oidc-spa 8.2.1 → 8.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/core/AuthResponse.d.ts +0 -5
- package/core/AuthResponse.js +0 -25
- package/core/AuthResponse.js.map +1 -1
- package/core/createOidc.d.ts +3 -2
- package/core/createOidc.js +81 -117
- package/core/createOidc.js.map +1 -1
- package/core/instancesThatCantUseIframes.d.ts +2 -0
- package/core/instancesThatCantUseIframes.js +20 -0
- package/core/instancesThatCantUseIframes.js.map +1 -0
- package/core/loginOrGoToAuthServer.d.ts +1 -0
- package/core/loginOrGoToAuthServer.js +3 -0
- package/core/loginOrGoToAuthServer.js.map +1 -1
- package/core/persistedAuthState.d.ts +1 -0
- package/core/persistedAuthState.js +14 -4
- package/core/persistedAuthState.js.map +1 -1
- package/esm/core/AuthResponse.d.ts +0 -5
- package/esm/core/AuthResponse.js +0 -23
- package/esm/core/AuthResponse.js.map +1 -1
- package/esm/core/createOidc.d.ts +3 -2
- package/esm/core/createOidc.js +82 -118
- package/esm/core/createOidc.js.map +1 -1
- package/esm/core/instancesThatCantUseIframes.d.ts +2 -0
- package/esm/core/instancesThatCantUseIframes.js +16 -0
- package/esm/core/instancesThatCantUseIframes.js.map +1 -0
- package/esm/core/loginOrGoToAuthServer.d.ts +1 -0
- package/esm/core/loginOrGoToAuthServer.js +3 -0
- package/esm/core/loginOrGoToAuthServer.js.map +1 -1
- package/esm/core/persistedAuthState.d.ts +1 -0
- package/esm/core/persistedAuthState.js +14 -4
- package/esm/core/persistedAuthState.js.map +1 -1
- package/esm/tools/{EphemeralSessionStorage.d.ts → lazySessionStorage.d.ts} +2 -4
- package/esm/tools/lazySessionStorage.js +81 -0
- package/esm/tools/lazySessionStorage.js.map +1 -0
- package/package.json +1 -1
- package/src/core/AuthResponse.ts +0 -36
- package/src/core/createOidc.ts +95 -154
- package/src/core/instancesThatCantUseIframes.ts +24 -0
- package/src/core/loginOrGoToAuthServer.ts +5 -0
- package/src/core/persistedAuthState.ts +27 -5
- package/src/tools/lazySessionStorage.ts +119 -0
- package/src/vite-plugin/manageOptimizedDeps.ts +2 -0
- package/tools/{EphemeralSessionStorage.d.ts → lazySessionStorage.d.ts} +2 -4
- package/tools/lazySessionStorage.js +84 -0
- package/tools/lazySessionStorage.js.map +1 -0
- package/vite-plugin/manageOptimizedDeps.js +1 -0
- package/vite-plugin/manageOptimizedDeps.js.map +1 -1
- package/esm/tools/EphemeralSessionStorage.js +0 -143
- package/esm/tools/EphemeralSessionStorage.js.map +0 -1
- package/src/tools/EphemeralSessionStorage.ts +0 -225
- package/tools/EphemeralSessionStorage.js +0 -146
- package/tools/EphemeralSessionStorage.js.map +0 -1
|
@@ -196,6 +196,9 @@ function createLoginOrGoToAuthServer(params) {
|
|
|
196
196
|
}
|
|
197
197
|
})();
|
|
198
198
|
log?.(`redirectMethod: ${redirectMethod}`);
|
|
199
|
+
if (rest.action === "login") {
|
|
200
|
+
rest.preRedirectHook?.();
|
|
201
|
+
}
|
|
199
202
|
return oidcClientTsUserManager
|
|
200
203
|
.signinRedirect({
|
|
201
204
|
state: stateData,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"loginOrGoToAuthServer.js","sourceRoot":"","sources":["../src/core/loginOrGoToAuthServer.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"loginOrGoToAuthServer.js","sourceRoot":"","sources":["../src/core/loginOrGoToAuthServer.ts"],"names":[],"mappings":";;AAwCA,kKAWC;AAED,kEA2TC;AA/WD,sEAAmE;AACnE,kDAA4D;AAC5D,4DAAyD;AAGzD,sDAAyD;AACzD,gDAA6C;AAC7C,8DAAsF;AACtF,sDAAmD;AAEnD,MAAM,aAAa,GAAG;IAClB,qBAAqB,EAAE,IAAA,+BAAiB,EAAC,GAAG,EAAE,CAAC,KAAK,CAAC;CACxD,CAAC;AA2BF,SAAgB,2EAA2E;IACvF,MAAM,IAAI,GAAG,IAAI,mBAAQ,EAAQ,CAAC;IAElC,MAAM,EAAE,WAAW,EAAE,GAAG,aAAa,CAAC,qBAAqB,CAAC,SAAS,CAAC,kBAAkB,CAAC,EAAE;QACvF,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACtB,WAAW,EAAE,CAAC;YACd,IAAI,CAAC,OAAO,EAAE,CAAC;QACnB,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO,IAAI,CAAC,EAAE,CAAC;AACnB,CAAC;AAED,SAAgB,2BAA2B,CAAC,MAgB3C;IACG,MAAM,EACF,QAAQ,EACR,uBAAuB,EAEvB,0BAA0B,EAC1B,mBAAmB,EAEnB,mBAAmB,EAEnB,OAAO,EACP,uCAAuC,EAEvC,GAAG,EACN,GAAG,MAAM,CAAC;IAEX,IAAI,aAAa,GAAuB,SAAS,CAAC;IAElD,KAAK,UAAU,qBAAqB,CAAC,MAAc;QAC/C,MAAM,EACF,WAAW,EAAE,kBAAkB,EAC/B,sBAAsB,EACtB,gCAAgC,EAChC,GAAG,IAAI,EACV,GAAG,MAAM,CAAC;QAEX,GAAG,EAAE,CAAC,iCAAiC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;QAE1E,kBAAkB,EAAE,CAAC;YACjB,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,IAAA,yBAAW,GAAE,CAAC;YAC7C,IAAI,QAAQ,EAAE,CAAC;gBACX,MAAM,kBAAkB,CAAC;YAC7B,CAAC;YACD,GAAG,EAAE,CACD,uFAAuF,CAC1F,CAAC;YACF,MAAM,QAAQ,CAAC;QACnB,CAAC;QAED,uBAAuB,EAAE,CAAC;YACtB,IAAI,IAAI,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;gBAC1B,MAAM,uBAAuB,CAAC;YAClC,CAAC;YAED,IAAI,aAAa,CAAC,qBAAqB,CAAC,OAAO,EAAE,CAAC;gBAC9C,GAAG,EAAE,CAAC,oDAAoD,CAAC,CAAC;gBAC5D,OAAO,IAAI,OAAO,CAAQ,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;YACxC,CAAC;YAED,aAAa,CAAC,qBAAqB,CAAC,OAAO,GAAG,IAAI,CAAC;YAEnD,IAAI,QAAQ,CAAC,eAAe,KAAK,SAAS,EAAE,CAAC;gBACzC,IAAI,CAAC,WAAW,KAAK,uBAAuB,CAAC;gBAE7C,MAAM,QAAQ,GAAG,IAAI,mBAAQ,EAAQ,CAAC;gBAEtC,MAAM,SAAS,GAAG,GAAG,EAAE;oBACnB,IAAI,QAAQ,CAAC,eAAe,KAAK,SAAS,EAAE,CAAC;wBACzC,OAAO;oBACX,CAAC;oBACD,QAAQ,CAAC,mBAAmB,CAAC,kBAAkB,EAAE,SAAS,CAAC,CAAC;oBAC5D,QAAQ,CAAC,OAAO,EAAE,CAAC;gBACvB,CAAC,CAAC;gBACF,QAAQ,CAAC,gBAAgB,CAAC,kBAAkB,EAAE,SAAS,CAAC,CAAC;gBAEzD,MAAM,QAAQ,CAAC,EAAE,CAAC;YACtB,CAAC;YAED,iBAAiB,EAAE,CAAC;gBAChB,IAAI,IAAI,CAAC,sBAAsB,EAAE,CAAC;oBAC9B,MAAM,QAAQ,GAAG,CAAC,KAA6B,EAAE,EAAE;wBAC/C,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;4BACnB,OAAO;wBACX,CAAC;wBACD,QAAQ,CAAC,MAAM,EAAE,CAAC;oBACtB,CAAC,CAAC;oBAEF,MAAM,CAAC,gBAAgB,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;oBAC9C,MAAM,iBAAiB,CAAC;gBAC5B,CAAC;gBAED,MAAM,QAAQ,GAAG,CAAC,KAA6B,EAAE,EAAE;oBAC/C,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;wBACnB,OAAO;oBACX,CAAC;oBAED,MAAM,CAAC,mBAAmB,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;oBAEjD,GAAG,EAAE,CACD,8EAA8E,CACjF,CAAC;oBAEF,IAAI,IAAI,CAAC,qDAAqD,EAAE,CAAC;wBAC7D,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;4BAC9B,GAAG,EAAE,CAAC,8BAA8B,aAAa,EAAE,CAAC,CAAC;4BACrD,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,aAAa,CAAC;wBACzC,CAAC;6BAAM,CAAC;4BACJ,GAAG,EAAE,CAAC,iEAAiE,CAAC,CAAC;4BACzE,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;wBAC1B,CAAC;oBACL,CAAC;yBAAM,CAAC;wBACJ,+FAA+F;wBAC/F,GAAG,EAAE,CAAC,oEAAoE,CAAC,CAAC;wBAC5E,aAAa,CAAC,qBAAqB,CAAC,OAAO,GAAG,KAAK,CAAC;oBACxD,CAAC;gBACL,CAAC,CAAC;gBAEF,MAAM,CAAC,gBAAgB,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;YAClD,CAAC;QACL,CAAC;QAED,MAAM,WAAW,GAAG,IAAA,yCAAmB,EAAC;YACpC,MAAM,EAAE,kBAAkB;YAC1B,qBAAqB,EAAE,KAAK;SAC/B,CAAC,CAAC;QAEH,CAAC;YACG,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;YAC7C,MAAM,yBAAyB,GAAG,GAAG,eAAe,CAAC,MAAM,GAAG,eAAe,CAAC,QAAQ,EAAE,CAAC;YAEzF,IAAI,CAAC,yBAAyB,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBACtE,MAAM,IAAI,KAAK,CACX;oBACI,6BAA6B,yBAAyB,kCAAkC;oBACxF,iFAAiF,OAAO,KAAK;oBAC7F,4CAA4C;oBAC5C,+HAA+H;oBAC/H,0FAA0F;iBAC7F,CAAC,IAAI,CAAC,GAAG,CAAC,CACd,CAAC;YACN,CAAC;QACL,CAAC;QAED,MAAM,uBAAuB,GAAG,WAAW,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAEjF,GAAG,EAAE,CAAC,gBAAgB,uBAAuB,EAAE,CAAC,CAAC;QAEjD,MAAM,SAAS,GAAc;YACzB,OAAO,EAAE,UAAU;YACnB,uBAAuB;YACvB,gBAAgB,EAAE,EAAE;YACpB,QAAQ;YACR,MAAM,EAAE,OAAO;YACf,2CAA2C,EAAE,CAAC,GAAG,EAAE;gBAC/C,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;oBAClB,KAAK,OAAO;wBACR,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;oBAC3E,KAAK,mBAAmB;wBACpB,OAAO,uBAAuB,CAAC;gBACvC,CAAC;YACL,CAAC,CAAC,EAAE;SACP,CAAC;QAEF,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,KAAK,OAAO,IAAI,IAAI,CAAC,WAAW,KAAK,uBAAuB,CAAC;QAEzF,MAAM,yBAAyB,GAAG,CAAC,GAAW,EAAE,EAAE;YAE1C;gBACI;oBACI,mBAAmB;oBACnB,0BAA0B,KAAK,SAAS;wBACpC,CAAC,CAAC,SAAS;wBACX,CAAC,CAAC,CAAC,GAAW,EAAE,EAAE,CACZ,0BAA0B,CAAC;4BACvB,QAAQ;4BACR,gBAAgB,EAAE,GAAG;yBACxB,CAAC;iBACf;gBACD,CAAC,sBAAsB,EAAE,gCAAgC,CAAC;aAEjE,CAAC,OAAO,CAAC,CAAC,CAAC,2BAA2B,EAAE,0BAA0B,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE;gBAC5E,MAAM,UAAU,GAAG,CAAC,KAAK,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC;gBAE1D,sBAAsB,EAAE,CAAC;oBACrB,IAAI,2BAA2B,KAAK,SAAS,EAAE,CAAC;wBAC5C,MAAM,sBAAsB,CAAC;oBACjC,CAAC;oBAED,MAAM,gBAAgB,GAClB,OAAO,2BAA2B,KAAK,UAAU;wBAC7C,CAAC,CAAC,2BAA2B,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC;wBAChD,CAAC,CAAC,2BAA2B,CAAC;oBAEtC,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE,CAAC;wBAC3D,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;4BACtB,SAAS;wBACb,CAAC;wBACD,GAAG,GAAG,IAAA,wCAAsB,EAAC;4BACzB,GAAG;4BACH,IAAI;4BACJ,KAAK;4BACL,YAAY,EAAE,UAAU;yBAC3B,CAAC,CAAC;oBACP,CAAC;gBACL,CAAC;gBAED,mBAAmB,EAAE,CAAC;oBAClB,IAAI,0BAA0B,KAAK,SAAS,EAAE,CAAC;wBAC3C,MAAM,mBAAmB,CAAC;oBAC9B,CAAC;oBACD,GAAG,GAAG,0BAA0B,CAAC,GAAG,CAAC,CAAC;gBAC1C,CAAC;gBAED,YAAY,EAAE,CAAC;oBACX,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;wBAC3B,MAAM,YAAY,CAAC;oBACvB,CAAC;oBAED,MAAM,wBAAwB,GAAG,IAAA,oCAAkB,EAAC,GAAG,CAAC,CAAC;oBACzD,MAAM,uBAAuB,GAAG,IAAA,oCAAkB,EAAC,UAAU,CAAC,CAAC;oBAE/D,KAAK,MAAM,CAAC,IAAI,EAAE,aAAa,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,wBAAwB,CAAC,EAAE,CAAC;wBAC3E,MAAM,YAAY,GAAuB,uBAAuB,CAAC,IAAI,CAAC,CAAC;wBAEvE,IAAI,YAAY,KAAK,aAAa,EAAE,CAAC;4BACjC,SAAS;wBACb,CAAC;wBAED,SAAS,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC;oBACrD,CAAC;gBACL,CAAC;YACL,CAAC,CAAC,CAAC;YAEH,OAAO,GAAG,CAAC;QACf,CAAC,CAAC;QAEF,MAAM,cAAc,GAAG,CAAC,GAAG,EAAE;YACzB,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;gBAClB,KAAK,OAAO;oBACR,OAAO,IAAI,CAAC,qDAAqD;wBAC7D,CAAC,CAAC,SAAS;wBACX,CAAC,CAAC,QAAQ,CAAC;gBACnB,KAAK,mBAAmB;oBACpB,OAAO,QAAQ,CAAC;YACxB,CAAC;QACL,CAAC,CAAC,EAAE,CAAC;QAEL,GAAG,EAAE,CAAC,mBAAmB,cAAc,EAAE,CAAC,CAAC;QAE3C,IAAI,IAAI,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;YAC1B,IAAI,CAAC,eAAe,EAAE,EAAE,CAAC;QAC7B,CAAC;QAED,OAAO,uBAAuB;aACzB,cAAc,CAAC;YACZ,KAAK,EAAE,SAAS;YAChB,cAAc;YACd,MAAM,EAAE,CAAC,GAAG,EAAE;gBACV,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;oBAClB,KAAK,mBAAmB;wBACpB,OAAO,SAAS,CAAC;oBACrB,KAAK,OAAO;wBACR,QAAQ,IAAI,CAAC,WAAW,EAAE,CAAC;4BACvB,KAAK,uBAAuB;gCACxB,OAAO,MAAM,CAAC;4BAClB,KAAK,oBAAoB;gCACrB,OAAO,OAAO,CAAC;4BACnB,KAAK,0DAA0D;gCAC3D,OAAO,SAAS,CAAC;wBACzB,CAAC;wBACD,eAA8C,CAAC;gBACvD,CAAC;gBACD,eAAkC,CAAC;YACvC,CAAC,CAAC,EAAE;YACJ,YAAY,EAAE,yBAAyB;YACvC,gBAAgB,EACZ,mBAAmB,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAA,yBAAW,EAAC,mBAAmB,EAAE,CAAC;SACzF,CAAC;aACD,IAAI,CACD,GAAG,EAAE,CAAC,IAAI,OAAO,CAAQ,GAAG,EAAE,GAAE,CAAC,CAAC,EAClC,CAAC,KAAY,EAAE,EAAE;YACb,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,oDAAoD,CAAC,EAAE,CAAC;gBAC/E,MAAM,IAAI,KAAK,CACX;oBACI,aAAa,KAAK,CAAC,OAAO,GAAG;oBAC7B,wBAAwB;oBACxB,0GAA0G;iBAC7G,CAAC,IAAI,CAAC,GAAG,CAAC,CACd,CAAC;YACN,CAAC;YAED,IAAA,eAAM,EAAC,KAAK,EAAE,WAAW,CAAC,CAAC;QAC/B,CAAC,CACJ,CAAC;IACV,CAAC;IAED,MAAM,EAAE,WAAW,EAAE,GAAG,uCAAuC,CAAC,SAAS,CAAC,GAAG,EAAE;QAC3E,WAAW,EAAE,CAAC;QAEd,MAAM,aAAa,GAAG,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACtD,OAAO,CAAC,SAAS,GAAG,SAAS,SAAS,CAAC,GAAG,IAAI;YAC1C,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YACrC,OAAO,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC;QAClC,CAAC,CAAC;IACN,CAAC,CAAC,CAAC;IAEH,OAAO;QACH,qBAAqB;KACxB,CAAC;AACN,CAAC"}
|
|
@@ -18,6 +18,7 @@ export declare function persistAuthState(params: {
|
|
|
18
18
|
stateDescription: "logged in";
|
|
19
19
|
idleSessionLifetimeInSeconds: number | undefined;
|
|
20
20
|
refreshTokenExpirationTime: number | undefined;
|
|
21
|
+
serverDateNow: number;
|
|
21
22
|
} | {
|
|
22
23
|
stateDescription: "explicitly logged out";
|
|
23
24
|
} | undefined;
|
|
@@ -22,11 +22,21 @@ function persistAuthState(params) {
|
|
|
22
22
|
__brand: "PersistedAuthState-v1",
|
|
23
23
|
stateDescription: "logged in",
|
|
24
24
|
untilTime: (() => {
|
|
25
|
-
const { idleSessionLifetimeInSeconds, refreshTokenExpirationTime } = state;
|
|
26
|
-
|
|
25
|
+
const { idleSessionLifetimeInSeconds, refreshTokenExpirationTime, serverDateNow } = state;
|
|
26
|
+
const untilTime_real = (() => {
|
|
27
|
+
if (refreshTokenExpirationTime === undefined) {
|
|
28
|
+
return undefined;
|
|
29
|
+
}
|
|
30
|
+
const msBeforeExpirationOfTheSession = refreshTokenExpirationTime - serverDateNow;
|
|
31
|
+
return Date.now() + msBeforeExpirationOfTheSession;
|
|
32
|
+
})();
|
|
33
|
+
const unitTime_userOverwrite = (() => {
|
|
34
|
+
if (idleSessionLifetimeInSeconds === undefined) {
|
|
35
|
+
return undefined;
|
|
36
|
+
}
|
|
27
37
|
return Date.now() + idleSessionLifetimeInSeconds * 1000;
|
|
28
|
-
}
|
|
29
|
-
return
|
|
38
|
+
})();
|
|
39
|
+
return Math.min(untilTime_real ?? Number.POSITIVE_INFINITY, unitTime_userOverwrite ?? Number.POSITIVE_INFINITY);
|
|
30
40
|
})()
|
|
31
41
|
});
|
|
32
42
|
case "explicitly logged out":
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"persistedAuthState.js","sourceRoot":"","sources":["../src/core/persistedAuthState.ts"],"names":[],"mappings":";;AAyBA,
|
|
1
|
+
{"version":3,"file":"persistedAuthState.js","sourceRoot":"","sources":["../src/core/persistedAuthState.ts"],"names":[],"mappings":";;AAyBA,4CA2EC;AAED,sDA0CC;AAhJD,wDAAqD;AACrD,0CAAuC;AAEvC,SAAS,MAAM,CAAC,MAA4B;IACxC,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;IAE5B,OAAO,uBAAuB,QAAQ,EAAE,CAAC;AAC7C,CAAC;AAkBD,SAAgB,gBAAgB,CAAC,MAahC;IACG,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,MAAM,CAAC;IAEnC,MAAM,GAAG,GAAG,MAAM,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;IAEjC,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QACtB,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAC7B,OAAO;IACX,CAAC;IAED,YAAY,CAAC,OAAO,CAChB,GAAG,EACH,IAAI,CAAC,SAAS,CACV,IAAA,OAAE,EACE,CAAC,GAAG,EAAE;QACF,QAAQ,KAAK,CAAC,gBAAgB,EAAE,CAAC;YAC7B,KAAK,WAAW;gBACZ,OAAO,IAAA,OAAE,EAA8B;oBACnC,OAAO,EAAE,uBAAuB;oBAChC,gBAAgB,EAAE,WAAW;oBAC7B,SAAS,EAAE,CAAC,GAAG,EAAE;wBACb,MAAM,EACF,4BAA4B,EAC5B,0BAA0B,EAC1B,aAAa,EAChB,GAAG,KAAK,CAAC;wBAEV,MAAM,cAAc,GAAG,CAAC,GAAG,EAAE;4BACzB,IAAI,0BAA0B,KAAK,SAAS,EAAE,CAAC;gCAC3C,OAAO,SAAS,CAAC;4BACrB,CAAC;4BAED,MAAM,8BAA8B,GAChC,0BAA0B,GAAG,aAAa,CAAC;4BAE/C,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,8BAA8B,CAAC;wBACvD,CAAC,CAAC,EAAE,CAAC;wBAEL,MAAM,sBAAsB,GAAG,CAAC,GAAG,EAAE;4BACjC,IAAI,4BAA4B,KAAK,SAAS,EAAE,CAAC;gCAC7C,OAAO,SAAS,CAAC;4BACrB,CAAC;4BAED,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,4BAA4B,GAAG,IAAI,CAAC;wBAC5D,CAAC,CAAC,EAAE,CAAC;wBAEL,OAAO,IAAI,CAAC,GAAG,CACX,cAAc,IAAI,MAAM,CAAC,iBAAiB,EAC1C,sBAAsB,IAAI,MAAM,CAAC,iBAAiB,CACrD,CAAC;oBACN,CAAC,CAAC,EAAE;iBACP,CAAC,CAAC;YACP,KAAK,uBAAuB;gBACxB,OAAO,IAAA,OAAE,EAAyC;oBAC9C,OAAO,EAAE,uBAAuB;oBAChC,gBAAgB,EAAE,uBAAuB;iBAC5C,CAAC,CAAC;QACX,CAAC;IACL,CAAC,CAAC,EAAE,CACP,CACJ,CACJ,CAAC;AACN,CAAC;AAED,SAAgB,qBAAqB,CAAC,MAErC;IACG,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;IAE5B,MAAM,GAAG,GAAG,MAAM,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;IAEjC,MAAM,KAAK,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAExC,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QACjB,OAAO,SAAS,CAAC;IACrB,CAAC;IAED,IAAI,KAAc,CAAC;IAEnB,IAAI,CAAC;QACD,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACL,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAC7B,OAAO,SAAS,CAAC;IACrB,CAAC;IAED,IACI,CAAC,IAAA,qBAAS,EACN,KAAK,EACL,KAAK,YAAY,MAAM;QACnB,SAAS,IAAI,KAAK;QAClB,KAAK,CAAC,OAAO,KAAK,IAAA,OAAE,EAAgC,uBAAuB,CAAC,CACnF,EACH,CAAC;QACC,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAC7B,OAAO,SAAS,CAAC;IACrB,CAAC;IAED,IAAI,KAAK,CAAC,gBAAgB,KAAK,WAAW,EAAE,CAAC;QACzC,IAAI,KAAK,CAAC,SAAS,KAAK,SAAS,IAAI,KAAK,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YACjE,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;YAC7B,OAAO,SAAS,CAAC;QACrB,CAAC;IACL,CAAC;IAED,OAAO,KAAK,CAAC,gBAAgB,CAAC;AAClC,CAAC"}
|
|
@@ -3,8 +3,3 @@ export type AuthResponse = {
|
|
|
3
3
|
[key: string]: string | undefined;
|
|
4
4
|
};
|
|
5
5
|
export declare function authResponseToUrl(authResponse: AuthResponse): string;
|
|
6
|
-
export declare const setPersistedRedirectAuthResponses: (params: {
|
|
7
|
-
authResponses: AuthResponse[];
|
|
8
|
-
}) => void, getPersistedRedirectAuthResponses: () => {
|
|
9
|
-
authResponses: AuthResponse[];
|
|
10
|
-
};
|
package/esm/core/AuthResponse.js
CHANGED
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
import { addOrUpdateSearchParam } from "../tools/urlSearchParams";
|
|
2
|
-
import { createEphemeralSessionStorage } from "../tools/EphemeralSessionStorage";
|
|
3
2
|
export function authResponseToUrl(authResponse) {
|
|
4
3
|
let authResponseUrl = "https://dummy.com";
|
|
5
4
|
for (const [name, value] of Object.entries(authResponse)) {
|
|
@@ -16,26 +15,4 @@ export function authResponseToUrl(authResponse) {
|
|
|
16
15
|
authResponseUrl = `${authResponseUrl}#${authResponseUrl.split("?")[1]}`;
|
|
17
16
|
return authResponseUrl;
|
|
18
17
|
}
|
|
19
|
-
export const { setPersistedRedirectAuthResponses, getPersistedRedirectAuthResponses } = (() => {
|
|
20
|
-
const { getEphemeralSessionStorage } = (() => {
|
|
21
|
-
let cache = undefined;
|
|
22
|
-
const getEphemeralSessionStorage = () => (cache ?? (cache = createEphemeralSessionStorage({
|
|
23
|
-
sessionStorageTtlMs: 30000
|
|
24
|
-
})));
|
|
25
|
-
return { getEphemeralSessionStorage };
|
|
26
|
-
})();
|
|
27
|
-
const KEY = "oidc-spa:persisted-redirect-auth-response";
|
|
28
|
-
function setPersistedRedirectAuthResponses(params) {
|
|
29
|
-
const { authResponses } = params;
|
|
30
|
-
const storage = getEphemeralSessionStorage();
|
|
31
|
-
storage.persistCurrentStateAndSubsequentChanges();
|
|
32
|
-
storage.setItem(KEY, JSON.stringify(authResponses));
|
|
33
|
-
}
|
|
34
|
-
function getPersistedRedirectAuthResponses() {
|
|
35
|
-
const value = getEphemeralSessionStorage().getItem(KEY);
|
|
36
|
-
const authResponses = value === null ? [] : JSON.parse(value);
|
|
37
|
-
return { authResponses };
|
|
38
|
-
}
|
|
39
|
-
return { setPersistedRedirectAuthResponses, getPersistedRedirectAuthResponses };
|
|
40
|
-
})();
|
|
41
18
|
//# sourceMappingURL=AuthResponse.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthResponse.js","sourceRoot":"","sources":["../../src/core/AuthResponse.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;
|
|
1
|
+
{"version":3,"file":"AuthResponse.js","sourceRoot":"","sources":["../../src/core/AuthResponse.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAOlE,MAAM,UAAU,iBAAiB,CAAC,YAA0B;IACxD,IAAI,eAAe,GAAG,mBAAmB,CAAC;IAE1C,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QACvD,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACtB,SAAS;QACb,CAAC;QACD,eAAe,GAAG,sBAAsB,CAAC;YACrC,GAAG,EAAE,eAAe;YACpB,IAAI;YACJ,KAAK;YACL,YAAY,EAAE,UAAU;SAC3B,CAAC,CAAC;IACP,CAAC;IAED,eAAe,GAAG,GAAG,eAAe,IAAI,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAExE,OAAO,eAAe,CAAC;AAC3B,CAAC"}
|
package/esm/core/createOidc.d.ts
CHANGED
|
@@ -50,6 +50,8 @@ export type ParamsOfCreateOidc<DecodedIdToken extends Record<string, unknown> =
|
|
|
50
50
|
*/
|
|
51
51
|
extraTokenParams?: Record<string, string | undefined> | (() => Record<string, string | undefined>);
|
|
52
52
|
/**
|
|
53
|
+
* @deprecated: Use login({ redirectUrl: "..." }) instead.
|
|
54
|
+
*
|
|
53
55
|
* Usage discouraged, it's here because we don't want to assume too much on your
|
|
54
56
|
* usecase but I can't think of a scenario where you would want anything
|
|
55
57
|
* other than the current page.
|
|
@@ -139,10 +141,9 @@ export type ParamsOfCreateOidc<DecodedIdToken extends Record<string, unknown> =
|
|
|
139
141
|
};
|
|
140
142
|
/** @see: https://docs.oidc-spa.dev/v/v8/usage */
|
|
141
143
|
export declare function createOidc<DecodedIdToken extends Record<string, unknown> = Oidc.Tokens.DecodedIdToken_OidcCoreSpec, AutoLogin extends boolean = false>(params: ParamsOfCreateOidc<DecodedIdToken, AutoLogin>): Promise<AutoLogin extends true ? Oidc.LoggedIn<DecodedIdToken> : Oidc<DecodedIdToken>>;
|
|
142
|
-
export declare function createOidc_nonMemoized<DecodedIdToken extends Record<string, unknown>, AutoLogin extends boolean>(params: Omit<ParamsOfCreateOidc<DecodedIdToken, AutoLogin>, "issuerUri" | "clientId" | "
|
|
144
|
+
export declare function createOidc_nonMemoized<DecodedIdToken extends Record<string, unknown>, AutoLogin extends boolean>(params: Omit<ParamsOfCreateOidc<DecodedIdToken, AutoLogin>, "issuerUri" | "clientId" | "debugLogs">, preProcessedParams: {
|
|
143
145
|
issuerUri: string;
|
|
144
146
|
clientId: string;
|
|
145
|
-
scopes: string[];
|
|
146
147
|
configId: string;
|
|
147
148
|
log: typeof console.log | undefined;
|
|
148
149
|
}): Promise<AutoLogin extends true ? Oidc.LoggedIn<DecodedIdToken> : Oidc<DecodedIdToken>>;
|
package/esm/core/createOidc.js
CHANGED
|
@@ -15,13 +15,13 @@ import { notifyOtherTabsOfLogin, getPrOtherTabLogin } from "./loginPropagationTo
|
|
|
15
15
|
import { getConfigId } from "./configId";
|
|
16
16
|
import { oidcClientTsUserToTokens } from "./oidcClientTsUserToTokens";
|
|
17
17
|
import { loginSilent } from "./loginSilent";
|
|
18
|
-
import { authResponseToUrl
|
|
18
|
+
import { authResponseToUrl } from "./AuthResponse";
|
|
19
19
|
import { getRootRelativeOriginalLocationHref, getRedirectAuthResponse } from "./earlyInit";
|
|
20
20
|
import { getPersistedAuthState, persistAuthState } from "./persistedAuthState";
|
|
21
21
|
import { createEvt } from "../tools/Evt";
|
|
22
22
|
import { getHaveSharedParentDomain } from "../tools/haveSharedParentDomain";
|
|
23
23
|
import { createLoginOrGoToAuthServer, getPrSafelyRestoredFromBfCacheAfterLoginBackNavigationOrInitializationError } from "./loginOrGoToAuthServer";
|
|
24
|
-
import {
|
|
24
|
+
import { createLazySessionStorage } from "../tools/lazySessionStorage";
|
|
25
25
|
import { startLoginOrRefreshProcess, waitForAllOtherOngoingLoginOrRefreshProcessesToComplete } from "./ongoingLoginOrRefreshProcesses";
|
|
26
26
|
import { createGetIsNewBrowserSession } from "./isNewBrowserSession";
|
|
27
27
|
import { getIsOnline } from "../tools/getIsOnline";
|
|
@@ -31,23 +31,13 @@ import { prShouldLoadApp } from "./prShouldLoadApp";
|
|
|
31
31
|
import { getBASE_URL } from "./BASE_URL";
|
|
32
32
|
import { getIsLikelyDevServer } from "../tools/isLikelyDevServer";
|
|
33
33
|
import { createObjectThatThrowsIfAccessed } from "../tools/createObjectThatThrowsIfAccessed";
|
|
34
|
+
import { evtIsThereMoreThanOneInstanceThatCantUserIframes, notifyNewInstanceThatCantUseIframes } from "./instancesThatCantUseIframes";
|
|
34
35
|
// NOTE: Replaced at build time
|
|
35
|
-
const VERSION = "8.2.
|
|
36
|
+
const VERSION = "8.2.2";
|
|
36
37
|
const globalContext = {
|
|
37
38
|
prOidcByConfigId: new Map(),
|
|
38
|
-
hasLogoutBeenCalled: id(false)
|
|
39
|
-
evtRequestToPersistTokens: createEvt()
|
|
39
|
+
hasLogoutBeenCalled: id(false)
|
|
40
40
|
};
|
|
41
|
-
globalContext.evtRequestToPersistTokens.subscribe(() => {
|
|
42
|
-
const { authResponse } = getRedirectAuthResponse();
|
|
43
|
-
if (authResponse === undefined) {
|
|
44
|
-
return;
|
|
45
|
-
}
|
|
46
|
-
const { authResponses } = getPersistedRedirectAuthResponses();
|
|
47
|
-
setPersistedRedirectAuthResponses({
|
|
48
|
-
authResponses: [...authResponses, authResponse]
|
|
49
|
-
});
|
|
50
|
-
});
|
|
51
41
|
/** @see: https://docs.oidc-spa.dev/v/v8/usage */
|
|
52
42
|
export async function createOidc(params) {
|
|
53
43
|
for (const name of ["issuerUri", "clientId"]) {
|
|
@@ -56,7 +46,7 @@ export async function createOidc(params) {
|
|
|
56
46
|
throw new Error(`The parameter "${name}" is required, you provided: ${value}. (Forgot a .env variable?)`);
|
|
57
47
|
}
|
|
58
48
|
}
|
|
59
|
-
const { issuerUri: issuerUri_params, clientId,
|
|
49
|
+
const { issuerUri: issuerUri_params, clientId, debugLogs, ...rest } = params;
|
|
60
50
|
const issuerUri = toFullyQualifiedUrl({
|
|
61
51
|
urlish: issuerUri_params,
|
|
62
52
|
doAssertNoQueryParams: true,
|
|
@@ -98,7 +88,6 @@ export async function createOidc(params) {
|
|
|
98
88
|
const oidc = await createOidc_nonMemoized(rest, {
|
|
99
89
|
issuerUri,
|
|
100
90
|
clientId,
|
|
101
|
-
scopes,
|
|
102
91
|
configId,
|
|
103
92
|
log
|
|
104
93
|
});
|
|
@@ -121,9 +110,9 @@ export async function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
121
110
|
return new Promise(() => { });
|
|
122
111
|
}
|
|
123
112
|
}
|
|
124
|
-
const { transformUrlBeforeRedirect, extraQueryParams: extraQueryParamsOrGetter, extraTokenParams: extraTokenParamsOrGetter, decodedIdTokenSchema, idleSessionLifetimeInSeconds, autoLogoutParams = { redirectTo: "current page" }, autoLogin = false, postLoginRedirectUrl: postLoginRedirectUrl_default, __unsafe_clientSecret, __unsafe_useIdTokenAsAccessToken = false, __metadata, noIframe = false } = params;
|
|
113
|
+
const { transformUrlBeforeRedirect, extraQueryParams: extraQueryParamsOrGetter, extraTokenParams: extraTokenParamsOrGetter, decodedIdTokenSchema, idleSessionLifetimeInSeconds, autoLogoutParams = { redirectTo: "current page" }, autoLogin = false, postLoginRedirectUrl: postLoginRedirectUrl_default, __unsafe_clientSecret, __unsafe_useIdTokenAsAccessToken = false, __metadata, noIframe = false, scopes = ["openid", "profile"] } = params;
|
|
125
114
|
const BASE_URL_params = params.BASE_URL ?? params.homeUrl;
|
|
126
|
-
const { issuerUri, clientId,
|
|
115
|
+
const { issuerUri, clientId, configId, log } = preProcessedParams;
|
|
127
116
|
const getExtraQueryParams = (() => {
|
|
128
117
|
if (extraQueryParamsOrGetter === undefined) {
|
|
129
118
|
return undefined;
|
|
@@ -168,8 +157,7 @@ export async function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
168
157
|
issuerUri,
|
|
169
158
|
clientId,
|
|
170
159
|
scopes,
|
|
171
|
-
|
|
172
|
-
homeUrlAndRedirectUri
|
|
160
|
+
oidcRedirectUri: homeUrlAndRedirectUri
|
|
173
161
|
}, null, 2)}`);
|
|
174
162
|
const stateUrlParamValue_instance = generateStateUrlParamValue();
|
|
175
163
|
const oidcMetadata = __metadata ?? (await fetchOidcMetadata({ issuerUri }));
|
|
@@ -230,7 +218,7 @@ export async function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
230
218
|
if (isLikelyDevServer) {
|
|
231
219
|
log?.([
|
|
232
220
|
"Detected localhost environment.",
|
|
233
|
-
"\nWhen reloading while logged in, you
|
|
221
|
+
"\nWhen reloading while logged in, you will briefly see",
|
|
234
222
|
"some URL params appear in the address bar.",
|
|
235
223
|
"\nThis happens because session restore via iframe is disabled,",
|
|
236
224
|
"the browser treats your auth server as a third party.",
|
|
@@ -291,7 +279,13 @@ export async function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
291
279
|
}
|
|
292
280
|
return true;
|
|
293
281
|
})();
|
|
294
|
-
|
|
282
|
+
notifyNewInstanceThatCantUseIframes();
|
|
283
|
+
if (evtIsThereMoreThanOneInstanceThatCantUserIframes.current) {
|
|
284
|
+
log?.([
|
|
285
|
+
"More than one oidc instance can't use iframe",
|
|
286
|
+
"falling back to persisting tokens in session storage"
|
|
287
|
+
].join(" "));
|
|
288
|
+
}
|
|
295
289
|
const oidcClientTsUserManager = oidcMetadata === undefined
|
|
296
290
|
? createObjectThatThrowsIfAccessed({
|
|
297
291
|
debugMessage: "oidc-spa: Wrong assertion 43943"
|
|
@@ -310,20 +304,17 @@ export async function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
310
304
|
userStore: new WebStorageStateStore({
|
|
311
305
|
store: (() => {
|
|
312
306
|
if (canUseIframe) {
|
|
313
|
-
isUserStoreInMemoryOnly = true;
|
|
314
307
|
return new InMemoryWebStorage();
|
|
315
308
|
}
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
sessionStorageTtlMs: 3 * 60000
|
|
319
|
-
});
|
|
320
|
-
const { evtRequestToPersistTokens } = globalContext;
|
|
321
|
-
evtRequestToPersistTokens.subscribe(({ configIdOfInstancePostingTheRequest }) => {
|
|
322
|
-
if (configIdOfInstancePostingTheRequest === configId) {
|
|
323
|
-
return;
|
|
324
|
-
}
|
|
309
|
+
const storage = createLazySessionStorage();
|
|
310
|
+
if (evtIsThereMoreThanOneInstanceThatCantUserIframes.current) {
|
|
325
311
|
storage.persistCurrentStateAndSubsequentChanges();
|
|
326
|
-
}
|
|
312
|
+
}
|
|
313
|
+
else {
|
|
314
|
+
evtIsThereMoreThanOneInstanceThatCantUserIframes.subscribe(() => {
|
|
315
|
+
storage.persistCurrentStateAndSubsequentChanges();
|
|
316
|
+
});
|
|
317
|
+
}
|
|
327
318
|
return storage;
|
|
328
319
|
})()
|
|
329
320
|
}),
|
|
@@ -356,54 +347,52 @@ export async function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
356
347
|
issuerUri
|
|
357
348
|
});
|
|
358
349
|
}
|
|
350
|
+
restore_from_session_storage: {
|
|
351
|
+
if (canUseIframe) {
|
|
352
|
+
break restore_from_session_storage;
|
|
353
|
+
}
|
|
354
|
+
if (!evtIsThereMoreThanOneInstanceThatCantUserIframes.current) {
|
|
355
|
+
break restore_from_session_storage;
|
|
356
|
+
}
|
|
357
|
+
let oidcClientTsUser;
|
|
358
|
+
try {
|
|
359
|
+
oidcClientTsUser = await oidcClientTsUserManager.getUser();
|
|
360
|
+
}
|
|
361
|
+
catch {
|
|
362
|
+
// NOTE: Not sure if it can throw, but let's be safe.
|
|
363
|
+
oidcClientTsUser = null;
|
|
364
|
+
try {
|
|
365
|
+
await oidcClientTsUserManager.removeUser();
|
|
366
|
+
}
|
|
367
|
+
catch { }
|
|
368
|
+
}
|
|
369
|
+
if (oidcClientTsUser === null) {
|
|
370
|
+
break restore_from_session_storage;
|
|
371
|
+
}
|
|
372
|
+
log?.("Session was restored from session storage");
|
|
373
|
+
return {
|
|
374
|
+
oidcClientTsUser,
|
|
375
|
+
backFromAuthServer: undefined
|
|
376
|
+
};
|
|
377
|
+
}
|
|
359
378
|
handle_redirect_auth_response: {
|
|
360
379
|
let stateDataAndAuthResponse = undefined;
|
|
361
|
-
|
|
362
|
-
|
|
363
|
-
|
|
364
|
-
|
|
365
|
-
|
|
366
|
-
|
|
367
|
-
|
|
368
|
-
if (stateData === undefined) {
|
|
369
|
-
clearAuthResponse();
|
|
370
|
-
break from_memory;
|
|
371
|
-
}
|
|
372
|
-
if (stateData.configId !== configId) {
|
|
373
|
-
break from_memory;
|
|
374
|
-
}
|
|
375
|
-
assert(stateData.context === "redirect", "3229492");
|
|
380
|
+
{
|
|
381
|
+
const { authResponse, clearAuthResponse } = getRedirectAuthResponse();
|
|
382
|
+
if (authResponse === undefined) {
|
|
383
|
+
break handle_redirect_auth_response;
|
|
384
|
+
}
|
|
385
|
+
const stateData = getStateData({ stateUrlParamValue: authResponse.state });
|
|
386
|
+
if (stateData === undefined) {
|
|
376
387
|
clearAuthResponse();
|
|
377
|
-
|
|
378
|
-
break get_stateData_and_authResponse;
|
|
388
|
+
break handle_redirect_auth_response;
|
|
379
389
|
}
|
|
380
|
-
|
|
381
|
-
|
|
382
|
-
// the authResponse in memory had the chance to be processed.
|
|
383
|
-
// This can only happen if:
|
|
384
|
-
// 1) There are multiple oidc instances in the App.
|
|
385
|
-
// 2) They are instantiated in a non deterministic order.
|
|
386
|
-
// 3) We can't use iframe
|
|
387
|
-
// We practically never persist the auth response and do it only in session
|
|
388
|
-
// an ephemeral session storage, when we know it's gonna be required.
|
|
389
|
-
{
|
|
390
|
-
const { authResponses } = getPersistedRedirectAuthResponses();
|
|
391
|
-
for (const authResponse of authResponses) {
|
|
392
|
-
const stateData = getStateData({ stateUrlParamValue: authResponse.state });
|
|
393
|
-
if (stateData === undefined) {
|
|
394
|
-
continue;
|
|
395
|
-
}
|
|
396
|
-
if (stateData.configId !== configId) {
|
|
397
|
-
continue;
|
|
398
|
-
}
|
|
399
|
-
assert(stateData.context === "redirect", "35935591");
|
|
400
|
-
setPersistedRedirectAuthResponses({
|
|
401
|
-
authResponses: authResponses.filter(authResponse_i => authResponse_i !== authResponse)
|
|
402
|
-
});
|
|
403
|
-
stateDataAndAuthResponse = { stateData, authResponse };
|
|
404
|
-
break get_stateData_and_authResponse;
|
|
405
|
-
}
|
|
390
|
+
if (stateData.configId !== configId) {
|
|
391
|
+
break handle_redirect_auth_response;
|
|
406
392
|
}
|
|
393
|
+
assert(stateData.context === "redirect", "3229492");
|
|
394
|
+
clearAuthResponse();
|
|
395
|
+
stateDataAndAuthResponse = { stateData, authResponse };
|
|
407
396
|
}
|
|
408
397
|
if (stateDataAndAuthResponse === undefined) {
|
|
409
398
|
break handle_redirect_auth_response;
|
|
@@ -482,34 +471,6 @@ export async function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
482
471
|
assert(false);
|
|
483
472
|
}
|
|
484
473
|
}
|
|
485
|
-
// NOTE: We almost never persist tokens, we have to only to support edge case
|
|
486
|
-
// of multiple oidc instance in a single App with no iframe support.
|
|
487
|
-
restore_from_session_storage: {
|
|
488
|
-
assert(isUserStoreInMemoryOnly !== undefined, "3392204");
|
|
489
|
-
if (isUserStoreInMemoryOnly) {
|
|
490
|
-
break restore_from_session_storage;
|
|
491
|
-
}
|
|
492
|
-
let oidcClientTsUser;
|
|
493
|
-
try {
|
|
494
|
-
oidcClientTsUser = await oidcClientTsUserManager.getUser();
|
|
495
|
-
}
|
|
496
|
-
catch {
|
|
497
|
-
// NOTE: Not sure if it can throw, but let's be safe.
|
|
498
|
-
oidcClientTsUser = null;
|
|
499
|
-
try {
|
|
500
|
-
await oidcClientTsUserManager.removeUser();
|
|
501
|
-
}
|
|
502
|
-
catch { }
|
|
503
|
-
}
|
|
504
|
-
if (oidcClientTsUser === null) {
|
|
505
|
-
break restore_from_session_storage;
|
|
506
|
-
}
|
|
507
|
-
log?.("Restored the auth from ephemeral session storage");
|
|
508
|
-
return {
|
|
509
|
-
oidcClientTsUser,
|
|
510
|
-
backFromAuthServer: undefined
|
|
511
|
-
};
|
|
512
|
-
}
|
|
513
474
|
silent_login_if_possible_and_auto_login: {
|
|
514
475
|
const persistedAuthState = getPersistedAuthState({ configId });
|
|
515
476
|
if (persistedAuthState === "explicitly logged out" && !autoLogin) {
|
|
@@ -594,7 +555,6 @@ export async function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
594
555
|
authResponse_error === "consent_required" ||
|
|
595
556
|
authResponse_error === "account_selection_required"))) {
|
|
596
557
|
log?.("Performing auto login with redirect");
|
|
597
|
-
persistAuthState({ configId, state: undefined });
|
|
598
558
|
completeLoginOrRefreshProcess();
|
|
599
559
|
if (autoLogin && persistedAuthState !== "logged in") {
|
|
600
560
|
evtInitializationOutcomeUserNotLoggedIn.post();
|
|
@@ -602,15 +562,15 @@ export async function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
602
562
|
await waitForAllOtherOngoingLoginOrRefreshProcessesToComplete({
|
|
603
563
|
prUnlock: getPrSafelyRestoredFromBfCacheAfterLoginBackNavigationOrInitializationError()
|
|
604
564
|
});
|
|
605
|
-
if (persistedAuthState === "logged in") {
|
|
606
|
-
globalContext.evtRequestToPersistTokens.post({
|
|
607
|
-
configIdOfInstancePostingTheRequest: configId
|
|
608
|
-
});
|
|
609
|
-
}
|
|
610
565
|
await loginOrGoToAuthServer({
|
|
611
566
|
action: "login",
|
|
612
567
|
doForceReloadOnBfCache: true,
|
|
613
|
-
redirectUrl:
|
|
568
|
+
redirectUrl: (() => {
|
|
569
|
+
if (evtIsThereMoreThanOneInstanceThatCantUserIframes.current) {
|
|
570
|
+
return window.location.href;
|
|
571
|
+
}
|
|
572
|
+
return getRootRelativeOriginalLocationHref();
|
|
573
|
+
})(),
|
|
614
574
|
// NOTE: Wether or not it's the preferred behavior, pushing to history
|
|
615
575
|
// only works on user interaction so it have to be false
|
|
616
576
|
doNavigateBackToLastPublicUrlIfTheTheUserNavigateBack: false,
|
|
@@ -624,7 +584,10 @@ export async function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
624
584
|
return "directly redirect if active session show login otherwise";
|
|
625
585
|
}
|
|
626
586
|
return "ensure no interaction";
|
|
627
|
-
})()
|
|
587
|
+
})(),
|
|
588
|
+
preRedirectHook: () => {
|
|
589
|
+
persistAuthState({ configId, state: undefined });
|
|
590
|
+
}
|
|
628
591
|
});
|
|
629
592
|
}
|
|
630
593
|
if (authResponse_error !== undefined) {
|
|
@@ -711,7 +674,8 @@ export async function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
711
674
|
transformUrlBeforeRedirect_local: transformUrlBeforeRedirect,
|
|
712
675
|
interaction: getPersistedAuthState({ configId }) === "explicitly logged out"
|
|
713
676
|
? "ensure interaction"
|
|
714
|
-
: "directly redirect if active session show login otherwise"
|
|
677
|
+
: "directly redirect if active session show login otherwise",
|
|
678
|
+
preRedirectHook: undefined
|
|
715
679
|
});
|
|
716
680
|
},
|
|
717
681
|
initializationError: undefined
|
|
@@ -768,6 +732,7 @@ export async function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
768
732
|
state: {
|
|
769
733
|
stateDescription: "logged in",
|
|
770
734
|
refreshTokenExpirationTime: currentTokens.refreshTokenExpirationTime,
|
|
735
|
+
serverDateNow: currentTokens.getServerDateNow(),
|
|
771
736
|
idleSessionLifetimeInSeconds
|
|
772
737
|
}
|
|
773
738
|
});
|
|
@@ -885,9 +850,6 @@ export async function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
885
850
|
await waitForAllOtherOngoingLoginOrRefreshProcessesToComplete({
|
|
886
851
|
prUnlock: new Promise(() => { })
|
|
887
852
|
});
|
|
888
|
-
globalContext.evtRequestToPersistTokens.post({
|
|
889
|
-
configIdOfInstancePostingTheRequest: configId
|
|
890
|
-
});
|
|
891
853
|
await loginOrGoToAuthServer({
|
|
892
854
|
action: "login",
|
|
893
855
|
redirectUrl: window.location.href,
|
|
@@ -895,7 +857,8 @@ export async function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
895
857
|
extraQueryParams_local: undefined,
|
|
896
858
|
transformUrlBeforeRedirect_local: undefined,
|
|
897
859
|
doNavigateBackToLastPublicUrlIfTheTheUserNavigateBack: false,
|
|
898
|
-
interaction: "directly redirect if active session show login otherwise"
|
|
860
|
+
interaction: "directly redirect if active session show login otherwise",
|
|
861
|
+
preRedirectHook: undefined
|
|
899
862
|
});
|
|
900
863
|
assert(false, "136134");
|
|
901
864
|
};
|
|
@@ -987,6 +950,7 @@ export async function createOidc_nonMemoized(params, preProcessedParams) {
|
|
|
987
950
|
state: {
|
|
988
951
|
stateDescription: "logged in",
|
|
989
952
|
refreshTokenExpirationTime: currentTokens.refreshTokenExpirationTime,
|
|
953
|
+
serverDateNow: currentTokens.getServerDateNow(),
|
|
990
954
|
idleSessionLifetimeInSeconds
|
|
991
955
|
}
|
|
992
956
|
});
|