[SDK-2677] Support node-oidc-provider

.gitignore

@@ -9,6 +9,6 @@ cypress/videos
 .idea
 test-results
 yarn.lock
-
+.DS_Store
 release-tmp*
 bundle-stats

__tests__/Auth0Client/constructor.test.ts

@@ -138,6 +138,22 @@ describe('Auth0Client', () => {
       expect((<any>auth0).tokenIssuer).toEqual('https://some.issuer.com/');
     });
 
+    it('should allow specifying domain with http scheme', () => {
+      const auth0 = setup({
+        domain: 'http://localhost'
+      });
+
+      expect((<any>auth0).domainUrl).toEqual('http://localhost');
+    });
+
+    it('should allow specifying domain with https scheme', () => {
+      const auth0 = setup({
+        domain: 'https://localhost'
+      });
+
+      expect((<any>auth0).domainUrl).toEqual('https://localhost');
+    });
+
     it('uses a custom cache if one was given in the configuration', async () => {
       const auth0 = setup({
         cache: mockCache

__tests__/Auth0Client/getTokenSilently.test.ts

@@ -198,11 +198,43 @@ describe('Auth0Client', () => {
           code: TEST_CODE
         },
         {
-          'Auth0-Client': btoa(JSON.stringify(DEFAULT_AUTH0_CLIENT))
+          'Auth0-Client': btoa(JSON.stringify(DEFAULT_AUTH0_CLIENT)),
+          'Content-Type': 'application/json'
         }
       );
     });
 
+    it('calls the token endpoint with the correct data format when using useFormData', async () => {
+      const auth0 = setup({
+        useFormData: true
+      });
+
+      jest.spyOn(<any>utils, 'runIframe').mockResolvedValue({
+        access_token: TEST_ACCESS_TOKEN,
+        state: TEST_STATE,
+        code: TEST_CODE
+      });
+
+      await getTokenSilently(auth0);
+
+      assertPost(
+        'https://auth0_domain/oauth/token',
+        {
+          redirect_uri: TEST_REDIRECT_URI,
+          client_id: TEST_CLIENT_ID,
+          code_verifier: TEST_CODE_VERIFIER,
+          grant_type: 'authorization_code',
+          code: TEST_CODE
+        },
+        {
+          'Auth0-Client': btoa(JSON.stringify(DEFAULT_AUTH0_CLIENT)),
+          'Content-Type': 'application/x-www-form-urlencoded'
+        },
+        0,
+        false
+      );
+    });
+
     it('calls the token endpoint with the correct params when using refresh tokens', async () => {
       const auth0 = setup({
         useRefreshTokens: true

__tests__/Auth0Client/getTokenWithPopup.test.ts

@@ -7,17 +7,27 @@ import * as scope from '../../src/scope';
 
 // @ts-ignore
 
-import { fetchResponse, setupFn, setupMessageEventLister } from './helpers';
+import {
+  assertPostFn,
+  fetchResponse,
+  setupFn,
+  setupMessageEventLister
+} from './helpers';
 
 import {
   TEST_ACCESS_TOKEN,
+  TEST_CLIENT_ID,
+  TEST_CODE,
   TEST_CODE_CHALLENGE,
+  TEST_CODE_VERIFIER,
   TEST_ID_TOKEN,
+  TEST_REDIRECT_URI,
   TEST_REFRESH_TOKEN,
   TEST_STATE
 } from '../constants';
 
 import { Auth0ClientOptions } from '../../src';
+import { DEFAULT_AUTH0_CLIENT } from '../../src/constants';
 
 jest.mock('unfetch');
 jest.mock('es-cookie');
@@ -27,6 +37,7 @@ jest.mock('../../src/worker/token.worker');
 const mockWindow = <any>global;
 const mockFetch = (mockWindow.fetch = <jest.Mock>unfetch);
 const mockVerify = <jest.Mock>verify;
+const assertPost = assertPostFn(mockFetch);
 
 jest
   .spyOn(utils, 'bufferToBase64UrlEncoded')
@@ -148,6 +159,44 @@ describe('Auth0Client', () => {
       expect(config.popup.location.href).toMatch(/screen_hint/);
     });
 
+    it('should use form data if useFormData is true', async () => {
+      const auth0 = await localSetup({
+        useFormData: true
+      });
+
+      const loginOptions = {
+        audience: 'other-audience',
+        screen_hint: 'signup'
+      };
+
+      const config = {
+        popup: {
+          location: {
+            href: ''
+          },
+          close: jest.fn()
+        }
+      };
+
+      await auth0.getTokenWithPopup(loginOptions, config);
+
+      assertPost(
+        'https://auth0_domain/oauth/token',
+        {
+          redirect_uri: TEST_REDIRECT_URI,
+          client_id: TEST_CLIENT_ID,
+          code_verifier: TEST_CODE_VERIFIER,
+          grant_type: 'authorization_code'
+        },
+        {
+          'Auth0-Client': btoa(JSON.stringify(DEFAULT_AUTH0_CLIENT)),
+          'Content-Type': 'application/x-www-form-urlencoded'
+        },
+        0,
+        false
+      );
+    });
+
     it('can use the global audience', async () => {
       const auth0 = await localSetup({
         audience: 'global-audience'

__tests__/Auth0Client/handleRedirectCallback.test.ts

@@ -7,23 +7,26 @@ import * as scope from '../../src/scope';
 
 // @ts-ignore
 
-import { fetchResponse, loginWithRedirectFn, setupFn } from './helpers';
+import {
+  assertPostFn,
+  fetchResponse,
+  loginWithRedirectFn,
+  setupFn
+} from './helpers';
 
 import {
   TEST_ACCESS_TOKEN,
-  TEST_APP_STATE,
   TEST_CLIENT_ID,
   TEST_CODE,
   TEST_CODE_CHALLENGE,
-  TEST_DOMAIN,
+  TEST_CODE_VERIFIER,
   TEST_ENCODED_STATE,
   TEST_ID_TOKEN,
-  TEST_RANDOM_STRING,
-  TEST_REFRESH_TOKEN,
-  TEST_SCOPES,
-  TEST_USER_ID
+  TEST_REDIRECT_URI,
+  TEST_REFRESH_TOKEN
 } from '../constants';
-import { Auth0ClientOptions } from '../../src/global';
+
+import { DEFAULT_AUTH0_CLIENT } from '../../src/constants';
 
 jest.mock('unfetch');
 jest.mock('es-cookie');
@@ -239,6 +242,47 @@ describe('Auth0Client', () => {
     expect(fetchBody.redirect_uri).toBeUndefined();
   });
 
+  it('calls oauth/token and uses form data if specified in the options', async () => {
+    window.history.pushState(
+      {},
+      'Test',
+      `#/callback/?code=${TEST_CODE}&state=${TEST_ENCODED_STATE}`
+    );
+
+    mockFetch.mockResolvedValueOnce(
+      fetchResponse(true, {
+        id_token: TEST_ID_TOKEN,
+        refresh_token: TEST_REFRESH_TOKEN,
+        access_token: TEST_ACCESS_TOKEN,
+        expires_in: 86400
+      })
+    );
+
+    const auth0 = setup({
+      useFormData: true
+    });
+
+    await auth0.loginWithRedirect();
+    await auth0.handleRedirectCallback();
+
+    assertPostFn(mockFetch)(
+      'https://auth0_domain/oauth/token',
+      {
+        redirect_uri: TEST_REDIRECT_URI,
+        client_id: TEST_CLIENT_ID,
+        code_verifier: TEST_CODE_VERIFIER,
+        grant_type: 'authorization_code',
+        code: TEST_CODE
+      },
+      {
+        'Auth0-Client': btoa(JSON.stringify(DEFAULT_AUTH0_CLIENT)),
+        'Content-Type': 'application/x-www-form-urlencoded'
+      },
+      0,
+      false
+    );
+  });
+
   describe('when there is a valid query string in a hash', () => {
     it('should throw an error if the /authorize call redirects with an error param', async () => {
       const auth0 = setup();

__tests__/Auth0Client/helpers.ts

@@ -8,7 +8,9 @@ import {
   RedirectLoginOptions
 } from '../../src';
 
+import * as utils from '../../src/utils';
 import Auth0Client from '../../src/Auth0Client';
+
 import {
   TEST_ACCESS_TOKEN,
   TEST_CLIENT_ID,
@@ -26,13 +28,24 @@ const authorizationResponse: AuthenticationResult = {
 };
 
 export const assertPostFn = mockFetch => {
-  return (url, body, headers = null, callNum = 0) => {
-    const [actualUrl, opts] = mockFetch.mock.calls[callNum];
+  return (
+    url: string,
+    body: any,
+    headers: Record<string, string> = null,
+    callNum = 0,
+    json = true
+  ) => {
+    const [actualUrl, call] = mockFetch.mock.calls[callNum];
+
     expect(url).toEqual(actualUrl);
-    expect(body).toEqual(JSON.parse(opts.body));
+
+    expect(body).toEqual(
+      json ? JSON.parse(call.body) : utils.parseQueryResult(call.body)
+    );
+
     if (headers) {
       Object.keys(headers).forEach(header =>
-        expect(headers[header]).toEqual(opts.headers[header])
+        expect(headers[header]).toEqual(call.headers[header])
       );
     }
   };

__tests__/Auth0Client/loginWithPopup.test.ts

@@ -256,6 +256,7 @@ describe('Auth0Client', () => {
 
     it('should log the user in with a popup and get the token', async () => {
       const auth0 = setup();
+
       await loginWithPopup(auth0);
       expect(mockWindow.open).toHaveBeenCalled();
 
@@ -269,11 +270,38 @@ describe('Auth0Client', () => {
           code: 'my_code'
         },
         {
-          'Auth0-Client': btoa(JSON.stringify(DEFAULT_AUTH0_CLIENT))
+          'Auth0-Client': btoa(JSON.stringify(DEFAULT_AUTH0_CLIENT)),
+          'Content-Type': 'application/json'
         }
       );
     });
 
+    it('should log the user in with a popup and get the token with form data', async () => {
+      const auth0 = setup({
+        useFormData: true
+      });
+
+      await loginWithPopup(auth0);
+      expect(mockWindow.open).toHaveBeenCalled();
+
+      assertPost(
+        'https://auth0_domain/oauth/token',
+        {
+          redirect_uri: TEST_REDIRECT_URI,
+          client_id: TEST_CLIENT_ID,
+          code_verifier: TEST_CODE_VERIFIER,
+          grant_type: 'authorization_code',
+          code: 'my_code'
+        },
+        {
+          'Auth0-Client': btoa(JSON.stringify(DEFAULT_AUTH0_CLIENT)),
+          'Content-Type': 'application/x-www-form-urlencoded'
+        },
+        0,
+        false
+      );
+    });
+
     it('uses default config', async () => {
       const auth0 = setup({ leeway: 10 });
 

__tests__/api.test.ts

@@ -62,7 +62,7 @@ describe('oauthToken', () => {
       body:
         '{"redirect_uri":"http://localhost","grant_type":"authorization_code","client_id":"client_idIn","code":"codeIn","code_verifier":"code_verifierIn"}',
       headers: {
-        'Content-type': 'application/json',
+        'Content-Type': 'application/json',
         'Auth0-Client': btoa(JSON.stringify(auth0Client))
       },
       method: 'POST',
@@ -113,7 +113,7 @@ describe('oauthToken', () => {
     expect(mockFetch).toBeCalledWith('https://test.com/oauth/token', {
       body: JSON.stringify(body),
       headers: {
-        'Content-type': 'application/json',
+        'Content-Type': 'application/json',
         'Auth0-Client': btoa(JSON.stringify(auth0Client))
       },
       method: 'POST',
@@ -128,7 +128,7 @@ describe('oauthToken', () => {
         fetchOptions: {
           body: JSON.stringify(body),
           headers: {
-            'Content-type': 'application/json',
+            'Content-Type': 'application/json',
             'Auth0-Client': btoa(JSON.stringify(auth0Client))
           },
           method: 'POST',