@evoke-platform/context 1.2.0 → 1.3.0-dev.10

package/README.md

@@ -17,6 +17,7 @@ available and no further installation is necessary.
 
 -   [Working With Objects](#working-with-objects)
 -   [REST API Calls](#rest-api-calls)
+-   [Authentication Context](#authentication-context)
 -   [Notifications](#notifications)
 
 ### Working With Objects
@@ -222,6 +223,25 @@ absolute URL.
 
 ##### `delete(url, options)`
 
+### Authentication Context
+
+-   [useAuthenticationContext](#useauthenticationcontext)
+
+#### `useAuthenticationContext()`
+
+Hook to obtain the authentication context based on the current logged-in user.
+
+The authentication context includes the following property and functions.
+
+-   `account` _[object]_
+    -   The account of the currently logged-in user. This includes both the user's `id` and `name`.
+-   `logout()`
+    -   A function that logs out the currently logged-in user. The user will be redirected to Evoke's logout page upon logout.
+-   `getAccessToken()`
+    -   A function that returns an access token that is associated to the currently logged-in user. This token can be used to make API calls to Evoke's APIs to authenticate the API call.
+    -   Note: As a general recommendation, the [ApiService](#class-apiservices) class should be used to make API calls as it will take care
+        of appending an access token to the call.
+
 ### Notifications
 
 -   [useNofitication](#usenotification)

package/dist/app/AppProvider.d.ts

@@ -30,6 +30,8 @@ export type Widget = {
     pluginId: string;
     widgetKey: string;
     colSpan: number;
+    isSticky?: boolean;
+    noPadding?: boolean;
     properties: Record<string, unknown>;
 };
 export type NavigationLocation = 'side' | 'top' | 'none';

package/dist/authentication/AuthenticationContextProvider.d.ts

@@ -9,9 +9,11 @@ export type AuthenticationContext = {
 export type UserAccount = {
     id: string;
     name?: string;
+    lastLoginTime?: number;
+    activeMfaSession?: boolean;
 };
 export type AuthenticationContextProviderProps = {
-    msal: IMsalContext;
+    msal?: IMsalContext;
     authRequest: AuthenticationRequest;
     children?: ReactNode;
 };

package/dist/authentication/AuthenticationContextProvider.js

@@ -9,11 +9,25 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 import { jsx as _jsx } from "react/jsx-runtime";
 import { createContext, useCallback, useContext, useMemo } from 'react';
+import { useAuth } from 'react-oidc-context';
 const Context = createContext(undefined);
 Context.displayName = 'AuthenticationContext';
 function AuthenticationContextProvider(props) {
+    // Auto-detect provider type based on presence of msal prop
+    if (props.msal) {
+        const { msal, authRequest, children } = props;
+        return (_jsx(MsalProvider, { msal: msal, authRequest: authRequest, children: children }));
+    }
+    else {
+        const { authRequest, children } = props;
+        return _jsx(OidcProvider, { authRequest: authRequest, children: children });
+    }
+}
+function MsalProvider({ msal, authRequest, children }) {
     var _a;
-    const { msal, authRequest, children } = props;
+    if (!msal) {
+        throw new Error('MSAL instance is required for MsalProvider');
+    }
     const account = (_a = msal.instance.getActiveAccount()) !== null && _a !== void 0 ? _a : msal.instance.getAllAccounts()[0];
     const getAccessToken = useCallback(function () {
         return __awaiter(this, void 0, void 0, function* () {
@@ -26,19 +40,87 @@ function AuthenticationContextProvider(props) {
                 return '';
             }
         });
-    }, [msal, authRequest]);
-    const context = useMemo(() => account
-        ? {
-            account: { id: account.localAccountId, name: account.name },
-            logout: () => {
-                msal.instance.logoutRedirect({
-                    account,
-                    postLogoutRedirectUri: `/logout?p=${encodeURIComponent(window.location.pathname + window.location.search)}`,
-                });
-            },
-            getAccessToken,
-        }
-        : undefined, [account, msal, getAccessToken]);
+    }, [msal, authRequest, account]);
+    const context = useMemo(() => {
+        var _a, _b;
+        return account
+            ? {
+                account: {
+                    id: account.localAccountId,
+                    name: account.name,
+                    lastLoginTime: (_a = account.idTokenClaims) === null || _a === void 0 ? void 0 : _a.last_login_time,
+                    activeMfaSession: Boolean((_b = account.idTokenClaims) === null || _b === void 0 ? void 0 : _b.active_mfa_session),
+                },
+                logout: () => {
+                    msal.instance.logoutRedirect({
+                        account,
+                        postLogoutRedirectUri: `/logout?p=${encodeURIComponent(window.location.pathname + window.location.search)}`,
+                    });
+                },
+                getAccessToken,
+            }
+            : undefined;
+    }, [account, msal, getAccessToken, authRequest]);
+    return _jsx(Context.Provider, { value: context, children: children });
+}
+function OidcProvider({ authRequest, children }) {
+    var _a, _b;
+    // The authRequest for react-oidc is formatted slightly differently than msal.
+    const oidcAuthRequest = {
+        scope: (_b = (_a = authRequest.scopes) === null || _a === void 0 ? void 0 : _a.join(' ')) !== null && _b !== void 0 ? _b : 'openid profile email',
+        extraQueryParams: authRequest.extraQueryParameters,
+        state: authRequest.state,
+    };
+    const auth = useAuth();
+    const getAccessToken = useCallback(function () {
+        var _a, _b;
+        return __awaiter(this, void 0, void 0, function* () {
+            try {
+                // With automaticSilentRenew: true, oidc-client-ts will attempt to renew the token in the background before it expires.
+                // However, this is not guaranteed to be perfectly in sync with your API calls. Always check for expiration here and call signinSilent if needed
+                // to ensure you get a valid token on demand.
+                if (((_a = auth.user) === null || _a === void 0 ? void 0 : _a.access_token) && !auth.user.expired) {
+                    return auth.user.access_token;
+                }
+                // Token is either missing or expired - attempt silent refresh.
+                const user = yield auth.signinSilent(oidcAuthRequest);
+                // If signinSilent returns null, it means silent login failed
+                if (!user) {
+                    console.log('Silent login failed, redirecting to login');
+                    auth.signinRedirect(oidcAuthRequest);
+                    return '';
+                }
+                return ((_b = auth.user) === null || _b === void 0 ? void 0 : _b.access_token) || '';
+            }
+            catch (error) {
+                console.error('Failed to get access token:', error);
+                // If silent refresh throws an error (e.g., network failure, missing silent_redirect_uri,
+                // invalid session, refresh token expired, or provider returned an error), redirect to login
+                auth.signinRedirect(oidcAuthRequest);
+                return '';
+            }
+        });
+    }, [auth, authRequest]);
+    const context = useMemo(() => {
+        var _a, _b, _c;
+        return auth.isAuthenticated && auth.user
+            ? {
+                account: {
+                    id: auth.user.profile.sub,
+                    name: (_a = auth.user.profile.name) !== null && _a !== void 0 ? _a : (`${(_b = auth.user.profile.given_name) !== null && _b !== void 0 ? _b : ''} ${(_c = auth.user.profile.family_name) !== null && _c !== void 0 ? _c : ''}` ||
+                        undefined),
+                    lastLoginTime: auth.user.profile.lastLoginTime,
+                },
+                logout: () => {
+                    auth.signoutRedirect({
+                        // Fusion auth requires an absolute url.
+                        post_logout_redirect_uri: `${window.location.origin}/logout`,
+                    });
+                },
+                getAccessToken,
+            }
+            : undefined;
+    }, [auth, getAccessToken]);
     return _jsx(Context.Provider, { value: context, children: children });
 }
 export function useAuthenticationContext() {

package/dist/objects/objects.d.ts

@@ -1,5 +1,8 @@
 import { ApiServices, Callback } from '../api/index.js';
 import { Filter } from './filters.js';
+export type EvokeFormDisplayConfiguration = {
+    submitLabel?: string;
+};
 export type EvokeForm = {
     id: string;
     name: string;
@@ -8,6 +11,7 @@ export type EvokeForm = {
     formObjectId?: string;
     actionId?: string;
     autosaveActionId?: string;
+    display?: EvokeFormDisplayConfiguration;
 };
 export type BaseObjReference = {
     objectId: string;
@@ -90,6 +94,7 @@ export type Property = {
     name: string;
     type: PropertyType;
     enum?: string[];
+    strictlyTrue?: boolean;
     nonStrictEnum?: boolean;
     objectId?: string;
     relatedPropertyId?: string;
@@ -108,12 +113,14 @@ export type InputStringValidation = StringValidation & {
     maxLength?: number;
     mask?: string;
 };
+export type BasicInputParameter = Omit<InputParameter, 'name' | 'required'>;
 export type InputParameter = {
     id: string;
     name?: string;
     type: PropertyType;
     required?: boolean;
     enum?: string[];
+    strictlyTrue?: boolean;
     nonStrictEnum?: boolean;
     validation?: PropertyValidation | InputStringValidation;
     objectId?: string;
@@ -128,6 +135,7 @@ export type Action = {
     inputProperties?: ActionInput[];
     parameters?: InputParameter[];
     form?: Form;
+    defaultFormId?: string;
     customCode?: string;
     preconditions?: object;
 };
@@ -223,7 +231,7 @@ export type ReadonlyField = {
 };
 export type InputField = {
     type: 'inputField';
-    input: InputParameter;
+    input: BasicInputParameter;
     display?: DisplayConfiguration;
     documentMetadata?: Record<string, string>;
 };

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@evoke-platform/context",
-    "version": "1.2.0",
+    "version": "1.3.0-dev.10",
     "description": "Utilities that provide context to Evoke platform widgets",
     "main": "dist/index.js",
     "types": "dist/index.d.ts",
@@ -56,6 +56,7 @@
         "msw": "^1.3.1",
         "react": "^18.2.0",
         "react-dom": "^18.3.1",
+        "react-oidc-context": "^2.4.0",
         "react-router-dom": "^6.16.0",
         "sinon": "^18.0.0",
         "typescript": "^5.3.3"
@@ -64,12 +65,14 @@
         "@azure/msal-browser": ">=2",
         "@azure/msal-react": ">=1",
         "react": ">=18",
+        "react-oidc-context": ">=2",
         "react-router-dom": ">=6"
     },
     "dependencies": {
         "@isaacs/ttlcache": "^1.4.1",
         "@microsoft/signalr": "^7.0.12",
         "axios": "^1.7.9",
+        "oidc-client-ts": "^3.3.0",
         "uuid": "^9.0.1"
     }
 }