oidc-spa 6.1.18 → 6.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/mock/oidc.js +9 -7
- package/mock/oidc.js.map +1 -1
- package/oidc/Oidc.d.ts +9 -0
- package/oidc/OidcInitializationError.js +4 -17
- package/oidc/OidcInitializationError.js.map +1 -1
- package/oidc/StateData.d.ts +1 -0
- package/oidc/StateData.js.map +1 -1
- package/oidc/createOidc.d.ts +7 -1
- package/oidc/createOidc.js +128 -104
- package/oidc/createOidc.js.map +1 -1
- package/oidc/handleOidcCallback.js +6 -1
- package/oidc/handleOidcCallback.js.map +1 -1
- package/oidc/oidcClientTsUserToTokens.d.ts +1 -0
- package/oidc/oidcClientTsUserToTokens.js +24 -24
- package/oidc/oidcClientTsUserToTokens.js.map +1 -1
- package/package.json +6 -6
- package/react/react.js +10 -62
- package/react/react.js.map +1 -1
- package/src/mock/oidc.ts +5 -2
- package/src/oidc/Oidc.ts +9 -0
- package/src/oidc/OidcInitializationError.ts +1 -27
- package/src/oidc/StateData.ts +1 -0
- package/src/oidc/createOidc.ts +118 -89
- package/src/oidc/handleOidcCallback.ts +7 -1
- package/src/oidc/oidcClientTsUserToTokens.ts +21 -29
- package/src/react/react.tsx +21 -105
- package/src/tools/parseKeycloakIssuerUri.ts +48 -0
- package/tools/parseKeycloakIssuerUri.d.ts +26 -0
- package/tools/parseKeycloakIssuerUri.js +56 -0
- package/tools/parseKeycloakIssuerUri.js.map +1 -0
- package/src/tools/powerhooks/useGuaranteedMemo.ts +0 -18
- package/tools/powerhooks/useGuaranteedMemo.d.ts +0 -1
- package/tools/powerhooks/useGuaranteedMemo.js +0 -42
- package/tools/powerhooks/useGuaranteedMemo.js.map +0 -1
package/mock/oidc.js
CHANGED
|
@@ -54,7 +54,7 @@ var toFullyQualifiedUrl_1 = require("../tools/toFullyQualifiedUrl");
|
|
|
54
54
|
var urlParamName = "isUserLoggedIn";
|
|
55
55
|
function createMockOidc(params) {
|
|
56
56
|
return __awaiter(this, void 0, void 0, function () {
|
|
57
|
-
var _a, isUserInitiallyLoggedIn, _b, mockedParams, _c, mockedTokens, homeUrl_params, _d, autoLogin, postLoginRedirectUrl, isUserLoggedIn, homeUrl, common, loginOrGoToAuthServer, oidc;
|
|
57
|
+
var _a, isUserInitiallyLoggedIn, _b, mockedParams, _c, mockedTokens, homeUrl_params, _d, autoLogin, postLoginRedirectUrl, isUserLoggedIn, homeUrl, common, loginOrGoToAuthServer, oidc_1, oidc;
|
|
58
58
|
var _this = this;
|
|
59
59
|
var _e, _f;
|
|
60
60
|
return __generator(this, function (_g) {
|
|
@@ -100,12 +100,12 @@ function createMockOidc(params) {
|
|
|
100
100
|
});
|
|
101
101
|
}); };
|
|
102
102
|
if (!!isUserLoggedIn) return [3 /*break*/, 3];
|
|
103
|
-
|
|
103
|
+
oidc_1 = (0, tsafe_1.id)(__assign(__assign({}, common), { isUserLoggedIn: false, login: function (_a) {
|
|
104
104
|
var redirectUrl = _a.redirectUrl;
|
|
105
105
|
return loginOrGoToAuthServer({ redirectUrl: redirectUrl });
|
|
106
106
|
}, initializationError: undefined }));
|
|
107
107
|
if (!autoLogin) return [3 /*break*/, 2];
|
|
108
|
-
return [4 /*yield*/,
|
|
108
|
+
return [4 /*yield*/, oidc_1.login({
|
|
109
109
|
redirectUrl: postLoginRedirectUrl,
|
|
110
110
|
doesCurrentHrefRequiresAuth: true
|
|
111
111
|
})];
|
|
@@ -114,8 +114,9 @@ function createMockOidc(params) {
|
|
|
114
114
|
_g.label = 2;
|
|
115
115
|
case 2:
|
|
116
116
|
// @ts-expect-error: We know what we are doing
|
|
117
|
-
return [2 /*return*/,
|
|
118
|
-
case 3:
|
|
117
|
+
return [2 /*return*/, oidc_1];
|
|
118
|
+
case 3:
|
|
119
|
+
oidc = __assign(__assign({}, common), { isUserLoggedIn: true, renewTokens: function () { return __awaiter(_this, void 0, void 0, function () { return __generator(this, function (_a) {
|
|
119
120
|
return [2 /*return*/];
|
|
120
121
|
}); }); }, getTokens: (function () {
|
|
121
122
|
var _a, _b, _c, _d, _e, _f;
|
|
@@ -133,7 +134,7 @@ function createMockOidc(params) {
|
|
|
133
134
|
})
|
|
134
135
|
};
|
|
135
136
|
return function () { return tokens; };
|
|
136
|
-
})(), subscribeToTokensChange: function () { return ({
|
|
137
|
+
})(), getTokens_next: function () { return Promise.resolve(oidc.getTokens()); }, subscribeToTokensChange: function () { return ({
|
|
137
138
|
unsubscribe: function () { }
|
|
138
139
|
}); }, logout: function (params) {
|
|
139
140
|
var newUrl = new URL((function () {
|
|
@@ -159,7 +160,8 @@ function createMockOidc(params) {
|
|
|
159
160
|
return __generator(this, function (_c) {
|
|
160
161
|
return [2 /*return*/, loginOrGoToAuthServer({ redirectUrl: redirectUrl })];
|
|
161
162
|
});
|
|
162
|
-
}); }, isNewBrowserSession: false, backFromAuthServer: undefined })
|
|
163
|
+
}); }, isNewBrowserSession: false, backFromAuthServer: undefined });
|
|
164
|
+
return [2 /*return*/, oidc];
|
|
163
165
|
}
|
|
164
166
|
});
|
|
165
167
|
});
|
package/mock/oidc.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidc.js","sourceRoot":"","sources":["../src/mock/oidc.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA4BA,
|
|
1
|
+
{"version":3,"file":"oidc.js","sourceRoot":"","sources":["../src/mock/oidc.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA4BA,wCAgJC;AA3KD,8FAA6F;AAC7F,kDAA8C;AAC9C,oEAAmE;AAuBnE,IAAM,YAAY,GAAG,gBAAgB,CAAC;AAEtC,SAAsB,cAAc,CAIhC,MAAyD;;;;;;;;oBAGrD,KAMA,MAAM,wBANwB,EAA9B,uBAAuB,mBAAG,IAAI,KAAA,EAC9B,KAKA,MAAM,aALW,EAAjB,YAAY,mBAAG,EAAE,KAAA,EACjB,KAIA,MAAM,aAJW,EAAjB,YAAY,mBAAG,EAAE,KAAA,EACR,cAAc,GAGvB,MAAM,QAHiB,EACvB,KAEA,MAAM,UAFW,EAAjB,SAAS,mBAAG,KAAK,KAAA,EACjB,oBAAoB,GACpB,MAAM,qBADc,CACb;oBAEL,cAAc,GAAG,CAAC;wBACpB,IAAM,MAAM,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;wBAE7C,IAAM,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;wBAE5D,IAAI,aAAa,KAAK,IAAI,EAAE,CAAC;4BACzB,OAAO,uBAAuB,CAAC;wBACnC,CAAC;wBAED,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;wBAEzC,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;wBAEjD,OAAO,aAAa,KAAK,MAAM,CAAC;oBACpC,CAAC,CAAC,EAAE,CAAC;oBAEC,OAAO,GAAG,IAAA,yCAAmB,EAAC;wBAChC,MAAM,EAAE,cAAc;wBACtB,qBAAqB,EAAE,IAAI;wBAC3B,yBAAyB,EAAE,IAAI;qBAClC,CAAC,CAAC;oBAEG,MAAM,GAAgB;wBACxB,MAAM,EAAE;4BACJ,QAAQ,EAAE,MAAA,YAAY,CAAC,QAAQ,mCAAI,cAAc;4BACjD,SAAS,EAAE,MAAA,YAAY,CAAC,SAAS,mCAAI,oDAAoD;yBAC5F;qBACJ,CAAC;oBAEI,qBAAqB,GAAG,UAAO,MAEpC;;;4BACW,WAAW,GAAK,MAAM,YAAX,CAAY;4BAEzB,MAAM,GAAG,IAAI,GAAG,CAClB,CAAC;gCACG,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;oCAC5B,OAAO,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;gCAChC,CAAC;gCACD,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC;oCAC9B,CAAC,CAAC,UAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,SAAG,WAAW,CAAE;oCAC3C,CAAC,CAAC,WAAW,CAAC;4BACtB,CAAC,CAAC,EAAE,CACP,CAAC;4BAEF,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;4BAE9C,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;4BAEnC,sBAAO,IAAI,OAAO,CAAQ,cAAO,CAAC,CAAC,EAAC;;yBACvC,CAAC;yBAEE,CAAC,cAAc,EAAf,wBAAe;oBACT,SAAO,IAAA,UAAE,wBACR,MAAM,KACT,cAAc,EAAE,KAAK,EACrB,KAAK,EAAE,UAAC,EAAe;gCAAb,WAAW,iBAAA;4BAAO,OAAA,qBAAqB,CAAC,EAAE,WAAW,aAAA,EAAE,CAAC;wBAAtC,CAAsC,EAClE,mBAAmB,EAAE,SAAS,IAChC,CAAC;yBACC,SAAS,EAAT,wBAAS;oBACT,qBAAM,MAAI,CAAC,KAAK,CAAC;4BACb,WAAW,EAAE,oBAAoB;4BACjC,2BAA2B,EAAE,IAAI;yBACpC,CAAC,EAAA;;oBAHF,SAGE,CAAC;;;gBAGP,8CAA8C;gBAC9C,sBAAO,MAAI,EAAC;;oBAGV,IAAI,yBACH,MAAM,KACT,cAAc,EAAE,IAAI,EACpB,WAAW,EAAE;;iCAAc,EAC3B,SAAS,EAAE,CAAC;;4BACR,IAAM,MAAM,GAAgC;gCACxC,WAAW,EAAE,MAAA,YAAY,CAAC,WAAW,mCAAI,qBAAqB;gCAC9D,yBAAyB,EAAE,MAAA,YAAY,CAAC,yBAAyB,mCAAI,QAAQ;gCAC7E,OAAO,EAAE,MAAA,YAAY,CAAC,OAAO,mCAAI,iBAAiB;gCAClD,YAAY,EAAE,MAAA,YAAY,CAAC,YAAY,mCAAI,sBAAsB;gCACjE,0BAA0B,EAAE,MAAA,YAAY,CAAC,0BAA0B,mCAAI,QAAQ;gCAC/E,cAAc,EACV,MAAA,YAAY,CAAC,cAAc,mCAC3B,IAAA,mEAAgC,EAAiB;oCAC7C,YAAY,EAAE;wCACV,8CAA8C;wCAC9C,yCAAyC;qCAC5C,CAAC,IAAI,CAAC,IAAI,CAAC;iCACf,CAAC;6BACT,CAAC;4BAEF,OAAO,cAAM,OAAA,MAAM,EAAN,CAAM,CAAC;wBACxB,CAAC,CAAC,EAAE,EACJ,cAAc,EAAE,cAAM,OAAA,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,EAAjC,CAAiC,EACvD,uBAAuB,EAAE,cAAM,OAAA,CAAC;4BAC5B,WAAW,EAAE,cAAO,CAAC;yBACxB,CAAC,EAF6B,CAE7B,EACF,MAAM,EAAE,UAAA,MAAM;4BACV,IAAM,MAAM,GAAG,IAAI,GAAG,CAClB,CAAC;gCACG,QAAQ,MAAM,CAAC,UAAU,EAAE,CAAC;oCACxB,KAAK,cAAc;wCACf,OAAO,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;oCAChC,KAAK,MAAM;wCACP,OAAO,OAAO,CAAC;oCACnB,KAAK,cAAc;wCACf,OAAO,IAAA,yCAAmB,EAAC;4CACvB,MAAM,EAAE,MAAM,CAAC,GAAG;4CAClB,qBAAqB,EAAE,KAAK;yCAC/B,CAAC,CAAC;gCACX,CAAC;4BACL,CAAC,CAAC,EAAE,CACP,CAAC;4BAEF,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;4BAE/C,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;4BAEnC,OAAO,IAAI,OAAO,CAAQ,cAAO,CAAC,CAAC,CAAC;wBACxC,CAAC,EACD,8BAA8B,EAAE,cAAM,OAAA,CAAC;4BACnC,kCAAkC,EAAE,cAAO,CAAC;yBAC/C,CAAC,EAFoC,CAEpC,EACF,cAAc,EAAE,gEAAO,EAAe;gCAAb,WAAW,iBAAA;;gCAAO,sBAAA,qBAAqB,CAAC,EAAE,WAAW,aAAA,EAAE,CAAC,EAAA;;6BAAA,EACjF,mBAAmB,EAAE,KAAK,EAC1B,kBAAkB,EAAE,SAAS,GAChC,CAAC;oBAEF,sBAAO,IAAI,EAAC;;;;CACf"}
|
package/oidc/Oidc.d.ts
CHANGED
|
@@ -35,7 +35,16 @@ export declare namespace Oidc {
|
|
|
35
35
|
renewTokens(params?: {
|
|
36
36
|
extraTokenParams?: Record<string, string>;
|
|
37
37
|
}): Promise<void>;
|
|
38
|
+
/**
|
|
39
|
+
* Prefer using getTokens_next(), in the next major getTokens() will be be async.
|
|
40
|
+
*
|
|
41
|
+
* The problem is that When the computer wakes up from sleep, the tokens might have expired so
|
|
42
|
+
* there is a window of time where the tokens are not valid.
|
|
43
|
+
*
|
|
44
|
+
* This potential issue do not affect you if you are using "oidc-spa/react" as in the documentation.
|
|
45
|
+
* */
|
|
38
46
|
getTokens: () => Tokens<DecodedIdToken>;
|
|
47
|
+
getTokens_next: () => Promise<Tokens<DecodedIdToken>>;
|
|
39
48
|
subscribeToTokensChange: (onTokenChange: () => void) => {
|
|
40
49
|
unsubscribe: () => void;
|
|
41
50
|
};
|
|
@@ -81,6 +81,7 @@ exports.createWellKnownOidcConfigurationEndpointUnreachableInitializationError =
|
|
|
81
81
|
exports.createIframeTimeoutInitializationError = createIframeTimeoutInitializationError;
|
|
82
82
|
exports.createFailedToFetchTokenEndpointInitializationError = createFailedToFetchTokenEndpointInitializationError;
|
|
83
83
|
var getIsValidRemoteJson_1 = require("../tools/getIsValidRemoteJson");
|
|
84
|
+
var parseKeycloakIssuerUri_1 = require("../tools/parseKeycloakIssuerUri");
|
|
84
85
|
var OidcInitializationError = /** @class */ (function (_super) {
|
|
85
86
|
__extends(OidcInitializationError, _super);
|
|
86
87
|
function OidcInitializationError(params) {
|
|
@@ -102,20 +103,6 @@ var OidcInitializationError = /** @class */ (function (_super) {
|
|
|
102
103
|
return OidcInitializationError;
|
|
103
104
|
}(Error));
|
|
104
105
|
exports.OidcInitializationError = OidcInitializationError;
|
|
105
|
-
function parseKeycloakIssuerUri(issuerUri) {
|
|
106
|
-
var url = new URL(issuerUri);
|
|
107
|
-
var split = url.pathname.split("/realms/");
|
|
108
|
-
if (split.length !== 2) {
|
|
109
|
-
return undefined;
|
|
110
|
-
}
|
|
111
|
-
var _a = __read(split, 2), kcHttpRelativePath = _a[0], realm = _a[1];
|
|
112
|
-
return {
|
|
113
|
-
origin: url.origin,
|
|
114
|
-
realm: realm,
|
|
115
|
-
kcHttpRelativePath: kcHttpRelativePath === "" ? undefined : kcHttpRelativePath,
|
|
116
|
-
adminConsoleUrl: "".concat(url.origin).concat(kcHttpRelativePath, "/admin/").concat(realm, "/console")
|
|
117
|
-
};
|
|
118
|
-
}
|
|
119
106
|
function createWellKnownOidcConfigurationEndpointUnreachableInitializationError(params) {
|
|
120
107
|
return __awaiter(this, void 0, void 0, function () {
|
|
121
108
|
var issuerUri, issuerUri_parsed, WELL_KNOWN_PATH, commonFallbackMessagePart, getCandidateIssuerUri, issuerUri_candidate, isValid, issuerUri_candidate, isValid;
|
|
@@ -123,7 +110,7 @@ function createWellKnownOidcConfigurationEndpointUnreachableInitializationError(
|
|
|
123
110
|
switch (_a.label) {
|
|
124
111
|
case 0:
|
|
125
112
|
issuerUri = params.issuerUri;
|
|
126
|
-
issuerUri_parsed = parseKeycloakIssuerUri(issuerUri);
|
|
113
|
+
issuerUri_parsed = (0, parseKeycloakIssuerUri_1.parseKeycloakIssuerUri)(issuerUri);
|
|
127
114
|
WELL_KNOWN_PATH = "/.well-known/openid-configuration";
|
|
128
115
|
commonFallbackMessagePart = [
|
|
129
116
|
"The OIDC server is either down or the issuerUri you provided is incorrect.",
|
|
@@ -268,7 +255,7 @@ function createIframeTimeoutInitializationError(params) {
|
|
|
268
255
|
"Client ID: \"".concat(clientId, "\"\n"),
|
|
269
256
|
"Callback URL to add to the list of Valid Redirect URIs: \"".concat(homeAndCallbackUrl, "\"\n\n")
|
|
270
257
|
], __read((function () {
|
|
271
|
-
var issuerUriParsed = parseKeycloakIssuerUri(issuerUri);
|
|
258
|
+
var issuerUriParsed = (0, parseKeycloakIssuerUri_1.parseKeycloakIssuerUri)(issuerUri);
|
|
272
259
|
if (!issuerUriParsed) {
|
|
273
260
|
return [
|
|
274
261
|
"Check the documentation of your OIDC server to learn how to configure the client properly."
|
|
@@ -301,7 +288,7 @@ function createFailedToFetchTokenEndpointInitializationError(params) {
|
|
|
301
288
|
"in the '".concat(clientId, "' client configuration of your OIDC server.\n"),
|
|
302
289
|
"\n"
|
|
303
290
|
], __read((function () {
|
|
304
|
-
var issuerUri_parsed = parseKeycloakIssuerUri(issuerUri);
|
|
291
|
+
var issuerUri_parsed = (0, parseKeycloakIssuerUri_1.parseKeycloakIssuerUri)(issuerUri);
|
|
305
292
|
if (issuerUri_parsed === undefined) {
|
|
306
293
|
return [
|
|
307
294
|
"Checkout the documentation of the OIDC server you are using to see how to configure the client properly."
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"OidcInitializationError.js","sourceRoot":"","sources":["../src/oidc/OidcInitializationError.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"OidcInitializationError.js","sourceRoot":"","sources":["../src/oidc/OidcInitializationError.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuBA,wJAmFC;AAED,wFA4GC;AAED,kHAoCC;AA9PD,sEAAqE;AACrE,0EAAyE;AAEzE;IAA6C,2CAAK;IAG9C,iCAAY,MAA2E;;QACnF,YAAA,MAAK,YACD,CAAC;YACG,IAAI,OAAO,MAAM,CAAC,cAAc,KAAK,QAAQ,EAAE,CAAC;gBAC5C,OAAO,MAAM,CAAC,cAAc,CAAC;YACjC,CAAC;iBAAM,CAAC;gBACJ,OAAO,wCAAiC,MAAM,CAAC,cAAc,CAAC,OAAO,CAAE,CAAC;YAC5E,CAAC;QACL,CAAC,CAAC,EAAE;QACJ,mBAAmB;QACnB,EAAE,KAAK,EAAE,OAAO,MAAM,CAAC,cAAc,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,cAAc,EAAE,CAC3F,SAAC;QACF,KAAI,CAAC,sBAAsB,GAAG,MAAM,CAAC,sBAAsB,CAAC;QAC5D,MAAM,CAAC,cAAc,CAAC,KAAI,EAAE,WAAW,SAAS,CAAC,CAAC;;IACtD,CAAC;IACL,8BAAC;AAAD,CAAC,AAlBD,CAA6C,KAAK,GAkBjD;AAlBY,0DAAuB;AAoBpC,SAAsB,sEAAsE,CAAC,MAE5F;;;;;;oBACW,SAAS,GAAK,MAAM,UAAX,CAAY;oBAEvB,gBAAgB,GAAG,IAAA,+CAAsB,EAAC,SAAS,CAAC,CAAC;oBAErD,eAAe,GAAG,mCAAmC,CAAC;oBAEtD,yBAAyB,GAAG;wBAC9B,4EAA4E;wBAC5E,sCAA+B,SAAS,CAAE;wBAC1C,6CAAsC,SAAS,SAAG,eAAe,CAAE;qBACtE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBAEb,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;wBACjC,sBAAO,IAAI,uBAAuB,CAAC;gCAC/B,cAAc,EAAE;oCACZ,yBAAyB;oCACzB,EAAE;oCACF,gHAAgH;oCAChH,gGAAgG;oCAChG,wGAAwG;iCAC3G,CAAC,IAAI,CAAC,IAAI,CAAC;gCACZ,sBAAsB,EAAE,IAAI;6BAC/B,CAAC,EAAC;oBACP,CAAC;oBAEK,qBAAqB,GAAG,UAAC,MAAkD;wBACrE,IAAA,kBAAkB,GAAK,MAAM,mBAAX,CAAY;wBAEtC,OAAO,UAAG,gBAAgB,CAAC,MAAM,SAC7B,kBAAkB,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,kBAAkB,qBACnD,gBAAgB,CAAC,KAAK,CAAE,CAAC;oBACxC,CAAC,CAAC;yBAEE,CAAA,gBAAgB,CAAC,kBAAkB,KAAK,SAAS,CAAA,EAAjD,wBAAiD;oBAC3C,mBAAmB,GAAG,qBAAqB,CAAC,EAAE,kBAAkB,EAAE,OAAO,EAAE,CAAC,CAAC;oBAEnE,qBAAM,IAAA,2CAAoB,EAAC,UAAG,mBAAmB,SAAG,eAAe,CAAE,CAAC,EAAA;;oBAAhF,OAAO,GAAG,SAAsE;oBAEtF,IAAI,OAAO,EAAE,CAAC;wBACV,sBAAO,IAAI,uBAAuB,CAAC;gCAC/B,cAAc,EAAE;oCACZ,qEAAqE;oCACrE,sCAA+B,SAAS,CAAE;oCAC1C,oCAA6B,mBAAmB,CAAE;oCAClD,qCAAqC;iCACxC,CAAC,IAAI,CAAC,IAAI,CAAC;gCACZ,sBAAsB,EAAE,KAAK;6BAChC,CAAC,EAAC;oBACP,CAAC;;;oBAEK,mBAAmB,GAAG,qBAAqB,CAAC,EAAE,kBAAkB,EAAE,SAAS,EAAE,CAAC,CAAC;oBAErE,qBAAM,IAAA,2CAAoB,EAAC,UAAG,mBAAmB,SAAG,eAAe,CAAE,CAAC,EAAA;;oBAAhF,OAAO,GAAG,SAAsE;oBAEtF,IAAI,OAAO,EAAE,CAAC;wBACV,sBAAO,IAAI,uBAAuB,CAAC;gCAC/B,cAAc,EAAE;oCACZ,iEAAiE;oCACjE,sCAA+B,SAAS,CAAE;oCAC1C,oCAA6B,mBAAmB,CAAE;oCAClD,iCAA0B,gBAAgB,CAAC,kBAAkB,eAAY;iCAC5E,CAAC,IAAI,CAAC,IAAI,CAAC;gCACZ,sBAAsB,EAAE,KAAK;6BAChC,CAAC,EAAC;oBACP,CAAC;;wBAGL,sBAAO,IAAI,uBAAuB,CAAC;wBAC/B,cAAc,EAAE;4BACZ,yBAAyB;4BACzB,EAAE;4BACF,sFAAsF;4BACtF,iCAA0B,gBAAgB,CAAC,KAAK,cAAW;4BAC3D,6FAA6F;4BAC7F,uFAAgF,qBAAqB,CACjG,EAAE,kBAAkB,EAAE,MAAM,EAAE,CACjC,CAAE;yBACN,CAAC,IAAI,CAAC,IAAI,CAAC;wBACZ,sBAAsB,EAAE,IAAI;qBAC/B,CAAC,EAAC;;;;CACN;AAED,SAAsB,sCAAsC,CAAC,MAI5D;;;;;;oBACW,kBAAkB,GAA0B,MAAM,mBAAhC,EAAE,SAAS,GAAe,MAAM,UAArB,EAAE,QAAQ,GAAK,MAAM,SAAX,CAAY;oBAGpC,qBAAM,KAAK,CAAC,kBAAkB,CAAC,CAAC,IAAI,CACnD,UAAA,QAAQ;4BACJ,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gCACf,OAAO,IAAI,KAAK,CACZ,UAAG,kBAAkB,+BAAqB,QAAQ,CAAC,MAAM,kBAAe,CAC3E,CAAC;4BACN,CAAC;4BAED,OAAO,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;wBAC3D,CAAC,EACD,UAAA,KAAK,IAAI,OAAA,KAAK,EAAL,CAAK,CACjB,EAAA;;oBAXK,UAAU,GAAG,SAWlB;oBAED,IAAI,UAAU,YAAY,KAAK,EAAE,CAAC;wBAC9B,sBAAO,IAAI,uBAAuB,CAAC;gCAC/B,sBAAsB,EAAE,KAAK;gCAC7B,cAAc,EAAE,IAAI,KAAK,CACrB,qFAAqF;gCACrF,mBAAmB;gCACnB,EAAE,KAAK,EAAE,UAAU,EAAE,CACxB;6BACJ,CAAC,EAAC;oBACP,CAAC;oBAEK,GAAG,GAAG,UAAU,CAAC;oBAEvB,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;wBACf,wBAA2B;oBAC/B,CAAC;oBAEK,qBAAqB,GAAG,GAAG;yBAC5B,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;yBACpB,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;yBACpB,WAAW,EAAE;yBACb,QAAQ,CAAC,sBAAsB,CAAC,CAAC;oBAEtC,IAAI,CAAC,qBAAqB,EAAE,CAAC;wBACzB,wBAA2B;oBAC/B,CAAC;oBAED,sBAAO,IAAI,uBAAuB,CAAC;4BAC/B,sBAAsB,EAAE,KAAK;4BAC7B,cAAc,EAAE;gCACZ,uCAAgC,kBAAkB,mDAAgD;gCAClG,gHAAgH;gCAChH,iEAAiE;gCACjE,+GAA+G;gCAC/G,mJAAmJ;gCACnJ,6LAA6L;gCAC7L,oEAAoE;gCACpE,eAAe;gCACf,OAAO;gCACP,oDAAoD;gCACpD,8CAA8C;gCAC9C,gDAAgD;gCAChD,KAAK;gCACL,oEAAoE;gCACpE,OAAO;gCACP,+HAA+H;gCAC/H,kCAA2B,kBAAkB,CAAE;6BAClD,CAAC,IAAI,CAAC,GAAG,CAAC;yBACd,CAAC,EAAC;;gBAGP,8EAA8E;gBAC9E,gFAAgF;gBAChF,sEAAsE;gBACtE,4FAA4F;gBAC5F,qDAAqD;gBACrD,sBAAO,IAAI,uBAAuB,CAAC;wBAC/B,sBAAsB,EAAE,KAAK;wBAC7B,cAAc,EAAE;4BACZ,yCAAyC;4BACzC,6EAA6E;4BAC7E,mCAA2B,QAAQ,4BAAwB;4BAC3D,iFAAiF;4BACjF,uBAAe,QAAQ,SAAK;4BAC5B,oEAA4D,kBAAkB,WAAO;kCAClF,CAAC;4BACA,IAAM,eAAe,GAAG,IAAA,+CAAsB,EAAC,SAAS,CAAC,CAAC;4BAE1D,IAAI,CAAC,eAAe,EAAE,CAAC;gCACnB,OAAO;oCACH,4FAA4F;iCAC/F,CAAC;4BACN,CAAC;4BAED,OAAO;gCACH,+EAA+E;gCAC/E,+CAAwC,eAAe,CAAC,eAAe,eAAY;gCACnF,+BAA+B;gCAC/B,8CAA4C;gCAC5C,iCAAyB,QAAQ,sCAAkC;gCACnE,oDAA0C,kBAAkB,sBAAkB;gCAC9E,0BAA0B;gCAC1B,mHAAmH;6BACtH,CAAC;wBACN,CAAC,CAAC,EAAE,UACN,IAAI,CAAC,GAAG,CAAC;qBACd,CAAC,EAAC;;;;CACN;AAED,SAAgB,mDAAmD,CAAC,MAGnE;IACW,IAAA,SAAS,GAAe,MAAM,UAArB,EAAE,QAAQ,GAAK,MAAM,SAAX,CAAY;IAEvC,OAAO,IAAI,uBAAuB,CAAC;QAC/B,sBAAsB,EAAE,KAAK;QAC7B,cAAc,EAAE;YACZ,uCAAuC;YACvC,wCAAwC;YACxC,oCAA6B,MAAM,CAAC,QAAQ,CAAC,MAAM,iCAA8B;YACjF,kBAAW,QAAQ,kDAA+C;YAClE,IAAI;kBACD,CAAC;YACA,IAAM,gBAAgB,GAAG,IAAA,+CAAsB,EAAC,SAAS,CAAC,CAAC;YAE3D,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;gBACjC,OAAO;oBACH,0GAA0G;iBAC7G,CAAC;YACN,CAAC;YAED,OAAO;gBACH,6EAA6E;gBAC7E,8CAAuC,gBAAgB,CAAC,eAAe,OAAI;gBAC3E,8BAA8B;gBAC9B,6CAA2C;gBAC3C,kBAAW,QAAQ,gDAA6C;gBAChE,wCAAiC,MAAM,CAAC,QAAQ,CAAC,MAAM,qBAAkB;gBACzE,yBAAyB;gBACzB,4EAA4E;aAC/E,CAAC;QACN,CAAC,CAAC,EAAE,UACN,IAAI,CAAC,GAAG,CAAC;KACd,CAAC,CAAC;AACP,CAAC"}
|
package/oidc/StateData.d.ts
CHANGED
package/oidc/StateData.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"StateData.js","sourceRoot":"","sources":["../src/oidc/StateData.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"StateData.js","sourceRoot":"","sources":["../src/oidc/StateData.ts"],"names":[],"mappings":";;;AAsCA,oEAIC;AAED,4DAQC;AAID,wBAIC;AA6BD,0CAGC;AAED,oCAUC;AAED,gFAWC;AArHD,kDAA6D;AAC7D,wEAAuE;AAkCvE,IAAM,yCAAyC,GAAG,cAAc,CAAC;AACjE,IAAM,oBAAoB,GAAG,EAAE,GAAG,yCAAyC,CAAC,MAAM,CAAC;AAEnF,SAAgB,4BAA4B;IACxC,OAAO,UAAG,yCAAyC,SAAG,IAAA,6CAAqB,EAAC;QACxE,MAAM,EAAE,oBAAoB;KAC/B,CAAC,CAAE,CAAC;AACT,CAAC;AAED,SAAgB,wBAAwB,CAAC,MAA6C;IAC1E,IAAA,yBAAyB,GAAK,MAAM,0BAAX,CAAY;IAE7C,OAAO,CACH,yBAAyB,CAAC,UAAU,CAAC,yCAAyC,CAAC;QAC/E,yBAAyB,CAAC,MAAM;YAC5B,yCAAyC,CAAC,MAAM,GAAG,oBAAoB,CAC9E,CAAC;AACN,CAAC;AAEY,QAAA,sBAAsB,GAAG,OAAO,CAAC;AAE9C,SAAgB,MAAM,CAAC,MAAwC;IACnD,IAAA,oBAAoB,GAAK,MAAM,qBAAX,CAAY;IAExC,OAAO,UAAG,8BAAsB,SAAG,oBAAoB,CAAE,CAAC;AAC9D,CAAC;AAED,SAAS,aAAa,CAAC,MAAwC;IACnD,IAAA,oBAAoB,GAAK,MAAM,qBAAX,CAAY;IAExC,IAAM,IAAI,GAAG,YAAY,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,oBAAoB,sBAAA,EAAE,CAAC,CAAC,CAAC;IAEpE,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;QAChB,OAAO,SAAS,CAAC;IACrB,CAAC;IAED,IAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAE7B,IAAA,cAAM,EACF,IAAA,iBAAS,EACL,GAAG,EACH,GAAG,YAAY,MAAM,IAAI,GAAG,CAAC,IAAI,YAAY,MAAM,IAAI,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,KAAK,QAAQ,CAC9F,CACJ,CAAC;IAEF,OAAO,GAAG,CAAC;AACf,CAAC;AAED,SAAS,aAAa,CAAC,MAAkE;IAC7E,IAAA,oBAAoB,GAAU,MAAM,qBAAhB,EAAE,GAAG,GAAK,MAAM,IAAX,CAAY;IAE7C,YAAY,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,oBAAoB,sBAAA,EAAE,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;AAChF,CAAC;AAED,SAAgB,eAAe,CAAC,MAAwC;IAC5D,IAAA,oBAAoB,GAAK,MAAM,qBAAX,CAAY;IACxC,YAAY,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,oBAAoB,sBAAA,EAAE,CAAC,CAAC,CAAC;AAC9D,CAAC;AAED,SAAgB,YAAY,CAAC,MAAwC;IACzD,IAAA,oBAAoB,GAAK,MAAM,qBAAX,CAAY;IAExC,IAAM,UAAU,GAAG,aAAa,CAAC,EAAE,oBAAoB,sBAAA,EAAE,CAAC,CAAC;IAE3D,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;QAC3B,OAAO,SAAS,CAAC;IACrB,CAAC;IAED,OAAO,UAAU,CAAC,IAAI,CAAC;AAC3B,CAAC;AAED,SAAgB,kCAAkC,CAAC,MAAwC;IAC/E,IAAA,oBAAoB,GAAK,MAAM,qBAAX,CAAY;IAExC,IAAM,GAAG,GAAG,aAAa,CAAC,EAAE,oBAAoB,sBAAA,EAAE,CAAC,CAAC;IAEpD,IAAA,cAAM,EAAC,GAAG,KAAK,SAAS,CAAC,CAAC;IAC1B,IAAA,cAAM,EAAC,GAAG,CAAC,IAAI,CAAC,OAAO,KAAK,UAAU,CAAC,CAAC;IAExC,GAAG,CAAC,IAAI,CAAC,0BAA0B,GAAG,IAAI,CAAC;IAE3C,aAAa,CAAC,EAAE,oBAAoB,sBAAA,EAAE,GAAG,KAAA,EAAE,CAAC,CAAC;AACjD,CAAC"}
|
package/oidc/createOidc.d.ts
CHANGED
|
@@ -66,7 +66,13 @@ export type ParamsOfCreateOidc<DecodedIdToken extends Record<string, unknown> =
|
|
|
66
66
|
autoLogoutParams?: Parameters<Oidc.LoggedIn<any>["logout"]>[0];
|
|
67
67
|
autoLogin?: AutoLogin;
|
|
68
68
|
debugLogs?: boolean;
|
|
69
|
-
|
|
69
|
+
__unsafe_clientSecret?: string;
|
|
70
|
+
/**
|
|
71
|
+
* WARNING: Setting this to true is a workaround for provider
|
|
72
|
+
* like Google OAuth that don't support JWT access token.
|
|
73
|
+
* Use at your own risk, this is a hack.
|
|
74
|
+
*/
|
|
75
|
+
__unsafe_useIdTokenAsAccessToken?: boolean;
|
|
70
76
|
};
|
|
71
77
|
declare const GLOBAL_CONTEXT_KEY = "__oidc-spa.createOidc.globalContext";
|
|
72
78
|
declare global {
|
package/oidc/createOidc.js
CHANGED
|
@@ -116,7 +116,7 @@ var handleOidcCallback_1 = require("./handleOidcCallback");
|
|
|
116
116
|
var persistedLogoutState_1 = require("./persistedLogoutState");
|
|
117
117
|
var AwaitableEventEmitter_1 = require("../tools/AwaitableEventEmitter");
|
|
118
118
|
// NOTE: Replaced at build time
|
|
119
|
-
var VERSION = "6.
|
|
119
|
+
var VERSION = "6.2.0";
|
|
120
120
|
(0, handleOidcCallback_1.handleOidcCallback)();
|
|
121
121
|
var GLOBAL_CONTEXT_KEY = "__oidc-spa.createOidc.globalContext";
|
|
122
122
|
(_a = window[GLOBAL_CONTEXT_KEY]) !== null && _a !== void 0 ? _a : (window[GLOBAL_CONTEXT_KEY] = {
|
|
@@ -213,14 +213,30 @@ function createOidc(params) {
|
|
|
213
213
|
}
|
|
214
214
|
function createOidc_nonMemoized(params, preProcessedParams) {
|
|
215
215
|
return __awaiter(this, void 0, void 0, function () {
|
|
216
|
-
|
|
216
|
+
function getMsBeforeExpiration() {
|
|
217
|
+
// NOTE: In general the access token is supposed to have a shorter
|
|
218
|
+
// lifespan than the refresh token but we don't want to make any
|
|
219
|
+
// assumption here.
|
|
220
|
+
var tokenExpirationTime = Math.min(currentTokens.accessTokenExpirationTime, currentTokens.refreshTokenExpirationTime);
|
|
221
|
+
var msBeforeExpiration = Math.min(tokenExpirationTime - Date.now(),
|
|
222
|
+
// NOTE: We want to make sure we do not overflow the setTimeout
|
|
223
|
+
// that must be a 32 bit unsigned integer.
|
|
224
|
+
// This can happen if the tokenExpirationTime is more than 24.8 days in the future.
|
|
225
|
+
Math.pow(2, 31) - 1);
|
|
226
|
+
if (msBeforeExpiration < 0) {
|
|
227
|
+
log === null || log === void 0 ? void 0 : log("Token has already expired");
|
|
228
|
+
return 0;
|
|
229
|
+
}
|
|
230
|
+
return msBeforeExpiration;
|
|
231
|
+
}
|
|
232
|
+
var transformUrlBeforeRedirect, extraQueryParamsOrGetter, extraTokenParamsOrGetter, homeUrl_params, decodedIdTokenSchema, __unsafe_ssoSessionIdleSeconds, _a, autoLogoutParams, _b, autoLogin, postLoginRedirectUrl, __unsafe_clientSecret, _c, __unsafe_useIdTokenAsAccessToken, issuerUri, clientId, scopes, configId, log, _d, getExtraQueryParams, getExtraTokenParams, homeAndCallbackUrl, isHandled, USER_LOGGED_IN_KEY, stateQueryParamValue_instance, oidcClientTsUserManager, lastPublicUrl, startTrackingLastPublicUrl, loginOrGoToAuthServer, BROWSER_SESSION_NOT_FIRST_INIT_KEY, resultOfLoginProcess, common, error, initializationError, oidc_1, oidc_2, currentTokens, autoLogoutCountdownTickCallbacks, onTokenChanges, oidc, sessionId, prOtherTabLogout, startCountdown_2, stopCountdown_1;
|
|
217
233
|
var _this = this;
|
|
218
|
-
return __generator(this, function (
|
|
219
|
-
switch (
|
|
234
|
+
return __generator(this, function (_e) {
|
|
235
|
+
switch (_e.label) {
|
|
220
236
|
case 0:
|
|
221
|
-
transformUrlBeforeRedirect = params.transformUrlBeforeRedirect, extraQueryParamsOrGetter = params.extraQueryParams, extraTokenParamsOrGetter = params.extraTokenParams, homeUrl_params = params.homeUrl, decodedIdTokenSchema = params.decodedIdTokenSchema, __unsafe_ssoSessionIdleSeconds = params.__unsafe_ssoSessionIdleSeconds, _a = params.autoLogoutParams, autoLogoutParams = _a === void 0 ? { redirectTo: "current page" } : _a, _b = params.autoLogin, autoLogin = _b === void 0 ? false : _b, postLoginRedirectUrl = params.postLoginRedirectUrl,
|
|
237
|
+
transformUrlBeforeRedirect = params.transformUrlBeforeRedirect, extraQueryParamsOrGetter = params.extraQueryParams, extraTokenParamsOrGetter = params.extraTokenParams, homeUrl_params = params.homeUrl, decodedIdTokenSchema = params.decodedIdTokenSchema, __unsafe_ssoSessionIdleSeconds = params.__unsafe_ssoSessionIdleSeconds, _a = params.autoLogoutParams, autoLogoutParams = _a === void 0 ? { redirectTo: "current page" } : _a, _b = params.autoLogin, autoLogin = _b === void 0 ? false : _b, postLoginRedirectUrl = params.postLoginRedirectUrl, __unsafe_clientSecret = params.__unsafe_clientSecret, _c = params.__unsafe_useIdTokenAsAccessToken, __unsafe_useIdTokenAsAccessToken = _c === void 0 ? false : _c;
|
|
222
238
|
issuerUri = preProcessedParams.issuerUri, clientId = preProcessedParams.clientId, scopes = preProcessedParams.scopes, configId = preProcessedParams.configId, log = preProcessedParams.log;
|
|
223
|
-
|
|
239
|
+
_d = __read([extraQueryParamsOrGetter, extraTokenParamsOrGetter].map(function (valueOrGetter) {
|
|
224
240
|
if (typeof valueOrGetter === "function") {
|
|
225
241
|
return valueOrGetter;
|
|
226
242
|
}
|
|
@@ -228,7 +244,7 @@ function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
228
244
|
return function () { return valueOrGetter; };
|
|
229
245
|
}
|
|
230
246
|
return undefined;
|
|
231
|
-
}), 2), getExtraQueryParams =
|
|
247
|
+
}), 2), getExtraQueryParams = _d[0], getExtraTokenParams = _d[1];
|
|
232
248
|
homeAndCallbackUrl = (0, toFullyQualifiedUrl_1.toFullyQualifiedUrl)({
|
|
233
249
|
urlish: homeUrl_params,
|
|
234
250
|
doAssertNoQueryParams: true,
|
|
@@ -245,8 +261,8 @@ function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
245
261
|
if (!isHandled) return [3 /*break*/, 2];
|
|
246
262
|
return [4 /*yield*/, new Promise(function () { })];
|
|
247
263
|
case 1:
|
|
248
|
-
|
|
249
|
-
|
|
264
|
+
_e.sent();
|
|
265
|
+
_e.label = 2;
|
|
250
266
|
case 2:
|
|
251
267
|
USER_LOGGED_IN_KEY = "oidc-spa.user-logged-in:".concat(configId);
|
|
252
268
|
localStorage.removeItem(USER_LOGGED_IN_KEY);
|
|
@@ -263,17 +279,17 @@ function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
263
279
|
automaticSilentRenew: false,
|
|
264
280
|
userStore: new oidc_client_ts_and_jwt_decode_1.WebStorageStateStore({ store: new oidc_client_ts_and_jwt_decode_1.InMemoryWebStorage() }),
|
|
265
281
|
stateStore: new oidc_client_ts_and_jwt_decode_1.WebStorageStateStore({ store: localStorage, prefix: StateData_1.STATE_STORE_KEY_PREFIX }),
|
|
266
|
-
client_secret:
|
|
282
|
+
client_secret: __unsafe_clientSecret
|
|
267
283
|
});
|
|
268
|
-
|
|
269
|
-
|
|
284
|
+
lastPublicUrl = undefined;
|
|
285
|
+
startTrackingLastPublicUrl = function () {
|
|
270
286
|
var realPushState = history.pushState.bind(history);
|
|
271
287
|
history.pushState = function pushState() {
|
|
272
288
|
var args = [];
|
|
273
289
|
for (var _i = 0; _i < arguments.length; _i++) {
|
|
274
290
|
args[_i] = arguments[_i];
|
|
275
291
|
}
|
|
276
|
-
|
|
292
|
+
lastPublicUrl = window.location.href;
|
|
277
293
|
return realPushState.apply(void 0, __spreadArray([], __read(args), false));
|
|
278
294
|
};
|
|
279
295
|
};
|
|
@@ -298,9 +314,9 @@ function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
298
314
|
document.removeEventListener("visibilitychange", callback_1);
|
|
299
315
|
log === null || log === void 0 ? void 0 : log("We came back from the login pages and the state of the app has been restored");
|
|
300
316
|
if (rest.doesCurrentHrefRequiresAuth) {
|
|
301
|
-
if (
|
|
302
|
-
log === null || log === void 0 ? void 0 : log("Loading last public route: ".concat(
|
|
303
|
-
window.location.href =
|
|
317
|
+
if (lastPublicUrl !== undefined) {
|
|
318
|
+
log === null || log === void 0 ? void 0 : log("Loading last public route: ".concat(lastPublicUrl));
|
|
319
|
+
window.location.href = lastPublicUrl;
|
|
304
320
|
}
|
|
305
321
|
else {
|
|
306
322
|
log === null || log === void 0 ? void 0 : log("We don't know the last public route, navigating back in history");
|
|
@@ -438,7 +454,15 @@ function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
438
454
|
extraQueryParams: extraQueryParams,
|
|
439
455
|
hasBeenProcessedByCallback: false,
|
|
440
456
|
configId: configId,
|
|
441
|
-
action: "login"
|
|
457
|
+
action: "login",
|
|
458
|
+
redirectUrl_consentRequiredCase: (function () {
|
|
459
|
+
switch (rest.action) {
|
|
460
|
+
case "login":
|
|
461
|
+
return lastPublicUrl !== null && lastPublicUrl !== void 0 ? lastPublicUrl : homeAndCallbackUrl;
|
|
462
|
+
case "go to auth server":
|
|
463
|
+
return redirectUrl;
|
|
464
|
+
}
|
|
465
|
+
})()
|
|
442
466
|
}),
|
|
443
467
|
redirectMethod: redirectMethod,
|
|
444
468
|
prompt: (0, persistedLogoutState_1.getIsPersistedLogoutState)({ configId: configId }) ? "consent" : undefined
|
|
@@ -676,6 +700,7 @@ function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
676
700
|
var tokens = (0, oidcClientTsUserToTokens_1.oidcClientTsUserToTokens)({
|
|
677
701
|
oidcClientTsUser: oidcClientTsUser,
|
|
678
702
|
decodedIdTokenSchema: decodedIdTokenSchema,
|
|
703
|
+
__unsafe_useIdTokenAsAccessToken: __unsafe_useIdTokenAsAccessToken,
|
|
679
704
|
log: log
|
|
680
705
|
});
|
|
681
706
|
if (tokens.refreshTokenExpirationTime < tokens.accessTokenExpirationTime) {
|
|
@@ -688,7 +713,7 @@ function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
688
713
|
return { tokens: tokens, backFromAuthServer: backFromAuthServer };
|
|
689
714
|
})];
|
|
690
715
|
case 3:
|
|
691
|
-
resultOfLoginProcess =
|
|
716
|
+
resultOfLoginProcess = _e.sent();
|
|
692
717
|
common = {
|
|
693
718
|
params: {
|
|
694
719
|
issuerUri: issuerUri,
|
|
@@ -713,7 +738,7 @@ function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
713
738
|
"",
|
|
714
739
|
initializationError.message
|
|
715
740
|
].join("\n"));
|
|
716
|
-
|
|
741
|
+
startTrackingLastPublicUrl();
|
|
717
742
|
oidc_1 = (0, tsafe_1.id)(__assign(__assign({}, common), { isUserLoggedIn: false, login: function () { return __awaiter(_this, void 0, void 0, function () {
|
|
718
743
|
return __generator(this, function (_a) {
|
|
719
744
|
alert("Authentication is currently unavailable. Please try again later.");
|
|
@@ -733,10 +758,10 @@ function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
733
758
|
redirectUrl: postLoginRedirectUrl
|
|
734
759
|
})];
|
|
735
760
|
case 4:
|
|
736
|
-
|
|
737
|
-
|
|
761
|
+
_e.sent();
|
|
762
|
+
_e.label = 5;
|
|
738
763
|
case 5:
|
|
739
|
-
|
|
764
|
+
startTrackingLastPublicUrl();
|
|
740
765
|
oidc_2 = (0, tsafe_1.id)(__assign(__assign({}, common), { isUserLoggedIn: false, login: function (params) { return loginOrGoToAuthServer(__assign({ action: "login" }, params)); }, initializationError: undefined }));
|
|
741
766
|
// @ts-expect-error: We know what we are doing.
|
|
742
767
|
return [2 /*return*/, oidc_2];
|
|
@@ -746,8 +771,20 @@ function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
746
771
|
currentTokens = resultOfLoginProcess.tokens;
|
|
747
772
|
autoLogoutCountdownTickCallbacks = new Set();
|
|
748
773
|
onTokenChanges = new Set();
|
|
749
|
-
oidc = (0, tsafe_1.id)(__assign(__assign({}, common), { isUserLoggedIn: true, getTokens: function () { return currentTokens; },
|
|
750
|
-
|
|
774
|
+
oidc = (0, tsafe_1.id)(__assign(__assign({}, common), { isUserLoggedIn: true, getTokens: function () { return currentTokens; }, getTokens_next: function () { return __awaiter(_this, void 0, void 0, function () {
|
|
775
|
+
return __generator(this, function (_a) {
|
|
776
|
+
switch (_a.label) {
|
|
777
|
+
case 0:
|
|
778
|
+
if (!(getMsBeforeExpiration() <= 5000)) return [3 /*break*/, 2];
|
|
779
|
+
return [4 /*yield*/, oidc.renewTokens()];
|
|
780
|
+
case 1:
|
|
781
|
+
_a.sent();
|
|
782
|
+
_a.label = 2;
|
|
783
|
+
case 2: return [2 /*return*/, currentTokens];
|
|
784
|
+
}
|
|
785
|
+
});
|
|
786
|
+
}); }, logout: function (params) { return __awaiter(_this, void 0, void 0, function () {
|
|
787
|
+
var postLogoutRedirectUrl, error_5;
|
|
751
788
|
return __generator(this, function (_a) {
|
|
752
789
|
switch (_a.label) {
|
|
753
790
|
case 0:
|
|
@@ -774,7 +811,6 @@ function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
774
811
|
});
|
|
775
812
|
}
|
|
776
813
|
})();
|
|
777
|
-
sessionId = (0, decodeJwt_1.decodeJwt)(oidc.getTokens().idToken).sid;
|
|
778
814
|
_a.label = 1;
|
|
779
815
|
case 1:
|
|
780
816
|
_a.trys.push([1, 3, , 4]);
|
|
@@ -808,7 +844,7 @@ function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
808
844
|
}); }, renewTokens: (function () {
|
|
809
845
|
function renewTokens_nonMutexed(params) {
|
|
810
846
|
return __awaiter(this, void 0, void 0, function () {
|
|
811
|
-
var extraTokenParams, result_loginSilent, oidcClientTsUser, _a, authResponse,
|
|
847
|
+
var extraTokenParams, result_loginSilent, oidcClientTsUser, _a, authResponse, decodedIdToken_before;
|
|
812
848
|
return __generator(this, function (_b) {
|
|
813
849
|
switch (_b.label) {
|
|
814
850
|
case 0:
|
|
@@ -848,15 +884,18 @@ function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
848
884
|
(0, tsafe_1.assert)(false);
|
|
849
885
|
return [3 /*break*/, 6];
|
|
850
886
|
case 6:
|
|
851
|
-
|
|
852
|
-
(0, tsafe_1.assert)(decodedIdTokenPropertyDescriptor !== undefined);
|
|
887
|
+
decodedIdToken_before = currentTokens.decodedIdToken;
|
|
853
888
|
currentTokens = (0, oidcClientTsUserToTokens_1.oidcClientTsUserToTokens)({
|
|
854
889
|
oidcClientTsUser: oidcClientTsUser,
|
|
855
890
|
decodedIdTokenSchema: decodedIdTokenSchema,
|
|
891
|
+
__unsafe_useIdTokenAsAccessToken: __unsafe_useIdTokenAsAccessToken,
|
|
856
892
|
log: log
|
|
857
893
|
});
|
|
858
|
-
|
|
859
|
-
|
|
894
|
+
if (JSON.stringify(currentTokens.decodedIdToken) ===
|
|
895
|
+
JSON.stringify(decodedIdToken_before)) {
|
|
896
|
+
(0, tsafe_1.id)(currentTokens).decodedIdToken =
|
|
897
|
+
decodedIdToken_before;
|
|
898
|
+
}
|
|
860
899
|
Array.from(onTokenChanges).forEach(function (onTokenChange) { return onTokenChange(); });
|
|
861
900
|
return [2 /*return*/];
|
|
862
901
|
}
|
|
@@ -938,7 +977,7 @@ function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
938
977
|
log === null || log === void 0 ? void 0 : log("This is not a new browser session");
|
|
939
978
|
return false;
|
|
940
979
|
})() }));
|
|
941
|
-
sessionId = (0, decodeJwt_1.decodeJwt)(
|
|
980
|
+
sessionId = (0, decodeJwt_1.decodeJwt)(currentTokens.idToken).sid;
|
|
942
981
|
{
|
|
943
982
|
prOtherTabLogout = (0, logoutPropagationToOtherTabs_1.getPrOtherTabLogout)({
|
|
944
983
|
configId: configId,
|
|
@@ -951,80 +990,65 @@ function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
951
990
|
window.location.href = redirectUrl;
|
|
952
991
|
});
|
|
953
992
|
}
|
|
954
|
-
{
|
|
955
|
-
|
|
956
|
-
|
|
957
|
-
|
|
958
|
-
|
|
959
|
-
|
|
960
|
-
|
|
961
|
-
|
|
962
|
-
|
|
963
|
-
|
|
964
|
-
|
|
965
|
-
|
|
966
|
-
|
|
967
|
-
|
|
968
|
-
}
|
|
969
|
-
return msBeforeExpiration;
|
|
993
|
+
(function scheduleRenew() {
|
|
994
|
+
var _this = this;
|
|
995
|
+
var msBeforeExpiration = getMsBeforeExpiration();
|
|
996
|
+
// NOTE: Here semantically `"doesCurrentHrefRequiresAuth": false` is wrong.
|
|
997
|
+
// The user may very well be on a page that require auth.
|
|
998
|
+
// However there's no way to enforce the browser to redirect back to
|
|
999
|
+
// the last public route if the user press back on the login page.
|
|
1000
|
+
// This is due to the fact that pushing to history only works if it's
|
|
1001
|
+
// triggered by a user interaction.
|
|
1002
|
+
var login_dueToExpiration = function () {
|
|
1003
|
+
return loginOrGoToAuthServer({
|
|
1004
|
+
action: "login",
|
|
1005
|
+
doesCurrentHrefRequiresAuth: false
|
|
1006
|
+
});
|
|
970
1007
|
};
|
|
971
|
-
(
|
|
972
|
-
|
|
973
|
-
|
|
974
|
-
|
|
975
|
-
|
|
976
|
-
|
|
977
|
-
|
|
978
|
-
|
|
979
|
-
|
|
980
|
-
|
|
981
|
-
|
|
982
|
-
|
|
983
|
-
|
|
984
|
-
|
|
985
|
-
|
|
986
|
-
|
|
987
|
-
|
|
988
|
-
|
|
989
|
-
|
|
990
|
-
|
|
991
|
-
|
|
992
|
-
|
|
993
|
-
|
|
994
|
-
|
|
995
|
-
|
|
996
|
-
|
|
997
|
-
|
|
998
|
-
|
|
999
|
-
|
|
1000
|
-
|
|
1001
|
-
|
|
1002
|
-
|
|
1003
|
-
|
|
1004
|
-
|
|
1005
|
-
|
|
1006
|
-
|
|
1007
|
-
|
|
1008
|
-
|
|
1009
|
-
|
|
1010
|
-
|
|
1011
|
-
|
|
1012
|
-
|
|
1013
|
-
|
|
1014
|
-
|
|
1015
|
-
_b.sent();
|
|
1016
|
-
return [3 /*break*/, 5];
|
|
1017
|
-
case 5: return [2 /*return*/];
|
|
1018
|
-
}
|
|
1019
|
-
});
|
|
1020
|
-
}); }, msBeforeExpiration - renewMsBeforeExpires);
|
|
1021
|
-
var tokenChangeUnsubscribe = oidc.subscribeToTokensChange(function () {
|
|
1022
|
-
(0, workerTimers_1.clearTimeout)(timer);
|
|
1023
|
-
tokenChangeUnsubscribe();
|
|
1024
|
-
scheduleRenew();
|
|
1025
|
-
}).unsubscribe;
|
|
1026
|
-
})();
|
|
1027
|
-
}
|
|
1008
|
+
if (msBeforeExpiration <= 2000) {
|
|
1009
|
+
// NOTE: We just got a new token that is about to expire. This means that
|
|
1010
|
+
// the refresh token has reached it's max SSO time.
|
|
1011
|
+
login_dueToExpiration();
|
|
1012
|
+
return;
|
|
1013
|
+
}
|
|
1014
|
+
// NOTE: We refresh the token 25 seconds before it expires.
|
|
1015
|
+
// If the token expiration time is less than 25 seconds we refresh the token when
|
|
1016
|
+
// only 1/10 of the token time is left.
|
|
1017
|
+
var renewMsBeforeExpires = Math.min(25000, msBeforeExpiration * 0.1);
|
|
1018
|
+
log === null || log === void 0 ? void 0 : log([
|
|
1019
|
+
(0, toHumanReadableDuration_1.toHumanReadableDuration)(msBeforeExpiration),
|
|
1020
|
+
"before expiration of the access token.",
|
|
1021
|
+
"Scheduling renewal ".concat((0, toHumanReadableDuration_1.toHumanReadableDuration)(renewMsBeforeExpires), " before expiration")
|
|
1022
|
+
].join(" "));
|
|
1023
|
+
var timer = (0, workerTimers_1.setTimeout)(function () { return __awaiter(_this, void 0, void 0, function () {
|
|
1024
|
+
var _a;
|
|
1025
|
+
return __generator(this, function (_b) {
|
|
1026
|
+
switch (_b.label) {
|
|
1027
|
+
case 0:
|
|
1028
|
+
log === null || log === void 0 ? void 0 : log("Renewing the access token now as it will expires in ".concat((0, toHumanReadableDuration_1.toHumanReadableDuration)(renewMsBeforeExpires)));
|
|
1029
|
+
_b.label = 1;
|
|
1030
|
+
case 1:
|
|
1031
|
+
_b.trys.push([1, 3, , 5]);
|
|
1032
|
+
return [4 /*yield*/, oidc.renewTokens()];
|
|
1033
|
+
case 2:
|
|
1034
|
+
_b.sent();
|
|
1035
|
+
return [3 /*break*/, 5];
|
|
1036
|
+
case 3:
|
|
1037
|
+
_a = _b.sent();
|
|
1038
|
+
return [4 /*yield*/, login_dueToExpiration()];
|
|
1039
|
+
case 4:
|
|
1040
|
+
_b.sent();
|
|
1041
|
+
return [3 /*break*/, 5];
|
|
1042
|
+
case 5: return [2 /*return*/];
|
|
1043
|
+
}
|
|
1044
|
+
});
|
|
1045
|
+
}); }, msBeforeExpiration - renewMsBeforeExpires);
|
|
1046
|
+
var tokenChangeUnsubscribe = oidc.subscribeToTokensChange(function () {
|
|
1047
|
+
(0, workerTimers_1.clearTimeout)(timer);
|
|
1048
|
+
tokenChangeUnsubscribe();
|
|
1049
|
+
scheduleRenew();
|
|
1050
|
+
}).unsubscribe;
|
|
1051
|
+
})();
|
|
1028
1052
|
auto_logout: {
|
|
1029
1053
|
if (currentTokens.refreshToken === "" && __unsafe_ssoSessionIdleSeconds === undefined) {
|
|
1030
1054
|
log === null || log === void 0 ? void 0 : log("No refresh token, and ____unsafe_ssoSessionIdleSeconds was not set, auto logout non applicable");
|