cidaas-javascript-sdk 4.2.0 → 4.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +29 -3
- package/dist/authentication/authentication.model.d.ts +62 -0
- package/dist/authentication/authentication.model.js +18 -0
- package/dist/authentication/index.d.ts +31 -15
- package/dist/authentication/index.js +50 -45
- package/dist/index.d.ts +1 -0
- package/dist/index.js +3 -5
- package/dist/web-auth/ConsentService.js +10 -13
- package/dist/web-auth/Entities.js +20 -39
- package/dist/web-auth/Helper.js +12 -22
- package/dist/web-auth/JwtHelper.js +21 -28
- package/dist/web-auth/LoginService.js +19 -22
- package/dist/web-auth/TokenService.js +46 -85
- package/dist/web-auth/UserService.js +38 -41
- package/dist/web-auth/VerificationService.js +18 -21
- package/dist/web-auth/WebAuth.d.ts +55 -32
- package/dist/web-auth/WebAuth.js +319 -343
- package/package.json +1 -1
package/dist/web-auth/Helper.js
CHANGED
|
@@ -1,17 +1,11 @@
|
|
|
1
|
-
|
|
2
|
-
exports.__esModule = true;
|
|
3
|
-
exports.CustomException = exports.Helper = void 0;
|
|
4
|
-
var Helper = /** @class */ (function () {
|
|
5
|
-
function Helper() {
|
|
6
|
-
}
|
|
1
|
+
export class Helper {
|
|
7
2
|
/**
|
|
8
3
|
* create form
|
|
9
4
|
* @param form
|
|
10
5
|
* @param options
|
|
11
6
|
* @returns
|
|
12
7
|
*/
|
|
13
|
-
|
|
14
|
-
if (method === void 0) { method = 'POST'; }
|
|
8
|
+
static createForm(url, options, method = 'POST') {
|
|
15
9
|
var form = document.createElement('form');
|
|
16
10
|
form.action = url;
|
|
17
11
|
form.method = method;
|
|
@@ -25,7 +19,7 @@ var Helper = /** @class */ (function () {
|
|
|
25
19
|
}
|
|
26
20
|
}
|
|
27
21
|
return form;
|
|
28
|
-
}
|
|
22
|
+
}
|
|
29
23
|
/**
|
|
30
24
|
* utility function to create and make post request
|
|
31
25
|
* @param options
|
|
@@ -35,8 +29,8 @@ var Helper = /** @class */ (function () {
|
|
|
35
29
|
* @param headers??
|
|
36
30
|
* @returns
|
|
37
31
|
*/
|
|
38
|
-
|
|
39
|
-
return new Promise(
|
|
32
|
+
static createHttpPromise(options, serviceurl, errorResolver, method, access_token, headers, formPayload) {
|
|
33
|
+
return new Promise((resolve, reject) => {
|
|
40
34
|
try {
|
|
41
35
|
var http = new XMLHttpRequest();
|
|
42
36
|
http.onreadystatechange = function () {
|
|
@@ -61,9 +55,9 @@ var Helper = /** @class */ (function () {
|
|
|
61
55
|
}
|
|
62
56
|
}
|
|
63
57
|
if (access_token) {
|
|
64
|
-
http.setRequestHeader("Authorization",
|
|
58
|
+
http.setRequestHeader("Authorization", `Bearer ${access_token}`);
|
|
65
59
|
}
|
|
66
|
-
|
|
60
|
+
let acceptlanguage;
|
|
67
61
|
if (headers === null || headers === void 0 ? void 0 : headers.acceptlanguage) {
|
|
68
62
|
acceptlanguage = headers.acceptlanguage;
|
|
69
63
|
}
|
|
@@ -90,15 +84,11 @@ var Helper = /** @class */ (function () {
|
|
|
90
84
|
reject(ex);
|
|
91
85
|
}
|
|
92
86
|
});
|
|
93
|
-
}
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
var CustomException = /** @class */ (function () {
|
|
98
|
-
function CustomException(errorMessage, statusCode) {
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
export class CustomException {
|
|
90
|
+
constructor(errorMessage, statusCode) {
|
|
99
91
|
this.errorMessage = errorMessage;
|
|
100
92
|
this.statusCode = statusCode;
|
|
101
93
|
}
|
|
102
|
-
|
|
103
|
-
}());
|
|
104
|
-
exports.CustomException = CustomException;
|
|
94
|
+
}
|
|
@@ -1,39 +1,34 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
exports.JwtHelper = void 0;
|
|
4
|
-
var JwtHelper = /** @class */ (function () {
|
|
5
|
-
function JwtHelper() {
|
|
6
|
-
}
|
|
7
|
-
JwtHelper.decodeTokenHeader = function (token) {
|
|
1
|
+
export class JwtHelper {
|
|
2
|
+
static decodeTokenHeader(token) {
|
|
8
3
|
if (token === null) {
|
|
9
4
|
return null;
|
|
10
5
|
}
|
|
11
|
-
|
|
6
|
+
const parts = token.split('.');
|
|
12
7
|
if (parts.length !== 3) {
|
|
13
8
|
throw new Error('The inspected token doesn\'t appear to be a JWT. Check to make sure it has three parts and see https://jwt.io for more.');
|
|
14
9
|
}
|
|
15
|
-
|
|
10
|
+
const decoded = this.urlBase64Decode(parts[0]);
|
|
16
11
|
if (!decoded) {
|
|
17
12
|
throw new Error('Cannot decode the token.');
|
|
18
13
|
}
|
|
19
14
|
return JSON.parse(decoded);
|
|
20
|
-
}
|
|
21
|
-
|
|
15
|
+
}
|
|
16
|
+
static decodeToken(token) {
|
|
22
17
|
if (token === null) {
|
|
23
18
|
return null;
|
|
24
19
|
}
|
|
25
|
-
|
|
20
|
+
let parts = token.split('.');
|
|
26
21
|
if (parts.length !== 3) {
|
|
27
22
|
throw new Error('The inspected token doesn\'t appear to be a JWT. Check to make sure it has three parts and see https://jwt.io for more.');
|
|
28
23
|
}
|
|
29
|
-
|
|
24
|
+
let decoded = this.urlBase64Decode(parts[1]);
|
|
30
25
|
if (!decoded) {
|
|
31
26
|
throw new Error('Cannot decode the token.');
|
|
32
27
|
}
|
|
33
28
|
return JSON.parse(decoded);
|
|
34
|
-
}
|
|
35
|
-
|
|
36
|
-
|
|
29
|
+
}
|
|
30
|
+
static urlBase64Decode(str) {
|
|
31
|
+
let output = str.replace(/-/g, '+').replace(/_/g, '/');
|
|
37
32
|
switch (output.length % 4) {
|
|
38
33
|
case 0: {
|
|
39
34
|
break;
|
|
@@ -51,25 +46,25 @@ var JwtHelper = /** @class */ (function () {
|
|
|
51
46
|
}
|
|
52
47
|
}
|
|
53
48
|
return this.b64DecodeUnicode(output);
|
|
54
|
-
}
|
|
55
|
-
|
|
49
|
+
}
|
|
50
|
+
static b64DecodeUnicode(str) {
|
|
56
51
|
return decodeURIComponent(Array.prototype.map
|
|
57
|
-
.call(this.b64decode(str),
|
|
52
|
+
.call(this.b64decode(str), (c) => {
|
|
58
53
|
return '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2);
|
|
59
54
|
})
|
|
60
55
|
.join(''));
|
|
61
|
-
}
|
|
56
|
+
}
|
|
62
57
|
// credits for decoder goes to https://github.com/atk
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
58
|
+
static b64decode(str) {
|
|
59
|
+
let chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
|
|
60
|
+
let output = '';
|
|
66
61
|
str = String(str).replace(/=+$/, '');
|
|
67
62
|
if (str.length % 4 === 1) {
|
|
68
63
|
throw new Error("'atob' failed: The string to be decoded is not correctly encoded.");
|
|
69
64
|
}
|
|
70
65
|
for (
|
|
71
66
|
// initialize result and counters
|
|
72
|
-
|
|
67
|
+
let bc = 0, bs, buffer, idx = 0;
|
|
73
68
|
// get next character
|
|
74
69
|
(buffer = str.charAt(idx++));
|
|
75
70
|
// character found in table? initialize bit storage and add its ascii value;
|
|
@@ -84,7 +79,5 @@ var JwtHelper = /** @class */ (function () {
|
|
|
84
79
|
buffer = chars.indexOf(buffer);
|
|
85
80
|
}
|
|
86
81
|
return output;
|
|
87
|
-
}
|
|
88
|
-
|
|
89
|
-
}());
|
|
90
|
-
exports.JwtHelper = JwtHelper;
|
|
82
|
+
}
|
|
83
|
+
}
|
|
@@ -1,8 +1,5 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
exports.LoginService = void 0;
|
|
4
|
-
var Helper_1 = require("./Helper");
|
|
5
|
-
var LoginService;
|
|
1
|
+
import { Helper, CustomException } from "./Helper";
|
|
2
|
+
export var LoginService;
|
|
6
3
|
(function (LoginService) {
|
|
7
4
|
/**
|
|
8
5
|
* To login with your credentials, call **loginWithCredentials()**. After successful login, this will redirect you to the redirect_url that you mentioned earlier while initialising the sdk.
|
|
@@ -19,13 +16,13 @@ var LoginService;
|
|
|
19
16
|
*/
|
|
20
17
|
function loginWithCredentials(options) {
|
|
21
18
|
try {
|
|
22
|
-
|
|
23
|
-
|
|
19
|
+
const url = window.webAuthSettings.authority + "/login-srv/login";
|
|
20
|
+
let form = Helper.createForm(url, options);
|
|
24
21
|
document.body.appendChild(form);
|
|
25
22
|
form.submit();
|
|
26
23
|
}
|
|
27
24
|
catch (ex) {
|
|
28
|
-
throw new
|
|
25
|
+
throw new CustomException(ex, 417);
|
|
29
26
|
}
|
|
30
27
|
}
|
|
31
28
|
LoginService.loginWithCredentials = loginWithCredentials;
|
|
@@ -99,13 +96,13 @@ var LoginService;
|
|
|
99
96
|
*/
|
|
100
97
|
function passwordlessLogin(options) {
|
|
101
98
|
try {
|
|
102
|
-
|
|
103
|
-
|
|
99
|
+
const url = window.webAuthSettings.authority + "/login-srv/verification/login";
|
|
100
|
+
let form = Helper.createForm(url, options);
|
|
104
101
|
document.body.appendChild(form);
|
|
105
102
|
form.submit();
|
|
106
103
|
}
|
|
107
104
|
catch (ex) {
|
|
108
|
-
throw new
|
|
105
|
+
throw new CustomException(ex, 417);
|
|
109
106
|
}
|
|
110
107
|
}
|
|
111
108
|
LoginService.passwordlessLogin = passwordlessLogin;
|
|
@@ -125,13 +122,13 @@ var LoginService;
|
|
|
125
122
|
*/
|
|
126
123
|
function consentContinue(options) {
|
|
127
124
|
try {
|
|
128
|
-
|
|
129
|
-
|
|
125
|
+
const url = window.webAuthSettings.authority + "/login-srv/precheck/continue/" + options.track_id;
|
|
126
|
+
let form = Helper.createForm(url, options);
|
|
130
127
|
document.body.appendChild(form);
|
|
131
128
|
form.submit();
|
|
132
129
|
}
|
|
133
130
|
catch (ex) {
|
|
134
|
-
throw new
|
|
131
|
+
throw new CustomException(ex, 417);
|
|
135
132
|
}
|
|
136
133
|
}
|
|
137
134
|
LoginService.consentContinue = consentContinue;
|
|
@@ -150,13 +147,13 @@ var LoginService;
|
|
|
150
147
|
*/
|
|
151
148
|
function mfaContinue(options) {
|
|
152
149
|
try {
|
|
153
|
-
|
|
154
|
-
|
|
150
|
+
const url = window.webAuthSettings.authority + "/login-srv/precheck/continue/" + options.track_id;
|
|
151
|
+
let form = Helper.createForm(url, options);
|
|
155
152
|
document.body.appendChild(form);
|
|
156
153
|
form.submit();
|
|
157
154
|
}
|
|
158
155
|
catch (ex) {
|
|
159
|
-
throw new
|
|
156
|
+
throw new CustomException(ex, 417);
|
|
160
157
|
}
|
|
161
158
|
}
|
|
162
159
|
LoginService.mfaContinue = mfaContinue;
|
|
@@ -177,13 +174,13 @@ var LoginService;
|
|
|
177
174
|
*/
|
|
178
175
|
function firstTimeChangePassword(options) {
|
|
179
176
|
try {
|
|
180
|
-
|
|
181
|
-
|
|
177
|
+
const url = window.webAuthSettings.authority + "/login-srv/precheck/continue/" + options.loginSettingsId;
|
|
178
|
+
let form = Helper.createForm(url, options);
|
|
182
179
|
document.body.appendChild(form);
|
|
183
180
|
form.submit();
|
|
184
181
|
}
|
|
185
182
|
catch (ex) {
|
|
186
|
-
throw new
|
|
183
|
+
throw new CustomException(ex, 417);
|
|
187
184
|
}
|
|
188
185
|
}
|
|
189
186
|
LoginService.firstTimeChangePassword = firstTimeChangePassword;
|
|
@@ -212,8 +209,8 @@ var LoginService;
|
|
|
212
209
|
*/
|
|
213
210
|
function progressiveRegistration(options, headers) {
|
|
214
211
|
var serviceURL = window.webAuthSettings.authority + "/login-srv/progressive/update/user";
|
|
215
|
-
return
|
|
212
|
+
return Helper.createHttpPromise(options, serviceURL, undefined, "POST", undefined, headers);
|
|
216
213
|
}
|
|
217
214
|
LoginService.progressiveRegistration = progressiveRegistration;
|
|
218
215
|
;
|
|
219
|
-
})(LoginService
|
|
216
|
+
})(LoginService || (LoginService = {}));
|
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
2
|
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
3
|
return new (P || (P = Promise))(function (resolve, reject) {
|
|
@@ -8,38 +7,9 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
8
7
|
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
8
|
});
|
|
10
9
|
};
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
15
|
-
function step(op) {
|
|
16
|
-
if (f) throw new TypeError("Generator is already executing.");
|
|
17
|
-
while (g && (g = 0, op[0] && (_ = 0)), _) try {
|
|
18
|
-
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
19
|
-
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
20
|
-
switch (op[0]) {
|
|
21
|
-
case 0: case 1: t = op; break;
|
|
22
|
-
case 4: _.label++; return { value: op[1], done: false };
|
|
23
|
-
case 5: _.label++; y = op[1]; op = [0]; continue;
|
|
24
|
-
case 7: op = _.ops.pop(); _.trys.pop(); continue;
|
|
25
|
-
default:
|
|
26
|
-
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
|
|
27
|
-
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
|
|
28
|
-
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
|
|
29
|
-
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
|
|
30
|
-
if (t[2]) _.ops.pop();
|
|
31
|
-
_.trys.pop(); continue;
|
|
32
|
-
}
|
|
33
|
-
op = body.call(thisArg, _);
|
|
34
|
-
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
|
|
35
|
-
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
36
|
-
}
|
|
37
|
-
};
|
|
38
|
-
exports.__esModule = true;
|
|
39
|
-
exports.TokenService = void 0;
|
|
40
|
-
var Helper_1 = require("./Helper");
|
|
41
|
-
var JwtHelper_1 = require("./JwtHelper");
|
|
42
|
-
var TokenService;
|
|
10
|
+
import { Helper, CustomException } from "./Helper";
|
|
11
|
+
import { JwtHelper } from "./JwtHelper";
|
|
12
|
+
export var TokenService;
|
|
43
13
|
(function (TokenService) {
|
|
44
14
|
/**
|
|
45
15
|
* To get a new token with the grant type refresh_token, call **renewToken()**.
|
|
@@ -61,12 +31,12 @@ var TokenService;
|
|
|
61
31
|
*/
|
|
62
32
|
function renewToken(options) {
|
|
63
33
|
if (!options.refresh_token) {
|
|
64
|
-
throw new
|
|
34
|
+
throw new CustomException("refresh_token cannot be empty", 417);
|
|
65
35
|
}
|
|
66
36
|
options.client_id = window.webAuthSettings.client_id;
|
|
67
37
|
options.grant_type = 'refresh_token';
|
|
68
|
-
|
|
69
|
-
return
|
|
38
|
+
const _serviceURL = window.webAuthSettings.authority + "/token-srv/token";
|
|
39
|
+
return Helper.createHttpPromise(options, _serviceURL, undefined, "POST");
|
|
70
40
|
}
|
|
71
41
|
TokenService.renewToken = renewToken;
|
|
72
42
|
;
|
|
@@ -90,28 +60,19 @@ var TokenService;
|
|
|
90
60
|
*/
|
|
91
61
|
function getAccessToken(options) {
|
|
92
62
|
var _a;
|
|
93
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
case 1:
|
|
107
|
-
signInRequest = _b.sent();
|
|
108
|
-
options.code_verifier = (_a = signInRequest.state) === null || _a === void 0 ? void 0 : _a.code_verifier;
|
|
109
|
-
_b.label = 2;
|
|
110
|
-
case 2:
|
|
111
|
-
_serviceURL = window.webAuthSettings.authority + "/token-srv/token";
|
|
112
|
-
return [2 /*return*/, Helper_1.Helper.createHttpPromise(options, _serviceURL, undefined, "POST")];
|
|
113
|
-
}
|
|
114
|
-
});
|
|
63
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
64
|
+
if (!options.code) {
|
|
65
|
+
throw new CustomException("code cannot be empty", 417);
|
|
66
|
+
}
|
|
67
|
+
options.client_id = window.webAuthSettings.client_id;
|
|
68
|
+
options.redirect_uri = window.webAuthSettings.redirect_uri;
|
|
69
|
+
options.grant_type = "authorization_code";
|
|
70
|
+
if (!window.webAuthSettings.disablePKCE) {
|
|
71
|
+
var signInRequest = yield window.usermanager.getClient().createSigninRequest(window.webAuthSettings);
|
|
72
|
+
options.code_verifier = (_a = signInRequest.state) === null || _a === void 0 ? void 0 : _a.code_verifier;
|
|
73
|
+
}
|
|
74
|
+
const _serviceURL = window.webAuthSettings.authority + "/token-srv/token";
|
|
75
|
+
return Helper.createHttpPromise(options, _serviceURL, undefined, "POST");
|
|
115
76
|
});
|
|
116
77
|
}
|
|
117
78
|
TokenService.getAccessToken = getAccessToken;
|
|
@@ -137,10 +98,10 @@ var TokenService;
|
|
|
137
98
|
*/
|
|
138
99
|
function validateAccessToken(options) {
|
|
139
100
|
if (!options.token || !options.token_type_hint) {
|
|
140
|
-
throw new
|
|
101
|
+
throw new CustomException("token or token_type_hint cannot be empty", 417);
|
|
141
102
|
}
|
|
142
|
-
|
|
143
|
-
return
|
|
103
|
+
const _serviceURL = window.webAuthSettings.authority + "/token-srv/introspect";
|
|
104
|
+
return Helper.createHttpPromise(options, _serviceURL, false, "POST", options.token);
|
|
144
105
|
}
|
|
145
106
|
TokenService.validateAccessToken = validateAccessToken;
|
|
146
107
|
;
|
|
@@ -164,8 +125,8 @@ var TokenService;
|
|
|
164
125
|
* ```
|
|
165
126
|
*/
|
|
166
127
|
function loginPrecheck(options) {
|
|
167
|
-
|
|
168
|
-
return
|
|
128
|
+
const _serviceURL = window.webAuthSettings.authority + "/token-srv/prelogin/metadata/" + options.track_id + "?acceptLanguage=" + options.locale;
|
|
129
|
+
return Helper.createHttpPromise(undefined, _serviceURL, false, "GET");
|
|
169
130
|
}
|
|
170
131
|
TokenService.loginPrecheck = loginPrecheck;
|
|
171
132
|
;
|
|
@@ -185,8 +146,8 @@ var TokenService;
|
|
|
185
146
|
* ```
|
|
186
147
|
*/
|
|
187
148
|
function getMissingFields(trackId) {
|
|
188
|
-
|
|
189
|
-
return
|
|
149
|
+
const _serviceURL = window.webAuthSettings.authority + "/token-srv/prelogin/metadata/" + trackId;
|
|
150
|
+
return Helper.createHttpPromise(undefined, _serviceURL, false, "GET");
|
|
190
151
|
}
|
|
191
152
|
TokenService.getMissingFields = getMissingFields;
|
|
192
153
|
;
|
|
@@ -206,9 +167,9 @@ var TokenService;
|
|
|
206
167
|
* ```
|
|
207
168
|
*/
|
|
208
169
|
function initiateDeviceCode(clientId) {
|
|
209
|
-
|
|
210
|
-
|
|
211
|
-
return
|
|
170
|
+
const clientid = clientId !== null && clientId !== void 0 ? clientId : window.webAuthSettings.client_id;
|
|
171
|
+
const _serviceURL = `${window.webAuthSettings.authority}/authz-srv/device/authz?client_id=${clientid}`;
|
|
172
|
+
return Helper.createHttpPromise(undefined, _serviceURL, false, "GET");
|
|
212
173
|
}
|
|
213
174
|
TokenService.initiateDeviceCode = initiateDeviceCode;
|
|
214
175
|
/**
|
|
@@ -226,13 +187,13 @@ var TokenService;
|
|
|
226
187
|
* ```
|
|
227
188
|
*/
|
|
228
189
|
function deviceCodeVerify(code) {
|
|
229
|
-
var params =
|
|
230
|
-
var url =
|
|
190
|
+
var params = `user_code=${encodeURI(code)}`;
|
|
191
|
+
var url = `${window.webAuthSettings.authority}/token-srv/device/verify?${params}`;
|
|
231
192
|
try {
|
|
232
|
-
|
|
193
|
+
const options = {
|
|
233
194
|
user_code: encodeURI(code)
|
|
234
195
|
};
|
|
235
|
-
|
|
196
|
+
let form = Helper.createForm(url, options, 'GET');
|
|
236
197
|
document.body.appendChild(form);
|
|
237
198
|
form.submit();
|
|
238
199
|
}
|
|
@@ -250,36 +211,36 @@ var TokenService;
|
|
|
250
211
|
*/
|
|
251
212
|
function offlineTokenCheck(accessToken) {
|
|
252
213
|
var _a, _b;
|
|
253
|
-
|
|
214
|
+
let result = {
|
|
254
215
|
isExpiryDateValid: false,
|
|
255
216
|
isScopesValid: false,
|
|
256
|
-
isIssuerValid: false
|
|
217
|
+
isIssuerValid: false,
|
|
257
218
|
};
|
|
258
|
-
|
|
259
|
-
|
|
219
|
+
const accessTokenHeaderAsJson = JwtHelper.decodeTokenHeader(accessToken);
|
|
220
|
+
const accessTokenAsJson = JwtHelper.decodeToken(accessToken);
|
|
260
221
|
if (!accessTokenAsJson || !accessTokenHeaderAsJson) {
|
|
261
222
|
return result;
|
|
262
223
|
}
|
|
263
224
|
else {
|
|
264
225
|
if (accessTokenAsJson.exp) {
|
|
265
|
-
|
|
226
|
+
const expirationDate = new Date(0);
|
|
266
227
|
expirationDate.setUTCSeconds(accessTokenAsJson.exp);
|
|
267
228
|
result.isExpiryDateValid = expirationDate.valueOf() > new Date().valueOf();
|
|
268
229
|
}
|
|
269
|
-
|
|
270
|
-
|
|
271
|
-
if ((
|
|
272
|
-
webAuthSettingScopes.forEach(
|
|
273
|
-
|
|
230
|
+
const accessTokenScopes = accessTokenAsJson.scopes;
|
|
231
|
+
const webAuthSettingScopes = (_b = (_a = window.webAuthSettings) === null || _a === void 0 ? void 0 : _a.scope) === null || _b === void 0 ? void 0 : _b.split(' ');
|
|
232
|
+
if ((accessTokenScopes === null || accessTokenScopes === void 0 ? void 0 : accessTokenScopes.length) === (webAuthSettingScopes === null || webAuthSettingScopes === void 0 ? void 0 : webAuthSettingScopes.length)) {
|
|
233
|
+
webAuthSettingScopes.forEach(webAuthSettingScope => {
|
|
234
|
+
const i = accessTokenScopes.indexOf(webAuthSettingScope);
|
|
274
235
|
if (i > -1) {
|
|
275
|
-
|
|
236
|
+
accessTokenScopes.splice(i, 1);
|
|
276
237
|
}
|
|
277
238
|
});
|
|
278
|
-
result.isScopesValid =
|
|
239
|
+
result.isScopesValid = accessTokenScopes.length === 0;
|
|
279
240
|
}
|
|
280
241
|
result.isIssuerValid = accessTokenAsJson.iss === window.webAuthSettings.authority;
|
|
281
242
|
}
|
|
282
243
|
return result;
|
|
283
244
|
}
|
|
284
245
|
TokenService.offlineTokenCheck = offlineTokenCheck;
|
|
285
|
-
})(TokenService
|
|
246
|
+
})(TokenService || (TokenService = {}));
|