@iblai/web-utils 1.11.11 → 1.11.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +1 -1
- package/dist/index.esm.js +29 -4
- package/dist/index.esm.js.map +1 -1
- package/dist/index.js +29 -4
- package/dist/index.js.map +1 -1
- package/dist/package.json +1 -1
- package/dist/web-utils/tsconfig.tsbuildinfo +1 -1
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -9200,22 +9200,22 @@ async function syncAuthToCookies(storageService) {
|
|
|
9200
9200
|
function hasNonExpiredAuthToken() {
|
|
9201
9201
|
const token = window.localStorage.getItem(LOCAL_STORAGE_KEYS.AUTH_TOKEN);
|
|
9202
9202
|
if (!token) {
|
|
9203
|
-
console.log(
|
|
9203
|
+
console.log("################### [hasNonExpiredAuthToken] axd token is not defined", token);
|
|
9204
9204
|
return false;
|
|
9205
9205
|
}
|
|
9206
9206
|
const tokenExpiry = window.localStorage.getItem(LOCAL_STORAGE_KEYS.TOKEN_EXPIRY);
|
|
9207
9207
|
if (!tokenExpiry) {
|
|
9208
|
-
console.log(
|
|
9208
|
+
console.log("################### [hasNonExpiredAuthToken] axd token expiry is not defined", tokenExpiry);
|
|
9209
9209
|
return true;
|
|
9210
9210
|
}
|
|
9211
9211
|
const expiryDate = new Date(tokenExpiry);
|
|
9212
9212
|
if (isNaN(expiryDate.getTime())) {
|
|
9213
|
-
console.log(
|
|
9213
|
+
console.log("################### [hasNonExpiredAuthToken] axd token expiry date", expiryDate);
|
|
9214
9214
|
return false;
|
|
9215
9215
|
}
|
|
9216
9216
|
const currentDate = new Date();
|
|
9217
9217
|
if (expiryDate <= currentDate) {
|
|
9218
|
-
console.log(
|
|
9218
|
+
console.log("################### [hasNonExpiredAuthToken] axd token expiry date is less than current date ", expiryDate, currentDate);
|
|
9219
9219
|
return false;
|
|
9220
9220
|
}
|
|
9221
9221
|
return true;
|
|
@@ -9478,6 +9478,20 @@ function useAuthProvider({ middleware = new Map(), onAuthSuccess, onAuthFailure,
|
|
|
9478
9478
|
console.log("[AuthProvider] Redirect already in progress, skipping");
|
|
9479
9479
|
return;
|
|
9480
9480
|
}
|
|
9481
|
+
// Defer every auth redirect while a tenant switch is in flight.
|
|
9482
|
+
// handleTenantSwitch() clears the SHARED (cross-tab) localStorage mid-switch,
|
|
9483
|
+
// so every open window transiently sees missing tokens. Without this guard a
|
|
9484
|
+
// bystander window force-logs-out on the absent DM token, which clears
|
|
9485
|
+
// storage + sets a logout-timestamp cookie that wipes the tokens the
|
|
9486
|
+
// switching tab just wrote and cascades the logout across tabs. The TTL lock
|
|
9487
|
+
// (writeTenantSwitchLock) survives the /login/complete -> /sso-login-complete
|
|
9488
|
+
// redirect and is kept fresh across tabs via useTenantSwitchSync, so it
|
|
9489
|
+
// brackets the switch window. The cross-SPA cookie-sync poll keeps running
|
|
9490
|
+
// and recovers once the new tenant's tokens land.
|
|
9491
|
+
if (isTenantSwitchInProgress()) {
|
|
9492
|
+
console.log("[AuthProvider] Tenant switch in progress, deferring auth redirect");
|
|
9493
|
+
return;
|
|
9494
|
+
}
|
|
9481
9495
|
isRedirectingRef.current = true;
|
|
9482
9496
|
redirectStartedAtRef.current = Date.now();
|
|
9483
9497
|
// NOTE: we intentionally do NOT clear the interval here.
|
|
@@ -9663,6 +9677,17 @@ function useAuthProvider({ middleware = new Map(), onAuthSuccess, onAuthFailure,
|
|
|
9663
9677
|
var _a;
|
|
9664
9678
|
try {
|
|
9665
9679
|
setIsAuthenticating(true);
|
|
9680
|
+
// During an in-flight tenant switch the shared, cross-tab localStorage is
|
|
9681
|
+
// transiently cleared (see handleTenantSwitch), so the auth/DM tokens are
|
|
9682
|
+
// legitimately absent. Bail out BEFORE onAuthFailure — some apps hard
|
|
9683
|
+
// navigate to /error/403 from that callback (e.g. skills does
|
|
9684
|
+
// `window.location.href = '/error/403'`), which would fire even though
|
|
9685
|
+
// safeRedirectToAuthSpa itself is guarded. The cookie-sync poll re-checks
|
|
9686
|
+
// once the new tenant's tokens land.
|
|
9687
|
+
if (isTenantSwitchInProgress()) {
|
|
9688
|
+
console.log("[AuthProvider] Tenant switch in progress, skipping auth check");
|
|
9689
|
+
return;
|
|
9690
|
+
}
|
|
9666
9691
|
const authToken = await (storageService === null || storageService === void 0 ? void 0 : storageService.getItem(LOCAL_STORAGE_KEYS.AUTH_TOKEN));
|
|
9667
9692
|
if (authToken && !hasNonExpiredAuthToken()) {
|
|
9668
9693
|
const reason = "Auth token expired";
|