npm - @spidy092/auth-client - Versions diffs - 2.0.7 → 2.0.8 - Mend

@spidy092/auth-client 2.0.7 → 2.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/config.js CHANGED Viewed

@@ -5,7 +5,6 @@ let config = {
   redirectUri: null,
   accountUiUrl: null,
   isRouter: false, // ✅ Add router flag
-  usePkce: false,
 };
 export function setConfig(customConfig = {}) {

package/core.js CHANGED Viewed

@@ -12,7 +12,7 @@ import { getConfig, isRouterMode } from './config';
 let callbackProcessed = false;
-export function login(clientKeyArg, redirectUriArg, options = {}) {
+export function login(clientKeyArg, redirectUriArg) {
   // ✅ Reset callback state when starting new login
   resetCallbackState();
@@ -25,14 +25,11 @@ export function login(clientKeyArg, redirectUriArg, options = {}) {
   const clientKey = clientKeyArg || defaultClientKey;
   const redirectUri = redirectUriArg || defaultRedirectUri;
-  const { codeChallenge, codeChallengeMethod, state } = options;
   console.log('🔄 Smart Login initiated:', {
     mode: isRouterMode() ? 'ROUTER' : 'CLIENT',
     clientKey,
-    redirectUri,
-    hasPKCE: !!codeChallenge,
-    hasState: !!state
+    redirectUri
   });
   if (!clientKey || !redirectUri) {
@@ -44,39 +41,27 @@ export function login(clientKeyArg, redirectUriArg, options = {}) {
   if (isRouterMode()) {
     // Router mode: Direct backend authentication
-    return routerLogin(clientKey, redirectUri, { codeChallenge, codeChallengeMethod, state });
+    return routerLogin(clientKey, redirectUri);
   } else {
     // Client mode: Redirect to centralized login
-    return clientLogin(clientKey, redirectUri, { codeChallenge, codeChallengeMethod, state });
+    return clientLogin(clientKey, redirectUri);
   }
 }
 // ✅ Router mode: Direct backend call
-function routerLogin(clientKey, redirectUri, options = {}) {
+function routerLogin(clientKey, redirectUri) {
   const { authBaseUrl } = getConfig();
-  const { codeChallenge, codeChallengeMethod, state } = options;
-  // Build URL with PKCE and state parameters
-  const params = new URLSearchParams({
-    redirect_uri: redirectUri
-  });
-  if (codeChallenge) {
-    params.append('code_challenge', codeChallenge);
-    params.append('code_challenge_method', codeChallengeMethod || 'S256');
+  const params = new URLSearchParams();
+  if (redirectUri) {
+    params.append('redirect_uri', redirectUri);
   }
-  if (state) {
-    params.append('state', state);
-  }
-  const backendLoginUrl = `${authBaseUrl}/login/${clientKey}?${params.toString()}`;
+  const query = params.toString();
+  const backendLoginUrl = `${authBaseUrl}/login/${clientKey}${query ? `?${query}` : ''}`;
   console.log('🏭 Router Login: Direct backend authentication', {
     clientKey,
     redirectUri,
-    hasPKCE: !!codeChallenge,
-    hasState: !!state,
     backendUrl: backendLoginUrl
   });
@@ -84,32 +69,20 @@ function routerLogin(clientKey, redirectUri, options = {}) {
 }
 // ✅ Client mode: Centralized login
-function clientLogin(clientKey, redirectUri, options = {}) {
+function clientLogin(clientKey, redirectUri) {
   const { accountUiUrl } = getConfig();
-  const { codeChallenge, codeChallengeMethod, state } = options;
-  // Build URL with PKCE and state parameters
   const params = new URLSearchParams({
-    client: clientKey,
-    redirect_uri: redirectUri
+    client: clientKey
   });
-  if (codeChallenge) {
-    params.append('code_challenge', codeChallenge);
-    params.append('code_challenge_method', codeChallengeMethod || 'S256');
-  }
-  if (state) {
-    params.append('state', state);
+  if (redirectUri) {
+    params.append('redirect_uri', redirectUri);
   }
   const centralizedLoginUrl = `${accountUiUrl}/login?${params.toString()}`;
   console.log('🔄 Client Login: Redirecting to centralized login', {
     clientKey,
     redirectUri,
-    hasPKCE: !!codeChallenge,
-    hasState: !!state,
     centralizedUrl: centralizedLoginUrl
   });
@@ -187,23 +160,12 @@ export function handleCallback() {
   const params = new URLSearchParams(window.location.search);
   const accessToken = params.get('access_token');
   const error = params.get('error');
-  const state = params.get('state');
   console.log('🔄 Callback handling:', {
     hasAccessToken: !!accessToken,
-    error,
-    hasState: !!state
+    error
   });
-  // ✅ Validate state parameter
- if (state) {
-  console.warn("⚠️ State returned but validation disabled (demo mode)");
-  // Clean up any existing stored state
-  sessionStorage.removeItem('oauth_state');
-  sessionStorage.removeItem('pkce_timestamp');
-}
   // ✅ Prevent duplicate callback processing
   if (callbackProcessed) {
     const existingToken = getToken();
@@ -218,7 +180,6 @@ export function handleCallback() {
   callbackProcessed = true;
   sessionStorage.removeItem('originalApp');
   sessionStorage.removeItem('returnUrl');
-  sessionStorage.removeItem('pkce_code_verifier'); // Clear PKCE verifier after use
   if (error) {
     const errorDescription = params.get('error_description') || error;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@spidy092/auth-client",
-  "version": "2.0.7",
+  "version": "2.0.8",
   "description": "Scalable frontend auth SDK for centralized login using Keycloak + Auth Service.",
   "main": "index.js",
   "module": "index.js",