npm - @itwin/map-layers-auth - Versions diffs - 3.5.0-dev.4 → 3.5.0-dev.5 - Mend

@itwin/map-layers-auth 3.5.0-dev.4 → 3.5.0-dev.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (37) hide show

package/lib/cjs/ArcGis/ArcGisAccessClient.d.ts +66 -66
package/lib/cjs/ArcGis/ArcGisAccessClient.js +294 -294
package/lib/cjs/ArcGis/ArcGisAccessClient.js.map +1 -1
package/lib/cjs/ArcGis/ArcGisOAuth2Endpoint.d.ts +22 -22
package/lib/cjs/ArcGis/ArcGisOAuth2Endpoint.js +46 -46
package/lib/cjs/ArcGis/ArcGisOAuth2Endpoint.js.map +1 -1
package/lib/cjs/ArcGis/ArcGisTokenGenerator.d.ts +41 -41
package/lib/cjs/ArcGis/ArcGisTokenGenerator.js +110 -110
package/lib/cjs/ArcGis/ArcGisTokenGenerator.js.map +1 -1
package/lib/cjs/ArcGis/ArcGisTokenManager.d.ts +20 -20
package/lib/cjs/ArcGis/ArcGisTokenManager.js +109 -109
package/lib/cjs/ArcGis/ArcGisTokenManager.js.map +1 -1
package/lib/cjs/ArcGis/ArcGisUrl.d.ts +6 -6
package/lib/cjs/ArcGis/ArcGisUrl.js +49 -49
package/lib/cjs/ArcGis/ArcGisUrl.js.map +1 -1
package/lib/cjs/map-layers-auth.d.ts +5 -5
package/lib/cjs/map-layers-auth.js +21 -21
package/lib/cjs/map-layers-auth.js.map +1 -1
package/lib/esm/ArcGis/ArcGisAccessClient.d.ts +66 -66
package/lib/esm/ArcGis/ArcGisAccessClient.js +290 -290
package/lib/esm/ArcGis/ArcGisAccessClient.js.map +1 -1
package/lib/esm/ArcGis/ArcGisOAuth2Endpoint.d.ts +22 -22
package/lib/esm/ArcGis/ArcGisOAuth2Endpoint.js +42 -42
package/lib/esm/ArcGis/ArcGisOAuth2Endpoint.js.map +1 -1
package/lib/esm/ArcGis/ArcGisTokenGenerator.d.ts +41 -41
package/lib/esm/ArcGis/ArcGisTokenGenerator.js +106 -106
package/lib/esm/ArcGis/ArcGisTokenGenerator.js.map +1 -1
package/lib/esm/ArcGis/ArcGisTokenManager.d.ts +20 -20
package/lib/esm/ArcGis/ArcGisTokenManager.js +105 -105
package/lib/esm/ArcGis/ArcGisTokenManager.js.map +1 -1
package/lib/esm/ArcGis/ArcGisUrl.d.ts +6 -6
package/lib/esm/ArcGis/ArcGisUrl.js +45 -45
package/lib/esm/ArcGis/ArcGisUrl.js.map +1 -1
package/lib/esm/map-layers-auth.d.ts +5 -5
package/lib/esm/map-layers-auth.js +9 -9
package/lib/esm/map-layers-auth.js.map +1 -1
package/package.json +7 -7

package/lib/cjs/ArcGis/ArcGisAccessClient.js CHANGED Viewed

@@ -1,295 +1,295 @@
-"use strict";
-/*---------------------------------------------------------------------------------------------
-* Copyright (c) Bentley Systems, Incorporated. All rights reserved.
-* See LICENSE.md in the project root for license terms and full copyright notice.
-*--------------------------------------------------------------------------------------------*/
-/** @packageDocumentation
- * @module Tiles
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.ArcGisAccessClient = void 0;
-const core_bentley_1 = require("@itwin/core-bentley");
-const ArcGisTokenGenerator_1 = require("./ArcGisTokenGenerator");
-const ArcGisOAuth2Endpoint_1 = require("./ArcGisOAuth2Endpoint");
-const ArcGisTokenManager_1 = require("./ArcGisTokenManager");
-const ArcGisUrl_1 = require("./ArcGisUrl");
-/** @beta */
-class ArcGisAccessClient {
-    constructor() {
-        this.onOAuthProcessEnd = new core_bentley_1.BeEvent();
-        // Derive the Oauth URL from a typical MapLayerURL
-        // i.e. 	  https://hostname/server/rest/services/NewYork/NewYork3857/MapServer
-        //      =>  https://hostname/portal/sharing/oauth2/authorize
-        this._oauthAuthorizeEndPointsCache = new Map();
-        this._oauthTokenEndPointsCache = new Map();
-    }
-    initialize(oAuthConfig) {
-        if (oAuthConfig) {
-            this._redirectUri = oAuthConfig.redirectUri;
-            this._expiration = oAuthConfig.tokenExpiration;
-            this._clientIds = oAuthConfig.clientIds;
-            this.initOauthCallbackFunction();
-        }
-        return true;
-    }
-    initOauthCallbackFunction() {
-        window.arcGisOAuth2Callback = (redirectLocation) => {
-            var _a, _b, _c, _d;
-            let eventSuccess = false;
-            let stateData;
-            if (redirectLocation && redirectLocation.hash.length > 0) {
-                const locationHash = redirectLocation.hash;
-                const hashParams = new URLSearchParams(locationHash.substring(1));
-                const token = (_a = hashParams.get("access_token")) !== null && _a !== void 0 ? _a : undefined;
-                const expiresInStr = (_b = hashParams.get("expires_in")) !== null && _b !== void 0 ? _b : undefined;
-                const userName = (_c = hashParams.get("username")) !== null && _c !== void 0 ? _c : undefined;
-                const ssl = hashParams.get("ssl") === "true";
-                const stateStr = (_d = hashParams.get("state")) !== null && _d !== void 0 ? _d : undefined;
-                const persist = hashParams.get("persist") === "true";
-                if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {
-                    let endpointOrigin;
-                    try {
-                        const state = JSON.parse(stateStr);
-                        stateData = state === null || state === void 0 ? void 0 : state.customData;
-                        endpointOrigin = state === null || state === void 0 ? void 0 : state.endpointOrigin;
-                    }
-                    catch {
-                    }
-                    const expiresIn = Number(expiresInStr);
-                    const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)
-                    if (endpointOrigin !== undefined) {
-                        ArcGisTokenManager_1.ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });
-                        eventSuccess = true;
-                    }
-                }
-            }
-            this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);
-        };
-    }
-    unInitialize() {
-        this._redirectUri = undefined;
-        this._expiration = undefined;
-        window.arcGisOAuth2Callback = undefined;
-    }
-    async getAccessToken(params) {
-        // First lookup Oauth2 tokens, otherwise check try "legacy tokens" if credentials were provided
-        try {
-            const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());
-            if (oauth2Token)
-                return oauth2Token;
-            if (params.userName && params.password) {
-                return await ArcGisTokenManager_1.ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenGenerator_1.ArcGisTokenClientType.referer });
-            }
-        }
-        catch {
-        }
-        return undefined;
-    }
-    async getTokenServiceEndPoint(mapLayerUrl) {
-        let tokenEndpoint;
-        try {
-            tokenEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2Endpoint_1.ArcGisOAuth2EndpointType.Authorize);
-            if (tokenEndpoint) {
-            }
-        }
-        catch { }
-        return tokenEndpoint;
-    }
-    invalidateToken(token) {
-        let found = ArcGisTokenManager_1.ArcGisTokenManager.invalidateToken(token);
-        if (!found) {
-            found = ArcGisTokenManager_1.ArcGisTokenManager.invalidateOAuth2Token(token);
-        }
-        return found;
-    }
-    get redirectUri() {
-        return this._redirectUri;
-    }
-    getMatchingEnterpriseClientId(url) {
-        let clientId;
-        const clientIds = this.arcGisEnterpriseClientIds;
-        if (!clientIds) {
-            return undefined;
-        }
-        for (const entry of clientIds) {
-            if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {
-                clientId = entry.clientId;
-            }
-        }
-        return clientId;
-    }
-    get expiration() {
-        return this._expiration;
-    }
-    get arcGisOnlineClientId() {
-        var _a;
-        return (_a = this._clientIds) === null || _a === void 0 ? void 0 : _a.arcgisOnlineClientId;
-    }
-    set arcGisOnlineClientId(clientId) {
-        if (this._clientIds === undefined) {
-            this._clientIds = { arcgisOnlineClientId: clientId };
-        }
-        this._clientIds.arcgisOnlineClientId = clientId;
-    }
-    get arcGisEnterpriseClientIds() {
-        var _a;
-        return (_a = this._clientIds) === null || _a === void 0 ? void 0 : _a.enterpriseClientIds;
-    }
-    setEnterpriseClientId(serviceBaseUrl, clientId) {
-        var _a;
-        if ((_a = this._clientIds) === null || _a === void 0 ? void 0 : _a.enterpriseClientIds) {
-            const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);
-            if (foundIdx !== -1) {
-                this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;
-            }
-            else {
-                this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });
-            }
-        }
-        else {
-            if (this._clientIds === undefined) {
-                this._clientIds = {};
-            }
-            this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];
-        }
-    }
-    removeEnterpriseClientId(clientId) {
-        var _a, _b, _c;
-        if ((_a = this._clientIds) === null || _a === void 0 ? void 0 : _a.enterpriseClientIds) {
-            this._clientIds.enterpriseClientIds = (_c = (_b = this._clientIds) === null || _b === void 0 ? void 0 : _b.enterpriseClientIds) === null || _c === void 0 ? void 0 : _c.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);
-        }
-    }
-    /// //////////
-    /** @internal */
-    async getOAuthTokenForMapLayerUrl(mapLayerUrl) {
-        try {
-            const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2Endpoint_1.ArcGisOAuth2EndpointType.Authorize);
-            if (oauthEndpoint !== undefined) {
-                const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());
-                return ArcGisTokenManager_1.ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);
-            }
-        }
-        catch { }
-        return undefined;
-    }
-    /**
-    * Test if Oauth2 endpoint is accessible and has an associated appId
-    * @internal
-    */
-    async validateOAuth2Endpoint(endpointUrl) {
-        // Check if we got a matching appId for that endpoint, otherwise its not worth going further
-        if (undefined === this.getMatchingEnterpriseClientId(endpointUrl)) {
-            return false;
-        }
-        let status;
-        try {
-            const data = await fetch(endpointUrl, { method: "GET" });
-            status = data.status;
-        }
-        catch (error) {
-            status = error.status;
-        }
-        return status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters
-    }
-    /**
-   * Get OAuth2 endpoint that must be cause to get the Oauth2 token
-   * @internal
-   */
-    async getOAuth2Endpoint(url, endpoint) {
-        // Return from cache if available
-        const cachedEndpoint = (endpoint === ArcGisOAuth2Endpoint_1.ArcGisOAuth2EndpointType.Authorize ? this._oauthAuthorizeEndPointsCache.get(url) : this._oauthTokenEndPointsCache.get(url));
-        if (cachedEndpoint !== undefined) {
-            return cachedEndpoint;
-        }
-        const cacheResult = (obj) => {
-            if (endpoint === ArcGisOAuth2Endpoint_1.ArcGisOAuth2EndpointType.Authorize) {
-                this._oauthAuthorizeEndPointsCache.set(url, obj);
-            }
-            else {
-                this._oauthTokenEndPointsCache.set(url, obj);
-            }
-        };
-        const endpointStr = (endpoint === ArcGisOAuth2Endpoint_1.ArcGisOAuth2EndpointType.Authorize ? "authorize" : "token");
-        const urlObj = new URL(url);
-        if (urlObj.hostname.toLowerCase().endsWith("arcgis.com")) {
-            // ArcGIS Online (fixed)
-            // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/
-            if (this.arcGisOnlineClientId === undefined) {
-                return undefined;
-            }
-            const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;
-            return new ArcGisOAuth2Endpoint_1.ArcGisOAuth2Endpoint(url, this.constructLoginUrl(oauth2Url, true), true);
-        }
-        else {
-            // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'
-            let restUrlFromTokenService;
-            try {
-                restUrlFromTokenService = await ArcGisUrl_1.ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);
-            }
-            catch { }
-            if (restUrlFromTokenService !== undefined) {
-                // Validate the URL we just composed
-                try {
-                    const oauth2Url = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;
-                    if (await this.validateOAuth2Endpoint(oauth2Url)) {
-                        const oauthEndpoint = new ArcGisOAuth2Endpoint_1.ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, false), false);
-                        cacheResult(oauthEndpoint);
-                        return oauthEndpoint;
-                    }
-                }
-                catch { }
-            }
-            // If reach this point, that means we could not derive the token endpoint from 'tokenServicesUrl'
-            // lets use another approach.
-            // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize
-            const regExMatch = url.match(new RegExp(/([^&\/]+)\/rest\/services\/.*/, "i"));
-            if (regExMatch !== null && regExMatch.length >= 2) {
-                const subdirectory = regExMatch[1];
-                const port = (urlObj.port !== "80" && urlObj.port !== "443") ? `:${urlObj.port}` : "";
-                const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);
-                // Check again the URL we just composed
-                try {
-                    const newUrl = newUrlObj.toString();
-                    if (await this.validateOAuth2Endpoint(newUrl)) {
-                        const oauthEndpoint = new ArcGisOAuth2Endpoint_1.ArcGisOAuth2Endpoint(newUrl, this.constructLoginUrl(newUrl, false), false);
-                        cacheResult(oauthEndpoint);
-                        return oauthEndpoint;
-                    }
-                }
-                catch { }
-            }
-        }
-        return undefined; // we could not find any valid oauth2 endpoint
-    }
-    /**
-   * Construct the complete Authorize url to starts the Oauth process
-   * @internal
-   */
-    constructLoginUrl(url, isArcgisOnline) {
-        const urlObj = new URL(url);
-        // Set the client id
-        if (isArcgisOnline) {
-            const clientId = this.arcGisOnlineClientId;
-            (0, core_bentley_1.assert)(clientId !== undefined);
-            if (clientId !== undefined) {
-                urlObj.searchParams.set("client_id", clientId);
-            }
-        }
-        else {
-            const clientId = this.getMatchingEnterpriseClientId(url);
-            (0, core_bentley_1.assert)(clientId !== undefined);
-            if (undefined !== clientId) {
-                urlObj.searchParams.set("client_id", clientId);
-            }
-        }
-        urlObj.searchParams.set("response_type", "token");
-        if (this.expiration !== undefined) {
-            urlObj.searchParams.set("expiration", `${this.expiration}`);
-        }
-        if (this.redirectUri)
-            urlObj.searchParams.set("redirect_uri", this.redirectUri);
-        return urlObj.toString();
-    }
-}
-exports.ArcGisAccessClient = ArcGisAccessClient;
+"use strict";
+/*---------------------------------------------------------------------------------------------
+* Copyright (c) Bentley Systems, Incorporated. All rights reserved.
+* See LICENSE.md in the project root for license terms and full copyright notice.
+*--------------------------------------------------------------------------------------------*/
+/** @packageDocumentation
+ * @module Tiles
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ArcGisAccessClient = void 0;
+const core_bentley_1 = require("@itwin/core-bentley");
+const ArcGisTokenGenerator_1 = require("./ArcGisTokenGenerator");
+const ArcGisOAuth2Endpoint_1 = require("./ArcGisOAuth2Endpoint");
+const ArcGisTokenManager_1 = require("./ArcGisTokenManager");
+const ArcGisUrl_1 = require("./ArcGisUrl");
+/** @beta */
+class ArcGisAccessClient {
+    constructor() {
+        this.onOAuthProcessEnd = new core_bentley_1.BeEvent();
+        // Derive the Oauth URL from a typical MapLayerURL
+        // i.e. 	  https://hostname/server/rest/services/NewYork/NewYork3857/MapServer
+        //      =>  https://hostname/portal/sharing/oauth2/authorize
+        this._oauthAuthorizeEndPointsCache = new Map();
+        this._oauthTokenEndPointsCache = new Map();
+    }
+    initialize(oAuthConfig) {
+        if (oAuthConfig) {
+            this._redirectUri = oAuthConfig.redirectUri;
+            this._expiration = oAuthConfig.tokenExpiration;
+            this._clientIds = oAuthConfig.clientIds;
+            this.initOauthCallbackFunction();
+        }
+        return true;
+    }
+    initOauthCallbackFunction() {
+        window.arcGisOAuth2Callback = (redirectLocation) => {
+            var _a, _b, _c, _d;
+            let eventSuccess = false;
+            let stateData;
+            if (redirectLocation && redirectLocation.hash.length > 0) {
+                const locationHash = redirectLocation.hash;
+                const hashParams = new URLSearchParams(locationHash.substring(1));
+                const token = (_a = hashParams.get("access_token")) !== null && _a !== void 0 ? _a : undefined;
+                const expiresInStr = (_b = hashParams.get("expires_in")) !== null && _b !== void 0 ? _b : undefined;
+                const userName = (_c = hashParams.get("username")) !== null && _c !== void 0 ? _c : undefined;
+                const ssl = hashParams.get("ssl") === "true";
+                const stateStr = (_d = hashParams.get("state")) !== null && _d !== void 0 ? _d : undefined;
+                const persist = hashParams.get("persist") === "true";
+                if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {
+                    let endpointOrigin;
+                    try {
+                        const state = JSON.parse(stateStr);
+                        stateData = state === null || state === void 0 ? void 0 : state.customData;
+                        endpointOrigin = state === null || state === void 0 ? void 0 : state.endpointOrigin;
+                    }
+                    catch {
+                    }
+                    const expiresIn = Number(expiresInStr);
+                    const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)
+                    if (endpointOrigin !== undefined) {
+                        ArcGisTokenManager_1.ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });
+                        eventSuccess = true;
+                    }
+                }
+            }
+            this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);
+        };
+    }
+    unInitialize() {
+        this._redirectUri = undefined;
+        this._expiration = undefined;
+        window.arcGisOAuth2Callback = undefined;
+    }
+    async getAccessToken(params) {
+        // First lookup Oauth2 tokens, otherwise check try "legacy tokens" if credentials were provided
+        try {
+            const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());
+            if (oauth2Token)
+                return oauth2Token;
+            if (params.userName && params.password) {
+                return await ArcGisTokenManager_1.ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenGenerator_1.ArcGisTokenClientType.referer });
+            }
+        }
+        catch {
+        }
+        return undefined;
+    }
+    async getTokenServiceEndPoint(mapLayerUrl) {
+        let tokenEndpoint;
+        try {
+            tokenEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2Endpoint_1.ArcGisOAuth2EndpointType.Authorize);
+            if (tokenEndpoint) {
+            }
+        }
+        catch { }
+        return tokenEndpoint;
+    }
+    invalidateToken(token) {
+        let found = ArcGisTokenManager_1.ArcGisTokenManager.invalidateToken(token);
+        if (!found) {
+            found = ArcGisTokenManager_1.ArcGisTokenManager.invalidateOAuth2Token(token);
+        }
+        return found;
+    }
+    get redirectUri() {
+        return this._redirectUri;
+    }
+    getMatchingEnterpriseClientId(url) {
+        let clientId;
+        const clientIds = this.arcGisEnterpriseClientIds;
+        if (!clientIds) {
+            return undefined;
+        }
+        for (const entry of clientIds) {
+            if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {
+                clientId = entry.clientId;
+            }
+        }
+        return clientId;
+    }
+    get expiration() {
+        return this._expiration;
+    }
+    get arcGisOnlineClientId() {
+        var _a;
+        return (_a = this._clientIds) === null || _a === void 0 ? void 0 : _a.arcgisOnlineClientId;
+    }
+    set arcGisOnlineClientId(clientId) {
+        if (this._clientIds === undefined) {
+            this._clientIds = { arcgisOnlineClientId: clientId };
+        }
+        this._clientIds.arcgisOnlineClientId = clientId;
+    }
+    get arcGisEnterpriseClientIds() {
+        var _a;
+        return (_a = this._clientIds) === null || _a === void 0 ? void 0 : _a.enterpriseClientIds;
+    }
+    setEnterpriseClientId(serviceBaseUrl, clientId) {
+        var _a;
+        if ((_a = this._clientIds) === null || _a === void 0 ? void 0 : _a.enterpriseClientIds) {
+            const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);
+            if (foundIdx !== -1) {
+                this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;
+            }
+            else {
+                this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });
+            }
+        }
+        else {
+            if (this._clientIds === undefined) {
+                this._clientIds = {};
+            }
+            this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];
+        }
+    }
+    removeEnterpriseClientId(clientId) {
+        var _a, _b, _c;
+        if ((_a = this._clientIds) === null || _a === void 0 ? void 0 : _a.enterpriseClientIds) {
+            this._clientIds.enterpriseClientIds = (_c = (_b = this._clientIds) === null || _b === void 0 ? void 0 : _b.enterpriseClientIds) === null || _c === void 0 ? void 0 : _c.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);
+        }
+    }
+    /// //////////
+    /** @internal */
+    async getOAuthTokenForMapLayerUrl(mapLayerUrl) {
+        try {
+            const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2Endpoint_1.ArcGisOAuth2EndpointType.Authorize);
+            if (oauthEndpoint !== undefined) {
+                const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());
+                return ArcGisTokenManager_1.ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);
+            }
+        }
+        catch { }
+        return undefined;
+    }
+    /**
+    * Test if Oauth2 endpoint is accessible and has an associated appId
+    * @internal
+    */
+    async validateOAuth2Endpoint(endpointUrl) {
+        // Check if we got a matching appId for that endpoint, otherwise its not worth going further
+        if (undefined === this.getMatchingEnterpriseClientId(endpointUrl)) {
+            return false;
+        }
+        let status;
+        try {
+            const data = await fetch(endpointUrl, { method: "GET" });
+            status = data.status;
+        }
+        catch (error) {
+            status = error.status;
+        }
+        return status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters
+    }
+    /**
+   * Get OAuth2 endpoint that must be cause to get the Oauth2 token
+   * @internal
+   */
+    async getOAuth2Endpoint(url, endpoint) {
+        // Return from cache if available
+        const cachedEndpoint = (endpoint === ArcGisOAuth2Endpoint_1.ArcGisOAuth2EndpointType.Authorize ? this._oauthAuthorizeEndPointsCache.get(url) : this._oauthTokenEndPointsCache.get(url));
+        if (cachedEndpoint !== undefined) {
+            return cachedEndpoint;
+        }
+        const cacheResult = (obj) => {
+            if (endpoint === ArcGisOAuth2Endpoint_1.ArcGisOAuth2EndpointType.Authorize) {
+                this._oauthAuthorizeEndPointsCache.set(url, obj);
+            }
+            else {
+                this._oauthTokenEndPointsCache.set(url, obj);
+            }
+        };
+        const endpointStr = (endpoint === ArcGisOAuth2Endpoint_1.ArcGisOAuth2EndpointType.Authorize ? "authorize" : "token");
+        const urlObj = new URL(url);
+        if (urlObj.hostname.toLowerCase().endsWith("arcgis.com")) {
+            // ArcGIS Online (fixed)
+            // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/
+            if (this.arcGisOnlineClientId === undefined) {
+                return undefined;
+            }
+            const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;
+            return new ArcGisOAuth2Endpoint_1.ArcGisOAuth2Endpoint(url, this.constructLoginUrl(oauth2Url, true), true);
+        }
+        else {
+            // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'
+            let restUrlFromTokenService;
+            try {
+                restUrlFromTokenService = await ArcGisUrl_1.ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);
+            }
+            catch { }
+            if (restUrlFromTokenService !== undefined) {
+                // Validate the URL we just composed
+                try {
+                    const oauth2Url = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;
+                    if (await this.validateOAuth2Endpoint(oauth2Url)) {
+                        const oauthEndpoint = new ArcGisOAuth2Endpoint_1.ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, false), false);
+                        cacheResult(oauthEndpoint);
+                        return oauthEndpoint;
+                    }
+                }
+                catch { }
+            }
+            // If reach this point, that means we could not derive the token endpoint from 'tokenServicesUrl'
+            // lets use another approach.
+            // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize
+            const regExMatch = url.match(new RegExp(/([^&\/]+)\/rest\/services\/.*/, "i"));
+            if (regExMatch !== null && regExMatch.length >= 2) {
+                const subdirectory = regExMatch[1];
+                const port = (urlObj.port !== "80" && urlObj.port !== "443") ? `:${urlObj.port}` : "";
+                const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);
+                // Check again the URL we just composed
+                try {
+                    const newUrl = newUrlObj.toString();
+                    if (await this.validateOAuth2Endpoint(newUrl)) {
+                        const oauthEndpoint = new ArcGisOAuth2Endpoint_1.ArcGisOAuth2Endpoint(newUrl, this.constructLoginUrl(newUrl, false), false);
+                        cacheResult(oauthEndpoint);
+                        return oauthEndpoint;
+                    }
+                }
+                catch { }
+            }
+        }
+        return undefined; // we could not find any valid oauth2 endpoint
+    }
+    /**
+   * Construct the complete Authorize url to starts the Oauth process
+   * @internal
+   */
+    constructLoginUrl(url, isArcgisOnline) {
+        const urlObj = new URL(url);
+        // Set the client id
+        if (isArcgisOnline) {
+            const clientId = this.arcGisOnlineClientId;
+            (0, core_bentley_1.assert)(clientId !== undefined);
+            if (clientId !== undefined) {
+                urlObj.searchParams.set("client_id", clientId);
+            }
+        }
+        else {
+            const clientId = this.getMatchingEnterpriseClientId(url);
+            (0, core_bentley_1.assert)(clientId !== undefined);
+            if (undefined !== clientId) {
+                urlObj.searchParams.set("client_id", clientId);
+            }
+        }
+        urlObj.searchParams.set("response_type", "token");
+        if (this.expiration !== undefined) {
+            urlObj.searchParams.set("expiration", `${this.expiration}`);
+        }
+        if (this.redirectUri)
+            urlObj.searchParams.set("redirect_uri", this.redirectUri);
+        return urlObj.toString();
+    }
+}
+exports.ArcGisAccessClient = ArcGisAccessClient;
 //# sourceMappingURL=ArcGisAccessClient.js.map