Merge pull request #123 from okta/sw-backport-122

Backport PR 122

Author: shuowu-okta

CHANGELOG.md

@@ -1,3 +1,9 @@
+# 5.1.2
+
+### Bug Fixes
+
+- [#122](https://github.com/okta/okta-react/pull/122) Locks the SDK with installed okta-auth-js major version
+
 # 5.1.1
 
 ### Bug Fixes

env.js

@@ -1,11 +1,14 @@
 const path = require('path');
 const dotenv = require('dotenv');
 const fs = require('fs');
+const semver = require('semver');
 
 // Read information from package.json and expose as environment variables
 const PACKAGE = require('./package.json');
 process.env.PACKAGE_NAME = PACKAGE.name;
 process.env.PACKAGE_VERSION = PACKAGE.version;
+const authJsVersion = PACKAGE.dependencies['@okta/okta-auth-js'];
+process.env.AUTH_JS_MAJOR_VERSION = semver.minVersion(authJsVersion).major;
 
 // Read environment variables from "testenv". Override environment vars if they are already set.
 const TESTENV = path.resolve(__dirname, 'testenv');

package.json

@@ -92,6 +92,7 @@
     "rollup-plugin-cleanup": "^3.2.1",
     "rollup-plugin-terser": "^7.0.2",
     "rollup-plugin-typescript2": "^0.29.0",
+    "semver": "^7.3.5",
     "shelljs": "^0.8.4",
     "ts-jest": "^26.4.4",
     "typescript": "^4.0.5"
@@ -104,4 +105,4 @@
     "./",
     "test/e2e/harness"
   ]
-}
+}

rollup.config.js

@@ -32,7 +32,8 @@ const commonPlugins = [
   }),
   replace({
     'process.env.PACKAGE_NAME': JSON.stringify(process.env.PACKAGE_NAME),
-    'process.env.PACKAGE_VERSION': JSON.stringify(process.env.PACKAGE_VERSION)
+    'process.env.PACKAGE_VERSION': JSON.stringify(process.env.PACKAGE_VERSION),
+    'process.env.AUTH_JS_MAJOR_VERSION': JSON.stringify(process.env.AUTH_JS_MAJOR_VERSION)
   }),
   cleanup({ 
     extensions,

src/Security.tsx

@@ -37,6 +37,10 @@ const Security: React.FC<{
     }
     return oktaAuth.authStateManager.getAuthState();
   });
+  const [oktaAuthMajorVersion] = React.useState(() => {
+    const majorVersion = oktaAuth?.userAgent?.split('/')[1]?.split('.')[0];
+    return majorVersion;
+  });
 
   React.useEffect(() => {
     if (!oktaAuth || !restoreOriginalUri) {
@@ -77,6 +81,17 @@ const Security: React.FC<{
     return <OktaError error={err} />;
   }
 
+  
+  if (oktaAuthMajorVersion !== process.env.AUTH_JS_MAJOR_VERSION 
+      // skip in test as version and userAgent are dynamic
+      && process.env.NODE_ENV !== 'test') {
+    const err = new AuthSdkError(`
+      Passed in oktaAuth is not compatible with the SDK,
+      okta-auth-js version ${process.env.AUTH_JS_MAJOR_VERSION}.x is the current supported version.
+    `);
+    return <OktaError error={err} />;
+  }
+
   return (
     <OktaContext.Provider value={{ 
       oktaAuth, 

yarn.lock

@@ -11923,6 +11923,13 @@ semver@7.x, semver@^7.2.1, semver@^7.3.2:
   dependencies:
     lru-cache "^6.0.0"
 
+semver@^7.3.5:
+  version "7.3.5"
+  resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.5.tgz#0b621c879348d8998e4b0e4be94b3f12e6018ef7"
+  integrity sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ==
+  dependencies:
+    lru-cache "^6.0.0"
+
 send@0.17.1:
   version "0.17.1"
   resolved "https://registry.yarnpkg.com/send/-/send-0.17.1.tgz#c1d8b059f7900f7466dd4938bdc44e11ddb376c8"