@gridsuite/commons-ui 0.43.1 → 0.45.0

package/es/components/react-hook-form/utils/cancel-button.js

@@ -11,9 +11,14 @@ import React from 'react';
 import { Button } from '@mui/material';
 import { FormattedMessage } from 'react-intl';
 import PropTypes from 'prop-types';
+import { useThemeProps } from '@mui/material/styles';
 var CancelButton = function CancelButton(_ref) {
-  var buttonProps = _extends({}, (_objectDestructuringEmpty(_ref), _ref));
-  return /*#__PURE__*/React.createElement(Button, buttonProps, /*#__PURE__*/React.createElement(FormattedMessage, {
+  var inProps = _extends({}, (_objectDestructuringEmpty(_ref), _ref));
+  var props = useThemeProps({
+    props: inProps,
+    name: 'CancelButton'
+  });
+  return /*#__PURE__*/React.createElement(Button, props, /*#__PURE__*/React.createElement(FormattedMessage, {
     id: "cancel"
   }));
 };

package/es/utils/AuthService.js

@@ -12,34 +12,62 @@ import jwtDecode from 'jwt-decode';
 
 // set as a global variable to allow log level configuration at runtime
 window.OIDCLog = Log;
-var hackauthoritykey = 'oidc.hack.authority';
+var hackAuthorityKey = 'oidc.hack.authority';
+var oidcHackReloadedKey = 'gridsuite-oidc-hack-reloaded';
 var pathKey = 'powsybl-gridsuite-current-path';
+function isIssuerErrorForCodeFlow(error) {
+  return error.message.includes('Invalid issuer in token');
+}
+function extractIssuerToSessionStorage(error) {
+  var issuer = error.message.split(' ').pop();
+  sessionStorage.setItem(hackAuthorityKey, issuer);
+}
+function reload() {
+  if (!sessionStorage.getItem(oidcHackReloadedKey)) {
+    sessionStorage.setItem(oidcHackReloadedKey, true);
+    console.log('Hack oidc, reload page to make login work');
+    window.location.reload();
+  }
+}
+function reloadTimerOnExpiresIn(user, userManager, expiresIn) {
+  // TODO: Can we stop doing it in the hash for implicit flow ? To make it common for both flows
+  user.expires_in = expiresIn;
+  userManager.storeUser(user).then(function () {
+    userManager.getUser();
+  });
+}
 function handleSigninSilent(dispatch, userManager) {
   userManager.getUser().then(function (user) {
     if (user == null || getIdTokenExpiresIn(user) < 0) {
       return userManager.signinSilent()["catch"](function (error) {
         dispatch(setShowAuthenticationRouterLogin(true));
-        var oidcHackReloaded = 'gridsuite-oidc-hack-reloaded';
-        if (!sessionStorage.getItem(oidcHackReloaded) && error.message === 'authority mismatch on settings vs. signin state') {
-          sessionStorage.setItem(oidcHackReloaded, true);
-          console.log('Hack oidc, reload page to make login work');
-          window.location.reload();
+        var errorIssuerCodeFlow = isIssuerErrorForCodeFlow(error);
+        var errorIssuerImplicitFlow = error.message === 'authority mismatch on settings vs. signin state';
+        if (errorIssuerCodeFlow) {
+          // Replacing authority for code flow only because it's done in the hash for implicit flow
+          // TODO: Can we stop doing it in the hash for implicit flow ? To make it common here for both flows
+          extractIssuerToSessionStorage(error);
+        }
+        if (errorIssuerCodeFlow || errorIssuerImplicitFlow) {
+          reload();
         }
       });
     }
   });
 }
-function initializeAuthenticationDev(dispatch, isSilentRenew, validateUser) {
+function initializeAuthenticationDev(dispatch, isSilentRenew, validateUser, isSigninCallback) {
   var userManager = new UserManagerMock({});
   if (!isSilentRenew) {
     handleUser(dispatch, userManager, validateUser);
-    handleSigninSilent(dispatch, userManager);
+    if (!isSigninCallback) {
+      handleSigninSilent(dispatch, userManager);
+    }
   }
   return Promise.resolve(userManager);
 }
 var accessTokenExpiringNotificationTime = 60; // seconds
 
-function initializeAuthenticationProd(dispatch, isSilentRenew, idpSettings, validateUser, authorizationCodeFlowEnabled) {
+function initializeAuthenticationProd(dispatch, isSilentRenew, idpSettings, validateUser, authorizationCodeFlowEnabled, isSigninCallback) {
   return idpSettings.then(function (r) {
     return r.json();
   }).then(function (idpSettings) {
@@ -62,33 +90,16 @@ function initializeAuthenticationProd(dispatch, isSilentRenew, idpSettings, vali
           console.debug('Replacing authority in storedState. Before: ', storedState.authority, 'after: ', authority);
           storedState.authority = authority;
           localStorage.setItem('oidc.' + state, JSON.stringify(storedState));
-          sessionStorage.setItem(hackauthoritykey, authority);
+          sessionStorage.setItem(hackAuthorityKey, authority);
           var matched_expires = window.location.hash.match(regexexpires);
           if (matched_expires != null) {
             var expires_in = parseInt(matched_expires[0].split('=')[1]);
-            var now = parseInt(Date.now() / 1000);
-            var exp = decoded.exp;
-            var idTokenExpiresIn = exp - now;
-            var minAccesstokenOrIdtokenOrIdpSettingsExpiresIn = expires_in;
-            var newExpireReplaceReason;
-            if (idTokenExpiresIn < minAccesstokenOrIdtokenOrIdpSettingsExpiresIn) {
-              minAccesstokenOrIdtokenOrIdpSettingsExpiresIn = idTokenExpiresIn;
-              newExpireReplaceReason = 'idtoken.exp is earlier';
-            }
-            if (idpSettings.maxExpiresIn && idpSettings.maxExpiresIn < minAccesstokenOrIdtokenOrIdpSettingsExpiresIn) {
-              minAccesstokenOrIdtokenOrIdpSettingsExpiresIn = idpSettings.maxExpiresIn;
-              newExpireReplaceReason = 'idpSettings.maxExpiresIn is smaller';
-            }
-            if (newExpireReplaceReason) {
-              var newhash = window.location.hash.replace(matched_expires[0], 'expires_in=' + minAccesstokenOrIdtokenOrIdpSettingsExpiresIn);
-              console.debug('Replacing expires_in in window.location.hash to ' + minAccesstokenOrIdtokenOrIdpSettingsExpiresIn + ' because ' + newExpireReplaceReason + '. ', 'debug:', 'original expires_in: ' + expires_in + ', ', 'idTokenExpiresIn: ' + idTokenExpiresIn + '(idtoken exp: ' + exp + '), ', 'idpSettings maxExpiresIn: ' + idpSettings.maxExpiresIn);
-              window.location.hash = newhash;
-            }
+            window.location.hash = window.location.hash.replace(matched_expires[0], 'expires_in=' + computeMinExpiresIn(expires_in, id_token, idpSettings.maxExpiresIn));
           }
         }
       }
     }
-    authority = authority || sessionStorage.getItem(hackauthoritykey) || idpSettings.authority;
+    authority = authority || sessionStorage.getItem(hackAuthorityKey) || idpSettings.authority;
     var responseSettings = authorizationCodeFlowEnabled ? {
       response_type: 'code'
     } : {
@@ -107,9 +118,12 @@ function initializeAuthenticationProd(dispatch, isSilentRenew, idpSettings, vali
     }, responseSettings);
     var userManager = new UserManager(settings);
     userManager.idpSettings = idpSettings; //store our settings in there as well to use it later
+    userManager.authorizationCodeFlowEnabled = authorizationCodeFlowEnabled;
     if (!isSilentRenew) {
       handleUser(dispatch, userManager, validateUser);
-      handleSigninSilent(dispatch, userManager);
+      if (!isSigninCallback) {
+        handleSigninSilent(dispatch, userManager);
+      }
     }
     return userManager;
   })["catch"](function (error) {
@@ -118,6 +132,25 @@ function initializeAuthenticationProd(dispatch, isSilentRenew, idpSettings, vali
     throw error;
   });
 }
+function computeMinExpiresIn(expiresIn, idToken, maxExpiresIn) {
+  var now = parseInt(Date.now() / 1000);
+  var exp = jwtDecode(idToken).exp;
+  var idTokenExpiresIn = exp - now;
+  var newExpiresIn = expiresIn;
+  var newExpiresInReplaceReason;
+  if (expiresIn === undefined || idTokenExpiresIn < newExpiresIn) {
+    newExpiresIn = idTokenExpiresIn;
+    newExpiresInReplaceReason = 'idtoken.exp is earlier';
+  }
+  if (maxExpiresIn && maxExpiresIn < newExpiresIn) {
+    newExpiresIn = maxExpiresIn;
+    newExpiresInReplaceReason = 'idpSettings.maxExpiresIn is smaller';
+  }
+  if (newExpiresInReplaceReason) {
+    console.debug('Replacing expiresIn in user to ' + newExpiresIn + ' because ' + newExpiresInReplaceReason + '. ', 'debug:', 'original expires_in: ' + expiresIn + ', ', 'idTokenExpiresIn: ' + idTokenExpiresIn + ', idpSettings maxExpiresIn: ' + maxExpiresIn);
+  }
+  return newExpiresIn;
+}
 function login(location, userManagerInstance) {
   sessionStorage.setItem(pathKey, location.pathname + location.search);
   return userManagerInstance.signinRedirect().then(function () {
@@ -125,7 +158,7 @@ function login(location, userManagerInstance) {
   });
 }
 function logout(dispatch, userManagerInstance) {
-  sessionStorage.removeItem(hackauthoritykey); //To remove when hack is removed
+  sessionStorage.removeItem(hackAuthorityKey); //To remove when hack is removed
   return userManagerInstance.getUser().then(function (user) {
     if (user) {
       // We don't need to check if token is valid at this point
@@ -173,6 +206,12 @@ function dispatchUser(dispatch, userManagerInstance, validateUser) {
           return dispatch(setUnauthorizedUserInfo(user === null || user === void 0 ? void 0 : (_user$profile2 = user.profile) === null || _user$profile2 === void 0 ? void 0 : _user$profile2.name, {}));
         }
         console.debug('User has been successfully loaded from store.');
+
+        // In authorization code flow we have to make the oidc-client lib re-evaluate the date of the token renewal timers
+        // because it is not hacked at page loading on the fragment before oidc-client lib initialization
+        if (userManagerInstance.authorizationCodeFlowEnabled) {
+          reloadTimerOnExpiresIn(user, userManagerInstance, computeMinExpiresIn(user.expires_in, user.id_token, userManagerInstance.idpSettings.maxExpiresIn));
+        }
         return dispatch(setLoggedUser(user));
       })["catch"](function (e) {
         var _user$profile3;
@@ -189,11 +228,31 @@ function dispatchUser(dispatch, userManagerInstance, validateUser) {
 function getPreLoginPath() {
   return sessionStorage.getItem(pathKey);
 }
+function navigateToPreLoginPath(navigate) {
+  var previousPath = getPreLoginPath();
+  navigate(previousPath);
+}
 function handleSigninCallback(dispatch, navigate, userManagerInstance) {
-  userManagerInstance.signinRedirectCallback().then(function () {
+  var reloadAfterNavigate = false;
+  userManagerInstance.signinRedirectCallback()["catch"](function (e) {
+    if (isIssuerErrorForCodeFlow(e)) {
+      // Replacing authority for code flow only because it's done in the hash for implicit flow
+      // TODO: Can we also do it here for the implicit flow ? To make it common here for both flows
+      extractIssuerToSessionStorage(e);
+      // After navigate, location will be out of a redirection route (sign-in-silent or sign-in-callback) so reloading the page will attempt a silent signin
+      // It will reload the user manager based on hacked authority at initialization with the new authority
+      // We do this because on Azure we only get to know the issuer of the user in the idtoken and so signingredirectcallback will always fail
+      // We could restart the whole login process from signin redirect with the correct issuer, but instead we just rely on the silent login after the reload which will work
+      reloadAfterNavigate = true;
+    } else {
+      throw e;
+    }
+  }).then(function () {
     dispatch(setSignInCallbackError(null));
-    var previousPath = getPreLoginPath();
-    navigate(previousPath);
+    navigateToPreLoginPath(navigate);
+    if (reloadAfterNavigate) {
+      reload();
+    }
   })["catch"](function (e) {
     dispatch(setSignInCallbackError(e));
     console.error(e);
@@ -209,8 +268,9 @@ function handleUser(dispatch, userManager, validateUser) {
   });
   userManager.events.addSilentRenewError(function (error) {
     console.debug(error);
-    // wait for accessTokenExpiringNotificationTime so that the user is expired
-    // otherwise the library tries to signin immediately when we do getUser()
+    // Wait for accessTokenExpiringNotificationTime so that the user is expired and not between expiring and expired
+    // otherwise the library will fire AccessTokenExpiring everytime we do getUser()
+    // Indeed, getUSer() => loadUser() => load() on events => if it's already expiring it will be init and triggerred again
     window.setTimeout(function () {
       userManager.getUser().then(function (user) {
         if (!user) {
@@ -229,16 +289,10 @@ function handleUser(dispatch, userManager, validateUser) {
             // TODO here attempt last chance login ? snackbar to notify the user ? Popup ?
             // for now we do the same thing as in the else block
             console.log('Error in silent renew, but idtoken ALMOST expiring (expiring in' + idTokenExpiresIn + ') => last chance, next error will logout', 'maxExpiresIn = ' + userManager.idpSettings.maxExpiresIn, 'last renew attempt in ' + idTokenExpiresIn - accessTokenExpiringNotificationTime + 'seconds', error);
-            user.expires_in = idTokenExpiresIn;
-            userManager.storeUser(user).then(function () {
-              userManager.getUser();
-            });
+            reloadTimerOnExpiresIn(user, userManager, idTokenExpiresIn);
           } else {
             console.log('Error in silent renew, but idtoken NOT expiring (expiring in' + idTokenExpiresIn + ') => postponing expiration to' + userManager.idpSettings.maxExpiresIn, error);
-            user.expires_in = userManager.idpSettings.maxExpiresIn;
-            userManager.storeUser(user).then(function () {
-              userManager.getUser();
-            });
+            reloadTimerOnExpiresIn(user, userManager, userManager.idpSettings.maxExpiresIn);
           }
         } else {
           console.log('Error in silent renew, unsupported configuration: token still valid for ' + idTokenExpiresIn + ' but maxExpiresIn is not configured:' + userManager.idpSettings.maxExpiresIn, error);

package/es/utils/ElementType.js

@@ -7,12 +7,14 @@
 import React from 'react';
 import LibraryBooksOutlinedIcon from '@mui/icons-material/LibraryBooksOutlined';
 import OfflineBoltIcon from '@mui/icons-material/OfflineBolt';
+import NoteAltIcon from '@mui/icons-material/NoteAlt';
 import ArticleIcon from '@mui/icons-material/Article';
 import SettingsIcon from '@mui/icons-material/Settings';
 export var elementType = {
   DIRECTORY: 'DIRECTORY',
   STUDY: 'STUDY',
   FILTER: 'FILTER',
+  MODIFICATION: 'MODIFICATION',
   CONTINGENCY_LIST: 'CONTINGENCY_LIST',
   VOLTAGE_INIT_PARAMETERS: 'VOLTAGE_INIT_PARAMETERS'
 };
@@ -26,6 +28,10 @@ export function getFileIcon(type, style) {
       return /*#__PURE__*/React.createElement(OfflineBoltIcon, {
         sx: style
       });
+    case elementType.MODIFICATION:
+      return /*#__PURE__*/React.createElement(NoteAltIcon, {
+        sx: style
+      });
     case elementType.FILTER:
       return /*#__PURE__*/React.createElement(ArticleIcon, {
         sx: style

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@gridsuite/commons-ui",
-    "version": "0.43.1",
+    "version": "0.45.0",
     "description": "common react components for gridsuite applications",
     "engines": {
         "npm": ">=9",