@kolektor/nucleus-identity 0.0.9-pre.5707 → 0.0.10-pre.6137
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/esm2020/lib/nucleus-identity.module.mjs +5 -5
- package/esm2020/lib/nucleus-identity.service.mjs +31 -33
- package/esm2020/lib/nucleus-token-interceptor.service.mjs +3 -3
- package/esm2020/lib/utils/angular-requestor.mjs +3 -3
- package/esm2020/lib/utils/location.service.mjs +3 -3
- package/esm2020/lib/utils/oidc-configuration.service.mjs +3 -3
- package/esm2020/lib/utils/secrets-store.mjs +23 -3
- package/esm2020/lib/utils/token-client.mjs +3 -3
- package/fesm2015/kolektor-nucleus-identity.mjs +73 -55
- package/fesm2015/kolektor-nucleus-identity.mjs.map +1 -1
- package/fesm2020/kolektor-nucleus-identity.mjs +72 -54
- package/fesm2020/kolektor-nucleus-identity.mjs.map +1 -1
- package/{kolektor-nucleus-identity.d.ts → index.d.ts} +0 -0
- package/lib/nucleus-identity.service.d.ts +4 -2
- package/lib/utils/secrets-store.d.ts +4 -0
- package/package.json +6 -6
|
@@ -2,7 +2,7 @@ import * as i0 from '@angular/core';
|
|
|
2
2
|
import { Injectable, NgModule } from '@angular/core';
|
|
3
3
|
import * as i1$1 from '@angular/common/http';
|
|
4
4
|
import { HttpErrorResponse, HTTP_INTERCEPTORS } from '@angular/common/http';
|
|
5
|
-
import { from, throwError } from 'rxjs';
|
|
5
|
+
import { lastValueFrom, from, throwError } from 'rxjs';
|
|
6
6
|
import { mergeMap, catchError } from 'rxjs/operators';
|
|
7
7
|
import { __awaiter } from 'tslib';
|
|
8
8
|
import { AppAuthError, AuthorizationNotifier, TokenResponse, AuthorizationServiceConfiguration, JQueryRequestor, Requestor, nowInSeconds, BaseTokenRequestHandler, BasicQueryStringUtils, TokenRequest, GRANT_TYPE_AUTHORIZATION_CODE, GRANT_TYPE_REFRESH_TOKEN, LocalStorageBackend, RedirectRequestHandler, AuthorizationRequest } from '@openid/appauth';
|
|
@@ -144,8 +144,16 @@ class SecretsStore {
|
|
|
144
144
|
constructor(clientId) {
|
|
145
145
|
this._tokens = {};
|
|
146
146
|
this._identities = {};
|
|
147
|
-
this
|
|
148
|
-
this.
|
|
147
|
+
// this specify which identity id is used by default, when If id is not specified in getToken or getIdentity
|
|
148
|
+
this._defaultIdentityId = null;
|
|
149
|
+
this._defaultIdentityIdStorageKey = null;
|
|
150
|
+
this._tokenStorageKeyPrefix = `Nucleus.Identity.${clientId}`; // do not change this or login with existing tokens will fail
|
|
151
|
+
this._servicePrincipalKey = `${this._tokenStorageKeyPrefix}.SvcP`;
|
|
152
|
+
this._defaultIdentityIdStorageKey = `${this._tokenStorageKeyPrefix}.IdId`;
|
|
153
|
+
this._defaultIdentityId = localStorage.getItem(this._defaultIdentityIdStorageKey);
|
|
154
|
+
}
|
|
155
|
+
get defaultIdentityId() {
|
|
156
|
+
return this._defaultIdentityId;
|
|
149
157
|
}
|
|
150
158
|
removeServicePrincipal() {
|
|
151
159
|
this._servicePrincipal = null;
|
|
@@ -172,6 +180,15 @@ class SecretsStore {
|
|
|
172
180
|
const key = this.getTokenKey(id);
|
|
173
181
|
return this._identities[key];
|
|
174
182
|
}
|
|
183
|
+
setDefaultIdentityId(id) {
|
|
184
|
+
this._defaultIdentityId = id;
|
|
185
|
+
if (this._defaultIdentityId) {
|
|
186
|
+
localStorage.setItem(this._defaultIdentityIdStorageKey, this._defaultIdentityId);
|
|
187
|
+
}
|
|
188
|
+
else {
|
|
189
|
+
localStorage.removeItem(this._defaultIdentityIdStorageKey);
|
|
190
|
+
}
|
|
191
|
+
}
|
|
175
192
|
getToken(id = null) {
|
|
176
193
|
return __awaiter(this, void 0, void 0, function* () {
|
|
177
194
|
const key = this.getTokenKey(id);
|
|
@@ -222,6 +239,9 @@ class SecretsStore {
|
|
|
222
239
|
});
|
|
223
240
|
}
|
|
224
241
|
getTokenKey(id = null) {
|
|
242
|
+
if (!id) {
|
|
243
|
+
id = this._defaultIdentityId;
|
|
244
|
+
}
|
|
225
245
|
return id ? `${this._tokenStorageKeyPrefix}.${id}` : this._tokenStorageKeyPrefix;
|
|
226
246
|
}
|
|
227
247
|
clear(key) {
|
|
@@ -322,9 +342,9 @@ class LocationService {
|
|
|
322
342
|
}
|
|
323
343
|
}
|
|
324
344
|
}
|
|
325
|
-
LocationService.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "
|
|
326
|
-
LocationService.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "
|
|
327
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "
|
|
345
|
+
LocationService.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: LocationService, deps: [{ token: i1.NucleusAppService }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
346
|
+
LocationService.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: LocationService, providedIn: 'root' });
|
|
347
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: LocationService, decorators: [{
|
|
328
348
|
type: Injectable,
|
|
329
349
|
args: [{
|
|
330
350
|
providedIn: 'root'
|
|
@@ -378,9 +398,9 @@ class AngularRequestor extends Requestor {
|
|
|
378
398
|
});
|
|
379
399
|
}
|
|
380
400
|
}
|
|
381
|
-
AngularRequestor.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "
|
|
382
|
-
AngularRequestor.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "
|
|
383
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "
|
|
401
|
+
AngularRequestor.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: AngularRequestor, deps: [{ token: i1$1.HttpClient }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
402
|
+
AngularRequestor.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: AngularRequestor, providedIn: 'root' });
|
|
403
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: AngularRequestor, decorators: [{
|
|
384
404
|
type: Injectable,
|
|
385
405
|
args: [{
|
|
386
406
|
providedIn: 'root'
|
|
@@ -471,9 +491,9 @@ class OidcConfigurationService {
|
|
|
471
491
|
});
|
|
472
492
|
}
|
|
473
493
|
}
|
|
474
|
-
OidcConfigurationService.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "
|
|
475
|
-
OidcConfigurationService.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "
|
|
476
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "
|
|
494
|
+
OidcConfigurationService.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: OidcConfigurationService, deps: [{ token: AngularRequestor }, { token: NucleusIdentityConfig }, { token: i1.NucleusAppService }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
495
|
+
OidcConfigurationService.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: OidcConfigurationService, providedIn: 'root' });
|
|
496
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: OidcConfigurationService, decorators: [{
|
|
477
497
|
type: Injectable,
|
|
478
498
|
args: [{
|
|
479
499
|
providedIn: 'root'
|
|
@@ -646,9 +666,9 @@ class TokenClient {
|
|
|
646
666
|
});
|
|
647
667
|
}
|
|
648
668
|
}
|
|
649
|
-
TokenClient.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "
|
|
650
|
-
TokenClient.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "
|
|
651
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "
|
|
669
|
+
TokenClient.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: TokenClient, deps: [{ token: AngularRequestor }, { token: OidcConfigurationService }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
670
|
+
TokenClient.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: TokenClient, providedIn: 'root' });
|
|
671
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: TokenClient, decorators: [{
|
|
652
672
|
type: Injectable,
|
|
653
673
|
args: [{
|
|
654
674
|
providedIn: 'root'
|
|
@@ -683,6 +703,9 @@ class NucleusIdentityService {
|
|
|
683
703
|
get isServicePrincipalAuthenticated() {
|
|
684
704
|
return this.servicePrincipalIdentity != null;
|
|
685
705
|
}
|
|
706
|
+
get isIdentityServicePrincipal() {
|
|
707
|
+
return this._store.defaultIdentityId === this._servicePrincipalTokenId;
|
|
708
|
+
}
|
|
686
709
|
init(startLogin = false) {
|
|
687
710
|
return __awaiter(this, void 0, void 0, function* () {
|
|
688
711
|
if (this._initStarted || this._initialized) {
|
|
@@ -701,6 +724,7 @@ class NucleusIdentityService {
|
|
|
701
724
|
const request = this._authorizationNotifier.request;
|
|
702
725
|
const response = this._authorizationNotifier.response;
|
|
703
726
|
const res = yield this.tokenClient.getByAuthorizationCode(request.redirectUri, response.code, request.internal['code_verifier']);
|
|
727
|
+
this._store.setDefaultIdentityId(null);
|
|
704
728
|
yield this._store.setToken(res);
|
|
705
729
|
}
|
|
706
730
|
else {
|
|
@@ -719,6 +743,7 @@ class NucleusIdentityService {
|
|
|
719
743
|
const assertionToken = yield this.getServicePrincipalAccessToken();
|
|
720
744
|
const scope = this.prepareScope(true, (_a = this.config) === null || _a === void 0 ? void 0 : _a.requestedScopes);
|
|
721
745
|
const res = yield this.tokenClient.getBySecret(provider, secret, assertionToken, scope);
|
|
746
|
+
this._store.setDefaultIdentityId(null);
|
|
722
747
|
yield this._store.setToken(res);
|
|
723
748
|
});
|
|
724
749
|
}
|
|
@@ -797,34 +822,40 @@ class NucleusIdentityService {
|
|
|
797
822
|
}
|
|
798
823
|
loginServicePrincipal() {
|
|
799
824
|
return __awaiter(this, void 0, void 0, function* () {
|
|
800
|
-
yield this.
|
|
825
|
+
const sp = yield this._store.getServicePrincipal();
|
|
826
|
+
if (sp) {
|
|
827
|
+
const scope = this.prepareScope(false, this.config.servicePrincipalRequestedScopes);
|
|
828
|
+
const res = yield this.tokenClient.getByClientCredentials(sp.id, sp.secret, scope);
|
|
829
|
+
yield this._store.setToken(res, this._servicePrincipalTokenId);
|
|
830
|
+
return res;
|
|
831
|
+
}
|
|
832
|
+
else {
|
|
833
|
+
throw Error('Service principal is not registered!');
|
|
834
|
+
}
|
|
835
|
+
});
|
|
836
|
+
}
|
|
837
|
+
loginAsServicePrincipal() {
|
|
838
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
839
|
+
const token = yield this._store.getToken(this._servicePrincipalTokenId);
|
|
840
|
+
if (!token) {
|
|
841
|
+
yield this.loginServicePrincipal();
|
|
842
|
+
}
|
|
843
|
+
this._store.setDefaultIdentityId(this._servicePrincipalTokenId);
|
|
801
844
|
});
|
|
802
845
|
}
|
|
803
|
-
/*
|
|
804
|
-
public async loginAsServicePrincipal() {
|
|
805
|
-
let token = await this._store.getToken(this._servicePrincipalTokenId);
|
|
806
|
-
if (!token) {
|
|
807
|
-
await this.loginServicePrincipal();
|
|
808
|
-
}
|
|
809
|
-
token = await this._store.getToken(this._servicePrincipalTokenId);
|
|
810
|
-
// TODO: we have to distinguished that token is service principal so refresh token stuff is handled correctly.
|
|
811
|
-
// We have to implement universal getAccessToken function that can handle all cases
|
|
812
|
-
await this._store.setToken(token);
|
|
813
|
-
}
|
|
814
|
-
*/
|
|
815
846
|
getOtp(type, expiresIn = -1) {
|
|
816
847
|
return __awaiter(this, void 0, void 0, function* () {
|
|
817
848
|
let url = this.config.getServerUrl(`/otp/create?type=${type}`);
|
|
818
849
|
if (expiresIn > 0) {
|
|
819
850
|
url += `&expiresIn=${expiresIn}`;
|
|
820
851
|
}
|
|
821
|
-
return this.http.get(url)
|
|
852
|
+
return lastValueFrom(this.http.get(url));
|
|
822
853
|
});
|
|
823
854
|
}
|
|
824
855
|
getOtpStatus(id) {
|
|
825
856
|
return __awaiter(this, void 0, void 0, function* () {
|
|
826
857
|
const url = this.config.getServerUrl(`/otp/status/${id}`);
|
|
827
|
-
return this.http.get(url)
|
|
858
|
+
return lastValueFrom(this.http.get(url));
|
|
828
859
|
});
|
|
829
860
|
}
|
|
830
861
|
getOtpUrl(redirectUrl, password) {
|
|
@@ -908,25 +939,11 @@ class NucleusIdentityService {
|
|
|
908
939
|
extras: params,
|
|
909
940
|
}, this._crypto, true);
|
|
910
941
|
}
|
|
911
|
-
loginServicePrincipalInternal() {
|
|
912
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
913
|
-
const sp = yield this._store.getServicePrincipal();
|
|
914
|
-
if (sp) {
|
|
915
|
-
const scope = this.prepareScope(false, this.config.servicePrincipalRequestedScopes);
|
|
916
|
-
const res = yield this.tokenClient.getByClientCredentials(sp.id, sp.secret, scope);
|
|
917
|
-
yield this._store.setToken(res, this._servicePrincipalTokenId);
|
|
918
|
-
return res;
|
|
919
|
-
}
|
|
920
|
-
else {
|
|
921
|
-
throw Error('Service principal is not registered!');
|
|
922
|
-
}
|
|
923
|
-
});
|
|
924
|
-
}
|
|
925
942
|
getServicePrincipalAccessTokenInternal() {
|
|
926
943
|
return __awaiter(this, void 0, void 0, function* () {
|
|
927
944
|
let token = yield this._store.getToken(this._servicePrincipalTokenId);
|
|
928
945
|
if (!(token === null || token === void 0 ? void 0 : token.isValid())) {
|
|
929
|
-
token = yield this.
|
|
946
|
+
token = yield this.loginServicePrincipal();
|
|
930
947
|
}
|
|
931
948
|
return token === null || token === void 0 ? void 0 : token.accessToken;
|
|
932
949
|
});
|
|
@@ -1010,9 +1027,9 @@ class NucleusIdentityService {
|
|
|
1010
1027
|
});
|
|
1011
1028
|
}
|
|
1012
1029
|
}
|
|
1013
|
-
NucleusIdentityService.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "
|
|
1014
|
-
NucleusIdentityService.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "
|
|
1015
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "
|
|
1030
|
+
NucleusIdentityService.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusIdentityService, deps: [{ token: i1.NucleusAppService }, { token: LocationService }, { token: i1$1.HttpClient }, { token: OidcConfigurationService }, { token: TokenClient }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
1031
|
+
NucleusIdentityService.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusIdentityService, providedIn: 'root' });
|
|
1032
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusIdentityService, decorators: [{
|
|
1016
1033
|
type: Injectable,
|
|
1017
1034
|
args: [{
|
|
1018
1035
|
providedIn: 'root'
|
|
@@ -1067,9 +1084,9 @@ class NucleusTokenInterceptor {
|
|
|
1067
1084
|
}));
|
|
1068
1085
|
}
|
|
1069
1086
|
}
|
|
1070
|
-
NucleusTokenInterceptor.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "
|
|
1071
|
-
NucleusTokenInterceptor.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "
|
|
1072
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "
|
|
1087
|
+
NucleusTokenInterceptor.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusTokenInterceptor, deps: [{ token: NucleusIdentityService }, { token: NucleusIdentityConfig }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
1088
|
+
NucleusTokenInterceptor.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusTokenInterceptor, providedIn: 'root' });
|
|
1089
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusTokenInterceptor, decorators: [{
|
|
1073
1090
|
type: Injectable,
|
|
1074
1091
|
args: [{
|
|
1075
1092
|
providedIn: 'root'
|
|
@@ -1087,10 +1104,10 @@ class NucleusIdentityModule {
|
|
|
1087
1104
|
};
|
|
1088
1105
|
}
|
|
1089
1106
|
}
|
|
1090
|
-
NucleusIdentityModule.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "
|
|
1091
|
-
NucleusIdentityModule.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "
|
|
1092
|
-
NucleusIdentityModule.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "
|
|
1093
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "
|
|
1107
|
+
NucleusIdentityModule.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusIdentityModule, deps: [], target: i0.ɵɵFactoryTarget.NgModule });
|
|
1108
|
+
NucleusIdentityModule.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "14.0.0", version: "14.0.6", ngImport: i0, type: NucleusIdentityModule });
|
|
1109
|
+
NucleusIdentityModule.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusIdentityModule });
|
|
1110
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusIdentityModule, decorators: [{
|
|
1094
1111
|
type: NgModule,
|
|
1095
1112
|
args: [{
|
|
1096
1113
|
imports: [],
|
|
@@ -1119,3 +1136,4 @@ var OtpType;
|
|
|
1119
1136
|
*/
|
|
1120
1137
|
|
|
1121
1138
|
export { DeviceCode, Identity, NucleusIdentityConfig, NucleusIdentityModule, NucleusIdentityService, OtpResponse, OtpStatus, OtpType, ServicePrincipalRegistrationStatus };
|
|
1139
|
+
//# sourceMappingURL=kolektor-nucleus-identity.mjs.map
|