@loka-sms/sso 1.1.6 → 1.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/oauthRedirect.js +40 -2
  2. package/dist/ticket.d.ts +1 -1
  3. package/dist/ticket.js +1 -1
  4. package/package.json +1 -1
package/dist/oauthRedirect.js CHANGED
@@ -11,14 +11,52 @@ function getCookie(name) {
11
11
  const match = document.cookie.match(new RegExp(`(^| )${escaped}=([^;]+)`));
12
12
  return match ? decodeURIComponent(match[2]) : '';
13
13
  }
14
+ function decodeJwt(token) {
15
+ try {
16
+ const parts = token.split('.');
17
+ if (parts.length !== 3)
18
+ return null;
19
+ return JSON.parse(atob(parts[1]));
20
+ }
21
+ catch {
22
+ return null;
23
+ }
24
+ }
25
+ function isTokenExpired(token) {
26
+ const payload = decodeJwt(token);
27
+ if (!payload?.exp)
28
+ return false;
29
+ return payload.exp * 1000 <= Date.now();
30
+ }
31
+ function hasCompleteAuth() {
32
+ return hasSsoToken();
33
+ }
14
34
  function hasSsoToken() {
15
- return Boolean(getCookie('sms_ac_token') || localStorage.getItem('sms_ac_token'));
35
+ const token = getCookie('sms_ac_token') || localStorage.getItem('sms_ac_token');
36
+ if (!token)
37
+ return false;
38
+ if (isTokenExpired(token))
39
+ return false;
40
+ return true;
16
41
  }
17
42
  async function redirectToOAuthLogin({ clientId, apiBase = '/api', callbackPath = '/auth/callback', authenticatedPath = '/', }) {
18
- if (hasSsoToken()) {
43
+ if (hasCompleteAuth()) {
19
44
  window.location.href = authenticatedPath;
20
45
  return;
21
46
  }
47
+ // Only clear an expired token. A valid token without a cached profile can
48
+ // still bootstrap the target app through /auth/me.
49
+ const staleToken = getCookie('sms_ac_token') || localStorage.getItem('sms_ac_token');
50
+ if (staleToken && isTokenExpired(staleToken)) {
51
+ localStorage.removeItem('sms_ac_token');
52
+ localStorage.removeItem('sms_refresh_token');
53
+ localStorage.removeItem('lms_user');
54
+ localStorage.removeItem('user_role');
55
+ localStorage.removeItem('user_id');
56
+ localStorage.removeItem('school_sms_id');
57
+ document.cookie = 'sms_ac_token=; path=/; Max-Age=0; SameSite=Lax';
58
+ document.cookie = 'sms_refresh_token=; path=/; Max-Age=0; SameSite=Lax';
59
+ }
22
60
  const state = (0, pkce_1.generateState)();
23
61
  const codeVerifier = (0, pkce_1.generateCodeVerifier)();
24
62
  const codeChallenge = await (0, pkce_1.generateCodeChallenge)(codeVerifier);
package/dist/ticket.d.ts CHANGED
@@ -18,7 +18,7 @@ export interface ExchangeTicketOptions {
18
18
  }
19
19
  export interface ExchangeTicketResponse {
20
20
  accessToken: string;
21
- refreshToken: string;
21
+ refreshToken?: string;
22
22
  user?: any;
23
23
  }
24
24
  export declare function getStoredAccessToken(): string;
package/dist/ticket.js CHANGED
@@ -67,7 +67,7 @@ async function exchangeTicket(options) {
67
67
  const data = await parseJsonResponse(response);
68
68
  const accessToken = data.accessToken || data.token || data.access_token;
69
69
  const refreshToken = data.refreshToken || data.refresh_token;
70
- if (!accessToken || !refreshToken)
70
+ if (!accessToken)
71
71
  throw new Error('Token tidak ditemukan dalam response exchange.');
72
72
  return { accessToken, refreshToken, user: data.user };
73
73
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@loka-sms/sso",
3
- "version": "1.1.6",
3
+ "version": "1.1.7",
4
4
  "description": "SSO utilities, hooks, and components for Loka SMS modules (OAuth2 PKCE, cross-app logout)",
5
5
  "license": "MIT",
6
6
  "type": "commonjs",