@itwin/map-layers-auth 5.0.0-dev.9 → 5.0.0-dev.90

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (22) hide show
  1. package/CHANGELOG.md +51 -1
  2. package/lib/cjs/ArcGis/ArcGisAccessClient.js +12 -9
  3. package/lib/cjs/ArcGis/ArcGisAccessClient.js.map +1 -1
  4. package/lib/cjs/ArcGis/ArcGisOAuth2Endpoint.js +3 -0
  5. package/lib/cjs/ArcGis/ArcGisOAuth2Endpoint.js.map +1 -1
  6. package/lib/cjs/ArcGis/ArcGisTokenGenerator.js +4 -4
  7. package/lib/cjs/ArcGis/ArcGisTokenGenerator.js.map +1 -1
  8. package/lib/cjs/ArcGis/ArcGisTokenManager.js +5 -3
  9. package/lib/cjs/ArcGis/ArcGisTokenManager.js.map +1 -1
  10. package/lib/cjs/ArcGis/ArcGisUrl.js.map +1 -1
  11. package/lib/cjs/map-layers-auth.js.map +1 -1
  12. package/lib/esm/ArcGis/ArcGisAccessClient.js +12 -9
  13. package/lib/esm/ArcGis/ArcGisAccessClient.js.map +1 -1
  14. package/lib/esm/ArcGis/ArcGisOAuth2Endpoint.js +3 -0
  15. package/lib/esm/ArcGis/ArcGisOAuth2Endpoint.js.map +1 -1
  16. package/lib/esm/ArcGis/ArcGisTokenGenerator.js +4 -4
  17. package/lib/esm/ArcGis/ArcGisTokenGenerator.js.map +1 -1
  18. package/lib/esm/ArcGis/ArcGisTokenManager.js +5 -3
  19. package/lib/esm/ArcGis/ArcGisTokenManager.js.map +1 -1
  20. package/lib/esm/ArcGis/ArcGisUrl.js.map +1 -1
  21. package/lib/esm/map-layers-auth.js.map +1 -1
  22. package/package.json +15 -18
package/CHANGELOG.md CHANGED
@@ -1,6 +1,56 @@
1
1
  # Change Log - @itwin/map-layers-auth
2
2
 
3
- This log was last generated on Thu, 14 Nov 2024 18:13:56 GMT and should not be manually modified.
3
+ This log was last generated on Wed, 19 Mar 2025 15:33:24 GMT and should not be manually modified.
4
+
5
+ ## 4.10.11
6
+ Wed, 19 Mar 2025 15:30:39 GMT
7
+
8
+ _Version update only_
9
+
10
+ ## 4.10.10
11
+ Tue, 11 Mar 2025 15:25:11 GMT
12
+
13
+ _Version update only_
14
+
15
+ ## 4.10.9
16
+ Tue, 11 Mar 2025 05:17:33 GMT
17
+
18
+ _Version update only_
19
+
20
+ ## 4.10.8
21
+ Thu, 06 Mar 2025 14:13:37 GMT
22
+
23
+ _Version update only_
24
+
25
+ ## 4.10.7
26
+ Tue, 18 Feb 2025 17:27:03 GMT
27
+
28
+ _Version update only_
29
+
30
+ ## 4.10.6
31
+ Fri, 24 Jan 2025 08:02:40 GMT
32
+
33
+ _Version update only_
34
+
35
+ ## 4.10.5
36
+ Tue, 21 Jan 2025 21:56:45 GMT
37
+
38
+ _Version update only_
39
+
40
+ ## 4.10.4
41
+ Mon, 13 Jan 2025 14:06:43 GMT
42
+
43
+ _Version update only_
44
+
45
+ ## 4.10.3
46
+ Mon, 06 Jan 2025 14:00:13 GMT
47
+
48
+ _Version update only_
49
+
50
+ ## 4.10.2
51
+ Thu, 21 Nov 2024 15:22:20 GMT
52
+
53
+ _Version update only_
4
54
 
5
55
  ## 4.10.1
6
56
  Thu, 14 Nov 2024 18:11:00 GMT
package/lib/cjs/ArcGis/ArcGisAccessClient.js CHANGED
@@ -15,14 +15,13 @@ const ArcGisTokenManager_1 = require("./ArcGisTokenManager");
15
15
  const ArcGisUrl_1 = require("./ArcGisUrl");
16
16
  /** @beta */
17
17
  class ArcGisAccessClient {
18
+ onOAuthProcessEnd = new core_bentley_1.BeEvent();
19
+ _redirectUri;
20
+ _expiration;
21
+ _clientIds;
22
+ // Should be kept to 'false'. Debugging purposes only.
23
+ _forceLegacyToken = false;
18
24
  constructor() {
19
- this.onOAuthProcessEnd = new core_bentley_1.BeEvent();
20
- // Should be kept to 'false'. Debugging purposes only.
21
- this._forceLegacyToken = false;
22
- // Mapping between a map-layer URL and its corresponding Oauth endpoint
23
- // i.e. https://hostname/server/rest/services/NewYork/NewYork3857/MapServer
24
- // => https://hostname/portal/sharing/oauth2/authorize
25
- this._endPointsCache = new Map();
26
25
  }
27
26
  initialize(oAuthConfig) {
28
27
  if (oAuthConfig) {
@@ -34,7 +33,7 @@ class ArcGisAccessClient {
34
33
  return true;
35
34
  }
36
35
  initOauthCallbackFunction() {
37
- window.arcGisOAuth2Callback = (redirectLocation) => {
36
+ globalThis.arcGisOAuth2Callback = (redirectLocation) => {
38
37
  let eventSuccess = false;
39
38
  let stateData;
40
39
  if (redirectLocation && redirectLocation.hash.length > 0) {
@@ -69,7 +68,7 @@ class ArcGisAccessClient {
69
68
  unInitialize() {
70
69
  this._redirectUri = undefined;
71
70
  this._expiration = undefined;
72
- window.arcGisOAuth2Callback = undefined;
71
+ globalThis.arcGisOAuth2Callback = undefined;
73
72
  }
74
73
  async getAccessToken(params) {
75
74
  // First lookup Oauth2 tokens, otherwise check try "legacy tokens" if credentials were provided
@@ -178,6 +177,10 @@ class ArcGisAccessClient {
178
177
  catch { }
179
178
  return undefined;
180
179
  }
180
+ // Mapping between a map-layer URL and its corresponding Oauth endpoint
181
+ // i.e. https://hostname/server/rest/services/NewYork/NewYork3857/MapServer
182
+ // => https://hostname/portal/sharing/oauth2/authorize
183
+ _endPointsCache = new Map();
181
184
  /**
182
185
  * Get OAuth2 endpoint that must be cause to get the Oauth2 token
183
186
  * @internal
package/lib/cjs/ArcGis/ArcGisAccessClient.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":";AAAA;;;+FAG+F;AAC/F;;GAEG;;;AAEH,sDAAsD;AAEtD,iEAAkF;AAClF,iEAAwF;AACxF,6DAA0D;AAC1D,2CAAwC;AA8CxC,YAAY;AACZ,MAAa,kBAAkB;IAS7B;QARgB,sBAAiB,GAAG,IAAI,sBAAO,EAAE,CAAC;QAKlD,sDAAsD;QAC9C,sBAAiB,GAAG,KAAK,CAAC;QAuLlC,uEAAuE;QACvE,8EAA8E;QAC9E,4DAA4D;QAEpD,oBAAe,GAAG,IAAI,GAAG,EAAoC,CAAC;IAxLtE,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,MAAc,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;YACrE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;oBAC/H,IAAI,cAAc,CAAC;oBACnB,IAAI,CAAC;wBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,EAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,EAAE,cAAc,CAAC;oBAEzC,CAAC;oBAAC,MAAM,CAAC;oBACT,CAAC;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;wBACjC,uCAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;oBACtB,CAAC;gBAEH,CAAC;YACH,CAAC;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,MAAc,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACnD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAE/F,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;QACvB,CAAC;QAED,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACvC,OAAO,uCAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,4CAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;QACjJ,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,gBAAgB;IACT,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAC5D,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IAC1G,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,+CAAwB,CAAC,SAAS,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,uCAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,uCAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,QAA4B,CAAC;QACjC,IAAI,eAAmC,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;YAC9B,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE,CAAC;gBAChC,eAAe,GAAG,KAAK,CAAC,QAAQ,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;oBACvD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YAC5D,QAAQ,GAAG,eAAe,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;QAC7B,OAAO,IAAI,CAAC,UAAU,EAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;QACvD,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;QAClC,OAAO,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;QAEnE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;gBACpB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACpE,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzE,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;gBAClC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;QAEhE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;QAChJ,CAAC;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,+CAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,uCAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAQD;;;KAGC;IACO,aAAa,CAAC,GAAgB,EAAE,YAAsC,EAAE,QAA8B;QAC5G,MAAM,KAAK,GAAG,YAAY,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,EAAC,iBAAiB,EAAE,QAAQ,EAAC,CAAC,CAAC,CAAC,EAAC,aAAa,EAAE,QAAQ,EAAC,CAAC;QAC9H,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACvC,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,cAAc,CAAC,WAAwB,EAAE,gBAAwB,EAAE,YAAsC;QACrH,oCAAoC;QACpC,MAAM,aAAa,GAAG,IAAI,2CAAoB,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;QACzH,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC;QAC7D,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;;MAGE;IACM,iBAAiB,CAAC,GAAQ;QAChC,MAAM,YAAY,GAAG;YACnB,YAAY;SACb,CAAC;QAEF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACxF,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,GAAW;QAC3C,IAAI,KAAwB,CAAC;QAC7B,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,kBAAkB,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1E,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;YAC5E,6GAA6G;YAC7G,qCAAqC;QACvC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,WAAmB,EAAE,YAAsC;QACzF,iCAAiC;QACjC,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;YACjC,OAAO,CAAC,YAAY,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrI,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,YAAY,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAElG,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QAEpC,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBAC5C,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,2CAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAC5F,CAAC;aAAM,CAAC;YAEN,wGAAwG;YACxG,IAAI,CAAC;gBACH,MAAM,uBAAuB,GAAG,MAAM,qBAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;gBAEvF,IAAI,uBAAuB,KAAK,SAAS,EAAE,CAAC;oBAC1C,kEAAkE;oBAClE,8FAA8F;oBAC9F,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;oBACvF,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;wBAClD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;wBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;wBAE9H,uCAAuC;wBACvC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;wBACxE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;4BAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,YAAY,CAAC,CAAC;4BAC5F,IAAI,QAAQ;gCACV,OAAO,QAAQ,CAAC;wBACpB,CAAC;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,gBAAgB,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBACtF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;oBACpE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;wBAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAC;wBACxF,IAAI,QAAQ;4BACV,OAAO,QAAQ,CAAC;oBACpB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;YACT,CAAC;QACH,CAAC;QAED,gEAAgE;QAChE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAE,oEAAoE;QAEhH,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QAEH,CAAC;aAAM,CAAC;YACN,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF;AArVD,gDAqVC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\r\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\r\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator\";\r\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint\";\r\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager\";\r\nimport { ArcGisUrl } from \"./ArcGisUrl\";\r\n\r\n/** @beta */\r\nexport interface ArcGisEnterpriseClientId {\r\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\r\n used to identify uniquely each enterprise server. */\r\n serviceBaseUrl: string;\r\n\r\n /* Application's clientId for this enterprise server.*/\r\n clientId: string;\r\n}\r\n\r\n/** @beta */\r\nexport interface ArcGisOAuthClientIds {\r\n /* Application's OAuth clientId in ArcGIS online */\r\n arcgisOnlineClientId?: string;\r\n\r\n /* Application's OAuth clientId for each enterprise server used. */\r\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\r\n}\r\n\r\n/** @beta\r\n * ArcGIS OAuth configurations parameters.\r\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\r\n * more details.\r\n*/\r\nexport interface ArcGisOAuthConfig {\r\n /* URL to which a user is sent once they complete sign in authorization.\r\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\r\n */\r\n redirectUri: string;\r\n\r\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\r\n tokenExpiration?: number;\r\n\r\n /* Application client Ids */\r\n clientIds: ArcGisOAuthClientIds;\r\n}\r\n\r\ninterface EndPointsCacheEntry {\r\n authorizeEndpoint?: ArcGisOAuth2Endpoint;\r\n tokenEndpoint?: ArcGisOAuth2Endpoint;\r\n}\r\n\r\ntype MapLayerUrl = string;\r\n\r\n/** @beta */\r\nexport class ArcGisAccessClient implements MapLayerAccessClient {\r\n public readonly onOAuthProcessEnd = new BeEvent();\r\n private _redirectUri: string | undefined;\r\n private _expiration: number | undefined;\r\n private _clientIds: ArcGisOAuthClientIds | undefined;\r\n\r\n // Should be kept to 'false'. Debugging purposes only.\r\n private _forceLegacyToken = false;\r\n\r\n public constructor() {\r\n }\r\n\r\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\r\n if (oAuthConfig) {\r\n this._redirectUri = oAuthConfig.redirectUri;\r\n this._expiration = oAuthConfig.tokenExpiration;\r\n this._clientIds = oAuthConfig.clientIds;\r\n\r\n this.initOauthCallbackFunction();\r\n }\r\n return true;\r\n }\r\n\r\n private initOauthCallbackFunction() {\r\n (window as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\r\n let eventSuccess = false;\r\n let stateData;\r\n\r\n if (redirectLocation && redirectLocation.hash.length > 0) {\r\n const locationHash = redirectLocation.hash;\r\n const hashParams = new URLSearchParams(locationHash.substring(1));\r\n const token = hashParams.get(\"access_token\") ?? undefined;\r\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\r\n const userName = hashParams.get(\"username\") ?? undefined;\r\n const ssl = hashParams.get(\"ssl\") === \"true\";\r\n const stateStr = hashParams.get(\"state\") ?? undefined;\r\n const persist = hashParams.get(\"persist\") === \"true\";\r\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\r\n let endpointOrigin;\r\n try {\r\n const state = JSON.parse(stateStr);\r\n stateData = state?.customData;\r\n endpointOrigin = state?.endpointOrigin;\r\n\r\n } catch {\r\n }\r\n const expiresIn = Number(expiresInStr);\r\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\r\n if (endpointOrigin !== undefined) {\r\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\r\n eventSuccess = true;\r\n }\r\n\r\n }\r\n }\r\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\r\n };\r\n }\r\n\r\n public unInitialize() {\r\n this._redirectUri = undefined;\r\n this._expiration = undefined;\r\n (window as any).arcGisOAuth2Callback = undefined;\r\n }\r\n\r\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\r\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\r\n\r\n if (!this._forceLegacyToken) {\r\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\r\n if (oauth2Token)\r\n return oauth2Token;\r\n }\r\n\r\n if (params.userName && params.password) {\r\n return ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\r\n }\r\n\r\n return undefined;\r\n }\r\n\r\n /** @internal */\r\n public static async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean> {\r\n const data = await fetch(endpointUrl, { method: \"GET\" });\r\n return data.status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\r\n }\r\n\r\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\r\n if (!this._forceLegacyToken) {\r\n return this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n }\r\n\r\n return undefined;\r\n }\r\n\r\n public invalidateToken(token: MapLayerAccessToken): boolean {\r\n let found = ArcGisTokenManager.invalidateToken(token);\r\n if (!found) {\r\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\r\n }\r\n return found;\r\n }\r\n\r\n public get redirectUri() {\r\n return this._redirectUri;\r\n }\r\n\r\n public getMatchingEnterpriseClientId(url: string) {\r\n const clientIds = this.arcGisEnterpriseClientIds;\r\n if (!clientIds) {\r\n return undefined;\r\n }\r\n\r\n let clientId: string | undefined;\r\n let defaultClientId: string | undefined;\r\n for (const entry of clientIds) {\r\n if (entry.serviceBaseUrl === \"\") {\r\n defaultClientId = entry.clientId;\r\n } else {\r\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\r\n clientId = entry.clientId;\r\n }\r\n }\r\n }\r\n\r\n // If we could not find a match with serviceBaseUrl, and a default clientId\r\n // was specified (i.e empty url), then use default clientId\r\n if (clientId === undefined && defaultClientId !== undefined) {\r\n clientId = defaultClientId;\r\n }\r\n return clientId;\r\n }\r\n\r\n public get expiration() {\r\n return this._expiration;\r\n }\r\n\r\n public get arcGisOnlineClientId() {\r\n return this._clientIds?.arcgisOnlineClientId;\r\n }\r\n\r\n public set arcGisOnlineClientId(clientId: string | undefined) {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = { arcgisOnlineClientId: clientId };\r\n }\r\n this._clientIds.arcgisOnlineClientId = clientId;\r\n }\r\n\r\n public get arcGisEnterpriseClientIds() {\r\n return this._clientIds?.enterpriseClientIds;\r\n }\r\n\r\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\r\n if (foundIdx !== -1) {\r\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\r\n } else {\r\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\r\n }\r\n } else {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = {};\r\n }\r\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\r\n }\r\n }\r\n\r\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\r\n }\r\n\r\n }\r\n\r\n /// //////////\r\n /** @internal */\r\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\r\n try {\r\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n if (oauthEndpoint !== undefined) {\r\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\r\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\r\n }\r\n } catch { }\r\n return undefined;\r\n }\r\n\r\n // Mapping between a map-layer URL and its corresponding Oauth endpoint\r\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\r\n // => https://hostname/portal/sharing/oauth2/authorize\r\n\r\n private _endPointsCache = new Map<MapLayerUrl, EndPointsCacheEntry>();\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private cacheEndpoint(url: MapLayerUrl, endpointType: ArcGisOAuth2EndpointType, endPoint: ArcGisOAuth2Endpoint) {\r\n const entry = endpointType === ArcGisOAuth2EndpointType.Authorize ? {authorizeEndpoint: endPoint} : {tokenEndpoint: endPoint};\r\n this._endPointsCache.set(url, entry);\r\n }\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private async createEndpoint(mapLayerUrl: MapLayerUrl, oauthEndpointUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\r\n // Validate the URL we just composed\r\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauthEndpointUrl, this.constructLoginUrl(oauthEndpointUrl, false), false);\r\n this.cacheEndpoint(mapLayerUrl, endpointType, oauthEndpoint);\r\n return oauthEndpoint;\r\n }\r\n\r\n /**\r\n * Returns whether the ArcGis host is valid\r\n * @internal\r\n */\r\n private isArcGisHostValid(url: URL): boolean {\r\n const allowedHosts = [\r\n \"arcgis.com\",\r\n ];\r\n\r\n return allowedHosts.some((host: string) => url.hostname.toLowerCase().endsWith(host));\r\n }\r\n\r\n private async validateEndpointUrl(url: string) {\r\n let valid: boolean|undefined;\r\n try {\r\n valid = await ArcGisAccessClient.validateOAuth2Endpoint(url.toString());\r\n } catch {\r\n // If we reach here, this means we could not validate properly the endpoint;\r\n // we cannot conclude the endpoint is invalid though; it might happen endpoint doesn't support CORS requests,\r\n // but still valid for Oauth process.\r\n }\r\n return valid;\r\n }\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private async getOAuth2Endpoint(mapLayerUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\r\n // Return from cache if available\r\n const cachedEndpoint = this._endPointsCache.get(mapLayerUrl);\r\n if (cachedEndpoint !== undefined) {\r\n return (endpointType === ArcGisOAuth2EndpointType.Authorize ? cachedEndpoint.authorizeEndpoint : cachedEndpoint.authorizeEndpoint);\r\n }\r\n\r\n const endpointStr = (endpointType === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\r\n\r\n const urlObj = new URL(mapLayerUrl);\r\n\r\n if (this.isArcGisHostValid(urlObj)) {\r\n // ArcGIS Online (fixed)\r\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\r\n\r\n if (this.arcGisOnlineClientId === undefined) {\r\n return undefined;\r\n }\r\n\r\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\r\n return new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, true), true);\r\n } else {\r\n\r\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\r\n try {\r\n const restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\r\n\r\n if (restUrlFromTokenService === undefined) {\r\n // We could not derive the token endpoint from 'tokenServicesUrl'.\r\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\r\n const regExMatch = mapLayerUrl.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\r\n if (regExMatch !== null && regExMatch.length >= 2) {\r\n const subdirectory = regExMatch[1];\r\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\r\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\r\n\r\n // Check again the URL we just composed\r\n const isValidUrl = await this.validateEndpointUrl(newUrlObj.toString());\r\n if (isValidUrl === undefined || isValidUrl ) {\r\n const endpoint = await this.createEndpoint(mapLayerUrl, newUrlObj.toString(), endpointType);\r\n if (endpoint)\r\n return endpoint;\r\n }\r\n }\r\n } else {\r\n const oauthEndpointUrl = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\r\n const isValidUrl = await this.validateEndpointUrl(oauthEndpointUrl);\r\n if (isValidUrl === undefined || isValidUrl ) {\r\n const endpoint = await this.createEndpoint(mapLayerUrl, oauthEndpointUrl, endpointType);\r\n if (endpoint)\r\n return endpoint;\r\n }\r\n }\r\n } catch {\r\n }\r\n }\r\n\r\n // If we reach here, we were not successful creating an endpoint\r\n this._endPointsCache.set(mapLayerUrl, {}); // Cache an empty entry, and avoid making repeated failing requests.\r\n\r\n return undefined; // we could not find any valid oauth2 endpoint\r\n }\r\n\r\n /**\r\n * Construct the complete Authorize url to starts the Oauth process\r\n * @internal\r\n */\r\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\r\n const urlObj = new URL(url);\r\n\r\n // Set the client id\r\n if (isArcgisOnline) {\r\n const clientId = this.arcGisOnlineClientId;\r\n assert(clientId !== undefined);\r\n if (clientId !== undefined) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n\r\n } else {\r\n const clientId = this.getMatchingEnterpriseClientId(url);\r\n assert(clientId !== undefined);\r\n if (undefined !== clientId) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n }\r\n\r\n urlObj.searchParams.set(\"response_type\", \"token\");\r\n if (this.expiration !== undefined) {\r\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\r\n }\r\n\r\n if (this.redirectUri)\r\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\r\n\r\n return urlObj.toString();\r\n }\r\n\r\n}\r\n"]}
1
+ {"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":";AAAA;;;+FAG+F;AAC/F;;GAEG;;;AAEH,sDAAsD;AAEtD,iEAAkF;AAClF,iEAAwF;AACxF,6DAA0D;AAC1D,2CAAwC;AA8CxC,YAAY;AACZ,MAAa,kBAAkB;IACb,iBAAiB,GAAG,IAAI,sBAAO,EAAE,CAAC;IAC1C,YAAY,CAAqB;IACjC,WAAW,CAAqB;IAChC,UAAU,CAAmC;IAErD,sDAAsD;IAC9C,iBAAiB,GAAG,KAAK,CAAC;IAElC;IACA,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,UAAkB,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;YACzE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;oBAC/H,IAAI,cAAc,CAAC;oBACnB,IAAI,CAAC;wBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,EAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,EAAE,cAAc,CAAC;oBAEzC,CAAC;oBAAC,MAAM,CAAC;oBACT,CAAC;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;wBACjC,uCAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;oBACtB,CAAC;gBAEH,CAAC;YACH,CAAC;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,UAAkB,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACvD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAE/F,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;QACvB,CAAC;QAED,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACvC,OAAO,uCAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,4CAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;QACjJ,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,gBAAgB;IACT,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAC5D,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IAC1G,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,+CAAwB,CAAC,SAAS,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,uCAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,uCAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,QAA4B,CAAC;QACjC,IAAI,eAAmC,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;YAC9B,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE,CAAC;gBAChC,eAAe,GAAG,KAAK,CAAC,QAAQ,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;oBACvD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YAC5D,QAAQ,GAAG,eAAe,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;QAC7B,OAAO,IAAI,CAAC,UAAU,EAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;QACvD,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;QAClC,OAAO,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;QAEnE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;gBACpB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACpE,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzE,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;gBAClC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;QAEhE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;QAChJ,CAAC;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,+CAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,uCAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,uEAAuE;IACvE,8EAA8E;IAC9E,4DAA4D;IAEpD,eAAe,GAAG,IAAI,GAAG,EAAoC,CAAC;IAEtE;;;KAGC;IACO,aAAa,CAAC,GAAgB,EAAE,YAAsC,EAAE,QAA8B;QAC5G,MAAM,KAAK,GAAG,YAAY,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,EAAC,iBAAiB,EAAE,QAAQ,EAAC,CAAC,CAAC,CAAC,EAAC,aAAa,EAAE,QAAQ,EAAC,CAAC;QAC9H,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACvC,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,cAAc,CAAC,WAAwB,EAAE,gBAAwB,EAAE,YAAsC;QACrH,oCAAoC;QACpC,MAAM,aAAa,GAAG,IAAI,2CAAoB,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;QACzH,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC;QAC7D,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;;MAGE;IACM,iBAAiB,CAAC,GAAQ;QAChC,MAAM,YAAY,GAAG;YACnB,YAAY;SACb,CAAC;QAEF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACxF,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,GAAW;QAC3C,IAAI,KAAwB,CAAC;QAC7B,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,kBAAkB,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1E,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;YAC5E,6GAA6G;YAC7G,qCAAqC;QACvC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,WAAmB,EAAE,YAAsC;QACzF,iCAAiC;QACjC,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;YACjC,OAAO,CAAC,YAAY,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrI,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,YAAY,KAAK,+CAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAElG,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QAEpC,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBAC5C,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,2CAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAC5F,CAAC;aAAM,CAAC;YAEN,wGAAwG;YACxG,IAAI,CAAC;gBACH,MAAM,uBAAuB,GAAG,MAAM,qBAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;gBAEvF,IAAI,uBAAuB,KAAK,SAAS,EAAE,CAAC;oBAC1C,kEAAkE;oBAClE,8FAA8F;oBAC9F,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;oBACvF,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;wBAClD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;wBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;wBAE9H,uCAAuC;wBACvC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;wBACxE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;4BAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,YAAY,CAAC,CAAC;4BAC5F,IAAI,QAAQ;gCACV,OAAO,QAAQ,CAAC;wBACpB,CAAC;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,gBAAgB,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBACtF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;oBACpE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;wBAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAC;wBACxF,IAAI,QAAQ;4BACV,OAAO,QAAQ,CAAC;oBACpB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;YACT,CAAC;QACH,CAAC;QAED,gEAAgE;QAChE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAE,oEAAoE;QAEhH,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QAEH,CAAC;aAAM,CAAC;YACN,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF;AArVD,gDAqVC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @packageDocumentation\n * @module Tiles\n */\n\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator\";\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint\";\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager\";\nimport { ArcGisUrl } from \"./ArcGisUrl\";\n\n/** @beta */\nexport interface ArcGisEnterpriseClientId {\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\n used to identify uniquely each enterprise server. */\n serviceBaseUrl: string;\n\n /* Application's clientId for this enterprise server.*/\n clientId: string;\n}\n\n/** @beta */\nexport interface ArcGisOAuthClientIds {\n /* Application's OAuth clientId in ArcGIS online */\n arcgisOnlineClientId?: string;\n\n /* Application's OAuth clientId for each enterprise server used. */\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\n}\n\n/** @beta\n * ArcGIS OAuth configurations parameters.\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\n * more details.\n*/\nexport interface ArcGisOAuthConfig {\n /* URL to which a user is sent once they complete sign in authorization.\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\n */\n redirectUri: string;\n\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\n tokenExpiration?: number;\n\n /* Application client Ids */\n clientIds: ArcGisOAuthClientIds;\n}\n\ninterface EndPointsCacheEntry {\n authorizeEndpoint?: ArcGisOAuth2Endpoint;\n tokenEndpoint?: ArcGisOAuth2Endpoint;\n}\n\ntype MapLayerUrl = string;\n\n/** @beta */\nexport class ArcGisAccessClient implements MapLayerAccessClient {\n public readonly onOAuthProcessEnd = new BeEvent();\n private _redirectUri: string | undefined;\n private _expiration: number | undefined;\n private _clientIds: ArcGisOAuthClientIds | undefined;\n\n // Should be kept to 'false'. Debugging purposes only.\n private _forceLegacyToken = false;\n\n public constructor() {\n }\n\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\n if (oAuthConfig) {\n this._redirectUri = oAuthConfig.redirectUri;\n this._expiration = oAuthConfig.tokenExpiration;\n this._clientIds = oAuthConfig.clientIds;\n\n this.initOauthCallbackFunction();\n }\n return true;\n }\n\n private initOauthCallbackFunction() {\n (globalThis as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\n let eventSuccess = false;\n let stateData;\n\n if (redirectLocation && redirectLocation.hash.length > 0) {\n const locationHash = redirectLocation.hash;\n const hashParams = new URLSearchParams(locationHash.substring(1));\n const token = hashParams.get(\"access_token\") ?? undefined;\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\n const userName = hashParams.get(\"username\") ?? undefined;\n const ssl = hashParams.get(\"ssl\") === \"true\";\n const stateStr = hashParams.get(\"state\") ?? undefined;\n const persist = hashParams.get(\"persist\") === \"true\";\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\n let endpointOrigin;\n try {\n const state = JSON.parse(stateStr);\n stateData = state?.customData;\n endpointOrigin = state?.endpointOrigin;\n\n } catch {\n }\n const expiresIn = Number(expiresInStr);\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\n if (endpointOrigin !== undefined) {\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\n eventSuccess = true;\n }\n\n }\n }\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\n };\n }\n\n public unInitialize() {\n this._redirectUri = undefined;\n this._expiration = undefined;\n (globalThis as any).arcGisOAuth2Callback = undefined;\n }\n\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\n\n if (!this._forceLegacyToken) {\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\n if (oauth2Token)\n return oauth2Token;\n }\n\n if (params.userName && params.password) {\n return ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\n }\n\n return undefined;\n }\n\n /** @internal */\n public static async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean> {\n const data = await fetch(endpointUrl, { method: \"GET\" });\n return data.status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\n }\n\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\n if (!this._forceLegacyToken) {\n return this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n }\n\n return undefined;\n }\n\n public invalidateToken(token: MapLayerAccessToken): boolean {\n let found = ArcGisTokenManager.invalidateToken(token);\n if (!found) {\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\n }\n return found;\n }\n\n public get redirectUri() {\n return this._redirectUri;\n }\n\n public getMatchingEnterpriseClientId(url: string) {\n const clientIds = this.arcGisEnterpriseClientIds;\n if (!clientIds) {\n return undefined;\n }\n\n let clientId: string | undefined;\n let defaultClientId: string | undefined;\n for (const entry of clientIds) {\n if (entry.serviceBaseUrl === \"\") {\n defaultClientId = entry.clientId;\n } else {\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\n clientId = entry.clientId;\n }\n }\n }\n\n // If we could not find a match with serviceBaseUrl, and a default clientId\n // was specified (i.e empty url), then use default clientId\n if (clientId === undefined && defaultClientId !== undefined) {\n clientId = defaultClientId;\n }\n return clientId;\n }\n\n public get expiration() {\n return this._expiration;\n }\n\n public get arcGisOnlineClientId() {\n return this._clientIds?.arcgisOnlineClientId;\n }\n\n public set arcGisOnlineClientId(clientId: string | undefined) {\n if (this._clientIds === undefined) {\n this._clientIds = { arcgisOnlineClientId: clientId };\n }\n this._clientIds.arcgisOnlineClientId = clientId;\n }\n\n public get arcGisEnterpriseClientIds() {\n return this._clientIds?.enterpriseClientIds;\n }\n\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\n\n if (this._clientIds?.enterpriseClientIds) {\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\n if (foundIdx !== -1) {\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\n } else {\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\n }\n } else {\n if (this._clientIds === undefined) {\n this._clientIds = {};\n }\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\n }\n }\n\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\n\n if (this._clientIds?.enterpriseClientIds) {\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\n }\n\n }\n\n /// //////////\n /** @internal */\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\n try {\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n if (oauthEndpoint !== undefined) {\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\n }\n } catch { }\n return undefined;\n }\n\n // Mapping between a map-layer URL and its corresponding Oauth endpoint\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\n // => https://hostname/portal/sharing/oauth2/authorize\n\n private _endPointsCache = new Map<MapLayerUrl, EndPointsCacheEntry>();\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private cacheEndpoint(url: MapLayerUrl, endpointType: ArcGisOAuth2EndpointType, endPoint: ArcGisOAuth2Endpoint) {\n const entry = endpointType === ArcGisOAuth2EndpointType.Authorize ? {authorizeEndpoint: endPoint} : {tokenEndpoint: endPoint};\n this._endPointsCache.set(url, entry);\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async createEndpoint(mapLayerUrl: MapLayerUrl, oauthEndpointUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Validate the URL we just composed\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauthEndpointUrl, this.constructLoginUrl(oauthEndpointUrl, false), false);\n this.cacheEndpoint(mapLayerUrl, endpointType, oauthEndpoint);\n return oauthEndpoint;\n }\n\n /**\n * Returns whether the ArcGis host is valid\n * @internal\n */\n private isArcGisHostValid(url: URL): boolean {\n const allowedHosts = [\n \"arcgis.com\",\n ];\n\n return allowedHosts.some((host: string) => url.hostname.toLowerCase().endsWith(host));\n }\n\n private async validateEndpointUrl(url: string) {\n let valid: boolean|undefined;\n try {\n valid = await ArcGisAccessClient.validateOAuth2Endpoint(url.toString());\n } catch {\n // If we reach here, this means we could not validate properly the endpoint;\n // we cannot conclude the endpoint is invalid though; it might happen endpoint doesn't support CORS requests,\n // but still valid for Oauth process.\n }\n return valid;\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async getOAuth2Endpoint(mapLayerUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Return from cache if available\n const cachedEndpoint = this._endPointsCache.get(mapLayerUrl);\n if (cachedEndpoint !== undefined) {\n return (endpointType === ArcGisOAuth2EndpointType.Authorize ? cachedEndpoint.authorizeEndpoint : cachedEndpoint.authorizeEndpoint);\n }\n\n const endpointStr = (endpointType === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\n\n const urlObj = new URL(mapLayerUrl);\n\n if (this.isArcGisHostValid(urlObj)) {\n // ArcGIS Online (fixed)\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\n\n if (this.arcGisOnlineClientId === undefined) {\n return undefined;\n }\n\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\n return new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, true), true);\n } else {\n\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\n try {\n const restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\n\n if (restUrlFromTokenService === undefined) {\n // We could not derive the token endpoint from 'tokenServicesUrl'.\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\n const regExMatch = mapLayerUrl.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\n if (regExMatch !== null && regExMatch.length >= 2) {\n const subdirectory = regExMatch[1];\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\n\n // Check again the URL we just composed\n const isValidUrl = await this.validateEndpointUrl(newUrlObj.toString());\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, newUrlObj.toString(), endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } else {\n const oauthEndpointUrl = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\n const isValidUrl = await this.validateEndpointUrl(oauthEndpointUrl);\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, oauthEndpointUrl, endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } catch {\n }\n }\n\n // If we reach here, we were not successful creating an endpoint\n this._endPointsCache.set(mapLayerUrl, {}); // Cache an empty entry, and avoid making repeated failing requests.\n\n return undefined; // we could not find any valid oauth2 endpoint\n }\n\n /**\n * Construct the complete Authorize url to starts the Oauth process\n * @internal\n */\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\n const urlObj = new URL(url);\n\n // Set the client id\n if (isArcgisOnline) {\n const clientId = this.arcGisOnlineClientId;\n assert(clientId !== undefined);\n if (clientId !== undefined) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n\n } else {\n const clientId = this.getMatchingEnterpriseClientId(url);\n assert(clientId !== undefined);\n if (undefined !== clientId) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n }\n\n urlObj.searchParams.set(\"response_type\", \"token\");\n if (this.expiration !== undefined) {\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\n }\n\n if (this.redirectUri)\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\n\n return urlObj.toString();\n }\n\n}\n"]}
package/lib/cjs/ArcGis/ArcGisOAuth2Endpoint.js CHANGED
@@ -9,6 +9,9 @@ var ArcGisOAuth2EndpointType;
9
9
  })(ArcGisOAuth2EndpointType || (exports.ArcGisOAuth2EndpointType = ArcGisOAuth2EndpointType = {}));
10
10
  /** @internal */
11
11
  class ArcGisOAuth2Endpoint {
12
+ _url;
13
+ _loginUrl;
14
+ _isArcgisOnline;
12
15
  constructor(url, loginUrl, isArcgisOnline) {
13
16
  this._url = url;
14
17
  this._loginUrl = loginUrl;
package/lib/cjs/ArcGis/ArcGisOAuth2Endpoint.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisOAuth2Endpoint.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisOAuth2Endpoint.ts"],"names":[],"mappings":";;;AAMA,gBAAgB;AAChB,IAAY,wBAA0C;AAAtD,WAAY,wBAAwB;IAAE,iFAAS,CAAA;IAAC,yEAAK,CAAA;AAAA,CAAC,EAA1C,wBAAwB,wCAAxB,wBAAwB,QAAkB;AAEtD,gBAAgB;AAChB,MAAa,oBAAoB;IAK/B,YAAY,GAAW,EAAE,QAAgB,EAAE,cAAuB;QAChE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,cAAc,CAAC;IACxC,CAAC;IAED,kCAAkC;IAC3B,MAAM;QACX,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED;;;;;OAKG;IACI,WAAW,CAAC,SAAe;QAChC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAEvC,MAAM,IAAI,GAAG;YACX,cAAc,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,EAAK,uCAAuC;YACrF,UAAU,EAAE,SAAS,EAAyB,gBAAgB;SAC/D,CAAC;QAEF,IAAI,QAAQ,CAAC;QACb,IAAI,CAAC;YACH,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAClC,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QACD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC7C,CAAC;QAED,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;IAED,IAAW,cAAc,KAAI,OAAO,IAAI,CAAC,eAAe,CAAC,CAAA,CAAC;CAE3D;AA7CD,oDA6CC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\nimport { MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\r\n\r\n/** @internal */\r\nexport enum ArcGisOAuth2EndpointType {Authorize,Token}\r\n\r\n/** @internal */\r\nexport class ArcGisOAuth2Endpoint implements MapLayerTokenEndpoint {\r\n private _url: string;\r\n private _loginUrl: string;\r\n private _isArcgisOnline: boolean;\r\n\r\n constructor(url: string, loginUrl: string, isArcgisOnline: boolean) {\r\n this._url = url;\r\n this._loginUrl = loginUrl;\r\n this._isArcgisOnline = isArcgisOnline;\r\n }\r\n\r\n // Returns the actual endpoint url\r\n public getUrl() {\r\n return this._url;\r\n }\r\n\r\n /**\r\n * Returns the URL used to login and generate the Oauth token.\r\n * @param stateData Custom JSON data that will sent back by once the Oauth process completes\r\n * @returns Promise resolves after the defaults are setup.\r\n * @internal\r\n */\r\n public getLoginUrl(stateData?: any) {\r\n const urlObj = new URL(this._loginUrl);\r\n\r\n const data = {\r\n endpointOrigin: new URL(this._url).origin, // arcGisOAuth2Callback depends on this\r\n customData: stateData, // caller's data\r\n };\r\n\r\n let stateStr;\r\n try {\r\n stateStr = JSON.stringify(data);\r\n } catch {\r\n\r\n }\r\n if (stateStr !== undefined) {\r\n urlObj.searchParams.set(\"state\", stateStr);\r\n }\r\n\r\n return urlObj.toString();\r\n }\r\n\r\n public get isArcgisOnline() {return this._isArcgisOnline;}\r\n\r\n}\r\n"]}
1
+ {"version":3,"file":"ArcGisOAuth2Endpoint.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisOAuth2Endpoint.ts"],"names":[],"mappings":";;;AAMA,gBAAgB;AAChB,IAAY,wBAA0C;AAAtD,WAAY,wBAAwB;IAAE,iFAAS,CAAA;IAAC,yEAAK,CAAA;AAAA,CAAC,EAA1C,wBAAwB,wCAAxB,wBAAwB,QAAkB;AAEtD,gBAAgB;AAChB,MAAa,oBAAoB;IACvB,IAAI,CAAS;IACb,SAAS,CAAS;IAClB,eAAe,CAAU;IAEjC,YAAY,GAAW,EAAE,QAAgB,EAAE,cAAuB;QAChE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,cAAc,CAAC;IACxC,CAAC;IAED,kCAAkC;IAC3B,MAAM;QACX,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED;;;;;OAKG;IACI,WAAW,CAAC,SAAe;QAChC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAEvC,MAAM,IAAI,GAAG;YACX,cAAc,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,EAAK,uCAAuC;YACrF,UAAU,EAAE,SAAS,EAAyB,gBAAgB;SAC/D,CAAC;QAEF,IAAI,QAAQ,CAAC;QACb,IAAI,CAAC;YACH,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAClC,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QACD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC7C,CAAC;QAED,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;IAED,IAAW,cAAc,KAAI,OAAO,IAAI,CAAC,eAAe,CAAC,CAAA,CAAC;CAE3D;AA7CD,oDA6CC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\nimport { MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\n\n/** @internal */\nexport enum ArcGisOAuth2EndpointType {Authorize,Token}\n\n/** @internal */\nexport class ArcGisOAuth2Endpoint implements MapLayerTokenEndpoint {\n private _url: string;\n private _loginUrl: string;\n private _isArcgisOnline: boolean;\n\n constructor(url: string, loginUrl: string, isArcgisOnline: boolean) {\n this._url = url;\n this._loginUrl = loginUrl;\n this._isArcgisOnline = isArcgisOnline;\n }\n\n // Returns the actual endpoint url\n public getUrl() {\n return this._url;\n }\n\n /**\n * Returns the URL used to login and generate the Oauth token.\n * @param stateData Custom JSON data that will sent back by once the Oauth process completes\n * @returns Promise resolves after the defaults are setup.\n * @internal\n */\n public getLoginUrl(stateData?: any) {\n const urlObj = new URL(this._loginUrl);\n\n const data = {\n endpointOrigin: new URL(this._url).origin, // arcGisOAuth2Callback depends on this\n customData: stateData, // caller's data\n };\n\n let stateStr;\n try {\n stateStr = JSON.stringify(data);\n } catch {\n\n }\n if (stateStr !== undefined) {\n urlObj.searchParams.set(\"state\", stateStr);\n }\n\n return urlObj.toString();\n }\n\n public get isArcgisOnline() {return this._isArcgisOnline;}\n\n}\n"]}
package/lib/cjs/ArcGis/ArcGisTokenGenerator.js CHANGED
@@ -11,6 +11,10 @@ var ArcGisTokenClientType;
11
11
  })(ArcGisTokenClientType || (exports.ArcGisTokenClientType = ArcGisTokenClientType = {}));
12
12
  /** @internal */
13
13
  class ArcGisTokenGenerator {
14
+ static restApiPath = "/rest/";
15
+ static restApiInfoPath = "info?f=pjson";
16
+ // Cache info url to avoid fetching/parsing twice for the same base url.
17
+ static _tokenServiceUrlCache = new Map();
14
18
  static async fetchTokenServiceUrl(arcGisRestServiceUrl) {
15
19
  const lowerUrl = arcGisRestServiceUrl.toLowerCase();
16
20
  const restApiIdx = lowerUrl.indexOf(ArcGisTokenGenerator.restApiPath);
@@ -101,8 +105,4 @@ class ArcGisTokenGenerator {
101
105
  }
102
106
  }
103
107
  exports.ArcGisTokenGenerator = ArcGisTokenGenerator;
104
- ArcGisTokenGenerator.restApiPath = "/rest/";
105
- ArcGisTokenGenerator.restApiInfoPath = "info?f=pjson";
106
- // Cache info url to avoid fetching/parsing twice for the same base url.
107
- ArcGisTokenGenerator._tokenServiceUrlCache = new Map();
108
108
  //# sourceMappingURL=ArcGisTokenGenerator.js.map
package/lib/cjs/ArcGis/ArcGisTokenGenerator.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisTokenGenerator.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenGenerator.ts"],"names":[],"mappings":";;;AAmCA,4GAA4G;AAC5G,gBAAgB;AAChB,IAAY,qBAIX;AAJD,WAAY,qBAAqB;IAC/B,6DAAE,CAAA;IACF,uEAAO,CAAA;IACP,2EAAS,CAAA;AACX,CAAC,EAJW,qBAAqB,qCAArB,qBAAqB,QAIhC;AA8BD,gBAAgB;AAChB,MAAa,oBAAoB;IAOxB,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,oBAA4B;QACnE,MAAM,QAAQ,GAAG,oBAAoB,CAAC,WAAW,EAAE,CAAC;QACpD,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC;QACtE,IAAI,UAAU,KAAK,CAAC,CAAC;YACnB,OAAO,SAAS,CAAC;QACnB,MAAM,OAAO,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC,EAAE,UAAU,GAAG,oBAAoB,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,oBAAoB,CAAC,eAAe,CAAC;QAE/I,IAAI,gBAAoC,CAAC;QACzC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACzD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,gBAAgB,GAAG,oBAAoB,CAAC,2BAA2B,CAAC,IAAI,CAAC,CAAC;QAC5E,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAEM,MAAM,CAAC,2BAA2B,CAAC,IAAS;QACjD,OAAO,IAAI,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;IAC5F,CAAC;IAEM,KAAK,CAAC,kBAAkB,CAAC,OAAe;QAC7C,MAAM,MAAM,GAAG,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACvE,IAAI,MAAM,KAAK,SAAS;YACtB,OAAO,MAAM,CAAC;QAEhB,MAAM,eAAe,GAAG,MAAM,oBAAoB,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;QACjF,IAAI,eAAe,KAAK,SAAS;YAC/B,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAE3E,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,6FAA6F;IACtF,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QACzH,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,oBAAoB,CAAC,CAAC;QAC5E,IAAI,CAAC,eAAe;YAClB,OAAO,SAAS,CAAC;QAEnB,IAAI,KAAgB,CAAC;QACrB,IAAI,CAAC;YACH,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YACrD,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YAErD,+BAA+B;YAC/B,IAAI,aAAa,GAAG,EAAE,CAAC;YACvB,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;gBACvB,aAAa,GAAG,eAAe,OAAO,CAAC,UAAU,EAAE,CAAC;YACtD,CAAC;YAED,2BAA2B;YAC3B,IAAI,SAAS,GAAG,EAAE,CAAC;YACnB,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,OAAO,EAAE,CAAC;gBACrD,IAAI,UAAU,GAAG,EAAE,CAAC;gBACpB,IAAI,OAAO,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;oBAClC,UAAU,GAAG,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAK,gCAAgC;gBACxF,CAAC;qBAAM,CAAC;oBACN,UAAU,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;gBACnD,CAAC;gBAED,SAAS,GAAG,2BAA2B,UAAU,EAAE,CAAC;YACtD,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,EAAE,EAAE,CAAC;gBACvD,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS;oBAC1B,OAAO,KAAK,CAAC;gBACf,SAAS,GAAG,iBAAiB,OAAO,CAAC,EAAE,EAAE,CAAC;YAC5C,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,SAAS,EAAE,CAAC;gBAC9D,SAAS,GAAG,uBAAuB,CAAC;YACtC,CAAC;YAED,MAAM,kBAAkB,GAAgB;gBACtC,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,YAAY,eAAe,aAAa,eAAe,GAAG,SAAS,GAAG,aAAa,UAAU;gBACnG,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;aACjE,CAAC;YAEF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC;YAElE,0EAA0E;YAC1E,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEhC,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gIAAgI;IAChI,2HAA2H;IACpH,MAAM,CAAC,UAAU,CAAC,GAAW;QAClC,OAAO,oBAAoB,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACtE,CAAC;IAED,2EAA2E;IAC3E,qDAAqD;IAC9C,MAAM,CAAC,aAAa,CAAC,GAAW;QACrC,OAAO,kBAAkB,CAAC,GAAG,CAAC;aAC3B,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;IAC3B,CAAC;;AAzGH,oDA0GC;AAzGyB,gCAAW,GAAG,QAAQ,CAAC;AACvB,oCAAe,GAAG,cAAc,CAAC;AAEzD,wEAAwE;AACzD,0CAAqB,GAAG,IAAI,GAAG,EAAkB,CAAC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\r\n\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\n/** @internal */\r\nexport interface ArcGisOAuth2Token extends MapLayerAccessToken {\r\n\r\n // The expiration time of the token in milliseconds (UNIX time)\r\n expiresAt: number;\r\n\r\n // This property will show as true if the token must always pass over ssl.\r\n ssl: boolean;\r\n\r\n // Username associated with this token\r\n userName: string;\r\n\r\n // A Binary value that, if true, implies that the user had checked \"Keep me signed in\"\r\n persist?: boolean;\r\n}\r\n\r\n/** @internal */\r\nexport interface ArcGisToken extends MapLayerAccessToken {\r\n // The expiration time of the token in milliseconds since January 1, 1970 (UTC).\r\n expires: number;\r\n\r\n // This property will show as true if the token must always pass over ssl.\r\n ssl: boolean;\r\n}\r\n\r\n// client application's base URL, a user-specified IP address, or the IP address that is making the request.\r\n/** @internal */\r\nexport enum ArcGisTokenClientType {\r\n ip,\r\n referer,\r\n requestIp,\r\n}\r\n\r\n/** @internal */\r\nexport interface ArcGisGenerateTokenOptions {\r\n\r\n // The client type that will be granted access to the token.\r\n // Users will be able to specify whether the token will be generated for a client application's base URL,\r\n // a user-specified IP address, or the IP address that is making the request.\r\n client: ArcGisTokenClientType;\r\n\r\n // The IP address that will be using the created token for access.\r\n // On the Generate Token page, the IP address is specified in the IP Address field. This is required when client has been set as ip.\r\n // Example ip=11.11.111.111\r\n ip?: string;\r\n\r\n // The base URL of the client application that will use the token.\r\n // On the Generate Token page, the referrer URL is specified in the Webapp URL field.\r\n // Defaults to location.origin if undefined and client = referer.\r\n // This is required when client has been set as referer.\r\n // Example : referer=https://myserver/mywebapp\r\n referer?: string;\r\n\r\n // The token expiration time in minutes. The default is 60 minutes (one hour).\r\n // The maximum expiration period is 15 days. The maximum value of the expiration time is controlled by the server.\r\n // Requests for tokens larger than this time will be rejected.\r\n // Applications are responsible for renewing expired tokens;\r\n // expired tokens will be rejected by the server on subsequent requests that use the token.\r\n expiration?: number; // in minutes, defaults to 60 minutes\r\n}\r\n\r\n/** @internal */\r\nexport class ArcGisTokenGenerator {\r\n private static readonly restApiPath = \"/rest/\";\r\n private static readonly restApiInfoPath = \"info?f=pjson\";\r\n\r\n // Cache info url to avoid fetching/parsing twice for the same base url.\r\n private static _tokenServiceUrlCache = new Map<string, string>();\r\n\r\n public static async fetchTokenServiceUrl(arcGisRestServiceUrl: string): Promise<string | undefined> {\r\n const lowerUrl = arcGisRestServiceUrl.toLowerCase();\r\n const restApiIdx = lowerUrl.indexOf(ArcGisTokenGenerator.restApiPath);\r\n if (restApiIdx === -1)\r\n return undefined;\r\n const infoUrl = arcGisRestServiceUrl.substring(0, restApiIdx + ArcGisTokenGenerator.restApiPath.length) + ArcGisTokenGenerator.restApiInfoPath;\r\n\r\n let tokenServicesUrl: string | undefined;\r\n try {\r\n const response = await fetch(infoUrl, { method: \"GET\" });\r\n const json = await response.json();\r\n tokenServicesUrl = ArcGisTokenGenerator.getTokenServiceFromInfoJson(json);\r\n } catch { }\r\n return tokenServicesUrl;\r\n }\r\n\r\n public static getTokenServiceFromInfoJson(json: any): string | undefined {\r\n return json.authInfo?.isTokenBasedSecurity ? json?.authInfo?.tokenServicesUrl : undefined;\r\n }\r\n\r\n public async getTokenServiceUrl(baseUrl: string): Promise<string | undefined> {\r\n const cached = ArcGisTokenGenerator._tokenServiceUrlCache.get(baseUrl);\r\n if (cached !== undefined)\r\n return cached;\r\n\r\n const tokenServiceUrl = await ArcGisTokenGenerator.fetchTokenServiceUrl(baseUrl);\r\n if (tokenServiceUrl !== undefined)\r\n ArcGisTokenGenerator._tokenServiceUrlCache.set(baseUrl, tokenServiceUrl);\r\n\r\n return tokenServiceUrl;\r\n }\r\n\r\n // base url: ArcGis REST service base URL (format must be \"https://<host>/<instance>/rest/\")\r\n public async generate(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<any> {\r\n const tokenServiceUrl = await this.getTokenServiceUrl(arcGisRestServiceUrl);\r\n if (!tokenServiceUrl)\r\n return undefined;\r\n\r\n let token: undefined;\r\n try {\r\n const encodedUsername = encodeURIComponent(userName);\r\n const encodedPassword = encodeURIComponent(password);\r\n\r\n // Compose the expiration param\r\n let expirationStr = \"\";\r\n if (options.expiration) {\r\n expirationStr = `&expiration=${options.expiration}`;\r\n }\r\n\r\n // Compose the client param\r\n let clientStr = \"\";\r\n if (options.client === ArcGisTokenClientType.referer) {\r\n let refererStr = \"\";\r\n if (options.referer === undefined) {\r\n refererStr = encodeURIComponent(location.origin); // default to application origin\r\n } else {\r\n refererStr = encodeURIComponent(options.referer);\r\n }\r\n\r\n clientStr = `&client=referer&referer=${refererStr}`;\r\n } else if (options.client === ArcGisTokenClientType.ip) {\r\n if (options.ip === undefined)\r\n return token;\r\n clientStr = `&client=ip&ip=${options.ip}`;\r\n } else if (options.client === ArcGisTokenClientType.requestIp) {\r\n clientStr = `&client=requestip&ip=`;\r\n }\r\n\r\n const httpRequestOptions: RequestInit = {\r\n method: \"POST\",\r\n body: `username=${encodedUsername}&password=${encodedPassword}${clientStr}${expirationStr}&f=pjson`,\r\n headers: { \"content-type\": \"application/x-www-form-urlencoded\" },\r\n };\r\n\r\n const response = await fetch(tokenServiceUrl, httpRequestOptions);\r\n\r\n // Check a token was really generated (an error could be part of the body)\r\n token = await response.json();\r\n\r\n } catch { }\r\n return token;\r\n }\r\n\r\n // Encode following 'application/x-www-form-urlencoded' standard (https://www.w3.org/TR/html401/interact/forms.html#h-17.13.3.3)\r\n // Also mentioned here: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent\r\n public static formEncode(str: string): string {\r\n return ArcGisTokenGenerator.rfc1738Encode(str).replace(/%20/g, \"+\");\r\n }\r\n\r\n // Encode following RFC1738 standard (https://www.ietf.org/rfc/rfc1738.txt)\r\n // Code from https://locutus.io/php/url/rawurlencode/\r\n public static rfc1738Encode(str: string): string {\r\n return encodeURIComponent(str)\r\n .replace(/!/g, \"%21\")\r\n .replace(/'/g, \"%27\")\r\n .replace(/\\(/g, \"%28\")\r\n .replace(/\\)/g, \"%29\")\r\n .replace(/\\*/g, \"%2A\");\r\n }\r\n}\r\n"]}
1
+ {"version":3,"file":"ArcGisTokenGenerator.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenGenerator.ts"],"names":[],"mappings":";;;AAmCA,4GAA4G;AAC5G,gBAAgB;AAChB,IAAY,qBAIX;AAJD,WAAY,qBAAqB;IAC/B,6DAAE,CAAA;IACF,uEAAO,CAAA;IACP,2EAAS,CAAA;AACX,CAAC,EAJW,qBAAqB,qCAArB,qBAAqB,QAIhC;AA8BD,gBAAgB;AAChB,MAAa,oBAAoB;IACvB,MAAM,CAAU,WAAW,GAAG,QAAQ,CAAC;IACvC,MAAM,CAAU,eAAe,GAAG,cAAc,CAAC;IAEzD,wEAAwE;IAChE,MAAM,CAAC,qBAAqB,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE1D,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,oBAA4B;QACnE,MAAM,QAAQ,GAAG,oBAAoB,CAAC,WAAW,EAAE,CAAC;QACpD,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC;QACtE,IAAI,UAAU,KAAK,CAAC,CAAC;YACnB,OAAO,SAAS,CAAC;QACnB,MAAM,OAAO,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC,EAAE,UAAU,GAAG,oBAAoB,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,oBAAoB,CAAC,eAAe,CAAC;QAE/I,IAAI,gBAAoC,CAAC;QACzC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACzD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,gBAAgB,GAAG,oBAAoB,CAAC,2BAA2B,CAAC,IAAI,CAAC,CAAC;QAC5E,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAEM,MAAM,CAAC,2BAA2B,CAAC,IAAS;QACjD,OAAO,IAAI,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;IAC5F,CAAC;IAEM,KAAK,CAAC,kBAAkB,CAAC,OAAe;QAC7C,MAAM,MAAM,GAAG,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACvE,IAAI,MAAM,KAAK,SAAS;YACtB,OAAO,MAAM,CAAC;QAEhB,MAAM,eAAe,GAAG,MAAM,oBAAoB,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;QACjF,IAAI,eAAe,KAAK,SAAS;YAC/B,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAE3E,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,6FAA6F;IACtF,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QACzH,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,oBAAoB,CAAC,CAAC;QAC5E,IAAI,CAAC,eAAe;YAClB,OAAO,SAAS,CAAC;QAEnB,IAAI,KAAgB,CAAC;QACrB,IAAI,CAAC;YACH,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YACrD,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YAErD,+BAA+B;YAC/B,IAAI,aAAa,GAAG,EAAE,CAAC;YACvB,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;gBACvB,aAAa,GAAG,eAAe,OAAO,CAAC,UAAU,EAAE,CAAC;YACtD,CAAC;YAED,2BAA2B;YAC3B,IAAI,SAAS,GAAG,EAAE,CAAC;YACnB,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,OAAO,EAAE,CAAC;gBACrD,IAAI,UAAU,GAAG,EAAE,CAAC;gBACpB,IAAI,OAAO,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;oBAClC,UAAU,GAAG,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAK,gCAAgC;gBACxF,CAAC;qBAAM,CAAC;oBACN,UAAU,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;gBACnD,CAAC;gBAED,SAAS,GAAG,2BAA2B,UAAU,EAAE,CAAC;YACtD,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,EAAE,EAAE,CAAC;gBACvD,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS;oBAC1B,OAAO,KAAK,CAAC;gBACf,SAAS,GAAG,iBAAiB,OAAO,CAAC,EAAE,EAAE,CAAC;YAC5C,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,SAAS,EAAE,CAAC;gBAC9D,SAAS,GAAG,uBAAuB,CAAC;YACtC,CAAC;YAED,MAAM,kBAAkB,GAAgB;gBACtC,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,YAAY,eAAe,aAAa,eAAe,GAAG,SAAS,GAAG,aAAa,UAAU;gBACnG,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;aACjE,CAAC;YAEF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC;YAElE,0EAA0E;YAC1E,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEhC,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gIAAgI;IAChI,2HAA2H;IACpH,MAAM,CAAC,UAAU,CAAC,GAAW;QAClC,OAAO,oBAAoB,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACtE,CAAC;IAED,2EAA2E;IAC3E,qDAAqD;IAC9C,MAAM,CAAC,aAAa,CAAC,GAAW;QACrC,OAAO,kBAAkB,CAAC,GAAG,CAAC;aAC3B,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;IAC3B,CAAC;;AAzGH,oDA0GC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\n\n/** @packageDocumentation\n * @module Tiles\n */\n\n/** @internal */\nexport interface ArcGisOAuth2Token extends MapLayerAccessToken {\n\n // The expiration time of the token in milliseconds (UNIX time)\n expiresAt: number;\n\n // This property will show as true if the token must always pass over ssl.\n ssl: boolean;\n\n // Username associated with this token\n userName: string;\n\n // A Binary value that, if true, implies that the user had checked \"Keep me signed in\"\n persist?: boolean;\n}\n\n/** @internal */\nexport interface ArcGisToken extends MapLayerAccessToken {\n // The expiration time of the token in milliseconds since January 1, 1970 (UTC).\n expires: number;\n\n // This property will show as true if the token must always pass over ssl.\n ssl: boolean;\n}\n\n// client application's base URL, a user-specified IP address, or the IP address that is making the request.\n/** @internal */\nexport enum ArcGisTokenClientType {\n ip,\n referer,\n requestIp,\n}\n\n/** @internal */\nexport interface ArcGisGenerateTokenOptions {\n\n // The client type that will be granted access to the token.\n // Users will be able to specify whether the token will be generated for a client application's base URL,\n // a user-specified IP address, or the IP address that is making the request.\n client: ArcGisTokenClientType;\n\n // The IP address that will be using the created token for access.\n // On the Generate Token page, the IP address is specified in the IP Address field. This is required when client has been set as ip.\n // Example ip=11.11.111.111\n ip?: string;\n\n // The base URL of the client application that will use the token.\n // On the Generate Token page, the referrer URL is specified in the Webapp URL field.\n // Defaults to location.origin if undefined and client = referer.\n // This is required when client has been set as referer.\n // Example : referer=https://myserver/mywebapp\n referer?: string;\n\n // The token expiration time in minutes. The default is 60 minutes (one hour).\n // The maximum expiration period is 15 days. The maximum value of the expiration time is controlled by the server.\n // Requests for tokens larger than this time will be rejected.\n // Applications are responsible for renewing expired tokens;\n // expired tokens will be rejected by the server on subsequent requests that use the token.\n expiration?: number; // in minutes, defaults to 60 minutes\n}\n\n/** @internal */\nexport class ArcGisTokenGenerator {\n private static readonly restApiPath = \"/rest/\";\n private static readonly restApiInfoPath = \"info?f=pjson\";\n\n // Cache info url to avoid fetching/parsing twice for the same base url.\n private static _tokenServiceUrlCache = new Map<string, string>();\n\n public static async fetchTokenServiceUrl(arcGisRestServiceUrl: string): Promise<string | undefined> {\n const lowerUrl = arcGisRestServiceUrl.toLowerCase();\n const restApiIdx = lowerUrl.indexOf(ArcGisTokenGenerator.restApiPath);\n if (restApiIdx === -1)\n return undefined;\n const infoUrl = arcGisRestServiceUrl.substring(0, restApiIdx + ArcGisTokenGenerator.restApiPath.length) + ArcGisTokenGenerator.restApiInfoPath;\n\n let tokenServicesUrl: string | undefined;\n try {\n const response = await fetch(infoUrl, { method: \"GET\" });\n const json = await response.json();\n tokenServicesUrl = ArcGisTokenGenerator.getTokenServiceFromInfoJson(json);\n } catch { }\n return tokenServicesUrl;\n }\n\n public static getTokenServiceFromInfoJson(json: any): string | undefined {\n return json.authInfo?.isTokenBasedSecurity ? json?.authInfo?.tokenServicesUrl : undefined;\n }\n\n public async getTokenServiceUrl(baseUrl: string): Promise<string | undefined> {\n const cached = ArcGisTokenGenerator._tokenServiceUrlCache.get(baseUrl);\n if (cached !== undefined)\n return cached;\n\n const tokenServiceUrl = await ArcGisTokenGenerator.fetchTokenServiceUrl(baseUrl);\n if (tokenServiceUrl !== undefined)\n ArcGisTokenGenerator._tokenServiceUrlCache.set(baseUrl, tokenServiceUrl);\n\n return tokenServiceUrl;\n }\n\n // base url: ArcGis REST service base URL (format must be \"https://<host>/<instance>/rest/\")\n public async generate(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<any> {\n const tokenServiceUrl = await this.getTokenServiceUrl(arcGisRestServiceUrl);\n if (!tokenServiceUrl)\n return undefined;\n\n let token: undefined;\n try {\n const encodedUsername = encodeURIComponent(userName);\n const encodedPassword = encodeURIComponent(password);\n\n // Compose the expiration param\n let expirationStr = \"\";\n if (options.expiration) {\n expirationStr = `&expiration=${options.expiration}`;\n }\n\n // Compose the client param\n let clientStr = \"\";\n if (options.client === ArcGisTokenClientType.referer) {\n let refererStr = \"\";\n if (options.referer === undefined) {\n refererStr = encodeURIComponent(location.origin); // default to application origin\n } else {\n refererStr = encodeURIComponent(options.referer);\n }\n\n clientStr = `&client=referer&referer=${refererStr}`;\n } else if (options.client === ArcGisTokenClientType.ip) {\n if (options.ip === undefined)\n return token;\n clientStr = `&client=ip&ip=${options.ip}`;\n } else if (options.client === ArcGisTokenClientType.requestIp) {\n clientStr = `&client=requestip&ip=`;\n }\n\n const httpRequestOptions: RequestInit = {\n method: \"POST\",\n body: `username=${encodedUsername}&password=${encodedPassword}${clientStr}${expirationStr}&f=pjson`,\n headers: { \"content-type\": \"application/x-www-form-urlencoded\" },\n };\n\n const response = await fetch(tokenServiceUrl, httpRequestOptions);\n\n // Check a token was really generated (an error could be part of the body)\n token = await response.json();\n\n } catch { }\n return token;\n }\n\n // Encode following 'application/x-www-form-urlencoded' standard (https://www.w3.org/TR/html401/interact/forms.html#h-17.13.3.3)\n // Also mentioned here: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent\n public static formEncode(str: string): string {\n return ArcGisTokenGenerator.rfc1738Encode(str).replace(/%20/g, \"+\");\n }\n\n // Encode following RFC1738 standard (https://www.ietf.org/rfc/rfc1738.txt)\n // Code from https://locutus.io/php/url/rawurlencode/\n public static rfc1738Encode(str: string): string {\n return encodeURIComponent(str)\n .replace(/!/g, \"%21\")\n .replace(/'/g, \"%27\")\n .replace(/\\(/g, \"%28\")\n .replace(/\\)/g, \"%29\")\n .replace(/\\*/g, \"%2A\");\n }\n}\n"]}
package/lib/cjs/ArcGis/ArcGisTokenManager.js CHANGED
@@ -11,6 +11,11 @@ exports.ArcGisTokenManager = void 0;
11
11
  const ArcGisTokenGenerator_1 = require("./ArcGisTokenGenerator");
12
12
  /** @internal */
13
13
  class ArcGisTokenManager {
14
+ static tokenExpiryThreshold = 300000; // 5 minutes in milliseconds
15
+ static _cache = new Map();
16
+ static _oauth2Cache;
17
+ static _generator;
18
+ static _browserStorageKey = "arcGisOAuth";
14
19
  static async getToken(arcGisRestServiceUrl, userName, password, options) {
15
20
  if (!ArcGisTokenManager._generator)
16
21
  ArcGisTokenManager._generator = new ArcGisTokenGenerator_1.ArcGisTokenGenerator();
@@ -106,7 +111,4 @@ class ArcGisTokenManager {
106
111
  }
107
112
  }
108
113
  exports.ArcGisTokenManager = ArcGisTokenManager;
109
- ArcGisTokenManager.tokenExpiryThreshold = 300000; // 5 minutes in milliseconds
110
- ArcGisTokenManager._cache = new Map();
111
- ArcGisTokenManager._browserStorageKey = "arcGisOAuth";
112
114
  //# sourceMappingURL=ArcGisTokenManager.js.map
package/lib/cjs/ArcGis/ArcGisTokenManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisTokenManager.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenManager.ts"],"names":[],"mappings":";AAAA;;;+FAG+F;AAC/F;;GAEG;;;AAGH,iEAA0H;AAO1H,gBAAgB;AAChB,MAAa,kBAAkB;IAOtB,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QAChI,IAAI,CAAC,kBAAkB,CAAC,UAAU;YAChC,kBAAkB,CAAC,UAAU,GAAG,IAAI,2CAAoB,EAAE,CAAC;QAE7D,MAAM,aAAa,GAAG,GAAG,kBAAkB,CAAC,QAAQ,CAAC,IAAI,oBAAoB,EAAE,CAAC;QAEhF,mCAAmC;QACnC,MAAM,WAAW,GAAG,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QAEjE,2GAA2G;QAC3G,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACjH,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,yCAAyC;QACzC,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,oBAAoB,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACjH,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,KAAK,GAAG,QAAuB,CAAC;YACtC,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;YACpD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,MAAM,CAAC,eAAe,CAAC,KAA0B;QAEtD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,MAAM,EAAE,CAAC;YACrD,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK;gBAC7B,OAAO,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjD,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW;QACtC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;YACvE,kBAAkB,CAAC,sBAAsB,EAAE,CAAC;QAC9C,CAAC;QAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAE7D,gFAAgF;QAChF,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,SAAS,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACnH,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC5C,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAEM,MAAM,CAAC,qBAAqB,CAAC,KAA0B;QAE5D,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;YACpC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;gBAC3D,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK,EAAC,CAAC;oBAC/B,MAAM,OAAO,GAAG,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBAC5D,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;oBAC1C,OAAO,OAAO,CAAC;gBACjB,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW,EAAE,KAAwB;QAEhE,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;QAEzE,CAAC;QACD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAEhD,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;IAC5C,CAAC;IAEM,MAAM,CAAC,sBAAsB;QAClC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,IAAwB,EAAE,EAAE;YAC/C,IAAI,IAAI,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC1D,MAAM,MAAM,GAAiC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC9D,IAAI,MAAM,EAAE,CAAC;oBACX,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;wBAClD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;oBAClD,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,WAAW,CAAC,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;QACjF,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;IACjF,CAAC;IAEM,MAAM,CAAC,oBAAoB;QAEhC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QACD,MAAM,aAAa,GAAqB,EAAE,CAAC;QAC3C,MAAM,aAAa,GAAqB,EAAE,CAAC;QAE3C,kBAAkB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,KAAwB,EAAE,GAAW,EAAE,EAAE;YAChF,oEAAoE;YACpE,gCAAgC;YAChC,gCAAgC;YAChC,WAAW;YACX,gCAAgC;YAChC,IAAI;YACJ,aAAa,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC7B,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;QACtF,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;IACtF,CAAC;;AA5HH,gDA8HC;AA7HyB,uCAAoB,GAAG,MAAM,CAAC,CAAE,4BAA4B;AACrE,yBAAM,GAAG,IAAI,GAAG,EAAuB,CAAC;AAG/B,qCAAkB,GAAG,aAAa,CAAC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\r\nimport { ArcGisGenerateTokenOptions, ArcGisOAuth2Token, ArcGisToken, ArcGisTokenGenerator } from \"./ArcGisTokenGenerator\";\r\n\r\n/** @internal */\r\ninterface ArcGisTokenProps {\r\n [hostname: string]: ArcGisOAuth2Token;\r\n}\r\n\r\n/** @internal */\r\nexport class ArcGisTokenManager {\r\n private static readonly tokenExpiryThreshold = 300000; // 5 minutes in milliseconds\r\n private static _cache = new Map<string, ArcGisToken>();\r\n private static _oauth2Cache: Map<string, ArcGisOAuth2Token> | undefined;\r\n private static _generator: ArcGisTokenGenerator | undefined;\r\n private static readonly _browserStorageKey = \"arcGisOAuth\";\r\n\r\n public static async getToken(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<ArcGisToken | undefined> {\r\n if (!ArcGisTokenManager._generator)\r\n ArcGisTokenManager._generator = new ArcGisTokenGenerator();\r\n\r\n const tokenCacheKey = `${encodeURIComponent(userName)}@${arcGisRestServiceUrl}`;\r\n\r\n // First check in the session cache\r\n const cachedToken = ArcGisTokenManager._cache.get(tokenCacheKey);\r\n\r\n // Check if token is in cached and is valid within the threshold, if not, generate a new token immediately.\r\n if (cachedToken !== undefined && (cachedToken.expires - (+new Date()) > ArcGisTokenManager.tokenExpiryThreshold)) {\r\n return cachedToken;\r\n }\r\n\r\n // Nothing in cache, generate a new token\r\n const newToken = await ArcGisTokenManager._generator.generate(arcGisRestServiceUrl, userName, password, options);\r\n if (newToken.token) {\r\n const token = newToken as ArcGisToken;\r\n ArcGisTokenManager._cache.set(tokenCacheKey, token);\r\n return token;\r\n }\r\n\r\n return undefined;\r\n }\r\n\r\n public static invalidateToken(token: MapLayerAccessToken): boolean {\r\n\r\n for (const [key, value] of ArcGisTokenManager._cache) {\r\n if (value.token === token.token)\r\n return ArcGisTokenManager._cache.delete(key);\r\n }\r\n\r\n return false;\r\n }\r\n\r\n public static getOAuth2Token(key: string): ArcGisOAuth2Token | undefined {\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\r\n ArcGisTokenManager.loadFromBrowserStorage();\r\n }\r\n\r\n const cachedToken = ArcGisTokenManager._oauth2Cache.get(key);\r\n\r\n // If cached token has expired (or about to expire), invalidate don't return it.\r\n if (cachedToken !== undefined && (cachedToken.expiresAt - (+new Date()) < ArcGisTokenManager.tokenExpiryThreshold)) {\r\n ArcGisTokenManager._oauth2Cache.delete(key);\r\n return undefined;\r\n }\r\n\r\n return cachedToken;\r\n }\r\n\r\n public static invalidateOAuth2Token(token: MapLayerAccessToken) {\r\n\r\n if (ArcGisTokenManager._oauth2Cache) {\r\n for (const [key, value] of ArcGisTokenManager._oauth2Cache) {\r\n if (value.token === token.token){\r\n const deleted = ArcGisTokenManager._oauth2Cache.delete(key);\r\n ArcGisTokenManager.saveToBrowserStorage();\r\n return deleted;\r\n }\r\n }\r\n }\r\n\r\n return false;\r\n }\r\n\r\n public static setOAuth2Token(key: string, token: ArcGisOAuth2Token) {\r\n\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\r\n\r\n }\r\n ArcGisTokenManager._oauth2Cache.set(key, token);\r\n\r\n ArcGisTokenManager.saveToBrowserStorage();\r\n }\r\n\r\n public static loadFromBrowserStorage() {\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n return;\r\n }\r\n\r\n const loadEntries = (json: string | undefined) => {\r\n if (json && ArcGisTokenManager._oauth2Cache !== undefined) {\r\n const tokens: ArcGisTokenProps | undefined = JSON.parse(json);\r\n if (tokens) {\r\n for (const [key, value] of Object.entries(tokens)) {\r\n ArcGisTokenManager._oauth2Cache.set(key, value);\r\n }\r\n }\r\n }\r\n };\r\n\r\n loadEntries(window.sessionStorage.getItem(this._browserStorageKey) ?? undefined);\r\n loadEntries(window.localStorage.getItem(this._browserStorageKey) ?? undefined);\r\n }\r\n\r\n public static saveToBrowserStorage() {\r\n\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n return;\r\n }\r\n const sessionTokens: ArcGisTokenProps = {};\r\n const storageTokens: ArcGisTokenProps = {};\r\n\r\n ArcGisTokenManager._oauth2Cache.forEach((value: ArcGisOAuth2Token, key: string) => {\r\n // ignore the persist flag for now, and only save to session storage\r\n // if (value.persist === true) {\r\n // storageTokens[key] = value;\r\n // } else {\r\n // sessionTokens[key] = value;\r\n // }\r\n sessionTokens[key] = value;\r\n });\r\n window.sessionStorage.setItem(this._browserStorageKey, JSON.stringify(sessionTokens));\r\n window.localStorage.setItem(this._browserStorageKey, JSON.stringify(storageTokens));\r\n }\r\n\r\n}\r\n"]}
1
+ {"version":3,"file":"ArcGisTokenManager.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenManager.ts"],"names":[],"mappings":";AAAA;;;+FAG+F;AAC/F;;GAEG;;;AAGH,iEAA0H;AAO1H,gBAAgB;AAChB,MAAa,kBAAkB;IACrB,MAAM,CAAU,oBAAoB,GAAG,MAAM,CAAC,CAAE,4BAA4B;IAC5E,MAAM,CAAC,MAAM,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC/C,MAAM,CAAC,YAAY,CAA6C;IAChE,MAAM,CAAC,UAAU,CAAmC;IACpD,MAAM,CAAU,kBAAkB,GAAG,aAAa,CAAC;IAEpD,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QAChI,IAAI,CAAC,kBAAkB,CAAC,UAAU;YAChC,kBAAkB,CAAC,UAAU,GAAG,IAAI,2CAAoB,EAAE,CAAC;QAE7D,MAAM,aAAa,GAAG,GAAG,kBAAkB,CAAC,QAAQ,CAAC,IAAI,oBAAoB,EAAE,CAAC;QAEhF,mCAAmC;QACnC,MAAM,WAAW,GAAG,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QAEjE,2GAA2G;QAC3G,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACjH,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,yCAAyC;QACzC,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,oBAAoB,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACjH,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,KAAK,GAAG,QAAuB,CAAC;YACtC,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;YACpD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,MAAM,CAAC,eAAe,CAAC,KAA0B;QAEtD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,MAAM,EAAE,CAAC;YACrD,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK;gBAC7B,OAAO,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjD,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW;QACtC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;YACvE,kBAAkB,CAAC,sBAAsB,EAAE,CAAC;QAC9C,CAAC;QAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAE7D,gFAAgF;QAChF,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,SAAS,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACnH,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC5C,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAEM,MAAM,CAAC,qBAAqB,CAAC,KAA0B;QAE5D,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;YACpC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;gBAC3D,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK,EAAC,CAAC;oBAC/B,MAAM,OAAO,GAAG,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBAC5D,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;oBAC1C,OAAO,OAAO,CAAC;gBACjB,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW,EAAE,KAAwB;QAEhE,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;QAEzE,CAAC;QACD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAEhD,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;IAC5C,CAAC;IAEM,MAAM,CAAC,sBAAsB;QAClC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,IAAwB,EAAE,EAAE;YAC/C,IAAI,IAAI,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC1D,MAAM,MAAM,GAAiC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC9D,IAAI,MAAM,EAAE,CAAC;oBACX,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;wBAClD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;oBAClD,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,WAAW,CAAC,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;QACjF,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;IACjF,CAAC;IAEM,MAAM,CAAC,oBAAoB;QAEhC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QACD,MAAM,aAAa,GAAqB,EAAE,CAAC;QAC3C,MAAM,aAAa,GAAqB,EAAE,CAAC;QAE3C,kBAAkB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,KAAwB,EAAE,GAAW,EAAE,EAAE;YAChF,oEAAoE;YACpE,gCAAgC;YAChC,gCAAgC;YAChC,WAAW;YACX,gCAAgC;YAChC,IAAI;YACJ,aAAa,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC7B,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;QACtF,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;IACtF,CAAC;;AA5HH,gDA8HC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @packageDocumentation\n * @module Tiles\n */\n\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\nimport { ArcGisGenerateTokenOptions, ArcGisOAuth2Token, ArcGisToken, ArcGisTokenGenerator } from \"./ArcGisTokenGenerator\";\n\n/** @internal */\ninterface ArcGisTokenProps {\n [hostname: string]: ArcGisOAuth2Token;\n}\n\n/** @internal */\nexport class ArcGisTokenManager {\n private static readonly tokenExpiryThreshold = 300000; // 5 minutes in milliseconds\n private static _cache = new Map<string, ArcGisToken>();\n private static _oauth2Cache: Map<string, ArcGisOAuth2Token> | undefined;\n private static _generator: ArcGisTokenGenerator | undefined;\n private static readonly _browserStorageKey = \"arcGisOAuth\";\n\n public static async getToken(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<ArcGisToken | undefined> {\n if (!ArcGisTokenManager._generator)\n ArcGisTokenManager._generator = new ArcGisTokenGenerator();\n\n const tokenCacheKey = `${encodeURIComponent(userName)}@${arcGisRestServiceUrl}`;\n\n // First check in the session cache\n const cachedToken = ArcGisTokenManager._cache.get(tokenCacheKey);\n\n // Check if token is in cached and is valid within the threshold, if not, generate a new token immediately.\n if (cachedToken !== undefined && (cachedToken.expires - (+new Date()) > ArcGisTokenManager.tokenExpiryThreshold)) {\n return cachedToken;\n }\n\n // Nothing in cache, generate a new token\n const newToken = await ArcGisTokenManager._generator.generate(arcGisRestServiceUrl, userName, password, options);\n if (newToken.token) {\n const token = newToken as ArcGisToken;\n ArcGisTokenManager._cache.set(tokenCacheKey, token);\n return token;\n }\n\n return undefined;\n }\n\n public static invalidateToken(token: MapLayerAccessToken): boolean {\n\n for (const [key, value] of ArcGisTokenManager._cache) {\n if (value.token === token.token)\n return ArcGisTokenManager._cache.delete(key);\n }\n\n return false;\n }\n\n public static getOAuth2Token(key: string): ArcGisOAuth2Token | undefined {\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\n ArcGisTokenManager.loadFromBrowserStorage();\n }\n\n const cachedToken = ArcGisTokenManager._oauth2Cache.get(key);\n\n // If cached token has expired (or about to expire), invalidate don't return it.\n if (cachedToken !== undefined && (cachedToken.expiresAt - (+new Date()) < ArcGisTokenManager.tokenExpiryThreshold)) {\n ArcGisTokenManager._oauth2Cache.delete(key);\n return undefined;\n }\n\n return cachedToken;\n }\n\n public static invalidateOAuth2Token(token: MapLayerAccessToken) {\n\n if (ArcGisTokenManager._oauth2Cache) {\n for (const [key, value] of ArcGisTokenManager._oauth2Cache) {\n if (value.token === token.token){\n const deleted = ArcGisTokenManager._oauth2Cache.delete(key);\n ArcGisTokenManager.saveToBrowserStorage();\n return deleted;\n }\n }\n }\n\n return false;\n }\n\n public static setOAuth2Token(key: string, token: ArcGisOAuth2Token) {\n\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\n\n }\n ArcGisTokenManager._oauth2Cache.set(key, token);\n\n ArcGisTokenManager.saveToBrowserStorage();\n }\n\n public static loadFromBrowserStorage() {\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n return;\n }\n\n const loadEntries = (json: string | undefined) => {\n if (json && ArcGisTokenManager._oauth2Cache !== undefined) {\n const tokens: ArcGisTokenProps | undefined = JSON.parse(json);\n if (tokens) {\n for (const [key, value] of Object.entries(tokens)) {\n ArcGisTokenManager._oauth2Cache.set(key, value);\n }\n }\n }\n };\n\n loadEntries(window.sessionStorage.getItem(this._browserStorageKey) ?? undefined);\n loadEntries(window.localStorage.getItem(this._browserStorageKey) ?? undefined);\n }\n\n public static saveToBrowserStorage() {\n\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n return;\n }\n const sessionTokens: ArcGisTokenProps = {};\n const storageTokens: ArcGisTokenProps = {};\n\n ArcGisTokenManager._oauth2Cache.forEach((value: ArcGisOAuth2Token, key: string) => {\n // ignore the persist flag for now, and only save to session storage\n // if (value.persist === true) {\n // storageTokens[key] = value;\n // } else {\n // sessionTokens[key] = value;\n // }\n sessionTokens[key] = value;\n });\n window.sessionStorage.setItem(this._browserStorageKey, JSON.stringify(sessionTokens));\n window.localStorage.setItem(this._browserStorageKey, JSON.stringify(storageTokens));\n }\n\n}\n"]}
package/lib/cjs/ArcGis/ArcGisUrl.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisUrl.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisUrl.ts"],"names":[],"mappings":";;;AAAA;;;+FAG+F;AAC/F,gBAAgB;AAChB,MAAa,SAAS;IAEpB,qCAAqC;IAC9B,MAAM,CAAC,kBAAkB,CAAC,GAAQ;QACvC,MAAM,MAAM,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC;QAC3B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAC1C,OAAO,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAEjG,CAAC;IAEM,MAAM,CAAC,KAAK,CAAC,8BAA8B,CAAC,GAAQ;QACzD,MAAM,OAAO,GAAG,SAAS,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAClD,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,wGAAwG;QACxG,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,GAAG,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACrD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAEzC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QAED,MAAM,gBAAgB,GAAG,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC;QAC1D,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,SAAS,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACjE,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,GAAQ;QACrC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YAChE,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC/B,CAAC;QAAC,MAAM,CAAC;QACT,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;CACF;AA5CD,8BA4CC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @internal */\r\nexport class ArcGisUrl {\r\n\r\n // Extract the sub-url up to '/rest/'\r\n public static extractRestBaseUrl(url: URL): URL | undefined {\r\n const urlStr = url.toString();\r\n const searchStr = \"/rest/\";\r\n const restPos = urlStr.indexOf(searchStr);\r\n return (restPos === -1 ? undefined : new URL(urlStr.substring(0, restPos + searchStr.length)));\r\n\r\n }\r\n\r\n public static async getRestUrlFromGenerateTokenUrl(url: URL): Promise<URL | undefined> {\r\n const restUrl = ArcGisUrl.extractRestBaseUrl(url);\r\n if (restUrl === undefined) {\r\n return undefined;\r\n }\r\n\r\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\r\n const infoUrl = new URL(`${restUrl.toString()}info`);\r\n infoUrl.searchParams.append(\"f\", \"json\");\r\n\r\n let json;\r\n try {\r\n json = await ArcGisUrl.fetchJson(infoUrl);\r\n } catch {\r\n\r\n }\r\n\r\n const tokenServicesUrl = json?.authInfo?.tokenServicesUrl;\r\n if (tokenServicesUrl === undefined) {\r\n return undefined;\r\n }\r\n return ArcGisUrl.extractRestBaseUrl(new URL(tokenServicesUrl));\r\n }\r\n\r\n private static async fetchJson(url: URL): Promise<any> {\r\n let json;\r\n try {\r\n const response = await fetch(url.toString(), { method: \"GET\" });\r\n json = await response.json();\r\n } catch {\r\n }\r\n return json;\r\n }\r\n}\r\n"]}
1
+ {"version":3,"file":"ArcGisUrl.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisUrl.ts"],"names":[],"mappings":";;;AAAA;;;+FAG+F;AAC/F,gBAAgB;AAChB,MAAa,SAAS;IAEpB,qCAAqC;IAC9B,MAAM,CAAC,kBAAkB,CAAC,GAAQ;QACvC,MAAM,MAAM,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC;QAC3B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAC1C,OAAO,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAEjG,CAAC;IAEM,MAAM,CAAC,KAAK,CAAC,8BAA8B,CAAC,GAAQ;QACzD,MAAM,OAAO,GAAG,SAAS,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAClD,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,wGAAwG;QACxG,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,GAAG,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACrD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAEzC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QAED,MAAM,gBAAgB,GAAG,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC;QAC1D,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,SAAS,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACjE,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,GAAQ;QACrC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YAChE,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC/B,CAAC;QAAC,MAAM,CAAC;QACT,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;CACF;AA5CD,8BA4CC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @internal */\nexport class ArcGisUrl {\n\n // Extract the sub-url up to '/rest/'\n public static extractRestBaseUrl(url: URL): URL | undefined {\n const urlStr = url.toString();\n const searchStr = \"/rest/\";\n const restPos = urlStr.indexOf(searchStr);\n return (restPos === -1 ? undefined : new URL(urlStr.substring(0, restPos + searchStr.length)));\n\n }\n\n public static async getRestUrlFromGenerateTokenUrl(url: URL): Promise<URL | undefined> {\n const restUrl = ArcGisUrl.extractRestBaseUrl(url);\n if (restUrl === undefined) {\n return undefined;\n }\n\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\n const infoUrl = new URL(`${restUrl.toString()}info`);\n infoUrl.searchParams.append(\"f\", \"json\");\n\n let json;\n try {\n json = await ArcGisUrl.fetchJson(infoUrl);\n } catch {\n\n }\n\n const tokenServicesUrl = json?.authInfo?.tokenServicesUrl;\n if (tokenServicesUrl === undefined) {\n return undefined;\n }\n return ArcGisUrl.extractRestBaseUrl(new URL(tokenServicesUrl));\n }\n\n private static async fetchJson(url: URL): Promise<any> {\n let json;\n try {\n const response = await fetch(url.toString(), { method: \"GET\" });\n json = await response.json();\n } catch {\n }\n return json;\n }\n}\n"]}
package/lib/cjs/map-layers-auth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"map-layers-auth.js","sourceRoot":"","sources":["../../src/map-layers-auth.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA;;;+FAG+F;AAC/F,gEAA8C;AAC9C,qDAAmC;AACnC,8DAA4C;AAC5C,gEAA8C;AAC9C,8DAA4C","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\nexport * from \"./ArcGis/ArcGisOAuth2Endpoint\";\r\nexport * from \"./ArcGis/ArcGisUrl\";\r\nexport * from \"./ArcGis/ArcGisAccessClient\";\r\nexport * from \"./ArcGis/ArcGisTokenGenerator\";\r\nexport * from \"./ArcGis/ArcGisTokenManager\";\r\n"]}
1
+ {"version":3,"file":"map-layers-auth.js","sourceRoot":"","sources":["../../src/map-layers-auth.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA;;;+FAG+F;AAC/F,gEAA8C;AAC9C,qDAAmC;AACnC,8DAA4C;AAC5C,gEAA8C;AAC9C,8DAA4C","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\nexport * from \"./ArcGis/ArcGisOAuth2Endpoint\";\nexport * from \"./ArcGis/ArcGisUrl\";\nexport * from \"./ArcGis/ArcGisAccessClient\";\nexport * from \"./ArcGis/ArcGisTokenGenerator\";\nexport * from \"./ArcGis/ArcGisTokenManager\";\n"]}
package/lib/esm/ArcGis/ArcGisAccessClient.js CHANGED
@@ -12,14 +12,13 @@ import { ArcGisTokenManager } from "./ArcGisTokenManager";
12
12
  import { ArcGisUrl } from "./ArcGisUrl";
13
13
  /** @beta */
14
14
  export class ArcGisAccessClient {
15
+ onOAuthProcessEnd = new BeEvent();
16
+ _redirectUri;
17
+ _expiration;
18
+ _clientIds;
19
+ // Should be kept to 'false'. Debugging purposes only.
20
+ _forceLegacyToken = false;
15
21
  constructor() {
16
- this.onOAuthProcessEnd = new BeEvent();
17
- // Should be kept to 'false'. Debugging purposes only.
18
- this._forceLegacyToken = false;
19
- // Mapping between a map-layer URL and its corresponding Oauth endpoint
20
- // i.e. https://hostname/server/rest/services/NewYork/NewYork3857/MapServer
21
- // => https://hostname/portal/sharing/oauth2/authorize
22
- this._endPointsCache = new Map();
23
22
  }
24
23
  initialize(oAuthConfig) {
25
24
  if (oAuthConfig) {
@@ -31,7 +30,7 @@ export class ArcGisAccessClient {
31
30
  return true;
32
31
  }
33
32
  initOauthCallbackFunction() {
34
- window.arcGisOAuth2Callback = (redirectLocation) => {
33
+ globalThis.arcGisOAuth2Callback = (redirectLocation) => {
35
34
  let eventSuccess = false;
36
35
  let stateData;
37
36
  if (redirectLocation && redirectLocation.hash.length > 0) {
@@ -66,7 +65,7 @@ export class ArcGisAccessClient {
66
65
  unInitialize() {
67
66
  this._redirectUri = undefined;
68
67
  this._expiration = undefined;
69
- window.arcGisOAuth2Callback = undefined;
68
+ globalThis.arcGisOAuth2Callback = undefined;
70
69
  }
71
70
  async getAccessToken(params) {
72
71
  // First lookup Oauth2 tokens, otherwise check try "legacy tokens" if credentials were provided
@@ -175,6 +174,10 @@ export class ArcGisAccessClient {
175
174
  catch { }
176
175
  return undefined;
177
176
  }
177
+ // Mapping between a map-layer URL and its corresponding Oauth endpoint
178
+ // i.e. https://hostname/server/rest/services/NewYork/NewYork3857/MapServer
179
+ // => https://hostname/portal/sharing/oauth2/authorize
180
+ _endPointsCache = new Map();
178
181
  /**
179
182
  * Get OAuth2 endpoint that must be cause to get the Oauth2 token
180
183
  * @internal
package/lib/esm/ArcGis/ArcGisAccessClient.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F;;GAEG;AAEH,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAEtD,OAAO,EAAqB,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAClF,OAAO,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,wBAAwB,CAAC;AACxF,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AA8CxC,YAAY;AACZ,MAAM,OAAO,kBAAkB;IAS7B;QARgB,sBAAiB,GAAG,IAAI,OAAO,EAAE,CAAC;QAKlD,sDAAsD;QAC9C,sBAAiB,GAAG,KAAK,CAAC;QAuLlC,uEAAuE;QACvE,8EAA8E;QAC9E,4DAA4D;QAEpD,oBAAe,GAAG,IAAI,GAAG,EAAoC,CAAC;IAxLtE,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,MAAc,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;YACrE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;oBAC/H,IAAI,cAAc,CAAC;oBACnB,IAAI,CAAC;wBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,EAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,EAAE,cAAc,CAAC;oBAEzC,CAAC;oBAAC,MAAM,CAAC;oBACT,CAAC;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;wBACjC,kBAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;oBACtB,CAAC;gBAEH,CAAC;YACH,CAAC;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,MAAc,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACnD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAE/F,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;QACvB,CAAC;QAED,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACvC,OAAO,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,qBAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;QACjJ,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,gBAAgB;IACT,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAC5D,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IAC1G,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,kBAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,kBAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,QAA4B,CAAC;QACjC,IAAI,eAAmC,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;YAC9B,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE,CAAC;gBAChC,eAAe,GAAG,KAAK,CAAC,QAAQ,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;oBACvD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YAC5D,QAAQ,GAAG,eAAe,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;QAC7B,OAAO,IAAI,CAAC,UAAU,EAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;QACvD,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;QAClC,OAAO,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;QAEnE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;gBACpB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACpE,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzE,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;gBAClC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;QAEhE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;QAChJ,CAAC;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,kBAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAQD;;;KAGC;IACO,aAAa,CAAC,GAAgB,EAAE,YAAsC,EAAE,QAA8B;QAC5G,MAAM,KAAK,GAAG,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,EAAC,iBAAiB,EAAE,QAAQ,EAAC,CAAC,CAAC,CAAC,EAAC,aAAa,EAAE,QAAQ,EAAC,CAAC;QAC9H,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACvC,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,cAAc,CAAC,WAAwB,EAAE,gBAAwB,EAAE,YAAsC;QACrH,oCAAoC;QACpC,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;QACzH,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC;QAC7D,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;;MAGE;IACM,iBAAiB,CAAC,GAAQ;QAChC,MAAM,YAAY,GAAG;YACnB,YAAY;SACb,CAAC;QAEF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACxF,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,GAAW;QAC3C,IAAI,KAAwB,CAAC;QAC7B,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,kBAAkB,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1E,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;YAC5E,6GAA6G;YAC7G,qCAAqC;QACvC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,WAAmB,EAAE,YAAsC;QACzF,iCAAiC;QACjC,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;YACjC,OAAO,CAAC,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrI,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAElG,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QAEpC,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBAC5C,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,oBAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAC5F,CAAC;aAAM,CAAC;YAEN,wGAAwG;YACxG,IAAI,CAAC;gBACH,MAAM,uBAAuB,GAAG,MAAM,SAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;gBAEvF,IAAI,uBAAuB,KAAK,SAAS,EAAE,CAAC;oBAC1C,kEAAkE;oBAClE,8FAA8F;oBAC9F,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;oBACvF,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;wBAClD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;wBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;wBAE9H,uCAAuC;wBACvC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;wBACxE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;4BAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,YAAY,CAAC,CAAC;4BAC5F,IAAI,QAAQ;gCACV,OAAO,QAAQ,CAAC;wBACpB,CAAC;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,gBAAgB,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBACtF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;oBACpE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;wBAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAC;wBACxF,IAAI,QAAQ;4BACV,OAAO,QAAQ,CAAC;oBACpB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;YACT,CAAC;QACH,CAAC;QAED,gEAAgE;QAChE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAE,oEAAoE;QAEhH,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QAEH,CAAC;aAAM,CAAC;YACN,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\r\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\r\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator\";\r\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint\";\r\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager\";\r\nimport { ArcGisUrl } from \"./ArcGisUrl\";\r\n\r\n/** @beta */\r\nexport interface ArcGisEnterpriseClientId {\r\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\r\n used to identify uniquely each enterprise server. */\r\n serviceBaseUrl: string;\r\n\r\n /* Application's clientId for this enterprise server.*/\r\n clientId: string;\r\n}\r\n\r\n/** @beta */\r\nexport interface ArcGisOAuthClientIds {\r\n /* Application's OAuth clientId in ArcGIS online */\r\n arcgisOnlineClientId?: string;\r\n\r\n /* Application's OAuth clientId for each enterprise server used. */\r\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\r\n}\r\n\r\n/** @beta\r\n * ArcGIS OAuth configurations parameters.\r\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\r\n * more details.\r\n*/\r\nexport interface ArcGisOAuthConfig {\r\n /* URL to which a user is sent once they complete sign in authorization.\r\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\r\n */\r\n redirectUri: string;\r\n\r\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\r\n tokenExpiration?: number;\r\n\r\n /* Application client Ids */\r\n clientIds: ArcGisOAuthClientIds;\r\n}\r\n\r\ninterface EndPointsCacheEntry {\r\n authorizeEndpoint?: ArcGisOAuth2Endpoint;\r\n tokenEndpoint?: ArcGisOAuth2Endpoint;\r\n}\r\n\r\ntype MapLayerUrl = string;\r\n\r\n/** @beta */\r\nexport class ArcGisAccessClient implements MapLayerAccessClient {\r\n public readonly onOAuthProcessEnd = new BeEvent();\r\n private _redirectUri: string | undefined;\r\n private _expiration: number | undefined;\r\n private _clientIds: ArcGisOAuthClientIds | undefined;\r\n\r\n // Should be kept to 'false'. Debugging purposes only.\r\n private _forceLegacyToken = false;\r\n\r\n public constructor() {\r\n }\r\n\r\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\r\n if (oAuthConfig) {\r\n this._redirectUri = oAuthConfig.redirectUri;\r\n this._expiration = oAuthConfig.tokenExpiration;\r\n this._clientIds = oAuthConfig.clientIds;\r\n\r\n this.initOauthCallbackFunction();\r\n }\r\n return true;\r\n }\r\n\r\n private initOauthCallbackFunction() {\r\n (window as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\r\n let eventSuccess = false;\r\n let stateData;\r\n\r\n if (redirectLocation && redirectLocation.hash.length > 0) {\r\n const locationHash = redirectLocation.hash;\r\n const hashParams = new URLSearchParams(locationHash.substring(1));\r\n const token = hashParams.get(\"access_token\") ?? undefined;\r\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\r\n const userName = hashParams.get(\"username\") ?? undefined;\r\n const ssl = hashParams.get(\"ssl\") === \"true\";\r\n const stateStr = hashParams.get(\"state\") ?? undefined;\r\n const persist = hashParams.get(\"persist\") === \"true\";\r\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\r\n let endpointOrigin;\r\n try {\r\n const state = JSON.parse(stateStr);\r\n stateData = state?.customData;\r\n endpointOrigin = state?.endpointOrigin;\r\n\r\n } catch {\r\n }\r\n const expiresIn = Number(expiresInStr);\r\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\r\n if (endpointOrigin !== undefined) {\r\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\r\n eventSuccess = true;\r\n }\r\n\r\n }\r\n }\r\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\r\n };\r\n }\r\n\r\n public unInitialize() {\r\n this._redirectUri = undefined;\r\n this._expiration = undefined;\r\n (window as any).arcGisOAuth2Callback = undefined;\r\n }\r\n\r\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\r\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\r\n\r\n if (!this._forceLegacyToken) {\r\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\r\n if (oauth2Token)\r\n return oauth2Token;\r\n }\r\n\r\n if (params.userName && params.password) {\r\n return ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\r\n }\r\n\r\n return undefined;\r\n }\r\n\r\n /** @internal */\r\n public static async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean> {\r\n const data = await fetch(endpointUrl, { method: \"GET\" });\r\n return data.status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\r\n }\r\n\r\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\r\n if (!this._forceLegacyToken) {\r\n return this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n }\r\n\r\n return undefined;\r\n }\r\n\r\n public invalidateToken(token: MapLayerAccessToken): boolean {\r\n let found = ArcGisTokenManager.invalidateToken(token);\r\n if (!found) {\r\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\r\n }\r\n return found;\r\n }\r\n\r\n public get redirectUri() {\r\n return this._redirectUri;\r\n }\r\n\r\n public getMatchingEnterpriseClientId(url: string) {\r\n const clientIds = this.arcGisEnterpriseClientIds;\r\n if (!clientIds) {\r\n return undefined;\r\n }\r\n\r\n let clientId: string | undefined;\r\n let defaultClientId: string | undefined;\r\n for (const entry of clientIds) {\r\n if (entry.serviceBaseUrl === \"\") {\r\n defaultClientId = entry.clientId;\r\n } else {\r\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\r\n clientId = entry.clientId;\r\n }\r\n }\r\n }\r\n\r\n // If we could not find a match with serviceBaseUrl, and a default clientId\r\n // was specified (i.e empty url), then use default clientId\r\n if (clientId === undefined && defaultClientId !== undefined) {\r\n clientId = defaultClientId;\r\n }\r\n return clientId;\r\n }\r\n\r\n public get expiration() {\r\n return this._expiration;\r\n }\r\n\r\n public get arcGisOnlineClientId() {\r\n return this._clientIds?.arcgisOnlineClientId;\r\n }\r\n\r\n public set arcGisOnlineClientId(clientId: string | undefined) {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = { arcgisOnlineClientId: clientId };\r\n }\r\n this._clientIds.arcgisOnlineClientId = clientId;\r\n }\r\n\r\n public get arcGisEnterpriseClientIds() {\r\n return this._clientIds?.enterpriseClientIds;\r\n }\r\n\r\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\r\n if (foundIdx !== -1) {\r\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\r\n } else {\r\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\r\n }\r\n } else {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = {};\r\n }\r\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\r\n }\r\n }\r\n\r\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\r\n }\r\n\r\n }\r\n\r\n /// //////////\r\n /** @internal */\r\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\r\n try {\r\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n if (oauthEndpoint !== undefined) {\r\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\r\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\r\n }\r\n } catch { }\r\n return undefined;\r\n }\r\n\r\n // Mapping between a map-layer URL and its corresponding Oauth endpoint\r\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\r\n // => https://hostname/portal/sharing/oauth2/authorize\r\n\r\n private _endPointsCache = new Map<MapLayerUrl, EndPointsCacheEntry>();\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private cacheEndpoint(url: MapLayerUrl, endpointType: ArcGisOAuth2EndpointType, endPoint: ArcGisOAuth2Endpoint) {\r\n const entry = endpointType === ArcGisOAuth2EndpointType.Authorize ? {authorizeEndpoint: endPoint} : {tokenEndpoint: endPoint};\r\n this._endPointsCache.set(url, entry);\r\n }\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private async createEndpoint(mapLayerUrl: MapLayerUrl, oauthEndpointUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\r\n // Validate the URL we just composed\r\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauthEndpointUrl, this.constructLoginUrl(oauthEndpointUrl, false), false);\r\n this.cacheEndpoint(mapLayerUrl, endpointType, oauthEndpoint);\r\n return oauthEndpoint;\r\n }\r\n\r\n /**\r\n * Returns whether the ArcGis host is valid\r\n * @internal\r\n */\r\n private isArcGisHostValid(url: URL): boolean {\r\n const allowedHosts = [\r\n \"arcgis.com\",\r\n ];\r\n\r\n return allowedHosts.some((host: string) => url.hostname.toLowerCase().endsWith(host));\r\n }\r\n\r\n private async validateEndpointUrl(url: string) {\r\n let valid: boolean|undefined;\r\n try {\r\n valid = await ArcGisAccessClient.validateOAuth2Endpoint(url.toString());\r\n } catch {\r\n // If we reach here, this means we could not validate properly the endpoint;\r\n // we cannot conclude the endpoint is invalid though; it might happen endpoint doesn't support CORS requests,\r\n // but still valid for Oauth process.\r\n }\r\n return valid;\r\n }\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private async getOAuth2Endpoint(mapLayerUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\r\n // Return from cache if available\r\n const cachedEndpoint = this._endPointsCache.get(mapLayerUrl);\r\n if (cachedEndpoint !== undefined) {\r\n return (endpointType === ArcGisOAuth2EndpointType.Authorize ? cachedEndpoint.authorizeEndpoint : cachedEndpoint.authorizeEndpoint);\r\n }\r\n\r\n const endpointStr = (endpointType === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\r\n\r\n const urlObj = new URL(mapLayerUrl);\r\n\r\n if (this.isArcGisHostValid(urlObj)) {\r\n // ArcGIS Online (fixed)\r\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\r\n\r\n if (this.arcGisOnlineClientId === undefined) {\r\n return undefined;\r\n }\r\n\r\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\r\n return new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, true), true);\r\n } else {\r\n\r\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\r\n try {\r\n const restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\r\n\r\n if (restUrlFromTokenService === undefined) {\r\n // We could not derive the token endpoint from 'tokenServicesUrl'.\r\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\r\n const regExMatch = mapLayerUrl.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\r\n if (regExMatch !== null && regExMatch.length >= 2) {\r\n const subdirectory = regExMatch[1];\r\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\r\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\r\n\r\n // Check again the URL we just composed\r\n const isValidUrl = await this.validateEndpointUrl(newUrlObj.toString());\r\n if (isValidUrl === undefined || isValidUrl ) {\r\n const endpoint = await this.createEndpoint(mapLayerUrl, newUrlObj.toString(), endpointType);\r\n if (endpoint)\r\n return endpoint;\r\n }\r\n }\r\n } else {\r\n const oauthEndpointUrl = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\r\n const isValidUrl = await this.validateEndpointUrl(oauthEndpointUrl);\r\n if (isValidUrl === undefined || isValidUrl ) {\r\n const endpoint = await this.createEndpoint(mapLayerUrl, oauthEndpointUrl, endpointType);\r\n if (endpoint)\r\n return endpoint;\r\n }\r\n }\r\n } catch {\r\n }\r\n }\r\n\r\n // If we reach here, we were not successful creating an endpoint\r\n this._endPointsCache.set(mapLayerUrl, {}); // Cache an empty entry, and avoid making repeated failing requests.\r\n\r\n return undefined; // we could not find any valid oauth2 endpoint\r\n }\r\n\r\n /**\r\n * Construct the complete Authorize url to starts the Oauth process\r\n * @internal\r\n */\r\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\r\n const urlObj = new URL(url);\r\n\r\n // Set the client id\r\n if (isArcgisOnline) {\r\n const clientId = this.arcGisOnlineClientId;\r\n assert(clientId !== undefined);\r\n if (clientId !== undefined) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n\r\n } else {\r\n const clientId = this.getMatchingEnterpriseClientId(url);\r\n assert(clientId !== undefined);\r\n if (undefined !== clientId) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n }\r\n\r\n urlObj.searchParams.set(\"response_type\", \"token\");\r\n if (this.expiration !== undefined) {\r\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\r\n }\r\n\r\n if (this.redirectUri)\r\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\r\n\r\n return urlObj.toString();\r\n }\r\n\r\n}\r\n"]}
1
+ {"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F;;GAEG;AAEH,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAEtD,OAAO,EAAqB,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAClF,OAAO,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,wBAAwB,CAAC;AACxF,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AA8CxC,YAAY;AACZ,MAAM,OAAO,kBAAkB;IACb,iBAAiB,GAAG,IAAI,OAAO,EAAE,CAAC;IAC1C,YAAY,CAAqB;IACjC,WAAW,CAAqB;IAChC,UAAU,CAAmC;IAErD,sDAAsD;IAC9C,iBAAiB,GAAG,KAAK,CAAC;IAElC;IACA,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,UAAkB,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;YACzE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;oBAC/H,IAAI,cAAc,CAAC;oBACnB,IAAI,CAAC;wBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,EAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,EAAE,cAAc,CAAC;oBAEzC,CAAC;oBAAC,MAAM,CAAC;oBACT,CAAC;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;wBACjC,kBAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;oBACtB,CAAC;gBAEH,CAAC;YACH,CAAC;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,UAAkB,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACvD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAE/F,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;QACvB,CAAC;QAED,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACvC,OAAO,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,qBAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;QACjJ,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,gBAAgB;IACT,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAC5D,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IAC1G,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,kBAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,kBAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,QAA4B,CAAC;QACjC,IAAI,eAAmC,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;YAC9B,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE,CAAC;gBAChC,eAAe,GAAG,KAAK,CAAC,QAAQ,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;oBACvD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YAC5D,QAAQ,GAAG,eAAe,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;QAC7B,OAAO,IAAI,CAAC,UAAU,EAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;QACvD,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;QAClC,OAAO,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;QAEnE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;gBACpB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACpE,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzE,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;gBAClC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;QAEhE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;QAChJ,CAAC;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,kBAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,uEAAuE;IACvE,8EAA8E;IAC9E,4DAA4D;IAEpD,eAAe,GAAG,IAAI,GAAG,EAAoC,CAAC;IAEtE;;;KAGC;IACO,aAAa,CAAC,GAAgB,EAAE,YAAsC,EAAE,QAA8B;QAC5G,MAAM,KAAK,GAAG,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,EAAC,iBAAiB,EAAE,QAAQ,EAAC,CAAC,CAAC,CAAC,EAAC,aAAa,EAAE,QAAQ,EAAC,CAAC;QAC9H,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACvC,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,cAAc,CAAC,WAAwB,EAAE,gBAAwB,EAAE,YAAsC;QACrH,oCAAoC;QACpC,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;QACzH,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC;QAC7D,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;;MAGE;IACM,iBAAiB,CAAC,GAAQ;QAChC,MAAM,YAAY,GAAG;YACnB,YAAY;SACb,CAAC;QAEF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACxF,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,GAAW;QAC3C,IAAI,KAAwB,CAAC;QAC7B,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,kBAAkB,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1E,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;YAC5E,6GAA6G;YAC7G,qCAAqC;QACvC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,WAAmB,EAAE,YAAsC;QACzF,iCAAiC;QACjC,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;YACjC,OAAO,CAAC,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrI,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAElG,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QAEpC,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBAC5C,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,oBAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAC5F,CAAC;aAAM,CAAC;YAEN,wGAAwG;YACxG,IAAI,CAAC;gBACH,MAAM,uBAAuB,GAAG,MAAM,SAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;gBAEvF,IAAI,uBAAuB,KAAK,SAAS,EAAE,CAAC;oBAC1C,kEAAkE;oBAClE,8FAA8F;oBAC9F,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;oBACvF,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;wBAClD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;wBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;wBAE9H,uCAAuC;wBACvC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;wBACxE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;4BAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,YAAY,CAAC,CAAC;4BAC5F,IAAI,QAAQ;gCACV,OAAO,QAAQ,CAAC;wBACpB,CAAC;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,gBAAgB,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBACtF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;oBACpE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;wBAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAC;wBACxF,IAAI,QAAQ;4BACV,OAAO,QAAQ,CAAC;oBACpB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;YACT,CAAC;QACH,CAAC;QAED,gEAAgE;QAChE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAE,oEAAoE;QAEhH,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QAEH,CAAC;aAAM,CAAC;YACN,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @packageDocumentation\n * @module Tiles\n */\n\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator\";\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint\";\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager\";\nimport { ArcGisUrl } from \"./ArcGisUrl\";\n\n/** @beta */\nexport interface ArcGisEnterpriseClientId {\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\n used to identify uniquely each enterprise server. */\n serviceBaseUrl: string;\n\n /* Application's clientId for this enterprise server.*/\n clientId: string;\n}\n\n/** @beta */\nexport interface ArcGisOAuthClientIds {\n /* Application's OAuth clientId in ArcGIS online */\n arcgisOnlineClientId?: string;\n\n /* Application's OAuth clientId for each enterprise server used. */\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\n}\n\n/** @beta\n * ArcGIS OAuth configurations parameters.\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\n * more details.\n*/\nexport interface ArcGisOAuthConfig {\n /* URL to which a user is sent once they complete sign in authorization.\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\n */\n redirectUri: string;\n\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\n tokenExpiration?: number;\n\n /* Application client Ids */\n clientIds: ArcGisOAuthClientIds;\n}\n\ninterface EndPointsCacheEntry {\n authorizeEndpoint?: ArcGisOAuth2Endpoint;\n tokenEndpoint?: ArcGisOAuth2Endpoint;\n}\n\ntype MapLayerUrl = string;\n\n/** @beta */\nexport class ArcGisAccessClient implements MapLayerAccessClient {\n public readonly onOAuthProcessEnd = new BeEvent();\n private _redirectUri: string | undefined;\n private _expiration: number | undefined;\n private _clientIds: ArcGisOAuthClientIds | undefined;\n\n // Should be kept to 'false'. Debugging purposes only.\n private _forceLegacyToken = false;\n\n public constructor() {\n }\n\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\n if (oAuthConfig) {\n this._redirectUri = oAuthConfig.redirectUri;\n this._expiration = oAuthConfig.tokenExpiration;\n this._clientIds = oAuthConfig.clientIds;\n\n this.initOauthCallbackFunction();\n }\n return true;\n }\n\n private initOauthCallbackFunction() {\n (globalThis as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\n let eventSuccess = false;\n let stateData;\n\n if (redirectLocation && redirectLocation.hash.length > 0) {\n const locationHash = redirectLocation.hash;\n const hashParams = new URLSearchParams(locationHash.substring(1));\n const token = hashParams.get(\"access_token\") ?? undefined;\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\n const userName = hashParams.get(\"username\") ?? undefined;\n const ssl = hashParams.get(\"ssl\") === \"true\";\n const stateStr = hashParams.get(\"state\") ?? undefined;\n const persist = hashParams.get(\"persist\") === \"true\";\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\n let endpointOrigin;\n try {\n const state = JSON.parse(stateStr);\n stateData = state?.customData;\n endpointOrigin = state?.endpointOrigin;\n\n } catch {\n }\n const expiresIn = Number(expiresInStr);\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\n if (endpointOrigin !== undefined) {\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\n eventSuccess = true;\n }\n\n }\n }\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\n };\n }\n\n public unInitialize() {\n this._redirectUri = undefined;\n this._expiration = undefined;\n (globalThis as any).arcGisOAuth2Callback = undefined;\n }\n\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\n\n if (!this._forceLegacyToken) {\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\n if (oauth2Token)\n return oauth2Token;\n }\n\n if (params.userName && params.password) {\n return ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\n }\n\n return undefined;\n }\n\n /** @internal */\n public static async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean> {\n const data = await fetch(endpointUrl, { method: \"GET\" });\n return data.status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\n }\n\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\n if (!this._forceLegacyToken) {\n return this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n }\n\n return undefined;\n }\n\n public invalidateToken(token: MapLayerAccessToken): boolean {\n let found = ArcGisTokenManager.invalidateToken(token);\n if (!found) {\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\n }\n return found;\n }\n\n public get redirectUri() {\n return this._redirectUri;\n }\n\n public getMatchingEnterpriseClientId(url: string) {\n const clientIds = this.arcGisEnterpriseClientIds;\n if (!clientIds) {\n return undefined;\n }\n\n let clientId: string | undefined;\n let defaultClientId: string | undefined;\n for (const entry of clientIds) {\n if (entry.serviceBaseUrl === \"\") {\n defaultClientId = entry.clientId;\n } else {\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\n clientId = entry.clientId;\n }\n }\n }\n\n // If we could not find a match with serviceBaseUrl, and a default clientId\n // was specified (i.e empty url), then use default clientId\n if (clientId === undefined && defaultClientId !== undefined) {\n clientId = defaultClientId;\n }\n return clientId;\n }\n\n public get expiration() {\n return this._expiration;\n }\n\n public get arcGisOnlineClientId() {\n return this._clientIds?.arcgisOnlineClientId;\n }\n\n public set arcGisOnlineClientId(clientId: string | undefined) {\n if (this._clientIds === undefined) {\n this._clientIds = { arcgisOnlineClientId: clientId };\n }\n this._clientIds.arcgisOnlineClientId = clientId;\n }\n\n public get arcGisEnterpriseClientIds() {\n return this._clientIds?.enterpriseClientIds;\n }\n\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\n\n if (this._clientIds?.enterpriseClientIds) {\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\n if (foundIdx !== -1) {\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\n } else {\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\n }\n } else {\n if (this._clientIds === undefined) {\n this._clientIds = {};\n }\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\n }\n }\n\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\n\n if (this._clientIds?.enterpriseClientIds) {\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\n }\n\n }\n\n /// //////////\n /** @internal */\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\n try {\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n if (oauthEndpoint !== undefined) {\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\n }\n } catch { }\n return undefined;\n }\n\n // Mapping between a map-layer URL and its corresponding Oauth endpoint\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\n // => https://hostname/portal/sharing/oauth2/authorize\n\n private _endPointsCache = new Map<MapLayerUrl, EndPointsCacheEntry>();\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private cacheEndpoint(url: MapLayerUrl, endpointType: ArcGisOAuth2EndpointType, endPoint: ArcGisOAuth2Endpoint) {\n const entry = endpointType === ArcGisOAuth2EndpointType.Authorize ? {authorizeEndpoint: endPoint} : {tokenEndpoint: endPoint};\n this._endPointsCache.set(url, entry);\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async createEndpoint(mapLayerUrl: MapLayerUrl, oauthEndpointUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Validate the URL we just composed\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauthEndpointUrl, this.constructLoginUrl(oauthEndpointUrl, false), false);\n this.cacheEndpoint(mapLayerUrl, endpointType, oauthEndpoint);\n return oauthEndpoint;\n }\n\n /**\n * Returns whether the ArcGis host is valid\n * @internal\n */\n private isArcGisHostValid(url: URL): boolean {\n const allowedHosts = [\n \"arcgis.com\",\n ];\n\n return allowedHosts.some((host: string) => url.hostname.toLowerCase().endsWith(host));\n }\n\n private async validateEndpointUrl(url: string) {\n let valid: boolean|undefined;\n try {\n valid = await ArcGisAccessClient.validateOAuth2Endpoint(url.toString());\n } catch {\n // If we reach here, this means we could not validate properly the endpoint;\n // we cannot conclude the endpoint is invalid though; it might happen endpoint doesn't support CORS requests,\n // but still valid for Oauth process.\n }\n return valid;\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async getOAuth2Endpoint(mapLayerUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Return from cache if available\n const cachedEndpoint = this._endPointsCache.get(mapLayerUrl);\n if (cachedEndpoint !== undefined) {\n return (endpointType === ArcGisOAuth2EndpointType.Authorize ? cachedEndpoint.authorizeEndpoint : cachedEndpoint.authorizeEndpoint);\n }\n\n const endpointStr = (endpointType === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\n\n const urlObj = new URL(mapLayerUrl);\n\n if (this.isArcGisHostValid(urlObj)) {\n // ArcGIS Online (fixed)\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\n\n if (this.arcGisOnlineClientId === undefined) {\n return undefined;\n }\n\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\n return new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, true), true);\n } else {\n\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\n try {\n const restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\n\n if (restUrlFromTokenService === undefined) {\n // We could not derive the token endpoint from 'tokenServicesUrl'.\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\n const regExMatch = mapLayerUrl.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\n if (regExMatch !== null && regExMatch.length >= 2) {\n const subdirectory = regExMatch[1];\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\n\n // Check again the URL we just composed\n const isValidUrl = await this.validateEndpointUrl(newUrlObj.toString());\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, newUrlObj.toString(), endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } else {\n const oauthEndpointUrl = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\n const isValidUrl = await this.validateEndpointUrl(oauthEndpointUrl);\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, oauthEndpointUrl, endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } catch {\n }\n }\n\n // If we reach here, we were not successful creating an endpoint\n this._endPointsCache.set(mapLayerUrl, {}); // Cache an empty entry, and avoid making repeated failing requests.\n\n return undefined; // we could not find any valid oauth2 endpoint\n }\n\n /**\n * Construct the complete Authorize url to starts the Oauth process\n * @internal\n */\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\n const urlObj = new URL(url);\n\n // Set the client id\n if (isArcgisOnline) {\n const clientId = this.arcGisOnlineClientId;\n assert(clientId !== undefined);\n if (clientId !== undefined) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n\n } else {\n const clientId = this.getMatchingEnterpriseClientId(url);\n assert(clientId !== undefined);\n if (undefined !== clientId) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n }\n\n urlObj.searchParams.set(\"response_type\", \"token\");\n if (this.expiration !== undefined) {\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\n }\n\n if (this.redirectUri)\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\n\n return urlObj.toString();\n }\n\n}\n"]}
package/lib/esm/ArcGis/ArcGisOAuth2Endpoint.js CHANGED
@@ -6,6 +6,9 @@ export var ArcGisOAuth2EndpointType;
6
6
  })(ArcGisOAuth2EndpointType || (ArcGisOAuth2EndpointType = {}));
7
7
  /** @internal */
8
8
  export class ArcGisOAuth2Endpoint {
9
+ _url;
10
+ _loginUrl;
11
+ _isArcgisOnline;
9
12
  constructor(url, loginUrl, isArcgisOnline) {
10
13
  this._url = url;
11
14
  this._loginUrl = loginUrl;
package/lib/esm/ArcGis/ArcGisOAuth2Endpoint.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisOAuth2Endpoint.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisOAuth2Endpoint.ts"],"names":[],"mappings":"AAMA,gBAAgB;AAChB,MAAM,CAAN,IAAY,wBAA0C;AAAtD,WAAY,wBAAwB;IAAE,iFAAS,CAAA;IAAC,yEAAK,CAAA;AAAA,CAAC,EAA1C,wBAAwB,KAAxB,wBAAwB,QAAkB;AAEtD,gBAAgB;AAChB,MAAM,OAAO,oBAAoB;IAK/B,YAAY,GAAW,EAAE,QAAgB,EAAE,cAAuB;QAChE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,cAAc,CAAC;IACxC,CAAC;IAED,kCAAkC;IAC3B,MAAM;QACX,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED;;;;;OAKG;IACI,WAAW,CAAC,SAAe;QAChC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAEvC,MAAM,IAAI,GAAG;YACX,cAAc,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,EAAK,uCAAuC;YACrF,UAAU,EAAE,SAAS,EAAyB,gBAAgB;SAC/D,CAAC;QAEF,IAAI,QAAQ,CAAC;QACb,IAAI,CAAC;YACH,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAClC,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QACD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC7C,CAAC;QAED,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;IAED,IAAW,cAAc,KAAI,OAAO,IAAI,CAAC,eAAe,CAAC,CAAA,CAAC;CAE3D","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\nimport { MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\r\n\r\n/** @internal */\r\nexport enum ArcGisOAuth2EndpointType {Authorize,Token}\r\n\r\n/** @internal */\r\nexport class ArcGisOAuth2Endpoint implements MapLayerTokenEndpoint {\r\n private _url: string;\r\n private _loginUrl: string;\r\n private _isArcgisOnline: boolean;\r\n\r\n constructor(url: string, loginUrl: string, isArcgisOnline: boolean) {\r\n this._url = url;\r\n this._loginUrl = loginUrl;\r\n this._isArcgisOnline = isArcgisOnline;\r\n }\r\n\r\n // Returns the actual endpoint url\r\n public getUrl() {\r\n return this._url;\r\n }\r\n\r\n /**\r\n * Returns the URL used to login and generate the Oauth token.\r\n * @param stateData Custom JSON data that will sent back by once the Oauth process completes\r\n * @returns Promise resolves after the defaults are setup.\r\n * @internal\r\n */\r\n public getLoginUrl(stateData?: any) {\r\n const urlObj = new URL(this._loginUrl);\r\n\r\n const data = {\r\n endpointOrigin: new URL(this._url).origin, // arcGisOAuth2Callback depends on this\r\n customData: stateData, // caller's data\r\n };\r\n\r\n let stateStr;\r\n try {\r\n stateStr = JSON.stringify(data);\r\n } catch {\r\n\r\n }\r\n if (stateStr !== undefined) {\r\n urlObj.searchParams.set(\"state\", stateStr);\r\n }\r\n\r\n return urlObj.toString();\r\n }\r\n\r\n public get isArcgisOnline() {return this._isArcgisOnline;}\r\n\r\n}\r\n"]}
1
+ {"version":3,"file":"ArcGisOAuth2Endpoint.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisOAuth2Endpoint.ts"],"names":[],"mappings":"AAMA,gBAAgB;AAChB,MAAM,CAAN,IAAY,wBAA0C;AAAtD,WAAY,wBAAwB;IAAE,iFAAS,CAAA;IAAC,yEAAK,CAAA;AAAA,CAAC,EAA1C,wBAAwB,KAAxB,wBAAwB,QAAkB;AAEtD,gBAAgB;AAChB,MAAM,OAAO,oBAAoB;IACvB,IAAI,CAAS;IACb,SAAS,CAAS;IAClB,eAAe,CAAU;IAEjC,YAAY,GAAW,EAAE,QAAgB,EAAE,cAAuB;QAChE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,cAAc,CAAC;IACxC,CAAC;IAED,kCAAkC;IAC3B,MAAM;QACX,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED;;;;;OAKG;IACI,WAAW,CAAC,SAAe;QAChC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAEvC,MAAM,IAAI,GAAG;YACX,cAAc,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,EAAK,uCAAuC;YACrF,UAAU,EAAE,SAAS,EAAyB,gBAAgB;SAC/D,CAAC;QAEF,IAAI,QAAQ,CAAC;QACb,IAAI,CAAC;YACH,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAClC,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QACD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC7C,CAAC;QAED,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;IAED,IAAW,cAAc,KAAI,OAAO,IAAI,CAAC,eAAe,CAAC,CAAA,CAAC;CAE3D","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\nimport { MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\n\n/** @internal */\nexport enum ArcGisOAuth2EndpointType {Authorize,Token}\n\n/** @internal */\nexport class ArcGisOAuth2Endpoint implements MapLayerTokenEndpoint {\n private _url: string;\n private _loginUrl: string;\n private _isArcgisOnline: boolean;\n\n constructor(url: string, loginUrl: string, isArcgisOnline: boolean) {\n this._url = url;\n this._loginUrl = loginUrl;\n this._isArcgisOnline = isArcgisOnline;\n }\n\n // Returns the actual endpoint url\n public getUrl() {\n return this._url;\n }\n\n /**\n * Returns the URL used to login and generate the Oauth token.\n * @param stateData Custom JSON data that will sent back by once the Oauth process completes\n * @returns Promise resolves after the defaults are setup.\n * @internal\n */\n public getLoginUrl(stateData?: any) {\n const urlObj = new URL(this._loginUrl);\n\n const data = {\n endpointOrigin: new URL(this._url).origin, // arcGisOAuth2Callback depends on this\n customData: stateData, // caller's data\n };\n\n let stateStr;\n try {\n stateStr = JSON.stringify(data);\n } catch {\n\n }\n if (stateStr !== undefined) {\n urlObj.searchParams.set(\"state\", stateStr);\n }\n\n return urlObj.toString();\n }\n\n public get isArcgisOnline() {return this._isArcgisOnline;}\n\n}\n"]}
package/lib/esm/ArcGis/ArcGisTokenGenerator.js CHANGED
@@ -8,6 +8,10 @@ export var ArcGisTokenClientType;
8
8
  })(ArcGisTokenClientType || (ArcGisTokenClientType = {}));
9
9
  /** @internal */
10
10
  export class ArcGisTokenGenerator {
11
+ static restApiPath = "/rest/";
12
+ static restApiInfoPath = "info?f=pjson";
13
+ // Cache info url to avoid fetching/parsing twice for the same base url.
14
+ static _tokenServiceUrlCache = new Map();
11
15
  static async fetchTokenServiceUrl(arcGisRestServiceUrl) {
12
16
  const lowerUrl = arcGisRestServiceUrl.toLowerCase();
13
17
  const restApiIdx = lowerUrl.indexOf(ArcGisTokenGenerator.restApiPath);
@@ -97,8 +101,4 @@ export class ArcGisTokenGenerator {
97
101
  .replace(/\*/g, "%2A");
98
102
  }
99
103
  }
100
- ArcGisTokenGenerator.restApiPath = "/rest/";
101
- ArcGisTokenGenerator.restApiInfoPath = "info?f=pjson";
102
- // Cache info url to avoid fetching/parsing twice for the same base url.
103
- ArcGisTokenGenerator._tokenServiceUrlCache = new Map();
104
104
  //# sourceMappingURL=ArcGisTokenGenerator.js.map
package/lib/esm/ArcGis/ArcGisTokenGenerator.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisTokenGenerator.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenGenerator.ts"],"names":[],"mappings":"AAmCA,4GAA4G;AAC5G,gBAAgB;AAChB,MAAM,CAAN,IAAY,qBAIX;AAJD,WAAY,qBAAqB;IAC/B,6DAAE,CAAA;IACF,uEAAO,CAAA;IACP,2EAAS,CAAA;AACX,CAAC,EAJW,qBAAqB,KAArB,qBAAqB,QAIhC;AA8BD,gBAAgB;AAChB,MAAM,OAAO,oBAAoB;IAOxB,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,oBAA4B;QACnE,MAAM,QAAQ,GAAG,oBAAoB,CAAC,WAAW,EAAE,CAAC;QACpD,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC;QACtE,IAAI,UAAU,KAAK,CAAC,CAAC;YACnB,OAAO,SAAS,CAAC;QACnB,MAAM,OAAO,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC,EAAE,UAAU,GAAG,oBAAoB,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,oBAAoB,CAAC,eAAe,CAAC;QAE/I,IAAI,gBAAoC,CAAC;QACzC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACzD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,gBAAgB,GAAG,oBAAoB,CAAC,2BAA2B,CAAC,IAAI,CAAC,CAAC;QAC5E,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAEM,MAAM,CAAC,2BAA2B,CAAC,IAAS;QACjD,OAAO,IAAI,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;IAC5F,CAAC;IAEM,KAAK,CAAC,kBAAkB,CAAC,OAAe;QAC7C,MAAM,MAAM,GAAG,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACvE,IAAI,MAAM,KAAK,SAAS;YACtB,OAAO,MAAM,CAAC;QAEhB,MAAM,eAAe,GAAG,MAAM,oBAAoB,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;QACjF,IAAI,eAAe,KAAK,SAAS;YAC/B,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAE3E,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,6FAA6F;IACtF,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QACzH,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,oBAAoB,CAAC,CAAC;QAC5E,IAAI,CAAC,eAAe;YAClB,OAAO,SAAS,CAAC;QAEnB,IAAI,KAAgB,CAAC;QACrB,IAAI,CAAC;YACH,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YACrD,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YAErD,+BAA+B;YAC/B,IAAI,aAAa,GAAG,EAAE,CAAC;YACvB,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;gBACvB,aAAa,GAAG,eAAe,OAAO,CAAC,UAAU,EAAE,CAAC;YACtD,CAAC;YAED,2BAA2B;YAC3B,IAAI,SAAS,GAAG,EAAE,CAAC;YACnB,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,OAAO,EAAE,CAAC;gBACrD,IAAI,UAAU,GAAG,EAAE,CAAC;gBACpB,IAAI,OAAO,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;oBAClC,UAAU,GAAG,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAK,gCAAgC;gBACxF,CAAC;qBAAM,CAAC;oBACN,UAAU,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;gBACnD,CAAC;gBAED,SAAS,GAAG,2BAA2B,UAAU,EAAE,CAAC;YACtD,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,EAAE,EAAE,CAAC;gBACvD,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS;oBAC1B,OAAO,KAAK,CAAC;gBACf,SAAS,GAAG,iBAAiB,OAAO,CAAC,EAAE,EAAE,CAAC;YAC5C,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,SAAS,EAAE,CAAC;gBAC9D,SAAS,GAAG,uBAAuB,CAAC;YACtC,CAAC;YAED,MAAM,kBAAkB,GAAgB;gBACtC,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,YAAY,eAAe,aAAa,eAAe,GAAG,SAAS,GAAG,aAAa,UAAU;gBACnG,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;aACjE,CAAC;YAEF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC;YAElE,0EAA0E;YAC1E,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEhC,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gIAAgI;IAChI,2HAA2H;IACpH,MAAM,CAAC,UAAU,CAAC,GAAW;QAClC,OAAO,oBAAoB,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACtE,CAAC;IAED,2EAA2E;IAC3E,qDAAqD;IAC9C,MAAM,CAAC,aAAa,CAAC,GAAW;QACrC,OAAO,kBAAkB,CAAC,GAAG,CAAC;aAC3B,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;IAC3B,CAAC;;AAxGuB,gCAAW,GAAG,QAAQ,CAAC;AACvB,oCAAe,GAAG,cAAc,CAAC;AAEzD,wEAAwE;AACzD,0CAAqB,GAAG,IAAI,GAAG,EAAkB,CAAC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\r\n\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\n/** @internal */\r\nexport interface ArcGisOAuth2Token extends MapLayerAccessToken {\r\n\r\n // The expiration time of the token in milliseconds (UNIX time)\r\n expiresAt: number;\r\n\r\n // This property will show as true if the token must always pass over ssl.\r\n ssl: boolean;\r\n\r\n // Username associated with this token\r\n userName: string;\r\n\r\n // A Binary value that, if true, implies that the user had checked \"Keep me signed in\"\r\n persist?: boolean;\r\n}\r\n\r\n/** @internal */\r\nexport interface ArcGisToken extends MapLayerAccessToken {\r\n // The expiration time of the token in milliseconds since January 1, 1970 (UTC).\r\n expires: number;\r\n\r\n // This property will show as true if the token must always pass over ssl.\r\n ssl: boolean;\r\n}\r\n\r\n// client application's base URL, a user-specified IP address, or the IP address that is making the request.\r\n/** @internal */\r\nexport enum ArcGisTokenClientType {\r\n ip,\r\n referer,\r\n requestIp,\r\n}\r\n\r\n/** @internal */\r\nexport interface ArcGisGenerateTokenOptions {\r\n\r\n // The client type that will be granted access to the token.\r\n // Users will be able to specify whether the token will be generated for a client application's base URL,\r\n // a user-specified IP address, or the IP address that is making the request.\r\n client: ArcGisTokenClientType;\r\n\r\n // The IP address that will be using the created token for access.\r\n // On the Generate Token page, the IP address is specified in the IP Address field. This is required when client has been set as ip.\r\n // Example ip=11.11.111.111\r\n ip?: string;\r\n\r\n // The base URL of the client application that will use the token.\r\n // On the Generate Token page, the referrer URL is specified in the Webapp URL field.\r\n // Defaults to location.origin if undefined and client = referer.\r\n // This is required when client has been set as referer.\r\n // Example : referer=https://myserver/mywebapp\r\n referer?: string;\r\n\r\n // The token expiration time in minutes. The default is 60 minutes (one hour).\r\n // The maximum expiration period is 15 days. The maximum value of the expiration time is controlled by the server.\r\n // Requests for tokens larger than this time will be rejected.\r\n // Applications are responsible for renewing expired tokens;\r\n // expired tokens will be rejected by the server on subsequent requests that use the token.\r\n expiration?: number; // in minutes, defaults to 60 minutes\r\n}\r\n\r\n/** @internal */\r\nexport class ArcGisTokenGenerator {\r\n private static readonly restApiPath = \"/rest/\";\r\n private static readonly restApiInfoPath = \"info?f=pjson\";\r\n\r\n // Cache info url to avoid fetching/parsing twice for the same base url.\r\n private static _tokenServiceUrlCache = new Map<string, string>();\r\n\r\n public static async fetchTokenServiceUrl(arcGisRestServiceUrl: string): Promise<string | undefined> {\r\n const lowerUrl = arcGisRestServiceUrl.toLowerCase();\r\n const restApiIdx = lowerUrl.indexOf(ArcGisTokenGenerator.restApiPath);\r\n if (restApiIdx === -1)\r\n return undefined;\r\n const infoUrl = arcGisRestServiceUrl.substring(0, restApiIdx + ArcGisTokenGenerator.restApiPath.length) + ArcGisTokenGenerator.restApiInfoPath;\r\n\r\n let tokenServicesUrl: string | undefined;\r\n try {\r\n const response = await fetch(infoUrl, { method: \"GET\" });\r\n const json = await response.json();\r\n tokenServicesUrl = ArcGisTokenGenerator.getTokenServiceFromInfoJson(json);\r\n } catch { }\r\n return tokenServicesUrl;\r\n }\r\n\r\n public static getTokenServiceFromInfoJson(json: any): string | undefined {\r\n return json.authInfo?.isTokenBasedSecurity ? json?.authInfo?.tokenServicesUrl : undefined;\r\n }\r\n\r\n public async getTokenServiceUrl(baseUrl: string): Promise<string | undefined> {\r\n const cached = ArcGisTokenGenerator._tokenServiceUrlCache.get(baseUrl);\r\n if (cached !== undefined)\r\n return cached;\r\n\r\n const tokenServiceUrl = await ArcGisTokenGenerator.fetchTokenServiceUrl(baseUrl);\r\n if (tokenServiceUrl !== undefined)\r\n ArcGisTokenGenerator._tokenServiceUrlCache.set(baseUrl, tokenServiceUrl);\r\n\r\n return tokenServiceUrl;\r\n }\r\n\r\n // base url: ArcGis REST service base URL (format must be \"https://<host>/<instance>/rest/\")\r\n public async generate(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<any> {\r\n const tokenServiceUrl = await this.getTokenServiceUrl(arcGisRestServiceUrl);\r\n if (!tokenServiceUrl)\r\n return undefined;\r\n\r\n let token: undefined;\r\n try {\r\n const encodedUsername = encodeURIComponent(userName);\r\n const encodedPassword = encodeURIComponent(password);\r\n\r\n // Compose the expiration param\r\n let expirationStr = \"\";\r\n if (options.expiration) {\r\n expirationStr = `&expiration=${options.expiration}`;\r\n }\r\n\r\n // Compose the client param\r\n let clientStr = \"\";\r\n if (options.client === ArcGisTokenClientType.referer) {\r\n let refererStr = \"\";\r\n if (options.referer === undefined) {\r\n refererStr = encodeURIComponent(location.origin); // default to application origin\r\n } else {\r\n refererStr = encodeURIComponent(options.referer);\r\n }\r\n\r\n clientStr = `&client=referer&referer=${refererStr}`;\r\n } else if (options.client === ArcGisTokenClientType.ip) {\r\n if (options.ip === undefined)\r\n return token;\r\n clientStr = `&client=ip&ip=${options.ip}`;\r\n } else if (options.client === ArcGisTokenClientType.requestIp) {\r\n clientStr = `&client=requestip&ip=`;\r\n }\r\n\r\n const httpRequestOptions: RequestInit = {\r\n method: \"POST\",\r\n body: `username=${encodedUsername}&password=${encodedPassword}${clientStr}${expirationStr}&f=pjson`,\r\n headers: { \"content-type\": \"application/x-www-form-urlencoded\" },\r\n };\r\n\r\n const response = await fetch(tokenServiceUrl, httpRequestOptions);\r\n\r\n // Check a token was really generated (an error could be part of the body)\r\n token = await response.json();\r\n\r\n } catch { }\r\n return token;\r\n }\r\n\r\n // Encode following 'application/x-www-form-urlencoded' standard (https://www.w3.org/TR/html401/interact/forms.html#h-17.13.3.3)\r\n // Also mentioned here: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent\r\n public static formEncode(str: string): string {\r\n return ArcGisTokenGenerator.rfc1738Encode(str).replace(/%20/g, \"+\");\r\n }\r\n\r\n // Encode following RFC1738 standard (https://www.ietf.org/rfc/rfc1738.txt)\r\n // Code from https://locutus.io/php/url/rawurlencode/\r\n public static rfc1738Encode(str: string): string {\r\n return encodeURIComponent(str)\r\n .replace(/!/g, \"%21\")\r\n .replace(/'/g, \"%27\")\r\n .replace(/\\(/g, \"%28\")\r\n .replace(/\\)/g, \"%29\")\r\n .replace(/\\*/g, \"%2A\");\r\n }\r\n}\r\n"]}
1
+ {"version":3,"file":"ArcGisTokenGenerator.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenGenerator.ts"],"names":[],"mappings":"AAmCA,4GAA4G;AAC5G,gBAAgB;AAChB,MAAM,CAAN,IAAY,qBAIX;AAJD,WAAY,qBAAqB;IAC/B,6DAAE,CAAA;IACF,uEAAO,CAAA;IACP,2EAAS,CAAA;AACX,CAAC,EAJW,qBAAqB,KAArB,qBAAqB,QAIhC;AA8BD,gBAAgB;AAChB,MAAM,OAAO,oBAAoB;IACvB,MAAM,CAAU,WAAW,GAAG,QAAQ,CAAC;IACvC,MAAM,CAAU,eAAe,GAAG,cAAc,CAAC;IAEzD,wEAAwE;IAChE,MAAM,CAAC,qBAAqB,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE1D,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,oBAA4B;QACnE,MAAM,QAAQ,GAAG,oBAAoB,CAAC,WAAW,EAAE,CAAC;QACpD,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC;QACtE,IAAI,UAAU,KAAK,CAAC,CAAC;YACnB,OAAO,SAAS,CAAC;QACnB,MAAM,OAAO,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC,EAAE,UAAU,GAAG,oBAAoB,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,oBAAoB,CAAC,eAAe,CAAC;QAE/I,IAAI,gBAAoC,CAAC;QACzC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACzD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,gBAAgB,GAAG,oBAAoB,CAAC,2BAA2B,CAAC,IAAI,CAAC,CAAC;QAC5E,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAEM,MAAM,CAAC,2BAA2B,CAAC,IAAS;QACjD,OAAO,IAAI,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;IAC5F,CAAC;IAEM,KAAK,CAAC,kBAAkB,CAAC,OAAe;QAC7C,MAAM,MAAM,GAAG,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACvE,IAAI,MAAM,KAAK,SAAS;YACtB,OAAO,MAAM,CAAC;QAEhB,MAAM,eAAe,GAAG,MAAM,oBAAoB,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;QACjF,IAAI,eAAe,KAAK,SAAS;YAC/B,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAE3E,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,6FAA6F;IACtF,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QACzH,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,oBAAoB,CAAC,CAAC;QAC5E,IAAI,CAAC,eAAe;YAClB,OAAO,SAAS,CAAC;QAEnB,IAAI,KAAgB,CAAC;QACrB,IAAI,CAAC;YACH,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YACrD,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YAErD,+BAA+B;YAC/B,IAAI,aAAa,GAAG,EAAE,CAAC;YACvB,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;gBACvB,aAAa,GAAG,eAAe,OAAO,CAAC,UAAU,EAAE,CAAC;YACtD,CAAC;YAED,2BAA2B;YAC3B,IAAI,SAAS,GAAG,EAAE,CAAC;YACnB,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,OAAO,EAAE,CAAC;gBACrD,IAAI,UAAU,GAAG,EAAE,CAAC;gBACpB,IAAI,OAAO,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;oBAClC,UAAU,GAAG,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAK,gCAAgC;gBACxF,CAAC;qBAAM,CAAC;oBACN,UAAU,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;gBACnD,CAAC;gBAED,SAAS,GAAG,2BAA2B,UAAU,EAAE,CAAC;YACtD,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,EAAE,EAAE,CAAC;gBACvD,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS;oBAC1B,OAAO,KAAK,CAAC;gBACf,SAAS,GAAG,iBAAiB,OAAO,CAAC,EAAE,EAAE,CAAC;YAC5C,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,SAAS,EAAE,CAAC;gBAC9D,SAAS,GAAG,uBAAuB,CAAC;YACtC,CAAC;YAED,MAAM,kBAAkB,GAAgB;gBACtC,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,YAAY,eAAe,aAAa,eAAe,GAAG,SAAS,GAAG,aAAa,UAAU;gBACnG,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;aACjE,CAAC;YAEF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC;YAElE,0EAA0E;YAC1E,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEhC,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gIAAgI;IAChI,2HAA2H;IACpH,MAAM,CAAC,UAAU,CAAC,GAAW;QAClC,OAAO,oBAAoB,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACtE,CAAC;IAED,2EAA2E;IAC3E,qDAAqD;IAC9C,MAAM,CAAC,aAAa,CAAC,GAAW;QACrC,OAAO,kBAAkB,CAAC,GAAG,CAAC;aAC3B,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;IAC3B,CAAC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\n\n/** @packageDocumentation\n * @module Tiles\n */\n\n/** @internal */\nexport interface ArcGisOAuth2Token extends MapLayerAccessToken {\n\n // The expiration time of the token in milliseconds (UNIX time)\n expiresAt: number;\n\n // This property will show as true if the token must always pass over ssl.\n ssl: boolean;\n\n // Username associated with this token\n userName: string;\n\n // A Binary value that, if true, implies that the user had checked \"Keep me signed in\"\n persist?: boolean;\n}\n\n/** @internal */\nexport interface ArcGisToken extends MapLayerAccessToken {\n // The expiration time of the token in milliseconds since January 1, 1970 (UTC).\n expires: number;\n\n // This property will show as true if the token must always pass over ssl.\n ssl: boolean;\n}\n\n// client application's base URL, a user-specified IP address, or the IP address that is making the request.\n/** @internal */\nexport enum ArcGisTokenClientType {\n ip,\n referer,\n requestIp,\n}\n\n/** @internal */\nexport interface ArcGisGenerateTokenOptions {\n\n // The client type that will be granted access to the token.\n // Users will be able to specify whether the token will be generated for a client application's base URL,\n // a user-specified IP address, or the IP address that is making the request.\n client: ArcGisTokenClientType;\n\n // The IP address that will be using the created token for access.\n // On the Generate Token page, the IP address is specified in the IP Address field. This is required when client has been set as ip.\n // Example ip=11.11.111.111\n ip?: string;\n\n // The base URL of the client application that will use the token.\n // On the Generate Token page, the referrer URL is specified in the Webapp URL field.\n // Defaults to location.origin if undefined and client = referer.\n // This is required when client has been set as referer.\n // Example : referer=https://myserver/mywebapp\n referer?: string;\n\n // The token expiration time in minutes. The default is 60 minutes (one hour).\n // The maximum expiration period is 15 days. The maximum value of the expiration time is controlled by the server.\n // Requests for tokens larger than this time will be rejected.\n // Applications are responsible for renewing expired tokens;\n // expired tokens will be rejected by the server on subsequent requests that use the token.\n expiration?: number; // in minutes, defaults to 60 minutes\n}\n\n/** @internal */\nexport class ArcGisTokenGenerator {\n private static readonly restApiPath = \"/rest/\";\n private static readonly restApiInfoPath = \"info?f=pjson\";\n\n // Cache info url to avoid fetching/parsing twice for the same base url.\n private static _tokenServiceUrlCache = new Map<string, string>();\n\n public static async fetchTokenServiceUrl(arcGisRestServiceUrl: string): Promise<string | undefined> {\n const lowerUrl = arcGisRestServiceUrl.toLowerCase();\n const restApiIdx = lowerUrl.indexOf(ArcGisTokenGenerator.restApiPath);\n if (restApiIdx === -1)\n return undefined;\n const infoUrl = arcGisRestServiceUrl.substring(0, restApiIdx + ArcGisTokenGenerator.restApiPath.length) + ArcGisTokenGenerator.restApiInfoPath;\n\n let tokenServicesUrl: string | undefined;\n try {\n const response = await fetch(infoUrl, { method: \"GET\" });\n const json = await response.json();\n tokenServicesUrl = ArcGisTokenGenerator.getTokenServiceFromInfoJson(json);\n } catch { }\n return tokenServicesUrl;\n }\n\n public static getTokenServiceFromInfoJson(json: any): string | undefined {\n return json.authInfo?.isTokenBasedSecurity ? json?.authInfo?.tokenServicesUrl : undefined;\n }\n\n public async getTokenServiceUrl(baseUrl: string): Promise<string | undefined> {\n const cached = ArcGisTokenGenerator._tokenServiceUrlCache.get(baseUrl);\n if (cached !== undefined)\n return cached;\n\n const tokenServiceUrl = await ArcGisTokenGenerator.fetchTokenServiceUrl(baseUrl);\n if (tokenServiceUrl !== undefined)\n ArcGisTokenGenerator._tokenServiceUrlCache.set(baseUrl, tokenServiceUrl);\n\n return tokenServiceUrl;\n }\n\n // base url: ArcGis REST service base URL (format must be \"https://<host>/<instance>/rest/\")\n public async generate(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<any> {\n const tokenServiceUrl = await this.getTokenServiceUrl(arcGisRestServiceUrl);\n if (!tokenServiceUrl)\n return undefined;\n\n let token: undefined;\n try {\n const encodedUsername = encodeURIComponent(userName);\n const encodedPassword = encodeURIComponent(password);\n\n // Compose the expiration param\n let expirationStr = \"\";\n if (options.expiration) {\n expirationStr = `&expiration=${options.expiration}`;\n }\n\n // Compose the client param\n let clientStr = \"\";\n if (options.client === ArcGisTokenClientType.referer) {\n let refererStr = \"\";\n if (options.referer === undefined) {\n refererStr = encodeURIComponent(location.origin); // default to application origin\n } else {\n refererStr = encodeURIComponent(options.referer);\n }\n\n clientStr = `&client=referer&referer=${refererStr}`;\n } else if (options.client === ArcGisTokenClientType.ip) {\n if (options.ip === undefined)\n return token;\n clientStr = `&client=ip&ip=${options.ip}`;\n } else if (options.client === ArcGisTokenClientType.requestIp) {\n clientStr = `&client=requestip&ip=`;\n }\n\n const httpRequestOptions: RequestInit = {\n method: \"POST\",\n body: `username=${encodedUsername}&password=${encodedPassword}${clientStr}${expirationStr}&f=pjson`,\n headers: { \"content-type\": \"application/x-www-form-urlencoded\" },\n };\n\n const response = await fetch(tokenServiceUrl, httpRequestOptions);\n\n // Check a token was really generated (an error could be part of the body)\n token = await response.json();\n\n } catch { }\n return token;\n }\n\n // Encode following 'application/x-www-form-urlencoded' standard (https://www.w3.org/TR/html401/interact/forms.html#h-17.13.3.3)\n // Also mentioned here: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent\n public static formEncode(str: string): string {\n return ArcGisTokenGenerator.rfc1738Encode(str).replace(/%20/g, \"+\");\n }\n\n // Encode following RFC1738 standard (https://www.ietf.org/rfc/rfc1738.txt)\n // Code from https://locutus.io/php/url/rawurlencode/\n public static rfc1738Encode(str: string): string {\n return encodeURIComponent(str)\n .replace(/!/g, \"%21\")\n .replace(/'/g, \"%27\")\n .replace(/\\(/g, \"%28\")\n .replace(/\\)/g, \"%29\")\n .replace(/\\*/g, \"%2A\");\n }\n}\n"]}
package/lib/esm/ArcGis/ArcGisTokenManager.js CHANGED
@@ -8,6 +8,11 @@
8
8
  import { ArcGisTokenGenerator } from "./ArcGisTokenGenerator";
9
9
  /** @internal */
10
10
  export class ArcGisTokenManager {
11
+ static tokenExpiryThreshold = 300000; // 5 minutes in milliseconds
12
+ static _cache = new Map();
13
+ static _oauth2Cache;
14
+ static _generator;
15
+ static _browserStorageKey = "arcGisOAuth";
11
16
  static async getToken(arcGisRestServiceUrl, userName, password, options) {
12
17
  if (!ArcGisTokenManager._generator)
13
18
  ArcGisTokenManager._generator = new ArcGisTokenGenerator();
@@ -102,7 +107,4 @@ export class ArcGisTokenManager {
102
107
  window.localStorage.setItem(this._browserStorageKey, JSON.stringify(storageTokens));
103
108
  }
104
109
  }
105
- ArcGisTokenManager.tokenExpiryThreshold = 300000; // 5 minutes in milliseconds
106
- ArcGisTokenManager._cache = new Map();
107
- ArcGisTokenManager._browserStorageKey = "arcGisOAuth";
108
110
  //# sourceMappingURL=ArcGisTokenManager.js.map
package/lib/esm/ArcGis/ArcGisTokenManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisTokenManager.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenManager.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F;;GAEG;AAGH,OAAO,EAA8D,oBAAoB,EAAE,MAAM,wBAAwB,CAAC;AAO1H,gBAAgB;AAChB,MAAM,OAAO,kBAAkB;IAOtB,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QAChI,IAAI,CAAC,kBAAkB,CAAC,UAAU;YAChC,kBAAkB,CAAC,UAAU,GAAG,IAAI,oBAAoB,EAAE,CAAC;QAE7D,MAAM,aAAa,GAAG,GAAG,kBAAkB,CAAC,QAAQ,CAAC,IAAI,oBAAoB,EAAE,CAAC;QAEhF,mCAAmC;QACnC,MAAM,WAAW,GAAG,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QAEjE,2GAA2G;QAC3G,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACjH,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,yCAAyC;QACzC,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,oBAAoB,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACjH,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,KAAK,GAAG,QAAuB,CAAC;YACtC,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;YACpD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,MAAM,CAAC,eAAe,CAAC,KAA0B;QAEtD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,MAAM,EAAE,CAAC;YACrD,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK;gBAC7B,OAAO,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjD,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW;QACtC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;YACvE,kBAAkB,CAAC,sBAAsB,EAAE,CAAC;QAC9C,CAAC;QAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAE7D,gFAAgF;QAChF,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,SAAS,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACnH,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC5C,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAEM,MAAM,CAAC,qBAAqB,CAAC,KAA0B;QAE5D,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;YACpC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;gBAC3D,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK,EAAC,CAAC;oBAC/B,MAAM,OAAO,GAAG,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBAC5D,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;oBAC1C,OAAO,OAAO,CAAC;gBACjB,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW,EAAE,KAAwB;QAEhE,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;QAEzE,CAAC;QACD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAEhD,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;IAC5C,CAAC;IAEM,MAAM,CAAC,sBAAsB;QAClC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,IAAwB,EAAE,EAAE;YAC/C,IAAI,IAAI,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC1D,MAAM,MAAM,GAAiC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC9D,IAAI,MAAM,EAAE,CAAC;oBACX,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;wBAClD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;oBAClD,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,WAAW,CAAC,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;QACjF,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;IACjF,CAAC;IAEM,MAAM,CAAC,oBAAoB;QAEhC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QACD,MAAM,aAAa,GAAqB,EAAE,CAAC;QAC3C,MAAM,aAAa,GAAqB,EAAE,CAAC;QAE3C,kBAAkB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,KAAwB,EAAE,GAAW,EAAE,EAAE;YAChF,oEAAoE;YACpE,gCAAgC;YAChC,gCAAgC;YAChC,WAAW;YACX,gCAAgC;YAChC,IAAI;YACJ,aAAa,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC7B,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;QACtF,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;IACtF,CAAC;;AA3HuB,uCAAoB,GAAG,MAAM,CAAC,CAAE,4BAA4B;AACrE,yBAAM,GAAG,IAAI,GAAG,EAAuB,CAAC;AAG/B,qCAAkB,GAAG,aAAa,CAAC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\r\nimport { ArcGisGenerateTokenOptions, ArcGisOAuth2Token, ArcGisToken, ArcGisTokenGenerator } from \"./ArcGisTokenGenerator\";\r\n\r\n/** @internal */\r\ninterface ArcGisTokenProps {\r\n [hostname: string]: ArcGisOAuth2Token;\r\n}\r\n\r\n/** @internal */\r\nexport class ArcGisTokenManager {\r\n private static readonly tokenExpiryThreshold = 300000; // 5 minutes in milliseconds\r\n private static _cache = new Map<string, ArcGisToken>();\r\n private static _oauth2Cache: Map<string, ArcGisOAuth2Token> | undefined;\r\n private static _generator: ArcGisTokenGenerator | undefined;\r\n private static readonly _browserStorageKey = \"arcGisOAuth\";\r\n\r\n public static async getToken(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<ArcGisToken | undefined> {\r\n if (!ArcGisTokenManager._generator)\r\n ArcGisTokenManager._generator = new ArcGisTokenGenerator();\r\n\r\n const tokenCacheKey = `${encodeURIComponent(userName)}@${arcGisRestServiceUrl}`;\r\n\r\n // First check in the session cache\r\n const cachedToken = ArcGisTokenManager._cache.get(tokenCacheKey);\r\n\r\n // Check if token is in cached and is valid within the threshold, if not, generate a new token immediately.\r\n if (cachedToken !== undefined && (cachedToken.expires - (+new Date()) > ArcGisTokenManager.tokenExpiryThreshold)) {\r\n return cachedToken;\r\n }\r\n\r\n // Nothing in cache, generate a new token\r\n const newToken = await ArcGisTokenManager._generator.generate(arcGisRestServiceUrl, userName, password, options);\r\n if (newToken.token) {\r\n const token = newToken as ArcGisToken;\r\n ArcGisTokenManager._cache.set(tokenCacheKey, token);\r\n return token;\r\n }\r\n\r\n return undefined;\r\n }\r\n\r\n public static invalidateToken(token: MapLayerAccessToken): boolean {\r\n\r\n for (const [key, value] of ArcGisTokenManager._cache) {\r\n if (value.token === token.token)\r\n return ArcGisTokenManager._cache.delete(key);\r\n }\r\n\r\n return false;\r\n }\r\n\r\n public static getOAuth2Token(key: string): ArcGisOAuth2Token | undefined {\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\r\n ArcGisTokenManager.loadFromBrowserStorage();\r\n }\r\n\r\n const cachedToken = ArcGisTokenManager._oauth2Cache.get(key);\r\n\r\n // If cached token has expired (or about to expire), invalidate don't return it.\r\n if (cachedToken !== undefined && (cachedToken.expiresAt - (+new Date()) < ArcGisTokenManager.tokenExpiryThreshold)) {\r\n ArcGisTokenManager._oauth2Cache.delete(key);\r\n return undefined;\r\n }\r\n\r\n return cachedToken;\r\n }\r\n\r\n public static invalidateOAuth2Token(token: MapLayerAccessToken) {\r\n\r\n if (ArcGisTokenManager._oauth2Cache) {\r\n for (const [key, value] of ArcGisTokenManager._oauth2Cache) {\r\n if (value.token === token.token){\r\n const deleted = ArcGisTokenManager._oauth2Cache.delete(key);\r\n ArcGisTokenManager.saveToBrowserStorage();\r\n return deleted;\r\n }\r\n }\r\n }\r\n\r\n return false;\r\n }\r\n\r\n public static setOAuth2Token(key: string, token: ArcGisOAuth2Token) {\r\n\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\r\n\r\n }\r\n ArcGisTokenManager._oauth2Cache.set(key, token);\r\n\r\n ArcGisTokenManager.saveToBrowserStorage();\r\n }\r\n\r\n public static loadFromBrowserStorage() {\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n return;\r\n }\r\n\r\n const loadEntries = (json: string | undefined) => {\r\n if (json && ArcGisTokenManager._oauth2Cache !== undefined) {\r\n const tokens: ArcGisTokenProps | undefined = JSON.parse(json);\r\n if (tokens) {\r\n for (const [key, value] of Object.entries(tokens)) {\r\n ArcGisTokenManager._oauth2Cache.set(key, value);\r\n }\r\n }\r\n }\r\n };\r\n\r\n loadEntries(window.sessionStorage.getItem(this._browserStorageKey) ?? undefined);\r\n loadEntries(window.localStorage.getItem(this._browserStorageKey) ?? undefined);\r\n }\r\n\r\n public static saveToBrowserStorage() {\r\n\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n return;\r\n }\r\n const sessionTokens: ArcGisTokenProps = {};\r\n const storageTokens: ArcGisTokenProps = {};\r\n\r\n ArcGisTokenManager._oauth2Cache.forEach((value: ArcGisOAuth2Token, key: string) => {\r\n // ignore the persist flag for now, and only save to session storage\r\n // if (value.persist === true) {\r\n // storageTokens[key] = value;\r\n // } else {\r\n // sessionTokens[key] = value;\r\n // }\r\n sessionTokens[key] = value;\r\n });\r\n window.sessionStorage.setItem(this._browserStorageKey, JSON.stringify(sessionTokens));\r\n window.localStorage.setItem(this._browserStorageKey, JSON.stringify(storageTokens));\r\n }\r\n\r\n}\r\n"]}
1
+ {"version":3,"file":"ArcGisTokenManager.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenManager.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F;;GAEG;AAGH,OAAO,EAA8D,oBAAoB,EAAE,MAAM,wBAAwB,CAAC;AAO1H,gBAAgB;AAChB,MAAM,OAAO,kBAAkB;IACrB,MAAM,CAAU,oBAAoB,GAAG,MAAM,CAAC,CAAE,4BAA4B;IAC5E,MAAM,CAAC,MAAM,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC/C,MAAM,CAAC,YAAY,CAA6C;IAChE,MAAM,CAAC,UAAU,CAAmC;IACpD,MAAM,CAAU,kBAAkB,GAAG,aAAa,CAAC;IAEpD,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QAChI,IAAI,CAAC,kBAAkB,CAAC,UAAU;YAChC,kBAAkB,CAAC,UAAU,GAAG,IAAI,oBAAoB,EAAE,CAAC;QAE7D,MAAM,aAAa,GAAG,GAAG,kBAAkB,CAAC,QAAQ,CAAC,IAAI,oBAAoB,EAAE,CAAC;QAEhF,mCAAmC;QACnC,MAAM,WAAW,GAAG,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QAEjE,2GAA2G;QAC3G,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACjH,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,yCAAyC;QACzC,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,oBAAoB,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACjH,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,KAAK,GAAG,QAAuB,CAAC;YACtC,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;YACpD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,MAAM,CAAC,eAAe,CAAC,KAA0B;QAEtD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,MAAM,EAAE,CAAC;YACrD,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK;gBAC7B,OAAO,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjD,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW;QACtC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;YACvE,kBAAkB,CAAC,sBAAsB,EAAE,CAAC;QAC9C,CAAC;QAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAE7D,gFAAgF;QAChF,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,SAAS,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACnH,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC5C,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAEM,MAAM,CAAC,qBAAqB,CAAC,KAA0B;QAE5D,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;YACpC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;gBAC3D,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK,EAAC,CAAC;oBAC/B,MAAM,OAAO,GAAG,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBAC5D,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;oBAC1C,OAAO,OAAO,CAAC;gBACjB,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW,EAAE,KAAwB;QAEhE,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;QAEzE,CAAC;QACD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAEhD,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;IAC5C,CAAC;IAEM,MAAM,CAAC,sBAAsB;QAClC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,IAAwB,EAAE,EAAE;YAC/C,IAAI,IAAI,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC1D,MAAM,MAAM,GAAiC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC9D,IAAI,MAAM,EAAE,CAAC;oBACX,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;wBAClD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;oBAClD,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,WAAW,CAAC,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;QACjF,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;IACjF,CAAC;IAEM,MAAM,CAAC,oBAAoB;QAEhC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QACD,MAAM,aAAa,GAAqB,EAAE,CAAC;QAC3C,MAAM,aAAa,GAAqB,EAAE,CAAC;QAE3C,kBAAkB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,KAAwB,EAAE,GAAW,EAAE,EAAE;YAChF,oEAAoE;YACpE,gCAAgC;YAChC,gCAAgC;YAChC,WAAW;YACX,gCAAgC;YAChC,IAAI;YACJ,aAAa,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC7B,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;QACtF,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;IACtF,CAAC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @packageDocumentation\n * @module Tiles\n */\n\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\nimport { ArcGisGenerateTokenOptions, ArcGisOAuth2Token, ArcGisToken, ArcGisTokenGenerator } from \"./ArcGisTokenGenerator\";\n\n/** @internal */\ninterface ArcGisTokenProps {\n [hostname: string]: ArcGisOAuth2Token;\n}\n\n/** @internal */\nexport class ArcGisTokenManager {\n private static readonly tokenExpiryThreshold = 300000; // 5 minutes in milliseconds\n private static _cache = new Map<string, ArcGisToken>();\n private static _oauth2Cache: Map<string, ArcGisOAuth2Token> | undefined;\n private static _generator: ArcGisTokenGenerator | undefined;\n private static readonly _browserStorageKey = \"arcGisOAuth\";\n\n public static async getToken(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<ArcGisToken | undefined> {\n if (!ArcGisTokenManager._generator)\n ArcGisTokenManager._generator = new ArcGisTokenGenerator();\n\n const tokenCacheKey = `${encodeURIComponent(userName)}@${arcGisRestServiceUrl}`;\n\n // First check in the session cache\n const cachedToken = ArcGisTokenManager._cache.get(tokenCacheKey);\n\n // Check if token is in cached and is valid within the threshold, if not, generate a new token immediately.\n if (cachedToken !== undefined && (cachedToken.expires - (+new Date()) > ArcGisTokenManager.tokenExpiryThreshold)) {\n return cachedToken;\n }\n\n // Nothing in cache, generate a new token\n const newToken = await ArcGisTokenManager._generator.generate(arcGisRestServiceUrl, userName, password, options);\n if (newToken.token) {\n const token = newToken as ArcGisToken;\n ArcGisTokenManager._cache.set(tokenCacheKey, token);\n return token;\n }\n\n return undefined;\n }\n\n public static invalidateToken(token: MapLayerAccessToken): boolean {\n\n for (const [key, value] of ArcGisTokenManager._cache) {\n if (value.token === token.token)\n return ArcGisTokenManager._cache.delete(key);\n }\n\n return false;\n }\n\n public static getOAuth2Token(key: string): ArcGisOAuth2Token | undefined {\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\n ArcGisTokenManager.loadFromBrowserStorage();\n }\n\n const cachedToken = ArcGisTokenManager._oauth2Cache.get(key);\n\n // If cached token has expired (or about to expire), invalidate don't return it.\n if (cachedToken !== undefined && (cachedToken.expiresAt - (+new Date()) < ArcGisTokenManager.tokenExpiryThreshold)) {\n ArcGisTokenManager._oauth2Cache.delete(key);\n return undefined;\n }\n\n return cachedToken;\n }\n\n public static invalidateOAuth2Token(token: MapLayerAccessToken) {\n\n if (ArcGisTokenManager._oauth2Cache) {\n for (const [key, value] of ArcGisTokenManager._oauth2Cache) {\n if (value.token === token.token){\n const deleted = ArcGisTokenManager._oauth2Cache.delete(key);\n ArcGisTokenManager.saveToBrowserStorage();\n return deleted;\n }\n }\n }\n\n return false;\n }\n\n public static setOAuth2Token(key: string, token: ArcGisOAuth2Token) {\n\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\n\n }\n ArcGisTokenManager._oauth2Cache.set(key, token);\n\n ArcGisTokenManager.saveToBrowserStorage();\n }\n\n public static loadFromBrowserStorage() {\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n return;\n }\n\n const loadEntries = (json: string | undefined) => {\n if (json && ArcGisTokenManager._oauth2Cache !== undefined) {\n const tokens: ArcGisTokenProps | undefined = JSON.parse(json);\n if (tokens) {\n for (const [key, value] of Object.entries(tokens)) {\n ArcGisTokenManager._oauth2Cache.set(key, value);\n }\n }\n }\n };\n\n loadEntries(window.sessionStorage.getItem(this._browserStorageKey) ?? undefined);\n loadEntries(window.localStorage.getItem(this._browserStorageKey) ?? undefined);\n }\n\n public static saveToBrowserStorage() {\n\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n return;\n }\n const sessionTokens: ArcGisTokenProps = {};\n const storageTokens: ArcGisTokenProps = {};\n\n ArcGisTokenManager._oauth2Cache.forEach((value: ArcGisOAuth2Token, key: string) => {\n // ignore the persist flag for now, and only save to session storage\n // if (value.persist === true) {\n // storageTokens[key] = value;\n // } else {\n // sessionTokens[key] = value;\n // }\n sessionTokens[key] = value;\n });\n window.sessionStorage.setItem(this._browserStorageKey, JSON.stringify(sessionTokens));\n window.localStorage.setItem(this._browserStorageKey, JSON.stringify(storageTokens));\n }\n\n}\n"]}
package/lib/esm/ArcGis/ArcGisUrl.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisUrl.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisUrl.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F,gBAAgB;AAChB,MAAM,OAAO,SAAS;IAEpB,qCAAqC;IAC9B,MAAM,CAAC,kBAAkB,CAAC,GAAQ;QACvC,MAAM,MAAM,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC;QAC3B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAC1C,OAAO,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAEjG,CAAC;IAEM,MAAM,CAAC,KAAK,CAAC,8BAA8B,CAAC,GAAQ;QACzD,MAAM,OAAO,GAAG,SAAS,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAClD,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,wGAAwG;QACxG,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,GAAG,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACrD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAEzC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QAED,MAAM,gBAAgB,GAAG,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC;QAC1D,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,SAAS,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACjE,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,GAAQ;QACrC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YAChE,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC/B,CAAC;QAAC,MAAM,CAAC;QACT,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;CACF","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @internal */\r\nexport class ArcGisUrl {\r\n\r\n // Extract the sub-url up to '/rest/'\r\n public static extractRestBaseUrl(url: URL): URL | undefined {\r\n const urlStr = url.toString();\r\n const searchStr = \"/rest/\";\r\n const restPos = urlStr.indexOf(searchStr);\r\n return (restPos === -1 ? undefined : new URL(urlStr.substring(0, restPos + searchStr.length)));\r\n\r\n }\r\n\r\n public static async getRestUrlFromGenerateTokenUrl(url: URL): Promise<URL | undefined> {\r\n const restUrl = ArcGisUrl.extractRestBaseUrl(url);\r\n if (restUrl === undefined) {\r\n return undefined;\r\n }\r\n\r\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\r\n const infoUrl = new URL(`${restUrl.toString()}info`);\r\n infoUrl.searchParams.append(\"f\", \"json\");\r\n\r\n let json;\r\n try {\r\n json = await ArcGisUrl.fetchJson(infoUrl);\r\n } catch {\r\n\r\n }\r\n\r\n const tokenServicesUrl = json?.authInfo?.tokenServicesUrl;\r\n if (tokenServicesUrl === undefined) {\r\n return undefined;\r\n }\r\n return ArcGisUrl.extractRestBaseUrl(new URL(tokenServicesUrl));\r\n }\r\n\r\n private static async fetchJson(url: URL): Promise<any> {\r\n let json;\r\n try {\r\n const response = await fetch(url.toString(), { method: \"GET\" });\r\n json = await response.json();\r\n } catch {\r\n }\r\n return json;\r\n }\r\n}\r\n"]}
1
+ {"version":3,"file":"ArcGisUrl.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisUrl.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F,gBAAgB;AAChB,MAAM,OAAO,SAAS;IAEpB,qCAAqC;IAC9B,MAAM,CAAC,kBAAkB,CAAC,GAAQ;QACvC,MAAM,MAAM,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC;QAC3B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAC1C,OAAO,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAEjG,CAAC;IAEM,MAAM,CAAC,KAAK,CAAC,8BAA8B,CAAC,GAAQ;QACzD,MAAM,OAAO,GAAG,SAAS,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAClD,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,wGAAwG;QACxG,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,GAAG,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACrD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAEzC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QAED,MAAM,gBAAgB,GAAG,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC;QAC1D,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,SAAS,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACjE,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,GAAQ;QACrC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YAChE,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC/B,CAAC;QAAC,MAAM,CAAC;QACT,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;CACF","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @internal */\nexport class ArcGisUrl {\n\n // Extract the sub-url up to '/rest/'\n public static extractRestBaseUrl(url: URL): URL | undefined {\n const urlStr = url.toString();\n const searchStr = \"/rest/\";\n const restPos = urlStr.indexOf(searchStr);\n return (restPos === -1 ? undefined : new URL(urlStr.substring(0, restPos + searchStr.length)));\n\n }\n\n public static async getRestUrlFromGenerateTokenUrl(url: URL): Promise<URL | undefined> {\n const restUrl = ArcGisUrl.extractRestBaseUrl(url);\n if (restUrl === undefined) {\n return undefined;\n }\n\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\n const infoUrl = new URL(`${restUrl.toString()}info`);\n infoUrl.searchParams.append(\"f\", \"json\");\n\n let json;\n try {\n json = await ArcGisUrl.fetchJson(infoUrl);\n } catch {\n\n }\n\n const tokenServicesUrl = json?.authInfo?.tokenServicesUrl;\n if (tokenServicesUrl === undefined) {\n return undefined;\n }\n return ArcGisUrl.extractRestBaseUrl(new URL(tokenServicesUrl));\n }\n\n private static async fetchJson(url: URL): Promise<any> {\n let json;\n try {\n const response = await fetch(url.toString(), { method: \"GET\" });\n json = await response.json();\n } catch {\n }\n return json;\n }\n}\n"]}
package/lib/esm/map-layers-auth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"map-layers-auth.js","sourceRoot":"","sources":["../../src/map-layers-auth.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F,cAAc,+BAA+B,CAAC;AAC9C,cAAc,oBAAoB,CAAC;AACnC,cAAc,6BAA6B,CAAC;AAC5C,cAAc,+BAA+B,CAAC;AAC9C,cAAc,6BAA6B,CAAC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\nexport * from \"./ArcGis/ArcGisOAuth2Endpoint\";\r\nexport * from \"./ArcGis/ArcGisUrl\";\r\nexport * from \"./ArcGis/ArcGisAccessClient\";\r\nexport * from \"./ArcGis/ArcGisTokenGenerator\";\r\nexport * from \"./ArcGis/ArcGisTokenManager\";\r\n"]}
1
+ {"version":3,"file":"map-layers-auth.js","sourceRoot":"","sources":["../../src/map-layers-auth.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F,cAAc,+BAA+B,CAAC;AAC9C,cAAc,oBAAoB,CAAC;AACnC,cAAc,6BAA6B,CAAC;AAC5C,cAAc,+BAA+B,CAAC;AAC9C,cAAc,6BAA6B,CAAC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\nexport * from \"./ArcGis/ArcGisOAuth2Endpoint\";\nexport * from \"./ArcGis/ArcGisUrl\";\nexport * from \"./ArcGis/ArcGisAccessClient\";\nexport * from \"./ArcGis/ArcGisTokenGenerator\";\nexport * from \"./ArcGis/ArcGisTokenManager\";\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@itwin/map-layers-auth",
3
- "version": "5.0.0-dev.9",
3
+ "version": "5.0.0-dev.90",
4
4
  "description": "Extension that adds a Map Layers Widget",
5
5
  "main": "lib/cjs/map-layers-auth.js",
6
6
  "module": "lib/esm/map-layers-auth.js",
@@ -29,24 +29,21 @@
29
29
  "@types/sinon-chai": "^3.2.0",
30
30
  "chai": "^4.3.10",
31
31
  "eslint": "^9.13.0",
32
- "ignore-styles": "^5.0.1",
33
- "jsdom": "^19.0.0",
34
- "jsdom-global": "3.0.2",
35
- "mocha": "^10.2.0",
36
- "nyc": "^15.1.0",
37
- "rimraf": "^3.0.2",
32
+ "mocha": "^11.1.0",
33
+ "nyc": "^17.1.0",
34
+ "rimraf": "^6.0.1",
38
35
  "sinon": "^17.0.2",
39
36
  "sinon-chai": "^3.7.0",
40
37
  "source-map-support": "^0.5.6",
41
38
  "typescript": "~5.6.2",
42
39
  "fetch-mock": "~11.1.3",
43
- "@itwin/build-tools": "5.0.0-dev.9",
44
- "@itwin/core-bentley": "5.0.0-dev.9",
45
- "@itwin/core-frontend": "5.0.0-dev.9",
46
- "@itwin/core-common": "5.0.0-dev.9"
40
+ "@itwin/build-tools": "5.0.0-dev.90",
41
+ "@itwin/core-bentley": "5.0.0-dev.90",
42
+ "@itwin/core-common": "5.0.0-dev.90",
43
+ "@itwin/core-frontend": "5.0.0-dev.90"
47
44
  },
48
45
  "peerDependencies": {
49
- "@itwin/core-bentley": "5.0.0-dev.9"
46
+ "@itwin/core-bentley": "5.0.0-dev.90"
50
47
  },
51
48
  "nyc": {
52
49
  "extends": "./node_modules/@itwin/build-tools/.nycrc",
@@ -54,10 +51,10 @@
54
51
  },
55
52
  "mocha": {
56
53
  "require": [
57
- "raf/polyfill",
58
- "source-map-support/register",
59
- "jsdom-global/register",
60
- "ignore-styles"
54
+ "source-map-support/register"
55
+ ],
56
+ "globals": [
57
+ "arcGisOAuth2Callback"
61
58
  ],
62
59
  "checkLeaks": true,
63
60
  "timeout": 60000,
@@ -75,8 +72,8 @@
75
72
  "scripts": {
76
73
  "build": "npm run -s build:cjs && npm run -s build:esm",
77
74
  "build:cjs": "tsc 1>&2 --outDir lib/cjs",
78
- "build:esm": "tsc 1>&2 --module ES2020 --outDir lib/esm",
79
- "clean": "rimraf lib .rush/temp/package-deps*.json",
75
+ "build:esm": "tsc 1>&2 --module ES2022 --outDir lib/esm",
76
+ "clean": "rimraf -g lib .rush/temp/package-deps*.json",
80
77
  "cover": "nyc npm -s test",
81
78
  "docs": "",
82
79
  "extract-api": "betools extract-api --entry=map-layers-auth",