tenneo-auth-plugin 0.1.5 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.mjs CHANGED
@@ -534,12 +534,24 @@ function clearAllCookies() {
534
534
  } catch {
535
535
  }
536
536
  }
537
+ function clearAllBrowserStorage() {
538
+ if (typeof window === "undefined") return;
539
+ try {
540
+ window.localStorage?.clear();
541
+ } catch {
542
+ }
543
+ try {
544
+ window.sessionStorage?.clear();
545
+ } catch {
546
+ }
547
+ }
537
548
  function clearAllStorage() {
538
549
  const forceLogin = getStorage(getStorageKey("force_login"));
539
550
  const logoutInProgress = getStorage(getStorageKey("logout_in_progress"));
540
551
  const preservedTenantKey = getStorage(getStorageKey("preserved_tenant_key"));
541
552
  clearAuthSessionStorage();
542
553
  clearAuthStorage();
554
+ clearAllBrowserStorage();
543
555
  if (forceLogin === "true") setStorage(getStorageKey("force_login"), "true");
544
556
  if (logoutInProgress === "true") setStorage(getStorageKey("logout_in_progress"), "true");
545
557
  if (preservedTenantKey) setStorage(getStorageKey("preserved_tenant_key"), preservedTenantKey);
@@ -1457,8 +1469,17 @@ async function refreshAccessToken() {
1457
1469
  const refreshToken = getRefreshToken();
1458
1470
  const clientId = getClientId();
1459
1471
  const tenantId = getTenantId();
1472
+ logger.debug("Token refresh - collected data", {
1473
+ hasRefreshToken: !!refreshToken,
1474
+ clientId,
1475
+ tenantId
1476
+ });
1460
1477
  if (!refreshToken || !clientId || !tenantId) {
1461
- logger.error("Token refresh failed: missing required data");
1478
+ logger.error("Token refresh failed: missing required data", {
1479
+ hasRefreshToken: !!refreshToken,
1480
+ hasClientId: !!clientId,
1481
+ hasTenantId: !!tenantId
1482
+ });
1462
1483
  throw new Error("Cannot refresh token: missing required data");
1463
1484
  }
1464
1485
  const apiAuthBaseUrl = Config.getApiAuthBaseUrl();
@@ -1473,8 +1494,7 @@ async function refreshAccessToken() {
1473
1494
  method: "POST",
1474
1495
  headers: {
1475
1496
  "Content-Type": "application/x-www-form-urlencoded",
1476
- "__tenant": tenantId,
1477
- "Accept": "*/*"
1497
+ "Accept": "application/json"
1478
1498
  },
1479
1499
  body: body.toString()
1480
1500
  });
@@ -2468,13 +2488,28 @@ function stopStorageWatcher() {
2468
2488
  // src/utils/cookies.ts
2469
2489
  function clearClientCookies() {
2470
2490
  try {
2491
+ if (typeof document === "undefined" || typeof window === "undefined") return;
2471
2492
  const cookies = document.cookie.split(";");
2493
+ const hostname = window.location.hostname;
2494
+ const hostParts = hostname.split(".").filter(Boolean);
2495
+ const domainsToTry = [hostname];
2496
+ if (hostParts.length > 1) {
2497
+ for (let i = hostParts.length - 2; i >= 0; i--) {
2498
+ const parent = "." + hostParts.slice(i).join(".");
2499
+ if (!domainsToTry.includes(parent)) domainsToTry.push(parent);
2500
+ }
2501
+ }
2502
+ const pathsToTry = ["/", window.location.pathname || "/"].filter(Boolean);
2472
2503
  for (const cookie of cookies) {
2473
2504
  const eqPos = cookie.indexOf("=");
2474
2505
  const name = eqPos > -1 ? cookie.slice(0, eqPos).trim() : cookie.trim();
2475
2506
  if (!name) continue;
2476
- document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/`;
2477
- document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;domain=${window.location.hostname}`;
2507
+ for (const path of pathsToTry) {
2508
+ document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path}`;
2509
+ for (const domain of domainsToTry) {
2510
+ document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path};domain=${domain}`;
2511
+ }
2512
+ }
2478
2513
  }
2479
2514
  logger.debug("Client-side cookies cleared (best-effort)");
2480
2515
  } catch (error) {
@@ -2540,6 +2575,13 @@ async function callServerLogout(logoutUrl) {
2540
2575
  }
2541
2576
  function performLocalLogoutCleanup() {
2542
2577
  logger.debug("Performing local logout cleanup");
2578
+ try {
2579
+ getAuthRuntime()?.clearCookies?.clearCookies();
2580
+ } catch (error) {
2581
+ logger.debug("Runtime cookie clearer failed (ignored)", {
2582
+ error: error instanceof Error ? error.message : String(error)
2583
+ });
2584
+ }
2543
2585
  clearClientCookies();
2544
2586
  clearAllStorage();
2545
2587
  logger.info("Local logout cleanup completed");
@@ -2626,7 +2668,7 @@ var PUBLIC_CODE_PREFIX = "public-";
2626
2668
  function getTenantByCodeUrl(tenantCode) {
2627
2669
  const apiTenantResolutionBaseUrl = getResolvedTenantBaseUrl();
2628
2670
  const base = apiTenantResolutionBaseUrl.replace(/\/api\/v1\/?$/, "") || apiTenantResolutionBaseUrl;
2629
- return `${base}/api/tenant/v1/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;
2671
+ return `${base}/api/v1/tenant/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;
2630
2672
  }
2631
2673
  async function resolveTenant(tenantKey) {
2632
2674
  if (!tenantKey || tenantKey.trim() === "") {