@iblai/web-utils 1.11.11 → 1.11.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.d.ts CHANGED
@@ -1101,7 +1101,7 @@ declare const isNode: () => string | false;
1101
1101
  declare const isExpo: () => any;
1102
1102
  declare const isTauri: () => boolean;
1103
1103
  declare function isSafariBrowser(): boolean;
1104
- declare const getPlatform: () => "react-native" | "web" | "node" | "unknown";
1104
+ declare const getPlatform: () => "web" | "react-native" | "node" | "unknown";
1105
1105
  declare const safeRequire: (moduleName: string) => any;
1106
1106
  declare const getNextNavigation: () => any;
1107
1107
 
package/dist/index.esm.js CHANGED
@@ -9180,22 +9180,22 @@ async function syncAuthToCookies(storageService) {
9180
9180
  function hasNonExpiredAuthToken() {
9181
9181
  const token = window.localStorage.getItem(LOCAL_STORAGE_KEYS.AUTH_TOKEN);
9182
9182
  if (!token) {
9183
- console.log('################### [hasNonExpiredAuthToken] axd token is not defined', token);
9183
+ console.log("################### [hasNonExpiredAuthToken] axd token is not defined", token);
9184
9184
  return false;
9185
9185
  }
9186
9186
  const tokenExpiry = window.localStorage.getItem(LOCAL_STORAGE_KEYS.TOKEN_EXPIRY);
9187
9187
  if (!tokenExpiry) {
9188
- console.log('################### [hasNonExpiredAuthToken] axd token expiry is not defined', tokenExpiry);
9188
+ console.log("################### [hasNonExpiredAuthToken] axd token expiry is not defined", tokenExpiry);
9189
9189
  return true;
9190
9190
  }
9191
9191
  const expiryDate = new Date(tokenExpiry);
9192
9192
  if (isNaN(expiryDate.getTime())) {
9193
- console.log('################### [hasNonExpiredAuthToken] axd token expiry date', expiryDate);
9193
+ console.log("################### [hasNonExpiredAuthToken] axd token expiry date", expiryDate);
9194
9194
  return false;
9195
9195
  }
9196
9196
  const currentDate = new Date();
9197
9197
  if (expiryDate <= currentDate) {
9198
- console.log('################### [hasNonExpiredAuthToken] axd token expiry date is less than current date ', expiryDate, currentDate);
9198
+ console.log("################### [hasNonExpiredAuthToken] axd token expiry date is less than current date ", expiryDate, currentDate);
9199
9199
  return false;
9200
9200
  }
9201
9201
  return true;
@@ -9458,6 +9458,20 @@ function useAuthProvider({ middleware = new Map(), onAuthSuccess, onAuthFailure,
9458
9458
  console.log("[AuthProvider] Redirect already in progress, skipping");
9459
9459
  return;
9460
9460
  }
9461
+ // Defer every auth redirect while a tenant switch is in flight.
9462
+ // handleTenantSwitch() clears the SHARED (cross-tab) localStorage mid-switch,
9463
+ // so every open window transiently sees missing tokens. Without this guard a
9464
+ // bystander window force-logs-out on the absent DM token, which clears
9465
+ // storage + sets a logout-timestamp cookie that wipes the tokens the
9466
+ // switching tab just wrote and cascades the logout across tabs. The TTL lock
9467
+ // (writeTenantSwitchLock) survives the /login/complete -> /sso-login-complete
9468
+ // redirect and is kept fresh across tabs via useTenantSwitchSync, so it
9469
+ // brackets the switch window. The cross-SPA cookie-sync poll keeps running
9470
+ // and recovers once the new tenant's tokens land.
9471
+ if (isTenantSwitchInProgress()) {
9472
+ console.log("[AuthProvider] Tenant switch in progress, deferring auth redirect");
9473
+ return;
9474
+ }
9461
9475
  isRedirectingRef.current = true;
9462
9476
  redirectStartedAtRef.current = Date.now();
9463
9477
  // NOTE: we intentionally do NOT clear the interval here.
@@ -9643,6 +9657,17 @@ function useAuthProvider({ middleware = new Map(), onAuthSuccess, onAuthFailure,
9643
9657
  var _a;
9644
9658
  try {
9645
9659
  setIsAuthenticating(true);
9660
+ // During an in-flight tenant switch the shared, cross-tab localStorage is
9661
+ // transiently cleared (see handleTenantSwitch), so the auth/DM tokens are
9662
+ // legitimately absent. Bail out BEFORE onAuthFailure — some apps hard
9663
+ // navigate to /error/403 from that callback (e.g. skills does
9664
+ // `window.location.href = '/error/403'`), which would fire even though
9665
+ // safeRedirectToAuthSpa itself is guarded. The cookie-sync poll re-checks
9666
+ // once the new tenant's tokens land.
9667
+ if (isTenantSwitchInProgress()) {
9668
+ console.log("[AuthProvider] Tenant switch in progress, skipping auth check");
9669
+ return;
9670
+ }
9646
9671
  const authToken = await (storageService === null || storageService === void 0 ? void 0 : storageService.getItem(LOCAL_STORAGE_KEYS.AUTH_TOKEN));
9647
9672
  if (authToken && !hasNonExpiredAuthToken()) {
9648
9673
  const reason = "Auth token expired";