diff --git a/packages/configuration-validation/src/lib.js b/packages/configuration-validation/src/lib.js index 6d0bb39c1..5cc009394 100644 --- a/packages/configuration-validation/src/lib.js +++ b/packages/configuration-validation/src/lib.js @@ -53,7 +53,6 @@ configUtil.assertIssuer = (issuer, testing = {}) => { console.warn(httpsWarning); } - if (!issuer) { throw new ConfigurationValidationError('Your Okta URL is missing. ' + copyMessage); } else if (!testing.disableHttpsCheck && !issuer.match(isHttps)) { diff --git a/packages/configuration-validation/yarn.lock b/packages/configuration-validation/yarn.lock index 153990ad0..ee1182860 100644 --- a/packages/configuration-validation/yarn.lock +++ b/packages/configuration-validation/yarn.lock @@ -1241,8 +1241,8 @@ ecc-jsbn@~0.1.1: safer-buffer "^2.1.0" electron-to-chromium@^1.3.47: - version "1.3.235" - resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.235.tgz#8d0d52c9ec76d12189f2f2d265a17d57f41d20dc" + version "1.3.237" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.237.tgz#39c5d1da59d6fd16ff705b97e772bb3b5dfda7e4" error-ex@^1.2.0: version "1.3.2" diff --git a/packages/okta-angular/test/e2e/harness/yarn.lock b/packages/okta-angular/test/e2e/harness/yarn.lock index c9fdc0c74..5bae428a0 100644 --- a/packages/okta-angular/test/e2e/harness/yarn.lock +++ b/packages/okta-angular/test/e2e/harness/yarn.lock @@ -1190,8 +1190,8 @@ chokidar@^1.4.1, chokidar@^1.4.2: fsevents "^1.0.0" chokidar@^2.0.0, chokidar@^2.0.2: - version "2.1.6" - resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-2.1.6.tgz#b6cad653a929e244ce8a834244164d241fa954c5" + version "2.1.8" + resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-2.1.8.tgz#804b3a7b6a99358c3c5c61e71d8728f041cff917" dependencies: anymatch "^2.0.0" async-each "^1.0.1" @@ -1901,8 +1901,8 @@ ejs@^2.5.7: resolved "https://registry.yarnpkg.com/ejs/-/ejs-2.6.2.tgz#3a32c63d1cd16d11266cd4703b14fec4e74ab4f6" electron-to-chromium@^1.3.47: - version "1.3.235" - resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.235.tgz#8d0d52c9ec76d12189f2f2d265a17d57f41d20dc" + version "1.3.237" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.237.tgz#39c5d1da59d6fd16ff705b97e772bb3b5dfda7e4" elliptic@^6.0.0: version "6.5.0" @@ -4784,8 +4784,8 @@ portfinder@1.0.19: mkdirp "0.5.x" portfinder@^1.0.9: - version "1.0.22" - resolved "https://registry.yarnpkg.com/portfinder/-/portfinder-1.0.22.tgz#abd10a488b5696e98ee25c60731f8ae0b76f8ddd" + version "1.0.23" + resolved "https://registry.yarnpkg.com/portfinder/-/portfinder-1.0.23.tgz#894db4bcc5daf02b6614517ce89cd21a38226b82" dependencies: async "^1.5.2" debug "^2.2.0" @@ -5441,8 +5441,8 @@ send@0.17.1: statuses "~1.5.0" serialize-javascript@^1.4.0: - version "1.7.0" - resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-1.7.0.tgz#d6e0dfb2a3832a8c94468e6eb1db97e55a192a65" + version "1.8.0" + resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-1.8.0.tgz#9515fc687232e2321aea1ca7a529476eb34bb480" serve-index@^1.7.2: version "1.9.1" diff --git a/packages/okta-angular/yarn.lock b/packages/okta-angular/yarn.lock index 03e22a02e..281dd5377 100644 --- a/packages/okta-angular/yarn.lock +++ b/packages/okta-angular/yarn.lock @@ -51,8 +51,8 @@ resolved "https://registry.yarnpkg.com/@okta/configuration-validation/-/configuration-validation-0.3.0.tgz#41954ce0567b25b7ff0d4eb7fc60468a709444d7" "@okta/okta-auth-js@^2.0.0": - version "2.6.3" - resolved "https://registry.yarnpkg.com/@okta/okta-auth-js/-/okta-auth-js-2.6.3.tgz#24ca6a1a4c2da6b6002bbf81bba97e667187e693" + version "2.7.0" + resolved "https://registry.yarnpkg.com/@okta/okta-auth-js/-/okta-auth-js-2.7.0.tgz#a3b7845ed77e129f424aebed464d3db88f82dfc1" dependencies: Base64 "0.3.0" cross-fetch "^3.0.0" diff --git a/packages/okta-react-native/yarn.lock b/packages/okta-react-native/yarn.lock index 6ba41ab59..568556e93 100644 --- a/packages/okta-react-native/yarn.lock +++ b/packages/okta-react-native/yarn.lock @@ -1890,8 +1890,8 @@ ee-first@1.1.1: resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" electron-to-chromium@^1.3.191: - version "1.3.235" - resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.235.tgz#8d0d52c9ec76d12189f2f2d265a17d57f41d20dc" + version "1.3.237" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.237.tgz#39c5d1da59d6fd16ff705b97e772bb3b5dfda7e4" elliptic@^6.4.0, elliptic@^6.4.1: version "6.5.0" @@ -4069,8 +4069,8 @@ node-pre-gyp@^0.12.0: tar "^4" node-releases@^1.1.25: - version "1.1.27" - resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.27.tgz#b19ec8add2afe9a826a99dceccc516104c1edaf4" + version "1.1.28" + resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.28.tgz#503c3c70d0e4732b84e7aaa2925fbdde10482d4a" dependencies: semver "^5.3.0" diff --git a/packages/okta-react/README.md b/packages/okta-react/README.md index 9d48c47ec..d6e1ba2f7 100644 --- a/packages/okta-react/README.md +++ b/packages/okta-react/README.md @@ -44,13 +44,13 @@ yarn add @okta/okta-react ## Create Routes -Here are the minimum requirements for a working example: +Here is a minimal working example. This example defines 3 routes: * **/** - Anyone can access the home page * **/protected** - Protected is only visible to authenticated users * **/implicit/callback** - This is where auth is handled for you after redirection -```typescript +```jsx // src/App.js import React, { Component } from 'react'; @@ -64,8 +64,8 @@ class App extends Component { return ( + clientId='{clientId}' + redirectUri={window.location.origin + '/implicit/callback'} > @@ -81,7 +81,7 @@ export default App; ## Show Login and Logout Buttons In the relevant location in your application, you will want to provide `Login` and `Logout` buttons for the user. You can show/hide the correct button by using the `auth.isAuthenticated()` method. For example: -```typescript +```jsx // src/Home.js import React, { Component } from 'react'; @@ -134,7 +134,7 @@ When your users are authenticated, your React application has an access token th Here is what the React component could look like for this hypothetical example: -```typescript +```jsx import fetch from 'isomorphic-fetch'; import React, { Component } from 'react'; import { withAuth } from '@okta/okta-react'; @@ -179,33 +179,24 @@ Security is the top-most component of okta-react. This is where most of the conf #### Configuration options +These options are used by `Security` to configure the [Auth](https://github.com/okta/okta-oidc-js/blob/master/packages/okta-react/src/Auth.js) object. The most commonly used options are shown here. See [Configuration Reference](https://github.com/okta/okta-auth-js#configuration-reference) for an extended set of supported options. + - **issuer** (required) - The OpenId Connect `issuer` -- **client_id** (required) - The OpenId Connect `client_id` -- **redirect_uri** (required) - Where the callback handler is hosted +- **clientId** (required) - The OpenId Connect `client_id` +- **redirectUri** (required) - Where the callback handler is hosted - **scope** *(optional)* - Reserved or custom claims to be returned in the tokens. Default: `['openid', 'email', 'profile']` -- **response_type** *(optional)* - Desired token types. Default: `['id_token', 'token']` -- **grantType** *(optional)* - Can be `implicit` (default) or `authorization_code` (for PKCE flow) +- **responseType** *(optional)* - Desired token types. Default: `['id_token', 'token']`. +For PKCE flow, this should be left undefined or set to `['code']`. +- **pkce** *(optional)* - If `true`, PKCE flow will be used - **onAuthRequired** *(optional)* - callback function Accepts a callback to make a decision when authentication is required. If this is not supplied, `okta-react` redirects to Okta. This callback will receive `auth` and `history` parameters. This is triggered when: 1. `auth.login` is called 2. SecureRoute is accessed without authentication -- **storage** *(optional)*: - Specify the type of storage for tokens. The types are: - - [`localStorage`](https://developer.mozilla.org/en-US/docs/Web/API/Window/localStorage) - - [`sessionStorage`](https://developer.mozilla.org/en-US/docs/Web/API/Window/sessionStorage) - - [`cookie`](https://developer.mozilla.org/en-US/docs/Web/API/Document/cookie) - - Defaults to `localStorage`. If [local storage](https://developer.mozilla.org/en-US/docs/Web/API/Web_Storage_API/Local_storage) is not available, falls back to `sessionStorage` or `cookie`. -- **auto_renew** *(optional)*: - By default, the library will attempt to renew expired tokens. When an expired token is requested by the library, a renewal request is executed to update the token. If you wish to to disable auto renewal of tokens, set `auto_renew` to `false`. - -- **auth** *(optional)* - Provide an [Auth](https://github.com/okta/okta-auth-js) object instead of the options above. This is helpful when integrating `okta-react` with external libraries that need access to the tokens. - #### Example -```typescript +```jsx function customAuthHandler({auth, history}) { // Redirect to the /login page that has a CustomLoginComponent history.push('/login'); @@ -216,8 +207,8 @@ class App extends Component { return ( {/* some routes here */} @@ -228,9 +219,18 @@ class App extends Component { } ``` +#### Alternate configuration using `Auth` object + +When the `auth` option is passed, all other configuration options passed to `Security` will be ignored. The `Auth` object should be configured directly before being passed to `Security`. + +- **auth** *(optional)* - Provide an [Auth](https://github.com/okta/okta-oidc-js/blob/master/packages/okta-react/src/Auth.js) object instead of the options above. This is the most direct way to use methods on the `Auth` object outside of your components and is helpful when integrating `okta-react` with external libraries that need access to the tokens. + + #### Example with Auth object -```typescript +Configure an instance of the `Auth` object and pass it to the `Security` component. + +```jsx // src/App.js import React, { Component } from 'react'; @@ -245,9 +245,8 @@ const history = createBrowserHistory(); const auth = new Auth({ history, issuer: 'https://{yourOktaDomain}.com/oauth2/default', - client_id: '{clientId}', - redirect_uri: window.location.origin + '/implicit/callback', - onAuthRequired: ({history}) => history.push('/login') + clientId: '{clientId}', + redirectUri: window.location.origin + '/implicit/callback', }); class App extends Component { @@ -267,6 +266,55 @@ class App extends Component { export default App; ``` +#### PKCE Example + +Assuming you have configured your application to allow the `Authorization code` grant type, simply pass `pkce=true` to the `Security` component. This will configure the `Auth` object to perform PKCE flow for both login and token refresh. + +```jsx + +class App extends Component { + render() { + return ( + + + + {/* some routes here */} + + + ); + } +} +``` + +You may also configure an `Auth` object directly and pass it to the Security component. + +```jsx + +const auth = new Auth({ + issuer: 'https://{yourOktaDomain}.com/oauth2/default', + clientId: '{clientId}', + pkce: true, + redirectUri: window.location.origin + '/implicit/callback', +}); + +class App extends Component { + render() { + return ( + + + + + + + ); + } +} + +``` + ### `SecureRoute` `SecureRoute` ensures that a route is only rendered if the user is authenticated. If the user is not authenticated, it calls `onAuthRequired` if it exists, otherwise, it redirects to Okta. @@ -315,7 +363,7 @@ Performs a full-page redirect to Okta with optional request parameters. The `additionalParams` are mapped to Okta's [`/authorize` request parameters](https://developer.okta.com/docs/api/resources/oidc#authorize). This will override any existing [configuration](#configuration-options). As an example, if you have an Okta `sessionToken`, you can bypass the full-page redirect by passing in this token. This is recommended when using the [Okta Sign-In Widget](https://github.com/okta/okta-signin-widget). Simply pass in a `sessionToken` into the `redirect` method as follows: -```typescript +```jsx auth.redirect({ sessionToken: '{sampleSessionToken}' }); @@ -335,6 +383,7 @@ See the [getting started](/README.md#getting-started) section for step-by-step i | Command | Description | |--------------|------------------------------------| +| `yarn install`| Install dependencies | | `yarn start` | Start the sample app using the SDK | | `yarn test` | Run unit and integration tests | | `yarn lint` | Run eslint linting tests | diff --git a/packages/okta-react/package.json b/packages/okta-react/package.json index 2e714f316..11df50279 100644 --- a/packages/okta-react/package.json +++ b/packages/okta-react/package.json @@ -1,6 +1,6 @@ { "name": "@okta/okta-react", - "version": "1.2.0", + "version": "1.2.1", "description": "React support for Okta", "main": "./dist/index.js", "scripts": { @@ -32,8 +32,8 @@ }, "homepage": "https://github.com/okta/okta-oidc-js#readme", "dependencies": { - "@okta/configuration-validation": "^0.3.0", - "@okta/okta-auth-js": "^2.6.0", + "@okta/configuration-validation": "^0.4.0", + "@okta/okta-auth-js": "^2.6.3", "babel-runtime": "^6.26.0", "prop-types": "^15.5.10" }, diff --git a/packages/okta-react/test/e2e/harness/e2e/App.test.js b/packages/okta-react/test/e2e/harness/e2e/App.test.js index e72ccfba1..918951467 100644 --- a/packages/okta-react/test/e2e/harness/e2e/App.test.js +++ b/packages/okta-react/test/e2e/harness/e2e/App.test.js @@ -30,77 +30,143 @@ describe('React + Okta App', () => { sessionTokenSignInPage = new SessionTokenSignInPage(); }); - it('should redirect to Okta for login when trying to access a protected page', () => { - protectedPage.navigateTo('?state=bar#baz'); - - oktaLoginPage.waitUntilVisible(); - oktaLoginPage.signIn({ - username: process.env.USERNAME, - password: process.env.PASSWORD + describe('implicit flow', () => { + + it('should redirect to Okta for login when trying to access a protected page', () => { + protectedPage.navigateTo('?state=bar#baz'); + + oktaLoginPage.waitUntilVisible(); + oktaLoginPage.signIn({ + username: process.env.USERNAME, + password: process.env.PASSWORD + }); + + protectedPage.waitUntilVisible('?state=bar#baz'); + expect(protectedPage.getLogoutButton().isPresent()).toBeTruthy(); + + protectedPage.waitForElement('userinfo-container'); + protectedPage.getUserInfo().getText() + .then(userInfo => { + expect(userInfo).toContain('email'); + }); + + expect(appPage.getLoginFlow().getText()).toBe('implicit'); + + // Logout + protectedPage.getLogoutButton().click(); + + appPage.waitUntilLoggedOut(); }); - - protectedPage.waitUntilVisible('?state=bar#baz'); - expect(protectedPage.getLogoutButton().isPresent()).toBeTruthy(); - - protectedPage.waitForElement('userinfo-container'); - protectedPage.getUserInfo().getText() - .then(userInfo => { - expect(userInfo).toContain('email'); + + it('should redirect to Okta for login', () => { + appPage.navigateTo(); + + appPage.waitUntilVisible(); + + expect(appPage.getLoginFlow().getText()).toBe('implicit'); + appPage.getLoginButton().click(); + + oktaLoginPage.waitUntilVisible(); + + oktaLoginPage.signIn({ + username: process.env.USERNAME, + password: process.env.PASSWORD + }); + + appPage.waitUntilVisible(); + expect(protectedPage.getLogoutButton().isPresent()).toBeTruthy(); + + // Logout + appPage.getLogoutButton().click(); + + appPage.waitUntilLoggedOut(); }); - // Logout - protectedPage.getLogoutButton().click(); - appPage.waitUntilLoggedOut(); }); - it('should redirect to Okta for login', () => { - appPage.navigateTo(); + describe('PKCE flow', () => { + + it('should redirect to Okta for login when trying to access a protected page', () => { + protectedPage.navigateTo('?pkce=1&state=bar#baz'); + + oktaLoginPage.waitUntilVisible(); + oktaLoginPage.signIn({ + username: process.env.USERNAME, + password: process.env.PASSWORD + }); + + protectedPage.waitUntilVisible('?pkce=1&state=bar#baz'); + expect(protectedPage.getLogoutButton().isPresent()).toBeTruthy(); + + protectedPage.waitForElement('userinfo-container'); + protectedPage.getUserInfo().getText() + .then(userInfo => { + expect(userInfo).toContain('email'); + }); + + expect(appPage.getLoginFlow().getText()).toBe('PKCE'); + + // Logout + protectedPage.getLogoutButton().click(); + + appPage.waitUntilLoggedOut(); + }); + + it('should redirect to Okta for login', () => { + appPage.navigateTo('/?pkce=1'); + + appPage.waitUntilVisible(); + expect(appPage.getLoginFlow().getText()).toBe('PKCE'); + appPage.getLoginButton().click(); + + oktaLoginPage.waitUntilVisible(); + + oktaLoginPage.signIn({ + username: process.env.USERNAME, + password: process.env.PASSWORD + }); + + appPage.waitUntilVisible(); + expect(protectedPage.getLogoutButton().isPresent()).toBeTruthy(); + + // Logout + appPage.getLogoutButton().click(); + + appPage.waitUntilLoggedOut(); + }); + }); - appPage.waitUntilVisible(); + describe('Okta session token flow', () => { - appPage.getLoginButton().click(); + it('should allow passing sessionToken to skip Okta login', () => { + sessionTokenSignInPage.navigateTo(); - oktaLoginPage.waitUntilVisible(); + sessionTokenSignInPage.waitUntilVisible(); - oktaLoginPage.signIn({ - username: process.env.USERNAME, - password: process.env.PASSWORD - }); + sessionTokenSignInPage.signIn({ + username: process.env.USERNAME, + password: process.env.PASSWORD + }); - appPage.waitUntilVisible(); - expect(protectedPage.getLogoutButton().isPresent()).toBeTruthy(); + appPage.waitUntilLoggedIn(); + expect(appPage.getLogoutButton().isPresent()).toBeTruthy(); - // Logout - appPage.getLogoutButton().click(); + // Logout + appPage.getLogoutButton().click(); - appPage.waitUntilLoggedOut(); + appPage.waitUntilLoggedOut(); + }); }); - it('should allow passing sessionToken to skip Okta login', () => { - sessionTokenSignInPage.navigateTo(); - - sessionTokenSignInPage.waitUntilVisible(); + describe('Router', () => { + it('should honor the "exact" route param by not triggering the secureRoute', () => { + protectedPage.navigateTo('/nested/'); + protectedPage.waitUntilVisible('/nested'); - sessionTokenSignInPage.signIn({ - username: process.env.USERNAME, - password: process.env.PASSWORD + // Assert the navigation guard wasn't triggered due to "exact" path + expect(appPage.getLoginButton().isPresent()).toBeTruthy(); }); - - appPage.waitUntilLoggedIn(); - expect(appPage.getLogoutButton().isPresent()).toBeTruthy(); - - // Logout - appPage.getLogoutButton().click(); - - appPage.waitUntilLoggedOut(); }); - it('should honor the "exact" route param by not triggering the secureRoute', () => { - protectedPage.navigateTo('/nested/'); - protectedPage.waitUntilVisible('/nested'); - - // Assert the navigation guard wasn't triggered due to "exact" path - expect(appPage.getLoginButton().isPresent()).toBeTruthy(); - }); }); diff --git a/packages/okta-react/test/e2e/harness/e2e/page-objects/app.po.js b/packages/okta-react/test/e2e/harness/e2e/page-objects/app.po.js index ee1da4fb6..b209c698a 100644 --- a/packages/okta-react/test/e2e/harness/e2e/page-objects/app.po.js +++ b/packages/okta-react/test/e2e/harness/e2e/page-objects/app.po.js @@ -14,8 +14,8 @@ import { browser, by, element } from 'protractor'; import { Util } from '../util' export class AppPage { - navigateTo() { - return browser.get('/'); + navigateTo(path = '/') { + return browser.get(path); } waitUntilVisible() { @@ -41,4 +41,8 @@ export class AppPage { getProtectedButton() { return element(by.id('protected-button')); } + + getLoginFlow() { + return element(by.id('login-flow')); + } } diff --git a/packages/okta-react/test/e2e/harness/src/App.js b/packages/okta-react/test/e2e/harness/src/App.js index ceb2b2336..c4a5e6c79 100644 --- a/packages/okta-react/test/e2e/harness/src/App.js +++ b/packages/okta-react/test/e2e/harness/src/App.js @@ -24,19 +24,24 @@ if (!Auth) { class App extends Component { render() { + /* global process */ + const { REACT_APP_ISSUER, REACT_APP_CLIENT_ID } = process.env; + const { pkce, redirectUri } = this.props; return ( - history.push('/login')}> + redirectUri={redirectUri} + onAuthRequired={({history}) => history.push('/login')} + pkce={pkce}> + diff --git a/packages/okta-react/test/e2e/harness/src/Home.js b/packages/okta-react/test/e2e/harness/src/Home.js index 0a2df970a..99ab6f937 100644 --- a/packages/okta-react/test/e2e/harness/src/Home.js +++ b/packages/okta-react/test/e2e/harness/src/Home.js @@ -23,7 +23,6 @@ export default withAuth(class Home extends Component { }; this.checkAuthentication = this.checkAuthentication.bind(this); - this.login = this.login.bind(this); this.logout = this.logout.bind(this); } @@ -60,11 +59,17 @@ export default withAuth(class Home extends Component { : ; + const pkce = this.props.auth._oktaAuth.options.pkce; + return (
+
{ pkce ? 'PKCE' : 'implicit'}
+
Home
Protected
+ Session Token Login
{button} +
); } diff --git a/packages/okta-react/test/e2e/harness/src/index.js b/packages/okta-react/test/e2e/harness/src/index.js index 3274d5e87..cadc9312d 100644 --- a/packages/okta-react/test/e2e/harness/src/index.js +++ b/packages/okta-react/test/e2e/harness/src/index.js @@ -16,5 +16,12 @@ import './index.css'; import App from './App'; import registerServiceWorker from './registerServiceWorker'; -ReactDOM.render(, document.getElementById('root')); +// To perform end-to-end PKCE flow we must be configured on both ends: when the login is initiated, and on the callback +// The login page is loaded with a query param. This will select a unique callback url +// On the callback load we detect PKCE by inspecting the pathname +const url = new URL(window.location.href); +const pkce = !!url.searchParams.get('pkce') || url.pathname.indexOf('pkce/callback') >= 0; +const redirectUri = window.location.origin + (pkce ? '/pkce/callback' : '/implicit/callback'); + +ReactDOM.render(, document.getElementById('root')); registerServiceWorker(); diff --git a/packages/okta-react/test/e2e/harness/yarn.lock b/packages/okta-react/test/e2e/harness/yarn.lock index 4aee7cad3..c311a89da 100644 --- a/packages/okta-react/test/e2e/harness/yarn.lock +++ b/packages/okta-react/test/e2e/harness/yarn.lock @@ -1094,8 +1094,8 @@ acorn-globals@^4.1.0: acorn-walk "^6.0.1" acorn-jsx@^5.0.0: - version "5.0.1" - resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-5.0.1.tgz#32a064fd925429216a09b141102bfdd185fae40e" + version "5.0.2" + resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-5.0.2.tgz#84b68ea44b373c4f8686023a551f61a21b7c4a4f" acorn-walk@^6.0.1: version "6.2.0" @@ -2471,8 +2471,8 @@ cacache@^11.0.2: y18n "^4.0.0" cacache@^12.0.2: - version "12.0.2" - resolved "https://registry.yarnpkg.com/cacache/-/cacache-12.0.2.tgz#8db03205e36089a3df6954c66ce92541441ac46c" + version "12.0.3" + resolved "https://registry.yarnpkg.com/cacache/-/cacache-12.0.3.tgz#be99abba4e1bf5df461cd5a2c1071fc432573390" dependencies: bluebird "^3.5.5" chownr "^1.1.1" @@ -2612,8 +2612,8 @@ chokidar@^1.6.1: fsevents "^1.0.0" chokidar@^2.0.0, chokidar@^2.0.2, chokidar@^2.0.4: - version "2.1.6" - resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-2.1.6.tgz#b6cad653a929e244ce8a834244164d241fa954c5" + version "2.1.8" + resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-2.1.8.tgz#804b3a7b6a99358c3c5c61e71d8728f041cff917" dependencies: anymatch "^2.0.0" async-each "^1.0.1" @@ -3494,8 +3494,8 @@ ee-first@1.1.1: resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" electron-to-chromium@^1.3.103, electron-to-chromium@^1.3.191, electron-to-chromium@^1.3.30, electron-to-chromium@^1.3.47: - version "1.3.235" - resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.235.tgz#8d0d52c9ec76d12189f2f2d265a17d57f41d20dc" + version "1.3.237" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.237.tgz#39c5d1da59d6fd16ff705b97e772bb3b5dfda7e4" elliptic@^6.0.0: version "6.5.0" @@ -3702,8 +3702,8 @@ eslint-scope@^4.0.0: estraverse "^4.1.1" eslint-utils@^1.3.1: - version "1.4.0" - resolved "https://registry.yarnpkg.com/eslint-utils/-/eslint-utils-1.4.0.tgz#e2c3c8dba768425f897cf0f9e51fe2e241485d4c" + version "1.4.2" + resolved "https://registry.yarnpkg.com/eslint-utils/-/eslint-utils-1.4.2.tgz#166a5180ef6ab7eb462f162fd0e6f2463d7309ab" dependencies: eslint-visitor-keys "^1.0.0" @@ -6401,8 +6401,8 @@ node-pre-gyp@^0.12.0: tar "^4" node-releases@^1.1.25, node-releases@^1.1.3: - version "1.1.27" - resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.27.tgz#b19ec8add2afe9a826a99dceccc516104c1edaf4" + version "1.1.28" + resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.28.tgz#503c3c70d0e4732b84e7aaa2925fbdde10482d4a" dependencies: semver "^5.3.0" @@ -6929,8 +6929,8 @@ pnp-webpack-plugin@1.2.1: ts-pnp "^1.0.0" portfinder@^1.0.9: - version "1.0.22" - resolved "https://registry.yarnpkg.com/portfinder/-/portfinder-1.0.22.tgz#abd10a488b5696e98ee25c60731f8ae0b76f8ddd" + version "1.0.23" + resolved "https://registry.yarnpkg.com/portfinder/-/portfinder-1.0.23.tgz#894db4bcc5daf02b6614517ce89cd21a38226b82" dependencies: async "^1.5.2" debug "^2.2.0" @@ -8339,8 +8339,8 @@ send@0.17.1: statuses "~1.5.0" serialize-javascript@^1.4.0, serialize-javascript@^1.7.0: - version "1.7.0" - resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-1.7.0.tgz#d6e0dfb2a3832a8c94468e6eb1db97e55a192a65" + version "1.8.0" + resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-1.8.0.tgz#9515fc687232e2321aea1ca7a529476eb34bb480" serve-index@^1.7.2: version "1.9.1" diff --git a/packages/okta-react/test/jest/auth.test.js b/packages/okta-react/test/jest/auth.test.js index aaf57e508..c7a623308 100644 --- a/packages/okta-react/test/jest/auth.test.js +++ b/packages/okta-react/test/jest/auth.test.js @@ -170,7 +170,7 @@ describe('Auth configuration', () => { expect(createInstance).not.toThrow(); }); - it('accepts the grantType option', () => { + it('accepts the `pkce` option', () => { jest.spyOn(AuthJS.prototype, 'constructor'); const options = { clientId: 'foo', @@ -180,7 +180,7 @@ describe('Auth configuration', () => { autoRenew: undefined, storage: undefined, }, - grantType: 'authorization_code', + pkce: true, } new Auth(options); diff --git a/packages/okta-react/yarn.lock b/packages/okta-react/yarn.lock index 74537eedb..75d1240e1 100644 --- a/packages/okta-react/yarn.lock +++ b/packages/okta-react/yarn.lock @@ -98,13 +98,9 @@ lodash "^4.2.0" to-fast-properties "^2.0.0" -"@okta/configuration-validation@^0.3.0": - version "0.3.0" - resolved "https://registry.yarnpkg.com/@okta/configuration-validation/-/configuration-validation-0.3.0.tgz#41954ce0567b25b7ff0d4eb7fc60468a709444d7" - -"@okta/okta-auth-js@^2.6.0": - version "2.6.3" - resolved "https://registry.yarnpkg.com/@okta/okta-auth-js/-/okta-auth-js-2.6.3.tgz#24ca6a1a4c2da6b6002bbf81bba97e667187e693" +"@okta/okta-auth-js@^2.6.3": + version "2.7.0" + resolved "https://registry.yarnpkg.com/@okta/okta-auth-js/-/okta-auth-js-2.7.0.tgz#a3b7845ed77e129f424aebed464d3db88f82dfc1" dependencies: Base64 "0.3.0" cross-fetch "^3.0.0" @@ -1331,8 +1327,8 @@ chokidar@^1.6.1: fsevents "^1.0.0" chokidar@^2.0.0: - version "2.1.6" - resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-2.1.6.tgz#b6cad653a929e244ce8a834244164d241fa954c5" + version "2.1.8" + resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-2.1.8.tgz#804b3a7b6a99358c3c5c61e71d8728f041cff917" dependencies: anymatch "^2.0.0" async-each "^1.0.1" @@ -1715,8 +1711,8 @@ ecc-jsbn@~0.1.1: safer-buffer "^2.1.0" electron-to-chromium@^1.3.30, electron-to-chromium@^1.3.47: - version "1.3.235" - resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.235.tgz#8d0d52c9ec76d12189f2f2d265a17d57f41d20dc" + version "1.3.237" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.237.tgz#39c5d1da59d6fd16ff705b97e772bb3b5dfda7e4" emoji-regex@^7.0.2: version "7.0.3" diff --git a/packages/okta-vue/test/e2e/harness/yarn.lock b/packages/okta-vue/test/e2e/harness/yarn.lock index 73cf24909..7b7d85353 100644 --- a/packages/okta-vue/test/e2e/harness/yarn.lock +++ b/packages/okta-vue/test/e2e/harness/yarn.lock @@ -3,8 +3,8 @@ "@okta/okta-auth-js@^2.0.0": - version "2.6.3" - resolved "https://registry.yarnpkg.com/@okta/okta-auth-js/-/okta-auth-js-2.6.3.tgz#24ca6a1a4c2da6b6002bbf81bba97e667187e693" + version "2.7.0" + resolved "https://registry.yarnpkg.com/@okta/okta-auth-js/-/okta-auth-js-2.7.0.tgz#a3b7845ed77e129f424aebed464d3db88f82dfc1" dependencies: Base64 "0.3.0" cross-fetch "^3.0.0" @@ -16,8 +16,8 @@ xhr2 "0.1.3" "@types/node@^8.0.7": - version "8.10.51" - resolved "https://registry.yarnpkg.com/@types/node/-/node-8.10.51.tgz#80600857c0a47a8e8bafc2dae6daed6db58e3627" + version "8.10.52" + resolved "https://registry.yarnpkg.com/@types/node/-/node-8.10.52.tgz#ef0ca1809994e20186090408b8cb7f2a6877d5f9" "@types/q@^1.5.1": version "1.5.2" @@ -1272,8 +1272,8 @@ check-types@^7.3.0: resolved "https://registry.yarnpkg.com/check-types/-/check-types-7.4.0.tgz#0378ec1b9616ec71f774931a3c6516fad8c152f4" chokidar@^2.0.2, chokidar@^2.1.2: - version "2.1.6" - resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-2.1.6.tgz#b6cad653a929e244ce8a834244164d241fa954c5" + version "2.1.8" + resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-2.1.8.tgz#804b3a7b6a99358c3c5c61e71d8728f041cff917" dependencies: anymatch "^2.0.0" async-each "^1.0.1" @@ -2229,8 +2229,8 @@ ejs@^2.5.7: resolved "https://registry.yarnpkg.com/ejs/-/ejs-2.6.2.tgz#3a32c63d1cd16d11266cd4703b14fec4e74ab4f6" electron-to-chromium@^1.2.7, electron-to-chromium@^1.3.191, electron-to-chromium@^1.3.30, electron-to-chromium@^1.3.47: - version "1.3.235" - resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.235.tgz#8d0d52c9ec76d12189f2f2d265a17d57f41d20dc" + version "1.3.237" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.237.tgz#39c5d1da59d6fd16ff705b97e772bb3b5dfda7e4" elliptic@^6.0.0: version "6.5.0" @@ -4517,8 +4517,8 @@ node-pre-gyp@^0.12.0: tar "^4" node-releases@^1.1.25: - version "1.1.27" - resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.27.tgz#b19ec8add2afe9a826a99dceccc516104c1edaf4" + version "1.1.28" + resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.28.tgz#503c3c70d0e4732b84e7aaa2925fbdde10482d4a" dependencies: semver "^5.3.0" @@ -4977,15 +4977,14 @@ pluralize@^1.2.1: portfinder@1.0.21: version "1.0.21" resolved "https://registry.yarnpkg.com/portfinder/-/portfinder-1.0.21.tgz#60e1397b95ac170749db70034ece306b9a27e324" - integrity sha512-ESabpDCzmBS3ekHbmpAIiESq3udRsCBGiBZLsC+HgBKv2ezb0R4oG+7RnYEVZ/ZCfhel5Tx3UzdNWA0Lox2QCA== dependencies: async "^1.5.2" debug "^2.2.0" mkdirp "0.5.x" portfinder@^1.0.9: - version "1.0.22" - resolved "https://registry.yarnpkg.com/portfinder/-/portfinder-1.0.22.tgz#abd10a488b5696e98ee25c60731f8ae0b76f8ddd" + version "1.0.23" + resolved "https://registry.yarnpkg.com/portfinder/-/portfinder-1.0.23.tgz#894db4bcc5daf02b6614517ce89cd21a38226b82" dependencies: async "^1.5.2" debug "^2.2.0" @@ -6133,8 +6132,8 @@ send@0.17.1: statuses "~1.5.0" serialize-javascript@^1.4.0: - version "1.7.0" - resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-1.7.0.tgz#d6e0dfb2a3832a8c94468e6eb1db97e55a192a65" + version "1.8.0" + resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-1.8.0.tgz#9515fc687232e2321aea1ca7a529476eb34bb480" serve-index@^1.9.1: version "1.9.1" diff --git a/packages/okta-vue/yarn.lock b/packages/okta-vue/yarn.lock index 59ce6c910..de89e7693 100644 --- a/packages/okta-vue/yarn.lock +++ b/packages/okta-vue/yarn.lock @@ -21,8 +21,8 @@ resolved "https://registry.yarnpkg.com/@okta/configuration-validation/-/configuration-validation-0.3.0.tgz#41954ce0567b25b7ff0d4eb7fc60468a709444d7" "@okta/okta-auth-js@^2.0.0": - version "2.6.3" - resolved "https://registry.yarnpkg.com/@okta/okta-auth-js/-/okta-auth-js-2.6.3.tgz#24ca6a1a4c2da6b6002bbf81bba97e667187e693" + version "2.7.0" + resolved "https://registry.yarnpkg.com/@okta/okta-auth-js/-/okta-auth-js-2.7.0.tgz#a3b7845ed77e129f424aebed464d3db88f82dfc1" dependencies: Base64 "0.3.0" cross-fetch "^3.0.0" @@ -34,8 +34,8 @@ xhr2 "0.1.3" "@types/node@^8.0.7": - version "8.10.51" - resolved "https://registry.yarnpkg.com/@types/node/-/node-8.10.51.tgz#80600857c0a47a8e8bafc2dae6daed6db58e3627" + version "8.10.52" + resolved "https://registry.yarnpkg.com/@types/node/-/node-8.10.52.tgz#ef0ca1809994e20186090408b8cb7f2a6877d5f9" "@types/strip-bom@^3.0.0": version "3.0.0" @@ -1274,8 +1274,8 @@ cacache@^10.0.4: y18n "^4.0.0" cacache@^12.0.2: - version "12.0.2" - resolved "https://registry.yarnpkg.com/cacache/-/cacache-12.0.2.tgz#8db03205e36089a3df6954c66ce92541441ac46c" + version "12.0.3" + resolved "https://registry.yarnpkg.com/cacache/-/cacache-12.0.3.tgz#be99abba4e1bf5df461cd5a2c1071fc432573390" dependencies: bluebird "^3.5.5" chownr "^1.1.1" @@ -1369,8 +1369,8 @@ chalk@^1.0.0, chalk@^1.1.1, chalk@^1.1.3: supports-color "^2.0.0" chokidar@^2.0.2: - version "2.1.6" - resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-2.1.6.tgz#b6cad653a929e244ce8a834244164d241fa954c5" + version "2.1.8" + resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-2.1.8.tgz#804b3a7b6a99358c3c5c61e71d8728f041cff917" dependencies: anymatch "^2.0.0" async-each "^1.0.1" @@ -1939,8 +1939,8 @@ ejs@^2.5.9: resolved "https://registry.yarnpkg.com/ejs/-/ejs-2.6.2.tgz#3a32c63d1cd16d11266cd4703b14fec4e74ab4f6" electron-to-chromium@^1.3.30, electron-to-chromium@^1.3.47: - version "1.3.235" - resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.235.tgz#8d0d52c9ec76d12189f2f2d265a17d57f41d20dc" + version "1.3.237" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.237.tgz#39c5d1da59d6fd16ff705b97e772bb3b5dfda7e4" elliptic@^6.0.0: version "6.5.0" @@ -5403,8 +5403,8 @@ semver@5.3.0: resolved "https://registry.yarnpkg.com/semver/-/semver-5.3.0.tgz#9b2ce5d3de02d17c6012ad326aa6b4d0cf54f94f" serialize-javascript@^1.4.0, serialize-javascript@^1.7.0: - version "1.7.0" - resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-1.7.0.tgz#d6e0dfb2a3832a8c94468e6eb1db97e55a192a65" + version "1.8.0" + resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-1.8.0.tgz#9515fc687232e2321aea1ca7a529476eb34bb480" set-blocking@^2.0.0, set-blocking@~2.0.0: version "2.0.0"