valtech-components 4.0.47 → 4.0.49
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/esm2022/lib/components/atoms/splash/splash.component.mjs +45 -0
- package/esm2022/lib/components/organisms/auth-cta/auth-cta.component.mjs +18 -5
- package/esm2022/lib/services/auth/auth.service.mjs +28 -26
- package/esm2022/lib/services/auth/oauth-callback.component.mjs +63 -17
- package/esm2022/lib/services/auth/oauth.service.mjs +14 -10
- package/esm2022/lib/services/auth/storage.service.mjs +11 -7
- package/esm2022/lib/version.mjs +2 -2
- package/esm2022/public-api.mjs +2 -1
- package/fesm2022/valtech-components.mjs +168 -61
- package/fesm2022/valtech-components.mjs.map +1 -1
- package/lib/components/atoms/splash/splash.component.d.ts +23 -0
- package/lib/components/organisms/auth-cta/auth-cta.component.d.ts +12 -0
- package/lib/services/auth/oauth-callback.component.d.ts +21 -1
- package/lib/services/auth/oauth.service.d.ts +6 -7
- package/lib/services/auth/storage.service.d.ts +1 -1
- package/lib/version.d.ts +1 -1
- package/package.json +1 -1
- package/public-api.d.ts +1 -0
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import * as i0 from "@angular/core";
|
|
2
|
+
/**
|
|
3
|
+
* `val-splash` — splash a pantalla completa reutilizable, idéntico al de arranque
|
|
4
|
+
* de la app (`.app-splash` del `index.html`): logo centrado con pulse, fondo
|
|
5
|
+
* claro/oscuro vía `prefers-color-scheme`. Para cargas fundamentales dentro de la
|
|
6
|
+
* app (p.ej. el callback OAuth) que deben verse iguales al arranque, en vez de
|
|
7
|
+
* un segundo loader casi-duplicado.
|
|
8
|
+
*
|
|
9
|
+
* El logo apunta por defecto a `assets/images/main-{light,dark}.svg` — los mismos
|
|
10
|
+
* assets de la app consumer que usa el splash de `index.html` — y resuelven en
|
|
11
|
+
* runtime contra la app. Override por inputs si hace falta. Fondo overridable con
|
|
12
|
+
* las CSS vars `--val-splash-bg` / `--val-splash-bg-dark`.
|
|
13
|
+
*/
|
|
14
|
+
export declare class SplashComponent {
|
|
15
|
+
/** Logo para tema claro. Default = asset de la app (igual que index.html). */
|
|
16
|
+
readonly logoLight: import("@angular/core").InputSignal<string>;
|
|
17
|
+
/** Logo para tema oscuro (vía prefers-color-scheme). */
|
|
18
|
+
readonly logoDark: import("@angular/core").InputSignal<string>;
|
|
19
|
+
/** Texto alternativo del logo. */
|
|
20
|
+
readonly alt: import("@angular/core").InputSignal<string>;
|
|
21
|
+
static ɵfac: i0.ɵɵFactoryDeclaration<SplashComponent, never>;
|
|
22
|
+
static ɵcmp: i0.ɵɵComponentDeclaration<SplashComponent, "val-splash", never, { "logoLight": { "alias": "logoLight"; "required": false; "isSignal": true; }; "logoDark": { "alias": "logoDark"; "required": false; "isSignal": true; }; "alt": { "alias": "alt"; "required": false; "isSignal": true; }; }, {}, never, never, true, never>;
|
|
23
|
+
}
|
|
@@ -38,6 +38,18 @@ export declare class AuthCtaComponent {
|
|
|
38
38
|
config: import("@angular/core").Signal<AuthCtaMetadata & Required<Pick<AuthCtaMetadata, "borderRadius" | "align" | "padding">>>;
|
|
39
39
|
loginLabel: import("@angular/core").Signal<string>;
|
|
40
40
|
registerLabel: import("@angular/core").Signal<string>;
|
|
41
|
+
topLogoProps: import("@angular/core").Signal<{
|
|
42
|
+
src: string;
|
|
43
|
+
alt: string;
|
|
44
|
+
mode: "box";
|
|
45
|
+
shaded: boolean;
|
|
46
|
+
bordered: boolean;
|
|
47
|
+
size: "large";
|
|
48
|
+
alignment: "center";
|
|
49
|
+
flex: boolean;
|
|
50
|
+
width: number;
|
|
51
|
+
limited: boolean;
|
|
52
|
+
}>;
|
|
41
53
|
resolvedBg: import("@angular/core").Signal<string>;
|
|
42
54
|
static ɵfac: i0.ɵɵFactoryDeclaration<AuthCtaComponent, never>;
|
|
43
55
|
static ɵcmp: i0.ɵɵComponentDeclaration<AuthCtaComponent, "val-auth-cta", never, { "props": { "alias": "props"; "required": false; "isSignal": true; }; }, { "onLogin": "onLogin"; "onRegister": "onRegister"; }, never, never, true, never>;
|
|
@@ -1,4 +1,7 @@
|
|
|
1
1
|
import { OnInit } from '@angular/core';
|
|
2
|
+
import { Router } from '@angular/router';
|
|
3
|
+
import { ValtechAuthConfig } from './types';
|
|
4
|
+
import { AuthService } from './auth.service';
|
|
2
5
|
import * as i0 from "@angular/core";
|
|
3
6
|
/**
|
|
4
7
|
* Componente de callback para OAuth.
|
|
@@ -24,6 +27,9 @@ import * as i0 from "@angular/core";
|
|
|
24
27
|
* `/auth/oauth/callback?error=INVALID_CODE&error_description=...`
|
|
25
28
|
*/
|
|
26
29
|
export declare class OAuthCallbackComponent implements OnInit {
|
|
30
|
+
private router;
|
|
31
|
+
private authService;
|
|
32
|
+
private config;
|
|
27
33
|
message: string;
|
|
28
34
|
/**
|
|
29
35
|
* Nonce que el opener generó y pasó por el flujo (round-trip backend). Se
|
|
@@ -31,10 +37,24 @@ export declare class OAuthCallbackComponent implements OnInit {
|
|
|
31
37
|
* y rechace un oauth_callback_data forjado en localStorage por XSS (M-07).
|
|
32
38
|
*/
|
|
33
39
|
private clientNonce;
|
|
40
|
+
constructor(router: Router, authService: AuthService | null, config: ValtechAuthConfig | null);
|
|
34
41
|
ngOnInit(): void;
|
|
42
|
+
/**
|
|
43
|
+
* Indica si este callback corre como la VENTANA PRINCIPAL (flujo redirect),
|
|
44
|
+
* no como popup. El popup se abre con window.name 'oauth'/'oauth-link'
|
|
45
|
+
* (OAuthService), nombre que persiste aunque COOP anule window.opener tras el
|
|
46
|
+
* bounce cross-origin. En la ventana principal nadie consume el localStorage,
|
|
47
|
+
* así que el callback debe instalar la sesión y navegar él mismo.
|
|
48
|
+
*/
|
|
49
|
+
private isMainWindow;
|
|
50
|
+
/**
|
|
51
|
+
* Completa el login en la ventana principal: instala la sesión desde los
|
|
52
|
+
* tokens del callback y navega al home.
|
|
53
|
+
*/
|
|
54
|
+
private completeInMainWindow;
|
|
35
55
|
private processCallback;
|
|
36
56
|
private sendToParent;
|
|
37
57
|
private closeAfterDelay;
|
|
38
|
-
static ɵfac: i0.ɵɵFactoryDeclaration<OAuthCallbackComponent,
|
|
58
|
+
static ɵfac: i0.ɵɵFactoryDeclaration<OAuthCallbackComponent, [null, { optional: true; }, { optional: true; }]>;
|
|
39
59
|
static ɵcmp: i0.ɵɵComponentDeclaration<OAuthCallbackComponent, "val-oauth-callback", never, {}, {}, never, never, true, never>;
|
|
40
60
|
}
|
|
@@ -108,13 +108,12 @@ export declare class OAuthService {
|
|
|
108
108
|
/**
|
|
109
109
|
* Verifica que el callback traiga el nonce del flujo actual (M-07).
|
|
110
110
|
*
|
|
111
|
-
*
|
|
112
|
-
*
|
|
113
|
-
*
|
|
114
|
-
*
|
|
115
|
-
*
|
|
116
|
-
*
|
|
117
|
-
* (sin nonce) durante la ventana de transición.
|
|
111
|
+
* Tolerante a la transición: solo se EXIGE coincidencia cuando el callback
|
|
112
|
+
* trae un nonce. Si no lo trae (backend aún sin M-07 desplegado, p.ej. dev), no
|
|
113
|
+
* se bloquea el login. Cuando el backend echa `client_nonce` en todos lados, un
|
|
114
|
+
* callback forjado con un nonce distinto sí se rechaza. Un payload forjado por
|
|
115
|
+
* XSS que OMITA el nonce no se frena por acá, pero igual pasa por las
|
|
116
|
+
* validaciones de tipo/forma de `checkLocalStorageFallback`.
|
|
118
117
|
*/
|
|
119
118
|
private isNonceValid;
|
|
120
119
|
/**
|
package/lib/version.d.ts
CHANGED
package/package.json
CHANGED
package/public-api.d.ts
CHANGED
|
@@ -3,6 +3,7 @@ export * from './lib/directives/has-permission.directive';
|
|
|
3
3
|
export * from './lib/components/atoms/avatar/avatar.component';
|
|
4
4
|
export * from './lib/components/atoms/avatar/types';
|
|
5
5
|
export * from './lib/components/atoms/box/box.component';
|
|
6
|
+
export * from './lib/components/atoms/splash/splash.component';
|
|
6
7
|
export * from './lib/components/atoms/box/types';
|
|
7
8
|
export * from './lib/components/atoms/glow/glow.component';
|
|
8
9
|
export * from './lib/components/atoms/glow/types';
|