sunuid-sdk 1.0.58 → 1.0.60
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/sunuid-sdk.esm.js +114 -37
- package/dist/sunuid-sdk.esm.js.map +1 -1
- package/dist/sunuid-sdk.js +114 -37
- package/dist/sunuid-sdk.js.map +1 -1
- package/dist/sunuid-sdk.min.js +1 -1
- package/dist/sunuid-sdk.min.js.map +1 -1
- package/docs/SECURITY_GUIDE.md +3 -3
- package/examples/callback-example.html +1 -1
- package/examples/demo.html +3 -3
- package/examples/env.example +1 -1
- package/examples/no-loop-example.html +1 -1
- package/examples/partner-name-config.js +4 -4
- package/examples/production-config.js +2 -2
- package/examples/secure-init.php +1 -1
- package/examples/test-partner-name.html +1 -1
- package/examples/test-production.html +1 -1
- package/package.json +1 -1
package/dist/sunuid-sdk.js
CHANGED
|
@@ -275,7 +275,7 @@
|
|
|
275
275
|
|
|
276
276
|
// Configuration par défaut
|
|
277
277
|
var DEFAULT_CONFIG = {
|
|
278
|
-
apiUrl: ((_window$SunuIDConfig = window.SunuIDConfig) === null || _window$SunuIDConfig === void 0 ? void 0 : _window$SunuIDConfig.apiUrl) || 'https://api.sunuid.
|
|
278
|
+
apiUrl: ((_window$SunuIDConfig = window.SunuIDConfig) === null || _window$SunuIDConfig === void 0 ? void 0 : _window$SunuIDConfig.apiUrl) || 'https://api.sunuid.com',
|
|
279
279
|
clientId: null,
|
|
280
280
|
secretId: null,
|
|
281
281
|
type: 2,
|
|
@@ -303,10 +303,10 @@
|
|
|
303
303
|
// Options d'initialisation sécurisée
|
|
304
304
|
secureInit: false,
|
|
305
305
|
secureInitUrl: function (_window$SunuIDConfig2, _window$SunuIDConfig3) {
|
|
306
|
-
if ((_window$SunuIDConfig2 = window.SunuIDConfig) !== null && _window$SunuIDConfig2 !== void 0 && (_window$SunuIDConfig2 = _window$SunuIDConfig2.apiUrl) !== null && _window$SunuIDConfig2 !== void 0 && _window$SunuIDConfig2.includes('api.sunuid.
|
|
307
|
-
return 'https://api.sunuid.
|
|
306
|
+
if ((_window$SunuIDConfig2 = window.SunuIDConfig) !== null && _window$SunuIDConfig2 !== void 0 && (_window$SunuIDConfig2 = _window$SunuIDConfig2.apiUrl) !== null && _window$SunuIDConfig2 !== void 0 && _window$SunuIDConfig2.includes('api.sunuid.com')) {
|
|
307
|
+
return 'https://api.sunuid.com/secure-init';
|
|
308
308
|
}
|
|
309
|
-
return ((_window$SunuIDConfig3 = window.SunuIDConfig) === null || _window$SunuIDConfig3 === void 0 || (_window$SunuIDConfig3 = _window$SunuIDConfig3.apiUrl) === null || _window$SunuIDConfig3 === void 0 ? void 0 : _window$SunuIDConfig3.replace('/api', '')) + '/secure-init' || 'https://api.sunuid.
|
|
309
|
+
return ((_window$SunuIDConfig3 = window.SunuIDConfig) === null || _window$SunuIDConfig3 === void 0 || (_window$SunuIDConfig3 = _window$SunuIDConfig3.apiUrl) === null || _window$SunuIDConfig3 === void 0 ? void 0 : _window$SunuIDConfig3.replace('/api', '')) + '/secure-init' || 'https://api.sunuid.com/secure-init';
|
|
310
310
|
}(),
|
|
311
311
|
token: null,
|
|
312
312
|
// Configuration pour forcer l'utilisation du serveur distant
|
|
@@ -1493,7 +1493,7 @@
|
|
|
1493
1493
|
options = _args10.length > 3 && _args10[3] !== undefined ? _args10[3] : {};
|
|
1494
1494
|
_context10.p = 1;
|
|
1495
1495
|
_context10.n = 2;
|
|
1496
|
-
return fetch('https://api.sunuid.
|
|
1496
|
+
return fetch('https://api.sunuid.com/qr-generate', {
|
|
1497
1497
|
method: 'POST',
|
|
1498
1498
|
headers: {
|
|
1499
1499
|
'Content-Type': 'application/json'
|
|
@@ -1728,9 +1728,9 @@
|
|
|
1728
1728
|
// Construire l'URL - Utiliser l'API principale qui fonctionne
|
|
1729
1729
|
|
|
1730
1730
|
if (this.config.forceRemoteServer) {
|
|
1731
|
-
qrGeneratorUrl = 'https://api.sunuid.
|
|
1732
|
-
} else if (this.config.apiUrl.includes('api.sunuid.
|
|
1733
|
-
qrGeneratorUrl = 'https://api.sunuid.
|
|
1731
|
+
qrGeneratorUrl = 'https://api.sunuid.com/qr-generate';
|
|
1732
|
+
} else if (this.config.apiUrl.includes('api.sunuid.com')) {
|
|
1733
|
+
qrGeneratorUrl = 'https://api.sunuid.com/qr-generate';
|
|
1734
1734
|
} else if (this.config.apiUrl.includes('localhost') || this.config.apiUrl.includes('127.0.0.1')) {
|
|
1735
1735
|
qrGeneratorUrl = 'http://localhost:8000/api/generate/text';
|
|
1736
1736
|
} else {
|
|
@@ -2111,7 +2111,7 @@
|
|
|
2111
2111
|
retryCount = 0;
|
|
2112
2112
|
maxRetries = this.config.maxRetries;
|
|
2113
2113
|
_loop = /*#__PURE__*/_regenerator().m(function _loop() {
|
|
2114
|
-
var controller, timeoutId, headers, response, errorText, errorData, result, _t11;
|
|
2114
|
+
var controller, timeoutId, headers, response, errorText, errorData, responseText, contentType, result, _t11, _t12;
|
|
2115
2115
|
return _regenerator().w(function (_context17) {
|
|
2116
2116
|
while (1) switch (_context17.p = _context17.n) {
|
|
2117
2117
|
case 0:
|
|
@@ -2148,9 +2148,17 @@
|
|
|
2148
2148
|
try {
|
|
2149
2149
|
errorData = JSON.parse(errorText);
|
|
2150
2150
|
} catch (e) {
|
|
2151
|
-
|
|
2152
|
-
|
|
2153
|
-
|
|
2151
|
+
// Si ce n'est pas du JSON, c'est probablement du HTML/PHP
|
|
2152
|
+
if (errorText.trim().startsWith('<?') || errorText.trim().startsWith('<!')) {
|
|
2153
|
+
console.error('❌ Le serveur a retourné du HTML/PHP au lieu de JSON');
|
|
2154
|
+
errorData = {
|
|
2155
|
+
message: 'Le serveur a retourné une réponse invalide (HTML/PHP au lieu de JSON)'
|
|
2156
|
+
};
|
|
2157
|
+
} else {
|
|
2158
|
+
errorData = {
|
|
2159
|
+
message: errorText
|
|
2160
|
+
};
|
|
2161
|
+
}
|
|
2154
2162
|
}
|
|
2155
2163
|
_this4.logSecurityEvent('API_REQUEST_ERROR', {
|
|
2156
2164
|
status: response.status,
|
|
@@ -2160,9 +2168,52 @@
|
|
|
2160
2168
|
throw new Error(errorData.message || "Erreur HTTP: ".concat(response.status));
|
|
2161
2169
|
case 3:
|
|
2162
2170
|
_context17.n = 4;
|
|
2163
|
-
return response.
|
|
2171
|
+
return response.text();
|
|
2164
2172
|
case 4:
|
|
2165
|
-
|
|
2173
|
+
responseText = _context17.v;
|
|
2174
|
+
// Vérifier le Content-Type
|
|
2175
|
+
contentType = response.headers.get('content-type');
|
|
2176
|
+
if (!(contentType && !contentType.includes('application/json'))) {
|
|
2177
|
+
_context17.n = 6;
|
|
2178
|
+
break;
|
|
2179
|
+
}
|
|
2180
|
+
console.error('❌ Réponse non-JSON reçue:', contentType);
|
|
2181
|
+
console.error('❌ Contenu reçu:', responseText.substring(0, 200));
|
|
2182
|
+
|
|
2183
|
+
// Détecter si c'est du PHP
|
|
2184
|
+
if (!responseText.trim().startsWith('<?')) {
|
|
2185
|
+
_context17.n = 5;
|
|
2186
|
+
break;
|
|
2187
|
+
}
|
|
2188
|
+
throw new Error('Le serveur a retourné du PHP au lieu de JSON. Vérifiez que l\'endpoint API est correct.');
|
|
2189
|
+
case 5:
|
|
2190
|
+
throw new Error("Le serveur a retourn\xE9 ".concat(contentType, " au lieu de JSON"));
|
|
2191
|
+
case 6:
|
|
2192
|
+
_context17.p = 6;
|
|
2193
|
+
result = JSON.parse(responseText);
|
|
2194
|
+
_context17.n = 10;
|
|
2195
|
+
break;
|
|
2196
|
+
case 7:
|
|
2197
|
+
_context17.p = 7;
|
|
2198
|
+
_t11 = _context17.v;
|
|
2199
|
+
console.error('❌ Erreur lors du parsing JSON:', _t11);
|
|
2200
|
+
console.error('❌ Réponse reçue:', responseText.substring(0, 200));
|
|
2201
|
+
|
|
2202
|
+
// Détecter si c'est du PHP
|
|
2203
|
+
if (!responseText.trim().startsWith('<?')) {
|
|
2204
|
+
_context17.n = 8;
|
|
2205
|
+
break;
|
|
2206
|
+
}
|
|
2207
|
+
throw new Error('Le serveur a retourné du PHP au lieu de JSON. Vérifiez que l\'endpoint API est correct.');
|
|
2208
|
+
case 8:
|
|
2209
|
+
if (!responseText.trim().startsWith('<!')) {
|
|
2210
|
+
_context17.n = 9;
|
|
2211
|
+
break;
|
|
2212
|
+
}
|
|
2213
|
+
throw new Error('Le serveur a retourné du HTML au lieu de JSON. Vérifiez que l\'endpoint API est correct.');
|
|
2214
|
+
case 9:
|
|
2215
|
+
throw new Error('Réponse invalide du serveur (pas du JSON valide)');
|
|
2216
|
+
case 10:
|
|
2166
2217
|
_this4.logSecurityEvent('API_REQUEST_SUCCESS', {
|
|
2167
2218
|
endpoint: endpointPath,
|
|
2168
2219
|
responseKeys: Object.keys(result)
|
|
@@ -2170,43 +2221,43 @@
|
|
|
2170
2221
|
return _context17.a(2, {
|
|
2171
2222
|
v: result
|
|
2172
2223
|
});
|
|
2173
|
-
case
|
|
2174
|
-
_context17.p =
|
|
2175
|
-
|
|
2224
|
+
case 11:
|
|
2225
|
+
_context17.p = 11;
|
|
2226
|
+
_t12 = _context17.v;
|
|
2176
2227
|
retryCount++;
|
|
2177
|
-
if (!(
|
|
2178
|
-
_context17.n =
|
|
2228
|
+
if (!(_t12.name === 'AbortError')) {
|
|
2229
|
+
_context17.n = 13;
|
|
2179
2230
|
break;
|
|
2180
2231
|
}
|
|
2181
2232
|
_this4.logSecurityEvent('API_REQUEST_TIMEOUT', {
|
|
2182
2233
|
retryCount: retryCount
|
|
2183
2234
|
});
|
|
2184
2235
|
if (!(retryCount > maxRetries)) {
|
|
2185
|
-
_context17.n =
|
|
2236
|
+
_context17.n = 12;
|
|
2186
2237
|
break;
|
|
2187
2238
|
}
|
|
2188
2239
|
throw new Error('Timeout de la requête API');
|
|
2189
|
-
case
|
|
2240
|
+
case 12:
|
|
2190
2241
|
return _context17.a(2, 0);
|
|
2191
|
-
case
|
|
2242
|
+
case 13:
|
|
2192
2243
|
if (!(retryCount > maxRetries)) {
|
|
2193
|
-
_context17.n =
|
|
2244
|
+
_context17.n = 14;
|
|
2194
2245
|
break;
|
|
2195
2246
|
}
|
|
2196
2247
|
_this4.logSecurityEvent('API_REQUEST_MAX_RETRIES', {
|
|
2197
2248
|
retryCount: retryCount,
|
|
2198
|
-
error:
|
|
2249
|
+
error: _t12.message
|
|
2199
2250
|
});
|
|
2200
|
-
throw
|
|
2201
|
-
case
|
|
2202
|
-
_context17.n =
|
|
2251
|
+
throw _t12;
|
|
2252
|
+
case 14:
|
|
2253
|
+
_context17.n = 15;
|
|
2203
2254
|
return new Promise(function (resolve) {
|
|
2204
2255
|
return setTimeout(resolve, 1000 * retryCount);
|
|
2205
2256
|
});
|
|
2206
|
-
case
|
|
2257
|
+
case 15:
|
|
2207
2258
|
return _context17.a(2);
|
|
2208
2259
|
}
|
|
2209
|
-
}, _loop, null, [[0,
|
|
2260
|
+
}, _loop, null, [[6, 7], [0, 11]]);
|
|
2210
2261
|
});
|
|
2211
2262
|
case 3:
|
|
2212
2263
|
if (!(retryCount <= maxRetries)) {
|
|
@@ -2305,7 +2356,7 @@
|
|
|
2305
2356
|
key: "fetchPartnerInfo",
|
|
2306
2357
|
value: (function () {
|
|
2307
2358
|
var _fetchPartnerInfo = _asyncToGenerator(/*#__PURE__*/_regenerator().m(function _callee18() {
|
|
2308
|
-
var response, data, partnerId,
|
|
2359
|
+
var response, data, partnerId, _t13;
|
|
2309
2360
|
return _regenerator().w(function (_context19) {
|
|
2310
2361
|
while (1) switch (_context19.p = _context19.n) {
|
|
2311
2362
|
case 0:
|
|
@@ -2365,8 +2416,8 @@
|
|
|
2365
2416
|
break;
|
|
2366
2417
|
case 2:
|
|
2367
2418
|
_context19.p = 2;
|
|
2368
|
-
|
|
2369
|
-
console.warn('⚠️ Erreur lors de la récupération des informations du partenaire:',
|
|
2419
|
+
_t13 = _context19.v;
|
|
2420
|
+
console.warn('⚠️ Erreur lors de la récupération des informations du partenaire:', _t13.message);
|
|
2370
2421
|
this.config.partnerName = 'Partner_unknown';
|
|
2371
2422
|
case 3:
|
|
2372
2423
|
return _context19.a(2);
|
|
@@ -2410,7 +2461,7 @@
|
|
|
2410
2461
|
key: "checkConnections",
|
|
2411
2462
|
value: (function () {
|
|
2412
2463
|
var _checkConnections = _asyncToGenerator(/*#__PURE__*/_regenerator().m(function _callee19() {
|
|
2413
|
-
var status, testResponse, debugData,
|
|
2464
|
+
var status, testResponse, debugData, _t14;
|
|
2414
2465
|
return _regenerator().w(function (_context20) {
|
|
2415
2466
|
while (1) switch (_context20.p = _context20.n) {
|
|
2416
2467
|
case 0:
|
|
@@ -2455,8 +2506,8 @@
|
|
|
2455
2506
|
break;
|
|
2456
2507
|
case 6:
|
|
2457
2508
|
_context20.p = 6;
|
|
2458
|
-
|
|
2459
|
-
console.log('🔍 Test API échoué:',
|
|
2509
|
+
_t14 = _context20.v;
|
|
2510
|
+
console.log('🔍 Test API échoué:', _t14.message);
|
|
2460
2511
|
status.api = false;
|
|
2461
2512
|
case 7:
|
|
2462
2513
|
// Vérifier le WebSocket
|
|
@@ -2826,6 +2877,12 @@
|
|
|
2826
2877
|
value: function processAuthentication(data) {
|
|
2827
2878
|
console.log('🔐 Traitement de l\'authentification...');
|
|
2828
2879
|
try {
|
|
2880
|
+
// Vérifier que le token existe
|
|
2881
|
+
if (!data || !data.token) {
|
|
2882
|
+
console.error('❌ Token manquant dans les données:', data);
|
|
2883
|
+
throw new Error('Token manquant dans les données d\'authentification');
|
|
2884
|
+
}
|
|
2885
|
+
|
|
2829
2886
|
// Décoder le JWT token
|
|
2830
2887
|
var decodedToken = this.decodeJWT(data.token);
|
|
2831
2888
|
|
|
@@ -2875,17 +2932,37 @@
|
|
|
2875
2932
|
key: "decodeJWT",
|
|
2876
2933
|
value: function decodeJWT(token) {
|
|
2877
2934
|
try {
|
|
2935
|
+
// Vérifier que le token existe et est une chaîne
|
|
2936
|
+
if (!token || typeof token !== 'string') {
|
|
2937
|
+
console.error('❌ Token JWT manquant ou invalide:', token);
|
|
2938
|
+
throw new Error('Token JWT manquant ou invalide');
|
|
2939
|
+
}
|
|
2940
|
+
|
|
2878
2941
|
// Décodage simple du JWT (sans vérification de signature)
|
|
2879
2942
|
var parts = token.split('.');
|
|
2880
2943
|
if (parts.length !== 3) {
|
|
2944
|
+
console.error('❌ Format JWT invalide - nombre de parties incorrect:', parts.length);
|
|
2881
2945
|
throw new Error('Format JWT invalide');
|
|
2882
2946
|
}
|
|
2947
|
+
|
|
2948
|
+
// Vérifier que la partie payload existe
|
|
2949
|
+
if (!parts[1]) {
|
|
2950
|
+
console.error('❌ Payload JWT manquant');
|
|
2951
|
+
throw new Error('Payload JWT manquant');
|
|
2952
|
+
}
|
|
2883
2953
|
var payload = parts[1];
|
|
2884
|
-
var decoded
|
|
2954
|
+
var decoded;
|
|
2955
|
+
try {
|
|
2956
|
+
decoded = JSON.parse(atob(payload));
|
|
2957
|
+
} catch (parseError) {
|
|
2958
|
+
console.error('❌ Erreur lors du parsing du payload JWT:', parseError);
|
|
2959
|
+
throw new Error('Impossible de décoder le payload JWT');
|
|
2960
|
+
}
|
|
2885
2961
|
return decoded;
|
|
2886
2962
|
} catch (error) {
|
|
2887
2963
|
console.error('❌ Erreur décodage JWT:', error);
|
|
2888
|
-
|
|
2964
|
+
console.error('❌ Token reçu:', token ? token.substring(0, 50) + '...' : 'undefined');
|
|
2965
|
+
throw new Error('Token JWT invalide: ' + error.message);
|
|
2889
2966
|
}
|
|
2890
2967
|
}
|
|
2891
2968
|
|