diff --git a/src/Umbraco.Web.UI.Client/src/apps/app/app.element.ts b/src/Umbraco.Web.UI.Client/src/apps/app/app.element.ts index 43d28c0f01..8d8f3d2e8e 100644 --- a/src/Umbraco.Web.UI.Client/src/apps/app/app.element.ts +++ b/src/Umbraco.Web.UI.Client/src/apps/app/app.element.ts @@ -114,10 +114,6 @@ export class UmbAppElement extends UmbLitElement { // Try to initialise the auth flow and get the runtime status try { - if (this.bypassAuth === false) { - await this.#authFlow.fetchServiceConfiguration(); - } - // Get the current runtime level await this.#setInitStatus(); diff --git a/src/Umbraco.Web.UI.Client/src/shared/auth/auth-flow.ts b/src/Umbraco.Web.UI.Client/src/shared/auth/auth-flow.ts index f93a592d6a..0d12142e73 100644 --- a/src/Umbraco.Web.UI.Client/src/shared/auth/auth-flow.ts +++ b/src/Umbraco.Web.UI.Client/src/shared/auth/auth-flow.ts @@ -88,7 +88,7 @@ export class UmbAuthFlow { readonly #storageBackend: LocalStorageBackend; // state - #configuration: AuthorizationServiceConfiguration | undefined; + #configuration: AuthorizationServiceConfiguration; readonly #openIdConnectUrl: string; readonly #redirectUri: string; readonly #clientId: string; @@ -109,6 +109,13 @@ export class UmbAuthFlow { this.#clientId = clientId; this.#scope = scope; + this.#configuration = new AuthorizationServiceConfiguration({ + authorization_endpoint: `${openIdConnectUrl}/umbraco/management/api/v1/security/back-office/authorize`, + token_endpoint: `${openIdConnectUrl}/umbraco/management/api/v1/security/back-office/token`, + revocation_endpoint: `${openIdConnectUrl}/umbraco/management/api/v1/security/back-office/revoke`, + end_session_endpoint: `${openIdConnectUrl}/umbraco/management/api/v1/security/back-office/signout`, + }); + this.#notifier = new AuthorizationNotifier(); this.#tokenHandler = new BaseTokenRequestHandler(requestor); this.#storageBackend = new LocalStorageBackend(); @@ -155,11 +162,6 @@ export class UmbAuthFlow { * - If there is no new authorization to be made, do nothing */ async setInitialState() { - // Ensure there is a connection to the server - if (!this.#configuration) { - await this.fetchServiceConfiguration(); - } - const tokenResponseJson = await this.#storageBackend.getItem(TOKEN_RESPONSE_NAME); if (tokenResponseJson) { const response = new TokenResponse(JSON.parse(tokenResponseJson)); @@ -183,25 +185,12 @@ export class UmbAuthFlow { return this.#authorizationHandler.completeAuthorizationRequestIfPossible(); } - /** - * This method will query the server for the service configuration usually found at /.well-known/openid-configuration. - */ - async fetchServiceConfiguration(): Promise { - const response = await AuthorizationServiceConfiguration.fetchFromIssuer(this.#openIdConnectUrl, requestor); - this.#configuration = response; - } - /** * This method will make an authorization request to the server. * * @param username The username to use for the authorization request. It will be provided to the OpenID server as a hint. */ makeAuthorizationRequest(username?: string): void { - if (!this.#configuration) { - console.log('Unknown service configuration'); - throw new Error('Unknown service configuration'); - } - const extras: StringMap = { prompt: 'consent', access_type: 'offline' }; if (username) { @@ -252,11 +241,6 @@ export class UmbAuthFlow { * @returns The access token for the user. */ async performWithFreshTokens(): Promise { - if (!this.#configuration) { - console.log('Unknown service configuration'); - return Promise.reject('Unknown service configuration'); - } - if (!this.#refreshToken) { console.log('Missing refreshToken.'); return Promise.resolve('Missing refreshToken.'); @@ -294,11 +278,6 @@ export class UmbAuthFlow { * This method will make a token request to the server using the authorization code. */ async #makeRefreshTokenRequest(code: string, codeVerifier: string | undefined): Promise { - if (!this.#configuration) { - console.log('Unknown service configuration'); - return Promise.reject(); - } - const extras: StringMap = {}; if (codeVerifier) {