npm - @schibsted/account-sdk-browser - Versions diffs - 4.5.0 → 4.6.0 - Mend

@schibsted/account-sdk-browser 4.5.0 → 4.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,25 @@
 # Changelog
+## v4.6.0 (2022-02-23)
+## New features
+* Add `eid`, `eid-no` and `eid-se` to valid acrValues
+## v4.5.3 (2021-11-26)
+## Fixes
+* Fix SimplifiedLoginWidgetLoginOptions typo
+## v4.5.2 (2021-11-26)
+## Fixes
+* Fix SimplifiedLoginWidgetLoginOptions
+## v4.5.1 (2021-11-19)
+## Fixes
+* .d.ts files publishing
 ## v4.5.0 (2021-09-29)
 ## New features

package/README.md CHANGED Viewed

@@ -249,6 +249,7 @@ const identity = new Identity({
     clientId: '56e9a5d1eee0000000000000',
     redirectUri: 'https://awesomenews.site', // ensure it's listed in selfservice
     env: 'PRE', // Schibsted account env. A url or a special key: 'PRE', 'PRO', 'PRO_NO', 'PRO_FI' or 'PRO_DK'
+    sessionDomain: 'https://id.awesomenews.site', // client-configured session-service domain
 })
 async function whenSiteLoaded() {
@@ -318,13 +319,14 @@ experimental purposes for now. Please let us know before using this in productio
 The default is username & password. If you wish to use one of the passwordless login methods, the
 `login()` function takes an optional parameter called `acrValues` (Authentication Context Class Reference).
 The `acrValues` parameter with multifactor authentication can take following values:
+ - `eid` - authentication using BankID (for DEV and PRE environments you can choose between country specific solution by specifying `eid-no` or `eid-se` instead)
  - `otp-email` - passwordless authentication using code sent to registered email
  - `otp-sms` - passwordless authentication using code sent to registered phone number
  - `password` - force password authentication (even if user is already logged in)
  - `otp` - authentication using registered one time code generator (https://tools.ietf.org/html/rfc6238)
  - `sms` - authentication using SMS code sent to phone number
  - `password otp sms` - those authentication methods might be combined
 The classic way to authenticate a user, is to send them from your site to the Schibsted account
 domain, let the user authenticate there, and then have us redirect them back to your site. If you
 prefer, we also provide a popup that you can use. In this method, the authentication happens on a

package/es5/global.js CHANGED Viewed

@@ -1962,6 +1962,42 @@ var _require = __webpack_require__(175),
  * the request and callback. It's also recommended to prevent CSRF {@link https://tools.ietf.org/html/rfc6749#section-10.12}
  * @property {string} [acrValues] - Authentication Context Class Reference Values. If
  * omitted, the user will be asked to authenticate using username+password.
+ * For 2FA (Two-Factor Authentication) possible values are `sms`, `otp` (one time password),
+ * `password` (will force password confirmation, even if user is already logged in), `eid`. Those values might
+ * be mixed as space-separated string. To make sure that user has authenticated with 2FA you need
+ * to verify AMR (Authentication Methods References) claim in ID token.
+ * Might also be used to ensure additional acr (sms, otp) for already logged in users.
+ * Supported values are also 'otp-email' means one time password using email, and 'otp-sms' means
+ * one time password using sms.
+ * @property {string} [scope] - The OAuth scopes for the tokens. This is a list of
+ * scopes, separated by space. If the list of scopes contains `openid`, the generated tokens
+ * includes the id token which can be useful for getting information about the user. Omitting
+ * scope is allowed, while `invalid_scope` is returned when the client asks for a scope you
+ * aren’t allowed to request. {@link https://tools.ietf.org/html/rfc6749#section-3.3}
+ * @property {string} [redirectUri] - Redirect uri that will receive the
+ * code. Must exactly match a redirectUri from your client in self-service
+ * @property {boolean} [preferPopup] - Should we try to open a popup window?
+ * @property {string} [loginHint] - user email or UUID hint
+ * @property {string} [tag] - Pulse tag
+ * @property {string} [teaser] - Teaser slug. Teaser with given slug will be displayed
+ * in place of default teaser
+ * @property {number|string} [maxAge] - Specifies the allowable elapsed time in seconds since
+ * the last time the End-User was actively authenticated. If last authentication time is more
+ * than maxAge seconds in the past, re-authentication will be required. See the OpenID Connect
+ * spec section 3.1.2.1 for more information
+ * @property {string} [locale] - Optional parameter to overwrite client locale setting.
+ * New flows supports nb_NO, fi_FI, sv_SE, en_US
+ * @property {boolean} [oneStepLogin] - display username and password on one screen
+ * @property {string} [prompt] - String that specifies whether the Authorization Server prompts the
+ * End-User for reauthentication or confirm account screen. Supported values: `select_account` or `login`
+ */
+/**
+ * @typedef {object} SimplifiedLoginWidgetLoginOptions
+ * @property {string|function(): (string|Promise<string>)} state - An opaque value used by the client to maintain state between
+ * the request and callback. It's also recommended to prevent CSRF {@link https://tools.ietf.org/html/rfc6749#section-10.12}
+ * @property {string} [acrValues] - Authentication Context Class Reference Values. If
+ * omitted, the user will be asked to authenticate using username+password.
  * For 2FA (Two-Factor Authentication) possible values are `sms`, `otp` (one time password) and
  * `password` (will force password confirmation, even if user is already logged in). Those values might
  * be mixed as space-separated string. To make sure that user has authenticated with 2FA you need
@@ -1988,7 +2024,7 @@ var _require = __webpack_require__(175),
  * @property {string} [locale] - Optional parameter to overwrite client locale setting.
  * New flows supports nb_NO, fi_FI, sv_SE, en_US
  * @property {boolean} [oneStepLogin] - display username and password on one screen
-* @property {string} [prompt] - String that specifies whether the Authorization Server prompts the
+ * @property {string} [prompt] - String that specifies whether the Authorization Server prompts the
  * End-User for reauthentication or confirm account screen. Supported values: `select_account` or `login`
  */
@@ -3048,7 +3084,7 @@ var Identity = /*#__PURE__*/function (_EventEmitter) {
       }
       var isValidAcrValue = function isValidAcrValue(acrValue) {
-        return Object(_validate__WEBPACK_IMPORTED_MODULE_21__["isStrIn"])(acrValue, ['password', 'otp', 'sms'], true);
+        return Object(_validate__WEBPACK_IMPORTED_MODULE_21__["isStrIn"])(acrValue, ['password', 'otp', 'sms', 'eid-no', 'eid-se', 'eid'], true);
       };
       Object(_validate__WEBPACK_IMPORTED_MODULE_21__["assert"])(!acrValues || Object(_validate__WEBPACK_IMPORTED_MODULE_21__["isStrIn"])(acrValues, ['', 'otp-email', 'otp-sms'], true) || acrValues.split(' ').every(isValidAcrValue), "The acrValues parameter is not acceptable: ".concat(acrValues));
@@ -3121,7 +3157,7 @@ var Identity = /*#__PURE__*/function (_EventEmitter) {
      * and store that info in localStorage. Widget will be display only if user is logged in to SSO.
      *
      * @async
-     * @param {LoginOptions} loginParams - the same as `options` param for login function. Login will be called on user
+     * @param {SimplifiedLoginWidgetLoginOptions} loginParams - the same as `options` param for login function. Login will be called on user
      * continue action. `state` might be string or async function.
      * @param {SimplifiedLoginWidgetOptions} [options] - additional configuration of Simplified Login Widget
      * @return {Promise<boolean|SDKError>} - will resolve to true if widget will be display. Otherwise will throw SDKError
@@ -11513,7 +11549,7 @@ function emulate(global) {
 /* 175 */
 /***/ (function(module) {
-module.exports = JSON.parse("{\"name\":\"@schibsted/account-sdk-browser\",\"version\":\"4.5.0\",\"description\":\"Schibsted account SDK for browsers\",\"main\":\"index.js\",\"scripts\":{\"build\":\"./build.sh\",\"clean\":\"rimraf .cache coverage dist docs\",\"docs\":\"rimraf docs && jsdoc -c ./utils/jsdoc.js --verbose\",\"lint\":\"eslint .\",\"pretest\":\"npm run lint\",\"test\":\"jest\",\"precover\":\"npm run lint\",\"cover\":\"jest --coverage\",\"postcover\":\"codecov\"},\"author\":\"\",\"license\":\"MIT\",\"dependencies\":{\"tiny-emitter\":\"^2.1.0\"},\"devDependencies\":{\"@babel/core\":\"^7.11.4\",\"@babel/preset-env\":\"^7.11.0\",\"babel-loader\":\"^8.1.0\",\"codecov\":\"^3.6.5\",\"core-js\":\"^3.6.5\",\"docdash\":\"git+https://github.com/torarvid/docdash.git#v0.5.0\",\"eslint\":\"^6.8.0\",\"eslint-plugin-import\":\"^2.20.2\",\"jest\":\"^26.4.2\",\"jest-junit\":\"^10.0.0\",\"jsdoc\":\"^3.6.5\",\"node-fetch\":\"^2.6.0\",\"regenerator-runtime\":\"^0.13.7\",\"webpack\":\"^4.44.1\",\"webpack-cli\":\"^3.3.12\",\"whatwg-url\":\"^8.0.0\"},\"repository\":{\"type\":\"git\",\"url\":\"git://github.com/schibsted/account-sdk-browser.git\"},\"babel\":{\"presets\":[[\"@babel/preset-env\",{\"useBuiltIns\":\"usage\",\"corejs\":3,\"targets\":{\"browsers\":[\"> 1%\",\"last 10 chrome major versions\",\"last 10 firefox major versions\",\"last 10 opera major versions\",\"last 2 safari major versions\",\"last 2 ios major versions\",\"last 2 ie major versions\",\"last 5 edge major versions\"]}}]]},\"typings\":\"index.d.ts\"}");
+module.exports = JSON.parse("{\"name\":\"@schibsted/account-sdk-browser\",\"version\":\"4.6.0\",\"description\":\"Schibsted account SDK for browsers\",\"main\":\"index.js\",\"scripts\":{\"build\":\"./build.sh\",\"clean\":\"rimraf .cache coverage dist docs\",\"docs\":\"rimraf docs && jsdoc -c ./utils/jsdoc.js --verbose\",\"lint\":\"eslint .\",\"pretest\":\"npm run lint\",\"test\":\"jest\",\"precover\":\"npm run lint\",\"cover\":\"jest --coverage\",\"postcover\":\"codecov\"},\"author\":\"\",\"license\":\"MIT\",\"dependencies\":{\"tiny-emitter\":\"^2.1.0\"},\"devDependencies\":{\"@babel/core\":\"^7.11.4\",\"@babel/preset-env\":\"^7.11.0\",\"babel-loader\":\"^8.1.0\",\"codecov\":\"^3.6.5\",\"core-js\":\"^3.6.5\",\"docdash\":\"git+https://github.com/torarvid/docdash.git#v0.5.0\",\"eslint\":\"^6.8.0\",\"eslint-plugin-import\":\"^2.20.2\",\"jest\":\"^26.4.2\",\"jest-junit\":\"^10.0.0\",\"jsdoc\":\"^3.6.5\",\"node-fetch\":\"^2.6.0\",\"regenerator-runtime\":\"^0.13.7\",\"webpack\":\"^4.44.1\",\"webpack-cli\":\"^3.3.12\",\"whatwg-url\":\"^8.0.0\"},\"repository\":{\"type\":\"git\",\"url\":\"git://github.com/schibsted/account-sdk-browser.git\"},\"babel\":{\"presets\":[[\"@babel/preset-env\",{\"useBuiltIns\":\"usage\",\"corejs\":3,\"targets\":{\"browsers\":[\"> 1%\",\"last 10 chrome major versions\",\"last 10 firefox major versions\",\"last 10 opera major versions\",\"last 2 safari major versions\",\"last 2 ios major versions\",\"last 2 ie major versions\",\"last 5 edge major versions\"]}}]]},\"typings\":\"index.d.ts\"}");
 /***/ }),
 /* 176 */
@@ -12132,6 +12168,7 @@ var Payment = /*#__PURE__*/function () {
       });
     }
     /**
+     * @deprecated
      * Get the url for flow to purchase a promo code product with ZUORA
      * @param {string} code - promocode product code
      * @param {string} [state=''] - An opaque value used by the client to maintain state between