fix(auth0): WIP auth0 update to lock 11, auth0 9

Author: landonreed

lib/common/user/Auth0Manager.js

@@ -8,7 +8,7 @@ import { getConfigProperty, getComponentMessages, getMessage } from '../util/con
 
 const clientID = process.env.AUTH0_CLIENT_ID
 const domain = process.env.AUTH0_DOMAIN
-const auth0client = new auth0.WebAuth({ domain, clientID })
+const auth0Client = new auth0.WebAuth({ domain, clientID })
 
 class Auth0Manager {
   /**
@@ -23,6 +23,8 @@ class Auth0Manager {
       this.lock = new Auth0Lock(
         clientID,
         domain,
+        // NOTE: The `this.lockOptions` variable is meant to be injected in a
+        // testing environment.
         this.lockOptions || {
           allowSignUp: false,
           auth: {
@@ -47,20 +49,27 @@ class Auth0Manager {
     return this.lock
   }
 
-  getProfileFromToken (idToken) {
+  getProfileFromToken (accessToken) {
     return new Promise((resolve, reject) => {
-      this.getLock().getProfile(idToken, (err, profile) => {
+      this.getLock().getUserInfo(accessToken, (err, profile) => {
         if (err) reject(err)
         else resolve(profile)
       })
     })
   }
 
-  getToken () {
-    // Retrieves the user token from localStorage
+  /**
+   * Retrieves the user token from localStorage.
+   * @return {String} auth0 user token
+   */
+  getAccessToken () {
     return window.localStorage.getItem('userToken')
   }
 
+  getIdToken () {
+    return window.localStorage.getItem('idToken')
+  }
+
   hideLock () {
     this.getLock().hide()
   }
@@ -76,6 +85,9 @@ class Auth0Manager {
    *   The string of the route to redirect to upon login success
    */
   loginWithLock ({ onHide = () => {}, push, receiveTokenAndProfile, redirectOnSuccess = false }) {
+    // Store location for location return after callback
+    window.localStorage.setItem('randomStateValue', window.location.href)
+    // FIXME: redirect to /login
     const lock = this.getLock()
 
     let hideFn = onHide
@@ -139,9 +151,10 @@ class Auth0Manager {
   }) {
     if (!authResult) return receiveTokenAndProfile()
 
-    this.setToken(authResult.idToken)
+    this.setAccessToken(authResult.accessToken)
+    this.setIdToken(authResult.idToken)
 
-    return this.getProfileFromToken(authResult.idToken)
+    return this.getProfileFromToken(authResult.accessToken)
       .then((profile) => {
         const actions = [
           receiveTokenAndProfile({
@@ -159,7 +172,7 @@ class Auth0Manager {
         return actions
       })
       .catch((err) => {
-        console.error('an error occurred while trying to get the user profile', err)
+        console.error('An error occurred while trying to get the user profile', err)
         this.removeToken()
         return receiveTokenAndProfile()
       })
@@ -177,7 +190,7 @@ class Auth0Manager {
   renewAuth () {
     return new Promise((resolve, reject) => {
       const nonce = uuidv4()
-      auth0client.renewAuth({
+      auth0Client.renewAuth({
         audience: '',
         nonce,
         postMessageDataType: 'auth0:silent-authentication',
@@ -188,11 +201,11 @@ class Auth0Manager {
         if (err) {
           console.log('Failed to renew log in.')
           reject(err)
-        } else if (!authResult.idToken) {
-          const err = new Error('idToken not received from auth0')
+        } else if (!authResult.accessToken) {
+          const err = new Error('accessToken not received from auth0')
           console.log(authResult)
           reject(err)
-        } else if (!nonceMathces(authResult.idToken, nonce)) {
+        } else if (!nonceMathces(authResult.accessToken, nonce)) {
           const err = new Error('Nonce string does not match!')
           reject(err)
         } else {
@@ -220,7 +233,7 @@ class Auth0Manager {
     userIsLoggedIn
   }) {
     // Get the user token if we've saved it in localStorage before
-    const userToken = this.getToken()
+    const userToken = this.getIdToken()
 
     if (userToken) {
       // user has logged in before
@@ -246,9 +259,8 @@ class Auth0Manager {
             })
         )
       } else {
-        // token is still valid
-
-        // see if it's been long enough to try again
+        // Token is still valid.
+        // Check that enough time has passed to try again.
         const profileRefreshTime = getConfigProperty('application.profile_refresh_time')
         if (
           userIsLoggedIn &&
@@ -264,7 +276,9 @@ class Auth0Manager {
 
         this.isTryingToGetProfileFromToken = true
 
-        return this.getProfileFromToken(userToken)
+        const accessToken = this.getAccessToken()
+        if (!accessToken) return logout(userIsLoggedIn)
+        return this.getProfileFromToken(accessToken)
           .then((profile) => {
             this.isTryingToGetProfileFromToken = false
             return receiveTokenAndProfile({
@@ -291,9 +305,13 @@ class Auth0Manager {
     })
   }
 
-  setToken (token) {
+  setAccessToken (token) {
     window.localStorage.setItem('userToken', token)
   }
+
+  setIdToken (token) {
+    window.localStorage.setItem('idToken', token)
+  }
 }
 
 function nonceMathces (token, nonce) {

package.json

@@ -28,8 +28,8 @@
     "@turf/distance": "^5.1.5",
     "@turf/line-slice-along": "^4.6.0",
     "@turf/nearest-point-on-line": "^5.1.5",
-    "auth0-js": "^8.8.0",
-    "auth0-lock": "^10.18.0",
+    "auth0-js": "^9.3.2",
+    "auth0-lock": "^11.3.1",
     "babel-polyfill": "^6.22.0",
     "bootstrap": "^3.3.7",
     "camelcase-keys": "^4.2.0",