@auth0/auth0-spa-js 2.0.0-beta.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. package/README.md +45 -303
  2. package/dist/auth0-spa-js.development.js +73 -70
  3. package/dist/auth0-spa-js.development.js.map +1 -1
  4. package/dist/auth0-spa-js.production.esm.js +1 -1
  5. package/dist/auth0-spa-js.production.esm.js.map +1 -1
  6. package/dist/auth0-spa-js.production.js +1 -1
  7. package/dist/auth0-spa-js.production.js.map +1 -1
  8. package/dist/lib/auth0-spa-js.cjs.js +73 -70
  9. package/dist/lib/auth0-spa-js.cjs.js.map +1 -1
  10. package/dist/typings/Auth0Client.d.ts +3 -4
  11. package/dist/typings/Auth0Client.utils.d.ts +3 -1
  12. package/dist/typings/cache/cache-localstorage.d.ts +2 -2
  13. package/dist/typings/cache/cache-manager.d.ts +2 -2
  14. package/dist/typings/cache/key-manifest.d.ts +1 -1
  15. package/dist/typings/cache/shared.d.ts +3 -3
  16. package/dist/typings/global.d.ts +1 -1
  17. package/dist/typings/http.d.ts +1 -1
  18. package/dist/typings/promise-utils.d.ts +1 -1
  19. package/dist/typings/scope.d.ts +1 -1
  20. package/dist/typings/transaction-manager.d.ts +1 -1
  21. package/dist/typings/utils.d.ts +3 -3
  22. package/dist/typings/version.d.ts +1 -1
  23. package/dist/typings/worker/worker.types.d.ts +3 -3
  24. package/package.json +2 -2
  25. package/src/Auth0Client.ts +77 -82
  26. package/src/Auth0Client.utils.ts +8 -6
  27. package/src/cache/cache-localstorage.ts +2 -2
  28. package/src/cache/cache-manager.ts +18 -6
  29. package/src/cache/cache-memory.ts +2 -2
  30. package/src/cache/key-manifest.ts +1 -1
  31. package/src/cache/shared.ts +2 -2
  32. package/src/global.ts +1 -1
  33. package/src/http.ts +2 -2
  34. package/src/jwt.ts +19 -15
  35. package/src/promise-utils.ts +5 -2
  36. package/src/scope.ts +2 -2
  37. package/src/storage.ts +3 -3
  38. package/src/transaction-manager.ts +1 -1
  39. package/src/utils.ts +6 -3
  40. package/src/version.ts +1 -1
  41. package/src/worker/token.worker.ts +4 -4
  42. package/src/worker/worker.types.ts +3 -3
  43. package/src/worker/worker.utils.ts +1 -0
package/dist/auth0-spa-js.development.js CHANGED
@@ -472,7 +472,7 @@
472
472
  exports.default = SuperTokensLock;
473
473
  }));
474
474
  var Lock = unwrapExports(browserTabsLock);
475
- var version = "2.0.0-beta.0";
475
+ var version = "2.0.0";
476
476
  const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;
477
477
  const DEFAULT_POPUP_CONFIG_OPTIONS = {
478
478
  timeoutInSeconds: DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS
@@ -703,6 +703,7 @@
703
703
  } else {
704
704
  resolve(event.data);
705
705
  }
706
+ messageChannel.port1.close();
706
707
  };
707
708
  to.postMessage(message, [ messageChannel.port2 ]);
708
709
  }));
@@ -782,11 +783,11 @@
782
783
  }, worker, useFormData);
783
784
  }
784
785
  const dedupe = arr => Array.from(new Set(arr));
785
- const getUniqueScopes = (...scopes) => dedupe(scopes.join(" ").trim().split(/\s+/)).join(" ");
786
+ const getUniqueScopes = (...scopes) => dedupe(scopes.filter(Boolean).join(" ").trim().split(/\s+/)).join(" ");
786
787
  const CACHE_KEY_PREFIX = "@@auth0spajs@@";
787
788
  const CACHE_KEY_ID_TOKEN_SUFFIX = "@@user@@";
788
789
  class CacheKey {
789
- constructor(data, prefix = CACHE_KEY_PREFIX, suffix = null) {
790
+ constructor(data, prefix = CACHE_KEY_PREFIX, suffix) {
790
791
  this.prefix = prefix;
791
792
  this.suffix = suffix;
792
793
  this.clientId = data.clientId;
@@ -864,8 +865,7 @@
864
865
  constructor(cache, keyManifest, nowProvider) {
865
866
  this.cache = cache;
866
867
  this.keyManifest = keyManifest;
867
- this.nowProvider = nowProvider;
868
- this.nowProvider = this.nowProvider || DEFAULT_NOW_PROVIDER;
868
+ this.nowProvider = nowProvider || DEFAULT_NOW_PROVIDER;
869
869
  }
870
870
  async setIdToken(clientId, idToken, decodedToken) {
871
871
  var _a;
@@ -883,11 +883,17 @@
883
883
  if (!entryByScope) {
884
884
  return;
885
885
  }
886
+ if (!entryByScope.id_token || !entryByScope.decodedToken) {
887
+ return;
888
+ }
886
889
  return {
887
890
  id_token: entryByScope.id_token,
888
891
  decodedToken: entryByScope.decodedToken
889
892
  };
890
893
  }
894
+ if (!entry) {
895
+ return;
896
+ }
891
897
  return {
892
898
  id_token: entry.id_token,
893
899
  decodedToken: entry.decodedToken
@@ -954,7 +960,11 @@
954
960
  }
955
961
  async getCacheKeys() {
956
962
  var _a;
957
- return this.keyManifest ? (_a = await this.keyManifest.get()) === null || _a === void 0 ? void 0 : _a.keys : await this.cache.allKeys();
963
+ if (this.keyManifest) {
964
+ return (_a = await this.keyManifest.get()) === null || _a === void 0 ? void 0 : _a.keys;
965
+ } else if (this.cache.allKeys) {
966
+ return this.cache.allKeys();
967
+ }
958
968
  }
959
969
  getIdTokenCacheKey(clientId) {
960
970
  return new CacheKey({
@@ -1070,7 +1080,7 @@
1070
1080
  if (options.max_age && !isNumber(decoded.claims.auth_time)) {
1071
1081
  throw new Error("Authentication Time (auth_time) claim must be a number present in the ID token when Max Age (max_age) is specified");
1072
1082
  }
1073
- if (!isNumber(decoded.claims.exp)) {
1083
+ if (decoded.claims.exp == null || !isNumber(decoded.claims.exp)) {
1074
1084
  throw new Error("Expiration Time (exp) claim must be a number present in the ID token");
1075
1085
  }
1076
1086
  if (!isNumber(decoded.claims.iat)) {
@@ -1079,19 +1089,23 @@
1079
1089
  const leeway = options.leeway || 60;
1080
1090
  const now = new Date(options.now || Date.now());
1081
1091
  const expDate = new Date(0);
1082
- const nbfDate = new Date(0);
1083
- const authTimeDate = new Date(0);
1084
- authTimeDate.setUTCSeconds(parseInt(decoded.claims.auth_time) + options.max_age + leeway);
1085
1092
  expDate.setUTCSeconds(decoded.claims.exp + leeway);
1086
- nbfDate.setUTCSeconds(decoded.claims.nbf - leeway);
1087
1093
  if (now > expDate) {
1088
1094
  throw new Error(`Expiration Time (exp) claim error in the ID token; current time (${now}) is after expiration time (${expDate})`);
1089
1095
  }
1090
- if (isNumber(decoded.claims.nbf) && now < nbfDate) {
1091
- throw new Error(`Not Before time (nbf) claim in the ID token indicates that this token can't be used just yet. Current time (${now}) is before ${nbfDate}`);
1096
+ if (decoded.claims.nbf != null && isNumber(decoded.claims.nbf)) {
1097
+ const nbfDate = new Date(0);
1098
+ nbfDate.setUTCSeconds(decoded.claims.nbf - leeway);
1099
+ if (now < nbfDate) {
1100
+ throw new Error(`Not Before time (nbf) claim in the ID token indicates that this token can't be used just yet. Current time (${now}) is before ${nbfDate}`);
1101
+ }
1092
1102
  }
1093
- if (isNumber(decoded.claims.auth_time) && now > authTimeDate) {
1094
- throw new Error(`Authentication Time (auth_time) claim in the ID token indicates that too much time has passed since the last end-user authentication. Current time (${now}) is after last auth at ${authTimeDate}`);
1103
+ if (decoded.claims.auth_time != null && isNumber(decoded.claims.auth_time)) {
1104
+ const authTimeDate = new Date(0);
1105
+ authTimeDate.setUTCSeconds(parseInt(decoded.claims.auth_time) + options.max_age + leeway);
1106
+ if (now > authTimeDate) {
1107
+ throw new Error(`Authentication Time (auth_time) claim in the ID token indicates that too much time has passed since the last end-user authentication. Current time (${now}) is after last auth at ${authTimeDate}`);
1108
+ }
1095
1109
  }
1096
1110
  if (options.organizationId) {
1097
1111
  if (!decoded.claims.org_id) {
@@ -1252,7 +1266,7 @@
1252
1266
  return;
1253
1267
  }
1254
1268
  const value = sessionStorage.getItem(key);
1255
- if (typeof value === "undefined") {
1269
+ if (value == null) {
1256
1270
  return;
1257
1271
  }
1258
1272
  return JSON.parse(value);
@@ -1360,10 +1374,10 @@
1360
1374
  localstorage: () => new LocalStorageCache
1361
1375
  };
1362
1376
  const cacheFactory = location => cacheLocationBuilders[location];
1363
- const getAuthorizeParams = (clientOptions, scope, authorizeOptions, state, nonce, code_challenge, redirect_uri, response_mode) => Object.assign(Object.assign(Object.assign({
1377
+ const getAuthorizeParams = (clientOptions, scope, authorizationParams, state, nonce, code_challenge, redirect_uri, response_mode) => Object.assign(Object.assign(Object.assign({
1364
1378
  client_id: clientOptions.clientId
1365
- }, clientOptions.authorizationParams), authorizeOptions), {
1366
- scope: getUniqueScopes(scope, authorizeOptions === null || authorizeOptions === void 0 ? void 0 : authorizeOptions.scope),
1379
+ }, clientOptions.authorizationParams), authorizationParams), {
1380
+ scope: getUniqueScopes(scope, authorizationParams.scope),
1367
1381
  response_type: "code",
1368
1382
  response_mode: response_mode || "query",
1369
1383
  state: state,
@@ -1394,15 +1408,16 @@
1394
1408
  if (options.cache && options.cacheLocation) {
1395
1409
  console.warn("Both `cache` and `cacheLocation` options have been specified in the Auth0Client configuration; ignoring `cacheLocation` and using `cache`.");
1396
1410
  }
1411
+ let cacheLocation;
1397
1412
  let cache;
1398
1413
  if (options.cache) {
1399
1414
  cache = options.cache;
1400
1415
  } else {
1401
- this.cacheLocation = options.cacheLocation || CACHE_LOCATION_MEMORY;
1402
- if (!cacheFactory(this.cacheLocation)) {
1403
- throw new Error(`Invalid cache location "${this.cacheLocation}"`);
1416
+ cacheLocation = options.cacheLocation || CACHE_LOCATION_MEMORY;
1417
+ if (!cacheFactory(cacheLocation)) {
1418
+ throw new Error(`Invalid cache location "${cacheLocation}"`);
1404
1419
  }
1405
- cache = cacheFactory(this.cacheLocation)();
1420
+ cache = cacheFactory(cacheLocation)();
1406
1421
  }
1407
1422
  this.httpTimeoutMs = options.httpTimeoutInSeconds ? options.httpTimeoutInSeconds * 1e3 : DEFAULT_FETCH_TIMEOUT_MS;
1408
1423
  this.cookieStorage = options.legacySameSiteCookie === false ? CookieStorage : CookieStorageWithLegacySameSite;
@@ -1413,10 +1428,10 @@
1413
1428
  this.scope = getUniqueScopes("openid", this.options.authorizationParams.scope, this.options.useRefreshTokens ? "offline_access" : "");
1414
1429
  this.transactionManager = new TransactionManager(transactionStorage, this.options.clientId);
1415
1430
  this.nowProvider = this.options.nowProvider || DEFAULT_NOW_PROVIDER;
1416
- this.cacheManager = new CacheManager(cache, !cache.allKeys ? new CacheKeyManifest(cache, this.options.clientId) : null, this.nowProvider);
1431
+ this.cacheManager = new CacheManager(cache, !cache.allKeys ? new CacheKeyManifest(cache, this.options.clientId) : undefined, this.nowProvider);
1417
1432
  this.domainUrl = getDomain(this.options.domain);
1418
1433
  this.tokenIssuer = getTokenIssuer(this.options.issuer, this.domainUrl);
1419
- if (typeof window !== "undefined" && window.Worker && this.options.useRefreshTokens && this.cacheLocation === CACHE_LOCATION_MEMORY) {
1434
+ if (typeof window !== "undefined" && window.Worker && this.options.useRefreshTokens && cacheLocation === CACHE_LOCATION_MEMORY) {
1420
1435
  this.worker = new WorkerFactory;
1421
1436
  }
1422
1437
  }
@@ -1458,7 +1473,7 @@
1458
1473
  const code_verifier = createRandomString();
1459
1474
  const code_challengeBuffer = await sha256(code_verifier);
1460
1475
  const code_challenge = bufferToBase64UrlEncoded(code_challengeBuffer);
1461
- const params = getAuthorizeParams(this.options, this.scope, authorizationParams, state, nonce, code_challenge, (authorizationParams === null || authorizationParams === void 0 ? void 0 : authorizationParams.redirect_uri) || this.options.authorizationParams.redirect_uri || fallbackRedirectUri, authorizeOptions === null || authorizeOptions === void 0 ? void 0 : authorizeOptions.response_mode);
1476
+ const params = getAuthorizeParams(this.options, this.scope, authorizationParams, state, nonce, code_challenge, authorizationParams.redirect_uri || this.options.authorizationParams.redirect_uri || fallbackRedirectUri, authorizeOptions === null || authorizeOptions === void 0 ? void 0 : authorizeOptions.response_mode);
1462
1477
  const url = this._authorizeUrl(params);
1463
1478
  return {
1464
1479
  nonce: nonce,
@@ -1480,7 +1495,7 @@
1480
1495
  throw new Error("Unable to open a popup for loginWithPopup - window.open returned `null`");
1481
1496
  }
1482
1497
  }
1483
- const params = await this._prepareAuthorizeUrl(options.authorizationParams, {
1498
+ const params = await this._prepareAuthorizeUrl(options.authorizationParams || {}, {
1484
1499
  response_mode: "web_message"
1485
1500
  }, window.location.origin);
1486
1501
  config.popup.location.href = params.url;
@@ -1517,7 +1532,7 @@
1517
1532
  var _a;
1518
1533
  const {onRedirect: onRedirect, fragment: fragment, appState: appState} = options, urlOptions = __rest(options, [ "onRedirect", "fragment", "appState" ]);
1519
1534
  const organizationId = ((_a = urlOptions.authorizationParams) === null || _a === void 0 ? void 0 : _a.organization) || this.options.authorizationParams.organization;
1520
- const _b = await this._prepareAuthorizeUrl(urlOptions.authorizationParams), {url: url} = _b, transaction = __rest(_b, [ "url" ]);
1535
+ const _b = await this._prepareAuthorizeUrl(urlOptions.authorizationParams || {}), {url: url} = _b, transaction = __rest(_b, [ "url" ]);
1521
1536
  this.transactionManager.create(Object.assign(Object.assign(Object.assign({}, transaction), {
1522
1537
  appState: appState
1523
1538
  }), organizationId && {
@@ -1542,7 +1557,7 @@
1542
1557
  }
1543
1558
  this.transactionManager.remove();
1544
1559
  if (error) {
1545
- throw new AuthenticationError(error, error_description, state, transaction.appState);
1560
+ throw new AuthenticationError(error, error_description || error, state, transaction.appState);
1546
1561
  }
1547
1562
  if (!transaction.code_verifier || transaction.state && transaction.state !== state) {
1548
1563
  throw new Error("Invalid state");
@@ -1584,14 +1599,15 @@
1584
1599
  }
1585
1600
  async getTokenSilently(options = {}) {
1586
1601
  var _a;
1587
- options = Object.assign(Object.assign({
1602
+ const localOptions = Object.assign(Object.assign({
1588
1603
  cacheMode: "on"
1589
1604
  }, options), {
1590
1605
  authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), options.authorizationParams), {
1591
1606
  scope: getUniqueScopes(this.scope, (_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.scope)
1592
1607
  })
1593
1608
  });
1594
- return singlePromise((() => this._getTokenSilently(options)), `${this.options.clientId}::${options.authorizationParams.audience}::${options.authorizationParams.scope}`);
1609
+ const result = await singlePromise((() => this._getTokenSilently(localOptions)), `${this.options.clientId}::${localOptions.authorizationParams.audience}::${localOptions.authorizationParams.scope}`);
1610
+ return options.detailedResponse ? result : result === null || result === void 0 ? void 0 : result.access_token;
1595
1611
  }
1596
1612
  async _getTokenSilently(options) {
1597
1613
  const {cacheMode: cacheMode} = options, getTokenOptions = __rest(options, [ "cacheMode" ]);
@@ -1599,8 +1615,7 @@
1599
1615
  const entry = await this._getEntryFromCache({
1600
1616
  scope: getTokenOptions.authorizationParams.scope,
1601
1617
  audience: getTokenOptions.authorizationParams.audience || "default",
1602
- clientId: this.options.clientId,
1603
- getDetailedEntry: options.detailedResponse
1618
+ clientId: this.options.clientId
1604
1619
  });
1605
1620
  if (entry) {
1606
1621
  return entry;
@@ -1616,26 +1631,22 @@
1616
1631
  const entry = await this._getEntryFromCache({
1617
1632
  scope: getTokenOptions.authorizationParams.scope,
1618
1633
  audience: getTokenOptions.authorizationParams.audience || "default",
1619
- clientId: this.options.clientId,
1620
- getDetailedEntry: options.detailedResponse
1634
+ clientId: this.options.clientId
1621
1635
  });
1622
1636
  if (entry) {
1623
1637
  return entry;
1624
1638
  }
1625
1639
  }
1626
1640
  const authResult = this.options.useRefreshTokens ? await this._getTokenUsingRefreshToken(getTokenOptions) : await this._getTokenFromIFrame(getTokenOptions);
1627
- if (options.detailedResponse) {
1628
- const {id_token: id_token, access_token: access_token, oauthTokenScope: oauthTokenScope, expires_in: expires_in} = authResult;
1629
- return Object.assign(Object.assign({
1630
- id_token: id_token,
1631
- access_token: access_token
1632
- }, oauthTokenScope ? {
1633
- scope: oauthTokenScope
1634
- } : null), {
1635
- expires_in: expires_in
1636
- });
1637
- }
1638
- return authResult.access_token;
1641
+ const {id_token: id_token, access_token: access_token, oauthTokenScope: oauthTokenScope, expires_in: expires_in} = authResult;
1642
+ return Object.assign(Object.assign({
1643
+ id_token: id_token,
1644
+ access_token: access_token
1645
+ }, oauthTokenScope ? {
1646
+ scope: oauthTokenScope
1647
+ } : null), {
1648
+ expires_in: expires_in
1649
+ });
1639
1650
  } finally {
1640
1651
  await lock.releaseLock(GET_TOKEN_SILENTLY_LOCK_KEY);
1641
1652
  window.removeEventListener("pagehide", this._releaseLockOnPageHide);
@@ -1646,16 +1657,16 @@
1646
1657
  }
1647
1658
  async getTokenWithPopup(options = {}, config = {}) {
1648
1659
  var _a;
1649
- options = Object.assign(Object.assign({}, options), {
1660
+ const localOptions = Object.assign(Object.assign({}, options), {
1650
1661
  authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), options.authorizationParams), {
1651
1662
  scope: getUniqueScopes(this.scope, (_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.scope)
1652
1663
  })
1653
1664
  });
1654
1665
  config = Object.assign(Object.assign({}, DEFAULT_POPUP_CONFIG_OPTIONS), config);
1655
- await this.loginWithPopup(options, config);
1666
+ await this.loginWithPopup(localOptions, config);
1656
1667
  const cache = await this.cacheManager.get(new CacheKey({
1657
- scope: options.authorizationParams.scope,
1658
- audience: options.authorizationParams.audience || "default",
1668
+ scope: localOptions.authorizationParams.scope,
1669
+ audience: localOptions.authorizationParams.audience || "default",
1659
1670
  clientId: this.options.clientId
1660
1671
  }));
1661
1672
  return cache.access_token;
@@ -1738,11 +1749,6 @@
1738
1749
  }
1739
1750
  }
1740
1751
  async _getTokenUsingRefreshToken(options) {
1741
- options = Object.assign(Object.assign({}, options), {
1742
- authorizationParams: Object.assign(Object.assign({}, options.authorizationParams), {
1743
- scope: getUniqueScopes(this.scope, options.authorizationParams.scope)
1744
- })
1745
- });
1746
1752
  const cache = await this.cacheManager.get(new CacheKey({
1747
1753
  scope: options.authorizationParams.scope,
1748
1754
  audience: options.authorizationParams.audience || "default",
@@ -1799,26 +1805,23 @@
1799
1805
  this.userCache.set(CACHE_KEY_ID_TOKEN_SUFFIX, cache);
1800
1806
  return cache;
1801
1807
  }
1802
- async _getEntryFromCache({scope: scope, audience: audience, clientId: clientId, getDetailedEntry: getDetailedEntry = false}) {
1808
+ async _getEntryFromCache({scope: scope, audience: audience, clientId: clientId}) {
1803
1809
  const entry = await this.cacheManager.get(new CacheKey({
1804
1810
  scope: scope,
1805
1811
  audience: audience,
1806
1812
  clientId: clientId
1807
1813
  }), 60);
1808
1814
  if (entry && entry.access_token) {
1809
- if (getDetailedEntry) {
1810
- const {access_token: access_token, oauthTokenScope: oauthTokenScope, expires_in: expires_in} = entry;
1811
- const cache = await this._getIdTokenFromCache();
1812
- return Object.assign(Object.assign({
1813
- id_token: cache === null || cache === void 0 ? void 0 : cache.id_token,
1814
- access_token: access_token
1815
- }, oauthTokenScope ? {
1816
- scope: oauthTokenScope
1817
- } : null), {
1818
- expires_in: expires_in
1819
- });
1820
- }
1821
- return entry.access_token;
1815
+ const {access_token: access_token, oauthTokenScope: oauthTokenScope, expires_in: expires_in} = entry;
1816
+ const cache = await this._getIdTokenFromCache();
1817
+ return cache && Object.assign(Object.assign({
1818
+ id_token: cache.id_token,
1819
+ access_token: access_token
1820
+ }, oauthTokenScope ? {
1821
+ scope: oauthTokenScope
1822
+ } : null), {
1823
+ expires_in: expires_in
1824
+ });
1822
1825
  }
1823
1826
  }
1824
1827
  async _requestToken(options, additionalParameters) {