@oxyhq/auth 2.0.8 → 2.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -2
- package/dist/cjs/.tsbuildinfo +1 -1
- package/dist/cjs/WebOxyProvider.js +15 -34
- package/dist/cjs/hooks/useWebSSO.js +44 -7
- package/dist/esm/.tsbuildinfo +1 -1
- package/dist/esm/WebOxyProvider.js +15 -34
- package/dist/esm/hooks/useWebSSO.js +44 -7
- package/dist/types/.tsbuildinfo +1 -1
- package/package.json +1 -1
- package/src/WebOxyProvider.tsx +16 -34
- package/src/hooks/useWebSSO.ts +46 -7
|
@@ -12,36 +12,19 @@ import { QueryClientProvider } from '@tanstack/react-query';
|
|
|
12
12
|
import { attachQueryPersistence, createQueryClient } from './hooks/queryClient';
|
|
13
13
|
const WebOxyContext = createContext(null);
|
|
14
14
|
/**
|
|
15
|
-
* Module-level run-once guard for
|
|
15
|
+
* Module-level run-once guard for FedCM silent sign-in.
|
|
16
16
|
*
|
|
17
17
|
* The init effect runs again whenever the provider remounts (route change,
|
|
18
18
|
* StrictMode double-invoke, error-boundary recovery). The redirect-callback
|
|
19
|
-
* and local-session-restore steps are cheap and idempotent, but
|
|
20
|
-
* `
|
|
21
|
-
*
|
|
22
|
-
*
|
|
23
|
-
*
|
|
24
|
-
* The FedCM leg is now centrally memoized inside `@oxyhq/core`'s
|
|
25
|
-
* `silentSignInWithFedCM` (at-most-once `navigator.credentials.get` per page
|
|
26
|
-
* load). The iframe fallback, however, is a SEPARATE mechanism the core guard
|
|
27
|
-
* does not cover — without this guard a remount storm would create a hidden
|
|
28
|
-
* iframe per remount. So this guard is intentionally retained to keep the
|
|
29
|
-
* provider's WHOLE silent step run-once. Keyed on `origin + baseURL` to match
|
|
30
|
-
* the core guard's keying (so the two stay in lockstep) and to survive
|
|
31
|
-
* instance churn; never cleared because only a fresh page load can change the
|
|
32
|
-
* IdP/iframe session state.
|
|
19
|
+
* and local-session-restore steps are cheap and idempotent, but the FedCM
|
|
20
|
+
* `silentSignIn()` step triggers `navigator.credentials.get`, which must fire
|
|
21
|
+
* AT MOST ONCE per page load — otherwise a remount storm becomes a credential
|
|
22
|
+
* request storm. Keyed by origin so the guard survives instance churn; never
|
|
23
|
+
* cleared because only a fresh page load can change the IdP session state.
|
|
33
24
|
*/
|
|
34
|
-
const
|
|
35
|
-
function silentSignInKey(
|
|
36
|
-
|
|
37
|
-
let baseURL = '';
|
|
38
|
-
try {
|
|
39
|
-
baseURL = oxyServices.getBaseURL();
|
|
40
|
-
}
|
|
41
|
-
catch {
|
|
42
|
-
baseURL = '';
|
|
43
|
-
}
|
|
44
|
-
return `${origin}|${baseURL}`;
|
|
25
|
+
const fedcmSilentSignInAttempted = new Set();
|
|
26
|
+
function silentSignInKey() {
|
|
27
|
+
return typeof window !== 'undefined' ? window.location.origin : 'no-origin';
|
|
45
28
|
}
|
|
46
29
|
/**
|
|
47
30
|
* Web-only Oxy Provider
|
|
@@ -144,14 +127,12 @@ export function WebOxyProvider({ children, baseURL, authWebUrl, onAuthStateChang
|
|
|
144
127
|
await authManager.signOut();
|
|
145
128
|
}
|
|
146
129
|
}
|
|
147
|
-
//
|
|
148
|
-
// change / StrictMode / error recovery) must not re-trigger
|
|
149
|
-
// browser credential request
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
if (!silentSignInAttempted.has(ssoKey)) {
|
|
154
|
-
silentSignInAttempted.add(ssoKey);
|
|
130
|
+
// FedCM silent sign-in: run AT MOST ONCE per page load. A remount
|
|
131
|
+
// (route change / StrictMode / error recovery) must not re-trigger
|
|
132
|
+
// the browser credential request.
|
|
133
|
+
const ssoKey = silentSignInKey();
|
|
134
|
+
if (!fedcmSilentSignInAttempted.has(ssoKey)) {
|
|
135
|
+
fedcmSilentSignInAttempted.add(ssoKey);
|
|
155
136
|
try {
|
|
156
137
|
const session = await crossDomainAuth.silentSignIn();
|
|
157
138
|
if (mounted && session?.user) {
|
|
@@ -15,6 +15,35 @@
|
|
|
15
15
|
* @see https://developer.mozilla.org/en-US/docs/Web/API/FedCM_API
|
|
16
16
|
*/
|
|
17
17
|
import { useEffect, useRef, useCallback } from 'react';
|
|
18
|
+
/**
|
|
19
|
+
* Module-level guard tracking which (origin + API) signatures have already
|
|
20
|
+
* had a silent SSO attempt this page load.
|
|
21
|
+
*
|
|
22
|
+
* A per-component `useRef` guard resets whenever the provider remounts (route
|
|
23
|
+
* churn, StrictMode double-invoke, error-boundary recovery), which previously
|
|
24
|
+
* allowed silent SSO to re-fire and — combined with a routing redirect loop —
|
|
25
|
+
* produced an accelerating `navigator.credentials.get` retry storm. Keying the
|
|
26
|
+
* guard on a stable signature instead of the component instance makes silent
|
|
27
|
+
* SSO fire EXACTLY ONCE per page load regardless of how many times the
|
|
28
|
+
* provider mounts. The set is intentionally never cleared: a fresh page load
|
|
29
|
+
* (the only thing that can change the answer) starts a fresh module scope.
|
|
30
|
+
*/
|
|
31
|
+
const silentSSOAttempted = new Set();
|
|
32
|
+
/**
|
|
33
|
+
* Build a stable signature for the silent-SSO run-once guard. Two providers
|
|
34
|
+
* pointed at the same API from the same origin share one attempt.
|
|
35
|
+
*/
|
|
36
|
+
function ssoSignature(oxyServices) {
|
|
37
|
+
const origin = typeof window !== 'undefined' ? window.location.origin : 'no-origin';
|
|
38
|
+
let baseURL = '';
|
|
39
|
+
try {
|
|
40
|
+
baseURL = oxyServices.getBaseURL();
|
|
41
|
+
}
|
|
42
|
+
catch {
|
|
43
|
+
baseURL = '';
|
|
44
|
+
}
|
|
45
|
+
return `${origin}|${baseURL}`;
|
|
46
|
+
}
|
|
18
47
|
/**
|
|
19
48
|
* Check if we're running in a web browser environment (not React Native)
|
|
20
49
|
*/
|
|
@@ -119,12 +148,12 @@ export function useWebSSO({ oxyServices, onSessionFound, onSSOUnavailable, onErr
|
|
|
119
148
|
}, [oxyServices, onSessionFound, onError, fedCMSupported]);
|
|
120
149
|
// Auto-check SSO on mount (web only, FedCM only, not on auth domain).
|
|
121
150
|
//
|
|
122
|
-
//
|
|
123
|
-
//
|
|
124
|
-
//
|
|
125
|
-
//
|
|
126
|
-
//
|
|
127
|
-
//
|
|
151
|
+
// Run-once is enforced by TWO guards:
|
|
152
|
+
// 1. `hasCheckedRef` — cheap per-instance fast-path so effect re-runs
|
|
153
|
+
// (from changing deps) within one mount never re-fire.
|
|
154
|
+
// 2. `silentSSOAttempted` — module-level, survives remounts/StrictMode so
|
|
155
|
+
// silent SSO fires exactly once per page load even if the provider
|
|
156
|
+
// unmounts and remounts.
|
|
128
157
|
useEffect(() => {
|
|
129
158
|
if (!enabled || !isWebBrowser() || hasCheckedRef.current || isIdentityProvider()) {
|
|
130
159
|
if (isIdentityProvider()) {
|
|
@@ -132,14 +161,22 @@ export function useWebSSO({ oxyServices, onSessionFound, onSSOUnavailable, onErr
|
|
|
132
161
|
}
|
|
133
162
|
return;
|
|
134
163
|
}
|
|
164
|
+
const signature = ssoSignature(oxyServices);
|
|
165
|
+
if (silentSSOAttempted.has(signature)) {
|
|
166
|
+
// Already attempted this page load (e.g. before a remount) — do not
|
|
167
|
+
// re-fire. Mark the local fast-path too so subsequent re-renders skip.
|
|
168
|
+
hasCheckedRef.current = true;
|
|
169
|
+
return;
|
|
170
|
+
}
|
|
135
171
|
hasCheckedRef.current = true;
|
|
172
|
+
silentSSOAttempted.add(signature);
|
|
136
173
|
if (fedCMSupported) {
|
|
137
174
|
checkSSO();
|
|
138
175
|
}
|
|
139
176
|
else {
|
|
140
177
|
onSSOUnavailable?.();
|
|
141
178
|
}
|
|
142
|
-
}, [enabled, checkSSO, fedCMSupported, onSSOUnavailable]);
|
|
179
|
+
}, [enabled, checkSSO, fedCMSupported, onSSOUnavailable, oxyServices]);
|
|
143
180
|
return {
|
|
144
181
|
checkSSO,
|
|
145
182
|
signInWithFedCM,
|