@stytch/vanilla-js 5.25.2 → 5.26.0

package/CHANGELOG.md

@@ -1,5 +1,16 @@
 # @stytch/vanilla-js
 
+## 5.26.0
+
+### Minor Changes
+
+- 0fa72fa: Adds in support for custom scopes to Consumer applications
+
+### Patch Changes
+
+- 06d3d08: Make session handling more resiliant to changing domains
+- e410edb: Fix issue where SDKB2BDiscoveryIntermediateSessionsExchange can sometimes double trigger
+
 ## 5.25.2
 
 ### Patch Changes

package/dist/b2b/index.d.ts

@@ -1,15 +1,11 @@
 import { StytchB2BHeadlessClient } from './index.headless.js';
-import { IDPConsentScreenManifest, StytchProjectConfigurationInput, StyleConfig, Callbacks, StytchB2BUIConfig, StringsOptions } from '@stytch/core/public';
+import { StytchProjectConfigurationInput, StyleConfig, Callbacks, StytchB2BUIConfig, StringsOptions } from '@stytch/core/public';
 export * from '@stytch/core/public';
+import { B as B2BIDPConsentManifestGenerator } from '../types-BZJ7-EK3.js';
 import '@stytch/core';
 import '../OneTapClient-zVI7LxJ6.js';
 import 'google-one-tap';
 
-type B2BIDPConsentManifestGenerator = (input: {
-    scopes: string[];
-    clientName: string;
-}) => IDPConsentScreenManifest;
-
 /**
  * A client used for invoking Stytch's B2B APIs.
  * The Stytch UI Client can be used as a drop-in solution for authentication and session management.

package/dist/b2b/index.esm.js

@@ -4066,6 +4066,9 @@ var Discovery = function Discovery() {
   var _useBootstrap2 = useBootstrap(),
     createOrganizationEnabled = _useBootstrap2.createOrganizationEnabled;
   p$1(function () {
+    if (isExchangeInProgress) {
+      return;
+    }
     var directLoginOrganization = shouldAllowDirectLoginToOrganization(state.formState.discoveryState.discoveredOrganizations, config.directLoginForSingleMembership);
     if (shouldDirectLoginConfigEnabled && directLoginOrganization !== null) {
       handleDiscoveryOrganizationStart(directLoginOrganization);
@@ -4116,7 +4119,7 @@ var Discovery = function Discovery() {
       }
     }),
     stytchDiscoveryExchange = _useMutate3.trigger,
-    isExchangeLoading = _useMutate3.isMutating;
+    isExchangeInProgress = _useMutate3.isMutating;
   var _useMutate4 = useMutate('stytch.discovery.organizations.create', function () {
       return stytchClient.discovery.organizations.create({
         session_duration_minutes: config.sessionOptions.sessionDurationMinutes
@@ -4135,7 +4138,7 @@ var Discovery = function Discovery() {
     }),
     stytchCreateOrganization = _useMutate4.trigger,
     isCreateLoading = _useMutate4.isMutating;
-  if (isExchangeLoading) {
+  if (isExchangeInProgress) {
     return /*#__PURE__*/y(LoggingInScreen, null);
   }
   if (isCreateLoading) {

package/dist/b2b/index.headless.esm.js

@@ -216,7 +216,7 @@ var ClientsideServicesProvider = /*#__PURE__*/function () {
     }
   }]);
 }();
-var version = "5.25.2";
+var version = "5.26.0";
 var NetworkClient = /*#__PURE__*/function () {
   function NetworkClient(_publicToken, _subscriptionDataLayer, _liveAPIURL, _testAPIURL, additionalTelemetryDataFn) {
     _classCallCheck(this, NetworkClient);
@@ -583,6 +583,7 @@ var api = init(defaultConverter, {
 var STYTCH_SESSION_COOKIE = 'stytch_session';
 var STYTCH_SESSION_JWT_COOKIE = 'stytch_session_jwt';
 var STYTCH_INTERMEDIATE_SESSION_TOKEN_COOKIE = 'stytch_intermediate_session_token';
+var SEEN_DOMAINS_KEY = 'seen_domains';
 var isStorageAvailable = function isStorageAvailable(storage) {
   return typeof storage !== 'undefined' && storage !== null;
 };
@@ -714,6 +715,9 @@ var SubscriptionDataLayer = /*#__PURE__*/function () {
         path: this._cookiePath,
         domain: this._domain
       });
+      if (cookieOpts.domain) {
+        this.addSeenDomain(cookieOpts.domain);
+      }
       api.set(this.opaqueTokenCookieName, session_token, cookieOpts);
       api.set(this.jwtCookieName, session_jwt, cookieOpts);
       var alternateCookieOptions = SubscriptionDataLayer.generateCookieOpts({
@@ -722,6 +726,9 @@ var SubscriptionDataLayer = /*#__PURE__*/function () {
         path: this._cookiePath,
         domain: this._domain
       });
+      if (alternateCookieOptions.domain) {
+        this.addSeenDomain(alternateCookieOptions.domain);
+      }
       if (hasMultipleCookies(this.jwtCookieName)) {
         api.remove(this.jwtCookieName, alternateCookieOptions);
       }
@@ -761,9 +768,12 @@ var SubscriptionDataLayer = /*#__PURE__*/function () {
     key: "removeCookies",
     value: function removeCookies(cookiesToRemove) {
       var _this5 = this;
+      var trackedDomains = this.getSeenDomains();
+      var allDomains = [this._domain, null].concat(_toConsumableArray(trackedDomains));
+      var uniqueDomains = _toConsumableArray(new Set(allDomains));
       [true, false].forEach(function (availableToSubdomains) {
         [_this5._cookiePath, null].forEach(function (path) {
-          [_this5._domain, null].forEach(function (domain) {
+          uniqueDomains.forEach(function (domain) {
             var cookieOpts = SubscriptionDataLayer.generateCookieOpts({
               expiresAt: new Date(0).toString(),
               availableToSubdomains: availableToSubdomains,
@@ -811,6 +821,32 @@ var SubscriptionDataLayer = /*#__PURE__*/function () {
         key: getPersistentStorageKey(this.publicToken, key)
       });
     }
+  }, {
+    key: "getSeenDomains",
+    value: function getSeenDomains() {
+      var storedDomains = this.getItem(SEEN_DOMAINS_KEY);
+      if (!storedDomains) {
+        return [];
+      }
+      try {
+        var parsed = JSON.parse(storedDomains);
+        return Array.isArray(parsed) ? parsed : [];
+      } catch (e) {
+        return [];
+      }
+    }
+  }, {
+    key: "addSeenDomain",
+    value: function addSeenDomain(domain) {
+      if (!domain) {
+        return;
+      }
+      var storedDomains = this.getSeenDomains();
+      if (!storedDomains.includes(domain)) {
+        storedDomains.push(domain);
+        this.setItem(SEEN_DOMAINS_KEY, JSON.stringify(storedDomains));
+      }
+    }
   }], [{
     key: "generateCookieOpts",
     value: function generateCookieOpts(_ref1) {

package/dist/b2b/index.headless.js

@@ -217,7 +217,7 @@ var ClientsideServicesProvider = /*#__PURE__*/function () {
     }
   }]);
 }();
-var version = "5.25.2";
+var version = "5.26.0";
 var NetworkClient = /*#__PURE__*/function () {
   function NetworkClient(_publicToken, _subscriptionDataLayer, _liveAPIURL, _testAPIURL, additionalTelemetryDataFn) {
     _classCallCheck(this, NetworkClient);
@@ -584,6 +584,7 @@ var api = init(defaultConverter, {
 var STYTCH_SESSION_COOKIE = 'stytch_session';
 var STYTCH_SESSION_JWT_COOKIE = 'stytch_session_jwt';
 var STYTCH_INTERMEDIATE_SESSION_TOKEN_COOKIE = 'stytch_intermediate_session_token';
+var SEEN_DOMAINS_KEY = 'seen_domains';
 var isStorageAvailable = function isStorageAvailable(storage) {
   return typeof storage !== 'undefined' && storage !== null;
 };
@@ -715,6 +716,9 @@ var SubscriptionDataLayer = /*#__PURE__*/function () {
         path: this._cookiePath,
         domain: this._domain
       });
+      if (cookieOpts.domain) {
+        this.addSeenDomain(cookieOpts.domain);
+      }
       api.set(this.opaqueTokenCookieName, session_token, cookieOpts);
       api.set(this.jwtCookieName, session_jwt, cookieOpts);
       var alternateCookieOptions = SubscriptionDataLayer.generateCookieOpts({
@@ -723,6 +727,9 @@ var SubscriptionDataLayer = /*#__PURE__*/function () {
         path: this._cookiePath,
         domain: this._domain
       });
+      if (alternateCookieOptions.domain) {
+        this.addSeenDomain(alternateCookieOptions.domain);
+      }
       if (internal.hasMultipleCookies(this.jwtCookieName)) {
         api.remove(this.jwtCookieName, alternateCookieOptions);
       }
@@ -762,9 +769,12 @@ var SubscriptionDataLayer = /*#__PURE__*/function () {
     key: "removeCookies",
     value: function removeCookies(cookiesToRemove) {
       var _this5 = this;
+      var trackedDomains = this.getSeenDomains();
+      var allDomains = [this._domain, null].concat(_toConsumableArray(trackedDomains));
+      var uniqueDomains = _toConsumableArray(new Set(allDomains));
       [true, false].forEach(function (availableToSubdomains) {
         [_this5._cookiePath, null].forEach(function (path) {
-          [_this5._domain, null].forEach(function (domain) {
+          uniqueDomains.forEach(function (domain) {
             var cookieOpts = SubscriptionDataLayer.generateCookieOpts({
               expiresAt: new Date(0).toString(),
               availableToSubdomains: availableToSubdomains,
@@ -812,6 +822,32 @@ var SubscriptionDataLayer = /*#__PURE__*/function () {
         key: internal.getPersistentStorageKey(this.publicToken, key)
       });
     }
+  }, {
+    key: "getSeenDomains",
+    value: function getSeenDomains() {
+      var storedDomains = this.getItem(SEEN_DOMAINS_KEY);
+      if (!storedDomains) {
+        return [];
+      }
+      try {
+        var parsed = JSON.parse(storedDomains);
+        return Array.isArray(parsed) ? parsed : [];
+      } catch (e) {
+        return [];
+      }
+    }
+  }, {
+    key: "addSeenDomain",
+    value: function addSeenDomain(domain) {
+      if (!domain) {
+        return;
+      }
+      var storedDomains = this.getSeenDomains();
+      if (!storedDomains.includes(domain)) {
+        storedDomains.push(domain);
+        this.setItem(SEEN_DOMAINS_KEY, JSON.stringify(storedDomains));
+      }
+    }
   }], [{
     key: "generateCookieOpts",
     value: function generateCookieOpts(_ref1) {

package/dist/b2b/index.js

@@ -4067,6 +4067,9 @@ var Discovery = function Discovery() {
   var _useBootstrap2 = useBootstrap(),
     createOrganizationEnabled = _useBootstrap2.createOrganizationEnabled;
   extractErrorMessage.p(function () {
+    if (isExchangeInProgress) {
+      return;
+    }
     var directLoginOrganization = shouldAllowDirectLoginToOrganization(state.formState.discoveryState.discoveredOrganizations, config.directLoginForSingleMembership);
     if (shouldDirectLoginConfigEnabled && directLoginOrganization !== null) {
       handleDiscoveryOrganizationStart(directLoginOrganization);
@@ -4117,7 +4120,7 @@ var Discovery = function Discovery() {
       }
     }),
     stytchDiscoveryExchange = _useMutate3.trigger,
-    isExchangeLoading = _useMutate3.isMutating;
+    isExchangeInProgress = _useMutate3.isMutating;
   var _useMutate4 = useMutate('stytch.discovery.organizations.create', function () {
       return stytchClient.discovery.organizations.create({
         session_duration_minutes: config.sessionOptions.sessionDurationMinutes
@@ -4136,7 +4139,7 @@ var Discovery = function Discovery() {
     }),
     stytchCreateOrganization = _useMutate4.trigger,
     isCreateLoading = _useMutate4.isMutating;
-  if (isExchangeLoading) {
+  if (isExchangeInProgress) {
     return /*#__PURE__*/extractErrorMessage.y(LoggingInScreen, null);
   }
   if (isCreateLoading) {

package/dist/index.d.ts

@@ -1,6 +1,7 @@
 import { StytchHeadlessClient } from './index.headless.js';
 import { StytchProjectConfigurationInput, StytchLoginConfig, StyleConfig, Callbacks, StringsOptions } from '@stytch/core/public';
 export * from '@stytch/core/public';
+import { I as IDPConsentManifestGenerator } from './types-BZJ7-EK3.js';
 import '@stytch/core';
 import './OneTapClient-zVI7LxJ6.js';
 import 'google-one-tap';
@@ -106,10 +107,11 @@ declare class StytchUIClient<TProjectConfiguration extends StytchProjectConfigur
      * @param callbacks - Optional {@link Callbacks} triggered by various events in the Stytch SDK.
      * @throws An error when the element specified by elementId cannot be found.
      */
-    mountIdentityProvider({ elementId, styles, callbacks, strings, }: {
+    mountIdentityProvider({ elementId, styles, callbacks, strings, getIDPConsentManifest, }: {
         elementId: string;
         styles?: StyleConfig;
         callbacks?: Callbacks<TProjectConfiguration>;
+        getIDPConsentManifest?: IDPConsentManifestGenerator;
     } & StringsOptions): void;
 }