From 75e763264a684a6352d02e54f11f10261ae96afc Mon Sep 17 00:00:00 2001 From: Guillaume Chervet Date: Fri, 24 Jan 2025 18:30:19 +0100 Subject: [PATCH 1/3] fix(oidc): refresh silent signin scope=null --- packages/oidc-client/src/keepSession.ts | 4 ++-- packages/oidc-client/src/login.ts | 24 ++++++++++++------------ packages/oidc-client/src/oidc.ts | 7 ++++--- packages/oidc-client/src/silentLogin.ts | 1 - 4 files changed, 18 insertions(+), 18 deletions(-) diff --git a/packages/oidc-client/src/keepSession.ts b/packages/oidc-client/src/keepSession.ts index eda987b4a..4f680e71b 100644 --- a/packages/oidc-client/src/keepSession.ts +++ b/packages/oidc-client/src/keepSession.ts @@ -30,7 +30,7 @@ export const tryKeepSessionAsync = async (oidc: Oidc) => { oidc.tokens = tokens; const getLoginParams = serviceWorker.getLoginParams(oidc.configurationName); // @ts-ignore - oidc.timeoutId = autoRenewTokens(oidc, oidc.tokens.expiresAt, getLoginParams.extras); + oidc.timeoutId = autoRenewTokens(oidc, oidc.tokens.expiresAt, getLoginParams.extras, getLoginParams.scope); const sessionState = await serviceWorker.getSessionStateAsync(); // @ts-ignore await oidc.startCheckSessionAsync( @@ -64,7 +64,7 @@ export const tryKeepSessionAsync = async (oidc: Oidc) => { oidc.tokens = setTokens(tokens, null, configuration.token_renew_mode); const getLoginParams = session.getLoginParams(); // @ts-ignore - oidc.timeoutId = autoRenewTokens(oidc, oidc.tokens.expiresAt, getLoginParams.extras); + oidc.timeoutId = autoRenewTokens(oidc, oidc.tokens.expiresAt, getLoginParams.extras, getLoginParams.scope); const sessionState = await session.getSessionStateAsync(); // @ts-ignore await oidc.startCheckSessionAsync( diff --git a/packages/oidc-client/src/login.ts b/packages/oidc-client/src/login.ts index 3f8ccf9fc..0907481bb 100644 --- a/packages/oidc-client/src/login.ts +++ b/packages/oidc-client/src/login.ts @@ -63,14 +63,14 @@ export const defaultLoginAsync = ); let storage; if (serviceWorker) { - serviceWorker.setLoginParams({ callbackPath: url, extras: originExtras }); + serviceWorker.setLoginParams({ callbackPath: url, extras: originExtras, scope: scope }); await serviceWorker.initAsync(oidcServerConfiguration, 'loginAsync', configuration); await serviceWorker.setNonceAsync(nonce); serviceWorker.startKeepAliveServiceWorker(); storage = serviceWorker; } else { const session = initSession(configurationName, configuration.storage ?? sessionStorage); - session.setLoginParams({ callbackPath: url, extras: originExtras }); + session.setLoginParams({ callbackPath: url, extras: originExtras, scope: scope }); await session.setNonceAsync(nonce); storage = session; } @@ -138,25 +138,23 @@ export const loginCallbackAsync = state = await session.getStateAsync(); storage = session; } - - const params = getParseQueryStringFromLocation(href); - - if (params.error || params.error_description) { - throw new Error(`Error from OIDC server: ${params.error} - ${params.error_description}`); + + if (queryParams.error || queryParams.error_description) { + throw new Error(`Error from OIDC server: ${queryParams.error} - ${queryParams.error_description}`); } - if (params.iss && params.iss !== oidcServerConfiguration.issuer) { + if (queryParams.iss && queryParams.iss !== oidcServerConfiguration.issuer) { console.error(); throw new Error( - `Issuer not valid (expected: ${oidcServerConfiguration.issuer}, received: ${params.iss})`, + `Issuer not valid (expected: ${oidcServerConfiguration.issuer}, received: ${queryParams.iss})`, ); } - if (params.state && params.state !== state) { - throw new Error(`State not valid (expected: ${state}, received: ${params.state})`); + if (queryParams.state && queryParams.state !== state) { + throw new Error(`State not valid (expected: ${state}, received: ${queryParams.state})`); } const data = { - code: params.code, + code: queryParams.code, grant_type: 'authorization_code', client_id: configuration.client_id, redirect_uri: redirectUri, @@ -269,6 +267,8 @@ export const loginCallbackAsync = tokens: formattedTokens, state: 'request.state', callbackPath: loginParams.callbackPath, + scope: queryParams.scope, + extras: loginParams.extras, }; } catch (exception) { console.error(exception); diff --git a/packages/oidc-client/src/oidc.ts b/packages/oidc-client/src/oidc.ts index 0c7f12c11..ef3902c1a 100644 --- a/packages/oidc-client/src/oidc.ts +++ b/packages/oidc-client/src/oidc.ts @@ -77,8 +77,8 @@ export type InternalLoginCallback = { }; const loginCallbackWithAutoTokensRenewAsync = async (oidc): Promise => { - const { parsedTokens, callbackPath } = await oidc.loginCallbackAsync(); - oidc.timeoutId = autoRenewTokens(oidc, parsedTokens.expiresAt); + const { parsedTokens, callbackPath, extras, scope } = await oidc.loginCallbackAsync(); + oidc.timeoutId = autoRenewTokens(oidc, parsedTokens.expiresAt, extras, scope); return { callbackPath }; }; @@ -355,7 +355,7 @@ Please checkout that you are using OIDC hook inside a { @@ -427,6 +427,7 @@ Please checkout that you are using OIDC hook inside a { this.renewTokensPromise = null; diff --git a/packages/oidc-client/src/silentLogin.ts b/packages/oidc-client/src/silentLogin.ts index 8651a2794..d07b6e97d 100644 --- a/packages/oidc-client/src/silentLogin.ts +++ b/packages/oidc-client/src/silentLogin.ts @@ -25,7 +25,6 @@ export const _silentLoginAsync = if (!configuration.silent_redirect_uri || !configuration.silent_login_uri) { return Promise.resolve(null); } - try { publishEvent(eventNames.silentLoginAsync_begin, {}); let queries = ''; From 69f670015add442d34ad80e9e8a2e08bffefc51b Mon Sep 17 00:00:00 2001 From: Guillaume Chervet Date: Fri, 24 Jan 2025 18:33:22 +0100 Subject: [PATCH 2/3] ss --- packages/oidc-client/src/keepSession.ts | 14 ++++++++++++-- packages/oidc-client/src/login.ts | 6 ++++-- packages/oidc-client/src/oidc.ts | 12 +++++++++--- 3 files changed, 25 insertions(+), 7 deletions(-) diff --git a/packages/oidc-client/src/keepSession.ts b/packages/oidc-client/src/keepSession.ts index 4f680e71b..7d21b00cb 100644 --- a/packages/oidc-client/src/keepSession.ts +++ b/packages/oidc-client/src/keepSession.ts @@ -30,7 +30,12 @@ export const tryKeepSessionAsync = async (oidc: Oidc) => { oidc.tokens = tokens; const getLoginParams = serviceWorker.getLoginParams(oidc.configurationName); // @ts-ignore - oidc.timeoutId = autoRenewTokens(oidc, oidc.tokens.expiresAt, getLoginParams.extras, getLoginParams.scope); + oidc.timeoutId = autoRenewTokens( + oidc, + oidc.tokens.expiresAt, + getLoginParams.extras, + getLoginParams.scope, + ); const sessionState = await serviceWorker.getSessionStateAsync(); // @ts-ignore await oidc.startCheckSessionAsync( @@ -64,7 +69,12 @@ export const tryKeepSessionAsync = async (oidc: Oidc) => { oidc.tokens = setTokens(tokens, null, configuration.token_renew_mode); const getLoginParams = session.getLoginParams(); // @ts-ignore - oidc.timeoutId = autoRenewTokens(oidc, oidc.tokens.expiresAt, getLoginParams.extras, getLoginParams.scope); + oidc.timeoutId = autoRenewTokens( + oidc, + oidc.tokens.expiresAt, + getLoginParams.extras, + getLoginParams.scope, + ); const sessionState = await session.getSessionStateAsync(); // @ts-ignore await oidc.startCheckSessionAsync( diff --git a/packages/oidc-client/src/login.ts b/packages/oidc-client/src/login.ts index 0907481bb..d4bec6852 100644 --- a/packages/oidc-client/src/login.ts +++ b/packages/oidc-client/src/login.ts @@ -138,9 +138,11 @@ export const loginCallbackAsync = state = await session.getStateAsync(); storage = session; } - + if (queryParams.error || queryParams.error_description) { - throw new Error(`Error from OIDC server: ${queryParams.error} - ${queryParams.error_description}`); + throw new Error( + `Error from OIDC server: ${queryParams.error} - ${queryParams.error_description}`, + ); } if (queryParams.iss && queryParams.iss !== oidcServerConfiguration.issuer) { diff --git a/packages/oidc-client/src/oidc.ts b/packages/oidc-client/src/oidc.ts index ef3902c1a..8204ca8d7 100644 --- a/packages/oidc-client/src/oidc.ts +++ b/packages/oidc-client/src/oidc.ts @@ -77,7 +77,7 @@ export type InternalLoginCallback = { }; const loginCallbackWithAutoTokensRenewAsync = async (oidc): Promise => { - const { parsedTokens, callbackPath, extras, scope } = await oidc.loginCallbackAsync(); + const { parsedTokens, callbackPath, extras, scope } = await oidc.loginCallbackAsync(); oidc.timeoutId = autoRenewTokens(oidc, parsedTokens.expiresAt, extras, scope); return { callbackPath }; }; @@ -355,7 +355,13 @@ Please checkout that you are using OIDC hook inside a { @@ -427,7 +433,7 @@ Please checkout that you are using OIDC hook inside a { this.renewTokensPromise = null; From 032bc69efaec424a4e7c74da2a598973ef301b59 Mon Sep 17 00:00:00 2001 From: Guillaume Chervet Date: Fri, 24 Jan 2025 18:36:54 +0100 Subject: [PATCH 3/3] sss --- packages/oidc-client/src/oidc.ts | 3 +++ 1 file changed, 3 insertions(+) diff --git a/packages/oidc-client/src/oidc.ts b/packages/oidc-client/src/oidc.ts index 8204ca8d7..0822313e3 100644 --- a/packages/oidc-client/src/oidc.ts +++ b/packages/oidc-client/src/oidc.ts @@ -73,7 +73,10 @@ export type LoginCallback = { export type InternalLoginCallback = { callbackPath: string; + state: string; parsedTokens: Tokens; + scope: string; + extras: StringMap; }; const loginCallbackWithAutoTokensRenewAsync = async (oidc): Promise => {