See https://tools.ietf.org/html/rfc7636
Supported in Keycloak since 7.0

Makes it focusable and react to keyboard events

We always need it to check if th user is logged in already, so doing
a dynamic import doesn't give us anything and just slows things down.

We need to override everything on the prod server, and having everything in one object
makes it clear what is keycloak specific (we could also prefix everything...).

So we can use the update event to wait for the global variables in other components.

Also don't log the status when we get a request as with mulitple users we spam the logs.
Moved to the app receiving the events instead.

In case the login happens through a login iframe and the iframe src either doesn't
exist or it doesn't respond with a message then keycloak will block in init() forever.

Add a timeout so that after 5 seconds we abort the init and emit a changed event.

We use it bundled in the API docs and need to set the right server depending on the api build env.

Neuber, Eugen Ramon authored 5 years ago and Reiter, Christoph committed 4 years ago

See issue #3

This can happen when the session expires, for example if the user has logged
out in another window.

This is useful whenn you want to use "logging-out" to clear user related data.

Every change to person etc should also mean a new token, so we can reduce
duplicated events by checking if the token has changed.

For example in case the token gets refreshed we want to advertise this to all clients.

We don't need it in all cases.

With the new ability to log in without redirecting to keycloak and reloading the page
we can now try to login on start every time.

Instead of remembering the login state in the session storage we just ask keycloak in an iframe
on start. To better describe this new behaviour rename the attribute from remember-login to try-login.

The newest keycloak library supporst a mode for doing the redirect in an iframe
with a separate page that needs to be whitelisted in keycloak.

The newer version also finally fixes the native promise bugs so we might as well
use the one from npm instead of fetching it from the keycloak server at runtime.

Move the keycloak code into its own class and try to abstract away as much as possible.

We now also react to all keycloak related events so logout, re-login etc are handled as well.

Fetch it from the common environ

This is in parallel to the existing events to avoid breaking things.
The goal here is to have one event which contains all the auth related
information to which everyone interessted can subscribe to.

The vpu-auth-update-request event can be emitted to trigger an update.

No final design, just a start.

Neuber, Eugen Ramon authored 5 years ago and Reiter, Christoph committed 4 years ago

TODO: rollup.config.js cleanup

Neuber, Eugen Ramon authored 5 years ago and Reiter, Christoph committed 4 years ago

Update vendor/common to enable caching on svg/icons