docpouch-client 1.1.0 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.d.ts CHANGED
@@ -414,6 +414,7 @@ export interface I_OidcUserInfo {
414
414
  export interface I_OidcClientRegistration {
415
415
  client_name: string;
416
416
  redirect_uris: string[];
417
+ post_logout_redirect_uris?: string[];
417
418
  grant_types?: string[];
418
419
  response_types?: string[];
419
420
  scope?: string;
@@ -433,6 +434,7 @@ export interface I_OidcClientResponse {
433
434
  registration_client_uri?: string;
434
435
  client_name?: string;
435
436
  redirect_uris?: string[];
437
+ post_logout_redirect_uris?: string[];
436
438
  grant_types?: string[];
437
439
  response_types?: string[];
438
440
  scope?: string;
package/dist/index.js CHANGED
@@ -491,19 +491,19 @@ export default class docPouchClient {
491
491
  const wasOidc = this.authMethod === 'oidc';
492
492
  // For OIDC, redirect to /end_session endpoint
493
493
  if (wasOidc && this.oidcConfig && typeof window !== 'undefined') {
494
- const redirectUri = options?.redirectUri || this.oidcConfig.redirectUri || window.location.origin;
494
+ // Use postLogoutRedirectUri if available, otherwise fallback to redirectUri
495
+ const redirectUri = options?.redirectUri || this.oidcConfig.postLogoutRedirectUri || this.oidcConfig.redirectUri || window.location.origin;
495
496
  let url = `${this.oidcConfig.issuer}/end_session?post_logout_redirect_uri=${encodeURIComponent(redirectUri)}`;
496
497
  // Add id_token_hint if available
497
498
  const idToken = options?.idTokenHint || this.oidcIdToken;
498
499
  if (idToken) {
499
500
  url += `&id_token_hint=${idToken}`;
500
501
  }
501
- // Clear tokens before redirect
502
- this.authToken = null;
503
- this.clearOidcTokens();
504
- this.authMethod = 'none';
505
- if (this.socket.connected)
506
- this.socket.disconnect();
502
+ // DO NOT clear tokens before redirect - wait for redirect back to determine actual logout status
503
+ // Instead, set a flag to indicate we're in logout process
504
+ if (typeof window !== 'undefined' && window.sessionStorage) {
505
+ sessionStorage.setItem('docpouch_logout_in_progress', 'true');
506
+ }
507
507
  // Redirect to OIDC logout endpoint
508
508
  window.location.href = url;
509
509
  return;
@@ -543,7 +543,7 @@ export default class docPouchClient {
543
543
  if (!this.oidcConfig?.issuer) {
544
544
  throw new Error('OIDC issuer not configured');
545
545
  }
546
- const { redirectUri = this.oidcConfig.redirectUri || window.location.origin, idTokenHint } = options || {};
546
+ const { redirectUri = this.oidcConfig.postLogoutRedirectUri || this.oidcConfig.redirectUri || window.location.origin, idTokenHint } = options || {};
547
547
  let url = `${this.oidcConfig.issuer}/end_session?post_logout_redirect_uri=${encodeURIComponent(redirectUri)}`;
548
548
  if (idTokenHint) {
549
549
  url += `&id_token_hint=${idTokenHint}`;
@@ -551,12 +551,11 @@ export default class docPouchClient {
551
551
  else if (this.oidcIdToken) {
552
552
  url += `&id_token_hint=${this.oidcIdToken}`;
553
553
  }
554
- // Clear tokens before redirect
555
- this.authToken = null;
556
- this.clearOidcTokens();
557
- this.authMethod = 'none';
558
- if (this.socket.connected)
559
- this.socket.disconnect();
554
+ // DO NOT clear tokens before redirect - wait for redirect back to determine actual logout status
555
+ // Instead, set a flag to indicate we're in logout process
556
+ if (typeof window !== 'undefined' && window.sessionStorage) {
557
+ sessionStorage.setItem('docpouch_logout_in_progress', 'true');
558
+ }
560
559
  // Emit OIDC logout event
561
560
  this.emit('oidc-logout');
562
561
  this.emit('logout');
@@ -612,18 +611,71 @@ export default class docPouchClient {
612
611
  * @returns {boolean} True if user was just logged out
613
612
  */
614
613
  wasJustLoggedOut() {
615
- // Check URL query parameter
614
+ // Check if we're in the middle of a logout process
615
+ const logoutInProgress = typeof window !== 'undefined' && window.sessionStorage
616
+ ? sessionStorage.getItem('docpouch_logout_in_progress') === 'true'
617
+ : false;
618
+ if (!logoutInProgress) {
619
+ return false;
620
+ }
621
+ // Check URL query parameters for logout confirmation
616
622
  const urlParams = new URLSearchParams(window.location.search);
617
- if (urlParams.get('logout') === 'true') {
618
- return true;
623
+ const logoutParam = urlParams.get('logout');
624
+ // If logout parameter is explicitly 'no', user cancelled
625
+ if (logoutParam === 'no') {
626
+ // Clear the logout in progress flag
627
+ if (typeof window !== 'undefined' && window.sessionStorage) {
628
+ sessionStorage.removeItem('docpouch_logout_in_progress');
629
+ }
630
+ return false;
619
631
  }
620
- // Check localStorage flag
621
- const lastAuthMethod = localStorage.getItem('lastAuthMethod');
622
- const currentAuthMethod = localStorage.getItem('authMethod');
623
- // If last was OIDC/JWT but current is none, was logged out
624
- if (lastAuthMethod && currentAuthMethod === null) {
632
+ // If logout parameter is 'yes' or 'true', user confirmed logout
633
+ if (logoutParam === 'yes' || logoutParam === 'true') {
634
+ // Clear the logout in progress flag
635
+ if (typeof window !== 'undefined' && window.sessionStorage) {
636
+ sessionStorage.removeItem('docpouch_logout_in_progress');
637
+ }
638
+ // Clear tokens as user confirmed logout
639
+ this.authToken = null;
640
+ this.clearOidcTokens();
641
+ this.authMethod = 'none';
642
+ if (this.socket.connected)
643
+ this.socket.disconnect();
625
644
  return true;
626
645
  }
646
+ // If no logout parameter but we were in logout process,
647
+ // check if OIDC provider sent us back without confirmation
648
+ // This could happen if there was an error or user cancelled in another way
649
+ if (logoutParam === null) {
650
+ // Check if this is a post-logout redirect - assume logout was successful
651
+ // unless there's an error parameter
652
+ const errorParam = urlParams.get('error');
653
+ if (!errorParam) {
654
+ // Clear the logout in progress flag
655
+ if (typeof window !== 'undefined' && window.sessionStorage) {
656
+ sessionStorage.removeItem('docpouch_logout_in_progress');
657
+ }
658
+ // Clear tokens
659
+ this.authToken = null;
660
+ this.clearOidcTokens();
661
+ this.authMethod = 'none';
662
+ if (this.socket.connected)
663
+ this.socket.disconnect();
664
+ return true;
665
+ }
666
+ else {
667
+ // There was an error, assume logout was cancelled
668
+ // Clear the logout in progress flag
669
+ if (typeof window !== 'undefined' && window.sessionStorage) {
670
+ sessionStorage.removeItem('docpouch_logout_in_progress');
671
+ }
672
+ return false;
673
+ }
674
+ }
675
+ // Default case - clear the flag to prevent stuck state
676
+ if (typeof window !== 'undefined' && window.sessionStorage) {
677
+ sessionStorage.removeItem('docpouch_logout_in_progress');
678
+ }
627
679
  return false;
628
680
  }
629
681
  // OIDC Dynamic Client Registration Methods
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "docpouch-client",
3
- "version": "1.1.0",
3
+ "version": "1.1.2",
4
4
  "main": "dist/index.js",
5
5
  "types": "dist/index.d.ts",
6
6
  "exports": {
@@ -0,0 +1,24 @@
1
+ // Test script to verify post_logout_redirect_uris functionality
2
+ const fs = require('fs');
3
+
4
+ // Read the built client to verify the changes
5
+ const clientCode = fs.readFileSync('dist/index.js', 'utf8');
6
+
7
+ console.log('Checking for post_logout_redirect_uris support...');
8
+
9
+ // Check if the interfaces include post_logout_redirect_uris
10
+ const hasRegistrationInterface = clientCode.includes('post_logout_redirect_uris?: string[]');
11
+ const hasResponseInterface = clientCode.includes('post_logout_redirect_uris?: string[]');
12
+
13
+ // Check if logout methods use postLogoutRedirectUri
14
+ const usesPostLogoutUri = clientCode.includes('this.oidcConfig.postLogoutRedirectUri');
15
+
16
+ console.log('I_OidcClientRegistration has post_logout_redirect_uris:', hasRegistrationInterface);
17
+ console.log('I_OidcClientResponse has post_logout_redirect_uris:', hasResponseInterface);
18
+ console.log('Logout methods use postLogoutRedirectUri:', usesPostLogoutUri);
19
+
20
+ if (hasRegistrationInterface && hasResponseInterface && usesPostLogoutUri) {
21
+ console.log('✅ All post_logout_redirect_uris functionality is properly implemented!');
22
+ } else {
23
+ console.log('❌ Some post_logout_redirect_uris functionality is missing');
24
+ }