@itwin/map-layers-auth 3.5.0-dev.26 → 3.5.0-dev.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cjs/ArcGis/ArcGisAccessClient.d.ts +1 -0
- package/lib/cjs/ArcGis/ArcGisAccessClient.d.ts.map +1 -1
- package/lib/cjs/ArcGis/ArcGisAccessClient.js +22 -7
- package/lib/cjs/ArcGis/ArcGisAccessClient.js.map +1 -1
- package/lib/esm/ArcGis/ArcGisAccessClient.d.ts +1 -0
- package/lib/esm/ArcGis/ArcGisAccessClient.d.ts.map +1 -1
- package/lib/esm/ArcGis/ArcGisAccessClient.js +22 -7
- package/lib/esm/ArcGis/ArcGisAccessClient.js.map +1 -1
- package/package.json +7 -7
|
@@ -48,6 +48,7 @@ export declare class ArcGisAccessClient implements MapLayerAccessClient {
|
|
|
48
48
|
private getOAuthTokenForMapLayerUrl;
|
|
49
49
|
/**
|
|
50
50
|
* Test if Oauth2 endpoint is accessible and has an associated appId
|
|
51
|
+
* @return true/false if validation succeeded, undefined if validation could not be performed (i.e CORS/network error)
|
|
51
52
|
* @internal
|
|
52
53
|
*/
|
|
53
54
|
private validateOAuth2Endpoint;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ArcGisAccessClient.d.ts","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":"AAIA;;GAEG;AAEH,OAAO,EAAU,OAAO,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,yBAAyB,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAMnI,YAAY;AACZ,MAAM,WAAW,wBAAwB;IAGvC,cAAc,EAAE,MAAM,CAAC;IAGvB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,YAAY;AACZ,MAAM,WAAW,oBAAoB;IAEnC,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAG9B,mBAAmB,CAAC,EAAE,wBAAwB,EAAE,CAAC;CAClD;AAED;;;;EAIE;AACF,MAAM,WAAW,iBAAiB;IAIhC,WAAW,EAAE,MAAM,CAAC;IAGpB,eAAe,CAAC,EAAE,MAAM,CAAC;IAGzB,SAAS,EAAE,oBAAoB,CAAC;CACjC;AAED,YAAY;AACZ,qBAAa,kBAAmB,YAAW,oBAAoB;IAC7D,SAAgB,iBAAiB,kDAAiB;IAClD,OAAO,CAAC,YAAY,CAAqB;IACzC,OAAO,CAAC,WAAW,CAAqB;IACxC,OAAO,CAAC,UAAU,CAAmC;;IAK9C,UAAU,CAAC,WAAW,CAAC,EAAE,iBAAiB,GAAG,OAAO;IAW3D,OAAO,CAAC,yBAAyB;IAoC1B,YAAY;IAMN,cAAc,CAAC,MAAM,EAAE,yBAAyB,GAAG,OAAO,CAAC,mBAAmB,GAAG,SAAS,CAAC;IAgB3F,uBAAuB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,GAAG,SAAS,CAAC;IAa9F,eAAe,CAAC,KAAK,EAAE,mBAAmB,GAAG,OAAO;IAQ3D,IAAW,WAAW,uBAErB;IAEM,6BAA6B,CAAC,GAAG,EAAE,MAAM;
|
|
1
|
+
{"version":3,"file":"ArcGisAccessClient.d.ts","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":"AAIA;;GAEG;AAEH,OAAO,EAAU,OAAO,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,yBAAyB,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAMnI,YAAY;AACZ,MAAM,WAAW,wBAAwB;IAGvC,cAAc,EAAE,MAAM,CAAC;IAGvB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,YAAY;AACZ,MAAM,WAAW,oBAAoB;IAEnC,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAG9B,mBAAmB,CAAC,EAAE,wBAAwB,EAAE,CAAC;CAClD;AAED;;;;EAIE;AACF,MAAM,WAAW,iBAAiB;IAIhC,WAAW,EAAE,MAAM,CAAC;IAGpB,eAAe,CAAC,EAAE,MAAM,CAAC;IAGzB,SAAS,EAAE,oBAAoB,CAAC;CACjC;AAED,YAAY;AACZ,qBAAa,kBAAmB,YAAW,oBAAoB;IAC7D,SAAgB,iBAAiB,kDAAiB;IAClD,OAAO,CAAC,YAAY,CAAqB;IACzC,OAAO,CAAC,WAAW,CAAqB;IACxC,OAAO,CAAC,UAAU,CAAmC;;IAK9C,UAAU,CAAC,WAAW,CAAC,EAAE,iBAAiB,GAAG,OAAO;IAW3D,OAAO,CAAC,yBAAyB;IAoC1B,YAAY;IAMN,cAAc,CAAC,MAAM,EAAE,yBAAyB,GAAG,OAAO,CAAC,mBAAmB,GAAG,SAAS,CAAC;IAgB3F,uBAAuB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,GAAG,SAAS,CAAC;IAa9F,eAAe,CAAC,KAAK,EAAE,mBAAmB,GAAG,OAAO;IAQ3D,IAAW,WAAW,uBAErB;IAEM,6BAA6B,CAAC,GAAG,EAAE,MAAM;IA0BhD,IAAW,UAAU,uBAEpB;IAED,IAAW,oBAAoB,IAIW,MAAM,GAAG,SAAS,CAF3D;IAED,IAAW,oBAAoB,CAAC,QAAQ,EAAE,MAAM,GAAG,SAAS,EAK3D;IAED,IAAW,yBAAyB,2CAEnC;IAEM,qBAAqB,CAAC,cAAc,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM;IAiB9D,wBAAwB,CAAC,QAAQ,EAAE,wBAAwB;IASlE,gBAAgB;YACF,2BAA2B;IAWzC;;;;MAIE;YACY,sBAAsB;IAsBpC,OAAO,CAAC,6BAA6B,CAA0B;IAC/D,OAAO,CAAC,yBAAyB,CAA0B;IAE3D;;;KAGC;YACa,iBAAiB;IAyE/B;;;KAGC;IACD,OAAO,CAAC,iBAAiB;CA8B1B"}
|
|
@@ -106,15 +106,26 @@ class ArcGisAccessClient {
|
|
|
106
106
|
return this._redirectUri;
|
|
107
107
|
}
|
|
108
108
|
getMatchingEnterpriseClientId(url) {
|
|
109
|
-
let clientId;
|
|
110
109
|
const clientIds = this.arcGisEnterpriseClientIds;
|
|
111
110
|
if (!clientIds) {
|
|
112
111
|
return undefined;
|
|
113
112
|
}
|
|
113
|
+
let clientId;
|
|
114
|
+
let defaultClientId;
|
|
114
115
|
for (const entry of clientIds) {
|
|
115
|
-
if (
|
|
116
|
-
|
|
116
|
+
if (entry.serviceBaseUrl === "") {
|
|
117
|
+
defaultClientId = entry.clientId;
|
|
117
118
|
}
|
|
119
|
+
else {
|
|
120
|
+
if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {
|
|
121
|
+
clientId = entry.clientId;
|
|
122
|
+
}
|
|
123
|
+
}
|
|
124
|
+
}
|
|
125
|
+
// If we could not find a match with serviceBaseUrl, and a default clientId
|
|
126
|
+
// was specified (i.e empty url), then use default clientId
|
|
127
|
+
if (clientId === undefined && defaultClientId !== undefined) {
|
|
128
|
+
clientId = defaultClientId;
|
|
118
129
|
}
|
|
119
130
|
return clientId;
|
|
120
131
|
}
|
|
@@ -174,6 +185,7 @@ class ArcGisAccessClient {
|
|
|
174
185
|
}
|
|
175
186
|
/**
|
|
176
187
|
* Test if Oauth2 endpoint is accessible and has an associated appId
|
|
188
|
+
* @return true/false if validation succeeded, undefined if validation could not be performed (i.e CORS/network error)
|
|
177
189
|
* @internal
|
|
178
190
|
*/
|
|
179
191
|
async validateOAuth2Endpoint(endpointUrl) {
|
|
@@ -187,7 +199,9 @@ class ArcGisAccessClient {
|
|
|
187
199
|
status = data.status;
|
|
188
200
|
}
|
|
189
201
|
catch (error) {
|
|
190
|
-
|
|
202
|
+
// fetch() throws when there is a CORS error, so in that case
|
|
203
|
+
// we cannot confirm if the oauth2 endpoint is valid or not, we return undefined
|
|
204
|
+
return undefined;
|
|
191
205
|
}
|
|
192
206
|
return status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters
|
|
193
207
|
}
|
|
@@ -231,7 +245,9 @@ class ArcGisAccessClient {
|
|
|
231
245
|
// Validate the URL we just composed
|
|
232
246
|
try {
|
|
233
247
|
const oauth2Url = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;
|
|
234
|
-
|
|
248
|
+
const valid = await this.validateOAuth2Endpoint(oauth2Url);
|
|
249
|
+
// We assume undefined means CORS error, that shouldn't prevent popup from displaying the login page.
|
|
250
|
+
if (valid === undefined || valid) {
|
|
235
251
|
const oauthEndpoint = new ArcGisOAuth2Endpoint_1.ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, false), false);
|
|
236
252
|
cacheResult(oauthEndpoint);
|
|
237
253
|
return oauthEndpoint;
|
|
@@ -239,8 +255,7 @@ class ArcGisAccessClient {
|
|
|
239
255
|
}
|
|
240
256
|
catch { }
|
|
241
257
|
}
|
|
242
|
-
// If reach this point, that means we could not derive the token endpoint from 'tokenServicesUrl'
|
|
243
|
-
// lets use another approach.
|
|
258
|
+
// If reach this point, that means we could not derive the token endpoint from 'tokenServicesUrl', lets try something else.
|
|
244
259
|
// ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize
|
|
245
260
|
const regExMatch = url.match(new RegExp(/([^&\/]+)\/rest\/services\/.*/, "i"));
|
|
246
261
|
if (regExMatch !== null && regExMatch.length >= 2) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":";AAAA;;;+FAG+F;AAC/F;;GAEG;;;AAEH,sDAAsD;AAEtD,iEAAkF;AAClF,iEAAwF;AACxF,6DAA0D;AAC1D,2CAAwC;AAuCxC,YAAY;AACZ,MAAa,kBAAkB;IAM7B;QALgB,sBAAiB,GAAG,IAAI,sBAAO,EAAE,CAAC;QAkMlD,kDAAkD;QAClD,8EAA8E;QAC9E,4DAA4D;QACpD,kCAA6B,GAAG,IAAI,GAAG,EAAe,CAAC;QACvD,8BAAyB,GAAG,IAAI,GAAG,EAAe,CAAC;IAhM3D,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE;YACf,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;SAClC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,MAAc,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;;YACrE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE;gBACxD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,mCAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,mCAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,mCAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,mCAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE;oBAC9H,IAAI,cAAc,CAAC;oBACnB,IAAI;wBACF,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,cAAc,CAAC;qBAExC;oBAAC,MAAM;qBACP;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE;wBAChC,uCAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;qBACrB;iBAEF;aACF;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,MAAc,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACnD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAC/F,IAAI;YACF,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;YAErB,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE;gBACtC,OAAO,MAAM,uCAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,4CAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;aACtJ;SACF;QAAC,MAAM;SAEP;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,aAA+C,CAAC;QAEpD,IAAI;YACF,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,+CAAwB,CAAC,SAAS,CAAC,CAAC;YAC9F,IAAI,aAAa,EAAE;aAElB;SACF;QAAC,MAAM,GAAG;QAEX,OAAO,aAAa,CAAC;IACvB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,uCAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE;YACV,KAAK,GAAG,uCAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;SACzD;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,IAAI,QAA4B,CAAC;QACjC,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE;YACd,OAAO,SAAS,CAAC;SAClB;QACD,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE;YAC7B,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE;gBACtD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;aAC3B;SACF;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;;QAC7B,OAAO,MAAA,IAAI,CAAC,UAAU,0CAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE;YACjC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;SACtD;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;;QAClC,OAAO,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;;QAEnE,IAAI,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,EAAE;YACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE;gBACnB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;aACnE;iBAAM;gBACL,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;aACxE;SACF;aAAM;YACL,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE;gBACjC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;aACtB;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;SACtE;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;;QAEhE,IAAI,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,EAAE;YACxC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,MAAA,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,0CAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;SAC/I;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI;YACF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,+CAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE;gBAC/B,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,uCAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;aACnE;SACF;QAAC,MAAM,GAAG;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;MAGE;IACM,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAEtD,4FAA4F;QAC5F,IAAI,SAAS,KAAK,IAAI,CAAC,6BAA6B,CAAC,WAAW,CAAC,EAAE;YACjE,OAAO,KAAK,CAAC;SACd;QAED,IAAI,MAA0B,CAAC;QAC/B,IAAI;YACF,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACzD,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;SACtB;QAAC,OAAO,KAAU,EAAE;YACnB,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;SACvB;QACD,OAAO,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IACrG,CAAC;IAQD;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,GAAW,EAAE,QAAkC;QAE7E,iCAAiC;QACjC,MAAM,cAAc,GAAG,CAAC,QAAQ,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,yBAAyB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QACjK,IAAI,cAAc,KAAK,SAAS,EAAE;YAChC,OAAO,cAAc,CAAC;SACvB;QAED,MAAM,WAAW,GAAG,CAAC,GAAyB,EAAE,EAAE;YAChD,IAAI,QAAQ,KAAK,+CAAwB,CAAC,SAAS,EAAE;gBACnD,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;aAClD;iBAAM;gBACL,IAAI,CAAC,yBAAyB,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;aAC9C;QACH,CAAC,CAAC;QAEF,MAAM,WAAW,GAAG,CAAC,QAAQ,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAC9F,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,IAAI,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE;YACxD,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE;gBAC3C,OAAO,SAAS,CAAC;aAClB;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,2CAAoB,CAAC,GAAG,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;SACrF;aAAM;YAEL,wGAAwG;YACxG,IAAI,uBAAwC,CAAC;YAC7C,IAAI;gBACF,uBAAuB,GAAG,MAAM,qBAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;aAClF;YAAC,MAAM,GAAG;YAEX,IAAI,uBAAuB,KAAK,SAAS,EAAE;gBACzC,oCAAoC;gBACpC,IAAI;oBACF,MAAM,SAAS,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBAC/E,IAAI,MAAM,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,EAAE;wBAChD,MAAM,aAAa,GAAG,IAAI,2CAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;wBAC3G,WAAW,CAAC,aAAa,CAAC,CAAC;wBAC3B,OAAO,aAAa,CAAC;qBACtB;iBACF;gBAAC,MAAM,GAAG;aACZ;YAED,iGAAiG;YACjG,6BAA6B;YAC7B,8FAA8F;YAC9F,MAAM,UAAU,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;YAC/E,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE;gBACjD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;gBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;gBAE9H,uCAAuC;gBACvC,IAAI;oBACF,MAAM,MAAM,GAAG,SAAS,CAAC,QAAQ,EAAE,CAAC;oBACpC,IAAI,MAAM,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,EAAE;wBAC7C,MAAM,aAAa,GAAG,IAAI,2CAAoB,CAAC,MAAM,EAAE,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;wBACrG,WAAW,CAAC,aAAa,CAAC,CAAC;wBAC3B,OAAO,aAAa,CAAC;qBACtB;iBACF;gBAAC,MAAM,GAAG;aACZ;SAEF;QACD,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE;YAClB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE;gBAC1B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;aAChD;SAEF;aAAM;YACL,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE;gBAC1B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;aAChD;SACF;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE;YACjC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;SAC7D;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF;AAvTD,gDAuTC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\r\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\r\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator\";\r\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint\";\r\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager\";\r\nimport { ArcGisUrl } from \"./ArcGisUrl\";\r\n\r\n/** @beta */\r\nexport interface ArcGisEnterpriseClientId {\r\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\r\n used to identify uniquely each enterprise server. */\r\n serviceBaseUrl: string;\r\n\r\n /* Application's clientId for this enterprise server.*/\r\n clientId: string;\r\n}\r\n\r\n/** @beta */\r\nexport interface ArcGisOAuthClientIds {\r\n /* Application's OAuth clientId in ArcGIS online */\r\n arcgisOnlineClientId?: string;\r\n\r\n /* Application's OAuth clientId for each enterprise server used. */\r\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\r\n}\r\n\r\n/** @beta\r\n * ArcGIS OAuth configurations parameters.\r\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\r\n * more details.\r\n*/\r\nexport interface ArcGisOAuthConfig {\r\n /* URL to which a user is sent once they complete sign in authorization.\r\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\r\n */\r\n redirectUri: string;\r\n\r\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\r\n tokenExpiration?: number;\r\n\r\n /* Application client Ids */\r\n clientIds: ArcGisOAuthClientIds;\r\n}\r\n\r\n/** @beta */\r\nexport class ArcGisAccessClient implements MapLayerAccessClient {\r\n public readonly onOAuthProcessEnd = new BeEvent();\r\n private _redirectUri: string | undefined;\r\n private _expiration: number | undefined;\r\n private _clientIds: ArcGisOAuthClientIds | undefined;\r\n\r\n public constructor() {\r\n }\r\n\r\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\r\n if (oAuthConfig) {\r\n this._redirectUri = oAuthConfig.redirectUri;\r\n this._expiration = oAuthConfig.tokenExpiration;\r\n this._clientIds = oAuthConfig.clientIds;\r\n\r\n this.initOauthCallbackFunction();\r\n }\r\n return true;\r\n }\r\n\r\n private initOauthCallbackFunction() {\r\n (window as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\r\n let eventSuccess = false;\r\n let stateData;\r\n\r\n if (redirectLocation && redirectLocation.hash.length > 0) {\r\n const locationHash = redirectLocation.hash;\r\n const hashParams = new URLSearchParams(locationHash.substring(1));\r\n const token = hashParams.get(\"access_token\") ?? undefined;\r\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\r\n const userName = hashParams.get(\"username\") ?? undefined;\r\n const ssl = hashParams.get(\"ssl\") === \"true\";\r\n const stateStr = hashParams.get(\"state\") ?? undefined;\r\n const persist = hashParams.get(\"persist\") === \"true\";\r\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\r\n let endpointOrigin;\r\n try {\r\n const state = JSON.parse(stateStr);\r\n stateData = state?.customData;\r\n endpointOrigin = state?.endpointOrigin;\r\n\r\n } catch {\r\n }\r\n const expiresIn = Number(expiresInStr);\r\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\r\n if (endpointOrigin !== undefined) {\r\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\r\n eventSuccess = true;\r\n }\r\n\r\n }\r\n }\r\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\r\n };\r\n }\r\n\r\n public unInitialize() {\r\n this._redirectUri = undefined;\r\n this._expiration = undefined;\r\n (window as any).arcGisOAuth2Callback = undefined;\r\n }\r\n\r\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\r\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\r\n try {\r\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\r\n if (oauth2Token)\r\n return oauth2Token;\r\n\r\n if (params.userName && params.password) {\r\n return await ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\r\n }\r\n } catch {\r\n\r\n }\r\n return undefined;\r\n }\r\n\r\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\r\n let tokenEndpoint: ArcGisOAuth2Endpoint | undefined;\r\n\r\n try {\r\n tokenEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n if (tokenEndpoint) {\r\n\r\n }\r\n } catch { }\r\n\r\n return tokenEndpoint;\r\n }\r\n\r\n public invalidateToken(token: MapLayerAccessToken): boolean {\r\n let found = ArcGisTokenManager.invalidateToken(token);\r\n if (!found) {\r\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\r\n }\r\n return found;\r\n }\r\n\r\n public get redirectUri() {\r\n return this._redirectUri;\r\n }\r\n\r\n public getMatchingEnterpriseClientId(url: string) {\r\n let clientId: string | undefined;\r\n const clientIds = this.arcGisEnterpriseClientIds;\r\n if (!clientIds) {\r\n return undefined;\r\n }\r\n for (const entry of clientIds) {\r\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\r\n clientId = entry.clientId;\r\n }\r\n }\r\n return clientId;\r\n }\r\n\r\n public get expiration() {\r\n return this._expiration;\r\n }\r\n\r\n public get arcGisOnlineClientId() {\r\n return this._clientIds?.arcgisOnlineClientId;\r\n }\r\n\r\n public set arcGisOnlineClientId(clientId: string | undefined) {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = { arcgisOnlineClientId: clientId };\r\n }\r\n this._clientIds.arcgisOnlineClientId = clientId;\r\n }\r\n\r\n public get arcGisEnterpriseClientIds() {\r\n return this._clientIds?.enterpriseClientIds;\r\n }\r\n\r\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\r\n if (foundIdx !== -1) {\r\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\r\n } else {\r\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\r\n }\r\n } else {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = {};\r\n }\r\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\r\n }\r\n }\r\n\r\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\r\n }\r\n\r\n }\r\n\r\n /// //////////\r\n /** @internal */\r\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\r\n try {\r\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n if (oauthEndpoint !== undefined) {\r\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\r\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\r\n }\r\n } catch { }\r\n return undefined;\r\n }\r\n\r\n /**\r\n * Test if Oauth2 endpoint is accessible and has an associated appId\r\n * @internal\r\n */\r\n private async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean> {\r\n\r\n // Check if we got a matching appId for that endpoint, otherwise its not worth going further\r\n if (undefined === this.getMatchingEnterpriseClientId(endpointUrl)) {\r\n return false;\r\n }\r\n\r\n let status: number | undefined;\r\n try {\r\n const data = await fetch(endpointUrl, { method: \"GET\" });\r\n status = data.status;\r\n } catch (error: any) {\r\n status = error.status;\r\n }\r\n return status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\r\n }\r\n\r\n // Derive the Oauth URL from a typical MapLayerURL\r\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\r\n // => https://hostname/portal/sharing/oauth2/authorize\r\n private _oauthAuthorizeEndPointsCache = new Map<string, any>();\r\n private _oauthTokenEndPointsCache = new Map<string, any>();\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private async getOAuth2Endpoint(url: string, endpoint: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\r\n\r\n // Return from cache if available\r\n const cachedEndpoint = (endpoint === ArcGisOAuth2EndpointType.Authorize ? this._oauthAuthorizeEndPointsCache.get(url) : this._oauthTokenEndPointsCache.get(url));\r\n if (cachedEndpoint !== undefined) {\r\n return cachedEndpoint;\r\n }\r\n\r\n const cacheResult = (obj: ArcGisOAuth2Endpoint) => {\r\n if (endpoint === ArcGisOAuth2EndpointType.Authorize) {\r\n this._oauthAuthorizeEndPointsCache.set(url, obj);\r\n } else {\r\n this._oauthTokenEndPointsCache.set(url, obj);\r\n }\r\n };\r\n\r\n const endpointStr = (endpoint === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\r\n const urlObj = new URL(url);\r\n if (urlObj.hostname.toLowerCase().endsWith(\"arcgis.com\")) {\r\n // ArcGIS Online (fixed)\r\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\r\n\r\n if (this.arcGisOnlineClientId === undefined) {\r\n return undefined;\r\n }\r\n\r\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\r\n return new ArcGisOAuth2Endpoint(url, this.constructLoginUrl(oauth2Url, true), true);\r\n } else {\r\n\r\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\r\n let restUrlFromTokenService: URL | undefined;\r\n try {\r\n restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\r\n } catch { }\r\n\r\n if (restUrlFromTokenService !== undefined) {\r\n // Validate the URL we just composed\r\n try {\r\n const oauth2Url = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\r\n if (await this.validateOAuth2Endpoint(oauth2Url)) {\r\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, false), false);\r\n cacheResult(oauthEndpoint);\r\n return oauthEndpoint;\r\n }\r\n } catch { }\r\n }\r\n\r\n // If reach this point, that means we could not derive the token endpoint from 'tokenServicesUrl'\r\n // lets use another approach.\r\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\r\n const regExMatch = url.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\r\n if (regExMatch !== null && regExMatch.length >= 2) {\r\n const subdirectory = regExMatch[1];\r\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\r\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\r\n\r\n // Check again the URL we just composed\r\n try {\r\n const newUrl = newUrlObj.toString();\r\n if (await this.validateOAuth2Endpoint(newUrl)) {\r\n const oauthEndpoint = new ArcGisOAuth2Endpoint(newUrl, this.constructLoginUrl(newUrl, false), false);\r\n cacheResult(oauthEndpoint);\r\n return oauthEndpoint;\r\n }\r\n } catch { }\r\n }\r\n\r\n }\r\n return undefined; // we could not find any valid oauth2 endpoint\r\n }\r\n\r\n /**\r\n * Construct the complete Authorize url to starts the Oauth process\r\n * @internal\r\n */\r\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\r\n const urlObj = new URL(url);\r\n\r\n // Set the client id\r\n if (isArcgisOnline) {\r\n const clientId = this.arcGisOnlineClientId;\r\n assert(clientId !== undefined);\r\n if (clientId !== undefined) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n\r\n } else {\r\n const clientId = this.getMatchingEnterpriseClientId(url);\r\n assert(clientId !== undefined);\r\n if (undefined !== clientId) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n }\r\n\r\n urlObj.searchParams.set(\"response_type\", \"token\");\r\n if (this.expiration !== undefined) {\r\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\r\n }\r\n\r\n if (this.redirectUri)\r\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\r\n\r\n return urlObj.toString();\r\n }\r\n\r\n}\r\n"]}
|
|
1
|
+
{"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":";AAAA;;;+FAG+F;AAC/F;;GAEG;;;AAEH,sDAAsD;AAEtD,iEAAkF;AAClF,iEAAwF;AACxF,6DAA0D;AAC1D,2CAAwC;AAuCxC,YAAY;AACZ,MAAa,kBAAkB;IAM7B;QALgB,sBAAiB,GAAG,IAAI,sBAAO,EAAE,CAAC;QAiNlD,kDAAkD;QAClD,8EAA8E;QAC9E,4DAA4D;QACpD,kCAA6B,GAAG,IAAI,GAAG,EAAe,CAAC;QACvD,8BAAyB,GAAG,IAAI,GAAG,EAAe,CAAC;IA/M3D,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE;YACf,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;SAClC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,MAAc,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;;YACrE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE;gBACxD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,mCAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,mCAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,mCAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,mCAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE;oBAC9H,IAAI,cAAc,CAAC;oBACnB,IAAI;wBACF,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,cAAc,CAAC;qBAExC;oBAAC,MAAM;qBACP;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE;wBAChC,uCAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;qBACrB;iBAEF;aACF;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,MAAc,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACnD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAC/F,IAAI;YACF,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;YAErB,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE;gBACtC,OAAO,MAAM,uCAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,4CAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;aACtJ;SACF;QAAC,MAAM;SAEP;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,aAA+C,CAAC;QAEpD,IAAI;YACF,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,+CAAwB,CAAC,SAAS,CAAC,CAAC;YAC9F,IAAI,aAAa,EAAE;aAElB;SACF;QAAC,MAAM,GAAG;QAEX,OAAO,aAAa,CAAC;IACvB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,uCAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE;YACV,KAAK,GAAG,uCAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;SACzD;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE;YACd,OAAO,SAAS,CAAC;SAClB;QAED,IAAI,QAA4B,CAAC;QACjC,IAAI,eAAmC,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE;YAC7B,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE;gBAC/B,eAAe,GAAG,KAAK,CAAC,QAAQ,CAAC;aAClC;iBAAM;gBACL,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE;oBACtD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;iBAC3B;aACF;SACF;QAED,2EAA2E;QAC3E,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE;YAC3D,QAAQ,GAAG,eAAe,CAAC;SAC5B;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;;QAC7B,OAAO,MAAA,IAAI,CAAC,UAAU,0CAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE;YACjC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;SACtD;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;;QAClC,OAAO,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;;QAEnE,IAAI,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,EAAE;YACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE;gBACnB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;aACnE;iBAAM;gBACL,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;aACxE;SACF;aAAM;YACL,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE;gBACjC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;aACtB;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;SACtE;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;;QAEhE,IAAI,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,EAAE;YACxC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,MAAA,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,0CAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;SAC/I;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI;YACF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,+CAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE;gBAC/B,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,uCAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;aACnE;SACF;QAAC,MAAM,GAAG;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;MAIE;IACM,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAEtD,4FAA4F;QAC5F,IAAI,SAAS,KAAK,IAAI,CAAC,6BAA6B,CAAC,WAAW,CAAC,EAAE;YACjE,OAAO,KAAK,CAAC;SACd;QAED,IAAI,MAA0B,CAAC;QAC/B,IAAI;YACF,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACzD,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;SACtB;QAAC,OAAO,KAAU,EAAE;YACnB,6DAA6D;YAC7D,gFAAgF;YAChF,OAAO,SAAS,CAAC;SAClB;QACD,OAAO,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IACrG,CAAC;IAQD;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,GAAW,EAAE,QAAkC;QAE7E,iCAAiC;QACjC,MAAM,cAAc,GAAG,CAAC,QAAQ,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,yBAAyB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QACjK,IAAI,cAAc,KAAK,SAAS,EAAE;YAChC,OAAO,cAAc,CAAC;SACvB;QAED,MAAM,WAAW,GAAG,CAAC,GAAyB,EAAE,EAAE;YAChD,IAAI,QAAQ,KAAK,+CAAwB,CAAC,SAAS,EAAE;gBACnD,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;aAClD;iBAAM;gBACL,IAAI,CAAC,yBAAyB,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;aAC9C;QACH,CAAC,CAAC;QAEF,MAAM,WAAW,GAAG,CAAC,QAAQ,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAC9F,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,IAAI,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE;YACxD,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE;gBAC3C,OAAO,SAAS,CAAC;aAClB;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,2CAAoB,CAAC,GAAG,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;SACrF;aAAM;YAEL,wGAAwG;YACxG,IAAI,uBAAwC,CAAC;YAC7C,IAAI;gBACF,uBAAuB,GAAG,MAAM,qBAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;aAClF;YAAC,MAAM,GAAG;YAEX,IAAI,uBAAuB,KAAK,SAAS,EAAE;gBACzC,oCAAoC;gBACpC,IAAI;oBACF,MAAM,SAAS,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBAC/E,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,CAAC;oBAC3D,qGAAqG;oBACrG,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,EAAE;wBAChC,MAAM,aAAa,GAAG,IAAI,2CAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;wBAC3G,WAAW,CAAC,aAAa,CAAC,CAAC;wBAC3B,OAAO,aAAa,CAAC;qBACtB;iBACF;gBAAC,MAAM,GAAG;aACZ;YAED,2HAA2H;YAC3H,8FAA8F;YAC9F,MAAM,UAAU,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;YAC/E,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE;gBACjD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;gBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;gBAE9H,uCAAuC;gBACvC,IAAI;oBACF,MAAM,MAAM,GAAG,SAAS,CAAC,QAAQ,EAAE,CAAC;oBACpC,IAAI,MAAM,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,EAAE;wBAC7C,MAAM,aAAa,GAAG,IAAI,2CAAoB,CAAC,MAAM,EAAE,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;wBACrG,WAAW,CAAC,aAAa,CAAC,CAAC;wBAC3B,OAAO,aAAa,CAAC;qBACtB;iBACF;gBAAC,MAAM,GAAG;aACZ;SAEF;QACD,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE;YAClB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE;gBAC1B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;aAChD;SAEF;aAAM;YACL,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE;gBAC1B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;aAChD;SACF;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE;YACjC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;SAC7D;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF;AAvUD,gDAuUC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\r\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\r\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator\";\r\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint\";\r\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager\";\r\nimport { ArcGisUrl } from \"./ArcGisUrl\";\r\n\r\n/** @beta */\r\nexport interface ArcGisEnterpriseClientId {\r\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\r\n used to identify uniquely each enterprise server. */\r\n serviceBaseUrl: string;\r\n\r\n /* Application's clientId for this enterprise server.*/\r\n clientId: string;\r\n}\r\n\r\n/** @beta */\r\nexport interface ArcGisOAuthClientIds {\r\n /* Application's OAuth clientId in ArcGIS online */\r\n arcgisOnlineClientId?: string;\r\n\r\n /* Application's OAuth clientId for each enterprise server used. */\r\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\r\n}\r\n\r\n/** @beta\r\n * ArcGIS OAuth configurations parameters.\r\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\r\n * more details.\r\n*/\r\nexport interface ArcGisOAuthConfig {\r\n /* URL to which a user is sent once they complete sign in authorization.\r\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\r\n */\r\n redirectUri: string;\r\n\r\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\r\n tokenExpiration?: number;\r\n\r\n /* Application client Ids */\r\n clientIds: ArcGisOAuthClientIds;\r\n}\r\n\r\n/** @beta */\r\nexport class ArcGisAccessClient implements MapLayerAccessClient {\r\n public readonly onOAuthProcessEnd = new BeEvent();\r\n private _redirectUri: string | undefined;\r\n private _expiration: number | undefined;\r\n private _clientIds: ArcGisOAuthClientIds | undefined;\r\n\r\n public constructor() {\r\n }\r\n\r\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\r\n if (oAuthConfig) {\r\n this._redirectUri = oAuthConfig.redirectUri;\r\n this._expiration = oAuthConfig.tokenExpiration;\r\n this._clientIds = oAuthConfig.clientIds;\r\n\r\n this.initOauthCallbackFunction();\r\n }\r\n return true;\r\n }\r\n\r\n private initOauthCallbackFunction() {\r\n (window as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\r\n let eventSuccess = false;\r\n let stateData;\r\n\r\n if (redirectLocation && redirectLocation.hash.length > 0) {\r\n const locationHash = redirectLocation.hash;\r\n const hashParams = new URLSearchParams(locationHash.substring(1));\r\n const token = hashParams.get(\"access_token\") ?? undefined;\r\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\r\n const userName = hashParams.get(\"username\") ?? undefined;\r\n const ssl = hashParams.get(\"ssl\") === \"true\";\r\n const stateStr = hashParams.get(\"state\") ?? undefined;\r\n const persist = hashParams.get(\"persist\") === \"true\";\r\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\r\n let endpointOrigin;\r\n try {\r\n const state = JSON.parse(stateStr);\r\n stateData = state?.customData;\r\n endpointOrigin = state?.endpointOrigin;\r\n\r\n } catch {\r\n }\r\n const expiresIn = Number(expiresInStr);\r\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\r\n if (endpointOrigin !== undefined) {\r\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\r\n eventSuccess = true;\r\n }\r\n\r\n }\r\n }\r\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\r\n };\r\n }\r\n\r\n public unInitialize() {\r\n this._redirectUri = undefined;\r\n this._expiration = undefined;\r\n (window as any).arcGisOAuth2Callback = undefined;\r\n }\r\n\r\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\r\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\r\n try {\r\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\r\n if (oauth2Token)\r\n return oauth2Token;\r\n\r\n if (params.userName && params.password) {\r\n return await ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\r\n }\r\n } catch {\r\n\r\n }\r\n return undefined;\r\n }\r\n\r\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\r\n let tokenEndpoint: ArcGisOAuth2Endpoint | undefined;\r\n\r\n try {\r\n tokenEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n if (tokenEndpoint) {\r\n\r\n }\r\n } catch { }\r\n\r\n return tokenEndpoint;\r\n }\r\n\r\n public invalidateToken(token: MapLayerAccessToken): boolean {\r\n let found = ArcGisTokenManager.invalidateToken(token);\r\n if (!found) {\r\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\r\n }\r\n return found;\r\n }\r\n\r\n public get redirectUri() {\r\n return this._redirectUri;\r\n }\r\n\r\n public getMatchingEnterpriseClientId(url: string) {\r\n const clientIds = this.arcGisEnterpriseClientIds;\r\n if (!clientIds) {\r\n return undefined;\r\n }\r\n\r\n let clientId: string | undefined;\r\n let defaultClientId: string | undefined;\r\n for (const entry of clientIds) {\r\n if (entry.serviceBaseUrl === \"\") {\r\n defaultClientId = entry.clientId;\r\n } else {\r\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\r\n clientId = entry.clientId;\r\n }\r\n }\r\n }\r\n\r\n // If we could not find a match with serviceBaseUrl, and a default clientId\r\n // was specified (i.e empty url), then use default clientId\r\n if (clientId === undefined && defaultClientId !== undefined) {\r\n clientId = defaultClientId;\r\n }\r\n return clientId;\r\n }\r\n\r\n public get expiration() {\r\n return this._expiration;\r\n }\r\n\r\n public get arcGisOnlineClientId() {\r\n return this._clientIds?.arcgisOnlineClientId;\r\n }\r\n\r\n public set arcGisOnlineClientId(clientId: string | undefined) {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = { arcgisOnlineClientId: clientId };\r\n }\r\n this._clientIds.arcgisOnlineClientId = clientId;\r\n }\r\n\r\n public get arcGisEnterpriseClientIds() {\r\n return this._clientIds?.enterpriseClientIds;\r\n }\r\n\r\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\r\n if (foundIdx !== -1) {\r\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\r\n } else {\r\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\r\n }\r\n } else {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = {};\r\n }\r\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\r\n }\r\n }\r\n\r\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\r\n }\r\n\r\n }\r\n\r\n /// //////////\r\n /** @internal */\r\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\r\n try {\r\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n if (oauthEndpoint !== undefined) {\r\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\r\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\r\n }\r\n } catch { }\r\n return undefined;\r\n }\r\n\r\n /**\r\n * Test if Oauth2 endpoint is accessible and has an associated appId\r\n * @return true/false if validation succeeded, undefined if validation could not be performed (i.e CORS/network error)\r\n * @internal\r\n */\r\n private async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean | undefined> {\r\n\r\n // Check if we got a matching appId for that endpoint, otherwise its not worth going further\r\n if (undefined === this.getMatchingEnterpriseClientId(endpointUrl)) {\r\n return false;\r\n }\r\n\r\n let status: number | undefined;\r\n try {\r\n const data = await fetch(endpointUrl, { method: \"GET\" });\r\n status = data.status;\r\n } catch (error: any) {\r\n // fetch() throws when there is a CORS error, so in that case\r\n // we cannot confirm if the oauth2 endpoint is valid or not, we return undefined\r\n return undefined;\r\n }\r\n return status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\r\n }\r\n\r\n // Derive the Oauth URL from a typical MapLayerURL\r\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\r\n // => https://hostname/portal/sharing/oauth2/authorize\r\n private _oauthAuthorizeEndPointsCache = new Map<string, any>();\r\n private _oauthTokenEndPointsCache = new Map<string, any>();\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private async getOAuth2Endpoint(url: string, endpoint: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\r\n\r\n // Return from cache if available\r\n const cachedEndpoint = (endpoint === ArcGisOAuth2EndpointType.Authorize ? this._oauthAuthorizeEndPointsCache.get(url) : this._oauthTokenEndPointsCache.get(url));\r\n if (cachedEndpoint !== undefined) {\r\n return cachedEndpoint;\r\n }\r\n\r\n const cacheResult = (obj: ArcGisOAuth2Endpoint) => {\r\n if (endpoint === ArcGisOAuth2EndpointType.Authorize) {\r\n this._oauthAuthorizeEndPointsCache.set(url, obj);\r\n } else {\r\n this._oauthTokenEndPointsCache.set(url, obj);\r\n }\r\n };\r\n\r\n const endpointStr = (endpoint === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\r\n const urlObj = new URL(url);\r\n if (urlObj.hostname.toLowerCase().endsWith(\"arcgis.com\")) {\r\n // ArcGIS Online (fixed)\r\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\r\n\r\n if (this.arcGisOnlineClientId === undefined) {\r\n return undefined;\r\n }\r\n\r\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\r\n return new ArcGisOAuth2Endpoint(url, this.constructLoginUrl(oauth2Url, true), true);\r\n } else {\r\n\r\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\r\n let restUrlFromTokenService: URL | undefined;\r\n try {\r\n restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\r\n } catch { }\r\n\r\n if (restUrlFromTokenService !== undefined) {\r\n // Validate the URL we just composed\r\n try {\r\n const oauth2Url = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\r\n const valid = await this.validateOAuth2Endpoint(oauth2Url);\r\n // We assume undefined means CORS error, that shouldn't prevent popup from displaying the login page.\r\n if (valid === undefined || valid) {\r\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, false), false);\r\n cacheResult(oauthEndpoint);\r\n return oauthEndpoint;\r\n }\r\n } catch { }\r\n }\r\n\r\n // If reach this point, that means we could not derive the token endpoint from 'tokenServicesUrl', lets try something else.\r\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\r\n const regExMatch = url.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\r\n if (regExMatch !== null && regExMatch.length >= 2) {\r\n const subdirectory = regExMatch[1];\r\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\r\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\r\n\r\n // Check again the URL we just composed\r\n try {\r\n const newUrl = newUrlObj.toString();\r\n if (await this.validateOAuth2Endpoint(newUrl)) {\r\n const oauthEndpoint = new ArcGisOAuth2Endpoint(newUrl, this.constructLoginUrl(newUrl, false), false);\r\n cacheResult(oauthEndpoint);\r\n return oauthEndpoint;\r\n }\r\n } catch { }\r\n }\r\n\r\n }\r\n return undefined; // we could not find any valid oauth2 endpoint\r\n }\r\n\r\n /**\r\n * Construct the complete Authorize url to starts the Oauth process\r\n * @internal\r\n */\r\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\r\n const urlObj = new URL(url);\r\n\r\n // Set the client id\r\n if (isArcgisOnline) {\r\n const clientId = this.arcGisOnlineClientId;\r\n assert(clientId !== undefined);\r\n if (clientId !== undefined) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n\r\n } else {\r\n const clientId = this.getMatchingEnterpriseClientId(url);\r\n assert(clientId !== undefined);\r\n if (undefined !== clientId) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n }\r\n\r\n urlObj.searchParams.set(\"response_type\", \"token\");\r\n if (this.expiration !== undefined) {\r\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\r\n }\r\n\r\n if (this.redirectUri)\r\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\r\n\r\n return urlObj.toString();\r\n }\r\n\r\n}\r\n"]}
|
|
@@ -48,6 +48,7 @@ export declare class ArcGisAccessClient implements MapLayerAccessClient {
|
|
|
48
48
|
private getOAuthTokenForMapLayerUrl;
|
|
49
49
|
/**
|
|
50
50
|
* Test if Oauth2 endpoint is accessible and has an associated appId
|
|
51
|
+
* @return true/false if validation succeeded, undefined if validation could not be performed (i.e CORS/network error)
|
|
51
52
|
* @internal
|
|
52
53
|
*/
|
|
53
54
|
private validateOAuth2Endpoint;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ArcGisAccessClient.d.ts","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":"AAIA;;GAEG;AAEH,OAAO,EAAU,OAAO,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,yBAAyB,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAMnI,YAAY;AACZ,MAAM,WAAW,wBAAwB;IAGvC,cAAc,EAAE,MAAM,CAAC;IAGvB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,YAAY;AACZ,MAAM,WAAW,oBAAoB;IAEnC,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAG9B,mBAAmB,CAAC,EAAE,wBAAwB,EAAE,CAAC;CAClD;AAED;;;;EAIE;AACF,MAAM,WAAW,iBAAiB;IAIhC,WAAW,EAAE,MAAM,CAAC;IAGpB,eAAe,CAAC,EAAE,MAAM,CAAC;IAGzB,SAAS,EAAE,oBAAoB,CAAC;CACjC;AAED,YAAY;AACZ,qBAAa,kBAAmB,YAAW,oBAAoB;IAC7D,SAAgB,iBAAiB,kDAAiB;IAClD,OAAO,CAAC,YAAY,CAAqB;IACzC,OAAO,CAAC,WAAW,CAAqB;IACxC,OAAO,CAAC,UAAU,CAAmC;;IAK9C,UAAU,CAAC,WAAW,CAAC,EAAE,iBAAiB,GAAG,OAAO;IAW3D,OAAO,CAAC,yBAAyB;IAoC1B,YAAY;IAMN,cAAc,CAAC,MAAM,EAAE,yBAAyB,GAAG,OAAO,CAAC,mBAAmB,GAAG,SAAS,CAAC;IAgB3F,uBAAuB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,GAAG,SAAS,CAAC;IAa9F,eAAe,CAAC,KAAK,EAAE,mBAAmB,GAAG,OAAO;IAQ3D,IAAW,WAAW,uBAErB;IAEM,6BAA6B,CAAC,GAAG,EAAE,MAAM;
|
|
1
|
+
{"version":3,"file":"ArcGisAccessClient.d.ts","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":"AAIA;;GAEG;AAEH,OAAO,EAAU,OAAO,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,yBAAyB,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAMnI,YAAY;AACZ,MAAM,WAAW,wBAAwB;IAGvC,cAAc,EAAE,MAAM,CAAC;IAGvB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,YAAY;AACZ,MAAM,WAAW,oBAAoB;IAEnC,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAG9B,mBAAmB,CAAC,EAAE,wBAAwB,EAAE,CAAC;CAClD;AAED;;;;EAIE;AACF,MAAM,WAAW,iBAAiB;IAIhC,WAAW,EAAE,MAAM,CAAC;IAGpB,eAAe,CAAC,EAAE,MAAM,CAAC;IAGzB,SAAS,EAAE,oBAAoB,CAAC;CACjC;AAED,YAAY;AACZ,qBAAa,kBAAmB,YAAW,oBAAoB;IAC7D,SAAgB,iBAAiB,kDAAiB;IAClD,OAAO,CAAC,YAAY,CAAqB;IACzC,OAAO,CAAC,WAAW,CAAqB;IACxC,OAAO,CAAC,UAAU,CAAmC;;IAK9C,UAAU,CAAC,WAAW,CAAC,EAAE,iBAAiB,GAAG,OAAO;IAW3D,OAAO,CAAC,yBAAyB;IAoC1B,YAAY;IAMN,cAAc,CAAC,MAAM,EAAE,yBAAyB,GAAG,OAAO,CAAC,mBAAmB,GAAG,SAAS,CAAC;IAgB3F,uBAAuB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,GAAG,SAAS,CAAC;IAa9F,eAAe,CAAC,KAAK,EAAE,mBAAmB,GAAG,OAAO;IAQ3D,IAAW,WAAW,uBAErB;IAEM,6BAA6B,CAAC,GAAG,EAAE,MAAM;IA0BhD,IAAW,UAAU,uBAEpB;IAED,IAAW,oBAAoB,IAIW,MAAM,GAAG,SAAS,CAF3D;IAED,IAAW,oBAAoB,CAAC,QAAQ,EAAE,MAAM,GAAG,SAAS,EAK3D;IAED,IAAW,yBAAyB,2CAEnC;IAEM,qBAAqB,CAAC,cAAc,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM;IAiB9D,wBAAwB,CAAC,QAAQ,EAAE,wBAAwB;IASlE,gBAAgB;YACF,2BAA2B;IAWzC;;;;MAIE;YACY,sBAAsB;IAsBpC,OAAO,CAAC,6BAA6B,CAA0B;IAC/D,OAAO,CAAC,yBAAyB,CAA0B;IAE3D;;;KAGC;YACa,iBAAiB;IAyE/B;;;KAGC;IACD,OAAO,CAAC,iBAAiB;CA8B1B"}
|
|
@@ -103,15 +103,26 @@ export class ArcGisAccessClient {
|
|
|
103
103
|
return this._redirectUri;
|
|
104
104
|
}
|
|
105
105
|
getMatchingEnterpriseClientId(url) {
|
|
106
|
-
let clientId;
|
|
107
106
|
const clientIds = this.arcGisEnterpriseClientIds;
|
|
108
107
|
if (!clientIds) {
|
|
109
108
|
return undefined;
|
|
110
109
|
}
|
|
110
|
+
let clientId;
|
|
111
|
+
let defaultClientId;
|
|
111
112
|
for (const entry of clientIds) {
|
|
112
|
-
if (
|
|
113
|
-
|
|
113
|
+
if (entry.serviceBaseUrl === "") {
|
|
114
|
+
defaultClientId = entry.clientId;
|
|
114
115
|
}
|
|
116
|
+
else {
|
|
117
|
+
if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {
|
|
118
|
+
clientId = entry.clientId;
|
|
119
|
+
}
|
|
120
|
+
}
|
|
121
|
+
}
|
|
122
|
+
// If we could not find a match with serviceBaseUrl, and a default clientId
|
|
123
|
+
// was specified (i.e empty url), then use default clientId
|
|
124
|
+
if (clientId === undefined && defaultClientId !== undefined) {
|
|
125
|
+
clientId = defaultClientId;
|
|
115
126
|
}
|
|
116
127
|
return clientId;
|
|
117
128
|
}
|
|
@@ -171,6 +182,7 @@ export class ArcGisAccessClient {
|
|
|
171
182
|
}
|
|
172
183
|
/**
|
|
173
184
|
* Test if Oauth2 endpoint is accessible and has an associated appId
|
|
185
|
+
* @return true/false if validation succeeded, undefined if validation could not be performed (i.e CORS/network error)
|
|
174
186
|
* @internal
|
|
175
187
|
*/
|
|
176
188
|
async validateOAuth2Endpoint(endpointUrl) {
|
|
@@ -184,7 +196,9 @@ export class ArcGisAccessClient {
|
|
|
184
196
|
status = data.status;
|
|
185
197
|
}
|
|
186
198
|
catch (error) {
|
|
187
|
-
|
|
199
|
+
// fetch() throws when there is a CORS error, so in that case
|
|
200
|
+
// we cannot confirm if the oauth2 endpoint is valid or not, we return undefined
|
|
201
|
+
return undefined;
|
|
188
202
|
}
|
|
189
203
|
return status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters
|
|
190
204
|
}
|
|
@@ -228,7 +242,9 @@ export class ArcGisAccessClient {
|
|
|
228
242
|
// Validate the URL we just composed
|
|
229
243
|
try {
|
|
230
244
|
const oauth2Url = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;
|
|
231
|
-
|
|
245
|
+
const valid = await this.validateOAuth2Endpoint(oauth2Url);
|
|
246
|
+
// We assume undefined means CORS error, that shouldn't prevent popup from displaying the login page.
|
|
247
|
+
if (valid === undefined || valid) {
|
|
232
248
|
const oauthEndpoint = new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, false), false);
|
|
233
249
|
cacheResult(oauthEndpoint);
|
|
234
250
|
return oauthEndpoint;
|
|
@@ -236,8 +252,7 @@ export class ArcGisAccessClient {
|
|
|
236
252
|
}
|
|
237
253
|
catch { }
|
|
238
254
|
}
|
|
239
|
-
// If reach this point, that means we could not derive the token endpoint from 'tokenServicesUrl'
|
|
240
|
-
// lets use another approach.
|
|
255
|
+
// If reach this point, that means we could not derive the token endpoint from 'tokenServicesUrl', lets try something else.
|
|
241
256
|
// ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize
|
|
242
257
|
const regExMatch = url.match(new RegExp(/([^&\/]+)\/rest\/services\/.*/, "i"));
|
|
243
258
|
if (regExMatch !== null && regExMatch.length >= 2) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F;;GAEG;AAEH,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAEtD,OAAO,EAAqB,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAClF,OAAO,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,wBAAwB,CAAC;AACxF,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAuCxC,YAAY;AACZ,MAAM,OAAO,kBAAkB;IAM7B;QALgB,sBAAiB,GAAG,IAAI,OAAO,EAAE,CAAC;QAkMlD,kDAAkD;QAClD,8EAA8E;QAC9E,4DAA4D;QACpD,kCAA6B,GAAG,IAAI,GAAG,EAAe,CAAC;QACvD,8BAAyB,GAAG,IAAI,GAAG,EAAe,CAAC;IAhM3D,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE;YACf,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;SAClC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,MAAc,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;;YACrE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE;gBACxD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,mCAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,mCAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,mCAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,mCAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE;oBAC9H,IAAI,cAAc,CAAC;oBACnB,IAAI;wBACF,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,cAAc,CAAC;qBAExC;oBAAC,MAAM;qBACP;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE;wBAChC,kBAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;qBACrB;iBAEF;aACF;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,MAAc,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACnD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAC/F,IAAI;YACF,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;YAErB,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE;gBACtC,OAAO,MAAM,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,qBAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;aACtJ;SACF;QAAC,MAAM;SAEP;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,aAA+C,CAAC;QAEpD,IAAI;YACF,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;YAC9F,IAAI,aAAa,EAAE;aAElB;SACF;QAAC,MAAM,GAAG;QAEX,OAAO,aAAa,CAAC;IACvB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,kBAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE;YACV,KAAK,GAAG,kBAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;SACzD;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,IAAI,QAA4B,CAAC;QACjC,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE;YACd,OAAO,SAAS,CAAC;SAClB;QACD,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE;YAC7B,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE;gBACtD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;aAC3B;SACF;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;;QAC7B,OAAO,MAAA,IAAI,CAAC,UAAU,0CAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE;YACjC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;SACtD;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;;QAClC,OAAO,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;;QAEnE,IAAI,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,EAAE;YACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE;gBACnB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;aACnE;iBAAM;gBACL,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;aACxE;SACF;aAAM;YACL,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE;gBACjC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;aACtB;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;SACtE;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;;QAEhE,IAAI,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,EAAE;YACxC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,MAAA,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,0CAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;SAC/I;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI;YACF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE;gBAC/B,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,kBAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;aACnE;SACF;QAAC,MAAM,GAAG;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;MAGE;IACM,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAEtD,4FAA4F;QAC5F,IAAI,SAAS,KAAK,IAAI,CAAC,6BAA6B,CAAC,WAAW,CAAC,EAAE;YACjE,OAAO,KAAK,CAAC;SACd;QAED,IAAI,MAA0B,CAAC;QAC/B,IAAI;YACF,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACzD,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;SACtB;QAAC,OAAO,KAAU,EAAE;YACnB,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;SACvB;QACD,OAAO,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IACrG,CAAC;IAQD;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,GAAW,EAAE,QAAkC;QAE7E,iCAAiC;QACjC,MAAM,cAAc,GAAG,CAAC,QAAQ,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,yBAAyB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QACjK,IAAI,cAAc,KAAK,SAAS,EAAE;YAChC,OAAO,cAAc,CAAC;SACvB;QAED,MAAM,WAAW,GAAG,CAAC,GAAyB,EAAE,EAAE;YAChD,IAAI,QAAQ,KAAK,wBAAwB,CAAC,SAAS,EAAE;gBACnD,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;aAClD;iBAAM;gBACL,IAAI,CAAC,yBAAyB,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;aAC9C;QACH,CAAC,CAAC;QAEF,MAAM,WAAW,GAAG,CAAC,QAAQ,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAC9F,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,IAAI,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE;YACxD,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE;gBAC3C,OAAO,SAAS,CAAC;aAClB;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,oBAAoB,CAAC,GAAG,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;SACrF;aAAM;YAEL,wGAAwG;YACxG,IAAI,uBAAwC,CAAC;YAC7C,IAAI;gBACF,uBAAuB,GAAG,MAAM,SAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;aAClF;YAAC,MAAM,GAAG;YAEX,IAAI,uBAAuB,KAAK,SAAS,EAAE;gBACzC,oCAAoC;gBACpC,IAAI;oBACF,MAAM,SAAS,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBAC/E,IAAI,MAAM,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,EAAE;wBAChD,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;wBAC3G,WAAW,CAAC,aAAa,CAAC,CAAC;wBAC3B,OAAO,aAAa,CAAC;qBACtB;iBACF;gBAAC,MAAM,GAAG;aACZ;YAED,iGAAiG;YACjG,6BAA6B;YAC7B,8FAA8F;YAC9F,MAAM,UAAU,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;YAC/E,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE;gBACjD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;gBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;gBAE9H,uCAAuC;gBACvC,IAAI;oBACF,MAAM,MAAM,GAAG,SAAS,CAAC,QAAQ,EAAE,CAAC;oBACpC,IAAI,MAAM,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,EAAE;wBAC7C,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,MAAM,EAAE,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;wBACrG,WAAW,CAAC,aAAa,CAAC,CAAC;wBAC3B,OAAO,aAAa,CAAC;qBACtB;iBACF;gBAAC,MAAM,GAAG;aACZ;SAEF;QACD,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE;YAClB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE;gBAC1B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;aAChD;SAEF;aAAM;YACL,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE;gBAC1B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;aAChD;SACF;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE;YACjC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;SAC7D;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\r\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\r\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator\";\r\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint\";\r\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager\";\r\nimport { ArcGisUrl } from \"./ArcGisUrl\";\r\n\r\n/** @beta */\r\nexport interface ArcGisEnterpriseClientId {\r\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\r\n used to identify uniquely each enterprise server. */\r\n serviceBaseUrl: string;\r\n\r\n /* Application's clientId for this enterprise server.*/\r\n clientId: string;\r\n}\r\n\r\n/** @beta */\r\nexport interface ArcGisOAuthClientIds {\r\n /* Application's OAuth clientId in ArcGIS online */\r\n arcgisOnlineClientId?: string;\r\n\r\n /* Application's OAuth clientId for each enterprise server used. */\r\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\r\n}\r\n\r\n/** @beta\r\n * ArcGIS OAuth configurations parameters.\r\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\r\n * more details.\r\n*/\r\nexport interface ArcGisOAuthConfig {\r\n /* URL to which a user is sent once they complete sign in authorization.\r\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\r\n */\r\n redirectUri: string;\r\n\r\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\r\n tokenExpiration?: number;\r\n\r\n /* Application client Ids */\r\n clientIds: ArcGisOAuthClientIds;\r\n}\r\n\r\n/** @beta */\r\nexport class ArcGisAccessClient implements MapLayerAccessClient {\r\n public readonly onOAuthProcessEnd = new BeEvent();\r\n private _redirectUri: string | undefined;\r\n private _expiration: number | undefined;\r\n private _clientIds: ArcGisOAuthClientIds | undefined;\r\n\r\n public constructor() {\r\n }\r\n\r\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\r\n if (oAuthConfig) {\r\n this._redirectUri = oAuthConfig.redirectUri;\r\n this._expiration = oAuthConfig.tokenExpiration;\r\n this._clientIds = oAuthConfig.clientIds;\r\n\r\n this.initOauthCallbackFunction();\r\n }\r\n return true;\r\n }\r\n\r\n private initOauthCallbackFunction() {\r\n (window as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\r\n let eventSuccess = false;\r\n let stateData;\r\n\r\n if (redirectLocation && redirectLocation.hash.length > 0) {\r\n const locationHash = redirectLocation.hash;\r\n const hashParams = new URLSearchParams(locationHash.substring(1));\r\n const token = hashParams.get(\"access_token\") ?? undefined;\r\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\r\n const userName = hashParams.get(\"username\") ?? undefined;\r\n const ssl = hashParams.get(\"ssl\") === \"true\";\r\n const stateStr = hashParams.get(\"state\") ?? undefined;\r\n const persist = hashParams.get(\"persist\") === \"true\";\r\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\r\n let endpointOrigin;\r\n try {\r\n const state = JSON.parse(stateStr);\r\n stateData = state?.customData;\r\n endpointOrigin = state?.endpointOrigin;\r\n\r\n } catch {\r\n }\r\n const expiresIn = Number(expiresInStr);\r\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\r\n if (endpointOrigin !== undefined) {\r\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\r\n eventSuccess = true;\r\n }\r\n\r\n }\r\n }\r\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\r\n };\r\n }\r\n\r\n public unInitialize() {\r\n this._redirectUri = undefined;\r\n this._expiration = undefined;\r\n (window as any).arcGisOAuth2Callback = undefined;\r\n }\r\n\r\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\r\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\r\n try {\r\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\r\n if (oauth2Token)\r\n return oauth2Token;\r\n\r\n if (params.userName && params.password) {\r\n return await ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\r\n }\r\n } catch {\r\n\r\n }\r\n return undefined;\r\n }\r\n\r\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\r\n let tokenEndpoint: ArcGisOAuth2Endpoint | undefined;\r\n\r\n try {\r\n tokenEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n if (tokenEndpoint) {\r\n\r\n }\r\n } catch { }\r\n\r\n return tokenEndpoint;\r\n }\r\n\r\n public invalidateToken(token: MapLayerAccessToken): boolean {\r\n let found = ArcGisTokenManager.invalidateToken(token);\r\n if (!found) {\r\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\r\n }\r\n return found;\r\n }\r\n\r\n public get redirectUri() {\r\n return this._redirectUri;\r\n }\r\n\r\n public getMatchingEnterpriseClientId(url: string) {\r\n let clientId: string | undefined;\r\n const clientIds = this.arcGisEnterpriseClientIds;\r\n if (!clientIds) {\r\n return undefined;\r\n }\r\n for (const entry of clientIds) {\r\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\r\n clientId = entry.clientId;\r\n }\r\n }\r\n return clientId;\r\n }\r\n\r\n public get expiration() {\r\n return this._expiration;\r\n }\r\n\r\n public get arcGisOnlineClientId() {\r\n return this._clientIds?.arcgisOnlineClientId;\r\n }\r\n\r\n public set arcGisOnlineClientId(clientId: string | undefined) {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = { arcgisOnlineClientId: clientId };\r\n }\r\n this._clientIds.arcgisOnlineClientId = clientId;\r\n }\r\n\r\n public get arcGisEnterpriseClientIds() {\r\n return this._clientIds?.enterpriseClientIds;\r\n }\r\n\r\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\r\n if (foundIdx !== -1) {\r\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\r\n } else {\r\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\r\n }\r\n } else {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = {};\r\n }\r\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\r\n }\r\n }\r\n\r\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\r\n }\r\n\r\n }\r\n\r\n /// //////////\r\n /** @internal */\r\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\r\n try {\r\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n if (oauthEndpoint !== undefined) {\r\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\r\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\r\n }\r\n } catch { }\r\n return undefined;\r\n }\r\n\r\n /**\r\n * Test if Oauth2 endpoint is accessible and has an associated appId\r\n * @internal\r\n */\r\n private async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean> {\r\n\r\n // Check if we got a matching appId for that endpoint, otherwise its not worth going further\r\n if (undefined === this.getMatchingEnterpriseClientId(endpointUrl)) {\r\n return false;\r\n }\r\n\r\n let status: number | undefined;\r\n try {\r\n const data = await fetch(endpointUrl, { method: \"GET\" });\r\n status = data.status;\r\n } catch (error: any) {\r\n status = error.status;\r\n }\r\n return status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\r\n }\r\n\r\n // Derive the Oauth URL from a typical MapLayerURL\r\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\r\n // => https://hostname/portal/sharing/oauth2/authorize\r\n private _oauthAuthorizeEndPointsCache = new Map<string, any>();\r\n private _oauthTokenEndPointsCache = new Map<string, any>();\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private async getOAuth2Endpoint(url: string, endpoint: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\r\n\r\n // Return from cache if available\r\n const cachedEndpoint = (endpoint === ArcGisOAuth2EndpointType.Authorize ? this._oauthAuthorizeEndPointsCache.get(url) : this._oauthTokenEndPointsCache.get(url));\r\n if (cachedEndpoint !== undefined) {\r\n return cachedEndpoint;\r\n }\r\n\r\n const cacheResult = (obj: ArcGisOAuth2Endpoint) => {\r\n if (endpoint === ArcGisOAuth2EndpointType.Authorize) {\r\n this._oauthAuthorizeEndPointsCache.set(url, obj);\r\n } else {\r\n this._oauthTokenEndPointsCache.set(url, obj);\r\n }\r\n };\r\n\r\n const endpointStr = (endpoint === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\r\n const urlObj = new URL(url);\r\n if (urlObj.hostname.toLowerCase().endsWith(\"arcgis.com\")) {\r\n // ArcGIS Online (fixed)\r\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\r\n\r\n if (this.arcGisOnlineClientId === undefined) {\r\n return undefined;\r\n }\r\n\r\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\r\n return new ArcGisOAuth2Endpoint(url, this.constructLoginUrl(oauth2Url, true), true);\r\n } else {\r\n\r\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\r\n let restUrlFromTokenService: URL | undefined;\r\n try {\r\n restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\r\n } catch { }\r\n\r\n if (restUrlFromTokenService !== undefined) {\r\n // Validate the URL we just composed\r\n try {\r\n const oauth2Url = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\r\n if (await this.validateOAuth2Endpoint(oauth2Url)) {\r\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, false), false);\r\n cacheResult(oauthEndpoint);\r\n return oauthEndpoint;\r\n }\r\n } catch { }\r\n }\r\n\r\n // If reach this point, that means we could not derive the token endpoint from 'tokenServicesUrl'\r\n // lets use another approach.\r\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\r\n const regExMatch = url.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\r\n if (regExMatch !== null && regExMatch.length >= 2) {\r\n const subdirectory = regExMatch[1];\r\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\r\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\r\n\r\n // Check again the URL we just composed\r\n try {\r\n const newUrl = newUrlObj.toString();\r\n if (await this.validateOAuth2Endpoint(newUrl)) {\r\n const oauthEndpoint = new ArcGisOAuth2Endpoint(newUrl, this.constructLoginUrl(newUrl, false), false);\r\n cacheResult(oauthEndpoint);\r\n return oauthEndpoint;\r\n }\r\n } catch { }\r\n }\r\n\r\n }\r\n return undefined; // we could not find any valid oauth2 endpoint\r\n }\r\n\r\n /**\r\n * Construct the complete Authorize url to starts the Oauth process\r\n * @internal\r\n */\r\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\r\n const urlObj = new URL(url);\r\n\r\n // Set the client id\r\n if (isArcgisOnline) {\r\n const clientId = this.arcGisOnlineClientId;\r\n assert(clientId !== undefined);\r\n if (clientId !== undefined) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n\r\n } else {\r\n const clientId = this.getMatchingEnterpriseClientId(url);\r\n assert(clientId !== undefined);\r\n if (undefined !== clientId) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n }\r\n\r\n urlObj.searchParams.set(\"response_type\", \"token\");\r\n if (this.expiration !== undefined) {\r\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\r\n }\r\n\r\n if (this.redirectUri)\r\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\r\n\r\n return urlObj.toString();\r\n }\r\n\r\n}\r\n"]}
|
|
1
|
+
{"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F;;GAEG;AAEH,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAEtD,OAAO,EAAqB,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAClF,OAAO,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,wBAAwB,CAAC;AACxF,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAuCxC,YAAY;AACZ,MAAM,OAAO,kBAAkB;IAM7B;QALgB,sBAAiB,GAAG,IAAI,OAAO,EAAE,CAAC;QAiNlD,kDAAkD;QAClD,8EAA8E;QAC9E,4DAA4D;QACpD,kCAA6B,GAAG,IAAI,GAAG,EAAe,CAAC;QACvD,8BAAyB,GAAG,IAAI,GAAG,EAAe,CAAC;IA/M3D,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE;YACf,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;SAClC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,MAAc,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;;YACrE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE;gBACxD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,mCAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,mCAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,mCAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,MAAA,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,mCAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE;oBAC9H,IAAI,cAAc,CAAC;oBACnB,IAAI;wBACF,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,cAAc,CAAC;qBAExC;oBAAC,MAAM;qBACP;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE;wBAChC,kBAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;qBACrB;iBAEF;aACF;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,MAAc,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACnD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAC/F,IAAI;YACF,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;YAErB,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE;gBACtC,OAAO,MAAM,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,qBAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;aACtJ;SACF;QAAC,MAAM;SAEP;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,aAA+C,CAAC;QAEpD,IAAI;YACF,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;YAC9F,IAAI,aAAa,EAAE;aAElB;SACF;QAAC,MAAM,GAAG;QAEX,OAAO,aAAa,CAAC;IACvB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,kBAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE;YACV,KAAK,GAAG,kBAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;SACzD;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE;YACd,OAAO,SAAS,CAAC;SAClB;QAED,IAAI,QAA4B,CAAC;QACjC,IAAI,eAAmC,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE;YAC7B,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE;gBAC/B,eAAe,GAAG,KAAK,CAAC,QAAQ,CAAC;aAClC;iBAAM;gBACL,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE;oBACtD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;iBAC3B;aACF;SACF;QAED,2EAA2E;QAC3E,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE;YAC3D,QAAQ,GAAG,eAAe,CAAC;SAC5B;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;;QAC7B,OAAO,MAAA,IAAI,CAAC,UAAU,0CAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE;YACjC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;SACtD;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;;QAClC,OAAO,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;;QAEnE,IAAI,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,EAAE;YACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE;gBACnB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;aACnE;iBAAM;gBACL,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;aACxE;SACF;aAAM;YACL,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE;gBACjC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;aACtB;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;SACtE;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;;QAEhE,IAAI,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,EAAE;YACxC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,MAAA,MAAA,IAAI,CAAC,UAAU,0CAAE,mBAAmB,0CAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;SAC/I;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI;YACF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE;gBAC/B,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,kBAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;aACnE;SACF;QAAC,MAAM,GAAG;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;MAIE;IACM,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAEtD,4FAA4F;QAC5F,IAAI,SAAS,KAAK,IAAI,CAAC,6BAA6B,CAAC,WAAW,CAAC,EAAE;YACjE,OAAO,KAAK,CAAC;SACd;QAED,IAAI,MAA0B,CAAC;QAC/B,IAAI;YACF,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACzD,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;SACtB;QAAC,OAAO,KAAU,EAAE;YACnB,6DAA6D;YAC7D,gFAAgF;YAChF,OAAO,SAAS,CAAC;SAClB;QACD,OAAO,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IACrG,CAAC;IAQD;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,GAAW,EAAE,QAAkC;QAE7E,iCAAiC;QACjC,MAAM,cAAc,GAAG,CAAC,QAAQ,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,yBAAyB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QACjK,IAAI,cAAc,KAAK,SAAS,EAAE;YAChC,OAAO,cAAc,CAAC;SACvB;QAED,MAAM,WAAW,GAAG,CAAC,GAAyB,EAAE,EAAE;YAChD,IAAI,QAAQ,KAAK,wBAAwB,CAAC,SAAS,EAAE;gBACnD,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;aAClD;iBAAM;gBACL,IAAI,CAAC,yBAAyB,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;aAC9C;QACH,CAAC,CAAC;QAEF,MAAM,WAAW,GAAG,CAAC,QAAQ,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAC9F,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,IAAI,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE;YACxD,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE;gBAC3C,OAAO,SAAS,CAAC;aAClB;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,oBAAoB,CAAC,GAAG,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;SACrF;aAAM;YAEL,wGAAwG;YACxG,IAAI,uBAAwC,CAAC;YAC7C,IAAI;gBACF,uBAAuB,GAAG,MAAM,SAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;aAClF;YAAC,MAAM,GAAG;YAEX,IAAI,uBAAuB,KAAK,SAAS,EAAE;gBACzC,oCAAoC;gBACpC,IAAI;oBACF,MAAM,SAAS,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBAC/E,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,CAAC;oBAC3D,qGAAqG;oBACrG,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,EAAE;wBAChC,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;wBAC3G,WAAW,CAAC,aAAa,CAAC,CAAC;wBAC3B,OAAO,aAAa,CAAC;qBACtB;iBACF;gBAAC,MAAM,GAAG;aACZ;YAED,2HAA2H;YAC3H,8FAA8F;YAC9F,MAAM,UAAU,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;YAC/E,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE;gBACjD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;gBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;gBAE9H,uCAAuC;gBACvC,IAAI;oBACF,MAAM,MAAM,GAAG,SAAS,CAAC,QAAQ,EAAE,CAAC;oBACpC,IAAI,MAAM,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,EAAE;wBAC7C,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,MAAM,EAAE,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;wBACrG,WAAW,CAAC,aAAa,CAAC,CAAC;wBAC3B,OAAO,aAAa,CAAC;qBACtB;iBACF;gBAAC,MAAM,GAAG;aACZ;SAEF;QACD,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE;YAClB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE;gBAC1B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;aAChD;SAEF;aAAM;YACL,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE;gBAC1B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;aAChD;SACF;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE;YACjC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;SAC7D;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\r\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\r\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator\";\r\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint\";\r\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager\";\r\nimport { ArcGisUrl } from \"./ArcGisUrl\";\r\n\r\n/** @beta */\r\nexport interface ArcGisEnterpriseClientId {\r\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\r\n used to identify uniquely each enterprise server. */\r\n serviceBaseUrl: string;\r\n\r\n /* Application's clientId for this enterprise server.*/\r\n clientId: string;\r\n}\r\n\r\n/** @beta */\r\nexport interface ArcGisOAuthClientIds {\r\n /* Application's OAuth clientId in ArcGIS online */\r\n arcgisOnlineClientId?: string;\r\n\r\n /* Application's OAuth clientId for each enterprise server used. */\r\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\r\n}\r\n\r\n/** @beta\r\n * ArcGIS OAuth configurations parameters.\r\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\r\n * more details.\r\n*/\r\nexport interface ArcGisOAuthConfig {\r\n /* URL to which a user is sent once they complete sign in authorization.\r\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\r\n */\r\n redirectUri: string;\r\n\r\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\r\n tokenExpiration?: number;\r\n\r\n /* Application client Ids */\r\n clientIds: ArcGisOAuthClientIds;\r\n}\r\n\r\n/** @beta */\r\nexport class ArcGisAccessClient implements MapLayerAccessClient {\r\n public readonly onOAuthProcessEnd = new BeEvent();\r\n private _redirectUri: string | undefined;\r\n private _expiration: number | undefined;\r\n private _clientIds: ArcGisOAuthClientIds | undefined;\r\n\r\n public constructor() {\r\n }\r\n\r\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\r\n if (oAuthConfig) {\r\n this._redirectUri = oAuthConfig.redirectUri;\r\n this._expiration = oAuthConfig.tokenExpiration;\r\n this._clientIds = oAuthConfig.clientIds;\r\n\r\n this.initOauthCallbackFunction();\r\n }\r\n return true;\r\n }\r\n\r\n private initOauthCallbackFunction() {\r\n (window as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\r\n let eventSuccess = false;\r\n let stateData;\r\n\r\n if (redirectLocation && redirectLocation.hash.length > 0) {\r\n const locationHash = redirectLocation.hash;\r\n const hashParams = new URLSearchParams(locationHash.substring(1));\r\n const token = hashParams.get(\"access_token\") ?? undefined;\r\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\r\n const userName = hashParams.get(\"username\") ?? undefined;\r\n const ssl = hashParams.get(\"ssl\") === \"true\";\r\n const stateStr = hashParams.get(\"state\") ?? undefined;\r\n const persist = hashParams.get(\"persist\") === \"true\";\r\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\r\n let endpointOrigin;\r\n try {\r\n const state = JSON.parse(stateStr);\r\n stateData = state?.customData;\r\n endpointOrigin = state?.endpointOrigin;\r\n\r\n } catch {\r\n }\r\n const expiresIn = Number(expiresInStr);\r\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\r\n if (endpointOrigin !== undefined) {\r\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\r\n eventSuccess = true;\r\n }\r\n\r\n }\r\n }\r\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\r\n };\r\n }\r\n\r\n public unInitialize() {\r\n this._redirectUri = undefined;\r\n this._expiration = undefined;\r\n (window as any).arcGisOAuth2Callback = undefined;\r\n }\r\n\r\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\r\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\r\n try {\r\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\r\n if (oauth2Token)\r\n return oauth2Token;\r\n\r\n if (params.userName && params.password) {\r\n return await ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\r\n }\r\n } catch {\r\n\r\n }\r\n return undefined;\r\n }\r\n\r\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\r\n let tokenEndpoint: ArcGisOAuth2Endpoint | undefined;\r\n\r\n try {\r\n tokenEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n if (tokenEndpoint) {\r\n\r\n }\r\n } catch { }\r\n\r\n return tokenEndpoint;\r\n }\r\n\r\n public invalidateToken(token: MapLayerAccessToken): boolean {\r\n let found = ArcGisTokenManager.invalidateToken(token);\r\n if (!found) {\r\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\r\n }\r\n return found;\r\n }\r\n\r\n public get redirectUri() {\r\n return this._redirectUri;\r\n }\r\n\r\n public getMatchingEnterpriseClientId(url: string) {\r\n const clientIds = this.arcGisEnterpriseClientIds;\r\n if (!clientIds) {\r\n return undefined;\r\n }\r\n\r\n let clientId: string | undefined;\r\n let defaultClientId: string | undefined;\r\n for (const entry of clientIds) {\r\n if (entry.serviceBaseUrl === \"\") {\r\n defaultClientId = entry.clientId;\r\n } else {\r\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\r\n clientId = entry.clientId;\r\n }\r\n }\r\n }\r\n\r\n // If we could not find a match with serviceBaseUrl, and a default clientId\r\n // was specified (i.e empty url), then use default clientId\r\n if (clientId === undefined && defaultClientId !== undefined) {\r\n clientId = defaultClientId;\r\n }\r\n return clientId;\r\n }\r\n\r\n public get expiration() {\r\n return this._expiration;\r\n }\r\n\r\n public get arcGisOnlineClientId() {\r\n return this._clientIds?.arcgisOnlineClientId;\r\n }\r\n\r\n public set arcGisOnlineClientId(clientId: string | undefined) {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = { arcgisOnlineClientId: clientId };\r\n }\r\n this._clientIds.arcgisOnlineClientId = clientId;\r\n }\r\n\r\n public get arcGisEnterpriseClientIds() {\r\n return this._clientIds?.enterpriseClientIds;\r\n }\r\n\r\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\r\n if (foundIdx !== -1) {\r\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\r\n } else {\r\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\r\n }\r\n } else {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = {};\r\n }\r\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\r\n }\r\n }\r\n\r\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\r\n }\r\n\r\n }\r\n\r\n /// //////////\r\n /** @internal */\r\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\r\n try {\r\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n if (oauthEndpoint !== undefined) {\r\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\r\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\r\n }\r\n } catch { }\r\n return undefined;\r\n }\r\n\r\n /**\r\n * Test if Oauth2 endpoint is accessible and has an associated appId\r\n * @return true/false if validation succeeded, undefined if validation could not be performed (i.e CORS/network error)\r\n * @internal\r\n */\r\n private async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean | undefined> {\r\n\r\n // Check if we got a matching appId for that endpoint, otherwise its not worth going further\r\n if (undefined === this.getMatchingEnterpriseClientId(endpointUrl)) {\r\n return false;\r\n }\r\n\r\n let status: number | undefined;\r\n try {\r\n const data = await fetch(endpointUrl, { method: \"GET\" });\r\n status = data.status;\r\n } catch (error: any) {\r\n // fetch() throws when there is a CORS error, so in that case\r\n // we cannot confirm if the oauth2 endpoint is valid or not, we return undefined\r\n return undefined;\r\n }\r\n return status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\r\n }\r\n\r\n // Derive the Oauth URL from a typical MapLayerURL\r\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\r\n // => https://hostname/portal/sharing/oauth2/authorize\r\n private _oauthAuthorizeEndPointsCache = new Map<string, any>();\r\n private _oauthTokenEndPointsCache = new Map<string, any>();\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private async getOAuth2Endpoint(url: string, endpoint: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\r\n\r\n // Return from cache if available\r\n const cachedEndpoint = (endpoint === ArcGisOAuth2EndpointType.Authorize ? this._oauthAuthorizeEndPointsCache.get(url) : this._oauthTokenEndPointsCache.get(url));\r\n if (cachedEndpoint !== undefined) {\r\n return cachedEndpoint;\r\n }\r\n\r\n const cacheResult = (obj: ArcGisOAuth2Endpoint) => {\r\n if (endpoint === ArcGisOAuth2EndpointType.Authorize) {\r\n this._oauthAuthorizeEndPointsCache.set(url, obj);\r\n } else {\r\n this._oauthTokenEndPointsCache.set(url, obj);\r\n }\r\n };\r\n\r\n const endpointStr = (endpoint === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\r\n const urlObj = new URL(url);\r\n if (urlObj.hostname.toLowerCase().endsWith(\"arcgis.com\")) {\r\n // ArcGIS Online (fixed)\r\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\r\n\r\n if (this.arcGisOnlineClientId === undefined) {\r\n return undefined;\r\n }\r\n\r\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\r\n return new ArcGisOAuth2Endpoint(url, this.constructLoginUrl(oauth2Url, true), true);\r\n } else {\r\n\r\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\r\n let restUrlFromTokenService: URL | undefined;\r\n try {\r\n restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\r\n } catch { }\r\n\r\n if (restUrlFromTokenService !== undefined) {\r\n // Validate the URL we just composed\r\n try {\r\n const oauth2Url = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\r\n const valid = await this.validateOAuth2Endpoint(oauth2Url);\r\n // We assume undefined means CORS error, that shouldn't prevent popup from displaying the login page.\r\n if (valid === undefined || valid) {\r\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, false), false);\r\n cacheResult(oauthEndpoint);\r\n return oauthEndpoint;\r\n }\r\n } catch { }\r\n }\r\n\r\n // If reach this point, that means we could not derive the token endpoint from 'tokenServicesUrl', lets try something else.\r\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\r\n const regExMatch = url.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\r\n if (regExMatch !== null && regExMatch.length >= 2) {\r\n const subdirectory = regExMatch[1];\r\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\r\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\r\n\r\n // Check again the URL we just composed\r\n try {\r\n const newUrl = newUrlObj.toString();\r\n if (await this.validateOAuth2Endpoint(newUrl)) {\r\n const oauthEndpoint = new ArcGisOAuth2Endpoint(newUrl, this.constructLoginUrl(newUrl, false), false);\r\n cacheResult(oauthEndpoint);\r\n return oauthEndpoint;\r\n }\r\n } catch { }\r\n }\r\n\r\n }\r\n return undefined; // we could not find any valid oauth2 endpoint\r\n }\r\n\r\n /**\r\n * Construct the complete Authorize url to starts the Oauth process\r\n * @internal\r\n */\r\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\r\n const urlObj = new URL(url);\r\n\r\n // Set the client id\r\n if (isArcgisOnline) {\r\n const clientId = this.arcGisOnlineClientId;\r\n assert(clientId !== undefined);\r\n if (clientId !== undefined) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n\r\n } else {\r\n const clientId = this.getMatchingEnterpriseClientId(url);\r\n assert(clientId !== undefined);\r\n if (undefined !== clientId) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n }\r\n\r\n urlObj.searchParams.set(\"response_type\", \"token\");\r\n if (this.expiration !== undefined) {\r\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\r\n }\r\n\r\n if (this.redirectUri)\r\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\r\n\r\n return urlObj.toString();\r\n }\r\n\r\n}\r\n"]}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@itwin/map-layers-auth",
|
|
3
|
-
"version": "3.5.0-dev.
|
|
3
|
+
"version": "3.5.0-dev.27",
|
|
4
4
|
"description": "Extension that adds a Map Layers Widget",
|
|
5
5
|
"main": "lib/cjs/map-layers-auth.js",
|
|
6
6
|
"module": "lib/esm/map-layers-auth.js",
|
|
@@ -21,11 +21,11 @@
|
|
|
21
21
|
"url": "http://www.bentley.com"
|
|
22
22
|
},
|
|
23
23
|
"devDependencies": {
|
|
24
|
-
"@itwin/build-tools": "3.5.0-dev.
|
|
25
|
-
"@itwin/core-bentley": "3.5.0-dev.
|
|
26
|
-
"@itwin/core-common": "3.5.0-dev.
|
|
27
|
-
"@itwin/core-frontend": "3.5.0-dev.
|
|
28
|
-
"@itwin/eslint-plugin": "3.5.0-dev.
|
|
24
|
+
"@itwin/build-tools": "3.5.0-dev.27",
|
|
25
|
+
"@itwin/core-bentley": "3.5.0-dev.27",
|
|
26
|
+
"@itwin/core-common": "3.5.0-dev.27",
|
|
27
|
+
"@itwin/core-frontend": "3.5.0-dev.27",
|
|
28
|
+
"@itwin/eslint-plugin": "3.5.0-dev.27",
|
|
29
29
|
"@types/chai": "4.3.1",
|
|
30
30
|
"@types/mocha": "^8.2.2",
|
|
31
31
|
"@types/sinon": "^9.0.0",
|
|
@@ -43,7 +43,7 @@
|
|
|
43
43
|
"typescript": "~4.4.0"
|
|
44
44
|
},
|
|
45
45
|
"peerDependencies": {
|
|
46
|
-
"@itwin/core-bentley": "3.5.0-dev.
|
|
46
|
+
"@itwin/core-bentley": "3.5.0-dev.27"
|
|
47
47
|
},
|
|
48
48
|
"nyc": {
|
|
49
49
|
"extends": "./node_modules/@itwin/build-tools/.nycrc",
|