If the page prevents the default handler in beforeunload the logout
never occurs and we end up in an endless transient "logging-out" state.

Prevent this by reverting the login status back in that case.

We don't want to depend on harcoded values in the build

No longer needed

These scopes get used for the keycloak login and in case they are registered
as optional scopes for that client get added to the access token.

See #7

This makes it easier to test actual requests and to debug the token content

Neuber, Eugen Ramon authored 5 years ago and Reiter, Christoph committed 4 years ago

(open menu with ENTER key)
See issue #6

Makes it focusable and react to keyboard events

We need to override everything on the prod server, and having everything in one object
makes it clear what is keycloak specific (we could also prefix everything...).

So we can use the update event to wait for the global variables in other components.

Also don't log the status when we get a request as with mulitple users we spam the logs.
Moved to the app receiving the events instead.

We use it bundled in the API docs and need to set the right server depending on the api build env.

Neuber, Eugen Ramon authored 5 years ago and Reiter, Christoph committed 4 years ago

See issue #3

This can happen when the session expires, for example if the user has logged
out in another window.

This is useful whenn you want to use "logging-out" to clear user related data.

Every change to person etc should also mean a new token, so we can reduce
duplicated events by checking if the token has changed.

For example in case the token gets refreshed we want to advertise this to all clients.

We don't need it in all cases.

With the new ability to log in without redirecting to keycloak and reloading the page
we can now try to login on start every time.

Instead of remembering the login state in the session storage we just ask keycloak in an iframe
on start. To better describe this new behaviour rename the attribute from remember-login to try-login.

The newest keycloak library supporst a mode for doing the redirect in an iframe
with a separate page that needs to be whitelisted in keycloak.

The newer version also finally fixes the native promise bugs so we might as well
use the one from npm instead of fetching it from the keycloak server at runtime.

Move the keycloak code into its own class and try to abstract away as much as possible.

We now also react to all keycloak related events so logout, re-login etc are handled as well.

Fetch it from the common environ

This is in parallel to the existing events to avoid breaking things.
The goal here is to have one event which contains all the auth related
information to which everyone interessted can subscribe to.

The vpu-auth-update-request event can be emitted to trigger an update.

No final design, just a start.

Neuber, Eugen Ramon authored 5 years ago and Reiter, Christoph committed 4 years ago

TODO: rollup.config.js cleanup

Neuber, Eugen Ramon authored 5 years ago and Reiter, Christoph committed 4 years ago

Update vendor/common to enable caching on svg/icons