@opengeoweb/authentication 9.26.0 → 9.27.1

package/index.esm.js

@@ -6855,9 +6855,8 @@ $({ global: true, bind: true, enumerable: true, forced: FORCED }, {
 
 const API_NAMESPACE$1 = 'api';
 const DEFAULT_TIMEOUT = 15000;
-const KEEP_ALIVE_IN_SECONDS = 60; // Number of seconds in between intervals to check with the token request if connection is stil intact
-const KEEP_ALIVE_POLLER_IN_SECONDS = 10; // Number of milliseconds to check if connection is restored or to check if KEEP_ALIVE_IN_SECONDS has passed
-const REFRESH_TOKEN_WHEN_PCT_EXPIRED = 75; // Refresh token when 75% expired. Set to (10 / 3600) * 100 = 0.2777778%  to test with 10 second interval.
+const KEEP_ALIVE_POLLER_IN_SECONDS = 60; // Number of seconds between the checks if the token should be refreshed.
+const REFRESH_TOKEN_WHEN_PCT_EXPIRED = 75; // Refresh token when 75% expired. Set to (10 / 3600) * 100 = 0.2777778% to test with 10 second interval (assuming 1 hour token expiration).
 const DEFAULT_TOKEN_EXPIRES_IN = 3600; // Number of seconds a token expires by default
 const MILLISECOND_TO_SECOND = 1 / 1000;
 const ns$1 = API_NAMESPACE$1;
@@ -6910,7 +6909,6 @@ const makeCredentialsFromTokenResponse = (tokenResponse, authConfig) => {
     token: access_token,
     refresh_token: refresh_token || '',
     expires_at: epochTimeTokenExpirationInSeconds,
-    keep_session_alive_at: getCurrentTimeInSeconds() + KEEP_ALIVE_IN_SECONDS,
     has_connection_issue: false
   };
   return newAuth;
@@ -6951,7 +6949,8 @@ const refreshAccessTokenAndSetAuthContext = ({
   auth,
   onSetAuth,
   config,
-  timeout: _timeout2 = DEFAULT_TIMEOUT
+  timeout: _timeout2 = DEFAULT_TIMEOUT,
+  configURLS
 }) => __awaiter(void 0, void 0, void 0, function* () {
   try {
     const refreshedToken = yield refreshAccessToken({
@@ -6959,11 +6958,15 @@ const refreshAccessTokenAndSetAuthContext = ({
       config,
       timeout: _timeout2
     });
-    const newAuth = makeCredentialsFromTokenResponse(refreshedToken);
+    const newAuth = makeCredentialsFromTokenResponse(refreshedToken, configURLS);
     // Cognito does not send a new refresh token, but gitlab does. Set it here into the auth context.
     if (!newAuth.refresh_token || newAuth.refresh_token.length === 0) {
       newAuth.refresh_token = auth.refresh_token;
     }
+    // If the prop for the role config is not set, keep the roles of the current auth context.
+    if (!configURLS) {
+      newAuth.roles = auth.roles;
+    }
     onSetAuth(newAuth);
   } catch (e) {
     onSetAuth(Object.assign(Object.assign({}, auth), {
@@ -6973,12 +6976,8 @@ const refreshAccessTokenAndSetAuthContext = ({
 });
 const createApiInstance = ({
   auth,
-  onSetAuth,
   config: {
-    baseURL,
-    authTokenURL,
-    authClientId,
-    appURL
+    baseURL
   } = {},
   timeout: _timeout3 = DEFAULT_TIMEOUT
 }) => {
@@ -6989,20 +6988,7 @@ const createApiInstance = ({
   });
   // Request interceptor for API calls done BEFORE the request is made.
   axiosInstance.interceptors.request.use(axiosConfig => __awaiter(void 0, void 0, void 0, function* () {
-    const timeInSecondsLeftBeforeExpiration = auth && auth.expires_at ? auth.expires_at - getCurrentTimeInSeconds() : 0; // If expires_at is not set, don't do anything. (set timeInSecondsLeftBeforeExpiration = 0 will skip refresh)
-    if (timeInSecondsLeftBeforeExpiration < 0) {
-      yield refreshAccessTokenAndSetAuthContext({
-        auth,
-        onSetAuth,
-        config: {
-          baseURL,
-          authTokenURL,
-          authClientId,
-          appURL
-        },
-        timeout: _timeout3
-      });
-    }
+    // Add the access token to the headers of the request.
     const newConfig = Object.assign(Object.assign({}, axiosConfig), {
       headers: Object.assign({
         'Content-Type': 'application/json',
@@ -7018,20 +7004,10 @@ const createApiInstance = ({
   axiosInstance.interceptors.response.use(response => response, error => __awaiter(void 0, void 0, void 0, function* () {
     var _a;
     const originalRequest = error.config;
+    // If request fails with 401, retry the request once.
     if (error.response && error.response.status && error.response.status === 401 && !originalRequest.inRetry) {
       originalRequest.inRetry = true;
-      yield refreshAccessTokenAndSetAuthContext({
-        auth,
-        onSetAuth,
-        config: {
-          baseURL,
-          authTokenURL,
-          authClientId,
-          appURL
-        },
-        timeout: _timeout3
-      });
-      // Update the headers of the original request with the refreshed access token
+      // Update the headers of the original request with the token from the current auth context.
       if ((_a = originalRequest.headers) === null || _a === void 0 ? void 0 : _a.Authorization) {
         originalRequest.headers.Authorization = `Bearer ${auth === null || auth === void 0 ? void 0 : auth.token}`;
       }
@@ -7158,7 +7134,8 @@ const AuthenticationContext = /*#__PURE__*/React__default.createContext({
   auth: null,
   onSetAuth: null,
   authConfig: null,
-  sessionStorageProvider: null
+  sessionStorageProvider: null,
+  currentRole: null
 });
 const useAuthenticationDefaultProps = () => {
   const [isLoggedIn, onLogin] = React__default.useState(false);
@@ -7169,7 +7146,6 @@ const useAuthenticationDefaultProps = () => {
     token: '',
     refresh_token: '',
     expires_at: 0,
-    keep_session_alive_at: 0,
     has_connection_issue: false
   };
   const auth = React__default.useRef(Object.assign({}, emptyCredentials)).current;
@@ -7188,12 +7164,15 @@ const useAuthenticationDefaultProps = () => {
     }
   };
   const sessionStorageProvider = getSessionStorageProvider();
+  const [currentRole, setCurrentRole] = React__default.useState(auth.roles && auth.roles[0] || GEOWEB_ROLE_USER);
   return {
     isLoggedIn,
     onLogin,
     auth: isLoggedIn ? auth : null,
     onSetAuth,
-    sessionStorageProvider
+    sessionStorageProvider,
+    currentRole,
+    setCurrentRole
   };
 };
 const AuthenticationProvider = ({
@@ -7207,15 +7186,19 @@ const AuthenticationProvider = ({
     onLogin,
     auth,
     onSetAuth,
-    sessionStorageProvider
+    sessionStorageProvider,
+    currentRole,
+    setCurrentRole
   } = value || defaultValues;
   const authConfig = _configURLS;
+  // Checks the token expiration time regularly and renews it before it expires.
   const interval = useRef();
   React__default.useEffect(() => {
     interval.current = setInterval(() => __awaiter(void 0, void 0, void 0, function* () {
       if (auth) {
         const currentTime = getCurrentTimeInSeconds();
-        if (auth.keep_session_alive_at && currentTime > auth.keep_session_alive_at) {
+        const timeInSecondsLeftBeforeExpiration = auth.expires_at ? auth.expires_at - currentTime : 0;
+        if (timeInSecondsLeftBeforeExpiration < 0) {
           yield refreshAccessTokenAndSetAuthContext({
             auth,
             onSetAuth,
@@ -7224,7 +7207,8 @@ const AuthenticationProvider = ({
               authTokenURL: _configURLS.GW_AUTH_TOKEN_URL,
               appURL: _configURLS.GW_APP_URL,
               authClientId: _configURLS.GW_AUTH_CLIENT_ID
-            }
+            },
+            configURLS: _configURLS
           });
         }
       }
@@ -7232,15 +7216,17 @@ const AuthenticationProvider = ({
     return () => {
       clearInterval(interval.current);
     };
-  }, [auth, _configURLS.GW_APP_URL, _configURLS.GW_AUTH_CLIENT_ID, _configURLS.GW_AUTH_TOKEN_URL, onSetAuth]);
+  }, [auth, _configURLS.GW_APP_URL, _configURLS.GW_AUTH_CLIENT_ID, _configURLS.GW_AUTH_TOKEN_URL, onSetAuth, _configURLS]);
   const contextValue = React__default.useMemo(() => ({
     isLoggedIn,
     onLogin,
     auth,
     onSetAuth,
     authConfig,
-    sessionStorageProvider
-  }), [isLoggedIn, onLogin, auth, onSetAuth, authConfig, sessionStorageProvider]);
+    sessionStorageProvider,
+    currentRole,
+    setCurrentRole
+  }), [isLoggedIn, onLogin, auth, onSetAuth, authConfig, sessionStorageProvider, currentRole, setCurrentRole]);
   return jsx(AuthenticationContext.Provider, Object.assign({
     value: contextValue
   }, {
@@ -7655,4 +7641,4 @@ const useApi = (apiCall, params, callbacks) => {
   };
 };
 
-export { AUTH_NAMESPACE, ApiProvider, AuthenticationContext, AuthenticationProvider, HandleOAuth2Code as Code, GEOWEB_ROLE_PRESETS_ADMIN, GEOWEB_ROLE_USER, KEEP_ALIVE_IN_SECONDS, KEEP_ALIVE_POLLER_IN_SECONDS, OAuth2Login as Login, OAuth2Logout as Logout, MILLISECOND_TO_SECOND, REFRESH_TOKEN_WHEN_PCT_EXPIRED, RequireAuth, SessionStorageKey, UserMenuRoles, UserMenuRolesConnect, apiTranslations, authTranslations, createApiInstance, createFakeApiInstance, createNonAuthApiInstance, fakeApiRequest, getApi, getAuthConfig, getCodeChallenge, getConfig, getCurrentTimeInSeconds, getCurrentUrlLocation, getRandomString, getSessionStorageProvider, groupsToRoles, makeCredentialsFromTokenResponse, refreshAccessToken, refreshAccessTokenAndSetAuthContext, useApi, useApiContext, useAuthenticationContext, useAuthenticationDefaultProps };
+export { AUTH_NAMESPACE, ApiProvider, AuthenticationContext, AuthenticationProvider, HandleOAuth2Code as Code, GEOWEB_ROLE_PRESETS_ADMIN, GEOWEB_ROLE_USER, KEEP_ALIVE_POLLER_IN_SECONDS, OAuth2Login as Login, OAuth2Logout as Logout, MILLISECOND_TO_SECOND, REFRESH_TOKEN_WHEN_PCT_EXPIRED, RequireAuth, SessionStorageKey, UserMenuRoles, UserMenuRolesConnect, apiTranslations, authTranslations, createApiInstance, createFakeApiInstance, createNonAuthApiInstance, fakeApiRequest, getApi, getAuthConfig, getCodeChallenge, getConfig, getCurrentTimeInSeconds, getCurrentUrlLocation, getRandomString, getSessionStorageProvider, groupsToRoles, makeCredentialsFromTokenResponse, refreshAccessToken, refreshAccessTokenAndSetAuthContext, useApi, useApiContext, useAuthenticationContext, useAuthenticationDefaultProps };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@opengeoweb/authentication",
-  "version": "9.26.0",
+  "version": "9.27.1",
   "description": "GeoWeb authentication library for the opengeoweb project",
   "license": "Apache-2.0",
   "repository": {
@@ -14,13 +14,15 @@
     "@opengeoweb/theme": "*",
     "i18next": "^23.11.5",
     "react-i18next": "^14.1.2",
-    "@opengeoweb/snackbar": "9.26.0",
+    "@opengeoweb/snackbar": "9.27.1",
     "react-redux": "^8.1.3",
     "@reduxjs/toolkit": "^1.9.7",
     "@mui/material": "^5.16.0"
   },
   "peerDependencies": {
-    "react": "18"
+    "react": "18",
+    "@emotion/react": "*",
+    "@emotion/styled": "*"
   },
   "module": "./index.esm.js",
   "type": "module",

package/src/lib/components/ApiContext/types.d.ts

@@ -11,7 +11,6 @@ export interface Credentials {
     token: string;
     refresh_token: string;
     expires_at?: number;
-    keep_session_alive_at?: number;
     has_connection_issue?: boolean;
 }
 export interface ApiUrls {

package/src/lib/components/ApiContext/utils.d.ts

@@ -1,8 +1,7 @@
 import { AxiosInstance, AxiosResponse } from 'axios';
 import { ConfigType } from '@opengeoweb/shared';
 import { CreateApiProps, Credentials, Role } from './types';
-export declare const KEEP_ALIVE_IN_SECONDS = 60;
-export declare const KEEP_ALIVE_POLLER_IN_SECONDS = 10;
+export declare const KEEP_ALIVE_POLLER_IN_SECONDS = 60;
 export declare const REFRESH_TOKEN_WHEN_PCT_EXPIRED = 75;
 export declare const MILLISECOND_TO_SECOND: number;
 export declare const GEOWEB_ROLE_PRESETS_ADMIN: Role;
@@ -17,8 +16,10 @@ export declare const GEOWEB_ROLE_USER: Role;
  */
 export declare const makeCredentialsFromTokenResponse: (tokenResponse: AxiosResponse, authConfig?: ConfigType) => Credentials;
 export declare const refreshAccessToken: ({ auth, config: { authTokenURL, authClientId, appURL }, timeout, }: CreateApiProps) => Promise<AxiosResponse>;
-export declare const refreshAccessTokenAndSetAuthContext: ({ auth, onSetAuth, config, timeout, }: CreateApiProps) => Promise<void>;
-export declare const createApiInstance: ({ auth, onSetAuth, config: { baseURL, authTokenURL, authClientId, appURL }, timeout, }: CreateApiProps) => AxiosInstance;
+export declare const refreshAccessTokenAndSetAuthContext: ({ auth, onSetAuth, config, timeout, configURLS, }: CreateApiProps & {
+    configURLS?: ConfigType | undefined;
+}) => Promise<void>;
+export declare const createApiInstance: ({ auth, config: { baseURL }, timeout, }: CreateApiProps) => AxiosInstance;
 export declare const createNonAuthApiInstance: ({ config: { baseURL }, timeout, }: CreateApiProps) => AxiosInstance;
 export declare const fakeApiRequest: (signal?: AbortController) => Promise<void>;
 export declare const createFakeApiInstance: () => AxiosInstance;

package/src/lib/components/AuthenticationContext/types.d.ts

@@ -1,5 +1,5 @@
 import { SessionStorageProvider } from '../../utils/session';
-import { Credentials } from '../ApiContext/types';
+import { Credentials, Role } from '../ApiContext/types';
 export interface AuthenticationConfig {
     GW_AUTH_LOGIN_URL: string;
     GW_AUTH_LOGOUT_URL: string;
@@ -16,6 +16,8 @@ export interface AuthenticationDefaultStateProps {
     auth: Credentials | null;
     onSetAuth: (auth: Credentials) => void;
     sessionStorageProvider: SessionStorageProvider;
+    currentRole?: Role;
+    setCurrentRole?: (newRole: Role) => void;
 }
 export interface AuthenticationContextProps extends AuthenticationDefaultStateProps {
     authConfig: AuthenticationConfig;