@smartcar/auth 2.13.1 → 2.14.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +31 -3
- package/README.mdt +29 -1
- package/dist/npm/sdk.js +28 -4
- package/doc/README.md +4 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -7,7 +7,7 @@ The official Smartcar JavaScript SDK.
|
|
|
7
7
|
The [Smartcar API](https://smartcar.com/docs) lets you read vehicle data
|
|
8
8
|
(location, odometer) and send commands to vehicles (lock, unlock) using HTTP requests.
|
|
9
9
|
|
|
10
|
-
To make requests to a vehicle from a web application, the end user must connect their vehicle using [Smartcar Connect](https://smartcar.com/docs/
|
|
10
|
+
To make requests to a vehicle from a web application, the end user must connect their vehicle using [Smartcar Connect](https://smartcar.com/docs/connect/what-is-connect). The Smartcar JavaScript SDK provides an easy way to launch and handle Connect to retrieve the resulting `code`, or to complete a redirect-less M2M authorization flow using `response_type=none`.
|
|
11
11
|
|
|
12
12
|
Before integrating with the JavaScript SDK, you'll need to register an application in the [Smartcar dashboard](https://dashboard.smartcar.com). Once you have registered an application, you will have an Application ID, which will allow you to launch Connect and authorize users.
|
|
13
13
|
|
|
@@ -24,7 +24,7 @@ npm install @smartcar/auth
|
|
|
24
24
|
### Smartcar CDN
|
|
25
25
|
|
|
26
26
|
```html
|
|
27
|
-
<script src="https://javascript-sdk.smartcar.com/2.
|
|
27
|
+
<script src="https://javascript-sdk.smartcar.com/2.14.0/sdk.js"></script>
|
|
28
28
|
```
|
|
29
29
|
|
|
30
30
|
## SDK reference
|
|
@@ -132,6 +132,34 @@ const url = smartcar.getAuthUrl();
|
|
|
132
132
|
|
|
133
133
|
**Reference:** [`smartcar.getAuthUrl(options)`](doc#Smartcar+getAuthUrl)
|
|
134
134
|
|
|
135
|
+
### response_type=none flow
|
|
136
|
+
|
|
137
|
+
For M2M use cases, you can launch Connect with `responseType: 'none'` to complete authorization without exchanging the authorization code in the browser. This mode is intended for M2M Auth flow that does not require a vehicle-scope authorization code.
|
|
138
|
+
|
|
139
|
+
If you provide a `redirectUri`, Connect redirects the user after authorization completes and `onComplete` fires as normal. If you do not provide a `redirectUri`, the user lands on a Smartcar-hosted page after authorization completes.
|
|
140
|
+
|
|
141
|
+
It is recommended that you pass an `externalId` to associate the vehicle connection with an identifier in your system. It will be returned in the `onComplete` callback.
|
|
142
|
+
|
|
143
|
+
```javascript
|
|
144
|
+
const smartcar = new Smartcar({
|
|
145
|
+
applicationId: '<your-application-id>',
|
|
146
|
+
scope: ['read_vehicle_info', 'read_odometer'],
|
|
147
|
+
redirectUri: '<your-redirect-uri>'
|
|
148
|
+
responseType: 'none',
|
|
149
|
+
externalId: '<your-external-id>',
|
|
150
|
+
});
|
|
151
|
+
```
|
|
152
|
+
|
|
153
|
+
Launch Connect as usual:
|
|
154
|
+
|
|
155
|
+
```javascript
|
|
156
|
+
smartcar.openDialog();
|
|
157
|
+
```
|
|
158
|
+
|
|
159
|
+
Use `externalId` to correlate the completed authorization with a user in your system in webhook delivieres or by making a request to the `/connections` endpoint filtered by the user's `externalId`.
|
|
160
|
+
|
|
161
|
+
**Reference:** [`new Smartcar(options)`](doc#new_Smartcar_new)
|
|
162
|
+
|
|
135
163
|
### Server-side redirect handling
|
|
136
164
|
|
|
137
165
|
In a traditional OAuth implementation, the redirect URI is normally set to your application's back end, rather than Smartcar's special JavaScript SDK redirect page described in the flow above. Instead of using the JavaScript SDK redirect page, you can still choose to use the traditional server-side architecture (described below). In this architecture you would receive the authorization code on a back-end route instead of the client-side `onComplete` callback.
|
|
@@ -180,4 +208,4 @@ https://application-backend.com/page?error=access_denied&error_description=User+
|
|
|
180
208
|
[tag-image]: https://img.shields.io/github/tag/smartcar/javascript-sdk.svg
|
|
181
209
|
|
|
182
210
|
<!-- Please do not modify or remove this, it is used by the build process -->
|
|
183
|
-
[version]: 2.
|
|
211
|
+
[version]: 2.14.0
|
package/README.mdt
CHANGED
|
@@ -7,7 +7,7 @@ The official Smartcar JavaScript SDK.
|
|
|
7
7
|
The [Smartcar API](https://smartcar.com/docs) lets you read vehicle data
|
|
8
8
|
(location, odometer) and send commands to vehicles (lock, unlock) using HTTP requests.
|
|
9
9
|
|
|
10
|
-
To make requests to a vehicle from a web application, the end user must connect their vehicle using [Smartcar Connect](https://smartcar.com/docs/
|
|
10
|
+
To make requests to a vehicle from a web application, the end user must connect their vehicle using [Smartcar Connect](https://smartcar.com/docs/connect/what-is-connect). The Smartcar JavaScript SDK provides an easy way to launch and handle Connect to retrieve the resulting `code`, or to complete a redirect-less M2M authorization flow using `response_type=none`.
|
|
11
11
|
|
|
12
12
|
Before integrating with the JavaScript SDK, you'll need to register an application in the [Smartcar dashboard](https://dashboard.smartcar.com). Once you have registered an application, you will have an Application ID, which will allow you to launch Connect and authorize users.
|
|
13
13
|
|
|
@@ -132,6 +132,34 @@ const url = smartcar.getAuthUrl();
|
|
|
132
132
|
|
|
133
133
|
**Reference:** [`smartcar.getAuthUrl(options)`](doc#Smartcar+getAuthUrl)
|
|
134
134
|
|
|
135
|
+
### response_type=none flow
|
|
136
|
+
|
|
137
|
+
For M2M use cases, you can launch Connect with `responseType: 'none'` to complete authorization without exchanging the authorization code in the browser. This mode is intended for M2M Auth flow that does not require a vehicle-scope authorization code.
|
|
138
|
+
|
|
139
|
+
If you provide a `redirectUri`, Connect redirects the user after authorization completes and `onComplete` fires as normal. If you do not provide a `redirectUri`, the user lands on a Smartcar-hosted page after authorization completes.
|
|
140
|
+
|
|
141
|
+
It is recommended that you pass an `externalId` to associate the vehicle connection with an identifier in your system. It will be returned in the `onComplete` callback.
|
|
142
|
+
|
|
143
|
+
```javascript
|
|
144
|
+
const smartcar = new Smartcar({
|
|
145
|
+
applicationId: '<your-application-id>',
|
|
146
|
+
scope: ['read_vehicle_info', 'read_odometer'],
|
|
147
|
+
redirectUri: '<your-redirect-uri>'
|
|
148
|
+
responseType: 'none',
|
|
149
|
+
externalId: '<your-external-id>',
|
|
150
|
+
});
|
|
151
|
+
```
|
|
152
|
+
|
|
153
|
+
Launch Connect as usual:
|
|
154
|
+
|
|
155
|
+
```javascript
|
|
156
|
+
smartcar.openDialog();
|
|
157
|
+
```
|
|
158
|
+
|
|
159
|
+
Use `externalId` to correlate the completed authorization with a user in your system in webhook delivieres or by making a request to the `/connections` endpoint filtered by the user's `externalId`.
|
|
160
|
+
|
|
161
|
+
**Reference:** [`new Smartcar(options)`](doc#new_Smartcar_new)
|
|
162
|
+
|
|
135
163
|
### Server-side redirect handling
|
|
136
164
|
|
|
137
165
|
In a traditional OAuth implementation, the redirect URI is normally set to your application's back end, rather than Smartcar's special JavaScript SDK redirect page described in the flow above. Instead of using the JavaScript SDK redirect page, you can still choose to use the traditional server-side architecture (described below). In this architecture you would receive the authorization code on a back-end route instead of the client-side `onComplete` callback.
|
package/dist/npm/sdk.js
CHANGED
|
@@ -71,8 +71,8 @@ function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" =
|
|
|
71
71
|
* @param {?Error} error - something went wrong in Connect; this
|
|
72
72
|
* normally indicates that the user denied access to your application or does not
|
|
73
73
|
* have a connected vehicle
|
|
74
|
-
* @param {String} code - the authorization code to be exchanged from a
|
|
75
|
-
* backend
|
|
74
|
+
* @param {String} [code] - the authorization code to be exchanged from a
|
|
75
|
+
* backend server for an access token; undefined for response_type=none flows
|
|
76
76
|
* @param {Object} [state] - contains state if it was set on the initial
|
|
77
77
|
* authorization request
|
|
78
78
|
* @param {String} [virtualKeyUrl] - virtual key URL used by Tesla to register
|
|
@@ -80,6 +80,7 @@ function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" =
|
|
|
80
80
|
* any commands on a Tesla vehicle. It is an optional argument as it is only included in
|
|
81
81
|
* specific cases.
|
|
82
82
|
* @param {String} userId - A unique identifier for the vehicle owner that granted access.
|
|
83
|
+
* @param {String} [externalId] - The external_id returned by Connect.
|
|
83
84
|
*/
|
|
84
85
|
|
|
85
86
|
/**
|
|
@@ -97,6 +98,11 @@ function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" =
|
|
|
97
98
|
* Launch Smartcar Connect in [test mode](https://smartcar.com/docs/guides/testing/).
|
|
98
99
|
* @param {String} [options.mode='live'] - Determine what mode Smartcar Connect should be
|
|
99
100
|
* launched in. Should be one of test, live or simulated.
|
|
101
|
+
* @param {String} [options.responseType='code'] - OAuth response type. Use 'none' for
|
|
102
|
+
* redirect-less M2M flows; defaults to 'code'.
|
|
103
|
+
* @param {String} [options.externalId] - An optional external identifier passed through
|
|
104
|
+
* to Connect and returned in the onComplete callback. Pass `null` to explicitly clear a
|
|
105
|
+
* previously set externalId; omit the option (`undefined`) to leave it unset.
|
|
100
106
|
*/
|
|
101
107
|
function Smartcar(options) {
|
|
102
108
|
var _this = this;
|
|
@@ -142,7 +148,8 @@ function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" =
|
|
|
142
148
|
throw new Error('The "mode" parameter MUST be one of the following: \'test\', \'live\', \'simulated\'');
|
|
143
149
|
}
|
|
144
150
|
|
|
145
|
-
this.responseType = 'code';
|
|
151
|
+
this.responseType = options.responseType || 'code';
|
|
152
|
+
this.externalId = options.externalId; // identifier for matching message event and multiple Smartcar instances
|
|
146
153
|
// it is a string composed of a timestamp and a 8-digit random number
|
|
147
154
|
|
|
148
155
|
this.instanceId = new Date().getTime() + String(Math.random()).slice(2, 10); // handler
|
|
@@ -222,6 +229,7 @@ function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" =
|
|
|
222
229
|
var err = generateError(message.error, message.errorDescription);
|
|
223
230
|
var virtualKeyUrl = message.virtualKeyUrl;
|
|
224
231
|
var userId = message.userId;
|
|
232
|
+
var externalId = message.externalId;
|
|
225
233
|
/**
|
|
226
234
|
* Call `onComplete` with parameters even if developer is not using
|
|
227
235
|
* a Smartcar-hosted redirect. Regardless of if they are using a
|
|
@@ -235,7 +243,7 @@ function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" =
|
|
|
235
243
|
* parameters in their redirect uri.
|
|
236
244
|
*/
|
|
237
245
|
|
|
238
|
-
_this.onComplete(err, message.code, originalState, virtualKeyUrl, userId);
|
|
246
|
+
_this.onComplete(err, message.code, originalState, virtualKeyUrl, userId, externalId);
|
|
239
247
|
}
|
|
240
248
|
}; // add handler for postMessage event on completion of Smartcar Connect
|
|
241
249
|
|
|
@@ -374,6 +382,11 @@ function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" =
|
|
|
374
382
|
link += "&user=".concat(encodeURIComponent(options.user));
|
|
375
383
|
}
|
|
376
384
|
|
|
385
|
+
if (this.externalId !== undefined) {
|
|
386
|
+
var externalId = this.externalId === null ? 'null' : encodeURIComponent(this.externalId);
|
|
387
|
+
link += "&external_id=".concat(externalId);
|
|
388
|
+
}
|
|
389
|
+
|
|
377
390
|
return link;
|
|
378
391
|
}
|
|
379
392
|
/**
|
|
@@ -405,6 +418,8 @@ function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" =
|
|
|
405
418
|
}, {
|
|
406
419
|
key: "openDialog",
|
|
407
420
|
value: function openDialog(options) {
|
|
421
|
+
options = options || {};
|
|
422
|
+
|
|
408
423
|
var windowOptions = Smartcar._getWindowOptions(options.windowOptions || {});
|
|
409
424
|
|
|
410
425
|
var href = this.getAuthUrl(options);
|
|
@@ -539,6 +554,12 @@ function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" =
|
|
|
539
554
|
throw new TypeError('An applicationId option must be provided');
|
|
540
555
|
}
|
|
541
556
|
|
|
557
|
+
var VALID_RESPONSE_TYPES = ['code', 'none'];
|
|
558
|
+
|
|
559
|
+
if (options.responseType && !VALID_RESPONSE_TYPES.includes(options.responseType)) {
|
|
560
|
+
throw new Error("The \"responseType\" option must be one of: ".concat(VALID_RESPONSE_TYPES.join(', ')));
|
|
561
|
+
}
|
|
562
|
+
|
|
542
563
|
if (options.redirectUri) {
|
|
543
564
|
if (options.redirectUri.startsWith('https://javascript-sdk.smartcar.com')) {
|
|
544
565
|
// require onComplete method with at least two parameters (error & code)
|
|
@@ -554,6 +575,9 @@ function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" =
|
|
|
554
575
|
console.warn("\nThe Smartcar redirect URI you're using is outdated! To update it, please see:\nhttps://github.com/smartcar/javascript-sdk#1-register-a-javascript-sdk-redirect-uri\n");
|
|
555
576
|
}
|
|
556
577
|
}
|
|
578
|
+
} else if (options.responseType === 'none' && options.onComplete) {
|
|
579
|
+
// eslint-disable-next-line no-console
|
|
580
|
+
console.warn('The "onComplete" callback will not fire for responseType "none" unless a redirectUri is provided.');
|
|
557
581
|
}
|
|
558
582
|
}
|
|
559
583
|
/**
|
package/doc/README.md
CHANGED
|
@@ -56,6 +56,8 @@ Initializes Smartcar class.
|
|
|
56
56
|
| [options.onComplete] | [<code>OnComplete</code>](#OnComplete) | | called on completion of Smartcar Connect |
|
|
57
57
|
| [options.testMode] | <code>Boolean</code> | <code>false</code> | Deprecated, please use `mode` instead. Launch Smartcar Connect in [test mode](https://smartcar.com/docs/guides/testing/). |
|
|
58
58
|
| [options.mode] | <code>String</code> | <code>'live'</code> | Determine what mode Smartcar Connect should be launched in. Should be one of test, live or simulated. |
|
|
59
|
+
| [options.responseType] | <code>String</code> | <code>'code'</code> | OAuth response type. Use 'none' for redirect-less M2M flows; defaults to 'code'. |
|
|
60
|
+
| [options.externalId] | <code>String</code> | | An optional external identifier passed through to Connect and returned in the onComplete callback. Pass `null` to explicitly clear a previously set externalId; omit the option (`undefined`) to leave it unset. |
|
|
59
61
|
|
|
60
62
|
<a name="Smartcar+getAuthUrl"></a>
|
|
61
63
|
|
|
@@ -204,10 +206,11 @@ Invalid subscription error returned by Connect.
|
|
|
204
206
|
| Param | Type | Description |
|
|
205
207
|
| --- | --- | --- |
|
|
206
208
|
| error | <code>Error</code> | something went wrong in Connect; this normally indicates that the user denied access to your application or does not have a connected vehicle |
|
|
207
|
-
| code | <code>String</code> | the authorization code to be exchanged from a backend
|
|
209
|
+
| [code] | <code>String</code> | the authorization code to be exchanged from a backend server for an access token; undefined for response_type=none flows |
|
|
208
210
|
| [state] | <code>Object</code> | contains state if it was set on the initial authorization request |
|
|
209
211
|
| [virtualKeyUrl] | <code>String</code> | virtual key URL used by Tesla to register Smartcar's virtual key on a vehicle. This registration will be required in order to use any commands on a Tesla vehicle. It is an optional argument as it is only included in specific cases. |
|
|
210
212
|
| userId | <code>String</code> | A unique identifier for the vehicle owner that granted access. |
|
|
213
|
+
| [externalId] | <code>String</code> | The external_id returned by Connect. |
|
|
211
214
|
|
|
212
215
|
<a name="WindowOptions"></a>
|
|
213
216
|
|