@forgerock/sdk-oidc 1.2.0 → 1.3.0

package/src/lib/state-pkce.test.ts

@@ -0,0 +1,121 @@
+/*
+ * Copyright (c) 2025 Ping Identity Corporation. All rights reserved.
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+import { describe, expect, it, beforeEach } from 'vitest';
+import {
+  generateAndStoreAuthUrlValues,
+  getStorageKey,
+  getStoredAuthUrlValues,
+} from './state-pkce.effects.js';
+import type { GenerateAndStoreAuthUrlValues } from '@forgerock/sdk-types';
+
+const mockSessionStorage = (() => {
+  let store: { [key: string]: string } = {};
+  return {
+    getItem: (key: string) => store[key] || null,
+    setItem: (key: string, value: string) => {
+      store[key] = value;
+    },
+    removeItem: (key: string) => {
+      delete store[key];
+    },
+    clear: () => {
+      store = {};
+    },
+    length: 0,
+    key: (index: number) => Object.keys(store)[index] || null,
+  };
+})();
+
+describe('PKCE', () => {
+  beforeEach(() => {
+    if (typeof sessionStorage === 'undefined') {
+      global.sessionStorage = mockSessionStorage;
+    }
+
+    sessionStorage.clear();
+  });
+
+  const mockOptions: GenerateAndStoreAuthUrlValues = {
+    clientId: 'test-client',
+    redirectUri: 'http://localhost:8080',
+    scope: 'openid profile',
+    responseType: 'code',
+  };
+
+  describe('getStorageKey', () => {
+    const clientId = 'test-client-id';
+
+    it('should generate storage key with default prefix', () => {
+      const key = getStorageKey(clientId);
+      expect(key).toBe('FR-SDK-authflow-test-client-id');
+    });
+
+    it('should generate storage key with custom prefix', () => {
+      const customPrefix = 'CUSTOM';
+      const key = getStorageKey(clientId, customPrefix);
+      expect(key).toBe('CUSTOM-authflow-test-client-id');
+    });
+  });
+
+  describe('generateAndStoreAuthUrlValues', () => {
+    it('should generate PKCE values', () => {
+      const [options] = generateAndStoreAuthUrlValues(mockOptions);
+
+      expect(options).toBeDefined();
+      expect(options).toHaveProperty('state');
+      expect(options).toHaveProperty('verifier');
+    });
+
+    it('should store options in sessionStorage when storage function is called', () => {
+      const [options, storeAuthUrl] = generateAndStoreAuthUrlValues(mockOptions);
+      storeAuthUrl();
+
+      const storageKey = getStorageKey(mockOptions.clientId, mockOptions.prefix);
+      const storedValue = sessionStorage.getItem(storageKey);
+      expect(storedValue).toBeDefined();
+
+      const parsedValue = JSON.parse(storedValue as string);
+      expect(parsedValue).toEqual(options);
+    });
+  });
+
+  describe('getStoredAuthUrlValues', () => {
+    it('should retrieve and parse stored values', () => {
+      const [options, storeAuthUrl] = generateAndStoreAuthUrlValues(mockOptions);
+      storeAuthUrl();
+
+      const storedValues = getStoredAuthUrlValues(mockOptions.clientId, mockOptions.prefix);
+      expect(storedValues).toEqual(options);
+    });
+
+    it('should remove values from storage after retrieval', () => {
+      const [, storeAuthUrl] = generateAndStoreAuthUrlValues(mockOptions);
+      storeAuthUrl();
+
+      const storageKey = getStorageKey(mockOptions.clientId, mockOptions.prefix);
+
+      // Verify value exists before retrieval
+      expect(sessionStorage.getItem(storageKey)).toBeDefined();
+
+      // Retrieve values
+      getStoredAuthUrlValues(mockOptions.clientId, mockOptions.prefix);
+
+      // Verify value was removed
+      expect(sessionStorage.getItem(storageKey)).toBeNull();
+    });
+
+    it('should throw error when stored values cannot be parsed', () => {
+      const storageKey = getStorageKey(mockOptions.clientId, mockOptions.prefix);
+      sessionStorage.setItem(storageKey, 'invalid json');
+
+      expect(() => getStoredAuthUrlValues(mockOptions.clientId, mockOptions.prefix)).toThrow(
+        'Stored values for Auth URL could not be parsed',
+      );
+    });
+  });
+});

package/dist/src/lib/authorize.types.d.ts

@@ -1,25 +0,0 @@
-import type { LegacyConfigOptions } from '@forgerock/sdk-types';
-/**
- * Define the options for the authorization URL
- * @param clientId The client ID of the application
- * @param redirectUri The redirect URI of the application
- * @param responseType The response type of the authorization request
- * @param scope The scope of the authorization request
- */
-export type ResponseType = 'code' | 'token';
-export interface GetAuthorizationUrlOptions extends LegacyConfigOptions {
-    /**
-     * These three properties clientid, scope and redirectUri are required
-     * when using this type, which are not required when defining Config.
-     */
-    clientId: string;
-    login?: 'redirect' | 'embedded';
-    scope: string;
-    redirectUri: string;
-    responseType: ResponseType;
-    state?: string;
-    verifier?: string;
-    query?: Record<string, string>;
-    prompt?: 'none' | 'login' | 'consent';
-}
-//# sourceMappingURL=authorize.types.d.ts.map

package/dist/src/lib/authorize.types.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"authorize.types.d.ts","sourceRoot":"","sources":["../../../src/lib/authorize.types.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAEhE;;;;;;GAMG;AACH,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,OAAO,CAAC;AAC5C,MAAM,WAAW,0BAA2B,SAAQ,mBAAmB;IACrE;;;OAGG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,UAAU,GAAG,UAAU,CAAC;IAChC,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,YAAY,CAAC;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC/B,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,SAAS,CAAC;CACvC"}

package/dist/src/lib/authorize.types.js

@@ -1,7 +0,0 @@
-/*
- * Copyright (c) 2025 Ping Identity Corporation. All rights reserved.
- *
- * This software may be modified and distributed under the terms
- * of the MIT license. See the LICENSE file for details.
- */
-export {};

package/dist/src/lib/index.d.ts

@@ -1,3 +0,0 @@
-export * from './authorize.effects.js';
-export * from './state-pkce.effects.js';
-//# sourceMappingURL=index.d.ts.map

package/dist/src/lib/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/lib/index.ts"],"names":[],"mappings":"AAOA,cAAc,wBAAwB,CAAC;AACvC,cAAc,yBAAyB,CAAC"}

package/dist/src/lib/index.js

@@ -1,8 +0,0 @@
-/*
- * Copyright (c) 2025 Ping Identity Corporation. All rights reserved.
- *
- * This software may be modified and distributed under the terms
- * of the MIT license. See the LICENSE file for details.
- */
-export * from './authorize.effects.js';
-export * from './state-pkce.effects.js';

package/src/lib/authorize.types.ts

@@ -1,32 +0,0 @@
-/*
- * Copyright (c) 2025 Ping Identity Corporation. All rights reserved.
- *
- * This software may be modified and distributed under the terms
- * of the MIT license. See the LICENSE file for details.
- */
-
-import type { LegacyConfigOptions } from '@forgerock/sdk-types';
-
-/**
- * Define the options for the authorization URL
- * @param clientId The client ID of the application
- * @param redirectUri The redirect URI of the application
- * @param responseType The response type of the authorization request
- * @param scope The scope of the authorization request
- */
-export type ResponseType = 'code' | 'token';
-export interface GetAuthorizationUrlOptions extends LegacyConfigOptions {
-  /**
-   * These three properties clientid, scope and redirectUri are required
-   * when using this type, which are not required when defining Config.
-   */
-  clientId: string;
-  login?: 'redirect' | 'embedded';
-  scope: string;
-  redirectUri: string;
-  responseType: ResponseType;
-  state?: string;
-  verifier?: string;
-  query?: Record<string, string>;
-  prompt?: 'none' | 'login' | 'consent';
-}

package/src/lib/index.ts

@@ -1,9 +0,0 @@
-/*
- * Copyright (c) 2025 Ping Identity Corporation. All rights reserved.
- *
- * This software may be modified and distributed under the terms
- * of the MIT license. See the LICENSE file for details.
- */
-
-export * from './authorize.effects.js';
-export * from './state-pkce.effects.js';