@ogcio/sag-client 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/onboarding.d.ts +1 -1
- package/dist/react/index.d.ts +1 -1
- package/dist/react/index.d.ts.map +1 -1
- package/dist/react/index.js +2 -2
- package/dist/react/index.js.map +1 -1
- package/dist/react/use-onboarding-guard.d.ts +35 -21
- package/dist/react/use-onboarding-guard.d.ts.map +1 -1
- package/dist/react/use-onboarding-guard.js +46 -39
- package/dist/react/use-onboarding-guard.js.map +1 -1
- package/dist/roles.d.ts +36 -5
- package/dist/roles.d.ts.map +1 -1
- package/dist/roles.js +39 -5
- package/dist/roles.js.map +1 -1
- package/dist/types.d.ts +4 -10
- package/dist/types.d.ts.map +1 -1
- package/package.json +1 -1
package/dist/onboarding.d.ts
CHANGED
|
@@ -36,7 +36,7 @@ export interface OnboardingRedirectParams {
|
|
|
36
36
|
appBaseUrl: string;
|
|
37
37
|
/**
|
|
38
38
|
* Logto directSignIn connector to use when the user comes back
|
|
39
|
-
* from onboarding (e.g.
|
|
39
|
+
* from onboarding (e.g. CONNECTOR_MYGOVID). Optional.
|
|
40
40
|
*/
|
|
41
41
|
connector?: string;
|
|
42
42
|
}
|
package/dist/react/index.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
export { buildOnboardingRedirectUrl, buildWrongLoginMethodRedirect, CLEAR_SESSION_PATH, ONBOARDING_PATH, ONBOARDING_SOURCE_PARAM, WRONG_LOGIN_METHOD_PATH, WRONG_LOGIN_RETURN_URL_PARAM, } from "../onboarding";
|
|
2
|
-
export { ALLOWED_SIGNIN_METHODS, CONNECTOR_ENTRAID, CONNECTOR_MYGOVID, DEFAULT_PUBLIC_SERVANT_ROLES, isCitizen, isCitizenOnboarded, isInactivePublicServant, isPublicServant, ORG_ROLE_ADMIN, ORG_ROLE_MEMBER, } from "../roles";
|
|
2
|
+
export { ALLOWED_SIGNIN_METHODS, CONNECTOR_ENTRAID, CONNECTOR_MYGOVID, DEFAULT_PUBLIC_SERVANT_ROLES, isCitizen, isCitizenByRole, isCitizenOnboarded, isInactivePublicServant, isPublicServant, ORG_ROLE_ADMIN, ORG_ROLE_MEMBER, ROLE_NAME_CITIZEN, ROLE_NAME_ONBOARDED_CITIZEN, } from "../roles";
|
|
3
3
|
export type { ActorType, AuthClaims, GatewayFetchOptions, GatewayMutationOptions, MutationMethod, OrganizationInfo, SignInOptions, UseAuthResult, } from "../types";
|
|
4
4
|
export { ACTOR_TYPE_HEADER, ORGANIZATION_ID_HEADER, SagFetchError, } from "../types";
|
|
5
5
|
export { SagClientProvider, useSagClient } from "./provider";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/react/index.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,0BAA0B,EAC1B,6BAA6B,EAC7B,kBAAkB,EAClB,eAAe,EACf,uBAAuB,EACvB,uBAAuB,EACvB,4BAA4B,GAC7B,MAAM,eAAe,CAAA;AAEtB,OAAO,EACL,sBAAsB,EACtB,iBAAiB,EACjB,iBAAiB,EACjB,4BAA4B,EAC5B,SAAS,EACT,kBAAkB,EAClB,uBAAuB,EACvB,eAAe,EACf,cAAc,EACd,eAAe,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/react/index.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,0BAA0B,EAC1B,6BAA6B,EAC7B,kBAAkB,EAClB,eAAe,EACf,uBAAuB,EACvB,uBAAuB,EACvB,4BAA4B,GAC7B,MAAM,eAAe,CAAA;AAEtB,OAAO,EACL,sBAAsB,EACtB,iBAAiB,EACjB,iBAAiB,EACjB,4BAA4B,EAC5B,SAAS,EACT,eAAe,EACf,kBAAkB,EAClB,uBAAuB,EACvB,eAAe,EACf,cAAc,EACd,eAAe,EACf,iBAAiB,EACjB,2BAA2B,GAC5B,MAAM,UAAU,CAAA;AAEjB,YAAY,EACV,SAAS,EACT,UAAU,EACV,mBAAmB,EACnB,sBAAsB,EACtB,cAAc,EACd,gBAAgB,EAChB,aAAa,EACb,aAAa,GACd,MAAM,UAAU,CAAA;AACjB,OAAO,EACL,iBAAiB,EACjB,sBAAsB,EACtB,aAAa,GACd,MAAM,UAAU,CAAA;AACjB,OAAO,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AAE5D,OAAO,EAAE,OAAO,EAAE,MAAM,YAAY,CAAA;AACpC,YAAY,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAA;AACjE,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAA;AACrD,YAAY,EAAE,yBAAyB,EAAE,MAAM,wBAAwB,CAAA;AACvE,OAAO,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAA;AAC3D,YAAY,EACV,yBAAyB,EACzB,wBAAwB,GACzB,MAAM,wBAAwB,CAAA;AAE/B,OAAO,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAA;AAC3D,YAAY,EACV,4BAA4B,EAC5B,2BAA2B,GAC5B,MAAM,4BAA4B,CAAA;AAEnC,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAA"}
|
package/dist/react/index.js
CHANGED
|
@@ -2,14 +2,14 @@
|
|
|
2
2
|
// ── Re-export onboarding helpers for convenience ────────────
|
|
3
3
|
export { buildOnboardingRedirectUrl, buildWrongLoginMethodRedirect, CLEAR_SESSION_PATH, ONBOARDING_PATH, ONBOARDING_SOURCE_PARAM, WRONG_LOGIN_METHOD_PATH, WRONG_LOGIN_RETURN_URL_PARAM, } from "../onboarding";
|
|
4
4
|
// ── Re-export role detection utilities for convenience ──────
|
|
5
|
-
export { ALLOWED_SIGNIN_METHODS, CONNECTOR_ENTRAID, CONNECTOR_MYGOVID, DEFAULT_PUBLIC_SERVANT_ROLES, isCitizen, isCitizenOnboarded, isInactivePublicServant, isPublicServant, ORG_ROLE_ADMIN, ORG_ROLE_MEMBER, } from "../roles";
|
|
5
|
+
export { ALLOWED_SIGNIN_METHODS, CONNECTOR_ENTRAID, CONNECTOR_MYGOVID, DEFAULT_PUBLIC_SERVANT_ROLES, isCitizen, isCitizenByRole, isCitizenOnboarded, isInactivePublicServant, isPublicServant, ORG_ROLE_ADMIN, ORG_ROLE_MEMBER, ROLE_NAME_CITIZEN, ROLE_NAME_ONBOARDED_CITIZEN, } from "../roles";
|
|
6
6
|
export { ACTOR_TYPE_HEADER, ORGANIZATION_ID_HEADER, SagFetchError, } from "../types";
|
|
7
7
|
export { SagClientProvider, useSagClient } from "./provider";
|
|
8
8
|
// ── Hooks ────────────────────────────────────────────────────
|
|
9
9
|
export { useAuth } from "./use-auth";
|
|
10
10
|
export { useGatewayFetch } from "./use-gateway-fetch";
|
|
11
11
|
export { useGatewayMutation } from "./use-gateway-mutation";
|
|
12
|
-
// ── Onboarding guard
|
|
12
|
+
// ── Onboarding guard (includes citizen check + PS redirect) ──
|
|
13
13
|
export { useOnboardingGuard } from "./use-onboarding-guard";
|
|
14
14
|
// ── Public servant guard ─────────────────────────────────────
|
|
15
15
|
export { usePublicServantGuard } from "./use-public-servant-guard";
|
package/dist/react/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/react/index.ts"],"names":[],"mappings":"AAAA,gEAAgE;AAEhE,+DAA+D;AAC/D,OAAO,EACL,0BAA0B,EAC1B,6BAA6B,EAC7B,kBAAkB,EAClB,eAAe,EACf,uBAAuB,EACvB,uBAAuB,EACvB,4BAA4B,GAC7B,MAAM,eAAe,CAAA;AACtB,+DAA+D;AAC/D,OAAO,EACL,sBAAsB,EACtB,iBAAiB,EACjB,iBAAiB,EACjB,4BAA4B,EAC5B,SAAS,EACT,kBAAkB,EAClB,uBAAuB,EACvB,eAAe,EACf,cAAc,EACd,eAAe,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/react/index.ts"],"names":[],"mappings":"AAAA,gEAAgE;AAEhE,+DAA+D;AAC/D,OAAO,EACL,0BAA0B,EAC1B,6BAA6B,EAC7B,kBAAkB,EAClB,eAAe,EACf,uBAAuB,EACvB,uBAAuB,EACvB,4BAA4B,GAC7B,MAAM,eAAe,CAAA;AACtB,+DAA+D;AAC/D,OAAO,EACL,sBAAsB,EACtB,iBAAiB,EACjB,iBAAiB,EACjB,4BAA4B,EAC5B,SAAS,EACT,eAAe,EACf,kBAAkB,EAClB,uBAAuB,EACvB,eAAe,EACf,cAAc,EACd,eAAe,EACf,iBAAiB,EACjB,2BAA2B,GAC5B,MAAM,UAAU,CAAA;AAYjB,OAAO,EACL,iBAAiB,EACjB,sBAAsB,EACtB,aAAa,GACd,MAAM,UAAU,CAAA;AACjB,OAAO,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AAC5D,gEAAgE;AAChE,OAAO,EAAE,OAAO,EAAE,MAAM,YAAY,CAAA;AAEpC,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAA;AAErD,OAAO,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAA;AAK3D,gEAAgE;AAChE,OAAO,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAA;AAK3D,gEAAgE;AAChE,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAA"}
|
|
@@ -9,16 +9,19 @@ export interface UseOnboardingGuardOptions {
|
|
|
9
9
|
*/
|
|
10
10
|
appBaseUrl: string;
|
|
11
11
|
/**
|
|
12
|
-
*
|
|
13
|
-
*
|
|
12
|
+
* When set, authenticated users who are NOT citizens (i.e. public servants
|
|
13
|
+
* of any kind) are redirected here immediately, before any other check.
|
|
14
14
|
*
|
|
15
|
-
*
|
|
16
|
-
*
|
|
15
|
+
* Use for citizen-only apps that have a companion admin app.
|
|
16
|
+
* The check is based on `organization_roles`: any user with org membership
|
|
17
|
+
* is treated as a PS (active or inactive); citizens have zero org roles.
|
|
18
|
+
*
|
|
19
|
+
* @example publicServantRedirectUrl: "https://admin.example.com"
|
|
17
20
|
*/
|
|
18
|
-
|
|
21
|
+
publicServantRedirectUrl?: string;
|
|
19
22
|
/**
|
|
20
23
|
* Logto `directSignIn` connector to use when the user comes back
|
|
21
|
-
* from onboarding (e.g.
|
|
24
|
+
* from onboarding (e.g. CONNECTOR_MYGOVID). Optional.
|
|
22
25
|
*/
|
|
23
26
|
connector?: string;
|
|
24
27
|
/**
|
|
@@ -47,41 +50,52 @@ export interface UseOnboardingGuardResult {
|
|
|
47
50
|
resolved: boolean;
|
|
48
51
|
}
|
|
49
52
|
/**
|
|
50
|
-
*
|
|
53
|
+
* Login / onboarding guard hook for citizen-facing applications.
|
|
51
54
|
*
|
|
52
55
|
* Must be used within a `SagClientProvider`. Internally calls
|
|
53
56
|
* `useAuth()` for auth state and `useSagClient()` for the gateway
|
|
54
57
|
* URL and app name.
|
|
55
58
|
*
|
|
56
|
-
* **Behaviour:**
|
|
59
|
+
* **Behaviour (in order):**
|
|
57
60
|
*
|
|
58
|
-
* 1. If the user is not
|
|
59
|
-
* 2. If
|
|
60
|
-
*
|
|
61
|
-
*
|
|
62
|
-
*
|
|
63
|
-
* 4. If
|
|
61
|
+
* 1. If the user is not authenticated → resolved (let sign-in render).
|
|
62
|
+
* 2. If `publicServantRedirectUrl` is set and the user has org membership
|
|
63
|
+
* (`organization_roles.length > 0`) → redirect to `publicServantRedirectUrl`.
|
|
64
|
+
* 3. If the user is a PS and no redirect is configured →
|
|
65
|
+
* resolved (pass-through for PS on non-citizen-locked apps).
|
|
66
|
+
* 4. If the user signed in with a wrong method → redirect to the
|
|
67
|
+
* profile service's error page.
|
|
68
|
+
* 5. If the user is onboarded → resolved.
|
|
69
|
+
* 6. If a redirect happened less than `debounceMs` ago → resolved
|
|
64
70
|
* (prevents infinite loops).
|
|
65
|
-
*
|
|
71
|
+
* 7. If the user is a citizen who has not completed onboarding →
|
|
66
72
|
* invalidate the server session and redirect to the profile
|
|
67
73
|
* service's onboarding page.
|
|
68
74
|
*
|
|
69
|
-
*
|
|
70
|
-
*
|
|
71
|
-
*
|
|
75
|
+
* The citizen check uses `organization_roles` (not user-level `roles`),
|
|
76
|
+
* so it correctly handles dev environments where the same account holds
|
|
77
|
+
* both a citizen role and PS org membership.
|
|
72
78
|
*
|
|
73
79
|
* @example
|
|
74
80
|
* ```tsx
|
|
81
|
+
* // Citizen-only app with a companion admin app:
|
|
75
82
|
* function Shell({ children }) {
|
|
76
|
-
* // publicServantRoles defaults to DEFAULT_PUBLIC_SERVANT_ROLES
|
|
77
|
-
* // (["Organisation Admin", "Organisation Member"])
|
|
78
83
|
* const { resolved } = useOnboardingGuard({
|
|
79
84
|
* profileUrl: "http://localhost:3001",
|
|
80
85
|
* appBaseUrl: "http://localhost:3000",
|
|
86
|
+
* publicServantRedirectUrl: "http://localhost:3022",
|
|
81
87
|
* connector: CONNECTOR_MYGOVID,
|
|
82
88
|
* })
|
|
83
|
-
*
|
|
89
|
+
* if (!resolved) return <Loading />
|
|
90
|
+
* return user ? <App>{children}</App> : <SignInButton />
|
|
91
|
+
* }
|
|
84
92
|
*
|
|
93
|
+
* // Citizen-only app without a companion admin app:
|
|
94
|
+
* function Shell({ children }) {
|
|
95
|
+
* const { resolved } = useOnboardingGuard({
|
|
96
|
+
* profileUrl: "http://localhost:3001",
|
|
97
|
+
* appBaseUrl: "http://localhost:3000",
|
|
98
|
+
* })
|
|
85
99
|
* if (!resolved) return <Loading />
|
|
86
100
|
* return user ? <App>{children}</App> : <SignInButton />
|
|
87
101
|
* }
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"use-onboarding-guard.d.ts","sourceRoot":"","sources":["../../src/react/use-onboarding-guard.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"use-onboarding-guard.d.ts","sourceRoot":"","sources":["../../src/react/use-onboarding-guard.ts"],"names":[],"mappings":"AAkBA,iDAAiD;AACjD,MAAM,WAAW,yBAAyB;IACxC,qEAAqE;IACrE,UAAU,EAAE,MAAM,CAAA;IAElB;;;;OAIG;IACH,UAAU,EAAE,MAAM,CAAA;IAElB;;;;;;;;;OASG;IACH,wBAAwB,CAAC,EAAE,MAAM,CAAA;IAEjC;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAA;IAElB;;;;;;OAMG;IACH,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB;AAED,4CAA4C;AAC5C,MAAM,WAAW,wBAAwB;IACvC;;;;;;;;;;;OAWG;IACH,QAAQ,EAAE,OAAO,CAAA;CAClB;AAID;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmDG;AACH,wBAAgB,kBAAkB,CAChC,OAAO,EAAE,yBAAyB,GACjC,wBAAwB,CAuG1B"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
"use client";
|
|
2
2
|
import { useEffect, useRef, useState } from "react";
|
|
3
3
|
import { buildOnboardingRedirectUrl, buildWrongLoginMethodRedirect, } from "../onboarding";
|
|
4
|
-
import { ALLOWED_SIGNIN_METHODS,
|
|
4
|
+
import { ALLOWED_SIGNIN_METHODS, isCitizenOnboarded } from "../roles";
|
|
5
5
|
import { useSagClient } from "./provider";
|
|
6
6
|
import { useAuth } from "./use-auth";
|
|
7
7
|
// ── Constants ───────────────────────────────────────────────
|
|
@@ -9,81 +9,89 @@ const ONBOARDING_STORAGE_KEY = "sag_onboarding_ts";
|
|
|
9
9
|
const DEFAULT_DEBOUNCE_MS = 30000; // 30 seconds
|
|
10
10
|
// ── Hook ────────────────────────────────────────────────────
|
|
11
11
|
/**
|
|
12
|
-
*
|
|
12
|
+
* Login / onboarding guard hook for citizen-facing applications.
|
|
13
13
|
*
|
|
14
14
|
* Must be used within a `SagClientProvider`. Internally calls
|
|
15
15
|
* `useAuth()` for auth state and `useSagClient()` for the gateway
|
|
16
16
|
* URL and app name.
|
|
17
17
|
*
|
|
18
|
-
* **Behaviour:**
|
|
18
|
+
* **Behaviour (in order):**
|
|
19
19
|
*
|
|
20
|
-
* 1. If the user is not
|
|
21
|
-
* 2. If
|
|
22
|
-
*
|
|
23
|
-
*
|
|
24
|
-
*
|
|
25
|
-
* 4. If
|
|
20
|
+
* 1. If the user is not authenticated → resolved (let sign-in render).
|
|
21
|
+
* 2. If `publicServantRedirectUrl` is set and the user has org membership
|
|
22
|
+
* (`organization_roles.length > 0`) → redirect to `publicServantRedirectUrl`.
|
|
23
|
+
* 3. If the user is a PS and no redirect is configured →
|
|
24
|
+
* resolved (pass-through for PS on non-citizen-locked apps).
|
|
25
|
+
* 4. If the user signed in with a wrong method → redirect to the
|
|
26
|
+
* profile service's error page.
|
|
27
|
+
* 5. If the user is onboarded → resolved.
|
|
28
|
+
* 6. If a redirect happened less than `debounceMs` ago → resolved
|
|
26
29
|
* (prevents infinite loops).
|
|
27
|
-
*
|
|
30
|
+
* 7. If the user is a citizen who has not completed onboarding →
|
|
28
31
|
* invalidate the server session and redirect to the profile
|
|
29
32
|
* service's onboarding page.
|
|
30
33
|
*
|
|
31
|
-
*
|
|
32
|
-
*
|
|
33
|
-
*
|
|
34
|
+
* The citizen check uses `organization_roles` (not user-level `roles`),
|
|
35
|
+
* so it correctly handles dev environments where the same account holds
|
|
36
|
+
* both a citizen role and PS org membership.
|
|
34
37
|
*
|
|
35
38
|
* @example
|
|
36
39
|
* ```tsx
|
|
40
|
+
* // Citizen-only app with a companion admin app:
|
|
37
41
|
* function Shell({ children }) {
|
|
38
|
-
* // publicServantRoles defaults to DEFAULT_PUBLIC_SERVANT_ROLES
|
|
39
|
-
* // (["Organisation Admin", "Organisation Member"])
|
|
40
42
|
* const { resolved } = useOnboardingGuard({
|
|
41
43
|
* profileUrl: "http://localhost:3001",
|
|
42
44
|
* appBaseUrl: "http://localhost:3000",
|
|
45
|
+
* publicServantRedirectUrl: "http://localhost:3022",
|
|
43
46
|
* connector: CONNECTOR_MYGOVID,
|
|
44
47
|
* })
|
|
45
|
-
*
|
|
48
|
+
* if (!resolved) return <Loading />
|
|
49
|
+
* return user ? <App>{children}</App> : <SignInButton />
|
|
50
|
+
* }
|
|
46
51
|
*
|
|
52
|
+
* // Citizen-only app without a companion admin app:
|
|
53
|
+
* function Shell({ children }) {
|
|
54
|
+
* const { resolved } = useOnboardingGuard({
|
|
55
|
+
* profileUrl: "http://localhost:3001",
|
|
56
|
+
* appBaseUrl: "http://localhost:3000",
|
|
57
|
+
* })
|
|
47
58
|
* if (!resolved) return <Loading />
|
|
48
59
|
* return user ? <App>{children}</App> : <SignInButton />
|
|
49
60
|
* }
|
|
50
61
|
* ```
|
|
51
62
|
*/
|
|
52
63
|
export function useOnboardingGuard(options) {
|
|
53
|
-
const { profileUrl, appBaseUrl,
|
|
54
|
-
// Keep the roles in a ref so the effect dependency list stays stable.
|
|
55
|
-
// A new array reference from the caller (or the default spread) won't
|
|
56
|
-
// re-trigger the effect — only the ref's `.current` is read inside.
|
|
57
|
-
const rolesRef = useRef(publicServantRoles !== null && publicServantRoles !== void 0 ? publicServantRoles : [...DEFAULT_PUBLIC_SERVANT_ROLES]);
|
|
58
|
-
rolesRef.current = publicServantRoles !== null && publicServantRoles !== void 0 ? publicServantRoles : [...DEFAULT_PUBLIC_SERVANT_ROLES];
|
|
64
|
+
const { profileUrl, appBaseUrl, publicServantRedirectUrl, connector, debounceMs = DEFAULT_DEBOUNCE_MS, } = options;
|
|
59
65
|
const client = useSagClient();
|
|
60
66
|
const { user, claims, loading, invalidateSession } = useAuth();
|
|
61
67
|
const [resolved, setResolved] = useState(false);
|
|
62
|
-
// Once we've started redirecting (invalidate + location change),
|
|
63
|
-
// never allow resolved to flip back to true — even if the effect
|
|
64
|
-
// re-fires before the browser finishes navigating.
|
|
65
68
|
const redirectingRef = useRef(false);
|
|
66
69
|
useEffect(() => {
|
|
67
|
-
var _a;
|
|
68
70
|
if (loading)
|
|
69
71
|
return;
|
|
70
72
|
if (redirectingRef.current)
|
|
71
73
|
return;
|
|
72
|
-
// Not authenticated — no
|
|
74
|
+
// 1. Not authenticated — no checks needed
|
|
73
75
|
if (!user || !claims) {
|
|
74
76
|
setResolved(true);
|
|
75
77
|
return;
|
|
76
78
|
}
|
|
77
|
-
|
|
78
|
-
//
|
|
79
|
-
//
|
|
80
|
-
|
|
79
|
+
// A user with any org membership is a PS (active or inactive).
|
|
80
|
+
// Citizens have zero org roles. This correctly handles dev users who
|
|
81
|
+
// hold both a "citizen" user-role and PS org roles simultaneously.
|
|
82
|
+
const isACitizen = claims.organization_roles.length === 0;
|
|
83
|
+
// 2. Not a citizen (public servant of any kind)
|
|
84
|
+
if (!isACitizen) {
|
|
85
|
+
if (publicServantRedirectUrl) {
|
|
86
|
+
redirectingRef.current = true;
|
|
87
|
+
window.location.href = publicServantRedirectUrl;
|
|
88
|
+
return;
|
|
89
|
+
}
|
|
90
|
+
// No redirect configured — let them through
|
|
81
91
|
setResolved(true);
|
|
82
92
|
return;
|
|
83
93
|
}
|
|
84
|
-
//
|
|
85
|
-
// onboarded ones) to enforce that citizens always use MyGovID.
|
|
86
|
-
// This mirrors the original authorisation package's ordering.
|
|
94
|
+
// 3. Wrong login method — checked for ALL citizens (including onboarded)
|
|
87
95
|
const signinMethod = claims.signinMethod;
|
|
88
96
|
if (signinMethod &&
|
|
89
97
|
!ALLOWED_SIGNIN_METHODS.includes(signinMethod)) {
|
|
@@ -95,21 +103,19 @@ export function useOnboardingGuard(options) {
|
|
|
95
103
|
});
|
|
96
104
|
return;
|
|
97
105
|
}
|
|
98
|
-
//
|
|
106
|
+
// 4. Citizen who has completed onboarding — clear debounce, proceed
|
|
99
107
|
if (isCitizenOnboarded(claims.roles)) {
|
|
100
108
|
sessionStorage.removeItem(ONBOARDING_STORAGE_KEY);
|
|
101
109
|
setResolved(true);
|
|
102
110
|
return;
|
|
103
111
|
}
|
|
104
|
-
//
|
|
112
|
+
// 5. Debounce — if we recently redirected, don't loop
|
|
105
113
|
const lastTs = Number(sessionStorage.getItem(ONBOARDING_STORAGE_KEY) || "0");
|
|
106
114
|
if (Date.now() - lastTs < debounceMs) {
|
|
107
115
|
setResolved(true);
|
|
108
116
|
return;
|
|
109
117
|
}
|
|
110
|
-
//
|
|
111
|
-
// Lock the guard immediately so no subsequent effect run can
|
|
112
|
-
// set resolved=true and allow children to render.
|
|
118
|
+
// 6. Citizen not onboarded — invalidate session and redirect.
|
|
113
119
|
redirectingRef.current = true;
|
|
114
120
|
sessionStorage.setItem(ONBOARDING_STORAGE_KEY, String(Date.now()));
|
|
115
121
|
const url = buildOnboardingRedirectUrl({
|
|
@@ -130,6 +136,7 @@ export function useOnboardingGuard(options) {
|
|
|
130
136
|
invalidateSession,
|
|
131
137
|
profileUrl,
|
|
132
138
|
appBaseUrl,
|
|
139
|
+
publicServantRedirectUrl,
|
|
133
140
|
connector,
|
|
134
141
|
debounceMs,
|
|
135
142
|
client.gatewayUrl,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"use-onboarding-guard.js","sourceRoot":"","sources":["../../src/react/use-onboarding-guard.ts"],"names":[],"mappings":"AAAA,YAAY,CAAA;AAEZ,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAA;AACnD,OAAO,EACL,0BAA0B,EAC1B,6BAA6B,GAC9B,MAAM,eAAe,CAAA;AACtB,OAAO,
|
|
1
|
+
{"version":3,"file":"use-onboarding-guard.js","sourceRoot":"","sources":["../../src/react/use-onboarding-guard.ts"],"names":[],"mappings":"AAAA,YAAY,CAAA;AAEZ,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAA;AACnD,OAAO,EACL,0BAA0B,EAC1B,6BAA6B,GAC9B,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAA;AACrE,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AACzC,OAAO,EAAE,OAAO,EAAE,MAAM,YAAY,CAAA;AAEpC,+DAA+D;AAE/D,MAAM,sBAAsB,GAAG,mBAAmB,CAAA;AAClD,MAAM,mBAAmB,GAAG,KAAM,CAAA,CAAC,aAAa;AA6DhD,+DAA+D;AAE/D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmDG;AACH,MAAM,UAAU,kBAAkB,CAChC,OAAkC;IAElC,MAAM,EACJ,UAAU,EACV,UAAU,EACV,wBAAwB,EACxB,SAAS,EACT,UAAU,GAAG,mBAAmB,GACjC,GAAG,OAAO,CAAA;IAEX,MAAM,MAAM,GAAG,YAAY,EAAE,CAAA;IAC7B,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,iBAAiB,EAAE,GAAG,OAAO,EAAE,CAAA;IAE9D,MAAM,CAAC,QAAQ,EAAE,WAAW,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;IAE/C,MAAM,cAAc,GAAG,MAAM,CAAC,KAAK,CAAC,CAAA;IAEpC,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,OAAO;YAAE,OAAM;QACnB,IAAI,cAAc,CAAC,OAAO;YAAE,OAAM;QAElC,0CAA0C;QAC1C,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YACrB,WAAW,CAAC,IAAI,CAAC,CAAA;YACjB,OAAM;QACR,CAAC;QAED,+DAA+D;QAC/D,qEAAqE;QACrE,mEAAmE;QACnE,MAAM,UAAU,GAAG,MAAM,CAAC,kBAAkB,CAAC,MAAM,KAAK,CAAC,CAAA;QAEzD,gDAAgD;QAChD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,IAAI,wBAAwB,EAAE,CAAC;gBAC7B,cAAc,CAAC,OAAO,GAAG,IAAI,CAAA;gBAC7B,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,wBAAwB,CAAA;gBAC/C,OAAM;YACR,CAAC;YACD,4CAA4C;YAC5C,WAAW,CAAC,IAAI,CAAC,CAAA;YACjB,OAAM;QACR,CAAC;QAED,yEAAyE;QACzE,MAAM,YAAY,GAAG,MAAM,CAAC,YAAY,CAAA;QACxC,IACE,YAAY;YACZ,CAAE,sBAA4C,CAAC,QAAQ,CAAC,YAAY,CAAC,EACrE,CAAC;YACD,cAAc,CAAC,OAAO,GAAG,IAAI,CAAA;YAC7B,cAAc,CAAC,OAAO,CAAC,sBAAsB,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAA;YAClE,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,6BAA6B,CAAC;gBACnD,UAAU;gBACV,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;aACjC,CAAC,CAAA;YACF,OAAM;QACR,CAAC;QAED,oEAAoE;QACpE,IAAI,kBAAkB,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;YACrC,cAAc,CAAC,UAAU,CAAC,sBAAsB,CAAC,CAAA;YACjD,WAAW,CAAC,IAAI,CAAC,CAAA;YACjB,OAAM;QACR,CAAC;QAED,sDAAsD;QACtD,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,sBAAsB,CAAC,IAAI,GAAG,CAAC,CAAA;QAC5E,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,GAAG,UAAU,EAAE,CAAC;YACrC,WAAW,CAAC,IAAI,CAAC,CAAA;YACjB,OAAM;QACR,CAAC;QAED,8DAA8D;QAC9D,cAAc,CAAC,OAAO,GAAG,IAAI,CAAA;QAC7B,cAAc,CAAC,OAAO,CAAC,sBAAsB,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAA;QAElE,MAAM,GAAG,GAAG,0BAA0B,CAAC;YACrC,UAAU;YACV,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;YACrC,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,UAAU;YACV,SAAS;SACV,CAAC,CAAA;QAEF,iBAAiB,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE;YAC5B,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAA;QAC5B,CAAC,CAAC,CAAA;IACJ,CAAC,EAAE;QACD,OAAO;QACP,IAAI;QACJ,MAAM;QACN,iBAAiB;QACjB,UAAU;QACV,UAAU;QACV,wBAAwB;QACxB,SAAS;QACT,UAAU;QACV,MAAM,CAAC,UAAU;QACjB,MAAM,CAAC,OAAO;KACf,CAAC,CAAA;IAEF,OAAO,EAAE,QAAQ,EAAE,CAAA;AACrB,CAAC"}
|
package/dist/roles.d.ts
CHANGED
|
@@ -8,13 +8,27 @@
|
|
|
8
8
|
*/
|
|
9
9
|
/** Default organization role string for inactive public servants. */
|
|
10
10
|
export declare const INACTIVE_PS_ORG_ROLE = "inactive-ps-org:Inactive Public Servant";
|
|
11
|
+
/** Logto role name assigned to a citizen at registration (before onboarding). */
|
|
12
|
+
export declare const ROLE_NAME_CITIZEN = "citizen";
|
|
11
13
|
/** Default Logto role name assigned after citizen onboarding. */
|
|
12
14
|
export declare const ROLE_NAME_ONBOARDED_CITIZEN = "Onboarded citizen";
|
|
13
|
-
/**
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
15
|
+
/**
|
|
16
|
+
* Logto directSignIn value for MyGovID social connector.
|
|
17
|
+
* Must match the connector's `target` (Identity provider name) in Logto,
|
|
18
|
+
* NOT the connector `id`.
|
|
19
|
+
*/
|
|
20
|
+
export declare const CONNECTOR_MYGOVID = "social:MyGovId (MyGovId connector)";
|
|
21
|
+
/**
|
|
22
|
+
* Logto directSignIn value for Entra ID social connector.
|
|
23
|
+
* Must match the connector's `target` (Identity provider name) in Logto,
|
|
24
|
+
* NOT the connector `id`.
|
|
25
|
+
*/
|
|
26
|
+
export declare const CONNECTOR_ENTRAID = "social:OGCIO EntraID";
|
|
27
|
+
/**
|
|
28
|
+
* Sign-in methods that are considered valid for citizen flows.
|
|
29
|
+
* These use connector `id` (not `target`) because the custom JWT claim
|
|
30
|
+
* `signInMethod` is built from `record.connectorId`.
|
|
31
|
+
*/
|
|
18
32
|
export declare const ALLOWED_SIGNIN_METHODS: readonly ["social:mygovid"];
|
|
19
33
|
/** Organisation role name for organisation administrators. */
|
|
20
34
|
export declare const ORG_ROLE_ADMIN = "Organisation Admin";
|
|
@@ -57,6 +71,23 @@ export declare function isPublicServant(orgRoles: string[] | null | undefined, e
|
|
|
57
71
|
* servant nor an active public servant.
|
|
58
72
|
*/
|
|
59
73
|
export declare function isCitizen(orgRoles: string[] | null | undefined, expectedPublicServantRoles: string[]): boolean;
|
|
74
|
+
/**
|
|
75
|
+
* Check whether the user is a citizen (active or inactive) based on the
|
|
76
|
+
* ID-token `roles` claim — without needing to know any app-specific
|
|
77
|
+
* public-servant role names.
|
|
78
|
+
*
|
|
79
|
+
* A user is a citizen when their `roles` includes either the pre-onboarding
|
|
80
|
+
* citizen role (`"citizen"`) or the onboarded-citizen role (`"Onboarded citizen"`).
|
|
81
|
+
* Anyone without either role is considered a public servant (of any kind).
|
|
82
|
+
*
|
|
83
|
+
* Prefer this over `isCitizen(orgRoles, expectedRoles)` for citizen-facing
|
|
84
|
+
* apps, as it is universal across all applications.
|
|
85
|
+
*
|
|
86
|
+
* @param roles `roles` claim from the ID token.
|
|
87
|
+
* @param citizenRoleName Override the default citizen role name.
|
|
88
|
+
* @param onboardedRoleName Override the default onboarded-citizen role name.
|
|
89
|
+
*/
|
|
90
|
+
export declare function isCitizenByRole(roles: string[] | null | undefined, citizenRoleName?: string, onboardedRoleName?: string): boolean;
|
|
60
91
|
/**
|
|
61
92
|
* Check whether the citizen has completed onboarding.
|
|
62
93
|
*
|
package/dist/roles.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"roles.d.ts","sourceRoot":"","sources":["../src/roles.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,qEAAqE;AACrE,eAAO,MAAM,oBAAoB,4CAA4C,CAAA;AAE7E,iEAAiE;AACjE,eAAO,MAAM,2BAA2B,sBAAsB,CAAA;AAE9D
|
|
1
|
+
{"version":3,"file":"roles.d.ts","sourceRoot":"","sources":["../src/roles.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,qEAAqE;AACrE,eAAO,MAAM,oBAAoB,4CAA4C,CAAA;AAE7E,iFAAiF;AACjF,eAAO,MAAM,iBAAiB,YAAY,CAAA;AAE1C,iEAAiE;AACjE,eAAO,MAAM,2BAA2B,sBAAsB,CAAA;AAE9D;;;;GAIG;AACH,eAAO,MAAM,iBAAiB,uCAAuC,CAAA;AAErE;;;;GAIG;AACH,eAAO,MAAM,iBAAiB,yBAAyB,CAAA;AAEvD;;;;GAIG;AACH,eAAO,MAAM,sBAAsB,6BAA8B,CAAA;AAQjE,8DAA8D;AAC9D,eAAO,MAAM,cAAc,uBAAuB,CAAA;AAElD,+DAA+D;AAC/D,eAAO,MAAM,eAAe,wBAAwB,CAAA;AAEpD;;;;;;;;GAQG;AACH,eAAO,MAAM,4BAA4B,wDAG/B,CAAA;AAIV;;;;;;GAMG;AACH,wBAAgB,uBAAuB,CACrC,QAAQ,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,SAAS,EACrC,eAAe,GAAE,MAA6B,GAC7C,OAAO,CAET;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,eAAe,CAC7B,QAAQ,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,SAAS,EACrC,aAAa,EAAE,MAAM,EAAE,GACtB,OAAO,CAMT;AAED;;;;;GAKG;AACH,wBAAgB,SAAS,CACvB,QAAQ,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,SAAS,EACrC,0BAA0B,EAAE,MAAM,EAAE,GACnC,OAAO,CAKT;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,eAAe,CAC7B,KAAK,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,SAAS,EAClC,eAAe,GAAE,MAA0B,EAC3C,iBAAiB,GAAE,MAAoC,GACtD,OAAO,CAKT;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAChC,KAAK,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,SAAS,EAClC,iBAAiB,GAAE,MAAoC,GACtD,OAAO,CAET"}
|
package/dist/roles.js
CHANGED
|
@@ -9,13 +9,27 @@
|
|
|
9
9
|
// ── Constants (configurable defaults) ───────────────────────
|
|
10
10
|
/** Default organization role string for inactive public servants. */
|
|
11
11
|
export const INACTIVE_PS_ORG_ROLE = "inactive-ps-org:Inactive Public Servant";
|
|
12
|
+
/** Logto role name assigned to a citizen at registration (before onboarding). */
|
|
13
|
+
export const ROLE_NAME_CITIZEN = "citizen";
|
|
12
14
|
/** Default Logto role name assigned after citizen onboarding. */
|
|
13
15
|
export const ROLE_NAME_ONBOARDED_CITIZEN = "Onboarded citizen";
|
|
14
|
-
/**
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
16
|
+
/**
|
|
17
|
+
* Logto directSignIn value for MyGovID social connector.
|
|
18
|
+
* Must match the connector's `target` (Identity provider name) in Logto,
|
|
19
|
+
* NOT the connector `id`.
|
|
20
|
+
*/
|
|
21
|
+
export const CONNECTOR_MYGOVID = "social:MyGovId (MyGovId connector)";
|
|
22
|
+
/**
|
|
23
|
+
* Logto directSignIn value for Entra ID social connector.
|
|
24
|
+
* Must match the connector's `target` (Identity provider name) in Logto,
|
|
25
|
+
* NOT the connector `id`.
|
|
26
|
+
*/
|
|
27
|
+
export const CONNECTOR_ENTRAID = "social:OGCIO EntraID";
|
|
28
|
+
/**
|
|
29
|
+
* Sign-in methods that are considered valid for citizen flows.
|
|
30
|
+
* These use connector `id` (not `target`) because the custom JWT claim
|
|
31
|
+
* `signInMethod` is built from `record.connectorId`.
|
|
32
|
+
*/
|
|
19
33
|
export const ALLOWED_SIGNIN_METHODS = ["social:mygovid"];
|
|
20
34
|
// ── Common public-servant organisation role names ───────────
|
|
21
35
|
//
|
|
@@ -80,6 +94,26 @@ export function isCitizen(orgRoles, expectedPublicServantRoles) {
|
|
|
80
94
|
return !(isInactivePublicServant(orgRoles) ||
|
|
81
95
|
isPublicServant(orgRoles, expectedPublicServantRoles));
|
|
82
96
|
}
|
|
97
|
+
/**
|
|
98
|
+
* Check whether the user is a citizen (active or inactive) based on the
|
|
99
|
+
* ID-token `roles` claim — without needing to know any app-specific
|
|
100
|
+
* public-servant role names.
|
|
101
|
+
*
|
|
102
|
+
* A user is a citizen when their `roles` includes either the pre-onboarding
|
|
103
|
+
* citizen role (`"citizen"`) or the onboarded-citizen role (`"Onboarded citizen"`).
|
|
104
|
+
* Anyone without either role is considered a public servant (of any kind).
|
|
105
|
+
*
|
|
106
|
+
* Prefer this over `isCitizen(orgRoles, expectedRoles)` for citizen-facing
|
|
107
|
+
* apps, as it is universal across all applications.
|
|
108
|
+
*
|
|
109
|
+
* @param roles `roles` claim from the ID token.
|
|
110
|
+
* @param citizenRoleName Override the default citizen role name.
|
|
111
|
+
* @param onboardedRoleName Override the default onboarded-citizen role name.
|
|
112
|
+
*/
|
|
113
|
+
export function isCitizenByRole(roles, citizenRoleName = ROLE_NAME_CITIZEN, onboardedRoleName = ROLE_NAME_ONBOARDED_CITIZEN) {
|
|
114
|
+
var _a;
|
|
115
|
+
return ((_a = ((roles === null || roles === void 0 ? void 0 : roles.includes(citizenRoleName)) || (roles === null || roles === void 0 ? void 0 : roles.includes(onboardedRoleName)))) !== null && _a !== void 0 ? _a : false);
|
|
116
|
+
}
|
|
83
117
|
/**
|
|
84
118
|
* Check whether the citizen has completed onboarding.
|
|
85
119
|
*
|
package/dist/roles.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"roles.js","sourceRoot":"","sources":["../src/roles.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,+DAA+D;AAE/D,qEAAqE;AACrE,MAAM,CAAC,MAAM,oBAAoB,GAAG,yCAAyC,CAAA;AAE7E,iEAAiE;AACjE,MAAM,CAAC,MAAM,2BAA2B,GAAG,mBAAmB,CAAA;AAE9D
|
|
1
|
+
{"version":3,"file":"roles.js","sourceRoot":"","sources":["../src/roles.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,+DAA+D;AAE/D,qEAAqE;AACrE,MAAM,CAAC,MAAM,oBAAoB,GAAG,yCAAyC,CAAA;AAE7E,iFAAiF;AACjF,MAAM,CAAC,MAAM,iBAAiB,GAAG,SAAS,CAAA;AAE1C,iEAAiE;AACjE,MAAM,CAAC,MAAM,2BAA2B,GAAG,mBAAmB,CAAA;AAE9D;;;;GAIG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,oCAAoC,CAAA;AAErE;;;;GAIG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,sBAAsB,CAAA;AAEvD;;;;GAIG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,gBAAgB,CAAU,CAAA;AAEjE,+DAA+D;AAC/D,EAAE;AACF,mEAAmE;AACnE,kEAAkE;AAClE,8DAA8D;AAE9D,8DAA8D;AAC9D,MAAM,CAAC,MAAM,cAAc,GAAG,oBAAoB,CAAA;AAElD,+DAA+D;AAC/D,MAAM,CAAC,MAAM,eAAe,GAAG,qBAAqB,CAAA;AAEpD;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,4BAA4B,GAAG;IAC1C,cAAc;IACd,eAAe;CACP,CAAA;AAEV,+DAA+D;AAE/D;;;;;;GAMG;AACH,MAAM,UAAU,uBAAuB,CACrC,QAAqC,EACrC,kBAA0B,oBAAoB;;IAE9C,OAAO,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,QAAQ,CAAC,eAAe,CAAC,mCAAI,KAAK,CAAA;AACrD,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,eAAe,CAC7B,QAAqC,EACrC,aAAuB;IAEvB,IAAI,uBAAuB,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ;QAAE,OAAO,KAAK,CAAA;IAChE,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;QAC/B,MAAM,CAAC,EAAE,IAAI,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACnC,OAAO,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;IACrC,CAAC,CAAC,CAAA;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,SAAS,CACvB,QAAqC,EACrC,0BAAoC;IAEpC,OAAO,CAAC,CACN,uBAAuB,CAAC,QAAQ,CAAC;QACjC,eAAe,CAAC,QAAQ,EAAE,0BAA0B,CAAC,CACtD,CAAA;AACH,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,eAAe,CAC7B,KAAkC,EAClC,kBAA0B,iBAAiB,EAC3C,oBAA4B,2BAA2B;;IAEvD,OAAO,CACL,MAAA,CAAC,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,QAAQ,CAAC,eAAe,CAAC,MAAI,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,QAAQ,CAAC,iBAAiB,CAAC,CAAA,CAAC,mCACxE,KAAK,CACN,CAAA;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,kBAAkB,CAChC,KAAkC,EAClC,oBAA4B,2BAA2B;;IAEvD,OAAO,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,QAAQ,CAAC,iBAAiB,CAAC,mCAAI,KAAK,CAAA;AACpD,CAAC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -33,8 +33,8 @@ export interface SignInOptions {
|
|
|
33
33
|
* Logto `directSignIn` value — bypass the sign-in screen and go
|
|
34
34
|
* directly to a specific social connector or SSO provider.
|
|
35
35
|
*
|
|
36
|
-
* @example "social:
|
|
37
|
-
* @example "social:
|
|
36
|
+
* @example "social:MyGovId (MyGovId connector)"
|
|
37
|
+
* @example "social:OGCIO EntraID"
|
|
38
38
|
* @example "sso:connector-id"
|
|
39
39
|
*/
|
|
40
40
|
connector?: string;
|
|
@@ -105,14 +105,8 @@ export interface GatewayMutationOptions extends GatewayFetchOptions {
|
|
|
105
105
|
/** HTTP method for the mutation (defaults to `"POST"`). */
|
|
106
106
|
method?: MutationMethod;
|
|
107
107
|
}
|
|
108
|
-
|
|
109
|
-
export type {
|
|
110
|
-
/** Return value of the `useOnboardingGuard` hook. */
|
|
111
|
-
export type { UseOnboardingGuardResult } from "./react/use-onboarding-guard";
|
|
112
|
-
/** Options for the `usePublicServantGuard` hook. */
|
|
113
|
-
export type { UsePublicServantGuardOptions } from "./react/use-public-servant-guard";
|
|
114
|
-
/** Return value of the `usePublicServantGuard` hook. */
|
|
115
|
-
export type { UsePublicServantGuardResult } from "./react/use-public-servant-guard";
|
|
108
|
+
export type { UseOnboardingGuardOptions, UseOnboardingGuardResult, } from "./react/use-onboarding-guard";
|
|
109
|
+
export type { UsePublicServantGuardOptions, UsePublicServantGuardResult, } from "./react/use-public-servant-guard";
|
|
116
110
|
export type UseAuthResult = {
|
|
117
111
|
authenticated: boolean;
|
|
118
112
|
user?: AuthUser;
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,QAAQ,GAAG;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,CAAA;CAAE,CAAA;AAErE,yEAAyE;AACzE,MAAM,MAAM,UAAU,GAAG;IACvB,KAAK,EAAE,MAAM,EAAE,CAAA;IACf,aAAa,EAAE,MAAM,EAAE,CAAA;IACvB,kBAAkB,EAAE,MAAM,EAAE,CAAA;IAC5B,0EAA0E;IAC1E,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,UAAU,GAClB;IAAE,aAAa,EAAE,IAAI,CAAC;IAAC,GAAG,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,QAAQ,CAAC;IAAC,MAAM,EAAE,UAAU,CAAA;CAAE,GACxE;IAAE,aAAa,EAAE,KAAK,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAA;CAAE,CAAA;AAI9C,2FAA2F;AAC3F,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,EAAE,MAAM,CAAA;IACZ,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,KAAK,EAAE,MAAM,EAAE,CAAA;CAChB;AAID,oCAAoC;AACpC,MAAM,WAAW,aAAa;IAC5B;;;;;;;OAOG;IACH,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB;AAID,MAAM,WAAW,eAAe;IAC9B,iEAAiE;IACjE,UAAU,EAAE,MAAM,CAAA;IAClB,oEAAoE;IACpE,OAAO,EAAE,MAAM,CAAA;IACf;;;OAGG;IACH,gBAAgB,CAAC,EAAE,MAAM,IAAI,CAAA;CAC9B;AAID;;;;GAIG;AACH,qBAAa,aAAc,SAAQ,KAAK;IACtC,MAAM,EAAE,MAAM,CAAA;IACd,IAAI,CAAC,EAAE,MAAM,CAAA;gBAED,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM;CAM3D;AAID;;;GAGG;AACH,eAAO,MAAM,iBAAiB,yBAAyB,CAAA;AAEvD;;;;GAIG;AACH,eAAO,MAAM,sBAAsB,sBAAsB,CAAA;AAEzD;;;;GAIG;AACH,MAAM,MAAM,SAAS,GAAG,MAAM,GAAG,KAAK,CAAA;AAEtC,iDAAiD;AACjD,MAAM,WAAW,mBAAmB;IAClC;;;;OAIG;IACH,SAAS,CAAC,EAAE,SAAS,CAAA;IAErB;;;;;OAKG;IACH,cAAc,CAAC,EAAE,MAAM,CAAA;CACxB;AAED,yCAAyC;AACzC,MAAM,MAAM,cAAc,GAAG,MAAM,GAAG,KAAK,GAAG,OAAO,GAAG,QAAQ,CAAA;AAEhE,oDAAoD;AACpD,MAAM,WAAW,sBAAuB,SAAQ,mBAAmB;IACjE,2DAA2D;IAC3D,MAAM,CAAC,EAAE,cAAc,CAAA;CACxB;AAID,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,QAAQ,GAAG;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,CAAA;CAAE,CAAA;AAErE,yEAAyE;AACzE,MAAM,MAAM,UAAU,GAAG;IACvB,KAAK,EAAE,MAAM,EAAE,CAAA;IACf,aAAa,EAAE,MAAM,EAAE,CAAA;IACvB,kBAAkB,EAAE,MAAM,EAAE,CAAA;IAC5B,0EAA0E;IAC1E,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,UAAU,GAClB;IAAE,aAAa,EAAE,IAAI,CAAC;IAAC,GAAG,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,QAAQ,CAAC;IAAC,MAAM,EAAE,UAAU,CAAA;CAAE,GACxE;IAAE,aAAa,EAAE,KAAK,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAA;CAAE,CAAA;AAI9C,2FAA2F;AAC3F,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,EAAE,MAAM,CAAA;IACZ,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,KAAK,EAAE,MAAM,EAAE,CAAA;CAChB;AAID,oCAAoC;AACpC,MAAM,WAAW,aAAa;IAC5B;;;;;;;OAOG;IACH,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB;AAID,MAAM,WAAW,eAAe;IAC9B,iEAAiE;IACjE,UAAU,EAAE,MAAM,CAAA;IAClB,oEAAoE;IACpE,OAAO,EAAE,MAAM,CAAA;IACf;;;OAGG;IACH,gBAAgB,CAAC,EAAE,MAAM,IAAI,CAAA;CAC9B;AAID;;;;GAIG;AACH,qBAAa,aAAc,SAAQ,KAAK;IACtC,MAAM,EAAE,MAAM,CAAA;IACd,IAAI,CAAC,EAAE,MAAM,CAAA;gBAED,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM;CAM3D;AAID;;;GAGG;AACH,eAAO,MAAM,iBAAiB,yBAAyB,CAAA;AAEvD;;;;GAIG;AACH,eAAO,MAAM,sBAAsB,sBAAsB,CAAA;AAEzD;;;;GAIG;AACH,MAAM,MAAM,SAAS,GAAG,MAAM,GAAG,KAAK,CAAA;AAEtC,iDAAiD;AACjD,MAAM,WAAW,mBAAmB;IAClC;;;;OAIG;IACH,SAAS,CAAC,EAAE,SAAS,CAAA;IAErB;;;;;OAKG;IACH,cAAc,CAAC,EAAE,MAAM,CAAA;CACxB;AAED,yCAAyC;AACzC,MAAM,MAAM,cAAc,GAAG,MAAM,GAAG,KAAK,GAAG,OAAO,GAAG,QAAQ,CAAA;AAEhE,oDAAoD;AACpD,MAAM,WAAW,sBAAuB,SAAQ,mBAAmB;IACjE,2DAA2D;IAC3D,MAAM,CAAC,EAAE,cAAc,CAAA;CACxB;AAID,YAAY,EACV,yBAAyB,EACzB,wBAAwB,GACzB,MAAM,8BAA8B,CAAA;AAErC,YAAY,EACV,4BAA4B,EAC5B,2BAA2B,GAC5B,MAAM,kCAAkC,CAAA;AAEzC,MAAM,MAAM,aAAa,GAAG;IAC1B,aAAa,EAAE,OAAO,CAAA;IACtB,IAAI,CAAC,EAAE,QAAQ,CAAA;IACf,MAAM,CAAC,EAAE,UAAU,CAAA;IACnB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,OAAO,CAAA;IAChB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,sEAAsE;IACtE,cAAc,EAAE,OAAO,CAAA;IACvB,MAAM,EAAE,CAAC,OAAO,CAAC,EAAE,aAAa,KAAK,IAAI,CAAA;IACzC,OAAO,EAAE,MAAM,IAAI,CAAA;IACnB,8EAA8E;IAC9E,iBAAiB,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;IACtC,OAAO,EAAE,MAAM,IAAI,CAAA;CACpB,CAAA"}
|
package/package.json
CHANGED