auth0-lock 11.31.0 → 11.31.1

package/CHANGELOG.md

@@ -1,12 +1,24 @@
 # Change Log
 
+## [v11.31.1](https://github.com/auth0/lock/tree/v11.31.1) (2021-11-02)
+
+[Full Changelog](https://github.com/auth0/lock/compare/v11.31.0...v11.31.1)
+
+**Fixed**
+
+- Guard references to window on module load [\#2057](https://github.com/auth0/lock/pull/2057) ([stevehobbsdev](https://github.com/stevehobbsdev))
+- Ensure Captcha is completed before authenticating with enterprise SSO connection [\#2060](https://github.com/auth0/lock/pull/2060) ([stevehobbsdev](https://github.com/stevehobbsdev))
+
 ## [v11.31.0](https://github.com/auth0/lock/tree/v11.31.0) (2021-10-15)
+
 [Full Changelog](https://github.com/auth0/lock/compare/v11.30.6...v11.31.0)
 
 **Added**
+
 - [SDK-2295] Add forceAutoHeight property to UI config [\#2050](https://github.com/auth0/lock/pull/2050) ([stevehobbsdev](https://github.com/stevehobbsdev))
 
 **Fixed**
+
 - [SDK-2823] Fix password reset when using custom connection resolver [\#2048](https://github.com/auth0/lock/pull/2048) ([stevehobbsdev](https://github.com/stevehobbsdev))
 
 ## [v11.30.6](https://github.com/auth0/lock/tree/v11.30.6) (2021-09-27)

package/README.md

@@ -25,7 +25,7 @@ From CDN
 
 ```html
 <!-- Latest patch release (recommended for production) -->
-<script src="https://cdn.auth0.com/js/lock/11.31.0/lock.min.js"></script>
+<script src="https://cdn.auth0.com/js/lock/11.31.1/lock.min.js"></script>
 ```
 
 From [npm](https://npmjs.org)
@@ -423,6 +423,7 @@ new Auth0Lock('client ID', 'domain', {
       console.log('Hello from the sign-up hook!');
       cb();
     }
+  }
 });
 ```
 
@@ -439,7 +440,8 @@ new Auth0Lock('client ID', 'domain', {
 
       // Throw something generic to show a fallback error message
       throw "Some error happened";
-    },
+    }
+  }
 });
 ```
 

package/lib/__tests__/connection/enterprise/actions.js

@@ -87,6 +87,25 @@ describe('Login with connection scopes', function () {
         login_hint: 'test@test.com'
       });
     });
+
+    it('should throw an error if the captcha was not completed', function () {
+      lock = l.setup('__lock__', 'client', 'domain', {});
+      lock = (0, _index2.setField)(lock, 'email', 'test@test.com');
+
+      lock = l.setCaptcha(lock, {
+        required: true,
+        provider: 'recaptcha_v2'
+      });
+
+      require('store/index').read.mockReturnValue(lock);
+
+      require('connection/enterprise').matchConnection.mockReturnValue(_immutable2.default.fromJS({ name: 'sso-connection' }));
+
+      var coreActions = require('core/actions');
+
+      (0, _actions.logIn)('__lock__');
+      expect(coreActions.logIn).not.toHaveBeenCalled();
+    });
   });
 
   describe('for a non-SSO connection', function () {

package/lib/browser.js

@@ -19,14 +19,16 @@ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { de
  * the package.json file points to index.js.
  */
 
-if (typeof window.define == 'function' && window.define.amd) {
-  window.define('auth0Lock', function () {
-    return _index2.default;
-  });
-  window.define('auth0LockPasswordless', function () {
-    return _passwordless2.default;
-  });
-} else if (window.window) {
-  window.Auth0Lock = _index2.default;
-  window.Auth0LockPasswordless = _passwordless2.default;
+if (typeof window !== 'undefined') {
+  if (typeof window.define == 'function' && window.define.amd) {
+    window.define('auth0Lock', function () {
+      return _index2.default;
+    });
+    window.define('auth0LockPasswordless', function () {
+      return _passwordless2.default;
+    });
+  } else if (window.window) {
+    window.Auth0Lock = _index2.default;
+    window.Auth0LockPasswordless = _passwordless2.default;
+  }
 }

package/lib/connection/captcha.js

@@ -0,0 +1,94 @@
+'use strict';
+
+exports.__esModule = true;
+exports.showMissingCaptcha = showMissingCaptcha;
+exports.setCaptchaParams = setCaptchaParams;
+exports.swapCaptcha = swapCaptcha;
+
+var _index = require('../core/index');
+
+var l = _interopRequireWildcard(_index);
+
+var _index2 = require('../field/index');
+
+var c = _interopRequireWildcard(_index2);
+
+var _i18n = require('../i18n');
+
+var i18n = _interopRequireWildcard(_i18n);
+
+var _index3 = require('../store/index');
+
+var _web_api = require('../core/web_api');
+
+var _web_api2 = _interopRequireDefault(_web_api);
+
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
+
+function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } }
+
+/**
+ * Display the error message of missing captcha in the header of lock.
+ *
+ * @param {Object} m model
+ * @param {Number} id
+ */
+function showMissingCaptcha(m, id) {
+  var captchaConfig = l.captcha(m);
+
+  var captchaError = captchaConfig.get('provider') === 'recaptcha_v2' ? 'invalid_recaptcha' : 'invalid_captcha';
+
+  var errorMessage = i18n.html(m, ['error', 'login', captchaError]);
+
+  (0, _index3.swap)(_index3.updateEntity, 'lock', id, function (m) {
+    m = l.setSubmitting(m, false, errorMessage);
+    return c.showInvalidField(m, 'captcha');
+  });
+
+  return m;
+}
+
+/**
+ * Set the captcha value in the fields object before sending the request.
+ *
+ * @param {Object} m model
+ * @param {Object} params
+ * @param {Object} fields
+ *
+ * @returns {Boolean} returns true if is required and missing the response from the user
+ */
+function setCaptchaParams(m, params, fields) {
+  var captchaConfig = l.captcha(m);
+  var isCaptchaRequired = captchaConfig && l.captcha(m).get('required');
+
+  if (!isCaptchaRequired) {
+    return true;
+  }
+  var captcha = c.getFieldValue(m, 'captcha');
+  //captcha required and missing
+  if (!captcha) {
+    return false;
+  }
+
+  params['captcha'] = captcha;
+  fields.push('captcha');
+  return true;
+}
+
+/**
+ * Get a new challenge and display the new captcha image.
+ *
+ * @param {number} id The id of the Lock instance.
+ * @param {boolean} wasInvalid A boolean indicating if the previous captcha was invalid.
+ * @param {Function} [next] A callback.
+ */
+function swapCaptcha(id, wasInvalid, next) {
+  return _web_api2.default.getChallenge(id, function (err, newCaptcha) {
+    if (!err && newCaptcha) {
+      (0, _index3.swap)(_index3.updateEntity, 'lock', id, l.setCaptcha, newCaptcha, wasInvalid);
+    }
+    if (next) {
+      next();
+    }
+  });
+}

package/lib/connection/database/actions.js

@@ -12,7 +12,6 @@ exports.cancelResetPassword = cancelResetPassword;
 exports.cancelMFALogin = cancelMFALogin;
 exports.toggleTermsAcceptance = toggleTermsAcceptance;
 exports.showLoginMFAActivity = showLoginMFAActivity;
-exports.swapCaptcha = swapCaptcha;
 
 var _immutable = require('immutable');
 
@@ -40,6 +39,8 @@ var _i18n = require('../../i18n');
 
 var i18n = _interopRequireWildcard(_i18n);
 
+var _captcha = require('../captcha');
+
 function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } }
 
 function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
@@ -58,9 +59,9 @@ function logIn(id) {
 
   var fields = [usernameField, 'password'];
 
-  var isCaptchaValid = setCaptchaParams(m, params, fields);
+  var isCaptchaValid = (0, _captcha.setCaptchaParams)(m, params, fields);
   if (!isCaptchaValid) {
-    return showMissingCaptcha(m, id);
+    return (0, _captcha.showMissingCaptcha)(m, id);
   }
 
   var mfaCode = c.getFieldValue(m, 'mfa_code');
@@ -76,7 +77,7 @@ function logIn(id) {
 
     if (error) {
       var wasInvalid = error && error.code === 'invalid_captcha';
-      return swapCaptcha(id, wasInvalid, next);
+      return (0, _captcha.swapCaptcha)(id, wasInvalid, next);
     }
 
     next();
@@ -113,9 +114,9 @@ function signUp(id) {
       autoLogin: (0, _index4.shouldAutoLogin)(m)
     };
 
-    var isCaptchaValid = setCaptchaParams(m, params, fields);
+    var isCaptchaValid = (0, _captcha.setCaptchaParams)(m, params, fields);
     if (!isCaptchaValid) {
-      return showMissingCaptcha(m, id);
+      return (0, _captcha.showMissingCaptcha)(m, id);
     }
 
     if ((0, _index4.databaseConnectionRequiresUsername)(m)) {
@@ -155,7 +156,7 @@ function signUp(id) {
 
       var wasInvalidCaptcha = error && error.code === 'invalid_captcha';
 
-      swapCaptcha(id, wasInvalidCaptcha, function () {
+      (0, _captcha.swapCaptcha)(id, wasInvalidCaptcha, function () {
         setTimeout(function () {
           return signUpError(id, error);
         }, 250);
@@ -255,7 +256,7 @@ function signUpError(id, error) {
 
   if (errorKey === 'invalid_captcha') {
     errorMessage = i18n.html(m, ['error', 'login', errorKey]);
-    return swapCaptcha(id, true, function () {
+    return (0, _captcha.swapCaptcha)(id, true, function () {
       (0, _index.swap)(_index.updateEntity, 'lock', id, l.setSubmitting, false, errorMessage);
     });
   }
@@ -360,64 +361,3 @@ function showLoginMFAActivity(id) {
 
   (0, _index.swap)(_index.updateEntity, 'lock', id, _index4.setScreen, 'mfaLogin', fields);
 }
-
-/**
- * Get a new challenge and display the new captcha image.
- *
- * @param {number} id The id of the Lock instance.
- * @param {boolean} wasInvalid A boolean indicating if the previous captcha was invalid.
- * @param {Function} [next] A callback.
- */
-function swapCaptcha(id, wasInvalid, next) {
-  return _web_api2.default.getChallenge(id, function (err, newCaptcha) {
-    if (!err && newCaptcha) {
-      (0, _index.swap)(_index.updateEntity, 'lock', id, l.setCaptcha, newCaptcha, wasInvalid);
-    }
-    if (next) {
-      next();
-    }
-  });
-}
-
-/**
- * Display the error message of missing captcha in the header of lock.
- *
- * @param {Object} m model
- * @param {Number} id
- */
-function showMissingCaptcha(m, id) {
-  var captchaConfig = l.captcha(m);
-  var captchaError = captchaConfig.get('provider') === 'recaptcha_v2' ? 'invalid_recaptcha' : 'invalid_captcha';
-  var errorMessage = i18n.html(m, ['error', 'login', captchaError]);
-  (0, _index.swap)(_index.updateEntity, 'lock', id, function (m) {
-    m = l.setSubmitting(m, false, errorMessage);
-    return c.showInvalidField(m, 'captcha');
-  });
-  return m;
-}
-
-/**
- * Set the captcha value in the fields object before sending the request.
- *
- * @param {Object} m model
- * @param {Object} params
- * @param {Object} fields
- *
- * @returns {Boolean} returns true if is required and missing the response from the user
- */
-function setCaptchaParams(m, params, fields) {
-  var captchaConfig = l.captcha(m);
-  var isCaptchaRequired = captchaConfig && l.captcha(m).get('required');
-  if (!isCaptchaRequired) {
-    return true;
-  }
-  var captcha = c.getFieldValue(m, 'captcha');
-  //captcha required and missing
-  if (!captcha) {
-    return false;
-  }
-
-  params['captcha'] = captcha;
-  fields.push('captcha');
-  return true;
-}

package/lib/connection/database/login_pane.js

@@ -24,6 +24,8 @@ var _password_pane2 = _interopRequireDefault(_password_pane);
 
 var _actions = require('./actions');
 
+var _captcha = require('../captcha');
+
 var _index = require('./index');
 
 var _index2 = require('../../core/index');
@@ -103,7 +105,7 @@ var LoginPane = function (_React$Component) {
     });
 
     var captchaPane = l.captcha(lock) && l.captcha(lock).get('required') ? _react2.default.createElement(_captcha_pane2.default, { i18n: i18n, lock: lock, onReload: function onReload() {
-        return (0, _actions.swapCaptcha)(l.id(lock), false);
+        return (0, _captcha.swapCaptcha)(l.id(lock), false);
       } }) : null;
 
     var dontRememberPassword = showForgotPasswordLink && (0, _index.hasScreen)(lock, 'forgotPassword') ? _react2.default.createElement(

package/lib/connection/enterprise/actions.js

@@ -30,6 +30,8 @@ var _index3 = require('../../core/index');
 
 var l = _interopRequireWildcard(_index3);
 
+var _captcha = require('../captcha');
+
 var _index4 = require('../database/index');
 
 function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } }
@@ -57,11 +59,19 @@ function logIn(id) {
   var ssoConnection = (0, _enterprise.matchConnection)(m, email);
   var enterpriseConnection = (0, _enterprise.enterpriseActiveFlowConnection)(m);
   var connectionScopes = getConnectionScopesFrom(m, ssoConnection || enterpriseConnection);
+  var usernameField = (0, _index4.databaseLogInWithEmail)(m) ? 'email' : 'username';
+  var fields = [usernameField, 'password'];
 
   var params = {
     connection_scope: connectionScopes ? connectionScopes.toJS() : undefined
   };
 
+  var isCaptchaValid = (0, _captcha.setCaptchaParams)(m, params, fields);
+
+  if (!isCaptchaValid) {
+    return (0, _captcha.showMissingCaptcha)(m, id);
+  }
+
   if (ssoConnection && !(0, _enterprise.isHRDActive)(m)) {
     return logInSSO(id, ssoConnection, params);
   }

package/lib/core/web_api/helper.js

@@ -176,5 +176,5 @@ function trimAuthParams() {
 }
 
 function getVersion() {
-  return '11.31.0';
+  return '11.31.1';
 }

package/lib/engine/classic/login.js

@@ -66,7 +66,7 @@ function shouldRenderTabs(m) {
   if (l.hasSomeConnections(m, 'social') && (0, _index.hasInitialScreen)(m, 'signUp')) return (0, _index.hasScreen)(m, 'signUp');
 }
 
-var Component = function Component(_ref) {
+var LoginComponent = function LoginComponent(_ref) {
   var i18n = _ref.i18n,
       model = _ref.model;
 
@@ -182,7 +182,7 @@ var Login = function (_Screen) {
   };
 
   Login.prototype.render = function render() {
-    return Component;
+    return LoginComponent;
   };
 
   return Login;

package/lib/engine/classic/sign_up_pane.js

@@ -32,7 +32,7 @@ var _index2 = require('../../core/index');
 
 var l = _interopRequireWildcard(_index2);
 
-var _actions = require('../../connection/database/actions');
+var _captcha = require('../../connection/captcha');
 
 function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } }
 
@@ -97,7 +97,7 @@ var SignUpPane = function (_React$Component) {
     });
 
     var captchaPane = l.captcha(model) && l.captcha(model).get('required') ? _react2.default.createElement(_captcha_pane2.default, { i18n: i18n, lock: model, onReload: function onReload() {
-        return (0, _actions.swapCaptcha)(l.id(model), false);
+        return (0, _captcha.swapCaptcha)(l.id(model), false);
       } }) : null;
 
     var passwordPane = !onlyEmail && _react2.default.createElement(_password_pane2.default, {

package/lib/i18n.js

@@ -125,7 +125,7 @@ function assertLanguage(m, language, base) {
 function syncLang(m, language, _cb) {
   (0, _cdn_utils.load)({
     method: 'registerLanguageDictionary',
-    url: l.languageBaseUrl(m) + '/js/lock/' + '11.31.0' + '/' + language + '.js',
+    url: l.languageBaseUrl(m) + '/js/lock/' + '11.31.1' + '/' + language + '.js',
     check: function check(str) {
       return str && str === language;
     },
@@ -141,7 +141,9 @@ function registerLanguageDictionary(language, dictionary) {
   languageDictionaries[language] = _immutable2.default.fromJS(dictionary);
 }
 
-(0, _cdn_utils.preload)({
-  method: 'registerLanguageDictionary',
-  cb: registerLanguageDictionary
-});
+if (typeof window !== 'undefined') {
+  (0, _cdn_utils.preload)({
+    method: 'registerLanguageDictionary',
+    cb: registerLanguageDictionary
+  });
+}

package/lib/lock.js

@@ -42,7 +42,7 @@ var Auth0Lock = function (_Core) {
 
 
 exports.default = Auth0Lock;
-Auth0Lock.version = '11.31.0';
+Auth0Lock.version = '11.31.1';
 
 // TODO: should we have different telemetry for classic/passwordless?
 // TODO: should we set telemetry info before each request?

package/lib/passwordless.js

@@ -41,4 +41,4 @@ var Auth0LockPasswordless = function (_Core) {
 exports.default = Auth0LockPasswordless;
 
 
-Auth0LockPasswordless.version = '11.31.0';
+Auth0LockPasswordless.version = '11.31.1';

package/lib/ui/box/container.js

@@ -112,7 +112,7 @@ var EscKeyDownHandler = function () {
   return EscKeyDownHandler;
 }();
 
-var IPHONE = window.navigator && !!window.navigator.userAgent.match(/iPhone/i);
+var IPHONE = typeof window !== 'undefined' && window.navigator && !!window.navigator.userAgent.match(/iPhone/i);
 
 var Container = function (_React$Component) {
   _inherits(Container, _React$Component);
@@ -384,7 +384,7 @@ Container.propTypes = {
 };
 
 // NOTE: detecting the file protocol is important for things like electron.
-var isFileProtocol = window.window && window.location && window.location.protocol === 'file:';
+var isFileProtocol = typeof window !== 'undefined' && window.window && window.location && window.location.protocol === 'file:';
 
 var defaultProps = exports.defaultProps = Container.defaultProps = {
   autofocus: false,

package/lib/ui/box/header.js

@@ -155,12 +155,17 @@ WelcomeMessage.propTypes = {
 };
 
 var cssBlurSupport = function () {
+  if (typeof window === 'undefined') {
+    return;
+  }
+
   // Check stolen from Modernizr, see https://github.com/Modernizr/Modernizr/blob/29eab707f7a2fb261c8a9c538370e97eb1f86e25/feature-detects/css/filters.js
   var isEdge = window.navigator && !!window.navigator.userAgent.match(/Edge/i);
   if (typeof window.document === 'undefined' || isEdge) return false;
 
   var el = window.document.createElement('div');
   el.style.cssText = 'filter: blur(2px); -webkit-filter: blur(2px)';
+
   return !!el.style.length && (window.document.documentMode === undefined || window.document.documentMode > 9);
 }();
 

package/lib/utils/cdn_utils.js

@@ -10,7 +10,7 @@ var _auth0Js2 = _interopRequireDefault(_auth0Js);
 
 function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
 
-if (!window.Auth0) {
+if (typeof window !== 'undefined' && !window.Auth0) {
   window.Auth0 = {};
 }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "auth0-lock",
-  "version": "11.31.0",
+  "version": "11.31.1",
   "description": "Auth0 Lock",
   "author": "Auth0 <support@auth0.com> (http://auth0.com)",
   "license": "MIT",
@@ -107,7 +107,7 @@
   "dependencies": {
     "auth0-js": "^9.16.4",
     "auth0-password-policies": "^1.0.2",
-    "blueimp-md5": "^2.18.0",
+    "blueimp-md5": "^2.19.0",
     "classnames": "^2.3.1",
     "dompurify": "^2.2.8",
     "immutable": "^3.7.3",