@evoke-platform/context 1.3.0-dev.4 → 1.3.0-dev.5

package/dist/authentication/AuthenticationContextProvider.d.ts

@@ -11,7 +11,7 @@ export type UserAccount = {
     name?: string;
 };
 export type AuthenticationContextProviderProps = {
-    msal: IMsalContext;
+    msal?: IMsalContext;
     authRequest: AuthenticationRequest;
     children?: ReactNode;
 };

package/dist/authentication/AuthenticationContextProvider.js

@@ -9,11 +9,25 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 import { jsx as _jsx } from "react/jsx-runtime";
 import { createContext, useCallback, useContext, useMemo } from 'react';
+import { useAuth } from 'react-oidc-context';
 const Context = createContext(undefined);
 Context.displayName = 'AuthenticationContext';
 function AuthenticationContextProvider(props) {
+    // Auto-detect provider type based on presence of msal prop
+    if (props.msal) {
+        const { msal, authRequest, children } = props;
+        return (_jsx(MsalProvider, { msal: msal, authRequest: authRequest, children: children }));
+    }
+    else {
+        const { authRequest, children } = props;
+        return _jsx(OidcProvider, { authRequest: authRequest, children: children });
+    }
+}
+function MsalProvider({ msal, authRequest, children }) {
     var _a;
-    const { msal, authRequest, children } = props;
+    if (!msal) {
+        throw new Error('MSAL instance is required for MsalProvider');
+    }
     const account = (_a = msal.instance.getActiveAccount()) !== null && _a !== void 0 ? _a : msal.instance.getAllAccounts()[0];
     const getAccessToken = useCallback(function () {
         return __awaiter(this, void 0, void 0, function* () {
@@ -26,7 +40,7 @@ function AuthenticationContextProvider(props) {
                 return '';
             }
         });
-    }, [msal, authRequest]);
+    }, [msal, authRequest, account]);
     const context = useMemo(() => account
         ? {
             account: { id: account.localAccountId, name: account.name },
@@ -38,7 +52,58 @@ function AuthenticationContextProvider(props) {
             },
             getAccessToken,
         }
-        : undefined, [account, msal, getAccessToken]);
+        : undefined, [account, msal, getAccessToken, authRequest]);
+    return _jsx(Context.Provider, { value: context, children: children });
+}
+function OidcProvider({ authRequest, children }) {
+    var _a, _b;
+    // The authRequest for react-oidc is formatted slightly differently than msal.
+    const oidcAuthRequest = {
+        scope: (_b = (_a = authRequest.scopes) === null || _a === void 0 ? void 0 : _a.join(' ')) !== null && _b !== void 0 ? _b : 'openid profile email',
+        extraQueryParams: authRequest.extraQueryParameters,
+        state: authRequest.state,
+    };
+    const auth = useAuth();
+    const getAccessToken = useCallback(function () {
+        var _a, _b;
+        return __awaiter(this, void 0, void 0, function* () {
+            try {
+                // With automaticSilentRenew: true, oidc-client-ts will attempt to renew the token in the background before it expires.
+                // However, this is not guaranteed to be perfectly in sync with your API calls. Always check for expiration here and call signinSilent if needed
+                // to ensure you get a valid token on demand.
+                if (((_a = auth.user) === null || _a === void 0 ? void 0 : _a.access_token) && !auth.user.expired) {
+                    return auth.user.access_token;
+                }
+                // Token is either missing or expired - attempt silent refresh.
+                const user = yield auth.signinSilent(oidcAuthRequest);
+                // If signinSilent returns null, it means silent login failed
+                if (!user) {
+                    console.log('Silent login failed, redirecting to login');
+                    auth.signinRedirect(oidcAuthRequest);
+                    return '';
+                }
+                return ((_b = auth.user) === null || _b === void 0 ? void 0 : _b.access_token) || '';
+            }
+            catch (error) {
+                console.error('Failed to get access token:', error);
+                // If silent refresh throws an error (e.g., network failure, missing silent_redirect_uri,
+                // invalid session, refresh token expired, or provider returned an error), redirect to login
+                auth.signinRedirect(oidcAuthRequest);
+                return '';
+            }
+        });
+    }, [auth, authRequest]);
+    const context = useMemo(() => auth.isAuthenticated && auth.user
+        ? {
+            account: { id: auth.user.profile.sub, name: auth.user.profile.name },
+            logout: () => {
+                auth.signoutRedirect({
+                    post_logout_redirect_uri: `/logout?p=${encodeURIComponent(window.location.pathname + window.location.search)}`,
+                });
+            },
+            getAccessToken,
+        }
+        : undefined, [auth, getAccessToken]);
     return _jsx(Context.Provider, { value: context, children: children });
 }
 export function useAuthenticationContext() {

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@evoke-platform/context",
-    "version": "1.3.0-dev.4",
+    "version": "1.3.0-dev.5",
     "description": "Utilities that provide context to Evoke platform widgets",
     "main": "dist/index.js",
     "types": "dist/index.d.ts",
@@ -56,6 +56,7 @@
         "msw": "^1.3.1",
         "react": "^18.2.0",
         "react-dom": "^18.3.1",
+        "react-oidc-context": "^2.4.0",
         "react-router-dom": "^6.16.0",
         "sinon": "^18.0.0",
         "typescript": "^5.3.3"
@@ -64,12 +65,14 @@
         "@azure/msal-browser": ">=2",
         "@azure/msal-react": ">=1",
         "react": ">=18",
+        "react-oidc-context": ">=2",
         "react-router-dom": ">=6"
     },
     "dependencies": {
         "@isaacs/ttlcache": "^1.4.1",
         "@microsoft/signalr": "^7.0.12",
         "axios": "^1.7.9",
+        "oidc-client-ts": "^3.3.0",
         "uuid": "^9.0.1"
     }
 }