add hashRouterMode

docs/oidc-client-ts.api.md

@@ -264,6 +264,7 @@ export class MetadataService {
 
 // @public (undocumented)
 export interface NavigateParams {
+    hashRouterMode?: boolean;
     nonce?: string;
     // (undocumented)
     response_mode?: "query" | "fragment";
@@ -356,6 +357,7 @@ export interface OidcClientSettings {
     extraTokenParams?: Record<string, unknown>;
     fetchRequestCredentials?: RequestCredentials;
     filterProtocolClaims?: boolean | string[];
+    hashRouterMode?: boolean;
     loadUserInfo?: boolean;
     max_age?: number;
     mergeClaimsStrategy?: {
@@ -382,7 +384,7 @@ export interface OidcClientSettings {
 
 // @public
 export class OidcClientSettingsStore {
-    constructor({ authority, metadataUrl, metadata, signingKeys, metadataSeed, client_id, client_secret, response_type, scope, redirect_uri, post_logout_redirect_uri, client_authentication, prompt, display, max_age, ui_locales, acr_values, resource, response_mode, filterProtocolClaims, loadUserInfo, staleStateAgeInSeconds, mergeClaimsStrategy, disablePKCE, stateStore, revokeTokenAdditionalContentTypes, fetchRequestCredentials, refreshTokenAllowedScope, extraQueryParams, extraTokenParams, extraHeaders, }: OidcClientSettings);
+    constructor({ authority, metadataUrl, metadata, signingKeys, metadataSeed, client_id, client_secret, response_type, scope, redirect_uri, post_logout_redirect_uri, client_authentication, prompt, display, max_age, ui_locales, acr_values, resource, response_mode, hashRouterMode, filterProtocolClaims, loadUserInfo, staleStateAgeInSeconds, mergeClaimsStrategy, disablePKCE, stateStore, revokeTokenAdditionalContentTypes, fetchRequestCredentials, refreshTokenAllowedScope, extraQueryParams, extraTokenParams, extraHeaders, }: OidcClientSettings);
     // (undocumented)
     readonly acr_values: string | undefined;
     // (undocumented)
@@ -408,6 +410,8 @@ export class OidcClientSettingsStore {
     // (undocumented)
     readonly filterProtocolClaims: boolean | string[];
     // (undocumented)
+    readonly hashRouterMode: boolean;
+    // (undocumented)
     readonly loadUserInfo: boolean;
     // (undocumented)
     readonly max_age: number | undefined;

src/OidcClient.ts

@@ -144,7 +144,7 @@ export class OidcClient {
     public async readSigninResponseState(url: string, removeState = false): Promise<{ state: SigninState; response: SigninResponse }> {
         const logger = this._logger.create("readSigninResponseState");
 
-        const response = new SigninResponse(UrlUtils.readParams(url, this.settings.response_mode));
+        const response = new SigninResponse(UrlUtils.readParams(url, this.settings.response_mode, this.settings.hashRouterMode));
         if (!response.state) {
             logger.throw(new Error("No state in response"));
             // need to throw within this function's body for type narrowing to work
@@ -271,7 +271,7 @@ export class OidcClient {
     public async readSignoutResponseState(url: string, removeState = false): Promise<{ state: State | undefined; response: SignoutResponse }> {
         const logger = this._logger.create("readSignoutResponseState");
 
-        const response = new SignoutResponse(UrlUtils.readParams(url, this.settings.response_mode));
+        const response = new SignoutResponse(UrlUtils.readParams(url, this.settings.response_mode, this.settings.hashRouterMode));
         if (!response.state) {
             logger.debug("No state in response");
 

src/OidcClientSettings.ts

@@ -80,6 +80,8 @@ export interface OidcClientSettings {
      * @see https://openid.net/specs/oauth-v2-multiple-response-types-1_0.html#ResponseModes
      */
     response_mode?: "query" | "fragment";
+    /** Search for the callback parameters in the hash part of the URL */
+    hashRouterMode?: boolean;
 
     /**
      * Should optional OIDC protocol claims be removed from profile or specify the ones to be removed (default: true)
@@ -172,6 +174,7 @@ export class OidcClientSettingsStore {
     public readonly response_mode: "query" | "fragment" | undefined;
 
     // behavior flags
+    public readonly hashRouterMode: boolean;
     public readonly filterProtocolClaims: boolean | string[];
     public readonly loadUserInfo: boolean;
     public readonly staleStateAgeInSeconds: number;
@@ -199,6 +202,7 @@ export class OidcClientSettingsStore {
         // optional protocol
         prompt, display, max_age, ui_locales, acr_values, resource, response_mode,
         // behavior flags
+        hashRouterMode = false,
         filterProtocolClaims = true,
         loadUserInfo = false,
         staleStateAgeInSeconds = DefaultStaleStateAgeInSeconds,
@@ -249,6 +253,7 @@ export class OidcClientSettingsStore {
         this.resource = resource;
         this.response_mode = response_mode;
 
+        this.hashRouterMode = hashRouterMode;
         this.filterProtocolClaims = filterProtocolClaims ?? true;
         this.loadUserInfo = !!loadUserInfo;
         this.staleStateAgeInSeconds = staleStateAgeInSeconds;

src/UserManager.ts

@@ -480,6 +480,7 @@ export class UserManager {
                 url: signinRequest.url,
                 state: signinRequest.state.id,
                 response_mode: signinRequest.state.response_mode,
+                hashRouterMode: this.settings.hashRouterMode,
                 scriptOrigin: this.settings.iframeScriptOrigin,
             });
         }
@@ -624,6 +625,7 @@ export class UserManager {
             return await handle.navigate({
                 url: signoutRequest.url,
                 state: signoutRequest.state?.id,
+                hashRouterMode: this.settings.hashRouterMode,
                 scriptOrigin: this.settings.iframeScriptOrigin,
             });
         }

src/navigators/AbstractChildWindow.ts

@@ -43,7 +43,7 @@ export abstract class AbstractChildWindow implements IWindow {
                     return;
                 }
                 try {
-                    const state = UrlUtils.readParams(data.url, params.response_mode).get("state");
+                    const state = UrlUtils.readParams(data.url, params.response_mode, params.hashRouterMode).get("state");
                     if (!state) {
                         logger.warn("no state found in response url");
                     }

src/navigators/IWindow.ts

@@ -11,6 +11,8 @@ export interface NavigateParams {
     /** The request "state" parameter. For sign out requests, this parameter is optional. */
     state?: string;
     response_mode?: "query" | "fragment";
+    /** Search for the callback parameters in the hash part of the URL */
+    hashRouterMode?: boolean;
     scriptOrigin?: string;
 }
 

src/utils/UrlUtils.ts

@@ -5,16 +5,22 @@
  * @internal
  */
 export class UrlUtils {
-    public static readParams(url: string, responseMode: "query" | "fragment" = "query"): URLSearchParams {
+    public static readParams(url: string, responseMode: "query" | "fragment" = "query", hashRouterMode = false): URLSearchParams {
         if (!url) throw new TypeError("Invalid URL");
         // the base URL is irrelevant, it's just here to support relative url arguments
         const parsedUrl = new URL(url, "http://127.0.0.1");
-        const params = parsedUrl[responseMode === "fragment" ? "hash" : "search"];
-        return new URLSearchParams(params.slice(1));
+        let params: string;
+        if (!hashRouterMode) {
+            params = parsedUrl[responseMode === "fragment" ? "hash" : "search"].slice(1);
+        } else {
+            const route = parsedUrl.hash.substring(1); // remove first `#`
+            params = route.substring(route.indexOf(responseMode === "fragment" ? "#" : "?") + 1);
+        }
+        return new URLSearchParams(params);
     }
 }
 
 /**
  * @internal
  */
-export const URL_STATE_DELIMITER = ";";
+export const URL_STATE_DELIMITER = ";";