Merge pull request #25 from thivi/feature/safari_issue

Fix issues caused in the Safari browser

Author: thivi

README.md

@@ -94,14 +94,16 @@ Before trying out the sample apps, you need to a create a service provider in th
 
 4. Under `Allowed Grant Types` uncheck everything except `Code` and `Refresh Token`.
 
-5. Enter `http://localhost:3000` as the `Callback Url`.
+5. Enter the Callback URL(s). You can find the relevant callback URL(s) of each sample app in the [Running the sample apps](#2.-running-the-sample-apps) section.
 
 6. Check `Allow authentication without the client secret`.
 
 7. Click `Add` at the bottom.
 
 8. Copy the `OAuth Client Key`.
 
+9. Enable CORS for the client application by following this guide (https://is.docs.wso2.com/en/5.11.0/learn/cors/).
+
 ### 2. Running the sample apps
 
 Build the apps by running the following command at the root directory.
@@ -111,14 +113,20 @@ npm run build
 
 #### 1. Vanilla JavaScript Sample
 
+The *Callback URL* of this app is `http://localhost:3000`.
+
 You can try out the Vanilla JavaScript Sample App from the [samples/vanilla-js-app](samples/vanilla-js-app). The instructions to run the app can  be found [here](/samples/vanilla-js-app/README.md)
 
 #### 2. React Sample
 
+The *Callback URL* of this app is `regexp=(http://localhost:3000/sign-in|http://localhost:3000/dashboard)`.
+
 You can try out the React Sample App from the [samples/react-js-app](samples/react-js-app). The instructions to run the app can  be found [here](/samples/react-js-app/README.md)
 
 #### 2. Java Webapp Sample
 
+The *Callback URL* of this app is the URL of this app on the server. For instance, if your Tomcat server is running on `http://localhost:8080`, then the callback URL will be `http://localhost:8080/java-webapp`.
+
 You can try out the Java Webapp Sample App from the [samples/java-webapp](samples/java-webapp). The instructions to run the app can  be found [here](/samples/java-webapp/README.md)
 
 ## APIs
@@ -176,7 +184,7 @@ Of the three methods, storing the session information in the **web worker** is t
 |`oidcSessionIFrame`|`string`| `"/oidc/checksession"`| The URL of the OIDC session iframe.
 |`revoke`|`string`| `"/oauth2/revoke"`| The endpoint to send the revoke-access-token request to.
 |`token`|`string`| `"/oauth2/token"`| The endpoint to send the token request to.|
-|`wellKnown`|`string`| `"/oauth2/oidcdiscovery/.well-known/openid-configuration"`| The endpoint to receive the OIDC endpoints from|   
+|`wellKnown`|`string`| `"/oauth2/oidcdiscovery/.well-known/openid-configuration"`| The endpoint to receive the OIDC endpoints from|
 
 ```javascript
 auth.initialize(config);
@@ -191,7 +199,7 @@ This method returns the information about the authenticated user as an object. T
 |`email`|`string`|The email address of the user|
 |`username`|`string`| The username of the user|
 |`displayName`| `string`| The display name of the user|
-`allowedScopes`|`string`| The scopes the user has authorized the client to access|   
+`allowedScopes`|`string`| The scopes the user has authorized the client to access|
 
 ```javascript
 auth.getUserInfo().then((response) => {

oidc-js/package.json

@@ -12,6 +12,7 @@
     "types": "dist/src/index.d.ts",
     "scripts": {
         "lint": "eslint --ext .js,.ts .",
+        "fix-lint": "eslint --ext .js,.ts . --fix",
         "build": "rimraf dist && npm run type-check && webpack -p --env.NODE_ENV=production",
         "type-check": "tsc --emitDeclarationOnly",
         "type-check:watch": "npm run type-check -- --watch",
@@ -62,5 +63,8 @@
     "bugs": {
         "url": "https://github.com/asgardio/asgardio-js-oidc-sdk/issues"
     },
-    "homepage": "https://github.com/asgardio/asgardio-js-oidc-sdk#readme"
+    "homepage": "https://github.com/asgardio/asgardio-js-oidc-sdk#readme",
+    "browserslist": [
+        "> 0.2%"
+    ]
 }

oidc-js/src/client.ts

@@ -18,6 +18,7 @@
 
 import { AxiosError, AxiosRequestConfig, AxiosResponse } from "axios";
 import { ACCESS_TOKEN, AUTHORIZATION_CODE_TYPE, Hooks, OIDC_SCOPE, Storage } from "./constants";
+import { isWebWorkerConfig } from "./helpers";
 import { AxiosHttpClient, AxiosHttpClientInstance } from "./http-client";
 import {
     ConfigInterface,
@@ -26,8 +27,7 @@ import {
     ServiceResourcesType,
     UserInfo,
     WebWorkerClientInterface,
-    WebWorkerConfigInterface,
-    isWebWorkerConfig
+    WebWorkerConfigInterface
 } from "./models";
 import {
     customGrant as customGrantUtil,
@@ -193,6 +193,8 @@ export class IdentityClient {
                     if (this._onSignInCallback) {
                         if (response.allowedScopes || response.displayName || response.email || response.username) {
                             this._onSignInCallback(response);
+                        } else {
+                            this._onSignInCallback(null);
                         }
                     }
 
@@ -351,7 +353,7 @@ export class IdentityClient {
         throw Error("Identity Client has not been initialized yet");
     }
 
-    public getDecodedIDToken(): Promise<DecodedIdTokenPayloadInterface>{
+    public getDecodedIDToken(): Promise<DecodedIdTokenPayloadInterface> {
         if (this._storage === Storage.WebWorker) {
             return this._client.getDecodedIDToken();
         }

oidc-js/src/helpers/index.ts

@@ -0,0 +1,19 @@
+/**
+* Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+*
+* WSO2 Inc. licenses this file to you under the Apache License,
+* Version 2.0 (the "License"); you may not use this file except
+* in compliance with the License.
+* You may obtain a copy of the License at
+*
+*     http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing,
+* software distributed under the License is distributed on an
+* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+* KIND, either express or implied. See the License for the
+* specific language governing permissions and limitations
+* under the License.
+*/
+
+export * from "./typeguards";

oidc-js/src/helpers/semaphore.ts

@@ -0,0 +1,26 @@
+/**
+ * Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import { Storage } from "../constants";
+import { ConfigInterface, WebWorkerConfigInterface } from "../models";
+
+export const isWebWorkerConfig = (
+    config: ConfigInterface | WebWorkerConfigInterface
+): config is WebWorkerConfigInterface => {
+    return config.storage === Storage.WebWorker;
+};

oidc-js/src/helpers/typeguards.ts

@@ -64,9 +64,3 @@ export interface HttpClient {
 export interface WebWorkerClientConfigInterface extends WebWorkerConfigInterface {
     httpClient: HttpClient;
 }
-
-export const isWebWorkerConfig = (
-    config: ConfigInterface | WebWorkerConfigInterface
-): config is WebWorkerConfigInterface => {
-    return config.storage === Storage.WebWorker;
-};

oidc-js/src/models/client.ts

@@ -60,6 +60,7 @@ import {
     USERNAME,
     USERNAME_TAG
 } from "../constants";
+import { isWebWorkerConfig } from "../helpers";
 import {
     AuthenticatedUserInterface,
     ConfigInterface,
@@ -69,8 +70,7 @@ import {
     TokenRequestHeader,
     TokenResponseInterface,
     UserInfo,
-    WebWorkerConfigInterface,
-    isWebWorkerConfig
+    WebWorkerConfigInterface
 } from "../models";
 
 /**

oidc-js/src/utils/sign-in.ts

@@ -24,7 +24,8 @@ import {
     SIGN_OUT_REDIRECT_URL
 } from "../constants";
 import { Storage } from "../constants/storage";
-import { ConfigInterface, WebWorkerConfigInterface, isWebWorkerConfig } from "../models";
+import { isWebWorkerConfig } from "../helpers";
+import { ConfigInterface, WebWorkerConfigInterface } from "../models";
 
 /**
  * Execute user sign out request
@@ -60,7 +61,7 @@ export function sendSignOutRequest(requestParams: ConfigInterface | WebWorkerCon
         `${ logoutEndpoint }?` + `id_token_hint=${ idToken }` + `&post_logout_redirect_uri=${ callbackURL }&state=`
         + LOGOUT_SUCCESS;
 
-    if (requestParams.storage !== Storage.WebWorker) {
+    if (!isWebWorkerConfig(requestParams)) {
         window.location.href = logoutCallback;
 
         return Promise.resolve(true);

oidc-js/src/utils/sign-out.ts

@@ -320,6 +320,7 @@ export const WebWorker: WebWorkerSingletonInterface = (function (): WebWorkerSin
      */
     function Constructor(config: WebWorkerClientConfigInterface): WebWorkerInterface {
         authConfig = { ...config };
+        session.clear();
         authConfig.session = session;
 
         if (authConfig.authorizationCode) {

oidc-js/src/worker/web-worker.ts

@@ -21,5 +21,5 @@
         "outDir": "./dist"
     },
     "compileOnSave": false,
-    "exclude": ["node_modules", "test-configs", "src/**/tests/*", "**/*.test.ts"]
+    "exclude": ["node_modules", "test-configs", "src/**/tests/*", "**/*.test.ts", "dist/**/*"]
 }

oidc-js/tsconfig.json

@@ -8,7 +8,8 @@
         "prebuild": "npm install && lerna bootstrap",
         "remove-node-modules": "npx lerna exec -- rimraf -rf node_modules && rimraf -rf node_modules",
         "remove-package-lock": "npx lerna exec -- rimraf -rf package-lock.json && rimraf -rf package-lock.json",
-        "lint": "eslint --ext .js,.ts .",
+        "lint": "lerna run lint",
+        "fix-lint": "lerna run fix-lint",
         "clean": "lerna run clean --stream",
         "clean-all": "npm run remove-package-lock && npm run remove-node-modules",
         "bump-patch-version": "lerna version patch --yes",