npm - oidc-spa - Versions diffs - 7.3.1 → 8.0.0 - Mend

oidc-spa 7.3.1 → 8.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (82) hide show

package/core/AuthResponse.d.ts +5 -0
package/core/AuthResponse.js +25 -0
package/core/AuthResponse.js.map +1 -1
package/core/StateData.d.ts +2 -6
package/core/StateData.js +0 -13
package/core/StateData.js.map +1 -1
package/core/createOidc.d.ts +2 -2
package/core/createOidc.js +70 -19
package/core/createOidc.js.map +1 -1
package/core/diagnostic.js +3 -3
package/core/earlyInit.d.ts +16 -0
package/core/earlyInit.js +157 -0
package/core/earlyInit.js.map +1 -0
package/core/index.d.ts +0 -1
package/core/index.js +1 -3
package/core/index.js.map +1 -1
package/core/loginOrGoToAuthServer.js +19 -6
package/core/loginOrGoToAuthServer.js.map +1 -1
package/entrypoint.d.ts +1 -7
package/entrypoint.js +3 -46
package/entrypoint.js.map +1 -1
package/esm/core/AuthResponse.d.ts +5 -0
package/esm/core/AuthResponse.js +23 -0
package/esm/core/AuthResponse.js.map +1 -1
package/esm/core/StateData.d.ts +2 -6
package/esm/core/StateData.js +0 -12
package/esm/core/StateData.js.map +1 -1
package/esm/core/createOidc.d.ts +2 -2
package/esm/core/createOidc.js +72 -21
package/esm/core/createOidc.js.map +1 -1
package/esm/core/diagnostic.js +3 -3
package/esm/core/earlyInit.d.ts +16 -0
package/esm/core/earlyInit.js +152 -0
package/esm/core/earlyInit.js.map +1 -0
package/esm/core/index.d.ts +0 -1
package/esm/core/index.js +0 -1
package/esm/core/index.js.map +1 -1
package/esm/core/loginOrGoToAuthServer.js +19 -6
package/esm/core/loginOrGoToAuthServer.js.map +1 -1
package/esm/entrypoint.d.ts +1 -7
package/esm/entrypoint.js +1 -45
package/esm/entrypoint.js.map +1 -1
package/esm/mock/oidc.js +15 -4
package/esm/mock/oidc.js.map +1 -1
package/esm/mock/react.d.ts +1 -1
package/esm/mock/react.js +1 -1
package/esm/react/react.d.ts +1 -1
package/esm/react/react.js +2 -10
package/esm/react/react.js.map +1 -1
package/mock/oidc.js +15 -4
package/mock/oidc.js.map +1 -1
package/mock/react.d.ts +1 -1
package/mock/react.js +1 -1
package/package.json +1 -1
package/react/react.d.ts +1 -1
package/react/react.js +1 -9
package/react/react.js.map +1 -1
package/src/core/AuthResponse.ts +36 -0
package/src/core/StateData.ts +2 -22
package/src/core/createOidc.ts +108 -24
package/src/core/diagnostic.ts +3 -3
package/src/core/earlyInit.ts +213 -0
package/src/core/index.ts +0 -1
package/src/core/loginOrGoToAuthServer.ts +24 -6
package/src/entrypoint.ts +1 -69
package/src/mock/oidc.ts +15 -4
package/src/mock/react.tsx +1 -1
package/src/react/react.tsx +2 -18
package/core/handleOidcCallback.d.ts +0 -13
package/core/handleOidcCallback.js +0 -228
package/core/handleOidcCallback.js.map +0 -1
package/core/initialLocationHref.d.ts +0 -1
package/core/initialLocationHref.js +0 -8
package/core/initialLocationHref.js.map +0 -1
package/esm/core/handleOidcCallback.d.ts +0 -13
package/esm/core/handleOidcCallback.js +0 -223
package/esm/core/handleOidcCallback.js.map +0 -1
package/esm/core/initialLocationHref.d.ts +0 -1
package/esm/core/initialLocationHref.js +0 -5
package/esm/core/initialLocationHref.js.map +0 -1
package/src/core/handleOidcCallback.ts +0 -318
package/src/core/initialLocationHref.ts +0 -5

package/src/core/createOidc.ts CHANGED Viewed

@@ -13,14 +13,24 @@ import { createStartCountdown } from "../tools/startCountdown";
 import { toHumanReadableDuration } from "../tools/toHumanReadableDuration";
 import { toFullyQualifiedUrl } from "../tools/toFullyQualifiedUrl";
 import { OidcInitializationError } from "./OidcInitializationError";
-import { type StateData, generateStateUrlParamValue, STATE_STORE_KEY_PREFIX } from "./StateData";
+import {
+    type StateData,
+    generateStateUrlParamValue,
+    STATE_STORE_KEY_PREFIX,
+    getStateData
+} from "./StateData";
 import { notifyOtherTabsOfLogout, getPrOtherTabLogout } from "./logoutPropagationToOtherTabs";
 import { notifyOtherTabsOfLogin, getPrOtherTabLogin } from "./loginPropagationToOtherTabs";
 import { getConfigId } from "./configId";
 import { oidcClientTsUserToTokens } from "./oidcClientTsUserToTokens";
 import { loginSilent } from "./loginSilent";
-import { authResponseToUrl } from "./AuthResponse";
-import { handleOidcCallback, retrieveRedirectAuthResponseAndStateData } from "./handleOidcCallback";
+import {
+    authResponseToUrl,
+    getPersistedRedirectAuthResponses,
+    setPersistedRedirectAuthResponses,
+    type AuthResponse
+} from "./AuthResponse";
+import { getRootRelativeOriginalLocationHref, getRedirectAuthResponse } from "./earlyInit";
 import { getPersistedAuthState, persistAuthState } from "./persistedAuthState";
 import type { Oidc } from "./Oidc";
 import { createEvt } from "../tools/Evt";
@@ -34,7 +44,6 @@ import {
     startLoginOrRefreshProcess,
     waitForAllOtherOngoingLoginOrRefreshProcessesToComplete
 } from "./ongoingLoginOrRefreshProcesses";
-import { initialLocationHref } from "./initialLocationHref";
 import { createGetIsNewBrowserSession } from "./isNewBrowserSession";
 import { getIsOnline } from "../tools/getIsOnline";
 import { isKeycloak } from "../keycloak/isKeycloak";
@@ -135,7 +144,7 @@ export type ParamsOfCreateOidc<
     /**
      * Default: false
      *
-     * See: https://docs.oidc-spa.dev/v/v7/resources/iframe-related-issues
+     * See: https://docs.oidc-spa.dev/v/v8/resources/iframe-related-issues
      */
     noIframe?: boolean;
@@ -180,7 +189,21 @@ const globalContext = {
     evtRequestToPersistTokens: createEvt<{ configIdOfInstancePostingTheRequest: string }>()
 };
-/** @see: https://docs.oidc-spa.dev/v/v7/usage */
+globalContext.evtRequestToPersistTokens.subscribe(() => {
+    const { authResponse } = getRedirectAuthResponse();
+    if (authResponse === undefined) {
+        return;
+    }
+    const { authResponses } = getPersistedRedirectAuthResponses();
+    setPersistedRedirectAuthResponses({
+        authResponses: [...authResponses, authResponse]
+    });
+});
+/** @see: https://docs.oidc-spa.dev/v/v8/usage */
 export async function createOidc<
     DecodedIdToken extends Record<string, unknown> = Record<string, unknown>,
     AutoLogin extends boolean = false
@@ -340,14 +363,6 @@ export async function createOidc_nonMemoized<
         )}`
     );
-    {
-        const { isHandled } = handleOidcCallback();
-        if (isHandled) {
-            await new Promise<never>(() => {});
-        }
-    }
     const stateUrlParamValue_instance = generateStateUrlParamValue();
     const canUseIframe = (() => {
@@ -476,13 +491,81 @@ export async function createOidc_nonMemoized<
           }
     > => {
         handle_redirect_auth_response: {
-            const authResponseAndStateData = retrieveRedirectAuthResponseAndStateData({ configId });
+            let stateDataAndAuthResponse:
+                | { stateData: StateData.Redirect; authResponse: AuthResponse }
+                | undefined = undefined;
+            get_stateData_and_authResponse: {
+                from_memory: {
+                    const { authResponse, clearAuthResponse } = getRedirectAuthResponse();
+                    if (authResponse === undefined) {
+                        break from_memory;
+                    }
+                    const stateData = getStateData({ stateUrlParamValue: authResponse.state });
+                    if (stateData === undefined) {
+                        clearAuthResponse();
+                        break from_memory;
+                    }
+                    if (stateData.configId !== configId) {
+                        break from_memory;
+                    }
-            if (authResponseAndStateData === undefined) {
+                    assert(stateData.context === "redirect", "3229492");
+                    clearAuthResponse();
+                    stateDataAndAuthResponse = { stateData, authResponse };
+                    break get_stateData_and_authResponse;
+                }
+                // from storage, this is for race condition in multiple instance
+                // setup where one instance would need to redirect before
+                // the authResponse in memory had the chance to be processed.
+                // This can only happen if:
+                // 1) There are multiple oidc instances in the App.
+                // 2) They are instantiated in a non deterministic order.
+                // 3) We can't use iframe
+                // We practically never persist the auth response and do it only in session
+                // an ephemeral session storage, when we know it's gonna be required.
+                {
+                    const { authResponses } = getPersistedRedirectAuthResponses();
+                    for (const authResponse of authResponses) {
+                        const stateData = getStateData({ stateUrlParamValue: authResponse.state });
+                        if (stateData === undefined) {
+                            continue;
+                        }
+                        if (stateData.configId !== configId) {
+                            continue;
+                        }
+                        assert(stateData.context === "redirect", "35935591");
+                        setPersistedRedirectAuthResponses({
+                            authResponses: authResponses.filter(
+                                authResponse_i => authResponse_i !== authResponse
+                            )
+                        });
+                        stateDataAndAuthResponse = { stateData, authResponse };
+                        break get_stateData_and_authResponse;
+                    }
+                }
+            }
+            if (stateDataAndAuthResponse === undefined) {
                 break handle_redirect_auth_response;
             }
-            const { authResponse, stateData } = authResponseAndStateData;
+            const { stateData, authResponse } = stateDataAndAuthResponse;
             switch (stateData.action) {
                 case "login":
@@ -583,6 +666,8 @@ export async function createOidc_nonMemoized<
                         return undefined;
                     }
                     break;
+                default:
+                    assert<Equals<typeof stateData, never>>(false);
             }
         }
@@ -761,7 +846,7 @@ export async function createOidc_nonMemoized<
                     await loginOrGoToAuthServer({
                         action: "login",
                         doForceReloadOnBfCache: true,
-                        redirectUrl: initialLocationHref,
+                        redirectUrl: getRootRelativeOriginalLocationHref(),
                         // NOTE: Wether or not it's the preferred behavior, pushing to history
                         // only works on user interaction so it have to be false
                         doNavigateBackToLastPublicUrlIfTheTheUserNavigateBack: false,
@@ -1023,7 +1108,7 @@ export async function createOidc_nonMemoized<
             globalContext.hasLogoutBeenCalled = true;
-            const postLogoutRedirectUrl: string = (() => {
+            const rootRelativePostLogoutRedirectUrl: string = (() => {
                 switch (params.redirectTo) {
                     case "current page":
                         return window.location.href;
@@ -1035,7 +1120,7 @@ export async function createOidc_nonMemoized<
                             doAssertNoQueryParams: false
                         });
                 }
-            })();
+            })().slice(window.location.origin.length);
             await waitForAllOtherOngoingLoginOrRefreshProcessesToComplete({
                 prUnlock: new Promise<never>(() => {})
@@ -1050,11 +1135,10 @@ export async function createOidc_nonMemoized<
             try {
                 await oidcClientTsUserManager.signoutRedirect({
-                    state: id<StateData>({
+                    state: id<StateData.Redirect>({
                         configId,
                         context: "redirect",
-                        redirectUrl: postLogoutRedirectUrl,
-                        hasBeenProcessedByCallback: false,
+                        rootRelativeRedirectUrl: rootRelativePostLogoutRedirectUrl,
                         action: "logout",
                         sessionId
                     }),
@@ -1079,7 +1163,7 @@ export async function createOidc_nonMemoized<
                         sessionId
                     });
-                    window.location.href = postLogoutRedirectUrl;
+                    window.location.href = rootRelativePostLogoutRedirectUrl;
                 } else {
                     throw error;
                 }

package/src/core/diagnostic.ts CHANGED Viewed

@@ -180,7 +180,7 @@ export async function createIframeTimeoutInitializationError(params: {
             messageOrCause: [
                 `${redirectUri} is currently served by your web server with the HTTP header \`${key_problem}: ${headers[key_problem]}\`.\n`,
                 "This header prevents the silent sign-in process from working.\n",
-                "Refer to this documentation page to fix this issue: https://docs.oidc-spa.dev/v/v7/resources/iframe-related-issues"
+                "Refer to this documentation page to fix this issue: https://docs.oidc-spa.dev/v/v8/resources/iframe-related-issues"
             ].join(" ")
         });
     }
@@ -217,7 +217,7 @@ export async function createIframeTimeoutInitializationError(params: {
                     `5. Locate the client "${clientId}" in the list and click on it.\n`,
                     `6. Find "Valid Redirect URIs" and add "${redirectUri}" to the list.\n`,
                     `7. Save the changes.\n\n`,
-                    `For more information, refer to the documentation: https://docs.oidc-spa.dev/v/v7/providers-configuration/keycloak`
+                    `For more information, refer to the documentation: https://docs.oidc-spa.dev/v/v8/providers-configuration/keycloak`
                 ];
             })(),
             "\n\n",
@@ -259,7 +259,7 @@ export async function createFailedToFetchTokenEndpointInitializationError(params
                     `5. Find '${clientId}' in the list of clients and click on it.\n`,
                     `6. Find 'Web Origins' and add '${window.location.origin}' to the list.\n`,
                     `7. Save the changes.\n\n`,
-                    `More info: https://docs.oidc-spa.dev/v/v7/providers-configuration/keycloak`
+                    `More info: https://docs.oidc-spa.dev/v/v8/providers-configuration/keycloak`
                 ];
             })()
         ].join(" ")

package/src/core/earlyInit.ts ADDED Viewed

@@ -0,0 +1,213 @@
+import { getStateData, getIsStatQueryParamValue } from "./StateData";
+import { assert, type Equals } from "../vendor/frontend/tsafe";
+import type { AuthResponse } from "./AuthResponse";
+import {
+    encryptAuthResponse,
+    preventSessionStorageSetItemOfPublicKeyByThirdParty
+} from "./iframeMessageProtection";
+let hasEarlyInitBeenCalled = false;
+export function oidcEarlyInit(params: {
+    freezeFetch: boolean;
+    freezeXMLHttpRequest: boolean;
+    // NOTE: Made optional just to avoid breaking change.
+    // Will be made mandatory next major.
+    freezeWebSocket?: boolean;
+}) {
+    if (hasEarlyInitBeenCalled) {
+        throw new Error("oidc-spa: oidcEarlyInit() Should be called only once");
+    }
+    hasEarlyInitBeenCalled = true;
+    const { freezeFetch, freezeXMLHttpRequest, freezeWebSocket = false } = params ?? {};
+    const { shouldLoadApp } = handleOidcCallback();
+    if (shouldLoadApp) {
+        if (freezeXMLHttpRequest) {
+            const XMLHttpRequest_trusted = globalThis.XMLHttpRequest;
+            Object.freeze(XMLHttpRequest_trusted.prototype);
+            Object.freeze(XMLHttpRequest_trusted);
+            Object.defineProperty(globalThis, "XMLHttpRequest", {
+                configurable: false,
+                writable: false,
+                enumerable: true,
+                value: XMLHttpRequest_trusted
+            });
+        }
+        if (freezeFetch) {
+            const fetch_trusted = globalThis.fetch;
+            Object.freeze(fetch_trusted);
+            Object.defineProperty(globalThis, "fetch", {
+                configurable: false,
+                writable: false,
+                enumerable: true,
+                value: fetch_trusted
+            });
+        }
+        if (freezeWebSocket) {
+            const WebSocket_trusted = globalThis.WebSocket;
+            Object.freeze(WebSocket_trusted.prototype);
+            Object.freeze(WebSocket_trusted);
+            Object.defineProperty(globalThis, "WebSocket", {
+                configurable: false,
+                writable: false,
+                enumerable: true,
+                value: WebSocket_trusted
+            });
+        }
+        preventSessionStorageSetItemOfPublicKeyByThirdParty();
+    }
+    return { shouldLoadApp };
+}
+let redirectAuthResponse: AuthResponse | undefined = undefined;
+export function getRedirectAuthResponse():
+    | { authResponse: AuthResponse; clearAuthResponse: () => void }
+    | { authResponse: undefined; clearAuthResponse?: never } {
+    if (!hasEarlyInitBeenCalled) {
+        throw new Error(
+            [
+                "oidc-spa setup error.",
+                "oidcEarlyInit() wasn't called.",
+                "In newer version, using oidc-spa/entrypoint is no longer optional."
+            ].join(" ")
+        );
+    }
+    return redirectAuthResponse === undefined
+        ? { authResponse: undefined }
+        : {
+              authResponse: redirectAuthResponse,
+              clearAuthResponse: () => {
+                  redirectAuthResponse = undefined;
+              }
+          };
+}
+let rootRelativeOriginalLocationHref: string | undefined = undefined;
+export function getRootRelativeOriginalLocationHref() {
+    assert(rootRelativeOriginalLocationHref !== undefined, "033292");
+    return rootRelativeOriginalLocationHref;
+}
+function handleOidcCallback(): { shouldLoadApp: boolean } {
+    const location_urlObj = new URL(window.location.href);
+    const locationHrefAssessment = (() => {
+        fragment: {
+            const stateUrlParamValue = new URLSearchParams(location_urlObj.hash.replace(/^#/, "")).get(
+                "state"
+            );
+            if (stateUrlParamValue === null) {
+                break fragment;
+            }
+            if (!getIsStatQueryParamValue({ maybeStateUrlParamValue: stateUrlParamValue })) {
+                break fragment;
+            }
+            return { hasAuthResponseInUrl: true, responseMode: "fragment" } as const;
+        }
+        query: {
+            const stateUrlParamValue = location_urlObj.searchParams.get("state");
+            if (stateUrlParamValue === null) {
+                break query;
+            }
+            if (!getIsStatQueryParamValue({ maybeStateUrlParamValue: stateUrlParamValue })) {
+                break query;
+            }
+            if (
+                location_urlObj.searchParams.get("client_id") !== null &&
+                location_urlObj.searchParams.get("response_type") !== null &&
+                location_urlObj.searchParams.get("redirect_uri") !== null
+            ) {
+                // NOTE: We are probably in a Keycloakify theme and oidc-spa was loaded by mistake.
+                break query;
+            }
+            return { hasAuthResponseInUrl: true, responseMode: "query" } as const;
+        }
+        return { hasAuthResponseInUrl: false } as const;
+    })();
+    if (!locationHrefAssessment.hasAuthResponseInUrl) {
+        rootRelativeOriginalLocationHref = location_urlObj.href.slice(location_urlObj.origin.length);
+        return { shouldLoadApp: true };
+    }
+    rootRelativeOriginalLocationHref = location_urlObj.pathname;
+    const { authResponse } = (() => {
+        const authResponse: AuthResponse = { state: "" };
+        const searchParams = (() => {
+            switch (locationHrefAssessment.responseMode) {
+                case "fragment":
+                    return new URLSearchParams(location_urlObj.hash.replace(/^#/, ""));
+                case "query":
+                    return location_urlObj.searchParams;
+                default:
+                    assert<Equals<typeof locationHrefAssessment, never>>(false);
+            }
+        })();
+        for (const [key, value] of searchParams) {
+            authResponse[key] = value;
+        }
+        assert(authResponse.state !== "", "063965");
+        return { authResponse };
+    })();
+    const stateData = getStateData({ stateUrlParamValue: authResponse.state });
+    if (stateData === undefined) {
+        history.replaceState({}, "", rootRelativeOriginalLocationHref);
+        return { shouldLoadApp: true };
+    }
+    switch (stateData.context) {
+        case "iframe":
+            encryptAuthResponse({
+                authResponse
+            }).then(({ encryptedMessage }) => parent.postMessage(encryptedMessage, location.origin));
+            return { shouldLoadApp: false };
+        case "redirect": {
+            redirectAuthResponse = authResponse;
+            const rootRelativeRedirectUrl = (() => {
+                if (stateData.action === "login" && authResponse.error === "consent_required") {
+                    return stateData.rootRelativeRedirectUrl_consentRequiredCase;
+                }
+                return stateData.rootRelativeRedirectUrl;
+            })();
+            history.replaceState({}, "", rootRelativeRedirectUrl);
+            return { shouldLoadApp: true };
+        }
+        default:
+            assert<Equals<typeof stateData, never>>(false);
+    }
+}

package/src/core/index.ts CHANGED Viewed

@@ -1,4 +1,3 @@
 export type { Oidc } from "./Oidc";
 export { createOidc, type ParamsOfCreateOidc } from "./createOidc";
 export { OidcInitializationError } from "./OidcInitializationError";
-export { handleOidcCallback } from "./handleOidcCallback";

package/src/core/loginOrGoToAuthServer.ts CHANGED Viewed

@@ -178,21 +178,39 @@ export function createLoginOrGoToAuthServer(params: {
             doAssertNoQueryParams: false
         });
-        log?.(`redirectUrl: ${redirectUrl}`);
+        {
+            const redirectUrl_obj = new URL(redirectUrl);
+            const redirectUrl_originAndPath = `${redirectUrl_obj.origin}${redirectUrl_obj.pathname}`;
+            if (!redirectUrl_originAndPath.startsWith(homeUrl)) {
+                throw new Error(
+                    [
+                        `oidc-spa: redirect target ${redirectUrl_originAndPath} is outside of your application.`,
+                        `The homeUrl that you have provided defines the root where your app is hosted: ${homeUrl}.\n`,
+                        `This usually means one of the following:\n`,
+                        `1) The homeUrl is not set correctly. It must be the actual hosting root (for Vite, typically \`import.meta.env.BASE_URL\`).\n`,
+                        `2) You are trying to redirect outside of your application, which is not allowed by OIDC.`
+                    ].join(" ")
+                );
+            }
+        }
+        const rootRelativeRedirectUrl = redirectUrl.slice(window.location.origin.length);
+        log?.(`redirectUrl: ${rootRelativeRedirectUrl}`);
         const stateData: StateData = {
             context: "redirect",
-            redirectUrl,
+            rootRelativeRedirectUrl,
             extraQueryParams: {},
-            hasBeenProcessedByCallback: false,
             configId,
             action: "login",
-            redirectUrl_consentRequiredCase: (() => {
+            rootRelativeRedirectUrl_consentRequiredCase: (() => {
                 switch (rest.action) {
                     case "login":
-                        return lastPublicUrl ?? homeUrl;
+                        return (lastPublicUrl ?? homeUrl).slice(window.location.origin.length);
                     case "go to auth server":
-                        return redirectUrl;
+                        return rootRelativeRedirectUrl;
                 }
             })()
         };

package/src/entrypoint.ts CHANGED Viewed

@@ -1,69 +1 @@
-import {
-    handleOidcCallback,
-    moveRedirectAuthResponseFromSessionStorageToMemory
-} from "./core/handleOidcCallback";
-import { preventSessionStorageSetItemOfPublicKeyByThirdParty } from "./core/iframeMessageProtection";
-export function oidcEarlyInit(params: {
-    freezeFetch: boolean;
-    freezeXMLHttpRequest: boolean;
-    // NOTE: Made optional just to avoid breaking change.
-    // Will be made mandatory next major.
-    freezeWebSocket?: boolean;
-}) {
-    const { freezeFetch, freezeXMLHttpRequest, freezeWebSocket = false } = params ?? {};
-    const { isHandled } = handleOidcCallback();
-    const shouldLoadApp = !isHandled;
-    if (shouldLoadApp) {
-        moveRedirectAuthResponseFromSessionStorageToMemory();
-        if (freezeXMLHttpRequest) {
-            const XMLHttpRequest_trusted = globalThis.XMLHttpRequest;
-            Object.freeze(XMLHttpRequest_trusted.prototype);
-            Object.freeze(XMLHttpRequest_trusted);
-            Object.defineProperty(globalThis, "XMLHttpRequest", {
-                configurable: false,
-                writable: false,
-                enumerable: true,
-                value: XMLHttpRequest_trusted
-            });
-        }
-        if (freezeFetch) {
-            const fetch_trusted = globalThis.fetch;
-            Object.freeze(fetch_trusted.prototype);
-            Object.freeze(fetch_trusted);
-            Object.defineProperty(globalThis, "fetch", {
-                configurable: false,
-                writable: false,
-                enumerable: true,
-                value: fetch_trusted
-            });
-        }
-        if (freezeWebSocket) {
-            const WebSocket_trusted = globalThis.WebSocket;
-            Object.freeze(WebSocket_trusted.prototype);
-            Object.freeze(WebSocket_trusted);
-            Object.defineProperty(globalThis, "WebSocket", {
-                configurable: false,
-                writable: false,
-                enumerable: true,
-                value: WebSocket_trusted
-            });
-        }
-        preventSessionStorageSetItemOfPublicKeyByThirdParty();
-    }
-    return { shouldLoadApp };
-}
+export { oidcEarlyInit } from "./core/earlyInit";

package/src/mock/oidc.ts CHANGED Viewed

@@ -3,7 +3,7 @@ import { createObjectThatThrowsIfAccessed } from "../tools/createObjectThatThrow
 import { id } from "../vendor/frontend/tsafe";
 import { toFullyQualifiedUrl } from "../tools/toFullyQualifiedUrl";
 import { getSearchParam, addOrUpdateSearchParam } from "../tools/urlSearchParams";
-import { initialLocationHref } from "../core/initialLocationHref";
+import { getRootRelativeOriginalLocationHref } from "../core/earlyInit";
 export type ParamsOfCreateMockOidc<
     DecodedIdToken extends Record<string, unknown> = Record<string, unknown>,
@@ -28,6 +28,8 @@ export type ParamsOfCreateMockOidc<
 const URL_SEARCH_PARAM_NAME = "isUserLoggedIn";
+const locationHref_moduleEvalTime = location.href;
 export async function createMockOidc<
     DecodedIdToken extends Record<string, unknown> = Oidc.Tokens.DecodedIdToken_base,
     AutoLogin extends boolean = false
@@ -45,7 +47,16 @@ export async function createMockOidc<
     const isUserLoggedIn = (() => {
         const { wasPresent, value } = getSearchParam({
-            url: initialLocationHref,
+            url: toFullyQualifiedUrl({
+                urlish: (() => {
+                    try {
+                        return getRootRelativeOriginalLocationHref();
+                    } catch {
+                        return locationHref_moduleEvalTime;
+                    }
+                })(),
+                doAssertNoQueryParams: false
+            }),
             name: URL_SEARCH_PARAM_NAME
         });
@@ -140,7 +151,7 @@ export async function createMockOidc<
                     createObjectThatThrowsIfAccessed<DecodedIdToken>({
                         debugMessage: [
                             "You haven't provided a mocked decodedIdToken",
-                            "See https://docs.oidc-spa.dev/v/v7/mock"
+                            "See https://docs.oidc-spa.dev/v/v8/mock"
                         ].join("\n")
                     }),
                 decodedIdToken_original:
@@ -148,7 +159,7 @@ export async function createMockOidc<
                     createObjectThatThrowsIfAccessed<Oidc.Tokens.DecodedIdToken_base>({
                         debugMessage: [
                             "You haven't provided a mocked decodedIdToken_original",
-                            "See https://docs.oidc-spa.dev/v/v7/mock"
+                            "See https://docs.oidc-spa.dev/v/v8/mock"
                         ].join("\n")
                     }),
                 issuedAtTime: Date.now(),

package/src/mock/react.tsx CHANGED Viewed

@@ -2,7 +2,7 @@ import { createOidcReactApi_dependencyInjection } from "../react/react";
 import { createMockOidc, type ParamsOfCreateMockOidc } from "./oidc";
 import type { ValueOrAsyncGetter } from "../tools/ValueOrAsyncGetter";
-/** @see: https://docs.oidc-spa.dev/v/v7/mock */
+/** @see: https://docs.oidc-spa.dev/v/v8/mock */
 export function createMockReactOidc<
     DecodedIdToken extends Record<string, unknown> = Record<string, unknown>,
     AutoLogin extends boolean = false