oidc-spa 7.2.5 → 7.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/core/Oidc.d.ts +4 -1
- package/core/createOidc.js +65 -18
- package/core/createOidc.js.map +1 -1
- package/core/oidcClientTsUserToTokens.js +7 -2
- package/core/oidcClientTsUserToTokens.js.map +1 -1
- package/esm/core/Oidc.d.ts +4 -1
- package/esm/core/createOidc.js +65 -18
- package/esm/core/createOidc.js.map +1 -1
- package/esm/core/oidcClientTsUserToTokens.js +7 -2
- package/esm/core/oidcClientTsUserToTokens.js.map +1 -1
- package/esm/keycloak/keycloak-js/Keycloak.d.ts +5 -3
- package/esm/keycloak/keycloak-js/Keycloak.js +175 -184
- package/esm/keycloak/keycloak-js/Keycloak.js.map +1 -1
- package/esm/keycloak/keycloak-js/types.d.ts +1 -3
- package/esm/mock/oidc.js +2 -1
- package/esm/mock/oidc.js.map +1 -1
- package/esm/tools/workerTimers.js +2 -5
- package/esm/tools/workerTimers.js.map +1 -1
- package/esm/vendor/frontend/oidc-client-ts.js +46 -8
- package/keycloak/keycloak-js/Keycloak.d.ts +5 -3
- package/keycloak/keycloak-js/Keycloak.js +175 -184
- package/keycloak/keycloak-js/Keycloak.js.map +1 -1
- package/keycloak/keycloak-js/types.d.ts +1 -3
- package/mock/oidc.js +2 -1
- package/mock/oidc.js.map +1 -1
- package/package.json +1 -1
- package/src/core/Oidc.ts +5 -1
- package/src/core/createOidc.ts +81 -16
- package/src/core/oidcClientTsUserToTokens.ts +7 -2
- package/src/keycloak/keycloak-js/Keycloak.ts +198 -232
- package/src/keycloak/keycloak-js/types.ts +1 -4
- package/src/mock/oidc.ts +2 -1
- package/src/tools/workerTimers.ts +2 -6
- package/tools/workerTimers.js +2 -5
- package/tools/workerTimers.js.map +1 -1
- package/vendor/frontend/oidc-client-ts.js +46 -8
|
@@ -139,11 +139,8 @@ export interface KeycloakInitOptions {
|
|
|
139
139
|
/**
|
|
140
140
|
* Set an initial value for skew between local time and Keycloak server in
|
|
141
141
|
* seconds (only together with `token` or `refreshToken`).
|
|
142
|
-
*
|
|
143
|
-
* NOTE oidc-spa: Not supported
|
|
144
142
|
*/
|
|
145
|
-
|
|
146
|
-
timeSkew?: undefined;
|
|
143
|
+
timeSkew?: number;
|
|
147
144
|
|
|
148
145
|
/**
|
|
149
146
|
* Set to enable/disable monitoring login state.
|
package/src/mock/oidc.ts
CHANGED
|
@@ -151,7 +151,8 @@ export async function createMockOidc<
|
|
|
151
151
|
"See https://docs.oidc-spa.dev/v/v7/mock"
|
|
152
152
|
].join("\n")
|
|
153
153
|
}),
|
|
154
|
-
issuedAtTime: Date.now()
|
|
154
|
+
issuedAtTime: Date.now(),
|
|
155
|
+
getServerDateNow: () => Date.now()
|
|
155
156
|
};
|
|
156
157
|
|
|
157
158
|
const tokens: Oidc.Tokens<DecodedIdToken> =
|
|
@@ -29,16 +29,12 @@ export function setTimeout(callback: () => void, delay: number): TimerHandle {
|
|
|
29
29
|
|
|
30
30
|
const start = Date.now();
|
|
31
31
|
|
|
32
|
-
const onPageshow = (
|
|
33
|
-
if (!event.persisted) {
|
|
34
|
-
return;
|
|
35
|
-
}
|
|
36
|
-
|
|
32
|
+
const onPageshow = () => {
|
|
37
33
|
workerTimers.clearTimeout(timerHandle_n);
|
|
38
34
|
|
|
39
35
|
const elapsed = Date.now() - start;
|
|
40
36
|
|
|
41
|
-
if (elapsed < delay) {
|
|
37
|
+
if (0 <= elapsed && elapsed < delay) {
|
|
42
38
|
timerHandle_n = workerTimers.setTimeout(callback_actual, delay - elapsed);
|
|
43
39
|
} else {
|
|
44
40
|
callback_actual();
|
package/tools/workerTimers.js
CHANGED
|
@@ -18,13 +18,10 @@ function setTimeout(callback, delay) {
|
|
|
18
18
|
window.removeEventListener("pageshow", onPageshow);
|
|
19
19
|
});
|
|
20
20
|
const start = Date.now();
|
|
21
|
-
const onPageshow = (
|
|
22
|
-
if (!event.persisted) {
|
|
23
|
-
return;
|
|
24
|
-
}
|
|
21
|
+
const onPageshow = () => {
|
|
25
22
|
worker_timers_1.workerTimers.clearTimeout(timerHandle_n);
|
|
26
23
|
const elapsed = Date.now() - start;
|
|
27
|
-
if (elapsed < delay) {
|
|
24
|
+
if (0 <= elapsed && elapsed < delay) {
|
|
28
25
|
timerHandle_n = worker_timers_1.workerTimers.setTimeout(callback_actual, delay - elapsed);
|
|
29
26
|
}
|
|
30
27
|
else {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"workerTimers.js","sourceRoot":"","sources":["../src/tools/workerTimers.ts"],"names":[],"mappings":";;AAQA,
|
|
1
|
+
{"version":3,"file":"workerTimers.js","sourceRoot":"","sources":["../src/tools/workerTimers.ts"],"names":[],"mappings":";;AAQA,gCAsCC;AAED,oCAQC;AAxDD,oEAAgE;AAMhE,MAAM,kBAAkB,GAAG,IAAI,OAAO,EAA2B,CAAC;AAElE,SAAgB,UAAU,CAAC,QAAoB,EAAE,KAAa;IAC1D,MAAM,eAAe,GAAG,GAAG,EAAE;QACzB,MAAM,CAAC,mBAAmB,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAEnD,kBAAkB,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAEvC,QAAQ,EAAE,CAAC;IACf,CAAC,CAAC;IAEF,IAAI,aAAa,GAAG,4BAAY,CAAC,UAAU,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;IAEpE,MAAM,WAAW,GAAgB,EAAS,CAAC;IAE3C,kBAAkB,CAAC,GAAG,CAAC,WAAW,EAAE,GAAG,EAAE;QACrC,kBAAkB,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAEvC,4BAAY,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC;QAEzC,MAAM,CAAC,mBAAmB,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEzB,MAAM,UAAU,GAAG,GAAG,EAAE;QACpB,4BAAY,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC;QAEzC,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;QAEnC,IAAI,CAAC,IAAI,OAAO,IAAI,OAAO,GAAG,KAAK,EAAE,CAAC;YAClC,aAAa,GAAG,4BAAY,CAAC,UAAU,CAAC,eAAe,EAAE,KAAK,GAAG,OAAO,CAAC,CAAC;QAC9E,CAAC;aAAM,CAAC;YACJ,eAAe,EAAE,CAAC;QACtB,CAAC;IACL,CAAC,CAAC;IAEF,MAAM,CAAC,gBAAgB,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;IAEhD,OAAO,WAAW,CAAC;AACvB,CAAC;AAED,SAAgB,YAAY,CAAC,MAAmB;IAC5C,MAAM,KAAK,GAAG,kBAAkB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAE7C,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QACtB,OAAO;IACX,CAAC;IAED,KAAK,EAAE,CAAC;AACZ,CAAC"}
|
|
@@ -1182,6 +1182,7 @@ var UserInfoService = class {
|
|
|
1182
1182
|
};
|
|
1183
1183
|
|
|
1184
1184
|
// src/TokenClient.ts
|
|
1185
|
+
var localTimeByResponse = /* @__PURE__ */ new WeakMap();
|
|
1185
1186
|
var TokenClient = class {
|
|
1186
1187
|
constructor(_settings, _metadataService) {
|
|
1187
1188
|
this._settings = _settings;
|
|
@@ -1240,6 +1241,7 @@ var TokenClient = class {
|
|
|
1240
1241
|
}
|
|
1241
1242
|
const url = await this._metadataService.getTokenEndpoint(false);
|
|
1242
1243
|
logger2.debug("got token endpoint");
|
|
1244
|
+
const timeBefore = Date.now();
|
|
1243
1245
|
const response = await this._jsonService.postForm(url, {
|
|
1244
1246
|
body: params,
|
|
1245
1247
|
basicAuth,
|
|
@@ -1247,6 +1249,8 @@ var TokenClient = class {
|
|
|
1247
1249
|
initCredentials: this._settings.fetchRequestCredentials,
|
|
1248
1250
|
extraHeaders
|
|
1249
1251
|
});
|
|
1252
|
+
const timeAfter = Date.now();
|
|
1253
|
+
localTimeByResponse.set(response, Math.floor((timeBefore + timeAfter) / 2));
|
|
1250
1254
|
logger2.debug("got response");
|
|
1251
1255
|
return response;
|
|
1252
1256
|
}
|
|
@@ -1293,7 +1297,10 @@ var TokenClient = class {
|
|
|
1293
1297
|
}
|
|
1294
1298
|
const url = await this._metadataService.getTokenEndpoint(false);
|
|
1295
1299
|
logger2.debug("got token endpoint");
|
|
1300
|
+
const timeBefore = Date.now();
|
|
1296
1301
|
const response = await this._jsonService.postForm(url, { body: params, basicAuth, timeoutInSeconds: this._settings.requestTimeoutInSeconds, initCredentials: this._settings.fetchRequestCredentials });
|
|
1302
|
+
const timeAfter = Date.now();
|
|
1303
|
+
localTimeByResponse.set(response, Math.floor((timeBefore + timeAfter) / 2));
|
|
1297
1304
|
logger2.debug("got response");
|
|
1298
1305
|
return response;
|
|
1299
1306
|
}
|
|
@@ -1343,7 +1350,10 @@ var TokenClient = class {
|
|
|
1343
1350
|
}
|
|
1344
1351
|
const url = await this._metadataService.getTokenEndpoint(false);
|
|
1345
1352
|
logger2.debug("got token endpoint");
|
|
1353
|
+
const timeBefore = Date.now();
|
|
1346
1354
|
const response = await this._jsonService.postForm(url, { body: params, basicAuth, timeoutInSeconds, initCredentials: this._settings.fetchRequestCredentials, extraHeaders });
|
|
1355
|
+
const timeAfter = Date.now();
|
|
1356
|
+
localTimeByResponse.set(response, Math.floor((timeBefore + timeAfter) / 2));
|
|
1347
1357
|
logger2.debug("got response");
|
|
1348
1358
|
return response;
|
|
1349
1359
|
}
|
|
@@ -1498,6 +1508,13 @@ var ResponseValidator = class {
|
|
|
1498
1508
|
});
|
|
1499
1509
|
Object.assign(response, tokenResponse);
|
|
1500
1510
|
response.__oidc_spa_tokenResponse = tokenResponse;
|
|
1511
|
+
response.__oidc_spa_localTimeWhenTokenIssued = (() => {
|
|
1512
|
+
const time = localTimeByResponse.get(tokenResponse);
|
|
1513
|
+
if (time === void 0) {
|
|
1514
|
+
throw new Error("oidc-spa error in oidc-client-ts");
|
|
1515
|
+
}
|
|
1516
|
+
return time;
|
|
1517
|
+
})();
|
|
1501
1518
|
} else {
|
|
1502
1519
|
logger2.debug("No code to process");
|
|
1503
1520
|
}
|
|
@@ -1782,6 +1799,7 @@ var SigninResponse = class {
|
|
|
1782
1799
|
this.error_uri = params.get("error_uri");
|
|
1783
1800
|
this.code = params.get("code");
|
|
1784
1801
|
this.__oidc_spa_tokenResponse = void 0;
|
|
1802
|
+
this.__oidc_spa_localTimeWhenTokenIssued = void 0;
|
|
1785
1803
|
}
|
|
1786
1804
|
get expires_in() {
|
|
1787
1805
|
if (this.expires_at === void 0) {
|
|
@@ -2068,6 +2086,13 @@ var OidcClient = class {
|
|
|
2068
2086
|
const signinResponse = new SigninResponse(new URLSearchParams());
|
|
2069
2087
|
Object.assign(signinResponse, tokenResponse);
|
|
2070
2088
|
signinResponse.__oidc_spa_tokenResponse = tokenResponse;
|
|
2089
|
+
signinResponse.__oidc_spa_localTimeWhenTokenIssued = (() => {
|
|
2090
|
+
const time = localTimeByResponse.get(tokenResponse);
|
|
2091
|
+
if (time === void 0) {
|
|
2092
|
+
throw new Error("oidc-spa error in oidc-client-ts");
|
|
2093
|
+
}
|
|
2094
|
+
return time;
|
|
2095
|
+
})();
|
|
2071
2096
|
await this._validator.validateCredentialsResponse(signinResponse, skipUserInfo);
|
|
2072
2097
|
return signinResponse;
|
|
2073
2098
|
}
|
|
@@ -2125,6 +2150,13 @@ var OidcClient = class {
|
|
|
2125
2150
|
const response = new SigninResponse(new URLSearchParams());
|
|
2126
2151
|
Object.assign(response, result);
|
|
2127
2152
|
response.__oidc_spa_tokenResponse = result;
|
|
2153
|
+
response.__oidc_spa_localTimeWhenTokenIssued = (() => {
|
|
2154
|
+
const time = localTimeByResponse.get(result);
|
|
2155
|
+
if (time === void 0) {
|
|
2156
|
+
throw new Error("oidc-spa error in oidc-client-ts");
|
|
2157
|
+
}
|
|
2158
|
+
return time;
|
|
2159
|
+
})();
|
|
2128
2160
|
logger2.debug("validating response", response);
|
|
2129
2161
|
await this._validator.validateRefreshResponse(response, {
|
|
2130
2162
|
...state,
|
|
@@ -2356,6 +2388,7 @@ var User = class _User {
|
|
|
2356
2388
|
this.state = args.userState;
|
|
2357
2389
|
this.url_state = args.url_state;
|
|
2358
2390
|
this.__oidc_spa_tokenResponse = args.__oidc_spa_tokenResponse;
|
|
2391
|
+
this.__oidc_spa_localTimeWhenTokenIssued = args.__oidc_spa_localTimeWhenTokenIssued;
|
|
2359
2392
|
}
|
|
2360
2393
|
/** Computed number of seconds the access token has remaining. */
|
|
2361
2394
|
get expires_in() {
|
|
@@ -2393,7 +2426,8 @@ var User = class _User {
|
|
|
2393
2426
|
scope: this.scope,
|
|
2394
2427
|
profile: this.profile,
|
|
2395
2428
|
expires_at: this.expires_at,
|
|
2396
|
-
__oidc_spa_tokenResponse: this.__oidc_spa_tokenResponse
|
|
2429
|
+
__oidc_spa_tokenResponse: this.__oidc_spa_tokenResponse,
|
|
2430
|
+
__oidc_spa_localTimeWhenTokenIssued: this.__oidc_spa_localTimeWhenTokenIssued
|
|
2397
2431
|
});
|
|
2398
2432
|
}
|
|
2399
2433
|
static fromStorageString(storageString) {
|
|
@@ -3150,12 +3184,15 @@ var UserManager = class {
|
|
|
3150
3184
|
timeoutInSeconds: this.settings.silentRequestTimeoutInSeconds,
|
|
3151
3185
|
...args
|
|
3152
3186
|
});
|
|
3153
|
-
if (response.__oidc_spa_tokenResponse === void 0) {
|
|
3154
|
-
throw new Error(
|
|
3155
|
-
"Wrong Assertion Encountered: Error in oidc-spa mod of oidc-client-ts"
|
|
3156
|
-
);
|
|
3187
|
+
if (response.__oidc_spa_tokenResponse === void 0 || response.__oidc_spa_localTimeWhenTokenIssued === void 0) {
|
|
3188
|
+
throw new Error("Wrong Assertion Encountered: Error in oidc-spa mod of oidc-client-ts");
|
|
3157
3189
|
}
|
|
3158
|
-
const user = new User({
|
|
3190
|
+
const user = new User({
|
|
3191
|
+
...args.state,
|
|
3192
|
+
...response,
|
|
3193
|
+
__oidc_spa_tokenResponse: response.__oidc_spa_tokenResponse,
|
|
3194
|
+
__oidc_spa_localTimeWhenTokenIssued: response.__oidc_spa_localTimeWhenTokenIssued
|
|
3195
|
+
});
|
|
3159
3196
|
await this.storeUser(user);
|
|
3160
3197
|
await this._events.load(user);
|
|
3161
3198
|
return user;
|
|
@@ -3318,14 +3355,15 @@ var UserManager = class {
|
|
|
3318
3355
|
}
|
|
3319
3356
|
async _buildUser(signinResponse, verifySub) {
|
|
3320
3357
|
const logger2 = this._logger.create("_buildUser");
|
|
3321
|
-
if (signinResponse.__oidc_spa_tokenResponse === void 0) {
|
|
3358
|
+
if (signinResponse.__oidc_spa_tokenResponse === void 0 || signinResponse.__oidc_spa_localTimeWhenTokenIssued === void 0) {
|
|
3322
3359
|
throw new Error(
|
|
3323
3360
|
"Wrong Assertion Encountered: Error in oidc-spa mod of oidc-client-ts"
|
|
3324
3361
|
);
|
|
3325
3362
|
}
|
|
3326
3363
|
const user = new User({
|
|
3327
3364
|
...signinResponse,
|
|
3328
|
-
__oidc_spa_tokenResponse: signinResponse.__oidc_spa_tokenResponse
|
|
3365
|
+
__oidc_spa_tokenResponse: signinResponse.__oidc_spa_tokenResponse,
|
|
3366
|
+
__oidc_spa_localTimeWhenTokenIssued: signinResponse.__oidc_spa_localTimeWhenTokenIssued
|
|
3329
3367
|
});
|
|
3330
3368
|
if (verifySub) {
|
|
3331
3369
|
if (verifySub !== user.profile.sub) {
|