@squiz/resource-browser 3.1.2 → 3.2.1

package/CHANGELOG.md

@@ -1,5 +1,17 @@
 # Change Log
 
+## 3.2.1
+
+### Patch Changes
+
+-   a64f8ae: Derive plugin synchronously from source to avoid stale state
+
+## 3.2.0
+
+### Minor Changes
+
+-   ce4521d: Outdated token fix
+
 ## 3.1.2
 
 ### Patch Changes

package/lib/Hooks/useAuth.js

@@ -6,20 +6,27 @@ const react_1 = require("react");
 const authUtils_1 = require("../utils/authUtils");
 const useAuth = (authConfig) => {
     const [authToken, setAuthToken] = (0, react_1.useState)((0, authUtils_1.getCookieValue)('authToken'));
-    const [isAuthenticated, setIsAuthenticated] = (0, react_1.useState)(!!(0, authUtils_1.getCookieValue)('authToken'));
+    const [isAuthenticated, setIsAuthenticated] = (0, react_1.useState)(!!authToken);
     const refreshAccessToken = (0, react_1.useCallback)(async () => {
-        const newToken = await (0, authUtils_1.refreshAccessToken)(authConfig);
-        setAuthToken(newToken);
-        setIsAuthenticated(!!newToken);
-        return newToken;
+        try {
+            const newToken = await (0, authUtils_1.refreshAccessToken)(authConfig);
+            setAuthToken(newToken);
+            setIsAuthenticated(!!newToken);
+            return newToken;
+        }
+        catch {
+            setAuthToken(null);
+            setIsAuthenticated(false);
+            throw new Error('Session expired. Please log in again.');
+        }
     }, [authConfig]);
     const handleLogin = (0, react_1.useCallback)(() => {
-        if (!authConfig?.redirectUrl && !authConfig?.authUrl && !authConfig?.scope) {
+        if (!authConfig?.redirectUrl || !authConfig?.authUrl) {
             console.error('Auth config is misconfigured');
             return;
         }
         const encodedRedirectUrl = encodeURIComponent(authConfig.redirectUrl);
-        const scope = authConfig?.scope.split(';').join(' '); // Saved in scope1;scope2;scope3 format, sent in scope1 scope2 scope3 format
+        const scope = authConfig?.scope?.split(';').join(' '); // Saved in scope1;scope2;scope3 format, sent in scope1 scope2 scope3 format
         const loginUrl = `${authConfig?.authUrl}?client_id=${authConfig?.clientId}&scope=${scope}&redirect_uri=${encodedRedirectUrl}&response_type=code&state=state`;
         const popup = window.open(loginUrl, 'Login', 'width=600,height=600');
         if (!popup) {
@@ -28,10 +35,12 @@ const useAuth = (authConfig) => {
         }
         const checkPopup = setInterval(() => {
             try {
-                if ((0, authUtils_1.getCookieValue)('authToken') && (0, authUtils_1.getCookieValue)('refreshToken')) {
+                const token = (0, authUtils_1.getCookieValue)('authToken');
+                const refreshToken = (0, authUtils_1.getCookieValue)('refreshToken');
+                if (token && refreshToken) {
                     clearInterval(checkPopup);
                     popup.close();
-                    setAuthToken((0, authUtils_1.getCookieValue)('authToken'));
+                    setAuthToken(token);
                     setIsAuthenticated(true);
                 }
             }
@@ -44,6 +53,25 @@ const useAuth = (authConfig) => {
             }
         }, 1000); // Check every second
     }, [authConfig]);
+    const syncAuthState = () => {
+        const token = (0, authUtils_1.getCookieValue)('authToken');
+        setAuthToken(token);
+        setIsAuthenticated(!!token);
+    };
+    (0, react_1.useEffect)(() => {
+        const handleTabChange = () => {
+            if (!document.hidden) {
+                syncAuthState();
+            }
+        };
+        syncAuthState();
+        document.addEventListener('visibilitychange', handleTabChange);
+        window.addEventListener('focus', syncAuthState);
+        return () => {
+            document.removeEventListener('visibilitychange', handleTabChange);
+            window.removeEventListener('focus', syncAuthState);
+        };
+    }, []);
     (0, react_1.useEffect)(() => {
         refreshAccessToken().catch(() => {
             setIsAuthenticated(false);

package/lib/index.css

@@ -4805,6 +4805,9 @@
   white-space: nowrap;
   border-width: 0;
 }
+.squiz-rb-scope .visible:not(.squiz-rb-plugin *) {
+  visibility: visible;
+}
 .squiz-rb-scope .fixed:not(.squiz-rb-plugin *) {
   position: fixed;
 }
@@ -5663,6 +5666,9 @@
   border: none;
   padding: 0;
 }
+.squiz-rb-scope .image-card:disabled:not(.squiz-rb-plugin *) {
+  cursor: not-allowed;
+}
 .squiz-rb-scope .image-card--selected:not(.squiz-rb-plugin *) {
   background-color: #e6f1fa;
 }

package/lib/index.js

@@ -55,7 +55,7 @@ const ResourceBrowser = (props) => {
     const [source, setSource] = (0, react_1.useState)(null);
     const [mode, setMode] = (0, react_1.useState)(null);
     const { data: sources, isLoading, error: sourcesError, reload: reloadSources } = (0, useSources_1.useSources)({ onRequestSources, plugins });
-    const [plugin, setPlugin] = (0, react_1.useState)(null);
+    const plugin = source?.plugin || null;
     // MainContainer will render a list of sources of one is not provided to it, callback to allow it to set the source once a user selects
     const handleSourceSelect = (0, react_1.useCallback)((source, mode) => {
         setSource(source);
@@ -82,16 +82,6 @@ const ResourceBrowser = (props) => {
         setSource(source);
         setMode(null); // Passed in resource will always use the default mode
     }, [value, isLoading, sources, setSource, setError]);
-    // When a source is selected update our plugin reference to match (legacy support)
-    // the plugin is now attached to the source directly when fetched from the context so use that instead when possible
-    (0, react_1.useEffect)(() => {
-        if (source?.plugin) {
-            setPlugin(source.plugin);
-        }
-        else {
-            setPlugin(null);
-        }
-    }, [plugins, source]);
     // The modal has some control over it own open/closed state (for WCAG reasons) so keep this in sync with our state
     const handleModalStateChange = (0, react_1.useCallback)((isOpen) => {
         setIsModalOpen(isOpen);

package/lib/utils/authUtils.js

@@ -2,8 +2,13 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.refreshAccessToken = exports.logout = exports.setCookieValue = exports.getCookieValue = void 0;
 const getCookieValue = (name) => {
-    const match = document.cookie.match('(^|;)\\s*' + name + '\\s*=\\s*([^;]+)');
-    return match ? match.pop() : null;
+    try {
+        const match = document.cookie.match('(^|;)\\s*' + name + '\\s*=\\s*([^;]+)');
+        return match ? match.pop() : null;
+    }
+    catch (error) {
+        return null;
+    }
 };
 exports.getCookieValue = getCookieValue;
 const setCookieValue = (name, value) => {

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@squiz/resource-browser",
-    "version": "3.1.2",
+    "version": "3.2.1",
     "main": "lib/index.js",
     "types": "lib/index.d.ts",
     "private": false,

package/src/Hooks/useAuth.spec.tsx

@@ -194,4 +194,104 @@ describe('useAuth', () => {
             expect(result.current.isAuthenticated).toBe(false);
         });
     });
+
+    it('should update state when the page gains focus', async () => {
+        const { result } = renderHook(() => useAuth(authConfig));
+
+        mockGetCookieValue.mockReturnValueOnce('focusedAuthToken');
+
+        act(() => {
+            window.dispatchEvent(new Event('focus'));
+        });
+
+        await waitFor(() => {
+            expect(result.current.authToken).toBe('focusedAuthToken');
+            expect(result.current.isAuthenticated).toBe(true);
+        });
+    });
+
+    it('should update state when the document becomes visible', async () => {
+        mockGetCookieValue.mockReturnValueOnce(null);
+        const { result } = renderHook(() => useAuth(authConfig));
+
+        mockGetCookieValue.mockReturnValue('visibleAuthToken');
+
+        Object.defineProperty(document, 'hidden', { configurable: true, value: false });
+
+        act(() => {
+            document.dispatchEvent(new Event('visibilitychange'));
+        });
+
+        await waitFor(() => {
+            expect(result.current.authToken).toBe('visibleAuthToken');
+            expect(result.current.isAuthenticated).toBe(true);
+        });
+    });
+
+    it('should clean up event listeners on unmount', async () => {
+        const removeEventListenerSpy = jest.spyOn(window, 'removeEventListener');
+
+        const { unmount } = renderHook(() => useAuth(authConfig));
+
+        unmount();
+
+        expect(removeEventListenerSpy).toHaveBeenCalledWith('focus', expect.any(Function));
+    });
+
+    it('should log error when authConfig is misconfigured', async () => {
+        const consoleSpy = jest.spyOn(console, 'error').mockImplementation(() => {});
+
+        const invalidConfig = { clientId: 'example-client-id', scope: 'offline' };
+
+        // @ts-ignore
+        const { result } = renderHook(() => useAuth(invalidConfig));
+
+        result.current.login();
+
+        await waitFor(() => {
+            expect(consoleSpy).toHaveBeenCalledWith('Auth config is misconfigured');
+        });
+
+        consoleSpy.mockRestore();
+    });
+
+    it('should handle missing refreshToken when logging in', async () => {
+        jest.useFakeTimers();
+
+        const popupMock = {
+            closed: false,
+            close: jest.fn(),
+        } as unknown as Window;
+
+        jest.spyOn(window, 'open').mockImplementation(() => popupMock);
+        mockGetCookieValue.mockReturnValueOnce(null).mockReturnValueOnce('newAuthToken').mockReturnValueOnce(null);
+
+        const { result } = renderHook(() => useAuth(authConfig));
+
+        result.current.login();
+
+        act(() => {
+            mockGetCookieValue.mockReturnValue('newAuthToken');
+            jest.advanceTimersByTime(1000);
+            (popupMock as any).closed = true;
+        });
+
+        await waitFor(() => {
+            expect(result.current.authToken).toBe(null);
+            expect(result.current.isAuthenticated).toBe(false);
+        });
+
+        expect(popupMock.close).toHaveBeenCalled();
+    });
+
+    it('should throw an error when getCookieValue throws unexpectedly', () => {
+        jest.spyOn(authUtils, 'getCookieValue').mockImplementation(() => {
+            throw new Error('Unexpected error');
+        });
+        const consoleSpy = jest.spyOn(console, 'error').mockImplementation(() => {});
+
+        expect(() => renderHook(() => useAuth(authConfig))).toThrow('Unexpected error');
+
+        consoleSpy.mockRestore();
+    });
 });

package/src/Hooks/useAuth.ts

@@ -5,22 +5,28 @@ import { getCookieValue, refreshAccessToken as refreshTokenUtil } from '../utils
 
 export const useAuth = (authConfig: AuthenticationConfiguration | undefined) => {
     const [authToken, setAuthToken] = useState<string | null>(getCookieValue('authToken'));
-    const [isAuthenticated, setIsAuthenticated] = useState<boolean>(!!getCookieValue('authToken'));
+    const [isAuthenticated, setIsAuthenticated] = useState<boolean>(!!authToken);
 
     const refreshAccessToken = useCallback(async (): Promise<string> => {
-        const newToken = await refreshTokenUtil(authConfig);
-        setAuthToken(newToken);
-        setIsAuthenticated(!!newToken);
-        return newToken;
+        try {
+            const newToken = await refreshTokenUtil(authConfig);
+            setAuthToken(newToken);
+            setIsAuthenticated(!!newToken);
+            return newToken;
+        } catch {
+            setAuthToken(null);
+            setIsAuthenticated(false);
+            throw new Error('Session expired. Please log in again.');
+        }
     }, [authConfig]);
 
     const handleLogin = useCallback((): void => {
-        if (!authConfig?.redirectUrl && !authConfig?.authUrl && !authConfig?.scope) {
+        if (!authConfig?.redirectUrl || !authConfig?.authUrl) {
             console.error('Auth config is misconfigured');
             return;
         }
         const encodedRedirectUrl = encodeURIComponent(authConfig.redirectUrl);
-        const scope = authConfig?.scope.split(';').join(' '); // Saved in scope1;scope2;scope3 format, sent in scope1 scope2 scope3 format
+        const scope = authConfig?.scope?.split(';').join(' '); // Saved in scope1;scope2;scope3 format, sent in scope1 scope2 scope3 format
         const loginUrl = `${authConfig?.authUrl}?client_id=${authConfig?.clientId}&scope=${scope}&redirect_uri=${encodedRedirectUrl}&response_type=code&state=state`;
         const popup = window.open(loginUrl, 'Login', 'width=600,height=600');
 
@@ -31,10 +37,12 @@ export const useAuth = (authConfig: AuthenticationConfiguration | undefined) =>
 
         const checkPopup = setInterval(() => {
             try {
-                if (getCookieValue('authToken') && getCookieValue('refreshToken')) {
+                const token = getCookieValue('authToken');
+                const refreshToken = getCookieValue('refreshToken');
+                if (token && refreshToken) {
                     clearInterval(checkPopup);
                     popup.close();
-                    setAuthToken(getCookieValue('authToken'));
+                    setAuthToken(token);
                     setIsAuthenticated(true);
                 }
             } catch (error) {
@@ -48,6 +56,29 @@ export const useAuth = (authConfig: AuthenticationConfiguration | undefined) =>
         }, 1000); // Check every second
     }, [authConfig]);
 
+    const syncAuthState = () => {
+        const token = getCookieValue('authToken');
+        setAuthToken(token);
+        setIsAuthenticated(!!token);
+    };
+
+    useEffect(() => {
+        const handleTabChange = () => {
+            if (!document.hidden) {
+                syncAuthState();
+            }
+        };
+        syncAuthState();
+
+        document.addEventListener('visibilitychange', handleTabChange);
+        window.addEventListener('focus', syncAuthState);
+
+        return () => {
+            document.removeEventListener('visibilitychange', handleTabChange);
+            window.removeEventListener('focus', syncAuthState);
+        };
+    }, []);
+
     useEffect(() => {
         refreshAccessToken().catch(() => {
             setIsAuthenticated(false);

package/src/index.spec.tsx

@@ -666,5 +666,53 @@ describe('Resource browser input', () => {
                 );
             });
         });
+
+        it('switching source updates plugin and does not use the old plugin', async () => {
+            const damSource = mockSource({ type: 'dam', id: '1' });
+            const matrixSource = mockSource({ type: 'matrix', id: '2' });
+
+            const pluginA = { ...mockDamPlugin, type: 'dam' };
+            const pluginB = { ...mockDamPlugin, type: 'matrix' };
+
+            mockRequestSources.mockResolvedValueOnce([damSource, matrixSource]);
+
+            renderComponent();
+
+            const { setSource } = (RBI.ResourceBrowserInput as jest.Mock).mock.calls[0][0];
+
+            act(() => {
+                setSource({ ...damSource, plugin: pluginA });
+            });
+
+            await waitFor(() => {
+                expect(RBI.ResourceBrowserInput).toHaveBeenCalledWith(
+                    expect.objectContaining({
+                        plugin: pluginA,
+                    }),
+                    expect.any(Object),
+                );
+            });
+
+            (Plugin.PluginRender as jest.Mock).mockClear();
+
+            act(() => {
+                setSource({ ...matrixSource, plugin: pluginB });
+            });
+
+            await waitFor(() => {
+                expect(Plugin.PluginRender).toHaveBeenCalledWith(
+                    expect.objectContaining({
+                        plugin: pluginB,
+                    }),
+                    expect.any(Object),
+                );
+                expect(Plugin.PluginRender).not.toHaveBeenCalledWith(
+                    expect.objectContaining({
+                        plugin: pluginA,
+                    }),
+                    expect.any(Object),
+                );
+            });
+        });
     });
 });

package/src/index.tsx

@@ -6,7 +6,6 @@ import {
     PluginLaunchMode,
     ResourceBrowserUnresolvedResource,
     ResourceBrowserResource,
-    ResourceBrowserPlugin,
     ResourceBrowserSourceWithPlugin,
 } from './types';
 import { useSources } from './Hooks/useSources';
@@ -49,7 +48,7 @@ export const ResourceBrowser = (props: ResourceBrowserProps) => {
     const [source, setSource] = useState<ResourceBrowserSourceWithPlugin | null>(null);
     const [mode, setMode] = useState<PluginLaunchMode | null>(null);
     const { data: sources, isLoading, error: sourcesError, reload: reloadSources } = useSources({ onRequestSources, plugins });
-    const [plugin, setPlugin] = useState<ResourceBrowserPlugin | null>(null);
+    const plugin = source?.plugin || null;
 
     // MainContainer will render a list of sources of one is not provided to it, callback to allow it to set the source once a user selects
     const handleSourceSelect = useCallback(
@@ -83,16 +82,6 @@ export const ResourceBrowser = (props: ResourceBrowserProps) => {
         setMode(null); // Passed in resource will always use the default mode
     }, [value, isLoading, sources, setSource, setError]);
 
-    // When a source is selected update our plugin reference to match (legacy support)
-    // the plugin is now attached to the source directly when fetched from the context so use that instead when possible
-    useEffect(() => {
-        if (source?.plugin) {
-            setPlugin(source.plugin);
-        } else {
-            setPlugin(null);
-        }
-    }, [plugins, source]);
-
     // The modal has some control over it own open/closed state (for WCAG reasons) so keep this in sync with our state
     const handleModalStateChange = useCallback(
         (isOpen: boolean) => {

package/src/utils/authUtils.spec.ts

@@ -23,6 +23,23 @@ describe('auth-utils', () => {
         it('should return null if the cookie does not exist', () => {
             expect(getCookieValue('nonExistentCookie')).toBeNull();
         });
+
+        it('should return null if an error occurs when reading cookies', () => {
+            const originalCookieDescriptor = Object.getOwnPropertyDescriptor(Document.prototype, 'cookie');
+
+            Object.defineProperty(document, 'cookie', {
+                get: () => {
+                    throw new Error('Cookie read error');
+                },
+                configurable: true,
+            });
+
+            expect(getCookieValue('anyCookie')).toBeNull();
+
+            if (originalCookieDescriptor) {
+                Object.defineProperty(document, 'cookie', originalCookieDescriptor);
+            }
+        });
     });
 
     describe('setCookieValue', () => {

package/src/utils/authUtils.ts

@@ -1,8 +1,12 @@
 import { AuthenticationConfiguration } from '../types';
 
 export const getCookieValue = (name: string): string | null => {
-    const match = document.cookie.match('(^|;)\\s*' + name + '\\s*=\\s*([^;]+)');
-    return match ? match.pop()! : null;
+    try {
+        const match = document.cookie.match('(^|;)\\s*' + name + '\\s*=\\s*([^;]+)');
+        return match ? match.pop()! : null;
+    } catch (error) {
+        return null;
+    }
 };
 
 export const setCookieValue = (name: string, value: string): void => {