auth0-lock 11.33.2 → 11.34.0

package/.circleci/config.yml

@@ -78,6 +78,8 @@ workflows:
           context:
             - browserstack-env
       - ship/node-publish:
+          requires:
+            - build-and-test
           pkg-manager: yarn
           context:
             - publish-npm

package/.github/ISSUE_TEMPLATE/report_a_bug.md

@@ -14,6 +14,8 @@ Thank you in advance for helping us to improve this library! Please read through
 By submitting an Issue to this repository, you agree to the terms within the Auth0 Code of Conduct (https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md).
 -->
 
+:warning: **Note:** We are no longer supporting requests for new features. Only requests for bug fixes or security patches will be considered.
+
 ### Describe the problem
 
 <!--
@@ -52,4 +54,4 @@ By submitting an Issue to this repository, you agree to the terms within the Aut
 - **Version of this library used:**
 - **Which framework are you using, if applicable:**
 - **Other modules/plugins/libraries that might be involved:**
-- **Any other relevant information you think would be useful:**
+- **Any other relevant information you think would be useful:**

package/CHANGELOG.md

@@ -1,5 +1,17 @@
 # Change Log
 
+## [v11.34.0](https://github.com/auth0/lock/tree/v11.34.0) (2022-09-14)
+[Full Changelog](https://github.com/auth0/lock/compare/v11.33.3...v11.34.0)
+
+**Added**
+- FDR-297: Adding okta for enterprise [\#2172](https://github.com/auth0/lock/pull/2172) ([jamescgarrett](https://github.com/jamescgarrett))
+
+## [v11.33.3](https://github.com/auth0/lock/tree/v11.33.3) (2022-08-16)
+[Full Changelog](https://github.com/auth0/lock/compare/v11.33.2...v11.33.3)
+
+**Added**
+- IAMRISK-1725 Add password_leaked error label for Signup [\#2160](https://github.com/auth0/lock/pull/2160) ([robinbijlani](https://github.com/robinbijlani))
+
 ## [v11.33.2](https://github.com/auth0/lock/tree/v11.33.2) (2022-06-29)
 [Full Changelog](https://github.com/auth0/lock/compare/v11.33.1...v11.33.2)
 

package/Makefile

@@ -0,0 +1,22 @@
+#!/usr/bin/env make
+
+#SHELL := /bin/bash
+#.SHELLFLAGS = -ec
+
+.PHONY: install lint test build cdn-publish
+
+install:
+	@echo "Running install..."
+	yarn install
+
+test:
+	@echo "Running test..."
+	yarn test
+
+build:
+	@echo "Running build..."
+	rm -f build/*.js && yarn dist build
+
+publish:
+	@echo "Running cdn-publish..."
+	npm run publish:cdn

package/README.md

@@ -25,7 +25,7 @@ From CDN
 
 ```html
 <!-- Latest patch release (recommended for production) -->
-<script src="https://cdn.auth0.com/js/lock/11.33.2/lock.min.js"></script>
+<script src="https://cdn.auth0.com/js/lock/11.34.0/lock.min.js"></script>
 ```
 
 From [npm](https://npmjs.org)
@@ -453,7 +453,7 @@ new Auth0Lock('client ID', 'domain', {
 - **languageBaseUrl {String}**: Overrides the language source URL for Auth0's provided translations. By default it uses to Auth0's CDN URL `https://cdn.auth0.com`.
 - **hashCleanup {Boolean}**: When enabled, it will remove the hash part of the callback URL after the user authentication. Defaults to `true`.
 - **connectionResolver {Function}**: When in use, provides an extensibility point to make it possible to choose which connection to use based on the username information. Has `username`, `context`, and `callback` as parameters. The callback expects an object like: `{type: 'database', name: 'connection name'}`. **This only works for database connections.** Keep in mind that this resolver will run in the form's `onSubmit` event, so keep it simple and fast. **This is a beta feature. If you find a bug, please open a GitHub [issue](https://github.com/auth0/lock/issues/new).**
-- **legacySameSiteCookie**: If `false`, no compatibility cookies will be created for those browsers that do not understand the `SameSite` attribute. Defaults to `true`
+- **legacySameSiteCookie**: If `false`, no compatibility cookies will be created for those browsers that do not understand the `SameSite` attribute. Defaults to `true`. **Note**: this setting only has an effect when running on an HTTPS domain; if HTTP is used, no legacy cookies are created regardless of this setting.
 
 ```js
 var options = {
@@ -490,7 +490,7 @@ Extra input fields can be added to the sign up screen with the `additionalSignUp
 
 Additional sign up fields are rendered below the default fields in the order they are provided.
 
-:warning: **Note**: From `11.33.2` onwards, all HTML tags are stripped from user input into custom signup fields.
+:warning: **Note**: From `11.34.0` onwards, all HTML tags are stripped from user input into custom signup fields.
 
 ##### Text field
 
@@ -685,7 +685,9 @@ We ensure browser compatibility in Chrome, Safari, Firefox and IE >= 10. We curr
 
 ## Issue Reporting
 
-If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues.
+If you have found a bug, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues.
+
+:warning: **Note:** We are no longer supporting requests for new features. Only requests for bug fixes or security patches will be considered.
 
 ## Author
 

package/lib/connection/enterprise/quick_auth_screen.js

@@ -38,7 +38,7 @@ function _inherits(subClass, superClass) { if (typeof superClass !== "function"
 
 // TODO: handle this from CSS
 function icon(strategy) {
-  if (strategy === 'google-apps') return strategy;
+  if (strategy === 'google-apps' || strategy === 'okta') return strategy;
   if (~['adfs', 'office365', 'waad'].indexOf(strategy)) return 'windows';
   return 'auth0';
 }

package/lib/connection/enterprise.js

@@ -79,7 +79,8 @@ var STRATEGIES = exports.STRATEGIES = {
   samlp: 'SAML',
   sharepoint: 'SharePoint Apps',
   waad: 'Windows Azure AD',
-  oidc: 'OpenID Connect'
+  oidc: 'OpenID Connect',
+  okta: 'Okta Workforce'
 };
 
 function initEnterprise(m, opts) {

package/lib/core/web_api/helper.js

@@ -176,5 +176,5 @@ function trimAuthParams() {
 }
 
 function getVersion() {
-  return '11.33.2';
+  return '11.34.0';
 }