@schibsted/account-sdk-browser 4.3.0 → 4.5.3

package/CHANGELOG.md

@@ -1,5 +1,33 @@
 # Changelog
 
+## v4.5.3 (2021-11-26)
+
+## Fixes
+* Fix SimplifiedLoginWidgetLoginOptions typo
+
+## v4.5.2 (2021-11-26)
+
+## Fixes
+* Fix SimplifiedLoginWidgetLoginOptions 
+
+## v4.5.1 (2021-11-19)
+
+## Fixes
+* .d.ts files publishing
+
+## v4.5.0 (2021-09-29)
+
+## New features
+* Add Danish env
+
+## Fixes
+* `options` param in `showSimplifiedLoginWidget` function is optional in Typescript now
+
+## v4.4.0 (2021-06-24)
+
+## New features
+* Added optional `options` param to `showSimplifiedLoginWidget` function, allowing to specify widget `encoding`
+
 ## v4.3.0 (2020-12-16)
 
 ## New features

package/README.md

@@ -1,6 +1,6 @@
 [![logo](https://www.schibsted.com/Global/LogoTypes/Logos%202014/SMG_Small_2014_RGB.png)](https://github.com/schibsted/account-sdk-browser)
 
-[![Build Status](https://travis-ci.org/schibsted/account-sdk-browser.svg?branch=master)](https://travis-ci.org/schibsted/account-sdk-browser)
+[![Build Status](https://travis-ci.com/schibsted/account-sdk-browser.svg?branch=master)](https://travis-ci.com/schibsted/account-sdk-browser)
 [![Code coverage](https://codecov.io/gh/schibsted/account-sdk-browser/branch/master/graph/badge.svg)](https://codecov.io/gh/schibsted/account-sdk-browser)
 [![Snyk](https://snyk.io/test/github/schibsted/account-sdk-browser/badge.svg?targetFile=package.json)](https://snyk.io/test/github/schibsted/account-sdk-browser)
 
@@ -150,6 +150,14 @@ them from polyfill.io like this:
 
 <a name="itp-yo"></a>
 
+#### Local development on Chrome version 88 (or higher)
+
+Google Chrome in version 88 (or higher) [introduced changes](https://support.google.com/chrome/a/answer/7679408#88&zippy=%2Cchrome) in the definition of cookies `same-site` attribute. 
+From now on cross-scheme requests (e.g. `http` <-> `https`) will be considered cross-site instead of same-site, hence you may experience problems with localhost development, resulting in `Bad Request` responses from `hasSession` calls.
+While we are working on more permanent resolution of this this issue, as a temporary workaround we can suggest [running your site with HTTPS locally](https://web.dev/how-to-use-local-https/) or disabling `schemeful-same-site` flag in Chrome for the time of local development.
+
+More info: https://web.dev/schemeful-samesite/
+
 ## Notes on Apple Intelligent Tracking Prevention (ITP)
 #### or.. how I learned to stop worrying and ❤️ the Schibsted account session service
 
@@ -240,7 +248,7 @@ import { Identity } from '@schibsted/account-sdk-browser'
 const identity = new Identity({
     clientId: '56e9a5d1eee0000000000000',
     redirectUri: 'https://awesomenews.site', // ensure it's listed in selfservice
-    env: 'PRE', // Schibsted account env. A url or a special key: 'PRE', 'PRO' or 'PRO_NO'
+    env: 'PRE', // Schibsted account env. A url or a special key: 'PRE', 'PRO', 'PRO_NO', 'PRO_FI' or 'PRO_DK'
 })
 
 async function whenSiteLoaded() {

package/es5/global.js

@@ -1988,7 +1988,43 @@ var _require = __webpack_require__(175),
  * @property {string} [locale] - Optional parameter to overwrite client locale setting.
  * New flows supports nb_NO, fi_FI, sv_SE, en_US
  * @property {boolean} [oneStepLogin] - display username and password on one screen
-* @property {string} [prompt] - String that specifies whether the Authorization Server prompts the
+ * @property {string} [prompt] - String that specifies whether the Authorization Server prompts the
+ * End-User for reauthentication or confirm account screen. Supported values: `select_account` or `login`
+ */
+
+/**
+ * @typedef {object} SimplifiedLoginWidgetLoginOptions
+ * @property {string|function(): (string|Promise<string>)} state - An opaque value used by the client to maintain state between
+ * the request and callback. It's also recommended to prevent CSRF {@link https://tools.ietf.org/html/rfc6749#section-10.12}
+ * @property {string} [acrValues] - Authentication Context Class Reference Values. If
+ * omitted, the user will be asked to authenticate using username+password.
+ * For 2FA (Two-Factor Authentication) possible values are `sms`, `otp` (one time password) and
+ * `password` (will force password confirmation, even if user is already logged in). Those values might
+ * be mixed as space-separated string. To make sure that user has authenticated with 2FA you need
+ * to verify AMR (Authentication Methods References) claim in ID token.
+ * Might also be used to ensure additional acr (sms, otp) for already logged in users.
+ * Supported values are also 'otp-email' means one time password using email, and 'otp-sms' means
+ * one time password using sms.
+ * @property {string} [scope] - The OAuth scopes for the tokens. This is a list of
+ * scopes, separated by space. If the list of scopes contains `openid`, the generated tokens
+ * includes the id token which can be useful for getting information about the user. Omitting
+ * scope is allowed, while `invalid_scope` is returned when the client asks for a scope you
+ * aren’t allowed to request. {@link https://tools.ietf.org/html/rfc6749#section-3.3}
+ * @property {string} [redirectUri] - Redirect uri that will receive the
+ * code. Must exactly match a redirectUri from your client in self-service
+ * @property {boolean} [preferPopup] - Should we try to open a popup window?
+ * @property {string} [loginHint] - user email or UUID hint
+ * @property {string} [tag] - Pulse tag
+ * @property {string} [teaser] - Teaser slug. Teaser with given slug will be displayed
+ * in place of default teaser
+ * @property {number|string} [maxAge] - Specifies the allowable elapsed time in seconds since
+ * the last time the End-User was actively authenticated. If last authentication time is more
+ * than maxAge seconds in the past, re-authentication will be required. See the OpenID Connect
+ * spec section 3.1.2.1 for more information
+ * @property {string} [locale] - Optional parameter to overwrite client locale setting.
+ * New flows supports nb_NO, fi_FI, sv_SE, en_US
+ * @property {boolean} [oneStepLogin] - display username and password on one screen
+ * @property {string} [prompt] - String that specifies whether the Authorization Server prompts the
  * End-User for reauthentication or confirm account screen. Supported values: `select_account` or `login`
  */
 
@@ -2044,6 +2080,11 @@ var _require = __webpack_require__(175),
  * @property {string} client_name - Client name
  */
 
+/**
+ * @typedef {object} SimplifiedLoginWidgetOptions
+ * @property {string} encoding - expected encoding of simplified login widget. Could be utf-8 (default), iso-8859-1 or iso-8859-15
+ */
+
 
 var HAS_SESSION_CACHE_KEY = 'hasSession-cache';
 
@@ -2065,7 +2106,7 @@ var Identity = /*#__PURE__*/function (_EventEmitter) {
    * @param {string} options.clientId - Example: "1234567890abcdef12345678"
    * @param {string} options.sessionDomain - Example: "https://id.site.com"
    * @param {string} options.redirectUri - Example: "https://site.com"
-   * @param {string} [options.env=PRE] - Schibsted account environment: `PRE`, `PRO` or `PRO_NO`
+   * @param {string} [options.env=PRE] - Schibsted account environment: `PRE`, `PRO`, `PRO_NO`, `PRO_FI` or `PRO_DK`
    * @param {function} [options.log] - A function that receives debug log information. If not set,
    * no logging will be done
    * @param {object} [options.window] - window object
@@ -2322,7 +2363,7 @@ var Identity = /*#__PURE__*/function (_EventEmitter) {
      * @param {object} [options]
      * @param {number} [options.expiresIn] Override this to set number of seconds before the varnish
      * cookie expires. The default is to use the same time that hasSession responses are cached for
-     * @param {boolean} [options.domain] Override cookie domain. E.g. «vg.no» instead of «www.vg.no»
+     * @param {string} [options.domain] Override cookie domain. E.g. «vg.no» instead of «www.vg.no»
      * @returns {void}
      */
 
@@ -3116,18 +3157,19 @@ var Identity = /*#__PURE__*/function (_EventEmitter) {
      * and store that info in localStorage. Widget will be display only if user is logged in to SSO.
      *
      * @async
-     * @param {LoginOptions} loginParams - the same as `options` param for login function. Login will be called on user
+     * @param {SimplifiedLoginWidgetLoginOptions} loginParams - the same as `options` param for login function. Login will be called on user
      * continue action. `state` might be string or async function.
+     * @param {SimplifiedLoginWidgetOptions} [options] - additional configuration of Simplified Login Widget
      * @return {Promise<boolean|SDKError>} - will resolve to true if widget will be display. Otherwise will throw SDKError
      */
 
   }, {
     key: "showSimplifiedLoginWidget",
     value: function () {
-      var _showSimplifiedLoginWidget = _asyncToGenerator( /*#__PURE__*/regeneratorRuntime.mark(function _callee12(loginParams) {
+      var _showSimplifiedLoginWidget = _asyncToGenerator( /*#__PURE__*/regeneratorRuntime.mark(function _callee12(loginParams, options) {
         var _this3 = this;
 
-        var userData, widgetUrl, prepareLoginParams;
+        var userData, queryParams, widgetUrl, prepareLoginParams;
         return regeneratorRuntime.wrap(function _callee12$(_context12) {
           while (1) {
             switch (_context12.prev = _context12.next) {
@@ -3137,9 +3179,15 @@ var Identity = /*#__PURE__*/function (_EventEmitter) {
 
               case 2:
                 userData = _context12.sent;
-                widgetUrl = this._bffService.makeUrl('simplified-login-widget', {
+                queryParams = {
                   client_id: this.clientId
-                }, false);
+                };
+
+                if (options && options.encoding) {
+                  queryParams.encoding = options.encoding;
+                }
+
+                widgetUrl = this._bffService.makeUrl('simplified-login-widget', queryParams, false);
 
                 prepareLoginParams = /*#__PURE__*/function () {
                   var _ref5 = _asyncToGenerator( /*#__PURE__*/regeneratorRuntime.mark(function _callee9(loginPrams) {
@@ -3169,7 +3217,7 @@ var Identity = /*#__PURE__*/function (_EventEmitter) {
                     }, _callee9);
                   }));
 
-                  return function prepareLoginParams(_x2) {
+                  return function prepareLoginParams(_x3) {
                     return _ref5.apply(this, arguments);
                   };
                 }();
@@ -3281,7 +3329,7 @@ var Identity = /*#__PURE__*/function (_EventEmitter) {
                   document.getElementsByTagName('body')[0].appendChild(simplifiedLoginWidget);
                 }));
 
-              case 6:
+              case 8:
               case "end":
                 return _context12.stop();
             }
@@ -3289,7 +3337,7 @@ var Identity = /*#__PURE__*/function (_EventEmitter) {
         }, _callee12, this);
       }));
 
-      function showSimplifiedLoginWidget(_x) {
+      function showSimplifiedLoginWidget(_x, _x2) {
         return _showSimplifiedLoginWidget.apply(this, arguments);
       }
 
@@ -10405,6 +10453,7 @@ __webpack_require__.r(__webpack_exports__);
  * @prop {string} ENDPOINTS.SPiD.PRO - Production environment Sweden
  * @prop {string} ENDPOINTS.SPiD.PRO_NO - Production environment Norway
  * @prop {string} ENDPOINTS.SPiD.PRO_FI - Production environment Finland
+ * @prop {string} ENDPOINTS.SPiD.PRO_DK - Production environment Denmark
  * @prop {object} ENDPOINTS.BFF - Endpoints used with new GDPR-compliant web flows
  * @prop {string} ENDPOINTS.BFF.LOCAL - Local endpoint (for Identity team)
  * @prop {string} ENDPOINTS.BFF.DEV - Dev environment (for Identity team)
@@ -10412,6 +10461,7 @@ __webpack_require__.r(__webpack_exports__);
  * @prop {string} ENDPOINTS.BFF.PRO - Production environment Sweden
  * @prop {string} ENDPOINTS.BFF.PRO_NO - Production environment Norway
  * @prop {string} ENDPOINTS.BFF.PRO_FI - Production environment Finland
+ * @prop {string} ENDPOINTS.BFF.PRO_DK - Production environment Denmark
  * @prop {object} ENDPOINTS.SESSION_SERVICE - Endpoints to check global user session data
  * @prop {string} ENDPOINTS.SESSION_SERVICE.LOCAL - Local endpoint (for Identity team)
  * @prop {string} ENDPOINTS.SESSION_SERVICE.DEV - Dev environment (for Identity team)
@@ -10419,6 +10469,7 @@ __webpack_require__.r(__webpack_exports__);
  * @prop {string} ENDPOINTS.SESSION_SERVICE.PRO - Production environment Sweden
  * @prop {string} ENDPOINTS.SESSION_SERVICE.PRO_NO - Production environment Norway
  * @prop {string} ENDPOINTS.SESSION_SERVICE.PRO_FI - Production environment Finland
+ * @prop {string} ENDPOINTS.SESSION_SERVICE.PRO_DK - Production environment Denmark
  */
 
 var config = {
@@ -10429,7 +10480,8 @@ var config = {
       PRE: 'https://identity-pre.schibsted.com',
       PRO: 'https://login.schibsted.com',
       PRO_NO: 'https://payment.schibsted.no',
-      PRO_FI: 'https://login.schibsted.fi'
+      PRO_FI: 'https://login.schibsted.fi',
+      PRO_DK: 'https://login.schibsted.dk'
     },
     BFF: {
       LOCAL: 'http://id.localhost/authn/',
@@ -10437,7 +10489,8 @@ var config = {
       PRE: 'https://identity-pre.schibsted.com/authn/',
       PRO: 'https://login.schibsted.com/authn/',
       PRO_NO: 'https://payment.schibsted.no/authn/',
-      PRO_FI: 'https://login.schibsted.fi/authn/'
+      PRO_FI: 'https://login.schibsted.fi/authn/',
+      PRO_DK: 'https://login.schibsted.dk/authn/'
     },
     SESSION_SERVICE: {
       LOCAL: 'http://session-service.id.localhost',
@@ -10445,7 +10498,8 @@ var config = {
       PRE: 'https://session-service.identity-pre.schibsted.com',
       PRO: 'https://session-service.login.schibsted.com',
       PRO_NO: 'https://session-service.payment.schibsted.no',
-      PRO_FI: 'https://session-service.login.schibsted.fi'
+      PRO_FI: 'https://session-service.login.schibsted.fi',
+      PRO_DK: 'https://session-service.login.schibsted.dk'
     }
   },
   NAMESPACE: {
@@ -10454,7 +10508,8 @@ var config = {
     PRE: 'schibsted.com',
     PRO: 'schibsted.com',
     PRO_NO: 'spid.no',
-    PRO_FI: 'schibsted.fi'
+    PRO_FI: 'schibsted.fi',
+    PRO_DK: 'schibsted.dk'
   }
 };
 /* harmony default export */ __webpack_exports__["default"] = (config);
@@ -11494,7 +11549,7 @@ function emulate(global) {
 /* 175 */
 /***/ (function(module) {
 
-module.exports = JSON.parse("{\"name\":\"@schibsted/account-sdk-browser\",\"version\":\"4.3.0\",\"description\":\"Schibsted account SDK for browsers\",\"main\":\"index.js\",\"scripts\":{\"build\":\"./build.sh\",\"clean\":\"rimraf .cache coverage dist docs\",\"docs\":\"rimraf docs && jsdoc -c ./utils/jsdoc.js --verbose\",\"lint\":\"eslint .\",\"pretest\":\"npm run lint\",\"test\":\"jest\",\"precover\":\"npm run lint\",\"cover\":\"jest --coverage\",\"postcover\":\"codecov\"},\"author\":\"\",\"license\":\"MIT\",\"dependencies\":{\"tiny-emitter\":\"^2.1.0\"},\"devDependencies\":{\"@babel/core\":\"^7.11.4\",\"@babel/preset-env\":\"^7.11.0\",\"babel-loader\":\"^8.1.0\",\"codecov\":\"^3.6.5\",\"core-js\":\"^3.6.5\",\"docdash\":\"git+https://github.com/torarvid/docdash.git#v0.5.0\",\"eslint\":\"^6.8.0\",\"eslint-plugin-import\":\"^2.20.2\",\"jest\":\"^26.4.2\",\"jest-junit\":\"^10.0.0\",\"jsdoc\":\"^3.6.5\",\"node-fetch\":\"^2.6.0\",\"regenerator-runtime\":\"^0.13.7\",\"webpack\":\"^4.44.1\",\"webpack-cli\":\"^3.3.12\",\"whatwg-url\":\"^8.0.0\"},\"repository\":{\"type\":\"git\",\"url\":\"git://github.com/schibsted/account-sdk-browser.git\"},\"babel\":{\"presets\":[[\"@babel/preset-env\",{\"useBuiltIns\":\"usage\",\"corejs\":3,\"targets\":{\"browsers\":[\"> 1%\",\"last 10 chrome major versions\",\"last 10 firefox major versions\",\"last 10 opera major versions\",\"last 2 safari major versions\",\"last 2 ios major versions\",\"last 2 ie major versions\",\"last 5 edge major versions\"]}}]]},\"typings\":\"index.d.ts\"}");
+module.exports = JSON.parse("{\"name\":\"@schibsted/account-sdk-browser\",\"version\":\"4.5.3\",\"description\":\"Schibsted account SDK for browsers\",\"main\":\"index.js\",\"scripts\":{\"build\":\"./build.sh\",\"clean\":\"rimraf .cache coverage dist docs\",\"docs\":\"rimraf docs && jsdoc -c ./utils/jsdoc.js --verbose\",\"lint\":\"eslint .\",\"pretest\":\"npm run lint\",\"test\":\"jest\",\"precover\":\"npm run lint\",\"cover\":\"jest --coverage\",\"postcover\":\"codecov\"},\"author\":\"\",\"license\":\"MIT\",\"dependencies\":{\"tiny-emitter\":\"^2.1.0\"},\"devDependencies\":{\"@babel/core\":\"^7.11.4\",\"@babel/preset-env\":\"^7.11.0\",\"babel-loader\":\"^8.1.0\",\"codecov\":\"^3.6.5\",\"core-js\":\"^3.6.5\",\"docdash\":\"git+https://github.com/torarvid/docdash.git#v0.5.0\",\"eslint\":\"^6.8.0\",\"eslint-plugin-import\":\"^2.20.2\",\"jest\":\"^26.4.2\",\"jest-junit\":\"^10.0.0\",\"jsdoc\":\"^3.6.5\",\"node-fetch\":\"^2.6.0\",\"regenerator-runtime\":\"^0.13.7\",\"webpack\":\"^4.44.1\",\"webpack-cli\":\"^3.3.12\",\"whatwg-url\":\"^8.0.0\"},\"repository\":{\"type\":\"git\",\"url\":\"git://github.com/schibsted/account-sdk-browser.git\"},\"babel\":{\"presets\":[[\"@babel/preset-env\",{\"useBuiltIns\":\"usage\",\"corejs\":3,\"targets\":{\"browsers\":[\"> 1%\",\"last 10 chrome major versions\",\"last 10 firefox major versions\",\"last 10 opera major versions\",\"last 2 safari major versions\",\"last 2 ios major versions\",\"last 2 ie major versions\",\"last 5 edge major versions\"]}}]]},\"typings\":\"index.d.ts\"}");
 
 /***/ }),
 /* 176 */
@@ -12113,6 +12168,7 @@ var Payment = /*#__PURE__*/function () {
       });
     }
     /**
+     * @deprecated
      * Get the url for flow to purchase a promo code product with ZUORA
      * @param {string} code - promocode product code
      * @param {string} [state=''] - An opaque value used by the client to maintain state between