@oxyhq/services 5.20.2 → 5.21.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/commonjs/core/mixins/OxyServices.fedcm.js +158 -19
- package/lib/commonjs/core/mixins/OxyServices.fedcm.js.map +1 -1
- package/lib/commonjs/core/mixins/OxyServices.popup.js +40 -1
- package/lib/commonjs/core/mixins/OxyServices.popup.js.map +1 -1
- package/lib/commonjs/ui/context/OxyContext.js +19 -1
- package/lib/commonjs/ui/context/OxyContext.js.map +1 -1
- package/lib/commonjs/ui/hooks/useAuth.js +9 -19
- package/lib/commonjs/ui/hooks/useAuth.js.map +1 -1
- package/lib/commonjs/ui/hooks/useWebSSO.js +60 -0
- package/lib/commonjs/ui/hooks/useWebSSO.js.map +1 -1
- package/lib/module/core/mixins/OxyServices.fedcm.js +158 -19
- package/lib/module/core/mixins/OxyServices.fedcm.js.map +1 -1
- package/lib/module/core/mixins/OxyServices.popup.js +40 -1
- package/lib/module/core/mixins/OxyServices.popup.js.map +1 -1
- package/lib/module/ui/context/OxyContext.js +19 -1
- package/lib/module/ui/context/OxyContext.js.map +1 -1
- package/lib/module/ui/hooks/useAuth.js +9 -19
- package/lib/module/ui/hooks/useAuth.js.map +1 -1
- package/lib/module/ui/hooks/useWebSSO.js +60 -0
- package/lib/module/ui/hooks/useWebSSO.js.map +1 -1
- package/lib/typescript/commonjs/core/mixins/OxyServices.fedcm.d.ts +1 -0
- package/lib/typescript/commonjs/core/mixins/OxyServices.fedcm.d.ts.map +1 -1
- package/lib/typescript/commonjs/core/mixins/OxyServices.popup.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/context/OxyContext.d.ts +11 -0
- package/lib/typescript/commonjs/ui/context/OxyContext.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/hooks/useAuth.d.ts.map +1 -1
- package/lib/typescript/commonjs/ui/hooks/useWebSSO.d.ts +2 -0
- package/lib/typescript/commonjs/ui/hooks/useWebSSO.d.ts.map +1 -1
- package/lib/typescript/module/core/mixins/OxyServices.fedcm.d.ts +1 -0
- package/lib/typescript/module/core/mixins/OxyServices.fedcm.d.ts.map +1 -1
- package/lib/typescript/module/core/mixins/OxyServices.popup.d.ts.map +1 -1
- package/lib/typescript/module/ui/context/OxyContext.d.ts +11 -0
- package/lib/typescript/module/ui/context/OxyContext.d.ts.map +1 -1
- package/lib/typescript/module/ui/hooks/useAuth.d.ts.map +1 -1
- package/lib/typescript/module/ui/hooks/useWebSSO.d.ts +2 -0
- package/lib/typescript/module/ui/hooks/useWebSSO.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/core/mixins/OxyServices.fedcm.ts +160 -20
- package/src/core/mixins/OxyServices.popup.ts +39 -1
- package/src/ui/context/OxyContext.tsx +34 -0
- package/src/ui/hooks/useAuth.ts +9 -20
- package/src/ui/hooks/useWebSSO.ts +71 -0
|
@@ -55,6 +55,7 @@ function useAuth() {
|
|
|
55
55
|
isTokenReady,
|
|
56
56
|
error,
|
|
57
57
|
signIn: oxySignIn,
|
|
58
|
+
handlePopupSession,
|
|
58
59
|
logout,
|
|
59
60
|
logoutAll,
|
|
60
61
|
refreshSessions,
|
|
@@ -68,36 +69,25 @@ function useAuth() {
|
|
|
68
69
|
// Only auth.oxy.so has local login forms - accounts.oxy.so is a client app
|
|
69
70
|
const isIdentityProvider = (0, _useWebSSO.isWebBrowser)() && window.location.hostname === 'auth.oxy.so';
|
|
70
71
|
|
|
71
|
-
// Web (not on IdP): Use
|
|
72
|
+
// Web (not on IdP): Use popup-based authentication
|
|
73
|
+
// We go straight to popup to preserve the "user gesture" (click event)
|
|
74
|
+
// FedCM silent SSO already runs on page load via useWebSSO
|
|
75
|
+
// If user is clicking "Sign In", they need interactive auth NOW
|
|
72
76
|
if ((0, _useWebSSO.isWebBrowser)() && !publicKey && !isIdentityProvider) {
|
|
73
|
-
// Try FedCM first (instant if user already signed in at IdP)
|
|
74
|
-
if (oxyServices.isFedCMSupported?.()) {
|
|
75
|
-
try {
|
|
76
|
-
const fedcmSession = await oxyServices.signInWithFedCM?.();
|
|
77
|
-
if (fedcmSession?.user) {
|
|
78
|
-
return fedcmSession.user;
|
|
79
|
-
}
|
|
80
|
-
} catch (fedcmError) {
|
|
81
|
-
// FedCM failed (user not signed in at IdP, cancelled, etc.)
|
|
82
|
-
// Fall through to popup
|
|
83
|
-
console.debug('FedCM failed, falling back to popup:', fedcmError);
|
|
84
|
-
}
|
|
85
|
-
}
|
|
86
|
-
|
|
87
|
-
// Fallback to popup (opens auth.oxy.so in popup window)
|
|
88
77
|
try {
|
|
89
78
|
const popupSession = await oxyServices.signInWithPopup?.();
|
|
90
79
|
if (popupSession?.user) {
|
|
80
|
+
// Update context state with the session (this updates user, sessions, storage)
|
|
81
|
+
await handlePopupSession(popupSession);
|
|
91
82
|
return popupSession.user;
|
|
92
83
|
}
|
|
84
|
+
throw new Error('Sign-in failed. Please try again.');
|
|
93
85
|
} catch (popupError) {
|
|
94
|
-
// If popup blocked, suggest enabling popups
|
|
95
86
|
if (popupError instanceof Error && popupError.message.includes('blocked')) {
|
|
96
87
|
throw new Error('Popup blocked. Please allow popups for this site.');
|
|
97
88
|
}
|
|
98
89
|
throw popupError;
|
|
99
90
|
}
|
|
100
|
-
throw new Error('Sign-in failed. Please try again.');
|
|
101
91
|
}
|
|
102
92
|
|
|
103
93
|
// Native: Use cryptographic identity
|
|
@@ -131,7 +121,7 @@ function useAuth() {
|
|
|
131
121
|
return new Promise(() => {}); // Never resolves, page will redirect
|
|
132
122
|
}
|
|
133
123
|
throw new Error('No authentication method available');
|
|
134
|
-
}, [oxySignIn, hasIdentity, getPublicKey, showBottomSheet, oxyServices]);
|
|
124
|
+
}, [oxySignIn, hasIdentity, getPublicKey, showBottomSheet, oxyServices, handlePopupSession]);
|
|
135
125
|
const signOut = (0, _react.useCallback)(async () => {
|
|
136
126
|
await logout();
|
|
137
127
|
}, [logout]);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_react","require","_OxyContext","_useWebSSO","useAuth","user","isAuthenticated","isLoading","isTokenReady","error","signIn","oxySignIn","logout","logoutAll","refreshSessions","oxyServices","hasIdentity","getPublicKey","showBottomSheet","useOxy","useCallback","publicKey","isIdentityProvider","isWebBrowser","window","location","hostname","
|
|
1
|
+
{"version":3,"names":["_react","require","_OxyContext","_useWebSSO","useAuth","user","isAuthenticated","isLoading","isTokenReady","error","signIn","oxySignIn","handlePopupSession","logout","logoutAll","refreshSessions","oxyServices","hasIdentity","getPublicKey","showBottomSheet","useOxy","useCallback","publicKey","isIdentityProvider","isWebBrowser","window","location","hostname","popupSession","signInWithPopup","Error","popupError","message","includes","hasExisting","existingKey","Promise","_","reject","loginUrl","href","signOut","signOutAll","refresh","isReady"],"sourceRoot":"../../../../src","sources":["ui/hooks/useAuth.ts"],"mappings":";;;;;;;;;;;;AAyBA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,WAAA,GAAAD,OAAA;AAEA,IAAAE,UAAA,GAAAF,OAAA;AA5BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAqDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASG,OAAOA,CAAA,EAAkB;EACvC,MAAM;IACJC,IAAI;IACJC,eAAe;IACfC,SAAS;IACTC,YAAY;IACZC,KAAK;IACLC,MAAM,EAAEC,SAAS;IACjBC,kBAAkB;IAClBC,MAAM;IACNC,SAAS;IACTC,eAAe;IACfC,WAAW;IACXC,WAAW;IACXC,YAAY;IACZC;EACF,CAAC,GAAG,IAAAC,kBAAM,EAAC,CAAC;EAEZ,MAAMV,MAAM,GAAG,IAAAW,kBAAW,EAAC,MAAOC,SAAkB,IAAoB;IACtE;IACA;IACA,MAAMC,kBAAkB,GAAG,IAAAC,uBAAY,EAAC,CAAC,IACvCC,MAAM,CAACC,QAAQ,CAACC,QAAQ,KAAK,aAAa;;IAE5C;IACA;IACA;IACA;IACA,IAAI,IAAAH,uBAAY,EAAC,CAAC,IAAI,CAACF,SAAS,IAAI,CAACC,kBAAkB,EAAE;MACvD,IAAI;QACF,MAAMK,YAAY,GAAG,MAAOZ,WAAW,CAASa,eAAe,GAAG,CAAC;QACnE,IAAID,YAAY,EAAEvB,IAAI,EAAE;UACtB;UACA,MAAMO,kBAAkB,CAACgB,YAAY,CAAC;UACtC,OAAOA,YAAY,CAACvB,IAAI;QAC1B;QACA,MAAM,IAAIyB,KAAK,CAAC,mCAAmC,CAAC;MACtD,CAAC,CAAC,OAAOC,UAAU,EAAE;QACnB,IAAIA,UAAU,YAAYD,KAAK,IAAIC,UAAU,CAACC,OAAO,CAACC,QAAQ,CAAC,SAAS,CAAC,EAAE;UACzE,MAAM,IAAIH,KAAK,CAAC,mDAAmD,CAAC;QACtE;QACA,MAAMC,UAAU;MAClB;IACF;;IAEA;IACA;IACA,IAAIT,SAAS,EAAE;MACb,OAAOX,SAAS,CAACW,SAAS,CAAC;IAC7B;;IAEA;IACA,MAAMY,WAAW,GAAG,MAAMjB,WAAW,CAAC,CAAC;IAEvC,IAAIiB,WAAW,EAAE;MACf,MAAMC,WAAW,GAAG,MAAMjB,YAAY,CAAC,CAAC;MACxC,IAAIiB,WAAW,EAAE;QACf,OAAOxB,SAAS,CAACwB,WAAW,CAAC;MAC/B;IACF;;IAEA;IACA,IAAIhB,eAAe,EAAE;MACnBA,eAAe,CAAC,SAAS,CAAC;MAC1B;MACA,OAAO,IAAIiB,OAAO,CAAC,CAACC,CAAC,EAAEC,MAAM,KAAK;QAChCA,MAAM,CAAC,IAAIR,KAAK,CAAC,2CAA2C,CAAC,CAAC;MAChE,CAAC,CAAC;IACJ;;IAEA;IACA,IAAI,IAAAN,uBAAY,EAAC,CAAC,EAAE;MAClB,MAAMe,QAAQ,GAAGd,MAAM,CAACC,QAAQ,CAACC,QAAQ,CAACM,QAAQ,CAAC,QAAQ,CAAC,GACxD,QAAQ,GACR,+BAA+B;MACnCR,MAAM,CAACC,QAAQ,CAACc,IAAI,GAAGD,QAAQ;MAC/B,OAAO,IAAIH,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IAChC;IAEA,MAAM,IAAIN,KAAK,CAAC,oCAAoC,CAAC;EACvD,CAAC,EAAE,CAACnB,SAAS,EAAEM,WAAW,EAAEC,YAAY,EAAEC,eAAe,EAAEH,WAAW,EAAEJ,kBAAkB,CAAC,CAAC;EAE5F,MAAM6B,OAAO,GAAG,IAAApB,kBAAW,EAAC,YAA2B;IACrD,MAAMR,MAAM,CAAC,CAAC;EAChB,CAAC,EAAE,CAACA,MAAM,CAAC,CAAC;EAEZ,MAAM6B,UAAU,GAAG,IAAArB,kBAAW,EAAC,YAA2B;IACxD,MAAMP,SAAS,CAAC,CAAC;EACnB,CAAC,EAAE,CAACA,SAAS,CAAC,CAAC;EAEf,MAAM6B,OAAO,GAAG,IAAAtB,kBAAW,EAAC,YAA2B;IACrD,MAAMN,eAAe,CAAC,CAAC;EACzB,CAAC,EAAE,CAACA,eAAe,CAAC,CAAC;EAErB,OAAO;IACL;IACAV,IAAI;IACJC,eAAe;IACfC,SAAS;IACTqC,OAAO,EAAEpC,YAAY;IACrBC,KAAK;IAEL;IACAC,MAAM;IACN+B,OAAO;IACPC,UAAU;IACVC,OAAO;IAEP;IACA3B;EACF,CAAC;AACH;;AAEA","ignoreList":[]}
|
|
@@ -69,12 +69,19 @@ function useWebSSO({
|
|
|
69
69
|
// Check FedCM support once
|
|
70
70
|
const fedCMSupported = isWebBrowser() && oxyServices.isFedCMSupported?.();
|
|
71
71
|
const checkSSO = (0, _react.useCallback)(async () => {
|
|
72
|
+
console.log('[useWebSSO] checkSSO called', {
|
|
73
|
+
isWebBrowser: isWebBrowser(),
|
|
74
|
+
isChecking: isCheckingRef.current,
|
|
75
|
+
isIdP: isIdentityProvider(),
|
|
76
|
+
fedCMSupported
|
|
77
|
+
});
|
|
72
78
|
if (!isWebBrowser() || isCheckingRef.current) {
|
|
73
79
|
return null;
|
|
74
80
|
}
|
|
75
81
|
|
|
76
82
|
// Don't use FedCM on the auth domain itself - it would authenticate against itself
|
|
77
83
|
if (isIdentityProvider()) {
|
|
84
|
+
console.log('[useWebSSO] Skipping - on identity provider domain');
|
|
78
85
|
onSSOUnavailable?.();
|
|
79
86
|
return null;
|
|
80
87
|
}
|
|
@@ -82,24 +89,35 @@ function useWebSSO({
|
|
|
82
89
|
// FedCM is the only reliable cross-domain SSO mechanism
|
|
83
90
|
// Third-party cookies are deprecated and unreliable
|
|
84
91
|
if (!fedCMSupported) {
|
|
92
|
+
console.log('[useWebSSO] Skipping - FedCM not supported');
|
|
85
93
|
onSSOUnavailable?.();
|
|
86
94
|
return null;
|
|
87
95
|
}
|
|
88
96
|
isCheckingRef.current = true;
|
|
97
|
+
console.log('[useWebSSO] Starting FedCM silent sign-in...');
|
|
89
98
|
try {
|
|
90
99
|
// Use FedCM for cross-domain SSO
|
|
91
100
|
// This works because browser treats IdP requests as first-party
|
|
92
101
|
const session = await oxyServices.silentSignInWithFedCM?.();
|
|
102
|
+
console.log('[useWebSSO] FedCM result:', {
|
|
103
|
+
hasSession: !!session,
|
|
104
|
+
hasUser: !!session?.user,
|
|
105
|
+
hasSessionId: !!session?.sessionId
|
|
106
|
+
});
|
|
93
107
|
if (session) {
|
|
108
|
+
console.log('[useWebSSO] Session found, calling onSessionFound...');
|
|
94
109
|
await onSessionFound(session);
|
|
110
|
+
console.log('[useWebSSO] onSessionFound completed');
|
|
95
111
|
return session;
|
|
96
112
|
}
|
|
97
113
|
|
|
98
114
|
// No session found - user needs to sign in
|
|
115
|
+
console.log('[useWebSSO] No session returned from FedCM');
|
|
99
116
|
onSSOUnavailable?.();
|
|
100
117
|
return null;
|
|
101
118
|
} catch (error) {
|
|
102
119
|
// FedCM failed - could be network error, user not signed in, etc.
|
|
120
|
+
console.error('[useWebSSO] FedCM error:', error);
|
|
103
121
|
onSSOUnavailable?.();
|
|
104
122
|
onError?.(error instanceof Error ? error : new Error(String(error)));
|
|
105
123
|
return null;
|
|
@@ -108,6 +126,47 @@ function useWebSSO({
|
|
|
108
126
|
}
|
|
109
127
|
}, [oxyServices, onSessionFound, onSSOUnavailable, onError, fedCMSupported]);
|
|
110
128
|
|
|
129
|
+
/**
|
|
130
|
+
* Trigger interactive FedCM sign-in
|
|
131
|
+
* This shows the browser's native "Sign in with Oxy" prompt.
|
|
132
|
+
* Use this when silent mediation fails (user hasn't previously consented).
|
|
133
|
+
*/
|
|
134
|
+
const signInWithFedCM = (0, _react.useCallback)(async () => {
|
|
135
|
+
console.log('[useWebSSO] signInWithFedCM called');
|
|
136
|
+
if (!isWebBrowser() || isCheckingRef.current) {
|
|
137
|
+
return null;
|
|
138
|
+
}
|
|
139
|
+
if (!fedCMSupported) {
|
|
140
|
+
console.log('[useWebSSO] FedCM not supported for interactive sign-in');
|
|
141
|
+
onError?.(new Error('FedCM is not supported in this browser'));
|
|
142
|
+
return null;
|
|
143
|
+
}
|
|
144
|
+
isCheckingRef.current = true;
|
|
145
|
+
console.log('[useWebSSO] Starting interactive FedCM sign-in...');
|
|
146
|
+
try {
|
|
147
|
+
// Use interactive sign-in (shows browser UI)
|
|
148
|
+
const session = await oxyServices.signInWithFedCM?.();
|
|
149
|
+
console.log('[useWebSSO] Interactive FedCM result:', {
|
|
150
|
+
hasSession: !!session,
|
|
151
|
+
hasUser: !!session?.user,
|
|
152
|
+
hasSessionId: !!session?.sessionId
|
|
153
|
+
});
|
|
154
|
+
if (session) {
|
|
155
|
+
console.log('[useWebSSO] Interactive session found, calling onSessionFound...');
|
|
156
|
+
await onSessionFound(session);
|
|
157
|
+
console.log('[useWebSSO] onSessionFound completed');
|
|
158
|
+
return session;
|
|
159
|
+
}
|
|
160
|
+
return null;
|
|
161
|
+
} catch (error) {
|
|
162
|
+
console.error('[useWebSSO] Interactive FedCM error:', error);
|
|
163
|
+
onError?.(error instanceof Error ? error : new Error(String(error)));
|
|
164
|
+
return null;
|
|
165
|
+
} finally {
|
|
166
|
+
isCheckingRef.current = false;
|
|
167
|
+
}
|
|
168
|
+
}, [oxyServices, onSessionFound, onError, fedCMSupported]);
|
|
169
|
+
|
|
111
170
|
// Auto-check SSO on mount (web only, FedCM only, not on auth domain)
|
|
112
171
|
(0, _react.useEffect)(() => {
|
|
113
172
|
if (!enabled || !isWebBrowser() || hasCheckedRef.current || isIdentityProvider()) {
|
|
@@ -126,6 +185,7 @@ function useWebSSO({
|
|
|
126
185
|
}, [enabled, checkSSO, fedCMSupported, onSSOUnavailable]);
|
|
127
186
|
return {
|
|
128
187
|
checkSSO,
|
|
188
|
+
signInWithFedCM,
|
|
129
189
|
isChecking: isCheckingRef.current,
|
|
130
190
|
isFedCMSupported: fedCMSupported
|
|
131
191
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_react","require","isWebBrowser","window","document","documentElement","isIdentityProvider","hostname","location","useWebSSO","oxyServices","onSessionFound","onSSOUnavailable","onError","enabled","isCheckingRef","useRef","hasCheckedRef","fedCMSupported","isFedCMSupported","checkSSO","useCallback","current","session","silentSignInWithFedCM","error","Error","String","
|
|
1
|
+
{"version":3,"names":["_react","require","isWebBrowser","window","document","documentElement","isIdentityProvider","hostname","location","useWebSSO","oxyServices","onSessionFound","onSSOUnavailable","onError","enabled","isCheckingRef","useRef","hasCheckedRef","fedCMSupported","isFedCMSupported","checkSSO","useCallback","console","log","isChecking","current","isIdP","session","silentSignInWithFedCM","hasSession","hasUser","user","hasSessionId","sessionId","error","Error","String","signInWithFedCM","useEffect"],"sourceRoot":"../../../../src","sources":["ui/hooks/useWebSSO.ts"],"mappings":";;;;;;;AAiBA,IAAAA,MAAA,GAAAC,OAAA;AAjBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAyBA;AACA;AACA;AACA,SAASC,YAAYA,CAAA,EAAY;EAC/B,OAAO,OAAOC,MAAM,KAAK,WAAW,IAC7B,OAAOC,QAAQ,KAAK,WAAW,IAC/B,OAAOA,QAAQ,CAACC,eAAe,KAAK,WAAW;AACxD;;AAEA;AACA;AACA;AACA;AACA,SAASC,kBAAkBA,CAAA,EAAY;EACrC,IAAI,CAACJ,YAAY,CAAC,CAAC,EAAE,OAAO,KAAK;EACjC,MAAMK,QAAQ,GAAGJ,MAAM,CAACK,QAAQ,CAACD,QAAQ;EACzC,OAAOA,QAAQ,KAAK,aAAa;AACnC;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASE,SAASA,CAAC;EACxBC,WAAW;EACXC,cAAc;EACdC,gBAAgB;EAChBC,OAAO;EACPC,OAAO,GAAG;AACM,CAAC,EAAmB;EACpC,MAAMC,aAAa,GAAG,IAAAC,aAAM,EAAC,KAAK,CAAC;EACnC,MAAMC,aAAa,GAAG,IAAAD,aAAM,EAAC,KAAK,CAAC;;EAEnC;EACA,MAAME,cAAc,GAAGhB,YAAY,CAAC,CAAC,IAAKQ,WAAW,CAASS,gBAAgB,GAAG,CAAC;EAElF,MAAMC,QAAQ,GAAG,IAAAC,kBAAW,EAAC,YAAkD;IAC7EC,OAAO,CAACC,GAAG,CAAC,6BAA6B,EAAE;MACzCrB,YAAY,EAAEA,YAAY,CAAC,CAAC;MAC5BsB,UAAU,EAAET,aAAa,CAACU,OAAO;MACjCC,KAAK,EAAEpB,kBAAkB,CAAC,CAAC;MAC3BY;IACF,CAAC,CAAC;IAEF,IAAI,CAAChB,YAAY,CAAC,CAAC,IAAIa,aAAa,CAACU,OAAO,EAAE;MAC5C,OAAO,IAAI;IACb;;IAEA;IACA,IAAInB,kBAAkB,CAAC,CAAC,EAAE;MACxBgB,OAAO,CAACC,GAAG,CAAC,oDAAoD,CAAC;MACjEX,gBAAgB,GAAG,CAAC;MACpB,OAAO,IAAI;IACb;;IAEA;IACA;IACA,IAAI,CAACM,cAAc,EAAE;MACnBI,OAAO,CAACC,GAAG,CAAC,4CAA4C,CAAC;MACzDX,gBAAgB,GAAG,CAAC;MACpB,OAAO,IAAI;IACb;IAEAG,aAAa,CAACU,OAAO,GAAG,IAAI;IAC5BH,OAAO,CAACC,GAAG,CAAC,8CAA8C,CAAC;IAE3D,IAAI;MACF;MACA;MACA,MAAMI,OAAO,GAAG,MAAOjB,WAAW,CAASkB,qBAAqB,GAAG,CAAC;MAEpEN,OAAO,CAACC,GAAG,CAAC,2BAA2B,EAAE;QACvCM,UAAU,EAAE,CAAC,CAACF,OAAO;QACrBG,OAAO,EAAE,CAAC,CAACH,OAAO,EAAEI,IAAI;QACxBC,YAAY,EAAE,CAAC,CAACL,OAAO,EAAEM;MAC3B,CAAC,CAAC;MAEF,IAAIN,OAAO,EAAE;QACXL,OAAO,CAACC,GAAG,CAAC,sDAAsD,CAAC;QACnE,MAAMZ,cAAc,CAACgB,OAAO,CAAC;QAC7BL,OAAO,CAACC,GAAG,CAAC,sCAAsC,CAAC;QACnD,OAAOI,OAAO;MAChB;;MAEA;MACAL,OAAO,CAACC,GAAG,CAAC,4CAA4C,CAAC;MACzDX,gBAAgB,GAAG,CAAC;MACpB,OAAO,IAAI;IACb,CAAC,CAAC,OAAOsB,KAAK,EAAE;MACd;MACAZ,OAAO,CAACY,KAAK,CAAC,0BAA0B,EAAEA,KAAK,CAAC;MAChDtB,gBAAgB,GAAG,CAAC;MACpBC,OAAO,GAAGqB,KAAK,YAAYC,KAAK,GAAGD,KAAK,GAAG,IAAIC,KAAK,CAACC,MAAM,CAACF,KAAK,CAAC,CAAC,CAAC;MACpE,OAAO,IAAI;IACb,CAAC,SAAS;MACRnB,aAAa,CAACU,OAAO,GAAG,KAAK;IAC/B;EACF,CAAC,EAAE,CAACf,WAAW,EAAEC,cAAc,EAAEC,gBAAgB,EAAEC,OAAO,EAAEK,cAAc,CAAC,CAAC;;EAE5E;AACF;AACA;AACA;AACA;EACE,MAAMmB,eAAe,GAAG,IAAAhB,kBAAW,EAAC,YAAkD;IACpFC,OAAO,CAACC,GAAG,CAAC,oCAAoC,CAAC;IAEjD,IAAI,CAACrB,YAAY,CAAC,CAAC,IAAIa,aAAa,CAACU,OAAO,EAAE;MAC5C,OAAO,IAAI;IACb;IAEA,IAAI,CAACP,cAAc,EAAE;MACnBI,OAAO,CAACC,GAAG,CAAC,yDAAyD,CAAC;MACtEV,OAAO,GAAG,IAAIsB,KAAK,CAAC,wCAAwC,CAAC,CAAC;MAC9D,OAAO,IAAI;IACb;IAEApB,aAAa,CAACU,OAAO,GAAG,IAAI;IAC5BH,OAAO,CAACC,GAAG,CAAC,mDAAmD,CAAC;IAEhE,IAAI;MACF;MACA,MAAMI,OAAO,GAAG,MAAOjB,WAAW,CAAS2B,eAAe,GAAG,CAAC;MAE9Df,OAAO,CAACC,GAAG,CAAC,uCAAuC,EAAE;QACnDM,UAAU,EAAE,CAAC,CAACF,OAAO;QACrBG,OAAO,EAAE,CAAC,CAACH,OAAO,EAAEI,IAAI;QACxBC,YAAY,EAAE,CAAC,CAACL,OAAO,EAAEM;MAC3B,CAAC,CAAC;MAEF,IAAIN,OAAO,EAAE;QACXL,OAAO,CAACC,GAAG,CAAC,kEAAkE,CAAC;QAC/E,MAAMZ,cAAc,CAACgB,OAAO,CAAC;QAC7BL,OAAO,CAACC,GAAG,CAAC,sCAAsC,CAAC;QACnD,OAAOI,OAAO;MAChB;MAEA,OAAO,IAAI;IACb,CAAC,CAAC,OAAOO,KAAK,EAAE;MACdZ,OAAO,CAACY,KAAK,CAAC,sCAAsC,EAAEA,KAAK,CAAC;MAC5DrB,OAAO,GAAGqB,KAAK,YAAYC,KAAK,GAAGD,KAAK,GAAG,IAAIC,KAAK,CAACC,MAAM,CAACF,KAAK,CAAC,CAAC,CAAC;MACpE,OAAO,IAAI;IACb,CAAC,SAAS;MACRnB,aAAa,CAACU,OAAO,GAAG,KAAK;IAC/B;EACF,CAAC,EAAE,CAACf,WAAW,EAAEC,cAAc,EAAEE,OAAO,EAAEK,cAAc,CAAC,CAAC;;EAE1D;EACA,IAAAoB,gBAAS,EAAC,MAAM;IACd,IAAI,CAACxB,OAAO,IAAI,CAACZ,YAAY,CAAC,CAAC,IAAIe,aAAa,CAACQ,OAAO,IAAInB,kBAAkB,CAAC,CAAC,EAAE;MAChF,IAAIA,kBAAkB,CAAC,CAAC,EAAE;QACxBM,gBAAgB,GAAG,CAAC;MACtB;MACA;IACF;IAEAK,aAAa,CAACQ,OAAO,GAAG,IAAI;IAE5B,IAAIP,cAAc,EAAE;MAClBE,QAAQ,CAAC,CAAC;IACZ,CAAC,MAAM;MACL;MACAR,gBAAgB,GAAG,CAAC;IACtB;EACF,CAAC,EAAE,CAACE,OAAO,EAAEM,QAAQ,EAAEF,cAAc,EAAEN,gBAAgB,CAAC,CAAC;EAEzD,OAAO;IACLQ,QAAQ;IACRiB,eAAe;IACfb,UAAU,EAAET,aAAa,CAACU,OAAO;IACjCN,gBAAgB,EAAED;EACpB,CAAC;AACH","ignoreList":[]}
|
|
@@ -34,7 +34,8 @@ export function OxyServicesFedCMMixin(Base) {
|
|
|
34
34
|
super(...args);
|
|
35
35
|
}
|
|
36
36
|
static DEFAULT_CONFIG_URL = 'https://auth.oxy.so/fedcm.json';
|
|
37
|
-
static FEDCM_TIMEOUT = 60000; // 1 minute
|
|
37
|
+
static FEDCM_TIMEOUT = 60000; // 1 minute for interactive
|
|
38
|
+
static FEDCM_SILENT_TIMEOUT = 10000; // 10 seconds for silent mediation
|
|
38
39
|
|
|
39
40
|
/**
|
|
40
41
|
* Check if FedCM is supported in the current browser
|
|
@@ -82,6 +83,9 @@ export function OxyServicesFedCMMixin(Base) {
|
|
|
82
83
|
try {
|
|
83
84
|
const nonce = options.nonce || this.generateNonce();
|
|
84
85
|
const clientId = this.getClientId();
|
|
86
|
+
if (typeof __DEV__ !== 'undefined' && __DEV__) {
|
|
87
|
+
console.log('[FedCM] Interactive sign-in: Requesting credential for', clientId);
|
|
88
|
+
}
|
|
85
89
|
|
|
86
90
|
// Request credential from browser's native identity flow
|
|
87
91
|
const credential = await this.requestIdentityCredential({
|
|
@@ -93,6 +97,9 @@ export function OxyServicesFedCMMixin(Base) {
|
|
|
93
97
|
if (!credential || !credential.token) {
|
|
94
98
|
throw new OxyAuthenticationError('No credential received from browser');
|
|
95
99
|
}
|
|
100
|
+
if (typeof __DEV__ !== 'undefined' && __DEV__) {
|
|
101
|
+
console.log('[FedCM] Interactive sign-in: Got credential, exchanging for session');
|
|
102
|
+
}
|
|
96
103
|
|
|
97
104
|
// Exchange FedCM ID token for Oxy session
|
|
98
105
|
const session = await this.exchangeIdTokenForSession(credential.token);
|
|
@@ -101,8 +108,16 @@ export function OxyServicesFedCMMixin(Base) {
|
|
|
101
108
|
if (session && session.accessToken) {
|
|
102
109
|
this.httpService.setTokens(session.accessToken);
|
|
103
110
|
}
|
|
111
|
+
if (typeof __DEV__ !== 'undefined' && __DEV__) {
|
|
112
|
+
console.log('[FedCM] Interactive sign-in: Success!', {
|
|
113
|
+
userId: session?.user?.id
|
|
114
|
+
});
|
|
115
|
+
}
|
|
104
116
|
return session;
|
|
105
117
|
} catch (error) {
|
|
118
|
+
if (typeof __DEV__ !== 'undefined' && __DEV__) {
|
|
119
|
+
console.log('[FedCM] Interactive sign-in failed:', error);
|
|
120
|
+
}
|
|
106
121
|
if (error.name === 'AbortError') {
|
|
107
122
|
throw new OxyAuthenticationError('Sign-in was cancelled by user');
|
|
108
123
|
}
|
|
@@ -145,31 +160,101 @@ export function OxyServicesFedCMMixin(Base) {
|
|
|
145
160
|
*/
|
|
146
161
|
async silentSignInWithFedCM() {
|
|
147
162
|
if (!this.isFedCMSupported()) {
|
|
163
|
+
console.log('[FedCM] Silent SSO: FedCM not supported in this browser');
|
|
148
164
|
return null;
|
|
149
165
|
}
|
|
166
|
+
const clientId = this.getClientId();
|
|
167
|
+
console.log('[FedCM] Silent SSO: Starting for', clientId);
|
|
168
|
+
|
|
169
|
+
// First try silent mediation (no UI) - works if user previously consented
|
|
170
|
+
let credential = null;
|
|
150
171
|
try {
|
|
151
172
|
const nonce = this.generateNonce();
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
// Request credential with silent mediation (no UI)
|
|
155
|
-
const credential = await this.requestIdentityCredential({
|
|
173
|
+
console.log('[FedCM] Silent SSO: Attempting silent mediation...');
|
|
174
|
+
credential = await this.requestIdentityCredential({
|
|
156
175
|
configURL: this.constructor.DEFAULT_CONFIG_URL,
|
|
157
176
|
clientId,
|
|
158
177
|
nonce,
|
|
159
178
|
mediation: 'silent'
|
|
160
179
|
});
|
|
161
|
-
|
|
180
|
+
console.log('[FedCM] Silent SSO: Silent mediation result:', {
|
|
181
|
+
hasCredential: !!credential,
|
|
182
|
+
hasToken: !!credential?.token
|
|
183
|
+
});
|
|
184
|
+
} catch (silentError) {
|
|
185
|
+
// Silent mediation failed - this is expected if user hasn't consented before or is in quiet period
|
|
186
|
+
const errorName = silentError instanceof Error ? silentError.name : 'Unknown';
|
|
187
|
+
const errorMessage = silentError instanceof Error ? silentError.message : String(silentError);
|
|
188
|
+
console.log('[FedCM] Silent SSO: Silent mediation error (will try optional):', {
|
|
189
|
+
name: errorName,
|
|
190
|
+
message: errorMessage
|
|
191
|
+
});
|
|
192
|
+
}
|
|
193
|
+
|
|
194
|
+
// If silent failed, try optional mediation which shows browser UI if needed
|
|
195
|
+
if (!credential || !credential.token) {
|
|
196
|
+
try {
|
|
197
|
+
const nonce = this.generateNonce();
|
|
198
|
+
console.log('[FedCM] Silent SSO: Trying optional mediation (may show browser UI)...');
|
|
199
|
+
credential = await this.requestIdentityCredential({
|
|
200
|
+
configURL: this.constructor.DEFAULT_CONFIG_URL,
|
|
201
|
+
clientId,
|
|
202
|
+
nonce,
|
|
203
|
+
mediation: 'optional'
|
|
204
|
+
});
|
|
205
|
+
console.log('[FedCM] Silent SSO: Optional mediation result:', {
|
|
206
|
+
hasCredential: !!credential,
|
|
207
|
+
hasToken: !!credential?.token
|
|
208
|
+
});
|
|
209
|
+
} catch (optionalError) {
|
|
210
|
+
const errorName = optionalError instanceof Error ? optionalError.name : 'Unknown';
|
|
211
|
+
const errorMessage = optionalError instanceof Error ? optionalError.message : String(optionalError);
|
|
212
|
+
console.log('[FedCM] Silent SSO: Optional mediation also failed:', {
|
|
213
|
+
name: errorName,
|
|
214
|
+
message: errorMessage
|
|
215
|
+
});
|
|
162
216
|
return null;
|
|
163
217
|
}
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
218
|
+
}
|
|
219
|
+
if (!credential || !credential.token) {
|
|
220
|
+
console.log('[FedCM] Silent SSO: No credential returned (user may have dismissed prompt or is not logged in at IdP)');
|
|
221
|
+
return null;
|
|
222
|
+
}
|
|
223
|
+
console.log('[FedCM] Silent SSO: Got credential, exchanging for session...');
|
|
224
|
+
let session;
|
|
225
|
+
try {
|
|
226
|
+
session = await this.exchangeIdTokenForSession(credential.token);
|
|
227
|
+
} catch (exchangeError) {
|
|
228
|
+
console.error('[FedCM] Silent SSO: Token exchange failed:', exchangeError);
|
|
229
|
+
return null;
|
|
230
|
+
}
|
|
231
|
+
|
|
232
|
+
// Validate session response has required fields
|
|
233
|
+
if (!session) {
|
|
234
|
+
console.error('[FedCM] Silent SSO: Exchange returned null session');
|
|
171
235
|
return null;
|
|
172
236
|
}
|
|
237
|
+
if (!session.sessionId) {
|
|
238
|
+
console.error('[FedCM] Silent SSO: Exchange returned session without sessionId:', session);
|
|
239
|
+
return null;
|
|
240
|
+
}
|
|
241
|
+
if (!session.user) {
|
|
242
|
+
console.error('[FedCM] Silent SSO: Exchange returned session without user:', session);
|
|
243
|
+
return null;
|
|
244
|
+
}
|
|
245
|
+
|
|
246
|
+
// Set the access token
|
|
247
|
+
if (session.accessToken) {
|
|
248
|
+
this.httpService.setTokens(session.accessToken);
|
|
249
|
+
console.log('[FedCM] Silent SSO: Access token set');
|
|
250
|
+
} else {
|
|
251
|
+
console.warn('[FedCM] Silent SSO: No accessToken in session response');
|
|
252
|
+
}
|
|
253
|
+
console.log('[FedCM] Silent SSO: Success!', {
|
|
254
|
+
sessionId: session.sessionId?.substring(0, 8) + '...',
|
|
255
|
+
userId: session.user?.id
|
|
256
|
+
});
|
|
257
|
+
return session;
|
|
173
258
|
}
|
|
174
259
|
|
|
175
260
|
/**
|
|
@@ -185,9 +270,15 @@ export function OxyServicesFedCMMixin(Base) {
|
|
|
185
270
|
async requestIdentityCredential(options) {
|
|
186
271
|
const requestedMediation = options.mediation || 'optional';
|
|
187
272
|
const isInteractive = requestedMediation !== 'silent';
|
|
273
|
+
console.log('[FedCM] requestIdentityCredential called:', {
|
|
274
|
+
mediation: requestedMediation,
|
|
275
|
+
clientId: options.clientId,
|
|
276
|
+
inProgress: fedCMRequestInProgress
|
|
277
|
+
});
|
|
188
278
|
|
|
189
279
|
// If a request is already in progress...
|
|
190
280
|
if (fedCMRequestInProgress && fedCMRequestPromise) {
|
|
281
|
+
console.log('[FedCM] Request already in progress, waiting...');
|
|
191
282
|
// If current request is silent and new request is interactive,
|
|
192
283
|
// wait for silent to finish, then make the interactive request
|
|
193
284
|
if (currentMediationMode === 'silent' && isInteractive) {
|
|
@@ -209,16 +300,27 @@ export function OxyServicesFedCMMixin(Base) {
|
|
|
209
300
|
fedCMRequestInProgress = true;
|
|
210
301
|
currentMediationMode = requestedMediation;
|
|
211
302
|
const controller = new AbortController();
|
|
212
|
-
|
|
303
|
+
// Use shorter timeout for silent mediation since it should be quick
|
|
304
|
+
const timeoutMs = requestedMediation === 'silent' ? this.constructor.FEDCM_SILENT_TIMEOUT : this.constructor.FEDCM_TIMEOUT;
|
|
305
|
+
const timeout = setTimeout(() => {
|
|
306
|
+
console.log('[FedCM] Request timed out after', timeoutMs, 'ms (mediation:', requestedMediation + ')');
|
|
307
|
+
controller.abort();
|
|
308
|
+
}, timeoutMs);
|
|
213
309
|
fedCMRequestPromise = (async () => {
|
|
214
310
|
try {
|
|
311
|
+
console.log('[FedCM] Calling navigator.credentials.get with mediation:', requestedMediation);
|
|
215
312
|
// Type assertion needed as FedCM types may not be in all TypeScript versions
|
|
216
313
|
const credential = await navigator.credentials.get({
|
|
217
314
|
identity: {
|
|
218
315
|
providers: [{
|
|
219
316
|
configURL: options.configURL,
|
|
220
317
|
clientId: options.clientId,
|
|
318
|
+
// Send nonce at both levels for backward compatibility
|
|
221
319
|
nonce: options.nonce,
|
|
320
|
+
// For older browsers
|
|
321
|
+
params: {
|
|
322
|
+
nonce: options.nonce // For Chrome 145+
|
|
323
|
+
},
|
|
222
324
|
...(options.context && {
|
|
223
325
|
loginHint: options.context
|
|
224
326
|
})
|
|
@@ -227,12 +329,27 @@ export function OxyServicesFedCMMixin(Base) {
|
|
|
227
329
|
mediation: requestedMediation,
|
|
228
330
|
signal: controller.signal
|
|
229
331
|
});
|
|
332
|
+
console.log('[FedCM] navigator.credentials.get returned:', {
|
|
333
|
+
hasCredential: !!credential,
|
|
334
|
+
type: credential?.type,
|
|
335
|
+
hasToken: !!credential?.token
|
|
336
|
+
});
|
|
230
337
|
if (!credential || credential.type !== 'identity') {
|
|
338
|
+
console.log('[FedCM] No valid identity credential returned');
|
|
231
339
|
return null;
|
|
232
340
|
}
|
|
341
|
+
console.log('[FedCM] Got valid identity credential with token');
|
|
233
342
|
return {
|
|
234
343
|
token: credential.token
|
|
235
344
|
};
|
|
345
|
+
} catch (error) {
|
|
346
|
+
const errorName = error instanceof Error ? error.name : 'Unknown';
|
|
347
|
+
const errorMessage = error instanceof Error ? error.message : String(error);
|
|
348
|
+
console.log('[FedCM] navigator.credentials.get error:', {
|
|
349
|
+
name: errorName,
|
|
350
|
+
message: errorMessage
|
|
351
|
+
});
|
|
352
|
+
throw error;
|
|
236
353
|
} finally {
|
|
237
354
|
clearTimeout(timeout);
|
|
238
355
|
fedCMRequestInProgress = false;
|
|
@@ -252,11 +369,33 @@ export function OxyServicesFedCMMixin(Base) {
|
|
|
252
369
|
* @private
|
|
253
370
|
*/
|
|
254
371
|
async exchangeIdTokenForSession(idToken) {
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
372
|
+
console.log('[FedCM] exchangeIdTokenForSession: Starting exchange...');
|
|
373
|
+
console.log('[FedCM] exchangeIdTokenForSession: Token length:', idToken?.length);
|
|
374
|
+
console.log('[FedCM] exchangeIdTokenForSession: Token preview:', idToken?.substring(0, 50) + '...');
|
|
375
|
+
try {
|
|
376
|
+
const response = await this.makeRequest('POST', '/api/fedcm/exchange', {
|
|
377
|
+
id_token: idToken
|
|
378
|
+
}, {
|
|
379
|
+
cache: false
|
|
380
|
+
});
|
|
381
|
+
console.log('[FedCM] exchangeIdTokenForSession: Response received:', {
|
|
382
|
+
hasResponse: !!response,
|
|
383
|
+
hasSessionId: !!response?.sessionId,
|
|
384
|
+
hasUser: !!response?.user,
|
|
385
|
+
hasAccessToken: !!response?.accessToken,
|
|
386
|
+
userId: response?.user?.id,
|
|
387
|
+
username: response?.user?.username,
|
|
388
|
+
responseKeys: response ? Object.keys(response) : []
|
|
389
|
+
});
|
|
390
|
+
return response;
|
|
391
|
+
} catch (error) {
|
|
392
|
+
console.error('[FedCM] exchangeIdTokenForSession: Error:', {
|
|
393
|
+
name: error instanceof Error ? error.name : 'Unknown',
|
|
394
|
+
message: error instanceof Error ? error.message : String(error),
|
|
395
|
+
stack: error instanceof Error ? error.stack : undefined
|
|
396
|
+
});
|
|
397
|
+
throw error;
|
|
398
|
+
}
|
|
260
399
|
}
|
|
261
400
|
|
|
262
401
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["OxyAuthenticationError","fedCMRequestInProgress","fedCMRequestPromise","currentMediationMode","OxyServicesFedCMMixin","Base","constructor","args","DEFAULT_CONFIG_URL","FEDCM_TIMEOUT","isFedCMSupported","window","navigator","signInWithFedCM","options","nonce","generateNonce","clientId","getClientId","credential","requestIdentityCredential","configURL","context","token","session","exchangeIdTokenForSession","accessToken","httpService","setTokens","error","name","silentSignInWithFedCM","mediation","requestedMediation","isInteractive","controller","AbortController","timeout","setTimeout","abort","credentials","get","identity","providers","loginHint","signal","type","clearTimeout","idToken","makeRequest","id_token","cache","revokeFedCMCredential","IdentityCredential","logout","getFedCMConfig","enabled","crypto","randomUUID","Date","now","Math","random","toString","substring","location","origin","FedCMMixin"],"sourceRoot":"../../../../src","sources":["core/mixins/OxyServices.fedcm.ts"],"mappings":";;AACA,SAASA,sBAAsB,QAAQ,0BAAuB;AAc9D;AACA;AACA,IAAIC,sBAAsB,GAAG,KAAK;AAClC,IAAIC,mBAAwC,GAAG,IAAI;AACnD,IAAIC,oBAAmC,GAAG,IAAI;;AAE9C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,qBAAqBA,CAAmCC,IAAO,EAAE;EAC/E,OAAO,cAAcA,IAAI,CAAC;IACxBC,WAAWA,CAAC,GAAGC,IAAW,EAAE;MAC1B,KAAK,CAAC,GAAIA,IAAc,CAAC;IAC3B;IACF,OAAuBC,kBAAkB,GAAG,gCAAgC;IAC5E,OAAuBC,aAAa,GAAG,KAAK,CAAC,CAAC;;IAE9C;AACF;AACA;IACE,OAAOC,gBAAgBA,CAAA,EAAY;MACjC,IAAI,OAAOC,MAAM,KAAK,WAAW,EAAE,OAAO,KAAK;MAC/C,OAAO,oBAAoB,IAAIA,MAAM,IAAI,WAAW,IAAIA,MAAM,IAAI,aAAa,IAAIC,SAAS;IAC9F;;IAEA;AACF;AACA;IACEF,gBAAgBA,CAAA,EAAY;MAC1B,OAAQ,IAAI,CAACJ,WAAW,CAAkEI,gBAAgB,CAAC,CAAC;IAC9G;;IAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACE,MAAMG,eAAeA,CAACC,OAAyB,GAAG,CAAC,CAAC,EAAiC;MACnF,IAAI,CAAC,IAAI,CAACJ,gBAAgB,CAAC,CAAC,EAAE;QAC5B,MAAM,IAAIV,sBAAsB,CAC9B,uGACF,CAAC;MACH;MAEA,IAAI;QACF,MAAMe,KAAK,GAAGD,OAAO,CAACC,KAAK,IAAI,IAAI,CAACC,aAAa,CAAC,CAAC;QACnD,MAAMC,QAAQ,GAAG,IAAI,CAACC,WAAW,CAAC,CAAC;;QAEnC;QACA,MAAMC,UAAU,GAAG,MAAM,IAAI,CAACC,yBAAyB,CAAC;UACtDC,SAAS,EAAG,IAAI,CAACf,WAAW,CAASE,kBAAkB;UACvDS,QAAQ;UACRF,KAAK;UACLO,OAAO,EAAER,OAAO,CAACQ;QACnB,CAAC,CAAC;QAEF,IAAI,CAACH,UAAU,IAAI,CAACA,UAAU,CAACI,KAAK,EAAE;UACpC,MAAM,IAAIvB,sBAAsB,CAAC,qCAAqC,CAAC;QACzE;;QAEA;QACA,MAAMwB,OAAO,GAAG,MAAM,IAAI,CAACC,yBAAyB,CAACN,UAAU,CAACI,KAAK,CAAC;;QAEtE;QACA,IAAIC,OAAO,IAAKA,OAAO,CAASE,WAAW,EAAE;UAC3C,IAAI,CAACC,WAAW,CAACC,SAAS,CAAEJ,OAAO,CAASE,WAAW,CAAC;QAC1D;QAEA,OAAOF,OAAO;MAChB,CAAC,CAAC,OAAOK,KAAK,EAAE;QACd,IAAKA,KAAK,CAASC,IAAI,KAAK,YAAY,EAAE;UACxC,MAAM,IAAI9B,sBAAsB,CAAC,+BAA+B,CAAC;QACnE;QACA,IAAK6B,KAAK,CAASC,IAAI,KAAK,cAAc,EAAE;UAC1C,MAAM,IAAI9B,sBAAsB,CAAC,6DAA6D,CAAC;QACjG;QACA,MAAM6B,KAAK;MACb;IACF;;IAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACE,MAAME,qBAAqBA,CAAA,EAAyC;MAClE,IAAI,CAAC,IAAI,CAACrB,gBAAgB,CAAC,CAAC,EAAE;QAC5B,OAAO,IAAI;MACb;MAEA,IAAI;QACF,MAAMK,KAAK,GAAG,IAAI,CAACC,aAAa,CAAC,CAAC;QAClC,MAAMC,QAAQ,GAAG,IAAI,CAACC,WAAW,CAAC,CAAC;;QAEnC;QACA,MAAMC,UAAU,GAAG,MAAM,IAAI,CAACC,yBAAyB,CAAC;UACtDC,SAAS,EAAG,IAAI,CAACf,WAAW,CAASE,kBAAkB;UACvDS,QAAQ;UACRF,KAAK;UACLiB,SAAS,EAAE;QACb,CAAC,CAAC;QAEF,IAAI,CAACb,UAAU,IAAI,CAACA,UAAU,CAACI,KAAK,EAAE;UACpC,OAAO,IAAI;QACb;QAEA,MAAMC,OAAO,GAAG,MAAM,IAAI,CAACC,yBAAyB,CAACN,UAAU,CAACI,KAAK,CAAC;QACtE,IAAIC,OAAO,IAAKA,OAAO,CAASE,WAAW,EAAE;UAC3C,IAAI,CAACC,WAAW,CAACC,SAAS,CAAEJ,OAAO,CAASE,WAAW,CAAC;QAC1D;QAEA,OAAOF,OAAO;MAChB,CAAC,CAAC,OAAOK,KAAK,EAAE;QACd;QACA,OAAO,IAAI;MACb;IACF;;IAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACE,MAAaT,yBAAyBA,CAACN,OAMtC,EAAqC;MACpC,MAAMmB,kBAAkB,GAAGnB,OAAO,CAACkB,SAAS,IAAI,UAAU;MAC1D,MAAME,aAAa,GAAGD,kBAAkB,KAAK,QAAQ;;MAErD;MACA,IAAIhC,sBAAsB,IAAIC,mBAAmB,EAAE;QACjD;QACA;QACA,IAAIC,oBAAoB,KAAK,QAAQ,IAAI+B,aAAa,EAAE;UACtD,IAAI;YACF,MAAMhC,mBAAmB;UAC3B,CAAC,CAAC,MAAM;YACN;UAAA;UAEF;QACF,CAAC,MAAM;UACL;UACA,IAAI;YACF,OAAO,MAAMA,mBAAmB;UAClC,CAAC,CAAC,MAAM;YACN,OAAO,IAAI;UACb;QACF;MACF;MAEAD,sBAAsB,GAAG,IAAI;MAC7BE,oBAAoB,GAAG8B,kBAAkB;MACzC,MAAME,UAAU,GAAG,IAAIC,eAAe,CAAC,CAAC;MACxC,MAAMC,OAAO,GAAGC,UAAU,CAAC,MAAMH,UAAU,CAACI,KAAK,CAAC,CAAC,EAAG,IAAI,CAACjC,WAAW,CAASG,aAAa,CAAC;MAE7FP,mBAAmB,GAAG,CAAC,YAAY;QACjC,IAAI;UACF;UACA,MAAMiB,UAAU,GAAI,MAAOP,SAAS,CAAC4B,WAAW,CAASC,GAAG,CAAC;YAC3DC,QAAQ,EAAE;cACRC,SAAS,EAAE,CACT;gBACEtB,SAAS,EAAEP,OAAO,CAACO,SAAS;gBAC5BJ,QAAQ,EAAEH,OAAO,CAACG,QAAQ;gBAC1BF,KAAK,EAAED,OAAO,CAACC,KAAK;gBACpB,IAAID,OAAO,CAACQ,OAAO,IAAI;kBAAEsB,SAAS,EAAE9B,OAAO,CAACQ;gBAAQ,CAAC;cACvD,CAAC;YAEL,CAAC;YACDU,SAAS,EAAEC,kBAAkB;YAC7BY,MAAM,EAAEV,UAAU,CAACU;UACrB,CAAC,CAAS;UAEV,IAAI,CAAC1B,UAAU,IAAIA,UAAU,CAAC2B,IAAI,KAAK,UAAU,EAAE;YACjD,OAAO,IAAI;UACb;UAEA,OAAO;YAAEvB,KAAK,EAAEJ,UAAU,CAACI;UAAM,CAAC;QACpC,CAAC,SAAS;UACRwB,YAAY,CAACV,OAAO,CAAC;UACrBpC,sBAAsB,GAAG,KAAK;UAC9BC,mBAAmB,GAAG,IAAI;UAC1BC,oBAAoB,GAAG,IAAI;QAC7B;MACF,CAAC,EAAE,CAAC;MAEJ,OAAOD,mBAAmB;IAC5B;;IAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;IACE,MAAauB,yBAAyBA,CAACuB,OAAe,EAAiC;MACrF,OAAO,IAAI,CAACC,WAAW,CACrB,MAAM,EACN,qBAAqB,EACrB;QAAEC,QAAQ,EAAEF;MAAQ,CAAC,EACrB;QAAEG,KAAK,EAAE;MAAM,CACjB,CAAC;IACH;;IAEA;AACF;AACA;AACA;AACA;AACA;IACE,MAAMC,qBAAqBA,CAAA,EAAkB;MAC3C,IAAI,CAAC,IAAI,CAAC1C,gBAAgB,CAAC,CAAC,EAAE;QAC5B;MACF;MAEA,IAAI;QACF;QACA,IAAI,oBAAoB,IAAIC,MAAM,IAAI,QAAQ,IAAKA,MAAM,CAAS0C,kBAAkB,EAAE;UACpF,MAAMpC,QAAQ,GAAG,IAAI,CAACC,WAAW,CAAC,CAAC;UACnC,MAAOP,MAAM,CAAS0C,kBAAkB,CAACC,MAAM,CAAC;YAC9CjC,SAAS,EAAG,IAAI,CAACf,WAAW,CAASE,kBAAkB;YACvDS;UACF,CAAC,CAAC;QACJ;MACF,CAAC,CAAC,OAAOY,KAAK,EAAE;QACd;MAAA;IAEJ;;IAEA;AACF;AACA;AACA;AACA;IACE0B,cAAcA,CAAA,EAAgB;MAC5B,OAAO;QACLC,OAAO,EAAE,IAAI,CAAC9C,gBAAgB,CAAC,CAAC;QAChCW,SAAS,EAAG,IAAI,CAACf,WAAW,CAASE,kBAAkB;QACvDS,QAAQ,EAAE,IAAI,CAACC,WAAW,CAAC;MAC7B,CAAC;IACH;;IAEA;AACF;AACA;AACA;AACA;IACSF,aAAaA,CAAA,EAAW;MAC7B,IAAI,OAAOL,MAAM,KAAK,WAAW,IAAIA,MAAM,CAAC8C,MAAM,IAAI9C,MAAM,CAAC8C,MAAM,CAACC,UAAU,EAAE;QAC9E,OAAO/C,MAAM,CAAC8C,MAAM,CAACC,UAAU,CAAC,CAAC;MACnC;MACA;MACA,OAAO,GAAGC,IAAI,CAACC,GAAG,CAAC,CAAC,IAAIC,IAAI,CAACC,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,EAAE,CAAC,CAACC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE;IACvE;;IAEA;AACF;AACA;AACA;AACA;IACS9C,WAAWA,CAAA,EAAW;MAC3B,IAAI,OAAOP,MAAM,KAAK,WAAW,EAAE;QACjC,OAAO,SAAS;MAClB;MACA,OAAOA,MAAM,CAACsD,QAAQ,CAACC,MAAM;IAC/B;EACA,CAAC;AACH;;AAEA;AACA,SAAS9D,qBAAqB,IAAI+D,UAAU","ignoreList":[]}
|
|
1
|
+
{"version":3,"names":["OxyAuthenticationError","fedCMRequestInProgress","fedCMRequestPromise","currentMediationMode","OxyServicesFedCMMixin","Base","constructor","args","DEFAULT_CONFIG_URL","FEDCM_TIMEOUT","FEDCM_SILENT_TIMEOUT","isFedCMSupported","window","navigator","signInWithFedCM","options","nonce","generateNonce","clientId","getClientId","__DEV__","console","log","credential","requestIdentityCredential","configURL","context","token","session","exchangeIdTokenForSession","accessToken","httpService","setTokens","userId","user","id","error","name","silentSignInWithFedCM","mediation","hasCredential","hasToken","silentError","errorName","Error","errorMessage","message","String","optionalError","exchangeError","sessionId","warn","substring","requestedMediation","isInteractive","inProgress","controller","AbortController","timeoutMs","timeout","setTimeout","abort","credentials","get","identity","providers","params","loginHint","signal","type","clearTimeout","idToken","length","response","makeRequest","id_token","cache","hasResponse","hasSessionId","hasUser","hasAccessToken","username","responseKeys","Object","keys","stack","undefined","revokeFedCMCredential","IdentityCredential","logout","getFedCMConfig","enabled","crypto","randomUUID","Date","now","Math","random","toString","location","origin","FedCMMixin"],"sourceRoot":"../../../../src","sources":["core/mixins/OxyServices.fedcm.ts"],"mappings":";;AACA,SAASA,sBAAsB,QAAQ,0BAAuB;AAc9D;AACA;AACA,IAAIC,sBAAsB,GAAG,KAAK;AAClC,IAAIC,mBAAwC,GAAG,IAAI;AACnD,IAAIC,oBAAmC,GAAG,IAAI;;AAE9C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,qBAAqBA,CAAmCC,IAAO,EAAE;EAC/E,OAAO,cAAcA,IAAI,CAAC;IACxBC,WAAWA,CAAC,GAAGC,IAAW,EAAE;MAC1B,KAAK,CAAC,GAAIA,IAAc,CAAC;IAC3B;IACF,OAAuBC,kBAAkB,GAAG,gCAAgC;IAC5E,OAAuBC,aAAa,GAAG,KAAK,CAAC,CAAC;IAC9C,OAAuBC,oBAAoB,GAAG,KAAK,CAAC,CAAC;;IAErD;AACF;AACA;IACE,OAAOC,gBAAgBA,CAAA,EAAY;MACjC,IAAI,OAAOC,MAAM,KAAK,WAAW,EAAE,OAAO,KAAK;MAC/C,OAAO,oBAAoB,IAAIA,MAAM,IAAI,WAAW,IAAIA,MAAM,IAAI,aAAa,IAAIC,SAAS;IAC9F;;IAEA;AACF;AACA;IACEF,gBAAgBA,CAAA,EAAY;MAC1B,OAAQ,IAAI,CAACL,WAAW,CAAkEK,gBAAgB,CAAC,CAAC;IAC9G;;IAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACE,MAAMG,eAAeA,CAACC,OAAyB,GAAG,CAAC,CAAC,EAAiC;MACnF,IAAI,CAAC,IAAI,CAACJ,gBAAgB,CAAC,CAAC,EAAE;QAC5B,MAAM,IAAIX,sBAAsB,CAC9B,uGACF,CAAC;MACH;MAEA,IAAI;QACF,MAAMgB,KAAK,GAAGD,OAAO,CAACC,KAAK,IAAI,IAAI,CAACC,aAAa,CAAC,CAAC;QACnD,MAAMC,QAAQ,GAAG,IAAI,CAACC,WAAW,CAAC,CAAC;QAEnC,IAAI,OAAOC,OAAO,KAAK,WAAW,IAAIA,OAAO,EAAE;UAC7CC,OAAO,CAACC,GAAG,CAAC,wDAAwD,EAAEJ,QAAQ,CAAC;QACjF;;QAEA;QACA,MAAMK,UAAU,GAAG,MAAM,IAAI,CAACC,yBAAyB,CAAC;UACtDC,SAAS,EAAG,IAAI,CAACnB,WAAW,CAASE,kBAAkB;UACvDU,QAAQ;UACRF,KAAK;UACLU,OAAO,EAAEX,OAAO,CAACW;QACnB,CAAC,CAAC;QAEF,IAAI,CAACH,UAAU,IAAI,CAACA,UAAU,CAACI,KAAK,EAAE;UACpC,MAAM,IAAI3B,sBAAsB,CAAC,qCAAqC,CAAC;QACzE;QAEA,IAAI,OAAOoB,OAAO,KAAK,WAAW,IAAIA,OAAO,EAAE;UAC7CC,OAAO,CAACC,GAAG,CAAC,qEAAqE,CAAC;QACpF;;QAEA;QACA,MAAMM,OAAO,GAAG,MAAM,IAAI,CAACC,yBAAyB,CAACN,UAAU,CAACI,KAAK,CAAC;;QAEtE;QACA,IAAIC,OAAO,IAAKA,OAAO,CAASE,WAAW,EAAE;UAC3C,IAAI,CAACC,WAAW,CAACC,SAAS,CAAEJ,OAAO,CAASE,WAAW,CAAC;QAC1D;QAEA,IAAI,OAAOV,OAAO,KAAK,WAAW,IAAIA,OAAO,EAAE;UAC7CC,OAAO,CAACC,GAAG,CAAC,uCAAuC,EAAE;YAAEW,MAAM,EAAGL,OAAO,EAAUM,IAAI,EAAEC;UAAG,CAAC,CAAC;QAC9F;QAEA,OAAOP,OAAO;MAChB,CAAC,CAAC,OAAOQ,KAAK,EAAE;QACd,IAAI,OAAOhB,OAAO,KAAK,WAAW,IAAIA,OAAO,EAAE;UAC7CC,OAAO,CAACC,GAAG,CAAC,qCAAqC,EAAEc,KAAK,CAAC;QAC3D;QACA,IAAKA,KAAK,CAASC,IAAI,KAAK,YAAY,EAAE;UACxC,MAAM,IAAIrC,sBAAsB,CAAC,+BAA+B,CAAC;QACnE;QACA,IAAKoC,KAAK,CAASC,IAAI,KAAK,cAAc,EAAE;UAC1C,MAAM,IAAIrC,sBAAsB,CAAC,6DAA6D,CAAC;QACjG;QACA,MAAMoC,KAAK;MACb;IACF;;IAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACE,MAAME,qBAAqBA,CAAA,EAAyC;MAClE,IAAI,CAAC,IAAI,CAAC3B,gBAAgB,CAAC,CAAC,EAAE;QAC5BU,OAAO,CAACC,GAAG,CAAC,yDAAyD,CAAC;QACtE,OAAO,IAAI;MACb;MAEA,MAAMJ,QAAQ,GAAG,IAAI,CAACC,WAAW,CAAC,CAAC;MACnCE,OAAO,CAACC,GAAG,CAAC,kCAAkC,EAAEJ,QAAQ,CAAC;;MAEzD;MACA,IAAIK,UAAoC,GAAG,IAAI;MAE/C,IAAI;QACF,MAAMP,KAAK,GAAG,IAAI,CAACC,aAAa,CAAC,CAAC;QAClCI,OAAO,CAACC,GAAG,CAAC,oDAAoD,CAAC;QAEjEC,UAAU,GAAG,MAAM,IAAI,CAACC,yBAAyB,CAAC;UAChDC,SAAS,EAAG,IAAI,CAACnB,WAAW,CAASE,kBAAkB;UACvDU,QAAQ;UACRF,KAAK;UACLuB,SAAS,EAAE;QACb,CAAC,CAAC;QAEFlB,OAAO,CAACC,GAAG,CAAC,8CAA8C,EAAE;UAAEkB,aAAa,EAAE,CAAC,CAACjB,UAAU;UAAEkB,QAAQ,EAAE,CAAC,CAAClB,UAAU,EAAEI;QAAM,CAAC,CAAC;MAC7H,CAAC,CAAC,OAAOe,WAAW,EAAE;QACpB;QACA,MAAMC,SAAS,GAAGD,WAAW,YAAYE,KAAK,GAAGF,WAAW,CAACL,IAAI,GAAG,SAAS;QAC7E,MAAMQ,YAAY,GAAGH,WAAW,YAAYE,KAAK,GAAGF,WAAW,CAACI,OAAO,GAAGC,MAAM,CAACL,WAAW,CAAC;QAC7FrB,OAAO,CAACC,GAAG,CAAC,iEAAiE,EAAE;UAAEe,IAAI,EAAEM,SAAS;UAAEG,OAAO,EAAED;QAAa,CAAC,CAAC;MAC5H;;MAEA;MACA,IAAI,CAACtB,UAAU,IAAI,CAACA,UAAU,CAACI,KAAK,EAAE;QACpC,IAAI;UACF,MAAMX,KAAK,GAAG,IAAI,CAACC,aAAa,CAAC,CAAC;UAClCI,OAAO,CAACC,GAAG,CAAC,wEAAwE,CAAC;UAErFC,UAAU,GAAG,MAAM,IAAI,CAACC,yBAAyB,CAAC;YAChDC,SAAS,EAAG,IAAI,CAACnB,WAAW,CAASE,kBAAkB;YACvDU,QAAQ;YACRF,KAAK;YACLuB,SAAS,EAAE;UACb,CAAC,CAAC;UAEFlB,OAAO,CAACC,GAAG,CAAC,gDAAgD,EAAE;YAAEkB,aAAa,EAAE,CAAC,CAACjB,UAAU;YAAEkB,QAAQ,EAAE,CAAC,CAAClB,UAAU,EAAEI;UAAM,CAAC,CAAC;QAC/H,CAAC,CAAC,OAAOqB,aAAa,EAAE;UACtB,MAAML,SAAS,GAAGK,aAAa,YAAYJ,KAAK,GAAGI,aAAa,CAACX,IAAI,GAAG,SAAS;UACjF,MAAMQ,YAAY,GAAGG,aAAa,YAAYJ,KAAK,GAAGI,aAAa,CAACF,OAAO,GAAGC,MAAM,CAACC,aAAa,CAAC;UACnG3B,OAAO,CAACC,GAAG,CAAC,qDAAqD,EAAE;YAAEe,IAAI,EAAEM,SAAS;YAAEG,OAAO,EAAED;UAAa,CAAC,CAAC;UAC9G,OAAO,IAAI;QACb;MACF;MAEA,IAAI,CAACtB,UAAU,IAAI,CAACA,UAAU,CAACI,KAAK,EAAE;QACpCN,OAAO,CAACC,GAAG,CAAC,wGAAwG,CAAC;QACrH,OAAO,IAAI;MACb;MAEAD,OAAO,CAACC,GAAG,CAAC,+DAA+D,CAAC;MAE5E,IAAIM,OAA6B;MACjC,IAAI;QACFA,OAAO,GAAG,MAAM,IAAI,CAACC,yBAAyB,CAACN,UAAU,CAACI,KAAK,CAAC;MAClE,CAAC,CAAC,OAAOsB,aAAa,EAAE;QACtB5B,OAAO,CAACe,KAAK,CAAC,4CAA4C,EAAEa,aAAa,CAAC;QAC1E,OAAO,IAAI;MACb;;MAEA;MACA,IAAI,CAACrB,OAAO,EAAE;QACZP,OAAO,CAACe,KAAK,CAAC,oDAAoD,CAAC;QACnE,OAAO,IAAI;MACb;MAEA,IAAI,CAACR,OAAO,CAACsB,SAAS,EAAE;QACtB7B,OAAO,CAACe,KAAK,CAAC,kEAAkE,EAAER,OAAO,CAAC;QAC1F,OAAO,IAAI;MACb;MAEA,IAAI,CAACA,OAAO,CAACM,IAAI,EAAE;QACjBb,OAAO,CAACe,KAAK,CAAC,6DAA6D,EAAER,OAAO,CAAC;QACrF,OAAO,IAAI;MACb;;MAEA;MACA,IAAKA,OAAO,CAASE,WAAW,EAAE;QAChC,IAAI,CAACC,WAAW,CAACC,SAAS,CAAEJ,OAAO,CAASE,WAAW,CAAC;QACxDT,OAAO,CAACC,GAAG,CAAC,sCAAsC,CAAC;MACrD,CAAC,MAAM;QACLD,OAAO,CAAC8B,IAAI,CAAC,wDAAwD,CAAC;MACxE;MAEA9B,OAAO,CAACC,GAAG,CAAC,8BAA8B,EAAE;QAC1C4B,SAAS,EAAEtB,OAAO,CAACsB,SAAS,EAAEE,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK;QACrDnB,MAAM,EAAEL,OAAO,CAACM,IAAI,EAAEC;MACxB,CAAC,CAAC;MAEF,OAAOP,OAAO;IAChB;;IAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACE,MAAaJ,yBAAyBA,CAACT,OAMtC,EAAqC;MACpC,MAAMsC,kBAAkB,GAAGtC,OAAO,CAACwB,SAAS,IAAI,UAAU;MAC1D,MAAMe,aAAa,GAAGD,kBAAkB,KAAK,QAAQ;MAErDhC,OAAO,CAACC,GAAG,CAAC,2CAA2C,EAAE;QACvDiB,SAAS,EAAEc,kBAAkB;QAC7BnC,QAAQ,EAAEH,OAAO,CAACG,QAAQ;QAC1BqC,UAAU,EAAEtD;MACd,CAAC,CAAC;;MAEF;MACA,IAAIA,sBAAsB,IAAIC,mBAAmB,EAAE;QACjDmB,OAAO,CAACC,GAAG,CAAC,iDAAiD,CAAC;QAC9D;QACA;QACA,IAAInB,oBAAoB,KAAK,QAAQ,IAAImD,aAAa,EAAE;UACtD,IAAI;YACF,MAAMpD,mBAAmB;UAC3B,CAAC,CAAC,MAAM;YACN;UAAA;UAEF;QACF,CAAC,MAAM;UACL;UACA,IAAI;YACF,OAAO,MAAMA,mBAAmB;UAClC,CAAC,CAAC,MAAM;YACN,OAAO,IAAI;UACb;QACF;MACF;MAEAD,sBAAsB,GAAG,IAAI;MAC7BE,oBAAoB,GAAGkD,kBAAkB;MACzC,MAAMG,UAAU,GAAG,IAAIC,eAAe,CAAC,CAAC;MACxC;MACA,MAAMC,SAAS,GAAGL,kBAAkB,KAAK,QAAQ,GAC5C,IAAI,CAAC/C,WAAW,CAASI,oBAAoB,GAC7C,IAAI,CAACJ,WAAW,CAASG,aAAa;MAC3C,MAAMkD,OAAO,GAAGC,UAAU,CAAC,MAAM;QAC/BvC,OAAO,CAACC,GAAG,CAAC,iCAAiC,EAAEoC,SAAS,EAAE,gBAAgB,EAAEL,kBAAkB,GAAG,GAAG,CAAC;QACrGG,UAAU,CAACK,KAAK,CAAC,CAAC;MACpB,CAAC,EAAEH,SAAS,CAAC;MAEbxD,mBAAmB,GAAG,CAAC,YAAY;QACjC,IAAI;UACFmB,OAAO,CAACC,GAAG,CAAC,2DAA2D,EAAE+B,kBAAkB,CAAC;UAC5F;UACA,MAAM9B,UAAU,GAAI,MAAOV,SAAS,CAACiD,WAAW,CAASC,GAAG,CAAC;YAC3DC,QAAQ,EAAE;cACRC,SAAS,EAAE,CACT;gBACExC,SAAS,EAAEV,OAAO,CAACU,SAAS;gBAC5BP,QAAQ,EAAEH,OAAO,CAACG,QAAQ;gBAC1B;gBACAF,KAAK,EAAED,OAAO,CAACC,KAAK;gBAAE;gBACtBkD,MAAM,EAAE;kBACNlD,KAAK,EAAED,OAAO,CAACC,KAAK,CAAE;gBACxB,CAAC;gBACD,IAAID,OAAO,CAACW,OAAO,IAAI;kBAAEyC,SAAS,EAAEpD,OAAO,CAACW;gBAAQ,CAAC;cACvD,CAAC;YAEL,CAAC;YACDa,SAAS,EAAEc,kBAAkB;YAC7Be,MAAM,EAAEZ,UAAU,CAACY;UACrB,CAAC,CAAS;UAEV/C,OAAO,CAACC,GAAG,CAAC,6CAA6C,EAAE;YACzDkB,aAAa,EAAE,CAAC,CAACjB,UAAU;YAC3B8C,IAAI,EAAE9C,UAAU,EAAE8C,IAAI;YACtB5B,QAAQ,EAAE,CAAC,CAAClB,UAAU,EAAEI;UAC1B,CAAC,CAAC;UAEF,IAAI,CAACJ,UAAU,IAAIA,UAAU,CAAC8C,IAAI,KAAK,UAAU,EAAE;YACjDhD,OAAO,CAACC,GAAG,CAAC,+CAA+C,CAAC;YAC5D,OAAO,IAAI;UACb;UAEAD,OAAO,CAACC,GAAG,CAAC,kDAAkD,CAAC;UAC/D,OAAO;YAAEK,KAAK,EAAEJ,UAAU,CAACI;UAAM,CAAC;QACpC,CAAC,CAAC,OAAOS,KAAK,EAAE;UACd,MAAMO,SAAS,GAAGP,KAAK,YAAYQ,KAAK,GAAGR,KAAK,CAACC,IAAI,GAAG,SAAS;UACjE,MAAMQ,YAAY,GAAGT,KAAK,YAAYQ,KAAK,GAAGR,KAAK,CAACU,OAAO,GAAGC,MAAM,CAACX,KAAK,CAAC;UAC3Ef,OAAO,CAACC,GAAG,CAAC,0CAA0C,EAAE;YAAEe,IAAI,EAAEM,SAAS;YAAEG,OAAO,EAAED;UAAa,CAAC,CAAC;UACnG,MAAMT,KAAK;QACb,CAAC,SAAS;UACRkC,YAAY,CAACX,OAAO,CAAC;UACrB1D,sBAAsB,GAAG,KAAK;UAC9BC,mBAAmB,GAAG,IAAI;UAC1BC,oBAAoB,GAAG,IAAI;QAC7B;MACF,CAAC,EAAE,CAAC;MAEJ,OAAOD,mBAAmB;IAC5B;;IAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;IACE,MAAa2B,yBAAyBA,CAAC0C,OAAe,EAAiC;MACrFlD,OAAO,CAACC,GAAG,CAAC,yDAAyD,CAAC;MACtED,OAAO,CAACC,GAAG,CAAC,kDAAkD,EAAEiD,OAAO,EAAEC,MAAM,CAAC;MAChFnD,OAAO,CAACC,GAAG,CAAC,mDAAmD,EAAEiD,OAAO,EAAEnB,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC;MAEnG,IAAI;QACF,MAAMqB,QAAQ,GAAG,MAAM,IAAI,CAACC,WAAW,CACrC,MAAM,EACN,qBAAqB,EACrB;UAAEC,QAAQ,EAAEJ;QAAQ,CAAC,EACrB;UAAEK,KAAK,EAAE;QAAM,CACjB,CAAC;QAEDvD,OAAO,CAACC,GAAG,CAAC,uDAAuD,EAAE;UACnEuD,WAAW,EAAE,CAAC,CAACJ,QAAQ;UACvBK,YAAY,EAAE,CAAC,CAAEL,QAAQ,EAAUvB,SAAS;UAC5C6B,OAAO,EAAE,CAAC,CAAEN,QAAQ,EAAUvC,IAAI;UAClC8C,cAAc,EAAE,CAAC,CAAEP,QAAQ,EAAU3C,WAAW;UAChDG,MAAM,EAAGwC,QAAQ,EAAUvC,IAAI,EAAEC,EAAE;UACnC8C,QAAQ,EAAGR,QAAQ,EAAUvC,IAAI,EAAE+C,QAAQ;UAC3CC,YAAY,EAAET,QAAQ,GAAGU,MAAM,CAACC,IAAI,CAACX,QAAQ,CAAC,GAAG;QACnD,CAAC,CAAC;QAEF,OAAOA,QAAQ;MACjB,CAAC,CAAC,OAAOrC,KAAK,EAAE;QACdf,OAAO,CAACe,KAAK,CAAC,2CAA2C,EAAE;UACzDC,IAAI,EAAED,KAAK,YAAYQ,KAAK,GAAGR,KAAK,CAACC,IAAI,GAAG,SAAS;UACrDS,OAAO,EAAEV,KAAK,YAAYQ,KAAK,GAAGR,KAAK,CAACU,OAAO,GAAGC,MAAM,CAACX,KAAK,CAAC;UAC/DiD,KAAK,EAAEjD,KAAK,YAAYQ,KAAK,GAAGR,KAAK,CAACiD,KAAK,GAAGC;QAChD,CAAC,CAAC;QACF,MAAMlD,KAAK;MACb;IACF;;IAEA;AACF;AACA;AACA;AACA;AACA;IACE,MAAMmD,qBAAqBA,CAAA,EAAkB;MAC3C,IAAI,CAAC,IAAI,CAAC5E,gBAAgB,CAAC,CAAC,EAAE;QAC5B;MACF;MAEA,IAAI;QACF;QACA,IAAI,oBAAoB,IAAIC,MAAM,IAAI,QAAQ,IAAKA,MAAM,CAAS4E,kBAAkB,EAAE;UACpF,MAAMtE,QAAQ,GAAG,IAAI,CAACC,WAAW,CAAC,CAAC;UACnC,MAAOP,MAAM,CAAS4E,kBAAkB,CAACC,MAAM,CAAC;YAC9ChE,SAAS,EAAG,IAAI,CAACnB,WAAW,CAASE,kBAAkB;YACvDU;UACF,CAAC,CAAC;QACJ;MACF,CAAC,CAAC,OAAOkB,KAAK,EAAE;QACd;MAAA;IAEJ;;IAEA;AACF;AACA;AACA;AACA;IACEsD,cAAcA,CAAA,EAAgB;MAC5B,OAAO;QACLC,OAAO,EAAE,IAAI,CAAChF,gBAAgB,CAAC,CAAC;QAChCc,SAAS,EAAG,IAAI,CAACnB,WAAW,CAASE,kBAAkB;QACvDU,QAAQ,EAAE,IAAI,CAACC,WAAW,CAAC;MAC7B,CAAC;IACH;;IAEA;AACF;AACA;AACA;AACA;IACSF,aAAaA,CAAA,EAAW;MAC7B,IAAI,OAAOL,MAAM,KAAK,WAAW,IAAIA,MAAM,CAACgF,MAAM,IAAIhF,MAAM,CAACgF,MAAM,CAACC,UAAU,EAAE;QAC9E,OAAOjF,MAAM,CAACgF,MAAM,CAACC,UAAU,CAAC,CAAC;MACnC;MACA;MACA,OAAO,GAAGC,IAAI,CAACC,GAAG,CAAC,CAAC,IAAIC,IAAI,CAACC,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,EAAE,CAAC,CAAC9C,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE;IACvE;;IAEA;AACF;AACA;AACA;AACA;IACSjC,WAAWA,CAAA,EAAW;MAC3B,IAAI,OAAOP,MAAM,KAAK,WAAW,EAAE;QACjC,OAAO,SAAS;MAClB;MACA,OAAOA,MAAM,CAACuF,QAAQ,CAACC,MAAM;IAC/B;EACA,CAAC;AACH;;AAEA;AACA,SAAShG,qBAAqB,IAAIiG,UAAU","ignoreList":[]}
|
|
@@ -90,6 +90,22 @@ export function OxyServicesPopupAuthMixin(Base) {
|
|
|
90
90
|
if (session && session.accessToken) {
|
|
91
91
|
this.httpService.setTokens(session.accessToken);
|
|
92
92
|
}
|
|
93
|
+
|
|
94
|
+
// Fetch user data using the session ID
|
|
95
|
+
// The callback page only sends sessionId/accessToken, not user data
|
|
96
|
+
if (session && session.sessionId && !session.user) {
|
|
97
|
+
try {
|
|
98
|
+
const userData = await this.makeRequest('GET', `/api/session/user/${session.sessionId}`, undefined, {
|
|
99
|
+
cache: false
|
|
100
|
+
});
|
|
101
|
+
if (userData) {
|
|
102
|
+
session.user = userData;
|
|
103
|
+
}
|
|
104
|
+
} catch (userError) {
|
|
105
|
+
console.warn('[PopupAuth] Failed to fetch user data:', userError);
|
|
106
|
+
// Continue without user data - caller can fetch separately
|
|
107
|
+
}
|
|
108
|
+
}
|
|
93
109
|
return session;
|
|
94
110
|
} catch (error) {
|
|
95
111
|
throw error;
|
|
@@ -195,8 +211,21 @@ export function OxyServicesPopupAuthMixin(Base) {
|
|
|
195
211
|
reject(new OxyAuthenticationError('Authentication timeout'));
|
|
196
212
|
}, timeout);
|
|
197
213
|
const messageHandler = event => {
|
|
214
|
+
const authUrl = this.constructor.AUTH_URL;
|
|
215
|
+
|
|
216
|
+
// Log all messages for debugging
|
|
217
|
+
if (event.data && typeof event.data === 'object' && event.data.type) {
|
|
218
|
+
console.log('[PopupAuth] Message received:', {
|
|
219
|
+
origin: event.origin,
|
|
220
|
+
expectedOrigin: authUrl,
|
|
221
|
+
type: event.data.type,
|
|
222
|
+
hasSession: !!event.data.session,
|
|
223
|
+
hasError: !!event.data.error
|
|
224
|
+
});
|
|
225
|
+
}
|
|
226
|
+
|
|
198
227
|
// CRITICAL: Verify origin to prevent XSS attacks
|
|
199
|
-
if (event.origin !==
|
|
228
|
+
if (event.origin !== authUrl) {
|
|
200
229
|
return;
|
|
201
230
|
}
|
|
202
231
|
const {
|
|
@@ -208,19 +237,29 @@ export function OxyServicesPopupAuthMixin(Base) {
|
|
|
208
237
|
if (type !== 'oxy_auth_response') {
|
|
209
238
|
return;
|
|
210
239
|
}
|
|
240
|
+
console.log('[PopupAuth] Valid auth response:', {
|
|
241
|
+
state,
|
|
242
|
+
expectedState,
|
|
243
|
+
hasSession: !!session,
|
|
244
|
+
error
|
|
245
|
+
});
|
|
211
246
|
|
|
212
247
|
// Verify state parameter to prevent CSRF attacks
|
|
213
248
|
if (state !== expectedState) {
|
|
214
249
|
cleanup();
|
|
250
|
+
console.error('[PopupAuth] State mismatch');
|
|
215
251
|
reject(new OxyAuthenticationError('Invalid state parameter. Possible CSRF attack.'));
|
|
216
252
|
return;
|
|
217
253
|
}
|
|
218
254
|
cleanup();
|
|
219
255
|
if (error) {
|
|
256
|
+
console.error('[PopupAuth] Auth error:', error);
|
|
220
257
|
reject(new OxyAuthenticationError(error));
|
|
221
258
|
} else if (session) {
|
|
259
|
+
console.log('[PopupAuth] Session received successfully');
|
|
222
260
|
resolve(session);
|
|
223
261
|
} else {
|
|
262
|
+
console.error('[PopupAuth] No session in response');
|
|
224
263
|
reject(new OxyAuthenticationError('No session received from authentication server'));
|
|
225
264
|
}
|
|
226
265
|
};
|