[SDK-3594] De-dupe Id token (#967)

__tests__/Auth0Client/getIdTokenClaims.test.ts

@@ -107,16 +107,6 @@ describe('Auth0Client', () => {
 
             expect(await auth0.getIdTokenClaims()).toHaveProperty('exp');
             expect(await auth0.getIdTokenClaims()).not.toHaveProperty('me');
-            expect(await auth0.getIdTokenClaims({})).toHaveProperty('exp');
-            expect(
-              await auth0.getIdTokenClaims({ audience: 'default' })
-            ).toHaveProperty('exp');
-            expect(
-              await auth0.getIdTokenClaims({ scope: 'foo' })
-            ).toHaveProperty('exp');
-            expect(
-              await auth0.getIdTokenClaims({ audience: 'invalid' })
-            ).toBeUndefined();
           });
 
           it('returns the ID token claims with custom scope', async () => {
@@ -130,9 +120,7 @@ describe('Auth0Client', () => {
             });
             await login(auth0, { authorizationParams: { scope: 'scope3' } });
 
-            expect(
-              await auth0.getIdTokenClaims({ scope: 'scope1 scope2 scope3' })
-            ).toHaveProperty('exp');
+            expect(await auth0.getIdTokenClaims()).toHaveProperty('exp');
           });
 
           describe('when using refresh tokens', () => {
@@ -143,9 +131,7 @@ describe('Auth0Client', () => {
               });
               await login(auth0);
 
-              expect(
-                await auth0.getIdTokenClaims({ scope: 'foo offline_access' })
-              ).toHaveProperty('exp');
+              expect(await auth0.getIdTokenClaims()).toHaveProperty('exp');
             });
 
             it('returns the ID token claims with custom scope and offline_access', async () => {
@@ -160,11 +146,7 @@ describe('Auth0Client', () => {
               });
               await login(auth0, { authorizationParams: { scope: 'scope3' } });
 
-              expect(
-                await auth0.getIdTokenClaims({
-                  scope: 'scope1 scope2 scope3 offline_access'
-                })
-              ).toHaveProperty('exp');
+              expect(await auth0.getIdTokenClaims()).toHaveProperty('exp');
             });
           });
         });

__tests__/Auth0Client/getTokenSilently.test.ts

@@ -1788,12 +1788,35 @@ describe('Auth0Client', () => {
           access_token: TEST_ACCESS_TOKEN,
           expires_in: 86400,
           audience: 'default',
-          id_token: TEST_ID_TOKEN,
           scope: TEST_SCOPES
         })
       );
     });
 
+    it('saves user information in the cache', async () => {
+      const auth0 = setup();
+      const mockDecodedToken = {
+        claims: { sub: 'sub', aud: 'aus' },
+        user: { sub: 'sub' }
+      };
+      tokenVerifier.mockReturnValue(mockDecodedToken);
+
+      jest.spyOn(auth0['cacheManager'], 'setIdToken');
+
+      jest.spyOn(<any>utils, 'runIframe').mockResolvedValue({
+        access_token: TEST_ACCESS_TOKEN,
+        state: TEST_STATE
+      });
+
+      await getTokenSilently(auth0);
+
+      expect(auth0['cacheManager']['setIdToken']).toHaveBeenCalledWith(
+        TEST_CLIENT_ID,
+        TEST_ID_TOKEN,
+        mockDecodedToken
+      );
+    });
+
     it('saves `auth0.is.authenticated` key in storage', async () => {
       const auth0 = setup();
 

__tests__/Auth0Client/getUser.test.ts

@@ -9,6 +9,7 @@ import { expect } from '@jest/globals';
 import { setupFn } from './helpers';
 
 import { TEST_CODE_CHALLENGE } from '../constants';
+import { ICache } from '../../src';
 
 jest.mock('es-cookie');
 jest.mock('../../src/jwt');
@@ -73,5 +74,77 @@ describe('Auth0Client', () => {
 
       expect(decodedToken).toBeUndefined();
     });
+
+    it('searches the user in the cache', async () => {
+      const cache: ICache = {
+        get: jest.fn(),
+        set: jest.fn(),
+        remove: jest.fn(),
+        allKeys: jest.fn()
+      };
+      const auth0 = setup({ cache });
+      await auth0.getUser();
+
+      expect(cache.get).toBeCalledWith(
+        '@@auth0spajs@@::auth0_client_id::@@user@@'
+      );
+    });
+
+    it('fallback to searching the user stored with the access token', async () => {
+      const getMock = jest.fn();
+      const cache: ICache = {
+        get: getMock,
+        set: jest.fn(),
+        remove: jest.fn(),
+        allKeys: jest.fn()
+      };
+
+      getMock.mockImplementation((key: string) => {
+        if (
+          key ===
+          '@@auth0spajs@@::auth0_client_id::default::openid profile email'
+        ) {
+          return { body: { decodedToken: { user: { sub: '123' } } } };
+        }
+      });
+
+      const auth0 = setup({ cache });
+      const user = await auth0.getUser();
+
+      expect(cache.get).toBeCalledWith(
+        '@@auth0spajs@@::auth0_client_id::@@user@@'
+      );
+      expect(cache.get).toBeCalledWith(
+        '@@auth0spajs@@::auth0_client_id::default::openid profile email'
+      );
+      expect(user?.sub).toBe('123');
+    });
+
+    it('does not fallback to searching the user stored with the access token when user found', async () => {
+      const getMock = jest.fn();
+      const cache: ICache = {
+        get: getMock,
+        set: jest.fn(),
+        remove: jest.fn(),
+        allKeys: jest.fn()
+      };
+
+      getMock.mockImplementation((key: string) => {
+        if (key === '@@auth0spajs@@::auth0_client_id::@@user@@') {
+          return { decodedToken: { user: { sub: '123' } } };
+        }
+      });
+
+      const auth0 = setup({ cache });
+      const user = await auth0.getUser();
+
+      expect(cache.get).toBeCalledWith(
+        '@@auth0spajs@@::auth0_client_id::@@user@@'
+      );
+      expect(cache.get).not.toBeCalledWith(
+        '@@auth0spajs@@::auth0_client_id::default::openid profile email'
+      );
+      expect(user?.sub).toBe('123');
+    });
   });
 });

__tests__/Auth0Client/handleRedirectCallback.test.ts

@@ -142,7 +142,7 @@ describe('Auth0Client', () => {
 
       jest.spyOn(auth0['transactionManager'], 'remove');
       await loginWithRedirect(auth0);
-      expect(auth0['transactionManager'].remove).toHaveBeenCalledWith();
+      expect(auth0['transactionManager'].remove).toHaveBeenCalled();
     });
 
     it('should clear the transaction data when the /authorize call redirects with an error param', async () => {
@@ -165,7 +165,7 @@ describe('Auth0Client', () => {
       }
 
       expect(error).toBeDefined();
-      expect(auth0['transactionManager'].remove).toHaveBeenCalledWith();
+      expect(auth0['transactionManager'].remove).toHaveBeenCalled();
     });
 
     it('should throw an error if the /authorize call redirects with no params', async () => {
@@ -458,7 +458,7 @@ describe('Auth0Client', () => {
         }
       );
 
-      expect(auth0['transactionManager'].remove).toHaveBeenCalledWith();
+      expect(auth0['transactionManager'].remove).toHaveBeenCalled();
     });
 
     it('should clear the transaction data when the /authorize call redirects with an error param', async () => {
@@ -482,7 +482,7 @@ describe('Auth0Client', () => {
       }
 
       expect(error).toBeDefined();
-      expect(auth0['transactionManager'].remove).toHaveBeenCalledWith();
+      expect(auth0['transactionManager'].remove).toHaveBeenCalled();
     });
 
     it('should throw an error if the /authorize call redirects with no params', async () => {

__tests__/Auth0Client/loginWithPopup.test.ts

@@ -108,21 +108,7 @@ describe('Auth0Client', () => {
       const expectedUser = { sub: 'me' };
 
       expect(await auth0.getUser()).toEqual(expectedUser);
-      expect(await auth0.getUser({})).toEqual(expectedUser);
-      expect(await auth0.getUser({ audience: 'default' })).toEqual(
-        expectedUser
-      );
-      expect(await auth0.getUser({ scope: 'foo' })).toEqual(expectedUser);
-      expect(await auth0.getUser({ audience: 'invalid' })).toBeUndefined();
       expect(await auth0.getIdTokenClaims()).toBeTruthy();
-      expect(await auth0.getIdTokenClaims({})).toBeTruthy();
-      expect(
-        await auth0.getIdTokenClaims({ audience: 'default' })
-      ).toBeTruthy();
-      expect(await auth0.getIdTokenClaims({ scope: 'foo' })).toBeTruthy();
-      expect(
-        await auth0.getIdTokenClaims({ audience: 'invalid' })
-      ).toBeUndefined();
     });
 
     it('should log the user in with custom scope', async () => {
@@ -138,9 +124,7 @@ describe('Auth0Client', () => {
 
       const expectedUser = { sub: 'me' };
 
-      expect(await auth0.getUser({ scope: 'scope1 scope2 scope3' })).toEqual(
-        expectedUser
-      );
+      expect(await auth0.getUser()).toEqual(expectedUser);
     });
 
     it('encodes state with random string', async () => {
@@ -608,13 +592,12 @@ describe('Auth0Client', () => {
           access_token: TEST_ACCESS_TOKEN,
           expires_in: 86400,
           audience: 'default',
-          id_token: TEST_ID_TOKEN,
           scope: TEST_SCOPES
         })
       );
     });
 
-    it('saves decoded token into cache', async () => {
+    it('saves user information into the cache', async () => {
       const auth0 = setup();
 
       const mockDecodedToken = {
@@ -623,14 +606,14 @@ describe('Auth0Client', () => {
       };
       tokenVerifier.mockReturnValue(mockDecodedToken);
 
-      jest.spyOn(auth0['cacheManager'], 'set');
+      jest.spyOn(auth0['cacheManager'], 'setIdToken');
 
       await loginWithPopup(auth0);
 
-      expect(auth0['cacheManager']['set']).toHaveBeenCalledWith(
-        expect.objectContaining({
-          decodedToken: mockDecodedToken
-        })
+      expect(auth0['cacheManager']['setIdToken']).toHaveBeenCalledWith(
+        TEST_CLIENT_ID,
+        TEST_ID_TOKEN,
+        mockDecodedToken
       );
     });
 

__tests__/Auth0Client/loginWithRedirect.test.ts

@@ -328,12 +328,6 @@ describe('Auth0Client', () => {
       const expectedUser = { sub: 'me' };
 
       expect(await auth0.getUser()).toEqual(expectedUser);
-      expect(await auth0.getUser({})).toEqual(expectedUser);
-      expect(await auth0.getUser({ audience: 'default' })).toEqual(
-        expectedUser
-      );
-      expect(await auth0.getUser({ scope: 'foo' })).toEqual(expectedUser);
-      expect(await auth0.getUser({ audience: 'invalid' })).toBeUndefined();
     });
 
     it('should log the user in and get the user with custom scope', async () => {
@@ -352,9 +346,7 @@ describe('Auth0Client', () => {
 
       const expectedUser = { sub: 'me' };
 
-      expect(await auth0.getUser({ scope: 'scope1 scope2 scope3' })).toEqual(
-        expectedUser
-      );
+      expect(await auth0.getUser()).toEqual(expectedUser);
     });
 
     it('should log the user in with custom auth0Client', async () => {
@@ -503,12 +495,31 @@ describe('Auth0Client', () => {
           access_token: TEST_ACCESS_TOKEN,
           expires_in: 86400,
           audience: 'default',
-          id_token: TEST_ID_TOKEN,
           scope: TEST_SCOPES
         })
       );
     });
 
+    it('saves user information into the cache', async () => {
+      const auth0 = setup();
+
+      const mockDecodedToken = {
+        claims: { sub: 'sub', aud: 'aus' },
+        user: { sub: 'sub' }
+      };
+      tokenVerifier.mockReturnValue(mockDecodedToken);
+
+      jest.spyOn(auth0['cacheManager'], 'setIdToken');
+
+      await loginWithRedirect(auth0);
+
+      expect(auth0['cacheManager']['setIdToken']).toHaveBeenCalledWith(
+        TEST_CLIENT_ID,
+        TEST_ID_TOKEN,
+        mockDecodedToken
+      );
+    });
+
     it('saves `auth0.is.authenticated` key in storage', async () => {
       const auth0 = setup();
 

__tests__/Auth0Client/logout.test.ts

@@ -157,7 +157,7 @@ describe('Auth0Client', () => {
 
       auth0.logout({ localOnly: true });
 
-      expect(window.location.assign).not.toHaveBeenCalledWith();
+      expect(window.location.assign).not.toHaveBeenCalled();
     });
 
     it('calls `window.location.assign` when `options.localOnly` is false', async () => {

cypress.json

@@ -1,5 +1,6 @@
 {
   "chromeWebSecurity": false,
   "viewportWidth": 1000,
-  "viewportHeight": 1000
+  "viewportHeight": 1000,
+  "ignoreTestFiles": "migration.js"
 }