tenneo-auth-plugin 0.1.4 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.mjs CHANGED
@@ -534,12 +534,24 @@ function clearAllCookies() {
534
534
  } catch {
535
535
  }
536
536
  }
537
+ function clearAllBrowserStorage() {
538
+ if (typeof window === "undefined") return;
539
+ try {
540
+ window.localStorage?.clear();
541
+ } catch {
542
+ }
543
+ try {
544
+ window.sessionStorage?.clear();
545
+ } catch {
546
+ }
547
+ }
537
548
  function clearAllStorage() {
538
549
  const forceLogin = getStorage(getStorageKey("force_login"));
539
550
  const logoutInProgress = getStorage(getStorageKey("logout_in_progress"));
540
551
  const preservedTenantKey = getStorage(getStorageKey("preserved_tenant_key"));
541
552
  clearAuthSessionStorage();
542
553
  clearAuthStorage();
554
+ clearAllBrowserStorage();
543
555
  if (forceLogin === "true") setStorage(getStorageKey("force_login"), "true");
544
556
  if (logoutInProgress === "true") setStorage(getStorageKey("logout_in_progress"), "true");
545
557
  if (preservedTenantKey) setStorage(getStorageKey("preserved_tenant_key"), preservedTenantKey);
@@ -1457,8 +1469,17 @@ async function refreshAccessToken() {
1457
1469
  const refreshToken = getRefreshToken();
1458
1470
  const clientId = getClientId();
1459
1471
  const tenantId = getTenantId();
1472
+ logger.debug("Token refresh - collected data", {
1473
+ hasRefreshToken: !!refreshToken,
1474
+ clientId,
1475
+ tenantId
1476
+ });
1460
1477
  if (!refreshToken || !clientId || !tenantId) {
1461
- logger.error("Token refresh failed: missing required data");
1478
+ logger.error("Token refresh failed: missing required data", {
1479
+ hasRefreshToken: !!refreshToken,
1480
+ hasClientId: !!clientId,
1481
+ hasTenantId: !!tenantId
1482
+ });
1462
1483
  throw new Error("Cannot refresh token: missing required data");
1463
1484
  }
1464
1485
  const apiAuthBaseUrl = Config.getApiAuthBaseUrl();
@@ -1466,14 +1487,14 @@ async function refreshAccessToken() {
1466
1487
  const body = new URLSearchParams({
1467
1488
  grant_type: DEFAULT_REFRESH_GRANT_TYPE,
1468
1489
  refresh_token: refreshToken,
1469
- client_id: clientId.startsWith("public-") ? clientId : `public-${clientId}`
1490
+ client_id: clientId.startsWith("public-") ? clientId : `public-${clientId}`,
1491
+ tenant_id: tenantId
1470
1492
  });
1471
1493
  const response = await fetch(tokenUrl, {
1472
1494
  method: "POST",
1473
1495
  headers: {
1474
1496
  "Content-Type": "application/x-www-form-urlencoded",
1475
- "__tenant": tenantId,
1476
- "Accept": "*/*"
1497
+ "Accept": "application/json"
1477
1498
  },
1478
1499
  body: body.toString()
1479
1500
  });
@@ -2467,13 +2488,28 @@ function stopStorageWatcher() {
2467
2488
  // src/utils/cookies.ts
2468
2489
  function clearClientCookies() {
2469
2490
  try {
2491
+ if (typeof document === "undefined" || typeof window === "undefined") return;
2470
2492
  const cookies = document.cookie.split(";");
2493
+ const hostname = window.location.hostname;
2494
+ const hostParts = hostname.split(".").filter(Boolean);
2495
+ const domainsToTry = [hostname];
2496
+ if (hostParts.length > 1) {
2497
+ for (let i = hostParts.length - 2; i >= 0; i--) {
2498
+ const parent = "." + hostParts.slice(i).join(".");
2499
+ if (!domainsToTry.includes(parent)) domainsToTry.push(parent);
2500
+ }
2501
+ }
2502
+ const pathsToTry = ["/", window.location.pathname || "/"].filter(Boolean);
2471
2503
  for (const cookie of cookies) {
2472
2504
  const eqPos = cookie.indexOf("=");
2473
2505
  const name = eqPos > -1 ? cookie.slice(0, eqPos).trim() : cookie.trim();
2474
2506
  if (!name) continue;
2475
- document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/`;
2476
- document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;domain=${window.location.hostname}`;
2507
+ for (const path of pathsToTry) {
2508
+ document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path}`;
2509
+ for (const domain of domainsToTry) {
2510
+ document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path};domain=${domain}`;
2511
+ }
2512
+ }
2477
2513
  }
2478
2514
  logger.debug("Client-side cookies cleared (best-effort)");
2479
2515
  } catch (error) {
@@ -2539,6 +2575,13 @@ async function callServerLogout(logoutUrl) {
2539
2575
  }
2540
2576
  function performLocalLogoutCleanup() {
2541
2577
  logger.debug("Performing local logout cleanup");
2578
+ try {
2579
+ getAuthRuntime()?.clearCookies?.clearCookies();
2580
+ } catch (error) {
2581
+ logger.debug("Runtime cookie clearer failed (ignored)", {
2582
+ error: error instanceof Error ? error.message : String(error)
2583
+ });
2584
+ }
2542
2585
  clearClientCookies();
2543
2586
  clearAllStorage();
2544
2587
  logger.info("Local logout cleanup completed");
@@ -2625,7 +2668,7 @@ var PUBLIC_CODE_PREFIX = "public-";
2625
2668
  function getTenantByCodeUrl(tenantCode) {
2626
2669
  const apiTenantResolutionBaseUrl = getResolvedTenantBaseUrl();
2627
2670
  const base = apiTenantResolutionBaseUrl.replace(/\/api\/v1\/?$/, "") || apiTenantResolutionBaseUrl;
2628
- return `${base}/api/tenant/v1/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;
2671
+ return `${base}/api/v1/tenant/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;
2629
2672
  }
2630
2673
  async function resolveTenant(tenantKey) {
2631
2674
  if (!tenantKey || tenantKey.trim() === "") {