strapi-plugin-oidc 1.2.3 → 1.3.1

package/dist/admin/{index-DuJfeoFu.mjs → index-CFmg9Kxl.mjs}

@@ -2,18 +2,11 @@ import { jsxs, Fragment, jsx } from "react/jsx-runtime";
 import { Routes, Route } from "react-router-dom";
 import { useNotification, useFetchClient, Page, Layouts } from "@strapi/strapi/admin";
 import { useState, useCallback, useEffect, memo } from "react";
-import { Typography, Flex, Box, MultiSelect, MultiSelectOption, Field, Button, Divider, Thead, Tr, Th, Tbody, Td, Dialog, IconButton, Pagination, PreviousLink, PageLink, NextLink, Table, Alert, TextInput } from "@strapi/design-system";
-import { Plus, Trash, WarningCircle } from "@strapi/icons";
+import { Typography, Flex, Box, MultiSelect, MultiSelectOption, Field, Button, Divider, Thead, Tr, Th, Tbody, Td, Dialog, IconButton, Pagination, PreviousLink, PageLink, NextLink, Table, Alert } from "@strapi/design-system";
+import { Plus, Trash, WarningCircle, Information } from "@strapi/icons";
 import { useIntl } from "react-intl";
-import { e as en, p as pluginId } from "./index-CZ_FdaEz.mjs";
+import { g as getTrad } from "./index-D1ypRUlq.mjs";
 import styled from "styled-components";
-function getTrad(id) {
-  const pluginIdWithId = `${pluginId}.${id}`;
-  return {
-    id: pluginIdWithId,
-    defaultMessage: en[id] || pluginIdWithId
-  };
-}
 function Role({ oidcRoles, roles, onChangeRole }) {
   const { formatMessage } = useIntl();
   return /* @__PURE__ */ jsxs(Fragment, { children: [
@@ -86,7 +79,7 @@ function Whitelist({
     const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
     return emailRegex.test(email);
   }, [email]);
-  return /* @__PURE__ */ jsx(Fragment, { children: /* @__PURE__ */ jsxs(Box, { children: [
+  return /* @__PURE__ */ jsxs(Box, { children: [
     /* @__PURE__ */ jsx(Typography, { tag: "p", variant: "omega", textColor: "neutral600", marginBottom: 4, children: formatMessage(getTrad("whitelist.description")) }),
     useWhitelist && /* @__PURE__ */ jsxs(Fragment, { children: [
       /* @__PURE__ */ jsxs(Flex, { gap: 4, marginTop: 5, marginBottom: 5, alignItems: "flex-start", children: [
@@ -202,10 +195,10 @@ function Whitelist({
               e.preventDefault();
               setPage((p) => Math.max(1, p - 1));
             },
-            children: "Go to previous page"
+            children: formatMessage(getTrad("pagination.previous"))
           }
         ),
-        Array.from({ length: pageCount }).map((_, i) => /* @__PURE__ */ jsxs(
+        Array.from({ length: pageCount }).map((_, i) => /* @__PURE__ */ jsx(
           PageLink,
           {
             number: i + 1,
@@ -214,10 +207,7 @@ function Whitelist({
               e.preventDefault();
               setPage(i + 1);
             },
-            children: [
-              "Go to page ",
-              i + 1
-            ]
+            children: formatMessage(getTrad("pagination.page"), { page: i + 1 })
           },
           i + 1
         )),
@@ -229,12 +219,12 @@ function Whitelist({
               e.preventDefault();
               setPage((p) => Math.min(pageCount, p + 1));
             },
-            children: "Go to next page"
+            children: formatMessage(getTrad("pagination.next"))
           }
         )
       ] }) }) })
     ] })
-  ] }) });
+  ] });
 }
 const AlertMessage = styled.div`
   position: fixed;
@@ -246,11 +236,29 @@ const AlertMessage = styled.div`
 `;
 function SuccessAlertMessage({ onClose }) {
   const { formatMessage } = useIntl();
-  return /* @__PURE__ */ jsx(AlertMessage, { children: /* @__PURE__ */ jsx(Alert, { title: "Success", variant: "success", closeLabel: "", onClose, children: formatMessage(getTrad("page.save.success")) }) });
+  return /* @__PURE__ */ jsx(AlertMessage, { children: /* @__PURE__ */ jsx(
+    Alert,
+    {
+      title: formatMessage(getTrad("alert.title.success")),
+      variant: "success",
+      closeLabel: "",
+      onClose,
+      children: formatMessage(getTrad("page.save.success"))
+    }
+  ) });
 }
 function ErrorAlertMessage({ onClose }) {
   const { formatMessage } = useIntl();
-  return /* @__PURE__ */ jsx(AlertMessage, { children: /* @__PURE__ */ jsx(Alert, { title: "Error", variant: "danger", closeLabel: "", onClose, children: formatMessage(getTrad("page.save.error")) }) });
+  return /* @__PURE__ */ jsx(AlertMessage, { children: /* @__PURE__ */ jsx(
+    Alert,
+    {
+      title: formatMessage(getTrad("alert.title.error")),
+      variant: "danger",
+      closeLabel: "",
+      onClose,
+      children: formatMessage(getTrad("page.save.error"))
+    }
+  ) });
 }
 function MatchedUserAlertMessage({
   onClose,
@@ -258,7 +266,16 @@ function MatchedUserAlertMessage({
 }) {
   const { formatMessage } = useIntl();
   const id = count > 1 ? "whitelist.users_exists" : "whitelist.user_exists";
-  return /* @__PURE__ */ jsx(AlertMessage, { children: /* @__PURE__ */ jsx(Alert, { title: "Info", variant: "default", closeLabel: "", onClose, children: formatMessage(getTrad(id)) }) });
+  return /* @__PURE__ */ jsx(AlertMessage, { children: /* @__PURE__ */ jsx(
+    Alert,
+    {
+      title: formatMessage(getTrad("alert.title.info")),
+      variant: "default",
+      closeLabel: "",
+      onClose,
+      children: formatMessage(getTrad(id))
+    }
+  ) });
 }
 const SwitchContainer = styled.label`
   position: relative;
@@ -342,6 +359,7 @@ function useOidcSettings() {
   const [useWhitelist, setUseWhitelist] = useState(false);
   const [initialEnforceOIDC, setInitialEnforceOIDC] = useState(false);
   const [enforceOIDC, setEnforceOIDC] = useState(false);
+  const [enforceOIDCConfig, setEnforceOIDCConfig] = useState(null);
   const [initialUsers, setInitialUsers] = useState([]);
   const [users, setUsers] = useState([]);
   useEffect(() => {
@@ -359,6 +377,7 @@ function useOidcSettings() {
       setInitialUseWhitelist(response.data.useWhitelist);
       setEnforceOIDC(response.data.enforceOIDC);
       setInitialEnforceOIDC(response.data.enforceOIDC);
+      setEnforceOIDCConfig(response.data.enforceOIDCConfig ?? null);
     });
   }, [get]);
   const onChangeRole = (values, oidcId) => {
@@ -437,6 +456,7 @@ function useOidcSettings() {
       roles,
       useWhitelist,
       enforceOIDC,
+      enforceOIDCConfig,
       initialEnforceOIDC,
       users,
       isDirty
@@ -507,57 +527,27 @@ function HomePage() {
       ] }),
       /* @__PURE__ */ jsxs(Box, { background: "neutral0", hasRadius: true, shadow: "filterShadow", padding: 6, children: [
         /* @__PURE__ */ jsx(Box, { paddingBottom: 6, children: /* @__PURE__ */ jsx(Typography, { variant: "beta", tag: "h2", children: formatMessage(getTrad("login.settings.title")) }) }),
-        /* @__PURE__ */ jsxs(Flex, { direction: "column", alignItems: "stretch", gap: 4, children: [
-          /* @__PURE__ */ jsxs(Flex, { direction: "column", alignItems: "stretch", gap: 2, children: [
-            /* @__PURE__ */ jsxs(Flex, { alignItems: "center", gap: 3, wrap: "wrap", children: [
-              /* @__PURE__ */ jsx(Typography, { variant: "omega", style: { minWidth: "280px" }, children: formatMessage(getTrad("enforce.title")) }),
-              /* @__PURE__ */ jsx(Box, { minWidth: "160px", children: /* @__PURE__ */ jsx(
-                CustomSwitch,
-                {
-                  checked: state.enforceOIDC,
-                  onChange: actions.onToggleEnforce,
-                  disabled: state.useWhitelist && state.users.length === 0,
-                  label: state.enforceOIDC ? formatMessage(getTrad("enforce.toggle.enabled")) : formatMessage(getTrad("enforce.toggle.disabled"))
-                }
-              ) })
-            ] }),
-            state.enforceOIDC && state.enforceOIDC !== state.initialEnforceOIDC && /* @__PURE__ */ jsx(Box, { background: "danger100", padding: 3, hasRadius: true, children: /* @__PURE__ */ jsxs(Flex, { gap: 3, alignItems: "center", children: [
-              /* @__PURE__ */ jsx(WarningCircle, { fill: "danger600" }),
-              /* @__PURE__ */ jsx(Typography, { textColor: "danger600", children: formatMessage(getTrad("enforce.warning")) })
-            ] }) })
-          ] }),
+        /* @__PURE__ */ jsxs(Flex, { direction: "column", alignItems: "stretch", gap: 2, children: [
           /* @__PURE__ */ jsxs(Flex, { alignItems: "center", gap: 3, wrap: "wrap", children: [
-            /* @__PURE__ */ jsx(Typography, { variant: "omega", style: { minWidth: "280px" }, children: formatMessage(getTrad("login.sso.show")) }),
+            /* @__PURE__ */ jsx(Typography, { variant: "omega", style: { minWidth: "280px" }, children: formatMessage(getTrad("enforce.title")) }),
             /* @__PURE__ */ jsx(Box, { minWidth: "160px", children: /* @__PURE__ */ jsx(
               CustomSwitch,
               {
-                checked: state.showSSOButton,
-                onChange: actions.onToggleShowSSOButton,
-                label: state.showSSOButton ? formatMessage(getTrad("enforce.toggle.enabled")) : formatMessage(getTrad("enforce.toggle.disabled"))
+                checked: state.enforceOIDC,
+                onChange: actions.onToggleEnforce,
+                disabled: state.enforceOIDCConfig !== null || state.useWhitelist && state.users.length === 0,
+                label: state.enforceOIDC ? formatMessage(getTrad("enforce.toggle.enabled")) : formatMessage(getTrad("enforce.toggle.disabled"))
               }
             ) })
           ] }),
-          state.showSSOButton && /* @__PURE__ */ jsxs(Flex, { alignItems: "center", gap: 3, wrap: "wrap", children: [
-            /* @__PURE__ */ jsx(
-              Typography,
-              {
-                variant: "omega",
-                tag: "label",
-                htmlFor: "sso-button-text",
-                style: { minWidth: "280px" },
-                children: formatMessage(getTrad("login.sso.button.text.label"))
-              }
-            ),
-            /* @__PURE__ */ jsx(Box, { style: { flex: 1, minWidth: "160px" }, children: /* @__PURE__ */ jsx(
-              TextInput,
-              {
-                id: "sso-button-text",
-                "aria-label": formatMessage(getTrad("login.sso.button.text.label")),
-                value: state.ssoButtonText,
-                onChange: actions.onChangeSSOButtonText
-              }
-            ) })
-          ] })
+          state.enforceOIDCConfig !== null && /* @__PURE__ */ jsx(Box, { background: "primary100", padding: 3, hasRadius: true, children: /* @__PURE__ */ jsxs(Flex, { gap: 3, alignItems: "center", children: [
+            /* @__PURE__ */ jsx(Information, { fill: "primary600" }),
+            /* @__PURE__ */ jsx(Typography, { textColor: "primary600", children: formatMessage(getTrad("enforce.config.info")) })
+          ] }) }),
+          state.enforceOIDCConfig === null && state.enforceOIDC && state.enforceOIDC !== state.initialEnforceOIDC && /* @__PURE__ */ jsx(Box, { background: "danger100", padding: 3, hasRadius: true, children: /* @__PURE__ */ jsxs(Flex, { gap: 3, alignItems: "center", children: [
+            /* @__PURE__ */ jsx(WarningCircle, { fill: "danger600" }),
+            /* @__PURE__ */ jsx(Typography, { textColor: "danger600", children: formatMessage(getTrad("enforce.warning")) })
+          ] }) })
         ] })
       ] }),
       /* @__PURE__ */ jsx(Flex, { justifyContent: "flex-end", children: /* @__PURE__ */ jsx(

package/dist/admin/{index-ENl8_IZn.js → index-Cse9ex24.js}

@@ -50,11 +50,15 @@ const en = {
   "roles.placeholder": "Select default role(s)",
   "whitelist.title": "Whitelist",
   "whitelist.error.unique": "Already registered email address.",
-  "whitelist.enabled": "Whitelist is currently enabled.",
-  "whitelist.disabled": "Whitelist is currently disabled.",
   "whitelist.description": "Restrict OIDC authentication to specific email addresses and optionally assign them custom role(s).",
   "whitelist.user_exists": "User already exists, matching existing role(s)",
   "whitelist.users_exists": "Users already exist, matching existing role(s)",
+  "alert.title.success": "Success",
+  "alert.title.error": "Error",
+  "alert.title.info": "Info",
+  "pagination.previous": "Go to previous page",
+  "pagination.page": "Go to page {page}",
+  "pagination.next": "Go to next page",
   "whitelist.table.no": "No.",
   "whitelist.table.email": "Email",
   "whitelist.table.created": "Created At",
@@ -66,7 +70,6 @@ const en = {
   "whitelist.email.placeholder": "Email address",
   "whitelist.roles.placeholder": "Select specific role(s)",
   "whitelist.table.roles": "Role(s)",
-  "whitelist.table.roles.default": "Default",
   "whitelist.table.empty": "No email addresses",
   "whitelist.delete.label": "Delete",
   "page.title.oidc": "OIDC",
@@ -74,12 +77,20 @@ const en = {
   "enforce.toggle.enabled": "Enabled",
   "enforce.toggle.disabled": "Disabled",
   "enforce.warning": "Make sure OIDC is setup correctly before saving changes, you won't be able to login normally.",
+  "enforce.config.info": "Enforcement is controlled by the OIDC_ENFORCE config variable and cannot be changed here.",
+  "login.settings.title": "Login Settings",
   "login.sso": "Login via SSO"
 };
-const en$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
-  __proto__: null,
-  default: en
-}, Symbol.toStringTag, { value: "Module" }));
+function getTrad(id) {
+  const pluginIdWithId = `${pluginId}.${id}`;
+  return {
+    id: pluginIdWithId,
+    defaultMessage: en[id] || pluginIdWithId
+  };
+}
+function t(id) {
+  return en[id];
+}
 const name = pluginPkg.strapi.displayName;
 const index = {
   register(app) {
@@ -99,7 +110,7 @@ const index = {
           defaultMessage: "Configuration"
         },
         Component: async () => {
-          return await Promise.resolve().then(() => require("./index-DZwncy7E.js"));
+          return await Promise.resolve().then(() => require("./index-BqyGGX8X.js"));
         },
         permissions: [{ action: "plugin::strapi-plugin-oidc.read", subject: null }]
       }
@@ -111,41 +122,11 @@ const index = {
     });
   },
   bootstrap() {
-    let isLogoutInProgress = false;
-    let historyPatched = false;
-    const ENFORCE_CACHE_KEY = "strapi_oidc_enforced";
+    const defaultButtonText = t("login.sso");
     const isAuthRoute = (path) => /\/auth\/(login|register|forgot-password|reset-password)/.test(path);
-    const patchHistory = () => {
-      if (historyPatched) return;
-      historyPatched = true;
-      const interceptHistory = (originalMethod) => {
-        return function(...args) {
-          const url = args[2];
-          if (url && typeof url === "string") {
-            const urlWithoutQuery = url.split("?")[0].split("#")[0];
-            if (isAuthRoute(urlWithoutQuery)) {
-              if (isLogoutInProgress) {
-                return;
-              }
-              document.documentElement.style.visibility = "hidden";
-              window.location.href = "/strapi-plugin-oidc/oidc";
-              return;
-            }
-          }
-          return originalMethod.apply(window.history, args);
-        };
-      };
-      window.history.pushState = interceptHistory(window.history.pushState);
-      window.history.replaceState = interceptHistory(window.history.replaceState);
-      if (isAuthRoute(window.location.pathname)) {
-        document.documentElement.style.visibility = "hidden";
-        window.location.replace("/strapi-plugin-oidc/oidc");
-      }
-    };
     let ssoButtonInjected = false;
-    let ssoObserver = null;
-    let ssoButtonText = en["login.sso"];
-    const injectSSOButton = () => {
+    let loginObserver = null;
+    const injectSSOButton = (buttonText) => {
       if (ssoButtonInjected) return;
       if (!isAuthRoute(window.location.pathname)) return;
       if (document.getElementById("strapi-oidc-sso-btn")) return;
@@ -155,71 +136,75 @@ const index = {
       btn.id = "strapi-oidc-sso-btn";
       btn.type = "button";
       btn.className = submitButton.className;
-      btn.style.marginTop = "8px";
       btn.onclick = () => {
         window.location.href = "/strapi-plugin-oidc/oidc";
       };
       const innerSpan = submitButton.querySelector("span");
       const span = document.createElement("span");
       if (innerSpan) span.className = innerSpan.className;
-      span.textContent = ssoButtonText;
+      span.style.display = "inline-flex";
+      span.style.alignItems = "center";
+      span.style.gap = "8px";
+      const svg = document.createElementNS("http://www.w3.org/2000/svg", "svg");
+      svg.setAttribute("width", "16");
+      svg.setAttribute("height", "16");
+      svg.setAttribute("viewBox", "0 0 24 24");
+      svg.setAttribute("fill", "none");
+      svg.setAttribute("stroke", "currentColor");
+      svg.setAttribute("stroke-width", "2");
+      svg.setAttribute("stroke-linecap", "round");
+      svg.setAttribute("stroke-linejoin", "round");
+      svg.setAttribute("aria-hidden", "true");
+      svg.innerHTML = '<path d="M2.586 17.414A2 2 0 0 0 2 18.828V21a1 1 0 0 0 1 1h3a1 1 0 0 0 1-1v-1a1 1 0 0 1 1-1h1a1 1 0 0 0 1-1v-1a1 1 0 0 1 1-1h.172a2 2 0 0 0 1.414-.586l.814-.814a6.5 6.5 0 1 0-4-4z"/><circle cx="16.5" cy="7.5" r=".5" fill="currentColor"/>';
+      span.appendChild(svg);
+      span.appendChild(document.createTextNode(buttonText));
       btn.appendChild(span);
       submitButton.parentNode.insertBefore(btn, submitButton.nextSibling);
       ssoButtonInjected = true;
     };
-    const startSSOButtonObserver = () => {
-      if (ssoObserver) return;
-      injectSSOButton();
-      ssoObserver = new MutationObserver(() => {
-        if (isAuthRoute(window.location.pathname)) injectSSOButton();
+    const removeEnforcedElements = () => {
+      [
+        'form > div > div:has(input[name="email"])',
+        'form > div > div:has(input[name="password"])',
+        'form > div > div:has(button[role="checkbox"])',
+        'form > div > button[type="submit"]:not(#strapi-oidc-sso-btn)'
+      ].forEach((selector) => {
+        document.querySelectorAll(selector).forEach((el) => el.remove());
+      });
+      document.querySelectorAll('a[href*="forgot-password"]').forEach((el) => {
+        (el.closest("div")?.parentElement ?? el).remove();
       });
-      ssoObserver.observe(document.body, { childList: true, subtree: true });
     };
-    const stopSSOButtonObserver = () => {
-      ssoObserver?.disconnect();
-      ssoObserver = null;
-      document.getElementById("strapi-oidc-sso-btn")?.remove();
-      ssoButtonInjected = false;
+    const startLoginObserver = (buttonText, enforced) => {
+      if (loginObserver) return;
+      const tick = () => {
+        if (!isAuthRoute(window.location.pathname)) return;
+        injectSSOButton(buttonText);
+        if (enforced) removeEnforcedElements();
+      };
+      tick();
+      loginObserver = new MutationObserver(tick);
+      loginObserver.observe(document.body, { childList: true, subtree: true });
     };
-    if (localStorage.getItem(ENFORCE_CACHE_KEY) === "1") {
-      patchHistory();
-    }
-    if (isAuthRoute(window.location.pathname)) {
-      document.documentElement.style.visibility = "hidden";
-    }
-    const checkEnforceOIDC = async () => {
+    const applySettings = async () => {
       try {
         const response = await window.fetch("/strapi-plugin-oidc/settings/public");
         if (response.ok) {
           const data = await response.json();
-          if (data.enforceOIDC) {
-            localStorage.setItem(ENFORCE_CACHE_KEY, "1");
-            stopSSOButtonObserver();
-            patchHistory();
-          } else {
-            localStorage.removeItem(ENFORCE_CACHE_KEY);
-            document.documentElement.style.visibility = "";
-            if (data.showSSOButton !== false) {
-              ssoButtonText = data.ssoButtonText || en["login.sso"];
-              startSSOButtonObserver();
-            } else {
-              stopSSOButtonObserver();
-            }
-          }
+          startLoginObserver(data.ssoButtonText || defaultButtonText, !!data.enforceOIDC);
+        } else {
+          startLoginObserver(defaultButtonText, false);
         }
       } catch (error) {
-        document.documentElement.style.visibility = "";
-        console.error("Failed to check OIDC enforcement setting:", error);
+        startLoginObserver(defaultButtonText, false);
+        console.error("Failed to fetch OIDC settings:", error);
       }
     };
-    checkEnforceOIDC();
+    applySettings();
     const originalFetch = window.fetch;
     window.fetch = async (...args) => {
       const url = typeof args[0] === "string" ? args[0] : args[0].url;
       const isLogout = url && url.endsWith("/admin/logout") && args[1]?.method?.toUpperCase() === "POST";
-      if (isLogout) {
-        isLogoutInProgress = true;
-      }
       const response = await originalFetch(...args);
       if (isLogout && response.ok) {
         window.localStorage.removeItem("jwtToken");
@@ -231,37 +216,27 @@ const index = {
         window.location.href = "/strapi-plugin-oidc/logout";
         return new Promise(() => {
         });
-      } else if (isLogout) {
-        isLogoutInProgress = false;
       }
       return response;
     };
   },
   async registerTrads({ locales }) {
+    const transformKeys = (data) => Object.fromEntries(
+      Object.entries(data).map(([key, value]) => [
+        key.startsWith("global.") ? key : getTranslation(key),
+        value
+      ])
+    );
     const importedTrads = await Promise.all(
       locales.map((locale) => {
-        return __variableDynamicImportRuntimeHelper(/* @__PURE__ */ Object.assign({ "./translations/en.json": () => Promise.resolve().then(() => en$1) }), `./translations/${locale}.json`, 3).then(({ default: data }) => {
-          const newData = Object.fromEntries(
-            Object.entries(data).map(([key, value]) => [
-              key.startsWith("global.") ? key : getTranslation(key),
-              value
-            ])
-          );
-          return {
-            data: newData,
-            locale
-          };
-        }).catch(() => {
-          return {
-            data: {},
-            locale
-          };
-        });
+        if (locale === "en") {
+          return Promise.resolve({ data: transformKeys(en), locale });
+        }
+        return __variableDynamicImportRuntimeHelper(/* @__PURE__ */ Object.assign({}), `./translations/locales/${locale}.json`, 4).then(({ default: data }) => ({ data: transformKeys(data), locale })).catch(() => ({ data: {}, locale }));
       })
     );
-    return Promise.resolve(importedTrads);
+    return importedTrads;
   }
 };
-exports.en = en;
+exports.getTrad = getTrad;
 exports.index = index;
-exports.pluginId = pluginId;