tenneo-auth-plugin 0.1.5 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.js CHANGED
@@ -541,12 +541,24 @@ function clearAllCookies() {
541
541
  } catch {
542
542
  }
543
543
  }
544
+ function clearAllBrowserStorage() {
545
+ if (typeof window === "undefined") return;
546
+ try {
547
+ window.localStorage?.clear();
548
+ } catch {
549
+ }
550
+ try {
551
+ window.sessionStorage?.clear();
552
+ } catch {
553
+ }
554
+ }
544
555
  function clearAllStorage() {
545
556
  const forceLogin = getStorage(getStorageKey("force_login"));
546
557
  const logoutInProgress = getStorage(getStorageKey("logout_in_progress"));
547
558
  const preservedTenantKey = getStorage(getStorageKey("preserved_tenant_key"));
548
559
  clearAuthSessionStorage();
549
560
  clearAuthStorage();
561
+ clearAllBrowserStorage();
550
562
  if (forceLogin === "true") setStorage(getStorageKey("force_login"), "true");
551
563
  if (logoutInProgress === "true") setStorage(getStorageKey("logout_in_progress"), "true");
552
564
  if (preservedTenantKey) setStorage(getStorageKey("preserved_tenant_key"), preservedTenantKey);
@@ -1464,8 +1476,17 @@ async function refreshAccessToken() {
1464
1476
  const refreshToken = getRefreshToken();
1465
1477
  const clientId = getClientId();
1466
1478
  const tenantId = getTenantId();
1479
+ logger.debug("Token refresh - collected data", {
1480
+ hasRefreshToken: !!refreshToken,
1481
+ clientId,
1482
+ tenantId
1483
+ });
1467
1484
  if (!refreshToken || !clientId || !tenantId) {
1468
- logger.error("Token refresh failed: missing required data");
1485
+ logger.error("Token refresh failed: missing required data", {
1486
+ hasRefreshToken: !!refreshToken,
1487
+ hasClientId: !!clientId,
1488
+ hasTenantId: !!tenantId
1489
+ });
1469
1490
  throw new Error("Cannot refresh token: missing required data");
1470
1491
  }
1471
1492
  const apiAuthBaseUrl = Config.getApiAuthBaseUrl();
@@ -1480,8 +1501,7 @@ async function refreshAccessToken() {
1480
1501
  method: "POST",
1481
1502
  headers: {
1482
1503
  "Content-Type": "application/x-www-form-urlencoded",
1483
- "__tenant": tenantId,
1484
- "Accept": "*/*"
1504
+ "Accept": "application/json"
1485
1505
  },
1486
1506
  body: body.toString()
1487
1507
  });
@@ -1985,6 +2005,8 @@ function setDefaultAuthEngine(engine) {
1985
2005
  }
1986
2006
 
1987
2007
  // src/application/token.ts
2008
+ var lastNoRefreshLog = 0;
2009
+ var NO_REFRESH_LOG_INTERVAL_MS = 5e3;
1988
2010
  async function ensureValidAccessToken() {
1989
2011
  const engine = getDefaultAuthEngine();
1990
2012
  if (engine) {
@@ -1997,7 +2019,11 @@ async function ensureValidAccessToken() {
1997
2019
  if (token && !isAccessTokenExpired()) return token;
1998
2020
  const refreshToken = getRefreshToken();
1999
2021
  if (!refreshToken) {
2000
- logger.debug("No refresh token - cannot refresh; login required");
2022
+ const now = Date.now();
2023
+ if (now - lastNoRefreshLog >= NO_REFRESH_LOG_INTERVAL_MS) {
2024
+ lastNoRefreshLog = now;
2025
+ logger.debug("No refresh token - cannot refresh; login required");
2026
+ }
2001
2027
  throw new Error("No refresh token; login required");
2002
2028
  }
2003
2029
  return await refreshAccessToken();
@@ -2475,13 +2501,28 @@ function stopStorageWatcher() {
2475
2501
  // src/utils/cookies.ts
2476
2502
  function clearClientCookies() {
2477
2503
  try {
2504
+ if (typeof document === "undefined" || typeof window === "undefined") return;
2478
2505
  const cookies = document.cookie.split(";");
2506
+ const hostname = window.location.hostname;
2507
+ const hostParts = hostname.split(".").filter(Boolean);
2508
+ const domainsToTry = [hostname];
2509
+ if (hostParts.length > 1) {
2510
+ for (let i = hostParts.length - 2; i >= 0; i--) {
2511
+ const parent = "." + hostParts.slice(i).join(".");
2512
+ if (!domainsToTry.includes(parent)) domainsToTry.push(parent);
2513
+ }
2514
+ }
2515
+ const pathsToTry = ["/", window.location.pathname || "/"].filter(Boolean);
2479
2516
  for (const cookie of cookies) {
2480
2517
  const eqPos = cookie.indexOf("=");
2481
2518
  const name = eqPos > -1 ? cookie.slice(0, eqPos).trim() : cookie.trim();
2482
2519
  if (!name) continue;
2483
- document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/`;
2484
- document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;domain=${window.location.hostname}`;
2520
+ for (const path of pathsToTry) {
2521
+ document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path}`;
2522
+ for (const domain of domainsToTry) {
2523
+ document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path};domain=${domain}`;
2524
+ }
2525
+ }
2485
2526
  }
2486
2527
  logger.debug("Client-side cookies cleared (best-effort)");
2487
2528
  } catch (error) {
@@ -2547,6 +2588,13 @@ async function callServerLogout(logoutUrl) {
2547
2588
  }
2548
2589
  function performLocalLogoutCleanup() {
2549
2590
  logger.debug("Performing local logout cleanup");
2591
+ try {
2592
+ getAuthRuntime()?.clearCookies?.clearCookies();
2593
+ } catch (error) {
2594
+ logger.debug("Runtime cookie clearer failed (ignored)", {
2595
+ error: error instanceof Error ? error.message : String(error)
2596
+ });
2597
+ }
2550
2598
  clearClientCookies();
2551
2599
  clearAllStorage();
2552
2600
  logger.info("Local logout cleanup completed");
@@ -2633,7 +2681,7 @@ var PUBLIC_CODE_PREFIX = "public-";
2633
2681
  function getTenantByCodeUrl(tenantCode) {
2634
2682
  const apiTenantResolutionBaseUrl = getResolvedTenantBaseUrl();
2635
2683
  const base = apiTenantResolutionBaseUrl.replace(/\/api\/v1\/?$/, "") || apiTenantResolutionBaseUrl;
2636
- return `${base}/api/tenant/v1/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;
2684
+ return `${base}/api/v1/tenant/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;
2637
2685
  }
2638
2686
  async function resolveTenant(tenantKey) {
2639
2687
  if (!tenantKey || tenantKey.trim() === "") {