@axa-fr/react-oidc 6.9.7 → 6.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +102 -102
- package/dist/FetchToken.d.ts.map +1 -1
- package/dist/FetchToken.js +2 -2
- package/dist/FetchToken.js.map +1 -1
- package/dist/OidcProvider.d.ts +7 -6
- package/dist/OidcProvider.d.ts.map +1 -1
- package/dist/OidcProvider.js +30 -26
- package/dist/OidcProvider.js.map +1 -1
- package/dist/OidcSecure.d.ts +2 -2
- package/dist/OidcSecure.d.ts.map +1 -1
- package/dist/OidcSecure.js +2 -4
- package/dist/OidcSecure.js.map +1 -1
- package/dist/OidcServiceWorker.js +150 -144
- package/dist/OidcTrustedDomains.js +9 -10
- package/dist/ReactOidc.d.ts +1 -1
- package/dist/ReactOidc.d.ts.map +1 -1
- package/dist/ReactOidc.js +22 -16
- package/dist/ReactOidc.js.map +1 -1
- package/dist/User.d.ts.map +1 -1
- package/dist/User.js +1 -1
- package/dist/User.js.map +1 -1
- package/dist/core/default-component/AuthenticateError.component.d.ts +1 -1
- package/dist/core/default-component/AuthenticateError.component.d.ts.map +1 -1
- package/dist/core/default-component/Authenticating.component.d.ts +1 -1
- package/dist/core/default-component/Authenticating.component.d.ts.map +1 -1
- package/dist/core/default-component/Callback.component.d.ts.map +1 -1
- package/dist/core/default-component/Callback.component.js +5 -5
- package/dist/core/default-component/Callback.component.js.map +1 -1
- package/dist/core/default-component/Loading.component.d.ts +1 -1
- package/dist/core/default-component/Loading.component.d.ts.map +1 -1
- package/dist/core/default-component/ServiceWorkerNotSupported.component.d.ts +1 -1
- package/dist/core/default-component/ServiceWorkerNotSupported.component.d.ts.map +1 -1
- package/dist/core/default-component/SessionLost.component.d.ts.map +1 -1
- package/dist/core/default-component/SilentCallback.component.d.ts.map +1 -1
- package/dist/core/default-component/SilentCallback.component.js +1 -0
- package/dist/core/default-component/SilentCallback.component.js.map +1 -1
- package/dist/core/default-component/SilentLogin.component.d.ts.map +1 -1
- package/dist/core/default-component/SilentLogin.component.js +5 -7
- package/dist/core/default-component/SilentLogin.component.js.map +1 -1
- package/dist/core/default-component/index.d.ts +2 -2
- package/dist/core/default-component/index.d.ts.map +1 -1
- package/dist/core/default-component/index.js +5 -5
- package/dist/core/default-component/index.js.map +1 -1
- package/dist/core/routes/OidcRoutes.d.ts +1 -1
- package/dist/core/routes/OidcRoutes.d.ts.map +1 -1
- package/dist/core/routes/OidcRoutes.js +1 -1
- package/dist/core/routes/OidcRoutes.js.map +1 -1
- package/dist/core/routes/withRouter.d.ts.map +1 -1
- package/dist/core/routes/withRouter.js.map +1 -1
- package/dist/index.d.ts +7 -6
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +10 -10
- package/dist/index.js.map +1 -1
- package/dist/vanilla/checkSessionIFrame.d.ts.map +1 -1
- package/dist/vanilla/checkSessionIFrame.js +15 -15
- package/dist/vanilla/checkSessionIFrame.js.map +1 -1
- package/dist/vanilla/initSession.d.ts.map +1 -1
- package/dist/vanilla/initSession.js +1 -1
- package/dist/vanilla/initSession.js.map +1 -1
- package/dist/vanilla/initWorker.d.ts +1 -1
- package/dist/vanilla/initWorker.d.ts.map +1 -1
- package/dist/vanilla/initWorker.js +22 -20
- package/dist/vanilla/initWorker.js.map +1 -1
- package/dist/vanilla/memoryStorageBackend.d.ts +5 -4
- package/dist/vanilla/memoryStorageBackend.d.ts.map +1 -1
- package/dist/vanilla/memoryStorageBackend.js.map +1 -1
- package/dist/vanilla/noHashQueryStringUtils.d.ts +3 -3
- package/dist/vanilla/noHashQueryStringUtils.d.ts.map +1 -1
- package/dist/vanilla/noHashQueryStringUtils.js +4 -4
- package/dist/vanilla/noHashQueryStringUtils.js.map +1 -1
- package/dist/vanilla/oidc.d.ts +6 -6
- package/dist/vanilla/oidc.d.ts.map +1 -1
- package/dist/vanilla/oidc.js +215 -216
- package/dist/vanilla/oidc.js.map +1 -1
- package/dist/vanilla/parseTokens.d.ts +2 -2
- package/dist/vanilla/parseTokens.d.ts.map +1 -1
- package/dist/vanilla/parseTokens.js +8 -8
- package/dist/vanilla/parseTokens.js.map +1 -1
- package/dist/vanilla/route-utils.d.ts.map +1 -1
- package/dist/vanilla/route-utils.js +10 -7
- package/dist/vanilla/route-utils.js.map +1 -1
- package/dist/vanilla/timer.d.ts.map +1 -1
- package/dist/vanilla/timer.js +8 -8
- package/dist/vanilla/timer.js.map +1 -1
- package/dist/vanilla/vanillaOidc.d.ts +6 -4
- package/dist/vanilla/vanillaOidc.d.ts.map +1 -1
- package/dist/vanilla/vanillaOidc.js +4 -5
- package/dist/vanilla/vanillaOidc.js.map +1 -1
- package/package.json +15 -6
- package/src/oidc/FetchToken.tsx +10 -11
- package/src/oidc/OidcProvider.tsx +82 -83
- package/src/oidc/OidcSecure.tsx +16 -18
- package/src/oidc/ReactOidc.tsx +74 -63
- package/src/oidc/User.ts +14 -13
- package/src/oidc/core/default-component/AuthenticateError.component.tsx +1 -1
- package/src/oidc/core/default-component/Authenticating.component.tsx +1 -1
- package/src/oidc/core/default-component/Callback.component.tsx +18 -18
- package/src/oidc/core/default-component/Loading.component.tsx +1 -1
- package/src/oidc/core/default-component/ServiceWorkerNotSupported.component.tsx +1 -1
- package/src/oidc/core/default-component/SessionLost.component.tsx +1 -1
- package/src/oidc/core/default-component/SilentCallback.component.tsx +7 -6
- package/src/oidc/core/default-component/SilentLogin.component.tsx +16 -18
- package/src/oidc/core/default-component/index.ts +2 -2
- package/src/oidc/core/routes/OidcRoutes.tsx +16 -15
- package/src/oidc/core/routes/withRouter.tsx +2 -4
- package/src/oidc/index.ts +7 -6
- package/src/oidc/vanilla/OidcServiceWorker.js +150 -144
- package/src/oidc/vanilla/OidcTrustedDomains.js +9 -10
- package/src/oidc/vanilla/checkSessionIFrame.ts +24 -23
- package/src/oidc/vanilla/index.ts +2 -1
- package/src/oidc/vanilla/initSession.ts +36 -37
- package/src/oidc/vanilla/initWorker.ts +82 -83
- package/src/oidc/vanilla/memoryStorageBackend.ts +13 -6
- package/src/oidc/vanilla/noHashQueryStringUtils.ts +13 -13
- package/src/oidc/vanilla/oidc.ts +460 -467
- package/src/oidc/vanilla/parseTokens.ts +73 -79
- package/src/oidc/vanilla/route-utils.ts +18 -18
- package/src/oidc/vanilla/timer.ts +14 -16
- package/src/oidc/vanilla/vanillaOidc.ts +35 -19
- package/src/override/AuthenticateError.component.tsx +4 -3
- package/src/override/Authenticating.component.tsx +4 -3
- package/src/override/Callback.component.tsx +4 -3
- package/src/override/Loading.component.tsx +4 -6
- package/src/override/ServiceWorkerNotSupported.component.tsx +5 -5
- package/src/override/SessionLost.component.tsx +8 -7
- package/src/override/style.ts +12 -10
- package/dist/core/routes/index.d.ts +0 -3
- package/dist/core/routes/index.d.ts.map +0 -1
- package/dist/core/routes/index.js +0 -9
- package/dist/core/routes/index.js.map +0 -1
- package/dist/vanilla/index.d.ts +0 -2
- package/dist/vanilla/index.d.ts.map +0 -1
- package/dist/vanilla/index.js +0 -6
- package/dist/vanilla/index.js.map +0 -1
- package/src/App.css +0 -38
- package/src/App.specold.tsx +0 -46
- package/src/App.tsx +0 -103
- package/src/FetchUser.tsx +0 -53
- package/src/Home.tsx +0 -23
- package/src/MultiAuth.tsx +0 -129
- package/src/Profile.tsx +0 -81
- package/src/configurations.ts +0 -73
- package/src/index.css +0 -13
- package/src/index.tsx +0 -9
- package/src/logo.svg +0 -7
- package/src/setupTests.js +0 -5
package/dist/vanilla/oidc.js
CHANGED
|
@@ -14,31 +14,31 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
14
14
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
15
|
exports.Oidc = exports.OidcAuthorizationServiceConfiguration = void 0;
|
|
16
16
|
const appauth_1 = require("@openid/appauth");
|
|
17
|
-
const
|
|
17
|
+
const checkSessionIFrame_1 = require("./checkSessionIFrame");
|
|
18
|
+
const initSession_1 = require("./initSession");
|
|
18
19
|
const initWorker_1 = require("./initWorker");
|
|
19
20
|
const memoryStorageBackend_1 = require("./memoryStorageBackend");
|
|
20
|
-
const
|
|
21
|
-
const timer_1 = __importDefault(require("./timer"));
|
|
22
|
-
const checkSessionIFrame_1 = require("./checkSessionIFrame");
|
|
23
|
-
const route_utils_1 = require("./route-utils");
|
|
21
|
+
const noHashQueryStringUtils_1 = require("./noHashQueryStringUtils");
|
|
24
22
|
const parseTokens_1 = require("./parseTokens");
|
|
23
|
+
const route_utils_1 = require("./route-utils");
|
|
24
|
+
const timer_1 = __importDefault(require("./timer"));
|
|
25
25
|
const TOKEN_TYPE = {
|
|
26
|
-
refresh_token:
|
|
27
|
-
access_token:
|
|
26
|
+
refresh_token: 'refresh_token',
|
|
27
|
+
access_token: 'access_token',
|
|
28
28
|
};
|
|
29
29
|
const performRevocationRequestAsync = (url, token, token_type = TOKEN_TYPE.refresh_token, client_id) => __awaiter(void 0, void 0, void 0, function* () {
|
|
30
30
|
const details = {
|
|
31
|
-
token
|
|
31
|
+
token,
|
|
32
32
|
token_type_hint: token_type,
|
|
33
|
-
client_id
|
|
33
|
+
client_id,
|
|
34
34
|
};
|
|
35
|
-
|
|
35
|
+
const formBody = [];
|
|
36
36
|
for (const property in details) {
|
|
37
37
|
const encodedKey = encodeURIComponent(property);
|
|
38
38
|
const encodedValue = encodeURIComponent(details[property]);
|
|
39
39
|
formBody.push(`${encodedKey}=${encodedValue}`);
|
|
40
40
|
}
|
|
41
|
-
const formBodyString = formBody.join(
|
|
41
|
+
const formBodyString = formBody.join('&');
|
|
42
42
|
const response = yield internalFetch(url, {
|
|
43
43
|
method: 'POST',
|
|
44
44
|
headers: {
|
|
@@ -50,22 +50,22 @@ const performRevocationRequestAsync = (url, token, token_type = TOKEN_TYPE.refre
|
|
|
50
50
|
return { success: false };
|
|
51
51
|
}
|
|
52
52
|
return {
|
|
53
|
-
success: true
|
|
53
|
+
success: true,
|
|
54
54
|
};
|
|
55
55
|
});
|
|
56
56
|
const performTokenRequestAsync = (url, details, extras, oldTokens, tokenRenewMode) => __awaiter(void 0, void 0, void 0, function* () {
|
|
57
|
-
for (
|
|
57
|
+
for (const [key, value] of Object.entries(extras)) {
|
|
58
58
|
if (details[key] === undefined) {
|
|
59
59
|
details[key] = value;
|
|
60
60
|
}
|
|
61
61
|
}
|
|
62
|
-
|
|
62
|
+
const formBody = [];
|
|
63
63
|
for (const property in details) {
|
|
64
64
|
const encodedKey = encodeURIComponent(property);
|
|
65
65
|
const encodedValue = encodeURIComponent(details[property]);
|
|
66
66
|
formBody.push(`${encodedKey}=${encodedValue}`);
|
|
67
67
|
}
|
|
68
|
-
const formBodyString = formBody.join(
|
|
68
|
+
const formBodyString = formBody.join('&');
|
|
69
69
|
const response = yield internalFetch(url, {
|
|
70
70
|
method: 'POST',
|
|
71
71
|
headers: {
|
|
@@ -79,19 +79,19 @@ const performTokenRequestAsync = (url, details, extras, oldTokens, tokenRenewMod
|
|
|
79
79
|
const tokens = yield response.json();
|
|
80
80
|
return {
|
|
81
81
|
success: true,
|
|
82
|
-
data: (0, parseTokens_1.parseOriginalTokens)(tokens, oldTokens, tokenRenewMode)
|
|
82
|
+
data: (0, parseTokens_1.parseOriginalTokens)(tokens, oldTokens, tokenRenewMode),
|
|
83
83
|
};
|
|
84
84
|
});
|
|
85
85
|
const internalFetch = (url, headers, numberRetry = 0) => __awaiter(void 0, void 0, void 0, function* () {
|
|
86
86
|
let response;
|
|
87
87
|
try {
|
|
88
|
-
|
|
88
|
+
const controller = new AbortController();
|
|
89
89
|
setTimeout(() => controller.abort(), 10000);
|
|
90
90
|
response = yield fetch(url, Object.assign(Object.assign({}, headers), { signal: controller.signal }));
|
|
91
91
|
}
|
|
92
92
|
catch (e) {
|
|
93
|
-
if (e.message === 'AbortError'
|
|
94
|
-
|
|
93
|
+
if (e.message === 'AbortError' ||
|
|
94
|
+
e.message === 'Network request failed') {
|
|
95
95
|
if (numberRetry <= 1) {
|
|
96
96
|
return yield internalFetch(url, headers, numberRetry + 1);
|
|
97
97
|
}
|
|
@@ -107,8 +107,8 @@ const internalFetch = (url, headers, numberRetry = 0) => __awaiter(void 0, void
|
|
|
107
107
|
return response;
|
|
108
108
|
});
|
|
109
109
|
const randomString = function (length) {
|
|
110
|
-
let text =
|
|
111
|
-
const possible =
|
|
110
|
+
let text = '';
|
|
111
|
+
const possible = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
|
|
112
112
|
for (let i = 0; i < length; i++) {
|
|
113
113
|
text += possible.charAt(Math.floor(Math.random() * possible.length));
|
|
114
114
|
}
|
|
@@ -127,7 +127,7 @@ class OidcAuthorizationServiceConfiguration extends appauth_1.AuthorizationServi
|
|
|
127
127
|
}
|
|
128
128
|
exports.OidcAuthorizationServiceConfiguration = OidcAuthorizationServiceConfiguration;
|
|
129
129
|
const oidcDatabase = {};
|
|
130
|
-
const oidcFactory = (configuration, name =
|
|
130
|
+
const oidcFactory = (configuration, name = 'default') => {
|
|
131
131
|
if (oidcDatabase[name]) {
|
|
132
132
|
return oidcDatabase[name];
|
|
133
133
|
}
|
|
@@ -141,7 +141,7 @@ const loginCallbackWithAutoTokensRenewAsync = (oidc) => __awaiter(void 0, void 0
|
|
|
141
141
|
});
|
|
142
142
|
function renewTokensAndStartTimerAsync(oidc, refreshToken, forceRefresh = false, extras = null) {
|
|
143
143
|
return __awaiter(this, void 0, void 0, function* () {
|
|
144
|
-
const updateTokens = (tokens) => oidc.tokens = tokens;
|
|
144
|
+
const updateTokens = (tokens) => { oidc.tokens = tokens; };
|
|
145
145
|
const { tokens, status } = yield oidc.synchroniseTokensAsync(refreshToken, 0, forceRefresh, extras, updateTokens);
|
|
146
146
|
const serviceWorker = yield (0, initWorker_1.initWorkerAsync)(oidc.configuration.service_worker_relative_url, oidc.configurationName);
|
|
147
147
|
if (!serviceWorker) {
|
|
@@ -203,9 +203,9 @@ const userInfoAsync = (oidc) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
203
203
|
const res = yield fetch(url, {
|
|
204
204
|
headers: {
|
|
205
205
|
authorization: `Bearer ${accessToken}`,
|
|
206
|
-
}
|
|
206
|
+
},
|
|
207
207
|
});
|
|
208
|
-
if (res.status
|
|
208
|
+
if (res.status !== 200) {
|
|
209
209
|
return null;
|
|
210
210
|
}
|
|
211
211
|
return res.json();
|
|
@@ -215,38 +215,38 @@ const userInfoAsync = (oidc) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
215
215
|
return userInfo;
|
|
216
216
|
});
|
|
217
217
|
const eventNames = {
|
|
218
|
-
service_worker_not_supported_by_browser:
|
|
219
|
-
token_aquired:
|
|
220
|
-
logout_from_another_tab:
|
|
221
|
-
logout_from_same_tab:
|
|
222
|
-
token_renewed:
|
|
223
|
-
token_timer:
|
|
224
|
-
loginAsync_begin:
|
|
225
|
-
loginAsync_error:
|
|
226
|
-
loginCallbackAsync_begin:
|
|
227
|
-
loginCallbackAsync_end:
|
|
228
|
-
loginCallbackAsync_error:
|
|
229
|
-
refreshTokensAsync_begin:
|
|
230
|
-
refreshTokensAsync:
|
|
231
|
-
refreshTokensAsync_end:
|
|
232
|
-
refreshTokensAsync_error:
|
|
233
|
-
refreshTokensAsync_silent_error:
|
|
234
|
-
tryKeepExistingSessionAsync_begin:
|
|
235
|
-
tryKeepExistingSessionAsync_end:
|
|
236
|
-
tryKeepExistingSessionAsync_error:
|
|
237
|
-
silentLoginAsync_begin:
|
|
238
|
-
silentLoginAsync:
|
|
239
|
-
silentLoginAsync_end:
|
|
240
|
-
silentLoginAsync_error:
|
|
241
|
-
syncTokensAsync_begin:
|
|
242
|
-
syncTokensAsync_end:
|
|
243
|
-
syncTokensAsync_error:
|
|
218
|
+
service_worker_not_supported_by_browser: 'service_worker_not_supported_by_browser',
|
|
219
|
+
token_aquired: 'token_aquired',
|
|
220
|
+
logout_from_another_tab: 'logout_from_another_tab',
|
|
221
|
+
logout_from_same_tab: 'logout_from_same_tab',
|
|
222
|
+
token_renewed: 'token_renewed',
|
|
223
|
+
token_timer: 'token_timer',
|
|
224
|
+
loginAsync_begin: 'loginAsync_begin',
|
|
225
|
+
loginAsync_error: 'loginAsync_error',
|
|
226
|
+
loginCallbackAsync_begin: 'loginCallbackAsync_begin',
|
|
227
|
+
loginCallbackAsync_end: 'loginCallbackAsync_end',
|
|
228
|
+
loginCallbackAsync_error: 'loginCallbackAsync_error',
|
|
229
|
+
refreshTokensAsync_begin: 'refreshTokensAsync_begin',
|
|
230
|
+
refreshTokensAsync: 'refreshTokensAsync',
|
|
231
|
+
refreshTokensAsync_end: 'refreshTokensAsync_end',
|
|
232
|
+
refreshTokensAsync_error: 'refreshTokensAsync_error',
|
|
233
|
+
refreshTokensAsync_silent_error: 'refreshTokensAsync_silent_error',
|
|
234
|
+
tryKeepExistingSessionAsync_begin: 'tryKeepExistingSessionAsync_begin',
|
|
235
|
+
tryKeepExistingSessionAsync_end: 'tryKeepExistingSessionAsync_end',
|
|
236
|
+
tryKeepExistingSessionAsync_error: 'tryKeepExistingSessionAsync_error',
|
|
237
|
+
silentLoginAsync_begin: 'silentLoginAsync_begin',
|
|
238
|
+
silentLoginAsync: 'silentLoginAsync',
|
|
239
|
+
silentLoginAsync_end: 'silentLoginAsync_end',
|
|
240
|
+
silentLoginAsync_error: 'silentLoginAsync_error',
|
|
241
|
+
syncTokensAsync_begin: 'syncTokensAsync_begin',
|
|
242
|
+
syncTokensAsync_end: 'syncTokensAsync_end',
|
|
243
|
+
syncTokensAsync_error: 'syncTokensAsync_error',
|
|
244
244
|
};
|
|
245
245
|
const getRandomInt = (max) => {
|
|
246
246
|
return Math.floor(Math.random() * max);
|
|
247
247
|
};
|
|
248
248
|
const oneHourSecond = 60 * 60;
|
|
249
|
-
|
|
249
|
+
const fetchFromIssuerCache = {};
|
|
250
250
|
const fetchFromIssuer = (openIdIssuerUrl, timeCacheSecond = oneHourSecond, storage = window.sessionStorage) => __awaiter(void 0, void 0, void 0, function* () {
|
|
251
251
|
const fullUrl = `${openIdIssuerUrl}/.well-known/openid-configuration`;
|
|
252
252
|
const localStorageKey = `oidc.server:${openIdIssuerUrl}`;
|
|
@@ -264,7 +264,7 @@ const fetchFromIssuer = (openIdIssuerUrl, timeCacheSecond = oneHourSecond, stora
|
|
|
264
264
|
return new OidcAuthorizationServiceConfiguration(fetchFromIssuerCache[localStorageKey].result);
|
|
265
265
|
}
|
|
266
266
|
const response = yield fetch(fullUrl);
|
|
267
|
-
if (response.status
|
|
267
|
+
if (response.status !== 200) {
|
|
268
268
|
return null;
|
|
269
269
|
}
|
|
270
270
|
const result = yield response.json();
|
|
@@ -276,7 +276,7 @@ const fetchFromIssuer = (openIdIssuerUrl, timeCacheSecond = oneHourSecond, stora
|
|
|
276
276
|
return new OidcAuthorizationServiceConfiguration(result);
|
|
277
277
|
});
|
|
278
278
|
class Oidc {
|
|
279
|
-
constructor(configuration, configurationName =
|
|
279
|
+
constructor(configuration, configurationName = 'default') {
|
|
280
280
|
var _a, _b, _c, _d;
|
|
281
281
|
this.initPromise = null;
|
|
282
282
|
this.tryKeepExistingSessionPromise = null;
|
|
@@ -286,7 +286,7 @@ class Oidc {
|
|
|
286
286
|
this.userInfoPromise = null;
|
|
287
287
|
let silent_login_uri = configuration.silent_login_uri;
|
|
288
288
|
if (configuration.silent_redirect_uri && !configuration.silent_login_uri) {
|
|
289
|
-
silent_login_uri = `${configuration.silent_redirect_uri.replace(
|
|
289
|
+
silent_login_uri = `${configuration.silent_redirect_uri.replace('-callback', '').replace('callback', '')}-login`;
|
|
290
290
|
}
|
|
291
291
|
this.configuration = Object.assign(Object.assign({}, configuration), { silent_login_uri, monitor_session: (_a = configuration.monitor_session) !== null && _a !== void 0 ? _a : false, refresh_time_before_tokens_expiration_in_second: (_b = configuration.refresh_time_before_tokens_expiration_in_second) !== null && _b !== void 0 ? _b : 60, silent_login_timeout: (_c = configuration.silent_login_timeout) !== null && _c !== void 0 ? _c : 12000, token_renew_mode: (_d = configuration.token_renew_mode) !== null && _d !== void 0 ? _d : parseTokens_1.TokenRenewMode.access_token_or_id_token_invalid });
|
|
292
292
|
this.configurationName = configurationName;
|
|
@@ -299,7 +299,7 @@ class Oidc {
|
|
|
299
299
|
this.initAsync.bind(this);
|
|
300
300
|
this.loginCallbackAsync.bind(this);
|
|
301
301
|
this._loginCallbackAsync.bind(this);
|
|
302
|
-
this.
|
|
302
|
+
this.subscribeEvents.bind(this);
|
|
303
303
|
this.removeEventSubscription.bind(this);
|
|
304
304
|
this.publishEvent.bind(this);
|
|
305
305
|
this.destroyAsync.bind(this);
|
|
@@ -307,7 +307,7 @@ class Oidc {
|
|
|
307
307
|
this.renewTokensAsync.bind(this);
|
|
308
308
|
this.initAsync(this.configuration.authority, this.configuration.authority_configuration);
|
|
309
309
|
}
|
|
310
|
-
|
|
310
|
+
subscribeEvents(func) {
|
|
311
311
|
const id = getRandomInt(9999999999999).toString();
|
|
312
312
|
this.events.push({ id, func });
|
|
313
313
|
return id;
|
|
@@ -321,13 +321,13 @@ class Oidc {
|
|
|
321
321
|
event.func(eventName, data);
|
|
322
322
|
});
|
|
323
323
|
}
|
|
324
|
-
static getOrCreate(configuration, name =
|
|
324
|
+
static getOrCreate(configuration, name = 'default') {
|
|
325
325
|
return oidcFactory(configuration, name);
|
|
326
326
|
}
|
|
327
|
-
static get(name =
|
|
328
|
-
const
|
|
329
|
-
if (!
|
|
330
|
-
throw Error(`
|
|
327
|
+
static get(name = 'default') {
|
|
328
|
+
const isInsideBrowser = (typeof process === 'undefined');
|
|
329
|
+
if (!Object.prototype.hasOwnProperty.call(oidcDatabase, name) && isInsideBrowser) {
|
|
330
|
+
throw Error(`OIDC library does seem initialized.
|
|
331
331
|
Please checkout that you are using OIDC hook inside a <OidcProvider configurationName="${name}"></OidcProvider> compoment.`);
|
|
332
332
|
}
|
|
333
333
|
return oidcDatabase[name];
|
|
@@ -364,7 +364,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
364
364
|
try {
|
|
365
365
|
this.publishEvent(eventNames.silentLoginAsync_begin, {});
|
|
366
366
|
const configuration = this.configuration;
|
|
367
|
-
let queries =
|
|
367
|
+
let queries = '';
|
|
368
368
|
if (state) {
|
|
369
369
|
if (extras == null) {
|
|
370
370
|
extras = {};
|
|
@@ -378,8 +378,8 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
378
378
|
extras.scope = scope;
|
|
379
379
|
}
|
|
380
380
|
if (extras != null) {
|
|
381
|
-
for (
|
|
382
|
-
if (queries ===
|
|
381
|
+
for (const [key, value] of Object.entries(extras)) {
|
|
382
|
+
if (queries === '') {
|
|
383
383
|
queries = `?${encodeURIComponent(key)}=${encodeURIComponent(value)}`;
|
|
384
384
|
}
|
|
385
385
|
else {
|
|
@@ -388,39 +388,38 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
388
388
|
}
|
|
389
389
|
}
|
|
390
390
|
const link = configuration.silent_login_uri + queries;
|
|
391
|
-
const idx = link.indexOf(
|
|
391
|
+
const idx = link.indexOf('/', link.indexOf('//') + 2);
|
|
392
392
|
const iFrameOrigin = link.substr(0, idx);
|
|
393
393
|
const iframe = document.createElement('iframe');
|
|
394
|
-
iframe.width =
|
|
395
|
-
iframe.height =
|
|
394
|
+
iframe.width = '0px';
|
|
395
|
+
iframe.height = '0px';
|
|
396
396
|
iframe.id = `${this.configurationName}_oidc_iframe`;
|
|
397
|
-
iframe.setAttribute(
|
|
397
|
+
iframe.setAttribute('src', link);
|
|
398
398
|
document.body.appendChild(iframe);
|
|
399
|
-
const self = this;
|
|
400
399
|
return new Promise((resolve, reject) => {
|
|
401
400
|
try {
|
|
402
401
|
let isResolved = false;
|
|
403
|
-
window.onmessage =
|
|
402
|
+
window.onmessage = (e) => {
|
|
404
403
|
if (e.origin === iFrameOrigin &&
|
|
405
404
|
e.source === iframe.contentWindow) {
|
|
406
|
-
const key = `${
|
|
407
|
-
const key_error = `${
|
|
405
|
+
const key = `${this.configurationName}_oidc_tokens:`;
|
|
406
|
+
const key_error = `${this.configurationName}_oidc_error:`;
|
|
408
407
|
const data = e.data;
|
|
409
|
-
if (data && typeof (data) ===
|
|
408
|
+
if (data && typeof (data) === 'string') {
|
|
410
409
|
if (!isResolved) {
|
|
411
410
|
if (data.startsWith(key)) {
|
|
412
411
|
const result = JSON.parse(e.data.replace(key, ''));
|
|
413
|
-
|
|
412
|
+
this.publishEvent(eventNames.silentLoginAsync_end, {});
|
|
414
413
|
iframe.remove();
|
|
415
414
|
isResolved = true;
|
|
416
415
|
resolve(result);
|
|
417
416
|
}
|
|
418
417
|
else if (data.startsWith(key_error)) {
|
|
419
418
|
const result = JSON.parse(e.data.replace(key_error, ''));
|
|
420
|
-
|
|
419
|
+
this.publishEvent(eventNames.silentLoginAsync_error, result);
|
|
421
420
|
iframe.remove();
|
|
422
421
|
isResolved = true;
|
|
423
|
-
reject(new Error(
|
|
422
|
+
reject(new Error('oidc_' + result.error));
|
|
424
423
|
}
|
|
425
424
|
}
|
|
426
425
|
}
|
|
@@ -429,16 +428,16 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
429
428
|
const silentSigninTimeout = configuration.silent_login_timeout;
|
|
430
429
|
setTimeout(() => {
|
|
431
430
|
if (!isResolved) {
|
|
432
|
-
|
|
431
|
+
this.publishEvent(eventNames.silentLoginAsync_error, { reason: 'timeout' });
|
|
433
432
|
iframe.remove();
|
|
434
433
|
isResolved = true;
|
|
435
|
-
reject(new Error(
|
|
434
|
+
reject(new Error('timeout'));
|
|
436
435
|
}
|
|
437
436
|
}, silentSigninTimeout);
|
|
438
437
|
}
|
|
439
438
|
catch (e) {
|
|
440
439
|
iframe.remove();
|
|
441
|
-
|
|
440
|
+
this.publishEvent(eventNames.silentLoginAsync_error, e);
|
|
442
441
|
reject(e);
|
|
443
442
|
}
|
|
444
443
|
});
|
|
@@ -495,7 +494,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
495
494
|
const oidcServerConfiguration = yield this.initAsync(configuration.authority, configuration.authority_configuration);
|
|
496
495
|
serviceWorker = yield (0, initWorker_1.initWorkerAsync)(configuration.service_worker_relative_url, this.configurationName);
|
|
497
496
|
if (serviceWorker) {
|
|
498
|
-
const { tokens } = yield serviceWorker.initAsync(oidcServerConfiguration,
|
|
497
|
+
const { tokens } = yield serviceWorker.initAsync(oidcServerConfiguration, 'tryKeepExistingSessionAsync', configuration);
|
|
499
498
|
if (tokens) {
|
|
500
499
|
serviceWorker.startKeepAliveServiceWorker();
|
|
501
500
|
// @ts-ignore
|
|
@@ -507,19 +506,19 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
507
506
|
yield this.startCheckSessionAsync(oidcServerConfiguration.check_session_iframe, configuration.client_id, sessionState);
|
|
508
507
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
|
|
509
508
|
success: true,
|
|
510
|
-
message:
|
|
509
|
+
message: 'tokens inside ServiceWorker are valid',
|
|
511
510
|
});
|
|
512
511
|
return true;
|
|
513
512
|
}
|
|
514
513
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
|
|
515
514
|
success: false,
|
|
516
|
-
message:
|
|
515
|
+
message: 'no exiting session found',
|
|
517
516
|
});
|
|
518
517
|
}
|
|
519
518
|
else {
|
|
520
519
|
if (configuration.service_worker_relative_url) {
|
|
521
520
|
this.publishEvent(eventNames.service_worker_not_supported_by_browser, {
|
|
522
|
-
message:
|
|
521
|
+
message: 'service worker is not supported by this browser',
|
|
523
522
|
});
|
|
524
523
|
}
|
|
525
524
|
const session = (0, initSession_1.initSession)(this.configurationName, configuration.redirect_uri, (_a = configuration.storage) !== null && _a !== void 0 ? _a : sessionStorage);
|
|
@@ -534,14 +533,14 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
534
533
|
yield this.startCheckSessionAsync(oidcServerConfiguration.check_session_iframe, configuration.client_id, sessionState);
|
|
535
534
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
|
|
536
535
|
success: true,
|
|
537
|
-
message:
|
|
536
|
+
message: 'tokens inside storage are valid',
|
|
538
537
|
});
|
|
539
538
|
return true;
|
|
540
539
|
}
|
|
541
540
|
}
|
|
542
541
|
this.publishEvent(eventNames.tryKeepExistingSessionAsync_end, {
|
|
543
542
|
success: false,
|
|
544
|
-
message: serviceWorker ?
|
|
543
|
+
message: serviceWorker ? 'service worker sessions not retrieved' : 'session storage sessions not retrieved',
|
|
545
544
|
});
|
|
546
545
|
return false;
|
|
547
546
|
}
|
|
@@ -550,7 +549,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
550
549
|
if (serviceWorker) {
|
|
551
550
|
yield serviceWorker.clearAsync();
|
|
552
551
|
}
|
|
553
|
-
this.publishEvent(eventNames.tryKeepExistingSessionAsync_error,
|
|
552
|
+
this.publishEvent(eventNames.tryKeepExistingSessionAsync_error, 'tokens inside ServiceWorker are invalid');
|
|
554
553
|
return false;
|
|
555
554
|
}
|
|
556
555
|
});
|
|
@@ -571,15 +570,15 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
571
570
|
const location = window.location;
|
|
572
571
|
const url = callbackPath || location.pathname + (location.search || '') + (location.hash || '');
|
|
573
572
|
const configuration = this.configuration;
|
|
574
|
-
let state
|
|
575
|
-
if (extras &&
|
|
576
|
-
state = extras
|
|
577
|
-
delete extras
|
|
573
|
+
let state;
|
|
574
|
+
if (extras && 'state' in extras) {
|
|
575
|
+
state = extras.state;
|
|
576
|
+
delete extras.state;
|
|
578
577
|
}
|
|
579
578
|
if (silentLoginOnly) {
|
|
580
579
|
try {
|
|
581
580
|
const extraFinal = (_a = extras !== null && extras !== void 0 ? extras : configuration.extras) !== null && _a !== void 0 ? _a : {};
|
|
582
|
-
const silentResult = yield this.silentLoginAsync(Object.assign(Object.assign({}, extraFinal), { prompt:
|
|
581
|
+
const silentResult = yield this.silentLoginAsync(Object.assign(Object.assign({}, extraFinal), { prompt: 'none' }), state, scope);
|
|
583
582
|
if (silentResult) {
|
|
584
583
|
this.tokens = silentResult.tokens;
|
|
585
584
|
this.publishEvent(eventNames.token_aquired, {});
|
|
@@ -601,18 +600,18 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
601
600
|
setLoginParams(this.configurationName, redirectUri, { callbackPath: url, extras, state });
|
|
602
601
|
const extraFinal = (_b = extras !== null && extras !== void 0 ? extras : configuration.extras) !== null && _b !== void 0 ? _b : {};
|
|
603
602
|
if (!extraFinal.nonce) {
|
|
604
|
-
extraFinal
|
|
603
|
+
extraFinal.nonce = randomString(12);
|
|
605
604
|
}
|
|
606
|
-
const nonce = {
|
|
607
|
-
|
|
605
|
+
const nonce = { nonce: extraFinal.nonce };
|
|
606
|
+
const serviceWorker = yield (0, initWorker_1.initWorkerAsync)(configuration.service_worker_relative_url, this.configurationName);
|
|
608
607
|
const oidcServerConfiguration = yield this.initAsync(configuration.authority, configuration.authority_configuration);
|
|
609
608
|
let storage;
|
|
610
609
|
if (serviceWorker) {
|
|
611
610
|
serviceWorker.startKeepAliveServiceWorker();
|
|
612
|
-
yield serviceWorker.initAsync(oidcServerConfiguration,
|
|
611
|
+
yield serviceWorker.initAsync(oidcServerConfiguration, 'loginAsync', configuration);
|
|
613
612
|
yield serviceWorker.setNonceAsync(nonce);
|
|
614
613
|
storage = new memoryStorageBackend_1.MemoryStorageBackend(serviceWorker.saveItemsAsync, {});
|
|
615
|
-
yield storage.setItem(
|
|
614
|
+
yield storage.setItem('dummy', {});
|
|
616
615
|
}
|
|
617
616
|
else {
|
|
618
617
|
const session = (0, initSession_1.initSession)(this.configurationName, redirectUri);
|
|
@@ -620,7 +619,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
620
619
|
storage = new memoryStorageBackend_1.MemoryStorageBackend(session.saveItemsAsync, {});
|
|
621
620
|
}
|
|
622
621
|
// @ts-ignore
|
|
623
|
-
const queryStringUtil = redirectUri.includes(
|
|
622
|
+
const queryStringUtil = redirectUri.includes('#') ? new noHashQueryStringUtils_1.HashQueryStringUtils() : new noHashQueryStringUtils_1.NoHashQueryStringUtils();
|
|
624
623
|
const authorizationHandler = new appauth_1.RedirectRequestHandler(storage, queryStringUtil, window.location, new appauth_1.DefaultCrypto());
|
|
625
624
|
const authRequest = new appauth_1.AuthorizationRequest({
|
|
626
625
|
client_id: configuration.client_id,
|
|
@@ -628,7 +627,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
628
627
|
scope,
|
|
629
628
|
response_type: appauth_1.AuthorizationRequest.RESPONSE_TYPE_CODE,
|
|
630
629
|
state,
|
|
631
|
-
extras: extraFinal
|
|
630
|
+
extras: extraFinal,
|
|
632
631
|
});
|
|
633
632
|
authorizationHandler.performAuthorizationRequest(oidcServerConfiguration, authRequest);
|
|
634
633
|
}
|
|
@@ -658,33 +657,35 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
658
657
|
// @ts-ignore
|
|
659
658
|
const idTokenPayload = this.tokens.idTokenPayload;
|
|
660
659
|
this.silentLoginAsync({
|
|
661
|
-
prompt:
|
|
660
|
+
prompt: 'none',
|
|
662
661
|
id_token_hint: idToken,
|
|
663
|
-
scope:
|
|
662
|
+
scope: 'openid',
|
|
664
663
|
}).then((silentSigninResponse) => {
|
|
665
664
|
const iFrameIdTokenPayload = silentSigninResponse.tokens.idTokenPayload;
|
|
666
665
|
if (idTokenPayload.sub === iFrameIdTokenPayload.sub) {
|
|
667
666
|
const sessionState = silentSigninResponse.sessionState;
|
|
668
667
|
this.checkSessionIFrame.start(silentSigninResponse.sessionState);
|
|
669
668
|
if (idTokenPayload.sid === iFrameIdTokenPayload.sid) {
|
|
670
|
-
console.debug(
|
|
669
|
+
console.debug('SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:', sessionState);
|
|
671
670
|
}
|
|
672
671
|
else {
|
|
673
|
-
console.debug(
|
|
672
|
+
console.debug('SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:', sessionState);
|
|
674
673
|
}
|
|
675
674
|
}
|
|
676
675
|
else {
|
|
677
|
-
console.debug(
|
|
676
|
+
console.debug('SessionMonitor._callback: Different subject signed into OP:', iFrameIdTokenPayload.sub);
|
|
678
677
|
}
|
|
678
|
+
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
|
679
679
|
}).catch((e) => __awaiter(this, void 0, void 0, function* () {
|
|
680
|
+
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
|
680
681
|
for (const [key, oidc] of Object.entries(oidcDatabase)) {
|
|
681
|
-
//if(oidc !== this) {
|
|
682
|
+
// if(oidc !== this) {
|
|
682
683
|
// @ts-ignore
|
|
683
684
|
yield oidc.logoutOtherTabAsync(this.configuration.client_id, idTokenPayload.sub);
|
|
684
|
-
//}
|
|
685
|
+
// }
|
|
685
686
|
}
|
|
686
|
-
//await this.destroyAsync();
|
|
687
|
-
//this.publishEvent(eventNames.logout_from_another_tab, {message : "SessionMonitor"});
|
|
687
|
+
// await this.destroyAsync();
|
|
688
|
+
// this.publishEvent(eventNames.logout_from_another_tab, {message : "SessionMonitor"});
|
|
688
689
|
}));
|
|
689
690
|
};
|
|
690
691
|
this.checkSessionIFrame = new checkSessionIFrame_1.CheckSessionIFrame(checkSessionCallback, clientId, checkSessionIFrameUri);
|
|
@@ -712,11 +713,10 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
712
713
|
const parsedTokens = response.tokens;
|
|
713
714
|
// @ts-ignore
|
|
714
715
|
this.tokens = response.tokens;
|
|
715
|
-
const
|
|
716
|
-
const serviceWorker = yield (0, initWorker_1.initWorkerAsync)(oidc.configuration.service_worker_relative_url, oidc.configurationName);
|
|
716
|
+
const serviceWorker = yield (0, initWorker_1.initWorkerAsync)(this.configuration.service_worker_relative_url, this.configurationName);
|
|
717
717
|
if (!serviceWorker) {
|
|
718
|
-
const session = (0, initSession_1.initSession)(this.configurationName,
|
|
719
|
-
|
|
718
|
+
const session = (0, initSession_1.initSession)(this.configurationName, this.configuration.redirect_uri, this.configuration.storage);
|
|
719
|
+
session.setTokens(parsedTokens);
|
|
720
720
|
}
|
|
721
721
|
this.publishEvent(Oidc.eventNames.token_aquired, parsedTokens);
|
|
722
722
|
// @ts-ignore
|
|
@@ -746,14 +746,14 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
746
746
|
let nonceData = null;
|
|
747
747
|
if (serviceWorker) {
|
|
748
748
|
serviceWorker.startKeepAliveServiceWorker();
|
|
749
|
-
yield serviceWorker.initAsync(oidcServerConfiguration,
|
|
749
|
+
yield serviceWorker.initAsync(oidcServerConfiguration, 'loginCallbackAsync', configuration);
|
|
750
750
|
const items = yield serviceWorker.loadItemsAsync();
|
|
751
751
|
storage = new memoryStorageBackend_1.MemoryStorageBackend(serviceWorker.saveItemsAsync, items);
|
|
752
|
-
const dummy = yield storage.getItem(
|
|
752
|
+
const dummy = yield storage.getItem('dummy');
|
|
753
753
|
if (!dummy) {
|
|
754
|
-
throw new Error(
|
|
754
|
+
throw new Error('Service Worker storage disapear');
|
|
755
755
|
}
|
|
756
|
-
yield storage.removeItem(
|
|
756
|
+
yield storage.removeItem('dummy');
|
|
757
757
|
yield serviceWorker.setSessionStateAsync(sessionState);
|
|
758
758
|
nonceData = yield serviceWorker.getNonceAsync();
|
|
759
759
|
}
|
|
@@ -765,15 +765,13 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
765
765
|
nonceData = yield session.getNonceAsync();
|
|
766
766
|
}
|
|
767
767
|
return new Promise((resolve, reject) => {
|
|
768
|
-
// @ts-ignore
|
|
769
768
|
let queryStringUtil = new noHashQueryStringUtils_1.NoHashQueryStringUtils();
|
|
770
|
-
if (redirectUri.includes(
|
|
771
|
-
const splithash = window.location.href.split(
|
|
772
|
-
if (splithash.length === 2 && splithash[1].includes(
|
|
769
|
+
if (redirectUri.includes('#')) {
|
|
770
|
+
const splithash = window.location.href.split('#');
|
|
771
|
+
if (splithash.length === 2 && splithash[1].includes('?')) {
|
|
773
772
|
queryStringUtil = new noHashQueryStringUtils_1.HashQueryStringUtils();
|
|
774
773
|
}
|
|
775
774
|
}
|
|
776
|
-
// @ts-ignore
|
|
777
775
|
const authorizationHandler = new appauth_1.RedirectRequestHandler(storage, queryStringUtil, window.location, new appauth_1.DefaultCrypto());
|
|
778
776
|
const notifier = new appauth_1.AuthorizationNotifier();
|
|
779
777
|
authorizationHandler.setAuthorizationNotifier(notifier);
|
|
@@ -783,7 +781,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
783
781
|
return;
|
|
784
782
|
}
|
|
785
783
|
if (!response) {
|
|
786
|
-
reject(
|
|
784
|
+
reject(new Error('no response'));
|
|
787
785
|
return;
|
|
788
786
|
}
|
|
789
787
|
let extras = null;
|
|
@@ -791,7 +789,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
791
789
|
extras = {};
|
|
792
790
|
extras.code_verifier = request.internal.code_verifier;
|
|
793
791
|
if (configuration.token_request_extras) {
|
|
794
|
-
for (
|
|
792
|
+
for (const [key, value] of Object.entries(configuration.token_request_extras)) {
|
|
795
793
|
extras[key] = value;
|
|
796
794
|
}
|
|
797
795
|
}
|
|
@@ -805,7 +803,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
805
803
|
extras,
|
|
806
804
|
});
|
|
807
805
|
let timeoutId = setTimeout(() => {
|
|
808
|
-
reject(
|
|
806
|
+
reject(new Error('performTokenRequest timeout'));
|
|
809
807
|
timeoutId = null;
|
|
810
808
|
}, tokenRequestTimeout !== null && tokenRequestTimeout !== void 0 ? tokenRequestTimeout : 12000);
|
|
811
809
|
try {
|
|
@@ -817,14 +815,14 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
817
815
|
const loginParams = getLoginParams(this.configurationName, redirectUri);
|
|
818
816
|
let formattedTokens = null;
|
|
819
817
|
if (serviceWorker) {
|
|
820
|
-
const { tokens } = yield serviceWorker.initAsync(oidcServerConfiguration,
|
|
818
|
+
const { tokens } = yield serviceWorker.initAsync(oidcServerConfiguration, 'syncTokensAsync', configuration);
|
|
821
819
|
formattedTokens = tokens;
|
|
822
820
|
}
|
|
823
821
|
else {
|
|
824
822
|
formattedTokens = (0, parseTokens_1.setTokens)(tokenResponse, null, configuration.token_renew_mode);
|
|
825
823
|
}
|
|
826
824
|
if (!(0, parseTokens_1.isTokensOidcValid)(formattedTokens, nonceData.nonce, oidcServerConfiguration)) {
|
|
827
|
-
const exception = new Error(
|
|
825
|
+
const exception = new Error('Tokens are not OpenID valid');
|
|
828
826
|
if (timeoutId) {
|
|
829
827
|
clearTimeout(timeoutId);
|
|
830
828
|
this.timeoutId = null;
|
|
@@ -833,7 +831,6 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
833
831
|
reject(exception);
|
|
834
832
|
}
|
|
835
833
|
}
|
|
836
|
-
// @ts-ignore
|
|
837
834
|
this.startCheckSessionAsync(oidcServerConfiguration.check_session_iframe, clientId, sessionState, isSilentSignin).then(() => {
|
|
838
835
|
this.publishEvent(eventNames.loginCallbackAsync_end, {});
|
|
839
836
|
resolve({
|
|
@@ -869,7 +866,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
869
866
|
return __awaiter(this, void 0, void 0, function* () {
|
|
870
867
|
if (document.hidden) {
|
|
871
868
|
yield (0, initWorker_1.sleepAsync)(1000);
|
|
872
|
-
this.publishEvent(eventNames.refreshTokensAsync, { message:
|
|
869
|
+
this.publishEvent(eventNames.refreshTokensAsync, { message: 'wait because document is hidden' });
|
|
873
870
|
return yield this.synchroniseTokensAsync(refreshToken, index, forceRefresh, extras, updateTokens);
|
|
874
871
|
}
|
|
875
872
|
let numberTryOnline = 6;
|
|
@@ -885,129 +882,131 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
885
882
|
const localsilentLoginAsync = () => __awaiter(this, void 0, void 0, function* () {
|
|
886
883
|
try {
|
|
887
884
|
const loginParams = getLoginParams(this.configurationName, configuration.redirect_uri);
|
|
888
|
-
const silent_token_response = yield this.silentLoginAsync(Object.assign(Object.assign(Object.assign({}, loginParams.extras), extras), { prompt:
|
|
885
|
+
const silent_token_response = yield this.silentLoginAsync(Object.assign(Object.assign(Object.assign({}, loginParams.extras), extras), { prompt: 'none' }), loginParams.state);
|
|
889
886
|
if (silent_token_response) {
|
|
890
887
|
updateTokens(silent_token_response.tokens);
|
|
891
888
|
this.publishEvent(Oidc.eventNames.token_renewed, {});
|
|
892
|
-
return { tokens: silent_token_response.tokens, status:
|
|
889
|
+
return { tokens: silent_token_response.tokens, status: 'LOGGED' };
|
|
893
890
|
}
|
|
894
891
|
}
|
|
895
892
|
catch (exceptionSilent) {
|
|
896
893
|
console.error(exceptionSilent);
|
|
897
|
-
this.publishEvent(eventNames.refreshTokensAsync_silent_error, { message:
|
|
898
|
-
if (exceptionSilent && exceptionSilent.message && exceptionSilent.message.startsWith(
|
|
894
|
+
this.publishEvent(eventNames.refreshTokensAsync_silent_error, { message: 'exceptionSilent', exception: exceptionSilent.message });
|
|
895
|
+
if (exceptionSilent && exceptionSilent.message && exceptionSilent.message.startsWith('oidc')) {
|
|
899
896
|
updateTokens(null);
|
|
900
|
-
this.publishEvent(eventNames.refreshTokensAsync_error, { message:
|
|
901
|
-
return { tokens: null, status:
|
|
897
|
+
this.publishEvent(eventNames.refreshTokensAsync_error, { message: 'refresh token silent' });
|
|
898
|
+
return { tokens: null, status: 'SESSION_LOST' };
|
|
902
899
|
}
|
|
903
900
|
yield (0, initWorker_1.sleepAsync)(1000);
|
|
904
901
|
throw exceptionSilent;
|
|
905
902
|
}
|
|
906
903
|
updateTokens(null);
|
|
907
|
-
this.publishEvent(eventNames.refreshTokensAsync_error, { message:
|
|
908
|
-
return { tokens: null, status:
|
|
904
|
+
this.publishEvent(eventNames.refreshTokensAsync_error, { message: 'refresh token silent return' });
|
|
905
|
+
return { tokens: null, status: 'SESSION_LOST' };
|
|
909
906
|
});
|
|
910
907
|
if (index <= 4) {
|
|
911
908
|
try {
|
|
912
909
|
const { status, tokens, nonce } = yield this.syncTokensInfoAsync(configuration, this.configurationName, this.tokens, forceRefresh);
|
|
913
910
|
switch (status) {
|
|
914
|
-
case
|
|
911
|
+
case 'SESSION_LOST':
|
|
915
912
|
updateTokens(null);
|
|
916
|
-
this.publishEvent(eventNames.refreshTokensAsync_error, { message:
|
|
917
|
-
return { tokens: null, status:
|
|
918
|
-
case
|
|
913
|
+
this.publishEvent(eventNames.refreshTokensAsync_error, { message: 'refresh token session lost' });
|
|
914
|
+
return { tokens: null, status: 'SESSION_LOST' };
|
|
915
|
+
case 'NOT_CONNECTED':
|
|
919
916
|
updateTokens(null);
|
|
920
917
|
return { tokens: null, status: null };
|
|
921
|
-
case
|
|
918
|
+
case 'TOKENS_VALID':
|
|
922
919
|
updateTokens(tokens);
|
|
923
|
-
return { tokens, status:
|
|
924
|
-
case
|
|
920
|
+
return { tokens, status: 'LOGGED_IN' };
|
|
921
|
+
case 'TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID':
|
|
925
922
|
updateTokens(tokens);
|
|
926
923
|
this.publishEvent(Oidc.eventNames.token_renewed, {});
|
|
927
|
-
return { tokens, status:
|
|
928
|
-
case
|
|
924
|
+
return { tokens, status: 'LOGGED_IN' };
|
|
925
|
+
case 'LOGOUT_FROM_ANOTHER_TAB':
|
|
929
926
|
updateTokens(null);
|
|
930
|
-
this.publishEvent(eventNames.logout_from_another_tab, {
|
|
931
|
-
return { tokens: null, status:
|
|
932
|
-
case
|
|
933
|
-
this.publishEvent(eventNames.refreshTokensAsync_begin, { refreshToken
|
|
927
|
+
this.publishEvent(eventNames.logout_from_another_tab, { status: 'session syncTokensAsync' });
|
|
928
|
+
return { tokens: null, status: 'LOGGED_OUT' };
|
|
929
|
+
case 'REQUIRE_SYNC_TOKENS':
|
|
930
|
+
this.publishEvent(eventNames.refreshTokensAsync_begin, { refreshToken, status, tryNumber: index });
|
|
934
931
|
return yield localsilentLoginAsync();
|
|
935
932
|
default:
|
|
936
933
|
if (!refreshToken) {
|
|
937
934
|
return yield localsilentLoginAsync();
|
|
938
935
|
}
|
|
939
|
-
this.publishEvent(eventNames.refreshTokensAsync_begin, { refreshToken
|
|
940
|
-
|
|
941
|
-
|
|
942
|
-
|
|
943
|
-
|
|
944
|
-
|
|
945
|
-
|
|
946
|
-
|
|
947
|
-
|
|
948
|
-
|
|
949
|
-
|
|
950
|
-
|
|
951
|
-
|
|
952
|
-
|
|
953
|
-
|
|
954
|
-
if (
|
|
955
|
-
|
|
956
|
-
|
|
957
|
-
|
|
936
|
+
this.publishEvent(eventNames.refreshTokensAsync_begin, { refreshToken, status, tryNumber: index });
|
|
937
|
+
{
|
|
938
|
+
const clientId = configuration.client_id;
|
|
939
|
+
const redirectUri = configuration.redirect_uri;
|
|
940
|
+
const authority = configuration.authority;
|
|
941
|
+
const tokenExtras = configuration.token_request_extras ? configuration.token_request_extras : {};
|
|
942
|
+
const finalExtras = Object.assign(Object.assign({}, tokenExtras), extras);
|
|
943
|
+
const details = {
|
|
944
|
+
client_id: clientId,
|
|
945
|
+
redirect_uri: redirectUri,
|
|
946
|
+
grant_type: appauth_1.GRANT_TYPE_REFRESH_TOKEN,
|
|
947
|
+
refresh_token: tokens.refreshToken,
|
|
948
|
+
};
|
|
949
|
+
const oidcServerConfiguration = yield this.initAsync(authority, configuration.authority_configuration);
|
|
950
|
+
const tokenResponse = yield performTokenRequestAsync(oidcServerConfiguration.tokenEndpoint, details, finalExtras, tokens, configuration.token_renew_mode);
|
|
951
|
+
if (tokenResponse.success) {
|
|
952
|
+
if (!(0, parseTokens_1.isTokensOidcValid)(tokenResponse.data, nonce.nonce, oidcServerConfiguration)) {
|
|
953
|
+
updateTokens(null);
|
|
954
|
+
this.publishEvent(eventNames.refreshTokensAsync_error, { message: 'refresh token return not valid tokens' });
|
|
955
|
+
return { tokens: null, status: 'SESSION_LOST' };
|
|
956
|
+
}
|
|
957
|
+
updateTokens(tokenResponse.data);
|
|
958
|
+
this.publishEvent(eventNames.refreshTokensAsync_end, { success: tokenResponse.success });
|
|
959
|
+
this.publishEvent(Oidc.eventNames.token_renewed, {});
|
|
960
|
+
return { tokens: tokenResponse.data, status: 'LOGGED_IN' };
|
|
961
|
+
}
|
|
962
|
+
else {
|
|
963
|
+
this.publishEvent(eventNames.refreshTokensAsync_silent_error, {
|
|
964
|
+
message: 'bad request',
|
|
965
|
+
tokenResponse,
|
|
966
|
+
});
|
|
967
|
+
return yield this.synchroniseTokensAsync(null, index + 1, forceRefresh, extras, updateTokens);
|
|
958
968
|
}
|
|
959
|
-
updateTokens(tokenResponse.data);
|
|
960
|
-
this.publishEvent(eventNames.refreshTokensAsync_end, { success: tokenResponse.success });
|
|
961
|
-
this.publishEvent(Oidc.eventNames.token_renewed, {});
|
|
962
|
-
return { tokens: tokenResponse.data, status: "LOGGED_IN" };
|
|
963
|
-
}
|
|
964
|
-
else {
|
|
965
|
-
this.publishEvent(eventNames.refreshTokensAsync_silent_error, {
|
|
966
|
-
message: "bad request",
|
|
967
|
-
tokenResponse: tokenResponse
|
|
968
|
-
});
|
|
969
|
-
return yield this.synchroniseTokensAsync(null, index + 1, forceRefresh, extras, updateTokens);
|
|
970
969
|
}
|
|
971
970
|
}
|
|
972
971
|
}
|
|
973
972
|
catch (exception) {
|
|
974
973
|
console.error(exception);
|
|
975
|
-
this.publishEvent(eventNames.refreshTokensAsync_silent_error, { message:
|
|
974
|
+
this.publishEvent(eventNames.refreshTokensAsync_silent_error, { message: 'exception', exception: exception.message });
|
|
976
975
|
return this.synchroniseTokensAsync(refreshToken, index + 1, forceRefresh, extras, updateTokens);
|
|
977
976
|
}
|
|
978
977
|
}
|
|
979
|
-
this.publishEvent(eventNames.refreshTokensAsync_error, { message:
|
|
980
|
-
return { tokens: null, status:
|
|
978
|
+
this.publishEvent(eventNames.refreshTokensAsync_error, { message: 'refresh token' });
|
|
979
|
+
return { tokens: null, status: 'SESSION_LOST' };
|
|
981
980
|
});
|
|
982
981
|
}
|
|
983
982
|
syncTokensInfoAsync(configuration, configurationName, currentTokens, forceRefresh = false) {
|
|
984
983
|
var _a;
|
|
985
984
|
return __awaiter(this, void 0, void 0, function* () {
|
|
986
985
|
// Service Worker can be killed by the browser (when it wants,for example after 10 seconds of inactivity, so we retreieve the session if it happen)
|
|
987
|
-
//const configuration = this.configuration;
|
|
986
|
+
// const configuration = this.configuration;
|
|
988
987
|
const nullNonce = { nonce: null };
|
|
989
988
|
if (!currentTokens) {
|
|
990
|
-
return { tokens: null, status:
|
|
989
|
+
return { tokens: null, status: 'NOT_CONNECTED', nonce: nullNonce };
|
|
991
990
|
}
|
|
992
991
|
let nonce = nullNonce;
|
|
993
992
|
const oidcServerConfiguration = yield this.initAsync(configuration.authority, configuration.authority_configuration);
|
|
994
993
|
const serviceWorker = yield (0, initWorker_1.initWorkerAsync)(configuration.service_worker_relative_url, configurationName);
|
|
995
994
|
if (serviceWorker) {
|
|
996
|
-
const { status, tokens } = yield serviceWorker.initAsync(oidcServerConfiguration,
|
|
997
|
-
if (status
|
|
998
|
-
return { tokens: null, status:
|
|
995
|
+
const { status, tokens } = yield serviceWorker.initAsync(oidcServerConfiguration, 'syncTokensAsync', configuration);
|
|
996
|
+
if (status === 'LOGGED_OUT') {
|
|
997
|
+
return { tokens: null, status: 'LOGOUT_FROM_ANOTHER_TAB', nonce: nullNonce };
|
|
999
998
|
}
|
|
1000
|
-
else if (status
|
|
1001
|
-
return { tokens: null, status:
|
|
999
|
+
else if (status === 'SESSIONS_LOST') {
|
|
1000
|
+
return { tokens: null, status: 'SESSIONS_LOST', nonce: nullNonce };
|
|
1002
1001
|
}
|
|
1003
1002
|
else if (!status || !tokens) {
|
|
1004
|
-
return { tokens: null, status:
|
|
1003
|
+
return { tokens: null, status: 'REQUIRE_SYNC_TOKENS', nonce: nullNonce };
|
|
1005
1004
|
}
|
|
1006
1005
|
else if (tokens.issuedAt !== currentTokens.issuedAt) {
|
|
1007
1006
|
const timeLeft = (0, parseTokens_1.computeTimeLeft)(configuration.refresh_time_before_tokens_expiration_in_second, tokens.expiresAt);
|
|
1008
|
-
const status = (timeLeft > 0) ?
|
|
1007
|
+
const status = (timeLeft > 0) ? 'TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID' : 'TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID';
|
|
1009
1008
|
const nonce = yield serviceWorker.getNonceAsync();
|
|
1010
|
-
return { tokens
|
|
1009
|
+
return { tokens, status, nonce };
|
|
1011
1010
|
}
|
|
1012
1011
|
nonce = yield serviceWorker.getNonceAsync();
|
|
1013
1012
|
}
|
|
@@ -1015,23 +1014,23 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1015
1014
|
const session = (0, initSession_1.initSession)(configurationName, configuration.redirect_uri, (_a = configuration.storage) !== null && _a !== void 0 ? _a : sessionStorage);
|
|
1016
1015
|
const { tokens, status } = yield session.initAsync();
|
|
1017
1016
|
if (!tokens) {
|
|
1018
|
-
return { tokens: null, status:
|
|
1017
|
+
return { tokens: null, status: 'LOGOUT_FROM_ANOTHER_TAB', nonce: nullNonce };
|
|
1019
1018
|
}
|
|
1020
|
-
else if (status
|
|
1021
|
-
return { tokens: null, status:
|
|
1019
|
+
else if (status === 'SESSIONS_LOST') {
|
|
1020
|
+
return { tokens: null, status: 'SESSIONS_LOST', nonce: nullNonce };
|
|
1022
1021
|
}
|
|
1023
1022
|
else if (tokens.issuedAt !== currentTokens.issuedAt) {
|
|
1024
1023
|
const timeLeft = (0, parseTokens_1.computeTimeLeft)(configuration.refresh_time_before_tokens_expiration_in_second, tokens.expiresAt);
|
|
1025
|
-
const status = (timeLeft > 0) ?
|
|
1024
|
+
const status = (timeLeft > 0) ? 'TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID' : 'TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID';
|
|
1026
1025
|
const nonce = yield session.getNonceAsync();
|
|
1027
|
-
return { tokens
|
|
1026
|
+
return { tokens, status, nonce };
|
|
1028
1027
|
}
|
|
1029
1028
|
nonce = yield session.getNonceAsync();
|
|
1030
1029
|
}
|
|
1031
1030
|
const timeLeft = (0, parseTokens_1.computeTimeLeft)(configuration.refresh_time_before_tokens_expiration_in_second, currentTokens.expiresAt);
|
|
1032
|
-
const status = (timeLeft > 0) ?
|
|
1031
|
+
const status = (timeLeft > 0) ? 'TOKENS_VALID' : 'TOKENS_INVALID';
|
|
1033
1032
|
if (forceRefresh) {
|
|
1034
|
-
return { tokens: currentTokens, status:
|
|
1033
|
+
return { tokens: currentTokens, status: 'FORCE_REFRESH', nonce };
|
|
1035
1034
|
}
|
|
1036
1035
|
return { tokens: currentTokens, status, nonce };
|
|
1037
1036
|
});
|
|
@@ -1073,10 +1072,9 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1073
1072
|
if (this.checkSessionIFrame) {
|
|
1074
1073
|
this.checkSessionIFrame.stop();
|
|
1075
1074
|
}
|
|
1076
|
-
const
|
|
1077
|
-
const serviceWorker = yield (0, initWorker_1.initWorkerAsync)(oidc.configuration.service_worker_relative_url, oidc.configurationName);
|
|
1075
|
+
const serviceWorker = yield (0, initWorker_1.initWorkerAsync)(this.configuration.service_worker_relative_url, this.configurationName);
|
|
1078
1076
|
if (!serviceWorker) {
|
|
1079
|
-
const session = (0, initSession_1.initSession)(this.configurationName,
|
|
1077
|
+
const session = (0, initSession_1.initSession)(this.configurationName, this.configuration.redirect_uri, this.configuration.storage);
|
|
1080
1078
|
yield session.clearAsync(status);
|
|
1081
1079
|
}
|
|
1082
1080
|
else {
|
|
@@ -1091,8 +1089,8 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1091
1089
|
return __awaiter(this, void 0, void 0, function* () {
|
|
1092
1090
|
// @ts-ignore
|
|
1093
1091
|
if (this.configuration.monitor_session && this.configuration.client_id === clientId && sub && this.tokens && this.tokens.idTokenPayload && this.tokens.idTokenPayload.sub === sub) {
|
|
1094
|
-
this.publishEvent(eventNames.logout_from_same_tab, {
|
|
1095
|
-
yield this.destroyAsync(
|
|
1092
|
+
this.publishEvent(eventNames.logout_from_same_tab, { message: sub });
|
|
1093
|
+
yield this.destroyAsync('LOGGED_OUT');
|
|
1096
1094
|
}
|
|
1097
1095
|
});
|
|
1098
1096
|
}
|
|
@@ -1100,8 +1098,8 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1100
1098
|
return __awaiter(this, void 0, void 0, function* () {
|
|
1101
1099
|
// @ts-ignore
|
|
1102
1100
|
if (this.configuration.monitor_session && this.configuration.client_id === clientId && sub && this.tokens && this.tokens.idTokenPayload && this.tokens.idTokenPayload.sub === sub) {
|
|
1103
|
-
yield this.destroyAsync(
|
|
1104
|
-
this.publishEvent(eventNames.logout_from_another_tab, { message:
|
|
1101
|
+
yield this.destroyAsync('LOGGED_OUT');
|
|
1102
|
+
this.publishEvent(eventNames.logout_from_another_tab, { message: 'SessionMonitor', sub });
|
|
1105
1103
|
}
|
|
1106
1104
|
});
|
|
1107
1105
|
}
|
|
@@ -1116,11 +1114,11 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1116
1114
|
const path = (callbackPathOrUrl === null || callbackPathOrUrl === undefined) ? location.pathname + (location.search || '') + (location.hash || '') : callbackPathOrUrl;
|
|
1117
1115
|
let isUri = false;
|
|
1118
1116
|
if (callbackPathOrUrl) {
|
|
1119
|
-
isUri = callbackPathOrUrl.includes(
|
|
1117
|
+
isUri = callbackPathOrUrl.includes('https://') || callbackPathOrUrl.includes('http://');
|
|
1120
1118
|
}
|
|
1121
1119
|
const url = isUri ? callbackPathOrUrl : window.location.origin + path;
|
|
1122
1120
|
// @ts-ignore
|
|
1123
|
-
const idToken = this.tokens ? this.tokens.idToken :
|
|
1121
|
+
const idToken = this.tokens ? this.tokens.idToken : '';
|
|
1124
1122
|
try {
|
|
1125
1123
|
const revocationEndpoint = oidcServerConfiguration.revocationEndpoint;
|
|
1126
1124
|
if (revocationEndpoint) {
|
|
@@ -1143,7 +1141,8 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1143
1141
|
}
|
|
1144
1142
|
// @ts-ignore
|
|
1145
1143
|
const sub = this.tokens && this.tokens.idTokenPayload ? this.tokens.idTokenPayload.sub : null;
|
|
1146
|
-
yield this.destroyAsync(
|
|
1144
|
+
yield this.destroyAsync('LOGGED_OUT');
|
|
1145
|
+
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
|
1147
1146
|
for (const [key, oidc] of Object.entries(oidcDatabase)) {
|
|
1148
1147
|
if (oidc !== this) {
|
|
1149
1148
|
// @ts-ignore
|
|
@@ -1153,20 +1152,20 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1153
1152
|
if (oidcServerConfiguration.endSessionEndpoint) {
|
|
1154
1153
|
if (!extras) {
|
|
1155
1154
|
extras = {
|
|
1156
|
-
id_token_hint: idToken
|
|
1155
|
+
id_token_hint: idToken,
|
|
1157
1156
|
};
|
|
1158
1157
|
if (callbackPathOrUrl !== null) {
|
|
1159
|
-
extras
|
|
1158
|
+
extras.post_logout_redirect_uri = url;
|
|
1160
1159
|
}
|
|
1161
1160
|
}
|
|
1162
|
-
let queryString =
|
|
1161
|
+
let queryString = '';
|
|
1163
1162
|
if (extras) {
|
|
1164
|
-
for (
|
|
1165
|
-
if (queryString ===
|
|
1166
|
-
queryString +=
|
|
1163
|
+
for (const [key, value] of Object.entries(extras)) {
|
|
1164
|
+
if (queryString === '') {
|
|
1165
|
+
queryString += '?';
|
|
1167
1166
|
}
|
|
1168
1167
|
else {
|
|
1169
|
-
queryString +=
|
|
1168
|
+
queryString += '&';
|
|
1170
1169
|
}
|
|
1171
1170
|
queryString += `${key}=${encodeURIComponent(value)}`;
|
|
1172
1171
|
}
|