@functionalcms/svelte-components 2.35.0 → 2.35.2

package/dist/auth/authenticationHandle.js

@@ -1,14 +1,12 @@
 import {} from '@sveltejs/kit';
 const authSessionCookieName = `auth_session`;
-const returnPageCookieName = `returnTo`;
-const logout = async (cookies, token, provider, sessionProvider, afterLogoutPath = '/') => {
+const logout = async (cookies, sessionProvider, afterLogoutPath = '/') => {
     const headers = new Headers();
     const state = cookies.get(authSessionCookieName);
     if (state) {
         cookies.delete('auth_session', { path: '/' });
         const sid = cookies.get('auth_session');
         await sessionProvider.deleteSession(sid);
-        await provider.logout(token);
         headers.append('Set-Cookie', `${authSessionCookieName}=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;`);
         headers.append('Location', afterLogoutPath);
     }
@@ -26,10 +24,11 @@ const createUserSession = async (provider, event, sessionProvider) => {
         event.locals.session = session;
         event.locals.accessToken = token.access_token;
         const sessionId = await sessionProvider.createSession({ session, token }, token.expires_in);
-        const retrunToAddress = event.cookies.get("lastPage");
-        headers.append('Location', lastPage != '' ? retrunToAddress : provider.redirectPath);
-        headers.append('Set-Cookie', `${authSessionCookieName}=${sessionId}; HttpOnly; Secure; SameSite=Lax; Max-Age=3600; Path=/`);
-        headers.append('Set-Cookie', `${returnPageCookieName}=; HttpOnly; Secure; SameSite=Lax; Max-Age=${token.expires_in + 120}; Path=/`);
+        const retrunToAddress = event.cookies.get("retrunToAddress");
+        headers.append('Location', retrunToAddress != '' ? retrunToAddress : provider.redirectPath);
+        headers.append('Set-Cookie', `${authSessionCookieName}=${sessionId}; HttpOnly; Secure; SameSite=Lax; Max-Age=${token.expires_in + 120}; Path=/`);
+        headers.append('Set-Cookie', `retrunToAddress=; HttpOnly; Secure; SameSite=Lax; Max-Age=${token.expires_in + 120}; Path=/`);
+        // `${authSessionCookieName}=${sessionId}; HttpOnly; Secure; SameSite=Lax; Max-Age=${token.expires_in}; Path=/`);
     }
     else {
         headers.append('Location', '/');
@@ -56,7 +55,7 @@ export const authenticationHandle = (provider, sessionProvider) => {
         //logout
         if (event.url.pathname === '/auth/logout') {
             // await provider.logout();
-            const headers = await logout(event.cookies, event.locals.token, provider, sessionProvider);
+            const headers = await logout(event.cookies, sessionProvider);
             return new Response('Logging Out...', { status: 303, headers });
         }
         // login

package/dist/auth/authorizationHandle.d.ts

@@ -1,3 +1,3 @@
 import { type Handle } from '@sveltejs/kit';
-declare const authorizationHandle: () => Handle;
+declare const authorizationHandle: (protectedPaths: Array<string>) => Handle;
 export default authorizationHandle;

package/dist/auth/authorizationHandle.js

@@ -1,21 +1,22 @@
 import { redirect } from '@sveltejs/kit';
-const authorizationHandle = () => {
+const authorizationHandle = (protectedPaths) => {
     return async ({ event, resolve }) => {
         const path = event.url.pathname;
         if (path.startsWith('/auth/') === false) {
-            const route = event.route;
-            if (route.id.includes('/(protect)/')) {
-                const session = event?.locals?.session;
-                if (!session) {
-                    const cookieHeader = `lastPage=${event.url.toString()}; HttpOnly; Secure; SameSite=Lax; Max-Age=3600; Path=/`;
-                    return new Response('Login user', {
-                        status: 303,
-                        headers: {
-                            location: '/auth/validate',
-                            'set-cookie': cookieHeader,
-                            referrer: event.url.toString()
-                        }
-                    });
+            for (let protectedPath of protectedPaths) {
+                if (path.match(protectedPath)) {
+                    const session = event?.locals?.session;
+                    if (!session) {
+                        const cookieHeader = `retrunToAddress=${event.url.toString()}; HttpOnly; Secure; SameSite=Lax; Max-Age=3600; Path=/`;
+                        return new Response('Login user', {
+                            status: 303,
+                            headers: {
+                                location: '/auth/validate',
+                                'set-cookie': cookieHeader,
+                                referrer: event.url.toString()
+                            }
+                        });
+                    }
                 }
             }
         }

package/dist/auth/machineAuthenticationProvider.d.ts

@@ -3,6 +3,5 @@ export declare const machineAuthenticationProvider: (scope?: string, redirectPat
     getAuthIdentity: (domain: string) => Promise<any>;
     getValidation: (event: any) => Promise<Token>;
     getUser: (token: Token) => Promise<any>;
-    logout: (token: Token) => Promise<void>;
     redirectPath: string;
 };

package/dist/auth/machineAuthenticationProvider.js

@@ -3,19 +3,7 @@ const authStateCookieName = 'auth_state';
 const stateIdGenerator = () => crypto.randomUUID();
 const getKeycloakIdentity = async (issuer, client_id, scope, redirectUrl) => {
     const state = stateIdGenerator();
-    const cookieHeader = `${authStateCookieName}=${state}; HttpOnly; Secure; SameSite=Lax; Max-Age=3600; Path=/`;
-    // const code_challenge = await o.calculatePKCECodeChallenge(state);
-    // const authorizationUrlSearchParams = new URLSearchParams({
-    //     client_id: client_id,
-    //     redirect_uri: redirectUrl,
-    //     response_type: 'code',
-    //     state,
-    //     scope,
-    //     code_challenge
-    // });
-    // const authorizationUrl = `${issuer}/protocol/openid-connect/auth?${authorizationUrlSearchParams}`;
     const headers = new Headers();
-    // headers.append('Set-Cookie', cookieHeader);
     headers.append('Location', '/auth/validate');
     return headers;
 };
@@ -63,23 +51,6 @@ const getUser = async (issuer, token) => {
         });
     }
 };
-const logout = async (issuer, clientId, token) => {
-    const response = await fetch(`${issuer}/protocol/openid-connect/logout`, {
-        method: "POST",
-        body: new URLSearchParams({
-            client_id: clientId,
-            access_token: token.access_token,
-        }),
-        headers: {
-            "Content-Type": "application/x-www-form-urlencoded",
-            Accept: "application/json"
-        }
-    });
-    if (!response.ok) {
-        console.log('Response was NOT okay');
-        throw new Error('Token not validated.');
-    }
-};
 export const machineAuthenticationProvider = (scope = '', redirectPath = '/') => {
     const extendedScope = `openid profile offline_access ${scope}`;
     const redirectUrl = "/auth/validate";
@@ -97,9 +68,6 @@ export const machineAuthenticationProvider = (scope = '', redirectPath = '/') =>
             const user = await getUser(AUTH_KEYCLOAK_ISSUER, token);
             return user;
         },
-        logout: async (token) => {
-            await logout(AUTH_KEYCLOAK_ISSUER, AUTH_KEYCLOAK_ID, token);
-        },
         redirectPath
     };
 };

package/dist/auth/redisSessionProvider.d.ts

@@ -1,6 +1,7 @@
 import type { ISession, Sid } from './types.js';
 declare function clean(): Promise<void>;
 declare function createSession(session: ISession, maxAge: number): Promise<string>;
+declare function updateSession(sid: string, session: ISession, maxAge: number): Promise<void>;
 declare function getSession(sid: Sid): Promise<any>;
 declare function deleteSession(sid: string): Promise<void>;
 export declare const redisSessionProvider: {
@@ -8,5 +9,6 @@ export declare const redisSessionProvider: {
     createSession: typeof createSession;
     getSession: typeof getSession;
     deleteSession: typeof deleteSession;
+    updateSession: typeof updateSession;
 };
 export {};

package/dist/auth/redisSessionProvider.js

@@ -12,11 +12,19 @@ async function createSession(session, maxAge) {
     const sid = getSid();
     const sessionObject = {
         data: session,
-        invalidAt: Date.now() + maxAge
+        invalidAt: Date.now() + maxAge + 3600
     };
     await redis.set(sid, JSON.stringify(sessionObject), "EX", maxAge);
     return sid;
 }
+async function updateSession(sid, session, maxAge) {
+    await redis.del(sid);
+    const sessionObject = {
+        data: session,
+        invalidAt: Date.now() + maxAge + 3600
+    };
+    await redis.set(sid, JSON.stringify(sessionObject), "EX", maxAge);
+}
 async function getSession(sid) {
     const savedSession = await redis.get(sid);
     if (savedSession) {
@@ -33,4 +41,5 @@ export const redisSessionProvider = {
     createSession: createSession,
     getSession: getSession,
     deleteSession: deleteSession,
+    updateSession: updateSession
 };

package/dist/auth/{tokenRefreshHandle.js → tokenRefresh.js}

@@ -1,5 +1,5 @@
 import {} from '@sveltejs/kit';
-import { AUTH_KEYCLOAK_ID, AUTH_KEYCLOAK_ISSUER } from '$env/static/private';
+import { AUTH_KEYCLOAK_ID, AUTH_KEYCLOAK_SECRET, AUTH_KEYCLOAK_ISSUER } from '$env/static/private';
 const authSessionCookieName = `auth_session`;
 function isTokenExpired(token) {
     const base64Url = token.split(".")[1];
@@ -14,12 +14,13 @@ function isTokenExpired(token) {
     const expired = Date.now() >= exp * 1000;
     return expired;
 }
-async function refreshToken(clientId, refresh_token) {
+async function refreshToken(clientId, clientSecret, refresh_token) {
     const response = await fetch(`${AUTH_KEYCLOAK_ISSUER}/protocol/openid-connect/token`, {
         method: "POST",
         body: new URLSearchParams({
             grant_type: "refresh_token",
             client_id: clientId,
+            client_secret: clientSecret,
             refresh_token: refresh_token,
         }),
         headers: {
@@ -33,19 +34,15 @@ async function refreshToken(clientId, refresh_token) {
 export const tokenRefreshHandle = (sessionProvider) => {
     return async ({ event, resolve }) => {
         const locals = event.locals;
-        try {
-            if (locals?.token?.refresh_token) {
-                const isExpired = isTokenExpired(locals.token.access_token);
-                if (isExpired) {
-                    const newToken = await refreshToken(AUTH_KEYCLOAK_ID, locals.token.refresh_token);
-                    locals.token = newToken;
-                    const sid = event.cookies.get(authSessionCookieName);
-                    sessionProvider.updateSession(sid, locals, newToken.expires_in);
-                }
+        if (locals?.token?.refresh_token) {
+            const isExpired = isTokenExpired(locals.token.access_token);
+            if (isExpired) {
+                const newToken = await refreshToken(AUTH_KEYCLOAK_ID, AUTH_KEYCLOAK_SECRET, locals.token.refresh_token);
+                locals.token = newToken;
+                const sid = event.cookies.get(authSessionCookieName);
+                sessionProvider.updateSession(sid, locals, newToken.expires_in);
             }
         }
-        catch {
-        }
         return await resolve(event);
     };
 };

package/dist/auth/types.d.ts

@@ -22,11 +22,11 @@ export interface IProvider {
     getAuthIdentity(domain: string): Promise<any>;
     getValidation(event: any): Promise<Token>;
     getUser(token: Token): any;
-    logout(token: Token): Promise<any>;
 }
 export interface ISessionStorage {
     clean(): Promise<void>;
     createSession(session: ISession, maxAge: number): Promise<Sid>;
     getSession(sid: Sid): Promise<ISession | undefined>;
     deleteSession(sid: Sid): Promise<void>;
+    updateSession(sid: Sid, session: ISession, maxAge: number): Promise<void>;
 }

package/dist/auth/userAuthenticationProvider.d.ts

@@ -3,6 +3,5 @@ export declare const userAuthenticationProvider: (scope?: string, redirectPath?:
     getAuthIdentity: (domain: string) => Promise<any>;
     getValidation: (event: any) => Promise<Token>;
     getUser: (token: Token) => Promise<any>;
-    logout: (token: Token) => Promise<void>;
     redirectPath: string;
 };

package/dist/auth/userAuthenticationProvider.js

@@ -76,23 +76,6 @@ const getUser = async (issuer, token) => {
         });
     }
 };
-const logout = async (issuer, clientId, token) => {
-    const response = await fetch(`${issuer}/protocol/openid-connect/logout`, {
-        method: "POST",
-        body: new URLSearchParams({
-            client_id: clientId,
-            access_token: token.access_token,
-        }),
-        headers: {
-            "Content-Type": "application/x-www-form-urlencoded",
-            Accept: "application/json"
-        }
-    });
-    if (!response.ok) {
-        console.log('Response was NOT okay');
-        throw new Error('Token not validated.');
-    }
-};
 export const userAuthenticationProvider = (scope = '', redirectPath = '/') => {
     const extendedScope = `openid profile offline_access ${scope}`;
     const redirectUrl = "/auth/validate";
@@ -110,9 +93,6 @@ export const userAuthenticationProvider = (scope = '', redirectPath = '/') => {
             const user = await getUser(AUTH_KEYCLOAK_ISSUER, token);
             return user;
         },
-        logout: async (token) => {
-            await logout(AUTH_KEYCLOAK_ISSUER, AUTH_KEYCLOAK_ID, token);
-        },
         redirectPath
     };
 };

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@functionalcms/svelte-components",
-	"version": "2.35.0",
+	"version": "2.35.2",
 	"watch": {
 		"build": {
 			"patterns": [

package/dist/auth/inMemorySessionProvider.d.ts

@@ -1,12 +0,0 @@
-import type { ISession, Sid } from './types.js';
-declare function clean(): Promise<void>;
-declare function createSession(session: ISession, maxAge: number): Promise<string>;
-declare function getSession(sid: Sid): Promise<ISession | undefined>;
-declare function deleteSession(sid: string): Promise<void>;
-export declare const inMemorySessionProvider: {
-    clean: typeof clean;
-    createSession: typeof createSession;
-    getSession: typeof getSession;
-    deleteSession: typeof deleteSession;
-};
-export {};

package/dist/auth/inMemorySessionProvider.js

@@ -1,46 +0,0 @@
-import { getSid } from './sessionIdGenerator.js';
-const sessionStore = new Map();
-let nextClean = Date.now() + 1000 * 60 * 60; // 1 hour
-async function clean() {
-    const now = Date.now();
-    for (const [sid, session] of sessionStore) {
-        if (session.invalidAt < now) {
-            sessionStore.delete(sid);
-        }
-    }
-    // // TODO: delete session from browser storage
-    nextClean = Date.now() + 1000 * 60 * 60; // 1 hour
-}
-if (Date.now() > nextClean) {
-    //call in setTimeout to not block the server
-    setTimeout(() => {
-        clean();
-    }, 5000);
-}
-async function createSession(session, maxAge) {
-    let sid = '';
-    do {
-        sid = getSid();
-    } while (sessionStore.has(sid));
-    sessionStore.set(sid, {
-        data: session,
-        invalidAt: Date.now() + maxAge
-    });
-    return sid;
-}
-async function getSession(sid) {
-    if (sessionStore.has(sid)) {
-        const cache = sessionStore.get(sid);
-        return cache?.data;
-    }
-    return undefined;
-}
-async function deleteSession(sid) {
-    sessionStore.delete(sid);
-}
-export const inMemorySessionProvider = {
-    clean: clean,
-    createSession: createSession,
-    getSession: getSession,
-    deleteSession: deleteSession,
-};

package/dist/auth/redisSessionProvider copy.d.ts

@@ -1,14 +0,0 @@
-import type { ISession, Sid } from './types.js';
-declare function clean(): Promise<void>;
-declare function createSession(session: ISession, maxAge: number): Promise<string>;
-declare function updateSession(sid: string, session: ISession, maxAge: number): Promise<void>;
-declare function getSession(sid: Sid): Promise<any>;
-declare function deleteSession(sid: string): Promise<void>;
-export declare const redisSessionProvider: {
-    clean: typeof clean;
-    createSession: typeof createSession;
-    getSession: typeof getSession;
-    deleteSession: typeof deleteSession;
-    updateSession: typeof updateSession;
-};
-export {};

package/dist/auth/redisSessionProvider copy.js

@@ -1,45 +0,0 @@
-import { getSid } from './sessionIdGenerator.js';
-import Redis from "ioredis";
-import { CACHE_SECRET } from '$env/static/private';
-const url = "functional.redis.cache.windows.net:6380,password=cfENm4qUceDQ2lE8tl5LFLjg4IVx3F4mIAzCaA12xtg=,ssl=True,abortConnect=False";
-const redis = new Redis(6380, "functional.redis.cache.windows.net", {
-    password: CACHE_SECRET,
-    tls: true
-});
-async function clean() {
-}
-async function createSession(session, maxAge) {
-    const sid = getSid();
-    const sessionObject = {
-        data: session,
-        invalidAt: Date.now() + maxAge + 3600
-    };
-    await redis.set(sid, JSON.stringify(sessionObject), "EX", maxAge);
-    return sid;
-}
-async function updateSession(sid, session, maxAge) {
-    await redis.del(sid);
-    const sessionObject = {
-        data: session,
-        invalidAt: Date.now() + maxAge + 3600
-    };
-    await redis.set(sid, JSON.stringify(sessionObject), "EX", maxAge);
-}
-async function getSession(sid) {
-    const savedSession = await redis.get(sid);
-    if (savedSession) {
-        const session = JSON.parse(savedSession);
-        return session.data;
-    }
-    return null;
-}
-async function deleteSession(sid) {
-    await redis.del(sid);
-}
-export const redisSessionProvider = {
-    clean: clean,
-    createSession: createSession,
-    getSession: getSession,
-    deleteSession: deleteSession,
-    updateSession: updateSession
-};

package/dist/auth/standardPipeline.d.ts

@@ -1,2 +0,0 @@
-import type { IProvider } from "./types.js";
-export declare const getStandardHandle: (authProvider: IProvider) => import("@sveltejs/kit").Handle;

package/dist/auth/standardPipeline.js

@@ -1,7 +0,0 @@
-import { sequence } from "@sveltejs/kit/hooks";
-import errorHandler from "./errorHandle.js";
-import { tokenRefreshHandle } from "./tokenRefreshHandle.js";
-import authorizationHandle from "./authorizationHandle.js";
-import { authenticationHandle } from "./authenticationHandle.js";
-import { redisSessionProvider } from "./redisSessionProvider.js";
-export const getStandardHandle = (authProvider) => sequence(errorHandler, authenticationHandle(authProvider, redisSessionProvider), tokenRefreshHandle(redisSessionProvider), authorizationHandle(['/.+']));