@oxyhq/services 13.2.0 → 14.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/commonjs/index.js +11 -17
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/ui/components/AccountMenu.js +103 -65
- package/lib/commonjs/ui/components/AccountMenu.js.map +1 -1
- package/lib/commonjs/ui/components/AccountSwitcher.js +84 -126
- package/lib/commonjs/ui/components/AccountSwitcher.js.map +1 -1
- package/lib/commonjs/ui/components/ProfileButton.js +81 -22
- package/lib/commonjs/ui/components/ProfileButton.js.map +1 -1
- package/lib/commonjs/ui/components/ProfileMenu.js +244 -142
- package/lib/commonjs/ui/components/ProfileMenu.js.map +1 -1
- package/lib/commonjs/ui/components/SignInModal.js +4 -4
- package/lib/commonjs/ui/components/SignInModal.js.map +1 -1
- package/lib/commonjs/ui/context/OxyContext.js +506 -466
- package/lib/commonjs/ui/context/OxyContext.js.map +1 -1
- package/lib/commonjs/ui/context/hooks/useAuthOperations.js +59 -57
- package/lib/commonjs/ui/context/hooks/useAuthOperations.js.map +1 -1
- package/lib/commonjs/ui/context/inSessionTokenRefresh.js +23 -42
- package/lib/commonjs/ui/context/inSessionTokenRefresh.js.map +1 -1
- package/lib/commonjs/ui/context/silentSessionRestore.js +12 -21
- package/lib/commonjs/ui/context/silentSessionRestore.js.map +1 -1
- package/lib/commonjs/ui/hooks/useAuth.js +4 -3
- package/lib/commonjs/ui/hooks/useAuth.js.map +1 -1
- package/lib/commonjs/ui/hooks/useOxyAuthSession.js +12 -7
- package/lib/commonjs/ui/hooks/useOxyAuthSession.js.map +1 -1
- package/lib/commonjs/ui/hooks/useSessionManagement.js +17 -65
- package/lib/commonjs/ui/hooks/useSessionManagement.js.map +1 -1
- package/lib/commonjs/ui/hooks/useSwitchableAccounts.js +288 -0
- package/lib/commonjs/ui/hooks/useSwitchableAccounts.js.map +1 -0
- package/lib/commonjs/ui/hooks/useWebSSO.js +12 -191
- package/lib/commonjs/ui/hooks/useWebSSO.js.map +1 -1
- package/lib/commonjs/ui/index.js.map +1 -1
- package/lib/commonjs/ui/screens/OxyAuthScreen.js +2 -2
- package/lib/commonjs/ui/screens/OxyAuthScreen.js.map +1 -1
- package/lib/commonjs/ui/session/createSessionClient.js +28 -0
- package/lib/commonjs/ui/session/createSessionClient.js.map +1 -0
- package/lib/commonjs/ui/session/index.js +52 -0
- package/lib/commonjs/ui/session/index.js.map +1 -0
- package/lib/commonjs/ui/session/projectSessionState.js +86 -0
- package/lib/commonjs/ui/session/projectSessionState.js.map +1 -0
- package/lib/commonjs/ui/session/sessionClientHost.js +30 -0
- package/lib/commonjs/ui/session/sessionClientHost.js.map +1 -0
- package/lib/commonjs/ui/session/tokenTransport.js +77 -0
- package/lib/commonjs/ui/session/tokenTransport.js.map +1 -0
- package/lib/commonjs/ui/utils/activeAuthuser.js +35 -79
- package/lib/commonjs/ui/utils/activeAuthuser.js.map +1 -1
- package/lib/commonjs/ui/utils/sessionHelpers.js +1 -51
- package/lib/commonjs/ui/utils/sessionHelpers.js.map +1 -1
- package/lib/commonjs/utils/deviceFlowSignIn.js +70 -15
- package/lib/commonjs/utils/deviceFlowSignIn.js.map +1 -1
- package/lib/module/index.js +5 -5
- package/lib/module/index.js.map +1 -1
- package/lib/module/ui/components/AccountMenu.js +103 -65
- package/lib/module/ui/components/AccountMenu.js.map +1 -1
- package/lib/module/ui/components/AccountSwitcher.js +85 -127
- package/lib/module/ui/components/AccountSwitcher.js.map +1 -1
- package/lib/module/ui/components/ProfileButton.js +82 -23
- package/lib/module/ui/components/ProfileButton.js.map +1 -1
- package/lib/module/ui/components/ProfileMenu.js +247 -145
- package/lib/module/ui/components/ProfileMenu.js.map +1 -1
- package/lib/module/ui/components/SignInModal.js +4 -4
- package/lib/module/ui/components/SignInModal.js.map +1 -1
- package/lib/module/ui/context/OxyContext.js +510 -470
- package/lib/module/ui/context/OxyContext.js.map +1 -1
- package/lib/module/ui/context/hooks/useAuthOperations.js +61 -60
- package/lib/module/ui/context/hooks/useAuthOperations.js.map +1 -1
- package/lib/module/ui/context/inSessionTokenRefresh.js +24 -43
- package/lib/module/ui/context/inSessionTokenRefresh.js.map +1 -1
- package/lib/module/ui/context/silentSessionRestore.js +12 -20
- package/lib/module/ui/context/silentSessionRestore.js.map +1 -1
- package/lib/module/ui/hooks/useAuth.js +4 -3
- package/lib/module/ui/hooks/useAuth.js.map +1 -1
- package/lib/module/ui/hooks/useOxyAuthSession.js +12 -7
- package/lib/module/ui/hooks/useOxyAuthSession.js.map +1 -1
- package/lib/module/ui/hooks/useSessionManagement.js +18 -66
- package/lib/module/ui/hooks/useSessionManagement.js.map +1 -1
- package/lib/module/ui/hooks/useSwitchableAccounts.js +283 -0
- package/lib/module/ui/hooks/useSwitchableAccounts.js.map +1 -0
- package/lib/module/ui/hooks/useWebSSO.js +13 -192
- package/lib/module/ui/hooks/useWebSSO.js.map +1 -1
- package/lib/module/ui/index.js +0 -1
- package/lib/module/ui/index.js.map +1 -1
- package/lib/module/ui/screens/OxyAuthScreen.js +2 -2
- package/lib/module/ui/screens/OxyAuthScreen.js.map +1 -1
- package/lib/module/ui/session/createSessionClient.js +25 -0
- package/lib/module/ui/session/createSessionClient.js.map +1 -0
- package/lib/module/ui/session/index.js +17 -0
- package/lib/module/ui/session/index.js.map +1 -0
- package/lib/module/ui/session/projectSessionState.js +79 -0
- package/lib/module/ui/session/projectSessionState.js.map +1 -0
- package/lib/module/ui/session/sessionClientHost.js +26 -0
- package/lib/module/ui/session/sessionClientHost.js.map +1 -0
- package/lib/module/ui/session/tokenTransport.js +74 -0
- package/lib/module/ui/session/tokenTransport.js.map +1 -0
- package/lib/module/ui/utils/activeAuthuser.js +34 -76
- package/lib/module/ui/utils/activeAuthuser.js.map +1 -1
- package/lib/module/ui/utils/sessionHelpers.js +0 -49
- package/lib/module/ui/utils/sessionHelpers.js.map +1 -1
- package/lib/module/utils/deviceFlowSignIn.js +71 -16
- package/lib/module/utils/deviceFlowSignIn.js.map +1 -1
- package/lib/typescript/commonjs/index.d.ts +2 -3
- package/lib/typescript/commonjs/index.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/components/AccountMenu.d.ts +4 -2
- package/lib/typescript/commonjs/ui/components/AccountMenu.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/components/AccountSwitcher.d.ts +7 -8
- package/lib/typescript/commonjs/ui/components/AccountSwitcher.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/components/ProfileButton.d.ts +11 -1
- package/lib/typescript/commonjs/ui/components/ProfileButton.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/components/ProfileMenu.d.ts +12 -9
- package/lib/typescript/commonjs/ui/components/ProfileMenu.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/context/OxyContext.d.ts +16 -13
- package/lib/typescript/commonjs/ui/context/OxyContext.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/context/hooks/useAuthOperations.d.ts +27 -3
- package/lib/typescript/commonjs/ui/context/hooks/useAuthOperations.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/context/inSessionTokenRefresh.d.ts +22 -17
- package/lib/typescript/commonjs/ui/context/inSessionTokenRefresh.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/context/silentSessionRestore.d.ts +12 -18
- package/lib/typescript/commonjs/ui/context/silentSessionRestore.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/hooks/mutations/useAccountMutations.d.ts +1 -0
- package/lib/typescript/commonjs/ui/hooks/mutations/useAccountMutations.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/hooks/useAuth.d.ts +1 -1
- package/lib/typescript/commonjs/ui/hooks/useAuth.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/hooks/useOxyAuthSession.d.ts +2 -2
- package/lib/typescript/commonjs/ui/hooks/useOxyAuthSession.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/hooks/useSessionManagement.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/hooks/useSwitchableAccounts.d.ts +162 -0
- package/lib/typescript/commonjs/ui/hooks/useSwitchableAccounts.d.ts.map +1 -0
- package/lib/typescript/commonjs/ui/hooks/useWebSSO.d.ts +13 -52
- package/lib/typescript/commonjs/ui/hooks/useWebSSO.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/index.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/session/createSessionClient.d.ts +15 -0
- package/lib/typescript/commonjs/ui/session/createSessionClient.d.ts.map +1 -0
- package/lib/typescript/commonjs/ui/session/index.d.ts +15 -0
- package/lib/typescript/commonjs/ui/session/index.d.ts.map +1 -0
- package/lib/typescript/commonjs/ui/session/projectSessionState.d.ts +45 -0
- package/lib/typescript/commonjs/ui/session/projectSessionState.d.ts.map +1 -0
- package/lib/typescript/commonjs/ui/session/sessionClientHost.d.ts +14 -0
- package/lib/typescript/commonjs/ui/session/sessionClientHost.d.ts.map +1 -0
- package/lib/typescript/commonjs/ui/session/tokenTransport.d.ts +24 -0
- package/lib/typescript/commonjs/ui/session/tokenTransport.d.ts.map +1 -0
- package/lib/typescript/commonjs/ui/utils/activeAuthuser.d.ts +21 -29
- package/lib/typescript/commonjs/ui/utils/activeAuthuser.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/utils/sessionHelpers.d.ts +0 -19
- package/lib/typescript/commonjs/ui/utils/sessionHelpers.d.ts.map +1 -1
- package/lib/typescript/commonjs/utils/deviceFlowSignIn.d.ts +51 -19
- package/lib/typescript/commonjs/utils/deviceFlowSignIn.d.ts.map +1 -1
- package/lib/typescript/module/index.d.ts +2 -3
- package/lib/typescript/module/index.d.ts.map +1 -1
- package/lib/typescript/module/ui/components/AccountMenu.d.ts +4 -2
- package/lib/typescript/module/ui/components/AccountMenu.d.ts.map +1 -1
- package/lib/typescript/module/ui/components/AccountSwitcher.d.ts +7 -8
- package/lib/typescript/module/ui/components/AccountSwitcher.d.ts.map +1 -1
- package/lib/typescript/module/ui/components/ProfileButton.d.ts +11 -1
- package/lib/typescript/module/ui/components/ProfileButton.d.ts.map +1 -1
- package/lib/typescript/module/ui/components/ProfileMenu.d.ts +12 -9
- package/lib/typescript/module/ui/components/ProfileMenu.d.ts.map +1 -1
- package/lib/typescript/module/ui/context/OxyContext.d.ts +16 -13
- package/lib/typescript/module/ui/context/OxyContext.d.ts.map +1 -1
- package/lib/typescript/module/ui/context/hooks/useAuthOperations.d.ts +27 -3
- package/lib/typescript/module/ui/context/hooks/useAuthOperations.d.ts.map +1 -1
- package/lib/typescript/module/ui/context/inSessionTokenRefresh.d.ts +22 -17
- package/lib/typescript/module/ui/context/inSessionTokenRefresh.d.ts.map +1 -1
- package/lib/typescript/module/ui/context/silentSessionRestore.d.ts +12 -18
- package/lib/typescript/module/ui/context/silentSessionRestore.d.ts.map +1 -1
- package/lib/typescript/module/ui/hooks/mutations/useAccountMutations.d.ts +1 -0
- package/lib/typescript/module/ui/hooks/mutations/useAccountMutations.d.ts.map +1 -1
- package/lib/typescript/module/ui/hooks/useAuth.d.ts +1 -1
- package/lib/typescript/module/ui/hooks/useAuth.d.ts.map +1 -1
- package/lib/typescript/module/ui/hooks/useOxyAuthSession.d.ts +2 -2
- package/lib/typescript/module/ui/hooks/useOxyAuthSession.d.ts.map +1 -1
- package/lib/typescript/module/ui/hooks/useSessionManagement.d.ts.map +1 -1
- package/lib/typescript/module/ui/hooks/useSwitchableAccounts.d.ts +162 -0
- package/lib/typescript/module/ui/hooks/useSwitchableAccounts.d.ts.map +1 -0
- package/lib/typescript/module/ui/hooks/useWebSSO.d.ts +13 -52
- package/lib/typescript/module/ui/hooks/useWebSSO.d.ts.map +1 -1
- package/lib/typescript/module/ui/index.d.ts.map +1 -1
- package/lib/typescript/module/ui/session/createSessionClient.d.ts +15 -0
- package/lib/typescript/module/ui/session/createSessionClient.d.ts.map +1 -0
- package/lib/typescript/module/ui/session/index.d.ts +15 -0
- package/lib/typescript/module/ui/session/index.d.ts.map +1 -0
- package/lib/typescript/module/ui/session/projectSessionState.d.ts +45 -0
- package/lib/typescript/module/ui/session/projectSessionState.d.ts.map +1 -0
- package/lib/typescript/module/ui/session/sessionClientHost.d.ts +14 -0
- package/lib/typescript/module/ui/session/sessionClientHost.d.ts.map +1 -0
- package/lib/typescript/module/ui/session/tokenTransport.d.ts +24 -0
- package/lib/typescript/module/ui/session/tokenTransport.d.ts.map +1 -0
- package/lib/typescript/module/ui/utils/activeAuthuser.d.ts +21 -29
- package/lib/typescript/module/ui/utils/activeAuthuser.d.ts.map +1 -1
- package/lib/typescript/module/ui/utils/sessionHelpers.d.ts +0 -19
- package/lib/typescript/module/ui/utils/sessionHelpers.d.ts.map +1 -1
- package/lib/typescript/module/utils/deviceFlowSignIn.d.ts +51 -19
- package/lib/typescript/module/utils/deviceFlowSignIn.d.ts.map +1 -1
- package/package.json +4 -4
- package/src/index.ts +9 -9
- package/src/ui/components/AccountMenu.tsx +117 -70
- package/src/ui/components/AccountSwitcher.tsx +88 -134
- package/src/ui/components/ProfileButton.tsx +95 -17
- package/src/ui/components/ProfileMenu.tsx +263 -155
- package/src/ui/components/SignInModal.tsx +5 -5
- package/src/ui/context/OxyContext.tsx +560 -475
- package/src/ui/context/hooks/useAuthOperations.ts +72 -63
- package/src/ui/context/inSessionTokenRefresh.ts +23 -42
- package/src/ui/context/silentSessionRestore.ts +12 -26
- package/src/ui/hooks/useAuth.ts +4 -3
- package/src/ui/hooks/useOxyAuthSession.ts +13 -8
- package/src/ui/hooks/useSessionManagement.ts +16 -87
- package/src/ui/hooks/useSwitchableAccounts.ts +397 -0
- package/src/ui/hooks/useWebSSO.ts +13 -227
- package/src/ui/index.ts +0 -1
- package/src/ui/screens/OxyAuthScreen.tsx +2 -2
- package/src/ui/session/__tests__/createSessionClient.test.ts +41 -0
- package/src/ui/session/__tests__/projectSessionState.test.ts +114 -0
- package/src/ui/session/__tests__/sessionClientHost.test.ts +43 -0
- package/src/ui/session/__tests__/tokenTransport.test.ts +142 -0
- package/src/ui/session/createSessionClient.ts +21 -0
- package/src/ui/session/index.ts +19 -0
- package/src/ui/session/projectSessionState.ts +85 -0
- package/src/ui/session/sessionClientHost.ts +27 -0
- package/src/ui/session/tokenTransport.ts +76 -0
- package/src/ui/utils/activeAuthuser.ts +34 -76
- package/src/ui/utils/sessionHelpers.ts +0 -66
- package/src/utils/__tests__/deviceFlowSignIn.test.ts +243 -34
- package/src/utils/deviceFlowSignIn.ts +98 -21
- package/lib/commonjs/ui/components/accountMenuRows.js +0 -33
- package/lib/commonjs/ui/components/accountMenuRows.js.map +0 -1
- package/lib/commonjs/ui/hooks/useDeviceAccounts.js +0 -280
- package/lib/commonjs/ui/hooks/useDeviceAccounts.js.map +0 -1
- package/lib/commonjs/ui/hooks/useSessionSocket.js +0 -203
- package/lib/commonjs/ui/hooks/useSessionSocket.js.map +0 -1
- package/lib/commonjs/utils/silentGuardKey.js +0 -54
- package/lib/commonjs/utils/silentGuardKey.js.map +0 -1
- package/lib/module/ui/components/accountMenuRows.js +0 -29
- package/lib/module/ui/components/accountMenuRows.js.map +0 -1
- package/lib/module/ui/hooks/useDeviceAccounts.js +0 -276
- package/lib/module/ui/hooks/useDeviceAccounts.js.map +0 -1
- package/lib/module/ui/hooks/useSessionSocket.js +0 -199
- package/lib/module/ui/hooks/useSessionSocket.js.map +0 -1
- package/lib/module/utils/silentGuardKey.js +0 -49
- package/lib/module/utils/silentGuardKey.js.map +0 -1
- package/lib/typescript/commonjs/ui/components/accountMenuRows.d.ts +0 -34
- package/lib/typescript/commonjs/ui/components/accountMenuRows.d.ts.map +0 -1
- package/lib/typescript/commonjs/ui/hooks/useDeviceAccounts.d.ts +0 -133
- package/lib/typescript/commonjs/ui/hooks/useDeviceAccounts.d.ts.map +0 -1
- package/lib/typescript/commonjs/ui/hooks/useSessionSocket.d.ts +0 -14
- package/lib/typescript/commonjs/ui/hooks/useSessionSocket.d.ts.map +0 -1
- package/lib/typescript/commonjs/utils/silentGuardKey.d.ts +0 -31
- package/lib/typescript/commonjs/utils/silentGuardKey.d.ts.map +0 -1
- package/lib/typescript/module/ui/components/accountMenuRows.d.ts +0 -34
- package/lib/typescript/module/ui/components/accountMenuRows.d.ts.map +0 -1
- package/lib/typescript/module/ui/hooks/useDeviceAccounts.d.ts +0 -133
- package/lib/typescript/module/ui/hooks/useDeviceAccounts.d.ts.map +0 -1
- package/lib/typescript/module/ui/hooks/useSessionSocket.d.ts +0 -14
- package/lib/typescript/module/ui/hooks/useSessionSocket.d.ts.map +0 -1
- package/lib/typescript/module/utils/silentGuardKey.d.ts +0 -31
- package/lib/typescript/module/utils/silentGuardKey.d.ts.map +0 -1
- package/src/ui/components/accountMenuRows.ts +0 -48
- package/src/ui/hooks/useDeviceAccounts.ts +0 -344
- package/src/ui/hooks/useSessionSocket.ts +0 -233
- package/src/ui/utils/__tests__/activeAuthuser.test.ts +0 -75
- package/src/utils/__tests__/silentGuardKey.test.ts +0 -82
- package/src/utils/silentGuardKey.ts +0 -46
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
Object.defineProperty(exports, "accountIdsOf", {
|
|
7
|
+
enumerable: true,
|
|
8
|
+
get: function () {
|
|
9
|
+
return _projectSessionState.accountIdsOf;
|
|
10
|
+
}
|
|
11
|
+
});
|
|
12
|
+
Object.defineProperty(exports, "activeSessionIdOf", {
|
|
13
|
+
enumerable: true,
|
|
14
|
+
get: function () {
|
|
15
|
+
return _projectSessionState.activeSessionIdOf;
|
|
16
|
+
}
|
|
17
|
+
});
|
|
18
|
+
Object.defineProperty(exports, "activeUserOf", {
|
|
19
|
+
enumerable: true,
|
|
20
|
+
get: function () {
|
|
21
|
+
return _projectSessionState.activeUserOf;
|
|
22
|
+
}
|
|
23
|
+
});
|
|
24
|
+
Object.defineProperty(exports, "createSessionClient", {
|
|
25
|
+
enumerable: true,
|
|
26
|
+
get: function () {
|
|
27
|
+
return _createSessionClient.createSessionClient;
|
|
28
|
+
}
|
|
29
|
+
});
|
|
30
|
+
Object.defineProperty(exports, "createSessionClientHost", {
|
|
31
|
+
enumerable: true,
|
|
32
|
+
get: function () {
|
|
33
|
+
return _sessionClientHost.createSessionClientHost;
|
|
34
|
+
}
|
|
35
|
+
});
|
|
36
|
+
Object.defineProperty(exports, "createTokenTransport", {
|
|
37
|
+
enumerable: true,
|
|
38
|
+
get: function () {
|
|
39
|
+
return _tokenTransport.createTokenTransport;
|
|
40
|
+
}
|
|
41
|
+
});
|
|
42
|
+
Object.defineProperty(exports, "deviceStateToClientSessions", {
|
|
43
|
+
enumerable: true,
|
|
44
|
+
get: function () {
|
|
45
|
+
return _projectSessionState.deviceStateToClientSessions;
|
|
46
|
+
}
|
|
47
|
+
});
|
|
48
|
+
var _createSessionClient = require("./createSessionClient.js");
|
|
49
|
+
var _sessionClientHost = require("./sessionClientHost.js");
|
|
50
|
+
var _tokenTransport = require("./tokenTransport.js");
|
|
51
|
+
var _projectSessionState = require("./projectSessionState.js");
|
|
52
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_createSessionClient","require","_sessionClientHost","_tokenTransport","_projectSessionState"],"sourceRoot":"../../../../src","sources":["ui/session/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAUA,IAAAA,oBAAA,GAAAC,OAAA;AACA,IAAAC,kBAAA,GAAAD,OAAA;AACA,IAAAE,eAAA,GAAAF,OAAA;AACA,IAAAG,oBAAA,GAAAH,OAAA","ignoreList":[]}
|
|
@@ -0,0 +1,86 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.accountIdsOf = accountIdsOf;
|
|
7
|
+
exports.activeSessionIdOf = activeSessionIdOf;
|
|
8
|
+
exports.activeUserOf = activeUserOf;
|
|
9
|
+
exports.deviceStateToClientSessions = deviceStateToClientSessions;
|
|
10
|
+
/**
|
|
11
|
+
* Pure projection helpers: `DeviceSessionState` (the device-scoped
|
|
12
|
+
* multi-account session-sync state produced by `@oxyhq/core`'s
|
|
13
|
+
* `SessionClient`) -> the shapes `OxyContext` renders today
|
|
14
|
+
* (`ClientSession[]`, an active session id, an active `User`).
|
|
15
|
+
*
|
|
16
|
+
* No I/O. The caller fetches profiles via
|
|
17
|
+
* `oxyServices.getUsersByIds(accountIdsOf(state))` and builds `usersById`
|
|
18
|
+
* from the result before calling `deviceStateToClientSessions` /
|
|
19
|
+
* `activeUserOf`.
|
|
20
|
+
*/
|
|
21
|
+
|
|
22
|
+
/**
|
|
23
|
+
* Maps every `SessionAccount` in `state.accounts` to a `ClientSession`.
|
|
24
|
+
*
|
|
25
|
+
* `DeviceSessionState` carries no per-account `expiresAt` / `lastActive` —
|
|
26
|
+
* both are set to `state.updatedAt` (converted to an ISO-8601 string; the
|
|
27
|
+
* wire value is an epoch-ms number) as a provisional value. Fase 3-B
|
|
28
|
+
* rewrites `ClientSession` to make `expiresAt`/`lastActive` optional (they
|
|
29
|
+
* are not derivable from `DeviceSessionState`).
|
|
30
|
+
*
|
|
31
|
+
* `usersById` is accepted for signature symmetry with `activeUserOf` even
|
|
32
|
+
* though `ClientSession` only stores `userId` — a session is still
|
|
33
|
+
* projected for an account whose id is absent from `usersById` (no
|
|
34
|
+
* placeholder user is fabricated).
|
|
35
|
+
*/
|
|
36
|
+
function deviceStateToClientSessions(state, usersById) {
|
|
37
|
+
const provisionalTimestamp = new Date(state.updatedAt).toISOString();
|
|
38
|
+
return state.accounts.map(account => ({
|
|
39
|
+
sessionId: account.sessionId,
|
|
40
|
+
deviceId: state.deviceId,
|
|
41
|
+
// provisional: Fase 3-B rewrites ClientSession to make expiresAt/lastActive
|
|
42
|
+
// optional (they are not in DeviceSessionState)
|
|
43
|
+
expiresAt: provisionalTimestamp,
|
|
44
|
+
lastActive: provisionalTimestamp,
|
|
45
|
+
userId: account.accountId,
|
|
46
|
+
isCurrent: account.accountId === state.activeAccountId,
|
|
47
|
+
authuser: account.authuser
|
|
48
|
+
}));
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
/**
|
|
52
|
+
* The active account's `sessionId`, or `null` when there is no state or no
|
|
53
|
+
* active account is set.
|
|
54
|
+
*/
|
|
55
|
+
function activeSessionIdOf(state) {
|
|
56
|
+
if (state === null || state.activeAccountId === null) {
|
|
57
|
+
return null;
|
|
58
|
+
}
|
|
59
|
+
const activeAccountId = state.activeAccountId;
|
|
60
|
+
const activeAccount = state.accounts.find(account => account.accountId === activeAccountId);
|
|
61
|
+
return activeAccount?.sessionId ?? null;
|
|
62
|
+
}
|
|
63
|
+
|
|
64
|
+
/**
|
|
65
|
+
* The active account's `User`, resolved from `usersById`. `null` when there
|
|
66
|
+
* is no state, no active account is set, or the active account id is absent
|
|
67
|
+
* from `usersById`.
|
|
68
|
+
*/
|
|
69
|
+
function activeUserOf(state, usersById) {
|
|
70
|
+
if (state === null || state.activeAccountId === null) {
|
|
71
|
+
return null;
|
|
72
|
+
}
|
|
73
|
+
return usersById.get(state.activeAccountId) ?? null;
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
/**
|
|
77
|
+
* All account ids in `state`, suitable for an `oxyServices.getUsersByIds(...)`
|
|
78
|
+
* fetch. `[]` for `null` state.
|
|
79
|
+
*/
|
|
80
|
+
function accountIdsOf(state) {
|
|
81
|
+
if (state === null) {
|
|
82
|
+
return [];
|
|
83
|
+
}
|
|
84
|
+
return state.accounts.map(account => account.accountId);
|
|
85
|
+
}
|
|
86
|
+
//# sourceMappingURL=projectSessionState.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["deviceStateToClientSessions","state","usersById","provisionalTimestamp","Date","updatedAt","toISOString","accounts","map","account","sessionId","deviceId","expiresAt","lastActive","userId","accountId","isCurrent","activeAccountId","authuser","activeSessionIdOf","activeAccount","find","activeUserOf","get","accountIdsOf"],"sourceRoot":"../../../../src","sources":["ui/session/projectSessionState.ts"],"mappings":";;;;;;;;;AAGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASA,2BAA2BA,CACzCC,KAAyB,EACzBC,SAA4B,EACX;EACjB,MAAMC,oBAAoB,GAAG,IAAIC,IAAI,CAACH,KAAK,CAACI,SAAS,CAAC,CAACC,WAAW,CAAC,CAAC;EACpE,OAAOL,KAAK,CAACM,QAAQ,CAACC,GAAG,CAAEC,OAAO,KAAM;IACtCC,SAAS,EAAED,OAAO,CAACC,SAAS;IAC5BC,QAAQ,EAAEV,KAAK,CAACU,QAAQ;IACxB;IACA;IACAC,SAAS,EAAET,oBAAoB;IAC/BU,UAAU,EAAEV,oBAAoB;IAChCW,MAAM,EAAEL,OAAO,CAACM,SAAS;IACzBC,SAAS,EAAEP,OAAO,CAACM,SAAS,KAAKd,KAAK,CAACgB,eAAe;IACtDC,QAAQ,EAAET,OAAO,CAACS;EACpB,CAAC,CAAC,CAAC;AACL;;AAEA;AACA;AACA;AACA;AACO,SAASC,iBAAiBA,CAAClB,KAAgC,EAAiB;EACjF,IAAIA,KAAK,KAAK,IAAI,IAAIA,KAAK,CAACgB,eAAe,KAAK,IAAI,EAAE;IACpD,OAAO,IAAI;EACb;EACA,MAAMA,eAAe,GAAGhB,KAAK,CAACgB,eAAe;EAC7C,MAAMG,aAAa,GAAGnB,KAAK,CAACM,QAAQ,CAACc,IAAI,CAAEZ,OAAO,IAAKA,OAAO,CAACM,SAAS,KAAKE,eAAe,CAAC;EAC7F,OAAOG,aAAa,EAAEV,SAAS,IAAI,IAAI;AACzC;;AAEA;AACA;AACA;AACA;AACA;AACO,SAASY,YAAYA,CAC1BrB,KAAgC,EAChCC,SAA4B,EACf;EACb,IAAID,KAAK,KAAK,IAAI,IAAIA,KAAK,CAACgB,eAAe,KAAK,IAAI,EAAE;IACpD,OAAO,IAAI;EACb;EACA,OAAOf,SAAS,CAACqB,GAAG,CAACtB,KAAK,CAACgB,eAAe,CAAC,IAAI,IAAI;AACrD;;AAEA;AACA;AACA;AACA;AACO,SAASO,YAAYA,CAACvB,KAAgC,EAAY;EACvE,IAAIA,KAAK,KAAK,IAAI,EAAE;IAClB,OAAO,EAAE;EACX;EACA,OAAOA,KAAK,CAACM,QAAQ,CAACC,GAAG,CAAEC,OAAO,IAAKA,OAAO,CAACM,SAAS,CAAC;AAC3D","ignoreList":[]}
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.createSessionClientHost = createSessionClientHost;
|
|
7
|
+
/**
|
|
8
|
+
* Thin `SessionClientHost` adapter over an `OxyServices` instance.
|
|
9
|
+
*
|
|
10
|
+
* `SessionClient` (in `@oxyhq/core`) is host-agnostic: it only needs a REST +
|
|
11
|
+
* token surface. `OxyServices` already exposes all of that except
|
|
12
|
+
* `getCurrentAccountId`, which has no direct equivalent — the adapter holds a
|
|
13
|
+
* mutable ref set by the caller (`OxyContext`, in Fase 3-B) via
|
|
14
|
+
* `setCurrentAccountId`.
|
|
15
|
+
*/
|
|
16
|
+
function createSessionClientHost(oxyServices) {
|
|
17
|
+
let currentAccountId = null;
|
|
18
|
+
return {
|
|
19
|
+
makeRequest: (method, url, data, options) => oxyServices.makeRequest(method, url, data, options),
|
|
20
|
+
getBaseURL: () => oxyServices.getBaseURL(),
|
|
21
|
+
getAccessToken: () => oxyServices.getAccessToken(),
|
|
22
|
+
onTokensChanged: listener => oxyServices.onTokensChanged(listener),
|
|
23
|
+
setTokens: accessToken => oxyServices.setTokens(accessToken),
|
|
24
|
+
getCurrentAccountId: () => currentAccountId,
|
|
25
|
+
setCurrentAccountId: id => {
|
|
26
|
+
currentAccountId = id;
|
|
27
|
+
}
|
|
28
|
+
};
|
|
29
|
+
}
|
|
30
|
+
//# sourceMappingURL=sessionClientHost.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["createSessionClientHost","oxyServices","currentAccountId","makeRequest","method","url","data","options","getBaseURL","getAccessToken","onTokensChanged","listener","setTokens","accessToken","getCurrentAccountId","setCurrentAccountId","id"],"sourceRoot":"../../../../src","sources":["ui/session/sessionClientHost.ts"],"mappings":";;;;;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASA,uBAAuBA,CACrCC,WAAwB,EAC8C;EACtE,IAAIC,gBAA+B,GAAG,IAAI;EAC1C,OAAO;IACLC,WAAW,EAAEA,CAACC,MAAM,EAAEC,GAAG,EAAEC,IAAI,EAAEC,OAAO,KAAKN,WAAW,CAACE,WAAW,CAACC,MAAM,EAAEC,GAAG,EAAEC,IAAI,EAAEC,OAAO,CAAC;IAChGC,UAAU,EAAEA,CAAA,KAAMP,WAAW,CAACO,UAAU,CAAC,CAAC;IAC1CC,cAAc,EAAEA,CAAA,KAAMR,WAAW,CAACQ,cAAc,CAAC,CAAC;IAClDC,eAAe,EAAGC,QAAQ,IAAKV,WAAW,CAACS,eAAe,CAACC,QAAQ,CAAC;IACpEC,SAAS,EAAGC,WAAW,IAAKZ,WAAW,CAACW,SAAS,CAACC,WAAW,CAAC;IAC9DC,mBAAmB,EAAEA,CAAA,KAAMZ,gBAAgB;IAC3Ca,mBAAmB,EAAGC,EAAE,IAAK;MAC3Bd,gBAAgB,GAAGc,EAAE;IACvB;EACF,CAAC;AACH","ignoreList":[]}
|
|
@@ -0,0 +1,77 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.createTokenTransport = createTokenTransport;
|
|
7
|
+
var _core = require("@oxyhq/core");
|
|
8
|
+
var _useWebSSO = require("../hooks/useWebSSO.js");
|
|
9
|
+
/**
|
|
10
|
+
* Platform `TokenTransport` for `SessionClient`: mints an access token when
|
|
11
|
+
* none is currently held, reusing the SAME primitives `OxyContext`'s cold
|
|
12
|
+
* boot already relies on (never re-implemented here):
|
|
13
|
+
*
|
|
14
|
+
* - web: `oxyServices.silentSignIn()` (per-apex `/auth/silent` iframe).
|
|
15
|
+
* - native: `oxyServices.signInWithSharedIdentity()` (app-group keychain).
|
|
16
|
+
*
|
|
17
|
+
* Both primitives plant the token internally on success (the "Sign-In Token
|
|
18
|
+
* Planting" rule) — `ensureActiveToken` never calls `setTokens` itself.
|
|
19
|
+
*
|
|
20
|
+
* `ensureActiveToken` treats a PRESENT token as sufficient in this phase; it
|
|
21
|
+
* does not decode/match the token's subject against `state.activeAccountId`
|
|
22
|
+
* (that refinement is Fase 3-B). Account switching itself is server-driven
|
|
23
|
+
* via the `activeToken` carried in the sync envelope — this transport is
|
|
24
|
+
* only the fallback used when the envelope carried no token.
|
|
25
|
+
*
|
|
26
|
+
* A failed mint is logged and swallowed: it must never throw out of
|
|
27
|
+
* `ensureActiveToken`, since that would crash the caller (the SessionClient
|
|
28
|
+
* socket handler in Fase 3-B).
|
|
29
|
+
*/
|
|
30
|
+
function createTokenTransport(oxyServices) {
|
|
31
|
+
// Coalesces concurrent mints: `SessionClient.applyState` can fire
|
|
32
|
+
// `ensureActiveToken` on rapid successive state pushes; a second call while a
|
|
33
|
+
// mint is already in flight must reuse it, not spawn a second silent iframe /
|
|
34
|
+
// shared-key challenge round-trip.
|
|
35
|
+
let inFlightMint = null;
|
|
36
|
+
return {
|
|
37
|
+
async ensureActiveToken(state) {
|
|
38
|
+
// Read the current token defensively: it is an in-memory getter that
|
|
39
|
+
// should never throw, but the documented contract is that this method
|
|
40
|
+
// never throws out — so a surprising throw is logged and treated as "no
|
|
41
|
+
// token" (fall through to mint) rather than rejecting the promise.
|
|
42
|
+
try {
|
|
43
|
+
if (oxyServices.getAccessToken()) {
|
|
44
|
+
return;
|
|
45
|
+
}
|
|
46
|
+
} catch (error) {
|
|
47
|
+
_core.logger.warn('ensureActiveToken: getAccessToken threw', {
|
|
48
|
+
component: 'TokenTransport'
|
|
49
|
+
}, error);
|
|
50
|
+
}
|
|
51
|
+
if (inFlightMint) {
|
|
52
|
+
return inFlightMint;
|
|
53
|
+
}
|
|
54
|
+
inFlightMint = (async () => {
|
|
55
|
+
try {
|
|
56
|
+
const session = (0, _useWebSSO.isWebBrowser)() ? await oxyServices.silentSignIn() : await oxyServices.signInWithSharedIdentity();
|
|
57
|
+
if (!session) {
|
|
58
|
+
_core.logger.debug('ensureActiveToken: platform mint returned no session', {
|
|
59
|
+
component: 'TokenTransport',
|
|
60
|
+
deviceId: state.deviceId
|
|
61
|
+
});
|
|
62
|
+
}
|
|
63
|
+
} catch (error) {
|
|
64
|
+
_core.logger.warn('ensureActiveToken: mint failed', {
|
|
65
|
+
component: 'TokenTransport'
|
|
66
|
+
}, error);
|
|
67
|
+
}
|
|
68
|
+
})();
|
|
69
|
+
try {
|
|
70
|
+
await inFlightMint;
|
|
71
|
+
} finally {
|
|
72
|
+
inFlightMint = null;
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
};
|
|
76
|
+
}
|
|
77
|
+
//# sourceMappingURL=tokenTransport.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_core","require","_useWebSSO","createTokenTransport","oxyServices","inFlightMint","ensureActiveToken","state","getAccessToken","error","logger","warn","component","session","isWebBrowser","silentSignIn","signInWithSharedIdentity","debug","deviceId"],"sourceRoot":"../../../../src","sources":["ui/session/tokenTransport.ts"],"mappings":";;;;;;AAEA,IAAAA,KAAA,GAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASE,oBAAoBA,CAACC,WAAwB,EAAkB;EAC7E;EACA;EACA;EACA;EACA,IAAIC,YAAkC,GAAG,IAAI;EAE7C,OAAO;IACL,MAAMC,iBAAiBA,CAACC,KAAyB,EAAiB;MAChE;MACA;MACA;MACA;MACA,IAAI;QACF,IAAIH,WAAW,CAACI,cAAc,CAAC,CAAC,EAAE;UAChC;QACF;MACF,CAAC,CAAC,OAAOC,KAAK,EAAE;QACdC,YAAM,CAACC,IAAI,CAAC,yCAAyC,EAAE;UAAEC,SAAS,EAAE;QAAiB,CAAC,EAAEH,KAAK,CAAC;MAChG;MAEA,IAAIJ,YAAY,EAAE;QAChB,OAAOA,YAAY;MACrB;MAEAA,YAAY,GAAG,CAAC,YAAY;QAC1B,IAAI;UACF,MAAMQ,OAAO,GAAG,IAAAC,uBAAY,EAAC,CAAC,GAC1B,MAAMV,WAAW,CAACW,YAAY,CAAC,CAAC,GAChC,MAAMX,WAAW,CAACY,wBAAwB,CAAC,CAAC;UAEhD,IAAI,CAACH,OAAO,EAAE;YACZH,YAAM,CAACO,KAAK,CAAC,sDAAsD,EAAE;cACnEL,SAAS,EAAE,gBAAgB;cAC3BM,QAAQ,EAAEX,KAAK,CAACW;YAClB,CAAC,CAAC;UACJ;QACF,CAAC,CAAC,OAAOT,KAAK,EAAE;UACdC,YAAM,CAACC,IAAI,CAAC,gCAAgC,EAAE;YAAEC,SAAS,EAAE;UAAiB,CAAC,EAAEH,KAAK,CAAC;QACvF;MACF,CAAC,EAAE,CAAC;MAEJ,IAAI;QACF,MAAMJ,YAAY;MACpB,CAAC,SAAS;QACRA,YAAY,GAAG,IAAI;MACrB;IACF;EACF,CAAC;AACH","ignoreList":[]}
|
|
@@ -3,53 +3,41 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.ACTIVE_AUTHUSER_KEY = void 0;
|
|
7
|
-
exports.clearActiveAuthuser = clearActiveAuthuser;
|
|
8
6
|
exports.clearSignedOut = clearSignedOut;
|
|
9
7
|
exports.clearSsoBounceState = clearSsoBounceState;
|
|
10
8
|
exports.isSilentRestoreSuppressed = isSilentRestoreSuppressed;
|
|
11
9
|
exports.markSignedOut = markSignedOut;
|
|
12
10
|
exports.readActiveAuthuser = readActiveAuthuser;
|
|
13
|
-
exports.writeActiveAuthuser = writeActiveAuthuser;
|
|
14
11
|
var _core = require("@oxyhq/core");
|
|
15
12
|
/**
|
|
16
|
-
* Web-only
|
|
13
|
+
* Web-only helpers around the retired `oxy_rt_${authuser}` multi-slot
|
|
14
|
+
* refresh-cookie scheme, PLUS the (unrelated, still load-bearing) deliberate
|
|
15
|
+
* sign-out / SSO-bounce gates.
|
|
17
16
|
*
|
|
18
|
-
*
|
|
19
|
-
*
|
|
20
|
-
*
|
|
21
|
-
*
|
|
22
|
-
*
|
|
23
|
-
*
|
|
24
|
-
*
|
|
25
|
-
*
|
|
26
|
-
*
|
|
27
|
-
* It
|
|
28
|
-
*
|
|
17
|
+
* NOTE (session-sync cutover, Task 5): the device account SET is now
|
|
18
|
+
* server-authoritative via `SessionClient` (`@oxyhq/core`) — nothing in
|
|
19
|
+
* `@oxyhq/services` writes the persisted active-`authuser`-slot key anymore
|
|
20
|
+
* (`writeActiveAuthuser`/`clearActiveAuthuser` were deleted; their only
|
|
21
|
+
* callers were the deleted `establishDeviceRefreshSlot` sign-in registration
|
|
22
|
+
* and the deleted `switchToAccount`/`switchSession` slot bookkeeping).
|
|
23
|
+
* {@link readActiveAuthuser} is KEPT purely as an OPTIONAL restore hint:
|
|
24
|
+
* `OxyContext`'s `restoreStoredSession` cold-boot step reads it only to
|
|
25
|
+
* backfill `clientSession.authuser` for the active session when a legacy value
|
|
26
|
+
* happens to be present. It NO LONGER gates whether restore is attempted — the
|
|
27
|
+
* old guard that also required this marker made every web reload with a lapsed
|
|
28
|
+
* local bearer bail before any network validation (P0), and was replaced by a
|
|
29
|
+
* "bail only when there is nothing to restore" guard plus a valid-session
|
|
30
|
+
* election. Since nothing writes the key anymore, the backfill is dormant on
|
|
31
|
+
* fresh installs; it stays for legacy installs and costs nothing.
|
|
29
32
|
*
|
|
30
33
|
* Native (React Native) has no equivalent of these device-local cookies
|
|
31
34
|
* and uses bearer-protected session ids directly, so these helpers no-op
|
|
32
35
|
* outside the browser.
|
|
33
36
|
*/
|
|
34
37
|
|
|
35
|
-
const ACTIVE_AUTHUSER_KEY =
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
* Safely resolve `window.localStorage`, returning `null` when it is
|
|
39
|
-
* unavailable. The PROPERTY ACCESS itself (`window.localStorage`) can throw a
|
|
40
|
-
* `SecurityError` synchronously in opaque-origin / sandboxed iframes or when
|
|
41
|
-
* storage is disabled — even `typeof window.localStorage` evaluates the getter
|
|
42
|
-
* and throws. Every read/write in this module routes through here so the getter
|
|
43
|
-
* throw is caught once, at the source, and callers stay clean. Returns `null`
|
|
44
|
-
* off-web and on any access failure (fail safe).
|
|
45
|
-
*/
|
|
46
|
-
function getLocalStorage() {
|
|
47
|
-
if (typeof window === 'undefined') return null;
|
|
48
|
-
try {
|
|
49
|
-
return window.localStorage ?? null;
|
|
50
|
-
} catch {
|
|
51
|
-
return null;
|
|
52
|
-
}
|
|
38
|
+
const ACTIVE_AUTHUSER_KEY = 'oxy_active_authuser';
|
|
39
|
+
function hasLocalStorage() {
|
|
40
|
+
return typeof window !== 'undefined' && typeof window.localStorage !== 'undefined';
|
|
53
41
|
}
|
|
54
42
|
function getSessionStorage() {
|
|
55
43
|
if (typeof window === 'undefined') return null;
|
|
@@ -68,12 +56,11 @@ function getSessionStorage() {
|
|
|
68
56
|
* fall back to deterministic selection (lowest authuser).
|
|
69
57
|
*/
|
|
70
58
|
function readActiveAuthuser() {
|
|
71
|
-
|
|
72
|
-
if (!storage) {
|
|
59
|
+
if (!hasLocalStorage()) {
|
|
73
60
|
return null;
|
|
74
61
|
}
|
|
75
62
|
try {
|
|
76
|
-
const raw =
|
|
63
|
+
const raw = window.localStorage.getItem(ACTIVE_AUTHUSER_KEY);
|
|
77
64
|
if (raw === null) return null;
|
|
78
65
|
const parsed = Number.parseInt(raw, 10);
|
|
79
66
|
if (!Number.isFinite(parsed) || parsed < 0) return null;
|
|
@@ -83,50 +70,18 @@ function readActiveAuthuser() {
|
|
|
83
70
|
}
|
|
84
71
|
}
|
|
85
72
|
|
|
86
|
-
/**
|
|
87
|
-
* Persist the active `authuser` slot index. No-ops on native and on any
|
|
88
|
-
* storage failure (e.g. Safari private mode). Callers MUST NOT depend on
|
|
89
|
-
* this succeeding — it is best-effort UX persistence, not authoritative.
|
|
90
|
-
*/
|
|
91
|
-
function writeActiveAuthuser(authuser) {
|
|
92
|
-
if (!Number.isFinite(authuser) || authuser < 0) return;
|
|
93
|
-
const storage = getLocalStorage();
|
|
94
|
-
if (!storage) return;
|
|
95
|
-
try {
|
|
96
|
-
storage.setItem(ACTIVE_AUTHUSER_KEY, String(authuser));
|
|
97
|
-
} catch {
|
|
98
|
-
// Best-effort persistence; swallow QuotaExceededError / SecurityError.
|
|
99
|
-
}
|
|
100
|
-
}
|
|
101
|
-
|
|
102
|
-
/**
|
|
103
|
-
* Clear the persisted active `authuser` slot index. Called on full sign-out
|
|
104
|
-
* (logoutAll) so that the next cold boot doesn't try to resurrect a
|
|
105
|
-
* cleared slot.
|
|
106
|
-
*/
|
|
107
|
-
function clearActiveAuthuser() {
|
|
108
|
-
const storage = getLocalStorage();
|
|
109
|
-
if (!storage) return;
|
|
110
|
-
try {
|
|
111
|
-
storage.removeItem(ACTIVE_AUTHUSER_KEY);
|
|
112
|
-
} catch {
|
|
113
|
-
// Best-effort.
|
|
114
|
-
}
|
|
115
|
-
}
|
|
116
|
-
|
|
117
73
|
/**
|
|
118
74
|
* Mark this origin as DELIBERATELY signed out (durable `localStorage`, via the
|
|
119
75
|
* core {@link ssoSignedOutKey}). Called ONLY on EXPLICIT full sign-out so that
|
|
120
76
|
* the next cold boot does NOT silently re-mint a session from a still-live IdP
|
|
121
|
-
* session (
|
|
77
|
+
* session (the per-apex `/auth/silent` iframe cold-boot step). Cleared by any
|
|
122
78
|
* deliberate sign-in (see {@link clearSignedOut}). No-ops on native / storage
|
|
123
79
|
* failure (best-effort).
|
|
124
80
|
*/
|
|
125
81
|
function markSignedOut() {
|
|
126
|
-
|
|
127
|
-
if (!storage) return;
|
|
82
|
+
if (!hasLocalStorage()) return;
|
|
128
83
|
try {
|
|
129
|
-
|
|
84
|
+
window.localStorage.setItem((0, _core.ssoSignedOutKey)(window.location.origin), '1');
|
|
130
85
|
} catch {
|
|
131
86
|
// Best-effort; swallow QuotaExceededError / SecurityError (private mode).
|
|
132
87
|
}
|
|
@@ -134,15 +89,14 @@ function markSignedOut() {
|
|
|
134
89
|
|
|
135
90
|
/**
|
|
136
91
|
* Clear the durable deliberately-signed-out flag. Called on ANY deliberate
|
|
137
|
-
* sign-in (password,
|
|
92
|
+
* sign-in (password, account switch, device claim) so a real sign-in
|
|
138
93
|
* fully re-enables automatic silent restore — there is no "stuck signed out"
|
|
139
94
|
* state. No-ops on native / storage failure.
|
|
140
95
|
*/
|
|
141
96
|
function clearSignedOut() {
|
|
142
|
-
|
|
143
|
-
if (!storage) return;
|
|
97
|
+
if (!hasLocalStorage()) return;
|
|
144
98
|
try {
|
|
145
|
-
|
|
99
|
+
window.localStorage.removeItem((0, _core.ssoSignedOutKey)(window.location.origin));
|
|
146
100
|
} catch {
|
|
147
101
|
// Best-effort.
|
|
148
102
|
}
|
|
@@ -153,12 +107,14 @@ function clearSignedOut() {
|
|
|
153
107
|
* the user deliberately signed out. Reads the durable flag through the core
|
|
154
108
|
* {@link silentRestoreSuppressed} predicate. Returns `false` off-web and on any
|
|
155
109
|
* storage failure (fail safe toward normal restore). Used to gate the
|
|
156
|
-
* `
|
|
110
|
+
* `silent-iframe` cold-boot step.
|
|
157
111
|
*/
|
|
158
112
|
function isSilentRestoreSuppressed() {
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
113
|
+
// Unlike its try/catch-wrapped siblings this reads `window.location.origin`
|
|
114
|
+
// directly, so guard it: an RN polyfill can expose `localStorage` without a
|
|
115
|
+
// `location`, which would throw here. Fail safe toward normal restore.
|
|
116
|
+
if (!hasLocalStorage() || typeof window.location === 'undefined') return false;
|
|
117
|
+
return (0, _core.silentRestoreSuppressed)(window.localStorage, window.location.origin);
|
|
162
118
|
}
|
|
163
119
|
|
|
164
120
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_core","require","ACTIVE_AUTHUSER_KEY","
|
|
1
|
+
{"version":3,"names":["_core","require","ACTIVE_AUTHUSER_KEY","hasLocalStorage","window","localStorage","getSessionStorage","sessionStorage","readActiveAuthuser","raw","getItem","parsed","Number","parseInt","isFinite","markSignedOut","setItem","ssoSignedOutKey","location","origin","clearSignedOut","removeItem","isSilentRestoreSuppressed","silentRestoreSuppressed","clearSsoBounceState","storage","ssoAttemptedKey","ssoNoSessionKey","ssoGuardKey","ssoStateKey","ssoDestKey"],"sourceRoot":"../../../../src","sources":["ui/utils/activeAuthuser.ts"],"mappings":";;;;;;;;;;AA0BA,IAAAA,KAAA,GAAAC,OAAA;AA1BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAYA,MAAMC,mBAAmB,GAAG,qBAAqB;AAEjD,SAASC,eAAeA,CAAA,EAAY;EAClC,OAAO,OAAOC,MAAM,KAAK,WAAW,IAAI,OAAOA,MAAM,CAACC,YAAY,KAAK,WAAW;AACpF;AAEA,SAASC,iBAAiBA,CAAA,EAAmB;EAC3C,IAAI,OAAOF,MAAM,KAAK,WAAW,EAAE,OAAO,IAAI;EAC9C,IAAI;IACF,OAAOA,MAAM,CAACG,cAAc,IAAI,IAAI;EACtC,CAAC,CAAC,MAAM;IACN,OAAO,IAAI;EACb;AACF;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASC,kBAAkBA,CAAA,EAAkB;EAClD,IAAI,CAACL,eAAe,CAAC,CAAC,EAAE;IACtB,OAAO,IAAI;EACb;EACA,IAAI;IACF,MAAMM,GAAG,GAAGL,MAAM,CAACC,YAAY,CAACK,OAAO,CAACR,mBAAmB,CAAC;IAC5D,IAAIO,GAAG,KAAK,IAAI,EAAE,OAAO,IAAI;IAC7B,MAAME,MAAM,GAAGC,MAAM,CAACC,QAAQ,CAACJ,GAAG,EAAE,EAAE,CAAC;IACvC,IAAI,CAACG,MAAM,CAACE,QAAQ,CAACH,MAAM,CAAC,IAAIA,MAAM,GAAG,CAAC,EAAE,OAAO,IAAI;IACvD,OAAOA,MAAM;EACf,CAAC,CAAC,MAAM;IACN,OAAO,IAAI;EACb;AACF;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASI,aAAaA,CAAA,EAAS;EACpC,IAAI,CAACZ,eAAe,CAAC,CAAC,EAAE;EACxB,IAAI;IACFC,MAAM,CAACC,YAAY,CAACW,OAAO,CAAC,IAAAC,qBAAe,EAACb,MAAM,CAACc,QAAQ,CAACC,MAAM,CAAC,EAAE,GAAG,CAAC;EAC3E,CAAC,CAAC,MAAM;IACN;EAAA;AAEJ;;AAEA;AACA;AACA;AACA;AACA;AACA;AACO,SAASC,cAAcA,CAAA,EAAS;EACrC,IAAI,CAACjB,eAAe,CAAC,CAAC,EAAE;EACxB,IAAI;IACFC,MAAM,CAACC,YAAY,CAACgB,UAAU,CAAC,IAAAJ,qBAAe,EAACb,MAAM,CAACc,QAAQ,CAACC,MAAM,CAAC,CAAC;EACzE,CAAC,CAAC,MAAM;IACN;EAAA;AAEJ;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASG,yBAAyBA,CAAA,EAAY;EACnD;EACA;EACA;EACA,IAAI,CAACnB,eAAe,CAAC,CAAC,IAAI,OAAOC,MAAM,CAACc,QAAQ,KAAK,WAAW,EAAE,OAAO,KAAK;EAC9E,OAAO,IAAAK,6BAAuB,EAACnB,MAAM,CAACC,YAAY,EAAED,MAAM,CAACc,QAAQ,CAACC,MAAM,CAAC;AAC7E;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASK,mBAAmBA,CAAA,EAAS;EAC1C,MAAMC,OAAO,GAAGnB,iBAAiB,CAAC,CAAC;EACnC,IAAI,CAACmB,OAAO,EAAE;EACd,IAAI;IACF,MAAMN,MAAM,GAAGf,MAAM,CAACc,QAAQ,CAACC,MAAM;IACrCM,OAAO,CAACJ,UAAU,CAAC,IAAAK,qBAAe,EAACP,MAAM,CAAC,CAAC;IAC3CM,OAAO,CAACJ,UAAU,CAAC,IAAAM,qBAAe,EAACR,MAAM,CAAC,CAAC;IAC3CM,OAAO,CAACJ,UAAU,CAAC,IAAAO,iBAAW,EAACT,MAAM,CAAC,CAAC;IACvCM,OAAO,CAACJ,UAAU,CAAC,IAAAQ,iBAAW,EAACV,MAAM,CAAC,CAAC;IACvCM,OAAO,CAACJ,UAAU,CAAC,IAAAS,gBAAU,EAACX,MAAM,CAAC,CAAC;EACxC,CAAC,CAAC,MAAM;IACN;EAAA;AAEJ","ignoreList":[]}
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.
|
|
6
|
+
exports.mapSessionsToClient = exports.fetchSessionsWithFallback = void 0;
|
|
7
7
|
/**
|
|
8
8
|
* Service type for session helpers.
|
|
9
9
|
* Uses 'unknown' to work around TypeScript mixin composition type inference issues.
|
|
@@ -57,55 +57,5 @@ const fetchSessionsWithFallback = async (oxyServices, sessionId, {
|
|
|
57
57
|
return mapSessionsToClient(userSessions, fallbackDeviceId, fallbackUserId);
|
|
58
58
|
}
|
|
59
59
|
};
|
|
60
|
-
|
|
61
|
-
/**
|
|
62
|
-
* Validate multiple sessions concurrently with configurable concurrency.
|
|
63
|
-
*
|
|
64
|
-
* @param oxyServices - Oxy service instance
|
|
65
|
-
* @param sessionIds - Session identifiers to validate
|
|
66
|
-
* @param options - Validation options
|
|
67
|
-
*/
|
|
68
60
|
exports.fetchSessionsWithFallback = fetchSessionsWithFallback;
|
|
69
|
-
const validateSessionBatch = async (oxyServices, sessionIds, {
|
|
70
|
-
useHeaderValidation = true,
|
|
71
|
-
maxConcurrency = 5
|
|
72
|
-
} = {}) => {
|
|
73
|
-
if (!sessionIds.length) {
|
|
74
|
-
return [];
|
|
75
|
-
}
|
|
76
|
-
const uniqueSessionIds = Array.from(new Set(sessionIds));
|
|
77
|
-
const safeConcurrency = Math.max(1, Math.min(maxConcurrency, uniqueSessionIds.length));
|
|
78
|
-
const results = [];
|
|
79
|
-
let index = 0;
|
|
80
|
-
const worker = async () => {
|
|
81
|
-
while (index < uniqueSessionIds.length) {
|
|
82
|
-
const currentIndex = index;
|
|
83
|
-
index += 1;
|
|
84
|
-
const sessionId = uniqueSessionIds[currentIndex];
|
|
85
|
-
try {
|
|
86
|
-
const validation = await oxyServices.validateSession(sessionId, {
|
|
87
|
-
useHeaderValidation
|
|
88
|
-
});
|
|
89
|
-
const valid = Boolean(validation?.valid);
|
|
90
|
-
results.push({
|
|
91
|
-
sessionId,
|
|
92
|
-
valid,
|
|
93
|
-
user: validation?.user,
|
|
94
|
-
raw: validation
|
|
95
|
-
});
|
|
96
|
-
} catch (error) {
|
|
97
|
-
results.push({
|
|
98
|
-
sessionId,
|
|
99
|
-
valid: false,
|
|
100
|
-
error
|
|
101
|
-
});
|
|
102
|
-
}
|
|
103
|
-
}
|
|
104
|
-
};
|
|
105
|
-
await Promise.all(Array.from({
|
|
106
|
-
length: safeConcurrency
|
|
107
|
-
}, worker));
|
|
108
|
-
return results;
|
|
109
|
-
};
|
|
110
|
-
exports.validateSessionBatch = validateSessionBatch;
|
|
111
61
|
//# sourceMappingURL=sessionHelpers.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["mapSessionsToClient","sessions","fallbackDeviceId","fallbackUserId","now","Date","map","session","sessionId","deviceId","expiresAt","getTime","toISOString","lastActive","userId","user","id","_id","toString","undefined","isCurrent","Boolean","exports","fetchSessionsWithFallback","oxyServices","logger","deviceSessions","getDeviceSessions","error","__DEV__","userSessions","getSessionsBySessionId"
|
|
1
|
+
{"version":3,"names":["mapSessionsToClient","sessions","fallbackDeviceId","fallbackUserId","now","Date","map","session","sessionId","deviceId","expiresAt","getTime","toISOString","lastActive","userId","user","id","_id","toString","undefined","isCurrent","Boolean","exports","fetchSessionsWithFallback","oxyServices","logger","deviceSessions","getDeviceSessions","error","__DEV__","userSessions","getSessionsBySessionId"],"sourceRoot":"../../../../src","sources":["ui/utils/sessionHelpers.ts"],"mappings":";;;;;;AAaA;AACA;AACA;AACA;AACA;AACA;AACA;;AASA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMA,mBAAmB,GAAGA,CACjCC,QAAyB,EACzBC,gBAAyB,EACzBC,cAAuB,KACH;EACpB,MAAMC,GAAG,GAAG,IAAIC,IAAI,CAAC,CAAC;EAEtB,OAAOJ,QAAQ,CAACK,GAAG,CAAEC,OAAO,KAAM;IAChCC,SAAS,EAAED,OAAO,CAACC,SAAS;IAC5BC,QAAQ,EAAEF,OAAO,CAACE,QAAQ,IAAIP,gBAAgB,IAAI,EAAE;IACpDQ,SAAS,EAAEH,OAAO,CAACG,SAAS,IAAI,IAAIL,IAAI,CAACD,GAAG,CAACO,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAACC,WAAW,CAAC,CAAC;IAC/FC,UAAU,EAAEN,OAAO,CAACM,UAAU,IAAIT,GAAG,CAACQ,WAAW,CAAC,CAAC;IACnDE,MAAM,EACJP,OAAO,CAACQ,IAAI,EAAEC,EAAE,IAChBT,OAAO,CAACO,MAAM,KACbP,OAAO,CAACQ,IAAI,EAAEE,GAAG,GAAGV,OAAO,CAACQ,IAAI,CAACE,GAAG,CAACC,QAAQ,CAAC,CAAC,GAAGC,SAAS,CAAC,IAC7DhB,cAAc,IACd,EAAE;IACJiB,SAAS,EAAEC,OAAO,CAACd,OAAO,CAACa,SAAS;EACtC,CAAC,CAAC,CAAC;AACL,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AARAE,OAAA,CAAAtB,mBAAA,GAAAA,mBAAA;AASO,MAAMuB,yBAAyB,GAAG,MAAAA,CACvCC,WAA2B,EAC3BhB,SAAiB,EACjB;EACEN,gBAAgB;EAChBC,cAAc;EACdsB;AACgC,CAAC,GAAG,CAAC,CAAC,KACX;EAC7B,IAAI;IACF,MAAMC,cAAc,GAAG,MAAMF,WAAW,CAACG,iBAAiB,CAACnB,SAAS,CAAC;IACrE,OAAOR,mBAAmB,CAAC0B,cAAc,EAAExB,gBAAgB,EAAEC,cAAc,CAAC;EAC9E,CAAC,CAAC,OAAOyB,KAAK,EAAE;IACd,IAAIC,OAAO,IAAIJ,MAAM,EAAE;MACrBA,MAAM,CAAC,8DAA8D,EAAEG,KAAK,CAAC;IAC/E;IAEA,MAAME,YAAY,GAAG,MAAMN,WAAW,CAACO,sBAAsB,CAACvB,SAAS,CAAC;IACxE,OAAOR,mBAAmB,CAAC8B,YAAY,EAAE5B,gBAAgB,EAAEC,cAAc,CAAC;EAC5E;AACF,CAAC;AAACmB,OAAA,CAAAC,yBAAA,GAAAA,yBAAA","ignoreList":[]}
|