@esri/solutions-components 0.2.0 → 0.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (34) hide show
  1. package/dist/cjs/calcite-shell-panel_14.cjs.entry.js +1 -1
  2. package/dist/cjs/solution-configuration.cjs.entry.js +1086 -2
  3. package/dist/cjs/solution-configuration.cjs.entry.js.map +1 -1
  4. package/dist/cjs/solution-contents_3.cjs.entry.js +1 -1
  5. package/dist/cjs/{solution-store-f0547fe7.js → solution-store-e2fc11ac.js} +6 -1
  6. package/dist/cjs/solution-store-e2fc11ac.js.map +1 -0
  7. package/dist/collection/components/solution-configuration/solution-configuration.js +5 -9
  8. package/dist/collection/components/solution-configuration/solution-configuration.js.map +1 -1
  9. package/dist/components/solution-configuration.js +1086 -2
  10. package/dist/components/solution-configuration.js.map +1 -1
  11. package/dist/components/solution-store.js +1 -1
  12. package/dist/components/solution-store.js.map +1 -1
  13. package/dist/esm/calcite-shell-panel_14.entry.js +1 -1
  14. package/dist/esm/solution-configuration.entry.js +1086 -2
  15. package/dist/esm/solution-configuration.entry.js.map +1 -1
  16. package/dist/esm/solution-contents_3.entry.js +1 -1
  17. package/dist/esm/{solution-store-c1f6173a.js → solution-store-b3c65467.js} +2 -2
  18. package/dist/esm/solution-store-b3c65467.js.map +1 -0
  19. package/dist/solutions-components/{p-0e7a0839.entry.js → p-542189bc.entry.js} +2 -2
  20. package/dist/solutions-components/{p-0e7a0839.entry.js.map → p-542189bc.entry.js.map} +0 -0
  21. package/dist/solutions-components/{p-ee9be0ef.entry.js → p-638738f2.entry.js} +2 -2
  22. package/dist/solutions-components/{p-ee9be0ef.entry.js.map → p-638738f2.entry.js.map} +0 -0
  23. package/dist/solutions-components/p-7e8985f2.entry.js +1979 -0
  24. package/dist/solutions-components/p-7e8985f2.entry.js.map +1 -0
  25. package/dist/solutions-components/{p-065830b8.js → p-b25f6ebe.js} +2 -2
  26. package/dist/solutions-components/p-b25f6ebe.js.map +1 -0
  27. package/dist/solutions-components/solutions-components.esm.js +1 -1
  28. package/dist/solutions-components_commit.txt +5 -6
  29. package/package.json +1 -1
  30. package/dist/cjs/solution-store-f0547fe7.js.map +0 -1
  31. package/dist/esm/solution-store-c1f6173a.js.map +0 -1
  32. package/dist/solutions-components/p-065830b8.js.map +0 -1
  33. package/dist/solutions-components/p-401541a5.entry.js +0 -895
  34. package/dist/solutions-components/p-401541a5.entry.js.map +0 -1
package/dist/esm/solution-configuration.entry.js CHANGED
@@ -4,7 +4,7 @@
4
4
  * http://www.apache.org/licenses/LICENSE-2.0
5
5
  */
6
6
  import { r as registerInstance, h, H as Host, g as getElement } from './index-15022d11.js';
7
- import { g as getProp, s as state } from './solution-store-c1f6173a.js';
7
+ import { r as request, N as NODEJS_DEFAULT_REFERER_HEADER, c as cleanUrl, e as encodeQueryString, A as ArcGISAuthError, g as getProp, s as state } from './solution-store-b3c65467.js';
8
8
  import { g as getLocaleComponentStrings } from './locale-0e10d7e5.js';
9
9
  import './index-9c882a6e.js';
10
10
  import './interfaces-e2a2064d.js';
@@ -352,6 +352,1090 @@ function _getTopLevelItemIds(templates) {
352
352
  return topLevelItemCandidateIds;
353
353
  }
354
354
 
355
+ /* Copyright (c) 2017-2020 Environmental Systems Research Institute, Inc.
356
+ * Apache-2.0 */
357
+ function decodeParam(param) {
358
+ var _a = param.split("="), key = _a[0], value = _a[1];
359
+ return { key: decodeURIComponent(key), value: decodeURIComponent(value) };
360
+ }
361
+ /**
362
+ * Decodes the passed query string as an object.
363
+ *
364
+ * @param query A string to be decoded.
365
+ * @returns A decoded query param object.
366
+ */
367
+ function decodeQueryString(query) {
368
+ return query
369
+ .replace(/^#/, "")
370
+ .split("&")
371
+ .reduce(function (acc, entry) {
372
+ var _a = decodeParam(entry), key = _a.key, value = _a.value;
373
+ acc[key] = value;
374
+ return acc;
375
+ }, {});
376
+ }
377
+
378
+ /*! *****************************************************************************
379
+ Copyright (c) Microsoft Corporation.
380
+
381
+ Permission to use, copy, modify, and/or distribute this software for any
382
+ purpose with or without fee is hereby granted.
383
+
384
+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
385
+ REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
386
+ AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
387
+ INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
388
+ LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
389
+ OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
390
+ PERFORMANCE OF THIS SOFTWARE.
391
+ ***************************************************************************** */
392
+
393
+ var __assign = function() {
394
+ __assign = Object.assign || function __assign(t) {
395
+ for (var s, i = 1, n = arguments.length; i < n; i++) {
396
+ s = arguments[i];
397
+ for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) t[p] = s[p];
398
+ }
399
+ return t;
400
+ };
401
+ return __assign.apply(this, arguments);
402
+ };
403
+
404
+ /* Copyright (c) 2017 Environmental Systems Research Institute, Inc.
405
+ * Apache-2.0 */
406
+ function fetchToken(url, requestOptions) {
407
+ var options = requestOptions;
408
+ // we generate a response, so we can't return the raw response
409
+ options.rawResponse = false;
410
+ return request(url, options).then(function (response) {
411
+ var r = {
412
+ token: response.access_token,
413
+ username: response.username,
414
+ expires: new Date(
415
+ // convert seconds in response to milliseconds and add the value to the current time to calculate a static expiration timestamp
416
+ Date.now() + (response.expires_in * 1000 - 1000)),
417
+ ssl: response.ssl === true
418
+ };
419
+ if (response.refresh_token) {
420
+ r.refreshToken = response.refresh_token;
421
+ }
422
+ return r;
423
+ });
424
+ }
425
+
426
+ /* Copyright (c) 2017-2018 Environmental Systems Research Institute, Inc.
427
+ * Apache-2.0 */
428
+ function generateToken(url, requestOptions) {
429
+ var options = requestOptions;
430
+ /* istanbul ignore else */
431
+ if (typeof window !== "undefined" &&
432
+ window.location &&
433
+ window.location.host) {
434
+ options.params.referer = window.location.host;
435
+ }
436
+ else {
437
+ options.params.referer = NODEJS_DEFAULT_REFERER_HEADER;
438
+ }
439
+ return request(url, options);
440
+ }
441
+
442
+ /**
443
+ * Used to test if a URL is an ArcGIS Online URL
444
+ */
445
+ var arcgisOnlineUrlRegex = /^https?:\/\/(\S+)\.arcgis\.com.+/;
446
+ function isOnline(url) {
447
+ return arcgisOnlineUrlRegex.test(url);
448
+ }
449
+ function normalizeOnlinePortalUrl(portalUrl) {
450
+ if (!arcgisOnlineUrlRegex.test(portalUrl)) {
451
+ return portalUrl;
452
+ }
453
+ switch (getOnlineEnvironment(portalUrl)) {
454
+ case "dev":
455
+ return "https://devext.arcgis.com/sharing/rest";
456
+ case "qa":
457
+ return "https://qaext.arcgis.com/sharing/rest";
458
+ default:
459
+ return "https://www.arcgis.com/sharing/rest";
460
+ }
461
+ }
462
+ function getOnlineEnvironment(url) {
463
+ if (!arcgisOnlineUrlRegex.test(url)) {
464
+ return null;
465
+ }
466
+ var match = url.match(arcgisOnlineUrlRegex);
467
+ var subdomain = match[1].split(".").pop();
468
+ if (subdomain.includes("dev")) {
469
+ return "dev";
470
+ }
471
+ if (subdomain.includes("qa")) {
472
+ return "qa";
473
+ }
474
+ return "production";
475
+ }
476
+ function isFederated(owningSystemUrl, portalUrl) {
477
+ var normalizedPortalUrl = cleanUrl(normalizeOnlinePortalUrl(portalUrl)).replace(/https?:\/\//, "");
478
+ var normalizedOwningSystemUrl = cleanUrl(owningSystemUrl).replace(/https?:\/\//, "");
479
+ return new RegExp(normalizedOwningSystemUrl, "i").test(normalizedPortalUrl);
480
+ }
481
+ function canUseOnlineToken(portalUrl, requestUrl) {
482
+ var portalIsOnline = isOnline(portalUrl);
483
+ var requestIsOnline = isOnline(requestUrl);
484
+ var portalEnv = getOnlineEnvironment(portalUrl);
485
+ var requestEnv = getOnlineEnvironment(requestUrl);
486
+ if (portalIsOnline && requestIsOnline && portalEnv === requestEnv) {
487
+ return true;
488
+ }
489
+ return false;
490
+ }
491
+
492
+ /* Copyright (c) 2018-2020 Environmental Systems Research Institute, Inc.
493
+ * Apache-2.0 */
494
+ /**
495
+ * Validates that the user has access to the application
496
+ * and if they user should be presented a "View Only" mode
497
+ *
498
+ * This is only needed/valid for Esri applications that are "licensed"
499
+ * and shipped in ArcGIS Online or ArcGIS Enterprise. Most custom applications
500
+ * should not need or use this.
501
+ *
502
+ * ```js
503
+ * import { validateAppAccess } from '@esri/arcgis-rest-auth';
504
+ *
505
+ * return validateAppAccess('your-token', 'theClientId')
506
+ * .then((result) => {
507
+ * if (!result.value) {
508
+ * // redirect or show some other ui
509
+ * } else {
510
+ * if (result.viewOnlyUserTypeApp) {
511
+ * // use this to inform your app to show a "View Only" mode
512
+ * }
513
+ * }
514
+ * })
515
+ * .catch((err) => {
516
+ * // two possible errors
517
+ * // invalid clientId: {"error":{"code":400,"messageCode":"GWM_0007","message":"Invalid request","details":[]}}
518
+ * // invalid token: {"error":{"code":498,"message":"Invalid token.","details":[]}}
519
+ * })
520
+ * ```
521
+ *
522
+ * Note: This is only usable by Esri applications hosted on *arcgis.com, *esri.com or within
523
+ * an ArcGIS Enterprise installation. Custom applications can not use this.
524
+ *
525
+ * @param token platform token
526
+ * @param clientId application client id
527
+ * @param portal Optional
528
+ */
529
+ function validateAppAccess(token, clientId, portal) {
530
+ if (portal === void 0) { portal = "https://www.arcgis.com/sharing/rest"; }
531
+ var url = portal + "/oauth2/validateAppAccess";
532
+ var ro = {
533
+ method: "POST",
534
+ params: {
535
+ f: "json",
536
+ client_id: clientId,
537
+ token: token,
538
+ },
539
+ };
540
+ return request(url, ro);
541
+ }
542
+
543
+ /* Copyright (c) 2017-2019 Environmental Systems Research Institute, Inc.
544
+ * Apache-2.0 */
545
+ function defer() {
546
+ var deferred = {
547
+ promise: null,
548
+ resolve: null,
549
+ reject: null,
550
+ };
551
+ deferred.promise = new Promise(function (resolve, reject) {
552
+ deferred.resolve = resolve;
553
+ deferred.reject = reject;
554
+ });
555
+ return deferred;
556
+ }
557
+ /**
558
+ * ```js
559
+ * import { UserSession } from '@esri/arcgis-rest-auth';
560
+ * UserSession.beginOAuth2({
561
+ * // register an app of your own to create a unique clientId
562
+ * clientId: "abc123",
563
+ * redirectUri: 'https://yourapp.com/authenticate.html'
564
+ * })
565
+ * .then(session)
566
+ * // or
567
+ * new UserSession({
568
+ * username: "jsmith",
569
+ * password: "123456"
570
+ * })
571
+ * // or
572
+ * UserSession.deserialize(cache)
573
+ * ```
574
+ * Used to authenticate both ArcGIS Online and ArcGIS Enterprise users. `UserSession` includes helper methods for [OAuth 2.0](/arcgis-rest-js/guides/browser-authentication/) in both browser and server applications.
575
+ */
576
+ var UserSession = /** @class */ (function () {
577
+ function UserSession(options) {
578
+ this.clientId = options.clientId;
579
+ this._refreshToken = options.refreshToken;
580
+ this._refreshTokenExpires = options.refreshTokenExpires;
581
+ this.username = options.username;
582
+ this.password = options.password;
583
+ this._token = options.token;
584
+ this._tokenExpires = options.tokenExpires;
585
+ this.portal = options.portal
586
+ ? cleanUrl(options.portal)
587
+ : "https://www.arcgis.com/sharing/rest";
588
+ this.ssl = options.ssl;
589
+ this.provider = options.provider || "arcgis";
590
+ this.tokenDuration = options.tokenDuration || 20160;
591
+ this.redirectUri = options.redirectUri;
592
+ this.refreshTokenTTL = options.refreshTokenTTL || 20160;
593
+ this.server = options.server;
594
+ this.federatedServers = {};
595
+ this.trustedDomains = [];
596
+ // if a non-federated server was passed explicitly, it should be trusted.
597
+ if (options.server) {
598
+ // if the url includes more than '/arcgis/', trim the rest
599
+ var root = this.getServerRootUrl(options.server);
600
+ this.federatedServers[root] = {
601
+ token: options.token,
602
+ expires: options.tokenExpires,
603
+ };
604
+ }
605
+ this._pendingTokenRequests = {};
606
+ }
607
+ Object.defineProperty(UserSession.prototype, "token", {
608
+ /**
609
+ * The current ArcGIS Online or ArcGIS Enterprise `token`.
610
+ */
611
+ get: function () {
612
+ return this._token;
613
+ },
614
+ enumerable: false,
615
+ configurable: true
616
+ });
617
+ Object.defineProperty(UserSession.prototype, "tokenExpires", {
618
+ /**
619
+ * The expiration time of the current `token`.
620
+ */
621
+ get: function () {
622
+ return this._tokenExpires;
623
+ },
624
+ enumerable: false,
625
+ configurable: true
626
+ });
627
+ Object.defineProperty(UserSession.prototype, "refreshToken", {
628
+ /**
629
+ * The current token to ArcGIS Online or ArcGIS Enterprise.
630
+ */
631
+ get: function () {
632
+ return this._refreshToken;
633
+ },
634
+ enumerable: false,
635
+ configurable: true
636
+ });
637
+ Object.defineProperty(UserSession.prototype, "refreshTokenExpires", {
638
+ /**
639
+ * The expiration time of the current `refreshToken`.
640
+ */
641
+ get: function () {
642
+ return this._refreshTokenExpires;
643
+ },
644
+ enumerable: false,
645
+ configurable: true
646
+ });
647
+ Object.defineProperty(UserSession.prototype, "trustedServers", {
648
+ /**
649
+ * Deprecated, use `federatedServers` instead.
650
+ *
651
+ * @deprecated
652
+ */
653
+ get: function () {
654
+ console.log("DEPRECATED: use federatedServers instead");
655
+ return this.federatedServers;
656
+ },
657
+ enumerable: false,
658
+ configurable: true
659
+ });
660
+ /**
661
+ * Begins a new browser-based OAuth 2.0 sign in. If `options.popup` is `true` the
662
+ * authentication window will open in a new tab/window and the function will return
663
+ * Promise&lt;UserSession&gt;. Otherwise, the user will be redirected to the
664
+ * authorization page in their current tab/window and the function will return `undefined`.
665
+ *
666
+ * @browserOnly
667
+ */
668
+ /* istanbul ignore next */
669
+ UserSession.beginOAuth2 = function (options, win) {
670
+ if (win === void 0) { win = window; }
671
+ if (options.duration) {
672
+ console.log("DEPRECATED: 'duration' is deprecated - use 'expiration' instead");
673
+ }
674
+ var _a = __assign({
675
+ portal: "https://www.arcgis.com/sharing/rest",
676
+ provider: "arcgis",
677
+ expiration: 20160,
678
+ popup: true,
679
+ popupWindowFeatures: "height=400,width=600,menubar=no,location=yes,resizable=yes,scrollbars=yes,status=yes",
680
+ state: options.clientId,
681
+ locale: "",
682
+ }, options), portal = _a.portal, provider = _a.provider, clientId = _a.clientId, expiration = _a.expiration, redirectUri = _a.redirectUri, popup = _a.popup, popupWindowFeatures = _a.popupWindowFeatures, state = _a.state, locale = _a.locale, params = _a.params;
683
+ var url;
684
+ if (provider === "arcgis") {
685
+ url = portal + "/oauth2/authorize?client_id=" + clientId + "&response_type=token&expiration=" + (options.duration || expiration) + "&redirect_uri=" + encodeURIComponent(redirectUri) + "&state=" + state + "&locale=" + locale;
686
+ }
687
+ else {
688
+ url = portal + "/oauth2/social/authorize?client_id=" + clientId + "&socialLoginProviderName=" + provider + "&autoAccountCreateForSocial=true&response_type=token&expiration=" + (options.duration || expiration) + "&redirect_uri=" + encodeURIComponent(redirectUri) + "&state=" + state + "&locale=" + locale;
689
+ }
690
+ // append additional params
691
+ if (params) {
692
+ url = url + "&" + encodeQueryString(params);
693
+ }
694
+ if (!popup) {
695
+ win.location.href = url;
696
+ return undefined;
697
+ }
698
+ var session = defer();
699
+ win["__ESRI_REST_AUTH_HANDLER_" + clientId] = function (errorString, oauthInfoString) {
700
+ if (errorString) {
701
+ var error = JSON.parse(errorString);
702
+ session.reject(new ArcGISAuthError(error.errorMessage, error.error));
703
+ return;
704
+ }
705
+ if (oauthInfoString) {
706
+ var oauthInfo = JSON.parse(oauthInfoString);
707
+ session.resolve(new UserSession({
708
+ clientId: clientId,
709
+ portal: portal,
710
+ ssl: oauthInfo.ssl,
711
+ token: oauthInfo.token,
712
+ tokenExpires: new Date(oauthInfo.expires),
713
+ username: oauthInfo.username,
714
+ }));
715
+ }
716
+ };
717
+ win.open(url, "oauth-window", popupWindowFeatures);
718
+ return session.promise;
719
+ };
720
+ /**
721
+ * Completes a browser-based OAuth 2.0 sign in. If `options.popup` is `true` the user
722
+ * will be returned to the previous window. Otherwise a new `UserSession`
723
+ * will be returned. You must pass the same values for `options.popup` and
724
+ * `options.portal` as you used in `beginOAuth2()`.
725
+ *
726
+ * @browserOnly
727
+ */
728
+ /* istanbul ignore next */
729
+ UserSession.completeOAuth2 = function (options, win) {
730
+ if (win === void 0) { win = window; }
731
+ var _a = __assign({ portal: "https://www.arcgis.com/sharing/rest", popup: true }, options), portal = _a.portal, clientId = _a.clientId, popup = _a.popup;
732
+ function completeSignIn(error, oauthInfo) {
733
+ try {
734
+ var handlerFn = void 0;
735
+ var handlerFnName = "__ESRI_REST_AUTH_HANDLER_" + clientId;
736
+ if (popup) {
737
+ // Guard b/c IE does not support window.opener
738
+ if (win.opener) {
739
+ if (win.opener.parent && win.opener.parent[handlerFnName]) {
740
+ handlerFn = win.opener.parent[handlerFnName];
741
+ }
742
+ else if (win.opener && win.opener[handlerFnName]) {
743
+ // support pop-out oauth from within an iframe
744
+ handlerFn = win.opener[handlerFnName];
745
+ }
746
+ }
747
+ else {
748
+ // IE
749
+ if (win !== win.parent && win.parent && win.parent[handlerFnName]) {
750
+ handlerFn = win.parent[handlerFnName];
751
+ }
752
+ }
753
+ // if we have a handler fn, call it and close the window
754
+ if (handlerFn) {
755
+ handlerFn(error ? JSON.stringify(error) : undefined, JSON.stringify(oauthInfo));
756
+ win.close();
757
+ return undefined;
758
+ }
759
+ }
760
+ }
761
+ catch (e) {
762
+ throw new ArcGISAuthError("Unable to complete authentication. It's possible you specified popup based oAuth2 but no handler from \"beginOAuth2()\" present. This generally happens because the \"popup\" option differs between \"beginOAuth2()\" and \"completeOAuth2()\".");
763
+ }
764
+ if (error) {
765
+ throw new ArcGISAuthError(error.errorMessage, error.error);
766
+ }
767
+ return new UserSession({
768
+ clientId: clientId,
769
+ portal: portal,
770
+ ssl: oauthInfo.ssl,
771
+ token: oauthInfo.token,
772
+ tokenExpires: oauthInfo.expires,
773
+ username: oauthInfo.username,
774
+ });
775
+ }
776
+ var params = decodeQueryString(win.location.hash);
777
+ if (!params.access_token) {
778
+ var error = void 0;
779
+ var errorMessage = "Unknown error";
780
+ if (params.error) {
781
+ error = params.error;
782
+ errorMessage = params.error_description;
783
+ }
784
+ return completeSignIn({ error: error, errorMessage: errorMessage });
785
+ }
786
+ var token = params.access_token;
787
+ var expires = new Date(Date.now() + parseInt(params.expires_in, 10) * 1000 - 60 * 1000);
788
+ var username = params.username;
789
+ var ssl = params.ssl === "true";
790
+ return completeSignIn(undefined, {
791
+ token: token,
792
+ expires: expires,
793
+ ssl: ssl,
794
+ username: username,
795
+ });
796
+ };
797
+ /**
798
+ * Request session information from the parent application
799
+ *
800
+ * When an application is embedded into another application via an IFrame, the embedded app can
801
+ * use `window.postMessage` to request credentials from the host application. This function wraps
802
+ * that behavior.
803
+ *
804
+ * The ArcGIS API for Javascript has this built into the Identity Manager as of the 4.19 release.
805
+ *
806
+ * Note: The parent application will not respond if the embedded app's origin is not:
807
+ * - the same origin as the parent or *.arcgis.com (JSAPI)
808
+ * - in the list of valid child origins (REST-JS)
809
+ *
810
+ *
811
+ * @param parentOrigin origin of the parent frame. Passed into the embedded application as `parentOrigin` query param
812
+ * @browserOnly
813
+ */
814
+ UserSession.fromParent = function (parentOrigin, win) {
815
+ /* istanbul ignore next: must pass in a mockwindow for tests so we can't cover the other branch */
816
+ if (!win && window) {
817
+ win = window;
818
+ }
819
+ // Declare handler outside of promise scope so we can detach it
820
+ var handler;
821
+ // return a promise that will resolve when the handler receives
822
+ // session information from the correct origin
823
+ return new Promise(function (resolve, reject) {
824
+ // create an event handler that just wraps the parentMessageHandler
825
+ handler = function (event) {
826
+ // ensure we only listen to events from the parent
827
+ if (event.source === win.parent && event.data) {
828
+ try {
829
+ return resolve(UserSession.parentMessageHandler(event));
830
+ }
831
+ catch (err) {
832
+ return reject(err);
833
+ }
834
+ }
835
+ };
836
+ // add listener
837
+ win.addEventListener("message", handler, false);
838
+ win.parent.postMessage({ type: "arcgis:auth:requestCredential" }, parentOrigin);
839
+ }).then(function (session) {
840
+ win.removeEventListener("message", handler, false);
841
+ return session;
842
+ });
843
+ };
844
+ /**
845
+ * Begins a new server-based OAuth 2.0 sign in. This will redirect the user to
846
+ * the ArcGIS Online or ArcGIS Enterprise authorization page.
847
+ *
848
+ * @nodeOnly
849
+ */
850
+ UserSession.authorize = function (options, response) {
851
+ if (options.duration) {
852
+ console.log("DEPRECATED: 'duration' is deprecated - use 'expiration' instead");
853
+ }
854
+ var _a = __assign({ portal: "https://arcgis.com/sharing/rest", expiration: 20160 }, options), portal = _a.portal, clientId = _a.clientId, expiration = _a.expiration, redirectUri = _a.redirectUri;
855
+ response.writeHead(301, {
856
+ Location: portal + "/oauth2/authorize?client_id=" + clientId + "&expiration=" + (options.duration || expiration) + "&response_type=code&redirect_uri=" + encodeURIComponent(redirectUri),
857
+ });
858
+ response.end();
859
+ };
860
+ /**
861
+ * Completes the server-based OAuth 2.0 sign in process by exchanging the `authorizationCode`
862
+ * for a `access_token`.
863
+ *
864
+ * @nodeOnly
865
+ */
866
+ UserSession.exchangeAuthorizationCode = function (options, authorizationCode) {
867
+ var _a = __assign({
868
+ portal: "https://www.arcgis.com/sharing/rest",
869
+ refreshTokenTTL: 20160,
870
+ }, options), portal = _a.portal, clientId = _a.clientId, redirectUri = _a.redirectUri, refreshTokenTTL = _a.refreshTokenTTL;
871
+ return fetchToken(portal + "/oauth2/token", {
872
+ params: {
873
+ grant_type: "authorization_code",
874
+ client_id: clientId,
875
+ redirect_uri: redirectUri,
876
+ code: authorizationCode,
877
+ },
878
+ }).then(function (response) {
879
+ return new UserSession({
880
+ clientId: clientId,
881
+ portal: portal,
882
+ ssl: response.ssl,
883
+ redirectUri: redirectUri,
884
+ refreshToken: response.refreshToken,
885
+ refreshTokenTTL: refreshTokenTTL,
886
+ refreshTokenExpires: new Date(Date.now() + (refreshTokenTTL - 1) * 60 * 1000),
887
+ token: response.token,
888
+ tokenExpires: response.expires,
889
+ username: response.username,
890
+ });
891
+ });
892
+ };
893
+ UserSession.deserialize = function (str) {
894
+ var options = JSON.parse(str);
895
+ return new UserSession({
896
+ clientId: options.clientId,
897
+ refreshToken: options.refreshToken,
898
+ refreshTokenExpires: new Date(options.refreshTokenExpires),
899
+ username: options.username,
900
+ password: options.password,
901
+ token: options.token,
902
+ tokenExpires: new Date(options.tokenExpires),
903
+ portal: options.portal,
904
+ ssl: options.ssl,
905
+ tokenDuration: options.tokenDuration,
906
+ redirectUri: options.redirectUri,
907
+ refreshTokenTTL: options.refreshTokenTTL,
908
+ });
909
+ };
910
+ /**
911
+ * Translates authentication from the format used in the [ArcGIS API for JavaScript](https://developers.arcgis.com/javascript/).
912
+ *
913
+ * ```js
914
+ * UserSession.fromCredential({
915
+ * userId: "jsmith",
916
+ * token: "secret"
917
+ * });
918
+ * ```
919
+ *
920
+ * @returns UserSession
921
+ */
922
+ UserSession.fromCredential = function (credential) {
923
+ // At ArcGIS Online 9.1, credentials no longer include the ssl and expires properties
924
+ // Here, we provide default values for them to cover this condition
925
+ var ssl = typeof credential.ssl !== "undefined" ? credential.ssl : true;
926
+ var expires = credential.expires || Date.now() + 7200000; /* 2 hours */
927
+ return new UserSession({
928
+ portal: credential.server.includes("sharing/rest")
929
+ ? credential.server
930
+ : credential.server + "/sharing/rest",
931
+ ssl: ssl,
932
+ token: credential.token,
933
+ username: credential.userId,
934
+ tokenExpires: new Date(expires),
935
+ });
936
+ };
937
+ /**
938
+ * Handle the response from the parent
939
+ * @param event DOM Event
940
+ */
941
+ UserSession.parentMessageHandler = function (event) {
942
+ if (event.data.type === "arcgis:auth:credential") {
943
+ return UserSession.fromCredential(event.data.credential);
944
+ }
945
+ if (event.data.type === "arcgis:auth:error") {
946
+ var err = new Error(event.data.error.message);
947
+ err.name = event.data.error.name;
948
+ throw err;
949
+ }
950
+ else {
951
+ throw new Error("Unknown message type.");
952
+ }
953
+ };
954
+ /**
955
+ * Returns authentication in a format useable in the [ArcGIS API for JavaScript](https://developers.arcgis.com/javascript/).
956
+ *
957
+ * ```js
958
+ * esriId.registerToken(session.toCredential());
959
+ * ```
960
+ *
961
+ * @returns ICredential
962
+ */
963
+ UserSession.prototype.toCredential = function () {
964
+ return {
965
+ expires: this.tokenExpires.getTime(),
966
+ server: this.portal,
967
+ ssl: this.ssl,
968
+ token: this.token,
969
+ userId: this.username,
970
+ };
971
+ };
972
+ /**
973
+ * Returns information about the currently logged in [user](https://developers.arcgis.com/rest/users-groups-and-items/user.htm). Subsequent calls will *not* result in additional web traffic.
974
+ *
975
+ * ```js
976
+ * session.getUser()
977
+ * .then(response => {
978
+ * console.log(response.role); // "org_admin"
979
+ * })
980
+ * ```
981
+ *
982
+ * @param requestOptions - Options for the request. NOTE: `rawResponse` is not supported by this operation.
983
+ * @returns A Promise that will resolve with the data from the response.
984
+ */
985
+ UserSession.prototype.getUser = function (requestOptions) {
986
+ var _this = this;
987
+ if (this._pendingUserRequest) {
988
+ return this._pendingUserRequest;
989
+ }
990
+ else if (this._user) {
991
+ return Promise.resolve(this._user);
992
+ }
993
+ else {
994
+ var url = this.portal + "/community/self";
995
+ var options = __assign(__assign({ httpMethod: "GET", authentication: this }, requestOptions), { rawResponse: false });
996
+ this._pendingUserRequest = request(url, options).then(function (response) {
997
+ _this._user = response;
998
+ _this._pendingUserRequest = null;
999
+ return response;
1000
+ });
1001
+ return this._pendingUserRequest;
1002
+ }
1003
+ };
1004
+ /**
1005
+ * Returns information about the currently logged in user's [portal](https://developers.arcgis.com/rest/users-groups-and-items/portal-self.htm). Subsequent calls will *not* result in additional web traffic.
1006
+ *
1007
+ * ```js
1008
+ * session.getPortal()
1009
+ * .then(response => {
1010
+ * console.log(portal.name); // "City of ..."
1011
+ * })
1012
+ * ```
1013
+ *
1014
+ * @param requestOptions - Options for the request. NOTE: `rawResponse` is not supported by this operation.
1015
+ * @returns A Promise that will resolve with the data from the response.
1016
+ */
1017
+ UserSession.prototype.getPortal = function (requestOptions) {
1018
+ var _this = this;
1019
+ if (this._pendingPortalRequest) {
1020
+ return this._pendingPortalRequest;
1021
+ }
1022
+ else if (this._portalInfo) {
1023
+ return Promise.resolve(this._portalInfo);
1024
+ }
1025
+ else {
1026
+ var url = this.portal + "/portals/self";
1027
+ var options = __assign(__assign({ httpMethod: "GET", authentication: this }, requestOptions), { rawResponse: false });
1028
+ this._pendingPortalRequest = request(url, options).then(function (response) {
1029
+ _this._portalInfo = response;
1030
+ _this._pendingPortalRequest = null;
1031
+ return response;
1032
+ });
1033
+ return this._pendingPortalRequest;
1034
+ }
1035
+ };
1036
+ /**
1037
+ * Returns the username for the currently logged in [user](https://developers.arcgis.com/rest/users-groups-and-items/user.htm). Subsequent calls will *not* result in additional web traffic. This is also used internally when a username is required for some requests but is not present in the options.
1038
+ *
1039
+ * * ```js
1040
+ * session.getUsername()
1041
+ * .then(response => {
1042
+ * console.log(response); // "casey_jones"
1043
+ * })
1044
+ * ```
1045
+ */
1046
+ UserSession.prototype.getUsername = function () {
1047
+ if (this.username) {
1048
+ return Promise.resolve(this.username);
1049
+ }
1050
+ else if (this._user) {
1051
+ return Promise.resolve(this._user.username);
1052
+ }
1053
+ else {
1054
+ return this.getUser().then(function (user) {
1055
+ return user.username;
1056
+ });
1057
+ }
1058
+ };
1059
+ /**
1060
+ * Gets an appropriate token for the given URL. If `portal` is ArcGIS Online and
1061
+ * the request is to an ArcGIS Online domain `token` will be used. If the request
1062
+ * is to the current `portal` the current `token` will also be used. However if
1063
+ * the request is to an unknown server we will validate the server with a request
1064
+ * to our current `portal`.
1065
+ */
1066
+ UserSession.prototype.getToken = function (url, requestOptions) {
1067
+ if (canUseOnlineToken(this.portal, url)) {
1068
+ return this.getFreshToken(requestOptions);
1069
+ }
1070
+ else if (new RegExp(this.portal, "i").test(url)) {
1071
+ return this.getFreshToken(requestOptions);
1072
+ }
1073
+ else {
1074
+ return this.getTokenForServer(url, requestOptions);
1075
+ }
1076
+ };
1077
+ /**
1078
+ * Get application access information for the current user
1079
+ * see `validateAppAccess` function for details
1080
+ *
1081
+ * @param clientId application client id
1082
+ */
1083
+ UserSession.prototype.validateAppAccess = function (clientId) {
1084
+ return this.getToken(this.portal).then(function (token) {
1085
+ return validateAppAccess(token, clientId);
1086
+ });
1087
+ };
1088
+ UserSession.prototype.toJSON = function () {
1089
+ return {
1090
+ clientId: this.clientId,
1091
+ refreshToken: this.refreshToken,
1092
+ refreshTokenExpires: this.refreshTokenExpires,
1093
+ username: this.username,
1094
+ password: this.password,
1095
+ token: this.token,
1096
+ tokenExpires: this.tokenExpires,
1097
+ portal: this.portal,
1098
+ ssl: this.ssl,
1099
+ tokenDuration: this.tokenDuration,
1100
+ redirectUri: this.redirectUri,
1101
+ refreshTokenTTL: this.refreshTokenTTL,
1102
+ };
1103
+ };
1104
+ UserSession.prototype.serialize = function () {
1105
+ return JSON.stringify(this);
1106
+ };
1107
+ /**
1108
+ * For a "Host" app that embeds other platform apps via iframes, after authenticating the user
1109
+ * and creating a UserSession, the app can then enable "post message" style authentication by calling
1110
+ * this method.
1111
+ *
1112
+ * Internally this adds an event listener on window for the `message` event
1113
+ *
1114
+ * @param validChildOrigins Array of origins that are allowed to request authentication from the host app
1115
+ */
1116
+ UserSession.prototype.enablePostMessageAuth = function (validChildOrigins, win) {
1117
+ /* istanbul ignore next: must pass in a mockwindow for tests so we can't cover the other branch */
1118
+ if (!win && window) {
1119
+ win = window;
1120
+ }
1121
+ this._hostHandler = this.createPostMessageHandler(validChildOrigins);
1122
+ win.addEventListener("message", this._hostHandler, false);
1123
+ };
1124
+ /**
1125
+ * For a "Host" app that has embedded other platform apps via iframes, when the host needs
1126
+ * to transition routes, it should call `UserSession.disablePostMessageAuth()` to remove
1127
+ * the event listener and prevent memory leaks
1128
+ */
1129
+ UserSession.prototype.disablePostMessageAuth = function (win) {
1130
+ /* istanbul ignore next: must pass in a mockwindow for tests so we can't cover the other branch */
1131
+ if (!win && window) {
1132
+ win = window;
1133
+ }
1134
+ win.removeEventListener("message", this._hostHandler, false);
1135
+ };
1136
+ /**
1137
+ * Manually refreshes the current `token` and `tokenExpires`.
1138
+ */
1139
+ UserSession.prototype.refreshSession = function (requestOptions) {
1140
+ // make sure subsequent calls to getUser() don't returned cached metadata
1141
+ this._user = null;
1142
+ if (this.username && this.password) {
1143
+ return this.refreshWithUsernameAndPassword(requestOptions);
1144
+ }
1145
+ if (this.clientId && this.refreshToken) {
1146
+ return this.refreshWithRefreshToken();
1147
+ }
1148
+ return Promise.reject(new ArcGISAuthError("Unable to refresh token."));
1149
+ };
1150
+ /**
1151
+ * Determines the root of the ArcGIS Server or Portal for a given URL.
1152
+ *
1153
+ * @param url the URl to determine the root url for.
1154
+ */
1155
+ UserSession.prototype.getServerRootUrl = function (url) {
1156
+ var root = cleanUrl(url).split(/\/rest(\/admin)?\/services(?:\/|#|\?|$)/)[0];
1157
+ var _a = root.match(/(https?:\/\/)(.+)/), protocol = _a[1], domainAndPath = _a[2];
1158
+ var _b = domainAndPath.split("/"), domain = _b[0], path = _b.slice(1);
1159
+ // only the domain is lowercased because in some cases an org id might be
1160
+ // in the path which cannot be lowercased.
1161
+ return "" + protocol + domain.toLowerCase() + "/" + path.join("/");
1162
+ };
1163
+ /**
1164
+ * Returns the proper [`credentials`] option for `fetch` for a given domain.
1165
+ * See [trusted server](https://enterprise.arcgis.com/en/portal/latest/administer/windows/configure-security.htm#ESRI_SECTION1_70CC159B3540440AB325BE5D89DBE94A).
1166
+ * Used internally by underlying request methods to add support for specific security considerations.
1167
+ *
1168
+ * @param url The url of the request
1169
+ * @returns "include" or "same-origin"
1170
+ */
1171
+ UserSession.prototype.getDomainCredentials = function (url) {
1172
+ if (!this.trustedDomains || !this.trustedDomains.length) {
1173
+ return "same-origin";
1174
+ }
1175
+ return this.trustedDomains.some(function (domainWithProtocol) {
1176
+ return url.startsWith(domainWithProtocol);
1177
+ })
1178
+ ? "include"
1179
+ : "same-origin";
1180
+ };
1181
+ /**
1182
+ * Return a function that closes over the validOrigins array and
1183
+ * can be used as an event handler for the `message` event
1184
+ *
1185
+ * @param validOrigins Array of valid origins
1186
+ */
1187
+ UserSession.prototype.createPostMessageHandler = function (validOrigins) {
1188
+ var _this = this;
1189
+ // return a function that closes over the validOrigins and
1190
+ // has access to the credential
1191
+ return function (event) {
1192
+ // Verify that the origin is valid
1193
+ // Note: do not use regex's here. validOrigins is an array so we're checking that the event's origin
1194
+ // is in the array via exact match. More info about avoiding postMessage xss issues here
1195
+ // https://jlajara.gitlab.io/web/2020/07/17/Dom_XSS_PostMessage_2.html#tipsbypasses-in-postmessage-vulnerabilities
1196
+ var isValidOrigin = validOrigins.indexOf(event.origin) > -1;
1197
+ // JSAPI handles this slightly differently - instead of checking a list, it will respond if
1198
+ // event.origin === window.location.origin || event.origin.endsWith('.arcgis.com')
1199
+ // For Hub, and to enable cross domain debugging with port's in urls, we are opting to
1200
+ // use a list of valid origins
1201
+ // Ensure the message type is something we want to handle
1202
+ var isValidType = event.data.type === "arcgis:auth:requestCredential";
1203
+ var isTokenValid = _this.tokenExpires.getTime() > Date.now();
1204
+ if (isValidOrigin && isValidType) {
1205
+ var msg = {};
1206
+ if (isTokenValid) {
1207
+ var credential = _this.toCredential();
1208
+ // arcgis:auth:error with {name: "", message: ""}
1209
+ // the following line allows us to conform to our spec without changing other depended-on functionality
1210
+ // https://github.com/Esri/arcgis-rest-js/blob/master/packages/arcgis-rest-auth/post-message-auth-spec.md#arcgisauthcredential
1211
+ credential.server = credential.server.replace("/sharing/rest", "");
1212
+ msg = { type: "arcgis:auth:credential", credential: credential };
1213
+ }
1214
+ else {
1215
+ // Return an error
1216
+ msg = {
1217
+ type: "arcgis:auth:error",
1218
+ error: {
1219
+ name: "tokenExpiredError",
1220
+ message: "Session token was expired, and not returned to the child application",
1221
+ },
1222
+ };
1223
+ }
1224
+ event.source.postMessage(msg, event.origin);
1225
+ }
1226
+ };
1227
+ };
1228
+ /**
1229
+ * Validates that a given URL is properly federated with our current `portal`.
1230
+ * Attempts to use the internal `federatedServers` cache first.
1231
+ */
1232
+ UserSession.prototype.getTokenForServer = function (url, requestOptions) {
1233
+ var _this = this;
1234
+ // requests to /rest/services/ and /rest/admin/services/ are both valid
1235
+ // Federated servers may have inconsistent casing, so lowerCase it
1236
+ var root = this.getServerRootUrl(url);
1237
+ var existingToken = this.federatedServers[root];
1238
+ if (existingToken &&
1239
+ existingToken.expires &&
1240
+ existingToken.expires.getTime() > Date.now()) {
1241
+ return Promise.resolve(existingToken.token);
1242
+ }
1243
+ if (this._pendingTokenRequests[root]) {
1244
+ return this._pendingTokenRequests[root];
1245
+ }
1246
+ this._pendingTokenRequests[root] = this.fetchAuthorizedDomains().then(function () {
1247
+ return request(root + "/rest/info", {
1248
+ credentials: _this.getDomainCredentials(url),
1249
+ })
1250
+ .then(function (response) {
1251
+ if (response.owningSystemUrl) {
1252
+ /**
1253
+ * if this server is not owned by this portal
1254
+ * bail out with an error since we know we wont
1255
+ * be able to generate a token
1256
+ */
1257
+ if (!isFederated(response.owningSystemUrl, _this.portal)) {
1258
+ throw new ArcGISAuthError(url + " is not federated with " + _this.portal + ".", "NOT_FEDERATED");
1259
+ }
1260
+ else {
1261
+ /**
1262
+ * if the server is federated, use the relevant token endpoint.
1263
+ */
1264
+ return request(response.owningSystemUrl + "/sharing/rest/info", requestOptions);
1265
+ }
1266
+ }
1267
+ else if (response.authInfo &&
1268
+ _this.federatedServers[root] !== undefined) {
1269
+ /**
1270
+ * if its a stand-alone instance of ArcGIS Server that doesn't advertise
1271
+ * federation, but the root server url is recognized, use its built in token endpoint.
1272
+ */
1273
+ return Promise.resolve({
1274
+ authInfo: response.authInfo,
1275
+ });
1276
+ }
1277
+ else {
1278
+ throw new ArcGISAuthError(url + " is not federated with any portal and is not explicitly trusted.", "NOT_FEDERATED");
1279
+ }
1280
+ })
1281
+ .then(function (response) {
1282
+ return response.authInfo.tokenServicesUrl;
1283
+ })
1284
+ .then(function (tokenServicesUrl) {
1285
+ // an expired token cant be used to generate a new token
1286
+ if (_this.token && _this.tokenExpires.getTime() > Date.now()) {
1287
+ return generateToken(tokenServicesUrl, {
1288
+ params: {
1289
+ token: _this.token,
1290
+ serverUrl: url,
1291
+ expiration: _this.tokenDuration,
1292
+ client: "referer",
1293
+ },
1294
+ });
1295
+ // generate an entirely fresh token if necessary
1296
+ }
1297
+ else {
1298
+ return generateToken(tokenServicesUrl, {
1299
+ params: {
1300
+ username: _this.username,
1301
+ password: _this.password,
1302
+ expiration: _this.tokenDuration,
1303
+ client: "referer",
1304
+ },
1305
+ }).then(function (response) {
1306
+ _this._token = response.token;
1307
+ _this._tokenExpires = new Date(response.expires);
1308
+ return response;
1309
+ });
1310
+ }
1311
+ })
1312
+ .then(function (response) {
1313
+ _this.federatedServers[root] = {
1314
+ expires: new Date(response.expires),
1315
+ token: response.token,
1316
+ };
1317
+ delete _this._pendingTokenRequests[root];
1318
+ return response.token;
1319
+ });
1320
+ });
1321
+ return this._pendingTokenRequests[root];
1322
+ };
1323
+ /**
1324
+ * Returns an unexpired token for the current `portal`.
1325
+ */
1326
+ UserSession.prototype.getFreshToken = function (requestOptions) {
1327
+ var _this = this;
1328
+ if (this.token && !this.tokenExpires) {
1329
+ return Promise.resolve(this.token);
1330
+ }
1331
+ if (this.token &&
1332
+ this.tokenExpires &&
1333
+ this.tokenExpires.getTime() > Date.now()) {
1334
+ return Promise.resolve(this.token);
1335
+ }
1336
+ if (!this._pendingTokenRequests[this.portal]) {
1337
+ this._pendingTokenRequests[this.portal] = this.refreshSession(requestOptions).then(function (session) {
1338
+ _this._pendingTokenRequests[_this.portal] = null;
1339
+ return session.token;
1340
+ });
1341
+ }
1342
+ return this._pendingTokenRequests[this.portal];
1343
+ };
1344
+ /**
1345
+ * Refreshes the current `token` and `tokenExpires` with `username` and
1346
+ * `password`.
1347
+ */
1348
+ UserSession.prototype.refreshWithUsernameAndPassword = function (requestOptions) {
1349
+ var _this = this;
1350
+ var options = __assign({ params: {
1351
+ username: this.username,
1352
+ password: this.password,
1353
+ expiration: this.tokenDuration,
1354
+ } }, requestOptions);
1355
+ return generateToken(this.portal + "/generateToken", options).then(function (response) {
1356
+ _this._token = response.token;
1357
+ _this._tokenExpires = new Date(response.expires);
1358
+ return _this;
1359
+ });
1360
+ };
1361
+ /**
1362
+ * Refreshes the current `token` and `tokenExpires` with `refreshToken`.
1363
+ */
1364
+ UserSession.prototype.refreshWithRefreshToken = function (requestOptions) {
1365
+ var _this = this;
1366
+ if (this.refreshToken &&
1367
+ this.refreshTokenExpires &&
1368
+ this.refreshTokenExpires.getTime() < Date.now()) {
1369
+ return this.refreshRefreshToken(requestOptions);
1370
+ }
1371
+ var options = __assign({ params: {
1372
+ client_id: this.clientId,
1373
+ refresh_token: this.refreshToken,
1374
+ grant_type: "refresh_token",
1375
+ } }, requestOptions);
1376
+ return fetchToken(this.portal + "/oauth2/token", options).then(function (response) {
1377
+ _this._token = response.token;
1378
+ _this._tokenExpires = response.expires;
1379
+ return _this;
1380
+ });
1381
+ };
1382
+ /**
1383
+ * Exchanges an unexpired `refreshToken` for a new one, also updates `token` and
1384
+ * `tokenExpires`.
1385
+ */
1386
+ UserSession.prototype.refreshRefreshToken = function (requestOptions) {
1387
+ var _this = this;
1388
+ var options = __assign({ params: {
1389
+ client_id: this.clientId,
1390
+ refresh_token: this.refreshToken,
1391
+ redirect_uri: this.redirectUri,
1392
+ grant_type: "exchange_refresh_token",
1393
+ } }, requestOptions);
1394
+ return fetchToken(this.portal + "/oauth2/token", options).then(function (response) {
1395
+ _this._token = response.token;
1396
+ _this._tokenExpires = response.expires;
1397
+ _this._refreshToken = response.refreshToken;
1398
+ _this._refreshTokenExpires = new Date(Date.now() + (_this.refreshTokenTTL - 1) * 60 * 1000);
1399
+ return _this;
1400
+ });
1401
+ };
1402
+ /**
1403
+ * ensures that the authorizedCrossOriginDomains are obtained from the portal and cached
1404
+ * so we can check them later.
1405
+ *
1406
+ * @returns this
1407
+ */
1408
+ UserSession.prototype.fetchAuthorizedDomains = function () {
1409
+ var _this = this;
1410
+ // if this token is for a specific server or we don't have a portal
1411
+ // don't get the portal info because we cant get the authorizedCrossOriginDomains
1412
+ if (this.server || !this.portal) {
1413
+ return Promise.resolve(this);
1414
+ }
1415
+ return this.getPortal().then(function (portalInfo) {
1416
+ /**
1417
+ * Specific domains can be configured as secure.esri.com or https://secure.esri.com this
1418
+ * normalizes to https://secure.esri.com so we can use startsWith later.
1419
+ */
1420
+ if (portalInfo.authorizedCrossOriginDomains &&
1421
+ portalInfo.authorizedCrossOriginDomains.length) {
1422
+ _this.trustedDomains = portalInfo.authorizedCrossOriginDomains
1423
+ .filter(function (d) { return !d.startsWith("http://"); })
1424
+ .map(function (d) {
1425
+ if (d.startsWith("https://")) {
1426
+ return d;
1427
+ }
1428
+ else {
1429
+ return "https://" + d;
1430
+ }
1431
+ });
1432
+ }
1433
+ return _this;
1434
+ });
1435
+ };
1436
+ return UserSession;
1437
+ }());
1438
+
355
1439
  const solutionConfigurationCss = ".configuration-container{position:relative;height:100%;width:100%}.configuration{position:absolute;top:0px;right:0px;bottom:0px;left:0px;display:flex;padding:0.5rem;border:1px #808080 solid}.config-tabs{width:100%}.config-tab{width:100%}.config-solution{position:absolute;top:3.5rem;right:-1px;bottom:-1px;left:-1px;display:flex;padding:0.5rem}.config-inventory{display:inline;max-width:-moz-min-content;max-width:min-content;flex-grow:0;overflow-y:auto}.config-inventory-hide{display:none;max-width:-moz-min-content;max-width:min-content;flex-grow:0;overflow-y:auto}.config-item{position:relative;display:inline;flex-grow:1;overflow-y:auto;-webkit-margin-start:0.5rem;margin-inline-start:0.5rem}solution-contents{position:relative;height:100%}solution-item{position:relative;height:100%}solution-spatial-ref{position:relative;height:100%;width:100%;overflow-y:auto}";
356
1440
 
357
1441
  const SolutionConfiguration = class {
@@ -366,7 +1450,7 @@ const SolutionConfiguration = class {
366
1450
  this._solutionEditorHasChanges = false;
367
1451
  this._solutionEditorHasErrors = false;
368
1452
  this._canSave = false;
369
- this.authentication = undefined;
1453
+ this.authentication = new UserSession({});
370
1454
  this.solutionItemId = "";
371
1455
  this.showLoading = false;
372
1456
  this._currentEditItemId = "";