pxt-core 8.6.15 → 8.6.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/built/pxt.js +30 -8
- package/built/pxtlib.d.ts +6 -1
- package/built/pxtlib.js +30 -8
- package/built/target.js +1 -1
- package/built/web/main.js +1 -1
- package/built/web/pxtapp.js +1 -1
- package/built/web/pxtasseteditor.js +1 -1
- package/built/web/pxtembed.js +1 -1
- package/built/web/pxtlib.js +1 -1
- package/built/web/pxtworker.js +1 -1
- package/built/web/rtlsemantic.css +1 -1
- package/built/web/semantic.css +1 -1
- package/package.json +1 -1
- package/react-common/components/controls/TeachingBubble.tsx +3 -1
- package/theme/common.less +23 -20
- package/theme/greenscreen.less +2 -2
- package/theme/highcontrast.less +5 -5
- package/theme/tutorial-sidebar.less +16 -16
- package/theme/tutorial.less +6 -6
package/built/pxt.js
CHANGED
|
@@ -97950,8 +97950,8 @@ var pxt;
|
|
|
97950
97950
|
callbackState,
|
|
97951
97951
|
callbackPathname: window.location.pathname,
|
|
97952
97952
|
idp,
|
|
97953
|
+
persistent
|
|
97953
97954
|
};
|
|
97954
|
-
await pxt.storage.shared.setAsync(AUTH_CONTAINER, AUTH_LOGIN_STATE_KEY, loginState);
|
|
97955
97955
|
// Redirect to the login endpoint.
|
|
97956
97956
|
const loginUrl = pxt.Util.stringifyQueryString('/api/auth/login', {
|
|
97957
97957
|
response_type: "token",
|
|
@@ -97961,6 +97961,8 @@ var pxt;
|
|
|
97961
97961
|
});
|
|
97962
97962
|
const apiResult = await this.apiAsync(loginUrl);
|
|
97963
97963
|
if (apiResult.success) {
|
|
97964
|
+
loginState.authCodeVerifier = apiResult.resp.authCodeVerifier;
|
|
97965
|
+
await pxt.storage.shared.setAsync(AUTH_CONTAINER, AUTH_LOGIN_STATE_KEY, loginState);
|
|
97964
97966
|
pxt.tickEvent('auth.login.start', { 'provider': idp });
|
|
97965
97967
|
window.location.href = apiResult.resp.loginUrl;
|
|
97966
97968
|
}
|
|
@@ -97972,16 +97974,25 @@ var pxt;
|
|
|
97972
97974
|
* Sign out the user and clear the auth token cookie.
|
|
97973
97975
|
*/
|
|
97974
97976
|
async logoutAsync(continuationHash) {
|
|
97977
|
+
if (!hasIdentity()) {
|
|
97978
|
+
return;
|
|
97979
|
+
}
|
|
97980
|
+
this.clearState();
|
|
97981
|
+
return await AuthClient.staticLogoutAsync(continuationHash);
|
|
97982
|
+
}
|
|
97983
|
+
/**
|
|
97984
|
+
* Sign out the user and clear the auth token cookie.
|
|
97985
|
+
*/
|
|
97986
|
+
static async staticLogoutAsync(continuationHash) {
|
|
97975
97987
|
if (!hasIdentity()) {
|
|
97976
97988
|
return;
|
|
97977
97989
|
}
|
|
97978
97990
|
pxt.tickEvent('auth.logout');
|
|
97979
97991
|
// backend will clear the cookie token and pass back the provider logout endpoint.
|
|
97980
|
-
await
|
|
97992
|
+
await AuthClient.staticApiAsync('/api/auth/logout');
|
|
97981
97993
|
// Clear csrf token so we can no longer make authenticated requests.
|
|
97982
97994
|
await pxt.storage.shared.delAsync(AUTH_CONTAINER, CSRF_TOKEN_KEY);
|
|
97983
97995
|
// Update state and UI to reflect logged out state.
|
|
97984
|
-
this.clearState();
|
|
97985
97996
|
const hash = continuationHash ? continuationHash.startsWith('#') ? continuationHash : `#${continuationHash}` : "";
|
|
97986
97997
|
// Redirect to home screen, or skillmap home screen
|
|
97987
97998
|
if (pxt.BrowserUtils.hasWindow()) {
|
|
@@ -98279,12 +98290,15 @@ var pxt;
|
|
|
98279
98290
|
pxt.storage.shared.delAsync(AUTH_CONTAINER, AUTH_USER_STATE_KEY)
|
|
98280
98291
|
.then(() => this.onStateCleared());
|
|
98281
98292
|
}
|
|
98282
|
-
/*protected*/ async apiAsync(url, data, method) {
|
|
98293
|
+
/*protected*/ async apiAsync(url, data, method, authToken) {
|
|
98294
|
+
return await AuthClient.staticApiAsync(url, data, method, authToken);
|
|
98295
|
+
}
|
|
98296
|
+
static async staticApiAsync(url, data, method, authToken) {
|
|
98283
98297
|
var _a;
|
|
98284
98298
|
const headers = {};
|
|
98285
|
-
|
|
98286
|
-
if (
|
|
98287
|
-
headers["authorization"] = `mkcd ${
|
|
98299
|
+
authToken = authToken || (await pxt.storage.shared.getAsync(AUTH_CONTAINER, CSRF_TOKEN_KEY));
|
|
98300
|
+
if (authToken) {
|
|
98301
|
+
headers["authorization"] = `mkcd ${authToken}`;
|
|
98288
98302
|
}
|
|
98289
98303
|
headers[X_PXT_TARGET] = (_a = pxt.appTarget) === null || _a === void 0 ? void 0 : _a.id;
|
|
98290
98304
|
url = pxt.BrowserUtils.isLocalHostDev() ? `${pxt.cloud.DEV_BACKEND}${url}` : url;
|
|
@@ -98304,7 +98318,7 @@ var pxt;
|
|
|
98304
98318
|
}).catch(async (e) => {
|
|
98305
98319
|
if (!/logout/.test(url) && e.statusCode == 401) {
|
|
98306
98320
|
// 401/Unauthorized. logout now.
|
|
98307
|
-
await
|
|
98321
|
+
await AuthClient.staticLogoutAsync();
|
|
98308
98322
|
}
|
|
98309
98323
|
return {
|
|
98310
98324
|
statusCode: e.statusCode,
|
|
@@ -98355,6 +98369,14 @@ var pxt;
|
|
|
98355
98369
|
pxt.debug("Missing authToken in auth callback.");
|
|
98356
98370
|
break;
|
|
98357
98371
|
}
|
|
98372
|
+
// If this auth request was assigned an auth code, claim it now. This will set
|
|
98373
|
+
// the required auth cookie in this domain (for cross-domain authentication).
|
|
98374
|
+
if (loginState.authCodeVerifier) {
|
|
98375
|
+
const otacCheckUrl = pxt.Util.stringifyQueryString('/api/otac/check', {
|
|
98376
|
+
persistent: loginState.persistent,
|
|
98377
|
+
});
|
|
98378
|
+
await AuthClient.staticApiAsync(otacCheckUrl, null, null, loginState.authCodeVerifier);
|
|
98379
|
+
}
|
|
98358
98380
|
// Store csrf token in local storage. It is ok to do this even when
|
|
98359
98381
|
// "Remember me" wasn't selected because this token is not usable
|
|
98360
98382
|
// without its cookie-based counterpart. When "Remember me" is false,
|
package/built/pxtlib.d.ts
CHANGED
|
@@ -122,6 +122,10 @@ declare namespace pxt.auth {
|
|
|
122
122
|
* Sign out the user and clear the auth token cookie.
|
|
123
123
|
*/
|
|
124
124
|
logoutAsync(continuationHash?: string): Promise<void>;
|
|
125
|
+
/**
|
|
126
|
+
* Sign out the user and clear the auth token cookie.
|
|
127
|
+
*/
|
|
128
|
+
static staticLogoutAsync(continuationHash?: string): Promise<void>;
|
|
125
129
|
deleteProfileAsync(): Promise<void>;
|
|
126
130
|
private initialUserPreferences_;
|
|
127
131
|
initialUserPreferencesAsync(): Promise<UserPreferences | undefined>;
|
|
@@ -173,7 +177,8 @@ declare namespace pxt.auth {
|
|
|
173
177
|
* Direct access to state$ allowed.
|
|
174
178
|
*/
|
|
175
179
|
private clearState;
|
|
176
|
-
apiAsync<T = any>(url: string, data?: any, method?: string): Promise<ApiResult<T>>;
|
|
180
|
+
apiAsync<T = any>(url: string, data?: any, method?: string, authToken?: string): Promise<ApiResult<T>>;
|
|
181
|
+
static staticApiAsync<T = any>(url: string, data?: any, method?: string, authToken?: string): Promise<ApiResult<T>>;
|
|
177
182
|
}
|
|
178
183
|
type CallbackState = {
|
|
179
184
|
hash?: string;
|
package/built/pxtlib.js
CHANGED
|
@@ -264,8 +264,8 @@ var pxt;
|
|
|
264
264
|
callbackState,
|
|
265
265
|
callbackPathname: window.location.pathname,
|
|
266
266
|
idp,
|
|
267
|
+
persistent
|
|
267
268
|
};
|
|
268
|
-
await pxt.storage.shared.setAsync(AUTH_CONTAINER, AUTH_LOGIN_STATE_KEY, loginState);
|
|
269
269
|
// Redirect to the login endpoint.
|
|
270
270
|
const loginUrl = pxt.Util.stringifyQueryString('/api/auth/login', {
|
|
271
271
|
response_type: "token",
|
|
@@ -275,6 +275,8 @@ var pxt;
|
|
|
275
275
|
});
|
|
276
276
|
const apiResult = await this.apiAsync(loginUrl);
|
|
277
277
|
if (apiResult.success) {
|
|
278
|
+
loginState.authCodeVerifier = apiResult.resp.authCodeVerifier;
|
|
279
|
+
await pxt.storage.shared.setAsync(AUTH_CONTAINER, AUTH_LOGIN_STATE_KEY, loginState);
|
|
278
280
|
pxt.tickEvent('auth.login.start', { 'provider': idp });
|
|
279
281
|
window.location.href = apiResult.resp.loginUrl;
|
|
280
282
|
}
|
|
@@ -286,16 +288,25 @@ var pxt;
|
|
|
286
288
|
* Sign out the user and clear the auth token cookie.
|
|
287
289
|
*/
|
|
288
290
|
async logoutAsync(continuationHash) {
|
|
291
|
+
if (!hasIdentity()) {
|
|
292
|
+
return;
|
|
293
|
+
}
|
|
294
|
+
this.clearState();
|
|
295
|
+
return await AuthClient.staticLogoutAsync(continuationHash);
|
|
296
|
+
}
|
|
297
|
+
/**
|
|
298
|
+
* Sign out the user and clear the auth token cookie.
|
|
299
|
+
*/
|
|
300
|
+
static async staticLogoutAsync(continuationHash) {
|
|
289
301
|
if (!hasIdentity()) {
|
|
290
302
|
return;
|
|
291
303
|
}
|
|
292
304
|
pxt.tickEvent('auth.logout');
|
|
293
305
|
// backend will clear the cookie token and pass back the provider logout endpoint.
|
|
294
|
-
await
|
|
306
|
+
await AuthClient.staticApiAsync('/api/auth/logout');
|
|
295
307
|
// Clear csrf token so we can no longer make authenticated requests.
|
|
296
308
|
await pxt.storage.shared.delAsync(AUTH_CONTAINER, CSRF_TOKEN_KEY);
|
|
297
309
|
// Update state and UI to reflect logged out state.
|
|
298
|
-
this.clearState();
|
|
299
310
|
const hash = continuationHash ? continuationHash.startsWith('#') ? continuationHash : `#${continuationHash}` : "";
|
|
300
311
|
// Redirect to home screen, or skillmap home screen
|
|
301
312
|
if (pxt.BrowserUtils.hasWindow()) {
|
|
@@ -593,12 +604,15 @@ var pxt;
|
|
|
593
604
|
pxt.storage.shared.delAsync(AUTH_CONTAINER, AUTH_USER_STATE_KEY)
|
|
594
605
|
.then(() => this.onStateCleared());
|
|
595
606
|
}
|
|
596
|
-
/*protected*/ async apiAsync(url, data, method) {
|
|
607
|
+
/*protected*/ async apiAsync(url, data, method, authToken) {
|
|
608
|
+
return await AuthClient.staticApiAsync(url, data, method, authToken);
|
|
609
|
+
}
|
|
610
|
+
static async staticApiAsync(url, data, method, authToken) {
|
|
597
611
|
var _a;
|
|
598
612
|
const headers = {};
|
|
599
|
-
|
|
600
|
-
if (
|
|
601
|
-
headers["authorization"] = `mkcd ${
|
|
613
|
+
authToken = authToken || (await pxt.storage.shared.getAsync(AUTH_CONTAINER, CSRF_TOKEN_KEY));
|
|
614
|
+
if (authToken) {
|
|
615
|
+
headers["authorization"] = `mkcd ${authToken}`;
|
|
602
616
|
}
|
|
603
617
|
headers[X_PXT_TARGET] = (_a = pxt.appTarget) === null || _a === void 0 ? void 0 : _a.id;
|
|
604
618
|
url = pxt.BrowserUtils.isLocalHostDev() ? `${pxt.cloud.DEV_BACKEND}${url}` : url;
|
|
@@ -618,7 +632,7 @@ var pxt;
|
|
|
618
632
|
}).catch(async (e) => {
|
|
619
633
|
if (!/logout/.test(url) && e.statusCode == 401) {
|
|
620
634
|
// 401/Unauthorized. logout now.
|
|
621
|
-
await
|
|
635
|
+
await AuthClient.staticLogoutAsync();
|
|
622
636
|
}
|
|
623
637
|
return {
|
|
624
638
|
statusCode: e.statusCode,
|
|
@@ -669,6 +683,14 @@ var pxt;
|
|
|
669
683
|
pxt.debug("Missing authToken in auth callback.");
|
|
670
684
|
break;
|
|
671
685
|
}
|
|
686
|
+
// If this auth request was assigned an auth code, claim it now. This will set
|
|
687
|
+
// the required auth cookie in this domain (for cross-domain authentication).
|
|
688
|
+
if (loginState.authCodeVerifier) {
|
|
689
|
+
const otacCheckUrl = pxt.Util.stringifyQueryString('/api/otac/check', {
|
|
690
|
+
persistent: loginState.persistent,
|
|
691
|
+
});
|
|
692
|
+
await AuthClient.staticApiAsync(otacCheckUrl, null, null, loginState.authCodeVerifier);
|
|
693
|
+
}
|
|
672
694
|
// Store csrf token in local storage. It is ok to do this even when
|
|
673
695
|
// "Remember me" wasn't selected because this token is not usable
|
|
674
696
|
// without its cookie-based counterpart. When "Remember me" is false,
|