strapi-plugin-oidc 1.0.18 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/dist/admin/{index-Dw-jQQYI.js → index-B2lPDW7A.js} +1 -1
  2. package/dist/admin/{index-BBRKt8XS.mjs → index-BsP7WM7b.mjs} +12 -23
  3. package/dist/admin/{index-BpfwqZXc.mjs → index-CxxsmBsC.mjs} +1 -1
  4. package/dist/admin/{index-D-EIdjjQ.js → index-Dj2m6xLY.js} +12 -23
  5. package/dist/admin/index.js +1 -1
  6. package/dist/admin/index.mjs +1 -1
  7. package/dist/server/index.js +30 -24
  8. package/dist/server/index.mjs +30 -24
  9. package/package.json +13 -9
package/dist/admin/{index-Dw-jQQYI.js → index-B2lPDW7A.js} RENAMED
@@ -7,7 +7,7 @@ const react = require("react");
7
7
  const designSystem = require("@strapi/design-system");
8
8
  const icons = require("@strapi/icons");
9
9
  const reactIntl = require("react-intl");
10
- const index = require("./index-D-EIdjjQ.js");
10
+ const index = require("./index-Dj2m6xLY.js");
11
11
  const en = require("./en-8UlbiAHW.js");
12
12
  const styled = require("styled-components");
13
13
  const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
package/dist/admin/{index-BBRKt8XS.mjs → index-BsP7WM7b.mjs} RENAMED
@@ -54,7 +54,7 @@ const index = {
54
54
  defaultMessage: "Configuration"
55
55
  },
56
56
  Component: async () => {
57
- return await import("./index-BpfwqZXc.mjs");
57
+ return await import("./index-CxxsmBsC.mjs");
58
58
  },
59
59
  permissions: [{ action: "plugin::strapi-plugin-oidc.read", subject: null }]
60
60
  }
@@ -67,30 +67,13 @@ const index = {
67
67
  },
68
68
  bootstrap() {
69
69
  let isLogoutInProgress = false;
70
- const isAuthRoute = (path) => {
71
- const match = path.match(/\/auth\/(login|register|forgot-password|reset-password)/);
72
- return match !== null;
73
- };
74
- const initialPath = window.location.pathname;
75
- let styleElem = null;
76
- if (isAuthRoute(initialPath) && !isLogoutInProgress) {
77
- styleElem = document.createElement("style");
78
- styleElem.innerHTML = "body { display: none !important; }";
79
- document.head.appendChild(styleElem);
80
- }
81
- let willRedirect = false;
70
+ const isAuthRoute = (path) => /\/auth\/(login|register|forgot-password|reset-password)/.test(path);
82
71
  const checkEnforceOIDC = async () => {
83
72
  try {
84
73
  const response = await window.fetch("/strapi-plugin-oidc/settings/public");
85
74
  if (response.ok) {
86
75
  const data = await response.json();
87
76
  if (data.enforceOIDC) {
88
- const currentPath = window.location.pathname;
89
- if (isAuthRoute(currentPath) && !isLogoutInProgress) {
90
- willRedirect = true;
91
- window.location.href = "/strapi-plugin-oidc/oidc";
92
- return;
93
- }
94
77
  const interceptHistory = (originalMethod) => {
95
78
  return function(...args) {
96
79
  const url = args[2];
@@ -110,10 +93,6 @@ const index = {
110
93
  }
111
94
  } catch (error) {
112
95
  console.error("Failed to check OIDC enforcement setting:", error);
113
- } finally {
114
- if (!willRedirect && styleElem && styleElem.parentNode) {
115
- styleElem.parentNode.removeChild(styleElem);
116
- }
117
96
  }
118
97
  };
119
98
  checkEnforceOIDC();
@@ -126,7 +105,17 @@ const index = {
126
105
  }
127
106
  const response = await originalFetch(...args);
128
107
  if (isLogout && response.ok) {
108
+ window.localStorage.removeItem("jwtToken");
109
+ window.localStorage.removeItem("isLoggedIn");
110
+ window.sessionStorage.removeItem("jwtToken");
111
+ window.sessionStorage.removeItem("isLoggedIn");
112
+ document.cookie = "jwtToken=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/";
113
+ document.cookie = "jwtToken=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/admin";
114
+ document.cookie = "strapi_admin_refresh=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/";
115
+ document.cookie = "strapi_admin_refresh=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/admin";
129
116
  window.location.href = "/strapi-plugin-oidc/logout";
117
+ return new Promise(() => {
118
+ });
130
119
  } else if (isLogout) {
131
120
  isLogoutInProgress = false;
132
121
  }
package/dist/admin/{index-BpfwqZXc.mjs → index-CxxsmBsC.mjs} RENAMED
@@ -5,7 +5,7 @@ import { useState, useCallback, useEffect, memo } from "react";
5
5
  import { Typography, Flex, Box, MultiSelect, MultiSelectOption, Field, Button, Divider, Thead, Tr, Th, Tbody, Td, Dialog, IconButton, Pagination, PreviousLink, PageLink, NextLink, Table, Alert } from "@strapi/design-system";
6
6
  import { Plus, Trash, WarningCircle } from "@strapi/icons";
7
7
  import { useIntl } from "react-intl";
8
- import { p as pluginId } from "./index-BBRKt8XS.mjs";
8
+ import { p as pluginId } from "./index-BsP7WM7b.mjs";
9
9
  import en from "./en-DInn-mdh.mjs";
10
10
  import styled from "styled-components";
11
11
  function getTrad(id) {
package/dist/admin/{index-D-EIdjjQ.js → index-Dj2m6xLY.js} RENAMED
@@ -55,7 +55,7 @@ const index = {
55
55
  defaultMessage: "Configuration"
56
56
  },
57
57
  Component: async () => {
58
- return await Promise.resolve().then(() => require("./index-Dw-jQQYI.js"));
58
+ return await Promise.resolve().then(() => require("./index-B2lPDW7A.js"));
59
59
  },
60
60
  permissions: [{ action: "plugin::strapi-plugin-oidc.read", subject: null }]
61
61
  }
@@ -68,30 +68,13 @@ const index = {
68
68
  },
69
69
  bootstrap() {
70
70
  let isLogoutInProgress = false;
71
- const isAuthRoute = (path) => {
72
- const match = path.match(/\/auth\/(login|register|forgot-password|reset-password)/);
73
- return match !== null;
74
- };
75
- const initialPath = window.location.pathname;
76
- let styleElem = null;
77
- if (isAuthRoute(initialPath) && !isLogoutInProgress) {
78
- styleElem = document.createElement("style");
79
- styleElem.innerHTML = "body { display: none !important; }";
80
- document.head.appendChild(styleElem);
81
- }
82
- let willRedirect = false;
71
+ const isAuthRoute = (path) => /\/auth\/(login|register|forgot-password|reset-password)/.test(path);
83
72
  const checkEnforceOIDC = async () => {
84
73
  try {
85
74
  const response = await window.fetch("/strapi-plugin-oidc/settings/public");
86
75
  if (response.ok) {
87
76
  const data = await response.json();
88
77
  if (data.enforceOIDC) {
89
- const currentPath = window.location.pathname;
90
- if (isAuthRoute(currentPath) && !isLogoutInProgress) {
91
- willRedirect = true;
92
- window.location.href = "/strapi-plugin-oidc/oidc";
93
- return;
94
- }
95
78
  const interceptHistory = (originalMethod) => {
96
79
  return function(...args) {
97
80
  const url = args[2];
@@ -111,10 +94,6 @@ const index = {
111
94
  }
112
95
  } catch (error) {
113
96
  console.error("Failed to check OIDC enforcement setting:", error);
114
- } finally {
115
- if (!willRedirect && styleElem && styleElem.parentNode) {
116
- styleElem.parentNode.removeChild(styleElem);
117
- }
118
97
  }
119
98
  };
120
99
  checkEnforceOIDC();
@@ -127,7 +106,17 @@ const index = {
127
106
  }
128
107
  const response = await originalFetch(...args);
129
108
  if (isLogout && response.ok) {
109
+ window.localStorage.removeItem("jwtToken");
110
+ window.localStorage.removeItem("isLoggedIn");
111
+ window.sessionStorage.removeItem("jwtToken");
112
+ window.sessionStorage.removeItem("isLoggedIn");
113
+ document.cookie = "jwtToken=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/";
114
+ document.cookie = "jwtToken=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/admin";
115
+ document.cookie = "strapi_admin_refresh=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/";
116
+ document.cookie = "strapi_admin_refresh=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/admin";
130
117
  window.location.href = "/strapi-plugin-oidc/logout";
118
+ return new Promise(() => {
119
+ });
131
120
  } else if (isLogout) {
132
121
  isLogoutInProgress = false;
133
122
  }
package/dist/admin/index.js CHANGED
@@ -1,4 +1,4 @@
1
1
  "use strict";
2
2
  Object.defineProperties(exports, { __esModule: { value: true }, [Symbol.toStringTag]: { value: "Module" } });
3
- const index = require("./index-D-EIdjjQ.js");
3
+ const index = require("./index-Dj2m6xLY.js");
4
4
  exports.default = index.index;
package/dist/admin/index.mjs CHANGED
@@ -1,4 +1,4 @@
1
- import { i } from "./index-BBRKt8XS.mjs";
1
+ import { i } from "./index-BsP7WM7b.mjs";
2
2
  export {
3
3
  i as default
4
4
  };
package/dist/server/index.js CHANGED
@@ -13,39 +13,45 @@ function register$1() {
13
13
  async function bootstrap({ strapi: strapi2 }) {
14
14
  strapi2.server.use(async (ctx, next) => {
15
15
  const adminUrl = strapi2.config.get("admin.url", "/admin");
16
- if (ctx.request.path === `${adminUrl}/login` && ctx.request.method === "POST") {
16
+ const authRoutes = [
17
+ `${adminUrl}/login`,
18
+ `${adminUrl}/register`,
19
+ `${adminUrl}/forgot-password`,
20
+ `${adminUrl}/reset-password`
21
+ ];
22
+ const isPostAuth = authRoutes.includes(ctx.request.path) && ctx.request.method === "POST";
23
+ const isHtmlRequest = ctx.request.accepts("html") && !ctx.request.path.match(/\.[a-zA-Z0-9]+$/);
24
+ const isGetAdminHtml = ctx.request.method === "GET" && ctx.request.path.startsWith(adminUrl) && isHtmlRequest;
25
+ if (isPostAuth || isGetAdminHtml) {
17
26
  try {
18
27
  const whitelistService2 = strapi2.plugin("strapi-plugin-oidc").service("whitelist");
19
28
  const settings = await whitelistService2.getSettings();
20
- if (settings && settings.enforceOIDC) {
21
- ctx.status = 403;
22
- ctx.body = {
23
- data: null,
24
- error: {
25
- status: 403,
26
- name: "ForbiddenError",
27
- message: "Local login is disabled. Please use OIDC.",
28
- details: {}
29
+ if (settings?.enforceOIDC) {
30
+ if (isPostAuth) {
31
+ ctx.status = 403;
32
+ ctx.body = {
33
+ data: null,
34
+ error: {
35
+ status: 403,
36
+ name: "ForbiddenError",
37
+ message: "Local login is disabled. Please use OIDC.",
38
+ details: {}
39
+ }
40
+ };
41
+ return;
42
+ }
43
+ if (isGetAdminHtml) {
44
+ const hasRefreshCookie = ctx.cookies.get("strapi_admin_refresh");
45
+ if (!hasRefreshCookie) {
46
+ ctx.redirect("/strapi-plugin-oidc/oidc");
47
+ return;
29
48
  }
30
- };
31
- return;
49
+ }
32
50
  }
33
51
  } catch (err) {
34
52
  strapi2.log.error("Error checking OIDC enforcement in middleware:", err);
35
53
  }
36
54
  }
37
- if (ctx.request.method === "GET" && (ctx.request.path.startsWith(`${adminUrl}/auth/login`) || ctx.request.path.startsWith(`${adminUrl}/auth/register`) || ctx.request.path.startsWith(`${adminUrl}/auth/forgot-password`) || ctx.request.path.startsWith(`${adminUrl}/auth/reset-password`))) {
38
- try {
39
- const whitelistService2 = strapi2.plugin("strapi-plugin-oidc").service("whitelist");
40
- const settings = await whitelistService2.getSettings();
41
- if (settings && settings.enforceOIDC) {
42
- ctx.redirect("/strapi-plugin-oidc/oidc");
43
- return;
44
- }
45
- } catch (err) {
46
- strapi2.log.error("Error checking OIDC enforcement in GET middleware:", err);
47
- }
48
- }
49
55
  await next();
50
56
  });
51
57
  const actions = [
package/dist/server/index.mjs CHANGED
@@ -7,39 +7,45 @@ function register$1() {
7
7
  async function bootstrap({ strapi: strapi2 }) {
8
8
  strapi2.server.use(async (ctx, next) => {
9
9
  const adminUrl = strapi2.config.get("admin.url", "/admin");
10
- if (ctx.request.path === `${adminUrl}/login` && ctx.request.method === "POST") {
10
+ const authRoutes = [
11
+ `${adminUrl}/login`,
12
+ `${adminUrl}/register`,
13
+ `${adminUrl}/forgot-password`,
14
+ `${adminUrl}/reset-password`
15
+ ];
16
+ const isPostAuth = authRoutes.includes(ctx.request.path) && ctx.request.method === "POST";
17
+ const isHtmlRequest = ctx.request.accepts("html") && !ctx.request.path.match(/\.[a-zA-Z0-9]+$/);
18
+ const isGetAdminHtml = ctx.request.method === "GET" && ctx.request.path.startsWith(adminUrl) && isHtmlRequest;
19
+ if (isPostAuth || isGetAdminHtml) {
11
20
  try {
12
21
  const whitelistService2 = strapi2.plugin("strapi-plugin-oidc").service("whitelist");
13
22
  const settings = await whitelistService2.getSettings();
14
- if (settings && settings.enforceOIDC) {
15
- ctx.status = 403;
16
- ctx.body = {
17
- data: null,
18
- error: {
19
- status: 403,
20
- name: "ForbiddenError",
21
- message: "Local login is disabled. Please use OIDC.",
22
- details: {}
23
+ if (settings?.enforceOIDC) {
24
+ if (isPostAuth) {
25
+ ctx.status = 403;
26
+ ctx.body = {
27
+ data: null,
28
+ error: {
29
+ status: 403,
30
+ name: "ForbiddenError",
31
+ message: "Local login is disabled. Please use OIDC.",
32
+ details: {}
33
+ }
34
+ };
35
+ return;
36
+ }
37
+ if (isGetAdminHtml) {
38
+ const hasRefreshCookie = ctx.cookies.get("strapi_admin_refresh");
39
+ if (!hasRefreshCookie) {
40
+ ctx.redirect("/strapi-plugin-oidc/oidc");
41
+ return;
23
42
  }
24
- };
25
- return;
43
+ }
26
44
  }
27
45
  } catch (err) {
28
46
  strapi2.log.error("Error checking OIDC enforcement in middleware:", err);
29
47
  }
30
48
  }
31
- if (ctx.request.method === "GET" && (ctx.request.path.startsWith(`${adminUrl}/auth/login`) || ctx.request.path.startsWith(`${adminUrl}/auth/register`) || ctx.request.path.startsWith(`${adminUrl}/auth/forgot-password`) || ctx.request.path.startsWith(`${adminUrl}/auth/reset-password`))) {
32
- try {
33
- const whitelistService2 = strapi2.plugin("strapi-plugin-oidc").service("whitelist");
34
- const settings = await whitelistService2.getSettings();
35
- if (settings && settings.enforceOIDC) {
36
- ctx.redirect("/strapi-plugin-oidc/oidc");
37
- return;
38
- }
39
- } catch (err) {
40
- strapi2.log.error("Error checking OIDC enforcement in GET middleware:", err);
41
- }
42
- }
43
49
  await next();
44
50
  });
45
51
  const actions = [
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "strapi-plugin-oidc",
3
- "version": "1.0.18",
3
+ "version": "1.1.1",
4
4
  "description": "A Strapi plugin that provides OpenID Connect (OIDC) authentication functionality for the Strapi Admin Panel.",
5
5
  "strapi": {
6
6
  "displayName": "OIDC Plugin",
@@ -32,7 +32,11 @@
32
32
  "Zitadel"
33
33
  ],
34
34
  "peerDependencies": {
35
- "@strapi/strapi": "^5.24.1"
35
+ "@strapi/strapi": "^5.24.1",
36
+ "react": "^17.0.0 || ^18.0.0",
37
+ "react-dom": "^17.0.0 || ^18.0.0",
38
+ "react-router-dom": "^6.30.3",
39
+ "styled-components": "^6.0.0"
36
40
  },
37
41
  "dependencies": {
38
42
  "@strapi/design-system": "^2.2.0",
@@ -40,11 +44,7 @@
40
44
  "@strapi/utils": "^5.41.1",
41
45
  "generate-password": "^1.7.1",
42
46
  "pkce-challenge": "^6.0.0",
43
- "react": "^18.3.1",
44
- "react-dom": "^18.3.1",
45
- "react-intl": "^6.8.9",
46
- "react-router-dom": "^6.30.3",
47
- "styled-components": "^6.3.12"
47
+ "react-intl": "^6.8.9"
48
48
  },
49
49
  "author": {
50
50
  "name": "edmogeor",
@@ -63,8 +63,8 @@
63
63
  }
64
64
  ],
65
65
  "engines": {
66
- "node": ">=22.0.0 <=22.x.x",
67
- "npm": "10.x.x"
66
+ "node": ">=20.0.0 <=24.x.x",
67
+ "npm": ">=6.0.0"
68
68
  },
69
69
  "files": [
70
70
  "dist"
@@ -85,6 +85,10 @@
85
85
  "lint-staged": "^16.4.0",
86
86
  "msw": "^2.13.0",
87
87
  "prettier": "^3.8.1",
88
+ "react": "^18.3.1",
89
+ "react-dom": "^18.3.1",
90
+ "react-router-dom": "^6.30.3",
91
+ "styled-components": "^6.3.12",
88
92
  "supertest": "^7.2.2",
89
93
  "typescript": "^5.9.3",
90
94
  "vitest": "^4.1.2"