@forgerock/oidc-client 0.0.0-beta-20250617173233 → 0.0.0-beta-20250825180717
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +21 -0
- package/dist/src/index.d.ts +1 -1
- package/dist/src/index.d.ts.map +1 -1
- package/dist/src/index.js +8 -1
- package/dist/src/index.js.map +1 -0
- package/dist/src/lib/authorize.request.d.ts +16 -0
- package/dist/src/lib/authorize.request.d.ts.map +1 -0
- package/dist/src/lib/authorize.request.js +57 -0
- package/dist/src/lib/authorize.request.js.map +1 -0
- package/dist/src/lib/authorize.request.types.d.ts +11 -0
- package/dist/src/lib/authorize.request.types.d.ts.map +1 -0
- package/dist/src/lib/authorize.request.types.js +2 -0
- package/dist/src/lib/authorize.request.types.js.map +1 -0
- package/dist/src/lib/authorize.request.utils.d.ts +55 -0
- package/dist/src/lib/authorize.request.utils.d.ts.map +1 -0
- package/dist/src/lib/authorize.request.utils.js +187 -0
- package/dist/src/lib/authorize.request.utils.js.map +1 -0
- package/dist/src/lib/authorize.slice.d.ts +5 -0
- package/dist/src/lib/authorize.slice.d.ts.map +1 -0
- package/dist/src/lib/authorize.slice.js +21 -0
- package/dist/src/lib/authorize.slice.js.map +1 -0
- package/dist/src/lib/client.store.d.ts +108 -0
- package/dist/src/lib/client.store.d.ts.map +1 -0
- package/dist/src/lib/client.store.js +341 -0
- package/dist/src/lib/client.store.js.map +1 -0
- package/dist/src/lib/client.store.utils.d.ts +96 -0
- package/dist/src/lib/client.store.utils.d.ts.map +1 -0
- package/dist/src/lib/client.store.utils.js +92 -0
- package/dist/src/lib/client.store.utils.js.map +1 -0
- package/dist/src/lib/client.types.d.ts +13 -0
- package/dist/src/lib/client.types.d.ts.map +1 -0
- package/dist/src/lib/client.types.js +2 -0
- package/dist/src/lib/client.types.js.map +1 -0
- package/dist/src/lib/config.types.d.ts +22 -0
- package/dist/src/lib/config.types.d.ts.map +1 -0
- package/dist/src/lib/config.types.js +2 -0
- package/dist/src/lib/config.types.js.map +1 -0
- package/dist/src/lib/exchange.request.d.ts +18 -0
- package/dist/src/lib/exchange.request.d.ts.map +1 -0
- package/dist/src/lib/exchange.request.js +22 -0
- package/dist/src/lib/exchange.request.js.map +1 -0
- package/dist/src/lib/exchange.types.d.ts +21 -0
- package/dist/src/lib/exchange.types.d.ts.map +1 -0
- package/dist/src/lib/exchange.types.js +2 -0
- package/dist/src/lib/exchange.types.js.map +1 -0
- package/dist/src/lib/exchange.utils.d.ts +28 -0
- package/dist/src/lib/exchange.utils.d.ts.map +1 -0
- package/dist/src/lib/exchange.utils.js +55 -0
- package/dist/src/lib/exchange.utils.js.map +1 -0
- package/dist/src/lib/logout.request.d.ts +17 -0
- package/dist/src/lib/logout.request.d.ts.map +1 -0
- package/dist/src/lib/logout.request.js +33 -0
- package/dist/src/lib/logout.request.js.map +1 -0
- package/dist/src/lib/oidc.api.d.ts +25 -0
- package/dist/src/lib/oidc.api.d.ts.map +1 -0
- package/dist/src/lib/oidc.api.js +165 -0
- package/dist/src/lib/oidc.api.js.map +1 -0
- package/dist/src/lib/oidc.api.utils.d.ts +3 -0
- package/dist/src/lib/oidc.api.utils.d.ts.map +1 -0
- package/dist/src/lib/oidc.api.utils.js +9 -0
- package/dist/src/lib/oidc.api.utils.js.map +1 -0
- package/dist/src/lib/token.utils.d.ts +2 -0
- package/dist/src/lib/token.utils.d.ts.map +1 -0
- package/dist/src/lib/token.utils.js +15 -0
- package/dist/src/lib/token.utils.js.map +1 -0
- package/dist/src/lib/wellknown.api.d.ts +7 -0
- package/dist/src/lib/wellknown.api.d.ts.map +1 -0
- package/dist/src/lib/wellknown.api.js +22 -0
- package/dist/src/lib/wellknown.api.js.map +1 -0
- package/dist/src/types.d.ts +5 -0
- package/dist/src/types.d.ts.map +1 -0
- package/dist/src/types.js +10 -0
- package/dist/src/types.js.map +1 -0
- package/dist/tsconfig.lib.tsbuildinfo +1 -1
- package/package.json +34 -5
- package/CHANGELOG.md +0 -11
- package/dist/src/lib/token-store.d.ts +0 -12
- package/dist/src/lib/token-store.d.ts.map +0 -1
- package/dist/src/lib/token-store.js +0 -9
- package/dist/src/lib/token-store.test-d.d.ts +0 -2
- package/dist/src/lib/token-store.test-d.d.ts.map +0 -1
- package/dist/src/lib/token-store.test-d.js +0 -43
- package/eslint.config.mjs +0 -22
- package/src/index.ts +0 -1
- package/src/lib/token-store.test-d.ts +0 -52
- package/src/lib/token-store.test.ts +0 -38
- package/src/lib/token-store.ts +0 -10
- package/tsconfig.json +0 -22
- package/tsconfig.lib.json +0 -40
- package/tsconfig.spec.json +0 -41
- package/typedoc.json +0 -4
- package/vite.config.ts +0 -23
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright (c) 2025 Ping Identity Corporation. All rights reserved.
|
|
3
|
+
*
|
|
4
|
+
* This software may be modified and distributed under the terms
|
|
5
|
+
* of the MIT license. See the LICENSE file for details.
|
|
6
|
+
*/
|
|
7
|
+
import { Micro } from 'effect';
|
|
8
|
+
import { createValuesµ, handleTokenResponseµ, validateValuesµ } from './exchange.utils.js';
|
|
9
|
+
import { oidcApi } from './oidc.api.js';
|
|
10
|
+
export function buildTokenExchangeµ({ code, config, endpoint, log, state, store, options, }) {
|
|
11
|
+
return createValuesµ(code, config, state, endpoint, options).pipe(Micro.flatMap((options) => validateValuesµ(options)), Micro.tap((options) => log.debug('Token exchange values created', options)), Micro.tapError((options) => Micro.sync(() => log.error('Error creating token exchange values', options))), Micro.flatMap((requestOptions) => Micro.promise(() => store.dispatch(oidcApi.endpoints.exchange.initiate(requestOptions)))), Micro.flatMap(({ data, error }) => handleTokenResponseµ(data, error)), Micro.tap((data) => log.debug('Token exchange response handled', data)), Micro.tapError((error) => Micro.sync(() => log.error('Error handling token exchange response', error))), Micro.map((data) => {
|
|
12
|
+
const tokens = {
|
|
13
|
+
accessToken: data.access_token,
|
|
14
|
+
idToken: data.id_token,
|
|
15
|
+
...(data.refresh_token && { refreshToken: data.refresh_token }),
|
|
16
|
+
...(data.expires_in && { expiresAt: data.expires_in }),
|
|
17
|
+
...(data.expires_in && { expiryTimestamp: Date.now() + data.expires_in * 1000 }),
|
|
18
|
+
};
|
|
19
|
+
return tokens;
|
|
20
|
+
}));
|
|
21
|
+
}
|
|
22
|
+
//# sourceMappingURL=exchange.request.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"exchange.request.js","sourceRoot":"","sources":["../../../src/lib/exchange.request.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;AAI/B,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAC3F,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAiBxC,MAAM,UAAU,mBAAmB,CAAC,EAClC,IAAI,EACJ,MAAM,EACN,QAAQ,EACR,GAAG,EACH,KAAK,EACL,KAAK,EACL,OAAO,GACmB;IAC1B,OAAO,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC,IAAI,CAC/D,KAAK,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,EACpD,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,+BAA+B,EAAE,OAAO,CAAC,CAAC,EAC3E,KAAK,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE,EAAE,CACzB,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,sCAAsC,EAAE,OAAO,CAAC,CAAC,CAC7E,EACD,KAAK,CAAC,OAAO,CAAC,CAAC,cAAc,EAAE,EAAE,CAC/B,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC,CACzF,EACD,KAAK,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,oBAAoB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,EACrE,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,iCAAiC,EAAE,IAAI,CAAC,CAAC,EACvE,KAAK,CAAC,QAAQ,CAAC,CAAC,KAAK,EAAE,EAAE,CACvB,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,wCAAwC,EAAE,KAAK,CAAC,CAAC,CAC7E,EACD,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACjB,MAAM,MAAM,GAAG;YACb,WAAW,EAAE,IAAI,CAAC,YAAY;YAC9B,OAAO,EAAE,IAAI,CAAC,QAAQ;YACtB,GAAG,CAAC,IAAI,CAAC,aAAa,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC;YAC/D,GAAG,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,UAAU,EAAE,CAAC;YACtD,GAAG,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,eAAe,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,EAAE,CAAC;SACjF,CAAC;QAEF,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC,CACH,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import { OidcConfig } from './config.types.js';
|
|
2
|
+
export interface TokenExchangeResponse {
|
|
3
|
+
access_token: string;
|
|
4
|
+
id_token: string;
|
|
5
|
+
refresh_token?: string;
|
|
6
|
+
expires_in?: number;
|
|
7
|
+
scope?: string;
|
|
8
|
+
token_type?: string;
|
|
9
|
+
}
|
|
10
|
+
export interface TokenExchangeErrorResponse {
|
|
11
|
+
error: string;
|
|
12
|
+
message: string;
|
|
13
|
+
type: 'exchange_error' | 'network_error' | 'state_error' | 'unknown_error';
|
|
14
|
+
}
|
|
15
|
+
export interface TokenRequestOptions {
|
|
16
|
+
code: string;
|
|
17
|
+
config: OidcConfig;
|
|
18
|
+
endpoint: string;
|
|
19
|
+
verifier?: string;
|
|
20
|
+
}
|
|
21
|
+
//# sourceMappingURL=exchange.types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"exchange.types.d.ts","sourceRoot":"","sources":["../../../src/lib/exchange.types.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE/C,MAAM,WAAW,qBAAqB;IACpC,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,0BAA0B;IACzC,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,gBAAgB,GAAG,eAAe,GAAG,aAAa,GAAG,eAAe,CAAC;CAC5E;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,UAAU,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"exchange.types.js","sourceRoot":"","sources":["../../../src/lib/exchange.types.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
import { SerializedError } from '@reduxjs/toolkit';
|
|
2
|
+
import { FetchBaseQueryError } from '@reduxjs/toolkit/query';
|
|
3
|
+
import { Micro } from 'effect';
|
|
4
|
+
import type { GetAuthorizationUrlOptions } from '@forgerock/sdk-types';
|
|
5
|
+
import type { StorageConfig } from '@forgerock/storage';
|
|
6
|
+
import type { TokenExchangeResponse, TokenRequestOptions } from './exchange.types.js';
|
|
7
|
+
import type { TokenExchangeErrorResponse } from './exchange.types.js';
|
|
8
|
+
import type { OidcConfig } from './config.types.js';
|
|
9
|
+
export declare function createValuesµ(code: string, config: OidcConfig, state: string, endpoint: string, options?: Partial<StorageConfig>): Micro.Micro<{
|
|
10
|
+
code: string;
|
|
11
|
+
config: OidcConfig;
|
|
12
|
+
state: string;
|
|
13
|
+
storedValues: GetAuthorizationUrlOptions;
|
|
14
|
+
endpoint: string;
|
|
15
|
+
}, never, never>;
|
|
16
|
+
export declare function handleTokenResponseµ(data: TokenExchangeResponse | undefined, error?: FetchBaseQueryError | SerializedError): Micro.Micro<TokenExchangeResponse, TokenExchangeErrorResponse, never>;
|
|
17
|
+
export declare function validateValuesµ({ code, config, state, storedValues, endpoint, }: {
|
|
18
|
+
code: string;
|
|
19
|
+
config: OidcConfig;
|
|
20
|
+
state: string;
|
|
21
|
+
storedValues: GetAuthorizationUrlOptions;
|
|
22
|
+
endpoint: string;
|
|
23
|
+
}): Micro.Micro<never, {
|
|
24
|
+
readonly error: "State mismatch";
|
|
25
|
+
readonly message: "The provided state does not match the stored state. This is likely due to passing in used, returned, authorize parameters.";
|
|
26
|
+
readonly type: "state_error";
|
|
27
|
+
}, never> | Micro.Micro<TokenRequestOptions, never, never>;
|
|
28
|
+
//# sourceMappingURL=exchange.utils.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"exchange.utils.d.ts","sourceRoot":"","sources":["../../../src/lib/exchange.utils.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAC7D,OAAO,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;AAG/B,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,sBAAsB,CAAC;AACvE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAExD,OAAO,KAAK,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AACtF,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,qBAAqB,CAAC;AACtE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAEpD,wBAAgB,aAAa,CAC3B,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,UAAU,EAClB,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC;;;;;;iBAajC;AAED,wBAAgB,oBAAoB,CAClC,IAAI,EAAE,qBAAqB,GAAG,SAAS,EACvC,KAAK,CAAC,EAAE,mBAAmB,GAAG,eAAe,GAC5C,KAAK,CAAC,KAAK,CAAC,qBAAqB,EAAE,0BAA0B,EAAE,KAAK,CAAC,CAyBvE;AAED,wBAAgB,eAAe,CAAC,EAC9B,IAAI,EACJ,MAAM,EACN,KAAK,EACL,YAAY,EACZ,QAAQ,GACT,EAAE;IACD,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,UAAU,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,0BAA0B,CAAC;IACzC,QAAQ,EAAE,MAAM,CAAC;CAClB;;;;2DAiBA"}
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
import { Micro } from 'effect';
|
|
2
|
+
import { getStoredAuthUrlValues } from '@forgerock/sdk-oidc';
|
|
3
|
+
export function createValuesµ(code, config, state, endpoint, options) {
|
|
4
|
+
return Micro.sync(() => {
|
|
5
|
+
const storedValues = getStoredAuthUrlValues(config.clientId, options?.prefix);
|
|
6
|
+
return {
|
|
7
|
+
code,
|
|
8
|
+
config,
|
|
9
|
+
state,
|
|
10
|
+
storedValues,
|
|
11
|
+
endpoint,
|
|
12
|
+
};
|
|
13
|
+
});
|
|
14
|
+
}
|
|
15
|
+
export function handleTokenResponseµ(data, error) {
|
|
16
|
+
if (error) {
|
|
17
|
+
let message;
|
|
18
|
+
if ('status' in error) {
|
|
19
|
+
message = 'error' in error ? error.error : JSON.stringify(error.data);
|
|
20
|
+
}
|
|
21
|
+
else if ('message' in error) {
|
|
22
|
+
message = error.message;
|
|
23
|
+
}
|
|
24
|
+
return Micro.fail({
|
|
25
|
+
error: 'Token Exchange failure',
|
|
26
|
+
message: message || 'Unknown error during token exchange',
|
|
27
|
+
type: 'exchange_error',
|
|
28
|
+
});
|
|
29
|
+
}
|
|
30
|
+
if (!data) {
|
|
31
|
+
return Micro.fail({
|
|
32
|
+
error: 'Token Exchange failure',
|
|
33
|
+
message: 'No data returned from token exchange',
|
|
34
|
+
type: 'exchange_error',
|
|
35
|
+
});
|
|
36
|
+
}
|
|
37
|
+
return Micro.succeed(data);
|
|
38
|
+
}
|
|
39
|
+
export function validateValuesµ({ code, config, state, storedValues, endpoint, }) {
|
|
40
|
+
if (!storedValues || storedValues.state !== state) {
|
|
41
|
+
const err = {
|
|
42
|
+
error: 'State mismatch',
|
|
43
|
+
message: 'The provided state does not match the stored state. This is likely due to passing in used, returned, authorize parameters.',
|
|
44
|
+
type: 'state_error',
|
|
45
|
+
};
|
|
46
|
+
return Micro.fail(err);
|
|
47
|
+
}
|
|
48
|
+
return Micro.succeed({
|
|
49
|
+
code,
|
|
50
|
+
config,
|
|
51
|
+
endpoint,
|
|
52
|
+
...(storedValues.verifier && { verifier: storedValues.verifier }), // Optional PKCE
|
|
53
|
+
});
|
|
54
|
+
}
|
|
55
|
+
//# sourceMappingURL=exchange.utils.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"exchange.utils.js","sourceRoot":"","sources":["../../../src/lib/exchange.utils.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;AAE/B,OAAO,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAQ7D,MAAM,UAAU,aAAa,CAC3B,IAAY,EACZ,MAAkB,EAClB,KAAa,EACb,QAAgB,EAChB,OAAgC;IAEhC,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE;QACrB,MAAM,YAAY,GAAG,sBAAsB,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;QAE9E,OAAO;YACL,IAAI;YACJ,MAAM;YACN,KAAK;YACL,YAAY;YACZ,QAAQ;SACT,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,oBAAoB,CAClC,IAAuC,EACvC,KAA6C;IAE7C,IAAI,KAAK,EAAE,CAAC;QACV,IAAI,OAAO,CAAC;QACZ,IAAI,QAAQ,IAAI,KAAK,EAAE,CAAC;YACtB,OAAO,GAAG,OAAO,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACxE,CAAC;aAAM,IAAI,SAAS,IAAI,KAAK,EAAE,CAAC;YAC9B,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;QAC1B,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC;YAChB,KAAK,EAAE,wBAAwB;YAC/B,OAAO,EAAE,OAAO,IAAI,qCAAqC;YACzD,IAAI,EAAE,gBAAgB;SACO,CAAC,CAAC;IACnC,CAAC;IAED,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,KAAK,CAAC,IAAI,CAAC;YAChB,KAAK,EAAE,wBAAwB;YAC/B,OAAO,EAAE,sCAAsC;YAC/C,IAAI,EAAE,gBAAgB;SACO,CAAC,CAAC;IACnC,CAAC;IAED,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;AAC7B,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,EAC9B,IAAI,EACJ,MAAM,EACN,KAAK,EACL,YAAY,EACZ,QAAQ,GAOT;IACC,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,KAAK,KAAK,KAAK,EAAE,CAAC;QAClD,MAAM,GAAG,GAAG;YACV,KAAK,EAAE,gBAAgB;YACvB,OAAO,EACL,4HAA4H;YAC9H,IAAI,EAAE,aAAa;SACX,CAAC;QAEX,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,KAAK,CAAC,OAAO,CAAC;QACnB,IAAI;QACJ,MAAM;QACN,QAAQ;QACR,GAAG,CAAC,YAAY,CAAC,QAAQ,IAAI,EAAE,QAAQ,EAAE,YAAY,CAAC,QAAQ,EAAE,CAAC,EAAE,gBAAgB;KAC7D,CAAC,CAAC;AAC5B,CAAC"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
import { Micro } from 'effect';
|
|
2
|
+
import { createClientStore } from './client.store.utils.js';
|
|
3
|
+
import { OauthTokens, OidcConfig } from './config.types.js';
|
|
4
|
+
import { WellKnownResponse } from '@forgerock/sdk-types';
|
|
5
|
+
import { createStorage } from '@forgerock/storage';
|
|
6
|
+
export declare function logoutµ({ tokens, config, wellknown, store, storageClient, }: {
|
|
7
|
+
tokens: OauthTokens;
|
|
8
|
+
config: OidcConfig;
|
|
9
|
+
wellknown: WellKnownResponse;
|
|
10
|
+
store: ReturnType<typeof createClientStore>;
|
|
11
|
+
storageClient: ReturnType<typeof createStorage<OauthTokens>>;
|
|
12
|
+
}): Micro.Micro<{
|
|
13
|
+
sessionResponse: import("@forgerock/sdk-types").GenericError | null;
|
|
14
|
+
revokeResponse: import("@forgerock/sdk-types").GenericError | null;
|
|
15
|
+
deleteResponse: void;
|
|
16
|
+
}, never, never>;
|
|
17
|
+
//# sourceMappingURL=logout.request.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"logout.request.d.ts","sourceRoot":"","sources":["../../../src/lib/logout.request.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;AAE/B,OAAO,EAAE,iBAAiB,EAAqB,MAAM,yBAAyB,CAAC;AAC/E,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAEnD,wBAAgB,OAAO,CAAC,EACtB,MAAM,EACN,MAAM,EACN,SAAS,EACT,KAAK,EACL,aAAa,GACd,EAAE;IACD,MAAM,EAAE,WAAW,CAAC;IACpB,MAAM,EAAE,UAAU,CAAC;IACnB,SAAS,EAAE,iBAAiB,CAAC;IAC7B,KAAK,EAAE,UAAU,CAAC,OAAO,iBAAiB,CAAC,CAAC;IAC5C,aAAa,EAAE,UAAU,CAAC,OAAO,aAAa,CAAC,WAAW,CAAC,CAAC,CAAC;CAC9D;;;;iBAmCA"}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright (c) 2025 Ping Identity Corporation. All rights reserved.
|
|
3
|
+
*
|
|
4
|
+
* This software may be modified and distributed under the terms
|
|
5
|
+
* of the MIT license. See the LICENSE file for details.
|
|
6
|
+
*/
|
|
7
|
+
import { Micro } from 'effect';
|
|
8
|
+
import { oidcApi } from './oidc.api.js';
|
|
9
|
+
import { createLogoutError } from './client.store.utils.js';
|
|
10
|
+
export function logoutµ({ tokens, config, wellknown, store, storageClient, }) {
|
|
11
|
+
return Micro.zip(
|
|
12
|
+
// End session with the ID token
|
|
13
|
+
Micro.promise(() => store.dispatch(oidcApi.endpoints.endSession.initiate({
|
|
14
|
+
idToken: tokens.idToken,
|
|
15
|
+
endpoint: wellknown.ping_end_idp_session_endpoint || wellknown.end_session_endpoint,
|
|
16
|
+
}))).pipe(Micro.map(({ data, error }) => createLogoutError(data, error))),
|
|
17
|
+
// Revoke the access token
|
|
18
|
+
Micro.promise(() => store.dispatch(oidcApi.endpoints.revoke.initiate({
|
|
19
|
+
accessToken: tokens.accessToken,
|
|
20
|
+
clientId: config.clientId,
|
|
21
|
+
endpoint: wellknown.revocation_endpoint,
|
|
22
|
+
}))).pipe(Micro.map(({ data, error }) => createLogoutError(data, error)))).pipe(
|
|
23
|
+
// Delete local token and return combined results
|
|
24
|
+
Micro.flatMap(([sessionResponse, revokeResponse]) => Micro.promise(async () => {
|
|
25
|
+
const deleteResponse = await storageClient.remove();
|
|
26
|
+
return {
|
|
27
|
+
sessionResponse,
|
|
28
|
+
revokeResponse,
|
|
29
|
+
deleteResponse,
|
|
30
|
+
};
|
|
31
|
+
})));
|
|
32
|
+
}
|
|
33
|
+
//# sourceMappingURL=logout.request.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"logout.request.js","sourceRoot":"","sources":["../../../src/lib/logout.request.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;AAC/B,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EAAqB,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAK/E,MAAM,UAAU,OAAO,CAAC,EACtB,MAAM,EACN,MAAM,EACN,SAAS,EACT,KAAK,EACL,aAAa,GAOd;IACC,OAAO,KAAK,CAAC,GAAG;IACd,gCAAgC;IAChC,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,CACjB,KAAK,CAAC,QAAQ,CACZ,OAAO,CAAC,SAAS,CAAC,UAAU,CAAC,QAAQ,CAAC;QACpC,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,QAAQ,EAAE,SAAS,CAAC,6BAA6B,IAAI,SAAS,CAAC,oBAAoB;KACpF,CAAC,CACH,CACF,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,iBAAiB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC;IAEtE,0BAA0B;IAC1B,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,CACjB,KAAK,CAAC,QAAQ,CACZ,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC;QAChC,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,QAAQ,EAAE,SAAS,CAAC,mBAAmB;KACxC,CAAC,CACH,CACF,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,iBAAiB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,CACvE,CAAC,IAAI;IACJ,iDAAiD;IACjD,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,cAAc,CAAC,EAAE,EAAE,CAClD,KAAK,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE;QACvB,MAAM,cAAc,GAAG,MAAM,aAAa,CAAC,MAAM,EAAE,CAAC;QACpD,OAAO;YACL,eAAe;YACf,cAAc;YACd,cAAc;SACf,CAAC;IACJ,CAAC,CAAC,CACH,CACF,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
import { FetchArgs } from '@reduxjs/toolkit/query';
|
|
2
|
+
import { OidcConfig } from './config.types.js';
|
|
3
|
+
import type { TokenExchangeResponse } from './exchange.types.js';
|
|
4
|
+
export declare const oidcApi: import("@reduxjs/toolkit/query").Api<import("@reduxjs/toolkit/query").BaseQueryFn<string | FetchArgs, unknown, import("@reduxjs/toolkit/query").FetchBaseQueryError, {}, import("@reduxjs/toolkit/query").FetchBaseQueryMeta>, {
|
|
5
|
+
endSession: import("@reduxjs/toolkit/query").MutationDefinition<{
|
|
6
|
+
idToken: string;
|
|
7
|
+
endpoint: string;
|
|
8
|
+
}, import("@reduxjs/toolkit/query").BaseQueryFn<string | FetchArgs, unknown, import("@reduxjs/toolkit/query").FetchBaseQueryError, {}, import("@reduxjs/toolkit/query").FetchBaseQueryMeta>, never, null, "oidc", unknown>;
|
|
9
|
+
exchange: import("@reduxjs/toolkit/query").MutationDefinition<{
|
|
10
|
+
code: string;
|
|
11
|
+
config: OidcConfig;
|
|
12
|
+
endpoint: string;
|
|
13
|
+
verifier?: string;
|
|
14
|
+
}, import("@reduxjs/toolkit/query").BaseQueryFn<string | FetchArgs, unknown, import("@reduxjs/toolkit/query").FetchBaseQueryError, {}, import("@reduxjs/toolkit/query").FetchBaseQueryMeta>, never, TokenExchangeResponse, "oidc", unknown>;
|
|
15
|
+
revoke: import("@reduxjs/toolkit/query").MutationDefinition<{
|
|
16
|
+
accessToken: string;
|
|
17
|
+
clientId?: string;
|
|
18
|
+
endpoint: string;
|
|
19
|
+
}, import("@reduxjs/toolkit/query").BaseQueryFn<string | FetchArgs, unknown, import("@reduxjs/toolkit/query").FetchBaseQueryError, {}, import("@reduxjs/toolkit/query").FetchBaseQueryMeta>, never, object, "oidc", unknown>;
|
|
20
|
+
userInfo: import("@reduxjs/toolkit/query").MutationDefinition<{
|
|
21
|
+
accessToken: string;
|
|
22
|
+
endpoint: string;
|
|
23
|
+
}, import("@reduxjs/toolkit/query").BaseQueryFn<string | FetchArgs, unknown, import("@reduxjs/toolkit/query").FetchBaseQueryError, {}, import("@reduxjs/toolkit/query").FetchBaseQueryMeta>, never, TokenExchangeResponse, "oidc", unknown>;
|
|
24
|
+
}, "oidc", never, typeof import("@reduxjs/toolkit/query").coreModuleName>;
|
|
25
|
+
//# sourceMappingURL=oidc.api.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oidc.api.d.ts","sourceRoot":"","sources":["../../../src/lib/oidc.api.ts"],"names":[],"mappings":"AAAA,OAAO,EAAa,SAAS,EAAkB,MAAM,wBAAwB,CAAC;AAC9E,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAU/C,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAOjE,eAAO,MAAM,OAAO;;iBAI8B,MAAM;kBAAY,MAAM;;;cA+C5D,MAAM;gBACJ,UAAU;kBACR,MAAM;mBACL,MAAM;;;qBA6D2B,MAAM;mBAAa,MAAM;kBAAY,MAAM;;;qBAkD1B,MAAM;kBAAY,MAAM;;yEA2C3F,CAAC"}
|
|
@@ -0,0 +1,165 @@
|
|
|
1
|
+
import { createApi, fetchBaseQuery } from '@reduxjs/toolkit/query';
|
|
2
|
+
import { transformError } from './oidc.api.utils.js';
|
|
3
|
+
import { initQuery, } from '@forgerock/sdk-request-middleware';
|
|
4
|
+
export const oidcApi = createApi({
|
|
5
|
+
reducerPath: 'oidc',
|
|
6
|
+
baseQuery: fetchBaseQuery(),
|
|
7
|
+
endpoints: (builder) => ({
|
|
8
|
+
endSession: builder.mutation({
|
|
9
|
+
queryFn: async ({ idToken, endpoint }, api, _, baseQuery) => {
|
|
10
|
+
const { requestMiddleware, logger } = api.extra;
|
|
11
|
+
const url = new URL(endpoint);
|
|
12
|
+
url.searchParams.append('id_token_hint', idToken);
|
|
13
|
+
const request = {
|
|
14
|
+
url: url.toString(),
|
|
15
|
+
method: 'GET',
|
|
16
|
+
credentials: 'include',
|
|
17
|
+
headers: {
|
|
18
|
+
Accept: 'application/json',
|
|
19
|
+
},
|
|
20
|
+
};
|
|
21
|
+
logger.debug('OIDC endSession API request', request);
|
|
22
|
+
const response = await initQuery(request, 'endSession')
|
|
23
|
+
.applyMiddleware(requestMiddleware)
|
|
24
|
+
.applyQuery(async (req) => await baseQuery(req));
|
|
25
|
+
if (response.error) {
|
|
26
|
+
let message = 'An error occurred while trying to end the session';
|
|
27
|
+
if (response.error.status === 400) {
|
|
28
|
+
message = 'Bad request to end session endpoint';
|
|
29
|
+
}
|
|
30
|
+
else if (response.error.status === 401) {
|
|
31
|
+
message = 'Unauthorized request to end session endpoint';
|
|
32
|
+
}
|
|
33
|
+
else if (response.error.status === 403) {
|
|
34
|
+
message = 'Forbidden request to end session endpoint';
|
|
35
|
+
}
|
|
36
|
+
logger.error('End Session API error', message);
|
|
37
|
+
response.error.data = transformError('End Session Error', message, response.error.status);
|
|
38
|
+
return response;
|
|
39
|
+
}
|
|
40
|
+
logger.debug('OIDC endSession API response', response);
|
|
41
|
+
return response;
|
|
42
|
+
},
|
|
43
|
+
}),
|
|
44
|
+
exchange: builder.mutation({
|
|
45
|
+
queryFn: async ({ code, config, endpoint, verifier }, api, _, baseQuery) => {
|
|
46
|
+
const { requestMiddleware, logger } = api.extra;
|
|
47
|
+
const { clientId, redirectUri } = config;
|
|
48
|
+
const body = new URLSearchParams({
|
|
49
|
+
grant_type: 'authorization_code',
|
|
50
|
+
code,
|
|
51
|
+
client_id: clientId,
|
|
52
|
+
redirect_uri: redirectUri,
|
|
53
|
+
});
|
|
54
|
+
if (verifier) {
|
|
55
|
+
body.append('code_verifier', verifier);
|
|
56
|
+
}
|
|
57
|
+
const request = {
|
|
58
|
+
url: endpoint,
|
|
59
|
+
method: 'POST',
|
|
60
|
+
headers: {
|
|
61
|
+
Accept: 'application/json',
|
|
62
|
+
'Content-Type': 'application/x-www-form-urlencoded',
|
|
63
|
+
},
|
|
64
|
+
body,
|
|
65
|
+
};
|
|
66
|
+
logger.debug('OIDC tokenExchange API request', request);
|
|
67
|
+
const response = await initQuery(request, 'tokenExchange')
|
|
68
|
+
.applyMiddleware(requestMiddleware)
|
|
69
|
+
.applyQuery(async (req) => await baseQuery(req));
|
|
70
|
+
if (response.error) {
|
|
71
|
+
let message = 'An error occurred while exchanging the authorization code';
|
|
72
|
+
if (response.error.status === 400) {
|
|
73
|
+
message = 'Bad request to token exchange endpoint';
|
|
74
|
+
}
|
|
75
|
+
else if (response.error.status === 401) {
|
|
76
|
+
message = 'Unauthorized request to token exchange endpoint';
|
|
77
|
+
}
|
|
78
|
+
else if (response.error.status === 403) {
|
|
79
|
+
message = 'Forbidden request to token exchange endpoint';
|
|
80
|
+
}
|
|
81
|
+
logger.error('Token Exchange API error', message);
|
|
82
|
+
response.error.data = transformError('Token Exchange Error', message, response.error.status);
|
|
83
|
+
return response;
|
|
84
|
+
}
|
|
85
|
+
logger.debug('OIDC tokenExchange API response', response);
|
|
86
|
+
return response;
|
|
87
|
+
},
|
|
88
|
+
}),
|
|
89
|
+
revoke: builder.mutation({
|
|
90
|
+
queryFn: async ({ accessToken, clientId, endpoint }, api, _, baseQuery) => {
|
|
91
|
+
const { requestMiddleware, logger } = api.extra;
|
|
92
|
+
const body = new URLSearchParams({
|
|
93
|
+
...(clientId ? { client_id: clientId } : {}),
|
|
94
|
+
token: accessToken,
|
|
95
|
+
});
|
|
96
|
+
const request = {
|
|
97
|
+
url: endpoint,
|
|
98
|
+
method: 'POST',
|
|
99
|
+
credentials: 'include',
|
|
100
|
+
headers: {
|
|
101
|
+
'Content-Type': 'application/x-www-form-urlencoded',
|
|
102
|
+
},
|
|
103
|
+
body,
|
|
104
|
+
};
|
|
105
|
+
logger.debug('OIDC revoke API request', request);
|
|
106
|
+
const response = await initQuery(request, 'revoke')
|
|
107
|
+
.applyMiddleware(requestMiddleware)
|
|
108
|
+
.applyQuery(async (req) => await baseQuery(req));
|
|
109
|
+
if (response.error) {
|
|
110
|
+
let message = 'An error occurred while revoking the token';
|
|
111
|
+
if (response.error.status === 400) {
|
|
112
|
+
message = 'Bad request to revoke endpoint';
|
|
113
|
+
}
|
|
114
|
+
else if (response.error.status === 401) {
|
|
115
|
+
message = 'Unauthorized request to revoke endpoint';
|
|
116
|
+
}
|
|
117
|
+
else if (response.error.status === 403) {
|
|
118
|
+
message = 'Forbidden request to revoke endpoint';
|
|
119
|
+
}
|
|
120
|
+
logger.error('Token Revoke API error', message);
|
|
121
|
+
response.error.data = transformError('Token Revoke Error', message, response.error.status);
|
|
122
|
+
return response;
|
|
123
|
+
}
|
|
124
|
+
logger.debug('OIDC revoke API response', response);
|
|
125
|
+
return response;
|
|
126
|
+
},
|
|
127
|
+
}),
|
|
128
|
+
userInfo: builder.mutation({
|
|
129
|
+
queryFn: async ({ accessToken, endpoint }, api, _, baseQuery) => {
|
|
130
|
+
const { requestMiddleware, logger } = api.extra;
|
|
131
|
+
const request = {
|
|
132
|
+
url: endpoint,
|
|
133
|
+
method: 'GET',
|
|
134
|
+
credentials: 'include',
|
|
135
|
+
headers: {
|
|
136
|
+
Accept: 'application/json',
|
|
137
|
+
Authorization: `Bearer ${accessToken}`,
|
|
138
|
+
},
|
|
139
|
+
};
|
|
140
|
+
logger.debug('OIDC userInfo API request', request);
|
|
141
|
+
const response = await initQuery(request, 'userInfo')
|
|
142
|
+
.applyMiddleware(requestMiddleware)
|
|
143
|
+
.applyQuery(async (req) => await baseQuery(req));
|
|
144
|
+
let message = 'An error occurred while fetching user info';
|
|
145
|
+
if (response.error) {
|
|
146
|
+
if (response.error.status === 400) {
|
|
147
|
+
message = 'Bad request to user info endpoint';
|
|
148
|
+
}
|
|
149
|
+
else if (response.error.status === 401) {
|
|
150
|
+
message = 'Unauthorized request to user info endpoint';
|
|
151
|
+
}
|
|
152
|
+
else if (response.error.status === 403) {
|
|
153
|
+
message = 'Forbidden request to user info endpoint';
|
|
154
|
+
}
|
|
155
|
+
logger.error('User Info API error', message);
|
|
156
|
+
response.error.data = transformError('User Info Error', message, response.error.status);
|
|
157
|
+
return response;
|
|
158
|
+
}
|
|
159
|
+
logger.debug('OIDC userInfo API response', response);
|
|
160
|
+
return response;
|
|
161
|
+
},
|
|
162
|
+
}),
|
|
163
|
+
}),
|
|
164
|
+
});
|
|
165
|
+
//# sourceMappingURL=oidc.api.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oidc.api.js","sourceRoot":"","sources":["../../../src/lib/oidc.api.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAa,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAE9E,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAGrD,OAAO,EACL,SAAS,GAGV,MAAM,mCAAmC,CAAC;AAS3C,MAAM,CAAC,MAAM,OAAO,GAAG,SAAS,CAAC;IAC/B,WAAW,EAAE,MAAM;IACnB,SAAS,EAAE,cAAc,EAAE;IAC3B,SAAS,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QACvB,UAAU,EAAE,OAAO,CAAC,QAAQ,CAA8C;YACxE,OAAO,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,SAAS,EAAE,EAAE;gBAC1D,MAAM,EAAE,iBAAiB,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,KAAe,CAAC;gBAE1D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC;gBAC9B,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;gBAElD,MAAM,OAAO,GAAc;oBACzB,GAAG,EAAE,GAAG,CAAC,QAAQ,EAAE;oBACnB,MAAM,EAAE,KAAK;oBACb,WAAW,EAAE,SAAS;oBACtB,OAAO,EAAE;wBACP,MAAM,EAAE,kBAAkB;qBAC3B;iBACF,CAAC;gBAEF,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE,OAAO,CAAC,CAAC;gBAErD,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE,YAAY,CAAC;qBACpD,eAAe,CAAC,iBAAiB,CAAC;qBAClC,UAAU,CAAC,KAAK,EAAE,GAAc,EAAE,EAAE,CAAC,MAAM,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;gBAE9D,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;oBACnB,IAAI,OAAO,GAAG,mDAAmD,CAAC;oBAElE,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBAClC,OAAO,GAAG,qCAAqC,CAAC;oBAClD,CAAC;yBAAM,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBACzC,OAAO,GAAG,8CAA8C,CAAC;oBAC3D,CAAC;yBAAM,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBACzC,OAAO,GAAG,2CAA2C,CAAC;oBACxD,CAAC;oBAED,MAAM,CAAC,KAAK,CAAC,uBAAuB,EAAE,OAAO,CAAC,CAAC;oBAE/C,QAAQ,CAAC,KAAK,CAAC,IAAI,GAAG,cAAc,CAAC,mBAAmB,EAAE,OAAO,EAAE,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;oBAC1F,OAAO,QAAQ,CAAC;gBAClB,CAAC;gBAED,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE,QAAQ,CAAC,CAAC;gBAEvD,OAAO,QAA0B,CAAC;YACpC,CAAC;SACF,CAAC;QACF,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAQxB;YACA,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,SAAS,EAAE,EAAE;gBACzE,MAAM,EAAE,iBAAiB,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,KAAe,CAAC;gBAE1D,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,GAAG,MAAM,CAAC;gBACzC,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;oBAC/B,UAAU,EAAE,oBAAoB;oBAChC,IAAI;oBACJ,SAAS,EAAE,QAAQ;oBACnB,YAAY,EAAE,WAAW;iBAC1B,CAAC,CAAC;gBAEH,IAAI,QAAQ,EAAE,CAAC;oBACb,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;gBACzC,CAAC;gBAED,MAAM,OAAO,GAAG;oBACd,GAAG,EAAE,QAAQ;oBACb,MAAM,EAAE,MAAM;oBACd,OAAO,EAAE;wBACP,MAAM,EAAE,kBAAkB;wBAC1B,cAAc,EAAE,mCAAmC;qBACpD;oBACD,IAAI;iBACL,CAAC;gBAEF,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE,OAAO,CAAC,CAAC;gBAExD,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE,eAAe,CAAC;qBACvD,eAAe,CAAC,iBAAiB,CAAC;qBAClC,UAAU,CAAC,KAAK,EAAE,GAAc,EAAE,EAAE,CAAC,MAAM,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;gBAE9D,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;oBACnB,IAAI,OAAO,GAAG,2DAA2D,CAAC;oBAE1E,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBAClC,OAAO,GAAG,wCAAwC,CAAC;oBACrD,CAAC;yBAAM,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBACzC,OAAO,GAAG,iDAAiD,CAAC;oBAC9D,CAAC;yBAAM,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBACzC,OAAO,GAAG,8CAA8C,CAAC;oBAC3D,CAAC;oBAED,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE,OAAO,CAAC,CAAC;oBAElD,QAAQ,CAAC,KAAK,CAAC,IAAI,GAAG,cAAc,CAClC,sBAAsB,EACtB,OAAO,EACP,QAAQ,CAAC,KAAK,CAAC,MAAM,CACtB,CAAC;oBAEF,OAAO,QAAQ,CAAC;gBAClB,CAAC;gBAED,MAAM,CAAC,KAAK,CAAC,iCAAiC,EAAE,QAAQ,CAAC,CAAC;gBAE1D,OAAO,QAA2C,CAAC;YACrD,CAAC;SACF,CAAC;QACF,MAAM,EAAE,OAAO,CAAC,QAAQ,CAAuE;YAC7F,OAAO,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,SAAS,EAAE,EAAE;gBACxE,MAAM,EAAE,iBAAiB,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,KAAe,CAAC;gBAE1D,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;oBAC/B,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC5C,KAAK,EAAE,WAAW;iBACnB,CAAC,CAAC;gBACH,MAAM,OAAO,GAAc;oBACzB,GAAG,EAAE,QAAQ;oBACb,MAAM,EAAE,MAAM;oBACd,WAAW,EAAE,SAAS;oBACtB,OAAO,EAAE;wBACP,cAAc,EAAE,mCAAmC;qBACpD;oBACD,IAAI;iBACL,CAAC;gBAEF,MAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE,OAAO,CAAC,CAAC;gBAEjD,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE,QAAQ,CAAC;qBAChD,eAAe,CAAC,iBAAiB,CAAC;qBAClC,UAAU,CAAC,KAAK,EAAE,GAAc,EAAE,EAAE,CAAC,MAAM,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;gBAE9D,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;oBACnB,IAAI,OAAO,GAAG,4CAA4C,CAAC;oBAE3D,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBAClC,OAAO,GAAG,gCAAgC,CAAC;oBAC7C,CAAC;yBAAM,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBACzC,OAAO,GAAG,yCAAyC,CAAC;oBACtD,CAAC;yBAAM,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBACzC,OAAO,GAAG,sCAAsC,CAAC;oBACnD,CAAC;oBAED,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE,OAAO,CAAC,CAAC;oBAEhD,QAAQ,CAAC,KAAK,CAAC,IAAI,GAAG,cAAc,CAClC,oBAAoB,EACpB,OAAO,EACP,QAAQ,CAAC,KAAK,CAAC,MAAM,CACtB,CAAC;oBACF,OAAO,QAAQ,CAAC;gBAClB,CAAC;gBAED,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE,QAAQ,CAAC,CAAC;gBAEnD,OAAO,QAA4B,CAAC;YACtC,CAAC;SACF,CAAC;QACF,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAmE;YAC3F,OAAO,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,QAAQ,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,SAAS,EAAE,EAAE;gBAC9D,MAAM,EAAE,iBAAiB,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,KAAe,CAAC;gBAE1D,MAAM,OAAO,GAAc;oBACzB,GAAG,EAAE,QAAQ;oBACb,MAAM,EAAE,KAAK;oBACb,WAAW,EAAE,SAAS;oBACtB,OAAO,EAAE;wBACP,MAAM,EAAE,kBAAkB;wBAC1B,aAAa,EAAE,UAAU,WAAW,EAAE;qBACvC;iBACF,CAAC;gBAEF,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE,OAAO,CAAC,CAAC;gBAEnD,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE,UAAU,CAAC;qBAClD,eAAe,CAAC,iBAAiB,CAAC;qBAClC,UAAU,CAAC,KAAK,EAAE,GAAc,EAAE,EAAE,CAAC,MAAM,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;gBAE9D,IAAI,OAAO,GAAG,4CAA4C,CAAC;gBAE3D,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;oBACnB,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBAClC,OAAO,GAAG,mCAAmC,CAAC;oBAChD,CAAC;yBAAM,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBACzC,OAAO,GAAG,4CAA4C,CAAC;oBACzD,CAAC;yBAAM,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBACzC,OAAO,GAAG,yCAAyC,CAAC;oBACtD,CAAC;oBAED,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,OAAO,CAAC,CAAC;oBAE7C,QAAQ,CAAC,KAAK,CAAC,IAAI,GAAG,cAAc,CAAC,iBAAiB,EAAE,OAAO,EAAE,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;oBACxF,OAAO,QAAQ,CAAC;gBAClB,CAAC;gBAED,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE,QAAQ,CAAC,CAAC;gBAErD,OAAO,QAA2C,CAAC;YACrD,CAAC;SACF,CAAC;KACH,CAAC;CACH,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oidc.api.utils.d.ts","sourceRoot":"","sources":["../../../src/lib/oidc.api.utils.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAEpD,wBAAgB,cAAc,CAC5B,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,MAAM,GAAG,MAAM,GACtB,YAAY,CAOd"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oidc.api.utils.js","sourceRoot":"","sources":["../../../src/lib/oidc.api.utils.ts"],"names":[],"mappings":"AAQA,MAAM,UAAU,cAAc,CAC5B,KAAa,EACb,OAAe,EACf,MAAuB;IAEvB,OAAO;QACL,KAAK;QACL,OAAO;QACP,MAAM;QACN,IAAI,EAAE,eAAe;KACtB,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token.utils.d.ts","sourceRoot":"","sources":["../../../src/lib/token.utils.ts"],"names":[],"mappings":"AAMA,wBAAgB,uBAAuB,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,MAAM,GAAG,OAAO,CAQ9F"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright (c) 2025 Ping Identity Corporation. All rights reserved.
|
|
3
|
+
*
|
|
4
|
+
* This software may be modified and distributed under the terms
|
|
5
|
+
* of the MIT license. See the LICENSE file for details.
|
|
6
|
+
*/
|
|
7
|
+
export function isExpiryWithinThreshold(oauthThreshold, tokenExpiry) {
|
|
8
|
+
if (oauthThreshold && tokenExpiry) {
|
|
9
|
+
const expiryTimeMinusThreshold = tokenExpiry - oauthThreshold;
|
|
10
|
+
const result = expiryTimeMinusThreshold < Date.now();
|
|
11
|
+
return result;
|
|
12
|
+
}
|
|
13
|
+
return false;
|
|
14
|
+
}
|
|
15
|
+
//# sourceMappingURL=token.utils.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token.utils.js","sourceRoot":"","sources":["../../../src/lib/token.utils.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,MAAM,UAAU,uBAAuB,CAAC,cAAuB,EAAE,WAAoB;IACnF,IAAI,cAAc,IAAI,WAAW,EAAE,CAAC;QAClC,MAAM,wBAAwB,GAAG,WAAW,GAAG,cAAc,CAAC;QAC9D,MAAM,MAAM,GAAG,wBAAwB,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAErD,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { WellKnownResponse } from '@forgerock/sdk-types';
|
|
2
|
+
import type { RootState } from './client.store.utils.js';
|
|
3
|
+
export declare const wellknownApi: import("@reduxjs/toolkit/query").Api<import("@reduxjs/toolkit/query").BaseQueryFn<string | import("@reduxjs/toolkit/query").FetchArgs, unknown, import("@reduxjs/toolkit/query").FetchBaseQueryError, {}, import("@reduxjs/toolkit/query").FetchBaseQueryMeta>, {
|
|
4
|
+
configuration: import("@reduxjs/toolkit/query").QueryDefinition<string, import("@reduxjs/toolkit/query").BaseQueryFn<string | import("@reduxjs/toolkit/query").FetchArgs, unknown, import("@reduxjs/toolkit/query").FetchBaseQueryError, {}, import("@reduxjs/toolkit/query").FetchBaseQueryMeta>, never, WellKnownResponse, "wellknown", unknown>;
|
|
5
|
+
}, "wellknown", never, typeof import("@reduxjs/toolkit/query").coreModuleName>;
|
|
6
|
+
export declare function wellknownSelector(wellknownUrl: string, state: RootState): WellKnownResponse | undefined;
|
|
7
|
+
//# sourceMappingURL=wellknown.api.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"wellknown.api.d.ts","sourceRoot":"","sources":["../../../src/lib/wellknown.api.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAEzD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AAEzD,eAAO,MAAM,YAAY;;8EAQvB,CAAC;AAEH,wBAAgB,iBAAiB,CAAC,YAAY,EAAE,MAAM,EAAE,KAAK,EAAE,SAAS,iCAMvE"}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright (c) 2025 Ping Identity Corporation. All rights reserved.
|
|
3
|
+
*
|
|
4
|
+
* This software may be modified and distributed under the terms
|
|
5
|
+
* of the MIT license. See the LICENSE file for details.
|
|
6
|
+
*/
|
|
7
|
+
import { createSelector } from '@reduxjs/toolkit';
|
|
8
|
+
import { createApi, fetchBaseQuery } from '@reduxjs/toolkit/query';
|
|
9
|
+
export const wellknownApi = createApi({
|
|
10
|
+
reducerPath: 'wellknown',
|
|
11
|
+
baseQuery: fetchBaseQuery(),
|
|
12
|
+
endpoints: (builder) => ({
|
|
13
|
+
configuration: builder.query({
|
|
14
|
+
query: (endpoint) => `${endpoint}`,
|
|
15
|
+
}),
|
|
16
|
+
}),
|
|
17
|
+
});
|
|
18
|
+
export function wellknownSelector(wellknownUrl, state) {
|
|
19
|
+
const selector = createSelector(wellknownApi.endpoints.configuration.select(wellknownUrl), (result) => result?.data);
|
|
20
|
+
return selector(state);
|
|
21
|
+
}
|
|
22
|
+
//# sourceMappingURL=wellknown.api.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"wellknown.api.js","sourceRoot":"","sources":["../../../src/lib/wellknown.api.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAMnE,MAAM,CAAC,MAAM,YAAY,GAAG,SAAS,CAAC;IACpC,WAAW,EAAE,WAAW;IACxB,SAAS,EAAE,cAAc,EAAE;IAC3B,SAAS,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QACvB,aAAa,EAAE,OAAO,CAAC,KAAK,CAA4B;YACtD,KAAK,EAAE,CAAC,QAAQ,EAAE,EAAE,CAAC,GAAG,QAAQ,EAAE;SACnC,CAAC;KACH,CAAC;CACH,CAAC,CAAC;AAEH,MAAM,UAAU,iBAAiB,CAAC,YAAoB,EAAE,KAAgB;IACtE,MAAM,QAAQ,GAAG,cAAc,CAC7B,YAAY,CAAC,SAAS,CAAC,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,EACzD,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,IAAI,CACzB,CAAC;IACF,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC;AACzB,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAKA,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,kCAAkC,CAAC;AACjD,cAAc,yBAAyB,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
/* Copyright (c) 2025 Ping Identity Corporation. All rights reserved.
|
|
2
|
+
*
|
|
3
|
+
* This software may be modified and distributed under the terms
|
|
4
|
+
* of the MIT license. See the LICENSE file for details.
|
|
5
|
+
*/
|
|
6
|
+
export * from './lib/client.types.js';
|
|
7
|
+
export * from './lib/config.types.js';
|
|
8
|
+
export * from './lib/authorize.request.types.js';
|
|
9
|
+
export * from './lib/exchange.types.js';
|
|
10
|
+
//# sourceMappingURL=types.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,kCAAkC,CAAC;AACjD,cAAc,yBAAyB,CAAC"}
|