Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SDK-1417] Customizable default scopes #435

Merged
merged 17 commits into from
Apr 30, 2020
Merged

[SDK-1417] Customizable default scopes #435

Show file tree
Hide file tree
Changes from 11 commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
61dc91c
Extracted changes needed to customize defaultScope
srihari93 Mar 24, 2020
4869386
Moved existing defaultScopes test to the right place
Apr 24, 2020
1e4b2ff
getUniqueScopes moved into scope.ts
Apr 24, 2020
00b489c
Refactor getUniqueScopes into its own module
Apr 24, 2020
f8daf6a
Stop mutating optios.scope and store in separate var
Apr 24, 2020
20fd45c
Added tests for relevant functions for using advanced default scopes
Apr 24, 2020
6407a47
Fix constructor after merge
Apr 24, 2020
dd21171
advancedOptions.defaultScope can accept empty/null value
Apr 24, 2020
158eaa4
Added advanced section to readme
Apr 24, 2020
a1fe4eb
Merge branch 'master' into feature/advance-default-scope
Apr 27, 2020
cce5d3c
Merge branch 'master' into feature/advance-default-scope
Apr 28, 2020
9063ef0
Set up proper spy for getUniqueScopes
Apr 29, 2020
66def7d
Fixed types in JS docs
Apr 29, 2020
ae19992
Simplified getUniqueScopes implementation
Apr 29, 2020
19cc0db
Cleaned up index test file
Apr 29, 2020
65ffa1e
Merge branch 'master' into feature/advance-default-scope
Apr 29, 2020
503d440
Simplified the defaultScope check using null chaining operator
Apr 29, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
44 changes: 29 additions & 15 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,15 +56,15 @@ import createAuth0Client from '@auth0/auth0-spa-js';
const auth0 = await createAuth0Client({
domain: '<AUTH0_DOMAIN>',
client_id: '<AUTH0_CLIENT_ID>',
redirect_uri: '<MY_CALLBACK_URL>',
redirect_uri: '<MY_CALLBACK_URL>'
});

//with promises
createAuth0Client({
domain: '<AUTH0_DOMAIN>',
client_id: '<AUTH0_CLIENT_ID>',
redirect_uri: '<MY_CALLBACK_URL>',
}).then((auth0) => {
redirect_uri: '<MY_CALLBACK_URL>'
}).then(auth0 => {
//...
});

Expand All @@ -74,7 +74,7 @@ import { Auth0Client } from '@auth0/auth0-spa-js';
const auth0 = new Auth0Client({
domain: '<AUTH0_DOMAIN>',
client_id: '<AUTH0_CLIENT_ID>',
redirect_uri: '<MY_CALLBACK_URL>',
redirect_uri: '<MY_CALLBACK_URL>'
});

//if you do this, you'll need to check the session yourself
Expand Down Expand Up @@ -120,9 +120,9 @@ document.getElementById('login').addEventListener('click', () => {

//in your callback route (<MY_CALLBACK_URL>)
window.addEventListener('load', () => {
auth0.handleRedirectCallback().then((redirectResult) => {
auth0.handleRedirectCallback().then(redirectResult => {
//logged in. you can get the user profile like this:
auth0.getUser().then((user) => {
auth0.getUser().then(user => {
console.log(user);
});
});
Expand All @@ -142,8 +142,8 @@ document.getElementById('call-api').addEventListener('click', async () => {
const result = await fetch('https://myapi.com', {
method: 'GET',
headers: {
Authorization: `Bearer ${accessToken}`,
},
Authorization: `Bearer ${accessToken}`
}
});
const data = await result.json();
console.log(data);
Expand All @@ -153,16 +153,16 @@ document.getElementById('call-api').addEventListener('click', async () => {
document.getElementById('call-api').addEventListener('click', () => {
auth0
.getTokenSilently()
.then((accessToken) =>
.then(accessToken =>
fetch('https://myapi.com', {
method: 'GET',
headers: {
Authorization: `Bearer ${accessToken}`,
},
Authorization: `Bearer ${accessToken}`
}
})
)
.then((result) => result.json())
.then((data) => {
.then(result => result.json())
.then(data => {
console.log(data);
});
});
Expand Down Expand Up @@ -193,7 +193,7 @@ await createAuth0Client({
domain: '<AUTH0_DOMAIN>',
client_id: '<AUTH0_CLIENT_ID>',
redirect_uri: '<MY_CALLBACK_URL>',
cacheLocation: 'localstorage', // valid values are: 'memory' or 'localstorage'
cacheLocation: 'localstorage' // valid values are: 'memory' or 'localstorage'
});
```

Expand All @@ -210,7 +210,7 @@ await createAuth0Client({
domain: '<AUTH0_DOMAIN>',
client_id: '<AUTH0_CLIENT_ID>',
redirect_uri: '<MY_CALLBACK_URL>',
useRefreshTokens: true,
useRefreshTokens: true
});
```

Expand All @@ -226,6 +226,20 @@ If the fallback mechanism fails, a `login_required` error will be thrown and cou

**Note**: This fallback mechanism does still require access to the Auth0 session cookie, so if third-party cookies are being blocked then this fallback will not work and the user must re-authenticate in order to get a new refresh token.

### Advanced options

Advanced options can be set by specifying the `advancedOptions` property when configuring `Auth0Client`. Learn about the complete set of advanced options in the [API documentation](https://auth0.github.io/auth0-spa-js/interfaces/advancedoptions.html)

```js
createAuth0Client({
domain: '<AUTH0_DOMAIN>',
client_id: '<AUTH0_CLIENT_ID>',
advancedOptions: {
defaultScope: 'email' // change the scopes that are applied to every authz request. **Note**: `openid` is always specified regardless of this setting
}
});
```

## Contributing

We appreciate feedback and contribution to this repo! Before you get started, please see the following:
Expand Down
80 changes: 60 additions & 20 deletions __tests__/Auth0Client.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ import unfetch from 'unfetch';
import { verify } from '../src/jwt';
import { MessageChannel } from 'worker_threads';
import * as utils from '../src/utils';
import { Auth0ClientOptions, IdToken } from '../src';
import * as scope from '../src/scope';

jest.mock('unfetch');
jest.mock('../src/jwt');
Expand Down Expand Up @@ -34,7 +36,10 @@ const fetchResponse = (ok, json) =>
json: () => Promise.resolve(json)
});

const setup: any = (config?, claims?) => {
const setup = (
config?: Partial<Auth0ClientOptions>,
claims?: Partial<IdToken>
) => {
const auth0 = new Auth0Client(
Object.assign(
{
Expand All @@ -45,6 +50,7 @@ const setup: any = (config?, claims?) => {
config
)
);

mockVerify.mockReturnValue({
claims: Object.assign(
{
Expand All @@ -53,6 +59,7 @@ const setup: any = (config?, claims?) => {
claims
)
});

return auth0;
};

Expand Down Expand Up @@ -96,23 +103,40 @@ describe('Auth0Client', () => {
};
mockWindow.MessageChannel = MessageChannel;
mockWindow.Worker = {};
jest.spyOn(utils, 'getUniqueScopes');
jest.spyOn(scope, 'getUniqueScopes');
});

afterEach(() => {
jest.clearAllMocks();
});

it('automatically adds the offline_access scope during construction', async () => {
setup({
it('automatically adds the offline_access scope during construction', () => {
const auth0 = setup({
useRefreshTokens: true,
scope: 'test-scope'
});

expect(utils.getUniqueScopes).toHaveBeenCalledWith(
'test-scope',
'offline_access'
);
expect((<any>auth0).scope).toBe('test-scope offline_access');
});

it('ensures the openid scope is defined when customizing default scopes', () => {
const auth0 = setup({
advancedOptions: {
defaultScope: 'test-scope'
}
});

expect((<any>auth0).defaultScope).toBe('openid test-scope');
});

it('allows an empty custom default scope', () => {
const auth0 = setup({
advancedOptions: {
defaultScope: null
}
});

expect((<any>auth0).defaultScope).toBe('openid');
});

it('should log the user in and get the token', async () => {
Expand Down Expand Up @@ -143,8 +167,11 @@ describe('Auth0Client', () => {
const auth0 = setup({
useRefreshTokens: true
});
expect(auth0.worker).toBeDefined();

expect((<any>auth0).worker).toBeDefined();

await login(auth0);

mockFetch.mockResolvedValueOnce(
fetchResponse(true, {
id_token: 'my_id_token',
Expand All @@ -153,7 +180,9 @@ describe('Auth0Client', () => {
expires_in: 86400
})
);

const access_token = await auth0.getTokenSilently({ ignoreCache: true });

assertPost(
'https://auth0_domain/oauth/token',
{
Expand All @@ -164,6 +193,7 @@ describe('Auth0Client', () => {
},
1
);

expect(access_token).toEqual('my_access_token');
});

Expand All @@ -172,15 +202,19 @@ describe('Auth0Client', () => {
useRefreshTokens: true,
cacheLocation: 'localstorage'
});
expect(auth0.worker).toBeUndefined();

expect((<any>auth0).worker).toBeUndefined();

await login(auth0);

assertPost('https://auth0_domain/oauth/token', {
redirect_uri: 'my_callback_url',
client_id: 'auth0_client_id',
code_verifier: '123',
grant_type: 'authorization_code',
code: 'my_code'
});

mockFetch.mockResolvedValueOnce(
fetchResponse(true, {
id_token: 'my_id_token',
Expand All @@ -189,7 +223,9 @@ describe('Auth0Client', () => {
expires_in: 86400
})
);

const access_token = await auth0.getTokenSilently({ ignoreCache: true });

assertPost(
'https://auth0_domain/oauth/token',
{
Expand All @@ -200,6 +236,7 @@ describe('Auth0Client', () => {
},
1
);

expect(access_token).toEqual('my_access_token');
});

Expand All @@ -211,7 +248,7 @@ describe('Auth0Client', () => {
cacheLocation: 'memory'
});

expect(auth0.worker).toBeUndefined();
expect((<any>auth0).worker).toBeUndefined();

await login(auth0);

Expand Down Expand Up @@ -252,7 +289,8 @@ describe('Auth0Client', () => {
const auth0 = setup({
useRefreshTokens: true
});
expect(auth0.worker).toBeDefined();

expect((<any>auth0).worker).toBeDefined();
await login(auth0);
mockFetch.mockReset();
mockFetch.mockImplementation(() => Promise.reject(new Error('my_error')));
Expand All @@ -266,7 +304,7 @@ describe('Auth0Client', () => {
const auth0 = setup({
useRefreshTokens: true
});
expect(auth0.worker).toBeDefined();
expect((<any>auth0).worker).toBeDefined();
await login(auth0);
mockFetch.mockReset();
mockFetch.mockResolvedValue(
Expand All @@ -290,7 +328,9 @@ describe('Auth0Client', () => {
const auth0 = setup({
useRefreshTokens: true
});
expect(auth0.worker).toBeDefined();

expect((<any>auth0).worker).toBeDefined();

await login(auth0);
mockFetch.mockReset();
mockFetch.mockImplementation(
Expand Down Expand Up @@ -324,7 +364,7 @@ describe('Auth0Client', () => {
const auth0 = setup({
useRefreshTokens: true
});
expect(auth0.worker).toBeDefined();
expect((<any>auth0).worker).toBeDefined();
await login(auth0, true, { refresh_token: '' });
jest.spyOn(<any>utils, 'runIframe').mockResolvedValue({
access_token: 'my_access_token',
Expand All @@ -348,7 +388,7 @@ describe('Auth0Client', () => {
useRefreshTokens: true,
cacheLocation: 'localstorage'
});
expect(auth0.worker).toBeUndefined();
expect((<any>auth0).worker).toBeUndefined();
await login(auth0);
mockFetch.mockReset();
mockFetch.mockImplementation(() => Promise.reject(new Error('my_error')));
Expand All @@ -363,7 +403,7 @@ describe('Auth0Client', () => {
useRefreshTokens: true,
cacheLocation: 'localstorage'
});
expect(auth0.worker).toBeUndefined();
expect((<any>auth0).worker).toBeUndefined();
await login(auth0);
mockFetch.mockReset();
mockFetch.mockResolvedValue(
Expand All @@ -388,7 +428,7 @@ describe('Auth0Client', () => {
useRefreshTokens: true,
cacheLocation: 'localstorage'
});
expect(auth0.worker).toBeUndefined();
expect((<any>auth0).worker).toBeUndefined();
await login(auth0);
mockFetch.mockReset();
mockFetch.mockImplementation(
Expand Down Expand Up @@ -422,7 +462,7 @@ describe('Auth0Client', () => {
useRefreshTokens: true,
cacheLocation: 'localstorage'
});
expect(auth0.worker).toBeUndefined();
expect((<any>auth0).worker).toBeUndefined();
await login(auth0, true, { refresh_token: '' });
jest.spyOn(<any>utils, 'runIframe').mockResolvedValue({
access_token: 'my_access_token',
Expand Down Expand Up @@ -451,7 +491,7 @@ describe('Auth0Client', () => {
const auth0 = setup({
useRefreshTokens: true
});
expect(auth0.worker).toBeUndefined();
expect((<any>auth0).worker).toBeUndefined();
await login(auth0, true, { refresh_token: '' });
jest.spyOn(<any>utils, 'runIframe').mockResolvedValue({
access_token: 'my_access_token',
Expand Down