tenneo-auth-plugin 0.1.5 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.js CHANGED
@@ -541,12 +541,24 @@ function clearAllCookies() {
541
541
  } catch {
542
542
  }
543
543
  }
544
+ function clearAllBrowserStorage() {
545
+ if (typeof window === "undefined") return;
546
+ try {
547
+ window.localStorage?.clear();
548
+ } catch {
549
+ }
550
+ try {
551
+ window.sessionStorage?.clear();
552
+ } catch {
553
+ }
554
+ }
544
555
  function clearAllStorage() {
545
556
  const forceLogin = getStorage(getStorageKey("force_login"));
546
557
  const logoutInProgress = getStorage(getStorageKey("logout_in_progress"));
547
558
  const preservedTenantKey = getStorage(getStorageKey("preserved_tenant_key"));
548
559
  clearAuthSessionStorage();
549
560
  clearAuthStorage();
561
+ clearAllBrowserStorage();
550
562
  if (forceLogin === "true") setStorage(getStorageKey("force_login"), "true");
551
563
  if (logoutInProgress === "true") setStorage(getStorageKey("logout_in_progress"), "true");
552
564
  if (preservedTenantKey) setStorage(getStorageKey("preserved_tenant_key"), preservedTenantKey);
@@ -1464,8 +1476,17 @@ async function refreshAccessToken() {
1464
1476
  const refreshToken = getRefreshToken();
1465
1477
  const clientId = getClientId();
1466
1478
  const tenantId = getTenantId();
1479
+ logger.debug("Token refresh - collected data", {
1480
+ hasRefreshToken: !!refreshToken,
1481
+ clientId,
1482
+ tenantId
1483
+ });
1467
1484
  if (!refreshToken || !clientId || !tenantId) {
1468
- logger.error("Token refresh failed: missing required data");
1485
+ logger.error("Token refresh failed: missing required data", {
1486
+ hasRefreshToken: !!refreshToken,
1487
+ hasClientId: !!clientId,
1488
+ hasTenantId: !!tenantId
1489
+ });
1469
1490
  throw new Error("Cannot refresh token: missing required data");
1470
1491
  }
1471
1492
  const apiAuthBaseUrl = Config.getApiAuthBaseUrl();
@@ -1480,8 +1501,7 @@ async function refreshAccessToken() {
1480
1501
  method: "POST",
1481
1502
  headers: {
1482
1503
  "Content-Type": "application/x-www-form-urlencoded",
1483
- "__tenant": tenantId,
1484
- "Accept": "*/*"
1504
+ "Accept": "application/json"
1485
1505
  },
1486
1506
  body: body.toString()
1487
1507
  });
@@ -2475,13 +2495,28 @@ function stopStorageWatcher() {
2475
2495
  // src/utils/cookies.ts
2476
2496
  function clearClientCookies() {
2477
2497
  try {
2498
+ if (typeof document === "undefined" || typeof window === "undefined") return;
2478
2499
  const cookies = document.cookie.split(";");
2500
+ const hostname = window.location.hostname;
2501
+ const hostParts = hostname.split(".").filter(Boolean);
2502
+ const domainsToTry = [hostname];
2503
+ if (hostParts.length > 1) {
2504
+ for (let i = hostParts.length - 2; i >= 0; i--) {
2505
+ const parent = "." + hostParts.slice(i).join(".");
2506
+ if (!domainsToTry.includes(parent)) domainsToTry.push(parent);
2507
+ }
2508
+ }
2509
+ const pathsToTry = ["/", window.location.pathname || "/"].filter(Boolean);
2479
2510
  for (const cookie of cookies) {
2480
2511
  const eqPos = cookie.indexOf("=");
2481
2512
  const name = eqPos > -1 ? cookie.slice(0, eqPos).trim() : cookie.trim();
2482
2513
  if (!name) continue;
2483
- document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/`;
2484
- document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;domain=${window.location.hostname}`;
2514
+ for (const path of pathsToTry) {
2515
+ document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path}`;
2516
+ for (const domain of domainsToTry) {
2517
+ document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path};domain=${domain}`;
2518
+ }
2519
+ }
2485
2520
  }
2486
2521
  logger.debug("Client-side cookies cleared (best-effort)");
2487
2522
  } catch (error) {
@@ -2547,6 +2582,13 @@ async function callServerLogout(logoutUrl) {
2547
2582
  }
2548
2583
  function performLocalLogoutCleanup() {
2549
2584
  logger.debug("Performing local logout cleanup");
2585
+ try {
2586
+ getAuthRuntime()?.clearCookies?.clearCookies();
2587
+ } catch (error) {
2588
+ logger.debug("Runtime cookie clearer failed (ignored)", {
2589
+ error: error instanceof Error ? error.message : String(error)
2590
+ });
2591
+ }
2550
2592
  clearClientCookies();
2551
2593
  clearAllStorage();
2552
2594
  logger.info("Local logout cleanup completed");
@@ -2633,7 +2675,7 @@ var PUBLIC_CODE_PREFIX = "public-";
2633
2675
  function getTenantByCodeUrl(tenantCode) {
2634
2676
  const apiTenantResolutionBaseUrl = getResolvedTenantBaseUrl();
2635
2677
  const base = apiTenantResolutionBaseUrl.replace(/\/api\/v1\/?$/, "") || apiTenantResolutionBaseUrl;
2636
- return `${base}/api/tenant/v1/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;
2678
+ return `${base}/api/v1/tenant/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;
2637
2679
  }
2638
2680
  async function resolveTenant(tenantKey) {
2639
2681
  if (!tenantKey || tenantKey.trim() === "") {