@bmc-soft/keycloak-auth 2.0.11 → 2.0.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +8 -0
- package/dist/axios/adapters/KeycloakTokenProvider.d.ts.map +1 -1
- package/dist/axios/adapters/KeycloakTokenProvider.js +5 -14
- package/dist/axios/adapters/KeycloakTokenProvider.js.map +1 -1
- package/dist/context/KeycloakInstanceContext.d.ts.map +1 -1
- package/dist/context/KeycloakInstanceContext.js +8 -11
- package/dist/context/KeycloakInstanceContext.js.map +1 -1
- package/dist/context/TokenContext.d.ts.map +1 -1
- package/dist/context/TokenContext.js +9 -27
- package/dist/context/TokenContext.js.map +1 -1
- package/dist/core/tokenRefreshSingleFlight.d.ts +25 -0
- package/dist/core/tokenRefreshSingleFlight.d.ts.map +1 -0
- package/dist/core/tokenRefreshSingleFlight.js +42 -0
- package/dist/core/tokenRefreshSingleFlight.js.map +1 -0
- package/package.json +2 -2
package/README.md
CHANGED
|
@@ -567,6 +567,14 @@ PIN/биометрия → refresh при необходимости → tokenSt
|
|
|
567
567
|
|
|
568
568
|
При `offlineAccessEnabled=true` библиотека добавляет `offline_access` в login scope. Keycloak возвращает offline token в поле `refresh_token`; библиотека хранит его в Keychain как `offlineToken`/`refreshToken` и использует только для получения новых access token.
|
|
569
569
|
|
|
570
|
+
### Refresh token rotation
|
|
571
|
+
|
|
572
|
+
Библиотека поддерживает строгую ротацию refresh token в Keycloak, включая настройки `Revoke Refresh Token = ON` и `Refresh Token Max Reuse = 0`.
|
|
573
|
+
|
|
574
|
+
Все внутренние пути обновления токена (`autoRefreshToken`, `useToken().updateToken`, `KeycloakTokenProvider.refreshToken`) проходят через общий single-flight guard на один Keycloak client. Совместимые параллельные refresh-запросы ждут один и тот же результат, а запрос с большим `minValidity` дожидается текущего refresh и затем проверяет уже актуальную пару токенов. После успешного refresh новая пара `accessToken`/`offlineToken` сохраняется в Keychain до уведомления consumers.
|
|
575
|
+
|
|
576
|
+
Интеграционному приложению не нужно запускать дополнительные параллельные `keycloak.updateToken()` поверх библиотеки. Если нужен ручной refresh, используйте `useToken().updateToken()` или `KeycloakTokenProvider.refreshToken()`.
|
|
577
|
+
|
|
570
578
|
### Иерархия контекстов
|
|
571
579
|
|
|
572
580
|
```
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"KeycloakTokenProvider.d.ts","sourceRoot":"","sources":["../../../src/axios/adapters/KeycloakTokenProvider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,yBAAyB,MAAM,mBAAmB,CAAC;
|
|
1
|
+
{"version":3,"file":"KeycloakTokenProvider.d.ts","sourceRoot":"","sources":["../../../src/axios/adapters/KeycloakTokenProvider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,yBAAyB,MAAM,mBAAmB,CAAC;AAG/D,OAAO,KAAK,EAAC,aAAa,EAAC,MAAM,kBAAkB,CAAC;AAsBpD,qBAAa,qBAAsB,YAAW,aAAa;IACzD,OAAO,CAAC,cAAc,CAA4B;gBAEtC,cAAc,EAAE,yBAAyB;IAQ/C,QAAQ,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAwBlC,YAAY,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAetC,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;CAqB1C"}
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { updateKeycloakTokenOnce } from '../../core/tokenRefreshSingleFlight';
|
|
1
2
|
import { tokenStorage } from '../../storage/tokenStorage';
|
|
2
3
|
export class KeycloakTokenProvider {
|
|
3
4
|
constructor(keycloakClient) {
|
|
@@ -19,20 +20,10 @@ export class KeycloakTokenProvider {
|
|
|
19
20
|
}
|
|
20
21
|
async refreshToken() {
|
|
21
22
|
try {
|
|
22
|
-
const
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
return token;
|
|
27
|
-
}
|
|
28
|
-
await tokenStorage.saveTokens({
|
|
29
|
-
accessToken: token,
|
|
30
|
-
offlineToken: refreshToken ?? undefined,
|
|
31
|
-
idToken: idToken ?? undefined,
|
|
32
|
-
});
|
|
33
|
-
return token;
|
|
34
|
-
}
|
|
35
|
-
return null;
|
|
23
|
+
const result = await updateKeycloakTokenOnce(this.keycloakClient, 60, {
|
|
24
|
+
persistTokens: tokenStorage.saveTokens,
|
|
25
|
+
});
|
|
26
|
+
return result.token;
|
|
36
27
|
}
|
|
37
28
|
catch (error) {
|
|
38
29
|
console.error('[KeycloakTokenProvider] Refresh token error:', error);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"KeycloakTokenProvider.js","sourceRoot":"","sources":["../../../src/axios/adapters/KeycloakTokenProvider.ts"],"names":[],"mappings":"AACA,OAAO,EAAC,YAAY,EAAC,MAAM,4BAA4B,CAAC;AAuBxD,MAAM,OAAO,qBAAqB;IAGhC,YAAY,cAAyC;QACnD,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;IACvC,CAAC;IAMD,KAAK,CAAC,QAAQ;QACZ,IAAI,CAAC;YAEH,MAAM,KAAK,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC;YACxC,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,KAAK,CAAC;YACf,CAAC;YAGD,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,SAAS,EAAE,CAAC;YAC9C,OAAO,MAAM,EAAE,WAAW,IAAI,MAAM,EAAE,KAAK,IAAI,IAAI,CAAC;QACtD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,0CAA0C,EAAE,KAAK,CAAC,CAAC;YACjE,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IASD,KAAK,CAAC,YAAY;QAChB,IAAI,CAAC;YACH,MAAM,
|
|
1
|
+
{"version":3,"file":"KeycloakTokenProvider.js","sourceRoot":"","sources":["../../../src/axios/adapters/KeycloakTokenProvider.ts"],"names":[],"mappings":"AACA,OAAO,EAAC,uBAAuB,EAAC,MAAM,qCAAqC,CAAC;AAC5E,OAAO,EAAC,YAAY,EAAC,MAAM,4BAA4B,CAAC;AAuBxD,MAAM,OAAO,qBAAqB;IAGhC,YAAY,cAAyC;QACnD,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;IACvC,CAAC;IAMD,KAAK,CAAC,QAAQ;QACZ,IAAI,CAAC;YAEH,MAAM,KAAK,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC;YACxC,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,KAAK,CAAC;YACf,CAAC;YAGD,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,SAAS,EAAE,CAAC;YAC9C,OAAO,MAAM,EAAE,WAAW,IAAI,MAAM,EAAE,KAAK,IAAI,IAAI,CAAC;QACtD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,0CAA0C,EAAE,KAAK,CAAC,CAAC;YACjE,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IASD,KAAK,CAAC,YAAY;QAChB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,uBAAuB,CAAC,IAAI,CAAC,cAAc,EAAE,EAAE,EAAE;gBACpE,aAAa,EAAE,YAAY,CAAC,UAAU;aACvC,CAAC,CAAC;YACH,OAAO,MAAM,CAAC,KAAK,CAAC;QACtB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,8CAA8C,EAAE,KAAK,CAAC,CAAC;YACrE,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAKD,KAAK,CAAC,eAAe;QACnB,IAAI,CAAC;YAEH,IAAI,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;gBACrC,OAAO,IAAI,CAAC;YACd,CAAC;YAGD,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,SAAS,EAAE,CAAC;YAC9C,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE,YAAY,IAAI,MAAM,EAAE,YAAY,CAAC,CAAC;QAC1D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,kDAAkD,EAAE,KAAK,CAAC,CAAC;YACzE,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CAOF"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"KeycloakInstanceContext.d.ts","sourceRoot":"","sources":["../../src/context/KeycloakInstanceContext.tsx"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,EAEZ,KAAK,SAAS,EAMf,MAAM,OAAO,CAAC;AAGf,OAAO,yBAAyB,MAAM,gBAAgB,CAAC;AACvD,OAAO,KAAK,EAAC,qBAAqB,EAAC,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"KeycloakInstanceContext.d.ts","sourceRoot":"","sources":["../../src/context/KeycloakInstanceContext.tsx"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,EAEZ,KAAK,SAAS,EAMf,MAAM,OAAO,CAAC;AAGf,OAAO,yBAAyB,MAAM,gBAAgB,CAAC;AACvD,OAAO,KAAK,EAAC,qBAAqB,EAAC,MAAM,SAAS,CAAC;AAOnD,UAAU,4BAA4B;IACpC,QAAQ,EAAE,yBAAyB,GAAG,IAAI,CAAC;IAC3C,aAAa,EAAE,OAAO,CAAC;IACvB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IAEpB,YAAY,EAAE,MAAM,CAAC;CACtB;AAID,MAAM,WAAW,6BAA6B;IAC5C,QAAQ,EAAE,SAAS,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IAEpB,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAE3B,2BAA2B,CAAC,EAAE,MAAM,CAAC;IAErC,gBAAgB,CAAC,EAAE,MAAM,IAAI,CAAC;IAE9B,UAAU,CAAC,EAAE,qBAAqB,CAAC,QAAQ,CAAC,CAAC;CAC9C;AAED,eAAO,MAAM,wBAAwB,2DA0NpC,CAAC;AAQF,eAAO,MAAM,mBAAmB,QAAO,4BAQtC,CAAC"}
|
|
@@ -2,6 +2,7 @@ import React, { createContext, useContext, useEffect, useMemo, useRef, useState,
|
|
|
2
2
|
import { AppState } from 'react-native';
|
|
3
3
|
import KeycloakReactNativeClient from '../core/client';
|
|
4
4
|
import { resolveBackgroundReauthConfig, shouldShowBackgroundReauth } from '../core/sessionPolicy';
|
|
5
|
+
import { updateKeycloakTokenOnce } from '../core/tokenRefreshSingleFlight';
|
|
5
6
|
import { tokenStorage } from '../storage';
|
|
6
7
|
import { useKeycloakConfig, useKeycloakSessionOptions } from './KeycloakConfigContext';
|
|
7
8
|
import { reauthRequiredRef } from './reauthRequiredRef';
|
|
@@ -108,17 +109,13 @@ export const KeycloakInstanceProvider = React.memo(({ children, redirectUri, aut
|
|
|
108
109
|
return;
|
|
109
110
|
const minValidity = autoRefreshTokenMinValidity ?? 5;
|
|
110
111
|
keycloak.onTokenExpired = () => {
|
|
111
|
-
keycloak
|
|
112
|
-
.
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
idToken: keycloak.idToken,
|
|
119
|
-
});
|
|
120
|
-
setTokenVersion(v => v + 1);
|
|
121
|
-
}
|
|
112
|
+
updateKeycloakTokenOnce(keycloak, minValidity, {
|
|
113
|
+
persistTokens: tokenStorage.saveTokens,
|
|
114
|
+
onTokensChanged: () => setTokenVersion(v => v + 1),
|
|
115
|
+
})
|
|
116
|
+
.then(result => {
|
|
117
|
+
if (!result.refreshed)
|
|
118
|
+
return;
|
|
122
119
|
})
|
|
123
120
|
.catch(err => {
|
|
124
121
|
const message = err === true
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"KeycloakInstanceContext.js","sourceRoot":"","sources":["../../src/context/KeycloakInstanceContext.tsx"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,EACZ,aAAa,EAEb,UAAU,EACV,SAAS,EACT,OAAO,EACP,MAAM,EACN,QAAQ,GACT,MAAM,OAAO,CAAC;AACf,OAAO,EAAC,QAAQ,EAAsB,MAAM,cAAc,CAAC;AAE3D,OAAO,yBAAyB,MAAM,gBAAgB,CAAC;AAEvD,OAAO,EAAC,6BAA6B,EAAE,0BAA0B,EAAC,MAAM,uBAAuB,CAAC;AAChG,OAAO,EAAC,YAAY,EAAC,MAAM,YAAY,CAAC;AACxC,OAAO,EAAC,iBAAiB,EAAE,yBAAyB,EAAC,MAAM,yBAAyB,CAAC;AACrF,OAAO,EAAC,iBAAiB,EAAC,MAAM,qBAAqB,CAAC;AAYtD,MAAM,uBAAuB,GAAG,aAAa,CAAsC,IAAI,CAAC,CAAC;AAezF,MAAM,CAAC,MAAM,wBAAwB,GAAG,KAAK,CAAC,IAAI,CAChD,CAAC,EACC,QAAQ,EACR,WAAW,EACX,gBAAgB,GAAG,IAAI,EACvB,2BAA2B,GAAG,CAAC,EAC/B,gBAAgB,EAChB,UAAU,GACX,EAAE,EAAE;IACH,MAAM,MAAM,GAAG,iBAAiB,EAAE,CAAC;IACnC,MAAM,CAAC,QAAQ,EAAE,WAAW,CAAC,GAAG,QAAQ,CAAmC,IAAI,CAAC,CAAC;IACjF,MAAM,CAAC,aAAa,EAAE,gBAAgB,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC1D,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IACvD,MAAM,CAAC,YAAY,EAAE,eAAe,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IACpD,MAAM,WAAW,GAAG,MAAM,CAAiB,QAAQ,CAAC,YAAY,CAAC,CAAC;IAClE,MAAM,iBAAiB,GAAG,MAAM,CAAgB,IAAI,CAAC,CAAC;IACtD,MAAM,mBAAmB,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC1C,MAAM,EACJ,gBAAgB,EAChB,YAAY,EACZ,6BAA6B,EAC7B,eAAe,EACf,oBAAoB,EACpB,aAAa,GACd,GAAG,yBAAyB,EAAE,CAAC;IAChC,MAAM,wBAAwB,GAAG,OAAO,CACtC,GAAG,EAAE,CAAC,6BAA6B,CAAC,gBAAgB,CAAC,EACrD,CAAC,gBAAgB,CAAC,CACnB,CAAC;IAEF,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,YAAY,CAAC,IAAI,CAAC,CAAC;YACnB,gBAAgB,CAAC,KAAK,CAAC,CAAC;YACxB,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,OAAO,GAAG,IAAI,CAAC;QACnB,MAAM,gBAAgB,GAAG,KAAK,IAAoC,EAAE;YAClE,MAAM,EACJ,WAAW,GAAG,SAAS,EACvB,KAAK,GAAG,SAAS,EACjB,OAAO,GAAG,SAAS,EACnB,YAAY,GAAG,SAAS,EACxB,YAAY,GAAG,SAAS,GACzB,GAAG,MAAM,YAAY,CAAC,SAAS,EAAE,CAAC;YACnC,MAAM,iBAAiB,GAAG,WAAW,IAAI,KAAK,CAAC;YAC/C,MAAM,kBAAkB,GAAG,YAAY,IAAI,YAAY,CAAC;YACxD,mBAAmB,CAAC,OAAO,GAAG,OAAO,CAAC,iBAAiB,IAAI,kBAAkB,CAAC,CAAC;YAC/E,OAAO;gBACL,GAAG,CAAC,6BAA6B;oBAC/B,CAAC,CAAC,EAAE;oBACJ,CAAC,CAAC;wBACE,KAAK,EAAE,iBAAiB;wBACxB,YAAY,EAAE,kBAAkB;wBAChC,OAAO;qBACR,CAAC;gBACN,GAAG,CAAC,UAAU,IAAI,IAAI,IAAI,EAAC,MAAM,EAAE,UAAU,EAAC,CAAC;gBAC/C,IAAI,EAAE,UAAU;gBAChB,UAAU,EAAE,MAAM;gBAClB,WAAW;gBACX,YAAY;gBACZ,eAAe;gBACf,eAAe,EAAE,GAAG,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;aACnD,CAAC;QACJ,CAAC,CAAC;QAEF,MAAM,YAAY,GAAG,KAAK,IAAI,EAAE;YAC9B,IAAI,CAAC;gBACH,YAAY,CAAC,IAAI,CAAC,CAAC;gBACnB,QAAQ,CAAC,IAAI,CAAC,CAAC;gBACf,MAAM,MAAM,GAAG,IAAI,yBAAyB,CAAC,MAAM,CAAC,CAAC;gBACrD,MAAM,MAAM,CAAC,IAAI,CAAC,MAAM,gBAAgB,EAAE,CAAC,CAAC;gBAC5C,IAAI,OAAO,EAAE,CAAC;oBACZ,WAAW,CAAC,MAAM,CAAC,CAAC;oBACpB,gBAAgB,CAAC,IAAI,CAAC,CAAC;oBACvB,QAAQ,CAAC,IAAI,CAAC,CAAC;gBACjB,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,SAAS,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;gBACtE,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,SAAS,CAAC,CAAC;gBAC7D,IAAI,oBAAoB,KAAK,wBAAwB,EAAE,CAAC;oBACtD,IAAI,CAAC;wBACH,MAAM,YAAY,CAAC,WAAW,EAAE,CAAC;wBACjC,MAAM,WAAW,GAAG,IAAI,yBAAyB,CAAC,MAAM,CAAC,CAAC;wBAC1D,MAAM,WAAW,CAAC,IAAI,CAAC,MAAM,gBAAgB,EAAE,CAAC,CAAC;wBACjD,IAAI,OAAO,EAAE,CAAC;4BACZ,WAAW,CAAC,WAAW,CAAC,CAAC;4BACzB,gBAAgB,CAAC,IAAI,CAAC,CAAC;4BACvB,QAAQ,CAAC,IAAI,CAAC,CAAC;wBACjB,CAAC;wBACD,OAAO;oBACT,CAAC;oBAAC,OAAO,QAAQ,EAAE,CAAC;wBAClB,OAAO,CAAC,KAAK,CAAC,wCAAwC,EAAE,QAAQ,CAAC,CAAC;oBACpE,CAAC;gBACH,CAAC;gBACD,IAAI,OAAO,EAAE,CAAC;oBACZ,QAAQ,CAAC,SAAS,CAAC,CAAC;oBACpB,gBAAgB,CAAC,KAAK,CAAC,CAAC;gBAC1B,CAAC;YACH,CAAC;oBAAS,CAAC;gBACT,IAAI,OAAO,EAAE,CAAC;oBACZ,YAAY,CAAC,KAAK,CAAC,CAAC;gBACtB,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,YAAY,EAAE,CAAC;QAEf,OAAO,GAAG,EAAE;YACV,OAAO,GAAG,KAAK,CAAC;QAClB,CAAC,CAAC;IACJ,CAAC,EAAE;QACD,YAAY;QACZ,MAAM;QACN,6BAA6B;QAC7B,eAAe;QACf,UAAU;QACV,oBAAoB;QACpB,aAAa;QACb,WAAW;KACZ,CAAC,CAAC;IAIH,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,QAAQ,IAAI,gBAAgB,KAAK,KAAK;YAAE,OAAO;QACpD,MAAM,WAAW,GAAG,2BAA2B,IAAI,CAAC,CAAC;QACrD,QAAQ,CAAC,cAAc,GAAG,GAAG,EAAE;YAC7B,
|
|
1
|
+
{"version":3,"file":"KeycloakInstanceContext.js","sourceRoot":"","sources":["../../src/context/KeycloakInstanceContext.tsx"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,EACZ,aAAa,EAEb,UAAU,EACV,SAAS,EACT,OAAO,EACP,MAAM,EACN,QAAQ,GACT,MAAM,OAAO,CAAC;AACf,OAAO,EAAC,QAAQ,EAAsB,MAAM,cAAc,CAAC;AAE3D,OAAO,yBAAyB,MAAM,gBAAgB,CAAC;AAEvD,OAAO,EAAC,6BAA6B,EAAE,0BAA0B,EAAC,MAAM,uBAAuB,CAAC;AAChG,OAAO,EAAC,uBAAuB,EAAC,MAAM,kCAAkC,CAAC;AACzE,OAAO,EAAC,YAAY,EAAC,MAAM,YAAY,CAAC;AACxC,OAAO,EAAC,iBAAiB,EAAE,yBAAyB,EAAC,MAAM,yBAAyB,CAAC;AACrF,OAAO,EAAC,iBAAiB,EAAC,MAAM,qBAAqB,CAAC;AAYtD,MAAM,uBAAuB,GAAG,aAAa,CAAsC,IAAI,CAAC,CAAC;AAezF,MAAM,CAAC,MAAM,wBAAwB,GAAG,KAAK,CAAC,IAAI,CAChD,CAAC,EACC,QAAQ,EACR,WAAW,EACX,gBAAgB,GAAG,IAAI,EACvB,2BAA2B,GAAG,CAAC,EAC/B,gBAAgB,EAChB,UAAU,GACX,EAAE,EAAE;IACH,MAAM,MAAM,GAAG,iBAAiB,EAAE,CAAC;IACnC,MAAM,CAAC,QAAQ,EAAE,WAAW,CAAC,GAAG,QAAQ,CAAmC,IAAI,CAAC,CAAC;IACjF,MAAM,CAAC,aAAa,EAAE,gBAAgB,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC1D,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IACvD,MAAM,CAAC,YAAY,EAAE,eAAe,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IACpD,MAAM,WAAW,GAAG,MAAM,CAAiB,QAAQ,CAAC,YAAY,CAAC,CAAC;IAClE,MAAM,iBAAiB,GAAG,MAAM,CAAgB,IAAI,CAAC,CAAC;IACtD,MAAM,mBAAmB,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC1C,MAAM,EACJ,gBAAgB,EAChB,YAAY,EACZ,6BAA6B,EAC7B,eAAe,EACf,oBAAoB,EACpB,aAAa,GACd,GAAG,yBAAyB,EAAE,CAAC;IAChC,MAAM,wBAAwB,GAAG,OAAO,CACtC,GAAG,EAAE,CAAC,6BAA6B,CAAC,gBAAgB,CAAC,EACrD,CAAC,gBAAgB,CAAC,CACnB,CAAC;IAEF,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,YAAY,CAAC,IAAI,CAAC,CAAC;YACnB,gBAAgB,CAAC,KAAK,CAAC,CAAC;YACxB,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,OAAO,GAAG,IAAI,CAAC;QACnB,MAAM,gBAAgB,GAAG,KAAK,IAAoC,EAAE;YAClE,MAAM,EACJ,WAAW,GAAG,SAAS,EACvB,KAAK,GAAG,SAAS,EACjB,OAAO,GAAG,SAAS,EACnB,YAAY,GAAG,SAAS,EACxB,YAAY,GAAG,SAAS,GACzB,GAAG,MAAM,YAAY,CAAC,SAAS,EAAE,CAAC;YACnC,MAAM,iBAAiB,GAAG,WAAW,IAAI,KAAK,CAAC;YAC/C,MAAM,kBAAkB,GAAG,YAAY,IAAI,YAAY,CAAC;YACxD,mBAAmB,CAAC,OAAO,GAAG,OAAO,CAAC,iBAAiB,IAAI,kBAAkB,CAAC,CAAC;YAC/E,OAAO;gBACL,GAAG,CAAC,6BAA6B;oBAC/B,CAAC,CAAC,EAAE;oBACJ,CAAC,CAAC;wBACE,KAAK,EAAE,iBAAiB;wBACxB,YAAY,EAAE,kBAAkB;wBAChC,OAAO;qBACR,CAAC;gBACN,GAAG,CAAC,UAAU,IAAI,IAAI,IAAI,EAAC,MAAM,EAAE,UAAU,EAAC,CAAC;gBAC/C,IAAI,EAAE,UAAU;gBAChB,UAAU,EAAE,MAAM;gBAClB,WAAW;gBACX,YAAY;gBACZ,eAAe;gBACf,eAAe,EAAE,GAAG,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;aACnD,CAAC;QACJ,CAAC,CAAC;QAEF,MAAM,YAAY,GAAG,KAAK,IAAI,EAAE;YAC9B,IAAI,CAAC;gBACH,YAAY,CAAC,IAAI,CAAC,CAAC;gBACnB,QAAQ,CAAC,IAAI,CAAC,CAAC;gBACf,MAAM,MAAM,GAAG,IAAI,yBAAyB,CAAC,MAAM,CAAC,CAAC;gBACrD,MAAM,MAAM,CAAC,IAAI,CAAC,MAAM,gBAAgB,EAAE,CAAC,CAAC;gBAC5C,IAAI,OAAO,EAAE,CAAC;oBACZ,WAAW,CAAC,MAAM,CAAC,CAAC;oBACpB,gBAAgB,CAAC,IAAI,CAAC,CAAC;oBACvB,QAAQ,CAAC,IAAI,CAAC,CAAC;gBACjB,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,SAAS,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;gBACtE,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,SAAS,CAAC,CAAC;gBAC7D,IAAI,oBAAoB,KAAK,wBAAwB,EAAE,CAAC;oBACtD,IAAI,CAAC;wBACH,MAAM,YAAY,CAAC,WAAW,EAAE,CAAC;wBACjC,MAAM,WAAW,GAAG,IAAI,yBAAyB,CAAC,MAAM,CAAC,CAAC;wBAC1D,MAAM,WAAW,CAAC,IAAI,CAAC,MAAM,gBAAgB,EAAE,CAAC,CAAC;wBACjD,IAAI,OAAO,EAAE,CAAC;4BACZ,WAAW,CAAC,WAAW,CAAC,CAAC;4BACzB,gBAAgB,CAAC,IAAI,CAAC,CAAC;4BACvB,QAAQ,CAAC,IAAI,CAAC,CAAC;wBACjB,CAAC;wBACD,OAAO;oBACT,CAAC;oBAAC,OAAO,QAAQ,EAAE,CAAC;wBAClB,OAAO,CAAC,KAAK,CAAC,wCAAwC,EAAE,QAAQ,CAAC,CAAC;oBACpE,CAAC;gBACH,CAAC;gBACD,IAAI,OAAO,EAAE,CAAC;oBACZ,QAAQ,CAAC,SAAS,CAAC,CAAC;oBACpB,gBAAgB,CAAC,KAAK,CAAC,CAAC;gBAC1B,CAAC;YACH,CAAC;oBAAS,CAAC;gBACT,IAAI,OAAO,EAAE,CAAC;oBACZ,YAAY,CAAC,KAAK,CAAC,CAAC;gBACtB,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,YAAY,EAAE,CAAC;QAEf,OAAO,GAAG,EAAE;YACV,OAAO,GAAG,KAAK,CAAC;QAClB,CAAC,CAAC;IACJ,CAAC,EAAE;QACD,YAAY;QACZ,MAAM;QACN,6BAA6B;QAC7B,eAAe;QACf,UAAU;QACV,oBAAoB;QACpB,aAAa;QACb,WAAW;KACZ,CAAC,CAAC;IAIH,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,QAAQ,IAAI,gBAAgB,KAAK,KAAK;YAAE,OAAO;QACpD,MAAM,WAAW,GAAG,2BAA2B,IAAI,CAAC,CAAC;QACrD,QAAQ,CAAC,cAAc,GAAG,GAAG,EAAE;YAC7B,uBAAuB,CAAC,QAAQ,EAAE,WAAW,EAAE;gBAC7C,aAAa,EAAE,YAAY,CAAC,UAAU;gBACtC,eAAe,EAAE,GAAG,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;aACnD,CAAC;iBACC,IAAI,CAAC,MAAM,CAAC,EAAE;gBACb,IAAI,CAAC,MAAM,CAAC,SAAS;oBAAE,OAAO;YAChC,CAAC,CAAC;iBACD,KAAK,CAAC,GAAG,CAAC,EAAE;gBACX,MAAM,OAAO,GACX,GAAG,KAAK,IAAI;oBACV,CAAC,CAAC,iEAAiE;oBACnE,CAAC,CAAC,GAAG,KAAK,sBAAsB;wBAC9B,CAAC,CAAC,0BAA0B;wBAC5B,CAAC,CAAC,GAAG,YAAY,KAAK;4BACpB,CAAC,CAAC,GAAG,CAAC,OAAO;4BACb,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBACtB,OAAO,CAAC,KAAK,CAAC,sCAAsC,EAAE,OAAO,CAAC,CAAC;gBAC/D,iBAAiB,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC;gBACpC,gBAAgB,EAAE,EAAE,CAAC;YACvB,CAAC,CAAC,CAAC;QACP,CAAC,CAAC;QACF,OAAO,GAAG,EAAE;YACV,QAAQ,CAAC,cAAc,GAAG,SAAS,CAAC;QACtC,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,QAAQ,EAAE,gBAAgB,EAAE,2BAA2B,EAAE,gBAAgB,CAAC,CAAC,CAAC;IAGhF,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,YAAY,GAAG,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,EAAE,CAAC,YAA4B,EAAE,EAAE;YACxF,MAAM,IAAI,GAAG,WAAW,CAAC,OAAO,CAAC;YACjC,WAAW,CAAC,OAAO,GAAG,YAAY,CAAC;YAEnC,IAAI,IAAI,KAAK,QAAQ,IAAI,YAAY,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAAE,CAAC;gBACnE,iBAAiB,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBACvC,OAAO;YACT,CAAC;YAED,IAAI,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,IAAI,YAAY,KAAK,QAAQ,EAAE,CAAC;gBACnE,MAAM,cAAc,GAAG,iBAAiB,CAAC,OAAO,CAAC;gBACjD,iBAAiB,CAAC,OAAO,GAAG,IAAI,CAAC;gBAEjC,MAAM,kBAAkB,GACtB,QAAQ,EAAE,aAAa;oBACvB,CAAC,6BAA6B,IAAI,mBAAmB,CAAC,OAAO,CAAC,CAAC;gBACjE,IAAI,CAAC,kBAAkB;oBAAE,OAAO;gBAEhC,IACE,0BAA0B,CAAC;oBACzB,OAAO,EAAE,wBAAwB,CAAC,OAAO;oBACzC,WAAW,EAAE,wBAAwB,CAAC,WAAW;oBACjD,aAAa,EAAE,MAAM,CAAC,GAAG;oBACzB,cAAc;iBACf,CAAC,EACF,CAAC;oBACD,iBAAiB,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,YAAY,CAAC,CAAC;oBAChD,gBAAgB,EAAE,EAAE,CAAC;oBACrB,OAAO;gBACT,CAAC;gBAED,OAAO;YACT,CAAC;QACH,CAAC,CAAC,CAAC;QACH,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;IACrC,CAAC,EAAE;QACD,MAAM,CAAC,GAAG;QACV,6BAA6B;QAC7B,QAAQ;QACR,gBAAgB;QAChB,wBAAwB;KACzB,CAAC,CAAC;IAGH,MAAM,KAAK,GAAG,OAAO,CACnB,GAAG,EAAE,CAAC,CAAC;QACL,QAAQ;QACR,aAAa;QACb,SAAS;QACT,KAAK;QACL,WAAW;QACX,YAAY;KACb,CAAC,EACF,CAAC,QAAQ,EAAE,aAAa,EAAE,SAAS,EAAE,KAAK,EAAE,WAAW,EAAE,YAAY,CAAC,CACvE,CAAC;IAEF,OAAO,CACL,CAAC,uBAAuB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,uBAAuB,CAAC,QAAQ,CAAC,CAC9F,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,wBAAwB,CAAC,WAAW,GAAG,0BAA0B,CAAC;AAMlE,MAAM,CAAC,MAAM,mBAAmB,GAAG,GAAiC,EAAE;IACpE,MAAM,OAAO,GAAG,UAAU,CAAC,uBAAuB,CAAC,CAAC;IAEpD,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;IACtF,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"TokenContext.d.ts","sourceRoot":"","sources":["../../src/context/TokenContext.tsx"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,EAEZ,KAAK,SAAS,
|
|
1
|
+
{"version":3,"file":"TokenContext.d.ts","sourceRoot":"","sources":["../../src/context/TokenContext.tsx"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,EAEZ,KAAK,SAAS,EAMf,MAAM,OAAO,CAAC;AAEf,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,eAAe,CAAC;AASlD,UAAU,iBAAiB;IACzB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,SAAS,EAAE,OAAO,CAAC;IACnB,WAAW,EAAE,CAAC,WAAW,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IACvD,WAAW,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAClC;AAID,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,SAAS,CAAC;IAEpB,QAAQ,CAAC,EAAE,CAAC,MAAM,EAAE,cAAc,KAAK,IAAI,CAAC;CAC7C;AAED,eAAO,MAAM,aAAa,gDAkJxB,CAAC;AASH,eAAO,MAAM,QAAQ,QAAO,iBAQ3B,CAAC"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
import React, { createContext, useCallback, useContext, useEffect, useMemo,
|
|
1
|
+
import React, { createContext, useCallback, useContext, useEffect, useMemo, useState, } from 'react';
|
|
2
|
+
import { updateKeycloakTokenOnce } from '../core/tokenRefreshSingleFlight';
|
|
2
3
|
import { tokenStorage } from '../storage';
|
|
3
4
|
import { useKeycloakInstance } from './KeycloakInstanceContext';
|
|
4
5
|
const TokenContext = createContext(null);
|
|
@@ -7,7 +8,6 @@ export const TokenProvider = React.memo(({ children, onTokens }) => {
|
|
|
7
8
|
const [token, setToken] = useState(null);
|
|
8
9
|
const [refreshToken, setRefreshToken] = useState(null);
|
|
9
10
|
const [idToken, setIdToken] = useState(null);
|
|
10
|
-
const updateTokenPromiseRef = useRef(null);
|
|
11
11
|
useEffect(() => {
|
|
12
12
|
onTokens?.({
|
|
13
13
|
accessToken: token,
|
|
@@ -60,30 +60,17 @@ export const TokenProvider = React.memo(({ children, onTokens }) => {
|
|
|
60
60
|
tokenVersion,
|
|
61
61
|
]);
|
|
62
62
|
const updateToken = useCallback(async (minValidity = 120) => {
|
|
63
|
-
if (updateTokenPromiseRef.current) {
|
|
64
|
-
return updateTokenPromiseRef.current;
|
|
65
|
-
}
|
|
66
63
|
if (!keycloak || !isInitialized) {
|
|
67
64
|
throw new Error('[TokenContext] Keycloak not initialized');
|
|
68
65
|
}
|
|
69
|
-
const updatePromise = (async () => {
|
|
70
|
-
const updated = await keycloak.updateToken(minValidity);
|
|
71
|
-
if (updated && keycloak.token) {
|
|
72
|
-
setToken(keycloak.token);
|
|
73
|
-
setRefreshToken(keycloak.refreshToken ?? null);
|
|
74
|
-
setIdToken(keycloak.idToken ?? null);
|
|
75
|
-
await tokenStorage.saveTokens({
|
|
76
|
-
accessToken: keycloak.token,
|
|
77
|
-
offlineToken: keycloak.refreshToken ?? undefined,
|
|
78
|
-
idToken: keycloak.idToken ?? undefined,
|
|
79
|
-
});
|
|
80
|
-
return keycloak.token;
|
|
81
|
-
}
|
|
82
|
-
return keycloak.token || token || '';
|
|
83
|
-
})();
|
|
84
|
-
updateTokenPromiseRef.current = updatePromise;
|
|
85
66
|
try {
|
|
86
|
-
|
|
67
|
+
const result = await updateKeycloakTokenOnce(keycloak, minValidity, {
|
|
68
|
+
persistTokens: tokenStorage.saveTokens,
|
|
69
|
+
});
|
|
70
|
+
setToken(result.token);
|
|
71
|
+
setRefreshToken(result.refreshToken);
|
|
72
|
+
setIdToken(result.idToken);
|
|
73
|
+
return result.token || token || '';
|
|
87
74
|
}
|
|
88
75
|
catch (error) {
|
|
89
76
|
const refreshError = error === true
|
|
@@ -93,11 +80,6 @@ export const TokenProvider = React.memo(({ children, onTokens }) => {
|
|
|
93
80
|
console.error('[TokenContext] Update token error:', refreshError);
|
|
94
81
|
throw refreshError;
|
|
95
82
|
}
|
|
96
|
-
finally {
|
|
97
|
-
if (updateTokenPromiseRef.current === updatePromise) {
|
|
98
|
-
updateTokenPromiseRef.current = null;
|
|
99
|
-
}
|
|
100
|
-
}
|
|
101
83
|
}, [keycloak, isInitialized, token]);
|
|
102
84
|
const clearTokens = useCallback(async () => {
|
|
103
85
|
setToken(null);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"TokenContext.js","sourceRoot":"","sources":["../../src/context/TokenContext.tsx"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,EACZ,aAAa,EAEb,WAAW,EACX,UAAU,EACV,SAAS,EACT,OAAO,EACP,
|
|
1
|
+
{"version":3,"file":"TokenContext.js","sourceRoot":"","sources":["../../src/context/TokenContext.tsx"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,EACZ,aAAa,EAEb,WAAW,EACX,UAAU,EACV,SAAS,EACT,OAAO,EACP,QAAQ,GACT,MAAM,OAAO,CAAC;AAGf,OAAO,EAAC,uBAAuB,EAAC,MAAM,kCAAkC,CAAC;AACzE,OAAO,EAAC,YAAY,EAAC,MAAM,YAAY,CAAC;AACxC,OAAO,EAAC,mBAAmB,EAAC,MAAM,2BAA2B,CAAC;AAiB9D,MAAM,YAAY,GAAG,aAAa,CAA2B,IAAI,CAAC,CAAC;AAQnE,MAAM,CAAC,MAAM,aAAa,GAAG,KAAK,CAAC,IAAI,CAAqB,CAAC,EAAC,QAAQ,EAAE,QAAQ,EAAC,EAAE,EAAE;IACnF,MAAM,EAAC,QAAQ,EAAE,aAAa,EAAE,YAAY,EAAC,GAAG,mBAAmB,EAAE,CAAC;IACtE,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAgB,IAAI,CAAC,CAAC;IACxD,MAAM,CAAC,YAAY,EAAE,eAAe,CAAC,GAAG,QAAQ,CAAgB,IAAI,CAAC,CAAC;IACtE,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,QAAQ,CAAgB,IAAI,CAAC,CAAC;IAG5D,SAAS,CAAC,GAAG,EAAE;QACb,QAAQ,EAAE,CAAC;YACT,WAAW,EAAE,KAAK;YAClB,KAAK;YACL,YAAY,EAAE,YAAY;YAC1B,YAAY;YACZ,OAAO;SACR,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC;IAG7C,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,aAAa,IAAI,CAAC,QAAQ;YAAE,OAAO;QAExC,MAAM,UAAU,GAAG,KAAK,IAAI,EAAE;YAC5B,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,SAAS,EAAE,CAAC;gBAC9C,QAAQ,CAAC,MAAM,CAAC,WAAW,IAAI,MAAM,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC;gBACrD,eAAe,CAAC,MAAM,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC;gBACpE,UAAU,CAAC,MAAM,CAAC,OAAO,IAAI,IAAI,CAAC,CAAC;YACrC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,KAAK,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC,CAAC;QAEF,UAAU,EAAE,CAAC;IACf,CAAC,EAAE,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC,CAAC;IAG9B,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,QAAQ,IAAI,CAAC,aAAa;YAAE,OAAO;QAExC,MAAM,YAAY,GAAG,QAAQ,CAAC,KAAK,CAAC;QACpC,MAAM,mBAAmB,GAAG,QAAQ,CAAC,YAAY,CAAC;QAClD,MAAM,cAAc,GAAG,QAAQ,CAAC,OAAO,CAAC;QAExC,IAAI,YAAY,KAAK,KAAK,EAAE,CAAC;YAC3B,QAAQ,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,mBAAmB,KAAK,YAAY,EAAE,CAAC;YACzC,eAAe,CAAC,mBAAmB,IAAI,IAAI,CAAC,CAAC;QAC/C,CAAC;QAED,IAAI,cAAc,KAAK,OAAO,EAAE,CAAC;YAC/B,UAAU,CAAC,cAAc,IAAI,IAAI,CAAC,CAAC;QACrC,CAAC;IACH,CAAC,EAAE;QACD,QAAQ;QACR,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,OAAO;QACjB,OAAO;QACP,aAAa;QACb,YAAY;QACZ,KAAK;QACL,YAAY;KACb,CAAC,CAAC;IAQH,MAAM,WAAW,GAAG,WAAW,CAC7B,KAAK,EAAE,cAAsB,GAAG,EAAmB,EAAE;QACnD,IAAI,CAAC,QAAQ,IAAI,CAAC,aAAa,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,uBAAuB,CAAC,QAAQ,EAAE,WAAW,EAAE;gBAClE,aAAa,EAAE,YAAY,CAAC,UAAU;aACvC,CAAC,CAAC;YAEH,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvB,eAAe,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YACrC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAE3B,OAAO,MAAM,CAAC,KAAK,IAAI,KAAK,IAAI,EAAE,CAAC;QACrC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAChB,KAAK,KAAK,IAAI;gBACZ,CAAC,CAAE,QAAoD,CAAC,uBAAuB;oBAC7E,IAAI,KAAK,CAAC,+BAA+B,CAAC;gBAC5C,CAAC,CAAC,KAAK,CAAC;YACZ,OAAO,CAAC,KAAK,CAAC,oCAAoC,EAAE,YAAY,CAAC,CAAC;YAClE,MAAM,YAAY,CAAC;QACrB,CAAC;IACH,CAAC,EACD,CAAC,QAAQ,EAAE,aAAa,EAAE,KAAK,CAAC,CACjC,CAAC;IAKF,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,IAAmB,EAAE;QACxD,QAAQ,CAAC,IAAI,CAAC,CAAC;QACf,eAAe,CAAC,IAAI,CAAC,CAAC;QACtB,UAAU,CAAC,IAAI,CAAC,CAAC;QAEjB,MAAM,YAAY,CAAC,WAAW,EAAE,CAAC;QAEjC,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,UAAU,EAAE,CAAC;QACxB,CAAC;IACH,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;IAKf,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,EAAE;QAC7B,IAAI,CAAC,QAAQ,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QACrC,IAAI,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC,QAAQ,CAAC,WAAW;YAAE,OAAO,IAAI,CAAC;QAC1D,IAAI,CAAC;YACH,OAAO,QAAQ,CAAC,cAAc,EAAE,CAAC;QACnC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC;IAItB,MAAM,KAAK,GAAG,OAAO,CACnB,GAAG,EAAE,CAAC,CAAC;QACL,KAAK;QACL,WAAW,EAAE,KAAK;QAClB,YAAY;QACZ,YAAY,EAAE,YAAY;QAC1B,OAAO;QACP,SAAS;QACT,WAAW;QACX,WAAW;KACZ,CAAC,EACF,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,WAAW,CAAC,CACpE,CAAC;IAEF,OAAO,CAAC,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,YAAY,CAAC,QAAQ,CAAC,CAAC;AACjF,CAAC,CAAC,CAAC;AAEH,aAAa,CAAC,WAAW,GAAG,eAAe,CAAC;AAO5C,MAAM,CAAC,MAAM,QAAQ,GAAG,GAAsB,EAAE;IAC9C,MAAM,OAAO,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC;IAEzC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
type KeycloakRefreshClient = {
|
|
2
|
+
updateToken(minValidity: number): Promise<boolean>;
|
|
3
|
+
token?: string;
|
|
4
|
+
refreshToken?: string;
|
|
5
|
+
idToken?: string;
|
|
6
|
+
};
|
|
7
|
+
export type KeycloakRefreshTokensSnapshot = {
|
|
8
|
+
accessToken: string;
|
|
9
|
+
offlineToken?: string;
|
|
10
|
+
refreshToken?: string;
|
|
11
|
+
idToken?: string;
|
|
12
|
+
};
|
|
13
|
+
export type KeycloakRefreshResult = {
|
|
14
|
+
refreshed: boolean;
|
|
15
|
+
token: string | null;
|
|
16
|
+
refreshToken: string | null;
|
|
17
|
+
idToken: string | null;
|
|
18
|
+
};
|
|
19
|
+
type UpdateKeycloakTokenOnceOptions = {
|
|
20
|
+
persistTokens?: (tokens: KeycloakRefreshTokensSnapshot) => Promise<void>;
|
|
21
|
+
onTokensChanged?: () => void;
|
|
22
|
+
};
|
|
23
|
+
export declare function updateKeycloakTokenOnce(keycloak: KeycloakRefreshClient, minValidity: number, options?: UpdateKeycloakTokenOnceOptions): Promise<KeycloakRefreshResult>;
|
|
24
|
+
export {};
|
|
25
|
+
//# sourceMappingURL=tokenRefreshSingleFlight.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"tokenRefreshSingleFlight.d.ts","sourceRoot":"","sources":["../../src/core/tokenRefreshSingleFlight.ts"],"names":[],"mappings":"AAAA,KAAK,qBAAqB,GAAG;IAC3B,WAAW,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACnD,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,6BAA6B,GAAG;IAC1C,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;CACxB,CAAC;AAOF,KAAK,8BAA8B,GAAG;IACpC,aAAa,CAAC,EAAE,CAAC,MAAM,EAAE,6BAA6B,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACzE,eAAe,CAAC,EAAE,MAAM,IAAI,CAAC;CAC9B,CAAC;AAIF,wBAAsB,uBAAuB,CAC3C,QAAQ,EAAE,qBAAqB,EAC/B,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE,8BAAmC,GAC3C,OAAO,CAAC,qBAAqB,CAAC,CA2ChC"}
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
const refreshFlights = new WeakMap();
|
|
2
|
+
export async function updateKeycloakTokenOnce(keycloak, minValidity, options = {}) {
|
|
3
|
+
const active = refreshFlights.get(keycloak);
|
|
4
|
+
if (active) {
|
|
5
|
+
if (active.minValidity >= minValidity) {
|
|
6
|
+
return active.promise;
|
|
7
|
+
}
|
|
8
|
+
await active.promise;
|
|
9
|
+
return updateKeycloakTokenOnce(keycloak, minValidity, options);
|
|
10
|
+
}
|
|
11
|
+
const promise = (async () => {
|
|
12
|
+
const refreshed = await keycloak.updateToken(minValidity);
|
|
13
|
+
const token = keycloak.token ?? null;
|
|
14
|
+
const refreshToken = keycloak.refreshToken ?? null;
|
|
15
|
+
const idToken = keycloak.idToken ?? null;
|
|
16
|
+
if (refreshed && token) {
|
|
17
|
+
await options.persistTokens?.({
|
|
18
|
+
accessToken: token,
|
|
19
|
+
offlineToken: refreshToken ?? undefined,
|
|
20
|
+
refreshToken: refreshToken ?? undefined,
|
|
21
|
+
idToken: idToken ?? undefined,
|
|
22
|
+
});
|
|
23
|
+
options.onTokensChanged?.();
|
|
24
|
+
}
|
|
25
|
+
return {
|
|
26
|
+
refreshed,
|
|
27
|
+
token,
|
|
28
|
+
refreshToken,
|
|
29
|
+
idToken,
|
|
30
|
+
};
|
|
31
|
+
})();
|
|
32
|
+
refreshFlights.set(keycloak, { minValidity, promise });
|
|
33
|
+
try {
|
|
34
|
+
return await promise;
|
|
35
|
+
}
|
|
36
|
+
finally {
|
|
37
|
+
if (refreshFlights.get(keycloak)?.promise === promise) {
|
|
38
|
+
refreshFlights.delete(keycloak);
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
//# sourceMappingURL=tokenRefreshSingleFlight.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"tokenRefreshSingleFlight.js","sourceRoot":"","sources":["../../src/core/tokenRefreshSingleFlight.ts"],"names":[],"mappings":"AA+BA,MAAM,cAAc,GAAG,IAAI,OAAO,EAAwC,CAAC;AAE3E,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,QAA+B,EAC/B,WAAmB,EACnB,UAA0C,EAAE;IAE5C,MAAM,MAAM,GAAG,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC5C,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,MAAM,CAAC,WAAW,IAAI,WAAW,EAAE,CAAC;YACtC,OAAO,MAAM,CAAC,OAAO,CAAC;QACxB,CAAC;QACD,MAAM,MAAM,CAAC,OAAO,CAAC;QACrB,OAAO,uBAAuB,CAAC,QAAQ,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;IACjE,CAAC;IAED,MAAM,OAAO,GAAG,CAAC,KAAK,IAAoC,EAAE;QAC1D,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;QAC1D,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,IAAI,IAAI,CAAC;QACrC,MAAM,YAAY,GAAG,QAAQ,CAAC,YAAY,IAAI,IAAI,CAAC;QACnD,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,IAAI,IAAI,CAAC;QAEzC,IAAI,SAAS,IAAI,KAAK,EAAE,CAAC;YACvB,MAAM,OAAO,CAAC,aAAa,EAAE,CAAC;gBAC5B,WAAW,EAAE,KAAK;gBAClB,YAAY,EAAE,YAAY,IAAI,SAAS;gBACvC,YAAY,EAAE,YAAY,IAAI,SAAS;gBACvC,OAAO,EAAE,OAAO,IAAI,SAAS;aAC9B,CAAC,CAAC;YACH,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC;QAC9B,CAAC;QAED,OAAO;YACL,SAAS;YACT,KAAK;YACL,YAAY;YACZ,OAAO;SACR,CAAC;IACJ,CAAC,CAAC,EAAE,CAAC;IAEL,cAAc,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAC,WAAW,EAAE,OAAO,EAAC,CAAC,CAAC;IAErD,IAAI,CAAC;QACH,OAAO,MAAM,OAAO,CAAC;IACvB,CAAC;YAAS,CAAC;QACT,IAAI,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,OAAO,KAAK,OAAO,EAAE,CAAC;YACtD,cAAc,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@bmc-soft/keycloak-auth",
|
|
3
|
-
"version": "2.0.
|
|
3
|
+
"version": "2.0.12",
|
|
4
4
|
"description": "Production-ready Keycloak authentication package for React Native with optimized performance and security",
|
|
5
5
|
"main": "./dist/index.js",
|
|
6
6
|
"types": "./dist/index.d.ts",
|
|
@@ -67,7 +67,7 @@
|
|
|
67
67
|
"clean": "rm -rf dist && rm -f tsconfig.tsbuildinfo",
|
|
68
68
|
"prepack": "npm run build",
|
|
69
69
|
"prepublishOnly": "npm run clean && npm run build",
|
|
70
|
-
"test": "node tests/sessionPolicy.test.cjs && node tests/publicApiExports.test.cjs && node tests/authPatchRegression.test.cjs && node tests/successAuthAnimation.test.cjs",
|
|
70
|
+
"test": "node tests/sessionPolicy.test.cjs && node tests/publicApiExports.test.cjs && node tests/tokenRefreshSingleFlight.test.cjs && node tests/authPatchRegression.test.cjs && node tests/successAuthAnimation.test.cjs",
|
|
71
71
|
"typecheck": "tsc --noEmit"
|
|
72
72
|
},
|
|
73
73
|
"keywords": [
|