Skip to content

Commit

Permalink
fix: use sameSite: none for iframe compatibility
Browse files Browse the repository at this point in the history
  • Loading branch information
@aarongranick-okta
aarongranick-okta committed Feb 25, 2020
1 parent 2aa4a80 commit 7ebaf55
Show file tree
Hide file tree
Showing 6 changed files with 34 additions and 34 deletions.
2 changes: 1 addition & 1 deletion packages/okta-auth-js/lib/browser/browserStorage.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ storageUtil.getSessionStorage = function() {
storageUtil.getCookieStorage = function(options) {
options = options || {};
var secure = options.secure; // currently opt-in
var sameSite = options.sameSite || 'lax';
var sameSite = options.sameSite || 'none';
return {
getItem: storageUtil.storage.get,
setItem: function(key, value) {
Expand Down
6 changes: 3 additions & 3 deletions packages/okta-auth-js/lib/token.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -644,17 +644,17 @@ function getWithRedirect(sdk, oauthOptions, options) {
urls: urls,
ignoreSignature: oauthParams.ignoreSignature
}), null, {
sameSite: 'lax'
sameSite: 'none'
});

// Set nonce cookie for servers to validate nonce in id_token
cookies.set(constants.REDIRECT_NONCE_COOKIE_NAME, oauthParams.nonce, null, {
sameSite: 'lax'
sameSite: 'none'
});

// Set state cookie for servers to validate state
cookies.set(constants.REDIRECT_STATE_COOKIE_NAME, oauthParams.state, null, {
sameSite: 'lax'
sameSite: 'none'
});

sdk.token.getWithRedirect._setLocation(requestUrl);
Expand Down
4 changes: 2 additions & 2 deletions packages/okta-auth-js/test/spec/cookies.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,11 +43,11 @@ describe('cookie', function () {

it('proxies JsCookie.set with "sameSite" setting', function () {
Cookies.set('foo', 'bar', null, {
sameSite: 'lax'
sameSite: 'none'
});
expect(JsCookie.set).toHaveBeenCalledWith('foo', 'bar', {
path: '/',
sameSite: 'lax'
sameSite: 'none'
});
});
});
Expand Down
2 changes: 1 addition & 1 deletion packages/okta-auth-js/test/spec/oauthUtil.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -252,7 +252,7 @@ describe('getWellKnown', function() {
}),
'2200-01-01T00:00:00.000Z',
{
sameSite: 'lax'
sameSite: 'none'
}
);
}
Expand Down
42 changes: 21 additions & 21 deletions packages/okta-auth-js/test/spec/token.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1196,7 +1196,7 @@ describe('token.getWithRedirect', function() {
oauthUtil.mockedNonce,
null, // expiresAt
{
sameSite: 'lax'
sameSite: 'none'
}
];

Expand All @@ -1205,7 +1205,7 @@ describe('token.getWithRedirect', function() {
oauthUtil.mockedState,
null, // expiresAt
{
sameSite: 'lax'
sameSite: 'none'
}
];
});
Expand Down Expand Up @@ -1237,7 +1237,7 @@ describe('token.getWithRedirect', function() {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1276,7 +1276,7 @@ describe('token.getWithRedirect', function() {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1311,7 +1311,7 @@ describe('token.getWithRedirect', function() {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1352,7 +1352,7 @@ describe('token.getWithRedirect', function() {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1397,7 +1397,7 @@ describe('token.getWithRedirect', function() {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1435,7 +1435,7 @@ describe('token.getWithRedirect', function() {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1478,7 +1478,7 @@ describe('token.getWithRedirect', function() {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1515,7 +1515,7 @@ describe('token.getWithRedirect', function() {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1557,7 +1557,7 @@ describe('token.getWithRedirect', function() {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1594,7 +1594,7 @@ describe('token.getWithRedirect', function() {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1635,7 +1635,7 @@ describe('token.getWithRedirect', function() {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1678,7 +1678,7 @@ describe('token.getWithRedirect', function() {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1723,7 +1723,7 @@ null, {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1761,7 +1761,7 @@ null, {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1803,7 +1803,7 @@ null, {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1843,7 +1843,7 @@ null, {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1879,7 +1879,7 @@ null, {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1915,7 +1915,7 @@ null, {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down Expand Up @@ -1951,7 +1951,7 @@ null, {
ignoreSignature: false
}),
null, {
sameSite: 'lax'
sameSite: 'none'
}
],
nonceCookie,
Expand Down
12 changes: 6 additions & 6 deletions packages/okta-auth-js/test/spec/tokenManager.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -198,7 +198,7 @@ describe('TokenManager', function() {
'okta-token-storage',
JSON.stringify({'test-idToken': tokens.standardIdTokenParsed}),
'2200-01-01T00:00:00.000Z', {
sameSite: 'lax'
sameSite: 'none'
}
);
});
Expand All @@ -221,7 +221,7 @@ describe('TokenManager', function() {
'okta-token-storage',
JSON.stringify({'test-idToken': tokens.standardIdTokenParsed}),
'2200-01-01T00:00:00.000Z', {
sameSite: 'lax'
sameSite: 'none'
}
);
});
Expand Down Expand Up @@ -1242,7 +1242,7 @@ describe('TokenManager', function() {
'okta-token-storage',
JSON.stringify({'test-idToken': tokens.standardIdTokenParsed}),
'2200-01-01T00:00:00.000Z', {
sameSite: 'lax'
sameSite: 'none'
}
);
});
Expand All @@ -1256,7 +1256,7 @@ describe('TokenManager', function() {
JSON.stringify({'test-idToken': tokens.standardIdTokenParsed}),
'2200-01-01T00:00:00.000Z', {
secure: true,
sameSite: 'lax'
sameSite: 'none'
}
);
});
Expand Down Expand Up @@ -1295,7 +1295,7 @@ describe('TokenManager', function() {
'okta-token-storage',
JSON.stringify({anotherKey: tokens.standardIdTokenParsed}),
'2200-01-01T00:00:00.000Z', {
sameSite: 'lax'
sameSite: 'none'
}
);
});
Expand All @@ -1312,7 +1312,7 @@ describe('TokenManager', function() {
'okta-token-storage',
'{}',
'2200-01-01T00:00:00.000Z', {
sameSite: 'lax'
sameSite: 'none'
}
);
});
Expand Down

0 comments on commit 7ebaf55

Please sign in to comment.