npm - @auth0/auth0-spa-js - Versions diffs - 1.19.3 → 1.20.1 - Mend

@auth0/auth0-spa-js 1.19.3 → 1.20.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/README.md +2 -2
package/dist/auth0-spa-js.development.js +201 -105
package/dist/auth0-spa-js.development.js.map +1 -1
package/dist/auth0-spa-js.production.esm.js +1 -1
package/dist/auth0-spa-js.production.esm.js.map +1 -1
package/dist/auth0-spa-js.production.js +1 -1
package/dist/auth0-spa-js.production.js.map +1 -1
package/dist/lib/auth0-spa-js.cjs.js +201 -105
package/dist/lib/auth0-spa-js.cjs.js.map +1 -1
package/dist/typings/Auth0Client.d.ts +13 -12
package/dist/typings/global.d.ts +4 -0
package/dist/typings/version.d.ts +1 -1
package/package.json +2 -2
package/src/Auth0Client.ts +46 -27
package/src/cache/cache-manager.ts +4 -1
package/src/global.ts +5 -0
package/src/http.ts +2 -0
package/src/version.ts +1 -1

package/dist/typings/Auth0Client.d.ts CHANGED Viewed

@@ -4,18 +4,19 @@ import { Auth0ClientOptions, RedirectLoginOptions, PopupLoginOptions, PopupConfi
  */
 export default class Auth0Client {
     private options;
-    private transactionManager;
-    private cacheManager;
-    private customOptions;
-    private domainUrl;
-    private tokenIssuer;
-    private defaultScope;
-    private scope;
-    private cookieStorage;
-    private sessionCheckExpiryDays;
-    private orgHintCookieName;
-    private isAuthenticatedCookieName;
-    private nowProvider;
+    private readonly transactionManager;
+    private readonly cacheManager;
+    private readonly customOptions;
+    private readonly domainUrl;
+    private readonly tokenIssuer;
+    private readonly defaultScope;
+    private readonly scope;
+    private readonly cookieStorage;
+    private readonly sessionCheckExpiryDays;
+    private readonly orgHintCookieName;
+    private readonly isAuthenticatedCookieName;
+    private readonly nowProvider;
+    private readonly httpTimeoutMs;
     cacheLocation: CacheLocation;
     private worker;
     constructor(options: Auth0ClientOptions);

package/dist/typings/global.d.ts CHANGED Viewed

@@ -143,6 +143,10 @@ export interface Auth0ClientOptions extends BaseLoginOptions {
      * Defaults to 60s.
      */
     authorizeTimeoutInSeconds?: number;
+    /**
+     * Specify the timeout for HTTP calls using `fetch`. The default is 10 seconds.
+     */
+    httpTimeoutInSeconds?: number;
     /**
      * Internal property to send information about the client to the authorization server.
      * @internal

package/dist/typings/version.d.ts CHANGED Viewed

@@ -1,2 +1,2 @@
-declare const _default: "1.19.3";
+declare const _default: "1.20.1";
 export default _default;

package/package.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "name": "@auth0/auth0-spa-js",
   "description": "Auth0 SDK for Single Page Applications using Authorization Code Grant Flow with PKCE",
   "license": "MIT",
-  "version": "1.19.3",
+  "version": "1.20.1",
   "main": "dist/lib/auth0-spa-js.cjs.js",
   "types": "dist/typings/index.d.ts",
   "module": "dist/auth0-spa-js.production.esm.js",
@@ -81,7 +81,7 @@
   "dependencies": {
     "abortcontroller-polyfill": "^1.7.3",
     "browser-tabs-lock": "^1.2.15",
-    "core-js": "^3.19.0",
+    "core-js": "^3.20.3",
     "es-cookie": "^1.3.2",
     "fast-text-encoding": "^1.0.3",
     "promise-polyfill": "^8.2.1",

package/src/Auth0Client.ts CHANGED Viewed

@@ -46,7 +46,8 @@ import {
   DEFAULT_SESSION_CHECK_EXPIRY_DAYS,
   DEFAULT_AUTH0_CLIENT,
   INVALID_REFRESH_TOKEN_ERROR_MESSAGE,
-  DEFAULT_NOW_PROVIDER
+  DEFAULT_NOW_PROVIDER,
+  DEFAULT_FETCH_TIMEOUT_MS
 } from './constants';
 import {
@@ -188,18 +189,19 @@ const getCustomInitialOptions = (
  * Auth0 SDK for Single Page Applications using [Authorization Code Grant Flow with PKCE](https://auth0.com/docs/api-auth/tutorials/authorization-code-grant-pkce).
  */
 export default class Auth0Client {
-  private transactionManager: TransactionManager;
-  private cacheManager: CacheManager;
-  private customOptions: BaseLoginOptions;
-  private domainUrl: string;
-  private tokenIssuer: string;
-  private defaultScope: string;
-  private scope: string;
-  private cookieStorage: ClientStorage;
-  private sessionCheckExpiryDays: number;
-  private orgHintCookieName: string;
-  private isAuthenticatedCookieName: string;
-  private nowProvider: () => number | Promise<number>;
+  private readonly transactionManager: TransactionManager;
+  private readonly cacheManager: CacheManager;
+  private readonly customOptions: BaseLoginOptions;
+  private readonly domainUrl: string;
+  private readonly tokenIssuer: string;
+  private readonly defaultScope: string;
+  private readonly scope: string;
+  private readonly cookieStorage: ClientStorage;
+  private readonly sessionCheckExpiryDays: number;
+  private readonly orgHintCookieName: string;
+  private readonly isAuthenticatedCookieName: string;
+  private readonly nowProvider: () => number | Promise<number>;
+  private readonly httpTimeoutMs: number;
   cacheLocation: CacheLocation;
   private worker: Worker;
@@ -227,6 +229,10 @@ export default class Auth0Client {
       cache = cacheFactory(this.cacheLocation)();
     }
+    this.httpTimeoutMs = options.httpTimeoutInSeconds
+      ? options.httpTimeoutInSeconds * 1000
+      : DEFAULT_FETCH_TIMEOUT_MS;
     this.cookieStorage =
       options.legacySameSiteCookie === false
         ? CookieStorage
@@ -326,6 +332,7 @@ export default class Auth0Client {
       sessionCheckExpiryDays,
       domain,
       leeway,
+      httpTimeoutInSeconds,
       ...loginOptions
     } = this.options;
@@ -379,7 +386,9 @@ export default class Auth0Client {
   private _processOrgIdHint(organizationId?: string) {
     if (organizationId) {
-      this.cookieStorage.save(this.orgHintCookieName, organizationId);
+      this.cookieStorage.save(this.orgHintCookieName, organizationId, {
+        daysUntilExpire: this.sessionCheckExpiryDays
+      });
     } else {
       this.cookieStorage.remove(this.orgHintCookieName);
     }
@@ -512,7 +521,8 @@ export default class Auth0Client {
         grant_type: 'authorization_code',
         redirect_uri: params.redirect_uri,
         auth0Client: this.options.auth0Client,
-        useFormData: this.options.useFormData
+        useFormData: this.options.useFormData,
+        timeout: this.httpTimeoutMs
       } as OAuthTokenOptions,
       this.worker
     );
@@ -676,7 +686,8 @@ export default class Auth0Client {
       grant_type: 'authorization_code',
       code,
       auth0Client: this.options.auth0Client,
-      useFormData: this.options.useFormData
+      useFormData: this.options.useFormData,
+      timeout: this.httpTimeoutMs
     } as OAuthTokenOptions;
     // some old versions of the SDK might not have added redirect_uri to the
     // transaction, we dont want the key to be set to undefined.
@@ -785,11 +796,17 @@ export default class Auth0Client {
    * const token = await auth0.getTokenSilently(options);
    * ```
    *
-   * If there's a valid token stored, return it. Otherwise, opens an
-   * iframe with the `/authorize` URL using the parameters provided
-   * as arguments. Random and secure `state` and `nonce` parameters
-   * will be auto-generated. If the response is successful, results
-   * will be valid according to their expiration times.
+   * If there's a valid token stored and it has more than 60 seconds
+   * remaining before expiration, return the token. Otherwise, attempt
+   * to obtain a new token.
+   *
+   * A new token will be obtained either by opening an iframe or a
+   * refresh token (if `useRefreshTokens` is `true`)
+   * If iframes are used, opens an iframe with the `/authorize` URL
+   * using the parameters provided as arguments. Random and secure `state`
+   * and `nonce` parameters will be auto-generated. If the response is successful,
+   * results will be validated according to their expiration times.
    *
    * If refresh tokens are used, the token endpoint is called directly with the
    * 'refresh_token' grant. If no refresh token is available to make this call,
@@ -1061,9 +1078,6 @@ export default class Auth0Client {
       response_mode: 'web_message'
     });
-    const timeout =
-      options.timeoutInSeconds || this.options.authorizeTimeoutInSeconds;
     try {
       // When a browser is running in a Cross-Origin Isolated context, using iframes is not possible.
       // It doesn't throw an error but times out instead, so we should exit early and inform the user about the reason.
@@ -1075,7 +1089,10 @@ export default class Auth0Client {
         );
       }
-      const codeResult = await runIframe(url, this.domainUrl, timeout);
+      const authorizeTimeout =
+        options.timeoutInSeconds || this.options.authorizeTimeoutInSeconds;
+      const codeResult = await runIframe(url, this.domainUrl, authorizeTimeout);
       if (stateIn !== codeResult.state) {
         throw new Error('Invalid state');
@@ -1104,7 +1121,8 @@ export default class Auth0Client {
           grant_type: 'authorization_code',
           redirect_uri: params.redirect_uri,
           auth0Client: this.options.auth0Client,
-          useFormData: this.options.useFormData
+          useFormData: this.options.useFormData,
+          timeout: customOptions.timeout || this.httpTimeoutMs
         } as OAuthTokenOptions,
         this.worker
       );
@@ -1192,7 +1210,8 @@ export default class Auth0Client {
           redirect_uri,
           ...(timeout && { timeout }),
           auth0Client: this.options.auth0Client,
-          useFormData: this.options.useFormData
+          useFormData: this.options.useFormData,
+          timeout: this.httpTimeoutMs
         } as RefreshTokenOptions,
         this.worker
       );

package/src/cache/cache-manager.ts CHANGED Viewed

@@ -34,7 +34,10 @@ export class CacheManager {
       if (!keys) return;
       const matchedKey = this.matchExistingCacheKey(cacheKey, keys);
-      wrappedEntry = await this.cache.get<WrappedCacheEntry>(matchedKey);
+      if (matchedKey) {
+        wrappedEntry = await this.cache.get<WrappedCacheEntry>(matchedKey);
+      }
     }
     // If we still don't have an entry, exit.

package/src/global.ts CHANGED Viewed

@@ -164,6 +164,11 @@ export interface Auth0ClientOptions extends BaseLoginOptions {
    */
   authorizeTimeoutInSeconds?: number;
+  /**
+   * Specify the timeout for HTTP calls using `fetch`. The default is 10 seconds.
+   */
+  httpTimeoutInSeconds?: number;
   /**
    * Internal property to send information about the client to the authorization server.
    * @internal

package/src/http.ts CHANGED Viewed

@@ -13,6 +13,7 @@ export const createAbortController = () => new AbortController();
 const dofetch = async (fetchUrl: string, fetchOptions: FetchOptions) => {
   const response = await fetch(fetchUrl, fetchOptions);
   return {
     ok: response.ok,
     json: await response.json()
@@ -32,6 +33,7 @@ const fetchWithoutWorker = async (
   // The promise will resolve with one of these two promises (the fetch or the timeout), whichever completes first.
   return Promise.race([
     dofetch(fetchUrl, fetchOptions),
     new Promise((_, reject) => {
       timeoutId = setTimeout(() => {
         controller.abort();

package/src/version.ts CHANGED Viewed

	@@ -1 +1 @@
1	- export default '1.19.3';
1	+ export default '1.20.1';