Added Cross Origin Auth support to the login method (#1013)

auth0 · Jun 9, 2017 · fda9869 · fda9869
1 parent ac409ee
commit fda9869
Show file tree

Hide file tree

Showing 8 changed files with 110 additions and 65 deletions.
diff --git a/Gruntfile.js b/Gruntfile.js
@@ -1,62 +1,60 @@
-"use strict";
+'use strict';
 
-const path = require("path");
-const fs = require("fs");
-const pkg = require("./package");
-const webpack = require("webpack");
-const webpackConfig = require("./webpack.config.js");
-const UnminifiedWebpackPlugin = require("unminified-webpack-plugin");
+const path = require('path');
+const fs = require('fs');
+const pkg = require('./package');
+const webpack = require('webpack');
+const webpackConfig = require('./webpack.config.js');
+const UnminifiedWebpackPlugin = require('unminified-webpack-plugin');
 
-module.exports = function (grunt) {
-
-  const pkg_info = grunt.file.readJSON("package.json");
+module.exports = function(grunt) {
+  const pkg_info = grunt.file.readJSON('package.json');
 
   grunt.initConfig({
     pkg: pkg_info,
     clean: {
-      build: ["build/"],
-      dev: ["build/"],
-      dist: ["lib/"]
+      build: ['build/'],
+      dev: ['build/'],
+      dist: ['lib/']
     },
     babel: {
       dist: {
         files: [
           {
             expand: true,
-            cwd: "src",
-            src: ["**/*.js", "**/*.jsx"],
-            dest: "lib",
+            cwd: 'src',
+            src: ['**/*.js', '**/*.jsx'],
+            dest: 'lib',
             ext: '.js'
           }
         ]
       }
     },
     env: {
       build: {
-        NODE_ENV: "production"
+        NODE_ENV: 'production'
       }
     },
     exec: {
-      touch_index: "touch src/index.js"
+      touch_index: 'touch src/index.js'
     },
     webpack: {
       options: webpackConfig,
       build: {
-        devtool: "source-map",
+        devtool: 'source-map',
         output: {
-          path: path.join(__dirname, "build"),
+          path: path.join(__dirname, 'build'),
           filename: 'lock.min.js'
         },
         watch: false,
-        devtool: 'source-map',
         plugins: [
           new webpack.LoaderOptionsPlugin({
             minimize: true,
             debug: false
           }),
           new webpack.DefinePlugin({
             'process.env': {
-              'NODE_ENV': JSON.stringify('production')
+              NODE_ENV: JSON.stringify('production')
             }
           }),
           new webpack.optimize.AggressiveMergingPlugin(),
@@ -74,63 +72,64 @@ module.exports = function (grunt) {
         ]
       }
     },
-    "webpack-dev-server": {
+    'webpack-dev-server': {
       options: {
         webpack: webpackConfig,
-        publicPath: "/build/"
+        publicPath: '/build/'
       },
       dev: {
         hot: true,
         port: 3000,
+        https: true,
         webpack: {
-          devtool: "eval"
+          devtool: 'eval'
         }
       },
       design: {
         webpack: {
           entry: './support/design/index.js',
           output: {
-            path: path.join(__dirname, "build"),
+            path: path.join(__dirname, 'build'),
             filename: 'lock.design.js'
           },
-          devtool: "eval"
+          devtool: 'eval'
         }
       }
     },
-    "i18n": {
+    i18n: {
       build: {
         files: [
           {
             expand: true,
-            cwd: "lib/i18n",
-            src: "**/*.js",
-            dest: "build",
+            cwd: 'lib/i18n',
+            src: '**/*.js',
+            dest: 'build',
             ext: '.js'
           }
         ]
       }
     }
   });
 
-  grunt.loadNpmTasks("grunt-babel");
-  grunt.loadNpmTasks("grunt-webpack");
-  grunt.loadNpmTasks("grunt-contrib-clean");
-  grunt.loadNpmTasks("grunt-env");
-  grunt.loadNpmTasks("grunt-exec");
+  grunt.loadNpmTasks('grunt-babel');
+  grunt.loadNpmTasks('grunt-webpack');
+  grunt.loadNpmTasks('grunt-contrib-clean');
+  grunt.loadNpmTasks('grunt-env');
+  grunt.loadNpmTasks('grunt-exec');
 
-  grunt.registerTask("build", ["clean:build", "env:build", "webpack:build", "i18n:build"]);
-  grunt.registerTask("dist", ["clean:dist", "babel:dist"]);
-  grunt.registerTask("prepare_dev", ["clean:dev"]);
-  grunt.registerTask("dev", ["prepare_dev", "webpack-dev-server:dev"]);
-  grunt.registerTask("design", ["prepare_dev", "webpack-dev-server:design"]);
-  grunt.registerMultiTask("i18n", "Prepares i18n files to be hosted in CDN", function () {
+  grunt.registerTask('build', ['clean:build', 'env:build', 'webpack:build', 'i18n:build']);
+  grunt.registerTask('dist', ['clean:dist', 'babel:dist']);
+  grunt.registerTask('prepare_dev', ['clean:dev']);
+  grunt.registerTask('dev', ['prepare_dev', 'webpack-dev-server:dev']);
+  grunt.registerTask('design', ['prepare_dev', 'webpack-dev-server:design']);
+  grunt.registerMultiTask('i18n', 'Prepares i18n files to be hosted in CDN', function() {
     var languages = {};
     var Auth0 = {
-      registerLanguageDictionary: function (lang, dict) {
+      registerLanguageDictionary: function(lang, dict) {
         languages[lang] = dict;
       }
     };
-    this.files.forEach(function (file) {
+    this.files.forEach(function(file) {
       var filename = file.src[0];
       var lang = path.basename(filename, '.js');
       var dict = require('./' + filename).default || require('./' + filename);

diff --git a/package.json b/package.json
@@ -94,7 +94,7 @@
     "zuul-ngrok": "4.0.0"
   },
   "dependencies": {
-    "auth0-js": "~8.6.0",
+    "auth0-js": "~8.7.0",
     "blueimp-md5": "2.3.1",
     "fbjs": "^0.3.1",
     "idtoken-verifier": "^1.0.1",

diff --git a/src/__tests__/core/web_api/__snapshots__/p2_api.test.js.snap b/src/__tests__/core/web_api/__snapshots__/p2_api.test.js.snap
@@ -10,6 +10,8 @@ Object {
 }
 `;
 
+exports[`Auth0APIClient logIn with credentials should fail when in popup mode 1`] = `"Cross origin login is not supported in popup mode"`;
+
 exports[`Auth0APIClient logIn with social/enterprise (without username and email) should call authorize when redirect===true 1`] = `
 Object {
   "nonce": undefined,

diff --git a/src/__tests__/core/web_api/p2_api.test.js b/src/__tests__/core/web_api/p2_api.test.js
@@ -51,12 +51,20 @@ describe('Auth0APIClient', () => {
       });
     });
     describe('with credentials', () => {
+      it('should fail when in popup mode', () => {
+        const client = getClient({
+          redirect: false
+        });
+        expect(() => client.logIn({ username: 'foo' }, {})).toThrowErrorMatchingSnapshot();
+      });
       it('should call client.login', () => {
-        const client = getClient();
+        const client = getClient({
+          redirect: true
+        });
         const callback = jest.fn();
         client.logIn({ username: 'foo' }, {}, callback);
         const mock = getAuth0ClientMock();
-        const loginMock = mock.WebAuth.mock.instances[0].client.login.mock;
+        const loginMock = mock.WebAuth.mock.instances[0].login.mock;
         assertCallWithCallback(loginMock, callback);
       });
     });

diff --git a/src/core/web_api/p2_api.js b/src/core/web_api/p2_api.js
@@ -53,8 +53,11 @@ class Auth0APIClient {
         this.client.authorize(loginOptions, f);
       }
     } else {
+      if (this.authOpt.popup) {
+        throw new Error('Cross origin login is not supported in popup mode');
+      }
       loginOptions.realm = options.connection;
-      this.client.client.login(loginOptions, f);
+      this.client.login(loginOptions, f);
     }
   }
 

diff --git a/support/callback-cross-auth.html b/support/callback-cross-auth.html
@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+  <script src="https://cdn.auth0.com/js/auth0/8.7.0/auth0.min.js"></script>
+  <script type="text/javascript">
+    var auth0 = new auth0.WebAuth({
+      domain: 'brucke.auth0.com',
+      redirectUri: 'https://localhost:3000/support',
+      clientID: 'nj4hF7eaFFgt45b7brhUg8S8qewcVmYw'
+    });
+    auth0.crossOriginAuthenticationCallback();
+  </script>
+</head>
+
+<body></body>
+
+</html>
diff --git a/support/index.html b/support/index.html
@@ -2,42 +2,47 @@
 <html>
 <title>Dev</title>
 <meta charset="utf-8">
-<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0"/>
+<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0" />
 <style>
- body {
-   background-color: #1f1f24;
- }
+  body {
+    background-color: #1f1f24;
+  }
 </style>
+
 <body>
   <div id="container"></div>
   <script src="/build/lock.js"></script>
   <script>
-
-    const cid = "ixeOHFhD7NSPxEQK6CFcswjUsa5YkcXS";
-    const domain = "auth0-tests-lock.auth0.com";
+    const cid = "nj4hF7eaFFgt45b7brhUg8S8qewcVmYw";
+    const domain = "brucke.auth0.com";
     const options = {
-      rememberLastLogin:false
+      oidcConformant: true,
+      usernameStyle: 'email',
+      defaultDatabaseConnection: 'acme',
+      prefill: {
+        email: 'johnfoo@gmail.com'
+      }
     };
 
     const lock = new Auth0Lock(cid, domain, options);
     window.lock = lock;
 
-    lock.on("authenticated", function(authResult) {
+    lock.on("authenticated", function (authResult) {
       console.log(authResult);
 
       if (!authResult.accessToken) return;
 
-      lock.getUserInfo(authResult.accessToken, function(error, profile) {
+      lock.getUserInfo(authResult.accessToken, function (error, profile) {
         console.log(error, profile);
       });
     });
 
-    lock.on("authorization_error", function(error) {
+    lock.on("authorization_error", function (error) {
       console.log('authorization_error', error);
     });
 
     lock.show();
-
   </script>
 </body>
-</html>
+
+</html>
diff --git a/yarn.lock b/yarn.lock
@@ -367,12 +367,12 @@ atob@~1.1.0:
   version "1.1.3"
   resolved "https://registry.yarnpkg.com/atob/-/atob-1.1.3.tgz#95f13629b12c3a51a5d215abdce2aa9f32f80773"
 
-auth0-js@8.6.0:
-  version "8.6.0"
-  resolved "https://registry.yarnpkg.com/auth0-js/-/auth0-js-8.6.0.tgz#8af50d7884d3d3ffc73c63c2c2509140e7fc747b"
+auth0-js@~8.7.0:
+  version "8.7.0"
+  resolved "https://registry.yarnpkg.com/auth0-js/-/auth0-js-8.7.0.tgz#679bf18c574a5404e46f05daccadaba4c6f774eb"
   dependencies:
     base64-js "^1.2.0"
-    idtoken-verifier "^1.0.1"
+    idtoken-verifier "^1.0.2"
     qs "^6.4.0"
     superagent "^3.3.1"
     url-join "^1.1.0"
@@ -3979,6 +3979,16 @@ idtoken-verifier@^1.0.1:
     superagent "^3.3.1"
     url-join "^1.1.0"
 
+idtoken-verifier@^1.0.2:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/idtoken-verifier/-/idtoken-verifier-1.0.2.tgz#7457d8b3d13e59ca3ab085ed43d2b43e48536f1d"
+  dependencies:
+    base64-js "^1.2.0"
+    crypto-js "^3.1.9-1"
+    jsbn "^0.1.0"
+    superagent "^3.3.1"
+    url-join "^1.1.0"
+
 ieee754@^1.1.4:
   version "1.1.8"
   resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.1.8.tgz#be33d40ac10ef1926701f6f08a2d86fbfd1ad3e4"