Skip to content

Commit b4e0fbe

Browse files
cerebrlcerebrl
committed
fix(javascript-sdk): change pkce utility to return storage function
1 parent d26567d commit b4e0fbe

File tree

2 files changed

+12
-11
lines changed

2 files changed

+12
-11
lines changed

packages/javascript-sdk/src/oauth2-client/state-pkce.ts

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -28,12 +28,10 @@ export function generateAndStoreAuthUrlValues(options: GenerateAndStoreAuthUrlVa
2828
verifier,
2929
};
3030

31-
if (options.login === 'redirect') {
32-
// Since `login` is configured for "redirect", store authorize values and redirect
33-
sessionStorage.setItem(storageKey, JSON.stringify(authorizeUrlOptions));
34-
}
35-
36-
return { state, verifier, authorizeUrlOptions };
31+
return [
32+
authorizeUrlOptions,
33+
() => sessionStorage.setItem(storageKey, JSON.stringify(authorizeUrlOptions)),
34+
] as const;
3735
}
3836

3937
/**

packages/javascript-sdk/src/token-manager/index.ts

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -125,7 +125,7 @@ abstract class TokenManager {
125125
/**
126126
* Generate state and verifier for PKCE
127127
*/
128-
const { authorizeUrlOptions } = generateAndStoreAuthUrlValues({
128+
const [pkceValues, storePkceValues] = generateAndStoreAuthUrlValues({
129129
...config,
130130
clientId,
131131
prefix,
@@ -138,7 +138,7 @@ abstract class TokenManager {
138138
try {
139139
// Check expected browser support
140140
// To support legacy browsers, iframe works best with short timeout
141-
const parsedUrl = new URL(await OAuth2Client.getAuthCodeByIframe(authorizeUrlOptions));
141+
const parsedUrl = new URL(await OAuth2Client.getAuthCodeByIframe(pkceValues));
142142

143143
// Throw if we have an error param or have no authorization code
144144
if (parsedUrl.searchParams.get('error')) {
@@ -180,16 +180,19 @@ abstract class TokenManager {
180180
throw err;
181181
}
182182

183-
const authorizeUrl = await OAuth2Client.createAuthorizeUrl(authorizeUrlOptions);
183+
const authorizeUrl = await OAuth2Client.createAuthorizeUrl(pkceValues);
184+
185+
// Before redirecting, store PKCE values
186+
storePkceValues();
184187

185188
return location.assign(authorizeUrl);
186189
}
187190
/**
188191
* Exchange authorization code for tokens
189192
*/
190193
return await this.tokenExchange(options, {
191-
state: authorizeUrlOptions.state,
192-
verifier: authorizeUrlOptions.verifier,
194+
state: pkceValues.state,
195+
verifier: pkceValues.verifier,
193196
});
194197
}
195198

0 commit comments

Comments
 (0)