piral-oauth2 1.0.0-pre.2217 → 1.0.1-beta.5640

package/lib/setup.d.ts

@@ -1,72 +1,4 @@
-/**
- * Available configuration options for the OAuth 2.0 plugin.
- */
-export interface OAuth2Config {
-    /**
-     * The id of the client. Required for the setup of OAuth 2.0.
-     */
-    clientId: string;
-    /**
-     * The client secret. Only required for the `code` flow.
-     */
-    clientSecret?: string;
-    /**
-     * The Uri pointing to the authorization endpoint of the Identity Provider.
-     */
-    authorizationUri: string;
-    /**
-     * The Uri pointing to the access token endpoint of the Identity Provider.
-     */
-    accessTokenUri?: string;
-    /**
-     * The redirect Uri to use. By default the origin with /auth
-     * is used.
-     */
-    redirectUri?: string;
-    /**
-     * The scopes to be used.
-     */
-    scopes?: Array<string>;
-    /**
-     * The OAuth 2.0 authorization flow type to be used.
-     */
-    flow?: 'implicit' | 'code';
-    /**
-     * Restricts token sharing such that other integrations, e.g., with
-     * fetch would need to be done manually.
-     * Otherwise, the client is responsive to the `before-fetch` event.
-     */
-    restrict?: boolean;
-}
-export interface OAuth2Request {
-    /**
-     * Sets the headers of the request.
-     * @param headers Headers or a promise to headers.
-     */
-    setHeaders(headers: any): void;
-}
-export interface OAuth2Client {
-    /**
-     * Performs a login.
-     */
-    login(): void;
-    /**
-     * Performs a logout.
-     */
-    logout(): void;
-    /**
-     * Gets a token.
-     */
-    token(): Promise<string>;
-    /**
-     * Checks if the user is currently logged in.
-     */
-    account(): boolean;
-    /**
-     * Extends the headers of the provided request.
-     */
-    extendHeaders(req: OAuth2Request): void;
-}
+import { OAuth2Config, OAuth2Client } from './types';
 /**
  * Sets up a new client wrapping the OAuth 2.0 API.
  * @param config The configuration for the client.

package/lib/setup.js

@@ -1,80 +1,104 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.setupOAuth2Client = void 0;
-var ClientOAuth2 = require("client-oauth2");
-var callbackName = 'oauth2Cb';
+const tslib_1 = require("tslib");
+const client_oauth2_1 = tslib_1.__importDefault(require("client-oauth2"));
+const utils_1 = require("./utils");
+const callbackName = 'oauth2Cb';
 /**
  * Sets up a new client wrapping the OAuth 2.0 API.
  * @param config The configuration for the client.
  */
 function setupOAuth2Client(config) {
-    var clientId = config.clientId, clientSecret = config.clientSecret, authorizationUri = config.authorizationUri, accessTokenUri = config.accessTokenUri, _a = config.redirectUri, redirectUri = _a === void 0 ? location.origin + "/auth" : _a, _b = config.scopes, scopes = _b === void 0 ? [] : _b, flow = config.flow, _c = config.restrict, restrict = _c === void 0 ? false : _c;
-    var client = new ClientOAuth2({
-        clientId: clientId,
-        clientSecret: clientSecret,
-        redirectUri: redirectUri,
-        authorizationUri: authorizationUri,
-        accessTokenUri: accessTokenUri,
-        scopes: scopes,
+    const { clientId, clientSecret, authorizationUri, accessTokenUri, redirectUri = `${location.origin}/auth`, scopes = [], flow, headers, query, state, restrict = false, returnPath = '/', persist = (0, utils_1.createOAuth2MemoryPersistence)(), } = config;
+    const client = new client_oauth2_1.default({
+        clientId,
+        clientSecret,
+        redirectUri,
+        authorizationUri,
+        accessTokenUri,
+        scopes,
+        headers,
+        query,
+        state,
     });
-    var currentToken;
-    var retrieveToken;
-    var getLoginUri;
-    if (flow === 'code') {
-        client.code.getToken(location.href).then(function (token) { return (currentToken = token); }, function () { });
-        retrieveToken = function () {
+    let currentToken;
+    let retrieveToken;
+    let getLoginUri;
+    const setCurrentToken = (token) => {
+        persist.save({
+            accessToken: token.accessToken,
+            data: token.data,
+            refreshToken: token.refreshToken,
+        });
+        currentToken = token;
+    };
+    const retrieve = (init, refresh) => {
+        return init.then(() => {
             if (!currentToken) {
                 return Promise.reject('Not logged in. Please call `login()` to retrieve a token.');
             }
             if (!currentToken.expired()) {
-                return Promise.resolve(currentToken.accessToken);
+                return currentToken.accessToken;
             }
-            return currentToken.refresh().then(function (refreshedToken) {
-                currentToken = refreshedToken;
+            return refresh().then((refreshedToken) => {
+                setCurrentToken(refreshedToken);
                 return currentToken.accessToken;
             });
+        });
+    };
+    const initialize = (load) => {
+        const info = persist.load();
+        if (info) {
+            currentToken = client.createToken(info.accessToken, info.refreshToken, info.data);
+            return Promise.resolve();
+        }
+        else {
+            return load().then((token) => {
+                const opener = window.opener;
+                setCurrentToken(token);
+                if (opener && typeof opener[callbackName] === 'function') {
+                    opener[callbackName](token);
+                    window.close();
+                }
+            }, () => { });
+        }
+    };
+    if (flow === 'code') {
+        const init = initialize(() => {
+            const url = location.href;
+            history.replaceState(undefined, undefined, returnPath);
+            return client.code.getToken(url);
+        });
+        retrieveToken = () => {
+            return retrieve(init, () => currentToken.refresh());
         };
-        getLoginUri = function () { return client.code.getUri(); };
+        getLoginUri = () => client.code.getUri();
     }
     else {
-        client.token.getToken(location.href).then(function (token) {
-            var opener = window.opener;
-            if (opener && typeof opener[callbackName] === 'function') {
-                opener[callbackName](token);
-                window.close();
-            }
-            currentToken = token;
-        }, function () { });
-        retrieveToken = function () {
-            if (!currentToken) {
-                return Promise.reject('Not logged in. Please call `login()` to retrieve a token.');
-            }
-            if (!currentToken.expired()) {
-                return Promise.resolve(currentToken.accessToken);
-            }
-            return new Promise(function (res) {
-                window[callbackName] = function (token) {
-                    currentToken = token;
-                    res(currentToken.accessToken);
-                };
+        const init = initialize(() => client.token.getToken(location.href));
+        retrieveToken = () => {
+            return retrieve(init, () => new Promise((resolve) => {
+                window[callbackName] = resolve;
                 window.open(client.token.getUri());
-            });
+            }));
         };
-        getLoginUri = function () { return client.token.getUri(); };
+        getLoginUri = () => client.token.getUri();
     }
     return {
-        login: function () {
+        _: client,
+        login() {
             window.location.href = getLoginUri();
         },
-        logout: function () {
+        logout() {
             currentToken = undefined;
         },
-        extendHeaders: function (req) {
+        extendHeaders(req) {
             if (!restrict) {
-                req.setHeaders(retrieveToken().then(function (token) { return token && { Authorization: "Bearer " + token }; }, function () { return undefined; }));
+                req.setHeaders(retrieveToken().then((token) => token && { Authorization: `Bearer ${token}` }, () => undefined));
             }
         },
-        account: function () {
+        account() {
             return !!currentToken;
         },
         token: retrieveToken,

package/lib/setup.js.map

@@ -1 +1 @@
-{"version":3,"file":"setup.js","sourceRoot":"","sources":["../src/setup.ts"],"names":[],"mappings":";;;AAAA,4CAA8C;AA0E9C,IAAM,YAAY,GAAG,UAAU,CAAC;AAEhC;;;GAGG;AACH,SAAgB,iBAAiB,CAAC,MAAoB;IAElD,IAAA,QAAQ,GAQN,MAAM,SARA,EACR,YAAY,GAOV,MAAM,aAPI,EACZ,gBAAgB,GAMd,MAAM,iBANQ,EAChB,cAAc,GAKZ,MAAM,eALM,EACd,KAIE,MAAM,YAJ+B,EAAvC,WAAW,mBAAM,QAAQ,CAAC,MAAM,UAAO,KAAA,EACvC,KAGE,MAAM,OAHG,EAAX,MAAM,mBAAG,EAAE,KAAA,EACX,IAAI,GAEF,MAAM,KAFJ,EACJ,KACE,MAAM,SADQ,EAAhB,QAAQ,mBAAG,KAAK,KAAA,CACP;IACX,IAAM,MAAM,GAAG,IAAI,YAAY,CAAC;QAC9B,QAAQ,UAAA;QACR,YAAY,cAAA;QACZ,WAAW,aAAA;QACX,gBAAgB,kBAAA;QAChB,cAAc,gBAAA;QACd,MAAM,QAAA;KACP,CAAC,CAAC;IACH,IAAI,YAAgC,CAAC;IACrC,IAAI,aAAoC,CAAC;IACzC,IAAI,WAAyB,CAAC;IAE9B,IAAI,IAAI,KAAK,MAAM,EAAE;QACnB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CACtC,UAAC,KAAK,IAAK,OAAA,CAAC,YAAY,GAAG,KAAK,CAAC,EAAtB,CAAsB,EACjC,cAAO,CAAC,CACT,CAAC;QAEF,aAAa,GAAG;YACd,IAAI,CAAC,YAAY,EAAE;gBACjB,OAAO,OAAO,CAAC,MAAM,CAAC,2DAA2D,CAAC,CAAC;aACpF;YAED,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,EAAE;gBAC3B,OAAO,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;aAClD;YAED,OAAO,YAAY,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,UAAC,cAAc;gBAChD,YAAY,GAAG,cAAc,CAAC;gBAC9B,OAAO,YAAY,CAAC,WAAW,CAAC;YAClC,CAAC,CAAC,CAAC;QACL,CAAC,CAAC;QACF,WAAW,GAAG,cAAM,OAAA,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,EAApB,CAAoB,CAAC;KAC1C;SAAM;QACL,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CACvC,UAAC,KAAK;YACJ,IAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;YAC7B,IAAI,MAAM,IAAI,OAAO,MAAM,CAAC,YAAY,CAAC,KAAK,UAAU,EAAE;gBACxD,MAAM,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC;gBAC5B,MAAM,CAAC,KAAK,EAAE,CAAC;aAChB;YACD,YAAY,GAAG,KAAK,CAAC;QACvB,CAAC,EACD,cAAO,CAAC,CACT,CAAC;QAEF,aAAa,GAAG;YACd,IAAI,CAAC,YAAY,EAAE;gBACjB,OAAO,OAAO,CAAC,MAAM,CAAC,2DAA2D,CAAC,CAAC;aACpF;YAED,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,EAAE;gBAC3B,OAAO,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;aAClD;YAED,OAAO,IAAI,OAAO,CAAS,UAAC,GAAG;gBAC7B,MAAM,CAAC,YAAY,CAAC,GAAG,UAAC,KAAyB;oBAC/C,YAAY,GAAG,KAAK,CAAC;oBACrB,GAAG,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;gBAChC,CAAC,CAAC;gBACF,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YACrC,CAAC,CAAC,CAAC;QACL,CAAC,CAAC;QACF,WAAW,GAAG,cAAM,OAAA,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,EAArB,CAAqB,CAAC;KAC3C;IAED,OAAO;QACL,KAAK;YACH,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,WAAW,EAAE,CAAC;QACvC,CAAC;QACD,MAAM;YACJ,YAAY,GAAG,SAAS,CAAC;QAC3B,CAAC;QACD,aAAa,YAAC,GAAG;YACf,IAAI,CAAC,QAAQ,EAAE;gBACb,GAAG,CAAC,UAAU,CACZ,aAAa,EAAE,CAAC,IAAI,CAClB,UAAC,KAAK,IAAK,OAAA,KAAK,IAAI,EAAE,aAAa,EAAE,YAAU,KAAO,EAAE,EAA7C,CAA6C,EACxD,cAAM,OAAA,SAAS,EAAT,CAAS,CAChB,CACF,CAAC;aACH;QACH,CAAC;QACD,OAAO;YACL,OAAO,CAAC,CAAC,YAAY,CAAC;QACxB,CAAC;QACD,KAAK,EAAE,aAAa;KACrB,CAAC;AACJ,CAAC;AAnGD,8CAmGC"}
+{"version":3,"file":"setup.js","sourceRoot":"","sources":["../src/setup.ts"],"names":[],"mappings":";;;;AAAA,0EAAyC;AACzC,mCAAwD;AAGxD,MAAM,YAAY,GAAG,UAAU,CAAC;AAEhC;;;GAGG;AACH,SAAgB,iBAAiB,CAAC,MAAoB;IACpD,MAAM,EACJ,QAAQ,EACR,YAAY,EACZ,gBAAgB,EAChB,cAAc,EACd,WAAW,GAAG,GAAG,QAAQ,CAAC,MAAM,OAAO,EACvC,MAAM,GAAG,EAAE,EACX,IAAI,EACJ,OAAO,EACP,KAAK,EACL,KAAK,EACL,QAAQ,GAAG,KAAK,EAChB,UAAU,GAAG,GAAG,EAChB,OAAO,GAAG,IAAA,qCAA6B,GAAE,GAC1C,GAAG,MAAM,CAAC;IAEX,MAAM,MAAM,GAAG,IAAI,uBAAY,CAAC;QAC9B,QAAQ;QACR,YAAY;QACZ,WAAW;QACX,gBAAgB;QAChB,cAAc;QACd,MAAM;QACN,OAAO;QACP,KAAK;QACL,KAAK;KACN,CAAC,CAAC;IAEH,IAAI,YAAgC,CAAC;IACrC,IAAI,aAAoC,CAAC;IACzC,IAAI,WAAyB,CAAC;IAE9B,MAAM,eAAe,GAAG,CAAC,KAAyB,EAAE,EAAE;QACpD,OAAO,CAAC,IAAI,CAAC;YACX,WAAW,EAAE,KAAK,CAAC,WAAW;YAC9B,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,YAAY,EAAE,KAAK,CAAC,YAAY;SACjC,CAAC,CAAC;QAEH,YAAY,GAAG,KAAK,CAAC;IACvB,CAAC,CAAC;IAEF,MAAM,QAAQ,GAAG,CAAC,IAAmB,EAAE,OAA0C,EAAE,EAAE;QACnF,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;YACpB,IAAI,CAAC,YAAY,EAAE;gBACjB,OAAO,OAAO,CAAC,MAAM,CAAC,2DAA2D,CAAC,CAAC;aACpF;YAED,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,EAAE;gBAC3B,OAAO,YAAY,CAAC,WAAW,CAAC;aACjC;YAED,OAAO,OAAO,EAAE,CAAC,IAAI,CAAC,CAAC,cAAc,EAAE,EAAE;gBACvC,eAAe,CAAC,cAAc,CAAC,CAAC;gBAChC,OAAO,YAAY,CAAC,WAAW,CAAC;YAClC,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC;IAEF,MAAM,UAAU,GAAG,CAAC,IAAuC,EAAE,EAAE;QAC7D,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;QAE5B,IAAI,IAAI,EAAE;YACR,YAAY,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAClF,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;SAC1B;aAAM;YACL,OAAO,IAAI,EAAE,CAAC,IAAI,CAChB,CAAC,KAAK,EAAE,EAAE;gBACR,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;gBAE7B,eAAe,CAAC,KAAK,CAAC,CAAC;gBAEvB,IAAI,MAAM,IAAI,OAAO,MAAM,CAAC,YAAY,CAAC,KAAK,UAAU,EAAE;oBACxD,MAAM,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC;oBAC5B,MAAM,CAAC,KAAK,EAAE,CAAC;iBAChB;YACH,CAAC,EACD,GAAG,EAAE,GAAE,CAAC,CACT,CAAC;SACH;IACH,CAAC,CAAC;IAEF,IAAI,IAAI,KAAK,MAAM,EAAE;QACnB,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,EAAE;YAC3B,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC;YAC1B,OAAO,CAAC,YAAY,CAAC,SAAS,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;YACvD,OAAO,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACnC,CAAC,CAAC,CAAC;QAEH,aAAa,GAAG,GAAG,EAAE;YACnB,OAAO,QAAQ,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC,CAAC;QACtD,CAAC,CAAC;QACF,WAAW,GAAG,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;KAC1C;SAAM;QACL,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;QAEpE,aAAa,GAAG,GAAG,EAAE;YACnB,OAAO,QAAQ,CACb,IAAI,EACJ,GAAG,EAAE,CACH,IAAI,OAAO,CAAqB,CAAC,OAAO,EAAE,EAAE;gBAC1C,MAAM,CAAC,YAAY,CAAC,GAAG,OAAO,CAAC;gBAC/B,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YACrC,CAAC,CAAC,CACL,CAAC;QACJ,CAAC,CAAC;QACF,WAAW,GAAG,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;KAC3C;IAED,OAAO;QACL,CAAC,EAAE,MAAM;QACT,KAAK;YACH,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,WAAW,EAAE,CAAC;QACvC,CAAC;QACD,MAAM;YACJ,YAAY,GAAG,SAAS,CAAC;QAC3B,CAAC;QACD,aAAa,CAAC,GAAG;YACf,IAAI,CAAC,QAAQ,EAAE;gBACb,GAAG,CAAC,UAAU,CACZ,aAAa,EAAE,CAAC,IAAI,CAClB,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,IAAI,EAAE,aAAa,EAAE,UAAU,KAAK,EAAE,EAAE,EACxD,GAAG,EAAE,CAAC,SAAS,CAChB,CACF,CAAC;aACH;QACH,CAAC;QACD,OAAO;YACL,OAAO,CAAC,CAAC,YAAY,CAAC;QACxB,CAAC;QACD,KAAK,EAAE,aAAa;KACrB,CAAC;AACJ,CAAC;AArID,8CAqIC"}

package/lib/types.d.ts

@@ -1,3 +1,4 @@
+import type { Data } from 'client-oauth2';
 declare module 'piral-core/lib/types/custom' {
     interface PiletCustomApi extends PiralOAuth2Api {
     }
@@ -8,3 +9,119 @@ export interface PiralOAuth2Api {
      */
     getAccessToken(): Promise<string | undefined>;
 }
+/**
+ * The relevant OAuth 2 token information.
+ */
+export interface OAuth2TokenInfo {
+    accessToken: string;
+    refreshToken: string;
+    data: Data;
+}
+/**
+ * Available configuration options for the OAuth 2 plugin.
+ */
+export interface OAuth2Config {
+    /**
+     * The id of the client. Required for the setup of OAuth 2.
+     */
+    clientId: string;
+    /**
+     * The client secret. Only required for the `code` flow.
+     */
+    clientSecret?: string;
+    /**
+     * The Uri pointing to the authorization endpoint of the Identity Provider.
+     */
+    authorizationUri: string;
+    /**
+     * The Uri pointing to the access token endpoint of the Identity Provider.
+     */
+    accessTokenUri?: string;
+    /**
+     * The redirect Uri to use. By default the origin with /auth
+     * is used.
+     */
+    redirectUri?: string;
+    /**
+     * The return path to use in case of the "code" flow. By default the
+     * path will be set to "/".
+     */
+    returnPath?: string;
+    /**
+     * The scopes to be used.
+     */
+    scopes?: Array<string>;
+    /**
+     * The OAuth 2 authorization flow type to be used.
+     */
+    flow?: 'implicit' | 'code';
+    /**
+     * Restricts token sharing such that other integrations, e.g., with
+     * fetch would need to be done manually.
+     * Otherwise, the client is responsive to the `before-fetch` event.
+     */
+    restrict?: boolean;
+    /**
+     * Optional persistence layer for OAuth 2. By default nothing is stored.
+     */
+    persist?: OAuth2Persistence;
+    /**
+     * The optional headers to supply in OAuth 2 requests.
+     */
+    headers?: Record<string, string | Array<string>>;
+    /**
+     * The optional query parameters to supply in OAuth 2 requests.
+     */
+    query?: Record<string, string | Array<string>>;
+    /**
+     * The optional state parameter to supply in OAuth 2 requests.
+     */
+    state?: string;
+}
+export interface OAuth2Request {
+    /**
+     * Sets the headers of the request.
+     * @param headers Headers or a promise to headers.
+     */
+    setHeaders(headers: any): void;
+}
+export interface OAuth2Client {
+    /**
+     * The underlying OAuth2 client.
+     */
+    _: any;
+    /**
+     * Performs a login.
+     */
+    login(): void;
+    /**
+     * Performs a logout.
+     */
+    logout(): void;
+    /**
+     * Gets a token.
+     */
+    token(): Promise<string>;
+    /**
+     * Checks if the user is currently logged in.
+     */
+    account(): boolean;
+    /**
+     * Extends the headers of the provided request.
+     */
+    extendHeaders(req: OAuth2Request): void;
+}
+/**
+ * Defines the interface for the OAuth 2 persistence layer.
+ */
+export interface OAuth2Persistence {
+    /**
+     * Loads an OAuth 2 token structure.
+     */
+    load(): OAuth2TokenInfo;
+    /**
+     * Stores an OAuth 2 token structure.
+     * @param info The token infos to store.
+     */
+    save(info: OAuth2TokenInfo): void;
+}

package/lib/utils.d.ts

@@ -0,0 +1,13 @@
+import { OAuth2Persistence } from './types';
+/**
+ * Creates an OAuth 2 persistence layer using memory.
+ */
+export declare function createOAuth2MemoryPersistence(): OAuth2Persistence;
+/**
+ * Creates an OAuth 2 persistence layer using sessionStorage.
+ */
+export declare function createOAuth2SessionPersistence(sessionKey?: string): OAuth2Persistence;
+/**
+ * Creates an OAuth 2 persistence layer using localStorage.
+ */
+export declare function createOAuth2BrowserPersistence(localKey?: string): OAuth2Persistence;

package/lib/utils.js

@@ -0,0 +1,62 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createOAuth2BrowserPersistence = exports.createOAuth2SessionPersistence = exports.createOAuth2MemoryPersistence = void 0;
+/**
+ * Creates an OAuth 2 persistence layer using memory.
+ */
+function createOAuth2MemoryPersistence() {
+    return {
+        load() {
+            return undefined;
+        },
+        save() { },
+    };
+}
+exports.createOAuth2MemoryPersistence = createOAuth2MemoryPersistence;
+/**
+ * Creates an OAuth 2 persistence layer using sessionStorage.
+ */
+function createOAuth2SessionPersistence(sessionKey = '$piral_oauth2_info') {
+    return {
+        load() {
+            const content = sessionStorage.getItem(sessionKey);
+            if (typeof content === 'string') {
+                try {
+                    return JSON.parse(content);
+                }
+                catch (_a) {
+                    console.error('Found invalid data in the OAuth 2 session storage key. Skipped.');
+                }
+            }
+            return undefined;
+        },
+        save(info) {
+            sessionStorage.setItem(sessionKey, JSON.stringify(info));
+        },
+    };
+}
+exports.createOAuth2SessionPersistence = createOAuth2SessionPersistence;
+/**
+ * Creates an OAuth 2 persistence layer using localStorage.
+ */
+function createOAuth2BrowserPersistence(localKey = '$piral_oauth2_info') {
+    return {
+        load() {
+            const content = localStorage.getItem(localKey);
+            if (typeof content === 'string') {
+                try {
+                    return JSON.parse(content);
+                }
+                catch (_a) {
+                    console.error('Found invalid data in the OAuth 2 local storage key. Skipped.');
+                }
+            }
+            return undefined;
+        },
+        save(info) {
+            localStorage.setItem(localKey, JSON.stringify(info));
+        },
+    };
+}
+exports.createOAuth2BrowserPersistence = createOAuth2BrowserPersistence;
+//# sourceMappingURL=utils.js.map

package/lib/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":";;;AAEA;;GAEG;AACH,SAAgB,6BAA6B;IAC3C,OAAO;QACL,IAAI;YACF,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,IAAI,KAAI,CAAC;KACV,CAAC;AACJ,CAAC;AAPD,sEAOC;AAED;;GAEG;AACH,SAAgB,8BAA8B,CAAC,UAAU,GAAG,oBAAoB;IAC9E,OAAO;QACL,IAAI;YACF,MAAM,OAAO,GAAG,cAAc,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;YAEnD,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;gBAC/B,IAAI;oBACF,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;iBAC5B;gBAAC,WAAM;oBACN,OAAO,CAAC,KAAK,CAAC,iEAAiE,CAAC,CAAC;iBAClF;aACF;YAED,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,IAAI,CAAC,IAAI;YACP,cAAc,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;QAC3D,CAAC;KACF,CAAC;AACJ,CAAC;AAnBD,wEAmBC;AAED;;GAEG;AACH,SAAgB,8BAA8B,CAAC,QAAQ,GAAG,oBAAoB;IAC5E,OAAO;QACL,IAAI;YACF,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAE/C,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;gBAC/B,IAAI;oBACF,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;iBAC5B;gBAAC,WAAM;oBACN,OAAO,CAAC,KAAK,CAAC,+DAA+D,CAAC,CAAC;iBAChF;aACF;YAED,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,IAAI,CAAC,IAAI;YACP,YAAY,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;QACvD,CAAC;KACF,CAAC;AACJ,CAAC;AAnBD,wEAmBC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "piral-oauth2",
-  "version": "1.0.0-pre.2217",
+  "version": "1.0.1-beta.5640",
   "description": "Plugin to integrate OAuth 2.0 authentication in Piral.",
   "keywords": [
     "piral",
@@ -22,11 +22,29 @@
   "module": "esm/index.js",
   "main": "lib/index.js",
   "typings": "lib/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./esm/index.js",
+      "require": "./lib/index.js"
+    },
+    "./esm/*": {
+      "import": "./esm/*"
+    },
+    "./lib/*": {
+      "require": "./lib/*"
+    },
+    "./_/*": {
+      "import": "./esm/*.js",
+      "require": "./lib/*.js"
+    },
+    "./package.json": "./package.json"
+  },
   "sideEffects": false,
   "files": [
     "esm",
     "lib",
-    "src"
+    "src",
+    "piral-oauth2.min.js"
   ],
   "repository": {
     "type": "git",
@@ -36,7 +54,9 @@
     "url": "https://github.com/smapiot/piral/issues"
   },
   "scripts": {
-    "build": "yarn build:commonjs && yarn build:esnext",
+    "cleanup": "rimraf esm lib piral-oauth2.min.js",
+    "build": "yarn build:bundle && yarn build:commonjs && yarn build:esnext",
+    "build:bundle": "esbuild src/index.ts --outfile=piral-oauth2.min.js --bundle --external:piral-core --minify --global-name=piralOAuth2",
     "build:commonjs": "tsc --project tsconfig.json --outDir lib --module commonjs",
     "build:esnext": "tsc --project tsconfig.json --outDir esm --module esnext",
     "typedoc": "typedoc --json ../../../docs/types/piral-oauth2.json src --exclude \"src/**/*.test.*\"",
@@ -46,10 +66,7 @@
     "client-oauth2": "^4.2.5"
   },
   "devDependencies": {
-    "piral-core": "^1.0.0-pre.2217"
-  },
-  "peerDependencies": {
-    "piral-core": "1.x"
+    "piral-core": "1.0.1-beta.5640"
   },
-  "gitHead": "39479fee9a718f9f2fec97ce1a119fc0818805da"
+  "gitHead": "fa0a72b28fd0a20afec7ef491ec19e93c090fc72"
 }

package/piral-oauth2.min.js

@@ -0,0 +1 @@
+var piralOAuth2=(()=>{var ce=Object.create;var x=Object.defineProperty;var ue=Object.getOwnPropertyDescriptor;var he=Object.getOwnPropertyNames;var de=Object.getPrototypeOf,le=Object.prototype.hasOwnProperty;var $=e=>x(e,"__esModule",{value:!0});var y=(e,t)=>()=>(t||e((t={exports:{}}).exports,t),t.exports),fe=(e,t)=>{$(e);for(var n in t)x(e,n,{get:t[n],enumerable:!0})},pe=(e,t,n)=>{if(t&&typeof t=="object"||typeof t=="function")for(let r of he(t))!le.call(e,r)&&r!=="default"&&x(e,r,{get:()=>t[r],enumerable:!(n=ue(t,r))||n.enumerable});return e},ge=e=>pe($(x(e!=null?ce(de(e)):{},"default",e&&e.__esModule&&"default"in e?{get:()=>e.default,enumerable:!0}:{value:e,enumerable:!0})),e);var X=y(()=>{});var Q=y((Se,K)=>{"use strict";function me(e,t){return Object.prototype.hasOwnProperty.call(e,t)}K.exports=function(e,t,n,r){t=t||"&",n=n||"=";var o={};if(typeof e!="string"||e.length===0)return o;var i=/\+/g;e=e.split(t);var s=1e3;r&&typeof r.maxKeys=="number"&&(s=r.maxKeys);var a=e.length;s>0&&a>s&&(a=s);for(var d=0;d<a;++d){var p=e[d].replace(i,"%20"),m=p.indexOf(n),T,w,l,h;m>=0?(T=p.substr(0,m),w=p.substr(m+1)):(T=p,w=""),l=decodeURIComponent(T),h=decodeURIComponent(w),me(o,l)?Array.isArray(o[l])?o[l].push(h):o[l]=[o[l],h]:o[l]=h}return o}});var V=y((Ce,G)=>{"use strict";var v=function(e){switch(typeof e){case"string":return e;case"boolean":return e?"true":"false";case"number":return isFinite(e)?e:"";default:return""}};G.exports=function(e,t,n,r){return t=t||"&",n=n||"=",e===null&&(e=void 0),typeof e=="object"?Object.keys(e).map(function(o){var i=encodeURIComponent(v(o))+n;return Array.isArray(e[o])?e[o].map(function(s){return i+encodeURIComponent(v(s))}).join(t):i+encodeURIComponent(v(e[o]))}).filter(Boolean).join(t):r?encodeURIComponent(v(r))+n+encodeURIComponent(v(e)):""}});var W=y(k=>{"use strict";k.decode=k.parse=Q();k.encode=k.stringify=V()});var Z=y((ze,Y)=>{Y.exports=function(t,n,r,o){return new Promise(function(i,s){var a=new window.XMLHttpRequest;a.open(t,n),a.onload=function(){return i({status:a.status,body:a.responseText})},a.onerror=a.onabort=function(){return s(new Error(a.statusText||"XHR aborted: "+n))},Object.keys(o).forEach(function(d){a.setRequestHeader(d,o[d])}),a.send(r)})}});var se=y((Ee,ie)=>{var ee=X().Buffer,g=W(),Te=Z(),S="https://example.org/",R;typeof ee=="function"?R=ve:R=window.btoa.bind(window);ie.exports=_;var b={Accept:"application/json, application/x-www-form-urlencoded","Content-Type":"application/x-www-form-urlencoded"},we={invalid_request:["The request is missing a required parameter, includes an","invalid parameter value, includes a parameter more than","once, or is otherwise malformed."].join(" "),invalid_client:["Client authentication failed (e.g., unknown client, no","client authentication included, or unsupported","authentication method)."].join(" "),invalid_grant:["The provided authorization grant (e.g., authorization","code, resource owner credentials) or refresh token is","invalid, expired, revoked, does not match the redirection","URI used in the authorization request, or was issued to","another client."].join(" "),unauthorized_client:["The client is not authorized to request an authorization","code using this method."].join(" "),unsupported_grant_type:["The authorization grant type is not supported by the","authorization server."].join(" "),access_denied:["The resource owner or authorization server denied the request."].join(" "),unsupported_response_type:["The authorization server does not support obtaining","an authorization code using this method."].join(" "),invalid_scope:["The requested scope is invalid, unknown, or malformed."].join(" "),server_error:["The authorization server encountered an unexpected","condition that prevented it from fulfilling the request.","(This error code is needed because a 500 Internal Server","Error HTTP status code cannot be returned to the client","via an HTTP redirect.)"].join(" "),temporarily_unavailable:["The authorization server is currently unable to handle","the request due to a temporary overloading or maintenance","of the server."].join(" ")};function ve(e){return ee.from(e).toString("base64")}function C(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];if(e[n]==null)throw new TypeError('Expected "'+n+'" to exist')}}function q(e){var t=we[e.error]||e.error_description||e.error;if(t){var n=new Error(t);return n.body=e,n.code="EAUTH",n}}function ke(e){try{return JSON.parse(e)}catch{return g.parse(e)}}function I(e){return Array.isArray(e)?e.join(" "):B(e)}function te(e,t){C(e,"clientId","authorizationUri");let n={client_id:e.clientId,redirect_uri:e.redirectUri,response_type:t,state:e.state};e.scopes!==void 0&&(n.scope=I(e.scopes));let r=e.authorizationUri.includes("?")?"&":"?";return e.authorizationUri+r+g.stringify(Object.assign(n,e.query))}function O(e,t){return"Basic "+R(B(e)+":"+B(t))}function B(e){return e==null?"":String(e)}function A(e,t){return{url:e.url,method:e.method,body:Object.assign({},e.body,t.body),query:Object.assign({},e.query,t.query),headers:Object.assign({},e.headers,t.headers)}}function _(e,t){this.options=e,this.request=t||Te,this.code=new F(this),this.token=new H(this),this.owner=new re(this),this.credentials=new ne(this),this.jwt=new oe(this)}_.Token=P;_.prototype.createToken=function(e,t,n,r){var o=Object.assign({},r,typeof e=="string"?{access_token:e}:e,typeof t=="string"?{refresh_token:t}:t,typeof n=="string"?{token_type:n}:n);return new _.Token(this,o)};_.prototype._request=function(e){var t=e.url,n=g.stringify(e.body),r=g.stringify(e.query);return r&&(t+=(t.indexOf("?")===-1?"?":"&")+r),this.request(e.method,t,n,e.headers).then(function(o){var i=ke(o.body),s=q(i);if(s)return Promise.reject(s);if(o.status<200||o.status>=399){var a=new Error("HTTP status "+o.status);return a.status=o.status,a.body=o.body,a.code="ESTATUS",Promise.reject(a)}return i})};function P(e,t){this.client=e,this.data=t,this.tokenType=t.token_type&&t.token_type.toLowerCase(),this.accessToken=t.access_token,this.refreshToken=t.refresh_token,this.expiresIn(Number(t.expires_in))}P.prototype.expiresIn=function(e){if(typeof e=="number")this.expires=new Date,this.expires.setSeconds(this.expires.getSeconds()+e);else if(e instanceof Date)this.expires=new Date(e.getTime());else throw new TypeError("Unknown duration: "+e);return this.expires};P.prototype.sign=function(e){if(!this.accessToken)throw new Error("Unable to sign without access token");if(e.headers=e.headers||{},this.tokenType==="bearer")e.headers.Authorization="Bearer "+this.accessToken;else{var t=e.url.split("#"),n="access_token="+this.accessToken,r=t[0].replace(/[?&]access_token=[^&#]/,""),o=t[1]?"#"+t[1]:"";e.url=r+(r.indexOf("?")>-1?"&":"?")+n+o,e.headers.Pragma="no-store",e.headers["Cache-Control"]="no-store"}return e};P.prototype.refresh=function(e){var t=this,n=Object.assign({},this.client.options,e);return this.refreshToken?this.client._request(A({url:n.accessTokenUri,method:"POST",headers:Object.assign({},b,{Authorization:O(n.clientId,n.clientSecret)}),body:{refresh_token:this.refreshToken,grant_type:"refresh_token"}},n)).then(function(r){return t.client.createToken(Object.assign({},t.data,r))}):Promise.reject(new Error("No refresh token"))};P.prototype.expired=function(){return Date.now()>this.expires.getTime()};function re(e){this.client=e}re.prototype.getToken=function(e,t,n){var r=this,o=Object.assign({},this.client.options,n);let i={username:e,password:t,grant_type:"password"};return o.scopes!==void 0&&(i.scope=I(o.scopes)),this.client._request(A({url:o.accessTokenUri,method:"POST",headers:Object.assign({},b,{Authorization:O(o.clientId,o.clientSecret)}),body:i},o)).then(function(s){return r.client.createToken(s)})};function H(e){this.client=e}H.prototype.getUri=function(e){var t=Object.assign({},this.client.options,e);return te(t,"token")};H.prototype.getToken=function(e,t){var n=Object.assign({},this.client.options,t),r=typeof e=="object"?e:new URL(e,S),o=new URL(n.redirectUri,S);if(typeof r.pathname=="string"&&r.pathname!==o.pathname)return Promise.reject(new TypeError("Redirected path should match configured path, but got: "+r.pathname));if(!r.hash&&!r.search)return Promise.reject(new TypeError("Unable to process uri: "+e));var i=Object.assign({},typeof r.search=="string"?g.parse(r.search.substr(1)):r.search||{},typeof r.hash=="string"?g.parse(r.hash.substr(1)):r.hash||{}),s=q(i);return s?Promise.reject(s):n.state!=null&&i.state!==n.state?Promise.reject(new TypeError("Invalid state: "+i.state)):Promise.resolve(this.client.createToken(i))};function ne(e){this.client=e}ne.prototype.getToken=function(e){var t=this,n=Object.assign({},this.client.options,e);C(n,"clientId","clientSecret","accessTokenUri");let r={grant_type:"client_credentials"};return n.scopes!==void 0&&(r.scope=I(n.scopes)),this.client._request(A({url:n.accessTokenUri,method:"POST",headers:Object.assign({},b,{Authorization:O(n.clientId,n.clientSecret)}),body:r},n)).then(function(o){return t.client.createToken(o)})};function F(e){this.client=e}F.prototype.getUri=function(e){var t=Object.assign({},this.client.options,e);return te(t,"code")};F.prototype.getToken=function(e,t){var n=this,r=Object.assign({},this.client.options,t);C(r,"clientId","accessTokenUri");var o=typeof e=="object"?e:new URL(e,S);if(typeof r.redirectUri=="string"&&typeof o.pathname=="string"&&o.pathname!==new URL(r.redirectUri,S).pathname)return Promise.reject(new TypeError("Redirected path should match configured path, but got: "+o.pathname));if(!o.search||!o.search.substr(1))return Promise.reject(new TypeError("Unable to process uri: "+e));var i=typeof o.search=="string"?g.parse(o.search.substr(1)):o.search||{},s=q(i);if(s)return Promise.reject(s);if(r.state!=null&&i.state!==r.state)return Promise.reject(new TypeError("Invalid state: "+i.state));if(!i.code)return Promise.reject(new TypeError("Missing code, unable to request token"));var a=Object.assign({},b),d={code:i.code,grant_type:"authorization_code",redirect_uri:r.redirectUri};return r.clientSecret?a.Authorization=O(r.clientId,r.clientSecret):d.client_id=r.clientId,this.client._request(A({url:r.accessTokenUri,method:"POST",headers:a,body:d},r)).then(function(p){return n.client.createToken(p)})};function oe(e){this.client=e}oe.prototype.getToken=function(e,t){var n=this,r=Object.assign({},this.client.options,t),o=Object.assign({},b);C(r,"accessTokenUri"),r.clientId&&(o.Authorization=O(r.clientId,r.clientSecret));let i={grant_type:"urn:ietf:params:oauth:grant-type:jwt-bearer",assertion:e};return r.scopes!==void 0&&(i.scope=I(r.scopes)),this.client._request(A({url:r.accessTokenUri,method:"POST",headers:o,body:i},r)).then(function(s){return n.client.createToken(s)})}});var _e={};fe(_e,{createOAuth2Api:()=>ye,createOAuth2BrowserPersistence:()=>Oe,createOAuth2MemoryPersistence:()=>L,createOAuth2SessionPersistence:()=>be,setupOAuth2Client:()=>Ae});function ye(e){return t=>(t.on("before-fetch",e.extendHeaders),{getAccessToken(){return e.token()}})}var ae=ge(se());function L(){return{load(){},save(){}}}function be(e="$piral_oauth2_info"){return{load(){let t=sessionStorage.getItem(e);if(typeof t=="string")try{return JSON.parse(t)}catch(n){console.error("Found invalid data in the OAuth 2 session storage key. Skipped.")}},save(t){sessionStorage.setItem(e,JSON.stringify(t))}}}function Oe(e="$piral_oauth2_info"){return{load(){let t=localStorage.getItem(e);if(typeof t=="string")try{return JSON.parse(t)}catch(n){console.error("Found invalid data in the OAuth 2 local storage key. Skipped.")}},save(t){localStorage.setItem(e,JSON.stringify(t))}}}var N="oauth2Cb";function Ae(e){let{clientId:t,clientSecret:n,authorizationUri:r,accessTokenUri:o,redirectUri:i=`${location.origin}/auth`,scopes:s=[],flow:a,headers:d,query:p,state:m,restrict:T=!1,returnPath:w="/",persist:l=L()}=e,h=new ae.default({clientId:t,clientSecret:n,redirectUri:i,authorizationUri:r,accessTokenUri:o,scopes:s,headers:d,query:p,state:m}),f,U,z,D=c=>{l.save({accessToken:c.accessToken,data:c.data,refreshToken:c.refreshToken}),f=c},J=(c,u)=>c.then(()=>f?f.expired()?u().then(j=>(D(j),f.accessToken)):f.accessToken:Promise.reject("Not logged in. Please call `login()` to retrieve a token.")),M=c=>{let u=l.load();return u?(f=h.createToken(u.accessToken,u.refreshToken,u.data),Promise.resolve()):c().then(j=>{let E=window.opener;D(j),E&&typeof E[N]=="function"&&(E[N](j),window.close())},()=>{})};if(a==="code"){let c=M(()=>{let u=location.href;return history.replaceState(void 0,void 0,w),h.code.getToken(u)});U=()=>J(c,()=>f.refresh()),z=()=>h.code.getUri()}else{let c=M(()=>h.token.getToken(location.href));U=()=>J(c,()=>new Promise(u=>{window[N]=u,window.open(h.token.getUri())})),z=()=>h.token.getUri()}return{_:h,login(){window.location.href=z()},logout(){f=void 0},extendHeaders(c){T||c.setHeaders(U().then(u=>u&&{Authorization:`Bearer ${u}`},()=>{}))},account(){return!!f},token:U}}return _e;})();

package/src/create.ts

@@ -1,6 +1,5 @@
 import { PiralPlugin } from 'piral-core';
-import { OAuth2Client } from './setup';
-import { PiralOAuth2Api } from './types';
+import { OAuth2Client, PiralOAuth2Api } from './types';
 
 /**
  * Creates new Pilet API extensions for the integration of OAuth 2.0.

package/src/index.ts

@@ -1,3 +1,4 @@
 export * from './create';
 export * from './setup';
 export * from './types';
+export * from './utils';