@vaadin/hilla-frontend 25.1.2 → 25.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/Authentication.js.map +1 -1
  2. package/index.js +1 -1
  3. package/index.js.map +1 -1
  4. package/package.json +1 -1
package/Authentication.js.map CHANGED
@@ -1 +1 @@
1
- {"mappings":"AACA,OAAO,uCAAwC;AAC/C,OAAO,kBACL,oBACA,mBAEA,cACA,yBACA,+CAC2B;AAE7B,SAAS,cAAcA,eAA+E;CACpG,MAAM,UAAU,IAAI;AACpB,MAAK,MAAM,CAAC,MAAM,MAAM,IAAI,eAAe;AACzC,UAAQ,OAAO,MAAM,MAAM;CAC5B;AACD,QAAO;AACR;AAED,MAAM,kBAAkB;AAExB,eAAe,4BAA4BC,MAAiC;CAC1E,MAAM,MAAM,IAAI,YAAY,gBAAgB,MAAM,YAAY;AAC9D,QAAO,wBAAwB,IAAI;AACpC;AAED,eAAe,gCAAgCC,UAAmC;CAChF,MAAM,eAAe,MAAM,SAAS,MAAM;CAC1C,MAAM,WAAW,MAAM,4BAA4B,aAAa;AAChE,oBAAmB,UAAU,SAAS;AACvC;AAED,eAAe,cACbC,WACAH,eACA;CACA,MAAM,UAAU,cAAc,cAAc;CAC5C,MAAM,WAAW,MAAM,MAAM,WAAW;EAAE;EAAS,QAAQ;CAAQ,EAAC;AACpE,MAAK,SAAS,IAAI;AAChB,QAAM,IAAI,OAAO,iCAAiC,SAAS,OAAO;CACnE;AAED,OAAM,gCAAgC,SAAS;AAC/C,gBAAe,OAAO;AAEtB,QAAO;AACR;AAED,eAAe,aACbI,KACAC,iBACe;CACf,MAAM,mBAAmB,QAAQ,WAAW,MAAM,IAAI,UAAU;CAGhE,MAAM,OAAO,SAAS,cAAc,OAAO;AAC3C,MAAK,aAAa,UAAU,OAAO;AACnC,MAAK,aAAa,UAAU,UAAU;AACtC,MAAK,MAAM,UAAU;AAGrB,MAAK,MAAM,CAAC,MAAM,MAAM,IAAI,iBAAiB;EAC3C,MAAM,QAAQ,SAAS,cAAc,QAAQ;AAC7C,QAAM,aAAa,QAAQ,SAAS;AACpC,QAAM,aAAa,QAAQ,KAAK;AAChC,QAAM,aAAa,SAAS,MAAM;AAElC,OAAK,YAAY,MAAM;CACxB;AAGD,UAAS,KAAK,YAAY,KAAK;AAK/B,QAAO,IAAI,QAAQ,CAAC,GAAG,WAAW;AAChC,aAAW,MAAM;AACf,UAAO,IAAI,MAAM,2DAA2D;EAC7E,GAAE,IAAM;AACT,OAAK,QAAQ;CACd;AACF;AAED,eAAe,SAASC,KAAeC,SAA4C;CAGjF,MAAM,0BAA0B,SAAS,aAAa,SAAS;CAE/D,MAAM,YAAY,SAAS,aAAa;CACxC,MAAM,WAAW,QAAQ,WAAW,MAAM,eAAe,KAAK,GAAG,MAAM,wBAAwB,IAAI;AACnG,KAAI,wBAAwB;EAC1B,MAAM,kBAAkB,SAAS,SAAS,aAAa,SAAS,SAAS,kBAAkB,CAAE;AAC7F,QAAM,aAAa,WAAW,gBAAgB;AAE9C,SAAO,IAAI,SAAS,MAAM;GACxB,QAAQ;GACR,YAAY;EACb;CACF;CACD,MAAM,gBAAgB,SAAS,SAAS,aAAa,SAAS,SAAS,gBAAgB,CAAE;AACzF,QAAO,MAAM,cAAc,WAAW,cAAc;AACrD;AAmDD,SAAS,cAAcC,KAAqB;CAE1C,MAAM,mBAAmB,IAAI,IAAI,KAAK,SAAS;CAC/C,MAAM,mBAAmB,iBAAiB,UAAU;CAEpD,IAAI,aAAa;AAGjB,KAAI,WAAW,WAAW,iBAAiB,SAAS,EAAE;AACpD,UAAQ,GAAG,WAAW,MAAM,iBAAiB,SAAS,OAAO,CAAC;CAC/D;AAGD,cAAa,WAAW,WAAW,iBAAiB,IAAI,GAAG,WAAW,MAAM,iBAAiB,OAAO,CAAC,IAAI;AAEzG,QAAO;AACR;;;;;;AAOD,SAAS,uBAAuBC,IAAY;CAE1C,MAAM,MAAM,GAAG,WAAW,IAAI,GAAG,IAAI,KAAK,GAAG,GAAG,GAAG,SAAS,WAAW;AACvE,QAAO,SAAS,QAAQ,IAAI;AAC7B;;;;;;;AAQD,OAAO,eAAe,MAAMC,UAAkBC,UAAkBC,SAA8C;AAC5G,KAAI;EACF,MAAM,OAAO,IAAI;AACjB,OAAK,OAAO,YAAY,SAAS;AACjC,OAAK,OAAO,YAAY,SAAS;EAEjC,MAAM,qBAAqB,SAAS,sBAAsB;EAC1D,MAAM,WAAW,MAAM,eAAe,KAAK;EAC3C,MAAM,UAAU,cAAc,SAAS,cAAc;AACrD,UAAQ,OAAO,UAAU,aAAa;EACtC,MAAM,WAAW,MAAM,MAAM,oBAAoB;GAC/C,MAAM;GACN;GACA,QAAQ;EACT,EAAC;EAKF,MAAM,SAAS,SAAS,QAAQ,IAAI,SAAS;EAC7C,MAAM,WAAW,SAAS,QAAQ,IAAI,YAAY,IAAI;EACtD,MAAM,aAAa,SAAS,QAAQ,IAAI,cAAc,IAAI;EAC1D,MAAM,kBAAkB,SAAS,MAAM,WAAW;AAElD,MAAI,iBAAiB;GACnB,MAAM,mBAAmB,SAAS,QAAQ,IAAI,qBAAqB,IAAI;GACvE,MAAM,kBAAkB,SAAS,QAAQ,IAAI,oBAAoB,IAAI;AACrE,OAAI,oBAAoB,iBAAiB;AACvC,uBACE;KACE,eAAe,CAAC,CAAC,kBAAkB,eAAgB,CAAC;KACpD,iBAAiB,CAAE;KACnB,MAAM,aAAa;KACnB,WAAW,KAAK,KAAK;IACtB,GACD,SACD;AACD,mBAAe,OAAO;GACvB;AAED,OAAI,SAAS,WAAW;AACtB,UAAM,QAAQ,WAAW;GAC1B;GAED,MAAM,MAAM,YAAY,cAAc,SAAS;GAC/C,MAAM,SAAS,cAAc,IAAI;GACjC,MAAM,WAAW,SAAS,YAAY;AACtC,YAAS,OAAO;AAEhB,UAAO;IACL;IACA,OAAO;IACP,aAAa;GACd;EACF;AACD,SAAO;GACL,OAAO;GACP,cAAc;GACd,YAAY;EACb;CACF,SAAQC,GAAY;AACnB,MAAI,aAAa,OAAO;AACtB,UAAO;IACL,OAAO;IACP,cAAc,EAAE;IAChB,YAAY,EAAE;GACf;EACF;AAED,QAAM;CACP;AACF;;;;;AAMD,OAAO,eAAe,OAAON,SAAwC;CACnE,IAAIO;AACJ,KAAI;AACF,aAAW,MAAM,SAAS,UAAU,QAAQ;CAC7C,QAAO;AACN,MAAI;GACF,MAAM,kBAAkB,MAAM,MAAM,WAAW;GAC/C,MAAM,eAAe,MAAM,gBAAgB,MAAM;GACjD,MAAM,MAAM,IAAI,YAAY,gBAAgB,cAAc,YAAY;AACtE,cAAW,MAAM,SAAS,KAAK,QAAQ;EACxC,SAAQ,OAAO;AAEd,qBAAkB,SAAS;AAC3B,kBAAe,OAAO;AACtB,SAAM;EACP;CACF,UAAS;AACR,gBAAc,OAAO,gBAAgB;AACrC,MAAI,YAAY,SAAS,MAAM,SAAS,YAAY;AAClD,OAAI,SAAS,WAAW;AACtB,UAAM,QAAQ,WAAW;GAC1B;GACD,MAAM,SAAS,cAAc,SAAS,IAAI;GAC1C,MAAM,WAAW,SAAS,YAAY;AACtC,YAAS,OAAO;EACjB;CACF;AACF;;;;;;AAeD,OAAO,MAAM,yBAAoD;CAC/D,AAAiB;CAEjB,YAAYC,0BAAoD;AAC9D,OAAK,2BAA2B;CACjC;CAED,MAAM,OAAOC,SAA4BC,MAAyC;EAChF,MAAM,gBAAgB,EAAE,GAAG,QAAS;AACpC,gBAAc,UAAU,QAAQ,QAAQ,OAAO;EAC/C,MAAM,WAAW,MAAM,KAAK,QAAQ;AACpC,MAAI,SAAS,WAAW,KAAK;GAC3B,MAAM,cAAc,MAAM,KAAK,0BAA0B;AACzD,OAAI,YAAY,OAAO;AACrB,kBAAc,QAAQ,QAAQ,IAAI,oBAAoB,YAAY,MAAM;AACxE,WAAO,KAAK,cAAc;GAC3B;EACF;AACD,SAAO;CACR;AACF","names":["headerEntries: ReadonlyArray<readonly [name: string, value: string]>","body: string","response: Response","logoutUrl: URL | string","url: URL | string","formDataEntries: ReadonlyArray<readonly [name: string, value: string]>","doc: Document","options?: LogoutOptions","url: string","to: string","username: string","password: string","options?: LoginOptions","e: unknown","response: Response | undefined","onInvalidSessionCallback: OnInvalidSessionCallback","context: MiddlewareContext","next: MiddlewareNext"],"sources":["/opt/agent/work/649c11185a3798db/packages/ts/frontend/src/Authentication.ts"],"sourcesContent":["import type { MiddlewareClass, MiddlewareContext, MiddlewareNext } from './Connect.js';\nimport CookieManager from './CookieManager.js';\nimport csrfInfoSource, {\n VAADIN_CSRF_HEADER,\n clearCsrfInfoMeta,\n type CsrfInfo,\n CsrfInfoType,\n extractCsrfInfoFromMeta,\n updateCsrfInfoMeta,\n} from './CsrfInfoSource.js';\n\nfunction createHeaders(headerEntries: ReadonlyArray<readonly [name: string, value: string]>): Headers {\n const headers = new Headers();\n for (const [name, value] of headerEntries) {\n headers.append(name, value);\n }\n return headers;\n}\n\nconst JWT_COOKIE_NAME = 'jwt.headerAndPayload';\n\nasync function getCsrfInfoFromResponseBody(body: string): Promise<CsrfInfo> {\n const doc = new DOMParser().parseFromString(body, 'text/html');\n return extractCsrfInfoFromMeta(doc);\n}\n\nasync function updateCsrfTokensBasedOnResponse(response: Response): Promise<void> {\n const responseText = await response.text();\n const csrfInfo = await getCsrfInfoFromResponseBody(responseText);\n updateCsrfInfoMeta(csrfInfo, document);\n}\n\nasync function doFetchLogout(\n logoutUrl: URL | string,\n headerEntries: ReadonlyArray<readonly [name: string, value: string]>,\n) {\n const headers = createHeaders(headerEntries);\n const response = await fetch(logoutUrl, { headers, method: 'POST' });\n if (!response.ok) {\n throw new Error(`failed to logout with response ${response.status}`);\n }\n\n await updateCsrfTokensBasedOnResponse(response);\n csrfInfoSource.reset();\n\n return response;\n}\n\nasync function doFormLogout(\n url: URL | string,\n formDataEntries: ReadonlyArray<readonly [name: string, value: string]>,\n): Promise<void> {\n const logoutUrl = typeof url === 'string' ? url : url.toString();\n\n // Create form to send POST request\n const form = document.createElement('form');\n form.setAttribute('method', 'POST');\n form.setAttribute('action', logoutUrl);\n form.style.display = 'none';\n\n // Add data to form as hidden input fields\n for (const [name, value] of formDataEntries) {\n const input = document.createElement('input');\n input.setAttribute('type', 'hidden');\n input.setAttribute('name', name);\n input.setAttribute('value', value);\n\n form.appendChild(input);\n }\n\n // Append form to page and submit it to perform logout and redirect\n document.body.appendChild(form);\n\n // No code should run after a form submission, as it will navigate away.\n // The promise will reject after a long timeout to avoid executing code after\n // (old user code has a `reload` call that could happen before the form submission).\n return new Promise((_, reject) => {\n setTimeout(() => {\n reject(new Error('Form submission did not navigate away after 10 seconds.'));\n }, 10000);\n form.submit();\n });\n}\n\nasync function doLogout(doc: Document, options?: LogoutOptions): Promise<Response> {\n // performing fetch logout only makes sense if at least one of the 'navigate'\n // or 'onSuccess' is defined, otherwise we can just do a form logout:\n const shouldSubmitFormLogout = !options?.navigate && !options?.onSuccess;\n // this assumes the default Spring Security logout configuration (handler URL)\n const logoutUrl = options?.logoutUrl ?? 'logout';\n const csrfInfo = doc === document ? await csrfInfoSource.get() : await extractCsrfInfoFromMeta(doc);\n if (shouldSubmitFormLogout) {\n const formDataEntries = csrfInfo.type === CsrfInfoType.SPRING ? csrfInfo.formDataEntries : [];\n await doFormLogout(logoutUrl, formDataEntries);\n // This should never be reached, as form submission will navigate away\n return new Response(null, {\n status: 500,\n statusText: 'Form submission did not navigate away.',\n } as ResponseInit);\n }\n const headerEntries = csrfInfo.type === CsrfInfoType.SPRING ? csrfInfo.headerEntries : [];\n return await doFetchLogout(logoutUrl, headerEntries);\n}\n\nexport interface LoginResult {\n error: boolean;\n token?: string;\n errorTitle?: string;\n errorMessage?: string;\n redirectUrl?: string;\n defaultUrl?: string;\n}\n\nexport type SuccessCallback = () => Promise<void> | void;\n\nexport type NavigateFunction = (path: string) => void;\n\nexport interface LoginOptions {\n /**\n * The URL for login request, defaults to `/login`.\n */\n loginProcessingUrl?: URL | string;\n\n /**\n * The success callback.\n */\n onSuccess?: SuccessCallback;\n\n /**\n * The navigation callback, called after successful login. The default\n * reloads the page.\n */\n navigate?: NavigateFunction;\n}\n\nexport interface LogoutOptions {\n /**\n * The URL for logout request, defaults to `/logout`.\n */\n logoutUrl?: URL | string;\n\n /**\n * The success callback.\n */\n onSuccess?: SuccessCallback;\n\n /**\n * The navigation callback, called after successful logout. The default\n * reloads the page.\n */\n navigate?: NavigateFunction;\n}\n\nfunction normalizePath(url: string): string {\n // URL with context path\n const effectiveBaseURL = new URL('.', document.baseURI);\n const effectiveBaseURI = effectiveBaseURL.toString();\n\n let normalized = url;\n\n // Strip context path prefix\n if (normalized.startsWith(effectiveBaseURL.pathname)) {\n return `/${normalized.slice(effectiveBaseURL.pathname.length)}`;\n }\n\n // Strip base URI\n normalized = normalized.startsWith(effectiveBaseURI) ? `/${normalized.slice(effectiveBaseURI.length)}` : normalized;\n\n return normalized;\n}\n\n/**\n * Navigates to the provided path using page reload.\n *\n * @param to - navigation target path\n */\nfunction navigateWithPageReload(to: string) {\n // Consider absolute path to be within application context\n const url = to.startsWith('/') ? new URL(`.${to}`, document.baseURI) : to;\n window.location.replace(url);\n}\n\n/**\n * A helper method for Spring Security based form login.\n * @param username - username\n * @param password - password\n * @param options - defines additional options, e.g, the loginProcessingUrl etc.\n */\nexport async function login(username: string, password: string, options?: LoginOptions): Promise<LoginResult> {\n try {\n const data = new FormData();\n data.append('username', username);\n data.append('password', password);\n\n const loginProcessingUrl = options?.loginProcessingUrl ?? 'login';\n const csrfInfo = await csrfInfoSource.get();\n const headers = createHeaders(csrfInfo.headerEntries);\n headers.append('source', 'typescript');\n const response = await fetch(loginProcessingUrl, {\n body: data,\n headers,\n method: 'POST',\n });\n\n // This code assumes that a VaadinSavedRequestAwareAuthenticationSuccessHandler is used on the server side,\n // setting these header values based on the \"source=typescript\" header set above\n\n const result = response.headers.get('Result');\n const savedUrl = response.headers.get('Saved-url') ?? undefined;\n const defaultUrl = response.headers.get('Default-url') ?? undefined;\n const loginSuccessful = response.ok && result === 'success';\n\n if (loginSuccessful) {\n const springCsrfHeader = response.headers.get('Spring-CSRF-header') ?? undefined;\n const springCsrfToken = response.headers.get('Spring-CSRF-token') ?? undefined;\n if (springCsrfHeader && springCsrfToken) {\n updateCsrfInfoMeta(\n {\n headerEntries: [[springCsrfHeader, springCsrfToken]],\n formDataEntries: [],\n type: CsrfInfoType.SPRING,\n timestamp: Date.now(),\n },\n document,\n );\n csrfInfoSource.reset();\n }\n\n if (options?.onSuccess) {\n await options.onSuccess();\n }\n\n const url = savedUrl ?? defaultUrl ?? document.baseURI;\n const toPath = normalizePath(url);\n const navigate = options?.navigate ?? navigateWithPageReload;\n navigate(toPath);\n\n return {\n defaultUrl,\n error: false,\n redirectUrl: savedUrl,\n };\n }\n return {\n error: true,\n errorMessage: 'Check that you have entered the correct username and password and try again.',\n errorTitle: 'Incorrect username or password.',\n };\n } catch (e: unknown) {\n if (e instanceof Error) {\n return {\n error: true,\n errorMessage: e.message,\n errorTitle: e.name,\n };\n }\n\n throw e;\n }\n}\n\n/**\n * A helper method for Spring Security based form logout\n * @param options - defines additional options, e.g, the logoutUrl.\n */\nexport async function logout(options?: LogoutOptions): Promise<void> {\n let response: Response | undefined;\n try {\n response = await doLogout(document, options);\n } catch {\n try {\n const noCacheResponse = await fetch('?nocache');\n const responseText = await noCacheResponse.text();\n const doc = new DOMParser().parseFromString(responseText, 'text/html');\n response = await doLogout(doc, options);\n } catch (error) {\n // clear the token if the call fails\n clearCsrfInfoMeta(document);\n csrfInfoSource.reset();\n throw error;\n }\n } finally {\n CookieManager.remove(JWT_COOKIE_NAME);\n if (response && response.ok && response.redirected) {\n if (options?.onSuccess) {\n await options.onSuccess();\n }\n const toPath = normalizePath(response.url);\n const navigate = options?.navigate ?? navigateWithPageReload;\n navigate(toPath);\n }\n }\n}\n\n/**\n * It defines what to do when it detects a session is invalid. E.g.,\n * show a login view.\n * It takes an <code>EndpointCallContinue</code> parameter, which can be\n * used to continue the endpoint call.\n */\nexport type OnInvalidSessionCallback = () => Promise<LoginResult>;\n\n/**\n * A helper class for handling invalid sessions during an endpoint call.\n * E.g., you can use this to show user a login page when the session has\n * expired.\n */\nexport class InvalidSessionMiddleware implements MiddlewareClass {\n private readonly onInvalidSessionCallback: OnInvalidSessionCallback;\n\n constructor(onInvalidSessionCallback: OnInvalidSessionCallback) {\n this.onInvalidSessionCallback = onInvalidSessionCallback;\n }\n\n async invoke(context: MiddlewareContext, next: MiddlewareNext): Promise<Response> {\n const clonedContext = { ...context };\n clonedContext.request = context.request.clone();\n const response = await next(context);\n if (response.status === 401) {\n const loginResult = await this.onInvalidSessionCallback();\n if (loginResult.token) {\n clonedContext.request.headers.set(VAADIN_CSRF_HEADER, loginResult.token);\n return next(clonedContext) as Promise<Response>;\n }\n }\n return response;\n }\n}\n"],"version":3}
1
+ {"mappings":"AACA,OAAO,uCAAwC;AAC/C,OAAO,kBACL,oBACA,mBAEA,cACA,yBACA,+CAC2B;AAE7B,SAAS,cAAcA,eAA+E;CACpG,MAAM,UAAU,IAAI;AACpB,MAAK,MAAM,CAAC,MAAM,MAAM,IAAI,eAAe;AACzC,UAAQ,OAAO,MAAM,MAAM;CAC5B;AACD,QAAO;AACR;AAED,MAAM,kBAAkB;AAExB,eAAe,4BAA4BC,MAAiC;CAC1E,MAAM,MAAM,IAAI,YAAY,gBAAgB,MAAM,YAAY;AAC9D,QAAO,wBAAwB,IAAI;AACpC;AAED,eAAe,gCAAgCC,UAAmC;CAChF,MAAM,eAAe,MAAM,SAAS,MAAM;CAC1C,MAAM,WAAW,MAAM,4BAA4B,aAAa;AAChE,oBAAmB,UAAU,SAAS;AACvC;AAED,eAAe,cACbC,WACAH,eACA;CACA,MAAM,UAAU,cAAc,cAAc;CAC5C,MAAM,WAAW,MAAM,MAAM,WAAW;EAAE;EAAS,QAAQ;CAAQ,EAAC;AACpE,MAAK,SAAS,IAAI;AAChB,QAAM,IAAI,OAAO,iCAAiC,SAAS,OAAO;CACnE;AAED,OAAM,gCAAgC,SAAS;AAC/C,gBAAe,OAAO;AAEtB,QAAO;AACR;AAED,eAAe,aACbI,KACAC,iBACe;CACf,MAAM,mBAAmB,QAAQ,WAAW,MAAM,IAAI,UAAU;CAGhE,MAAM,OAAO,SAAS,cAAc,OAAO;AAC3C,MAAK,aAAa,UAAU,OAAO;AACnC,MAAK,aAAa,UAAU,UAAU;AACtC,MAAK,MAAM,UAAU;AAGrB,MAAK,MAAM,CAAC,MAAM,MAAM,IAAI,iBAAiB;EAC3C,MAAM,QAAQ,SAAS,cAAc,QAAQ;AAC7C,QAAM,aAAa,QAAQ,SAAS;AACpC,QAAM,aAAa,QAAQ,KAAK;AAChC,QAAM,aAAa,SAAS,MAAM;AAElC,OAAK,YAAY,MAAM;CACxB;AAGD,UAAS,KAAK,YAAY,KAAK;AAK/B,QAAO,IAAI,QAAQ,CAAC,GAAG,WAAW;AAChC,aAAW,MAAM;AACf,UAAO,IAAI,MAAM,2DAA2D;EAC7E,GAAE,IAAM;AACT,OAAK,QAAQ;CACd;AACF;AAED,eAAe,SAASC,KAAeC,SAA4C;CAGjF,MAAM,0BAA0B,SAAS,aAAa,SAAS;CAE/D,MAAM,YAAY,SAAS,aAAa;CACxC,MAAM,WAAW,QAAQ,WAAW,MAAM,eAAe,KAAK,GAAG,MAAM,wBAAwB,IAAI;AACnG,KAAI,wBAAwB;EAC1B,MAAM,kBAAkB,SAAS,SAAS,aAAa,SAAS,SAAS,kBAAkB,CAAE;AAC7F,QAAM,aAAa,WAAW,gBAAgB;AAE9C,SAAO,IAAI,SAAS,MAAM;GACxB,QAAQ;GACR,YAAY;EACb;CACF;CACD,MAAM,gBAAgB,SAAS,SAAS,aAAa,SAAS,SAAS,gBAAgB,CAAE;AACzF,QAAO,MAAM,cAAc,WAAW,cAAc;AACrD;AAmDD,SAAS,cAAcC,KAAqB;CAE1C,MAAM,mBAAmB,IAAI,IAAI,KAAK,SAAS;CAC/C,MAAM,mBAAmB,iBAAiB,UAAU;CAEpD,IAAI,aAAa;AAGjB,KAAI,WAAW,WAAW,iBAAiB,SAAS,EAAE;AACpD,UAAQ,GAAG,WAAW,MAAM,iBAAiB,SAAS,OAAO,CAAC;CAC/D;AAGD,cAAa,WAAW,WAAW,iBAAiB,IAAI,GAAG,WAAW,MAAM,iBAAiB,OAAO,CAAC,IAAI;AAEzG,QAAO;AACR;;;;;;AAOD,SAAS,uBAAuBC,IAAY;CAE1C,MAAM,MAAM,GAAG,WAAW,IAAI,GAAG,IAAI,KAAK,GAAG,GAAG,GAAG,SAAS,WAAW;AACvE,QAAO,SAAS,QAAQ,IAAI;AAC7B;;;;;;;AAQD,OAAO,eAAe,MAAMC,UAAkBC,UAAkBC,SAA8C;AAC5G,KAAI;EACF,MAAM,OAAO,IAAI;AACjB,OAAK,OAAO,YAAY,SAAS;AACjC,OAAK,OAAO,YAAY,SAAS;EAEjC,MAAM,qBAAqB,SAAS,sBAAsB;EAC1D,MAAM,WAAW,MAAM,eAAe,KAAK;EAC3C,MAAM,UAAU,cAAc,SAAS,cAAc;AACrD,UAAQ,OAAO,UAAU,aAAa;EACtC,MAAM,WAAW,MAAM,MAAM,oBAAoB;GAC/C,MAAM;GACN;GACA,QAAQ;EACT,EAAC;EAKF,MAAM,SAAS,SAAS,QAAQ,IAAI,SAAS;EAC7C,MAAM,WAAW,SAAS,QAAQ,IAAI,YAAY,IAAI;EACtD,MAAM,aAAa,SAAS,QAAQ,IAAI,cAAc,IAAI;EAC1D,MAAM,kBAAkB,SAAS,MAAM,WAAW;AAElD,MAAI,iBAAiB;GACnB,MAAM,mBAAmB,SAAS,QAAQ,IAAI,qBAAqB,IAAI;GACvE,MAAM,kBAAkB,SAAS,QAAQ,IAAI,oBAAoB,IAAI;AACrE,OAAI,oBAAoB,iBAAiB;AACvC,uBACE;KACE,eAAe,CAAC,CAAC,kBAAkB,eAAgB,CAAC;KACpD,iBAAiB,CAAE;KACnB,MAAM,aAAa;KACnB,WAAW,KAAK,KAAK;IACtB,GACD,SACD;AACD,mBAAe,OAAO;GACvB;AAED,OAAI,SAAS,WAAW;AACtB,UAAM,QAAQ,WAAW;GAC1B;GAED,MAAM,MAAM,YAAY,cAAc,SAAS;GAC/C,MAAM,SAAS,cAAc,IAAI;GACjC,MAAM,WAAW,SAAS,YAAY;AACtC,YAAS,OAAO;AAEhB,UAAO;IACL;IACA,OAAO;IACP,aAAa;GACd;EACF;AACD,SAAO;GACL,OAAO;GACP,cAAc;GACd,YAAY;EACb;CACF,SAAQC,GAAY;AACnB,MAAI,aAAa,OAAO;AACtB,UAAO;IACL,OAAO;IACP,cAAc,EAAE;IAChB,YAAY,EAAE;GACf;EACF;AAED,QAAM;CACP;AACF;;;;;AAMD,OAAO,eAAe,OAAON,SAAwC;CACnE,IAAIO;AACJ,KAAI;AACF,aAAW,MAAM,SAAS,UAAU,QAAQ;CAC7C,QAAO;AACN,MAAI;GACF,MAAM,kBAAkB,MAAM,MAAM,WAAW;GAC/C,MAAM,eAAe,MAAM,gBAAgB,MAAM;GACjD,MAAM,MAAM,IAAI,YAAY,gBAAgB,cAAc,YAAY;AACtE,cAAW,MAAM,SAAS,KAAK,QAAQ;EACxC,SAAQ,OAAO;AAEd,qBAAkB,SAAS;AAC3B,kBAAe,OAAO;AACtB,SAAM;EACP;CACF,UAAS;AACR,gBAAc,OAAO,gBAAgB;AACrC,MAAI,YAAY,SAAS,MAAM,SAAS,YAAY;AAClD,OAAI,SAAS,WAAW;AACtB,UAAM,QAAQ,WAAW;GAC1B;GACD,MAAM,SAAS,cAAc,SAAS,IAAI;GAC1C,MAAM,WAAW,SAAS,YAAY;AACtC,YAAS,OAAO;EACjB;CACF;AACF;;;;;;AAeD,OAAO,MAAM,yBAAoD;CAC/D,AAAiB;CAEjB,YAAYC,0BAAoD;AAC9D,OAAK,2BAA2B;CACjC;CAED,MAAM,OAAOC,SAA4BC,MAAyC;EAChF,MAAM,gBAAgB,EAAE,GAAG,QAAS;AACpC,gBAAc,UAAU,QAAQ,QAAQ,OAAO;EAC/C,MAAM,WAAW,MAAM,KAAK,QAAQ;AACpC,MAAI,SAAS,WAAW,KAAK;GAC3B,MAAM,cAAc,MAAM,KAAK,0BAA0B;AACzD,OAAI,YAAY,OAAO;AACrB,kBAAc,QAAQ,QAAQ,IAAI,oBAAoB,YAAY,MAAM;AACxE,WAAO,KAAK,cAAc;GAC3B;EACF;AACD,SAAO;CACR;AACF","names":["headerEntries: ReadonlyArray<readonly [name: string, value: string]>","body: string","response: Response","logoutUrl: URL | string","url: URL | string","formDataEntries: ReadonlyArray<readonly [name: string, value: string]>","doc: Document","options?: LogoutOptions","url: string","to: string","username: string","password: string","options?: LoginOptions","e: unknown","response: Response | undefined","onInvalidSessionCallback: OnInvalidSessionCallback","context: MiddlewareContext","next: MiddlewareNext"],"sources":["/opt/agent/work/649c11185a3798db/packages/ts/frontend/src/Authentication.ts"],"sourcesContent":["import type { MiddlewareClass, MiddlewareContext, MiddlewareNext } from './Connect.js';\nimport CookieManager from './CookieManager.js';\nimport csrfInfoSource, {\n VAADIN_CSRF_HEADER,\n clearCsrfInfoMeta,\n type CsrfInfo,\n CsrfInfoType,\n extractCsrfInfoFromMeta,\n updateCsrfInfoMeta,\n} from './CsrfInfoSource.js';\n\nfunction createHeaders(headerEntries: ReadonlyArray<readonly [name: string, value: string]>): Headers {\n const headers = new Headers();\n for (const [name, value] of headerEntries) {\n headers.append(name, value);\n }\n return headers;\n}\n\nconst JWT_COOKIE_NAME = 'jwt.headerAndPayload';\n\nasync function getCsrfInfoFromResponseBody(body: string): Promise<CsrfInfo> {\n const doc = new DOMParser().parseFromString(body, 'text/html');\n return extractCsrfInfoFromMeta(doc);\n}\n\nasync function updateCsrfTokensBasedOnResponse(response: Response): Promise<void> {\n const responseText = await response.text();\n const csrfInfo = await getCsrfInfoFromResponseBody(responseText);\n updateCsrfInfoMeta(csrfInfo, document);\n}\n\nasync function doFetchLogout(\n logoutUrl: URL | string,\n headerEntries: ReadonlyArray<readonly [name: string, value: string]>,\n) {\n const headers = createHeaders(headerEntries);\n const response = await fetch(logoutUrl, { headers, method: 'POST' });\n if (!response.ok) {\n throw new Error(`failed to logout with response ${response.status}`);\n }\n\n await updateCsrfTokensBasedOnResponse(response);\n csrfInfoSource.reset();\n\n return response;\n}\n\nasync function doFormLogout(\n url: URL | string,\n formDataEntries: ReadonlyArray<readonly [name: string, value: string]>,\n): Promise<void> {\n const logoutUrl = typeof url === 'string' ? url : url.toString();\n\n // Create form to send POST request\n const form = document.createElement('form');\n form.setAttribute('method', 'POST');\n form.setAttribute('action', logoutUrl);\n form.style.display = 'none';\n\n // Add data to form as hidden input fields\n for (const [name, value] of formDataEntries) {\n const input = document.createElement('input');\n input.setAttribute('type', 'hidden');\n input.setAttribute('name', name);\n input.setAttribute('value', value);\n\n form.appendChild(input);\n }\n\n // Append form to page and submit it to perform logout and redirect\n document.body.appendChild(form);\n\n // No code should run after a form submission, as it will navigate away.\n // The promise will reject after a long timeout to avoid executing code after\n // (old user code has a `reload` call that could happen before the form submission).\n return new Promise((_, reject) => {\n setTimeout(() => {\n reject(new Error('Form submission did not navigate away after 10 seconds.'));\n }, 10000);\n form.submit();\n });\n}\n\nasync function doLogout(doc: Document, options?: LogoutOptions): Promise<Response> {\n // performing fetch logout only makes sense if at least one of the 'navigate'\n // or 'onSuccess' is defined, otherwise we can just do a form logout:\n const shouldSubmitFormLogout = !options?.navigate && !options?.onSuccess;\n // this assumes the default Spring Security logout configuration (handler URL)\n const logoutUrl = options?.logoutUrl ?? 'logout';\n const csrfInfo = doc === document ? await csrfInfoSource.get() : await extractCsrfInfoFromMeta(doc);\n if (shouldSubmitFormLogout) {\n const formDataEntries = csrfInfo.type === CsrfInfoType.SPRING ? csrfInfo.formDataEntries : [];\n await doFormLogout(logoutUrl, formDataEntries);\n // This should never be reached, as form submission will navigate away\n return new Response(null, {\n status: 500,\n statusText: 'Form submission did not navigate away.',\n });\n }\n const headerEntries = csrfInfo.type === CsrfInfoType.SPRING ? csrfInfo.headerEntries : [];\n return await doFetchLogout(logoutUrl, headerEntries);\n}\n\nexport interface LoginResult {\n error: boolean;\n token?: string;\n errorTitle?: string;\n errorMessage?: string;\n redirectUrl?: string;\n defaultUrl?: string;\n}\n\nexport type SuccessCallback = () => Promise<void> | void;\n\nexport type NavigateFunction = (path: string) => void;\n\nexport interface LoginOptions {\n /**\n * The URL for login request, defaults to `/login`.\n */\n loginProcessingUrl?: URL | string;\n\n /**\n * The success callback.\n */\n onSuccess?: SuccessCallback;\n\n /**\n * The navigation callback, called after successful login. The default\n * reloads the page.\n */\n navigate?: NavigateFunction;\n}\n\nexport interface LogoutOptions {\n /**\n * The URL for logout request, defaults to `/logout`.\n */\n logoutUrl?: URL | string;\n\n /**\n * The success callback.\n */\n onSuccess?: SuccessCallback;\n\n /**\n * The navigation callback, called after successful logout. The default\n * reloads the page.\n */\n navigate?: NavigateFunction;\n}\n\nfunction normalizePath(url: string): string {\n // URL with context path\n const effectiveBaseURL = new URL('.', document.baseURI);\n const effectiveBaseURI = effectiveBaseURL.toString();\n\n let normalized = url;\n\n // Strip context path prefix\n if (normalized.startsWith(effectiveBaseURL.pathname)) {\n return `/${normalized.slice(effectiveBaseURL.pathname.length)}`;\n }\n\n // Strip base URI\n normalized = normalized.startsWith(effectiveBaseURI) ? `/${normalized.slice(effectiveBaseURI.length)}` : normalized;\n\n return normalized;\n}\n\n/**\n * Navigates to the provided path using page reload.\n *\n * @param to - navigation target path\n */\nfunction navigateWithPageReload(to: string) {\n // Consider absolute path to be within application context\n const url = to.startsWith('/') ? new URL(`.${to}`, document.baseURI) : to;\n window.location.replace(url);\n}\n\n/**\n * A helper method for Spring Security based form login.\n * @param username - username\n * @param password - password\n * @param options - defines additional options, e.g, the loginProcessingUrl etc.\n */\nexport async function login(username: string, password: string, options?: LoginOptions): Promise<LoginResult> {\n try {\n const data = new FormData();\n data.append('username', username);\n data.append('password', password);\n\n const loginProcessingUrl = options?.loginProcessingUrl ?? 'login';\n const csrfInfo = await csrfInfoSource.get();\n const headers = createHeaders(csrfInfo.headerEntries);\n headers.append('source', 'typescript');\n const response = await fetch(loginProcessingUrl, {\n body: data,\n headers,\n method: 'POST',\n });\n\n // This code assumes that a VaadinSavedRequestAwareAuthenticationSuccessHandler is used on the server side,\n // setting these header values based on the \"source=typescript\" header set above\n\n const result = response.headers.get('Result');\n const savedUrl = response.headers.get('Saved-url') ?? undefined;\n const defaultUrl = response.headers.get('Default-url') ?? undefined;\n const loginSuccessful = response.ok && result === 'success';\n\n if (loginSuccessful) {\n const springCsrfHeader = response.headers.get('Spring-CSRF-header') ?? undefined;\n const springCsrfToken = response.headers.get('Spring-CSRF-token') ?? undefined;\n if (springCsrfHeader && springCsrfToken) {\n updateCsrfInfoMeta(\n {\n headerEntries: [[springCsrfHeader, springCsrfToken]],\n formDataEntries: [],\n type: CsrfInfoType.SPRING,\n timestamp: Date.now(),\n },\n document,\n );\n csrfInfoSource.reset();\n }\n\n if (options?.onSuccess) {\n await options.onSuccess();\n }\n\n const url = savedUrl ?? defaultUrl ?? document.baseURI;\n const toPath = normalizePath(url);\n const navigate = options?.navigate ?? navigateWithPageReload;\n navigate(toPath);\n\n return {\n defaultUrl,\n error: false,\n redirectUrl: savedUrl,\n };\n }\n return {\n error: true,\n errorMessage: 'Check that you have entered the correct username and password and try again.',\n errorTitle: 'Incorrect username or password.',\n };\n } catch (e: unknown) {\n if (e instanceof Error) {\n return {\n error: true,\n errorMessage: e.message,\n errorTitle: e.name,\n };\n }\n\n throw e;\n }\n}\n\n/**\n * A helper method for Spring Security based form logout\n * @param options - defines additional options, e.g, the logoutUrl.\n */\nexport async function logout(options?: LogoutOptions): Promise<void> {\n let response: Response | undefined;\n try {\n response = await doLogout(document, options);\n } catch {\n try {\n const noCacheResponse = await fetch('?nocache');\n const responseText = await noCacheResponse.text();\n const doc = new DOMParser().parseFromString(responseText, 'text/html');\n response = await doLogout(doc, options);\n } catch (error) {\n // clear the token if the call fails\n clearCsrfInfoMeta(document);\n csrfInfoSource.reset();\n throw error;\n }\n } finally {\n CookieManager.remove(JWT_COOKIE_NAME);\n if (response && response.ok && response.redirected) {\n if (options?.onSuccess) {\n await options.onSuccess();\n }\n const toPath = normalizePath(response.url);\n const navigate = options?.navigate ?? navigateWithPageReload;\n navigate(toPath);\n }\n }\n}\n\n/**\n * It defines what to do when it detects a session is invalid. E.g.,\n * show a login view.\n * It takes an <code>EndpointCallContinue</code> parameter, which can be\n * used to continue the endpoint call.\n */\nexport type OnInvalidSessionCallback = () => Promise<LoginResult>;\n\n/**\n * A helper class for handling invalid sessions during an endpoint call.\n * E.g., you can use this to show user a login page when the session has\n * expired.\n */\nexport class InvalidSessionMiddleware implements MiddlewareClass {\n private readonly onInvalidSessionCallback: OnInvalidSessionCallback;\n\n constructor(onInvalidSessionCallback: OnInvalidSessionCallback) {\n this.onInvalidSessionCallback = onInvalidSessionCallback;\n }\n\n async invoke(context: MiddlewareContext, next: MiddlewareNext): Promise<Response> {\n const clonedContext = { ...context };\n clonedContext.request = context.request.clone();\n const response = await next(context);\n if (response.status === 401) {\n const loginResult = await this.onInvalidSessionCallback();\n if (loginResult.token) {\n clonedContext.request.headers.set(VAADIN_CSRF_HEADER, loginResult.token);\n return next(clonedContext);\n }\n }\n return response;\n }\n}\n"],"version":3}
package/index.js CHANGED
@@ -6,7 +6,7 @@ export { ActionOnLostSubscription, FluxConnection, State } from "./FluxConnectio
6
6
  vaadinObj.registrations ??= [];
7
7
  vaadinObj.registrations.push({
8
8
  is: feature ? `@vaadin/hilla-frontend/${feature}` : "@vaadin/hilla-frontend",
9
- version: "25.1.2"
9
+ version: "25.1.3"
10
10
  });
11
11
  })();
12
12
  //# sourceMappingURL=./index.js.map
package/index.js.map CHANGED
@@ -1 +1 @@
1
- {"mappings":"AAAA;AACA;AACA;AACA,SAAS,0BAA0B,gBAAgB;AAInD,CAAC,CAAC,SAAS,YAAa,WAAW,WAAW,CAAE,MAAM;AACpD,WAAU,kBAAkB,CAAE;AAC9B,WAAU,cAAc,KAAK;EAC3B,IAAI,WAAW,yBAAyB,QAAQ,IAAI;EACpD,SAAS;CACV,EAAC;AACH,IAAG","names":[],"sources":["/opt/agent/work/649c11185a3798db/packages/ts/frontend/src/index.ts"],"sourcesContent":["export * from './Authentication.js';\nexport * from './Connect.js';\nexport * from './EndpointErrors.js';\nexport { ActionOnLostSubscription, FluxConnection, State } from './FluxConnection.js';\n\n// @ts-expect-error: esbuild injection\n// eslint-disable-next-line @typescript-eslint/no-unsafe-call\n((feature, vaadinObj = (globalThis.Vaadin ??= {})) => {\n vaadinObj.registrations ??= [];\n vaadinObj.registrations.push({\n is: feature ? `@vaadin/hilla-frontend/${feature}` : '@vaadin/hilla-frontend',\n version: '25.1.2',\n });\n})();\n"],"version":3}
1
+ {"mappings":"AAAA;AACA;AACA;AACA,SAAS,0BAA0B,gBAAgB;AAInD,CAAC,CAAC,SAAS,YAAa,WAAW,WAAW,CAAE,MAAM;AACpD,WAAU,kBAAkB,CAAE;AAC9B,WAAU,cAAc,KAAK;EAC3B,IAAI,WAAW,yBAAyB,QAAQ,IAAI;EACpD,SAAS;CACV,EAAC;AACH,IAAG","names":[],"sources":["/opt/agent/work/649c11185a3798db/packages/ts/frontend/src/index.ts"],"sourcesContent":["export * from './Authentication.js';\nexport * from './Connect.js';\nexport * from './EndpointErrors.js';\nexport { ActionOnLostSubscription, FluxConnection, State } from './FluxConnection.js';\n\n// @ts-expect-error: esbuild injection\n// eslint-disable-next-line @typescript-eslint/no-unsafe-call\n((feature, vaadinObj = (globalThis.Vaadin ??= {})) => {\n vaadinObj.registrations ??= [];\n vaadinObj.registrations.push({\n is: feature ? `@vaadin/hilla-frontend/${feature}` : '@vaadin/hilla-frontend',\n version: '25.1.3',\n });\n})();\n"],"version":3}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@vaadin/hilla-frontend",
3
- "version": "25.1.2",
3
+ "version": "25.1.3",
4
4
  "description": "Hilla core frontend utils",
5
5
  "main": "index.js",
6
6
  "module": "index.js",