strapi-plugin-oidc 1.10.2 → 1.10.3

package/dist/admin/{index-B-sTTO3a.js → index-COhAwRD-.js}

@@ -198,10 +198,25 @@ const AUDIT_LOG_DEFAULTS = {
   ADMIN_PAGE_SIZE: 10
 };
 const OIDC_SIGN_IN_PATH = "/strapi-plugin-oidc/oidc";
+const AUTH_ROUTES = [
+  "login",
+  "register",
+  "register-admin",
+  "forgot-password",
+  "reset-password"
+];
+const JWT_TOKEN_KEY = "jwtToken";
 const UI_DEFAULTS = {
   MIN_SPINNER_MS: 400
 };
 const EMAIL_REGEX = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+function shouldRedirectToOidc(params) {
+  const isServerBounce = params.search.includes("oidc_redirect=1");
+  if (isServerBounce) return false;
+  const hasToken = params.localStorage.getItem(JWT_TOKEN_KEY) || params.cookies.split(";").some((c) => c.trim().startsWith(`${JWT_TOKEN_KEY}=`));
+  if (hasToken) return false;
+  return true;
+}
 const name = pluginPkg.strapi.displayName;
 const index = {
   register(app) {
@@ -212,7 +227,7 @@ const index = {
         id: "settings.configuration",
         defaultMessage: "Configuration"
       },
-      Component: () => Promise.resolve().then(() => require("./index-DN2ccKqO.js")),
+      Component: () => Promise.resolve().then(() => require("./index-DgrNKY9Y.js")),
       permissions: [{ action: PERMISSIONS.READ, subject: null }]
     };
     app.addSettingsLink(
@@ -232,10 +247,19 @@ const index = {
     });
   },
   bootstrap() {
-    const isAuthRoute = (path) => /\/auth\/(login|register|forgot-password|reset-password)/.test(path);
-    const isServerBounce = window.location.search.includes("oidc_redirect=1");
-    if (!isServerBounce && isAuthRoute(window.location.pathname)) {
+    const authRouteNames = AUTH_ROUTES.filter((r) => r !== "register-admin");
+    const authRoutePattern = new RegExp(`/auth/(${authRouteNames.join("|")})`);
+    const isAuthRoute = (path) => authRoutePattern.test(path);
+    if (shouldRedirectToOidc({
+      search: window.location.search,
+      localStorage: window.localStorage,
+      cookies: document.cookie
+    })) {
+      document.documentElement.innerHTML = "";
       window.location.replace(OIDC_SIGN_IN_PATH);
+      setTimeout(() => {
+        window.location.href = OIDC_SIGN_IN_PATH;
+      }, 2e3);
       return;
     }
     const overlayContainer = document.createElement("div");
@@ -317,16 +341,16 @@ const index = {
     const applySettings = async () => {
       try {
         const response = await window.fetch("/strapi-plugin-oidc/settings/public");
-        if (response.ok) {
-          const data = await response.json();
-          if (data.skipLoginPage) {
-            startSkipLoginRedirect();
-            return;
-          }
-          startLoginObserver(data.ssoButtonText || defaultButtonText, !!data.enforceOIDC);
-        } else {
+        if (!response.ok) {
           startLoginObserver(defaultButtonText, false);
+          return;
+        }
+        const data = await response.json();
+        if (data.skipLoginPage) {
+          startSkipLoginRedirect();
+          return;
         }
+        startLoginObserver(data.ssoButtonText || defaultButtonText, !!data.enforceOIDC);
       } catch (error) {
         startLoginObserver(defaultButtonText, false);
         console.error("Failed to fetch OIDC settings:", error);
@@ -341,12 +365,12 @@ const index = {
       const isLogout = url?.endsWith("/admin/logout") && args[1]?.method?.toUpperCase() === "POST";
       if (isLogout) {
         window.dispatchEvent(new CustomEvent(LOGOUT_EVENT));
-        window.localStorage.removeItem("jwtToken");
+        window.localStorage.removeItem(JWT_TOKEN_KEY);
         window.localStorage.removeItem("isLoggedIn");
-        window.sessionStorage.removeItem("jwtToken");
+        window.sessionStorage.removeItem(JWT_TOKEN_KEY);
         window.sessionStorage.removeItem("isLoggedIn");
-        document.cookie = "jwtToken=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/";
-        document.cookie = "jwtToken=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/admin";
+        document.cookie = `${JWT_TOKEN_KEY}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/`;
+        document.cookie = `${JWT_TOKEN_KEY}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/admin`;
         originalFetch(...args).catch(() => {
         });
         window.location.href = "/strapi-plugin-oidc/logout";

package/dist/admin/{index-DnhzQm30.mjs → index-D0Q_r3J6.mjs}

@@ -195,10 +195,25 @@ const AUDIT_LOG_DEFAULTS = {
   ADMIN_PAGE_SIZE: 10
 };
 const OIDC_SIGN_IN_PATH = "/strapi-plugin-oidc/oidc";
+const AUTH_ROUTES = [
+  "login",
+  "register",
+  "register-admin",
+  "forgot-password",
+  "reset-password"
+];
+const JWT_TOKEN_KEY = "jwtToken";
 const UI_DEFAULTS = {
   MIN_SPINNER_MS: 400
 };
 const EMAIL_REGEX = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+function shouldRedirectToOidc(params) {
+  const isServerBounce = params.search.includes("oidc_redirect=1");
+  if (isServerBounce) return false;
+  const hasToken = params.localStorage.getItem(JWT_TOKEN_KEY) || params.cookies.split(";").some((c) => c.trim().startsWith(`${JWT_TOKEN_KEY}=`));
+  if (hasToken) return false;
+  return true;
+}
 const name = pluginPkg.strapi.displayName;
 const index = {
   register(app) {
@@ -209,7 +224,7 @@ const index = {
         id: "settings.configuration",
         defaultMessage: "Configuration"
       },
-      Component: () => import("./index-Dn8QUbkK.mjs"),
+      Component: () => import("./index-SjMPr_u2.mjs"),
       permissions: [{ action: PERMISSIONS.READ, subject: null }]
     };
     app.addSettingsLink(
@@ -229,10 +244,19 @@ const index = {
     });
   },
   bootstrap() {
-    const isAuthRoute = (path) => /\/auth\/(login|register|forgot-password|reset-password)/.test(path);
-    const isServerBounce = window.location.search.includes("oidc_redirect=1");
-    if (!isServerBounce && isAuthRoute(window.location.pathname)) {
+    const authRouteNames = AUTH_ROUTES.filter((r) => r !== "register-admin");
+    const authRoutePattern = new RegExp(`/auth/(${authRouteNames.join("|")})`);
+    const isAuthRoute = (path) => authRoutePattern.test(path);
+    if (shouldRedirectToOidc({
+      search: window.location.search,
+      localStorage: window.localStorage,
+      cookies: document.cookie
+    })) {
+      document.documentElement.innerHTML = "";
       window.location.replace(OIDC_SIGN_IN_PATH);
+      setTimeout(() => {
+        window.location.href = OIDC_SIGN_IN_PATH;
+      }, 2e3);
       return;
     }
     const overlayContainer = document.createElement("div");
@@ -314,16 +338,16 @@ const index = {
     const applySettings = async () => {
       try {
         const response = await window.fetch("/strapi-plugin-oidc/settings/public");
-        if (response.ok) {
-          const data = await response.json();
-          if (data.skipLoginPage) {
-            startSkipLoginRedirect();
-            return;
-          }
-          startLoginObserver(data.ssoButtonText || defaultButtonText, !!data.enforceOIDC);
-        } else {
+        if (!response.ok) {
           startLoginObserver(defaultButtonText, false);
+          return;
+        }
+        const data = await response.json();
+        if (data.skipLoginPage) {
+          startSkipLoginRedirect();
+          return;
         }
+        startLoginObserver(data.ssoButtonText || defaultButtonText, !!data.enforceOIDC);
       } catch (error) {
         startLoginObserver(defaultButtonText, false);
         console.error("Failed to fetch OIDC settings:", error);
@@ -338,12 +362,12 @@ const index = {
       const isLogout = url?.endsWith("/admin/logout") && args[1]?.method?.toUpperCase() === "POST";
       if (isLogout) {
         window.dispatchEvent(new CustomEvent(LOGOUT_EVENT));
-        window.localStorage.removeItem("jwtToken");
+        window.localStorage.removeItem(JWT_TOKEN_KEY);
         window.localStorage.removeItem("isLoggedIn");
-        window.sessionStorage.removeItem("jwtToken");
+        window.sessionStorage.removeItem(JWT_TOKEN_KEY);
         window.sessionStorage.removeItem("isLoggedIn");
-        document.cookie = "jwtToken=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/";
-        document.cookie = "jwtToken=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/admin";
+        document.cookie = `${JWT_TOKEN_KEY}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/`;
+        document.cookie = `${JWT_TOKEN_KEY}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/admin`;
         originalFetch(...args).catch(() => {
         });
         window.location.href = "/strapi-plugin-oidc/logout";

package/dist/admin/{index-DN2ccKqO.js → index-DgrNKY9Y.js}

@@ -7,7 +7,7 @@ const React = require("react");
 const designSystem = require("@strapi/design-system");
 const icons = require("@strapi/icons");
 const reactIntl = require("react-intl");
-const index = require("./index-B-sTTO3a.js");
+const index = require("./index-COhAwRD-.js");
 const styled = require("styled-components");
 const lucideReact = require("lucide-react");
 const _interopDefault = (e) => e && e.__esModule ? e : { default: e };

package/dist/admin/{index-Dn8QUbkK.mjs → index-SjMPr_u2.mjs}

@@ -5,7 +5,7 @@ import { useState, useRef, useId, useEffect, useCallback, useReducer, useMemo, m
 import { Typography, Flex, Box, MultiSelect, MultiSelectOption, Button, Dialog, Table, Pagination, PreviousLink, NextLink, PageLink, Field, Divider, Thead, Tr, Th, Tbody, Td, IconButton, Loader, Tooltip, Alert } from "@strapi/design-system";
 import { Cross, WarningCircle, Plus, Download, Upload, Trash, Calendar, Mail, Information } from "@strapi/icons";
 import { useIntl } from "react-intl";
-import { g as getTrad, E as EMAIL_REGEX, e as en, A as AUDIT_LOG_DEFAULTS, U as UI_DEFAULTS } from "./index-DnhzQm30.mjs";
+import { g as getTrad, E as EMAIL_REGEX, e as en, A as AUDIT_LOG_DEFAULTS, U as UI_DEFAULTS } from "./index-D0Q_r3J6.mjs";
 import styled from "styled-components";
 import { Filter, ClipboardList, Server } from "lucide-react";
 function Role({ oidcRoles, roles, onChangeRole }) {

package/dist/admin/index.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperties(exports, { __esModule: { value: true }, [Symbol.toStringTag]: { value: "Module" } });
-const index = require("./index-B-sTTO3a.js");
+const index = require("./index-COhAwRD-.js");
 require("react");
 require("react-dom/client");
 exports.default = index.index;

package/dist/admin/index.mjs

@@ -1,4 +1,4 @@
-import { i } from "./index-DnhzQm30.mjs";
+import { i } from "./index-D0Q_r3J6.mjs";
 import "react";
 import "react-dom/client";
 export {

package/dist/server/index.js

@@ -175,6 +175,13 @@ const DAY_MS = 864e5;
 const DISCOVERY_TIMEOUT_MS = 5e3;
 const OIDC_DISCOVERY_PATH = "/.well-known/openid-configuration";
 const OIDC_SIGN_IN_PATH = "/strapi-plugin-oidc/oidc";
+const AUTH_ROUTES = [
+  "login",
+  "register",
+  "register-admin",
+  "forgot-password",
+  "reset-password"
+];
 const EMAIL_REGEX = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
 function getPluginConfig() {
   return pluginConfigSchema.parse(strapi.config.get("plugin::strapi-plugin-oidc") ?? {});
@@ -285,11 +292,11 @@ function clearAuthCookies(strapi2, ctx) {
   ctx.cookies.set(COOKIE_NAMES.accessToken, "", rootPathOptions);
   ctx.cookies.set(COOKIE_NAMES.userEmail, "", rootPathOptions);
 }
-const AUTH_ROUTES = ["login", "register", "register-admin", "forgot-password", "reset-password"];
 const STATIC_EXTENSIONS = [".js", ".css", ".png", ".svg", ".ico", ".woff2", ".json", ".map"];
 async function bootstrap({ strapi: strapi2 }) {
   await applyDiscovery(strapi2);
-  const adminUrl = strapi2.config.get("admin.url", "/admin");
+  const rawAdminUrl = strapi2.config.get("admin.url");
+  const adminUrl = typeof rawAdminUrl === "string" && rawAdminUrl.length > 0 ? rawAdminUrl : "/admin";
   const tokenRefreshPath = `${adminUrl}/token/refresh`;
   const EXCLUDED_ADMIN_PATHS = [
     `${adminUrl}/login`,
@@ -3609,7 +3616,8 @@ async function oidcSignIn(ctx) {
   try {
     const config2 = configValidation();
     if (!config2.OIDC_SKIP_LOGIN_PAGE) {
-      const adminUrl = strapi.config.get("admin.url", "/admin");
+      const raw = strapi.config.get("admin.url");
+      const adminUrl = typeof raw === "string" && raw.length > 0 ? raw : "/admin";
       ctx.redirect(`${adminUrl}/auth/login?oidc_redirect=1`);
       return;
     }

package/dist/server/index.mjs

@@ -169,6 +169,13 @@ const DAY_MS = 864e5;
 const DISCOVERY_TIMEOUT_MS = 5e3;
 const OIDC_DISCOVERY_PATH = "/.well-known/openid-configuration";
 const OIDC_SIGN_IN_PATH = "/strapi-plugin-oidc/oidc";
+const AUTH_ROUTES = [
+  "login",
+  "register",
+  "register-admin",
+  "forgot-password",
+  "reset-password"
+];
 const EMAIL_REGEX = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
 function getPluginConfig() {
   return pluginConfigSchema.parse(strapi.config.get("plugin::strapi-plugin-oidc") ?? {});
@@ -279,11 +286,11 @@ function clearAuthCookies(strapi2, ctx) {
   ctx.cookies.set(COOKIE_NAMES.accessToken, "", rootPathOptions);
   ctx.cookies.set(COOKIE_NAMES.userEmail, "", rootPathOptions);
 }
-const AUTH_ROUTES = ["login", "register", "register-admin", "forgot-password", "reset-password"];
 const STATIC_EXTENSIONS = [".js", ".css", ".png", ".svg", ".ico", ".woff2", ".json", ".map"];
 async function bootstrap({ strapi: strapi2 }) {
   await applyDiscovery(strapi2);
-  const adminUrl = strapi2.config.get("admin.url", "/admin");
+  const rawAdminUrl = strapi2.config.get("admin.url");
+  const adminUrl = typeof rawAdminUrl === "string" && rawAdminUrl.length > 0 ? rawAdminUrl : "/admin";
   const tokenRefreshPath = `${adminUrl}/token/refresh`;
   const EXCLUDED_ADMIN_PATHS = [
     `${adminUrl}/login`,
@@ -3603,7 +3610,8 @@ async function oidcSignIn(ctx) {
   try {
     const config2 = configValidation();
     if (!config2.OIDC_SKIP_LOGIN_PAGE) {
-      const adminUrl = strapi.config.get("admin.url", "/admin");
+      const raw = strapi.config.get("admin.url");
+      const adminUrl = typeof raw === "string" && raw.length > 0 ? raw : "/admin";
       ctx.redirect(`${adminUrl}/auth/login?oidc_redirect=1`);
       return;
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "strapi-plugin-oidc",
-  "version": "1.10.2",
+  "version": "1.10.3",
   "description": "A Strapi plugin that provides OpenID Connect (OIDC) authentication functionality for the Strapi Admin Panel.",
   "strapi": {
     "displayName": "OIDC Plugin",