
|
851
|
+
if (!!this.serviceWorker) return [3 /*break*/, 4];
|
|
852
|
+
return [4 /*yield*/, this.session.setTokens(parsedTokens)];
|
|
853
|
+
case 3:
|
|
854
|
+
_a.sent();
|
|
855
|
+
_a.label = 4;
|
|
856
|
+
case 4:
|
|
857
|
+
this.publishEvent(Oidc.eventNames.token_aquired, parsedTokens);
|
|
858
|
+
// @ts-ignore
|
|
859
|
+
return [2 /*return*/, { parsedTokens: parsedTokens, state: response.state, callbackPath: response.callbackPath }];
|
|
860
|
+
}
|
|
861
|
+
});
|
|
862
|
+
}); };
|
|
863
|
+
this.loginCallbackPromise = loginCallbackLocalAsync();
|
|
864
|
+
return [2 /*return*/, this.loginCallbackPromise.then(function (result) {
|
|
865
|
+
_this.loginCallbackPromise = null;
|
|
866
|
+
return result;
|
|
867
|
+
})];
|
|
868
|
+
});
|
|
869
|
+
});
|
|
870
|
+
};
|
|
871
|
+
Oidc.prototype._loginCallbackAsync = function (isSilentSignin) {
|
|
872
|
+
var _a;
|
|
873
|
+
if (isSilentSignin === void 0) { isSilentSignin = false; }
|
|
874
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
875
|
+
var configuration_2, clientId_1, redirectUri_1, authority, tokenRequestTimeout_1, oidcServerConfiguration_1, queryParams, sessionState_2, serviceWorker, storage_1, items, dummy, session, items, exception_3;
|
|
876
|
+
var _this = this;
|
|
877
|
+
return __generator(this, function (_b) {
|
|
878
|
+
switch (_b.label) {
|
|
691
879
|
case 0:
|
|
692
|
-
|
|
880
|
+
_b.trys.push([0, 11, , 12]);
|
|
693
881
|
this.publishEvent(eventNames.loginCallbackAsync_begin, {});
|
|
694
882
|
configuration_2 = this.configuration;
|
|
695
883
|
clientId_1 = configuration_2.client_id;
|
|
696
|
-
|
|
884
|
+
redirectUri_1 = isSilentSignin ? configuration_2.silent_redirect_uri : configuration_2.redirect_uri;
|
|
697
885
|
authority = configuration_2.authority;
|
|
698
886
|
tokenRequestTimeout_1 = configuration_2.token_request_timeout;
|
|
699
887
|
return [4 /*yield*/, this.initAsync(authority, configuration_2.authority_configuration)];
|
|
700
888
|
case 1:
|
|
701
|
-
oidcServerConfiguration_1 =
|
|
889
|
+
oidcServerConfiguration_1 = _b.sent();
|
|
890
|
+
queryParams = (0, route_utils_1.getParseQueryStringFromLocation)(window.location.href);
|
|
891
|
+
sessionState_2 = queryParams.session_state;
|
|
702
892
|
return [4 /*yield*/, (0, initWorker_1.initWorkerAsync)(configuration_2.service_worker_relative_url, this.configurationName)];
|
|
703
893
|
case 2:
|
|
704
|
-
serviceWorker =
|
|
894
|
+
serviceWorker = _b.sent();
|
|
705
895
|
storage_1 = null;
|
|
706
|
-
if (!serviceWorker) return [3 /*break*/,
|
|
896
|
+
if (!serviceWorker) return [3 /*break*/, 8];
|
|
707
897
|
serviceWorker.startKeepAliveServiceWorker();
|
|
708
898
|
this.serviceWorker = serviceWorker;
|
|
709
899
|
return [4 /*yield*/, serviceWorker.initAsync(oidcServerConfiguration_1, "loginCallbackAsync")];
|
|
710
900
|
case 3:
|
|
711
|
-
|
|
901
|
+
_b.sent();
|
|
712
902
|
return [4 /*yield*/, serviceWorker.loadItemsAsync()];
|
|
713
903
|
case 4:
|
|
714
|
-
items =
|
|
904
|
+
items = _b.sent();
|
|
715
905
|
storage_1 = new memoryStorageBackend_1.MemoryStorageBackend(serviceWorker.saveItemsAsync, items);
|
|
716
906
|
return [4 /*yield*/, storage_1.getItem("dummy")];
|
|
717
907
|
case 5:
|
|
718
|
-
dummy =
|
|
908
|
+
dummy = _b.sent();
|
|
719
909
|
if (!dummy) {
|
|
720
910
|
throw new Error("Service Worker storage disapear");
|
|
721
911
|
}
|
|
722
912
|
return [4 /*yield*/, storage_1.removeItem("dummy")];
|
|
723
913
|
case 6:
|
|
724
|
-
|
|
725
|
-
return [
|
|
914
|
+
_b.sent();
|
|
915
|
+
return [4 /*yield*/, serviceWorker.setSessionStateAsync(sessionState_2)];
|
|
726
916
|
case 7:
|
|
727
|
-
|
|
728
|
-
|
|
729
|
-
return [4 /*yield*/, session.loadItemsAsync()];
|
|
917
|
+
_b.sent();
|
|
918
|
+
return [3 /*break*/, 10];
|
|
730
919
|
case 8:
|
|
731
|
-
|
|
920
|
+
this.session = (0, initSession_1.initSession)(this.configurationName, redirectUri_1, (_a = configuration_2.storage) !== null && _a !== void 0 ? _a : sessionStorage);
|
|
921
|
+
session = (0, initSession_1.initSession)(this.configurationName, redirectUri_1);
|
|
922
|
+
session.setSessionState(sessionState_2);
|
|
923
|
+
return [4 /*yield*/, session.loadItemsAsync()];
|
|
924
|
+
case 9:
|
|
925
|
+
items = _b.sent();
|
|
732
926
|
storage_1 = new memoryStorageBackend_1.MemoryStorageBackend(session.saveItemsAsync, items);
|
|
733
|
-
|
|
734
|
-
case
|
|
927
|
+
_b.label = 10;
|
|
928
|
+
case 10: return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
735
929
|
// @ts-ignore
|
|
736
930
|
var queryStringUtil = new noHashQueryStringUtils_1.NoHashQueryStringUtils();
|
|
737
|
-
if (
|
|
931
|
+
if (redirectUri_1.includes("#")) {
|
|
738
932
|
var splithash = window.location.href.split("#");
|
|
739
933
|
if (splithash.length === 2 && splithash[1].includes("?")) {
|
|
740
934
|
queryStringUtil = new noHashQueryStringUtils_1.HashQueryStringUtils();
|
|
@@ -766,7 +960,7 @@ var Oidc = /** @class */ (function () {
|
|
|
766
960
|
}
|
|
767
961
|
var tokenRequest = new appauth_1.TokenRequest({
|
|
768
962
|
client_id: clientId_1,
|
|
769
|
-
redirect_uri:
|
|
963
|
+
redirect_uri: redirectUri_1,
|
|
770
964
|
grant_type: appauth_1.GRANT_TYPE_AUTHORIZATION_CODE,
|
|
771
965
|
code: response.code,
|
|
772
966
|
refresh_token: undefined,
|
|
@@ -780,14 +974,16 @@ var Oidc = /** @class */ (function () {
|
|
|
780
974
|
var tokenHandler = new appauth_1.BaseTokenRequestHandler(new appauth_1.FetchRequestor());
|
|
781
975
|
tokenHandler.performTokenRequest(oidcServerConfiguration_1, tokenRequest).then(function (tokenResponse) {
|
|
782
976
|
if (timeoutId) {
|
|
783
|
-
var loginParams = (0, exports.getLoginParams)(_this.configurationName);
|
|
784
977
|
clearTimeout(timeoutId);
|
|
785
978
|
_this.timeoutId = null;
|
|
786
|
-
_this.
|
|
787
|
-
|
|
788
|
-
|
|
789
|
-
|
|
790
|
-
|
|
979
|
+
var loginParams_1 = getLoginParams(_this.configurationName, redirectUri_1);
|
|
980
|
+
_this.startCheckSessionAsync(oidcServerConfiguration_1.check_session_iframe, clientId_1, sessionState_2, isSilentSignin).then(function () {
|
|
981
|
+
_this.publishEvent(eventNames.loginCallbackAsync_end, {});
|
|
982
|
+
resolve({
|
|
983
|
+
tokens: tokenResponse,
|
|
984
|
+
state: request.state,
|
|
985
|
+
callbackPath: loginParams_1.callbackPath,
|
|
986
|
+
});
|
|
791
987
|
});
|
|
792
988
|
}
|
|
793
989
|
});
|
|
@@ -804,12 +1000,12 @@ var Oidc = /** @class */ (function () {
|
|
|
804
1000
|
});
|
|
805
1001
|
authorizationHandler.completeAuthorizationRequestIfPossible();
|
|
806
1002
|
})];
|
|
807
|
-
case
|
|
808
|
-
exception_3 =
|
|
1003
|
+
case 11:
|
|
1004
|
+
exception_3 = _b.sent();
|
|
809
1005
|
console.error(exception_3);
|
|
810
1006
|
this.publishEvent(eventNames.loginCallbackAsync_error, exception_3);
|
|
811
1007
|
throw exception_3;
|
|
812
|
-
case
|
|
1008
|
+
case 12: return [2 /*return*/];
|
|
813
1009
|
}
|
|
814
1010
|
});
|
|
815
1011
|
});
|
|
@@ -825,7 +1021,7 @@ var Oidc = /** @class */ (function () {
|
|
|
825
1021
|
localSilentSigninAsync = function (exception) {
|
|
826
1022
|
if (exception === void 0) { exception = null; }
|
|
827
1023
|
return __awaiter(_this, void 0, void 0, function () {
|
|
828
|
-
var silent_token_response,
|
|
1024
|
+
var silent_token_response, exceptionSilent_1;
|
|
829
1025
|
return __generator(this, function (_a) {
|
|
830
1026
|
switch (_a.label) {
|
|
831
1027
|
case 0:
|
|
@@ -834,12 +1030,12 @@ var Oidc = /** @class */ (function () {
|
|
|
834
1030
|
case 1:
|
|
835
1031
|
silent_token_response = _a.sent();
|
|
836
1032
|
if (silent_token_response) {
|
|
837
|
-
return [2 /*return*/, silent_token_response];
|
|
1033
|
+
return [2 /*return*/, silent_token_response.tokens];
|
|
838
1034
|
}
|
|
839
1035
|
return [3 /*break*/, 3];
|
|
840
1036
|
case 2:
|
|
841
|
-
|
|
842
|
-
console.error(
|
|
1037
|
+
exceptionSilent_1 = _a.sent();
|
|
1038
|
+
console.error(exceptionSilent_1);
|
|
843
1039
|
return [3 /*break*/, 3];
|
|
844
1040
|
case 3:
|
|
845
1041
|
if (this.timeoutId) {
|
|
@@ -899,6 +1095,87 @@ var Oidc = /** @class */ (function () {
|
|
|
899
1095
|
});
|
|
900
1096
|
});
|
|
901
1097
|
};
|
|
1098
|
+
Oidc.prototype.syncTokensAsync = function () {
|
|
1099
|
+
var _a;
|
|
1100
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
1101
|
+
var configuration, oidcServerConfiguration, serviceWorker, isLogin, silent_token_response, _b, exceptionSilent_2, session, tokens;
|
|
1102
|
+
return __generator(this, function (_c) {
|
|
1103
|
+
switch (_c.label) {
|
|
1104
|
+
case 0:
|
|
1105
|
+
configuration = this.configuration;
|
|
1106
|
+
if (!this.tokens) {
|
|
1107
|
+
return [2 /*return*/];
|
|
1108
|
+
}
|
|
1109
|
+
return [4 /*yield*/, this.initAsync(configuration.authority, configuration.authority_configuration)];
|
|
1110
|
+
case 1:
|
|
1111
|
+
oidcServerConfiguration = _c.sent();
|
|
1112
|
+
return [4 /*yield*/, (0, initWorker_1.initWorkerAsync)(configuration.service_worker_relative_url, this.configurationName)];
|
|
1113
|
+
case 2:
|
|
1114
|
+
serviceWorker = _c.sent();
|
|
1115
|
+
if (!serviceWorker) return [3 /*break*/, 14];
|
|
1116
|
+
return [4 /*yield*/, serviceWorker.initAsync(oidcServerConfiguration, "syncTokensAsync")];
|
|
1117
|
+
case 3:
|
|
1118
|
+
isLogin = (_c.sent()).isLogin;
|
|
1119
|
+
if (!(isLogin == false)) return [3 /*break*/, 5];
|
|
1120
|
+
this.publishEvent(eventNames.logout_from_another_tab, {});
|
|
1121
|
+
return [4 /*yield*/, this.destroyAsync()];
|
|
1122
|
+
case 4:
|
|
1123
|
+
_c.sent();
|
|
1124
|
+
return [3 /*break*/, 13];
|
|
1125
|
+
case 5:
|
|
1126
|
+
if (!(isLogin == null)) return [3 /*break*/, 13];
|
|
1127
|
+
_c.label = 6;
|
|
1128
|
+
case 6:
|
|
1129
|
+
_c.trys.push([6, 11, , 12]);
|
|
1130
|
+
this.publishEvent(eventNames.syncTokensAsync_begin, {});
|
|
1131
|
+
this.syncTokensAsyncPromise = this.silentSigninAsync({ prompt: "none" });
|
|
1132
|
+
return [4 /*yield*/, this.syncTokensAsyncPromise];
|
|
1133
|
+
case 7:
|
|
1134
|
+
silent_token_response = _c.sent();
|
|
1135
|
+
if (!(silent_token_response && silent_token_response.tokens)) return [3 /*break*/, 9];
|
|
1136
|
+
_b = this;
|
|
1137
|
+
return [4 /*yield*/, setTokensAsync(serviceWorker, silent_token_response.tokens)];
|
|
1138
|
+
case 8:
|
|
1139
|
+
_b.tokens = _c.sent();
|
|
1140
|
+
return [3 /*break*/, 10];
|
|
1141
|
+
case 9:
|
|
1142
|
+
this.publishEvent(eventNames.syncTokensAsync_error, null);
|
|
1143
|
+
if (this.timeoutId) {
|
|
1144
|
+
timer_1.default.clearTimeout(this.timeoutId);
|
|
1145
|
+
this.timeoutId = null;
|
|
1146
|
+
}
|
|
1147
|
+
return [2 /*return*/];
|
|
1148
|
+
case 10: return [3 /*break*/, 12];
|
|
1149
|
+
case 11:
|
|
1150
|
+
exceptionSilent_2 = _c.sent();
|
|
1151
|
+
console.error(exceptionSilent_2);
|
|
1152
|
+
this.publishEvent(eventNames.syncTokensAsync_error, exceptionSilent_2);
|
|
1153
|
+
if (this.timeoutId) {
|
|
1154
|
+
timer_1.default.clearTimeout(this.timeoutId);
|
|
1155
|
+
this.timeoutId = null;
|
|
1156
|
+
}
|
|
1157
|
+
return [2 /*return*/];
|
|
1158
|
+
case 12:
|
|
1159
|
+
this.syncTokensAsyncPromise = null;
|
|
1160
|
+
this.publishEvent(eventNames.syncTokensAsync_end, {});
|
|
1161
|
+
_c.label = 13;
|
|
1162
|
+
case 13: return [3 /*break*/, 17];
|
|
1163
|
+
case 14:
|
|
1164
|
+
session = (0, initSession_1.initSession)(this.configurationName, configuration.redirect_uri, (_a = configuration.storage) !== null && _a !== void 0 ? _a : sessionStorage);
|
|
1165
|
+
return [4 /*yield*/, session.initAsync()];
|
|
1166
|
+
case 15:
|
|
1167
|
+
tokens = (_c.sent()).tokens;
|
|
1168
|
+
if (!!tokens) return [3 /*break*/, 17];
|
|
1169
|
+
this.publishEvent(eventNames.logout_from_another_tab, {});
|
|
1170
|
+
return [4 /*yield*/, this.destroyAsync()];
|
|
1171
|
+
case 16:
|
|
1172
|
+
_c.sent();
|
|
1173
|
+
_c.label = 17;
|
|
1174
|
+
case 17: return [2 /*return*/];
|
|
1175
|
+
}
|
|
1176
|
+
});
|
|
1177
|
+
});
|
|
1178
|
+
};
|
|
902
1179
|
Oidc.prototype.loginCallbackWithAutoTokensRenewAsync = function () {
|
|
903
1180
|
var _this = this;
|
|
904
1181
|
if (this.loginCallbackWithAutoTokensRenewPromise !== null) {
|
|
@@ -918,6 +1195,9 @@ var Oidc = /** @class */ (function () {
|
|
|
918
1195
|
return __generator(this, function (_a) {
|
|
919
1196
|
switch (_a.label) {
|
|
920
1197
|
case 0:
|
|
1198
|
+
if (this.checkSessionIFrame) {
|
|
1199
|
+
this.checkSessionIFrame.stop();
|
|
1200
|
+
}
|
|
921
1201
|
if (!this.serviceWorker) return [3 /*break*/, 2];
|
|
922
1202
|
return [4 /*yield*/, this.serviceWorker.clearAsync()];
|
|
923
1203
|
case 1:
|