@forgerock/login-widget 1.2.0-beta.3 → 1.2.0-beta.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -1,3 +1,18 @@
1
+ # [1.2.0-beta.5](https://github.com/forgerock/forgerock-web-login-framework/compare/v1.2.0-beta.4...v1.2.0-beta.5) (2023-10-10)
2
+
3
+
4
+ ### Bug Fixes
5
+
6
+ * **zod:** improve the use of zod for configuration strictness ([25c330b](https://github.com/forgerock/forgerock-web-login-framework/commit/25c330b17a3289cccf8dd459f0ae71a05fd3f32a))
7
+
8
+ # [1.2.0-beta.4](https://github.com/forgerock/forgerock-web-login-framework/compare/v1.2.0-beta.3...v1.2.0-beta.4) (2023-10-05)
9
+
10
+
11
+ ### Bug Fixes
12
+
13
+ * **css:** fix base css with link specificity issue ([e7d69bf](https://github.com/forgerock/forgerock-web-login-framework/commit/e7d69bf3675d175628afe284bc3d94c07ff370ab))
14
+ * **widget-api:** fix oauth and user disablement in journey config ([c527d38](https://github.com/forgerock/forgerock-web-login-framework/commit/c527d3806258a18e9b4a6b387e74b6e4951948d9))
15
+
1
16
  # [1.2.0-beta.3](https://github.com/forgerock/forgerock-web-login-framework/compare/v1.2.0-beta.2...v1.2.0-beta.3) (2023-10-05)
2
17
 
3
18
 
package/index.cjs CHANGED
@@ -5536,7 +5536,8 @@ class ParseStatus {
5536
5536
  status.dirty();
5537
5537
  if (value.status === "dirty")
5538
5538
  status.dirty();
5539
- if (typeof value.value !== "undefined" || pair.alwaysSet) {
5539
+ if (key.value !== "__proto__" &&
5540
+ (typeof value.value !== "undefined" || pair.alwaysSet)) {
5540
5541
  finalObject[key.value] = value.value;
5541
5542
  }
5542
5543
  }
@@ -5644,6 +5645,7 @@ class ZodType {
5644
5645
  this.catch = this.catch.bind(this);
5645
5646
  this.describe = this.describe.bind(this);
5646
5647
  this.pipe = this.pipe.bind(this);
5648
+ this.readonly = this.readonly.bind(this);
5647
5649
  this.isNullable = this.isNullable.bind(this);
5648
5650
  this.isOptional = this.isOptional.bind(this);
5649
5651
  }
@@ -5860,6 +5862,9 @@ class ZodType {
5860
5862
  pipe(target) {
5861
5863
  return ZodPipeline.create(this, target);
5862
5864
  }
5865
+ readonly() {
5866
+ return ZodReadonly.create(this);
5867
+ }
5863
5868
  isOptional() {
5864
5869
  return this.safeParse(undefined).success;
5865
5870
  }
@@ -5870,14 +5875,24 @@ class ZodType {
5870
5875
  const cuidRegex = /^c[^\s-]{8,}$/i;
5871
5876
  const cuid2Regex = /^[a-z][a-z0-9]*$/;
5872
5877
  const ulidRegex = /[0-9A-HJKMNP-TV-Z]{26}/;
5873
- const uuidRegex = /^([a-f0-9]{8}-[a-f0-9]{4}-[1-5][a-f0-9]{3}-[a-f0-9]{4}-[a-f0-9]{12}|00000000-0000-0000-0000-000000000000)$/i;
5878
+ // const uuidRegex =
5879
+ // /^([a-f0-9]{8}-[a-f0-9]{4}-[1-5][a-f0-9]{3}-[a-f0-9]{4}-[a-f0-9]{12}|00000000-0000-0000-0000-000000000000)$/i;
5880
+ const uuidRegex = /^[0-9a-fA-F]{8}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{12}$/i;
5874
5881
  // from https://stackoverflow.com/a/46181/1550155
5875
5882
  // old version: too slow, didn't support unicode
5876
5883
  // const emailRegex = /^((([a-z]|\d|[!#\$%&'\*\+\-\/=\?\^_`{\|}~]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+(\.([a-z]|\d|[!#\$%&'\*\+\-\/=\?\^_`{\|}~]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+)*)|((\x22)((((\x20|\x09)*(\x0d\x0a))?(\x20|\x09)+)?(([\x01-\x08\x0b\x0c\x0e-\x1f\x7f]|\x21|[\x23-\x5b]|[\x5d-\x7e]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(\\([\x01-\x09\x0b\x0c\x0d-\x7f]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]))))*(((\x20|\x09)*(\x0d\x0a))?(\x20|\x09)+)?(\x22)))@((([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.)+(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))$/i;
5877
5884
  //old email regex
5878
5885
  // const emailRegex = /^(([^<>()[\].,;:\s@"]+(\.[^<>()[\].,;:\s@"]+)*)|(".+"))@((?!-)([^<>()[\].,;:\s@"]+\.)+[^<>()[\].,;:\s@"]{1,})[^-<>()[\].,;:\s@"]$/i;
5879
5886
  // eslint-disable-next-line
5880
- const emailRegex = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[(((25[0-5])|(2[0-4][0-9])|(1[0-9]{2})|([0-9]{1,2}))\.){3}((25[0-5])|(2[0-4][0-9])|(1[0-9]{2})|([0-9]{1,2}))\])|(\[IPv6:(([a-f0-9]{1,4}:){7}|::([a-f0-9]{1,4}:){0,6}|([a-f0-9]{1,4}:){1}:([a-f0-9]{1,4}:){0,5}|([a-f0-9]{1,4}:){2}:([a-f0-9]{1,4}:){0,4}|([a-f0-9]{1,4}:){3}:([a-f0-9]{1,4}:){0,3}|([a-f0-9]{1,4}:){4}:([a-f0-9]{1,4}:){0,2}|([a-f0-9]{1,4}:){5}:([a-f0-9]{1,4}:){0,1})([a-f0-9]{1,4}|(((25[0-5])|(2[0-4][0-9])|(1[0-9]{2})|([0-9]{1,2}))\.){3}((25[0-5])|(2[0-4][0-9])|(1[0-9]{2})|([0-9]{1,2})))\])|([A-Za-z0-9]([A-Za-z0-9-]*[A-Za-z0-9])*(\.[A-Za-z]{2,})+))$/;
5887
+ // const emailRegex =
5888
+ // /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[(((25[0-5])|(2[0-4][0-9])|(1[0-9]{2})|([0-9]{1,2}))\.){3}((25[0-5])|(2[0-4][0-9])|(1[0-9]{2})|([0-9]{1,2}))\])|(\[IPv6:(([a-f0-9]{1,4}:){7}|::([a-f0-9]{1,4}:){0,6}|([a-f0-9]{1,4}:){1}:([a-f0-9]{1,4}:){0,5}|([a-f0-9]{1,4}:){2}:([a-f0-9]{1,4}:){0,4}|([a-f0-9]{1,4}:){3}:([a-f0-9]{1,4}:){0,3}|([a-f0-9]{1,4}:){4}:([a-f0-9]{1,4}:){0,2}|([a-f0-9]{1,4}:){5}:([a-f0-9]{1,4}:){0,1})([a-f0-9]{1,4}|(((25[0-5])|(2[0-4][0-9])|(1[0-9]{2})|([0-9]{1,2}))\.){3}((25[0-5])|(2[0-4][0-9])|(1[0-9]{2})|([0-9]{1,2})))\])|([A-Za-z0-9]([A-Za-z0-9-]*[A-Za-z0-9])*(\.[A-Za-z]{2,})+))$/;
5889
+ // const emailRegex =
5890
+ // /^[a-zA-Z0-9\.\!\#\$\%\&\'\*\+\/\=\?\^\_\`\{\|\}\~\-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/;
5891
+ // const emailRegex =
5892
+ // /^(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])$/i;
5893
+ const emailRegex = /^(?!\.)(?!.*\.\.)([A-Z0-9_+-\.]*)[A-Z0-9_+-]@([A-Z0-9][A-Z0-9\-]*\.)+[A-Z]{2,}$/i;
5894
+ // const emailRegex =
5895
+ // /^[a-z0-9.!#$%&’*+/=?^_`{|}~-]+@[a-z0-9-]+(?:\.[a-z0-9\-]+)*$/i;
5881
5896
  // from https://thekevinscott.com/emojis-in-javascript/#writing-a-regular-expression
5882
5897
  const emojiRegex = /^(\p{Extended_Pictographic}|\p{Emoji_Component})+$/u;
5883
5898
  const ipv4Regex = /^(((25[0-5])|(2[0-4][0-9])|(1[0-9]{2})|([0-9]{1,2}))\.){3}((25[0-5])|(2[0-4][0-9])|(1[0-9]{2})|([0-9]{1,2}))$/;
@@ -7988,6 +8003,12 @@ class ZodRecord extends ZodType {
7988
8003
  }
7989
8004
  }
7990
8005
  class ZodMap extends ZodType {
8006
+ get keySchema() {
8007
+ return this._def.keyType;
8008
+ }
8009
+ get valueSchema() {
8010
+ return this._def.valueType;
8011
+ }
7991
8012
  _parse(input) {
7992
8013
  const { status, ctx } = this._processInputParams(input);
7993
8014
  if (ctx.parsedType !== ZodParsedType.map) {
@@ -8184,16 +8205,20 @@ class ZodFunction extends ZodType {
8184
8205
  const params = { errorMap: ctx.common.contextualErrorMap };
8185
8206
  const fn = ctx.data;
8186
8207
  if (this._def.returns instanceof ZodPromise) {
8187
- return OK(async (...args) => {
8208
+ // Would love a way to avoid disabling this rule, but we need
8209
+ // an alias (using an arrow function was what caused 2651).
8210
+ // eslint-disable-next-line @typescript-eslint/no-this-alias
8211
+ const me = this;
8212
+ return OK(async function (...args) {
8188
8213
  const error = new ZodError([]);
8189
- const parsedArgs = await this._def.args
8214
+ const parsedArgs = await me._def.args
8190
8215
  .parseAsync(args, params)
8191
8216
  .catch((e) => {
8192
8217
  error.addIssue(makeArgsIssue(args, e));
8193
8218
  throw error;
8194
8219
  });
8195
- const result = await fn(...parsedArgs);
8196
- const parsedReturns = await this._def.returns._def.type
8220
+ const result = await Reflect.apply(fn, this, parsedArgs);
8221
+ const parsedReturns = await me._def.returns._def.type
8197
8222
  .parseAsync(result, params)
8198
8223
  .catch((e) => {
8199
8224
  error.addIssue(makeReturnsIssue(result, e));
@@ -8203,13 +8228,17 @@ class ZodFunction extends ZodType {
8203
8228
  });
8204
8229
  }
8205
8230
  else {
8206
- return OK((...args) => {
8207
- const parsedArgs = this._def.args.safeParse(args, params);
8231
+ // Would love a way to avoid disabling this rule, but we need
8232
+ // an alias (using an arrow function was what caused 2651).
8233
+ // eslint-disable-next-line @typescript-eslint/no-this-alias
8234
+ const me = this;
8235
+ return OK(function (...args) {
8236
+ const parsedArgs = me._def.args.safeParse(args, params);
8208
8237
  if (!parsedArgs.success) {
8209
8238
  throw new ZodError([makeArgsIssue(args, parsedArgs.error)]);
8210
8239
  }
8211
- const result = fn(...parsedArgs.data);
8212
- const parsedReturns = this._def.returns.safeParse(result, params);
8240
+ const result = Reflect.apply(fn, this, parsedArgs.data);
8241
+ const parsedReturns = me._def.returns.safeParse(result, params);
8213
8242
  if (!parsedReturns.success) {
8214
8243
  throw new ZodError([makeReturnsIssue(result, parsedReturns.error)]);
8215
8244
  }
@@ -8297,7 +8326,7 @@ ZodLiteral.create = (value, params) => {
8297
8326
  };
8298
8327
  function createZodEnum(values, params) {
8299
8328
  return new ZodEnum({
8300
- values: values,
8329
+ values,
8301
8330
  typeName: ZodFirstPartyTypeKind.ZodEnum,
8302
8331
  ...processCreateParams(params),
8303
8332
  });
@@ -8439,8 +8468,29 @@ class ZodEffects extends ZodType {
8439
8468
  _parse(input) {
8440
8469
  const { status, ctx } = this._processInputParams(input);
8441
8470
  const effect = this._def.effect || null;
8471
+ const checkCtx = {
8472
+ addIssue: (arg) => {
8473
+ addIssueToContext(ctx, arg);
8474
+ if (arg.fatal) {
8475
+ status.abort();
8476
+ }
8477
+ else {
8478
+ status.dirty();
8479
+ }
8480
+ },
8481
+ get path() {
8482
+ return ctx.path;
8483
+ },
8484
+ };
8485
+ checkCtx.addIssue = checkCtx.addIssue.bind(checkCtx);
8442
8486
  if (effect.type === "preprocess") {
8443
- const processed = effect.transform(ctx.data);
8487
+ const processed = effect.transform(ctx.data, checkCtx);
8488
+ if (ctx.common.issues.length) {
8489
+ return {
8490
+ status: "dirty",
8491
+ value: ctx.data,
8492
+ };
8493
+ }
8444
8494
  if (ctx.common.async) {
8445
8495
  return Promise.resolve(processed).then((processed) => {
8446
8496
  return this._def.schema._parseAsync({
@@ -8458,21 +8508,6 @@ class ZodEffects extends ZodType {
8458
8508
  });
8459
8509
  }
8460
8510
  }
8461
- const checkCtx = {
8462
- addIssue: (arg) => {
8463
- addIssueToContext(ctx, arg);
8464
- if (arg.fatal) {
8465
- status.abort();
8466
- }
8467
- else {
8468
- status.dirty();
8469
- }
8470
- },
8471
- get path() {
8472
- return ctx.path;
8473
- },
8474
- };
8475
- checkCtx.addIssue = checkCtx.addIssue.bind(checkCtx);
8476
8511
  if (effect.type === "refinement") {
8477
8512
  const executeRefinement = (acc
8478
8513
  // effect: RefinementEffect<any>
@@ -8776,6 +8811,22 @@ class ZodPipeline extends ZodType {
8776
8811
  });
8777
8812
  }
8778
8813
  }
8814
+ class ZodReadonly extends ZodType {
8815
+ _parse(input) {
8816
+ const result = this._def.innerType._parse(input);
8817
+ if (isValid(result)) {
8818
+ result.value = Object.freeze(result.value);
8819
+ }
8820
+ return result;
8821
+ }
8822
+ }
8823
+ ZodReadonly.create = (type, params) => {
8824
+ return new ZodReadonly({
8825
+ innerType: type,
8826
+ typeName: ZodFirstPartyTypeKind.ZodReadonly,
8827
+ ...processCreateParams(params),
8828
+ });
8829
+ };
8779
8830
  const custom = (check, params = {},
8780
8831
  /*
8781
8832
  * @deprecated
@@ -8844,6 +8895,7 @@ var ZodFirstPartyTypeKind;
8844
8895
  ZodFirstPartyTypeKind["ZodPromise"] = "ZodPromise";
8845
8896
  ZodFirstPartyTypeKind["ZodBranded"] = "ZodBranded";
8846
8897
  ZodFirstPartyTypeKind["ZodPipeline"] = "ZodPipeline";
8898
+ ZodFirstPartyTypeKind["ZodReadonly"] = "ZodReadonly";
8847
8899
  })(ZodFirstPartyTypeKind || (ZodFirstPartyTypeKind = {}));
8848
8900
  const instanceOfType = (
8849
8901
  // const instanceOfType = <T extends new (...args: any[]) => any>(
@@ -8957,6 +9009,7 @@ var z = /*#__PURE__*/Object.freeze({
8957
9009
  BRAND: BRAND,
8958
9010
  ZodBranded: ZodBranded,
8959
9011
  ZodPipeline: ZodPipeline,
9012
+ ZodReadonly: ZodReadonly,
8960
9013
  custom: custom,
8961
9014
  Schema: ZodType,
8962
9015
  ZodSchema: ZodType,
@@ -9036,7 +9089,8 @@ const configSchema = z
9036
9089
  realmPath: z.string(),
9037
9090
  redirectUri: z.string().optional(),
9038
9091
  scope: z.string().optional(),
9039
- serverConfig: z.object({
9092
+ serverConfig: z
9093
+ .object({
9040
9094
  baseUrl: z
9041
9095
  .string({
9042
9096
  invalid_type_error: '`serverConfig.baseUrl` is a required URL string (this is generated by the Zod library).',
@@ -9047,25 +9101,28 @@ const configSchema = z
9047
9101
  }),
9048
9102
  paths: z
9049
9103
  .object({
9050
- authenticate: z.string(),
9051
- authorize: z.string(),
9052
- accessToken: z.string(),
9053
- endSession: z.string(),
9054
- userInfo: z.string(),
9055
- revoke: z.string(),
9056
- sessions: z.string(),
9104
+ authenticate: z.string().optional(),
9105
+ authorize: z.string().optional(),
9106
+ accessToken: z.string().optional(),
9107
+ endSession: z.string().optional(),
9108
+ userInfo: z.string().optional(),
9109
+ revoke: z.string().optional(),
9110
+ sessions: z.string().optional(),
9057
9111
  })
9112
+ .strict()
9058
9113
  .optional(),
9059
- // TODO: timeout should be optional; fix in SDK
9060
- timeout: z.number({
9114
+ timeout: z
9115
+ .number({
9061
9116
  invalid_type_error: '`serverConfig.timeout` is a required number and in milliseconds (this is generated by the Zod library).',
9062
- required_error: 'Setting the `serverConfig.timeout` is required (this is generated by the Zod library).',
9063
- }),
9064
- }),
9117
+ })
9118
+ .optional(),
9119
+ })
9120
+ .strict(),
9065
9121
  support: z.union([z.literal('legacy'), z.literal('modern')]).optional(),
9066
9122
  tokenStore: z
9067
9123
  .union([
9068
- z.object({
9124
+ z
9125
+ .object({
9069
9126
  get: z
9070
9127
  .function()
9071
9128
  .args(z.string())
@@ -9077,7 +9134,8 @@ const configSchema = z
9077
9134
  }))),
9078
9135
  set: z.function().args(z.string()).returns(z.promise(z.void())),
9079
9136
  remove: z.function().args(z.string()).returns(z.promise(z.void())),
9080
- }),
9137
+ })
9138
+ .strict(),
9081
9139
  z.literal('sessionStorage'),
9082
9140
  z.literal('localStorage'),
9083
9141
  ])
@@ -12019,7 +12077,9 @@ function initialize$3(customLinks) {
12019
12077
  return linksStore;
12020
12078
  }
12021
12079
 
12080
+ const authorizationTimedOut = 'Authorization timed out';
12022
12081
  const interactionNeeded = 'The request requires some interaction that is not allowed.';
12082
+ const timeoutErrorMessage = 'Timeouts are likely an issue with OAuth client misconfiguration. If you are getting a 4xx error in the network tab, copy the full `/authorize` URL and paste it directly into your browsers URL field to directly visit the page. The error should be displayed on the page.';
12023
12083
  const sessionCookieConsentMessage = `The user either doesn't have a valid session, the cookie is not being sent due to third-party cookies being disabled, or the user is needing to provide consent as the OAuth client setting does not have "implied consent" enabled.`;
12024
12084
  const oauthStore = writable({
12025
12085
  completed: false,
@@ -12028,6 +12088,16 @@ const oauthStore = writable({
12028
12088
  successful: false,
12029
12089
  response: null,
12030
12090
  });
12091
+ function getTroubleshootingMessage(message) {
12092
+ switch (message) {
12093
+ case interactionNeeded:
12094
+ return sessionCookieConsentMessage;
12095
+ case authorizationTimedOut:
12096
+ return timeoutErrorMessage;
12097
+ default:
12098
+ return '';
12099
+ }
12100
+ }
12031
12101
  /**
12032
12102
  * @function initialize - Initializes the OAuth store with a get function and a reset function
12033
12103
  * @param {object} initOptions - The options to pass to the TokenManager.getTokens function
@@ -12068,7 +12138,7 @@ function initialize$2(initOptions) {
12068
12138
  completed: true,
12069
12139
  error: {
12070
12140
  message: err.message,
12071
- troubleshoot: err.message === interactionNeeded ? sessionCookieConsentMessage : '',
12141
+ troubleshoot: getTroubleshootingMessage(err.message),
12072
12142
  },
12073
12143
  loading: false,
12074
12144
  successful: false,
@@ -12194,11 +12264,13 @@ const styleSchema = z
12194
12264
  .object({
12195
12265
  header: z.boolean().optional(),
12196
12266
  })
12267
+ .strict()
12197
12268
  .optional(),
12198
12269
  stage: z
12199
12270
  .object({
12200
12271
  icon: z.boolean().optional(),
12201
12272
  })
12273
+ .strict()
12202
12274
  .optional(),
12203
12275
  })
12204
12276
  .strict();
@@ -12331,8 +12403,8 @@ function widgetApiFactory(componentApi) {
12331
12403
  if (!journeyStore || !oauthStore || !userStore) {
12332
12404
  logErrorAndThrow('missingStores');
12333
12405
  }
12334
- const requestsOauth = options?.oauth || true;
12335
- const requestsUser = options?.user || true;
12406
+ const requestsOauth = options?.oauth ?? true;
12407
+ const requestsUser = options?.user ?? true;
12336
12408
  const { subscribe, } = derived([journeyStore, oauthStore, userStore], ([$journeyStore, $oauthStore, $userStore], set) => {
12337
12409
  set({
12338
12410
  journey: $journeyStore,