oidc-spa 7.2.5 → 7.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/core/Oidc.d.ts +4 -1
- package/core/createOidc.js +65 -18
- package/core/createOidc.js.map +1 -1
- package/core/oidcClientTsUserToTokens.js +7 -2
- package/core/oidcClientTsUserToTokens.js.map +1 -1
- package/esm/core/Oidc.d.ts +4 -1
- package/esm/core/createOidc.js +65 -18
- package/esm/core/createOidc.js.map +1 -1
- package/esm/core/oidcClientTsUserToTokens.js +7 -2
- package/esm/core/oidcClientTsUserToTokens.js.map +1 -1
- package/esm/keycloak/keycloak-js/Keycloak.d.ts +5 -3
- package/esm/keycloak/keycloak-js/Keycloak.js +175 -184
- package/esm/keycloak/keycloak-js/Keycloak.js.map +1 -1
- package/esm/keycloak/keycloak-js/types.d.ts +1 -3
- package/esm/mock/oidc.js +2 -1
- package/esm/mock/oidc.js.map +1 -1
- package/esm/tools/workerTimers.js +2 -5
- package/esm/tools/workerTimers.js.map +1 -1
- package/esm/vendor/frontend/oidc-client-ts.js +46 -8
- package/keycloak/keycloak-js/Keycloak.d.ts +5 -3
- package/keycloak/keycloak-js/Keycloak.js +175 -184
- package/keycloak/keycloak-js/Keycloak.js.map +1 -1
- package/keycloak/keycloak-js/types.d.ts +1 -3
- package/mock/oidc.js +2 -1
- package/mock/oidc.js.map +1 -1
- package/package.json +1 -1
- package/src/core/Oidc.ts +5 -1
- package/src/core/createOidc.ts +81 -16
- package/src/core/oidcClientTsUserToTokens.ts +7 -2
- package/src/keycloak/keycloak-js/Keycloak.ts +198 -232
- package/src/keycloak/keycloak-js/types.ts +1 -4
- package/src/mock/oidc.ts +2 -1
- package/src/tools/workerTimers.ts +2 -6
- package/tools/workerTimers.js +2 -5
- package/tools/workerTimers.js.map +1 -1
- package/vendor/frontend/oidc-client-ts.js +46 -8
|
@@ -1,3 +1,15 @@
|
|
|
1
|
+
var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
|
|
2
|
+
if (kind === "m") throw new TypeError("Private method is not writable");
|
|
3
|
+
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
|
|
4
|
+
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
|
|
5
|
+
return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
|
|
6
|
+
};
|
|
7
|
+
var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
|
|
8
|
+
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
|
|
9
|
+
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
|
|
10
|
+
return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
|
|
11
|
+
};
|
|
12
|
+
var _Keycloak_state;
|
|
1
13
|
import { assert, is, isAmong } from "../../vendor/frontend/tsafe";
|
|
2
14
|
import { createOidc, OidcInitializationError } from "../../core";
|
|
3
15
|
import { Deferred } from "../../tools/Deferred";
|
|
@@ -6,7 +18,6 @@ import { createKeycloakUtils } from "../keycloakUtils";
|
|
|
6
18
|
import { workerTimers } from "../../vendor/frontend/worker-timers";
|
|
7
19
|
import { createStatefulEvt } from "../../tools/StatefulEvt";
|
|
8
20
|
import { readExpirationTimeInJwt } from "../../tools/readExpirationTimeInJwt";
|
|
9
|
-
const internalStateByInstance = new WeakMap();
|
|
10
21
|
/**
|
|
11
22
|
* This module provides a drop-in replacement for `keycloak-js`,
|
|
12
23
|
* designed for teams migrating to `oidc-spa` with minimal changes.
|
|
@@ -24,6 +35,7 @@ export class Keycloak {
|
|
|
24
35
|
* I'm not seeing the usecase when ran against keycloak right now so not doing it.
|
|
25
36
|
*/
|
|
26
37
|
constructor(params) {
|
|
38
|
+
_Keycloak_state.set(this, void 0);
|
|
27
39
|
/**
|
|
28
40
|
* Response mode passed in init (default value is `'fragment'`).
|
|
29
41
|
*
|
|
@@ -44,16 +56,8 @@ export class Keycloak {
|
|
|
44
56
|
* NOTE oidc-spa: Can only be 'standard'
|
|
45
57
|
*/
|
|
46
58
|
this.flow = "standard";
|
|
47
|
-
/**
|
|
48
|
-
* The estimated time difference between the browser time and the Keycloak
|
|
49
|
-
* server in seconds. This value is just an estimation, but is accurate
|
|
50
|
-
* enough when determining if a token is expired or not.
|
|
51
|
-
*
|
|
52
|
-
* NOTE oidc-spa: Not supported.
|
|
53
|
-
*/
|
|
54
|
-
this.timeSkew = null;
|
|
55
59
|
const issuerUri = `${params.url.replace(/\/$/, "")}/realms/${params.realm}`;
|
|
56
|
-
|
|
60
|
+
__classPrivateFieldSet(this, _Keycloak_state, {
|
|
57
61
|
constructorParams: params,
|
|
58
62
|
dInitialized: new Deferred(),
|
|
59
63
|
initOptions: undefined,
|
|
@@ -64,7 +68,7 @@ export class Keycloak {
|
|
|
64
68
|
profile: undefined,
|
|
65
69
|
userInfo: undefined,
|
|
66
70
|
$onTokenExpired: createStatefulEvt(() => undefined)
|
|
67
|
-
});
|
|
71
|
+
}, "f");
|
|
68
72
|
}
|
|
69
73
|
/**
|
|
70
74
|
* Called to initialize the adapter.
|
|
@@ -73,25 +77,23 @@ export class Keycloak {
|
|
|
73
77
|
*/
|
|
74
78
|
async init(initOptions = {}) {
|
|
75
79
|
const { onLoad = "check-sso", redirectUri, enableLogging, scope, locale } = initOptions;
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
if (internalState.initOptions !== undefined) {
|
|
79
|
-
if (JSON.stringify(internalState.initOptions) !== JSON.stringify(initOptions)) {
|
|
80
|
+
if (__classPrivateFieldGet(this, _Keycloak_state, "f").initOptions !== undefined) {
|
|
81
|
+
if (JSON.stringify(__classPrivateFieldGet(this, _Keycloak_state, "f").initOptions) !== JSON.stringify(initOptions)) {
|
|
80
82
|
throw new Error("Can't call init() multiple time with different params");
|
|
81
83
|
}
|
|
82
|
-
await
|
|
83
|
-
const { oidc } =
|
|
84
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
85
|
+
const { oidc } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
84
86
|
assert(oidc !== undefined);
|
|
85
87
|
return oidc.isUserLoggedIn;
|
|
86
88
|
}
|
|
87
|
-
|
|
88
|
-
const { constructorParams, issuerUri } =
|
|
89
|
+
__classPrivateFieldGet(this, _Keycloak_state, "f").initOptions = initOptions;
|
|
90
|
+
const { constructorParams, issuerUri } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
89
91
|
const autoLogin = onLoad === "login-required";
|
|
90
92
|
let hasCreateResolved = false;
|
|
91
93
|
const oidcOrError = await createOidc({
|
|
92
94
|
homeUrl: constructorParams.homeUrl,
|
|
93
95
|
issuerUri,
|
|
94
|
-
clientId:
|
|
96
|
+
clientId: __classPrivateFieldGet(this, _Keycloak_state, "f").constructorParams.clientId,
|
|
95
97
|
autoLogin,
|
|
96
98
|
postLoginRedirectUrl: redirectUri,
|
|
97
99
|
debugLogs: enableLogging,
|
|
@@ -120,75 +122,90 @@ export class Keycloak {
|
|
|
120
122
|
assert(false);
|
|
121
123
|
}
|
|
122
124
|
const oidc = oidcOrError;
|
|
123
|
-
internalState.oidc = oidc;
|
|
124
125
|
if (oidc.isUserLoggedIn) {
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
126
|
+
const tokens = await oidc.getTokens();
|
|
127
|
+
const onNewToken = (tokens_new) => {
|
|
128
|
+
__classPrivateFieldGet(this, _Keycloak_state, "f").tokens = tokens_new;
|
|
129
|
+
this.onAuthRefreshSuccess?.();
|
|
130
|
+
};
|
|
131
|
+
onNewToken(tokens);
|
|
132
|
+
oidc.subscribeToTokensChange(onNewToken);
|
|
133
|
+
}
|
|
134
|
+
__classPrivateFieldGet(this, _Keycloak_state, "f").oidc = oidc;
|
|
135
|
+
__classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.resolve();
|
|
136
|
+
this.onReady?.(oidc.isUserLoggedIn);
|
|
137
|
+
onAuthSuccess_call: {
|
|
138
|
+
if (!oidc.isUserLoggedIn) {
|
|
139
|
+
break onAuthSuccess_call;
|
|
133
140
|
}
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
if (onTokenExpired === undefined) {
|
|
140
|
-
return;
|
|
141
|
-
}
|
|
142
|
-
let timer = undefined;
|
|
143
|
-
const onNewToken = () => {
|
|
144
|
-
if (timer !== undefined) {
|
|
145
|
-
workerTimers.clearTimeout(timer);
|
|
146
|
-
}
|
|
147
|
-
const { tokens } = internalState;
|
|
148
|
-
assert(tokens !== undefined);
|
|
149
|
-
timer = workerTimers.setTimeout(() => {
|
|
150
|
-
onTokenExpired.call(this);
|
|
151
|
-
}, Math.max(tokens.accessTokenExpirationTime - Date.now() - 3000, 0));
|
|
152
|
-
};
|
|
153
|
-
onNewToken();
|
|
154
|
-
const { unsubscribe } = oidc.subscribeToTokensChange(onNewToken);
|
|
155
|
-
clear = () => {
|
|
156
|
-
if (timer !== undefined) {
|
|
157
|
-
workerTimers.clearTimeout(timer);
|
|
158
|
-
}
|
|
159
|
-
unsubscribe();
|
|
160
|
-
};
|
|
161
|
-
});
|
|
141
|
+
this.onAuthSuccess?.();
|
|
142
|
+
}
|
|
143
|
+
onAuthError_call: {
|
|
144
|
+
if (oidc.isUserLoggedIn) {
|
|
145
|
+
break onAuthError_call;
|
|
162
146
|
}
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
break onActionUpdate_call;
|
|
166
|
-
}
|
|
167
|
-
const { backFromAuthServer } = oidc;
|
|
168
|
-
if (backFromAuthServer === undefined) {
|
|
169
|
-
break onActionUpdate_call;
|
|
170
|
-
}
|
|
171
|
-
const status = backFromAuthServer.result.kc_action_status;
|
|
172
|
-
if (!isAmong(["success", "cancelled", "error"], status)) {
|
|
173
|
-
break onActionUpdate_call;
|
|
174
|
-
}
|
|
175
|
-
const action = backFromAuthServer.extraQueryParams.kc_action;
|
|
176
|
-
if (action === undefined) {
|
|
177
|
-
break onActionUpdate_call;
|
|
178
|
-
}
|
|
179
|
-
this.onActionUpdate(status, action);
|
|
147
|
+
if (oidc.initializationError === undefined) {
|
|
148
|
+
break onAuthError_call;
|
|
180
149
|
}
|
|
181
|
-
}
|
|
182
|
-
if (!oidc.isUserLoggedIn && oidc.initializationError !== undefined) {
|
|
183
150
|
this.onAuthError?.({
|
|
184
151
|
error: oidc.initializationError.name,
|
|
185
152
|
error_description: oidc.initializationError.message
|
|
186
153
|
});
|
|
187
154
|
}
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
155
|
+
onActionUpdate_call: {
|
|
156
|
+
if (!oidc.isUserLoggedIn) {
|
|
157
|
+
break onActionUpdate_call;
|
|
158
|
+
}
|
|
159
|
+
if (this.onActionUpdate === undefined) {
|
|
160
|
+
break onActionUpdate_call;
|
|
161
|
+
}
|
|
162
|
+
const { backFromAuthServer } = oidc;
|
|
163
|
+
if (backFromAuthServer === undefined) {
|
|
164
|
+
break onActionUpdate_call;
|
|
165
|
+
}
|
|
166
|
+
const status = backFromAuthServer.result.kc_action_status;
|
|
167
|
+
if (!isAmong(["success", "cancelled", "error"], status)) {
|
|
168
|
+
break onActionUpdate_call;
|
|
169
|
+
}
|
|
170
|
+
const action = backFromAuthServer.extraQueryParams.kc_action;
|
|
171
|
+
if (action === undefined) {
|
|
172
|
+
break onActionUpdate_call;
|
|
173
|
+
}
|
|
174
|
+
this.onActionUpdate(status, action);
|
|
175
|
+
}
|
|
176
|
+
schedule_onTokenExpired_call: {
|
|
177
|
+
if (!oidc.isUserLoggedIn) {
|
|
178
|
+
break schedule_onTokenExpired_call;
|
|
179
|
+
}
|
|
180
|
+
const { $onTokenExpired } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
181
|
+
let clear = undefined;
|
|
182
|
+
const next = (onTokenExpired) => {
|
|
183
|
+
clear?.();
|
|
184
|
+
if (onTokenExpired === undefined) {
|
|
185
|
+
return;
|
|
186
|
+
}
|
|
187
|
+
let timer = undefined;
|
|
188
|
+
const onNewToken = () => {
|
|
189
|
+
if (timer !== undefined) {
|
|
190
|
+
workerTimers.clearTimeout(timer);
|
|
191
|
+
}
|
|
192
|
+
const { tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
193
|
+
assert(tokens !== undefined);
|
|
194
|
+
timer = workerTimers.setTimeout(() => {
|
|
195
|
+
onTokenExpired.call(this);
|
|
196
|
+
}, Math.max(tokens.accessTokenExpirationTime - tokens.getServerDateNow() - 3000, 0));
|
|
197
|
+
};
|
|
198
|
+
onNewToken();
|
|
199
|
+
const { unsubscribe } = oidc.subscribeToTokensChange(onNewToken);
|
|
200
|
+
clear = () => {
|
|
201
|
+
if (timer !== undefined) {
|
|
202
|
+
workerTimers.clearTimeout(timer);
|
|
203
|
+
}
|
|
204
|
+
unsubscribe();
|
|
205
|
+
};
|
|
206
|
+
};
|
|
207
|
+
next($onTokenExpired.current);
|
|
208
|
+
$onTokenExpired.subscribe(next);
|
|
192
209
|
}
|
|
193
210
|
return oidc.isUserLoggedIn;
|
|
194
211
|
}
|
|
@@ -199,9 +216,7 @@ export class Keycloak {
|
|
|
199
216
|
if (!this.didInitialize) {
|
|
200
217
|
return false;
|
|
201
218
|
}
|
|
202
|
-
const
|
|
203
|
-
assert(internalState !== undefined);
|
|
204
|
-
const { oidc } = internalState;
|
|
219
|
+
const { oidc } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
205
220
|
assert(oidc !== undefined);
|
|
206
221
|
return oidc.isUserLoggedIn;
|
|
207
222
|
}
|
|
@@ -212,9 +227,7 @@ export class Keycloak {
|
|
|
212
227
|
if (!this.didInitialize) {
|
|
213
228
|
return undefined;
|
|
214
229
|
}
|
|
215
|
-
const
|
|
216
|
-
assert(internalState !== undefined);
|
|
217
|
-
const { oidc, tokens } = internalState;
|
|
230
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
218
231
|
assert(oidc !== undefined);
|
|
219
232
|
if (!oidc.isUserLoggedIn) {
|
|
220
233
|
console.warn("Trying to read keycloak.subject when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -230,12 +243,10 @@ export class Keycloak {
|
|
|
230
243
|
if (!this.didInitialize) {
|
|
231
244
|
return undefined;
|
|
232
245
|
}
|
|
233
|
-
const
|
|
234
|
-
assert(internalState !== undefined);
|
|
235
|
-
const { oidc, tokens } = internalState;
|
|
246
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
236
247
|
assert(oidc !== undefined);
|
|
237
248
|
if (!oidc.isUserLoggedIn) {
|
|
238
|
-
console.warn("Trying to read keycloak.realAccess when keycloak.
|
|
249
|
+
console.warn("Trying to read keycloak.realAccess when keycloak.authenticated is false is a logical error in your application");
|
|
239
250
|
return undefined;
|
|
240
251
|
}
|
|
241
252
|
assert(tokens !== undefined);
|
|
@@ -249,9 +260,7 @@ export class Keycloak {
|
|
|
249
260
|
if (!this.didInitialize) {
|
|
250
261
|
return undefined;
|
|
251
262
|
}
|
|
252
|
-
const
|
|
253
|
-
assert(internalState !== undefined);
|
|
254
|
-
const { oidc, tokens } = internalState;
|
|
263
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
255
264
|
assert(oidc !== undefined);
|
|
256
265
|
if (!oidc.isUserLoggedIn) {
|
|
257
266
|
console.warn("Trying to read keycloak.resourceAccess when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -266,15 +275,13 @@ export class Keycloak {
|
|
|
266
275
|
* requests to services.
|
|
267
276
|
*/
|
|
268
277
|
get token() {
|
|
269
|
-
const internalState = internalStateByInstance.get(this);
|
|
270
|
-
assert(internalState !== undefined);
|
|
271
278
|
if (!this.didInitialize) {
|
|
272
|
-
return
|
|
279
|
+
return __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions?.token;
|
|
273
280
|
}
|
|
274
|
-
const { oidc, tokens } =
|
|
281
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
275
282
|
assert(oidc !== undefined);
|
|
276
283
|
if (!oidc.isUserLoggedIn) {
|
|
277
|
-
console.warn("Trying to read keycloak.token when keycloak.
|
|
284
|
+
console.warn("Trying to read keycloak.token when keycloak.authenticated is false is a logical error in your application");
|
|
278
285
|
return undefined;
|
|
279
286
|
}
|
|
280
287
|
assert(tokens !== undefined);
|
|
@@ -284,19 +291,17 @@ export class Keycloak {
|
|
|
284
291
|
* The parsed token as a JavaScript object.
|
|
285
292
|
*/
|
|
286
293
|
get tokenParsed() {
|
|
287
|
-
const internalState = internalStateByInstance.get(this);
|
|
288
|
-
assert(internalState !== undefined);
|
|
289
294
|
if (!this.didInitialize) {
|
|
290
|
-
const { token } =
|
|
295
|
+
const { token } = __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions ?? {};
|
|
291
296
|
if (token === undefined) {
|
|
292
297
|
return undefined;
|
|
293
298
|
}
|
|
294
299
|
return decodeJwt(token);
|
|
295
300
|
}
|
|
296
|
-
const { oidc, tokens } =
|
|
301
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
297
302
|
assert(oidc !== undefined);
|
|
298
303
|
if (!oidc.isUserLoggedIn) {
|
|
299
|
-
console.warn("Trying to read keycloak.
|
|
304
|
+
console.warn("Trying to read keycloak.tokenParsed when keycloak.authenticated is false is a logical error in your application");
|
|
300
305
|
return undefined;
|
|
301
306
|
}
|
|
302
307
|
assert(tokens !== undefined);
|
|
@@ -306,15 +311,13 @@ export class Keycloak {
|
|
|
306
311
|
* The base64 encoded refresh token that can be used to retrieve a new token.
|
|
307
312
|
*/
|
|
308
313
|
get refreshToken() {
|
|
309
|
-
const internalState = internalStateByInstance.get(this);
|
|
310
|
-
assert(internalState !== undefined);
|
|
311
314
|
if (!this.didInitialize) {
|
|
312
|
-
return
|
|
315
|
+
return __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions?.refreshToken;
|
|
313
316
|
}
|
|
314
|
-
const { oidc, tokens } =
|
|
317
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
315
318
|
assert(oidc !== undefined);
|
|
316
319
|
if (!oidc.isUserLoggedIn) {
|
|
317
|
-
console.warn("Trying to read keycloak.
|
|
320
|
+
console.warn("Trying to read keycloak.refreshToken when keycloak.authenticated is false is a logical error in your application");
|
|
318
321
|
return undefined;
|
|
319
322
|
}
|
|
320
323
|
assert(tokens !== undefined);
|
|
@@ -324,19 +327,17 @@ export class Keycloak {
|
|
|
324
327
|
* The parsed refresh token as a JavaScript object.
|
|
325
328
|
*/
|
|
326
329
|
get refreshTokenParsed() {
|
|
327
|
-
const internalState = internalStateByInstance.get(this);
|
|
328
|
-
assert(internalState !== undefined);
|
|
329
330
|
if (!this.didInitialize) {
|
|
330
|
-
const { refreshToken } =
|
|
331
|
+
const { refreshToken } = __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions ?? {};
|
|
331
332
|
if (refreshToken === undefined) {
|
|
332
333
|
return undefined;
|
|
333
334
|
}
|
|
334
335
|
return decodeJwt(refreshToken);
|
|
335
336
|
}
|
|
336
|
-
const { oidc, tokens } =
|
|
337
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
337
338
|
assert(oidc !== undefined);
|
|
338
339
|
if (!oidc.isUserLoggedIn) {
|
|
339
|
-
console.warn("Trying to read keycloak.
|
|
340
|
+
console.warn("Trying to read keycloak.refreshTokenParsed when keycloak.authenticated is false is a logical error in your application");
|
|
340
341
|
return undefined;
|
|
341
342
|
}
|
|
342
343
|
assert(tokens !== undefined);
|
|
@@ -349,15 +350,13 @@ export class Keycloak {
|
|
|
349
350
|
* The base64 encoded ID token.
|
|
350
351
|
*/
|
|
351
352
|
get idToken() {
|
|
352
|
-
const internalState = internalStateByInstance.get(this);
|
|
353
|
-
assert(internalState !== undefined);
|
|
354
353
|
if (!this.didInitialize) {
|
|
355
|
-
return
|
|
354
|
+
return __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions?.idToken;
|
|
356
355
|
}
|
|
357
|
-
const { oidc, tokens } =
|
|
356
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
358
357
|
assert(oidc !== undefined);
|
|
359
358
|
if (!oidc.isUserLoggedIn) {
|
|
360
|
-
console.warn("Trying to read keycloak.
|
|
359
|
+
console.warn("Trying to read keycloak.idToken when keycloak.authenticated is false is a logical error in your application");
|
|
361
360
|
return undefined;
|
|
362
361
|
}
|
|
363
362
|
assert(tokens !== undefined);
|
|
@@ -367,40 +366,56 @@ export class Keycloak {
|
|
|
367
366
|
* The parsed id token as a JavaScript object.
|
|
368
367
|
*/
|
|
369
368
|
get idTokenParsed() {
|
|
370
|
-
const internalState = internalStateByInstance.get(this);
|
|
371
|
-
assert(internalState !== undefined);
|
|
372
369
|
if (!this.didInitialize) {
|
|
373
|
-
const { idToken } =
|
|
370
|
+
const { idToken } = __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions ?? {};
|
|
374
371
|
if (idToken === undefined) {
|
|
375
372
|
return undefined;
|
|
376
373
|
}
|
|
377
374
|
return decodeJwt(idToken);
|
|
378
375
|
}
|
|
379
|
-
const { oidc, tokens } =
|
|
376
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
380
377
|
assert(oidc !== undefined);
|
|
381
378
|
if (!oidc.isUserLoggedIn) {
|
|
382
|
-
console.warn("Trying to read keycloak.
|
|
379
|
+
console.warn("Trying to read keycloak.idTokenParsed when keycloak.authenticated is false is a logical error in your application");
|
|
383
380
|
return undefined;
|
|
384
381
|
}
|
|
385
382
|
assert(tokens !== undefined);
|
|
386
383
|
assert(is(tokens.decodedIdToken_original));
|
|
387
384
|
return tokens.decodedIdToken_original;
|
|
388
385
|
}
|
|
386
|
+
/**
|
|
387
|
+
* The estimated time difference between the browser time and the Keycloak
|
|
388
|
+
* server in seconds. This value is just an estimation, but is accurate
|
|
389
|
+
* enough when determining if a token is expired or not.
|
|
390
|
+
*/
|
|
391
|
+
get timeSkew() {
|
|
392
|
+
if (!this.didInitialize) {
|
|
393
|
+
const { timeSkew } = __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions ?? {};
|
|
394
|
+
if (timeSkew === undefined) {
|
|
395
|
+
return null;
|
|
396
|
+
}
|
|
397
|
+
return timeSkew;
|
|
398
|
+
}
|
|
399
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
400
|
+
assert(oidc !== undefined);
|
|
401
|
+
if (!oidc.isUserLoggedIn) {
|
|
402
|
+
console.warn("Trying to read keycloak.timeSkew when keycloak.authenticated is false is a logical error in your application");
|
|
403
|
+
return null;
|
|
404
|
+
}
|
|
405
|
+
assert(tokens !== undefined);
|
|
406
|
+
return Math.ceil((tokens.getServerDateNow() - Date.now()) / 1000);
|
|
407
|
+
}
|
|
389
408
|
/**
|
|
390
409
|
* Whether the instance has been initialized by calling `.init()`.
|
|
391
410
|
*/
|
|
392
411
|
get didInitialize() {
|
|
393
|
-
|
|
394
|
-
assert(internalState !== undefined);
|
|
395
|
-
return internalState.oidc !== undefined;
|
|
412
|
+
return __classPrivateFieldGet(this, _Keycloak_state, "f").oidc !== undefined;
|
|
396
413
|
}
|
|
397
414
|
/**
|
|
398
415
|
* @private Undocumented.
|
|
399
416
|
*/
|
|
400
417
|
get loginRequired() {
|
|
401
|
-
const
|
|
402
|
-
assert(internalState !== undefined);
|
|
403
|
-
const { initOptions } = internalState;
|
|
418
|
+
const { initOptions } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
404
419
|
if (initOptions === undefined) {
|
|
405
420
|
return false;
|
|
406
421
|
}
|
|
@@ -410,36 +425,28 @@ export class Keycloak {
|
|
|
410
425
|
* @private Undocumented.
|
|
411
426
|
*/
|
|
412
427
|
get authServerUrl() {
|
|
413
|
-
const
|
|
414
|
-
assert(internalState !== undefined);
|
|
415
|
-
const { keycloakUtils: { issuerUriParsed } } = internalState;
|
|
428
|
+
const { keycloakUtils: { issuerUriParsed } } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
416
429
|
return `${issuerUriParsed.origin}${issuerUriParsed.kcHttpRelativePath}`;
|
|
417
430
|
}
|
|
418
431
|
/**
|
|
419
432
|
* @private Undocumented.
|
|
420
433
|
*/
|
|
421
434
|
get realm() {
|
|
422
|
-
const
|
|
423
|
-
assert(internalState !== undefined);
|
|
424
|
-
const { keycloakUtils: { issuerUriParsed } } = internalState;
|
|
435
|
+
const { keycloakUtils: { issuerUriParsed } } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
425
436
|
return issuerUriParsed.realm;
|
|
426
437
|
}
|
|
427
438
|
/**
|
|
428
439
|
* @private Undocumented.
|
|
429
440
|
*/
|
|
430
441
|
get clientId() {
|
|
431
|
-
const
|
|
432
|
-
assert(internalState !== undefined);
|
|
433
|
-
const { constructorParams } = internalState;
|
|
442
|
+
const { constructorParams } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
434
443
|
return constructorParams.clientId;
|
|
435
444
|
}
|
|
436
445
|
/**
|
|
437
446
|
* @private Undocumented.
|
|
438
447
|
*/
|
|
439
448
|
get redirectUri() {
|
|
440
|
-
const
|
|
441
|
-
assert(internalState !== undefined);
|
|
442
|
-
const { initOptions } = internalState;
|
|
449
|
+
const { initOptions } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
443
450
|
if (initOptions === undefined) {
|
|
444
451
|
return undefined;
|
|
445
452
|
}
|
|
@@ -452,9 +459,7 @@ export class Keycloak {
|
|
|
452
459
|
if (!this.didInitialize) {
|
|
453
460
|
return undefined;
|
|
454
461
|
}
|
|
455
|
-
const
|
|
456
|
-
assert(internalState !== undefined);
|
|
457
|
-
const { oidc, tokens } = internalState;
|
|
462
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
458
463
|
assert(oidc !== undefined);
|
|
459
464
|
if (!oidc.isUserLoggedIn) {
|
|
460
465
|
console.warn("Trying to read keycloak.sessionId when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -469,18 +474,14 @@ export class Keycloak {
|
|
|
469
474
|
* @private Undocumented.
|
|
470
475
|
*/
|
|
471
476
|
get profile() {
|
|
472
|
-
const
|
|
473
|
-
assert(internalState !== undefined);
|
|
474
|
-
const { profile } = internalState;
|
|
477
|
+
const { profile } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
475
478
|
return profile;
|
|
476
479
|
}
|
|
477
480
|
/**
|
|
478
481
|
* @private Undocumented.
|
|
479
482
|
*/
|
|
480
483
|
get userInfo() {
|
|
481
|
-
const
|
|
482
|
-
assert(internalState !== undefined);
|
|
483
|
-
const { userInfo } = internalState;
|
|
484
|
+
const { userInfo } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
484
485
|
return userInfo;
|
|
485
486
|
}
|
|
486
487
|
/**
|
|
@@ -503,15 +504,11 @@ export class Keycloak {
|
|
|
503
504
|
* obtain a new access token.
|
|
504
505
|
*/
|
|
505
506
|
set onTokenExpired(value) {
|
|
506
|
-
const
|
|
507
|
-
assert(internalState !== undefined);
|
|
508
|
-
const { $onTokenExpired } = internalState;
|
|
507
|
+
const { $onTokenExpired } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
509
508
|
$onTokenExpired.current = value;
|
|
510
509
|
}
|
|
511
510
|
get onTokenExpired() {
|
|
512
|
-
const
|
|
513
|
-
assert(internalState !== undefined);
|
|
514
|
-
const { $onTokenExpired } = internalState;
|
|
511
|
+
const { $onTokenExpired } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
515
512
|
return $onTokenExpired.current;
|
|
516
513
|
}
|
|
517
514
|
/**
|
|
@@ -520,12 +517,10 @@ export class Keycloak {
|
|
|
520
517
|
*/
|
|
521
518
|
async login(options) {
|
|
522
519
|
const { redirectUri, action, loginHint, acr, acrValues, idpHint, locale, doesCurrentHrefRequiresAuth } = options ?? {};
|
|
523
|
-
const internalState = internalStateByInstance.get(this);
|
|
524
|
-
assert(internalState !== undefined);
|
|
525
520
|
if (!this.didInitialize) {
|
|
526
|
-
await
|
|
521
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
527
522
|
}
|
|
528
|
-
const { oidc, keycloakUtils } =
|
|
523
|
+
const { oidc, keycloakUtils } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
529
524
|
assert(oidc !== undefined);
|
|
530
525
|
const extraQueryParams_commons = {
|
|
531
526
|
claims: acr === undefined
|
|
@@ -571,12 +566,10 @@ export class Keycloak {
|
|
|
571
566
|
* @param options Logout options.
|
|
572
567
|
*/
|
|
573
568
|
async logout(options) {
|
|
574
|
-
const internalState = internalStateByInstance.get(this);
|
|
575
|
-
assert(internalState !== undefined);
|
|
576
569
|
if (!this.didInitialize) {
|
|
577
|
-
await
|
|
570
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
578
571
|
}
|
|
579
|
-
const { oidc, initOptions } =
|
|
572
|
+
const { oidc, initOptions } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
580
573
|
assert(oidc !== undefined);
|
|
581
574
|
assert(initOptions !== undefined);
|
|
582
575
|
assert(oidc.isUserLoggedIn, "The user is not currently logged in");
|
|
@@ -636,9 +629,7 @@ export class Keycloak {
|
|
|
636
629
|
*/
|
|
637
630
|
createAccountUrl(options) {
|
|
638
631
|
const { locale, redirectUri } = options ?? {};
|
|
639
|
-
const
|
|
640
|
-
assert(internalState !== undefined);
|
|
641
|
-
const { keycloakUtils } = internalState;
|
|
632
|
+
const { keycloakUtils } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
642
633
|
return keycloakUtils.getAccountUrl({
|
|
643
634
|
clientId: this.clientId,
|
|
644
635
|
backToAppFromAccountUrl: redirectUri ?? location.href,
|
|
@@ -651,8 +642,6 @@ export class Keycloak {
|
|
|
651
642
|
* @param minValidity If not specified, `0` is used.
|
|
652
643
|
*/
|
|
653
644
|
isTokenExpired(minValidity = 0) {
|
|
654
|
-
const internalState = internalStateByInstance.get(this);
|
|
655
|
-
assert(internalState !== undefined);
|
|
656
645
|
let accessTokenExpirationTime;
|
|
657
646
|
if (!this.didInitialize) {
|
|
658
647
|
const fakeAccessToken = this.token;
|
|
@@ -664,7 +653,7 @@ export class Keycloak {
|
|
|
664
653
|
accessTokenExpirationTime = time;
|
|
665
654
|
}
|
|
666
655
|
else {
|
|
667
|
-
const { tokens } =
|
|
656
|
+
const { tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
668
657
|
assert(tokens !== undefined);
|
|
669
658
|
accessTokenExpirationTime = tokens.accessTokenExpirationTime;
|
|
670
659
|
}
|
|
@@ -693,12 +682,10 @@ export class Keycloak {
|
|
|
693
682
|
* });
|
|
694
683
|
*/
|
|
695
684
|
async updateToken(minValidity = 5) {
|
|
696
|
-
const internalState = internalStateByInstance.get(this);
|
|
697
|
-
assert(internalState !== undefined);
|
|
698
685
|
if (!this.didInitialize) {
|
|
699
|
-
await
|
|
686
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
700
687
|
}
|
|
701
|
-
const { oidc } =
|
|
688
|
+
const { oidc } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
702
689
|
assert(oidc !== undefined);
|
|
703
690
|
assert(oidc.isUserLoggedIn, "updateToken called too early");
|
|
704
691
|
if (!this.isTokenExpired(minValidity)) {
|
|
@@ -744,31 +731,35 @@ export class Keycloak {
|
|
|
744
731
|
* @returns A promise to set functions to be invoked on success or error.
|
|
745
732
|
*/
|
|
746
733
|
async loadUserProfile() {
|
|
747
|
-
const internalState = internalStateByInstance.get(this);
|
|
748
|
-
assert(internalState !== undefined);
|
|
749
734
|
if (!this.didInitialize) {
|
|
750
|
-
await
|
|
735
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
751
736
|
}
|
|
752
|
-
const { oidc, keycloakUtils } =
|
|
737
|
+
const { oidc, keycloakUtils } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
753
738
|
assert(oidc !== undefined);
|
|
754
739
|
assert(oidc.isUserLoggedIn, "Can't load userProfile if user not authenticated");
|
|
755
740
|
const { accessToken } = await oidc.getTokens();
|
|
756
|
-
return (
|
|
741
|
+
return (__classPrivateFieldGet(this, _Keycloak_state, "f").profile = await keycloakUtils.fetchUserProfile({ accessToken }));
|
|
757
742
|
}
|
|
758
743
|
/**
|
|
759
744
|
* @private Undocumented.
|
|
760
745
|
*/
|
|
761
746
|
async loadUserInfo() {
|
|
762
|
-
const internalState = internalStateByInstance.get(this);
|
|
763
|
-
assert(internalState !== undefined);
|
|
764
747
|
if (!this.didInitialize) {
|
|
765
|
-
await
|
|
748
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
766
749
|
}
|
|
767
|
-
const { oidc, keycloakUtils } =
|
|
750
|
+
const { oidc, keycloakUtils } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
768
751
|
assert(oidc !== undefined);
|
|
769
752
|
assert(oidc.isUserLoggedIn, "Can't load userInfo if user not authenticated");
|
|
770
753
|
const { accessToken } = await oidc.getTokens();
|
|
771
|
-
return (
|
|
754
|
+
return (__classPrivateFieldGet(this, _Keycloak_state, "f").userInfo = await keycloakUtils.fetchUserInfo({ accessToken }));
|
|
755
|
+
}
|
|
756
|
+
/** Get the underlying oidc-spa instance */
|
|
757
|
+
get oidc() {
|
|
758
|
+
assert(this.didInitialize, "Cannot get keycloak.oidc before the init() method was called and have resolved.");
|
|
759
|
+
const { oidc } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
760
|
+
assert(oidc !== undefined);
|
|
761
|
+
return oidc;
|
|
772
762
|
}
|
|
773
763
|
}
|
|
764
|
+
_Keycloak_state = new WeakMap();
|
|
774
765
|
//# sourceMappingURL=Keycloak.js.map
|