@orsetra/shared-auth 1.0.12 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/config/zitadel.config.ts +1 -1
  2. package/hooks/useSession.ts +10 -0
  3. package/package.json +1 -1
  4. package/services/zitadel.auth.service.ts +31 -0
package/config/zitadel.config.ts CHANGED
@@ -29,7 +29,7 @@ export function createAuthConfig(zitadelConfig: ZitadelConfig): UserManagerSetti
29
29
  client_id: `${zitadelConfig.client_id}`,
30
30
  redirect_uri: zitadelConfig.redirect_uri ?? `${baseUrl}/callback`,
31
31
  response_type: zitadelConfig.response_type ?? 'code',
32
- scope: zitadelConfig.scope ?? `openid profile email ${
32
+ scope: zitadelConfig.scope ?? `openid profile email offline_access ${
33
33
  zitadelConfig.project_resource_id
34
34
  ? `urn:zitadel:iam:org:project:id:${zitadelConfig.project_resource_id}:aud urn:zitadel:iam:org:projects:roles access_offline`
35
35
  : ''
package/hooks/useSession.ts CHANGED
@@ -6,6 +6,7 @@ interface SessionUser {
6
6
  access_token: string
7
7
  id_token?: string
8
8
  expires_at?: number
9
+ refresh_token?: string
9
10
  profile: {
10
11
  sub: string
11
12
  email?: string
@@ -25,6 +26,7 @@ interface SessionState {
25
26
  /**
26
27
  * Hook pour récupérer la session utilisateur dans les micro-apps
27
28
  * Lit depuis localStorage (partagé via même domaine)
29
+ * Vérifie automatiquement l'expiration et redirige vers login si nécessaire
28
30
  */
29
31
  export function useSession(): SessionState {
30
32
  const [state, setState] = useState<SessionState>({
@@ -54,6 +56,14 @@ export function useSession(): SessionState {
54
56
  accessToken: userData.access_token,
55
57
  })
56
58
  return
59
+ } else {
60
+ // Token expiré - nettoyer et rediriger
61
+ localStorage.removeItem(storageKey)
62
+
63
+ // Rediriger vers l'app principale pour reconnexion
64
+ const mainAppUrl = process.env.NEXT_PUBLIC_MAIN_APP_URL || window.location.origin
65
+ window.location.href = `${mainAppUrl}/?redirect=${encodeURIComponent(window.location.pathname)}`
66
+ return
57
67
  }
58
68
  }
59
69
  } catch (error) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@orsetra/shared-auth",
3
- "version": "1.0.12",
3
+ "version": "1.1.0",
4
4
  "description": "Shared authentication utilities for Orsetra platform using Zitadel",
5
5
  "main": "./index.ts",
6
6
  "types": "./index.ts",
package/services/zitadel.auth.service.ts CHANGED
@@ -26,6 +26,8 @@ function createZitadelAuth(zitadelConfig: ZitadelConfig): ZitadelAuth {
26
26
  const userManager = new UserManager({
27
27
  userStore: new WebStorageStateStore({ store: window.localStorage }),
28
28
  loadUserInfo: true,
29
+ automaticSilentRenew: true,
30
+ silent_redirect_uri: authConfig.redirect_uri?.replace('/callback', '/silent-refresh'),
29
31
  ...authConfig,
30
32
  });
31
33
 
@@ -37,6 +39,15 @@ function createZitadelAuth(zitadelConfig: ZitadelConfig): ZitadelAuth {
37
39
  document.cookie = 'auth_session=; path=/; max-age=0';
38
40
  });
39
41
 
42
+ userManager.events.addUserSignedOut(() => {
43
+ document.cookie = 'auth_session=; path=/; max-age=0';
44
+ Object.keys(localStorage).forEach(key => {
45
+ if (key.startsWith('oidc.user:')) {
46
+ localStorage.removeItem(key);
47
+ }
48
+ });
49
+ });
50
+
40
51
  return {
41
52
  authorize: () => userManager.signinRedirect(),
42
53
  signout: () => userManager.signoutRedirect(),
@@ -68,7 +79,27 @@ export class ZitadelAuthService {
68
79
 
69
80
  static async signOut() {
70
81
  try {
82
+ // Nettoyer le cookie d'auth
71
83
  document.cookie = 'auth_session=; path=/; max-age=0';
84
+
85
+ // Nettoyer toutes les sessions localStorage (pour les micro-apps)
86
+ const authority = process.env.NEXT_PUBLIC_ZITADEL_AUTHORITY;
87
+ const clientId = process.env.NEXT_PUBLIC_ZITADEL_CLIENT_ID;
88
+
89
+ // Nettoyer la session de l'app courante
90
+ if (authority && clientId) {
91
+ const storageKey = `oidc.user:${authority}:${clientId}`;
92
+ localStorage.removeItem(storageKey);
93
+ }
94
+
95
+ // Nettoyer toutes les autres sessions Zitadel potentielles
96
+ Object.keys(localStorage).forEach(key => {
97
+ if (key.startsWith('oidc.user:')) {
98
+ localStorage.removeItem(key);
99
+ }
100
+ });
101
+
102
+ // Signout redirect vers Zitadel
72
103
  await this.getAuth().signout();
73
104
  } catch (error) {
74
105
  throw this.handleAuthError(error);