@auth0/auth0-spa-js 1.17.1 → 1.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/auth0-spa-js.development.js +204 -124
- package/dist/auth0-spa-js.development.js.map +1 -1
- package/dist/auth0-spa-js.production.esm.js +1 -1
- package/dist/auth0-spa-js.production.esm.js.map +1 -1
- package/dist/auth0-spa-js.production.js +1 -1
- package/dist/auth0-spa-js.production.js.map +1 -1
- package/dist/lib/auth0-spa-js.cjs.js +204 -124
- package/dist/lib/auth0-spa-js.cjs.js.map +1 -1
- package/dist/typings/Auth0Client.d.ts +4 -1
- package/dist/typings/cache/cache-manager.d.ts +5 -4
- package/dist/typings/errors.d.ts +7 -0
- package/dist/typings/index.d.ts +1 -1
- package/dist/typings/transaction-manager.d.ts +3 -1
- package/dist/typings/version.d.ts +1 -1
- package/package.json +2 -4
- package/src/Auth0Client.ts +91 -11
- package/src/cache/cache-manager.ts +14 -17
- package/src/cache/key-manifest.ts +1 -1
- package/src/errors.ts +20 -5
- package/src/http.ts +7 -3
- package/src/index.cjs.ts +3 -1
- package/src/index.ts +2 -1
- package/src/storage.ts +22 -4
- package/src/transaction-manager.ts +7 -5
- package/src/version.ts +1 -1
package/README.md
CHANGED
|
@@ -31,7 +31,7 @@ Auth0 SDK for Single Page Applications using [Authorization Code Grant Flow with
|
|
|
31
31
|
From the CDN:
|
|
32
32
|
|
|
33
33
|
```html
|
|
34
|
-
<script src="https://cdn.auth0.com/js/auth0-spa-js/1.
|
|
34
|
+
<script src="https://cdn.auth0.com/js/auth0-spa-js/1.18/auth0-spa-js.production.js"></script>
|
|
35
35
|
```
|
|
36
36
|
|
|
37
37
|
Using [npm](https://npmjs.org):
|
|
@@ -310,7 +310,7 @@
|
|
|
310
310
|
(module.exports = function (key, value) {
|
|
311
311
|
return sharedStore[key] || (sharedStore[key] = value !== undefined ? value : {});
|
|
312
312
|
})('versions', []).push({
|
|
313
|
-
version: '3.16.
|
|
313
|
+
version: '3.16.3',
|
|
314
314
|
mode: 'global',
|
|
315
315
|
copyright: '© 2021 Denis Pushkarev (zloirock.ru)'
|
|
316
316
|
});
|
|
@@ -1060,17 +1060,15 @@
|
|
|
1060
1060
|
var iframe = documentCreateElement('iframe');
|
|
1061
1061
|
var JS = 'java' + SCRIPT + ':';
|
|
1062
1062
|
var iframeDocument;
|
|
1063
|
-
|
|
1064
|
-
|
|
1065
|
-
|
|
1066
|
-
|
|
1067
|
-
|
|
1068
|
-
|
|
1069
|
-
|
|
1070
|
-
|
|
1071
|
-
|
|
1072
|
-
return iframeDocument.F;
|
|
1073
|
-
}
|
|
1063
|
+
iframe.style.display = 'none';
|
|
1064
|
+
html.appendChild(iframe);
|
|
1065
|
+
// https://github.com/zloirock/core-js/issues/475
|
|
1066
|
+
iframe.src = String(JS);
|
|
1067
|
+
iframeDocument = iframe.contentWindow.document;
|
|
1068
|
+
iframeDocument.open();
|
|
1069
|
+
iframeDocument.write(scriptTag('document.F=Object'));
|
|
1070
|
+
iframeDocument.close();
|
|
1071
|
+
return iframeDocument.F;
|
|
1074
1072
|
};
|
|
1075
1073
|
|
|
1076
1074
|
// Check for document.domain and active x support
|
|
@@ -1083,10 +1081,11 @@
|
|
|
1083
1081
|
try {
|
|
1084
1082
|
activeXDocument = new ActiveXObject('htmlfile');
|
|
1085
1083
|
} catch (error) { /* ignore */ }
|
|
1086
|
-
NullProtoObject = document
|
|
1087
|
-
|
|
1088
|
-
|
|
1089
|
-
|
|
1084
|
+
NullProtoObject = typeof document != 'undefined'
|
|
1085
|
+
? document.domain && activeXDocument
|
|
1086
|
+
? NullProtoObjectViaActiveX(activeXDocument) // old IE
|
|
1087
|
+
: NullProtoObjectViaIFrame()
|
|
1088
|
+
: NullProtoObjectViaActiveX(activeXDocument); // WSH
|
|
1090
1089
|
var length = enumBugKeys.length;
|
|
1091
1090
|
while (length--) delete NullProtoObject[PROTOTYPE$1][enumBugKeys[length]];
|
|
1092
1091
|
return NullProtoObject();
|
|
@@ -3890,7 +3889,7 @@
|
|
|
3890
3889
|
|
|
3891
3890
|
var Lock = unwrapExports(browserTabsLock);
|
|
3892
3891
|
|
|
3893
|
-
var version = '1.
|
|
3892
|
+
var version = '1.18.0';
|
|
3894
3893
|
|
|
3895
3894
|
/**
|
|
3896
3895
|
* @ignore
|
|
@@ -3961,7 +3960,7 @@
|
|
|
3961
3960
|
var GenericError = /** @class */ (function (_super) {
|
|
3962
3961
|
__extends(GenericError, _super);
|
|
3963
3962
|
function GenericError(error, error_description) {
|
|
3964
|
-
var _this = _super.call(this, error_description) || this;
|
|
3963
|
+
var _this = _super.call(this, error_description) /* istanbul ignore next */ || this;
|
|
3965
3964
|
_this.error = error;
|
|
3966
3965
|
_this.error_description = error_description;
|
|
3967
3966
|
Object.setPrototypeOf(_this, GenericError.prototype);
|
|
@@ -3981,7 +3980,7 @@
|
|
|
3981
3980
|
__extends(AuthenticationError, _super);
|
|
3982
3981
|
function AuthenticationError(error, error_description, state, appState) {
|
|
3983
3982
|
if (appState === void 0) { appState = null; }
|
|
3984
|
-
var _this = _super.call(this, error, error_description) || this;
|
|
3983
|
+
var _this = _super.call(this, error, error_description) /* istanbul ignore next */ || this;
|
|
3985
3984
|
_this.state = state;
|
|
3986
3985
|
_this.appState = appState;
|
|
3987
3986
|
//https://github.com/Microsoft/TypeScript-wiki/blob/master/Breaking-Changes.md#extending-built-ins-like-error-array-and-map-may-no-longer-work
|
|
@@ -3997,7 +3996,7 @@
|
|
|
3997
3996
|
var TimeoutError = /** @class */ (function (_super) {
|
|
3998
3997
|
__extends(TimeoutError, _super);
|
|
3999
3998
|
function TimeoutError() {
|
|
4000
|
-
var _this = _super.call(this, 'timeout', 'Timeout') || this;
|
|
3999
|
+
var _this = _super.call(this, 'timeout', 'Timeout') /* istanbul ignore next */ || this;
|
|
4001
4000
|
//https://github.com/Microsoft/TypeScript-wiki/blob/master/Breaking-Changes.md#extending-built-ins-like-error-array-and-map-may-no-longer-work
|
|
4002
4001
|
Object.setPrototypeOf(_this, TimeoutError.prototype);
|
|
4003
4002
|
return _this;
|
|
@@ -4010,7 +4009,7 @@
|
|
|
4010
4009
|
var PopupTimeoutError = /** @class */ (function (_super) {
|
|
4011
4010
|
__extends(PopupTimeoutError, _super);
|
|
4012
4011
|
function PopupTimeoutError(popup) {
|
|
4013
|
-
var _this = _super.call(this) || this;
|
|
4012
|
+
var _this = _super.call(this) /* istanbul ignore next */ || this;
|
|
4014
4013
|
_this.popup = popup;
|
|
4015
4014
|
//https://github.com/Microsoft/TypeScript-wiki/blob/master/Breaking-Changes.md#extending-built-ins-like-error-array-and-map-may-no-longer-work
|
|
4016
4015
|
Object.setPrototypeOf(_this, PopupTimeoutError.prototype);
|
|
@@ -4021,13 +4020,27 @@
|
|
|
4021
4020
|
var PopupCancelledError = /** @class */ (function (_super) {
|
|
4022
4021
|
__extends(PopupCancelledError, _super);
|
|
4023
4022
|
function PopupCancelledError(popup) {
|
|
4024
|
-
var _this = _super.call(this, 'cancelled', 'Popup closed') || this;
|
|
4023
|
+
var _this = _super.call(this, 'cancelled', 'Popup closed') /* istanbul ignore next */ || this;
|
|
4025
4024
|
_this.popup = popup;
|
|
4026
4025
|
//https://github.com/Microsoft/TypeScript-wiki/blob/master/Breaking-Changes.md#extending-built-ins-like-error-array-and-map-may-no-longer-work
|
|
4027
4026
|
Object.setPrototypeOf(_this, PopupCancelledError.prototype);
|
|
4028
4027
|
return _this;
|
|
4029
4028
|
}
|
|
4030
4029
|
return PopupCancelledError;
|
|
4030
|
+
}(GenericError));
|
|
4031
|
+
/**
|
|
4032
|
+
* Error thrown when the token exchange results in a `mfa_required` error
|
|
4033
|
+
*/
|
|
4034
|
+
var MfaRequiredError = /** @class */ (function (_super) {
|
|
4035
|
+
__extends(MfaRequiredError, _super);
|
|
4036
|
+
function MfaRequiredError(error, error_description, mfa_token) {
|
|
4037
|
+
var _this = _super.call(this, error, error_description) /* istanbul ignore next */ || this;
|
|
4038
|
+
_this.mfa_token = mfa_token;
|
|
4039
|
+
//https://github.com/Microsoft/TypeScript-wiki/blob/master/Breaking-Changes.md#extending-built-ins-like-error-array-and-map-may-no-longer-work
|
|
4040
|
+
Object.setPrototypeOf(_this, MfaRequiredError.prototype);
|
|
4041
|
+
return _this;
|
|
4042
|
+
}
|
|
4043
|
+
return MfaRequiredError;
|
|
4031
4044
|
}(GenericError));
|
|
4032
4045
|
|
|
4033
4046
|
var parseQueryResult = function (queryString) {
|
|
@@ -4298,7 +4311,7 @@
|
|
|
4298
4311
|
};
|
|
4299
4312
|
function getJSON(url, timeout, audience, scope, options, worker, useFormData) {
|
|
4300
4313
|
return __awaiter(this, void 0, void 0, function () {
|
|
4301
|
-
var fetchError, response, i, e_1, _a, error, error_description,
|
|
4314
|
+
var fetchError, response, i, e_1, _a, error, error_description, data, ok, errorMessage;
|
|
4302
4315
|
return __generator(this, function (_b) {
|
|
4303
4316
|
switch (_b.label) {
|
|
4304
4317
|
case 0:
|
|
@@ -4333,12 +4346,15 @@
|
|
|
4333
4346
|
fetchError.message = fetchError.message || 'Failed to fetch';
|
|
4334
4347
|
throw fetchError;
|
|
4335
4348
|
}
|
|
4336
|
-
_a = response.json, error = _a.error, error_description = _a.error_description,
|
|
4349
|
+
_a = response.json, error = _a.error, error_description = _a.error_description, data = __rest(_a, ["error", "error_description"]), ok = response.ok;
|
|
4337
4350
|
if (!ok) {
|
|
4338
4351
|
errorMessage = error_description || "HTTP error. Unable to fetch " + url;
|
|
4352
|
+
if (error === 'mfa_required') {
|
|
4353
|
+
throw new MfaRequiredError(error, errorMessage, data.mfa_token);
|
|
4354
|
+
}
|
|
4339
4355
|
throw new GenericError(error || 'request_error', errorMessage);
|
|
4340
4356
|
}
|
|
4341
|
-
return [2 /*return*/,
|
|
4357
|
+
return [2 /*return*/, data];
|
|
4342
4358
|
}
|
|
4343
4359
|
});
|
|
4344
4360
|
});
|
|
@@ -4483,76 +4499,11 @@
|
|
|
4483
4499
|
return InMemoryCache;
|
|
4484
4500
|
}());
|
|
4485
4501
|
|
|
4486
|
-
var CacheKeyManifest = /** @class */ (function () {
|
|
4487
|
-
function CacheKeyManifest(cache, clientId) {
|
|
4488
|
-
this.cache = cache;
|
|
4489
|
-
this.clientId = clientId;
|
|
4490
|
-
this.manifestKey = this.createManifestKeyFrom(clientId);
|
|
4491
|
-
}
|
|
4492
|
-
CacheKeyManifest.prototype.add = function (key) {
|
|
4493
|
-
var _a;
|
|
4494
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
4495
|
-
var keys, _b;
|
|
4496
|
-
return __generator(this, function (_c) {
|
|
4497
|
-
switch (_c.label) {
|
|
4498
|
-
case 0:
|
|
4499
|
-
_b = Set.bind;
|
|
4500
|
-
return [4 /*yield*/, this.cache.get(this.manifestKey)];
|
|
4501
|
-
case 1:
|
|
4502
|
-
keys = new (_b.apply(Set, [void 0, ((_a = (_c.sent())) === null || _a === void 0 ? void 0 : _a.keys) || []]))();
|
|
4503
|
-
keys.add(key);
|
|
4504
|
-
return [4 /*yield*/, this.cache.set(this.manifestKey, {
|
|
4505
|
-
keys: __spreadArray([], __read(keys))
|
|
4506
|
-
})];
|
|
4507
|
-
case 2:
|
|
4508
|
-
_c.sent();
|
|
4509
|
-
return [2 /*return*/];
|
|
4510
|
-
}
|
|
4511
|
-
});
|
|
4512
|
-
});
|
|
4513
|
-
};
|
|
4514
|
-
CacheKeyManifest.prototype.remove = function (key) {
|
|
4515
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
4516
|
-
var entry, keys;
|
|
4517
|
-
return __generator(this, function (_a) {
|
|
4518
|
-
switch (_a.label) {
|
|
4519
|
-
case 0: return [4 /*yield*/, this.cache.get(this.manifestKey)];
|
|
4520
|
-
case 1:
|
|
4521
|
-
entry = _a.sent();
|
|
4522
|
-
if (!entry) return [3 /*break*/, 5];
|
|
4523
|
-
keys = new Set(entry.keys);
|
|
4524
|
-
keys.delete(key);
|
|
4525
|
-
if (!(keys.size > 0)) return [3 /*break*/, 3];
|
|
4526
|
-
return [4 /*yield*/, this.cache.set(this.manifestKey, { keys: __spreadArray([], __read(keys)) })];
|
|
4527
|
-
case 2: return [2 /*return*/, _a.sent()];
|
|
4528
|
-
case 3: return [4 /*yield*/, this.cache.remove(this.manifestKey)];
|
|
4529
|
-
case 4: return [2 /*return*/, _a.sent()];
|
|
4530
|
-
case 5: return [2 /*return*/];
|
|
4531
|
-
}
|
|
4532
|
-
});
|
|
4533
|
-
});
|
|
4534
|
-
};
|
|
4535
|
-
CacheKeyManifest.prototype.get = function () {
|
|
4536
|
-
return this.cache.get(this.manifestKey);
|
|
4537
|
-
};
|
|
4538
|
-
CacheKeyManifest.prototype.clear = function () {
|
|
4539
|
-
return this.cache.remove(this.manifestKey);
|
|
4540
|
-
};
|
|
4541
|
-
CacheKeyManifest.prototype.createManifestKeyFrom = function (clientId) {
|
|
4542
|
-
return CACHE_KEY_PREFIX + "::" + clientId;
|
|
4543
|
-
};
|
|
4544
|
-
return CacheKeyManifest;
|
|
4545
|
-
}());
|
|
4546
|
-
|
|
4547
4502
|
var DEFAULT_EXPIRY_ADJUSTMENT_SECONDS = 0;
|
|
4548
4503
|
var CacheManager = /** @class */ (function () {
|
|
4549
|
-
function CacheManager(cache,
|
|
4504
|
+
function CacheManager(cache, keyManifest) {
|
|
4550
4505
|
this.cache = cache;
|
|
4551
|
-
|
|
4552
|
-
// use a built-in key manifest.
|
|
4553
|
-
if (!cache.allKeys) {
|
|
4554
|
-
this.keyManifest = new CacheKeyManifest(this.cache, clientId);
|
|
4555
|
-
}
|
|
4506
|
+
this.keyManifest = keyManifest;
|
|
4556
4507
|
}
|
|
4557
4508
|
CacheManager.prototype.get = function (cacheKey, expiryAdjustmentSeconds) {
|
|
4558
4509
|
var _a;
|
|
@@ -4626,7 +4577,7 @@
|
|
|
4626
4577
|
});
|
|
4627
4578
|
});
|
|
4628
4579
|
};
|
|
4629
|
-
CacheManager.prototype.clear = function () {
|
|
4580
|
+
CacheManager.prototype.clear = function (clientId) {
|
|
4630
4581
|
var _a;
|
|
4631
4582
|
return __awaiter(this, void 0, void 0, function () {
|
|
4632
4583
|
var keys;
|
|
@@ -4639,18 +4590,25 @@
|
|
|
4639
4590
|
/* istanbul ignore next */
|
|
4640
4591
|
if (!keys)
|
|
4641
4592
|
return [2 /*return*/];
|
|
4642
|
-
|
|
4643
|
-
|
|
4644
|
-
|
|
4645
|
-
|
|
4646
|
-
|
|
4647
|
-
|
|
4648
|
-
|
|
4649
|
-
|
|
4650
|
-
|
|
4651
|
-
|
|
4652
|
-
|
|
4593
|
+
return [4 /*yield*/, keys
|
|
4594
|
+
.filter(function (key) { return (clientId ? key.includes(clientId) : true); })
|
|
4595
|
+
.reduce(function (memo, key) { return __awaiter(_this, void 0, void 0, function () {
|
|
4596
|
+
return __generator(this, function (_a) {
|
|
4597
|
+
switch (_a.label) {
|
|
4598
|
+
case 0: return [4 /*yield*/, memo];
|
|
4599
|
+
case 1:
|
|
4600
|
+
_a.sent();
|
|
4601
|
+
return [4 /*yield*/, this.cache.remove(key)];
|
|
4602
|
+
case 2:
|
|
4603
|
+
_a.sent();
|
|
4604
|
+
return [2 /*return*/];
|
|
4605
|
+
}
|
|
4606
|
+
});
|
|
4607
|
+
}); }, Promise.resolve())];
|
|
4653
4608
|
case 2:
|
|
4609
|
+
_b.sent();
|
|
4610
|
+
return [4 /*yield*/, ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.clear())];
|
|
4611
|
+
case 3:
|
|
4654
4612
|
_b.sent();
|
|
4655
4613
|
return [2 /*return*/];
|
|
4656
4614
|
}
|
|
@@ -4660,13 +4618,15 @@
|
|
|
4660
4618
|
/**
|
|
4661
4619
|
* Note: only call this if you're sure one of our internal (synchronous) caches are being used.
|
|
4662
4620
|
*/
|
|
4663
|
-
CacheManager.prototype.clearSync = function () {
|
|
4621
|
+
CacheManager.prototype.clearSync = function (clientId) {
|
|
4664
4622
|
var _this = this;
|
|
4665
4623
|
var keys = this.cache.allKeys();
|
|
4666
4624
|
/* istanbul ignore next */
|
|
4667
4625
|
if (!keys)
|
|
4668
4626
|
return;
|
|
4669
|
-
keys
|
|
4627
|
+
keys
|
|
4628
|
+
.filter(function (key) { return (clientId ? key.includes(clientId) : true); })
|
|
4629
|
+
.forEach(function (key) {
|
|
4670
4630
|
_this.cache.remove(key);
|
|
4671
4631
|
});
|
|
4672
4632
|
};
|
|
@@ -4727,15 +4687,17 @@
|
|
|
4727
4687
|
return CacheManager;
|
|
4728
4688
|
}());
|
|
4729
4689
|
|
|
4730
|
-
var
|
|
4690
|
+
var TRANSACTION_STORAGE_KEY_PREFIX = 'a0.spajs.txs';
|
|
4731
4691
|
var TransactionManager = /** @class */ (function () {
|
|
4732
|
-
function TransactionManager(storage) {
|
|
4692
|
+
function TransactionManager(storage, clientId) {
|
|
4733
4693
|
this.storage = storage;
|
|
4734
|
-
this.
|
|
4694
|
+
this.clientId = clientId;
|
|
4695
|
+
this.storageKey = TRANSACTION_STORAGE_KEY_PREFIX + "." + clientId;
|
|
4696
|
+
this.transaction = this.storage.get(this.storageKey);
|
|
4735
4697
|
}
|
|
4736
4698
|
TransactionManager.prototype.create = function (transaction) {
|
|
4737
4699
|
this.transaction = transaction;
|
|
4738
|
-
this.storage.save(
|
|
4700
|
+
this.storage.save(this.storageKey, transaction, {
|
|
4739
4701
|
daysUntilExpire: 1
|
|
4740
4702
|
});
|
|
4741
4703
|
};
|
|
@@ -4744,7 +4706,7 @@
|
|
|
4744
4706
|
};
|
|
4745
4707
|
TransactionManager.prototype.remove = function () {
|
|
4746
4708
|
delete this.transaction;
|
|
4747
|
-
this.storage.remove(
|
|
4709
|
+
this.storage.remove(this.storageKey);
|
|
4748
4710
|
};
|
|
4749
4711
|
return TransactionManager;
|
|
4750
4712
|
}());
|
|
@@ -4999,7 +4961,9 @@
|
|
|
4999
4961
|
sameSite: 'none'
|
|
5000
4962
|
};
|
|
5001
4963
|
}
|
|
5002
|
-
|
|
4964
|
+
if (options === null || options === void 0 ? void 0 : options.daysUntilExpire) {
|
|
4965
|
+
cookieAttributes.expires = options.daysUntilExpire;
|
|
4966
|
+
}
|
|
5003
4967
|
esCookie_5(key, JSON.stringify(value), cookieAttributes);
|
|
5004
4968
|
},
|
|
5005
4969
|
remove: function (key) {
|
|
@@ -5027,7 +4991,9 @@
|
|
|
5027
4991
|
if ('https:' === window.location.protocol) {
|
|
5028
4992
|
cookieAttributes = { secure: true };
|
|
5029
4993
|
}
|
|
5030
|
-
|
|
4994
|
+
if (options === null || options === void 0 ? void 0 : options.daysUntilExpire) {
|
|
4995
|
+
cookieAttributes.expires = options.daysUntilExpire;
|
|
4996
|
+
}
|
|
5031
4997
|
esCookie_5("" + LEGACY_PREFIX + key, JSON.stringify(value), cookieAttributes);
|
|
5032
4998
|
CookieStorage.save(key, value, options);
|
|
5033
4999
|
},
|
|
@@ -5041,6 +5007,7 @@
|
|
|
5041
5007
|
*/
|
|
5042
5008
|
var SessionStorage = {
|
|
5043
5009
|
get: function (key) {
|
|
5010
|
+
/* istanbul ignore next */
|
|
5044
5011
|
if (typeof sessionStorage === 'undefined') {
|
|
5045
5012
|
return;
|
|
5046
5013
|
}
|
|
@@ -5131,6 +5098,67 @@
|
|
|
5131
5098
|
});
|
|
5132
5099
|
};
|
|
5133
5100
|
|
|
5101
|
+
var CacheKeyManifest = /** @class */ (function () {
|
|
5102
|
+
function CacheKeyManifest(cache, clientId) {
|
|
5103
|
+
this.cache = cache;
|
|
5104
|
+
this.clientId = clientId;
|
|
5105
|
+
this.manifestKey = this.createManifestKeyFrom(this.clientId);
|
|
5106
|
+
}
|
|
5107
|
+
CacheKeyManifest.prototype.add = function (key) {
|
|
5108
|
+
var _a;
|
|
5109
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
5110
|
+
var keys, _b;
|
|
5111
|
+
return __generator(this, function (_c) {
|
|
5112
|
+
switch (_c.label) {
|
|
5113
|
+
case 0:
|
|
5114
|
+
_b = Set.bind;
|
|
5115
|
+
return [4 /*yield*/, this.cache.get(this.manifestKey)];
|
|
5116
|
+
case 1:
|
|
5117
|
+
keys = new (_b.apply(Set, [void 0, ((_a = (_c.sent())) === null || _a === void 0 ? void 0 : _a.keys) || []]))();
|
|
5118
|
+
keys.add(key);
|
|
5119
|
+
return [4 /*yield*/, this.cache.set(this.manifestKey, {
|
|
5120
|
+
keys: __spreadArray([], __read(keys))
|
|
5121
|
+
})];
|
|
5122
|
+
case 2:
|
|
5123
|
+
_c.sent();
|
|
5124
|
+
return [2 /*return*/];
|
|
5125
|
+
}
|
|
5126
|
+
});
|
|
5127
|
+
});
|
|
5128
|
+
};
|
|
5129
|
+
CacheKeyManifest.prototype.remove = function (key) {
|
|
5130
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
5131
|
+
var entry, keys;
|
|
5132
|
+
return __generator(this, function (_a) {
|
|
5133
|
+
switch (_a.label) {
|
|
5134
|
+
case 0: return [4 /*yield*/, this.cache.get(this.manifestKey)];
|
|
5135
|
+
case 1:
|
|
5136
|
+
entry = _a.sent();
|
|
5137
|
+
if (!entry) return [3 /*break*/, 5];
|
|
5138
|
+
keys = new Set(entry.keys);
|
|
5139
|
+
keys.delete(key);
|
|
5140
|
+
if (!(keys.size > 0)) return [3 /*break*/, 3];
|
|
5141
|
+
return [4 /*yield*/, this.cache.set(this.manifestKey, { keys: __spreadArray([], __read(keys)) })];
|
|
5142
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
5143
|
+
case 3: return [4 /*yield*/, this.cache.remove(this.manifestKey)];
|
|
5144
|
+
case 4: return [2 /*return*/, _a.sent()];
|
|
5145
|
+
case 5: return [2 /*return*/];
|
|
5146
|
+
}
|
|
5147
|
+
});
|
|
5148
|
+
});
|
|
5149
|
+
};
|
|
5150
|
+
CacheKeyManifest.prototype.get = function () {
|
|
5151
|
+
return this.cache.get(this.manifestKey);
|
|
5152
|
+
};
|
|
5153
|
+
CacheKeyManifest.prototype.clear = function () {
|
|
5154
|
+
return this.cache.remove(this.manifestKey);
|
|
5155
|
+
};
|
|
5156
|
+
CacheKeyManifest.prototype.createManifestKeyFrom = function (clientId) {
|
|
5157
|
+
return CACHE_KEY_PREFIX + "::" + clientId;
|
|
5158
|
+
};
|
|
5159
|
+
return CacheKeyManifest;
|
|
5160
|
+
}());
|
|
5161
|
+
|
|
5134
5162
|
/**
|
|
5135
5163
|
* @ignore
|
|
5136
5164
|
*/
|
|
@@ -5139,6 +5167,22 @@
|
|
|
5139
5167
|
* @ignore
|
|
5140
5168
|
*/
|
|
5141
5169
|
var GET_TOKEN_SILENTLY_LOCK_KEY = 'auth0.lock.getTokenSilently';
|
|
5170
|
+
/**
|
|
5171
|
+
* @ignore
|
|
5172
|
+
*/
|
|
5173
|
+
var buildOrganizationHintCookieName = function (clientId) {
|
|
5174
|
+
return "auth0." + clientId + ".organization_hint";
|
|
5175
|
+
};
|
|
5176
|
+
/**
|
|
5177
|
+
* @ignore
|
|
5178
|
+
*/
|
|
5179
|
+
var OLD_IS_AUTHENTICATED_COOKIE_NAME = 'auth0.is.authenticated';
|
|
5180
|
+
/**
|
|
5181
|
+
* @ignore
|
|
5182
|
+
*/
|
|
5183
|
+
var buildIsAuthenticatedCookieName = function (clientId) {
|
|
5184
|
+
return "auth0." + clientId + ".is.authenticated";
|
|
5185
|
+
};
|
|
5142
5186
|
/**
|
|
5143
5187
|
* @ignore
|
|
5144
5188
|
*/
|
|
@@ -5207,14 +5251,18 @@
|
|
|
5207
5251
|
options.legacySameSiteCookie === false
|
|
5208
5252
|
? CookieStorage
|
|
5209
5253
|
: CookieStorageWithLegacySameSite;
|
|
5254
|
+
this.orgHintCookieName = buildOrganizationHintCookieName(this.options.client_id);
|
|
5255
|
+
this.isAuthenticatedCookieName = buildIsAuthenticatedCookieName(this.options.client_id);
|
|
5210
5256
|
this.sessionCheckExpiryDays =
|
|
5211
5257
|
options.sessionCheckExpiryDays || DEFAULT_SESSION_CHECK_EXPIRY_DAYS;
|
|
5212
5258
|
var transactionStorage = options.useCookiesForTransactions
|
|
5213
5259
|
? this.cookieStorage
|
|
5214
5260
|
: SessionStorage;
|
|
5215
5261
|
this.scope = this.options.scope;
|
|
5216
|
-
this.transactionManager = new TransactionManager(transactionStorage);
|
|
5217
|
-
this.cacheManager = new CacheManager(cache,
|
|
5262
|
+
this.transactionManager = new TransactionManager(transactionStorage, this.options.client_id);
|
|
5263
|
+
this.cacheManager = new CacheManager(cache, !cache.allKeys
|
|
5264
|
+
? new CacheKeyManifest(cache, this.options.client_id)
|
|
5265
|
+
: null);
|
|
5218
5266
|
this.domainUrl = getDomain(this.options.domain);
|
|
5219
5267
|
this.tokenIssuer = getTokenIssuer(this.options.issuer, this.domainUrl);
|
|
5220
5268
|
this.defaultScope = getUniqueScopes('openid', ((_b = (_a = this.options) === null || _a === void 0 ? void 0 : _a.advancedOptions) === null || _b === void 0 ? void 0 : _b.defaultScope) !== undefined
|
|
@@ -5264,6 +5312,14 @@
|
|
|
5264
5312
|
}
|
|
5265
5313
|
return parseInt(value, 10) || undefined;
|
|
5266
5314
|
};
|
|
5315
|
+
Auth0Client.prototype._processOrgIdHint = function (organizationId) {
|
|
5316
|
+
if (organizationId) {
|
|
5317
|
+
this.cookieStorage.save(this.orgHintCookieName, organizationId);
|
|
5318
|
+
}
|
|
5319
|
+
else {
|
|
5320
|
+
this.cookieStorage.remove(this.orgHintCookieName);
|
|
5321
|
+
}
|
|
5322
|
+
};
|
|
5267
5323
|
/**
|
|
5268
5324
|
* ```js
|
|
5269
5325
|
* await auth0.buildAuthorizeUrl(options);
|
|
@@ -5373,9 +5429,10 @@
|
|
|
5373
5429
|
return [4 /*yield*/, this.cacheManager.set(cacheEntry)];
|
|
5374
5430
|
case 4:
|
|
5375
5431
|
_a.sent();
|
|
5376
|
-
this.cookieStorage.save(
|
|
5432
|
+
this.cookieStorage.save(this.isAuthenticatedCookieName, true, {
|
|
5377
5433
|
daysUntilExpire: this.sessionCheckExpiryDays
|
|
5378
5434
|
});
|
|
5435
|
+
this._processOrgIdHint(decodedToken.claims.org_id);
|
|
5379
5436
|
return [2 /*return*/];
|
|
5380
5437
|
}
|
|
5381
5438
|
});
|
|
@@ -5530,9 +5587,10 @@
|
|
|
5530
5587
|
return [4 /*yield*/, this.cacheManager.set(cacheEntry)];
|
|
5531
5588
|
case 2:
|
|
5532
5589
|
_b.sent();
|
|
5533
|
-
this.cookieStorage.save(
|
|
5590
|
+
this.cookieStorage.save(this.isAuthenticatedCookieName, true, {
|
|
5534
5591
|
daysUntilExpire: this.sessionCheckExpiryDays
|
|
5535
5592
|
});
|
|
5593
|
+
this._processOrgIdHint(decodedToken.claims.org_id);
|
|
5536
5594
|
return [2 /*return*/, {
|
|
5537
5595
|
appState: transaction.appState
|
|
5538
5596
|
}];
|
|
@@ -5549,7 +5607,7 @@
|
|
|
5549
5607
|
* with `getTokenSilently` is that this doesn't return a token, but it will
|
|
5550
5608
|
* pre-fill the token cache.
|
|
5551
5609
|
*
|
|
5552
|
-
* This method also heeds the `auth0.is.authenticated` cookie, as an optimization
|
|
5610
|
+
* This method also heeds the `auth0.{clientId}.is.authenticated` cookie, as an optimization
|
|
5553
5611
|
* to prevent calling Auth0 unnecessarily. If the cookie is not present because
|
|
5554
5612
|
* there was no previous login (or it has expired) then tokens will not be refreshed.
|
|
5555
5613
|
*
|
|
@@ -5565,8 +5623,17 @@
|
|
|
5565
5623
|
return __generator(this, function (_a) {
|
|
5566
5624
|
switch (_a.label) {
|
|
5567
5625
|
case 0:
|
|
5568
|
-
if (!this.cookieStorage.get(
|
|
5569
|
-
|
|
5626
|
+
if (!this.cookieStorage.get(this.isAuthenticatedCookieName)) {
|
|
5627
|
+
if (!this.cookieStorage.get(OLD_IS_AUTHENTICATED_COOKIE_NAME)) {
|
|
5628
|
+
return [2 /*return*/];
|
|
5629
|
+
}
|
|
5630
|
+
else {
|
|
5631
|
+
// Migrate the existing cookie to the new name scoped by client ID
|
|
5632
|
+
this.cookieStorage.save(this.isAuthenticatedCookieName, true, {
|
|
5633
|
+
daysUntilExpire: this.sessionCheckExpiryDays
|
|
5634
|
+
});
|
|
5635
|
+
this.cookieStorage.remove(OLD_IS_AUTHENTICATED_COOKIE_NAME);
|
|
5636
|
+
}
|
|
5570
5637
|
}
|
|
5571
5638
|
_a.label = 1;
|
|
5572
5639
|
case 1:
|
|
@@ -5687,7 +5754,7 @@
|
|
|
5687
5754
|
return [4 /*yield*/, this.cacheManager.set(__assign({ client_id: this.options.client_id }, authResult))];
|
|
5688
5755
|
case 11:
|
|
5689
5756
|
_b.sent();
|
|
5690
|
-
this.cookieStorage.save(
|
|
5757
|
+
this.cookieStorage.save(this.isAuthenticatedCookieName, true, {
|
|
5691
5758
|
daysUntilExpire: this.sessionCheckExpiryDays
|
|
5692
5759
|
});
|
|
5693
5760
|
return [2 /*return*/, authResult.access_token];
|
|
@@ -5809,7 +5876,8 @@
|
|
|
5809
5876
|
throw new Error('It is invalid to set both the `federated` and `localOnly` options to `true`');
|
|
5810
5877
|
}
|
|
5811
5878
|
var postCacheClear = function () {
|
|
5812
|
-
_this.cookieStorage.remove(
|
|
5879
|
+
_this.cookieStorage.remove(_this.orgHintCookieName);
|
|
5880
|
+
_this.cookieStorage.remove(_this.isAuthenticatedCookieName);
|
|
5813
5881
|
if (localOnly) {
|
|
5814
5882
|
return;
|
|
5815
5883
|
}
|
|
@@ -5826,7 +5894,7 @@
|
|
|
5826
5894
|
};
|
|
5827
5895
|
Auth0Client.prototype._getTokenFromIFrame = function (options) {
|
|
5828
5896
|
return __awaiter(this, void 0, void 0, function () {
|
|
5829
|
-
var stateIn, nonceIn, code_verifier, code_challengeBuffer, code_challenge, params, url, timeout, codeResult, scope, audience, customOptions, tokenResult, decodedToken, e_1;
|
|
5897
|
+
var stateIn, nonceIn, code_verifier, code_challengeBuffer, code_challenge, params, orgIdHint, url, timeout, codeResult, scope, audience, customOptions, tokenResult, decodedToken, e_1;
|
|
5830
5898
|
return __generator(this, function (_a) {
|
|
5831
5899
|
switch (_a.label) {
|
|
5832
5900
|
case 0:
|
|
@@ -5840,11 +5908,21 @@
|
|
|
5840
5908
|
params = this._getParams(options, stateIn, nonceIn, code_challenge, options.redirect_uri ||
|
|
5841
5909
|
this.options.redirect_uri ||
|
|
5842
5910
|
window.location.origin);
|
|
5911
|
+
orgIdHint = this.cookieStorage.get(this.orgHintCookieName);
|
|
5912
|
+
if (orgIdHint && !params.organization) {
|
|
5913
|
+
params.organization = orgIdHint;
|
|
5914
|
+
}
|
|
5843
5915
|
url = this._authorizeUrl(__assign(__assign({}, params), { prompt: 'none', response_mode: 'web_message' }));
|
|
5844
5916
|
timeout = options.timeoutInSeconds || this.options.authorizeTimeoutInSeconds;
|
|
5845
5917
|
_a.label = 2;
|
|
5846
5918
|
case 2:
|
|
5847
5919
|
_a.trys.push([2, 5, , 6]);
|
|
5920
|
+
// When a browser is running in a Cross-Origin Isolated context, using iframes is not possible.
|
|
5921
|
+
// It doesn't throw an error but times out instead, so we should exit early and inform the user about the reason.
|
|
5922
|
+
// https://developer.mozilla.org/en-US/docs/Web/API/crossOriginIsolated
|
|
5923
|
+
if (window.crossOriginIsolated) {
|
|
5924
|
+
throw new GenericError('login_required', 'The application is running in a Cross-Origin Isolated context, silently retrieving a token without refresh token is not possible.');
|
|
5925
|
+
}
|
|
5848
5926
|
return [4 /*yield*/, runIframe(url, this.domainUrl, timeout)];
|
|
5849
5927
|
case 3:
|
|
5850
5928
|
codeResult = _a.sent();
|
|
@@ -5856,6 +5934,7 @@
|
|
|
5856
5934
|
case 4:
|
|
5857
5935
|
tokenResult = _a.sent();
|
|
5858
5936
|
decodedToken = this._verifyIdToken(tokenResult.id_token, nonceIn);
|
|
5937
|
+
this._processOrgIdHint(decodedToken.claims.org_id);
|
|
5859
5938
|
return [2 /*return*/, __assign(__assign({}, tokenResult), { decodedToken: decodedToken, scope: params.scope, audience: params.audience || 'default' })];
|
|
5860
5939
|
case 5:
|
|
5861
5940
|
e_1 = _a.sent();
|
|
@@ -5953,7 +6032,8 @@
|
|
|
5953
6032
|
wrapper.GenericError = GenericError;
|
|
5954
6033
|
wrapper.AuthenticationError = AuthenticationError;
|
|
5955
6034
|
wrapper.TimeoutError = TimeoutError;
|
|
5956
|
-
wrapper.PopupTimeoutError = PopupTimeoutError;
|
|
6035
|
+
wrapper.PopupTimeoutError = PopupTimeoutError;
|
|
6036
|
+
wrapper.MfaRequiredError = MfaRequiredError;
|
|
5957
6037
|
|
|
5958
6038
|
return wrapper;
|
|
5959
6039
|
|