@auth0/auth0-spa-js 2.11.2 → 2.11.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth0-spa-js.development.js +56 -47
- package/dist/auth0-spa-js.development.js.map +1 -1
- package/dist/auth0-spa-js.production.esm.js +1 -1
- package/dist/auth0-spa-js.production.esm.js.map +1 -1
- package/dist/auth0-spa-js.production.js +1 -1
- package/dist/auth0-spa-js.production.js.map +1 -1
- package/dist/lib/auth0-spa-js.cjs.js +58 -47
- package/dist/lib/auth0-spa-js.cjs.js.map +1 -1
- package/dist/typings/Auth0Client.utils.d.ts +12 -0
- package/dist/typings/version.d.ts +1 -1
- package/package.json +1 -1
- package/src/Auth0Client.ts +89 -70
- package/src/Auth0Client.utils.ts +15 -0
- package/src/cache/cache-manager.ts +1 -1
- package/src/version.ts +1 -1
|
@@ -540,7 +540,7 @@
|
|
|
540
540
|
exports.default = SuperTokensLock;
|
|
541
541
|
}));
|
|
542
542
|
var Lock = unwrapExports(browserTabsLock);
|
|
543
|
-
var version = "2.11.
|
|
543
|
+
var version = "2.11.3";
|
|
544
544
|
const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;
|
|
545
545
|
const DEFAULT_POPUP_CONFIG_OPTIONS = {
|
|
546
546
|
timeoutInSeconds: DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS
|
|
@@ -1402,7 +1402,7 @@
|
|
|
1402
1402
|
if (matchedKey) {
|
|
1403
1403
|
wrappedEntry = await this.cache.get(matchedKey);
|
|
1404
1404
|
}
|
|
1405
|
-
if (!
|
|
1405
|
+
if (!wrappedEntry && useMrrt && cacheMode !== "cache-only") {
|
|
1406
1406
|
return this.getEntryWithRefreshToken(cacheKey, keys);
|
|
1407
1407
|
}
|
|
1408
1408
|
}
|
|
@@ -1927,7 +1927,9 @@
|
|
|
1927
1927
|
}
|
|
1928
1928
|
}
|
|
1929
1929
|
const GET_TOKEN_SILENTLY_LOCK_KEY = "auth0.lock.getTokenSilently";
|
|
1930
|
+
const GET_TOKEN_FROM_IFRAME_LOCK_KEY = "auth0.lock.getTokenFromIFrame";
|
|
1930
1931
|
const buildGetTokenSilentlyLockKey = (clientId, audience) => `${GET_TOKEN_SILENTLY_LOCK_KEY}.${clientId}.${audience}`;
|
|
1932
|
+
const buildIframeLockKey = clientId => `${GET_TOKEN_FROM_IFRAME_LOCK_KEY}.${clientId}`;
|
|
1931
1933
|
const buildOrganizationHintCookieName = clientId => `auth0.${clientId}.organization_hint`;
|
|
1932
1934
|
const OLD_IS_AUTHENTICATED_COOKIE_NAME = "auth0.is.authenticated";
|
|
1933
1935
|
const buildIsAuthenticatedCookieName = clientId => `auth0.${clientId}.is.authenticated`;
|
|
@@ -2662,53 +2664,60 @@
|
|
|
2662
2664
|
}
|
|
2663
2665
|
}
|
|
2664
2666
|
async _getTokenFromIFrame(options) {
|
|
2665
|
-
const
|
|
2666
|
-
|
|
2667
|
-
});
|
|
2668
|
-
const orgHint = this.cookieStorage.get(this.orgHintCookieName);
|
|
2669
|
-
if (orgHint && !params.organization) {
|
|
2670
|
-
params.organization = orgHint;
|
|
2671
|
-
}
|
|
2672
|
-
const {url: url, state: stateIn, nonce: nonceIn, code_verifier: code_verifier, redirect_uri: redirect_uri, scope: scope, audience: audience} = await this._prepareAuthorizeUrl(params, {
|
|
2673
|
-
response_mode: "web_message"
|
|
2674
|
-
}, window.location.origin);
|
|
2675
|
-
try {
|
|
2676
|
-
if (window.crossOriginIsolated) {
|
|
2677
|
-
throw new GenericError("login_required", "The application is running in a Cross-Origin Isolated context, silently retrieving a token without refresh token is not possible.");
|
|
2678
|
-
}
|
|
2679
|
-
const authorizeTimeout = options.timeoutInSeconds || this.options.authorizeTimeoutInSeconds;
|
|
2680
|
-
let eventOrigin;
|
|
2667
|
+
const iframeLockKey = buildIframeLockKey(this.options.clientId);
|
|
2668
|
+
if (await retryPromise((() => lock.acquireLock(iframeLockKey, 5e3)), 10)) {
|
|
2681
2669
|
try {
|
|
2682
|
-
|
|
2683
|
-
|
|
2684
|
-
eventOrigin = this.domainUrl;
|
|
2685
|
-
}
|
|
2686
|
-
const codeResult = await runIframe(url, eventOrigin, authorizeTimeout);
|
|
2687
|
-
if (stateIn !== codeResult.state) {
|
|
2688
|
-
throw new GenericError("state_mismatch", "Invalid state");
|
|
2689
|
-
}
|
|
2690
|
-
const tokenResult = await this._requestToken(Object.assign(Object.assign({}, options.authorizationParams), {
|
|
2691
|
-
code_verifier: code_verifier,
|
|
2692
|
-
code: codeResult.code,
|
|
2693
|
-
grant_type: "authorization_code",
|
|
2694
|
-
redirect_uri: redirect_uri,
|
|
2695
|
-
timeout: options.authorizationParams.timeout || this.httpTimeoutMs
|
|
2696
|
-
}), {
|
|
2697
|
-
nonceIn: nonceIn,
|
|
2698
|
-
organization: params.organization
|
|
2699
|
-
});
|
|
2700
|
-
return Object.assign(Object.assign({}, tokenResult), {
|
|
2701
|
-
scope: scope,
|
|
2702
|
-
oauthTokenScope: tokenResult.scope,
|
|
2703
|
-
audience: audience
|
|
2704
|
-
});
|
|
2705
|
-
} catch (e) {
|
|
2706
|
-
if (e.error === "login_required") {
|
|
2707
|
-
this.logout({
|
|
2708
|
-
openUrl: false
|
|
2670
|
+
const params = Object.assign(Object.assign({}, options.authorizationParams), {
|
|
2671
|
+
prompt: "none"
|
|
2709
2672
|
});
|
|
2673
|
+
const orgHint = this.cookieStorage.get(this.orgHintCookieName);
|
|
2674
|
+
if (orgHint && !params.organization) {
|
|
2675
|
+
params.organization = orgHint;
|
|
2676
|
+
}
|
|
2677
|
+
const {url: url, state: stateIn, nonce: nonceIn, code_verifier: code_verifier, redirect_uri: redirect_uri, scope: scope, audience: audience} = await this._prepareAuthorizeUrl(params, {
|
|
2678
|
+
response_mode: "web_message"
|
|
2679
|
+
}, window.location.origin);
|
|
2680
|
+
if (window.crossOriginIsolated) {
|
|
2681
|
+
throw new GenericError("login_required", "The application is running in a Cross-Origin Isolated context, silently retrieving a token without refresh token is not possible.");
|
|
2682
|
+
}
|
|
2683
|
+
const authorizeTimeout = options.timeoutInSeconds || this.options.authorizeTimeoutInSeconds;
|
|
2684
|
+
let eventOrigin;
|
|
2685
|
+
try {
|
|
2686
|
+
eventOrigin = new URL(this.domainUrl).origin;
|
|
2687
|
+
} catch (_a) {
|
|
2688
|
+
eventOrigin = this.domainUrl;
|
|
2689
|
+
}
|
|
2690
|
+
const codeResult = await runIframe(url, eventOrigin, authorizeTimeout);
|
|
2691
|
+
if (stateIn !== codeResult.state) {
|
|
2692
|
+
throw new GenericError("state_mismatch", "Invalid state");
|
|
2693
|
+
}
|
|
2694
|
+
const tokenResult = await this._requestToken(Object.assign(Object.assign({}, options.authorizationParams), {
|
|
2695
|
+
code_verifier: code_verifier,
|
|
2696
|
+
code: codeResult.code,
|
|
2697
|
+
grant_type: "authorization_code",
|
|
2698
|
+
redirect_uri: redirect_uri,
|
|
2699
|
+
timeout: options.authorizationParams.timeout || this.httpTimeoutMs
|
|
2700
|
+
}), {
|
|
2701
|
+
nonceIn: nonceIn,
|
|
2702
|
+
organization: params.organization
|
|
2703
|
+
});
|
|
2704
|
+
return Object.assign(Object.assign({}, tokenResult), {
|
|
2705
|
+
scope: scope,
|
|
2706
|
+
oauthTokenScope: tokenResult.scope,
|
|
2707
|
+
audience: audience
|
|
2708
|
+
});
|
|
2709
|
+
} catch (e) {
|
|
2710
|
+
if (e.error === "login_required") {
|
|
2711
|
+
this.logout({
|
|
2712
|
+
openUrl: false
|
|
2713
|
+
});
|
|
2714
|
+
}
|
|
2715
|
+
throw e;
|
|
2716
|
+
} finally {
|
|
2717
|
+
await lock.releaseLock(iframeLockKey);
|
|
2710
2718
|
}
|
|
2711
|
-
|
|
2719
|
+
} else {
|
|
2720
|
+
throw new TimeoutError;
|
|
2712
2721
|
}
|
|
2713
2722
|
}
|
|
2714
2723
|
async _getTokenUsingRefreshToken(options) {
|
|
@@ -2736,7 +2745,7 @@
|
|
|
2736
2745
|
}), {
|
|
2737
2746
|
scopesToRequest: scopesToRequest
|
|
2738
2747
|
});
|
|
2739
|
-
if (tokenResult.refresh_token &&
|
|
2748
|
+
if (tokenResult.refresh_token && (cache === null || cache === void 0 ? void 0 : cache.refresh_token)) {
|
|
2740
2749
|
await this.cacheManager.updateEntry(cache.refresh_token, tokenResult.refresh_token);
|
|
2741
2750
|
}
|
|
2742
2751
|
if (this.options.useMrrt) {
|