@opensourcekd/ng-common-libs 2.0.8 → 2.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/README.md +2 -0
  2. package/dist/index.cjs +304 -23
  3. package/dist/index.cjs.map +1 -1
  4. package/dist/index.d.ts +49 -1
  5. package/dist/index.mjs +304 -23
  6. package/dist/index.mjs.map +1 -1
  7. package/package.json +1 -1
package/dist/index.d.ts CHANGED
@@ -111,6 +111,7 @@ interface Auth0ConfigOptions {
111
111
  redirectUri?: string;
112
112
  logoutUri?: string;
113
113
  audience?: string;
114
+ defaultAudience?: string;
114
115
  scope?: string;
115
116
  connection?: string;
116
117
  }
@@ -127,6 +128,7 @@ declare const AUTH0_CONFIG: {
127
128
  redirectUri: string;
128
129
  logoutUri: string;
129
130
  audience: string;
131
+ defaultAudience: string;
130
132
  scope: string;
131
133
  connection: string | undefined;
132
134
  };
@@ -163,6 +165,7 @@ declare const STORAGE_CONFIG: {
163
165
  declare const STORAGE_KEYS: {
164
166
  ACCESS_TOKEN: string;
165
167
  USER_INFO: string;
168
+ DECODED_TOKEN: string;
166
169
  };
167
170
  /**
168
171
  * Reset AUTH0_CONFIG to default values
@@ -218,6 +221,20 @@ interface UserInfo {
218
221
  organization?: string;
219
222
  [key: string]: unknown;
220
223
  }
224
+ /**
225
+ * Decoded access token payload
226
+ * Standard JWT claims plus any custom claims
227
+ */
228
+ interface TokenPayload {
229
+ iss?: string;
230
+ sub?: string;
231
+ aud?: string | string[];
232
+ exp?: number;
233
+ iat?: number;
234
+ scope?: string;
235
+ permissions?: string[];
236
+ [key: string]: unknown;
237
+ }
221
238
  /**
222
239
  * Simplified user data extracted from token
223
240
  */
@@ -263,6 +280,7 @@ interface Auth0Config {
263
280
  redirectUri: string;
264
281
  logoutUri: string;
265
282
  audience?: string;
283
+ defaultAudience?: string;
266
284
  scope: string;
267
285
  connection?: string;
268
286
  }
@@ -285,6 +303,7 @@ interface StorageConfig {
285
303
  interface StorageKeys {
286
304
  ACCESS_TOKEN: string;
287
305
  USER_INFO: string;
306
+ DECODED_TOKEN: string;
288
307
  }
289
308
  /**
290
309
  * Pure TypeScript Authentication Service for Auth0 integration
@@ -325,6 +344,8 @@ declare class AuthService {
325
344
  private readonly STANDARD_JWT_CLAIMS;
326
345
  private auth0Client;
327
346
  private initializationPromise;
347
+ private callbackHandled;
348
+ private callbackPromise;
328
349
  private userSubject;
329
350
  user$: Observable<UserInfo | null>;
330
351
  private config;
@@ -346,6 +367,11 @@ declare class AuthService {
346
367
  * @returns The id if provided during initialization, undefined otherwise
347
368
  */
348
369
  getId(): string | undefined;
370
+ /**
371
+ * Get effective audience value (with fallback to defaultAudience)
372
+ * @private
373
+ */
374
+ private getEffectiveAudience;
349
375
  /**
350
376
  * Initialize Auth0 client
351
377
  */
@@ -354,6 +380,13 @@ declare class AuthService {
354
380
  * Ensure Auth0 client is initialized before use
355
381
  */
356
382
  private ensureInitialized;
383
+ /**
384
+ * Check for OAuth callback parameters in URL and auto-handle if present
385
+ * Note: The Auth0 SDK's handleRedirectCallback() validates the state parameter
386
+ * to prevent CSRF attacks. This method only checks for the presence of callback
387
+ * parameters before delegating to the Auth0 SDK for secure processing.
388
+ */
389
+ private checkAndHandleCallback;
357
390
  /**
358
391
  * Login with Auth0
359
392
  */
@@ -390,6 +423,21 @@ declare class AuthService {
390
423
  * Set access token in storage and emit event
391
424
  */
392
425
  private setToken;
426
+ /**
427
+ * Decode JWT token and store its payload
428
+ * Note: This only decodes the JWT structure without verifying the signature.
429
+ * The token signature is already validated by Auth0 SDK when obtained.
430
+ * This decoded data is for informational purposes (e.g., checking expiration, viewing scopes).
431
+ * Do NOT use decoded token data for authorization decisions - always validate on the backend.
432
+ */
433
+ private decodeAndStoreToken;
434
+ /**
435
+ * Get decoded token payload from storage
436
+ * Note: This data is for informational purposes only (checking expiration, viewing scopes, etc.).
437
+ * Do NOT use this for authorization decisions - always validate permissions on the backend.
438
+ * The token signature is validated by Auth0 SDK when the token is obtained.
439
+ */
440
+ getDecodedToken(): TokenPayload | null;
393
441
  /**
394
442
  * Check if user is authenticated
395
443
  */
@@ -652,4 +700,4 @@ declare class Logger {
652
700
  }
653
701
 
654
702
  export { APP_CONFIG, AUTH0_CONFIG, AuthService, EventBus, LogSeverity, Logger, STORAGE_CONFIG, STORAGE_KEYS, configureAuth0, createAuthService, getStorageItem, removeStorageItem, resetAuth0Config, setStorageItem };
655
- export type { AppState, Auth0Config, Auth0ConfigOptions, AuthServiceOptions, AuthorizationParams, CallbackResult, EventBusOptions, EventPayload, LogAttributes, LogRecord, LoggerOptions, StorageConfig, StorageKeys, UserData, UserInfo };
703
+ export type { AppState, Auth0Config, Auth0ConfigOptions, AuthServiceOptions, AuthorizationParams, CallbackResult, EventBusOptions, EventPayload, LogAttributes, LogRecord, LoggerOptions, StorageConfig, StorageKeys, TokenPayload, UserData, UserInfo };