@auth0/auth0-spa-js 2.15.0 → 2.17.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (20) hide show
  1. package/README.md +1 -1
  2. package/dist/auth0-spa-js.development.js +59 -24
  3. package/dist/auth0-spa-js.development.js.map +1 -1
  4. package/dist/auth0-spa-js.production.esm.js +1 -1
  5. package/dist/auth0-spa-js.production.esm.js.map +1 -1
  6. package/dist/auth0-spa-js.production.js +1 -1
  7. package/dist/auth0-spa-js.production.js.map +1 -1
  8. package/dist/lib/auth0-spa-js.cjs.js +60 -24
  9. package/dist/lib/auth0-spa-js.cjs.js.map +1 -1
  10. package/dist/typings/Auth0Client.d.ts +21 -0
  11. package/dist/typings/constants.d.ts +6 -0
  12. package/dist/typings/global.d.ts +21 -0
  13. package/dist/typings/index.d.ts +1 -1
  14. package/dist/typings/version.d.ts +1 -1
  15. package/package.json +1 -1
  16. package/src/Auth0Client.ts +114 -29
  17. package/src/constants.ts +7 -0
  18. package/src/global.ts +22 -0
  19. package/src/index.ts +1 -1
  20. package/src/version.ts +1 -1
package/dist/lib/auth0-spa-js.cjs.js CHANGED
@@ -18,7 +18,7 @@ typeof SuppressedError === "function" ? SuppressedError : function(error, suppre
18
18
  return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
19
19
  };
20
20
 
21
- var version = "2.15.0";
21
+ var version = "2.17.0";
22
22
 
23
23
  const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;
24
24
 
@@ -40,6 +40,8 @@ const INVALID_REFRESH_TOKEN_ERROR_MESSAGE = "invalid refresh token";
40
40
 
41
41
  const USER_BLOCKED_ERROR_MESSAGE = "user is blocked";
42
42
 
43
+ const MFA_STEP_UP_ERROR_DESCRIPTION = "Multifactor authentication required";
44
+
43
45
  const DEFAULT_SCOPE = "openid profile email";
44
46
 
45
47
  const DEFAULT_SESSION_CHECK_EXPIRY_DAYS = 1;
@@ -8293,29 +8295,60 @@ class Auth0Client {
8293
8295
  return;
8294
8296
  }
8295
8297
  const lockKey = buildGetTokenSilentlyLockKey(this.options.clientId, getTokenOptions.authorizationParams.audience || "default");
8296
- return await this.lockManager.runWithLock(lockKey, 5e3, (async () => {
8297
- if (cacheMode !== "off") {
8298
- const entry = await this._getEntryFromCache({
8299
- scope: getTokenOptions.authorizationParams.scope,
8300
- audience: getTokenOptions.authorizationParams.audience || DEFAULT_AUDIENCE,
8301
- clientId: this.options.clientId
8302
- });
8303
- if (entry) {
8304
- return entry;
8298
+ try {
8299
+ return await this.lockManager.runWithLock(lockKey, 5e3, (async () => {
8300
+ if (cacheMode !== "off") {
8301
+ const entry = await this._getEntryFromCache({
8302
+ scope: getTokenOptions.authorizationParams.scope,
8303
+ audience: getTokenOptions.authorizationParams.audience || DEFAULT_AUDIENCE,
8304
+ clientId: this.options.clientId
8305
+ });
8306
+ if (entry) {
8307
+ return entry;
8308
+ }
8305
8309
  }
8310
+ const authResult = this.options.useRefreshTokens ? await this._getTokenUsingRefreshToken(getTokenOptions) : await this._getTokenFromIFrame(getTokenOptions);
8311
+ const {id_token: id_token, token_type: token_type, access_token: access_token, oauthTokenScope: oauthTokenScope, expires_in: expires_in} = authResult;
8312
+ return Object.assign(Object.assign({
8313
+ id_token: id_token,
8314
+ token_type: token_type,
8315
+ access_token: access_token
8316
+ }, oauthTokenScope ? {
8317
+ scope: oauthTokenScope
8318
+ } : null), {
8319
+ expires_in: expires_in
8320
+ });
8321
+ }));
8322
+ } catch (error) {
8323
+ if (this._isInteractiveError(error) && this.options.interactiveErrorHandler === "popup") {
8324
+ return await this._handleInteractiveErrorWithPopup(getTokenOptions);
8306
8325
  }
8307
- const authResult = this.options.useRefreshTokens ? await this._getTokenUsingRefreshToken(getTokenOptions) : await this._getTokenFromIFrame(getTokenOptions);
8308
- const {id_token: id_token, token_type: token_type, access_token: access_token, oauthTokenScope: oauthTokenScope, expires_in: expires_in} = authResult;
8309
- return Object.assign(Object.assign({
8310
- id_token: id_token,
8311
- token_type: token_type,
8312
- access_token: access_token
8313
- }, oauthTokenScope ? {
8314
- scope: oauthTokenScope
8315
- } : null), {
8316
- expires_in: expires_in
8326
+ throw error;
8327
+ }
8328
+ }
8329
+ _isInteractiveError(error) {
8330
+ return error instanceof MfaRequiredError || error instanceof GenericError && this._isIframeMfaError(error);
8331
+ }
8332
+ _isIframeMfaError(error) {
8333
+ return error.error === "login_required" && error.error_description === MFA_STEP_UP_ERROR_DESCRIPTION;
8334
+ }
8335
+ async _handleInteractiveErrorWithPopup(options) {
8336
+ try {
8337
+ await this.loginWithPopup({
8338
+ authorizationParams: options.authorizationParams
8317
8339
  });
8318
- }));
8340
+ const entry = await this._getEntryFromCache({
8341
+ scope: options.authorizationParams.scope,
8342
+ audience: options.authorizationParams.audience || DEFAULT_AUDIENCE,
8343
+ clientId: this.options.clientId
8344
+ });
8345
+ if (!entry) {
8346
+ throw new GenericError("interactive_handler_cache_miss", "Token not found in cache after interactive authentication");
8347
+ }
8348
+ return entry;
8349
+ } catch (error) {
8350
+ throw error;
8351
+ }
8319
8352
  }
8320
8353
  async getTokenWithPopup() {
8321
8354
  let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
@@ -8422,9 +8455,12 @@ class Auth0Client {
8422
8455
  }));
8423
8456
  } catch (e) {
8424
8457
  if (e.error === "login_required") {
8425
- this.logout({
8426
- openUrl: false
8427
- });
8458
+ const shouldSkipLogoutForMfaStepUp = e instanceof GenericError && this._isIframeMfaError(e) && this.options.interactiveErrorHandler === "popup";
8459
+ if (!shouldSkipLogoutForMfaStepUp) {
8460
+ this.logout({
8461
+ openUrl: false
8462
+ });
8463
+ }
8428
8464
  }
8429
8465
  throw e;
8430
8466
  }