oidc-spa 8.0.5 → 8.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/core/createOidc.d.ts +7 -7
- package/core/createOidc.js +2 -2
- package/core/createOidc.js.map +1 -1
- package/esm/angular.d.ts +191 -0
- package/esm/angular.js +314 -0
- package/esm/angular.js.map +1 -0
- package/esm/core/createOidc.d.ts +7 -7
- package/esm/core/createOidc.js +2 -2
- package/esm/core/createOidc.js.map +1 -1
- package/esm/keycloak/keycloakUtils.js.map +1 -1
- package/esm/tools/ConcreteClass.d.ts +3 -0
- package/esm/tools/ConcreteClass.js +2 -0
- package/esm/tools/ConcreteClass.js.map +1 -0
- package/esm/tools/Deferred.d.ts +7 -0
- package/esm/tools/Deferred.js +5 -0
- package/esm/tools/Deferred.js.map +1 -1
- package/esm/tools/ReadonlyBehaviorSubject.d.ts +8 -0
- package/esm/tools/ReadonlyBehaviorSubject.js +2 -0
- package/esm/tools/ReadonlyBehaviorSubject.js.map +1 -0
- package/esm/tools/getBaseHref.d.ts +1 -0
- package/esm/tools/getBaseHref.js +8 -0
- package/esm/tools/getBaseHref.js.map +1 -0
- package/esm/vendor/frontend/tsafe.d.ts +1 -0
- package/esm/vendor/frontend/tsafe.js +1 -1
- package/keycloak/keycloakUtils.js.map +1 -1
- package/package.json +4 -5
- package/src/angular.ts +583 -0
- package/src/core/createOidc.ts +10 -10
- package/src/keycloak/keycloakUtils.ts +0 -1
- package/src/tools/ConcreteClass.ts +3 -0
- package/src/tools/Deferred.ts +10 -0
- package/src/tools/ReadonlyBehaviorSubject.ts +9 -0
- package/src/tools/getBaseHref.ts +7 -0
- package/src/vendor/frontend/tsafe.ts +1 -0
- package/tools/ConcreteClass.d.ts +3 -0
- package/tools/ConcreteClass.js +3 -0
- package/tools/ConcreteClass.js.map +1 -0
- package/tools/Deferred.d.ts +7 -0
- package/tools/Deferred.js +5 -0
- package/tools/Deferred.js.map +1 -1
- package/tools/ReadonlyBehaviorSubject.d.ts +8 -0
- package/tools/ReadonlyBehaviorSubject.js +3 -0
- package/tools/ReadonlyBehaviorSubject.js.map +1 -0
- package/tools/getBaseHref.d.ts +1 -0
- package/tools/getBaseHref.js +11 -0
- package/tools/getBaseHref.js.map +1 -0
- package/vendor/frontend/tsafe.d.ts +1 -0
- package/vendor/frontend/tsafe.js +1 -1
- package/angular/angular.d.ts +0 -72
- package/angular/angular.js +0 -254
- package/angular/angular.js.map +0 -1
- package/angular/index.d.ts +0 -1
- package/angular/index.js +0 -6
- package/angular/index.js.map +0 -1
- package/esm/angular/angular.d.ts +0 -72
- package/esm/angular/angular.js +0 -250
- package/esm/angular/angular.js.map +0 -1
- package/esm/angular/index.d.ts +0 -1
- package/esm/angular/index.js +0 -2
- package/esm/angular/index.js.map +0 -1
- package/esm/mock/angular.d.ts +0 -41
- package/esm/mock/angular.js +0 -7
- package/esm/mock/angular.js.map +0 -1
- package/mock/angular.d.ts +0 -41
- package/mock/angular.js +0 -10
- package/mock/angular.js.map +0 -1
- package/src/angular/angular.ts +0 -429
- package/src/angular/index.ts +0 -1
- package/src/mock/angular.ts +0 -11
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
export function getBaseHref() {
|
|
2
|
+
const baseEl = document.querySelector("base[href]");
|
|
3
|
+
if (!baseEl) {
|
|
4
|
+
throw new Error('No <base href="..."> element found in the DOM');
|
|
5
|
+
}
|
|
6
|
+
return baseEl.getAttribute("href") ?? "/";
|
|
7
|
+
}
|
|
8
|
+
//# sourceMappingURL=getBaseHref.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"getBaseHref.js","sourceRoot":"","sources":["../../src/tools/getBaseHref.ts"],"names":[],"mappings":"AAAA,MAAM,UAAU,WAAW;IACvB,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAkB,YAAY,CAAC,CAAC;IACrE,IAAI,CAAC,MAAM,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACrE,CAAC;IACD,OAAO,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC;AAC9C,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
var t={d:(r,e)=>{for(var n in e)t.o(e,n)&&!t.o(r,n)&&Object.defineProperty(r,n,{enumerable:!0,get:e[n]})},o:(t,r)=>Object.prototype.hasOwnProperty.call(t,r)},r={};t.d(r,{vA:()=>v,id:()=>e,is:()=>h,FB:()=>g,AG:()=>m,Ew:()=>w});var e=function(t){return t};function n(t){return n="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t},n(t)}function o(t,r){var e=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);r&&(n=n.filter((function(r){return Object.getOwnPropertyDescriptor(t,r).enumerable}))),e.push.apply(e,n)}return e}function i(t){for(var r=1;r<arguments.length;r++){var e=null!=arguments[r]?arguments[r]:{};r%2?o(Object(e),!0).forEach((function(r){
|
|
1
|
+
var t={d:(r,e)=>{for(var n in e)t.o(e,n)&&!t.o(r,n)&&Object.defineProperty(r,n,{enumerable:!0,get:e[n]})},o:(t,r)=>Object.prototype.hasOwnProperty.call(t,r)},r={};t.d(r,{W9:()=>j,vA:()=>v,id:()=>e,is:()=>h,FB:()=>g,AG:()=>m,Ew:()=>w});var e=function(t){return t};function n(t){return n="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t},n(t)}function o(t,r){var e=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);r&&(n=n.filter((function(r){return Object.getOwnPropertyDescriptor(t,r).enumerable}))),e.push.apply(e,n)}return e}function i(t){for(var r=1;r<arguments.length;r++){var e=null!=arguments[r]?arguments[r]:{};r%2?o(Object(e),!0).forEach((function(r){u(t,r,e[r])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(e)):o(Object(e)).forEach((function(r){Object.defineProperty(t,r,Object.getOwnPropertyDescriptor(e,r))}))}return t}function u(t,r,e){return(r=function(t){var r=function(t){if("object"!=n(t)||!t)return t;var r=t[Symbol.toPrimitive];if(void 0!==r){var e=r.call(t,"string");if("object"!=n(e))return e;throw new TypeError("@@toPrimitive must return a primitive value.")}return String(t)}(t);return"symbol"==n(r)?r:r+""}(r))in t?Object.defineProperty(t,r,{value:e,enumerable:!0,configurable:!0,writable:!0}):t[r]=e,t}function c(t){return c="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t},c(t)}function f(t,r){if(r&&("object"==c(r)||"function"==typeof r))return r;if(void 0!==r)throw new TypeError("Derived constructors may only return object or undefined");return function(t){if(void 0===t)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return t}(t)}function a(t){var r="function"==typeof Map?new Map:void 0;return a=function(t){if(null===t||!function(t){try{return-1!==Function.toString.call(t).indexOf("[native code]")}catch(r){return"function"==typeof t}}(t))return t;if("function"!=typeof t)throw new TypeError("Super expression must either be null or a function");if(void 0!==r){if(r.has(t))return r.get(t);r.set(t,e)}function e(){return function(t,r,e){if(l())return Reflect.construct.apply(null,arguments);var n=[null];n.push.apply(n,r);var o=new(t.bind.apply(t,n));return e&&s(o,e.prototype),o}(t,arguments,p(this).constructor)}return e.prototype=Object.create(t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}),s(e,t)},a(t)}function l(){try{var t=!Boolean.prototype.valueOf.call(Reflect.construct(Boolean,[],(function(){})))}catch(t){}return(l=function(){return!!t})()}function s(t,r){return s=Object.setPrototypeOf?Object.setPrototypeOf.bind():function(t,r){return t.__proto__=r,t},s(t,r)}function p(t){return p=Object.setPrototypeOf?Object.getPrototypeOf.bind():function(t){return t.__proto__||Object.getPrototypeOf(t)},p(t)}var y=function(){function t(r){var e,n,o,u;if(function(t,r){if(!(t instanceof r))throw new TypeError("Cannot call a class as a function")}(this,t),n=this,o=t,u=["Wrong assertion encountered"+(r?': "'.concat(r,'"'):"")],o=p(o),(e=f(n,l()?Reflect.construct(o,u||[],p(n).constructor):o.apply(n,u))).originalMessage=r,Object.setPrototypeOf(e,(this instanceof t?this.constructor:void 0).prototype),!e.stack)return f(e);try{!function(t,r,e){try{t[r]=e}catch(t){}if(t[r]===e)return e;var n=void 0,o=Object.getOwnPropertyDescriptor(t,r)||{enumerable:!0,configurable:!0};if(o.get)throw new Error("Probably a wrong idea to overwrite ".concat(String(r)," getter"));try{Object.defineProperty(t,r,i(i({},o),{},{value:e}))}catch(t){n=t}if(t[r]!==e)throw n||new Error("Can't assign")}(e,"stack",e.stack.split("\n").filter((function(){for(var t=arguments.length,r=new Array(t),e=0;e<t;e++)r[e]=arguments[e];var n=r[1];return 1!==n&&2!==n})).join("\n"))}catch(t){}return e}return function(t,r){if("function"!=typeof r&&null!==r)throw new TypeError("Super expression must either be null or a function");t.prototype=Object.create(r&&r.prototype,{constructor:{value:t,writable:!0,configurable:!0}}),Object.defineProperty(t,"prototype",{writable:!1}),r&&s(t,r)}(t,a(Error)),r=t,Object.defineProperty(r,"prototype",{writable:!1}),r;var r}(),b=void 0;function v(t,r){if(0===arguments.length&&(t=!0),void 0===b){if(!t)throw new y("function"==typeof r?r():r)}else b=void 0}var d="Wrong usage of the `is` function refer to https://docs.tsafe.dev/is";function h(t){var r={};if(void 0!==b)throw b=void 0,new Error(d);return b=r,Promise.resolve().then((function(){if(b===r)throw new Error(d)})),null}function w(t,r){return r}function m(t){var r={};for(var e in t)void 0!==t[e]&&(r[e]=t[e]);return r}function O(t,r){(null==r||r>t.length)&&(r=t.length);for(var e=0,n=Array(r);e<r;e++)n[e]=t[e];return n}function g(t,r){var e,n=function(t,r){var e="undefined"!=typeof Symbol&&t[Symbol.iterator]||t["@@iterator"];if(!e){if(Array.isArray(t)||(e=function(t,r){if(t){if("string"==typeof t)return O(t,r);var e={}.toString.call(t).slice(8,-1);return"Object"===e&&t.constructor&&(e=t.constructor.name),"Map"===e||"Set"===e?Array.from(t):"Arguments"===e||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(e)?O(t,r):void 0}}(t))||r&&t&&"number"==typeof t.length){e&&(t=e);var n=0,o=function(){};return{s:o,n:function(){return n>=t.length?{done:!0}:{done:!1,value:t[n++]}},e:function(t){throw t},f:o}}throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}var i,u=!0,c=!1;return{s:function(){e=e.call(t)},n:function(){var t=e.next();return u=t.done,t},e:function(t){c=!0,i=t},f:function(){try{u||null==e.return||e.return()}finally{if(c)throw i}}}}(t);try{for(n.s();!(e=n.n()).done;)if(e.value===r)return!0}catch(t){n.e(t)}finally{n.f()}return!1}function j(){return null}var P=r.W9,S=r.vA,E=r.id,A=r.is,_=r.FB,D=r.AG,T=r.Ew;export{P as Reflect,S as assert,E as id,A as is,_ as isAmong,D as noUndefined,T as typeGuard};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"keycloakUtils.js","sourceRoot":"","sources":["../src/keycloak/keycloakUtils.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"keycloakUtils.js","sourceRoot":"","sources":["../src/keycloak/keycloakUtils.ts"],"names":[],"mappings":";;AAmCA,kDAqDC;AAxFD,sEAAmE;AACnE,uEAAiG;AAkCjG,SAAgB,mBAAmB,CAAC,MAA6B;IAC7D,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC;IAE7B,MAAM,eAAe,GAAG,IAAA,gDAAsB,EAAC,EAAE,SAAS,EAAE,CAAC,CAAC;IAE9D,MAAM,iBAAiB,GAAG,GAAG,eAAe,CAAC,MAAM,GAAG,eAAe,CAAC,kBAAkB,IAAI,EAAE,EAAE,CAAC;IAEjG,MAAM,kBAAkB,GAAG,CAAC,KAAa,EAAE,EAAE,CACzC,GAAG,iBAAiB,UAAU,kBAAkB,CAAC,KAAK,CAAC,UAAU,CAAC;IAEtE,MAAM,QAAQ,GAAG,GAAG,iBAAiB,WAAW,kBAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC;IAE5F,OAAO;QACH,eAAe;QACf,eAAe,EAAE,kBAAkB,CAAC,eAAe,CAAC,KAAK,CAAC;QAC1D,sBAAsB,EAAE,kBAAkB,CAAC,QAAQ,CAAC;QACpD,aAAa,EAAE,CAAC,EAAE,QAAQ,EAAE,uBAAuB,EAAE,MAAM,EAAE,EAAE,EAAE;YAC7D,MAAM,aAAa,GAAG,IAAI,GAAG,CACzB,GAAG,iBAAiB,WAAW,eAAe,CAAC,KAAK,UAAU,CACjE,CAAC;YACF,aAAa,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;YACrD,aAAa,CAAC,YAAY,CAAC,GAAG,CAC1B,cAAc,EACd,IAAA,yCAAmB,EAAC;gBAChB,MAAM,EAAE,uBAAuB;gBAC/B,qBAAqB,EAAE,KAAK;aAC/B,CAAC,CACL,CAAC;YACF,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;gBACvB,aAAa,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;YACxD,CAAC;YACD,OAAO,aAAa,CAAC,IAAI,CAAC;QAC9B,CAAC;QACD,gBAAgB,EAAE,CAAC,EAAE,WAAW,EAAE,EAAE,EAAE,CAClC,KAAK,CAAC,GAAG,QAAQ,UAAU,EAAE;YACzB,OAAO,EAAE;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,aAAa,EAAE,UAAU,WAAW,EAAE;aACzC;SACJ,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC1B,aAAa,EAAE,CAAC,EAAE,WAAW,EAAE,EAAE,EAAE,CAC/B,KAAK,CAAC,GAAG,QAAQ,mCAAmC,EAAE;YAClD,OAAO,EAAE;gBACL,MAAM,EAAE,kBAAkB;gBAC1B,aAAa,EAAE,UAAU,WAAW,EAAE;aACzC;SACJ,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC1B,qCAAqC,EAAE,gBAAgB,CAAC,EAAE;YACtD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,gBAAgB,CAAC,CAAC;YACzC,MAAM,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;YACvE,OAAO,MAAM,CAAC,IAAI,CAAC;QACvB,CAAC;KACJ,CAAC;AACN,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "oidc-spa",
|
|
3
|
-
"version": "8.
|
|
3
|
+
"version": "8.1.1",
|
|
4
4
|
"description": "Openidconnect client for Single Page Applications",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -65,16 +65,15 @@
|
|
|
65
65
|
"default": "./react/index.js"
|
|
66
66
|
},
|
|
67
67
|
"./angular": {
|
|
68
|
-
"module": "./esm/angular
|
|
69
|
-
"default": "./angular
|
|
68
|
+
"module": "./esm/angular.js",
|
|
69
|
+
"default": "./angular.js"
|
|
70
70
|
},
|
|
71
71
|
"./mock/react": {
|
|
72
72
|
"module": "./esm/mock/react.js",
|
|
73
73
|
"default": "./mock/react.js"
|
|
74
74
|
},
|
|
75
75
|
"./mock/angular": {
|
|
76
|
-
"module": "./esm/mock/angular.js"
|
|
77
|
-
"default": "./mock/angular.js"
|
|
76
|
+
"module": "./esm/mock/angular.js"
|
|
78
77
|
},
|
|
79
78
|
"./entrypoint": {
|
|
80
79
|
"module": "./esm/entrypoint.js",
|
package/src/angular.ts
ADDED
|
@@ -0,0 +1,583 @@
|
|
|
1
|
+
import { BehaviorSubject } from "rxjs";
|
|
2
|
+
import type { Oidc, OidcInitializationError, ParamsOfCreateOidc } from "./core";
|
|
3
|
+
import type { OidcMetadata } from "./core/OidcMetadata";
|
|
4
|
+
import { Deferred } from "./tools/Deferred";
|
|
5
|
+
import { assert, type Equals, is } from "./vendor/frontend/tsafe";
|
|
6
|
+
import { createObjectThatThrowsIfAccessed } from "./tools/createObjectThatThrowsIfAccessed";
|
|
7
|
+
import {
|
|
8
|
+
type Signal,
|
|
9
|
+
inject,
|
|
10
|
+
type EnvironmentProviders,
|
|
11
|
+
makeEnvironmentProviders,
|
|
12
|
+
provideAppInitializer
|
|
13
|
+
} from "@angular/core";
|
|
14
|
+
import { toSignal } from "@angular/core/rxjs-interop";
|
|
15
|
+
import type { ReadonlyBehaviorSubject } from "./tools/ReadonlyBehaviorSubject";
|
|
16
|
+
import { Router, type CanActivateFn } from "@angular/router";
|
|
17
|
+
import type { ValueOrAsyncGetter } from "./tools/ValueOrAsyncGetter";
|
|
18
|
+
import { getBaseHref } from "./tools/getBaseHref";
|
|
19
|
+
import type { ConcreteClass } from "./tools/ConcreteClass";
|
|
20
|
+
|
|
21
|
+
export type ParamsOfProvide = {
|
|
22
|
+
issuerUri: string;
|
|
23
|
+
clientId: string;
|
|
24
|
+
/**
|
|
25
|
+
* The scopes being requested from the OIDC/OAuth2 provider (default: `["profile"]`
|
|
26
|
+
* (the scope "openid" is added automatically as it's mandatory)
|
|
27
|
+
**/
|
|
28
|
+
scopes?: string[];
|
|
29
|
+
|
|
30
|
+
/**
|
|
31
|
+
* Transform the url (authorization endpoint) before redirecting to the login pages.
|
|
32
|
+
*
|
|
33
|
+
* The isSilent parameter is true when the redirect is initiated in the background iframe for silent signin.
|
|
34
|
+
* This can be used to omit ui related query parameters (like `ui_locales`).
|
|
35
|
+
*/
|
|
36
|
+
transformUrlBeforeRedirect?: (params: { authorizationUrl: string; isSilent: boolean }) => string;
|
|
37
|
+
|
|
38
|
+
/**
|
|
39
|
+
* Extra query params to be added to the authorization endpoint url before redirecting or silent signing in.
|
|
40
|
+
* You can provide a function that returns those extra query params, it will be called
|
|
41
|
+
* when login() is called.
|
|
42
|
+
*
|
|
43
|
+
* Example: extraQueryParams: ()=> ({ ui_locales: "fr" })
|
|
44
|
+
*
|
|
45
|
+
* This parameter can also be passed to login() directly.
|
|
46
|
+
*/
|
|
47
|
+
extraQueryParams?:
|
|
48
|
+
| Record<string, string | undefined>
|
|
49
|
+
| ((params: { isSilent: boolean; url: string }) => Record<string, string | undefined>);
|
|
50
|
+
/**
|
|
51
|
+
* Extra body params to be added to the /token POST request.
|
|
52
|
+
*
|
|
53
|
+
* It will be used when for the initial request, whenever the token is getting refreshed and if you call `renewTokens()`.
|
|
54
|
+
* You can also provide this parameter directly to the `renewTokens()` method.
|
|
55
|
+
*
|
|
56
|
+
* It can be either a string to string record or a function that returns a string to string record.
|
|
57
|
+
*
|
|
58
|
+
* Example: extraTokenParams: ()=> ({ selectedCustomer: "xxx" })
|
|
59
|
+
* extraTokenParams: { selectedCustomer: "xxx" }
|
|
60
|
+
*/
|
|
61
|
+
extraTokenParams?: Record<string, string | undefined> | (() => Record<string, string | undefined>);
|
|
62
|
+
/**
|
|
63
|
+
* Usage discouraged, it's here because we don't want to assume too much on your
|
|
64
|
+
* usecase but I can't think of a scenario where you would want anything
|
|
65
|
+
* other than the current page.
|
|
66
|
+
*
|
|
67
|
+
* Where to redirect after successful login.
|
|
68
|
+
* Default: window.location.href (here)
|
|
69
|
+
*
|
|
70
|
+
* It does not need to include the origin, eg: "/dashboard"
|
|
71
|
+
*
|
|
72
|
+
* This parameter can also be passed to login() directly as `redirectUrl`.
|
|
73
|
+
*/
|
|
74
|
+
postLoginRedirectUrl?: string;
|
|
75
|
+
|
|
76
|
+
/**
|
|
77
|
+
* This parameter defines after how many seconds of inactivity the user should be
|
|
78
|
+
* logged out automatically.
|
|
79
|
+
*
|
|
80
|
+
* WARNING: It should be configured on the identity server side
|
|
81
|
+
* as it's the authoritative source for security policies and not the client.
|
|
82
|
+
* If you don't provide this parameter it will be inferred from the refresh token expiration time.
|
|
83
|
+
* */
|
|
84
|
+
idleSessionLifetimeInSeconds?: number;
|
|
85
|
+
|
|
86
|
+
/**
|
|
87
|
+
* Usage discouraged, this parameter exists because we don't want to assume
|
|
88
|
+
* too much about your usecase but I can't think of a scenario where you would
|
|
89
|
+
* want anything other than the current page.
|
|
90
|
+
*
|
|
91
|
+
* Default: { redirectTo: "current page" }
|
|
92
|
+
*/
|
|
93
|
+
autoLogoutParams?: Parameters<Oidc.LoggedIn<any>["logout"]>[0];
|
|
94
|
+
autoLogin?: boolean;
|
|
95
|
+
|
|
96
|
+
/**
|
|
97
|
+
* Default: false
|
|
98
|
+
*
|
|
99
|
+
* See: https://docs.oidc-spa.dev/v/v8/resources/iframe-related-issues
|
|
100
|
+
*/
|
|
101
|
+
noIframe?: boolean;
|
|
102
|
+
|
|
103
|
+
debugLogs?: boolean;
|
|
104
|
+
|
|
105
|
+
/**
|
|
106
|
+
* WARNING: This option exists solely as a workaround
|
|
107
|
+
* for limitations in the Google OAuth API.
|
|
108
|
+
* See: https://docs.oidc-spa.dev/providers-configuration/google-oauth
|
|
109
|
+
*
|
|
110
|
+
* Do not use this for other providers.
|
|
111
|
+
* If you think you need a client secret in a SPA, you are likely
|
|
112
|
+
* trying to use a confidential (private) client in the browser,
|
|
113
|
+
* which is insecure and not supported.
|
|
114
|
+
*/
|
|
115
|
+
__unsafe_clientSecret?: string;
|
|
116
|
+
|
|
117
|
+
/**
|
|
118
|
+
* WARNING: Setting this to true is a workaround for provider
|
|
119
|
+
* like Google OAuth that don't support JWT access token.
|
|
120
|
+
* Use at your own risk, this is a hack.
|
|
121
|
+
*/
|
|
122
|
+
__unsafe_useIdTokenAsAccessToken?: boolean;
|
|
123
|
+
|
|
124
|
+
/**
|
|
125
|
+
* This option should only be used as a last resort.
|
|
126
|
+
*
|
|
127
|
+
* If your OIDC provider is correctly configured, this should not be necessary.
|
|
128
|
+
*
|
|
129
|
+
* The metadata is normally retrieved automatically from:
|
|
130
|
+
* `${issuerUri}/.well-known/openid-configuration`
|
|
131
|
+
*
|
|
132
|
+
* Use this only if that endpoint is not accessible (e.g. due to missing CORS headers
|
|
133
|
+
* or non-standard deployments), and you cannot fix the server-side configuration.
|
|
134
|
+
*/
|
|
135
|
+
__metadata?: Partial<OidcMetadata>;
|
|
136
|
+
|
|
137
|
+
/**
|
|
138
|
+
* You can use oidc.$secondsLeftBeforeAutoLogout to display an overlay/update the tab title
|
|
139
|
+
* to indicate to your user that they are going to be logged out if they don't interact
|
|
140
|
+
* with the app.
|
|
141
|
+
* This value let you define how long before how long before auto logout this warning should
|
|
142
|
+
* start showing.
|
|
143
|
+
* Default is 45 seconds.
|
|
144
|
+
*/
|
|
145
|
+
autoLogoutWarningDurationSeconds?: number;
|
|
146
|
+
};
|
|
147
|
+
|
|
148
|
+
assert<
|
|
149
|
+
Equals<
|
|
150
|
+
Omit<ParamsOfProvide, "autoLogoutWarningDurationSeconds">,
|
|
151
|
+
Omit<ParamsOfCreateOidc<any, boolean>, "homeUrl" | "decodedIdTokenSchema">
|
|
152
|
+
>
|
|
153
|
+
>;
|
|
154
|
+
|
|
155
|
+
export type ParamsOfProvideMock = {
|
|
156
|
+
mockIssuerUri?: string;
|
|
157
|
+
mockClientId?: string;
|
|
158
|
+
mockAccessToken?: string;
|
|
159
|
+
isUserInitiallyLoggedIn?: boolean;
|
|
160
|
+
};
|
|
161
|
+
|
|
162
|
+
export abstract class AbstractOidcService<
|
|
163
|
+
T_DecodedIdToken extends Record<string, unknown> = Oidc.Tokens.DecodedIdToken_base
|
|
164
|
+
> {
|
|
165
|
+
protected autoLogin: boolean = false;
|
|
166
|
+
protected providerAwaitsInitialization: boolean = true;
|
|
167
|
+
protected decodedIdTokenSchema:
|
|
168
|
+
| {
|
|
169
|
+
parse: (decodedIdToken_original: Oidc.Tokens.DecodedIdToken_base) => T_DecodedIdToken;
|
|
170
|
+
}
|
|
171
|
+
| undefined = undefined;
|
|
172
|
+
|
|
173
|
+
protected mockDecodedIdToken: (() => Promise<T_DecodedIdToken>) | T_DecodedIdToken | undefined =
|
|
174
|
+
undefined;
|
|
175
|
+
|
|
176
|
+
#autoLogoutWarningDurationSeconds = 45;
|
|
177
|
+
|
|
178
|
+
static provide(params: ValueOrAsyncGetter<ParamsOfProvide>): EnvironmentProviders {
|
|
179
|
+
const paramsOrGetParams = params;
|
|
180
|
+
|
|
181
|
+
assert(is<ConcreteClass<typeof AbstractOidcService>>(this));
|
|
182
|
+
|
|
183
|
+
return makeEnvironmentProviders([
|
|
184
|
+
this,
|
|
185
|
+
provideAppInitializer(async () => {
|
|
186
|
+
const instance = inject(this);
|
|
187
|
+
|
|
188
|
+
instance.#initialize({
|
|
189
|
+
prOidcOrInitializationError: (async () => {
|
|
190
|
+
const [{ createOidc }, { autoLogoutWarningDurationSeconds, ...params }] =
|
|
191
|
+
await Promise.all([
|
|
192
|
+
import("./core"),
|
|
193
|
+
typeof paramsOrGetParams === "function"
|
|
194
|
+
? paramsOrGetParams()
|
|
195
|
+
: paramsOrGetParams
|
|
196
|
+
]);
|
|
197
|
+
|
|
198
|
+
if (autoLogoutWarningDurationSeconds !== undefined) {
|
|
199
|
+
instance.#autoLogoutWarningDurationSeconds =
|
|
200
|
+
autoLogoutWarningDurationSeconds;
|
|
201
|
+
}
|
|
202
|
+
|
|
203
|
+
try {
|
|
204
|
+
return createOidc({
|
|
205
|
+
homeUrl: getBaseHref(),
|
|
206
|
+
autoLogin: instance.autoLogin,
|
|
207
|
+
decodedIdTokenSchema: instance.decodedIdTokenSchema,
|
|
208
|
+
...params
|
|
209
|
+
});
|
|
210
|
+
} catch (initializationError) {
|
|
211
|
+
assert(initializationError instanceof Error);
|
|
212
|
+
assert(is<OidcInitializationError>(initializationError));
|
|
213
|
+
return initializationError;
|
|
214
|
+
}
|
|
215
|
+
})()
|
|
216
|
+
});
|
|
217
|
+
|
|
218
|
+
if (instance.providerAwaitsInitialization) {
|
|
219
|
+
await instance.prInitialized;
|
|
220
|
+
}
|
|
221
|
+
})
|
|
222
|
+
]);
|
|
223
|
+
}
|
|
224
|
+
|
|
225
|
+
static provideMock(params: ParamsOfProvideMock = {}): EnvironmentProviders {
|
|
226
|
+
assert(is<ConcreteClass<typeof AbstractOidcService>>(this));
|
|
227
|
+
|
|
228
|
+
return makeEnvironmentProviders([
|
|
229
|
+
this,
|
|
230
|
+
provideAppInitializer(async () => {
|
|
231
|
+
const instance = inject(this);
|
|
232
|
+
|
|
233
|
+
instance.#initialize({
|
|
234
|
+
prOidcOrInitializationError: (async () => {
|
|
235
|
+
const { createMockOidc } = await import("./mock");
|
|
236
|
+
|
|
237
|
+
return createMockOidc<Record<string, unknown>, boolean>({
|
|
238
|
+
homeUrl: getBaseHref(),
|
|
239
|
+
autoLogin: instance.autoLogin,
|
|
240
|
+
isUserInitiallyLoggedIn: instance.autoLogin
|
|
241
|
+
? true
|
|
242
|
+
: params.isUserInitiallyLoggedIn,
|
|
243
|
+
mockedParams: {
|
|
244
|
+
issuerUri: params.mockIssuerUri,
|
|
245
|
+
clientId: params.mockClientId
|
|
246
|
+
},
|
|
247
|
+
mockedTokens: {
|
|
248
|
+
accessToken: params.mockAccessToken,
|
|
249
|
+
decodedIdToken: await (() => {
|
|
250
|
+
if (instance.mockDecodedIdToken === undefined) {
|
|
251
|
+
return undefined;
|
|
252
|
+
}
|
|
253
|
+
if (typeof instance.mockDecodedIdToken === "function") {
|
|
254
|
+
return instance.mockDecodedIdToken();
|
|
255
|
+
}
|
|
256
|
+
})()
|
|
257
|
+
}
|
|
258
|
+
});
|
|
259
|
+
})()
|
|
260
|
+
});
|
|
261
|
+
|
|
262
|
+
await instance.prInitialized;
|
|
263
|
+
})
|
|
264
|
+
]);
|
|
265
|
+
}
|
|
266
|
+
|
|
267
|
+
static enforceLoginGuard() {
|
|
268
|
+
const canActivateFn = (async route => {
|
|
269
|
+
const instance = inject(this);
|
|
270
|
+
const router = inject(Router);
|
|
271
|
+
|
|
272
|
+
await instance.prInitialized;
|
|
273
|
+
|
|
274
|
+
const oidc = instance.#getOidc({ callerName: "enforceLoginGuard" });
|
|
275
|
+
|
|
276
|
+
if (!oidc.isUserLoggedIn) {
|
|
277
|
+
const redirectUrl = router.serializeUrl(
|
|
278
|
+
router.createUrlTree(
|
|
279
|
+
route.url.map(u => u.path),
|
|
280
|
+
{
|
|
281
|
+
queryParams: route.queryParams,
|
|
282
|
+
fragment: route.fragment ?? undefined
|
|
283
|
+
}
|
|
284
|
+
)
|
|
285
|
+
);
|
|
286
|
+
|
|
287
|
+
const doesCurrentHrefRequiresAuth =
|
|
288
|
+
location.href.replace(/\/$/, "") === redirectUrl.replace(/\/$/, "");
|
|
289
|
+
|
|
290
|
+
await oidc.login({
|
|
291
|
+
doesCurrentHrefRequiresAuth,
|
|
292
|
+
redirectUrl
|
|
293
|
+
});
|
|
294
|
+
}
|
|
295
|
+
|
|
296
|
+
return true;
|
|
297
|
+
}) satisfies CanActivateFn;
|
|
298
|
+
return canActivateFn;
|
|
299
|
+
}
|
|
300
|
+
|
|
301
|
+
#dState = new Deferred<{
|
|
302
|
+
oidc: Oidc<T_DecodedIdToken> | undefined;
|
|
303
|
+
initializationError: OidcInitializationError | undefined;
|
|
304
|
+
}>();
|
|
305
|
+
|
|
306
|
+
readonly prInitialized: Promise<true> = this.#dState.pr.then(() => true);
|
|
307
|
+
|
|
308
|
+
#initialize(params: {
|
|
309
|
+
prOidcOrInitializationError: Promise<Oidc<T_DecodedIdToken> | OidcInitializationError>;
|
|
310
|
+
}): void {
|
|
311
|
+
const { prOidcOrInitializationError } = params;
|
|
312
|
+
|
|
313
|
+
prOidcOrInitializationError.then(oidcOrInitializationError => {
|
|
314
|
+
let initializationError: OidcInitializationError | undefined = undefined;
|
|
315
|
+
let oidc: Oidc<T_DecodedIdToken> | undefined = undefined;
|
|
316
|
+
|
|
317
|
+
if (oidcOrInitializationError instanceof Error) {
|
|
318
|
+
initializationError = oidcOrInitializationError;
|
|
319
|
+
} else {
|
|
320
|
+
oidc = oidcOrInitializationError;
|
|
321
|
+
initializationError = oidc.isUserLoggedIn ? undefined : oidc.initializationError;
|
|
322
|
+
}
|
|
323
|
+
|
|
324
|
+
this.#dState.resolve({
|
|
325
|
+
oidc,
|
|
326
|
+
initializationError
|
|
327
|
+
});
|
|
328
|
+
});
|
|
329
|
+
}
|
|
330
|
+
|
|
331
|
+
#getPrInitializedNotResolvedErrorMessage(params: { callerName: string }) {
|
|
332
|
+
const { callerName } = params;
|
|
333
|
+
return [
|
|
334
|
+
`oidc-spa: ${callerName} called/accessed before`,
|
|
335
|
+
"`oidc.prInitialized` resolved.",
|
|
336
|
+
"You are using `awaitInitialization: false`.",
|
|
337
|
+
"In your template you should wrap your usage of",
|
|
338
|
+
"oidc.isUserLoggedIn, oidc.$decodedIdToken() ect. into",
|
|
339
|
+
"@defer (when oidc.prInitialized | async) { } @placeholder { Loading... }"
|
|
340
|
+
].join(" ");
|
|
341
|
+
}
|
|
342
|
+
|
|
343
|
+
#getState(params: { callerName: string }) {
|
|
344
|
+
const { callerName } = params;
|
|
345
|
+
const { hasResolved, value } = this.#dState.getState();
|
|
346
|
+
if (!hasResolved) {
|
|
347
|
+
throw new Error(this.#getPrInitializedNotResolvedErrorMessage({ callerName }));
|
|
348
|
+
}
|
|
349
|
+
return value;
|
|
350
|
+
}
|
|
351
|
+
|
|
352
|
+
get initializationError(): OidcInitializationError | undefined {
|
|
353
|
+
const state = this.#getState({ callerName: "initializationError" });
|
|
354
|
+
return state.initializationError;
|
|
355
|
+
}
|
|
356
|
+
|
|
357
|
+
#getAutoLoginAndInitializationErrorAccessErrorMessage(params: { callerName: string }) {
|
|
358
|
+
const { callerName } = params;
|
|
359
|
+
|
|
360
|
+
return [
|
|
361
|
+
`oidc-spa: ${callerName} was accessed but initialization failed.`,
|
|
362
|
+
"You are using `autoLogin: true`, so there is no anonymous state.",
|
|
363
|
+
"Handle this by gating your UI:",
|
|
364
|
+
"if (oidc.initializationError) show an error/fallback."
|
|
365
|
+
].join(" ");
|
|
366
|
+
}
|
|
367
|
+
|
|
368
|
+
#getOidc(params: { callerName: string }) {
|
|
369
|
+
const { callerName } = params;
|
|
370
|
+
const state = this.#getState({ callerName });
|
|
371
|
+
if (state.oidc === undefined) {
|
|
372
|
+
// initialization failed
|
|
373
|
+
assert(state.initializationError !== undefined);
|
|
374
|
+
throw new Error(this.#getAutoLoginAndInitializationErrorAccessErrorMessage({ callerName }));
|
|
375
|
+
}
|
|
376
|
+
return state.oidc;
|
|
377
|
+
}
|
|
378
|
+
|
|
379
|
+
get issuerUri() {
|
|
380
|
+
return this.#getOidc({ callerName: "issuerUri" }).params.issuerUri;
|
|
381
|
+
}
|
|
382
|
+
|
|
383
|
+
get clientId() {
|
|
384
|
+
return this.#getOidc({ callerName: "clientId" }).params.clientId;
|
|
385
|
+
}
|
|
386
|
+
|
|
387
|
+
get isUserLoggedIn() {
|
|
388
|
+
return this.#getOidc({ callerName: "isUserLoggedIn" }).isUserLoggedIn;
|
|
389
|
+
}
|
|
390
|
+
|
|
391
|
+
async login(params?: {
|
|
392
|
+
/**
|
|
393
|
+
* Add extra query parameters to the url before redirecting to the login pages.
|
|
394
|
+
*/
|
|
395
|
+
extraQueryParams?: Record<string, string | undefined>;
|
|
396
|
+
/**
|
|
397
|
+
* Where to redirect after successful login.
|
|
398
|
+
* Default: window.location.href (here)
|
|
399
|
+
*
|
|
400
|
+
* It does not need to include the origin, eg: "/dashboard"
|
|
401
|
+
*/
|
|
402
|
+
redirectUrl?: string;
|
|
403
|
+
|
|
404
|
+
/**
|
|
405
|
+
* Transform the url before redirecting to the login pages.
|
|
406
|
+
* Prefer using the extraQueryParams parameter if you're only adding query parameters.
|
|
407
|
+
*/
|
|
408
|
+
transformUrlBeforeRedirect?: (url: string) => string;
|
|
409
|
+
}): Promise<never> {
|
|
410
|
+
await this.prInitialized;
|
|
411
|
+
|
|
412
|
+
const oidc = this.#getOidc({ callerName: "login" });
|
|
413
|
+
|
|
414
|
+
if (oidc.isUserLoggedIn) {
|
|
415
|
+
throw new Error(
|
|
416
|
+
[
|
|
417
|
+
"oidc-spa: login() called but the user is already logged in.",
|
|
418
|
+
"If you wish to send the user to the login page for some update",
|
|
419
|
+
"use oidc.goToAuthServer() instead"
|
|
420
|
+
].join(" ")
|
|
421
|
+
);
|
|
422
|
+
}
|
|
423
|
+
|
|
424
|
+
return oidc.login({
|
|
425
|
+
...params,
|
|
426
|
+
doesCurrentHrefRequiresAuth: false
|
|
427
|
+
});
|
|
428
|
+
}
|
|
429
|
+
|
|
430
|
+
async renewTokens(params?: {
|
|
431
|
+
extraTokenParams?: Record<string, string | undefined>;
|
|
432
|
+
}): Promise<void> {
|
|
433
|
+
await this.prInitialized;
|
|
434
|
+
|
|
435
|
+
const oidc = this.#getOidc({ callerName: "renewTokens" });
|
|
436
|
+
|
|
437
|
+
if (!oidc.isUserLoggedIn) {
|
|
438
|
+
throw new Error("oidc-spa: renewTokens() called but the user is not logged in.");
|
|
439
|
+
}
|
|
440
|
+
|
|
441
|
+
return oidc.renewTokens(params);
|
|
442
|
+
}
|
|
443
|
+
|
|
444
|
+
async logout(
|
|
445
|
+
params: { redirectTo: "home" | "current page" } | { redirectTo: "specific url"; url: string }
|
|
446
|
+
): Promise<never> {
|
|
447
|
+
await this.prInitialized;
|
|
448
|
+
|
|
449
|
+
const oidc = this.#getOidc({ callerName: "logout" });
|
|
450
|
+
|
|
451
|
+
if (!oidc.isUserLoggedIn) {
|
|
452
|
+
throw new Error("oidc-spa: logout() called but the user is not logged in.");
|
|
453
|
+
}
|
|
454
|
+
|
|
455
|
+
return oidc.logout(params);
|
|
456
|
+
}
|
|
457
|
+
|
|
458
|
+
async goToAuthServer(params: {
|
|
459
|
+
extraQueryParams?: Record<string, string | undefined>;
|
|
460
|
+
redirectUrl?: string;
|
|
461
|
+
transformUrlBeforeRedirect?: (url: string) => string;
|
|
462
|
+
}): Promise<never> {
|
|
463
|
+
await this.prInitialized;
|
|
464
|
+
|
|
465
|
+
const oidc = this.#getOidc({ callerName: "goToAuthServer" });
|
|
466
|
+
|
|
467
|
+
if (!oidc.isUserLoggedIn) {
|
|
468
|
+
throw new Error("oidc-spa: goToAuthServer() called but the user is not logged in.");
|
|
469
|
+
}
|
|
470
|
+
|
|
471
|
+
return oidc.goToAuthServer(params);
|
|
472
|
+
}
|
|
473
|
+
|
|
474
|
+
readonly decodedIdToken$: ReadonlyBehaviorSubject<T_DecodedIdToken> = (() => {
|
|
475
|
+
const decodedIdToken$ = new BehaviorSubject<T_DecodedIdToken>(
|
|
476
|
+
createObjectThatThrowsIfAccessed({
|
|
477
|
+
debugMessage: this.#getPrInitializedNotResolvedErrorMessage({
|
|
478
|
+
callerName: "decodedIdToken"
|
|
479
|
+
})
|
|
480
|
+
})
|
|
481
|
+
);
|
|
482
|
+
|
|
483
|
+
(async () => {
|
|
484
|
+
const { initializationError, oidc } = await this.#dState.pr;
|
|
485
|
+
|
|
486
|
+
if (initializationError !== undefined) {
|
|
487
|
+
decodedIdToken$.next(
|
|
488
|
+
createObjectThatThrowsIfAccessed({
|
|
489
|
+
debugMessage: this.#getAutoLoginAndInitializationErrorAccessErrorMessage({
|
|
490
|
+
callerName: "decodedIdToken"
|
|
491
|
+
})
|
|
492
|
+
})
|
|
493
|
+
);
|
|
494
|
+
return;
|
|
495
|
+
}
|
|
496
|
+
|
|
497
|
+
assert(oidc !== undefined);
|
|
498
|
+
|
|
499
|
+
if (!oidc.isUserLoggedIn) {
|
|
500
|
+
decodedIdToken$.next(
|
|
501
|
+
createObjectThatThrowsIfAccessed({
|
|
502
|
+
debugMessage: [
|
|
503
|
+
`oidc-spa: Trying to read properties of decodedIdToken, the user`,
|
|
504
|
+
`isn't currently logged in, this does not make sense.`,
|
|
505
|
+
`You are responsible for controlling the flow of your app and`,
|
|
506
|
+
`not try to read the decodedIdToken when oidc.isUserLoggedIn is false.`
|
|
507
|
+
].join(" ")
|
|
508
|
+
})
|
|
509
|
+
);
|
|
510
|
+
return;
|
|
511
|
+
}
|
|
512
|
+
|
|
513
|
+
decodedIdToken$.next(oidc.getDecodedIdToken());
|
|
514
|
+
|
|
515
|
+
oidc.subscribeToTokensChange(() => {
|
|
516
|
+
const value_new = oidc.getDecodedIdToken();
|
|
517
|
+
const value_current = decodedIdToken$.getValue();
|
|
518
|
+
|
|
519
|
+
if (value_new === value_current) {
|
|
520
|
+
return;
|
|
521
|
+
}
|
|
522
|
+
|
|
523
|
+
decodedIdToken$.next(value_new);
|
|
524
|
+
});
|
|
525
|
+
})();
|
|
526
|
+
|
|
527
|
+
return decodedIdToken$;
|
|
528
|
+
})();
|
|
529
|
+
|
|
530
|
+
readonly $decodedIdToken = toSignal(this.decodedIdToken$, { requireSync: true });
|
|
531
|
+
|
|
532
|
+
async getAccessToken(): Promise<
|
|
533
|
+
{ isUserLoggedIn: false; accessToken?: never } | { isUserLoggedIn: true; accessToken: string }
|
|
534
|
+
> {
|
|
535
|
+
await this.prInitialized;
|
|
536
|
+
|
|
537
|
+
const oidc = this.#getOidc({ callerName: "getAccessToken" });
|
|
538
|
+
|
|
539
|
+
return oidc.isUserLoggedIn
|
|
540
|
+
? { isUserLoggedIn: true, accessToken: (await oidc.getTokens()).accessToken }
|
|
541
|
+
: {
|
|
542
|
+
isUserLoggedIn: false
|
|
543
|
+
};
|
|
544
|
+
}
|
|
545
|
+
|
|
546
|
+
readonly $secondsLeftBeforeAutoLogout: Signal<number | null> = (() => {
|
|
547
|
+
const secondsLeftBeforeAutoLogout$ = new BehaviorSubject<number | null>(null);
|
|
548
|
+
|
|
549
|
+
(async () => {
|
|
550
|
+
const { oidc } = await this.#dState.pr;
|
|
551
|
+
|
|
552
|
+
if (oidc === undefined) {
|
|
553
|
+
return;
|
|
554
|
+
}
|
|
555
|
+
|
|
556
|
+
if (!oidc.isUserLoggedIn) {
|
|
557
|
+
return;
|
|
558
|
+
}
|
|
559
|
+
|
|
560
|
+
oidc.subscribeToAutoLogoutCountdown(({ secondsLeft }) => {
|
|
561
|
+
if (secondsLeft === undefined || secondsLeft > this.#autoLogoutWarningDurationSeconds) {
|
|
562
|
+
if (secondsLeftBeforeAutoLogout$.getValue() !== null) {
|
|
563
|
+
secondsLeftBeforeAutoLogout$.next(null);
|
|
564
|
+
}
|
|
565
|
+
return;
|
|
566
|
+
}
|
|
567
|
+
secondsLeftBeforeAutoLogout$.next(secondsLeft);
|
|
568
|
+
});
|
|
569
|
+
})();
|
|
570
|
+
|
|
571
|
+
return toSignal(secondsLeftBeforeAutoLogout$, { requireSync: true });
|
|
572
|
+
})();
|
|
573
|
+
|
|
574
|
+
get isNewBrowserSession() {
|
|
575
|
+
const oidc = this.#getOidc({ callerName: "isNewBrowserSession" });
|
|
576
|
+
|
|
577
|
+
if (!oidc.isUserLoggedIn) {
|
|
578
|
+
throw new Error("oidc-spa: isNewBrowserSession was used but the used is not logged in");
|
|
579
|
+
}
|
|
580
|
+
|
|
581
|
+
return oidc.isNewBrowserSession;
|
|
582
|
+
}
|
|
583
|
+
}
|