@asgardeo/auth-spa 0.2.22 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +72 -72
  2. package/package.json +1 -1
package/README.md CHANGED
@@ -153,7 +153,7 @@ Before trying out the sample apps, you need to create an application in **Asgard
153
153
 
154
154
  4. Click on Register. You will be navigated to management page of the **sample** application.
155
155
 
156
- 5. Add `https://localhost:5000` to **Allowed Origins** under **Access** tab and check **Public client** option.
156
+ 5. Add `https://localhost:3000` to **Allowed Origins** under **Access** tab and check **Public client** option.
157
157
 
158
158
  6. Click on **Update** at the bottom.
159
159
 
@@ -167,19 +167,19 @@ npm run build
167
167
 
168
168
  #### 1. HTML JavaScript Sample
169
169
 
170
- The _Callback URL_ of this app is `http://localhost:5000`.
170
+ The _Callback URL_ of this app is `http://localhost:3000`.
171
171
 
172
172
  You can try out the HTML JavaScript Sample App from the [samples/asgardeo-html-js-app](/samples/asgardeo-html-js-app/). The instructions to run the app can be found [here](/samples/asgardeo-html-js-app/README.md)
173
173
 
174
174
  #### 2. React JavaScript Sample
175
175
 
176
- The _Callback URL_ of this app is `http://localhost:5000`.
176
+ The _Callback URL_ of this app is `http://localhost:3000`.
177
177
 
178
178
  You can try out the React JS Sample App from the [samples/asgardeo-react-js-app](/samples/asgardeo-react-js-app). The instructions to run the app can be found [here](/samples/asgardeo-react-js-app/README.md)
179
179
 
180
180
  #### 3. React Typescript Sample
181
181
 
182
- The _Callback URL_ of this app is `http://localhost:5000`.
182
+ The _Callback URL_ of this app is `http://localhost:3000`.
183
183
 
184
184
  You can try out the React Typescript Sample App from the [samples/asgardeo-react-ts-app](/samples/asgardeo-react-ts-app). The instructions to run the app can be found [here](/samples/asgardeo-react-ts-app/README.md)
185
185
 
@@ -413,7 +413,7 @@ httpRequest(config: HttpRequestConfig): Promise<HttpResponse>;
413
413
  A config object with the settings necessary to send http requests. This object is similar to the `AxiosRequestConfig` but provides these additional attributes:
414
414
 
415
415
  | Attribute | Type | Default | Description |
416
- | ------------------------ | --------- | ------- | --------------------------------------------------------------------------------------------------------------------------------------------- |
416
+ |--------------------------|-----------|---------|-----------------------------------------------------------------------------------------------------------------------------------------------|
417
417
  | `attachToken` | `boolean` | `true` | If set to `true`, the token will be attached to the request header. |
418
418
  | `shouldEncodeToFormData` | `boolean` | `false` | If set to `true`, the request body will be encoded to `FormData`. The body (specified by the `data` attribute) should be a Javascript object. |
419
419
 
@@ -569,7 +569,7 @@ A Promise that resolves with an object containing the endpoints. To learn more a
569
569
  This method returns a promise that resolves with an object containing the OIDC endpoints obtained from the `.well-known` endpoint. The object contains the following attributes.
570
570
 
571
571
  | Attribute | Description |
572
- | --------------------- | ---------------------------------------------------------------------------------- |
572
+ |-----------------------|------------------------------------------------------------------------------------|
573
573
  | `"authorize"` | The endpoint to which the authorization request should be sent. |
574
574
  | `"jwks"` | The endpoint from which JSON Web Key Set can be obtained. |
575
575
  | `"oidcSessionIFrame"` | The URL of the page that should be loaded in an IFrame to get session information. |
@@ -677,14 +677,14 @@ A Promise that resolves with the [`BasicUserInfo`](#BasicUserInfo) object.
677
677
  This refreshes the access token and stores the refreshed session information in either the session or local storage as per your configuration. Note that this method cannot be used when the storage type is set to `webWorker` since the web worker automatically refreshes the token and there is no need for the developer to do it.
678
678
 
679
679
  This method also returns a Promise that resolves with an object containing the attributes mentioned in the table below.
680
- |Attribute|Description|
681
- |--|--|
682
- `"accessToken"`| The new access token |
683
- `"expiresIn"`| The expiry time in seconds|
684
- `"idToken"`| The ID token|
685
- `"refreshToken"`| The refresh token|
686
- `"scope"`| The scope of the access token|
687
- `"tokenType"`| The type of the token. E.g.: Bearer|
680
+ | Attribute | Description |
681
+ |------------------|-------------------------------------|
682
+ | `"accessToken"` | The new access token |
683
+ | `"expiresIn"` | The expiry time in seconds |
684
+ | `"idToken"` | The ID token |
685
+ | `"refreshToken"` | The refresh token |
686
+ | `"scope"` | The scope of the access token |
687
+ | `"tokenType"` | The type of the token. E.g.: Bearer |
688
688
 
689
689
  #### Example
690
690
 
@@ -718,14 +718,14 @@ The `on` method is used to hook callback functions to authentication methods. Th
718
718
  If you are using TypeScript, you may want to use the `Hooks` enum that consists of the following string literals instead of directly inputting the string value.
719
719
 
720
720
  | Hook | Method to which the callback function is attached | Returned Response |
721
- | :----------------------- | :------------------------------------------------------------------------------- | :-------------------------------------------------------------------------------------- |
721
+ |:-------------------------|:---------------------------------------------------------------------------------|:----------------------------------------------------------------------------------------|
722
722
  | `"sign-in"` | `signIn()` | The user information. See [getUserInfo()](#getuserinfo)'s return type for more details. |
723
723
  | `"sign-out"` | `signOut()` | |
724
724
  | `"initialize"` | `initialize()` | A boolean value indicating if the initialization was successful or not. |
725
- | `"http-request-start"` | `httpRequest()` (Called before an http request is sent) |
726
- | `"http-request-finish"` | `httpRequest()` (Called after an http request is sent and response is received.) |
727
- | `"http-request-error"` | `httpRequest()` (Called when an http request returns an error) |
728
- | `"http-request-success"` | `httpRequest()` (Called when an http requests returns a response successfully) |
725
+ | `"http-request-start"` | `httpRequest()` (Called before an http request is sent) | |
726
+ | `"http-request-finish"` | `httpRequest()` (Called after an http request is sent and response is received.) | |
727
+ | `"http-request-error"` | `httpRequest()` (Called when an http request returns an error) | |
728
+ | `"http-request-success"` | `httpRequest()` (Called when an http requests returns a response successfully) | |
729
729
  | `"revoke-access-token"` | `revokeAccessToken()` | A boolean value indicating if the process was successful or not |
730
730
  | `"custom-grant"` | `customGrant()` | Returns the response from the custom grant request. |
731
731
  | `sign-out-failed` | `signOut()` (Called when sign out fails) | An object of type [`SignOutError`](#SignOutError). |
@@ -913,39 +913,39 @@ auth.initialize(config);
913
913
  The `AuthClientConfig<Config>` interface extends the `AuthClientConfig<T>` interface provided by the `Asgardeo JavaScript Auth SDK` with the `Config` interface. This table lists the attributes that the `AuthClientConfig<T>` interface takes.
914
914
 
915
915
  This table shows the extended attributes provided by the `Config` interface.
916
- | Attribute | Required/Optional | Type | Default Value | Description |
917
- |:----|:----|:----|:----|:----|
918
- | [`storage`](#storage) | Optional | `"sessionStorage"`, `"webWorker"`, `"localStorage"` | `"sessionStorage"` | The storage medium where the session information such as the access token should be stored.| |
919
- | `resourceServerURLs` |Required if the `storage` is set to `webWorker` | `string[]` | `[]` | The URLs of the API endpoints. This is needed only if the storage method is set to `webWorker`. When API calls are made through the [`httpRequest`](#httprequest) or the [`httpRequestAll`](#httprequestall) method, only the calls to the endpoints specified in the `baseURL` attribute will be allowed. Everything else will be denied. | |
920
- |`requestTimeout` | Optional | `number`| 60000 (seconds) | Specifies in seconds how long a request to the web worker should wait before being timed out. |
921
- |`sessionRefreshInterval`|Optional|`number`| 300 (seconds)|Specifies how often the session state should be checked. To check the authentication state, the authorization endpoint is queried with the `prompt` parameter set to `none`.|
922
- |`checkSessionInterval` |Optional|`number`|3 (seconds)| Specifies how often the check-session iFrame should be queried to check the session state. This is used to perform single logout. |
923
- |`enableOIDCSessionManagement` |Optional|`boolean`| false | Flag to enable OIDC Session Management |
916
+ | Attribute | Required/Optional | Type | Default Value | Description |
917
+ |:------------------------------|:------------------------------------------------|:----------------------------------------------------|:-------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
918
+ | [`storage`](#storage) | Optional | `"sessionStorage"`, `"webWorker"`, `"localStorage"` | `"sessionStorage"` | The storage medium where the session information such as the access token should be stored. |
919
+ | `resourceServerURLs` | Required if the `storage` is set to `webWorker` | `string[]` | `[]` | The URLs of the API endpoints. This is needed only if the storage method is set to `webWorker`. When API calls are made through the [`httpRequest`](#httprequest) or the [`httpRequestAll`](#httprequestall) method, only the calls to the endpoints specified in the `baseURL` attribute will be allowed. Everything else will be denied. |
920
+ | `requestTimeout` | Optional | `number` | 60000 (seconds) | Specifies in seconds how long a request to the web worker should wait before being timed out. |
921
+ | `sessionRefreshInterval` | Optional | `number` | 300 (seconds) | Specifies how often the session state should be checked. To check the authentication state, the authorization endpoint is queried with the `prompt` parameter set to `none`. |
922
+ | `checkSessionInterval` | Optional | `number` | 3 (seconds) | Specifies how often the check-session iFrame should be queried to check the session state. This is used to perform single logout. |
923
+ | `enableOIDCSessionManagement` | Optional | `boolean` | false | Flag to enable OIDC Session Management |
924
924
 
925
925
  #### The AuthClientConfig Interface
926
926
 
927
- | Attribute | Required/Optional | Type | Default Value | Description |
928
- | ---------------------------- | ----------------- | --------------- | ----------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- |
929
- | `signInRedirectURL` | Required | `string` | "" | The URL to redirect to after the user authorizes the client app. eg: `https//localhost:3000/sign-in` |
930
- | `signOutRedirectURL` | Optional | `string` | The `signInRedirectURL` URL will be used if this value is not provided. | The URL to redirect to after the user | signs out. eg: `http://localhost:3000/dashboard` |
931
- | `clientHost` | Optional | `string` | The origin of the client app obtained using `window.origin` | The hostname of the client app. eg: `https://localhost:3000` |
932
- | `clientID` | Required | `string` | "" | The client ID of the OIDC application hosted in the Asgardeo. |
933
- | `clientSecret` | Optional | `string` | "" | The client secret of the OIDC application |
934
- | `enablePKCE` | Optional | `boolean` | `true` | Specifies if a PKCE should be sent with the request for the authorization code. |
935
- | `prompt` | Optional | `string` | "" | Specifies the prompt type of an OIDC request |
936
- | `responseMode` | Optional | `ResponseMode` | `"query"` | Specifies the response mode. The value can either be `query` or `form_post` |
937
- | `scope` | Optional | `string[]` | `["openid"]` | Specifies the requested scopes. |
938
- | `baseUrl` | Required | `string` | "" | The origin of the Identity Provider. eg: `https://api.asgardeo.io/t/<org_name>` |
939
- | `overrideWellEndpointConfig` | Optional | `boolean` | `false` | If this option is set to `true`, then the `endpoints` object will override endpoints obtained | from the `.well-known` endpoint. If this is set to `false`, then this will be used as a fallback if the request to the `.well-known` endpoint fails. |
940
- | `endpoints` | Optional (Required to provide all endpoints, if `wellKnownEndpoint` or `baseUrl` is not provided) | `OIDCEndpoints` | [OIDC Endpoints Default Values](#oidc-endpoints) | The OIDC endpoint URLs. The SDK will try to obtain the endpoint URLS | using the `.well-known` endpoint. If this fails, the SDK will use these endpoint URLs. If this attribute is not set, then the default endpoint URLs will be | used. However, if the `overrideWellEndpointConfig` is set to `true`, then this will override the endpoints obtained from the `.well-known` endpoint.
941
- | `wellKnownEndpoint` | Optional (Required if `baseUrl` or `endpoints` is not provided) | `string` | `"/oauth2/token/.well-known/openid-configuration"` | The URL of the `.well-known` endpoint. |
942
- | `validateIDToken` | Optional | `boolean` | `true` | Allows you to enable/disable JWT ID token validation after obtaining the ID token. |
943
- | `clockTolerance` | Optional | `number` | `60` | Allows you to configure the leeway when validating the id_token. |
927
+ | Attribute | Required/Optional | Type | Default Value | Description |
928
+ |------------------------------|---------------------------------------------------------------------------------------------------|-----------------|-------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------|
929
+ | `signInRedirectURL` | Required | `string` | "" | The URL to redirect to after the user authorizes the client app. eg: `https//localhost:3000/sign-in` |
930
+ | `signOutRedirectURL` | Optional | `string` | The `signInRedirectURL` URL will be used if this value is not provided. | The URL to redirect to after the user |
931
+ | `clientHost` | Optional | `string` | The origin of the client app obtained using `window.origin` | The hostname of the client app. eg: `https://localhost:3000` |
932
+ | `clientID` | Required | `string` | "" | The client ID of the OIDC application hosted in the Asgardeo. |
933
+ | `clientSecret` | Optional | `string` | "" | The client secret of the OIDC application |
934
+ | `enablePKCE` | Optional | `boolean` | `true` | Specifies if a PKCE should be sent with the request for the authorization code. |
935
+ | `prompt` | Optional | `string` | "" | Specifies the prompt type of an OIDC request |
936
+ | `responseMode` | Optional | `ResponseMode` | `"query"` | Specifies the response mode. The value can either be `query` or `form_post` |
937
+ | `scope` | Optional | `string[]` | `["openid"]` | Specifies the requested scopes. |
938
+ | `baseUrl` | Required | `string` | "" | The origin of the Identity Provider. eg: `https://api.asgardeo.io/t/<org_name>` |
939
+ | `overrideWellEndpointConfig` | Optional | `boolean` | `false` | If this option is set to `true`, then the `endpoints` object will override endpoints obtained |
940
+ | `endpoints` | Optional (Required to provide all endpoints, if `wellKnownEndpoint` or `baseUrl` is not provided) | `OIDCEndpoints` | [OIDC Endpoints Default Values](#oidc-endpoints) | The OIDC endpoint URLs. The SDK will try to obtain the endpoint URLS |
941
+ | `wellKnownEndpoint` | Optional (Required if `baseUrl` or `endpoints` is not provided) | `string` | `"/oauth2/token/.well-known/openid-configuration"` | The URL of the `.well-known` endpoint. |
942
+ | `validateIDToken` | Optional | `boolean` | `true` | Allows you to enable/disable JWT ID token validation after obtaining the ID token. |
943
+ | `clockTolerance` | Optional | `number` | `60` | Allows you to configure the leeway when validating the id_token. |
944
944
 
945
945
  ### BasicUserInfo
946
946
 
947
947
  | Attribute | Type | Description |
948
- | :-------------- | :------- | :------------------------------------------------------------------------------------------------- |
948
+ |:----------------|:---------|:---------------------------------------------------------------------------------------------------|
949
949
  | `email` | `string` | The email address of the user. |
950
950
  | `username` | `string` | The username of the user. |
951
951
  | `displayName` | `string` | The display name of the user. It is the `preferred_username` in the id token payload or the `sub`. |
@@ -957,7 +957,7 @@ This table shows the extended attributes provided by the `Config` interface.
957
957
  ### SignInConfig
958
958
 
959
959
  | Method | Required/Optional | Type | Default Value | Description |
960
- | -------------------- | ----------------- | --------------------- | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
960
+ |----------------------|-------------------|-----------------------|---------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
961
961
  | `callOnlyOnRedirect` | Optional | `boolean` | `false` | Makes sure that this function is executed only after being redirected from the Single-Sign-On page. This will be useful to send a token request after the user authenticates themself with the server. |
962
962
  | `fidp` | Optional | `string` | "" | The `fidp` parameter that can be used to redirect a user directly to an IdP's sign-in page. |
963
963
  | `forceInit` | Optional | `boolean` | `false` | Forces obtaining the OIDC endpoints from the `.well-known` endpoint. A request to this endpoint is not sent if a request has already been sent. This forces a request. |
@@ -965,23 +965,23 @@ This table shows the extended attributes provided by the `Config` interface.
965
965
 
966
966
  ### OIDCEndpoints
967
967
 
968
- | Method | Type | Default Value | Description |
969
- | ----------------------- | -------- | -------------------------------------------------- | ------------------------------------------------------------------------- |
970
- | `authorizationEndpoint` | `string` | `"/oauth2/authorize"` | The authorization endpoint. |
971
- | `tokenEndpoint` | `string` | `"/oauth2/token"` | The token endpoint. |
972
- | `userinfoEndpoint` | `string` | "" | The user-info endpoint. |
973
- | `jwksUri` | `string` | `"/oauth2/jwks"` | The JWKS URI. |
974
- | `registrationEndpoint` | `string` | "" | The registration endpoint. |
975
- | `revocationEndpoint` | `string` | `"/oauth2/revoke"` | The token-revocation endpoint. |
976
- | `introspectionEndpoint` | `string` | "" | The introspection endpoint. |
977
- | `checkSessionIframe` | `string` | `"/oidc/checksession"` | The check-session endpoint. |
978
- | `endSessionEndpoint` | `string` | `"/oidc/logout"` | The end-session endpoint. |
979
- | `issuer` | `string` | "" | The issuer of the token. |
968
+ | Method | Type | Default Value | Description |
969
+ |-------------------------|----------|------------------------|--------------------------------|
970
+ | `authorizationEndpoint` | `string` | `"/oauth2/authorize"` | The authorization endpoint. |
971
+ | `tokenEndpoint` | `string` | `"/oauth2/token"` | The token endpoint. |
972
+ | `userinfoEndpoint` | `string` | "" | The user-info endpoint. |
973
+ | `jwksUri` | `string` | `"/oauth2/jwks"` | The JWKS URI. |
974
+ | `registrationEndpoint` | `string` | "" | The registration endpoint. |
975
+ | `revocationEndpoint` | `string` | `"/oauth2/revoke"` | The token-revocation endpoint. |
976
+ | `introspectionEndpoint` | `string` | "" | The introspection endpoint. |
977
+ | `checkSessionIframe` | `string` | `"/oidc/checksession"` | The check-session endpoint. |
978
+ | `endSessionEndpoint` | `string` | `"/oidc/logout"` | The end-session endpoint. |
979
+ | `issuer` | `string` | "" | The issuer of the token. |
980
980
 
981
981
  ### CustomGrantConfig
982
982
 
983
983
  | Attribute | Required/Optional | Type | Default Value | Description |
984
- | ---------------- | ----------------- | --------- | ------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
984
+ |------------------|-------------------|-----------|---------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
985
985
  | `id` | Required | `string` | "" | Every custom-grant request should have an id. This attributes takes that id. |
986
986
  | `data` | Required | `any` | `null` | The data that should be sent in the body of the custom-grant request. You can use template tags to send session information. Refer to the [Custom Grant Template Tags](#custom-grant-template-tags) section for more details. |
987
987
  | `signInRequired` | Required | `boolean` | `false` | Specifies if the user should be sign-in or not to dispatch this custom-grant request. |
@@ -992,20 +992,20 @@ This table shows the extended attributes provided by the `Config` interface.
992
992
  #### Custom Grant Template Tags
993
993
 
994
994
  Session information can be attached to the body of a custom-grant request using template tags. This is useful when the session information is not exposed outside the SDK but you want such information to be used in custom-grant requests. The following table lists the available template tags.
995
- |Tag|Data|
996
- |--|--|
997
- |"{{token}}" | The access token.|
998
- |{{username}}" | The username.|
999
- |"{{scope}}" | The scope.|
1000
- |{{clientID}}" | The client ID.|
1001
- |"{{clientSecret}}" | The client secret.|
995
+ | Tag | Data |
996
+ |--------------------|--------------------|
997
+ | "{{token}}" | The access token. |
998
+ | {{username}}" | The username. |
999
+ | "{{scope}}" | The scope. |
1000
+ | {{clientID}}" | The client ID. |
1001
+ | "{{clientSecret}}" | The client secret. |
1002
1002
 
1003
1003
  #### The data attribute
1004
1004
 
1005
1005
  ### DecodedIDTokenPayload
1006
1006
 
1007
1007
  | Attribute | Type | Description |
1008
- | ------------------ | ---------------------- | ---------------------------------------------- |
1008
+ |--------------------|------------------------|------------------------------------------------|
1009
1009
  | aud | `string` \| `string[]` | The audience. |
1010
1010
  | sub | `string` | The subject. This is the username of the user. |
1011
1011
  | iss | `string` | The token issuer. |
@@ -1016,14 +1016,14 @@ Session information can be attached to the body of a custom-grant request using
1016
1016
  ### HTTPRequestConfig
1017
1017
 
1018
1018
  This extends the `AxiosRequestConfig` by providing an additional attribute that is used to specify if the access token should be attached to the request or not.
1019
- |Attribute | Type | Description|
1020
- |--|--|--|
1021
- |attachToken| `boolean`| Specifies if the access token should be attached to the header of the request.|
1019
+ | Attribute | Type | Description |
1020
+ |-------------|-----------|--------------------------------------------------------------------------------|
1021
+ | attachToken | `boolean` | Specifies if the access token should be attached to the header of the request. |
1022
1022
 
1023
1023
  ### SignOutError
1024
1024
 
1025
1025
  | Attribute | Type | Description |
1026
- | ----------------- | -------- | ---------------------- |
1026
+ |-------------------|----------|------------------------|
1027
1027
  | error | `string` | The error message. |
1028
1028
  | error_description | `string` | The error description. |
1029
1029
 
@@ -1052,7 +1052,7 @@ Error code consist of four parts separated by a `-`.
1052
1052
  - The fourth part refers to the type of error and is position. Example: `IV02` refers to an invalid argument error and the fact that this is the second error in the method/function. The following error types are available:
1053
1053
 
1054
1054
  | Error Code | Description |
1055
- | :--------- | :------------ |
1055
+ |:-----------|:--------------|
1056
1056
  | `NE` | Network Error |
1057
1057
  | `HE` | Http Error |
1058
1058
  | `IV` | Invalid |
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@asgardeo/auth-spa",
3
- "version": "0.2.22",
3
+ "version": "0.3.0",
4
4
  "description": "Asgardeo Auth SPA SDK to be used in Single-Page Applications.",
5
5
  "keywords": [
6
6
  "Asgardeo",