The newest keycloak library supporst a mode for doing the redirect in an iframe
with a separate page that needs to be whitelisted in keycloak.

The newer version also finally fixes the native promise bugs so we might as well
use the one from npm instead of fetching it from the keycloak server at runtime.

Move the keycloak code into its own class and try to abstract away as much as possible.

We now also react to all keycloak related events so logout, re-login etc are handled as well.

Fetch it from the common environ

This is in parallel to the existing events to avoid breaking things.
The goal here is to have one event which contains all the auth related
information to which everyone interessted can subscribe to.

The vpu-auth-update-request event can be emitted to trigger an update.

No final design, just a start.

Neuber, Eugen Ramon authored 5 years ago and Reiter, Christoph committed 4 years ago

TODO: rollup.config.js cleanup

Neuber, Eugen Ramon authored 5 years ago and Reiter, Christoph committed 4 years ago

Update vendor/common to enable caching on svg/icons

Neuber, Eugen Ramon authored 5 years ago and Reiter, Christoph committed 4 years ago

TODO: use them

Neuber, Eugen Ramon authored 5 years ago and Reiter, Christoph committed 4 years ago

(from material icon set)

This adds a hash which confuses keycloak and results in a redirect sometimes.

The keycloack token doesn't have to be the first thing in the hash
so don't assume it starts with a #

We keep the login state in the session storage and force a login in case the user was
logged in before.

This means a page refresh will try to restore the login state (which usually should mean
that it just flashes becasue of redirects). And new visitors get the logged out state by default.