npm - @spidy092/auth-client - Versions diffs - 1.0.8 → 1.0.10 - Mend

@spidy092/auth-client 1.0.8 → 1.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/config.js CHANGED Viewed

@@ -1,8 +1,11 @@
+// auth-client/config.js
 let config = {
   clientKey: null,
   authBaseUrl: null,
   redirectUri: null,
-  usePkce: false, // optional future
+  accountUiUrl: null,
+  isRouter: false, // ✅ Add router flag
+  usePkce: false,
 };
 export function setConfig(customConfig = {}) {
@@ -14,13 +17,21 @@ export function setConfig(customConfig = {}) {
     ...config,
     ...customConfig,
     redirectUri: customConfig.redirectUri || window.location.origin + '/callback',
+    // ✅ Auto-detect router mode
+    isRouter: customConfig.isRouter || customConfig.clientKey === 'account-ui'
   };
+  console.log(`🔧 Auth Client Mode: ${config.isRouter ? 'ROUTER' : 'CLIENT'}`, {
+    clientKey: config.clientKey,
+    isRouter: config.isRouter
+  });
 }
 export function getConfig() {
   return { ...config };
 }
-// pass client key and authbaseurl and redirectUri
+// ✅ Helper function
+export function isRouterMode() {
+  return config.isRouter;
+}

package/core.js CHANGED Viewed

@@ -1,146 +1,178 @@
+// auth-client/core.js
 import { setToken, clearToken, getToken } from './token';
-import { getConfig } from './config';
+import { getConfig, isRouterMode } from './config';
-export function login(clientKeyArg, redirectUriArg) {  // Removed stateArg
+// ✅ Track if callback was already processed
+let callbackProcessed = false;
+export function handleCallback() {
+  const params = new URLSearchParams(window.location.search);
+  const accessToken = params.get('access_token');
+  const error = params.get('error');
+  console.log('🔄 Handling authentication callback:', {
+    mode: isRouterMode() ? 'ROUTER' : 'CLIENT',
+    hasAccessToken: !!accessToken,
+    error,
+    alreadyProcessed: callbackProcessed // ✅ Log if already processed
+  });
+  // ✅ If already processed and we have a token, return it
+  if (callbackProcessed) {
+    const existingToken = getToken();
+    if (existingToken) {
+      console.log('🔄 Callback already processed, returning existing token');
+      return existingToken;
+    }
+  }
+  // ✅ Mark as processed first
+  callbackProcessed = true;
+  // Clean up session storage (only once)
+  sessionStorage.removeItem('originalApp');
+  sessionStorage.removeItem('returnUrl');
+  if (error) {
+    throw new Error(`Authentication failed: ${error}`);
+  }
+  if (accessToken) {
+    setToken(accessToken);
+    console.log('✅ Token set successfully');
+    return accessToken;
+  }
+  throw new Error('No access token found in callback URL');
+}
+// ✅ Reset callback state when needed
+export function resetCallbackState() {
+  callbackProcessed = false;
+}
+// Your other functions remain the same...
+export function login(clientKeyArg, redirectUriArg) {
+  // ✅ Reset callback state when starting new login
+  resetCallbackState();
   const {
-    clientKey: defaultClientKey,
-    authBaseUrl,
-    redirectUri: defaultRedirectUri,
-    accountUiUrl
+    clientKey: defaultClientKey,
+    authBaseUrl,
+    redirectUri: defaultRedirectUri,
+    accountUiUrl
   } = getConfig();
   const clientKey = clientKeyArg || defaultClientKey;
   const redirectUri = redirectUriArg || defaultRedirectUri;
-  // Removed state generation
-  console.log('Initiating login with parameters:', {
+  console.log('🔄 Smart Login initiated:', {
+    mode: isRouterMode() ? 'ROUTER' : 'CLIENT',
     clientKey,
     redirectUri
-    // Removed state from logging
   });
   if (!clientKey || !redirectUri) {
     throw new Error('Missing clientKey or redirectUri');
   }
-  // Store only app info, no state
+  // Store app info
   sessionStorage.setItem('originalApp', clientKey);
   sessionStorage.setItem('returnUrl', redirectUri);
-  // --- ENTERPRISE LOGIC ---
-  // If we are already in Account-UI, go straight to the backend
-  if (window.location.origin === accountUiUrl && clientKey === 'account-ui') {
-    // Direct SSO kick-off for Account-UI (no state parameter)
-    const backendLoginUrl = `${authBaseUrl}/login/${clientKey}?redirect_uri=${encodeURIComponent(redirectUri)}`;
-    console.log('Redirecting directly to auth backend:', backendLoginUrl);
-    window.location.href = backendLoginUrl;
-    return;
+  // Smart Router Logic (from my previous response)
+  if (isRouterMode()) {
+    return routerLogin(clientKey, redirectUri);
+  } else {
+    return clientLogin(clientKey, redirectUri);
   }
+}
+// ✅ Router mode: Direct backend call
+function routerLogin(clientKey, redirectUri) {
+  const { authBaseUrl } = getConfig();
+  const backendLoginUrl = `${authBaseUrl}/login/${clientKey}?redirect_uri=${encodeURIComponent(redirectUri)}`;
+  console.log('🏭 Router Login: Direct backend authentication', {
+    clientKey,
+    redirectUri,
+    backendUrl: backendLoginUrl
+  });
+  window.location.href = backendLoginUrl;
+}
-  // Otherwise, centralized login flow (for other apps, no state)
-  const accountLoginUrl = `${accountUiUrl}/login?` + new URLSearchParams({
-    client: clientKey,
-    redirect_uri: redirectUri
-    // Removed state
+// ✅ Client mode: Centralized login
+function clientLogin(clientKey, redirectUri) {
+  const { accountUiUrl } = getConfig();
+  const centralizedLoginUrl = `${accountUiUrl}/login?client=${clientKey}&redirect_uri=${encodeURIComponent(redirectUri)}`;
+  console.log('🔄 Client Login: Redirecting to centralized login', {
+    clientKey,
+    redirectUri,
+    centralizedUrl: centralizedLoginUrl
   });
-  console.log('Redirecting to centralized Account UI:', accountLoginUrl);
-  window.location.href = accountLoginUrl;
+  window.location.href = centralizedLoginUrl;
 }
 export function logout() {
+  // ✅ Reset callback state on logout
+  resetCallbackState();
   const { clientKey, authBaseUrl, accountUiUrl } = getConfig();
   const token = getToken();
-  console.log('Initiating logout for client:', clientKey);
+  console.log('🚪 Smart Logout initiated:', {
+    mode: isRouterMode() ? 'ROUTER' : 'CLIENT',
+    clientKey,
+    hasToken: !!token
+  });
   // Clear local storage immediately
   clearToken();
   sessionStorage.clear();
-  // Don't clear localStorage completely - might break other stuff
-  // localStorage.clear(); // Remove this line
-  // Call backend logout if we have a token
-  if (token) {
-    fetch(`${authBaseUrl}/logout/${clientKey}`, {
-      method: 'POST',
-      credentials: 'include', // ✅ CRITICAL: This sends cookies
-      headers: {
-        'Authorization': `Bearer ${token}`,
-        'Content-Type': 'application/json'
-      }
-    })
-    .then(response => response.json())
-    .then(data => {
-      console.log('Backend logout response:', data);
-      // If we get a Keycloak logout URL, redirect there
-      if (data.keycloakLogoutUrl) {
-        window.location.href = data.keycloakLogoutUrl;
-        return;
-      }
-      // Otherwise redirect to login
-      window.location.href = `${accountUiUrl}/login`;
-    })
-    .catch(error => {
-      console.error('Logout error:', error);
-      // Always redirect to login even on error
-      window.location.href = `${accountUiUrl}/login`;
-    });
+  if (isRouterMode()) {
+    return routerLogout(clientKey, authBaseUrl, accountUiUrl, token);
   } else {
-    // No token, just redirect to login
-    window.location.href = `${accountUiUrl}/login`;
+    return clientLogout(clientKey, accountUiUrl);
   }
 }
-export function handleCallback() {
-  const params = new URLSearchParams(window.location.search);
-  const accessToken = params.get('access_token');
-  const error = params.get('error');
-  // Removed state handling completely
-  console.log('Handling authentication callback:', {
-    accessToken,
-    error
-    // Removed state from logging
-  });
+// Router logout (same as before)
+async function routerLogout(clientKey, authBaseUrl, accountUiUrl, token) {
+  console.log('🏭 Router Logout: Backend logout for all sessions');
-  // Removed all state validation
-  sessionStorage.removeItem('originalApp');
-  sessionStorage.removeItem('returnUrl');
-  if (error) {
-    throw new Error(`Authentication failed: ${error}`);
-  }
+  if (token) {
+    try {
+      const response = await fetch(`${authBaseUrl}/logout/${clientKey}`, {
+        method: 'POST',
+        credentials: 'include',
+        headers: {
+          'Authorization': `Bearer ${token}`,
+          'Content-Type': 'application/json'
+        }
+      });
+      const data = await response.json();
+      console.log('Backend logout response:', data);
-  if (accessToken) {
-    setToken(accessToken);
-    return accessToken;
+      if (data.keycloakLogoutUrl) {
+        window.location.href = data.keycloakLogoutUrl;
+        return;
+      }
+    } catch (error) {
+      console.warn('Backend logout failed:', error);
+    }
   }
-  throw new Error('No access token found in callback URL');
+  window.location.href = '/login';
 }
-export async function refreshToken() {
-  const { clientKey, authBaseUrl } = getConfig();
-  try {
-    const response = await fetch(`${authBaseUrl}/refresh/${clientKey}`, {
-      method: 'POST',
-      credentials: 'include',
-    });
-    if (!response.ok) {
-      throw new Error('Refresh failed');
-    }
-    const { access_token } = await response.json();
-    setToken(access_token);
-    return access_token;
-  } catch (err) {
-    clearToken();
-    throw err;
-  }
+// Client logout (same as before)
+function clientLogout(clientKey, accountUiUrl) {
+  console.log('🔄 Client Logout: Redirecting to centralized login');
+  const logoutUrl = `${accountUiUrl}/login?client=${clientKey}&logout=true`;
+  window.location.href = logoutUrl;
 }

package/index.js CHANGED Viewed

@@ -1,4 +1,5 @@
-import { setConfig, getConfig } from './config';
+// auth-client/index.js
+import { setConfig, getConfig, isRouterMode } from './config';
 import { login, logout, handleCallback, refreshToken } from './core';
 import { getToken, setToken, clearToken } from './token';
 import api from './api';
@@ -8,6 +9,7 @@ export const auth = {
   // 🔧 Config
   setConfig,
   getConfig,
+  isRouterMode, // ✅ Expose router mode check
   // 🔐 Core flows
   login,
@@ -26,23 +28,24 @@ export const auth = {
   // 🧪 Utilities
   decodeToken,
   isTokenExpired,
   // 🔄 Auto-refresh setup
   startTokenRefresh: () => {
     const interval = setInterval(async () => {
       const token = getToken();
-      if (token && isTokenExpired(token, 300)) { // Refresh 5 min before expiry
+      if (token && isTokenExpired(token, 300)) {
         try {
           await refreshToken();
+          console.log('🔄 Auto-refresh successful');
         } catch (err) {
           console.error('Auto-refresh failed:', err);
           clearInterval(interval);
         }
       }
-    }, 60000); // Check every minute
+    }, 60000);
     return interval;
   }
 };
 export { AuthProvider } from './react/AuthProvider';
-export { useAuth } from './react/useAuth';
+export { useAuth } from './react/useAuth';

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@spidy092/auth-client",
-  "version": "1.0.8",
+  "version": "1.0.10",
   "description": "Scalable frontend auth SDK for centralized login using Keycloak + Auth Service.",
   "main": "index.js",
   "module": "index.js",