@mindline/sync 1.0.42 → 1.0.43

package/index.d.ts

@@ -26,7 +26,6 @@ declare module "@mindline/sync" {
         loginHint: string;
         scopes: string[];
         authTS: Date;
-        claimsprincipal: string; // claims principal cached at login to allow clearing cache at logout
         constructor();
     }
     // tenant (Azure AD tenant, AD domain, Google workspace)

package/index.ts

@@ -1187,8 +1187,8 @@ export async function tenantRelationshipsGetByDomain(loggedInUser: User, tenant:
 //tenantRelationshipsGetById - query AAD for associated company name and domain
 export async function tenantRelationshipsGetById(user: User, ii: InitInfo, instance: IPublicClientApplication, tasks: TaskArray, debug: boolean): Promise<boolean> {
     if (debug) debugger;
-    // do we already have a valid company name? if so, nothing to add, no need for UX to re-render
-    if (user.companyName != "") return false;
+    // since we should mainly be called when a user has newly logged in, we can afford the performance hit of looking up the tenant name and domain again
+    // if (user.companyName != "") return false;
     // if needed, retrieve and cache access token
     if (user.accessToken === "") {
         try {
@@ -1276,7 +1276,7 @@ export async function tenantUnauthenticatedLookup(tenant: Tenant, debug: boolean
                     var authMatches = tenantAuthEndpoint.match(regexes[j]);
                     tenant.tid = authMatches[2];
                     tenant.authority = authMatches[1];  // USGov tenants are registered in WW with USGov authority values!
-                    console.log("Successful GET from openid well-known endpoint");
+                    console.log(`Successful GET from openid well-known endpoint: tid: ${tenant.tid} authority: ${tenant.authority}`);
                     return true;  // success, need UX to re-render
                 }
                 else {
@@ -1376,12 +1376,12 @@ export async function initGet(instance: IPublicClientApplication, authorizedUser
     tenant.domain = user.tid;
     let bResult: boolean = await tenantUnauthenticatedLookup(tenant, debug);
     if (bResult) {
-        // success, we at least got authority as a new bit of information at this point
+        // success, we now know instance of this tenant
         user.authority = tenant.authority;
         // do we have a logged in user from the same authority as this newly proposed tenant?
         let loggedInUser: User | undefined = ii.us.find((u: User) => (u.session === "Sign Out" && u.authority === user.authority));
         if (loggedInUser != null) {
-            // get tenant name and domain from AAD
+            // get tenant name and domain from AAD to pass to Configuration API
             result.result = await tenantRelationshipsGetById(user, ii, instance, tasks, debug);
             // if this is the first time, we have just gotten tenant info, then we must POST user and not-yet-onboarded tenant to back end
             if (result.result) {
@@ -1400,7 +1400,7 @@ export async function initGet(instance: IPublicClientApplication, authorizedUser
             return result;
         }
         else {
-            result.error = `${user.mail} insufficient privileges to lookup under authority: ${user.authority}.`;
+            result.error = `${user.mail} with insufficient privileges to lookup under authority: ${user.authority}.`;
             result.result = false;
             return result;
         }

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@mindline/sync",
   "type": "module",
-  "version": "1.0.42",
+  "version": "1.0.43",
   "types": "index.d.ts",
   "exports": "./index.ts",
   "description": "sync is a node.js package encapsulating javscript classes required for configuring Mindline sync service.",