tenneo-auth-plugin 0.1.5 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.mjs CHANGED
@@ -534,12 +534,24 @@ function clearAllCookies() {
534
534
  } catch {
535
535
  }
536
536
  }
537
+ function clearAllBrowserStorage() {
538
+ if (typeof window === "undefined") return;
539
+ try {
540
+ window.localStorage?.clear();
541
+ } catch {
542
+ }
543
+ try {
544
+ window.sessionStorage?.clear();
545
+ } catch {
546
+ }
547
+ }
537
548
  function clearAllStorage() {
538
549
  const forceLogin = getStorage(getStorageKey("force_login"));
539
550
  const logoutInProgress = getStorage(getStorageKey("logout_in_progress"));
540
551
  const preservedTenantKey = getStorage(getStorageKey("preserved_tenant_key"));
541
552
  clearAuthSessionStorage();
542
553
  clearAuthStorage();
554
+ clearAllBrowserStorage();
543
555
  if (forceLogin === "true") setStorage(getStorageKey("force_login"), "true");
544
556
  if (logoutInProgress === "true") setStorage(getStorageKey("logout_in_progress"), "true");
545
557
  if (preservedTenantKey) setStorage(getStorageKey("preserved_tenant_key"), preservedTenantKey);
@@ -1457,8 +1469,17 @@ async function refreshAccessToken() {
1457
1469
  const refreshToken = getRefreshToken();
1458
1470
  const clientId = getClientId();
1459
1471
  const tenantId = getTenantId();
1472
+ logger.debug("Token refresh - collected data", {
1473
+ hasRefreshToken: !!refreshToken,
1474
+ clientId,
1475
+ tenantId
1476
+ });
1460
1477
  if (!refreshToken || !clientId || !tenantId) {
1461
- logger.error("Token refresh failed: missing required data");
1478
+ logger.error("Token refresh failed: missing required data", {
1479
+ hasRefreshToken: !!refreshToken,
1480
+ hasClientId: !!clientId,
1481
+ hasTenantId: !!tenantId
1482
+ });
1462
1483
  throw new Error("Cannot refresh token: missing required data");
1463
1484
  }
1464
1485
  const apiAuthBaseUrl = Config.getApiAuthBaseUrl();
@@ -1473,8 +1494,7 @@ async function refreshAccessToken() {
1473
1494
  method: "POST",
1474
1495
  headers: {
1475
1496
  "Content-Type": "application/x-www-form-urlencoded",
1476
- "__tenant": tenantId,
1477
- "Accept": "*/*"
1497
+ "Accept": "application/json"
1478
1498
  },
1479
1499
  body: body.toString()
1480
1500
  });
@@ -1978,6 +1998,8 @@ function setDefaultAuthEngine(engine) {
1978
1998
  }
1979
1999
 
1980
2000
  // src/application/token.ts
2001
+ var lastNoRefreshLog = 0;
2002
+ var NO_REFRESH_LOG_INTERVAL_MS = 5e3;
1981
2003
  async function ensureValidAccessToken() {
1982
2004
  const engine = getDefaultAuthEngine();
1983
2005
  if (engine) {
@@ -1990,7 +2012,11 @@ async function ensureValidAccessToken() {
1990
2012
  if (token && !isAccessTokenExpired()) return token;
1991
2013
  const refreshToken = getRefreshToken();
1992
2014
  if (!refreshToken) {
1993
- logger.debug("No refresh token - cannot refresh; login required");
2015
+ const now = Date.now();
2016
+ if (now - lastNoRefreshLog >= NO_REFRESH_LOG_INTERVAL_MS) {
2017
+ lastNoRefreshLog = now;
2018
+ logger.debug("No refresh token - cannot refresh; login required");
2019
+ }
1994
2020
  throw new Error("No refresh token; login required");
1995
2021
  }
1996
2022
  return await refreshAccessToken();
@@ -2468,13 +2494,28 @@ function stopStorageWatcher() {
2468
2494
  // src/utils/cookies.ts
2469
2495
  function clearClientCookies() {
2470
2496
  try {
2497
+ if (typeof document === "undefined" || typeof window === "undefined") return;
2471
2498
  const cookies = document.cookie.split(";");
2499
+ const hostname = window.location.hostname;
2500
+ const hostParts = hostname.split(".").filter(Boolean);
2501
+ const domainsToTry = [hostname];
2502
+ if (hostParts.length > 1) {
2503
+ for (let i = hostParts.length - 2; i >= 0; i--) {
2504
+ const parent = "." + hostParts.slice(i).join(".");
2505
+ if (!domainsToTry.includes(parent)) domainsToTry.push(parent);
2506
+ }
2507
+ }
2508
+ const pathsToTry = ["/", window.location.pathname || "/"].filter(Boolean);
2472
2509
  for (const cookie of cookies) {
2473
2510
  const eqPos = cookie.indexOf("=");
2474
2511
  const name = eqPos > -1 ? cookie.slice(0, eqPos).trim() : cookie.trim();
2475
2512
  if (!name) continue;
2476
- document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/`;
2477
- document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;domain=${window.location.hostname}`;
2513
+ for (const path of pathsToTry) {
2514
+ document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path}`;
2515
+ for (const domain of domainsToTry) {
2516
+ document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path};domain=${domain}`;
2517
+ }
2518
+ }
2478
2519
  }
2479
2520
  logger.debug("Client-side cookies cleared (best-effort)");
2480
2521
  } catch (error) {
@@ -2540,6 +2581,13 @@ async function callServerLogout(logoutUrl) {
2540
2581
  }
2541
2582
  function performLocalLogoutCleanup() {
2542
2583
  logger.debug("Performing local logout cleanup");
2584
+ try {
2585
+ getAuthRuntime()?.clearCookies?.clearCookies();
2586
+ } catch (error) {
2587
+ logger.debug("Runtime cookie clearer failed (ignored)", {
2588
+ error: error instanceof Error ? error.message : String(error)
2589
+ });
2590
+ }
2543
2591
  clearClientCookies();
2544
2592
  clearAllStorage();
2545
2593
  logger.info("Local logout cleanup completed");
@@ -2626,7 +2674,7 @@ var PUBLIC_CODE_PREFIX = "public-";
2626
2674
  function getTenantByCodeUrl(tenantCode) {
2627
2675
  const apiTenantResolutionBaseUrl = getResolvedTenantBaseUrl();
2628
2676
  const base = apiTenantResolutionBaseUrl.replace(/\/api\/v1\/?$/, "") || apiTenantResolutionBaseUrl;
2629
- return `${base}/api/tenant/v1/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;
2677
+ return `${base}/api/v1/tenant/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;
2630
2678
  }
2631
2679
  async function resolveTenant(tenantKey) {
2632
2680
  if (!tenantKey || tenantKey.trim() === "") {