diff --git a/CHANGELOG.md b/CHANGELOG.md index ac450d052..cd3ce2ca2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ # Changelog -## 7.22.14 +## 7.22.15 + +- [73eae7e](https://github.com/AxaFrance/oidc-client/commit/73eae7e9d68dea6ebec0ed82ba7873941c0e371e) - refactor(oidcServiceWorker): Extract GetCurrentDatabaseTokenEndpoint, add tests. (#1405) (release), 2024-07-11 by *Jason Finch* +- [e51aef2](https://github.com/AxaFrance/oidc-client/commit/e51aef268e783259c035e3ba58bf9aa16a111bea) - fix (Style): fix 'container' classname in demo. (#1401), 2024-07-11 by *Jason Finch* + + +## v7.22.14 - [25c55ee](https://github.com/AxaFrance/oidc-client/commit/25c55eeb7682356c13987a91d7b8645cca1b0ad5) - refactor(oidc): null coalescing (#1404) (release), 2024-07-11 by *Jason Finch* @@ -310,8 +316,3 @@ - [33a9c83](https://github.com/AxaFrance/oidc-client/commit/33a9c8349f23d98960fb4c60f49d7fd19572cca5) - build(npm): bump react-router-dom from 6.14.2 to 6.20.1 (#1234), 2023-12-07 by *dependabot[bot]* -## v7.13.3 - -- [43eac59](https://github.com/AxaFrance/oidc-client/commit/43eac59f1598ab6a5b07dc52deed95297c73f875) - build(npm): bump vite-plugin-dts from 3.4.0 to 3.6.4 (#1227), 2023-12-07 by *dependabot[bot]* - - diff --git a/README.md b/README.md index 4b40a3ce1..2b5748b5b 100644 --- a/README.md +++ b/README.md @@ -34,14 +34,13 @@ Demos: - Try the react demo at https://black-rock-0dc6b0d03.1.azurestaticapps.net/ (most advanced) - Try the pure javascript demo at https://icy-glacier-004ab4303.2.azurestaticapps.net/ - **@axa-fr/oidc-client** is: - **Secure** : - With Demonstrating Proof of Possession (DPoP), your access_token and refresh_token are not usable outside your browser context (big protection) - With the use of Service Worker, your tokens (refresh_token and/or access_token) are not accessible to the JavaScript client code (if you follow good practices from [`FAQ`](https://github.com/AxaFrance/oidc-client/blob/main/FAQ.md) section) - OIDC using client side Code Credential Grant with pkce only -- **Lightweight** : Unpacked Size on npm is **274 kB** +- **Lightweight** : Unpacked Size on npm is **274 kB**, Minified `61.1kB`, Minified+GZIPPED `16.8kB` [Pkg stats via Bundlephobia.com](https://bundlephobia.com/package/@axa-fr/react-oidc) - **Simple** - refresh_token and access_token are auto refreshed in background - with the use of the Service Worker, you do not need to inject the access_token in every fetch, you have only to configure OidcTrustedDomains.js file @@ -56,6 +55,7 @@ Works perfectly well with: - [Auth0](https://auth0.com/) - [Duende Identity Server](https://duendesoftware.com/) +- [Identity Server 4](https://github.com/IdentityServer/IdentityServer4) - Azure AD - Google - AWS @@ -78,8 +78,11 @@ node ./node_modules/@axa-fr/oidc-client/bin/copy-service-worker-files.mjs public # ./public/OidcTrustedDomains.js <-- won't be updated if already exist ``` -WARNING : If you use Service Worker mode, the OidcServiceWorker.js file should always be up to date with the version of the library. You may setup a postinstall script in your package.json file to update it at each npm install. For example : -```sh + +> [!WARNING] +> If you use `Service Worker` mode, the `OidcServiceWorker.js` file should always be up to date with the version of the library. You may setup a postinstall script in your `package.json` file to update it at each npm install. For example : + +```json "scripts": { ... "postinstall": "node ./node_modules/@axa-fr/oidc-client/bin/copy-service-worker-files.mjs public" @@ -103,15 +106,17 @@ node ./node_modules/@axa-fr/react-oidc/bin/copy-service-worker-files.mjs public # ./public/OidcTrustedDomains.js <-- won't be updated if already exist ``` -WARNING : If you use Service Worker mode, the OidcServiceWorker.js file should always be up-to-date with the version of the library. You may setup a postinstall script in your package.json file to update it at each npm install. For example : -```sh +> [!WARNING] +> If you use Service Worker mode, the OidcServiceWorker.js file should always be up-to-date with the version of the library. You may setup a postinstall script in your package.json file to update it at each npm install. For example : + +```json "scripts": { ... "postinstall": "node ./node_modules/@axa-fr/react-oidc/bin/copy-service-worker-files.mjs public" }, ``` -More documentation : +More documentation: - [`@axa-fr/react-oidc`](./packages/react-oidc#readme) diff --git a/packages/oidc-client-service-worker/package.json b/packages/oidc-client-service-worker/package.json index 6f17eb793..f4a1c3605 100644 --- a/packages/oidc-client-service-worker/package.json +++ b/packages/oidc-client-service-worker/package.json @@ -1,6 +1,6 @@ { "name": "@axa-fr/oidc-client-service-worker", - "version": "7.22.14", + "version": "7.22.15", "type": "module", "private": false, "main": "dist/OidcServiceWorker.js", diff --git a/packages/oidc-client-service-worker/src/version.ts b/packages/oidc-client-service-worker/src/version.ts index 03d2f7ab3..81b9c4b57 100644 --- a/packages/oidc-client-service-worker/src/version.ts +++ b/packages/oidc-client-service-worker/src/version.ts @@ -1 +1 @@ -export default '7.22.14'; +export default '7.22.15'; diff --git a/packages/oidc-client/package.json b/packages/oidc-client/package.json index dfabd6d3b..8d0ea5a9e 100644 --- a/packages/oidc-client/package.json +++ b/packages/oidc-client/package.json @@ -1,6 +1,6 @@ { "name": "@axa-fr/oidc-client", - "version": "7.22.14", + "version": "7.22.15", "private": false, "type": "module", "main": "./dist/index.umd.cjs", diff --git a/packages/oidc-client/src/oidc.ts b/packages/oidc-client/src/oidc.ts index cf3e19049..1c5129b5d 100644 --- a/packages/oidc-client/src/oidc.ts +++ b/packages/oidc-client/src/oidc.ts @@ -228,9 +228,12 @@ Please checkout that you are using OIDC hook inside a { + return this.initPromise.finally(() => { + // in case if anything went wrong with the promise, we should reset the initPromise to null too + // otherwise client can't re-init the OIDC client + // as the promise is already fulfilled with rejected state, so could not ever reach this point again, + // so that leads to infinite loop of calls, when client tries to re-init the OIDC client after error this.initPromise = null; - return result; }); } diff --git a/packages/oidc-client/src/renewTokens.ts b/packages/oidc-client/src/renewTokens.ts index 882eb06cb..1fa25211d 100644 --- a/packages/oidc-client/src/renewTokens.ts +++ b/packages/oidc-client/src/renewTokens.ts @@ -321,7 +321,19 @@ const synchroniseTokensAsync = (oidc:Oidc) => async (index = 0, forceRefresh = f } } catch (exception: any) { console.error(exception); - oidc.publishEvent(eventNames.refreshTokensAsync_silent_error, { message: 'exception', exception: exception.message }); - return synchroniseTokensAsync(oidc)(nextIndex, forceRefresh, extras, updateTokens); + oidc.publishEvent(eventNames.refreshTokensAsync_silent_error, { + message: 'exception', + exception: exception.message, + }); + // we need to break the loop or errors, as direct call of synchroniseTokensAsync + // inside of synchroniseTokensAsync will cause an infinite loop and kill the browser stack + // so we need to brake calls chain and delay next call + return new Promise((resolve, reject) => { + setTimeout(() => { + synchroniseTokensAsync(oidc)(nextIndex, forceRefresh, extras, updateTokens) + .then(resolve) + .catch(reject); + }, 1000); + }); } } \ No newline at end of file diff --git a/packages/oidc-client/src/version.ts b/packages/oidc-client/src/version.ts index 03d2f7ab3..81b9c4b57 100644 --- a/packages/oidc-client/src/version.ts +++ b/packages/oidc-client/src/version.ts @@ -1 +1 @@ -export default '7.22.14'; +export default '7.22.15'; diff --git a/packages/react-oidc/package.json b/packages/react-oidc/package.json index 0eb33fbaf..dcbdc8be4 100644 --- a/packages/react-oidc/package.json +++ b/packages/react-oidc/package.json @@ -1,6 +1,6 @@ { "name": "@axa-fr/react-oidc", - "version": "7.22.14", + "version": "7.22.15", "private": false, "type": "module", "main": "./dist/index.umd.cjs",