From 4f9ca8e903fc286f4d72ce069ad92873624ca2d3 Mon Sep 17 00:00:00 2001 From: Miya <44374710+krzempekk@users.noreply.github.com> Date: Wed, 11 Sep 2024 10:55:38 +0200 Subject: [PATCH] fix(oidc): ensure unique tabIds when page is duplicated (beta) (#1448) Co-authored-by: mkrzempek --- packages/oidc-client/src/initWorker.ts | 13 ++----- packages/oidc-client/src/keepSession.ts | 1 + packages/oidc-client/src/login.ts | 1 + packages/oidc-client/src/logout.ts | 1 + packages/oidc-client/src/oidc.ts | 47 +++++++++++++++++++++++++ packages/oidc-client/src/renewTokens.ts | 6 ++++ 6 files changed, 58 insertions(+), 11 deletions(-) diff --git a/packages/oidc-client/src/initWorker.ts b/packages/oidc-client/src/initWorker.ts index 3ebbf95fe..c8b40289c 100644 --- a/packages/oidc-client/src/initWorker.ts +++ b/packages/oidc-client/src/initWorker.ts @@ -57,17 +57,8 @@ export const defaultServiceWorkerUpdateRequireCallback = location.reload(); }; -const getTabId = (configurationName: string) => { - const tabId = sessionStorage.getItem(`oidc.tabId.${configurationName}`); - - if (tabId) { - return tabId; - } - - const newTabId = globalThis.crypto.randomUUID(); - sessionStorage.setItem(`oidc.tabId.${configurationName}`, newTabId); - return newTabId; -}; +const getTabId = (configurationName: string) => + sessionStorage.getItem(`oidc.tabId.${configurationName}`); const sendMessageAsync = registration => diff --git a/packages/oidc-client/src/keepSession.ts b/packages/oidc-client/src/keepSession.ts index eda987b4a..988f9a9fc 100644 --- a/packages/oidc-client/src/keepSession.ts +++ b/packages/oidc-client/src/keepSession.ts @@ -17,6 +17,7 @@ export const tryKeepSessionAsync = async (oidc: Oidc) => { configuration.authority, configuration.authority_configuration, ); + await oidc.ensureUniqueTabId(); serviceWorker = await initWorkerAsync(configuration, oidc.configurationName); if (serviceWorker) { const { tokens } = await serviceWorker.initAsync( diff --git a/packages/oidc-client/src/login.ts b/packages/oidc-client/src/login.ts index df60d67ae..b6c59f678 100644 --- a/packages/oidc-client/src/login.ts +++ b/packages/oidc-client/src/login.ts @@ -114,6 +114,7 @@ export const loginCallbackAsync = const href = oidc.location.getCurrentHref(); const queryParams = getParseQueryStringFromLocation(href); const sessionState = queryParams.session_state; + await oidc.ensureUniqueTabId(); const serviceWorker = await initWorkerAsync(configuration, oidc.configurationName); let storage; let nonceData; diff --git a/packages/oidc-client/src/logout.ts b/packages/oidc-client/src/logout.ts index 6c3007197..18f7fd877 100644 --- a/packages/oidc-client/src/logout.ts +++ b/packages/oidc-client/src/logout.ts @@ -44,6 +44,7 @@ export const destroyAsync = oidc => async status => { if (oidc.checkSessionIFrame) { oidc.checkSessionIFrame.stop(); } + await oidc.ensureUniqueTabId(); const serviceWorker = await initWorkerAsync(oidc.configuration, oidc.configurationName); if (!serviceWorker) { const session = initSession(oidc.configurationName, oidc.configuration.storage); diff --git a/packages/oidc-client/src/oidc.ts b/packages/oidc-client/src/oidc.ts index c8134a4ae..8b828703e 100644 --- a/packages/oidc-client/src/oidc.ts +++ b/packages/oidc-client/src/oidc.ts @@ -96,6 +96,8 @@ export class Oidc { public checkSessionIFrame: CheckSessionIFrame; public getFetch: () => Fetch; public location: ILOidcLocation; + public tabId: string; + private channel: BroadcastChannel; constructor( configuration: OidcConfiguration, configurationName = 'default', @@ -158,9 +160,52 @@ export class Oidc { this.destroyAsync.bind(this); this.logoutAsync.bind(this); this.renewTokensAsync.bind(this); + this.ensureUniqueTabId.bind(this); this.initAsync(this.configuration.authority, this.configuration.authority_configuration); } + async ensureUniqueTabId() { + const generateUniqueTabId = () => { + const newTabId = globalThis.crypto.randomUUID(); + sessionStorage.setItem(`oidc.tabId.${this.configurationName}`, newTabId); + this.tabId = newTabId; + }; + + if (!this.channel) { + this.channel = new BroadcastChannel(`oidc.broadcast-channel.${this.configurationName}`); + this.channel.onmessage = msg => { + const type = msg?.data?.type; + const tabId = msg?.data?.tabId; + + if (tabId === this.tabId) { + if (type === 'SEARCH') { + this.channel.postMessage({ type: 'FOUND', tabId }); + } else if (type === 'FOUND') { + generateUniqueTabId(); + } + } + }; + } + + const tabId = sessionStorage.getItem(`oidc.tabId.${this.configurationName}`); + + if (!tabId) { + generateUniqueTabId(); + return; + } + + this.channel.postMessage({ type: 'SEARCH', tabId }); + await new Promise(resolve => + setTimeout(() => { + // if there is no tabId, it means that duplicate wasn't found + if (!this.tabId) { + this.tabId = tabId; + } + resolve(); + }, 500), + ); + } + subscribeEvents(func): string { const id = getRandomInt(9999999999999).toString(); this.events.push({ id, func }); @@ -252,6 +297,7 @@ Please checkout that you are using OIDC hook inside a => { + await oidc.ensureUniqueTabId(); const serviceWorker = await initWorkerAsync(configuration, oidc.configurationName); if (serviceWorker) { const oidcServerConfiguration = await oidc.initAsync( @@ -66,6 +68,7 @@ export async function renewTokensAndStartTimerAsync( const lockResourcesName = `${configuration.client_id}_${oidc.configurationName}_${configuration.authority}`; let tokens: null; + await oidc.ensureUniqueTabId(); const serviceWorker = await initWorkerAsync(oidc.configuration, oidc.configurationName); if (configuration?.storage === window?.sessionStorage && !serviceWorker) { @@ -134,6 +137,7 @@ export const syncTokensInfoAsync = configuration.authority, configuration.authority_configuration, ); + await oidc.ensureUniqueTabId(); const serviceWorker = await initWorkerAsync(configuration, configurationName); if (serviceWorker) { const { status, tokens } = await serviceWorker.initAsync( @@ -228,6 +232,7 @@ const synchroniseTokensAsync = const localsilentLoginAsync = async () => { try { let loginParams; + await oidc.ensureUniqueTabId(); const serviceWorker = await initWorkerAsync(configuration, oidc.configurationName); if (serviceWorker) { loginParams = serviceWorker.getLoginParams(); @@ -390,6 +395,7 @@ const synchroniseTokensAsync = } updateTokens(tokenResponse.data); if (tokenResponse.demonstratingProofOfPossessionNonce) { + await oidc.ensureUniqueTabId(); const serviceWorker = await initWorkerAsync(configuration, oidc.configurationName); if (serviceWorker) { await serviceWorker.setDemonstratingProofOfPossessionNonce(