oidc-spa 7.3.0 → 7.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/core/createOidc.js +1 -1
- package/esm/core/createOidc.js +1 -1
- package/esm/keycloak/keycloak-js/Keycloak.d.ts +4 -0
- package/esm/keycloak/keycloak-js/Keycloak.js +148 -173
- package/esm/keycloak/keycloak-js/Keycloak.js.map +1 -1
- package/keycloak/keycloak-js/Keycloak.d.ts +4 -0
- package/keycloak/keycloak-js/Keycloak.js +148 -173
- package/keycloak/keycloak-js/Keycloak.js.map +1 -1
- package/package.json +1 -1
- package/src/keycloak/keycloak-js/Keycloak.ts +167 -228
|
@@ -1,4 +1,16 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
|
|
3
|
+
if (kind === "m") throw new TypeError("Private method is not writable");
|
|
4
|
+
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
|
|
5
|
+
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
|
|
6
|
+
return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
|
|
7
|
+
};
|
|
8
|
+
var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
|
|
9
|
+
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
|
|
10
|
+
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
|
|
11
|
+
return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
|
|
12
|
+
};
|
|
13
|
+
var _Keycloak_state;
|
|
2
14
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
15
|
exports.Keycloak = void 0;
|
|
4
16
|
const tsafe_1 = require("../../vendor/frontend/tsafe");
|
|
@@ -9,7 +21,6 @@ const keycloakUtils_1 = require("../keycloakUtils");
|
|
|
9
21
|
const worker_timers_1 = require("../../vendor/frontend/worker-timers");
|
|
10
22
|
const StatefulEvt_1 = require("../../tools/StatefulEvt");
|
|
11
23
|
const readExpirationTimeInJwt_1 = require("../../tools/readExpirationTimeInJwt");
|
|
12
|
-
const internalStateByInstance = new WeakMap();
|
|
13
24
|
/**
|
|
14
25
|
* This module provides a drop-in replacement for `keycloak-js`,
|
|
15
26
|
* designed for teams migrating to `oidc-spa` with minimal changes.
|
|
@@ -27,6 +38,7 @@ class Keycloak {
|
|
|
27
38
|
* I'm not seeing the usecase when ran against keycloak right now so not doing it.
|
|
28
39
|
*/
|
|
29
40
|
constructor(params) {
|
|
41
|
+
_Keycloak_state.set(this, void 0);
|
|
30
42
|
/**
|
|
31
43
|
* Response mode passed in init (default value is `'fragment'`).
|
|
32
44
|
*
|
|
@@ -48,7 +60,7 @@ class Keycloak {
|
|
|
48
60
|
*/
|
|
49
61
|
this.flow = "standard";
|
|
50
62
|
const issuerUri = `${params.url.replace(/\/$/, "")}/realms/${params.realm}`;
|
|
51
|
-
|
|
63
|
+
__classPrivateFieldSet(this, _Keycloak_state, {
|
|
52
64
|
constructorParams: params,
|
|
53
65
|
dInitialized: new Deferred_1.Deferred(),
|
|
54
66
|
initOptions: undefined,
|
|
@@ -59,7 +71,7 @@ class Keycloak {
|
|
|
59
71
|
profile: undefined,
|
|
60
72
|
userInfo: undefined,
|
|
61
73
|
$onTokenExpired: (0, StatefulEvt_1.createStatefulEvt)(() => undefined)
|
|
62
|
-
});
|
|
74
|
+
}, "f");
|
|
63
75
|
}
|
|
64
76
|
/**
|
|
65
77
|
* Called to initialize the adapter.
|
|
@@ -68,25 +80,23 @@ class Keycloak {
|
|
|
68
80
|
*/
|
|
69
81
|
async init(initOptions = {}) {
|
|
70
82
|
const { onLoad = "check-sso", redirectUri, enableLogging, scope, locale } = initOptions;
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
if (internalState.initOptions !== undefined) {
|
|
74
|
-
if (JSON.stringify(internalState.initOptions) !== JSON.stringify(initOptions)) {
|
|
83
|
+
if (__classPrivateFieldGet(this, _Keycloak_state, "f").initOptions !== undefined) {
|
|
84
|
+
if (JSON.stringify(__classPrivateFieldGet(this, _Keycloak_state, "f").initOptions) !== JSON.stringify(initOptions)) {
|
|
75
85
|
throw new Error("Can't call init() multiple time with different params");
|
|
76
86
|
}
|
|
77
|
-
await
|
|
78
|
-
const { oidc } =
|
|
87
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
88
|
+
const { oidc } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
79
89
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
80
90
|
return oidc.isUserLoggedIn;
|
|
81
91
|
}
|
|
82
|
-
|
|
83
|
-
const { constructorParams, issuerUri } =
|
|
92
|
+
__classPrivateFieldGet(this, _Keycloak_state, "f").initOptions = initOptions;
|
|
93
|
+
const { constructorParams, issuerUri } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
84
94
|
const autoLogin = onLoad === "login-required";
|
|
85
95
|
let hasCreateResolved = false;
|
|
86
96
|
const oidcOrError = await (0, core_1.createOidc)({
|
|
87
97
|
homeUrl: constructorParams.homeUrl,
|
|
88
98
|
issuerUri,
|
|
89
|
-
clientId:
|
|
99
|
+
clientId: __classPrivateFieldGet(this, _Keycloak_state, "f").constructorParams.clientId,
|
|
90
100
|
autoLogin,
|
|
91
101
|
postLoginRedirectUrl: redirectUri,
|
|
92
102
|
debugLogs: enableLogging,
|
|
@@ -115,75 +125,90 @@ class Keycloak {
|
|
|
115
125
|
(0, tsafe_1.assert)(false);
|
|
116
126
|
}
|
|
117
127
|
const oidc = oidcOrError;
|
|
118
|
-
internalState.oidc = oidc;
|
|
119
128
|
if (oidc.isUserLoggedIn) {
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
129
|
+
const tokens = await oidc.getTokens();
|
|
130
|
+
const onNewToken = (tokens_new) => {
|
|
131
|
+
__classPrivateFieldGet(this, _Keycloak_state, "f").tokens = tokens_new;
|
|
132
|
+
this.onAuthRefreshSuccess?.();
|
|
133
|
+
};
|
|
134
|
+
onNewToken(tokens);
|
|
135
|
+
oidc.subscribeToTokensChange(onNewToken);
|
|
136
|
+
}
|
|
137
|
+
__classPrivateFieldGet(this, _Keycloak_state, "f").oidc = oidc;
|
|
138
|
+
__classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.resolve();
|
|
139
|
+
this.onReady?.(oidc.isUserLoggedIn);
|
|
140
|
+
onAuthSuccess_call: {
|
|
141
|
+
if (!oidc.isUserLoggedIn) {
|
|
142
|
+
break onAuthSuccess_call;
|
|
128
143
|
}
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
if (onTokenExpired === undefined) {
|
|
135
|
-
return;
|
|
136
|
-
}
|
|
137
|
-
let timer = undefined;
|
|
138
|
-
const onNewToken = () => {
|
|
139
|
-
if (timer !== undefined) {
|
|
140
|
-
worker_timers_1.workerTimers.clearTimeout(timer);
|
|
141
|
-
}
|
|
142
|
-
const { tokens } = internalState;
|
|
143
|
-
(0, tsafe_1.assert)(tokens !== undefined);
|
|
144
|
-
timer = worker_timers_1.workerTimers.setTimeout(() => {
|
|
145
|
-
onTokenExpired.call(this);
|
|
146
|
-
}, Math.max(tokens.accessTokenExpirationTime - Date.now() - 3000, 0));
|
|
147
|
-
};
|
|
148
|
-
onNewToken();
|
|
149
|
-
const { unsubscribe } = oidc.subscribeToTokensChange(onNewToken);
|
|
150
|
-
clear = () => {
|
|
151
|
-
if (timer !== undefined) {
|
|
152
|
-
worker_timers_1.workerTimers.clearTimeout(timer);
|
|
153
|
-
}
|
|
154
|
-
unsubscribe();
|
|
155
|
-
};
|
|
156
|
-
});
|
|
144
|
+
this.onAuthSuccess?.();
|
|
145
|
+
}
|
|
146
|
+
onAuthError_call: {
|
|
147
|
+
if (oidc.isUserLoggedIn) {
|
|
148
|
+
break onAuthError_call;
|
|
157
149
|
}
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
break onActionUpdate_call;
|
|
161
|
-
}
|
|
162
|
-
const { backFromAuthServer } = oidc;
|
|
163
|
-
if (backFromAuthServer === undefined) {
|
|
164
|
-
break onActionUpdate_call;
|
|
165
|
-
}
|
|
166
|
-
const status = backFromAuthServer.result.kc_action_status;
|
|
167
|
-
if (!(0, tsafe_1.isAmong)(["success", "cancelled", "error"], status)) {
|
|
168
|
-
break onActionUpdate_call;
|
|
169
|
-
}
|
|
170
|
-
const action = backFromAuthServer.extraQueryParams.kc_action;
|
|
171
|
-
if (action === undefined) {
|
|
172
|
-
break onActionUpdate_call;
|
|
173
|
-
}
|
|
174
|
-
this.onActionUpdate(status, action);
|
|
150
|
+
if (oidc.initializationError === undefined) {
|
|
151
|
+
break onAuthError_call;
|
|
175
152
|
}
|
|
176
|
-
}
|
|
177
|
-
if (!oidc.isUserLoggedIn && oidc.initializationError !== undefined) {
|
|
178
153
|
this.onAuthError?.({
|
|
179
154
|
error: oidc.initializationError.name,
|
|
180
155
|
error_description: oidc.initializationError.message
|
|
181
156
|
});
|
|
182
157
|
}
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
158
|
+
onActionUpdate_call: {
|
|
159
|
+
if (!oidc.isUserLoggedIn) {
|
|
160
|
+
break onActionUpdate_call;
|
|
161
|
+
}
|
|
162
|
+
if (this.onActionUpdate === undefined) {
|
|
163
|
+
break onActionUpdate_call;
|
|
164
|
+
}
|
|
165
|
+
const { backFromAuthServer } = oidc;
|
|
166
|
+
if (backFromAuthServer === undefined) {
|
|
167
|
+
break onActionUpdate_call;
|
|
168
|
+
}
|
|
169
|
+
const status = backFromAuthServer.result.kc_action_status;
|
|
170
|
+
if (!(0, tsafe_1.isAmong)(["success", "cancelled", "error"], status)) {
|
|
171
|
+
break onActionUpdate_call;
|
|
172
|
+
}
|
|
173
|
+
const action = backFromAuthServer.extraQueryParams.kc_action;
|
|
174
|
+
if (action === undefined) {
|
|
175
|
+
break onActionUpdate_call;
|
|
176
|
+
}
|
|
177
|
+
this.onActionUpdate(status, action);
|
|
178
|
+
}
|
|
179
|
+
schedule_onTokenExpired_call: {
|
|
180
|
+
if (!oidc.isUserLoggedIn) {
|
|
181
|
+
break schedule_onTokenExpired_call;
|
|
182
|
+
}
|
|
183
|
+
const { $onTokenExpired } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
184
|
+
let clear = undefined;
|
|
185
|
+
const next = (onTokenExpired) => {
|
|
186
|
+
clear?.();
|
|
187
|
+
if (onTokenExpired === undefined) {
|
|
188
|
+
return;
|
|
189
|
+
}
|
|
190
|
+
let timer = undefined;
|
|
191
|
+
const onNewToken = () => {
|
|
192
|
+
if (timer !== undefined) {
|
|
193
|
+
worker_timers_1.workerTimers.clearTimeout(timer);
|
|
194
|
+
}
|
|
195
|
+
const { tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
196
|
+
(0, tsafe_1.assert)(tokens !== undefined);
|
|
197
|
+
timer = worker_timers_1.workerTimers.setTimeout(() => {
|
|
198
|
+
onTokenExpired.call(this);
|
|
199
|
+
}, Math.max(tokens.accessTokenExpirationTime - tokens.getServerDateNow() - 3000, 0));
|
|
200
|
+
};
|
|
201
|
+
onNewToken();
|
|
202
|
+
const { unsubscribe } = oidc.subscribeToTokensChange(onNewToken);
|
|
203
|
+
clear = () => {
|
|
204
|
+
if (timer !== undefined) {
|
|
205
|
+
worker_timers_1.workerTimers.clearTimeout(timer);
|
|
206
|
+
}
|
|
207
|
+
unsubscribe();
|
|
208
|
+
};
|
|
209
|
+
};
|
|
210
|
+
next($onTokenExpired.current);
|
|
211
|
+
$onTokenExpired.subscribe(next);
|
|
187
212
|
}
|
|
188
213
|
return oidc.isUserLoggedIn;
|
|
189
214
|
}
|
|
@@ -194,9 +219,7 @@ class Keycloak {
|
|
|
194
219
|
if (!this.didInitialize) {
|
|
195
220
|
return false;
|
|
196
221
|
}
|
|
197
|
-
const
|
|
198
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
199
|
-
const { oidc } = internalState;
|
|
222
|
+
const { oidc } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
200
223
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
201
224
|
return oidc.isUserLoggedIn;
|
|
202
225
|
}
|
|
@@ -207,9 +230,7 @@ class Keycloak {
|
|
|
207
230
|
if (!this.didInitialize) {
|
|
208
231
|
return undefined;
|
|
209
232
|
}
|
|
210
|
-
const
|
|
211
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
212
|
-
const { oidc, tokens } = internalState;
|
|
233
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
213
234
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
214
235
|
if (!oidc.isUserLoggedIn) {
|
|
215
236
|
console.warn("Trying to read keycloak.subject when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -225,9 +246,7 @@ class Keycloak {
|
|
|
225
246
|
if (!this.didInitialize) {
|
|
226
247
|
return undefined;
|
|
227
248
|
}
|
|
228
|
-
const
|
|
229
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
230
|
-
const { oidc, tokens } = internalState;
|
|
249
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
231
250
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
232
251
|
if (!oidc.isUserLoggedIn) {
|
|
233
252
|
console.warn("Trying to read keycloak.realAccess when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -244,9 +263,7 @@ class Keycloak {
|
|
|
244
263
|
if (!this.didInitialize) {
|
|
245
264
|
return undefined;
|
|
246
265
|
}
|
|
247
|
-
const
|
|
248
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
249
|
-
const { oidc, tokens } = internalState;
|
|
266
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
250
267
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
251
268
|
if (!oidc.isUserLoggedIn) {
|
|
252
269
|
console.warn("Trying to read keycloak.resourceAccess when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -261,12 +278,10 @@ class Keycloak {
|
|
|
261
278
|
* requests to services.
|
|
262
279
|
*/
|
|
263
280
|
get token() {
|
|
264
|
-
const internalState = internalStateByInstance.get(this);
|
|
265
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
266
281
|
if (!this.didInitialize) {
|
|
267
|
-
return
|
|
282
|
+
return __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions?.token;
|
|
268
283
|
}
|
|
269
|
-
const { oidc, tokens } =
|
|
284
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
270
285
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
271
286
|
if (!oidc.isUserLoggedIn) {
|
|
272
287
|
console.warn("Trying to read keycloak.token when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -279,16 +294,14 @@ class Keycloak {
|
|
|
279
294
|
* The parsed token as a JavaScript object.
|
|
280
295
|
*/
|
|
281
296
|
get tokenParsed() {
|
|
282
|
-
const internalState = internalStateByInstance.get(this);
|
|
283
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
284
297
|
if (!this.didInitialize) {
|
|
285
|
-
const { token } =
|
|
298
|
+
const { token } = __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions ?? {};
|
|
286
299
|
if (token === undefined) {
|
|
287
300
|
return undefined;
|
|
288
301
|
}
|
|
289
302
|
return (0, decodeJwt_1.decodeJwt)(token);
|
|
290
303
|
}
|
|
291
|
-
const { oidc, tokens } =
|
|
304
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
292
305
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
293
306
|
if (!oidc.isUserLoggedIn) {
|
|
294
307
|
console.warn("Trying to read keycloak.tokenParsed when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -301,12 +314,10 @@ class Keycloak {
|
|
|
301
314
|
* The base64 encoded refresh token that can be used to retrieve a new token.
|
|
302
315
|
*/
|
|
303
316
|
get refreshToken() {
|
|
304
|
-
const internalState = internalStateByInstance.get(this);
|
|
305
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
306
317
|
if (!this.didInitialize) {
|
|
307
|
-
return
|
|
318
|
+
return __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions?.refreshToken;
|
|
308
319
|
}
|
|
309
|
-
const { oidc, tokens } =
|
|
320
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
310
321
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
311
322
|
if (!oidc.isUserLoggedIn) {
|
|
312
323
|
console.warn("Trying to read keycloak.refreshToken when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -319,16 +330,14 @@ class Keycloak {
|
|
|
319
330
|
* The parsed refresh token as a JavaScript object.
|
|
320
331
|
*/
|
|
321
332
|
get refreshTokenParsed() {
|
|
322
|
-
const internalState = internalStateByInstance.get(this);
|
|
323
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
324
333
|
if (!this.didInitialize) {
|
|
325
|
-
const { refreshToken } =
|
|
334
|
+
const { refreshToken } = __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions ?? {};
|
|
326
335
|
if (refreshToken === undefined) {
|
|
327
336
|
return undefined;
|
|
328
337
|
}
|
|
329
338
|
return (0, decodeJwt_1.decodeJwt)(refreshToken);
|
|
330
339
|
}
|
|
331
|
-
const { oidc, tokens } =
|
|
340
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
332
341
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
333
342
|
if (!oidc.isUserLoggedIn) {
|
|
334
343
|
console.warn("Trying to read keycloak.refreshTokenParsed when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -344,12 +353,10 @@ class Keycloak {
|
|
|
344
353
|
* The base64 encoded ID token.
|
|
345
354
|
*/
|
|
346
355
|
get idToken() {
|
|
347
|
-
const internalState = internalStateByInstance.get(this);
|
|
348
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
349
356
|
if (!this.didInitialize) {
|
|
350
|
-
return
|
|
357
|
+
return __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions?.idToken;
|
|
351
358
|
}
|
|
352
|
-
const { oidc, tokens } =
|
|
359
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
353
360
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
354
361
|
if (!oidc.isUserLoggedIn) {
|
|
355
362
|
console.warn("Trying to read keycloak.idToken when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -362,16 +369,14 @@ class Keycloak {
|
|
|
362
369
|
* The parsed id token as a JavaScript object.
|
|
363
370
|
*/
|
|
364
371
|
get idTokenParsed() {
|
|
365
|
-
const internalState = internalStateByInstance.get(this);
|
|
366
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
367
372
|
if (!this.didInitialize) {
|
|
368
|
-
const { idToken } =
|
|
373
|
+
const { idToken } = __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions ?? {};
|
|
369
374
|
if (idToken === undefined) {
|
|
370
375
|
return undefined;
|
|
371
376
|
}
|
|
372
377
|
return (0, decodeJwt_1.decodeJwt)(idToken);
|
|
373
378
|
}
|
|
374
|
-
const { oidc, tokens } =
|
|
379
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
375
380
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
376
381
|
if (!oidc.isUserLoggedIn) {
|
|
377
382
|
console.warn("Trying to read keycloak.idTokenParsed when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -387,16 +392,14 @@ class Keycloak {
|
|
|
387
392
|
* enough when determining if a token is expired or not.
|
|
388
393
|
*/
|
|
389
394
|
get timeSkew() {
|
|
390
|
-
const internalState = internalStateByInstance.get(this);
|
|
391
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
392
395
|
if (!this.didInitialize) {
|
|
393
|
-
const { timeSkew } =
|
|
396
|
+
const { timeSkew } = __classPrivateFieldGet(this, _Keycloak_state, "f").initOptions ?? {};
|
|
394
397
|
if (timeSkew === undefined) {
|
|
395
398
|
return null;
|
|
396
399
|
}
|
|
397
400
|
return timeSkew;
|
|
398
401
|
}
|
|
399
|
-
const { oidc, tokens } =
|
|
402
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
400
403
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
401
404
|
if (!oidc.isUserLoggedIn) {
|
|
402
405
|
console.warn("Trying to read keycloak.timeSkew when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -409,17 +412,13 @@ class Keycloak {
|
|
|
409
412
|
* Whether the instance has been initialized by calling `.init()`.
|
|
410
413
|
*/
|
|
411
414
|
get didInitialize() {
|
|
412
|
-
|
|
413
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
414
|
-
return internalState.oidc !== undefined;
|
|
415
|
+
return __classPrivateFieldGet(this, _Keycloak_state, "f").oidc !== undefined;
|
|
415
416
|
}
|
|
416
417
|
/**
|
|
417
418
|
* @private Undocumented.
|
|
418
419
|
*/
|
|
419
420
|
get loginRequired() {
|
|
420
|
-
const
|
|
421
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
422
|
-
const { initOptions } = internalState;
|
|
421
|
+
const { initOptions } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
423
422
|
if (initOptions === undefined) {
|
|
424
423
|
return false;
|
|
425
424
|
}
|
|
@@ -429,36 +428,28 @@ class Keycloak {
|
|
|
429
428
|
* @private Undocumented.
|
|
430
429
|
*/
|
|
431
430
|
get authServerUrl() {
|
|
432
|
-
const
|
|
433
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
434
|
-
const { keycloakUtils: { issuerUriParsed } } = internalState;
|
|
431
|
+
const { keycloakUtils: { issuerUriParsed } } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
435
432
|
return `${issuerUriParsed.origin}${issuerUriParsed.kcHttpRelativePath}`;
|
|
436
433
|
}
|
|
437
434
|
/**
|
|
438
435
|
* @private Undocumented.
|
|
439
436
|
*/
|
|
440
437
|
get realm() {
|
|
441
|
-
const
|
|
442
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
443
|
-
const { keycloakUtils: { issuerUriParsed } } = internalState;
|
|
438
|
+
const { keycloakUtils: { issuerUriParsed } } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
444
439
|
return issuerUriParsed.realm;
|
|
445
440
|
}
|
|
446
441
|
/**
|
|
447
442
|
* @private Undocumented.
|
|
448
443
|
*/
|
|
449
444
|
get clientId() {
|
|
450
|
-
const
|
|
451
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
452
|
-
const { constructorParams } = internalState;
|
|
445
|
+
const { constructorParams } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
453
446
|
return constructorParams.clientId;
|
|
454
447
|
}
|
|
455
448
|
/**
|
|
456
449
|
* @private Undocumented.
|
|
457
450
|
*/
|
|
458
451
|
get redirectUri() {
|
|
459
|
-
const
|
|
460
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
461
|
-
const { initOptions } = internalState;
|
|
452
|
+
const { initOptions } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
462
453
|
if (initOptions === undefined) {
|
|
463
454
|
return undefined;
|
|
464
455
|
}
|
|
@@ -471,9 +462,7 @@ class Keycloak {
|
|
|
471
462
|
if (!this.didInitialize) {
|
|
472
463
|
return undefined;
|
|
473
464
|
}
|
|
474
|
-
const
|
|
475
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
476
|
-
const { oidc, tokens } = internalState;
|
|
465
|
+
const { oidc, tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
477
466
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
478
467
|
if (!oidc.isUserLoggedIn) {
|
|
479
468
|
console.warn("Trying to read keycloak.sessionId when keycloak.authenticated is false is a logical error in your application");
|
|
@@ -488,18 +477,14 @@ class Keycloak {
|
|
|
488
477
|
* @private Undocumented.
|
|
489
478
|
*/
|
|
490
479
|
get profile() {
|
|
491
|
-
const
|
|
492
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
493
|
-
const { profile } = internalState;
|
|
480
|
+
const { profile } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
494
481
|
return profile;
|
|
495
482
|
}
|
|
496
483
|
/**
|
|
497
484
|
* @private Undocumented.
|
|
498
485
|
*/
|
|
499
486
|
get userInfo() {
|
|
500
|
-
const
|
|
501
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
502
|
-
const { userInfo } = internalState;
|
|
487
|
+
const { userInfo } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
503
488
|
return userInfo;
|
|
504
489
|
}
|
|
505
490
|
/**
|
|
@@ -522,15 +507,11 @@ class Keycloak {
|
|
|
522
507
|
* obtain a new access token.
|
|
523
508
|
*/
|
|
524
509
|
set onTokenExpired(value) {
|
|
525
|
-
const
|
|
526
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
527
|
-
const { $onTokenExpired } = internalState;
|
|
510
|
+
const { $onTokenExpired } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
528
511
|
$onTokenExpired.current = value;
|
|
529
512
|
}
|
|
530
513
|
get onTokenExpired() {
|
|
531
|
-
const
|
|
532
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
533
|
-
const { $onTokenExpired } = internalState;
|
|
514
|
+
const { $onTokenExpired } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
534
515
|
return $onTokenExpired.current;
|
|
535
516
|
}
|
|
536
517
|
/**
|
|
@@ -539,12 +520,10 @@ class Keycloak {
|
|
|
539
520
|
*/
|
|
540
521
|
async login(options) {
|
|
541
522
|
const { redirectUri, action, loginHint, acr, acrValues, idpHint, locale, doesCurrentHrefRequiresAuth } = options ?? {};
|
|
542
|
-
const internalState = internalStateByInstance.get(this);
|
|
543
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
544
523
|
if (!this.didInitialize) {
|
|
545
|
-
await
|
|
524
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
546
525
|
}
|
|
547
|
-
const { oidc, keycloakUtils } =
|
|
526
|
+
const { oidc, keycloakUtils } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
548
527
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
549
528
|
const extraQueryParams_commons = {
|
|
550
529
|
claims: acr === undefined
|
|
@@ -590,12 +569,10 @@ class Keycloak {
|
|
|
590
569
|
* @param options Logout options.
|
|
591
570
|
*/
|
|
592
571
|
async logout(options) {
|
|
593
|
-
const internalState = internalStateByInstance.get(this);
|
|
594
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
595
572
|
if (!this.didInitialize) {
|
|
596
|
-
await
|
|
573
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
597
574
|
}
|
|
598
|
-
const { oidc, initOptions } =
|
|
575
|
+
const { oidc, initOptions } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
599
576
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
600
577
|
(0, tsafe_1.assert)(initOptions !== undefined);
|
|
601
578
|
(0, tsafe_1.assert)(oidc.isUserLoggedIn, "The user is not currently logged in");
|
|
@@ -655,9 +632,7 @@ class Keycloak {
|
|
|
655
632
|
*/
|
|
656
633
|
createAccountUrl(options) {
|
|
657
634
|
const { locale, redirectUri } = options ?? {};
|
|
658
|
-
const
|
|
659
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
660
|
-
const { keycloakUtils } = internalState;
|
|
635
|
+
const { keycloakUtils } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
661
636
|
return keycloakUtils.getAccountUrl({
|
|
662
637
|
clientId: this.clientId,
|
|
663
638
|
backToAppFromAccountUrl: redirectUri ?? location.href,
|
|
@@ -670,8 +645,6 @@ class Keycloak {
|
|
|
670
645
|
* @param minValidity If not specified, `0` is used.
|
|
671
646
|
*/
|
|
672
647
|
isTokenExpired(minValidity = 0) {
|
|
673
|
-
const internalState = internalStateByInstance.get(this);
|
|
674
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
675
648
|
let accessTokenExpirationTime;
|
|
676
649
|
if (!this.didInitialize) {
|
|
677
650
|
const fakeAccessToken = this.token;
|
|
@@ -683,7 +656,7 @@ class Keycloak {
|
|
|
683
656
|
accessTokenExpirationTime = time;
|
|
684
657
|
}
|
|
685
658
|
else {
|
|
686
|
-
const { tokens } =
|
|
659
|
+
const { tokens } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
687
660
|
(0, tsafe_1.assert)(tokens !== undefined);
|
|
688
661
|
accessTokenExpirationTime = tokens.accessTokenExpirationTime;
|
|
689
662
|
}
|
|
@@ -712,12 +685,10 @@ class Keycloak {
|
|
|
712
685
|
* });
|
|
713
686
|
*/
|
|
714
687
|
async updateToken(minValidity = 5) {
|
|
715
|
-
const internalState = internalStateByInstance.get(this);
|
|
716
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
717
688
|
if (!this.didInitialize) {
|
|
718
|
-
await
|
|
689
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
719
690
|
}
|
|
720
|
-
const { oidc } =
|
|
691
|
+
const { oidc } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
721
692
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
722
693
|
(0, tsafe_1.assert)(oidc.isUserLoggedIn, "updateToken called too early");
|
|
723
694
|
if (!this.isTokenExpired(minValidity)) {
|
|
@@ -763,32 +734,36 @@ class Keycloak {
|
|
|
763
734
|
* @returns A promise to set functions to be invoked on success or error.
|
|
764
735
|
*/
|
|
765
736
|
async loadUserProfile() {
|
|
766
|
-
const internalState = internalStateByInstance.get(this);
|
|
767
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
768
737
|
if (!this.didInitialize) {
|
|
769
|
-
await
|
|
738
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
770
739
|
}
|
|
771
|
-
const { oidc, keycloakUtils } =
|
|
740
|
+
const { oidc, keycloakUtils } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
772
741
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
773
742
|
(0, tsafe_1.assert)(oidc.isUserLoggedIn, "Can't load userProfile if user not authenticated");
|
|
774
743
|
const { accessToken } = await oidc.getTokens();
|
|
775
|
-
return (
|
|
744
|
+
return (__classPrivateFieldGet(this, _Keycloak_state, "f").profile = await keycloakUtils.fetchUserProfile({ accessToken }));
|
|
776
745
|
}
|
|
777
746
|
/**
|
|
778
747
|
* @private Undocumented.
|
|
779
748
|
*/
|
|
780
749
|
async loadUserInfo() {
|
|
781
|
-
const internalState = internalStateByInstance.get(this);
|
|
782
|
-
(0, tsafe_1.assert)(internalState !== undefined);
|
|
783
750
|
if (!this.didInitialize) {
|
|
784
|
-
await
|
|
751
|
+
await __classPrivateFieldGet(this, _Keycloak_state, "f").dInitialized.pr;
|
|
785
752
|
}
|
|
786
|
-
const { oidc, keycloakUtils } =
|
|
753
|
+
const { oidc, keycloakUtils } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
787
754
|
(0, tsafe_1.assert)(oidc !== undefined);
|
|
788
755
|
(0, tsafe_1.assert)(oidc.isUserLoggedIn, "Can't load userInfo if user not authenticated");
|
|
789
756
|
const { accessToken } = await oidc.getTokens();
|
|
790
|
-
return (
|
|
757
|
+
return (__classPrivateFieldGet(this, _Keycloak_state, "f").userInfo = await keycloakUtils.fetchUserInfo({ accessToken }));
|
|
758
|
+
}
|
|
759
|
+
/** Get the underlying oidc-spa instance */
|
|
760
|
+
get oidc() {
|
|
761
|
+
(0, tsafe_1.assert)(this.didInitialize, "Cannot get keycloak.oidc before the init() method was called and have resolved.");
|
|
762
|
+
const { oidc } = __classPrivateFieldGet(this, _Keycloak_state, "f");
|
|
763
|
+
(0, tsafe_1.assert)(oidc !== undefined);
|
|
764
|
+
return oidc;
|
|
791
765
|
}
|
|
792
766
|
}
|
|
793
767
|
exports.Keycloak = Keycloak;
|
|
768
|
+
_Keycloak_state = new WeakMap();
|
|
794
769
|
//# sourceMappingURL=Keycloak.js.map
|