piral-oauth2 1.0.0-pre.2112 → 1.0.0

package/LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2019 - 2021 smapiot
+Copyright (c) 2019 - 2023 smapiot
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package/README.md

@@ -1,6 +1,6 @@
-[![Piral Logo](https://github.com/smapiot/piral/raw/master/docs/assets/logo.png)](https://piral.io)
+[![Piral Logo](https://github.com/smapiot/piral/raw/main/docs/assets/logo.png)](https://piral.io)
 
-# [Piral OAuth 2.0](https://piral.io) · [![GitHub License](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/smapiot/piral/blob/master/LICENSE) [![npm version](https://img.shields.io/npm/v/piral-oauth2.svg?style=flat)](https://www.npmjs.com/package/piral-oauth2) [![tested with jest](https://img.shields.io/badge/tested_with-jest-99424f.svg)](https://jestjs.io) [![Gitter Chat](https://badges.gitter.im/gitterHQ/gitter.png)](https://gitter.im/piral-io/community)
+# [Piral OAuth 2.0](https://piral.io) · [![GitHub License](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/smapiot/piral/blob/main/LICENSE) [![npm version](https://img.shields.io/npm/v/piral-oauth2.svg?style=flat)](https://www.npmjs.com/package/piral-oauth2) [![tested with jest](https://img.shields.io/badge/tested_with-jest-99424f.svg)](https://jestjs.io) [![Gitter Chat](https://badges.gitter.im/gitterHQ/gitter.png)](https://gitter.im/piral-io/community)
 
 This is a plugin that only has a peer dependency to `piral-core`. What `piral-oauth2` brings to the table is a direct integration with OAuth 2.0 identity providers on basis of the client-oauth2 library that can be used with `piral` or `piral-core`.
 
@@ -39,7 +39,7 @@ export async function setup(piral: PiletApi) {
 }
 ```
 
-Note that this value may change if the Piral instance supports an "on the fly" login (i.e., a login without redirect / reloading of the page).
+Note that this value may change if the Piral instance supports an "on the fly" login (i.e., a login without redirect/reloading of the page).
 
 :::
 
@@ -77,15 +77,19 @@ import { setupOAuth2Client } from 'piral-oauth2';
 
 export const client = setupOAuth2Client({ ... });
 
-// app.ts
+// app.tsx
+import * as React from 'react';
 import { createOAuth2Api } from 'piral-oauth2';
+import { createInstance } from 'piral-core';
 import { client } from './oauth2';
+import { render } from 'react-dom';
 
 export function render() {
-  renderInstance({
+  const instance = createInstance({
     // ...
     plugins: [createOAuth2Api(client)],
   });
+  render(<Piral instance={instance} />, document.querySelector('#app'));
 }
 
 // index.ts
@@ -102,6 +106,28 @@ if (location.pathname !== '/auth') {
 
 This way we evaluate the current path and act accordingly. Note that the actually used path may be different for your application.
 
+The chosen OAuth 2 flow makes a difference. The example above works fine with the `implicit` flow (default). If you want to use the `code` flow then the integration looks a bit different.
+
+Example integration using the `code` flow:
+
+```ts
+// index.ts
+import { client } from './oauth2';
+
+if (location.pathname !== '/auth') {
+  client.login();
+} else {
+  client.token().then(
+    // all good we are logged in
+    () => import('./app').then(({ render }) => render()),
+    // something went bad, we should show some error
+    () => import('./error').then(({ render }) => render()),
+  );
+}
+```
+
+The code flow will automatically return from `/auth` to `/` once authenticated. Therefore, the application's routing does not have to consider `/auth`, which can remain a special path.
+
 :::
 
 ## License

package/esm/create.d.ts

@@ -1,6 +1,5 @@
 import { PiralPlugin } from 'piral-core';
-import { OAuth2Client } from './setup';
-import { PiralOAuth2Api } from './types';
+import { OAuth2Client, PiralOAuth2Api } from './types';
 /**
  * Creates new Pilet API extensions for the integration of OAuth 2.0.
  */

package/esm/create.js

@@ -2,10 +2,10 @@
  * Creates new Pilet API extensions for the integration of OAuth 2.0.
  */
 export function createOAuth2Api(client) {
-    return function (context) {
+    return (context) => {
         context.on('before-fetch', client.extendHeaders);
         return {
-            getAccessToken: function () {
+            getAccessToken() {
                 return client.token();
             },
         };

package/esm/create.js.map

@@ -1 +1 @@
-{"version":3,"file":"create.js","sourceRoot":"","sources":["../src/create.ts"],"names":[],"mappings":"AAIA;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,MAAoB;IAClD,OAAO,UAAC,OAAO;QACb,OAAO,CAAC,EAAE,CAAC,cAAc,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;QAEjD,OAAO;YACL,cAAc;gBACZ,OAAO,MAAM,CAAC,KAAK,EAAE,CAAC;YACxB,CAAC;SACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}
+{"version":3,"file":"create.js","sourceRoot":"","sources":["../src/create.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,MAAoB;IAClD,OAAO,CAAC,OAAO,EAAE,EAAE;QACjB,OAAO,CAAC,EAAE,CAAC,cAAc,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;QAEjD,OAAO;YACL,cAAc;gBACZ,OAAO,MAAM,CAAC,KAAK,EAAE,CAAC;YACxB,CAAC;SACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}

package/esm/index.d.ts

@@ -1,3 +1,4 @@
 export * from './create';
 export * from './setup';
 export * from './types';
+export * from './utils';

package/esm/index.js

@@ -1,4 +1,5 @@
 export * from './create';
 export * from './setup';
 export * from './types';
+export * from './utils';
 //# sourceMappingURL=index.js.map

package/esm/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC;AACzB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC;AACzB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC"}

package/esm/setup.d.ts

@@ -1,72 +1,4 @@
-/**
- * Available configuration options for the OAuth 2.0 plugin.
- */
-export interface OAuth2Config {
-    /**
-     * The id of the client. Required for the setup of OAuth 2.0.
-     */
-    clientId: string;
-    /**
-     * The client secret. Only required for the `code` flow.
-     */
-    clientSecret?: string;
-    /**
-     * The Uri pointing to the authorization endpoint of the Identity Provider.
-     */
-    authorizationUri: string;
-    /**
-     * The Uri pointing to the access token endpoint of the Identity Provider.
-     */
-    accessTokenUri?: string;
-    /**
-     * The redirect Uri to use. By default the origin with /auth
-     * is used.
-     */
-    redirectUri?: string;
-    /**
-     * The scopes to be used.
-     */
-    scopes?: Array<string>;
-    /**
-     * The OAuth 2.0 authorization flow type to be used.
-     */
-    flow?: 'implicit' | 'code';
-    /**
-     * Restricts token sharing such that other integrations, e.g., with
-     * fetch would need to be done manually.
-     * Otherwise, the client is responsive to the `before-fetch` event.
-     */
-    restrict?: boolean;
-}
-export interface OAuth2Request {
-    /**
-     * Sets the headers of the request.
-     * @param headers Headers or a promise to headers.
-     */
-    setHeaders(headers: any): void;
-}
-export interface OAuth2Client {
-    /**
-     * Performs a login.
-     */
-    login(): void;
-    /**
-     * Performs a logout.
-     */
-    logout(): void;
-    /**
-     * Gets a token.
-     */
-    token(): Promise<string>;
-    /**
-     * Checks if the user is currently logged in.
-     */
-    account(): boolean;
-    /**
-     * Extends the headers of the provided request.
-     */
-    extendHeaders(req: OAuth2Request): void;
-}
+import { OAuth2Config, OAuth2Client } from './types';
 /**
  * Sets up a new client wrapping the OAuth 2.0 API.
  * @param config The configuration for the client.

package/esm/setup.js

@@ -1,77 +1,100 @@
-import * as ClientOAuth2 from 'client-oauth2';
-var callbackName = 'oauth2Cb';
+import ClientOAuth2 from 'client-oauth2';
+import { createOAuth2MemoryPersistence } from './utils';
+const callbackName = 'oauth2Cb';
 /**
  * Sets up a new client wrapping the OAuth 2.0 API.
  * @param config The configuration for the client.
  */
 export function setupOAuth2Client(config) {
-    var clientId = config.clientId, clientSecret = config.clientSecret, authorizationUri = config.authorizationUri, accessTokenUri = config.accessTokenUri, _a = config.redirectUri, redirectUri = _a === void 0 ? location.origin + "/auth" : _a, _b = config.scopes, scopes = _b === void 0 ? [] : _b, flow = config.flow, _c = config.restrict, restrict = _c === void 0 ? false : _c;
-    var client = new ClientOAuth2({
-        clientId: clientId,
-        clientSecret: clientSecret,
-        redirectUri: redirectUri,
-        authorizationUri: authorizationUri,
-        accessTokenUri: accessTokenUri,
-        scopes: scopes,
+    const { clientId, clientSecret, authorizationUri, accessTokenUri, redirectUri = `${location.origin}/auth`, scopes = [], flow, headers, query, state, restrict = false, returnPath = '/', persist = createOAuth2MemoryPersistence(), } = config;
+    const client = new ClientOAuth2({
+        clientId,
+        clientSecret,
+        redirectUri,
+        authorizationUri,
+        accessTokenUri,
+        scopes,
+        headers,
+        query,
+        state,
     });
-    var currentToken;
-    var retrieveToken;
-    var getLoginUri;
-    if (flow === 'code') {
-        client.code.getToken(location.href).then(function (token) { return (currentToken = token); }, function () { });
-        retrieveToken = function () {
+    let currentToken;
+    let retrieveToken;
+    let getLoginUri;
+    const setCurrentToken = (token) => {
+        persist.save({
+            accessToken: token.accessToken,
+            data: token.data,
+            refreshToken: token.refreshToken,
+        });
+        currentToken = token;
+    };
+    const retrieve = (init, refresh) => {
+        return init.then(() => {
             if (!currentToken) {
                 return Promise.reject('Not logged in. Please call `login()` to retrieve a token.');
             }
             if (!currentToken.expired()) {
-                return Promise.resolve(currentToken.accessToken);
+                return currentToken.accessToken;
             }
-            return currentToken.refresh().then(function (refreshedToken) {
-                currentToken = refreshedToken;
+            return refresh().then((refreshedToken) => {
+                setCurrentToken(refreshedToken);
                 return currentToken.accessToken;
             });
+        });
+    };
+    const initialize = (load) => {
+        const info = persist.load();
+        if (info) {
+            currentToken = client.createToken(info.accessToken, info.refreshToken, info.data);
+            return Promise.resolve();
+        }
+        else {
+            return load().then((token) => {
+                const opener = window.opener;
+                setCurrentToken(token);
+                if (opener && typeof opener[callbackName] === 'function') {
+                    opener[callbackName](token);
+                    window.close();
+                }
+            }, () => { });
+        }
+    };
+    if (flow === 'code') {
+        const init = initialize(() => {
+            const url = location.href;
+            history.replaceState(undefined, undefined, returnPath);
+            return client.code.getToken(url);
+        });
+        retrieveToken = () => {
+            return retrieve(init, () => currentToken.refresh());
         };
-        getLoginUri = function () { return client.code.getUri(); };
+        getLoginUri = () => client.code.getUri();
     }
     else {
-        client.token.getToken(location.href).then(function (token) {
-            var opener = window.opener;
-            if (opener && typeof opener[callbackName] === 'function') {
-                opener[callbackName](token);
-                window.close();
-            }
-            currentToken = token;
-        }, function () { });
-        retrieveToken = function () {
-            if (!currentToken) {
-                return Promise.reject('Not logged in. Please call `login()` to retrieve a token.');
-            }
-            if (!currentToken.expired()) {
-                return Promise.resolve(currentToken.accessToken);
-            }
-            return new Promise(function (res) {
-                window[callbackName] = function (token) {
-                    currentToken = token;
-                    res(currentToken.accessToken);
-                };
+        const init = initialize(() => client.token.getToken(location.href));
+        retrieveToken = () => {
+            return retrieve(init, () => new Promise((resolve) => {
+                window[callbackName] = resolve;
                 window.open(client.token.getUri());
-            });
+            }));
         };
-        getLoginUri = function () { return client.token.getUri(); };
+        getLoginUri = () => client.token.getUri();
     }
     return {
-        login: function () {
+        _: client,
+        login() {
             window.location.href = getLoginUri();
         },
-        logout: function () {
+        logout() {
             currentToken = undefined;
         },
-        extendHeaders: function (req) {
+        extendHeaders(req) {
             if (!restrict) {
-                req.setHeaders(retrieveToken().then(function (token) { return token && { Authorization: "Bearer " + token }; }, function () { return undefined; }));
+                req.setHeaders(retrieveToken().then((token) => token && { Authorization: `Bearer ${token}` }, () => undefined));
             }
         },
-        account: function () {
+        account() {
             return !!currentToken;
         },
         token: retrieveToken,

package/esm/setup.js.map

@@ -1 +1 @@
-{"version":3,"file":"setup.js","sourceRoot":"","sources":["../src/setup.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,YAAY,MAAM,eAAe,CAAC;AA0E9C,IAAM,YAAY,GAAG,UAAU,CAAC;AAEhC;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,MAAoB;IAElD,IAAA,QAAQ,GAQN,MAAM,SARA,EACR,YAAY,GAOV,MAAM,aAPI,EACZ,gBAAgB,GAMd,MAAM,iBANQ,EAChB,cAAc,GAKZ,MAAM,eALM,EACd,KAIE,MAAM,YAJ+B,EAAvC,WAAW,mBAAM,QAAQ,CAAC,MAAM,UAAO,KAAA,EACvC,KAGE,MAAM,OAHG,EAAX,MAAM,mBAAG,EAAE,KAAA,EACX,IAAI,GAEF,MAAM,KAFJ,EACJ,KACE,MAAM,SADQ,EAAhB,QAAQ,mBAAG,KAAK,KAAA,CACP;IACX,IAAM,MAAM,GAAG,IAAI,YAAY,CAAC;QAC9B,QAAQ,UAAA;QACR,YAAY,cAAA;QACZ,WAAW,aAAA;QACX,gBAAgB,kBAAA;QAChB,cAAc,gBAAA;QACd,MAAM,QAAA;KACP,CAAC,CAAC;IACH,IAAI,YAAgC,CAAC;IACrC,IAAI,aAAoC,CAAC;IACzC,IAAI,WAAyB,CAAC;IAE9B,IAAI,IAAI,KAAK,MAAM,EAAE;QACnB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CACtC,UAAC,KAAK,IAAK,OAAA,CAAC,YAAY,GAAG,KAAK,CAAC,EAAtB,CAAsB,EACjC,cAAO,CAAC,CACT,CAAC;QAEF,aAAa,GAAG;YACd,IAAI,CAAC,YAAY,EAAE;gBACjB,OAAO,OAAO,CAAC,MAAM,CAAC,2DAA2D,CAAC,CAAC;aACpF;YAED,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,EAAE;gBAC3B,OAAO,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;aAClD;YAED,OAAO,YAAY,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,UAAC,cAAc;gBAChD,YAAY,GAAG,cAAc,CAAC;gBAC9B,OAAO,YAAY,CAAC,WAAW,CAAC;YAClC,CAAC,CAAC,CAAC;QACL,CAAC,CAAC;QACF,WAAW,GAAG,cAAM,OAAA,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,EAApB,CAAoB,CAAC;KAC1C;SAAM;QACL,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CACvC,UAAC,KAAK;YACJ,IAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;YAC7B,IAAI,MAAM,IAAI,OAAO,MAAM,CAAC,YAAY,CAAC,KAAK,UAAU,EAAE;gBACxD,MAAM,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC;gBAC5B,MAAM,CAAC,KAAK,EAAE,CAAC;aAChB;YACD,YAAY,GAAG,KAAK,CAAC;QACvB,CAAC,EACD,cAAO,CAAC,CACT,CAAC;QAEF,aAAa,GAAG;YACd,IAAI,CAAC,YAAY,EAAE;gBACjB,OAAO,OAAO,CAAC,MAAM,CAAC,2DAA2D,CAAC,CAAC;aACpF;YAED,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,EAAE;gBAC3B,OAAO,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;aAClD;YAED,OAAO,IAAI,OAAO,CAAS,UAAC,GAAG;gBAC7B,MAAM,CAAC,YAAY,CAAC,GAAG,UAAC,KAAyB;oBAC/C,YAAY,GAAG,KAAK,CAAC;oBACrB,GAAG,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;gBAChC,CAAC,CAAC;gBACF,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YACrC,CAAC,CAAC,CAAC;QACL,CAAC,CAAC;QACF,WAAW,GAAG,cAAM,OAAA,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,EAArB,CAAqB,CAAC;KAC3C;IAED,OAAO;QACL,KAAK;YACH,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,WAAW,EAAE,CAAC;QACvC,CAAC;QACD,MAAM;YACJ,YAAY,GAAG,SAAS,CAAC;QAC3B,CAAC;QACD,aAAa,YAAC,GAAG;YACf,IAAI,CAAC,QAAQ,EAAE;gBACb,GAAG,CAAC,UAAU,CACZ,aAAa,EAAE,CAAC,IAAI,CAClB,UAAC,KAAK,IAAK,OAAA,KAAK,IAAI,EAAE,aAAa,EAAE,YAAU,KAAO,EAAE,EAA7C,CAA6C,EACxD,cAAM,OAAA,SAAS,EAAT,CAAS,CAChB,CACF,CAAC;aACH;QACH,CAAC;QACD,OAAO;YACL,OAAO,CAAC,CAAC,YAAY,CAAC;QACxB,CAAC;QACD,KAAK,EAAE,aAAa;KACrB,CAAC;AACJ,CAAC"}
+{"version":3,"file":"setup.js","sourceRoot":"","sources":["../src/setup.ts"],"names":[],"mappings":"AAAA,OAAO,YAAY,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,6BAA6B,EAAE,MAAM,SAAS,CAAC;AAGxD,MAAM,YAAY,GAAG,UAAU,CAAC;AAEhC;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,MAAoB;IACpD,MAAM,EACJ,QAAQ,EACR,YAAY,EACZ,gBAAgB,EAChB,cAAc,EACd,WAAW,GAAG,GAAG,QAAQ,CAAC,MAAM,OAAO,EACvC,MAAM,GAAG,EAAE,EACX,IAAI,EACJ,OAAO,EACP,KAAK,EACL,KAAK,EACL,QAAQ,GAAG,KAAK,EAChB,UAAU,GAAG,GAAG,EAChB,OAAO,GAAG,6BAA6B,EAAE,GAC1C,GAAG,MAAM,CAAC;IAEX,MAAM,MAAM,GAAG,IAAI,YAAY,CAAC;QAC9B,QAAQ;QACR,YAAY;QACZ,WAAW;QACX,gBAAgB;QAChB,cAAc;QACd,MAAM;QACN,OAAO;QACP,KAAK;QACL,KAAK;KACN,CAAC,CAAC;IAEH,IAAI,YAAgC,CAAC;IACrC,IAAI,aAAoC,CAAC;IACzC,IAAI,WAAyB,CAAC;IAE9B,MAAM,eAAe,GAAG,CAAC,KAAyB,EAAE,EAAE;QACpD,OAAO,CAAC,IAAI,CAAC;YACX,WAAW,EAAE,KAAK,CAAC,WAAW;YAC9B,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,YAAY,EAAE,KAAK,CAAC,YAAY;SACjC,CAAC,CAAC;QAEH,YAAY,GAAG,KAAK,CAAC;IACvB,CAAC,CAAC;IAEF,MAAM,QAAQ,GAAG,CAAC,IAAmB,EAAE,OAA0C,EAAE,EAAE;QACnF,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;YACpB,IAAI,CAAC,YAAY,EAAE;gBACjB,OAAO,OAAO,CAAC,MAAM,CAAC,2DAA2D,CAAC,CAAC;aACpF;YAED,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,EAAE;gBAC3B,OAAO,YAAY,CAAC,WAAW,CAAC;aACjC;YAED,OAAO,OAAO,EAAE,CAAC,IAAI,CAAC,CAAC,cAAc,EAAE,EAAE;gBACvC,eAAe,CAAC,cAAc,CAAC,CAAC;gBAChC,OAAO,YAAY,CAAC,WAAW,CAAC;YAClC,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC;IAEF,MAAM,UAAU,GAAG,CAAC,IAAuC,EAAE,EAAE;QAC7D,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;QAE5B,IAAI,IAAI,EAAE;YACR,YAAY,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAClF,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;SAC1B;aAAM;YACL,OAAO,IAAI,EAAE,CAAC,IAAI,CAChB,CAAC,KAAK,EAAE,EAAE;gBACR,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;gBAE7B,eAAe,CAAC,KAAK,CAAC,CAAC;gBAEvB,IAAI,MAAM,IAAI,OAAO,MAAM,CAAC,YAAY,CAAC,KAAK,UAAU,EAAE;oBACxD,MAAM,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC;oBAC5B,MAAM,CAAC,KAAK,EAAE,CAAC;iBAChB;YACH,CAAC,EACD,GAAG,EAAE,GAAE,CAAC,CACT,CAAC;SACH;IACH,CAAC,CAAC;IAEF,IAAI,IAAI,KAAK,MAAM,EAAE;QACnB,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,EAAE;YAC3B,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC;YAC1B,OAAO,CAAC,YAAY,CAAC,SAAS,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;YACvD,OAAO,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACnC,CAAC,CAAC,CAAC;QAEH,aAAa,GAAG,GAAG,EAAE;YACnB,OAAO,QAAQ,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC,CAAC;QACtD,CAAC,CAAC;QACF,WAAW,GAAG,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;KAC1C;SAAM;QACL,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;QAEpE,aAAa,GAAG,GAAG,EAAE;YACnB,OAAO,QAAQ,CACb,IAAI,EACJ,GAAG,EAAE,CACH,IAAI,OAAO,CAAqB,CAAC,OAAO,EAAE,EAAE;gBAC1C,MAAM,CAAC,YAAY,CAAC,GAAG,OAAO,CAAC;gBAC/B,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YACrC,CAAC,CAAC,CACL,CAAC;QACJ,CAAC,CAAC;QACF,WAAW,GAAG,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;KAC3C;IAED,OAAO;QACL,CAAC,EAAE,MAAM;QACT,KAAK;YACH,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,WAAW,EAAE,CAAC;QACvC,CAAC;QACD,MAAM;YACJ,YAAY,GAAG,SAAS,CAAC;QAC3B,CAAC;QACD,aAAa,CAAC,GAAG;YACf,IAAI,CAAC,QAAQ,EAAE;gBACb,GAAG,CAAC,UAAU,CACZ,aAAa,EAAE,CAAC,IAAI,CAClB,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,IAAI,EAAE,aAAa,EAAE,UAAU,KAAK,EAAE,EAAE,EACxD,GAAG,EAAE,CAAC,SAAS,CAChB,CACF,CAAC;aACH;QACH,CAAC;QACD,OAAO;YACL,OAAO,CAAC,CAAC,YAAY,CAAC;QACxB,CAAC;QACD,KAAK,EAAE,aAAa;KACrB,CAAC;AACJ,CAAC"}

package/esm/types.d.ts

@@ -1,3 +1,4 @@
+import type { Data } from 'client-oauth2';
 declare module 'piral-core/lib/types/custom' {
     interface PiletCustomApi extends PiralOAuth2Api {
     }
@@ -8,3 +9,119 @@ export interface PiralOAuth2Api {
      */
     getAccessToken(): Promise<string | undefined>;
 }
+/**
+ * The relevant OAuth 2 token information.
+ */
+export interface OAuth2TokenInfo {
+    accessToken: string;
+    refreshToken: string;
+    data: Data;
+}
+/**
+ * Available configuration options for the OAuth 2 plugin.
+ */
+export interface OAuth2Config {
+    /**
+     * The id of the client. Required for the setup of OAuth 2.
+     */
+    clientId: string;
+    /**
+     * The client secret. Only required for the `code` flow.
+     */
+    clientSecret?: string;
+    /**
+     * The Uri pointing to the authorization endpoint of the Identity Provider.
+     */
+    authorizationUri: string;
+    /**
+     * The Uri pointing to the access token endpoint of the Identity Provider.
+     */
+    accessTokenUri?: string;
+    /**
+     * The redirect Uri to use. By default the origin with /auth
+     * is used.
+     */
+    redirectUri?: string;
+    /**
+     * The return path to use in case of the "code" flow. By default the
+     * path will be set to "/".
+     */
+    returnPath?: string;
+    /**
+     * The scopes to be used.
+     */
+    scopes?: Array<string>;
+    /**
+     * The OAuth 2 authorization flow type to be used.
+     */
+    flow?: 'implicit' | 'code';
+    /**
+     * Restricts token sharing such that other integrations, e.g., with
+     * fetch would need to be done manually.
+     * Otherwise, the client is responsive to the `before-fetch` event.
+     */
+    restrict?: boolean;
+    /**
+     * Optional persistence layer for OAuth 2. By default nothing is stored.
+     */
+    persist?: OAuth2Persistence;
+    /**
+     * The optional headers to supply in OAuth 2 requests.
+     */
+    headers?: Record<string, string | Array<string>>;
+    /**
+     * The optional query parameters to supply in OAuth 2 requests.
+     */
+    query?: Record<string, string | Array<string>>;
+    /**
+     * The optional state parameter to supply in OAuth 2 requests.
+     */
+    state?: string;
+}
+export interface OAuth2Request {
+    /**
+     * Sets the headers of the request.
+     * @param headers Headers or a promise to headers.
+     */
+    setHeaders(headers: any): void;
+}
+export interface OAuth2Client {
+    /**
+     * The underlying OAuth2 client.
+     */
+    _: any;
+    /**
+     * Performs a login.
+     */
+    login(): void;
+    /**
+     * Performs a logout.
+     */
+    logout(): void;
+    /**
+     * Gets a token.
+     */
+    token(): Promise<string>;
+    /**
+     * Checks if the user is currently logged in.
+     */
+    account(): boolean;
+    /**
+     * Extends the headers of the provided request.
+     */
+    extendHeaders(req: OAuth2Request): void;
+}
+/**
+ * Defines the interface for the OAuth 2 persistence layer.
+ */
+export interface OAuth2Persistence {
+    /**
+     * Loads an OAuth 2 token structure.
+     */
+    load(): OAuth2TokenInfo;
+    /**
+     * Stores an OAuth 2 token structure.
+     * @param info The token infos to store.
+     */
+    save(info: OAuth2TokenInfo): void;
+}

package/esm/utils.d.ts

@@ -0,0 +1,13 @@
+import { OAuth2Persistence } from './types';
+/**
+ * Creates an OAuth 2 persistence layer using memory.
+ */
+export declare function createOAuth2MemoryPersistence(): OAuth2Persistence;
+/**
+ * Creates an OAuth 2 persistence layer using sessionStorage.
+ */
+export declare function createOAuth2SessionPersistence(sessionKey?: string): OAuth2Persistence;
+/**
+ * Creates an OAuth 2 persistence layer using localStorage.
+ */
+export declare function createOAuth2BrowserPersistence(localKey?: string): OAuth2Persistence;

package/esm/utils.js

@@ -0,0 +1,56 @@
+/**
+ * Creates an OAuth 2 persistence layer using memory.
+ */
+export function createOAuth2MemoryPersistence() {
+    return {
+        load() {
+            return undefined;
+        },
+        save() { },
+    };
+}
+/**
+ * Creates an OAuth 2 persistence layer using sessionStorage.
+ */
+export function createOAuth2SessionPersistence(sessionKey = '$piral_oauth2_info') {
+    return {
+        load() {
+            const content = sessionStorage.getItem(sessionKey);
+            if (typeof content === 'string') {
+                try {
+                    return JSON.parse(content);
+                }
+                catch (_a) {
+                    console.error('Found invalid data in the OAuth 2 session storage key. Skipped.');
+                }
+            }
+            return undefined;
+        },
+        save(info) {
+            sessionStorage.setItem(sessionKey, JSON.stringify(info));
+        },
+    };
+}
+/**
+ * Creates an OAuth 2 persistence layer using localStorage.
+ */
+export function createOAuth2BrowserPersistence(localKey = '$piral_oauth2_info') {
+    return {
+        load() {
+            const content = localStorage.getItem(localKey);
+            if (typeof content === 'string') {
+                try {
+                    return JSON.parse(content);
+                }
+                catch (_a) {
+                    console.error('Found invalid data in the OAuth 2 local storage key. Skipped.');
+                }
+            }
+            return undefined;
+        },
+        save(info) {
+            localStorage.setItem(localKey, JSON.stringify(info));
+        },
+    };
+}
+//# sourceMappingURL=utils.js.map

package/esm/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,MAAM,UAAU,6BAA6B;IAC3C,OAAO;QACL,IAAI;YACF,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,IAAI,KAAI,CAAC;KACV,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,8BAA8B,CAAC,UAAU,GAAG,oBAAoB;IAC9E,OAAO;QACL,IAAI;YACF,MAAM,OAAO,GAAG,cAAc,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;YAEnD,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;gBAC/B,IAAI;oBACF,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;iBAC5B;gBAAC,WAAM;oBACN,OAAO,CAAC,KAAK,CAAC,iEAAiE,CAAC,CAAC;iBAClF;aACF;YAED,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,IAAI,CAAC,IAAI;YACP,cAAc,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;QAC3D,CAAC;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,8BAA8B,CAAC,QAAQ,GAAG,oBAAoB;IAC5E,OAAO;QACL,IAAI;YACF,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAE/C,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;gBAC/B,IAAI;oBACF,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;iBAC5B;gBAAC,WAAM;oBACN,OAAO,CAAC,KAAK,CAAC,+DAA+D,CAAC,CAAC;iBAChF;aACF;YAED,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,IAAI,CAAC,IAAI;YACP,YAAY,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;QACvD,CAAC;KACF,CAAC;AACJ,CAAC"}

package/lib/create.d.ts

@@ -1,6 +1,5 @@
 import { PiralPlugin } from 'piral-core';
-import { OAuth2Client } from './setup';
-import { PiralOAuth2Api } from './types';
+import { OAuth2Client, PiralOAuth2Api } from './types';
 /**
  * Creates new Pilet API extensions for the integration of OAuth 2.0.
  */

package/lib/create.js

@@ -5,10 +5,10 @@ exports.createOAuth2Api = void 0;
  * Creates new Pilet API extensions for the integration of OAuth 2.0.
  */
 function createOAuth2Api(client) {
-    return function (context) {
+    return (context) => {
         context.on('before-fetch', client.extendHeaders);
         return {
-            getAccessToken: function () {
+            getAccessToken() {
                 return client.token();
             },
         };

package/lib/create.js.map

@@ -1 +1 @@
-{"version":3,"file":"create.js","sourceRoot":"","sources":["../src/create.ts"],"names":[],"mappings":";;;AAIA;;GAEG;AACH,SAAgB,eAAe,CAAC,MAAoB;IAClD,OAAO,UAAC,OAAO;QACb,OAAO,CAAC,EAAE,CAAC,cAAc,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;QAEjD,OAAO;YACL,cAAc;gBACZ,OAAO,MAAM,CAAC,KAAK,EAAE,CAAC;YACxB,CAAC;SACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC;AAVD,0CAUC"}
+{"version":3,"file":"create.js","sourceRoot":"","sources":["../src/create.ts"],"names":[],"mappings":";;;AAGA;;GAEG;AACH,SAAgB,eAAe,CAAC,MAAoB;IAClD,OAAO,CAAC,OAAO,EAAE,EAAE;QACjB,OAAO,CAAC,EAAE,CAAC,cAAc,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;QAEjD,OAAO;YACL,cAAc;gBACZ,OAAO,MAAM,CAAC,KAAK,EAAE,CAAC;YACxB,CAAC;SACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC;AAVD,0CAUC"}

package/lib/index.d.ts

@@ -1,3 +1,4 @@
 export * from './create';
 export * from './setup';
 export * from './types';
+export * from './utils';

package/lib/index.js

@@ -1,7 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-var tslib_1 = require("tslib");
+const tslib_1 = require("tslib");
 tslib_1.__exportStar(require("./create"), exports);
 tslib_1.__exportStar(require("./setup"), exports);
 tslib_1.__exportStar(require("./types"), exports);
+tslib_1.__exportStar(require("./utils"), exports);
 //# sourceMappingURL=index.js.map

package/lib/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAAA,mDAAyB;AACzB,kDAAwB;AACxB,kDAAwB"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAAA,mDAAyB;AACzB,kDAAwB;AACxB,kDAAwB;AACxB,kDAAwB"}