npm - @auth0/auth0-spa-js - Versions diffs - 2.16.0 → 2.17.0 - Mend

@auth0/auth0-spa-js 2.16.0 → 2.17.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/README.md +1 -1
package/dist/auth0-spa-js.development.js +12 -5
package/dist/auth0-spa-js.development.js.map +1 -1
package/dist/auth0-spa-js.production.esm.js +1 -1
package/dist/auth0-spa-js.production.esm.js.map +1 -1
package/dist/auth0-spa-js.production.js +1 -1
package/dist/auth0-spa-js.production.js.map +1 -1
package/dist/lib/auth0-spa-js.cjs.js +13 -5
package/dist/lib/auth0-spa-js.cjs.js.map +1 -1
package/dist/typings/Auth0Client.d.ts +12 -1
package/dist/typings/constants.d.ts +6 -0
package/dist/typings/index.d.ts +1 -1
package/dist/typings/version.d.ts +1 -1
package/package.json +1 -1
package/src/Auth0Client.ts +36 -6
package/src/constants.ts +7 -0
package/src/index.ts +1 -1
package/src/version.ts +1 -1

package/README.md CHANGED Viewed

@@ -30,7 +30,7 @@ npm install @auth0/auth0-spa-js
 From the CDN:
 ```html
-<script src="https://cdn.auth0.com/js/auth0-spa-js/2.16/auth0-spa-js.production.js"></script>
+<script src="https://cdn.auth0.com/js/auth0-spa-js/2.17/auth0-spa-js.production.js"></script>
 ```
 ### Configure Auth0

package/dist/auth0-spa-js.development.js CHANGED Viewed

@@ -15,7 +15,7 @@
         var e = new Error(message);
         return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
     };
-    var version = "2.16.0";
+    var version = "2.17.0";
     const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;
     const DEFAULT_POPUP_CONFIG_OPTIONS = {
         timeoutInSeconds: DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS
@@ -27,6 +27,7 @@
     const MISSING_REFRESH_TOKEN_ERROR_MESSAGE = "Missing Refresh Token";
     const INVALID_REFRESH_TOKEN_ERROR_MESSAGE = "invalid refresh token";
     const USER_BLOCKED_ERROR_MESSAGE = "user is blocked";
+    const MFA_STEP_UP_ERROR_DESCRIPTION = "Multifactor authentication required";
     const DEFAULT_SCOPE = "openid profile email";
     const DEFAULT_SESSION_CHECK_EXPIRY_DAYS = 1;
     const DEFAULT_AUTH0_CLIENT = {
@@ -7747,7 +7748,10 @@
             }
         }
         _isInteractiveError(error) {
-            return error instanceof MfaRequiredError;
+            return error instanceof MfaRequiredError || error instanceof GenericError && this._isIframeMfaError(error);
+        }
+        _isIframeMfaError(error) {
+            return error.error === "login_required" && error.error_description === MFA_STEP_UP_ERROR_DESCRIPTION;
         }
         async _handleInteractiveErrorWithPopup(options) {
             try {
@@ -7872,9 +7876,12 @@
                 }));
             } catch (e) {
                 if (e.error === "login_required") {
-                    this.logout({
-                        openUrl: false
-                    });
+                    const shouldSkipLogoutForMfaStepUp = e instanceof GenericError && this._isIframeMfaError(e) && this.options.interactiveErrorHandler === "popup";
+                    if (!shouldSkipLogoutForMfaStepUp) {
+                        this.logout({
+                            openUrl: false
+                        });
+                    }
                 }
                 throw e;
             }