@leancodepl/login-manager 8.5.0 → 8.5.1

package/index.esm.js

@@ -0,0 +1,545 @@
+import { Buffer } from 'buffer';
+
+function _extends() {
+    _extends = Object.assign || function assign(target) {
+        for(var i = 1; i < arguments.length; i++){
+            var source = arguments[i];
+            for(var key in source)if (Object.prototype.hasOwnProperty.call(source, key)) target[key] = source[key];
+        }
+        return target;
+    };
+    return _extends.apply(this, arguments);
+}
+
+class BaseLoginManager {
+    trySignIn(username, password) {
+        return this.acquireToken(this.buildSignInRequest(username, password));
+    }
+    trySignInWithFacebook(accessToken) {
+        return this.acquireToken(this.buildSignInWithFacebookRequest(accessToken));
+    }
+    trySignInWithOneTimeToken(token) {
+        return this.acquireToken(this.buildSignInWithOneTimeTokenRequest(token));
+    }
+    trySignInWithGoogle(accessToken) {
+        return this.acquireToken(this.buildSignInWithGoogleRequest(accessToken));
+    }
+    trySignInWithLinkedIn(accessToken) {
+        return this.acquireToken(this.buildSignInWithLinkedInRequest(accessToken));
+    }
+    async tryRefreshToken() {
+        const token = await this.storage.getToken();
+        if (token !== null) {
+            return await this.tryRefreshTokenInternal(token);
+        } else {
+            return null;
+        }
+    }
+    tryRefreshTokenInternal(token) {
+        if (!this.isRefreshingToken) {
+            this.isRefreshingToken = true;
+            this.acquireToken(this.buildRefreshRequest(token)).then((result)=>{
+                this.isRefreshingToken = false;
+                this.refreshTokenCallbacks.forEach((c)=>c(result.type === "success"));
+                this.refreshTokenCallbacks = [];
+            });
+        }
+        return new Promise((resolve)=>{
+            this.refreshTokenCallbacks.push(resolve);
+        });
+    }
+    onChange(callback) {
+        this.callbacks.push(callback);
+    }
+    removeOnChange(callback) {
+        const idx = this.callbacks.indexOf(callback);
+        if (idx !== -1) {
+            this.callbacks.splice(idx, 1);
+        }
+    }
+    async acquireToken(init) {
+        try {
+            const result = await fetch(this.endpoint + "/connect/token", init);
+            if (!result.ok) {
+                if (result.status === 400) {
+                    await this.signOut();
+                }
+                return {
+                    type: "failure"
+                };
+            }
+            const tokenResult = await result.json();
+            const expDate = new Date();
+            expDate.setSeconds(new Date().getSeconds() + tokenResult.expires_in);
+            await this.storage.storeToken({
+                token: tokenResult.access_token,
+                refreshToken: tokenResult.refresh_token,
+                expirationDate: expDate
+            });
+            this.notify(true);
+            return {
+                type: "success"
+            };
+        } catch (e) {
+            console.warn("Cannot call Auth server, error: ", e);
+            return {
+                type: "networkError"
+            };
+        }
+    }
+    buildSignInRequest(username, password) {
+        const data = _extends({
+            grant_type: "password",
+            scope: this.scopes,
+            username: username,
+            password: password
+        }, this.additionalParams);
+        return {
+            method: "POST",
+            headers: this.prepareHeaders(),
+            body: new URLSearchParams(data)
+        };
+    }
+    buildSignInWithFacebookRequest(accessToken) {
+        const data = _extends({
+            grant_type: "facebook",
+            scope: this.scopes,
+            assertion: accessToken
+        }, this.additionalParams);
+        return {
+            method: "POST",
+            headers: this.prepareHeaders(),
+            body: new URLSearchParams(data)
+        };
+    }
+    buildSignInWithOneTimeTokenRequest(token) {
+        const data = _extends({
+            grant_type: "onetime",
+            scope: this.scopes,
+            token
+        }, this.additionalParams);
+        return {
+            method: "POST",
+            headers: this.prepareHeaders(),
+            body: new URLSearchParams(data)
+        };
+    }
+    buildSignInWithGoogleRequest(accessToken) {
+        const data = _extends({
+            grant_type: "google",
+            scope: this.scopes,
+            assertion: accessToken
+        }, this.additionalParams);
+        return {
+            method: "POST",
+            headers: this.prepareHeaders(),
+            body: new URLSearchParams(data)
+        };
+    }
+    buildSignInWithLinkedInRequest(accessToken) {
+        const data = _extends({
+            grant_type: "linkedin",
+            scope: this.scopes,
+            assertion: accessToken
+        }, this.additionalParams);
+        return {
+            method: "POST",
+            headers: this.prepareHeaders(),
+            body: new URLSearchParams(data)
+        };
+    }
+    buildRefreshRequest(token) {
+        const data = _extends({
+            grant_type: "refresh_token",
+            scope: this.scopes,
+            refresh_token: token.refreshToken || ""
+        }, this.additionalParams);
+        return {
+            method: "POST",
+            headers: this.prepareHeaders(),
+            body: new URLSearchParams(data)
+        };
+    }
+    prepareHeaders() {
+        const headers = new Headers();
+        if (this.clientSecret) {
+            const sec = Buffer.from(`${this.clientId}:${this.clientSecret}`, "binary").toString("base64");
+            headers.append("Authorization", "Basic " + sec);
+        }
+        headers.append("Content-Type", "application/x-www-form-urlencoded");
+        return headers;
+    }
+    notify(isSignedIn) {
+        for (const c of this.callbacks){
+            c(isSignedIn);
+        }
+    }
+    /* eslint-disable-next-line max-params */ constructor(storage, endpoint, clientSecret, clientId, scopes, additionalParams){
+        this.storage = storage;
+        this.endpoint = endpoint;
+        this.clientSecret = clientSecret;
+        this.clientId = clientId;
+        this.scopes = scopes;
+        this.additionalParams = additionalParams;
+        this.callbacks = [];
+        this.refreshTokenCallbacks = [];
+        this.isRefreshingToken = false;
+        if (!clientSecret) {
+            this.additionalParams = _extends({}, additionalParams, {
+                client_id: clientId
+            });
+        }
+    }
+}
+
+/**
+ * Error thrown when token refresh fails.
+ * 
+ * Indicates that the refresh token is invalid or expired, requiring user to sign in again.
+ * 
+ * @example
+ * ```typescript
+ * try {
+ *   const token = await loginManager.getToken();
+ * } catch (error) {
+ *   if (error instanceof CannotRefreshToken) {
+ *     console.log('User needs to sign in again');
+ *   }
+ * }
+ * ```
+ */ class CannotRefreshToken extends Error {
+    constructor(m){
+        super(m);
+        Object.setPrototypeOf(this, CannotRefreshToken.prototype);
+    }
+}
+
+/**
+ * Manages OAuth2 authentication with asynchronous token storage.
+ * 
+ * Extends BaseLoginManager to work with async storage implementations like IndexedDB or remote storage.
+ * Handles token refresh, expiration, and authentication state management.
+ * 
+ * @param storage - Token storage implementation
+ * @param endpoint - OAuth2 server endpoint
+ * @param clientSecret - Client secret for authentication
+ * @param clientId - OAuth2 client identifier
+ * @param scopes - Space-separated OAuth2 scopes
+ * @param additionalParams - Additional OAuth2 parameters
+ * @example
+ * ```typescript
+ * const tokenStorage = new CustomAsyncStorage();
+ * const loginManager = new AsyncLoginManager(
+ *   tokenStorage,
+ *   'https://api.example.com',
+ *   'client_secret',
+ *   'client_id',
+ *   'openid profile'
+ * );
+ * ```
+ */ class AsyncLoginManager extends BaseLoginManager {
+    async signOut() {
+        await this.storage.resetToken();
+        this.notify(false);
+    }
+    async isSigned() {
+        return await this.storage.getToken() !== null;
+    }
+    async getToken() {
+        const token = await this.storage.getToken();
+        if (token === null) {
+            return null;
+        } else if (token.expirationDate < new Date()) {
+            if (await this.tryRefreshTokenInternal(token)) {
+                var _this;
+                var _token;
+                return (_token = (_this = await this.storage.getToken()) == null ? void 0 : _this.token) != null ? _token : null;
+            } else {
+                throw new CannotRefreshToken("Cannot refresh access token after it has expired");
+            }
+        } else {
+            return token.token;
+        }
+    }
+    async load() {
+        const isSignedIn = await this.isSigned();
+        this.notify(isSignedIn);
+    }
+}
+
+/// <reference types="facebook-js-sdk" />
+/**
+ * Integrates Facebook Login SDK for web applications.
+ * 
+ * Handles Facebook authentication flow and provides access tokens for OAuth2 sign-in.
+ * Automatically loads Facebook SDK and manages login state.
+ * 
+ * @param facebookAppId - Facebook App ID
+ * @param facebookPermissions - Comma-separated Facebook permissions
+ * @example
+ * ```typescript
+ * const facebookClient = new FacebookClient('your-app-id', 'email,public_profile');
+ * facebookClient.setup();
+ * facebookClient.login((accessToken) => {
+ *   return loginManager.trySignInWithFacebook(accessToken);
+ * });
+ * ```
+ */ class FacebookClient {
+    get accessToken() {
+        return this.token;
+    }
+    setup(loginCallback) {
+        const ref = document.getElementsByTagName("script")[0];
+        const id = "facebook-jssdk";
+        if (document.getElementById(id)) {
+            this.initializeSDK();
+            this.getLoginStatus(loginCallback);
+            return;
+        }
+        const js = document.createElement("script");
+        js.id = id;
+        js.async = true;
+        js.src = "//connect.facebook.net/pl_PL/sdk.js";
+        if (ref.parentNode != null) {
+            ref.parentNode.insertBefore(js, ref);
+        }
+        js.onload = ()=>{
+            this.initializeSDK();
+            this.getLoginStatus(loginCallback);
+        };
+    }
+    login(callback) {
+        FB.login((response)=>{
+            if (response.status === "connected") {
+                this.isSignedIn = true;
+                this.token = response.authResponse.accessToken;
+                if (callback) {
+                    callback(response.authResponse.accessToken);
+                }
+            } else {
+                this.isSignedIn = false;
+            }
+        }, {
+            scope: this.facebookPermissions
+        });
+    }
+    getLoginStatus(callback) {
+        FB.getLoginStatus((response)=>{
+            if (response.status === "connected") {
+                this.isSignedIn = true;
+                this.token = response.authResponse.accessToken;
+                if (callback) {
+                    callback(response.authResponse.accessToken);
+                }
+            } else {
+                this.isSignedIn = false;
+            }
+        });
+    }
+    initializeSDK() {
+        FB.init({
+            appId: this.facebookAppId,
+            xfbml: true,
+            version: "v2.9"
+        });
+    }
+    constructor(facebookAppId, facebookPermissions){
+        this.facebookAppId = facebookAppId;
+        this.facebookPermissions = facebookPermissions;
+        this.isSignedIn = undefined;
+        this.token = "";
+    }
+}
+
+/**
+ * Stores OAuth2 tokens in browser localStorage.
+ * 
+ * Provides persistent token storage that survives browser sessions.
+ * Implements SyncTokenStorage interface for synchronous operations.
+ * 
+ * @param tokenKey - localStorage key for access token (default: "token")
+ * @param refreshKey - localStorage key for refresh token (default: "refresh_token")
+ * @param expiryKey - localStorage key for expiry date (default: "expiration_date")
+ * @example
+ * ```typescript
+ * const storage = new LocalTokenStorage();
+ * const loginManager = new SyncLoginManager(storage, endpoint, secret, clientId, scopes);
+ * ```
+ */ class LocalTokenStorage {
+    getToken() {
+        if (this.hasValue(this.tokenKey)) {
+            return {
+                token: this.getValue(this.tokenKey),
+                refreshToken: this.getValue(this.refreshKey),
+                expirationDate: new Date(Number(this.getValue(this.expiryKey)))
+            };
+        } else {
+            return null;
+        }
+    }
+    storeToken(token) {
+        this.setValue(this.tokenKey, token.token);
+        this.setValue(this.refreshKey, token.refreshToken);
+        this.setValue(this.expiryKey, token.expirationDate.getTime().toString());
+    }
+    resetToken() {
+        this.remove(this.tokenKey);
+        this.remove(this.refreshKey);
+        this.remove(this.expiryKey);
+    }
+    hasValue(key) {
+        return localStorage.getItem(key) !== null;
+    }
+    getValue(key) {
+        return localStorage.getItem(key);
+    }
+    setValue(key, val) {
+        localStorage.setItem(key, val);
+    }
+    remove(key) {
+        localStorage.removeItem(key);
+    }
+    constructor(tokenKey = "token", refreshKey = "refresh_token", expiryKey = "expiration_date"){
+        this.tokenKey = tokenKey;
+        this.refreshKey = refreshKey;
+        this.expiryKey = expiryKey;
+    }
+}
+
+/**
+ * Stores OAuth2 tokens in memory.
+ * 
+ * Provides temporary token storage that clears when the page is refreshed.
+ * Implements SyncTokenStorage interface for synchronous operations.
+ * 
+ * @example
+ * ```typescript
+ * const storage = new MemoryTokenStorage();
+ * const loginManager = new SyncLoginManager(storage, endpoint, secret, clientId, scopes);
+ * ```
+ */ class MemoryTokenStorage {
+    getToken() {
+        return this.token;
+    }
+    storeToken(token) {
+        this.token = {
+            token: token.token,
+            refreshToken: token.refreshToken,
+            expirationDate: token.expirationDate
+        };
+        return Promise.resolve();
+    }
+    resetToken() {
+        this.token = null;
+        return Promise.resolve();
+    }
+    constructor(){
+        this.token = null;
+    }
+}
+
+/**
+ * Stores OAuth2 tokens in browser sessionStorage.
+ * 
+ * Provides session-based token storage that clears when the browser tab is closed.
+ * Implements SyncTokenStorage interface for synchronous operations.
+ * 
+ * @param tokenKey - sessionStorage key for access token (default: "token")
+ * @param refreshKey - sessionStorage key for refresh token (default: "refresh_token")
+ * @param expiryKey - sessionStorage key for expiry date (default: "expiration_date")
+ * @example
+ * ```typescript
+ * const storage = new SessionTokenStorage();
+ * const loginManager = new SyncLoginManager(storage, endpoint, secret, clientId, scopes);
+ * ```
+ */ class SessionTokenStorage {
+    getToken() {
+        if (this.hasValue(this.tokenKey)) {
+            return {
+                token: this.getValue(this.tokenKey),
+                refreshToken: this.getValue(this.refreshKey),
+                expirationDate: new Date(Number(this.getValue(this.expiryKey)))
+            };
+        } else {
+            return null;
+        }
+    }
+    storeToken(token) {
+        this.setValue(this.tokenKey, token.token);
+        this.setValue(this.refreshKey, token.refreshToken);
+        this.setValue(this.expiryKey, token.expirationDate.getTime().toString());
+    }
+    resetToken() {
+        this.remove(this.tokenKey);
+        this.remove(this.refreshKey);
+        this.remove(this.expiryKey);
+    }
+    hasValue(key) {
+        return sessionStorage.getItem(key) !== null;
+    }
+    getValue(key) {
+        return sessionStorage.getItem(key);
+    }
+    setValue(key, val) {
+        sessionStorage.setItem(key, val);
+    }
+    remove(key) {
+        sessionStorage.removeItem(key);
+    }
+    constructor(tokenKey = "token", refreshKey = "refresh_token", expiryKey = "expiration_date"){
+        this.tokenKey = tokenKey;
+        this.refreshKey = refreshKey;
+        this.expiryKey = expiryKey;
+    }
+}
+
+/**
+ * Manages OAuth2 authentication with synchronous token storage.
+ * 
+ * Extends BaseLoginManager to work with sync storage implementations like localStorage or sessionStorage.
+ * Handles token refresh, expiration, and authentication state management.
+ * 
+ * @param storage - Token storage implementation
+ * @param endpoint - OAuth2 server endpoint
+ * @param clientSecret - Client secret for authentication
+ * @param clientId - OAuth2 client identifier
+ * @param scopes - Space-separated OAuth2 scopes
+ * @param additionalParams - Additional OAuth2 parameters
+ * @example
+ * ```typescript
+ * const tokenStorage = new LocalTokenStorage();
+ * const loginManager = new SyncLoginManager(
+ *   tokenStorage,
+ *   'https://api.example.com',
+ *   'client_secret',
+ *   'client_id',
+ *   'openid profile'
+ * );
+ * ```
+ */ class SyncLoginManager extends BaseLoginManager {
+    signOut() {
+        this.storage.resetToken();
+        this.notify(false);
+    }
+    isSigned() {
+        return this.storage.getToken() !== null;
+    }
+    async getToken() {
+        const token = this.storage.getToken();
+        if (token === null) {
+            return null;
+        } else if (token.expirationDate < new Date()) {
+            if (await this.tryRefreshTokenInternal(token)) {
+                var _this_storage_getToken;
+                var _this_storage_getToken_token;
+                return (_this_storage_getToken_token = (_this_storage_getToken = this.storage.getToken()) == null ? void 0 : _this_storage_getToken.token) != null ? _this_storage_getToken_token : null;
+            } else {
+                throw new CannotRefreshToken("Cannot refresh access token after it has expired");
+            }
+        } else {
+            return token.token;
+        }
+    }
+}
+
+export { AsyncLoginManager, BaseLoginManager, CannotRefreshToken, FacebookClient, LocalTokenStorage, MemoryTokenStorage, SessionTokenStorage, SyncLoginManager };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@leancodepl/login-manager",
-  "version": "8.5.0",
+  "version": "8.5.1",
   "license": "Apache-2.0",
   "dependencies": {
     "buffer": ">=6.0.0"
@@ -36,11 +36,6 @@
     "name": "LeanCode",
     "url": "https://leancode.co"
   },
-  "files": [
-    "dist",
-    "README.md",
-    "CHANGELOG.md"
-  ],
   "sideEffects": false,
   "exports": {
     "./package.json": "./package.json",

package/src/index.d.ts

@@ -0,0 +1,9 @@
+export * from "./lib/asyncLoginManager";
+export * from "./lib/baseLoginManager";
+export * from "./lib/cannotRefreshToken";
+export * from "./lib/facebookClient";
+export * from "./lib/localTokenStorage";
+export * from "./lib/memoryTokenStorage";
+export * from "./lib/sessionTokenStorage";
+export * from "./lib/syncLoginManager";
+export * from "./lib/tokenStorage";

package/src/lib/asyncLoginManager.d.ts

@@ -0,0 +1,32 @@
+import { BaseLoginManager, LoginManager } from "./baseLoginManager";
+import { AsyncTokenStorage } from "./tokenStorage";
+/**
+ * Manages OAuth2 authentication with asynchronous token storage.
+ *
+ * Extends BaseLoginManager to work with async storage implementations like IndexedDB or remote storage.
+ * Handles token refresh, expiration, and authentication state management.
+ *
+ * @param storage - Token storage implementation
+ * @param endpoint - OAuth2 server endpoint
+ * @param clientSecret - Client secret for authentication
+ * @param clientId - OAuth2 client identifier
+ * @param scopes - Space-separated OAuth2 scopes
+ * @param additionalParams - Additional OAuth2 parameters
+ * @example
+ * ```typescript
+ * const tokenStorage = new CustomAsyncStorage();
+ * const loginManager = new AsyncLoginManager(
+ *   tokenStorage,
+ *   'https://api.example.com',
+ *   'client_secret',
+ *   'client_id',
+ *   'openid profile'
+ * );
+ * ```
+ */
+export declare class AsyncLoginManager extends BaseLoginManager<AsyncTokenStorage> implements LoginManager {
+    signOut(): Promise<void>;
+    isSigned(): Promise<boolean>;
+    getToken(): Promise<string | null>;
+    load(): Promise<void>;
+}

package/src/lib/baseLoginManager.d.ts

@@ -0,0 +1,46 @@
+import { AsyncTokenStorage, Token, TokenStorage } from "./tokenStorage";
+export interface LoginSuccess {
+    readonly type: "success";
+}
+export interface LoginFailure {
+    readonly type: "failure";
+}
+export interface LoginNetworkError {
+    readonly type: "networkError";
+}
+export type LoginResult = LoginFailure | LoginNetworkError | LoginSuccess;
+export interface LoginManager extends BaseLoginManager<TokenStorage> {
+}
+export declare abstract class BaseLoginManager<TStorage extends TokenStorage> {
+    protected storage: TStorage;
+    private endpoint;
+    private clientSecret;
+    private clientId;
+    private scopes;
+    private additionalParams?;
+    private callbacks;
+    private refreshTokenCallbacks;
+    private isRefreshingToken;
+    constructor(storage: TStorage, endpoint: string, clientSecret: string | undefined, clientId: string, scopes: string, additionalParams?: Record<string, string> | undefined);
+    abstract signOut(): TStorage extends AsyncTokenStorage ? Promise<void> : void;
+    abstract isSigned(): TStorage extends AsyncTokenStorage ? Promise<boolean> : boolean;
+    abstract getToken(): Promise<string | null>;
+    trySignIn(username: string, password: string): Promise<LoginResult>;
+    trySignInWithFacebook(accessToken: string): Promise<LoginResult>;
+    trySignInWithOneTimeToken(token: string): Promise<LoginResult>;
+    trySignInWithGoogle(accessToken: string): Promise<LoginResult>;
+    trySignInWithLinkedIn(accessToken: string): Promise<LoginResult>;
+    tryRefreshToken(): Promise<boolean | null>;
+    protected tryRefreshTokenInternal(token: Token): Promise<boolean>;
+    onChange(callback: (isSignedIn: boolean) => void): void;
+    removeOnChange(callback: (isSignedIn: boolean) => void): void;
+    acquireToken(init: RequestInit): Promise<LoginResult>;
+    buildSignInRequest(username: string, password: string): RequestInit;
+    private buildSignInWithFacebookRequest;
+    private buildSignInWithOneTimeTokenRequest;
+    private buildSignInWithGoogleRequest;
+    private buildSignInWithLinkedInRequest;
+    private buildRefreshRequest;
+    private prepareHeaders;
+    protected notify(isSignedIn: boolean): void;
+}

package/src/lib/cannotRefreshToken.d.ts

@@ -0,0 +1,19 @@
+/**
+ * Error thrown when token refresh fails.
+ *
+ * Indicates that the refresh token is invalid or expired, requiring user to sign in again.
+ *
+ * @example
+ * ```typescript
+ * try {
+ *   const token = await loginManager.getToken();
+ * } catch (error) {
+ *   if (error instanceof CannotRefreshToken) {
+ *     console.log('User needs to sign in again');
+ *   }
+ * }
+ * ```
+ */
+export declare class CannotRefreshToken extends Error {
+    constructor(m: string);
+}

package/src/lib/facebookClient.d.ts

@@ -0,0 +1,29 @@
+/**
+ * Integrates Facebook Login SDK for web applications.
+ *
+ * Handles Facebook authentication flow and provides access tokens for OAuth2 sign-in.
+ * Automatically loads Facebook SDK and manages login state.
+ *
+ * @param facebookAppId - Facebook App ID
+ * @param facebookPermissions - Comma-separated Facebook permissions
+ * @example
+ * ```typescript
+ * const facebookClient = new FacebookClient('your-app-id', 'email,public_profile');
+ * facebookClient.setup();
+ * facebookClient.login((accessToken) => {
+ *   return loginManager.trySignInWithFacebook(accessToken);
+ * });
+ * ```
+ */
+export declare class FacebookClient {
+    private facebookAppId;
+    private facebookPermissions;
+    isSignedIn?: boolean;
+    private token;
+    constructor(facebookAppId: string, facebookPermissions: string);
+    get accessToken(): string;
+    setup(loginCallback?: (accessToken: string) => Promise<void>): void;
+    login(callback?: (accessToken: string) => Promise<void>): void;
+    private getLoginStatus;
+    private initializeSDK;
+}