oidc-spa 7.3.0 → 8.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/core/AuthResponse.d.ts +5 -0
- package/core/AuthResponse.js +25 -0
- package/core/AuthResponse.js.map +1 -1
- package/core/StateData.d.ts +2 -6
- package/core/StateData.js +0 -13
- package/core/StateData.js.map +1 -1
- package/core/createOidc.d.ts +2 -2
- package/core/createOidc.js +70 -19
- package/core/createOidc.js.map +1 -1
- package/core/diagnostic.js +3 -3
- package/core/earlyInit.d.ts +16 -0
- package/core/earlyInit.js +157 -0
- package/core/earlyInit.js.map +1 -0
- package/core/index.d.ts +0 -1
- package/core/index.js +1 -3
- package/core/index.js.map +1 -1
- package/core/loginOrGoToAuthServer.js +19 -6
- package/core/loginOrGoToAuthServer.js.map +1 -1
- package/entrypoint.d.ts +1 -7
- package/entrypoint.js +3 -46
- package/entrypoint.js.map +1 -1
- package/esm/core/AuthResponse.d.ts +5 -0
- package/esm/core/AuthResponse.js +23 -0
- package/esm/core/AuthResponse.js.map +1 -1
- package/esm/core/StateData.d.ts +2 -6
- package/esm/core/StateData.js +0 -12
- package/esm/core/StateData.js.map +1 -1
- package/esm/core/createOidc.d.ts +2 -2
- package/esm/core/createOidc.js +72 -21
- package/esm/core/createOidc.js.map +1 -1
- package/esm/core/diagnostic.js +3 -3
- package/esm/core/earlyInit.d.ts +16 -0
- package/esm/core/earlyInit.js +152 -0
- package/esm/core/earlyInit.js.map +1 -0
- package/esm/core/index.d.ts +0 -1
- package/esm/core/index.js +0 -1
- package/esm/core/index.js.map +1 -1
- package/esm/core/loginOrGoToAuthServer.js +19 -6
- package/esm/core/loginOrGoToAuthServer.js.map +1 -1
- package/esm/entrypoint.d.ts +1 -7
- package/esm/entrypoint.js +1 -45
- package/esm/entrypoint.js.map +1 -1
- package/esm/keycloak/keycloak-js/Keycloak.d.ts +4 -0
- package/esm/keycloak/keycloak-js/Keycloak.js +148 -173
- package/esm/keycloak/keycloak-js/Keycloak.js.map +1 -1
- package/esm/mock/oidc.js +15 -4
- package/esm/mock/oidc.js.map +1 -1
- package/esm/mock/react.d.ts +1 -1
- package/esm/mock/react.js +1 -1
- package/esm/react/react.d.ts +1 -1
- package/esm/react/react.js +2 -10
- package/esm/react/react.js.map +1 -1
- package/keycloak/keycloak-js/Keycloak.d.ts +4 -0
- package/keycloak/keycloak-js/Keycloak.js +148 -173
- package/keycloak/keycloak-js/Keycloak.js.map +1 -1
- package/mock/oidc.js +15 -4
- package/mock/oidc.js.map +1 -1
- package/mock/react.d.ts +1 -1
- package/mock/react.js +1 -1
- package/package.json +1 -1
- package/react/react.d.ts +1 -1
- package/react/react.js +1 -9
- package/react/react.js.map +1 -1
- package/src/core/AuthResponse.ts +36 -0
- package/src/core/StateData.ts +2 -22
- package/src/core/createOidc.ts +108 -24
- package/src/core/diagnostic.ts +3 -3
- package/src/core/earlyInit.ts +213 -0
- package/src/core/index.ts +0 -1
- package/src/core/loginOrGoToAuthServer.ts +24 -6
- package/src/entrypoint.ts +1 -69
- package/src/keycloak/keycloak-js/Keycloak.ts +167 -228
- package/src/mock/oidc.ts +15 -4
- package/src/mock/react.tsx +1 -1
- package/src/react/react.tsx +2 -18
- package/core/handleOidcCallback.d.ts +0 -13
- package/core/handleOidcCallback.js +0 -228
- package/core/handleOidcCallback.js.map +0 -1
- package/core/initialLocationHref.d.ts +0 -1
- package/core/initialLocationHref.js +0 -8
- package/core/initialLocationHref.js.map +0 -1
- package/esm/core/handleOidcCallback.d.ts +0 -13
- package/esm/core/handleOidcCallback.js +0 -223
- package/esm/core/handleOidcCallback.js.map +0 -1
- package/esm/core/initialLocationHref.d.ts +0 -1
- package/esm/core/initialLocationHref.js +0 -5
- package/esm/core/initialLocationHref.js.map +0 -1
- package/src/core/handleOidcCallback.ts +0 -318
- package/src/core/initialLocationHref.ts +0 -5
|
@@ -25,21 +25,6 @@ type ConstructorParams = KeycloakServerConfig & {
|
|
|
25
25
|
homeUrl: string;
|
|
26
26
|
};
|
|
27
27
|
|
|
28
|
-
type InternalState = {
|
|
29
|
-
constructorParams: ConstructorParams;
|
|
30
|
-
keycloakUtils: KeycloakUtils;
|
|
31
|
-
issuerUri: string;
|
|
32
|
-
dInitialized: Deferred<void>;
|
|
33
|
-
initOptions: KeycloakInitOptions | undefined;
|
|
34
|
-
oidc: Oidc<Record<string, unknown>> | undefined;
|
|
35
|
-
tokens: Oidc.Tokens<Record<string, unknown>> | undefined;
|
|
36
|
-
profile: KeycloakProfile | undefined;
|
|
37
|
-
userInfo: KeycloakUserInfo | undefined;
|
|
38
|
-
$onTokenExpired: StatefulEvt<(() => void) | undefined>;
|
|
39
|
-
};
|
|
40
|
-
|
|
41
|
-
const internalStateByInstance = new WeakMap<Keycloak, InternalState>();
|
|
42
|
-
|
|
43
28
|
/**
|
|
44
29
|
* This module provides a drop-in replacement for `keycloak-js`,
|
|
45
30
|
* designed for teams migrating to `oidc-spa` with minimal changes.
|
|
@@ -48,6 +33,19 @@ const internalStateByInstance = new WeakMap<Keycloak, InternalState>();
|
|
|
48
33
|
* it is a full alternative implementation aligned with the `keycloak-js` API.
|
|
49
34
|
*/
|
|
50
35
|
export class Keycloak {
|
|
36
|
+
readonly #state: {
|
|
37
|
+
constructorParams: ConstructorParams;
|
|
38
|
+
keycloakUtils: KeycloakUtils;
|
|
39
|
+
issuerUri: string;
|
|
40
|
+
dInitialized: Deferred<void>;
|
|
41
|
+
initOptions: KeycloakInitOptions | undefined;
|
|
42
|
+
oidc: Oidc<Record<string, unknown>> | undefined;
|
|
43
|
+
tokens: Oidc.Tokens<Record<string, unknown>> | undefined;
|
|
44
|
+
profile: KeycloakProfile | undefined;
|
|
45
|
+
userInfo: KeycloakUserInfo | undefined;
|
|
46
|
+
$onTokenExpired: StatefulEvt<(() => void) | undefined>;
|
|
47
|
+
};
|
|
48
|
+
|
|
51
49
|
/**
|
|
52
50
|
* Creates a new Keycloak client instance.
|
|
53
51
|
* @param config A configuration object or path to a JSON config file.
|
|
@@ -59,7 +57,7 @@ export class Keycloak {
|
|
|
59
57
|
constructor(params: ConstructorParams) {
|
|
60
58
|
const issuerUri = `${params.url.replace(/\/$/, "")}/realms/${params.realm}`;
|
|
61
59
|
|
|
62
|
-
|
|
60
|
+
this.#state = {
|
|
63
61
|
constructorParams: params,
|
|
64
62
|
dInitialized: new Deferred(),
|
|
65
63
|
initOptions: undefined,
|
|
@@ -70,7 +68,7 @@ export class Keycloak {
|
|
|
70
68
|
profile: undefined,
|
|
71
69
|
userInfo: undefined,
|
|
72
70
|
$onTokenExpired: createStatefulEvt(() => undefined)
|
|
73
|
-
}
|
|
71
|
+
};
|
|
74
72
|
}
|
|
75
73
|
|
|
76
74
|
/**
|
|
@@ -81,23 +79,19 @@ export class Keycloak {
|
|
|
81
79
|
async init(initOptions: KeycloakInitOptions = {}): Promise<boolean> {
|
|
82
80
|
const { onLoad = "check-sso", redirectUri, enableLogging, scope, locale } = initOptions;
|
|
83
81
|
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
assert(internalState !== undefined);
|
|
87
|
-
|
|
88
|
-
if (internalState.initOptions !== undefined) {
|
|
89
|
-
if (JSON.stringify(internalState.initOptions) !== JSON.stringify(initOptions)) {
|
|
82
|
+
if (this.#state.initOptions !== undefined) {
|
|
83
|
+
if (JSON.stringify(this.#state.initOptions) !== JSON.stringify(initOptions)) {
|
|
90
84
|
throw new Error("Can't call init() multiple time with different params");
|
|
91
85
|
}
|
|
92
|
-
await
|
|
93
|
-
const { oidc } =
|
|
86
|
+
await this.#state.dInitialized.pr;
|
|
87
|
+
const { oidc } = this.#state;
|
|
94
88
|
assert(oidc !== undefined);
|
|
95
89
|
return oidc.isUserLoggedIn;
|
|
96
90
|
}
|
|
97
91
|
|
|
98
|
-
|
|
92
|
+
this.#state.initOptions = initOptions;
|
|
99
93
|
|
|
100
|
-
const { constructorParams, issuerUri } =
|
|
94
|
+
const { constructorParams, issuerUri } = this.#state;
|
|
101
95
|
|
|
102
96
|
const autoLogin = onLoad === "login-required";
|
|
103
97
|
|
|
@@ -106,7 +100,7 @@ export class Keycloak {
|
|
|
106
100
|
const oidcOrError = await createOidc({
|
|
107
101
|
homeUrl: constructorParams.homeUrl,
|
|
108
102
|
issuerUri,
|
|
109
|
-
clientId:
|
|
103
|
+
clientId: this.#state.constructorParams.clientId,
|
|
110
104
|
autoLogin,
|
|
111
105
|
postLoginRedirectUrl: redirectUri,
|
|
112
106
|
debugLogs: enableLogging,
|
|
@@ -142,101 +136,123 @@ export class Keycloak {
|
|
|
142
136
|
|
|
143
137
|
const oidc = oidcOrError;
|
|
144
138
|
|
|
145
|
-
internalState.oidc = oidc;
|
|
146
|
-
|
|
147
139
|
if (oidc.isUserLoggedIn) {
|
|
148
|
-
|
|
149
|
-
const tokens = await oidc.getTokens();
|
|
140
|
+
const tokens = await oidc.getTokens();
|
|
150
141
|
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
142
|
+
const onNewToken = (tokens_new: Oidc.Tokens<Record<string, unknown>>) => {
|
|
143
|
+
this.#state.tokens = tokens_new;
|
|
144
|
+
this.onAuthRefreshSuccess?.();
|
|
145
|
+
};
|
|
146
|
+
|
|
147
|
+
onNewToken(tokens);
|
|
155
148
|
|
|
156
|
-
|
|
149
|
+
oidc.subscribeToTokensChange(onNewToken);
|
|
150
|
+
}
|
|
157
151
|
|
|
158
|
-
|
|
152
|
+
this.#state.oidc = oidc;
|
|
153
|
+
this.#state.dInitialized.resolve();
|
|
154
|
+
|
|
155
|
+
this.onReady?.(oidc.isUserLoggedIn);
|
|
156
|
+
|
|
157
|
+
onAuthSuccess_call: {
|
|
158
|
+
if (!oidc.isUserLoggedIn) {
|
|
159
|
+
break onAuthSuccess_call;
|
|
159
160
|
}
|
|
160
161
|
|
|
161
|
-
|
|
162
|
-
|
|
162
|
+
this.onAuthSuccess?.();
|
|
163
|
+
}
|
|
163
164
|
|
|
164
|
-
|
|
165
|
+
onAuthError_call: {
|
|
166
|
+
if (oidc.isUserLoggedIn) {
|
|
167
|
+
break onAuthError_call;
|
|
168
|
+
}
|
|
165
169
|
|
|
166
|
-
|
|
167
|
-
|
|
170
|
+
if (oidc.initializationError === undefined) {
|
|
171
|
+
break onAuthError_call;
|
|
172
|
+
}
|
|
168
173
|
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
174
|
+
this.onAuthError?.({
|
|
175
|
+
error: oidc.initializationError.name,
|
|
176
|
+
error_description: oidc.initializationError.message
|
|
177
|
+
});
|
|
178
|
+
}
|
|
179
|
+
|
|
180
|
+
onActionUpdate_call: {
|
|
181
|
+
if (!oidc.isUserLoggedIn) {
|
|
182
|
+
break onActionUpdate_call;
|
|
183
|
+
}
|
|
172
184
|
|
|
173
|
-
|
|
185
|
+
if (this.onActionUpdate === undefined) {
|
|
186
|
+
break onActionUpdate_call;
|
|
187
|
+
}
|
|
174
188
|
|
|
175
|
-
|
|
176
|
-
if (timer !== undefined) {
|
|
177
|
-
workerTimers.clearTimeout(timer);
|
|
178
|
-
}
|
|
189
|
+
const { backFromAuthServer } = oidc;
|
|
179
190
|
|
|
180
|
-
|
|
181
|
-
|
|
191
|
+
if (backFromAuthServer === undefined) {
|
|
192
|
+
break onActionUpdate_call;
|
|
193
|
+
}
|
|
182
194
|
|
|
183
|
-
|
|
184
|
-
onTokenExpired.call(this);
|
|
185
|
-
}, Math.max(tokens.accessTokenExpirationTime - Date.now() - 3_000, 0));
|
|
186
|
-
};
|
|
195
|
+
const status = backFromAuthServer.result.kc_action_status;
|
|
187
196
|
|
|
188
|
-
|
|
197
|
+
if (!isAmong(["success", "cancelled", "error"], status)) {
|
|
198
|
+
break onActionUpdate_call;
|
|
199
|
+
}
|
|
189
200
|
|
|
190
|
-
|
|
201
|
+
const action = backFromAuthServer.extraQueryParams.kc_action;
|
|
191
202
|
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
workerTimers.clearTimeout(timer);
|
|
195
|
-
}
|
|
196
|
-
unsubscribe();
|
|
197
|
-
};
|
|
198
|
-
});
|
|
203
|
+
if (action === undefined) {
|
|
204
|
+
break onActionUpdate_call;
|
|
199
205
|
}
|
|
200
206
|
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
break onActionUpdate_call;
|
|
204
|
-
}
|
|
207
|
+
this.onActionUpdate(status, action);
|
|
208
|
+
}
|
|
205
209
|
|
|
206
|
-
|
|
210
|
+
schedule_onTokenExpired_call: {
|
|
211
|
+
if (!oidc.isUserLoggedIn) {
|
|
212
|
+
break schedule_onTokenExpired_call;
|
|
213
|
+
}
|
|
207
214
|
|
|
208
|
-
|
|
209
|
-
|
|
210
|
-
|
|
215
|
+
const { $onTokenExpired } = this.#state;
|
|
216
|
+
|
|
217
|
+
let clear: (() => void) | undefined = undefined;
|
|
211
218
|
|
|
212
|
-
|
|
219
|
+
const next = (onTokenExpired: (() => void) | undefined) => {
|
|
220
|
+
clear?.();
|
|
213
221
|
|
|
214
|
-
if (
|
|
215
|
-
|
|
222
|
+
if (onTokenExpired === undefined) {
|
|
223
|
+
return;
|
|
216
224
|
}
|
|
217
225
|
|
|
218
|
-
|
|
226
|
+
let timer: ReturnType<typeof workerTimers.setTimeout> | undefined = undefined;
|
|
219
227
|
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
|
|
228
|
+
const onNewToken = () => {
|
|
229
|
+
if (timer !== undefined) {
|
|
230
|
+
workerTimers.clearTimeout(timer);
|
|
231
|
+
}
|
|
223
232
|
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
}
|
|
233
|
+
const { tokens } = this.#state;
|
|
234
|
+
assert(tokens !== undefined);
|
|
227
235
|
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
});
|
|
233
|
-
}
|
|
236
|
+
timer = workerTimers.setTimeout(() => {
|
|
237
|
+
onTokenExpired.call(this);
|
|
238
|
+
}, Math.max(tokens.accessTokenExpirationTime - tokens.getServerDateNow() - 3_000, 0));
|
|
239
|
+
};
|
|
234
240
|
|
|
235
|
-
|
|
241
|
+
onNewToken();
|
|
236
242
|
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
|
|
243
|
+
const { unsubscribe } = oidc.subscribeToTokensChange(onNewToken);
|
|
244
|
+
|
|
245
|
+
clear = () => {
|
|
246
|
+
if (timer !== undefined) {
|
|
247
|
+
workerTimers.clearTimeout(timer);
|
|
248
|
+
}
|
|
249
|
+
unsubscribe();
|
|
250
|
+
};
|
|
251
|
+
};
|
|
252
|
+
|
|
253
|
+
next($onTokenExpired.current);
|
|
254
|
+
|
|
255
|
+
$onTokenExpired.subscribe(next);
|
|
240
256
|
}
|
|
241
257
|
|
|
242
258
|
return oidc.isUserLoggedIn;
|
|
@@ -250,11 +266,7 @@ export class Keycloak {
|
|
|
250
266
|
return false;
|
|
251
267
|
}
|
|
252
268
|
|
|
253
|
-
const
|
|
254
|
-
|
|
255
|
-
assert(internalState !== undefined);
|
|
256
|
-
|
|
257
|
-
const { oidc } = internalState;
|
|
269
|
+
const { oidc } = this.#state;
|
|
258
270
|
|
|
259
271
|
assert(oidc !== undefined);
|
|
260
272
|
|
|
@@ -269,11 +281,7 @@ export class Keycloak {
|
|
|
269
281
|
return undefined;
|
|
270
282
|
}
|
|
271
283
|
|
|
272
|
-
const
|
|
273
|
-
|
|
274
|
-
assert(internalState !== undefined);
|
|
275
|
-
|
|
276
|
-
const { oidc, tokens } = internalState;
|
|
284
|
+
const { oidc, tokens } = this.#state;
|
|
277
285
|
|
|
278
286
|
assert(oidc !== undefined);
|
|
279
287
|
|
|
@@ -320,11 +328,7 @@ export class Keycloak {
|
|
|
320
328
|
return undefined;
|
|
321
329
|
}
|
|
322
330
|
|
|
323
|
-
const
|
|
324
|
-
|
|
325
|
-
assert(internalState !== undefined);
|
|
326
|
-
|
|
327
|
-
const { oidc, tokens } = internalState;
|
|
331
|
+
const { oidc, tokens } = this.#state;
|
|
328
332
|
|
|
329
333
|
assert(oidc !== undefined);
|
|
330
334
|
|
|
@@ -349,11 +353,7 @@ export class Keycloak {
|
|
|
349
353
|
return undefined;
|
|
350
354
|
}
|
|
351
355
|
|
|
352
|
-
const
|
|
353
|
-
|
|
354
|
-
assert(internalState !== undefined);
|
|
355
|
-
|
|
356
|
-
const { oidc, tokens } = internalState;
|
|
356
|
+
const { oidc, tokens } = this.#state;
|
|
357
357
|
|
|
358
358
|
assert(oidc !== undefined);
|
|
359
359
|
|
|
@@ -375,15 +375,11 @@ export class Keycloak {
|
|
|
375
375
|
* requests to services.
|
|
376
376
|
*/
|
|
377
377
|
get token(): string | undefined {
|
|
378
|
-
const internalState = internalStateByInstance.get(this);
|
|
379
|
-
|
|
380
|
-
assert(internalState !== undefined);
|
|
381
|
-
|
|
382
378
|
if (!this.didInitialize) {
|
|
383
|
-
return
|
|
379
|
+
return this.#state.initOptions?.token;
|
|
384
380
|
}
|
|
385
381
|
|
|
386
|
-
const { oidc, tokens } =
|
|
382
|
+
const { oidc, tokens } = this.#state;
|
|
387
383
|
|
|
388
384
|
assert(oidc !== undefined);
|
|
389
385
|
|
|
@@ -403,12 +399,8 @@ export class Keycloak {
|
|
|
403
399
|
* The parsed token as a JavaScript object.
|
|
404
400
|
*/
|
|
405
401
|
get tokenParsed(): KeycloakTokenParsed | undefined {
|
|
406
|
-
const internalState = internalStateByInstance.get(this);
|
|
407
|
-
|
|
408
|
-
assert(internalState !== undefined);
|
|
409
|
-
|
|
410
402
|
if (!this.didInitialize) {
|
|
411
|
-
const { token } =
|
|
403
|
+
const { token } = this.#state.initOptions ?? {};
|
|
412
404
|
|
|
413
405
|
if (token === undefined) {
|
|
414
406
|
return undefined;
|
|
@@ -417,7 +409,7 @@ export class Keycloak {
|
|
|
417
409
|
return decodeJwt(token) as KeycloakTokenParsed;
|
|
418
410
|
}
|
|
419
411
|
|
|
420
|
-
const { oidc, tokens } =
|
|
412
|
+
const { oidc, tokens } = this.#state;
|
|
421
413
|
|
|
422
414
|
assert(oidc !== undefined);
|
|
423
415
|
|
|
@@ -437,15 +429,11 @@ export class Keycloak {
|
|
|
437
429
|
* The base64 encoded refresh token that can be used to retrieve a new token.
|
|
438
430
|
*/
|
|
439
431
|
get refreshToken(): string | undefined {
|
|
440
|
-
const internalState = internalStateByInstance.get(this);
|
|
441
|
-
|
|
442
|
-
assert(internalState !== undefined);
|
|
443
|
-
|
|
444
432
|
if (!this.didInitialize) {
|
|
445
|
-
return
|
|
433
|
+
return this.#state.initOptions?.refreshToken;
|
|
446
434
|
}
|
|
447
435
|
|
|
448
|
-
const { oidc, tokens } =
|
|
436
|
+
const { oidc, tokens } = this.#state;
|
|
449
437
|
|
|
450
438
|
assert(oidc !== undefined);
|
|
451
439
|
|
|
@@ -465,12 +453,8 @@ export class Keycloak {
|
|
|
465
453
|
* The parsed refresh token as a JavaScript object.
|
|
466
454
|
*/
|
|
467
455
|
get refreshTokenParsed(): KeycloakTokenParsed | undefined {
|
|
468
|
-
const internalState = internalStateByInstance.get(this);
|
|
469
|
-
|
|
470
|
-
assert(internalState !== undefined);
|
|
471
|
-
|
|
472
456
|
if (!this.didInitialize) {
|
|
473
|
-
const { refreshToken } =
|
|
457
|
+
const { refreshToken } = this.#state.initOptions ?? {};
|
|
474
458
|
|
|
475
459
|
if (refreshToken === undefined) {
|
|
476
460
|
return undefined;
|
|
@@ -479,7 +463,7 @@ export class Keycloak {
|
|
|
479
463
|
return decodeJwt(refreshToken) as KeycloakTokenParsed;
|
|
480
464
|
}
|
|
481
465
|
|
|
482
|
-
const { oidc, tokens } =
|
|
466
|
+
const { oidc, tokens } = this.#state;
|
|
483
467
|
|
|
484
468
|
assert(oidc !== undefined);
|
|
485
469
|
|
|
@@ -503,15 +487,11 @@ export class Keycloak {
|
|
|
503
487
|
* The base64 encoded ID token.
|
|
504
488
|
*/
|
|
505
489
|
get idToken(): string | undefined {
|
|
506
|
-
const internalState = internalStateByInstance.get(this);
|
|
507
|
-
|
|
508
|
-
assert(internalState !== undefined);
|
|
509
|
-
|
|
510
490
|
if (!this.didInitialize) {
|
|
511
|
-
return
|
|
491
|
+
return this.#state.initOptions?.idToken;
|
|
512
492
|
}
|
|
513
493
|
|
|
514
|
-
const { oidc, tokens } =
|
|
494
|
+
const { oidc, tokens } = this.#state;
|
|
515
495
|
|
|
516
496
|
assert(oidc !== undefined);
|
|
517
497
|
|
|
@@ -531,12 +511,8 @@ export class Keycloak {
|
|
|
531
511
|
* The parsed id token as a JavaScript object.
|
|
532
512
|
*/
|
|
533
513
|
get idTokenParsed(): KeycloakTokenParsed | undefined {
|
|
534
|
-
const internalState = internalStateByInstance.get(this);
|
|
535
|
-
|
|
536
|
-
assert(internalState !== undefined);
|
|
537
|
-
|
|
538
514
|
if (!this.didInitialize) {
|
|
539
|
-
const { idToken } =
|
|
515
|
+
const { idToken } = this.#state.initOptions ?? {};
|
|
540
516
|
|
|
541
517
|
if (idToken === undefined) {
|
|
542
518
|
return undefined;
|
|
@@ -545,7 +521,7 @@ export class Keycloak {
|
|
|
545
521
|
return decodeJwt(idToken) as KeycloakTokenParsed;
|
|
546
522
|
}
|
|
547
523
|
|
|
548
|
-
const { oidc, tokens } =
|
|
524
|
+
const { oidc, tokens } = this.#state;
|
|
549
525
|
|
|
550
526
|
assert(oidc !== undefined);
|
|
551
527
|
|
|
@@ -568,12 +544,8 @@ export class Keycloak {
|
|
|
568
544
|
* enough when determining if a token is expired or not.
|
|
569
545
|
*/
|
|
570
546
|
get timeSkew(): number | null {
|
|
571
|
-
const internalState = internalStateByInstance.get(this);
|
|
572
|
-
|
|
573
|
-
assert(internalState !== undefined);
|
|
574
|
-
|
|
575
547
|
if (!this.didInitialize) {
|
|
576
|
-
const { timeSkew } =
|
|
548
|
+
const { timeSkew } = this.#state.initOptions ?? {};
|
|
577
549
|
|
|
578
550
|
if (timeSkew === undefined) {
|
|
579
551
|
return null;
|
|
@@ -582,7 +554,7 @@ export class Keycloak {
|
|
|
582
554
|
return timeSkew;
|
|
583
555
|
}
|
|
584
556
|
|
|
585
|
-
const { oidc, tokens } =
|
|
557
|
+
const { oidc, tokens } = this.#state;
|
|
586
558
|
|
|
587
559
|
assert(oidc !== undefined);
|
|
588
560
|
|
|
@@ -602,19 +574,14 @@ export class Keycloak {
|
|
|
602
574
|
* Whether the instance has been initialized by calling `.init()`.
|
|
603
575
|
*/
|
|
604
576
|
get didInitialize(): boolean {
|
|
605
|
-
|
|
606
|
-
assert(internalState !== undefined);
|
|
607
|
-
return internalState.oidc !== undefined;
|
|
577
|
+
return this.#state.oidc !== undefined;
|
|
608
578
|
}
|
|
609
579
|
|
|
610
580
|
/**
|
|
611
581
|
* @private Undocumented.
|
|
612
582
|
*/
|
|
613
583
|
get loginRequired(): boolean {
|
|
614
|
-
const
|
|
615
|
-
assert(internalState !== undefined);
|
|
616
|
-
|
|
617
|
-
const { initOptions } = internalState;
|
|
584
|
+
const { initOptions } = this.#state;
|
|
618
585
|
|
|
619
586
|
if (initOptions === undefined) {
|
|
620
587
|
return false;
|
|
@@ -627,11 +594,9 @@ export class Keycloak {
|
|
|
627
594
|
* @private Undocumented.
|
|
628
595
|
*/
|
|
629
596
|
get authServerUrl(): string {
|
|
630
|
-
const internalState = internalStateByInstance.get(this);
|
|
631
|
-
assert(internalState !== undefined);
|
|
632
597
|
const {
|
|
633
598
|
keycloakUtils: { issuerUriParsed }
|
|
634
|
-
} =
|
|
599
|
+
} = this.#state;
|
|
635
600
|
|
|
636
601
|
return `${issuerUriParsed.origin}${issuerUriParsed.kcHttpRelativePath}`;
|
|
637
602
|
}
|
|
@@ -640,11 +605,9 @@ export class Keycloak {
|
|
|
640
605
|
* @private Undocumented.
|
|
641
606
|
*/
|
|
642
607
|
get realm(): string {
|
|
643
|
-
const internalState = internalStateByInstance.get(this);
|
|
644
|
-
assert(internalState !== undefined);
|
|
645
608
|
const {
|
|
646
609
|
keycloakUtils: { issuerUriParsed }
|
|
647
|
-
} =
|
|
610
|
+
} = this.#state;
|
|
648
611
|
|
|
649
612
|
return issuerUriParsed.realm;
|
|
650
613
|
}
|
|
@@ -653,9 +616,7 @@ export class Keycloak {
|
|
|
653
616
|
* @private Undocumented.
|
|
654
617
|
*/
|
|
655
618
|
get clientId(): string {
|
|
656
|
-
const
|
|
657
|
-
assert(internalState !== undefined);
|
|
658
|
-
const { constructorParams } = internalState;
|
|
619
|
+
const { constructorParams } = this.#state;
|
|
659
620
|
return constructorParams.clientId;
|
|
660
621
|
}
|
|
661
622
|
|
|
@@ -663,9 +624,7 @@ export class Keycloak {
|
|
|
663
624
|
* @private Undocumented.
|
|
664
625
|
*/
|
|
665
626
|
get redirectUri(): string | undefined {
|
|
666
|
-
const
|
|
667
|
-
assert(internalState !== undefined);
|
|
668
|
-
const { initOptions } = internalState;
|
|
627
|
+
const { initOptions } = this.#state;
|
|
669
628
|
if (initOptions === undefined) {
|
|
670
629
|
return undefined;
|
|
671
630
|
}
|
|
@@ -680,9 +639,7 @@ export class Keycloak {
|
|
|
680
639
|
return undefined;
|
|
681
640
|
}
|
|
682
641
|
|
|
683
|
-
const
|
|
684
|
-
assert(internalState !== undefined);
|
|
685
|
-
const { oidc, tokens } = internalState;
|
|
642
|
+
const { oidc, tokens } = this.#state;
|
|
686
643
|
|
|
687
644
|
assert(oidc !== undefined);
|
|
688
645
|
|
|
@@ -706,9 +663,7 @@ export class Keycloak {
|
|
|
706
663
|
* @private Undocumented.
|
|
707
664
|
*/
|
|
708
665
|
get profile(): KeycloakProfile | undefined {
|
|
709
|
-
const
|
|
710
|
-
assert(internalState !== undefined);
|
|
711
|
-
const { profile } = internalState;
|
|
666
|
+
const { profile } = this.#state;
|
|
712
667
|
return profile;
|
|
713
668
|
}
|
|
714
669
|
|
|
@@ -716,9 +671,7 @@ export class Keycloak {
|
|
|
716
671
|
* @private Undocumented.
|
|
717
672
|
*/
|
|
718
673
|
get userInfo(): KeycloakUserInfo | undefined {
|
|
719
|
-
const
|
|
720
|
-
assert(internalState !== undefined);
|
|
721
|
-
const { userInfo } = internalState;
|
|
674
|
+
const { userInfo } = this.#state;
|
|
722
675
|
return userInfo;
|
|
723
676
|
}
|
|
724
677
|
|
|
@@ -764,15 +717,11 @@ export class Keycloak {
|
|
|
764
717
|
* obtain a new access token.
|
|
765
718
|
*/
|
|
766
719
|
set onTokenExpired(value: (() => void) | undefined) {
|
|
767
|
-
const
|
|
768
|
-
assert(internalState !== undefined);
|
|
769
|
-
const { $onTokenExpired } = internalState;
|
|
720
|
+
const { $onTokenExpired } = this.#state;
|
|
770
721
|
$onTokenExpired.current = value;
|
|
771
722
|
}
|
|
772
723
|
get onTokenExpired() {
|
|
773
|
-
const
|
|
774
|
-
assert(internalState !== undefined);
|
|
775
|
-
const { $onTokenExpired } = internalState;
|
|
724
|
+
const { $onTokenExpired } = this.#state;
|
|
776
725
|
return $onTokenExpired.current;
|
|
777
726
|
}
|
|
778
727
|
|
|
@@ -801,14 +750,11 @@ export class Keycloak {
|
|
|
801
750
|
doesCurrentHrefRequiresAuth
|
|
802
751
|
} = options ?? {};
|
|
803
752
|
|
|
804
|
-
const internalState = internalStateByInstance.get(this);
|
|
805
|
-
assert(internalState !== undefined);
|
|
806
|
-
|
|
807
753
|
if (!this.didInitialize) {
|
|
808
|
-
await
|
|
754
|
+
await this.#state.dInitialized.pr;
|
|
809
755
|
}
|
|
810
756
|
|
|
811
|
-
const { oidc, keycloakUtils } =
|
|
757
|
+
const { oidc, keycloakUtils } = this.#state;
|
|
812
758
|
|
|
813
759
|
assert(oidc !== undefined);
|
|
814
760
|
|
|
@@ -863,15 +809,11 @@ export class Keycloak {
|
|
|
863
809
|
* @param options Logout options.
|
|
864
810
|
*/
|
|
865
811
|
async logout(options?: KeycloakLogoutOptions): Promise<never> {
|
|
866
|
-
const internalState = internalStateByInstance.get(this);
|
|
867
|
-
|
|
868
|
-
assert(internalState !== undefined);
|
|
869
|
-
|
|
870
812
|
if (!this.didInitialize) {
|
|
871
|
-
await
|
|
813
|
+
await this.#state.dInitialized.pr;
|
|
872
814
|
}
|
|
873
815
|
|
|
874
|
-
const { oidc, initOptions } =
|
|
816
|
+
const { oidc, initOptions } = this.#state;
|
|
875
817
|
|
|
876
818
|
assert(oidc !== undefined);
|
|
877
819
|
assert(initOptions !== undefined);
|
|
@@ -949,11 +891,7 @@ export class Keycloak {
|
|
|
949
891
|
createAccountUrl(options?: KeycloakAccountOptions & { locale?: string }): string {
|
|
950
892
|
const { locale, redirectUri } = options ?? {};
|
|
951
893
|
|
|
952
|
-
const
|
|
953
|
-
|
|
954
|
-
assert(internalState !== undefined);
|
|
955
|
-
|
|
956
|
-
const { keycloakUtils } = internalState;
|
|
894
|
+
const { keycloakUtils } = this.#state;
|
|
957
895
|
|
|
958
896
|
return keycloakUtils.getAccountUrl({
|
|
959
897
|
clientId: this.clientId,
|
|
@@ -968,9 +906,6 @@ export class Keycloak {
|
|
|
968
906
|
* @param minValidity If not specified, `0` is used.
|
|
969
907
|
*/
|
|
970
908
|
isTokenExpired(minValidity: number = 0): boolean {
|
|
971
|
-
const internalState = internalStateByInstance.get(this);
|
|
972
|
-
assert(internalState !== undefined);
|
|
973
|
-
|
|
974
909
|
let accessTokenExpirationTime: number;
|
|
975
910
|
|
|
976
911
|
if (!this.didInitialize) {
|
|
@@ -985,7 +920,7 @@ export class Keycloak {
|
|
|
985
920
|
|
|
986
921
|
accessTokenExpirationTime = time;
|
|
987
922
|
} else {
|
|
988
|
-
const { tokens } =
|
|
923
|
+
const { tokens } = this.#state;
|
|
989
924
|
assert(tokens !== undefined);
|
|
990
925
|
|
|
991
926
|
accessTokenExpirationTime = tokens.accessTokenExpirationTime;
|
|
@@ -1018,15 +953,11 @@ export class Keycloak {
|
|
|
1018
953
|
* });
|
|
1019
954
|
*/
|
|
1020
955
|
async updateToken(minValidity: number = 5): Promise<boolean> {
|
|
1021
|
-
const internalState = internalStateByInstance.get(this);
|
|
1022
|
-
|
|
1023
|
-
assert(internalState !== undefined);
|
|
1024
|
-
|
|
1025
956
|
if (!this.didInitialize) {
|
|
1026
|
-
await
|
|
957
|
+
await this.#state.dInitialized.pr;
|
|
1027
958
|
}
|
|
1028
959
|
|
|
1029
|
-
const { oidc } =
|
|
960
|
+
const { oidc } = this.#state;
|
|
1030
961
|
|
|
1031
962
|
assert(oidc !== undefined);
|
|
1032
963
|
|
|
@@ -1082,14 +1013,11 @@ export class Keycloak {
|
|
|
1082
1013
|
* @returns A promise to set functions to be invoked on success or error.
|
|
1083
1014
|
*/
|
|
1084
1015
|
async loadUserProfile(): Promise<KeycloakProfile> {
|
|
1085
|
-
const internalState = internalStateByInstance.get(this);
|
|
1086
|
-
assert(internalState !== undefined);
|
|
1087
|
-
|
|
1088
1016
|
if (!this.didInitialize) {
|
|
1089
|
-
await
|
|
1017
|
+
await this.#state.dInitialized.pr;
|
|
1090
1018
|
}
|
|
1091
1019
|
|
|
1092
|
-
const { oidc, keycloakUtils } =
|
|
1020
|
+
const { oidc, keycloakUtils } = this.#state;
|
|
1093
1021
|
|
|
1094
1022
|
assert(oidc !== undefined);
|
|
1095
1023
|
|
|
@@ -1097,21 +1025,18 @@ export class Keycloak {
|
|
|
1097
1025
|
|
|
1098
1026
|
const { accessToken } = await oidc.getTokens();
|
|
1099
1027
|
|
|
1100
|
-
return (
|
|
1028
|
+
return (this.#state.profile = await keycloakUtils.fetchUserProfile({ accessToken }));
|
|
1101
1029
|
}
|
|
1102
1030
|
|
|
1103
1031
|
/**
|
|
1104
1032
|
* @private Undocumented.
|
|
1105
1033
|
*/
|
|
1106
1034
|
async loadUserInfo(): Promise<KeycloakUserInfo> {
|
|
1107
|
-
const internalState = internalStateByInstance.get(this);
|
|
1108
|
-
assert(internalState !== undefined);
|
|
1109
|
-
|
|
1110
1035
|
if (!this.didInitialize) {
|
|
1111
|
-
await
|
|
1036
|
+
await this.#state.dInitialized.pr;
|
|
1112
1037
|
}
|
|
1113
1038
|
|
|
1114
|
-
const { oidc, keycloakUtils } =
|
|
1039
|
+
const { oidc, keycloakUtils } = this.#state;
|
|
1115
1040
|
|
|
1116
1041
|
assert(oidc !== undefined);
|
|
1117
1042
|
|
|
@@ -1119,6 +1044,20 @@ export class Keycloak {
|
|
|
1119
1044
|
|
|
1120
1045
|
const { accessToken } = await oidc.getTokens();
|
|
1121
1046
|
|
|
1122
|
-
return (
|
|
1047
|
+
return (this.#state.userInfo = await keycloakUtils.fetchUserInfo({ accessToken }));
|
|
1048
|
+
}
|
|
1049
|
+
|
|
1050
|
+
/** Get the underlying oidc-spa instance */
|
|
1051
|
+
get oidc(): Oidc<Record<string, unknown>> {
|
|
1052
|
+
assert(
|
|
1053
|
+
this.didInitialize,
|
|
1054
|
+
"Cannot get keycloak.oidc before the init() method was called and have resolved."
|
|
1055
|
+
);
|
|
1056
|
+
|
|
1057
|
+
const { oidc } = this.#state;
|
|
1058
|
+
|
|
1059
|
+
assert(oidc !== undefined);
|
|
1060
|
+
|
|
1061
|
+
return oidc;
|
|
1123
1062
|
}
|
|
1124
1063
|
}
|