@dofe/sso-browser 0.1.47 → 0.1.48
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/sso-session.d.ts.map +1 -1
- package/dist/sso-session.js.map +1 -1
- package/dist/token-manager.d.ts +123 -0
- package/dist/token-manager.d.ts.map +1 -0
- package/dist/token-manager.js +199 -0
- package/dist/token-manager.js.map +1 -0
- package/dist/use-sso-logout-sync.d.ts.map +1 -1
- package/dist/use-sso-logout-sync.js.map +1 -1
- package/package.json +1 -1
package/dist/index.d.ts
CHANGED
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,eAAe,CAAC;AAC9B,cAAc,uBAAuB,CAAC;AACtC,cAAc,iBAAiB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -16,4 +16,5 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
17
|
__exportStar(require("./sso-session"), exports);
|
|
18
18
|
__exportStar(require("./use-sso-logout-sync"), exports);
|
|
19
|
+
__exportStar(require("./token-manager"), exports);
|
|
19
20
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,gDAA8B;AAC9B,wDAAsC;AACtC,kDAAgC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sso-session.d.ts","sourceRoot":"","sources":["
|
|
1
|
+
{"version":3,"file":"sso-session.d.ts","sourceRoot":"","sources":["../src/sso-session.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH;;;GAGG;AACH,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,WAAW,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,mBAAmB;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,+DAA+D;IAC/D,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAID;;;;;;;GAOG;AACH,wBAAsB,eAAe,CACnC,MAAM,EAAE,gBAAgB,GACvB,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CA2BhC;AAED;;;;;;GAMG;AACH,wBAAgB,wBAAwB,CACtC,MAAM,EAAE,gBAAgB,GACvB,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAkDhC;AAED;;;;;GAKG;AACH,wBAAsB,uBAAuB,CAC3C,MAAM,EAAE,gBAAgB,GACvB,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAShC"}
|
package/dist/sso-session.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sso-session.js","sourceRoot":"","sources":["
|
|
1
|
+
{"version":3,"file":"sso-session.js","sourceRoot":"","sources":["../src/sso-session.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;AA6CH,0CA6BC;AASD,4DAoDC;AAQD,0DAWC;AAvHD,MAAM,kBAAkB,GAAG,IAAI,CAAC;AAEhC;;;;;;;GAOG;AACI,KAAK,UAAU,eAAe,CACnC,MAAwB;IAExB,MAAM,EAAE,UAAU,EAAE,SAAS,GAAG,kBAAkB,EAAE,GAAG,MAAM,CAAC;IAE9D,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,SAAS,CAAC,CAAC;IAEhE,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,eAAe,EAAE;YACpD,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,SAAS;YACtB,KAAK,EAAE,UAAU;YACjB,IAAI,EAAE,MAAM;YACZ,MAAM,EAAE,UAAU,CAAC,MAAM;SAC1B,CAAC,CAAC;QAEH,IAAI,CAAC,GAAG,CAAC,EAAE;YAAE,OAAO,IAAI,CAAC;QAEzB,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,IAAI,IAAI,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM;YAAE,OAAO,IAAI,CAAC;QAEvD,OAAO,IAAI,CAAC,IAAsB,CAAC;IACrC,CAAC;IAAC,MAAM,CAAC;QACP,uEAAuE;QACvE,OAAO,IAAI,CAAC;IACd,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,OAAO,CAAC,CAAC;IACxB,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,wBAAwB,CACtC,MAAwB;IAExB,MAAM,EAAE,UAAU,EAAE,SAAS,GAAG,kBAAkB,EAAE,GAAG,MAAM,CAAC;IAE9D,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,IAAI,OAAO,GAAG,KAAK,CAAC;QACpB,IAAI,MAAM,GAA6B,IAAI,CAAC;QAE5C,MAAM,MAAM,GAAG,CAAC,MAA6B,EAAE,EAAE;YAC/C,IAAI,OAAO;gBAAE,OAAO;YACpB,OAAO,GAAG,IAAI,CAAC;YACf,YAAY,CAAC,OAAO,CAAC,CAAC;YACtB,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YAC/C,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,OAAO,GAAG,IAAI,CAAC;gBACtB,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC;YACvB,CAAC;YACD,IAAI,CAAC;gBACH,IAAI,MAAM,EAAE,CAAC;oBACX,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;gBACpC,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,qBAAqB;YACvB,CAAC;YACD,OAAO,CAAC,MAAM,CAAC,CAAC;QAClB,CAAC,CAAC;QAEF,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,SAAS,CAAC,CAAC;QAE1D,MAAM,OAAO,GAAG,CAAC,KAAmB,EAAE,EAAE;YACtC,gEAAgE;YAChE,IAAI,KAAK,CAAC,MAAM,KAAK,UAAU;gBAAE,OAAO;YAExC,IAAI,KAAK,CAAC,IAAI,EAAE,IAAI,KAAK,yBAAyB,EAAE,CAAC;gBACnD,IAAI,KAAK,CAAC,IAAI,CAAC,aAAa,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBAChD,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAsB,CAAC,CAAC;gBAC5C,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,IAAI,CAAC,CAAC;gBACf,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAE5C,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;QAC1C,MAAM,CAAC,GAAG,GAAG,GAAG,UAAU,6BAA6B,kBAAkB,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACpG,MAAM,CAAC,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC;QAC9B,MAAM,CAAC,YAAY,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACI,KAAK,UAAU,uBAAuB,CAC3C,MAAwB;IAExB,mCAAmC;IACnC,MAAM,WAAW,GAAG,MAAM,eAAe,CAAC,MAAM,CAAC,CAAC;IAClD,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,8CAA8C;IAC9C,OAAO,wBAAwB,CAAC,MAAM,CAAC,CAAC;AAC1C,CAAC"}
|
|
@@ -0,0 +1,123 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Unified Token Manager for SSO/OIDC authentication.
|
|
3
|
+
*
|
|
4
|
+
* [SSO-LOGIN-REDESIGN] Phase 4 - TokenManager unification
|
|
5
|
+
* @see sso.dofe.ai/docs/0517/sso-login-redesign.md
|
|
6
|
+
*
|
|
7
|
+
* Provides a standardized interface for token operations across
|
|
8
|
+
* models.dofe.ai, agents.dofe.ai, and other subdomains.
|
|
9
|
+
*
|
|
10
|
+
* Design:
|
|
11
|
+
* - StorageAdapter: Abstracts localStorage/cookie operations (project-specific)
|
|
12
|
+
* - RefreshClient: Abstracts API calls (project-specific ts-rest client)
|
|
13
|
+
* - TokenManager: Core logic with deduplication queue and event system
|
|
14
|
+
*/
|
|
15
|
+
import type { UserInfo } from '@repo/contracts';
|
|
16
|
+
/**
|
|
17
|
+
* Token data structure stored in localStorage.
|
|
18
|
+
*/
|
|
19
|
+
export interface TokenData {
|
|
20
|
+
access: string;
|
|
21
|
+
accessExpire: number;
|
|
22
|
+
expire?: number;
|
|
23
|
+
}
|
|
24
|
+
/**
|
|
25
|
+
* Result from a successful token refresh.
|
|
26
|
+
*/
|
|
27
|
+
export interface TokenRefreshResult {
|
|
28
|
+
access: string;
|
|
29
|
+
accessExpire: number;
|
|
30
|
+
expire: number;
|
|
31
|
+
user: UserInfo;
|
|
32
|
+
}
|
|
33
|
+
/**
|
|
34
|
+
* Response from the refresh API endpoint.
|
|
35
|
+
*/
|
|
36
|
+
export interface RefreshApiResponse {
|
|
37
|
+
access_token: string;
|
|
38
|
+
refresh_token?: string;
|
|
39
|
+
expires_in: number;
|
|
40
|
+
user?: UserInfo;
|
|
41
|
+
}
|
|
42
|
+
/**
|
|
43
|
+
* Callback for token update events.
|
|
44
|
+
*/
|
|
45
|
+
export type TokenUpdateCallback = (data: TokenRefreshResult) => void;
|
|
46
|
+
/**
|
|
47
|
+
* Abstract interface for token storage operations.
|
|
48
|
+
* Each project implements its own adapter based on its storage strategy.
|
|
49
|
+
*
|
|
50
|
+
* models.dofe.ai: Stores access token in cookie for middleware + localStorage
|
|
51
|
+
* agents.dofe.ai: Stores token presence indicator in cookie + localStorage
|
|
52
|
+
*/
|
|
53
|
+
export interface StorageAdapter {
|
|
54
|
+
/** Get the current access token */
|
|
55
|
+
getAccessToken(): string | null;
|
|
56
|
+
/** Get full token data including expiry */
|
|
57
|
+
getTokens(): TokenData | null;
|
|
58
|
+
/** Store token data */
|
|
59
|
+
setTokens(tokens: TokenData): void;
|
|
60
|
+
/** Store user info */
|
|
61
|
+
setUser(user: UserInfo): void;
|
|
62
|
+
/** Get stored user info */
|
|
63
|
+
getUser(): UserInfo | null;
|
|
64
|
+
/** Clear all auth data */
|
|
65
|
+
clearAll(): void;
|
|
66
|
+
/** Check if access token is expired */
|
|
67
|
+
isTokenExpired(): boolean;
|
|
68
|
+
}
|
|
69
|
+
/**
|
|
70
|
+
* Abstract interface for token refresh API calls.
|
|
71
|
+
* Each project implements using its ts-rest client or direct fetch.
|
|
72
|
+
*/
|
|
73
|
+
export interface RefreshClient {
|
|
74
|
+
/** Call the OIDC refresh endpoint */
|
|
75
|
+
refreshToken(): Promise<RefreshApiResponse>;
|
|
76
|
+
/** Fetch current user info (optional, called after refresh) */
|
|
77
|
+
fetchUser?(): Promise<UserInfo | null>;
|
|
78
|
+
}
|
|
79
|
+
/**
|
|
80
|
+
* Unified Token Manager.
|
|
81
|
+
*
|
|
82
|
+
* Features:
|
|
83
|
+
* - Deduplication queue: Prevents concurrent refresh requests
|
|
84
|
+
* - Event system: Notify listeners when tokens are updated
|
|
85
|
+
* - Storage abstraction: Works with any project's storage implementation
|
|
86
|
+
* - API abstraction: Works with any project's API client
|
|
87
|
+
*/
|
|
88
|
+
export declare class TokenManager {
|
|
89
|
+
private refreshPromise;
|
|
90
|
+
private listeners;
|
|
91
|
+
private storage;
|
|
92
|
+
private apiClient;
|
|
93
|
+
constructor(storage: StorageAdapter, apiClient: RefreshClient);
|
|
94
|
+
/** Get current access token */
|
|
95
|
+
getToken(): string | null;
|
|
96
|
+
/** Check if token is expired */
|
|
97
|
+
isTokenExpired(): boolean;
|
|
98
|
+
/** Get stored user info */
|
|
99
|
+
getUser(): UserInfo | null;
|
|
100
|
+
/** Store login data */
|
|
101
|
+
setLoginData(access: string, accessExpire: number, expire: number, user: UserInfo): void;
|
|
102
|
+
/** Clear all auth data */
|
|
103
|
+
clearToken(): void;
|
|
104
|
+
/**
|
|
105
|
+
* Refresh the access token.
|
|
106
|
+
* Uses a promise queue to prevent concurrent refresh requests.
|
|
107
|
+
*/
|
|
108
|
+
refreshToken(): Promise<TokenRefreshResult>;
|
|
109
|
+
/**
|
|
110
|
+
* Ensure a valid token is available.
|
|
111
|
+
* Automatically refreshes if expired.
|
|
112
|
+
*/
|
|
113
|
+
ensureValidToken(): Promise<string>;
|
|
114
|
+
/** Subscribe to token update events */
|
|
115
|
+
onTokenUpdate(callback: TokenUpdateCallback): () => void;
|
|
116
|
+
private notify;
|
|
117
|
+
private doRefreshToken;
|
|
118
|
+
}
|
|
119
|
+
/**
|
|
120
|
+
* Create a TokenManager instance with project-specific adapters.
|
|
121
|
+
*/
|
|
122
|
+
export declare function createTokenManager(storage: StorageAdapter, apiClient: RefreshClient): TokenManager;
|
|
123
|
+
//# sourceMappingURL=token-manager.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-manager.d.ts","sourceRoot":"","sources":["../src/token-manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAIH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAMhD;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,QAAQ,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,CAAC,EAAE,QAAQ,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG,CAAC,IAAI,EAAE,kBAAkB,KAAK,IAAI,CAAC;AAMrE;;;;;;GAMG;AACH,MAAM,WAAW,cAAc;IAC7B,mCAAmC;IACnC,cAAc,IAAI,MAAM,GAAG,IAAI,CAAC;IAEhC,2CAA2C;IAC3C,SAAS,IAAI,SAAS,GAAG,IAAI,CAAC;IAE9B,uBAAuB;IACvB,SAAS,CAAC,MAAM,EAAE,SAAS,GAAG,IAAI,CAAC;IAEnC,sBAAsB;IACtB,OAAO,CAAC,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAC;IAE9B,2BAA2B;IAC3B,OAAO,IAAI,QAAQ,GAAG,IAAI,CAAC;IAE3B,0BAA0B;IAC1B,QAAQ,IAAI,IAAI,CAAC;IAEjB,uCAAuC;IACvC,cAAc,IAAI,OAAO,CAAC;CAC3B;AAMD;;;GAGG;AACH,MAAM,WAAW,aAAa;IAC5B,qCAAqC;IACrC,YAAY,IAAI,OAAO,CAAC,kBAAkB,CAAC,CAAC;IAE5C,+DAA+D;IAC/D,SAAS,CAAC,IAAI,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;CACxC;AAMD;;;;;;;;GAQG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,cAAc,CAA4C;IAClE,OAAO,CAAC,SAAS,CAAuC;IACxD,OAAO,CAAC,OAAO,CAAiB;IAChC,OAAO,CAAC,SAAS,CAAgB;gBAErB,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,aAAa;IAS7D,+BAA+B;IAC/B,QAAQ,IAAI,MAAM,GAAG,IAAI;IAIzB,gCAAgC;IAChC,cAAc,IAAI,OAAO;IAIzB,2BAA2B;IAC3B,OAAO,IAAI,QAAQ,GAAG,IAAI;IAQ1B,uBAAuB;IACvB,YAAY,CAAC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,GAAG,IAAI;IAcxF,0BAA0B;IAC1B,UAAU,IAAI,IAAI;IAQlB;;;OAGG;IACG,YAAY,IAAI,OAAO,CAAC,kBAAkB,CAAC;IAajD;;;OAGG;IACG,gBAAgB,IAAI,OAAO,CAAC,MAAM,CAAC;IA0BzC,uCAAuC;IACvC,aAAa,CAAC,QAAQ,EAAE,mBAAmB,GAAG,MAAM,IAAI;IASxD,OAAO,CAAC,MAAM;YAUA,cAAc;CAsD7B;AAMD;;GAEG;AACH,wBAAgB,kBAAkB,CAChC,OAAO,EAAE,cAAc,EACvB,SAAS,EAAE,aAAa,GACvB,YAAY,CAEd"}
|
|
@@ -0,0 +1,199 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Unified Token Manager for SSO/OIDC authentication.
|
|
3
|
+
*
|
|
4
|
+
* [SSO-LOGIN-REDESIGN] Phase 4 - TokenManager unification
|
|
5
|
+
* @see sso.dofe.ai/docs/0517/sso-login-redesign.md
|
|
6
|
+
*
|
|
7
|
+
* Provides a standardized interface for token operations across
|
|
8
|
+
* models.dofe.ai, agents.dofe.ai, and other subdomains.
|
|
9
|
+
*
|
|
10
|
+
* Design:
|
|
11
|
+
* - StorageAdapter: Abstracts localStorage/cookie operations (project-specific)
|
|
12
|
+
* - RefreshClient: Abstracts API calls (project-specific ts-rest client)
|
|
13
|
+
* - TokenManager: Core logic with deduplication queue and event system
|
|
14
|
+
*/
|
|
15
|
+
'use client';
|
|
16
|
+
"use strict";
|
|
17
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
18
|
+
exports.TokenManager = void 0;
|
|
19
|
+
exports.createTokenManager = createTokenManager;
|
|
20
|
+
// ============================================================================
|
|
21
|
+
// TokenManager (Core Implementation)
|
|
22
|
+
// ============================================================================
|
|
23
|
+
/**
|
|
24
|
+
* Unified Token Manager.
|
|
25
|
+
*
|
|
26
|
+
* Features:
|
|
27
|
+
* - Deduplication queue: Prevents concurrent refresh requests
|
|
28
|
+
* - Event system: Notify listeners when tokens are updated
|
|
29
|
+
* - Storage abstraction: Works with any project's storage implementation
|
|
30
|
+
* - API abstraction: Works with any project's API client
|
|
31
|
+
*/
|
|
32
|
+
class TokenManager {
|
|
33
|
+
refreshPromise = null;
|
|
34
|
+
listeners = new Set();
|
|
35
|
+
storage;
|
|
36
|
+
apiClient;
|
|
37
|
+
constructor(storage, apiClient) {
|
|
38
|
+
this.storage = storage;
|
|
39
|
+
this.apiClient = apiClient;
|
|
40
|
+
}
|
|
41
|
+
// ---------------------------------------------------------------------------
|
|
42
|
+
// Read operations
|
|
43
|
+
// ---------------------------------------------------------------------------
|
|
44
|
+
/** Get current access token */
|
|
45
|
+
getToken() {
|
|
46
|
+
return this.storage.getAccessToken();
|
|
47
|
+
}
|
|
48
|
+
/** Check if token is expired */
|
|
49
|
+
isTokenExpired() {
|
|
50
|
+
return this.storage.isTokenExpired();
|
|
51
|
+
}
|
|
52
|
+
/** Get stored user info */
|
|
53
|
+
getUser() {
|
|
54
|
+
return this.storage.getUser();
|
|
55
|
+
}
|
|
56
|
+
// ---------------------------------------------------------------------------
|
|
57
|
+
// Write operations
|
|
58
|
+
// ---------------------------------------------------------------------------
|
|
59
|
+
/** Store login data */
|
|
60
|
+
setLoginData(access, accessExpire, expire, user) {
|
|
61
|
+
if (typeof window === 'undefined')
|
|
62
|
+
return;
|
|
63
|
+
this.storage.setTokens({ access, accessExpire, expire });
|
|
64
|
+
this.storage.setUser(user);
|
|
65
|
+
this.notify({
|
|
66
|
+
access,
|
|
67
|
+
accessExpire,
|
|
68
|
+
expire,
|
|
69
|
+
user,
|
|
70
|
+
});
|
|
71
|
+
}
|
|
72
|
+
/** Clear all auth data */
|
|
73
|
+
clearToken() {
|
|
74
|
+
this.storage.clearAll();
|
|
75
|
+
}
|
|
76
|
+
// ---------------------------------------------------------------------------
|
|
77
|
+
// Token refresh (with deduplication queue)
|
|
78
|
+
// ---------------------------------------------------------------------------
|
|
79
|
+
/**
|
|
80
|
+
* Refresh the access token.
|
|
81
|
+
* Uses a promise queue to prevent concurrent refresh requests.
|
|
82
|
+
*/
|
|
83
|
+
async refreshToken() {
|
|
84
|
+
// Deduplication: Return existing promise if refresh is in progress
|
|
85
|
+
if (this.refreshPromise) {
|
|
86
|
+
return this.refreshPromise;
|
|
87
|
+
}
|
|
88
|
+
this.refreshPromise = this.doRefreshToken().finally(() => {
|
|
89
|
+
this.refreshPromise = null;
|
|
90
|
+
});
|
|
91
|
+
return this.refreshPromise;
|
|
92
|
+
}
|
|
93
|
+
/**
|
|
94
|
+
* Ensure a valid token is available.
|
|
95
|
+
* Automatically refreshes if expired.
|
|
96
|
+
*/
|
|
97
|
+
async ensureValidToken() {
|
|
98
|
+
const token = this.getToken();
|
|
99
|
+
if (!token) {
|
|
100
|
+
throw new Error('Not authenticated');
|
|
101
|
+
}
|
|
102
|
+
if (this.isTokenExpired()) {
|
|
103
|
+
try {
|
|
104
|
+
await this.refreshToken();
|
|
105
|
+
const newToken = this.getToken();
|
|
106
|
+
if (!newToken) {
|
|
107
|
+
throw new Error('Token refresh produced no token');
|
|
108
|
+
}
|
|
109
|
+
return newToken;
|
|
110
|
+
}
|
|
111
|
+
catch {
|
|
112
|
+
throw new Error('Token expired, please re-login');
|
|
113
|
+
}
|
|
114
|
+
}
|
|
115
|
+
return token;
|
|
116
|
+
}
|
|
117
|
+
// ---------------------------------------------------------------------------
|
|
118
|
+
// Event subscription
|
|
119
|
+
// ---------------------------------------------------------------------------
|
|
120
|
+
/** Subscribe to token update events */
|
|
121
|
+
onTokenUpdate(callback) {
|
|
122
|
+
this.listeners.add(callback);
|
|
123
|
+
return () => this.listeners.delete(callback);
|
|
124
|
+
}
|
|
125
|
+
// ---------------------------------------------------------------------------
|
|
126
|
+
// Internal
|
|
127
|
+
// ---------------------------------------------------------------------------
|
|
128
|
+
notify(data) {
|
|
129
|
+
for (const cb of this.listeners) {
|
|
130
|
+
try {
|
|
131
|
+
cb(data);
|
|
132
|
+
}
|
|
133
|
+
catch {
|
|
134
|
+
// Listener errors should not break others
|
|
135
|
+
}
|
|
136
|
+
}
|
|
137
|
+
}
|
|
138
|
+
async doRefreshToken() {
|
|
139
|
+
// Call the refresh API (refresh_token is sent via HttpOnly cookie)
|
|
140
|
+
const response = await this.apiClient.refreshToken();
|
|
141
|
+
if (!response.access_token) {
|
|
142
|
+
throw new Error('No access token in refresh response');
|
|
143
|
+
}
|
|
144
|
+
const now = Date.now();
|
|
145
|
+
const expiresInMs = (response.expires_in || 3600) * 1000;
|
|
146
|
+
const expire = now + 30 * 24 * 60 * 60 * 1000; // 30 days
|
|
147
|
+
// Store tokens
|
|
148
|
+
this.storage.setTokens({
|
|
149
|
+
access: response.access_token,
|
|
150
|
+
accessExpire: now + expiresInMs,
|
|
151
|
+
expire,
|
|
152
|
+
});
|
|
153
|
+
// Fetch user info if available
|
|
154
|
+
let user = this.storage.getUser();
|
|
155
|
+
if (this.apiClient.fetchUser) {
|
|
156
|
+
try {
|
|
157
|
+
const fetchedUser = await this.apiClient.fetchUser();
|
|
158
|
+
if (fetchedUser) {
|
|
159
|
+
user = fetchedUser;
|
|
160
|
+
this.storage.setUser(user);
|
|
161
|
+
}
|
|
162
|
+
}
|
|
163
|
+
catch {
|
|
164
|
+
// Keep existing user if fetch fails
|
|
165
|
+
}
|
|
166
|
+
}
|
|
167
|
+
else if (response.user) {
|
|
168
|
+
user = response.user;
|
|
169
|
+
this.storage.setUser(user);
|
|
170
|
+
}
|
|
171
|
+
const result = {
|
|
172
|
+
access: response.access_token,
|
|
173
|
+
accessExpire: now + expiresInMs,
|
|
174
|
+
expire,
|
|
175
|
+
user: user ?? {
|
|
176
|
+
id: '',
|
|
177
|
+
nickname: null,
|
|
178
|
+
code: null,
|
|
179
|
+
headerImg: null,
|
|
180
|
+
sex: null,
|
|
181
|
+
isAnonymity: false,
|
|
182
|
+
isAdmin: false,
|
|
183
|
+
},
|
|
184
|
+
};
|
|
185
|
+
this.notify(result);
|
|
186
|
+
return result;
|
|
187
|
+
}
|
|
188
|
+
}
|
|
189
|
+
exports.TokenManager = TokenManager;
|
|
190
|
+
// ============================================================================
|
|
191
|
+
// Factory function for creating project-specific instances
|
|
192
|
+
// ============================================================================
|
|
193
|
+
/**
|
|
194
|
+
* Create a TokenManager instance with project-specific adapters.
|
|
195
|
+
*/
|
|
196
|
+
function createTokenManager(storage, apiClient) {
|
|
197
|
+
return new TokenManager(storage, apiClient);
|
|
198
|
+
}
|
|
199
|
+
//# sourceMappingURL=token-manager.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-manager.js","sourceRoot":"","sources":["../src/token-manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,YAAY,CAAC;;;;AAqSb,gDAKC;AA9MD,+EAA+E;AAC/E,qCAAqC;AACrC,+EAA+E;AAE/E;;;;;;;;GAQG;AACH,MAAa,YAAY;IACf,cAAc,GAAuC,IAAI,CAAC;IAC1D,SAAS,GAA6B,IAAI,GAAG,EAAE,CAAC;IAChD,OAAO,CAAiB;IACxB,SAAS,CAAgB;IAEjC,YAAY,OAAuB,EAAE,SAAwB;QAC3D,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;IAED,8EAA8E;IAC9E,kBAAkB;IAClB,8EAA8E;IAE9E,+BAA+B;IAC/B,QAAQ;QACN,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;IACvC,CAAC;IAED,gCAAgC;IAChC,cAAc;QACZ,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;IACvC,CAAC;IAED,2BAA2B;IAC3B,OAAO;QACL,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;IAChC,CAAC;IAED,8EAA8E;IAC9E,mBAAmB;IACnB,8EAA8E;IAE9E,uBAAuB;IACvB,YAAY,CAAC,MAAc,EAAE,YAAoB,EAAE,MAAc,EAAE,IAAc;QAC/E,IAAI,OAAO,MAAM,KAAK,WAAW;YAAE,OAAO;QAE1C,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,CAAC;QACzD,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAE3B,IAAI,CAAC,MAAM,CAAC;YACV,MAAM;YACN,YAAY;YACZ,MAAM;YACN,IAAI;SACL,CAAC,CAAC;IACL,CAAC;IAED,0BAA0B;IAC1B,UAAU;QACR,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;IAC1B,CAAC;IAED,8EAA8E;IAC9E,2CAA2C;IAC3C,8EAA8E;IAE9E;;;OAGG;IACH,KAAK,CAAC,YAAY;QAChB,mEAAmE;QACnE,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC,cAAc,CAAC;QAC7B,CAAC;QAED,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE;YACvD,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC7B,CAAC,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,gBAAgB;QACpB,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC9B,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACvC,CAAC;QAED,IAAI,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC;YAC1B,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;gBAC1B,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACjC,IAAI,CAAC,QAAQ,EAAE,CAAC;oBACd,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;gBACrD,CAAC;gBACD,OAAO,QAAQ,CAAC;YAClB,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;YACpD,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED,8EAA8E;IAC9E,qBAAqB;IACrB,8EAA8E;IAE9E,uCAAuC;IACvC,aAAa,CAAC,QAA6B;QACzC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC7B,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC/C,CAAC;IAED,8EAA8E;IAC9E,WAAW;IACX,8EAA8E;IAEtE,MAAM,CAAC,IAAwB;QACrC,KAAK,MAAM,EAAE,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YAChC,IAAI,CAAC;gBACH,EAAE,CAAC,IAAI,CAAC,CAAC;YACX,CAAC;YAAC,MAAM,CAAC;gBACP,0CAA0C;YAC5C,CAAC;QACH,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,cAAc;QAC1B,mEAAmE;QACnE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,CAAC;QAErD,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,WAAW,GAAG,CAAC,QAAQ,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,IAAI,CAAC;QACzD,MAAM,MAAM,GAAG,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,UAAU;QAEzD,eAAe;QACf,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC;YACrB,MAAM,EAAE,QAAQ,CAAC,YAAY;YAC7B,YAAY,EAAE,GAAG,GAAG,WAAW;YAC/B,MAAM;SACP,CAAC,CAAC;QAEH,+BAA+B;QAC/B,IAAI,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;QAClC,IAAI,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;YAC7B,IAAI,CAAC;gBACH,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;gBACrD,IAAI,WAAW,EAAE,CAAC;oBAChB,IAAI,GAAG,WAAW,CAAC;oBACnB,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;gBAC7B,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,oCAAoC;YACtC,CAAC;QACH,CAAC;aAAM,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;YACzB,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;YACrB,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAC7B,CAAC;QAED,MAAM,MAAM,GAAuB;YACjC,MAAM,EAAE,QAAQ,CAAC,YAAY;YAC7B,YAAY,EAAE,GAAG,GAAG,WAAW;YAC/B,MAAM;YACN,IAAI,EAAE,IAAI,IAAI;gBACZ,EAAE,EAAE,EAAE;gBACN,QAAQ,EAAE,IAAI;gBACd,IAAI,EAAE,IAAI;gBACV,SAAS,EAAE,IAAI;gBACf,GAAG,EAAE,IAAI;gBACT,WAAW,EAAE,KAAK;gBAClB,OAAO,EAAE,KAAK;aACf;SACF,CAAC;QAEF,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACpB,OAAO,MAAM,CAAC;IAChB,CAAC;CACF;AAnLD,oCAmLC;AAED,+EAA+E;AAC/E,2DAA2D;AAC3D,+EAA+E;AAE/E;;GAEG;AACH,SAAgB,kBAAkB,CAChC,OAAuB,EACvB,SAAwB;IAExB,OAAO,IAAI,YAAY,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;AAC9C,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"use-sso-logout-sync.d.ts","sourceRoot":"","sources":["
|
|
1
|
+
{"version":3,"file":"use-sso-logout-sync.d.ts","sourceRoot":"","sources":["../src/use-sso-logout-sync.ts"],"names":[],"mappings":"AAOA,MAAM,WAAW,oBAAoB;IACnC,2EAA2E;IAC3E,SAAS,EAAE,MAAM,IAAI,CAAC;IACtB,wEAAwE;IACxE,YAAY,EAAE,MAAM,MAAM,CAAC;IAC3B,8FAA8F;IAC9F,YAAY,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,CAAC;IACrC,wDAAwD;IACxD,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,mDAAmD;IACnD,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,oBAAoB;;EAyE7D"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"use-sso-logout-sync.js","sourceRoot":"","sources":["
|
|
1
|
+
{"version":3,"file":"use-sso-logout-sync.js","sourceRoot":"","sources":["../src/use-sso-logout-sync.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;;;AAgCb,4CAyEC;AAvGD,iCAAuD;AAEvD,MAAM,oBAAoB,GAAG,gBAAgB,CAAC;AAC9C,MAAM,mBAAmB,GAAG,IAAI,CAAC;AAejC;;;;;;;;;;;GAWG;AACH,SAAgB,gBAAgB,CAAC,OAA6B;IAC5D,MAAM,EACJ,SAAS,EACT,YAAY,EACZ,YAAY,EACZ,WAAW,GAAG,oBAAoB,EAClC,UAAU,GAAG,mBAAmB,GACjC,GAAG,OAAO,CAAC;IAEZ,MAAM,YAAY,GAAG,IAAA,cAAM,EAAS,CAAC,CAAC,CAAC;IACvC,MAAM,cAAc,GAAG,IAAA,cAAM,EAAU,KAAK,CAAC,CAAC;IAE9C,MAAM,oBAAoB,GAAG,IAAA,mBAAW,EAAC,GAAG,EAAE;QAC5C,SAAS,EAAE,CAAC;QACZ,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC,CAAC;IAC1C,CAAC,EAAE,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC,CAAC;IAE9B,MAAM,eAAe,GAAG,IAAA,mBAAW,EAAC,GAAG,EAAE;QACvC,cAAc,CAAC,OAAO,GAAG,IAAI,CAAC;QAC9B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,gBAAgB,CAAC,WAAW,CAAC,CAAC;YAClD,OAAO,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACxD,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,CAAC;QAAC,MAAM,CAAC;YACP,iCAAiC;QACnC,CAAC;IACH,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;IAElB,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,IAAI,OAAO,GAA4B,IAAI,CAAC;QAE5C,IAAI,CAAC;YACH,OAAO,GAAG,IAAI,gBAAgB,CAAC,WAAW,CAAC,CAAC;YAE5C,OAAO,CAAC,SAAS,GAAG,CAAC,KAAmB,EAAE,EAAE;gBAC1C,mCAAmC;gBACnC,IAAI,cAAc,CAAC,OAAO;oBAAE,OAAO;gBACnC,IAAI,KAAK,CAAC,IAAI,EAAE,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAClC,oBAAoB,EAAE,CAAC;gBACzB,CAAC;YACH,CAAC,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,iCAAiC;QACnC,CAAC;QAED;;;WAGG;QACH,MAAM,sBAAsB,GAAG,KAAK,IAAI,EAAE;YACxC,IAAI,QAAQ,CAAC,eAAe,KAAK,SAAS;gBAAE,OAAO;YAEnD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,GAAG,GAAG,YAAY,CAAC,OAAO,GAAG,UAAU;gBAAE,OAAO;YACpD,YAAY,CAAC,OAAO,GAAG,GAAG,CAAC;YAE3B,MAAM,UAAU,GAAG,MAAM,YAAY,EAAE,CAAC;YACxC,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,oBAAoB,EAAE,CAAC;YACzB,CAAC;QACH,CAAC,CAAC;QAEF,QAAQ,CAAC,gBAAgB,CAAC,kBAAkB,EAAE,sBAAsB,CAAC,CAAC;QAEtE,OAAO,GAAG,EAAE;YACV,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,KAAK,EAAE,CAAC;YAClB,CAAC;YACD,QAAQ,CAAC,mBAAmB,CAAC,kBAAkB,EAAE,sBAAsB,CAAC,CAAC;QAC3E,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,SAAS,EAAE,YAAY,EAAE,YAAY,EAAE,WAAW,EAAE,UAAU,EAAE,oBAAoB,CAAC,CAAC,CAAC;IAE3F,OAAO,EAAE,eAAe,EAAE,CAAC;AAC7B,CAAC"}
|