@civic/auth 0.1.4-beta.7 → 0.1.5-beta.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +4 -0
- package/README.md +11 -8
- package/dist/cjs/constants.d.ts +1 -2
- package/dist/cjs/constants.d.ts.map +1 -1
- package/dist/cjs/constants.js +1 -3
- package/dist/cjs/constants.js.map +1 -1
- package/dist/cjs/lib/oauth.d.ts.map +1 -1
- package/dist/cjs/lib/oauth.js +1 -0
- package/dist/cjs/lib/oauth.js.map +1 -1
- package/dist/cjs/nextjs/config.d.ts +3 -0
- package/dist/cjs/nextjs/config.d.ts.map +1 -1
- package/dist/cjs/nextjs/config.js +4 -0
- package/dist/cjs/nextjs/config.js.map +1 -1
- package/dist/cjs/nextjs/hooks/useUserCookie.d.ts.map +1 -1
- package/dist/cjs/nextjs/hooks/useUserCookie.js +2 -0
- package/dist/cjs/nextjs/hooks/useUserCookie.js.map +1 -1
- package/dist/cjs/nextjs/providers/NextAuthProvider.d.ts +2 -2
- package/dist/cjs/nextjs/providers/NextAuthProvider.d.ts.map +1 -1
- package/dist/cjs/nextjs/providers/NextAuthProvider.js +26 -26
- package/dist/cjs/nextjs/providers/NextAuthProvider.js.map +1 -1
- package/dist/cjs/nextjs/routeHandler.d.ts +2 -1
- package/dist/cjs/nextjs/routeHandler.d.ts.map +1 -1
- package/dist/cjs/nextjs/routeHandler.js +122 -38
- package/dist/cjs/nextjs/routeHandler.js.map +1 -1
- package/dist/cjs/reactjs/components/UserButton.d.ts +1 -3
- package/dist/cjs/reactjs/components/UserButton.d.ts.map +1 -1
- package/dist/cjs/reactjs/components/UserButton.js +3 -3
- package/dist/cjs/reactjs/components/UserButton.js.map +1 -1
- package/dist/cjs/reactjs/hooks/useClientTokenExchangeSession.d.ts +3 -0
- package/dist/cjs/reactjs/hooks/useClientTokenExchangeSession.d.ts.map +1 -0
- package/dist/cjs/reactjs/hooks/useClientTokenExchangeSession.js +16 -0
- package/dist/cjs/reactjs/hooks/useClientTokenExchangeSession.js.map +1 -0
- package/dist/cjs/reactjs/providers/AuthProvider.d.ts +11 -0
- package/dist/cjs/reactjs/providers/AuthProvider.d.ts.map +1 -0
- package/dist/cjs/reactjs/providers/AuthProvider.js +108 -0
- package/dist/cjs/reactjs/providers/AuthProvider.js.map +1 -0
- package/dist/cjs/reactjs/providers/CivicAuthProvider.d.ts +6 -0
- package/dist/cjs/reactjs/providers/CivicAuthProvider.d.ts.map +1 -0
- package/dist/cjs/reactjs/providers/CivicAuthProvider.js +38 -0
- package/dist/cjs/reactjs/providers/CivicAuthProvider.js.map +1 -0
- package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts +17 -0
- package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts.map +1 -0
- package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.js +185 -0
- package/dist/cjs/reactjs/providers/ClientTokenExchangeSessionProvider.js.map +1 -0
- package/dist/cjs/reactjs/providers/index.d.ts +2 -2
- package/dist/cjs/reactjs/providers/index.d.ts.map +1 -1
- package/dist/cjs/reactjs/providers/index.js +2 -2
- package/dist/cjs/reactjs/providers/index.js.map +1 -1
- package/dist/cjs/server/ServerAuthenticationResolver.d.ts +1 -0
- package/dist/cjs/server/ServerAuthenticationResolver.d.ts.map +1 -1
- package/dist/cjs/server/ServerAuthenticationResolver.js +6 -0
- package/dist/cjs/server/ServerAuthenticationResolver.js.map +1 -1
- package/dist/cjs/services/AuthenticationService.d.ts +8 -2
- package/dist/cjs/services/AuthenticationService.d.ts.map +1 -1
- package/dist/cjs/services/AuthenticationService.js +90 -11
- package/dist/cjs/services/AuthenticationService.js.map +1 -1
- package/dist/cjs/services/types.d.ts +2 -1
- package/dist/cjs/services/types.d.ts.map +1 -1
- package/dist/cjs/services/types.js.map +1 -1
- package/dist/cjs/shared/components/CivicAuthIframe.d.ts +1 -0
- package/dist/cjs/shared/components/CivicAuthIframe.d.ts.map +1 -1
- package/dist/cjs/shared/components/CivicAuthIframe.js +2 -3
- package/dist/cjs/shared/components/CivicAuthIframe.js.map +1 -1
- package/dist/cjs/shared/components/CivicAuthIframeContainer.d.ts +4 -0
- package/dist/cjs/shared/components/CivicAuthIframeContainer.d.ts.map +1 -1
- package/dist/cjs/shared/components/CivicAuthIframeContainer.js +7 -6
- package/dist/cjs/shared/components/CivicAuthIframeContainer.js.map +1 -1
- package/dist/cjs/shared/components/CivicAuthLogoutIframeContainer.d.ts +7 -0
- package/dist/cjs/shared/components/CivicAuthLogoutIframeContainer.d.ts.map +1 -0
- package/dist/cjs/shared/components/CivicAuthLogoutIframeContainer.js +28 -0
- package/dist/cjs/shared/components/CivicAuthLogoutIframeContainer.js.map +1 -0
- package/dist/cjs/shared/components/IFrameAndLoading.d.ts +2 -1
- package/dist/cjs/shared/components/IFrameAndLoading.d.ts.map +1 -1
- package/dist/cjs/shared/components/IFrameAndLoading.js +7 -2
- package/dist/cjs/shared/components/IFrameAndLoading.js.map +1 -1
- package/dist/cjs/shared/hooks/index.d.ts +3 -1
- package/dist/cjs/shared/hooks/index.d.ts.map +1 -1
- package/dist/cjs/shared/hooks/index.js +6 -2
- package/dist/cjs/shared/hooks/index.js.map +1 -1
- package/dist/cjs/shared/hooks/useSignIn.d.ts +3 -2
- package/dist/cjs/shared/hooks/useSignIn.d.ts.map +1 -1
- package/dist/cjs/shared/hooks/useSignIn.js +69 -14
- package/dist/cjs/shared/hooks/useSignIn.js.map +1 -1
- package/dist/cjs/shared/hooks/useWindowFocused.d.ts +5 -0
- package/dist/cjs/shared/hooks/useWindowFocused.d.ts.map +1 -0
- package/dist/cjs/shared/hooks/useWindowFocused.js +24 -0
- package/dist/cjs/shared/hooks/useWindowFocused.js.map +1 -0
- package/dist/cjs/shared/index.d.ts +1 -0
- package/dist/cjs/shared/index.d.ts.map +1 -1
- package/dist/cjs/shared/index.js +5 -3
- package/dist/cjs/shared/index.js.map +1 -1
- package/dist/cjs/shared/lib/types.d.ts +1 -0
- package/dist/cjs/shared/lib/types.d.ts.map +1 -1
- package/dist/cjs/shared/lib/types.js.map +1 -1
- package/dist/cjs/shared/lib/util.d.ts +3 -2
- package/dist/cjs/shared/lib/util.d.ts.map +1 -1
- package/dist/cjs/shared/lib/util.js +7 -3
- package/dist/cjs/shared/lib/util.js.map +1 -1
- package/dist/cjs/shared/providers/AuthContext.d.ts +1 -0
- package/dist/cjs/shared/providers/AuthContext.d.ts.map +1 -1
- package/dist/cjs/shared/providers/AuthContext.js.map +1 -1
- package/dist/cjs/shared/providers/AuthProvider.d.ts +15 -4
- package/dist/cjs/shared/providers/AuthProvider.d.ts.map +1 -1
- package/dist/cjs/shared/providers/AuthProvider.js +12 -3
- package/dist/cjs/shared/providers/AuthProvider.js.map +1 -1
- package/dist/cjs/shared/providers/CivicAuthConfigContext.d.ts +3 -1
- package/dist/cjs/shared/providers/CivicAuthConfigContext.d.ts.map +1 -1
- package/dist/cjs/shared/providers/CivicAuthConfigContext.js +10 -1
- package/dist/cjs/shared/providers/CivicAuthConfigContext.js.map +1 -1
- package/dist/cjs/shared/providers/CivicAuthProvider.d.ts +1 -1
- package/dist/cjs/shared/providers/CivicAuthProvider.d.ts.map +1 -1
- package/dist/cjs/shared/providers/CivicAuthProvider.js +2 -2
- package/dist/cjs/shared/providers/CivicAuthProvider.js.map +1 -1
- package/dist/cjs/shared/providers/ClientTokenExchangeSessionProvider.d.ts.map +1 -1
- package/dist/cjs/shared/providers/ClientTokenExchangeSessionProvider.js +10 -25
- package/dist/cjs/shared/providers/ClientTokenExchangeSessionProvider.js.map +1 -1
- package/dist/cjs/shared/providers/IframeProvider.d.ts +3 -0
- package/dist/cjs/shared/providers/IframeProvider.d.ts.map +1 -1
- package/dist/cjs/shared/providers/IframeProvider.js +9 -3
- package/dist/cjs/shared/providers/IframeProvider.js.map +1 -1
- package/dist/cjs/shared/providers/UserProvider.d.ts +2 -1
- package/dist/cjs/shared/providers/UserProvider.d.ts.map +1 -1
- package/dist/cjs/shared/providers/UserProvider.js +2 -1
- package/dist/cjs/shared/providers/UserProvider.js.map +1 -1
- package/dist/cjs/shared/providers/types.d.ts +3 -1
- package/dist/cjs/shared/providers/types.d.ts.map +1 -1
- package/dist/cjs/shared/providers/types.js.map +1 -1
- package/dist/cjs/shared/version.d.ts +1 -1
- package/dist/cjs/shared/version.js +1 -1
- package/dist/cjs/shared/version.js.map +1 -1
- package/dist/cjs/types.d.ts +1 -0
- package/dist/cjs/types.d.ts.map +1 -1
- package/dist/cjs/types.js.map +1 -1
- package/dist/cjs/version.d.ts +2 -0
- package/dist/cjs/version.d.ts.map +1 -0
- package/dist/cjs/version.js +6 -0
- package/dist/cjs/version.js.map +1 -0
- package/dist/esm/constants.d.ts +1 -2
- package/dist/esm/constants.d.ts.map +1 -1
- package/dist/esm/constants.js +1 -2
- package/dist/esm/constants.js.map +1 -1
- package/dist/esm/lib/oauth.d.ts.map +1 -1
- package/dist/esm/lib/oauth.js +1 -0
- package/dist/esm/lib/oauth.js.map +1 -1
- package/dist/esm/nextjs/config.d.ts +3 -0
- package/dist/esm/nextjs/config.d.ts.map +1 -1
- package/dist/esm/nextjs/config.js +4 -0
- package/dist/esm/nextjs/config.js.map +1 -1
- package/dist/esm/nextjs/hooks/useUserCookie.d.ts.map +1 -1
- package/dist/esm/nextjs/hooks/useUserCookie.js +2 -0
- package/dist/esm/nextjs/hooks/useUserCookie.js.map +1 -1
- package/dist/esm/nextjs/providers/NextAuthProvider.d.ts +2 -2
- package/dist/esm/nextjs/providers/NextAuthProvider.d.ts.map +1 -1
- package/dist/esm/nextjs/providers/NextAuthProvider.js +26 -26
- package/dist/esm/nextjs/providers/NextAuthProvider.js.map +1 -1
- package/dist/esm/nextjs/routeHandler.d.ts +2 -1
- package/dist/esm/nextjs/routeHandler.d.ts.map +1 -1
- package/dist/esm/nextjs/routeHandler.js +123 -40
- package/dist/esm/nextjs/routeHandler.js.map +1 -1
- package/dist/esm/reactjs/components/UserButton.d.ts +1 -3
- package/dist/esm/reactjs/components/UserButton.d.ts.map +1 -1
- package/dist/esm/reactjs/components/UserButton.js +3 -3
- package/dist/esm/reactjs/components/UserButton.js.map +1 -1
- package/dist/esm/reactjs/hooks/useClientTokenExchangeSession.d.ts +3 -0
- package/dist/esm/reactjs/hooks/useClientTokenExchangeSession.d.ts.map +1 -0
- package/dist/esm/reactjs/hooks/useClientTokenExchangeSession.js +13 -0
- package/dist/esm/reactjs/hooks/useClientTokenExchangeSession.js.map +1 -0
- package/dist/esm/reactjs/providers/AuthProvider.d.ts +11 -0
- package/dist/esm/reactjs/providers/AuthProvider.d.ts.map +1 -0
- package/dist/esm/reactjs/providers/AuthProvider.js +72 -0
- package/dist/esm/reactjs/providers/AuthProvider.js.map +1 -0
- package/dist/esm/reactjs/providers/CivicAuthProvider.d.ts +6 -0
- package/dist/esm/reactjs/providers/CivicAuthProvider.d.ts.map +1 -0
- package/dist/esm/reactjs/providers/CivicAuthProvider.js +32 -0
- package/dist/esm/reactjs/providers/CivicAuthProvider.js.map +1 -0
- package/dist/esm/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts +17 -0
- package/dist/esm/reactjs/providers/ClientTokenExchangeSessionProvider.d.ts.map +1 -0
- package/dist/esm/reactjs/providers/ClientTokenExchangeSessionProvider.js +148 -0
- package/dist/esm/reactjs/providers/ClientTokenExchangeSessionProvider.js.map +1 -0
- package/dist/esm/reactjs/providers/index.d.ts +2 -2
- package/dist/esm/reactjs/providers/index.d.ts.map +1 -1
- package/dist/esm/reactjs/providers/index.js +2 -2
- package/dist/esm/reactjs/providers/index.js.map +1 -1
- package/dist/esm/server/ServerAuthenticationResolver.d.ts +1 -0
- package/dist/esm/server/ServerAuthenticationResolver.d.ts.map +1 -1
- package/dist/esm/server/ServerAuthenticationResolver.js +6 -0
- package/dist/esm/server/ServerAuthenticationResolver.js.map +1 -1
- package/dist/esm/services/AuthenticationService.d.ts +8 -2
- package/dist/esm/services/AuthenticationService.d.ts.map +1 -1
- package/dist/esm/services/AuthenticationService.js +90 -11
- package/dist/esm/services/AuthenticationService.js.map +1 -1
- package/dist/esm/services/types.d.ts +2 -1
- package/dist/esm/services/types.d.ts.map +1 -1
- package/dist/esm/services/types.js.map +1 -1
- package/dist/esm/shared/components/CivicAuthIframe.d.ts +1 -0
- package/dist/esm/shared/components/CivicAuthIframe.d.ts.map +1 -1
- package/dist/esm/shared/components/CivicAuthIframe.js +2 -3
- package/dist/esm/shared/components/CivicAuthIframe.js.map +1 -1
- package/dist/esm/shared/components/CivicAuthIframeContainer.d.ts +4 -0
- package/dist/esm/shared/components/CivicAuthIframeContainer.d.ts.map +1 -1
- package/dist/esm/shared/components/CivicAuthIframeContainer.js +7 -7
- package/dist/esm/shared/components/CivicAuthIframeContainer.js.map +1 -1
- package/dist/esm/shared/components/CivicAuthLogoutIframeContainer.d.ts +7 -0
- package/dist/esm/shared/components/CivicAuthLogoutIframeContainer.d.ts.map +1 -0
- package/dist/esm/shared/components/CivicAuthLogoutIframeContainer.js +22 -0
- package/dist/esm/shared/components/CivicAuthLogoutIframeContainer.js.map +1 -0
- package/dist/esm/shared/components/IFrameAndLoading.d.ts +2 -1
- package/dist/esm/shared/components/IFrameAndLoading.d.ts.map +1 -1
- package/dist/esm/shared/components/IFrameAndLoading.js +7 -2
- package/dist/esm/shared/components/IFrameAndLoading.js.map +1 -1
- package/dist/esm/shared/hooks/index.d.ts +3 -1
- package/dist/esm/shared/hooks/index.d.ts.map +1 -1
- package/dist/esm/shared/hooks/index.js +3 -1
- package/dist/esm/shared/hooks/index.js.map +1 -1
- package/dist/esm/shared/hooks/useSignIn.d.ts +3 -2
- package/dist/esm/shared/hooks/useSignIn.d.ts.map +1 -1
- package/dist/esm/shared/hooks/useSignIn.js +70 -15
- package/dist/esm/shared/hooks/useSignIn.js.map +1 -1
- package/dist/esm/shared/hooks/useWindowFocused.d.ts +5 -0
- package/dist/esm/shared/hooks/useWindowFocused.d.ts.map +1 -0
- package/dist/esm/shared/hooks/useWindowFocused.js +21 -0
- package/dist/esm/shared/hooks/useWindowFocused.js.map +1 -0
- package/dist/esm/shared/index.d.ts +1 -0
- package/dist/esm/shared/index.d.ts.map +1 -1
- package/dist/esm/shared/index.js +3 -2
- package/dist/esm/shared/index.js.map +1 -1
- package/dist/esm/shared/lib/types.d.ts +1 -0
- package/dist/esm/shared/lib/types.d.ts.map +1 -1
- package/dist/esm/shared/lib/types.js.map +1 -1
- package/dist/esm/shared/lib/util.d.ts +3 -2
- package/dist/esm/shared/lib/util.d.ts.map +1 -1
- package/dist/esm/shared/lib/util.js +7 -3
- package/dist/esm/shared/lib/util.js.map +1 -1
- package/dist/esm/shared/providers/AuthContext.d.ts +1 -0
- package/dist/esm/shared/providers/AuthContext.d.ts.map +1 -1
- package/dist/esm/shared/providers/AuthContext.js.map +1 -1
- package/dist/esm/shared/providers/AuthProvider.d.ts +15 -4
- package/dist/esm/shared/providers/AuthProvider.d.ts.map +1 -1
- package/dist/esm/shared/providers/AuthProvider.js +12 -3
- package/dist/esm/shared/providers/AuthProvider.js.map +1 -1
- package/dist/esm/shared/providers/CivicAuthConfigContext.d.ts +3 -1
- package/dist/esm/shared/providers/CivicAuthConfigContext.d.ts.map +1 -1
- package/dist/esm/shared/providers/CivicAuthConfigContext.js +10 -1
- package/dist/esm/shared/providers/CivicAuthConfigContext.js.map +1 -1
- package/dist/esm/shared/providers/CivicAuthProvider.d.ts +1 -1
- package/dist/esm/shared/providers/CivicAuthProvider.d.ts.map +1 -1
- package/dist/esm/shared/providers/CivicAuthProvider.js +3 -3
- package/dist/esm/shared/providers/CivicAuthProvider.js.map +1 -1
- package/dist/esm/shared/providers/ClientTokenExchangeSessionProvider.d.ts.map +1 -1
- package/dist/esm/shared/providers/ClientTokenExchangeSessionProvider.js +8 -23
- package/dist/esm/shared/providers/ClientTokenExchangeSessionProvider.js.map +1 -1
- package/dist/esm/shared/providers/IframeProvider.d.ts +3 -0
- package/dist/esm/shared/providers/IframeProvider.d.ts.map +1 -1
- package/dist/esm/shared/providers/IframeProvider.js +9 -3
- package/dist/esm/shared/providers/IframeProvider.js.map +1 -1
- package/dist/esm/shared/providers/UserProvider.d.ts +2 -1
- package/dist/esm/shared/providers/UserProvider.d.ts.map +1 -1
- package/dist/esm/shared/providers/UserProvider.js +2 -1
- package/dist/esm/shared/providers/UserProvider.js.map +1 -1
- package/dist/esm/shared/providers/types.d.ts +3 -1
- package/dist/esm/shared/providers/types.d.ts.map +1 -1
- package/dist/esm/shared/providers/types.js.map +1 -1
- package/dist/esm/shared/version.d.ts +1 -1
- package/dist/esm/shared/version.js +1 -1
- package/dist/esm/shared/version.js.map +1 -1
- package/dist/esm/types.d.ts +1 -0
- package/dist/esm/types.d.ts.map +1 -1
- package/dist/esm/types.js.map +1 -1
- package/dist/esm/version.d.ts +2 -0
- package/dist/esm/version.d.ts.map +1 -0
- package/dist/esm/version.js +3 -0
- package/dist/esm/version.js.map +1 -0
- package/dist/tsconfig.cjs.tsbuildinfo +1 -1
- package/dist/tsconfig.esm.tsbuildinfo +1 -1
- package/package.json +6 -6
|
@@ -7,19 +7,24 @@ const useCivicAuthConfig_js_1 = require("../../shared/hooks/useCivicAuthConfig.j
|
|
|
7
7
|
const useIframe_js_1 = require("../../shared/hooks/useIframe.js");
|
|
8
8
|
const react_1 = require("react");
|
|
9
9
|
const types_js_1 = require("../../services/types.js");
|
|
10
|
-
const
|
|
10
|
+
const useSession_js_1 = require("./useSession.js");
|
|
11
|
+
const storage_js_1 = require("../../browser/storage.js");
|
|
12
|
+
const util_js_1 = require("../lib/util.js");
|
|
13
|
+
const useSignIn = ({ pkceConsumer, preSignOut, postSignOut, displayMode, }) => {
|
|
11
14
|
const civicAuthConfig = (0, useCivicAuthConfig_js_1.useCivicAuthConfig)();
|
|
12
|
-
const { iframeRef, setIframeIsVisible } = (0, useIframe_js_1.useIframe)();
|
|
13
|
-
const
|
|
15
|
+
const { iframeRef, logoutIframeRef, setIframeIsVisible, setLogoutIframeIsVisible, } = (0, useIframe_js_1.useIframe)();
|
|
16
|
+
const { data: session } = (0, useSession_js_1.useSession)();
|
|
14
17
|
const authInitiator = (0, react_1.useMemo)(() => {
|
|
15
18
|
if (!civicAuthConfig) {
|
|
16
19
|
return null;
|
|
17
20
|
}
|
|
18
|
-
const { clientId, redirectUrl, nonce, oauthServer, endpoints, scopes } = civicAuthConfig;
|
|
21
|
+
const { clientId, redirectUrl, logoutUrl, logoutRedirectUrl, nonce, oauthServer, endpoints, scopes, } = civicAuthConfig;
|
|
19
22
|
return new AuthenticationService_js_1.BrowserAuthenticationInitiator({
|
|
20
23
|
pkceConsumer: pkceConsumer || new PKCE_js_1.BrowserPublicClientPKCEProducer(), // generate and retrieve the challenge client-side
|
|
21
24
|
clientId,
|
|
22
25
|
redirectUrl,
|
|
26
|
+
logoutUrl,
|
|
27
|
+
logoutRedirectUrl,
|
|
23
28
|
scopes,
|
|
24
29
|
displayMode,
|
|
25
30
|
oauthServer,
|
|
@@ -34,12 +39,29 @@ const useSignIn = ({ pkceConsumer, preSignOut, postSignOut }) => {
|
|
|
34
39
|
}
|
|
35
40
|
};
|
|
36
41
|
}, [authInitiator]);
|
|
37
|
-
|
|
42
|
+
// This effect is used to clear the tokens and user when the user signs out after a redirect
|
|
43
|
+
(0, react_1.useEffect)(() => {
|
|
44
|
+
const params = new URLSearchParams(window.location.search);
|
|
45
|
+
const state = params.get("state");
|
|
46
|
+
const localStorage = new storage_js_1.LocalStorageAdapter();
|
|
47
|
+
localStorage.get("logout_state").then((storedLogoutState) => {
|
|
48
|
+
if (state && state === storedLogoutState) {
|
|
49
|
+
// Clear storage
|
|
50
|
+
(0, util_js_1.clearTokens)(localStorage);
|
|
51
|
+
(0, util_js_1.clearUser)(localStorage);
|
|
52
|
+
storage_js_1.LocalStorageAdapter.emitter.emit("signOut");
|
|
53
|
+
// Clean up storage and URL
|
|
54
|
+
sessionStorage.removeItem("logout_state");
|
|
55
|
+
const cleanUrl = window.location.href.split("?")[0];
|
|
56
|
+
window.history.replaceState({}, document.title, cleanUrl);
|
|
57
|
+
}
|
|
58
|
+
});
|
|
59
|
+
}, []);
|
|
60
|
+
const signIn = (0, react_1.useCallback)(async () => {
|
|
38
61
|
if (!authInitiator)
|
|
39
62
|
return;
|
|
40
|
-
authInitiator.setDisplayMode(
|
|
41
|
-
|
|
42
|
-
if (inDisplayMode === "iframe") {
|
|
63
|
+
authInitiator.setDisplayMode(displayMode);
|
|
64
|
+
if (displayMode === "iframe") {
|
|
43
65
|
setIframeIsVisible(true);
|
|
44
66
|
}
|
|
45
67
|
const useIframeRef = iframeRef?.current || null;
|
|
@@ -50,20 +72,53 @@ const useSignIn = ({ pkceConsumer, preSignOut, postSignOut }) => {
|
|
|
50
72
|
});
|
|
51
73
|
// if we've tried to open a popup and it has failed, then fallback to redirect mode
|
|
52
74
|
if (error instanceof types_js_1.PopupError) {
|
|
53
|
-
setDisplayMode("redirect");
|
|
54
75
|
setIframeIsVisible(false); // hide the iframe
|
|
55
76
|
authInitiator.cleanup(); // clear any event listeners from before
|
|
56
77
|
authInitiator.setDisplayMode("redirect"); // switch to redirect mode
|
|
57
78
|
authInitiator.signIn(useIframeRef); // retry the sign in
|
|
58
79
|
}
|
|
59
80
|
});
|
|
60
|
-
}, [authInitiator, iframeRef, setIframeIsVisible]);
|
|
81
|
+
}, [authInitiator, displayMode, iframeRef, setIframeIsVisible]);
|
|
61
82
|
const signOut = (0, react_1.useCallback)(async () => {
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
83
|
+
const idToken = session?.idToken;
|
|
84
|
+
if (!authInitiator)
|
|
85
|
+
return;
|
|
86
|
+
if (displayMode === "iframe") {
|
|
87
|
+
setIframeIsVisible(false);
|
|
88
|
+
setLogoutIframeIsVisible(true);
|
|
89
|
+
}
|
|
90
|
+
try {
|
|
91
|
+
await preSignOut?.();
|
|
92
|
+
const useIframeRef = logoutIframeRef?.current || null;
|
|
93
|
+
await authInitiator.signOut(idToken, useIframeRef).catch((error) => {
|
|
94
|
+
console.log("signOut error", {
|
|
95
|
+
error,
|
|
96
|
+
isPopupError: error instanceof types_js_1.PopupError,
|
|
97
|
+
});
|
|
98
|
+
// Same popup fallback as signIn
|
|
99
|
+
if (error instanceof types_js_1.PopupError) {
|
|
100
|
+
setLogoutIframeIsVisible(false);
|
|
101
|
+
authInitiator.cleanup();
|
|
102
|
+
authInitiator.setDisplayMode("redirect");
|
|
103
|
+
authInitiator.signOut(idToken, useIframeRef);
|
|
104
|
+
}
|
|
105
|
+
});
|
|
106
|
+
}
|
|
107
|
+
catch (error) {
|
|
108
|
+
console.error("Signout error:", error);
|
|
109
|
+
}
|
|
65
110
|
await postSignOut?.();
|
|
66
|
-
|
|
111
|
+
setLogoutIframeIsVisible(false);
|
|
112
|
+
}, [
|
|
113
|
+
session?.idToken,
|
|
114
|
+
authInitiator,
|
|
115
|
+
displayMode,
|
|
116
|
+
setLogoutIframeIsVisible,
|
|
117
|
+
postSignOut,
|
|
118
|
+
setIframeIsVisible,
|
|
119
|
+
preSignOut,
|
|
120
|
+
logoutIframeRef,
|
|
121
|
+
]);
|
|
67
122
|
return {
|
|
68
123
|
signIn,
|
|
69
124
|
signOut,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"useSignIn.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useSignIn.ts"],"names":[],"mappings":";;;AAAA,kFAAqF;AACrF,gDAAqE;AACrE,gFAA0E;AAE1E,8DAAwD;AACxD,
|
|
1
|
+
{"version":3,"file":"useSignIn.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useSignIn.ts"],"names":[],"mappings":";;;AAAA,kFAAqF;AACrF,gDAAqE;AACrE,gFAA0E;AAE1E,8DAAwD;AACxD,iCAAwD;AACxD,kDAAoE;AACpE,mDAA6C;AAC7C,qDAA2D;AAC3D,4CAAwD;AAQxD,MAAM,SAAS,GAAG,CAAC,EACjB,YAAY,EACZ,UAAU,EACV,WAAW,EACX,WAAW,GACC,EAAE,EAAE;IAChB,MAAM,eAAe,GAAG,IAAA,0CAAkB,GAAE,CAAC;IAC7C,MAAM,EACJ,SAAS,EACT,eAAe,EACf,kBAAkB,EAClB,wBAAwB,GACzB,GAAG,IAAA,wBAAS,GAAE,CAAC;IAChB,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,IAAA,0BAAU,GAAE,CAAC;IAEvC,MAAM,aAAa,GAAG,IAAA,eAAO,EAAC,GAAG,EAAE;QACjC,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,EACJ,QAAQ,EACR,WAAW,EACX,SAAS,EACT,iBAAiB,EACjB,KAAK,EACL,WAAW,EACX,SAAS,EACT,MAAM,GACP,GAAG,eAAe,CAAC;QACpB,OAAO,IAAI,yDAA8B,CAAC;YACxC,YAAY,EAAE,YAAY,IAAI,IAAI,yCAA+B,EAAE,EAAE,kDAAkD;YACvH,QAAQ;YACR,WAAW;YACX,SAAS;YACT,iBAAiB;YACjB,MAAM;YACN,WAAW;YACX,WAAW;YACX,iBAAiB,EAAE,SAAS;YAC5B,KAAK;SACN,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,eAAe,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC,CAAC;IAEjD,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,OAAO,GAAG,EAAE;YACV,IAAI,aAAa,EAAE,CAAC;gBAClB,aAAa,CAAC,OAAO,EAAE,CAAC;YAC1B,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;IAEpB,4FAA4F;IAC5F,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC3D,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAClC,MAAM,YAAY,GAAG,IAAI,gCAAmB,EAAE,CAAC;QAC/C,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,CAAC,iBAAiB,EAAE,EAAE;YAC1D,IAAI,KAAK,IAAI,KAAK,KAAK,iBAAiB,EAAE,CAAC;gBACzC,gBAAgB;gBAChB,IAAA,qBAAW,EAAC,YAAY,CAAC,CAAC;gBAC1B,IAAA,mBAAS,EAAC,YAAY,CAAC,CAAC;gBACxB,gCAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAE5C,2BAA2B;gBAC3B,cAAc,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;gBAC1C,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBACpD,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,MAAM,GAAG,IAAA,mBAAW,EAAC,KAAK,IAAmB,EAAE;QACnD,IAAI,CAAC,aAAa;YAAE,OAAO;QAE3B,aAAa,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;QAC1C,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;YAC7B,kBAAkB,CAAC,IAAI,CAAC,CAAC;QAC3B,CAAC;QACD,MAAM,YAAY,GAAG,SAAS,EAAE,OAAO,IAAI,IAAI,CAAC;QAChD,MAAM,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YACvD,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE;gBAC1B,KAAK;gBACL,YAAY,EAAE,KAAK,YAAY,qBAAU;aAC1C,CAAC,CAAC;YACH,mFAAmF;YACnF,IAAI,KAAK,YAAY,qBAAU,EAAE,CAAC;gBAChC,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB;gBAC7C,aAAa,CAAC,OAAO,EAAE,CAAC,CAAC,wCAAwC;gBACjE,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC,0BAA0B;gBACpE,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,oBAAoB;YAC1D,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,aAAa,EAAE,WAAW,EAAE,SAAS,EAAE,kBAAkB,CAAC,CAAC,CAAC;IAEhE,MAAM,OAAO,GAAG,IAAA,mBAAW,EAAC,KAAK,IAAI,EAAE;QACrC,MAAM,OAAO,GAAG,OAAO,EAAE,OAAO,CAAC;QACjC,IAAI,CAAC,aAAa;YAAE,OAAO;QAE3B,IAAI,WAAW,KAAK,QAAQ,EAAE,CAAC;YAC7B,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC1B,wBAAwB,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,CAAC;YACH,MAAM,UAAU,EAAE,EAAE,CAAC;YAErB,MAAM,YAAY,GAAG,eAAe,EAAE,OAAO,IAAI,IAAI,CAAC;YACtD,MAAM,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBACjE,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE;oBAC3B,KAAK;oBACL,YAAY,EAAE,KAAK,YAAY,qBAAU;iBAC1C,CAAC,CAAC;gBACH,gCAAgC;gBAChC,IAAI,KAAK,YAAY,qBAAU,EAAE,CAAC;oBAChC,wBAAwB,CAAC,KAAK,CAAC,CAAC;oBAChC,aAAa,CAAC,OAAO,EAAE,CAAC;oBACxB,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;oBACzC,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;gBAC/C,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;QACzC,CAAC;QACD,MAAM,WAAW,EAAE,EAAE,CAAC;QACtB,wBAAwB,CAAC,KAAK,CAAC,CAAC;IAClC,CAAC,EAAE;QACD,OAAO,EAAE,OAAO;QAChB,aAAa;QACb,WAAW;QACX,wBAAwB;QACxB,WAAW;QACX,kBAAkB;QAClB,UAAU;QACV,eAAe;KAChB,CAAC,CAAC;IAEH,OAAO;QACL,MAAM;QACN,OAAO;QACP,WAAW;KACZ,CAAC;AACJ,CAAC,CAAC;AACO,8BAAS","sourcesContent":["import { BrowserAuthenticationInitiator } from \"@/services/AuthenticationService.js\";\nimport { BrowserPublicClientPKCEProducer } from \"@/services/PKCE.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport type { DisplayMode } from \"@/types.js\";\nimport { useIframe } from \"@/shared/hooks/useIframe.js\";\nimport { useCallback, useEffect, useMemo } from \"react\";\nimport { PopupError, type PKCEConsumer } from \"@/services/types.js\";\nimport { useSession } from \"./useSession.js\";\nimport { LocalStorageAdapter } from \"@/browser/storage.js\";\nimport { clearTokens, clearUser } from \"../lib/util.js\";\n\ntype SignInProps = {\n pkceConsumer?: PKCEConsumer;\n preSignOut?: () => Promise<void>;\n postSignOut?: () => Promise<void>;\n displayMode: DisplayMode;\n};\nconst useSignIn = ({\n pkceConsumer,\n preSignOut,\n postSignOut,\n displayMode,\n}: SignInProps) => {\n const civicAuthConfig = useCivicAuthConfig();\n const {\n iframeRef,\n logoutIframeRef,\n setIframeIsVisible,\n setLogoutIframeIsVisible,\n } = useIframe();\n const { data: session } = useSession();\n\n const authInitiator = useMemo(() => {\n if (!civicAuthConfig) {\n return null;\n }\n const {\n clientId,\n redirectUrl,\n logoutUrl,\n logoutRedirectUrl,\n nonce,\n oauthServer,\n endpoints,\n scopes,\n } = civicAuthConfig;\n return new BrowserAuthenticationInitiator({\n pkceConsumer: pkceConsumer || new BrowserPublicClientPKCEProducer(), // generate and retrieve the challenge client-side\n clientId,\n redirectUrl,\n logoutUrl,\n logoutRedirectUrl,\n scopes,\n displayMode,\n oauthServer,\n endpointOverrides: endpoints,\n nonce,\n });\n }, [civicAuthConfig, displayMode, pkceConsumer]);\n\n useEffect(() => {\n return () => {\n if (authInitiator) {\n authInitiator.cleanup();\n }\n };\n }, [authInitiator]);\n\n // This effect is used to clear the tokens and user when the user signs out after a redirect\n useEffect(() => {\n const params = new URLSearchParams(window.location.search);\n const state = params.get(\"state\");\n const localStorage = new LocalStorageAdapter();\n localStorage.get(\"logout_state\").then((storedLogoutState) => {\n if (state && state === storedLogoutState) {\n // Clear storage\n clearTokens(localStorage);\n clearUser(localStorage);\n LocalStorageAdapter.emitter.emit(\"signOut\");\n\n // Clean up storage and URL\n sessionStorage.removeItem(\"logout_state\");\n const cleanUrl = window.location.href.split(\"?\")[0];\n window.history.replaceState({}, document.title, cleanUrl);\n }\n });\n }, []);\n\n const signIn = useCallback(async (): Promise<void> => {\n if (!authInitiator) return;\n\n authInitiator.setDisplayMode(displayMode);\n if (displayMode === \"iframe\") {\n setIframeIsVisible(true);\n }\n const useIframeRef = iframeRef?.current || null;\n await authInitiator.signIn(useIframeRef).catch((error) => {\n console.log(\"signIn error\", {\n error,\n isPopupError: error instanceof PopupError,\n });\n // if we've tried to open a popup and it has failed, then fallback to redirect mode\n if (error instanceof PopupError) {\n setIframeIsVisible(false); // hide the iframe\n authInitiator.cleanup(); // clear any event listeners from before\n authInitiator.setDisplayMode(\"redirect\"); // switch to redirect mode\n authInitiator.signIn(useIframeRef); // retry the sign in\n }\n });\n }, [authInitiator, displayMode, iframeRef, setIframeIsVisible]);\n\n const signOut = useCallback(async () => {\n const idToken = session?.idToken;\n if (!authInitiator) return;\n\n if (displayMode === \"iframe\") {\n setIframeIsVisible(false);\n setLogoutIframeIsVisible(true);\n }\n\n try {\n await preSignOut?.();\n\n const useIframeRef = logoutIframeRef?.current || null;\n await authInitiator.signOut(idToken, useIframeRef).catch((error) => {\n console.log(\"signOut error\", {\n error,\n isPopupError: error instanceof PopupError,\n });\n // Same popup fallback as signIn\n if (error instanceof PopupError) {\n setLogoutIframeIsVisible(false);\n authInitiator.cleanup();\n authInitiator.setDisplayMode(\"redirect\");\n authInitiator.signOut(idToken, useIframeRef);\n }\n });\n } catch (error) {\n console.error(\"Signout error:\", error);\n }\n await postSignOut?.();\n setLogoutIframeIsVisible(false);\n }, [\n session?.idToken,\n authInitiator,\n displayMode,\n setLogoutIframeIsVisible,\n postSignOut,\n setIframeIsVisible,\n preSignOut,\n logoutIframeRef,\n ]);\n\n return {\n signIn,\n signOut,\n displayMode,\n };\n};\nexport { useSignIn };\n"]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"useWindowFocused.d.ts","sourceRoot":"","sources":["../../../../src/shared/hooks/useWindowFocused.ts"],"names":[],"mappings":"AAEA,QAAA,MAAM,gBAAgB;;CAmBrB,CAAC;AACF,OAAO,EAAE,gBAAgB,EAAE,CAAC"}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.useWindowFocused = void 0;
|
|
4
|
+
const react_1 = require("react");
|
|
5
|
+
const useWindowFocused = () => {
|
|
6
|
+
const [isWindowFocused, setIsWindowFocused] = (0, react_1.useState)(true);
|
|
7
|
+
(0, react_1.useEffect)(() => {
|
|
8
|
+
const handleFocus = () => {
|
|
9
|
+
setIsWindowFocused(true);
|
|
10
|
+
};
|
|
11
|
+
const handleBlur = () => {
|
|
12
|
+
setIsWindowFocused(false);
|
|
13
|
+
};
|
|
14
|
+
window.addEventListener("focus", handleFocus);
|
|
15
|
+
window.addEventListener("blur", handleBlur);
|
|
16
|
+
return () => {
|
|
17
|
+
window.removeEventListener("focus", handleFocus);
|
|
18
|
+
window.removeEventListener("blur", handleBlur);
|
|
19
|
+
};
|
|
20
|
+
}, []);
|
|
21
|
+
return { isWindowFocused };
|
|
22
|
+
};
|
|
23
|
+
exports.useWindowFocused = useWindowFocused;
|
|
24
|
+
//# sourceMappingURL=useWindowFocused.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"useWindowFocused.js","sourceRoot":"","sources":["../../../../src/shared/hooks/useWindowFocused.ts"],"names":[],"mappings":";;;AAAA,iCAA4C;AAE5C,MAAM,gBAAgB,GAAG,GAAG,EAAE;IAC5B,MAAM,CAAC,eAAe,EAAE,kBAAkB,CAAC,GAAG,IAAA,gBAAQ,EAAC,IAAI,CAAC,CAAC;IAC7D,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,MAAM,WAAW,GAAG,GAAG,EAAE;YACvB,kBAAkB,CAAC,IAAI,CAAC,CAAC;QAC3B,CAAC,CAAC;QAEF,MAAM,UAAU,GAAG,GAAG,EAAE;YACtB,kBAAkB,CAAC,KAAK,CAAC,CAAC;QAC5B,CAAC,CAAC;QACF,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;QAC9C,MAAM,CAAC,gBAAgB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QAE5C,OAAO,GAAG,EAAE;YACV,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;YACjD,MAAM,CAAC,mBAAmB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QACjD,CAAC,CAAC;IACJ,CAAC,EAAE,EAAE,CAAC,CAAC;IACP,OAAO,EAAE,eAAe,EAAE,CAAC;AAC7B,CAAC,CAAC;AACO,4CAAgB","sourcesContent":["import { useEffect, useState } from \"react\";\n\nconst useWindowFocused = () => {\n const [isWindowFocused, setIsWindowFocused] = useState(true);\n useEffect(() => {\n const handleFocus = () => {\n setIsWindowFocused(true);\n };\n\n const handleBlur = () => {\n setIsWindowFocused(false);\n };\n window.addEventListener(\"focus\", handleFocus);\n window.addEventListener(\"blur\", handleBlur);\n\n return () => {\n window.removeEventListener(\"focus\", handleFocus);\n window.removeEventListener(\"blur\", handleBlur);\n };\n }, []);\n return { isWindowFocused };\n};\nexport { useWindowFocused };\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/shared/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/shared/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,CAAC;AAEnB,eAAO,MAAM,UAAU,cAAgB,CAAC;AAExC,eAAO,MAAM,YAAY,YAWxB,CAAC"}
|
package/dist/cjs/shared/index.js
CHANGED
|
@@ -1,17 +1,19 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.printVersion = exports.VERSION = void 0;
|
|
3
|
+
exports.printVersion = exports.getVersion = exports.VERSION = void 0;
|
|
4
4
|
const version_js_1 = require("./version.js");
|
|
5
5
|
Object.defineProperty(exports, "VERSION", { enumerable: true, get: function () { return version_js_1.VERSION; } });
|
|
6
6
|
let versionPrinted = false;
|
|
7
|
+
const getVersion = () => version_js_1.VERSION;
|
|
8
|
+
exports.getVersion = getVersion;
|
|
7
9
|
// print the version to the browser
|
|
8
10
|
const printVersion = () => {
|
|
9
11
|
if (!versionPrinted) {
|
|
10
12
|
versionPrinted = true;
|
|
11
|
-
if (
|
|
13
|
+
if ((0, exports.getVersion)() &&
|
|
12
14
|
typeof window !== "undefined" &&
|
|
13
15
|
typeof document !== "undefined") {
|
|
14
|
-
console.log(
|
|
16
|
+
console.log((0, exports.getVersion)());
|
|
15
17
|
}
|
|
16
18
|
}
|
|
17
19
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/shared/index.ts"],"names":[],"mappings":";;;AAAA,6CAAuC;AAC9B,wFADA,oBAAO,OACA;AAChB,IAAI,cAAc,GAAG,KAAK,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/shared/index.ts"],"names":[],"mappings":";;;AAAA,6CAAuC;AAC9B,wFADA,oBAAO,OACA;AAChB,IAAI,cAAc,GAAG,KAAK,CAAC;AACpB,MAAM,UAAU,GAAG,GAAG,EAAE,CAAC,oBAAO,CAAC;AAA3B,QAAA,UAAU,cAAiB;AACxC,mCAAmC;AAC5B,MAAM,YAAY,GAAG,GAAG,EAAE;IAC/B,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,cAAc,GAAG,IAAI,CAAC;QACtB,IACE,IAAA,kBAAU,GAAE;YACZ,OAAO,MAAM,KAAK,WAAW;YAC7B,OAAO,QAAQ,KAAK,WAAW,EAC/B,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,IAAA,kBAAU,GAAE,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;AACH,CAAC,CAAC;AAXW,QAAA,YAAY,gBAWvB","sourcesContent":["import { VERSION } from \"./version.js\";\nexport { VERSION };\nlet versionPrinted = false;\nexport const getVersion = () => VERSION;\n// print the version to the browser\nexport const printVersion = () => {\n if (!versionPrinted) {\n versionPrinted = true;\n if (\n getVersion() &&\n typeof window !== \"undefined\" &&\n typeof document !== \"undefined\"\n ) {\n console.log(getVersion());\n }\n }\n};\n"]}
|
|
@@ -25,6 +25,7 @@ export type TokensCookieConfig = Record<OAuthTokens | CodeVerifier, CookieConfig
|
|
|
25
25
|
export type CivicAuthConfig = null | {
|
|
26
26
|
clientId: string;
|
|
27
27
|
redirectUrl: string;
|
|
28
|
+
logoutRedirectUrl: string;
|
|
28
29
|
oauthServer: string;
|
|
29
30
|
endpoints: Endpoints;
|
|
30
31
|
scopes: string[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAE5C,oBAAY,WAAW;IACrB,QAAQ,aAAa;IACrB,YAAY,iBAAiB;IAC7B,aAAa,kBAAkB;IAC/B,UAAU,eAAe;IACzB,SAAS,cAAc;CACxB;AAED,oBAAY,YAAY;IACtB,WAAW,kBAAkB;IAC7B,OAAO,YAAY;CACpB;AACD,oBAAY,WAAW;IACrB,IAAI,SAAS;CACd;AACD,MAAM,WAAW,YAAY;IAC3B,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IACrC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,MAAM,kBAAkB,GAAG,MAAM,CACrC,WAAW,GAAG,YAAY,EAC1B,YAAY,CACb,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG,IAAI,GAAG;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,SAAS,CAAC;IACrB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC"}
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAE5C,oBAAY,WAAW;IACrB,QAAQ,aAAa;IACrB,YAAY,iBAAiB;IAC7B,aAAa,kBAAkB;IAC/B,UAAU,eAAe;IACzB,SAAS,cAAc;CACxB;AAED,oBAAY,YAAY;IACtB,WAAW,kBAAkB;IAC7B,OAAO,YAAY;CACpB;AACD,oBAAY,WAAW;IACrB,IAAI,SAAS;CACd;AACD,MAAM,WAAW,YAAY;IAC3B,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IACrC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,MAAM,kBAAkB,GAAG,MAAM,CACrC,WAAW,GAAG,YAAY,EAC1B,YAAY,CACb,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG,IAAI,GAAG;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,SAAS,CAAC;IACrB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../../src/shared/lib/types.ts"],"names":[],"mappings":";;;AAEA,IAAY,WAMX;AAND,WAAY,WAAW;IACrB,oCAAqB,CAAA;IACrB,4CAA6B,CAAA;IAC7B,8CAA+B,CAAA;IAC/B,wCAAyB,CAAA;IACzB,sCAAuB,CAAA;AACzB,CAAC,EANW,WAAW,2BAAX,WAAW,QAMtB;AAED,IAAY,YAGX;AAHD,WAAY,YAAY;IACtB,6CAA6B,CAAA;IAC7B,mCAAmB,CAAA;AACrB,CAAC,EAHW,YAAY,4BAAZ,YAAY,QAGvB;AACD,IAAY,WAEX;AAFD,WAAY,WAAW;IACrB,4BAAa,CAAA;AACf,CAAC,EAFW,WAAW,2BAAX,WAAW,QAEtB","sourcesContent":["import type { Endpoints } from \"@/types.js\";\n\nexport enum OAuthTokens {\n ID_TOKEN = \"id_token\",\n ACCESS_TOKEN = \"access_token\",\n REFRESH_TOKEN = \"refresh_token\",\n EXPIRES_IN = \"expires_in\",\n TIMESTAMP = \"timestamp\",\n}\n\nexport enum CodeVerifier {\n COOKIE_NAME = \"code_verifier\",\n APP_URL = \"app_url\",\n}\nexport enum UserStorage {\n USER = \"user\",\n}\nexport interface CookieConfig {\n secure?: boolean;\n sameSite?: \"strict\" | \"lax\" | \"none\";\n domain?: string;\n path?: string;\n maxAge?: number;\n httpOnly?: boolean;\n}\n\nexport type TokensCookieConfig = Record<\n OAuthTokens | CodeVerifier,\n CookieConfig\n>;\n\nexport type CivicAuthConfig = null | {\n clientId: string;\n redirectUrl: string;\n oauthServer: string;\n endpoints: Endpoints;\n scopes: string[];\n nonce?: string;\n challengeUrl?: string;\n logoutUrl?: string;\n};\n"]}
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../../src/shared/lib/types.ts"],"names":[],"mappings":";;;AAEA,IAAY,WAMX;AAND,WAAY,WAAW;IACrB,oCAAqB,CAAA;IACrB,4CAA6B,CAAA;IAC7B,8CAA+B,CAAA;IAC/B,wCAAyB,CAAA;IACzB,sCAAuB,CAAA;AACzB,CAAC,EANW,WAAW,2BAAX,WAAW,QAMtB;AAED,IAAY,YAGX;AAHD,WAAY,YAAY;IACtB,6CAA6B,CAAA;IAC7B,mCAAmB,CAAA;AACrB,CAAC,EAHW,YAAY,4BAAZ,YAAY,QAGvB;AACD,IAAY,WAEX;AAFD,WAAY,WAAW;IACrB,4BAAa,CAAA;AACf,CAAC,EAFW,WAAW,2BAAX,WAAW,QAEtB","sourcesContent":["import type { Endpoints } from \"@/types.js\";\n\nexport enum OAuthTokens {\n ID_TOKEN = \"id_token\",\n ACCESS_TOKEN = \"access_token\",\n REFRESH_TOKEN = \"refresh_token\",\n EXPIRES_IN = \"expires_in\",\n TIMESTAMP = \"timestamp\",\n}\n\nexport enum CodeVerifier {\n COOKIE_NAME = \"code_verifier\",\n APP_URL = \"app_url\",\n}\nexport enum UserStorage {\n USER = \"user\",\n}\nexport interface CookieConfig {\n secure?: boolean;\n sameSite?: \"strict\" | \"lax\" | \"none\";\n domain?: string;\n path?: string;\n maxAge?: number;\n httpOnly?: boolean;\n}\n\nexport type TokensCookieConfig = Record<\n OAuthTokens | CodeVerifier,\n CookieConfig\n>;\n\nexport type CivicAuthConfig = null | {\n clientId: string;\n redirectUrl: string;\n logoutRedirectUrl: string;\n oauthServer: string;\n endpoints: Endpoints;\n scopes: string[];\n nonce?: string;\n challengeUrl?: string;\n logoutUrl?: string;\n};\n"]}
|
|
@@ -18,10 +18,11 @@ export declare function generateOauthLoginUrl(config: {
|
|
|
18
18
|
}): Promise<URL>;
|
|
19
19
|
export declare function generateOauthLogoutUrl(config: {
|
|
20
20
|
clientId: string;
|
|
21
|
-
|
|
21
|
+
redirectUrl: string;
|
|
22
|
+
idToken: string;
|
|
23
|
+
state: string;
|
|
22
24
|
oauthServer: string;
|
|
23
25
|
endpointOverrides?: Partial<Endpoints>;
|
|
24
|
-
pkceConsumer: PKCEConsumer;
|
|
25
26
|
}): Promise<URL>;
|
|
26
27
|
export declare function buildOauth2Client(clientId: string, redirectUri: string, endpoints: Endpoints): OAuth2Client;
|
|
27
28
|
export declare function exchangeTokens(code: string, state: string, pkceProducer: PKCEProducer, oauth2Client: OAuth2Client, oauthServer: string, endpoints: Endpoints): Promise<OIDCTokenResponseBody>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/util.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,SAAS,EAET,qBAAqB,EACrB,YAAY,EACb,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAI3C,OAAO,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAGtE;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,YAAY,EAAE,MAAM,EACpB,MAAM,GAAE,OAAO,GAAG,MAAe,GAChC,OAAO,CAAC,MAAM,CAAC,CAajB;AAED,wBAAsB,yBAAyB,CAC7C,WAAW,EAAE,MAAM,EACnB,iBAAiB,GAAE,OAAO,CAAC,SAAS,CAAM,GACzC,OAAO,CAAC,SAAS,CAAC,CAMpB;AAED,wBAAsB,qBAAqB,CAAC,MAAM,EAAE;IAClD,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IAEvC,YAAY,EAAE,YAAY,CAAC;CAC5B,GAAG,OAAO,CAAC,GAAG,CAAC,CA2Bf;AAED,wBAAsB,sBAAsB,CAAC,MAAM,EAAE;IACnD,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../../../src/shared/lib/util.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,SAAS,EAET,qBAAqB,EACrB,YAAY,EACb,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAI3C,OAAO,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAGtE;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,YAAY,EAAE,MAAM,EACpB,MAAM,GAAE,OAAO,GAAG,MAAe,GAChC,OAAO,CAAC,MAAM,CAAC,CAajB;AAED,wBAAsB,yBAAyB,CAC7C,WAAW,EAAE,MAAM,EACnB,iBAAiB,GAAE,OAAO,CAAC,SAAS,CAAM,GACzC,OAAO,CAAC,SAAS,CAAC,CAMpB;AAED,wBAAsB,qBAAqB,CAAC,MAAM,EAAE;IAClD,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IAEvC,YAAY,EAAE,YAAY,CAAC;CAC5B,GAAG,OAAO,CAAC,GAAG,CAAC,CA2Bf;AAED,wBAAsB,sBAAsB,CAAC,MAAM,EAAE;IACnD,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;CACxC,GAAG,OAAO,CAAC,GAAG,CAAC,CAcf;AAED,wBAAgB,iBAAiB,CAC/B,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,SAAS,GACnB,YAAY,CAId;AAED,wBAAsB,cAAc,CAClC,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,YAAY,EAAE,YAAY,EAC1B,YAAY,EAAE,YAAY,EAC1B,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,SAAS,kCAoBrB;AAED,wBAAsB,WAAW,CAC/B,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,qBAAqB,iBAY9B;AAED,wBAAsB,WAAW,CAAC,OAAO,EAAE,WAAW,iBAKrD;AAED,wBAAsB,SAAS,CAAC,OAAO,EAAE,WAAW,iBAInD;AAED,wBAAsB,cAAc,CAClC,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC,CAgBvC;AAED,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,qBAAqB,EAC7B,SAAS,EAAE,SAAS,EACpB,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,YAAY,CAAC,CA2BvB"}
|
|
@@ -94,9 +94,13 @@ async function generateOauthLoginUrl(config) {
|
|
|
94
94
|
return oAuthUrl;
|
|
95
95
|
}
|
|
96
96
|
async function generateOauthLogoutUrl(config) {
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
97
|
+
const endpoints = await getEndpointsWithOverrides(config.oauthServer, config.endpointOverrides);
|
|
98
|
+
const endSessionUrl = new URL(endpoints.endsession);
|
|
99
|
+
endSessionUrl.searchParams.append("client_id", config.clientId);
|
|
100
|
+
endSessionUrl.searchParams.append("id_token_hint", config.idToken);
|
|
101
|
+
endSessionUrl.searchParams.append("state", config.state);
|
|
102
|
+
endSessionUrl.searchParams.append("post_logout_redirect_uri", config.redirectUrl);
|
|
103
|
+
return endSessionUrl;
|
|
100
104
|
}
|
|
101
105
|
function buildOauth2Client(clientId, redirectUri, endpoints) {
|
|
102
106
|
return new oauth2_1.OAuth2Client(clientId, endpoints.auth, endpoints.token, {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"util.js","sourceRoot":"","sources":["../../../../src/shared/lib/util.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoBA,kDAgBC;AAED,8DASC;AAED,sDAqCC;AAED,wDAWC;AAED,8CAQC;AAED,wCA0BC;AAED,kCAcC;AAED,kCAKC;AAED,8BAIC;AAED,wCAkBC;AAED,oDAgCC;AAnND,yCAAyC;AACzC,wCAA2C;AAC3C,6CAAwE;AACxE,2CAA6B;AAC7B,yCAA8C;AAE9C,gEAAiE;AAEjE;;GAEG;AACI,KAAK,UAAU,mBAAmB,CACvC,YAAoB,EACpB,SAA2B,MAAM;IAEjC,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,OAAO,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QAC3D,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;SACxD,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACxB,CAAC;AAEM,KAAK,UAAU,yBAAyB,CAC7C,WAAmB,EACnB,oBAAwC,EAAE;IAE1C,MAAM,SAAS,GAAG,MAAM,IAAA,4BAAiB,EAAC,WAAW,CAAC,CAAC;IACvD,OAAO;QACL,GAAG,SAAS;QACZ,GAAG,iBAAiB;KACrB,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,qBAAqB,CAAC,MAU3C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,YAAY,GAAG,iBAAiB,CACpC,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,WAAW,EAClB,SAAS,CACV,CAAC;IACF,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,gBAAgB,EAAE,CAAC;IAC/D,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,sBAAsB,CAAC;QACzD,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAC;IACH,yGAAyG;IACzG,yEAAyE;IACzE,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;IAC1D,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;IAC9D,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,uDAAuD;QACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACtD,CAAC;IACD,uDAAuD;IACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IAElD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAAC,MAO5C;IACC,kCAAkC;IAClC,OAAO,CAAC,GAAG,CAAC,wCAAwC,EAAE,MAAM,CAAC,CAAC;IAC9D,OAAO,IAAI,GAAG,CAAC,kBAAkB,CAAC,CAAC;AACrC,CAAC;AAED,SAAgB,iBAAiB,CAC/B,QAAgB,EAChB,WAAmB,EACnB,SAAoB;IAEpB,OAAO,IAAI,qBAAY,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,KAAK,EAAE;QACjE,WAAW,EAAE,WAAW;KACzB,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,cAAc,CAClC,IAAY,EACZ,KAAa,EACb,YAA0B,EAC1B,YAA0B,EAC1B,WAAmB,EACnB,SAAoB;IAEpB,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,eAAe,EAAE,CAAC;IAC1D,IAAI,CAAC,YAAY;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAEvE,MAAM,MAAM,GACV,MAAM,YAAY,CAAC,yBAAyB,CAAwB,IAAI,EAAE;QACxE,YAAY;KACb,CAAC,CAAC;IAEL,2BAA2B;IAC3B,IAAI,CAAC;QACH,MAAM,oBAAoB,CAAC,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,WAAW,CAAC,CAAC;IAC3E,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qBAAqB,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACxD,MAAM,IAAI,KAAK,CACb,kCAAmC,KAAe,CAAC,OAAO,EAAE,CAC7D,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAEM,KAAK,UAAU,WAAW,CAC/B,OAAoB,EACpB,MAA6B;IAE7B,4GAA4G;IAC5G,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IACzD,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IACjE,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACzB,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,aAAa,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;IACrE,CAAC;IACD,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QACtB,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC;QACxE,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC5E,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,WAAW,CAAC,OAAoB;IACpD,MAAM,kBAAkB,GAAG,MAAM,CAAC,MAAM,CAAC,sBAAW,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QACtE,MAAM,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;IACH,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,kBAAkB,CAAC,CAAC,CAAC;AAC7C,CAAC;AAEM,KAAK,UAAU,SAAS,CAAC,OAAoB;IAClD,MAAM,WAAW,GAAG,IAAI,mCAAkB,CAAC,OAAO,CAAC,CAAC;IACpD,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACzB,MAAM,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAC9B,CAAC;AAEM,KAAK,UAAU,cAAc,CAClC,OAAoB;IAEpB,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,YAAY,CAAC,CAAC;IAChE,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,aAAa,CAAC,CAAC;IAClE,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,UAAU,CAAC,CAAC;IAC5D,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,SAAS,CAAC,CAAC;IAE3D,IAAI,CAAC,OAAO,IAAI,CAAC,WAAW;QAAE,OAAO,IAAI,CAAC;IAE1C,OAAO;QACL,QAAQ,EAAE,OAAO;QACjB,YAAY,EAAE,WAAW;QACzB,aAAa,EAAE,YAAY,IAAI,SAAS;QACxC,UAAU,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,2BAA2B;QACxF,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,2BAA2B;KACxF,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,oBAAoB,CACxC,MAA6B,EAC7B,SAAoB,EACpB,YAA0B,EAC1B,MAAc;IAEd,MAAM,IAAI,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAE9D,wBAAwB;IACxB,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,SAAS,CAC1C,MAAM,CAAC,QAAQ,EACf,IAAI,EACJ;QACE,MAAM,EAAE,IAAA,8BAAmB,EAAC,MAAM,CAAC;QACnC,QAAQ,EAAE,YAAY,CAAC,QAAQ;KAChC,CACF,CAAC;IAEF,4BAA4B;IAC5B,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,SAAS,CAC9C,MAAM,CAAC,YAAY,EACnB,IAAI,EACJ;QACE,MAAM,EAAE,IAAA,8BAAmB,EAAC,MAAM,CAAC;KACpC,CACF,CAAC;IAEF,OAAO,IAAA,2BAAgB,EAAC;QACtB,QAAQ,EAAE,eAAe,CAAC,OAAO;QACjC,YAAY,EAAE,mBAAmB,CAAC,OAAO;QACzC,aAAa,EAAE,MAAM,CAAC,aAAa;KACpC,CAAC,CAAC;AACL,CAAC","sourcesContent":["// Utility functions shared by auth server and client integrations\n// Typically these functions should be used inside AuthenticationInitiator and AuthenticationResolver implementations\nimport type {\n AuthStorage,\n Endpoints,\n JWTPayload,\n OIDCTokenResponseBody,\n ParsedTokens,\n} from \"@/types.js\";\nimport { OAuthTokens } from \"./types.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { getIssuerVariations, getOauthEndpoints } from \"@/lib/oauth.js\";\nimport * as jose from \"jose\";\nimport { withoutUndefined } from \"@/utils.js\";\nimport type { PKCEConsumer, PKCEProducer } from \"@/services/types.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\n\n/**\n * Given a PKCE code verifier, derive the code challenge using SHA\n */\nexport async function deriveCodeChallenge(\n codeVerifier: string,\n method: \"Plain\" | \"S256\" = \"S256\",\n): Promise<string> {\n if (method === \"Plain\") {\n console.warn(\"Using insecure plain code challenge method\");\n return codeVerifier;\n }\n\n const encoder = new TextEncoder();\n const data = encoder.encode(codeVerifier);\n const digest = await crypto.subtle.digest(\"SHA-256\", data);\n return btoa(String.fromCharCode(...new Uint8Array(digest)))\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=+$/, \"\");\n}\n\nexport async function getEndpointsWithOverrides(\n oauthServer: string,\n endpointOverrides: Partial<Endpoints> = {},\n): Promise<Endpoints> {\n const endpoints = await getOauthEndpoints(oauthServer);\n return {\n ...endpoints,\n ...endpointOverrides,\n };\n}\n\nexport async function generateOauthLoginUrl(config: {\n clientId: string;\n scopes: string[];\n state: string;\n redirectUrl: string;\n oauthServer: string;\n nonce?: string;\n endpointOverrides?: Partial<Endpoints>;\n // used to get the PKCE challenge\n pkceConsumer: PKCEConsumer;\n}): Promise<URL> {\n const endpoints = await getEndpointsWithOverrides(\n config.oauthServer,\n config.endpointOverrides,\n );\n const oauth2Client = buildOauth2Client(\n config.clientId,\n config.redirectUrl,\n endpoints,\n );\n const challenge = await config.pkceConsumer.getCodeChallenge();\n const oAuthUrl = await oauth2Client.createAuthorizationURL({\n state: config.state,\n scopes: config.scopes,\n });\n // The OAuth2 client supports PKCE, but does not allow passing in a code challenge from some other source\n // It only allows passing in a code verifier which it then hashes itself.\n oAuthUrl.searchParams.append(\"code_challenge\", challenge);\n oAuthUrl.searchParams.append(\"code_challenge_method\", \"S256\");\n if (config.nonce) {\n // nonce isn't supported by oslo, so we add it manually\n oAuthUrl.searchParams.append(\"nonce\", config.nonce);\n }\n // Required by the auth server for offline_access scope\n oAuthUrl.searchParams.append(\"prompt\", \"consent\");\n\n return oAuthUrl;\n}\n\nexport async function generateOauthLogoutUrl(config: {\n clientId: string;\n scopes: string[];\n oauthServer: string;\n endpointOverrides?: Partial<Endpoints>;\n // used to get the PKCE challenge\n pkceConsumer: PKCEConsumer;\n}): Promise<URL> {\n // TODO TECH-676: Implement logout\n console.log(\"generateOauthLogoutUrl not implemented\", config);\n return new URL(\"http://localhost\");\n}\n\nexport function buildOauth2Client(\n clientId: string,\n redirectUri: string,\n endpoints: Endpoints,\n): OAuth2Client {\n return new OAuth2Client(clientId, endpoints.auth, endpoints.token, {\n redirectURI: redirectUri,\n });\n}\n\nexport async function exchangeTokens(\n code: string,\n state: string,\n pkceProducer: PKCEProducer,\n oauth2Client: OAuth2Client,\n oauthServer: string,\n endpoints: Endpoints,\n) {\n const codeVerifier = await pkceProducer.getCodeVerifier();\n if (!codeVerifier) throw new Error(\"Code verifier not found in state\");\n\n const tokens =\n await oauth2Client.validateAuthorizationCode<OIDCTokenResponseBody>(code, {\n codeVerifier,\n });\n\n // Validate relevant tokens\n try {\n await validateOauth2Tokens(tokens, endpoints, oauth2Client, oauthServer);\n } catch (error) {\n console.error(\"tokenExchange error\", { error, tokens });\n throw new Error(\n `OIDC tokens validation failed: ${(error as Error).message}`,\n );\n }\n return tokens;\n}\n\nexport async function storeTokens(\n storage: AuthStorage,\n tokens: OIDCTokenResponseBody,\n) {\n // store tokens in storage ( TODO we should probably store them against the state to allow multiple logins )\n await storage.set(OAuthTokens.ID_TOKEN, tokens.id_token);\n await storage.set(OAuthTokens.ACCESS_TOKEN, tokens.access_token);\n if (tokens.refresh_token) {\n await storage.set(OAuthTokens.REFRESH_TOKEN, tokens.refresh_token);\n }\n if (tokens.expires_in) {\n await storage.set(OAuthTokens.EXPIRES_IN, tokens.expires_in.toString());\n await storage.set(OAuthTokens.TIMESTAMP, new Date().getTime().toString());\n }\n}\n\nexport async function clearTokens(storage: AuthStorage) {\n const clearOAuthPromises = Object.values(OAuthTokens).map(async (key) => {\n await storage.set(key, \"\");\n });\n await Promise.all([...clearOAuthPromises]);\n}\n\nexport async function clearUser(storage: AuthStorage) {\n const userSession = new GenericUserSession(storage);\n console.log(\"clearUser\");\n await userSession.set(null);\n}\n\nexport async function retrieveTokens(\n storage: AuthStorage,\n): Promise<OIDCTokenResponseBody | null> {\n const idToken = await storage.get(OAuthTokens.ID_TOKEN);\n const accessToken = await storage.get(OAuthTokens.ACCESS_TOKEN);\n const refreshToken = await storage.get(OAuthTokens.REFRESH_TOKEN);\n const expiresIn = await storage.get(OAuthTokens.EXPIRES_IN);\n const timestamp = await storage.get(OAuthTokens.TIMESTAMP);\n\n if (!idToken || !accessToken) return null;\n\n return {\n id_token: idToken,\n access_token: accessToken,\n refresh_token: refreshToken ?? undefined,\n expires_in: expiresIn ? parseInt(expiresIn, 10) : undefined, // Convert string to number\n timestamp: timestamp ? parseInt(timestamp, 10) : undefined, // Convert string to number\n };\n}\n\nexport async function validateOauth2Tokens(\n tokens: OIDCTokenResponseBody,\n endpoints: Endpoints,\n oauth2Client: OAuth2Client,\n issuer: string,\n): Promise<ParsedTokens> {\n const JWKS = jose.createRemoteJWKSet(new URL(endpoints.jwks));\n\n // validate the ID token\n const idTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.id_token,\n JWKS,\n {\n issuer: getIssuerVariations(issuer),\n audience: oauth2Client.clientId,\n },\n );\n\n // validate the access token\n const accessTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.access_token,\n JWKS,\n {\n issuer: getIssuerVariations(issuer),\n },\n );\n\n return withoutUndefined({\n id_token: idTokenResponse.payload,\n access_token: accessTokenResponse.payload,\n refresh_token: tokens.refresh_token,\n });\n}\n"]}
|
|
1
|
+
{"version":3,"file":"util.js","sourceRoot":"","sources":["../../../../src/shared/lib/util.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoBA,kDAgBC;AAED,8DASC;AAED,sDAqCC;AAED,wDAqBC;AAED,8CAQC;AAED,wCA0BC;AAED,kCAcC;AAED,kCAKC;AAED,8BAIC;AAED,wCAkBC;AAED,oDAgCC;AA7ND,yCAAyC;AACzC,wCAA2C;AAC3C,6CAAwE;AACxE,2CAA6B;AAC7B,yCAA8C;AAE9C,gEAAiE;AAEjE;;GAEG;AACI,KAAK,UAAU,mBAAmB,CACvC,YAAoB,EACpB,SAA2B,MAAM;IAEjC,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,OAAO,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QAC3D,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;SACxD,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACxB,CAAC;AAEM,KAAK,UAAU,yBAAyB,CAC7C,WAAmB,EACnB,oBAAwC,EAAE;IAE1C,MAAM,SAAS,GAAG,MAAM,IAAA,4BAAiB,EAAC,WAAW,CAAC,CAAC;IACvD,OAAO;QACL,GAAG,SAAS;QACZ,GAAG,iBAAiB;KACrB,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,qBAAqB,CAAC,MAU3C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,YAAY,GAAG,iBAAiB,CACpC,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,WAAW,EAClB,SAAS,CACV,CAAC;IACF,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,gBAAgB,EAAE,CAAC;IAC/D,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,sBAAsB,CAAC;QACzD,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAC;IACH,yGAAyG;IACzG,yEAAyE;IACzE,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;IAC1D,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;IAC9D,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,uDAAuD;QACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACtD,CAAC;IACD,uDAAuD;IACvD,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IAElD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAAC,MAO5C;IACC,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IACF,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IACpD,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChE,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IACnE,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACzD,aAAa,CAAC,YAAY,CAAC,MAAM,CAC/B,0BAA0B,EAC1B,MAAM,CAAC,WAAW,CACnB,CAAC;IACF,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,SAAgB,iBAAiB,CAC/B,QAAgB,EAChB,WAAmB,EACnB,SAAoB;IAEpB,OAAO,IAAI,qBAAY,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,KAAK,EAAE;QACjE,WAAW,EAAE,WAAW;KACzB,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,cAAc,CAClC,IAAY,EACZ,KAAa,EACb,YAA0B,EAC1B,YAA0B,EAC1B,WAAmB,EACnB,SAAoB;IAEpB,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,eAAe,EAAE,CAAC;IAC1D,IAAI,CAAC,YAAY;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAEvE,MAAM,MAAM,GACV,MAAM,YAAY,CAAC,yBAAyB,CAAwB,IAAI,EAAE;QACxE,YAAY;KACb,CAAC,CAAC;IAEL,2BAA2B;IAC3B,IAAI,CAAC;QACH,MAAM,oBAAoB,CAAC,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,WAAW,CAAC,CAAC;IAC3E,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qBAAqB,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACxD,MAAM,IAAI,KAAK,CACb,kCAAmC,KAAe,CAAC,OAAO,EAAE,CAC7D,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAEM,KAAK,UAAU,WAAW,CAC/B,OAAoB,EACpB,MAA6B;IAE7B,4GAA4G;IAC5G,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IACzD,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IACjE,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACzB,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,aAAa,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;IACrE,CAAC;IACD,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QACtB,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC;QACxE,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC5E,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,WAAW,CAAC,OAAoB;IACpD,MAAM,kBAAkB,GAAG,MAAM,CAAC,MAAM,CAAC,sBAAW,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QACtE,MAAM,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;IACH,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,kBAAkB,CAAC,CAAC,CAAC;AAC7C,CAAC;AAEM,KAAK,UAAU,SAAS,CAAC,OAAoB;IAClD,MAAM,WAAW,GAAG,IAAI,mCAAkB,CAAC,OAAO,CAAC,CAAC;IACpD,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACzB,MAAM,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAC9B,CAAC;AAEM,KAAK,UAAU,cAAc,CAClC,OAAoB;IAEpB,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,YAAY,CAAC,CAAC;IAChE,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,aAAa,CAAC,CAAC;IAClE,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,UAAU,CAAC,CAAC;IAC5D,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAW,CAAC,SAAS,CAAC,CAAC;IAE3D,IAAI,CAAC,OAAO,IAAI,CAAC,WAAW;QAAE,OAAO,IAAI,CAAC;IAE1C,OAAO;QACL,QAAQ,EAAE,OAAO;QACjB,YAAY,EAAE,WAAW;QACzB,aAAa,EAAE,YAAY,IAAI,SAAS;QACxC,UAAU,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,2BAA2B;QACxF,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,2BAA2B;KACxF,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,oBAAoB,CACxC,MAA6B,EAC7B,SAAoB,EACpB,YAA0B,EAC1B,MAAc;IAEd,MAAM,IAAI,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAE9D,wBAAwB;IACxB,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,SAAS,CAC1C,MAAM,CAAC,QAAQ,EACf,IAAI,EACJ;QACE,MAAM,EAAE,IAAA,8BAAmB,EAAC,MAAM,CAAC;QACnC,QAAQ,EAAE,YAAY,CAAC,QAAQ;KAChC,CACF,CAAC;IAEF,4BAA4B;IAC5B,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,SAAS,CAC9C,MAAM,CAAC,YAAY,EACnB,IAAI,EACJ;QACE,MAAM,EAAE,IAAA,8BAAmB,EAAC,MAAM,CAAC;KACpC,CACF,CAAC;IAEF,OAAO,IAAA,2BAAgB,EAAC;QACtB,QAAQ,EAAE,eAAe,CAAC,OAAO;QACjC,YAAY,EAAE,mBAAmB,CAAC,OAAO;QACzC,aAAa,EAAE,MAAM,CAAC,aAAa;KACpC,CAAC,CAAC;AACL,CAAC","sourcesContent":["// Utility functions shared by auth server and client integrations\n// Typically these functions should be used inside AuthenticationInitiator and AuthenticationResolver implementations\nimport type {\n AuthStorage,\n Endpoints,\n JWTPayload,\n OIDCTokenResponseBody,\n ParsedTokens,\n} from \"@/types.js\";\nimport { OAuthTokens } from \"./types.js\";\nimport { OAuth2Client } from \"oslo/oauth2\";\nimport { getIssuerVariations, getOauthEndpoints } from \"@/lib/oauth.js\";\nimport * as jose from \"jose\";\nimport { withoutUndefined } from \"@/utils.js\";\nimport type { PKCEConsumer, PKCEProducer } from \"@/services/types.js\";\nimport { GenericUserSession } from \"@/shared/lib/UserSession.js\";\n\n/**\n * Given a PKCE code verifier, derive the code challenge using SHA\n */\nexport async function deriveCodeChallenge(\n codeVerifier: string,\n method: \"Plain\" | \"S256\" = \"S256\",\n): Promise<string> {\n if (method === \"Plain\") {\n console.warn(\"Using insecure plain code challenge method\");\n return codeVerifier;\n }\n\n const encoder = new TextEncoder();\n const data = encoder.encode(codeVerifier);\n const digest = await crypto.subtle.digest(\"SHA-256\", data);\n return btoa(String.fromCharCode(...new Uint8Array(digest)))\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=+$/, \"\");\n}\n\nexport async function getEndpointsWithOverrides(\n oauthServer: string,\n endpointOverrides: Partial<Endpoints> = {},\n): Promise<Endpoints> {\n const endpoints = await getOauthEndpoints(oauthServer);\n return {\n ...endpoints,\n ...endpointOverrides,\n };\n}\n\nexport async function generateOauthLoginUrl(config: {\n clientId: string;\n scopes: string[];\n state: string;\n redirectUrl: string;\n oauthServer: string;\n nonce?: string;\n endpointOverrides?: Partial<Endpoints>;\n // used to get the PKCE challenge\n pkceConsumer: PKCEConsumer;\n}): Promise<URL> {\n const endpoints = await getEndpointsWithOverrides(\n config.oauthServer,\n config.endpointOverrides,\n );\n const oauth2Client = buildOauth2Client(\n config.clientId,\n config.redirectUrl,\n endpoints,\n );\n const challenge = await config.pkceConsumer.getCodeChallenge();\n const oAuthUrl = await oauth2Client.createAuthorizationURL({\n state: config.state,\n scopes: config.scopes,\n });\n // The OAuth2 client supports PKCE, but does not allow passing in a code challenge from some other source\n // It only allows passing in a code verifier which it then hashes itself.\n oAuthUrl.searchParams.append(\"code_challenge\", challenge);\n oAuthUrl.searchParams.append(\"code_challenge_method\", \"S256\");\n if (config.nonce) {\n // nonce isn't supported by oslo, so we add it manually\n oAuthUrl.searchParams.append(\"nonce\", config.nonce);\n }\n // Required by the auth server for offline_access scope\n oAuthUrl.searchParams.append(\"prompt\", \"consent\");\n\n return oAuthUrl;\n}\n\nexport async function generateOauthLogoutUrl(config: {\n clientId: string;\n redirectUrl: string;\n idToken: string;\n state: string;\n oauthServer: string;\n endpointOverrides?: Partial<Endpoints>;\n}): Promise<URL> {\n const endpoints = await getEndpointsWithOverrides(\n config.oauthServer,\n config.endpointOverrides,\n );\n const endSessionUrl = new URL(endpoints.endsession);\n endSessionUrl.searchParams.append(\"client_id\", config.clientId);\n endSessionUrl.searchParams.append(\"id_token_hint\", config.idToken);\n endSessionUrl.searchParams.append(\"state\", config.state);\n endSessionUrl.searchParams.append(\n \"post_logout_redirect_uri\",\n config.redirectUrl,\n );\n return endSessionUrl;\n}\n\nexport function buildOauth2Client(\n clientId: string,\n redirectUri: string,\n endpoints: Endpoints,\n): OAuth2Client {\n return new OAuth2Client(clientId, endpoints.auth, endpoints.token, {\n redirectURI: redirectUri,\n });\n}\n\nexport async function exchangeTokens(\n code: string,\n state: string,\n pkceProducer: PKCEProducer,\n oauth2Client: OAuth2Client,\n oauthServer: string,\n endpoints: Endpoints,\n) {\n const codeVerifier = await pkceProducer.getCodeVerifier();\n if (!codeVerifier) throw new Error(\"Code verifier not found in state\");\n\n const tokens =\n await oauth2Client.validateAuthorizationCode<OIDCTokenResponseBody>(code, {\n codeVerifier,\n });\n\n // Validate relevant tokens\n try {\n await validateOauth2Tokens(tokens, endpoints, oauth2Client, oauthServer);\n } catch (error) {\n console.error(\"tokenExchange error\", { error, tokens });\n throw new Error(\n `OIDC tokens validation failed: ${(error as Error).message}`,\n );\n }\n return tokens;\n}\n\nexport async function storeTokens(\n storage: AuthStorage,\n tokens: OIDCTokenResponseBody,\n) {\n // store tokens in storage ( TODO we should probably store them against the state to allow multiple logins )\n await storage.set(OAuthTokens.ID_TOKEN, tokens.id_token);\n await storage.set(OAuthTokens.ACCESS_TOKEN, tokens.access_token);\n if (tokens.refresh_token) {\n await storage.set(OAuthTokens.REFRESH_TOKEN, tokens.refresh_token);\n }\n if (tokens.expires_in) {\n await storage.set(OAuthTokens.EXPIRES_IN, tokens.expires_in.toString());\n await storage.set(OAuthTokens.TIMESTAMP, new Date().getTime().toString());\n }\n}\n\nexport async function clearTokens(storage: AuthStorage) {\n const clearOAuthPromises = Object.values(OAuthTokens).map(async (key) => {\n await storage.set(key, \"\");\n });\n await Promise.all([...clearOAuthPromises]);\n}\n\nexport async function clearUser(storage: AuthStorage) {\n const userSession = new GenericUserSession(storage);\n console.log(\"clearUser\");\n await userSession.set(null);\n}\n\nexport async function retrieveTokens(\n storage: AuthStorage,\n): Promise<OIDCTokenResponseBody | null> {\n const idToken = await storage.get(OAuthTokens.ID_TOKEN);\n const accessToken = await storage.get(OAuthTokens.ACCESS_TOKEN);\n const refreshToken = await storage.get(OAuthTokens.REFRESH_TOKEN);\n const expiresIn = await storage.get(OAuthTokens.EXPIRES_IN);\n const timestamp = await storage.get(OAuthTokens.TIMESTAMP);\n\n if (!idToken || !accessToken) return null;\n\n return {\n id_token: idToken,\n access_token: accessToken,\n refresh_token: refreshToken ?? undefined,\n expires_in: expiresIn ? parseInt(expiresIn, 10) : undefined, // Convert string to number\n timestamp: timestamp ? parseInt(timestamp, 10) : undefined, // Convert string to number\n };\n}\n\nexport async function validateOauth2Tokens(\n tokens: OIDCTokenResponseBody,\n endpoints: Endpoints,\n oauth2Client: OAuth2Client,\n issuer: string,\n): Promise<ParsedTokens> {\n const JWKS = jose.createRemoteJWKSet(new URL(endpoints.jwks));\n\n // validate the ID token\n const idTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.id_token,\n JWKS,\n {\n issuer: getIssuerVariations(issuer),\n audience: oauth2Client.clientId,\n },\n );\n\n // validate the access token\n const accessTokenResponse = await jose.jwtVerify<JWTPayload>(\n tokens.access_token,\n JWKS,\n {\n issuer: getIssuerVariations(issuer),\n },\n );\n\n return withoutUndefined({\n id_token: idTokenResponse.payload,\n access_token: accessTokenResponse.payload,\n refresh_token: tokens.refresh_token,\n });\n}\n"]}
|
|
@@ -5,6 +5,7 @@ export type AuthContextType = {
|
|
|
5
5
|
isLoading: boolean;
|
|
6
6
|
error: Error | null;
|
|
7
7
|
signOut: () => Promise<void>;
|
|
8
|
+
displayMode: DisplayMode;
|
|
8
9
|
};
|
|
9
10
|
export declare const AuthContext: import("react").Context<AuthContextType | null>;
|
|
10
11
|
//# sourceMappingURL=AuthContext.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthContext.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/AuthContext.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAE9C,MAAM,MAAM,eAAe,GAAG;IAC5B,MAAM,EAAE,CAAC,WAAW,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACrD,eAAe,EAAE,OAAO,CAAC;IACzB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"AuthContext.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/AuthContext.tsx"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAE9C,MAAM,MAAM,eAAe,GAAG;IAC5B,MAAM,EAAE,CAAC,WAAW,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACrD,eAAe,EAAE,OAAO,CAAC;IACzB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7B,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AACF,eAAO,MAAM,WAAW,iDAA8C,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthContext.js","sourceRoot":"","sources":["../../../../src/shared/providers/AuthContext.tsx"],"names":[],"mappings":";;;AAAA,iCAAsC;
|
|
1
|
+
{"version":3,"file":"AuthContext.js","sourceRoot":"","sources":["../../../../src/shared/providers/AuthContext.tsx"],"names":[],"mappings":";;;AAAA,iCAAsC;AAWzB,QAAA,WAAW,GAAG,IAAA,qBAAa,EAAyB,IAAI,CAAC,CAAC","sourcesContent":["import { createContext } from \"react\";\nimport type { DisplayMode } from \"@/types.js\";\n\nexport type AuthContextType = {\n signIn: (displayMode?: DisplayMode) => Promise<void>;\n isAuthenticated: boolean;\n isLoading: boolean;\n error: Error | null;\n signOut: () => Promise<void>;\n displayMode: DisplayMode;\n};\nexport const AuthContext = createContext<AuthContextType | null>(null);\n"]}
|
|
@@ -1,11 +1,22 @@
|
|
|
1
|
-
import React from "react";
|
|
2
|
-
import type { SessionData } from "../../types.js";
|
|
1
|
+
import React, { type ReactNode } from "react";
|
|
2
|
+
import type { Config, DisplayMode, SessionData } from "../../types.js";
|
|
3
3
|
import type { PKCEConsumer } from "../../services/types.js";
|
|
4
|
-
|
|
4
|
+
export type IframeMode = "embedded" | "modal";
|
|
5
|
+
export type AuthProviderProps = {
|
|
6
|
+
children: ReactNode;
|
|
7
|
+
clientId: string;
|
|
8
|
+
nonce?: string;
|
|
9
|
+
onSignIn?: (error?: Error) => void;
|
|
10
|
+
onSignOut?: () => Promise<void>;
|
|
11
|
+
iframeMode?: IframeMode;
|
|
12
|
+
config?: Config;
|
|
13
|
+
redirectUrl?: string;
|
|
14
|
+
displayMode?: DisplayMode;
|
|
15
|
+
};
|
|
5
16
|
export type InternalAuthProviderProps = AuthProviderProps & {
|
|
6
17
|
sessionData?: SessionData;
|
|
7
18
|
pkceConsumer?: PKCEConsumer;
|
|
8
19
|
};
|
|
9
|
-
declare const AuthProvider: ({ children, onSignIn, onSignOut, pkceConsumer, iframeMode, }: InternalAuthProviderProps) => React.JSX.Element;
|
|
20
|
+
declare const AuthProvider: ({ children, onSignIn, onSignOut, pkceConsumer, iframeMode, displayMode, }: InternalAuthProviderProps) => React.JSX.Element;
|
|
10
21
|
export { AuthProvider };
|
|
11
22
|
//# sourceMappingURL=AuthProvider.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/AuthProvider.tsx"],"names":[],"mappings":"AAEA,OAAO,
|
|
1
|
+
{"version":3,"file":"AuthProvider.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/AuthProvider.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,EAAE,KAAK,SAAS,EAAgC,MAAM,OAAO,CAAC;AAC5E,OAAO,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAEnE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAkBxD,MAAM,MAAM,UAAU,GAAG,UAAU,GAAG,OAAO,CAAC;AAC9C,MAAM,MAAM,iBAAiB,GAAG;IAC9B,QAAQ,EAAE,SAAS,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,KAAK,KAAK,IAAI,CAAC;IACnC,SAAS,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAChC,UAAU,CAAC,EAAE,UAAU,CAAC;IACxB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,WAAW,CAAC;CAC3B,CAAC;AAEF,MAAM,MAAM,yBAAyB,GAAG,iBAAiB,GAAG;IAC1D,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,YAAY,CAAC,EAAE,YAAY,CAAC;CAC7B,CAAC;AAEF,QAAA,MAAM,YAAY,8EAOf,yBAAyB,sBAsE3B,CAAC;AAEF,OAAO,EAAE,YAAY,EAAE,CAAC"}
|
|
@@ -54,13 +54,14 @@ else {
|
|
|
54
54
|
globalThisObject = Function("return this")();
|
|
55
55
|
}
|
|
56
56
|
globalThisObject.globalThis = globalThisObject;
|
|
57
|
-
const AuthProvider = ({ children, onSignIn, onSignOut, pkceConsumer, iframeMode = "modal", }) => {
|
|
57
|
+
const AuthProvider = ({ children, onSignIn, onSignOut, pkceConsumer, iframeMode = "modal", displayMode = "iframe", }) => {
|
|
58
58
|
const authConfig = (0, useCivicAuthConfig_js_1.useCivicAuthConfig)();
|
|
59
59
|
const { redirectUrl } = authConfig || {};
|
|
60
60
|
const { iframeRef } = (0, useIframe_js_1.useIframe)();
|
|
61
61
|
const { signIn, signOut } = (0, useSignIn_js_1.useSignIn)({
|
|
62
62
|
preSignOut: onSignOut,
|
|
63
63
|
pkceConsumer,
|
|
64
|
+
displayMode: displayMode,
|
|
64
65
|
});
|
|
65
66
|
const [localSessionData, setLocalSessionData] = (0, react_1.useState)();
|
|
66
67
|
const { data: session, error: tokenExchangeError, isLoading: tokenExchangeInProgress, } = (0, useSession_js_1.useSession)();
|
|
@@ -80,7 +81,7 @@ const AuthProvider = ({ children, onSignIn, onSignOut, pkceConsumer, iframeMode
|
|
|
80
81
|
redirectUrl &&
|
|
81
82
|
!isAuthenticated &&
|
|
82
83
|
iframeRef?.current) {
|
|
83
|
-
signIn(
|
|
84
|
+
signIn();
|
|
84
85
|
}
|
|
85
86
|
}, [iframeMode, redirectUrl, isAuthenticated, iframeRef, signIn]);
|
|
86
87
|
const isLoading = tokenExchangeInProgress || !authConfig;
|
|
@@ -90,7 +91,15 @@ const AuthProvider = ({ children, onSignIn, onSignOut, pkceConsumer, iframeMode
|
|
|
90
91
|
signOut,
|
|
91
92
|
isAuthenticated,
|
|
92
93
|
signIn,
|
|
93
|
-
|
|
94
|
+
displayMode,
|
|
95
|
+
}), [
|
|
96
|
+
isLoading,
|
|
97
|
+
tokenExchangeError,
|
|
98
|
+
isAuthenticated,
|
|
99
|
+
signIn,
|
|
100
|
+
signOut,
|
|
101
|
+
displayMode,
|
|
102
|
+
]);
|
|
94
103
|
return (react_1.default.createElement(AuthContext_js_1.AuthContext.Provider, { value: value },
|
|
95
104
|
react_1.default.createElement(IFrameAndLoading_js_1.IFrameAndLoading, { error: tokenExchangeError, isLoading: isLoading }),
|
|
96
105
|
children));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthProvider.js","sourceRoot":"","sources":["../../../../src/shared/providers/AuthProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEb,+
|
|
1
|
+
{"version":3,"file":"AuthProvider.js","sourceRoot":"","sources":["../../../../src/shared/providers/AuthProvider.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEb,+CAA4E;AAE5E,sEAAgE;AAEhE,8DAAwD;AACxD,8DAAwD;AACxD,gFAA0E;AAC1E,gEAA0D;AAC1D,iFAA2E;AAE3E,2BAA2B;AAC3B,IAAI,gBAAgB,CAAC;AACrB,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;IAClC,gBAAgB,GAAG,MAAM,CAAC;AAC5B,CAAC;KAAM,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;IACzC,gBAAgB,GAAG,MAAM,CAAC;AAC5B,CAAC;KAAM,CAAC;IACN,gBAAgB,GAAG,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;AAC/C,CAAC;AACD,gBAAgB,CAAC,UAAU,GAAG,gBAAgB,CAAC;AAoB/C,MAAM,YAAY,GAAG,CAAC,EACpB,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,YAAY,EACZ,UAAU,GAAG,OAAO,EACpB,WAAW,GAAG,QAAQ,GACI,EAAE,EAAE;IAC9B,MAAM,UAAU,GAAG,IAAA,0CAAkB,GAAE,CAAC;IACxC,MAAM,EAAE,WAAW,EAAE,GAAG,UAAU,IAAI,EAAE,CAAC;IACzC,MAAM,EAAE,SAAS,EAAE,GAAG,IAAA,wBAAS,GAAE,CAAC;IAElC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,wBAAS,EAAC;QACpC,UAAU,EAAE,SAAS;QACrB,YAAY;QACZ,WAAW,EAAE,WAAW;KACzB,CAAC,CAAC;IAEH,MAAM,CAAC,gBAAgB,EAAE,mBAAmB,CAAC,GAC3C,IAAA,gBAAQ,GAAsB,CAAC;IAEjC,MAAM,EACJ,IAAI,EAAE,OAAO,EACb,KAAK,EAAE,kBAAkB,EACzB,SAAS,EAAE,uBAAuB,GACnC,GAAG,IAAA,0BAAU,GAAE,CAAC;IAEjB,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,OAAO,EAAE,CAAC;YACZ,mBAAmB,CAAC,OAAO,CAAC,CAAC;YAC7B,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;gBAC1B,QAAQ,EAAE,EAAE,CAAC;YACf,CAAC;QACH,CAAC;IACH,CAAC,EAAE,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IAExB,MAAM,eAAe,GAAG,IAAA,eAAO,EAAC,GAAG,EAAE;QACnC,OAAO,CAAC,CAAC,gBAAgB,EAAE,OAAO,CAAC;IACrC,CAAC,EAAE,CAAC,gBAAgB,CAAC,CAAC,CAAC;IAEvB,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IACE,UAAU,KAAK,UAAU;YACzB,WAAW;YACX,CAAC,eAAe;YAChB,SAAS,EAAE,OAAO,EAClB,CAAC;YACD,MAAM,EAAE,CAAC;QACX,CAAC;IACH,CAAC,EAAE,CAAC,UAAU,EAAE,WAAW,EAAE,eAAe,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC;IAElE,MAAM,SAAS,GAAG,uBAAuB,IAAI,CAAC,UAAU,CAAC;IACzD,MAAM,KAAK,GAAG,IAAA,eAAO,EACnB,GAAG,EAAE,CAAC,CAAC;QACL,SAAS;QACT,KAAK,EAAE,kBAAkC;QACzC,OAAO;QACP,eAAe;QACf,MAAM;QACN,WAAW;KACZ,CAAC,EACF;QACE,SAAS;QACT,kBAAkB;QAClB,eAAe;QACf,MAAM;QACN,OAAO;QACP,WAAW;KACZ,CACF,CAAC;IAEF,OAAO,CACL,8BAAC,4BAAW,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK;QAChC,8BAAC,sCAAgB,IAAC,KAAK,EAAE,kBAAkB,EAAE,SAAS,EAAE,SAAS,GAAI;QACpE,QAAQ,CACY,CACxB,CAAC;AACJ,CAAC,CAAC;AAEO,oCAAY","sourcesContent":["\"use client\";\n\nimport React, { type ReactNode, useEffect, useMemo, useState } from \"react\";\nimport type { Config, DisplayMode, SessionData } from \"@/types.js\";\nimport { AuthContext } from \"@/shared/providers/AuthContext.js\";\nimport type { PKCEConsumer } from \"@/services/types.js\";\nimport { useSignIn } from \"@/shared/hooks/useSignIn.js\";\nimport { useIframe } from \"@/shared/hooks/useIframe.js\";\nimport { useCivicAuthConfig } from \"@/shared/hooks/useCivicAuthConfig.js\";\nimport { useSession } from \"@/shared/hooks/useSession.js\";\nimport { IFrameAndLoading } from \"@/shared/components/IFrameAndLoading.js\";\n\n// Global this object setup\nlet globalThisObject;\nif (typeof window !== \"undefined\") {\n globalThisObject = window;\n} else if (typeof global !== \"undefined\") {\n globalThisObject = global;\n} else {\n globalThisObject = Function(\"return this\")();\n}\nglobalThisObject.globalThis = globalThisObject;\n\nexport type IframeMode = \"embedded\" | \"modal\";\nexport type AuthProviderProps = {\n children: ReactNode;\n clientId: string;\n nonce?: string;\n onSignIn?: (error?: Error) => void;\n onSignOut?: () => Promise<void>;\n iframeMode?: IframeMode;\n config?: Config;\n redirectUrl?: string;\n displayMode?: DisplayMode;\n};\n\nexport type InternalAuthProviderProps = AuthProviderProps & {\n sessionData?: SessionData;\n pkceConsumer?: PKCEConsumer;\n};\n\nconst AuthProvider = ({\n children,\n onSignIn,\n onSignOut,\n pkceConsumer,\n iframeMode = \"modal\",\n displayMode = \"iframe\",\n}: InternalAuthProviderProps) => {\n const authConfig = useCivicAuthConfig();\n const { redirectUrl } = authConfig || {};\n const { iframeRef } = useIframe();\n\n const { signIn, signOut } = useSignIn({\n preSignOut: onSignOut,\n pkceConsumer,\n displayMode: displayMode,\n });\n\n const [localSessionData, setLocalSessionData] =\n useState<SessionData | null>();\n\n const {\n data: session,\n error: tokenExchangeError,\n isLoading: tokenExchangeInProgress,\n } = useSession();\n\n useEffect(() => {\n if (session) {\n setLocalSessionData(session);\n if (session.authenticated) {\n onSignIn?.();\n }\n }\n }, [onSignIn, session]);\n\n const isAuthenticated = useMemo(() => {\n return !!localSessionData?.idToken;\n }, [localSessionData]);\n\n useEffect(() => {\n if (\n iframeMode === \"embedded\" &&\n redirectUrl &&\n !isAuthenticated &&\n iframeRef?.current\n ) {\n signIn();\n }\n }, [iframeMode, redirectUrl, isAuthenticated, iframeRef, signIn]);\n\n const isLoading = tokenExchangeInProgress || !authConfig;\n const value = useMemo(\n () => ({\n isLoading,\n error: tokenExchangeError as Error | null,\n signOut,\n isAuthenticated,\n signIn,\n displayMode,\n }),\n [\n isLoading,\n tokenExchangeError,\n isAuthenticated,\n signIn,\n signOut,\n displayMode,\n ],\n );\n\n return (\n <AuthContext.Provider value={value}>\n <IFrameAndLoading error={tokenExchangeError} isLoading={isLoading} />\n {children}\n </AuthContext.Provider>\n );\n};\n\nexport { AuthProvider };\n"]}
|
|
@@ -6,11 +6,13 @@ type CivicAuthConfigContextType = {
|
|
|
6
6
|
clientId: string;
|
|
7
7
|
scopes?: string[];
|
|
8
8
|
redirectUrl?: string;
|
|
9
|
+
logoutRedirectUrl?: string;
|
|
9
10
|
nonce?: string;
|
|
10
11
|
challengeUrl?: string;
|
|
11
12
|
logoutUrl?: string;
|
|
13
|
+
logoutCallbackUrl?: string;
|
|
12
14
|
};
|
|
13
15
|
declare const CivicAuthConfigContext: React.Context<CivicAuthConfig>;
|
|
14
|
-
declare const CivicAuthConfigProvider: ({ children, oauthServer, clientId, redirectUrl: inputRedirectUrl, nonce, challengeUrl, logoutUrl, scopes, }: CivicAuthConfigContextType) => React.JSX.Element;
|
|
16
|
+
declare const CivicAuthConfigProvider: ({ children, oauthServer, clientId, redirectUrl: inputRedirectUrl, nonce, challengeUrl, logoutUrl, scopes, logoutRedirectUrl: inputLogoutRedirectUrl, }: CivicAuthConfigContextType) => React.JSX.Element;
|
|
15
17
|
export { CivicAuthConfigProvider, CivicAuthConfigContext };
|
|
16
18
|
//# sourceMappingURL=CivicAuthConfigContext.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CivicAuthConfigContext.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/CivicAuthConfigContext.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,EAA0B,KAAK,SAAS,EAAE,MAAM,OAAO,CAAC;AAGtE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAIvD,KAAK,0BAA0B,GAAG;IAChC,QAAQ,EAAE,SAAS,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"CivicAuthConfigContext.d.ts","sourceRoot":"","sources":["../../../../src/shared/providers/CivicAuthConfigContext.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,EAA0B,KAAK,SAAS,EAAE,MAAM,OAAO,CAAC;AAGtE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAIvD,KAAK,0BAA0B,GAAG;IAChC,QAAQ,EAAE,SAAS,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B,CAAC;AAEF,QAAA,MAAM,sBAAsB,gCAAgD,CAAC;AAE7E,QAAA,MAAM,uBAAuB,2JAU1B,0BAA0B,sBAoD5B,CAAC;AAEF,OAAO,EAAE,uBAAuB,EAAE,sBAAsB,EAAE,CAAC"}
|
|
@@ -43,7 +43,7 @@ const defaultConfig = null;
|
|
|
43
43
|
// Context for exposing Config specifically to the TokenProvider
|
|
44
44
|
const CivicAuthConfigContext = (0, react_1.createContext)(defaultConfig);
|
|
45
45
|
exports.CivicAuthConfigContext = CivicAuthConfigContext;
|
|
46
|
-
const CivicAuthConfigProvider = ({ children, oauthServer, clientId, redirectUrl: inputRedirectUrl, nonce, challengeUrl, logoutUrl, scopes, }) => {
|
|
46
|
+
const CivicAuthConfigProvider = ({ children, oauthServer, clientId, redirectUrl: inputRedirectUrl, nonce, challengeUrl, logoutUrl, scopes, logoutRedirectUrl: inputLogoutRedirectUrl, }) => {
|
|
47
47
|
const currentUrl = (0, useCurrentUrl_js_1.useCurrentUrl)();
|
|
48
48
|
const redirectUrl = (0, react_1.useMemo)(() => {
|
|
49
49
|
const useUrl = inputRedirectUrl || currentUrl;
|
|
@@ -53,6 +53,13 @@ const CivicAuthConfigProvider = ({ children, oauthServer, clientId, redirectUrl:
|
|
|
53
53
|
return "";
|
|
54
54
|
}, [currentUrl, inputRedirectUrl]);
|
|
55
55
|
const endpoints = (0, useOAuthEndpoints_js_1.useOAuthEndpoints)(oauthServer);
|
|
56
|
+
const logoutRedirectUrl = (0, react_1.useMemo)(() => {
|
|
57
|
+
const useUrl = inputLogoutRedirectUrl || currentUrl;
|
|
58
|
+
if (useUrl) {
|
|
59
|
+
return `${useUrl.split("?")[0]}`;
|
|
60
|
+
}
|
|
61
|
+
return "";
|
|
62
|
+
}, [currentUrl, inputLogoutRedirectUrl]);
|
|
56
63
|
const value = (0, react_1.useMemo)(() => endpoints
|
|
57
64
|
? {
|
|
58
65
|
clientId,
|
|
@@ -63,6 +70,7 @@ const CivicAuthConfigProvider = ({ children, oauthServer, clientId, redirectUrl:
|
|
|
63
70
|
challengeUrl,
|
|
64
71
|
logoutUrl,
|
|
65
72
|
scopes: scopes || constants_js_1.DEFAULT_SCOPES,
|
|
73
|
+
logoutRedirectUrl,
|
|
66
74
|
}
|
|
67
75
|
: null, [
|
|
68
76
|
clientId,
|
|
@@ -73,6 +81,7 @@ const CivicAuthConfigProvider = ({ children, oauthServer, clientId, redirectUrl:
|
|
|
73
81
|
challengeUrl,
|
|
74
82
|
logoutUrl,
|
|
75
83
|
scopes,
|
|
84
|
+
logoutRedirectUrl,
|
|
76
85
|
]);
|
|
77
86
|
return (react_1.default.createElement(CivicAuthConfigContext.Provider, { value: value }, children));
|
|
78
87
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CivicAuthConfigContext.js","sourceRoot":"","sources":["../../../../src/shared/providers/CivicAuthConfigContext.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACb,iDAAqE;AACrE,+CAAsE;AACtE,8EAAwE;AACxE,sEAAgE;AAGhE,MAAM,aAAa,GAAoB,IAAI,CAAC;
|
|
1
|
+
{"version":3,"file":"CivicAuthConfigContext.js","sourceRoot":"","sources":["../../../../src/shared/providers/CivicAuthConfigContext.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACb,iDAAqE;AACrE,+CAAsE;AACtE,8EAAwE;AACxE,sEAAgE;AAGhE,MAAM,aAAa,GAAoB,IAAI,CAAC;AAc5C,gEAAgE;AAChE,MAAM,sBAAsB,GAAG,IAAA,qBAAa,EAAkB,aAAa,CAAC,CAAC;AAkE3C,wDAAsB;AAhExD,MAAM,uBAAuB,GAAG,CAAC,EAC/B,QAAQ,EACR,WAAW,EACX,QAAQ,EACR,WAAW,EAAE,gBAAgB,EAC7B,KAAK,EACL,YAAY,EACZ,SAAS,EACT,MAAM,EACN,iBAAiB,EAAE,sBAAsB,GACd,EAAE,EAAE;IAC/B,MAAM,UAAU,GAAG,IAAA,gCAAa,GAAE,CAAC;IAEnC,MAAM,WAAW,GAAG,IAAA,eAAO,EAAC,GAAG,EAAE;QAC/B,MAAM,MAAM,GAAG,gBAAgB,IAAI,UAAU,CAAC;QAC9C,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,EAAE,CAAC;IACZ,CAAC,EAAE,CAAC,UAAU,EAAE,gBAAgB,CAAC,CAAC,CAAC;IACnC,MAAM,SAAS,GAAG,IAAA,wCAAiB,EAAC,WAAW,CAAC,CAAC;IAEjD,MAAM,iBAAiB,GAAG,IAAA,eAAO,EAAC,GAAG,EAAE;QACrC,MAAM,MAAM,GAAG,sBAAsB,IAAI,UAAU,CAAC;QACpD,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,EAAE,CAAC;IACZ,CAAC,EAAE,CAAC,UAAU,EAAE,sBAAsB,CAAC,CAAC,CAAC;IAEzC,MAAM,KAAK,GAAG,IAAA,eAAO,EACnB,GAAG,EAAE,CACH,SAAS;QACP,CAAC,CAAC;YACE,QAAQ;YACR,WAAW;YACX,WAAW,EAAE,WAAW,IAAI,kCAAmB;YAC/C,SAAS;YACT,KAAK;YACL,YAAY;YACZ,SAAS;YACT,MAAM,EAAE,MAAM,IAAI,6BAAc;YAChC,iBAAiB;SAClB;QACH,CAAC,CAAC,IAAI,EACV;QACE,QAAQ;QACR,WAAW;QACX,WAAW;QACX,SAAS;QACT,KAAK;QACL,YAAY;QACZ,SAAS;QACT,MAAM;QACN,iBAAiB;KAClB,CACF,CAAC;IACF,OAAO,CACL,8BAAC,sBAAsB,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK,IAC1C,QAAQ,CACuB,CACnC,CAAC;AACJ,CAAC,CAAC;AAEO,0DAAuB","sourcesContent":["\"use client\";\nimport { DEFAULT_AUTH_SERVER, DEFAULT_SCOPES } from \"@/constants.js\";\nimport React, { createContext, useMemo, type ReactNode } from \"react\";\nimport { useOAuthEndpoints } from \"@/shared/hooks/useOAuthEndpoints.js\";\nimport { useCurrentUrl } from \"@/shared/hooks/useCurrentUrl.js\";\nimport type { CivicAuthConfig } from \"../lib/types.js\";\n\nconst defaultConfig: CivicAuthConfig = null;\n\ntype CivicAuthConfigContextType = {\n children: ReactNode;\n oauthServer?: string;\n clientId: string;\n scopes?: string[];\n redirectUrl?: string;\n logoutRedirectUrl?: string;\n nonce?: string;\n challengeUrl?: string;\n logoutUrl?: string;\n logoutCallbackUrl?: string;\n};\n// Context for exposing Config specifically to the TokenProvider\nconst CivicAuthConfigContext = createContext<CivicAuthConfig>(defaultConfig);\n\nconst CivicAuthConfigProvider = ({\n children,\n oauthServer,\n clientId,\n redirectUrl: inputRedirectUrl,\n nonce,\n challengeUrl,\n logoutUrl,\n scopes,\n logoutRedirectUrl: inputLogoutRedirectUrl,\n}: CivicAuthConfigContextType) => {\n const currentUrl = useCurrentUrl();\n\n const redirectUrl = useMemo(() => {\n const useUrl = inputRedirectUrl || currentUrl;\n if (useUrl) {\n return `${useUrl.split(\"?\")[0]}`;\n }\n return \"\";\n }, [currentUrl, inputRedirectUrl]);\n const endpoints = useOAuthEndpoints(oauthServer);\n\n const logoutRedirectUrl = useMemo(() => {\n const useUrl = inputLogoutRedirectUrl || currentUrl;\n if (useUrl) {\n return `${useUrl.split(\"?\")[0]}`;\n }\n return \"\";\n }, [currentUrl, inputLogoutRedirectUrl]);\n\n const value = useMemo(\n () =>\n endpoints\n ? {\n clientId,\n redirectUrl,\n oauthServer: oauthServer || DEFAULT_AUTH_SERVER,\n endpoints,\n nonce,\n challengeUrl,\n logoutUrl,\n scopes: scopes || DEFAULT_SCOPES,\n logoutRedirectUrl,\n }\n : null,\n [\n clientId,\n redirectUrl,\n oauthServer,\n endpoints,\n nonce,\n challengeUrl,\n logoutUrl,\n scopes,\n logoutRedirectUrl,\n ],\n );\n return (\n <CivicAuthConfigContext.Provider value={value}>\n {children}\n </CivicAuthConfigContext.Provider>\n );\n};\n\nexport { CivicAuthConfigProvider, CivicAuthConfigContext };\n"]}
|