UNPKG

@digital-blueprint/lunchlottery-app

Version:

[GitHub Repository](https://github.com/digital-blueprint/lunchlottery-app) | [npmjs package](https://www.npmjs.com/package/@digital-blueprint/lunchlottery-app) | [Unpkg CDN](https://unpkg.com/browse/@digital-blueprint/lunchlottery-app/)

github.com/digital-blueprint/lunchlottery-app

digital-blueprint/lunchlottery-app

258 lines (217 loc) 7.63 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
/** * @typedef {import('keycloak-js')} Keycloak */ const promiseTimeout = function (ms, promise) { let timeout = new Promise((resolve, reject) => { let id = setTimeout(() => { clearTimeout(id); reject('Timed out in ' + ms + 'ms.'); }, ms); }); return Promise.race([promise, timeout]); }; /** * Returns a URL for a relative path or URL * * @param {string} urlOrPath */ const ensureURL = function (urlOrPath) { try { return new URL(urlOrPath).href; } catch { return new URL(urlOrPath, window.location.href).href; } }; /** * Wraps the keycloak API to support async/await, adds auto token refreshing and consolidates all * events into one native "changed" event * * The "changed" event has the real keycloak instance as "detail" */ export class KeycloakWrapper extends EventTarget { /** * @param {string} baseURL * @param {string} realm * @param {string} clientId * @param {string} silentCheckSsoUri * @param {boolean} checkLoginIframe * @param {string} idpHint */ constructor(baseURL, realm, clientId, silentCheckSsoUri, checkLoginIframe, idpHint) { super(); this._baseURL = baseURL; this._realm = realm; this._clientId = clientId; this._keycloak = null; this._initPromise = null; this._silentCheckSsoUri = silentCheckSsoUri; this._checkLoginIframe = checkLoginIframe; this._idpHint = idpHint; this._checkId = null; /* Minimum validity of the token in seconds */ this.MIN_VALIDITY = 20; /* Interval at which the token validity is checked, in seconds */ this.CHECK_INTERVAL = 10; /* Enables extra debug logging */ this.DEBUG = false; this._onVisibilityChanged = this._onVisibilityChanged.bind(this); document.addEventListener('visibilitychange', this._onVisibilityChanged); } /** * This needs to be called or the instance will leak; */ close() { document.removeEventListener('visibilitychange', this._onVisibilityChanged); } _onVisibilityChanged() { let isVisible = document.visibilityState === 'visible'; if (isVisible) { this._checkTokeHasExpired(); } } _onChanged() { const event = new CustomEvent('changed', { detail: this._keycloak, bubbles: true, composed: true, }); this.dispatchEvent(event); } _onReady(authenticated) { // Avoid emitting changed when nothing has changed on init() if (authenticated) this._onChanged(); } async _onTokenExpired() { console.log('Token has expired'); let refreshed = false; try { // -1 means force a refresh refreshed = await this._keycloak.updateToken(-1); } catch (error) { console.log('Failed to refresh the token', error); return; } console.assert(refreshed, 'token should have been refreshed'); } async _checkTokeHasExpired() { let refreshed; if (this._keycloak === null || !this._keycloak.authenticated) { return; } let minValidity = this.MIN_VALIDITY + this.CHECK_INTERVAL; if (this.DEBUG) { console.log(`Updating token if not valid for at least ${minValidity}s`); } try { refreshed = await this._keycloak.updateToken(minValidity); } catch (error) { console.log('Failed to refresh the token', error); } if (this.DEBUG && refreshed) console.log('token has been refreshed'); } async _onAuthSuccess() { // We check every once in a while if the token is still valid and // and refresh it if needed. if (this._checkId !== null) { clearInterval(this._checkId); this._checkId = null; } this._checkId = setInterval( this._checkTokeHasExpired.bind(this), this.CHECK_INTERVAL * 1000, ); this._onChanged(); } async _onAuthLogout() { if (this._checkId !== null) { clearInterval(this._checkId); this._checkId = null; } this._onChanged(); } async _init() { const Keycloak = (await import('keycloak-js')).default; this._keycloak = new Keycloak({ url: this._baseURL, realm: this._realm, clientId: this._clientId, }); this._keycloak.onTokenExpired = this._onTokenExpired.bind(this); this._keycloak.onAuthRefreshSuccess = this._onChanged.bind(this); this._keycloak.onAuthRefreshError = this._onChanged.bind(this); this._keycloak.onAuthLogout = this._onAuthLogout.bind(this); this._keycloak.onAuthSuccess = this._onAuthSuccess.bind(this); this._keycloak.onAuthError = this._onChanged.bind(this); this._keycloak.onReady = this._onReady.bind(this); const options = {}; options['pkceMethod'] = /** @type {Keycloak.KeycloakPkceMethod} */ ('S256'); if (this.DEBUG) { options['enableLogging'] = true; } options['checkLoginIframe'] = this._checkLoginIframe; if (this._silentCheckSsoUri) { options['onLoad'] = /** @type {Keycloak.KeycloakOnLoad} */ ('check-sso'); options['silentCheckSsoRedirectUri'] = ensureURL(this._silentCheckSsoUri); // When silent-sso-check is active but the iframe doesn't load/work we will // never return here, so add a timeout and emit a signal so the app can continue await promiseTimeout(5000, this._keycloak.init(options)).catch(() => { console.log('Login timed out'); this._onChanged(); }); } else { await this._keycloak.init(options); } } async _ensureInit() { if (this._initPromise === null) { this._initPromise = this._init(); } return this._initPromise; } /** * If this returns true you need to call login() at one point to finish the login process. */ isLoggingIn() { const href = window.location.href; return href.search('[&#]state=') >= 0 && href.search('[&#]session_state=') >= 0; } /** * Logs the user in. Might lead to a site refresh or the user needing to authenticate. * * @param {object} options * @param {string} [options.lang] - The locale to use on the keycloak login page */ async login(options) { await this._ensureInit(); options = options || {}; const language = options['lang'] || 'en'; const scope = options['scope'] || ''; if (!this._keycloak.authenticated) { await this._keycloak.login({ locale: language, scope: scope, idpHint: this._idpHint, }); } } /** * Logs the user in if it is possible without leaving the page or the user needing to authenticate again. */ async tryLogin() { await this._ensureInit(); } /** * Logs the user out locally, but not with keycloak. Login will instantly log the user back in without * requiring a re-auth. */ async localLogout() { this._keycloak.clearToken(); } /** * Log the user out from keycloak. */ async logout() { await this._ensureInit(); this._keycloak.logout(); } }