@ghentcdh/authentication-vue 0.0.2-13 → 0.0.2-15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +19 -7
- package/index.mjs +274 -271
- package/lib/auth.const.d.ts +2 -0
- package/lib/keycloak.adapter.d.ts +6 -1
- package/lib/request.d.ts +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -33,9 +33,17 @@ Enable the authentication plugin in your `main.ts` file.
|
|
|
33
33
|
```typescript
|
|
34
34
|
import { createAuth } from '@ghentcdh/authentication-vue';
|
|
35
35
|
|
|
36
|
-
// Other app initialisation
|
|
37
|
-
|
|
38
|
-
app.use(
|
|
36
|
+
// Other app initialisation ...
|
|
37
|
+
|
|
38
|
+
app.use(
|
|
39
|
+
createAuth({
|
|
40
|
+
keycloak: {
|
|
41
|
+
realm: import.meta.env.VITE_KEYCLOAK_REALM,
|
|
42
|
+
url: import.meta.env.VITE_KEYCLOAK_HOST,
|
|
43
|
+
clientId: import.meta.env.VITE_KEYCLOAK_CLIENT_ID,
|
|
44
|
+
},
|
|
45
|
+
}),
|
|
46
|
+
);
|
|
39
47
|
|
|
40
48
|
```
|
|
41
49
|
|
|
@@ -64,9 +72,11 @@ await isAuthenticated();
|
|
|
64
72
|
```vue
|
|
65
73
|
|
|
66
74
|
<script setup lang="ts">
|
|
67
|
-
import {
|
|
75
|
+
import { useHttpRequest } from "@ghentcdh/authentication/vue";
|
|
76
|
+
|
|
77
|
+
const httpRequest = useHttpRequest();
|
|
68
78
|
|
|
69
|
-
|
|
79
|
+
httpRequest.post('/api/auth/login', {}).then(response => {
|
|
70
80
|
alert('login ok')
|
|
71
81
|
});
|
|
72
82
|
</script>
|
|
@@ -80,9 +90,11 @@ Additional a parameter can be provided if the authentication should be skipped.
|
|
|
80
90
|
```vue
|
|
81
91
|
|
|
82
92
|
<script setup lang="ts">
|
|
83
|
-
import {
|
|
93
|
+
import { useHttpRequest } from "@ghentcdh/authentication/vue";
|
|
94
|
+
|
|
95
|
+
const httpRequest = useHttpRequest();
|
|
84
96
|
|
|
85
|
-
|
|
97
|
+
httpRequest.post('/api/skip-auth', {}, {skipAuth: true}).then(response => {
|
|
86
98
|
alert('login ok')
|
|
87
99
|
});
|
|
88
100
|
</script>
|
package/index.mjs
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
import { ref as
|
|
2
|
-
const
|
|
3
|
-
function
|
|
4
|
-
if (!(this instanceof
|
|
1
|
+
import { ref as ne, markRaw as oe, watch as ae, inject as se } from "vue";
|
|
2
|
+
const B = "GHENTCDH_AUTHENTICATION";
|
|
3
|
+
function X(p) {
|
|
4
|
+
if (!(this instanceof X))
|
|
5
5
|
throw new Error("The 'Keycloak' constructor must be invoked with 'new'.");
|
|
6
6
|
if (typeof p != "string" && !z(p))
|
|
7
7
|
throw new Error("The 'Keycloak' constructor must be provided with a configuration object, or a URL to a JSON configuration file.");
|
|
@@ -11,14 +11,14 @@ function W(p) {
|
|
|
11
11
|
if (!p[t])
|
|
12
12
|
throw new Error(`The configuration object is missing the required '${t}' property.`);
|
|
13
13
|
}
|
|
14
|
-
var e = this,
|
|
14
|
+
var e = this, d, k = [], m, h = {
|
|
15
15
|
enable: !0,
|
|
16
16
|
callbackList: [],
|
|
17
17
|
interval: 5
|
|
18
18
|
};
|
|
19
19
|
e.didInitialize = !1;
|
|
20
|
-
var
|
|
21
|
-
globalThis.isSecureContext ||
|
|
20
|
+
var y = !0, b = q(console.info), T = q(console.warn);
|
|
21
|
+
globalThis.isSecureContext || T(
|
|
22
22
|
`[KEYCLOAK] Keycloak JS must be used in a 'secure context' to function properly as it relies on browser APIs that are otherwise not available.
|
|
23
23
|
Continuing to run your application insecurely will lead to unexpected behavior and breakage.
|
|
24
24
|
|
|
@@ -26,9 +26,9 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
26
26
|
), e.init = function(r = {}) {
|
|
27
27
|
if (e.didInitialize)
|
|
28
28
|
throw new Error("A 'Keycloak' instance can only be initialized once.");
|
|
29
|
-
e.didInitialize = !0, e.authenticated = !1,
|
|
29
|
+
e.didInitialize = !0, e.authenticated = !1, m = te();
|
|
30
30
|
var t = ["default", "cordova", "cordova-native"];
|
|
31
|
-
if (t.indexOf(r.adapter) > -1 ?
|
|
31
|
+
if (t.indexOf(r.adapter) > -1 ? d = K(r.adapter) : typeof r.adapter == "object" ? d = r.adapter : window.Cordova || window.cordova ? d = K("cordova") : d = K(), typeof r.useNonce < "u" && (y = r.useNonce), typeof r.checkLoginIframe < "u" && (h.enable = r.checkLoginIframe), r.checkLoginIframeInterval && (h.interval = r.checkLoginIframeInterval), r.onLoad === "login-required" && (e.loginRequired = !0), r.responseMode)
|
|
32
32
|
if (r.responseMode === "query" || r.responseMode === "fragment")
|
|
33
33
|
e.responseMode = r.responseMode;
|
|
34
34
|
else
|
|
@@ -56,38 +56,38 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
56
56
|
} else
|
|
57
57
|
e.pkceMethod = "S256";
|
|
58
58
|
typeof r.enableLogging == "boolean" ? e.enableLogging = r.enableLogging : e.enableLogging = !1, r.logoutMethod === "POST" ? e.logoutMethod = "POST" : e.logoutMethod = "GET", typeof r.scope == "string" && (e.scope = r.scope), typeof r.acrValues == "string" && (e.acrValues = r.acrValues), typeof r.messageReceiveTimeout == "number" && r.messageReceiveTimeout > 0 ? e.messageReceiveTimeout = r.messageReceiveTimeout : e.messageReceiveTimeout = 1e4, e.responseMode || (e.responseMode = "fragment"), e.responseType || (e.responseType = "code", e.flow = "standard");
|
|
59
|
-
var i =
|
|
59
|
+
var i = w(), s = w();
|
|
60
60
|
s.promise.then(function() {
|
|
61
61
|
e.onReady && e.onReady(e.authenticated), i.setSuccess(e.authenticated);
|
|
62
62
|
}).catch(function(o) {
|
|
63
63
|
i.setError(o);
|
|
64
64
|
});
|
|
65
|
-
var a =
|
|
65
|
+
var a = Q();
|
|
66
66
|
function c() {
|
|
67
|
-
var o = function(
|
|
68
|
-
|
|
67
|
+
var o = function(l) {
|
|
68
|
+
l || (f.prompt = "none"), r.locale && (f.locale = r.locale), e.login(f).then(function() {
|
|
69
69
|
s.setSuccess();
|
|
70
|
-
}).catch(function(
|
|
71
|
-
s.setError(
|
|
70
|
+
}).catch(function(g) {
|
|
71
|
+
s.setError(g);
|
|
72
72
|
});
|
|
73
73
|
}, u = async function() {
|
|
74
|
-
var
|
|
75
|
-
|
|
76
|
-
var
|
|
77
|
-
if (!(
|
|
78
|
-
var
|
|
79
|
-
E(
|
|
74
|
+
var l = document.createElement("iframe"), g = await e.createLoginUrl({ prompt: "none", redirectUri: e.silentCheckSsoRedirectUri });
|
|
75
|
+
l.setAttribute("src", g), l.setAttribute("sandbox", "allow-storage-access-by-user-activation allow-scripts allow-same-origin"), l.setAttribute("title", "keycloak-silent-check-sso"), l.style.display = "none", document.body.appendChild(l);
|
|
76
|
+
var S = function(I) {
|
|
77
|
+
if (!(I.origin !== window.location.origin || l.contentWindow !== I.source)) {
|
|
78
|
+
var U = A(I.data);
|
|
79
|
+
E(U, s), document.body.removeChild(l), window.removeEventListener("message", S);
|
|
80
80
|
}
|
|
81
81
|
};
|
|
82
|
-
window.addEventListener("message",
|
|
82
|
+
window.addEventListener("message", S);
|
|
83
83
|
}, f = {};
|
|
84
84
|
switch (r.onLoad) {
|
|
85
85
|
case "check-sso":
|
|
86
|
-
h.enable ?
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
}).catch(function(
|
|
90
|
-
s.setError(
|
|
86
|
+
h.enable ? N().then(function() {
|
|
87
|
+
x().then(function(l) {
|
|
88
|
+
l ? s.setSuccess() : e.silentCheckSsoRedirectUri ? u() : o(!1);
|
|
89
|
+
}).catch(function(l) {
|
|
90
|
+
s.setError(l);
|
|
91
91
|
});
|
|
92
92
|
}) : e.silentCheckSsoRedirectUri ? u() : o(!1);
|
|
93
93
|
break;
|
|
@@ -101,14 +101,14 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
101
101
|
function n() {
|
|
102
102
|
var o = A(window.location.href);
|
|
103
103
|
if (o && window.history.replaceState(window.history.state, null, o.newUrl), o && o.valid)
|
|
104
|
-
return
|
|
104
|
+
return N().then(function() {
|
|
105
105
|
E(o, s);
|
|
106
106
|
}).catch(function(u) {
|
|
107
107
|
s.setError(u);
|
|
108
108
|
});
|
|
109
|
-
r.token && r.refreshToken ? (
|
|
110
|
-
|
|
111
|
-
u ? (e.onAuthSuccess && e.onAuthSuccess(), s.setSuccess(),
|
|
109
|
+
r.token && r.refreshToken ? (R(r.token, r.refreshToken, r.idToken), h.enable ? N().then(function() {
|
|
110
|
+
x().then(function(u) {
|
|
111
|
+
u ? (e.onAuthSuccess && e.onAuthSuccess(), s.setSuccess(), H()) : s.setSuccess();
|
|
112
112
|
}).catch(function(u) {
|
|
113
113
|
s.setError(u);
|
|
114
114
|
});
|
|
@@ -119,35 +119,35 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
119
119
|
})) : r.onLoad ? c() : s.setSuccess();
|
|
120
120
|
}
|
|
121
121
|
return a.then(function() {
|
|
122
|
-
|
|
122
|
+
re().then(n).catch(function(o) {
|
|
123
123
|
i.setError(o);
|
|
124
124
|
});
|
|
125
125
|
}), a.catch(function(o) {
|
|
126
126
|
i.setError(o);
|
|
127
127
|
}), i.promise;
|
|
128
128
|
}, e.login = function(r) {
|
|
129
|
-
return
|
|
129
|
+
return d.login(r);
|
|
130
130
|
};
|
|
131
131
|
function C(r) {
|
|
132
132
|
if (typeof crypto > "u" || typeof crypto.getRandomValues > "u")
|
|
133
133
|
throw new Error("Web Crypto API is not available.");
|
|
134
134
|
return crypto.getRandomValues(new Uint8Array(r));
|
|
135
135
|
}
|
|
136
|
-
function
|
|
137
|
-
return
|
|
136
|
+
function v(r) {
|
|
137
|
+
return P(r, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789");
|
|
138
138
|
}
|
|
139
|
-
function
|
|
139
|
+
function P(r, t) {
|
|
140
140
|
for (var i = C(r), s = new Array(r), a = 0; a < r; a++)
|
|
141
141
|
s[a] = t.charCodeAt(i[a] % t.length);
|
|
142
142
|
return String.fromCharCode.apply(null, s);
|
|
143
143
|
}
|
|
144
|
-
async function
|
|
144
|
+
async function M(r, t) {
|
|
145
145
|
if (r !== "S256")
|
|
146
146
|
throw new TypeError(`Invalid value for 'pkceMethod', expected 'S256' but got '${r}'.`);
|
|
147
|
-
const i = new Uint8Array(await
|
|
148
|
-
return
|
|
147
|
+
const i = new Uint8Array(await ce(t));
|
|
148
|
+
return ie(i).replace(/\+/g, "-").replace(/\//g, "_").replace(/\=/g, "");
|
|
149
149
|
}
|
|
150
|
-
function
|
|
150
|
+
function W(r) {
|
|
151
151
|
var t = {
|
|
152
152
|
id_token: {
|
|
153
153
|
acr: r
|
|
@@ -156,7 +156,7 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
156
156
|
return JSON.stringify(t);
|
|
157
157
|
}
|
|
158
158
|
e.createLoginUrl = async function(r) {
|
|
159
|
-
var t =
|
|
159
|
+
var t = Y(), i = Y(), s = d.redirectUri(r), a = {
|
|
160
160
|
state: t,
|
|
161
161
|
nonce: i,
|
|
162
162
|
redirectUri: encodeURIComponent(s),
|
|
@@ -168,34 +168,34 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
168
168
|
var n = r && r.scope || e.scope;
|
|
169
169
|
n ? n.indexOf("openid") === -1 && (n = "openid " + n) : n = "openid";
|
|
170
170
|
var o = c + "?client_id=" + encodeURIComponent(e.clientId) + "&redirect_uri=" + encodeURIComponent(s) + "&state=" + encodeURIComponent(t) + "&response_mode=" + encodeURIComponent(e.responseMode) + "&response_type=" + encodeURIComponent(e.responseType) + "&scope=" + encodeURIComponent(n);
|
|
171
|
-
if (
|
|
172
|
-
var u =
|
|
171
|
+
if (y && (o = o + "&nonce=" + encodeURIComponent(i)), r && r.prompt && (o += "&prompt=" + encodeURIComponent(r.prompt)), r && typeof r.maxAge == "number" && (o += "&max_age=" + encodeURIComponent(r.maxAge)), r && r.loginHint && (o += "&login_hint=" + encodeURIComponent(r.loginHint)), r && r.idpHint && (o += "&kc_idp_hint=" + encodeURIComponent(r.idpHint)), r && r.action && r.action != "register" && (o += "&kc_action=" + encodeURIComponent(r.action)), r && r.locale && (o += "&ui_locales=" + encodeURIComponent(r.locale)), r && r.acr) {
|
|
172
|
+
var u = W(r.acr);
|
|
173
173
|
o += "&claims=" + encodeURIComponent(u);
|
|
174
174
|
}
|
|
175
175
|
if ((r && r.acrValues || e.acrValues) && (o += "&acr_values=" + encodeURIComponent(r.acrValues || e.acrValues)), e.pkceMethod)
|
|
176
176
|
try {
|
|
177
|
-
const f =
|
|
178
|
-
a.pkceCodeVerifier = f, o += "&code_challenge=" +
|
|
177
|
+
const f = v(96), l = await M(e.pkceMethod, f);
|
|
178
|
+
a.pkceCodeVerifier = f, o += "&code_challenge=" + l, o += "&code_challenge_method=" + e.pkceMethod;
|
|
179
179
|
} catch (f) {
|
|
180
180
|
throw new Error("Failed to generate PKCE challenge.", { cause: f });
|
|
181
181
|
}
|
|
182
|
-
return
|
|
182
|
+
return m.add(a), o;
|
|
183
183
|
}, e.logout = function(r) {
|
|
184
|
-
return
|
|
184
|
+
return d.logout(r);
|
|
185
185
|
}, e.createLogoutUrl = function(r) {
|
|
186
186
|
if (((r == null ? void 0 : r.logoutMethod) ?? e.logoutMethod) === "POST")
|
|
187
187
|
return e.endpoints.logout();
|
|
188
|
-
var i = e.endpoints.logout() + "?client_id=" + encodeURIComponent(e.clientId) + "&post_logout_redirect_uri=" + encodeURIComponent(
|
|
188
|
+
var i = e.endpoints.logout() + "?client_id=" + encodeURIComponent(e.clientId) + "&post_logout_redirect_uri=" + encodeURIComponent(d.redirectUri(r, !1));
|
|
189
189
|
return e.idToken && (i += "&id_token_hint=" + encodeURIComponent(e.idToken)), i;
|
|
190
190
|
}, e.register = function(r) {
|
|
191
|
-
return
|
|
191
|
+
return d.register(r);
|
|
192
192
|
}, e.createRegisterUrl = async function(r) {
|
|
193
193
|
return r || (r = {}), r.action = "register", await e.createLoginUrl(r);
|
|
194
194
|
}, e.createAccountUrl = function(r) {
|
|
195
|
-
var t =
|
|
196
|
-
return typeof t < "u" && (i = t + "/account?referrer=" + encodeURIComponent(e.clientId) + "&referrer_uri=" + encodeURIComponent(
|
|
195
|
+
var t = _(), i = void 0;
|
|
196
|
+
return typeof t < "u" && (i = t + "/account?referrer=" + encodeURIComponent(e.clientId) + "&referrer_uri=" + encodeURIComponent(d.redirectUri(r))), i;
|
|
197
197
|
}, e.accountManagement = function() {
|
|
198
|
-
return
|
|
198
|
+
return d.accountManagement();
|
|
199
199
|
}, e.hasRealmRole = function(r) {
|
|
200
200
|
var t = e.realmAccess;
|
|
201
201
|
return !!t && t.roles.indexOf(r) >= 0;
|
|
@@ -205,16 +205,16 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
205
205
|
var i = e.resourceAccess[t || e.clientId];
|
|
206
206
|
return !!i && i.roles.indexOf(r) >= 0;
|
|
207
207
|
}, e.loadUserProfile = function() {
|
|
208
|
-
var r =
|
|
208
|
+
var r = _() + "/account", t = new XMLHttpRequest();
|
|
209
209
|
t.open("GET", r, !0), t.setRequestHeader("Accept", "application/json"), t.setRequestHeader("Authorization", "bearer " + e.token);
|
|
210
|
-
var i =
|
|
210
|
+
var i = w();
|
|
211
211
|
return t.onreadystatechange = function() {
|
|
212
212
|
t.readyState == 4 && (t.status == 200 ? (e.profile = JSON.parse(t.responseText), i.setSuccess(e.profile)) : i.setError());
|
|
213
213
|
}, t.send(), i.promise;
|
|
214
214
|
}, e.loadUserInfo = function() {
|
|
215
215
|
var r = e.endpoints.userinfo(), t = new XMLHttpRequest();
|
|
216
216
|
t.open("GET", r, !0), t.setRequestHeader("Accept", "application/json"), t.setRequestHeader("Authorization", "bearer " + e.token);
|
|
217
|
-
var i =
|
|
217
|
+
var i = w();
|
|
218
218
|
return t.onreadystatechange = function() {
|
|
219
219
|
t.readyState == 4 && (t.status == 200 ? (e.userInfo = JSON.parse(t.responseText), i.setSuccess(e.userInfo)) : i.setError());
|
|
220
220
|
}, t.send(), i.promise;
|
|
@@ -222,7 +222,7 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
222
222
|
if (!e.tokenParsed || !e.refreshToken && e.flow != "implicit")
|
|
223
223
|
throw "Not authenticated";
|
|
224
224
|
if (e.timeSkew == null)
|
|
225
|
-
return
|
|
225
|
+
return b("[KEYCLOAK] Unable to determine if token is expired as timeskew is not set"), !0;
|
|
226
226
|
var t = e.tokenParsed.exp - Math.ceil((/* @__PURE__ */ new Date()).getTime() / 1e3) + e.timeSkew;
|
|
227
227
|
if (r) {
|
|
228
228
|
if (isNaN(r))
|
|
@@ -231,39 +231,39 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
231
231
|
}
|
|
232
232
|
return t < 0;
|
|
233
233
|
}, e.updateToken = function(r) {
|
|
234
|
-
var t =
|
|
234
|
+
var t = w();
|
|
235
235
|
if (!e.refreshToken)
|
|
236
236
|
return t.setError(), t.promise;
|
|
237
237
|
r = r || 5;
|
|
238
238
|
var i = function() {
|
|
239
239
|
var a = !1;
|
|
240
|
-
if (r == -1 ? (a = !0,
|
|
240
|
+
if (r == -1 ? (a = !0, b("[KEYCLOAK] Refreshing token: forced refresh")) : (!e.tokenParsed || e.isTokenExpired(r)) && (a = !0, b("[KEYCLOAK] Refreshing token: token expired")), !a)
|
|
241
241
|
t.setSuccess(!1);
|
|
242
242
|
else {
|
|
243
243
|
var c = "grant_type=refresh_token&refresh_token=" + e.refreshToken, n = e.endpoints.token();
|
|
244
|
-
if (
|
|
244
|
+
if (k.push(t), k.length == 1) {
|
|
245
245
|
var o = new XMLHttpRequest();
|
|
246
246
|
o.open("POST", n, !0), o.setRequestHeader("Content-type", "application/x-www-form-urlencoded"), o.withCredentials = !0, c += "&client_id=" + encodeURIComponent(e.clientId);
|
|
247
247
|
var u = (/* @__PURE__ */ new Date()).getTime();
|
|
248
248
|
o.onreadystatechange = function() {
|
|
249
249
|
if (o.readyState == 4)
|
|
250
250
|
if (o.status == 200) {
|
|
251
|
-
|
|
251
|
+
b("[KEYCLOAK] Token refreshed"), u = (u + (/* @__PURE__ */ new Date()).getTime()) / 2;
|
|
252
252
|
var f = JSON.parse(o.responseText);
|
|
253
|
-
|
|
254
|
-
for (var
|
|
255
|
-
|
|
253
|
+
R(f.access_token, f.refresh_token, f.id_token, u), e.onAuthRefreshSuccess && e.onAuthRefreshSuccess();
|
|
254
|
+
for (var l = k.pop(); l != null; l = k.pop())
|
|
255
|
+
l.setSuccess(!0);
|
|
256
256
|
} else {
|
|
257
|
-
|
|
258
|
-
for (var
|
|
259
|
-
|
|
257
|
+
T("[KEYCLOAK] Failed to refresh token"), o.status == 400 && e.clearToken(), e.onAuthRefreshError && e.onAuthRefreshError();
|
|
258
|
+
for (var l = k.pop(); l != null; l = k.pop())
|
|
259
|
+
l.setError("Failed to refresh token: An unexpected HTTP error occurred while attempting to refresh the token.");
|
|
260
260
|
}
|
|
261
261
|
}, o.send(c);
|
|
262
262
|
}
|
|
263
263
|
}
|
|
264
264
|
};
|
|
265
265
|
if (h.enable) {
|
|
266
|
-
var s =
|
|
266
|
+
var s = x();
|
|
267
267
|
s.then(function() {
|
|
268
268
|
i();
|
|
269
269
|
}).catch(function(a) {
|
|
@@ -273,13 +273,13 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
273
273
|
i();
|
|
274
274
|
return t.promise;
|
|
275
275
|
}, e.clearToken = function() {
|
|
276
|
-
e.token && (
|
|
276
|
+
e.token && (R(null, null, null), e.onAuthLogout && e.onAuthLogout(), e.loginRequired && e.login());
|
|
277
277
|
};
|
|
278
|
-
function
|
|
278
|
+
function _() {
|
|
279
279
|
if (typeof e.authServerUrl < "u")
|
|
280
280
|
return e.authServerUrl.charAt(e.authServerUrl.length - 1) == "/" ? e.authServerUrl + "realms/" + encodeURIComponent(e.realm) : e.authServerUrl + "/realms/" + encodeURIComponent(e.realm);
|
|
281
281
|
}
|
|
282
|
-
function
|
|
282
|
+
function $() {
|
|
283
283
|
return window.location.origin ? window.location.origin : window.location.protocol + "//" + window.location.hostname + (window.location.port ? ":" + window.location.port : "");
|
|
284
284
|
}
|
|
285
285
|
function E(r, t) {
|
|
@@ -295,24 +295,24 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
295
295
|
else
|
|
296
296
|
t && t.setSuccess();
|
|
297
297
|
return;
|
|
298
|
-
} else e.flow != "standard" && (r.access_token || r.id_token) &&
|
|
298
|
+
} else e.flow != "standard" && (r.access_token || r.id_token) && l(r.access_token, null, r.id_token, !0);
|
|
299
299
|
if (e.flow != "implicit" && i) {
|
|
300
300
|
var o = "code=" + i + "&grant_type=authorization_code", u = e.endpoints.token(), f = new XMLHttpRequest();
|
|
301
301
|
f.open("POST", u, !0), f.setRequestHeader("Content-type", "application/x-www-form-urlencoded"), o += "&client_id=" + encodeURIComponent(e.clientId), o += "&redirect_uri=" + r.redirectUri, r.pkceCodeVerifier && (o += "&code_verifier=" + r.pkceCodeVerifier), f.withCredentials = !0, f.onreadystatechange = function() {
|
|
302
302
|
if (f.readyState == 4)
|
|
303
303
|
if (f.status == 200) {
|
|
304
|
-
var
|
|
305
|
-
|
|
304
|
+
var g = JSON.parse(f.responseText);
|
|
305
|
+
l(g.access_token, g.refresh_token, g.id_token, e.flow === "standard"), H();
|
|
306
306
|
} else
|
|
307
307
|
e.onAuthError && e.onAuthError(), t && t.setError();
|
|
308
308
|
}, f.send(o);
|
|
309
309
|
}
|
|
310
|
-
function
|
|
311
|
-
c = (c + (/* @__PURE__ */ new Date()).getTime()) / 2,
|
|
310
|
+
function l(g, S, I, U) {
|
|
311
|
+
c = (c + (/* @__PURE__ */ new Date()).getTime()) / 2, R(g, S, I, c), y && e.idTokenParsed && e.idTokenParsed.nonce != r.storedNonce ? (b("[KEYCLOAK] Invalid nonce, clearing token"), e.clearToken(), t && t.setError()) : U && (e.onAuthSuccess && e.onAuthSuccess(), t && t.setSuccess());
|
|
312
312
|
}
|
|
313
313
|
}
|
|
314
|
-
function
|
|
315
|
-
var r =
|
|
314
|
+
function Q() {
|
|
315
|
+
var r = w(), t;
|
|
316
316
|
typeof p == "string" && (t = p);
|
|
317
317
|
function i(n) {
|
|
318
318
|
n ? e.endpoints = {
|
|
@@ -342,25 +342,25 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
342
342
|
}
|
|
343
343
|
} : e.endpoints = {
|
|
344
344
|
authorize: function() {
|
|
345
|
-
return
|
|
345
|
+
return _() + "/protocol/openid-connect/auth";
|
|
346
346
|
},
|
|
347
347
|
token: function() {
|
|
348
|
-
return
|
|
348
|
+
return _() + "/protocol/openid-connect/token";
|
|
349
349
|
},
|
|
350
350
|
logout: function() {
|
|
351
|
-
return
|
|
351
|
+
return _() + "/protocol/openid-connect/logout";
|
|
352
352
|
},
|
|
353
353
|
checkSessionIframe: function() {
|
|
354
|
-
return
|
|
354
|
+
return _() + "/protocol/openid-connect/login-status-iframe.html";
|
|
355
355
|
},
|
|
356
356
|
thirdPartyCookiesIframe: function() {
|
|
357
|
-
return
|
|
357
|
+
return _() + "/protocol/openid-connect/3p-cookies/step1.html";
|
|
358
358
|
},
|
|
359
359
|
register: function() {
|
|
360
|
-
return
|
|
360
|
+
return _() + "/protocol/openid-connect/registrations";
|
|
361
361
|
},
|
|
362
362
|
userinfo: function() {
|
|
363
|
-
return
|
|
363
|
+
return _() + "/protocol/openid-connect/userinfo";
|
|
364
364
|
}
|
|
365
365
|
};
|
|
366
366
|
}
|
|
@@ -399,28 +399,28 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
399
399
|
function F(r) {
|
|
400
400
|
return r.status == 0 && r.responseText && r.responseURL.startsWith("file:");
|
|
401
401
|
}
|
|
402
|
-
function
|
|
403
|
-
if (e.tokenTimeoutHandle && (clearTimeout(e.tokenTimeoutHandle), e.tokenTimeoutHandle = null), t ? (e.refreshToken = t, e.refreshTokenParsed =
|
|
404
|
-
if (e.token = r, e.tokenParsed =
|
|
402
|
+
function R(r, t, i, s) {
|
|
403
|
+
if (e.tokenTimeoutHandle && (clearTimeout(e.tokenTimeoutHandle), e.tokenTimeoutHandle = null), t ? (e.refreshToken = t, e.refreshTokenParsed = J(t)) : (delete e.refreshToken, delete e.refreshTokenParsed), i ? (e.idToken = i, e.idTokenParsed = J(i)) : (delete e.idToken, delete e.idTokenParsed), r) {
|
|
404
|
+
if (e.token = r, e.tokenParsed = J(r), e.sessionId = e.tokenParsed.sid, e.authenticated = !0, e.subject = e.tokenParsed.sub, e.realmAccess = e.tokenParsed.realm_access, e.resourceAccess = e.tokenParsed.resource_access, s && (e.timeSkew = Math.floor(s / 1e3) - e.tokenParsed.iat), e.timeSkew != null && (b("[KEYCLOAK] Estimated time difference between browser and server is " + e.timeSkew + " seconds"), e.onTokenExpired)) {
|
|
405
405
|
var a = (e.tokenParsed.exp - (/* @__PURE__ */ new Date()).getTime() / 1e3 + e.timeSkew) * 1e3;
|
|
406
|
-
|
|
406
|
+
b("[KEYCLOAK] Token expires in " + Math.round(a / 1e3) + " s"), a <= 0 ? e.onTokenExpired() : e.tokenTimeoutHandle = setTimeout(e.onTokenExpired, a);
|
|
407
407
|
}
|
|
408
408
|
} else
|
|
409
409
|
delete e.token, delete e.tokenParsed, delete e.subject, delete e.realmAccess, delete e.resourceAccess, e.authenticated = !1;
|
|
410
410
|
}
|
|
411
|
-
function
|
|
411
|
+
function Y() {
|
|
412
412
|
if (typeof crypto > "u" || typeof crypto.randomUUID > "u")
|
|
413
413
|
throw new Error("Web Crypto API is not available.");
|
|
414
414
|
return crypto.randomUUID();
|
|
415
415
|
}
|
|
416
416
|
function A(r) {
|
|
417
|
-
var t =
|
|
417
|
+
var t = Z(r);
|
|
418
418
|
if (t) {
|
|
419
|
-
var i =
|
|
419
|
+
var i = m.get(t.state);
|
|
420
420
|
return i && (t.valid = !0, t.redirectUri = i.redirectUri, t.storedNonce = i.nonce, t.prompt = i.prompt, t.pkceCodeVerifier = i.pkceCodeVerifier, t.loginOptions = i.loginOptions), t;
|
|
421
421
|
}
|
|
422
422
|
}
|
|
423
|
-
function
|
|
423
|
+
function Z(r) {
|
|
424
424
|
var t;
|
|
425
425
|
switch (e.flow) {
|
|
426
426
|
case "standard":
|
|
@@ -435,7 +435,7 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
435
435
|
}
|
|
436
436
|
t.push("error"), t.push("error_description"), t.push("error_uri");
|
|
437
437
|
var i = r.indexOf("?"), s = r.indexOf("#"), a, c;
|
|
438
|
-
if (e.responseMode === "query" && i !== -1 ? (a = r.substring(0, i), c =
|
|
438
|
+
if (e.responseMode === "query" && i !== -1 ? (a = r.substring(0, i), c = G(r.substring(i + 1, s !== -1 ? s : r.length), t), c.paramsString !== "" && (a += "?" + c.paramsString), s !== -1 && (a += r.substring(s))) : e.responseMode === "fragment" && s !== -1 && (a = r.substring(0, s), c = G(r.substring(s + 1), t), c.paramsString !== "" && (a += "#" + c.paramsString)), c && c.oauthParams) {
|
|
439
439
|
if (e.flow === "standard" || e.flow === "hybrid") {
|
|
440
440
|
if ((c.oauthParams.code || c.oauthParams.error) && c.oauthParams.state)
|
|
441
441
|
return c.oauthParams.newUrl = a, c.oauthParams;
|
|
@@ -443,7 +443,7 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
443
443
|
return c.oauthParams.newUrl = a, c.oauthParams;
|
|
444
444
|
}
|
|
445
445
|
}
|
|
446
|
-
function
|
|
446
|
+
function G(r, t) {
|
|
447
447
|
for (var i = r.split("&"), s = {
|
|
448
448
|
paramsString: "",
|
|
449
449
|
oauthParams: {}
|
|
@@ -453,7 +453,7 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
453
453
|
}
|
|
454
454
|
return s;
|
|
455
455
|
}
|
|
456
|
-
function
|
|
456
|
+
function w() {
|
|
457
457
|
var r = {
|
|
458
458
|
setSuccess: function(t) {
|
|
459
459
|
r.resolve(t);
|
|
@@ -466,7 +466,7 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
466
466
|
r.resolve = t, r.reject = i;
|
|
467
467
|
}), r;
|
|
468
468
|
}
|
|
469
|
-
function
|
|
469
|
+
function ee(r, t, i) {
|
|
470
470
|
var s = null, a = new Promise(function(c, n) {
|
|
471
471
|
s = setTimeout(function() {
|
|
472
472
|
n({ error: i });
|
|
@@ -476,14 +476,14 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
476
476
|
clearTimeout(s);
|
|
477
477
|
});
|
|
478
478
|
}
|
|
479
|
-
function
|
|
480
|
-
var r =
|
|
479
|
+
function N() {
|
|
480
|
+
var r = w();
|
|
481
481
|
if (!h.enable || h.iframe)
|
|
482
482
|
return r.setSuccess(), r.promise;
|
|
483
483
|
var t = document.createElement("iframe");
|
|
484
484
|
h.iframe = t, t.onload = function() {
|
|
485
485
|
var a = e.endpoints.authorize();
|
|
486
|
-
a.charAt(0) === "/" ? h.iframeOrigin =
|
|
486
|
+
a.charAt(0) === "/" ? h.iframeOrigin = $() : h.iframeOrigin = a.substring(0, a.indexOf("/", 8)), r.setSuccess();
|
|
487
487
|
};
|
|
488
488
|
var i = e.endpoints.checkSessionIframe();
|
|
489
489
|
t.setAttribute("src", i), t.setAttribute("sandbox", "allow-storage-access-by-user-activation allow-scripts allow-same-origin"), t.setAttribute("title", "keycloak-session-iframe"), t.style.display = "none", document.body.appendChild(t);
|
|
@@ -498,15 +498,15 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
498
498
|
};
|
|
499
499
|
return window.addEventListener("message", s, !1), r.promise;
|
|
500
500
|
}
|
|
501
|
-
function
|
|
501
|
+
function H() {
|
|
502
502
|
h.enable && e.token && setTimeout(function() {
|
|
503
|
-
|
|
504
|
-
r &&
|
|
503
|
+
x().then(function(r) {
|
|
504
|
+
r && H();
|
|
505
505
|
});
|
|
506
506
|
}, h.interval * 1e3);
|
|
507
507
|
}
|
|
508
|
-
function
|
|
509
|
-
var r =
|
|
508
|
+
function x() {
|
|
509
|
+
var r = w();
|
|
510
510
|
if (h.iframe && h.iframeOrigin) {
|
|
511
511
|
var t = e.clientId + " " + (e.sessionId ? e.sessionId : "");
|
|
512
512
|
h.callbackList.push(r);
|
|
@@ -516,13 +516,13 @@ For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/
|
|
|
516
516
|
r.setSuccess();
|
|
517
517
|
return r.promise;
|
|
518
518
|
}
|
|
519
|
-
function
|
|
520
|
-
var r =
|
|
519
|
+
function re() {
|
|
520
|
+
var r = w();
|
|
521
521
|
if ((h.enable || e.silentCheckSsoRedirectUri) && typeof e.endpoints.thirdPartyCookiesIframe == "function") {
|
|
522
522
|
var t = document.createElement("iframe");
|
|
523
523
|
t.setAttribute("src", e.endpoints.thirdPartyCookiesIframe()), t.setAttribute("sandbox", "allow-storage-access-by-user-activation allow-scripts allow-same-origin"), t.setAttribute("title", "keycloak-3p-check-iframe"), t.style.display = "none", document.body.appendChild(t);
|
|
524
524
|
var i = function(s) {
|
|
525
|
-
t.contentWindow === s.source && (s.data !== "supported" && s.data !== "unsupported" || (s.data === "unsupported" && (
|
|
525
|
+
t.contentWindow === s.source && (s.data !== "supported" && s.data !== "unsupported" || (s.data === "unsupported" && (T(
|
|
526
526
|
`[KEYCLOAK] Your browser is blocking access to 3rd-party cookies, this means:
|
|
527
527
|
|
|
528
528
|
- It is not possible to retrieve tokens without redirecting to the Keycloak server (a.k.a. no support for silent authentication).
|
|
@@ -534,13 +534,13 @@ For more information see: https://www.keycloak.org/securing-apps/javascript-adap
|
|
|
534
534
|
window.addEventListener("message", i, !1);
|
|
535
535
|
} else
|
|
536
536
|
r.setSuccess();
|
|
537
|
-
return
|
|
537
|
+
return ee(r.promise, e.messageReceiveTimeout, "Timeout when waiting for 3rd party check iframe message.");
|
|
538
538
|
}
|
|
539
|
-
function
|
|
539
|
+
function K(r) {
|
|
540
540
|
if (!r || r == "default")
|
|
541
541
|
return {
|
|
542
542
|
login: async function(n) {
|
|
543
|
-
return window.location.assign(await e.createLoginUrl(n)),
|
|
543
|
+
return window.location.assign(await e.createLoginUrl(n)), w().promise;
|
|
544
544
|
},
|
|
545
545
|
logout: async function(n) {
|
|
546
546
|
if (((n == null ? void 0 : n.logoutMethod) ?? e.logoutMethod) === "GET") {
|
|
@@ -552,16 +552,16 @@ For more information see: https://www.keycloak.org/securing-apps/javascript-adap
|
|
|
552
552
|
const f = {
|
|
553
553
|
id_token_hint: e.idToken,
|
|
554
554
|
client_id: e.clientId,
|
|
555
|
-
post_logout_redirect_uri:
|
|
555
|
+
post_logout_redirect_uri: d.redirectUri(n, !1)
|
|
556
556
|
};
|
|
557
|
-
for (const [
|
|
558
|
-
const
|
|
559
|
-
|
|
557
|
+
for (const [l, g] of Object.entries(f)) {
|
|
558
|
+
const S = document.createElement("input");
|
|
559
|
+
S.setAttribute("type", "hidden"), S.setAttribute("name", l), S.setAttribute("value", g), u.appendChild(S);
|
|
560
560
|
}
|
|
561
561
|
document.body.appendChild(u), u.submit();
|
|
562
562
|
},
|
|
563
563
|
register: async function(n) {
|
|
564
|
-
return window.location.assign(await e.createRegisterUrl(n)),
|
|
564
|
+
return window.location.assign(await e.createRegisterUrl(n)), w().promise;
|
|
565
565
|
},
|
|
566
566
|
accountManagement: function() {
|
|
567
567
|
var n = e.createAccountUrl();
|
|
@@ -569,7 +569,7 @@ For more information see: https://www.keycloak.org/securing-apps/javascript-adap
|
|
|
569
569
|
window.location.href = n;
|
|
570
570
|
else
|
|
571
571
|
throw "Not supported by the OIDC server";
|
|
572
|
-
return
|
|
572
|
+
return w().promise;
|
|
573
573
|
},
|
|
574
574
|
redirectUri: function(n, o) {
|
|
575
575
|
return n && n.redirectUri ? n.redirectUri : e.redirectUri ? e.redirectUri : location.href;
|
|
@@ -595,44 +595,44 @@ For more information see: https://www.keycloak.org/securing-apps/javascript-adap
|
|
|
595
595
|
};
|
|
596
596
|
return {
|
|
597
597
|
login: async function(n) {
|
|
598
|
-
var o =
|
|
599
|
-
|
|
598
|
+
var o = w(), u = a(n), f = await e.createLoginUrl(n), l = t(f, "_blank", u), g = !1, S = !1, I = function() {
|
|
599
|
+
S = !0, l.close();
|
|
600
600
|
};
|
|
601
|
-
return
|
|
602
|
-
if (
|
|
603
|
-
var
|
|
604
|
-
E(
|
|
601
|
+
return l.addEventListener("loadstart", function(U) {
|
|
602
|
+
if (U.url.indexOf(c()) == 0) {
|
|
603
|
+
var O = A(U.url);
|
|
604
|
+
E(O, o), I(), g = !0;
|
|
605
605
|
}
|
|
606
|
-
}),
|
|
607
|
-
if (!
|
|
608
|
-
if (
|
|
609
|
-
var
|
|
610
|
-
E(
|
|
606
|
+
}), l.addEventListener("loaderror", function(U) {
|
|
607
|
+
if (!g)
|
|
608
|
+
if (U.url.indexOf(c()) == 0) {
|
|
609
|
+
var O = A(U.url);
|
|
610
|
+
E(O, o), I(), g = !0;
|
|
611
611
|
} else
|
|
612
|
-
o.setError(),
|
|
613
|
-
}),
|
|
614
|
-
|
|
612
|
+
o.setError(), I();
|
|
613
|
+
}), l.addEventListener("exit", function(U) {
|
|
614
|
+
S || o.setError({
|
|
615
615
|
reason: "closed_by_user"
|
|
616
616
|
});
|
|
617
617
|
}), o.promise;
|
|
618
618
|
},
|
|
619
619
|
logout: function(n) {
|
|
620
|
-
var o =
|
|
621
|
-
return f.addEventListener("loadstart", function(
|
|
622
|
-
|
|
623
|
-
}), f.addEventListener("loaderror", function(
|
|
624
|
-
|
|
625
|
-
}), f.addEventListener("exit", function(
|
|
626
|
-
|
|
620
|
+
var o = w(), u = e.createLogoutUrl(n), f = t(u, "_blank", "location=no,hidden=yes,clearcache=yes"), l;
|
|
621
|
+
return f.addEventListener("loadstart", function(g) {
|
|
622
|
+
g.url.indexOf(c()) == 0 && f.close();
|
|
623
|
+
}), f.addEventListener("loaderror", function(g) {
|
|
624
|
+
g.url.indexOf(c()) == 0 || (l = !0), f.close();
|
|
625
|
+
}), f.addEventListener("exit", function(g) {
|
|
626
|
+
l ? o.setError() : (e.clearToken(), o.setSuccess());
|
|
627
627
|
}), o.promise;
|
|
628
628
|
},
|
|
629
629
|
register: async function(n) {
|
|
630
|
-
var o =
|
|
631
|
-
return
|
|
632
|
-
if (
|
|
633
|
-
|
|
634
|
-
var
|
|
635
|
-
E(
|
|
630
|
+
var o = w(), u = await e.createRegisterUrl(), f = a(n), l = t(u, "_blank", f);
|
|
631
|
+
return l.addEventListener("loadstart", function(g) {
|
|
632
|
+
if (g.url.indexOf(c()) == 0) {
|
|
633
|
+
l.close();
|
|
634
|
+
var S = A(g.url);
|
|
635
|
+
E(S, o);
|
|
636
636
|
}
|
|
637
637
|
}), o.promise;
|
|
638
638
|
},
|
|
@@ -654,25 +654,25 @@ For more information see: https://www.keycloak.org/securing-apps/javascript-adap
|
|
|
654
654
|
if (r == "cordova-native")
|
|
655
655
|
return h.enable = !1, {
|
|
656
656
|
login: async function(n) {
|
|
657
|
-
var o =
|
|
657
|
+
var o = w(), u = await e.createLoginUrl(n);
|
|
658
658
|
return universalLinks.subscribe("keycloak", function(f) {
|
|
659
659
|
universalLinks.unsubscribe("keycloak"), window.cordova.plugins.browsertab.close();
|
|
660
|
-
var
|
|
661
|
-
E(
|
|
660
|
+
var l = A(f.url);
|
|
661
|
+
E(l, o);
|
|
662
662
|
}), window.cordova.plugins.browsertab.openUrl(u), o.promise;
|
|
663
663
|
},
|
|
664
664
|
logout: function(n) {
|
|
665
|
-
var o =
|
|
665
|
+
var o = w(), u = e.createLogoutUrl(n);
|
|
666
666
|
return universalLinks.subscribe("keycloak", function(f) {
|
|
667
667
|
universalLinks.unsubscribe("keycloak"), window.cordova.plugins.browsertab.close(), e.clearToken(), o.setSuccess();
|
|
668
668
|
}), window.cordova.plugins.browsertab.openUrl(u), o.promise;
|
|
669
669
|
},
|
|
670
670
|
register: async function(n) {
|
|
671
|
-
var o =
|
|
671
|
+
var o = w(), u = await e.createRegisterUrl(n);
|
|
672
672
|
return universalLinks.subscribe("keycloak", function(f) {
|
|
673
673
|
universalLinks.unsubscribe("keycloak"), window.cordova.plugins.browsertab.close();
|
|
674
|
-
var
|
|
675
|
-
E(
|
|
674
|
+
var l = A(f.url);
|
|
675
|
+
E(l, o);
|
|
676
676
|
}), window.cordova.plugins.browsertab.openUrl(u), o.promise;
|
|
677
677
|
},
|
|
678
678
|
accountManagement: function() {
|
|
@@ -689,9 +689,9 @@ For more information see: https://www.keycloak.org/securing-apps/javascript-adap
|
|
|
689
689
|
throw "invalid adapter type: " + r;
|
|
690
690
|
}
|
|
691
691
|
const L = "kc-callback-";
|
|
692
|
-
var
|
|
693
|
-
if (!(this instanceof
|
|
694
|
-
return new
|
|
692
|
+
var D = function() {
|
|
693
|
+
if (!(this instanceof D))
|
|
694
|
+
return new D();
|
|
695
695
|
localStorage.setItem("kc-test", "test"), localStorage.removeItem("kc-test");
|
|
696
696
|
var r = this;
|
|
697
697
|
function t() {
|
|
@@ -766,46 +766,46 @@ For more information see: https://www.keycloak.org/securing-apps/javascript-adap
|
|
|
766
766
|
document.cookie = o;
|
|
767
767
|
};
|
|
768
768
|
};
|
|
769
|
-
function
|
|
769
|
+
function te() {
|
|
770
770
|
try {
|
|
771
|
-
return new
|
|
771
|
+
return new D();
|
|
772
772
|
} catch {
|
|
773
773
|
}
|
|
774
774
|
return new j();
|
|
775
775
|
}
|
|
776
|
-
function
|
|
776
|
+
function q(r) {
|
|
777
777
|
return function() {
|
|
778
778
|
e.enableLogging && r.apply(console, Array.prototype.slice.call(arguments));
|
|
779
779
|
};
|
|
780
780
|
}
|
|
781
781
|
}
|
|
782
|
-
function
|
|
782
|
+
function ie(p) {
|
|
783
783
|
const e = String.fromCodePoint(...p);
|
|
784
784
|
return btoa(e);
|
|
785
785
|
}
|
|
786
|
-
async function
|
|
787
|
-
const
|
|
786
|
+
async function ce(p) {
|
|
787
|
+
const d = new TextEncoder().encode(p);
|
|
788
788
|
if (typeof crypto > "u" || typeof crypto.subtle > "u")
|
|
789
789
|
throw new Error("Web Crypto API is not available.");
|
|
790
|
-
return await crypto.subtle.digest("SHA-256",
|
|
790
|
+
return await crypto.subtle.digest("SHA-256", d);
|
|
791
791
|
}
|
|
792
|
-
function
|
|
793
|
-
const [e,
|
|
794
|
-
if (typeof
|
|
792
|
+
function J(p) {
|
|
793
|
+
const [e, d] = p.split(".");
|
|
794
|
+
if (typeof d != "string")
|
|
795
795
|
throw new Error("Unable to decode token, payload not found.");
|
|
796
|
-
let
|
|
796
|
+
let k;
|
|
797
797
|
try {
|
|
798
|
-
|
|
799
|
-
} catch (
|
|
800
|
-
throw new Error("Unable to decode token, payload is not a valid Base64URL value.", { cause:
|
|
798
|
+
k = ue(d);
|
|
799
|
+
} catch (m) {
|
|
800
|
+
throw new Error("Unable to decode token, payload is not a valid Base64URL value.", { cause: m });
|
|
801
801
|
}
|
|
802
802
|
try {
|
|
803
|
-
return JSON.parse(
|
|
804
|
-
} catch (
|
|
805
|
-
throw new Error("Unable to decode token, payload is not a valid JSON value.", { cause:
|
|
803
|
+
return JSON.parse(k);
|
|
804
|
+
} catch (m) {
|
|
805
|
+
throw new Error("Unable to decode token, payload is not a valid JSON value.", { cause: m });
|
|
806
806
|
}
|
|
807
807
|
}
|
|
808
|
-
function
|
|
808
|
+
function ue(p) {
|
|
809
809
|
let e = p.replaceAll("-", "+").replaceAll("_", "/");
|
|
810
810
|
switch (e.length % 4) {
|
|
811
811
|
case 0:
|
|
@@ -820,143 +820,146 @@ function le(p) {
|
|
|
820
820
|
throw new Error("Input is not of the correct length.");
|
|
821
821
|
}
|
|
822
822
|
try {
|
|
823
|
-
return
|
|
823
|
+
return le(e);
|
|
824
824
|
} catch {
|
|
825
825
|
return atob(e);
|
|
826
826
|
}
|
|
827
827
|
}
|
|
828
|
-
function
|
|
829
|
-
return decodeURIComponent(atob(p).replace(/(.)/g, (e,
|
|
830
|
-
let
|
|
831
|
-
return
|
|
828
|
+
function le(p) {
|
|
829
|
+
return decodeURIComponent(atob(p).replace(/(.)/g, (e, d) => {
|
|
830
|
+
let k = d.charCodeAt(0).toString(16).toUpperCase();
|
|
831
|
+
return k.length < 2 && (k = "0" + k), "%" + k;
|
|
832
832
|
}));
|
|
833
833
|
}
|
|
834
834
|
function z(p) {
|
|
835
835
|
return typeof p == "object" && p !== null;
|
|
836
836
|
}
|
|
837
|
-
|
|
838
|
-
|
|
839
|
-
|
|
840
|
-
const { VITE_KEYCLOAK_REALM: e, VITE_KEYCLOAK_HOST: l, VITE_KEYCLOAK_CLIENT_ID: m } = fe;
|
|
841
|
-
super({
|
|
842
|
-
url: l,
|
|
843
|
-
realm: e,
|
|
844
|
-
clientId: m
|
|
845
|
-
});
|
|
837
|
+
class V extends X {
|
|
838
|
+
constructor(e) {
|
|
839
|
+
super(e);
|
|
846
840
|
}
|
|
847
841
|
async initialize() {
|
|
848
842
|
try {
|
|
849
|
-
await this.init(
|
|
850
|
-
|
|
851
|
-
|
|
852
|
-
|
|
853
|
-
) && console.log("User is authenticated"), console.log("User is not authenticated");
|
|
843
|
+
const e = await this.init({
|
|
844
|
+
onLoad: "login-required"
|
|
845
|
+
});
|
|
846
|
+
console.log(e ? "User is authenticated" : "User is not authenticated");
|
|
854
847
|
} catch (e) {
|
|
855
848
|
console.error("Failed to initialize adapter:", e);
|
|
856
849
|
}
|
|
857
850
|
}
|
|
858
|
-
static async init() {
|
|
859
|
-
const
|
|
860
|
-
return await
|
|
851
|
+
static async init(e) {
|
|
852
|
+
const d = new V(e);
|
|
853
|
+
return console.log("KeycloakAdapter", e), await d.initialize(), d;
|
|
861
854
|
}
|
|
862
855
|
get userInfo() {
|
|
863
856
|
return this.idTokenParsed;
|
|
864
857
|
}
|
|
865
858
|
updateToken() {
|
|
866
|
-
return
|
|
859
|
+
return console.log("update the token"), super.updateToken(30);
|
|
867
860
|
}
|
|
868
861
|
get isAuthenticated() {
|
|
869
862
|
return this.authenticated ?? !1;
|
|
870
863
|
}
|
|
871
864
|
}
|
|
872
|
-
const
|
|
865
|
+
const de = {
|
|
873
866
|
skipAuthentication: !1
|
|
874
|
-
},
|
|
875
|
-
const e =
|
|
876
|
-
let
|
|
877
|
-
const
|
|
878
|
-
|
|
867
|
+
}, pe = (p) => {
|
|
868
|
+
const e = ne(!1);
|
|
869
|
+
let d;
|
|
870
|
+
const k = { ...de, ...p }, m = async () => {
|
|
871
|
+
const v = await V.init(p.keycloak);
|
|
872
|
+
return d = v, e.value = !0, v;
|
|
873
|
+
}, h = () => d == null ? void 0 : d.token, y = async () => {
|
|
874
|
+
if (!d)
|
|
879
875
|
return m();
|
|
880
|
-
e.value || await new Promise((
|
|
881
|
-
const
|
|
882
|
-
|
|
876
|
+
e.value || await new Promise((v) => {
|
|
877
|
+
const P = ae(e, (M) => {
|
|
878
|
+
M && (P(), v());
|
|
883
879
|
});
|
|
884
880
|
});
|
|
885
|
-
},
|
|
886
|
-
|
|
887
|
-
|
|
888
|
-
|
|
889
|
-
|
|
890
|
-
|
|
891
|
-
|
|
892
|
-
|
|
893
|
-
|
|
881
|
+
}, C = oe({
|
|
882
|
+
install(v) {
|
|
883
|
+
v.runWithContext(() => {
|
|
884
|
+
v.config.globalProperties.$auth = k, v.provide(B, C), console.log("setup done");
|
|
885
|
+
});
|
|
886
|
+
},
|
|
887
|
+
updateToken: async () => {
|
|
888
|
+
var v;
|
|
889
|
+
return (v = await y()) == null ? void 0 : v.updateToken();
|
|
894
890
|
},
|
|
895
|
-
|
|
896
|
-
|
|
897
|
-
|
|
898
|
-
|
|
891
|
+
token: h,
|
|
892
|
+
user: async () => {
|
|
893
|
+
var v;
|
|
894
|
+
return (v = await y()) == null ? void 0 : v.userInfo;
|
|
895
|
+
},
|
|
896
|
+
options: k
|
|
899
897
|
});
|
|
900
898
|
return C;
|
|
901
|
-
},
|
|
902
|
-
const
|
|
903
|
-
|
|
904
|
-
|
|
899
|
+
}, he = () => {
|
|
900
|
+
const p = se(B);
|
|
901
|
+
p || console.warn("No auth provided, authorized calls may not work");
|
|
902
|
+
const e = async (d, k, m = { contentType: "application/json" }) => {
|
|
903
|
+
const h = (m == null ? void 0 : m.skipAuth) ?? (p == null ? void 0 : p.options.skipAuthentication), y = {
|
|
904
|
+
accept: "application/json",
|
|
905
|
+
...k.headers ?? {}
|
|
906
|
+
};
|
|
907
|
+
m.contentType && (y["Content-Type"] = m.contentType), h || (await (p == null ? void 0 : p.updateToken()), y.Authorization = `Bearer ${p == null ? void 0 : p.token()}`);
|
|
908
|
+
const b = new URL(d, window.location.href);
|
|
909
|
+
if (m != null && m.queryParams)
|
|
910
|
+
for (const [C, v] of Object.entries(m.queryParams))
|
|
911
|
+
b.searchParams.set(C, v);
|
|
912
|
+
const T = await fetch(b.toString(), {
|
|
913
|
+
...k,
|
|
914
|
+
headers: y
|
|
915
|
+
});
|
|
916
|
+
return T.ok ? T.json() : (m != null && m.skipAuth, Promise.reject({
|
|
917
|
+
content: T.body,
|
|
918
|
+
status: T.status
|
|
919
|
+
}));
|
|
905
920
|
};
|
|
906
|
-
|
|
907
|
-
|
|
908
|
-
|
|
909
|
-
|
|
910
|
-
|
|
911
|
-
|
|
912
|
-
|
|
913
|
-
|
|
914
|
-
|
|
915
|
-
|
|
916
|
-
|
|
917
|
-
|
|
918
|
-
|
|
919
|
-
|
|
920
|
-
|
|
921
|
-
|
|
922
|
-
|
|
923
|
-
for (const h in l)
|
|
924
|
-
v.append(h, l[h]);
|
|
925
|
-
return v.append("file", e), R(
|
|
926
|
-
p,
|
|
921
|
+
return {
|
|
922
|
+
get: (d, k) => e(d, { method: "GET" }, k),
|
|
923
|
+
postFile: (d, k, m = {}, h) => {
|
|
924
|
+
const y = new FormData();
|
|
925
|
+
for (const b in m)
|
|
926
|
+
y.append(b, m[b]);
|
|
927
|
+
return y.append("file", k), e(
|
|
928
|
+
d,
|
|
929
|
+
{
|
|
930
|
+
method: "POST",
|
|
931
|
+
body: y
|
|
932
|
+
},
|
|
933
|
+
{ ...h, contentType: void 0 }
|
|
934
|
+
);
|
|
935
|
+
},
|
|
936
|
+
post: (d, k, m) => e(
|
|
937
|
+
d,
|
|
927
938
|
{
|
|
928
939
|
method: "POST",
|
|
929
|
-
body:
|
|
940
|
+
body: JSON.stringify(k)
|
|
930
941
|
},
|
|
931
|
-
|
|
932
|
-
)
|
|
933
|
-
|
|
934
|
-
|
|
935
|
-
|
|
936
|
-
|
|
937
|
-
|
|
938
|
-
|
|
939
|
-
|
|
940
|
-
|
|
941
|
-
|
|
942
|
-
|
|
943
|
-
|
|
944
|
-
|
|
945
|
-
|
|
946
|
-
|
|
947
|
-
|
|
948
|
-
|
|
949
|
-
|
|
950
|
-
delete: (p, e, l) => R(
|
|
951
|
-
p,
|
|
952
|
-
{
|
|
953
|
-
method: "DELETE",
|
|
954
|
-
body: JSON.stringify(e)
|
|
955
|
-
},
|
|
956
|
-
l
|
|
957
|
-
)
|
|
942
|
+
m
|
|
943
|
+
),
|
|
944
|
+
patch: (d, k, m) => e(
|
|
945
|
+
d,
|
|
946
|
+
{
|
|
947
|
+
method: "PATCH",
|
|
948
|
+
body: JSON.stringify(k)
|
|
949
|
+
},
|
|
950
|
+
m
|
|
951
|
+
),
|
|
952
|
+
delete: (d, k, m) => e(
|
|
953
|
+
d,
|
|
954
|
+
{
|
|
955
|
+
method: "DELETE",
|
|
956
|
+
body: JSON.stringify(k)
|
|
957
|
+
},
|
|
958
|
+
m
|
|
959
|
+
)
|
|
960
|
+
};
|
|
958
961
|
};
|
|
959
962
|
export {
|
|
960
|
-
|
|
961
|
-
|
|
963
|
+
pe as createAuth,
|
|
964
|
+
he as useHttpRequest
|
|
962
965
|
};
|
package/lib/auth.const.d.ts
CHANGED
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
import { App } from 'vue';
|
|
2
|
+
import { KeycloakConfig } from './keycloak.adapter';
|
|
2
3
|
export declare const auth_symbol = "GHENTCDH_AUTHENTICATION";
|
|
3
4
|
export type AuthOptions = {
|
|
4
5
|
skipAuthentication?: boolean;
|
|
6
|
+
keycloak: KeycloakConfig;
|
|
5
7
|
};
|
|
6
8
|
export interface Auth {
|
|
7
9
|
install: (app: App) => void;
|
|
@@ -1,8 +1,13 @@
|
|
|
1
1
|
import { default as Keycloak } from 'keycloak-js';
|
|
2
|
+
export type KeycloakConfig = {
|
|
3
|
+
realm: string;
|
|
4
|
+
url: string;
|
|
5
|
+
clientId: string;
|
|
6
|
+
};
|
|
2
7
|
export declare class KeycloakAdapter extends Keycloak {
|
|
3
8
|
private constructor();
|
|
4
9
|
private initialize;
|
|
5
|
-
static init(): Promise<KeycloakAdapter>;
|
|
10
|
+
static init(config: KeycloakConfig): Promise<KeycloakAdapter>;
|
|
6
11
|
get userInfo(): any;
|
|
7
12
|
updateToken(): any;
|
|
8
13
|
get isAuthenticated(): any;
|
package/lib/request.d.ts
CHANGED
|
@@ -3,7 +3,7 @@ type RequestOptions = {
|
|
|
3
3
|
queryParams?: Record<string, any>;
|
|
4
4
|
contentType?: string;
|
|
5
5
|
};
|
|
6
|
-
export declare const
|
|
6
|
+
export declare const useHttpRequest: () => {
|
|
7
7
|
get: <T>(url: string, options?: RequestOptions) => Promise<T>;
|
|
8
8
|
postFile: <T>(url: string, file: File, data?: any, options?: RequestOptions) => Promise<T>;
|
|
9
9
|
post: <T>(url: string, data: any, options?: RequestOptions) => Promise<T>;
|