@pega/auth
Advanced tools
@pega/auth - npm Package Compare versions
Comparing version 0.2.12 to 0.2.13
@@ -195,3 +195,3 @@ export class PegaAuth { | ||
| const redirectOrigin = fnGetRedirectUriOrigin(); | ||
| const state = this.isNode ? '' : btoa(window.location.origin); | ||
| const startState = this.isNode ? '' : btoa(window.location.origin); | ||
| return new Promise((resolve, reject) => { | ||
@@ -268,4 +268,9 @@ let theUrl = null; // holds the crafted authorize url | ||
| // Check origin to make sure it is the redirect origin | ||
| if (event.origin !== redirectOrigin) | ||
| if (event.origin !== redirectOrigin) { | ||
| if (event.data?.type === 'PegaAuth') { | ||
| // eslint-disable-next-line no-console | ||
| console.error(`Authorization code grant flow error: Unexpected origin: ${event.origin} ... expecting: ${redirectOrigin}`); | ||
| } | ||
| return; | ||
| } | ||
| if (!event.data || !event.data.type || event.data.type !== 'PegaAuth') | ||
@@ -279,5 +284,14 @@ return; | ||
| } | ||
| if (aValues.error || (aValues.code && aValues.state === this.#dynState.state)) { | ||
| const { code, state, error, errorDesc } = aValues; | ||
| if (error) { | ||
| // eslint-disable-next-line no-console | ||
| console.error(`Authorization code grant flow error (${error}): ${errorDesc}`); | ||
| } | ||
| if (code && state !== this.#dynState.state) { | ||
| // eslint-disable-next-line no-console | ||
| console.error(`Authorization code transfer error: state mismatch: ${state} ... expecting: ${this.#dynState.state}`); | ||
| } | ||
| if (error || (code && state === this.#dynState.state)) { | ||
| // eslint-disable-next-line no-use-before-define | ||
| fnGetTokenAndFinish(aValues.code, aValues.error, aValues.errorDesc); | ||
| fnGetTokenAndFinish(code, error, errorDesc); | ||
| } | ||
@@ -288,4 +302,12 @@ }; | ||
| window.addEventListener('message', fnAuthMessageReceiver, false); | ||
| window.authCodeCallback = (code, state1, error, errorDesc) => { | ||
| if (error || (code && state1 === this.#dynState.state)) { | ||
| window.authCodeCallback = (code, state, error, errorDesc) => { | ||
| if (error) { | ||
| // eslint-disable-next-line no-console | ||
| console.error(`Authorization code grant flow error (${error}): ${errorDesc}`); | ||
| } | ||
| if (code && state !== this.#dynState.state) { | ||
| // eslint-disable-next-line no-console | ||
| console.error(`Authorization code transfer error: state mismatch: ${state} ... expecting: ${this.#dynState.state}`); | ||
| } | ||
| if (error || (code && state === this.#dynState.state)) { | ||
| // eslint-disable-next-line no-use-before-define | ||
@@ -417,6 +439,6 @@ fnGetTokenAndFinish(code, error, errorDesc); | ||
| const code = urlParams.get('code'); | ||
| const state1 = urlParams.get('state'); | ||
| const state = urlParams.get('state'); | ||
| const error = urlParams.get('error'); | ||
| const errorDesc = urlParams.get('error_description'); | ||
| if (error || (code && state1 === this.#dynState.state)) { | ||
| if (error || (code && state === this.#dynState.state)) { | ||
| // Stop receiving connections and close when all are handled. | ||
@@ -483,3 +505,3 @@ server.close(); | ||
| } | ||
| this.#buildAuthorizeUrl(state).then(url => { | ||
| this.#buildAuthorizeUrl(startState).then(url => { | ||
| theUrl = url; | ||
@@ -495,3 +517,3 @@ doAuthorize(); | ||
| fnSetSilentAuthFailed(false); | ||
| this.#buildAuthorizeUrl(state).then(url => { | ||
| this.#buildAuthorizeUrl(startState).then(url => { | ||
| theUrl = url; | ||
@@ -508,3 +530,3 @@ doAuthorize(); | ||
| }; | ||
| this.#buildAuthorizeUrl(state).then(url => { | ||
| this.#buildAuthorizeUrl(startState).then(url => { | ||
| theUrl = url; | ||
@@ -511,0 +533,0 @@ doAuthorize(); |
@@ -809,3 +809,5 @@ // This file wraps various calls related to logging in, logging out, etc. | ||
| const errorDesc = urlParams.get('errorDesc'); | ||
| fnLoggedInCB(null, error, errorDesc); | ||
| if (fnLoggedInCB) { | ||
| fnLoggedInCB(null, error, errorDesc); | ||
| } | ||
| } | ||
@@ -845,2 +847,11 @@ } | ||
| } | ||
| if (window.location.href.includes('?error')) { | ||
| // log error and stop redirects | ||
| const params = new URL(document.location.toString()).searchParams; | ||
| const error = params.get('error'); | ||
| const errorDesc = params.get('error_description'); | ||
| // eslint-disable-next-line no-console | ||
| console.error(`Authorization code grant flow error (${error}): ${errorDesc}`); | ||
| return; | ||
| } | ||
| if (window.location.href.includes('?code')) { | ||
@@ -847,0 +858,0 @@ // initialize authMgr (now initialize in constructor?) |
| { | ||
| "name": "@pega/auth", | ||
| "version": "0.2.12", | ||
| "version": "0.2.13", | ||
| "description": "Pega OAuth 2.0 Client Library (supports Infinity and Launchpad).", | ||
@@ -5,0 +5,0 @@ "repository": { |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by1.48%
205667
- Lines of code
- increased by1.48%
2259