@axa-fr/react-oidc 6.0.0-beta7 → 6.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (50) hide show
  1. package/README.md +13 -4
  2. package/dist/FetchToken.d.ts.map +1 -1
  3. package/dist/FetchToken.js +10 -6
  4. package/dist/FetchToken.js.map +1 -1
  5. package/dist/OidcProvider.d.ts +1 -0
  6. package/dist/OidcProvider.d.ts.map +1 -1
  7. package/dist/OidcProvider.js +11 -4
  8. package/dist/OidcProvider.js.map +1 -1
  9. package/dist/OidcSecure.js +2 -2
  10. package/dist/OidcSecure.js.map +1 -1
  11. package/dist/OidcServiceWorker.js +62 -32
  12. package/dist/OidcTrustedDomains.js +7 -2
  13. package/dist/ReactOidc.d.ts.map +1 -1
  14. package/dist/ReactOidc.js +4 -3
  15. package/dist/ReactOidc.js.map +1 -1
  16. package/dist/core/default-component/SilentLogin.component.js +1 -1
  17. package/dist/core/default-component/SilentLogin.component.js.map +1 -1
  18. package/dist/core/routes/OidcRoutes.d.ts.map +1 -1
  19. package/dist/core/routes/OidcRoutes.js +1 -4
  20. package/dist/core/routes/OidcRoutes.js.map +1 -1
  21. package/dist/vanilla/initSession.d.ts +2 -1
  22. package/dist/vanilla/initSession.d.ts.map +1 -1
  23. package/dist/vanilla/initSession.js +7 -7
  24. package/dist/vanilla/initSession.js.map +1 -1
  25. package/dist/vanilla/initWorker.d.ts +2 -3
  26. package/dist/vanilla/initWorker.d.ts.map +1 -1
  27. package/dist/vanilla/initWorker.js +6 -21
  28. package/dist/vanilla/initWorker.js.map +1 -1
  29. package/dist/vanilla/oidc.d.ts +10 -5
  30. package/dist/vanilla/oidc.d.ts.map +1 -1
  31. package/dist/vanilla/oidc.js +451 -442
  32. package/dist/vanilla/oidc.js.map +1 -1
  33. package/package.json +1 -1
  34. package/src/oidc/FetchToken.tsx +7 -4
  35. package/src/oidc/OidcProvider.tsx +9 -0
  36. package/src/oidc/OidcSecure.tsx +2 -2
  37. package/src/oidc/ReactOidc.tsx +4 -3
  38. package/src/oidc/core/default-component/SilentLogin.component.tsx +1 -1
  39. package/src/oidc/core/routes/OidcRoutes.tsx +0 -4
  40. package/src/oidc/vanilla/OidcServiceWorker.js +62 -32
  41. package/src/oidc/vanilla/OidcTrustedDomains.js +7 -2
  42. package/src/oidc/vanilla/initSession.ts +6 -7
  43. package/src/oidc/vanilla/initWorker.ts +6 -15
  44. package/src/oidc/vanilla/oidc.ts +219 -241
  45. package/src/oidc/vanilla/parseTokens.js +107 -0
  46. package/dist/core/default-component/ServiceWorkerInstall.component.d.ts +0 -4
  47. package/dist/core/default-component/ServiceWorkerInstall.component.d.ts.map +0 -1
  48. package/dist/core/default-component/ServiceWorkerInstall.component.js +0 -131
  49. package/dist/core/default-component/ServiceWorkerInstall.component.js.map +0 -1
  50. package/src/oidc/core/default-component/ServiceWorkerInstall.component.tsx +0 -60
package/dist/vanilla/oidc.js CHANGED
@@ -74,8 +74,9 @@ var initSession_1 = require("./initSession");
74
74
  var timer_1 = __importDefault(require("./timer"));
75
75
  var checkSessionIFrame_1 = require("./checkSessionIFrame");
76
76
  var route_utils_1 = require("./route-utils");
77
+ var parseTokens_1 = require("./parseTokens");
77
78
  var performTokenRequestAsync = function (url, details, extras) { return __awaiter(void 0, void 0, void 0, function () {
78
- var _i, _a, _b, key, value, formBody, property, encodedKey, encodedValue, formBodyString, response, tokens, currentTimeUnixSecond;
79
+ var _i, _a, _b, key, value, formBody, property, encodedKey, encodedValue, formBodyString, response, tokens;
79
80
  return __generator(this, function (_c) {
80
81
  switch (_c.label) {
81
82
  case 0:
@@ -107,20 +108,9 @@ var performTokenRequestAsync = function (url, details, extras) { return __awaite
107
108
  return [4 /*yield*/, response.json()];
108
109
  case 2:
109
110
  tokens = _c.sent();
110
- if (!tokens.issued_at) {
111
- currentTimeUnixSecond = new Date().getTime() / 1000;
112
- tokens.issued_at = currentTimeUnixSecond;
113
- }
114
- return [2 /*return*/, { success: true,
115
- data: {
116
- accessToken: tokens.access_token,
117
- expiresIn: tokens.expires_in,
118
- idToken: tokens.id_token,
119
- refreshToken: tokens.refresh_token,
120
- scope: tokens.scope,
121
- tokenType: tokens.token_type,
122
- issuedAt: tokens.issued_at
123
- }
111
+ return [2 /*return*/, {
112
+ success: true,
113
+ data: (0, parseTokens_1.parseOriginalTokens)(tokens)
124
114
  }];
125
115
  }
126
116
  });
@@ -171,33 +161,6 @@ var OidcAuthorizationServiceConfiguration = /** @class */ (function (_super) {
171
161
  return OidcAuthorizationServiceConfiguration;
172
162
  }(appauth_1.AuthorizationServiceConfiguration));
173
163
  exports.OidcAuthorizationServiceConfiguration = OidcAuthorizationServiceConfiguration;
174
- var idTokenPayload = function (token) {
175
- var base64Url = token.split('.')[1];
176
- var base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');
177
- var jsonPayload = decodeURIComponent(atob(base64).split('').map(function (c) {
178
- return '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2);
179
- }).join(''));
180
- return JSON.parse(jsonPayload);
181
- };
182
- var countLetter = function (str, find) {
183
- return (str.split(find)).length - 1;
184
- };
185
- var extractAccessTokenPayload = function (tokens) {
186
- if (tokens.accessTokenPayload) {
187
- return tokens.accessTokenPayload;
188
- }
189
- var accessToken = tokens.accessToken;
190
- try {
191
- if (!accessToken || countLetter(accessToken, '.') != 2) {
192
- return null;
193
- }
194
- return JSON.parse(atob(accessToken.split('.')[1]));
195
- }
196
- catch (e) {
197
- console.warn(e);
198
- }
199
- return null;
200
- };
201
164
  var oidcDatabase = {};
202
165
  var oidcFactory = function (configuration, name) {
203
166
  if (name === void 0) { name = "default"; }
@@ -220,50 +183,35 @@ var loginCallbackWithAutoTokensRenewAsync = function (oidc) { return __awaiter(v
220
183
  });
221
184
  }); };
222
185
  var autoRenewTokens = function (oidc, refreshToken, expiresAt) {
223
- var _a;
224
- var refreshTimeBeforeTokensExpirationInSecond = (_a = oidc.configuration.refresh_time_before_tokens_expiration_in_second) !== null && _a !== void 0 ? _a : 60;
186
+ var refreshTimeBeforeTokensExpirationInSecond = oidc.configuration.refresh_time_before_tokens_expiration_in_second;
225
187
  return timer_1.default.setTimeout(function () { return __awaiter(void 0, void 0, void 0, function () {
226
- var currentTimeUnixSecond, timeInfo, tokens, _a;
188
+ var timeLeft, timeInfo, _a, tokens, status;
227
189
  return __generator(this, function (_b) {
228
190
  switch (_b.label) {
229
191
  case 0:
230
- currentTimeUnixSecond = new Date().getTime() / 1000;
231
- timeInfo = { timeLeft: Math.round(((expiresAt - refreshTimeBeforeTokensExpirationInSecond) - currentTimeUnixSecond)) };
192
+ timeLeft = (0, parseTokens_1.computeTimeLeft)(refreshTimeBeforeTokensExpirationInSecond, expiresAt);
193
+ timeInfo = { timeLeft: timeLeft };
232
194
  oidc.publishEvent(Oidc.eventNames.token_timer, timeInfo);
233
- if (!(currentTimeUnixSecond > (expiresAt - refreshTimeBeforeTokensExpirationInSecond))) return [3 /*break*/, 5];
234
- return [4 /*yield*/, oidc.refreshTokensAsync(refreshToken)];
195
+ return [4 /*yield*/, oidc.synchroniseTokensAsync(refreshToken)];
235
196
  case 1:
236
- tokens = _b.sent();
237
- _a = oidc;
238
- return [4 /*yield*/, setTokensAsync(oidc.serviceWorker, tokens)];
239
- case 2:
240
- _a.tokens = _b.sent();
241
- if (!!oidc.serviceWorker) return [3 /*break*/, 4];
197
+ _a = _b.sent(), tokens = _a.tokens, status = _a.status;
198
+ oidc.tokens = tokens;
199
+ if (!!oidc.serviceWorker) return [3 /*break*/, 3];
242
200
  return [4 /*yield*/, oidc.session.setTokens(oidc.tokens)];
243
- case 3:
201
+ case 2:
244
202
  _b.sent();
245
- _b.label = 4;
203
+ _b.label = 3;
204
+ case 3:
205
+ if (!!oidc.tokens) return [3 /*break*/, 5];
206
+ return [4 /*yield*/, oidc.destroyAsync(status)];
246
207
  case 4:
247
- if (!oidc.tokens) {
248
- if (oidc.checkSessionIFrame) {
249
- oidc.checkSessionIFrame.stop();
250
- oidc.checkSessionIFrame = null;
251
- }
252
- return [2 /*return*/];
253
- }
254
- oidc.publishEvent(Oidc.eventNames.token_renewed, {});
255
- if (oidc.timeoutId) {
256
- oidc.timeoutId = autoRenewTokens(oidc, tokens.refreshToken, oidc.tokens.expiresAt);
257
- }
258
- return [3 /*break*/, 7];
259
- case 5: return [4 /*yield*/, oidc.syncTokensAsync()];
260
- case 6:
261
208
  _b.sent();
209
+ return [2 /*return*/];
210
+ case 5:
262
211
  if (oidc.timeoutId) {
263
- oidc.timeoutId = autoRenewTokens(oidc, refreshToken, expiresAt);
212
+ oidc.timeoutId = autoRenewTokens(oidc, tokens.refreshToken, oidc.tokens.expiresAt);
264
213
  }
265
- _b.label = 7;
266
- case 7: return [2 /*return*/];
214
+ return [2 /*return*/];
267
215
  }
268
216
  });
269
217
  }); }, 1000);
@@ -271,8 +219,18 @@ var autoRenewTokens = function (oidc, refreshToken, expiresAt) {
271
219
  var getLoginSessionKey = function (configurationName, redirectUri) {
272
220
  return "oidc_login.".concat(configurationName, ":").concat(redirectUri);
273
221
  };
222
+ var setLoginParams = function (configurationName, redirectUri, data) {
223
+ var sessionKey = getLoginSessionKey(configurationName, redirectUri);
224
+ getLoginParamsCache = data;
225
+ sessionStorage[sessionKey] = JSON.stringify(data);
226
+ };
227
+ var getLoginParamsCache = null;
274
228
  var getLoginParams = function (configurationName, redirectUri) {
275
- return JSON.parse(sessionStorage[getLoginSessionKey(configurationName, redirectUri)]);
229
+ var dataString = sessionStorage[getLoginSessionKey(configurationName, redirectUri)];
230
+ if (!getLoginParamsCache) {
231
+ getLoginParamsCache = JSON.parse(dataString);
232
+ }
233
+ return getLoginParamsCache;
276
234
  };
277
235
  var userInfoAsync = function (oidc) { return __awaiter(void 0, void 0, void 0, function () {
278
236
  var accessToken, oidcServerConfiguration, url, fetchUserInfo, userInfo;
@@ -285,15 +243,19 @@ var userInfoAsync = function (oidc) { return __awaiter(void 0, void 0, void 0, f
285
243
  if (!oidc.tokens) {
286
244
  return [2 /*return*/, null];
287
245
  }
288
- if (!oidc.syncTokensAsyncPromise) return [3 /*break*/, 2];
289
- return [4 /*yield*/, oidc.syncTokensAsyncPromise];
246
+ accessToken = oidc.tokens.accessToken;
247
+ if (!accessToken) {
248
+ return [2 /*return*/, null];
249
+ }
250
+ _a.label = 1;
290
251
  case 1:
291
- _a.sent();
292
- _a.label = 2;
252
+ if (!(oidc.tokens && !(0, parseTokens_1.isTokensValid)(oidc.tokens))) return [3 /*break*/, 3];
253
+ return [4 /*yield*/, (0, initWorker_1.sleepAsync)(200)];
293
254
  case 2:
294
- accessToken = oidc.tokens.accessToken;
295
- return [4 /*yield*/, oidc.initAsync(oidc.configuration.authority, oidc.configuration.authority_configuration)];
296
- case 3:
255
+ _a.sent();
256
+ return [3 /*break*/, 1];
257
+ case 3: return [4 /*yield*/, oidc.initAsync(oidc.configuration.authority, oidc.configuration.authority_configuration)];
258
+ case 4:
297
259
  oidcServerConfiguration = _a.sent();
298
260
  url = oidcServerConfiguration.userInfoEndpoint;
299
261
  fetchUserInfo = function (accessToken) { return __awaiter(void 0, void 0, void 0, function () {
@@ -316,45 +278,18 @@ var userInfoAsync = function (oidc) { return __awaiter(void 0, void 0, void 0, f
316
278
  });
317
279
  }); };
318
280
  return [4 /*yield*/, fetchUserInfo(accessToken)];
319
- case 4:
281
+ case 5:
320
282
  userInfo = _a.sent();
321
283
  oidc.userInfo = userInfo;
322
284
  return [2 /*return*/, userInfo];
323
285
  }
324
286
  });
325
287
  }); };
326
- var setTokensAsync = function (serviceWorker, tokens) { return __awaiter(void 0, void 0, void 0, function () {
327
- var accessTokenPayload, _idTokenPayload, expiresAt;
328
- return __generator(this, function (_a) {
329
- switch (_a.label) {
330
- case 0:
331
- if (!(tokens == null)) return [3 /*break*/, 3];
332
- if (!serviceWorker) return [3 /*break*/, 2];
333
- return [4 /*yield*/, serviceWorker.clearAsync()];
334
- case 1:
335
- _a.sent();
336
- _a.label = 2;
337
- case 2: return [2 /*return*/, null];
338
- case 3:
339
- if (!serviceWorker) return [3 /*break*/, 5];
340
- return [4 /*yield*/, serviceWorker.getAccessTokenPayloadAsync()];
341
- case 4:
342
- accessTokenPayload = _a.sent();
343
- return [3 /*break*/, 6];
344
- case 5:
345
- accessTokenPayload = extractAccessTokenPayload(tokens);
346
- _a.label = 6;
347
- case 6:
348
- _idTokenPayload = idTokenPayload(tokens.idToken);
349
- expiresAt = (_idTokenPayload && _idTokenPayload.exp) ? _idTokenPayload.exp : tokens.issuedAt + tokens.expiresIn;
350
- return [2 /*return*/, __assign(__assign({}, tokens), { idTokenPayload: _idTokenPayload, accessTokenPayload: accessTokenPayload, expiresAt: expiresAt })];
351
- }
352
- });
353
- }); };
354
288
  var eventNames = {
355
289
  service_worker_not_supported_by_browser: "service_worker_not_supported_by_browser",
356
290
  token_aquired: "token_aquired",
357
291
  logout_from_another_tab: "logout_from_another_tab",
292
+ logout_from_same_tab: "logout_from_same_tab",
358
293
  token_renewed: "token_renewed",
359
294
  token_timer: "token_timer",
360
295
  loginAsync_begin: "loginAsync_begin",
@@ -441,16 +376,16 @@ var buildQueries = function (extras) {
441
376
  var Oidc = /** @class */ (function () {
442
377
  function Oidc(configuration, configurationName) {
443
378
  if (configurationName === void 0) { configurationName = "default"; }
379
+ var _a, _b, _c;
444
380
  this.tryKeepExistingSessionPromise = null;
445
381
  this.loginPromise = null;
446
382
  this.loginCallbackPromise = null;
447
- this.syncTokensAsyncPromise = null;
448
383
  this.loginCallbackWithAutoTokensRenewPromise = null;
449
384
  var silent_login_uri = configuration.silent_login_uri;
450
385
  if (configuration.silent_redirect_uri && !configuration.silent_login_uri) {
451
386
  silent_login_uri = "".concat(configuration.silent_redirect_uri.replace("-callback", "").replace("callback", ""), "-login");
452
387
  }
453
- this.configuration = __assign(__assign({}, configuration), { silent_login_uri: silent_login_uri });
388
+ this.configuration = __assign(__assign({}, configuration), { silent_login_uri: silent_login_uri, monitor_session: (_a = configuration.monitor_session) !== null && _a !== void 0 ? _a : true, refresh_time_before_tokens_expiration_in_second: (_b = configuration.refresh_time_before_tokens_expiration_in_second) !== null && _b !== void 0 ? _b : 60, silent_login_timeout: (_c = configuration.silent_login_timeout) !== null && _c !== void 0 ? _c : 12000 });
454
389
  this.configurationName = configurationName;
455
390
  this.tokens = null;
456
391
  this.userInfo = null;
@@ -458,7 +393,7 @@ var Oidc = /** @class */ (function () {
458
393
  this.timeoutId = null;
459
394
  this.serviceWorker = null;
460
395
  this.session = null;
461
- this.refreshTokensAsync.bind(this);
396
+ this.synchroniseTokensAsync.bind(this);
462
397
  this.loginCallbackWithAutoTokensRenewAsync.bind(this);
463
398
  this.initAsync.bind(this);
464
399
  this.loginCallbackAsync.bind(this);
@@ -537,117 +472,104 @@ var Oidc = /** @class */ (function () {
537
472
  return __awaiter(this, void 0, void 0, function () {
538
473
  var configuration_1, queries, _i, _a, _b, key, value, link, idx, iFrameOrigin_1, iframe_1, self_1;
539
474
  return __generator(this, function (_c) {
540
- switch (_c.label) {
541
- case 0:
542
- if (!this.configuration.silent_redirect_uri || !this.configuration.silent_login_uri) {
543
- return [2 /*return*/, Promise.resolve(null)];
475
+ if (!this.configuration.silent_redirect_uri || !this.configuration.silent_login_uri) {
476
+ return [2 /*return*/, Promise.resolve(null)];
477
+ }
478
+ try {
479
+ this.publishEvent(eventNames.silentLoginAsync_begin, {});
480
+ configuration_1 = this.configuration;
481
+ queries = "";
482
+ if (state) {
483
+ if (extras == null) {
484
+ extras = {};
544
485
  }
545
- _c.label = 1;
546
- case 1:
547
- if (!document.hidden) return [3 /*break*/, 3];
548
- return [4 /*yield*/, (0, initWorker_1.sleepAsync)(1000)];
549
- case 2:
550
- _c.sent();
551
- this.publishEvent(eventNames.silentLoginAsync, { message: "wait because document is hidden" });
552
- return [3 /*break*/, 1];
553
- case 3:
554
- try {
555
- this.publishEvent(eventNames.silentLoginAsync_begin, {});
556
- configuration_1 = this.configuration;
557
- queries = "";
558
- if (state) {
559
- if (extras == null) {
560
- extras = {};
561
- }
562
- extras.state = state;
563
- }
564
- if (scope) {
565
- if (extras == null) {
566
- extras = {};
567
- }
568
- extras.scope = scope;
486
+ extras.state = state;
487
+ }
488
+ if (scope) {
489
+ if (extras == null) {
490
+ extras = {};
491
+ }
492
+ extras.scope = scope;
493
+ }
494
+ if (extras != null) {
495
+ for (_i = 0, _a = Object.entries(extras); _i < _a.length; _i++) {
496
+ _b = _a[_i], key = _b[0], value = _b[1];
497
+ if (queries === "") {
498
+ queries = "?".concat(encodeURIComponent(key), "=").concat(encodeURIComponent(value));
569
499
  }
570
- if (extras != null) {
571
- for (_i = 0, _a = Object.entries(extras); _i < _a.length; _i++) {
572
- _b = _a[_i], key = _b[0], value = _b[1];
573
- if (queries === "") {
574
- queries = "?".concat(encodeURIComponent(key), "=").concat(encodeURIComponent(value));
575
- }
576
- else {
577
- queries += "&".concat(encodeURIComponent(key), "=").concat(encodeURIComponent(value));
578
- }
579
- }
500
+ else {
501
+ queries += "&".concat(encodeURIComponent(key), "=").concat(encodeURIComponent(value));
580
502
  }
581
- link = configuration_1.silent_login_uri + queries;
582
- idx = link.indexOf("/", link.indexOf("//") + 2);
583
- iFrameOrigin_1 = link.substr(0, idx);
584
- iframe_1 = document.createElement('iframe');
585
- iframe_1.width = "0px";
586
- iframe_1.height = "0px";
587
- iframe_1.id = "".concat(this.configurationName, "_oidc_iframe");
588
- iframe_1.setAttribute("src", link);
589
- document.body.appendChild(iframe_1);
590
- self_1 = this;
591
- return [2 /*return*/, new Promise(function (resolve, reject) {
592
- var _a;
593
- try {
594
- var isResolved_1 = false;
595
- window.onmessage = function (e) {
596
- if (e.origin === iFrameOrigin_1 &&
597
- e.source === iframe_1.contentWindow) {
598
- var key = "".concat(self_1.configurationName, "_oidc_tokens:");
599
- var key_error = "".concat(self_1.configurationName, "_oidc_error:");
600
- var data = e.data;
601
- if (data && typeof (data) === "string") {
602
- if (!isResolved_1) {
603
- if (data.startsWith(key)) {
604
- var result = JSON.parse(e.data.replace(key, ''));
605
- self_1.publishEvent(eventNames.silentLoginAsync_end, {});
606
- iframe_1.remove();
607
- isResolved_1 = true;
608
- resolve(result);
609
- }
610
- else if (data.startsWith(key_error)) {
611
- var result = JSON.parse(e.data.replace(key_error, ''));
612
- self_1.publishEvent(eventNames.silentLoginAsync_error, result);
613
- iframe_1.remove();
614
- isResolved_1 = true;
615
- reject(result);
616
- }
617
- }
618
- }
619
- }
620
- };
621
- var silentSigninTimeout = (_a = configuration_1.silent_login_timeout) !== null && _a !== void 0 ? _a : 12000;
622
- setTimeout(function () {
503
+ }
504
+ }
505
+ link = configuration_1.silent_login_uri + queries;
506
+ idx = link.indexOf("/", link.indexOf("//") + 2);
507
+ iFrameOrigin_1 = link.substr(0, idx);
508
+ iframe_1 = document.createElement('iframe');
509
+ iframe_1.width = "0px";
510
+ iframe_1.height = "0px";
511
+ iframe_1.id = "".concat(this.configurationName, "_oidc_iframe");
512
+ iframe_1.setAttribute("src", link);
513
+ document.body.appendChild(iframe_1);
514
+ self_1 = this;
515
+ return [2 /*return*/, new Promise(function (resolve, reject) {
516
+ try {
517
+ var isResolved_1 = false;
518
+ window.onmessage = function (e) {
519
+ if (e.origin === iFrameOrigin_1 &&
520
+ e.source === iframe_1.contentWindow) {
521
+ var key = "".concat(self_1.configurationName, "_oidc_tokens:");
522
+ var key_error = "".concat(self_1.configurationName, "_oidc_error:");
523
+ var data = e.data;
524
+ if (data && typeof (data) === "string") {
623
525
  if (!isResolved_1) {
624
- self_1.publishEvent(eventNames.silentLoginAsync_error, "timeout");
625
- iframe_1.remove();
626
- isResolved_1 = true;
627
- reject("timeout");
526
+ if (data.startsWith(key)) {
527
+ var result = JSON.parse(e.data.replace(key, ''));
528
+ self_1.publishEvent(eventNames.silentLoginAsync_end, {});
529
+ iframe_1.remove();
530
+ isResolved_1 = true;
531
+ resolve(result);
532
+ }
533
+ else if (data.startsWith(key_error)) {
534
+ var result = JSON.parse(e.data.replace(key_error, ''));
535
+ self_1.publishEvent(eventNames.silentLoginAsync_error, result);
536
+ iframe_1.remove();
537
+ isResolved_1 = true;
538
+ reject(new Error("oidc_" + result.error));
539
+ }
628
540
  }
629
- }, silentSigninTimeout);
541
+ }
630
542
  }
631
- catch (e) {
543
+ };
544
+ var silentSigninTimeout = configuration_1.silent_login_timeout;
545
+ setTimeout(function () {
546
+ if (!isResolved_1) {
547
+ self_1.publishEvent(eventNames.silentLoginAsync_error, { reason: "timeout" });
632
548
  iframe_1.remove();
633
- self_1.publishEvent(eventNames.silentLoginAsync_error, e);
634
- reject(e);
549
+ isResolved_1 = true;
550
+ reject(new Error("timeout"));
635
551
  }
636
- })];
637
- }
638
- catch (e) {
639
- this.publishEvent(eventNames.silentLoginAsync_error, e);
640
- throw e;
641
- }
642
- return [2 /*return*/];
552
+ }, silentSigninTimeout);
553
+ }
554
+ catch (e) {
555
+ iframe_1.remove();
556
+ self_1.publishEvent(eventNames.silentLoginAsync_error, e);
557
+ reject(e);
558
+ }
559
+ })];
560
+ }
561
+ catch (e) {
562
+ this.publishEvent(eventNames.silentLoginAsync_error, e);
563
+ throw e;
643
564
  }
565
+ return [2 /*return*/];
644
566
  });
645
567
  });
646
568
  };
647
569
  Oidc.prototype.initAsync = function (authority, authorityConfiguration) {
648
570
  var _a;
649
571
  return __awaiter(this, void 0, void 0, function () {
650
- var serviceWorker, storage, initAsyncPromise;
572
+ var serviceWorker, storage;
651
573
  return __generator(this, function (_b) {
652
574
  switch (_b.label) {
653
575
  case 0:
@@ -666,9 +588,7 @@ var Oidc = /** @class */ (function () {
666
588
  serviceWorker = _b.sent();
667
589
  storage = serviceWorker ? window.localStorage : null;
668
590
  return [4 /*yield*/, fetchFromIssuer(authority, (_a = this.configuration.authority_time_cache_wellknowurl_in_second) !== null && _a !== void 0 ? _a : 60 * 60, storage)];
669
- case 2:
670
- initAsyncPromise = _b.sent();
671
- return [2 /*return*/, initAsyncPromise];
591
+ case 2: return [2 /*return*/, _b.sent()];
672
592
  }
673
593
  });
674
594
  });
@@ -682,83 +602,68 @@ var Oidc = /** @class */ (function () {
682
602
  return [2 /*return*/, this.tryKeepExistingSessionPromise];
683
603
  }
684
604
  funcAsync = function () { return __awaiter(_this, void 0, void 0, function () {
685
- var serviceWorker, configuration, oidcServerConfiguration, tokens, reformattedToken, _a, sessionState, session, tokens, _b, sessionState, exception_1;
686
- var _c;
687
- return __generator(this, function (_d) {
688
- switch (_d.label) {
605
+ var serviceWorker, configuration, oidcServerConfiguration, tokens, sessionState, session, tokens, sessionState, exception_1;
606
+ var _a;
607
+ return __generator(this, function (_b) {
608
+ switch (_b.label) {
689
609
  case 0:
690
610
  if (this.tokens != null) {
691
611
  return [2 /*return*/, false];
692
612
  }
693
613
  this.publishEvent(eventNames.tryKeepExistingSessionAsync_begin, {});
694
- _d.label = 1;
614
+ _b.label = 1;
695
615
  case 1:
696
- _d.trys.push([1, 14, , 17]);
616
+ _b.trys.push([1, 12, , 15]);
697
617
  configuration = this.configuration;
698
618
  return [4 /*yield*/, this.initAsync(configuration.authority, configuration.authority_configuration)];
699
619
  case 2:
700
- oidcServerConfiguration = _d.sent();
620
+ oidcServerConfiguration = _b.sent();
701
621
  return [4 /*yield*/, (0, initWorker_1.initWorkerAsync)(configuration.service_worker_relative_url, this.configurationName)];
702
622
  case 3:
703
- serviceWorker = _d.sent();
704
- if (!serviceWorker) return [3 /*break*/, 9];
623
+ serviceWorker = _b.sent();
624
+ if (!serviceWorker) return [3 /*break*/, 8];
705
625
  return [4 /*yield*/, serviceWorker.initAsync(oidcServerConfiguration, "tryKeepExistingSessionAsync")];
706
626
  case 4:
707
- tokens = (_d.sent()).tokens;
708
- if (!tokens) return [3 /*break*/, 8];
627
+ tokens = (_b.sent()).tokens;
628
+ if (!tokens) return [3 /*break*/, 7];
709
629
  serviceWorker.startKeepAliveServiceWorker();
710
- reformattedToken = {
711
- accessToken: tokens.access_token,
712
- refreshToken: tokens.refresh_token,
713
- expiresIn: tokens.expires_in,
714
- idToken: tokens.id_token,
715
- scope: tokens.scope,
716
- tokenType: tokens.token_type,
717
- issuedAt: tokens.issued_at
718
- };
719
- _a = this;
720
- return [4 /*yield*/, setTokensAsync(serviceWorker, reformattedToken)];
721
- case 5:
722
- _a.tokens = _d.sent();
630
+ // @ts-ignore
631
+ this.tokens = tokens;
723
632
  this.serviceWorker = serviceWorker;
724
633
  // @ts-ignore
725
634
  this.timeoutId = autoRenewTokens(this, this.tokens.refreshToken, this.tokens.expiresAt);
726
635
  return [4 /*yield*/, serviceWorker.getSessionStateAsync()];
727
- case 6:
728
- sessionState = _d.sent();
636
+ case 5:
637
+ sessionState = _b.sent();
729
638
  // @ts-ignore
730
639
  return [4 /*yield*/, this.startCheckSessionAsync(oidcServerConfiguration.check_session_iframe, configuration.client_id, sessionState)];
731
- case 7:
640
+ case 6:
732
641
  // @ts-ignore
733
- _d.sent();
642
+ _b.sent();
734
643
  this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
735
644
  success: true,
736
645
  message: "tokens inside ServiceWorker are valid"
737
646
  });
738
647
  return [2 /*return*/, true];
739
- case 8:
648
+ case 7:
740
649
  this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
741
650
  success: false,
742
651
  message: "no exiting session found"
743
652
  });
744
- return [3 /*break*/, 13];
745
- case 9:
653
+ return [3 /*break*/, 11];
654
+ case 8:
746
655
  if (configuration.service_worker_relative_url) {
747
656
  this.publishEvent(eventNames.service_worker_not_supported_by_browser, {
748
657
  message: "service worker is not supported by this browser"
749
658
  });
750
659
  }
751
- session = (0, initSession_1.initSession)(this.configurationName, configuration.redirect_uri, (_c = configuration.storage) !== null && _c !== void 0 ? _c : sessionStorage);
660
+ session = (0, initSession_1.initSession)(this.configurationName, configuration.redirect_uri, (_a = configuration.storage) !== null && _a !== void 0 ? _a : sessionStorage);
752
661
  return [4 /*yield*/, session.initAsync()];
753
- case 10:
754
- tokens = (_d.sent()).tokens;
755
- if (!tokens) return [3 /*break*/, 13];
756
- // @ts-ignore
757
- _b = this;
758
- return [4 /*yield*/, setTokensAsync(serviceWorker, tokens)];
759
- case 11:
662
+ case 9:
663
+ tokens = (_b.sent()).tokens;
664
+ if (!tokens) return [3 /*break*/, 11];
760
665
  // @ts-ignore
761
- _b.tokens = _d.sent();
666
+ this.tokens = (0, parseTokens_1.setTokens)(tokens);
762
667
  //session.setTokens(this.tokens);
763
668
  this.session = session;
764
669
  // @ts-ignore
@@ -766,32 +671,32 @@ var Oidc = /** @class */ (function () {
766
671
  sessionState = session.getSessionState();
767
672
  // @ts-ignore
768
673
  return [4 /*yield*/, this.startCheckSessionAsync(oidcServerConfiguration.check_session_iframe, configuration.client_id, sessionState)];
769
- case 12:
674
+ case 10:
770
675
  // @ts-ignore
771
- _d.sent();
676
+ _b.sent();
772
677
  this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
773
678
  success: true,
774
679
  message: "tokens inside storage are valid"
775
680
  });
776
681
  return [2 /*return*/, true];
777
- case 13:
682
+ case 11:
778
683
  this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
779
684
  success: false,
780
685
  message: serviceWorker ? "service worker sessions not retrieved" : "session storage sessions not retrieved"
781
686
  });
782
687
  return [2 /*return*/, false];
783
- case 14:
784
- exception_1 = _d.sent();
688
+ case 12:
689
+ exception_1 = _b.sent();
785
690
  console.error(exception_1);
786
- if (!serviceWorker) return [3 /*break*/, 16];
691
+ if (!serviceWorker) return [3 /*break*/, 14];
787
692
  return [4 /*yield*/, serviceWorker.clearAsync()];
788
- case 15:
789
- _d.sent();
790
- _d.label = 16;
791
- case 16:
693
+ case 13:
694
+ _b.sent();
695
+ _b.label = 14;
696
+ case 14:
792
697
  this.publishEvent(eventNames.tryKeepExistingSessionAsync_error, "tokens inside ServiceWorker are invalid");
793
698
  return [2 /*return*/, false];
794
- case 17: return [2 /*return*/];
699
+ case 15: return [2 /*return*/];
795
700
  }
796
701
  });
797
702
  }); };
@@ -803,10 +708,9 @@ var Oidc = /** @class */ (function () {
803
708
  });
804
709
  });
805
710
  };
806
- Oidc.prototype.loginAsync = function (callbackPath, extras, installServiceWorker, state, isSilentSignin, scope) {
711
+ Oidc.prototype.loginAsync = function (callbackPath, extras, state, isSilentSignin, scope) {
807
712
  if (callbackPath === void 0) { callbackPath = undefined; }
808
713
  if (extras === void 0) { extras = null; }
809
- if (installServiceWorker === void 0) { installServiceWorker = true; }
810
714
  if (state === void 0) { state = undefined; }
811
715
  if (isSilentSignin === void 0) { isSilentSignin = false; }
812
716
  if (scope === void 0) { scope = undefined; }
@@ -818,7 +722,7 @@ var Oidc = /** @class */ (function () {
818
722
  return [2 /*return*/, this.loginPromise];
819
723
  }
820
724
  loginLocalAsync = function () { return __awaiter(_this, void 0, void 0, function () {
821
- var location_1, url, configuration, redirectUri, sessionKey, serviceWorker, oidcServerConfiguration, storage, session, extraFinal, queryStringUtil, authorizationHandler, authRequest, exception_2;
725
+ var location_1, url, configuration, redirectUri, serviceWorker, oidcServerConfiguration, storage, session, extraFinal, queryStringUtil, authorizationHandler, authRequest, exception_2;
822
726
  var _a;
823
727
  return __generator(this, function (_b) {
824
728
  switch (_b.label) {
@@ -832,8 +736,7 @@ var Oidc = /** @class */ (function () {
832
736
  if (!scope) {
833
737
  scope = configuration.scope;
834
738
  }
835
- sessionKey = getLoginSessionKey(this.configurationName, redirectUri);
836
- sessionStorage[sessionKey] = JSON.stringify({ callbackPath: url, extras: extras, state: state });
739
+ setLoginParams(this.configurationName, redirectUri, { callbackPath: url, extras: extras, state: state });
837
740
  return [4 /*yield*/, (0, initWorker_1.initWorkerAsync)(configuration.service_worker_relative_url, this.configurationName)];
838
741
  case 1:
839
742
  serviceWorker = _b.sent();
@@ -920,10 +823,31 @@ var Oidc = /** @class */ (function () {
920
823
  else {
921
824
  console.debug("SessionMonitor._callback: Different subject signed into OP:", iFrameIdTokenPayload.sub);
922
825
  }
923
- }).catch(function (e) {
924
- _this.publishEvent(eventNames.logout_from_another_tab, {});
925
- _this.destroyAsync();
926
- });
826
+ }).catch(function (e) { return __awaiter(_this, void 0, void 0, function () {
827
+ var _i, _a, _b, key, oidc;
828
+ return __generator(this, function (_c) {
829
+ switch (_c.label) {
830
+ case 0:
831
+ _i = 0, _a = Object.entries(oidcDatabase);
832
+ _c.label = 1;
833
+ case 1:
834
+ if (!(_i < _a.length)) return [3 /*break*/, 4];
835
+ _b = _a[_i], key = _b[0], oidc = _b[1];
836
+ //if(oidc !== this) {
837
+ // @ts-ignore
838
+ return [4 /*yield*/, oidc.logoutOtherTabAsync(this.configuration.client_id, idTokenPayload.sub)];
839
+ case 2:
840
+ //if(oidc !== this) {
841
+ // @ts-ignore
842
+ _c.sent();
843
+ _c.label = 3;
844
+ case 3:
845
+ _i++;
846
+ return [3 /*break*/, 1];
847
+ case 4: return [2 /*return*/];
848
+ }
849
+ });
850
+ }); });
927
851
  };
928
852
  _this.checkSessionIFrame = new checkSessionIFrame_1.CheckSessionIFrame(checkSessionCallback, clientId, checkSessionIFrameUri);
929
853
  _this.checkSessionIFrame.load().then(function () {
@@ -957,16 +881,14 @@ var Oidc = /** @class */ (function () {
957
881
  case 1:
958
882
  response = _a.sent();
959
883
  tokens = response.tokens;
960
- return [4 /*yield*/, setTokensAsync(this.serviceWorker, tokens)];
961
- case 2:
962
- parsedTokens = _a.sent();
884
+ parsedTokens = (0, parseTokens_1.setTokens)(tokens);
963
885
  this.tokens = parsedTokens;
964
- if (!!this.serviceWorker) return [3 /*break*/, 4];
886
+ if (!!this.serviceWorker) return [3 /*break*/, 3];
965
887
  return [4 /*yield*/, this.session.setTokens(parsedTokens)];
966
- case 3:
888
+ case 2:
967
889
  _a.sent();
968
- _a.label = 4;
969
- case 4:
890
+ _a.label = 3;
891
+ case 3:
970
892
  this.publishEvent(Oidc.eventNames.token_aquired, parsedTokens);
971
893
  // @ts-ignore
972
894
  return [2 /*return*/, { parsedTokens: parsedTokens, state: response.state, callbackPath: response.callbackPath }];
@@ -985,7 +907,7 @@ var Oidc = /** @class */ (function () {
985
907
  var _a;
986
908
  if (isSilentSignin === void 0) { isSilentSignin = false; }
987
909
  return __awaiter(this, void 0, void 0, function () {
988
- var configuration_2, clientId_1, redirectUri_1, authority, tokenRequestTimeout_1, oidcServerConfiguration_1, queryParams, sessionState_2, serviceWorker, storage_1, items, dummy, session, items, exception_3;
910
+ var configuration_2, clientId_1, redirectUri_1, authority, tokenRequestTimeout_1, oidcServerConfiguration_1, queryParams, sessionState_2, serviceWorker_1, storage_1, items, dummy, session, items, exception_3;
989
911
  var _this = this;
990
912
  return __generator(this, function (_b) {
991
913
  switch (_b.label) {
@@ -1004,18 +926,18 @@ var Oidc = /** @class */ (function () {
1004
926
  sessionState_2 = queryParams.session_state;
1005
927
  return [4 /*yield*/, (0, initWorker_1.initWorkerAsync)(configuration_2.service_worker_relative_url, this.configurationName)];
1006
928
  case 2:
1007
- serviceWorker = _b.sent();
929
+ serviceWorker_1 = _b.sent();
1008
930
  storage_1 = null;
1009
- if (!serviceWorker) return [3 /*break*/, 8];
1010
- serviceWorker.startKeepAliveServiceWorker();
1011
- this.serviceWorker = serviceWorker;
1012
- return [4 /*yield*/, serviceWorker.initAsync(oidcServerConfiguration_1, "loginCallbackAsync")];
931
+ if (!serviceWorker_1) return [3 /*break*/, 8];
932
+ serviceWorker_1.startKeepAliveServiceWorker();
933
+ this.serviceWorker = serviceWorker_1;
934
+ return [4 /*yield*/, serviceWorker_1.initAsync(oidcServerConfiguration_1, "loginCallbackAsync")];
1013
935
  case 3:
1014
936
  _b.sent();
1015
- return [4 /*yield*/, serviceWorker.loadItemsAsync()];
937
+ return [4 /*yield*/, serviceWorker_1.loadItemsAsync()];
1016
938
  case 4:
1017
939
  items = _b.sent();
1018
- storage_1 = new memoryStorageBackend_1.MemoryStorageBackend(serviceWorker.saveItemsAsync, items);
940
+ storage_1 = new memoryStorageBackend_1.MemoryStorageBackend(serviceWorker_1.saveItemsAsync, items);
1019
941
  return [4 /*yield*/, storage_1.getItem("dummy")];
1020
942
  case 5:
1021
943
  dummy = _b.sent();
@@ -1025,7 +947,7 @@ var Oidc = /** @class */ (function () {
1025
947
  return [4 /*yield*/, storage_1.removeItem("dummy")];
1026
948
  case 6:
1027
949
  _b.sent();
1028
- return [4 /*yield*/, serviceWorker.setSessionStateAsync(sessionState_2)];
950
+ return [4 /*yield*/, serviceWorker_1.setSessionStateAsync(sessionState_2)];
1029
951
  case 7:
1030
952
  _b.sent();
1031
953
  return [3 /*break*/, 10];
@@ -1085,22 +1007,37 @@ var Oidc = /** @class */ (function () {
1085
1007
  }, tokenRequestTimeout_1 !== null && tokenRequestTimeout_1 !== void 0 ? tokenRequestTimeout_1 : 12000);
1086
1008
  try {
1087
1009
  var tokenHandler = new appauth_1.BaseTokenRequestHandler(new appauth_1.FetchRequestor());
1088
- tokenHandler.performTokenRequest(oidcServerConfiguration_1, tokenRequest).then(function (tokenResponse) {
1089
- if (timeoutId) {
1090
- clearTimeout(timeoutId);
1091
- _this.timeoutId = null;
1092
- var loginParams_1 = getLoginParams(_this.configurationName, redirectUri_1);
1093
- // @ts-ignore
1094
- _this.startCheckSessionAsync(oidcServerConfiguration_1.check_session_iframe, clientId_1, sessionState_2, isSilentSignin).then(function () {
1095
- _this.publishEvent(eventNames.loginCallbackAsync_end, {});
1096
- resolve({
1097
- tokens: tokenResponse,
1098
- state: request.state,
1099
- callbackPath: loginParams_1.callbackPath,
1100
- });
1101
- });
1102
- }
1103
- });
1010
+ tokenHandler.performTokenRequest(oidcServerConfiguration_1, tokenRequest).then(function (tokenResponse) { return __awaiter(_this, void 0, void 0, function () {
1011
+ var loginParams_1, tokens;
1012
+ var _this = this;
1013
+ return __generator(this, function (_a) {
1014
+ switch (_a.label) {
1015
+ case 0:
1016
+ if (!timeoutId) return [3 /*break*/, 3];
1017
+ clearTimeout(timeoutId);
1018
+ this.timeoutId = null;
1019
+ loginParams_1 = getLoginParams(this.configurationName, redirectUri_1);
1020
+ if (!serviceWorker_1) return [3 /*break*/, 2];
1021
+ return [4 /*yield*/, serviceWorker_1.initAsync(oidcServerConfiguration_1, "syncTokensAsync")];
1022
+ case 1:
1023
+ tokens = (_a.sent()).tokens;
1024
+ tokenResponse = tokens;
1025
+ _a.label = 2;
1026
+ case 2:
1027
+ // @ts-ignore
1028
+ this.startCheckSessionAsync(oidcServerConfiguration_1.check_session_iframe, clientId_1, sessionState_2, isSilentSignin).then(function () {
1029
+ _this.publishEvent(eventNames.loginCallbackAsync_end, {});
1030
+ resolve({
1031
+ tokens: tokenResponse,
1032
+ state: request.state,
1033
+ callbackPath: loginParams_1.callbackPath,
1034
+ });
1035
+ });
1036
+ _a.label = 3;
1037
+ case 3: return [2 /*return*/];
1038
+ }
1039
+ });
1040
+ }); });
1104
1041
  }
1105
1042
  catch (exception) {
1106
1043
  if (timeoutId) {
@@ -1124,182 +1061,206 @@ var Oidc = /** @class */ (function () {
1124
1061
  });
1125
1062
  });
1126
1063
  };
1127
- Oidc.prototype.refreshTokensAsync = function (refreshToken) {
1064
+ Oidc.prototype.synchroniseTokensAsync = function (refreshToken, index) {
1065
+ if (index === void 0) { index = 0; }
1128
1066
  return __awaiter(this, void 0, void 0, function () {
1129
- var localsilentLoginAsync, configuration, clientId, redirectUri, authority, extras, _i, _a, _b, key, value, oidcServerConfiguration, details, index, tokenResponse, exception_4;
1067
+ var numberTryOnline, configuration, localsilentLoginAsync, _a, status_1, tokens, _b, clientId, redirectUri, authority, extras, _i, _c, _d, key, value, details, oidcServerConfiguration, tokenResponse, exception_4;
1130
1068
  var _this = this;
1131
- return __generator(this, function (_c) {
1132
- switch (_c.label) {
1069
+ return __generator(this, function (_e) {
1070
+ switch (_e.label) {
1133
1071
  case 0:
1072
+ if (!document.hidden) return [3 /*break*/, 3];
1073
+ return [4 /*yield*/, (0, initWorker_1.sleepAsync)(1000)];
1074
+ case 1:
1075
+ _e.sent();
1076
+ this.publishEvent(eventNames.refreshTokensAsync, { message: "wait because document is hidden" });
1077
+ return [4 /*yield*/, this.synchroniseTokensAsync(refreshToken, index)];
1078
+ case 2: return [2 /*return*/, _e.sent()];
1079
+ case 3:
1080
+ numberTryOnline = 6;
1081
+ _e.label = 4;
1082
+ case 4:
1083
+ if (!(!navigator.onLine && numberTryOnline > 0)) return [3 /*break*/, 6];
1084
+ return [4 /*yield*/, (0, initWorker_1.sleepAsync)(1000)];
1085
+ case 5:
1086
+ _e.sent();
1087
+ numberTryOnline--;
1088
+ this.publishEvent(eventNames.refreshTokensAsync, { message: "wait because navigator is offline try ".concat(numberTryOnline) });
1089
+ return [3 /*break*/, 4];
1090
+ case 6:
1091
+ configuration = this.configuration;
1134
1092
  localsilentLoginAsync = function () { return __awaiter(_this, void 0, void 0, function () {
1135
- var silent_token_response, exceptionSilent_1;
1093
+ var loginParams, silent_token_response, exceptionSilent_1;
1136
1094
  return __generator(this, function (_a) {
1137
1095
  switch (_a.label) {
1138
1096
  case 0:
1139
- _a.trys.push([0, 2, , 3]);
1140
- return [4 /*yield*/, this.silentLoginAsync()];
1097
+ _a.trys.push([0, 2, , 4]);
1098
+ loginParams = getLoginParams(this.configurationName, configuration.redirect_uri);
1099
+ return [4 /*yield*/, this.silentLoginAsync(__assign(__assign({}, loginParams.extras), { prompt: "none" }), loginParams.state)];
1141
1100
  case 1:
1142
1101
  silent_token_response = _a.sent();
1143
1102
  if (silent_token_response) {
1144
- return [2 /*return*/, silent_token_response.tokens];
1103
+ this.publishEvent(Oidc.eventNames.token_renewed, {});
1104
+ return [2 /*return*/, { tokens: silent_token_response.tokens, status: "LOGGED" }];
1145
1105
  }
1146
- return [3 /*break*/, 3];
1106
+ return [3 /*break*/, 4];
1147
1107
  case 2:
1148
1108
  exceptionSilent_1 = _a.sent();
1149
1109
  console.error(exceptionSilent_1);
1150
- return [3 /*break*/, 3];
1151
- case 3:
1152
- if (this.timeoutId) {
1153
- timer_1.default.clearTimeout(this.timeoutId);
1154
- this.timeoutId = null;
1110
+ this.publishEvent(eventNames.refreshTokensAsync_silent_error, { message: "exceptionSilent", exception: exceptionSilent_1.message });
1111
+ if (exceptionSilent_1 && exceptionSilent_1.message && exceptionSilent_1.message.startsWith("oidc")) {
1112
+ this.publishEvent(eventNames.refreshTokensAsync_error, { message: "refresh token silent" });
1113
+ return [2 /*return*/, { tokens: null, status: "SESSION_LOST" }];
1155
1114
  }
1156
- this.publishEvent(eventNames.refreshTokensAsync_error, { message: "refresh token and silent refresh failed" });
1157
- return [2 /*return*/, null];
1115
+ return [4 /*yield*/, (0, initWorker_1.sleepAsync)(1000)];
1116
+ case 3:
1117
+ _a.sent();
1118
+ throw exceptionSilent_1;
1119
+ case 4:
1120
+ this.publishEvent(eventNames.refreshTokensAsync_error, { message: "refresh token silent return" });
1121
+ return [2 /*return*/, { tokens: null, status: "SESSION_LOST" }];
1158
1122
  }
1159
1123
  });
1160
1124
  }); };
1161
- configuration = this.configuration;
1125
+ if (!(index <= 4)) return [3 /*break*/, 24];
1126
+ _e.label = 7;
1127
+ case 7:
1128
+ _e.trys.push([7, 23, , 24]);
1129
+ if (!!refreshToken) return [3 /*break*/, 9];
1130
+ this.publishEvent(eventNames.refreshTokensAsync_begin, { refreshToken: refreshToken, tryNumber: index });
1131
+ return [4 /*yield*/, localsilentLoginAsync()];
1132
+ case 8: return [2 /*return*/, _e.sent()];
1133
+ case 9: return [4 /*yield*/, this.syncTokensInfoAsync(configuration, this.configurationName, this.tokens)];
1134
+ case 10:
1135
+ _a = _e.sent(), status_1 = _a.status, tokens = _a.tokens;
1136
+ _b = status_1;
1137
+ switch (_b) {
1138
+ case "SESSION_LOST": return [3 /*break*/, 11];
1139
+ case "NOT_CONNECTED": return [3 /*break*/, 12];
1140
+ case "TOKENS_VALID": return [3 /*break*/, 13];
1141
+ case "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID": return [3 /*break*/, 13];
1142
+ case "LOGOUT_FROM_ANOTHER_TAB": return [3 /*break*/, 14];
1143
+ case "REQUIRE_SYNC_TOKENS": return [3 /*break*/, 15];
1144
+ }
1145
+ return [3 /*break*/, 17];
1146
+ case 11:
1147
+ this.publishEvent(eventNames.refreshTokensAsync_error, { message: "refresh token session lost" });
1148
+ return [2 /*return*/, { tokens: null, status: "SESSION_LOST" }];
1149
+ case 12: return [2 /*return*/, { tokens: null, status: null }];
1150
+ case 13: return [2 /*return*/, { tokens: tokens, status: "LOGGED_IN" }];
1151
+ case 14:
1152
+ this.publishEvent(eventNames.logout_from_another_tab, { "status": "session syncTokensAsync" });
1153
+ return [2 /*return*/, { tokens: null, status: "LOGGED_OUT" }];
1154
+ case 15:
1155
+ this.publishEvent(eventNames.refreshTokensAsync_begin, { refreshToken: refreshToken, status: status_1, tryNumber: index });
1156
+ return [4 /*yield*/, localsilentLoginAsync()];
1157
+ case 16: return [2 /*return*/, _e.sent()];
1158
+ case 17:
1159
+ this.publishEvent(eventNames.refreshTokensAsync_begin, { refreshToken: refreshToken, status: status_1, tryNumber: index });
1162
1160
  clientId = configuration.client_id;
1163
1161
  redirectUri = configuration.redirect_uri;
1164
1162
  authority = configuration.authority;
1165
- if (!!refreshToken) return [3 /*break*/, 2];
1166
- return [4 /*yield*/, localsilentLoginAsync()];
1167
- case 1: return [2 /*return*/, _c.sent()];
1168
- case 2:
1169
1163
  extras = {};
1170
1164
  if (configuration.token_request_extras) {
1171
- for (_i = 0, _a = Object.entries(configuration.token_request_extras); _i < _a.length; _i++) {
1172
- _b = _a[_i], key = _b[0], value = _b[1];
1165
+ for (_i = 0, _c = Object.entries(configuration.token_request_extras); _i < _c.length; _i++) {
1166
+ _d = _c[_i], key = _d[0], value = _d[1];
1173
1167
  extras[key] = value;
1174
1168
  }
1175
1169
  }
1176
- return [4 /*yield*/, this.initAsync(authority, configuration.authority_configuration)];
1177
- case 3:
1178
- oidcServerConfiguration = _c.sent();
1179
1170
  details = {
1180
1171
  client_id: clientId,
1181
1172
  redirect_uri: redirectUri,
1182
1173
  grant_type: appauth_1.GRANT_TYPE_REFRESH_TOKEN,
1183
- refresh_token: refreshToken,
1174
+ refresh_token: tokens.refreshToken,
1184
1175
  };
1185
- index = 0;
1186
- _c.label = 4;
1187
- case 4:
1188
- if (!(index <= 2)) return [3 /*break*/, 15];
1189
- _c.label = 5;
1190
- case 5:
1191
- _c.trys.push([5, 13, , 14]);
1192
- this.publishEvent(eventNames.refreshTokensAsync_begin, { refreshToken: refreshToken, tryNumber: index });
1193
- if (!(index > 1)) return [3 /*break*/, 8];
1194
- _c.label = 6;
1195
- case 6:
1196
- if (!document.hidden) return [3 /*break*/, 8];
1197
- return [4 /*yield*/, (0, initWorker_1.sleepAsync)(1000)];
1198
- case 7:
1199
- _c.sent();
1200
- this.publishEvent(eventNames.refreshTokensAsync, { message: "wait because document is hidden" });
1201
- return [3 /*break*/, 6];
1202
- case 8: return [4 /*yield*/, performTokenRequestAsync(oidcServerConfiguration.tokenEndpoint, details, extras)];
1203
- case 9:
1204
- tokenResponse = _c.sent();
1205
- if (!tokenResponse.success) return [3 /*break*/, 10];
1176
+ return [4 /*yield*/, this.initAsync(authority, configuration.authority_configuration)];
1177
+ case 18:
1178
+ oidcServerConfiguration = _e.sent();
1179
+ return [4 /*yield*/, performTokenRequestAsync(oidcServerConfiguration.tokenEndpoint, details, extras)];
1180
+ case 19:
1181
+ tokenResponse = _e.sent();
1182
+ if (!tokenResponse.success) return [3 /*break*/, 20];
1206
1183
  this.publishEvent(eventNames.refreshTokensAsync_end, { success: tokenResponse.success });
1207
- return [2 /*return*/, tokenResponse.data];
1208
- case 10:
1209
- this.publishEvent(eventNames.refreshTokensAsync_silent_error, { message: "bad request", tokenResponse: tokenResponse });
1210
- return [4 /*yield*/, localsilentLoginAsync()];
1211
- case 11: return [2 /*return*/, _c.sent()];
1212
- case 12: return [3 /*break*/, 14];
1213
- case 13:
1214
- exception_4 = _c.sent();
1184
+ this.publishEvent(Oidc.eventNames.token_renewed, {});
1185
+ return [2 /*return*/, { tokens: tokenResponse.data, status: "LOGGED_IN" }];
1186
+ case 20:
1187
+ this.publishEvent(eventNames.refreshTokensAsync_silent_error, {
1188
+ message: "bad request",
1189
+ tokenResponse: tokenResponse
1190
+ });
1191
+ return [4 /*yield*/, this.synchroniseTokensAsync(null, index + 1)];
1192
+ case 21: return [2 /*return*/, _e.sent()];
1193
+ case 22: return [3 /*break*/, 24];
1194
+ case 23:
1195
+ exception_4 = _e.sent();
1215
1196
  console.error(exception_4);
1216
1197
  this.publishEvent(eventNames.refreshTokensAsync_silent_error, { message: "exception", exception: exception_4.message });
1217
- return [3 /*break*/, 14];
1218
- case 14:
1219
- index++;
1220
- return [3 /*break*/, 4];
1221
- case 15: return [2 /*return*/];
1198
+ return [2 /*return*/, this.synchroniseTokensAsync(refreshToken, index + 1)];
1199
+ case 24:
1200
+ this.publishEvent(eventNames.refreshTokensAsync_error, { message: "refresh token" });
1201
+ return [2 /*return*/, { tokens: null, status: "SESSION_LOST" }];
1222
1202
  }
1223
1203
  });
1224
1204
  });
1225
1205
  };
1226
- Oidc.prototype.syncTokensAsync = function () {
1206
+ Oidc.prototype.syncTokensInfoAsync = function (configuration, configurationName, currentTokens) {
1227
1207
  var _a;
1228
1208
  return __awaiter(this, void 0, void 0, function () {
1229
- var configuration, oidcServerConfiguration, serviceWorker, isLogin, silent_token_response, _b, exceptionSilent_2, session, tokens;
1230
- return __generator(this, function (_c) {
1231
- switch (_c.label) {
1209
+ var oidcServerConfiguration, serviceWorker, _b, status_2, tokens, timeLeft_1, status_3, session, _c, tokens, status_4, timeLeft_2, status_5, timeLeft, status;
1210
+ return __generator(this, function (_d) {
1211
+ switch (_d.label) {
1232
1212
  case 0:
1233
- configuration = this.configuration;
1234
- if (!this.tokens) {
1235
- return [2 /*return*/];
1213
+ // Service Worker can be killed by the browser (when it wants,for example after 10 seconds of inactivity, so we retreieve the session if it happen)
1214
+ //const configuration = this.configuration;
1215
+ if (!currentTokens) {
1216
+ return [2 /*return*/, { tokens: null, status: "NOT_CONNECTED" }];
1236
1217
  }
1237
1218
  return [4 /*yield*/, this.initAsync(configuration.authority, configuration.authority_configuration)];
1238
1219
  case 1:
1239
- oidcServerConfiguration = _c.sent();
1240
- return [4 /*yield*/, (0, initWorker_1.initWorkerAsync)(configuration.service_worker_relative_url, this.configurationName)];
1220
+ oidcServerConfiguration = _d.sent();
1221
+ return [4 /*yield*/, (0, initWorker_1.initWorkerAsync)(configuration.service_worker_relative_url, configurationName)];
1241
1222
  case 2:
1242
- serviceWorker = _c.sent();
1243
- if (!serviceWorker) return [3 /*break*/, 14];
1223
+ serviceWorker = _d.sent();
1224
+ if (!serviceWorker) return [3 /*break*/, 4];
1244
1225
  return [4 /*yield*/, serviceWorker.initAsync(oidcServerConfiguration, "syncTokensAsync")];
1245
1226
  case 3:
1246
- isLogin = (_c.sent()).isLogin;
1247
- if (!(isLogin == false)) return [3 /*break*/, 5];
1248
- this.publishEvent(eventNames.logout_from_another_tab, {});
1249
- return [4 /*yield*/, this.destroyAsync()];
1227
+ _b = _d.sent(), status_2 = _b.status, tokens = _b.tokens;
1228
+ if (status_2 == "LOGGED_OUT") {
1229
+ return [2 /*return*/, { tokens: null, status: "LOGOUT_FROM_ANOTHER_TAB" }];
1230
+ }
1231
+ else if (status_2 == "SESSIONS_LOST") {
1232
+ return [2 /*return*/, { tokens: null, status: "SESSIONS_LOST" }];
1233
+ }
1234
+ else if (!status_2 || !tokens) {
1235
+ return [2 /*return*/, { tokens: null, status: "REQUIRE_SYNC_TOKENS" }];
1236
+ }
1237
+ else if (tokens.issuedAt !== currentTokens.issuedAt) {
1238
+ timeLeft_1 = (0, parseTokens_1.computeTimeLeft)(configuration.refresh_time_before_tokens_expiration_in_second, tokens.expiresAt);
1239
+ status_3 = (timeLeft_1 > 0) ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID";
1240
+ return [2 /*return*/, { tokens: tokens, status: status_3 }];
1241
+ }
1242
+ return [3 /*break*/, 6];
1250
1243
  case 4:
1251
- _c.sent();
1252
- return [3 /*break*/, 13];
1244
+ session = (0, initSession_1.initSession)(configurationName, configuration.redirect_uri, (_a = configuration.storage) !== null && _a !== void 0 ? _a : sessionStorage);
1245
+ return [4 /*yield*/, session.initAsync()];
1253
1246
  case 5:
1254
- if (!(isLogin == null)) return [3 /*break*/, 13];
1255
- _c.label = 6;
1256
- case 6:
1257
- _c.trys.push([6, 11, , 12]);
1258
- this.publishEvent(eventNames.syncTokensAsync_begin, {});
1259
- this.syncTokensAsyncPromise = this.silentLoginAsync({ prompt: "none" });
1260
- return [4 /*yield*/, this.syncTokensAsyncPromise];
1261
- case 7:
1262
- silent_token_response = _c.sent();
1263
- if (!(silent_token_response && silent_token_response.tokens)) return [3 /*break*/, 9];
1264
- _b = this;
1265
- return [4 /*yield*/, setTokensAsync(serviceWorker, silent_token_response.tokens)];
1266
- case 8:
1267
- _b.tokens = _c.sent();
1268
- return [3 /*break*/, 10];
1269
- case 9:
1270
- this.publishEvent(eventNames.syncTokensAsync_error, { message: "no token found in result" });
1271
- if (this.timeoutId) {
1272
- timer_1.default.clearTimeout(this.timeoutId);
1273
- this.timeoutId = null;
1247
+ _c = _d.sent(), tokens = _c.tokens, status_4 = _c.status;
1248
+ if (!tokens) {
1249
+ return [2 /*return*/, { tokens: null, status: "LOGOUT_FROM_ANOTHER_TAB" }];
1274
1250
  }
1275
- return [2 /*return*/];
1276
- case 10: return [3 /*break*/, 12];
1277
- case 11:
1278
- exceptionSilent_2 = _c.sent();
1279
- console.error(exceptionSilent_2);
1280
- this.publishEvent(eventNames.syncTokensAsync_error, exceptionSilent_2);
1281
- if (this.timeoutId) {
1282
- timer_1.default.clearTimeout(this.timeoutId);
1283
- this.timeoutId = null;
1251
+ else if (status_4 == "SESSIONS_LOST") {
1252
+ return [2 /*return*/, { tokens: null, status: "SESSIONS_LOST" }];
1284
1253
  }
1285
- return [2 /*return*/];
1286
- case 12:
1287
- this.syncTokensAsyncPromise = null;
1288
- this.publishEvent(eventNames.syncTokensAsync_end, {});
1289
- _c.label = 13;
1290
- case 13: return [3 /*break*/, 17];
1291
- case 14:
1292
- session = (0, initSession_1.initSession)(this.configurationName, configuration.redirect_uri, (_a = configuration.storage) !== null && _a !== void 0 ? _a : sessionStorage);
1293
- return [4 /*yield*/, session.initAsync()];
1294
- case 15:
1295
- tokens = (_c.sent()).tokens;
1296
- if (!!tokens) return [3 /*break*/, 17];
1297
- this.publishEvent(eventNames.logout_from_another_tab, {});
1298
- return [4 /*yield*/, this.destroyAsync()];
1299
- case 16:
1300
- _c.sent();
1301
- _c.label = 17;
1302
- case 17: return [2 /*return*/];
1254
+ else if (tokens.issuedAt !== currentTokens.issuedAt) {
1255
+ timeLeft_2 = (0, parseTokens_1.computeTimeLeft)(configuration.refresh_time_before_tokens_expiration_in_second, tokens.expiresAt);
1256
+ status_5 = (timeLeft_2 > 0) ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID";
1257
+ return [2 /*return*/, { tokens: tokens, status: status_5 }];
1258
+ }
1259
+ _d.label = 6;
1260
+ case 6:
1261
+ timeLeft = (0, parseTokens_1.computeTimeLeft)(configuration.refresh_time_before_tokens_expiration_in_second, currentTokens.expiresAt);
1262
+ status = (timeLeft > 0) ? "TOKENS_VALID" : "TOKENS_INVALID";
1263
+ return [2 /*return*/, { tokens: currentTokens, status: status }];
1303
1264
  }
1304
1265
  });
1305
1266
  });
@@ -1318,7 +1279,7 @@ var Oidc = /** @class */ (function () {
1318
1279
  Oidc.prototype.userInfoAsync = function () {
1319
1280
  return userInfoAsync(this);
1320
1281
  };
1321
- Oidc.prototype.destroyAsync = function () {
1282
+ Oidc.prototype.destroyAsync = function (status) {
1322
1283
  return __awaiter(this, void 0, void 0, function () {
1323
1284
  return __generator(this, function (_a) {
1324
1285
  switch (_a.label) {
@@ -1329,37 +1290,68 @@ var Oidc = /** @class */ (function () {
1329
1290
  this.checkSessionIFrame.stop();
1330
1291
  }
1331
1292
  if (!this.serviceWorker) return [3 /*break*/, 2];
1332
- return [4 /*yield*/, this.serviceWorker.clearAsync()];
1293
+ return [4 /*yield*/, this.serviceWorker.clearAsync(status)];
1333
1294
  case 1:
1334
1295
  _a.sent();
1335
1296
  _a.label = 2;
1336
1297
  case 2:
1337
1298
  if (!this.session) return [3 /*break*/, 4];
1338
- return [4 /*yield*/, this.session.clearAsync()];
1299
+ return [4 /*yield*/, this.session.clearAsync(status)];
1339
1300
  case 3:
1340
1301
  _a.sent();
1341
1302
  _a.label = 4;
1342
1303
  case 4:
1343
1304
  this.tokens = null;
1344
1305
  this.userInfo = null;
1345
- this.events = [];
1346
1306
  return [2 /*return*/];
1347
1307
  }
1348
1308
  });
1349
1309
  });
1350
1310
  };
1311
+ Oidc.prototype.logoutSameTabAsync = function (clientId, sub) {
1312
+ return __awaiter(this, void 0, void 0, function () {
1313
+ return __generator(this, function (_a) {
1314
+ switch (_a.label) {
1315
+ case 0:
1316
+ if (!(this.configuration.monitor_session && this.configuration.client_id === clientId && sub && this.tokens && this.tokens.idTokenPayload && this.tokens.idTokenPayload.sub === sub)) return [3 /*break*/, 2];
1317
+ this.publishEvent(eventNames.logout_from_same_tab, { "message": sub });
1318
+ return [4 /*yield*/, this.destroyAsync("LOGGED_OUT")];
1319
+ case 1:
1320
+ _a.sent();
1321
+ _a.label = 2;
1322
+ case 2: return [2 /*return*/];
1323
+ }
1324
+ });
1325
+ });
1326
+ };
1327
+ Oidc.prototype.logoutOtherTabAsync = function (clientId, sub) {
1328
+ return __awaiter(this, void 0, void 0, function () {
1329
+ return __generator(this, function (_a) {
1330
+ switch (_a.label) {
1331
+ case 0:
1332
+ if (!(this.configuration.monitor_session && this.configuration.client_id === clientId && sub && this.tokens && this.tokens.idTokenPayload && this.tokens.idTokenPayload.sub === sub)) return [3 /*break*/, 2];
1333
+ return [4 /*yield*/, this.destroyAsync("LOGGED_OUT")];
1334
+ case 1:
1335
+ _a.sent();
1336
+ this.publishEvent(eventNames.logout_from_another_tab, { message: "SessionMonitor", "sub": sub });
1337
+ _a.label = 2;
1338
+ case 2: return [2 /*return*/];
1339
+ }
1340
+ });
1341
+ });
1342
+ };
1351
1343
  Oidc.prototype.logoutAsync = function (callbackPathOrUrl, extras) {
1352
1344
  if (callbackPathOrUrl === void 0) { callbackPathOrUrl = undefined; }
1353
1345
  if (extras === void 0) { extras = null; }
1354
1346
  return __awaiter(this, void 0, void 0, function () {
1355
- var configuration, oidcServerConfiguration, path, isUri, url, idToken, extraQueryString, _i, _a, _b, key, value;
1356
- return __generator(this, function (_c) {
1357
- switch (_c.label) {
1347
+ var configuration, oidcServerConfiguration, path, isUri, url, idToken, sub, _i, _a, _b, key, oidc, extraQueryString, _c, _d, _e, key, value;
1348
+ return __generator(this, function (_f) {
1349
+ switch (_f.label) {
1358
1350
  case 0:
1359
1351
  configuration = this.configuration;
1360
1352
  return [4 /*yield*/, this.initAsync(configuration.authority, configuration.authority_configuration)];
1361
1353
  case 1:
1362
- oidcServerConfiguration = _c.sent();
1354
+ oidcServerConfiguration = _f.sent();
1363
1355
  if (callbackPathOrUrl && (typeof callbackPathOrUrl !== 'string')) {
1364
1356
  callbackPathOrUrl = undefined;
1365
1357
  console.warn('callbackPathOrUrl path is not a string');
@@ -1371,14 +1363,31 @@ var Oidc = /** @class */ (function () {
1371
1363
  }
1372
1364
  url = isUri ? callbackPathOrUrl : window.location.origin + path;
1373
1365
  idToken = this.tokens ? this.tokens.idToken : "";
1374
- return [4 /*yield*/, this.destroyAsync()];
1366
+ sub = this.tokens && this.tokens.idTokenPayload ? this.tokens.idTokenPayload.sub : null;
1367
+ return [4 /*yield*/, this.destroyAsync("LOGGED_OUT")];
1375
1368
  case 2:
1376
- _c.sent();
1369
+ _f.sent();
1370
+ _i = 0, _a = Object.entries(oidcDatabase);
1371
+ _f.label = 3;
1372
+ case 3:
1373
+ if (!(_i < _a.length)) return [3 /*break*/, 6];
1374
+ _b = _a[_i], key = _b[0], oidc = _b[1];
1375
+ if (!(oidc !== this)) return [3 /*break*/, 5];
1376
+ // @ts-ignore
1377
+ return [4 /*yield*/, oidc.logoutSameTabAsync(this.configuration.client_id, sub)];
1378
+ case 4:
1379
+ // @ts-ignore
1380
+ _f.sent();
1381
+ _f.label = 5;
1382
+ case 5:
1383
+ _i++;
1384
+ return [3 /*break*/, 3];
1385
+ case 6:
1377
1386
  if (oidcServerConfiguration.endSessionEndpoint) {
1378
1387
  extraQueryString = "";
1379
1388
  if (extras) {
1380
- for (_i = 0, _a = Object.entries(extras); _i < _a.length; _i++) {
1381
- _b = _a[_i], key = _b[0], value = _b[1];
1389
+ for (_c = 0, _d = Object.entries(extras); _c < _d.length; _c++) {
1390
+ _e = _d[_c], key = _e[0], value = _e[1];
1382
1391
  extraQueryString += "&".concat(key, "=").concat(encodeURIComponent(value));
1383
1392
  }
1384
1393
  }