Kinde vanilla JavaScript authentication for SPAs using PKCE flows. Can be used with Vue / Angular or any JS framework
Home Page: https://kinde.com/docs/developer-tools/javascript-sdk/
License: MIT License
The Kinde SDK for JavaScript.
You can also use the JavaScript starter kit here.
Please refer to the Kinde Javacript SDK document.
The core team handles publishing.
To publish a new package version, use the “Release and Publish to NPM” action in the “Actions” tab.
Please refer to Kinde’s contributing guidelines.
By contributing to Kinde, you agree that your contributions will be licensed under its MIT License.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
We are seeing an issue when the following conditions are met:
In this case the cookie seems to be unreadable by the device. It is fine when viewing in the browser, just not when installed as a PWA.
You can work around this by using the is_dangerously_use_local_storage escape hatch but this isn't recommended (as the name implies!)
Suggest we detect if the SDK is running on an installed PWA and fallback to local storage in that instance only.
https://github.com/kinde-oss/kinde-auth-pkce-js/
3.0.16
Android
Android v12
No response
No response
Running the command npm run test executes all the test-suites with jest. All the tests pass however there are console.error logs displayed as jest executes all the tests, a screenshot and a code-sandbox environment have been shared below to demonstrate this, evidently this is not a "bug" per se but without closer inspection the appearance of the console.error logs does give the misleading impression that something is wrong even though it is not. 😏
https://github.com/kinde-oss/kinde-auth-pkce-js
3.0.18
Ubuntu
Ubuntu 22.04
Mozilla Firefox 116.0.2Node.js v18.16.1https://codesandbox.io/p/github/kinde-oss/kinde-auth-pkce-js/main?file=/.prettierrc.json:1,1
Hi Team,
In the init method for createKindeClient.ts, it currently uses the presence of the code param in the window.location to detect if it's a Kinde based redirect. This means that any unrelated oauth flows will be hijacked.
Since KindeClient has a redirect URI, ideally it would also be looking for a match based on the window.location's protocol, host and path:
const init = async () => {
const { protocol, host, pathname, search } = window.location
const q = new URLSearchParams(search);
const currentRedirectUri = `${protocol}${host}${pathname}`
const isRedirectUrl = redirect_uri === currentRedirectUri // You could add an optional param to options to skip/add this check
if (isRedirectUri && q.has('code')) {
await handleRedirectToApp(q);
} else {
// For onload / new tab / page refresh
if (is_use_cookie || is_dangerously_use_local_storage) {
await useRefreshToken();
}
}
};https://github.com/kinde-oss/kinde-auth-pkce-js
3.0.20
macOS
13.4 (22F66)
No response
No response
No response
The login, register, and createOrg methods in the KindeClient type are currently making the options argument required. When looking at AuthOptions and OrgOptions, both types are fully optional. Fixing these will stop TypeScript errors showing up when using this library within a TypeScript project.
https://github.com/kinde-oss/kinde-auth-pkce-js
3.0.25
macOS
macOS Sonoma 14.1
No response
No response
No response
https://github.dev/kinde-oss/kinde-auth-pkce-js/blob/main/src/createKindeClient.ts
handleRedirectToApp(...) calls window.history.pushState({}, '', url); on line 258. Is there any chance that this could be changed to https://developer.mozilla.org/en-US/docs/Web/API/History/replaceState The use of pushState(...) means that a history entry gets generated which means that if a user click the Back button in their browser after login, they end up on back on the URL which has the ?code=... query args, which get stripped back out by Kinde and redirects them forward again to the page they just tried to press Back on.
https://github.dev/kinde-oss/kinde-auth-pkce-js
3.0.27
macOS
14.0
No response
No response
No response
Given the following code, using the @kinde-oss/kinde-auth-react
<KindeProvider
clientId="xxx"
domain="https://zzzzz.eu.kinde.com"
audience="first-audience second-audience"
After the success login redirect we see the following error:
Error: (aud) claim mismatch. Expected: "first-audience second-audience", Received: "first-audience, second-audience"
at isTokenValid (kinde-auth-pkce-js.esm.js:242:1)
at setStore (kinde-auth-pkce-js.esm.js:316:1)
at handleRedirectToApp (kinde-auth-pkce-js.esm.js:480:1)
at async init (kinde-auth-pkce-js.esm.js:600:1)
at async createKindeClient (kinde-auth-pkce-js.esm.js:621:1)
https://github.com/kinde-oss/kinde-auth-react
4.0.1
Windows
Windows 11, Version - 10.0.22631 Build 22631
No response
No response
No response
Many of the utility functions are common across all our JS based SDKs (vanilla JS, Next, Node, React) and there is unnecessary code duplication. These are helpers for:
A consolidated shared helper library that can be consumed by all our JS libraries
No response
Hi @DaveOrDead, found this when working on #29, when building the package rollup reports the presence of a circular dependency, a screen shot corroborating this can be found here.
https://github.com/kinde-oss/kinde-auth-pkce-js.git
3.0.18
Ubuntu
Ubuntu 22.04
Browser: Mozilla Firefox 116.0.2
JavaScript Runtime: Node.js v18.16.1
https://codesandbox.io/p/github/kinde-oss/kinde-auth-pkce-js/main?file=/.prettierrc.json:1,1
No response
Feedback from the community is they would like a TS version of the SDK.
We currently expose all the types in a type definition file index.d.ts
Conversion of library to TypeScript
No response
Occasionally when parsing the ID token the following console error is thrown
https://github.com/kinde-oss/kinde-auth-pkce-js
3.0.16
macOS
Ventura
No response
No response
No response
The isAuthenticated method is missing from KindeClient type in index.d.ts.
https://github.com/kinde-oss/kinde-auth-pkce-js
3.0.19
Ubuntu
Ubuntu 22.04
No response
No response
No response
Update README to Kinde's OSS template for SDK - https://github.com/kinde-oss/kinde-oss-repo-template/blob/main/README_template_non-generator.md
N/A
No response
Consistent code style and making life easier for contributors
Prettier package added to library, config file and formatting applied across the library
No response
Several of the other Kinde SDKs offer an isAuthenticated method to improve the developer experience of checking if a user is authenticated
Add an isAuthenticated method to the library
No response
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.