@superbuilders/primer-tives 4.0.3 → 4.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +191 -102
- package/dist/client/auth/browser.d.ts +4 -14
- package/dist/client/auth/browser.d.ts.map +1 -1
- package/dist/client/auth/hosted-popup.d.ts +0 -2
- package/dist/client/auth/hosted-popup.d.ts.map +1 -1
- package/dist/client/auth/provider.d.ts +13 -8
- package/dist/client/auth/provider.d.ts.map +1 -1
- package/dist/client/auth-state.d.ts +14 -0
- package/dist/client/auth-state.d.ts.map +1 -0
- package/dist/client/index.d.ts +2 -2
- package/dist/client/index.d.ts.map +1 -1
- package/dist/client/index.js +103 -172
- package/dist/client/index.js.map +10 -11
- package/dist/client/session.d.ts.map +1 -1
- package/dist/client/start.d.ts +10 -4
- package/dist/client/start.d.ts.map +1 -1
- package/dist/client/types.d.ts +29 -8
- package/dist/client/types.d.ts.map +1 -1
- package/dist/contracts/validation.d.ts +1 -1
- package/dist/version.d.ts +1 -1
- package/package.json +1 -1
- package/dist/client/auth/callback.d.ts +0 -10
- package/dist/client/auth/callback.d.ts.map +0 -1
- package/dist/client/auth/storage.d.ts +0 -10
- package/dist/client/auth/storage.d.ts.map +0 -1
- package/dist/client/unauthenticated-state.d.ts +0 -10
- package/dist/client/unauthenticated-state.d.ts.map +0 -1
|
@@ -1,11 +1,9 @@
|
|
|
1
1
|
import type { PrimerLogger } from "../../logger";
|
|
2
|
-
import { type HostedAuthOptions } from "./browser";
|
|
3
2
|
type HostedPopupConfig = {
|
|
4
3
|
readonly origin: string;
|
|
5
4
|
readonly publishableKey: string;
|
|
6
5
|
readonly currentUrl: URL;
|
|
7
6
|
readonly clientState: string;
|
|
8
|
-
readonly options?: HostedAuthOptions;
|
|
9
7
|
readonly logger: PrimerLogger;
|
|
10
8
|
};
|
|
11
9
|
declare function beginHostedPopup(config: HostedPopupConfig): Promise<string>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hosted-popup.d.ts","sourceRoot":"","sources":["../../../src/client/auth/hosted-popup.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"hosted-popup.d.ts","sourceRoot":"","sources":["../../../src/client/auth/hosted-popup.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oCAAoC,CAAA;AAOtE,KAAK,iBAAiB,GAAG;IACxB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAA;IAC/B,QAAQ,CAAC,UAAU,EAAE,GAAG,CAAA;IACxB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAA;IAC5B,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAA;CAC7B,CAAA;AAgJD,iBAAe,gBAAgB,CAAC,MAAM,EAAE,iBAAiB,GAAG,OAAO,CAAC,MAAM,CAAC,CAU1E;AAED,OAAO,EAAE,gBAAgB,EAAE,CAAA;AAC3B,YAAY,EAAE,iBAAiB,EAAE,CAAA"}
|
|
@@ -1,28 +1,33 @@
|
|
|
1
1
|
import type { PrimerLogger } from "../../logger";
|
|
2
|
-
import { type HostedAuthOptions } from "./browser";
|
|
3
2
|
import { type ResolvedAccessToken } from "./access-token";
|
|
4
3
|
type AccessTokenResolverOptions = {
|
|
5
4
|
readonly origin: string;
|
|
6
5
|
readonly publishableKey: string;
|
|
7
6
|
readonly accessToken?: string;
|
|
8
|
-
readonly hostedAuth?: HostedAuthOptions;
|
|
9
7
|
readonly logger: PrimerLogger;
|
|
10
8
|
};
|
|
11
9
|
type ResolvedAccessTokenResult = {
|
|
12
10
|
readonly kind: "resolved";
|
|
13
11
|
readonly accessToken: ResolvedAccessToken;
|
|
14
|
-
readonly invalidate?: () => void;
|
|
15
12
|
};
|
|
16
|
-
type
|
|
17
|
-
readonly kind: "
|
|
18
|
-
readonly error: Error | null;
|
|
13
|
+
type MissingAccessTokenResult = {
|
|
14
|
+
readonly kind: "missing";
|
|
19
15
|
};
|
|
20
16
|
type FatalAccessTokenResult = {
|
|
21
17
|
readonly kind: "fatal";
|
|
22
18
|
readonly error: Error;
|
|
23
19
|
};
|
|
24
|
-
type ExistingAccessTokenResult = ResolvedAccessTokenResult |
|
|
25
|
-
type HostedLoginResult = ResolvedAccessTokenResult |
|
|
20
|
+
type ExistingAccessTokenResult = ResolvedAccessTokenResult | MissingAccessTokenResult | FatalAccessTokenResult;
|
|
21
|
+
type HostedLoginResult = ResolvedAccessTokenResult | {
|
|
22
|
+
readonly kind: "sign-in-failed";
|
|
23
|
+
readonly error: Error;
|
|
24
|
+
} | {
|
|
25
|
+
readonly kind: "auth-unavailable";
|
|
26
|
+
readonly error: Error;
|
|
27
|
+
} | {
|
|
28
|
+
readonly kind: "auth-config-invalid";
|
|
29
|
+
readonly error: Error;
|
|
30
|
+
};
|
|
26
31
|
declare function resolveExistingAccessToken(options: AccessTokenResolverOptions): ExistingAccessTokenResult;
|
|
27
32
|
declare function beginHostedLogin(options: AccessTokenResolverOptions): Promise<HostedLoginResult>;
|
|
28
33
|
export { beginHostedLogin, resolveExistingAccessToken };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../../../src/client/auth/provider.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oCAAoC,CAAA;
|
|
1
|
+
{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../../../src/client/auth/provider.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oCAAoC,CAAA;AAGtE,OAAO,EAEN,KAAK,mBAAmB,EACxB,MAAM,sDAAsD,CAAA;AAG7D,KAAK,0BAA0B,GAAG;IACjC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAA;IAC/B,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAA;IAC7B,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAA;CAC7B,CAAA;AAED,KAAK,yBAAyB,GAAG;IAChC,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAA;IACzB,QAAQ,CAAC,WAAW,EAAE,mBAAmB,CAAA;CACzC,CAAA;AAED,KAAK,wBAAwB,GAAG;IAC/B,QAAQ,CAAC,IAAI,EAAE,SAAS,CAAA;CACxB,CAAA;AAED,KAAK,sBAAsB,GAAG;IAC7B,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAA;IACtB,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAA;CACrB,CAAA;AAED,KAAK,yBAAyB,GAC3B,yBAAyB,GACzB,wBAAwB,GACxB,sBAAsB,CAAA;AAEzB,KAAK,iBAAiB,GACnB,yBAAyB,GACzB;IAAE,QAAQ,CAAC,IAAI,EAAE,gBAAgB,CAAC;IAAC,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAA;CAAE,GAC1D;IAAE,QAAQ,CAAC,IAAI,EAAE,kBAAkB,CAAC;IAAC,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAA;CAAE,GAC5D;IAAE,QAAQ,CAAC,IAAI,EAAE,qBAAqB,CAAC;IAAC,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAA;CAAE,CAAA;AAyBlE,iBAAS,0BAA0B,CAClC,OAAO,EAAE,0BAA0B,GACjC,yBAAyB,CAK3B;AAYD,iBAAe,gBAAgB,CAAC,OAAO,EAAE,0BAA0B,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAwB/F;AAED,OAAO,EAAE,gBAAgB,EAAE,0BAA0B,EAAE,CAAA;AACvD,YAAY,EAAE,0BAA0B,EAAE,yBAAyB,EAAE,iBAAiB,EAAE,CAAA"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import type { PciId } from "../contracts/pci";
|
|
2
|
+
import type { AuthUnavailableState, AuthConfigInvalidState, ManagedStartState, SignInFailedState, SignInRequiredState } from "./types";
|
|
3
|
+
type SignInStateConfig<Pcis extends PciId = PciId> = {
|
|
4
|
+
login(): Promise<ManagedStartState<Pcis>>;
|
|
5
|
+
};
|
|
6
|
+
declare function signInRequiredState<Pcis extends PciId>(config: SignInStateConfig<Pcis>): SignInRequiredState<Pcis>;
|
|
7
|
+
declare function signInFailedState<Pcis extends PciId>(config: SignInStateConfig<Pcis> & {
|
|
8
|
+
readonly error: Error;
|
|
9
|
+
}): SignInFailedState<Pcis>;
|
|
10
|
+
declare function authUnavailableState(error: Error): AuthUnavailableState;
|
|
11
|
+
declare function authConfigInvalidState(error: Error): AuthConfigInvalidState;
|
|
12
|
+
export { authConfigInvalidState, authUnavailableState, signInFailedState, signInRequiredState };
|
|
13
|
+
export type { SignInStateConfig };
|
|
14
|
+
//# sourceMappingURL=auth-state.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth-state.d.ts","sourceRoot":"","sources":["../../src/client/auth-state.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,2CAA2C,CAAA;AACtE,OAAO,KAAK,EACX,oBAAoB,EACpB,sBAAsB,EACtB,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,EACnB,MAAM,0CAA0C,CAAA;AAEjD,KAAK,iBAAiB,CAAC,IAAI,SAAS,KAAK,GAAG,KAAK,IAAI;IACpD,KAAK,IAAI,OAAO,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAA;CACzC,CAAA;AAkBD,iBAAS,mBAAmB,CAAC,IAAI,SAAS,KAAK,EAC9C,MAAM,EAAE,iBAAiB,CAAC,IAAI,CAAC,GAC7B,mBAAmB,CAAC,IAAI,CAAC,CAM3B;AAED,iBAAS,iBAAiB,CAAC,IAAI,SAAS,KAAK,EAC5C,MAAM,EAAE,iBAAiB,CAAC,IAAI,CAAC,GAAG;IAAE,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAA;CAAE,GACzD,iBAAiB,CAAC,IAAI,CAAC,CAOzB;AAED,iBAAS,oBAAoB,CAAC,KAAK,EAAE,KAAK,GAAG,oBAAoB,CAMhE;AAED,iBAAS,sBAAsB,CAAC,KAAK,EAAE,KAAK,GAAG,sBAAsB,CAMpE;AAED,OAAO,EAAE,sBAAsB,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,CAAA;AAC/F,YAAY,EAAE,iBAAiB,EAAE,CAAA"}
|
package/dist/client/index.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
1
|
export { start } from "./start";
|
|
2
|
-
export type { PrimerOptions } from "./start";
|
|
3
|
-
export type { ChoiceState, CompletedState, ErroredState, ExtendedTextMultipleState, ExtendedTextSingleState, ExtendedTextState, FatalState, FeedbackState, InteractionState, MatchState, NonSerializable, ObservationState, OrderState, PciInteractionState, PciPendingRenderProps, PciRenderProps, PciSubmittedRenderProps, PrimerState, TextEntryState,
|
|
2
|
+
export type { PrimerOptions, PrimerOptionsWithAccessToken, PrimerOptionsWithManagedAuth } from "./start";
|
|
3
|
+
export type { ChoiceState, CompletedState, ErroredState, ExtendedTextMultipleState, ExtendedTextSingleState, ExtendedTextState, FatalState, FeedbackState, InteractionState, MatchState, ManagedStartState, NonSerializable, NonRetriableErroredState, ObservationState, OrderState, PciInteractionState, PciPendingRenderProps, PciRenderProps, PciSubmittedRenderProps, PrimerState, RetriableErroredState, RuntimeState, SignInFailedState, SignInRequiredState, TextEntryState, AccessTokenStartState, AuthConfigInvalidState, AuthUnavailableState } from "./types";
|
|
4
4
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,0CAA0C,CAAA;AAChE,YAAY,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,0CAA0C,CAAA;AAChE,YAAY,EACX,aAAa,EACb,4BAA4B,EAC5B,4BAA4B,EAC5B,MAAM,0CAA0C,CAAA;AAEjD,YAAY,EACX,WAAW,EACX,cAAc,EACd,YAAY,EACZ,yBAAyB,EACzB,uBAAuB,EACvB,iBAAiB,EACjB,UAAU,EACV,aAAa,EACb,gBAAgB,EAChB,UAAU,EACV,iBAAiB,EACjB,eAAe,EACf,wBAAwB,EACxB,gBAAgB,EAChB,UAAU,EACV,mBAAmB,EACnB,qBAAqB,EACrB,cAAc,EACd,uBAAuB,EACvB,WAAW,EACX,qBAAqB,EACrB,YAAY,EACZ,iBAAiB,EACjB,mBAAmB,EACnB,cAAc,EACd,qBAAqB,EACrB,sBAAsB,EACtB,oBAAoB,EACpB,MAAM,0CAA0C,CAAA"}
|
package/dist/client/index.js
CHANGED
|
@@ -6783,7 +6783,7 @@ function submissionValidationMessage(result) {
|
|
|
6783
6783
|
import * as errors3 from "@superbuilders/errors";
|
|
6784
6784
|
|
|
6785
6785
|
// src/version.ts
|
|
6786
|
-
var SDK_VERSION = "4.0.
|
|
6786
|
+
var SDK_VERSION = "4.0.4";
|
|
6787
6787
|
var NPM_PACKAGE_URL = "https://www.npmjs.com/package/@superbuilders/primer-tives";
|
|
6788
6788
|
|
|
6789
6789
|
// src/client/transport.ts
|
|
@@ -7471,15 +7471,19 @@ function makeSession(sc) {
|
|
|
7471
7471
|
function errored(error, failedPhase, intent) {
|
|
7472
7472
|
let pending;
|
|
7473
7473
|
const retriable = isRetriableError(error);
|
|
7474
|
+
if (!retriable) {
|
|
7475
|
+
return {
|
|
7476
|
+
phase: "errored",
|
|
7477
|
+
error,
|
|
7478
|
+
retriable: false,
|
|
7479
|
+
toJSON: poisonToJSON
|
|
7480
|
+
};
|
|
7481
|
+
}
|
|
7474
7482
|
const state = {
|
|
7475
7483
|
phase: "errored",
|
|
7476
7484
|
error,
|
|
7477
|
-
retriable,
|
|
7485
|
+
retriable: true,
|
|
7478
7486
|
retry: function retry() {
|
|
7479
|
-
if (!retriable) {
|
|
7480
|
-
logger.debug({ failedPhase }, "retry ignored for non-retriable error");
|
|
7481
|
-
return Promise.resolve(state);
|
|
7482
|
-
}
|
|
7483
7487
|
if (pending) {
|
|
7484
7488
|
return pending;
|
|
7485
7489
|
}
|
|
@@ -7585,38 +7589,16 @@ function makeSession(sc) {
|
|
|
7585
7589
|
import * as errors12 from "@superbuilders/errors";
|
|
7586
7590
|
|
|
7587
7591
|
// src/client/auth/browser.ts
|
|
7588
|
-
|
|
7589
|
-
|
|
7590
|
-
|
|
7591
|
-
}
|
|
7592
|
-
if (typeof globalThis.sessionStorage === "undefined") {
|
|
7593
|
-
logger.error("auth storage unavailable");
|
|
7594
|
-
throw ErrAuthUnavailable;
|
|
7595
|
-
}
|
|
7596
|
-
return globalThis.sessionStorage;
|
|
7597
|
-
}
|
|
7598
|
-
function currentUrl(options, logger) {
|
|
7599
|
-
if (options !== undefined && options.currentUrl !== undefined) {
|
|
7600
|
-
if (!URL.canParse(options.currentUrl)) {
|
|
7601
|
-
logger.error({ currentUrl: options.currentUrl }, "auth current url invalid");
|
|
7602
|
-
throw ErrAuthConfigInvalid;
|
|
7603
|
-
}
|
|
7604
|
-
return new URL(options.currentUrl);
|
|
7605
|
-
}
|
|
7592
|
+
var POPUP_TARGET = "primer-auth";
|
|
7593
|
+
var POPUP_FEATURES = "popup,width=480,height=720";
|
|
7594
|
+
function currentUrl(logger) {
|
|
7606
7595
|
if (typeof globalThis.location === "undefined") {
|
|
7607
7596
|
logger.error("auth location unavailable");
|
|
7608
7597
|
throw ErrAuthUnavailable;
|
|
7609
7598
|
}
|
|
7610
7599
|
return new URL(globalThis.location.href);
|
|
7611
7600
|
}
|
|
7612
|
-
function redirectUri(
|
|
7613
|
-
if (options !== undefined && options.redirectUri !== undefined) {
|
|
7614
|
-
if (!URL.canParse(options.redirectUri)) {
|
|
7615
|
-
logger.error({ redirectUri: options.redirectUri }, "auth redirect uri invalid");
|
|
7616
|
-
throw ErrAuthConfigInvalid;
|
|
7617
|
-
}
|
|
7618
|
-
return options.redirectUri;
|
|
7619
|
-
}
|
|
7601
|
+
function redirectUri(url) {
|
|
7620
7602
|
return `${url.origin}${url.pathname}${url.search}`;
|
|
7621
7603
|
}
|
|
7622
7604
|
function randomClientState(logger) {
|
|
@@ -7632,20 +7614,12 @@ function randomClientState(logger) {
|
|
|
7632
7614
|
}
|
|
7633
7615
|
return result;
|
|
7634
7616
|
}
|
|
7635
|
-
function openAuthPopup(url,
|
|
7617
|
+
function openAuthPopup(url, logger) {
|
|
7636
7618
|
if (typeof globalThis.open === "undefined") {
|
|
7637
7619
|
logger.error("auth popup api unavailable");
|
|
7638
7620
|
throw ErrAuthUnavailable;
|
|
7639
7621
|
}
|
|
7640
|
-
|
|
7641
|
-
if (options !== undefined && options.popupTarget !== undefined) {
|
|
7642
|
-
target = options.popupTarget;
|
|
7643
|
-
}
|
|
7644
|
-
let features = "popup,width=480,height=720";
|
|
7645
|
-
if (options !== undefined && options.popupFeatures !== undefined) {
|
|
7646
|
-
features = options.popupFeatures;
|
|
7647
|
-
}
|
|
7648
|
-
const popup = globalThis.open(url, target, features);
|
|
7622
|
+
const popup = globalThis.open(url, POPUP_TARGET, POPUP_FEATURES);
|
|
7649
7623
|
if (popup === null) {
|
|
7650
7624
|
logger.error("auth popup blocked");
|
|
7651
7625
|
throw ErrAuthPopupBlocked;
|
|
@@ -7657,26 +7631,18 @@ function openAuthPopup(url, options, logger) {
|
|
|
7657
7631
|
var DEFAULT_POPUP_TIMEOUT_MS = 10 * 60 * 1000;
|
|
7658
7632
|
var POPUP_POLL_MS = 250;
|
|
7659
7633
|
var AUTH_MESSAGE_TYPE = "primer-tives.auth.result.v1";
|
|
7660
|
-
var AUTH_RESPONSE_MODE = "web_message";
|
|
7661
7634
|
function hostedAuthUrl(config) {
|
|
7662
7635
|
const logger = config.logger;
|
|
7663
7636
|
if (!URL.canParse(config.origin)) {
|
|
7664
7637
|
logger.error({ origin: config.origin }, "hosted auth origin invalid");
|
|
7665
|
-
throw
|
|
7638
|
+
throw ErrAuthConfigInvalid;
|
|
7666
7639
|
}
|
|
7667
|
-
const authUrl = new URL("/auth/timeback", config.origin);
|
|
7640
|
+
const authUrl = new URL("/api/auth/timeback/start", config.origin);
|
|
7668
7641
|
authUrl.searchParams.set("publishableKey", config.publishableKey);
|
|
7669
|
-
authUrl.searchParams.set("redirectUri", redirectUri(config.
|
|
7642
|
+
authUrl.searchParams.set("redirectUri", redirectUri(config.currentUrl));
|
|
7670
7643
|
authUrl.searchParams.set("state", config.clientState);
|
|
7671
|
-
authUrl.searchParams.set("responseMode", AUTH_RESPONSE_MODE);
|
|
7672
7644
|
return authUrl.toString();
|
|
7673
7645
|
}
|
|
7674
|
-
function popupTimeoutMs(options) {
|
|
7675
|
-
if (options !== undefined && options.popupTimeoutMs !== undefined) {
|
|
7676
|
-
return options.popupTimeoutMs;
|
|
7677
|
-
}
|
|
7678
|
-
return DEFAULT_POPUP_TIMEOUT_MS;
|
|
7679
|
-
}
|
|
7680
7646
|
function isRecord(value) {
|
|
7681
7647
|
return typeof value === "object" && value !== null;
|
|
7682
7648
|
}
|
|
@@ -7750,7 +7716,7 @@ async function waitForPopupMessage(popup, config, expectedOrigin) {
|
|
|
7750
7716
|
const timeoutId = globalThis.setTimeout(function timeout() {
|
|
7751
7717
|
logger.error("hosted auth popup timed out");
|
|
7752
7718
|
finishWithError(ErrAuthCancelled);
|
|
7753
|
-
},
|
|
7719
|
+
}, DEFAULT_POPUP_TIMEOUT_MS);
|
|
7754
7720
|
stack.defer(function clearPopupTimeout() {
|
|
7755
7721
|
globalThis.clearTimeout(timeoutId);
|
|
7756
7722
|
});
|
|
@@ -7794,10 +7760,10 @@ async function beginHostedPopup(config) {
|
|
|
7794
7760
|
const url = hostedAuthUrl(config);
|
|
7795
7761
|
if (!URL.canParse(config.origin)) {
|
|
7796
7762
|
logger.error({ origin: config.origin }, "hosted auth origin invalid");
|
|
7797
|
-
throw
|
|
7763
|
+
throw ErrAuthConfigInvalid;
|
|
7798
7764
|
}
|
|
7799
7765
|
const expectedOrigin = new URL(config.origin).origin;
|
|
7800
|
-
const popup = openAuthPopup(url,
|
|
7766
|
+
const popup = openAuthPopup(url, logger);
|
|
7801
7767
|
return waitForPopupMessage(popup, config, expectedOrigin);
|
|
7802
7768
|
}
|
|
7803
7769
|
|
|
@@ -7875,35 +7841,6 @@ function resolveAccessToken(token, logger) {
|
|
|
7875
7841
|
return { value: token, [resolvedAccessTokenBrand]: true };
|
|
7876
7842
|
}
|
|
7877
7843
|
|
|
7878
|
-
// src/client/auth/storage.ts
|
|
7879
|
-
var ACCESS_TOKEN_KEY_PREFIX = "primer:access-token";
|
|
7880
|
-
var AUTH_STATE_KEY_PREFIX = "primer:auth-state";
|
|
7881
|
-
function accessTokenStorageKey(publishableKey) {
|
|
7882
|
-
return `${ACCESS_TOKEN_KEY_PREFIX}:${publishableKey}`;
|
|
7883
|
-
}
|
|
7884
|
-
function authStateStorageKey(publishableKey) {
|
|
7885
|
-
return `${AUTH_STATE_KEY_PREFIX}:${publishableKey}`;
|
|
7886
|
-
}
|
|
7887
|
-
function loadStoredAccessToken(storage, publishableKey) {
|
|
7888
|
-
const token = storage.getItem(accessTokenStorageKey(publishableKey));
|
|
7889
|
-
if (token === null || token.length === 0) {
|
|
7890
|
-
return null;
|
|
7891
|
-
}
|
|
7892
|
-
return token;
|
|
7893
|
-
}
|
|
7894
|
-
function storeAccessToken(storage, publishableKey, accessToken) {
|
|
7895
|
-
storage.setItem(accessTokenStorageKey(publishableKey), accessToken);
|
|
7896
|
-
}
|
|
7897
|
-
function clearStoredAccessToken(storage, publishableKey) {
|
|
7898
|
-
storage.removeItem(accessTokenStorageKey(publishableKey));
|
|
7899
|
-
}
|
|
7900
|
-
function storeAuthState(storage, publishableKey, state) {
|
|
7901
|
-
storage.setItem(authStateStorageKey(publishableKey), state);
|
|
7902
|
-
}
|
|
7903
|
-
function clearAuthState(storage, publishableKey) {
|
|
7904
|
-
storage.removeItem(authStateStorageKey(publishableKey));
|
|
7905
|
-
}
|
|
7906
|
-
|
|
7907
7844
|
// src/client/auth/provider.ts
|
|
7908
7845
|
function resolveProvidedAccessToken(token, logger) {
|
|
7909
7846
|
const result = errors12.trySync(function resolveProvidedToken() {
|
|
@@ -7914,103 +7851,59 @@ function resolveProvidedAccessToken(token, logger) {
|
|
|
7914
7851
|
}
|
|
7915
7852
|
return { kind: "resolved", accessToken: result.data };
|
|
7916
7853
|
}
|
|
7917
|
-
function
|
|
7918
|
-
const result = errors12.trySync(function
|
|
7854
|
+
function resolveHostedAccessToken(token, logger) {
|
|
7855
|
+
const result = errors12.trySync(function resolveHostedToken() {
|
|
7919
7856
|
return resolveAccessToken(token, logger);
|
|
7920
7857
|
});
|
|
7921
7858
|
if (result.error) {
|
|
7922
|
-
return { kind: "
|
|
7923
|
-
}
|
|
7924
|
-
return { kind: "resolved", accessToken: result.data, invalidate };
|
|
7925
|
-
}
|
|
7926
|
-
function createStoredTokenInvalidator(storage, publishableKey) {
|
|
7927
|
-
return function invalidateStoredAccessToken() {
|
|
7928
|
-
clearStoredAccessToken(storage, publishableKey);
|
|
7929
|
-
};
|
|
7930
|
-
}
|
|
7931
|
-
function readBrowserAuthContext(options) {
|
|
7932
|
-
const logger = options.logger;
|
|
7933
|
-
const contextResult = errors12.trySync(function readContext() {
|
|
7934
|
-
const storage = browserStorage(options.hostedAuth, logger);
|
|
7935
|
-
const url = currentUrl(options.hostedAuth, logger);
|
|
7936
|
-
return { storage, url };
|
|
7937
|
-
});
|
|
7938
|
-
if (contextResult.error) {
|
|
7939
|
-
return { kind: "unauthenticated", error: contextResult.error };
|
|
7859
|
+
return { kind: "sign-in-failed", error: result.error };
|
|
7940
7860
|
}
|
|
7941
|
-
return
|
|
7942
|
-
}
|
|
7943
|
-
function resolveStoredAccessToken(context, options) {
|
|
7944
|
-
const stored = loadStoredAccessToken(context.storage, options.publishableKey);
|
|
7945
|
-
if (stored === null) {
|
|
7946
|
-
return null;
|
|
7947
|
-
}
|
|
7948
|
-
const invalidate = createStoredTokenInvalidator(context.storage, options.publishableKey);
|
|
7949
|
-
const resolved = resolveManagedAccessToken(stored, options.logger, invalidate);
|
|
7950
|
-
if (resolved.kind === "unauthenticated") {
|
|
7951
|
-
invalidate();
|
|
7952
|
-
}
|
|
7953
|
-
return resolved;
|
|
7861
|
+
return { kind: "resolved", accessToken: result.data };
|
|
7954
7862
|
}
|
|
7955
7863
|
function resolveExistingAccessToken(options) {
|
|
7956
7864
|
if (options.accessToken !== undefined) {
|
|
7957
7865
|
return resolveProvidedAccessToken(options.accessToken, options.logger);
|
|
7958
7866
|
}
|
|
7959
|
-
|
|
7960
|
-
|
|
7961
|
-
|
|
7867
|
+
return { kind: "missing" };
|
|
7868
|
+
}
|
|
7869
|
+
function authFailureResult(error) {
|
|
7870
|
+
if (errors12.is(error, ErrAuthConfigInvalid)) {
|
|
7871
|
+
return { kind: "auth-config-invalid", error };
|
|
7962
7872
|
}
|
|
7963
|
-
|
|
7964
|
-
|
|
7965
|
-
return stored;
|
|
7873
|
+
if (errors12.is(error, ErrAuthUnavailable)) {
|
|
7874
|
+
return { kind: "auth-unavailable", error };
|
|
7966
7875
|
}
|
|
7967
|
-
return { kind: "
|
|
7876
|
+
return { kind: "sign-in-failed", error };
|
|
7968
7877
|
}
|
|
7969
7878
|
async function beginHostedLogin(options) {
|
|
7970
7879
|
const logger = options.logger;
|
|
7971
|
-
const
|
|
7972
|
-
|
|
7973
|
-
|
|
7974
|
-
|
|
7975
|
-
const storage = context.storage;
|
|
7976
|
-
const url = context.url;
|
|
7977
|
-
const clientStateResult = errors12.trySync(function prepareHostedLogin() {
|
|
7978
|
-
const clientState2 = randomClientState(logger);
|
|
7979
|
-
storeAuthState(storage, options.publishableKey, clientState2);
|
|
7980
|
-
return clientState2;
|
|
7880
|
+
const contextResult = errors12.trySync(function readContext() {
|
|
7881
|
+
const url = currentUrl(logger);
|
|
7882
|
+
const clientState = randomClientState(logger);
|
|
7883
|
+
return { url, clientState };
|
|
7981
7884
|
});
|
|
7982
|
-
if (
|
|
7983
|
-
return
|
|
7885
|
+
if (contextResult.error) {
|
|
7886
|
+
return authFailureResult(contextResult.error);
|
|
7984
7887
|
}
|
|
7985
|
-
const
|
|
7888
|
+
const context = contextResult.data;
|
|
7986
7889
|
const accessTokenResult = await errors12.try(beginHostedPopup({
|
|
7987
7890
|
origin: options.origin,
|
|
7988
7891
|
publishableKey: options.publishableKey,
|
|
7989
|
-
currentUrl: url,
|
|
7990
|
-
clientState,
|
|
7991
|
-
options: options.hostedAuth,
|
|
7892
|
+
currentUrl: context.url,
|
|
7893
|
+
clientState: context.clientState,
|
|
7992
7894
|
logger
|
|
7993
7895
|
}));
|
|
7994
7896
|
if (accessTokenResult.error) {
|
|
7995
|
-
|
|
7996
|
-
|
|
7997
|
-
|
|
7998
|
-
const invalidate = createStoredTokenInvalidator(storage, options.publishableKey);
|
|
7999
|
-
const resolved = resolveManagedAccessToken(accessTokenResult.data, logger, invalidate);
|
|
8000
|
-
if (resolved.kind === "unauthenticated") {
|
|
8001
|
-
clearAuthState(storage, options.publishableKey);
|
|
8002
|
-
return resolved;
|
|
8003
|
-
}
|
|
8004
|
-
storeAccessToken(storage, options.publishableKey, accessTokenResult.data);
|
|
8005
|
-
clearAuthState(storage, options.publishableKey);
|
|
8006
|
-
return resolved;
|
|
7897
|
+
return authFailureResult(accessTokenResult.error);
|
|
7898
|
+
}
|
|
7899
|
+
return resolveHostedAccessToken(accessTokenResult.data, logger);
|
|
8007
7900
|
}
|
|
8008
7901
|
|
|
8009
|
-
// src/client/
|
|
8010
|
-
function
|
|
7902
|
+
// src/client/auth-state.ts
|
|
7903
|
+
function pendingLogin(config) {
|
|
8011
7904
|
let pending;
|
|
8012
7905
|
function login() {
|
|
8013
|
-
if (pending) {
|
|
7906
|
+
if (pending !== undefined) {
|
|
8014
7907
|
return pending;
|
|
8015
7908
|
}
|
|
8016
7909
|
pending = config.login().finally(function clearPending() {
|
|
@@ -8018,10 +7911,34 @@ function unauthenticatedState(config) {
|
|
|
8018
7911
|
});
|
|
8019
7912
|
return pending;
|
|
8020
7913
|
}
|
|
7914
|
+
return login;
|
|
7915
|
+
}
|
|
7916
|
+
function signInRequiredState(config) {
|
|
7917
|
+
return {
|
|
7918
|
+
phase: "sign-in-required",
|
|
7919
|
+
login: pendingLogin(config),
|
|
7920
|
+
toJSON: poisonToJSON
|
|
7921
|
+
};
|
|
7922
|
+
}
|
|
7923
|
+
function signInFailedState(config) {
|
|
8021
7924
|
return {
|
|
8022
|
-
phase: "
|
|
7925
|
+
phase: "sign-in-failed",
|
|
8023
7926
|
error: config.error,
|
|
8024
|
-
login,
|
|
7927
|
+
login: pendingLogin(config),
|
|
7928
|
+
toJSON: poisonToJSON
|
|
7929
|
+
};
|
|
7930
|
+
}
|
|
7931
|
+
function authUnavailableState(error) {
|
|
7932
|
+
return {
|
|
7933
|
+
phase: "auth-unavailable",
|
|
7934
|
+
error,
|
|
7935
|
+
toJSON: poisonToJSON
|
|
7936
|
+
};
|
|
7937
|
+
}
|
|
7938
|
+
function authConfigInvalidState(error) {
|
|
7939
|
+
return {
|
|
7940
|
+
phase: "auth-config-invalid",
|
|
7941
|
+
error,
|
|
8025
7942
|
toJSON: poisonToJSON
|
|
8026
7943
|
};
|
|
8027
7944
|
}
|
|
@@ -8048,12 +7965,8 @@ function primerOrigin(origin) {
|
|
|
8048
7965
|
}
|
|
8049
7966
|
async function startRuntime(config, resolved) {
|
|
8050
7967
|
let reauthenticate = null;
|
|
8051
|
-
|
|
8052
|
-
|
|
8053
|
-
reauthenticate = function reauthenticate2() {
|
|
8054
|
-
invalidate();
|
|
8055
|
-
return Promise.resolve(makeUnauthenticatedState(config, ErrTokenExpired));
|
|
8056
|
-
};
|
|
7968
|
+
if (resolved.reauthenticate !== undefined) {
|
|
7969
|
+
reauthenticate = resolved.reauthenticate;
|
|
8057
7970
|
}
|
|
8058
7971
|
const transport = createTransport({
|
|
8059
7972
|
accessToken: resolved.accessToken,
|
|
@@ -8073,8 +7986,15 @@ async function startRuntime(config, resolved) {
|
|
|
8073
7986
|
});
|
|
8074
7987
|
return session.execute({ kind: "observation" }, "start");
|
|
8075
7988
|
}
|
|
8076
|
-
function
|
|
8077
|
-
return
|
|
7989
|
+
function makeSignInRequiredState(config) {
|
|
7990
|
+
return signInRequiredState({
|
|
7991
|
+
login: function login() {
|
|
7992
|
+
return loginAndStart(config);
|
|
7993
|
+
}
|
|
7994
|
+
});
|
|
7995
|
+
}
|
|
7996
|
+
function makeSignInFailedState(config, error) {
|
|
7997
|
+
return signInFailedState({
|
|
8078
7998
|
error,
|
|
8079
7999
|
login: function login() {
|
|
8080
8000
|
return loginAndStart(config);
|
|
@@ -8087,10 +8007,21 @@ async function loginAndStart(config) {
|
|
|
8087
8007
|
publishableKey: config.publishableKey,
|
|
8088
8008
|
logger: config.logger
|
|
8089
8009
|
});
|
|
8090
|
-
if (result.kind === "
|
|
8091
|
-
return
|
|
8010
|
+
if (result.kind === "auth-unavailable") {
|
|
8011
|
+
return authUnavailableState(result.error);
|
|
8092
8012
|
}
|
|
8093
|
-
|
|
8013
|
+
if (result.kind === "auth-config-invalid") {
|
|
8014
|
+
return authConfigInvalidState(result.error);
|
|
8015
|
+
}
|
|
8016
|
+
if (result.kind === "sign-in-failed") {
|
|
8017
|
+
return makeSignInFailedState(config, result.error);
|
|
8018
|
+
}
|
|
8019
|
+
return startRuntime(config, {
|
|
8020
|
+
accessToken: result.accessToken,
|
|
8021
|
+
reauthenticate: function reauthenticate() {
|
|
8022
|
+
return Promise.resolve(makeSignInFailedState(config, ErrTokenExpired));
|
|
8023
|
+
}
|
|
8024
|
+
});
|
|
8094
8025
|
}
|
|
8095
8026
|
async function start(options) {
|
|
8096
8027
|
const logger = options.logger;
|
|
@@ -8119,8 +8050,8 @@ async function start(options) {
|
|
|
8119
8050
|
toJSON: poisonToJSON
|
|
8120
8051
|
};
|
|
8121
8052
|
}
|
|
8122
|
-
if (accessToken.kind === "
|
|
8123
|
-
return
|
|
8053
|
+
if (accessToken.kind === "missing") {
|
|
8054
|
+
return makeSignInRequiredState(config);
|
|
8124
8055
|
}
|
|
8125
8056
|
return startRuntime(config, accessToken);
|
|
8126
8057
|
}
|
|
@@ -8128,4 +8059,4 @@ export {
|
|
|
8128
8059
|
start
|
|
8129
8060
|
};
|
|
8130
8061
|
|
|
8131
|
-
//# debugId=
|
|
8062
|
+
//# debugId=1270BDB9A874B19364756E2164756E21
|