@vaadin/hilla-frontend 24.8.0-alpha7 → 24.8.0-beta1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (19) hide show
  1. package/Authentication.js +44 -46
  2. package/Authentication.js.map +1 -1
  3. package/Connect.d.ts +4 -0
  4. package/Connect.js +26 -12
  5. package/Connect.js.map +1 -1
  6. package/CookieManager.js +4 -1
  7. package/CookieManager.js.map +1 -1
  8. package/CsrfInfoSource.d.ts +7 -0
  9. package/CsrfInfoSource.js +184 -0
  10. package/CsrfInfoSource.js.map +1 -0
  11. package/FluxConnection.d.ts +4 -0
  12. package/FluxConnection.js +82 -75
  13. package/FluxConnection.js.map +1 -1
  14. package/index.js +2 -2
  15. package/index.js.map +1 -1
  16. package/package.json +2 -2
  17. package/CsrfUtils.d.ts +0 -1
  18. package/CsrfUtils.js +0 -64
  19. package/CsrfUtils.js.map +0 -1
package/Authentication.js CHANGED
@@ -1,36 +1,24 @@
1
1
  import CookieManager from "./CookieManager.js";
2
- import { getSpringCsrfInfo, getSpringCsrfTokenHeadersForAuthRequest, getSpringCsrfTokenParametersForAuthRequest, VAADIN_CSRF_HEADER } from "./CsrfUtils.js";
2
+ import csrfInfoSource, { VAADIN_CSRF_HEADER, clearCsrfInfoMeta, CsrfInfoType, extractCsrfInfoFromMeta, updateCsrfInfoMeta } from "./CsrfInfoSource.js";
3
+ function createHeaders(headerEntries) {
4
+ const headers = new Headers();
5
+ for (const [name, value] of headerEntries) {
6
+ headers.append(name, value);
7
+ }
8
+ return headers;
9
+ }
3
10
  const JWT_COOKIE_NAME = "jwt.headerAndPayload";
4
- function getSpringCsrfTokenFromResponseBody(body) {
11
+ async function getCsrfInfoFromResponseBody(body) {
5
12
  const doc = new DOMParser().parseFromString(body, "text/html");
6
- return getSpringCsrfInfo(doc);
7
- }
8
- function clearSpringCsrfMetaTags() {
9
- Array.from(document.head.querySelectorAll("meta[name=\"_csrf\"], meta[name=\"_csrf_header\"], meta[name=\"_csrf_parameter\"]")).forEach((el) => el.remove());
13
+ return extractCsrfInfoFromMeta(doc);
10
14
  }
11
- function updateSpringCsrfMetaTags(springCsrfInfo) {
12
- clearSpringCsrfMetaTags();
13
- const headerNameMeta = document.createElement("meta");
14
- headerNameMeta.name = "_csrf_header";
15
- headerNameMeta.content = springCsrfInfo._csrf_header;
16
- document.head.appendChild(headerNameMeta);
17
- const tokenMeta = document.createElement("meta");
18
- tokenMeta.name = "_csrf";
19
- tokenMeta.content = springCsrfInfo._csrf;
20
- document.head.appendChild(tokenMeta);
21
- }
22
- const getVaadinCsrfTokenFromResponseBody = (body) => {
23
- const match = /window\.Vaadin = \{TypeScript: \{"csrfToken":"([0-9a-zA-Z\\-]{36})"\}\};/iu.exec(body);
24
- return match ? match[1] : undefined;
25
- };
26
15
  async function updateCsrfTokensBasedOnResponse(response) {
27
16
  const responseText = await response.text();
28
- const token = getVaadinCsrfTokenFromResponseBody(responseText);
29
- const springCsrfTokenInfo = getSpringCsrfTokenFromResponseBody(responseText);
30
- updateSpringCsrfMetaTags(springCsrfTokenInfo);
31
- return token;
17
+ const csrfInfo = await getCsrfInfoFromResponseBody(responseText);
18
+ updateCsrfInfoMeta(csrfInfo, document);
32
19
  }
33
- async function doFetchLogout(logoutUrl, headers) {
20
+ async function doFetchLogout(logoutUrl, headerEntries) {
21
+ const headers = createHeaders(headerEntries);
34
22
  const response = await fetch(logoutUrl, {
35
23
  headers,
36
24
  method: "POST"
@@ -39,15 +27,16 @@ async function doFetchLogout(logoutUrl, headers) {
39
27
  throw new Error(`failed to logout with response ${response.status}`);
40
28
  }
41
29
  await updateCsrfTokensBasedOnResponse(response);
30
+ csrfInfoSource.reset();
42
31
  return response;
43
32
  }
44
- function doFormLogout(url, parameters) {
33
+ async function doFormLogout(url, formDataEntries) {
45
34
  const logoutUrl = typeof url === "string" ? url : url.toString();
46
35
  const form = document.createElement("form");
47
36
  form.setAttribute("method", "POST");
48
37
  form.setAttribute("action", logoutUrl);
49
38
  form.style.display = "none";
50
- for (const [name, value] of Object.entries(parameters)) {
39
+ for (const [name, value] of formDataEntries) {
51
40
  const input = document.createElement("input");
52
41
  input.setAttribute("type", "hidden");
53
42
  input.setAttribute("name", name);
@@ -55,21 +44,27 @@ function doFormLogout(url, parameters) {
55
44
  form.appendChild(input);
56
45
  }
57
46
  document.body.appendChild(form);
58
- form.submit();
47
+ return new Promise((_, reject) => {
48
+ setTimeout(() => {
49
+ reject(new Error("Form submission did not navigate away after 10 seconds."));
50
+ }, 1e4);
51
+ form.submit();
52
+ });
59
53
  }
60
54
  async function doLogout(doc, options) {
61
55
  const shouldSubmitFormLogout = !options?.navigate && !options?.onSuccess;
62
56
  const logoutUrl = options?.logoutUrl ?? "logout";
57
+ const csrfInfo = doc === document ? await csrfInfoSource.get() : await extractCsrfInfoFromMeta(doc);
63
58
  if (shouldSubmitFormLogout) {
64
- const parameters = getSpringCsrfTokenParametersForAuthRequest(doc);
65
- doFormLogout(logoutUrl, parameters);
66
- return new Response(undefined, {
67
- status: 200,
68
- statusText: "OK"
59
+ const formDataEntries = csrfInfo.type === CsrfInfoType.SPRING ? csrfInfo.formDataEntries : [];
60
+ await doFormLogout(logoutUrl, formDataEntries);
61
+ return new Response(null, {
62
+ status: 500,
63
+ statusText: "Form submission did not navigate away."
69
64
  });
70
65
  }
71
- const headers = getSpringCsrfTokenHeadersForAuthRequest(doc);
72
- return await doFetchLogout(logoutUrl, headers);
66
+ const headerEntries = csrfInfo.type === CsrfInfoType.SPRING ? csrfInfo.headerEntries : [];
67
+ return await doFetchLogout(logoutUrl, headerEntries);
73
68
  }
74
69
  function normalizePath(url) {
75
70
  const effectiveBaseURL = new URL(".", document.baseURI);
@@ -102,8 +97,9 @@ export async function login(username, password, options) {
102
97
  data.append("username", username);
103
98
  data.append("password", password);
104
99
  const loginProcessingUrl = options?.loginProcessingUrl ?? "login";
105
- const headers = getSpringCsrfTokenHeadersForAuthRequest(document);
106
- headers.source = "typescript";
100
+ const csrfInfo = await csrfInfoSource.get();
101
+ const headers = createHeaders(csrfInfo.headerEntries);
102
+ headers.append("source", "typescript");
107
103
  const response = await fetch(loginProcessingUrl, {
108
104
  body: data,
109
105
  headers,
@@ -114,14 +110,16 @@ export async function login(username, password, options) {
114
110
  const defaultUrl = response.headers.get("Default-url") ?? undefined;
115
111
  const loginSuccessful = response.ok && result === "success";
116
112
  if (loginSuccessful) {
117
- const vaadinCsrfToken = response.headers.get("Vaadin-CSRF") ?? undefined;
118
113
  const springCsrfHeader = response.headers.get("Spring-CSRF-header") ?? undefined;
119
114
  const springCsrfToken = response.headers.get("Spring-CSRF-token") ?? undefined;
120
115
  if (springCsrfHeader && springCsrfToken) {
121
- const springCsrfTokenInfo = {};
122
- springCsrfTokenInfo._csrf = springCsrfToken;
123
- springCsrfTokenInfo._csrf_header = springCsrfHeader;
124
- updateSpringCsrfMetaTags(springCsrfTokenInfo);
116
+ updateCsrfInfoMeta({
117
+ headerEntries: [[springCsrfHeader, springCsrfToken]],
118
+ formDataEntries: [],
119
+ type: CsrfInfoType.SPRING,
120
+ timestamp: Date.now()
121
+ }, document);
122
+ csrfInfoSource.reset();
125
123
  }
126
124
  if (options?.onSuccess) {
127
125
  await options.onSuccess();
@@ -133,8 +131,7 @@ export async function login(username, password, options) {
133
131
  return {
134
132
  defaultUrl,
135
133
  error: false,
136
- redirectUrl: savedUrl,
137
- token: vaadinCsrfToken
134
+ redirectUrl: savedUrl
138
135
  };
139
136
  }
140
137
  return {
@@ -168,7 +165,8 @@ export async function logout(options) {
168
165
  const doc = new DOMParser().parseFromString(responseText, "text/html");
169
166
  response = await doLogout(doc, options);
170
167
  } catch (error) {
171
- clearSpringCsrfMetaTags();
168
+ clearCsrfInfoMeta(document);
169
+ csrfInfoSource.reset();
172
170
  throw error;
173
171
  }
174
172
  } finally {
package/Authentication.js.map CHANGED
@@ -1 +1 @@
1
- {"mappings":"AACA,OAAO,uCAAwC;AAC/C,SACE,mBACA,yCACA,4CACA,0CACsB;AAExB,MAAM,kBAAkB;AAExB,SAAS,mCAAmCA,MAAsC;CAChF,MAAM,MAAM,IAAI,YAAY,gBAAgB,MAAM,YAAY;AAC9D,QAAO,kBAAkB,IAAI;AAC9B;AAED,SAAS,0BAA0B;AACjC,OAAM,KACJ,SAAS,KAAK,iBAAiB,oFAA8E,CAC9G,CAAC,QAAQ,CAAC,OAAO,GAAG,QAAQ,CAAC;AAC/B;AAED,SAAS,yBAAyBC,gBAAwC;AACxE,0BAAyB;CACzB,MAAMC,iBAAkC,SAAS,cAAc,OAAO;AACtE,gBAAe,OAAO;AACtB,gBAAe,UAAU,eAAe;AACxC,UAAS,KAAK,YAAY,eAAe;CACzC,MAAMC,YAA6B,SAAS,cAAc,OAAO;AACjE,WAAU,OAAO;AACjB,WAAU,UAAU,eAAe;AACnC,UAAS,KAAK,YAAY,UAAU;AACrC;AAED,MAAM,qCAAqC,CAACH,SAAqC;CAC/E,MAAM,QAAQ,6EAA6E,KAAK,KAAK;AACrG,QAAO,QAAQ,MAAM,KAAK;AAC3B;AAED,eAAe,gCAAgCI,UAAiD;CAC9F,MAAM,eAAe,MAAM,SAAS,MAAM;CAC1C,MAAM,QAAQ,mCAAmC,aAAa;CAC9D,MAAM,sBAAsB,mCAAmC,aAAa;AAC5E,0BAAyB,oBAAoB;AAE7C,QAAO;AACR;AAED,eAAe,cAAcC,WAAyBC,SAAiC;CACrF,MAAM,WAAW,MAAM,MAAM,WAAW;EAAE;EAAS,QAAQ;CAAQ,EAAC;AACpE,MAAK,SAAS,IAAI;AAChB,QAAM,IAAI,OAAO,iCAAiC,SAAS,OAAO;CACnE;AAED,OAAM,gCAAgC,SAAS;AAE/C,QAAO;AACR;AAED,SAAS,aAAaC,KAAmBC,YAAoC;CAC3E,MAAM,mBAAmB,QAAQ,WAAW,MAAM,IAAI,UAAU;CAGhE,MAAM,OAAO,SAAS,cAAc,OAAO;AAC3C,MAAK,aAAa,UAAU,OAAO;AACnC,MAAK,aAAa,UAAU,UAAU;AACtC,MAAK,MAAM,UAAU;AAGrB,MAAK,MAAM,CAAC,MAAM,MAAM,IAAI,OAAO,QAAQ,WAAW,EAAE;EACtD,MAAM,QAAQ,SAAS,cAAc,QAAQ;AAC7C,QAAM,aAAa,QAAQ,SAAS;AACpC,QAAM,aAAa,QAAQ,KAAK;AAChC,QAAM,aAAa,SAAS,MAAM;AAElC,OAAK,YAAY,MAAM;CACxB;AAGD,UAAS,KAAK,YAAY,KAAK;AAC/B,MAAK,QAAQ;AACd;AAED,eAAe,SAASC,KAAeC,SAA4C;CAGjF,MAAM,0BAA0B,SAAS,aAAa,SAAS;CAE/D,MAAM,YAAY,SAAS,aAAa;AACxC,KAAI,wBAAwB;EAC1B,MAAM,aAAa,2CAA2C,IAAI;AAClE,eAAa,WAAW,WAAW;AACnC,SAAO,IAAI,SAAS,WAAW;GAAE,QAAQ;GAAK,YAAY;EAAM;CACjE;CACD,MAAM,UAAU,wCAAwC,IAAI;AAC5D,QAAO,MAAM,cAAc,WAAW,QAAQ;AAC/C;AAmDD,SAAS,cAAcC,KAAqB;CAE1C,MAAM,mBAAmB,IAAI,IAAI,KAAK,SAAS;CAC/C,MAAM,mBAAmB,iBAAiB,UAAU;CAEpD,IAAI,aAAa;AAGjB,KAAI,WAAW,WAAW,iBAAiB,SAAS,EAAE;AACpD,UAAQ,GAAG,WAAW,MAAM,iBAAiB,SAAS,OAAO,CAAC;CAC/D;AAGD,cAAa,WAAW,WAAW,iBAAiB,IAAI,GAAG,WAAW,MAAM,iBAAiB,OAAO,CAAC,IAAI;AAEzG,QAAO;AACR;;;;;;AAOD,SAAS,uBAAuBC,IAAY;CAE1C,MAAM,MAAM,GAAG,WAAW,IAAI,GAAG,IAAI,KAAK,GAAG,GAAG,GAAG,SAAS,WAAW;AACvE,QAAO,SAAS,QAAQ,IAAI;AAC7B;;;;;;;AAQD,OAAO,eAAe,MAAMC,UAAkBC,UAAkBC,SAA8C;AAC5G,KAAI;EACF,MAAM,OAAO,IAAI;AACjB,OAAK,OAAO,YAAY,SAAS;AACjC,OAAK,OAAO,YAAY,SAAS;EAEjC,MAAM,qBAAqB,SAAS,sBAAsB;EAC1D,MAAM,UAAU,wCAAwC,SAAS;AACjE,UAAQ,SAAS;EACjB,MAAM,WAAW,MAAM,MAAM,oBAAoB;GAC/C,MAAM;GACN;GACA,QAAQ;EACT,EAAC;EAKF,MAAM,SAAS,SAAS,QAAQ,IAAI,SAAS;EAC7C,MAAM,WAAW,SAAS,QAAQ,IAAI,YAAY,IAAI;EACtD,MAAM,aAAa,SAAS,QAAQ,IAAI,cAAc,IAAI;EAC1D,MAAM,kBAAkB,SAAS,MAAM,WAAW;AAElD,MAAI,iBAAiB;GACnB,MAAM,kBAAkB,SAAS,QAAQ,IAAI,cAAc,IAAI;GAE/D,MAAM,mBAAmB,SAAS,QAAQ,IAAI,qBAAqB,IAAI;GACvE,MAAM,kBAAkB,SAAS,QAAQ,IAAI,oBAAoB,IAAI;AACrE,OAAI,oBAAoB,iBAAiB;IACvC,MAAMC,sBAA8C,CAAE;AACtD,wBAAoB,QAAQ;AAE5B,wBAAoB,eAAe;AACnC,6BAAyB,oBAAoB;GAC9C;AAED,OAAI,SAAS,WAAW;AACtB,UAAM,QAAQ,WAAW;GAC1B;GAED,MAAM,MAAM,YAAY,cAAc,SAAS;GAC/C,MAAM,SAAS,cAAc,IAAI;GACjC,MAAM,WAAW,SAAS,YAAY;AACtC,YAAS,OAAO;AAEhB,UAAO;IACL;IACA,OAAO;IACP,aAAa;IACb,OAAO;GACR;EACF;AACD,SAAO;GACL,OAAO;GACP,cAAc;GACd,YAAY;EACb;CACF,SAAQC,GAAY;AACnB,MAAI,aAAa,OAAO;AACtB,UAAO;IACL,OAAO;IACP,cAAc,EAAE;IAChB,YAAY,EAAE;GACf;EACF;AAED,QAAM;CACP;AACF;;;;;AAMD,OAAO,eAAe,OAAOP,SAAwC;CACnE,IAAIQ;AACJ,KAAI;AACF,aAAW,MAAM,SAAS,UAAU,QAAQ;CAC7C,QAAO;AACN,MAAI;GACF,MAAM,kBAAkB,MAAM,MAAM,WAAW;GAC/C,MAAM,eAAe,MAAM,gBAAgB,MAAM;GACjD,MAAM,MAAM,IAAI,YAAY,gBAAgB,cAAc,YAAY;AACtE,cAAW,MAAM,SAAS,KAAK,QAAQ;EACxC,SAAQ,OAAO;AAEd,4BAAyB;AACzB,SAAM;EACP;CACF,UAAS;AACR,gBAAc,OAAO,gBAAgB;AACrC,MAAI,YAAY,SAAS,MAAM,SAAS,YAAY;AAClD,OAAI,SAAS,WAAW;AACtB,UAAM,QAAQ,WAAW;GAC1B;GACD,MAAM,SAAS,cAAc,SAAS,IAAI;GAC1C,MAAM,WAAW,SAAS,YAAY;AACtC,YAAS,OAAO;EACjB;CACF;AACF;;;;;;AAeD,OAAO,MAAM,yBAAoD;CAC/D,AAAiB;CAEjB,YAAYC,0BAAoD;AAC9D,OAAK,2BAA2B;CACjC;CAED,MAAM,OAAOC,SAA4BC,MAAyC;EAChF,MAAM,gBAAgB,EAAE,GAAG,QAAS;AACpC,gBAAc,UAAU,QAAQ,QAAQ,OAAO;EAC/C,MAAM,WAAW,MAAM,KAAK,QAAQ;AACpC,MAAI,SAAS,WAAW,KAAK;GAC3B,MAAM,cAAc,MAAM,KAAK,0BAA0B;AACzD,OAAI,YAAY,OAAO;AACrB,kBAAc,QAAQ,QAAQ,IAAI,oBAAoB,YAAY,MAAM;AACxE,WAAO,KAAK,cAAc;GAC3B;EACF;AACD,SAAO;CACR;AACF","names":["body: string","springCsrfInfo: Record<string, string>","headerNameMeta: HTMLMetaElement","tokenMeta: HTMLMetaElement","response: Response","logoutUrl: URL | string","headers: Record<string, string>","url: URL | string","parameters: Record<string, string>","doc: Document","options?: LogoutOptions","url: string","to: string","username: string","password: string","options?: LoginOptions","springCsrfTokenInfo: Record<string, string>","e: unknown","response: Response | undefined","onInvalidSessionCallback: OnInvalidSessionCallback","context: MiddlewareContext","next: MiddlewareNext"],"sources":["/opt/agent/work/1af72d8adc613024/hilla/packages/ts/frontend/src/Authentication.ts"],"sourcesContent":["import type { MiddlewareClass, MiddlewareContext, MiddlewareNext } from './Connect.js';\nimport CookieManager from './CookieManager.js';\nimport {\n getSpringCsrfInfo,\n getSpringCsrfTokenHeadersForAuthRequest,\n getSpringCsrfTokenParametersForAuthRequest,\n VAADIN_CSRF_HEADER,\n} from './CsrfUtils.js';\n\nconst JWT_COOKIE_NAME = 'jwt.headerAndPayload';\n\nfunction getSpringCsrfTokenFromResponseBody(body: string): Record<string, string> {\n const doc = new DOMParser().parseFromString(body, 'text/html');\n return getSpringCsrfInfo(doc);\n}\n\nfunction clearSpringCsrfMetaTags() {\n Array.from(\n document.head.querySelectorAll('meta[name=\"_csrf\"], meta[name=\"_csrf_header\"], meta[name=\"_csrf_parameter\"]'),\n ).forEach((el) => el.remove());\n}\n\nfunction updateSpringCsrfMetaTags(springCsrfInfo: Record<string, string>) {\n clearSpringCsrfMetaTags();\n const headerNameMeta: HTMLMetaElement = document.createElement('meta');\n headerNameMeta.name = '_csrf_header';\n headerNameMeta.content = springCsrfInfo._csrf_header;\n document.head.appendChild(headerNameMeta);\n const tokenMeta: HTMLMetaElement = document.createElement('meta');\n tokenMeta.name = '_csrf';\n tokenMeta.content = springCsrfInfo._csrf;\n document.head.appendChild(tokenMeta);\n}\n\nconst getVaadinCsrfTokenFromResponseBody = (body: string): string | undefined => {\n const match = /window\\.Vaadin = \\{TypeScript: \\{\"csrfToken\":\"([0-9a-zA-Z\\\\-]{36})\"\\}\\};/iu.exec(body);\n return match ? match[1] : undefined;\n};\n\nasync function updateCsrfTokensBasedOnResponse(response: Response): Promise<string | undefined> {\n const responseText = await response.text();\n const token = getVaadinCsrfTokenFromResponseBody(responseText);\n const springCsrfTokenInfo = getSpringCsrfTokenFromResponseBody(responseText);\n updateSpringCsrfMetaTags(springCsrfTokenInfo);\n\n return token;\n}\n\nasync function doFetchLogout(logoutUrl: URL | string, headers: Record<string, string>) {\n const response = await fetch(logoutUrl, { headers, method: 'POST' });\n if (!response.ok) {\n throw new Error(`failed to logout with response ${response.status}`);\n }\n\n await updateCsrfTokensBasedOnResponse(response);\n\n return response;\n}\n\nfunction doFormLogout(url: URL | string, parameters: Record<string, string>) {\n const logoutUrl = typeof url === 'string' ? url : url.toString();\n\n // Create form to send POST request\n const form = document.createElement('form');\n form.setAttribute('method', 'POST');\n form.setAttribute('action', logoutUrl);\n form.style.display = 'none';\n\n // Add data to form as hidden input fields\n for (const [name, value] of Object.entries(parameters)) {\n const input = document.createElement('input');\n input.setAttribute('type', 'hidden');\n input.setAttribute('name', name);\n input.setAttribute('value', value);\n\n form.appendChild(input);\n }\n\n // Append form to page and submit it to perform logout and redirect\n document.body.appendChild(form);\n form.submit();\n}\n\nasync function doLogout(doc: Document, options?: LogoutOptions): Promise<Response> {\n // performing fetch logout only makes sense if at least one of the 'navigate'\n // or 'onSuccess' is defined, otherwise we can just do a form logout:\n const shouldSubmitFormLogout = !options?.navigate && !options?.onSuccess;\n // this assumes the default Spring Security logout configuration (handler URL)\n const logoutUrl = options?.logoutUrl ?? 'logout';\n if (shouldSubmitFormLogout) {\n const parameters = getSpringCsrfTokenParametersForAuthRequest(doc);\n doFormLogout(logoutUrl, parameters);\n return new Response(undefined, { status: 200, statusText: 'OK' } as ResponseInit);\n }\n const headers = getSpringCsrfTokenHeadersForAuthRequest(doc);\n return await doFetchLogout(logoutUrl, headers);\n}\n\nexport interface LoginResult {\n error: boolean;\n token?: string;\n errorTitle?: string;\n errorMessage?: string;\n redirectUrl?: string;\n defaultUrl?: string;\n}\n\nexport type SuccessCallback = () => Promise<void> | void;\n\nexport type NavigateFunction = (path: string) => void;\n\nexport interface LoginOptions {\n /**\n * The URL for login request, defaults to `/login`.\n */\n loginProcessingUrl?: URL | string;\n\n /**\n * The success callback.\n */\n onSuccess?: SuccessCallback;\n\n /**\n * The navigation callback, called after successful login. The default\n * reloads the page.\n */\n navigate?: NavigateFunction;\n}\n\nexport interface LogoutOptions {\n /**\n * The URL for logout request, defaults to `/logout`.\n */\n logoutUrl?: URL | string;\n\n /**\n * The success callback.\n */\n onSuccess?: SuccessCallback;\n\n /**\n * The navigation callback, called after successful logout. The default\n * reloads the page.\n */\n navigate?: NavigateFunction;\n}\n\nfunction normalizePath(url: string): string {\n // URL with context path\n const effectiveBaseURL = new URL('.', document.baseURI);\n const effectiveBaseURI = effectiveBaseURL.toString();\n\n let normalized = url;\n\n // Strip context path prefix\n if (normalized.startsWith(effectiveBaseURL.pathname)) {\n return `/${normalized.slice(effectiveBaseURL.pathname.length)}`;\n }\n\n // Strip base URI\n normalized = normalized.startsWith(effectiveBaseURI) ? `/${normalized.slice(effectiveBaseURI.length)}` : normalized;\n\n return normalized;\n}\n\n/**\n * Navigates to the provided path using page reload.\n *\n * @param to - navigation target path\n */\nfunction navigateWithPageReload(to: string) {\n // Consider absolute path to be within application context\n const url = to.startsWith('/') ? new URL(`.${to}`, document.baseURI) : to;\n window.location.replace(url);\n}\n\n/**\n * A helper method for Spring Security based form login.\n * @param username - username\n * @param password - password\n * @param options - defines additional options, e.g, the loginProcessingUrl etc.\n */\nexport async function login(username: string, password: string, options?: LoginOptions): Promise<LoginResult> {\n try {\n const data = new FormData();\n data.append('username', username);\n data.append('password', password);\n\n const loginProcessingUrl = options?.loginProcessingUrl ?? 'login';\n const headers = getSpringCsrfTokenHeadersForAuthRequest(document);\n headers.source = 'typescript';\n const response = await fetch(loginProcessingUrl, {\n body: data,\n headers,\n method: 'POST',\n });\n\n // This code assumes that a VaadinSavedRequestAwareAuthenticationSuccessHandler is used on the server side,\n // setting these header values based on the \"source=typescript\" header set above\n\n const result = response.headers.get('Result');\n const savedUrl = response.headers.get('Saved-url') ?? undefined;\n const defaultUrl = response.headers.get('Default-url') ?? undefined;\n const loginSuccessful = response.ok && result === 'success';\n\n if (loginSuccessful) {\n const vaadinCsrfToken = response.headers.get('Vaadin-CSRF') ?? undefined;\n\n const springCsrfHeader = response.headers.get('Spring-CSRF-header') ?? undefined;\n const springCsrfToken = response.headers.get('Spring-CSRF-token') ?? undefined;\n if (springCsrfHeader && springCsrfToken) {\n const springCsrfTokenInfo: Record<string, string> = {};\n springCsrfTokenInfo._csrf = springCsrfToken;\n // eslint-disable-next-line camelcase\n springCsrfTokenInfo._csrf_header = springCsrfHeader;\n updateSpringCsrfMetaTags(springCsrfTokenInfo);\n }\n\n if (options?.onSuccess) {\n await options.onSuccess();\n }\n\n const url = savedUrl ?? defaultUrl ?? document.baseURI;\n const toPath = normalizePath(url);\n const navigate = options?.navigate ?? navigateWithPageReload;\n navigate(toPath);\n\n return {\n defaultUrl,\n error: false,\n redirectUrl: savedUrl,\n token: vaadinCsrfToken,\n };\n }\n return {\n error: true,\n errorMessage: 'Check that you have entered the correct username and password and try again.',\n errorTitle: 'Incorrect username or password.',\n };\n } catch (e: unknown) {\n if (e instanceof Error) {\n return {\n error: true,\n errorMessage: e.message,\n errorTitle: e.name,\n };\n }\n\n throw e;\n }\n}\n\n/**\n * A helper method for Spring Security based form logout\n * @param options - defines additional options, e.g, the logoutUrl.\n */\nexport async function logout(options?: LogoutOptions): Promise<void> {\n let response: Response | undefined;\n try {\n response = await doLogout(document, options);\n } catch {\n try {\n const noCacheResponse = await fetch('?nocache');\n const responseText = await noCacheResponse.text();\n const doc = new DOMParser().parseFromString(responseText, 'text/html');\n response = await doLogout(doc, options);\n } catch (error) {\n // clear the token if the call fails\n clearSpringCsrfMetaTags();\n throw error;\n }\n } finally {\n CookieManager.remove(JWT_COOKIE_NAME);\n if (response && response.ok && response.redirected) {\n if (options?.onSuccess) {\n await options.onSuccess();\n }\n const toPath = normalizePath(response.url);\n const navigate = options?.navigate ?? navigateWithPageReload;\n navigate(toPath);\n }\n }\n}\n\n/**\n * It defines what to do when it detects a session is invalid. E.g.,\n * show a login view.\n * It takes an <code>EndpointCallContinue</code> parameter, which can be\n * used to continue the endpoint call.\n */\nexport type OnInvalidSessionCallback = () => Promise<LoginResult>;\n\n/**\n * A helper class for handling invalid sessions during an endpoint call.\n * E.g., you can use this to show user a login page when the session has\n * expired.\n */\nexport class InvalidSessionMiddleware implements MiddlewareClass {\n private readonly onInvalidSessionCallback: OnInvalidSessionCallback;\n\n constructor(onInvalidSessionCallback: OnInvalidSessionCallback) {\n this.onInvalidSessionCallback = onInvalidSessionCallback;\n }\n\n async invoke(context: MiddlewareContext, next: MiddlewareNext): Promise<Response> {\n const clonedContext = { ...context };\n clonedContext.request = context.request.clone();\n const response = await next(context);\n if (response.status === 401) {\n const loginResult = await this.onInvalidSessionCallback();\n if (loginResult.token) {\n clonedContext.request.headers.set(VAADIN_CSRF_HEADER, loginResult.token);\n return next(clonedContext) as Promise<Response>;\n }\n }\n return response;\n }\n}\n"],"version":3}
1
+ {"mappings":"AACA,OAAO,uCAAwC;AAC/C,OAAO,kBACL,oBACA,mBAEA,cACA,yBACA,+CAC2B;AAE7B,SAAS,cAAcA,eAA+E;CACpG,MAAM,UAAU,IAAI;AACpB,MAAK,MAAM,CAAC,MAAM,MAAM,IAAI,eAAe;AACzC,UAAQ,OAAO,MAAM,MAAM;CAC5B;AACD,QAAO;AACR;AAED,MAAM,kBAAkB;AAExB,eAAe,4BAA4BC,MAAiC;CAC1E,MAAM,MAAM,IAAI,YAAY,gBAAgB,MAAM,YAAY;AAC9D,QAAO,wBAAwB,IAAI;AACpC;AAED,eAAe,gCAAgCC,UAAmC;CAChF,MAAM,eAAe,MAAM,SAAS,MAAM;CAC1C,MAAM,WAAW,MAAM,4BAA4B,aAAa;AAChE,oBAAmB,UAAU,SAAS;AACvC;AAED,eAAe,cACbC,WACAH,eACA;CACA,MAAM,UAAU,cAAc,cAAc;CAC5C,MAAM,WAAW,MAAM,MAAM,WAAW;EAAE;EAAS,QAAQ;CAAQ,EAAC;AACpE,MAAK,SAAS,IAAI;AAChB,QAAM,IAAI,OAAO,iCAAiC,SAAS,OAAO;CACnE;AAED,OAAM,gCAAgC,SAAS;AAC/C,gBAAe,OAAO;AAEtB,QAAO;AACR;AAED,eAAe,aACbI,KACAC,iBACe;CACf,MAAM,mBAAmB,QAAQ,WAAW,MAAM,IAAI,UAAU;CAGhE,MAAM,OAAO,SAAS,cAAc,OAAO;AAC3C,MAAK,aAAa,UAAU,OAAO;AACnC,MAAK,aAAa,UAAU,UAAU;AACtC,MAAK,MAAM,UAAU;AAGrB,MAAK,MAAM,CAAC,MAAM,MAAM,IAAI,iBAAiB;EAC3C,MAAM,QAAQ,SAAS,cAAc,QAAQ;AAC7C,QAAM,aAAa,QAAQ,SAAS;AACpC,QAAM,aAAa,QAAQ,KAAK;AAChC,QAAM,aAAa,SAAS,MAAM;AAElC,OAAK,YAAY,MAAM;CACxB;AAGD,UAAS,KAAK,YAAY,KAAK;AAK/B,QAAO,IAAI,QAAQ,CAAC,GAAG,WAAW;AAChC,aAAW,MAAM;AACf,UAAO,IAAI,MAAM,2DAA2D;EAC7E,GAAE,IAAM;AACT,OAAK,QAAQ;CACd;AACF;AAED,eAAe,SAASC,KAAeC,SAA4C;CAGjF,MAAM,0BAA0B,SAAS,aAAa,SAAS;CAE/D,MAAM,YAAY,SAAS,aAAa;CACxC,MAAM,WAAW,QAAQ,WAAW,MAAM,eAAe,KAAK,GAAG,MAAM,wBAAwB,IAAI;AACnG,KAAI,wBAAwB;EAC1B,MAAM,kBAAkB,SAAS,SAAS,aAAa,SAAS,SAAS,kBAAkB,CAAE;AAC7F,QAAM,aAAa,WAAW,gBAAgB;AAE9C,SAAO,IAAI,SAAS,MAAM;GACxB,QAAQ;GACR,YAAY;EACb;CACF;CACD,MAAM,gBAAgB,SAAS,SAAS,aAAa,SAAS,SAAS,gBAAgB,CAAE;AACzF,QAAO,MAAM,cAAc,WAAW,cAAc;AACrD;AAmDD,SAAS,cAAcC,KAAqB;CAE1C,MAAM,mBAAmB,IAAI,IAAI,KAAK,SAAS;CAC/C,MAAM,mBAAmB,iBAAiB,UAAU;CAEpD,IAAI,aAAa;AAGjB,KAAI,WAAW,WAAW,iBAAiB,SAAS,EAAE;AACpD,UAAQ,GAAG,WAAW,MAAM,iBAAiB,SAAS,OAAO,CAAC;CAC/D;AAGD,cAAa,WAAW,WAAW,iBAAiB,IAAI,GAAG,WAAW,MAAM,iBAAiB,OAAO,CAAC,IAAI;AAEzG,QAAO;AACR;;;;;;AAOD,SAAS,uBAAuBC,IAAY;CAE1C,MAAM,MAAM,GAAG,WAAW,IAAI,GAAG,IAAI,KAAK,GAAG,GAAG,GAAG,SAAS,WAAW;AACvE,QAAO,SAAS,QAAQ,IAAI;AAC7B;;;;;;;AAQD,OAAO,eAAe,MAAMC,UAAkBC,UAAkBC,SAA8C;AAC5G,KAAI;EACF,MAAM,OAAO,IAAI;AACjB,OAAK,OAAO,YAAY,SAAS;AACjC,OAAK,OAAO,YAAY,SAAS;EAEjC,MAAM,qBAAqB,SAAS,sBAAsB;EAC1D,MAAM,WAAW,MAAM,eAAe,KAAK;EAC3C,MAAM,UAAU,cAAc,SAAS,cAAc;AACrD,UAAQ,OAAO,UAAU,aAAa;EACtC,MAAM,WAAW,MAAM,MAAM,oBAAoB;GAC/C,MAAM;GACN;GACA,QAAQ;EACT,EAAC;EAKF,MAAM,SAAS,SAAS,QAAQ,IAAI,SAAS;EAC7C,MAAM,WAAW,SAAS,QAAQ,IAAI,YAAY,IAAI;EACtD,MAAM,aAAa,SAAS,QAAQ,IAAI,cAAc,IAAI;EAC1D,MAAM,kBAAkB,SAAS,MAAM,WAAW;AAElD,MAAI,iBAAiB;GACnB,MAAM,mBAAmB,SAAS,QAAQ,IAAI,qBAAqB,IAAI;GACvE,MAAM,kBAAkB,SAAS,QAAQ,IAAI,oBAAoB,IAAI;AACrE,OAAI,oBAAoB,iBAAiB;AACvC,uBACE;KACE,eAAe,CAAC,CAAC,kBAAkB,eAAgB,CAAC;KACpD,iBAAiB,CAAE;KACnB,MAAM,aAAa;KACnB,WAAW,KAAK,KAAK;IACtB,GACD,SACD;AACD,mBAAe,OAAO;GACvB;AAED,OAAI,SAAS,WAAW;AACtB,UAAM,QAAQ,WAAW;GAC1B;GAED,MAAM,MAAM,YAAY,cAAc,SAAS;GAC/C,MAAM,SAAS,cAAc,IAAI;GACjC,MAAM,WAAW,SAAS,YAAY;AACtC,YAAS,OAAO;AAEhB,UAAO;IACL;IACA,OAAO;IACP,aAAa;GACd;EACF;AACD,SAAO;GACL,OAAO;GACP,cAAc;GACd,YAAY;EACb;CACF,SAAQC,GAAY;AACnB,MAAI,aAAa,OAAO;AACtB,UAAO;IACL,OAAO;IACP,cAAc,EAAE;IAChB,YAAY,EAAE;GACf;EACF;AAED,QAAM;CACP;AACF;;;;;AAMD,OAAO,eAAe,OAAON,SAAwC;CACnE,IAAIO;AACJ,KAAI;AACF,aAAW,MAAM,SAAS,UAAU,QAAQ;CAC7C,QAAO;AACN,MAAI;GACF,MAAM,kBAAkB,MAAM,MAAM,WAAW;GAC/C,MAAM,eAAe,MAAM,gBAAgB,MAAM;GACjD,MAAM,MAAM,IAAI,YAAY,gBAAgB,cAAc,YAAY;AACtE,cAAW,MAAM,SAAS,KAAK,QAAQ;EACxC,SAAQ,OAAO;AAEd,qBAAkB,SAAS;AAC3B,kBAAe,OAAO;AACtB,SAAM;EACP;CACF,UAAS;AACR,gBAAc,OAAO,gBAAgB;AACrC,MAAI,YAAY,SAAS,MAAM,SAAS,YAAY;AAClD,OAAI,SAAS,WAAW;AACtB,UAAM,QAAQ,WAAW;GAC1B;GACD,MAAM,SAAS,cAAc,SAAS,IAAI;GAC1C,MAAM,WAAW,SAAS,YAAY;AACtC,YAAS,OAAO;EACjB;CACF;AACF;;;;;;AAeD,OAAO,MAAM,yBAAoD;CAC/D,AAAiB;CAEjB,YAAYC,0BAAoD;AAC9D,OAAK,2BAA2B;CACjC;CAED,MAAM,OAAOC,SAA4BC,MAAyC;EAChF,MAAM,gBAAgB,EAAE,GAAG,QAAS;AACpC,gBAAc,UAAU,QAAQ,QAAQ,OAAO;EAC/C,MAAM,WAAW,MAAM,KAAK,QAAQ;AACpC,MAAI,SAAS,WAAW,KAAK;GAC3B,MAAM,cAAc,MAAM,KAAK,0BAA0B;AACzD,OAAI,YAAY,OAAO;AACrB,kBAAc,QAAQ,QAAQ,IAAI,oBAAoB,YAAY,MAAM;AACxE,WAAO,KAAK,cAAc;GAC3B;EACF;AACD,SAAO;CACR;AACF","names":["headerEntries: ReadonlyArray<readonly [name: string, value: string]>","body: string","response: Response","logoutUrl: URL | string","url: URL | string","formDataEntries: ReadonlyArray<readonly [name: string, value: string]>","doc: Document","options?: LogoutOptions","url: string","to: string","username: string","password: string","options?: LoginOptions","e: unknown","response: Response | undefined","onInvalidSessionCallback: OnInvalidSessionCallback","context: MiddlewareContext","next: MiddlewareNext"],"sources":["/opt/agent/work/1af72d8adc613024/hilla/packages/ts/frontend/src/Authentication.ts"],"sourcesContent":["import type { MiddlewareClass, MiddlewareContext, MiddlewareNext } from './Connect.js';\nimport CookieManager from './CookieManager.js';\nimport csrfInfoSource, {\n VAADIN_CSRF_HEADER,\n clearCsrfInfoMeta,\n type CsrfInfo,\n CsrfInfoType,\n extractCsrfInfoFromMeta,\n updateCsrfInfoMeta,\n} from './CsrfInfoSource.js';\n\nfunction createHeaders(headerEntries: ReadonlyArray<readonly [name: string, value: string]>): Headers {\n const headers = new Headers();\n for (const [name, value] of headerEntries) {\n headers.append(name, value);\n }\n return headers;\n}\n\nconst JWT_COOKIE_NAME = 'jwt.headerAndPayload';\n\nasync function getCsrfInfoFromResponseBody(body: string): Promise<CsrfInfo> {\n const doc = new DOMParser().parseFromString(body, 'text/html');\n return extractCsrfInfoFromMeta(doc);\n}\n\nasync function updateCsrfTokensBasedOnResponse(response: Response): Promise<void> {\n const responseText = await response.text();\n const csrfInfo = await getCsrfInfoFromResponseBody(responseText);\n updateCsrfInfoMeta(csrfInfo, document);\n}\n\nasync function doFetchLogout(\n logoutUrl: URL | string,\n headerEntries: ReadonlyArray<readonly [name: string, value: string]>,\n) {\n const headers = createHeaders(headerEntries);\n const response = await fetch(logoutUrl, { headers, method: 'POST' });\n if (!response.ok) {\n throw new Error(`failed to logout with response ${response.status}`);\n }\n\n await updateCsrfTokensBasedOnResponse(response);\n csrfInfoSource.reset();\n\n return response;\n}\n\nasync function doFormLogout(\n url: URL | string,\n formDataEntries: ReadonlyArray<readonly [name: string, value: string]>,\n): Promise<void> {\n const logoutUrl = typeof url === 'string' ? url : url.toString();\n\n // Create form to send POST request\n const form = document.createElement('form');\n form.setAttribute('method', 'POST');\n form.setAttribute('action', logoutUrl);\n form.style.display = 'none';\n\n // Add data to form as hidden input fields\n for (const [name, value] of formDataEntries) {\n const input = document.createElement('input');\n input.setAttribute('type', 'hidden');\n input.setAttribute('name', name);\n input.setAttribute('value', value);\n\n form.appendChild(input);\n }\n\n // Append form to page and submit it to perform logout and redirect\n document.body.appendChild(form);\n\n // No code should run after a form submission, as it will navigate away.\n // The promise will reject after a long timeout to avoid executing code after\n // (old user code has a `reload` call that could happen before the form submission).\n return new Promise((_, reject) => {\n setTimeout(() => {\n reject(new Error('Form submission did not navigate away after 10 seconds.'));\n }, 10000);\n form.submit();\n });\n}\n\nasync function doLogout(doc: Document, options?: LogoutOptions): Promise<Response> {\n // performing fetch logout only makes sense if at least one of the 'navigate'\n // or 'onSuccess' is defined, otherwise we can just do a form logout:\n const shouldSubmitFormLogout = !options?.navigate && !options?.onSuccess;\n // this assumes the default Spring Security logout configuration (handler URL)\n const logoutUrl = options?.logoutUrl ?? 'logout';\n const csrfInfo = doc === document ? await csrfInfoSource.get() : await extractCsrfInfoFromMeta(doc);\n if (shouldSubmitFormLogout) {\n const formDataEntries = csrfInfo.type === CsrfInfoType.SPRING ? csrfInfo.formDataEntries : [];\n await doFormLogout(logoutUrl, formDataEntries);\n // This should never be reached, as form submission will navigate away\n return new Response(null, {\n status: 500,\n statusText: 'Form submission did not navigate away.',\n } as ResponseInit);\n }\n const headerEntries = csrfInfo.type === CsrfInfoType.SPRING ? csrfInfo.headerEntries : [];\n return await doFetchLogout(logoutUrl, headerEntries);\n}\n\nexport interface LoginResult {\n error: boolean;\n token?: string;\n errorTitle?: string;\n errorMessage?: string;\n redirectUrl?: string;\n defaultUrl?: string;\n}\n\nexport type SuccessCallback = () => Promise<void> | void;\n\nexport type NavigateFunction = (path: string) => void;\n\nexport interface LoginOptions {\n /**\n * The URL for login request, defaults to `/login`.\n */\n loginProcessingUrl?: URL | string;\n\n /**\n * The success callback.\n */\n onSuccess?: SuccessCallback;\n\n /**\n * The navigation callback, called after successful login. The default\n * reloads the page.\n */\n navigate?: NavigateFunction;\n}\n\nexport interface LogoutOptions {\n /**\n * The URL for logout request, defaults to `/logout`.\n */\n logoutUrl?: URL | string;\n\n /**\n * The success callback.\n */\n onSuccess?: SuccessCallback;\n\n /**\n * The navigation callback, called after successful logout. The default\n * reloads the page.\n */\n navigate?: NavigateFunction;\n}\n\nfunction normalizePath(url: string): string {\n // URL with context path\n const effectiveBaseURL = new URL('.', document.baseURI);\n const effectiveBaseURI = effectiveBaseURL.toString();\n\n let normalized = url;\n\n // Strip context path prefix\n if (normalized.startsWith(effectiveBaseURL.pathname)) {\n return `/${normalized.slice(effectiveBaseURL.pathname.length)}`;\n }\n\n // Strip base URI\n normalized = normalized.startsWith(effectiveBaseURI) ? `/${normalized.slice(effectiveBaseURI.length)}` : normalized;\n\n return normalized;\n}\n\n/**\n * Navigates to the provided path using page reload.\n *\n * @param to - navigation target path\n */\nfunction navigateWithPageReload(to: string) {\n // Consider absolute path to be within application context\n const url = to.startsWith('/') ? new URL(`.${to}`, document.baseURI) : to;\n window.location.replace(url);\n}\n\n/**\n * A helper method for Spring Security based form login.\n * @param username - username\n * @param password - password\n * @param options - defines additional options, e.g, the loginProcessingUrl etc.\n */\nexport async function login(username: string, password: string, options?: LoginOptions): Promise<LoginResult> {\n try {\n const data = new FormData();\n data.append('username', username);\n data.append('password', password);\n\n const loginProcessingUrl = options?.loginProcessingUrl ?? 'login';\n const csrfInfo = await csrfInfoSource.get();\n const headers = createHeaders(csrfInfo.headerEntries);\n headers.append('source', 'typescript');\n const response = await fetch(loginProcessingUrl, {\n body: data,\n headers,\n method: 'POST',\n });\n\n // This code assumes that a VaadinSavedRequestAwareAuthenticationSuccessHandler is used on the server side,\n // setting these header values based on the \"source=typescript\" header set above\n\n const result = response.headers.get('Result');\n const savedUrl = response.headers.get('Saved-url') ?? undefined;\n const defaultUrl = response.headers.get('Default-url') ?? undefined;\n const loginSuccessful = response.ok && result === 'success';\n\n if (loginSuccessful) {\n const springCsrfHeader = response.headers.get('Spring-CSRF-header') ?? undefined;\n const springCsrfToken = response.headers.get('Spring-CSRF-token') ?? undefined;\n if (springCsrfHeader && springCsrfToken) {\n updateCsrfInfoMeta(\n {\n headerEntries: [[springCsrfHeader, springCsrfToken]],\n formDataEntries: [],\n type: CsrfInfoType.SPRING,\n timestamp: Date.now(),\n },\n document,\n );\n csrfInfoSource.reset();\n }\n\n if (options?.onSuccess) {\n await options.onSuccess();\n }\n\n const url = savedUrl ?? defaultUrl ?? document.baseURI;\n const toPath = normalizePath(url);\n const navigate = options?.navigate ?? navigateWithPageReload;\n navigate(toPath);\n\n return {\n defaultUrl,\n error: false,\n redirectUrl: savedUrl,\n };\n }\n return {\n error: true,\n errorMessage: 'Check that you have entered the correct username and password and try again.',\n errorTitle: 'Incorrect username or password.',\n };\n } catch (e: unknown) {\n if (e instanceof Error) {\n return {\n error: true,\n errorMessage: e.message,\n errorTitle: e.name,\n };\n }\n\n throw e;\n }\n}\n\n/**\n * A helper method for Spring Security based form logout\n * @param options - defines additional options, e.g, the logoutUrl.\n */\nexport async function logout(options?: LogoutOptions): Promise<void> {\n let response: Response | undefined;\n try {\n response = await doLogout(document, options);\n } catch {\n try {\n const noCacheResponse = await fetch('?nocache');\n const responseText = await noCacheResponse.text();\n const doc = new DOMParser().parseFromString(responseText, 'text/html');\n response = await doLogout(doc, options);\n } catch (error) {\n // clear the token if the call fails\n clearCsrfInfoMeta(document);\n csrfInfoSource.reset();\n throw error;\n }\n } finally {\n CookieManager.remove(JWT_COOKIE_NAME);\n if (response && response.ok && response.redirected) {\n if (options?.onSuccess) {\n await options.onSuccess();\n }\n const toPath = normalizePath(response.url);\n const navigate = options?.navigate ?? navigateWithPageReload;\n navigate(toPath);\n }\n }\n}\n\n/**\n * It defines what to do when it detects a session is invalid. E.g.,\n * show a login view.\n * It takes an <code>EndpointCallContinue</code> parameter, which can be\n * used to continue the endpoint call.\n */\nexport type OnInvalidSessionCallback = () => Promise<LoginResult>;\n\n/**\n * A helper class for handling invalid sessions during an endpoint call.\n * E.g., you can use this to show user a login page when the session has\n * expired.\n */\nexport class InvalidSessionMiddleware implements MiddlewareClass {\n private readonly onInvalidSessionCallback: OnInvalidSessionCallback;\n\n constructor(onInvalidSessionCallback: OnInvalidSessionCallback) {\n this.onInvalidSessionCallback = onInvalidSessionCallback;\n }\n\n async invoke(context: MiddlewareContext, next: MiddlewareNext): Promise<Response> {\n const clonedContext = { ...context };\n clonedContext.request = context.request.clone();\n const response = await next(context);\n if (response.status === 401) {\n const loginResult = await this.onInvalidSessionCallback();\n if (loginResult.token) {\n clonedContext.request.headers.set(VAADIN_CSRF_HEADER, loginResult.token);\n return next(clonedContext) as Promise<Response>;\n }\n }\n return response;\n }\n}\n"],"version":3}
package/Connect.d.ts CHANGED
@@ -174,4 +174,8 @@ export declare class ConnectClient {
174
174
  * @returns A subscription used to handles values as they become available.
175
175
  */
176
176
  subscribe(endpoint: string, method: string, params?: any): Subscription<any>;
177
+ /**
178
+ * Promise that resolves when the instance is initialized.
179
+ */
180
+ get ready(): Promise<void>;
177
181
  }
package/Connect.js CHANGED
@@ -1,7 +1,7 @@
1
- import { ConnectionIndicator, ConnectionState } from "@vaadin/common-frontend";
2
- import { getCsrfTokenHeadersForEndpointRequest } from "./CsrfUtils.js";
1
+ import csrfInfoSource from "./CsrfInfoSource.js";
3
2
  import { EndpointError, EndpointResponseError, EndpointValidationError, ForbiddenResponseError, UnauthorizedResponseError } from "./EndpointErrors.js";
4
3
  import { FluxConnection } from "./FluxConnection.js";
4
+ const commonFrontendModulePromise = globalThis.document ? import("@vaadin/common-frontend") : Promise.resolve(undefined);
5
5
  const $wnd = globalThis;
6
6
  $wnd.Vaadin ??= {};
7
7
  $wnd.Vaadin.registrations ??= [];
@@ -105,6 +105,7 @@ export class ConnectClient {
105
105
  */
106
106
  atmosphereOptions = {};
107
107
  #fluxConnection;
108
+ #ready;
108
109
  /**
109
110
  * @param options - Constructor options.
110
111
  */
@@ -118,15 +119,22 @@ export class ConnectClient {
118
119
  if (options.atmosphereOptions) {
119
120
  this.atmosphereOptions = options.atmosphereOptions;
120
121
  }
121
- ConnectionIndicator.create();
122
- addEventListener("online", () => {
123
- if (!isFlowLoaded() && $wnd.Vaadin?.connectionState) {
124
- $wnd.Vaadin.connectionState.state = ConnectionState.CONNECTED;
122
+ this.#ready = commonFrontendModulePromise.then((commonFrontendModule) => {
123
+ if (!commonFrontendModule) {
124
+ return;
125
125
  }
126
- });
127
- addEventListener("offline", () => {
128
- if (!isFlowLoaded() && $wnd.Vaadin?.connectionState) {
129
- $wnd.Vaadin.connectionState.state = ConnectionState.CONNECTION_LOST;
126
+ if (globalThis.document) {
127
+ commonFrontendModule.ConnectionIndicator.create();
128
+ addEventListener("online", () => {
129
+ if (!isFlowLoaded() && $wnd.Vaadin?.connectionState) {
130
+ $wnd.Vaadin.connectionState.state = commonFrontendModule.ConnectionState.CONNECTED;
131
+ }
132
+ });
133
+ addEventListener("offline", () => {
134
+ if (!isFlowLoaded() && $wnd.Vaadin?.connectionState) {
135
+ $wnd.Vaadin.connectionState.state = commonFrontendModule.ConnectionState.CONNECTION_LOST;
136
+ }
137
+ });
130
138
  }
131
139
  });
132
140
  }
@@ -155,10 +163,10 @@ export class ConnectClient {
155
163
  if (arguments.length < 2) {
156
164
  throw new TypeError(`2 arguments required, but got only ${arguments.length}`);
157
165
  }
158
- const csrfHeaders = globalThis.document ? getCsrfTokenHeadersForEndpointRequest(globalThis.document) : {};
166
+ const csrfInfo = await csrfInfoSource.get();
159
167
  const headers = {
160
168
  Accept: "application/json",
161
- ...csrfHeaders
169
+ ...Object.fromEntries(csrfInfo.headerEntries)
162
170
  };
163
171
  const [paramsWithoutFiles, files] = extractFiles(params ?? {});
164
172
  let body;
@@ -234,5 +242,11 @@ export class ConnectClient {
234
242
  subscribe(endpoint, method, params) {
235
243
  return this.fluxConnection.subscribe(endpoint, method, params ? Object.values(params) : []);
236
244
  }
245
+ /**
246
+ * Promise that resolves when the instance is initialized.
247
+ */
248
+ get ready() {
249
+ return this.#ready;
250
+ }
237
251
  }
238
252
  //# sourceMappingURL=./Connect.js.map
package/Connect.js.map CHANGED
@@ -1 +1 @@
1
- {"mappings":"AACA,SAAS,qBAAqB,gDAAiD;AAC/E,SAAS,6DAA8D;AACvE,SACE,eACA,uBACA,yBACA,wBACA,sDAE2B;AAC7B,SAEE,2CAE2B;AAG7B,MAAM,OAAO;AAEb,KAAK,WAAW,CAAE;AAClB,KAAK,OAAO,kBAAkB,CAAE;AAChC,KAAK,OAAO,cAAc,KAAK,EAC7B,IAAI,WACL,EAAC;AAEF,OAAO,MAAM,iBAAiB;;;;;AAgD9B,MAAM,qBAAqB,OAAOA,aAAsC;AACtE,MAAK,SAAS,IAAI;EAChB,MAAM,YAAY,MAAM,SAAS,MAAM;EACvC,IAAIC;AACJ,MAAI;AACF,eAAY,KAAK,MAAM,UAAU;EAClC,QAAO;AAEN,eAAY;EACb;EAED,MAAM,UACJ,WAAW,YACV,UAAU,SAAS,IAChB,aACC,sCAAsC,SAAS,OAAO,GAAG,SAAS,WAAW;EACpF,MAAM,OAAO,WAAW;AAExB,MAAI,WAAW,qBAAqB;AAClC,SAAM,IAAI,wBAAwB,SAAS,UAAU,qBAAqB;EAC3E;AAED,MAAI,MAAM;AACR,SAAM,IAAI,cAAc,SAAS,MAAM,WAAW;EACnD;AAED,UAAQ,SAAS,QAAjB;GACE,KAAK,IACH,OAAM,IAAI,0BAA0B,SAAS;GAC/C,KAAK,IACH,OAAM,IAAI,uBAAuB,SAAS;GAC5C,QACE,OAAM,IAAI,sBAAsB,SAAS;EAC5C;CACF;AACF;AA8ED,SAAS,eAAwB;AAC/B,QAAO,KAAK,QAAQ,MAAM,SAAS,eAAe;AACnD;;;;;;;AAQD,SAAS,aAAaC,KAA4E;CAChG,MAAM,UAAU,IAAI;CAEpB,SAAS,iBAAiBC,MAAeC,MAAuB;AAC9D,MAAI,SAAS,eAAe,SAAS,UAAU;AAC7C,OAAI,gBAAgB,MAAM;AACxB,YAAQ,IAAI,MAAM,KAAK;AACvB,WAAO;GACR;AACD,OAAI,MAAM,QAAQ,KAAK,EAAE;AACvB,WAAO,KAAK,IAAI,CAAC,MAAM,UAAU,iBAAiB,OAAO,EAAE,KAAK,GAAG,MAAM,EAAE,CAAC;GAC7E;AACD,UAAO,OAAO,QAAQ,KAAK,CAAC,OAAgC,CAAC,KAAK,CAAC,KAAK,MAAM,KAAK;IACjF,MAAM,WAAW,EAAE,KAAK,GAAG,IAAI;AAC/B,QAAI,iBAAiB,MAAM;AACzB,aAAQ,IAAI,SAAS,MAAM;IAC5B,OAAM;AACL,SAAI,OAAO,iBAAiB,OAAO,QAAQ;IAC5C;AACD,WAAO;GACR,GAAE,CAAE,EAAC;EACP;AACD,SAAO;CACR;AAED,QAAO,CAAC,iBAAiB,KAAK,GAAG,EAA6B,OAAQ;AACvE;;;;;;;;;;;;;;;;;;;;;;;AAsCD,OAAO,MAAM,cAAc;;;;CAIzB,cAA4B,CAAE;;;;CAI9B,SAAS;;;;CAIT,oBAAiD,CAAE;CAEnD;;;;CAKA,YAAYC,UAAgC,CAAE,GAAE;AAC9C,MAAI,QAAQ,QAAQ;AAClB,QAAK,SAAS,QAAQ;EACvB;AAED,MAAI,QAAQ,aAAa;AACvB,QAAK,cAAc,QAAQ;EAC5B;AAED,MAAI,QAAQ,mBAAmB;AAC7B,QAAK,oBAAoB,QAAQ;EAClC;AAGD,sBAAoB,QAAQ;AAI5B,mBAAiB,UAAU,MAAM;AAC/B,QAAK,cAAc,IAAI,KAAK,QAAQ,iBAAiB;AACnD,SAAK,OAAO,gBAAgB,QAAQ,gBAAgB;GACrD;EACF,EAAC;AACF,mBAAiB,WAAW,MAAM;AAChC,QAAK,cAAc,IAAI,KAAK,QAAQ,iBAAiB;AACnD,SAAK,OAAO,gBAAgB,QAAQ,gBAAgB;GACrD;EACF,EAAC;CACH;;;;;CAMD,IAAI,iBAAiC;AACnC,OAAK,KAAKC,iBAAiB;AACzB,QAAKA,kBAAkB,IAAI,eAAe,KAAK,QAAQ,KAAK;EAC7D;AACD,SAAO,KAAKA;CACb;;;;;;;;;;;;CAaD,MAAM,KACJC,UACAC,QACAC,QACAC,MACc;AACd,MAAI,UAAU,SAAS,GAAG;AACxB,SAAM,IAAI,WAAW,qCAAqC,UAAU,OAAO;EAC5E;EAGD,MAAM,cAAc,WAAW,WAAW,sCAAsC,WAAW,SAAS,GAAG,CAAE;EACzG,MAAMC,UAAkC;GACtC,QAAQ;GACR,GAAG;EACJ;EAED,MAAM,CAAC,oBAAoB,MAAM,GAAG,aAAa,UAAU,CAAE,EAAC;EAC9D,IAAI;AAEJ,MAAI,MAAM,OAAO,GAAG;AAElB,UAAO,IAAI;AACX,QAAK,OACH,gBACA,KAAK,UAAU,oBAAoB,CAAC,GAAG,UAAW,UAAU,YAAY,OAAO,MAAO,CACvF;AAED,QAAK,MAAM,CAAC,MAAM,KAAK,IAAI,OAAO;AAChC,SAAK,OAAO,MAAM,KAAK;GACxB;EACF,OAAM;AACL,WAAQ,kBAAkB;AAC1B,OAAI,QAAQ;AACV,WAAO,KAAK,UAAU,QAAQ,CAAC,GAAG,UAAW,UAAU,YAAY,OAAO,MAAO;GAClF;EACF;EAED,MAAM,UAAU,IAAI,SAAS,EAAE,KAAK,OAAO,GAAG,SAAS,GAAG,OAAO,GAAG;GAClE;GACA;GACA,QAAQ;EACT;EAID,MAAMC,iBAAoC;GACxC;GACA;GACA;GACA;EACD;EAMD,eAAe,0BAA0BC,SAA4BC,MAAyC;GAC5G,MAAM,WAAW,MAAM,KAAK,QAAQ;AACpC,SAAM,mBAAmB,SAAS;GAClC,MAAM,OAAO,MAAM,SAAS,MAAM;AAClC,UAAO,KAAK,MAAM,MAAM,CAAC,GAAGC,UAAgB,UAAU,OAAO,YAAY,MAAO;EACjF;EAKD,eAAe,UAAUF,SAA4B;GAEnD,MAAM,kBAAkB,MAAM,OAAO,YAAY,KAAK,QAAQ;AAC9D,oBAAiB,gBAAgB;AACjC,OAAI;IACF,MAAM,WAAW,MAAM,MAAM,QAAQ,SAAS,EAAE,QAAQ,MAAM,OAAQ,EAAC;AACvE,qBAAiB,iBAAiB;AAClC,WAAO;GACR,SAAQG,OAAgB;AAEvB,QAAI,iBAAiB,SAAS,MAAM,SAAS,cAAc;AACzD,sBAAiB,iBAAiB;IACnC,OAAM;AACL,sBAAiB,eAAe;IACjC;AACD,UAAM;GACP;EACF;EAID,MAAM,cAAc,CAAC,2BAAyC,GAAG,KAAK,WAAY;EAGlF,MAAM,QAAQ,YAAY;GACxB,CAACF,MAAsB,eAIrB,OAAO,YAAY;AACjB,eAAW,eAAe,YAAY;AACpC,YAAO,WAAW,SAAS,KAAK;IACjC;AACD,WAAO,WAAW,OAAO,SAAS,KAAK;GACxC;;GAEH;CACD;AAGD,SAAO,MAAM,eAAe;CAC7B;;;;;;;;;;;;CAaD,UAAUP,UAAkBC,QAAgBS,QAAiC;AAC3E,SAAO,KAAK,eAAe,UAAU,UAAU,QAAQ,SAAS,OAAO,OAAO,OAAO,GAAG,CAAE,EAAC;CAC5F;AACF","names":["response: Response","errorJson: ConnectExceptionData | null","obj: Record<string, unknown>","prop: unknown","path: string","options: ConnectClientOptions","#fluxConnection","endpoint: string","method: string","params?: Record<string, unknown>","init?: EndpointRequestInit","headers: Record<string, string>","initialContext: MiddlewareContext","context: MiddlewareContext","next: MiddlewareNext","value: any","error: unknown","params?: any"],"sources":["/opt/agent/work/1af72d8adc613024/hilla/packages/ts/frontend/src/Connect.ts"],"sourcesContent":["import type { ReactiveControllerHost } from '@lit/reactive-element';\nimport { ConnectionIndicator, ConnectionState } from '@vaadin/common-frontend';\nimport { getCsrfTokenHeadersForEndpointRequest } from './CsrfUtils.js';\nimport {\n EndpointError,\n EndpointResponseError,\n EndpointValidationError,\n ForbiddenResponseError,\n UnauthorizedResponseError,\n type ValidationErrorData,\n} from './EndpointErrors.js';\nimport {\n type ActionOnLostSubscription,\n FluxConnection,\n type FluxSubscriptionStateChangeEvent,\n} from './FluxConnection.js';\nimport type { VaadinGlobal } from './types.js';\n\nconst $wnd = globalThis as VaadinGlobal;\n\n$wnd.Vaadin ??= {};\n$wnd.Vaadin.registrations ??= [];\n$wnd.Vaadin.registrations.push({\n is: 'endpoint',\n});\n\nexport const BODY_PART_NAME = 'hilla_body_part';\n\nexport type MaybePromise<T> = Promise<T> | T;\n\n/**\n * Represents the connection to and endpoint returning a subscription rather than a value.\n */\nexport interface Subscription<T> {\n /** Cancels the subscription. No values are made available after calling this. */\n cancel(): void;\n\n /*\n * Binds to the given context (element) so that when the context is deactivated (element detached), the subscription is closed.\n */\n context(context: ReactiveControllerHost): Subscription<T>;\n\n /** Called when the subscription has completed. No values are made available after calling this. */\n onComplete(callback: () => void): Subscription<T>;\n\n /** Called when an exception occured in the subscription. */\n onError(callback: (message: string) => void): Subscription<T>;\n\n /** Called when a new value is available. */\n onNext(callback: (value: T) => void): Subscription<T>;\n\n /** Called when the subscription state changes. */\n onConnectionStateChange(callback: (event: FluxSubscriptionStateChangeEvent) => void): Subscription<T>;\n\n /**\n * Called when the connection is restored, but there's no longer a valid subscription. If the callback returns\n * `ActionOnLostSubscription.RESUBSCRIBE`, the subscription will be re-established by connecting to the same\n * server method again. If the callback returns `ActionOnLostSubscription.REMOVE`, the subscription will be\n * forgotten. This is also the default behavior if the callback is not set or if it returns `undefined`.\n */\n onSubscriptionLost(callback: () => ActionOnLostSubscription | void): Subscription<T>;\n}\n\ninterface ConnectExceptionData {\n detail?: any;\n message: string;\n type: string;\n validationErrorData?: ValidationErrorData[];\n}\n\n/**\n * Throws a TypeError if the response is not 200 OK.\n * @param response - The response to assert.\n */\nconst assertResponseIsOk = async (response: Response): Promise<void> => {\n if (!response.ok) {\n const errorText = await response.text();\n let errorJson: ConnectExceptionData | null;\n try {\n errorJson = JSON.parse(errorText);\n } catch {\n // not a json\n errorJson = null;\n }\n\n const message =\n errorJson?.message ??\n (errorText.length > 0\n ? errorText\n : `expected \"200 OK\" response, but got ${response.status} ${response.statusText}`);\n const type = errorJson?.type;\n\n if (errorJson?.validationErrorData) {\n throw new EndpointValidationError(message, errorJson.validationErrorData, type);\n }\n\n if (type) {\n throw new EndpointError(message, type, errorJson?.detail);\n }\n\n switch (response.status) {\n case 401:\n throw new UnauthorizedResponseError(message, response);\n case 403:\n throw new ForbiddenResponseError(message, response);\n default:\n throw new EndpointResponseError(message, response);\n }\n }\n};\n\n/**\n * The `ConnectClient` constructor options.\n */\nexport interface ConnectClientOptions {\n /**\n * The `middlewares` property value.\n */\n middlewares?: Middleware[];\n /**\n * The `prefix` property value.\n */\n prefix?: string;\n /**\n * The Atmosphere options for the FluxConnection.\n */\n atmosphereOptions?: Partial<Atmosphere.Request>;\n}\n\nexport interface EndpointCallMetaInfo {\n /**\n * The endpoint name.\n */\n endpoint: string;\n\n /**\n * The method name to call on in the endpoint class.\n */\n method: string;\n\n /**\n * Optional object with method call arguments.\n */\n params?: Record<string, unknown>;\n}\n\n/**\n * An object with the call arguments and the related Request instance.\n * See also {@link ConnectClient.call | the call() method in ConnectClient}.\n */\nexport interface MiddlewareContext extends EndpointCallMetaInfo {\n /**\n * The Fetch API Request object reflecting the other properties.\n */\n request: Request;\n}\n\n/**\n * An async middleware callback that invokes the next middleware in the chain\n * or makes the actual request.\n * @param context - The information about the call and request\n */\nexport type MiddlewareNext = (context: MiddlewareContext) => MaybePromise<Response>;\n\n/**\n * An interface that allows defining a middleware as a class.\n */\nexport interface MiddlewareClass {\n /**\n * @param context - The information about the call and request\n * @param next - Invokes the next in the call chain\n */\n invoke(context: MiddlewareContext, next: MiddlewareNext): MaybePromise<Response>;\n}\n\n/**\n * An async callback function that can intercept the request and response\n * of a call.\n */\nexport type MiddlewareFunction = (context: MiddlewareContext, next: MiddlewareNext) => MaybePromise<Response>;\n\n/**\n * An async callback that can intercept the request and response\n * of a call, could be either a function or a class.\n */\nexport type Middleware = MiddlewareClass | MiddlewareFunction;\n\nfunction isFlowLoaded(): boolean {\n return $wnd.Vaadin?.Flow?.clients?.TypeScript !== undefined;\n}\n\n/**\n * Extracts file objects from the object that is used to build the request body.\n *\n * @param obj - The object to extract files from.\n * @returns A tuple with the object without files and a map of files.\n */\nfunction extractFiles(obj: Record<string, unknown>): [Record<string, unknown>, Map<string, File>] {\n const fileMap = new Map<string, File>();\n\n function recursiveExtract(prop: unknown, path: string): unknown {\n if (prop !== null && typeof prop === 'object') {\n if (prop instanceof File) {\n fileMap.set(path, prop);\n return null;\n }\n if (Array.isArray(prop)) {\n return prop.map((item, index) => recursiveExtract(item, `${path}/${index}`));\n }\n return Object.entries(prop).reduce<Record<string, unknown>>((acc, [key, value]) => {\n const newPath = `${path}/${key}`;\n if (value instanceof File) {\n fileMap.set(newPath, value);\n } else {\n acc[key] = recursiveExtract(value, newPath);\n }\n return acc;\n }, {});\n }\n return prop;\n }\n\n return [recursiveExtract(obj, '') as Record<string, unknown>, fileMap];\n}\n\n/**\n * A list of parameters supported by {@link ConnectClient.call | the call() method in ConnectClient}.\n */\nexport interface EndpointRequestInit {\n /**\n * An AbortSignal to set request's signal.\n */\n signal?: AbortSignal | null;\n /**\n * If set to true, the connection state will not be updated during the request.\n */\n mute?: boolean;\n}\n\n/**\n * A low-level network calling utility. It stores\n * a prefix and facilitates remote calls to endpoint class methods\n * on the Hilla backend.\n *\n * Example usage:\n *\n * ```js\n * const client = new ConnectClient();\n * const responseData = await client.call('MyEndpoint', 'myMethod');\n * ```\n *\n * ### Prefix\n *\n * The client supports an `prefix` constructor option:\n * ```js\n * const client = new ConnectClient({prefix: '/my-connect-prefix'});\n * ```\n *\n * The default prefix is '/connect'.\n *\n */\nexport class ConnectClient {\n /**\n * The array of middlewares that are invoked during a call.\n */\n middlewares: Middleware[] = [];\n /**\n * The Hilla endpoint prefix\n */\n prefix = '/connect';\n /**\n * The Atmosphere options for the FluxConnection.\n */\n atmosphereOptions: Partial<Atmosphere.Request> = {};\n\n #fluxConnection?: FluxConnection;\n\n /**\n * @param options - Constructor options.\n */\n constructor(options: ConnectClientOptions = {}) {\n if (options.prefix) {\n this.prefix = options.prefix;\n }\n\n if (options.middlewares) {\n this.middlewares = options.middlewares;\n }\n\n if (options.atmosphereOptions) {\n this.atmosphereOptions = options.atmosphereOptions;\n }\n\n // add connection indicator to DOM\n ConnectionIndicator.create();\n\n // Listen to browser online/offline events and update the loading indicator accordingly.\n // Note: if Flow.ts is loaded, it instead handles the state transitions.\n addEventListener('online', () => {\n if (!isFlowLoaded() && $wnd.Vaadin?.connectionState) {\n $wnd.Vaadin.connectionState.state = ConnectionState.CONNECTED;\n }\n });\n addEventListener('offline', () => {\n if (!isFlowLoaded() && $wnd.Vaadin?.connectionState) {\n $wnd.Vaadin.connectionState.state = ConnectionState.CONNECTION_LOST;\n }\n });\n }\n\n /**\n * Gets a representation of the underlying persistent network connection used for subscribing to Flux type endpoint\n * methods.\n */\n get fluxConnection(): FluxConnection {\n if (!this.#fluxConnection) {\n this.#fluxConnection = new FluxConnection(this.prefix, this.atmosphereOptions);\n }\n return this.#fluxConnection;\n }\n\n /**\n * Calls the given endpoint method defined using the endpoint and method\n * parameters with the parameters given as params.\n * Asynchronously returns the parsed JSON response data.\n *\n * @param endpoint - Endpoint name.\n * @param method - Method name to call in the endpoint class.\n * @param params - Optional parameters to pass to the method.\n * @param init - Optional parameters for the request\n * @returns Decoded JSON response data.\n */\n async call(\n endpoint: string,\n method: string,\n params?: Record<string, unknown>,\n init?: EndpointRequestInit,\n ): Promise<any> {\n if (arguments.length < 2) {\n throw new TypeError(`2 arguments required, but got only ${arguments.length}`);\n }\n\n // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\n const csrfHeaders = globalThis.document ? getCsrfTokenHeadersForEndpointRequest(globalThis.document) : {};\n const headers: Record<string, string> = {\n Accept: 'application/json',\n ...csrfHeaders,\n };\n\n const [paramsWithoutFiles, files] = extractFiles(params ?? {});\n let body;\n\n if (files.size > 0) {\n // in this case params is not undefined, otherwise there would be no files\n body = new FormData();\n body.append(\n BODY_PART_NAME,\n JSON.stringify(paramsWithoutFiles, (_, value) => (value === undefined ? null : value)),\n );\n\n for (const [path, file] of files) {\n body.append(path, file);\n }\n } else {\n headers['Content-Type'] = 'application/json';\n if (params) {\n body = JSON.stringify(params, (_, value) => (value === undefined ? null : value));\n }\n }\n\n const request = new Request(`${this.prefix}/${endpoint}/${method}`, {\n body, // automatically sets Content-Type header\n headers,\n method: 'POST',\n });\n\n // The middleware `context`, includes the call arguments and the request\n // constructed from them\n const initialContext: MiddlewareContext = {\n endpoint,\n method,\n params,\n request,\n };\n\n // The internal middleware to assert and parse the response. The internal\n // response handling should come last after the other middlewares are done\n // with processing the response. That is why this middleware is first\n // in the final middlewares array.\n async function responseHandlerMiddleware(context: MiddlewareContext, next: MiddlewareNext): Promise<Response> {\n const response = await next(context);\n await assertResponseIsOk(response);\n const text = await response.text();\n return JSON.parse(text, (_, value: any) => (value === null ? undefined : value));\n }\n\n // The actual fetch call itself is expressed as a middleware\n // chain item for our convenience. Always having an ending of the chain\n // this way makes the folding down below more concise.\n async function fetchNext(context: MiddlewareContext) {\n // if the request is not \"muted\", notify the connection state about changes\n const connectionState = init?.mute ? undefined : $wnd.Vaadin?.connectionState;\n connectionState?.loadingStarted();\n try {\n const response = await fetch(context.request, { signal: init?.signal });\n connectionState?.loadingFinished();\n return response;\n } catch (error: unknown) {\n // don't bother about connections aborted by purpose\n if (error instanceof Error && error.name === 'AbortError') {\n connectionState?.loadingFinished();\n } else {\n connectionState?.loadingFailed();\n }\n throw error;\n }\n }\n\n // Assemble the final middlewares array from internal\n // and external middlewares\n const middlewares = [responseHandlerMiddleware as Middleware, ...this.middlewares];\n\n // Fold the final middlewares array into a single function\n const chain = middlewares.reduceRight(\n (next: MiddlewareNext, middleware) =>\n // Compose and return the new chain step, that takes the context and\n // invokes the current middleware with the context and the further chain\n // as the next argument\n async (context) => {\n if (typeof middleware === 'function') {\n return middleware(context, next);\n }\n return middleware.invoke(context, next);\n },\n // Initialize reduceRight the accumulator with `fetchNext`\n fetchNext,\n );\n\n // Invoke all the folded async middlewares and return\n return chain(initialContext);\n }\n\n /**\n * Subscribes to the given method defined using the endpoint and method\n * parameters with the parameters given as params. The method must return a\n * compatible type such as a Flux.\n * Returns a subscription that is used to fetch values as they become available.\n *\n * @param endpoint - Endpoint name.\n * @param method - Method name to call in the endpoint class.\n * @param params - Optional parameters to pass to the method.\n * @returns A subscription used to handles values as they become available.\n */\n subscribe(endpoint: string, method: string, params?: any): Subscription<any> {\n return this.fluxConnection.subscribe(endpoint, method, params ? Object.values(params) : []);\n }\n}\n"],"version":3}
1
+ {"mappings":"AAEA,OAAO,yCAA0C;AACjD,SACE,eACA,uBACA,yBACA,wBACA,sDAE2B;AAC7B,SAEE,2CAE2B;AAI7B,MAAMA,8BAAgF,WAAW,WAC7F,OAAO,6BACP,QAAQ,QAAQ,UAAU;AAE9B,MAAM,OAAO;AAEb,KAAK,WAAW,CAAE;AAClB,KAAK,OAAO,kBAAkB,CAAE;AAChC,KAAK,OAAO,cAAc,KAAK,EAC7B,IAAI,WACL,EAAC;AAEF,OAAO,MAAM,iBAAiB;;;;;AAgD9B,MAAM,qBAAqB,OAAOC,aAAsC;AACtE,MAAK,SAAS,IAAI;EAChB,MAAM,YAAY,MAAM,SAAS,MAAM;EACvC,IAAIC;AACJ,MAAI;AACF,eAAY,KAAK,MAAM,UAAU;EAClC,QAAO;AAEN,eAAY;EACb;EAED,MAAM,UACJ,WAAW,YACV,UAAU,SAAS,IAChB,aACC,sCAAsC,SAAS,OAAO,GAAG,SAAS,WAAW;EACpF,MAAM,OAAO,WAAW;AAExB,MAAI,WAAW,qBAAqB;AAClC,SAAM,IAAI,wBAAwB,SAAS,UAAU,qBAAqB;EAC3E;AAED,MAAI,MAAM;AACR,SAAM,IAAI,cAAc,SAAS,MAAM,WAAW;EACnD;AAED,UAAQ,SAAS,QAAjB;GACE,KAAK,IACH,OAAM,IAAI,0BAA0B,SAAS;GAC/C,KAAK,IACH,OAAM,IAAI,uBAAuB,SAAS;GAC5C,QACE,OAAM,IAAI,sBAAsB,SAAS;EAC5C;CACF;AACF;AA8ED,SAAS,eAAwB;AAC/B,QAAO,KAAK,QAAQ,MAAM,SAAS,eAAe;AACnD;;;;;;;AAQD,SAAS,aAAaC,KAA4E;CAChG,MAAM,UAAU,IAAI;CAEpB,SAAS,iBAAiBC,MAAeC,MAAuB;AAC9D,MAAI,SAAS,eAAe,SAAS,UAAU;AAC7C,OAAI,gBAAgB,MAAM;AACxB,YAAQ,IAAI,MAAM,KAAK;AACvB,WAAO;GACR;AACD,OAAI,MAAM,QAAQ,KAAK,EAAE;AACvB,WAAO,KAAK,IAAI,CAAC,MAAM,UAAU,iBAAiB,OAAO,EAAE,KAAK,GAAG,MAAM,EAAE,CAAC;GAC7E;AACD,UAAO,OAAO,QAAQ,KAAK,CAAC,OAAgC,CAAC,KAAK,CAAC,KAAK,MAAM,KAAK;IACjF,MAAM,WAAW,EAAE,KAAK,GAAG,IAAI;AAC/B,QAAI,iBAAiB,MAAM;AACzB,aAAQ,IAAI,SAAS,MAAM;IAC5B,OAAM;AACL,SAAI,OAAO,iBAAiB,OAAO,QAAQ;IAC5C;AACD,WAAO;GACR,GAAE,CAAE,EAAC;EACP;AACD,SAAO;CACR;AAED,QAAO,CAAC,iBAAiB,KAAK,GAAG,EAA6B,OAAQ;AACvE;;;;;;;;;;;;;;;;;;;;;;;AAsCD,OAAO,MAAM,cAAc;;;;CAIzB,cAA4B,CAAE;;;;CAI9B,SAAS;;;;CAIT,oBAAiD,CAAE;CAEnD;CAEA,AAASC;;;;CAKT,YAAYC,UAAgC,CAAE,GAAE;AAC9C,MAAI,QAAQ,QAAQ;AAClB,QAAK,SAAS,QAAQ;EACvB;AAED,MAAI,QAAQ,aAAa;AACvB,QAAK,cAAc,QAAQ;EAC5B;AAED,MAAI,QAAQ,mBAAmB;AAC7B,QAAK,oBAAoB,QAAQ;EAClC;AAED,OAAKD,SAAS,4BAA4B,KAAK,CAACE,yBAAuD;AACrG,QAAK,sBAAsB;AACzB;GACD;AAGD,OAAI,WAAW,UAAU;AAEvB,yBAAqB,oBAAoB,QAAQ;AAIjD,qBAAiB,UAAU,MAAM;AAC/B,UAAK,cAAc,IAAI,KAAK,QAAQ,iBAAiB;AACnD,WAAK,OAAO,gBAAgB,QAAQ,qBAAqB,gBAAgB;KAC1E;IACF,EAAC;AACF,qBAAiB,WAAW,MAAM;AAChC,UAAK,cAAc,IAAI,KAAK,QAAQ,iBAAiB;AACnD,WAAK,OAAO,gBAAgB,QAAQ,qBAAqB,gBAAgB;KAC1E;IACF,EAAC;GACH;EACF,EAAC;CACH;;;;;CAMD,IAAI,iBAAiC;AACnC,OAAK,KAAKC,iBAAiB;AACzB,QAAKA,kBAAkB,IAAI,eAAe,KAAK,QAAQ,KAAK;EAC7D;AACD,SAAO,KAAKA;CACb;;;;;;;;;;;;CAaD,MAAM,KACJC,UACAC,QACAC,QACAC,MACc;AACd,MAAI,UAAU,SAAS,GAAG;AACxB,SAAM,IAAI,WAAW,qCAAqC,UAAU,OAAO;EAC5E;EAED,MAAM,WAAW,MAAM,eAAe,KAAK;EAC3C,MAAMC,UAAkC;GACtC,QAAQ;GACR,GAAG,OAAO,YAAY,SAAS,cAAc;EAC9C;EAED,MAAM,CAAC,oBAAoB,MAAM,GAAG,aAAa,UAAU,CAAE,EAAC;EAC9D,IAAI;AAEJ,MAAI,MAAM,OAAO,GAAG;AAElB,UAAO,IAAI;AACX,QAAK,OACH,gBACA,KAAK,UAAU,oBAAoB,CAAC,GAAG,UAAW,UAAU,YAAY,OAAO,MAAO,CACvF;AAED,QAAK,MAAM,CAAC,MAAM,KAAK,IAAI,OAAO;AAChC,SAAK,OAAO,MAAM,KAAK;GACxB;EACF,OAAM;AACL,WAAQ,kBAAkB;AAC1B,OAAI,QAAQ;AACV,WAAO,KAAK,UAAU,QAAQ,CAAC,GAAG,UAAW,UAAU,YAAY,OAAO,MAAO;GAClF;EACF;EAED,MAAM,UAAU,IAAI,SAAS,EAAE,KAAK,OAAO,GAAG,SAAS,GAAG,OAAO,GAAG;GAClE;GACA;GACA,QAAQ;EACT;EAID,MAAMC,iBAAoC;GACxC;GACA;GACA;GACA;EACD;EAMD,eAAe,0BAA0BC,SAA4BC,MAAyC;GAC5G,MAAM,WAAW,MAAM,KAAK,QAAQ;AACpC,SAAM,mBAAmB,SAAS;GAClC,MAAM,OAAO,MAAM,SAAS,MAAM;AAClC,UAAO,KAAK,MAAM,MAAM,CAAC,GAAGC,UAAgB,UAAU,OAAO,YAAY,MAAO;EACjF;EAKD,eAAe,UAAUF,SAA4B;GAEnD,MAAM,kBAAkB,MAAM,OAAO,YAAY,KAAK,QAAQ;AAC9D,oBAAiB,gBAAgB;AACjC,OAAI;IACF,MAAM,WAAW,MAAM,MAAM,QAAQ,SAAS,EAAE,QAAQ,MAAM,OAAQ,EAAC;AACvE,qBAAiB,iBAAiB;AAClC,WAAO;GACR,SAAQG,OAAgB;AAEvB,QAAI,iBAAiB,SAAS,MAAM,SAAS,cAAc;AACzD,sBAAiB,iBAAiB;IACnC,OAAM;AACL,sBAAiB,eAAe;IACjC;AACD,UAAM;GACP;EACF;EAID,MAAM,cAAc,CAAC,2BAAyC,GAAG,KAAK,WAAY;EAGlF,MAAM,QAAQ,YAAY;GACxB,CAACF,MAAsB,eAIrB,OAAO,YAAY;AACjB,eAAW,eAAe,YAAY;AACpC,YAAO,WAAW,SAAS,KAAK;IACjC;AACD,WAAO,WAAW,OAAO,SAAS,KAAK;GACxC;;GAEH;CACD;AAGD,SAAO,MAAM,eAAe;CAC7B;;;;;;;;;;;;CAaD,UAAUP,UAAkBC,QAAgBS,QAAiC;AAC3E,SAAO,KAAK,eAAe,UAAU,UAAU,QAAQ,SAAS,OAAO,OAAO,OAAO,GAAG,CAAE,EAAC;CAC5F;;;;CAKD,IAAI,QAAuB;AACzB,SAAO,KAAKd;CACb;AACF","names":["commonFrontendModulePromise: Promise<typeof CommonFrontendModule | undefined>","response: Response","errorJson: ConnectExceptionData | null","obj: Record<string, unknown>","prop: unknown","path: string","#ready","options: ConnectClientOptions","commonFrontendModule?: typeof CommonFrontendModule","#fluxConnection","endpoint: string","method: string","params?: Record<string, unknown>","init?: EndpointRequestInit","headers: Record<string, string>","initialContext: MiddlewareContext","context: MiddlewareContext","next: MiddlewareNext","value: any","error: unknown","params?: any"],"sources":["/opt/agent/work/1af72d8adc613024/hilla/packages/ts/frontend/src/Connect.ts"],"sourcesContent":["import type { ReactiveControllerHost } from '@lit/reactive-element';\nimport type * as CommonFrontendModule from '@vaadin/common-frontend';\nimport csrfInfoSource from './CsrfInfoSource.js';\nimport {\n EndpointError,\n EndpointResponseError,\n EndpointValidationError,\n ForbiddenResponseError,\n UnauthorizedResponseError,\n type ValidationErrorData,\n} from './EndpointErrors.js';\nimport {\n type ActionOnLostSubscription,\n FluxConnection,\n type FluxSubscriptionStateChangeEvent,\n} from './FluxConnection.js';\nimport type { VaadinGlobal } from './types.js';\n\n// eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\nconst commonFrontendModulePromise: Promise<typeof CommonFrontendModule | undefined> = globalThis.document\n ? import('@vaadin/common-frontend')\n : Promise.resolve(undefined);\n\nconst $wnd = globalThis as VaadinGlobal;\n\n$wnd.Vaadin ??= {};\n$wnd.Vaadin.registrations ??= [];\n$wnd.Vaadin.registrations.push({\n is: 'endpoint',\n});\n\nexport const BODY_PART_NAME = 'hilla_body_part';\n\nexport type MaybePromise<T> = Promise<T> | T;\n\n/**\n * Represents the connection to and endpoint returning a subscription rather than a value.\n */\nexport interface Subscription<T> {\n /** Cancels the subscription. No values are made available after calling this. */\n cancel(): void;\n\n /*\n * Binds to the given context (element) so that when the context is deactivated (element detached), the subscription is closed.\n */\n context(context: ReactiveControllerHost): Subscription<T>;\n\n /** Called when the subscription has completed. No values are made available after calling this. */\n onComplete(callback: () => void): Subscription<T>;\n\n /** Called when an exception occured in the subscription. */\n onError(callback: (message: string) => void): Subscription<T>;\n\n /** Called when a new value is available. */\n onNext(callback: (value: T) => void): Subscription<T>;\n\n /** Called when the subscription state changes. */\n onConnectionStateChange(callback: (event: FluxSubscriptionStateChangeEvent) => void): Subscription<T>;\n\n /**\n * Called when the connection is restored, but there's no longer a valid subscription. If the callback returns\n * `ActionOnLostSubscription.RESUBSCRIBE`, the subscription will be re-established by connecting to the same\n * server method again. If the callback returns `ActionOnLostSubscription.REMOVE`, the subscription will be\n * forgotten. This is also the default behavior if the callback is not set or if it returns `undefined`.\n */\n onSubscriptionLost(callback: () => ActionOnLostSubscription | void): Subscription<T>;\n}\n\ninterface ConnectExceptionData {\n detail?: any;\n message: string;\n type: string;\n validationErrorData?: ValidationErrorData[];\n}\n\n/**\n * Throws a TypeError if the response is not 200 OK.\n * @param response - The response to assert.\n */\nconst assertResponseIsOk = async (response: Response): Promise<void> => {\n if (!response.ok) {\n const errorText = await response.text();\n let errorJson: ConnectExceptionData | null;\n try {\n errorJson = JSON.parse(errorText);\n } catch {\n // not a json\n errorJson = null;\n }\n\n const message =\n errorJson?.message ??\n (errorText.length > 0\n ? errorText\n : `expected \"200 OK\" response, but got ${response.status} ${response.statusText}`);\n const type = errorJson?.type;\n\n if (errorJson?.validationErrorData) {\n throw new EndpointValidationError(message, errorJson.validationErrorData, type);\n }\n\n if (type) {\n throw new EndpointError(message, type, errorJson?.detail);\n }\n\n switch (response.status) {\n case 401:\n throw new UnauthorizedResponseError(message, response);\n case 403:\n throw new ForbiddenResponseError(message, response);\n default:\n throw new EndpointResponseError(message, response);\n }\n }\n};\n\n/**\n * The `ConnectClient` constructor options.\n */\nexport interface ConnectClientOptions {\n /**\n * The `middlewares` property value.\n */\n middlewares?: Middleware[];\n /**\n * The `prefix` property value.\n */\n prefix?: string;\n /**\n * The Atmosphere options for the FluxConnection.\n */\n atmosphereOptions?: Partial<Atmosphere.Request>;\n}\n\nexport interface EndpointCallMetaInfo {\n /**\n * The endpoint name.\n */\n endpoint: string;\n\n /**\n * The method name to call on in the endpoint class.\n */\n method: string;\n\n /**\n * Optional object with method call arguments.\n */\n params?: Record<string, unknown>;\n}\n\n/**\n * An object with the call arguments and the related Request instance.\n * See also {@link ConnectClient.call | the call() method in ConnectClient}.\n */\nexport interface MiddlewareContext extends EndpointCallMetaInfo {\n /**\n * The Fetch API Request object reflecting the other properties.\n */\n request: Request;\n}\n\n/**\n * An async middleware callback that invokes the next middleware in the chain\n * or makes the actual request.\n * @param context - The information about the call and request\n */\nexport type MiddlewareNext = (context: MiddlewareContext) => MaybePromise<Response>;\n\n/**\n * An interface that allows defining a middleware as a class.\n */\nexport interface MiddlewareClass {\n /**\n * @param context - The information about the call and request\n * @param next - Invokes the next in the call chain\n */\n invoke(context: MiddlewareContext, next: MiddlewareNext): MaybePromise<Response>;\n}\n\n/**\n * An async callback function that can intercept the request and response\n * of a call.\n */\nexport type MiddlewareFunction = (context: MiddlewareContext, next: MiddlewareNext) => MaybePromise<Response>;\n\n/**\n * An async callback that can intercept the request and response\n * of a call, could be either a function or a class.\n */\nexport type Middleware = MiddlewareClass | MiddlewareFunction;\n\nfunction isFlowLoaded(): boolean {\n return $wnd.Vaadin?.Flow?.clients?.TypeScript !== undefined;\n}\n\n/**\n * Extracts file objects from the object that is used to build the request body.\n *\n * @param obj - The object to extract files from.\n * @returns A tuple with the object without files and a map of files.\n */\nfunction extractFiles(obj: Record<string, unknown>): [Record<string, unknown>, Map<string, File>] {\n const fileMap = new Map<string, File>();\n\n function recursiveExtract(prop: unknown, path: string): unknown {\n if (prop !== null && typeof prop === 'object') {\n if (prop instanceof File) {\n fileMap.set(path, prop);\n return null;\n }\n if (Array.isArray(prop)) {\n return prop.map((item, index) => recursiveExtract(item, `${path}/${index}`));\n }\n return Object.entries(prop).reduce<Record<string, unknown>>((acc, [key, value]) => {\n const newPath = `${path}/${key}`;\n if (value instanceof File) {\n fileMap.set(newPath, value);\n } else {\n acc[key] = recursiveExtract(value, newPath);\n }\n return acc;\n }, {});\n }\n return prop;\n }\n\n return [recursiveExtract(obj, '') as Record<string, unknown>, fileMap];\n}\n\n/**\n * A list of parameters supported by {@link ConnectClient.call | the call() method in ConnectClient}.\n */\nexport interface EndpointRequestInit {\n /**\n * An AbortSignal to set request's signal.\n */\n signal?: AbortSignal | null;\n /**\n * If set to true, the connection state will not be updated during the request.\n */\n mute?: boolean;\n}\n\n/**\n * A low-level network calling utility. It stores\n * a prefix and facilitates remote calls to endpoint class methods\n * on the Hilla backend.\n *\n * Example usage:\n *\n * ```js\n * const client = new ConnectClient();\n * const responseData = await client.call('MyEndpoint', 'myMethod');\n * ```\n *\n * ### Prefix\n *\n * The client supports an `prefix` constructor option:\n * ```js\n * const client = new ConnectClient({prefix: '/my-connect-prefix'});\n * ```\n *\n * The default prefix is '/connect'.\n *\n */\nexport class ConnectClient {\n /**\n * The array of middlewares that are invoked during a call.\n */\n middlewares: Middleware[] = [];\n /**\n * The Hilla endpoint prefix\n */\n prefix = '/connect';\n /**\n * The Atmosphere options for the FluxConnection.\n */\n atmosphereOptions: Partial<Atmosphere.Request> = {};\n\n #fluxConnection?: FluxConnection;\n\n readonly #ready: Promise<void>;\n\n /**\n * @param options - Constructor options.\n */\n constructor(options: ConnectClientOptions = {}) {\n if (options.prefix) {\n this.prefix = options.prefix;\n }\n\n if (options.middlewares) {\n this.middlewares = options.middlewares;\n }\n\n if (options.atmosphereOptions) {\n this.atmosphereOptions = options.atmosphereOptions;\n }\n\n this.#ready = commonFrontendModulePromise.then((commonFrontendModule?: typeof CommonFrontendModule) => {\n if (!commonFrontendModule) {\n return;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\n if (globalThis.document) {\n // add connection indicator to DOM\n commonFrontendModule.ConnectionIndicator.create();\n\n // Listen to browser online/offline events and update the loading indicator accordingly.\n // Note: if Flow.ts is loaded, it instead handles the state transitions.\n addEventListener('online', () => {\n if (!isFlowLoaded() && $wnd.Vaadin?.connectionState) {\n $wnd.Vaadin.connectionState.state = commonFrontendModule.ConnectionState.CONNECTED;\n }\n });\n addEventListener('offline', () => {\n if (!isFlowLoaded() && $wnd.Vaadin?.connectionState) {\n $wnd.Vaadin.connectionState.state = commonFrontendModule.ConnectionState.CONNECTION_LOST;\n }\n });\n }\n });\n }\n\n /**\n * Gets a representation of the underlying persistent network connection used for subscribing to Flux type endpoint\n * methods.\n */\n get fluxConnection(): FluxConnection {\n if (!this.#fluxConnection) {\n this.#fluxConnection = new FluxConnection(this.prefix, this.atmosphereOptions);\n }\n return this.#fluxConnection;\n }\n\n /**\n * Calls the given endpoint method defined using the endpoint and method\n * parameters with the parameters given as params.\n * Asynchronously returns the parsed JSON response data.\n *\n * @param endpoint - Endpoint name.\n * @param method - Method name to call in the endpoint class.\n * @param params - Optional parameters to pass to the method.\n * @param init - Optional parameters for the request\n * @returns Decoded JSON response data.\n */\n async call(\n endpoint: string,\n method: string,\n params?: Record<string, unknown>,\n init?: EndpointRequestInit,\n ): Promise<any> {\n if (arguments.length < 2) {\n throw new TypeError(`2 arguments required, but got only ${arguments.length}`);\n }\n\n const csrfInfo = await csrfInfoSource.get();\n const headers: Record<string, string> = {\n Accept: 'application/json',\n ...Object.fromEntries(csrfInfo.headerEntries),\n };\n\n const [paramsWithoutFiles, files] = extractFiles(params ?? {});\n let body;\n\n if (files.size > 0) {\n // in this case params is not undefined, otherwise there would be no files\n body = new FormData();\n body.append(\n BODY_PART_NAME,\n JSON.stringify(paramsWithoutFiles, (_, value) => (value === undefined ? null : value)),\n );\n\n for (const [path, file] of files) {\n body.append(path, file);\n }\n } else {\n headers['Content-Type'] = 'application/json';\n if (params) {\n body = JSON.stringify(params, (_, value) => (value === undefined ? null : value));\n }\n }\n\n const request = new Request(`${this.prefix}/${endpoint}/${method}`, {\n body, // automatically sets Content-Type header\n headers,\n method: 'POST',\n });\n\n // The middleware `context`, includes the call arguments and the request\n // constructed from them\n const initialContext: MiddlewareContext = {\n endpoint,\n method,\n params,\n request,\n };\n\n // The internal middleware to assert and parse the response. The internal\n // response handling should come last after the other middlewares are done\n // with processing the response. That is why this middleware is first\n // in the final middlewares array.\n async function responseHandlerMiddleware(context: MiddlewareContext, next: MiddlewareNext): Promise<Response> {\n const response = await next(context);\n await assertResponseIsOk(response);\n const text = await response.text();\n return JSON.parse(text, (_, value: any) => (value === null ? undefined : value));\n }\n\n // The actual fetch call itself is expressed as a middleware\n // chain item for our convenience. Always having an ending of the chain\n // this way makes the folding down below more concise.\n async function fetchNext(context: MiddlewareContext) {\n // if the request is not \"muted\", notify the connection state about changes\n const connectionState = init?.mute ? undefined : $wnd.Vaadin?.connectionState;\n connectionState?.loadingStarted();\n try {\n const response = await fetch(context.request, { signal: init?.signal });\n connectionState?.loadingFinished();\n return response;\n } catch (error: unknown) {\n // don't bother about connections aborted by purpose\n if (error instanceof Error && error.name === 'AbortError') {\n connectionState?.loadingFinished();\n } else {\n connectionState?.loadingFailed();\n }\n throw error;\n }\n }\n\n // Assemble the final middlewares array from internal\n // and external middlewares\n const middlewares = [responseHandlerMiddleware as Middleware, ...this.middlewares];\n\n // Fold the final middlewares array into a single function\n const chain = middlewares.reduceRight(\n (next: MiddlewareNext, middleware) =>\n // Compose and return the new chain step, that takes the context and\n // invokes the current middleware with the context and the further chain\n // as the next argument\n async (context) => {\n if (typeof middleware === 'function') {\n return middleware(context, next);\n }\n return middleware.invoke(context, next);\n },\n // Initialize reduceRight the accumulator with `fetchNext`\n fetchNext,\n );\n\n // Invoke all the folded async middlewares and return\n return chain(initialContext);\n }\n\n /**\n * Subscribes to the given method defined using the endpoint and method\n * parameters with the parameters given as params. The method must return a\n * compatible type such as a Flux.\n * Returns a subscription that is used to fetch values as they become available.\n *\n * @param endpoint - Endpoint name.\n * @param method - Method name to call in the endpoint class.\n * @param params - Optional parameters to pass to the method.\n * @returns A subscription used to handles values as they become available.\n */\n subscribe(endpoint: string, method: string, params?: any): Subscription<any> {\n return this.fluxConnection.subscribe(endpoint, method, params ? Object.values(params) : []);\n }\n\n /**\n * Promise that resolves when the instance is initialized.\n */\n get ready(): Promise<void> {\n return this.#ready;\n }\n}\n"],"version":3}
package/CookieManager.js CHANGED
@@ -2,6 +2,9 @@ import Cookies from "js-cookie";
2
2
  export function calculatePath({ pathname }) {
3
3
  return pathname.length > 1 && pathname.endsWith("/") ? pathname.slice(0, -1) : pathname;
4
4
  }
5
- const CookieManager = Cookies.withAttributes({ path: calculatePath(new URL(globalThis.document?.baseURI ?? "/")) });
5
+ const CookieManager = Cookies.withAttributes({ path: calculatePath(
6
+ // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition
7
+ globalThis.document ? new URL(globalThis.document.baseURI) : new URL(".", globalThis.location.href)
8
+ ) });
6
9
  export default CookieManager;
7
10
  //# sourceMappingURL=./CookieManager.js.map
package/CookieManager.js.map CHANGED
@@ -1 +1 @@
1
- {"mappings":"AAAA,OAAO,wBAAyB;AAEhC,OAAO,SAAS,cAAc,EAAE,UAAe,EAAU;AACvD,QAAO,SAAS,SAAS,KAAK,SAAS,SAAS,IAAI,GAAG,SAAS,MAAM,IAAI,EAAE,GAAG;AAChF;AAED,MAAMA,gBAAgC,QAAQ,eAAe,EAE3D,MAAM,cAAc,IAAI,IAAI,WAAW,UAAU,WAAW,KAAK,CAClE,EAAC;AAEF,eAAe","names":["CookieManager: typeof Cookies"],"sources":["/opt/agent/work/1af72d8adc613024/hilla/packages/ts/frontend/src/CookieManager.ts"],"sourcesContent":["import Cookies from 'js-cookie';\n\nexport function calculatePath({ pathname }: URL): string {\n return pathname.length > 1 && pathname.endsWith('/') ? pathname.slice(0, -1) : pathname;\n}\n\nconst CookieManager: typeof Cookies = Cookies.withAttributes({\n // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\n path: calculatePath(new URL(globalThis.document?.baseURI ?? '/')),\n});\n\nexport default CookieManager;\n"],"version":3}
1
+ {"mappings":"AAAA,OAAO,wBAAyB;AAEhC,OAAO,SAAS,cAAc,EAAE,UAAe,EAAU;AACvD,QAAO,SAAS,SAAS,KAAK,SAAS,SAAS,IAAI,GAAG,SAAS,MAAM,IAAI,EAAE,GAAG;AAChF;AAED,MAAMA,gBAAgC,QAAQ,eAAe,EAC3D,MAAM;;CAEJ,WAAW,WAAW,IAAI,IAAI,WAAW,SAAS,WAAW,IAAI,IAAI,KAAK,WAAW,SAAS;CAC/F,CACF,EAAC;AAEF,eAAe","names":["CookieManager: typeof Cookies"],"sources":["/opt/agent/work/1af72d8adc613024/hilla/packages/ts/frontend/src/CookieManager.ts"],"sourcesContent":["import Cookies from 'js-cookie';\n\nexport function calculatePath({ pathname }: URL): string {\n return pathname.length > 1 && pathname.endsWith('/') ? pathname.slice(0, -1) : pathname;\n}\n\nconst CookieManager: typeof Cookies = Cookies.withAttributes({\n path: calculatePath(\n // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\n globalThis.document ? new URL(globalThis.document.baseURI) : new URL('.', globalThis.location.href),\n ),\n});\n\nexport default CookieManager;\n"],"version":3}
package/CsrfInfoSource.d.ts ADDED
@@ -0,0 +1,7 @@
1
+ export declare enum CsrfInfoType {
2
+ SPRING = "Spring",
3
+ VAADIN = "Vaadin",
4
+ }
5
+ export declare function clearCsrfInfoMeta(doc: Document): void;
6
+ export declare function updateCsrfInfoMeta(csrfInfo: CsrfInfo, doc: Document): void;
7
+ export default csrfInfoSource;
package/CsrfInfoSource.js ADDED
@@ -0,0 +1,184 @@
1
+ const cookieManagerPromise = globalThis.document ? import("./CookieManager.js") : undefined;
2
+ export let CsrfInfoType = function(CsrfInfoType) {
3
+ CsrfInfoType["SPRING"] = "Spring";
4
+ CsrfInfoType["VAADIN"] = "Vaadin";
5
+ return CsrfInfoType;
6
+ }({});
7
+ function isCsrfInfo(o) {
8
+ return o !== null && typeof o === "object" && "headerEntries" in o && "formDataEntries" in o && "timestamp" in o;
9
+ }
10
+ /** @internal */
11
+ export const VAADIN_CSRF_HEADER = "X-CSRF-Token";
12
+ /** @internal */
13
+ export const VAADIN_CSRF_COOKIE_NAME = "csrfToken";
14
+ /** @internal */
15
+ export const SPRING_CSRF_COOKIE_NAME = "XSRF-TOKEN";
16
+ function extractContentFromMetaTag(doc, metaTag) {
17
+ const element = doc.head.querySelector(`meta[name="${metaTag}"]`);
18
+ const value = element?.content;
19
+ if (value && value.toLowerCase() !== "undefined") {
20
+ return value;
21
+ }
22
+ return undefined;
23
+ }
24
+ function updateMetaTag(doc, name, content) {
25
+ const meta = doc.createElement("meta");
26
+ meta.name = name;
27
+ meta.content = content;
28
+ const existing = doc.head.querySelector(`meta[name="${name}"]`);
29
+ if (existing) {
30
+ existing.replaceWith(meta);
31
+ } else {
32
+ doc.head.appendChild(meta);
33
+ }
34
+ }
35
+ export function clearCsrfInfoMeta(doc) {
36
+ Array.from(doc.head.querySelectorAll("meta[name=\"_csrf\"], meta[name=\"_csrf_header\"], meta[name=\"_csrf_parameter\"]")).forEach((el) => el.remove());
37
+ }
38
+ export function updateCsrfInfoMeta(csrfInfo, doc) {
39
+ if (csrfInfo.type !== CsrfInfoType.SPRING) {
40
+ return;
41
+ }
42
+ if (csrfInfo.headerEntries.length > 0) {
43
+ const [[csrfHeader, csrf]] = csrfInfo.headerEntries;
44
+ updateMetaTag(doc, "_csrf_header", csrfHeader);
45
+ updateMetaTag(doc, "_csrf", csrf);
46
+ }
47
+ if (csrfInfo.formDataEntries.length > 0) {
48
+ const [[csrfParameter]] = csrfInfo.formDataEntries;
49
+ updateMetaTag(doc, "_csrf_parameter", csrfParameter);
50
+ }
51
+ }
52
+ /** @internal */
53
+ export async function extractCsrfInfoFromMeta(doc) {
54
+ const cookieManager = (await cookieManagerPromise).default;
55
+ const timestamp = Date.now();
56
+ const springCsrf = cookieManager.get(SPRING_CSRF_COOKIE_NAME) ?? extractContentFromMetaTag(doc, "_csrf");
57
+ if (springCsrf) {
58
+ const csrfHeader = extractContentFromMetaTag(doc, "_csrf_header");
59
+ const csrfParameter = extractContentFromMetaTag(doc, "_csrf_parameter");
60
+ return {
61
+ headerEntries: csrfHeader ? [[csrfHeader, springCsrf]] : [],
62
+ formDataEntries: csrfParameter ? [[csrfParameter, springCsrf]] : [],
63
+ timestamp,
64
+ type: CsrfInfoType.SPRING
65
+ };
66
+ }
67
+ const vaadinCsrf = cookieManager.get(VAADIN_CSRF_COOKIE_NAME) ?? "";
68
+ return {
69
+ type: CsrfInfoType.VAADIN,
70
+ headerEntries: [[VAADIN_CSRF_HEADER, vaadinCsrf]],
71
+ formDataEntries: [],
72
+ timestamp
73
+ };
74
+ }
75
+ /** @internal */
76
+ export class SharedCsrfInfoSource {
77
+ #updateChannel;
78
+ #requestUpdateChannel;
79
+ #valuePromise;
80
+ #resolveInitialValue;
81
+ #lastUpdateTimestamp = 0;
82
+ constructor() {
83
+ this.reset();
84
+ }
85
+ open() {
86
+ if (this.#updateChannel || this.#requestUpdateChannel) {
87
+ this.close();
88
+ }
89
+ this.#updateChannel = new BroadcastChannel(this.#getBroadcastChannelName("update"));
90
+ this.#updateChannel.onmessage = (e) => {
91
+ if (!isCsrfInfo(e.data)) {
92
+ return;
93
+ }
94
+ const csrfInfo = e.data;
95
+ if (csrfInfo.timestamp > this.#lastUpdateTimestamp) {
96
+ this.#lastUpdateTimestamp = csrfInfo.timestamp;
97
+ this.#receiveCsrfInfo(csrfInfo);
98
+ }
99
+ };
100
+ this.#requestUpdateChannel = new BroadcastChannel(this.#getBroadcastChannelName("requestUpdate"));
101
+ this.#requestUpdateChannel.onmessage = () => {
102
+ this.get().then((csrfInfo) => {
103
+ this.#sendCsrfInfo(csrfInfo);
104
+ }, console.error);
105
+ };
106
+ if (this.#lastUpdateTimestamp > 0) {
107
+ this.#requestUpdateChannel.postMessage(undefined);
108
+ }
109
+ }
110
+ close() {
111
+ if (this.#requestUpdateChannel) {
112
+ this.#requestUpdateChannel.onmessage = null;
113
+ this.#requestUpdateChannel.close();
114
+ this.#requestUpdateChannel = undefined;
115
+ }
116
+ if (this.#updateChannel) {
117
+ this.#updateChannel.onmessage = null;
118
+ this.#updateChannel.close();
119
+ this.#updateChannel = undefined;
120
+ }
121
+ }
122
+ #getBroadcastChannelName(name) {
123
+ return `@vaadin/hilla-frontend/SharedCsrfUtils.${name}`;
124
+ }
125
+ async get() {
126
+ return this.#valuePromise;
127
+ }
128
+ reset() {
129
+ this.#lastUpdateTimestamp = 0;
130
+ this.close();
131
+ this.open();
132
+ this.#valuePromise = this._getInitial().then((csrfInfo) => {
133
+ this.#lastUpdateTimestamp = csrfInfo.timestamp;
134
+ return csrfInfo;
135
+ });
136
+ if (!this.#resolveInitialValue) {
137
+ this.get().then((csrfInfo) => {
138
+ this.#sendCsrfInfo(csrfInfo);
139
+ }).catch(console.error);
140
+ }
141
+ }
142
+ /**
143
+ * Provides initial value for both constructor and `reset()`. The default
144
+ * implementation uses messages to get a shared value from another window
145
+ * or worker client.
146
+ */
147
+ async _getInitial() {
148
+ return new Promise((resolve) => {
149
+ this.#resolveInitialValue = resolve;
150
+ this.#requestUpdateChannel?.postMessage(undefined);
151
+ });
152
+ }
153
+ #sendCsrfInfo(csrfInfo) {
154
+ this.#updateChannel?.postMessage(csrfInfo);
155
+ }
156
+ #receiveCsrfInfo(csrfInfo) {
157
+ if (this.#resolveInitialValue) {
158
+ this.#resolveInitialValue(csrfInfo);
159
+ this.#resolveInitialValue = undefined;
160
+ } else {
161
+ this.#valuePromise = Promise.resolve(csrfInfo);
162
+ }
163
+ }
164
+ }
165
+ /** @internal */
166
+ export class BrowserCsrfInfoSource extends SharedCsrfInfoSource {
167
+ constructor() {
168
+ super();
169
+ globalThis.addEventListener("pagehide", this.close.bind(this));
170
+ globalThis.addEventListener("pageshow", this.open.bind(this));
171
+ }
172
+ async _getInitial() {
173
+ return extractCsrfInfoFromMeta(globalThis.document);
174
+ }
175
+ }
176
+ /** @internal */
177
+ let csrfInfoSource;
178
+ if (globalThis.document) {
179
+ csrfInfoSource = new BrowserCsrfInfoSource();
180
+ } else {
181
+ csrfInfoSource = new SharedCsrfInfoSource();
182
+ }
183
+ export default csrfInfoSource;
184
+ //# sourceMappingURL=./CsrfInfoSource.js.map
package/CsrfInfoSource.js.map ADDED
@@ -0,0 +1 @@
1
+ {"mappings":"AAEA,MAAM,uBAAuB,WAAW,WAAW,OAAO,wBAAwB;AAIlF,OAAO,IAAK,sCAAL;AACL;AACA;;AACD;AAUD,SAAS,WAAWA,GAA2B;AAC7C,QAAO,MAAM,eAAe,MAAM,YAAY,mBAAmB,KAAK,qBAAqB,KAAK,eAAe;AAChH;;AAGD,OAAO,MAAM,qBAAqB;;AAElC,OAAO,MAAM,0BAA0B;;AAEvC,OAAO,MAAM,0BAA0B;AAEvC,SAAS,0BAA0BC,KAAeC,SAAqC;CACrF,MAAM,UAAU,IAAI,KAAK,eAAgC,aAAa,QAAQ,IAAI;CAClF,MAAM,QAAQ,SAAS;AACvB,KAAI,SAAS,MAAM,aAAa,KAAK,aAAa;AAChD,SAAO;CACR;AAED,QAAO;AACR;AAED,SAAS,cAAcD,KAAeE,MAAcC,SAAuB;CACzE,MAAM,OAAO,IAAI,cAAc,OAAO;AACtC,MAAK,OAAO;AACZ,MAAK,UAAU;CACf,MAAM,WAAW,IAAI,KAAK,eAAe,aAAa,KAAK,IAAI;AAC/D,KAAI,UAAU;AACZ,WAAS,YAAY,KAAK;CAC3B,OAAM;AACL,MAAI,KAAK,YAAY,KAAK;CAC3B;AACF;AAED,OAAO,SAAS,kBAAkBH,KAAqB;AACrD,OAAM,KACJ,IAAI,KAAK,iBAAiB,oFAA8E,CACzG,CAAC,QAAQ,CAAC,OAAO,GAAG,QAAQ,CAAC;AAC/B;AAED,OAAO,SAAS,mBAAmBI,UAAoBJ,KAAqB;AAC1E,KAAI,SAAS,SAAS,aAAa,QAAQ;AACzC;CACD;AAED,KAAI,SAAS,cAAc,SAAS,GAAG;EACrC,MAAM,CAAC,CAAC,YAAY,KAAK,CAAC,GAAG,SAAS;AACtC,gBAAc,KAAK,gBAAgB,WAAW;AAC9C,gBAAc,KAAK,SAAS,KAAK;CAClC;AAED,KAAI,SAAS,gBAAgB,SAAS,GAAG;EACvC,MAAM,CAAC,CAAC,cAAc,CAAC,GAAG,SAAS;AACnC,gBAAc,KAAK,mBAAmB,cAAc;CACrD;AACF;;AAGD,OAAO,eAAe,wBAAwBA,KAAkC;CAC9E,MAAM,iBAAiB,MAAM,sBAAuB;CACpD,MAAM,YAAY,KAAK,KAAK;CAC5B,MAAM,aAAa,cAAc,IAAI,wBAAwB,IAAI,0BAA0B,KAAK,QAAQ;AACxG,KAAI,YAAY;EACd,MAAM,aAAa,0BAA0B,KAAK,eAAe;EACjE,MAAM,gBAAgB,0BAA0B,KAAK,kBAAkB;AACvE,SAAO;GACL,eAAe,aAAa,CAAC,CAAC,YAAY,UAAW,CAAC,IAAG,CAAE;GAC3D,iBAAiB,gBAAgB,CAAC,CAAC,eAAe,UAAW,CAAC,IAAG,CAAE;GACnE;GACA,MAAM,aAAa;EACpB;CACF;CAED,MAAM,aAAa,cAAc,IAAI,wBAAwB,IAAI;AACjE,QAAO;EACL,MAAM,aAAa;EACnB,eAAe,CAAC,CAAC,oBAAoB,UAAW,CAAC;EACjD,iBAAiB,CAAE;EACnB;CACD;AACF;;AAgCD,OAAO,MAAM,qBAA+C;CAC1D;CACA;CACA;CACA;CACA,uBAA+B;CAE/B,cAAc;AACZ,OAAK,OAAO;CACb;CAED,OAAa;AACX,MAAI,KAAKK,kBAAkB,KAAKC,uBAAuB;AACrD,QAAK,OAAO;EACb;AAED,OAAKD,iBAAiB,IAAI,iBAAiB,KAAKE,yBAAyB,SAAS;AAClF,OAAKF,eAAe,YAAY,CAACG,MAAoB;AACnD,QAAK,WAAW,EAAE,KAAK,EAAE;AACvB;GACD;GACD,MAAMJ,WAAqB,EAAE;AAC7B,OAAI,SAAS,YAAY,KAAKK,sBAAsB;AAClD,SAAKA,uBAAuB,SAAS;AACrC,SAAKC,iBAAiB,SAAS;GAChC;EACF;AAED,OAAKJ,wBAAwB,IAAI,iBAAiB,KAAKC,yBAAyB,gBAAgB;AAChG,OAAKD,sBAAsB,YAAY,MAAM;AAC3C,QAAK,KAAK,CAAC,KAAK,CAACF,aAAuB;AACtC,SAAKO,cAAc,SAAS;GAC7B,GAAE,QAAQ,MAAM;EAClB;AAGD,MAAI,KAAKF,uBAAuB,GAAG;AACjC,QAAKH,sBAAsB,YAAY,UAAU;EAClD;CACF;CAED,QAAc;AACZ,MAAI,KAAKA,uBAAuB;AAC9B,QAAKA,sBAAsB,YAAY;AACvC,QAAKA,sBAAsB,OAAO;AAClC,QAAKA,wBAAwB;EAC9B;AAED,MAAI,KAAKD,gBAAgB;AACvB,QAAKA,eAAe,YAAY;AAChC,QAAKA,eAAe,OAAO;AAC3B,QAAKA,iBAAiB;EACvB;CACF;CAED,yBAAyBH,MAAsB;AAC7C,UAAQ,yCAAyC,KAAK;CACvD;CAED,MAAM,MAAyB;AAC7B,SAAO,KAAKU;CACb;CAED,QAAc;AACZ,OAAKH,uBAAuB;AAC5B,OAAK,OAAO;AACZ,OAAK,MAAM;AACX,OAAKG,gBAAgB,KAAK,aAAa,CAAC,KAAK,CAACR,aAAuB;AACnE,QAAKK,uBAAuB,SAAS;AACrC,UAAO;EACR,EAAC;AACF,OAAK,KAAKI,sBAAsB;AAC9B,QAAK,KAAK,CACP,KAAK,CAACT,aAAuB;AAC5B,SAAKO,cAAc,SAAS;GAC7B,EAAC,CACD,MAAM,QAAQ,MAAM;EACxB;CACF;;;;;;CAOD,MAAgB,cAAiC;AAC/C,SAAO,IAAI,QAAkB,CAAC,YAAY;AACxC,QAAKE,uBAAuB;AAC5B,QAAKP,uBAAuB,YAAY,UAAU;EACnD;CACF;CAED,cAAcF,UAAoB;AAChC,OAAKC,gBAAgB,YAAY,SAAS;CAC3C;CAED,iBAAiBD,UAAoB;AACnC,MAAI,KAAKS,sBAAsB;AAC7B,QAAKA,qBAAqB,SAAS;AACnC,QAAKA,uBAAuB;EAC7B,OAAM;AACL,QAAKD,gBAAgB,QAAQ,QAAQ,SAAS;EAC/C;CACF;AACF;;AAGD,OAAO,MAAM,8BAA8B,qBAAqB;CAC9D,cAAc;AACZ,SAAO;AACP,aAAW,iBAAiB,YAAY,KAAK,MAAM,KAAK,KAAK,CAAC;AAC9D,aAAW,iBAAiB,YAAY,KAAK,KAAK,KAAK,KAAK,CAAC;CAC9D;CAED,MAAyB,cAAiC;AACxD,SAAO,wBAAwB,WAAW,SAAS;CACpD;AACF;;AAID,IAAIE;AAEJ,IAAI,WAAW,UAAU;AACvB,kBAAiB,IAAI;AACtB,OAAM;AACL,kBAAiB,IAAI;AACtB;AACD,eAAe","names":["o: unknown","doc: Document","metaTag: string","name: string","content: string","csrfInfo: CsrfInfo","#updateChannel","#requestUpdateChannel","#getBroadcastChannelName","e: MessageEvent","#lastUpdateTimestamp","#receiveCsrfInfo","#sendCsrfInfo","#valuePromise","#resolveInitialValue","csrfInfoSource: CsrfInfoSource"],"sources":["/opt/agent/work/1af72d8adc613024/hilla/packages/ts/frontend/src/CsrfInfoSource.ts"],"sourcesContent":["/// <reference lib=\"webworker\" />\n// eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\nconst cookieManagerPromise = globalThis.document ? import('./CookieManager.js') : undefined;\n\n/** @internal */\nexport type NameValueEntry = readonly [name: string, value: string];\nexport enum CsrfInfoType {\n SPRING = 'Spring',\n VAADIN = 'Vaadin',\n}\n\n/** @internal */\nexport type CsrfInfo = {\n readonly headerEntries: readonly NameValueEntry[];\n readonly formDataEntries: readonly NameValueEntry[];\n readonly type: CsrfInfoType;\n readonly timestamp: number;\n};\n\nfunction isCsrfInfo(o: unknown): o is CsrfInfo {\n return o !== null && typeof o === 'object' && 'headerEntries' in o && 'formDataEntries' in o && 'timestamp' in o;\n}\n\n/** @internal */\nexport const VAADIN_CSRF_HEADER = 'X-CSRF-Token';\n/** @internal */\nexport const VAADIN_CSRF_COOKIE_NAME = 'csrfToken';\n/** @internal */\nexport const SPRING_CSRF_COOKIE_NAME = 'XSRF-TOKEN';\n\nfunction extractContentFromMetaTag(doc: Document, metaTag: string): string | undefined {\n const element = doc.head.querySelector<HTMLMetaElement>(`meta[name=\"${metaTag}\"]`);\n const value = element?.content;\n if (value && value.toLowerCase() !== 'undefined') {\n return value;\n }\n\n return undefined;\n}\n\nfunction updateMetaTag(doc: Document, name: string, content: string): void {\n const meta = doc.createElement('meta');\n meta.name = name;\n meta.content = content;\n const existing = doc.head.querySelector(`meta[name=\"${name}\"]`);\n if (existing) {\n existing.replaceWith(meta);\n } else {\n doc.head.appendChild(meta);\n }\n}\n\nexport function clearCsrfInfoMeta(doc: Document): void {\n Array.from(\n doc.head.querySelectorAll('meta[name=\"_csrf\"], meta[name=\"_csrf_header\"], meta[name=\"_csrf_parameter\"]'),\n ).forEach((el) => el.remove());\n}\n\nexport function updateCsrfInfoMeta(csrfInfo: CsrfInfo, doc: Document): void {\n if (csrfInfo.type !== CsrfInfoType.SPRING) {\n return;\n }\n\n if (csrfInfo.headerEntries.length > 0) {\n const [[csrfHeader, csrf]] = csrfInfo.headerEntries;\n updateMetaTag(doc, '_csrf_header', csrfHeader);\n updateMetaTag(doc, '_csrf', csrf);\n }\n\n if (csrfInfo.formDataEntries.length > 0) {\n const [[csrfParameter]] = csrfInfo.formDataEntries;\n updateMetaTag(doc, '_csrf_parameter', csrfParameter);\n }\n}\n\n/** @internal */\nexport async function extractCsrfInfoFromMeta(doc: Document): Promise<CsrfInfo> {\n const cookieManager = (await cookieManagerPromise!).default;\n const timestamp = Date.now();\n const springCsrf = cookieManager.get(SPRING_CSRF_COOKIE_NAME) ?? extractContentFromMetaTag(doc, '_csrf');\n if (springCsrf) {\n const csrfHeader = extractContentFromMetaTag(doc, '_csrf_header');\n const csrfParameter = extractContentFromMetaTag(doc, '_csrf_parameter');\n return {\n headerEntries: csrfHeader ? [[csrfHeader, springCsrf]] : [],\n formDataEntries: csrfParameter ? [[csrfParameter, springCsrf]] : [],\n timestamp,\n type: CsrfInfoType.SPRING,\n };\n }\n\n const vaadinCsrf = cookieManager.get(VAADIN_CSRF_COOKIE_NAME) ?? '';\n return {\n type: CsrfInfoType.VAADIN,\n headerEntries: [[VAADIN_CSRF_HEADER, vaadinCsrf]],\n formDataEntries: [],\n timestamp,\n };\n}\n\n/**\n * The source of CSRF related headers and parameters for endpoint requests.\n *\n * @internal may change or be removed in a future version.\n **/\nexport interface CsrfInfoSource {\n /**\n * Get an up-to-date value.\n */\n get(): Promise<CsrfInfo>;\n\n /**\n * Reset back to initial value and re-initialize.\n */\n reset(): void;\n\n /**\n * Close internal message channels. May be called to free resources up\n * whenever the value is not needed.\n */\n close(): void;\n\n /**\n * Reopen internal message channels after prior closing and request a shared\n * value from another clients.\n */\n open(): void;\n}\n\n/** @internal */\nexport class SharedCsrfInfoSource implements CsrfInfoSource {\n #updateChannel: BroadcastChannel | undefined;\n #requestUpdateChannel: BroadcastChannel | undefined;\n #valuePromise!: Promise<CsrfInfo>;\n #resolveInitialValue?: (csrfInfo: CsrfInfo) => void;\n #lastUpdateTimestamp: number = 0;\n\n constructor() {\n this.reset();\n }\n\n open(): void {\n if (this.#updateChannel || this.#requestUpdateChannel) {\n this.close();\n }\n\n this.#updateChannel = new BroadcastChannel(this.#getBroadcastChannelName('update'));\n this.#updateChannel.onmessage = (e: MessageEvent) => {\n if (!isCsrfInfo(e.data)) {\n return;\n }\n const csrfInfo: CsrfInfo = e.data;\n if (csrfInfo.timestamp > this.#lastUpdateTimestamp) {\n this.#lastUpdateTimestamp = csrfInfo.timestamp;\n this.#receiveCsrfInfo(csrfInfo);\n }\n };\n\n this.#requestUpdateChannel = new BroadcastChannel(this.#getBroadcastChannelName('requestUpdate'));\n this.#requestUpdateChannel.onmessage = () => {\n this.get().then((csrfInfo: CsrfInfo) => {\n this.#sendCsrfInfo(csrfInfo);\n }, console.error);\n };\n\n // Request an update from peer clients on reopen\n if (this.#lastUpdateTimestamp > 0) {\n this.#requestUpdateChannel.postMessage(undefined);\n }\n }\n\n close(): void {\n if (this.#requestUpdateChannel) {\n this.#requestUpdateChannel.onmessage = null;\n this.#requestUpdateChannel.close();\n this.#requestUpdateChannel = undefined;\n }\n\n if (this.#updateChannel) {\n this.#updateChannel.onmessage = null;\n this.#updateChannel.close();\n this.#updateChannel = undefined;\n }\n }\n\n #getBroadcastChannelName(name: string): string {\n return `@vaadin/hilla-frontend/SharedCsrfUtils.${name}`;\n }\n\n async get(): Promise<CsrfInfo> {\n return this.#valuePromise;\n }\n\n reset(): void {\n this.#lastUpdateTimestamp = 0;\n this.close();\n this.open();\n this.#valuePromise = this._getInitial().then((csrfInfo: CsrfInfo) => {\n this.#lastUpdateTimestamp = csrfInfo.timestamp;\n return csrfInfo;\n });\n if (!this.#resolveInitialValue) {\n this.get()\n .then((csrfInfo: CsrfInfo) => {\n this.#sendCsrfInfo(csrfInfo);\n })\n .catch(console.error);\n }\n }\n\n /**\n * Provides initial value for both constructor and `reset()`. The default\n * implementation uses messages to get a shared value from another window\n * or worker client.\n */\n protected async _getInitial(): Promise<CsrfInfo> {\n return new Promise<CsrfInfo>((resolve) => {\n this.#resolveInitialValue = resolve;\n this.#requestUpdateChannel?.postMessage(undefined);\n });\n }\n\n #sendCsrfInfo(csrfInfo: CsrfInfo) {\n this.#updateChannel?.postMessage(csrfInfo);\n }\n\n #receiveCsrfInfo(csrfInfo: CsrfInfo) {\n if (this.#resolveInitialValue) {\n this.#resolveInitialValue(csrfInfo);\n this.#resolveInitialValue = undefined;\n } else {\n this.#valuePromise = Promise.resolve(csrfInfo);\n }\n }\n}\n\n/** @internal */\nexport class BrowserCsrfInfoSource extends SharedCsrfInfoSource {\n constructor() {\n super();\n globalThis.addEventListener('pagehide', this.close.bind(this));\n globalThis.addEventListener('pageshow', this.open.bind(this));\n }\n\n protected override async _getInitial(): Promise<CsrfInfo> {\n return extractCsrfInfoFromMeta(globalThis.document);\n }\n}\n\n/** @internal */\n// eslint-disable-next-line import/no-mutable-exports\nlet csrfInfoSource: CsrfInfoSource;\n// eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\nif (globalThis.document) {\n csrfInfoSource = new BrowserCsrfInfoSource();\n} else {\n csrfInfoSource = new SharedCsrfInfoSource();\n}\nexport default csrfInfoSource;\n"],"version":3}
package/FluxConnection.d.ts CHANGED
@@ -58,6 +58,10 @@ export declare class FluxConnection extends EventTarget {
58
58
  wasClosed: boolean;
59
59
  constructor(connectPrefix: string, atmosphereOptions?: Partial<Atmosphere.Request>);
60
60
  /**
61
+ * Promise that resolves when the instance is initialized.
62
+ */
63
+ get ready(): Promise<void>;
64
+ /**
61
65
  * Subscribes to the flux returned by the given endpoint name + method name using the given parameters.
62
66
  *
63
67
  * @param endpointName - the endpoint to connect to
package/FluxConnection.js CHANGED
@@ -1,4 +1,4 @@
1
- import { getCsrfTokenHeadersForEndpointRequest } from "./CsrfUtils.js";
1
+ import csrfInfoSource from "./CsrfInfoSource.js";
2
2
  import { isClientMessage } from "./FluxMessages.js";
3
3
  export let State = function(State) {
4
4
  State["ACTIVE"] = "active";
@@ -38,14 +38,7 @@ export let FluxSubscriptionState = function(FluxSubscriptionState) {
38
38
  FluxSubscriptionState["CLOSED"] = "closed";
39
39
  return FluxSubscriptionState;
40
40
  }({});
41
- let atmosphere;
42
- if (globalThis.document) {
43
- try {
44
- atmosphere = (await import("atmosphere.js")).default;
45
- } catch (e) {
46
- console.error("Failed to load atmosphere.js", e);
47
- }
48
- }
41
+ const atmospherePromise = globalThis.document ? import("atmosphere.js") : Promise.resolve(undefined);
49
42
  /**
50
43
  * A representation of the underlying persistent network connection used for subscribing to Flux type endpoint methods.
51
44
  */
@@ -61,9 +54,10 @@ export class FluxConnection extends EventTarget {
61
54
  #statusOfSubscriptions = new Map();
62
55
  #pendingMessages = [];
63
56
  #socket;
57
+ #ready;
64
58
  constructor(connectPrefix, atmosphereOptions) {
65
59
  super();
66
- this.#connectWebsocket(connectPrefix.replace(/connect$/u, ""), atmosphereOptions ?? {});
60
+ this.#ready = this.#connectWebsocket(connectPrefix.replace(/connect$/u, ""), atmosphereOptions ?? {});
67
61
  }
68
62
  #resubscribeIfWasClosed() {
69
63
  if (this.wasClosed) {
@@ -87,6 +81,12 @@ export class FluxConnection extends EventTarget {
87
81
  }
88
82
  }
89
83
  /**
84
+ * Promise that resolves when the instance is initialized.
85
+ */
86
+ get ready() {
87
+ return this.#ready;
88
+ }
89
+ /**
90
90
  * Subscribes to the flux returned by the given endpoint name + method name using the given parameters.
91
91
  *
92
92
  * @param endpointName - the endpoint to connect to
@@ -158,73 +158,80 @@ export class FluxConnection extends EventTarget {
158
158
  };
159
159
  return hillaSubscription;
160
160
  }
161
- #connectWebsocket(prefix, atmosphereOptions) {
162
- const extraHeaders = globalThis.document ? getCsrfTokenHeadersForEndpointRequest(globalThis.document) : {};
161
+ async #connectWebsocket(prefix, atmosphereOptions) {
162
+ const extraHeaders = Object.fromEntries((await csrfInfoSource.get()).headerEntries);
163
163
  const pushUrl = "HILLA/push";
164
164
  const url = prefix.length === 0 ? pushUrl : (prefix.endsWith("/") ? prefix : `${prefix}/`) + pushUrl;
165
- this.#socket = atmosphere?.subscribe?.({
166
- contentType: "application/json; charset=UTF-8",
167
- enableProtocol: true,
168
- transport: "websocket",
169
- fallbackTransport: "websocket",
170
- headers: extraHeaders,
171
- maxReconnectOnClose: 1e7,
172
- reconnectInterval: 5e3,
173
- timeout: -1,
174
- trackMessageLength: true,
175
- url,
176
- onClose: () => {
177
- this.wasClosed = true;
178
- if (this.state !== State.INACTIVE) {
179
- this.state = State.INACTIVE;
180
- this.dispatchEvent(new CustomEvent("state-changed", { detail: { active: false } }));
181
- }
182
- },
183
- onError: (response) => {
184
- console.error("error in push communication", response);
185
- },
186
- onMessage: (response) => {
187
- if (response.responseBody) {
188
- this.#handleMessage(JSON.parse(response.responseBody));
189
- }
190
- },
191
- onMessagePublished: (response) => {
192
- if (response?.responseBody) {
193
- this.#handleMessage(JSON.parse(response.responseBody));
194
- }
195
- },
196
- onOpen: () => {
197
- if (this.state !== State.ACTIVE) {
198
- this.#resubscribeIfWasClosed();
199
- this.state = State.ACTIVE;
200
- this.dispatchEvent(new CustomEvent("state-changed", { detail: { active: true } }));
201
- this.#sendPendingMessages();
202
- }
203
- },
204
- onReopen: () => {
205
- if (this.state !== State.ACTIVE) {
206
- this.#resubscribeIfWasClosed();
207
- this.state = State.ACTIVE;
208
- this.dispatchEvent(new CustomEvent("state-changed", { detail: { active: true } }));
209
- this.#sendPendingMessages();
210
- }
211
- },
212
- onReconnect: () => {
213
- if (this.state !== State.RECONNECTING) {
214
- this.state = State.RECONNECTING;
215
- this.#endpointInfos.forEach((_, id) => {
216
- this.#setSubscriptionConnState(id, FluxSubscriptionState.CONNECTING);
217
- });
218
- }
219
- },
220
- onFailureToReconnect: () => {
221
- if (this.state !== State.INACTIVE) {
222
- this.state = State.INACTIVE;
223
- this.dispatchEvent(new CustomEvent("state-changed", { detail: { active: false } }));
224
- this.#endpointInfos.forEach((_, id) => this.#setSubscriptionConnState(id, FluxSubscriptionState.CLOSED));
225
- }
226
- },
227
- ...atmosphereOptions
165
+ return atmospherePromise.then((atmosphere) => {
166
+ if (!atmosphere) {
167
+ return;
168
+ }
169
+ if (globalThis.document) {
170
+ this.#socket = atmosphere.subscribe?.({
171
+ contentType: "application/json; charset=UTF-8",
172
+ enableProtocol: true,
173
+ transport: "websocket",
174
+ fallbackTransport: "websocket",
175
+ headers: extraHeaders,
176
+ maxReconnectOnClose: 1e7,
177
+ reconnectInterval: 5e3,
178
+ timeout: -1,
179
+ trackMessageLength: true,
180
+ url,
181
+ onClose: () => {
182
+ this.wasClosed = true;
183
+ if (this.state !== State.INACTIVE) {
184
+ this.state = State.INACTIVE;
185
+ this.dispatchEvent(new CustomEvent("state-changed", { detail: { active: false } }));
186
+ }
187
+ },
188
+ onError: (response) => {
189
+ console.error("error in push communication", response);
190
+ },
191
+ onMessage: (response) => {
192
+ if (response.responseBody) {
193
+ this.#handleMessage(JSON.parse(response.responseBody));
194
+ }
195
+ },
196
+ onMessagePublished: (response) => {
197
+ if (response?.responseBody) {
198
+ this.#handleMessage(JSON.parse(response.responseBody));
199
+ }
200
+ },
201
+ onOpen: () => {
202
+ if (this.state !== State.ACTIVE) {
203
+ this.#resubscribeIfWasClosed();
204
+ this.state = State.ACTIVE;
205
+ this.dispatchEvent(new CustomEvent("state-changed", { detail: { active: true } }));
206
+ this.#sendPendingMessages();
207
+ }
208
+ },
209
+ onReopen: () => {
210
+ if (this.state !== State.ACTIVE) {
211
+ this.#resubscribeIfWasClosed();
212
+ this.state = State.ACTIVE;
213
+ this.dispatchEvent(new CustomEvent("state-changed", { detail: { active: true } }));
214
+ this.#sendPendingMessages();
215
+ }
216
+ },
217
+ onReconnect: () => {
218
+ if (this.state !== State.RECONNECTING) {
219
+ this.state = State.RECONNECTING;
220
+ this.#endpointInfos.forEach((_, id) => {
221
+ this.#setSubscriptionConnState(id, FluxSubscriptionState.CONNECTING);
222
+ });
223
+ }
224
+ },
225
+ onFailureToReconnect: () => {
226
+ if (this.state !== State.INACTIVE) {
227
+ this.state = State.INACTIVE;
228
+ this.dispatchEvent(new CustomEvent("state-changed", { detail: { active: false } }));
229
+ this.#endpointInfos.forEach((_, id) => this.#setSubscriptionConnState(id, FluxSubscriptionState.CLOSED));
230
+ }
231
+ },
232
+ ...atmosphereOptions
233
+ });
234
+ }
228
235
  });
229
236
  }
230
237
  #setSubscriptionConnState(id, state) {
package/FluxConnection.js.map CHANGED
@@ -1 +1 @@
1
- {"mappings":"AAEA,SAAS,6DAA8D;AACvE,SACE,0CAIyB;AAE3B,OAAO,IAAK,wBAAL;AACL;AACA;AACA;;AACD;;;;AAiBD,OAAO,IAAK,8DAAL;;;;AAIL;;;;AAIA;;AACD;;;;AAKD,OAAO,IAAK,wDAAL;;;;AAIL;;;;AAIA;;;;AAIA;;AACD;AAcD,IAAIA;AAGJ,IAAI,WAAW,UAAU;AAEvB,KAAI;AACF,gBAAc,MAAM,OAAO,kBAAkB;CAC9C,SAAQC,GAAY;AACnB,UAAQ,MAAM,gCAAgC,EAAE;CACjD;AACF;;;;AAKD,OAAO,MAAM,uBAAuB,YAAY;CAC9C,QAAe,MAAM;CACrB,YAAY;CACZ,AAASC,iBAAiB,IAAI;CAC9B,UAAU;CACV,AAASC,uBAAuB,IAAI;CACpC,AAASC,oBAAoB,IAAI;CACjC,AAASC,mBAAmB,IAAI;CAChC,AAASC,0BAA0B,IAAI;CACvC,AAASC,yBAAyB,IAAI;CACtC,mBAAoC,CAAE;CACtC;CAEA,YAAYC,eAAuBC,mBAAiD;AAClF,SAAO;AACP,OAAKC,kBAAkB,cAAc,QAAQ,aAAa,GAAG,EAAE,qBAAqB,CAAE,EAAC;CACxF;CAED,0BAA0B;AACxB,MAAI,KAAK,WAAW;AAClB,QAAK,YAAY;GACjB,MAAMC,cAAwB,CAAE;AAChC,QAAKT,eAAe,QAAQ,CAAC,cAAc,OAAO;AAChD,QAAI,aAAa,aAAa,KAAK,yBAAyB,aAAa;AACvE,UAAKU,0BAA0B,IAAI,sBAAsB,WAAW;AACpE,UAAKC,MAAM;eACA;MACT,cAAc,aAAa;MAC3B;MACA,YAAY,aAAa;MACzB,QAAQ,aAAa;KACtB,EAAC;IACH,OAAM;AACL,iBAAY,KAAK,GAAG;IACrB;GACF,EAAC;AACF,eAAY,QAAQ,CAAC,OAAO,KAAKC,oBAAoB,GAAG,CAAC;EAC1D;CACF;;;;;;;;;CAUD,UAAUC,cAAsBC,YAAoBC,YAA2C;EAC7F,MAAMC,KAAa,KAAKC,QAAQ,UAAU;AAC1C,OAAKA,WAAW;EAChB,MAAM,SAAS,cAAc,CAAE;EAE/B,MAAMC,MAA4B;YAAW;GAAa;GAAc;GAAI;GAAY;EAAQ;AAChG,OAAKP,MAAM,IAAI;AACf,OAAKX,eAAe,IAAI,IAAI;GAAE;GAAc;GAAY;EAAQ,EAAC;AACjE,OAAKU,0BAA0B,IAAI,sBAAsB,WAAW;EACpE,MAAMS,oBAAuC;GAC3C,QAAQ,MAAM;AACZ,SAAK,KAAKnB,eAAe,IAAI,GAAG,EAAE;AAEhC;IACD;IAED,MAAMoB,eAAmC;cAAW;KAAe;IAAI;AACvE,SAAKT,MAAM,aAAa;AACxB,SAAKC,oBAAoB,GAAG;GAC7B;GACD,QAAQS,SAAoD;AAC1D,YAAQ,cAAc,EACpB,mBAAmB;AACjB,uBAAkB,QAAQ;IAC3B,EACF,EAAC;AACF,WAAO;GACR;GACD,YAAY,CAACC,aAA4C;AACvD,SAAKrB,qBAAqB,IAAI,IAAI,SAAS;AAC3C,WAAO;GACR;GACD,SAAS,CAACsB,aAA2D;AACnE,SAAKrB,kBAAkB,IAAI,IAAI,SAAS;AACxC,WAAO;GACR;GACD,QAAQ,CAACsB,aAAsD;AAC7D,SAAKrB,iBAAiB,IAAI,IAAI,SAAS;AACvC,WAAO;GACR;GACD,oBAAoB,CAACsB,aAAuE;AAC1F,QAAI,KAAKzB,eAAe,IAAI,GAAG,EAAE;AAC/B,UAAKA,eAAe,IAAI,GAAG,CAAE,YAAY;IAC1C,OAAM;AACL,aAAQ,MAAM,gDAAgD,GAAG,mCAAmC;IACrG;AACD,WAAO;GACR;GACD,yBAAyB,CAAC0B,aAAmF;AAC3G,SAAKtB,wBAAwB,IAAI,IAAI,SAAS;AAC9C,aACE,IAAI,YAAY,6BAA6B,EAAE,QAAQ,EAAE,OAAO,KAAKC,uBAAuB,IAAI,GAAG,CAAG,EAAE,GACzG;AACD,WAAO;GACR;EACF;AACD,SAAO;CACR;CAED,kBAAkBsB,QAAgBC,mBAAgD;EAEhF,MAAM,eAAe,WAAW,WAAW,sCAAsC,WAAW,SAAS,GAAG,CAAE;EAC1G,MAAM,UAAU;EAChB,MAAM,MAAM,OAAO,WAAW,IAAI,WAAW,OAAO,SAAS,IAAI,GAAG,UAAU,EAAE,OAAO,MAAM;AAC7F,OAAKC,UAAU,YAAY,YAAY;GACrC,aAAa;GACb,gBAAgB;GAChB,WAAW;GACX,mBAAmB;GACnB,SAAS;GACT,qBAAqB;GACrB,mBAAmB;GACnB,UAAU;GACV,oBAAoB;GACpB;GACA,SAAS,MAAM;AACb,SAAK,YAAY;AACjB,QAAI,KAAK,UAAU,MAAM,UAAU;AACjC,UAAK,QAAQ,MAAM;AACnB,UAAK,cAAc,IAAI,YAAY,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,MAAO,EAAE,GAAE;IACpF;GACF;GACD,SAAS,CAAC,aAAa;AAErB,YAAQ,MAAM,+BAA+B,SAAS;GACvD;GACD,WAAW,CAAC,aAAa;AACvB,QAAI,SAAS,cAAc;AACzB,UAAKC,eAAe,KAAK,MAAM,SAAS,aAAa,CAAC;IACvD;GACF;GACD,oBAAoB,CAAC,aAAa;AAChC,QAAI,UAAU,cAAc;AAC1B,UAAKA,eAAe,KAAK,MAAM,SAAS,aAAa,CAAC;IACvD;GACF;GACD,QAAQ,MAAM;AACZ,QAAI,KAAK,UAAU,MAAM,QAAQ;AAC/B,UAAKC,yBAAyB;AAC9B,UAAK,QAAQ,MAAM;AACnB,UAAK,cAAc,IAAI,YAAY,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,KAAM,EAAE,GAAE;AAClF,UAAKC,sBAAsB;IAC5B;GACF;GACD,UAAU,MAAM;AACd,QAAI,KAAK,UAAU,MAAM,QAAQ;AAC/B,UAAKD,yBAAyB;AAC9B,UAAK,QAAQ,MAAM;AACnB,UAAK,cAAc,IAAI,YAAY,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,KAAM,EAAE,GAAE;AAClF,UAAKC,sBAAsB;IAC5B;GACF;GACD,aAAa,MAAM;AACjB,QAAI,KAAK,UAAU,MAAM,cAAc;AACrC,UAAK,QAAQ,MAAM;AACnB,UAAKhC,eAAe,QAAQ,CAAC,GAAG,OAAO;AACrC,WAAKU,0BAA0B,IAAI,sBAAsB,WAAW;KACrE,EAAC;IACH;GACF;GACD,sBAAsB,MAAM;AAC1B,QAAI,KAAK,UAAU,MAAM,UAAU;AACjC,UAAK,QAAQ,MAAM;AACnB,UAAK,cAAc,IAAI,YAAY,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,MAAO,EAAE,GAAE;AACnF,UAAKV,eAAe,QAAQ,CAAC,GAAG,OAAO,KAAKU,0BAA0B,IAAI,sBAAsB,OAAO,CAAC;IACzG;GACF;GACD,GAAG;EACJ,EAA8B;CAChC;CAED,0BAA0BM,IAAYiB,OAA8B;EAClE,MAAM,eAAe,KAAK5B,uBAAuB,IAAI,GAAG;AACxD,OAAK,cAAc;AACjB,QAAKA,uBAAuB,IAAI,IAAI,MAAM;AAC1C,QAAKD,wBAAwB,IAAI,GAAG,GAClC,IAAI,YAAY,6BAA6B,EAAE,QAAQ,EAAE,OAAO,KAAKC,uBAAuB,IAAI,GAAG,CAAG,EAAE,GACzG;EACF,WAAU,iBAAiB,OAAO;AACjC,QAAKA,uBAAuB,IAAI,IAAI,MAAM;AAC1C,QAAKD,wBAAwB,IAAI,GAAG,GAClC,IAAI,YAAY,6BAA6B,EAAE,QAAQ,EAAE,OAAO,KAAKC,uBAAuB,IAAI,GAAG,CAAG,EAAE,GACzG;EACF;CACF;CAED,eAAe6B,SAAkB;AAC/B,MAAI,gBAAgB,QAAQ,EAAE;GAC5B,MAAM,EAAE,IAAI,GAAG;GACf,MAAM,eAAe,KAAKlC,eAAe,IAAI,GAAG;AAEhD,OAAI,QAAQ,aAAa,UAAU;IACjC,MAAM,WAAW,KAAKG,iBAAiB,IAAI,GAAG;AAC9C,QAAI,UAAU;AACZ,cAAS,QAAQ,KAAK;IACvB;AACD,SAAKO,0BAA0B,IAAI,sBAAsB,UAAU;GACpE,WAAU,QAAQ,aAAa,YAAY;AAC1C,SAAKT,qBAAqB,IAAI,GAAG,IAAI;AACrC,SAAKW,oBAAoB,GAAG;GAC7B,OAAM;IACL,MAAM,WAAW,KAAKV,kBAAkB,IAAI,GAAG;AAC/C,QAAI,UAAU;AACZ,cAAS,QAAQ,QAAQ;IAC1B;AACD,SAAKU,oBAAoB,GAAG;AAC5B,SAAK,UAAU;AACb,WAAM,IAAI,MACR,gBACK,WAAW,aAAa,aAAa,GAAG,aAAa,WAAW,GAAG,KAAK,UAAU,aAAa,OAAO,CAAC,KAAK,QAAQ,QAAQ,KAC5H,iCAAiC,QAAQ,QAAQ;IAEzD;GACF;EACF,OAAM;AACL,SAAM,IAAI,OAAO,+BAA+B,OAAO,QAAQ,CAAC;EACjE;CACF;CAED,oBAAoBI,IAAY;AAC9B,OAAKN,0BAA0B,IAAI,sBAAsB,OAAO;AAChE,OAAKL,uBAAuB,OAAO,GAAG;AACtC,OAAKD,wBAAwB,OAAO,GAAG;AACvC,OAAKD,iBAAiB,OAAO,GAAG;AAChC,OAAKF,qBAAqB,OAAO,GAAG;AACpC,OAAKC,kBAAkB,OAAO,GAAG;AACjC,OAAKF,eAAe,OAAO,GAAG;CAC/B;CAED,MAAMmC,SAAwB;AAC5B,MAAI,KAAK,UAAU,MAAM,aAAa,KAAKN,SAAS;AAClD,QAAKO,iBAAiB,KAAK,QAAQ;EACpC,OAAM;AACL,QAAKP,QAAQ,OAAO,KAAK,UAAU,QAAQ,CAAC;EAC7C;CACF;CAED,uBAAuB;AACrB,OAAKO,iBAAiB,QAAQ,CAAC,QAAQ,KAAKzB,MAAM,IAAI,CAAC;AACvD,OAAKyB,mBAAmB,CAAE;CAC3B;AACF","names":["atmosphere: Atmosphere.Atmosphere | undefined","e: unknown","#endpointInfos","#onCompleteCallbacks","#onErrorCallbacks","#onNextCallbacks","#onStateChangeCallbacks","#statusOfSubscriptions","connectPrefix: string","atmosphereOptions?: Partial<Atmosphere.Request>","#connectWebsocket","toBeRemoved: string[]","#setSubscriptionConnState","#send","#removeSubscription","endpointName: string","methodName: string","parameters?: unknown[]","id: string","#nextId","msg: ServerConnectMessage","hillaSubscription: Subscription<any>","closeMessage: ServerCloseMessage","context: ReactiveControllerHost","callback: () => void","callback: (message: string) => void","callback: (value: any) => void","callback: () => ActionOnLostSubscription | void","callback: (event: FluxSubscriptionStateChangeEvent) => void","prefix: string","atmosphereOptions: Partial<Atmosphere.Request>","#socket","#handleMessage","#resubscribeIfWasClosed","#sendPendingMessages","state: FluxSubscriptionState","message: unknown","message: ServerMessage","#pendingMessages"],"sources":["/opt/agent/work/1af72d8adc613024/hilla/packages/ts/frontend/src/FluxConnection.ts"],"sourcesContent":["import type { ReactiveControllerHost } from '@lit/reactive-element';\nimport type { Subscription } from './Connect.js';\nimport { getCsrfTokenHeadersForEndpointRequest } from './CsrfUtils.js';\nimport {\n isClientMessage,\n type ServerCloseMessage,\n type ServerConnectMessage,\n type ServerMessage,\n} from './FluxMessages.js';\n\nexport enum State {\n ACTIVE = 'active',\n INACTIVE = 'inactive',\n RECONNECTING = 'reconnecting',\n}\n\ntype ActiveEvent = CustomEvent<{ active: boolean }>;\ninterface EventMap {\n 'state-changed': ActiveEvent;\n}\n\ntype ListenerType<T extends keyof EventMap> =\n | ((this: FluxConnection, ev: EventMap[T]) => any)\n | {\n handleEvent(ev: EventMap[T]): void;\n }\n | null;\n\n/**\n * Possible options for dealing with lost subscriptions after a websocket is reopened.\n */\nexport enum ActionOnLostSubscription {\n /**\n * The subscription should be resubscribed using the same server method and parameters.\n */\n RESUBSCRIBE = 'resubscribe',\n /**\n * The subscription should be removed.\n */\n REMOVE = 'remove',\n}\n\n/**\n * Possible states of a flux subscription.\n */\nexport enum FluxSubscriptionState {\n /**\n * The subscription is not connected and is trying to connect.\n */\n CONNECTING = 'connecting',\n /**\n * The subscription is connected and receiving updates.\n */\n CONNECTED = 'connected',\n /**\n * The subscription is closed and is not trying to reconnect.\n */\n CLOSED = 'closed',\n}\n\n/**\n * Event wrapper for flux subscription connection state change callback\n */\nexport type FluxSubscriptionStateChangeEvent = CustomEvent<{ state: FluxSubscriptionState }>;\n\ntype EndpointInfo = {\n endpointName: string;\n methodName: string;\n params: unknown[] | undefined;\n reconnect?(): ActionOnLostSubscription | void;\n};\n\nlet atmosphere: Atmosphere.Atmosphere | undefined;\n\n// eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\nif (globalThis.document) {\n // In case we are in the browser environment, we have to load atmosphere.js\n try {\n atmosphere = (await import('atmosphere.js')).default;\n } catch (e: unknown) {\n console.error('Failed to load atmosphere.js', e);\n }\n}\n\n/**\n * A representation of the underlying persistent network connection used for subscribing to Flux type endpoint methods.\n */\nexport class FluxConnection extends EventTarget {\n state: State = State.INACTIVE;\n wasClosed = false;\n readonly #endpointInfos = new Map<string, EndpointInfo>();\n #nextId = 0;\n readonly #onCompleteCallbacks = new Map<string, () => void>();\n readonly #onErrorCallbacks = new Map<string, (message: string) => void>();\n readonly #onNextCallbacks = new Map<string, (value: any) => void>();\n readonly #onStateChangeCallbacks = new Map<string, (event: FluxSubscriptionStateChangeEvent) => void>();\n readonly #statusOfSubscriptions = new Map<string, FluxSubscriptionState>();\n #pendingMessages: ServerMessage[] = [];\n #socket?: Atmosphere.Request;\n\n constructor(connectPrefix: string, atmosphereOptions?: Partial<Atmosphere.Request>) {\n super();\n this.#connectWebsocket(connectPrefix.replace(/connect$/u, ''), atmosphereOptions ?? {});\n }\n\n #resubscribeIfWasClosed() {\n if (this.wasClosed) {\n this.wasClosed = false;\n const toBeRemoved: string[] = [];\n this.#endpointInfos.forEach((endpointInfo, id) => {\n if (endpointInfo.reconnect?.() === ActionOnLostSubscription.RESUBSCRIBE) {\n this.#setSubscriptionConnState(id, FluxSubscriptionState.CONNECTING);\n this.#send({\n '@type': 'subscribe',\n endpointName: endpointInfo.endpointName,\n id,\n methodName: endpointInfo.methodName,\n params: endpointInfo.params,\n });\n } else {\n toBeRemoved.push(id);\n }\n });\n toBeRemoved.forEach((id) => this.#removeSubscription(id));\n }\n }\n\n /**\n * Subscribes to the flux returned by the given endpoint name + method name using the given parameters.\n *\n * @param endpointName - the endpoint to connect to\n * @param methodName - the method in the endpoint to connect to\n * @param parameters - the parameters to use\n * @returns a subscription\n */\n subscribe(endpointName: string, methodName: string, parameters?: unknown[]): Subscription<any> {\n const id: string = this.#nextId.toString();\n this.#nextId += 1;\n const params = parameters ?? [];\n\n const msg: ServerConnectMessage = { '@type': 'subscribe', endpointName, id, methodName, params };\n this.#send(msg);\n this.#endpointInfos.set(id, { endpointName, methodName, params });\n this.#setSubscriptionConnState(id, FluxSubscriptionState.CONNECTING);\n const hillaSubscription: Subscription<any> = {\n cancel: () => {\n if (!this.#endpointInfos.has(id)) {\n // Subscription already closed or canceled\n return;\n }\n\n const closeMessage: ServerCloseMessage = { '@type': 'unsubscribe', id };\n this.#send(closeMessage);\n this.#removeSubscription(id);\n },\n context(context: ReactiveControllerHost): Subscription<any> {\n context.addController({\n hostDisconnected() {\n hillaSubscription.cancel();\n },\n });\n return hillaSubscription;\n },\n onComplete: (callback: () => void): Subscription<any> => {\n this.#onCompleteCallbacks.set(id, callback);\n return hillaSubscription;\n },\n onError: (callback: (message: string) => void): Subscription<any> => {\n this.#onErrorCallbacks.set(id, callback);\n return hillaSubscription;\n },\n onNext: (callback: (value: any) => void): Subscription<any> => {\n this.#onNextCallbacks.set(id, callback);\n return hillaSubscription;\n },\n onSubscriptionLost: (callback: () => ActionOnLostSubscription | void): Subscription<any> => {\n if (this.#endpointInfos.has(id)) {\n this.#endpointInfos.get(id)!.reconnect = callback;\n } else {\n console.warn(`\"onReconnect\" value not set for subscription \"${id}\" because it was already canceled`);\n }\n return hillaSubscription;\n },\n onConnectionStateChange: (callback: (event: FluxSubscriptionStateChangeEvent) => void): Subscription<any> => {\n this.#onStateChangeCallbacks.set(id, callback);\n callback(\n new CustomEvent('subscription-state-change', { detail: { state: this.#statusOfSubscriptions.get(id)! } }),\n );\n return hillaSubscription;\n },\n };\n return hillaSubscription;\n }\n\n #connectWebsocket(prefix: string, atmosphereOptions: Partial<Atmosphere.Request>) {\n // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\n const extraHeaders = globalThis.document ? getCsrfTokenHeadersForEndpointRequest(globalThis.document) : {};\n const pushUrl = 'HILLA/push';\n const url = prefix.length === 0 ? pushUrl : (prefix.endsWith('/') ? prefix : `${prefix}/`) + pushUrl;\n this.#socket = atmosphere?.subscribe?.({\n contentType: 'application/json; charset=UTF-8',\n enableProtocol: true,\n transport: 'websocket',\n fallbackTransport: 'websocket',\n headers: extraHeaders,\n maxReconnectOnClose: 10000000,\n reconnectInterval: 5000,\n timeout: -1,\n trackMessageLength: true,\n url,\n onClose: () => {\n this.wasClosed = true;\n if (this.state !== State.INACTIVE) {\n this.state = State.INACTIVE;\n this.dispatchEvent(new CustomEvent('state-changed', { detail: { active: false } }));\n }\n },\n onError: (response) => {\n // eslint-disable-next-line no-console\n console.error('error in push communication', response);\n },\n onMessage: (response) => {\n if (response.responseBody) {\n this.#handleMessage(JSON.parse(response.responseBody));\n }\n },\n onMessagePublished: (response) => {\n if (response?.responseBody) {\n this.#handleMessage(JSON.parse(response.responseBody));\n }\n },\n onOpen: () => {\n if (this.state !== State.ACTIVE) {\n this.#resubscribeIfWasClosed();\n this.state = State.ACTIVE;\n this.dispatchEvent(new CustomEvent('state-changed', { detail: { active: true } }));\n this.#sendPendingMessages();\n }\n },\n onReopen: () => {\n if (this.state !== State.ACTIVE) {\n this.#resubscribeIfWasClosed();\n this.state = State.ACTIVE;\n this.dispatchEvent(new CustomEvent('state-changed', { detail: { active: true } }));\n this.#sendPendingMessages();\n }\n },\n onReconnect: () => {\n if (this.state !== State.RECONNECTING) {\n this.state = State.RECONNECTING;\n this.#endpointInfos.forEach((_, id) => {\n this.#setSubscriptionConnState(id, FluxSubscriptionState.CONNECTING);\n });\n }\n },\n onFailureToReconnect: () => {\n if (this.state !== State.INACTIVE) {\n this.state = State.INACTIVE;\n this.dispatchEvent(new CustomEvent('state-changed', { detail: { active: false } }));\n this.#endpointInfos.forEach((_, id) => this.#setSubscriptionConnState(id, FluxSubscriptionState.CLOSED));\n }\n },\n ...atmosphereOptions,\n } satisfies Atmosphere.Request);\n }\n\n #setSubscriptionConnState(id: string, state: FluxSubscriptionState) {\n const currentState = this.#statusOfSubscriptions.get(id);\n if (!currentState) {\n this.#statusOfSubscriptions.set(id, state);\n this.#onStateChangeCallbacks.get(id)?.(\n new CustomEvent('subscription-state-change', { detail: { state: this.#statusOfSubscriptions.get(id)! } }),\n );\n } else if (currentState !== state) {\n this.#statusOfSubscriptions.set(id, state);\n this.#onStateChangeCallbacks.get(id)?.(\n new CustomEvent('subscription-state-change', { detail: { state: this.#statusOfSubscriptions.get(id)! } }),\n );\n }\n }\n\n #handleMessage(message: unknown) {\n if (isClientMessage(message)) {\n const { id } = message;\n const endpointInfo = this.#endpointInfos.get(id);\n\n if (message['@type'] === 'update') {\n const callback = this.#onNextCallbacks.get(id);\n if (callback) {\n callback(message.item);\n }\n this.#setSubscriptionConnState(id, FluxSubscriptionState.CONNECTED);\n } else if (message['@type'] === 'complete') {\n this.#onCompleteCallbacks.get(id)?.();\n this.#removeSubscription(id);\n } else {\n const callback = this.#onErrorCallbacks.get(id);\n if (callback) {\n callback(message.message);\n }\n this.#removeSubscription(id);\n if (!callback) {\n throw new Error(\n endpointInfo\n ? `Error in ${endpointInfo.endpointName}.${endpointInfo.methodName}(${JSON.stringify(endpointInfo.params)}): ${message.message}`\n : `Error in unknown subscription: ${message.message}`,\n );\n }\n }\n } else {\n throw new Error(`Unknown message from server: ${String(message)}`);\n }\n }\n\n #removeSubscription(id: string) {\n this.#setSubscriptionConnState(id, FluxSubscriptionState.CLOSED);\n this.#statusOfSubscriptions.delete(id);\n this.#onStateChangeCallbacks.delete(id);\n this.#onNextCallbacks.delete(id);\n this.#onCompleteCallbacks.delete(id);\n this.#onErrorCallbacks.delete(id);\n this.#endpointInfos.delete(id);\n }\n\n #send(message: ServerMessage) {\n if (this.state === State.INACTIVE || !this.#socket) {\n this.#pendingMessages.push(message);\n } else {\n this.#socket.push?.(JSON.stringify(message));\n }\n }\n\n #sendPendingMessages() {\n this.#pendingMessages.forEach((msg) => this.#send(msg));\n this.#pendingMessages = [];\n }\n}\n\nexport interface FluxConnection {\n addEventListener<T extends keyof EventMap>(type: T, listener: ListenerType<T>): void;\n removeEventListener<T extends keyof EventMap>(type: T, listener: ListenerType<T>): void;\n}\n"],"version":3}
1
+ {"mappings":"AAEA,OAAO,yCAA0C;AACjD,SACE,0CAIyB;AAE3B,OAAO,IAAK,wBAAL;AACL;AACA;AACA;;AACD;;;;AAiBD,OAAO,IAAK,8DAAL;;;;AAIL;;;;AAIA;;AACD;;;;AAKD,OAAO,IAAK,wDAAL;;;;AAIL;;;;AAIA;;;;AAIA;;AACD;AAeD,MAAMA,oBAAgE,WAAW,WAC7E,OAAO,mBACP,QAAQ,QAAQ,UAAU;;;;AAK9B,OAAO,MAAM,uBAAuB,YAAY;CAC9C,QAAe,MAAM;CACrB,YAAY;CACZ,AAASC,iBAAiB,IAAI;CAC9B,UAAU;CACV,AAASC,uBAAuB,IAAI;CACpC,AAASC,oBAAoB,IAAI;CACjC,AAASC,mBAAmB,IAAI;CAChC,AAASC,0BAA0B,IAAI;CACvC,AAASC,yBAAyB,IAAI;CACtC,mBAAoC,CAAE;CACtC;CACA,AAASC;CAET,YAAYC,eAAuBC,mBAAiD;AAClF,SAAO;AACP,OAAKF,SAAS,KAAKG,kBAAkB,cAAc,QAAQ,aAAa,GAAG,EAAE,qBAAqB,CAAE,EAAC;CACtG;CAED,0BAA0B;AACxB,MAAI,KAAK,WAAW;AAClB,QAAK,YAAY;GACjB,MAAMC,cAAwB,CAAE;AAChC,QAAKV,eAAe,QAAQ,CAAC,cAAc,OAAO;AAChD,QAAI,aAAa,aAAa,KAAK,yBAAyB,aAAa;AACvE,UAAKW,0BAA0B,IAAI,sBAAsB,WAAW;AACpE,UAAKC,MAAM;eACA;MACT,cAAc,aAAa;MAC3B;MACA,YAAY,aAAa;MACzB,QAAQ,aAAa;KACtB,EAAC;IACH,OAAM;AACL,iBAAY,KAAK,GAAG;IACrB;GACF,EAAC;AACF,eAAY,QAAQ,CAAC,OAAO,KAAKC,oBAAoB,GAAG,CAAC;EAC1D;CACF;;;;CAKD,IAAI,QAAuB;AACzB,SAAO,KAAKP;CACb;;;;;;;;;CAUD,UAAUQ,cAAsBC,YAAoBC,YAA2C;EAC7F,MAAMC,KAAa,KAAKC,QAAQ,UAAU;AAC1C,OAAKA,WAAW;EAChB,MAAM,SAAS,cAAc,CAAE;EAE/B,MAAMC,MAA4B;YAAW;GAAa;GAAc;GAAI;GAAY;EAAQ;AAChG,OAAKP,MAAM,IAAI;AACf,OAAKZ,eAAe,IAAI,IAAI;GAAE;GAAc;GAAY;EAAQ,EAAC;AACjE,OAAKW,0BAA0B,IAAI,sBAAsB,WAAW;EACpE,MAAMS,oBAAuC;GAC3C,QAAQ,MAAM;AACZ,SAAK,KAAKpB,eAAe,IAAI,GAAG,EAAE;AAEhC;IACD;IAED,MAAMqB,eAAmC;cAAW;KAAe;IAAI;AACvE,SAAKT,MAAM,aAAa;AACxB,SAAKC,oBAAoB,GAAG;GAC7B;GACD,QAAQS,SAAoD;AAC1D,YAAQ,cAAc,EACpB,mBAAmB;AACjB,uBAAkB,QAAQ;IAC3B,EACF,EAAC;AACF,WAAO;GACR;GACD,YAAY,CAACC,aAA4C;AACvD,SAAKtB,qBAAqB,IAAI,IAAI,SAAS;AAC3C,WAAO;GACR;GACD,SAAS,CAACuB,aAA2D;AACnE,SAAKtB,kBAAkB,IAAI,IAAI,SAAS;AACxC,WAAO;GACR;GACD,QAAQ,CAACuB,aAAsD;AAC7D,SAAKtB,iBAAiB,IAAI,IAAI,SAAS;AACvC,WAAO;GACR;GACD,oBAAoB,CAACuB,aAAuE;AAC1F,QAAI,KAAK1B,eAAe,IAAI,GAAG,EAAE;AAC/B,UAAKA,eAAe,IAAI,GAAG,CAAE,YAAY;IAC1C,OAAM;AACL,aAAQ,MAAM,gDAAgD,GAAG,mCAAmC;IACrG;AACD,WAAO;GACR;GACD,yBAAyB,CAAC2B,aAAmF;AAC3G,SAAKvB,wBAAwB,IAAI,IAAI,SAAS;AAC9C,aACE,IAAI,YAAY,6BAA6B,EAAE,QAAQ,EAAE,OAAO,KAAKC,uBAAuB,IAAI,GAAG,CAAG,EAAE,GACzG;AACD,WAAO;GACR;EACF;AACD,SAAO;CACR;CAED,MAAMI,kBAAkBmB,QAAgBC,mBAAgD;EAEtF,MAAM,eAAe,OAAO,aAAa,MAAM,eAAe,KAAK,EAAE,cAAc;EACnF,MAAM,UAAU;EAChB,MAAM,MAAM,OAAO,WAAW,IAAI,WAAW,OAAO,SAAS,IAAI,GAAG,UAAU,EAAE,OAAO,MAAM;AAC7F,SAAO,kBAAkB,KAAK,CAACC,eAAkD;AAC/E,QAAK,YAAY;AACf;GACD;AAGD,OAAI,WAAW,UAAU;AACvB,SAAKC,UAAU,WAAW,YAAY;KACpC,aAAa;KACb,gBAAgB;KAChB,WAAW;KACX,mBAAmB;KACnB,SAAS;KACT,qBAAqB;KACrB,mBAAmB;KACnB,UAAU;KACV,oBAAoB;KACpB;KACA,SAAS,MAAM;AACb,WAAK,YAAY;AACjB,UAAI,KAAK,UAAU,MAAM,UAAU;AACjC,YAAK,QAAQ,MAAM;AACnB,YAAK,cAAc,IAAI,YAAY,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,MAAO,EAAE,GAAE;MACpF;KACF;KACD,SAAS,CAAC,aAAa;AAErB,cAAQ,MAAM,+BAA+B,SAAS;KACvD;KACD,WAAW,CAAC,aAAa;AACvB,UAAI,SAAS,cAAc;AACzB,YAAKC,eAAe,KAAK,MAAM,SAAS,aAAa,CAAC;MACvD;KACF;KACD,oBAAoB,CAAC,aAAa;AAChC,UAAI,UAAU,cAAc;AAC1B,YAAKA,eAAe,KAAK,MAAM,SAAS,aAAa,CAAC;MACvD;KACF;KACD,QAAQ,MAAM;AACZ,UAAI,KAAK,UAAU,MAAM,QAAQ;AAC/B,YAAKC,yBAAyB;AAC9B,YAAK,QAAQ,MAAM;AACnB,YAAK,cAAc,IAAI,YAAY,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,KAAM,EAAE,GAAE;AAClF,YAAKC,sBAAsB;MAC5B;KACF;KACD,UAAU,MAAM;AACd,UAAI,KAAK,UAAU,MAAM,QAAQ;AAC/B,YAAKD,yBAAyB;AAC9B,YAAK,QAAQ,MAAM;AACnB,YAAK,cAAc,IAAI,YAAY,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,KAAM,EAAE,GAAE;AAClF,YAAKC,sBAAsB;MAC5B;KACF;KACD,aAAa,MAAM;AACjB,UAAI,KAAK,UAAU,MAAM,cAAc;AACrC,YAAK,QAAQ,MAAM;AACnB,YAAKlC,eAAe,QAAQ,CAAC,GAAG,OAAO;AACrC,aAAKW,0BAA0B,IAAI,sBAAsB,WAAW;OACrE,EAAC;MACH;KACF;KACD,sBAAsB,MAAM;AAC1B,UAAI,KAAK,UAAU,MAAM,UAAU;AACjC,YAAK,QAAQ,MAAM;AACnB,YAAK,cAAc,IAAI,YAAY,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,MAAO,EAAE,GAAE;AACnF,YAAKX,eAAe,QAAQ,CAAC,GAAG,OAAO,KAAKW,0BAA0B,IAAI,sBAAsB,OAAO,CAAC;MACzG;KACF;KACD,GAAG;IACJ,EAA8B;GAChC;EACF,EAAC;CACH;CAED,0BAA0BM,IAAYkB,OAA8B;EAClE,MAAM,eAAe,KAAK9B,uBAAuB,IAAI,GAAG;AACxD,OAAK,cAAc;AACjB,QAAKA,uBAAuB,IAAI,IAAI,MAAM;AAC1C,QAAKD,wBAAwB,IAAI,GAAG,GAClC,IAAI,YAAY,6BAA6B,EAAE,QAAQ,EAAE,OAAO,KAAKC,uBAAuB,IAAI,GAAG,CAAG,EAAE,GACzG;EACF,WAAU,iBAAiB,OAAO;AACjC,QAAKA,uBAAuB,IAAI,IAAI,MAAM;AAC1C,QAAKD,wBAAwB,IAAI,GAAG,GAClC,IAAI,YAAY,6BAA6B,EAAE,QAAQ,EAAE,OAAO,KAAKC,uBAAuB,IAAI,GAAG,CAAG,EAAE,GACzG;EACF;CACF;CAED,eAAe+B,SAAkB;AAC/B,MAAI,gBAAgB,QAAQ,EAAE;GAC5B,MAAM,EAAE,IAAI,GAAG;GACf,MAAM,eAAe,KAAKpC,eAAe,IAAI,GAAG;AAEhD,OAAI,QAAQ,aAAa,UAAU;IACjC,MAAM,WAAW,KAAKG,iBAAiB,IAAI,GAAG;AAC9C,QAAI,UAAU;AACZ,cAAS,QAAQ,KAAK;IACvB;AACD,SAAKQ,0BAA0B,IAAI,sBAAsB,UAAU;GACpE,WAAU,QAAQ,aAAa,YAAY;AAC1C,SAAKV,qBAAqB,IAAI,GAAG,IAAI;AACrC,SAAKY,oBAAoB,GAAG;GAC7B,OAAM;IACL,MAAM,WAAW,KAAKX,kBAAkB,IAAI,GAAG;AAC/C,QAAI,UAAU;AACZ,cAAS,QAAQ,QAAQ;IAC1B;AACD,SAAKW,oBAAoB,GAAG;AAC5B,SAAK,UAAU;AACb,WAAM,IAAI,MACR,gBACK,WAAW,aAAa,aAAa,GAAG,aAAa,WAAW,GAAG,KAAK,UAAU,aAAa,OAAO,CAAC,KAAK,QAAQ,QAAQ,KAC5H,iCAAiC,QAAQ,QAAQ;IAEzD;GACF;EACF,OAAM;AACL,SAAM,IAAI,OAAO,+BAA+B,OAAO,QAAQ,CAAC;EACjE;CACF;CAED,oBAAoBI,IAAY;AAC9B,OAAKN,0BAA0B,IAAI,sBAAsB,OAAO;AAChE,OAAKN,uBAAuB,OAAO,GAAG;AACtC,OAAKD,wBAAwB,OAAO,GAAG;AACvC,OAAKD,iBAAiB,OAAO,GAAG;AAChC,OAAKF,qBAAqB,OAAO,GAAG;AACpC,OAAKC,kBAAkB,OAAO,GAAG;AACjC,OAAKF,eAAe,OAAO,GAAG;CAC/B;CAED,MAAMqC,SAAwB;AAC5B,MAAI,KAAK,UAAU,MAAM,aAAa,KAAKN,SAAS;AAClD,QAAKO,iBAAiB,KAAK,QAAQ;EACpC,OAAM;AACL,QAAKP,QAAQ,OAAO,KAAK,UAAU,QAAQ,CAAC;EAC7C;CACF;CAED,uBAAuB;AACrB,OAAKO,iBAAiB,QAAQ,CAAC,QAAQ,KAAK1B,MAAM,IAAI,CAAC;AACvD,OAAK0B,mBAAmB,CAAE;CAC3B;AACF","names":["atmospherePromise: Promise<Atmosphere.Atmosphere | undefined>","#endpointInfos","#onCompleteCallbacks","#onErrorCallbacks","#onNextCallbacks","#onStateChangeCallbacks","#statusOfSubscriptions","#ready","connectPrefix: string","atmosphereOptions?: Partial<Atmosphere.Request>","#connectWebsocket","toBeRemoved: string[]","#setSubscriptionConnState","#send","#removeSubscription","endpointName: string","methodName: string","parameters?: unknown[]","id: string","#nextId","msg: ServerConnectMessage","hillaSubscription: Subscription<any>","closeMessage: ServerCloseMessage","context: ReactiveControllerHost","callback: () => void","callback: (message: string) => void","callback: (value: any) => void","callback: () => ActionOnLostSubscription | void","callback: (event: FluxSubscriptionStateChangeEvent) => void","prefix: string","atmosphereOptions: Partial<Atmosphere.Request>","atmosphere: Atmosphere.Atmosphere | undefined","#socket","#handleMessage","#resubscribeIfWasClosed","#sendPendingMessages","state: FluxSubscriptionState","message: unknown","message: ServerMessage","#pendingMessages"],"sources":["/opt/agent/work/1af72d8adc613024/hilla/packages/ts/frontend/src/FluxConnection.ts"],"sourcesContent":["import type { ReactiveControllerHost } from '@lit/reactive-element';\nimport type { Subscription } from './Connect.js';\nimport csrfInfoSource from './CsrfInfoSource.js';\nimport {\n isClientMessage,\n type ServerCloseMessage,\n type ServerConnectMessage,\n type ServerMessage,\n} from './FluxMessages.js';\n\nexport enum State {\n ACTIVE = 'active',\n INACTIVE = 'inactive',\n RECONNECTING = 'reconnecting',\n}\n\ntype ActiveEvent = CustomEvent<{ active: boolean }>;\ninterface EventMap {\n 'state-changed': ActiveEvent;\n}\n\ntype ListenerType<T extends keyof EventMap> =\n | ((this: FluxConnection, ev: EventMap[T]) => any)\n | {\n handleEvent(ev: EventMap[T]): void;\n }\n | null;\n\n/**\n * Possible options for dealing with lost subscriptions after a websocket is reopened.\n */\nexport enum ActionOnLostSubscription {\n /**\n * The subscription should be resubscribed using the same server method and parameters.\n */\n RESUBSCRIBE = 'resubscribe',\n /**\n * The subscription should be removed.\n */\n REMOVE = 'remove',\n}\n\n/**\n * Possible states of a flux subscription.\n */\nexport enum FluxSubscriptionState {\n /**\n * The subscription is not connected and is trying to connect.\n */\n CONNECTING = 'connecting',\n /**\n * The subscription is connected and receiving updates.\n */\n CONNECTED = 'connected',\n /**\n * The subscription is closed and is not trying to reconnect.\n */\n CLOSED = 'closed',\n}\n\n/**\n * Event wrapper for flux subscription connection state change callback\n */\nexport type FluxSubscriptionStateChangeEvent = CustomEvent<{ state: FluxSubscriptionState }>;\n\ntype EndpointInfo = {\n endpointName: string;\n methodName: string;\n params: unknown[] | undefined;\n reconnect?(): ActionOnLostSubscription | void;\n};\n\n// eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\nconst atmospherePromise: Promise<Atmosphere.Atmosphere | undefined> = globalThis.document\n ? import('atmosphere.js')\n : Promise.resolve(undefined);\n\n/**\n * A representation of the underlying persistent network connection used for subscribing to Flux type endpoint methods.\n */\nexport class FluxConnection extends EventTarget {\n state: State = State.INACTIVE;\n wasClosed = false;\n readonly #endpointInfos = new Map<string, EndpointInfo>();\n #nextId = 0;\n readonly #onCompleteCallbacks = new Map<string, () => void>();\n readonly #onErrorCallbacks = new Map<string, (message: string) => void>();\n readonly #onNextCallbacks = new Map<string, (value: any) => void>();\n readonly #onStateChangeCallbacks = new Map<string, (event: FluxSubscriptionStateChangeEvent) => void>();\n readonly #statusOfSubscriptions = new Map<string, FluxSubscriptionState>();\n #pendingMessages: ServerMessage[] = [];\n #socket?: Atmosphere.Request;\n readonly #ready: Promise<void>;\n\n constructor(connectPrefix: string, atmosphereOptions?: Partial<Atmosphere.Request>) {\n super();\n this.#ready = this.#connectWebsocket(connectPrefix.replace(/connect$/u, ''), atmosphereOptions ?? {});\n }\n\n #resubscribeIfWasClosed() {\n if (this.wasClosed) {\n this.wasClosed = false;\n const toBeRemoved: string[] = [];\n this.#endpointInfos.forEach((endpointInfo, id) => {\n if (endpointInfo.reconnect?.() === ActionOnLostSubscription.RESUBSCRIBE) {\n this.#setSubscriptionConnState(id, FluxSubscriptionState.CONNECTING);\n this.#send({\n '@type': 'subscribe',\n endpointName: endpointInfo.endpointName,\n id,\n methodName: endpointInfo.methodName,\n params: endpointInfo.params,\n });\n } else {\n toBeRemoved.push(id);\n }\n });\n toBeRemoved.forEach((id) => this.#removeSubscription(id));\n }\n }\n\n /**\n * Promise that resolves when the instance is initialized.\n */\n get ready(): Promise<void> {\n return this.#ready;\n }\n\n /**\n * Subscribes to the flux returned by the given endpoint name + method name using the given parameters.\n *\n * @param endpointName - the endpoint to connect to\n * @param methodName - the method in the endpoint to connect to\n * @param parameters - the parameters to use\n * @returns a subscription\n */\n subscribe(endpointName: string, methodName: string, parameters?: unknown[]): Subscription<any> {\n const id: string = this.#nextId.toString();\n this.#nextId += 1;\n const params = parameters ?? [];\n\n const msg: ServerConnectMessage = { '@type': 'subscribe', endpointName, id, methodName, params };\n this.#send(msg);\n this.#endpointInfos.set(id, { endpointName, methodName, params });\n this.#setSubscriptionConnState(id, FluxSubscriptionState.CONNECTING);\n const hillaSubscription: Subscription<any> = {\n cancel: () => {\n if (!this.#endpointInfos.has(id)) {\n // Subscription already closed or canceled\n return;\n }\n\n const closeMessage: ServerCloseMessage = { '@type': 'unsubscribe', id };\n this.#send(closeMessage);\n this.#removeSubscription(id);\n },\n context(context: ReactiveControllerHost): Subscription<any> {\n context.addController({\n hostDisconnected() {\n hillaSubscription.cancel();\n },\n });\n return hillaSubscription;\n },\n onComplete: (callback: () => void): Subscription<any> => {\n this.#onCompleteCallbacks.set(id, callback);\n return hillaSubscription;\n },\n onError: (callback: (message: string) => void): Subscription<any> => {\n this.#onErrorCallbacks.set(id, callback);\n return hillaSubscription;\n },\n onNext: (callback: (value: any) => void): Subscription<any> => {\n this.#onNextCallbacks.set(id, callback);\n return hillaSubscription;\n },\n onSubscriptionLost: (callback: () => ActionOnLostSubscription | void): Subscription<any> => {\n if (this.#endpointInfos.has(id)) {\n this.#endpointInfos.get(id)!.reconnect = callback;\n } else {\n console.warn(`\"onReconnect\" value not set for subscription \"${id}\" because it was already canceled`);\n }\n return hillaSubscription;\n },\n onConnectionStateChange: (callback: (event: FluxSubscriptionStateChangeEvent) => void): Subscription<any> => {\n this.#onStateChangeCallbacks.set(id, callback);\n callback(\n new CustomEvent('subscription-state-change', { detail: { state: this.#statusOfSubscriptions.get(id)! } }),\n );\n return hillaSubscription;\n },\n };\n return hillaSubscription;\n }\n\n async #connectWebsocket(prefix: string, atmosphereOptions: Partial<Atmosphere.Request>) {\n // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\n const extraHeaders = Object.fromEntries((await csrfInfoSource.get()).headerEntries);\n const pushUrl = 'HILLA/push';\n const url = prefix.length === 0 ? pushUrl : (prefix.endsWith('/') ? prefix : `${prefix}/`) + pushUrl;\n return atmospherePromise.then((atmosphere: Atmosphere.Atmosphere | undefined) => {\n if (!atmosphere) {\n return;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\n if (globalThis.document) {\n this.#socket = atmosphere.subscribe?.({\n contentType: 'application/json; charset=UTF-8',\n enableProtocol: true,\n transport: 'websocket',\n fallbackTransport: 'websocket',\n headers: extraHeaders,\n maxReconnectOnClose: 10000000,\n reconnectInterval: 5000,\n timeout: -1,\n trackMessageLength: true,\n url,\n onClose: () => {\n this.wasClosed = true;\n if (this.state !== State.INACTIVE) {\n this.state = State.INACTIVE;\n this.dispatchEvent(new CustomEvent('state-changed', { detail: { active: false } }));\n }\n },\n onError: (response) => {\n // eslint-disable-next-line no-console\n console.error('error in push communication', response);\n },\n onMessage: (response) => {\n if (response.responseBody) {\n this.#handleMessage(JSON.parse(response.responseBody));\n }\n },\n onMessagePublished: (response) => {\n if (response?.responseBody) {\n this.#handleMessage(JSON.parse(response.responseBody));\n }\n },\n onOpen: () => {\n if (this.state !== State.ACTIVE) {\n this.#resubscribeIfWasClosed();\n this.state = State.ACTIVE;\n this.dispatchEvent(new CustomEvent('state-changed', { detail: { active: true } }));\n this.#sendPendingMessages();\n }\n },\n onReopen: () => {\n if (this.state !== State.ACTIVE) {\n this.#resubscribeIfWasClosed();\n this.state = State.ACTIVE;\n this.dispatchEvent(new CustomEvent('state-changed', { detail: { active: true } }));\n this.#sendPendingMessages();\n }\n },\n onReconnect: () => {\n if (this.state !== State.RECONNECTING) {\n this.state = State.RECONNECTING;\n this.#endpointInfos.forEach((_, id) => {\n this.#setSubscriptionConnState(id, FluxSubscriptionState.CONNECTING);\n });\n }\n },\n onFailureToReconnect: () => {\n if (this.state !== State.INACTIVE) {\n this.state = State.INACTIVE;\n this.dispatchEvent(new CustomEvent('state-changed', { detail: { active: false } }));\n this.#endpointInfos.forEach((_, id) => this.#setSubscriptionConnState(id, FluxSubscriptionState.CLOSED));\n }\n },\n ...atmosphereOptions,\n } satisfies Atmosphere.Request);\n }\n });\n }\n\n #setSubscriptionConnState(id: string, state: FluxSubscriptionState) {\n const currentState = this.#statusOfSubscriptions.get(id);\n if (!currentState) {\n this.#statusOfSubscriptions.set(id, state);\n this.#onStateChangeCallbacks.get(id)?.(\n new CustomEvent('subscription-state-change', { detail: { state: this.#statusOfSubscriptions.get(id)! } }),\n );\n } else if (currentState !== state) {\n this.#statusOfSubscriptions.set(id, state);\n this.#onStateChangeCallbacks.get(id)?.(\n new CustomEvent('subscription-state-change', { detail: { state: this.#statusOfSubscriptions.get(id)! } }),\n );\n }\n }\n\n #handleMessage(message: unknown) {\n if (isClientMessage(message)) {\n const { id } = message;\n const endpointInfo = this.#endpointInfos.get(id);\n\n if (message['@type'] === 'update') {\n const callback = this.#onNextCallbacks.get(id);\n if (callback) {\n callback(message.item);\n }\n this.#setSubscriptionConnState(id, FluxSubscriptionState.CONNECTED);\n } else if (message['@type'] === 'complete') {\n this.#onCompleteCallbacks.get(id)?.();\n this.#removeSubscription(id);\n } else {\n const callback = this.#onErrorCallbacks.get(id);\n if (callback) {\n callback(message.message);\n }\n this.#removeSubscription(id);\n if (!callback) {\n throw new Error(\n endpointInfo\n ? `Error in ${endpointInfo.endpointName}.${endpointInfo.methodName}(${JSON.stringify(endpointInfo.params)}): ${message.message}`\n : `Error in unknown subscription: ${message.message}`,\n );\n }\n }\n } else {\n throw new Error(`Unknown message from server: ${String(message)}`);\n }\n }\n\n #removeSubscription(id: string) {\n this.#setSubscriptionConnState(id, FluxSubscriptionState.CLOSED);\n this.#statusOfSubscriptions.delete(id);\n this.#onStateChangeCallbacks.delete(id);\n this.#onNextCallbacks.delete(id);\n this.#onCompleteCallbacks.delete(id);\n this.#onErrorCallbacks.delete(id);\n this.#endpointInfos.delete(id);\n }\n\n #send(message: ServerMessage) {\n if (this.state === State.INACTIVE || !this.#socket) {\n this.#pendingMessages.push(message);\n } else {\n this.#socket.push?.(JSON.stringify(message));\n }\n }\n\n #sendPendingMessages() {\n this.#pendingMessages.forEach((msg) => this.#send(msg));\n this.#pendingMessages = [];\n }\n}\n\nexport interface FluxConnection {\n addEventListener<T extends keyof EventMap>(type: T, listener: ListenerType<T>): void;\n removeEventListener<T extends keyof EventMap>(type: T, listener: ListenerType<T>): void;\n}\n"],"version":3}
package/index.js CHANGED
@@ -2,11 +2,11 @@ export * from "./Authentication.js";
2
2
  export * from "./Connect.js";
3
3
  export * from "./EndpointErrors.js";
4
4
  export { ActionOnLostSubscription, FluxConnection, State } from "./FluxConnection.js";
5
- ((feature, vaadinObj = window.Vaadin ??= {}) => {
5
+ ((feature, vaadinObj = globalThis.Vaadin ??= {}) => {
6
6
  vaadinObj.registrations ??= [];
7
7
  vaadinObj.registrations.push({
8
8
  is: feature ? `@vaadin/hilla-frontend/${feature}` : "@vaadin/hilla-frontend",
9
- version: "24.8.0-alpha7"
9
+ version: "24.8.0-beta1"
10
10
  });
11
11
  })();
12
12
  //# sourceMappingURL=./index.js.map
package/index.js.map CHANGED
@@ -1 +1 @@
1
- {"mappings":"AAAA;AACA;AACA;AACA,SAAS,0BAA0B,gBAAgB;AAInD,CAAC,CAAC,SAAS,YAAa,OAAO,WAAW,CAAE,MAAM;AAChD,WAAU,kBAAkB,CAAE;AAC9B,WAAU,cAAc,KAAK;EAC3B,IAAI,WAAW,yBAAyB,QAAQ,IAAI;EACpD,SAAS;CACV,EAAC;AACH,IAAG","names":[],"sources":["/opt/agent/work/1af72d8adc613024/hilla/packages/ts/frontend/src/index.ts"],"sourcesContent":["export * from './Authentication.js';\nexport * from './Connect.js';\nexport * from './EndpointErrors.js';\nexport { ActionOnLostSubscription, FluxConnection, State } from './FluxConnection.js';\n\n// @ts-expect-error: esbuild injection\n// eslint-disable-next-line @typescript-eslint/no-unsafe-call\n((feature, vaadinObj = (window.Vaadin ??= {})) => {\n vaadinObj.registrations ??= [];\n vaadinObj.registrations.push({\n is: feature ? `@vaadin/hilla-frontend/${feature}` : '@vaadin/hilla-frontend',\n version: '24.8.0-alpha7',\n });\n})();\n"],"version":3}
1
+ {"mappings":"AAAA;AACA;AACA;AACA,SAAS,0BAA0B,gBAAgB;AAInD,CAAC,CAAC,SAAS,YAAa,WAAW,WAAW,CAAE,MAAM;AACpD,WAAU,kBAAkB,CAAE;AAC9B,WAAU,cAAc,KAAK;EAC3B,IAAI,WAAW,yBAAyB,QAAQ,IAAI;EACpD,SAAS;CACV,EAAC;AACH,IAAG","names":[],"sources":["/opt/agent/work/1af72d8adc613024/hilla/packages/ts/frontend/src/index.ts"],"sourcesContent":["export * from './Authentication.js';\nexport * from './Connect.js';\nexport * from './EndpointErrors.js';\nexport { ActionOnLostSubscription, FluxConnection, State } from './FluxConnection.js';\n\n// @ts-expect-error: esbuild injection\n// eslint-disable-next-line @typescript-eslint/no-unsafe-call\n((feature, vaadinObj = (globalThis.Vaadin ??= {})) => {\n vaadinObj.registrations ??= [];\n vaadinObj.registrations.push({\n is: feature ? `@vaadin/hilla-frontend/${feature}` : '@vaadin/hilla-frontend',\n version: '24.8.0-beta1',\n });\n})();\n"],"version":3}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@vaadin/hilla-frontend",
3
- "version": "24.8.0-alpha7",
3
+ "version": "24.8.0-beta1",
4
4
  "description": "Hilla core frontend utils",
5
5
  "main": "index.js",
6
6
  "module": "index.js",
@@ -20,7 +20,7 @@
20
20
  "lint:fix": "eslint src test --fix",
21
21
  "test": "vitest --run",
22
22
  "test:coverage": "vitest --run --coverage",
23
- "test:watch": "vitest",
23
+ "test:watch": "vitest --inspect --no-file-parallelism",
24
24
  "typecheck": "tsc --noEmit"
25
25
  },
26
26
  "exports": {
package/CsrfUtils.d.ts DELETED
@@ -1 +0,0 @@
1
- export declare function getSpringCsrfInfo(doc: Document): Record<string, string>;
package/CsrfUtils.js DELETED
@@ -1,64 +0,0 @@
1
- import CookieManager from "./CookieManager.js";
2
- /** @internal */
3
- export const VAADIN_CSRF_HEADER = "X-CSRF-Token";
4
- /** @internal */
5
- export const VAADIN_CSRF_COOKIE_NAME = "csrfToken";
6
- /** @internal */
7
- export const SPRING_CSRF_COOKIE_NAME = "XSRF-TOKEN";
8
- function extractContentFromMetaTag(doc, metaTag) {
9
- const element = doc.head.querySelector(`meta[name="${metaTag}"]`);
10
- if (element) {
11
- const value = element.content;
12
- if (value && value.toLowerCase() !== "undefined") {
13
- return value;
14
- }
15
- }
16
- return undefined;
17
- }
18
- export function getSpringCsrfInfo(doc) {
19
- let csrf = CookieManager.get(SPRING_CSRF_COOKIE_NAME);
20
- if (!csrf || csrf.length === 0) {
21
- csrf = extractContentFromMetaTag(doc, "_csrf");
22
- }
23
- const csrfHeader = extractContentFromMetaTag(doc, "_csrf_header");
24
- const headers = {};
25
- if (csrf && csrfHeader) {
26
- headers._csrf = csrf;
27
- headers._csrf_header = csrfHeader;
28
- const csrfParameter = extractContentFromMetaTag(doc, "_csrf_parameter");
29
- if (csrfParameter) {
30
- headers._csrf_parameter = csrfParameter;
31
- }
32
- }
33
- return headers;
34
- }
35
- /** @internal */
36
- export function getSpringCsrfTokenHeadersForAuthRequest(doc) {
37
- const csrfInfo = getSpringCsrfInfo(doc);
38
- const headers = {};
39
- if (csrfInfo._csrf && csrfInfo._csrf_header) {
40
- headers[csrfInfo._csrf_header] = csrfInfo._csrf;
41
- }
42
- return headers;
43
- }
44
- /** @internal */
45
- export function getCsrfTokenHeadersForEndpointRequest(doc) {
46
- const headers = {};
47
- const csrfInfo = getSpringCsrfInfo(doc);
48
- if (csrfInfo._csrf && csrfInfo._csrf_header) {
49
- headers[csrfInfo._csrf_header] = csrfInfo._csrf;
50
- } else {
51
- headers[VAADIN_CSRF_HEADER] = CookieManager.get(VAADIN_CSRF_COOKIE_NAME) ?? "";
52
- }
53
- return headers;
54
- }
55
- /** @internal */
56
- export function getSpringCsrfTokenParametersForAuthRequest(doc) {
57
- const csrfInfo = getSpringCsrfInfo(doc);
58
- const parameters = {};
59
- if (csrfInfo._csrf && csrfInfo._csrf_parameter) {
60
- parameters[csrfInfo._csrf_parameter] = csrfInfo._csrf;
61
- }
62
- return parameters;
63
- }
64
- //# sourceMappingURL=./CsrfUtils.js.map
package/CsrfUtils.js.map DELETED
@@ -1 +0,0 @@
1
- {"mappings":"AAAA,OAAO,uCAAwC;;AAG/C,OAAO,MAAM,qBAAqB;;AAElC,OAAO,MAAM,0BAA0B;;AAEvC,OAAO,MAAM,0BAA0B;AAEvC,SAAS,0BAA0BA,KAAeC,SAAqC;CACrF,MAAM,UAAU,IAAI,KAAK,eAAgC,aAAa,QAAQ,IAAI;AAClF,KAAI,SAAS;EACX,MAAM,QAAQ,QAAQ;AACtB,MAAI,SAAS,MAAM,aAAa,KAAK,aAAa;AAChD,UAAO;EACR;CACF;AACD,QAAO;AACR;AAED,OAAO,SAAS,kBAAkBD,KAAuC;CACvE,IAAI,OAAO,cAAc,IAAI,wBAAwB;AACrD,MAAK,QAAQ,KAAK,WAAW,GAAG;AAC9B,SAAO,0BAA0B,KAAK,QAAQ;CAC/C;CACD,MAAM,aAAa,0BAA0B,KAAK,eAAe;CAEjE,MAAME,UAAkC,CAAE;AAC1C,KAAI,QAAQ,YAAY;AACtB,UAAQ,QAAQ;AAEhB,UAAQ,eAAe;EAEvB,MAAM,gBAAgB,0BAA0B,KAAK,kBAAkB;AACvE,MAAI,eAAe;AAEjB,WAAQ,kBAAkB;EAC3B;CACF;AACD,QAAO;AACR;;AAGD,OAAO,SAAS,wCAAwCF,KAAuC;CAC7F,MAAM,WAAW,kBAAkB,IAAI;CACvC,MAAME,UAAkC,CAAE;AAC1C,KAAI,SAAS,SAAS,SAAS,cAAc;AAC3C,UAAQ,SAAS,gBAAgB,SAAS;CAC3C;AACD,QAAO;AACR;;AAGD,OAAO,SAAS,sCAAsCF,KAAuC;CAC3F,MAAME,UAAkC,CAAE;CAE1C,MAAM,WAAW,kBAAkB,IAAI;AACvC,KAAI,SAAS,SAAS,SAAS,cAAc;AAC3C,UAAQ,SAAS,gBAAgB,SAAS;CAC3C,OAAM;AACL,UAAQ,sBAAsB,cAAc,IAAI,wBAAwB,IAAI;CAC7E;AAED,QAAO;AACR;;AAGD,OAAO,SAAS,2CAA2CF,KAAuC;CAChG,MAAM,WAAW,kBAAkB,IAAI;CACvC,MAAMG,aAAqC,CAAE;AAC7C,KAAI,SAAS,SAAS,SAAS,iBAAiB;AAC9C,aAAW,SAAS,mBAAmB,SAAS;CACjD;AACD,QAAO;AACR","names":["doc: Document","metaTag: string","headers: Record<string, string>","parameters: Record<string, string>"],"sources":["/opt/agent/work/1af72d8adc613024/hilla/packages/ts/frontend/src/CsrfUtils.ts"],"sourcesContent":["import CookieManager from './CookieManager.js';\n\n/** @internal */\nexport const VAADIN_CSRF_HEADER = 'X-CSRF-Token';\n/** @internal */\nexport const VAADIN_CSRF_COOKIE_NAME = 'csrfToken';\n/** @internal */\nexport const SPRING_CSRF_COOKIE_NAME = 'XSRF-TOKEN';\n\nfunction extractContentFromMetaTag(doc: Document, metaTag: string): string | undefined {\n const element = doc.head.querySelector<HTMLMetaElement>(`meta[name=\"${metaTag}\"]`);\n if (element) {\n const value = element.content;\n if (value && value.toLowerCase() !== 'undefined') {\n return value;\n }\n }\n return undefined;\n}\n\nexport function getSpringCsrfInfo(doc: Document): Record<string, string> {\n let csrf = CookieManager.get(SPRING_CSRF_COOKIE_NAME);\n if (!csrf || csrf.length === 0) {\n csrf = extractContentFromMetaTag(doc, '_csrf');\n }\n const csrfHeader = extractContentFromMetaTag(doc, '_csrf_header');\n\n const headers: Record<string, string> = {};\n if (csrf && csrfHeader) {\n headers._csrf = csrf;\n // eslint-disable-next-line camelcase\n headers._csrf_header = csrfHeader;\n\n const csrfParameter = extractContentFromMetaTag(doc, '_csrf_parameter');\n if (csrfParameter) {\n // eslint-disable-next-line camelcase\n headers._csrf_parameter = csrfParameter;\n }\n }\n return headers;\n}\n\n/** @internal */\nexport function getSpringCsrfTokenHeadersForAuthRequest(doc: Document): Record<string, string> {\n const csrfInfo = getSpringCsrfInfo(doc);\n const headers: Record<string, string> = {};\n if (csrfInfo._csrf && csrfInfo._csrf_header) {\n headers[csrfInfo._csrf_header] = csrfInfo._csrf;\n }\n return headers;\n}\n\n/** @internal */\nexport function getCsrfTokenHeadersForEndpointRequest(doc: Document): Record<string, string> {\n const headers: Record<string, string> = {};\n\n const csrfInfo = getSpringCsrfInfo(doc);\n if (csrfInfo._csrf && csrfInfo._csrf_header) {\n headers[csrfInfo._csrf_header] = csrfInfo._csrf;\n } else {\n headers[VAADIN_CSRF_HEADER] = CookieManager.get(VAADIN_CSRF_COOKIE_NAME) ?? '';\n }\n\n return headers;\n}\n\n/** @internal */\nexport function getSpringCsrfTokenParametersForAuthRequest(doc: Document): Record<string, string> {\n const csrfInfo = getSpringCsrfInfo(doc);\n const parameters: Record<string, string> = {};\n if (csrfInfo._csrf && csrfInfo._csrf_parameter) {\n parameters[csrfInfo._csrf_parameter] = csrfInfo._csrf;\n }\n return parameters;\n}\n"],"version":3}