oidc-spa 4.13.3 → 4.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (20) hide show
  1. package/mock/oidc.js +15 -3
  2. package/mock/oidc.js.map +1 -1
  3. package/oidc.d.ts +22 -5
  4. package/oidc.js +190 -75
  5. package/oidc.js.map +1 -1
  6. package/package.json +6 -1
  7. package/react/react.d.ts +26 -1
  8. package/react/react.js +8 -1
  9. package/react/react.js.map +1 -1
  10. package/src/mock/oidc.ts +13 -2
  11. package/src/oidc.ts +192 -36
  12. package/src/react/react.tsx +38 -2
  13. package/src/tools/base64.ts +7 -0
  14. package/src/tools/urlQueryParams.ts +20 -2
  15. package/tools/base64.d.ts +2 -0
  16. package/tools/base64.js +11 -0
  17. package/tools/base64.js.map +1 -0
  18. package/tools/urlQueryParams.d.ts +6 -0
  19. package/tools/urlQueryParams.js +16 -2
  20. package/tools/urlQueryParams.js.map +1 -1
package/mock/oidc.js CHANGED
@@ -117,7 +117,7 @@ function createMockOidc(params) {
117
117
  // @ts-expect-error: We know what we are doing
118
118
  return oidc;
119
119
  }
120
- return (0, tsafe_1.id)(__assign(__assign({}, common), { "isUserLoggedIn": true, "renewTokens": function () { return __awaiter(_this, void 0, void 0, function () { return __generator(this, function (_a) {
120
+ return (0, tsafe_1.id)(__assign(__assign(__assign({}, common), { "isUserLoggedIn": true, "renewTokens": function () { return __awaiter(_this, void 0, void 0, function () { return __generator(this, function (_a) {
121
121
  return [2 /*return*/];
122
122
  }); }); }, "getTokens": (function () {
123
123
  var _a, _b, _c, _d, _e, _f;
@@ -159,11 +159,23 @@ function createMockOidc(params) {
159
159
  return new Promise(function () { });
160
160
  }, "subscribeToAutoLogoutCountdown": function () { return ({
161
161
  "unsubscribeFromAutoLogoutCountdown": function () { }
162
- }); }, "loginScenario": isUserInitiallyLoggedIn ? "silentSignin" : "backFromLoginPages", "goToAuthServer": function (_a) { return __awaiter(_this, [_a], void 0, function (_b) {
162
+ }); },
163
+ //"loginScenario": isUserInitiallyLoggedIn ? "silentSignin" : "backFromLoginPages",
164
+ "goToAuthServer": function (_a) { return __awaiter(_this, [_a], void 0, function (_b) {
163
165
  var redirectUrl = _b.redirectUrl;
164
166
  return __generator(this, function (_c) {
165
167
  return [2 /*return*/, loginOrGoToAuthServer({ redirectUrl: redirectUrl })];
166
168
  });
167
- }); } }));
169
+ }); } }), (isUserInitiallyLoggedIn
170
+ ? {
171
+ "authMethod": "back from auth server",
172
+ "backFromAuthServer": {
173
+ "extraQueryParams": {},
174
+ "result": {}
175
+ }
176
+ }
177
+ : {
178
+ "authMethod": "silent signin"
179
+ })));
168
180
  }
169
181
  //# sourceMappingURL=oidc.js.map
package/mock/oidc.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"oidc.js","sourceRoot":"","sources":["../src/mock/oidc.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoBA,wCAiJC;AApKD,0DAAwF;AACxF,8FAA6F;AAC7F,kDAA8C;AAC9C,kDAA+D;AAc/D,IAAM,YAAY,GAAG,gBAAgB,CAAC;AAEtC,SAAgB,cAAc,CAI1B,MAAsE;IAJ1E,iBAiJC;;IA1IO,IAAA,uBAAuB,GAMvB,MAAM,wBANiB,EACvB,KAKA,MAAM,aALW,EAAjB,YAAY,mBAAG,EAAE,KAAA,EACjB,KAIA,MAAM,aAJW,EAAjB,YAAY,mBAAG,EAAE,KAAA,EACN,gBAAgB,GAG3B,MAAM,UAHqB,EAC3B,KAEA,MAAM,uBAFwB,EAA9B,sBAAsB,mBAAG,KAAK,KAAA,EAC9B,oBAAoB,GACpB,MAAM,qBADc,CACb;IAEX,IAAM,cAAc,GAAG,CAAC;QACpB,IAAM,MAAM,GAAG,IAAA,0CAAyB,EAAC;YACrC,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;YAC3B,MAAM,EAAE,YAAY;SACvB,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;YACrB,OAAO,uBAAuB,CAAC;QACnC,CAAC;QAED,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QAEnD,OAAO,MAAM,CAAC,KAAK,KAAK,MAAM,CAAC;IACnC,CAAC,CAAC,EAAE,CAAC;IAEL,IAAM,SAAS,GAAG,CAAC;QACf,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACjC,OAAO,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;QAClC,CAAC;QAED,OAAO,CACH,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC;YAC/B,CAAC,CAAC,gBAAgB;YAClB,CAAC,CAAC,UAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,SAAG,gBAAgB,CAAE,CACvD,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACzB,CAAC,CAAC,EAAE,CAAC;IAEL,IAAM,MAAM,GAAgB;QACxB,QAAQ,EAAE;YACN,UAAU,EAAE,MAAA,YAAY,CAAC,QAAQ,mCAAI,cAAc;YACnD,WAAW,EAAE,MAAA,YAAY,CAAC,SAAS,mCAAI,oDAAoD;SAC9F;KACJ,CAAC;IAEF,IAAM,qBAAqB,GAAG,UAAO,MAEpC;;;YACW,WAAW,GAAK,MAAM,YAAX,CAAY;YAEvB,MAAM,GAAK,IAAA,mCAAkB,EAAC;gBAClC,KAAK,EAAE,CAAC;oBACJ,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;wBAC5B,OAAO,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;oBAChC,CAAC;oBACD,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC;wBAC9B,CAAC,CAAC,UAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,SAAG,WAAW,CAAE;wBAC3C,CAAC,CAAC,WAAW,CAAC;gBACtB,CAAC,CAAC,EAAE;gBACJ,MAAM,EAAE,YAAY;gBACpB,OAAO,EAAE,MAAM;aAClB,CAAC,OAXY,CAWX;YAEH,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,MAAM,CAAC;YAE9B,sBAAO,IAAI,OAAO,CAAQ,cAAO,CAAC,CAAC,EAAC;;SACvC,CAAC;IAEF,IAAI,CAAC,cAAc,EAAE,CAAC;QAClB,IAAM,IAAI,GAAG,IAAA,UAAE,wBACR,MAAM,KACT,gBAAgB,EAAE,KAAK,EACvB,OAAO,EAAE,UAAC,EAAe;oBAAb,WAAW,iBAAA;gBAAO,OAAA,qBAAqB,CAAC,EAAE,WAAW,aAAA,EAAE,CAAC;YAAtC,CAAsC,EACpE,qBAAqB,EAAE,SAAS,IAClC,CAAC;QACH,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAC1B,IAAI,CAAC,KAAK,CAAC;gBACP,aAAa,EAAE,oBAAoB;gBACnC,6BAA6B,EAAE,IAAI;aACtC,CAAC,CAAC;YACH,IAAA,cAAM,EAAC,KAAK,CAAC,CAAC;QAClB,CAAC;QACD,8CAA8C;QAC9C,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,OAAO,IAAA,UAAE,wBACF,MAAM,KACT,gBAAgB,EAAE,IAAI,EACtB,aAAa,EAAE;;iBAAc,EAC7B,WAAW,EAAE,CAAC;;YACV,IAAM,MAAM,GAAgC;gBACxC,aAAa,EAAE,MAAA,YAAY,CAAC,WAAW,mCAAI,qBAAqB;gBAChE,2BAA2B,EAAE,MAAA,YAAY,CAAC,yBAAyB,mCAAI,QAAQ;gBAC/E,SAAS,EAAE,MAAA,YAAY,CAAC,OAAO,mCAAI,iBAAiB;gBACpD,cAAc,EAAE,MAAA,YAAY,CAAC,YAAY,mCAAI,sBAAsB;gBACnE,4BAA4B,EAAE,MAAA,YAAY,CAAC,0BAA0B,mCAAI,QAAQ;gBACjF,gBAAgB,EACZ,MAAA,YAAY,CAAC,cAAc,mCAC3B,IAAA,mEAAgC,EAAiB;oBAC7C,cAAc,EAAE;wBACZ,8CAA8C;wBAC9C,kDAAkD;qBACrD,CAAC,IAAI,CAAC,IAAI,CAAC;iBACf,CAAC;aACT,CAAC;YAEF,OAAO,cAAM,OAAA,MAAM,EAAN,CAAM,CAAC;QACxB,CAAC,CAAC,EAAE,EACJ,yBAAyB,EAAE,cAAM,OAAA,CAAC;YAC9B,aAAa,EAAE,cAAO,CAAC;SAC1B,CAAC,EAF+B,CAE/B,EACF,QAAQ,EAAE,UAAA,MAAM;YACJ,IAAA,MAAM,GAAK,IAAA,mCAAkB,EAAC;gBAClC,KAAK,EAAE,CAAC;oBACJ,QAAQ,MAAM,CAAC,UAAU,EAAE,CAAC;wBACxB,KAAK,cAAc;4BACf,OAAO,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;wBAChC,KAAK,MAAM;4BACP,OAAO,SAAS,CAAC;wBACrB,KAAK,cAAc;4BACf,OAAO,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC;gCAC7B,CAAC,CAAC,UAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,SAAG,MAAM,CAAC,GAAG,CAAE;gCAC1C,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;oBACzB,CAAC;oBACD,IAAA,cAAM,EAA+B,KAAK,CAAC,CAAC;gBAChD,CAAC,CAAC,EAAE;gBACJ,MAAM,EAAE,YAAY;gBACpB,OAAO,EAAE,OAAO;aACnB,CAAC,OAhBY,CAgBX;YAEH,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,MAAM,CAAC;YAE9B,OAAO,IAAI,OAAO,CAAQ,cAAO,CAAC,CAAC,CAAC;QACxC,CAAC,EACD,gCAAgC,EAAE,cAAM,OAAA,CAAC;YACrC,oCAAoC,EAAE,cAAO,CAAC;SACjD,CAAC,EAFsC,CAEtC,EACF,eAAe,EAAE,uBAAuB,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,oBAAoB,EAChF,gBAAgB,EAAE,gEAAO,EAAe;gBAAb,WAAW,iBAAA;;gBAAO,sBAAA,qBAAqB,CAAC,EAAE,WAAW,aAAA,EAAE,CAAC,EAAA;;aAAA,IACrF,CAAC;AACP,CAAC"}
1
+ {"version":3,"file":"oidc.js","sourceRoot":"","sources":["../src/mock/oidc.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoBA,wCA4JC;AA/KD,0DAAwF;AACxF,8FAA6F;AAC7F,kDAA8C;AAC9C,kDAA+D;AAc/D,IAAM,YAAY,GAAG,gBAAgB,CAAC;AAEtC,SAAgB,cAAc,CAI1B,MAAsE;IAJ1E,iBA4JC;;IArJO,IAAA,uBAAuB,GAMvB,MAAM,wBANiB,EACvB,KAKA,MAAM,aALW,EAAjB,YAAY,mBAAG,EAAE,KAAA,EACjB,KAIA,MAAM,aAJW,EAAjB,YAAY,mBAAG,EAAE,KAAA,EACN,gBAAgB,GAG3B,MAAM,UAHqB,EAC3B,KAEA,MAAM,uBAFwB,EAA9B,sBAAsB,mBAAG,KAAK,KAAA,EAC9B,oBAAoB,GACpB,MAAM,qBADc,CACb;IAEX,IAAM,cAAc,GAAG,CAAC;QACpB,IAAM,MAAM,GAAG,IAAA,0CAAyB,EAAC;YACrC,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;YAC3B,MAAM,EAAE,YAAY;SACvB,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;YACrB,OAAO,uBAAuB,CAAC;QACnC,CAAC;QAED,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QAEnD,OAAO,MAAM,CAAC,KAAK,KAAK,MAAM,CAAC;IACnC,CAAC,CAAC,EAAE,CAAC;IAEL,IAAM,SAAS,GAAG,CAAC;QACf,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACjC,OAAO,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;QAClC,CAAC;QAED,OAAO,CACH,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC;YAC/B,CAAC,CAAC,gBAAgB;YAClB,CAAC,CAAC,UAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,SAAG,gBAAgB,CAAE,CACvD,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACzB,CAAC,CAAC,EAAE,CAAC;IAEL,IAAM,MAAM,GAAgB;QACxB,QAAQ,EAAE;YACN,UAAU,EAAE,MAAA,YAAY,CAAC,QAAQ,mCAAI,cAAc;YACnD,WAAW,EAAE,MAAA,YAAY,CAAC,SAAS,mCAAI,oDAAoD;SAC9F;KACJ,CAAC;IAEF,IAAM,qBAAqB,GAAG,UAAO,MAEpC;;;YACW,WAAW,GAAK,MAAM,YAAX,CAAY;YAEvB,MAAM,GAAK,IAAA,mCAAkB,EAAC;gBAClC,KAAK,EAAE,CAAC;oBACJ,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;wBAC5B,OAAO,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;oBAChC,CAAC;oBACD,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC;wBAC9B,CAAC,CAAC,UAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,SAAG,WAAW,CAAE;wBAC3C,CAAC,CAAC,WAAW,CAAC;gBACtB,CAAC,CAAC,EAAE;gBACJ,MAAM,EAAE,YAAY;gBACpB,OAAO,EAAE,MAAM;aAClB,CAAC,OAXY,CAWX;YAEH,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,MAAM,CAAC;YAE9B,sBAAO,IAAI,OAAO,CAAQ,cAAO,CAAC,CAAC,EAAC;;SACvC,CAAC;IAEF,IAAI,CAAC,cAAc,EAAE,CAAC;QAClB,IAAM,IAAI,GAAG,IAAA,UAAE,wBACR,MAAM,KACT,gBAAgB,EAAE,KAAK,EACvB,OAAO,EAAE,UAAC,EAAe;oBAAb,WAAW,iBAAA;gBAAO,OAAA,qBAAqB,CAAC,EAAE,WAAW,aAAA,EAAE,CAAC;YAAtC,CAAsC,EACpE,qBAAqB,EAAE,SAAS,IAClC,CAAC;QACH,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAC1B,IAAI,CAAC,KAAK,CAAC;gBACP,aAAa,EAAE,oBAAoB;gBACnC,6BAA6B,EAAE,IAAI;aACtC,CAAC,CAAC;YACH,IAAA,cAAM,EAAC,KAAK,CAAC,CAAC;QAClB,CAAC;QACD,8CAA8C;QAC9C,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,OAAO,IAAA,UAAE,iCACF,MAAM,KACT,gBAAgB,EAAE,IAAI,EACtB,aAAa,EAAE;;iBAAc,EAC7B,WAAW,EAAE,CAAC;;YACV,IAAM,MAAM,GAAgC;gBACxC,aAAa,EAAE,MAAA,YAAY,CAAC,WAAW,mCAAI,qBAAqB;gBAChE,2BAA2B,EAAE,MAAA,YAAY,CAAC,yBAAyB,mCAAI,QAAQ;gBAC/E,SAAS,EAAE,MAAA,YAAY,CAAC,OAAO,mCAAI,iBAAiB;gBACpD,cAAc,EAAE,MAAA,YAAY,CAAC,YAAY,mCAAI,sBAAsB;gBACnE,4BAA4B,EAAE,MAAA,YAAY,CAAC,0BAA0B,mCAAI,QAAQ;gBACjF,gBAAgB,EACZ,MAAA,YAAY,CAAC,cAAc,mCAC3B,IAAA,mEAAgC,EAAiB;oBAC7C,cAAc,EAAE;wBACZ,8CAA8C;wBAC9C,kDAAkD;qBACrD,CAAC,IAAI,CAAC,IAAI,CAAC;iBACf,CAAC;aACT,CAAC;YAEF,OAAO,cAAM,OAAA,MAAM,EAAN,CAAM,CAAC;QACxB,CAAC,CAAC,EAAE,EACJ,yBAAyB,EAAE,cAAM,OAAA,CAAC;YAC9B,aAAa,EAAE,cAAO,CAAC;SAC1B,CAAC,EAF+B,CAE/B,EACF,QAAQ,EAAE,UAAA,MAAM;YACJ,IAAA,MAAM,GAAK,IAAA,mCAAkB,EAAC;gBAClC,KAAK,EAAE,CAAC;oBACJ,QAAQ,MAAM,CAAC,UAAU,EAAE,CAAC;wBACxB,KAAK,cAAc;4BACf,OAAO,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;wBAChC,KAAK,MAAM;4BACP,OAAO,SAAS,CAAC;wBACrB,KAAK,cAAc;4BACf,OAAO,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC;gCAC7B,CAAC,CAAC,UAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,SAAG,MAAM,CAAC,GAAG,CAAE;gCAC1C,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;oBACzB,CAAC;oBACD,IAAA,cAAM,EAA+B,KAAK,CAAC,CAAC;gBAChD,CAAC,CAAC,EAAE;gBACJ,MAAM,EAAE,YAAY;gBACpB,OAAO,EAAE,OAAO;aACnB,CAAC,OAhBY,CAgBX;YAEH,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,MAAM,CAAC;YAE9B,OAAO,IAAI,OAAO,CAAQ,cAAO,CAAC,CAAC,CAAC;QACxC,CAAC,EACD,gCAAgC,EAAE,cAAM,OAAA,CAAC;YACrC,oCAAoC,EAAE,cAAO,CAAC;SACjD,CAAC,EAFsC,CAEtC;QACF,mFAAmF;QACnF,gBAAgB,EAAE,gEAAO,EAAe;gBAAb,WAAW,iBAAA;;gBAAO,sBAAA,qBAAqB,CAAC,EAAE,WAAW,aAAA,EAAE,CAAC,EAAA;;aAAA,KAChF,CAAC,uBAAuB;QACvB,CAAC,CAAC;YACI,YAAY,EAAE,uBAAuB;YACrC,oBAAoB,EAAE;gBAClB,kBAAkB,EAAE,EAAE;gBACtB,QAAQ,EAAE,EAAE;aACf;SACJ;QACH,CAAC,CAAC;YACI,YAAY,EAAE,eAAe;SAChC,CAAC,EACV,CAAC;AACP,CAAC"}
package/oidc.d.ts CHANGED
@@ -53,14 +53,31 @@ export declare namespace Oidc {
53
53
  }) => void) => {
54
54
  unsubscribeFromAutoLogoutCountdown: () => void;
55
55
  };
56
+ } & ({
56
57
  /**
58
+ * "back from auth server":
59
+ * The user was redirected to the authentication server login/registration page and then redirected back to the application.
60
+ * "session storage":
61
+ * The user's authentication was restored from the browser session storage, typically after a page refresh.
62
+ * "silent signin":
63
+ * The user was authenticated silently using an iframe to check the session with the authentication server.
64
+ */
65
+ authMethod: "back from auth server";
66
+ /**
67
+ * Defined when authMethod is "back from auth server".
68
+ * If you called `goToAuthServer` or `login` with extraQueryParams, this object let you know the outcome of the
69
+ * of the action that was intended.
57
70
  *
58
- * backFromLoginPages: The user has returned from the identity server's login pages. The session was established using query parameters provided by the identity server.
59
- * sessionStorageRestoration: The user just reloaded the page. An OIDC token stored in the session storage was used to restore the session.
60
- * silentSignin: Silent Single Sign-On (SSO) was achieved by creating an iframe to the identity server in the background. HttpOnly cookies were utilized to restore the session without redirecting the user to the login pages.
71
+ * For example, on a Keycloak server, if you called `goToAuthServer({ extraQueryParams: { kc_action: "UPDATE_PASSWORD" } })`
72
+ * you'll get back: `{ extraQueryParams: { kc_action: "UPDATE_PASSWORD" }, result: { kc_action_status: "success" } }` (or "cancelled")
61
73
  */
62
- loginScenario: "backFromLoginPages" | "sessionStorageRestoration" | "silentSignin";
63
- };
74
+ backFromAuthServer: {
75
+ extraQueryParams: Record<string, string>;
76
+ result: Record<string, string>;
77
+ };
78
+ } | {
79
+ authMethod: "session storage" | "silent signin";
80
+ });
64
81
  type Tokens<DecodedIdToken extends Record<string, unknown> = Record<string, unknown>> = Readonly<{
65
82
  accessToken: string;
66
83
  accessTokenExpirationTime: number;
package/oidc.js CHANGED
@@ -108,6 +108,7 @@ var createIsUserActive_1 = require("./tools/createIsUserActive");
108
108
  var startCountdown_1 = require("./tools/startCountdown");
109
109
  var worker_timers_1 = require("./vendor/frontend/worker-timers");
110
110
  var OidcInitializationError_1 = require("./OidcInitializationError");
111
+ var base64_1 = require("./tools/base64");
111
112
  var PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN = ["code", "state", "session_state", "iss"];
112
113
  var $isUserActive = undefined;
113
114
  var prOidcByConfigHash = new Map();
@@ -115,12 +116,12 @@ var URL_real = window.URL;
115
116
  /** @see: https://github.com/garronej/oidc-spa#option-1-usage-without-involving-the-ui-framework */
116
117
  function createOidc(params) {
117
118
  return __awaiter(this, void 0, void 0, function () {
118
- var issuerUri, clientId, clientSecret, _a, scopes, _b, transformUrlBeforeRedirect, extraQueryParamsOrGetter, publicUrl_params, decodedIdTokenSchema, __unsafe_ssoSessionIdleSeconds, _c, autoLogoutParams, _d, isAuthGloballyRequired, postLoginRedirectUrl, getExtraQueryParams, publicUrl, configHash, prOidc, dOidc, silentSso, IS_SILENT_SSO_RESERVED_QUERY_PARAM_NAME, CONFIG_HASH_RESERVED_QUERY_PARAM_NAME, result, oidcClientTsUserManager, lastPublicRoute, startTrackingLastPublicRoute, hasLoginBeenCalled, loginOrGoToAuthServer, resultOfLoginProcess, common, error, initializationError, oidc_1, oidc_2, currentTokens, autoLogoutCountdownTickCallbacks, onTokenChanges, oidc, getMsBeforeExpiration_1, startCountdown_2, stopCountdown_1;
119
+ var issuerUri, clientId, clientSecret, _a, scopes, transformUrlBeforeRedirect, extraQueryParamsOrGetter, publicUrl_params, decodedIdTokenSchema, __unsafe_ssoSessionIdleSeconds, _b, autoLogoutParams, _c, isAuthGloballyRequired, postLoginRedirectUrl, getExtraQueryParams, publicUrl, configHash, prOidc, dOidc, silentSso, IS_SILENT_SSO_RESERVED_QUERY_PARAM_NAME, CONFIG_HASH_RESERVED_QUERY_PARAM_NAME, result, oidcClientTsUserManager, lastPublicRoute, startTrackingLastPublicRoute, hasLoginBeenCalled, RESULT_OMIT_RESERVED_QUERY_PARAM_NAME, EXTRA_QUERY_PARAMS_BACK_FROM_AUTH_SERVER_RESERVED_QUERY_PARAM_NAME, loginOrGoToAuthServer, resultOfLoginProcess, common, error, initializationError, oidc_1, oidc_2, currentTokens, autoLogoutCountdownTickCallbacks, onTokenChanges, oidc, getMsBeforeExpiration_1, startCountdown_2, stopCountdown_1;
119
120
  var _this = this;
120
- return __generator(this, function (_e) {
121
- switch (_e.label) {
121
+ return __generator(this, function (_d) {
122
+ switch (_d.label) {
122
123
  case 0:
123
- issuerUri = params.issuerUri, clientId = params.clientId, clientSecret = params.clientSecret, _a = params.scopes, scopes = _a === void 0 ? ["profile"] : _a, _b = params.transformUrlBeforeRedirect, transformUrlBeforeRedirect = _b === void 0 ? function (url) { return url; } : _b, extraQueryParamsOrGetter = params.extraQueryParams, publicUrl_params = params.publicUrl, decodedIdTokenSchema = params.decodedIdTokenSchema, __unsafe_ssoSessionIdleSeconds = params.__unsafe_ssoSessionIdleSeconds, _c = params.autoLogoutParams, autoLogoutParams = _c === void 0 ? { "redirectTo": "current page" } : _c, _d = params.isAuthGloballyRequired, isAuthGloballyRequired = _d === void 0 ? false : _d, postLoginRedirectUrl = params.postLoginRedirectUrl;
124
+ issuerUri = params.issuerUri, clientId = params.clientId, clientSecret = params.clientSecret, _a = params.scopes, scopes = _a === void 0 ? ["profile"] : _a, transformUrlBeforeRedirect = params.transformUrlBeforeRedirect, extraQueryParamsOrGetter = params.extraQueryParams, publicUrl_params = params.publicUrl, decodedIdTokenSchema = params.decodedIdTokenSchema, __unsafe_ssoSessionIdleSeconds = params.__unsafe_ssoSessionIdleSeconds, _b = params.autoLogoutParams, autoLogoutParams = _b === void 0 ? { "redirectTo": "current page" } : _b, _c = params.isAuthGloballyRequired, isAuthGloballyRequired = _c === void 0 ? false : _c, postLoginRedirectUrl = params.postLoginRedirectUrl;
124
125
  getExtraQueryParams = (function () {
125
126
  if (typeof extraQueryParamsOrGetter === "function") {
126
127
  return extraQueryParamsOrGetter;
@@ -188,14 +189,14 @@ function createOidc(params) {
188
189
  // Here the user forget to create the silent-sso.html file or or the web server is not serving it correctly
189
190
  // we shouldn't fall back to the SPA page.
190
191
  // In this case we want to let the timeout of the parent expire to provide the correct error message.
191
- _e.sent();
192
- _e.label = 2;
192
+ _d.sent();
193
+ _d.label = 2;
193
194
  case 2:
194
195
  parent.postMessage(location.href, location.origin);
195
196
  return [4 /*yield*/, new Promise(function () { })];
196
197
  case 3:
197
- _e.sent();
198
- _e.label = 4;
198
+ _d.sent();
199
+ _d.label = 4;
199
200
  case 4:
200
201
  oidcClientTsUserManager = new oidc_client_ts_and_jwt_decode_1.UserManager({
201
202
  "authority": issuerUri,
@@ -233,12 +234,14 @@ function createOidc(params) {
233
234
  };
234
235
  };
235
236
  hasLoginBeenCalled = false;
237
+ RESULT_OMIT_RESERVED_QUERY_PARAM_NAME = "oidc-spa_result_omit";
238
+ EXTRA_QUERY_PARAMS_BACK_FROM_AUTH_SERVER_RESERVED_QUERY_PARAM_NAME = "oidc-spa_intent";
236
239
  loginOrGoToAuthServer = function (params) { return __awaiter(_this, void 0, void 0, function () {
237
- var extraQueryParams_fromLoginFn, redirectUrl, _a, transformUrlBeforeRedirect_fromLoginFn, rest, redirect_uri, callback_1, URL_1;
238
- return __generator(this, function (_b) {
239
- switch (_b.label) {
240
+ var extraQueryParams_fromLoginFn, redirectUrl, transformUrlBeforeRedirect_fromLoginFn, rest, callback_1, redirect_uri, URL_1;
241
+ return __generator(this, function (_a) {
242
+ switch (_a.label) {
240
243
  case 0:
241
- extraQueryParams_fromLoginFn = params.extraQueryParams, redirectUrl = params.redirectUrl, _a = params.transformUrlBeforeRedirect, transformUrlBeforeRedirect_fromLoginFn = _a === void 0 ? function (url) { return url; } : _a, rest = __rest(params, ["extraQueryParams", "redirectUrl", "transformUrlBeforeRedirect"]);
244
+ extraQueryParams_fromLoginFn = params.extraQueryParams, redirectUrl = params.redirectUrl, transformUrlBeforeRedirect_fromLoginFn = params.transformUrlBeforeRedirect, rest = __rest(params, ["extraQueryParams", "redirectUrl", "transformUrlBeforeRedirect"]);
242
245
  login_only: {
243
246
  if (rest.action !== "login") {
244
247
  break login_only;
@@ -248,18 +251,6 @@ function createOidc(params) {
248
251
  }
249
252
  hasLoginBeenCalled = true;
250
253
  }
251
- redirect_uri = (0, urlQueryParams_1.addQueryParamToUrl)({
252
- "url": (function () {
253
- if (redirectUrl === undefined) {
254
- return window.location.href;
255
- }
256
- return redirectUrl.startsWith("/")
257
- ? "".concat(window.location.origin).concat(redirectUrl)
258
- : redirectUrl;
259
- })(),
260
- "name": CONFIG_HASH_RESERVED_QUERY_PARAM_NAME,
261
- "value": configHash
262
- }).newUrl;
263
254
  // NOTE: This is for handling cases when user press the back button on the login pages.
264
255
  // When the app is hosted on https (so not in dev mode) the browser will restore the state of the app
265
256
  // instead of reloading the page.
@@ -285,6 +276,65 @@ function createOidc(params) {
285
276
  };
286
277
  document.addEventListener("visibilitychange", callback_1);
287
278
  }
279
+ redirect_uri = (function () {
280
+ var e_1, _a;
281
+ var url = (function () {
282
+ if (redirectUrl === undefined) {
283
+ return window.location.href;
284
+ }
285
+ return redirectUrl.startsWith("/")
286
+ ? "".concat(window.location.origin).concat(redirectUrl)
287
+ : redirectUrl;
288
+ })();
289
+ url = (0, urlQueryParams_1.addQueryParamToUrl)({
290
+ url: url,
291
+ "name": CONFIG_HASH_RESERVED_QUERY_PARAM_NAME,
292
+ "value": configHash
293
+ }).newUrl;
294
+ {
295
+ var queryParamsNamesToOmit_backFromAuthServer = (0, urlQueryParams_1.retrieveAllQueryParamFromUrl)({ url: url }).values;
296
+ url = (0, urlQueryParams_1.addQueryParamToUrl)({
297
+ url: url,
298
+ "name": RESULT_OMIT_RESERVED_QUERY_PARAM_NAME,
299
+ "value": (0, base64_1.encodeBase64)(JSON.stringify(Object.keys(queryParamsNamesToOmit_backFromAuthServer)))
300
+ }).newUrl;
301
+ }
302
+ {
303
+ var extraQueryParams_backFromAuthServer = extraQueryParams_fromLoginFn !== null && extraQueryParams_fromLoginFn !== void 0 ? extraQueryParams_fromLoginFn : {};
304
+ read_query_params_added_by_transform_before_redirect: {
305
+ if (transformUrlBeforeRedirect_fromLoginFn === undefined) {
306
+ break read_query_params_added_by_transform_before_redirect;
307
+ }
308
+ var url_afterTransform = void 0;
309
+ try {
310
+ url_afterTransform = transformUrlBeforeRedirect_fromLoginFn("https://dummy.com");
311
+ }
312
+ catch (_b) {
313
+ break read_query_params_added_by_transform_before_redirect;
314
+ }
315
+ var queryParamsAddedByTransformBeforeRedirect = (0, urlQueryParams_1.retrieveAllQueryParamFromUrl)({ "url": url_afterTransform }).values;
316
+ try {
317
+ for (var _c = __values(Object.entries(queryParamsAddedByTransformBeforeRedirect)), _d = _c.next(); !_d.done; _d = _c.next()) {
318
+ var _e = __read(_d.value, 2), name_1 = _e[0], value = _e[1];
319
+ extraQueryParams_backFromAuthServer[name_1] = value;
320
+ }
321
+ }
322
+ catch (e_1_1) { e_1 = { error: e_1_1 }; }
323
+ finally {
324
+ try {
325
+ if (_d && !_d.done && (_a = _c.return)) _a.call(_c);
326
+ }
327
+ finally { if (e_1) throw e_1.error; }
328
+ }
329
+ }
330
+ url = (0, urlQueryParams_1.addQueryParamToUrl)({
331
+ url: url,
332
+ "name": EXTRA_QUERY_PARAMS_BACK_FROM_AUTH_SERVER_RESERVED_QUERY_PARAM_NAME,
333
+ "value": (0, base64_1.encodeBase64)(JSON.stringify(extraQueryParams_backFromAuthServer))
334
+ }).newUrl;
335
+ }
336
+ return url;
337
+ })();
288
338
  //NOTE: We know there is a extraQueryParameter option but it doesn't allow
289
339
  // to control the encoding so we have to highjack global URL Class that is
290
340
  // used internally by oidc-client-ts. It's save to do so since this is the
@@ -322,22 +372,27 @@ function createOidc(params) {
322
372
  }).newUrl);
323
373
  });
324
374
  }
325
- url_1 = transformUrlBeforeRedirect(url_1);
375
+ apply_transform_before_redirect: {
376
+ if (transformUrlBeforeRedirect === undefined) {
377
+ break apply_transform_before_redirect;
378
+ }
379
+ url_1 = transformUrlBeforeRedirect(url_1);
380
+ }
326
381
  });
327
382
  // NOTE: Put the redirect_uri at the end of the url to avoid
328
383
  // for aesthetic reasons, to avoid having the oidc-spa specific query parameters
329
384
  // being directly visible in the browser's address bar.
330
385
  {
331
- var name_1 = "redirect_uri";
386
+ var name_2 = "redirect_uri";
332
387
  var result = (0, urlQueryParams_1.retrieveQueryParamFromUrl)({
333
388
  url: url_1,
334
- name: name_1
389
+ name: name_2
335
390
  });
336
391
  (0, tsafe_2.assert)(result.wasPresent);
337
392
  url_1 = result.newUrl;
338
393
  url_1 = (0, urlQueryParams_1.addQueryParamToUrl)({
339
394
  url: url_1,
340
- name: name_1,
395
+ name: name_2,
341
396
  "value": result.value
342
397
  }).newUrl;
343
398
  }
@@ -365,18 +420,18 @@ function createOidc(params) {
365
420
  })()
366
421
  })];
367
422
  case 1:
368
- _b.sent();
423
+ _a.sent();
369
424
  return [2 /*return*/, new Promise(function () { })];
370
425
  }
371
426
  });
372
427
  }); };
373
428
  return [4 /*yield*/, (function getUser() {
374
429
  return __awaiter(this, void 0, void 0, function () {
375
- var url, result, loginSuccessUrl, missingMandatoryParams, PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1, PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1_1, name_2, result, result, oidcClientTsUser, error_1, oidcClientTsUser, error_2, dLoginSuccessUrl_1, timeoutDelayMs_1, timeout_1, listener_1, loginSuccessUrl, oidcClientTsUser, error_3;
376
- var e_1, _a;
430
+ var url, result, loginSuccessUrl, missingMandatoryParams, PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1, PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1_1, name_3, result, result, extraQueryParams_backFromAuthServer, result, queryParamsNamesToOmit_backFromAuthServer, result, result_backFromAuthServer, values, _a, _b, _c, name_4, value, result, oidcClientTsUser, error_1, oidcClientTsUser, error_2, dLoginSuccessUrl_1, timeoutDelayMs_1, timeout_1, listener_1, loginSuccessUrl, oidcClientTsUser, error_3;
431
+ var e_2, _d, e_3, _e;
377
432
  var _this = this;
378
- return __generator(this, function (_b) {
379
- switch (_b.label) {
433
+ return __generator(this, function (_f) {
434
+ switch (_f.label) {
380
435
  case 0:
381
436
  url = window.location.href;
382
437
  {
@@ -393,31 +448,30 @@ function createOidc(params) {
393
448
  missingMandatoryParams = [];
394
449
  try {
395
450
  for (PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1 = __values(PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN), PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1_1 = PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1.next(); !PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1_1.done; PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1_1 = PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1.next()) {
396
- name_2 = PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1_1.value;
397
- result = (0, urlQueryParams_1.retrieveQueryParamFromUrl)({ name: name_2, url: url });
451
+ name_3 = PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1_1.value;
452
+ result = (0, urlQueryParams_1.retrieveQueryParamFromUrl)({ name: name_3, url: url });
398
453
  if (!result.wasPresent) {
399
- if (name_2 === "iss") {
454
+ if (name_3 === "iss") {
400
455
  continue;
401
456
  }
402
- missingMandatoryParams.push(name_2);
457
+ missingMandatoryParams.push(name_3);
403
458
  continue;
404
459
  }
405
460
  loginSuccessUrl = (0, urlQueryParams_1.addQueryParamToUrl)({
406
461
  "url": loginSuccessUrl,
407
- "name": name_2,
462
+ "name": name_3,
408
463
  "value": result.value
409
464
  }).newUrl;
410
465
  url = result.newUrl;
411
466
  }
412
467
  }
413
- catch (e_1_1) { e_1 = { error: e_1_1 }; }
468
+ catch (e_2_1) { e_2 = { error: e_2_1 }; }
414
469
  finally {
415
470
  try {
416
- if (PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1_1 && !PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1_1.done && (_a = PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1.return)) _a.call(PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1);
471
+ if (PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1_1 && !PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1_1.done && (_d = PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1.return)) _d.call(PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_1);
417
472
  }
418
- finally { if (e_1) throw e_1.error; }
473
+ finally { if (e_2) throw e_2.error; }
419
474
  }
420
- window.history.pushState(null, "", url);
421
475
  {
422
476
  result = (0, urlQueryParams_1.retrieveQueryParamFromUrl)({ "name": "error", url: url });
423
477
  if (result.wasPresent) {
@@ -427,6 +481,53 @@ function createOidc(params) {
427
481
  ].join(" "));
428
482
  }
429
483
  }
484
+ extraQueryParams_backFromAuthServer = void 0;
485
+ {
486
+ result = (0, urlQueryParams_1.retrieveQueryParamFromUrl)({
487
+ "name": EXTRA_QUERY_PARAMS_BACK_FROM_AUTH_SERVER_RESERVED_QUERY_PARAM_NAME,
488
+ url: url
489
+ });
490
+ (0, tsafe_2.assert)(result.wasPresent);
491
+ url = result.newUrl;
492
+ extraQueryParams_backFromAuthServer = JSON.parse((0, base64_1.decodeBase64)(result.value));
493
+ }
494
+ queryParamsNamesToOmit_backFromAuthServer = void 0;
495
+ {
496
+ result = (0, urlQueryParams_1.retrieveQueryParamFromUrl)({
497
+ "name": RESULT_OMIT_RESERVED_QUERY_PARAM_NAME,
498
+ url: url
499
+ });
500
+ (0, tsafe_2.assert)(result.wasPresent);
501
+ url = result.newUrl;
502
+ queryParamsNamesToOmit_backFromAuthServer = JSON.parse((0, base64_1.decodeBase64)(result.value));
503
+ }
504
+ result_backFromAuthServer = {};
505
+ {
506
+ values = (0, urlQueryParams_1.retrieveAllQueryParamFromUrl)({ url: url }).values;
507
+ try {
508
+ for (_a = __values(Object.entries(values)), _b = _a.next(); !_b.done; _b = _a.next()) {
509
+ _c = __read(_b.value, 2), name_4 = _c[0], value = _c[1];
510
+ if (queryParamsNamesToOmit_backFromAuthServer.includes(name_4)) {
511
+ continue;
512
+ }
513
+ result_backFromAuthServer[name_4] = value;
514
+ result = (0, urlQueryParams_1.retrieveQueryParamFromUrl)({
515
+ name: name_4,
516
+ url: url
517
+ });
518
+ (0, tsafe_2.assert)(result.wasPresent);
519
+ url = result.newUrl;
520
+ }
521
+ }
522
+ catch (e_3_1) { e_3 = { error: e_3_1 }; }
523
+ finally {
524
+ try {
525
+ if (_b && !_b.done && (_e = _a.return)) _e.call(_a);
526
+ }
527
+ finally { if (e_3) throw e_3.error; }
528
+ }
529
+ }
530
+ window.history.pushState(null, "", url);
430
531
  if (missingMandatoryParams.length !== 0) {
431
532
  throw new Error([
432
533
  "After the login process the following mandatory OIDC query parameters where missing:",
@@ -434,15 +535,15 @@ function createOidc(params) {
434
535
  ].join(" "));
435
536
  }
436
537
  oidcClientTsUser = undefined;
437
- _b.label = 1;
538
+ _f.label = 1;
438
539
  case 1:
439
- _b.trys.push([1, 3, , 4]);
540
+ _f.trys.push([1, 3, , 4]);
440
541
  return [4 /*yield*/, oidcClientTsUserManager.signinRedirectCallback(loginSuccessUrl)];
441
542
  case 2:
442
- oidcClientTsUser = _b.sent();
543
+ oidcClientTsUser = _f.sent();
443
544
  return [3 /*break*/, 4];
444
545
  case 3:
445
- error_1 = _b.sent();
546
+ error_1 = _f.sent();
446
547
  (0, tsafe_2.assert)(error_1 instanceof Error);
447
548
  if (error_1.message === "Failed to fetch") {
448
549
  // If it's a fetch error here we know that the web server is not down and the login was successful,
@@ -460,24 +561,28 @@ function createOidc(params) {
460
561
  //UPDATE: I don't remember how to reproduce this case and I don't know if it's still relevant.
461
562
  return [2 /*return*/, undefined];
462
563
  case 4: return [2 /*return*/, {
463
- "loginScenario": "backFromLoginPages",
464
- oidcClientTsUser: oidcClientTsUser
564
+ "authMethod": "back from auth server",
565
+ oidcClientTsUser: oidcClientTsUser,
566
+ "backFromAuthServer": {
567
+ "extraQueryParams": extraQueryParams_backFromAuthServer,
568
+ "result": result_backFromAuthServer
569
+ }
465
570
  }];
466
571
  case 5: return [4 /*yield*/, oidcClientTsUserManager.getUser()];
467
572
  case 6:
468
- oidcClientTsUser = _b.sent();
573
+ oidcClientTsUser = _f.sent();
469
574
  if (oidcClientTsUser === null) {
470
575
  return [3 /*break*/, 11];
471
576
  }
472
- _b.label = 7;
577
+ _f.label = 7;
473
578
  case 7:
474
- _b.trys.push([7, 9, , 10]);
579
+ _f.trys.push([7, 9, , 10]);
475
580
  return [4 /*yield*/, oidcClientTsUserManager.signinSilent()];
476
581
  case 8:
477
- _b.sent();
582
+ _f.sent();
478
583
  return [3 /*break*/, 10];
479
584
  case 9:
480
- error_2 = _b.sent();
585
+ error_2 = _f.sent();
481
586
  (0, tsafe_2.assert)(error_2 instanceof Error);
482
587
  if (error_2.message === "Failed to fetch") {
483
588
  // Here it could be web origins as well but it's less likely because
@@ -494,7 +599,7 @@ function createOidc(params) {
494
599
  }
495
600
  return [2 /*return*/, undefined];
496
601
  case 10: return [2 /*return*/, {
497
- "loginScenario": "sessionStorageRestoration",
602
+ "authMethod": "session storage",
498
603
  oidcClientTsUser: oidcClientTsUser
499
604
  }];
500
605
  case 11:
@@ -611,7 +716,7 @@ function createOidc(params) {
611
716
  });
612
717
  }); }, timeoutDelayMs_1);
613
718
  listener_1 = function (event) {
614
- var e_2, _a;
719
+ var e_4, _a;
615
720
  if (typeof event.data !== "string") {
616
721
  return;
617
722
  }
@@ -645,28 +750,28 @@ function createOidc(params) {
645
750
  var missingMandatoryParams = [];
646
751
  try {
647
752
  for (var PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_2 = __values(PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN), PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_2_1 = PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_2.next(); !PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_2_1.done; PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_2_1 = PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_2.next()) {
648
- var name_3 = PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_2_1.value;
649
- var result = (0, urlQueryParams_1.retrieveQueryParamFromUrl)({ name: name_3, url: url });
753
+ var name_5 = PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_2_1.value;
754
+ var result = (0, urlQueryParams_1.retrieveQueryParamFromUrl)({ name: name_5, url: url });
650
755
  if (!result.wasPresent) {
651
- if (name_3 === "iss") {
756
+ if (name_5 === "iss") {
652
757
  continue;
653
758
  }
654
- missingMandatoryParams.push(name_3);
759
+ missingMandatoryParams.push(name_5);
655
760
  continue;
656
761
  }
657
762
  loginSuccessUrl = (0, urlQueryParams_1.addQueryParamToUrl)({
658
763
  "url": loginSuccessUrl,
659
- "name": name_3,
764
+ "name": name_5,
660
765
  "value": result.value
661
766
  }).newUrl;
662
767
  }
663
768
  }
664
- catch (e_2_1) { e_2 = { error: e_2_1 }; }
769
+ catch (e_4_1) { e_4 = { error: e_4_1 }; }
665
770
  finally {
666
771
  try {
667
772
  if (PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_2_1 && !PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_2_1.done && (_a = PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_2.return)) _a.call(PARAMS_TO_RETRIEVE_FROM_SUCCESSFUL_LOGIN_2);
668
773
  }
669
- finally { if (e_2) throw e_2.error; }
774
+ finally { if (e_4) throw e_4.error; }
670
775
  }
671
776
  if (missingMandatoryParams.length !== 0) {
672
777
  dLoginSuccessUrl_1.reject(new Error([
@@ -693,20 +798,20 @@ function createOidc(params) {
693
798
  });
694
799
  return [4 /*yield*/, dLoginSuccessUrl_1.pr];
695
800
  case 12:
696
- loginSuccessUrl = _b.sent();
801
+ loginSuccessUrl = _f.sent();
697
802
  if (loginSuccessUrl === undefined) {
698
803
  return [3 /*break*/, 17];
699
804
  }
700
805
  oidcClientTsUser = undefined;
701
- _b.label = 13;
806
+ _f.label = 13;
702
807
  case 13:
703
- _b.trys.push([13, 15, , 16]);
808
+ _f.trys.push([13, 15, , 16]);
704
809
  return [4 /*yield*/, oidcClientTsUserManager.signinRedirectCallback(loginSuccessUrl)];
705
810
  case 14:
706
- oidcClientTsUser = _b.sent();
811
+ oidcClientTsUser = _f.sent();
707
812
  return [3 /*break*/, 16];
708
813
  case 15:
709
- error_3 = _b.sent();
814
+ error_3 = _f.sent();
710
815
  (0, tsafe_2.assert)(error_3 instanceof Error);
711
816
  if (error_3.message === "Failed to fetch") {
712
817
  // If we have a fetch error here. We know for sure that the server isn't down,
@@ -722,7 +827,7 @@ function createOidc(params) {
722
827
  }
723
828
  throw error_3;
724
829
  case 16: return [2 /*return*/, {
725
- "loginScenario": "silentSignin",
830
+ "authMethod": "silent signin",
726
831
  oidcClientTsUser: oidcClientTsUser
727
832
  }];
728
833
  case 17: return [2 /*return*/, undefined];
@@ -733,7 +838,7 @@ function createOidc(params) {
733
838
  if (result === undefined) {
734
839
  return undefined;
735
840
  }
736
- var oidcClientTsUser = result.oidcClientTsUser, loginScenario = result.loginScenario;
841
+ var oidcClientTsUser = result.oidcClientTsUser, authMethod = result.authMethod, backFromAuthServer = result.backFromAuthServer;
737
842
  var tokens = oidcClientTsUserToTokens({
738
843
  oidcClientTsUser: oidcClientTsUser,
739
844
  decodedIdTokenSchema: decodedIdTokenSchema
@@ -745,13 +850,13 @@ function createOidc(params) {
745
850
  "Check your oidc server configuration for ".concat(clientId, " ").concat(issuerUri)
746
851
  ].join(" "));
747
852
  }
748
- return { tokens: tokens, loginScenario: loginScenario };
853
+ return { tokens: tokens, authMethod: authMethod, backFromAuthServer: backFromAuthServer };
749
854
  }, function (error) {
750
855
  (0, tsafe_2.assert)(error instanceof Error);
751
856
  return error;
752
857
  })];
753
858
  case 5:
754
- resultOfLoginProcess = _e.sent();
859
+ resultOfLoginProcess = _d.sent();
755
860
  common = {
756
861
  "params": {
757
862
  issuerUri: issuerUri,
@@ -789,8 +894,8 @@ function createOidc(params) {
789
894
  "redirectUrl": postLoginRedirectUrl
790
895
  })];
791
896
  case 6:
792
- _e.sent();
793
- _e.label = 7;
897
+ _d.sent();
898
+ _d.label = 7;
794
899
  case 7:
795
900
  startTrackingLastPublicRoute();
796
901
  oidc_2 = (0, tsafe_1.id)(__assign(__assign({}, common), { "isUserLoggedIn": false, "login": function (params) { return loginOrGoToAuthServer(__assign({ "action": "login" }, params)); }, "initializationError": undefined }));
@@ -801,7 +906,7 @@ function createOidc(params) {
801
906
  currentTokens = resultOfLoginProcess.tokens;
802
907
  autoLogoutCountdownTickCallbacks = new Set();
803
908
  onTokenChanges = new Set();
804
- oidc = (0, tsafe_1.id)(__assign(__assign({}, common), { "isUserLoggedIn": true, "getTokens": function () { return currentTokens; }, "logout": function (params) { return __awaiter(_this, void 0, void 0, function () {
909
+ oidc = (0, tsafe_1.id)(__assign(__assign(__assign({}, common), { "isUserLoggedIn": true, "getTokens": function () { return currentTokens; }, "logout": function (params) { return __awaiter(_this, void 0, void 0, function () {
805
910
  return __generator(this, function (_a) {
806
911
  switch (_a.label) {
807
912
  case 0: return [4 /*yield*/, oidcClientTsUserManager.signoutRedirect({
@@ -867,7 +972,17 @@ function createOidc(params) {
867
972
  autoLogoutCountdownTickCallbacks.delete(tickCallback);
868
973
  };
869
974
  return { unsubscribeFromAutoLogoutCountdown: unsubscribeFromAutoLogoutCountdown };
870
- }, "loginScenario": resultOfLoginProcess.loginScenario, "goToAuthServer": function (params) { return loginOrGoToAuthServer(__assign({ "action": "go to auth server" }, params)); } }));
975
+ },
976
+ //"loginScenario": resultOfLoginProcess.loginScenario,
977
+ "goToAuthServer": function (params) { return loginOrGoToAuthServer(__assign({ "action": "go to auth server" }, params)); } }), (resultOfLoginProcess.authMethod === "back from auth server"
978
+ ? ((0, tsafe_2.assert)(resultOfLoginProcess.backFromAuthServer !== undefined),
979
+ {
980
+ "authMethod": "back from auth server",
981
+ "backFromAuthServer": resultOfLoginProcess.backFromAuthServer
982
+ })
983
+ : {
984
+ "authMethod": resultOfLoginProcess.authMethod
985
+ })));
871
986
  {
872
987
  getMsBeforeExpiration_1 = function () {
873
988
  // NOTE: In general the access token is supposed to have a shorter