cidaas-javascript-sdk 3.0.5 → 3.1.1

package/CHANGELOG.md

@@ -1,6 +1,7 @@
-## [3.0.5](https://gitlab.widas.de/cidaas-public-devkits/cidaas-public-sdks/cidaas-javascript-sdk/compare/v3.0.4...v3.0.5) (2023-08-04)
+## [3.1.1](https://gitlab.widas.de/cidaas-public-devkits/cidaas-public-sdks/cidaas-javascript-sdk/compare/v3.1.0...v3.1.1) (2023-09-05)
 
 
 ### Bug Fixes
 
-* store code verifier in pkce flow ([f6f7835](https://gitlab.widas.de/cidaas-public-devkits/cidaas-public-sdks/cidaas-javascript-sdk/commit/f6f783507e6b3d7bc3bf24140e546951d71dd4b5))
+* **https://gitlab.widas.de/cidaas-v2/user-management1/issues/-/issues/855:** altered usercheck exists with remember me & webfinger ([a4f3694](https://gitlab.widas.de/cidaas-public-devkits/cidaas-public-sdks/cidaas-javascript-sdk/commit/a4f3694643199171bc8b3144f1e2cfae85d3eac8))
+* **https://gitlab.widas.de/cidaas-v2/user-management1/issues/-/issues/855:** altered usercheck exists with remember me & webfinger ([d253b76](https://gitlab.widas.de/cidaas-public-devkits/cidaas-public-sdks/cidaas-javascript-sdk/commit/d253b763e8b1912e36e0b811cfddf1714d6bc6bc))

package/README.md

@@ -40,8 +40,27 @@ Please check the [Changelogs](https://github.com/Cidaas/cidaas-sdk-javascript-v2
 
 #### Initialisation
 
-After adding ****cidaas-sdk.js**** create a local file and name it like ****index.js****.
+After adding ****cidaas-sdk.js**** create a local file and name it like ****index.js****. Cidaas options variable should be defined there for initializing cidaas sdk.
 
+Cidaas options variable support every [OIDC Client UserManagerSettings Properties](https://authts.github.io/oidc-client-ts/interfaces/UserManagerSettings.html) which has the following notable properties:
+
+| Property Name | Required | Description |
+| ------ | ------ | ------ |
+| authority | yes | cidaas instance base url |
+| client_id | yes | client application's identifier, which could be found in cidaas admin ui |
+| redirect_uri | yes | URL to be redirected after successful login attempt. |
+| post_logout_redirect_uri | no | URL to be redirected after successful logout attempt. |
+| response_type | no | The type of response that will come after successful login attempt. The default value is 'code' if no properties is being sent. This determines the OAuth authorization flow being used.|
+| scope | no | the scope the application requires and requests from cidaas. The default value is 'openid' if no properties is being sent. |
+
+In addition to it, There are the following custom properties which could / need to be defined in cidaas option variable:
+
+| Property Name | Required | Description |
+| ------ | ------ | ------ |
+| cidaas_version | no | You can find out the cidaas version from cidaas service portal |
+| mode | no | Define which login variants to be called during calling loginWithBrowser(). The selection includes: `redirect`, `window` and `silent`. The default value is `redirect` if no properties is being sent. |
+
+an example of index.js is looks like this:
 
 ```js
 var options = {
@@ -49,11 +68,10 @@ var options = {
     client_id: 'your app id',
     redirect_uri: 'your redirect url',
     post_logout_redirect_uri: 'your post logout redirect url',
-    popup_post_logout_redirect_uri: 'your post popup logout redirect url',
-    silent_redirect_uri: 'your silent redirect url',
     response_type: 'id_token token',
     scope: 'openid email roles profile',
-    mode: 'redirect'
+    mode: 'redirect',
+    cidaas_version: 3
 }
 ```
 
@@ -71,6 +89,18 @@ Since version 1.2.0 using 'code' as the 'response_type' will start the OAuth Aut
 var cidaas = new CidaasSDK.WebAuth(options);
 ```
 
+#### Migrating to Cidaas V3
+
+Cidaas V3 has response handling adjustment on some of cidaas service call. To migrate to cidaas V3, you need to do the following:
+
+- ensure that you use at least cidaas version: 3.* You can find out the cidaas version from cidaas service portal and ask our customer service if it need to be updated.
+
+- ensure that you use at least cidaas-javascript-sdk version: 3.0.5
+
+- add `cidaas_version: 3` to Cidaas options variable
+
+Without Providing CidaasVersion, your application will use response handling of Cidaas V2 by default.
+
 #### Usage
 
 #### Browser Methods
@@ -2582,4 +2612,4 @@ The SDK will throws Custom Exception if something went wrong during the operatio
 | HTTP Status Code | When could it be thrown |
 |----------------- | ----------------------- |
 |  500 | during creation of WebAuth instance |
-|  417 | if there are any other failure |
+|  417 | if there are any other failure |

package/package.json

@@ -1,19 +1,20 @@
 {
   "name": "cidaas-javascript-sdk",
-  "version": "3.0.5",
+  "version": "3.1.1",
   "author": "cidaas by Widas ID GmbH",
   "description": "Cidaas native javascript sdk",
   "license": "MIT",
   "main": "types/main/index.js",
   "types": "types/main/index.d.ts",
+  "testEnvironment": "jsdom",
   "engine": {
     "node": ">=8.9.10"
   },
   "scripts": {
     "dev": "tsc && webpack --config webpack.dev.js",
     "build": "tsc && webpack --config webpack.prod.js",
-    "test": "echo 'test'",
-    "test:coverage": "echo 'test coverage'"
+    "test": "jest --transformIgnorePatterns \"node_modules/(?!@toolz/allow)/\" --env=jsdom",
+    "test:coverage": "jest --coverage --env=jsdom"
   },
   "files": [
     "src",
@@ -27,23 +28,33 @@
   },
   "dependencies": {
     "@fingerprintjs/fingerprintjs": "^3.4.0",
+    "@toolz/is-a-regular-object": "^1.0.1",
     "@types/crypto-js": "^4.1.1",
+    "@types/jest": "^29.5.3",
     "crypto-js": "^4.1.1",
     "oidc-client-ts": "^2.2.1"
   },
   "devDependencies": {
+    "@babel/core": "^7.22.9",
+    "@babel/preset-env": "^7.22.9",
+    "@babel/preset-typescript": "^7.22.5",
+    "babel-jest": "^29.6.1",
+    "@jest/globals": "^29.6.1",
+    "@types/mocha": "5.2.7",
+    "jest": "^29.6.1",
+    "jest-environment-jsdom": "^29.6.1",
+    "jsdom": "^22.1.0",
+    "jsdom-global": "^3.0.2",
+    "mocha": "^10.1.0",
     "terser-webpack-plugin": "^5.2.4",
+    "ts-jest": "^29.1.1",
     "ts-loader": "^9.4.2",
+    "ts-node": "10.9.1",
     "typescript": "^4.5.4",
     "webpack": "^5.59.1",
     "webpack-cli": "^4.9.1",
     "webpack-dev-server": "^4.3.1",
     "webpack-hot-middleware": "^2.25.1",
     "webpack-merge": "^5.8.0"
-  },
-  "jest": {
-    "collectCoverageFrom": [
-      "src/main/**/*.{js,jsx,mjs}"
-    ]
   }
 }

package/src/main/web-auth/ConsentService.ts

@@ -13,7 +13,7 @@ export namespace ConsentService {
     sub: string;
   }) {
     var _serviceURL = window.webAuthSettings.authority + "/consent-management-srv/v2/consent/usage/public/info";
-    return Helper.createPostPromise(options, _serviceURL, false);
+    return Helper.createPostPromise(options, _serviceURL, false,"POST");
   };
 
   /**
@@ -23,7 +23,7 @@ export namespace ConsentService {
    */
   export function acceptConsentV2(options: IConsentAcceptEntity) {
     var _serviceURL = window.webAuthSettings.authority + "/consent-management-srv/v2/consent/usage/accept";
-    return Helper.createPostPromise(options, _serviceURL, false);
+    return Helper.createPostPromise(options, _serviceURL, false, "POST" );
   };
 
   /**
@@ -36,30 +36,8 @@ export namespace ConsentService {
     locale: string;
     access_token: string;
   }) {
-    return new Promise((resolve, reject) => {
-      try {
-        var http = new XMLHttpRequest();
-        var _serviceURL = window.webAuthSettings.authority + "/consent-management-srv/v2/consent/versions/details/" + options.scopeid + "?locale=" + options.locale;
-        http.onreadystatechange = function () {
-          if (http.readyState == 4) {
-            if (http.responseText) {
-              resolve(JSON.parse(http.responseText));
-            } else {
-              resolve(false);
-            }
-          }
-        };
-        http.open("GET", _serviceURL, true);
-        http.setRequestHeader("Content-type", "application/json");
-        http.setRequestHeader("Authorization", `Bearer ${options.access_token}`);
-        if (window.localeSettings) {
-          http.setRequestHeader("accept-language", window.localeSettings);
-        }
-        http.send();
-      } catch (ex) {
-        reject(ex);
-      }
-    });
+    const _serviceURL = window.webAuthSettings.authority + "/consent-management-srv/v2/consent/versions/details/" + options.scopeid + "?locale=" + options.locale;
+    return Helper.createPostPromise(undefined, _serviceURL,false, "GET", options.access_token);
   };
 
   /**
@@ -73,7 +51,7 @@ export namespace ConsentService {
     scopes: string[];
   }) {
     var _serviceURL = window.webAuthSettings.authority + "/consent-management-srv/consent/scope/accept";
-    return Helper.createPostPromise(options, _serviceURL, false);
+    return Helper.createPostPromise(options, _serviceURL, false, "POST");
   };
 
   /**
@@ -83,7 +61,7 @@ export namespace ConsentService {
    */
   export function acceptClaimConsent(options: { client_id: string; sub: string; accepted_claims: string[]; }) {
     var _serviceURL = window.webAuthSettings.authority + "/consent-management-srv/consent/claim/accept";
-    return Helper.createPostPromise(options, _serviceURL, false);
+    return Helper.createPostPromise(options, _serviceURL, false,  "POST");
   };
 
   /**
@@ -93,6 +71,6 @@ export namespace ConsentService {
    */
   export function revokeClaimConsent(options: { client_id: string; sub: string; revoked_claims: string[]; }) {
     var _serviceURL = window.webAuthSettings.authority + "/consent-management-srv/consent/claim/revoke";
-    return Helper.createPostPromise(options, _serviceURL, false);
+    return Helper.createPostPromise(options, _serviceURL, false,  "POST");
   };
 }

package/src/main/web-auth/Entities.ts

@@ -1,3 +1,5 @@
+import { UserManagerSettings } from "oidc-client-ts";
+
 export interface AcceptResetPasswordEntity {
   resetRequestId: string ;
   exchangeId: string;
@@ -126,7 +128,8 @@ export class FindUserEntity {
   customFields: any;
   provider: string = "";
   providerUserId: string = "";
-
+  rememberMe: string = "";
+  webfinger: string = "";
   sub_not: string = "";
 
   //additional param
@@ -319,49 +322,6 @@ export interface IUserEntity {
 }
 
 
-export interface IUserEntity {
-  userStatus: string;
-  user_status: string;
-  user_status_reason: string;
-  username: string;
-  sub: string;
-  given_name: string;
-  family_name: string;
-  middle_name: string;
-  nickname: string;
-  originalProviderUserId?: string[];
-  email: string;
-  email_verified: boolean;
-  mobile_number: string;
-  mobile_number_obj: IMobileEntity | null;
-  mobile_number_verified: boolean;
-  phone_number: string;
-  phone_number_obj: IMobileEntity | null;
-  phone_number_verified: boolean;
-  profile: string;
-  picture: string;
-  website: string;
-  gender: string;
-  zoneinfo: string;
-  locale: string;
-  birthdate: Date | null;
-  address?: IAddressEntity;
-  customFields?: any;
-  identityCustomFields?: any;
-  password: string;
-  provider: string;
-  providerUserId: string;
-  identityId: string;
-  mfa_enabled?: boolean;
-  roles: string[];
-  userGroups: IUserGroupMap[];
-  groups?: IUserGroupMap[];
-  rawJSON: string;
-  trackId: string;
-  need_reset_password: boolean;
-}
-
-
 export interface IUserGroupMap {
   sub: string;
   groupId: string;
@@ -643,3 +603,8 @@ export interface IChangePasswordEntity {
   loginSettingsId: string;
   client_id?: string;
 }
+
+export interface ICidaasSDKSettings extends UserManagerSettings {
+  mode?: string;
+  cidaas_version?: number;
+}

package/src/main/web-auth/Helper.ts

@@ -26,11 +26,11 @@ export class Helper {
   * @param options 
   * @param serviceurl 
   * @param errorResolver 
-  * @param access_token 
-  * @param headers 
+  * @param access_token??
+  * @param headers??
   * @returns 
   */
-  static createPostPromise(options: any, serviceurl: string, errorResolver: boolean, access_token?: string, headers?: any) {
+  static createPostPromise(options: any, serviceurl: string, errorResolver: boolean, method:string, access_token?: string, headers?: any) {
     return new Promise((resolve, reject) => {
       try {
         var http = new XMLHttpRequest();
@@ -43,7 +43,7 @@ export class Helper {
             }
           }
         };
-        http.open("POST", serviceurl, true);
+        http.open(method, serviceurl, true);
         http.setRequestHeader("Content-type", "application/json");
         if (headers) {
           for (var key in headers) {

package/src/main/web-auth/TokenService.ts

@@ -9,30 +9,13 @@ export namespace TokenService {
    * @returns 
    */
   export function renewToken(options: AccessTokenRequest) {
-    return new Promise((resolve, reject) => {
-      try {
-        if (!options.refresh_token) {
-          throw new CustomException("refresh_token cannot be empty", 417);
-        }
-        options.client_id = window.webAuthSettings.client_id;
-        options.grant_type = 'refresh_token';
-        var http = new XMLHttpRequest();
-        var _serviceURL = window.webAuthSettings.authority + "/token-srv/token";
-        http.onreadystatechange = function () {
-          if (http.readyState == 4) {
-            resolve(JSON.parse(http.responseText));
-          }
-        };
-        http.open("POST", _serviceURL, true);
-        http.setRequestHeader("Content-type", "application/json");
-        if (window.localeSettings) {
-          http.setRequestHeader("accept-language", window.localeSettings);
-        }
-        http.send(JSON.stringify(options));
-      } catch (ex) {
-        reject(ex);
-      }
-    });
+    if (!options.refresh_token) {
+      throw new CustomException("refresh_token cannot be empty", 417);
+    }
+    options.client_id = window.webAuthSettings.client_id;
+    options.grant_type = 'refresh_token';
+    const _serviceURL = window.webAuthSettings.authority + "/token-srv/token";
+    return Helper.createPostPromise(options, _serviceURL, undefined, "POST");
   };
 
   /**
@@ -40,39 +23,19 @@ export namespace TokenService {
    * @param options 
    * @returns 
    */
-  export function getAccessToken(options: AccessTokenRequest) {
-    return new Promise((resolve, reject) => {
-      try {
-        if (!options.code) {
-          throw new CustomException("code cannot be empty", 417);
-        }
-        options.client_id = window.webAuthSettings.client_id;
-        options.redirect_uri = window.webAuthSettings.redirect_uri;
-        options.grant_type = "authorization_code";
-        var http = new XMLHttpRequest();
-        var _serviceURL = window.webAuthSettings.authority + "/token-srv/token";
-        http.onreadystatechange = function () {
-          if (http.readyState == 4) {
-            resolve(JSON.parse(http.responseText));
-          }
-        };
-        http.open("POST", _serviceURL, true);
-        http.setRequestHeader("Content-type", "application/json");
-        if (window.localeSettings) {
-          http.setRequestHeader("accept-language", window.localeSettings);
-        }
-        if (!window.webAuthSettings.disablePKCE) {
-          window.usermanager._client.createSigninRequest(window.webAuthSettings).then((signInRequest: any) => {
-            options.code_verifier = signInRequest.state?.code_verifier;
-            http.send(JSON.stringify(options));
-          }) 
-        } else {
-          http.send(JSON.stringify(options));
-        }
-      } catch (ex) {
-        reject(ex);
-      }
-    });
+  export async function getAccessToken(options: AccessTokenRequest) {
+    if (!options.code) {
+      throw new CustomException("code cannot be empty", 417);
+    }
+    options.client_id = window.webAuthSettings.client_id;
+    options.redirect_uri = window.webAuthSettings.redirect_uri;
+    options.grant_type = "authorization_code";
+    if (!window.webAuthSettings.disablePKCE) {
+      var signInRequest = await window.usermanager._client.createSigninRequest(window.webAuthSettings);
+      options.code_verifier = signInRequest.state?.code_verifier;
+    }
+    const _serviceURL = window.webAuthSettings.authority + "/token-srv/token";
+    return Helper.createPostPromise(options, _serviceURL, undefined, "POST");
   };
 
   /**
@@ -81,28 +44,11 @@ export namespace TokenService {
    * @returns 
    */
   export function validateAccessToken(options: TokenIntrospectionEntity) {
-    return new Promise((resolve, reject) => {
-      try {
-        if (!options.token || !options.token_type_hint) {
-          throw new CustomException("token or token_type_hint cannot be empty", 417);
-        }
-        var http = new XMLHttpRequest();
-        var _serviceURL = window.webAuthSettings.authority + "/token-srv/introspect";
-        http.onreadystatechange = function () {
-          if (http.readyState == 4) {
-            resolve(JSON.parse(http.responseText));
-          }
-        };
-        http.open("POST", _serviceURL, true);
-        http.setRequestHeader("Content-type", "application/json");
-        if (window.localeSettings) {
-          http.setRequestHeader("accept-language", window.localeSettings);
-        }
-        http.send(JSON.stringify(options));
-      } catch (ex) {
-        reject(ex);
-      }
-    });
+    if (!options.token || !options.token_type_hint) {
+      throw new CustomException("token or token_type_hint cannot be empty", 417);
+    }
+    const _serviceURL = window.webAuthSettings.authority + "/token-srv/introspect";
+    return Helper.createPostPromise(options, _serviceURL, false, "POST");
   };
 
   /**
@@ -114,29 +60,8 @@ export namespace TokenService {
     track_id: string;
     locale: string;
   }) {
-    return new Promise((resolve, reject) => {
-      try {
-        var http = new XMLHttpRequest();
-        var _serviceURL = window.webAuthSettings.authority + "/token-srv/prelogin/metadata/" + options.track_id + "?acceptLanguage=" + options.locale;
-        http.onreadystatechange = function () {
-          if (http.readyState == 4) {
-            if (http.responseText) {
-              resolve(JSON.parse(http.responseText));
-            } else {
-              resolve(false);
-            }
-          }
-        };
-        http.open("GET", _serviceURL, true);
-        http.setRequestHeader("Content-type", "application/json");
-        if (window.localeSettings) {
-          http.setRequestHeader("accept-language", window.localeSettings);
-        }
-        http.send();
-      } catch (ex) {
-        reject(ex);
-      }
-    });
+    const _serviceURL = window.webAuthSettings.authority + "/token-srv/prelogin/metadata/" + options.track_id + "?acceptLanguage=" + options.locale;
+    return Helper.createPostPromise(undefined, _serviceURL, false, "GET");
   };
 
   /**
@@ -146,8 +71,8 @@ export namespace TokenService {
    * @returns 
    */
   export function updateSuggestMFA(track_id: string, options: ISuggestedMFAActionConfig) {
-    var _serviceURL = window.webAuthSettings.authority + "/token-srv/prelogin/suggested/mfa/update/" + track_id;
-    return Helper.createPostPromise(options, _serviceURL, false);
+    const _serviceURL = window.webAuthSettings.authority + "/token-srv/prelogin/suggested/mfa/update/" + track_id;
+    return Helper.createPostPromise(options, _serviceURL, false, "POST");
   };
 
   /**
@@ -156,29 +81,8 @@ export namespace TokenService {
    * @returns 
    */
   export function getMissingFieldsLogin(trackId: string) {
-    return new Promise((resolve, reject) => {
-      try {
-        var http = new XMLHttpRequest();
-        var _serviceURL = window.webAuthSettings.authority + "/token-srv/prelogin/metadata/" + trackId;
-        http.onreadystatechange = function () {
-          if (http.readyState == 4) {
-            if (http.responseText) {
-              resolve(JSON.parse(http.responseText));
-            } else {
-              resolve(undefined);
-            }
-          }
-        };
-        http.open("GET", _serviceURL, true);
-        http.setRequestHeader("Content-type", "application/json");
-        if (window.localeSettings) {
-          http.setRequestHeader("accept-language", window.localeSettings);
-        }
-        http.send();
-      } catch (ex) {
-        reject(ex);
-      }
-    });
+    const _serviceURL = window.webAuthSettings.authority + "/token-srv/prelogin/metadata/" + trackId;
+    return Helper.createPostPromise(undefined, _serviceURL, false, "GET");
   };
 
   /**