Replace locking dependency with natively supported Web Locks API #1455
Description
Checklist
- I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
- I have looked into the documentation and API documentation, and have not found a suitable solution or answer.
- I have searched the issues and have not found a suitable solution or answer.
- I have searched the Auth0 Community forums and have not found a suitable solution or answer.
- I agree to the terms within the Auth0 Code of Conduct.
Describe the problem you'd like to have solved
Using refresh tokens doesn't use a true locking mechanism. It can run into problems when multiple processes try to use it to get a new access token, because a refresh token can only be used once.
Describe the ideal solution
Replace the browser-tabs-lock dependency with the official natively supported Web Locks API.
Alternatives and current workarounds
No response
Additional context
I found out about the relatively new Web Locks API and researched how Auth0 SPA JS handles locking for refresh tokens. I was baffled to find out that it's using a 2 year old dependency version. Please replace it with the native browse API as it also finally has true locking capabilities!
https://developer.mozilla.org/en-US/docs/Web/API/Web_Locks_API
The current dependency also recommended using this API in 2023 (when it was only available to Google Chrome).