JNG-5319 reset session on app change

BlackBeltTechnology · Dec 14, 2023 · 60aa523 · 60aa523
1 parent ef11ef0
commit 60aa523
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 12 deletions.
diff --git a/judo-ui-react/src/main/resources/actor/src/auth/axiosInterceptor.ts.hbs b/judo-ui-react/src/main/resources/actor/src/auth/axiosInterceptor.ts.hbs
@@ -1,19 +1,40 @@
 {{> fragment.header.hbs }}
 
 import type { AxiosRequestConfig } from 'axios';
-import { User } from 'oidc-client-ts';
+import { User, WebStorageStateStore } from 'oidc-client-ts';
 
-const securityStore: { authority?: string, clientId?: string } = {};
+const securityStore: { authority?: string, clientId?: string, name?: string } = {};
 
 export function storeMeta(meta: any): void {
   securityStore.authority = meta.issuer;
   securityStore.clientId = meta.clientId;
+  securityStore.name = meta.name;
 }
 
+export const storageKey = () => `oidc.user:${securityStore.name!}`;
+
+// We need to store the user per realm, not per actor.
+const store: Storage = {
+ ...window.sessionStorage,
+ getItem(key: string): string | null {
+   return window.sessionStorage.getItem(storageKey());
+ },
+ setItem(key: string, value: string) {
+   window.sessionStorage.setItem(storageKey(), value);
+ },
+ removeItem(key: string) {
+    window.sessionStorage.removeItem(storageKey());
+  },
+}
+
+export const clearSecurityStorage = () => store.removeItem(storageKey());
+
+export const userStore = new WebStorageStateStore({ store: store as Storage });
+
 export function getUser(): any {
-  const { authority, clientId } = securityStore;
+  const { name } = securityStore;
 
-  const oidcStorage = window.sessionStorage.getItem(`oidc.user:${authority!}:${clientId!}`);
+  const oidcStorage = window.sessionStorage.getItem(storageKey());
   if (!oidcStorage) {
     return null;
   }

diff --git a/judo-ui-react/src/main/resources/actor/src/main.tsx.hbs b/judo-ui-react/src/main/resources/actor/src/main.tsx.hbs
@@ -18,7 +18,9 @@ import { PandinoProvider } from '@pandino/react-hooks';
 {{/ if }}
 {{# if application.authentication }}
     import { AuthProvider } from 'react-oidc-context';
-    import { axiosRequestInterceptor, Auth, storeMeta, getUser } from './auth';
+    import type { AuthProviderProps } from 'react-oidc-context';
+    import { WebStorageStateStore } from 'oidc-client-ts';
+    import { axiosRequestInterceptor, Auth, storeMeta, userStore } from './auth';
 {{/ if }}
 import { ThemeCustomization } from './theme';
 import { applicationCustomizer } from './custom';
@@ -73,14 +75,14 @@ const FILE_DEFAULT_BASE_URL: string = import.meta.env.VITE_FILE_DEFAULT_BASE_URL
 
     {{# if application.authentication }}
         const meta = await accessServiceImpl.getMetaData();
-        const { clientId, defaultScopes, issuer } = meta.security[0];
-        storeMeta({ issuer, clientId });
-
-        const oidcConfig = {
+        const { clientId, name, issuer } = meta.security[0];
+        storeMeta({ issuer, clientId, name });
+        const oidcConfig: AuthProviderProps = {
             authority: issuer,
             client_id: clientId,
             redirect_uri: window.location.href,
             automaticSilentRenew: true,
+            userStore,
         };
     {{/ if }}
 

diff --git a/judo-ui-react/src/main/resources/actor/src/utilities/application/change-application.ts.hbs b/judo-ui-react/src/main/resources/actor/src/utilities/application/change-application.ts.hbs
@@ -1,9 +1,10 @@
 {{> fragment.header.hbs }}
 
+import { clearSecurityStorage } from '~/auth';
 import type { HandleApplicationChange } from './interfaces';
 
 export const changeApplication: HandleApplicationChange = (applicationKey: string) => {
-    const { origin } = window.location;
-
-    window.location.href = origin + '/' + applicationKey;
+  clearSecurityStorage();
+  const { origin } = window.location;
+  window.location.href = origin + '/' + applicationKey;
 };