@goldstack/template-user-management 0.1.85 → 0.1.87
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/src/client/getEndpoints.d.ts +1 -0
- package/dist/src/client/getEndpoints.d.ts.map +1 -1
- package/dist/src/client/getEndpoints.js +4 -2
- package/dist/src/client/getEndpoints.js.map +1 -1
- package/dist/src/client/getLoggedInUser.d.ts +1 -0
- package/dist/src/client/getLoggedInUser.d.ts.map +1 -1
- package/dist/src/client/getLoggedInUser.js.map +1 -1
- package/dist/src/client/handleRedirectCallback.d.ts +5 -1
- package/dist/src/client/handleRedirectCallback.d.ts.map +1 -1
- package/dist/src/client/handleRedirectCallback.js +26 -5
- package/dist/src/client/handleRedirectCallback.js.map +1 -1
- package/dist/src/client/operationWithRedirect.d.ts +1 -0
- package/dist/src/client/operationWithRedirect.d.ts.map +1 -1
- package/dist/src/client/operationWithRedirect.js +5 -1
- package/dist/src/client/operationWithRedirect.js.map +1 -1
- package/dist/src/client/state.d.ts +9 -0
- package/dist/src/client/state.d.ts.map +1 -1
- package/dist/src/client/state.js +12 -0
- package/dist/src/client/state.js.map +1 -1
- package/dist/src/templateUserManagement.d.ts +50 -22
- package/dist/src/templateUserManagement.d.ts.map +1 -1
- package/dist/src/templateUserManagement.js +91 -11
- package/dist/src/templateUserManagement.js.map +1 -1
- package/package.json +3 -3
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getEndpoints.d.ts","sourceRoot":"","sources":["../../../src/client/getEndpoints.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,QAAQ,EAGT,MAAM,2BAA2B,CAAC;AAInC,wBAAsB,WAAW,CAAC,IAAI,EAAE;IACtC,eAAe,EAAE,GAAG,CAAC;IACrB,QAAQ,EAAE,QAAQ,CAAC;IACnB,aAAa,EAAE,GAAG,CAAC;IACnB,iBAAiB,EAAE,GAAG,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"getEndpoints.d.ts","sourceRoot":"","sources":["../../../src/client/getEndpoints.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,QAAQ,EAGT,MAAM,2BAA2B,CAAC;AAInC,wBAAsB,WAAW,CAAC,IAAI,EAAE;IACtC,eAAe,EAAE,GAAG,CAAC;IACrB,QAAQ,EAAE,QAAQ,CAAC;IACnB,aAAa,EAAE,GAAG,CAAC;IACnB,iBAAiB,EAAE,GAAG,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,GAAG,OAAO,CAAC,MAAM,CAAC,CAgDlB"}
|
|
@@ -23,13 +23,15 @@ async function getEndpoint(args) {
|
|
|
23
23
|
`&client_id=${deploymentOutput.terraform.user_pool_client_id.value}` +
|
|
24
24
|
`&redirect_uri=${deployment.configuration.callbackUrl}` +
|
|
25
25
|
'&code_challenge_method=S256' +
|
|
26
|
-
`&code_challenge=${await (0, getCodeVerifier_1.getCodeChallenge)()}`
|
|
26
|
+
`&code_challenge=${await (0, getCodeVerifier_1.getCodeChallenge)()}` +
|
|
27
|
+
(args.state ? `&state=${encodeURIComponent(args.state)}` : ''));
|
|
27
28
|
case 'signup':
|
|
28
29
|
return (`${baseUrl}/signup?response_type=code` +
|
|
29
30
|
`&client_id=${deploymentOutput.terraform.user_pool_client_id.value}` +
|
|
30
31
|
`&redirect_uri=${deployment.configuration.callbackUrl}` +
|
|
31
32
|
'&code_challenge_method=S256' +
|
|
32
|
-
`&code_challenge=${await (0, getCodeVerifier_1.getCodeChallenge)()}`
|
|
33
|
+
`&code_challenge=${await (0, getCodeVerifier_1.getCodeChallenge)()}` +
|
|
34
|
+
(args.state ? `&state=${encodeURIComponent(args.state)}` : ''));
|
|
33
35
|
case 'token':
|
|
34
36
|
return `${baseUrl}/oauth2/token`;
|
|
35
37
|
case 'logout':
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getEndpoints.js","sourceRoot":"","sources":["../../../src/client/getEndpoints.ts"],"names":[],"mappings":";;AASA,
|
|
1
|
+
{"version":3,"file":"getEndpoints.js","sourceRoot":"","sources":["../../../src/client/getEndpoints.ts"],"names":[],"mappings":";;AASA,kCAuDC;AAhED,4FAAiF;AAMjF,kEAAkF;AAClF,uDAAqD;AAE9C,KAAK,UAAU,WAAW,CAAC,IAOjC;IACC,MAAM,cAAc,GAAG,IAAA,wCAAiB,EAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAE9D,IAAI,cAAc,KAAK,OAAO,EAAE,CAAC;QAC/B,OAAO,mBAAmB,CAAC;IAC7B,CAAC;IAED,MAAM,aAAa,GAAG,IAAI,qDAAqB,CAAkD;QAC/F,aAAa,EAAE,IAAI,CAAC,eAAe;QACnC,aAAa,EAAE,IAAI,CAAC,aAAa;KAClC,CAAC,CAAC;IAEH,MAAM,gBAAgB,GAAG,IAAA,2CAAoB,EAAC,IAAI,CAAC,iBAAiB,EAAE,cAAc,CAAC,CAAC;IAEtF,0EAA0E;IAE1E,MAAM,UAAU,GAAG,aAAa,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;IAC/D,MAAM,OAAO,GAAG,WAAW,UAAU,CAAC,aAAa,CAAC,aAAa,EAAE,CAAC;IACpE,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;QACtB,KAAK,WAAW;YACd,OAAO,CACL,GAAG,OAAO,sCAAsC;gBAChD,cAAc,gBAAgB,CAAC,SAAS,CAAC,mBAAmB,CAAC,KAAK,EAAE;gBACpE,iBAAiB,UAAU,CAAC,aAAa,CAAC,WAAW,EAAE;gBACvD,6BAA6B;gBAC7B,mBAAmB,MAAM,IAAA,kCAAgB,GAAE,EAAE;gBAC7C,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAC/D,CAAC;QACJ,KAAK,QAAQ;YACX,OAAO,CACL,GAAG,OAAO,4BAA4B;gBACtC,cAAc,gBAAgB,CAAC,SAAS,CAAC,mBAAmB,CAAC,KAAK,EAAE;gBACpE,iBAAiB,UAAU,CAAC,aAAa,CAAC,WAAW,EAAE;gBACvD,6BAA6B;gBAC7B,mBAAmB,MAAM,IAAA,kCAAgB,GAAE,EAAE;gBAC7C,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAC/D,CAAC;QACJ,KAAK,OAAO;YACV,OAAO,GAAG,OAAO,eAAe,CAAC;QACnC,KAAK,QAAQ;YACX,OAAO,CACL,GAAG,OAAO,4BAA4B;gBACtC,cAAc,gBAAgB,CAAC,SAAS,CAAC,mBAAmB,CAAC,KAAK,EAAE;gBACpE,iBAAiB,UAAU,CAAC,aAAa,CAAC,WAAW,EAAE;gBACvD,6BAA6B;gBAC7B,mBAAmB,MAAM,IAAA,kCAAgB,GAAE,EAAE,CAC9C,CAAC;IACN,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getLoggedInUser.d.ts","sourceRoot":"","sources":["../../../src/client/getLoggedInUser.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,gBAAgB;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"getLoggedInUser.d.ts","sourceRoot":"","sources":["../../../src/client/getLoggedInUser.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,gBAAgB;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAID;;;GAGG;AACH,wBAAgB,eAAe,IAAI,gBAAgB,GAAG,SAAS,CAmB9D;AAED;;GAEG;AACH,wBAAgB,eAAe,IAAI,OAAO,CAEzC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getLoggedInUser.js","sourceRoot":"","sources":["../../../src/client/getLoggedInUser.ts"],"names":[],"mappings":";AAAA;;GAEG;;
|
|
1
|
+
{"version":3,"file":"getLoggedInUser.js","sourceRoot":"","sources":["../../../src/client/getLoggedInUser.ts"],"names":[],"mappings":";AAAA;;GAEG;;AAcH,0CAmBC;AAKD,0CAEC;AAhCD,mCAAsC;AAEtC;;;GAGG;AACH,SAAgB,eAAe;IAC7B,IAAI,mBAAW,EAAE,CAAC;QAChB,OAAO;IACT,CAAC;IAED,8EAA8E;IAC9E,sBAAsB;IACtB,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO;IACT,CAAC;IACD,MAAM,mBAAmB,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC;IACpF,MAAM,eAAe,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAC5E,IAAI,mBAAmB,IAAI,eAAe,EAAE,CAAC;QAC3C,OAAO;YACL,WAAW,EAAE,mBAAmB;YAChC,OAAO,EAAE,eAAe;SACzB,CAAC;IACJ,CAAC;IACD,OAAO;AACT,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe;IAC7B,OAAO,eAAe,EAAE,KAAK,SAAS,CAAC;AACzC,CAAC"}
|
|
@@ -1,6 +1,10 @@
|
|
|
1
1
|
import type { ClientAuthResult } from './getLoggedInUser';
|
|
2
2
|
/**
|
|
3
|
-
* Handles the redirect callback from the authentication provider
|
|
3
|
+
* Handles the redirect callback from the authentication provider.
|
|
4
|
+
*
|
|
5
|
+
* Note: In browser environments, this function performs a redirect and never returns
|
|
6
|
+
* to the caller. The return value is only relevant for Jest test environments and
|
|
7
|
+
* server-side rendering contexts where redirects are not performed.
|
|
4
8
|
*/
|
|
5
9
|
export declare function handleRedirectCallback(args: {
|
|
6
10
|
goldstackConfig: any;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"handleRedirectCallback.d.ts","sourceRoot":"","sources":["../../../src/client/handleRedirectCallback.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;
|
|
1
|
+
{"version":3,"file":"handleRedirectCallback.d.ts","sourceRoot":"","sources":["../../../src/client/handleRedirectCallback.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAG1D;;;;;;GAMG;AACH,wBAAsB,sBAAsB,CAAC,IAAI,EAAE;IACjD,eAAe,EAAE,GAAG,CAAC;IACrB,aAAa,EAAE,GAAG,CAAC;IACnB,iBAAiB,EAAE,GAAG,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,GAAG,OAAO,CAAC,gBAAgB,GAAG,SAAS,CAAC,CAqDxC"}
|
|
@@ -4,12 +4,15 @@ exports.handleRedirectCallback = handleRedirectCallback;
|
|
|
4
4
|
const utils_package_config_embedded_1 = require("@goldstack/utils-package-config-embedded");
|
|
5
5
|
const userManagementConfig_1 = require("../userManagementConfig");
|
|
6
6
|
const getAndPersistToken_1 = require("./getAndPersistToken");
|
|
7
|
+
const state_1 = require("./state");
|
|
7
8
|
/**
|
|
8
|
-
* Handles the redirect callback from the authentication provider
|
|
9
|
+
* Handles the redirect callback from the authentication provider.
|
|
10
|
+
*
|
|
11
|
+
* Note: In browser environments, this function performs a redirect and never returns
|
|
12
|
+
* to the caller. The return value is only relevant for Jest test environments and
|
|
13
|
+
* server-side rendering contexts where redirects are not performed.
|
|
9
14
|
*/
|
|
10
15
|
async function handleRedirectCallback(args) {
|
|
11
|
-
// if running on the server, such as for rendering a page for SSR, client auth
|
|
12
|
-
// cannot be performed
|
|
13
16
|
if (typeof window === 'undefined') {
|
|
14
17
|
return;
|
|
15
18
|
}
|
|
@@ -18,25 +21,43 @@ async function handleRedirectCallback(args) {
|
|
|
18
21
|
if (!code) {
|
|
19
22
|
return;
|
|
20
23
|
}
|
|
24
|
+
const state = params.get('state');
|
|
21
25
|
const deploymentName = (0, userManagementConfig_1.getDeploymentName)(args.deploymentName);
|
|
22
26
|
const token = await (0, getAndPersistToken_1.getAndPersistToken)({ ...args, code });
|
|
23
27
|
const packageConfig = new utils_package_config_embedded_1.EmbeddedPackageConfig({
|
|
24
28
|
goldstackJson: args.goldstackConfig,
|
|
25
29
|
packageSchema: args.packageSchema,
|
|
26
30
|
});
|
|
31
|
+
// Determine the redirect URL based on deployment type and state
|
|
32
|
+
let redirectUrl;
|
|
27
33
|
if (deploymentName === 'local') {
|
|
28
|
-
|
|
34
|
+
redirectUrl = window.location.href.split('?')[0];
|
|
29
35
|
}
|
|
30
36
|
else {
|
|
31
37
|
const deployment = packageConfig.getDeployment(deploymentName);
|
|
32
|
-
|
|
38
|
+
redirectUrl = deployment.configuration.callbackUrl;
|
|
33
39
|
}
|
|
40
|
+
// Apply state redirection if valid
|
|
41
|
+
if (state) {
|
|
42
|
+
if ((0, state_1.isValidState)(state)) {
|
|
43
|
+
redirectUrl = state;
|
|
44
|
+
}
|
|
45
|
+
else {
|
|
46
|
+
console.warn(`Invalid state parameter received: "${state}". ` +
|
|
47
|
+
`State must be a relative path starting with '/'. ` +
|
|
48
|
+
`Redirecting to callback URL instead.`);
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
// In browser environments, this redirect causes navigation and the function
|
|
52
|
+
// never returns to the caller. The code below only executes in Jest tests.
|
|
53
|
+
window.location.href = redirectUrl;
|
|
34
54
|
if (!token) {
|
|
35
55
|
return;
|
|
36
56
|
}
|
|
37
57
|
return {
|
|
38
58
|
accessToken: token.accessToken,
|
|
39
59
|
idToken: token.idToken,
|
|
60
|
+
state: state || undefined,
|
|
40
61
|
};
|
|
41
62
|
}
|
|
42
63
|
//# sourceMappingURL=handleRedirectCallback.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"handleRedirectCallback.js","sourceRoot":"","sources":["../../../src/client/handleRedirectCallback.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"handleRedirectCallback.js","sourceRoot":"","sources":["../../../src/client/handleRedirectCallback.ts"],"names":[],"mappings":";;AAeA,wDA0DC;AAzED,4FAAiF;AAGjF,kEAA4D;AAC5D,6DAA0D;AAE1D,mCAAuC;AAEvC;;;;;;GAMG;AACI,KAAK,UAAU,sBAAsB,CAAC,IAK5C;IACC,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAChC,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO;IACT,CAAC;IACD,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAClC,MAAM,cAAc,GAAG,IAAA,wCAAiB,EAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAE9D,MAAM,KAAK,GAAG,MAAM,IAAA,uCAAkB,EAAC,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1D,MAAM,aAAa,GAAG,IAAI,qDAAqB,CAAkD;QAC/F,aAAa,EAAE,IAAI,CAAC,eAAe;QACnC,aAAa,EAAE,IAAI,CAAC,aAAa;KAClC,CAAC,CAAC;IAEH,gEAAgE;IAChE,IAAI,WAAmB,CAAC;IACxB,IAAI,cAAc,KAAK,OAAO,EAAE,CAAC;QAC/B,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACnD,CAAC;SAAM,CAAC;QACN,MAAM,UAAU,GAAG,aAAa,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;QAC/D,WAAW,GAAG,UAAU,CAAC,aAAa,CAAC,WAAW,CAAC;IACrD,CAAC;IAED,mCAAmC;IACnC,IAAI,KAAK,EAAE,CAAC;QACV,IAAI,IAAA,oBAAY,EAAC,KAAK,CAAC,EAAE,CAAC;YACxB,WAAW,GAAG,KAAK,CAAC;QACtB,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,IAAI,CACV,sCAAsC,KAAK,KAAK;gBAC9C,mDAAmD;gBACnD,sCAAsC,CACzC,CAAC;QACJ,CAAC;IACH,CAAC;IAED,4EAA4E;IAC5E,2EAA2E;IAC3E,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,WAAW,CAAC;IAEnC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO;IACT,CAAC;IACD,OAAO;QACL,WAAW,EAAE,KAAK,CAAC,WAAW;QAC9B,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,KAAK,EAAE,KAAK,IAAI,SAAS;KAC1B,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"operationWithRedirect.d.ts","sourceRoot":"","sources":["../../../src/client/operationWithRedirect.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAK1D;;GAEG;AACH,wBAAsB,qBAAqB,CAAC,IAAI,EAAE;IAChD,eAAe,EAAE,GAAG,CAAC;IACrB,aAAa,EAAE,GAAG,CAAC;IACnB,iBAAiB,EAAE,GAAG,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,SAAS,EAAE,WAAW,GAAG,QAAQ,CAAC;
|
|
1
|
+
{"version":3,"file":"operationWithRedirect.d.ts","sourceRoot":"","sources":["../../../src/client/operationWithRedirect.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAK1D;;GAEG;AACH,wBAAsB,qBAAqB,CAAC,IAAI,EAAE;IAChD,eAAe,EAAE,GAAG,CAAC;IACrB,aAAa,EAAE,GAAG,CAAC;IACnB,iBAAiB,EAAE,GAAG,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,SAAS,EAAE,WAAW,GAAG,QAAQ,CAAC;IAClC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,GAAG,OAAO,CAAC,gBAAgB,GAAG,SAAS,CAAC,CAqExC"}
|
|
@@ -43,7 +43,11 @@ async function operationWithRedirect(args) {
|
|
|
43
43
|
if ((0, userManagementClientMock_1.getMockedUserAccessToken)() === undefined) {
|
|
44
44
|
return;
|
|
45
45
|
}
|
|
46
|
-
|
|
46
|
+
let redirectUrl = '?code=dummy-local-client-code';
|
|
47
|
+
if (args.state) {
|
|
48
|
+
redirectUrl += `&state=${encodeURIComponent(args.state)}`;
|
|
49
|
+
}
|
|
50
|
+
window.location.href = redirectUrl;
|
|
47
51
|
return;
|
|
48
52
|
}
|
|
49
53
|
const refreshToken = state_1.refreshTokenStorage;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"operationWithRedirect.js","sourceRoot":"","sources":["../../../src/client/operationWithRedirect.ts"],"names":[],"mappings":";;AAYA,
|
|
1
|
+
{"version":3,"file":"operationWithRedirect.js","sourceRoot":"","sources":["../../../src/client/operationWithRedirect.ts"],"names":[],"mappings":";;AAYA,sDA4EC;AAxFD,0EAAuE;AACvE,kEAA4D;AAC5D,6DAA0D;AAC1D,iDAA6C;AAE7C,qEAAkE;AAElE,mCAAmF;AAEnF;;GAEG;AACI,KAAK,UAAU,qBAAqB,CAAC,IAO3C;IACC,IAAI,mBAAW,EAAE,CAAC;QAChB,OAAO;IACT,CAAC;IACD,MAAM,cAAc,GAAG,IAAA,wCAAiB,EAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAE9D,8EAA8E;IAC9E,sBAAsB;IACtB,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAEhC,gCAAgC;IAChC,IAAI,OAAO,OAAO,KAAK,WAAW,IAAI,OAAO,IAAI,KAAK,WAAW,EAAE,CAAC;QAClE,MAAM,KAAK,GAAG,MAAM,IAAA,uCAAkB,EAAC;YACrC,GAAG,IAAI;YACP,IAAI,EAAE,yBAAyB;SAChC,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO;QACT,CAAC;QACD,OAAO;YACL,WAAW,EAAE,KAAK,CAAC,WAAW;YAC9B,OAAO,EAAE,KAAK,CAAC,OAAO;SACvB,CAAC;IACJ,CAAC;IAED,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,MAAM,IAAA,+CAAsB,EAAC,IAAI,CAAC,CAAC;IAC5C,CAAC;IAED,IAAI,cAAc,KAAK,OAAO,EAAE,CAAC;QAC/B,IAAI,IAAA,mDAAwB,GAAE,KAAK,SAAS,EAAE,CAAC;YAC7C,OAAO;QACT,CAAC;QACD,IAAI,WAAW,GAAG,+BAA+B,CAAC;QAClD,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,WAAW,IAAI,UAAU,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QAC5D,CAAC;QACD,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,WAAW,CAAC;QACnC,OAAO;IACT,CAAC;IAED,MAAM,YAAY,GAAG,2BAAmB,CAAC;IACzC,8FAA8F;IAC9F,IAAI,YAAY,EAAE,CAAC;QACjB,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,IAAA,uCAAkB,EAAC,EAAE,GAAG,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC;YAClE,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO;YACT,CAAC;YACD,OAAO;gBACL,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,OAAO,EAAE,KAAK,CAAC,OAAO;aACvB,CAAC;QACJ,CAAC;QAAC,OAAO,EAAE,EAAE,CAAC;YACZ,iFAAiF;YACjF,IAAA,8BAAsB,EAAC,SAAS,CAAC,CAAC;YAClC,6CAA6C;QAC/C,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,IAAA,0BAAW,EAAC,EAAE,GAAG,IAAI,EAAE,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;IAE1E,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,QAAQ,CAAC;IAChC,OAAO,SAAS,CAAC;AACnB,CAAC"}
|
|
@@ -5,4 +5,13 @@ export declare let forceLogout: boolean;
|
|
|
5
5
|
export declare let refreshTokenStorage: string | undefined;
|
|
6
6
|
export declare function setForceLogout(value: boolean): void;
|
|
7
7
|
export declare function setRefreshTokenStorage(token: string | undefined): void;
|
|
8
|
+
/**
|
|
9
|
+
* Validates that a state parameter is a safe relative path.
|
|
10
|
+
* Prevents open redirect vulnerabilities by rejecting absolute URLs
|
|
11
|
+
* and protocol-relative URLs.
|
|
12
|
+
*
|
|
13
|
+
* @param state - The state value to validate
|
|
14
|
+
* @returns true if the state is a valid relative path
|
|
15
|
+
*/
|
|
16
|
+
export declare function isValidState(state: string): boolean;
|
|
8
17
|
//# sourceMappingURL=state.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"state.d.ts","sourceRoot":"","sources":["../../../src/client/state.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,eAAO,IAAI,WAAW,SAAQ,CAAC;AAC/B,eAAO,IAAI,mBAAmB,EAAE,MAAM,GAAG,SAAqB,CAAC;AAE/D,wBAAgB,cAAc,CAAC,KAAK,EAAE,OAAO,QAE5C;AAED,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,QAE/D"}
|
|
1
|
+
{"version":3,"file":"state.d.ts","sourceRoot":"","sources":["../../../src/client/state.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,eAAO,IAAI,WAAW,SAAQ,CAAC;AAC/B,eAAO,IAAI,mBAAmB,EAAE,MAAM,GAAG,SAAqB,CAAC;AAE/D,wBAAgB,cAAc,CAAC,KAAK,EAAE,OAAO,QAE5C;AAED,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,QAE/D;AAED;;;;;;;GAOG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAEnD"}
|
package/dist/src/client/state.js
CHANGED
|
@@ -6,6 +6,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
6
6
|
exports.refreshTokenStorage = exports.forceLogout = void 0;
|
|
7
7
|
exports.setForceLogout = setForceLogout;
|
|
8
8
|
exports.setRefreshTokenStorage = setRefreshTokenStorage;
|
|
9
|
+
exports.isValidState = isValidState;
|
|
9
10
|
exports.forceLogout = false;
|
|
10
11
|
exports.refreshTokenStorage = undefined;
|
|
11
12
|
function setForceLogout(value) {
|
|
@@ -14,4 +15,15 @@ function setForceLogout(value) {
|
|
|
14
15
|
function setRefreshTokenStorage(token) {
|
|
15
16
|
exports.refreshTokenStorage = token;
|
|
16
17
|
}
|
|
18
|
+
/**
|
|
19
|
+
* Validates that a state parameter is a safe relative path.
|
|
20
|
+
* Prevents open redirect vulnerabilities by rejecting absolute URLs
|
|
21
|
+
* and protocol-relative URLs.
|
|
22
|
+
*
|
|
23
|
+
* @param state - The state value to validate
|
|
24
|
+
* @returns true if the state is a valid relative path
|
|
25
|
+
*/
|
|
26
|
+
function isValidState(state) {
|
|
27
|
+
return state.startsWith('/') && !state.startsWith('//') && !state.includes('://');
|
|
28
|
+
}
|
|
17
29
|
//# sourceMappingURL=state.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"state.js","sourceRoot":"","sources":["../../../src/client/state.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAKH,wCAEC;AAED,wDAEC;
|
|
1
|
+
{"version":3,"file":"state.js","sourceRoot":"","sources":["../../../src/client/state.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAKH,wCAEC;AAED,wDAEC;AAUD,oCAEC;AArBU,QAAA,WAAW,GAAG,KAAK,CAAC;AACpB,QAAA,mBAAmB,GAAuB,SAAS,CAAC;AAE/D,SAAgB,cAAc,CAAC,KAAc;IAC3C,mBAAW,GAAG,KAAK,CAAC;AACtB,CAAC;AAED,SAAgB,sBAAsB,CAAC,KAAyB;IAC9D,2BAAmB,GAAG,KAAK,CAAC;AAC9B,CAAC;AAED;;;;;;;GAOG;AACH,SAAgB,YAAY,CAAC,KAAa;IACxC,OAAO,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACpF,CAAC"}
|
|
@@ -10,16 +10,45 @@ export { getLoggedInUser, isAuthenticated } from './client/getLoggedInUser';
|
|
|
10
10
|
export { handleRedirectCallback } from './client/handleRedirectCallback';
|
|
11
11
|
export { operationWithRedirect } from './client/operationWithRedirect';
|
|
12
12
|
export { performLogout } from './client/performLogout';
|
|
13
|
+
export { isValidState } from './client/state';
|
|
13
14
|
export { connectWithCognito } from './cognitoTokenVerify';
|
|
14
15
|
export { getMockedUserAccessToken, getMockedUserIdToken, setMockedUserAccessToken, setMockedUserIdToken, } from './userManagementClientMock';
|
|
15
16
|
export { generateTestAccessToken, generateTestIdToken, getLocalUserManager, setLocalUserManager, } from './userManagementServerMock';
|
|
16
17
|
export type Endpoint = 'authorize' | 'signup' | 'token' | 'logout';
|
|
18
|
+
/**
|
|
19
|
+
* Options for login and signup redirect operations.
|
|
20
|
+
*/
|
|
21
|
+
export interface LoginOptions {
|
|
22
|
+
/**
|
|
23
|
+
* Override the URL to redirect to after authentication.
|
|
24
|
+
* By default, the current URL (pathname + search + hash) is preserved.
|
|
25
|
+
* Must be a relative path starting with '/' (e.g., '/app/dashboard').
|
|
26
|
+
*/
|
|
27
|
+
targetUrl?: string;
|
|
28
|
+
/**
|
|
29
|
+
* If true, redirect to the callback URL instead of preserving the current path.
|
|
30
|
+
* Useful when you want to always redirect to a default page after authentication.
|
|
31
|
+
*/
|
|
32
|
+
doNotPreservePath?: boolean;
|
|
33
|
+
}
|
|
34
|
+
/**
|
|
35
|
+
* Internal arguments for redirect operations.
|
|
36
|
+
*/
|
|
37
|
+
export interface RedirectArgs {
|
|
38
|
+
goldstackConfig: any;
|
|
39
|
+
packageSchema: any;
|
|
40
|
+
deploymentsOutput: any;
|
|
41
|
+
deploymentName?: string;
|
|
42
|
+
options?: LoginOptions;
|
|
43
|
+
operation: 'authorize' | 'signup';
|
|
44
|
+
}
|
|
17
45
|
export declare function getEndpoint(args: {
|
|
18
46
|
goldstackConfig: any;
|
|
19
47
|
endpoint: Endpoint;
|
|
20
48
|
packageSchema: any;
|
|
21
49
|
deploymentsOutput: any;
|
|
22
50
|
deploymentName?: string;
|
|
51
|
+
state?: string;
|
|
23
52
|
}): Promise<string>;
|
|
24
53
|
export declare function getToken(args: {
|
|
25
54
|
goldstackConfig: any;
|
|
@@ -29,28 +58,27 @@ export declare function getToken(args: {
|
|
|
29
58
|
deploymentsOutput: any;
|
|
30
59
|
deploymentName?: string;
|
|
31
60
|
}): Promise<GetTokenResults | undefined>;
|
|
61
|
+
export declare function loginWithRedirect(args: Omit<RedirectArgs, 'operation'>): Promise<ClientAuthResult | undefined>;
|
|
32
62
|
/**
|
|
33
|
-
*
|
|
34
|
-
*
|
|
35
|
-
*
|
|
36
|
-
*
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
*
|
|
46
|
-
*
|
|
47
|
-
*
|
|
48
|
-
*
|
|
63
|
+
* Performs client-side sign up.
|
|
64
|
+
* Will redirect to Cognito hosted UI for signing up if required.
|
|
65
|
+
* Sets client-side cookies and session variables.
|
|
66
|
+
*
|
|
67
|
+
* By default, the current URL (pathname + search + hash) is automatically preserved
|
|
68
|
+
* and the user will be redirected back after authentication.
|
|
69
|
+
*
|
|
70
|
+
* @example
|
|
71
|
+
* // Auto-preserve current URL
|
|
72
|
+
* await signUpWithRedirect(args);
|
|
73
|
+
*
|
|
74
|
+
* // Specify deployment
|
|
75
|
+
* await signUpWithRedirect({ ...args, deploymentName: 'prod' });
|
|
76
|
+
*
|
|
77
|
+
* // Redirect to specific URL after auth
|
|
78
|
+
* await signUpWithRedirect({ ...args, options: { targetUrl: '/dashboard' } });
|
|
79
|
+
*
|
|
80
|
+
* // Skip path preservation
|
|
81
|
+
* await signUpWithRedirect({ ...args, options: { doNotPreservePath: true } });
|
|
49
82
|
*/
|
|
50
|
-
export declare function signUpWithRedirect(args:
|
|
51
|
-
goldstackConfig: any;
|
|
52
|
-
packageSchema: any;
|
|
53
|
-
deploymentsOutput: any;
|
|
54
|
-
deploymentName?: string;
|
|
55
|
-
}): Promise<ClientAuthResult | undefined>;
|
|
83
|
+
export declare function signUpWithRedirect(args: Omit<RedirectArgs, 'operation'>): Promise<ClientAuthResult | undefined>;
|
|
56
84
|
//# sourceMappingURL=templateUserManagement.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"templateUserManagement.d.ts","sourceRoot":"","sources":["../../src/templateUserManagement.ts"],"names":[],"mappings":"AAAA,cAAc,+BAA+B,CAAC;
|
|
1
|
+
{"version":3,"file":"templateUserManagement.d.ts","sourceRoot":"","sources":["../../src/templateUserManagement.ts"],"names":[],"mappings":"AAAA,cAAc,+BAA+B,CAAC;AAM9C,YAAY,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAE3D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAEzD,YAAY,EAAE,eAAe,EAAE,CAAC;AAEhC,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAGjE,YAAY,EAAE,uBAAuB,EAAE,MAAM,4BAA4B,CAAC;AAC1E,OAAO,EAAE,iBAAiB,EAAE,MAAM,4BAA4B,CAAC;AAC/D,YAAY,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AACjE,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAC5E,OAAO,EAAE,sBAAsB,EAAE,MAAM,iCAAiC,CAAC;AACzE,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AACvE,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EACL,wBAAwB,EACxB,oBAAoB,EACpB,wBAAwB,EACxB,oBAAoB,GACrB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACL,uBAAuB,EACvB,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,GACpB,MAAM,4BAA4B,CAAC;AAMpC,MAAM,MAAM,QAAQ,GAChB,WAAW,GACX,QAAQ,GACR,OAAO,GACP,QAAQ,CAAC;AAEb;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B;;;;OAIG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;;OAGG;IACH,iBAAiB,CAAC,EAAE,OAAO,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,eAAe,EAAE,GAAG,CAAC;IACrB,aAAa,EAAE,GAAG,CAAC;IACnB,iBAAiB,EAAE,GAAG,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,OAAO,CAAC,EAAE,YAAY,CAAC;IACvB,SAAS,EAAE,WAAW,GAAG,QAAQ,CAAC;CACnC;AA+CD,wBAAsB,WAAW,CAAC,IAAI,EAAE;IACtC,eAAe,EAAE,GAAG,CAAC;IACrB,QAAQ,EAAE,QAAQ,CAAC;IACnB,aAAa,EAAE,GAAG,CAAC;IACnB,iBAAiB,EAAE,GAAG,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,GAAG,OAAO,CAAC,MAAM,CAAC,CAElB;AAED,wBAAsB,QAAQ,CAAC,IAAI,EAAE;IACnC,eAAe,EAAE,GAAG,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,GAAG,CAAC;IACnB,iBAAiB,EAAE,GAAG,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,GAAG,OAAO,CAAC,eAAe,GAAG,SAAS,CAAC,CAEvC;AAyCD,wBAAsB,iBAAiB,CACrC,IAAI,EAAE,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC,GACpC,OAAO,CAAC,gBAAgB,GAAG,SAAS,CAAC,CAEvC;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAsB,kBAAkB,CACtC,IAAI,EAAE,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC,GACpC,OAAO,CAAC,gBAAgB,GAAG,SAAS,CAAC,CAEvC"}
|
|
@@ -36,12 +36,13 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
36
36
|
};
|
|
37
37
|
})();
|
|
38
38
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
39
|
-
exports.setLocalUserManager = exports.getLocalUserManager = exports.generateTestIdToken = exports.generateTestAccessToken = exports.setMockedUserIdToken = exports.setMockedUserAccessToken = exports.getMockedUserIdToken = exports.getMockedUserAccessToken = exports.connectWithCognito = exports.performLogout = exports.operationWithRedirect = exports.handleRedirectCallback = exports.isAuthenticated = exports.getLoggedInUser = exports.getCookieSettings = void 0;
|
|
39
|
+
exports.setLocalUserManager = exports.getLocalUserManager = exports.generateTestIdToken = exports.generateTestAccessToken = exports.setMockedUserIdToken = exports.setMockedUserAccessToken = exports.getMockedUserIdToken = exports.getMockedUserAccessToken = exports.connectWithCognito = exports.isValidState = exports.performLogout = exports.operationWithRedirect = exports.handleRedirectCallback = exports.isAuthenticated = exports.getLoggedInUser = exports.getCookieSettings = void 0;
|
|
40
40
|
exports.getEndpoint = getEndpoint;
|
|
41
41
|
exports.getToken = getToken;
|
|
42
42
|
exports.loginWithRedirect = loginWithRedirect;
|
|
43
43
|
exports.signUpWithRedirect = signUpWithRedirect;
|
|
44
44
|
__exportStar(require("./types/UserManagementPackage"), exports);
|
|
45
|
+
const utils_package_config_embedded_1 = require("@goldstack/utils-package-config-embedded");
|
|
45
46
|
const getEndpoints_1 = require("./client/getEndpoints");
|
|
46
47
|
const cognitoClientAuth = __importStar(require("./client/getToken"));
|
|
47
48
|
const operationWithRedirect_1 = require("./client/operationWithRedirect");
|
|
@@ -56,6 +57,8 @@ var operationWithRedirect_2 = require("./client/operationWithRedirect");
|
|
|
56
57
|
Object.defineProperty(exports, "operationWithRedirect", { enumerable: true, get: function () { return operationWithRedirect_2.operationWithRedirect; } });
|
|
57
58
|
var performLogout_1 = require("./client/performLogout");
|
|
58
59
|
Object.defineProperty(exports, "performLogout", { enumerable: true, get: function () { return performLogout_1.performLogout; } });
|
|
60
|
+
var state_1 = require("./client/state");
|
|
61
|
+
Object.defineProperty(exports, "isValidState", { enumerable: true, get: function () { return state_1.isValidState; } });
|
|
59
62
|
var cognitoTokenVerify_1 = require("./cognitoTokenVerify");
|
|
60
63
|
Object.defineProperty(exports, "connectWithCognito", { enumerable: true, get: function () { return cognitoTokenVerify_1.connectWithCognito; } });
|
|
61
64
|
var userManagementClientMock_1 = require("./userManagementClientMock");
|
|
@@ -68,6 +71,38 @@ Object.defineProperty(exports, "generateTestAccessToken", { enumerable: true, ge
|
|
|
68
71
|
Object.defineProperty(exports, "generateTestIdToken", { enumerable: true, get: function () { return userManagementServerMock_1.generateTestIdToken; } });
|
|
69
72
|
Object.defineProperty(exports, "getLocalUserManager", { enumerable: true, get: function () { return userManagementServerMock_1.getLocalUserManager; } });
|
|
70
73
|
Object.defineProperty(exports, "setLocalUserManager", { enumerable: true, get: function () { return userManagementServerMock_1.setLocalUserManager; } });
|
|
74
|
+
/**
|
|
75
|
+
* Determines the target URL after authentication.
|
|
76
|
+
* Auto-captures current URL unless doNotPreservePath is set.
|
|
77
|
+
* Excludes callback URL from auto-capture.
|
|
78
|
+
*/
|
|
79
|
+
function determineTargetUrl(options, deploymentName, packageConfig) {
|
|
80
|
+
if (options === null || options === void 0 ? void 0 : options.doNotPreservePath) {
|
|
81
|
+
return undefined;
|
|
82
|
+
}
|
|
83
|
+
if (options === null || options === void 0 ? void 0 : options.targetUrl) {
|
|
84
|
+
return options.targetUrl;
|
|
85
|
+
}
|
|
86
|
+
// Auto-capture current URL
|
|
87
|
+
if (typeof window === 'undefined') {
|
|
88
|
+
return undefined;
|
|
89
|
+
}
|
|
90
|
+
const currentUrl = window.location.pathname + window.location.search + window.location.hash;
|
|
91
|
+
// Exclude callback URL from auto-capture
|
|
92
|
+
try {
|
|
93
|
+
const deployment = packageConfig.getDeployment(deploymentName || 'default');
|
|
94
|
+
const callbackUrl = deployment.configuration.callbackUrl;
|
|
95
|
+
const callbackPath = new URL(callbackUrl, window.location.origin).pathname;
|
|
96
|
+
if (window.location.pathname === callbackPath) {
|
|
97
|
+
return undefined;
|
|
98
|
+
}
|
|
99
|
+
}
|
|
100
|
+
catch (e) {
|
|
101
|
+
// If we can't parse callback URL, proceed with auto-capture
|
|
102
|
+
console.warn('Could not parse callback URL from configuration. Proceeding with auto-capture.', e);
|
|
103
|
+
}
|
|
104
|
+
return currentUrl || undefined;
|
|
105
|
+
}
|
|
71
106
|
async function getEndpoint(args) {
|
|
72
107
|
return (0, getEndpoints_1.getEndpoint)(args);
|
|
73
108
|
}
|
|
@@ -75,21 +110,66 @@ async function getToken(args) {
|
|
|
75
110
|
return cognitoClientAuth.getToken(args);
|
|
76
111
|
}
|
|
77
112
|
/**
|
|
78
|
-
*
|
|
79
|
-
*
|
|
80
|
-
*
|
|
81
|
-
*
|
|
113
|
+
* Performs client-side authentication.
|
|
114
|
+
* Will redirect to Cognito hosted UI for sign in if required.
|
|
115
|
+
* Sets client-side cookies and session variables.
|
|
116
|
+
*
|
|
117
|
+
* By default, the current URL (pathname + search + hash) is automatically preserved
|
|
118
|
+
* and the user will be redirected back after authentication.
|
|
119
|
+
*
|
|
120
|
+
* @example
|
|
121
|
+
* // Auto-preserve current URL
|
|
122
|
+
* await loginWithRedirect(args);
|
|
123
|
+
*
|
|
124
|
+
* // Specify deployment
|
|
125
|
+
* await loginWithRedirect({ ...args, deploymentName: 'prod' });
|
|
126
|
+
*
|
|
127
|
+
* // Redirect to specific URL after auth
|
|
128
|
+
* await loginWithRedirect({ ...args, options: { targetUrl: '/dashboard' } });
|
|
129
|
+
*
|
|
130
|
+
* // Skip path preservation
|
|
131
|
+
* await loginWithRedirect({ ...args, options: { doNotPreservePath: true } });
|
|
82
132
|
*/
|
|
133
|
+
async function performRedirect(args) {
|
|
134
|
+
const packageConfig = new utils_package_config_embedded_1.EmbeddedPackageConfig({
|
|
135
|
+
goldstackJson: args.goldstackConfig,
|
|
136
|
+
packageSchema: args.packageSchema,
|
|
137
|
+
});
|
|
138
|
+
const state = determineTargetUrl(args.options, args.deploymentName, packageConfig);
|
|
139
|
+
return (0, operationWithRedirect_1.operationWithRedirect)({
|
|
140
|
+
goldstackConfig: args.goldstackConfig,
|
|
141
|
+
packageSchema: args.packageSchema,
|
|
142
|
+
deploymentsOutput: args.deploymentsOutput,
|
|
143
|
+
deploymentName: args.deploymentName,
|
|
144
|
+
operation: args.operation,
|
|
145
|
+
state,
|
|
146
|
+
});
|
|
147
|
+
}
|
|
83
148
|
async function loginWithRedirect(args) {
|
|
84
|
-
return (
|
|
149
|
+
return performRedirect({ ...args, operation: 'authorize' });
|
|
85
150
|
}
|
|
86
151
|
/**
|
|
87
|
-
*
|
|
88
|
-
*
|
|
89
|
-
*
|
|
90
|
-
*
|
|
152
|
+
* Performs client-side sign up.
|
|
153
|
+
* Will redirect to Cognito hosted UI for signing up if required.
|
|
154
|
+
* Sets client-side cookies and session variables.
|
|
155
|
+
*
|
|
156
|
+
* By default, the current URL (pathname + search + hash) is automatically preserved
|
|
157
|
+
* and the user will be redirected back after authentication.
|
|
158
|
+
*
|
|
159
|
+
* @example
|
|
160
|
+
* // Auto-preserve current URL
|
|
161
|
+
* await signUpWithRedirect(args);
|
|
162
|
+
*
|
|
163
|
+
* // Specify deployment
|
|
164
|
+
* await signUpWithRedirect({ ...args, deploymentName: 'prod' });
|
|
165
|
+
*
|
|
166
|
+
* // Redirect to specific URL after auth
|
|
167
|
+
* await signUpWithRedirect({ ...args, options: { targetUrl: '/dashboard' } });
|
|
168
|
+
*
|
|
169
|
+
* // Skip path preservation
|
|
170
|
+
* await signUpWithRedirect({ ...args, options: { doNotPreservePath: true } });
|
|
91
171
|
*/
|
|
92
172
|
async function signUpWithRedirect(args) {
|
|
93
|
-
return (
|
|
173
|
+
return performRedirect({ ...args, operation: 'signup' });
|
|
94
174
|
}
|
|
95
175
|
//# sourceMappingURL=templateUserManagement.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"templateUserManagement.js","sourceRoot":"","sources":["../../src/templateUserManagement.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"templateUserManagement.js","sourceRoot":"","sources":["../../src/templateUserManagement.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAyHA,kCASC;AAED,4BASC;AAyCD,8CAIC;AAuBD,gDAIC;AArND,gEAA8C;AAE9C,4FAAiF;AACjF,wDAAsE;AACtE,qEAAuD;AASvD,0EAAuE;AAGvE,gEAA+D;AAAtD,sHAAA,iBAAiB,OAAA;AAE1B,4DAA4E;AAAnE,kHAAA,eAAe,OAAA;AAAE,kHAAA,eAAe,OAAA;AACzC,0EAAyE;AAAhE,gIAAA,sBAAsB,OAAA;AAC/B,wEAAuE;AAA9D,8HAAA,qBAAqB,OAAA;AAC9B,wDAAuD;AAA9C,8GAAA,aAAa,OAAA;AACtB,wCAA8C;AAArC,qGAAA,YAAY,OAAA;AACrB,2DAA0D;AAAjD,wHAAA,kBAAkB,OAAA;AAC3B,uEAKoC;AAJlC,oIAAA,wBAAwB,OAAA;AACxB,gIAAA,oBAAoB,OAAA;AACpB,oIAAA,wBAAwB,OAAA;AACxB,gIAAA,oBAAoB,OAAA;AAEtB,uEAKoC;AAJlC,mIAAA,uBAAuB,OAAA;AACvB,+HAAA,mBAAmB,OAAA;AACnB,+HAAA,mBAAmB,OAAA;AACnB,+HAAA,mBAAmB,OAAA;AA0CrB;;;;GAIG;AACH,SAAS,kBAAkB,CACzB,OAAiC,EACjC,cAAkC,EAClC,aAAqF;IAErF,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,iBAAiB,EAAE,CAAC;QAC/B,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,EAAE,CAAC;QACvB,OAAO,OAAO,CAAC,SAAS,CAAC;IAC3B,CAAC;IAED,2BAA2B;IAC3B,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,UAAU,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;IAE5F,yCAAyC;IACzC,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,aAAa,CAAC,aAAa,CAAC,cAAc,IAAI,SAAS,CAAC,CAAC;QAC5E,MAAM,WAAW,GAAG,UAAU,CAAC,aAAa,CAAC,WAAW,CAAC;QACzD,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC;QAE3E,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,KAAK,YAAY,EAAE,CAAC;YAC9C,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,4DAA4D;QAC5D,OAAO,CAAC,IAAI,CACV,gFAAgF,EAChF,CAAC,CACF,CAAC;IACJ,CAAC;IAED,OAAO,UAAU,IAAI,SAAS,CAAC;AACjC,CAAC;AAEM,KAAK,UAAU,WAAW,CAAC,IAOjC;IACC,OAAO,IAAA,0BAAc,EAAC,IAAI,CAAC,CAAC;AAC9B,CAAC;AAEM,KAAK,UAAU,QAAQ,CAAC,IAO9B;IACC,OAAO,iBAAiB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;AAC1C,CAAC;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,KAAK,UAAU,eAAe,CAAC,IAAkB;IAC/C,MAAM,aAAa,GAAG,IAAI,qDAAqB,CAAkD;QAC/F,aAAa,EAAE,IAAI,CAAC,eAAe;QACnC,aAAa,EAAE,IAAI,CAAC,aAAa;KAClC,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG,kBAAkB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC;IAEnF,OAAO,IAAA,6CAAqB,EAAC;QAC3B,eAAe,EAAE,IAAI,CAAC,eAAe;QACrC,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;QACzC,cAAc,EAAE,IAAI,CAAC,cAAc;QACnC,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,KAAK;KACN,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,iBAAiB,CACrC,IAAqC;IAErC,OAAO,eAAe,CAAC,EAAE,GAAG,IAAI,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,CAAC;AAC9D,CAAC;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACI,KAAK,UAAU,kBAAkB,CACtC,IAAqC;IAErC,OAAO,eAAe,CAAC,EAAE,GAAG,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,CAAC;AAC3D,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@goldstack/template-user-management",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.87",
|
|
4
4
|
"description": "Template utilities for user management",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"goldstack",
|
|
@@ -38,12 +38,12 @@
|
|
|
38
38
|
},
|
|
39
39
|
"dependencies": {
|
|
40
40
|
"@goldstack/infra": "0.4.39",
|
|
41
|
-
"@goldstack/infra-aws": "0.4.
|
|
41
|
+
"@goldstack/infra-aws": "0.4.60",
|
|
42
42
|
"@goldstack/utils-esbuild": "0.5.26",
|
|
43
43
|
"@goldstack/utils-package": "0.4.41",
|
|
44
44
|
"@goldstack/utils-package-config-embedded": "0.5.42",
|
|
45
45
|
"@goldstack/utils-template": "0.4.40",
|
|
46
|
-
"@goldstack/utils-terraform": "0.4.
|
|
46
|
+
"@goldstack/utils-terraform": "0.4.76",
|
|
47
47
|
"aws-jwt-verify": "^3.2.0",
|
|
48
48
|
"source-map-support": "^0.5.21"
|
|
49
49
|
},
|