oidc-spa 7.3.0 → 7.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/core/createOidc.js +1 -1
- package/esm/core/createOidc.js +1 -1
- package/esm/keycloak/keycloak-js/Keycloak.d.ts +4 -0
- package/esm/keycloak/keycloak-js/Keycloak.js +148 -173
- package/esm/keycloak/keycloak-js/Keycloak.js.map +1 -1
- package/keycloak/keycloak-js/Keycloak.d.ts +4 -0
- package/keycloak/keycloak-js/Keycloak.js +148 -173
- package/keycloak/keycloak-js/Keycloak.js.map +1 -1
- package/package.json +1 -1
- package/src/keycloak/keycloak-js/Keycloak.ts +167 -228
package/core/createOidc.js
CHANGED
|
@@ -63,7 +63,7 @@ const isNewBrowserSession_1 = require("./isNewBrowserSession");
|
|
|
63
63
|
const getIsOnline_1 = require("../tools/getIsOnline");
|
|
64
64
|
const isKeycloak_1 = require("../keycloak/isKeycloak");
|
|
65
65
|
// NOTE: Replaced at build time
|
|
66
|
-
const VERSION = "7.3.
|
|
66
|
+
const VERSION = "7.3.1";
|
|
67
67
|
const globalContext = {
|
|
68
68
|
prOidcByConfigId: new Map(),
|
|
69
69
|
hasLogoutBeenCalled: (0, tsafe_1.id)(false),
|
package/esm/core/createOidc.js
CHANGED
|
@@ -26,7 +26,7 @@ import { createGetIsNewBrowserSession } from "./isNewBrowserSession";
|
|
|
26
26
|
import { getIsOnline } from "../tools/getIsOnline";
|
|
27
27
|
import { isKeycloak } from "../keycloak/isKeycloak";
|
|
28
28
|
// NOTE: Replaced at build time
|
|
29
|
-
const VERSION = "7.3.
|
|
29
|
+
const VERSION = "7.3.1";
|
|
30
30
|
const globalContext = {
|
|
31
31
|
prOidcByConfigId: new Map(),
|
|
32
32
|
hasLogoutBeenCalled: id(false),
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import type { KeycloakServerConfig, KeycloakInitOptions, KeycloakError, KeycloakLogoutOptions, KeycloakRoles, KeycloakTokenParsed, KeycloakResourceAccess, KeycloakProfile, KeycloakUserInfo, KeycloakLoginOptions, KeycloakRegisterOptions, KeycloakAccountOptions } from "./types";
|
|
2
|
+
import { type Oidc } from "../../core";
|
|
2
3
|
type ConstructorParams = KeycloakServerConfig & {
|
|
3
4
|
homeUrl: string;
|
|
4
5
|
};
|
|
@@ -10,6 +11,7 @@ type ConstructorParams = KeycloakServerConfig & {
|
|
|
10
11
|
* it is a full alternative implementation aligned with the `keycloak-js` API.
|
|
11
12
|
*/
|
|
12
13
|
export declare class Keycloak {
|
|
14
|
+
#private;
|
|
13
15
|
/**
|
|
14
16
|
* Creates a new Keycloak client instance.
|
|
15
17
|
* @param config A configuration object or path to a JSON config file.
|
|
@@ -278,5 +280,7 @@ export declare class Keycloak {
|
|
|
278
280
|
* @private Undocumented.
|
|
279
281
|
*/
|
|
280
282
|
loadUserInfo(): Promise<KeycloakUserInfo>;
|
|
283
|
+
/** Get the underlying oidc-spa instance */
|
|
284
|
+
get oidc(): Oidc<Record<string, unknown>>;
|
|
281
285
|
}
|
|
282
286
|
export {};
|
|
@@ -1,3 +1,15 @@
|
|
|
1
|
+
var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
|
|
2
|
+
if (kind === "m") throw new TypeError("Private method is not writable");
|
|
3
|
+
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
|
|
4
|
+
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
|
|
5
|
+
return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
|
|
6
|
+
};
|
|
7
|
+
var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
|
|
8
|
+
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
|
|
9
|
+
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
|
|
10
|
+
return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
|
|
11
|
+
};
|
|
12
|
+
var _Keycloak_state;
|
|
1
13
|
import { assert, is, isAmong } from "../../vendor/frontend/tsafe";
|
|
2
14
|
import { createOidc, OidcInitializationError } from "../../core";
|
|
3
15
|
import { Deferred } from "../../tools/Deferred";
|
|
@@ -6,7 +18,6 @@ import { createKeycloakUtils } from "../keycloakUtils";
|
|
|
6
18
|
import { workerTimers } from "../../vendor/frontend/worker-timers";
|
|
7
19
|
import { createStatefulEvt } from "../../tools/StatefulEvt";
|
|
8
20
|
import { readExpirationTimeInJwt } from "../../tools/readExpirationTimeInJwt";
|
|
9
|
-
const internalStateByInstance = new WeakMap();
|
|
10
21
|
/**
|
|
11
22
|
* This module provides a drop-in replacement for `keycloak-js`,
|
|
12
23
|
* designed for teams migrating to `oidc-spa` with minimal changes.
|
|
@@ -24,6 +35,7 @@ export class Keycloak {
|
|
|
24
35
|
* I'm not seeing the usecase when ran against keycloak right now so not doing it.
|
|
25
36
|
*/
|
|
26
37
|
constructor(params) {
|
|
38
|
+
_Keycloak_state.set(this, void 0);
|
|
27
39
|
/**
|
|
28
40
|
* Response mode passed in init (default value is `'fragment'`).
|
|
29
41
|
*
|
|
@@ -45,7 +57,7 @@ export class Keycloak {
|
|
|
45
57
|
*/
|
|
46
58
|
this.flow = "standard";
|
|
47
59
|
const issuerUri = `${params.url.replace(/\/$/, "")}/realms/${params.realm}`;
|
|
48
|
-
|
|
60
|
+
__classPrivateFieldSet(this, _Keycloak_state, {
|
|
49
61
|
constructorParams: params,
|
|
50
62
|
dInitialized: new Deferred(),
|
|
51
63
|
initOptions: undefined,
|
|
@@ -56,7 +68,7 @@ export class Keycloak {
|
|
|
56
68
|
profile: undefined,
|
|
57
69
|
userInfo: undefined,
|
|
58
70
|
$onTokenExpired: createStatefulEvt(() => undefined)
|
|
59
|
-
});
|
|
71
|
+
}, "f");
|
|
60
72
|
}
|
|
61
73
|
/**
|
|
62
74
|
* Called to initialize the adapter.
|
|
@@ -65,25 +77,23 @@ export class Keycloak {
|
|
|
65
77
|
*/
|
|
66
78
|
async init(initOptions = {}) {
|
|
67
79
|
const { onLoad = "check-sso", redirectUri, enableLogging, scope, locale } = initOptions;
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
if (internalState.initOptions !== undefined) {
|
|
71
|
-
if (JSON.stringify(internalState.initOptions) !== JSON.stringify(initOptions)) {
|
|
80
|
+
if (__classPrivateFieldGet(this, _Keycloak_state, "f").initOptions !== undefined) {
|
|
81
|
+
if (JSON.stringify(__classPrivateFieldGet(this, _Keycloak_state, "f").initOptions) !== JSON.stringify(initOptions)) {
|
|
72
82
|
throw new Error("Can't call init() multiple time with different params");
|
|
73
83
|
}
|
|
74
|
-
await
|
|
75
|
-
const { oidc } =
|
|
84
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
85
|
+
const { oidc } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
76
86
|
assert(oidc !== undefined);
|
|
77
87
|
return oidc.isUserLoggedIn;
|
|
78
88
|
}
|
|
79
|
-
|
|
80
|
-
const { constructorParams, issuerUri } =
|
|
89
|
+
__classPrivateFieldGet(this, _Keycloak_state, "f").initOptions = initOptions;
|
|
90
|
+
const { constructorParams, issuerUri } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
81
91
|
const autoLogin = onLoad === "login-required";
|
|
82
92
|
let hasCreateResolved = false;
|
|
83
93
|
const oidcOrError = await createOidc({
|
|
84
94
|
homeUrl: constructorParams.homeUrl,
|
|
85
95
|
issuerUri,
|
|
86
|
-
clientId:
|
|
96
|
+
clientId: __classPrivateFieldGet(this, _Keycloak_state, "f").constructorParams.clientId,
|
|
87
97
|
autoLogin,
|
|
88
98
|
postLoginRedirectUrl: redirectUri,
|
|
89
99
|
debugLogs: enableLogging,
|
|
@@ -112,75 +122,90 @@ export class Keycloak {
|
|
|
112
122
|
assert(false);
|
|
113
123
|
}
|
|
114
124
|
const oidc = oidcOrError;
|
|
115
|
-
internalState.oidc = oidc;
|
|
116
125
|
if (oidc.isUserLoggedIn) {
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
126
|
+
const tokens = await oidc.getTokens();
|
|
127
|
+
const onNewToken = (tokens_new) => {
|
|
128
|
+
__classPrivateFieldGet(this, _Keycloak_state, "f").tokens = tokens_new;
|
|
129
|
+
this.onAuthRefreshSuccess?.();
|
|
130
|
+
};
|
|
131
|
+
onNewToken(tokens);
|
|
132
|
+
oidc.subscribeToTokensChange(onNewToken);
|
|
133
|
+
}
|
|
134
|
+
__classPrivateFieldGet(this, _Keycloak_state, "f").oidc = oidc;
|
|
135
|
+
__classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.resolve();
|
|
136
|
+
this.onReady?.(oidc.isUserLoggedIn);
|
|
137
|
+
onAuthSuccess_call: {
|
|
138
|
+
if (!oidc.isUserLoggedIn) {
|
|
139
|
+
break onAuthSuccess_call;
|
|
125
140
|
}
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
if (onTokenExpired === undefined) {
|
|
132
|
-
return;
|
|
133
|
-
}
|
|
134
|
-
let timer = undefined;
|
|
135
|
-
const onNewToken = () => {
|
|
136
|
-
if (timer !== undefined) {
|
|
137
|
-
workerTimers.clearTimeout(timer);
|
|
138
|
-
}
|
|
139
|
-
const { tokens } = internalState;
|
|
140
|
-
assert(tokens !== undefined);
|
|
141
|
-
timer = workerTimers.setTimeout(() => {
|
|
142
|
-
onTokenExpired.call(this);
|
|
143
|
-
}, Math.max(tokens.accessTokenExpirationTime - Date.now() - 3000, 0));
|
|
144
|
-
};
|
|
145
|
-
onNewToken();
|
|
146
|
-
const { unsubscribe } = oidc.subscribeToTokensChange(onNewToken);
|
|
147
|
-
clear = () => {
|
|
148
|
-
if (timer !== undefined) {
|
|
149
|
-
workerTimers.clearTimeout(timer);
|
|
150
|
-
}
|
|
151
|
-
unsubscribe();
|
|
152
|
-
};
|
|
153
|
-
});
|
|
141
|
+
this.onAuthSuccess?.();
|
|
142
|
+
}
|
|
143
|
+
onAuthError_call: {
|
|
144
|
+
if (oidc.isUserLoggedIn) {
|
|
145
|
+
break onAuthError_call;
|
|
154
146
|
}
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
break onActionUpdate_call;
|
|
158
|
-
}
|
|
159
|
-
const { backFromAuthServer } = oidc;
|
|
160
|
-
if (backFromAuthServer === undefined) {
|
|
161
|
-
break onActionUpdate_call;
|
|
162
|
-
}
|
|
163
|
-
const status = backFromAuthServer.result.kc_action_status;
|
|
164
|
-
if (!isAmong(["success", "cancelled", "error"], status)) {
|
|
165
|
-
break onActionUpdate_call;
|
|
166
|
-
}
|
|
167
|
-
const action = backFromAuthServer.extraQueryParams.kc_action;
|
|
168
|
-
if (action === undefined) {
|
|
169
|
-
break onActionUpdate_call;
|
|
170
|
-
}
|
|
171
|
-
this.onActionUpdate(status, action);
|
|
147
|
+
if (oidc.initializationError === undefined) {
|
|
148
|
+
break onAuthError_call;
|
|
172
149
|
}
|
|
173
|
-
}
|
|
174
|
-
if (!oidc.isUserLoggedIn && oidc.initializationError !== undefined) {
|
|
175
150
|
this.onAuthError?.({
|
|
176
151
|
error: oidc.initializationError.name,
|
|
177
152
|
error_description: oidc.initializationError.message
|
|
178
153
|
});
|
|
179
154
|
}
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
|
|
155
|
+
onActionUpdate_call: {
|
|
156
|
+
if (!oidc.isUserLoggedIn) {
|
|
157
|
+
break onActionUpdate_call;
|
|
158
|
+
}
|
|
159
|
+
if (this.onActionUpdate === undefined) {
|
|
160
|
+
break onActionUpdate_call;
|
|
161
|
+
}
|
|
162
|
+
const { backFromAuthServer } = oidc;
|
|
163
|
+
if (backFromAuthServer === undefined) {
|
|
164
|
+
break onActionUpdate_call;
|
|
165
|
+
}
|
|
166
|
+
const status = backFromAuthServer.result.kc_action_status;
|
|
167
|
+
if (!isAmong(["success", "cancelled", "error"], status)) {
|
|
168
|
+
break onActionUpdate_call;
|
|
169
|
+
}
|
|
170
|
+
const action = backFromAuthServer.extraQueryParams.kc_action;
|
|
171
|
+
if (action === undefined) {
|
|
172
|
+
break onActionUpdate_call;
|
|
173
|
+
}
|
|
174
|
+
this.onActionUpdate(status, action);
|
|
175
|
+
}
|
|
176
|
+
schedule_onTokenExpired_call: {
|
|
177
|
+
if (!oidc.isUserLoggedIn) {
|
|
178
|
+
break schedule_onTokenExpired_call;
|
|
179
|
+
}
|
|
180
|
+
const { $onTokenExpired } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
181
|
+
let clear = undefined;
|
|
182
|
+
const next = (onTokenExpired) => {
|
|
183
|
+
clear?.();
|
|
184
|
+
if (onTokenExpired === undefined) {
|
|
185
|
+
return;
|
|
186
|
+
}
|
|
187
|
+
let timer = undefined;
|
|
188
|
+
const onNewToken = () => {
|
|
189
|
+
if (timer !== undefined) {
|
|
190
|
+
workerTimers.clearTimeout(timer);
|
|
191
|
+
}
|
|
192
|
+
const { tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
193
|
+
assert(tokens !== undefined);
|
|
194
|
+
timer = workerTimers.setTimeout(() => {
|
|
195
|
+
onTokenExpired.call(this);
|
|
196
|
+
}, Math.max(tokens.accessTokenExpirationTime - tokens.getServerDateNow() - 3000, 0));
|
|
197
|
+
};
|
|
198
|
+
onNewToken();
|
|
199
|
+
const { unsubscribe } = oidc.subscribeToTokensChange(onNewToken);
|
|
200
|
+
clear = () => {
|
|
201
|
+
if (timer !== undefined) {
|
|
202
|
+
workerTimers.clearTimeout(timer);
|
|
203
|
+
}
|
|
204
|
+
unsubscribe();
|
|
205
|
+
};
|
|
206
|
+
};
|
|
207
|
+
next($onTokenExpired.current);
|
|
208
|
+
$onTokenExpired.subscribe(next);
|
|
184
209
|
}
|
|
185
210
|
return oidc.isUserLoggedIn;
|
|
186
211
|
}
|
|
@@ -191,9 +216,7 @@ export class Keycloak {
|
|
|
191
216
|
if (!this.didInitialize) {
|
|
192
217
|
return false;
|
|
193
218
|
}
|
|
194
|
-
const
|
|
195
|
-
assert(internalState !== undefined);
|
|
196
|
-
const { oidc } = internalState;
|
|
219
|
+
const { oidc } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
197
220
|
assert(oidc !== undefined);
|
|
198
221
|
return oidc.isUserLoggedIn;
|
|
199
222
|
}
|
|
@@ -204,9 +227,7 @@ export class Keycloak {
|
|
|
204
227
|
if (!this.didInitialize) {
|
|
205
228
|
return undefined;
|
|
206
229
|
}
|
|
207
|
-
const
|
|
208
|
-
assert(internalState !== undefined);
|
|
209
|
-
const { oidc, tokens } = internalState;
|
|
230
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
210
231
|
assert(oidc !== undefined);
|
|
211
232
|
if (!oidc.isUserLoggedIn) {
|
|
212
233
|
console.warn("Trying to read keycloak.subject when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -222,9 +243,7 @@ export class Keycloak {
|
|
|
222
243
|
if (!this.didInitialize) {
|
|
223
244
|
return undefined;
|
|
224
245
|
}
|
|
225
|
-
const
|
|
226
|
-
assert(internalState !== undefined);
|
|
227
|
-
const { oidc, tokens } = internalState;
|
|
246
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
228
247
|
assert(oidc !== undefined);
|
|
229
248
|
if (!oidc.isUserLoggedIn) {
|
|
230
249
|
console.warn("Trying to read keycloak.realAccess when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -241,9 +260,7 @@ export class Keycloak {
|
|
|
241
260
|
if (!this.didInitialize) {
|
|
242
261
|
return undefined;
|
|
243
262
|
}
|
|
244
|
-
const
|
|
245
|
-
assert(internalState !== undefined);
|
|
246
|
-
const { oidc, tokens } = internalState;
|
|
263
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
247
264
|
assert(oidc !== undefined);
|
|
248
265
|
if (!oidc.isUserLoggedIn) {
|
|
249
266
|
console.warn("Trying to read keycloak.resourceAccess when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -258,12 +275,10 @@ export class Keycloak {
|
|
|
258
275
|
* requests to services.
|
|
259
276
|
*/
|
|
260
277
|
get token() {
|
|
261
|
-
const internalState = internalStateByInstance.get(this);
|
|
262
|
-
assert(internalState !== undefined);
|
|
263
278
|
if (!this.didInitialize) {
|
|
264
|
-
return
|
|
279
|
+
return __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions?.token;
|
|
265
280
|
}
|
|
266
|
-
const { oidc, tokens } =
|
|
281
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
267
282
|
assert(oidc !== undefined);
|
|
268
283
|
if (!oidc.isUserLoggedIn) {
|
|
269
284
|
console.warn("Trying to read keycloak.token when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -276,16 +291,14 @@ export class Keycloak {
|
|
|
276
291
|
* The parsed token as a JavaScript object.
|
|
277
292
|
*/
|
|
278
293
|
get tokenParsed() {
|
|
279
|
-
const internalState = internalStateByInstance.get(this);
|
|
280
|
-
assert(internalState !== undefined);
|
|
281
294
|
if (!this.didInitialize) {
|
|
282
|
-
const { token } =
|
|
295
|
+
const { token } = __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions ?? {};
|
|
283
296
|
if (token === undefined) {
|
|
284
297
|
return undefined;
|
|
285
298
|
}
|
|
286
299
|
return decodeJwt(token);
|
|
287
300
|
}
|
|
288
|
-
const { oidc, tokens } =
|
|
301
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
289
302
|
assert(oidc !== undefined);
|
|
290
303
|
if (!oidc.isUserLoggedIn) {
|
|
291
304
|
console.warn("Trying to read keycloak.tokenParsed when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -298,12 +311,10 @@ export class Keycloak {
|
|
|
298
311
|
* The base64 encoded refresh token that can be used to retrieve a new token.
|
|
299
312
|
*/
|
|
300
313
|
get refreshToken() {
|
|
301
|
-
const internalState = internalStateByInstance.get(this);
|
|
302
|
-
assert(internalState !== undefined);
|
|
303
314
|
if (!this.didInitialize) {
|
|
304
|
-
return
|
|
315
|
+
return __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions?.refreshToken;
|
|
305
316
|
}
|
|
306
|
-
const { oidc, tokens } =
|
|
317
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
307
318
|
assert(oidc !== undefined);
|
|
308
319
|
if (!oidc.isUserLoggedIn) {
|
|
309
320
|
console.warn("Trying to read keycloak.refreshToken when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -316,16 +327,14 @@ export class Keycloak {
|
|
|
316
327
|
* The parsed refresh token as a JavaScript object.
|
|
317
328
|
*/
|
|
318
329
|
get refreshTokenParsed() {
|
|
319
|
-
const internalState = internalStateByInstance.get(this);
|
|
320
|
-
assert(internalState !== undefined);
|
|
321
330
|
if (!this.didInitialize) {
|
|
322
|
-
const { refreshToken } =
|
|
331
|
+
const { refreshToken } = __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions ?? {};
|
|
323
332
|
if (refreshToken === undefined) {
|
|
324
333
|
return undefined;
|
|
325
334
|
}
|
|
326
335
|
return decodeJwt(refreshToken);
|
|
327
336
|
}
|
|
328
|
-
const { oidc, tokens } =
|
|
337
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
329
338
|
assert(oidc !== undefined);
|
|
330
339
|
if (!oidc.isUserLoggedIn) {
|
|
331
340
|
console.warn("Trying to read keycloak.refreshTokenParsed when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -341,12 +350,10 @@ export class Keycloak {
|
|
|
341
350
|
* The base64 encoded ID token.
|
|
342
351
|
*/
|
|
343
352
|
get idToken() {
|
|
344
|
-
const internalState = internalStateByInstance.get(this);
|
|
345
|
-
assert(internalState !== undefined);
|
|
346
353
|
if (!this.didInitialize) {
|
|
347
|
-
return
|
|
354
|
+
return __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions?.idToken;
|
|
348
355
|
}
|
|
349
|
-
const { oidc, tokens } =
|
|
356
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
350
357
|
assert(oidc !== undefined);
|
|
351
358
|
if (!oidc.isUserLoggedIn) {
|
|
352
359
|
console.warn("Trying to read keycloak.idToken when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -359,16 +366,14 @@ export class Keycloak {
|
|
|
359
366
|
* The parsed id token as a JavaScript object.
|
|
360
367
|
*/
|
|
361
368
|
get idTokenParsed() {
|
|
362
|
-
const internalState = internalStateByInstance.get(this);
|
|
363
|
-
assert(internalState !== undefined);
|
|
364
369
|
if (!this.didInitialize) {
|
|
365
|
-
const { idToken } =
|
|
370
|
+
const { idToken } = __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions ?? {};
|
|
366
371
|
if (idToken === undefined) {
|
|
367
372
|
return undefined;
|
|
368
373
|
}
|
|
369
374
|
return decodeJwt(idToken);
|
|
370
375
|
}
|
|
371
|
-
const { oidc, tokens } =
|
|
376
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
372
377
|
assert(oidc !== undefined);
|
|
373
378
|
if (!oidc.isUserLoggedIn) {
|
|
374
379
|
console.warn("Trying to read keycloak.idTokenParsed when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -384,16 +389,14 @@ export class Keycloak {
|
|
|
384
389
|
* enough when determining if a token is expired or not.
|
|
385
390
|
*/
|
|
386
391
|
get timeSkew() {
|
|
387
|
-
const internalState = internalStateByInstance.get(this);
|
|
388
|
-
assert(internalState !== undefined);
|
|
389
392
|
if (!this.didInitialize) {
|
|
390
|
-
const { timeSkew } =
|
|
393
|
+
const { timeSkew } = __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions ?? {};
|
|
391
394
|
if (timeSkew === undefined) {
|
|
392
395
|
return null;
|
|
393
396
|
}
|
|
394
397
|
return timeSkew;
|
|
395
398
|
}
|
|
396
|
-
const { oidc, tokens } =
|
|
399
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
397
400
|
assert(oidc !== undefined);
|
|
398
401
|
if (!oidc.isUserLoggedIn) {
|
|
399
402
|
console.warn("Trying to read keycloak.timeSkew when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -406,17 +409,13 @@ export class Keycloak {
|
|
|
406
409
|
* Whether the instance has been initialized by calling `.init()`.
|
|
407
410
|
*/
|
|
408
411
|
get didInitialize() {
|
|
409
|
-
|
|
410
|
-
assert(internalState !== undefined);
|
|
411
|
-
return internalState.oidc !== undefined;
|
|
412
|
+
return __classPrivateFieldGet(this, _Keycloak_state, "f").oidc !== undefined;
|
|
412
413
|
}
|
|
413
414
|
/**
|
|
414
415
|
* @private Undocumented.
|
|
415
416
|
*/
|
|
416
417
|
get loginRequired() {
|
|
417
|
-
const
|
|
418
|
-
assert(internalState !== undefined);
|
|
419
|
-
const { initOptions } = internalState;
|
|
418
|
+
const { initOptions } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
420
419
|
if (initOptions === undefined) {
|
|
421
420
|
return false;
|
|
422
421
|
}
|
|
@@ -426,36 +425,28 @@ export class Keycloak {
|
|
|
426
425
|
* @private Undocumented.
|
|
427
426
|
*/
|
|
428
427
|
get authServerUrl() {
|
|
429
|
-
const
|
|
430
|
-
assert(internalState !== undefined);
|
|
431
|
-
const { keycloakUtils: { issuerUriParsed } } = internalState;
|
|
428
|
+
const { keycloakUtils: { issuerUriParsed } } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
432
429
|
return `${issuerUriParsed.origin}${issuerUriParsed.kcHttpRelativePath}`;
|
|
433
430
|
}
|
|
434
431
|
/**
|
|
435
432
|
* @private Undocumented.
|
|
436
433
|
*/
|
|
437
434
|
get realm() {
|
|
438
|
-
const
|
|
439
|
-
assert(internalState !== undefined);
|
|
440
|
-
const { keycloakUtils: { issuerUriParsed } } = internalState;
|
|
435
|
+
const { keycloakUtils: { issuerUriParsed } } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
441
436
|
return issuerUriParsed.realm;
|
|
442
437
|
}
|
|
443
438
|
/**
|
|
444
439
|
* @private Undocumented.
|
|
445
440
|
*/
|
|
446
441
|
get clientId() {
|
|
447
|
-
const
|
|
448
|
-
assert(internalState !== undefined);
|
|
449
|
-
const { constructorParams } = internalState;
|
|
442
|
+
const { constructorParams } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
450
443
|
return constructorParams.clientId;
|
|
451
444
|
}
|
|
452
445
|
/**
|
|
453
446
|
* @private Undocumented.
|
|
454
447
|
*/
|
|
455
448
|
get redirectUri() {
|
|
456
|
-
const
|
|
457
|
-
assert(internalState !== undefined);
|
|
458
|
-
const { initOptions } = internalState;
|
|
449
|
+
const { initOptions } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
459
450
|
if (initOptions === undefined) {
|
|
460
451
|
return undefined;
|
|
461
452
|
}
|
|
@@ -468,9 +459,7 @@ export class Keycloak {
|
|
|
468
459
|
if (!this.didInitialize) {
|
|
469
460
|
return undefined;
|
|
470
461
|
}
|
|
471
|
-
const
|
|
472
|
-
assert(internalState !== undefined);
|
|
473
|
-
const { oidc, tokens } = internalState;
|
|
462
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
474
463
|
assert(oidc !== undefined);
|
|
475
464
|
if (!oidc.isUserLoggedIn) {
|
|
476
465
|
console.warn("Trying to read keycloak.sessionId when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -485,18 +474,14 @@ export class Keycloak {
|
|
|
485
474
|
* @private Undocumented.
|
|
486
475
|
*/
|
|
487
476
|
get profile() {
|
|
488
|
-
const
|
|
489
|
-
assert(internalState !== undefined);
|
|
490
|
-
const { profile } = internalState;
|
|
477
|
+
const { profile } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
491
478
|
return profile;
|
|
492
479
|
}
|
|
493
480
|
/**
|
|
494
481
|
* @private Undocumented.
|
|
495
482
|
*/
|
|
496
483
|
get userInfo() {
|
|
497
|
-
const
|
|
498
|
-
assert(internalState !== undefined);
|
|
499
|
-
const { userInfo } = internalState;
|
|
484
|
+
const { userInfo } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
500
485
|
return userInfo;
|
|
501
486
|
}
|
|
502
487
|
/**
|
|
@@ -519,15 +504,11 @@ export class Keycloak {
|
|
|
519
504
|
* obtain a new access token.
|
|
520
505
|
*/
|
|
521
506
|
set onTokenExpired(value) {
|
|
522
|
-
const
|
|
523
|
-
assert(internalState !== undefined);
|
|
524
|
-
const { $onTokenExpired } = internalState;
|
|
507
|
+
const { $onTokenExpired } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
525
508
|
$onTokenExpired.current = value;
|
|
526
509
|
}
|
|
527
510
|
get onTokenExpired() {
|
|
528
|
-
const
|
|
529
|
-
assert(internalState !== undefined);
|
|
530
|
-
const { $onTokenExpired } = internalState;
|
|
511
|
+
const { $onTokenExpired } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
531
512
|
return $onTokenExpired.current;
|
|
532
513
|
}
|
|
533
514
|
/**
|
|
@@ -536,12 +517,10 @@ export class Keycloak {
|
|
|
536
517
|
*/
|
|
537
518
|
async login(options) {
|
|
538
519
|
const { redirectUri, action, loginHint, acr, acrValues, idpHint, locale, doesCurrentHrefRequiresAuth } = options ?? {};
|
|
539
|
-
const internalState = internalStateByInstance.get(this);
|
|
540
|
-
assert(internalState !== undefined);
|
|
541
520
|
if (!this.didInitialize) {
|
|
542
|
-
await
|
|
521
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
543
522
|
}
|
|
544
|
-
const { oidc, keycloakUtils } =
|
|
523
|
+
const { oidc, keycloakUtils } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
545
524
|
assert(oidc !== undefined);
|
|
546
525
|
const extraQueryParams_commons = {
|
|
547
526
|
claims: acr === undefined
|
|
@@ -587,12 +566,10 @@ export class Keycloak {
|
|
|
587
566
|
* @param options Logout options.
|
|
588
567
|
*/
|
|
589
568
|
async logout(options) {
|
|
590
|
-
const internalState = internalStateByInstance.get(this);
|
|
591
|
-
assert(internalState !== undefined);
|
|
592
569
|
if (!this.didInitialize) {
|
|
593
|
-
await
|
|
570
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
594
571
|
}
|
|
595
|
-
const { oidc, initOptions } =
|
|
572
|
+
const { oidc, initOptions } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
596
573
|
assert(oidc !== undefined);
|
|
597
574
|
assert(initOptions !== undefined);
|
|
598
575
|
assert(oidc.isUserLoggedIn, "The user is not currently logged in");
|
|
@@ -652,9 +629,7 @@ export class Keycloak {
|
|
|
652
629
|
*/
|
|
653
630
|
createAccountUrl(options) {
|
|
654
631
|
const { locale, redirectUri } = options ?? {};
|
|
655
|
-
const
|
|
656
|
-
assert(internalState !== undefined);
|
|
657
|
-
const { keycloakUtils } = internalState;
|
|
632
|
+
const { keycloakUtils } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
658
633
|
return keycloakUtils.getAccountUrl({
|
|
659
634
|
clientId: this.clientId,
|
|
660
635
|
backToAppFromAccountUrl: redirectUri ?? location.href,
|
|
@@ -667,8 +642,6 @@ export class Keycloak {
|
|
|
667
642
|
* @param minValidity If not specified, `0` is used.
|
|
668
643
|
*/
|
|
669
644
|
isTokenExpired(minValidity = 0) {
|
|
670
|
-
const internalState = internalStateByInstance.get(this);
|
|
671
|
-
assert(internalState !== undefined);
|
|
672
645
|
let accessTokenExpirationTime;
|
|
673
646
|
if (!this.didInitialize) {
|
|
674
647
|
const fakeAccessToken = this.token;
|
|
@@ -680,7 +653,7 @@ export class Keycloak {
|
|
|
680
653
|
accessTokenExpirationTime = time;
|
|
681
654
|
}
|
|
682
655
|
else {
|
|
683
|
-
const { tokens } =
|
|
656
|
+
const { tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
684
657
|
assert(tokens !== undefined);
|
|
685
658
|
accessTokenExpirationTime = tokens.accessTokenExpirationTime;
|
|
686
659
|
}
|
|
@@ -709,12 +682,10 @@ export class Keycloak {
|
|
|
709
682
|
* });
|
|
710
683
|
*/
|
|
711
684
|
async updateToken(minValidity = 5) {
|
|
712
|
-
const internalState = internalStateByInstance.get(this);
|
|
713
|
-
assert(internalState !== undefined);
|
|
714
685
|
if (!this.didInitialize) {
|
|
715
|
-
await
|
|
686
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
716
687
|
}
|
|
717
|
-
const { oidc } =
|
|
688
|
+
const { oidc } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
718
689
|
assert(oidc !== undefined);
|
|
719
690
|
assert(oidc.isUserLoggedIn, "updateToken called too early");
|
|
720
691
|
if (!this.isTokenExpired(minValidity)) {
|
|
@@ -760,31 +731,35 @@ export class Keycloak {
|
|
|
760
731
|
* @returns A promise to set functions to be invoked on success or error.
|
|
761
732
|
*/
|
|
762
733
|
async loadUserProfile() {
|
|
763
|
-
const internalState = internalStateByInstance.get(this);
|
|
764
|
-
assert(internalState !== undefined);
|
|
765
734
|
if (!this.didInitialize) {
|
|
766
|
-
await
|
|
735
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
767
736
|
}
|
|
768
|
-
const { oidc, keycloakUtils } =
|
|
737
|
+
const { oidc, keycloakUtils } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
769
738
|
assert(oidc !== undefined);
|
|
770
739
|
assert(oidc.isUserLoggedIn, "Can't load userProfile if user not authenticated");
|
|
771
740
|
const { accessToken } = await oidc.getTokens();
|
|
772
|
-
return (
|
|
741
|
+
return (__classPrivateFieldGet(this, _Keycloak_state, "f").profile = await keycloakUtils.fetchUserProfile({ accessToken }));
|
|
773
742
|
}
|
|
774
743
|
/**
|
|
775
744
|
* @private Undocumented.
|
|
776
745
|
*/
|
|
777
746
|
async loadUserInfo() {
|
|
778
|
-
const internalState = internalStateByInstance.get(this);
|
|
779
|
-
assert(internalState !== undefined);
|
|
780
747
|
if (!this.didInitialize) {
|
|
781
|
-
await
|
|
748
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
782
749
|
}
|
|
783
|
-
const { oidc, keycloakUtils } =
|
|
750
|
+
const { oidc, keycloakUtils } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
784
751
|
assert(oidc !== undefined);
|
|
785
752
|
assert(oidc.isUserLoggedIn, "Can't load userInfo if user not authenticated");
|
|
786
753
|
const { accessToken } = await oidc.getTokens();
|
|
787
|
-
return (
|
|
754
|
+
return (__classPrivateFieldGet(this, _Keycloak_state, "f").userInfo = await keycloakUtils.fetchUserInfo({ accessToken }));
|
|
755
|
+
}
|
|
756
|
+
/** Get the underlying oidc-spa instance */
|
|
757
|
+
get oidc() {
|
|
758
|
+
assert(this.didInitialize, "Cannot get keycloak.oidc before the init() method was called and have resolved.");
|
|
759
|
+
const { oidc } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
760
|
+
assert(oidc !== undefined);
|
|
761
|
+
return oidc;
|
|
788
762
|
}
|
|
789
763
|
}
|
|
764
|
+
_Keycloak_state = new WeakMap();
|
|
790
765
|
//# sourceMappingURL=Keycloak.js.map
|