@axa-fr/react-oidc 5.14.0 → 6.0.0-alpha0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/OidcProvider.d.ts +1 -0
- package/dist/OidcProvider.d.ts.map +1 -1
- package/dist/OidcProvider.js +13 -5
- package/dist/OidcProvider.js.map +1 -1
- package/dist/OidcServiceWorker.js +13 -0
- package/dist/ReactOidc.d.ts.map +1 -1
- package/dist/ReactOidc.js +29 -7
- package/dist/ReactOidc.js.map +1 -1
- package/dist/core/default-component/ServiceWorkerInstall.component.d.ts.map +1 -1
- package/dist/core/default-component/ServiceWorkerInstall.component.js +21 -9
- package/dist/core/default-component/ServiceWorkerInstall.component.js.map +1 -1
- package/dist/core/default-component/SilentCallback.component.d.ts.map +1 -1
- package/dist/core/default-component/SilentCallback.component.js +23 -15
- package/dist/core/default-component/SilentCallback.component.js.map +1 -1
- package/dist/core/default-component/SilentSignin.component.d.ts +4 -0
- package/dist/core/default-component/SilentSignin.component.d.ts.map +1 -0
- package/dist/core/default-component/SilentSignin.component.js +58 -0
- package/dist/core/default-component/SilentSignin.component.js.map +1 -0
- package/dist/core/routes/OidcRoutes.d.ts +1 -0
- package/dist/core/routes/OidcRoutes.d.ts.map +1 -1
- package/dist/core/routes/OidcRoutes.js +8 -2
- package/dist/core/routes/OidcRoutes.js.map +1 -1
- package/dist/vanilla/checkSessionIFrame.d.ts +17 -0
- package/dist/vanilla/checkSessionIFrame.d.ts.map +1 -0
- package/dist/vanilla/checkSessionIFrame.js +78 -0
- package/dist/vanilla/checkSessionIFrame.js.map +1 -0
- package/dist/vanilla/initSession.d.ts +3 -1
- package/dist/vanilla/initSession.d.ts.map +1 -1
- package/dist/vanilla/initSession.js +20 -11
- package/dist/vanilla/initSession.js.map +1 -1
- package/dist/vanilla/initWorker.d.ts +4 -0
- package/dist/vanilla/initWorker.d.ts.map +1 -1
- package/dist/vanilla/initWorker.js +31 -3
- package/dist/vanilla/initWorker.js.map +1 -1
- package/dist/vanilla/oidc.d.ts +24 -5
- package/dist/vanilla/oidc.d.ts.map +1 -1
- package/dist/vanilla/oidc.js +504 -224
- package/dist/vanilla/oidc.js.map +1 -1
- package/dist/vanilla/route-utils.d.ts +13 -0
- package/dist/vanilla/route-utils.d.ts.map +1 -0
- package/dist/vanilla/route-utils.js +65 -0
- package/dist/vanilla/route-utils.js.map +1 -0
- package/package.json +1 -1
- package/src/App.tsx +1 -1
- package/src/configurations.ts +8 -4
- package/src/oidc/OidcProvider.tsx +11 -0
- package/src/oidc/ReactOidc.tsx +32 -8
- package/src/oidc/core/default-component/ServiceWorkerInstall.component.tsx +15 -3
- package/src/oidc/core/default-component/SilentCallback.component.tsx +10 -15
- package/src/oidc/core/default-component/SilentSignin.component.tsx +35 -0
- package/src/oidc/core/routes/OidcRoutes.tsx +10 -1
- package/src/oidc/vanilla/OidcServiceWorker.js +13 -0
- package/src/oidc/vanilla/checkSessionIFrame.ts +82 -0
- package/src/oidc/vanilla/initSession.ts +23 -11
- package/src/oidc/vanilla/initWorker.ts +19 -2
- package/src/oidc/vanilla/oidc.ts +400 -137
- package/src/oidc/{core/routes → vanilla}/route-utils.spec.ts +0 -0
- package/src/oidc/vanilla/route-utils.ts +76 -0
- package/dist/core/routes/route-utils.d.ts +0 -2
- package/dist/core/routes/route-utils.d.ts.map +0 -1
- package/dist/core/routes/route-utils.js +0 -32
- package/dist/core/routes/route-utils.js.map +0 -1
- package/src/oidc/core/routes/route-utils.ts +0 -34
package/dist/vanilla/oidc.js
CHANGED
|
@@ -1,4 +1,19 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __extends = (this && this.__extends) || (function () {
|
|
3
|
+
var extendStatics = function (d, b) {
|
|
4
|
+
extendStatics = Object.setPrototypeOf ||
|
|
5
|
+
({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
|
|
6
|
+
function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };
|
|
7
|
+
return extendStatics(d, b);
|
|
8
|
+
};
|
|
9
|
+
return function (d, b) {
|
|
10
|
+
if (typeof b !== "function" && b !== null)
|
|
11
|
+
throw new TypeError("Class extends value " + String(b) + " is not a constructor or null");
|
|
12
|
+
extendStatics(d, b);
|
|
13
|
+
function __() { this.constructor = d; }
|
|
14
|
+
d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
|
|
15
|
+
};
|
|
16
|
+
})();
|
|
2
17
|
var __assign = (this && this.__assign) || function () {
|
|
3
18
|
__assign = Object.assign || function(t) {
|
|
4
19
|
for (var s, i = 1, n = arguments.length; i < n; i++) {
|
|
@@ -50,13 +65,29 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
50
65
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
51
66
|
};
|
|
52
67
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
53
|
-
exports.Oidc = exports.
|
|
68
|
+
exports.Oidc = exports.OidcAuthorizationServiceConfiguration = void 0;
|
|
54
69
|
var appauth_1 = require("@openid/appauth");
|
|
55
70
|
var noHashQueryStringUtils_1 = require("./noHashQueryStringUtils");
|
|
56
71
|
var initWorker_1 = require("./initWorker");
|
|
57
72
|
var memoryStorageBackend_1 = require("./memoryStorageBackend");
|
|
58
73
|
var initSession_1 = require("./initSession");
|
|
59
74
|
var timer_1 = __importDefault(require("./timer"));
|
|
75
|
+
var checkSessionIFrame_1 = require("./checkSessionIFrame");
|
|
76
|
+
var route_utils_1 = require("./route-utils");
|
|
77
|
+
var OidcAuthorizationServiceConfiguration = /** @class */ (function (_super) {
|
|
78
|
+
__extends(OidcAuthorizationServiceConfiguration, _super);
|
|
79
|
+
function OidcAuthorizationServiceConfiguration(request) {
|
|
80
|
+
var _this = _super.call(this, request) || this;
|
|
81
|
+
_this.authorizationEndpoint = request.authorization_endpoint;
|
|
82
|
+
_this.tokenEndpoint = request.token_endpoint;
|
|
83
|
+
_this.revocationEndpoint = request.revocation_endpoint;
|
|
84
|
+
_this.userInfoEndpoint = request.userinfo_endpoint;
|
|
85
|
+
_this.check_session_iframe = request.check_session_iframe;
|
|
86
|
+
return _this;
|
|
87
|
+
}
|
|
88
|
+
return OidcAuthorizationServiceConfiguration;
|
|
89
|
+
}(appauth_1.AuthorizationServiceConfiguration));
|
|
90
|
+
exports.OidcAuthorizationServiceConfiguration = OidcAuthorizationServiceConfiguration;
|
|
60
91
|
var isInIframe = function () {
|
|
61
92
|
try {
|
|
62
93
|
return window.self !== window.top;
|
|
@@ -102,26 +133,14 @@ var oidcFactory = function (configuration, name) {
|
|
|
102
133
|
return oidcDatabase[name];
|
|
103
134
|
};
|
|
104
135
|
var loginCallbackWithAutoTokensRenewAsync = function (oidc) { return __awaiter(void 0, void 0, void 0, function () {
|
|
105
|
-
var
|
|
136
|
+
var _a, parsedTokens, state, callbackPath;
|
|
106
137
|
return __generator(this, function (_b) {
|
|
107
138
|
switch (_b.label) {
|
|
108
139
|
case 0: return [4 /*yield*/, oidc.loginCallbackAsync()];
|
|
109
140
|
case 1:
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
return [4 /*yield*/, setTokensAsync(oidc.serviceWorker, tokens)];
|
|
114
|
-
case 2:
|
|
115
|
-
_a.tokens = _b.sent();
|
|
116
|
-
if (!!oidc.serviceWorker) return [3 /*break*/, 4];
|
|
117
|
-
return [4 /*yield*/, oidc.session.setTokens(oidc.tokens)];
|
|
118
|
-
case 3:
|
|
119
|
-
_b.sent();
|
|
120
|
-
_b.label = 4;
|
|
121
|
-
case 4:
|
|
122
|
-
oidc.publishEvent(Oidc.eventNames.token_aquired, oidc.tokens);
|
|
123
|
-
oidc.timeoutId = autoRenewTokens(oidc, tokens.refreshToken, oidc.tokens.expiresAt);
|
|
124
|
-
return [2 /*return*/, { state: response.state, callbackPath: response.callbackPath }];
|
|
141
|
+
_a = _b.sent(), parsedTokens = _a.parsedTokens, state = _a.state, callbackPath = _a.callbackPath;
|
|
142
|
+
oidc.timeoutId = autoRenewTokens(oidc, parsedTokens.refreshToken, parsedTokens.expiresAt);
|
|
143
|
+
return [2 /*return*/, { state: state, callbackPath: callbackPath }];
|
|
125
144
|
}
|
|
126
145
|
});
|
|
127
146
|
}); };
|
|
@@ -151,6 +170,10 @@ var autoRenewTokens = function (oidc, refreshToken, expiresAt) {
|
|
|
151
170
|
_b.label = 4;
|
|
152
171
|
case 4:
|
|
153
172
|
if (!oidc.tokens) {
|
|
173
|
+
if (oidc.checkSessionIFrame) {
|
|
174
|
+
oidc.checkSessionIFrame.stop();
|
|
175
|
+
oidc.checkSessionIFrame = null;
|
|
176
|
+
}
|
|
154
177
|
return [2 /*return*/];
|
|
155
178
|
}
|
|
156
179
|
oidc.publishEvent(Oidc.eventNames.token_renewed, oidc.tokens);
|
|
@@ -170,10 +193,12 @@ var autoRenewTokens = function (oidc, refreshToken, expiresAt) {
|
|
|
170
193
|
});
|
|
171
194
|
}); }, 1000);
|
|
172
195
|
};
|
|
173
|
-
var
|
|
174
|
-
return
|
|
196
|
+
var getLoginSessionKey = function (configurationName, redirectUri) {
|
|
197
|
+
return "oidc_login.".concat(configurationName, ":").concat(redirectUri);
|
|
198
|
+
};
|
|
199
|
+
var getLoginParams = function (configurationName, redirectUri) {
|
|
200
|
+
return JSON.parse(sessionStorage[getLoginSessionKey(configurationName, redirectUri)]);
|
|
175
201
|
};
|
|
176
|
-
exports.getLoginParams = getLoginParams;
|
|
177
202
|
var userInfoAsync = function (oidc) { return __awaiter(void 0, void 0, void 0, function () {
|
|
178
203
|
var accessToken, oidcServerConfiguration, url, fetchUserInfo, userInfo;
|
|
179
204
|
return __generator(this, function (_a) {
|
|
@@ -223,7 +248,7 @@ var userInfoAsync = function (oidc) { return __awaiter(void 0, void 0, void 0, f
|
|
|
223
248
|
});
|
|
224
249
|
}); };
|
|
225
250
|
var setTokensAsync = function (serviceWorker, tokens) { return __awaiter(void 0, void 0, void 0, function () {
|
|
226
|
-
var accessTokenPayload, expiresAt;
|
|
251
|
+
var accessTokenPayload, _idTokenPayload, expiresAt;
|
|
227
252
|
return __generator(this, function (_a) {
|
|
228
253
|
switch (_a.label) {
|
|
229
254
|
case 0:
|
|
@@ -244,14 +269,16 @@ var setTokensAsync = function (serviceWorker, tokens) { return __awaiter(void 0,
|
|
|
244
269
|
accessTokenPayload = extractAccessTokenPayload(tokens);
|
|
245
270
|
_a.label = 6;
|
|
246
271
|
case 6:
|
|
247
|
-
|
|
248
|
-
|
|
272
|
+
_idTokenPayload = idTokenPayload(tokens.idToken);
|
|
273
|
+
expiresAt = (_idTokenPayload && _idTokenPayload.exp) ? _idTokenPayload.exp : tokens.issuedAt + tokens.expiresIn;
|
|
274
|
+
return [2 /*return*/, __assign(__assign({}, tokens), { idTokenPayload: _idTokenPayload, accessTokenPayload: accessTokenPayload, expiresAt: expiresAt })];
|
|
249
275
|
}
|
|
250
276
|
});
|
|
251
277
|
}); };
|
|
252
278
|
var eventNames = {
|
|
253
279
|
service_worker_not_supported_by_browser: "service_worker_not_supported_by_browser",
|
|
254
280
|
token_aquired: "token_aquired",
|
|
281
|
+
logout_from_another_tab: "logout_from_another_tab",
|
|
255
282
|
token_renewed: "token_renewed",
|
|
256
283
|
token_timer: "token_timer",
|
|
257
284
|
loginAsync_begin: "loginAsync_begin",
|
|
@@ -279,11 +306,61 @@ var eventNames = {
|
|
|
279
306
|
var getRandomInt = function (max) {
|
|
280
307
|
return Math.floor(Math.random() * max);
|
|
281
308
|
};
|
|
309
|
+
var WELL_KNOWN_PATH = '.well-known';
|
|
310
|
+
var OPENID_CONFIGURATION = 'openid-configuration';
|
|
311
|
+
var oneHourSecond = 60 * 60;
|
|
312
|
+
var fetchFromIssuer = function (openIdIssuerUrl, timeCacheSecond) {
|
|
313
|
+
if (timeCacheSecond === void 0) { timeCacheSecond = oneHourSecond; }
|
|
314
|
+
return __awaiter(void 0, void 0, void 0, function () {
|
|
315
|
+
var fullUrl, localStorageKey, cacheJson, oneHourMinisecond, res, result;
|
|
316
|
+
return __generator(this, function (_a) {
|
|
317
|
+
switch (_a.label) {
|
|
318
|
+
case 0:
|
|
319
|
+
fullUrl = "".concat(openIdIssuerUrl, "/").concat(WELL_KNOWN_PATH, "/").concat(OPENID_CONFIGURATION);
|
|
320
|
+
localStorageKey = "oidc.server:".concat(openIdIssuerUrl);
|
|
321
|
+
cacheJson = window.localStorage.getItem(localStorageKey);
|
|
322
|
+
oneHourMinisecond = 1000 * timeCacheSecond;
|
|
323
|
+
// @ts-ignore
|
|
324
|
+
if (cacheJson && (cacheJson.timestamp + oneHourMinisecond) > Date.now()) {
|
|
325
|
+
return [2 /*return*/, new OidcAuthorizationServiceConfiguration(JSON.parse(cacheJson))];
|
|
326
|
+
}
|
|
327
|
+
return [4 /*yield*/, fetch(fullUrl)];
|
|
328
|
+
case 1:
|
|
329
|
+
res = _a.sent();
|
|
330
|
+
if (res.status != 200) {
|
|
331
|
+
return [2 /*return*/, null];
|
|
332
|
+
}
|
|
333
|
+
return [4 /*yield*/, res.json()];
|
|
334
|
+
case 2:
|
|
335
|
+
result = _a.sent();
|
|
336
|
+
window.localStorage.setItem(localStorageKey, JSON.stringify({ result: result, timestamp: Date.now() }));
|
|
337
|
+
return [2 /*return*/, new OidcAuthorizationServiceConfiguration(result)];
|
|
338
|
+
}
|
|
339
|
+
});
|
|
340
|
+
});
|
|
341
|
+
};
|
|
342
|
+
var buildQueries = function (extras) {
|
|
343
|
+
var queries = '';
|
|
344
|
+
if (extras != null) {
|
|
345
|
+
for (var _i = 0, _a = Object.entries(extras); _i < _a.length; _i++) {
|
|
346
|
+
var _b = _a[_i], key = _b[0], value = _b[1];
|
|
347
|
+
if (queries === "") {
|
|
348
|
+
queries = "?".concat(encodeURIComponent(key), "=").concat(encodeURIComponent(value));
|
|
349
|
+
}
|
|
350
|
+
else {
|
|
351
|
+
queries += "&".concat(encodeURIComponent(key), "=").concat(encodeURIComponent(value));
|
|
352
|
+
}
|
|
353
|
+
}
|
|
354
|
+
}
|
|
355
|
+
return queries;
|
|
356
|
+
};
|
|
282
357
|
var Oidc = /** @class */ (function () {
|
|
283
358
|
function Oidc(configuration, configurationName) {
|
|
284
359
|
if (configurationName === void 0) { configurationName = "default"; }
|
|
285
360
|
this.initAsyncPromise = null;
|
|
286
361
|
this.tryKeepExistingSessionPromise = null;
|
|
362
|
+
this.loginPromise = null;
|
|
363
|
+
this.loginCallbackPromise = null;
|
|
287
364
|
this.syncTokensAsyncPromise = null;
|
|
288
365
|
this.loginCallbackWithAutoTokensRenewPromise = null;
|
|
289
366
|
this.configuration = configuration;
|
|
@@ -298,6 +375,7 @@ var Oidc = /** @class */ (function () {
|
|
|
298
375
|
this.loginCallbackWithAutoTokensRenewAsync.bind(this);
|
|
299
376
|
this.initAsync.bind(this);
|
|
300
377
|
this.loginCallbackAsync.bind(this);
|
|
378
|
+
this._loginCallbackAsync.bind(this);
|
|
301
379
|
this.subscriveEvents.bind(this);
|
|
302
380
|
this.removeEventSubscription.bind(this);
|
|
303
381
|
this.publishEvent.bind(this);
|
|
@@ -331,31 +409,67 @@ var Oidc = /** @class */ (function () {
|
|
|
331
409
|
};
|
|
332
410
|
Oidc.prototype.silentSigninCallbackFromIFrame = function () {
|
|
333
411
|
if (this.configuration.silent_redirect_uri) {
|
|
334
|
-
|
|
412
|
+
var queryParams = (0, route_utils_1.getParseQueryStringFromLocation)(window.location.href);
|
|
413
|
+
window.top.postMessage("".concat(this.configurationName, "_oidc_tokens:").concat(JSON.stringify({ tokens: this.tokens, sessionState: queryParams.session_state })), window.location.origin);
|
|
335
414
|
}
|
|
336
415
|
};
|
|
337
|
-
Oidc.prototype.
|
|
416
|
+
Oidc.prototype.silentSigninErrorCallbackFromIFrame = function () {
|
|
417
|
+
if (this.configuration.silent_redirect_uri) {
|
|
418
|
+
var queryParams = (0, route_utils_1.getParseQueryStringFromLocation)(window.location.href);
|
|
419
|
+
window.top.postMessage("".concat(this.configurationName, "_oidc_error:").concat(JSON.stringify({ error: queryParams.error })), window.location.origin);
|
|
420
|
+
}
|
|
421
|
+
};
|
|
422
|
+
Oidc.prototype.silentSigninAsync = function (extras, state, scope) {
|
|
423
|
+
if (extras === void 0) { extras = null; }
|
|
424
|
+
if (state === void 0) { state = null; }
|
|
425
|
+
if (scope === void 0) { scope = null; }
|
|
338
426
|
return __awaiter(this, void 0, void 0, function () {
|
|
339
|
-
var configuration_1, link, iframe_1, self_1;
|
|
340
|
-
return __generator(this, function (
|
|
341
|
-
switch (
|
|
427
|
+
var configuration_1, queries, _i, _a, _b, key, value, link, idx, iFrameOrigin_1, iframe_1, self_1;
|
|
428
|
+
return __generator(this, function (_c) {
|
|
429
|
+
switch (_c.label) {
|
|
342
430
|
case 0:
|
|
343
|
-
if (!this.configuration.silent_redirect_uri) {
|
|
431
|
+
if (!this.configuration.silent_redirect_uri || !this.configuration.silent_signin_uri) {
|
|
344
432
|
return [2 /*return*/, Promise.resolve(null)];
|
|
345
433
|
}
|
|
346
|
-
|
|
434
|
+
_c.label = 1;
|
|
347
435
|
case 1:
|
|
348
436
|
if (!document.hidden) return [3 /*break*/, 3];
|
|
349
437
|
return [4 /*yield*/, (0, initWorker_1.sleepAsync)(1000)];
|
|
350
438
|
case 2:
|
|
351
|
-
|
|
439
|
+
_c.sent();
|
|
352
440
|
this.publishEvent(eventNames.silentSigninAsync, { message: "wait because document is hidden" });
|
|
353
441
|
return [3 /*break*/, 1];
|
|
354
442
|
case 3:
|
|
355
443
|
try {
|
|
356
444
|
this.publishEvent(eventNames.silentSigninAsync_begin, {});
|
|
357
445
|
configuration_1 = this.configuration;
|
|
358
|
-
|
|
446
|
+
queries = "";
|
|
447
|
+
if (state) {
|
|
448
|
+
if (extras == null) {
|
|
449
|
+
extras = {};
|
|
450
|
+
}
|
|
451
|
+
extras.state = state;
|
|
452
|
+
}
|
|
453
|
+
if (scope) {
|
|
454
|
+
if (extras == null) {
|
|
455
|
+
extras = {};
|
|
456
|
+
}
|
|
457
|
+
extras.scope = scope;
|
|
458
|
+
}
|
|
459
|
+
if (extras != null) {
|
|
460
|
+
for (_i = 0, _a = Object.entries(extras); _i < _a.length; _i++) {
|
|
461
|
+
_b = _a[_i], key = _b[0], value = _b[1];
|
|
462
|
+
if (queries === "") {
|
|
463
|
+
queries = "?".concat(encodeURIComponent(key), "=").concat(encodeURIComponent(value));
|
|
464
|
+
}
|
|
465
|
+
else {
|
|
466
|
+
queries += "&".concat(encodeURIComponent(key), "=").concat(encodeURIComponent(value));
|
|
467
|
+
}
|
|
468
|
+
}
|
|
469
|
+
}
|
|
470
|
+
link = configuration_1.silent_signin_uri + queries;
|
|
471
|
+
idx = link.indexOf("/", link.indexOf("//") + 2);
|
|
472
|
+
iFrameOrigin_1 = link.substr(0, idx);
|
|
359
473
|
iframe_1 = document.createElement('iframe');
|
|
360
474
|
iframe_1.width = "0px";
|
|
361
475
|
iframe_1.height = "0px";
|
|
@@ -364,21 +478,36 @@ var Oidc = /** @class */ (function () {
|
|
|
364
478
|
document.body.appendChild(iframe_1);
|
|
365
479
|
self_1 = this;
|
|
366
480
|
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
481
|
+
var _a;
|
|
367
482
|
try {
|
|
368
483
|
var isResolved_1 = false;
|
|
369
484
|
window.onmessage = function (e) {
|
|
370
|
-
|
|
371
|
-
|
|
372
|
-
|
|
373
|
-
|
|
374
|
-
|
|
375
|
-
|
|
376
|
-
isResolved_1
|
|
377
|
-
|
|
485
|
+
if (e.origin === iFrameOrigin_1 &&
|
|
486
|
+
e.source === iframe_1.contentWindow) {
|
|
487
|
+
var key = "".concat(self_1.configurationName, "_oidc_tokens:");
|
|
488
|
+
var key_error = "".concat(self_1.configurationName, "_oidc_error:");
|
|
489
|
+
var data = e.data;
|
|
490
|
+
if (data && typeof (data) === "string") {
|
|
491
|
+
if (!isResolved_1) {
|
|
492
|
+
if (data.startsWith(key)) {
|
|
493
|
+
var result = JSON.parse(e.data.replace(key, ''));
|
|
494
|
+
self_1.publishEvent(eventNames.silentSigninAsync_end, result);
|
|
495
|
+
iframe_1.remove();
|
|
496
|
+
isResolved_1 = true;
|
|
497
|
+
resolve(result);
|
|
498
|
+
}
|
|
499
|
+
else if (data.startsWith(key_error)) {
|
|
500
|
+
var result = JSON.parse(e.data.replace(key_error, ''));
|
|
501
|
+
self_1.publishEvent(eventNames.silentSigninAsync_error, result);
|
|
502
|
+
iframe_1.remove();
|
|
503
|
+
isResolved_1 = true;
|
|
504
|
+
reject(result);
|
|
505
|
+
}
|
|
506
|
+
}
|
|
378
507
|
}
|
|
379
508
|
}
|
|
380
509
|
};
|
|
381
|
-
var silentSigninTimeout = configuration_1.silent_signin_timeout ?
|
|
510
|
+
var silentSigninTimeout = (_a = configuration_1.silent_signin_timeout) !== null && _a !== void 0 ? _a : 12000;
|
|
382
511
|
setTimeout(function () {
|
|
383
512
|
if (!isResolved_1) {
|
|
384
513
|
self_1.publishEvent(eventNames.silentSigninAsync_error, "timeout");
|
|
@@ -405,27 +534,29 @@ var Oidc = /** @class */ (function () {
|
|
|
405
534
|
});
|
|
406
535
|
};
|
|
407
536
|
Oidc.prototype.initAsync = function (authority, authorityConfiguration) {
|
|
537
|
+
var _a;
|
|
408
538
|
return __awaiter(this, void 0, void 0, function () {
|
|
409
|
-
var
|
|
410
|
-
return __generator(this, function (
|
|
411
|
-
switch (
|
|
539
|
+
var _b;
|
|
540
|
+
return __generator(this, function (_c) {
|
|
541
|
+
switch (_c.label) {
|
|
412
542
|
case 0:
|
|
413
543
|
if (authorityConfiguration != null) {
|
|
414
|
-
return [2 /*return*/, new
|
|
544
|
+
return [2 /*return*/, new OidcAuthorizationServiceConfiguration({
|
|
415
545
|
authorization_endpoint: authorityConfiguration.authorization_endpoint,
|
|
416
546
|
end_session_endpoint: authorityConfiguration.end_session_endpoint,
|
|
417
547
|
revocation_endpoint: authorityConfiguration.revocation_endpoint,
|
|
418
548
|
token_endpoint: authorityConfiguration.token_endpoint,
|
|
419
|
-
userinfo_endpoint: authorityConfiguration.userinfo_endpoint
|
|
549
|
+
userinfo_endpoint: authorityConfiguration.userinfo_endpoint,
|
|
550
|
+
check_session_iframe: authorityConfiguration.check_session_iframe,
|
|
420
551
|
})];
|
|
421
552
|
}
|
|
422
553
|
if (this.initAsyncPromise) {
|
|
423
554
|
return [2 /*return*/, this.initAsyncPromise];
|
|
424
555
|
}
|
|
425
|
-
|
|
426
|
-
return [4 /*yield*/,
|
|
556
|
+
_b = this;
|
|
557
|
+
return [4 /*yield*/, fetchFromIssuer(authority, (_a = this.configuration.authority_time_cache_wellknowurl_in_second) !== null && _a !== void 0 ? _a : 60 * 60)];
|
|
427
558
|
case 1:
|
|
428
|
-
|
|
559
|
+
_b.initAsyncPromise = _c.sent();
|
|
429
560
|
return [2 /*return*/, this.initAsyncPromise];
|
|
430
561
|
}
|
|
431
562
|
});
|
|
@@ -440,7 +571,7 @@ var Oidc = /** @class */ (function () {
|
|
|
440
571
|
return [2 /*return*/, this.tryKeepExistingSessionPromise];
|
|
441
572
|
}
|
|
442
573
|
funcAsync = function () { return __awaiter(_this, void 0, void 0, function () {
|
|
443
|
-
var serviceWorker, configuration, oidcServerConfiguration, tokens,
|
|
574
|
+
var serviceWorker, configuration, oidcServerConfiguration, tokens, sessionState, reformattedToken, _a, session, tokens, sessionState, _b, exception_1;
|
|
444
575
|
var _c;
|
|
445
576
|
return __generator(this, function (_d) {
|
|
446
577
|
switch (_d.label) {
|
|
@@ -451,7 +582,7 @@ var Oidc = /** @class */ (function () {
|
|
|
451
582
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_begin, {});
|
|
452
583
|
_d.label = 1;
|
|
453
584
|
case 1:
|
|
454
|
-
_d.trys.push([1,
|
|
585
|
+
_d.trys.push([1, 14, , 17]);
|
|
455
586
|
configuration = this.configuration;
|
|
456
587
|
return [4 /*yield*/, this.initAsync(configuration.authority, configuration.authority_configuration)];
|
|
457
588
|
case 2:
|
|
@@ -459,81 +590,95 @@ var Oidc = /** @class */ (function () {
|
|
|
459
590
|
return [4 /*yield*/, (0, initWorker_1.initWorkerAsync)(configuration.service_worker_relative_url, this.configurationName)];
|
|
460
591
|
case 3:
|
|
461
592
|
serviceWorker = _d.sent();
|
|
462
|
-
if (!serviceWorker) return [3 /*break*/,
|
|
593
|
+
if (!serviceWorker) return [3 /*break*/, 9];
|
|
463
594
|
return [4 /*yield*/, serviceWorker.initAsync(oidcServerConfiguration, "tryKeepExistingSessionAsync")];
|
|
464
595
|
case 4:
|
|
465
596
|
tokens = (_d.sent()).tokens;
|
|
466
|
-
if (!tokens) return [3 /*break*/,
|
|
597
|
+
if (!tokens) return [3 /*break*/, 8];
|
|
467
598
|
serviceWorker.startKeepAliveServiceWorker();
|
|
468
|
-
return [4 /*yield*/,
|
|
599
|
+
return [4 /*yield*/, serviceWorker.getSessionStateAsync()];
|
|
469
600
|
case 5:
|
|
470
|
-
|
|
471
|
-
|
|
472
|
-
_a = this;
|
|
473
|
-
return [4 /*yield*/, setTokensAsync(serviceWorker, updatedTokens)];
|
|
601
|
+
sessionState = _d.sent();
|
|
602
|
+
return [4 /*yield*/, this.startCheckSessionAsync(oidcServerConfiguration.check_session_iframe, configuration.client_id, sessionState)];
|
|
474
603
|
case 6:
|
|
475
|
-
|
|
604
|
+
_d.sent();
|
|
605
|
+
reformattedToken = {
|
|
606
|
+
accessToken: tokens.access_token,
|
|
607
|
+
expiresIn: tokens.expires_in,
|
|
608
|
+
idToken: tokens.id_token,
|
|
609
|
+
scope: tokens.scope,
|
|
610
|
+
tokenType: tokens.token_type
|
|
611
|
+
};
|
|
612
|
+
_a = this;
|
|
613
|
+
return [4 /*yield*/, setTokensAsync(serviceWorker, reformattedToken)];
|
|
614
|
+
case 7:
|
|
476
615
|
_a.tokens = _d.sent();
|
|
477
616
|
this.serviceWorker = serviceWorker;
|
|
478
617
|
// @ts-ignore
|
|
479
|
-
this.timeoutId = autoRenewTokens(this,
|
|
618
|
+
this.timeoutId = autoRenewTokens(this, tokens.refreshToken, this.tokens.expiresAt);
|
|
480
619
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
|
|
481
620
|
success: true,
|
|
482
621
|
message: "tokens inside ServiceWorker are valid"
|
|
483
622
|
});
|
|
484
623
|
return [2 /*return*/, true];
|
|
485
|
-
case
|
|
624
|
+
case 8:
|
|
486
625
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
|
|
487
626
|
success: false,
|
|
488
627
|
message: "no exiting session found"
|
|
489
628
|
});
|
|
490
|
-
return [3 /*break*/,
|
|
491
|
-
case
|
|
629
|
+
return [3 /*break*/, 13];
|
|
630
|
+
case 9:
|
|
492
631
|
if (configuration.service_worker_relative_url) {
|
|
493
632
|
this.publishEvent(eventNames.service_worker_not_supported_by_browser, {
|
|
494
633
|
message: "service worker is not supported by this browser"
|
|
495
634
|
});
|
|
496
635
|
}
|
|
497
|
-
session = (0, initSession_1.initSession)(this.configurationName, (_c = configuration.storage) !== null && _c !== void 0 ? _c : sessionStorage);
|
|
636
|
+
session = (0, initSession_1.initSession)(this.configurationName, configuration.redirect_uri, (_c = configuration.storage) !== null && _c !== void 0 ? _c : sessionStorage);
|
|
498
637
|
return [4 /*yield*/, session.initAsync()];
|
|
499
|
-
case 9:
|
|
500
|
-
tokens = (_d.sent()).tokens;
|
|
501
|
-
if (!tokens) return [3 /*break*/, 12];
|
|
502
|
-
return [4 /*yield*/, this.refreshTokensAsync(tokens.refreshToken, true)];
|
|
503
638
|
case 10:
|
|
504
|
-
|
|
639
|
+
tokens = (_d.sent()).tokens;
|
|
640
|
+
console.log("const {tokens} = await session.initAsync();");
|
|
641
|
+
console.log(tokens);
|
|
642
|
+
if (!tokens) return [3 /*break*/, 13];
|
|
643
|
+
sessionState = session.getSessionState();
|
|
644
|
+
return [4 /*yield*/, this.startCheckSessionAsync(oidcServerConfiguration.check_session_iframe, configuration.client_id, sessionState)];
|
|
645
|
+
case 11:
|
|
646
|
+
_d.sent();
|
|
647
|
+
//const updatedTokens = await this.refreshTokensAsync(tokens.refreshToken, true);
|
|
505
648
|
// @ts-ignore
|
|
506
649
|
_b = this;
|
|
507
|
-
return [4 /*yield*/, setTokensAsync(serviceWorker,
|
|
508
|
-
case
|
|
650
|
+
return [4 /*yield*/, setTokensAsync(serviceWorker, tokens)];
|
|
651
|
+
case 12:
|
|
652
|
+
//const updatedTokens = await this.refreshTokensAsync(tokens.refreshToken, true);
|
|
509
653
|
// @ts-ignore
|
|
510
654
|
_b.tokens = _d.sent();
|
|
511
|
-
session.setTokens(this.tokens);
|
|
655
|
+
//session.setTokens(this.tokens);
|
|
512
656
|
this.session = session;
|
|
513
657
|
// @ts-ignore
|
|
514
|
-
this.timeoutId = autoRenewTokens(this,
|
|
658
|
+
this.timeoutId = autoRenewTokens(this, tokens.refreshToken, this.tokens.expiresAt);
|
|
515
659
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
|
|
516
660
|
success: true,
|
|
517
661
|
message: "tokens inside storage are valid"
|
|
518
662
|
});
|
|
519
663
|
return [2 /*return*/, true];
|
|
520
|
-
case
|
|
664
|
+
case 13:
|
|
521
665
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
|
|
522
666
|
success: false,
|
|
523
667
|
message: serviceWorker ? "service worker sessions not retrieved" : "session storage sessions not retrieved"
|
|
524
668
|
});
|
|
525
669
|
return [2 /*return*/, false];
|
|
526
|
-
case
|
|
670
|
+
case 14:
|
|
527
671
|
exception_1 = _d.sent();
|
|
528
|
-
|
|
672
|
+
console.error(exception_1);
|
|
673
|
+
if (!serviceWorker) return [3 /*break*/, 16];
|
|
529
674
|
return [4 /*yield*/, serviceWorker.clearAsync()];
|
|
530
|
-
case 14:
|
|
531
|
-
_d.sent();
|
|
532
|
-
_d.label = 15;
|
|
533
675
|
case 15:
|
|
676
|
+
_d.sent();
|
|
677
|
+
_d.label = 16;
|
|
678
|
+
case 16:
|
|
534
679
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_error, "tokens inside ServiceWorker are invalid");
|
|
535
680
|
return [2 /*return*/, false];
|
|
536
|
-
case
|
|
681
|
+
case 17: return [2 /*return*/];
|
|
537
682
|
}
|
|
538
683
|
});
|
|
539
684
|
}); };
|
|
@@ -545,165 +690,210 @@ var Oidc = /** @class */ (function () {
|
|
|
545
690
|
});
|
|
546
691
|
});
|
|
547
692
|
};
|
|
548
|
-
Oidc.prototype.loginAsync = function (callbackPath, extras, installServiceWorker, state) {
|
|
693
|
+
Oidc.prototype.loginAsync = function (callbackPath, extras, installServiceWorker, state, isSilentSignin, scope) {
|
|
549
694
|
if (callbackPath === void 0) { callbackPath = undefined; }
|
|
550
695
|
if (extras === void 0) { extras = null; }
|
|
551
696
|
if (installServiceWorker === void 0) { installServiceWorker = true; }
|
|
552
697
|
if (state === void 0) { state = undefined; }
|
|
698
|
+
if (isSilentSignin === void 0) { isSilentSignin = false; }
|
|
699
|
+
if (scope === void 0) { scope = undefined; }
|
|
553
700
|
return __awaiter(this, void 0, void 0, function () {
|
|
554
|
-
var
|
|
701
|
+
var loginLocalAsync;
|
|
702
|
+
var _this = this;
|
|
555
703
|
return __generator(this, function (_a) {
|
|
556
|
-
|
|
557
|
-
|
|
558
|
-
_a.trys.push([0, 9, , 10]);
|
|
559
|
-
location_1 = window.location;
|
|
560
|
-
url = callbackPath || location_1.pathname + (location_1.search || '') + (location_1.hash || '');
|
|
561
|
-
this.publishEvent(eventNames.loginAsync_begin, {});
|
|
562
|
-
configuration = this.configuration;
|
|
563
|
-
// Security we cannot loggin from Iframe
|
|
564
|
-
if (!configuration.silent_redirect_uri && isInIframe()) {
|
|
565
|
-
throw new Error("Login from iframe is forbidden");
|
|
566
|
-
}
|
|
567
|
-
sessionStorage["oidc_login.".concat(this.configurationName)] = JSON.stringify({ callbackPath: url, extras: extras, state: state });
|
|
568
|
-
return [4 /*yield*/, (0, initWorker_1.initWorkerAsync)(configuration.service_worker_relative_url, this.configurationName)];
|
|
569
|
-
case 1:
|
|
570
|
-
serviceWorker = _a.sent();
|
|
571
|
-
return [4 /*yield*/, this.initAsync(configuration.authority, configuration.authority_configuration)];
|
|
572
|
-
case 2:
|
|
573
|
-
oidcServerConfiguration = _a.sent();
|
|
574
|
-
if (!(serviceWorker && installServiceWorker)) return [3 /*break*/, 4];
|
|
575
|
-
return [4 /*yield*/, serviceWorker.isServiceWorkerProxyActiveAsync()];
|
|
576
|
-
case 3:
|
|
577
|
-
isServiceWorkerProxyActive = _a.sent();
|
|
578
|
-
if (!isServiceWorkerProxyActive) {
|
|
579
|
-
window.location.href = "".concat(configuration.redirect_uri, "/service-worker-install");
|
|
580
|
-
return [2 /*return*/];
|
|
581
|
-
}
|
|
582
|
-
_a.label = 4;
|
|
583
|
-
case 4:
|
|
584
|
-
storage = void 0;
|
|
585
|
-
if (!serviceWorker) return [3 /*break*/, 7];
|
|
586
|
-
serviceWorker.startKeepAliveServiceWorker();
|
|
587
|
-
return [4 /*yield*/, serviceWorker.initAsync(oidcServerConfiguration, "loginAsync")];
|
|
588
|
-
case 5:
|
|
589
|
-
_a.sent();
|
|
590
|
-
storage = new memoryStorageBackend_1.MemoryStorageBackend(serviceWorker.saveItemsAsync, {});
|
|
591
|
-
return [4 /*yield*/, storage.setItem("dummy", {})];
|
|
592
|
-
case 6:
|
|
593
|
-
_a.sent();
|
|
594
|
-
return [3 /*break*/, 8];
|
|
595
|
-
case 7:
|
|
596
|
-
session = (0, initSession_1.initSession)(this.configurationName);
|
|
597
|
-
storage = new memoryStorageBackend_1.MemoryStorageBackend(session.saveItemsAsync, {});
|
|
598
|
-
_a.label = 8;
|
|
599
|
-
case 8:
|
|
600
|
-
queryStringUtil = configuration.redirect_uri.includes("#") ? new noHashQueryStringUtils_1.HashQueryStringUtils() : new noHashQueryStringUtils_1.NoHashQueryStringUtils();
|
|
601
|
-
authorizationHandler = new appauth_1.RedirectRequestHandler(storage, queryStringUtil, window.location, new appauth_1.DefaultCrypto());
|
|
602
|
-
authRequest = new appauth_1.AuthorizationRequest({
|
|
603
|
-
client_id: configuration.client_id,
|
|
604
|
-
redirect_uri: configuration.redirect_uri,
|
|
605
|
-
scope: configuration.scope,
|
|
606
|
-
response_type: appauth_1.AuthorizationRequest.RESPONSE_TYPE_CODE,
|
|
607
|
-
state: state,
|
|
608
|
-
extras: extras !== null && extras !== void 0 ? extras : configuration.extras
|
|
609
|
-
});
|
|
610
|
-
authorizationHandler.performAuthorizationRequest(oidcServerConfiguration, authRequest);
|
|
611
|
-
return [3 /*break*/, 10];
|
|
612
|
-
case 9:
|
|
613
|
-
exception_2 = _a.sent();
|
|
614
|
-
this.publishEvent(eventNames.loginAsync_error, exception_2);
|
|
615
|
-
throw exception_2;
|
|
616
|
-
case 10: return [2 /*return*/];
|
|
704
|
+
if (this.loginPromise !== null) {
|
|
705
|
+
return [2 /*return*/, this.loginPromise];
|
|
617
706
|
}
|
|
707
|
+
loginLocalAsync = function () { return __awaiter(_this, void 0, void 0, function () {
|
|
708
|
+
var location_1, url, configuration, redirectUri, sessionKey, serviceWorker, oidcServerConfiguration, storage, session, extraFinal, queryStringUtil, authorizationHandler, authRequest, exception_2;
|
|
709
|
+
var _a;
|
|
710
|
+
return __generator(this, function (_b) {
|
|
711
|
+
switch (_b.label) {
|
|
712
|
+
case 0:
|
|
713
|
+
_b.trys.push([0, 7, , 8]);
|
|
714
|
+
location_1 = window.location;
|
|
715
|
+
url = callbackPath || location_1.pathname + (location_1.search || '') + (location_1.hash || '');
|
|
716
|
+
this.publishEvent(eventNames.loginAsync_begin, {});
|
|
717
|
+
configuration = this.configuration;
|
|
718
|
+
redirectUri = isSilentSignin ? configuration.silent_redirect_uri : configuration.redirect_uri;
|
|
719
|
+
if (!scope) {
|
|
720
|
+
scope = configuration.scope;
|
|
721
|
+
}
|
|
722
|
+
sessionKey = getLoginSessionKey(this.configurationName, redirectUri);
|
|
723
|
+
sessionStorage[sessionKey] = JSON.stringify({ callbackPath: url, extras: extras, state: state });
|
|
724
|
+
return [4 /*yield*/, (0, initWorker_1.initWorkerAsync)(configuration.service_worker_relative_url, this.configurationName)];
|
|
725
|
+
case 1:
|
|
726
|
+
serviceWorker = _b.sent();
|
|
727
|
+
return [4 /*yield*/, this.initAsync(configuration.authority, configuration.authority_configuration)];
|
|
728
|
+
case 2:
|
|
729
|
+
oidcServerConfiguration = _b.sent();
|
|
730
|
+
storage = void 0;
|
|
731
|
+
if (!serviceWorker) return [3 /*break*/, 5];
|
|
732
|
+
serviceWorker.startKeepAliveServiceWorker();
|
|
733
|
+
return [4 /*yield*/, serviceWorker.initAsync(oidcServerConfiguration, "loginAsync")];
|
|
734
|
+
case 3:
|
|
735
|
+
_b.sent();
|
|
736
|
+
storage = new memoryStorageBackend_1.MemoryStorageBackend(serviceWorker.saveItemsAsync, {});
|
|
737
|
+
return [4 /*yield*/, storage.setItem("dummy", {})];
|
|
738
|
+
case 4:
|
|
739
|
+
_b.sent();
|
|
740
|
+
return [3 /*break*/, 6];
|
|
741
|
+
case 5:
|
|
742
|
+
session = (0, initSession_1.initSession)(this.configurationName, redirectUri);
|
|
743
|
+
storage = new memoryStorageBackend_1.MemoryStorageBackend(session.saveItemsAsync, {});
|
|
744
|
+
_b.label = 6;
|
|
745
|
+
case 6:
|
|
746
|
+
extraFinal = (_a = extras !== null && extras !== void 0 ? extras : configuration.extras) !== null && _a !== void 0 ? _a : {};
|
|
747
|
+
queryStringUtil = redirectUri.includes("#") ? new noHashQueryStringUtils_1.HashQueryStringUtils() : new noHashQueryStringUtils_1.NoHashQueryStringUtils();
|
|
748
|
+
authorizationHandler = new appauth_1.RedirectRequestHandler(storage, queryStringUtil, window.location, new appauth_1.DefaultCrypto());
|
|
749
|
+
authRequest = new appauth_1.AuthorizationRequest({
|
|
750
|
+
client_id: configuration.client_id,
|
|
751
|
+
redirect_uri: redirectUri,
|
|
752
|
+
scope: scope,
|
|
753
|
+
response_type: appauth_1.AuthorizationRequest.RESPONSE_TYPE_CODE,
|
|
754
|
+
state: state,
|
|
755
|
+
extras: extraFinal
|
|
756
|
+
});
|
|
757
|
+
authorizationHandler.performAuthorizationRequest(oidcServerConfiguration, authRequest);
|
|
758
|
+
return [3 /*break*/, 8];
|
|
759
|
+
case 7:
|
|
760
|
+
exception_2 = _b.sent();
|
|
761
|
+
this.publishEvent(eventNames.loginAsync_error, exception_2);
|
|
762
|
+
throw exception_2;
|
|
763
|
+
case 8: return [2 /*return*/];
|
|
764
|
+
}
|
|
765
|
+
});
|
|
766
|
+
}); };
|
|
767
|
+
this.loginPromise = loginLocalAsync();
|
|
768
|
+
return [2 /*return*/, this.loginPromise.then(function (result) {
|
|
769
|
+
_this.loginPromise = null;
|
|
770
|
+
return result;
|
|
771
|
+
})];
|
|
618
772
|
});
|
|
619
773
|
});
|
|
620
774
|
};
|
|
621
|
-
Oidc.prototype.
|
|
775
|
+
Oidc.prototype.startCheckSessionAsync = function (checkSessionIFrameUri, clientId, sessionState, isSilentSignin) {
|
|
776
|
+
if (isSilentSignin === void 0) { isSilentSignin = false; }
|
|
622
777
|
return __awaiter(this, void 0, void 0, function () {
|
|
623
|
-
var
|
|
624
|
-
return __generator(this, function (
|
|
625
|
-
|
|
626
|
-
|
|
627
|
-
|
|
628
|
-
|
|
629
|
-
|
|
630
|
-
|
|
631
|
-
|
|
632
|
-
|
|
633
|
-
|
|
634
|
-
|
|
635
|
-
|
|
636
|
-
|
|
637
|
-
|
|
638
|
-
|
|
639
|
-
|
|
640
|
-
|
|
641
|
-
|
|
642
|
-
|
|
643
|
-
|
|
644
|
-
|
|
645
|
-
|
|
646
|
-
|
|
647
|
-
|
|
648
|
-
|
|
649
|
-
|
|
650
|
-
|
|
651
|
-
|
|
652
|
-
|
|
653
|
-
|
|
654
|
-
|
|
655
|
-
|
|
656
|
-
|
|
657
|
-
|
|
658
|
-
|
|
659
|
-
|
|
660
|
-
|
|
661
|
-
|
|
662
|
-
|
|
778
|
+
var _this = this;
|
|
779
|
+
return __generator(this, function (_a) {
|
|
780
|
+
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
781
|
+
if (_this.configuration.silent_signin_uri && _this.configuration.silent_redirect_uri && _this.configuration.monitor_session && checkSessionIFrameUri && sessionState && !isSilentSignin) {
|
|
782
|
+
var checkSessionCallback = function () {
|
|
783
|
+
_this.checkSessionIFrame.stop();
|
|
784
|
+
if (_this.tokens === null) {
|
|
785
|
+
return;
|
|
786
|
+
}
|
|
787
|
+
// @ts-ignore
|
|
788
|
+
var idToken = _this.tokens.idToken;
|
|
789
|
+
// @ts-ignore
|
|
790
|
+
var idTokenPayload = _this.tokens.idTokenPayload;
|
|
791
|
+
_this.silentSigninAsync({
|
|
792
|
+
prompt: "none",
|
|
793
|
+
id_token_hint: idToken,
|
|
794
|
+
scope: "openid"
|
|
795
|
+
}).then(function (silentSigninResponse) {
|
|
796
|
+
var iFrameIdTokenPayload = silentSigninResponse.tokens.idTokenPayload;
|
|
797
|
+
if (idTokenPayload.sub === iFrameIdTokenPayload.sub) {
|
|
798
|
+
var sessionState_1 = silentSigninResponse.sessionState;
|
|
799
|
+
_this.checkSessionIFrame.start(silentSigninResponse.sessionState);
|
|
800
|
+
if (idTokenPayload.sid === iFrameIdTokenPayload.sid) {
|
|
801
|
+
console.debug("SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:", sessionState_1);
|
|
802
|
+
}
|
|
803
|
+
else {
|
|
804
|
+
console.debug("SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:", sessionState_1);
|
|
805
|
+
}
|
|
806
|
+
}
|
|
807
|
+
else {
|
|
808
|
+
console.debug("SessionMonitor._callback: Different subject signed into OP:", iFrameIdTokenPayload.sub);
|
|
809
|
+
}
|
|
810
|
+
}).catch(function (e) {
|
|
811
|
+
_this.publishEvent(eventNames.logout_from_another_tab, {});
|
|
812
|
+
_this.destroyAsync();
|
|
813
|
+
});
|
|
814
|
+
};
|
|
815
|
+
_this.checkSessionIFrame = new checkSessionIFrame_1.CheckSessionIFrame(checkSessionCallback, clientId, checkSessionIFrameUri);
|
|
816
|
+
_this.checkSessionIFrame.load().then(function () {
|
|
817
|
+
_this.checkSessionIFrame.start(sessionState);
|
|
818
|
+
resolve();
|
|
819
|
+
}).catch(function (e) {
|
|
820
|
+
reject(e);
|
|
821
|
+
});
|
|
663
822
|
}
|
|
664
|
-
|
|
665
|
-
|
|
666
|
-
case 9:
|
|
667
|
-
exceptionSilent_1 = _b.sent();
|
|
668
|
-
console.error(exceptionSilent_1);
|
|
669
|
-
this.publishEvent(eventNames.syncTokensAsync_error, exceptionSilent_1);
|
|
670
|
-
if (this.timeoutId) {
|
|
671
|
-
timer_1.default.clearTimeout(this.timeoutId);
|
|
672
|
-
this.timeoutId = null;
|
|
823
|
+
else {
|
|
824
|
+
resolve();
|
|
673
825
|
}
|
|
674
|
-
|
|
675
|
-
|
|
676
|
-
|
|
677
|
-
|
|
678
|
-
|
|
679
|
-
|
|
826
|
+
})];
|
|
827
|
+
});
|
|
828
|
+
});
|
|
829
|
+
};
|
|
830
|
+
Oidc.prototype.loginCallbackAsync = function (isSilenSignin) {
|
|
831
|
+
if (isSilenSignin === void 0) { isSilenSignin = false; }
|
|
832
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
833
|
+
var loginCallbackLocalAsync;
|
|
834
|
+
var _this = this;
|
|
835
|
+
return __generator(this, function (_a) {
|
|
836
|
+
if (this.loginCallbackPromise !== null) {
|
|
837
|
+
return [2 /*return*/, this.loginCallbackPromise];
|
|
680
838
|
}
|
|
839
|
+
loginCallbackLocalAsync = function () { return __awaiter(_this, void 0, void 0, function () {
|
|
840
|
+
var response, tokens, parsedTokens;
|
|
841
|
+
return __generator(this, function (_a) {
|
|
842
|
+
switch (_a.label) {
|
|
843
|
+
case 0: return [4 /*yield*/, this._loginCallbackAsync(isSilenSignin)];
|
|
844
|
+
case 1:
|
|
845
|
+
response = _a.sent();
|
|
846
|
+
tokens = response.tokens;
|
|
847
|
+
return [4 /*yield*/, setTokensAsync(this.serviceWorker, tokens)];
|
|
848
|
+
case 2:
|
|
849
|
+
parsedTokens = _a.sent();
|
|
850
|
+
this.tokens = parsedTokens;
|
|
851
|
+
if (!!this.serviceWorker) return [3 /*break*/, 4];
|
|
852
|
+
return [4 /*yield*/, this.session.setTokens(parsedTokens)];
|
|
853
|
+
case 3:
|
|
854
|
+
_a.sent();
|
|
855
|
+
_a.label = 4;
|
|
856
|
+
case 4:
|
|
857
|
+
this.publishEvent(Oidc.eventNames.token_aquired, parsedTokens);
|
|
858
|
+
// @ts-ignore
|
|
859
|
+
return [2 /*return*/, { parsedTokens: parsedTokens, state: response.state, callbackPath: response.callbackPath }];
|
|
860
|
+
}
|
|
861
|
+
});
|
|
862
|
+
}); };
|
|
863
|
+
this.loginCallbackPromise = loginCallbackLocalAsync();
|
|
864
|
+
return [2 /*return*/, this.loginCallbackPromise.then(function (result) {
|
|
865
|
+
_this.loginCallbackPromise = null;
|
|
866
|
+
return result;
|
|
867
|
+
})];
|
|
681
868
|
});
|
|
682
869
|
});
|
|
683
870
|
};
|
|
684
|
-
Oidc.prototype.
|
|
871
|
+
Oidc.prototype._loginCallbackAsync = function (isSilentSignin) {
|
|
685
872
|
var _a;
|
|
873
|
+
if (isSilentSignin === void 0) { isSilentSignin = false; }
|
|
686
874
|
return __awaiter(this, void 0, void 0, function () {
|
|
687
|
-
var configuration_2, clientId_1,
|
|
875
|
+
var configuration_2, clientId_1, redirectUri_1, authority, tokenRequestTimeout_1, oidcServerConfiguration_1, queryParams, sessionState_2, serviceWorker, storage_1, items, dummy, session, items, exception_3;
|
|
688
876
|
var _this = this;
|
|
689
877
|
return __generator(this, function (_b) {
|
|
690
878
|
switch (_b.label) {
|
|
691
879
|
case 0:
|
|
692
|
-
_b.trys.push([0,
|
|
880
|
+
_b.trys.push([0, 11, , 12]);
|
|
693
881
|
this.publishEvent(eventNames.loginCallbackAsync_begin, {});
|
|
694
882
|
configuration_2 = this.configuration;
|
|
695
883
|
clientId_1 = configuration_2.client_id;
|
|
696
|
-
|
|
884
|
+
redirectUri_1 = isSilentSignin ? configuration_2.silent_redirect_uri : configuration_2.redirect_uri;
|
|
697
885
|
authority = configuration_2.authority;
|
|
698
886
|
tokenRequestTimeout_1 = configuration_2.token_request_timeout;
|
|
699
887
|
return [4 /*yield*/, this.initAsync(authority, configuration_2.authority_configuration)];
|
|
700
888
|
case 1:
|
|
701
889
|
oidcServerConfiguration_1 = _b.sent();
|
|
890
|
+
queryParams = (0, route_utils_1.getParseQueryStringFromLocation)(window.location.href);
|
|
891
|
+
sessionState_2 = queryParams.session_state;
|
|
702
892
|
return [4 /*yield*/, (0, initWorker_1.initWorkerAsync)(configuration_2.service_worker_relative_url, this.configurationName)];
|
|
703
893
|
case 2:
|
|
704
894
|
serviceWorker = _b.sent();
|
|
705
895
|
storage_1 = null;
|
|
706
|
-
if (!serviceWorker) return [3 /*break*/,
|
|
896
|
+
if (!serviceWorker) return [3 /*break*/, 8];
|
|
707
897
|
serviceWorker.startKeepAliveServiceWorker();
|
|
708
898
|
this.serviceWorker = serviceWorker;
|
|
709
899
|
return [4 /*yield*/, serviceWorker.initAsync(oidcServerConfiguration_1, "loginCallbackAsync")];
|
|
@@ -722,19 +912,23 @@ var Oidc = /** @class */ (function () {
|
|
|
722
912
|
return [4 /*yield*/, storage_1.removeItem("dummy")];
|
|
723
913
|
case 6:
|
|
724
914
|
_b.sent();
|
|
725
|
-
return [
|
|
915
|
+
return [4 /*yield*/, serviceWorker.setSessionStateAsync(sessionState_2)];
|
|
726
916
|
case 7:
|
|
727
|
-
|
|
728
|
-
|
|
729
|
-
return [4 /*yield*/, session.loadItemsAsync()];
|
|
917
|
+
_b.sent();
|
|
918
|
+
return [3 /*break*/, 10];
|
|
730
919
|
case 8:
|
|
920
|
+
this.session = (0, initSession_1.initSession)(this.configurationName, redirectUri_1, (_a = configuration_2.storage) !== null && _a !== void 0 ? _a : sessionStorage);
|
|
921
|
+
session = (0, initSession_1.initSession)(this.configurationName, redirectUri_1);
|
|
922
|
+
session.setSessionState(sessionState_2);
|
|
923
|
+
return [4 /*yield*/, session.loadItemsAsync()];
|
|
924
|
+
case 9:
|
|
731
925
|
items = _b.sent();
|
|
732
926
|
storage_1 = new memoryStorageBackend_1.MemoryStorageBackend(session.saveItemsAsync, items);
|
|
733
|
-
_b.label =
|
|
734
|
-
case
|
|
927
|
+
_b.label = 10;
|
|
928
|
+
case 10: return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
735
929
|
// @ts-ignore
|
|
736
930
|
var queryStringUtil = new noHashQueryStringUtils_1.NoHashQueryStringUtils();
|
|
737
|
-
if (
|
|
931
|
+
if (redirectUri_1.includes("#")) {
|
|
738
932
|
var splithash = window.location.href.split("#");
|
|
739
933
|
if (splithash.length === 2 && splithash[1].includes("?")) {
|
|
740
934
|
queryStringUtil = new noHashQueryStringUtils_1.HashQueryStringUtils();
|
|
@@ -766,7 +960,7 @@ var Oidc = /** @class */ (function () {
|
|
|
766
960
|
}
|
|
767
961
|
var tokenRequest = new appauth_1.TokenRequest({
|
|
768
962
|
client_id: clientId_1,
|
|
769
|
-
redirect_uri:
|
|
963
|
+
redirect_uri: redirectUri_1,
|
|
770
964
|
grant_type: appauth_1.GRANT_TYPE_AUTHORIZATION_CODE,
|
|
771
965
|
code: response.code,
|
|
772
966
|
refresh_token: undefined,
|
|
@@ -780,14 +974,16 @@ var Oidc = /** @class */ (function () {
|
|
|
780
974
|
var tokenHandler = new appauth_1.BaseTokenRequestHandler(new appauth_1.FetchRequestor());
|
|
781
975
|
tokenHandler.performTokenRequest(oidcServerConfiguration_1, tokenRequest).then(function (tokenResponse) {
|
|
782
976
|
if (timeoutId) {
|
|
783
|
-
var loginParams = (0, exports.getLoginParams)(_this.configurationName);
|
|
784
977
|
clearTimeout(timeoutId);
|
|
785
978
|
_this.timeoutId = null;
|
|
786
|
-
_this.
|
|
787
|
-
|
|
788
|
-
|
|
789
|
-
|
|
790
|
-
|
|
979
|
+
var loginParams_1 = getLoginParams(_this.configurationName, redirectUri_1);
|
|
980
|
+
_this.startCheckSessionAsync(oidcServerConfiguration_1.check_session_iframe, clientId_1, sessionState_2, isSilentSignin).then(function () {
|
|
981
|
+
_this.publishEvent(eventNames.loginCallbackAsync_end, {});
|
|
982
|
+
resolve({
|
|
983
|
+
tokens: tokenResponse,
|
|
984
|
+
state: request.state,
|
|
985
|
+
callbackPath: loginParams_1.callbackPath,
|
|
986
|
+
});
|
|
791
987
|
});
|
|
792
988
|
}
|
|
793
989
|
});
|
|
@@ -804,12 +1000,12 @@ var Oidc = /** @class */ (function () {
|
|
|
804
1000
|
});
|
|
805
1001
|
authorizationHandler.completeAuthorizationRequestIfPossible();
|
|
806
1002
|
})];
|
|
807
|
-
case
|
|
1003
|
+
case 11:
|
|
808
1004
|
exception_3 = _b.sent();
|
|
809
1005
|
console.error(exception_3);
|
|
810
1006
|
this.publishEvent(eventNames.loginCallbackAsync_error, exception_3);
|
|
811
1007
|
throw exception_3;
|
|
812
|
-
case
|
|
1008
|
+
case 12: return [2 /*return*/];
|
|
813
1009
|
}
|
|
814
1010
|
});
|
|
815
1011
|
});
|
|
@@ -825,7 +1021,7 @@ var Oidc = /** @class */ (function () {
|
|
|
825
1021
|
localSilentSigninAsync = function (exception) {
|
|
826
1022
|
if (exception === void 0) { exception = null; }
|
|
827
1023
|
return __awaiter(_this, void 0, void 0, function () {
|
|
828
|
-
var silent_token_response,
|
|
1024
|
+
var silent_token_response, exceptionSilent_1;
|
|
829
1025
|
return __generator(this, function (_a) {
|
|
830
1026
|
switch (_a.label) {
|
|
831
1027
|
case 0:
|
|
@@ -834,12 +1030,12 @@ var Oidc = /** @class */ (function () {
|
|
|
834
1030
|
case 1:
|
|
835
1031
|
silent_token_response = _a.sent();
|
|
836
1032
|
if (silent_token_response) {
|
|
837
|
-
return [2 /*return*/, silent_token_response];
|
|
1033
|
+
return [2 /*return*/, silent_token_response.tokens];
|
|
838
1034
|
}
|
|
839
1035
|
return [3 /*break*/, 3];
|
|
840
1036
|
case 2:
|
|
841
|
-
|
|
842
|
-
console.error(
|
|
1037
|
+
exceptionSilent_1 = _a.sent();
|
|
1038
|
+
console.error(exceptionSilent_1);
|
|
843
1039
|
return [3 /*break*/, 3];
|
|
844
1040
|
case 3:
|
|
845
1041
|
if (this.timeoutId) {
|
|
@@ -899,6 +1095,87 @@ var Oidc = /** @class */ (function () {
|
|
|
899
1095
|
});
|
|
900
1096
|
});
|
|
901
1097
|
};
|
|
1098
|
+
Oidc.prototype.syncTokensAsync = function () {
|
|
1099
|
+
var _a;
|
|
1100
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
1101
|
+
var configuration, oidcServerConfiguration, serviceWorker, isLogin, silent_token_response, _b, exceptionSilent_2, session, tokens;
|
|
1102
|
+
return __generator(this, function (_c) {
|
|
1103
|
+
switch (_c.label) {
|
|
1104
|
+
case 0:
|
|
1105
|
+
configuration = this.configuration;
|
|
1106
|
+
if (!this.tokens) {
|
|
1107
|
+
return [2 /*return*/];
|
|
1108
|
+
}
|
|
1109
|
+
return [4 /*yield*/, this.initAsync(configuration.authority, configuration.authority_configuration)];
|
|
1110
|
+
case 1:
|
|
1111
|
+
oidcServerConfiguration = _c.sent();
|
|
1112
|
+
return [4 /*yield*/, (0, initWorker_1.initWorkerAsync)(configuration.service_worker_relative_url, this.configurationName)];
|
|
1113
|
+
case 2:
|
|
1114
|
+
serviceWorker = _c.sent();
|
|
1115
|
+
if (!serviceWorker) return [3 /*break*/, 14];
|
|
1116
|
+
return [4 /*yield*/, serviceWorker.initAsync(oidcServerConfiguration, "syncTokensAsync")];
|
|
1117
|
+
case 3:
|
|
1118
|
+
isLogin = (_c.sent()).isLogin;
|
|
1119
|
+
if (!(isLogin == false)) return [3 /*break*/, 5];
|
|
1120
|
+
this.publishEvent(eventNames.logout_from_another_tab, {});
|
|
1121
|
+
return [4 /*yield*/, this.destroyAsync()];
|
|
1122
|
+
case 4:
|
|
1123
|
+
_c.sent();
|
|
1124
|
+
return [3 /*break*/, 13];
|
|
1125
|
+
case 5:
|
|
1126
|
+
if (!(isLogin == null)) return [3 /*break*/, 13];
|
|
1127
|
+
_c.label = 6;
|
|
1128
|
+
case 6:
|
|
1129
|
+
_c.trys.push([6, 11, , 12]);
|
|
1130
|
+
this.publishEvent(eventNames.syncTokensAsync_begin, {});
|
|
1131
|
+
this.syncTokensAsyncPromise = this.silentSigninAsync({ prompt: "none" });
|
|
1132
|
+
return [4 /*yield*/, this.syncTokensAsyncPromise];
|
|
1133
|
+
case 7:
|
|
1134
|
+
silent_token_response = _c.sent();
|
|
1135
|
+
if (!(silent_token_response && silent_token_response.tokens)) return [3 /*break*/, 9];
|
|
1136
|
+
_b = this;
|
|
1137
|
+
return [4 /*yield*/, setTokensAsync(serviceWorker, silent_token_response.tokens)];
|
|
1138
|
+
case 8:
|
|
1139
|
+
_b.tokens = _c.sent();
|
|
1140
|
+
return [3 /*break*/, 10];
|
|
1141
|
+
case 9:
|
|
1142
|
+
this.publishEvent(eventNames.syncTokensAsync_error, null);
|
|
1143
|
+
if (this.timeoutId) {
|
|
1144
|
+
timer_1.default.clearTimeout(this.timeoutId);
|
|
1145
|
+
this.timeoutId = null;
|
|
1146
|
+
}
|
|
1147
|
+
return [2 /*return*/];
|
|
1148
|
+
case 10: return [3 /*break*/, 12];
|
|
1149
|
+
case 11:
|
|
1150
|
+
exceptionSilent_2 = _c.sent();
|
|
1151
|
+
console.error(exceptionSilent_2);
|
|
1152
|
+
this.publishEvent(eventNames.syncTokensAsync_error, exceptionSilent_2);
|
|
1153
|
+
if (this.timeoutId) {
|
|
1154
|
+
timer_1.default.clearTimeout(this.timeoutId);
|
|
1155
|
+
this.timeoutId = null;
|
|
1156
|
+
}
|
|
1157
|
+
return [2 /*return*/];
|
|
1158
|
+
case 12:
|
|
1159
|
+
this.syncTokensAsyncPromise = null;
|
|
1160
|
+
this.publishEvent(eventNames.syncTokensAsync_end, {});
|
|
1161
|
+
_c.label = 13;
|
|
1162
|
+
case 13: return [3 /*break*/, 17];
|
|
1163
|
+
case 14:
|
|
1164
|
+
session = (0, initSession_1.initSession)(this.configurationName, configuration.redirect_uri, (_a = configuration.storage) !== null && _a !== void 0 ? _a : sessionStorage);
|
|
1165
|
+
return [4 /*yield*/, session.initAsync()];
|
|
1166
|
+
case 15:
|
|
1167
|
+
tokens = (_c.sent()).tokens;
|
|
1168
|
+
if (!!tokens) return [3 /*break*/, 17];
|
|
1169
|
+
this.publishEvent(eventNames.logout_from_another_tab, {});
|
|
1170
|
+
return [4 /*yield*/, this.destroyAsync()];
|
|
1171
|
+
case 16:
|
|
1172
|
+
_c.sent();
|
|
1173
|
+
_c.label = 17;
|
|
1174
|
+
case 17: return [2 /*return*/];
|
|
1175
|
+
}
|
|
1176
|
+
});
|
|
1177
|
+
});
|
|
1178
|
+
};
|
|
902
1179
|
Oidc.prototype.loginCallbackWithAutoTokensRenewAsync = function () {
|
|
903
1180
|
var _this = this;
|
|
904
1181
|
if (this.loginCallbackWithAutoTokensRenewPromise !== null) {
|
|
@@ -918,6 +1195,9 @@ var Oidc = /** @class */ (function () {
|
|
|
918
1195
|
return __generator(this, function (_a) {
|
|
919
1196
|
switch (_a.label) {
|
|
920
1197
|
case 0:
|
|
1198
|
+
if (this.checkSessionIFrame) {
|
|
1199
|
+
this.checkSessionIFrame.stop();
|
|
1200
|
+
}
|
|
921
1201
|
if (!this.serviceWorker) return [3 /*break*/, 2];
|
|
922
1202
|
return [4 /*yield*/, this.serviceWorker.clearAsync()];
|
|
923
1203
|
case 1:
|