auth0-vue

Fixed

• Use export type and import type to allow verbatimModuleSyntax #303 (frederikprijck)

Fixed

• bump auth0-spa-js to latest version #253 (frederikprijck)

Added

• Support Organization Name #242 (frederikprijck)

Changed

• Avoid using readonly for public exposed reactive properties #243 (frederikprijck)

Fixed

• Improve TypeScript types when using strict set to true #235 (frederikprijck)

Added

• Gracefully handle errors upon plugin installation #224 (frederikprijck)

Added

• Add RedirectLoginOptions to createAuthGuard #209 (june07)

Fixed

• Correctly expose SDK API from CJS bundle #219 (frederikprijck)

Fixed

• Map redirect_uri on config to authorizationParams #211 (ewanharris)

Fixed

• Add exports field to package.json #201 (frederikprijck)

Auth0-Vue v2 includes many significant changes compared to v1:

• Remove polyfills from bundles
• Introduce authorizationParams and logoutParams to hold properties sent to Auth0
• Remove buildAuthorizeUrl and buildLogoutUrl
• Remove redirectMethod, and replace by openUrl
• Remove localOnly from logout in favor of openUrl
• Rework ignoreCache to cacheMode and introduce cache-only
• Use form-encoded data by default
• Do not fallback to refreshing tokens via iframe method by default
• Remove advancedOptions.defaultScope and replace with scope

As with any major version bump, v2 of Auth0-Vue contains a set of breaking changes. Please review the migration guide thoroughly to understand the changes required to migrate your application to v2.

Security

• Upgrade @auth0/auth0-spa-js to 1.22.6 #191 (ewanharris)

This patch release is identical to 1.0.2 but has been released to ensure tooling no longer detects a vulnerable version of jsonwebtoken being used by @auth0/auth0-spa-js.

Even though 1.22.5 of @auth0/auth0-spa-js was not vulnerable for the related CVE because of the fact that jsonwebtoken is a devDependency of @auth0/auth0-spa-js, we are cutting a release to ensure build tools no longer report our SDK's that use @auth0/auth0-spa-js as vulnerable to the mentioned CVE.

Auth0-Vue v2 includes many significant changes compared to v1:

• Remove polyfills from bundles
• Introduce authorizationParams and logoutParams to hold properties sent to Auth0
• Remove buildAuthorizeUrl and buildLogoutUrl
• Remove redirectMethod, and replace by openUrl
• Remove localOnly from logout in favor of openUrl
• Rework ignoreCache to cacheMode and introduce cache-only
• Use form-encoded data by default
• Do not fallback to refreshing tokens via iframe method by default
• Remove advancedOptions.defaultScope and replace with scope

As with any major version bump, v2 of Auth0-Vue contains a set of breaking changes. Please review the migration guide thoroughly to understand the changes required to migrate your application to v2.

Fixed

• Do not refreshState when logging out using redirect #128 (frederikprijck)

Changed

• Merge plugin and proxy class to allow usage outside components #106 (frederikprijck)

Fixed

• Bind all methods of Auth0VueClient to this #110 (frederikprijck)

This is the first version of the Auth0 SDK for Vue 3 applications, making integrating Auth0 as seamlessly as possible.

To learn more, have a look at the following documents:

• Quickstart Guide
• API Reference

For support or to provide feedback, please raise an issue on our issue tracker.

Changes since v1.0.0-beta.2

Added

• Support a guard without calling createAuthGuard #80 (frederikprijck)

Fixed

• Refactor history.replaceState usage #89 (Soviut)
• FIX logout options not required #92 (Soviut)
• Ensure tarball contains all the required typings #77 (frederikprijck)

Added

• Support a guard without calling createAuthGuard #80 (frederikprijck)

Fixed

• Ensure tarball contains all the required typings #77 (frederikprijck)

• Return false from Navigation Guard when redirecting to Auth0 (#48)
• Only refresh state on local logout (#47)