strapi-plugin-oidc 1.0.7 → 1.0.9

package/dist/admin/{index-Cz9Q6j4e.mjs → index-BADTLgSt.mjs}

@@ -54,7 +54,7 @@ const index = {
           defaultMessage: "Configuration"
         },
         Component: async () => {
-          return await import("./index-V4-lA3hu.mjs");
+          return await import("./index-CINLwPy3.mjs");
         },
         permissions: [{ action: "plugin::strapi-plugin-oidc.read", subject: null }]
       }
@@ -79,9 +79,12 @@ const index = {
             const interceptHistory = (originalMethod) => {
               return function(...args) {
                 const url = args[2];
-                if (url && typeof url === "string" && url.endsWith("/auth/login")) {
-                  window.location.href = "/strapi-plugin-oidc/oidc";
-                  return;
+                if (url && typeof url === "string") {
+                  const urlWithoutQuery = url.split("?")[0].split("#")[0];
+                  if (urlWithoutQuery.endsWith("/auth/login")) {
+                    window.location.href = "/strapi-plugin-oidc/oidc";
+                    return;
+                  }
                 }
                 return originalMethod.apply(window.history, args);
               };

package/dist/admin/{index-DNIqscJT.js → index-C762D8BZ.js}

@@ -7,7 +7,7 @@ const react = require("react");
 const designSystem = require("@strapi/design-system");
 const icons = require("@strapi/icons");
 const reactIntl = require("react-intl");
-const index = require("./index-Bc2bQNhu.js");
+const index = require("./index-Cq1ERJUV.js");
 const en = require("./en-8UlbiAHW.js");
 const styled = require("styled-components");
 const _interopDefault = (e) => e && e.__esModule ? e : { default: e };

package/dist/admin/{index-V4-lA3hu.mjs → index-CINLwPy3.mjs}

@@ -5,7 +5,7 @@ import { useState, useCallback, useEffect, memo } from "react";
 import { Typography, Flex, Box, MultiSelect, MultiSelectOption, Field, Button, Divider, Thead, Tr, Th, Tbody, Td, Dialog, IconButton, Pagination, PreviousLink, PageLink, NextLink, Table, Alert } from "@strapi/design-system";
 import { Plus, Trash, WarningCircle } from "@strapi/icons";
 import { useIntl } from "react-intl";
-import { p as pluginId } from "./index-Cz9Q6j4e.mjs";
+import { p as pluginId } from "./index-BADTLgSt.mjs";
 import en from "./en-DInn-mdh.mjs";
 import styled from "styled-components";
 function getTrad(id) {

package/dist/admin/{index-Bc2bQNhu.js → index-Cq1ERJUV.js}

@@ -55,7 +55,7 @@ const index = {
           defaultMessage: "Configuration"
         },
         Component: async () => {
-          return await Promise.resolve().then(() => require("./index-DNIqscJT.js"));
+          return await Promise.resolve().then(() => require("./index-C762D8BZ.js"));
         },
         permissions: [{ action: "plugin::strapi-plugin-oidc.read", subject: null }]
       }
@@ -80,9 +80,12 @@ const index = {
             const interceptHistory = (originalMethod) => {
               return function(...args) {
                 const url = args[2];
-                if (url && typeof url === "string" && url.endsWith("/auth/login")) {
-                  window.location.href = "/strapi-plugin-oidc/oidc";
-                  return;
+                if (url && typeof url === "string") {
+                  const urlWithoutQuery = url.split("?")[0].split("#")[0];
+                  if (urlWithoutQuery.endsWith("/auth/login")) {
+                    window.location.href = "/strapi-plugin-oidc/oidc";
+                    return;
+                  }
                 }
                 return originalMethod.apply(window.history, args);
               };

package/dist/admin/index.js

@@ -1,4 +1,4 @@
 "use strict";
 Object.defineProperties(exports, { __esModule: { value: true }, [Symbol.toStringTag]: { value: "Module" } });
-const index = require("./index-Bc2bQNhu.js");
+const index = require("./index-Cq1ERJUV.js");
 exports.default = index.index;

package/dist/admin/index.mjs

@@ -1,4 +1,4 @@
-import { i } from "./index-Cz9Q6j4e.mjs";
+import { i } from "./index-BADTLgSt.mjs";
 export {
   i as default
 };

package/dist/server/index.js

@@ -1,18 +1,40 @@
 "use strict";
 Object.defineProperties(exports, { __esModule: { value: true }, [Symbol.toStringTag]: { value: "Module" } });
-const axios = require("axios");
 const node_crypto = require("node:crypto");
 const pkceChallenge = require("pkce-challenge");
 const strapiUtils = require("@strapi/utils");
 const generator = require("generate-password");
 const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
-const axios__default = /* @__PURE__ */ _interopDefault(axios);
 const pkceChallenge__default = /* @__PURE__ */ _interopDefault(pkceChallenge);
 const strapiUtils__default = /* @__PURE__ */ _interopDefault(strapiUtils);
 const generator__default = /* @__PURE__ */ _interopDefault(generator);
 function register$1() {
 }
 async function bootstrap({ strapi: strapi2 }) {
+  strapi2.server.use(async (ctx, next) => {
+    if (ctx.request.path === "/admin/login" && ctx.request.method === "POST") {
+      try {
+        const whitelistService2 = strapi2.plugin("strapi-plugin-oidc").service("whitelist");
+        const settings = await whitelistService2.getSettings();
+        if (settings && settings.enforceOIDC) {
+          ctx.status = 403;
+          ctx.body = {
+            data: null,
+            error: {
+              status: 403,
+              name: "ForbiddenError",
+              message: "Local login is disabled. Please use OIDC.",
+              details: {}
+            }
+          };
+          return;
+        }
+      } catch (err) {
+        strapi2.log.error("Error checking OIDC enforcement in middleware:", err);
+      }
+    }
+    await next();
+  });
   const actions = [
     {
       section: "plugins",
@@ -163,23 +185,40 @@ async function oidcSignIn(ctx) {
   ctx.set("Location", authorizationUrl);
   return ctx.send({}, 302);
 }
-async function exchangeTokenAndFetchUserInfo(httpClient, config2, params) {
-  const response = await httpClient.post(config2.OIDC_TOKEN_ENDPOINT, params, {
+async function exchangeTokenAndFetchUserInfo(config2, params) {
+  const response = await fetch(config2.OIDC_TOKEN_ENDPOINT, {
+    method: "POST",
+    body: params,
     headers: {
       "Content-Type": "application/x-www-form-urlencoded"
     }
   });
+  if (!response.ok) {
+    const errText = await response.text();
+    throw new Error(
+      `Failed to exchange token: ${response.status} ${response.statusText} - ${errText}`
+    );
+  }
+  const tokenData = await response.json();
   let userInfoEndpointHeaders = {};
-  let userInfoEndpointParameters = `?access_token=${response.data.access_token}`;
+  let userInfoEndpointParameters = `?access_token=${tokenData.access_token}`;
   if (config2.OIDC_USER_INFO_ENDPOINT_WITH_AUTH_HEADER) {
     userInfoEndpointHeaders = {
-      headers: { Authorization: `Bearer ${response.data.access_token}` }
+      Authorization: `Bearer ${tokenData.access_token}`
     };
     userInfoEndpointParameters = "";
   }
   const userInfoEndpoint = `${config2.OIDC_USER_INFO_ENDPOINT}${userInfoEndpointParameters}`;
-  const userResponse = await httpClient.get(userInfoEndpoint, userInfoEndpointHeaders);
-  return userResponse.data;
+  const userResponse = await fetch(userInfoEndpoint, {
+    headers: userInfoEndpointHeaders
+  });
+  if (!userResponse.ok) {
+    const errText = await userResponse.text();
+    throw new Error(
+      `Failed to fetch user info: ${userResponse.status} ${userResponse.statusText} - ${errText}`
+    );
+  }
+  return await userResponse.json();
 }
 async function registerNewUser(userService, oauthService2, roleService2, email, userResponseData, whitelistUser, config2, ctx) {
   let roles2 = [];
@@ -225,7 +264,6 @@ async function handleUserAuthentication(userService, oauthService2, roleService2
 }
 async function oidcSignInCallback(ctx) {
   const config2 = configValidation();
-  const httpClient = axios__default.default.create();
   const userService = strapi.service("admin::user");
   const oauthService2 = strapi.plugin("strapi-plugin-oidc").service("oauth");
   const roleService2 = strapi.plugin("strapi-plugin-oidc").service("role");
@@ -244,7 +282,7 @@ async function oidcSignInCallback(ctx) {
   params.append("grant_type", config2.OIDC_GRANT_TYPE);
   params.append("code_verifier", ctx.session.codeVerifier);
   try {
-    const userResponseData = await exchangeTokenAndFetchUserInfo(httpClient, config2, params);
+    const userResponseData = await exchangeTokenAndFetchUserInfo(config2, params);
     const { activateUser, jwtToken } = await handleUserAuthentication(
       userService,
       oauthService2,

package/dist/server/index.mjs

@@ -1,4 +1,3 @@
-import axios from "axios";
 import { randomUUID, randomBytes } from "node:crypto";
 import pkceChallenge from "pkce-challenge";
 import strapiUtils from "@strapi/utils";
@@ -6,6 +5,30 @@ import generator from "generate-password";
 function register$1() {
 }
 async function bootstrap({ strapi: strapi2 }) {
+  strapi2.server.use(async (ctx, next) => {
+    if (ctx.request.path === "/admin/login" && ctx.request.method === "POST") {
+      try {
+        const whitelistService2 = strapi2.plugin("strapi-plugin-oidc").service("whitelist");
+        const settings = await whitelistService2.getSettings();
+        if (settings && settings.enforceOIDC) {
+          ctx.status = 403;
+          ctx.body = {
+            data: null,
+            error: {
+              status: 403,
+              name: "ForbiddenError",
+              message: "Local login is disabled. Please use OIDC.",
+              details: {}
+            }
+          };
+          return;
+        }
+      } catch (err) {
+        strapi2.log.error("Error checking OIDC enforcement in middleware:", err);
+      }
+    }
+    await next();
+  });
   const actions = [
     {
       section: "plugins",
@@ -156,23 +179,40 @@ async function oidcSignIn(ctx) {
   ctx.set("Location", authorizationUrl);
   return ctx.send({}, 302);
 }
-async function exchangeTokenAndFetchUserInfo(httpClient, config2, params) {
-  const response = await httpClient.post(config2.OIDC_TOKEN_ENDPOINT, params, {
+async function exchangeTokenAndFetchUserInfo(config2, params) {
+  const response = await fetch(config2.OIDC_TOKEN_ENDPOINT, {
+    method: "POST",
+    body: params,
     headers: {
       "Content-Type": "application/x-www-form-urlencoded"
     }
   });
+  if (!response.ok) {
+    const errText = await response.text();
+    throw new Error(
+      `Failed to exchange token: ${response.status} ${response.statusText} - ${errText}`
+    );
+  }
+  const tokenData = await response.json();
   let userInfoEndpointHeaders = {};
-  let userInfoEndpointParameters = `?access_token=${response.data.access_token}`;
+  let userInfoEndpointParameters = `?access_token=${tokenData.access_token}`;
   if (config2.OIDC_USER_INFO_ENDPOINT_WITH_AUTH_HEADER) {
     userInfoEndpointHeaders = {
-      headers: { Authorization: `Bearer ${response.data.access_token}` }
+      Authorization: `Bearer ${tokenData.access_token}`
     };
     userInfoEndpointParameters = "";
   }
   const userInfoEndpoint = `${config2.OIDC_USER_INFO_ENDPOINT}${userInfoEndpointParameters}`;
-  const userResponse = await httpClient.get(userInfoEndpoint, userInfoEndpointHeaders);
-  return userResponse.data;
+  const userResponse = await fetch(userInfoEndpoint, {
+    headers: userInfoEndpointHeaders
+  });
+  if (!userResponse.ok) {
+    const errText = await userResponse.text();
+    throw new Error(
+      `Failed to fetch user info: ${userResponse.status} ${userResponse.statusText} - ${errText}`
+    );
+  }
+  return await userResponse.json();
 }
 async function registerNewUser(userService, oauthService2, roleService2, email, userResponseData, whitelistUser, config2, ctx) {
   let roles2 = [];
@@ -218,7 +258,6 @@ async function handleUserAuthentication(userService, oauthService2, roleService2
 }
 async function oidcSignInCallback(ctx) {
   const config2 = configValidation();
-  const httpClient = axios.create();
   const userService = strapi.service("admin::user");
   const oauthService2 = strapi.plugin("strapi-plugin-oidc").service("oauth");
   const roleService2 = strapi.plugin("strapi-plugin-oidc").service("role");
@@ -237,7 +276,7 @@ async function oidcSignInCallback(ctx) {
   params.append("grant_type", config2.OIDC_GRANT_TYPE);
   params.append("code_verifier", ctx.session.codeVerifier);
   try {
-    const userResponseData = await exchangeTokenAndFetchUserInfo(httpClient, config2, params);
+    const userResponseData = await exchangeTokenAndFetchUserInfo(config2, params);
     const { activateUser, jwtToken } = await handleUserAuthentication(
       userService,
       oauthService2,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "strapi-plugin-oidc",
-  "version": "1.0.7",
+  "version": "1.0.9",
   "description": "A Strapi plugin that provides OpenID Connect (OIDC) authentication functionality for the Strapi Admin Panel.",
   "strapi": {
     "displayName": "OIDC Plugin",
@@ -38,7 +38,6 @@
     "@strapi/design-system": "^2.2.0",
     "@strapi/icons": "^2.2.0",
     "@strapi/utils": "^5.41.1",
-    "axios": "^1.14.0",
     "generate-password": "^1.7.1",
     "pkce-challenge": "^6.0.0",
     "react": "^18.3.1",
@@ -84,7 +83,7 @@
     "globals": "^17.4.0",
     "husky": "^9.1.7",
     "lint-staged": "^16.4.0",
-    "msw": "^2.12.14",
+    "msw": "^2.13.0",
     "prettier": "^3.8.1",
     "supertest": "^7.2.2",
     "typescript": "^5.9.3",