@auth0/auth0-spa-js 2.5.0 → 2.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/auth0-spa-js.development.js +212 -21
- package/dist/auth0-spa-js.development.js.map +1 -1
- package/dist/auth0-spa-js.production.esm.js +1 -1
- package/dist/auth0-spa-js.production.esm.js.map +1 -1
- package/dist/auth0-spa-js.production.js +1 -1
- package/dist/auth0-spa-js.production.js.map +1 -1
- package/dist/auth0-spa-js.worker.development.js +1 -1
- package/dist/auth0-spa-js.worker.development.js.map +1 -1
- package/dist/auth0-spa-js.worker.production.js +1 -1
- package/dist/auth0-spa-js.worker.production.js.map +1 -1
- package/dist/lib/auth0-spa-js.cjs.js +224 -22
- package/dist/lib/auth0-spa-js.cjs.js.map +1 -1
- package/dist/typings/Auth0Client.d.ts +42 -2
- package/dist/typings/Auth0Client.utils.d.ts +6 -0
- package/dist/typings/MyAccountApiClient.d.ts +92 -0
- package/dist/typings/errors.d.ts +18 -0
- package/dist/typings/fetcher.d.ts +5 -3
- package/dist/typings/global.d.ts +93 -0
- package/dist/typings/index.d.ts +2 -1
- package/dist/typings/transaction-manager.d.ts +15 -4
- package/dist/typings/version.d.ts +1 -1
- package/package.json +1 -1
- package/src/Auth0Client.ts +202 -22
- package/src/Auth0Client.utils.ts +14 -0
- package/src/MyAccountApiClient.ts +158 -0
- package/src/errors.ts +33 -0
- package/src/fetcher.ts +53 -18
- package/src/global.ts +105 -3
- package/src/index.ts +5 -0
- package/src/transaction-manager.ts +17 -4
- package/src/utils.ts +1 -0
- package/src/version.ts +1 -1
- package/src/worker/token.worker.ts +1 -1
package/README.md
CHANGED
|
@@ -29,7 +29,7 @@ npm install @auth0/auth0-spa-js
|
|
|
29
29
|
From the CDN:
|
|
30
30
|
|
|
31
31
|
```html
|
|
32
|
-
<script src="https://cdn.auth0.com/js/auth0-spa-js/2.
|
|
32
|
+
<script src="https://cdn.auth0.com/js/auth0-spa-js/2.7/auth0-spa-js.production.js"></script>
|
|
33
33
|
```
|
|
34
34
|
|
|
35
35
|
### Configure Auth0
|
|
@@ -540,7 +540,7 @@
|
|
|
540
540
|
exports.default = SuperTokensLock;
|
|
541
541
|
}));
|
|
542
542
|
var Lock = unwrapExports(browserTabsLock);
|
|
543
|
-
var version = "2.
|
|
543
|
+
var version = "2.7.0";
|
|
544
544
|
const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;
|
|
545
545
|
const DEFAULT_POPUP_CONFIG_OPTIONS = {
|
|
546
546
|
timeoutInSeconds: DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS
|
|
@@ -577,6 +577,15 @@
|
|
|
577
577
|
Object.setPrototypeOf(this, AuthenticationError.prototype);
|
|
578
578
|
}
|
|
579
579
|
}
|
|
580
|
+
class ConnectError extends GenericError {
|
|
581
|
+
constructor(error, error_description, connection, state, appState = null) {
|
|
582
|
+
super(error, error_description);
|
|
583
|
+
this.connection = connection;
|
|
584
|
+
this.state = state;
|
|
585
|
+
this.appState = appState;
|
|
586
|
+
Object.setPrototypeOf(this, ConnectError.prototype);
|
|
587
|
+
}
|
|
588
|
+
}
|
|
580
589
|
class TimeoutError extends GenericError {
|
|
581
590
|
constructor() {
|
|
582
591
|
super("timeout", "Timeout");
|
|
@@ -612,6 +621,14 @@
|
|
|
612
621
|
Object.setPrototypeOf(this, MissingRefreshTokenError.prototype);
|
|
613
622
|
}
|
|
614
623
|
}
|
|
624
|
+
class MissingScopesError extends GenericError {
|
|
625
|
+
constructor(audience, scope) {
|
|
626
|
+
super("missing_scopes", `Missing requested scopes after refresh (audience: '${valueOrEmptyString(audience, [ "default" ])}', missing scope: '${valueOrEmptyString(scope)}')`);
|
|
627
|
+
this.audience = audience;
|
|
628
|
+
this.scope = scope;
|
|
629
|
+
Object.setPrototypeOf(this, MissingScopesError.prototype);
|
|
630
|
+
}
|
|
631
|
+
}
|
|
615
632
|
class UseDpopNonceError extends GenericError {
|
|
616
633
|
constructor(newDpopNonce) {
|
|
617
634
|
super("use_dpop_nonce", "Server rejected DPoP proof: wrong nonce");
|
|
@@ -630,6 +647,7 @@
|
|
|
630
647
|
return {
|
|
631
648
|
state: searchParams.get("state"),
|
|
632
649
|
code: searchParams.get("code") || undefined,
|
|
650
|
+
connect_code: searchParams.get("connect_code") || undefined,
|
|
633
651
|
error: searchParams.get("error") || undefined,
|
|
634
652
|
error_description: searchParams.get("error_description") || undefined
|
|
635
653
|
};
|
|
@@ -1756,6 +1774,12 @@
|
|
|
1756
1774
|
sessionStorage.removeItem(key);
|
|
1757
1775
|
}
|
|
1758
1776
|
};
|
|
1777
|
+
exports.ResponseType = void 0;
|
|
1778
|
+
(function(ResponseType) {
|
|
1779
|
+
ResponseType["Code"] = "code";
|
|
1780
|
+
ResponseType["ConnectCode"] = "connect_code";
|
|
1781
|
+
})(exports.ResponseType || (exports.ResponseType = {}));
|
|
1782
|
+
class User {}
|
|
1759
1783
|
function decodeBase64(base64, enableUnicode) {
|
|
1760
1784
|
var binaryString = atob(base64);
|
|
1761
1785
|
if (enableUnicode) {
|
|
@@ -1785,7 +1809,7 @@
|
|
|
1785
1809
|
return new Worker(url, options);
|
|
1786
1810
|
};
|
|
1787
1811
|
}
|
|
1788
|
-
var WorkerFactory = createBase64WorkerFactory("Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwooZnVuY3Rpb24oKSB7CiAgICAidXNlIHN0cmljdCI7CiAgICBjbGFzcyBHZW5lcmljRXJyb3IgZXh0ZW5kcyBFcnJvciB7CiAgICAgICAgY29uc3RydWN0b3IoZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uKSB7CiAgICAgICAgICAgIHN1cGVyKGVycm9yX2Rlc2NyaXB0aW9uKTsKICAgICAgICAgICAgdGhpcy5lcnJvciA9IGVycm9yOwogICAgICAgICAgICB0aGlzLmVycm9yX2Rlc2NyaXB0aW9uID0gZXJyb3JfZGVzY3JpcHRpb247CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBHZW5lcmljRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICAgICAgc3RhdGljIGZyb21QYXlsb2FkKHtlcnJvcjogZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uOiBlcnJvcl9kZXNjcmlwdGlvbn0pIHsKICAgICAgICAgICAgcmV0dXJuIG5ldyBHZW5lcmljRXJyb3IoZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uKTsKICAgICAgICB9CiAgICB9CiAgICBjbGFzcyBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IgZXh0ZW5kcyBHZW5lcmljRXJyb3IgewogICAgICAgIGNvbnN0cnVjdG9yKGF1ZGllbmNlLCBzY29wZSkgewogICAgICAgICAgICBzdXBlcigibWlzc2luZ19yZWZyZXNoX3Rva2VuIiwgYE1pc3NpbmcgUmVmcmVzaCBUb2tlbiAoYXVkaWVuY2U6ICcke3ZhbHVlT3JFbXB0eVN0cmluZyhhdWRpZW5jZSwgWyAiZGVmYXVsdCIgXSl9Jywgc2NvcGU6ICcke3ZhbHVlT3JFbXB0eVN0cmluZyhzY29wZSl9JylgKTsKICAgICAgICAgICAgdGhpcy5hdWRpZW5jZSA9IGF1ZGllbmNlOwogICAgICAgICAgICB0aGlzLnNjb3BlID0gc2NvcGU7CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICB9CiAgICBmdW5jdGlvbiB2YWx1ZU9yRW1wdHlTdHJpbmcodmFsdWUsIGV4Y2x1ZGUgPSBbXSkgewogICAgICAgIHJldHVybiB2YWx1ZSAmJiAhZXhjbHVkZS5pbmNsdWRlcyh2YWx1ZSkgPyB2YWx1ZSA6ICIiOwogICAgfQogICAgZnVuY3Rpb24gX19yZXN0KHMsIGUpIHsKICAgICAgICB2YXIgdCA9IHt9OwogICAgICAgIGZvciAodmFyIHAgaW4gcykgaWYgKE9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChzLCBwKSAmJiBlLmluZGV4T2YocCkgPCAwKSB0W3BdID0gc1twXTsKICAgICAgICBpZiAocyAhPSBudWxsICYmIHR5cGVvZiBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzID09PSAiZnVuY3Rpb24iKSBmb3IgKHZhciBpID0gMCwgcCA9IE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMocyk7IGkgPCBwLmxlbmd0aDsgaSsrKSB7CiAgICAgICAgICAgIGlmIChlLmluZGV4T2YocFtpXSkgPCAwICYmIE9iamVjdC5wcm90b3R5cGUucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChzLCBwW2ldKSkgdFtwW2ldXSA9IHNbcFtpXV07CiAgICAgICAgfQogICAgICAgIHJldHVybiB0OwogICAgfQogICAgdHlwZW9mIFN1cHByZXNzZWRFcnJvciA9PT0gImZ1bmN0aW9uIiA/IFN1cHByZXNzZWRFcnJvciA6IGZ1bmN0aW9uKGVycm9yLCBzdXBwcmVzc2VkLCBtZXNzYWdlKSB7CiAgICAgICAgdmFyIGUgPSBuZXcgRXJyb3IobWVzc2FnZSk7CiAgICAgICAgcmV0dXJuIGUubmFtZSA9ICJTdXBwcmVzc2VkRXJyb3IiLCBlLmVycm9yID0gZXJyb3IsIGUuc3VwcHJlc3NlZCA9IHN1cHByZXNzZWQsIGU7CiAgICB9OwogICAgY29uc3Qgc3RyaXBVbmRlZmluZWQgPSBwYXJhbXMgPT4gT2JqZWN0LmtleXMocGFyYW1zKS5maWx0ZXIoKGsgPT4gdHlwZW9mIHBhcmFtc1trXSAhPT0gInVuZGVmaW5lZCIpKS5yZWR1Y2UoKChhY2MsIGtleSkgPT4gT2JqZWN0LmFzc2lnbihPYmplY3QuYXNzaWduKHt9LCBhY2MpLCB7CiAgICAgICAgW2tleV06IHBhcmFtc1trZXldCiAgICB9KSksIHt9KTsKICAgIGNvbnN0IGNyZWF0ZVF1ZXJ5UGFyYW1zID0gX2EgPT4gewogICAgICAgIHZhciB7Y2xpZW50SWQ6IGNsaWVudF9pZH0gPSBfYSwgcGFyYW1zID0gX19yZXN0KF9hLCBbICJjbGllbnRJZCIgXSk7CiAgICAgICAgcmV0dXJuIG5ldyBVUkxTZWFyY2hQYXJhbXMoc3RyaXBVbmRlZmluZWQoT2JqZWN0LmFzc2lnbih7CiAgICAgICAgICAgIGNsaWVudF9pZDogY2xpZW50X2lkCiAgICAgICAgfSwgcGFyYW1zKSkpLnRvU3RyaW5nKCk7CiAgICB9OwogICAgY29uc3QgZnJvbUVudHJpZXMgPSBpdGVyYWJsZSA9PiBbIC4uLml0ZXJhYmxlIF0ucmVkdWNlKCgob2JqLCBba2V5LCB2YWxdKSA9PiB7CiAgICAgICAgb2JqW2tleV0gPSB2YWw7CiAgICAgICAgcmV0dXJuIG9iajsKICAgIH0pLCB7fSk7CiAgICBsZXQgcmVmcmVzaFRva2VucyA9IHt9OwogICAgY29uc3QgY2FjaGVLZXkgPSAoYXVkaWVuY2UsIHNjb3BlKSA9PiBgJHthdWRpZW5jZX18JHtzY29wZX1gOwogICAgY29uc3QgY2FjaGVLZXlDb250YWluc0F1ZGllbmNlID0gKGF1ZGllbmNlLCBjYWNoZUtleSkgPT4gY2FjaGVLZXkuc3RhcnRzV2l0aChgJHthdWRpZW5jZX18YCk7CiAgICBjb25zdCBnZXRSZWZyZXNoVG9rZW4gPSAoYXVkaWVuY2UsIHNjb3BlKSA9PiByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldOwogICAgY29uc3Qgc2V0UmVmcmVzaFRva2VuID0gKHJlZnJlc2hUb2tlbiwgYXVkaWVuY2UsIHNjb3BlKSA9PiByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldID0gcmVmcmVzaFRva2VuOwogICAgY29uc3QgZGVsZXRlUmVmcmVzaFRva2VuID0gKGF1ZGllbmNlLCBzY29wZSkgPT4gZGVsZXRlIHJlZnJlc2hUb2tlbnNbY2FjaGVLZXkoYXVkaWVuY2UsIHNjb3BlKV07CiAgICBjb25zdCB3YWl0ID0gdGltZSA9PiBuZXcgUHJvbWlzZSgocmVzb2x2ZSA9PiBzZXRUaW1lb3V0KHJlc29sdmUsIHRpbWUpKSk7CiAgICBjb25zdCBmb3JtRGF0YVRvT2JqZWN0ID0gZm9ybURhdGEgPT4gewogICAgICAgIGNvbnN0IHF1ZXJ5UGFyYW1zID0gbmV3IFVSTFNlYXJjaFBhcmFtcyhmb3JtRGF0YSk7CiAgICAgICAgY29uc3QgcGFyc2VkUXVlcnkgPSB7fTsKICAgICAgICBxdWVyeVBhcmFtcy5mb3JFYWNoKCgodmFsLCBrZXkpID0+IHsKICAgICAgICAgICAgcGFyc2VkUXVlcnlba2V5XSA9IHZhbDsKICAgICAgICB9KSk7CiAgICAgICAgcmV0dXJuIHBhcnNlZFF1ZXJ5OwogICAgfTsKICAgIGNvbnN0IHVwZGF0ZVJlZnJlc2hUb2tlbnMgPSAob2xkUmVmcmVzaFRva2VuLCBuZXdSZWZyZXNoVG9rZW4pID0+IHsKICAgICAgICBPYmplY3QuZW50cmllcyhyZWZyZXNoVG9rZW5zKS5mb3JFYWNoKCgoW2tleSwgdG9rZW5dKSA9PiB7CiAgICAgICAgICAgIGlmICh0b2tlbiA9PT0gb2xkUmVmcmVzaFRva2VuKSB7CiAgICAgICAgICAgICAgICByZWZyZXNoVG9rZW5zW2tleV0gPSBuZXdSZWZyZXNoVG9rZW47CiAgICAgICAgICAgIH0KICAgICAgICB9KSk7CiAgICB9OwogICAgY29uc3QgY2hlY2tEb3duc2NvcGluZyA9IChzY29wZSwgYXVkaWVuY2UpID0+IHsKICAgICAgICBjb25zdCBmaW5kQ29pbmNpZGVuY2UgPSBPYmplY3Qua2V5cyhyZWZyZXNoVG9rZW5zKS5maW5kKChrZXkgPT4gewogICAgICAgICAgICBpZiAoa2V5ICE9PSAibGF0ZXN0X3JlZnJlc2hfdG9rZW4iKSB7CiAgICAgICAgICAgICAgICBjb25zdCBpc1NhbWVBdWRpZW5jZSA9IGNhY2hlS2V5Q29udGFpbnNBdWRpZW5jZShhdWRpZW5jZSwga2V5KTsKICAgICAgICAgICAgICAgIGNvbnN0IHNjb3Blc0tleSA9IGtleS5zcGxpdCgifCIpWzFdLnNwbGl0KCIgIik7CiAgICAgICAgICAgICAgICBjb25zdCByZXF1ZXN0ZWRTY29wZXMgPSBzY29wZS5zcGxpdCgiICIpOwogICAgICAgICAgICAgICAgY29uc3Qgc2NvcGVzQXJlSW5jbHVkZWQgPSByZXF1ZXN0ZWRTY29wZXMuZXZlcnkoKGtleSA9PiBzY29wZXNLZXkuaW5jbHVkZXMoa2V5KSkpOwogICAgICAgICAgICAgICAgcmV0dXJuIGlzU2FtZUF1ZGllbmNlICYmIHNjb3Blc0FyZUluY2x1ZGVkOwogICAgICAgICAgICB9CiAgICAgICAgfSkpOwogICAgICAgIHJldHVybiBmaW5kQ29pbmNpZGVuY2UgPyB0cnVlIDogZmFsc2U7CiAgICB9OwogICAgY29uc3QgbWVzc2FnZUhhbmRsZXIgPSBhc3luYyAoe2RhdGE6IHt0aW1lb3V0OiB0aW1lb3V0LCBhdXRoOiBhdXRoLCBmZXRjaFVybDogZmV0Y2hVcmwsIGZldGNoT3B0aW9uczogZmV0Y2hPcHRpb25zLCB1c2VGb3JtRGF0YTogdXNlRm9ybURhdGEsIHVzZU1ycnQ6IHVzZU1ycnR9LCBwb3J0czogW3BvcnRdfSkgPT4gewogICAgICAgIGxldCBoZWFkZXJzID0ge307CiAgICAgICAgbGV0IGpzb247CiAgICAgICAgbGV0IHJlZnJlc2hUb2tlbjsKICAgICAgICBjb25zdCB7YXVkaWVuY2U6IGF1ZGllbmNlLCBzY29wZTogc2NvcGV9ID0gYXV0aCB8fCB7fTsKICAgICAgICB0cnkgewogICAgICAgICAgICBjb25zdCBib2R5ID0gdXNlRm9ybURhdGEgPyBmb3JtRGF0YVRvT2JqZWN0KGZldGNoT3B0aW9ucy5ib2R5KSA6IEpTT04ucGFyc2UoZmV0Y2hPcHRpb25zLmJvZHkpOwogICAgICAgICAgICBpZiAoIWJvZHkucmVmcmVzaF90b2tlbiAmJiBib2R5LmdyYW50X3R5cGUgPT09ICJyZWZyZXNoX3Rva2VuIikgewogICAgICAgICAgICAgICAgcmVmcmVzaFRva2VuID0gZ2V0UmVmcmVzaFRva2VuKGF1ZGllbmNlLCBzY29wZSk7CiAgICAgICAgICAgICAgICBpZiAoIXJlZnJlc2hUb2tlbiAmJiB1c2VNcnJ0KSB7CiAgICAgICAgICAgICAgICAgICAgY29uc3QgbGF0ZXN0UmVmcmVzaFRva2VuID0gcmVmcmVzaFRva2Vuc1sibGF0ZXN0X3JlZnJlc2hfdG9rZW4iXTsKICAgICAgICAgICAgICAgICAgICBjb25zdCBpc0Rvd25zY29waW5nID0gY2hlY2tEb3duc2NvcGluZyhzY29wZSwgYXVkaWVuY2UpOwogICAgICAgICAgICAgICAgICAgIGlmIChsYXRlc3RSZWZyZXNoVG9rZW4gJiYgIWlzRG93bnNjb3BpbmcpIHsKICAgICAgICAgICAgICAgICAgICAgICAgcmVmcmVzaFRva2VuID0gbGF0ZXN0UmVmcmVzaFRva2VuOwogICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIGlmICghcmVmcmVzaFRva2VuKSB7CiAgICAgICAgICAgICAgICAgICAgdGhyb3cgbmV3IE1pc3NpbmdSZWZyZXNoVG9rZW5FcnJvcihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgZmV0Y2hPcHRpb25zLmJvZHkgPSB1c2VGb3JtRGF0YSA/
|
|
1812
|
+
var WorkerFactory = createBase64WorkerFactory("Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwooZnVuY3Rpb24oKSB7CiAgICAidXNlIHN0cmljdCI7CiAgICBjbGFzcyBHZW5lcmljRXJyb3IgZXh0ZW5kcyBFcnJvciB7CiAgICAgICAgY29uc3RydWN0b3IoZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uKSB7CiAgICAgICAgICAgIHN1cGVyKGVycm9yX2Rlc2NyaXB0aW9uKTsKICAgICAgICAgICAgdGhpcy5lcnJvciA9IGVycm9yOwogICAgICAgICAgICB0aGlzLmVycm9yX2Rlc2NyaXB0aW9uID0gZXJyb3JfZGVzY3JpcHRpb247CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBHZW5lcmljRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICAgICAgc3RhdGljIGZyb21QYXlsb2FkKHtlcnJvcjogZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uOiBlcnJvcl9kZXNjcmlwdGlvbn0pIHsKICAgICAgICAgICAgcmV0dXJuIG5ldyBHZW5lcmljRXJyb3IoZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uKTsKICAgICAgICB9CiAgICB9CiAgICBjbGFzcyBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IgZXh0ZW5kcyBHZW5lcmljRXJyb3IgewogICAgICAgIGNvbnN0cnVjdG9yKGF1ZGllbmNlLCBzY29wZSkgewogICAgICAgICAgICBzdXBlcigibWlzc2luZ19yZWZyZXNoX3Rva2VuIiwgYE1pc3NpbmcgUmVmcmVzaCBUb2tlbiAoYXVkaWVuY2U6ICcke3ZhbHVlT3JFbXB0eVN0cmluZyhhdWRpZW5jZSwgWyAiZGVmYXVsdCIgXSl9Jywgc2NvcGU6ICcke3ZhbHVlT3JFbXB0eVN0cmluZyhzY29wZSl9JylgKTsKICAgICAgICAgICAgdGhpcy5hdWRpZW5jZSA9IGF1ZGllbmNlOwogICAgICAgICAgICB0aGlzLnNjb3BlID0gc2NvcGU7CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICB9CiAgICBmdW5jdGlvbiB2YWx1ZU9yRW1wdHlTdHJpbmcodmFsdWUsIGV4Y2x1ZGUgPSBbXSkgewogICAgICAgIHJldHVybiB2YWx1ZSAmJiAhZXhjbHVkZS5pbmNsdWRlcyh2YWx1ZSkgPyB2YWx1ZSA6ICIiOwogICAgfQogICAgZnVuY3Rpb24gX19yZXN0KHMsIGUpIHsKICAgICAgICB2YXIgdCA9IHt9OwogICAgICAgIGZvciAodmFyIHAgaW4gcykgaWYgKE9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChzLCBwKSAmJiBlLmluZGV4T2YocCkgPCAwKSB0W3BdID0gc1twXTsKICAgICAgICBpZiAocyAhPSBudWxsICYmIHR5cGVvZiBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzID09PSAiZnVuY3Rpb24iKSBmb3IgKHZhciBpID0gMCwgcCA9IE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMocyk7IGkgPCBwLmxlbmd0aDsgaSsrKSB7CiAgICAgICAgICAgIGlmIChlLmluZGV4T2YocFtpXSkgPCAwICYmIE9iamVjdC5wcm90b3R5cGUucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChzLCBwW2ldKSkgdFtwW2ldXSA9IHNbcFtpXV07CiAgICAgICAgfQogICAgICAgIHJldHVybiB0OwogICAgfQogICAgdHlwZW9mIFN1cHByZXNzZWRFcnJvciA9PT0gImZ1bmN0aW9uIiA/IFN1cHByZXNzZWRFcnJvciA6IGZ1bmN0aW9uKGVycm9yLCBzdXBwcmVzc2VkLCBtZXNzYWdlKSB7CiAgICAgICAgdmFyIGUgPSBuZXcgRXJyb3IobWVzc2FnZSk7CiAgICAgICAgcmV0dXJuIGUubmFtZSA9ICJTdXBwcmVzc2VkRXJyb3IiLCBlLmVycm9yID0gZXJyb3IsIGUuc3VwcHJlc3NlZCA9IHN1cHByZXNzZWQsIGU7CiAgICB9OwogICAgY29uc3Qgc3RyaXBVbmRlZmluZWQgPSBwYXJhbXMgPT4gT2JqZWN0LmtleXMocGFyYW1zKS5maWx0ZXIoKGsgPT4gdHlwZW9mIHBhcmFtc1trXSAhPT0gInVuZGVmaW5lZCIpKS5yZWR1Y2UoKChhY2MsIGtleSkgPT4gT2JqZWN0LmFzc2lnbihPYmplY3QuYXNzaWduKHt9LCBhY2MpLCB7CiAgICAgICAgW2tleV06IHBhcmFtc1trZXldCiAgICB9KSksIHt9KTsKICAgIGNvbnN0IGNyZWF0ZVF1ZXJ5UGFyYW1zID0gX2EgPT4gewogICAgICAgIHZhciB7Y2xpZW50SWQ6IGNsaWVudF9pZH0gPSBfYSwgcGFyYW1zID0gX19yZXN0KF9hLCBbICJjbGllbnRJZCIgXSk7CiAgICAgICAgcmV0dXJuIG5ldyBVUkxTZWFyY2hQYXJhbXMoc3RyaXBVbmRlZmluZWQoT2JqZWN0LmFzc2lnbih7CiAgICAgICAgICAgIGNsaWVudF9pZDogY2xpZW50X2lkCiAgICAgICAgfSwgcGFyYW1zKSkpLnRvU3RyaW5nKCk7CiAgICB9OwogICAgY29uc3QgZnJvbUVudHJpZXMgPSBpdGVyYWJsZSA9PiBbIC4uLml0ZXJhYmxlIF0ucmVkdWNlKCgob2JqLCBba2V5LCB2YWxdKSA9PiB7CiAgICAgICAgb2JqW2tleV0gPSB2YWw7CiAgICAgICAgcmV0dXJuIG9iajsKICAgIH0pLCB7fSk7CiAgICBsZXQgcmVmcmVzaFRva2VucyA9IHt9OwogICAgY29uc3QgY2FjaGVLZXkgPSAoYXVkaWVuY2UsIHNjb3BlKSA9PiBgJHthdWRpZW5jZX18JHtzY29wZX1gOwogICAgY29uc3QgY2FjaGVLZXlDb250YWluc0F1ZGllbmNlID0gKGF1ZGllbmNlLCBjYWNoZUtleSkgPT4gY2FjaGVLZXkuc3RhcnRzV2l0aChgJHthdWRpZW5jZX18YCk7CiAgICBjb25zdCBnZXRSZWZyZXNoVG9rZW4gPSAoYXVkaWVuY2UsIHNjb3BlKSA9PiByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldOwogICAgY29uc3Qgc2V0UmVmcmVzaFRva2VuID0gKHJlZnJlc2hUb2tlbiwgYXVkaWVuY2UsIHNjb3BlKSA9PiByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldID0gcmVmcmVzaFRva2VuOwogICAgY29uc3QgZGVsZXRlUmVmcmVzaFRva2VuID0gKGF1ZGllbmNlLCBzY29wZSkgPT4gZGVsZXRlIHJlZnJlc2hUb2tlbnNbY2FjaGVLZXkoYXVkaWVuY2UsIHNjb3BlKV07CiAgICBjb25zdCB3YWl0ID0gdGltZSA9PiBuZXcgUHJvbWlzZSgocmVzb2x2ZSA9PiBzZXRUaW1lb3V0KHJlc29sdmUsIHRpbWUpKSk7CiAgICBjb25zdCBmb3JtRGF0YVRvT2JqZWN0ID0gZm9ybURhdGEgPT4gewogICAgICAgIGNvbnN0IHF1ZXJ5UGFyYW1zID0gbmV3IFVSTFNlYXJjaFBhcmFtcyhmb3JtRGF0YSk7CiAgICAgICAgY29uc3QgcGFyc2VkUXVlcnkgPSB7fTsKICAgICAgICBxdWVyeVBhcmFtcy5mb3JFYWNoKCgodmFsLCBrZXkpID0+IHsKICAgICAgICAgICAgcGFyc2VkUXVlcnlba2V5XSA9IHZhbDsKICAgICAgICB9KSk7CiAgICAgICAgcmV0dXJuIHBhcnNlZFF1ZXJ5OwogICAgfTsKICAgIGNvbnN0IHVwZGF0ZVJlZnJlc2hUb2tlbnMgPSAob2xkUmVmcmVzaFRva2VuLCBuZXdSZWZyZXNoVG9rZW4pID0+IHsKICAgICAgICBPYmplY3QuZW50cmllcyhyZWZyZXNoVG9rZW5zKS5mb3JFYWNoKCgoW2tleSwgdG9rZW5dKSA9PiB7CiAgICAgICAgICAgIGlmICh0b2tlbiA9PT0gb2xkUmVmcmVzaFRva2VuKSB7CiAgICAgICAgICAgICAgICByZWZyZXNoVG9rZW5zW2tleV0gPSBuZXdSZWZyZXNoVG9rZW47CiAgICAgICAgICAgIH0KICAgICAgICB9KSk7CiAgICB9OwogICAgY29uc3QgY2hlY2tEb3duc2NvcGluZyA9IChzY29wZSwgYXVkaWVuY2UpID0+IHsKICAgICAgICBjb25zdCBmaW5kQ29pbmNpZGVuY2UgPSBPYmplY3Qua2V5cyhyZWZyZXNoVG9rZW5zKS5maW5kKChrZXkgPT4gewogICAgICAgICAgICBpZiAoa2V5ICE9PSAibGF0ZXN0X3JlZnJlc2hfdG9rZW4iKSB7CiAgICAgICAgICAgICAgICBjb25zdCBpc1NhbWVBdWRpZW5jZSA9IGNhY2hlS2V5Q29udGFpbnNBdWRpZW5jZShhdWRpZW5jZSwga2V5KTsKICAgICAgICAgICAgICAgIGNvbnN0IHNjb3Blc0tleSA9IGtleS5zcGxpdCgifCIpWzFdLnNwbGl0KCIgIik7CiAgICAgICAgICAgICAgICBjb25zdCByZXF1ZXN0ZWRTY29wZXMgPSBzY29wZS5zcGxpdCgiICIpOwogICAgICAgICAgICAgICAgY29uc3Qgc2NvcGVzQXJlSW5jbHVkZWQgPSByZXF1ZXN0ZWRTY29wZXMuZXZlcnkoKGtleSA9PiBzY29wZXNLZXkuaW5jbHVkZXMoa2V5KSkpOwogICAgICAgICAgICAgICAgcmV0dXJuIGlzU2FtZUF1ZGllbmNlICYmIHNjb3Blc0FyZUluY2x1ZGVkOwogICAgICAgICAgICB9CiAgICAgICAgfSkpOwogICAgICAgIHJldHVybiBmaW5kQ29pbmNpZGVuY2UgPyB0cnVlIDogZmFsc2U7CiAgICB9OwogICAgY29uc3QgbWVzc2FnZUhhbmRsZXIgPSBhc3luYyAoe2RhdGE6IHt0aW1lb3V0OiB0aW1lb3V0LCBhdXRoOiBhdXRoLCBmZXRjaFVybDogZmV0Y2hVcmwsIGZldGNoT3B0aW9uczogZmV0Y2hPcHRpb25zLCB1c2VGb3JtRGF0YTogdXNlRm9ybURhdGEsIHVzZU1ycnQ6IHVzZU1ycnR9LCBwb3J0czogW3BvcnRdfSkgPT4gewogICAgICAgIGxldCBoZWFkZXJzID0ge307CiAgICAgICAgbGV0IGpzb247CiAgICAgICAgbGV0IHJlZnJlc2hUb2tlbjsKICAgICAgICBjb25zdCB7YXVkaWVuY2U6IGF1ZGllbmNlLCBzY29wZTogc2NvcGV9ID0gYXV0aCB8fCB7fTsKICAgICAgICB0cnkgewogICAgICAgICAgICBjb25zdCBib2R5ID0gdXNlRm9ybURhdGEgPyBmb3JtRGF0YVRvT2JqZWN0KGZldGNoT3B0aW9ucy5ib2R5KSA6IEpTT04ucGFyc2UoZmV0Y2hPcHRpb25zLmJvZHkpOwogICAgICAgICAgICBpZiAoIWJvZHkucmVmcmVzaF90b2tlbiAmJiBib2R5LmdyYW50X3R5cGUgPT09ICJyZWZyZXNoX3Rva2VuIikgewogICAgICAgICAgICAgICAgcmVmcmVzaFRva2VuID0gZ2V0UmVmcmVzaFRva2VuKGF1ZGllbmNlLCBzY29wZSk7CiAgICAgICAgICAgICAgICBpZiAoIXJlZnJlc2hUb2tlbiAmJiB1c2VNcnJ0KSB7CiAgICAgICAgICAgICAgICAgICAgY29uc3QgbGF0ZXN0UmVmcmVzaFRva2VuID0gcmVmcmVzaFRva2Vuc1sibGF0ZXN0X3JlZnJlc2hfdG9rZW4iXTsKICAgICAgICAgICAgICAgICAgICBjb25zdCBpc0Rvd25zY29waW5nID0gY2hlY2tEb3duc2NvcGluZyhzY29wZSwgYXVkaWVuY2UpOwogICAgICAgICAgICAgICAgICAgIGlmIChsYXRlc3RSZWZyZXNoVG9rZW4gJiYgIWlzRG93bnNjb3BpbmcpIHsKICAgICAgICAgICAgICAgICAgICAgICAgcmVmcmVzaFRva2VuID0gbGF0ZXN0UmVmcmVzaFRva2VuOwogICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIGlmICghcmVmcmVzaFRva2VuKSB7CiAgICAgICAgICAgICAgICAgICAgdGhyb3cgbmV3IE1pc3NpbmdSZWZyZXNoVG9rZW5FcnJvcihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgZmV0Y2hPcHRpb25zLmJvZHkgPSB1c2VGb3JtRGF0YSA/IGNyZWF0ZVF1ZXJ5UGFyYW1zKE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSwgYm9keSksIHsKICAgICAgICAgICAgICAgICAgICByZWZyZXNoX3Rva2VuOiByZWZyZXNoVG9rZW4KICAgICAgICAgICAgICAgIH0pKSA6IEpTT04uc3RyaW5naWZ5KE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSwgYm9keSksIHsKICAgICAgICAgICAgICAgICAgICByZWZyZXNoX3Rva2VuOiByZWZyZXNoVG9rZW4KICAgICAgICAgICAgICAgIH0pKTsKICAgICAgICAgICAgfQogICAgICAgICAgICBsZXQgYWJvcnRDb250cm9sbGVyOwogICAgICAgICAgICBpZiAodHlwZW9mIEFib3J0Q29udHJvbGxlciA9PT0gImZ1bmN0aW9uIikgewogICAgICAgICAgICAgICAgYWJvcnRDb250cm9sbGVyID0gbmV3IEFib3J0Q29udHJvbGxlcjsKICAgICAgICAgICAgICAgIGZldGNoT3B0aW9ucy5zaWduYWwgPSBhYm9ydENvbnRyb2xsZXIuc2lnbmFsOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGxldCByZXNwb25zZTsKICAgICAgICAgICAgdHJ5IHsKICAgICAgICAgICAgICAgIHJlc3BvbnNlID0gYXdhaXQgUHJvbWlzZS5yYWNlKFsgd2FpdCh0aW1lb3V0KSwgZmV0Y2goZmV0Y2hVcmwsIE9iamVjdC5hc3NpZ24oe30sIGZldGNoT3B0aW9ucykpIF0pOwogICAgICAgICAgICB9IGNhdGNoIChlcnJvcikgewogICAgICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICAgICAgZXJyb3I6IGVycm9yLm1lc3NhZ2UKICAgICAgICAgICAgICAgIH0pOwogICAgICAgICAgICAgICAgcmV0dXJuOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGlmICghcmVzcG9uc2UpIHsKICAgICAgICAgICAgICAgIGlmIChhYm9ydENvbnRyb2xsZXIpIGFib3J0Q29udHJvbGxlci5hYm9ydCgpOwogICAgICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICAgICAgZXJyb3I6ICJUaW1lb3V0IHdoZW4gZXhlY3V0aW5nICdmZXRjaCciCiAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgfQogICAgICAgICAgICBoZWFkZXJzID0gZnJvbUVudHJpZXMocmVzcG9uc2UuaGVhZGVycyk7CiAgICAgICAgICAgIGpzb24gPSBhd2FpdCByZXNwb25zZS5qc29uKCk7CiAgICAgICAgICAgIGlmIChqc29uLnJlZnJlc2hfdG9rZW4pIHsKICAgICAgICAgICAgICAgIGlmICh1c2VNcnJ0KSB7CiAgICAgICAgICAgICAgICAgICAgcmVmcmVzaFRva2Vuc1sibGF0ZXN0X3JlZnJlc2hfdG9rZW4iXSA9IGpzb24ucmVmcmVzaF90b2tlbjsKICAgICAgICAgICAgICAgICAgICB1cGRhdGVSZWZyZXNoVG9rZW5zKHJlZnJlc2hUb2tlbiwganNvbi5yZWZyZXNoX3Rva2VuKTsKICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIHNldFJlZnJlc2hUb2tlbihqc29uLnJlZnJlc2hfdG9rZW4sIGF1ZGllbmNlLCBzY29wZSk7CiAgICAgICAgICAgICAgICBkZWxldGUganNvbi5yZWZyZXNoX3Rva2VuOwogICAgICAgICAgICB9IGVsc2UgewogICAgICAgICAgICAgICAgZGVsZXRlUmVmcmVzaFRva2VuKGF1ZGllbmNlLCBzY29wZSk7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICBvazogcmVzcG9uc2Uub2ssCiAgICAgICAgICAgICAgICBqc29uOiBqc29uLAogICAgICAgICAgICAgICAgaGVhZGVyczogaGVhZGVycwogICAgICAgICAgICB9KTsKICAgICAgICB9IGNhdGNoIChlcnJvcikgewogICAgICAgICAgICBwb3J0LnBvc3RNZXNzYWdlKHsKICAgICAgICAgICAgICAgIG9rOiBmYWxzZSwKICAgICAgICAgICAgICAgIGpzb246IHsKICAgICAgICAgICAgICAgICAgICBlcnJvcjogZXJyb3IuZXJyb3IsCiAgICAgICAgICAgICAgICAgICAgZXJyb3JfZGVzY3JpcHRpb246IGVycm9yLm1lc3NhZ2UKICAgICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgICBoZWFkZXJzOiBoZWFkZXJzCiAgICAgICAgICAgIH0pOwogICAgICAgIH0KICAgIH07CiAgICB7CiAgICAgICAgYWRkRXZlbnRMaXN0ZW5lcigibWVzc2FnZSIsIG1lc3NhZ2VIYW5kbGVyKTsKICAgIH0KfSkoKTsKCg==", null, false);
|
|
1789
1813
|
const singlePromiseMap = {};
|
|
1790
1814
|
const singlePromise = (cb, key) => {
|
|
1791
1815
|
let promise = singlePromiseMap[key];
|
|
@@ -1877,6 +1901,12 @@
|
|
|
1877
1901
|
const scopesToInclude = (scopeToInclude === null || scopeToInclude === void 0 ? void 0 : scopeToInclude.split(" ")) || [];
|
|
1878
1902
|
return scopesToInclude.every((key => scopeGroup.includes(key)));
|
|
1879
1903
|
};
|
|
1904
|
+
const getMissingScopes = (requestedScope, respondedScope) => {
|
|
1905
|
+
const requestedScopes = (requestedScope === null || requestedScope === void 0 ? void 0 : requestedScope.split(" ")) || [];
|
|
1906
|
+
const respondedScopes = (respondedScope === null || respondedScope === void 0 ? void 0 : respondedScope.split(" ")) || [];
|
|
1907
|
+
const missingScopes = requestedScopes.filter((scope => respondedScopes.indexOf(scope) == -1));
|
|
1908
|
+
return missingScopes.join(",");
|
|
1909
|
+
};
|
|
1880
1910
|
const getScopeToRequest = (useMrrt, authorizationParams, cachedAudience, cachedScope) => {
|
|
1881
1911
|
var _a;
|
|
1882
1912
|
if (useMrrt && cachedAudience && cachedScope) {
|
|
@@ -2002,6 +2032,11 @@
|
|
|
2002
2032
|
await Promise.all([ this.storage.clearNonces(), this.storage.clearKeyPairs() ]);
|
|
2003
2033
|
}
|
|
2004
2034
|
}
|
|
2035
|
+
var TokenType;
|
|
2036
|
+
(function(TokenType) {
|
|
2037
|
+
TokenType["Bearer"] = "Bearer";
|
|
2038
|
+
TokenType["DPoP"] = "DPoP";
|
|
2039
|
+
})(TokenType || (TokenType = {}));
|
|
2005
2040
|
class Fetcher {
|
|
2006
2041
|
constructor(config, hooks) {
|
|
2007
2042
|
this.hooks = hooks;
|
|
@@ -2026,15 +2061,25 @@
|
|
|
2026
2061
|
getAccessToken(authParams) {
|
|
2027
2062
|
return this.config.getAccessToken ? this.config.getAccessToken(authParams) : this.hooks.getAccessToken(authParams);
|
|
2028
2063
|
}
|
|
2064
|
+
extractUrl(info) {
|
|
2065
|
+
if (typeof info === "string") {
|
|
2066
|
+
return info;
|
|
2067
|
+
}
|
|
2068
|
+
if (info instanceof URL) {
|
|
2069
|
+
return info.href;
|
|
2070
|
+
}
|
|
2071
|
+
return info.url;
|
|
2072
|
+
}
|
|
2029
2073
|
buildBaseRequest(info, init) {
|
|
2030
|
-
const request = new Request(info, init);
|
|
2031
2074
|
if (!this.config.baseUrl) {
|
|
2032
|
-
return
|
|
2075
|
+
return new Request(info, init);
|
|
2033
2076
|
}
|
|
2034
|
-
|
|
2077
|
+
const finalUrl = this.buildUrl(this.config.baseUrl, this.extractUrl(info));
|
|
2078
|
+
const finalInfo = info instanceof Request ? new Request(finalUrl, info) : finalUrl;
|
|
2079
|
+
return new Request(finalInfo, init);
|
|
2035
2080
|
}
|
|
2036
|
-
|
|
2037
|
-
request.headers.set("authorization", `${
|
|
2081
|
+
setAuthorizationHeader(request, accessToken, tokenType = TokenType.Bearer) {
|
|
2082
|
+
request.headers.set("authorization", `${tokenType} ${accessToken}`);
|
|
2038
2083
|
}
|
|
2039
2084
|
async setDpopProofHeader(request, accessToken) {
|
|
2040
2085
|
if (!this.config.dpopNonceId) {
|
|
@@ -2050,9 +2095,20 @@
|
|
|
2050
2095
|
request.headers.set("dpop", dpopProof);
|
|
2051
2096
|
}
|
|
2052
2097
|
async prepareRequest(request, authParams) {
|
|
2053
|
-
const
|
|
2054
|
-
|
|
2055
|
-
|
|
2098
|
+
const accessTokenResponse = await this.getAccessToken(authParams);
|
|
2099
|
+
let tokenType;
|
|
2100
|
+
let accessToken;
|
|
2101
|
+
if (typeof accessTokenResponse === "string") {
|
|
2102
|
+
tokenType = this.config.dpopNonceId ? TokenType.DPoP : TokenType.Bearer;
|
|
2103
|
+
accessToken = accessTokenResponse;
|
|
2104
|
+
} else {
|
|
2105
|
+
tokenType = accessTokenResponse.token_type;
|
|
2106
|
+
accessToken = accessTokenResponse.access_token;
|
|
2107
|
+
}
|
|
2108
|
+
this.setAuthorizationHeader(request, accessToken, tokenType);
|
|
2109
|
+
if (tokenType === TokenType.DPoP) {
|
|
2110
|
+
await this.setDpopProofHeader(request, accessToken);
|
|
2111
|
+
}
|
|
2056
2112
|
}
|
|
2057
2113
|
getHeader(headers, name) {
|
|
2058
2114
|
if (Array.isArray(headers)) {
|
|
@@ -2068,7 +2124,7 @@
|
|
|
2068
2124
|
return false;
|
|
2069
2125
|
}
|
|
2070
2126
|
const wwwAuthHeader = this.getHeader(response.headers, "www-authenticate");
|
|
2071
|
-
return wwwAuthHeader.includes("use_dpop_nonce");
|
|
2127
|
+
return wwwAuthHeader.includes("invalid_dpop_nonce") || wwwAuthHeader.includes("use_dpop_nonce");
|
|
2072
2128
|
}
|
|
2073
2129
|
async handleResponse(response, callbacks) {
|
|
2074
2130
|
const newDpopNonce = this.getHeader(response.headers, DPOP_NONCE_HEADER);
|
|
@@ -2098,6 +2154,63 @@
|
|
|
2098
2154
|
return this.internalFetchWithAuth(info, init, callbacks, authParams);
|
|
2099
2155
|
}
|
|
2100
2156
|
}
|
|
2157
|
+
class MyAccountApiClient {
|
|
2158
|
+
constructor(myAccountFetcher, apiBase) {
|
|
2159
|
+
this.myAccountFetcher = myAccountFetcher;
|
|
2160
|
+
this.apiBase = apiBase;
|
|
2161
|
+
}
|
|
2162
|
+
async connectAccount(params) {
|
|
2163
|
+
const res = await this.myAccountFetcher.fetchWithAuth(`${this.apiBase}v1/connected-accounts/connect`, {
|
|
2164
|
+
method: "POST",
|
|
2165
|
+
headers: {
|
|
2166
|
+
"Content-Type": "application/json"
|
|
2167
|
+
},
|
|
2168
|
+
body: JSON.stringify(params)
|
|
2169
|
+
});
|
|
2170
|
+
return this._handleResponse(res);
|
|
2171
|
+
}
|
|
2172
|
+
async completeAccount(params) {
|
|
2173
|
+
const res = await this.myAccountFetcher.fetchWithAuth(`${this.apiBase}v1/connected-accounts/complete`, {
|
|
2174
|
+
method: "POST",
|
|
2175
|
+
headers: {
|
|
2176
|
+
"Content-Type": "application/json"
|
|
2177
|
+
},
|
|
2178
|
+
body: JSON.stringify(params)
|
|
2179
|
+
});
|
|
2180
|
+
return this._handleResponse(res);
|
|
2181
|
+
}
|
|
2182
|
+
async _handleResponse(res) {
|
|
2183
|
+
let body;
|
|
2184
|
+
try {
|
|
2185
|
+
body = await res.text();
|
|
2186
|
+
body = JSON.parse(body);
|
|
2187
|
+
} catch (err) {
|
|
2188
|
+
throw new MyAccountApiError({
|
|
2189
|
+
type: "invalid_json",
|
|
2190
|
+
status: res.status,
|
|
2191
|
+
title: "Invalid JSON response",
|
|
2192
|
+
detail: body || String(err)
|
|
2193
|
+
});
|
|
2194
|
+
}
|
|
2195
|
+
if (res.ok) {
|
|
2196
|
+
return body;
|
|
2197
|
+
} else {
|
|
2198
|
+
throw new MyAccountApiError(body);
|
|
2199
|
+
}
|
|
2200
|
+
}
|
|
2201
|
+
}
|
|
2202
|
+
class MyAccountApiError extends Error {
|
|
2203
|
+
constructor({type: type, status: status, title: title, detail: detail, validation_errors: validation_errors}) {
|
|
2204
|
+
super(detail);
|
|
2205
|
+
this.name = "MyAccountApiError";
|
|
2206
|
+
this.type = type;
|
|
2207
|
+
this.status = status;
|
|
2208
|
+
this.title = title;
|
|
2209
|
+
this.detail = detail;
|
|
2210
|
+
this.validation_errors = validation_errors;
|
|
2211
|
+
Object.setPrototypeOf(this, MyAccountApiError.prototype);
|
|
2212
|
+
}
|
|
2213
|
+
}
|
|
2101
2214
|
const lock = new Lock;
|
|
2102
2215
|
class Auth0Client {
|
|
2103
2216
|
constructor(options) {
|
|
@@ -2144,6 +2257,19 @@
|
|
|
2144
2257
|
this.dpop = this.options.useDpop ? new Dpop(this.options.clientId) : undefined;
|
|
2145
2258
|
this.domainUrl = getDomain(this.options.domain);
|
|
2146
2259
|
this.tokenIssuer = getTokenIssuer(this.options.issuer, this.domainUrl);
|
|
2260
|
+
const myAccountApiIdentifier = `${this.domainUrl}/me/`;
|
|
2261
|
+
const myAccountFetcher = this.createFetcher(Object.assign(Object.assign({}, this.options.useDpop && {
|
|
2262
|
+
dpopNonceId: "__auth0_my_account_api__"
|
|
2263
|
+
}), {
|
|
2264
|
+
getAccessToken: () => this.getTokenSilently({
|
|
2265
|
+
authorizationParams: {
|
|
2266
|
+
scope: "create:me:connected_accounts",
|
|
2267
|
+
audience: myAccountApiIdentifier
|
|
2268
|
+
},
|
|
2269
|
+
detailedResponse: true
|
|
2270
|
+
})
|
|
2271
|
+
}));
|
|
2272
|
+
this.myAccountApi = new MyAccountApiClient(myAccountFetcher, myAccountApiIdentifier);
|
|
2147
2273
|
if (typeof window !== "undefined" && window.Worker && this.options.useRefreshTokens && cacheLocation === CACHE_LOCATION_MEMORY) {
|
|
2148
2274
|
if (this.options.workerUrl) {
|
|
2149
2275
|
this.worker = new Worker(this.options.workerUrl);
|
|
@@ -2253,7 +2379,8 @@
|
|
|
2253
2379
|
const organization = ((_a = urlOptions.authorizationParams) === null || _a === void 0 ? void 0 : _a.organization) || this.options.authorizationParams.organization;
|
|
2254
2380
|
const _c = await this._prepareAuthorizeUrl(urlOptions.authorizationParams || {}), {url: url} = _c, transaction = __rest(_c, [ "url" ]);
|
|
2255
2381
|
this.transactionManager.create(Object.assign(Object.assign(Object.assign({}, transaction), {
|
|
2256
|
-
appState: appState
|
|
2382
|
+
appState: appState,
|
|
2383
|
+
response_type: exports.ResponseType.Code
|
|
2257
2384
|
}), organization && {
|
|
2258
2385
|
organization: organization
|
|
2259
2386
|
}));
|
|
@@ -2269,12 +2396,19 @@
|
|
|
2269
2396
|
if (queryStringFragments.length === 0) {
|
|
2270
2397
|
throw new Error("There are no query params available for parsing.");
|
|
2271
2398
|
}
|
|
2272
|
-
const {state: state, code: code, error: error, error_description: error_description} = parseAuthenticationResult(queryStringFragments.join(""));
|
|
2273
2399
|
const transaction = this.transactionManager.get();
|
|
2274
2400
|
if (!transaction) {
|
|
2275
2401
|
throw new GenericError("missing_transaction", "Invalid state");
|
|
2276
2402
|
}
|
|
2277
2403
|
this.transactionManager.remove();
|
|
2404
|
+
const authenticationResult = parseAuthenticationResult(queryStringFragments.join(""));
|
|
2405
|
+
if (transaction.response_type === exports.ResponseType.ConnectCode) {
|
|
2406
|
+
return this._handleConnectAccountRedirectCallback(authenticationResult, transaction);
|
|
2407
|
+
}
|
|
2408
|
+
return this._handleLoginRedirectCallback(authenticationResult, transaction);
|
|
2409
|
+
}
|
|
2410
|
+
async _handleLoginRedirectCallback(authenticationResult, transaction) {
|
|
2411
|
+
const {code: code, state: state, error: error, error_description: error_description} = authenticationResult;
|
|
2278
2412
|
if (error) {
|
|
2279
2413
|
throw new AuthenticationError(error, error_description || error, state, transaction.appState);
|
|
2280
2414
|
}
|
|
@@ -2297,9 +2431,32 @@
|
|
|
2297
2431
|
organization: organization
|
|
2298
2432
|
});
|
|
2299
2433
|
return {
|
|
2300
|
-
appState: transaction.appState
|
|
2434
|
+
appState: transaction.appState,
|
|
2435
|
+
response_type: exports.ResponseType.Code
|
|
2301
2436
|
};
|
|
2302
2437
|
}
|
|
2438
|
+
async _handleConnectAccountRedirectCallback(connectResult, transaction) {
|
|
2439
|
+
const {connect_code: connect_code, state: state, error: error, error_description: error_description} = connectResult;
|
|
2440
|
+
if (error) {
|
|
2441
|
+
throw new ConnectError(error, error_description || error, transaction.connection, state, transaction.appState);
|
|
2442
|
+
}
|
|
2443
|
+
if (!connect_code) {
|
|
2444
|
+
throw new GenericError("missing_connect_code", "Missing connect code");
|
|
2445
|
+
}
|
|
2446
|
+
if (!transaction.code_verifier || !transaction.state || !transaction.auth_session || !transaction.redirect_uri || transaction.state !== state) {
|
|
2447
|
+
throw new GenericError("state_mismatch", "Invalid state");
|
|
2448
|
+
}
|
|
2449
|
+
const data = await this.myAccountApi.completeAccount({
|
|
2450
|
+
auth_session: transaction.auth_session,
|
|
2451
|
+
connect_code: connect_code,
|
|
2452
|
+
redirect_uri: transaction.redirect_uri,
|
|
2453
|
+
code_verifier: transaction.code_verifier
|
|
2454
|
+
});
|
|
2455
|
+
return Object.assign(Object.assign({}, data), {
|
|
2456
|
+
appState: transaction.appState,
|
|
2457
|
+
response_type: exports.ResponseType.ConnectCode
|
|
2458
|
+
});
|
|
2459
|
+
}
|
|
2303
2460
|
async checkSession(options) {
|
|
2304
2461
|
if (!this.cookieStorage.get(this.isAuthenticatedCookieName)) {
|
|
2305
2462
|
if (!this.cookieStorage.get(OLD_IS_AUTHENTICATED_COOKIE_NAME)) {
|
|
@@ -2518,7 +2675,8 @@
|
|
|
2518
2675
|
if (this.options.useRefreshTokensFallback) {
|
|
2519
2676
|
return await this._getTokenFromIFrame(options);
|
|
2520
2677
|
}
|
|
2521
|
-
|
|
2678
|
+
const missingScopes = getMissingScopes(scopesToRequest, tokenResult.scope);
|
|
2679
|
+
throw new MissingScopesError(options.authorizationParams.audience || "default", missingScopes);
|
|
2522
2680
|
}
|
|
2523
2681
|
}
|
|
2524
2682
|
}
|
|
@@ -2636,9 +2794,6 @@
|
|
|
2636
2794
|
return this.dpop.generateProof(params);
|
|
2637
2795
|
}
|
|
2638
2796
|
createFetcher(config = {}) {
|
|
2639
|
-
if (this.options.useDpop && !config.dpopNonceId) {
|
|
2640
|
-
throw new TypeError("When `useDpop` is enabled, `dpopNonceId` must be set when calling `createFetcher()`.");
|
|
2641
|
-
}
|
|
2642
2797
|
return new Fetcher(config, {
|
|
2643
2798
|
isDpopEnabled: () => !!this.options.useDpop,
|
|
2644
2799
|
getAccessToken: authParams => {
|
|
@@ -2647,16 +2802,50 @@
|
|
|
2647
2802
|
authorizationParams: {
|
|
2648
2803
|
scope: (_a = authParams === null || authParams === void 0 ? void 0 : authParams.scope) === null || _a === void 0 ? void 0 : _a.join(" "),
|
|
2649
2804
|
audience: authParams === null || authParams === void 0 ? void 0 : authParams.audience
|
|
2650
|
-
}
|
|
2805
|
+
},
|
|
2806
|
+
detailedResponse: true
|
|
2651
2807
|
});
|
|
2652
2808
|
},
|
|
2653
2809
|
getDpopNonce: () => this.getDpopNonce(config.dpopNonceId),
|
|
2654
|
-
setDpopNonce: nonce => this.setDpopNonce(nonce),
|
|
2810
|
+
setDpopNonce: nonce => this.setDpopNonce(nonce, config.dpopNonceId),
|
|
2655
2811
|
generateDpopProof: params => this.generateDpopProof(params)
|
|
2656
2812
|
});
|
|
2657
2813
|
}
|
|
2814
|
+
async connectAccountWithRedirect(options) {
|
|
2815
|
+
const {openUrl: openUrl, appState: appState, connection: connection, authorization_params: authorization_params, redirectUri: redirectUri = this.options.authorizationParams.redirect_uri || window.location.origin} = options;
|
|
2816
|
+
if (!connection) {
|
|
2817
|
+
throw new Error("connection is required");
|
|
2818
|
+
}
|
|
2819
|
+
const state = encode(createRandomString());
|
|
2820
|
+
const code_verifier = createRandomString();
|
|
2821
|
+
const code_challengeBuffer = await sha256(code_verifier);
|
|
2822
|
+
const code_challenge = bufferToBase64UrlEncoded(code_challengeBuffer);
|
|
2823
|
+
const {connect_uri: connect_uri, connect_params: connect_params, auth_session: auth_session} = await this.myAccountApi.connectAccount({
|
|
2824
|
+
connection: connection,
|
|
2825
|
+
redirect_uri: redirectUri,
|
|
2826
|
+
state: state,
|
|
2827
|
+
code_challenge: code_challenge,
|
|
2828
|
+
code_challenge_method: "S256",
|
|
2829
|
+
authorization_params: authorization_params
|
|
2830
|
+
});
|
|
2831
|
+
this.transactionManager.create({
|
|
2832
|
+
state: state,
|
|
2833
|
+
code_verifier: code_verifier,
|
|
2834
|
+
auth_session: auth_session,
|
|
2835
|
+
redirect_uri: redirectUri,
|
|
2836
|
+
appState: appState,
|
|
2837
|
+
connection: connection,
|
|
2838
|
+
response_type: exports.ResponseType.ConnectCode
|
|
2839
|
+
});
|
|
2840
|
+
const url = new URL(connect_uri);
|
|
2841
|
+
url.searchParams.set("ticket", connect_params.ticket);
|
|
2842
|
+
if (openUrl) {
|
|
2843
|
+
await openUrl(url.toString());
|
|
2844
|
+
} else {
|
|
2845
|
+
window.location.assign(url);
|
|
2846
|
+
}
|
|
2847
|
+
}
|
|
2658
2848
|
}
|
|
2659
|
-
class User {}
|
|
2660
2849
|
async function createAuth0Client(options) {
|
|
2661
2850
|
const auth0 = new Auth0Client(options);
|
|
2662
2851
|
await auth0.checkSession();
|
|
@@ -2665,11 +2854,13 @@
|
|
|
2665
2854
|
exports.Auth0Client = Auth0Client;
|
|
2666
2855
|
exports.AuthenticationError = AuthenticationError;
|
|
2667
2856
|
exports.CacheKey = CacheKey;
|
|
2857
|
+
exports.ConnectError = ConnectError;
|
|
2668
2858
|
exports.GenericError = GenericError;
|
|
2669
2859
|
exports.InMemoryCache = InMemoryCache;
|
|
2670
2860
|
exports.LocalStorageCache = LocalStorageCache;
|
|
2671
2861
|
exports.MfaRequiredError = MfaRequiredError;
|
|
2672
2862
|
exports.MissingRefreshTokenError = MissingRefreshTokenError;
|
|
2863
|
+
exports.MyAccountApiError = MyAccountApiError;
|
|
2673
2864
|
exports.PopupCancelledError = PopupCancelledError;
|
|
2674
2865
|
exports.PopupTimeoutError = PopupTimeoutError;
|
|
2675
2866
|
exports.TimeoutError = TimeoutError;
|