@sourceregistry/sveltekit-oidc 1.3.0 → 1.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md
CHANGED
|
@@ -129,6 +129,7 @@ export async function load(event) {
|
|
|
129
129
|
session={data.session}
|
|
130
130
|
config={data.sessionManagement}
|
|
131
131
|
logoutPath="/auth/logout"
|
|
132
|
+
monitorSession={false}
|
|
132
133
|
redirectIfUnauthenticated={false}
|
|
133
134
|
>
|
|
134
135
|
<Account />
|
|
@@ -160,6 +161,10 @@ export async function load(event) {
|
|
|
160
161
|
- periodic `invalidateAll()` revalidation so revoked server sessions are detected
|
|
161
162
|
- a client context for nested auth-aware components through `useOIDC()` / `getOIDCContext()`
|
|
162
163
|
|
|
164
|
+
Set `monitorSession={false}` when you want to keep the client context but leave remote session
|
|
165
|
+
revocation checks to your server-side guard or another mechanism. This disables
|
|
166
|
+
`check_session_iframe` polling without changing the provider metadata exposed through the context.
|
|
167
|
+
|
|
163
168
|
## Typed Custom Claims
|
|
164
169
|
|
|
165
170
|
`createOIDC` infers a `TClaims` type from whatever `transformClaims` / `transformUser` / `transformSession` return, and threads it through the session, `event.locals.oidc`, `OIDCPublicSession`, and the client context — no casts needed.
|
|
@@ -302,6 +307,6 @@ Set these environment variables to enable it:
|
|
|
302
307
|
- The library validates `id_token` and `logout_token` values through `@sourceregistry/node-jwt` and provider JWKS metadata.
|
|
303
308
|
- `groups` are normalized onto the session from `groups` and `roles` claims when present.
|
|
304
309
|
- Use `transformClaims`, `transformUser`, and `transformSession` to project provider-specific claims into your own session shape.
|
|
305
|
-
- `check_session_iframe` monitoring only runs when the provider advertises that endpoint and the session includes `session_state`.
|
|
310
|
+
- `check_session_iframe` monitoring only runs when `monitorSession` is enabled, the provider advertises that endpoint, and the session includes `session_state`.
|
|
306
311
|
- Refresh token handling is automatic when a valid refresh token is present.
|
|
307
312
|
- `event.locals.oidc` is attached by the hook and typed via `OIDCHandleLocals<TClaims>`; see [Typed Custom Claims](#typed-custom-claims) for wiring your own claim shapes through `app.d.ts`.
|
|
@@ -19,6 +19,7 @@
|
|
|
19
19
|
loginPath,
|
|
20
20
|
logoutPath = '/auth/logout',
|
|
21
21
|
checkSessionIntervalMs = 5000,
|
|
22
|
+
monitorSession = true,
|
|
22
23
|
revalidateIntervalMs = 30000,
|
|
23
24
|
redirectOnExpired = 'login',
|
|
24
25
|
redirectOnRevoked = 'login',
|
|
@@ -30,6 +31,7 @@
|
|
|
30
31
|
loginPath?: string;
|
|
31
32
|
logoutPath?: string;
|
|
32
33
|
checkSessionIntervalMs?: number;
|
|
34
|
+
monitorSession?: boolean;
|
|
33
35
|
revalidateIntervalMs?: number;
|
|
34
36
|
redirectOnExpired?: RedirectMode;
|
|
35
37
|
redirectOnRevoked?: RedirectMode;
|
|
@@ -47,7 +49,7 @@
|
|
|
47
49
|
config.metadata.check_session_iframe ?? config.checkSessionIframe ?? undefined
|
|
48
50
|
);
|
|
49
51
|
const canMonitorIframe = $derived(
|
|
50
|
-
Boolean(session?.isAuthenticated && session?.sessionState && iframeUrl)
|
|
52
|
+
Boolean(monitorSession && session?.isAuthenticated && session?.sessionState && iframeUrl)
|
|
51
53
|
);
|
|
52
54
|
|
|
53
55
|
const context = setOIDCContext<TClaims>({
|
|
@@ -7,6 +7,7 @@ declare function $$render<TClaims extends OIDCUserClaims = OIDCUserClaims>(): {
|
|
|
7
7
|
loginPath?: string;
|
|
8
8
|
logoutPath?: string;
|
|
9
9
|
checkSessionIntervalMs?: number;
|
|
10
|
+
monitorSession?: boolean;
|
|
10
11
|
revalidateIntervalMs?: number;
|
|
11
12
|
redirectOnExpired?: "none" | "login" | "logout" | "reload";
|
|
12
13
|
redirectOnRevoked?: "none" | "login" | "logout" | "reload";
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sourceregistry/sveltekit-oidc",
|
|
3
|
-
"version": "1.3.
|
|
4
|
-
"description": "OIDC authentication helpers for SvelteKit applications
|
|
3
|
+
"version": "1.3.1",
|
|
4
|
+
"description": "OIDC authentication helpers for SvelteKit applications",
|
|
5
5
|
"license": "Apache-2.0",
|
|
6
6
|
"scripts": {
|
|
7
7
|
"dev": "vite dev",
|