From a1c8fc2a4d782e8a7773e6848052508e8911f314 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 1 Mar 2023 17:37:31 +0000 Subject: [PATCH 1/6] chore(deps): update dependency @auth0/auth0-spa-js to v2 --- .../auth-providers/auth0/web/package.json | 4 +- yarn.lock | 56 +++---------------- 2 files changed, 11 insertions(+), 49 deletions(-) diff --git a/packages/auth-providers/auth0/web/package.json b/packages/auth-providers/auth0/web/package.json index 667f79956b1b..b99b6c964fa3 100644 --- a/packages/auth-providers/auth0/web/package.json +++ b/packages/auth-providers/auth0/web/package.json @@ -27,7 +27,7 @@ "core-js": "3.29.0" }, "devDependencies": { - "@auth0/auth0-spa-js": "1.22.6", + "@auth0/auth0-spa-js": "2.0.4", "@babel/cli": "7.21.0", "@babel/core": "7.21.0", "@types/react": "18.0.28", @@ -36,7 +36,7 @@ "typescript": "4.9.5" }, "peerDependencies": { - "@auth0/auth0-spa-js": "1.22.6" + "@auth0/auth0-spa-js": "2.0.4" }, "gitHead": "3905ed045508b861b495f8d5630d76c7a157d8f1" } diff --git a/yarn.lock b/yarn.lock index 89022a354409..805603c899eb 100644 --- a/yarn.lock +++ b/yarn.lock @@ -285,18 +285,10 @@ __metadata: languageName: node linkType: hard -"@auth0/auth0-spa-js@npm:1.22.6": - version: 1.22.6 - resolution: "@auth0/auth0-spa-js@npm:1.22.6" - dependencies: - abortcontroller-polyfill: ^1.7.3 - browser-tabs-lock: ^1.2.15 - core-js: ^3.25.4 - es-cookie: ~1.3.2 - fast-text-encoding: ^1.0.6 - promise-polyfill: ^8.2.3 - unfetch: ^4.2.0 - checksum: 7f00391a30d1753ca4dee8c88501cd2d26cb064495e9b346b1639608c5135021ffd09f867fb113da561e1e4b7edb767ea031ca376eed467a0f089e76d2a7769c +"@auth0/auth0-spa-js@npm:2.0.4": + version: 2.0.4 + resolution: "@auth0/auth0-spa-js@npm:2.0.4" + checksum: 3532a554d606ee3f8fdfe421668c2572f6d7f108245501ac40470374e5f3dbe9ff55048557d2f6c35c97543ca1256703a3695fdc550a0d13285885f975498065 languageName: node linkType: hard @@ -6377,7 +6369,7 @@ __metadata: version: 0.0.0-use.local resolution: "@redwoodjs/auth-auth0-web@workspace:packages/auth-providers/auth0/web" dependencies: - "@auth0/auth0-spa-js": 1.22.6 + "@auth0/auth0-spa-js": 2.0.4 "@babel/cli": 7.21.0 "@babel/core": 7.21.0 "@babel/runtime-corejs3": 7.21.0 @@ -6388,7 +6380,7 @@ __metadata: react: 18.2.0 typescript: 4.9.5 peerDependencies: - "@auth0/auth0-spa-js": 1.22.6 + "@auth0/auth0-spa-js": 2.0.4 languageName: unknown linkType: soft @@ -10757,13 +10749,6 @@ __metadata: languageName: node linkType: hard -"abortcontroller-polyfill@npm:^1.7.3": - version: 1.7.5 - resolution: "abortcontroller-polyfill@npm:1.7.5" - checksum: d7a5ab6fda4f9a54f22ddeb233a2564d2f4f857ec17be25fee21a91bb5090bee57c630c454634b5c4b93fc06bd90d592d1f2fc69f77cd28791ac0fe361feb7d2 - languageName: node - linkType: hard - "abstract-logging@npm:^2.0.1": version: 2.0.1 resolution: "abstract-logging@npm:2.0.1" @@ -12549,15 +12534,6 @@ __metadata: languageName: node linkType: hard -"browser-tabs-lock@npm:^1.2.15": - version: 1.2.15 - resolution: "browser-tabs-lock@npm:1.2.15" - dependencies: - lodash: ">=4.17.21" - checksum: 6d9243d6ec7da4d48e39d89db53945979433e390c4c9e4342b7f28060d3a40c01220a6cf53bfdd8f49857fb0031865f5b5b843254f40a57762f40e90c75cc68d - languageName: node - linkType: hard - "browserify-aes@npm:^1.0.0, browserify-aes@npm:^1.0.4": version: 1.2.0 resolution: "browserify-aes@npm:1.2.0" @@ -14234,7 +14210,7 @@ __metadata: languageName: node linkType: hard -"core-js@npm:3.29.0, core-js@npm:^3.0.4, core-js@npm:^3.25.4, core-js@npm:^3.26.0, core-js@npm:^3.27.2, core-js@npm:^3.6.5, core-js@npm:^3.8.2": +"core-js@npm:3.29.0, core-js@npm:^3.0.4, core-js@npm:^3.26.0, core-js@npm:^3.27.2, core-js@npm:^3.6.5, core-js@npm:^3.8.2": version: 3.29.0 resolution: "core-js@npm:3.29.0" checksum: 6955cbbc34d130239d8992a8dd807b406088b74d7fe32cecbcee497de21aa0a0498a64195635d292b90a87e71b9b7e985200d32b674b00fc63e9d852fd9033a5 @@ -16005,13 +15981,6 @@ __metadata: languageName: node linkType: hard -"es-cookie@npm:~1.3.2": - version: 1.3.2 - resolution: "es-cookie@npm:1.3.2" - checksum: 26eb6e06b25b5569d8763fcb23b5335a5098e354b0a9a7bc5122e8c8705003307187a165ddaeda5cff08fa4cc8e1675dbddd5709279fb27cfa8875514dc3eccb - languageName: node - linkType: hard - "es-get-iterator@npm:^1.0.2, es-get-iterator@npm:^1.1.2": version: 1.1.3 resolution: "es-get-iterator@npm:1.1.3" @@ -17141,7 +17110,7 @@ __metadata: languageName: node linkType: hard -"fast-text-encoding@npm:^1.0.0, fast-text-encoding@npm:^1.0.3, fast-text-encoding@npm:^1.0.6": +"fast-text-encoding@npm:^1.0.0, fast-text-encoding@npm:^1.0.3": version: 1.0.6 resolution: "fast-text-encoding@npm:1.0.6" checksum: e1d0381bda229c92c7906f63308f3b9caca8c78b732768b1ee16f560089ed21bc159bbe1434138ccd3815931ec8d4785bdade1ad1c45accfdf27ac6606ac67d2 @@ -22396,7 +22365,7 @@ __metadata: languageName: node linkType: hard -"lodash@npm:4.17.21, lodash@npm:>=4.17.21, lodash@npm:^4.11.2, lodash@npm:^4.17.14, lodash@npm:^4.17.15, lodash@npm:^4.17.19, lodash@npm:^4.17.20, lodash@npm:^4.17.21, lodash@npm:~4.17.0": +"lodash@npm:4.17.21, lodash@npm:^4.11.2, lodash@npm:^4.17.14, lodash@npm:^4.17.15, lodash@npm:^4.17.19, lodash@npm:^4.17.20, lodash@npm:^4.17.21, lodash@npm:~4.17.0": version: 4.17.21 resolution: "lodash@npm:4.17.21" checksum: d8cbea072bb08655bb4c989da418994b073a608dffa608b09ac04b43a791b12aeae7cd7ad919aa4c925f33b48490b5cfe6c1f71d827956071dae2e7bb3a6b74c @@ -26256,13 +26225,6 @@ __metadata: languageName: node linkType: hard -"promise-polyfill@npm:^8.2.3": - version: 8.2.3 - resolution: "promise-polyfill@npm:8.2.3" - checksum: 8d0418ef94d92ff53b3d8a42f47596bd354f4dfadcf21a5d52682f3addba05b05c02d88d4674e4909c069c8e14128a6d0d5e646392fb088b5300f99982a11a6c - languageName: node - linkType: hard - "promise-retry@npm:^2.0.1": version: 2.0.1 resolution: "promise-retry@npm:2.0.1" From 21aa162eba3d865f03aca96c12da82876af5ad5b Mon Sep 17 00:00:00 2001 From: Dominic Saadi Date: Wed, 1 Mar 2023 11:44:05 -0800 Subject: [PATCH 2/6] fix type errors --- packages/auth-providers/auth0/web/src/auth0.ts | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/packages/auth-providers/auth0/web/src/auth0.ts b/packages/auth-providers/auth0/web/src/auth0.ts index 89289cd91af0..c65d649aab5a 100644 --- a/packages/auth-providers/auth0/web/src/auth0.ts +++ b/packages/auth-providers/auth0/web/src/auth0.ts @@ -46,8 +46,10 @@ function createAuthImplementation(auth0Client: Auth0Client) { signup: async (options?: RedirectLoginOptions) => auth0Client.loginWithRedirect({ ...options, - screen_hint: 'signup', - prompt: 'login', + authorizationParams: { + screen_hint: 'signup', + prompt: 'login', + }, }), getToken: () => auth0Client.getTokenSilently(), getUserMetadata: async () => { From ae1bcbf041102ef5679838dc8939f96f19ce256c Mon Sep 17 00:00:00 2001 From: Dominic Saadi Date: Wed, 1 Mar 2023 13:20:41 -0800 Subject: [PATCH 3/6] changes to setup --- packages/auth-providers/auth0/setup/src/setupHandler.ts | 2 +- .../auth0/setup/src/templates/web/auth.ts.template | 8 +++++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/packages/auth-providers/auth0/setup/src/setupHandler.ts b/packages/auth-providers/auth0/setup/src/setupHandler.ts index ec84f023b664..f045008d7edb 100644 --- a/packages/auth-providers/auth0/setup/src/setupHandler.ts +++ b/packages/auth-providers/auth0/setup/src/setupHandler.ts @@ -18,7 +18,7 @@ export async function handler({ force: forceArg }: Args) { "import { authDecoder } from '@redwoodjs/auth-auth0-api'", apiPackages: [`@redwoodjs/auth-auth0-api@${version}`], webPackages: [ - '@auth0/auth0-spa-js@^1', + '@auth0/auth0-spa-js@^2', `@redwoodjs/auth-auth0-web@${version}`, ], notes: [ diff --git a/packages/auth-providers/auth0/setup/src/templates/web/auth.ts.template b/packages/auth-providers/auth0/setup/src/templates/web/auth.ts.template index 6111096b1263..fd360b70a26f 100644 --- a/packages/auth-providers/auth0/setup/src/templates/web/auth.ts.template +++ b/packages/auth-providers/auth0/setup/src/templates/web/auth.ts.template @@ -4,15 +4,17 @@ import { createAuth } from '@redwoodjs/auth-auth0-web' const auth0 = new Auth0Client({ domain: process.env.AUTH0_DOMAIN || '', - client_id: process.env.AUTH0_CLIENT_ID || '', - redirect_uri: process.env.AUTH0_REDIRECT_URI, + clientId: process.env.AUTH0_CLIENT_ID || '', + authorizationParams: { + redirect_uri: process.env.AUTH0_REDIRECT_URI, + audience: process.env.AUTH0_AUDIENCE, + }, // Storing tokens in the browser's local storage provides persistence across page refreshes and browser tabs. // But if an attacker can run JavaScript in your SPA using a cross-site scripting (XSS) attack, // they can retrieve the tokens stored in local storage. // See https://auth0.com/docs/libraries/auth0-spa-js#change-storage-options. cacheLocation: 'localstorage', - audience: process.env.AUTH0_AUDIENCE, // `useRefreshTokens` is required for automatically extending sessions beyond what's set in the initial JWT expiration. // See https://auth0.com/docs/tokens/refresh-tokens. From 7c7bd5f1102cd5b65b1ec78342655def899cc630 Mon Sep 17 00:00:00 2001 From: Dominic Saadi Date: Wed, 1 Mar 2023 14:30:44 -0800 Subject: [PATCH 4/6] add wip codemod --- .../__testfixtures__/default.input.js | 22 ++++++++++++ .../__testfixtures__/default.output.js | 25 +++++++++++++ .../updateAuth0/__tests__/updateAuth0.ts | 5 +++ .../v5.x.x/updateAuth0/updateAuth0.ts | 36 +++++++++++++++++++ .../v5.x.x/updateAuth0/updateAuth0.yargs.ts | 26 ++++++++++++++ 5 files changed, 114 insertions(+) create mode 100644 packages/codemods/src/codemods/v5.x.x/updateAuth0/__testfixtures__/default.input.js create mode 100644 packages/codemods/src/codemods/v5.x.x/updateAuth0/__testfixtures__/default.output.js create mode 100644 packages/codemods/src/codemods/v5.x.x/updateAuth0/__tests__/updateAuth0.ts create mode 100644 packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.ts create mode 100644 packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.yargs.ts diff --git a/packages/codemods/src/codemods/v5.x.x/updateAuth0/__testfixtures__/default.input.js b/packages/codemods/src/codemods/v5.x.x/updateAuth0/__testfixtures__/default.input.js new file mode 100644 index 000000000000..6111096b1263 --- /dev/null +++ b/packages/codemods/src/codemods/v5.x.x/updateAuth0/__testfixtures__/default.input.js @@ -0,0 +1,22 @@ +import { Auth0Client } from '@auth0/auth0-spa-js' + +import { createAuth } from '@redwoodjs/auth-auth0-web' + +const auth0 = new Auth0Client({ + domain: process.env.AUTH0_DOMAIN || '', + client_id: process.env.AUTH0_CLIENT_ID || '', + redirect_uri: process.env.AUTH0_REDIRECT_URI, + + // Storing tokens in the browser's local storage provides persistence across page refreshes and browser tabs. + // But if an attacker can run JavaScript in your SPA using a cross-site scripting (XSS) attack, + // they can retrieve the tokens stored in local storage. + // See https://auth0.com/docs/libraries/auth0-spa-js#change-storage-options. + cacheLocation: 'localstorage', + audience: process.env.AUTH0_AUDIENCE, + + // `useRefreshTokens` is required for automatically extending sessions beyond what's set in the initial JWT expiration. + // See https://auth0.com/docs/tokens/refresh-tokens. + // useRefreshTokens: true, +}) + +export const { AuthProvider, useAuth } = createAuth(auth0) diff --git a/packages/codemods/src/codemods/v5.x.x/updateAuth0/__testfixtures__/default.output.js b/packages/codemods/src/codemods/v5.x.x/updateAuth0/__testfixtures__/default.output.js new file mode 100644 index 000000000000..53ab445f0e42 --- /dev/null +++ b/packages/codemods/src/codemods/v5.x.x/updateAuth0/__testfixtures__/default.output.js @@ -0,0 +1,25 @@ +import { Auth0Client } from '@auth0/auth0-spa-js' + +import { createAuth } from '@redwoodjs/auth-auth0-web' + +const auth0 = new Auth0Client({ + domain: process.env.AUTH0_DOMAIN || '', + clientId: process.env.AUTH0_CLIENT_ID || '', + + authorizationParams: { + redirect_uri: process.env.AUTH0_REDIRECT_URI, + audience: process.env.AUTH0_AUDIENCE, + }, + + // Storing tokens in the browser's local storage provides persistence across page refreshes and browser tabs. + // But if an attacker can run JavaScript in your SPA using a cross-site scripting (XSS) attack, + // they can retrieve the tokens stored in local storage. + // See https://auth0.com/docs/libraries/auth0-spa-js#change-storage-options. + cacheLocation: 'localstorage', + + // `useRefreshTokens` is required for automatically extending sessions beyond what's set in the initial JWT expiration. + // See https://auth0.com/docs/tokens/refresh-tokens. + // useRefreshTokens: true, +}) + +export const { AuthProvider, useAuth } = createAuth(auth0) diff --git a/packages/codemods/src/codemods/v5.x.x/updateAuth0/__tests__/updateAuth0.ts b/packages/codemods/src/codemods/v5.x.x/updateAuth0/__tests__/updateAuth0.ts new file mode 100644 index 000000000000..0b69dae8f677 --- /dev/null +++ b/packages/codemods/src/codemods/v5.x.x/updateAuth0/__tests__/updateAuth0.ts @@ -0,0 +1,5 @@ +describe('auth0', () => { + it('updates the auth0 file', async () => { + await matchTransformSnapshot('updateAuth0', 'default') + }) +}) diff --git a/packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.ts b/packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.ts new file mode 100644 index 000000000000..bd5214b179e4 --- /dev/null +++ b/packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.ts @@ -0,0 +1,36 @@ +import type { FileInfo, API } from 'jscodeshift' + +export default function transform(file: FileInfo, api: API) { + const j = api.jscodeshift + const ast = j(file.source) + + const paths = ast.find(j.ObjectProperty, (node) => { + return ['redirect_uri', 'audience'].includes(node.key.name) + }) + + let nodes = paths.nodes() + + nodes = nodes.map((node) => { + const { comments: _comments, ...rest } = node + return rest + }) + + paths.remove() + + ast + .find(j.ObjectProperty, { key: { name: 'client_id' } }) + .insertAfter( + j.objectProperty( + j.identifier('authorizationParams'), + j.objectExpression(nodes) + ) + ) + + ast.find(j.Identifier, { name: 'client_id' }).replaceWith('clientId') + + return ast.toSource({ + trailingComma: true, + quote: 'single', + lineTerminator: '\n', + }) +} diff --git a/packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.yargs.ts b/packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.yargs.ts new file mode 100644 index 000000000000..ac4a2fbf0a83 --- /dev/null +++ b/packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.yargs.ts @@ -0,0 +1,26 @@ +import path from 'path' + +import task, { TaskInnerAPI } from 'tasuku' + +import getRWPaths from '../../../lib/getRWPaths' +import isTSProject from '../../../lib/isTSProject' +import runTransform from '../../../lib/runTransform' + +export const command = 'update-auth0' +export const description = + '(v4.x.x->v5.x.x) For Auth0 users; updates the web-side auth.ts,js file' + +export const handler = () => { + task('Update Auth0', async ({ setOutput }: TaskInnerAPI) => { + const authFile = isTSProject ? 'auth.ts' : 'auth.js' + + // TODO: upgrade web-side auth0 package + + await runTransform({ + transformPath: path.join(__dirname, 'updateAuth0.js'), + targetPaths: [path.join(getRWPaths().web.src, authFile)], + }) + + setOutput('All done! Run `yarn rw lint --fix` to prettify your code') + }) +} From d62202eb7b87d3750c01737a4b031211b1d6915c Mon Sep 17 00:00:00 2001 From: Dominic Saadi Date: Wed, 1 Mar 2023 14:35:25 -0800 Subject: [PATCH 5/6] add upgrade step --- .../codemods/v5.x.x/updateAuth0/updateAuth0.yargs.ts | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.yargs.ts b/packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.yargs.ts index ac4a2fbf0a83..97f04a27f630 100644 --- a/packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.yargs.ts +++ b/packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.yargs.ts @@ -1,5 +1,6 @@ import path from 'path' +import execa from 'execa' import task, { TaskInnerAPI } from 'tasuku' import getRWPaths from '../../../lib/getRWPaths' @@ -14,7 +15,15 @@ export const handler = () => { task('Update Auth0', async ({ setOutput }: TaskInnerAPI) => { const authFile = isTSProject ? 'auth.ts' : 'auth.js' - // TODO: upgrade web-side auth0 package + try { + await execa.command('yarn up @auth0/auth0-spa-js', { + cwd: getRWPaths().web.base, + }) + } catch { + console.error( + "Couldn't update @auth0/auth0-spa-js; you'll have to upgrade it manually to the latest v2.x.x version" + ) + } await runTransform({ transformPath: path.join(__dirname, 'updateAuth0.js'), From 555e475d84485565ab5000c215a52d95d068ad3f Mon Sep 17 00:00:00 2001 From: Dominic Saadi Date: Wed, 1 Mar 2023 14:39:31 -0800 Subject: [PATCH 6/6] finish codemod --- .../v5.x.x/updateAuth0/__testfixtures__/default.output.js | 4 ---- .../src/codemods/v5.x.x/updateAuth0/updateAuth0.yargs.ts | 2 +- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/packages/codemods/src/codemods/v5.x.x/updateAuth0/__testfixtures__/default.output.js b/packages/codemods/src/codemods/v5.x.x/updateAuth0/__testfixtures__/default.output.js index 53ab445f0e42..2fd6354397a8 100644 --- a/packages/codemods/src/codemods/v5.x.x/updateAuth0/__testfixtures__/default.output.js +++ b/packages/codemods/src/codemods/v5.x.x/updateAuth0/__testfixtures__/default.output.js @@ -16,10 +16,6 @@ const auth0 = new Auth0Client({ // they can retrieve the tokens stored in local storage. // See https://auth0.com/docs/libraries/auth0-spa-js#change-storage-options. cacheLocation: 'localstorage', - - // `useRefreshTokens` is required for automatically extending sessions beyond what's set in the initial JWT expiration. - // See https://auth0.com/docs/tokens/refresh-tokens. - // useRefreshTokens: true, }) export const { AuthProvider, useAuth } = createAuth(auth0) diff --git a/packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.yargs.ts b/packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.yargs.ts index 97f04a27f630..a4da0c73c0f3 100644 --- a/packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.yargs.ts +++ b/packages/codemods/src/codemods/v5.x.x/updateAuth0/updateAuth0.yargs.ts @@ -16,7 +16,7 @@ export const handler = () => { const authFile = isTSProject ? 'auth.ts' : 'auth.js' try { - await execa.command('yarn up @auth0/auth0-spa-js', { + await execa.command('yarn up @auth0/auth0-spa-js@^2', { cwd: getRWPaths().web.base, }) } catch {