npm - @axa-fr/react-oidc - Versions diffs - 6.18.3 → 6.19.0 - Mend

@axa-fr/react-oidc 6.18.3 → 6.19.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (25) hide show

package/README.md +6 -0
package/dist/service_worker/OidcServiceWorker.js +1 -1
package/dist/service_worker/OidcServiceWorker.js.map +1 -1
package/dist/service_worker/types.d.ts +7 -2
package/dist/service_worker/types.d.ts.map +1 -1
package/dist/service_worker/utils/domains.d.ts.map +1 -1
package/dist/service_worker/utils/tokens.d.ts +11 -1
package/dist/service_worker/utils/tokens.d.ts.map +1 -1
package/dist/tsconfig.tsbuildinfo +1 -1
package/package.json +1 -1
package/service_worker/OidcServiceWorker.ts +27 -5
package/service_worker/OidcTrustedDomains.js +5 -0
package/service_worker/dist/OidcServiceWorker.js +1 -1
package/service_worker/dist/OidcServiceWorker.js.map +1 -1
package/service_worker/dist/types.d.ts +7 -2
package/service_worker/dist/types.d.ts.map +1 -1
package/service_worker/dist/utils/domains.d.ts.map +1 -1
package/service_worker/dist/utils/tokens.d.ts +11 -1
package/service_worker/dist/utils/tokens.d.ts.map +1 -1
package/service_worker/types.ts +10 -2
package/service_worker/utils/__tests__/domains.spec.ts +1 -0
package/service_worker/utils/__tests__/testHelper.ts +6 -0
package/service_worker/utils/__tests__/tokens.spec.ts +26 -2
package/service_worker/utils/domains.ts +4 -3
package/service_worker/utils/tokens.ts +92 -84

package/service_worker/utils/tokens.ts CHANGED Viewed

@@ -91,97 +91,104 @@ const isTokensOidcValid = (
   return { isValid: true, reason: '' };
 };
-function hideTokens(currentDatabaseElement: OidcConfig) {
-  const configurationName = currentDatabaseElement.configurationName;
-  return (response: Response) => {
-    if (response.status !== 200) {
-      return response;
+function _hideTokens(tokens: Tokens, currentDatabaseElement: OidcConfig, configurationName: string) {
+  if (!tokens.issued_at) {
+    const currentTimeUnixSecond = new Date().getTime() / 1000;
+    tokens.issued_at = currentTimeUnixSecond;
+  }
+  const accessTokenPayload = extractTokenPayload(tokens.access_token);
+  const secureTokens = {
+    ...tokens,
+    accessTokenPayload,
+  };
+  if (currentDatabaseElement.hideAccessToken) {
+    secureTokens.access_token = TOKEN.ACCESS_TOKEN + '_' + configurationName;
+  }
+  tokens.accessTokenPayload = accessTokenPayload;
+  let _idTokenPayload = null;
+  if (tokens.id_token) {
+    _idTokenPayload = extractTokenPayload(tokens.id_token);
+    tokens.idTokenPayload = {..._idTokenPayload};
+    if (_idTokenPayload.nonce && currentDatabaseElement.nonce != null) {
+      const keyNonce =
+          TOKEN.NONCE_TOKEN + '_' + currentDatabaseElement.configurationName;
+      _idTokenPayload.nonce = keyNonce;
     }
-    return response.json().then<Response>((tokens: Tokens) => {
-      if (!tokens.issued_at) {
-        const currentTimeUnixSecond = new Date().getTime() / 1000;
-        tokens.issued_at = currentTimeUnixSecond;
-      }
-      const accessTokenPayload = extractTokenPayload(tokens.access_token);
-      const secureTokens = {
-        ...tokens,
-        access_token: TOKEN.ACCESS_TOKEN + '_' + configurationName,
-        accessTokenPayload,
-      };
-      tokens.accessTokenPayload = accessTokenPayload;
-      let _idTokenPayload = null;
-      if (tokens.id_token) {
-        _idTokenPayload = extractTokenPayload(tokens.id_token);
-        tokens.idTokenPayload = { ..._idTokenPayload };
-        if (_idTokenPayload.nonce && currentDatabaseElement.nonce != null) {
-          const keyNonce =
-            TOKEN.NONCE_TOKEN + '_' + currentDatabaseElement.configurationName;
-          _idTokenPayload.nonce = keyNonce;
-        }
-        secureTokens.idTokenPayload = _idTokenPayload;
-      }
-      if (tokens.refresh_token) {
-        secureTokens.refresh_token =
-          TOKEN.REFRESH_TOKEN + '_' + configurationName;
-      }
-      const idTokenExpiresAt =
-        _idTokenPayload && _idTokenPayload.exp
+    secureTokens.idTokenPayload = _idTokenPayload;
+  }
+  if (tokens.refresh_token) {
+    secureTokens.refresh_token =
+        TOKEN.REFRESH_TOKEN + '_' + configurationName;
+  }
+  const idTokenExpiresAt =
+      _idTokenPayload && _idTokenPayload.exp
           ? _idTokenPayload.exp
           : Number.MAX_VALUE;
-      const accessTokenExpiresAt =
-        accessTokenPayload && accessTokenPayload.exp
+  const accessTokenExpiresAt =
+      accessTokenPayload && accessTokenPayload.exp
           ? accessTokenPayload.exp
           : tokens.issued_at + tokens.expires_in;
-      let expiresAt: number;
-      const tokenRenewMode = (
-        currentDatabaseElement.oidcConfiguration as OidcConfiguration
-      ).token_renew_mode;
-      if (tokenRenewMode === TokenRenewMode.access_token_invalid) {
-        expiresAt = accessTokenExpiresAt;
-      } else if (tokenRenewMode === TokenRenewMode.id_token_invalid) {
-        expiresAt = idTokenExpiresAt;
-      } else {
-        expiresAt =
-          idTokenExpiresAt < accessTokenExpiresAt
+  let expiresAt: number;
+  const tokenRenewMode = (
+      currentDatabaseElement.oidcConfiguration as OidcConfiguration
+  ).token_renew_mode;
+  if (tokenRenewMode === TokenRenewMode.access_token_invalid) {
+    expiresAt = accessTokenExpiresAt;
+  } else if (tokenRenewMode === TokenRenewMode.id_token_invalid) {
+    expiresAt = idTokenExpiresAt;
+  } else {
+    expiresAt =
+        idTokenExpiresAt < accessTokenExpiresAt
             ? idTokenExpiresAt
             : accessTokenExpiresAt;
-      }
-      secureTokens.expiresAt = expiresAt;
-      tokens.expiresAt = expiresAt;
-      const nonce = currentDatabaseElement.nonce
-        ? currentDatabaseElement.nonce.nonce
-        : null;
-      const { isValid, reason } = isTokensOidcValid(
-        tokens,
-        nonce,
-        currentDatabaseElement.oidcServerConfiguration as OidcServerConfiguration
-      ); //TODO: Type assertion, could be null.
-      if (!isValid) {
-        throw Error(`Tokens are not OpenID valid, reason: ${reason}`);
-      }
-      // When refresh_token is not rotated we reuse ald refresh_token
-      if (
-        currentDatabaseElement.tokens != null &&
-        'refresh_token' in currentDatabaseElement.tokens &&
-        !('refresh_token' in tokens)
-      ) {
-        const refreshToken = currentDatabaseElement.tokens.refresh_token;
-        currentDatabaseElement.tokens = {
-          ...tokens,
-          refresh_token: refreshToken,
-        };
-      } else {
-        currentDatabaseElement.tokens = tokens;
-      }
-      currentDatabaseElement.status = 'LOGGED_IN';
+  }
+  secureTokens.expiresAt = expiresAt;
+  tokens.expiresAt = expiresAt;
+  const nonce = currentDatabaseElement.nonce
+      ? currentDatabaseElement.nonce.nonce
+      : null;
+  const {isValid, reason} = isTokensOidcValid(
+      tokens,
+      nonce,
+      currentDatabaseElement.oidcServerConfiguration as OidcServerConfiguration
+  ); //TODO: Type assertion, could be null.
+  if (!isValid) {
+    throw Error(`Tokens are not OpenID valid, reason: ${reason}`);
+  }
+  // When refresh_token is not rotated we reuse ald refresh_token
+  if (
+      currentDatabaseElement.tokens != null &&
+      'refresh_token' in currentDatabaseElement.tokens &&
+      !('refresh_token' in tokens)
+  ) {
+    const refreshToken = currentDatabaseElement.tokens.refresh_token;
+    currentDatabaseElement.tokens = {
+      ...tokens,
+      refresh_token: refreshToken,
+    };
+  } else {
+    currentDatabaseElement.tokens = tokens;
+  }
+  currentDatabaseElement.status = 'LOGGED_IN';
+  return secureTokens;
+}
+function hideTokens(currentDatabaseElement: OidcConfig) {
+  const configurationName = currentDatabaseElement.configurationName;
+  return (response: Response) => {
+    if (response.status !== 200) {
+      return response;
+    }
+    return response.json().then<Response>((tokens: Tokens) => {
+      const secureTokens = _hideTokens(tokens, currentDatabaseElement, configurationName);
       const body = JSON.stringify(secureTokens);
       return new Response(body, response);
     });
@@ -194,5 +201,6 @@ export {
   isTokensValid,
   extractTokenPayload,
   isTokensOidcValid,
-  hideTokens
+  hideTokens,
+  _hideTokens
 };