2025-08-29 15:04:52 +05:30
|
|
|
// import { atom } from 'jotai';
|
|
|
|
|
// import {
|
|
|
|
|
// atomWithLocalStorage,
|
|
|
|
|
// getLocalStorageItem,
|
|
|
|
|
// setLocalStorageItem,
|
|
|
|
|
// } from './utils/atomWithLocalStorage';
|
2024-01-21 23:50:56 +11:00
|
|
|
|
2026-06-30 15:55:30 -04:00
|
|
|
// OIDC/next-gen-auth (MSC3861) metadata needed to refresh + revoke tokens. Kept
|
|
|
|
|
// as a generic claims object so this core module stays decoupled from
|
|
|
|
|
// oidc-client-ts (the refresher casts idTokenClaims to IdTokenClaims).
|
|
|
|
|
export type OidcSessionMeta = {
|
|
|
|
|
issuer: string;
|
|
|
|
|
clientId: string;
|
|
|
|
|
redirectUri: string;
|
|
|
|
|
idTokenClaims?: Record<string, unknown>;
|
|
|
|
|
};
|
|
|
|
|
|
2024-01-21 23:50:56 +11:00
|
|
|
export type Session = {
|
|
|
|
|
baseUrl: string;
|
|
|
|
|
userId: string;
|
|
|
|
|
deviceId: string;
|
|
|
|
|
accessToken: string;
|
|
|
|
|
expiresInMs?: number;
|
|
|
|
|
refreshToken?: string;
|
|
|
|
|
fallbackSdkStores?: boolean;
|
2026-06-30 15:55:30 -04:00
|
|
|
oidc?: OidcSessionMeta;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
// OIDC-only localStorage keys (absent for password/legacy-SSO sessions).
|
|
|
|
|
const OIDC_KEYS = {
|
|
|
|
|
refreshToken: 'cinny_refresh_token',
|
|
|
|
|
expiresAt: 'cinny_expires_at',
|
|
|
|
|
issuer: 'cinny_oidc_issuer',
|
|
|
|
|
clientId: 'cinny_oidc_client_id',
|
|
|
|
|
redirectUri: 'cinny_oidc_redirect_uri',
|
|
|
|
|
idTokenClaims: 'cinny_oidc_id_token_claims',
|
|
|
|
|
} as const;
|
|
|
|
|
|
|
|
|
|
export type FallbackSessionExtra = {
|
|
|
|
|
refreshToken?: string;
|
|
|
|
|
expiresInMs?: number;
|
|
|
|
|
oidc?: OidcSessionMeta;
|
2024-01-21 23:50:56 +11:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
export type Sessions = Session[];
|
|
|
|
|
export type SessionStoreName = {
|
|
|
|
|
sync: string;
|
|
|
|
|
crypto: string;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Migration code for old session
|
|
|
|
|
*/
|
2025-08-29 15:04:52 +05:30
|
|
|
// const FALLBACK_STORE_NAME: SessionStoreName = {
|
|
|
|
|
// sync: 'web-sync-store',
|
|
|
|
|
// crypto: 'crypto-store',
|
|
|
|
|
// } as const;
|
2024-01-21 23:50:56 +11:00
|
|
|
|
2025-08-29 15:04:52 +05:30
|
|
|
export function setFallbackSession(
|
|
|
|
|
accessToken: string,
|
|
|
|
|
deviceId: string,
|
|
|
|
|
userId: string,
|
2026-05-21 23:30:50 -04:00
|
|
|
baseUrl: string,
|
2026-06-30 15:55:30 -04:00
|
|
|
extra?: FallbackSessionExtra,
|
2025-08-29 15:04:52 +05:30
|
|
|
) {
|
|
|
|
|
localStorage.setItem('cinny_access_token', accessToken);
|
|
|
|
|
localStorage.setItem('cinny_device_id', deviceId);
|
|
|
|
|
localStorage.setItem('cinny_user_id', userId);
|
|
|
|
|
localStorage.setItem('cinny_hs_base_url', baseUrl);
|
2026-06-30 15:55:30 -04:00
|
|
|
|
|
|
|
|
// OIDC fields — written only when present; otherwise cleared so a password
|
|
|
|
|
// session never carries stale OIDC state.
|
|
|
|
|
if (extra?.refreshToken) localStorage.setItem(OIDC_KEYS.refreshToken, extra.refreshToken);
|
|
|
|
|
else localStorage.removeItem(OIDC_KEYS.refreshToken);
|
|
|
|
|
|
|
|
|
|
if (typeof extra?.expiresInMs === 'number') {
|
|
|
|
|
// Store ABSOLUTE expiry to avoid drift across reloads.
|
|
|
|
|
localStorage.setItem(OIDC_KEYS.expiresAt, String(Date.now() + extra.expiresInMs));
|
|
|
|
|
} else localStorage.removeItem(OIDC_KEYS.expiresAt);
|
|
|
|
|
|
|
|
|
|
if (extra?.oidc) {
|
|
|
|
|
localStorage.setItem(OIDC_KEYS.issuer, extra.oidc.issuer);
|
|
|
|
|
localStorage.setItem(OIDC_KEYS.clientId, extra.oidc.clientId);
|
|
|
|
|
localStorage.setItem(OIDC_KEYS.redirectUri, extra.oidc.redirectUri);
|
|
|
|
|
if (extra.oidc.idTokenClaims) {
|
|
|
|
|
localStorage.setItem(OIDC_KEYS.idTokenClaims, JSON.stringify(extra.oidc.idTokenClaims));
|
|
|
|
|
} else localStorage.removeItem(OIDC_KEYS.idTokenClaims);
|
|
|
|
|
} else {
|
|
|
|
|
localStorage.removeItem(OIDC_KEYS.issuer);
|
|
|
|
|
localStorage.removeItem(OIDC_KEYS.clientId);
|
|
|
|
|
localStorage.removeItem(OIDC_KEYS.redirectUri);
|
|
|
|
|
localStorage.removeItem(OIDC_KEYS.idTokenClaims);
|
|
|
|
|
}
|
2025-08-29 15:04:52 +05:30
|
|
|
}
|
|
|
|
|
export const removeFallbackSession = () => {
|
2024-01-21 23:50:56 +11:00
|
|
|
localStorage.removeItem('cinny_hs_base_url');
|
|
|
|
|
localStorage.removeItem('cinny_user_id');
|
|
|
|
|
localStorage.removeItem('cinny_device_id');
|
|
|
|
|
localStorage.removeItem('cinny_access_token');
|
2026-06-30 15:55:30 -04:00
|
|
|
Object.values(OIDC_KEYS).forEach((key) => localStorage.removeItem(key));
|
2024-01-21 23:50:56 +11:00
|
|
|
};
|
2025-08-29 15:04:52 +05:30
|
|
|
export const getFallbackSession = (): Session | undefined => {
|
2024-01-21 23:50:56 +11:00
|
|
|
const baseUrl = localStorage.getItem('cinny_hs_base_url');
|
|
|
|
|
const userId = localStorage.getItem('cinny_user_id');
|
|
|
|
|
const deviceId = localStorage.getItem('cinny_device_id');
|
|
|
|
|
const accessToken = localStorage.getItem('cinny_access_token');
|
|
|
|
|
|
|
|
|
|
if (baseUrl && userId && deviceId && accessToken) {
|
|
|
|
|
const session: Session = {
|
|
|
|
|
baseUrl,
|
|
|
|
|
userId,
|
|
|
|
|
deviceId,
|
|
|
|
|
accessToken,
|
|
|
|
|
fallbackSdkStores: true,
|
|
|
|
|
};
|
|
|
|
|
|
2026-06-30 15:55:30 -04:00
|
|
|
const refreshToken = localStorage.getItem(OIDC_KEYS.refreshToken);
|
|
|
|
|
if (refreshToken) session.refreshToken = refreshToken;
|
|
|
|
|
|
|
|
|
|
const expiresAtRaw = localStorage.getItem(OIDC_KEYS.expiresAt);
|
|
|
|
|
if (expiresAtRaw) {
|
|
|
|
|
const expiresAt = Number(expiresAtRaw);
|
|
|
|
|
// Expose the REMAINING lifetime (clamped at 0); the SDK refreshes on 401.
|
|
|
|
|
if (Number.isFinite(expiresAt)) session.expiresInMs = Math.max(0, expiresAt - Date.now());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const issuer = localStorage.getItem(OIDC_KEYS.issuer);
|
|
|
|
|
const clientId = localStorage.getItem(OIDC_KEYS.clientId);
|
|
|
|
|
const redirectUri = localStorage.getItem(OIDC_KEYS.redirectUri);
|
|
|
|
|
if (issuer && clientId && redirectUri) {
|
|
|
|
|
let idTokenClaims: Record<string, unknown> | undefined;
|
|
|
|
|
const claimsRaw = localStorage.getItem(OIDC_KEYS.idTokenClaims);
|
|
|
|
|
if (claimsRaw) {
|
|
|
|
|
try {
|
|
|
|
|
idTokenClaims = JSON.parse(claimsRaw);
|
|
|
|
|
} catch {
|
|
|
|
|
/* corrupt claims — ignore, the refresher will re-validate on use */
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
session.oidc = { issuer, clientId, redirectUri, idTokenClaims };
|
|
|
|
|
}
|
|
|
|
|
|
2024-01-21 23:50:56 +11:00
|
|
|
return session;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return undefined;
|
|
|
|
|
};
|
|
|
|
|
/**
|
|
|
|
|
* End of migration code for old session
|
|
|
|
|
*/
|
|
|
|
|
|
2025-08-29 15:04:52 +05:30
|
|
|
// export const getSessionStoreName = (session: Session): SessionStoreName => {
|
|
|
|
|
// if (session.fallbackSdkStores) {
|
|
|
|
|
// return FALLBACK_STORE_NAME;
|
|
|
|
|
// }
|
2024-01-21 23:50:56 +11:00
|
|
|
|
2025-08-29 15:04:52 +05:30
|
|
|
// return {
|
|
|
|
|
// sync: `sync${session.userId}`,
|
|
|
|
|
// crypto: `crypto${session.userId}`,
|
|
|
|
|
// };
|
|
|
|
|
// };
|
2024-01-21 23:50:56 +11:00
|
|
|
|
2025-08-29 15:04:52 +05:30
|
|
|
// export const MATRIX_SESSIONS_KEY = 'matrixSessions';
|
|
|
|
|
// const baseSessionsAtom = atomWithLocalStorage<Sessions>(
|
|
|
|
|
// MATRIX_SESSIONS_KEY,
|
|
|
|
|
// (key) => {
|
|
|
|
|
// const defaultSessions: Sessions = [];
|
|
|
|
|
// const sessions = getLocalStorageItem(key, defaultSessions);
|
2024-01-21 23:50:56 +11:00
|
|
|
|
2025-08-29 15:04:52 +05:30
|
|
|
// // Before multi account support session was stored
|
|
|
|
|
// // as multiple item in local storage.
|
|
|
|
|
// // So we need these migration code.
|
|
|
|
|
// const fallbackSession = getFallbackSession();
|
|
|
|
|
// if (fallbackSession) {
|
|
|
|
|
// removeFallbackSession();
|
|
|
|
|
// sessions.push(fallbackSession);
|
|
|
|
|
// setLocalStorageItem(key, sessions);
|
|
|
|
|
// }
|
|
|
|
|
// return sessions;
|
|
|
|
|
// },
|
|
|
|
|
// (key, value) => {
|
|
|
|
|
// setLocalStorageItem(key, value);
|
|
|
|
|
// }
|
|
|
|
|
// );
|
2024-01-21 23:50:56 +11:00
|
|
|
|
2025-08-29 15:04:52 +05:30
|
|
|
// export type SessionsAction =
|
|
|
|
|
// | {
|
|
|
|
|
// type: 'PUT';
|
|
|
|
|
// session: Session;
|
|
|
|
|
// }
|
|
|
|
|
// | {
|
|
|
|
|
// type: 'DELETE';
|
|
|
|
|
// session: Session;
|
|
|
|
|
// };
|
2024-01-21 23:50:56 +11:00
|
|
|
|
2025-08-29 15:04:52 +05:30
|
|
|
// export const sessionsAtom = atom<Sessions, [SessionsAction], undefined>(
|
|
|
|
|
// (get) => get(baseSessionsAtom),
|
|
|
|
|
// (get, set, action) => {
|
|
|
|
|
// if (action.type === 'PUT') {
|
|
|
|
|
// const sessions = [...get(baseSessionsAtom)];
|
|
|
|
|
// const sessionIndex = sessions.findIndex(
|
|
|
|
|
// (session) => session.userId === action.session.userId
|
|
|
|
|
// );
|
|
|
|
|
// if (sessionIndex === -1) {
|
|
|
|
|
// sessions.push(action.session);
|
|
|
|
|
// } else {
|
|
|
|
|
// sessions.splice(sessionIndex, 1, action.session);
|
|
|
|
|
// }
|
|
|
|
|
// set(baseSessionsAtom, sessions);
|
|
|
|
|
// return;
|
|
|
|
|
// }
|
|
|
|
|
// if (action.type === 'DELETE') {
|
|
|
|
|
// const sessions = get(baseSessionsAtom).filter(
|
|
|
|
|
// (session) => session.userId !== action.session.userId
|
|
|
|
|
// );
|
|
|
|
|
// set(baseSessionsAtom, sessions);
|
|
|
|
|
// }
|
|
|
|
|
// }
|
|
|
|
|
// );
|