@auth0/auth0-spa-js 2.8.0 → 2.9.0

package/dist/typings/Auth0Client.d.ts

@@ -305,9 +305,12 @@ export declare class Auth0Client {
      * Initiates a redirect to connect the user's account with a specified connection.
      * This method generates PKCE parameters, creates a transaction, and redirects to the /connect endpoint.
      *
+     * You must enable `Offline Access` from the Connection Permissions settings to be able to use the connection with Connected Accounts.
+     *
      * @template TAppState - The application state to persist through the transaction.
      * @param {RedirectConnectAccountOptions<TAppState>} options - Options for the connect account redirect flow.
      * @param   {string} options.connection - The name of the connection to link (e.g. 'google-oauth2').
+     * @param   {string[]} [options.scopes] - Array of scopes to request from the Identity Provider during the connect account flow.
      * @param   {AuthorizationParams} [options.authorization_params] - Additional authorization parameters for the request to the upstream IdP.
      * @param   {string} [options.redirectUri] - The URI to redirect back to after connecting the account.
      * @param   {TAppState} [options.appState] - Application state to persist through the transaction.

package/dist/typings/MyAccountApiClient.d.ts

@@ -3,12 +3,12 @@ import { Fetcher } from './fetcher';
 interface ConnectRequest {
     /** The name of the connection to link the account with (e.g., 'google-oauth2', 'facebook'). */
     connection: string;
+    /** Array of scopes to request from the Identity Provider during the connect account flow. */
+    scopes?: string[];
     /** The URI to redirect to after the connection process completes. */
     redirect_uri: string;
     /** An opaque value used to maintain state between the request and callback. */
     state?: string;
-    /** A string value used to associate a Client session with an ID Token, and to mitigate replay attacks. */
-    nonce?: string;
     /** The PKCE code challenge derived from the code verifier. */
     code_challenge?: string;
     /** The method used to derive the code challenge. Required when code_challenge is provided. */

package/dist/typings/global.d.ts

@@ -497,22 +497,22 @@ export interface RedirectConnectAccountOptions<TAppState = any> {
      */
     connection: string;
     /**
-     * Additional authorization parameters for the request.
+     * Array of scopes to request from the Identity Provider during the connect account flow.
      *
      * @example
      * await auth0.connectAccountWithRedirect({
      *   connection: 'google-oauth2',
-     *   authorization_params: {
-     *     scope: 'https://www.googleapis.com/auth/calendar'
-     *     access_type: 'offline'
-     *   }
+     *   scopes: ['https://www.googleapis.com/auth/calendar']
      * });
+     */
+    scopes?: string[];
+    /**
+     * Additional authorization parameters for the request.
      *
      * @example
      * await auth0.connectAccountWithRedirect({
      *   connection: 'github',
      *   authorization_params: {
-     *     scope: 'repo user',
      *     audience: 'https://api.github.com'
      *   }
      * });

package/dist/typings/version.d.ts

@@ -1,2 +1,2 @@
-declare const _default: "2.8.0";
+declare const _default: "2.9.0";
 export default _default;

package/package.json

@@ -3,7 +3,7 @@
   "name": "@auth0/auth0-spa-js",
   "description": "Auth0 SDK for Single Page Applications using Authorization Code Grant Flow with PKCE",
   "license": "MIT",
-  "version": "2.8.0",
+  "version": "2.9.0",
   "main": "dist/lib/auth0-spa-js.cjs.js",
   "types": "dist/typings/index.d.ts",
   "module": "dist/auth0-spa-js.production.esm.js",
@@ -53,7 +53,7 @@
     "publish:cdn": "ccu --trace"
   },
   "devDependencies": {
-    "@auth0/component-cdn-uploader": "^2.2.2",
+    "@auth0/component-cdn-uploader": "^2.4.0",
     "@rollup/plugin-replace": "^4.0.0",
     "@types/cypress": "^1.1.3",
     "@types/jest": "^28.1.7",

package/src/Auth0Client.ts

@@ -1547,10 +1547,13 @@ export class Auth0Client {
   /**
    * Initiates a redirect to connect the user's account with a specified connection.
    * This method generates PKCE parameters, creates a transaction, and redirects to the /connect endpoint.
+   * 
+   * You must enable `Offline Access` from the Connection Permissions settings to be able to use the connection with Connected Accounts.
    *
    * @template TAppState - The application state to persist through the transaction.
    * @param {RedirectConnectAccountOptions<TAppState>} options - Options for the connect account redirect flow.
    * @param   {string} options.connection - The name of the connection to link (e.g. 'google-oauth2').
+   * @param   {string[]} [options.scopes] - Array of scopes to request from the Identity Provider during the connect account flow.
    * @param   {AuthorizationParams} [options.authorization_params] - Additional authorization parameters for the request to the upstream IdP.
    * @param   {string} [options.redirectUri] - The URI to redirect back to after connecting the account.
    * @param   {TAppState} [options.appState] - Application state to persist through the transaction.
@@ -1566,6 +1569,7 @@ export class Auth0Client {
       openUrl,
       appState,
       connection,
+      scopes,
       authorization_params,
       redirectUri = this.options.authorizationParams.redirect_uri ||
       window.location.origin
@@ -1583,6 +1587,7 @@ export class Auth0Client {
     const { connect_uri, connect_params, auth_session } =
       await this.myAccountApi.connectAccount({
         connection,
+        scopes,
         redirect_uri: redirectUri,
         state,
         code_challenge,

package/src/MyAccountApiClient.ts

@@ -4,12 +4,12 @@ import { Fetcher } from './fetcher';
 interface ConnectRequest {
   /** The name of the connection to link the account with (e.g., 'google-oauth2', 'facebook'). */
   connection: string;
+  /** Array of scopes to request from the Identity Provider during the connect account flow. */
+  scopes?: string[];
   /** The URI to redirect to after the connection process completes. */
   redirect_uri: string;
   /** An opaque value used to maintain state between the request and callback. */
   state?: string;
-  /** A string value used to associate a Client session with an ID Token, and to mitigate replay attacks. */
-  nonce?: string;
   /** The PKCE code challenge derived from the code verifier. */
   code_challenge?: string;
   /** The method used to derive the code challenge. Required when code_challenge is provided. */

package/src/global.ts

@@ -556,22 +556,23 @@ export interface RedirectConnectAccountOptions<TAppState = any> {
   connection: string;
 
   /**
-   * Additional authorization parameters for the request.
-   *
+   * Array of scopes to request from the Identity Provider during the connect account flow.
+   * 
    * @example
    * await auth0.connectAccountWithRedirect({
    *   connection: 'google-oauth2',
-   *   authorization_params: {
-   *     scope: 'https://www.googleapis.com/auth/calendar'
-   *     access_type: 'offline'
-   *   }
+   *   scopes: ['https://www.googleapis.com/auth/calendar']
    * });
+   */
+  scopes?: string[];
+
+  /**
+   * Additional authorization parameters for the request.
    *
    * @example
    * await auth0.connectAccountWithRedirect({
    *   connection: 'github',
    *   authorization_params: {
-   *     scope: 'repo user',
    *     audience: 'https://api.github.com'
    *   }
    * });

package/src/version.ts

@@ -1 +1 @@
-export default '2.8.0';
+export default '2.9.0';