dumtruck/konobangu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: fix auto accessToken renew

Browse Source
This commit is contained in:
master 2025-06-15 02:48:48 +08:00
parent 1b5bdadf10
commit a2254bbe80
6 changed files with 36 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apps/webui/package.json
View File

@ -63,8 +63,8 @@
"input-otp": "^1.4.2", "input-otp": "^1.4.2",
"jotai": "^2.12.5", "jotai": "^2.12.5",
"jotai-signal": "^0.9.0", "jotai-signal": "^0.9.0",
"lucide-react": "^0.514.0", "lucide-react": "^0.515.0",
"oidc-client-rx": "0.1.0-alpha.9", "oidc-client-rx": "0.1.0-alpha.12",
"react": "^19.1.0", "react": "^19.1.0",
"react-day-picker": "9.7.0", "react-day-picker": "9.7.0",
"react-dom": "^19.1.0", "react-dom": "^19.1.0",

8
apps/webui/src/app/auth/guard.ts
View File

@ -1,16 +1,20 @@
import type { RouterContext } from '@/infra/routes/traits'; import type { RouterContext } from '@/infra/routes/traits';
import type { ParsedLocation } from '@tanstack/react-router';
import { firstValueFrom } from 'rxjs'; import { firstValueFrom } from 'rxjs';
import { authContextFromInjector } from './context'; import { authContextFromInjector } from './context';
export const beforeLoadGuard = async ({ export const beforeLoadGuard = async ({
context, context,
}: { context: RouterContext }) => { location,
}: { context: RouterContext; location: ParsedLocation }) => {
const { isAuthenticated$, authProvider } = authContextFromInjector( const { isAuthenticated$, authProvider } = authContextFromInjector(
context.injector context.injector
); );
if (!(await firstValueFrom(isAuthenticated$))) { if (!(await firstValueFrom(isAuthenticated$))) {
const isAuthenticated = await firstValueFrom( const isAuthenticated = await firstValueFrom(
authProvider.autoLoginPartialRoutesGuard() authProvider.autoLoginPartialRoutesGuard({
location,
})
); );
if (!isAuthenticated) { if (!isAuthenticated) {
throw !isAuthenticated; throw !isAuthenticated;

5
apps/webui/src/infra/auth/auth.provider.ts
View File

@ -1,4 +1,5 @@
import { InjectionToken } from '@outposts/injection-js'; import { InjectionToken } from '@outposts/injection-js';
import type { ParsedLocation } from '@tanstack/react-router';
import type { CheckAuthResultEventType } from 'oidc-client-rx'; import type { CheckAuthResultEventType } from 'oidc-client-rx';
import { type Observable, map } from 'rxjs'; import { type Observable, map } from 'rxjs';
import type { AuthMethodType } from './defs'; import type { AuthMethodType } from './defs';
@ -10,7 +11,9 @@ export abstract class AuthProvider {
abstract authData$: Observable<any>; abstract authData$: Observable<any>;
abstract getAccessToken(): Observable<string | undefined>; abstract getAccessToken(): Observable<string | undefined>;
abstract setup(): void; abstract setup(): void;
abstract autoLoginPartialRoutesGuard(): Observable<boolean>; abstract autoLoginPartialRoutesGuard({
location,
}: { location: ParsedLocation }): Observable<boolean>;
getAuthHeaders(): Observable<Record<string, string>> { getAuthHeaders(): Observable<Record<string, string>> {
return this.getAccessToken().pipe( return this.getAccessToken().pipe(
map((accessToken) => map((accessToken) =>

2
apps/webui/src/infra/auth/oidc/config.ts
View File

@ -21,6 +21,8 @@ export function buildOidcConfig(): OpenIdConfiguration {
logLevel: LogLevel.Warn, logLevel: LogLevel.Warn,
autoUserInfo: !resource, autoUserInfo: !resource,
renewUserInfoAfterTokenRenew: !resource, renewUserInfoAfterTokenRenew: !resource,
ignoreNonceAfterRefresh: !!resource,
renewTimeBeforeTokenExpiresInSeconds: 30,
customParamsAuthRequest: { customParamsAuthRequest: {
prompt: 'consent', prompt: 'consent',
resource, resource,

19
apps/webui/src/infra/auth/oidc/oidc-auth.provider.ts
View File

@ -1,5 +1,6 @@
import { injectInjector } from '@/infra/di/inject'; import { injectInjector } from '@/infra/di/inject';
import { inject, runInInjectionContext } from '@outposts/injection-js'; import { inject, runInInjectionContext } from '@outposts/injection-js';
import type { ParsedLocation } from '@tanstack/react-router';
import { import {
CHECK_AUTH_RESULT_EVENT, CHECK_AUTH_RESULT_EVENT,
OidcSecurityService, OidcSecurityService,
@ -15,20 +16,8 @@ export class OidcAuthProvider extends AuthProvider {
checkAuthResultEvent$ = inject(CHECK_AUTH_RESULT_EVENT); checkAuthResultEvent$ = inject(CHECK_AUTH_RESULT_EVENT);
injector = injectInjector(); injector = injectInjector();
private setupSilentRenew() {
const parent = document.defaultView?.parent;
if (parent) {
const event = new CustomEvent('oidc-silent-renew-message', {
detail: document.defaultView?.location!,
});
parent.dispatchEvent(event);
}
}
setup() { setup() {
this.oidcSecurityService.checkAuth().subscribe(() => { this.oidcSecurityService.checkAuth().subscribe(() => {});
this.setupSilentRenew();
});
} }
get isAuthenticated$() { get isAuthenticated$() {
@ -45,9 +34,9 @@ export class OidcAuthProvider extends AuthProvider {
return this.oidcSecurityService.getAccessToken(); return this.oidcSecurityService.getAccessToken();
} }
autoLoginPartialRoutesGuard() { autoLoginPartialRoutesGuard({ location }: { location: ParsedLocation }) {
return runInInjectionContext(this.injector, () => return runInInjectionContext(this.injector, () =>
autoLoginPartialRoutesGuard() autoLoginPartialRoutesGuard(undefined, { url: location.href })
); );
} }
} }

36
pnpm-lock.yaml generated
View File

@ -228,11 +228,11 @@ importers:
specifier: ^0.9.0 specifier: ^0.9.0
version: 0.9.0(jotai@2.12.5(@types/react@19.1.8)(react@19.1.0))(react@19.1.0) version: 0.9.0(jotai@2.12.5(@types/react@19.1.8)(react@19.1.0))(react@19.1.0)
lucide-react: lucide-react:
specifier: ^0.514.0 specifier: ^0.515.0
version: 0.514.0(react@19.1.0) version: 0.515.0(react@19.1.0)
oidc-client-rx: oidc-client-rx:
specifier: 0.1.0-alpha.9 specifier: 0.1.0-alpha.12
version: 0.1.0-alpha.9(@tanstack/react-router@1.121.2(react-dom@19.1.0(react@19.1.0))(react@19.1.0))(@tanstack/solid-router@1.112.12(solid-js@1.9.7))(react@19.1.0)(rxjs@7.8.2)(solid-js@1.9.7) version: 0.1.0-alpha.12(@tanstack/react-router@1.121.2(react-dom@19.1.0(react@19.1.0))(react@19.1.0))(@tanstack/solid-router@1.112.12(solid-js@1.9.7))(react@19.1.0)(rxjs@7.8.2)(solid-js@1.9.7)
react: react:
specifier: ^19.1.0 specifier: ^19.1.0
version: 19.1.0 version: 19.1.0
@ -1560,11 +1560,11 @@ packages:
cpu: [x64] cpu: [x64]
os: [win32] os: [win32]
'@ngify/core@2.0.4': '@ngify/core@2.0.6':
resolution: {integrity: sha512-MyZ6TrD4NEEEpy5yBoAtCyAXySpLvi6kBrvJk1vl9s4dkU5H+/bKBeAy5gPvdbLQ6c6NHD3Y4cnnMBbhdtVOnA==} resolution: {integrity: sha512-SnJJlCHs+HvF/+hH4g2wf1oE7oHJ3JMFvsEY5R92JbF3DxZZld68vBQMuihhtI/TZURVgDE9Dx36bKtQBGgveA==}
'@ngify/http@2.0.4': '@ngify/http@2.0.6':
resolution: {integrity: sha512-3w3mMadsrkO0/xgLC5+79qqOJcRc+XvcBoOMZZBPFdiWg7wHWHULv48KHFVau+GbzvnXEza46W/xYyOMyR0F8g==} resolution: {integrity: sha512-MHuKIZljESbaVUEfkUM7Kk85lV4FkporAwgCj4AdP0JzSlO3MHOjLw3Pbrln2/hgRnap0ITPfQ+IBr1NJReSsA==}
peerDependencies: peerDependencies:
rxjs: ^7.0.0 rxjs: ^7.0.0
@ -4927,8 +4927,8 @@ packages:
lru-cache@5.1.1: lru-cache@5.1.1:
resolution: {integrity: sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==} resolution: {integrity: sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==}
lucide-react@0.514.0: lucide-react@0.515.0:
resolution: {integrity: sha512-HXD0OAMd+JM2xCjlwG1EGW9Nuab64dhjO3+MvdyD+pSUeOTBaVAPhQblKIYmmX4RyBYbdzW0VWnJpjJmxWGr6w==} resolution: {integrity: sha512-Sy7bY0MeicRm2pzrnoHm2h6C1iVoeHyBU2fjdQDsXGP51fhkhau1/ZV/dzrcxEmAKsxYb6bGaIsMnGHuQ5s0dw==}
peerDependencies: peerDependencies:
react: ^16.5.1 || ^17.0.0 || ^18.0.0 || ^19.0.0 react: ^16.5.1 || ^17.0.0 || ^18.0.0 || ^19.0.0
@ -5194,8 +5194,8 @@ packages:
resolution: {integrity: sha512-nK28WOo+QIjBkDduTINE4JkF/UJJKyf2EJxvJKfblDpyg0Q+pkOHNTL0Qwy6NP6FhE/EnzV73BxxqcJaXY9anw==} resolution: {integrity: sha512-nK28WOo+QIjBkDduTINE4JkF/UJJKyf2EJxvJKfblDpyg0Q+pkOHNTL0Qwy6NP6FhE/EnzV73BxxqcJaXY9anw==}
engines: {node: '>= 0.4'} engines: {node: '>= 0.4'}
oidc-client-rx@0.1.0-alpha.9: oidc-client-rx@0.1.0-alpha.12:
resolution: {integrity: sha512-LB8eRakdEM2BNYZ1sbqepvSZV3ZqdjTd6hc/tAhxf1wjzUxSNBLNJPDQ8p2D+FU36kXtdKhsul6HS7YKMNDH4g==} resolution: {integrity: sha512-mHMqeFCRMRqn6C8ABDMHSiiaG8h+ukPqdDeZ7g05gXL1XT2VUqtPiD5+MRvInXVu9Snfi5ZFHmNMuGR1W9dRDw==}
peerDependencies: peerDependencies:
'@tanstack/react-router': '*' '@tanstack/react-router': '*'
'@tanstack/solid-router': '*' '@tanstack/solid-router': '*'
@ -8036,13 +8036,13 @@ snapshots:
'@next/swc-win32-x64-msvc@15.3.3': '@next/swc-win32-x64-msvc@15.3.3':
optional: true optional: true
'@ngify/core@2.0.4': '@ngify/core@2.0.6':
dependencies: dependencies:
tslib: 2.8.1 tslib: 2.8.1
'@ngify/http@2.0.4(rxjs@7.8.2)': '@ngify/http@2.0.6(rxjs@7.8.2)':
dependencies: dependencies:
'@ngify/core': 2.0.4 '@ngify/core': 2.0.6
rxjs: 7.8.2 rxjs: 7.8.2
tslib: 2.8.1 tslib: 2.8.1
@ -11691,7 +11691,7 @@ snapshots:
dependencies: dependencies:
yallist: 3.1.1 yallist: 3.1.1
lucide-react@0.514.0(react@19.1.0): lucide-react@0.515.0(react@19.1.0):
dependencies: dependencies:
react: 19.1.0 react: 19.1.0
@ -11926,9 +11926,9 @@ snapshots:
has-symbols: 1.1.0 has-symbols: 1.1.0
object-keys: 1.1.1 object-keys: 1.1.1
oidc-client-rx@0.1.0-alpha.9(@tanstack/react-router@1.121.2(react-dom@19.1.0(react@19.1.0))(react@19.1.0))(@tanstack/solid-router@1.112.12(solid-js@1.9.7))(react@19.1.0)(rxjs@7.8.2)(solid-js@1.9.7): oidc-client-rx@0.1.0-alpha.12(@tanstack/react-router@1.121.2(react-dom@19.1.0(react@19.1.0))(react@19.1.0))(@tanstack/solid-router@1.112.12(solid-js@1.9.7))(react@19.1.0)(rxjs@7.8.2)(solid-js@1.9.7):
dependencies: dependencies:
'@ngify/http': 2.0.4(rxjs@7.8.2) '@ngify/http': 2.0.6(rxjs@7.8.2)
'@outposts/injection-js': 2.5.1 '@outposts/injection-js': 2.5.1
rfc4648: 1.5.4 rfc4648: 1.5.4
rxjs: 7.8.2 rxjs: 7.8.2