@axa-fr/react-oidc 6.11.4-alpha0 → 6.11.4-alpha2

package/src/oidc/vanilla/requests.ts

@@ -1,5 +1,29 @@
+import { getFromCache, setCache } from './cache';
+import { OidcAuthorizationServiceConfiguration } from './oidc';
 import { parseOriginalTokens } from './parseTokens';
 
+const oneHourSecond = 60 * 60;
+export const fetchFromIssuer = async (openIdIssuerUrl: string, timeCacheSecond = oneHourSecond, storage = window.sessionStorage):
+    Promise<OidcAuthorizationServiceConfiguration> => {
+    const fullUrl = `${openIdIssuerUrl}/.well-known/openid-configuration`;
+
+    const localStorageKey = `oidc.server:${openIdIssuerUrl}`;
+    const data = getFromCache(localStorageKey, storage, timeCacheSecond);
+    if (data) {
+        return new OidcAuthorizationServiceConfiguration(data);
+    }
+    const response = await fetch(fullUrl);
+
+    if (response.status !== 200) {
+        return null;
+    }
+
+    const result = await response.json();
+
+    setCache(localStorageKey, result, storage);
+    return new OidcAuthorizationServiceConfiguration(result);
+};
+
 const internalFetch = async (url, headers, numberRetry = 0, timeoutMs = 10000) => {
     let response;
     try {

package/src/oidc/vanilla/silentLogin.ts

@@ -0,0 +1,102 @@
+import { eventNames } from './events';
+import { Tokens } from './parseTokens';
+import { OidcConfiguration, StringMap } from './types';
+
+type SilentLoginResponse = {
+    tokens:Tokens;
+};
+
+// eslint-disable-next-line @typescript-eslint/ban-types
+const silentLoginAsync = (configurationName:string, configuration:OidcConfiguration, publishEvent:Function) => (extras:StringMap = null, state:string = null, scope:string = null):Promise<SilentLoginResponse> => {
+    if (!configuration.silent_redirect_uri || !configuration.silent_login_uri) {
+        return Promise.resolve(null);
+    }
+
+    try {
+        publishEvent(eventNames.silentLoginAsync_begin, {});
+        let queries = '';
+
+        if (state) {
+            if (extras == null) {
+                extras = {};
+            }
+            extras.state = state;
+        }
+
+        if (scope) {
+            if (extras == null) {
+                extras = {};
+            }
+            extras.scope = scope;
+        }
+
+        if (extras != null) {
+            for (const [key, value] of Object.entries(extras)) {
+                if (queries === '') {
+                    queries = `?${encodeURIComponent(key)}=${encodeURIComponent(value)}`;
+                } else {
+                    queries += `&${encodeURIComponent(key)}=${encodeURIComponent(value)}`;
+                }
+            }
+        }
+        const link = configuration.silent_login_uri + queries;
+        const idx = link.indexOf('/', link.indexOf('//') + 2);
+        const iFrameOrigin = link.substr(0, idx);
+        const iframe = document.createElement('iframe');
+        iframe.width = '0px';
+        iframe.height = '0px';
+
+        iframe.id = `${configurationName}_oidc_iframe`;
+        iframe.setAttribute('src', link);
+        document.body.appendChild(iframe);
+        return new Promise((resolve, reject) => {
+            try {
+                let isResolved = false;
+                window.onmessage = (e: MessageEvent<any>) => {
+                    if (e.origin === iFrameOrigin &&
+                        e.source === iframe.contentWindow
+                    ) {
+                        const key = `${configurationName}_oidc_tokens:`;
+                        const key_error = `${configurationName}_oidc_error:`;
+                        const data = e.data;
+                        if (data && typeof (data) === 'string') {
+                            if (!isResolved) {
+                                if (data.startsWith(key)) {
+                                    const result = JSON.parse(e.data.replace(key, ''));
+                                    publishEvent(eventNames.silentLoginAsync_end, {});
+                                    iframe.remove();
+                                    isResolved = true;
+                                    resolve(result);
+                                } else if (data.startsWith(key_error)) {
+                                    const result = JSON.parse(e.data.replace(key_error, ''));
+                                    publishEvent(eventNames.silentLoginAsync_error, result);
+                                    iframe.remove();
+                                    isResolved = true;
+                                    reject(new Error('oidc_' + result.error));
+                                }
+                            }
+                        }
+                    }
+                };
+                const silentSigninTimeout = configuration.silent_login_timeout;
+                setTimeout(() => {
+                    if (!isResolved) {
+                        publishEvent(eventNames.silentLoginAsync_error, { reason: 'timeout' });
+                        iframe.remove();
+                        isResolved = true;
+                        reject(new Error('timeout'));
+                    }
+                }, silentSigninTimeout);
+            } catch (e) {
+                iframe.remove();
+                publishEvent(eventNames.silentLoginAsync_error, e);
+                reject(e);
+            }
+        });
+    } catch (e) {
+        publishEvent(eventNames.silentLoginAsync_error, e);
+        throw e;
+    }
+};
+
+export default silentLoginAsync;

package/src/oidc/vanilla/types.ts

@@ -0,0 +1,35 @@
+
+export type OidcConfiguration = {
+    client_id: string;
+    redirect_uri: string;
+    silent_redirect_uri?:string;
+    silent_login_uri?:string;
+    silent_login_timeout?:number;
+    scope: string;
+    authority: string;
+    authority_time_cache_wellknowurl_in_second?: number;
+    authority_configuration?: AuthorityConfiguration;
+    refresh_time_before_tokens_expiration_in_second?: number;
+    token_request_timeout?: number;
+    service_worker_relative_url?:string;
+    service_worker_only?:boolean;
+    extras?:StringMap;
+    token_request_extras?:StringMap;
+    storage?: Storage;
+    monitor_session?: boolean;
+    token_renew_mode?: string;
+};
+
+export interface StringMap {
+    [key: string]: string;
+}
+
+export interface AuthorityConfiguration {
+    authorization_endpoint: string;
+    token_endpoint: string;
+    revocation_endpoint: string;
+    end_session_endpoint?: string;
+    userinfo_endpoint?: string;
+    check_session_iframe?:string;
+    issuer:string;
+}

package/src/oidc/vanilla/user.ts

@@ -0,0 +1,39 @@
+import { sleepAsync } from './initWorker';
+import { isTokensValid } from './parseTokens';
+
+export const userInfoAsync = async (oidc) => {
+    if (oidc.userInfo != null) {
+        return oidc.userInfo;
+    }
+    if (!oidc.tokens) {
+        return null;
+    }
+    const accessToken = oidc.tokens.accessToken;
+    if (!accessToken) {
+        return null;
+    }
+
+    // We wait the synchronisation before making a request
+    while (oidc.tokens && !isTokensValid(oidc.tokens)) {
+        await sleepAsync(200);
+    }
+
+    const oidcServerConfiguration = await oidc.initAsync(oidc.configuration.authority, oidc.configuration.authority_configuration);
+    const url = oidcServerConfiguration.userInfoEndpoint;
+    const fetchUserInfo = async (accessToken) => {
+        const res = await fetch(url, {
+            headers: {
+                authorization: `Bearer ${accessToken}`,
+            },
+        });
+
+        if (res.status !== 200) {
+            return null;
+        }
+
+        return res.json();
+    };
+    const userInfo = await fetchUserInfo(accessToken);
+    oidc.userInfo = userInfo;
+    return userInfo;
+};

package/src/oidc/vanilla/vanillaOidc.ts

@@ -1,5 +1,6 @@
-import { LoginCallback, Oidc, OidcConfiguration, StringMap } from './oidc';
+import { LoginCallback, Oidc } from './oidc';
 import { getValidTokenAsync, Tokens, ValidToken } from './parseTokens';
+import { OidcConfiguration, StringMap } from './types';
 
 export interface EventSubscriber {
     (name: string, data:any);