fix[react]: store secureRouterReferrerPath in sessionStorage (#884)

* fix[react]: store secureRouterReferrerPath in sessionStorage * chore: update version and add changelog Co-authored-by: Shuo Wu <[email protected]>
okta · Aug 31, 2020 · 1244b68 · 1244b68
1 parent 8b96452
commit 1244b68
Show file tree

Hide file tree

Showing 5 changed files with 25 additions and 19 deletions.
diff --git a/packages/okta-react/CHANGELOG.md b/packages/okta-react/CHANGELOG.md
@@ -1,3 +1,9 @@
+# 3.0.6
+
+### Bug Fixes
+
+- [#884](https://github.com/okta/okta-oidc-js/pull/884) Stores `secureReferrerPath` in sessionStorage to avoid race condition for multiple tabs
+
 # 3.0.5
 
 ### Bug Fixes

diff --git a/packages/okta-react/package.json b/packages/okta-react/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@okta/okta-react",
-  "version": "3.0.5",
+  "version": "3.0.6",
   "description": "React support for Okta",
   "main": "./dist/index.js",
   "scripts": {
@@ -34,7 +34,7 @@
   "homepage": "https://github.com/okta/okta-oidc-js#readme",
   "dependencies": {
     "@okta/configuration-validation": "^0.4.1",
-    "@okta/okta-auth-js": "^3.2.2",
+    "@okta/okta-auth-js": "^3.2.3",
     "babel-runtime": "^6.26.0",
     "prop-types": "^15.5.10"
   },

diff --git a/packages/okta-react/src/AuthService.js b/packages/okta-react/src/AuthService.js
@@ -252,13 +252,13 @@ class AuthService {
     if (fromUri.charAt(0) === '/') {
       fromUri = window.location.origin + fromUri;
     }
-    localStorage.setItem( 'secureRouterReferrerPath', fromUri );
+    sessionStorage.setItem( 'secureRouterReferrerPath', fromUri );
   }
 
   getFromUri() {
     const referrerKey = 'secureRouterReferrerPath';
-    const location = localStorage.getItem(referrerKey) || window.location.origin;
-    localStorage.removeItem(referrerKey);
+    const location = sessionStorage.getItem(referrerKey) || window.location.origin;
+    sessionStorage.removeItem(referrerKey);
     return location;
   }
 

diff --git a/packages/okta-react/test/jest/authService.test.js b/packages/okta-react/test/jest/authService.test.js
@@ -430,35 +430,35 @@ describe('AuthService', () => {
   });
 
   describe('setFromUri', () => {
-    it('Saves the fromUri in localStorage', () => {
-      localStorage.setItem('secureRouterReferrerPath', '');
-      expect(localStorage.getItem('secureRouterReferrerPath')).toBe('');
+    it('Saves the fromUri in sessionStorage', () => {
+      sessionStorage.setItem('secureRouterReferrerPath', '');
+      expect(sessionStorage.getItem('secureRouterReferrerPath')).toBe('');
       const fromUri = 'http://localhost/foo/random';
       const authService = new AuthService(validConfig);
       authService.setFromUri(fromUri);
-      const val = localStorage.getItem('secureRouterReferrerPath');
+      const val = sessionStorage.getItem('secureRouterReferrerPath');
       expect(val).toBe(fromUri);
     });
 
     it('Saves the window.location.href by default', () => {
-      localStorage.setItem('secureRouterReferrerPath', '');
-      expect(localStorage.getItem('secureRouterReferrerPath')).toBe('');
+      sessionStorage.setItem('secureRouterReferrerPath', '');
+      expect(sessionStorage.getItem('secureRouterReferrerPath')).toBe('');
       const authService = new AuthService(validConfig);
       authService.setFromUri();
-      const val = localStorage.getItem('secureRouterReferrerPath');
+      const val = sessionStorage.getItem('secureRouterReferrerPath');
       expect(val).toBe(window.location.href);
     });
 
   });
 
   describe('getFromUri', () => {
-    test('clears referrer from localStorage', () => {
+    test('clears referrer from sessionStorage', () => {
       const TEST_VALUE = 'foo-bar';
-      localStorage.setItem('secureRouterReferrerPath', TEST_VALUE );
+      sessionStorage.setItem('secureRouterReferrerPath', TEST_VALUE );
       const authService = new AuthService(validConfig);
       const res = authService.getFromUri();
       expect(res).toBe(TEST_VALUE);
-      expect(localStorage.getItem('referrerPath')).not.toBeTruthy();
+      expect(sessionStorage.getItem('referrerPath')).not.toBeTruthy();
     });
   });
 

diff --git a/packages/okta-react/yarn.lock b/packages/okta-react/yarn.lock
@@ -115,10 +115,10 @@
   version "0.4.1"
   resolved "https://registry.yarnpkg.com/@okta/configuration-validation/-/configuration-validation-0.4.1.tgz#6fa4520bc96c27b3d7aedcb0523de1fbceee9105"
 
-"@okta/okta-auth-js@^3.2.2":
-  version "3.2.2"
-  resolved "https://registry.yarnpkg.com/@okta/okta-auth-js/-/okta-auth-js-3.2.2.tgz#a6af150b76741ebe16d3541db182387172daf5f1"
-  integrity sha512-1pq1l8FVQsrtC4P2eSsWVByIODg4/93g+KJ0XWi6s4Pl6C52EZayvFkac8+FfOfy5CSnAaYQij7bD/V39AuROQ==
+"@okta/okta-auth-js@^3.2.3":
+  version "3.2.3"
+  resolved "https://registry.yarnpkg.com/@okta/okta-auth-js/-/okta-auth-js-3.2.3.tgz#3bae9aa24eeac23b9d86504df346c514b62a6abf"
+  integrity sha512-lPKcITlHhfNhrGhnL8+zzlk86u2tZnXAahUPtiyEwFr+ktTpo8vWhraCR13hw0z46rTRVZ1lCMtedJt/wzMaoQ==
   dependencies:
     Base64 "0.3.0"
     cross-fetch "^3.0.0"