From 0594053033ed4941e6baa0985aca8a7d8bf8a43c Mon Sep 17 00:00:00 2001 From: Kavith Lokuhewage Date: Wed, 24 Jul 2024 14:58:23 +0530 Subject: [PATCH 1/4] Support custom params for token request --- lib/src/client.ts | 20 ++++++++++++-------- lib/src/clients/main-thread-client.ts | 19 ++++++++++++++----- lib/src/clients/web-worker-client.ts | 16 ++++++++++++---- lib/src/helpers/authentication-helper.ts | 7 +++++-- lib/src/models/client.ts | 10 ++++++++-- lib/src/models/message.ts | 3 +++ 6 files changed, 54 insertions(+), 21 deletions(-) diff --git a/lib/src/client.ts b/lib/src/client.ts index d01020a8..058a7347 100755 --- a/lib/src/client.ts +++ b/lib/src/client.ts @@ -372,7 +372,10 @@ export class AsgardeoSPAClient { config?: SignInConfig, authorizationCode?: string, sessionState?: string, - state?: string + state?: string, + tokenRequestConfig?: { + params: Record + } ): Promise { await this._isInitialized(); @@ -384,15 +387,16 @@ export class AsgardeoSPAClient { delete config?.callOnlyOnRedirect; - return this._client?.signIn(config, authorizationCode, sessionState, state).then((response: BasicUserInfo) => { - if (this._onSignInCallback) { - if (response.allowedScopes || response.displayName || response.email || response.username) { - this._onSignInCallback(response); + return this._client?.signIn(config, authorizationCode, sessionState, state, tokenRequestConfig) + .then((response: BasicUserInfo) => { + if (this._onSignInCallback) { + if (response.allowedScopes || response.displayName || response.email || response.username) { + this._onSignInCallback(response); + } } - } - return response; - }); + return response; + }); } /** diff --git a/lib/src/clients/main-thread-client.ts b/lib/src/clients/main-thread-client.ts index caa0df54..bf358fb5 100755 --- a/lib/src/clients/main-thread-client.ts +++ b/lib/src/clients/main-thread-client.ts @@ -188,12 +188,16 @@ export const MainThreadClient = async ( signInConfig?: GetAuthURLConfig, authorizationCode?: string, sessionState?: string, - state?: string + state?: string, + tokenRequestConfig?: { + params: Record + } ): Promise => { const basicUserInfo = await _authenticationHelper.handleSignIn( shouldStopAuthn, - checkSession + checkSession, + undefined ); if(basicUserInfo) { @@ -217,7 +221,8 @@ export const MainThreadClient = async ( if (resolvedAuthorizationCode && resolvedState) { setSessionStatus("true"); - return requestAccessToken(resolvedAuthorizationCode, resolvedSessionState, resolvedState); + return requestAccessToken(resolvedAuthorizationCode, resolvedSessionState, + resolvedState, tokenRequestConfig); } return _authenticationClient.getAuthorizationURL(signInConfig).then(async (url: string) => { @@ -304,14 +309,18 @@ export const MainThreadClient = async ( const requestAccessToken = async ( resolvedAuthorizationCode: string, resolvedSessionState: string, - resolvedState: string + resolvedState: string, + tokenRequestConfig?: { + params: Record + } ): Promise => { return await _authenticationHelper.requestAccessToken( resolvedAuthorizationCode, resolvedSessionState, checkSession, undefined, - resolvedState + resolvedState, + tokenRequestConfig ); }; diff --git a/lib/src/clients/web-worker-client.ts b/lib/src/clients/web-worker-client.ts index a5ad13aa..1a05ae39 100755 --- a/lib/src/clients/web-worker-client.ts +++ b/lib/src/clients/web-worker-client.ts @@ -473,7 +473,10 @@ export const WebWorkerClient = async ( const requestAccessToken = async ( resolvedAuthorizationCode: string, resolvedSessionState: string, - resolvedState: string + resolvedState: string, + tokenRequestConfig?: { + params: Record + } ): Promise => { const config: AuthClientConfig = await getConfigData(); const pkceKey: string = AuthenticationUtils.extractPKCEKeyFromStateParam(resolvedState); @@ -483,7 +486,8 @@ export const WebWorkerClient = async ( code: resolvedAuthorizationCode, pkce: config.enablePKCE ? SPAUtils.getPKCE(pkceKey) : undefined, sessionState: resolvedSessionState, - state: resolvedState + state: resolvedState, + tokenRequestConfig }, type: REQUEST_ACCESS_TOKEN }; @@ -548,7 +552,10 @@ export const WebWorkerClient = async ( params?: GetAuthURLConfig, authorizationCode?: string, sessionState?: string, - state?: string + state?: string, + tokenRequestConfig?: { + params: Record + } ): Promise => { const basicUserInfo = await _authenticationHelper.handleSignIn( @@ -577,7 +584,8 @@ export const WebWorkerClient = async ( } if (resolvedAuthorizationCode && resolvedState) { - return requestAccessToken(resolvedAuthorizationCode, resolvedSessionState, resolvedState); + return requestAccessToken(resolvedAuthorizationCode, resolvedSessionState, + resolvedState, tokenRequestConfig); } return getAuthorizationURL(params) diff --git a/lib/src/helpers/authentication-helper.ts b/lib/src/helpers/authentication-helper.ts index 52739839..ca0c59d6 100644 --- a/lib/src/helpers/authentication-helper.ts +++ b/lib/src/helpers/authentication-helper.ts @@ -471,7 +471,10 @@ export class AuthenticationHelper< sessionState?: string, checkSession?: () => Promise, pkce?: string, - state?: string + state?: string, + tokenRequestConfig?: { + params: Record + } ): Promise { const config = await this._dataLayer.getConfigData(); @@ -490,7 +493,7 @@ export class AuthenticationHelper< if (authorizationCode) { return this._authenticationClient - .requestAccessToken(authorizationCode, sessionState ?? "", state ?? "") + .requestAccessToken(authorizationCode, sessionState ?? "", state ?? "", undefined, tokenRequestConfig) .then(async () => { // Disable this temporarily /* if (config.storage === Storage.BrowserMemory) { diff --git a/lib/src/models/client.ts b/lib/src/models/client.ts index 424a9864..a0d14730 100755 --- a/lib/src/models/client.ts +++ b/lib/src/models/client.ts @@ -50,7 +50,10 @@ export interface MainThreadClientInterface { config?: SignInConfig, authorizationCode?: string, sessionState?: string, - signInRedirectURL?: string + signInRedirectURL?: string, + tokenRequestConfig?: { + params: Record + } ): Promise; signOut(signOutRedirectURL?: string): Promise; requestCustomGrant(config: CustomGrantConfig): Promise; @@ -80,7 +83,10 @@ export interface WebWorkerClientInterface { params?: SignInConfig, authorizationCode?: string, sessionState?: string, - signInRedirectURL?: string + signInRedirectURL?: string, + tokenRequestConfig?: { + params: Record + } ): Promise; signOut(signOutRedirectURL?: string): Promise; revokeAccessToken(): Promise; diff --git a/lib/src/models/message.ts b/lib/src/models/message.ts index b24a7743..e6285ae8 100644 --- a/lib/src/models/message.ts +++ b/lib/src/models/message.ts @@ -70,6 +70,9 @@ export interface AuthorizationInfo { sessionState: string; pkce?: string; state: string; + tokenRequestConfig?: { + params: Record + } } export type MessageType = From 640b37f9d3fc20f16e7c6c7458cd062407369e71 Mon Sep 17 00:00:00 2001 From: Kavith Lokuhewage Date: Thu, 25 Jul 2024 13:41:04 +0530 Subject: [PATCH 2/4] Keep custom token request params in temp storage --- lib/src/clients/main-thread-client.ts | 16 ++++++++++++++-- lib/src/constants/storage.ts | 2 ++ 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/lib/src/clients/main-thread-client.ts b/lib/src/clients/main-thread-client.ts index bf358fb5..b207450e 100755 --- a/lib/src/clients/main-thread-client.ts +++ b/lib/src/clients/main-thread-client.ts @@ -36,7 +36,8 @@ import { } from "@asgardeo/auth-js"; import { SILENT_SIGN_IN_STATE, - Storage + Storage, + TOKEN_REQUEST_CONFIG_KEY } from "../constants"; import { AuthenticationHelper, SPAHelper, SessionManagementHelper } from "../helpers"; import { HttpClient, HttpClientInstance } from "../http-client"; @@ -206,6 +207,9 @@ export const MainThreadClient = async ( let resolvedAuthorizationCode: string; let resolvedSessionState: string; let resolvedState: string; + let resolvedTokenRequestConfig: { + params: Record + } = { params: {} }; if (config?.responseMode === ResponseMode.formPost && authorizationCode) { resolvedAuthorizationCode = authorizationCode; @@ -221,8 +225,12 @@ export const MainThreadClient = async ( if (resolvedAuthorizationCode && resolvedState) { setSessionStatus("true"); + const storedTokenRequestConfig = await _dataLayer.getTemporaryDataParameter(TOKEN_REQUEST_CONFIG_KEY); + if (storedTokenRequestConfig && typeof storedTokenRequestConfig === "string") { + resolvedTokenRequestConfig = JSON.parse(storedTokenRequestConfig); + } return requestAccessToken(resolvedAuthorizationCode, resolvedSessionState, - resolvedState, tokenRequestConfig); + resolvedState, resolvedTokenRequestConfig); } return _authenticationClient.getAuthorizationURL(signInConfig).then(async (url: string) => { @@ -232,6 +240,10 @@ export const MainThreadClient = async ( SPAUtils.setPKCE(pkceKey, (await _authenticationClient.getPKCECode(resolvedState)) as string); } + if (tokenRequestConfig) { + _dataLayer.setTemporaryDataParameter(TOKEN_REQUEST_CONFIG_KEY, JSON.stringify(tokenRequestConfig)); + } + location.href = url; await SPAUtils.waitTillPageRedirect(); diff --git a/lib/src/constants/storage.ts b/lib/src/constants/storage.ts index 8a1d368a..faa0f5b9 100644 --- a/lib/src/constants/storage.ts +++ b/lib/src/constants/storage.ts @@ -34,3 +34,5 @@ export enum Storage { WebWorker = "webWorker", BrowserMemory = "browserMemory" } + +export const TOKEN_REQUEST_CONFIG_KEY = "token_request_config"; From fa1a13933aa502140480fb059f46e2cc75b1663b Mon Sep 17 00:00:00 2001 From: Kavith Lokuhewage Date: Mon, 29 Jul 2024 11:05:02 +0530 Subject: [PATCH 3/4] Update readme to include new parameter for signin method --- README.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 2292b65c..eaca7250 100755 --- a/README.md +++ b/README.md @@ -334,7 +334,7 @@ auth.getBasicUserInfo().then((response) => { ### signIn ```typescript -signIn(config?: SignInConfig, authorizationCode?: string, sessionState?: string); +signIn(config?: SignInConfig, authorizationCode?: string, sessionState?: string, tokenRequestConfig?: { params: Record }); ``` #### Arguments @@ -346,6 +346,15 @@ signIn(config?: SignInConfig, authorizationCode?: string, sessionState?: string) The `signIn` method can be passed the authorization code as an argument, which will be used to obtain the token during the token-request phase of the method. This allows developers to use different response modes such as `form_post`. To learn more about the `form_post` method refer to the [Using the `form_post` response mode](#Using-the-form_post-response-mode) section. If you're using the `query` method, then the `signIn` method automatically obtains the authorization code from the URL. 3. sessionState?: `string` (optional) The `signIn` method can be passed the session state as an argument, which will be used to obtain the token during the token-request phase of the method. This allows developers to use different response modes such as `form_post`. To learn more about the `form_post` method refer to the [Using the `form_post` response mode](#Using-the-form_post-response-mode) section. If you're using the `query` method, then the `signIn` method automatically obtains the session state from the URL. +4. tokenRequestConfig?: `object` (optional) + An optional configuration object that allows you to augment the token request. + - `params` (Mandatory): Key-value pairs to be sent as additional parameters in the token request payload. + + ```TypeScript + tokenRequestConfig: { + params: Record + } + ``` #### Description From 341d6d57a60415ec4e09f3221faba0a115d34712 Mon Sep 17 00:00:00 2001 From: Kavith Lokuhewage Date: Mon, 29 Jul 2024 13:13:46 +0530 Subject: [PATCH 4/4] Update js-core dep to v5.1.0 --- lib/package.json | 2 +- lib/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/package.json b/lib/package.json index e07fdb86..864b70c8 100755 --- a/lib/package.json +++ b/lib/package.json @@ -25,7 +25,7 @@ "author": "Asgardeo", "license": "Apache-2.0", "dependencies": { - "@asgardeo/auth-js": "^5.0.0", + "@asgardeo/auth-js": "^5.1.0", "await-semaphore": "^0.1.3", "axios": "^0.26.0", "base64url": "^3.0.1", diff --git a/lib/yarn.lock b/lib/yarn.lock index 5326c99c..0bc70fc8 100644 --- a/lib/yarn.lock +++ b/lib/yarn.lock @@ -10,10 +10,10 @@ "@jridgewell/gen-mapping" "^0.1.0" "@jridgewell/trace-mapping" "^0.3.9" -"@asgardeo/auth-js@^5.0.0": - version "5.0.0" - resolved "https://registry.yarnpkg.com/@asgardeo/auth-js/-/auth-js-5.0.0.tgz#ad63c232ac0588363e95c54d576c6318a6d4be93" - integrity sha512-BMQsTzpFwtgbSeJvmSDgRrOjXfA6+yQ2NUq7CXP4q1TtqZJt8s/zadOazPM00/jIY8B2ENS0CLRHp07M0mFdOw== +"@asgardeo/auth-js@^5.1.0": + version "5.1.0" + resolved "https://registry.yarnpkg.com/@asgardeo/auth-js/-/auth-js-5.1.0.tgz#4a5b129ae247f330ab534f0fcb33e0145bf17f26" + integrity sha512-o+bo3r9RDo97CqEAFpneYIGdulBRUbdjR6QhZgF89zy3rnss1U1MA2v2heMwXKNbMfvbZCBiBDq2yhUcAk9SIA== "@babel/cli@^7.17.6": version "7.18.9"