diff --git a/documentation/docs/api/Types/GetAccessTokenSilently.mdx b/documentation/docs/api/Types/GetAccessTokenSilently.mdx
new file mode 100644
index 00000000..b66f1e6b
--- /dev/null
+++ b/documentation/docs/api/Types/GetAccessTokenSilently.mdx
@@ -0,0 +1,17 @@
+---
+id: 'GetAccessTokenSilently'
+title: 'GetAccessTokenSilently'
+sidebar_label: 'GetAccessTokenSilently'
+sidebar_position: 1
+---
+import Type from '../_type-definitions/GetAccessTokenSilently.md';
+
+
+```ts
+import { type GetAccessTokenSilently } from '@orfium/toolbox';
+```
+
+### Definition
+
+
+
diff --git a/documentation/docs/api/Types/Permissions.mdx b/documentation/docs/api/Types/Permissions.mdx
new file mode 100644
index 00000000..4156ca1b
--- /dev/null
+++ b/documentation/docs/api/Types/Permissions.mdx
@@ -0,0 +1,17 @@
+---
+id: 'Permissions'
+title: 'Permissions'
+sidebar_label: 'Permissions'
+sidebar_position: 1
+---
+import Type from '../_type-definitions/Permissions.md';
+
+
+```ts
+import { type Permissions } from '@orfium/toolbox';
+```
+
+### Definition
+
+
+
diff --git a/documentation/docs/api/_type-definitions/DecodedTokenResponse.md b/documentation/docs/api/_type-definitions/DecodedTokenResponse.md
index 150db1e5..cab2201c 100644
--- a/documentation/docs/api/_type-definitions/DecodedTokenResponse.md
+++ b/documentation/docs/api/_type-definitions/DecodedTokenResponse.md
@@ -1,12 +1,11 @@
-| Name | Type |
-| :------------- | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `iss?` | `string` |
-| `sub?` | `string` |
-| `aud?` | `string[]` |
-| `iat?` | `number` |
-| `exp?` | `number` |
-| `azp?` | `string` |
-| `scope?` | `string` |
-| `org_id?` | `string` (_the organization id of the user currently selected_) |
-| `permissions?` | `string[]` (_the permissions defined on the user for more info visit https://orfium.atlassian.net/wiki/spaces/OPS/pages/2554134739/Roles+and+Permissions#Organization-Roles_) |
-
+| Name | Type | Info |
+| :------------- | :------------------------------------------- |:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `iss?` | `string` | |
+| `sub?` | `string` | |
+| `aud?` | `string[]` | |
+| `iat?` | `number` | |
+| `exp?` | `number` | |
+| `azp?` | `string` | |
+| `scope?` | `string` | |
+| `org_id?` | `string` | The organization id of the user currently selected |
+| `permissions?` | [`Permissions`](/docs/api/Types/Permissions) | The permissions defined on the user. For more info visit [this page](https://orfium.atlassian.net/wiki/spaces/OPS/pages/2554134739/Roles+and+Permissions#Organization-Roles) |
diff --git a/documentation/docs/api/_type-definitions/GetAccessTokenSilently.md b/documentation/docs/api/_type-definitions/GetAccessTokenSilently.md
new file mode 100644
index 00000000..9627a0f3
--- /dev/null
+++ b/documentation/docs/api/_type-definitions/GetAccessTokenSilently.md
@@ -0,0 +1 @@
+(opts?: GetTokenSilentlyOptions) => Promise\<
void |
\{
decodedToken: [DecodedTokenResponse](/docs/api/Types/DecodedTokenResponse) | Record\;
token: string;
\}
\>
\ No newline at end of file
diff --git a/documentation/docs/api/_type-definitions/Permissions.md b/documentation/docs/api/_type-definitions/Permissions.md
new file mode 100644
index 00000000..df2c2579
--- /dev/null
+++ b/documentation/docs/api/_type-definitions/Permissions.md
@@ -0,0 +1 @@
+`string[]`
\ No newline at end of file
diff --git a/documentation/docs/api/_type-definitions/UseAuthenticationReturnValue.md b/documentation/docs/api/_type-definitions/UseAuthenticationReturnValue.md
index e262dd37..0cbab516 100644
--- a/documentation/docs/api/_type-definitions/UseAuthenticationReturnValue.md
+++ b/documentation/docs/api/_type-definitions/UseAuthenticationReturnValue.md
@@ -1,8 +1,9 @@
-| Name | Type |
-| :----------------------- | :--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `isAuthenticated` | `boolean` |
-| `isLoading` | `boolean` |
-| `user` | [User](/docs/api/Types/User) | undefined |
-| `getAccessTokenSilently` | (opts?: GetTokenSilentlyOptions) => Promise\<
void |
\{
decodedToken: [DecodedTokenResponse](/docs/api/Types/DecodedTokenResponse) | Record\;
token: string;
\}
\>
|
-| `loginWithRedirect` | (o?: RedirectLoginOptions\) => Promise\ |
-| `logout` | `() => void` |
+| Name | Type |
+| :----------------------- |:------------------------------------------------------------------|
+| `isAuthenticated` | `boolean` |
+| `isLoading` | `boolean` |
+| `permissions` | [`Permissions`](/docs/api/Types/Permissions) |
+| `user` | [User](/docs/api/Types/User) | undefined |
+| `getAccessTokenSilently` | [`GetAccessTokenSilently`](/docs/api/Types/GetAccessTokenSilently) |
+| `loginWithRedirect` | (o?: RedirectLoginOptions\) => Promise\ |
+| `logout` | `() => void` |
diff --git a/documentation/docs/api/_type-definitions/UseOrfiumProductsReturnValue.md b/documentation/docs/api/_type-definitions/UseOrfiumProductsReturnValue.md
index 3201ba3c..c2d3a958 100644
--- a/documentation/docs/api/_type-definitions/UseOrfiumProductsReturnValue.md
+++ b/documentation/docs/api/_type-definitions/UseOrfiumProductsReturnValue.md
@@ -1 +1 @@
-[`Product`](../Types/Product)`[] | null`
+[Product](/docs/api/Types/Product)[] | null
diff --git a/documentation/docs/api/_type-definitions/UseOrganizationsReturnValue.md b/documentation/docs/api/_type-definitions/UseOrganizationsReturnValue.md
index ce0ba440..c2be32da 100644
--- a/documentation/docs/api/_type-definitions/UseOrganizationsReturnValue.md
+++ b/documentation/docs/api/_type-definitions/UseOrganizationsReturnValue.md
@@ -1,5 +1,5 @@
-| Name | Type |
-| :--------------------- | :--------------------------------------------------------------- |
-| `organizations` | [Organization](../Types/Organization)[] |
-| `selectedOrganization` | [Organization](../Types/Organization)[] | null |
-| `switchOrganization` | `(organisation: string) => void` |
+| Name | Type |
+| :--------------------- | :------------------------------------------------------------- |
+| `organizations` | [Organization](../Types/Organization)[] |
+| `selectedOrganization` | [Organization](../Types/Organization) | null |
+| `switchOrganization` | `(organisation: string) => void` |
diff --git a/src/contexts/authentication.ts b/src/contexts/authentication.ts
index 30bb48d6..f42d281d 100644
--- a/src/contexts/authentication.ts
+++ b/src/contexts/authentication.ts
@@ -1,6 +1,8 @@
import { type GetTokenSilentlyOptions, type RedirectLoginOptions } from '@auth0/auth0-spa-js';
import { createContext } from 'react';
+export type Permissions = string[];
+
export type DecodedTokenResponse = {
iss?: string;
sub?: string;
@@ -12,7 +14,7 @@ export type DecodedTokenResponse = {
/** the organization id of the user currently selected **/
org_id?: string;
/** the permissions defined on the user for more info visit https://orfium.atlassian.net/wiki/spaces/OPS/pages/2554134739/Roles+and+Permissions#Organization-Roles **/
- permissions?: string[];
+ permissions?: Permissions;
};
export type User = {
@@ -39,16 +41,19 @@ export type User = {
[key: string]: any;
};
+export type GetAccessTokenSilently = (opts?: GetTokenSilentlyOptions) => Promise<{
+ token: string;
+ decodedToken: DecodedTokenResponse | Record;
+} | void>;
+
export type AuthenticationContextValue = {
isAuthenticated: boolean;
isLoading: boolean;
loginWithRedirect(o?: RedirectLoginOptions): Promise;
- logout: (props?: { force?: boolean }) => void;
- getAccessTokenSilently: (opts?: GetTokenSilentlyOptions) => Promise<{
- token: string;
- decodedToken: DecodedTokenResponse | Record;
- } | void>;
+ logout: () => void;
+ getAccessTokenSilently: GetAccessTokenSilently;
user: User | undefined;
+ permissions: Permissions;
};
export const defaultAuthenticationContextValues: AuthenticationContextValue = {
@@ -58,6 +63,7 @@ export const defaultAuthenticationContextValues: AuthenticationContextValue = {
loginWithRedirect: () => Promise.resolve(),
logout: () => Promise.resolve('logged out'),
getAccessTokenSilently: () => Promise.resolve({ token: '', decodedToken: {} }),
+ permissions: [],
};
export const AuthenticationContext = createContext(
diff --git a/src/contexts/index.ts b/src/contexts/index.ts
index dfecfa9b..ab61885c 100644
--- a/src/contexts/index.ts
+++ b/src/contexts/index.ts
@@ -1,2 +1,7 @@
-export { type DecodedTokenResponse, type User } from './authentication';
+export {
+ type DecodedTokenResponse,
+ type GetAccessTokenSilently,
+ type Permissions,
+ type User,
+} from './authentication';
export { type Product } from './orfium-products';
diff --git a/src/providers/Authentication.tsx b/src/providers/Authentication.tsx
index 451abade..b6d0163a 100644
--- a/src/providers/Authentication.tsx
+++ b/src/providers/Authentication.tsx
@@ -6,7 +6,11 @@ import {
} from '@auth0/auth0-spa-js';
import { useCallback, useEffect, useState, type ReactNode } from 'react';
import { useErrorHandler } from 'react-error-boundary';
-import { AuthenticationContext } from '../contexts/authentication';
+import {
+ AuthenticationContext,
+ type GetAccessTokenSilently,
+ type Permissions,
+} from '../contexts/authentication';
import { _useOrganizations } from '../hooks/useOrganizations';
import { getAuth0Client, getTokenSilently, logoutAuth, onRedirectCallback } from '../utils/auth';
@@ -17,6 +21,7 @@ export function Authentication({ children }: AuthenticationProps) {
const [user, setUser] = useState>();
const [auth0Client, setAuth0Client] = useState();
const [isLoading, setIsLoading] = useState(true);
+ const [permissions, setPermissions] = useState([]);
// handleError is referentially stable, so it's safe to use as a dep in dep array
// https://github.com/bvaughn/react-error-boundary/blob/v3.1.4/src/index.tsx#L165C10-L165C18
@@ -39,7 +44,7 @@ export function Authentication({ children }: AuthenticationProps) {
[handleError]
);
- const getAccessTokenSilently = useCallback(
+ const getAccessTokenSilently: GetAccessTokenSilently = useCallback(
async (opts?: GetTokenSilentlyOptions) => {
try {
const result = await getTokenSilently(opts);
@@ -84,6 +89,9 @@ export function Authentication({ children }: AuthenticationProps) {
if (clientIsAuthenticated) {
const clientUser = await client.getUser();
setUser(clientUser);
+
+ const decodedTokenResponse = await getAccessTokenSilently();
+ setPermissions(decodedTokenResponse?.decodedToken.permissions || []);
}
setIsLoading(false);
@@ -102,7 +110,7 @@ export function Authentication({ children }: AuthenticationProps) {
handleError(error);
}
})();
- }, [handleError, invitation, loginWithRedirect, organization]);
+ }, [getAccessTokenSilently, handleError, invitation, loginWithRedirect, organization]);
useEffect(() => {
if (!isLoading && !isAuthenticated) {
@@ -142,6 +150,7 @@ export function Authentication({ children }: AuthenticationProps) {
logout: logoutAuth,
getAccessTokenSilently: (opts?: GetTokenSilentlyOptions) => getAccessTokenSilently(opts),
user,
+ permissions,
}}
>
{children}