### Install Sample App Dependencies Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/packages/javascript-sdk/README.md Install the necessary dependencies for the sample applications. Run this command in the root folder of the cloned sample apps repository. ```bash npm install ``` -------------------------------- ### Install ForgeRock JavaScript SDK Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/README.md Install the SDK using npm. This command fetches and installs the latest version of the SDK package. ```bash npm install @forgerock/javascript-sdk ``` -------------------------------- ### Run Embedded Login Sample App Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/packages/javascript-sdk/README.md Start the embedded login sample application. This command is used after configuring the .env file for the embedded login sample. ```bash npm run start:embedded-login ``` -------------------------------- ### Install Ping Protect Module Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/packages/ping-protect/README.md Install the ForgeRock JavaScript SDK and the Ping Protect module using npm or pnpm. ```sh npm install @forgerock/javascript-sdk @forgerock/ping-protect ``` ```sh pnpm add @forgerock/javascript-sdk @forgerock/ping-protect ``` -------------------------------- ### Initialize Token Vault Client Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/packages/token-vault/README.md Initializes the Token Vault client by configuring the application, interceptor, and proxy origins and file paths. This setup should be in your app's main file. ```javascript // app/src/main.js import { Config, TokenManager } from '@forgerock/javascript-sdk'; import { client } from '@forgerock/token-vault'; /** * This factory function takes in a config object and returns * the necessary methods to setup the iframe ("proxy"), the * service worker ("interceptor"), and the token store replacement * API ("store"). */ const register = client({ app: { origin: 'http://localhost:5173', }, interceptor: { file: '/interceptor.js', }, proxy: { origin: 'http://localhost:5175', }, }); /** * Sets up the service worker for intercepting fetch requests */ register.interceptor({ /* optional interceptor worker config */ }); /** * Injects the iframe into the DOM to setup the proxy * Make sure to pass in the required, real DOM element as the zeroeth argument */ register.proxy(document.getElementById('token-vault'), { /* optional proxy config */ }); /** * Creates the store replacement for the SDK */ const tokenVaultStore = register.store({ /* optional store config */ }); ``` -------------------------------- ### Example Redacted Token Response Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/packages/token-vault/README.md An example of the redacted token response structure returned by the SDK. Sensitive token values are masked for security. ```json { "accessToken": "REDACTED", "idToken": "eyJ0eXAiOiJKV1QiLCJra…7r8soMCk8A7QdQpg", "refreshToken": "REDACTED", "tokenExpiry": 1690712227226 } ``` -------------------------------- ### Get Tokens with TokenManager Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/packages/token-vault/README.md Retrieve access and refresh tokens using the TokenManager. Note that token values will be redacted in the console output for security. ```javascript import { TokenManager } from '@forgerock/javascript-sdk'; const tokens = TokenManager.getTokens(); console.log(tokens); // Refresh & Access Token values will be redacted ``` -------------------------------- ### Get Ping Protect Data for Evaluation Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/packages/ping-protect/README.md When a PingOneProtectEvaluationCallback is encountered, call PIProtect.getData() to package collected data for server evaluation. This is an asynchronous call and requires error handling. ```javascript import { PIProtect } from '@forgerock/ping-protect'; let data; if (step.getCallbacksOfType('PingOneProtectEvaluationCallback')) { try { // Asynchronous call data = await PIProtect.getData(); } catch (err) { // handle error } } ``` -------------------------------- ### Build the Project Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/CONTRIBUTING.md Build the project to ensure it is set up correctly and all dependencies are resolved. ```bash pnpm build ``` -------------------------------- ### Navigate to Project Directory Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/CONTRIBUTING.md Change the current directory to the cloned project folder. ```bash cd forgerock-javascript-sdk ``` -------------------------------- ### Clone Sample Apps Repository Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/packages/javascript-sdk/README.md Clone the sample applications repository to explore and test SDK functionality. This is a prerequisite for running the sample apps. ```bash git clone https://github.com/ForgeRock/sdk-sample-apps.git ``` -------------------------------- ### Run Nx Commands Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/CONTRIBUTING.md Execute various commands like build, lint, or test for specific projects using Nx. Replace `` with the actual project name. ```bash `pnpm nx build javascript-sdk` ``` ```bash `pnpm nx lint javascript-sdk` ``` ```bash `pnpm nx test javascript-sdk` ``` ```bash `pnpm nx e2e autoscript-suites` ``` ```bash `pnpm nx serve autoscript-apps` ``` -------------------------------- ### Version packages for beta release Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/contributing_docs/releases.md Use this command to version packages specifically for a beta release. The --snapshot beta flag ensures packages are versioned as betas. ```bash pnpm changeset version --snapshot beta ``` -------------------------------- ### Publish Beta Package Manually Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/contributing_docs/releases.md Use this command to publish a beta version of your package. Ensure you use the --tag beta flag and --no-git-checks to avoid pipeline issues. Publishing manually first prevents the package from being published as the default private. ```bash pnpm publish --tag beta --no-git-checks --access public ``` -------------------------------- ### Continue Journey After Initialization Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/packages/ping-protect/README.md After initializing Ping Protect, call FRAuth.next(step) to proceed with the user's journey. ```javascript FRAuth.next(step); ``` -------------------------------- ### Clone the Repository Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/CONTRIBUTING.md Clone your forked repository to your local machine using the provided Git command. ```bash git clone https://github.com/your-username/forgerock-javascript-sdk.git ``` -------------------------------- ### Initialize Ping Protect Early Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/packages/ping-protect/README.md Call PIProtect.start() early in your application startup to collect as much data as possible for higher accuracy. The envId is a required configuration. ```javascript import { PIProtect } from '@forgerock/ping-protect'; // Call early in your application startup PIProtect.start({ envId: '02fb1243-189a-4bc7-9d6c-a919edf6447' }); ``` -------------------------------- ### PingOneProtectInitializeCallback Methods Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/packages/ping-protect/README.md Available methods for the PingOneProtectInitializeCallback, including retrieving configuration and setting client errors. ```javascript callback.getConfig(); callback.setClientError(); ``` -------------------------------- ### Add a Changeset Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/CONTRIBUTING.md Use the 'pnpm changeset' command to add a changeset when a change requires a release. Follow the interactive prompts to fill out the necessary information. ```bash pnpm changeset ``` -------------------------------- ### Dry run beta package publish Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/contributing_docs/releases.md Perform a dry run of publishing a package with the beta tag to verify the publish configuration and access level. The --access public flag is crucial for new packages. ```bash pnpm publish --tag beta --no-git-checks --access public --dry-run ``` -------------------------------- ### Test package publish with Verdaccio Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/contributing_docs/releases.md Commands to test publishing a package to a local private npm registry using Verdaccio. Ensure your .npmrc is updated to point to the local registry. ```bash pnpm nx run local-registry ``` ```bash pnpm changeset version pnpm publish packages/{your_package} --dry-run --no-git-checks --registry=http://localhost:4873 ``` -------------------------------- ### Conventional Commit Structure Source: https://github.com/forgerock/forgerock-javascript-sdk/blob/develop/CONTRIBUTING.md Follow this structure for commit messages to ensure consistency and clarity. ```text ():