@nsshunt/stsoauth2plugin 1.0.139 → 1.0.140

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/stsoauth2plugin.mjs +788 -858
  2. package/dist/stsoauth2plugin.mjs.map +1 -1
  3. package/dist/stsoauth2plugin.umd.js +791 -861
  4. package/dist/stsoauth2plugin.umd.js.map +1 -1
  5. package/package.json +6 -6
package/dist/stsoauth2plugin.umd.js CHANGED
@@ -1,27 +1,7 @@
1
1
  (function(global2, factory) {
2
2
  typeof exports === "object" && typeof module !== "undefined" ? factory(exports, require("vue"), require("node:worker_threads"), require("@nsshunt/stsutils"), require("@nsshunt/stsvueutils"), require("pinia"), require("@nsshunt/stsobservability"), require("axios"), require("node:http"), require("node:https")) : typeof define === "function" && define.amd ? define(["exports", "vue", "node:worker_threads", "@nsshunt/stsutils", "@nsshunt/stsvueutils", "pinia", "@nsshunt/stsobservability", "axios", "node:http", "node:https"], factory) : (global2 = typeof globalThis !== "undefined" ? globalThis : global2 || self, factory(global2["@nsshunt/stsoauth2plugin"] = {}, global2.vue, global2.worker_threads, global2.stsutils, global2.stsvueutils, global2.pinia, global2.stsobservability, global2.axios, global2.http, global2.https));
3
- })(this, function(exports2, vue, wt, stsutils, stsvueutils, pinia, stsobservability, axios, http, https) {
4
- "use strict";var __defProp = Object.defineProperty;
5
- var __typeError = (msg) => {
6
- throw TypeError(msg);
7
- };
8
- var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
9
- var __publicField = (obj, key, value) => __defNormalProp(obj, typeof key !== "symbol" ? key + "" : key, value);
10
- var __accessCheck = (obj, member, msg) => member.has(obj) || __typeError("Cannot " + msg);
11
- var __privateGet = (obj, member, getter) => (__accessCheck(obj, member, "read from private field"), getter ? getter.call(obj) : member.get(obj));
12
- var __privateAdd = (obj, member, value) => member.has(obj) ? __typeError("Cannot add the same private member more than once") : member instanceof WeakSet ? member.add(obj) : member.set(obj, value);
13
- var __privateSet = (obj, member, value, setter) => (__accessCheck(obj, member, "write to private field"), setter ? setter.call(obj, value) : member.set(obj, value), value);
14
- var __privateMethod = (obj, member, method) => (__accessCheck(obj, member, "access private method"), method);
15
- var __privateWrapper = (obj, member, setter, getter) => ({
16
- set _(value) {
17
- __privateSet(obj, member, value, setter);
18
- },
19
- get _() {
20
- return __privateGet(obj, member, getter);
21
- }
22
- });
23
-
24
- var _router, _STORAGE_AUTHORIZE_OPTIONS_KEY, _aic, _options, _oauth2ManagerPort, _messageId, _messageHandlers, _messageTimeout, _worker, _transactionStore, _operationSemaphore, _maxSemaphoreRetries, _semaphoreRetrySleep, _STSOAuth2Manager_instances, LogDebugMessage_fn, LogInfoMessage_fn, LogErrorMessage_fn, _ProcessMessageResponse, _PostMessage, _HandleLogEvent, _HandleUpdateInstrumentEvent, _GetStore, _HandleErrorEvent, _HandleAuthenticateEvent, _SetupRoute, _crypto, _clientSessionStore, _cUtils, _qParams, _STORAGE_SESSION_KEY, _oauthWorkerPort, _options2, _logger, _agentManager, _STSOAuth2Worker_instances, LogDebugMessage_fn2, LogInfoMessage_fn2, LogErrorMessage_fn2, _HandleAuthenticateEvent2, _HandleErrorEvent2, _LogMessage, _GetAccessToken, _GetCookies, _UpdateInstrument, _ProcessCommand, _RestoreSession, _Authorize, _HandleRedirect, _GetTokenFromBroker, _GetToken, _RefreshToken, _Logout;
3
+ })(this, (function(exports2, vue, wt, stsutils, stsvueutils, pinia, stsobservability, axios, http, https) {
4
+ "use strict";
25
5
  function _interopNamespaceDefault(e) {
26
6
  const n = Object.create(null, { [Symbol.toStringTag]: { value: "Module" } });
27
7
  if (e) {
@@ -1631,311 +1611,48 @@ var __privateWrapper = (obj, member, setter, getter) => ({
1631
1611
  */
1632
1612
  });
1633
1613
  class STSOAuth2Manager {
1614
+ #router = null;
1615
+ #STORAGE_AUTHORIZE_OPTIONS_KEY = "authorize_options.stsmda.com.au";
1616
+ #aic = null;
1617
+ #options;
1618
+ #oauth2ManagerPort;
1619
+ #messageId = 0;
1620
+ #messageHandlers = {};
1621
+ // keyed by messageId
1622
+ #messageTimeout = 1e4;
1623
+ #worker;
1624
+ #transactionStore;
1625
+ // Transient transaction data used to establish a session via OAuth2 authorize handshake
1626
+ #operationSemaphore = false;
1627
+ #maxSemaphoreRetries = 100;
1628
+ // 100 retries, i.e. allow 100 x 50 = 5000ms to unblock
1629
+ #semaphoreRetrySleep = 50;
1634
1630
  // ms
1635
1631
  constructor(app, options) {
1636
- __privateAdd(this, _STSOAuth2Manager_instances);
1637
- __privateAdd(this, _router, null);
1638
- __privateAdd(this, _STORAGE_AUTHORIZE_OPTIONS_KEY, "authorize_options.stsmda.com.au");
1639
- __privateAdd(this, _aic, null);
1640
- __privateAdd(this, _options);
1641
- __privateAdd(this, _oauth2ManagerPort);
1642
- __privateAdd(this, _messageId, 0);
1643
- __privateAdd(this, _messageHandlers, {});
1644
- // keyed by messageId
1645
- __privateAdd(this, _messageTimeout, 1e4);
1646
- __privateAdd(this, _worker);
1647
- __privateAdd(this, _transactionStore);
1648
- // Transient transaction data used to establish a session via OAuth2 authorize handshake
1649
- __privateAdd(this, _operationSemaphore, false);
1650
- __privateAdd(this, _maxSemaphoreRetries, 100);
1651
- // 100 retries, i.e. allow 100 x 50 = 5000ms to unblock
1652
- __privateAdd(this, _semaphoreRetrySleep, 50);
1653
- __privateAdd(this, _ProcessMessageResponse, (data) => {
1654
- const messageResponse = data;
1655
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, chalk.yellow(`STSOAuth2Manager:#ProcessMessageResponse: message data = [${JSON.stringify(messageResponse)}]`));
1656
- if (messageResponse.messageId === -1) {
1657
- switch (messageResponse.command) {
1658
- case IOauth2ListenerCommand.AUTHENTICATE_EVENT:
1659
- __privateGet(this, _HandleAuthenticateEvent).call(this, messageResponse.payload);
1660
- break;
1661
- case IOauth2ListenerCommand.ERROR:
1662
- __privateGet(this, _HandleErrorEvent).call(this, messageResponse.payload);
1663
- break;
1664
- case IOauth2ListenerCommand.LOG:
1665
- __privateGet(this, _HandleLogEvent).call(this, messageResponse.payload);
1666
- break;
1667
- case IOauth2ListenerCommand.UPDATE_INSTRUMENT:
1668
- __privateGet(this, _HandleUpdateInstrumentEvent).call(this, messageResponse.payload.instrumentName, messageResponse.payload.telemetry);
1669
- break;
1670
- default:
1671
- throw new Error(`ProcessMessageResponse command [${messageResponse.command}] not valid.`);
1672
- }
1673
- } else {
1674
- const callBack = __privateGet(this, _messageHandlers)[messageResponse.messageId];
1675
- if (callBack) {
1676
- callBack(messageResponse);
1677
- } else {
1678
- throw new Error(`Message: [${messageResponse.messageId}] does not exists in callBacks.`);
1679
- }
1680
- }
1681
- });
1682
- __privateAdd(this, _PostMessage, (message) => {
1683
- message.messageId = __privateWrapper(this, _messageId)._++;
1684
- return new Promise((resolve, reject) => {
1685
- const timeout = setTimeout(() => {
1686
- delete __privateGet(this, _messageHandlers)[message.messageId];
1687
- reject(`Message: [${message.messageId}] timeout error after: [${__privateGet(this, _messageTimeout)}] ms.`);
1688
- }, __privateGet(this, _messageTimeout));
1689
- __privateGet(this, _messageHandlers)[message.messageId] = (response) => {
1690
- clearTimeout(timeout);
1691
- delete __privateGet(this, _messageHandlers)[message.messageId];
1692
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, chalk.yellow(`STSOAuth2Manager:#PostMessage: resolve callback response= [${JSON.stringify(response)}]`));
1693
- resolve(response);
1694
- };
1695
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, chalk.yellow(`STSOAuth2Manager:#PostMessage: posting message = [${JSON.stringify(message)}]`));
1696
- __privateGet(this, _oauth2ManagerPort).postMessage(message);
1697
- });
1698
- });
1699
- __privateAdd(this, _HandleLogEvent, (message) => {
1700
- if (__privateGet(this, _aic)) {
1701
- __privateGet(this, _aic).LogEx(message);
1702
- }
1703
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, message);
1704
- });
1705
- // UpdateInstrument = (instrumentName: Gauge, telemetry: InstrumentBaseTelemetry): void => {
1706
- __privateAdd(this, _HandleUpdateInstrumentEvent, (instrumentName, telemetry) => {
1707
- if (__privateGet(this, _aic)) {
1708
- __privateGet(this, _aic).UpdateInstrument(instrumentName, telemetry);
1709
- }
1710
- });
1711
- __privateAdd(this, _GetStore, () => {
1712
- return STSOauth2Store(__privateGet(this, _options).pinia);
1713
- });
1714
- // Will come from message channel
1715
- __privateAdd(this, _HandleErrorEvent, (error) => {
1716
- if (isNode) ;
1717
- else {
1718
- __privateGet(this, _GetStore).call(this).UpdateError({
1719
- // Authorize applications store
1720
- message: error
1721
- });
1722
- setTimeout(() => {
1723
- __privateGet(this, _router).replace(`${__privateGet(this, _options).uriBase}error`);
1724
- }, 0);
1725
- }
1726
- });
1727
- __privateAdd(this, _HandleAuthenticateEvent, (id_token) => {
1728
- if (isNode) ;
1729
- else {
1730
- if (__privateGet(this, _options).authenticateEvent) {
1731
- __privateGet(this, _options).authenticateEvent(id_token);
1732
- }
1733
- __privateGet(this, _GetStore).call(this).UpdateIdToken(id_token);
1734
- }
1735
- });
1736
- __privateAdd(this, _SetupRoute, (app, router) => {
1737
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, chalk.gray(`STSOAuth2Manager:#SetupRoute`));
1738
- router.beforeEach(async (to, from, next) => {
1739
- const oAuth2Manager = app.config.globalProperties.$sts[STSOAuth2ManagerPluginKey];
1740
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, chalk.gray(`beforeEach: from: [${from.path}], to: [${to.path}]`));
1741
- if (__privateGet(this, _GetStore).call(this).LoggedIn === false) {
1742
- __privateMethod(this, _STSOAuth2Manager_instances, LogInfoMessage_fn).call(this, `Not logged in`);
1743
- if (to.path.localeCompare(`${__privateGet(this, _options).uriBase}authorize`) === 0) {
1744
- __privateMethod(this, _STSOAuth2Manager_instances, LogInfoMessage_fn).call(this, `to = ${__privateGet(this, _options).uriBase}authorize`);
1745
- next();
1746
- return;
1747
- } else if (to.path.localeCompare(`${__privateGet(this, _options).uriBase}consent`) === 0) {
1748
- if (__privateGet(this, _GetStore).call(this).id_token) {
1749
- next();
1750
- return;
1751
- }
1752
- }
1753
- if (to.path.localeCompare(`${__privateGet(this, _options).uriBase}logout`) === 0) {
1754
- next();
1755
- return;
1756
- }
1757
- if (to.path.localeCompare(`${__privateGet(this, _options).uriBase}error`) === 0) {
1758
- next();
1759
- return;
1760
- }
1761
- if (to.path.localeCompare(`${__privateGet(this, _options).uriBase}config`) === 0) {
1762
- next();
1763
- return;
1764
- }
1765
- if (to.path.localeCompare(`${__privateGet(this, _options).uriBase}redirected`) === 0) {
1766
- next();
1767
- return;
1768
- }
1769
- const str = to.query;
1770
- if (str[stsutils.OAuth2ParameterType.CODE] || str[stsutils.OAuth2ParameterType.ERROR]) {
1771
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, chalk.magenta(`STSOAuth2Manager:#SetupRoute:Processing redirect: [${JSON.stringify(str)}]`));
1772
- const retVal = await oAuth2Manager.HandleRedirect(str);
1773
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, chalk.magenta(`STSOAuth2Manager:#SetupRoute:Redirect result: [${retVal}]`));
1774
- if (retVal) {
1775
- next({
1776
- path: `${__privateGet(this, _options).uriBase}`,
1777
- replace: true
1778
- });
1779
- return;
1780
- } else {
1781
- next({
1782
- path: `${__privateGet(this, _options).uriBase}error`,
1783
- replace: true
1784
- });
1785
- return;
1786
- }
1787
- }
1788
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, `STSOAuth2Manager:#SetupRoute:Restoring session`);
1789
- const sessionRestored = await oAuth2Manager.RestoreSession();
1790
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, `STSOAuth2Manager:#SetupRoute:Session restored: [${sessionRestored}]`);
1791
- if (sessionRestored !== true) {
1792
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, `STSOAuth2Manager:#SetupRoute:Session not restored - need to authorize`);
1793
- oAuth2Manager.Authorize();
1794
- next();
1795
- return;
1796
- } else {
1797
- next(`${__privateGet(this, _options).uriBase}`);
1798
- return;
1799
- }
1800
- } else {
1801
- if (to.path.localeCompare(`${__privateGet(this, _options).uriBase}consent`) === 0) {
1802
- next(`${__privateGet(this, _options).uriBase}`);
1803
- return;
1804
- }
1805
- if (to.path.localeCompare(`${__privateGet(this, _options).uriBase}authorize`) === 0) {
1806
- next(`${__privateGet(this, _options).uriBase}`);
1807
- return;
1808
- }
1809
- if (to.path.localeCompare(`${__privateGet(this, _options).uriBase}logout`) === 0) {
1810
- next(`${__privateGet(this, _options).uriBase}`);
1811
- return;
1812
- }
1813
- next();
1814
- }
1815
- });
1816
- });
1817
- //@@ this needs to be re-implemented so that access_token never leaves the auth worker
1818
- __publicField(this, "GetAccessToken", async () => {
1819
- const response = await __privateGet(this, _PostMessage).call(this, { command: IOauth2ListenerCommand.ACCESS_TOKEN });
1820
- return response.payload;
1821
- });
1822
- // Update operation protected using operationSemaphore. This may occur when using workers and/or multiple async fetch operations.
1823
- __publicField(this, "ExecuteRefreshToken", async (retryCount = 0) => {
1824
- if (__privateGet(this, _operationSemaphore) === true) {
1825
- if (retryCount > __privateGet(this, _maxSemaphoreRetries)) {
1826
- throw new Error(`STSOAuth2Manager:ExecuteRefreshToken:maxSemaphoreRetries: [${__privateGet(this, _maxSemaphoreRetries)}] exceeded.`);
1827
- }
1828
- await stsutils.Sleep(__privateGet(this, _semaphoreRetrySleep));
1829
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, chalk.cyan(`STSOAuth2Manager:ExecuteRefreshToken:locked by operationSemaphore, retry count: [${retryCount}]`));
1830
- return await this.ExecuteRefreshToken(retryCount + 1);
1831
- } else {
1832
- __privateSet(this, _operationSemaphore, true);
1833
- const response = await __privateGet(this, _PostMessage).call(this, { command: IOauth2ListenerCommand.EXECUTE_REFRESH_TOKEN });
1834
- __privateSet(this, _operationSemaphore, false);
1835
- return response.payload;
1836
- }
1837
- });
1838
- __publicField(this, "GetCookies", async () => {
1839
- const response = await __privateGet(this, _PostMessage).call(this, { command: IOauth2ListenerCommand.COOKIES });
1840
- return response.payload;
1841
- });
1842
- __publicField(this, "RestoreSession", async () => {
1843
- try {
1844
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, `STSOAuth2Manager:RestoreSession:postMessage: [${IOauth2ListenerCommand.RESTORE_SESSION}]`);
1845
- const response = await __privateGet(this, _PostMessage).call(this, { command: IOauth2ListenerCommand.RESTORE_SESSION });
1846
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, `STSOAuth2Manager:RestoreSession:response: [${JSON.stringify(response.payload)}]`);
1847
- return response.payload;
1848
- } catch (error) {
1849
- __privateMethod(this, _STSOAuth2Manager_instances, LogErrorMessage_fn).call(this, chalk.red(`RestoreSession Error: ${error}`));
1850
- return false;
1851
- }
1852
- });
1853
- __publicField(this, "Authorize", async () => {
1854
- try {
1855
- const response = await __privateGet(this, _PostMessage).call(this, { command: IOauth2ListenerCommand.AUTHORIZE });
1856
- __privateGet(this, _transactionStore).set(__privateGet(this, _STORAGE_AUTHORIZE_OPTIONS_KEY), response.payload.authorizeOptions);
1857
- const url = response.payload.url;
1858
- if (!isNode) {
1859
- window.location.replace(url);
1860
- } else {
1861
- return response.payload.authorizeOptionsClientCopy;
1862
- }
1863
- } catch (error) {
1864
- __privateMethod(this, _STSOAuth2Manager_instances, LogErrorMessage_fn).call(this, chalk.red(`Authorize Error: ${error}`));
1865
- }
1866
- return {};
1867
- });
1868
- __publicField(this, "HandleRedirect", async (queryVars) => {
1869
- try {
1870
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, chalk.magenta(`STSOAuth2Manager:HandleRedirect`));
1871
- let response = null;
1872
- if (queryVars[stsutils.OAuth2ParameterType.CODE]) {
1873
- const authorizeOptions = __privateGet(this, _transactionStore).get(__privateGet(this, _STORAGE_AUTHORIZE_OPTIONS_KEY));
1874
- __privateGet(this, _transactionStore).remove(__privateGet(this, _STORAGE_AUTHORIZE_OPTIONS_KEY));
1875
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, chalk.magenta(`STSOAuth2Manager:HandleRedirect: sending HANDLE_REDIRECT command`));
1876
- response = await __privateGet(this, _PostMessage).call(this, { command: IOauth2ListenerCommand.HANDLE_REDIRECT, payload: {
1877
- queryVars,
1878
- authorizeOptions
1879
- } });
1880
- } else {
1881
- response = await __privateGet(this, _PostMessage).call(this, { command: IOauth2ListenerCommand.HANDLE_REDIRECT, payload: queryVars });
1882
- }
1883
- __privateMethod(this, _STSOAuth2Manager_instances, LogDebugMessage_fn).call(this, chalk.magenta(`STSOAuth2Manager:HandleRedirect: HANDLE_REDIRECT response: [${JSON.stringify(response)}]`));
1884
- return response.payload;
1885
- } catch (error) {
1886
- __privateMethod(this, _STSOAuth2Manager_instances, LogErrorMessage_fn).call(this, chalk.red(`HandleRedirect Error: ${error}`));
1887
- return false;
1888
- }
1889
- });
1890
- __publicField(this, "Logout", async () => {
1891
- try {
1892
- const response = await __privateGet(this, _PostMessage).call(this, { command: IOauth2ListenerCommand.LOGOUT });
1893
- return response.payload;
1894
- } catch (error) {
1895
- __privateMethod(this, _STSOAuth2Manager_instances, LogErrorMessage_fn).call(this, chalk.red(`Logout Error: ${error}`));
1896
- return false;
1897
- }
1898
- });
1899
- __publicField(this, "InvokeExternalAPI", async () => {
1900
- try {
1901
- const response = await __privateGet(this, _PostMessage).call(this, { command: IOauth2ListenerCommand.LOGOUT });
1902
- return response.payload;
1903
- } catch (error) {
1904
- __privateMethod(this, _STSOAuth2Manager_instances, LogErrorMessage_fn).call(this, chalk.red(`InvokeExternalAPI Error: ${error}`));
1905
- return null;
1906
- }
1907
- });
1908
- __publicField(this, "LoggedIn", () => {
1909
- try {
1910
- return __privateGet(this, _GetStore).call(this).LoggedIn;
1911
- } catch (error) {
1912
- return false;
1913
- }
1914
- });
1915
- __privateSet(this, _options, options);
1632
+ this.#options = options;
1916
1633
  if (!isNode) {
1917
1634
  if (app.config.globalProperties.$sts[stsobservability.STSInstrumentControllerPluginKey]) {
1918
1635
  const STSInstrumentController = app.config.globalProperties.$sts[stsobservability.STSInstrumentControllerPluginKey];
1919
- __privateSet(this, _aic, STSInstrumentController);
1636
+ this.#aic = STSInstrumentController;
1920
1637
  }
1921
- __privateSet(this, _router, app.config.globalProperties.$router);
1638
+ this.#router = app.config.globalProperties.$router;
1922
1639
  }
1923
1640
  if (isNode) {
1924
- __privateSet(this, _transactionStore, new stsvueutils.ClientStorageFactory({ clientStorageType: stsvueutils.ClientStorageType.MEMORY_STORAGE, usePrefix: false }).GetStorage());
1641
+ this.#transactionStore = new stsvueutils.ClientStorageFactory({ clientStorageType: stsvueutils.ClientStorageType.MEMORY_STORAGE, usePrefix: false }).GetStorage();
1925
1642
  } else {
1926
- __privateSet(this, _transactionStore, new stsvueutils.ClientStorageFactory({ clientStorageType: stsvueutils.ClientStorageType.SESSION_STORAGE, usePrefix: false }).GetStorage());
1643
+ this.#transactionStore = new stsvueutils.ClientStorageFactory({ clientStorageType: stsvueutils.ClientStorageType.SESSION_STORAGE, usePrefix: false }).GetStorage();
1927
1644
  }
1928
- if (__privateGet(this, _options).workerFactory) {
1929
- __privateSet(this, _worker, __privateGet(this, _options).workerFactory());
1645
+ if (this.#options.workerFactory) {
1646
+ this.#worker = this.#options.workerFactory();
1930
1647
  } else {
1931
1648
  throw new Error(`STSOAuth2Manager:constructor: Cannot init STSOAuth2Manager - this.#options.workerFactory not specified`);
1932
1649
  }
1933
1650
  if (!isNode) {
1934
- __privateGet(this, _worker).onmessage = (data) => {
1935
- __privateMethod(this, _STSOAuth2Manager_instances, LogInfoMessage_fn).call(this, chalk.green(`this.#worker.onmessage = [${data}]`));
1651
+ this.#worker.onmessage = (data) => {
1652
+ this.#LogInfoMessage(chalk.green(`this.#worker.onmessage = [${data}]`));
1936
1653
  };
1937
- __privateGet(this, _worker).onerror = (error) => {
1938
- __privateMethod(this, _STSOAuth2Manager_instances, LogInfoMessage_fn).call(this, chalk.green(`this.#worker.onerror = [${JSON.stringify(error)}]`));
1654
+ this.#worker.onerror = (error) => {
1655
+ this.#LogInfoMessage(chalk.green(`this.#worker.onerror = [${JSON.stringify(error)}]`));
1939
1656
  };
1940
1657
  }
1941
1658
  let workerMessage;
@@ -1946,14 +1663,14 @@ var __privateWrapper = (obj, member, setter, getter) => ({
1946
1663
  port2: oauth2WorkerPort
1947
1664
  // worker port
1948
1665
  } = new wt__namespace.MessageChannel();
1949
- __privateSet(this, _oauth2ManagerPort, oauth2ManagerPort);
1666
+ this.#oauth2ManagerPort = oauth2ManagerPort;
1950
1667
  workerMessage = {
1951
1668
  workerPort: oauth2WorkerPort,
1952
- options: __privateGet(this, _options).workerOptions
1669
+ options: this.#options.workerOptions
1953
1670
  };
1954
- __privateGet(this, _worker).postMessage(workerMessage, [oauth2WorkerPort]);
1955
- __privateGet(this, _oauth2ManagerPort).on("message", (payload) => {
1956
- __privateGet(this, _ProcessMessageResponse).call(this, payload);
1671
+ this.#worker.postMessage(workerMessage, [oauth2WorkerPort]);
1672
+ this.#oauth2ManagerPort.on("message", (payload) => {
1673
+ this.#ProcessMessageResponse(payload);
1957
1674
  }).unref();
1958
1675
  } else {
1959
1676
  const {
@@ -1962,50 +1679,290 @@ var __privateWrapper = (obj, member, setter, getter) => ({
1962
1679
  port2: oauth2WorkerPort
1963
1680
  // worker port
1964
1681
  } = new MessageChannel();
1965
- __privateSet(this, _oauth2ManagerPort, oauth2ManagerPort);
1682
+ this.#oauth2ManagerPort = oauth2ManagerPort;
1966
1683
  workerMessage = {
1967
1684
  workerPort: oauth2WorkerPort,
1968
- options: __privateGet(this, _options).workerOptions
1685
+ options: this.#options.workerOptions
1969
1686
  };
1970
- __privateGet(this, _worker).postMessage(workerMessage, [oauth2WorkerPort]);
1971
- __privateGet(this, _oauth2ManagerPort).onmessage = (data) => {
1972
- __privateGet(this, _ProcessMessageResponse).call(this, data.data);
1687
+ this.#worker.postMessage(workerMessage, [oauth2WorkerPort]);
1688
+ this.#oauth2ManagerPort.onmessage = (data) => {
1689
+ this.#ProcessMessageResponse(data.data);
1973
1690
  };
1974
- __privateGet(this, _SetupRoute).call(this, app, __privateGet(this, _router));
1691
+ this.#SetupRoute(app, this.#router);
1975
1692
  }
1976
1693
  }
1694
+ #LogDebugMessage(message) {
1695
+ this.#options.logger.debug(message);
1696
+ }
1697
+ #LogInfoMessage(message) {
1698
+ this.#options.logger.info(message);
1699
+ }
1700
+ #LogErrorMessage(message) {
1701
+ this.#options.logger.error(message);
1702
+ }
1703
+ #ProcessMessageResponse = (data) => {
1704
+ const messageResponse = data;
1705
+ this.#LogDebugMessage(chalk.yellow(`STSOAuth2Manager:#ProcessMessageResponse: message data = [${JSON.stringify(messageResponse)}]`));
1706
+ if (messageResponse.messageId === -1) {
1707
+ switch (messageResponse.command) {
1708
+ case IOauth2ListenerCommand.AUTHENTICATE_EVENT:
1709
+ this.#HandleAuthenticateEvent(messageResponse.payload);
1710
+ break;
1711
+ case IOauth2ListenerCommand.ERROR:
1712
+ this.#HandleErrorEvent(messageResponse.payload);
1713
+ break;
1714
+ case IOauth2ListenerCommand.LOG:
1715
+ this.#HandleLogEvent(messageResponse.payload);
1716
+ break;
1717
+ case IOauth2ListenerCommand.UPDATE_INSTRUMENT:
1718
+ this.#HandleUpdateInstrumentEvent(messageResponse.payload.instrumentName, messageResponse.payload.telemetry);
1719
+ break;
1720
+ default:
1721
+ throw new Error(`ProcessMessageResponse command [${messageResponse.command}] not valid.`);
1722
+ }
1723
+ } else {
1724
+ const callBack = this.#messageHandlers[messageResponse.messageId];
1725
+ if (callBack) {
1726
+ callBack(messageResponse);
1727
+ } else {
1728
+ throw new Error(`Message: [${messageResponse.messageId}] does not exists in callBacks.`);
1729
+ }
1730
+ }
1731
+ };
1732
+ #PostMessage = (message) => {
1733
+ message.messageId = this.#messageId++;
1734
+ return new Promise((resolve, reject) => {
1735
+ const timeout = setTimeout(() => {
1736
+ delete this.#messageHandlers[message.messageId];
1737
+ reject(`Message: [${message.messageId}] timeout error after: [${this.#messageTimeout}] ms.`);
1738
+ }, this.#messageTimeout);
1739
+ this.#messageHandlers[message.messageId] = (response) => {
1740
+ clearTimeout(timeout);
1741
+ delete this.#messageHandlers[message.messageId];
1742
+ this.#LogDebugMessage(chalk.yellow(`STSOAuth2Manager:#PostMessage: resolve callback response= [${JSON.stringify(response)}]`));
1743
+ resolve(response);
1744
+ };
1745
+ this.#LogDebugMessage(chalk.yellow(`STSOAuth2Manager:#PostMessage: posting message = [${JSON.stringify(message)}]`));
1746
+ this.#oauth2ManagerPort.postMessage(message);
1747
+ });
1748
+ };
1749
+ #HandleLogEvent = (message) => {
1750
+ if (this.#aic) {
1751
+ this.#aic.LogEx(message);
1752
+ }
1753
+ this.#LogDebugMessage(message);
1754
+ };
1755
+ // UpdateInstrument = (instrumentName: Gauge, telemetry: InstrumentBaseTelemetry): void => {
1756
+ #HandleUpdateInstrumentEvent = (instrumentName, telemetry) => {
1757
+ if (this.#aic) {
1758
+ this.#aic.UpdateInstrument(instrumentName, telemetry);
1759
+ }
1760
+ };
1761
+ #GetStore = () => {
1762
+ return STSOauth2Store(this.#options.pinia);
1763
+ };
1764
+ // Will come from message channel
1765
+ #HandleErrorEvent = (error) => {
1766
+ if (isNode) ;
1767
+ else {
1768
+ this.#GetStore().UpdateError({
1769
+ // Authorize applications store
1770
+ message: error
1771
+ });
1772
+ setTimeout(() => {
1773
+ this.#router.replace(`${this.#options.uriBase}error`);
1774
+ }, 0);
1775
+ }
1776
+ };
1777
+ #HandleAuthenticateEvent = (id_token) => {
1778
+ if (isNode) ;
1779
+ else {
1780
+ if (this.#options.authenticateEvent) {
1781
+ this.#options.authenticateEvent(id_token);
1782
+ }
1783
+ this.#GetStore().UpdateIdToken(id_token);
1784
+ }
1785
+ };
1786
+ #SetupRoute = (app, router) => {
1787
+ this.#LogDebugMessage(chalk.gray(`STSOAuth2Manager:#SetupRoute`));
1788
+ router.beforeEach(async (to, from, next) => {
1789
+ const oAuth2Manager = app.config.globalProperties.$sts[STSOAuth2ManagerPluginKey];
1790
+ this.#LogDebugMessage(chalk.gray(`beforeEach: from: [${from.path}], to: [${to.path}]`));
1791
+ if (this.#GetStore().LoggedIn === false) {
1792
+ this.#LogInfoMessage(`Not logged in`);
1793
+ if (to.path.localeCompare(`${this.#options.uriBase}authorize`) === 0) {
1794
+ this.#LogInfoMessage(`to = ${this.#options.uriBase}authorize`);
1795
+ next();
1796
+ return;
1797
+ } else if (to.path.localeCompare(`${this.#options.uriBase}consent`) === 0) {
1798
+ if (this.#GetStore().id_token) {
1799
+ next();
1800
+ return;
1801
+ }
1802
+ }
1803
+ if (to.path.localeCompare(`${this.#options.uriBase}logout`) === 0) {
1804
+ next();
1805
+ return;
1806
+ }
1807
+ if (to.path.localeCompare(`${this.#options.uriBase}error`) === 0) {
1808
+ next();
1809
+ return;
1810
+ }
1811
+ if (to.path.localeCompare(`${this.#options.uriBase}config`) === 0) {
1812
+ next();
1813
+ return;
1814
+ }
1815
+ if (to.path.localeCompare(`${this.#options.uriBase}redirected`) === 0) {
1816
+ next();
1817
+ return;
1818
+ }
1819
+ const str = to.query;
1820
+ if (str[stsutils.OAuth2ParameterType.CODE] || str[stsutils.OAuth2ParameterType.ERROR]) {
1821
+ this.#LogDebugMessage(chalk.magenta(`STSOAuth2Manager:#SetupRoute:Processing redirect: [${JSON.stringify(str)}]`));
1822
+ const retVal = await oAuth2Manager.HandleRedirect(str);
1823
+ this.#LogDebugMessage(chalk.magenta(`STSOAuth2Manager:#SetupRoute:Redirect result: [${retVal}]`));
1824
+ if (retVal) {
1825
+ next({
1826
+ path: `${this.#options.uriBase}`,
1827
+ replace: true
1828
+ });
1829
+ return;
1830
+ } else {
1831
+ next({
1832
+ path: `${this.#options.uriBase}error`,
1833
+ replace: true
1834
+ });
1835
+ return;
1836
+ }
1837
+ }
1838
+ this.#LogDebugMessage(`STSOAuth2Manager:#SetupRoute:Restoring session`);
1839
+ const sessionRestored = await oAuth2Manager.RestoreSession();
1840
+ this.#LogDebugMessage(`STSOAuth2Manager:#SetupRoute:Session restored: [${sessionRestored}]`);
1841
+ if (sessionRestored !== true) {
1842
+ this.#LogDebugMessage(`STSOAuth2Manager:#SetupRoute:Session not restored - need to authorize`);
1843
+ oAuth2Manager.Authorize();
1844
+ next();
1845
+ return;
1846
+ } else {
1847
+ next(`${this.#options.uriBase}`);
1848
+ return;
1849
+ }
1850
+ } else {
1851
+ if (to.path.localeCompare(`${this.#options.uriBase}consent`) === 0) {
1852
+ next(`${this.#options.uriBase}`);
1853
+ return;
1854
+ }
1855
+ if (to.path.localeCompare(`${this.#options.uriBase}authorize`) === 0) {
1856
+ next(`${this.#options.uriBase}`);
1857
+ return;
1858
+ }
1859
+ if (to.path.localeCompare(`${this.#options.uriBase}logout`) === 0) {
1860
+ next(`${this.#options.uriBase}`);
1861
+ return;
1862
+ }
1863
+ next();
1864
+ }
1865
+ });
1866
+ };
1867
+ //@@ this needs to be re-implemented so that access_token never leaves the auth worker
1868
+ GetAccessToken = async () => {
1869
+ const response = await this.#PostMessage({ command: IOauth2ListenerCommand.ACCESS_TOKEN });
1870
+ return response.payload;
1871
+ };
1872
+ // Update operation protected using operationSemaphore. This may occur when using workers and/or multiple async fetch operations.
1873
+ ExecuteRefreshToken = async (retryCount = 0) => {
1874
+ if (this.#operationSemaphore === true) {
1875
+ if (retryCount > this.#maxSemaphoreRetries) {
1876
+ throw new Error(`STSOAuth2Manager:ExecuteRefreshToken:maxSemaphoreRetries: [${this.#maxSemaphoreRetries}] exceeded.`);
1877
+ }
1878
+ await stsutils.Sleep(this.#semaphoreRetrySleep);
1879
+ this.#LogDebugMessage(chalk.cyan(`STSOAuth2Manager:ExecuteRefreshToken:locked by operationSemaphore, retry count: [${retryCount}]`));
1880
+ return await this.ExecuteRefreshToken(retryCount + 1);
1881
+ } else {
1882
+ this.#operationSemaphore = true;
1883
+ const response = await this.#PostMessage({ command: IOauth2ListenerCommand.EXECUTE_REFRESH_TOKEN });
1884
+ this.#operationSemaphore = false;
1885
+ return response.payload;
1886
+ }
1887
+ };
1888
+ GetCookies = async () => {
1889
+ const response = await this.#PostMessage({ command: IOauth2ListenerCommand.COOKIES });
1890
+ return response.payload;
1891
+ };
1892
+ RestoreSession = async () => {
1893
+ try {
1894
+ this.#LogDebugMessage(`STSOAuth2Manager:RestoreSession:postMessage: [${IOauth2ListenerCommand.RESTORE_SESSION}]`);
1895
+ const response = await this.#PostMessage({ command: IOauth2ListenerCommand.RESTORE_SESSION });
1896
+ this.#LogDebugMessage(`STSOAuth2Manager:RestoreSession:response: [${JSON.stringify(response.payload)}]`);
1897
+ return response.payload;
1898
+ } catch (error) {
1899
+ this.#LogErrorMessage(chalk.red(`RestoreSession Error: ${error}`));
1900
+ return false;
1901
+ }
1902
+ };
1903
+ Authorize = async () => {
1904
+ try {
1905
+ const response = await this.#PostMessage({ command: IOauth2ListenerCommand.AUTHORIZE });
1906
+ this.#transactionStore.set(this.#STORAGE_AUTHORIZE_OPTIONS_KEY, response.payload.authorizeOptions);
1907
+ const url = response.payload.url;
1908
+ if (!isNode) {
1909
+ window.location.replace(url);
1910
+ } else {
1911
+ return response.payload.authorizeOptionsClientCopy;
1912
+ }
1913
+ } catch (error) {
1914
+ this.#LogErrorMessage(chalk.red(`Authorize Error: ${error}`));
1915
+ }
1916
+ return {};
1917
+ };
1918
+ HandleRedirect = async (queryVars) => {
1919
+ try {
1920
+ this.#LogDebugMessage(chalk.magenta(`STSOAuth2Manager:HandleRedirect`));
1921
+ let response = null;
1922
+ if (queryVars[stsutils.OAuth2ParameterType.CODE]) {
1923
+ const authorizeOptions = this.#transactionStore.get(this.#STORAGE_AUTHORIZE_OPTIONS_KEY);
1924
+ this.#transactionStore.remove(this.#STORAGE_AUTHORIZE_OPTIONS_KEY);
1925
+ this.#LogDebugMessage(chalk.magenta(`STSOAuth2Manager:HandleRedirect: sending HANDLE_REDIRECT command`));
1926
+ response = await this.#PostMessage({ command: IOauth2ListenerCommand.HANDLE_REDIRECT, payload: {
1927
+ queryVars,
1928
+ authorizeOptions
1929
+ } });
1930
+ } else {
1931
+ response = await this.#PostMessage({ command: IOauth2ListenerCommand.HANDLE_REDIRECT, payload: queryVars });
1932
+ }
1933
+ this.#LogDebugMessage(chalk.magenta(`STSOAuth2Manager:HandleRedirect: HANDLE_REDIRECT response: [${JSON.stringify(response)}]`));
1934
+ return response.payload;
1935
+ } catch (error) {
1936
+ this.#LogErrorMessage(chalk.red(`HandleRedirect Error: ${error}`));
1937
+ return false;
1938
+ }
1939
+ };
1940
+ Logout = async () => {
1941
+ try {
1942
+ const response = await this.#PostMessage({ command: IOauth2ListenerCommand.LOGOUT });
1943
+ return response.payload;
1944
+ } catch (error) {
1945
+ this.#LogErrorMessage(chalk.red(`Logout Error: ${error}`));
1946
+ return false;
1947
+ }
1948
+ };
1949
+ InvokeExternalAPI = async () => {
1950
+ try {
1951
+ const response = await this.#PostMessage({ command: IOauth2ListenerCommand.LOGOUT });
1952
+ return response.payload;
1953
+ } catch (error) {
1954
+ this.#LogErrorMessage(chalk.red(`InvokeExternalAPI Error: ${error}`));
1955
+ return null;
1956
+ }
1957
+ };
1958
+ LoggedIn = () => {
1959
+ try {
1960
+ return this.#GetStore().LoggedIn;
1961
+ } catch (error) {
1962
+ return false;
1963
+ }
1964
+ };
1977
1965
  }
1978
- _router = new WeakMap();
1979
- _STORAGE_AUTHORIZE_OPTIONS_KEY = new WeakMap();
1980
- _aic = new WeakMap();
1981
- _options = new WeakMap();
1982
- _oauth2ManagerPort = new WeakMap();
1983
- _messageId = new WeakMap();
1984
- _messageHandlers = new WeakMap();
1985
- _messageTimeout = new WeakMap();
1986
- _worker = new WeakMap();
1987
- _transactionStore = new WeakMap();
1988
- _operationSemaphore = new WeakMap();
1989
- _maxSemaphoreRetries = new WeakMap();
1990
- _semaphoreRetrySleep = new WeakMap();
1991
- _STSOAuth2Manager_instances = new WeakSet();
1992
- LogDebugMessage_fn = function(message) {
1993
- __privateGet(this, _options).logger.debug(message);
1994
- };
1995
- LogInfoMessage_fn = function(message) {
1996
- __privateGet(this, _options).logger.info(message);
1997
- };
1998
- LogErrorMessage_fn = function(message) {
1999
- __privateGet(this, _options).logger.error(message);
2000
- };
2001
- _ProcessMessageResponse = new WeakMap();
2002
- _PostMessage = new WeakMap();
2003
- _HandleLogEvent = new WeakMap();
2004
- _HandleUpdateInstrumentEvent = new WeakMap();
2005
- _GetStore = new WeakMap();
2006
- _HandleErrorEvent = new WeakMap();
2007
- _HandleAuthenticateEvent = new WeakMap();
2008
- _SetupRoute = new WeakMap();
2009
1966
  var sha256$2 = { exports: {} };
2010
1967
  function commonjsRequire(path) {
2011
1968
  throw new Error('Could not dynamically require "' + path + '". Please configure the dynamicRequireTargets or/and ignoreDynamicRequires option of @rollup/plugin-commonjs appropriately for this require call to work.');
@@ -2022,7 +1979,7 @@ var __privateWrapper = (obj, member, setter, getter) => ({
2022
1979
  module2.exports = factory();
2023
1980
  }
2024
1981
  })(core, function() {
2025
- var CryptoJS = CryptoJS || function(Math2, undefined$1) {
1982
+ var CryptoJS = CryptoJS || (function(Math2, undefined$1) {
2026
1983
  var crypto2;
2027
1984
  if (typeof window !== "undefined" && window.crypto) {
2028
1985
  crypto2 = window.crypto;
@@ -2062,7 +2019,7 @@ var __privateWrapper = (obj, member, setter, getter) => ({
2062
2019
  }
2063
2020
  throw new Error("Native crypto module could not be used to get secure random number.");
2064
2021
  };
2065
- var create = Object.create || /* @__PURE__ */ function() {
2022
+ var create = Object.create || /* @__PURE__ */ (function() {
2066
2023
  function F() {
2067
2024
  }
2068
2025
  return function(obj) {
@@ -2072,10 +2029,10 @@ var __privateWrapper = (obj, member, setter, getter) => ({
2072
2029
  F.prototype = null;
2073
2030
  return subtype;
2074
2031
  };
2075
- }();
2032
+ })();
2076
2033
  var C = {};
2077
2034
  var C_lib = C.lib = {};
2078
- var Base = C_lib.Base = /* @__PURE__ */ function() {
2035
+ var Base = C_lib.Base = /* @__PURE__ */ (function() {
2079
2036
  return {
2080
2037
  /**
2081
2038
  * Creates a new object that inherits from this object.
@@ -2174,7 +2131,7 @@ var __privateWrapper = (obj, member, setter, getter) => ({
2174
2131
  return this.init.prototype.extend(this);
2175
2132
  }
2176
2133
  };
2177
- }();
2134
+ })();
2178
2135
  var WordArray = C_lib.WordArray = Base.extend({
2179
2136
  /**
2180
2137
  * Initializes a newly created word array.
@@ -2612,7 +2569,7 @@ var __privateWrapper = (obj, member, setter, getter) => ({
2612
2569
  });
2613
2570
  var C_algo = C.algo = {};
2614
2571
  return C;
2615
- }(Math);
2572
+ })(Math);
2616
2573
  return CryptoJS;
2617
2574
  });
2618
2575
  })(core$1);
@@ -2851,62 +2808,59 @@ var __privateWrapper = (obj, member, setter, getter) => ({
2851
2808
  var encBase64Exports = requireEncBase64();
2852
2809
  const Base64 = /* @__PURE__ */ getDefaultExportFromCjs(encBase64Exports);
2853
2810
  class CryptoUtils {
2811
+ #crypto;
2854
2812
  constructor() {
2855
- __privateAdd(this, _crypto);
2856
- __publicField(this, "DigestMessage", async function(message) {
2857
- const hashDigest = sha256(message);
2858
- return Base64.stringify(hashDigest);
2859
- });
2860
- __publicField(this, "CreateRandomString", (size = 43) => {
2861
- const randomValues = Array.from(__privateGet(this, _crypto).getRandomValues(new Uint8Array(size)));
2862
- const b64 = btoa(String.fromCharCode(...randomValues));
2863
- return b64;
2864
- });
2865
2813
  try {
2866
- __privateSet(this, _crypto, crypto);
2814
+ this.#crypto = crypto;
2867
2815
  } catch {
2868
- __privateSet(this, _crypto, require("node:crypto"));
2816
+ this.#crypto = require("node:crypto");
2869
2817
  }
2870
2818
  }
2819
+ DigestMessage = async function(message) {
2820
+ const hashDigest = sha256(message);
2821
+ return Base64.stringify(hashDigest);
2822
+ };
2823
+ CreateRandomString = (size = 43) => {
2824
+ const randomValues = Array.from(this.#crypto.getRandomValues(new Uint8Array(size)));
2825
+ const b64 = btoa(String.fromCharCode(...randomValues));
2826
+ return b64;
2827
+ };
2871
2828
  }
2872
- _crypto = new WeakMap();
2873
2829
  class QueryParams {
2874
- constructor() {
2875
- __publicField(this, "DecodeQueryParams", (params) => {
2876
- const retObj = {};
2877
- Object.keys(params).filter((k) => typeof params[k] !== "undefined").map((k) => {
2878
- retObj[decodeURIComponent(k)] = decodeURIComponent(params[k]);
2879
- });
2880
- return retObj;
2830
+ DecodeQueryParams = (params) => {
2831
+ const retObj = {};
2832
+ Object.keys(params).filter((k) => typeof params[k] !== "undefined").map((k) => {
2833
+ retObj[decodeURIComponent(k)] = decodeURIComponent(params[k]);
2881
2834
  });
2882
- __publicField(this, "CreateQueryParams", (params) => {
2883
- return Object.keys(params).filter((k) => typeof params[k] !== "undefined").map((k) => {
2884
- if (Array.isArray(params[k])) {
2885
- return encodeURIComponent(k) + "=" + encodeURIComponent(params[k].join(" "));
2886
- } else {
2887
- return encodeURIComponent(k) + "=" + encodeURIComponent(params[k]);
2888
- }
2889
- }).join("&");
2890
- });
2891
- __publicField(this, "_GetQueryParams", (param) => {
2892
- let retVal = {};
2893
- const uri = param.split("?");
2894
- if (uri.length == 2) {
2895
- const vars = uri[1].split("&");
2896
- const getVars = {};
2897
- let tmp;
2898
- vars.forEach(function(v) {
2899
- tmp = v.split("=");
2900
- if (tmp.length == 2) getVars[tmp[0]] = tmp[1];
2901
- });
2902
- retVal = this.DecodeQueryParams(getVars);
2835
+ return retObj;
2836
+ };
2837
+ CreateQueryParams = (params) => {
2838
+ return Object.keys(params).filter((k) => typeof params[k] !== "undefined").map((k) => {
2839
+ if (Array.isArray(params[k])) {
2840
+ return encodeURIComponent(k) + "=" + encodeURIComponent(params[k].join(" "));
2841
+ } else {
2842
+ return encodeURIComponent(k) + "=" + encodeURIComponent(params[k]);
2903
2843
  }
2904
- return retVal;
2905
- });
2906
- __publicField(this, "GetQueryParams", () => {
2907
- return this._GetQueryParams(window.location.href);
2908
- });
2909
- }
2844
+ }).join("&");
2845
+ };
2846
+ _GetQueryParams = (param) => {
2847
+ let retVal = {};
2848
+ const uri = param.split("?");
2849
+ if (uri.length == 2) {
2850
+ const vars = uri[1].split("&");
2851
+ const getVars = {};
2852
+ let tmp;
2853
+ vars.forEach(function(v) {
2854
+ tmp = v.split("=");
2855
+ if (tmp.length == 2) getVars[tmp[0]] = tmp[1];
2856
+ });
2857
+ retVal = this.DecodeQueryParams(getVars);
2858
+ }
2859
+ return retVal;
2860
+ };
2861
+ GetQueryParams = () => {
2862
+ return this._GetQueryParams(window.location.href);
2863
+ };
2910
2864
  }
2911
2865
  var StatusCodes;
2912
2866
  (function(StatusCodes2) {
@@ -2970,494 +2924,470 @@ var __privateWrapper = (obj, member, setter, getter) => ({
2970
2924
  StatusCodes2[StatusCodes2["NETWORK_AUTHENTICATION_REQUIRED"] = 511] = "NETWORK_AUTHENTICATION_REQUIRED";
2971
2925
  })(StatusCodes || (StatusCodes = {}));
2972
2926
  class STSOAuth2Worker {
2927
+ //#storageManager = null;
2928
+ #clientSessionStore;
2929
+ #cUtils = new CryptoUtils();
2930
+ #qParams = new QueryParams();
2931
+ #STORAGE_SESSION_KEY = "session.stsmda.com.au";
2932
+ //@@#aic = null;
2933
+ #oauthWorkerPort;
2934
+ #options;
2935
+ #logger;
2936
+ #agentManager = null;
2973
2937
  constructor(workerPort, options, logger) {
2974
- __privateAdd(this, _STSOAuth2Worker_instances);
2975
- //#storageManager = null;
2976
- __privateAdd(this, _clientSessionStore);
2977
- __privateAdd(this, _cUtils, new CryptoUtils());
2978
- __privateAdd(this, _qParams, new QueryParams());
2979
- __privateAdd(this, _STORAGE_SESSION_KEY, "session.stsmda.com.au");
2980
- //@@#aic = null;
2981
- __privateAdd(this, _oauthWorkerPort);
2982
- __privateAdd(this, _options2);
2983
- __privateAdd(this, _logger);
2984
- __privateAdd(this, _agentManager, null);
2985
- // Attempt to restore a previous session using the STSBroker
2986
- /*
2987
- { parameterType: OAuth2ParameterType.CLIENT_ID, errorType: authErrorType.CLIENT_ID_MISMATCH },
2988
- { parameterType: OAuth2ParameterType.SCOPE, errorType: authErrorType.SCOPE_MISMATCH }
2989
- { parameterType: OAuth2ParameterType.REDIRECT_URI, errorType: authErrorType.REDIRECT_URI_MISMATCH },
2990
- { parameterType: OAuth2ParameterType.AUDIENCE, errorType: authErrorType.SCOPE_MISMATCH }
2991
-
2992
- Successful Response
2993
- {
2994
- "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...",
2995
- "token_type": "Bearer",
2996
- "expires_in": 3599,
2997
- "scope": "https%3A%2F%2Fgraph.microsoft.com%2Fmail.read",
2998
- "refresh_token": "AwABAAAAvPM1KaPlrEqdFSBzjqfTGAMxZGUTdM0t4B4...",
2999
- "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIyZDRkMTFhMi1mODE0LTQ2YTctOD...",
3000
- }
3001
-
3002
- Error Response
3003
- {
3004
- "error": "invalid_scope",
3005
- "error_description": "AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope https://foo.microsoft.com/mail.read is not valid.\r\nTrace ID: 255d1aef-8c98-452f-ac51-23d051240864\r\nCorrelation ID: fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7\r\nTimestamp: 2016-01-09 02:02:12Z",
3006
- "error_codes": [
3007
- 70011
3008
- ],
3009
- "timestamp": "2016-01-09 02:02:12Z",
2938
+ this.#options = options;
2939
+ this.#logger = logger;
2940
+ this.#LogDebugMessage(`STSOAuth2Worker:constructor:#options: [${JSON.stringify(this.#options)}]`);
2941
+ this.#clientSessionStore = new stsvueutils.ClientStorageFactory({ clientStorageType: stsvueutils.ClientStorageType.MEMORY_STORAGE, usePrefix: false }).GetStorage();
2942
+ this.#oauthWorkerPort = workerPort;
2943
+ this.#LogDebugMessage(`STSOAuth2Worker:constructor:#oauthWorkerPort: [${JSON.stringify(this.#oauthWorkerPort)}]`);
2944
+ if (isNode && this.#options.agentOptions) {
2945
+ this.#agentManager = new stsutils.AgentManager({
2946
+ agentOptions: this.#options.agentOptions,
2947
+ httpAgentFactory(options2) {
2948
+ return new http.Agent(options2);
2949
+ },
2950
+ httpsAgentFactory(options2) {
2951
+ return new https.Agent(options2);
3010
2952
  }
3011
-
3012
- */
3013
- __privateAdd(this, _HandleAuthenticateEvent2, (id_token) => {
3014
- const message = {
3015
- messageId: -1,
3016
- // un-solicited message
3017
- command: IOauth2ListenerCommand.AUTHENTICATE_EVENT
3018
- };
3019
- __privateGet(this, _ProcessCommand).call(this, message, id_token);
3020
- });
3021
- // eslint-disable-next-line @typescript-eslint/no-explicit-any
3022
- __privateAdd(this, _HandleErrorEvent2, (error) => {
3023
- const message = {
3024
- messageId: -1,
3025
- // un-solicited message
3026
- command: IOauth2ListenerCommand.ERROR
3027
- };
3028
- __privateGet(this, _ProcessCommand).call(this, message, error);
3029
- });
3030
- __privateAdd(this, _LogMessage, (messageToSend) => {
3031
- const message = {
3032
- messageId: -1,
3033
- // un-solicited message
3034
- command: IOauth2ListenerCommand.LOG
3035
- };
3036
- __privateGet(this, _ProcessCommand).call(this, message, messageToSend);
2953
+ });
2954
+ }
2955
+ this.SetupListener();
2956
+ this.#UpdateInstrument(stsobservability.Gauge.LOGGER, {
2957
+ LogMessage: `STSOauth2 Plugin - Successfully Loaded`
3037
2958
  });
3038
- __privateAdd(this, _GetAccessToken, () => {
3039
- const sessionData = __privateGet(this, _clientSessionStore).get(__privateGet(this, _STORAGE_SESSION_KEY));
2959
+ }
2960
+ // eslint-disable-next-line @typescript-eslint/no-explicit-any
2961
+ #LogDebugMessage(message) {
2962
+ this.#logger.debug(message);
2963
+ }
2964
+ // eslint-disable-next-line @typescript-eslint/no-explicit-any
2965
+ #LogInfoMessage(message) {
2966
+ this.#logger.info(message);
2967
+ }
2968
+ // eslint-disable-next-line @typescript-eslint/no-explicit-any
2969
+ #LogErrorMessage(message) {
2970
+ this.#logger.error(message);
2971
+ }
2972
+ // Attempt to restore a previous session using the STSBroker
2973
+ /*
2974
+ { parameterType: OAuth2ParameterType.CLIENT_ID, errorType: authErrorType.CLIENT_ID_MISMATCH },
2975
+ { parameterType: OAuth2ParameterType.SCOPE, errorType: authErrorType.SCOPE_MISMATCH }
2976
+ { parameterType: OAuth2ParameterType.REDIRECT_URI, errorType: authErrorType.REDIRECT_URI_MISMATCH },
2977
+ { parameterType: OAuth2ParameterType.AUDIENCE, errorType: authErrorType.SCOPE_MISMATCH }
2978
+
2979
+ Successful Response
2980
+ {
2981
+ "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...",
2982
+ "token_type": "Bearer",
2983
+ "expires_in": 3599,
2984
+ "scope": "https%3A%2F%2Fgraph.microsoft.com%2Fmail.read",
2985
+ "refresh_token": "AwABAAAAvPM1KaPlrEqdFSBzjqfTGAMxZGUTdM0t4B4...",
2986
+ "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIyZDRkMTFhMi1mODE0LTQ2YTctOD...",
2987
+ }
2988
+
2989
+ Error Response
2990
+ {
2991
+ "error": "invalid_scope",
2992
+ "error_description": "AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope https://foo.microsoft.com/mail.read is not valid.\r\nTrace ID: 255d1aef-8c98-452f-ac51-23d051240864\r\nCorrelation ID: fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7\r\nTimestamp: 2016-01-09 02:02:12Z",
2993
+ "error_codes": [
2994
+ 70011
2995
+ ],
2996
+ "timestamp": "2016-01-09 02:02:12Z",
2997
+ }
2998
+
2999
+ */
3000
+ #HandleAuthenticateEvent = (id_token) => {
3001
+ const message = {
3002
+ messageId: -1,
3003
+ // un-solicited message
3004
+ command: IOauth2ListenerCommand.AUTHENTICATE_EVENT
3005
+ };
3006
+ this.#ProcessCommand(message, id_token);
3007
+ };
3008
+ // eslint-disable-next-line @typescript-eslint/no-explicit-any
3009
+ #HandleErrorEvent = (error) => {
3010
+ const message = {
3011
+ messageId: -1,
3012
+ // un-solicited message
3013
+ command: IOauth2ListenerCommand.ERROR
3014
+ };
3015
+ this.#ProcessCommand(message, error);
3016
+ };
3017
+ #LogMessage = (messageToSend) => {
3018
+ const message = {
3019
+ messageId: -1,
3020
+ // un-solicited message
3021
+ command: IOauth2ListenerCommand.LOG
3022
+ };
3023
+ this.#ProcessCommand(message, messageToSend);
3024
+ };
3025
+ #GetAccessToken = () => {
3026
+ const sessionData = this.#clientSessionStore.get(this.#STORAGE_SESSION_KEY);
3027
+ if (sessionData) {
3028
+ const tokens = sessionData.tokenResponse;
3029
+ return tokens.access_token;
3030
+ } else {
3031
+ return null;
3032
+ }
3033
+ };
3034
+ // eslint-disable-next-line @typescript-eslint/no-explicit-any
3035
+ #GetCookies = () => {
3036
+ if (isNode) {
3037
+ const sessionData = this.#clientSessionStore.get(this.#STORAGE_SESSION_KEY);
3040
3038
  if (sessionData) {
3041
- const tokens = sessionData.tokenResponse;
3042
- return tokens.access_token;
3039
+ return sessionData.brokerCookie;
3043
3040
  } else {
3044
3041
  return null;
3045
3042
  }
3043
+ } else {
3044
+ return null;
3045
+ }
3046
+ };
3047
+ #UpdateInstrument = (instrumentName, telemetry) => {
3048
+ const message = {
3049
+ messageId: -1,
3050
+ // un-solicited message
3051
+ command: IOauth2ListenerCommand.UPDATE_INSTRUMENT
3052
+ };
3053
+ this.#ProcessCommand(message, {
3054
+ instrumentName,
3055
+ telemetry
3046
3056
  });
3047
- // eslint-disable-next-line @typescript-eslint/no-explicit-any
3048
- __privateAdd(this, _GetCookies, () => {
3049
- if (isNode) {
3050
- const sessionData = __privateGet(this, _clientSessionStore).get(__privateGet(this, _STORAGE_SESSION_KEY));
3051
- if (sessionData) {
3052
- return sessionData.brokerCookie;
3053
- } else {
3054
- return null;
3055
- }
3056
- } else {
3057
- return null;
3057
+ };
3058
+ SetupListener = () => {
3059
+ this.#oauthWorkerPort.onmessage = async (data) => {
3060
+ const auth2ListenerMessage = data.data;
3061
+ this.#LogDebugMessage(`STSOAuth2Worker:SetupListener:onmessage: [${auth2ListenerMessage.command}]`);
3062
+ switch (auth2ListenerMessage.command) {
3063
+ case IOauth2ListenerCommand.RESTORE_SESSION:
3064
+ this.#ProcessCommand(auth2ListenerMessage, await this.#RestoreSession());
3065
+ break;
3066
+ case IOauth2ListenerCommand.AUTHORIZE:
3067
+ this.#ProcessCommand(auth2ListenerMessage, await this.#Authorize());
3068
+ break;
3069
+ case IOauth2ListenerCommand.HANDLE_REDIRECT:
3070
+ this.#ProcessCommand(auth2ListenerMessage, await this.#HandleRedirect(auth2ListenerMessage.payload));
3071
+ break;
3072
+ case IOauth2ListenerCommand.LOGOUT:
3073
+ this.#ProcessCommand(auth2ListenerMessage, await this.#Logout());
3074
+ break;
3075
+ //@@ Need a way of keeping this out of the main thread - should always stay within the worker
3076
+ case IOauth2ListenerCommand.ACCESS_TOKEN:
3077
+ this.#ProcessCommand(auth2ListenerMessage, await this.#GetAccessToken());
3078
+ break;
3079
+ case IOauth2ListenerCommand.EXECUTE_REFRESH_TOKEN:
3080
+ this.#ProcessCommand(auth2ListenerMessage, await this.#RefreshToken());
3081
+ break;
3082
+ case IOauth2ListenerCommand.COOKIES:
3083
+ this.#ProcessCommand(auth2ListenerMessage, await this.#GetCookies());
3084
+ break;
3085
+ default:
3086
+ throw new Error(`Command: [${auth2ListenerMessage.command}'] not found.`);
3058
3087
  }
3059
- });
3060
- __privateAdd(this, _UpdateInstrument, (instrumentName, telemetry) => {
3061
- const message = {
3062
- messageId: -1,
3063
- // un-solicited message
3064
- command: IOauth2ListenerCommand.UPDATE_INSTRUMENT
3065
- };
3066
- __privateGet(this, _ProcessCommand).call(this, message, {
3067
- instrumentName,
3068
- telemetry
3069
- });
3070
- });
3071
- __publicField(this, "SetupListener", () => {
3072
- __privateGet(this, _oauthWorkerPort).onmessage = async (data) => {
3073
- const auth2ListenerMessage = data.data;
3074
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, `STSOAuth2Worker:SetupListener:onmessage: [${auth2ListenerMessage.command}]`);
3075
- switch (auth2ListenerMessage.command) {
3076
- case IOauth2ListenerCommand.RESTORE_SESSION:
3077
- __privateGet(this, _ProcessCommand).call(this, auth2ListenerMessage, await __privateGet(this, _RestoreSession).call(this));
3078
- break;
3079
- case IOauth2ListenerCommand.AUTHORIZE:
3080
- __privateGet(this, _ProcessCommand).call(this, auth2ListenerMessage, await __privateGet(this, _Authorize).call(this));
3081
- break;
3082
- case IOauth2ListenerCommand.HANDLE_REDIRECT:
3083
- __privateGet(this, _ProcessCommand).call(this, auth2ListenerMessage, await __privateGet(this, _HandleRedirect).call(this, auth2ListenerMessage.payload));
3084
- break;
3085
- case IOauth2ListenerCommand.LOGOUT:
3086
- __privateGet(this, _ProcessCommand).call(this, auth2ListenerMessage, await __privateGet(this, _Logout).call(this));
3087
- break;
3088
- //@@ Need a way of keeping this out of the main thread - should always stay within the worker
3089
- case IOauth2ListenerCommand.ACCESS_TOKEN:
3090
- __privateGet(this, _ProcessCommand).call(this, auth2ListenerMessage, await __privateGet(this, _GetAccessToken).call(this));
3091
- break;
3092
- case IOauth2ListenerCommand.EXECUTE_REFRESH_TOKEN:
3093
- __privateGet(this, _ProcessCommand).call(this, auth2ListenerMessage, await __privateGet(this, _RefreshToken).call(this));
3094
- break;
3095
- case IOauth2ListenerCommand.COOKIES:
3096
- __privateGet(this, _ProcessCommand).call(this, auth2ListenerMessage, await __privateGet(this, _GetCookies).call(this));
3097
- break;
3098
- default:
3099
- throw new Error(`Command: [${auth2ListenerMessage.command}'] not found.`);
3088
+ };
3089
+ };
3090
+ // eslint-disable-next-line @typescript-eslint/no-explicit-any
3091
+ #ProcessCommand = async (auth2ListenerMessage, response) => {
3092
+ const messageResponse = {
3093
+ messageId: auth2ListenerMessage.messageId,
3094
+ command: auth2ListenerMessage.command,
3095
+ payload: response
3096
+ };
3097
+ this.#oauthWorkerPort.postMessage(messageResponse);
3098
+ };
3099
+ #RestoreSession = async () => {
3100
+ let restoredSessionData = null;
3101
+ const sessionData = this.#clientSessionStore.get(this.#STORAGE_SESSION_KEY);
3102
+ if (sessionData) {
3103
+ restoredSessionData = sessionData.tokenResponse;
3104
+ this.#LogInfoMessage("Session restored from client storage.");
3105
+ this.#LogMessage("Session restored from client storage.");
3106
+ } else {
3107
+ const url = `${this.#options.brokerendpoint}:${this.#options.brokerport}${this.#options.brokerapiroot}/session`;
3108
+ this.#LogInfoMessage("RestoreSession");
3109
+ this.#LogInfoMessage(url);
3110
+ this.#LogMessage("RestoreSession.");
3111
+ this.#LogMessage(url);
3112
+ try {
3113
+ const rConfig = new stsutils.STSAxiosConfig(url, "post").withData({
3114
+ [stsutils.OAuth2ParameterType.CLIENT_ID]: this.#options.client_id,
3115
+ [stsutils.OAuth2ParameterType.SCOPE]: this.#options.scope,
3116
+ [stsutils.OAuth2ParameterType.REDIRECT_URI]: this.#options.redirect_uri,
3117
+ [stsutils.OAuth2ParameterType.AUDIENCE]: this.#options.audience
3118
+ }).withDefaultHeaders().withCredentials().withTimeout(this.#options.timeout);
3119
+ this.#LogDebugMessage(chalk.magenta(`#RestoreSession:session request detail: [${JSON.stringify(rConfig)}]`));
3120
+ if (isNode && this.#agentManager) {
3121
+ rConfig.withAgentManager(this.#agentManager);
3100
3122
  }
3101
- };
3102
- });
3103
- // eslint-disable-next-line @typescript-eslint/no-explicit-any
3104
- __privateAdd(this, _ProcessCommand, async (auth2ListenerMessage, response) => {
3105
- const messageResponse = {
3106
- messageId: auth2ListenerMessage.messageId,
3107
- command: auth2ListenerMessage.command,
3108
- payload: response
3109
- };
3110
- __privateGet(this, _oauthWorkerPort).postMessage(messageResponse);
3111
- });
3112
- __privateAdd(this, _RestoreSession, async () => {
3113
- let restoredSessionData = null;
3114
- const sessionData = __privateGet(this, _clientSessionStore).get(__privateGet(this, _STORAGE_SESSION_KEY));
3115
- if (sessionData) {
3116
- restoredSessionData = sessionData.tokenResponse;
3117
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, "Session restored from client storage.");
3118
- __privateGet(this, _LogMessage).call(this, "Session restored from client storage.");
3119
- } else {
3120
- const url = `${__privateGet(this, _options2).brokerendpoint}:${__privateGet(this, _options2).brokerport}${__privateGet(this, _options2).brokerapiroot}/session`;
3121
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, "RestoreSession");
3122
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, url);
3123
- __privateGet(this, _LogMessage).call(this, "RestoreSession.");
3124
- __privateGet(this, _LogMessage).call(this, url);
3125
- try {
3126
- const rConfig = new stsutils.STSAxiosConfig(url, "post").withData({
3127
- [stsutils.OAuth2ParameterType.CLIENT_ID]: __privateGet(this, _options2).client_id,
3128
- [stsutils.OAuth2ParameterType.SCOPE]: __privateGet(this, _options2).scope,
3129
- [stsutils.OAuth2ParameterType.REDIRECT_URI]: __privateGet(this, _options2).redirect_uri,
3130
- [stsutils.OAuth2ParameterType.AUDIENCE]: __privateGet(this, _options2).audience
3131
- }).withDefaultHeaders().withCredentials().withTimeout(__privateGet(this, _options2).timeout);
3132
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, chalk.magenta(`#RestoreSession:session request detail: [${JSON.stringify(rConfig)}]`));
3133
- if (isNode && __privateGet(this, _agentManager)) {
3134
- rConfig.withAgentManager(__privateGet(this, _agentManager));
3135
- }
3136
- const retVal = await axios(rConfig.config);
3137
- if (retVal.data.status === StatusCodes.OK) {
3138
- restoredSessionData = retVal.data.detail;
3139
- if (restoredSessionData) {
3140
- const newSessionData = {
3141
- tokenResponse: restoredSessionData
3142
- };
3143
- if (isNode) {
3144
- newSessionData.brokerCookie = retVal.headers["set-cookie"];
3145
- }
3146
- __privateGet(this, _clientSessionStore).set(__privateGet(this, _STORAGE_SESSION_KEY), newSessionData);
3147
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, "Session restored from server side cookie.");
3148
- } else {
3149
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, `Could not restore previous session. No restoredSessionData available.`);
3150
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, JSON.stringify(retVal.data));
3123
+ const retVal = await axios(rConfig.config);
3124
+ if (retVal.data.status === StatusCodes.OK) {
3125
+ restoredSessionData = retVal.data.detail;
3126
+ if (restoredSessionData) {
3127
+ const newSessionData = {
3128
+ tokenResponse: restoredSessionData
3129
+ };
3130
+ if (isNode) {
3131
+ newSessionData.brokerCookie = retVal.headers["set-cookie"];
3151
3132
  }
3133
+ this.#clientSessionStore.set(this.#STORAGE_SESSION_KEY, newSessionData);
3134
+ this.#LogInfoMessage("Session restored from server side cookie.");
3152
3135
  } else {
3153
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, "Could not restore previous session:-");
3154
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, JSON.stringify(retVal.data));
3136
+ this.#LogErrorMessage(`Could not restore previous session. No restoredSessionData available.`);
3137
+ this.#LogErrorMessage(JSON.stringify(retVal.data));
3155
3138
  }
3156
- } catch (error) {
3157
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, "Could not restore previous session (error state):-");
3158
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, error);
3159
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, JSON.stringify(error));
3139
+ } else {
3140
+ this.#LogErrorMessage("Could not restore previous session:-");
3141
+ this.#LogErrorMessage(JSON.stringify(retVal.data));
3160
3142
  }
3143
+ } catch (error) {
3144
+ this.#LogErrorMessage("Could not restore previous session (error state):-");
3145
+ this.#LogErrorMessage(error);
3146
+ this.#LogErrorMessage(JSON.stringify(error));
3161
3147
  }
3162
- if (restoredSessionData !== null) {
3163
- __privateGet(this, _HandleAuthenticateEvent2).call(this, restoredSessionData.id_token);
3164
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, "Refreshing tokens ...");
3165
- return await __privateGet(this, _RefreshToken).call(this);
3148
+ }
3149
+ if (restoredSessionData !== null) {
3150
+ this.#HandleAuthenticateEvent(restoredSessionData.id_token);
3151
+ this.#LogInfoMessage("Refreshing tokens ...");
3152
+ return await this.#RefreshToken();
3153
+ } else {
3154
+ this.#HandleAuthenticateEvent(null);
3155
+ return false;
3156
+ }
3157
+ };
3158
+ #Authorize = async () => {
3159
+ this.#LogInfoMessage("Authorize ...");
3160
+ const client_id = this.#options.client_id;
3161
+ const nonce = this.#cUtils.CreateRandomString();
3162
+ const response_type = [AuthorizeOptionsResponseType.CODE];
3163
+ const redirect_uri = this.#options.redirect_uri;
3164
+ const response_mode = AuthorizeOptionsResponseMode.QUERY;
3165
+ const scope = this.#options.scope;
3166
+ const state = this.#cUtils.CreateRandomString();
3167
+ const code_verifier = this.#cUtils.CreateRandomString();
3168
+ const code_challenge = await this.#cUtils.DigestMessage(code_verifier);
3169
+ const code_challenge_method = "S256";
3170
+ const authorizeOptions = {
3171
+ client_id,
3172
+ nonce,
3173
+ response_type,
3174
+ redirect_uri,
3175
+ response_mode,
3176
+ scope,
3177
+ state,
3178
+ code_challenge,
3179
+ code_challenge_method
3180
+ };
3181
+ const authorizeOptionsClientCopy = { ...authorizeOptions };
3182
+ const url = `${this.#options.authorizeendpoint}:${this.#options.authorizeport}${this.#options.authorizeapiroot}${this.#options.authorizeapi}?${this.#qParams.CreateQueryParams(authorizeOptions)}`;
3183
+ this.#LogInfoMessage(url);
3184
+ authorizeOptions.code_verifier = code_verifier;
3185
+ this.#LogInfoMessage(`Authorize:authorizeOptions: [${JSON.stringify(authorizeOptions)}]`);
3186
+ return {
3187
+ url,
3188
+ authorizeOptions,
3189
+ authorizeOptionsClientCopy
3190
+ };
3191
+ };
3192
+ // eslint-disable-next-line @typescript-eslint/no-explicit-any
3193
+ #HandleRedirect = async (payload) => {
3194
+ const queryVars = payload.queryVars;
3195
+ const authorizeOptions = payload.authorizeOptions;
3196
+ this.#LogDebugMessage(chalk.magenta(`#HandleRedirect: HandleRedirect`));
3197
+ this.#LogDebugMessage(chalk.magenta(`#HandleRedirect: HandleRedirect:Query Vars: [${JSON.stringify(queryVars)}]`));
3198
+ if (queryVars[stsutils.OAuth2ParameterType.CODE]) {
3199
+ const response = queryVars;
3200
+ this.#LogInfoMessage(`authorizeOptions from transaction state: [${JSON.stringify(authorizeOptions)}]`);
3201
+ const redirectState = response.state;
3202
+ const authorizeOptionsState = authorizeOptions.state;
3203
+ if (authorizeOptionsState.localeCompare(redirectState) === 0) {
3204
+ this.#LogInfoMessage(chalk.green("redirected state (from queryVars) matched previously saved transaction authorizeOptions state"));
3205
+ return await this.#GetToken(authorizeOptions, response);
3166
3206
  } else {
3167
- __privateGet(this, _HandleAuthenticateEvent2).call(this, null);
3207
+ this.#LogErrorMessage(chalk.red("redirected state (from queryVars) did NOT match previously saved transaction authorizeOptions state"));
3208
+ this.#LogErrorMessage(chalk.red(`authorizeOptionsState: [${authorizeOptionsState}]`));
3209
+ this.#LogErrorMessage(chalk.red(`redirectState: [${redirectState}]`));
3210
+ this.#HandleErrorEvent({ message: "State un-matched" });
3168
3211
  return false;
3169
3212
  }
3170
- });
3171
- __privateAdd(this, _Authorize, async () => {
3172
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, "Authorize ...");
3173
- const client_id = __privateGet(this, _options2).client_id;
3174
- const nonce = __privateGet(this, _cUtils).CreateRandomString();
3175
- const response_type = [AuthorizeOptionsResponseType.CODE];
3176
- const redirect_uri = __privateGet(this, _options2).redirect_uri;
3177
- const response_mode = AuthorizeOptionsResponseMode.QUERY;
3178
- const scope = __privateGet(this, _options2).scope;
3179
- const state = __privateGet(this, _cUtils).CreateRandomString();
3180
- const code_verifier = __privateGet(this, _cUtils).CreateRandomString();
3181
- const code_challenge = await __privateGet(this, _cUtils).DigestMessage(code_verifier);
3182
- const code_challenge_method = "S256";
3183
- const authorizeOptions = {
3184
- client_id,
3185
- nonce,
3186
- response_type,
3187
- redirect_uri,
3188
- response_mode,
3189
- scope,
3190
- state,
3191
- code_challenge,
3192
- code_challenge_method
3193
- };
3194
- const authorizeOptionsClientCopy = { ...authorizeOptions };
3195
- const url = `${__privateGet(this, _options2).authorizeendpoint}:${__privateGet(this, _options2).authorizeport}${__privateGet(this, _options2).authorizeapiroot}${__privateGet(this, _options2).authorizeapi}?${__privateGet(this, _qParams).CreateQueryParams(authorizeOptions)}`;
3196
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, url);
3197
- authorizeOptions.code_verifier = code_verifier;
3198
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, `Authorize:authorizeOptions: [${JSON.stringify(authorizeOptions)}]`);
3199
- return {
3200
- url,
3201
- authorizeOptions,
3202
- authorizeOptionsClientCopy
3203
- };
3204
- });
3205
- // eslint-disable-next-line @typescript-eslint/no-explicit-any
3206
- __privateAdd(this, _HandleRedirect, async (payload) => {
3207
- const queryVars = payload.queryVars;
3208
- const authorizeOptions = payload.authorizeOptions;
3209
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, chalk.magenta(`#HandleRedirect: HandleRedirect`));
3210
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, chalk.magenta(`#HandleRedirect: HandleRedirect:Query Vars: [${JSON.stringify(queryVars)}]`));
3211
- if (queryVars[stsutils.OAuth2ParameterType.CODE]) {
3212
- const response = queryVars;
3213
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, `authorizeOptions from transaction state: [${JSON.stringify(authorizeOptions)}]`);
3214
- const redirectState = response.state;
3215
- const authorizeOptionsState = authorizeOptions.state;
3216
- if (authorizeOptionsState.localeCompare(redirectState) === 0) {
3217
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, chalk.green("redirected state (from queryVars) matched previously saved transaction authorizeOptions state"));
3218
- return await __privateGet(this, _GetToken).call(this, authorizeOptions, response);
3219
- } else {
3220
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, chalk.red("redirected state (from queryVars) did NOT match previously saved transaction authorizeOptions state"));
3221
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, chalk.red(`authorizeOptionsState: [${authorizeOptionsState}]`));
3222
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, chalk.red(`redirectState: [${redirectState}]`));
3223
- __privateGet(this, _HandleErrorEvent2).call(this, { message: "State un-matched" });
3224
- return false;
3213
+ } else if (queryVars[stsutils.OAuth2ParameterType.ERROR]) {
3214
+ this.#LogErrorMessage(chalk.red(`State un-matched (1)`));
3215
+ this.#HandleErrorEvent({ message: "State un-matched" });
3216
+ return false;
3217
+ } else {
3218
+ this.#LogErrorMessage(chalk.red(`State un-matched (2)`));
3219
+ this.#HandleErrorEvent({ message: "State un-matched" });
3220
+ return false;
3221
+ }
3222
+ };
3223
+ /*
3224
+ client_id=6731de76-14a6-49ae-97bc-6eba6914391e
3225
+ &scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
3226
+ &code=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq3n8b2JRLk4OxVXr...
3227
+ &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
3228
+ &grant_type=authorization_code
3229
+ &code_verifier=ThisIsntRandomButItNeedsToBe43CharactersLong
3230
+ &client_secret=JqQX2PNo9bpM0uEihUPzyrh // NOTE: Only required for web apps. This secret needs to be URL-Encoded.
3231
+
3232
+ Successful Response
3233
+ {
3234
+ "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...",
3235
+ "token_type": "Bearer",
3236
+ "expires_in": 3599,
3237
+ "scope": "https%3A%2F%2Fgraph.microsoft.com%2Fmail.read",
3238
+ "refresh_token": "AwABAAAAvPM1KaPlrEqdFSBzjqfTGAMxZGUTdM0t4B4...",
3239
+ "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIyZDRkMTFhMi1mODE0LTQ2YTctOD...",
3240
+ }
3241
+ */
3242
+ // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
3243
+ #GetTokenFromBroker = async (authorizationCodeFlowParameters) => {
3244
+ this.#LogDebugMessage(chalk.magenta(`#GetTokenFromBroker`));
3245
+ this.#clientSessionStore.remove(this.#STORAGE_SESSION_KEY);
3246
+ const url = `${this.#options.brokerendpoint}:${this.#options.brokerport}${this.#options.brokerapiroot}/token`;
3247
+ try {
3248
+ const rConfig = new stsutils.STSAxiosConfig(url, "post").withDefaultHeaders().withData(authorizationCodeFlowParameters).withCredentials().withTimeout(this.#options.timeout);
3249
+ this.#LogDebugMessage(chalk.magenta(`#GetTokenFromBroker: request config: [${JSON.stringify(rConfig)}]`));
3250
+ if (isNode && this.#agentManager) {
3251
+ rConfig.withAgentManager(this.#agentManager);
3252
+ }
3253
+ this.#LogDebugMessage(chalk.magenta(`#GetTokenFromBroker: axios API call`));
3254
+ const retVal = await axios(rConfig.config);
3255
+ this.#LogDebugMessage(chalk.magenta(`#GetTokenFromBroker: axios API call result: [${retVal.status}]`));
3256
+ if (retVal.status === StatusCodes.OK) {
3257
+ this.#LogDebugMessage(chalk.magenta(`#GetTokenFromBroker: storing tokens`));
3258
+ const tokenResponse = retVal.data;
3259
+ this.#HandleAuthenticateEvent(tokenResponse.id_token);
3260
+ const newSessionData = {
3261
+ tokenResponse
3262
+ };
3263
+ if (isNode) {
3264
+ newSessionData.brokerCookie = retVal.headers["set-cookie"];
3225
3265
  }
3226
- } else if (queryVars[stsutils.OAuth2ParameterType.ERROR]) {
3227
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, chalk.red(`State un-matched (1)`));
3228
- __privateGet(this, _HandleErrorEvent2).call(this, { message: "State un-matched" });
3266
+ this.#clientSessionStore.set(this.#STORAGE_SESSION_KEY, newSessionData);
3267
+ return true;
3268
+ } else if (retVal.status === StatusCodes.UNAUTHORIZED) {
3269
+ this.#LogDebugMessage(chalk.magenta(`#GetTokenFromBroker: NOT storing tokens, status: [${retVal.status}]`));
3270
+ this.#HandleAuthenticateEvent(null);
3229
3271
  return false;
3230
3272
  } else {
3231
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, chalk.red(`State un-matched (2)`));
3232
- __privateGet(this, _HandleErrorEvent2).call(this, { message: "State un-matched" });
3273
+ this.#LogDebugMessage(chalk.magenta(`#GetTokenFromBroker: NOT storing tokens (general error 1), status: [${retVal.status}]`));
3274
+ this.#HandleAuthenticateEvent(null);
3275
+ this.#LogErrorMessage(chalk.red("Could not obtain access_token from token end-point:-"));
3276
+ this.#LogErrorMessage(chalk.red(JSON.stringify(retVal.data)));
3233
3277
  return false;
3234
3278
  }
3235
- });
3236
- /*
3237
- client_id=6731de76-14a6-49ae-97bc-6eba6914391e
3238
- &scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
3239
- &code=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq3n8b2JRLk4OxVXr...
3240
- &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
3241
- &grant_type=authorization_code
3242
- &code_verifier=ThisIsntRandomButItNeedsToBe43CharactersLong
3243
- &client_secret=JqQX2PNo9bpM0uEihUPzyrh // NOTE: Only required for web apps. This secret needs to be URL-Encoded.
3244
-
3245
- Successful Response
3246
- {
3247
- "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...",
3248
- "token_type": "Bearer",
3249
- "expires_in": 3599,
3250
- "scope": "https%3A%2F%2Fgraph.microsoft.com%2Fmail.read",
3251
- "refresh_token": "AwABAAAAvPM1KaPlrEqdFSBzjqfTGAMxZGUTdM0t4B4...",
3252
- "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIyZDRkMTFhMi1mODE0LTQ2YTctOD...",
3253
- }
3254
- */
3255
- // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
3256
- __privateAdd(this, _GetTokenFromBroker, async (authorizationCodeFlowParameters) => {
3257
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, chalk.magenta(`#GetTokenFromBroker`));
3258
- __privateGet(this, _clientSessionStore).remove(__privateGet(this, _STORAGE_SESSION_KEY));
3259
- const url = `${__privateGet(this, _options2).brokerendpoint}:${__privateGet(this, _options2).brokerport}${__privateGet(this, _options2).brokerapiroot}/token`;
3279
+ } catch (error) {
3280
+ this.#LogErrorMessage(chalk.red(`#GetTokenFromBroker: NOT storing tokens (general error 2), status: [${error}]`));
3281
+ this.#HandleAuthenticateEvent(null);
3282
+ return false;
3283
+ }
3284
+ };
3285
+ // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
3286
+ #GetToken = async (authorizeOptions, authorizeResponse) => {
3287
+ this.#LogInfoMessage("#GetToken");
3288
+ this.#LogInfoMessage(authorizeResponse);
3289
+ this.#clientSessionStore.remove(this.#STORAGE_SESSION_KEY);
3290
+ const authorizationCodeFlowParameters = {
3291
+ client_id: this.#options.client_id,
3292
+ scope: this.#options.scope,
3293
+ code: authorizeResponse.code,
3294
+ redirect_uri: this.#options.redirect_uri,
3295
+ grant_type: OAuthGrantTypes.AUTHORIZATION_CODE,
3296
+ code_verifier: authorizeOptions.code_verifier
3297
+ };
3298
+ return await this.#GetTokenFromBroker(authorizationCodeFlowParameters);
3299
+ };
3300
+ /*
3301
+ // Line breaks for legibility only
3302
+
3303
+ POST /{tenant}/oauth2/v2.0/token HTTP/1.1
3304
+ Host: https://login.microsoftonline.com
3305
+ Content-Type: application/x-www-form-urlencoded
3306
+
3307
+ client_id=535fb089-9ff3-47b6-9bfb-4f1264799865
3308
+ &scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
3309
+ &refresh_token=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq...
3310
+ &grant_type=refresh_token
3311
+ &client_secret=sampleCredentia1s // NOTE: Only required for web apps. This secret needs to be URL-Encoded
3312
+
3313
+ Error Response
3314
+ {
3315
+ "error": "invalid_scope",
3316
+ "error_description": "AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope https://foo.microsoft.com/mail.read is not valid.\r\nTrace ID: 255d1aef-8c98-452f-ac51-23d051240864\r\nCorrelation ID: fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7\r\nTimestamp: 2016-01-09 02:02:12Z",
3317
+ "error_codes": [
3318
+ 70011
3319
+ ],
3320
+ "timestamp": "2016-01-09 02:02:12Z",
3321
+ "trace_id": "255d1aef-8c98-452f-ac51-23d051240864",
3322
+ "correlation_id": "fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7"
3323
+ }
3324
+ */
3325
+ #RefreshToken = async () => {
3326
+ this.#LogDebugMessage(chalk.cyan(`STSOAuth2Worker:#RefreshToken:start`));
3327
+ const sessionData = this.#clientSessionStore.get(this.#STORAGE_SESSION_KEY);
3328
+ if (sessionData) {
3329
+ this.#LogDebugMessage(chalk.cyan(`STSOAuth2Worker:#RefreshToken:sessionData: [${JSON.stringify(sessionData)}]`));
3330
+ const currentSessionData = sessionData.tokenResponse;
3331
+ const refreshFlowParameters = {
3332
+ client_id: this.#options.client_id,
3333
+ scope: this.#options.scope,
3334
+ refresh_token: currentSessionData.refresh_token,
3335
+ grant_type: OAuthGrantTypes.REFRESH_TOKEN
3336
+ };
3337
+ return await this.#GetTokenFromBroker(refreshFlowParameters);
3338
+ } else {
3339
+ this.#LogErrorMessage(chalk.red(`STSOAuth2Worker:#RefreshToken:sessionData not found within clientSessionStore`));
3340
+ return false;
3341
+ }
3342
+ };
3343
+ // call broker to logout
3344
+ // broker to logout of server
3345
+ // delete cookie
3346
+ // clear session storage
3347
+ // clear all state from $store
3348
+ #Logout = async () => {
3349
+ this.#LogInfoMessage("Logout");
3350
+ const url = `${this.#options.brokerendpoint}:${this.#options.brokerport}${this.#options.brokerapiroot}/logout`;
3351
+ this.#LogInfoMessage(url);
3352
+ const sessionData = this.#clientSessionStore.get(this.#STORAGE_SESSION_KEY);
3353
+ if (sessionData) {
3354
+ const currentSessionData = sessionData.tokenResponse;
3355
+ const refresh_token = currentSessionData.refresh_token;
3356
+ this.#LogInfoMessage(refresh_token);
3357
+ const decodedRefreshToken = jwtDecode(refresh_token);
3358
+ this.#LogInfoMessage(decodedRefreshToken);
3359
+ const sessionId = decodedRefreshToken.sts_session;
3360
+ this.#LogInfoMessage(sessionId);
3361
+ this.#clientSessionStore.remove(this.#STORAGE_SESSION_KEY);
3362
+ this.#HandleAuthenticateEvent(null);
3260
3363
  try {
3261
- const rConfig = new stsutils.STSAxiosConfig(url, "post").withDefaultHeaders().withData(authorizationCodeFlowParameters).withCredentials().withTimeout(__privateGet(this, _options2).timeout);
3262
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, chalk.magenta(`#GetTokenFromBroker: request config: [${JSON.stringify(rConfig)}]`));
3263
- if (isNode && __privateGet(this, _agentManager)) {
3264
- rConfig.withAgentManager(__privateGet(this, _agentManager));
3364
+ const rConfig = new stsutils.STSAxiosConfig(url, "post").withData({
3365
+ sessionId
3366
+ }).withDefaultHeaders().withCredentials().withTimeout(this.#options.timeout);
3367
+ if (isNode && this.#agentManager) {
3368
+ rConfig.withAgentManager(this.#agentManager);
3265
3369
  }
3266
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, chalk.magenta(`#GetTokenFromBroker: axios API call`));
3370
+ this.#LogDebugMessage(chalk.magenta(`#Logout: request config: [${rConfig}]`));
3267
3371
  const retVal = await axios(rConfig.config);
3268
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, chalk.magenta(`#GetTokenFromBroker: axios API call result: [${retVal.status}]`));
3269
- if (retVal.status === StatusCodes.OK) {
3270
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, chalk.magenta(`#GetTokenFromBroker: storing tokens`));
3271
- const tokenResponse = retVal.data;
3272
- __privateGet(this, _HandleAuthenticateEvent2).call(this, tokenResponse.id_token);
3273
- const newSessionData = {
3274
- tokenResponse
3275
- };
3276
- if (isNode) {
3277
- newSessionData.brokerCookie = retVal.headers["set-cookie"];
3278
- }
3279
- __privateGet(this, _clientSessionStore).set(__privateGet(this, _STORAGE_SESSION_KEY), newSessionData);
3372
+ if (retVal.data.status === StatusCodes.OK) {
3280
3373
  return true;
3281
- } else if (retVal.status === StatusCodes.UNAUTHORIZED) {
3282
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, chalk.magenta(`#GetTokenFromBroker: NOT storing tokens, status: [${retVal.status}]`));
3283
- __privateGet(this, _HandleAuthenticateEvent2).call(this, null);
3284
- return false;
3285
3374
  } else {
3286
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, chalk.magenta(`#GetTokenFromBroker: NOT storing tokens (general error 1), status: [${retVal.status}]`));
3287
- __privateGet(this, _HandleAuthenticateEvent2).call(this, null);
3288
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, chalk.red("Could not obtain access_token from token end-point:-"));
3289
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, chalk.red(JSON.stringify(retVal.data)));
3375
+ this.#LogErrorMessage(chalk.red("Error during logout (1: server side)"));
3376
+ this.#LogErrorMessage(chalk.red(JSON.stringify(retVal.data)));
3290
3377
  return false;
3291
3378
  }
3292
3379
  } catch (error) {
3293
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, chalk.red(`#GetTokenFromBroker: NOT storing tokens (general error 2), status: [${error}]`));
3294
- __privateGet(this, _HandleAuthenticateEvent2).call(this, null);
3295
- return false;
3296
- }
3297
- });
3298
- // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
3299
- __privateAdd(this, _GetToken, async (authorizeOptions, authorizeResponse) => {
3300
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, "#GetToken");
3301
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, authorizeResponse);
3302
- __privateGet(this, _clientSessionStore).remove(__privateGet(this, _STORAGE_SESSION_KEY));
3303
- const authorizationCodeFlowParameters = {
3304
- client_id: __privateGet(this, _options2).client_id,
3305
- scope: __privateGet(this, _options2).scope,
3306
- code: authorizeResponse.code,
3307
- redirect_uri: __privateGet(this, _options2).redirect_uri,
3308
- grant_type: OAuthGrantTypes.AUTHORIZATION_CODE,
3309
- code_verifier: authorizeOptions.code_verifier
3310
- };
3311
- return await __privateGet(this, _GetTokenFromBroker).call(this, authorizationCodeFlowParameters);
3312
- });
3313
- /*
3314
- // Line breaks for legibility only
3315
-
3316
- POST /{tenant}/oauth2/v2.0/token HTTP/1.1
3317
- Host: https://login.microsoftonline.com
3318
- Content-Type: application/x-www-form-urlencoded
3319
-
3320
- client_id=535fb089-9ff3-47b6-9bfb-4f1264799865
3321
- &scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
3322
- &refresh_token=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq...
3323
- &grant_type=refresh_token
3324
- &client_secret=sampleCredentia1s // NOTE: Only required for web apps. This secret needs to be URL-Encoded
3325
-
3326
- Error Response
3327
- {
3328
- "error": "invalid_scope",
3329
- "error_description": "AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope https://foo.microsoft.com/mail.read is not valid.\r\nTrace ID: 255d1aef-8c98-452f-ac51-23d051240864\r\nCorrelation ID: fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7\r\nTimestamp: 2016-01-09 02:02:12Z",
3330
- "error_codes": [
3331
- 70011
3332
- ],
3333
- "timestamp": "2016-01-09 02:02:12Z",
3334
- "trace_id": "255d1aef-8c98-452f-ac51-23d051240864",
3335
- "correlation_id": "fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7"
3336
- }
3337
- */
3338
- __privateAdd(this, _RefreshToken, async () => {
3339
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, chalk.cyan(`STSOAuth2Worker:#RefreshToken:start`));
3340
- const sessionData = __privateGet(this, _clientSessionStore).get(__privateGet(this, _STORAGE_SESSION_KEY));
3341
- if (sessionData) {
3342
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, chalk.cyan(`STSOAuth2Worker:#RefreshToken:sessionData: [${JSON.stringify(sessionData)}]`));
3343
- const currentSessionData = sessionData.tokenResponse;
3344
- const refreshFlowParameters = {
3345
- client_id: __privateGet(this, _options2).client_id,
3346
- scope: __privateGet(this, _options2).scope,
3347
- refresh_token: currentSessionData.refresh_token,
3348
- grant_type: OAuthGrantTypes.REFRESH_TOKEN
3349
- };
3350
- return await __privateGet(this, _GetTokenFromBroker).call(this, refreshFlowParameters);
3351
- } else {
3352
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, chalk.red(`STSOAuth2Worker:#RefreshToken:sessionData not found within clientSessionStore`));
3353
- return false;
3354
- }
3355
- });
3356
- // call broker to logout
3357
- // broker to logout of server
3358
- // delete cookie
3359
- // clear session storage
3360
- // clear all state from $store
3361
- __privateAdd(this, _Logout, async () => {
3362
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, "Logout");
3363
- const url = `${__privateGet(this, _options2).brokerendpoint}:${__privateGet(this, _options2).brokerport}${__privateGet(this, _options2).brokerapiroot}/logout`;
3364
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, url);
3365
- const sessionData = __privateGet(this, _clientSessionStore).get(__privateGet(this, _STORAGE_SESSION_KEY));
3366
- if (sessionData) {
3367
- const currentSessionData = sessionData.tokenResponse;
3368
- const refresh_token = currentSessionData.refresh_token;
3369
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, refresh_token);
3370
- const decodedRefreshToken = jwtDecode(refresh_token);
3371
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, decodedRefreshToken);
3372
- const sessionId = decodedRefreshToken.sts_session;
3373
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, sessionId);
3374
- __privateGet(this, _clientSessionStore).remove(__privateGet(this, _STORAGE_SESSION_KEY));
3375
- __privateGet(this, _HandleAuthenticateEvent2).call(this, null);
3376
- try {
3377
- const rConfig = new stsutils.STSAxiosConfig(url, "post").withData({
3378
- sessionId
3379
- }).withDefaultHeaders().withCredentials().withTimeout(__privateGet(this, _options2).timeout);
3380
- if (isNode && __privateGet(this, _agentManager)) {
3381
- rConfig.withAgentManager(__privateGet(this, _agentManager));
3382
- }
3383
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, chalk.magenta(`#Logout: request config: [${rConfig}]`));
3384
- const retVal = await axios(rConfig.config);
3385
- if (retVal.data.status === StatusCodes.OK) {
3386
- return true;
3387
- } else {
3388
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, chalk.red("Error during logout (1: server side)"));
3389
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, chalk.red(JSON.stringify(retVal.data)));
3390
- return false;
3391
- }
3392
- } catch (error) {
3393
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, chalk.red("Error during logout (2: server side)"));
3394
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, chalk.red(error));
3395
- __privateMethod(this, _STSOAuth2Worker_instances, LogErrorMessage_fn2).call(this, chalk.red(JSON.stringify(error)));
3396
- return false;
3397
- }
3398
- } else {
3399
- __privateMethod(this, _STSOAuth2Worker_instances, LogInfoMessage_fn2).call(this, "Error during logout. Could not restore session from session storage.");
3380
+ this.#LogErrorMessage(chalk.red("Error during logout (2: server side)"));
3381
+ this.#LogErrorMessage(chalk.red(error));
3382
+ this.#LogErrorMessage(chalk.red(JSON.stringify(error)));
3400
3383
  return false;
3401
3384
  }
3402
- });
3403
- __privateSet(this, _options2, options);
3404
- __privateSet(this, _logger, logger);
3405
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, `STSOAuth2Worker:constructor:#options: [${JSON.stringify(__privateGet(this, _options2))}]`);
3406
- __privateSet(this, _clientSessionStore, new stsvueutils.ClientStorageFactory({ clientStorageType: stsvueutils.ClientStorageType.MEMORY_STORAGE, usePrefix: false }).GetStorage());
3407
- __privateSet(this, _oauthWorkerPort, workerPort);
3408
- __privateMethod(this, _STSOAuth2Worker_instances, LogDebugMessage_fn2).call(this, `STSOAuth2Worker:constructor:#oauthWorkerPort: [${JSON.stringify(__privateGet(this, _oauthWorkerPort))}]`);
3409
- if (isNode && __privateGet(this, _options2).agentOptions) {
3410
- __privateSet(this, _agentManager, new stsutils.AgentManager({
3411
- agentOptions: __privateGet(this, _options2).agentOptions,
3412
- httpAgentFactory(options2) {
3413
- return new http.Agent(options2);
3414
- },
3415
- httpsAgentFactory(options2) {
3416
- return new https.Agent(options2);
3417
- }
3418
- }));
3385
+ } else {
3386
+ this.#LogInfoMessage("Error during logout. Could not restore session from session storage.");
3387
+ return false;
3419
3388
  }
3420
- this.SetupListener();
3421
- __privateGet(this, _UpdateInstrument).call(this, stsobservability.Gauge.LOGGER, {
3422
- LogMessage: `STSOauth2 Plugin - Successfully Loaded`
3423
- });
3424
- }
3389
+ };
3425
3390
  }
3426
- _clientSessionStore = new WeakMap();
3427
- _cUtils = new WeakMap();
3428
- _qParams = new WeakMap();
3429
- _STORAGE_SESSION_KEY = new WeakMap();
3430
- _oauthWorkerPort = new WeakMap();
3431
- _options2 = new WeakMap();
3432
- _logger = new WeakMap();
3433
- _agentManager = new WeakMap();
3434
- _STSOAuth2Worker_instances = new WeakSet();
3435
- // eslint-disable-next-line @typescript-eslint/no-explicit-any
3436
- LogDebugMessage_fn2 = function(message) {
3437
- __privateGet(this, _logger).debug(message);
3438
- };
3439
- // eslint-disable-next-line @typescript-eslint/no-explicit-any
3440
- LogInfoMessage_fn2 = function(message) {
3441
- __privateGet(this, _logger).info(message);
3442
- };
3443
- // eslint-disable-next-line @typescript-eslint/no-explicit-any
3444
- LogErrorMessage_fn2 = function(message) {
3445
- __privateGet(this, _logger).error(message);
3446
- };
3447
- _HandleAuthenticateEvent2 = new WeakMap();
3448
- _HandleErrorEvent2 = new WeakMap();
3449
- _LogMessage = new WeakMap();
3450
- _GetAccessToken = new WeakMap();
3451
- _GetCookies = new WeakMap();
3452
- _UpdateInstrument = new WeakMap();
3453
- _ProcessCommand = new WeakMap();
3454
- _RestoreSession = new WeakMap();
3455
- _Authorize = new WeakMap();
3456
- _HandleRedirect = new WeakMap();
3457
- _GetTokenFromBroker = new WeakMap();
3458
- _GetToken = new WeakMap();
3459
- _RefreshToken = new WeakMap();
3460
- _Logout = new WeakMap();
3461
3391
  const TestStore = pinia.defineStore("__sts__TestStore", {
3462
3392
  state: () => {
3463
3393
  return {
@@ -3503,5 +3433,5 @@ var __privateWrapper = (obj, member, setter, getter) => ({
3503
3433
  exports2.TestStore = TestStore;
3504
3434
  exports2.useSTSOAuth2ManagerPlugin = useSTSOAuth2ManagerPlugin;
3505
3435
  Object.defineProperty(exports2, Symbol.toStringTag, { value: "Module" });
3506
- });
3436
+ }));
3507
3437
  //# sourceMappingURL=stsoauth2plugin.umd.js.map