Merge branch 'main' into 3981-checkmarx-one-cookie-poisoning

client-frameworks-support/client-support-angular/package.json

@@ -34,6 +34,7 @@
     "@types/jasmine": "~3.6.0",
     "@types/node": "^12.11.1",
     "codelyzer": "^6.0.0",
+    "engine.io": "~6.5.5",
     "jasmine-core": "~3.8.0",
     "jasmine-spec-reporter": "~5.0.0",
     "karma": "~6.3.16",
@@ -42,9 +43,11 @@
     "karma-jasmine": "~4.0.0",
     "karma-jasmine-html-reporter": "^1.7.0",
     "ng-packagr": "^14.2.2",
+    "socket.io-adapter": "~2.5.5",
     "ts-node": "~8.3.0",
     "tslint": "~6.1.0",
-    "typescript": "~4.6.4"
+    "typescript": "~4.6.4",
+    "ws": "~8.17.1"
   },
   "engines": {
     "node": ">=18.19.1"

client/luigi-client.d.ts

@@ -594,10 +594,14 @@ export declare interface StorageManager {
 /**
  * Registers a listener called with the context object and the Luigi Core domain as soon as Luigi is instantiated. Defer your application bootstrap if you depend on authentication data coming from Luigi.
  * @param {Lifecycle~initListenerCallback} initFn the function that is called once Luigi is initialized, receives current context and origin as parameters
+ * @param {boolean} disableTpcCheck if set to `true` third party cookie check will be disabled via LuigiClient.
  * @memberof Lifecycle
  */
-export function addInitListener(initFn: (context: Context, origin?: string) => void): number;
-export type addInitListener = (initFn: (context: Context, origin?: string) => void) => number;
+export function addInitListener(initFn: (context: Context, origin?: string) => void, disableTpcCheck?: boolean): number;
+export type addInitListener = (
+  initFn: (context: Context, origin?: string) => void,
+  disableTpcCheck?: boolean
+) => number;
 
 /**
  * Callback of the addInitListener

client/src/lifecycleManager.js

@@ -9,6 +9,7 @@ class LifecycleManager extends LuigiClientBase {
   /** @private */
   constructor() {
     super();
+    this.disableTpcCheck = false;
     this.luigiInitialized = false;
     this.defaultContextKeys = ['context', 'internal', 'nodeParams', 'pathParams', 'searchParams'];
     this.setCurrentContext(
@@ -139,7 +140,7 @@ class LifecycleManager extends LuigiClientBase {
   }
 
   _tpcCheck() {
-    if (this.currentContext?.internal?.thirdPartyCookieCheck?.disabled) {
+    if (this.currentContext?.internal?.thirdPartyCookieCheck?.disabled || this.disableTpcCheck) {
       return;
     }
 
@@ -232,11 +233,13 @@ class LifecycleManager extends LuigiClientBase {
   /**
    * Registers a listener called with the context object and the Luigi Core domain as soon as Luigi is instantiated. Defer your application bootstrap if you depend on authentication data coming from Luigi.
    * @param {Lifecycle~initListenerCallback} initFn the function that is called once Luigi is initialized, receives current context and origin as parameters
+   * @param {boolean} disableTpcCheck if set to `true` third party cookie check will be disabled via LuigiClient.
    * @memberof Lifecycle
    * @example
    * const initListenerId = LuigiClient.addInitListener((context) => storeContextToMF(context))
    */
-  addInitListener(initFn) {
+  addInitListener(initFn, disableTpcCheck) {
+    this.disableTpcCheck = disableTpcCheck;
     const id = helpers.getRandomId();
     this._onInitFns[id] = initFn;
     if (this.luigiInitialized && helpers.isFunction(initFn)) {

client/src/luigi-client.js

@@ -26,8 +26,8 @@ class LuigiClient {
     }
   }
 
-  addInitListener(initFn) {
-    return lifecycleManager.addInitListener(initFn);
+  addInitListener(initFn, disableTpcCheck) {
+    return lifecycleManager.addInitListener(initFn, disableTpcCheck);
   }
   removeInitListener(id) {
     return lifecycleManager.removeInitListener(id);
@@ -105,7 +105,6 @@ class LuigiClient {
     return lifecycleManager.setViewGroupData(value);
   }
 
-
   /**
    * @private
    */

container/cypress/e2e/test-app/compound/wc-compound-container.cy.js

@@ -204,6 +204,19 @@ describe('Compound Container Tests', () => {
       cy.get('#defer-init-flag').should('exist');
     });
 
+    it('linkManagerChainRequests for navigation', () => {
+      cy.on('window:alert', stub);
+
+      cy.get(containerSelector)
+        .shadow()
+        .get('#linkManagerChainRequests')
+        .click()
+        .then(() => {
+          expect(stub.getCall(0)).to.be.calledWith('LuigiClient.linkManager().navigate()');
+          cy.hash().should('eq', '#hello-world-wc');
+        });
+    });
+
     it('LuigiClient API publishEvent', () => {
       cy.on('window:alert', stub);
 
@@ -224,5 +237,28 @@ describe('Compound Container Tests', () => {
           );
         });
     });
+
+    it('LuigiClient API uxManagerChainRequests', () => {
+      const alertMessages = [
+        'LuigiClient.uxManager().openUserSettings()',
+        'LuigiClient.uxManager().closeUserSettings()',
+        'LuigiClient.uxManager().removeBackdrop()',
+        'LuigiClient.uxManager().collapseLeftSideNav()',
+        'LuigiClient.uxManager().hideAppLoadingIndicator()',
+        'LuigiClient.uxManager().getDocumentTitle()=my-title'
+      ];
+
+      cy.on('window:alert', stub);
+
+      cy.get(containerSelector)
+        .shadow()
+        .get('#uxManagerManyRequests')
+        .click()
+        .then(() => {
+          alertMessages.forEach((msg, index) => {
+            expect(stub.getCall(index)).to.be.calledWith(msg);
+          });
+        });
+    });
   });
 });

container/cypress/e2e/test-app/wc/wc-container.cy.js

@@ -145,6 +145,19 @@ describe('Web Container Test', () => {
         .should('have.text', 'Received Custom Message: cool custom Message');
     });
 
+    it('linkManagerChainRequests for navigation', () => {
+      cy.on('window:alert', stub);
+
+      cy.get(containerSelector)
+        .shadow()
+        .get('#linkManagerChainRequests')
+        .click()
+        .then(() => {
+          expect(stub.getCall(0)).to.be.calledWith('LuigiClient.linkManager().navigate()');
+          cy.hash().should('eq', '#hello-world-wc');
+        });
+    });
+
     it('pathExists', () => {
       cy.on('window:alert', stub);
 
@@ -185,5 +198,28 @@ describe('Web Container Test', () => {
           expect(stub.getCall(0)).to.be.calledWith('My Custom Message from Microfrontend');
         });
     });
+
+    it('LuigiClient API uxManagerChainRequests', () => {
+      const alertMessages = [
+        'LuigiClient.uxManager().openUserSettings()',
+        'LuigiClient.uxManager().closeUserSettings()',
+        'LuigiClient.uxManager().removeBackdrop()',
+        'LuigiClient.uxManager().collapseLeftSideNav()',
+        'LuigiClient.uxManager().hideAppLoadingIndicator()',
+        'LuigiClient.uxManager().getDocumentTitle()=my-title'
+      ];
+
+      cy.on('window:alert', stub);
+
+      cy.get(containerSelector)
+        .shadow()
+        .get('#uxManagerManyRequests')
+        .click()
+        .then(() => {
+          alertMessages.forEach((msg, index) => {
+            expect(stub.getCall(index)).to.be.calledWith(msg);
+          });
+        });
+    });
   });
 });

container/src/services/container.service.ts

@@ -22,6 +22,7 @@ export class ContainerService {
    */
   sendCustomMessageToIframe(iframeHandle: any, msg: any, msgName?: string) {
     const messageName = msgName || 'custom';
+
     if (iframeHandle.iframe.contentWindow) {
       const iframeUrl = new URL(iframeHandle.iframe.src);
       messageName === 'custom'
@@ -42,22 +43,25 @@ export class ContainerService {
    */
   dispatch(msg: string, targetCnt: HTMLElement, data: any, callback?: Function, callbackName?: string): void {
     const customEvent = new CustomEvent(msg, { detail: data });
+
     if (callback && GenericHelperFunctions.isFunction(callback) && callbackName) {
       (customEvent as any)[callbackName] = data => {
         callback(data);
       };
     }
+
     targetCnt.dispatchEvent(customEvent);
   }
 
   /**
    * Retrieves the target container based on the event source.
-   * 
+   *
    * @param event The event object representing the source of the container.
-    @returns {Object| undefined} The target container object or undefined if not found.
+   * @returns {Object| undefined} The target container object or undefined if not found.
    */
   getTargetContainer(event) {
     let cnt;
+
     globalThis.__luigi_container_manager.container.forEach(element => {
       if (element.iframeHandle?.iframe && element.iframeHandle.iframe.contentWindow === event.source) {
         cnt = element;
@@ -113,7 +117,7 @@ export class ContainerService {
                     },
                     authData: targetCnt.authData || {}
                   },
-                  '*'
+                  target.origin
                 );
                 break;
               case LuigiInternalMessageID.NAVIGATION_REQUEST:
@@ -185,6 +189,7 @@ export class ContainerService {
       };
       window.addEventListener('message', globalThis.__luigi_container_manager.messageListener);
     }
+
     return globalThis.__luigi_container_manager;
   }
 

container/test-app/compound/compoundClientAPI.html

@@ -194,35 +194,38 @@ <h3>
       compoundContainer.addEventListener(MFEventID.SET_ANCHOR_LINK_REQUEST, event => {
         console.log('anchor', event.detail);
       });
-
-      // uxManager(). closeUserSettings openUserSettings collapseLeftSideNav
-      // setDocumentTitle removeBackdrop hideAppLoadingIndicator
+      compoundContainer.addEventListener(MFEventID.OPEN_USER_SETTINGS_REQUEST, event => {
+        console.log('Open User Settings Request received', event.detail);
+        alert('LuigiClient.uxManager().openUserSettings()');
+      });
       compoundContainer.addEventListener(MFEventID.CLOSE_USER_SETTINGS_REQUEST, event => {
         console.log('Close User Settings Request received', event.detail);
+        alert('LuigiClient.uxManager().closeUserSettings()');
       });
-      compoundContainer.addEventListener(MFEventID.OPEN_USER_SETTINGS_REQUEST, event => {
-        console.log('Open User Settings Request received', event.detail);
+      compoundContainer.addEventListener(MFEventID.REMOVE_BACKDROP_REQUEST, event => {
+        console.log('Remove Backdrop Request received', event.detail);
+        alert('LuigiClient.uxManager().removeBackdrop()');
       });
       compoundContainer.addEventListener(MFEventID.COLLAPSE_LEFT_NAV_REQUEST, event => {
         console.log('Collapse Left Side Nav Request received', event.detail);
+        alert('LuigiClient.uxManager().collapseLeftSideNav()');
       });
       compoundContainer.addEventListener(MFEventID.SET_DOCUMENT_TITLE_REQUEST, event => {
         console.log('Set Document Title Request received', event.detail);
-      });
-      compoundContainer.addEventListener(MFEventID.REMOVE_BACKDROP_REQUEST, event => {
-        console.log('Remove Backdrop Request received', event.detail);
+        compoundContainer.documentTitle = event.detail;
       });
       compoundContainer.addEventListener(
         MFEventID.HIDE_LOADING_INDICATOR_REQUEST,
         event => {
           console.log('Hide Loading Indicator Request received', event.detail);
+          alert('LuigiClient.uxManager().hideAppLoadingIndicator()');
         }
       );
 
       // linkManager listeners:
       // path exists
       compoundContainer.addEventListener(MFEventID.PATH_EXISTS_REQUEST, event => {
-        console.log('Remove Backdrop Request received', event.detail, event);
+        console.log('Path Exists Request received', event.detail, event);
         // send back result with defined 'callback'
         // event: MFEventID.PathExistsEvent can be used as an event type to get the callback function
         event.callback(true);