Sachin
Sachin
PostsComments
KKinde
Created by Sachin on 6/6/2024 in #💻┃support
Refused to frame 'https://website.kinde.com/' because an ancestor violates the CSP
It's not a blocking issue for me right now.
17 replies
KKinde
Created by Sachin on 6/6/2024 in #💻┃support
Refused to frame 'https://website.kinde.com/' because an ancestor violates the CSP
Found the issue, So its seems the Kinde middleware for nuxt do not store the id_token to the cookies and that is why we can not get the id_token on subsequent requests. 
import { defineEventHandler } from "h3";
import { getKindeClient } from "../utils/client.mjs";
import { getSession, updateSession, clearSession, useRuntimeConfig } from "#imports";
export default defineEventHandler(async (event) => {
  const sessionManager = await createSessionManager(event);
  const kindeContext = { sessionManager };
  const kindeClient = getKindeClient();
  for (const _key in kindeClient) {
    const key = _key;
    kindeContext[key] = kindeClient[key].bind(kindeClient, sessionManager);
  }
  event.context.kinde = kindeContext;
});
async function createSessionManager(event) {
  const keysInCookie = ["refresh_token", "access_token", "ac-state-key"];
  const memorySession = {};
  const config = useRuntimeConfig(event);
  const sessionConfig = {
    name: "kinde",
    cookie: config.kinde.cookie,
    password: config.kinde.password
  };
  return {
    async getSessionItem(itemKey) {
      const session = await getSession(event, sessionConfig);
      console.log(session.data)
      console.log(memorySession)
      return session.data[itemKey] || memorySession[itemKey];
    },
    async setSessionItem(itemKey, itemValue) {
      if (keysInCookie.includes(itemKey)) {
        await updateSession(event, sessionConfig, {
          [itemKey]: itemValue
        });
      } else {
        memorySession[itemKey] = itemValue;
      }
    },
    async removeSessionItem(itemKey) {
      if (keysInCookie.includes(itemKey)) {
        await updateSession(event, sessionConfig, {
          [itemKey]: void 0
        });
      } else {
        delete memorySession[itemKey];
      }
    },
    async destroySession() {
      for (const key in memorySession) {
        delete memorySession[key];
      }
      await clearSession(event, sessionConfig);
    }
  };
}
import { defineEventHandler } from "h3";
import { getKindeClient } from "../utils/client.mjs";
import { getSession, updateSession, clearSession, useRuntimeConfig } from "#imports";
export default defineEventHandler(async (event) => {
  const sessionManager = await createSessionManager(event);
  const kindeContext = { sessionManager };
  const kindeClient = getKindeClient();
  for (const _key in kindeClient) {
    const key = _key;
    kindeContext[key] = kindeClient[key].bind(kindeClient, sessionManager);
  }
  event.context.kinde = kindeContext;
});
async function createSessionManager(event) {
  const keysInCookie = ["refresh_token", "access_token", "ac-state-key"];
  const memorySession = {};
  const config = useRuntimeConfig(event);
  const sessionConfig = {
    name: "kinde",
    cookie: config.kinde.cookie,
    password: config.kinde.password
  };
  return {
    async getSessionItem(itemKey) {
      const session = await getSession(event, sessionConfig);
      console.log(session.data)
      console.log(memorySession)
      return session.data[itemKey] || memorySession[itemKey];
    },
    async setSessionItem(itemKey, itemValue) {
      if (keysInCookie.includes(itemKey)) {
        await updateSession(event, sessionConfig, {
          [itemKey]: itemValue
        });
      } else {
        memorySession[itemKey] = itemValue;
      }
    },
    async removeSessionItem(itemKey) {
      if (keysInCookie.includes(itemKey)) {
        await updateSession(event, sessionConfig, {
          [itemKey]: void 0
        });
      } else {
        delete memorySession[itemKey];
      }
    },
    async destroySession() {
      for (const key in memorySession) {
        delete memorySession[key];
      }
      await clearSession(event, sessionConfig);
    }
  };
}
17 replies
KKinde
Created by Sachin on 6/6/2024 in #💻┃support
Refused to frame 'https://website.kinde.com/' because an ancestor violates the CSP
Hi @Oli - Kinde I am trying to access the claim from id_token like mentioned here, I am using the "@nuxtjs/kinde": "^0.1.10" sdk. https://docs.kinde.com/developer-tools/sdks/backend/typescript-sdk/#getting-claims The below code is raising exception, because id_token value is not present on console.log(await event.context.kinde.getClaimValue('ext_provider', 'id_token')) I tried to to log the id_token from sessionManager and its also empty here, thus above exception. console.log(await event.context.kinde.sessionManager.getSessionItem('id_token')) The strange thing is When user log in, the id_token value is committed from here, @kinde-oss/kinde-typescript-sdk/dist/sdk/utilities/token-utils.js commitTokenToSession(sessionManager, tokens.id_token, 'id_token', validationDetails)
17 replies
KKinde
Created by Sachin on 6/6/2024 in #💻┃support
Refused to frame 'https://website.kinde.com/' because an ancestor violates the CSP
Hi @Oli - Kinde @Daniel_Kinde Thanks for the suggestion, we went with syncing ours users using Management API for now. But facing another issue not exactly sure what is happening here, I had one issue that is causing some confusion for me,  Let me provide you with some details, Its regarding not able to access the id_token value.The values are present when committing to sessionStorage from here, @kinde-oss/kinde-typescript-sdk/dist/sdk/utilities/token-utils.js 
export var commitTokensToSession = function (sessionManager, tokens, validationDetails) { return __awaiter(void 0, void 0, void 0, function () {
 return __generator(this, function (_a) {
 switch (_a.label) {
 case 0: return [4 /*yield*/, Promise.all([
 commitTokenToSession(sessionManager, tokens.refresh_token, 'refresh_token', validationDetails),
 commitTokenToSession(sessionManager, tokens.access_token, 'access_token', validationDetails),
 commitTokenToSession(sessionManager, tokens.id_token, 'id_token', validationDetails),
 ])];
 case 1:
 _a.sent();
 return [2 /*return*/];
 }
 });
}); };
export var commitTokensToSession = function (sessionManager, tokens, validationDetails) { return __awaiter(void 0, void 0, void 0, function () {
 return __generator(this, function (_a) {
 switch (_a.label) {
 case 0: return [4 /*yield*/, Promise.all([
 commitTokenToSession(sessionManager, tokens.refresh_token, 'refresh_token', validationDetails),
 commitTokenToSession(sessionManager, tokens.access_token, 'access_token', validationDetails),
 commitTokenToSession(sessionManager, tokens.id_token, 'id_token', validationDetails),
 ])];
 case 1:
 _a.sent();
 return [2 /*return*/];
 }
 });
}); };
But when I try to access it on one of our API's id_token it's coming undefined but access_token is present there. I am trying to get the ext_provider claim, So was trying to access the ID token. I looked at the id_token by decoding and the values are perfectly fine but not being able to access after commiting to session manager. We are using "@nuxtjs/kinde": "^0.1.10", 
console.log(await event.context.kinde.sessionManager.getSessionItem('access_token'))
console.log(await event.context.kinde.sessionManager.getSessionItem('id_token'))console.log(await event.context.kinde.getClaimValue('ext_provider', 'id_token'))
console.log(await event.context.kinde.sessionManager.getSessionItem('access_token'))
console.log(await event.context.kinde.sessionManager.getSessionItem('id_token'))console.log(await event.context.kinde.getClaimValue('ext_provider', 'id_token'))
17 replies
KKinde
Created by Sachin on 6/6/2024 in #💻┃support
Refused to frame 'https://website.kinde.com/' because an ancestor violates the CSP
@Daniel_Kinde 1. Yesterday on call we talked about there could be some other flow that could give us the same result, Can you please post it here. 2. Did you got the chance to know about that intermediate screen that asks users to signup for the first signin? 3. Where should I ask to change the owner for our account?
17 replies
KKinde
Created by Sachin on 6/6/2024 in #💻┃support
Refused to frame 'https://website.kinde.com/' because an ancestor violates the CSP
Hi @Daniel_Kinde One of our web app needs to be iframed into this app: https://app.gohighlevel.com/, and this is a must requirement. So for our app, we are using Kinde with Azure AD authentication and implemented a custom signin page for it. Once the user clicks the SignIn and gets redirected to Azure AD and after validating there, once it tries to redirected back to Kinde callback URL we get the above error. We know that this is a non recommended approach but most of our Users are using this: https://app.gohighlevel.com/ and for some custom features we need to iframed our newly developed app to the gohighlevel. Also skipping the authentication for specific route it not what we want to do.
17 replies
KKinde
Created by Sachin on 6/6/2024 in #💻┃support
Refused to frame 'https://website.kinde.com/' because an ancestor violates the CSP
Yes to be specific, Our application will be iframed into this app: https://app.gohighlevel.com/ So in CSP, we could just add this as allowed?
17 replies