@frontegg/redux-store 7.114.0 → 7.115.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -2,7 +2,7 @@ import _extends from "@babel/runtime/helpers/esm/extends";
2
2
  import { createRandomString, generateCodeChallenge, GTMEventAction, reportGTMEvent } from '../../../helpers';
3
3
  import { HOSTED_LOGIN_VERIFIER_KEY } from '../../../constants';
4
4
  import { getBaseNameWithoutSlashSuffix, getSearchParam, isOauthCallbackRoute, TENANT_ID_PARAM_KEY } from '../helpers';
5
- import { getUri, isSteppedUp } from '../../helpers';
5
+ import { getUri, getUrlDerivedStepUp, isSteppedUp, redirectByStepUpUrl } from '../../helpers';
6
6
  import { SHOULD_STEP_UP_KEY } from '../../StepUpState/consts';
7
7
  import { FronteggNativeModule } from '../../../toolkit';
8
8
  export default ((store, api, sharedActions) => {
@@ -114,7 +114,7 @@ export default ((store, api, sharedActions) => {
114
114
  }
115
115
  };
116
116
  const refreshOrRequestHostedLoginAuthorizeV2 = async payload => {
117
- var _localStorage2, _additionalParams;
117
+ var _additionalParams;
118
118
  const {
119
119
  shouldRedirectToLogin,
120
120
  firstTime,
@@ -123,8 +123,12 @@ export default ((store, api, sharedActions) => {
123
123
  let {
124
124
  additionalParams
125
125
  } = payload != null ? payload : {};
126
- // when the user pause the step up flow we may still have the key in the local storage in hosted - Remove it
127
- (_localStorage2 = localStorage) == null ? void 0 : _localStorage2.removeItem(SHOULD_STEP_UP_KEY);
126
+ const urlDerivedStepUp = getUrlDerivedStepUp();
127
+ const isNativeStepUp = FronteggNativeModule.isGetTokensAvailable() && urlDerivedStepUp.isStepUpRequested;
128
+ if (!isNativeStepUp) {
129
+ var _localStorage2;
130
+ (_localStorage2 = localStorage) == null ? void 0 : _localStorage2.removeItem(SHOULD_STEP_UP_KEY);
131
+ }
128
132
  if (firstTime) {
129
133
  const urlStrategy = store.root.urlStrategy;
130
134
  const activeUri = getUri(urlStrategy);
@@ -146,6 +150,22 @@ export default ((store, api, sharedActions) => {
146
150
  if (((_additionalParams = additionalParams) == null ? void 0 : _additionalParams['prompt']) === 'login') {
147
151
  return await requestHostedLoginAuthorize(additionalParams);
148
152
  }
153
+ if (isNativeStepUp && !isSteppedUp(store.auth.user, {
154
+ maxAge: urlDerivedStepUp.maxAge
155
+ })) {
156
+ const {
157
+ routes,
158
+ onRedirectTo
159
+ } = store.auth;
160
+ if (routes.stepUpUrl && !window.location.href.includes(routes.stepUpUrl)) {
161
+ window.localStorage.setItem(SHOULD_STEP_UP_KEY, 'true');
162
+ actions.setAuthState({
163
+ isLoading: true
164
+ });
165
+ redirectByStepUpUrl(routes.stepUpUrl, onRedirectTo, urlDerivedStepUp.maxAge);
166
+ return;
167
+ }
168
+ }
149
169
  try {
150
170
  if (disableSilentRefresh) {
151
171
  throw new Error('silent refresh is disabled');
@@ -15,6 +15,11 @@ export interface SteppedUpJWTValues {
15
15
  * @returns true when the user is stepped up, false otherwise
16
16
  */
17
17
  export declare const isSteppedUp: (user?: SteppedUpJWTValues | null, { maxAge }?: IsSteppedUpOptions) => boolean;
18
+ export interface UrlDerivedStepUp {
19
+ isStepUpRequested: boolean;
20
+ maxAge?: number;
21
+ }
22
+ export declare const getUrlDerivedStepUp: () => UrlDerivedStepUp;
18
23
  /**
19
24
  * Set the url and query params in the local storage FRONTEGG_AFTER_AUTH_REDIRECT_URL value
20
25
  */
@@ -16,16 +16,38 @@ export const isSteppedUp = (user, {
16
16
  acr = '',
17
17
  auth_time
18
18
  } = user;
19
- if (maxAge && auth_time) {
20
- // when user is logged in for a long time (more than maxAge, but jwt is still valid because it's not refreshed yet)
21
- const isMaxAgeValid = Date.now() / 1000 - auth_time <= maxAge;
22
- if (!isMaxAgeValid) return false;
19
+ if (maxAge) {
20
+ // max_age requires a verifiable, fresh auth_time; a missing or stale one is not stepped up.
21
+ if (!auth_time || Date.now() / 1000 - auth_time > maxAge) {
22
+ return false;
23
+ }
23
24
  }
24
25
  const isACRValid = acr === ACR_VALUE;
25
26
  const isAMRIncludesMFA = amr.indexOf(AMR_MFA_VALUE) !== -1;
26
27
  const isAMRIncludesMethod = AMR_ADDITIONAL_VALUE.find(method => amr.indexOf(method)) !== undefined;
27
28
  return isACRValid && isAMRIncludesMFA && isAMRIncludesMethod;
28
29
  };
30
+ export const getUrlDerivedStepUp = () => {
31
+ if (typeof window === 'undefined') {
32
+ return {
33
+ isStepUpRequested: false
34
+ };
35
+ }
36
+ try {
37
+ const params = new URLSearchParams(window.location.search);
38
+ const acrValues = params.get('acr_values');
39
+ const maxAgeParam = params.get('max_age');
40
+ const maxAge = maxAgeParam !== null && maxAgeParam !== '' ? Number(maxAgeParam) : undefined;
41
+ return {
42
+ isStepUpRequested: acrValues === ACR_VALUE,
43
+ maxAge: maxAge !== undefined && Number.isFinite(maxAge) ? maxAge : undefined
44
+ };
45
+ } catch {
46
+ return {
47
+ isStepUpRequested: false
48
+ };
49
+ }
50
+ };
29
51
 
30
52
  /**
31
53
  * Set the url and query params in the local storage FRONTEGG_AFTER_AUTH_REDIRECT_URL value
package/index.js CHANGED
@@ -1,4 +1,4 @@
1
- /** @license Frontegg v7.114.0
1
+ /** @license Frontegg v7.115.0
2
2
  *
3
3
  * This source code is licensed under the MIT license found in the
4
4
  * LICENSE file in the root directory of this source tree.
@@ -121,7 +121,7 @@ var _default = (store, api, sharedActions) => {
121
121
  }
122
122
  };
123
123
  const refreshOrRequestHostedLoginAuthorizeV2 = async payload => {
124
- var _localStorage2, _additionalParams;
124
+ var _additionalParams;
125
125
  const {
126
126
  shouldRedirectToLogin,
127
127
  firstTime,
@@ -130,8 +130,12 @@ var _default = (store, api, sharedActions) => {
130
130
  let {
131
131
  additionalParams
132
132
  } = payload != null ? payload : {};
133
- // when the user pause the step up flow we may still have the key in the local storage in hosted - Remove it
134
- (_localStorage2 = localStorage) == null ? void 0 : _localStorage2.removeItem(_consts.SHOULD_STEP_UP_KEY);
133
+ const urlDerivedStepUp = (0, _helpers3.getUrlDerivedStepUp)();
134
+ const isNativeStepUp = _toolkit.FronteggNativeModule.isGetTokensAvailable() && urlDerivedStepUp.isStepUpRequested;
135
+ if (!isNativeStepUp) {
136
+ var _localStorage2;
137
+ (_localStorage2 = localStorage) == null ? void 0 : _localStorage2.removeItem(_consts.SHOULD_STEP_UP_KEY);
138
+ }
135
139
  if (firstTime) {
136
140
  const urlStrategy = store.root.urlStrategy;
137
141
  const activeUri = (0, _helpers3.getUri)(urlStrategy);
@@ -153,6 +157,22 @@ var _default = (store, api, sharedActions) => {
153
157
  if (((_additionalParams = additionalParams) == null ? void 0 : _additionalParams['prompt']) === 'login') {
154
158
  return await requestHostedLoginAuthorize(additionalParams);
155
159
  }
160
+ if (isNativeStepUp && !(0, _helpers3.isSteppedUp)(store.auth.user, {
161
+ maxAge: urlDerivedStepUp.maxAge
162
+ })) {
163
+ const {
164
+ routes,
165
+ onRedirectTo
166
+ } = store.auth;
167
+ if (routes.stepUpUrl && !window.location.href.includes(routes.stepUpUrl)) {
168
+ window.localStorage.setItem(_consts.SHOULD_STEP_UP_KEY, 'true');
169
+ actions.setAuthState({
170
+ isLoading: true
171
+ });
172
+ (0, _helpers3.redirectByStepUpUrl)(routes.stepUpUrl, onRedirectTo, urlDerivedStepUp.maxAge);
173
+ return;
174
+ }
175
+ }
156
176
  try {
157
177
  if (disableSilentRefresh) {
158
178
  throw new Error('silent refresh is disabled');
@@ -3,7 +3,7 @@
3
3
  Object.defineProperty(exports, "__esModule", {
4
4
  value: true
5
5
  });
6
- exports.redirectByStepUpUrl = exports.isSteppedUp = void 0;
6
+ exports.redirectByStepUpUrl = exports.isSteppedUp = exports.getUrlDerivedStepUp = void 0;
7
7
  exports.setAfterAuthRedirectUrlForStepUp = setAfterAuthRedirectUrlForStepUp;
8
8
  var _constants = require("../../constants");
9
9
  var _consts = require("./consts");
@@ -23,21 +23,44 @@ const isSteppedUp = (user, {
23
23
  acr = '',
24
24
  auth_time
25
25
  } = user;
26
- if (maxAge && auth_time) {
27
- // when user is logged in for a long time (more than maxAge, but jwt is still valid because it's not refreshed yet)
28
- const isMaxAgeValid = Date.now() / 1000 - auth_time <= maxAge;
29
- if (!isMaxAgeValid) return false;
26
+ if (maxAge) {
27
+ // max_age requires a verifiable, fresh auth_time; a missing or stale one is not stepped up.
28
+ if (!auth_time || Date.now() / 1000 - auth_time > maxAge) {
29
+ return false;
30
+ }
30
31
  }
31
32
  const isACRValid = acr === _consts.ACR_VALUE;
32
33
  const isAMRIncludesMFA = amr.indexOf(_consts.AMR_MFA_VALUE) !== -1;
33
34
  const isAMRIncludesMethod = _consts.AMR_ADDITIONAL_VALUE.find(method => amr.indexOf(method)) !== undefined;
34
35
  return isACRValid && isAMRIncludesMFA && isAMRIncludesMethod;
35
36
  };
37
+ exports.isSteppedUp = isSteppedUp;
38
+ const getUrlDerivedStepUp = () => {
39
+ if (typeof window === 'undefined') {
40
+ return {
41
+ isStepUpRequested: false
42
+ };
43
+ }
44
+ try {
45
+ const params = new URLSearchParams(window.location.search);
46
+ const acrValues = params.get('acr_values');
47
+ const maxAgeParam = params.get('max_age');
48
+ const maxAge = maxAgeParam !== null && maxAgeParam !== '' ? Number(maxAgeParam) : undefined;
49
+ return {
50
+ isStepUpRequested: acrValues === _consts.ACR_VALUE,
51
+ maxAge: maxAge !== undefined && Number.isFinite(maxAge) ? maxAge : undefined
52
+ };
53
+ } catch {
54
+ return {
55
+ isStepUpRequested: false
56
+ };
57
+ }
58
+ };
36
59
 
37
60
  /**
38
61
  * Set the url and query params in the local storage FRONTEGG_AFTER_AUTH_REDIRECT_URL value
39
62
  */
40
- exports.isSteppedUp = isSteppedUp;
63
+ exports.getUrlDerivedStepUp = getUrlDerivedStepUp;
41
64
  function setAfterAuthRedirectUrlForStepUp() {
42
65
  const encodedRedirectUrl = window.location.pathname + window.location.search;
43
66
  window.localStorage.setItem(_constants.FRONTEGG_AFTER_AUTH_REDIRECT_URL, encodedRedirectUrl);
package/node/index.js CHANGED
@@ -1,4 +1,4 @@
1
- /** @license Frontegg v7.114.0
1
+ /** @license Frontegg v7.115.0
2
2
  *
3
3
  * This source code is licensed under the MIT license found in the
4
4
  * LICENSE file in the root directory of this source tree.
package/package.json CHANGED
@@ -1,13 +1,13 @@
1
1
  {
2
2
  "name": "@frontegg/redux-store",
3
- "version": "7.114.0",
3
+ "version": "7.115.0",
4
4
  "main": "./node/index.js",
5
5
  "license": "MIT",
6
6
  "author": "Frontegg LTD",
7
7
  "dependencies": {
8
8
  "@babel/runtime": "^7.18.6",
9
9
  "@frontegg/entitlements-javascript-commons": "1.1.2",
10
- "@frontegg/rest-api": "7.114.0",
10
+ "@frontegg/rest-api": "7.115.0",
11
11
  "fast-deep-equal": "3.1.3",
12
12
  "get-value": "^3.0.1",
13
13
  "proxy-compare": "^3.0.0",