@kolektor/nucleus-identity 0.0.9-pre.5707 → 0.0.10-pre.6137
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/esm2020/lib/nucleus-identity.module.mjs +5 -5
- package/esm2020/lib/nucleus-identity.service.mjs +31 -33
- package/esm2020/lib/nucleus-token-interceptor.service.mjs +3 -3
- package/esm2020/lib/utils/angular-requestor.mjs +3 -3
- package/esm2020/lib/utils/location.service.mjs +3 -3
- package/esm2020/lib/utils/oidc-configuration.service.mjs +3 -3
- package/esm2020/lib/utils/secrets-store.mjs +23 -3
- package/esm2020/lib/utils/token-client.mjs +3 -3
- package/fesm2015/kolektor-nucleus-identity.mjs +73 -55
- package/fesm2015/kolektor-nucleus-identity.mjs.map +1 -1
- package/fesm2020/kolektor-nucleus-identity.mjs +72 -54
- package/fesm2020/kolektor-nucleus-identity.mjs.map +1 -1
- package/{kolektor-nucleus-identity.d.ts → index.d.ts} +0 -0
- package/lib/nucleus-identity.service.d.ts +4 -2
- package/lib/utils/secrets-store.d.ts +4 -0
- package/package.json +6 -6
|
@@ -2,7 +2,7 @@ import * as i0 from '@angular/core';
|
|
|
2
2
|
import { Injectable, NgModule } from '@angular/core';
|
|
3
3
|
import * as i1$1 from '@angular/common/http';
|
|
4
4
|
import { HttpErrorResponse, HTTP_INTERCEPTORS } from '@angular/common/http';
|
|
5
|
-
import { from, throwError } from 'rxjs';
|
|
5
|
+
import { lastValueFrom, from, throwError } from 'rxjs';
|
|
6
6
|
import { AppAuthError, AuthorizationNotifier, TokenResponse, Requestor, AuthorizationServiceConfiguration, JQueryRequestor, nowInSeconds, BaseTokenRequestHandler, BasicQueryStringUtils, TokenRequest, GRANT_TYPE_AUTHORIZATION_CODE, GRANT_TYPE_REFRESH_TOKEN, LocalStorageBackend, RedirectRequestHandler, AuthorizationRequest } from '@openid/appauth';
|
|
7
7
|
import { App } from '@capacitor/app';
|
|
8
8
|
import { Browser } from '@capacitor/browser';
|
|
@@ -144,9 +144,9 @@ class LocationService {
|
|
|
144
144
|
}
|
|
145
145
|
}
|
|
146
146
|
}
|
|
147
|
-
LocationService.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "
|
|
148
|
-
LocationService.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "
|
|
149
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "
|
|
147
|
+
LocationService.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: LocationService, deps: [{ token: i1.NucleusAppService }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
148
|
+
LocationService.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: LocationService, providedIn: 'root' });
|
|
149
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: LocationService, decorators: [{
|
|
150
150
|
type: Injectable,
|
|
151
151
|
args: [{
|
|
152
152
|
providedIn: 'root'
|
|
@@ -218,8 +218,16 @@ class SecretsStore {
|
|
|
218
218
|
constructor(clientId) {
|
|
219
219
|
this._tokens = {};
|
|
220
220
|
this._identities = {};
|
|
221
|
-
this
|
|
222
|
-
this.
|
|
221
|
+
// this specify which identity id is used by default, when If id is not specified in getToken or getIdentity
|
|
222
|
+
this._defaultIdentityId = null;
|
|
223
|
+
this._defaultIdentityIdStorageKey = null;
|
|
224
|
+
this._tokenStorageKeyPrefix = `Nucleus.Identity.${clientId}`; // do not change this or login with existing tokens will fail
|
|
225
|
+
this._servicePrincipalKey = `${this._tokenStorageKeyPrefix}.SvcP`;
|
|
226
|
+
this._defaultIdentityIdStorageKey = `${this._tokenStorageKeyPrefix}.IdId`;
|
|
227
|
+
this._defaultIdentityId = localStorage.getItem(this._defaultIdentityIdStorageKey);
|
|
228
|
+
}
|
|
229
|
+
get defaultIdentityId() {
|
|
230
|
+
return this._defaultIdentityId;
|
|
223
231
|
}
|
|
224
232
|
removeServicePrincipal() {
|
|
225
233
|
this._servicePrincipal = null;
|
|
@@ -242,6 +250,15 @@ class SecretsStore {
|
|
|
242
250
|
const key = this.getTokenKey(id);
|
|
243
251
|
return this._identities[key];
|
|
244
252
|
}
|
|
253
|
+
setDefaultIdentityId(id) {
|
|
254
|
+
this._defaultIdentityId = id;
|
|
255
|
+
if (this._defaultIdentityId) {
|
|
256
|
+
localStorage.setItem(this._defaultIdentityIdStorageKey, this._defaultIdentityId);
|
|
257
|
+
}
|
|
258
|
+
else {
|
|
259
|
+
localStorage.removeItem(this._defaultIdentityIdStorageKey);
|
|
260
|
+
}
|
|
261
|
+
}
|
|
245
262
|
async getToken(id = null) {
|
|
246
263
|
const key = this.getTokenKey(id);
|
|
247
264
|
// if token is not there or it is invalid we check storage again before returning
|
|
@@ -286,6 +303,9 @@ class SecretsStore {
|
|
|
286
303
|
}
|
|
287
304
|
}
|
|
288
305
|
getTokenKey(id = null) {
|
|
306
|
+
if (!id) {
|
|
307
|
+
id = this._defaultIdentityId;
|
|
308
|
+
}
|
|
289
309
|
return id ? `${this._tokenStorageKeyPrefix}.${id}` : this._tokenStorageKeyPrefix;
|
|
290
310
|
}
|
|
291
311
|
clear(key) {
|
|
@@ -334,9 +354,9 @@ class AngularRequestor extends Requestor {
|
|
|
334
354
|
});
|
|
335
355
|
}
|
|
336
356
|
}
|
|
337
|
-
AngularRequestor.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "
|
|
338
|
-
AngularRequestor.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "
|
|
339
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "
|
|
357
|
+
AngularRequestor.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: AngularRequestor, deps: [{ token: i1$1.HttpClient }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
358
|
+
AngularRequestor.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: AngularRequestor, providedIn: 'root' });
|
|
359
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: AngularRequestor, decorators: [{
|
|
340
360
|
type: Injectable,
|
|
341
361
|
args: [{
|
|
342
362
|
providedIn: 'root'
|
|
@@ -437,9 +457,9 @@ class OidcConfigurationService {
|
|
|
437
457
|
}
|
|
438
458
|
}
|
|
439
459
|
}
|
|
440
|
-
OidcConfigurationService.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "
|
|
441
|
-
OidcConfigurationService.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "
|
|
442
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "
|
|
460
|
+
OidcConfigurationService.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: OidcConfigurationService, deps: [{ token: AngularRequestor }, { token: NucleusIdentityConfig }, { token: i1.NucleusAppService }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
461
|
+
OidcConfigurationService.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: OidcConfigurationService, providedIn: 'root' });
|
|
462
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: OidcConfigurationService, decorators: [{
|
|
443
463
|
type: Injectable,
|
|
444
464
|
args: [{
|
|
445
465
|
providedIn: 'root'
|
|
@@ -594,9 +614,9 @@ class TokenClient {
|
|
|
594
614
|
}
|
|
595
615
|
}
|
|
596
616
|
}
|
|
597
|
-
TokenClient.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "
|
|
598
|
-
TokenClient.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "
|
|
599
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "
|
|
617
|
+
TokenClient.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: TokenClient, deps: [{ token: AngularRequestor }, { token: OidcConfigurationService }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
618
|
+
TokenClient.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: TokenClient, providedIn: 'root' });
|
|
619
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: TokenClient, decorators: [{
|
|
600
620
|
type: Injectable,
|
|
601
621
|
args: [{
|
|
602
622
|
providedIn: 'root'
|
|
@@ -647,6 +667,9 @@ class NucleusIdentityService {
|
|
|
647
667
|
get isServicePrincipalAuthenticated() {
|
|
648
668
|
return this.servicePrincipalIdentity != null;
|
|
649
669
|
}
|
|
670
|
+
get isIdentityServicePrincipal() {
|
|
671
|
+
return this._store.defaultIdentityId === this._servicePrincipalTokenId;
|
|
672
|
+
}
|
|
650
673
|
async init(startLogin = false) {
|
|
651
674
|
if (this._initStarted || this._initialized) {
|
|
652
675
|
console.warn('Nucleus.Identity: Auth initialization was already started. Don\'t call init() multiple times!');
|
|
@@ -664,6 +687,7 @@ class NucleusIdentityService {
|
|
|
664
687
|
const request = this._authorizationNotifier.request;
|
|
665
688
|
const response = this._authorizationNotifier.response;
|
|
666
689
|
const res = await this.tokenClient.getByAuthorizationCode(request.redirectUri, response.code, request.internal['code_verifier']);
|
|
690
|
+
this._store.setDefaultIdentityId(null);
|
|
667
691
|
await this._store.setToken(res);
|
|
668
692
|
}
|
|
669
693
|
else {
|
|
@@ -679,6 +703,7 @@ class NucleusIdentityService {
|
|
|
679
703
|
const assertionToken = await this.getServicePrincipalAccessToken();
|
|
680
704
|
const scope = this.prepareScope(true, this.config?.requestedScopes);
|
|
681
705
|
const res = await this.tokenClient.getBySecret(provider, secret, assertionToken, scope);
|
|
706
|
+
this._store.setDefaultIdentityId(null);
|
|
682
707
|
await this._store.setToken(res);
|
|
683
708
|
}
|
|
684
709
|
async login() {
|
|
@@ -747,30 +772,34 @@ class NucleusIdentityService {
|
|
|
747
772
|
}
|
|
748
773
|
}
|
|
749
774
|
async loginServicePrincipal() {
|
|
750
|
-
await this.
|
|
751
|
-
|
|
752
|
-
|
|
753
|
-
|
|
754
|
-
|
|
755
|
-
|
|
756
|
-
|
|
757
|
-
|
|
758
|
-
|
|
759
|
-
|
|
760
|
-
|
|
761
|
-
|
|
762
|
-
|
|
763
|
-
|
|
775
|
+
const sp = await this._store.getServicePrincipal();
|
|
776
|
+
if (sp) {
|
|
777
|
+
const scope = this.prepareScope(false, this.config.servicePrincipalRequestedScopes);
|
|
778
|
+
const res = await this.tokenClient.getByClientCredentials(sp.id, sp.secret, scope);
|
|
779
|
+
await this._store.setToken(res, this._servicePrincipalTokenId);
|
|
780
|
+
return res;
|
|
781
|
+
}
|
|
782
|
+
else {
|
|
783
|
+
throw Error('Service principal is not registered!');
|
|
784
|
+
}
|
|
785
|
+
}
|
|
786
|
+
async loginAsServicePrincipal() {
|
|
787
|
+
const token = await this._store.getToken(this._servicePrincipalTokenId);
|
|
788
|
+
if (!token) {
|
|
789
|
+
await this.loginServicePrincipal();
|
|
790
|
+
}
|
|
791
|
+
this._store.setDefaultIdentityId(this._servicePrincipalTokenId);
|
|
792
|
+
}
|
|
764
793
|
async getOtp(type, expiresIn = -1) {
|
|
765
794
|
let url = this.config.getServerUrl(`/otp/create?type=${type}`);
|
|
766
795
|
if (expiresIn > 0) {
|
|
767
796
|
url += `&expiresIn=${expiresIn}`;
|
|
768
797
|
}
|
|
769
|
-
return this.http.get(url)
|
|
798
|
+
return lastValueFrom(this.http.get(url));
|
|
770
799
|
}
|
|
771
800
|
async getOtpStatus(id) {
|
|
772
801
|
const url = this.config.getServerUrl(`/otp/status/${id}`);
|
|
773
|
-
return this.http.get(url)
|
|
802
|
+
return lastValueFrom(this.http.get(url));
|
|
774
803
|
}
|
|
775
804
|
getOtpUrl(redirectUrl, password) {
|
|
776
805
|
const encoded = encodeURIComponent(redirectUrl);
|
|
@@ -841,22 +870,10 @@ class NucleusIdentityService {
|
|
|
841
870
|
extras: params,
|
|
842
871
|
}, this._crypto, true);
|
|
843
872
|
}
|
|
844
|
-
async loginServicePrincipalInternal() {
|
|
845
|
-
const sp = await this._store.getServicePrincipal();
|
|
846
|
-
if (sp) {
|
|
847
|
-
const scope = this.prepareScope(false, this.config.servicePrincipalRequestedScopes);
|
|
848
|
-
const res = await this.tokenClient.getByClientCredentials(sp.id, sp.secret, scope);
|
|
849
|
-
await this._store.setToken(res, this._servicePrincipalTokenId);
|
|
850
|
-
return res;
|
|
851
|
-
}
|
|
852
|
-
else {
|
|
853
|
-
throw Error('Service principal is not registered!');
|
|
854
|
-
}
|
|
855
|
-
}
|
|
856
873
|
async getServicePrincipalAccessTokenInternal() {
|
|
857
874
|
let token = await this._store.getToken(this._servicePrincipalTokenId);
|
|
858
875
|
if (!token?.isValid()) {
|
|
859
|
-
token = await this.
|
|
876
|
+
token = await this.loginServicePrincipal();
|
|
860
877
|
}
|
|
861
878
|
return token?.accessToken;
|
|
862
879
|
}
|
|
@@ -933,9 +950,9 @@ class NucleusIdentityService {
|
|
|
933
950
|
});
|
|
934
951
|
}
|
|
935
952
|
}
|
|
936
|
-
NucleusIdentityService.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "
|
|
937
|
-
NucleusIdentityService.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "
|
|
938
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "
|
|
953
|
+
NucleusIdentityService.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusIdentityService, deps: [{ token: i1.NucleusAppService }, { token: LocationService }, { token: i1$1.HttpClient }, { token: OidcConfigurationService }, { token: TokenClient }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
954
|
+
NucleusIdentityService.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusIdentityService, providedIn: 'root' });
|
|
955
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusIdentityService, decorators: [{
|
|
939
956
|
type: Injectable,
|
|
940
957
|
args: [{
|
|
941
958
|
providedIn: 'root'
|
|
@@ -988,9 +1005,9 @@ class NucleusTokenInterceptor {
|
|
|
988
1005
|
}));
|
|
989
1006
|
}
|
|
990
1007
|
}
|
|
991
|
-
NucleusTokenInterceptor.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "
|
|
992
|
-
NucleusTokenInterceptor.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "
|
|
993
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "
|
|
1008
|
+
NucleusTokenInterceptor.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusTokenInterceptor, deps: [{ token: NucleusIdentityService }, { token: NucleusIdentityConfig }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
1009
|
+
NucleusTokenInterceptor.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusTokenInterceptor, providedIn: 'root' });
|
|
1010
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusTokenInterceptor, decorators: [{
|
|
994
1011
|
type: Injectable,
|
|
995
1012
|
args: [{
|
|
996
1013
|
providedIn: 'root'
|
|
@@ -1008,10 +1025,10 @@ class NucleusIdentityModule {
|
|
|
1008
1025
|
};
|
|
1009
1026
|
}
|
|
1010
1027
|
}
|
|
1011
|
-
NucleusIdentityModule.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "
|
|
1012
|
-
NucleusIdentityModule.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "
|
|
1013
|
-
NucleusIdentityModule.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "
|
|
1014
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "
|
|
1028
|
+
NucleusIdentityModule.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusIdentityModule, deps: [], target: i0.ɵɵFactoryTarget.NgModule });
|
|
1029
|
+
NucleusIdentityModule.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "14.0.0", version: "14.0.6", ngImport: i0, type: NucleusIdentityModule });
|
|
1030
|
+
NucleusIdentityModule.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusIdentityModule });
|
|
1031
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "14.0.6", ngImport: i0, type: NucleusIdentityModule, decorators: [{
|
|
1015
1032
|
type: NgModule,
|
|
1016
1033
|
args: [{
|
|
1017
1034
|
imports: [],
|
|
@@ -1040,3 +1057,4 @@ var OtpType;
|
|
|
1040
1057
|
*/
|
|
1041
1058
|
|
|
1042
1059
|
export { DeviceCode, Identity, NucleusIdentityConfig, NucleusIdentityModule, NucleusIdentityService, OtpResponse, OtpStatus, OtpType, ServicePrincipalRegistrationStatus };
|
|
1060
|
+
//# sourceMappingURL=kolektor-nucleus-identity.mjs.map
|