@itwin/map-layers-auth 5.0.0-dev.79 → 5.0.0-dev.82

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/CHANGELOG.md +11 -1
  2. package/lib/cjs/ArcGis/ArcGisAccessClient.js +2 -2
  3. package/lib/cjs/ArcGis/ArcGisAccessClient.js.map +1 -1
  4. package/lib/esm/ArcGis/ArcGisAccessClient.js +2 -2
  5. package/lib/esm/ArcGis/ArcGisAccessClient.js.map +1 -1
  6. package/package.json +14 -17
package/CHANGELOG.md CHANGED
@@ -1,6 +1,16 @@
1
1
  # Change Log - @itwin/map-layers-auth
2
2
 
3
- This log was last generated on Thu, 06 Mar 2025 14:16:21 GMT and should not be manually modified.
3
+ This log was last generated on Tue, 11 Mar 2025 15:27:53 GMT and should not be manually modified.
4
+
5
+ ## 4.10.10
6
+ Tue, 11 Mar 2025 15:25:11 GMT
7
+
8
+ _Version update only_
9
+
10
+ ## 4.10.9
11
+ Tue, 11 Mar 2025 05:17:33 GMT
12
+
13
+ _Version update only_
4
14
 
5
15
  ## 4.10.8
6
16
  Thu, 06 Mar 2025 14:13:37 GMT
package/lib/cjs/ArcGis/ArcGisAccessClient.js CHANGED
@@ -33,7 +33,7 @@ class ArcGisAccessClient {
33
33
  return true;
34
34
  }
35
35
  initOauthCallbackFunction() {
36
- window.arcGisOAuth2Callback = (redirectLocation) => {
36
+ globalThis.arcGisOAuth2Callback = (redirectLocation) => {
37
37
  let eventSuccess = false;
38
38
  let stateData;
39
39
  if (redirectLocation && redirectLocation.hash.length > 0) {
@@ -68,7 +68,7 @@ class ArcGisAccessClient {
68
68
  unInitialize() {
69
69
  this._redirectUri = undefined;
70
70
  this._expiration = undefined;
71
- window.arcGisOAuth2Callback = undefined;
71
+ globalThis.arcGisOAuth2Callback = undefined;
72
72
  }
73
73
  async getAccessToken(params) {
74
74
  // First lookup Oauth2 tokens, otherwise check try "legacy tokens" if credentials were provided
package/lib/cjs/ArcGis/ArcGisAccessClient.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":";AAAA;;;+FAG+F;AAC/F;;GAEG;;;AAEH,sDAAsD;AAEtD,iEAAkF;AAClF,iEAAwF;AACxF,6DAA0D;AAC1D,2CAAwC;AA8CxC,YAAY;AACZ,MAAa,kBAAkB;IACb,iBAAiB,GAAG,IAAI,sBAAO,EAAE,CAAC;IAC1C,YAAY,CAAqB;IACjC,WAAW,CAAqB;IAChC,UAAU,CAAmC;IAErD,sDAAsD;IAC9C,iBAAiB,GAAG,KAAK,CAAC;IAElC;IACA,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,MAAc,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;YACrE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;oBAC/H,IAAI,cAAc,CAAC;oBACnB,IAAI,CAAC;wBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,EAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,EAAE,cAAc,CAAC;oBAEzC,CAAC;oBAAC,MAAM,CAAC;oBACT,CAAC;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;wBACjC,uCAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;oBACtB,CAAC;gBAEH,CAAC;YACH,CAAC;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,MAAc,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACnD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAE/F,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;QACvB,CAAC;QAED,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACvC,OAAO,uCAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,4CAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;QACjJ,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,gBAAgB;IACT,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAC5D,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IAC1G,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,+CAAwB,CAAC,SAAS,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,uCAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,uCAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,QAA4B,CAAC;QACjC,IAAI,eAAmC,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;YAC9B,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE,CAAC;gBAChC,eAAe,GAAG,KAAK,CAAC,QAAQ,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;oBACvD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YAC5D,QAAQ,GAAG,eAAe,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;QAC7B,OAAO,IAAI,CAAC,UAAU,EAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;QACvD,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;QAClC,OAAO,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;QAEnE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;gBACpB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACpE,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzE,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;gBAClC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;QAEhE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;QAChJ,CAAC;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,+CAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,uCAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,uEAAuE;IACvE,8EAA8E;IAC9E,4DAA4D;IAEpD,eAAe,GAAG,IAAI,GAAG,EAAoC,CAAC;IAEtE;;;KAGC;IACO,aAAa,CAAC,GAAgB,EAAE,YAAsC,EAAE,QAA8B;QAC5G,MAAM,KAAK,GAAG,YAAY,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,EAAC,iBAAiB,EAAE,QAAQ,EAAC,CAAC,CAAC,CAAC,EAAC,aAAa,EAAE,QAAQ,EAAC,CAAC;QAC9H,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACvC,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,cAAc,CAAC,WAAwB,EAAE,gBAAwB,EAAE,YAAsC;QACrH,oCAAoC;QACpC,MAAM,aAAa,GAAG,IAAI,2CAAoB,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;QACzH,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC;QAC7D,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;;MAGE;IACM,iBAAiB,CAAC,GAAQ;QAChC,MAAM,YAAY,GAAG;YACnB,YAAY;SACb,CAAC;QAEF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACxF,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,GAAW;QAC3C,IAAI,KAAwB,CAAC;QAC7B,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,kBAAkB,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1E,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;YAC5E,6GAA6G;YAC7G,qCAAqC;QACvC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,WAAmB,EAAE,YAAsC;QACzF,iCAAiC;QACjC,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;YACjC,OAAO,CAAC,YAAY,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrI,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,YAAY,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAElG,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QAEpC,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBAC5C,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,2CAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAC5F,CAAC;aAAM,CAAC;YAEN,wGAAwG;YACxG,IAAI,CAAC;gBACH,MAAM,uBAAuB,GAAG,MAAM,qBAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;gBAEvF,IAAI,uBAAuB,KAAK,SAAS,EAAE,CAAC;oBAC1C,kEAAkE;oBAClE,8FAA8F;oBAC9F,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;oBACvF,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;wBAClD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;wBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;wBAE9H,uCAAuC;wBACvC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;wBACxE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;4BAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,YAAY,CAAC,CAAC;4BAC5F,IAAI,QAAQ;gCACV,OAAO,QAAQ,CAAC;wBACpB,CAAC;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,gBAAgB,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBACtF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;oBACpE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;wBAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAC;wBACxF,IAAI,QAAQ;4BACV,OAAO,QAAQ,CAAC;oBACpB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;YACT,CAAC;QACH,CAAC;QAED,gEAAgE;QAChE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAE,oEAAoE;QAEhH,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QAEH,CAAC;aAAM,CAAC;YACN,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF;AArVD,gDAqVC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @packageDocumentation\n * @module Tiles\n */\n\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator\";\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint\";\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager\";\nimport { ArcGisUrl } from \"./ArcGisUrl\";\n\n/** @beta */\nexport interface ArcGisEnterpriseClientId {\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\n used to identify uniquely each enterprise server. */\n serviceBaseUrl: string;\n\n /* Application's clientId for this enterprise server.*/\n clientId: string;\n}\n\n/** @beta */\nexport interface ArcGisOAuthClientIds {\n /* Application's OAuth clientId in ArcGIS online */\n arcgisOnlineClientId?: string;\n\n /* Application's OAuth clientId for each enterprise server used. */\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\n}\n\n/** @beta\n * ArcGIS OAuth configurations parameters.\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\n * more details.\n*/\nexport interface ArcGisOAuthConfig {\n /* URL to which a user is sent once they complete sign in authorization.\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\n */\n redirectUri: string;\n\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\n tokenExpiration?: number;\n\n /* Application client Ids */\n clientIds: ArcGisOAuthClientIds;\n}\n\ninterface EndPointsCacheEntry {\n authorizeEndpoint?: ArcGisOAuth2Endpoint;\n tokenEndpoint?: ArcGisOAuth2Endpoint;\n}\n\ntype MapLayerUrl = string;\n\n/** @beta */\nexport class ArcGisAccessClient implements MapLayerAccessClient {\n public readonly onOAuthProcessEnd = new BeEvent();\n private _redirectUri: string | undefined;\n private _expiration: number | undefined;\n private _clientIds: ArcGisOAuthClientIds | undefined;\n\n // Should be kept to 'false'. Debugging purposes only.\n private _forceLegacyToken = false;\n\n public constructor() {\n }\n\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\n if (oAuthConfig) {\n this._redirectUri = oAuthConfig.redirectUri;\n this._expiration = oAuthConfig.tokenExpiration;\n this._clientIds = oAuthConfig.clientIds;\n\n this.initOauthCallbackFunction();\n }\n return true;\n }\n\n private initOauthCallbackFunction() {\n (window as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\n let eventSuccess = false;\n let stateData;\n\n if (redirectLocation && redirectLocation.hash.length > 0) {\n const locationHash = redirectLocation.hash;\n const hashParams = new URLSearchParams(locationHash.substring(1));\n const token = hashParams.get(\"access_token\") ?? undefined;\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\n const userName = hashParams.get(\"username\") ?? undefined;\n const ssl = hashParams.get(\"ssl\") === \"true\";\n const stateStr = hashParams.get(\"state\") ?? undefined;\n const persist = hashParams.get(\"persist\") === \"true\";\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\n let endpointOrigin;\n try {\n const state = JSON.parse(stateStr);\n stateData = state?.customData;\n endpointOrigin = state?.endpointOrigin;\n\n } catch {\n }\n const expiresIn = Number(expiresInStr);\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\n if (endpointOrigin !== undefined) {\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\n eventSuccess = true;\n }\n\n }\n }\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\n };\n }\n\n public unInitialize() {\n this._redirectUri = undefined;\n this._expiration = undefined;\n (window as any).arcGisOAuth2Callback = undefined;\n }\n\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\n\n if (!this._forceLegacyToken) {\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\n if (oauth2Token)\n return oauth2Token;\n }\n\n if (params.userName && params.password) {\n return ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\n }\n\n return undefined;\n }\n\n /** @internal */\n public static async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean> {\n const data = await fetch(endpointUrl, { method: \"GET\" });\n return data.status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\n }\n\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\n if (!this._forceLegacyToken) {\n return this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n }\n\n return undefined;\n }\n\n public invalidateToken(token: MapLayerAccessToken): boolean {\n let found = ArcGisTokenManager.invalidateToken(token);\n if (!found) {\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\n }\n return found;\n }\n\n public get redirectUri() {\n return this._redirectUri;\n }\n\n public getMatchingEnterpriseClientId(url: string) {\n const clientIds = this.arcGisEnterpriseClientIds;\n if (!clientIds) {\n return undefined;\n }\n\n let clientId: string | undefined;\n let defaultClientId: string | undefined;\n for (const entry of clientIds) {\n if (entry.serviceBaseUrl === \"\") {\n defaultClientId = entry.clientId;\n } else {\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\n clientId = entry.clientId;\n }\n }\n }\n\n // If we could not find a match with serviceBaseUrl, and a default clientId\n // was specified (i.e empty url), then use default clientId\n if (clientId === undefined && defaultClientId !== undefined) {\n clientId = defaultClientId;\n }\n return clientId;\n }\n\n public get expiration() {\n return this._expiration;\n }\n\n public get arcGisOnlineClientId() {\n return this._clientIds?.arcgisOnlineClientId;\n }\n\n public set arcGisOnlineClientId(clientId: string | undefined) {\n if (this._clientIds === undefined) {\n this._clientIds = { arcgisOnlineClientId: clientId };\n }\n this._clientIds.arcgisOnlineClientId = clientId;\n }\n\n public get arcGisEnterpriseClientIds() {\n return this._clientIds?.enterpriseClientIds;\n }\n\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\n\n if (this._clientIds?.enterpriseClientIds) {\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\n if (foundIdx !== -1) {\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\n } else {\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\n }\n } else {\n if (this._clientIds === undefined) {\n this._clientIds = {};\n }\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\n }\n }\n\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\n\n if (this._clientIds?.enterpriseClientIds) {\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\n }\n\n }\n\n /// //////////\n /** @internal */\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\n try {\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n if (oauthEndpoint !== undefined) {\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\n }\n } catch { }\n return undefined;\n }\n\n // Mapping between a map-layer URL and its corresponding Oauth endpoint\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\n // => https://hostname/portal/sharing/oauth2/authorize\n\n private _endPointsCache = new Map<MapLayerUrl, EndPointsCacheEntry>();\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private cacheEndpoint(url: MapLayerUrl, endpointType: ArcGisOAuth2EndpointType, endPoint: ArcGisOAuth2Endpoint) {\n const entry = endpointType === ArcGisOAuth2EndpointType.Authorize ? {authorizeEndpoint: endPoint} : {tokenEndpoint: endPoint};\n this._endPointsCache.set(url, entry);\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async createEndpoint(mapLayerUrl: MapLayerUrl, oauthEndpointUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Validate the URL we just composed\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauthEndpointUrl, this.constructLoginUrl(oauthEndpointUrl, false), false);\n this.cacheEndpoint(mapLayerUrl, endpointType, oauthEndpoint);\n return oauthEndpoint;\n }\n\n /**\n * Returns whether the ArcGis host is valid\n * @internal\n */\n private isArcGisHostValid(url: URL): boolean {\n const allowedHosts = [\n \"arcgis.com\",\n ];\n\n return allowedHosts.some((host: string) => url.hostname.toLowerCase().endsWith(host));\n }\n\n private async validateEndpointUrl(url: string) {\n let valid: boolean|undefined;\n try {\n valid = await ArcGisAccessClient.validateOAuth2Endpoint(url.toString());\n } catch {\n // If we reach here, this means we could not validate properly the endpoint;\n // we cannot conclude the endpoint is invalid though; it might happen endpoint doesn't support CORS requests,\n // but still valid for Oauth process.\n }\n return valid;\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async getOAuth2Endpoint(mapLayerUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Return from cache if available\n const cachedEndpoint = this._endPointsCache.get(mapLayerUrl);\n if (cachedEndpoint !== undefined) {\n return (endpointType === ArcGisOAuth2EndpointType.Authorize ? cachedEndpoint.authorizeEndpoint : cachedEndpoint.authorizeEndpoint);\n }\n\n const endpointStr = (endpointType === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\n\n const urlObj = new URL(mapLayerUrl);\n\n if (this.isArcGisHostValid(urlObj)) {\n // ArcGIS Online (fixed)\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\n\n if (this.arcGisOnlineClientId === undefined) {\n return undefined;\n }\n\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\n return new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, true), true);\n } else {\n\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\n try {\n const restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\n\n if (restUrlFromTokenService === undefined) {\n // We could not derive the token endpoint from 'tokenServicesUrl'.\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\n const regExMatch = mapLayerUrl.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\n if (regExMatch !== null && regExMatch.length >= 2) {\n const subdirectory = regExMatch[1];\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\n\n // Check again the URL we just composed\n const isValidUrl = await this.validateEndpointUrl(newUrlObj.toString());\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, newUrlObj.toString(), endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } else {\n const oauthEndpointUrl = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\n const isValidUrl = await this.validateEndpointUrl(oauthEndpointUrl);\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, oauthEndpointUrl, endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } catch {\n }\n }\n\n // If we reach here, we were not successful creating an endpoint\n this._endPointsCache.set(mapLayerUrl, {}); // Cache an empty entry, and avoid making repeated failing requests.\n\n return undefined; // we could not find any valid oauth2 endpoint\n }\n\n /**\n * Construct the complete Authorize url to starts the Oauth process\n * @internal\n */\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\n const urlObj = new URL(url);\n\n // Set the client id\n if (isArcgisOnline) {\n const clientId = this.arcGisOnlineClientId;\n assert(clientId !== undefined);\n if (clientId !== undefined) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n\n } else {\n const clientId = this.getMatchingEnterpriseClientId(url);\n assert(clientId !== undefined);\n if (undefined !== clientId) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n }\n\n urlObj.searchParams.set(\"response_type\", \"token\");\n if (this.expiration !== undefined) {\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\n }\n\n if (this.redirectUri)\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\n\n return urlObj.toString();\n }\n\n}\n"]}
1
+ {"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":";AAAA;;;+FAG+F;AAC/F;;GAEG;;;AAEH,sDAAsD;AAEtD,iEAAkF;AAClF,iEAAwF;AACxF,6DAA0D;AAC1D,2CAAwC;AA8CxC,YAAY;AACZ,MAAa,kBAAkB;IACb,iBAAiB,GAAG,IAAI,sBAAO,EAAE,CAAC;IAC1C,YAAY,CAAqB;IACjC,WAAW,CAAqB;IAChC,UAAU,CAAmC;IAErD,sDAAsD;IAC9C,iBAAiB,GAAG,KAAK,CAAC;IAElC;IACA,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,UAAkB,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;YACzE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;oBAC/H,IAAI,cAAc,CAAC;oBACnB,IAAI,CAAC;wBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,EAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,EAAE,cAAc,CAAC;oBAEzC,CAAC;oBAAC,MAAM,CAAC;oBACT,CAAC;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;wBACjC,uCAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;oBACtB,CAAC;gBAEH,CAAC;YACH,CAAC;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,UAAkB,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACvD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAE/F,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;QACvB,CAAC;QAED,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACvC,OAAO,uCAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,4CAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;QACjJ,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,gBAAgB;IACT,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAC5D,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IAC1G,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,+CAAwB,CAAC,SAAS,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,uCAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,uCAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,QAA4B,CAAC;QACjC,IAAI,eAAmC,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;YAC9B,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE,CAAC;gBAChC,eAAe,GAAG,KAAK,CAAC,QAAQ,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;oBACvD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YAC5D,QAAQ,GAAG,eAAe,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;QAC7B,OAAO,IAAI,CAAC,UAAU,EAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;QACvD,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;QAClC,OAAO,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;QAEnE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;gBACpB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACpE,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzE,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;gBAClC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;QAEhE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;QAChJ,CAAC;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,+CAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,uCAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,uEAAuE;IACvE,8EAA8E;IAC9E,4DAA4D;IAEpD,eAAe,GAAG,IAAI,GAAG,EAAoC,CAAC;IAEtE;;;KAGC;IACO,aAAa,CAAC,GAAgB,EAAE,YAAsC,EAAE,QAA8B;QAC5G,MAAM,KAAK,GAAG,YAAY,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,EAAC,iBAAiB,EAAE,QAAQ,EAAC,CAAC,CAAC,CAAC,EAAC,aAAa,EAAE,QAAQ,EAAC,CAAC;QAC9H,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACvC,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,cAAc,CAAC,WAAwB,EAAE,gBAAwB,EAAE,YAAsC;QACrH,oCAAoC;QACpC,MAAM,aAAa,GAAG,IAAI,2CAAoB,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;QACzH,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC;QAC7D,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;;MAGE;IACM,iBAAiB,CAAC,GAAQ;QAChC,MAAM,YAAY,GAAG;YACnB,YAAY;SACb,CAAC;QAEF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACxF,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,GAAW;QAC3C,IAAI,KAAwB,CAAC;QAC7B,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,kBAAkB,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1E,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;YAC5E,6GAA6G;YAC7G,qCAAqC;QACvC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,WAAmB,EAAE,YAAsC;QACzF,iCAAiC;QACjC,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;YACjC,OAAO,CAAC,YAAY,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrI,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,YAAY,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAElG,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QAEpC,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBAC5C,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,2CAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAC5F,CAAC;aAAM,CAAC;YAEN,wGAAwG;YACxG,IAAI,CAAC;gBACH,MAAM,uBAAuB,GAAG,MAAM,qBAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;gBAEvF,IAAI,uBAAuB,KAAK,SAAS,EAAE,CAAC;oBAC1C,kEAAkE;oBAClE,8FAA8F;oBAC9F,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;oBACvF,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;wBAClD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;wBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;wBAE9H,uCAAuC;wBACvC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;wBACxE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;4BAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,YAAY,CAAC,CAAC;4BAC5F,IAAI,QAAQ;gCACV,OAAO,QAAQ,CAAC;wBACpB,CAAC;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,gBAAgB,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBACtF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;oBACpE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;wBAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAC;wBACxF,IAAI,QAAQ;4BACV,OAAO,QAAQ,CAAC;oBACpB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;YACT,CAAC;QACH,CAAC;QAED,gEAAgE;QAChE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAE,oEAAoE;QAEhH,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QAEH,CAAC;aAAM,CAAC;YACN,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF;AArVD,gDAqVC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @packageDocumentation\n * @module Tiles\n */\n\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator\";\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint\";\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager\";\nimport { ArcGisUrl } from \"./ArcGisUrl\";\n\n/** @beta */\nexport interface ArcGisEnterpriseClientId {\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\n used to identify uniquely each enterprise server. */\n serviceBaseUrl: string;\n\n /* Application's clientId for this enterprise server.*/\n clientId: string;\n}\n\n/** @beta */\nexport interface ArcGisOAuthClientIds {\n /* Application's OAuth clientId in ArcGIS online */\n arcgisOnlineClientId?: string;\n\n /* Application's OAuth clientId for each enterprise server used. */\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\n}\n\n/** @beta\n * ArcGIS OAuth configurations parameters.\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\n * more details.\n*/\nexport interface ArcGisOAuthConfig {\n /* URL to which a user is sent once they complete sign in authorization.\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\n */\n redirectUri: string;\n\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\n tokenExpiration?: number;\n\n /* Application client Ids */\n clientIds: ArcGisOAuthClientIds;\n}\n\ninterface EndPointsCacheEntry {\n authorizeEndpoint?: ArcGisOAuth2Endpoint;\n tokenEndpoint?: ArcGisOAuth2Endpoint;\n}\n\ntype MapLayerUrl = string;\n\n/** @beta */\nexport class ArcGisAccessClient implements MapLayerAccessClient {\n public readonly onOAuthProcessEnd = new BeEvent();\n private _redirectUri: string | undefined;\n private _expiration: number | undefined;\n private _clientIds: ArcGisOAuthClientIds | undefined;\n\n // Should be kept to 'false'. Debugging purposes only.\n private _forceLegacyToken = false;\n\n public constructor() {\n }\n\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\n if (oAuthConfig) {\n this._redirectUri = oAuthConfig.redirectUri;\n this._expiration = oAuthConfig.tokenExpiration;\n this._clientIds = oAuthConfig.clientIds;\n\n this.initOauthCallbackFunction();\n }\n return true;\n }\n\n private initOauthCallbackFunction() {\n (globalThis as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\n let eventSuccess = false;\n let stateData;\n\n if (redirectLocation && redirectLocation.hash.length > 0) {\n const locationHash = redirectLocation.hash;\n const hashParams = new URLSearchParams(locationHash.substring(1));\n const token = hashParams.get(\"access_token\") ?? undefined;\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\n const userName = hashParams.get(\"username\") ?? undefined;\n const ssl = hashParams.get(\"ssl\") === \"true\";\n const stateStr = hashParams.get(\"state\") ?? undefined;\n const persist = hashParams.get(\"persist\") === \"true\";\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\n let endpointOrigin;\n try {\n const state = JSON.parse(stateStr);\n stateData = state?.customData;\n endpointOrigin = state?.endpointOrigin;\n\n } catch {\n }\n const expiresIn = Number(expiresInStr);\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\n if (endpointOrigin !== undefined) {\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\n eventSuccess = true;\n }\n\n }\n }\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\n };\n }\n\n public unInitialize() {\n this._redirectUri = undefined;\n this._expiration = undefined;\n (globalThis as any).arcGisOAuth2Callback = undefined;\n }\n\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\n\n if (!this._forceLegacyToken) {\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\n if (oauth2Token)\n return oauth2Token;\n }\n\n if (params.userName && params.password) {\n return ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\n }\n\n return undefined;\n }\n\n /** @internal */\n public static async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean> {\n const data = await fetch(endpointUrl, { method: \"GET\" });\n return data.status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\n }\n\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\n if (!this._forceLegacyToken) {\n return this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n }\n\n return undefined;\n }\n\n public invalidateToken(token: MapLayerAccessToken): boolean {\n let found = ArcGisTokenManager.invalidateToken(token);\n if (!found) {\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\n }\n return found;\n }\n\n public get redirectUri() {\n return this._redirectUri;\n }\n\n public getMatchingEnterpriseClientId(url: string) {\n const clientIds = this.arcGisEnterpriseClientIds;\n if (!clientIds) {\n return undefined;\n }\n\n let clientId: string | undefined;\n let defaultClientId: string | undefined;\n for (const entry of clientIds) {\n if (entry.serviceBaseUrl === \"\") {\n defaultClientId = entry.clientId;\n } else {\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\n clientId = entry.clientId;\n }\n }\n }\n\n // If we could not find a match with serviceBaseUrl, and a default clientId\n // was specified (i.e empty url), then use default clientId\n if (clientId === undefined && defaultClientId !== undefined) {\n clientId = defaultClientId;\n }\n return clientId;\n }\n\n public get expiration() {\n return this._expiration;\n }\n\n public get arcGisOnlineClientId() {\n return this._clientIds?.arcgisOnlineClientId;\n }\n\n public set arcGisOnlineClientId(clientId: string | undefined) {\n if (this._clientIds === undefined) {\n this._clientIds = { arcgisOnlineClientId: clientId };\n }\n this._clientIds.arcgisOnlineClientId = clientId;\n }\n\n public get arcGisEnterpriseClientIds() {\n return this._clientIds?.enterpriseClientIds;\n }\n\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\n\n if (this._clientIds?.enterpriseClientIds) {\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\n if (foundIdx !== -1) {\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\n } else {\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\n }\n } else {\n if (this._clientIds === undefined) {\n this._clientIds = {};\n }\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\n }\n }\n\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\n\n if (this._clientIds?.enterpriseClientIds) {\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\n }\n\n }\n\n /// //////////\n /** @internal */\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\n try {\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n if (oauthEndpoint !== undefined) {\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\n }\n } catch { }\n return undefined;\n }\n\n // Mapping between a map-layer URL and its corresponding Oauth endpoint\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\n // => https://hostname/portal/sharing/oauth2/authorize\n\n private _endPointsCache = new Map<MapLayerUrl, EndPointsCacheEntry>();\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private cacheEndpoint(url: MapLayerUrl, endpointType: ArcGisOAuth2EndpointType, endPoint: ArcGisOAuth2Endpoint) {\n const entry = endpointType === ArcGisOAuth2EndpointType.Authorize ? {authorizeEndpoint: endPoint} : {tokenEndpoint: endPoint};\n this._endPointsCache.set(url, entry);\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async createEndpoint(mapLayerUrl: MapLayerUrl, oauthEndpointUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Validate the URL we just composed\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauthEndpointUrl, this.constructLoginUrl(oauthEndpointUrl, false), false);\n this.cacheEndpoint(mapLayerUrl, endpointType, oauthEndpoint);\n return oauthEndpoint;\n }\n\n /**\n * Returns whether the ArcGis host is valid\n * @internal\n */\n private isArcGisHostValid(url: URL): boolean {\n const allowedHosts = [\n \"arcgis.com\",\n ];\n\n return allowedHosts.some((host: string) => url.hostname.toLowerCase().endsWith(host));\n }\n\n private async validateEndpointUrl(url: string) {\n let valid: boolean|undefined;\n try {\n valid = await ArcGisAccessClient.validateOAuth2Endpoint(url.toString());\n } catch {\n // If we reach here, this means we could not validate properly the endpoint;\n // we cannot conclude the endpoint is invalid though; it might happen endpoint doesn't support CORS requests,\n // but still valid for Oauth process.\n }\n return valid;\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async getOAuth2Endpoint(mapLayerUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Return from cache if available\n const cachedEndpoint = this._endPointsCache.get(mapLayerUrl);\n if (cachedEndpoint !== undefined) {\n return (endpointType === ArcGisOAuth2EndpointType.Authorize ? cachedEndpoint.authorizeEndpoint : cachedEndpoint.authorizeEndpoint);\n }\n\n const endpointStr = (endpointType === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\n\n const urlObj = new URL(mapLayerUrl);\n\n if (this.isArcGisHostValid(urlObj)) {\n // ArcGIS Online (fixed)\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\n\n if (this.arcGisOnlineClientId === undefined) {\n return undefined;\n }\n\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\n return new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, true), true);\n } else {\n\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\n try {\n const restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\n\n if (restUrlFromTokenService === undefined) {\n // We could not derive the token endpoint from 'tokenServicesUrl'.\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\n const regExMatch = mapLayerUrl.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\n if (regExMatch !== null && regExMatch.length >= 2) {\n const subdirectory = regExMatch[1];\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\n\n // Check again the URL we just composed\n const isValidUrl = await this.validateEndpointUrl(newUrlObj.toString());\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, newUrlObj.toString(), endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } else {\n const oauthEndpointUrl = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\n const isValidUrl = await this.validateEndpointUrl(oauthEndpointUrl);\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, oauthEndpointUrl, endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } catch {\n }\n }\n\n // If we reach here, we were not successful creating an endpoint\n this._endPointsCache.set(mapLayerUrl, {}); // Cache an empty entry, and avoid making repeated failing requests.\n\n return undefined; // we could not find any valid oauth2 endpoint\n }\n\n /**\n * Construct the complete Authorize url to starts the Oauth process\n * @internal\n */\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\n const urlObj = new URL(url);\n\n // Set the client id\n if (isArcgisOnline) {\n const clientId = this.arcGisOnlineClientId;\n assert(clientId !== undefined);\n if (clientId !== undefined) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n\n } else {\n const clientId = this.getMatchingEnterpriseClientId(url);\n assert(clientId !== undefined);\n if (undefined !== clientId) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n }\n\n urlObj.searchParams.set(\"response_type\", \"token\");\n if (this.expiration !== undefined) {\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\n }\n\n if (this.redirectUri)\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\n\n return urlObj.toString();\n }\n\n}\n"]}
package/lib/esm/ArcGis/ArcGisAccessClient.js CHANGED
@@ -30,7 +30,7 @@ export class ArcGisAccessClient {
30
30
  return true;
31
31
  }
32
32
  initOauthCallbackFunction() {
33
- window.arcGisOAuth2Callback = (redirectLocation) => {
33
+ globalThis.arcGisOAuth2Callback = (redirectLocation) => {
34
34
  let eventSuccess = false;
35
35
  let stateData;
36
36
  if (redirectLocation && redirectLocation.hash.length > 0) {
@@ -65,7 +65,7 @@ export class ArcGisAccessClient {
65
65
  unInitialize() {
66
66
  this._redirectUri = undefined;
67
67
  this._expiration = undefined;
68
- window.arcGisOAuth2Callback = undefined;
68
+ globalThis.arcGisOAuth2Callback = undefined;
69
69
  }
70
70
  async getAccessToken(params) {
71
71
  // First lookup Oauth2 tokens, otherwise check try "legacy tokens" if credentials were provided
package/lib/esm/ArcGis/ArcGisAccessClient.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F;;GAEG;AAEH,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAEtD,OAAO,EAAqB,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAClF,OAAO,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,wBAAwB,CAAC;AACxF,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AA8CxC,YAAY;AACZ,MAAM,OAAO,kBAAkB;IACb,iBAAiB,GAAG,IAAI,OAAO,EAAE,CAAC;IAC1C,YAAY,CAAqB;IACjC,WAAW,CAAqB;IAChC,UAAU,CAAmC;IAErD,sDAAsD;IAC9C,iBAAiB,GAAG,KAAK,CAAC;IAElC;IACA,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,MAAc,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;YACrE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;oBAC/H,IAAI,cAAc,CAAC;oBACnB,IAAI,CAAC;wBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,EAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,EAAE,cAAc,CAAC;oBAEzC,CAAC;oBAAC,MAAM,CAAC;oBACT,CAAC;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;wBACjC,kBAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;oBACtB,CAAC;gBAEH,CAAC;YACH,CAAC;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,MAAc,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACnD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAE/F,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;QACvB,CAAC;QAED,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACvC,OAAO,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,qBAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;QACjJ,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,gBAAgB;IACT,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAC5D,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IAC1G,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,kBAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,kBAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,QAA4B,CAAC;QACjC,IAAI,eAAmC,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;YAC9B,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE,CAAC;gBAChC,eAAe,GAAG,KAAK,CAAC,QAAQ,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;oBACvD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YAC5D,QAAQ,GAAG,eAAe,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;QAC7B,OAAO,IAAI,CAAC,UAAU,EAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;QACvD,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;QAClC,OAAO,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;QAEnE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;gBACpB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACpE,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzE,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;gBAClC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;QAEhE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;QAChJ,CAAC;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,kBAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,uEAAuE;IACvE,8EAA8E;IAC9E,4DAA4D;IAEpD,eAAe,GAAG,IAAI,GAAG,EAAoC,CAAC;IAEtE;;;KAGC;IACO,aAAa,CAAC,GAAgB,EAAE,YAAsC,EAAE,QAA8B;QAC5G,MAAM,KAAK,GAAG,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,EAAC,iBAAiB,EAAE,QAAQ,EAAC,CAAC,CAAC,CAAC,EAAC,aAAa,EAAE,QAAQ,EAAC,CAAC;QAC9H,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACvC,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,cAAc,CAAC,WAAwB,EAAE,gBAAwB,EAAE,YAAsC;QACrH,oCAAoC;QACpC,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;QACzH,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC;QAC7D,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;;MAGE;IACM,iBAAiB,CAAC,GAAQ;QAChC,MAAM,YAAY,GAAG;YACnB,YAAY;SACb,CAAC;QAEF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACxF,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,GAAW;QAC3C,IAAI,KAAwB,CAAC;QAC7B,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,kBAAkB,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1E,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;YAC5E,6GAA6G;YAC7G,qCAAqC;QACvC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,WAAmB,EAAE,YAAsC;QACzF,iCAAiC;QACjC,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;YACjC,OAAO,CAAC,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrI,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAElG,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QAEpC,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBAC5C,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,oBAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAC5F,CAAC;aAAM,CAAC;YAEN,wGAAwG;YACxG,IAAI,CAAC;gBACH,MAAM,uBAAuB,GAAG,MAAM,SAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;gBAEvF,IAAI,uBAAuB,KAAK,SAAS,EAAE,CAAC;oBAC1C,kEAAkE;oBAClE,8FAA8F;oBAC9F,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;oBACvF,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;wBAClD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;wBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;wBAE9H,uCAAuC;wBACvC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;wBACxE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;4BAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,YAAY,CAAC,CAAC;4BAC5F,IAAI,QAAQ;gCACV,OAAO,QAAQ,CAAC;wBACpB,CAAC;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,gBAAgB,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBACtF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;oBACpE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;wBAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAC;wBACxF,IAAI,QAAQ;4BACV,OAAO,QAAQ,CAAC;oBACpB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;YACT,CAAC;QACH,CAAC;QAED,gEAAgE;QAChE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAE,oEAAoE;QAEhH,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QAEH,CAAC;aAAM,CAAC;YACN,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @packageDocumentation\n * @module Tiles\n */\n\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator\";\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint\";\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager\";\nimport { ArcGisUrl } from \"./ArcGisUrl\";\n\n/** @beta */\nexport interface ArcGisEnterpriseClientId {\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\n used to identify uniquely each enterprise server. */\n serviceBaseUrl: string;\n\n /* Application's clientId for this enterprise server.*/\n clientId: string;\n}\n\n/** @beta */\nexport interface ArcGisOAuthClientIds {\n /* Application's OAuth clientId in ArcGIS online */\n arcgisOnlineClientId?: string;\n\n /* Application's OAuth clientId for each enterprise server used. */\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\n}\n\n/** @beta\n * ArcGIS OAuth configurations parameters.\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\n * more details.\n*/\nexport interface ArcGisOAuthConfig {\n /* URL to which a user is sent once they complete sign in authorization.\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\n */\n redirectUri: string;\n\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\n tokenExpiration?: number;\n\n /* Application client Ids */\n clientIds: ArcGisOAuthClientIds;\n}\n\ninterface EndPointsCacheEntry {\n authorizeEndpoint?: ArcGisOAuth2Endpoint;\n tokenEndpoint?: ArcGisOAuth2Endpoint;\n}\n\ntype MapLayerUrl = string;\n\n/** @beta */\nexport class ArcGisAccessClient implements MapLayerAccessClient {\n public readonly onOAuthProcessEnd = new BeEvent();\n private _redirectUri: string | undefined;\n private _expiration: number | undefined;\n private _clientIds: ArcGisOAuthClientIds | undefined;\n\n // Should be kept to 'false'. Debugging purposes only.\n private _forceLegacyToken = false;\n\n public constructor() {\n }\n\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\n if (oAuthConfig) {\n this._redirectUri = oAuthConfig.redirectUri;\n this._expiration = oAuthConfig.tokenExpiration;\n this._clientIds = oAuthConfig.clientIds;\n\n this.initOauthCallbackFunction();\n }\n return true;\n }\n\n private initOauthCallbackFunction() {\n (window as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\n let eventSuccess = false;\n let stateData;\n\n if (redirectLocation && redirectLocation.hash.length > 0) {\n const locationHash = redirectLocation.hash;\n const hashParams = new URLSearchParams(locationHash.substring(1));\n const token = hashParams.get(\"access_token\") ?? undefined;\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\n const userName = hashParams.get(\"username\") ?? undefined;\n const ssl = hashParams.get(\"ssl\") === \"true\";\n const stateStr = hashParams.get(\"state\") ?? undefined;\n const persist = hashParams.get(\"persist\") === \"true\";\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\n let endpointOrigin;\n try {\n const state = JSON.parse(stateStr);\n stateData = state?.customData;\n endpointOrigin = state?.endpointOrigin;\n\n } catch {\n }\n const expiresIn = Number(expiresInStr);\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\n if (endpointOrigin !== undefined) {\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\n eventSuccess = true;\n }\n\n }\n }\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\n };\n }\n\n public unInitialize() {\n this._redirectUri = undefined;\n this._expiration = undefined;\n (window as any).arcGisOAuth2Callback = undefined;\n }\n\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\n\n if (!this._forceLegacyToken) {\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\n if (oauth2Token)\n return oauth2Token;\n }\n\n if (params.userName && params.password) {\n return ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\n }\n\n return undefined;\n }\n\n /** @internal */\n public static async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean> {\n const data = await fetch(endpointUrl, { method: \"GET\" });\n return data.status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\n }\n\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\n if (!this._forceLegacyToken) {\n return this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n }\n\n return undefined;\n }\n\n public invalidateToken(token: MapLayerAccessToken): boolean {\n let found = ArcGisTokenManager.invalidateToken(token);\n if (!found) {\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\n }\n return found;\n }\n\n public get redirectUri() {\n return this._redirectUri;\n }\n\n public getMatchingEnterpriseClientId(url: string) {\n const clientIds = this.arcGisEnterpriseClientIds;\n if (!clientIds) {\n return undefined;\n }\n\n let clientId: string | undefined;\n let defaultClientId: string | undefined;\n for (const entry of clientIds) {\n if (entry.serviceBaseUrl === \"\") {\n defaultClientId = entry.clientId;\n } else {\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\n clientId = entry.clientId;\n }\n }\n }\n\n // If we could not find a match with serviceBaseUrl, and a default clientId\n // was specified (i.e empty url), then use default clientId\n if (clientId === undefined && defaultClientId !== undefined) {\n clientId = defaultClientId;\n }\n return clientId;\n }\n\n public get expiration() {\n return this._expiration;\n }\n\n public get arcGisOnlineClientId() {\n return this._clientIds?.arcgisOnlineClientId;\n }\n\n public set arcGisOnlineClientId(clientId: string | undefined) {\n if (this._clientIds === undefined) {\n this._clientIds = { arcgisOnlineClientId: clientId };\n }\n this._clientIds.arcgisOnlineClientId = clientId;\n }\n\n public get arcGisEnterpriseClientIds() {\n return this._clientIds?.enterpriseClientIds;\n }\n\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\n\n if (this._clientIds?.enterpriseClientIds) {\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\n if (foundIdx !== -1) {\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\n } else {\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\n }\n } else {\n if (this._clientIds === undefined) {\n this._clientIds = {};\n }\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\n }\n }\n\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\n\n if (this._clientIds?.enterpriseClientIds) {\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\n }\n\n }\n\n /// //////////\n /** @internal */\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\n try {\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n if (oauthEndpoint !== undefined) {\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\n }\n } catch { }\n return undefined;\n }\n\n // Mapping between a map-layer URL and its corresponding Oauth endpoint\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\n // => https://hostname/portal/sharing/oauth2/authorize\n\n private _endPointsCache = new Map<MapLayerUrl, EndPointsCacheEntry>();\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private cacheEndpoint(url: MapLayerUrl, endpointType: ArcGisOAuth2EndpointType, endPoint: ArcGisOAuth2Endpoint) {\n const entry = endpointType === ArcGisOAuth2EndpointType.Authorize ? {authorizeEndpoint: endPoint} : {tokenEndpoint: endPoint};\n this._endPointsCache.set(url, entry);\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async createEndpoint(mapLayerUrl: MapLayerUrl, oauthEndpointUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Validate the URL we just composed\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauthEndpointUrl, this.constructLoginUrl(oauthEndpointUrl, false), false);\n this.cacheEndpoint(mapLayerUrl, endpointType, oauthEndpoint);\n return oauthEndpoint;\n }\n\n /**\n * Returns whether the ArcGis host is valid\n * @internal\n */\n private isArcGisHostValid(url: URL): boolean {\n const allowedHosts = [\n \"arcgis.com\",\n ];\n\n return allowedHosts.some((host: string) => url.hostname.toLowerCase().endsWith(host));\n }\n\n private async validateEndpointUrl(url: string) {\n let valid: boolean|undefined;\n try {\n valid = await ArcGisAccessClient.validateOAuth2Endpoint(url.toString());\n } catch {\n // If we reach here, this means we could not validate properly the endpoint;\n // we cannot conclude the endpoint is invalid though; it might happen endpoint doesn't support CORS requests,\n // but still valid for Oauth process.\n }\n return valid;\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async getOAuth2Endpoint(mapLayerUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Return from cache if available\n const cachedEndpoint = this._endPointsCache.get(mapLayerUrl);\n if (cachedEndpoint !== undefined) {\n return (endpointType === ArcGisOAuth2EndpointType.Authorize ? cachedEndpoint.authorizeEndpoint : cachedEndpoint.authorizeEndpoint);\n }\n\n const endpointStr = (endpointType === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\n\n const urlObj = new URL(mapLayerUrl);\n\n if (this.isArcGisHostValid(urlObj)) {\n // ArcGIS Online (fixed)\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\n\n if (this.arcGisOnlineClientId === undefined) {\n return undefined;\n }\n\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\n return new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, true), true);\n } else {\n\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\n try {\n const restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\n\n if (restUrlFromTokenService === undefined) {\n // We could not derive the token endpoint from 'tokenServicesUrl'.\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\n const regExMatch = mapLayerUrl.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\n if (regExMatch !== null && regExMatch.length >= 2) {\n const subdirectory = regExMatch[1];\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\n\n // Check again the URL we just composed\n const isValidUrl = await this.validateEndpointUrl(newUrlObj.toString());\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, newUrlObj.toString(), endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } else {\n const oauthEndpointUrl = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\n const isValidUrl = await this.validateEndpointUrl(oauthEndpointUrl);\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, oauthEndpointUrl, endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } catch {\n }\n }\n\n // If we reach here, we were not successful creating an endpoint\n this._endPointsCache.set(mapLayerUrl, {}); // Cache an empty entry, and avoid making repeated failing requests.\n\n return undefined; // we could not find any valid oauth2 endpoint\n }\n\n /**\n * Construct the complete Authorize url to starts the Oauth process\n * @internal\n */\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\n const urlObj = new URL(url);\n\n // Set the client id\n if (isArcgisOnline) {\n const clientId = this.arcGisOnlineClientId;\n assert(clientId !== undefined);\n if (clientId !== undefined) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n\n } else {\n const clientId = this.getMatchingEnterpriseClientId(url);\n assert(clientId !== undefined);\n if (undefined !== clientId) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n }\n\n urlObj.searchParams.set(\"response_type\", \"token\");\n if (this.expiration !== undefined) {\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\n }\n\n if (this.redirectUri)\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\n\n return urlObj.toString();\n }\n\n}\n"]}
1
+ {"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F;;GAEG;AAEH,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAEtD,OAAO,EAAqB,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAClF,OAAO,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,wBAAwB,CAAC;AACxF,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AA8CxC,YAAY;AACZ,MAAM,OAAO,kBAAkB;IACb,iBAAiB,GAAG,IAAI,OAAO,EAAE,CAAC;IAC1C,YAAY,CAAqB;IACjC,WAAW,CAAqB;IAChC,UAAU,CAAmC;IAErD,sDAAsD;IAC9C,iBAAiB,GAAG,KAAK,CAAC;IAElC;IACA,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,UAAkB,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;YACzE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;oBAC/H,IAAI,cAAc,CAAC;oBACnB,IAAI,CAAC;wBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,EAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,EAAE,cAAc,CAAC;oBAEzC,CAAC;oBAAC,MAAM,CAAC;oBACT,CAAC;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;wBACjC,kBAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;oBACtB,CAAC;gBAEH,CAAC;YACH,CAAC;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,UAAkB,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACvD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAE/F,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;QACvB,CAAC;QAED,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACvC,OAAO,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,qBAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;QACjJ,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,gBAAgB;IACT,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAC5D,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IAC1G,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,kBAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,kBAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,QAA4B,CAAC;QACjC,IAAI,eAAmC,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;YAC9B,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE,CAAC;gBAChC,eAAe,GAAG,KAAK,CAAC,QAAQ,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;oBACvD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YAC5D,QAAQ,GAAG,eAAe,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;QAC7B,OAAO,IAAI,CAAC,UAAU,EAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;QACvD,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;QAClC,OAAO,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;QAEnE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;gBACpB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACpE,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzE,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;gBAClC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;QAEhE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;QAChJ,CAAC;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,kBAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,uEAAuE;IACvE,8EAA8E;IAC9E,4DAA4D;IAEpD,eAAe,GAAG,IAAI,GAAG,EAAoC,CAAC;IAEtE;;;KAGC;IACO,aAAa,CAAC,GAAgB,EAAE,YAAsC,EAAE,QAA8B;QAC5G,MAAM,KAAK,GAAG,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,EAAC,iBAAiB,EAAE,QAAQ,EAAC,CAAC,CAAC,CAAC,EAAC,aAAa,EAAE,QAAQ,EAAC,CAAC;QAC9H,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACvC,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,cAAc,CAAC,WAAwB,EAAE,gBAAwB,EAAE,YAAsC;QACrH,oCAAoC;QACpC,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;QACzH,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC;QAC7D,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;;MAGE;IACM,iBAAiB,CAAC,GAAQ;QAChC,MAAM,YAAY,GAAG;YACnB,YAAY;SACb,CAAC;QAEF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACxF,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,GAAW;QAC3C,IAAI,KAAwB,CAAC;QAC7B,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,kBAAkB,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1E,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;YAC5E,6GAA6G;YAC7G,qCAAqC;QACvC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,WAAmB,EAAE,YAAsC;QACzF,iCAAiC;QACjC,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;YACjC,OAAO,CAAC,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrI,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAElG,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QAEpC,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBAC5C,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,oBAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAC5F,CAAC;aAAM,CAAC;YAEN,wGAAwG;YACxG,IAAI,CAAC;gBACH,MAAM,uBAAuB,GAAG,MAAM,SAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;gBAEvF,IAAI,uBAAuB,KAAK,SAAS,EAAE,CAAC;oBAC1C,kEAAkE;oBAClE,8FAA8F;oBAC9F,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;oBACvF,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;wBAClD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;wBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;wBAE9H,uCAAuC;wBACvC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;wBACxE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;4BAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,YAAY,CAAC,CAAC;4BAC5F,IAAI,QAAQ;gCACV,OAAO,QAAQ,CAAC;wBACpB,CAAC;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,gBAAgB,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBACtF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;oBACpE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;wBAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAC;wBACxF,IAAI,QAAQ;4BACV,OAAO,QAAQ,CAAC;oBACpB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;YACT,CAAC;QACH,CAAC;QAED,gEAAgE;QAChE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAE,oEAAoE;QAEhH,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QAEH,CAAC;aAAM,CAAC;YACN,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @packageDocumentation\n * @module Tiles\n */\n\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator\";\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint\";\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager\";\nimport { ArcGisUrl } from \"./ArcGisUrl\";\n\n/** @beta */\nexport interface ArcGisEnterpriseClientId {\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\n used to identify uniquely each enterprise server. */\n serviceBaseUrl: string;\n\n /* Application's clientId for this enterprise server.*/\n clientId: string;\n}\n\n/** @beta */\nexport interface ArcGisOAuthClientIds {\n /* Application's OAuth clientId in ArcGIS online */\n arcgisOnlineClientId?: string;\n\n /* Application's OAuth clientId for each enterprise server used. */\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\n}\n\n/** @beta\n * ArcGIS OAuth configurations parameters.\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\n * more details.\n*/\nexport interface ArcGisOAuthConfig {\n /* URL to which a user is sent once they complete sign in authorization.\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\n */\n redirectUri: string;\n\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\n tokenExpiration?: number;\n\n /* Application client Ids */\n clientIds: ArcGisOAuthClientIds;\n}\n\ninterface EndPointsCacheEntry {\n authorizeEndpoint?: ArcGisOAuth2Endpoint;\n tokenEndpoint?: ArcGisOAuth2Endpoint;\n}\n\ntype MapLayerUrl = string;\n\n/** @beta */\nexport class ArcGisAccessClient implements MapLayerAccessClient {\n public readonly onOAuthProcessEnd = new BeEvent();\n private _redirectUri: string | undefined;\n private _expiration: number | undefined;\n private _clientIds: ArcGisOAuthClientIds | undefined;\n\n // Should be kept to 'false'. Debugging purposes only.\n private _forceLegacyToken = false;\n\n public constructor() {\n }\n\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\n if (oAuthConfig) {\n this._redirectUri = oAuthConfig.redirectUri;\n this._expiration = oAuthConfig.tokenExpiration;\n this._clientIds = oAuthConfig.clientIds;\n\n this.initOauthCallbackFunction();\n }\n return true;\n }\n\n private initOauthCallbackFunction() {\n (globalThis as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\n let eventSuccess = false;\n let stateData;\n\n if (redirectLocation && redirectLocation.hash.length > 0) {\n const locationHash = redirectLocation.hash;\n const hashParams = new URLSearchParams(locationHash.substring(1));\n const token = hashParams.get(\"access_token\") ?? undefined;\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\n const userName = hashParams.get(\"username\") ?? undefined;\n const ssl = hashParams.get(\"ssl\") === \"true\";\n const stateStr = hashParams.get(\"state\") ?? undefined;\n const persist = hashParams.get(\"persist\") === \"true\";\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\n let endpointOrigin;\n try {\n const state = JSON.parse(stateStr);\n stateData = state?.customData;\n endpointOrigin = state?.endpointOrigin;\n\n } catch {\n }\n const expiresIn = Number(expiresInStr);\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\n if (endpointOrigin !== undefined) {\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\n eventSuccess = true;\n }\n\n }\n }\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\n };\n }\n\n public unInitialize() {\n this._redirectUri = undefined;\n this._expiration = undefined;\n (globalThis as any).arcGisOAuth2Callback = undefined;\n }\n\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\n\n if (!this._forceLegacyToken) {\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\n if (oauth2Token)\n return oauth2Token;\n }\n\n if (params.userName && params.password) {\n return ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\n }\n\n return undefined;\n }\n\n /** @internal */\n public static async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean> {\n const data = await fetch(endpointUrl, { method: \"GET\" });\n return data.status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\n }\n\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\n if (!this._forceLegacyToken) {\n return this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n }\n\n return undefined;\n }\n\n public invalidateToken(token: MapLayerAccessToken): boolean {\n let found = ArcGisTokenManager.invalidateToken(token);\n if (!found) {\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\n }\n return found;\n }\n\n public get redirectUri() {\n return this._redirectUri;\n }\n\n public getMatchingEnterpriseClientId(url: string) {\n const clientIds = this.arcGisEnterpriseClientIds;\n if (!clientIds) {\n return undefined;\n }\n\n let clientId: string | undefined;\n let defaultClientId: string | undefined;\n for (const entry of clientIds) {\n if (entry.serviceBaseUrl === \"\") {\n defaultClientId = entry.clientId;\n } else {\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\n clientId = entry.clientId;\n }\n }\n }\n\n // If we could not find a match with serviceBaseUrl, and a default clientId\n // was specified (i.e empty url), then use default clientId\n if (clientId === undefined && defaultClientId !== undefined) {\n clientId = defaultClientId;\n }\n return clientId;\n }\n\n public get expiration() {\n return this._expiration;\n }\n\n public get arcGisOnlineClientId() {\n return this._clientIds?.arcgisOnlineClientId;\n }\n\n public set arcGisOnlineClientId(clientId: string | undefined) {\n if (this._clientIds === undefined) {\n this._clientIds = { arcgisOnlineClientId: clientId };\n }\n this._clientIds.arcgisOnlineClientId = clientId;\n }\n\n public get arcGisEnterpriseClientIds() {\n return this._clientIds?.enterpriseClientIds;\n }\n\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\n\n if (this._clientIds?.enterpriseClientIds) {\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\n if (foundIdx !== -1) {\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\n } else {\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\n }\n } else {\n if (this._clientIds === undefined) {\n this._clientIds = {};\n }\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\n }\n }\n\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\n\n if (this._clientIds?.enterpriseClientIds) {\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\n }\n\n }\n\n /// //////////\n /** @internal */\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\n try {\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n if (oauthEndpoint !== undefined) {\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\n }\n } catch { }\n return undefined;\n }\n\n // Mapping between a map-layer URL and its corresponding Oauth endpoint\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\n // => https://hostname/portal/sharing/oauth2/authorize\n\n private _endPointsCache = new Map<MapLayerUrl, EndPointsCacheEntry>();\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private cacheEndpoint(url: MapLayerUrl, endpointType: ArcGisOAuth2EndpointType, endPoint: ArcGisOAuth2Endpoint) {\n const entry = endpointType === ArcGisOAuth2EndpointType.Authorize ? {authorizeEndpoint: endPoint} : {tokenEndpoint: endPoint};\n this._endPointsCache.set(url, entry);\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async createEndpoint(mapLayerUrl: MapLayerUrl, oauthEndpointUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Validate the URL we just composed\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauthEndpointUrl, this.constructLoginUrl(oauthEndpointUrl, false), false);\n this.cacheEndpoint(mapLayerUrl, endpointType, oauthEndpoint);\n return oauthEndpoint;\n }\n\n /**\n * Returns whether the ArcGis host is valid\n * @internal\n */\n private isArcGisHostValid(url: URL): boolean {\n const allowedHosts = [\n \"arcgis.com\",\n ];\n\n return allowedHosts.some((host: string) => url.hostname.toLowerCase().endsWith(host));\n }\n\n private async validateEndpointUrl(url: string) {\n let valid: boolean|undefined;\n try {\n valid = await ArcGisAccessClient.validateOAuth2Endpoint(url.toString());\n } catch {\n // If we reach here, this means we could not validate properly the endpoint;\n // we cannot conclude the endpoint is invalid though; it might happen endpoint doesn't support CORS requests,\n // but still valid for Oauth process.\n }\n return valid;\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async getOAuth2Endpoint(mapLayerUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Return from cache if available\n const cachedEndpoint = this._endPointsCache.get(mapLayerUrl);\n if (cachedEndpoint !== undefined) {\n return (endpointType === ArcGisOAuth2EndpointType.Authorize ? cachedEndpoint.authorizeEndpoint : cachedEndpoint.authorizeEndpoint);\n }\n\n const endpointStr = (endpointType === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\n\n const urlObj = new URL(mapLayerUrl);\n\n if (this.isArcGisHostValid(urlObj)) {\n // ArcGIS Online (fixed)\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\n\n if (this.arcGisOnlineClientId === undefined) {\n return undefined;\n }\n\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\n return new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, true), true);\n } else {\n\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\n try {\n const restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\n\n if (restUrlFromTokenService === undefined) {\n // We could not derive the token endpoint from 'tokenServicesUrl'.\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\n const regExMatch = mapLayerUrl.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\n if (regExMatch !== null && regExMatch.length >= 2) {\n const subdirectory = regExMatch[1];\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\n\n // Check again the URL we just composed\n const isValidUrl = await this.validateEndpointUrl(newUrlObj.toString());\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, newUrlObj.toString(), endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } else {\n const oauthEndpointUrl = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\n const isValidUrl = await this.validateEndpointUrl(oauthEndpointUrl);\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, oauthEndpointUrl, endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } catch {\n }\n }\n\n // If we reach here, we were not successful creating an endpoint\n this._endPointsCache.set(mapLayerUrl, {}); // Cache an empty entry, and avoid making repeated failing requests.\n\n return undefined; // we could not find any valid oauth2 endpoint\n }\n\n /**\n * Construct the complete Authorize url to starts the Oauth process\n * @internal\n */\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\n const urlObj = new URL(url);\n\n // Set the client id\n if (isArcgisOnline) {\n const clientId = this.arcGisOnlineClientId;\n assert(clientId !== undefined);\n if (clientId !== undefined) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n\n } else {\n const clientId = this.getMatchingEnterpriseClientId(url);\n assert(clientId !== undefined);\n if (undefined !== clientId) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n }\n\n urlObj.searchParams.set(\"response_type\", \"token\");\n if (this.expiration !== undefined) {\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\n }\n\n if (this.redirectUri)\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\n\n return urlObj.toString();\n }\n\n}\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@itwin/map-layers-auth",
3
- "version": "5.0.0-dev.79",
3
+ "version": "5.0.0-dev.82",
4
4
  "description": "Extension that adds a Map Layers Widget",
5
5
  "main": "lib/cjs/map-layers-auth.js",
6
6
  "module": "lib/esm/map-layers-auth.js",
@@ -29,24 +29,21 @@
29
29
  "@types/sinon-chai": "^3.2.0",
30
30
  "chai": "^4.3.10",
31
31
  "eslint": "^9.13.0",
32
- "ignore-styles": "^5.0.1",
33
- "jsdom": "^19.0.0",
34
- "jsdom-global": "3.0.2",
35
- "mocha": "^10.2.0",
36
- "nyc": "^15.1.0",
37
- "rimraf": "^3.0.2",
32
+ "mocha": "^11.1.0",
33
+ "nyc": "^17.1.0",
34
+ "rimraf": "^6.0.1",
38
35
  "sinon": "^17.0.2",
39
36
  "sinon-chai": "^3.7.0",
40
37
  "source-map-support": "^0.5.6",
41
38
  "typescript": "~5.6.2",
42
39
  "fetch-mock": "~11.1.3",
43
- "@itwin/core-common": "5.0.0-dev.79",
44
- "@itwin/build-tools": "5.0.0-dev.79",
45
- "@itwin/core-frontend": "5.0.0-dev.79",
46
- "@itwin/core-bentley": "5.0.0-dev.79"
40
+ "@itwin/build-tools": "5.0.0-dev.82",
41
+ "@itwin/core-bentley": "5.0.0-dev.82",
42
+ "@itwin/core-common": "5.0.0-dev.82",
43
+ "@itwin/core-frontend": "5.0.0-dev.82"
47
44
  },
48
45
  "peerDependencies": {
49
- "@itwin/core-bentley": "5.0.0-dev.79"
46
+ "@itwin/core-bentley": "5.0.0-dev.82"
50
47
  },
51
48
  "nyc": {
52
49
  "extends": "./node_modules/@itwin/build-tools/.nycrc",
@@ -54,10 +51,10 @@
54
51
  },
55
52
  "mocha": {
56
53
  "require": [
57
- "raf/polyfill",
58
- "source-map-support/register",
59
- "jsdom-global/register",
60
- "ignore-styles"
54
+ "source-map-support/register"
55
+ ],
56
+ "globals": [
57
+ "arcGisOAuth2Callback"
61
58
  ],
62
59
  "checkLeaks": true,
63
60
  "timeout": 60000,
@@ -76,7 +73,7 @@
76
73
  "build": "npm run -s build:cjs && npm run -s build:esm",
77
74
  "build:cjs": "tsc 1>&2 --outDir lib/cjs",
78
75
  "build:esm": "tsc 1>&2 --module ES2022 --outDir lib/esm",
79
- "clean": "rimraf lib .rush/temp/package-deps*.json",
76
+ "clean": "rimraf -g lib .rush/temp/package-deps*.json",
80
77
  "cover": "nyc npm -s test",
81
78
  "docs": "",
82
79
  "extract-api": "betools extract-api --entry=map-layers-auth",