Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@obelisk/client

Package Overview
Dependencies
Maintainers
1
Versions
41
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@obelisk/client - npm Package Compare versions

Comparing version 2.7.7 to 2.8.0

8

lib/interfaces/client.d.ts

@@ -95,2 +95,10 @@ import { Observable } from "rxjs";

/**
* Keep logged in session alive by refreshing or re-requesting RPTs (in case of offline token present)
* Subscribe to start.
*
* @param leeway Configurable leeway in milliseconds for when expiration and thus refresh logic is due. (Defaults to 3000)
* @return Observable<boolean> of which the boolean signifies if the last refresh action succeeded.
*/
keepSessionAlive(leeway?: number): Observable<boolean>;
/**
* Once this observable returns, the authentication procedure is over.

@@ -97,0 +105,0 @@ * This is usefull for any Auth checking (eg. Auth Guards)

15

lib/obelisk-client.d.ts

@@ -22,2 +22,3 @@ import { Observable, Observer } from 'rxjs';

private CRED_KEY;
private useOfflineToken;
private readonly defaultOptions;

@@ -126,4 +127,12 @@ /**

*/
private scheduleTokenRefresh;
/**
* @inheritdoc
*/
keepSessionAlive(leeway?: number): Observable<boolean>;
/**
* Internal call that defers execution of refresh logic until RPT expires (- minus some leeway in ms)
* @param leeway The leeway in ms (default to 3000ms)
*/
private scheduleRefreshRpt;
/**
* Only for refreshing the PAT token. **Only meant for some specific cases**

@@ -134,6 +143,4 @@ */

* Only for refreshing the RPT token. **Only meant for some specific cases**
* @param useClientCredentials Optional parameter: if true it will refresh using the session client credentials,
* instead of the credenitals set at client init time.
*/
refreshRptToken(useClientCredentials?: boolean): Observable<boolean>;
refreshRptToken(): Observable<boolean>;
/**

@@ -140,0 +147,0 @@ * @inheritdoc

@@ -21,2 +21,3 @@ "use strict";

this.UMA2CONFIG_PATH = '/.well-known/uma2-configuration';
this.useOfflineToken = false;
this.defaultOptions = {

@@ -61,3 +62,2 @@ authMode: 'entitlement',

// If scope includes offline_access and refresh_expires_in=== 0 (store in localstorage to skip login next time)
// if (!offlineLoginHandling && authResponse.scope.split(' ').includes('offline_access') && authResponse.refresh_expires_in <= 0) {
if (authResponse.scope.split(' ').includes('offline_access') && authResponse.refresh_expires_in <= 0) {

@@ -321,2 +321,4 @@ // this._storage!.add('logInfo', { authenticated: true, expires: -1, offline_token: patRefresh.getToken() });

isAuthenticated() {
// reseting useOfflineToken
this.useOfflineToken = false;
// check storage

@@ -334,2 +336,4 @@ try {

if (offline && offline.token) {
// Set offline token usage to true
this.useOfflineToken = true;
// console.debug('--trying offline_token login');

@@ -375,2 +379,3 @@ const url = this._uma2Config.token_endpoint;

this._storage.clearAll();
this.useOfflineToken = false;
this._tokens = {};

@@ -467,13 +472,29 @@ }

*/
scheduleTokenRefresh(pat, patRefresh) {
// Get date from pat token
const expiry = pat.getExpiresAt();
// Refresh 30 seconds before expiry
const refreshTime = expiry - (30 * 1000);
// Use patRefresh to refresh
setTimeout(() => {
// TODO: onTokenExpired callback
}, refreshTime - new Date().getTime());
// private scheduleTokenRefresh(pat: Token, patRefresh: Token): void {
// // Get date from pat token
// const expiry = pat.getExpiresAt();
// // Refresh 30 seconds before expiry
// const refreshTime = expiry - (30 * 1000);
// // Use patRefresh to refresh
// setTimeout(() => {
// // TODO: onTokenExpired callback
// }, refreshTime - new Date().getTime());
// }
/**
* @inheritdoc
*/
keepSessionAlive(leeway = 3000) {
return this.scheduleRefreshRpt(leeway).pipe(operators_1.expand(_ => this.scheduleRefreshRpt(leeway)));
}
/**
* Internal call that defers execution of refresh logic until RPT expires (- minus some leeway in ms)
* @param leeway The leeway in ms (default to 3000ms)
*/
scheduleRefreshRpt(leeway = 3000) {
return rxjs_1.defer(() => {
const delay = Math.max(0, this._tokens.rpt.getExpiresAt() * 1000 - Date.now() - leeway);
return rxjs_1.timer(delay).pipe(operators_1.flatMap(_ => this.refreshRptToken()));
});
}
/**
* Only for refreshing the PAT token. **Only meant for some specific cases**

@@ -509,14 +530,14 @@ */

* Only for refreshing the RPT token. **Only meant for some specific cases**
* @param useClientCredentials Optional parameter: if true it will refresh using the session client credentials,
* instead of the credenitals set at client init time.
*/
refreshRptToken(useClientCredentials) {
const url = this._uma2Config.token_endpoint;
if (this._tokens && this._tokens.rptRefresh) {
const tok = this._tokens.rptRefresh;
const headers = {
'Content-Type': 'application/x-www-form-urlencoded',
};
let params = `grant_type=refresh_token&refresh_token=${tok.getToken()}`;
if (useClientCredentials) {
refreshRptToken() {
if (!this.useOfflineToken) {
// console.log('== Normal online refresh');
const url = this._uma2Config.token_endpoint;
if (this._tokens && this._tokens.rptRefresh) {
const tok = this._tokens.rptRefresh;
const headers = {
'Content-Type': 'application/x-www-form-urlencoded',
};
let params = `grant_type=refresh_token&refresh_token=${tok.getToken()}`;
// if (useClientCredentials) {
try {

@@ -527,30 +548,35 @@ const cred = this.loadClientCredentials();

catch (_a) {
// Credentials are not present, log out.
this.logout();
return rxjs_1.of(false);
// Credentials are not present, use just client_id
const clientId = this._options.clientId;
params += `&client_id=${clientId}`;
// this.logout();
// return of(false);
}
// } else {
// const clientId = this._options!.clientId;
// params += `&client_id=${clientId}`;
// }
return ajax_1.ajax.post(url, params, headers).pipe(operators_1.flatMap(resp => {
if (resp.status === 200) {
const body = resp.response;
this._tokens.rpt = new auth_1.Token(body.access_token);
this._tokens.rptRefresh = new auth_1.Token(body.refresh_token);
this._tokens.idtoken = new auth_1.Token(body.id_token);
// ADDED
this.updateLogInfo(this._tokens.rpt);
this._events$.next({ type: interfaces_1.ClientEventType.OnRptChanged });
this._events$.next({ type: interfaces_1.ClientEventType.OnRolesChanged });
return rxjs_1.of(true);
}
else {
return rxjs_1.throwError(resp.status + ' ' + resp.responseText);
}
}));
}
else {
const clientId = this._options.clientId;
params += `&client_id=${clientId}`;
return rxjs_1.of(false);
}
return ajax_1.ajax.post(url, params, headers).pipe(operators_1.flatMap(resp => {
if (resp.status === 200) {
const body = resp.response;
this._tokens.rpt = new auth_1.Token(body.access_token);
this._tokens.rptRefresh = new auth_1.Token(body.refresh_token);
this._tokens.idtoken = new auth_1.Token(body.id_token);
// ADDED
this.updateLogInfo(this._tokens.rpt);
this._events$.next({ type: interfaces_1.ClientEventType.OnRptChanged });
this._events$.next({ type: interfaces_1.ClientEventType.OnRolesChanged });
return rxjs_1.of(true);
}
else {
return rxjs_1.throwError(resp.status + ' ' + resp.responseText);
}
}));
}
else {
return rxjs_1.of(false);
return this.refreshPatToken().pipe(operators_1.flatMap(succeeded => succeeded ? this.getNewRpt().pipe(operators_1.map(_ => true)) : rxjs_1.of(false)));
}

@@ -557,0 +583,0 @@ }

{
"name": "@obelisk/client",
"version": "2.7.7",
"version": "2.8.0",
"description": "Typescript client to interact with Obelisk on a higher level than the regular ReST API calls.",

@@ -5,0 +5,0 @@ "keywords": [

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc