@frontegg/redux-store 7.114.0 → 7.115.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/auth/LoginState/actions/hostedLoginAuthorize.actions.js +24 -4
- package/auth/StepUpState/helpers.d.ts +5 -0
- package/auth/StepUpState/helpers.js +26 -4
- package/index.js +1 -1
- package/node/auth/LoginState/actions/hostedLoginAuthorize.actions.js +23 -3
- package/node/auth/StepUpState/helpers.js +29 -6
- package/node/index.js +1 -1
- package/package.json +2 -2
|
@@ -2,7 +2,7 @@ import _extends from "@babel/runtime/helpers/esm/extends";
|
|
|
2
2
|
import { createRandomString, generateCodeChallenge, GTMEventAction, reportGTMEvent } from '../../../helpers';
|
|
3
3
|
import { HOSTED_LOGIN_VERIFIER_KEY } from '../../../constants';
|
|
4
4
|
import { getBaseNameWithoutSlashSuffix, getSearchParam, isOauthCallbackRoute, TENANT_ID_PARAM_KEY } from '../helpers';
|
|
5
|
-
import { getUri, isSteppedUp } from '../../helpers';
|
|
5
|
+
import { getUri, getUrlDerivedStepUp, isSteppedUp, redirectByStepUpUrl } from '../../helpers';
|
|
6
6
|
import { SHOULD_STEP_UP_KEY } from '../../StepUpState/consts';
|
|
7
7
|
import { FronteggNativeModule } from '../../../toolkit';
|
|
8
8
|
export default ((store, api, sharedActions) => {
|
|
@@ -114,7 +114,7 @@ export default ((store, api, sharedActions) => {
|
|
|
114
114
|
}
|
|
115
115
|
};
|
|
116
116
|
const refreshOrRequestHostedLoginAuthorizeV2 = async payload => {
|
|
117
|
-
var
|
|
117
|
+
var _additionalParams;
|
|
118
118
|
const {
|
|
119
119
|
shouldRedirectToLogin,
|
|
120
120
|
firstTime,
|
|
@@ -123,8 +123,12 @@ export default ((store, api, sharedActions) => {
|
|
|
123
123
|
let {
|
|
124
124
|
additionalParams
|
|
125
125
|
} = payload != null ? payload : {};
|
|
126
|
-
|
|
127
|
-
|
|
126
|
+
const urlDerivedStepUp = getUrlDerivedStepUp();
|
|
127
|
+
const isNativeStepUp = FronteggNativeModule.isGetTokensAvailable() && urlDerivedStepUp.isStepUpRequested;
|
|
128
|
+
if (!isNativeStepUp) {
|
|
129
|
+
var _localStorage2;
|
|
130
|
+
(_localStorage2 = localStorage) == null ? void 0 : _localStorage2.removeItem(SHOULD_STEP_UP_KEY);
|
|
131
|
+
}
|
|
128
132
|
if (firstTime) {
|
|
129
133
|
const urlStrategy = store.root.urlStrategy;
|
|
130
134
|
const activeUri = getUri(urlStrategy);
|
|
@@ -146,6 +150,22 @@ export default ((store, api, sharedActions) => {
|
|
|
146
150
|
if (((_additionalParams = additionalParams) == null ? void 0 : _additionalParams['prompt']) === 'login') {
|
|
147
151
|
return await requestHostedLoginAuthorize(additionalParams);
|
|
148
152
|
}
|
|
153
|
+
if (isNativeStepUp && !isSteppedUp(store.auth.user, {
|
|
154
|
+
maxAge: urlDerivedStepUp.maxAge
|
|
155
|
+
})) {
|
|
156
|
+
const {
|
|
157
|
+
routes,
|
|
158
|
+
onRedirectTo
|
|
159
|
+
} = store.auth;
|
|
160
|
+
if (routes.stepUpUrl && !window.location.href.includes(routes.stepUpUrl)) {
|
|
161
|
+
window.localStorage.setItem(SHOULD_STEP_UP_KEY, 'true');
|
|
162
|
+
actions.setAuthState({
|
|
163
|
+
isLoading: true
|
|
164
|
+
});
|
|
165
|
+
redirectByStepUpUrl(routes.stepUpUrl, onRedirectTo, urlDerivedStepUp.maxAge);
|
|
166
|
+
return;
|
|
167
|
+
}
|
|
168
|
+
}
|
|
149
169
|
try {
|
|
150
170
|
if (disableSilentRefresh) {
|
|
151
171
|
throw new Error('silent refresh is disabled');
|
|
@@ -15,6 +15,11 @@ export interface SteppedUpJWTValues {
|
|
|
15
15
|
* @returns true when the user is stepped up, false otherwise
|
|
16
16
|
*/
|
|
17
17
|
export declare const isSteppedUp: (user?: SteppedUpJWTValues | null, { maxAge }?: IsSteppedUpOptions) => boolean;
|
|
18
|
+
export interface UrlDerivedStepUp {
|
|
19
|
+
isStepUpRequested: boolean;
|
|
20
|
+
maxAge?: number;
|
|
21
|
+
}
|
|
22
|
+
export declare const getUrlDerivedStepUp: () => UrlDerivedStepUp;
|
|
18
23
|
/**
|
|
19
24
|
* Set the url and query params in the local storage FRONTEGG_AFTER_AUTH_REDIRECT_URL value
|
|
20
25
|
*/
|
|
@@ -16,16 +16,38 @@ export const isSteppedUp = (user, {
|
|
|
16
16
|
acr = '',
|
|
17
17
|
auth_time
|
|
18
18
|
} = user;
|
|
19
|
-
if (maxAge
|
|
20
|
-
//
|
|
21
|
-
|
|
22
|
-
|
|
19
|
+
if (maxAge) {
|
|
20
|
+
// max_age requires a verifiable, fresh auth_time; a missing or stale one is not stepped up.
|
|
21
|
+
if (!auth_time || Date.now() / 1000 - auth_time > maxAge) {
|
|
22
|
+
return false;
|
|
23
|
+
}
|
|
23
24
|
}
|
|
24
25
|
const isACRValid = acr === ACR_VALUE;
|
|
25
26
|
const isAMRIncludesMFA = amr.indexOf(AMR_MFA_VALUE) !== -1;
|
|
26
27
|
const isAMRIncludesMethod = AMR_ADDITIONAL_VALUE.find(method => amr.indexOf(method)) !== undefined;
|
|
27
28
|
return isACRValid && isAMRIncludesMFA && isAMRIncludesMethod;
|
|
28
29
|
};
|
|
30
|
+
export const getUrlDerivedStepUp = () => {
|
|
31
|
+
if (typeof window === 'undefined') {
|
|
32
|
+
return {
|
|
33
|
+
isStepUpRequested: false
|
|
34
|
+
};
|
|
35
|
+
}
|
|
36
|
+
try {
|
|
37
|
+
const params = new URLSearchParams(window.location.search);
|
|
38
|
+
const acrValues = params.get('acr_values');
|
|
39
|
+
const maxAgeParam = params.get('max_age');
|
|
40
|
+
const maxAge = maxAgeParam !== null && maxAgeParam !== '' ? Number(maxAgeParam) : undefined;
|
|
41
|
+
return {
|
|
42
|
+
isStepUpRequested: acrValues === ACR_VALUE,
|
|
43
|
+
maxAge: maxAge !== undefined && Number.isFinite(maxAge) ? maxAge : undefined
|
|
44
|
+
};
|
|
45
|
+
} catch {
|
|
46
|
+
return {
|
|
47
|
+
isStepUpRequested: false
|
|
48
|
+
};
|
|
49
|
+
}
|
|
50
|
+
};
|
|
29
51
|
|
|
30
52
|
/**
|
|
31
53
|
* Set the url and query params in the local storage FRONTEGG_AFTER_AUTH_REDIRECT_URL value
|
package/index.js
CHANGED
|
@@ -121,7 +121,7 @@ var _default = (store, api, sharedActions) => {
|
|
|
121
121
|
}
|
|
122
122
|
};
|
|
123
123
|
const refreshOrRequestHostedLoginAuthorizeV2 = async payload => {
|
|
124
|
-
var
|
|
124
|
+
var _additionalParams;
|
|
125
125
|
const {
|
|
126
126
|
shouldRedirectToLogin,
|
|
127
127
|
firstTime,
|
|
@@ -130,8 +130,12 @@ var _default = (store, api, sharedActions) => {
|
|
|
130
130
|
let {
|
|
131
131
|
additionalParams
|
|
132
132
|
} = payload != null ? payload : {};
|
|
133
|
-
|
|
134
|
-
|
|
133
|
+
const urlDerivedStepUp = (0, _helpers3.getUrlDerivedStepUp)();
|
|
134
|
+
const isNativeStepUp = _toolkit.FronteggNativeModule.isGetTokensAvailable() && urlDerivedStepUp.isStepUpRequested;
|
|
135
|
+
if (!isNativeStepUp) {
|
|
136
|
+
var _localStorage2;
|
|
137
|
+
(_localStorage2 = localStorage) == null ? void 0 : _localStorage2.removeItem(_consts.SHOULD_STEP_UP_KEY);
|
|
138
|
+
}
|
|
135
139
|
if (firstTime) {
|
|
136
140
|
const urlStrategy = store.root.urlStrategy;
|
|
137
141
|
const activeUri = (0, _helpers3.getUri)(urlStrategy);
|
|
@@ -153,6 +157,22 @@ var _default = (store, api, sharedActions) => {
|
|
|
153
157
|
if (((_additionalParams = additionalParams) == null ? void 0 : _additionalParams['prompt']) === 'login') {
|
|
154
158
|
return await requestHostedLoginAuthorize(additionalParams);
|
|
155
159
|
}
|
|
160
|
+
if (isNativeStepUp && !(0, _helpers3.isSteppedUp)(store.auth.user, {
|
|
161
|
+
maxAge: urlDerivedStepUp.maxAge
|
|
162
|
+
})) {
|
|
163
|
+
const {
|
|
164
|
+
routes,
|
|
165
|
+
onRedirectTo
|
|
166
|
+
} = store.auth;
|
|
167
|
+
if (routes.stepUpUrl && !window.location.href.includes(routes.stepUpUrl)) {
|
|
168
|
+
window.localStorage.setItem(_consts.SHOULD_STEP_UP_KEY, 'true');
|
|
169
|
+
actions.setAuthState({
|
|
170
|
+
isLoading: true
|
|
171
|
+
});
|
|
172
|
+
(0, _helpers3.redirectByStepUpUrl)(routes.stepUpUrl, onRedirectTo, urlDerivedStepUp.maxAge);
|
|
173
|
+
return;
|
|
174
|
+
}
|
|
175
|
+
}
|
|
156
176
|
try {
|
|
157
177
|
if (disableSilentRefresh) {
|
|
158
178
|
throw new Error('silent refresh is disabled');
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.redirectByStepUpUrl = exports.isSteppedUp = void 0;
|
|
6
|
+
exports.redirectByStepUpUrl = exports.isSteppedUp = exports.getUrlDerivedStepUp = void 0;
|
|
7
7
|
exports.setAfterAuthRedirectUrlForStepUp = setAfterAuthRedirectUrlForStepUp;
|
|
8
8
|
var _constants = require("../../constants");
|
|
9
9
|
var _consts = require("./consts");
|
|
@@ -23,21 +23,44 @@ const isSteppedUp = (user, {
|
|
|
23
23
|
acr = '',
|
|
24
24
|
auth_time
|
|
25
25
|
} = user;
|
|
26
|
-
if (maxAge
|
|
27
|
-
//
|
|
28
|
-
|
|
29
|
-
|
|
26
|
+
if (maxAge) {
|
|
27
|
+
// max_age requires a verifiable, fresh auth_time; a missing or stale one is not stepped up.
|
|
28
|
+
if (!auth_time || Date.now() / 1000 - auth_time > maxAge) {
|
|
29
|
+
return false;
|
|
30
|
+
}
|
|
30
31
|
}
|
|
31
32
|
const isACRValid = acr === _consts.ACR_VALUE;
|
|
32
33
|
const isAMRIncludesMFA = amr.indexOf(_consts.AMR_MFA_VALUE) !== -1;
|
|
33
34
|
const isAMRIncludesMethod = _consts.AMR_ADDITIONAL_VALUE.find(method => amr.indexOf(method)) !== undefined;
|
|
34
35
|
return isACRValid && isAMRIncludesMFA && isAMRIncludesMethod;
|
|
35
36
|
};
|
|
37
|
+
exports.isSteppedUp = isSteppedUp;
|
|
38
|
+
const getUrlDerivedStepUp = () => {
|
|
39
|
+
if (typeof window === 'undefined') {
|
|
40
|
+
return {
|
|
41
|
+
isStepUpRequested: false
|
|
42
|
+
};
|
|
43
|
+
}
|
|
44
|
+
try {
|
|
45
|
+
const params = new URLSearchParams(window.location.search);
|
|
46
|
+
const acrValues = params.get('acr_values');
|
|
47
|
+
const maxAgeParam = params.get('max_age');
|
|
48
|
+
const maxAge = maxAgeParam !== null && maxAgeParam !== '' ? Number(maxAgeParam) : undefined;
|
|
49
|
+
return {
|
|
50
|
+
isStepUpRequested: acrValues === _consts.ACR_VALUE,
|
|
51
|
+
maxAge: maxAge !== undefined && Number.isFinite(maxAge) ? maxAge : undefined
|
|
52
|
+
};
|
|
53
|
+
} catch {
|
|
54
|
+
return {
|
|
55
|
+
isStepUpRequested: false
|
|
56
|
+
};
|
|
57
|
+
}
|
|
58
|
+
};
|
|
36
59
|
|
|
37
60
|
/**
|
|
38
61
|
* Set the url and query params in the local storage FRONTEGG_AFTER_AUTH_REDIRECT_URL value
|
|
39
62
|
*/
|
|
40
|
-
exports.
|
|
63
|
+
exports.getUrlDerivedStepUp = getUrlDerivedStepUp;
|
|
41
64
|
function setAfterAuthRedirectUrlForStepUp() {
|
|
42
65
|
const encodedRedirectUrl = window.location.pathname + window.location.search;
|
|
43
66
|
window.localStorage.setItem(_constants.FRONTEGG_AFTER_AUTH_REDIRECT_URL, encodedRedirectUrl);
|
package/node/index.js
CHANGED
package/package.json
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@frontegg/redux-store",
|
|
3
|
-
"version": "7.
|
|
3
|
+
"version": "7.115.0",
|
|
4
4
|
"main": "./node/index.js",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"author": "Frontegg LTD",
|
|
7
7
|
"dependencies": {
|
|
8
8
|
"@babel/runtime": "^7.18.6",
|
|
9
9
|
"@frontegg/entitlements-javascript-commons": "1.1.2",
|
|
10
|
-
"@frontegg/rest-api": "7.
|
|
10
|
+
"@frontegg/rest-api": "7.115.0",
|
|
11
11
|
"fast-deep-equal": "3.1.3",
|
|
12
12
|
"get-value": "^3.0.1",
|
|
13
13
|
"proxy-compare": "^3.0.0",
|