@schibsted/account-sdk-browser 4.8.1 → 4.8.3

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@schibsted/account-sdk-browser",
-  "version": "4.8.1",
+  "version": "4.8.3",
   "description": "Schibsted account SDK for browsers",
   "main": "index.js",
   "type": "module",
@@ -15,6 +15,7 @@
     "cover": "jest --coverage",
     "postcover": "codecov",
     "preversion": "npm test",
+    "version": "node ./scripts/genversion.js && git add src/version.js",
     "postversion": "git push && git push --tags"
   },
   "author": "",
@@ -24,7 +25,7 @@
   },
   "devDependencies": {
     "@babel/core": "^7.11.4",
-    "@babel/preset-env": "^7.11.0",
+    "@babel/preset-env": "^7.23.2",
     "babel-loader": "^8.1.0",
     "codecov": "^3.6.5",
     "core-js": "^3.6.5",

package/src/es5/identity.js

@@ -5,6 +5,6 @@
 'use strict';
 
 window.regeneratorRuntime = require('regenerator-runtime');
-const { Identity } = require('../identity');
+const { Identity } = require('../identity.js');
 
 module.exports = { Identity };

package/src/identity.js

@@ -14,8 +14,7 @@ import * as popup from './popup.js';
 import RESTClient from './RESTClient.js';
 import SDKError from './SDKError.js';
 import * as spidTalk from './spidTalk.js';
-import packageJson from '../package.json';
-const { version } = packageJson;
+import version from './version.js';
 
 /**
  * @typedef {object} LoginOptions
@@ -111,6 +110,8 @@ const { version } = packageJson;
  * @property {boolean} tracking - (Only for connected users)
  * @property {boolean} clientAgreementAccepted - (Only for connected users)
  * @property {boolean} defaultAgreementAccepted - (Only for connected users)
+ * @property {string} pairId
+ * @property {string} sdrn
  */
 
 /**
@@ -593,8 +594,10 @@ export class Identity extends EventEmitter {
 
     /**
      * @async
-     * @summary In Schibsted account, there are two ways of identifying a user; the `userId` and the
-     * `uuid`. There are reasons for them both existing. The `userId` is a numeric identifier, but
+     * @summary
+     * In Schibsted account, there are multiple ways of identifying a user; the `userId`,
+     * `uuid` and `externalId` used for identifying a user-merchant pair (see {@link Identity#getExternalId}).
+     * There are reasons for them all to exist. The `userId` is a numeric identifier, but
      * since Schibsted account is deployed separately in Norway and Sweden, there are a lot of
      * duplicates. The `userId` was introduced early, so many sites still need to use them for
      * legacy reasons. The `uuid` is universally unique, and so — if we could disregard a lot of
@@ -612,6 +615,76 @@ export class Identity extends EventEmitter {
         throw new SDKError('The user is not connected to this merchant');
     }
 
+    /**
+     * @async
+     * @function
+     * @summary
+     * Retrieves the external identifier (`externalId`) for the authenticated user.
+     *
+     * In Schibsted Account there are multiple ways of identifying users, however for integrations with
+     * third-parties it's recommended to use `externalId` as it does not disclose
+     * any critical data whilst allowing for user identification.
+     *
+     * `externalId` is merchant-scoped using a pairwise identifier (`pairId`),
+     * meaning the same user's ID will differ between merchants.
+     * Additionally, this identifier is bound to the external party provided as argument.
+     *
+     * @description This function calls {@link Identity#hasSession} internally and thus has the side
+     * effect that it might perform an auto-login on the user
+     * @throws {SDKError} If the `pairId` is missing in user session.
+     * @throws {SDKError} If the `externalParty` is not defined
+     * @return {Promise<string>} The merchant- and 3rd-party-specific `externalId`
+     */
+    async getExternalId(externalParty, optionalSuffix = "") {
+        const { pairId } = await this.hasSession();
+
+        if (!pairId)
+            throw new SDKError('pairId missing in user session!');
+
+        if(!externalParty || externalParty.length === 0) {
+            throw new SDKError('externalParty cannot be empty');
+        }
+        const _toHexDigest = (hashBuffer) =>{
+            // convert buffer to byte array
+            const hashArray = Array.from(new Uint8Array(hashBuffer));
+            // convert bytes to hex string
+            return hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
+        }
+
+        const _getSha256Digest = (data) => {
+            return crypto.subtle.digest('SHA-256', data);
+        }
+
+        const _hashMessage = async (message) => {
+            const msgUint8 = new TextEncoder().encode(message);
+            return _getSha256Digest(msgUint8).then( (it) => _toHexDigest(it));
+        }
+
+        const _constructMessage = (pairId, externalParty, optionalSuffix) => {
+            return optionalSuffix
+                ? `${pairId}:${externalParty}:${optionalSuffix}`
+                : `${pairId}:${externalParty}`;
+        }
+
+        return _hashMessage(_constructMessage(pairId, externalParty, optionalSuffix))
+    }
+
+    /**
+     * @async
+     * @summary Enables brands to programmatically get the current the SDRN based on the user's session.
+     * @description This function calls {@link Identity#hasSession} internally and thus has the side
+     * effect that it might perform an auto-login on the user
+     * @throws {SDKError} If the SDRN is missing in user session object.
+     * @returns {Promise<string>}
+     */
+    async getUserSDRN() {
+        const { sdrn } = await this.hasSession();
+        if (sdrn) {
+            return sdrn;
+        }
+        throw new SDKError('Failed to get SDRN from user session');
+    }
+
     /**
      * @async
      * @summary In Schibsted account, there are two ways of identifying a user; the `userId` and the
@@ -850,7 +923,9 @@ export class Identity extends EventEmitter {
      * @param {SimplifiedLoginWidgetLoginOptions} loginParams - the same as `options` param for login function. Login will be called on user
      * continue action. `state` might be string or async function.
      * @param {SimplifiedLoginWidgetOptions} [options] - additional configuration of Simplified Login Widget
-     * @return {Promise<boolean|SDKError>} - will resolve to true if widget will be display. Otherwise will throw SDKError
+     * @fires Identity#simplifiedLoginOpened
+     * @fires Identity#simplifiedLoginCancelled
+     * @return {Promise<boolean|SDKError>} - will resolve to true if widget will be display. Otherwise, will throw SDKError
      */
     async showSimplifiedLoginWidget(loginParams, options) {
         // getUserContextData doesn't throw exception
@@ -901,8 +976,24 @@ export class Identity extends EventEmitter {
                     this.login(Object.assign(await prepareLoginParams(loginParams), {loginHint: userData.identifier, prompt: 'login'}));
                 };
 
+                const initHandler = () => {
+                    /**
+                     * Emitted when the simplified login widget is displayed on the screen
+                     * @event Identity#simplifiedLoginOpened
+                     */
+                    this.emit('simplifiedLoginOpened');
+                }
+
+                const cancelLoginHandler = () => {
+                    /**
+                     * Emitted when the user closes the simplified login widget
+                     * @event Identity#simplifiedLoginCancelled
+                     */
+                    this.emit('simplifiedLoginCancelled');
+                }
+
                 if (window.openSimplifiedLoginWidget) {
-                    window.openSimplifiedLoginWidget(initialParams, loginHandler, loginNotYouHandler);
+                    window.openSimplifiedLoginWidget(initialParams, loginHandler, loginNotYouHandler, initHandler, cancelLoginHandler);
                     return resolve(true);
                 }
 
@@ -910,7 +1001,7 @@ export class Identity extends EventEmitter {
                 simplifiedLoginWidget.type = "text/javascript";
                 simplifiedLoginWidget.src = widgetUrl;
                 simplifiedLoginWidget.onload = () => {
-                    window.openSimplifiedLoginWidget(initialParams, loginHandler, loginNotYouHandler);
+                    window.openSimplifiedLoginWidget(initialParams, loginHandler, loginNotYouHandler, initHandler, cancelLoginHandler);
                     resolve(true);
                 };
                 simplifiedLoginWidget.onerror = () => {

package/src/monetization.js

@@ -12,8 +12,7 @@ import RESTClient from './RESTClient.js';
 import Cache from './cache.js';
 import * as spidTalk from './spidTalk.js';
 import SDKError from './SDKError.js';
-import packageJson from '../package.json';
-const { version } = packageJson;
+import version from './version.js';
 
 const globalWindow = () => window;
 

package/src/version.d.ts

@@ -0,0 +1,2 @@
+declare const version: string;
+export default version;

package/src/version.js

@@ -0,0 +1,5 @@
+// Automatically generated in 'npm version' by scripts/genversion.js
+
+'use strict'
+const version = '4.8.3';
+export default version;