From d896f118abde71a156cf7d28f56ceb4eb70685cd Mon Sep 17 00:00:00 2001
From: German Lena <german.lena@gmail.com>
Date: Wed, 11 Jan 2017 12:25:27 -0300
Subject: [PATCH 1/2] support for get profile in legacy mode + disable warnings
 in legacy mode

---
 package.json                   |  5 +++--
 src/core/web_api.js            |  6 +++++-
 src/core/web_api/legacy_api.js | 21 ++++++++++++++++++++-
 src/core/web_api/p2_api.js     | 12 ++++++++++--
 4 files changed, 38 insertions(+), 6 deletions(-)

diff --git a/package.json b/package.json
index 0eb5f6397..3656a907b 100644
--- a/package.json
+++ b/package.json
@@ -80,15 +80,16 @@
     "auth0-js": "8.0.4",
     "blueimp-md5": "2.3.1",
     "fbjs": "^0.3.1",
+    "idtoken-verifier": "^1.0.1",
     "immutable": "^3.7.3",
     "jsonp": "^0.2.0",
     "password-sheriff": "^1.0.0",
     "react": "^15.0.0 || ^16.0.0",
     "react-addons-css-transition-group": "^15.0.0 || ^16.0.0",
     "react-dom": "^15.0.0 || ^16.0.0",
+    "superagent": "^3.3.1",
     "trim": "0.0.1",
-    "url-join": "^1.1.0",
-    "idtoken-verifier": "^1.0.1"
+    "url-join": "^1.1.0"
   },
   "cdn-component": {
     "name": "lock",
diff --git a/src/core/web_api.js b/src/core/web_api.js
index 606440fa2..b0877aa8d 100644
--- a/src/core/web_api.js
+++ b/src/core/web_api.js
@@ -20,7 +20,7 @@ class Auth0WebAPI {
     if (hostedLoginPage || !opts.oidcConformant) {
       this.clients[lockID] = new Auth0LegacyAPIClient(clientID, domain, opts);
     } else {
-      this.clients[lockID] = new Auth0APIClient(clientID, domain, opts);
+      this.clients[lockID] = new Auth0APIClient(lockID, clientID, domain, opts);
     }
   }
 
@@ -52,6 +52,10 @@ class Auth0WebAPI {
     return this.clients[lockID].getUserInfo(token, callback);
   }
 
+  getProfile(lockID, token, callback) {
+    return this.clients[lockID].getProfile(token, callback);
+  }
+
   getSSOData(lockID, ...args) {
     return this.clients[lockID].getSSOData(...args);
   }
diff --git a/src/core/web_api/legacy_api.js b/src/core/web_api/legacy_api.js
index 13e378034..dac84cc7c 100644
--- a/src/core/web_api/legacy_api.js
+++ b/src/core/web_api/legacy_api.js
@@ -1,5 +1,6 @@
 var IdTokenVerifier = require('idtoken-verifier');
 import auth0 from 'auth0-js';
+var request = require('superagent');
 import {normalizeError, loginCallback} from './helper';
 
 class Auth0LegacyAPIClient {
@@ -7,6 +8,7 @@ class Auth0LegacyAPIClient {
     this.client = null;
     this.authOpt = null;
 
+    this.domain = domain;
     this.clientID = clientID;
     this.tokenIssuer = (opts.overrides && opts.overrides.__token_issuer) || `https://${domain}/`;
 
@@ -25,7 +27,8 @@ class Auth0LegacyAPIClient {
       _sendTelemetry: opts._sendTelemetry === false ? false : true,
       _telemetryInfo: opts._telemetryInfo || default_telemetry,
       __tenant: opts.overrides && opts.overrides.__tenant,
-      __token_issuer: opts.overrides && opts.overrides.__token_issuer
+      __token_issuer: opts.overrides && opts.overrides.__token_issuer,
+      _disableDeprecationWarnings: true
     });
 
     this.authOpt = {
@@ -151,6 +154,22 @@ class Auth0LegacyAPIClient {
     return this.client.client.userInfo(token, callback);
   }
 
+  // auth0.js does not supports this endpoint because it is deprecated for oidcConformat clients
+  // we implemented it here to provide BC support, we will loose it in lock 11.
+  getProfile(token, callback) {
+    request.get(`https://${this.domain}/tokeninfo?id_token=${token}`)
+            .end(function(err, res) {
+              if (err) {
+                return callback({
+                  error: err.message,
+                  error_description: res.text || res.body
+                });
+              }
+
+              return callback(null, res.body);
+            })
+  }
+
   getSSOData(...args) {
     return this.client.client.getSSOData(...args);
   }
diff --git a/src/core/web_api/p2_api.js b/src/core/web_api/p2_api.js
index 95df02363..1867d110d 100644
--- a/src/core/web_api/p2_api.js
+++ b/src/core/web_api/p2_api.js
@@ -1,8 +1,11 @@
 import auth0 from 'auth0-js';
-import {normalizeError, loginCallback} from './helper';
+import * as l from '../index';
+import { getEntity, read } from '../../store/index';
+import { normalizeError, loginCallback } from './helper';
 
 class Auth0APIClient {
-  constructor(clientID, domain, opts) {
+  constructor(lockID, clientID, domain, opts) {
+    this.lockID = lockID;
     this.client = null;
     this.authOpt = null;
 
@@ -87,6 +90,11 @@ class Auth0APIClient {
     return this.client.client.userInfo(token, callback);
   }
 
+  getProfile(token, callback) {
+    const m = read(getEntity, "lock", this.lockID);
+    l.emitUnrecoverableErrorEvent(m, '`getProfile` is deprecated for oidcConformant clients');
+  }
+
   getSSOData(...args) {
     return this.client.client.getSSOData(...args);
   }

From fc9ff663148e7409e1ca41dc441c1b52edce6e1e Mon Sep 17 00:00:00 2001
From: German Lena <german.lena@gmail.com>
Date: Wed, 11 Jan 2017 12:33:03 -0300
Subject: [PATCH 2/2] ES6 imports

---
 src/core/web_api/legacy_api.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/core/web_api/legacy_api.js b/src/core/web_api/legacy_api.js
index dac84cc7c..4e5904b40 100644
--- a/src/core/web_api/legacy_api.js
+++ b/src/core/web_api/legacy_api.js
@@ -1,6 +1,6 @@
-var IdTokenVerifier = require('idtoken-verifier');
+import IdTokenVerifier from 'idtoken-verifier';
 import auth0 from 'auth0-js';
-var request = require('superagent');
+import request from 'superagent';
 import {normalizeError, loginCallback} from './helper';
 
 class Auth0LegacyAPIClient {