From 025b0918de7f5993c9ffed9d5e1554274611ef23 Mon Sep 17 00:00:00 2001 From: Shuo Wu Date: Tue, 18 Jan 2022 22:33:40 +0000 Subject: [PATCH] BREAKING CHANGE: extends CookieOptions from js-cookie v3 changelog OKTA-461753 <<>> Artifact: okta-auth-js Files changed count: 2 PR Link: "https://github.com/okta/okta-auth-js/pull/1066" --- CHANGELOG.md | 3 +++ lib/types/Cookies.ts | 52 ++++++++++++++++++++++++++++++++++++-------- 2 files changed, 46 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 597f10043b..2d0d4ebf8d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,9 @@ - [#1062](https://github.com/okta/okta-auth-js/pull/1062) - Authn method `introspect` is renamed to `introspectAuthn` (still callable as `tx.introspect`) - `IdxFeature` enum is now defined as strings instead of numbers +- [#1066](https://github.com/okta/okta-auth-js/pull/1066) Extends type `CookieOptions` from `js-cookie` v3 + - Uses enums for `CookieOptions.sameSite` + - Removes type `SetCookieOptions` ### Features diff --git a/lib/types/Cookies.ts b/lib/types/Cookies.ts index c5f2105273..a6bd134aa3 100644 --- a/lib/types/Cookies.ts +++ b/lib/types/Cookies.ts @@ -10,20 +10,54 @@ * See the License for the specific language governing permissions and limitations under the License. */ -export interface CookieOptions { - path?: string; - secure?: boolean; - sessionCookie?: boolean; - sameSite?: string | boolean; - expires?: Date; +// From @types/js-cookie@3.0.1 +// https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/js-cookie +// TODO: remove and import from "js-cookie" once it's upgrade to v3 +interface CookieAttributes { + /** + * Define when the cookie will be removed. Value can be a Number + * which will be interpreted as days from time of creation or a + * Date instance. If omitted, the cookie becomes a session cookie. + */ + expires?: number | Date | undefined; + + /** + * Define the path where the cookie is available. Defaults to '/' + */ + path?: string | undefined; + + /** + * Define the domain where the cookie is available. Defaults to + * the domain of the page where the cookie was created. + */ + domain?: string | undefined; + + /** + * A Boolean indicating if the cookie transmission requires a + * secure protocol (https). Defaults to false. + */ + secure?: boolean | undefined; + + /** + * Asserts that a cookie must not be sent with cross-origin requests, + * providing some protection against cross-site request forgery + * attacks (CSRF) + */ + sameSite?: 'strict' | 'Strict' | 'lax' | 'Lax' | 'none' | 'None' | undefined; + + /** + * An attribute which will be serialized, conformably to RFC 6265 + * section 5.2. + */ + [property: string]: any; } -export interface SetCookieOptions extends CookieOptions { - path?: string; +export interface CookieOptions extends CookieAttributes{ + sessionCookie?: boolean; } export interface Cookies { - set(name: string, value: string, expiresAt: string, options: SetCookieOptions): string; + set(name: string, value: string, expiresAt: string, options: CookieOptions): string; get(name: string): string; delete(name: string): string; }