tenneo-auth-plugin 0.1.4 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.js CHANGED
@@ -541,12 +541,24 @@ function clearAllCookies() {
541
541
  } catch {
542
542
  }
543
543
  }
544
+ function clearAllBrowserStorage() {
545
+ if (typeof window === "undefined") return;
546
+ try {
547
+ window.localStorage?.clear();
548
+ } catch {
549
+ }
550
+ try {
551
+ window.sessionStorage?.clear();
552
+ } catch {
553
+ }
554
+ }
544
555
  function clearAllStorage() {
545
556
  const forceLogin = getStorage(getStorageKey("force_login"));
546
557
  const logoutInProgress = getStorage(getStorageKey("logout_in_progress"));
547
558
  const preservedTenantKey = getStorage(getStorageKey("preserved_tenant_key"));
548
559
  clearAuthSessionStorage();
549
560
  clearAuthStorage();
561
+ clearAllBrowserStorage();
550
562
  if (forceLogin === "true") setStorage(getStorageKey("force_login"), "true");
551
563
  if (logoutInProgress === "true") setStorage(getStorageKey("logout_in_progress"), "true");
552
564
  if (preservedTenantKey) setStorage(getStorageKey("preserved_tenant_key"), preservedTenantKey);
@@ -1464,8 +1476,17 @@ async function refreshAccessToken() {
1464
1476
  const refreshToken = getRefreshToken();
1465
1477
  const clientId = getClientId();
1466
1478
  const tenantId = getTenantId();
1479
+ logger.debug("Token refresh - collected data", {
1480
+ hasRefreshToken: !!refreshToken,
1481
+ clientId,
1482
+ tenantId
1483
+ });
1467
1484
  if (!refreshToken || !clientId || !tenantId) {
1468
- logger.error("Token refresh failed: missing required data");
1485
+ logger.error("Token refresh failed: missing required data", {
1486
+ hasRefreshToken: !!refreshToken,
1487
+ hasClientId: !!clientId,
1488
+ hasTenantId: !!tenantId
1489
+ });
1469
1490
  throw new Error("Cannot refresh token: missing required data");
1470
1491
  }
1471
1492
  const apiAuthBaseUrl = Config.getApiAuthBaseUrl();
@@ -1473,14 +1494,14 @@ async function refreshAccessToken() {
1473
1494
  const body = new URLSearchParams({
1474
1495
  grant_type: DEFAULT_REFRESH_GRANT_TYPE,
1475
1496
  refresh_token: refreshToken,
1476
- client_id: clientId.startsWith("public-") ? clientId : `public-${clientId}`
1497
+ client_id: clientId.startsWith("public-") ? clientId : `public-${clientId}`,
1498
+ tenant_id: tenantId
1477
1499
  });
1478
1500
  const response = await fetch(tokenUrl, {
1479
1501
  method: "POST",
1480
1502
  headers: {
1481
1503
  "Content-Type": "application/x-www-form-urlencoded",
1482
- "__tenant": tenantId,
1483
- "Accept": "*/*"
1504
+ "Accept": "application/json"
1484
1505
  },
1485
1506
  body: body.toString()
1486
1507
  });
@@ -2474,13 +2495,28 @@ function stopStorageWatcher() {
2474
2495
  // src/utils/cookies.ts
2475
2496
  function clearClientCookies() {
2476
2497
  try {
2498
+ if (typeof document === "undefined" || typeof window === "undefined") return;
2477
2499
  const cookies = document.cookie.split(";");
2500
+ const hostname = window.location.hostname;
2501
+ const hostParts = hostname.split(".").filter(Boolean);
2502
+ const domainsToTry = [hostname];
2503
+ if (hostParts.length > 1) {
2504
+ for (let i = hostParts.length - 2; i >= 0; i--) {
2505
+ const parent = "." + hostParts.slice(i).join(".");
2506
+ if (!domainsToTry.includes(parent)) domainsToTry.push(parent);
2507
+ }
2508
+ }
2509
+ const pathsToTry = ["/", window.location.pathname || "/"].filter(Boolean);
2478
2510
  for (const cookie of cookies) {
2479
2511
  const eqPos = cookie.indexOf("=");
2480
2512
  const name = eqPos > -1 ? cookie.slice(0, eqPos).trim() : cookie.trim();
2481
2513
  if (!name) continue;
2482
- document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/`;
2483
- document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;domain=${window.location.hostname}`;
2514
+ for (const path of pathsToTry) {
2515
+ document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path}`;
2516
+ for (const domain of domainsToTry) {
2517
+ document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path};domain=${domain}`;
2518
+ }
2519
+ }
2484
2520
  }
2485
2521
  logger.debug("Client-side cookies cleared (best-effort)");
2486
2522
  } catch (error) {
@@ -2546,6 +2582,13 @@ async function callServerLogout(logoutUrl) {
2546
2582
  }
2547
2583
  function performLocalLogoutCleanup() {
2548
2584
  logger.debug("Performing local logout cleanup");
2585
+ try {
2586
+ getAuthRuntime()?.clearCookies?.clearCookies();
2587
+ } catch (error) {
2588
+ logger.debug("Runtime cookie clearer failed (ignored)", {
2589
+ error: error instanceof Error ? error.message : String(error)
2590
+ });
2591
+ }
2549
2592
  clearClientCookies();
2550
2593
  clearAllStorage();
2551
2594
  logger.info("Local logout cleanup completed");
@@ -2632,7 +2675,7 @@ var PUBLIC_CODE_PREFIX = "public-";
2632
2675
  function getTenantByCodeUrl(tenantCode) {
2633
2676
  const apiTenantResolutionBaseUrl = getResolvedTenantBaseUrl();
2634
2677
  const base = apiTenantResolutionBaseUrl.replace(/\/api\/v1\/?$/, "") || apiTenantResolutionBaseUrl;
2635
- return `${base}/api/tenant/v1/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;
2678
+ return `${base}/api/v1/tenant/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;
2636
2679
  }
2637
2680
  async function resolveTenant(tenantKey) {
2638
2681
  if (!tenantKey || tenantKey.trim() === "") {