npm - oidc-spa - Versions diffs - 7.2.0-rc.1 → 7.2.0-rc.2 - Mend

oidc-spa 7.2.0-rc.1 → 7.2.0-rc.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (282) hide show

package/backend.js.map +1 -1
package/core/AuthResponse.js.map +1 -1
package/core/Oidc.js.map +1 -1
package/core/OidcInitializationError.d.ts +0 -13
package/core/OidcInitializationError.js +0 -243
package/core/OidcInitializationError.js.map +1 -1
package/core/OidcMetadata.js.map +1 -1
package/core/StateData.js.map +1 -1
package/core/configId.js.map +1 -1
package/core/createOidc.js +38 -5
package/core/createOidc.js.map +1 -1
package/core/diagnostic.d.ts +14 -0
package/core/diagnostic.js +214 -0
package/core/diagnostic.js.map +1 -0
package/core/evtIsUserActive.js.map +1 -1
package/core/handleOidcCallback.js.map +1 -1
package/core/iframeMessageProtection.js.map +1 -1
package/core/index.js.map +1 -1
package/core/initialLocationHref.js.map +1 -1
package/core/isNewBrowserSession.js.map +1 -1
package/core/loginOrGoToAuthServer.js.map +1 -1
package/core/loginPropagationToOtherTabs.js.map +1 -1
package/core/loginSilent.js.map +1 -1
package/core/logoutPropagationToOtherTabs.js.map +1 -1
package/core/oidcClientTsUserToTokens.js.map +1 -1
package/core/ongoingLoginOrRefreshProcesses.js.map +1 -1
package/core/persistedAuthState.js.map +1 -1
package/entrypoint.js.map +1 -1
package/esm/core/AuthResponse.d.ts +5 -0
package/{src/core/AuthResponse.ts → esm/core/AuthResponse.js} +2 -10
package/esm/core/AuthResponse.js.map +1 -0
package/esm/core/Oidc.d.ts +126 -0
package/esm/core/Oidc.js +2 -0
package/esm/core/Oidc.js.map +1 -0
package/esm/core/OidcInitializationError.d.ts +7 -0
package/esm/core/OidcInitializationError.js +17 -0
package/esm/core/OidcInitializationError.js.map +1 -0
package/{src/core/OidcMetadata.ts → esm/core/OidcMetadata.d.ts} +0 -5
package/esm/core/OidcMetadata.js +3 -0
package/esm/core/OidcMetadata.js.map +1 -0
package/esm/core/StateData.d.ts +42 -0
package/esm/core/StateData.js +55 -0
package/esm/core/StateData.js.map +1 -0
package/esm/core/configId.d.ts +4 -0
package/esm/core/configId.js +4 -0
package/esm/core/configId.js.map +1 -0
package/esm/core/createOidc.d.ts +132 -0
package/{src/core/createOidc.ts → esm/core/createOidc.js} +269 -806
package/esm/core/createOidc.js.map +1 -0
package/esm/core/diagnostic.d.ts +14 -0
package/{src/core/OidcInitializationError.ts → esm/core/diagnostic.js} +32 -109
package/esm/core/diagnostic.js.map +1 -0
package/esm/core/evtIsUserActive.d.ts +5 -0
package/{src/core/evtIsUserActive.ts → esm/core/evtIsUserActive.js} +14 -46
package/esm/core/evtIsUserActive.js.map +1 -0
package/esm/core/handleOidcCallback.d.ts +13 -0
package/{src/core/handleOidcCallback.ts → esm/core/handleOidcCallback.js} +25 -121
package/esm/core/handleOidcCallback.js.map +1 -0
package/esm/core/iframeMessageProtection.d.ts +20 -0
package/{src/core/iframeMessageProtection.ts → esm/core/iframeMessageProtection.js} +10 -45
package/esm/core/iframeMessageProtection.js.map +1 -0
package/esm/core/index.js +4 -0
package/esm/core/index.js.map +1 -0
package/esm/core/initialLocationHref.d.ts +1 -0
package/{src/core/initialLocationHref.ts → esm/core/initialLocationHref.js} +1 -1
package/esm/core/initialLocationHref.js.map +1 -0
package/esm/core/isNewBrowserSession.d.ts +9 -0
package/{src/core/isNewBrowserSession.ts → esm/core/isNewBrowserSession.js} +3 -15
package/esm/core/isNewBrowserSession.js.map +1 -0
package/esm/core/loginOrGoToAuthServer.d.ts +40 -0
package/{src/core/loginOrGoToAuthServer.ts → esm/core/loginOrGoToAuthServer.js} +60 -168
package/esm/core/loginOrGoToAuthServer.js.map +1 -0
package/esm/core/loginPropagationToOtherTabs.d.ts +8 -0
package/{src/core/loginPropagationToOtherTabs.ts → esm/core/loginPropagationToOtherTabs.js} +7 -25
package/esm/core/loginPropagationToOtherTabs.js.map +1 -0
package/esm/core/loginSilent.d.ts +28 -0
package/esm/core/loginSilent.js +125 -0
package/esm/core/loginSilent.js.map +1 -0
package/esm/core/logoutPropagationToOtherTabs.d.ts +10 -0
package/{src/core/logoutPropagationToOtherTabs.ts → esm/core/logoutPropagationToOtherTabs.js} +8 -28
package/esm/core/logoutPropagationToOtherTabs.js.map +1 -0
package/esm/core/oidcClientTsUserToTokens.d.ts +11 -0
package/esm/core/oidcClientTsUserToTokens.js +155 -0
package/esm/core/oidcClientTsUserToTokens.js.map +1 -0
package/esm/core/ongoingLoginOrRefreshProcesses.d.ts +6 -0
package/{src/core/ongoingLoginOrRefreshProcesses.ts → esm/core/ongoingLoginOrRefreshProcesses.js} +6 -24
package/esm/core/ongoingLoginOrRefreshProcesses.js.map +1 -0
package/esm/core/persistedAuthState.d.ts +28 -0
package/esm/core/persistedAuthState.js +64 -0
package/esm/core/persistedAuthState.js.map +1 -0
package/esm/entrypoint.d.ts +7 -0
package/{src/entrypoint.ts → esm/entrypoint.js} +3 -26
package/esm/entrypoint.js.map +1 -0
package/esm/index.js +2 -0
package/esm/index.js.map +1 -0
package/esm/keycloak/index.d.ts +3 -0
package/esm/keycloak/index.js +3 -0
package/esm/keycloak/index.js.map +1 -0
package/esm/keycloak/isKeycloak.d.ts +3 -0
package/{src/keycloak/isKeycloak.ts → esm/keycloak/isKeycloak.js} +2 -8
package/esm/keycloak/isKeycloak.js.map +1 -0
package/esm/keycloak/keycloak-js/Keycloak.d.ts +284 -0
package/{src/keycloak/keycloak-js/Keycloak.ts → esm/keycloak/keycloak-js/Keycloak.js} +116 -439
package/esm/keycloak/keycloak-js/Keycloak.js.map +1 -0
package/esm/keycloak/keycloak-js/index.js +2 -0
package/esm/keycloak/keycloak-js/index.js.map +1 -0
package/{src/keycloak/keycloak-js/types.ts → esm/keycloak/keycloak-js/types.d.ts} +3 -84
package/esm/keycloak/keycloak-js/types.js +2 -0
package/esm/keycloak/keycloak-js/types.js.map +1 -0
package/esm/keycloak/keycloakIssuerUriParsed.d.ts +9 -0
package/{src/keycloak/keycloakIssuerUriParsed.ts → esm/keycloak/keycloakIssuerUriParsed.js} +2 -15
package/esm/keycloak/keycloakIssuerUriParsed.js.map +1 -0
package/esm/keycloak/keycloakUtils.d.ts +37 -0
package/esm/keycloak/keycloakUtils.js +44 -0
package/esm/keycloak/keycloakUtils.js.map +1 -0
package/esm/keycloak-js.js +2 -0
package/esm/keycloak-js.js.map +1 -0
package/esm/mock/index.js +2 -0
package/esm/mock/index.js.map +1 -0
package/esm/mock/oidc.d.ts +19 -0
package/{src/mock/oidc.ts → esm/mock/oidc.js} +28 -88
package/esm/mock/oidc.js.map +1 -0
package/esm/mock/react.d.ts +58 -0
package/esm/mock/react.js +7 -0
package/esm/mock/react.js.map +1 -0
package/esm/react/index.js +2 -0
package/esm/react/index.js.map +1 -0
package/esm/react/react.d.ts +102 -0
package/esm/react/react.js +221 -0
package/esm/react/react.js.map +1 -0
package/esm/tools/Deferred.d.ts +14 -0
package/esm/tools/Deferred.js +23 -0
package/esm/tools/Deferred.js.map +1 -0
package/esm/tools/EphemeralSessionStorage.d.ts +12 -0
package/{src/tools/EphemeralSessionStorage.ts → esm/tools/EphemeralSessionStorage.js} +30 -112
package/esm/tools/EphemeralSessionStorage.js.map +1 -0
package/esm/tools/Evt.d.ts +11 -0
package/{src/tools/Evt.ts → esm/tools/Evt.js} +7 -25
package/esm/tools/Evt.js.map +1 -0
package/esm/tools/StatefulEvt.d.ts +12 -0
package/esm/tools/StatefulEvt.js +21 -0
package/esm/tools/StatefulEvt.js.map +1 -0
package/esm/tools/ValueOrAsyncGetter.js +2 -0
package/esm/tools/ValueOrAsyncGetter.js.map +1 -0
package/esm/tools/asymmetricEncryption.d.ts +18 -0
package/esm/tools/asymmetricEncryption.js +85 -0
package/esm/tools/asymmetricEncryption.js.map +1 -0
package/esm/tools/base64.d.ts +2 -0
package/{src/tools/base64.ts → esm/tools/base64.js} +3 -3
package/esm/tools/base64.js.map +1 -0
package/esm/tools/createObjectThatThrowsIfAccessed.d.ts +8 -0
package/{src/tools/createObjectThatThrowsIfAccessed.ts → esm/tools/createObjectThatThrowsIfAccessed.js} +7 -18
package/esm/tools/createObjectThatThrowsIfAccessed.js.map +1 -0
package/esm/tools/decodeJwt.d.ts +25 -0
package/esm/tools/decodeJwt.js +60 -0
package/esm/tools/decodeJwt.js.map +1 -0
package/esm/tools/generateUrlSafeRandom.d.ts +3 -0
package/{src/tools/generateUrlSafeRandom.ts → esm/tools/generateUrlSafeRandom.js} +5 -8
package/esm/tools/generateUrlSafeRandom.js.map +1 -0
package/esm/tools/getDownlinkAndRtt.d.ts +4 -0
package/{src/tools/getDownlinkAndRtt.ts → esm/tools/getDownlinkAndRtt.js} +6 -10
package/esm/tools/getDownlinkAndRtt.js.map +1 -0
package/esm/tools/getIsOnline.d.ts +7 -0
package/{src/tools/getIsOnline.ts → esm/tools/getIsOnline.js} +3 -9
package/esm/tools/getIsOnline.js.map +1 -0
package/esm/tools/getIsValidRemoteJson.d.ts +1 -0
package/esm/tools/getIsValidRemoteJson.js +15 -0
package/esm/tools/getIsValidRemoteJson.js.map +1 -0
package/esm/tools/getPrUserInteraction.d.ts +4 -0
package/{src/tools/getPrUserInteraction.ts → esm/tools/getPrUserInteraction.js} +2 -6
package/esm/tools/getPrUserInteraction.js.map +1 -0
package/esm/tools/getUserEnvironmentInfo.d.ts +1 -0
package/esm/tools/getUserEnvironmentInfo.js +50 -0
package/esm/tools/getUserEnvironmentInfo.js.map +1 -0
package/esm/tools/haveSharedParentDomain.d.ts +4 -0
package/{src/tools/haveSharedParentDomain.ts → esm/tools/haveSharedParentDomain.js} +3 -5
package/esm/tools/haveSharedParentDomain.js.map +1 -0
package/esm/tools/isDev.d.ts +1 -0
package/{src/tools/isDev.ts → esm/tools/isDev.js} +5 -12
package/esm/tools/isDev.js.map +1 -0
package/esm/tools/parseKeycloakIssuerUri.d.ts +30 -0
package/{src/tools/parseKeycloakIssuerUri.ts → esm/tools/parseKeycloakIssuerUri.js} +2 -18
package/esm/tools/parseKeycloakIssuerUri.js.map +1 -0
package/esm/tools/readExpirationTimeInJwt.d.ts +1 -0
package/{src/tools/readExpirationTimeInJwt.ts → esm/tools/readExpirationTimeInJwt.js} +6 -7
package/esm/tools/readExpirationTimeInJwt.js.map +1 -0
package/esm/tools/startCountdown.d.ts +11 -0
package/{src/tools/startCountdown.ts → esm/tools/startCountdown.js} +6 -17
package/esm/tools/startCountdown.js.map +1 -0
package/esm/tools/subscribeToUserInteraction.d.ts +6 -0
package/{src/tools/subscribeToUserInteraction.ts → esm/tools/subscribeToUserInteraction.js} +4 -13
package/esm/tools/subscribeToUserInteraction.js.map +1 -0
package/esm/tools/toFullyQualifiedUrl.d.ts +10 -0
package/{src/tools/toFullyQualifiedUrl.ts → esm/tools/toFullyQualifiedUrl.js} +7 -25
package/esm/tools/toFullyQualifiedUrl.js.map +1 -0
package/esm/tools/toHumanReadableDuration.d.ts +1 -0
package/{src/tools/toHumanReadableDuration.ts → esm/tools/toHumanReadableDuration.js} +8 -5
package/esm/tools/toHumanReadableDuration.js.map +1 -0
package/esm/tools/urlSearchParams.d.ts +19 -0
package/{src/tools/urlSearchParams.ts → esm/tools/urlSearchParams.js} +24 -70
package/esm/tools/urlSearchParams.js.map +1 -0
package/esm/tools/workerTimers.d.ts +5 -0
package/{src/tools/workerTimers.ts → esm/tools/workerTimers.js} +7 -27
package/esm/tools/workerTimers.js.map +1 -0
package/esm/vendor/frontend/oidc-client-ts.js +3636 -0
package/esm/vendor/frontend/tsafe.js +1 -0
package/esm/vendor/frontend/worker-timers.js +1 -0
package/index.js.map +1 -1
package/keycloak/index.js.map +1 -1
package/keycloak/isKeycloak.js.map +1 -1
package/keycloak/keycloak-js/Keycloak.js.map +1 -1
package/keycloak/keycloak-js/index.js.map +1 -1
package/keycloak/keycloak-js/types.js.map +1 -1
package/keycloak/keycloakIssuerUriParsed.js.map +1 -1
package/keycloak/keycloakUtils.js.map +1 -1
package/keycloak-js.js.map +1 -1
package/mock/index.js.map +1 -1
package/mock/oidc.js.map +1 -1
package/mock/react.js.map +1 -1
package/package.json +74 -328
package/react/index.js.map +1 -1
package/react/react.js.map +1 -1
package/tools/Deferred.js.map +1 -1
package/tools/EphemeralSessionStorage.js.map +1 -1
package/tools/Evt.js.map +1 -1
package/tools/StatefulEvt.js.map +1 -1
package/tools/ValueOrAsyncGetter.js.map +1 -1
package/tools/asymmetricEncryption.js.map +1 -1
package/tools/base64.js.map +1 -1
package/tools/createObjectThatThrowsIfAccessed.js.map +1 -1
package/tools/decodeJwt.js.map +1 -1
package/tools/generateUrlSafeRandom.js.map +1 -1
package/tools/getDownlinkAndRtt.js.map +1 -1
package/tools/getIsOnline.js.map +1 -1
package/tools/getIsValidRemoteJson.js.map +1 -1
package/tools/getPrUserInteraction.js.map +1 -1
package/tools/getUserEnvironmentInfo.js.map +1 -1
package/tools/haveSharedParentDomain.js.map +1 -1
package/tools/isDev.js.map +1 -1
package/tools/parseKeycloakIssuerUri.js.map +1 -1
package/tools/readExpirationTimeInJwt.js.map +1 -1
package/tools/startCountdown.js.map +1 -1
package/tools/subscribeToUserInteraction.js.map +1 -1
package/tools/toFullyQualifiedUrl.js.map +1 -1
package/tools/toHumanReadableDuration.js.map +1 -1
package/tools/urlSearchParams.js.map +1 -1
package/tools/workerTimers.js.map +1 -1
package/LICENSE +0 -21
package/README.md +0 -185
package/src/backend.ts +0 -391
package/src/core/Oidc.ts +0 -140
package/src/core/StateData.ts +0 -118
package/src/core/configId.ts +0 -3
package/src/core/loginSilent.ts +0 -209
package/src/core/oidcClientTsUserToTokens.ts +0 -229
package/src/core/persistedAuthState.ts +0 -122
package/src/keycloak/index.ts +0 -8
package/src/keycloak/keycloakUtils.ts +0 -90
package/src/mock/react.tsx +0 -11
package/src/react/react.tsx +0 -476
package/src/tools/Deferred.ts +0 -39
package/src/tools/StatefulEvt.ts +0 -38
package/src/tools/asymmetricEncryption.ts +0 -184
package/src/tools/decodeJwt.ts +0 -95
package/src/tools/getIsValidRemoteJson.ts +0 -18
package/src/tools/getUserEnvironmentInfo.ts +0 -42
package/src/vendor/backend/evt.ts +0 -2
package/src/vendor/backend/jsonwebtoken.ts +0 -1
package/src/vendor/backend/node-fetch.ts +0 -2
package/src/vendor/backend/node-jose.ts +0 -1
package/src/vendor/backend/tsafe.ts +0 -5
package/src/vendor/backend/zod.ts +0 -1
/package/{src/core/index.ts → esm/core/index.d.ts} +0 -0
/package/{src/index.ts → esm/index.d.ts} +0 -0
/package/{src/keycloak/keycloak-js/index.ts → esm/keycloak/keycloak-js/index.d.ts} +0 -0
/package/{src/keycloak-js.ts → esm/keycloak-js.d.ts} +0 -0
/package/{src/mock/index.ts → esm/mock/index.d.ts} +0 -0
/package/{src/react/index.ts → esm/react/index.d.ts} +0 -0
/package/{src/tools/ValueOrAsyncGetter.ts → esm/tools/ValueOrAsyncGetter.d.ts} +0 -0
/package/{src/vendor/frontend/oidc-client-ts.ts → esm/vendor/frontend/oidc-client-ts.d.ts} +0 -0
/package/{src/vendor/frontend/tsafe.ts → esm/vendor/frontend/tsafe.d.ts} +0 -0
/package/{src/vendor/frontend/worker-timers.ts → esm/vendor/frontend/worker-timers.d.ts} +0 -0

package/src/core/loginSilent.ts DELETED Viewed

@@ -1,209 +0,0 @@
-import type {
-    UserManager as OidcClientTsUserManager,
-    User as OidcClientTsUser
-} from "../vendor/frontend/oidc-client-ts";
-import { Deferred } from "../tools/Deferred";
-import { id, assert, noUndefined } from "../vendor/frontend/tsafe";
-import { getStateData, clearStateStore, type StateData } from "./StateData";
-import { getDownlinkAndRtt } from "../tools/getDownlinkAndRtt";
-import { getIsDev } from "../tools/isDev";
-import { type AuthResponse } from "./AuthResponse";
-import { addOrUpdateSearchParam } from "../tools/urlSearchParams";
-import { initIframeMessageProtection } from "./iframeMessageProtection";
-type ResultOfLoginSilent =
-    | {
-          outcome: "got auth response from iframe";
-          authResponse: AuthResponse;
-      }
-    | {
-          outcome: "failure";
-          cause: "timeout" | "can't reach well-known oidc endpoint";
-      }
-    | {
-          outcome: "token refreshed using refresh token";
-          oidcClientTsUser: OidcClientTsUser;
-      };
-export async function loginSilent(params: {
-    oidcClientTsUserManager: OidcClientTsUserManager;
-    stateUrlParamValue_instance: string;
-    configId: string;
-    transformUrlBeforeRedirect:
-        | ((params: { authorizationUrl: string; isSilent: true }) => string)
-        | undefined;
-    getExtraQueryParams:
-        | ((params: { isSilent: true; url: string }) => Record<string, string | undefined>)
-        | undefined;
-    getExtraTokenParams: (() => Record<string, string | undefined>) | undefined;
-    autoLogin: boolean;
-}): Promise<ResultOfLoginSilent> {
-    const {
-        oidcClientTsUserManager,
-        stateUrlParamValue_instance,
-        configId,
-        transformUrlBeforeRedirect,
-        getExtraQueryParams,
-        getExtraTokenParams,
-        autoLogin
-    } = params;
-    const dResult = new Deferred<ResultOfLoginSilent>();
-    const timeoutDelayMs: number = (() => {
-        if (autoLogin) {
-            return 25_000;
-        }
-        const downlinkAndRtt = getDownlinkAndRtt();
-        const isDev = getIsDev();
-        // Base delay is the minimum delay we should wait in any case
-        const BASE_DELAY_MS = isDev ? 9_000 : 7_000;
-        if (downlinkAndRtt === undefined) {
-            return BASE_DELAY_MS;
-        }
-        const { downlink, rtt } = downlinkAndRtt;
-        // Calculate dynamic delay based on RTT and downlink
-        // Add 1 to downlink to avoid division by zero
-        const dynamicDelay = rtt * 2.5 + BASE_DELAY_MS / (downlink + 1);
-        return Math.max(BASE_DELAY_MS, dynamicDelay);
-    })();
-    const { decodeEncryptedAuth, getIsEncryptedAuthResponse, clearSessionStoragePublicKey } =
-        await initIframeMessageProtection({
-            stateUrlParamValue: stateUrlParamValue_instance
-        });
-    const timer = setTimeout(async () => {
-        dResult.resolve({
-            outcome: "failure",
-            cause: "timeout"
-        });
-    }, timeoutDelayMs);
-    const listener = async (event: MessageEvent) => {
-        if (event.origin !== window.location.origin) {
-            return;
-        }
-        if (
-            !getIsEncryptedAuthResponse({
-                message: event.data
-            })
-        ) {
-            return;
-        }
-        const { authResponse } = await decodeEncryptedAuth({ encryptedAuthResponse: event.data });
-        const stateData = getStateData({ stateUrlParamValue: authResponse.state });
-        assert(stateData !== undefined, "765645");
-        assert(stateData.context === "iframe", "250711");
-        if (stateData.configId !== configId) {
-            return;
-        }
-        clearTimeout(timer);
-        window.removeEventListener("message", listener);
-        dResult.resolve({
-            outcome: "got auth response from iframe",
-            authResponse
-        });
-    };
-    window.addEventListener("message", listener, false);
-    const transformUrl_oidcClientTs = (url: string) => {
-        add_extra_query_params: {
-            if (getExtraQueryParams === undefined) {
-                break add_extra_query_params;
-            }
-            const extraQueryParams = getExtraQueryParams({ isSilent: true, url });
-            for (const [name, value] of Object.entries(extraQueryParams)) {
-                if (value === undefined) {
-                    continue;
-                }
-                url = addOrUpdateSearchParam({ url, name, value, encodeMethod: "www-form" });
-            }
-        }
-        apply_transform_url: {
-            if (transformUrlBeforeRedirect === undefined) {
-                break apply_transform_url;
-            }
-            url = transformUrlBeforeRedirect({ authorizationUrl: url, isSilent: true });
-        }
-        return url;
-    };
-    oidcClientTsUserManager
-        .signinSilent({
-            state: id<StateData.IFrame>({
-                context: "iframe",
-                configId
-            }),
-            silentRequestTimeoutInSeconds: timeoutDelayMs / 1000,
-            extraTokenParams:
-                getExtraTokenParams === undefined ? undefined : noUndefined(getExtraTokenParams()),
-            transformUrl: transformUrl_oidcClientTs
-        })
-        .then(
-            oidcClientTsUser => {
-                assert(oidcClientTsUser !== null, "oidcClientTsUser is not supposed to be null here");
-                clearTimeout(timer);
-                window.removeEventListener("message", listener);
-                dResult.resolve({
-                    outcome: "token refreshed using refresh token",
-                    oidcClientTsUser
-                });
-            },
-            (error: Error) => {
-                if (error.message === "Failed to fetch") {
-                    // NOTE: If we got an error here it means that the fetch to the
-                    // well-known oidc endpoint failed.
-                    // This usually means that the server is down or that the issuerUri
-                    // is not pointing to a valid oidc server.
-                    // It could be a CORS error on the well-known endpoint but it's unlikely.
-                    clearTimeout(timer);
-                    dResult.resolve({
-                        outcome: "failure",
-                        cause: "can't reach well-known oidc endpoint"
-                    });
-                    return;
-                }
-                // NOTE: Here, except error on our understanding there can't be any other
-                // error than timeout so we fail silently and let the timeout expire.
-            }
-        );
-    dResult.pr.then(result => {
-        clearSessionStoragePublicKey();
-        if (result.outcome === "failure") {
-            clearStateStore({ stateUrlParamValue: stateUrlParamValue_instance });
-        }
-    });
-    return dResult.pr;
-}

package/src/core/oidcClientTsUserToTokens.ts DELETED Viewed

@@ -1,229 +0,0 @@
-import type { User as OidcClientTsUser } from "../vendor/frontend/oidc-client-ts";
-import { assert, id } from "../vendor/frontend/tsafe";
-import { readExpirationTimeInJwt } from "../tools/readExpirationTimeInJwt";
-import { decodeJwt } from "../tools/decodeJwt";
-import type { Oidc } from "./Oidc";
-export function oidcClientTsUserToTokens<DecodedIdToken extends Record<string, unknown>>(params: {
-    oidcClientTsUser: OidcClientTsUser;
-    decodedIdTokenSchema?: {
-        parse: (decodedIdToken_original: Oidc.Tokens.DecodedIdToken_base) => DecodedIdToken;
-    };
-    __unsafe_useIdTokenAsAccessToken: boolean;
-    decodedIdToken_previous: DecodedIdToken | undefined;
-    log: typeof console.log | undefined;
-}): Oidc.Tokens<DecodedIdToken> {
-    const {
-        oidcClientTsUser,
-        decodedIdTokenSchema,
-        __unsafe_useIdTokenAsAccessToken,
-        decodedIdToken_previous,
-        log
-    } = params;
-    const isFirstInit = decodedIdToken_previous === undefined;
-    const accessToken = oidcClientTsUser.access_token;
-    const refreshToken = oidcClientTsUser.refresh_token;
-    const idToken = oidcClientTsUser.id_token;
-    assert(idToken !== undefined, "No id token provided by the oidc server");
-    const decodedIdToken_original = decodeJwt<Oidc.Tokens.DecodedIdToken_base>(idToken);
-    if (isFirstInit) {
-        log?.(
-            [
-                `Decoded ID token`,
-                decodedIdTokenSchema === undefined ? "" : " before `decodedIdTokenSchema.parse()`\n",
-                JSON.stringify(decodedIdToken_original, null, 2)
-            ].join("")
-        );
-    }
-    const decodedIdToken = (() => {
-        let decodedIdToken: DecodedIdToken;
-        if (decodedIdTokenSchema !== undefined) {
-            decodedIdToken = decodedIdTokenSchema.parse(decodedIdToken_original);
-            if (isFirstInit) {
-                log?.(
-                    [
-                        "Decoded ID token after `decodedIdTokenSchema.parse()`\n",
-                        JSON.stringify(decodedIdToken, null, 2)
-                    ].join("")
-                );
-            }
-        } else {
-            // @ts-expect-error
-            decodedIdToken = decodedIdToken_original;
-        }
-        if (
-            decodedIdToken_previous !== undefined &&
-            JSON.stringify(decodedIdToken) === JSON.stringify(decodedIdToken_previous)
-        ) {
-            // NOTE: For stable ref, prevent re-render for component that would memoize
-            return decodedIdToken_previous;
-        }
-        return decodedIdToken;
-    })();
-    const issuedAtTime = (() => {
-        // NOTE: The id_token is always a JWT as per the protocol.
-        // We don't use Date.now() due to network latency.
-        const id_token_iat = (() => {
-            let iat: number | undefined;
-            try {
-                const iat_claimValue = decodedIdToken_original.iat;
-                assert(iat_claimValue === undefined || typeof iat_claimValue === "number");
-                iat = iat_claimValue;
-            } catch {
-                iat = undefined;
-            }
-            if (iat === undefined) {
-                return undefined;
-            }
-            return iat;
-        })();
-        if (id_token_iat === undefined) {
-            return Date.now();
-        }
-        return id_token_iat * 1000;
-    })();
-    const tokens_common: Oidc.Tokens.Common<DecodedIdToken> = {
-        ...(__unsafe_useIdTokenAsAccessToken
-            ? {
-                  accessToken: idToken,
-                  accessTokenExpirationTime: (() => {
-                      const expirationTime = readExpirationTimeInJwt(idToken);
-                      assert(
-                          expirationTime !== undefined,
-                          "Failed to get id token expiration time while trying to substitute the access token by the id token"
-                      );
-                      return expirationTime;
-                  })()
-              }
-            : {
-                  accessToken,
-                  accessTokenExpirationTime: (() => {
-                      read_from_jwt: {
-                          const expirationTime = readExpirationTimeInJwt(accessToken);
-                          if (expirationTime === undefined) {
-                              break read_from_jwt;
-                          }
-                          return expirationTime;
-                      }
-                      read_from_token_response_expires_at: {
-                          const { expires_at } = oidcClientTsUser.__oidc_spa_tokenResponse;
-                          if (expires_at === undefined) {
-                              break read_from_token_response_expires_at;
-                          }
-                          assert(typeof expires_at === "number", "2033392");
-                          return expires_at * 1000;
-                      }
-                      read_from_token_response_expires_in: {
-                          const { expires_in } = oidcClientTsUser.__oidc_spa_tokenResponse;
-                          if (expires_in === undefined) {
-                              break read_from_token_response_expires_in;
-                          }
-                          assert(typeof expires_in === "number", "203333425");
-                          return issuedAtTime + expires_in * 1_000;
-                      }
-                      assert(false, "Failed to get access token expiration time");
-                  })()
-              }),
-        idToken,
-        decodedIdToken,
-        decodedIdToken_original,
-        issuedAtTime
-    };
-    const tokens: Oidc.Tokens<DecodedIdToken> =
-        refreshToken === undefined
-            ? id<Oidc.Tokens.WithoutRefreshToken<DecodedIdToken>>({
-                  ...tokens_common,
-                  hasRefreshToken: false
-              })
-            : id<Oidc.Tokens.WithRefreshToken<DecodedIdToken>>({
-                  ...tokens_common,
-                  hasRefreshToken: true,
-                  refreshToken,
-                  refreshTokenExpirationTime: (() => {
-                      read_from_token_response_expires_at: {
-                          const { refresh_expires_at } = oidcClientTsUser.__oidc_spa_tokenResponse;
-                          if (refresh_expires_at === undefined) {
-                              break read_from_token_response_expires_at;
-                          }
-                          assert(typeof refresh_expires_at === "number", "2033392");
-                          return refresh_expires_at * 1000;
-                      }
-                      read_from_token_response_expires_in: {
-                          const { refresh_expires_in } = oidcClientTsUser.__oidc_spa_tokenResponse;
-                          if (refresh_expires_in === undefined) {
-                              break read_from_token_response_expires_in;
-                          }
-                          assert(typeof refresh_expires_in === "number", "2033425330");
-                          return issuedAtTime + refresh_expires_in * 1000;
-                      }
-                      read_from_jwt: {
-                          const expirationTime = readExpirationTimeInJwt(refreshToken);
-                          if (expirationTime === undefined) {
-                              break read_from_jwt;
-                          }
-                          return expirationTime;
-                      }
-                      return undefined;
-                  })()
-              });
-    if (
-        isFirstInit &&
-        tokens.hasRefreshToken &&
-        tokens.refreshTokenExpirationTime !== undefined &&
-        tokens.refreshTokenExpirationTime < tokens.accessTokenExpirationTime
-    ) {
-        console.warn(
-            [
-                "The OIDC refresh token expirationTime is shorter than the one of the access token.",
-                "This is very unusual and probably a misconfiguration."
-            ].join(" ")
-        );
-    }
-    return tokens;
-}

package/src/core/persistedAuthState.ts DELETED Viewed

@@ -1,122 +0,0 @@
-import { typeGuard, id } from "../vendor/frontend/tsafe";
-function getKey(params: { configId: string }) {
-    const { configId } = params;
-    return `oidc-spa:auth-state:${configId}`;
-}
-type PersistedAuthState = PersistedAuthState.LoggedIn | PersistedAuthState.ExplicitlyLoggedOut;
-namespace PersistedAuthState {
-    type Common = {
-        __brand: "PersistedAuthState-v1";
-    };
-    export type LoggedIn = Common & {
-        stateDescription: "logged in";
-        untilTime: number | undefined;
-    };
-    export type ExplicitlyLoggedOut = Common & {
-        stateDescription: "explicitly logged out";
-    };
-}
-export function persistAuthState(params: {
-    configId: string;
-    state:
-        | {
-              stateDescription: "logged in";
-              idleSessionLifetimeInSeconds: number | undefined;
-              refreshTokenExpirationTime: number | undefined;
-          }
-        | {
-              stateDescription: "explicitly logged out";
-          }
-        | undefined;
-}) {
-    const { configId, state } = params;
-    const key = getKey({ configId });
-    if (state === undefined) {
-        localStorage.removeItem(key);
-        return;
-    }
-    localStorage.setItem(
-        key,
-        JSON.stringify(
-            id<PersistedAuthState>(
-                (() => {
-                    switch (state.stateDescription) {
-                        case "logged in":
-                            return id<PersistedAuthState.LoggedIn>({
-                                __brand: "PersistedAuthState-v1",
-                                stateDescription: "logged in",
-                                untilTime: (() => {
-                                    const { idleSessionLifetimeInSeconds, refreshTokenExpirationTime } =
-                                        state;
-                                    if (idleSessionLifetimeInSeconds !== undefined) {
-                                        return Date.now() + idleSessionLifetimeInSeconds * 1000;
-                                    }
-                                    return refreshTokenExpirationTime;
-                                })()
-                            });
-                        case "explicitly logged out":
-                            return id<PersistedAuthState.ExplicitlyLoggedOut>({
-                                __brand: "PersistedAuthState-v1",
-                                stateDescription: "explicitly logged out"
-                            });
-                    }
-                })()
-            )
-        )
-    );
-}
-export function getPersistedAuthState(params: {
-    configId: string;
-}): PersistedAuthState["stateDescription"] | undefined {
-    const { configId } = params;
-    const key = getKey({ configId });
-    const value = localStorage.getItem(key);
-    if (value === null) {
-        return undefined;
-    }
-    let state: unknown;
-    try {
-        state = JSON.parse(value);
-    } catch {
-        localStorage.removeItem(key);
-        return undefined;
-    }
-    if (
-        !typeGuard<PersistedAuthState>(
-            state,
-            state instanceof Object &&
-                "__brand" in state &&
-                state.__brand === id<PersistedAuthState["__brand"]>("PersistedAuthState-v1")
-        )
-    ) {
-        localStorage.removeItem(key);
-        return undefined;
-    }
-    if (state.stateDescription === "logged in") {
-        if (state.untilTime !== undefined && state.untilTime <= Date.now()) {
-            localStorage.removeItem(key);
-            return undefined;
-        }
-    }
-    return state.stateDescription;
-}

package/src/keycloak/index.ts DELETED Viewed

@@ -1,8 +0,0 @@
-export { isKeycloak } from "./isKeycloak";
-export type { KeycloakIssuerUriParsed } from "./keycloakIssuerUriParsed";
-export {
-    type KeycloakUtils,
-    KeycloakProfile,
-    KeycloakUserInfo,
-    createKeycloakUtils
-} from "./keycloakUtils";

package/src/keycloak/keycloakUtils.ts DELETED Viewed

@@ -1,90 +0,0 @@
-import { toFullyQualifiedUrl } from "../tools/toFullyQualifiedUrl";
-import { type KeycloakIssuerUriParsed, parseKeycloakIssuerUri } from "./keycloakIssuerUriParsed";
-export type KeycloakUtils = {
-    issuerUriParsed: KeycloakIssuerUriParsed;
-    adminConsoleUrl: string;
-    adminConsoleUrl_master: string;
-    getAccountUrl: (params: {
-        clientId: string;
-        backToAppFromAccountUrl: string;
-        locale?: string;
-    }) => string;
-    fetchUserProfile: (params: { accessToken: string }) => Promise<KeycloakProfile>;
-    fetchUserInfo: (params: { accessToken: string }) => Promise<KeycloakUserInfo>;
-    transformUrlBeforeRedirectForRegister: (authorizationUrl: string) => string;
-};
-export type KeycloakProfile = {
-    id?: string;
-    username?: string;
-    email?: string;
-    firstName?: string;
-    lastName?: string;
-    enabled?: boolean;
-    emailVerified?: boolean;
-    totp?: boolean;
-    createdTimestamp?: number;
-    attributes?: Record<string, unknown>;
-};
-export type KeycloakUserInfo = {
-    sub: string;
-    [key: string]: any;
-};
-export function createKeycloakUtils(params: { issuerUri: string }): KeycloakUtils {
-    const { issuerUri } = params;
-    const issuerUriParsed = parseKeycloakIssuerUri({ issuerUri });
-    const keycloakServerUrl = `${issuerUriParsed.origin}${issuerUriParsed.kcHttpRelativePath ?? ""}`;
-    const getAdminConsoleUrl = (realm: string) =>
-        `${keycloakServerUrl}/admin/${encodeURIComponent(realm)}/console`;
-    const realmUrl = `${keycloakServerUrl}/realms/${encodeURIComponent(issuerUriParsed.realm)}`;
-    return {
-        issuerUriParsed,
-        adminConsoleUrl: getAdminConsoleUrl(issuerUriParsed.realm),
-        adminConsoleUrl_master: getAdminConsoleUrl("master"),
-        getAccountUrl: ({ clientId, backToAppFromAccountUrl, locale }) => {
-            const accountUrlObj = new URL(
-                `${keycloakServerUrl}/realms/${issuerUriParsed.realm}/account`
-            );
-            accountUrlObj.searchParams.set("referrer", clientId);
-            accountUrlObj.searchParams.set(
-                "referrer_uri",
-                toFullyQualifiedUrl({
-                    urlish: backToAppFromAccountUrl,
-                    doAssertNoQueryParams: false
-                })
-            );
-            if (locale !== undefined) {
-                accountUrlObj.searchParams.set("kc_locale", locale);
-            }
-            return accountUrlObj.href;
-        },
-        fetchUserProfile: ({ accessToken }) =>
-            fetch(`${realmUrl}/account`, {
-                headers: {
-                    Accept: "application/json",
-                    Authorization: `Bearer ${accessToken}`
-                }
-            }).then(r => r.json()),
-        fetchUserInfo: ({ accessToken }) =>
-            fetch(`${realmUrl}/protocol/openid-connect/userinfo`, {
-                headers: {
-                    Accept: "application/json",
-                    Authorization: `Bearer ${accessToken}`
-                }
-            }).then(r => r.json()),
-        transformUrlBeforeRedirectForRegister: authorizationUrl => {
-            const urlObj = new URL(authorizationUrl);
-            urlObj.pathname = urlObj.pathname.replace(/\/auth$/, "/registrations");
-            return urlObj.href;
-        }
-    };
-}

package/src/mock/react.tsx DELETED Viewed

@@ -1,11 +0,0 @@
-import { createOidcReactApi_dependencyInjection } from "../react/react";
-import { createMockOidc, type ParamsOfCreateMockOidc } from "./oidc";
-import type { ValueOrAsyncGetter } from "../tools/ValueOrAsyncGetter";
-/** @see: https://docs.oidc-spa.dev/v/v7/mock */
-export function createMockReactOidc<
-    DecodedIdToken extends Record<string, unknown> = Record<string, unknown>,
-    AutoLogin extends boolean = false
->(params: ValueOrAsyncGetter<ParamsOfCreateMockOidc<DecodedIdToken, AutoLogin>>) {
-    return createOidcReactApi_dependencyInjection(params, createMockOidc);
-}