BREAKING CHANGE: removes 'useMultipleCookies' option

OKTA-428455
<<<Jenkins Check-In of Tested SHA: 3dad085 for eng_productivity_ci_bot_okta@okta.com>>>
Artifact: okta-auth-js
Files changed count: 9
PR Link: "#1051"

CHANGELOG.md

@@ -8,6 +8,7 @@
 - [#1049](https://github.com/okta/okta-auth-js/pull/1049) Bump minimum supported node version to 12.20
 - [#1050](https://github.com/okta/okta-auth-js/pull/1050) Removes `userAgent` field from oktaAuth instance
 - [#1014](https://github.com/okta/okta-auth-js/pull/1014) Shared transaction storage is automatically cleared on success and error states. Storage is not cleared for "terminal" state which is neither success nor error.
+- [#1051](https://github.com/okta/okta-auth-js/pull/1051) Removes `useMultipleCookies` from CookieStorage options
 
 ### Features
 

README.md

@@ -573,7 +573,6 @@ var config = {
         'sessionStorage',
         'cookie'
       ],
-      useMultipleCookies: true // puts each token in its own cookie
     },
     cache: {
       storageTypes: [

lib/TokenManager.ts

@@ -102,7 +102,7 @@ export class TokenManager implements TokenManagerInterface {
       storageOptions.storageType = options.storage as StorageType;
     }
 
-    this.storage = sdk.storageManager.getTokenStorage(storageOptions);
+    this.storage = sdk.storageManager.getTokenStorage({...storageOptions, useSeparateCookies: true});
     this.clock = SdkClock.create(/* sdk, options */);
     this.state = defaultState();
 

lib/browser/browserStorage.ts

@@ -153,20 +153,20 @@ var storageUtil: BrowserStorageUtil = {
       }
     };
 
-    if (!options.useMultipleCookies) {
+    if (!options.useSeparateCookies) {
       return storage;
     }
 
-    // options.useMultipleCookies - because cookies have size limits.
+    // Tokens are stored separately because cookies have size limits.
     // Can only be used when storing an object value. Object properties will be saved to separate cookies.
-    //  Each property of the object must also be an object.
+    // Each property of the object must also be an object.
     return {
       getItem: function(key) {
         var data = storage.getItem(); // read all cookies
         var value = {};
         Object.keys(data).forEach(k => {
           if (k.indexOf(key) === 0) { // filter out unrelated cookies
-            value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie dataa
+            value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie data
           }
         });
         return JSON.stringify(value);

lib/options.ts

@@ -27,8 +27,7 @@ const BROWSER_STORAGE: StorageManagerOptions = {
       'localStorage',
       'sessionStorage',
       'cookie'
-    ],
-    useMultipleCookies: true
+    ]
   },
   cache: {
     storageTypes: [

lib/types/Storage.ts

@@ -61,7 +61,7 @@ export interface StorageOptions extends CookieOptions {
   storageTypes?: StorageType[];
   storageProvider?: SimpleStorage;
   storageKey?: string;
-  useMultipleCookies?: boolean;
+  useSeparateCookies?: boolean;
 }
 
 export type StorageType = 'memory' | 'sessionStorage' | 'localStorage' | 'cookie' | 'custom' | 'auto';

test/spec/TokenManager/browser.ts

@@ -105,7 +105,7 @@ describe('TokenManager (browser)', function() {
         storageManager: {
           token: {
             storageTypes: ['cookie'],
-            useMultipleCookies: true,
+            useSeparateCookies: true
           }
         }
       });

test/spec/browserStorage.js

@@ -116,7 +116,6 @@ describe('browserStorage', () => {
   });
 
   describe('getCookieStorage', () => {
-
     it('requires an options object', () => {
       const fn = function() {
         browserStorage.getCookieStorage();
@@ -144,37 +143,63 @@ describe('browserStorage', () => {
       };
       expect(fn).not.toThrow();
     });
-
-    it('getItem: will call storage.get', () => {
-      const retVal = { fakeCookie: true };
-      jest.spyOn(browserStorage.storage, 'get').mockReturnValue(retVal);
-      const storage = browserStorage.getCookieStorage({ secure: true, sameSite: 'strict' });
-      const key = 'fake-key';
-      expect(storage.getItem(key)).toBe(retVal);
-      expect(browserStorage.storage.get).toHaveBeenCalledWith(key);
-    });
-
-    it('setItem: without sessionCookie set, it will call storage.set, passing secure, sameSite and infinite expiration date options', () => {
-      jest.spyOn(browserStorage.storage, 'set').mockReturnValue(null);
-      const storage = browserStorage.getCookieStorage({ secure: 'fakey', sameSite: 'strictly fakey' });
-      const key = 'fake-key';
-      const val = { fakeValue: true };
-      storage.setItem(key, val);
-      expect(browserStorage.storage.set).toHaveBeenCalledWith(key, val, '2200-01-01T00:00:00.000Z', {
-        secure: 'fakey',
-        sameSite: 'strictly fakey'
+
+    describe('useSeparateCookies: false', () => {
+      it('getItem: will call storage.get', () => {
+        const retVal = { fakeCookie: true };
+        jest.spyOn(browserStorage.storage, 'get').mockReturnValue(retVal);
+        const storage = browserStorage.getCookieStorage({ secure: true, sameSite: 'strict' });
+        const key = 'fake-key';
+        expect(storage.getItem(key)).toBe(retVal);
+        expect(browserStorage.storage.get).toHaveBeenCalledWith(key);
+      });
+
+      it('setItem: without sessionCookie set, it will call storage.set, passing secure, sameSite and infinite expiration date options', () => {
+        jest.spyOn(browserStorage.storage, 'set').mockReturnValue(null);
+        const storage = browserStorage.getCookieStorage({ secure: 'fakey', sameSite: 'strictly fakey' });
+        const key = 'fake-key';
+        const val = { fakeValue: true };
+        storage.setItem(key, val);
+        expect(browserStorage.storage.set).toHaveBeenCalledWith(key, val, '2200-01-01T00:00:00.000Z', {
+          secure: 'fakey',
+          sameSite: 'strictly fakey'
+        });
+      });
+
+      it('setItem: when sessionCookie is set, it will call storage.set, passing secure, sameSite and session-limited expiration date(null) options ', () => {
+        jest.spyOn(browserStorage.storage, 'set').mockReturnValue(null);
+        const storage = browserStorage.getCookieStorage({ secure: 'fakey', sameSite: 'strictly fakey', sessionCookie: true });
+        const key = 'fake-key';
+        const val = { fakeValue: true };
+        storage.setItem(key, val);
+        expect(browserStorage.storage.set).toHaveBeenCalledWith(key, val, null, {
+          secure: 'fakey',
+          sameSite: 'strictly fakey'
+        });
       });
     });
 
-    it('setItem: when sessionCookie is set, it will call storage.set, passing secure, sameSite and session-limited expiration date(null) options ', () => {
-      jest.spyOn(browserStorage.storage, 'set').mockReturnValue(null);
-      const storage = browserStorage.getCookieStorage({ secure: 'fakey', sameSite: 'strictly fakey', sessionCookie: true });
-      const key = 'fake-key';
-      const val = { fakeValue: true };
-      storage.setItem(key, val);
-      expect(browserStorage.storage.set).toHaveBeenCalledWith(key, val, null, {
-        secure: 'fakey',
-        sameSite: 'strictly fakey'
+    describe('useSeparateCookies: true', () => {
+      it('getItem: will use storage.get internally, but not directly', () => {
+        const retVal = { fakeCookie: true };
+        jest.spyOn(browserStorage.storage, 'get');
+        const storage = browserStorage.getCookieStorage({ secure: true, sameSite: 'strict', useSeparateCookies: true });
+        jest.spyOn(storage, 'getItem').mockReturnValue(retVal);
+        const key = 'fake-key';
+        expect(storage.getItem(key)).toBe(retVal);
+        expect(storage.getItem).toHaveBeenCalledWith(key);
+        expect(browserStorage.storage.get).not.toHaveBeenCalledWith(key);
+      });
+
+      it('setItem: will use storage.get and storage.set internally, but not directly', () => {
+        jest.spyOn(browserStorage.storage, 'set');
+        const storage = browserStorage.getCookieStorage({ secure: 'fakey', sameSite: 'strictly fakey' });
+        jest.spyOn(storage, 'setItem').mockReturnValue(null);
+        const key = 'fake-key';
+        const val = { fakeValue: true };
+        storage.setItem(key, val);
+        expect(storage.setItem).toHaveBeenCalledWith(key, val);
+        expect(browserStorage.storage.set).not.toHaveBeenCalled();
       });
     });
   });

test/types/config.test-d.ts

@@ -53,8 +53,7 @@ const config: OktaAuthOptions = {
 
   storageManager: {
     token: {
-      storageType: 'sessionStorage',
-      useMultipleCookies: true // puts each token in its own cookie
+      storageType: 'sessionStorage'
     },
     cache: {
       storageTypes: [