@itwin/map-layers-auth 5.5.0-dev.2 → 5.5.0-dev.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +6 -1
  2. package/lib/cjs/ArcGis/ArcGisAccessClient.js.map +1 -1
  3. package/lib/cjs/ArcGis/ArcGisOAuth2Endpoint.js.map +1 -1
  4. package/lib/cjs/ArcGis/ArcGisTokenGenerator.js.map +1 -1
  5. package/lib/cjs/ArcGis/ArcGisTokenManager.js.map +1 -1
  6. package/lib/cjs/ArcGis/ArcGisUrl.js.map +1 -1
  7. package/lib/cjs/map-layers-auth.js.map +1 -1
  8. package/lib/esm/ArcGis/ArcGisAccessClient.js.map +1 -1
  9. package/lib/esm/ArcGis/ArcGisOAuth2Endpoint.js.map +1 -1
  10. package/lib/esm/ArcGis/ArcGisTokenGenerator.js.map +1 -1
  11. package/lib/esm/ArcGis/ArcGisTokenManager.js.map +1 -1
  12. package/lib/esm/ArcGis/ArcGisUrl.js.map +1 -1
  13. package/lib/esm/map-layers-auth.js.map +1 -1
  14. package/package.json +6 -6
package/CHANGELOG.md CHANGED
@@ -1,6 +1,11 @@
1
1
  # Change Log - @itwin/map-layers-auth
2
2
 
3
- This log was last generated on Thu, 20 Nov 2025 22:31:49 GMT and should not be manually modified.
3
+ This log was last generated on Tue, 02 Dec 2025 23:11:57 GMT and should not be manually modified.
4
+
5
+ ## 5.4.0
6
+ Tue, 02 Dec 2025 21:22:25 GMT
7
+
8
+ _Version update only_
4
9
 
5
10
  ## 5.3.3
6
11
  Thu, 20 Nov 2025 22:30:37 GMT
package/lib/cjs/ArcGis/ArcGisAccessClient.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":";AAAA;;;+FAG+F;AAC/F;;GAEG;;;AAEH,sDAAsD;AAEtD,uEAA2F;AAC3F,uEAAqF;AACrF,mEAA6D;AAC7D,iDAA2C;AA8C3C,YAAY;AACZ,MAAa,kBAAkB;IACb,iBAAiB,GAAG,IAAI,sBAAO,EAAE,CAAC;IAC1C,YAAY,CAAqB;IACjC,WAAW,CAAqB;IAChC,UAAU,CAAmC;IAErD,sDAAsD;IAC9C,iBAAiB,GAAG,KAAK,CAAC;IAElC;IACA,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,UAAkB,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;YACzE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;oBAC/H,IAAI,cAAc,CAAC;oBACnB,IAAI,CAAC;wBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,EAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,EAAE,cAAc,CAAC;oBAEzC,CAAC;oBAAC,MAAM,CAAC;oBACT,CAAC;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;wBACjC,0CAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;oBACtB,CAAC;gBAEH,CAAC;YACH,CAAC;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,UAAkB,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACvD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAE/F,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;QACvB,CAAC;QAED,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACvC,OAAO,0CAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,+CAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;QACjJ,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,gBAAgB;IACT,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAC5D,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IAC1G,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,kDAAwB,CAAC,SAAS,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,0CAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,0CAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,QAA4B,CAAC;QACjC,IAAI,eAAmC,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;YAC9B,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE,CAAC;gBAChC,eAAe,GAAG,KAAK,CAAC,QAAQ,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;oBACvD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YAC5D,QAAQ,GAAG,eAAe,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;QAC7B,OAAO,IAAI,CAAC,UAAU,EAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;QACvD,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;QAClC,OAAO,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;QAEnE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;gBACpB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACpE,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzE,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;gBAClC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;QAEhE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;QAChJ,CAAC;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,kDAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,0CAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,uEAAuE;IACvE,8EAA8E;IAC9E,4DAA4D;IAEpD,eAAe,GAAG,IAAI,GAAG,EAAoC,CAAC;IAEtE;;;KAGC;IACO,aAAa,CAAC,GAAgB,EAAE,YAAsC,EAAE,QAA8B;QAC5G,MAAM,KAAK,GAAG,YAAY,KAAK,kDAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,EAAC,iBAAiB,EAAE,QAAQ,EAAC,CAAC,CAAC,CAAC,EAAC,aAAa,EAAE,QAAQ,EAAC,CAAC;QAC9H,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACvC,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,cAAc,CAAC,WAAwB,EAAE,gBAAwB,EAAE,YAAsC;QACrH,oCAAoC;QACpC,MAAM,aAAa,GAAG,IAAI,8CAAoB,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;QACzH,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC;QAC7D,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;;MAGE;IACM,iBAAiB,CAAC,GAAQ;QAChC,MAAM,YAAY,GAAG;YACnB,YAAY;SACb,CAAC;QAEF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACxF,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,GAAW;QAC3C,IAAI,KAAwB,CAAC;QAC7B,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,kBAAkB,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1E,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;YAC5E,6GAA6G;YAC7G,qCAAqC;QACvC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,WAAmB,EAAE,YAAsC;QACzF,iCAAiC;QACjC,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;YACjC,OAAO,CAAC,YAAY,KAAK,kDAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrI,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,YAAY,KAAK,kDAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAElG,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QAEpC,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBAC5C,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,8CAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAC5F,CAAC;aAAM,CAAC;YAEN,wGAAwG;YACxG,IAAI,CAAC;gBACH,MAAM,uBAAuB,GAAG,MAAM,wBAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;gBAEvF,IAAI,uBAAuB,KAAK,SAAS,EAAE,CAAC;oBAC1C,kEAAkE;oBAClE,8FAA8F;oBAC9F,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;oBACvF,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;wBAClD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;wBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;wBAE9H,uCAAuC;wBACvC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;wBACxE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;4BAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,YAAY,CAAC,CAAC;4BAC5F,IAAI,QAAQ;gCACV,OAAO,QAAQ,CAAC;wBACpB,CAAC;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,gBAAgB,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBACtF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;oBACpE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;wBAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAC;wBACxF,IAAI,QAAQ;4BACV,OAAO,QAAQ,CAAC;oBACpB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;YACT,CAAC;QACH,CAAC;QAED,gEAAgE;QAChE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAE,oEAAoE;QAEhH,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QAEH,CAAC;aAAM,CAAC;YACN,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF;AArVD,gDAqVC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @packageDocumentation\n * @module Tiles\n */\n\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint.js\";\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator.js\";\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager.js\";\nimport { ArcGisUrl } from \"./ArcGisUrl.js\";\n\n/** @beta */\nexport interface ArcGisEnterpriseClientId {\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\n used to identify uniquely each enterprise server. */\n serviceBaseUrl: string;\n\n /* Application's clientId for this enterprise server.*/\n clientId: string;\n}\n\n/** @beta */\nexport interface ArcGisOAuthClientIds {\n /* Application's OAuth clientId in ArcGIS online */\n arcgisOnlineClientId?: string;\n\n /* Application's OAuth clientId for each enterprise server used. */\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\n}\n\n/** @beta\n * ArcGIS OAuth configurations parameters.\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\n * more details.\n*/\nexport interface ArcGisOAuthConfig {\n /* URL to which a user is sent once they complete sign in authorization.\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\n */\n redirectUri: string;\n\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\n tokenExpiration?: number;\n\n /* Application client Ids */\n clientIds: ArcGisOAuthClientIds;\n}\n\ninterface EndPointsCacheEntry {\n authorizeEndpoint?: ArcGisOAuth2Endpoint;\n tokenEndpoint?: ArcGisOAuth2Endpoint;\n}\n\ntype MapLayerUrl = string;\n\n/** @beta */\nexport class ArcGisAccessClient implements MapLayerAccessClient {\n public readonly onOAuthProcessEnd = new BeEvent();\n private _redirectUri: string | undefined;\n private _expiration: number | undefined;\n private _clientIds: ArcGisOAuthClientIds | undefined;\n\n // Should be kept to 'false'. Debugging purposes only.\n private _forceLegacyToken = false;\n\n public constructor() {\n }\n\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\n if (oAuthConfig) {\n this._redirectUri = oAuthConfig.redirectUri;\n this._expiration = oAuthConfig.tokenExpiration;\n this._clientIds = oAuthConfig.clientIds;\n\n this.initOauthCallbackFunction();\n }\n return true;\n }\n\n private initOauthCallbackFunction() {\n (globalThis as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\n let eventSuccess = false;\n let stateData;\n\n if (redirectLocation && redirectLocation.hash.length > 0) {\n const locationHash = redirectLocation.hash;\n const hashParams = new URLSearchParams(locationHash.substring(1));\n const token = hashParams.get(\"access_token\") ?? undefined;\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\n const userName = hashParams.get(\"username\") ?? undefined;\n const ssl = hashParams.get(\"ssl\") === \"true\";\n const stateStr = hashParams.get(\"state\") ?? undefined;\n const persist = hashParams.get(\"persist\") === \"true\";\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\n let endpointOrigin;\n try {\n const state = JSON.parse(stateStr);\n stateData = state?.customData;\n endpointOrigin = state?.endpointOrigin;\n\n } catch {\n }\n const expiresIn = Number(expiresInStr);\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\n if (endpointOrigin !== undefined) {\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\n eventSuccess = true;\n }\n\n }\n }\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\n };\n }\n\n public unInitialize() {\n this._redirectUri = undefined;\n this._expiration = undefined;\n (globalThis as any).arcGisOAuth2Callback = undefined;\n }\n\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\n\n if (!this._forceLegacyToken) {\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\n if (oauth2Token)\n return oauth2Token;\n }\n\n if (params.userName && params.password) {\n return ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\n }\n\n return undefined;\n }\n\n /** @internal */\n public static async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean> {\n const data = await fetch(endpointUrl, { method: \"GET\" });\n return data.status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\n }\n\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\n if (!this._forceLegacyToken) {\n return this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n }\n\n return undefined;\n }\n\n public invalidateToken(token: MapLayerAccessToken): boolean {\n let found = ArcGisTokenManager.invalidateToken(token);\n if (!found) {\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\n }\n return found;\n }\n\n public get redirectUri() {\n return this._redirectUri;\n }\n\n public getMatchingEnterpriseClientId(url: string) {\n const clientIds = this.arcGisEnterpriseClientIds;\n if (!clientIds) {\n return undefined;\n }\n\n let clientId: string | undefined;\n let defaultClientId: string | undefined;\n for (const entry of clientIds) {\n if (entry.serviceBaseUrl === \"\") {\n defaultClientId = entry.clientId;\n } else {\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\n clientId = entry.clientId;\n }\n }\n }\n\n // If we could not find a match with serviceBaseUrl, and a default clientId\n // was specified (i.e empty url), then use default clientId\n if (clientId === undefined && defaultClientId !== undefined) {\n clientId = defaultClientId;\n }\n return clientId;\n }\n\n public get expiration() {\n return this._expiration;\n }\n\n public get arcGisOnlineClientId() {\n return this._clientIds?.arcgisOnlineClientId;\n }\n\n public set arcGisOnlineClientId(clientId: string | undefined) {\n if (this._clientIds === undefined) {\n this._clientIds = { arcgisOnlineClientId: clientId };\n }\n this._clientIds.arcgisOnlineClientId = clientId;\n }\n\n public get arcGisEnterpriseClientIds() {\n return this._clientIds?.enterpriseClientIds;\n }\n\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\n\n if (this._clientIds?.enterpriseClientIds) {\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\n if (foundIdx !== -1) {\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\n } else {\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\n }\n } else {\n if (this._clientIds === undefined) {\n this._clientIds = {};\n }\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\n }\n }\n\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\n\n if (this._clientIds?.enterpriseClientIds) {\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\n }\n\n }\n\n /// //////////\n /** @internal */\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\n try {\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n if (oauthEndpoint !== undefined) {\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\n }\n } catch { }\n return undefined;\n }\n\n // Mapping between a map-layer URL and its corresponding Oauth endpoint\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\n // => https://hostname/portal/sharing/oauth2/authorize\n\n private _endPointsCache = new Map<MapLayerUrl, EndPointsCacheEntry>();\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private cacheEndpoint(url: MapLayerUrl, endpointType: ArcGisOAuth2EndpointType, endPoint: ArcGisOAuth2Endpoint) {\n const entry = endpointType === ArcGisOAuth2EndpointType.Authorize ? {authorizeEndpoint: endPoint} : {tokenEndpoint: endPoint};\n this._endPointsCache.set(url, entry);\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async createEndpoint(mapLayerUrl: MapLayerUrl, oauthEndpointUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Validate the URL we just composed\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauthEndpointUrl, this.constructLoginUrl(oauthEndpointUrl, false), false);\n this.cacheEndpoint(mapLayerUrl, endpointType, oauthEndpoint);\n return oauthEndpoint;\n }\n\n /**\n * Returns whether the ArcGis host is valid\n * @internal\n */\n private isArcGisHostValid(url: URL): boolean {\n const allowedHosts = [\n \"arcgis.com\",\n ];\n\n return allowedHosts.some((host: string) => url.hostname.toLowerCase().endsWith(host));\n }\n\n private async validateEndpointUrl(url: string) {\n let valid: boolean|undefined;\n try {\n valid = await ArcGisAccessClient.validateOAuth2Endpoint(url.toString());\n } catch {\n // If we reach here, this means we could not validate properly the endpoint;\n // we cannot conclude the endpoint is invalid though; it might happen endpoint doesn't support CORS requests,\n // but still valid for Oauth process.\n }\n return valid;\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async getOAuth2Endpoint(mapLayerUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Return from cache if available\n const cachedEndpoint = this._endPointsCache.get(mapLayerUrl);\n if (cachedEndpoint !== undefined) {\n return (endpointType === ArcGisOAuth2EndpointType.Authorize ? cachedEndpoint.authorizeEndpoint : cachedEndpoint.authorizeEndpoint);\n }\n\n const endpointStr = (endpointType === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\n\n const urlObj = new URL(mapLayerUrl);\n\n if (this.isArcGisHostValid(urlObj)) {\n // ArcGIS Online (fixed)\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\n\n if (this.arcGisOnlineClientId === undefined) {\n return undefined;\n }\n\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\n return new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, true), true);\n } else {\n\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\n try {\n const restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\n\n if (restUrlFromTokenService === undefined) {\n // We could not derive the token endpoint from 'tokenServicesUrl'.\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\n const regExMatch = mapLayerUrl.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\n if (regExMatch !== null && regExMatch.length >= 2) {\n const subdirectory = regExMatch[1];\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\n\n // Check again the URL we just composed\n const isValidUrl = await this.validateEndpointUrl(newUrlObj.toString());\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, newUrlObj.toString(), endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } else {\n const oauthEndpointUrl = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\n const isValidUrl = await this.validateEndpointUrl(oauthEndpointUrl);\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, oauthEndpointUrl, endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } catch {\n }\n }\n\n // If we reach here, we were not successful creating an endpoint\n this._endPointsCache.set(mapLayerUrl, {}); // Cache an empty entry, and avoid making repeated failing requests.\n\n return undefined; // we could not find any valid oauth2 endpoint\n }\n\n /**\n * Construct the complete Authorize url to starts the Oauth process\n * @internal\n */\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\n const urlObj = new URL(url);\n\n // Set the client id\n if (isArcgisOnline) {\n const clientId = this.arcGisOnlineClientId;\n assert(clientId !== undefined);\n if (clientId !== undefined) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n\n } else {\n const clientId = this.getMatchingEnterpriseClientId(url);\n assert(clientId !== undefined);\n if (undefined !== clientId) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n }\n\n urlObj.searchParams.set(\"response_type\", \"token\");\n if (this.expiration !== undefined) {\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\n }\n\n if (this.redirectUri)\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\n\n return urlObj.toString();\n }\n\n}\n"]}
1
+ {"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":";AAAA;;;+FAG+F;AAC/F;;GAEG;;;AAEH,sDAAsD;AAEtD,uEAA2F;AAC3F,uEAAqF;AACrF,mEAA6D;AAC7D,iDAA2C;AA8C3C,YAAY;AACZ,MAAa,kBAAkB;IACb,iBAAiB,GAAG,IAAI,sBAAO,EAAE,CAAC;IAC1C,YAAY,CAAqB;IACjC,WAAW,CAAqB;IAChC,UAAU,CAAmC;IAErD,sDAAsD;IAC9C,iBAAiB,GAAG,KAAK,CAAC;IAElC;IACA,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,UAAkB,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;YACzE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;oBAC/H,IAAI,cAAc,CAAC;oBACnB,IAAI,CAAC;wBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,EAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,EAAE,cAAc,CAAC;oBAEzC,CAAC;oBAAC,MAAM,CAAC;oBACT,CAAC;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;wBACjC,0CAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;oBACtB,CAAC;gBAEH,CAAC;YACH,CAAC;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,UAAkB,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACvD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAE/F,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;QACvB,CAAC;QAED,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACvC,OAAO,0CAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,+CAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;QACjJ,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,gBAAgB;IACT,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAC5D,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IAC1G,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,kDAAwB,CAAC,SAAS,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,0CAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,0CAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,QAA4B,CAAC;QACjC,IAAI,eAAmC,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;YAC9B,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE,CAAC;gBAChC,eAAe,GAAG,KAAK,CAAC,QAAQ,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;oBACvD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YAC5D,QAAQ,GAAG,eAAe,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;QAC7B,OAAO,IAAI,CAAC,UAAU,EAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;QACvD,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;QAClC,OAAO,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;QAEnE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;gBACpB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACpE,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzE,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;gBAClC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;QAEhE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;QAChJ,CAAC;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,kDAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,0CAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,uEAAuE;IACvE,8EAA8E;IAC9E,4DAA4D;IAEpD,eAAe,GAAG,IAAI,GAAG,EAAoC,CAAC;IAEtE;;;KAGC;IACO,aAAa,CAAC,GAAgB,EAAE,YAAsC,EAAE,QAA8B;QAC5G,MAAM,KAAK,GAAG,YAAY,KAAK,kDAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,EAAC,iBAAiB,EAAE,QAAQ,EAAC,CAAC,CAAC,CAAC,EAAC,aAAa,EAAE,QAAQ,EAAC,CAAC;QAC9H,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACvC,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,cAAc,CAAC,WAAwB,EAAE,gBAAwB,EAAE,YAAsC;QACrH,oCAAoC;QACpC,MAAM,aAAa,GAAG,IAAI,8CAAoB,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;QACzH,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC;QAC7D,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;;MAGE;IACM,iBAAiB,CAAC,GAAQ;QAChC,MAAM,YAAY,GAAG;YACnB,YAAY;SACb,CAAC;QAEF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACxF,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,GAAW;QAC3C,IAAI,KAAwB,CAAC;QAC7B,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,kBAAkB,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1E,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;YAC5E,6GAA6G;YAC7G,qCAAqC;QACvC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,WAAmB,EAAE,YAAsC;QACzF,iCAAiC;QACjC,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;YACjC,OAAO,CAAC,YAAY,KAAK,kDAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrI,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,YAAY,KAAK,kDAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAElG,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QAEpC,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBAC5C,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,8CAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAC5F,CAAC;aAAM,CAAC;YAEN,wGAAwG;YACxG,IAAI,CAAC;gBACH,MAAM,uBAAuB,GAAG,MAAM,wBAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;gBAEvF,IAAI,uBAAuB,KAAK,SAAS,EAAE,CAAC;oBAC1C,kEAAkE;oBAClE,8FAA8F;oBAC9F,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;oBACvF,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;wBAClD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;wBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;wBAE9H,uCAAuC;wBACvC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;wBACxE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;4BAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,YAAY,CAAC,CAAC;4BAC5F,IAAI,QAAQ;gCACV,OAAO,QAAQ,CAAC;wBACpB,CAAC;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,gBAAgB,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBACtF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;oBACpE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;wBAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAC;wBACxF,IAAI,QAAQ;4BACV,OAAO,QAAQ,CAAC;oBACpB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;YACT,CAAC;QACH,CAAC;QAED,gEAAgE;QAChE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAE,oEAAoE;QAEhH,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QAEH,CAAC;aAAM,CAAC;YACN,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,IAAA,qBAAM,EAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF;AArVD,gDAqVC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\r\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\r\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint.js\";\r\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator.js\";\r\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager.js\";\r\nimport { ArcGisUrl } from \"./ArcGisUrl.js\";\r\n\r\n/** @beta */\r\nexport interface ArcGisEnterpriseClientId {\r\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\r\n used to identify uniquely each enterprise server. */\r\n serviceBaseUrl: string;\r\n\r\n /* Application's clientId for this enterprise server.*/\r\n clientId: string;\r\n}\r\n\r\n/** @beta */\r\nexport interface ArcGisOAuthClientIds {\r\n /* Application's OAuth clientId in ArcGIS online */\r\n arcgisOnlineClientId?: string;\r\n\r\n /* Application's OAuth clientId for each enterprise server used. */\r\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\r\n}\r\n\r\n/** @beta\r\n * ArcGIS OAuth configurations parameters.\r\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\r\n * more details.\r\n*/\r\nexport interface ArcGisOAuthConfig {\r\n /* URL to which a user is sent once they complete sign in authorization.\r\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\r\n */\r\n redirectUri: string;\r\n\r\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\r\n tokenExpiration?: number;\r\n\r\n /* Application client Ids */\r\n clientIds: ArcGisOAuthClientIds;\r\n}\r\n\r\ninterface EndPointsCacheEntry {\r\n authorizeEndpoint?: ArcGisOAuth2Endpoint;\r\n tokenEndpoint?: ArcGisOAuth2Endpoint;\r\n}\r\n\r\ntype MapLayerUrl = string;\r\n\r\n/** @beta */\r\nexport class ArcGisAccessClient implements MapLayerAccessClient {\r\n public readonly onOAuthProcessEnd = new BeEvent();\r\n private _redirectUri: string | undefined;\r\n private _expiration: number | undefined;\r\n private _clientIds: ArcGisOAuthClientIds | undefined;\r\n\r\n // Should be kept to 'false'. Debugging purposes only.\r\n private _forceLegacyToken = false;\r\n\r\n public constructor() {\r\n }\r\n\r\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\r\n if (oAuthConfig) {\r\n this._redirectUri = oAuthConfig.redirectUri;\r\n this._expiration = oAuthConfig.tokenExpiration;\r\n this._clientIds = oAuthConfig.clientIds;\r\n\r\n this.initOauthCallbackFunction();\r\n }\r\n return true;\r\n }\r\n\r\n private initOauthCallbackFunction() {\r\n (globalThis as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\r\n let eventSuccess = false;\r\n let stateData;\r\n\r\n if (redirectLocation && redirectLocation.hash.length > 0) {\r\n const locationHash = redirectLocation.hash;\r\n const hashParams = new URLSearchParams(locationHash.substring(1));\r\n const token = hashParams.get(\"access_token\") ?? undefined;\r\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\r\n const userName = hashParams.get(\"username\") ?? undefined;\r\n const ssl = hashParams.get(\"ssl\") === \"true\";\r\n const stateStr = hashParams.get(\"state\") ?? undefined;\r\n const persist = hashParams.get(\"persist\") === \"true\";\r\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\r\n let endpointOrigin;\r\n try {\r\n const state = JSON.parse(stateStr);\r\n stateData = state?.customData;\r\n endpointOrigin = state?.endpointOrigin;\r\n\r\n } catch {\r\n }\r\n const expiresIn = Number(expiresInStr);\r\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\r\n if (endpointOrigin !== undefined) {\r\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\r\n eventSuccess = true;\r\n }\r\n\r\n }\r\n }\r\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\r\n };\r\n }\r\n\r\n public unInitialize() {\r\n this._redirectUri = undefined;\r\n this._expiration = undefined;\r\n (globalThis as any).arcGisOAuth2Callback = undefined;\r\n }\r\n\r\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\r\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\r\n\r\n if (!this._forceLegacyToken) {\r\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\r\n if (oauth2Token)\r\n return oauth2Token;\r\n }\r\n\r\n if (params.userName && params.password) {\r\n return ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\r\n }\r\n\r\n return undefined;\r\n }\r\n\r\n /** @internal */\r\n public static async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean> {\r\n const data = await fetch(endpointUrl, { method: \"GET\" });\r\n return data.status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\r\n }\r\n\r\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\r\n if (!this._forceLegacyToken) {\r\n return this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n }\r\n\r\n return undefined;\r\n }\r\n\r\n public invalidateToken(token: MapLayerAccessToken): boolean {\r\n let found = ArcGisTokenManager.invalidateToken(token);\r\n if (!found) {\r\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\r\n }\r\n return found;\r\n }\r\n\r\n public get redirectUri() {\r\n return this._redirectUri;\r\n }\r\n\r\n public getMatchingEnterpriseClientId(url: string) {\r\n const clientIds = this.arcGisEnterpriseClientIds;\r\n if (!clientIds) {\r\n return undefined;\r\n }\r\n\r\n let clientId: string | undefined;\r\n let defaultClientId: string | undefined;\r\n for (const entry of clientIds) {\r\n if (entry.serviceBaseUrl === \"\") {\r\n defaultClientId = entry.clientId;\r\n } else {\r\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\r\n clientId = entry.clientId;\r\n }\r\n }\r\n }\r\n\r\n // If we could not find a match with serviceBaseUrl, and a default clientId\r\n // was specified (i.e empty url), then use default clientId\r\n if (clientId === undefined && defaultClientId !== undefined) {\r\n clientId = defaultClientId;\r\n }\r\n return clientId;\r\n }\r\n\r\n public get expiration() {\r\n return this._expiration;\r\n }\r\n\r\n public get arcGisOnlineClientId() {\r\n return this._clientIds?.arcgisOnlineClientId;\r\n }\r\n\r\n public set arcGisOnlineClientId(clientId: string | undefined) {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = { arcgisOnlineClientId: clientId };\r\n }\r\n this._clientIds.arcgisOnlineClientId = clientId;\r\n }\r\n\r\n public get arcGisEnterpriseClientIds() {\r\n return this._clientIds?.enterpriseClientIds;\r\n }\r\n\r\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\r\n if (foundIdx !== -1) {\r\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\r\n } else {\r\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\r\n }\r\n } else {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = {};\r\n }\r\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\r\n }\r\n }\r\n\r\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\r\n }\r\n\r\n }\r\n\r\n /// //////////\r\n /** @internal */\r\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\r\n try {\r\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n if (oauthEndpoint !== undefined) {\r\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\r\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\r\n }\r\n } catch { }\r\n return undefined;\r\n }\r\n\r\n // Mapping between a map-layer URL and its corresponding Oauth endpoint\r\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\r\n // => https://hostname/portal/sharing/oauth2/authorize\r\n\r\n private _endPointsCache = new Map<MapLayerUrl, EndPointsCacheEntry>();\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private cacheEndpoint(url: MapLayerUrl, endpointType: ArcGisOAuth2EndpointType, endPoint: ArcGisOAuth2Endpoint) {\r\n const entry = endpointType === ArcGisOAuth2EndpointType.Authorize ? {authorizeEndpoint: endPoint} : {tokenEndpoint: endPoint};\r\n this._endPointsCache.set(url, entry);\r\n }\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private async createEndpoint(mapLayerUrl: MapLayerUrl, oauthEndpointUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\r\n // Validate the URL we just composed\r\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauthEndpointUrl, this.constructLoginUrl(oauthEndpointUrl, false), false);\r\n this.cacheEndpoint(mapLayerUrl, endpointType, oauthEndpoint);\r\n return oauthEndpoint;\r\n }\r\n\r\n /**\r\n * Returns whether the ArcGis host is valid\r\n * @internal\r\n */\r\n private isArcGisHostValid(url: URL): boolean {\r\n const allowedHosts = [\r\n \"arcgis.com\",\r\n ];\r\n\r\n return allowedHosts.some((host: string) => url.hostname.toLowerCase().endsWith(host));\r\n }\r\n\r\n private async validateEndpointUrl(url: string) {\r\n let valid: boolean|undefined;\r\n try {\r\n valid = await ArcGisAccessClient.validateOAuth2Endpoint(url.toString());\r\n } catch {\r\n // If we reach here, this means we could not validate properly the endpoint;\r\n // we cannot conclude the endpoint is invalid though; it might happen endpoint doesn't support CORS requests,\r\n // but still valid for Oauth process.\r\n }\r\n return valid;\r\n }\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private async getOAuth2Endpoint(mapLayerUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\r\n // Return from cache if available\r\n const cachedEndpoint = this._endPointsCache.get(mapLayerUrl);\r\n if (cachedEndpoint !== undefined) {\r\n return (endpointType === ArcGisOAuth2EndpointType.Authorize ? cachedEndpoint.authorizeEndpoint : cachedEndpoint.authorizeEndpoint);\r\n }\r\n\r\n const endpointStr = (endpointType === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\r\n\r\n const urlObj = new URL(mapLayerUrl);\r\n\r\n if (this.isArcGisHostValid(urlObj)) {\r\n // ArcGIS Online (fixed)\r\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\r\n\r\n if (this.arcGisOnlineClientId === undefined) {\r\n return undefined;\r\n }\r\n\r\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\r\n return new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, true), true);\r\n } else {\r\n\r\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\r\n try {\r\n const restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\r\n\r\n if (restUrlFromTokenService === undefined) {\r\n // We could not derive the token endpoint from 'tokenServicesUrl'.\r\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\r\n const regExMatch = mapLayerUrl.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\r\n if (regExMatch !== null && regExMatch.length >= 2) {\r\n const subdirectory = regExMatch[1];\r\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\r\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\r\n\r\n // Check again the URL we just composed\r\n const isValidUrl = await this.validateEndpointUrl(newUrlObj.toString());\r\n if (isValidUrl === undefined || isValidUrl ) {\r\n const endpoint = await this.createEndpoint(mapLayerUrl, newUrlObj.toString(), endpointType);\r\n if (endpoint)\r\n return endpoint;\r\n }\r\n }\r\n } else {\r\n const oauthEndpointUrl = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\r\n const isValidUrl = await this.validateEndpointUrl(oauthEndpointUrl);\r\n if (isValidUrl === undefined || isValidUrl ) {\r\n const endpoint = await this.createEndpoint(mapLayerUrl, oauthEndpointUrl, endpointType);\r\n if (endpoint)\r\n return endpoint;\r\n }\r\n }\r\n } catch {\r\n }\r\n }\r\n\r\n // If we reach here, we were not successful creating an endpoint\r\n this._endPointsCache.set(mapLayerUrl, {}); // Cache an empty entry, and avoid making repeated failing requests.\r\n\r\n return undefined; // we could not find any valid oauth2 endpoint\r\n }\r\n\r\n /**\r\n * Construct the complete Authorize url to starts the Oauth process\r\n * @internal\r\n */\r\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\r\n const urlObj = new URL(url);\r\n\r\n // Set the client id\r\n if (isArcgisOnline) {\r\n const clientId = this.arcGisOnlineClientId;\r\n assert(clientId !== undefined);\r\n if (clientId !== undefined) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n\r\n } else {\r\n const clientId = this.getMatchingEnterpriseClientId(url);\r\n assert(clientId !== undefined);\r\n if (undefined !== clientId) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n }\r\n\r\n urlObj.searchParams.set(\"response_type\", \"token\");\r\n if (this.expiration !== undefined) {\r\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\r\n }\r\n\r\n if (this.redirectUri)\r\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\r\n\r\n return urlObj.toString();\r\n }\r\n\r\n}\r\n"]}
package/lib/cjs/ArcGis/ArcGisOAuth2Endpoint.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisOAuth2Endpoint.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisOAuth2Endpoint.ts"],"names":[],"mappings":";;;AAMA,gBAAgB;AAChB,IAAY,wBAA0C;AAAtD,WAAY,wBAAwB;IAAE,iFAAS,CAAA;IAAC,yEAAK,CAAA;AAAA,CAAC,EAA1C,wBAAwB,wCAAxB,wBAAwB,QAAkB;AAEtD,gBAAgB;AAChB,MAAa,oBAAoB;IACvB,IAAI,CAAS;IACb,SAAS,CAAS;IAClB,eAAe,CAAU;IAEjC,YAAY,GAAW,EAAE,QAAgB,EAAE,cAAuB;QAChE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,cAAc,CAAC;IACxC,CAAC;IAED,kCAAkC;IAC3B,MAAM;QACX,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED;;;;;OAKG;IACI,WAAW,CAAC,SAAe;QAChC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAEvC,MAAM,IAAI,GAAG;YACX,cAAc,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,EAAK,uCAAuC;YACrF,UAAU,EAAE,SAAS,EAAyB,gBAAgB;SAC/D,CAAC;QAEF,IAAI,QAAQ,CAAC;QACb,IAAI,CAAC;YACH,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAClC,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QACD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC7C,CAAC;QAED,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;IAED,IAAW,cAAc,KAAI,OAAO,IAAI,CAAC,eAAe,CAAC,CAAA,CAAC;CAE3D;AA7CD,oDA6CC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\nimport { MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\n\n/** @internal */\nexport enum ArcGisOAuth2EndpointType {Authorize,Token}\n\n/** @internal */\nexport class ArcGisOAuth2Endpoint implements MapLayerTokenEndpoint {\n private _url: string;\n private _loginUrl: string;\n private _isArcgisOnline: boolean;\n\n constructor(url: string, loginUrl: string, isArcgisOnline: boolean) {\n this._url = url;\n this._loginUrl = loginUrl;\n this._isArcgisOnline = isArcgisOnline;\n }\n\n // Returns the actual endpoint url\n public getUrl() {\n return this._url;\n }\n\n /**\n * Returns the URL used to login and generate the Oauth token.\n * @param stateData Custom JSON data that will sent back by once the Oauth process completes\n * @returns Promise resolves after the defaults are setup.\n * @internal\n */\n public getLoginUrl(stateData?: any) {\n const urlObj = new URL(this._loginUrl);\n\n const data = {\n endpointOrigin: new URL(this._url).origin, // arcGisOAuth2Callback depends on this\n customData: stateData, // caller's data\n };\n\n let stateStr;\n try {\n stateStr = JSON.stringify(data);\n } catch {\n\n }\n if (stateStr !== undefined) {\n urlObj.searchParams.set(\"state\", stateStr);\n }\n\n return urlObj.toString();\n }\n\n public get isArcgisOnline() {return this._isArcgisOnline;}\n\n}\n"]}
1
+ {"version":3,"file":"ArcGisOAuth2Endpoint.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisOAuth2Endpoint.ts"],"names":[],"mappings":";;;AAMA,gBAAgB;AAChB,IAAY,wBAA0C;AAAtD,WAAY,wBAAwB;IAAE,iFAAS,CAAA;IAAC,yEAAK,CAAA;AAAA,CAAC,EAA1C,wBAAwB,wCAAxB,wBAAwB,QAAkB;AAEtD,gBAAgB;AAChB,MAAa,oBAAoB;IACvB,IAAI,CAAS;IACb,SAAS,CAAS;IAClB,eAAe,CAAU;IAEjC,YAAY,GAAW,EAAE,QAAgB,EAAE,cAAuB;QAChE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,cAAc,CAAC;IACxC,CAAC;IAED,kCAAkC;IAC3B,MAAM;QACX,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED;;;;;OAKG;IACI,WAAW,CAAC,SAAe;QAChC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAEvC,MAAM,IAAI,GAAG;YACX,cAAc,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,EAAK,uCAAuC;YACrF,UAAU,EAAE,SAAS,EAAyB,gBAAgB;SAC/D,CAAC;QAEF,IAAI,QAAQ,CAAC;QACb,IAAI,CAAC;YACH,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAClC,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QACD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC7C,CAAC;QAED,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;IAED,IAAW,cAAc,KAAI,OAAO,IAAI,CAAC,eAAe,CAAC,CAAA,CAAC;CAE3D;AA7CD,oDA6CC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\nimport { MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\r\n\r\n/** @internal */\r\nexport enum ArcGisOAuth2EndpointType {Authorize,Token}\r\n\r\n/** @internal */\r\nexport class ArcGisOAuth2Endpoint implements MapLayerTokenEndpoint {\r\n private _url: string;\r\n private _loginUrl: string;\r\n private _isArcgisOnline: boolean;\r\n\r\n constructor(url: string, loginUrl: string, isArcgisOnline: boolean) {\r\n this._url = url;\r\n this._loginUrl = loginUrl;\r\n this._isArcgisOnline = isArcgisOnline;\r\n }\r\n\r\n // Returns the actual endpoint url\r\n public getUrl() {\r\n return this._url;\r\n }\r\n\r\n /**\r\n * Returns the URL used to login and generate the Oauth token.\r\n * @param stateData Custom JSON data that will sent back by once the Oauth process completes\r\n * @returns Promise resolves after the defaults are setup.\r\n * @internal\r\n */\r\n public getLoginUrl(stateData?: any) {\r\n const urlObj = new URL(this._loginUrl);\r\n\r\n const data = {\r\n endpointOrigin: new URL(this._url).origin, // arcGisOAuth2Callback depends on this\r\n customData: stateData, // caller's data\r\n };\r\n\r\n let stateStr;\r\n try {\r\n stateStr = JSON.stringify(data);\r\n } catch {\r\n\r\n }\r\n if (stateStr !== undefined) {\r\n urlObj.searchParams.set(\"state\", stateStr);\r\n }\r\n\r\n return urlObj.toString();\r\n }\r\n\r\n public get isArcgisOnline() {return this._isArcgisOnline;}\r\n\r\n}\r\n"]}
package/lib/cjs/ArcGis/ArcGisTokenGenerator.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisTokenGenerator.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenGenerator.ts"],"names":[],"mappings":";;;AAmCA,4GAA4G;AAC5G,gBAAgB;AAChB,IAAY,qBAIX;AAJD,WAAY,qBAAqB;IAC/B,6DAAE,CAAA;IACF,uEAAO,CAAA;IACP,2EAAS,CAAA;AACX,CAAC,EAJW,qBAAqB,qCAArB,qBAAqB,QAIhC;AA8BD,gBAAgB;AAChB,MAAa,oBAAoB;IACvB,MAAM,CAAU,WAAW,GAAG,QAAQ,CAAC;IACvC,MAAM,CAAU,eAAe,GAAG,cAAc,CAAC;IAEzD,wEAAwE;IAChE,MAAM,CAAC,qBAAqB,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE1D,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,oBAA4B;QACnE,MAAM,QAAQ,GAAG,oBAAoB,CAAC,WAAW,EAAE,CAAC;QACpD,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC;QACtE,IAAI,UAAU,KAAK,CAAC,CAAC;YACnB,OAAO,SAAS,CAAC;QACnB,MAAM,OAAO,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC,EAAE,UAAU,GAAG,oBAAoB,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,oBAAoB,CAAC,eAAe,CAAC;QAE/I,IAAI,gBAAoC,CAAC;QACzC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACzD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,gBAAgB,GAAG,oBAAoB,CAAC,2BAA2B,CAAC,IAAI,CAAC,CAAC;QAC5E,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAEM,MAAM,CAAC,2BAA2B,CAAC,IAAS;QACjD,OAAO,IAAI,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;IAC5F,CAAC;IAEM,KAAK,CAAC,kBAAkB,CAAC,OAAe;QAC7C,MAAM,MAAM,GAAG,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACvE,IAAI,MAAM,KAAK,SAAS;YACtB,OAAO,MAAM,CAAC;QAEhB,MAAM,eAAe,GAAG,MAAM,oBAAoB,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;QACjF,IAAI,eAAe,KAAK,SAAS;YAC/B,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAE3E,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,6FAA6F;IACtF,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QACzH,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,oBAAoB,CAAC,CAAC;QAC5E,IAAI,CAAC,eAAe;YAClB,OAAO,SAAS,CAAC;QAEnB,IAAI,KAAgB,CAAC;QACrB,IAAI,CAAC;YACH,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YACrD,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YAErD,+BAA+B;YAC/B,IAAI,aAAa,GAAG,EAAE,CAAC;YACvB,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;gBACvB,aAAa,GAAG,eAAe,OAAO,CAAC,UAAU,EAAE,CAAC;YACtD,CAAC;YAED,2BAA2B;YAC3B,IAAI,SAAS,GAAG,EAAE,CAAC;YACnB,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,OAAO,EAAE,CAAC;gBACrD,IAAI,UAAU,GAAG,EAAE,CAAC;gBACpB,IAAI,OAAO,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;oBAClC,UAAU,GAAG,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAK,gCAAgC;gBACxF,CAAC;qBAAM,CAAC;oBACN,UAAU,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;gBACnD,CAAC;gBAED,SAAS,GAAG,2BAA2B,UAAU,EAAE,CAAC;YACtD,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,EAAE,EAAE,CAAC;gBACvD,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS;oBAC1B,OAAO,KAAK,CAAC;gBACf,SAAS,GAAG,iBAAiB,OAAO,CAAC,EAAE,EAAE,CAAC;YAC5C,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,SAAS,EAAE,CAAC;gBAC9D,SAAS,GAAG,uBAAuB,CAAC;YACtC,CAAC;YAED,MAAM,kBAAkB,GAAgB;gBACtC,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,YAAY,eAAe,aAAa,eAAe,GAAG,SAAS,GAAG,aAAa,UAAU;gBACnG,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;aACjE,CAAC;YAEF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC;YAElE,0EAA0E;YAC1E,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEhC,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gIAAgI;IAChI,2HAA2H;IACpH,MAAM,CAAC,UAAU,CAAC,GAAW;QAClC,OAAO,oBAAoB,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACtE,CAAC;IAED,2EAA2E;IAC3E,qDAAqD;IAC9C,MAAM,CAAC,aAAa,CAAC,GAAW;QACrC,OAAO,kBAAkB,CAAC,GAAG,CAAC;aAC3B,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;IAC3B,CAAC;;AAzGH,oDA0GC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\n\n/** @packageDocumentation\n * @module Tiles\n */\n\n/** @internal */\nexport interface ArcGisOAuth2Token extends MapLayerAccessToken {\n\n // The expiration time of the token in milliseconds (UNIX time)\n expiresAt: number;\n\n // This property will show as true if the token must always pass over ssl.\n ssl: boolean;\n\n // Username associated with this token\n userName: string;\n\n // A Binary value that, if true, implies that the user had checked \"Keep me signed in\"\n persist?: boolean;\n}\n\n/** @internal */\nexport interface ArcGisToken extends MapLayerAccessToken {\n // The expiration time of the token in milliseconds since January 1, 1970 (UTC).\n expires: number;\n\n // This property will show as true if the token must always pass over ssl.\n ssl: boolean;\n}\n\n// client application's base URL, a user-specified IP address, or the IP address that is making the request.\n/** @internal */\nexport enum ArcGisTokenClientType {\n ip,\n referer,\n requestIp,\n}\n\n/** @internal */\nexport interface ArcGisGenerateTokenOptions {\n\n // The client type that will be granted access to the token.\n // Users will be able to specify whether the token will be generated for a client application's base URL,\n // a user-specified IP address, or the IP address that is making the request.\n client: ArcGisTokenClientType;\n\n // The IP address that will be using the created token for access.\n // On the Generate Token page, the IP address is specified in the IP Address field. This is required when client has been set as ip.\n // Example ip=11.11.111.111\n ip?: string;\n\n // The base URL of the client application that will use the token.\n // On the Generate Token page, the referrer URL is specified in the Webapp URL field.\n // Defaults to location.origin if undefined and client = referer.\n // This is required when client has been set as referer.\n // Example : referer=https://myserver/mywebapp\n referer?: string;\n\n // The token expiration time in minutes. The default is 60 minutes (one hour).\n // The maximum expiration period is 15 days. The maximum value of the expiration time is controlled by the server.\n // Requests for tokens larger than this time will be rejected.\n // Applications are responsible for renewing expired tokens;\n // expired tokens will be rejected by the server on subsequent requests that use the token.\n expiration?: number; // in minutes, defaults to 60 minutes\n}\n\n/** @internal */\nexport class ArcGisTokenGenerator {\n private static readonly restApiPath = \"/rest/\";\n private static readonly restApiInfoPath = \"info?f=pjson\";\n\n // Cache info url to avoid fetching/parsing twice for the same base url.\n private static _tokenServiceUrlCache = new Map<string, string>();\n\n public static async fetchTokenServiceUrl(arcGisRestServiceUrl: string): Promise<string | undefined> {\n const lowerUrl = arcGisRestServiceUrl.toLowerCase();\n const restApiIdx = lowerUrl.indexOf(ArcGisTokenGenerator.restApiPath);\n if (restApiIdx === -1)\n return undefined;\n const infoUrl = arcGisRestServiceUrl.substring(0, restApiIdx + ArcGisTokenGenerator.restApiPath.length) + ArcGisTokenGenerator.restApiInfoPath;\n\n let tokenServicesUrl: string | undefined;\n try {\n const response = await fetch(infoUrl, { method: \"GET\" });\n const json = await response.json();\n tokenServicesUrl = ArcGisTokenGenerator.getTokenServiceFromInfoJson(json);\n } catch { }\n return tokenServicesUrl;\n }\n\n public static getTokenServiceFromInfoJson(json: any): string | undefined {\n return json.authInfo?.isTokenBasedSecurity ? json?.authInfo?.tokenServicesUrl : undefined;\n }\n\n public async getTokenServiceUrl(baseUrl: string): Promise<string | undefined> {\n const cached = ArcGisTokenGenerator._tokenServiceUrlCache.get(baseUrl);\n if (cached !== undefined)\n return cached;\n\n const tokenServiceUrl = await ArcGisTokenGenerator.fetchTokenServiceUrl(baseUrl);\n if (tokenServiceUrl !== undefined)\n ArcGisTokenGenerator._tokenServiceUrlCache.set(baseUrl, tokenServiceUrl);\n\n return tokenServiceUrl;\n }\n\n // base url: ArcGis REST service base URL (format must be \"https://<host>/<instance>/rest/\")\n public async generate(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<any> {\n const tokenServiceUrl = await this.getTokenServiceUrl(arcGisRestServiceUrl);\n if (!tokenServiceUrl)\n return undefined;\n\n let token: undefined;\n try {\n const encodedUsername = encodeURIComponent(userName);\n const encodedPassword = encodeURIComponent(password);\n\n // Compose the expiration param\n let expirationStr = \"\";\n if (options.expiration) {\n expirationStr = `&expiration=${options.expiration}`;\n }\n\n // Compose the client param\n let clientStr = \"\";\n if (options.client === ArcGisTokenClientType.referer) {\n let refererStr = \"\";\n if (options.referer === undefined) {\n refererStr = encodeURIComponent(location.origin); // default to application origin\n } else {\n refererStr = encodeURIComponent(options.referer);\n }\n\n clientStr = `&client=referer&referer=${refererStr}`;\n } else if (options.client === ArcGisTokenClientType.ip) {\n if (options.ip === undefined)\n return token;\n clientStr = `&client=ip&ip=${options.ip}`;\n } else if (options.client === ArcGisTokenClientType.requestIp) {\n clientStr = `&client=requestip&ip=`;\n }\n\n const httpRequestOptions: RequestInit = {\n method: \"POST\",\n body: `username=${encodedUsername}&password=${encodedPassword}${clientStr}${expirationStr}&f=pjson`,\n headers: { \"content-type\": \"application/x-www-form-urlencoded\" },\n };\n\n const response = await fetch(tokenServiceUrl, httpRequestOptions);\n\n // Check a token was really generated (an error could be part of the body)\n token = await response.json();\n\n } catch { }\n return token;\n }\n\n // Encode following 'application/x-www-form-urlencoded' standard (https://www.w3.org/TR/html401/interact/forms.html#h-17.13.3.3)\n // Also mentioned here: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent\n public static formEncode(str: string): string {\n return ArcGisTokenGenerator.rfc1738Encode(str).replace(/%20/g, \"+\");\n }\n\n // Encode following RFC1738 standard (https://www.ietf.org/rfc/rfc1738.txt)\n // Code from https://locutus.io/php/url/rawurlencode/\n public static rfc1738Encode(str: string): string {\n return encodeURIComponent(str)\n .replace(/!/g, \"%21\")\n .replace(/'/g, \"%27\")\n .replace(/\\(/g, \"%28\")\n .replace(/\\)/g, \"%29\")\n .replace(/\\*/g, \"%2A\");\n }\n}\n"]}
1
+ {"version":3,"file":"ArcGisTokenGenerator.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenGenerator.ts"],"names":[],"mappings":";;;AAmCA,4GAA4G;AAC5G,gBAAgB;AAChB,IAAY,qBAIX;AAJD,WAAY,qBAAqB;IAC/B,6DAAE,CAAA;IACF,uEAAO,CAAA;IACP,2EAAS,CAAA;AACX,CAAC,EAJW,qBAAqB,qCAArB,qBAAqB,QAIhC;AA8BD,gBAAgB;AAChB,MAAa,oBAAoB;IACvB,MAAM,CAAU,WAAW,GAAG,QAAQ,CAAC;IACvC,MAAM,CAAU,eAAe,GAAG,cAAc,CAAC;IAEzD,wEAAwE;IAChE,MAAM,CAAC,qBAAqB,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE1D,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,oBAA4B;QACnE,MAAM,QAAQ,GAAG,oBAAoB,CAAC,WAAW,EAAE,CAAC;QACpD,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC;QACtE,IAAI,UAAU,KAAK,CAAC,CAAC;YACnB,OAAO,SAAS,CAAC;QACnB,MAAM,OAAO,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC,EAAE,UAAU,GAAG,oBAAoB,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,oBAAoB,CAAC,eAAe,CAAC;QAE/I,IAAI,gBAAoC,CAAC;QACzC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACzD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,gBAAgB,GAAG,oBAAoB,CAAC,2BAA2B,CAAC,IAAI,CAAC,CAAC;QAC5E,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAEM,MAAM,CAAC,2BAA2B,CAAC,IAAS;QACjD,OAAO,IAAI,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;IAC5F,CAAC;IAEM,KAAK,CAAC,kBAAkB,CAAC,OAAe;QAC7C,MAAM,MAAM,GAAG,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACvE,IAAI,MAAM,KAAK,SAAS;YACtB,OAAO,MAAM,CAAC;QAEhB,MAAM,eAAe,GAAG,MAAM,oBAAoB,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;QACjF,IAAI,eAAe,KAAK,SAAS;YAC/B,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAE3E,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,6FAA6F;IACtF,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QACzH,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,oBAAoB,CAAC,CAAC;QAC5E,IAAI,CAAC,eAAe;YAClB,OAAO,SAAS,CAAC;QAEnB,IAAI,KAAgB,CAAC;QACrB,IAAI,CAAC;YACH,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YACrD,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YAErD,+BAA+B;YAC/B,IAAI,aAAa,GAAG,EAAE,CAAC;YACvB,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;gBACvB,aAAa,GAAG,eAAe,OAAO,CAAC,UAAU,EAAE,CAAC;YACtD,CAAC;YAED,2BAA2B;YAC3B,IAAI,SAAS,GAAG,EAAE,CAAC;YACnB,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,OAAO,EAAE,CAAC;gBACrD,IAAI,UAAU,GAAG,EAAE,CAAC;gBACpB,IAAI,OAAO,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;oBAClC,UAAU,GAAG,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAK,gCAAgC;gBACxF,CAAC;qBAAM,CAAC;oBACN,UAAU,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;gBACnD,CAAC;gBAED,SAAS,GAAG,2BAA2B,UAAU,EAAE,CAAC;YACtD,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,EAAE,EAAE,CAAC;gBACvD,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS;oBAC1B,OAAO,KAAK,CAAC;gBACf,SAAS,GAAG,iBAAiB,OAAO,CAAC,EAAE,EAAE,CAAC;YAC5C,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,SAAS,EAAE,CAAC;gBAC9D,SAAS,GAAG,uBAAuB,CAAC;YACtC,CAAC;YAED,MAAM,kBAAkB,GAAgB;gBACtC,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,YAAY,eAAe,aAAa,eAAe,GAAG,SAAS,GAAG,aAAa,UAAU;gBACnG,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;aACjE,CAAC;YAEF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC;YAElE,0EAA0E;YAC1E,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEhC,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gIAAgI;IAChI,2HAA2H;IACpH,MAAM,CAAC,UAAU,CAAC,GAAW;QAClC,OAAO,oBAAoB,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACtE,CAAC;IAED,2EAA2E;IAC3E,qDAAqD;IAC9C,MAAM,CAAC,aAAa,CAAC,GAAW;QACrC,OAAO,kBAAkB,CAAC,GAAG,CAAC;aAC3B,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;IAC3B,CAAC;;AAzGH,oDA0GC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\r\n\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\n/** @internal */\r\nexport interface ArcGisOAuth2Token extends MapLayerAccessToken {\r\n\r\n // The expiration time of the token in milliseconds (UNIX time)\r\n expiresAt: number;\r\n\r\n // This property will show as true if the token must always pass over ssl.\r\n ssl: boolean;\r\n\r\n // Username associated with this token\r\n userName: string;\r\n\r\n // A Binary value that, if true, implies that the user had checked \"Keep me signed in\"\r\n persist?: boolean;\r\n}\r\n\r\n/** @internal */\r\nexport interface ArcGisToken extends MapLayerAccessToken {\r\n // The expiration time of the token in milliseconds since January 1, 1970 (UTC).\r\n expires: number;\r\n\r\n // This property will show as true if the token must always pass over ssl.\r\n ssl: boolean;\r\n}\r\n\r\n// client application's base URL, a user-specified IP address, or the IP address that is making the request.\r\n/** @internal */\r\nexport enum ArcGisTokenClientType {\r\n ip,\r\n referer,\r\n requestIp,\r\n}\r\n\r\n/** @internal */\r\nexport interface ArcGisGenerateTokenOptions {\r\n\r\n // The client type that will be granted access to the token.\r\n // Users will be able to specify whether the token will be generated for a client application's base URL,\r\n // a user-specified IP address, or the IP address that is making the request.\r\n client: ArcGisTokenClientType;\r\n\r\n // The IP address that will be using the created token for access.\r\n // On the Generate Token page, the IP address is specified in the IP Address field. This is required when client has been set as ip.\r\n // Example ip=11.11.111.111\r\n ip?: string;\r\n\r\n // The base URL of the client application that will use the token.\r\n // On the Generate Token page, the referrer URL is specified in the Webapp URL field.\r\n // Defaults to location.origin if undefined and client = referer.\r\n // This is required when client has been set as referer.\r\n // Example : referer=https://myserver/mywebapp\r\n referer?: string;\r\n\r\n // The token expiration time in minutes. The default is 60 minutes (one hour).\r\n // The maximum expiration period is 15 days. The maximum value of the expiration time is controlled by the server.\r\n // Requests for tokens larger than this time will be rejected.\r\n // Applications are responsible for renewing expired tokens;\r\n // expired tokens will be rejected by the server on subsequent requests that use the token.\r\n expiration?: number; // in minutes, defaults to 60 minutes\r\n}\r\n\r\n/** @internal */\r\nexport class ArcGisTokenGenerator {\r\n private static readonly restApiPath = \"/rest/\";\r\n private static readonly restApiInfoPath = \"info?f=pjson\";\r\n\r\n // Cache info url to avoid fetching/parsing twice for the same base url.\r\n private static _tokenServiceUrlCache = new Map<string, string>();\r\n\r\n public static async fetchTokenServiceUrl(arcGisRestServiceUrl: string): Promise<string | undefined> {\r\n const lowerUrl = arcGisRestServiceUrl.toLowerCase();\r\n const restApiIdx = lowerUrl.indexOf(ArcGisTokenGenerator.restApiPath);\r\n if (restApiIdx === -1)\r\n return undefined;\r\n const infoUrl = arcGisRestServiceUrl.substring(0, restApiIdx + ArcGisTokenGenerator.restApiPath.length) + ArcGisTokenGenerator.restApiInfoPath;\r\n\r\n let tokenServicesUrl: string | undefined;\r\n try {\r\n const response = await fetch(infoUrl, { method: \"GET\" });\r\n const json = await response.json();\r\n tokenServicesUrl = ArcGisTokenGenerator.getTokenServiceFromInfoJson(json);\r\n } catch { }\r\n return tokenServicesUrl;\r\n }\r\n\r\n public static getTokenServiceFromInfoJson(json: any): string | undefined {\r\n return json.authInfo?.isTokenBasedSecurity ? json?.authInfo?.tokenServicesUrl : undefined;\r\n }\r\n\r\n public async getTokenServiceUrl(baseUrl: string): Promise<string | undefined> {\r\n const cached = ArcGisTokenGenerator._tokenServiceUrlCache.get(baseUrl);\r\n if (cached !== undefined)\r\n return cached;\r\n\r\n const tokenServiceUrl = await ArcGisTokenGenerator.fetchTokenServiceUrl(baseUrl);\r\n if (tokenServiceUrl !== undefined)\r\n ArcGisTokenGenerator._tokenServiceUrlCache.set(baseUrl, tokenServiceUrl);\r\n\r\n return tokenServiceUrl;\r\n }\r\n\r\n // base url: ArcGis REST service base URL (format must be \"https://<host>/<instance>/rest/\")\r\n public async generate(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<any> {\r\n const tokenServiceUrl = await this.getTokenServiceUrl(arcGisRestServiceUrl);\r\n if (!tokenServiceUrl)\r\n return undefined;\r\n\r\n let token: undefined;\r\n try {\r\n const encodedUsername = encodeURIComponent(userName);\r\n const encodedPassword = encodeURIComponent(password);\r\n\r\n // Compose the expiration param\r\n let expirationStr = \"\";\r\n if (options.expiration) {\r\n expirationStr = `&expiration=${options.expiration}`;\r\n }\r\n\r\n // Compose the client param\r\n let clientStr = \"\";\r\n if (options.client === ArcGisTokenClientType.referer) {\r\n let refererStr = \"\";\r\n if (options.referer === undefined) {\r\n refererStr = encodeURIComponent(location.origin); // default to application origin\r\n } else {\r\n refererStr = encodeURIComponent(options.referer);\r\n }\r\n\r\n clientStr = `&client=referer&referer=${refererStr}`;\r\n } else if (options.client === ArcGisTokenClientType.ip) {\r\n if (options.ip === undefined)\r\n return token;\r\n clientStr = `&client=ip&ip=${options.ip}`;\r\n } else if (options.client === ArcGisTokenClientType.requestIp) {\r\n clientStr = `&client=requestip&ip=`;\r\n }\r\n\r\n const httpRequestOptions: RequestInit = {\r\n method: \"POST\",\r\n body: `username=${encodedUsername}&password=${encodedPassword}${clientStr}${expirationStr}&f=pjson`,\r\n headers: { \"content-type\": \"application/x-www-form-urlencoded\" },\r\n };\r\n\r\n const response = await fetch(tokenServiceUrl, httpRequestOptions);\r\n\r\n // Check a token was really generated (an error could be part of the body)\r\n token = await response.json();\r\n\r\n } catch { }\r\n return token;\r\n }\r\n\r\n // Encode following 'application/x-www-form-urlencoded' standard (https://www.w3.org/TR/html401/interact/forms.html#h-17.13.3.3)\r\n // Also mentioned here: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent\r\n public static formEncode(str: string): string {\r\n return ArcGisTokenGenerator.rfc1738Encode(str).replace(/%20/g, \"+\");\r\n }\r\n\r\n // Encode following RFC1738 standard (https://www.ietf.org/rfc/rfc1738.txt)\r\n // Code from https://locutus.io/php/url/rawurlencode/\r\n public static rfc1738Encode(str: string): string {\r\n return encodeURIComponent(str)\r\n .replace(/!/g, \"%21\")\r\n .replace(/'/g, \"%27\")\r\n .replace(/\\(/g, \"%28\")\r\n .replace(/\\)/g, \"%29\")\r\n .replace(/\\*/g, \"%2A\");\r\n }\r\n}\r\n"]}
package/lib/cjs/ArcGis/ArcGisTokenManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisTokenManager.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenManager.ts"],"names":[],"mappings":";AAAA;;;+FAG+F;AAC/F;;GAEG;;;AAGH,uEAA6H;AAO7H,gBAAgB;AAChB,MAAa,kBAAkB;IACrB,MAAM,CAAU,oBAAoB,GAAG,MAAM,CAAC,CAAE,4BAA4B;IAC5E,MAAM,CAAC,MAAM,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC/C,MAAM,CAAC,YAAY,CAA6C;IAChE,MAAM,CAAC,UAAU,CAAmC;IACpD,MAAM,CAAU,kBAAkB,GAAG,aAAa,CAAC;IAEpD,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QAChI,IAAI,CAAC,kBAAkB,CAAC,UAAU;YAChC,kBAAkB,CAAC,UAAU,GAAG,IAAI,8CAAoB,EAAE,CAAC;QAE7D,MAAM,aAAa,GAAG,GAAG,kBAAkB,CAAC,QAAQ,CAAC,IAAI,oBAAoB,EAAE,CAAC;QAEhF,mCAAmC;QACnC,MAAM,WAAW,GAAG,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QAEjE,2GAA2G;QAC3G,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACjH,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,yCAAyC;QACzC,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,oBAAoB,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACjH,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,KAAK,GAAG,QAAuB,CAAC;YACtC,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;YACpD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,MAAM,CAAC,eAAe,CAAC,KAA0B;QAEtD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,MAAM,EAAE,CAAC;YACrD,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK;gBAC7B,OAAO,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjD,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW;QACtC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;YACvE,kBAAkB,CAAC,sBAAsB,EAAE,CAAC;QAC9C,CAAC;QAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAE7D,gFAAgF;QAChF,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,SAAS,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACnH,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC5C,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAEM,MAAM,CAAC,qBAAqB,CAAC,KAA0B;QAE5D,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;YACpC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;gBAC3D,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK,EAAC,CAAC;oBAC/B,MAAM,OAAO,GAAG,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBAC5D,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;oBAC1C,OAAO,OAAO,CAAC;gBACjB,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW,EAAE,KAAwB;QAEhE,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;QAEzE,CAAC;QACD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAEhD,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;IAC5C,CAAC;IAEM,MAAM,CAAC,sBAAsB;QAClC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,IAAwB,EAAE,EAAE;YAC/C,IAAI,IAAI,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC1D,MAAM,MAAM,GAAiC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC9D,IAAI,MAAM,EAAE,CAAC;oBACX,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;wBAClD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;oBAClD,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,WAAW,CAAC,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;QACjF,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;IACjF,CAAC;IAEM,MAAM,CAAC,oBAAoB;QAEhC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QACD,MAAM,aAAa,GAAqB,EAAE,CAAC;QAC3C,MAAM,aAAa,GAAqB,EAAE,CAAC;QAE3C,kBAAkB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,KAAwB,EAAE,GAAW,EAAE,EAAE;YAChF,oEAAoE;YACpE,gCAAgC;YAChC,gCAAgC;YAChC,WAAW;YACX,gCAAgC;YAChC,IAAI;YACJ,aAAa,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC7B,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;QACtF,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;IACtF,CAAC;;AA5HH,gDA8HC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @packageDocumentation\n * @module Tiles\n */\n\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\nimport { ArcGisGenerateTokenOptions, ArcGisOAuth2Token, ArcGisToken, ArcGisTokenGenerator } from \"./ArcGisTokenGenerator.js\";\n\n/** @internal */\ninterface ArcGisTokenProps {\n [hostname: string]: ArcGisOAuth2Token;\n}\n\n/** @internal */\nexport class ArcGisTokenManager {\n private static readonly tokenExpiryThreshold = 300000; // 5 minutes in milliseconds\n private static _cache = new Map<string, ArcGisToken>();\n private static _oauth2Cache: Map<string, ArcGisOAuth2Token> | undefined;\n private static _generator: ArcGisTokenGenerator | undefined;\n private static readonly _browserStorageKey = \"arcGisOAuth\";\n\n public static async getToken(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<ArcGisToken | undefined> {\n if (!ArcGisTokenManager._generator)\n ArcGisTokenManager._generator = new ArcGisTokenGenerator();\n\n const tokenCacheKey = `${encodeURIComponent(userName)}@${arcGisRestServiceUrl}`;\n\n // First check in the session cache\n const cachedToken = ArcGisTokenManager._cache.get(tokenCacheKey);\n\n // Check if token is in cached and is valid within the threshold, if not, generate a new token immediately.\n if (cachedToken !== undefined && (cachedToken.expires - (+new Date()) > ArcGisTokenManager.tokenExpiryThreshold)) {\n return cachedToken;\n }\n\n // Nothing in cache, generate a new token\n const newToken = await ArcGisTokenManager._generator.generate(arcGisRestServiceUrl, userName, password, options);\n if (newToken.token) {\n const token = newToken as ArcGisToken;\n ArcGisTokenManager._cache.set(tokenCacheKey, token);\n return token;\n }\n\n return undefined;\n }\n\n public static invalidateToken(token: MapLayerAccessToken): boolean {\n\n for (const [key, value] of ArcGisTokenManager._cache) {\n if (value.token === token.token)\n return ArcGisTokenManager._cache.delete(key);\n }\n\n return false;\n }\n\n public static getOAuth2Token(key: string): ArcGisOAuth2Token | undefined {\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\n ArcGisTokenManager.loadFromBrowserStorage();\n }\n\n const cachedToken = ArcGisTokenManager._oauth2Cache.get(key);\n\n // If cached token has expired (or about to expire), invalidate don't return it.\n if (cachedToken !== undefined && (cachedToken.expiresAt - (+new Date()) < ArcGisTokenManager.tokenExpiryThreshold)) {\n ArcGisTokenManager._oauth2Cache.delete(key);\n return undefined;\n }\n\n return cachedToken;\n }\n\n public static invalidateOAuth2Token(token: MapLayerAccessToken) {\n\n if (ArcGisTokenManager._oauth2Cache) {\n for (const [key, value] of ArcGisTokenManager._oauth2Cache) {\n if (value.token === token.token){\n const deleted = ArcGisTokenManager._oauth2Cache.delete(key);\n ArcGisTokenManager.saveToBrowserStorage();\n return deleted;\n }\n }\n }\n\n return false;\n }\n\n public static setOAuth2Token(key: string, token: ArcGisOAuth2Token) {\n\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\n\n }\n ArcGisTokenManager._oauth2Cache.set(key, token);\n\n ArcGisTokenManager.saveToBrowserStorage();\n }\n\n public static loadFromBrowserStorage() {\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n return;\n }\n\n const loadEntries = (json: string | undefined) => {\n if (json && ArcGisTokenManager._oauth2Cache !== undefined) {\n const tokens: ArcGisTokenProps | undefined = JSON.parse(json);\n if (tokens) {\n for (const [key, value] of Object.entries(tokens)) {\n ArcGisTokenManager._oauth2Cache.set(key, value);\n }\n }\n }\n };\n\n loadEntries(window.sessionStorage.getItem(this._browserStorageKey) ?? undefined);\n loadEntries(window.localStorage.getItem(this._browserStorageKey) ?? undefined);\n }\n\n public static saveToBrowserStorage() {\n\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n return;\n }\n const sessionTokens: ArcGisTokenProps = {};\n const storageTokens: ArcGisTokenProps = {};\n\n ArcGisTokenManager._oauth2Cache.forEach((value: ArcGisOAuth2Token, key: string) => {\n // ignore the persist flag for now, and only save to session storage\n // if (value.persist === true) {\n // storageTokens[key] = value;\n // } else {\n // sessionTokens[key] = value;\n // }\n sessionTokens[key] = value;\n });\n window.sessionStorage.setItem(this._browserStorageKey, JSON.stringify(sessionTokens));\n window.localStorage.setItem(this._browserStorageKey, JSON.stringify(storageTokens));\n }\n\n}\n"]}
1
+ {"version":3,"file":"ArcGisTokenManager.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenManager.ts"],"names":[],"mappings":";AAAA;;;+FAG+F;AAC/F;;GAEG;;;AAGH,uEAA6H;AAO7H,gBAAgB;AAChB,MAAa,kBAAkB;IACrB,MAAM,CAAU,oBAAoB,GAAG,MAAM,CAAC,CAAE,4BAA4B;IAC5E,MAAM,CAAC,MAAM,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC/C,MAAM,CAAC,YAAY,CAA6C;IAChE,MAAM,CAAC,UAAU,CAAmC;IACpD,MAAM,CAAU,kBAAkB,GAAG,aAAa,CAAC;IAEpD,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QAChI,IAAI,CAAC,kBAAkB,CAAC,UAAU;YAChC,kBAAkB,CAAC,UAAU,GAAG,IAAI,8CAAoB,EAAE,CAAC;QAE7D,MAAM,aAAa,GAAG,GAAG,kBAAkB,CAAC,QAAQ,CAAC,IAAI,oBAAoB,EAAE,CAAC;QAEhF,mCAAmC;QACnC,MAAM,WAAW,GAAG,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QAEjE,2GAA2G;QAC3G,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACjH,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,yCAAyC;QACzC,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,oBAAoB,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACjH,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,KAAK,GAAG,QAAuB,CAAC;YACtC,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;YACpD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,MAAM,CAAC,eAAe,CAAC,KAA0B;QAEtD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,MAAM,EAAE,CAAC;YACrD,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK;gBAC7B,OAAO,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjD,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW;QACtC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;YACvE,kBAAkB,CAAC,sBAAsB,EAAE,CAAC;QAC9C,CAAC;QAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAE7D,gFAAgF;QAChF,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,SAAS,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACnH,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC5C,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAEM,MAAM,CAAC,qBAAqB,CAAC,KAA0B;QAE5D,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;YACpC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;gBAC3D,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK,EAAC,CAAC;oBAC/B,MAAM,OAAO,GAAG,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBAC5D,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;oBAC1C,OAAO,OAAO,CAAC;gBACjB,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW,EAAE,KAAwB;QAEhE,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;QAEzE,CAAC;QACD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAEhD,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;IAC5C,CAAC;IAEM,MAAM,CAAC,sBAAsB;QAClC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,IAAwB,EAAE,EAAE;YAC/C,IAAI,IAAI,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC1D,MAAM,MAAM,GAAiC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC9D,IAAI,MAAM,EAAE,CAAC;oBACX,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;wBAClD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;oBAClD,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,WAAW,CAAC,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;QACjF,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;IACjF,CAAC;IAEM,MAAM,CAAC,oBAAoB;QAEhC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QACD,MAAM,aAAa,GAAqB,EAAE,CAAC;QAC3C,MAAM,aAAa,GAAqB,EAAE,CAAC;QAE3C,kBAAkB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,KAAwB,EAAE,GAAW,EAAE,EAAE;YAChF,oEAAoE;YACpE,gCAAgC;YAChC,gCAAgC;YAChC,WAAW;YACX,gCAAgC;YAChC,IAAI;YACJ,aAAa,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC7B,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;QACtF,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;IACtF,CAAC;;AA5HH,gDA8HC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\r\nimport { ArcGisGenerateTokenOptions, ArcGisOAuth2Token, ArcGisToken, ArcGisTokenGenerator } from \"./ArcGisTokenGenerator.js\";\r\n\r\n/** @internal */\r\ninterface ArcGisTokenProps {\r\n [hostname: string]: ArcGisOAuth2Token;\r\n}\r\n\r\n/** @internal */\r\nexport class ArcGisTokenManager {\r\n private static readonly tokenExpiryThreshold = 300000; // 5 minutes in milliseconds\r\n private static _cache = new Map<string, ArcGisToken>();\r\n private static _oauth2Cache: Map<string, ArcGisOAuth2Token> | undefined;\r\n private static _generator: ArcGisTokenGenerator | undefined;\r\n private static readonly _browserStorageKey = \"arcGisOAuth\";\r\n\r\n public static async getToken(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<ArcGisToken | undefined> {\r\n if (!ArcGisTokenManager._generator)\r\n ArcGisTokenManager._generator = new ArcGisTokenGenerator();\r\n\r\n const tokenCacheKey = `${encodeURIComponent(userName)}@${arcGisRestServiceUrl}`;\r\n\r\n // First check in the session cache\r\n const cachedToken = ArcGisTokenManager._cache.get(tokenCacheKey);\r\n\r\n // Check if token is in cached and is valid within the threshold, if not, generate a new token immediately.\r\n if (cachedToken !== undefined && (cachedToken.expires - (+new Date()) > ArcGisTokenManager.tokenExpiryThreshold)) {\r\n return cachedToken;\r\n }\r\n\r\n // Nothing in cache, generate a new token\r\n const newToken = await ArcGisTokenManager._generator.generate(arcGisRestServiceUrl, userName, password, options);\r\n if (newToken.token) {\r\n const token = newToken as ArcGisToken;\r\n ArcGisTokenManager._cache.set(tokenCacheKey, token);\r\n return token;\r\n }\r\n\r\n return undefined;\r\n }\r\n\r\n public static invalidateToken(token: MapLayerAccessToken): boolean {\r\n\r\n for (const [key, value] of ArcGisTokenManager._cache) {\r\n if (value.token === token.token)\r\n return ArcGisTokenManager._cache.delete(key);\r\n }\r\n\r\n return false;\r\n }\r\n\r\n public static getOAuth2Token(key: string): ArcGisOAuth2Token | undefined {\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\r\n ArcGisTokenManager.loadFromBrowserStorage();\r\n }\r\n\r\n const cachedToken = ArcGisTokenManager._oauth2Cache.get(key);\r\n\r\n // If cached token has expired (or about to expire), invalidate don't return it.\r\n if (cachedToken !== undefined && (cachedToken.expiresAt - (+new Date()) < ArcGisTokenManager.tokenExpiryThreshold)) {\r\n ArcGisTokenManager._oauth2Cache.delete(key);\r\n return undefined;\r\n }\r\n\r\n return cachedToken;\r\n }\r\n\r\n public static invalidateOAuth2Token(token: MapLayerAccessToken) {\r\n\r\n if (ArcGisTokenManager._oauth2Cache) {\r\n for (const [key, value] of ArcGisTokenManager._oauth2Cache) {\r\n if (value.token === token.token){\r\n const deleted = ArcGisTokenManager._oauth2Cache.delete(key);\r\n ArcGisTokenManager.saveToBrowserStorage();\r\n return deleted;\r\n }\r\n }\r\n }\r\n\r\n return false;\r\n }\r\n\r\n public static setOAuth2Token(key: string, token: ArcGisOAuth2Token) {\r\n\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\r\n\r\n }\r\n ArcGisTokenManager._oauth2Cache.set(key, token);\r\n\r\n ArcGisTokenManager.saveToBrowserStorage();\r\n }\r\n\r\n public static loadFromBrowserStorage() {\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n return;\r\n }\r\n\r\n const loadEntries = (json: string | undefined) => {\r\n if (json && ArcGisTokenManager._oauth2Cache !== undefined) {\r\n const tokens: ArcGisTokenProps | undefined = JSON.parse(json);\r\n if (tokens) {\r\n for (const [key, value] of Object.entries(tokens)) {\r\n ArcGisTokenManager._oauth2Cache.set(key, value);\r\n }\r\n }\r\n }\r\n };\r\n\r\n loadEntries(window.sessionStorage.getItem(this._browserStorageKey) ?? undefined);\r\n loadEntries(window.localStorage.getItem(this._browserStorageKey) ?? undefined);\r\n }\r\n\r\n public static saveToBrowserStorage() {\r\n\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n return;\r\n }\r\n const sessionTokens: ArcGisTokenProps = {};\r\n const storageTokens: ArcGisTokenProps = {};\r\n\r\n ArcGisTokenManager._oauth2Cache.forEach((value: ArcGisOAuth2Token, key: string) => {\r\n // ignore the persist flag for now, and only save to session storage\r\n // if (value.persist === true) {\r\n // storageTokens[key] = value;\r\n // } else {\r\n // sessionTokens[key] = value;\r\n // }\r\n sessionTokens[key] = value;\r\n });\r\n window.sessionStorage.setItem(this._browserStorageKey, JSON.stringify(sessionTokens));\r\n window.localStorage.setItem(this._browserStorageKey, JSON.stringify(storageTokens));\r\n }\r\n\r\n}\r\n"]}
package/lib/cjs/ArcGis/ArcGisUrl.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisUrl.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisUrl.ts"],"names":[],"mappings":";;;AAAA;;;+FAG+F;AAC/F,gBAAgB;AAChB,MAAa,SAAS;IAEpB,qCAAqC;IAC9B,MAAM,CAAC,kBAAkB,CAAC,GAAQ;QACvC,MAAM,MAAM,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC;QAC3B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAC1C,OAAO,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAEjG,CAAC;IAEM,MAAM,CAAC,KAAK,CAAC,8BAA8B,CAAC,GAAQ;QACzD,MAAM,OAAO,GAAG,SAAS,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAClD,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,wGAAwG;QACxG,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,GAAG,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACrD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAEzC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QAED,MAAM,gBAAgB,GAAG,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC;QAC1D,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,SAAS,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACjE,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,GAAQ;QACrC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YAChE,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC/B,CAAC;QAAC,MAAM,CAAC;QACT,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;CACF;AA5CD,8BA4CC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @internal */\nexport class ArcGisUrl {\n\n // Extract the sub-url up to '/rest/'\n public static extractRestBaseUrl(url: URL): URL | undefined {\n const urlStr = url.toString();\n const searchStr = \"/rest/\";\n const restPos = urlStr.indexOf(searchStr);\n return (restPos === -1 ? undefined : new URL(urlStr.substring(0, restPos + searchStr.length)));\n\n }\n\n public static async getRestUrlFromGenerateTokenUrl(url: URL): Promise<URL | undefined> {\n const restUrl = ArcGisUrl.extractRestBaseUrl(url);\n if (restUrl === undefined) {\n return undefined;\n }\n\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\n const infoUrl = new URL(`${restUrl.toString()}info`);\n infoUrl.searchParams.append(\"f\", \"json\");\n\n let json;\n try {\n json = await ArcGisUrl.fetchJson(infoUrl);\n } catch {\n\n }\n\n const tokenServicesUrl = json?.authInfo?.tokenServicesUrl;\n if (tokenServicesUrl === undefined) {\n return undefined;\n }\n return ArcGisUrl.extractRestBaseUrl(new URL(tokenServicesUrl));\n }\n\n private static async fetchJson(url: URL): Promise<any> {\n let json;\n try {\n const response = await fetch(url.toString(), { method: \"GET\" });\n json = await response.json();\n } catch {\n }\n return json;\n }\n}\n"]}
1
+ {"version":3,"file":"ArcGisUrl.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisUrl.ts"],"names":[],"mappings":";;;AAAA;;;+FAG+F;AAC/F,gBAAgB;AAChB,MAAa,SAAS;IAEpB,qCAAqC;IAC9B,MAAM,CAAC,kBAAkB,CAAC,GAAQ;QACvC,MAAM,MAAM,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC;QAC3B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAC1C,OAAO,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAEjG,CAAC;IAEM,MAAM,CAAC,KAAK,CAAC,8BAA8B,CAAC,GAAQ;QACzD,MAAM,OAAO,GAAG,SAAS,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAClD,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,wGAAwG;QACxG,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,GAAG,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACrD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAEzC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QAED,MAAM,gBAAgB,GAAG,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC;QAC1D,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,SAAS,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACjE,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,GAAQ;QACrC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YAChE,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC/B,CAAC;QAAC,MAAM,CAAC;QACT,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;CACF;AA5CD,8BA4CC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @internal */\r\nexport class ArcGisUrl {\r\n\r\n // Extract the sub-url up to '/rest/'\r\n public static extractRestBaseUrl(url: URL): URL | undefined {\r\n const urlStr = url.toString();\r\n const searchStr = \"/rest/\";\r\n const restPos = urlStr.indexOf(searchStr);\r\n return (restPos === -1 ? undefined : new URL(urlStr.substring(0, restPos + searchStr.length)));\r\n\r\n }\r\n\r\n public static async getRestUrlFromGenerateTokenUrl(url: URL): Promise<URL | undefined> {\r\n const restUrl = ArcGisUrl.extractRestBaseUrl(url);\r\n if (restUrl === undefined) {\r\n return undefined;\r\n }\r\n\r\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\r\n const infoUrl = new URL(`${restUrl.toString()}info`);\r\n infoUrl.searchParams.append(\"f\", \"json\");\r\n\r\n let json;\r\n try {\r\n json = await ArcGisUrl.fetchJson(infoUrl);\r\n } catch {\r\n\r\n }\r\n\r\n const tokenServicesUrl = json?.authInfo?.tokenServicesUrl;\r\n if (tokenServicesUrl === undefined) {\r\n return undefined;\r\n }\r\n return ArcGisUrl.extractRestBaseUrl(new URL(tokenServicesUrl));\r\n }\r\n\r\n private static async fetchJson(url: URL): Promise<any> {\r\n let json;\r\n try {\r\n const response = await fetch(url.toString(), { method: \"GET\" });\r\n json = await response.json();\r\n } catch {\r\n }\r\n return json;\r\n }\r\n}\r\n"]}
package/lib/cjs/map-layers-auth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"map-layers-auth.js","sourceRoot":"","sources":["../../src/map-layers-auth.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA;;;+FAG+F;AAC/F,iEAA+C;AAC/C,mEAAiD;AACjD,mEAAiD;AACjD,iEAA+C;AAC/C,wDAAsC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\nexport * from \"./ArcGis/ArcGisAccessClient.js\";\nexport * from \"./ArcGis/ArcGisOAuth2Endpoint.js\";\nexport * from \"./ArcGis/ArcGisTokenGenerator.js\";\nexport * from \"./ArcGis/ArcGisTokenManager.js\";\nexport * from \"./ArcGis/ArcGisUrl.js\";\n\n"]}
1
+ {"version":3,"file":"map-layers-auth.js","sourceRoot":"","sources":["../../src/map-layers-auth.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA;;;+FAG+F;AAC/F,iEAA+C;AAC/C,mEAAiD;AACjD,mEAAiD;AACjD,iEAA+C;AAC/C,wDAAsC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\nexport * from \"./ArcGis/ArcGisAccessClient.js\";\r\nexport * from \"./ArcGis/ArcGisOAuth2Endpoint.js\";\r\nexport * from \"./ArcGis/ArcGisTokenGenerator.js\";\r\nexport * from \"./ArcGis/ArcGisTokenManager.js\";\r\nexport * from \"./ArcGis/ArcGisUrl.js\";\r\n\r\n"]}
package/lib/esm/ArcGis/ArcGisAccessClient.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F;;GAEG;AAEH,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAEtD,OAAO,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,2BAA2B,CAAC;AAC3F,OAAO,EAAqB,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AACrF,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAC7D,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AA8C3C,YAAY;AACZ,MAAM,OAAO,kBAAkB;IACb,iBAAiB,GAAG,IAAI,OAAO,EAAE,CAAC;IAC1C,YAAY,CAAqB;IACjC,WAAW,CAAqB;IAChC,UAAU,CAAmC;IAErD,sDAAsD;IAC9C,iBAAiB,GAAG,KAAK,CAAC;IAElC;IACA,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,UAAkB,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;YACzE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;oBAC/H,IAAI,cAAc,CAAC;oBACnB,IAAI,CAAC;wBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,EAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,EAAE,cAAc,CAAC;oBAEzC,CAAC;oBAAC,MAAM,CAAC;oBACT,CAAC;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;wBACjC,kBAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;oBACtB,CAAC;gBAEH,CAAC;YACH,CAAC;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,UAAkB,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACvD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAE/F,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;QACvB,CAAC;QAED,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACvC,OAAO,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,qBAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;QACjJ,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,gBAAgB;IACT,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAC5D,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IAC1G,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,kBAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,kBAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,QAA4B,CAAC;QACjC,IAAI,eAAmC,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;YAC9B,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE,CAAC;gBAChC,eAAe,GAAG,KAAK,CAAC,QAAQ,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;oBACvD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YAC5D,QAAQ,GAAG,eAAe,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;QAC7B,OAAO,IAAI,CAAC,UAAU,EAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;QACvD,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;QAClC,OAAO,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;QAEnE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;gBACpB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACpE,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzE,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;gBAClC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;QAEhE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;QAChJ,CAAC;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,kBAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,uEAAuE;IACvE,8EAA8E;IAC9E,4DAA4D;IAEpD,eAAe,GAAG,IAAI,GAAG,EAAoC,CAAC;IAEtE;;;KAGC;IACO,aAAa,CAAC,GAAgB,EAAE,YAAsC,EAAE,QAA8B;QAC5G,MAAM,KAAK,GAAG,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,EAAC,iBAAiB,EAAE,QAAQ,EAAC,CAAC,CAAC,CAAC,EAAC,aAAa,EAAE,QAAQ,EAAC,CAAC;QAC9H,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACvC,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,cAAc,CAAC,WAAwB,EAAE,gBAAwB,EAAE,YAAsC;QACrH,oCAAoC;QACpC,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;QACzH,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC;QAC7D,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;;MAGE;IACM,iBAAiB,CAAC,GAAQ;QAChC,MAAM,YAAY,GAAG;YACnB,YAAY;SACb,CAAC;QAEF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACxF,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,GAAW;QAC3C,IAAI,KAAwB,CAAC;QAC7B,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,kBAAkB,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1E,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;YAC5E,6GAA6G;YAC7G,qCAAqC;QACvC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,WAAmB,EAAE,YAAsC;QACzF,iCAAiC;QACjC,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;YACjC,OAAO,CAAC,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrI,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAElG,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QAEpC,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBAC5C,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,oBAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAC5F,CAAC;aAAM,CAAC;YAEN,wGAAwG;YACxG,IAAI,CAAC;gBACH,MAAM,uBAAuB,GAAG,MAAM,SAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;gBAEvF,IAAI,uBAAuB,KAAK,SAAS,EAAE,CAAC;oBAC1C,kEAAkE;oBAClE,8FAA8F;oBAC9F,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;oBACvF,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;wBAClD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;wBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;wBAE9H,uCAAuC;wBACvC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;wBACxE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;4BAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,YAAY,CAAC,CAAC;4BAC5F,IAAI,QAAQ;gCACV,OAAO,QAAQ,CAAC;wBACpB,CAAC;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,gBAAgB,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBACtF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;oBACpE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;wBAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAC;wBACxF,IAAI,QAAQ;4BACV,OAAO,QAAQ,CAAC;oBACpB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;YACT,CAAC;QACH,CAAC;QAED,gEAAgE;QAChE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAE,oEAAoE;QAEhH,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QAEH,CAAC;aAAM,CAAC;YACN,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @packageDocumentation\n * @module Tiles\n */\n\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint.js\";\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator.js\";\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager.js\";\nimport { ArcGisUrl } from \"./ArcGisUrl.js\";\n\n/** @beta */\nexport interface ArcGisEnterpriseClientId {\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\n used to identify uniquely each enterprise server. */\n serviceBaseUrl: string;\n\n /* Application's clientId for this enterprise server.*/\n clientId: string;\n}\n\n/** @beta */\nexport interface ArcGisOAuthClientIds {\n /* Application's OAuth clientId in ArcGIS online */\n arcgisOnlineClientId?: string;\n\n /* Application's OAuth clientId for each enterprise server used. */\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\n}\n\n/** @beta\n * ArcGIS OAuth configurations parameters.\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\n * more details.\n*/\nexport interface ArcGisOAuthConfig {\n /* URL to which a user is sent once they complete sign in authorization.\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\n */\n redirectUri: string;\n\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\n tokenExpiration?: number;\n\n /* Application client Ids */\n clientIds: ArcGisOAuthClientIds;\n}\n\ninterface EndPointsCacheEntry {\n authorizeEndpoint?: ArcGisOAuth2Endpoint;\n tokenEndpoint?: ArcGisOAuth2Endpoint;\n}\n\ntype MapLayerUrl = string;\n\n/** @beta */\nexport class ArcGisAccessClient implements MapLayerAccessClient {\n public readonly onOAuthProcessEnd = new BeEvent();\n private _redirectUri: string | undefined;\n private _expiration: number | undefined;\n private _clientIds: ArcGisOAuthClientIds | undefined;\n\n // Should be kept to 'false'. Debugging purposes only.\n private _forceLegacyToken = false;\n\n public constructor() {\n }\n\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\n if (oAuthConfig) {\n this._redirectUri = oAuthConfig.redirectUri;\n this._expiration = oAuthConfig.tokenExpiration;\n this._clientIds = oAuthConfig.clientIds;\n\n this.initOauthCallbackFunction();\n }\n return true;\n }\n\n private initOauthCallbackFunction() {\n (globalThis as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\n let eventSuccess = false;\n let stateData;\n\n if (redirectLocation && redirectLocation.hash.length > 0) {\n const locationHash = redirectLocation.hash;\n const hashParams = new URLSearchParams(locationHash.substring(1));\n const token = hashParams.get(\"access_token\") ?? undefined;\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\n const userName = hashParams.get(\"username\") ?? undefined;\n const ssl = hashParams.get(\"ssl\") === \"true\";\n const stateStr = hashParams.get(\"state\") ?? undefined;\n const persist = hashParams.get(\"persist\") === \"true\";\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\n let endpointOrigin;\n try {\n const state = JSON.parse(stateStr);\n stateData = state?.customData;\n endpointOrigin = state?.endpointOrigin;\n\n } catch {\n }\n const expiresIn = Number(expiresInStr);\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\n if (endpointOrigin !== undefined) {\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\n eventSuccess = true;\n }\n\n }\n }\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\n };\n }\n\n public unInitialize() {\n this._redirectUri = undefined;\n this._expiration = undefined;\n (globalThis as any).arcGisOAuth2Callback = undefined;\n }\n\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\n\n if (!this._forceLegacyToken) {\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\n if (oauth2Token)\n return oauth2Token;\n }\n\n if (params.userName && params.password) {\n return ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\n }\n\n return undefined;\n }\n\n /** @internal */\n public static async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean> {\n const data = await fetch(endpointUrl, { method: \"GET\" });\n return data.status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\n }\n\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\n if (!this._forceLegacyToken) {\n return this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n }\n\n return undefined;\n }\n\n public invalidateToken(token: MapLayerAccessToken): boolean {\n let found = ArcGisTokenManager.invalidateToken(token);\n if (!found) {\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\n }\n return found;\n }\n\n public get redirectUri() {\n return this._redirectUri;\n }\n\n public getMatchingEnterpriseClientId(url: string) {\n const clientIds = this.arcGisEnterpriseClientIds;\n if (!clientIds) {\n return undefined;\n }\n\n let clientId: string | undefined;\n let defaultClientId: string | undefined;\n for (const entry of clientIds) {\n if (entry.serviceBaseUrl === \"\") {\n defaultClientId = entry.clientId;\n } else {\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\n clientId = entry.clientId;\n }\n }\n }\n\n // If we could not find a match with serviceBaseUrl, and a default clientId\n // was specified (i.e empty url), then use default clientId\n if (clientId === undefined && defaultClientId !== undefined) {\n clientId = defaultClientId;\n }\n return clientId;\n }\n\n public get expiration() {\n return this._expiration;\n }\n\n public get arcGisOnlineClientId() {\n return this._clientIds?.arcgisOnlineClientId;\n }\n\n public set arcGisOnlineClientId(clientId: string | undefined) {\n if (this._clientIds === undefined) {\n this._clientIds = { arcgisOnlineClientId: clientId };\n }\n this._clientIds.arcgisOnlineClientId = clientId;\n }\n\n public get arcGisEnterpriseClientIds() {\n return this._clientIds?.enterpriseClientIds;\n }\n\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\n\n if (this._clientIds?.enterpriseClientIds) {\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\n if (foundIdx !== -1) {\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\n } else {\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\n }\n } else {\n if (this._clientIds === undefined) {\n this._clientIds = {};\n }\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\n }\n }\n\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\n\n if (this._clientIds?.enterpriseClientIds) {\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\n }\n\n }\n\n /// //////////\n /** @internal */\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\n try {\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\n if (oauthEndpoint !== undefined) {\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\n }\n } catch { }\n return undefined;\n }\n\n // Mapping between a map-layer URL and its corresponding Oauth endpoint\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\n // => https://hostname/portal/sharing/oauth2/authorize\n\n private _endPointsCache = new Map<MapLayerUrl, EndPointsCacheEntry>();\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private cacheEndpoint(url: MapLayerUrl, endpointType: ArcGisOAuth2EndpointType, endPoint: ArcGisOAuth2Endpoint) {\n const entry = endpointType === ArcGisOAuth2EndpointType.Authorize ? {authorizeEndpoint: endPoint} : {tokenEndpoint: endPoint};\n this._endPointsCache.set(url, entry);\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async createEndpoint(mapLayerUrl: MapLayerUrl, oauthEndpointUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Validate the URL we just composed\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauthEndpointUrl, this.constructLoginUrl(oauthEndpointUrl, false), false);\n this.cacheEndpoint(mapLayerUrl, endpointType, oauthEndpoint);\n return oauthEndpoint;\n }\n\n /**\n * Returns whether the ArcGis host is valid\n * @internal\n */\n private isArcGisHostValid(url: URL): boolean {\n const allowedHosts = [\n \"arcgis.com\",\n ];\n\n return allowedHosts.some((host: string) => url.hostname.toLowerCase().endsWith(host));\n }\n\n private async validateEndpointUrl(url: string) {\n let valid: boolean|undefined;\n try {\n valid = await ArcGisAccessClient.validateOAuth2Endpoint(url.toString());\n } catch {\n // If we reach here, this means we could not validate properly the endpoint;\n // we cannot conclude the endpoint is invalid though; it might happen endpoint doesn't support CORS requests,\n // but still valid for Oauth process.\n }\n return valid;\n }\n\n /**\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\n * @internal\n */\n private async getOAuth2Endpoint(mapLayerUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\n // Return from cache if available\n const cachedEndpoint = this._endPointsCache.get(mapLayerUrl);\n if (cachedEndpoint !== undefined) {\n return (endpointType === ArcGisOAuth2EndpointType.Authorize ? cachedEndpoint.authorizeEndpoint : cachedEndpoint.authorizeEndpoint);\n }\n\n const endpointStr = (endpointType === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\n\n const urlObj = new URL(mapLayerUrl);\n\n if (this.isArcGisHostValid(urlObj)) {\n // ArcGIS Online (fixed)\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\n\n if (this.arcGisOnlineClientId === undefined) {\n return undefined;\n }\n\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\n return new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, true), true);\n } else {\n\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\n try {\n const restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\n\n if (restUrlFromTokenService === undefined) {\n // We could not derive the token endpoint from 'tokenServicesUrl'.\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\n const regExMatch = mapLayerUrl.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\n if (regExMatch !== null && regExMatch.length >= 2) {\n const subdirectory = regExMatch[1];\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\n\n // Check again the URL we just composed\n const isValidUrl = await this.validateEndpointUrl(newUrlObj.toString());\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, newUrlObj.toString(), endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } else {\n const oauthEndpointUrl = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\n const isValidUrl = await this.validateEndpointUrl(oauthEndpointUrl);\n if (isValidUrl === undefined || isValidUrl ) {\n const endpoint = await this.createEndpoint(mapLayerUrl, oauthEndpointUrl, endpointType);\n if (endpoint)\n return endpoint;\n }\n }\n } catch {\n }\n }\n\n // If we reach here, we were not successful creating an endpoint\n this._endPointsCache.set(mapLayerUrl, {}); // Cache an empty entry, and avoid making repeated failing requests.\n\n return undefined; // we could not find any valid oauth2 endpoint\n }\n\n /**\n * Construct the complete Authorize url to starts the Oauth process\n * @internal\n */\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\n const urlObj = new URL(url);\n\n // Set the client id\n if (isArcgisOnline) {\n const clientId = this.arcGisOnlineClientId;\n assert(clientId !== undefined);\n if (clientId !== undefined) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n\n } else {\n const clientId = this.getMatchingEnterpriseClientId(url);\n assert(clientId !== undefined);\n if (undefined !== clientId) {\n urlObj.searchParams.set(\"client_id\", clientId);\n }\n }\n\n urlObj.searchParams.set(\"response_type\", \"token\");\n if (this.expiration !== undefined) {\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\n }\n\n if (this.redirectUri)\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\n\n return urlObj.toString();\n }\n\n}\n"]}
1
+ {"version":3,"file":"ArcGisAccessClient.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisAccessClient.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F;;GAEG;AAEH,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAEtD,OAAO,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,2BAA2B,CAAC;AAC3F,OAAO,EAAqB,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AACrF,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAC7D,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AA8C3C,YAAY;AACZ,MAAM,OAAO,kBAAkB;IACb,iBAAiB,GAAG,IAAI,OAAO,EAAE,CAAC;IAC1C,YAAY,CAAqB;IACjC,WAAW,CAAqB;IAChC,UAAU,CAAmC;IAErD,sDAAsD;IAC9C,iBAAiB,GAAG,KAAK,CAAC;IAElC;IACA,CAAC;IAEM,UAAU,CAAC,WAA+B;QAC/C,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC;YAC5C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,eAAe,CAAC;YAC/C,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,SAAS,CAAC;YAExC,IAAI,CAAC,yBAAyB,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,yBAAyB;QAC9B,UAAkB,CAAC,oBAAoB,GAAG,CAAC,gBAA2B,EAAE,EAAE;YACzE,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,SAAS,CAAC;YAEd,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC;gBAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS,CAAC;gBAC1D,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,SAAS,CAAC;gBAC/D,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;gBACzD,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC;gBAC7C,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;gBACtD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;gBACrD,IAAI,KAAK,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,IAAI,GAAG,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;oBAC/H,IAAI,cAAc,CAAC;oBACnB,IAAI,CAAC;wBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;wBACnC,SAAS,GAAG,KAAK,EAAE,UAAU,CAAC;wBAC9B,cAAc,GAAG,KAAK,EAAE,cAAc,CAAC;oBAEzC,CAAC;oBAAC,MAAM,CAAC;oBACT,CAAC;oBACD,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;oBACvC,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAG,6EAA6E;oBACrI,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;wBACjC,kBAAkB,CAAC,cAAc,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;wBAChG,YAAY,GAAG,IAAI,CAAC;oBACtB,CAAC;gBAEH,CAAC;YACH,CAAC;YACD,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC,CAAC;IACJ,CAAC;IAEM,YAAY;QACjB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC5B,UAAkB,CAAC,oBAAoB,GAAG,SAAS,CAAC;IACvD,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAiC;QAC3D,+FAA+F;QAE/F,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC1F,IAAI,WAAW;gBACb,OAAO,WAAW,CAAC;QACvB,CAAC;QAED,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACvC,OAAO,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,qBAAqB,CAAC,OAAO,EAAE,CAAC,CAAC;QACjJ,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,gBAAgB;IACT,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,WAAmB;QAC5D,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC,MAAM,KAAK,GAAG,CAAC,CAAI,yEAAyE;IAC1G,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,WAAmB;QACtD,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,eAAe,CAAC,KAA0B;QAC/C,IAAI,KAAK,GAAG,kBAAkB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,kBAAkB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEM,6BAA6B,CAAC,GAAW;QAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,QAA4B,CAAC;QACjC,IAAI,eAAmC,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;YAC9B,IAAI,KAAK,CAAC,cAAc,KAAK,EAAE,EAAE,CAAC;gBAChC,eAAe,GAAG,KAAK,CAAC,QAAQ,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;oBACvD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YAC5D,QAAQ,GAAG,eAAe,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAW,UAAU;QACnB,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,IAAW,oBAAoB;QAC7B,OAAO,IAAI,CAAC,UAAU,EAAE,oBAAoB,CAAC;IAC/C,CAAC;IAED,IAAW,oBAAoB,CAAC,QAA4B;QAC1D,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,IAAI,CAAC,UAAU,GAAG,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC;QACvD,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,oBAAoB,GAAG,QAAQ,CAAC;IAClD,CAAC;IAED,IAAW,yBAAyB;QAClC,OAAO,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC;IAC9C,CAAC;IAEM,qBAAqB,CAAC,cAAsB,EAAE,QAAgB;QAEnE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,KAAK,cAAc,CAAC,CAAC;YACnH,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;gBACpB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACpE,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzE,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;gBAClC,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAEM,wBAAwB,CAAC,QAAkC;QAEhE,IAAI,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,mBAAmB,GAAG,IAAI,CAAC,UAAU,EAAE,mBAAmB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ,CAAC,cAAc,CAAC,CAAC;QAChJ,CAAC;IAEH,CAAC;IAED,cAAc;IACd,gBAAgB;IACR,KAAK,CAAC,2BAA2B,CAAC,WAAmB;QAC3D,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;YACpG,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;gBACzD,OAAO,kBAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,uEAAuE;IACvE,8EAA8E;IAC9E,4DAA4D;IAEpD,eAAe,GAAG,IAAI,GAAG,EAAoC,CAAC;IAEtE;;;KAGC;IACO,aAAa,CAAC,GAAgB,EAAE,YAAsC,EAAE,QAA8B;QAC5G,MAAM,KAAK,GAAG,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,EAAC,iBAAiB,EAAE,QAAQ,EAAC,CAAC,CAAC,CAAC,EAAC,aAAa,EAAE,QAAQ,EAAC,CAAC;QAC9H,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACvC,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,cAAc,CAAC,WAAwB,EAAE,gBAAwB,EAAE,YAAsC;QACrH,oCAAoC;QACpC,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC;QACzH,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC;QAC7D,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;;MAGE;IACM,iBAAiB,CAAC,GAAQ;QAChC,MAAM,YAAY,GAAG;YACnB,YAAY;SACb,CAAC;QAEF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACxF,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,GAAW;QAC3C,IAAI,KAAwB,CAAC;QAC7B,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,kBAAkB,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1E,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;YAC5E,6GAA6G;YAC7G,qCAAqC;QACvC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;KAGC;IACO,KAAK,CAAC,iBAAiB,CAAC,WAAmB,EAAE,YAAsC;QACzF,iCAAiC;QACjC,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;YACjC,OAAO,CAAC,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrI,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,YAAY,KAAK,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAElG,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QAEpC,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,wBAAwB;YACxB,iGAAiG;YAEjG,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBAC5C,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,SAAS,GAAG,8CAA8C,WAAW,EAAE,CAAC;YAC9E,OAAO,IAAI,oBAAoB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAC5F,CAAC;aAAM,CAAC;YAEN,wGAAwG;YACxG,IAAI,CAAC;gBACH,MAAM,uBAAuB,GAAG,MAAM,SAAS,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;gBAEvF,IAAI,uBAAuB,KAAK,SAAS,EAAE,CAAC;oBAC1C,kEAAkE;oBAClE,8FAA8F;oBAC9F,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC,CAAC;oBACvF,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;wBAClD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;wBACnC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBACtF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,GAAG,IAAI,IAAI,YAAY,wBAAwB,WAAW,EAAE,CAAC,CAAC;wBAE9H,uCAAuC;wBACvC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;wBACxE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;4BAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,YAAY,CAAC,CAAC;4BAC5F,IAAI,QAAQ;gCACV,OAAO,QAAQ,CAAC;wBACpB,CAAC;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,gBAAgB,GAAG,GAAG,uBAAuB,CAAC,QAAQ,EAAE,UAAU,WAAW,EAAE,CAAC;oBACtF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;oBACpE,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,EAAG,CAAC;wBAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAC;wBACxF,IAAI,QAAQ;4BACV,OAAO,QAAQ,CAAC;oBACpB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;YACT,CAAC;QACH,CAAC;QAED,gEAAgE;QAChE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAE,oEAAoE;QAEhH,OAAO,SAAS,CAAC,CAAG,8CAA8C;IACpE,CAAC;IAED;;;KAGC;IACO,iBAAiB,CAAC,GAAW,EAAE,cAAuB;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,oBAAoB;QACpB,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC3C,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QAEH,CAAC;aAAM,CAAC;YACN,MAAM,QAAQ,GAAG,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;YACzD,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;YAC/B,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;gBAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAED,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,IAAI,CAAC,WAAW;YAClB,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE5D,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;CAEF","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\nimport { assert, BeEvent } from \"@itwin/core-bentley\";\r\nimport { MapLayerAccessClient, MapLayerAccessToken, MapLayerAccessTokenParams, MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\r\nimport { ArcGisOAuth2Endpoint, ArcGisOAuth2EndpointType } from \"./ArcGisOAuth2Endpoint.js\";\r\nimport { ArcGisOAuth2Token, ArcGisTokenClientType } from \"./ArcGisTokenGenerator.js\";\r\nimport { ArcGisTokenManager } from \"./ArcGisTokenManager.js\";\r\nimport { ArcGisUrl } from \"./ArcGisUrl.js\";\r\n\r\n/** @beta */\r\nexport interface ArcGisEnterpriseClientId {\r\n /* Oauth API endpoint base URL (i.e. https://hostname/portal/sharing/oauth2/authorize)\r\n used to identify uniquely each enterprise server. */\r\n serviceBaseUrl: string;\r\n\r\n /* Application's clientId for this enterprise server.*/\r\n clientId: string;\r\n}\r\n\r\n/** @beta */\r\nexport interface ArcGisOAuthClientIds {\r\n /* Application's OAuth clientId in ArcGIS online */\r\n arcgisOnlineClientId?: string;\r\n\r\n /* Application's OAuth clientId for each enterprise server used. */\r\n enterpriseClientIds?: ArcGisEnterpriseClientId[];\r\n}\r\n\r\n/** @beta\r\n * ArcGIS OAuth configurations parameters.\r\n * See https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serverless-web-apps/\r\n * more details.\r\n*/\r\nexport interface ArcGisOAuthConfig {\r\n /* URL to which a user is sent once they complete sign in authorization.\r\n Must match a URI you define in the developer dashboard, otherwise, the authorization will be rejected.\r\n */\r\n redirectUri: string;\r\n\r\n /* Optional expiration after which the token will expire. Defined in minutes with a maximum of two weeks (20160 minutes)*/\r\n tokenExpiration?: number;\r\n\r\n /* Application client Ids */\r\n clientIds: ArcGisOAuthClientIds;\r\n}\r\n\r\ninterface EndPointsCacheEntry {\r\n authorizeEndpoint?: ArcGisOAuth2Endpoint;\r\n tokenEndpoint?: ArcGisOAuth2Endpoint;\r\n}\r\n\r\ntype MapLayerUrl = string;\r\n\r\n/** @beta */\r\nexport class ArcGisAccessClient implements MapLayerAccessClient {\r\n public readonly onOAuthProcessEnd = new BeEvent();\r\n private _redirectUri: string | undefined;\r\n private _expiration: number | undefined;\r\n private _clientIds: ArcGisOAuthClientIds | undefined;\r\n\r\n // Should be kept to 'false'. Debugging purposes only.\r\n private _forceLegacyToken = false;\r\n\r\n public constructor() {\r\n }\r\n\r\n public initialize(oAuthConfig?: ArcGisOAuthConfig): boolean {\r\n if (oAuthConfig) {\r\n this._redirectUri = oAuthConfig.redirectUri;\r\n this._expiration = oAuthConfig.tokenExpiration;\r\n this._clientIds = oAuthConfig.clientIds;\r\n\r\n this.initOauthCallbackFunction();\r\n }\r\n return true;\r\n }\r\n\r\n private initOauthCallbackFunction() {\r\n (globalThis as any).arcGisOAuth2Callback = (redirectLocation?: Location) => {\r\n let eventSuccess = false;\r\n let stateData;\r\n\r\n if (redirectLocation && redirectLocation.hash.length > 0) {\r\n const locationHash = redirectLocation.hash;\r\n const hashParams = new URLSearchParams(locationHash.substring(1));\r\n const token = hashParams.get(\"access_token\") ?? undefined;\r\n const expiresInStr = hashParams.get(\"expires_in\") ?? undefined;\r\n const userName = hashParams.get(\"username\") ?? undefined;\r\n const ssl = hashParams.get(\"ssl\") === \"true\";\r\n const stateStr = hashParams.get(\"state\") ?? undefined;\r\n const persist = hashParams.get(\"persist\") === \"true\";\r\n if (token !== undefined && expiresInStr !== undefined && userName !== undefined && ssl !== undefined && stateStr !== undefined) {\r\n let endpointOrigin;\r\n try {\r\n const state = JSON.parse(stateStr);\r\n stateData = state?.customData;\r\n endpointOrigin = state?.endpointOrigin;\r\n\r\n } catch {\r\n }\r\n const expiresIn = Number(expiresInStr);\r\n const expiresAt = (expiresIn * 1000) + (+new Date()); // Converts the token expiration delay (seconds) into a timestamp (UNIX time)\r\n if (endpointOrigin !== undefined) {\r\n ArcGisTokenManager.setOAuth2Token(endpointOrigin, { token, expiresAt, ssl, userName, persist });\r\n eventSuccess = true;\r\n }\r\n\r\n }\r\n }\r\n this.onOAuthProcessEnd.raiseEvent(eventSuccess, stateData);\r\n };\r\n }\r\n\r\n public unInitialize() {\r\n this._redirectUri = undefined;\r\n this._expiration = undefined;\r\n (globalThis as any).arcGisOAuth2Callback = undefined;\r\n }\r\n\r\n public async getAccessToken(params: MapLayerAccessTokenParams): Promise<MapLayerAccessToken | undefined> {\r\n // First lookup Oauth2 tokens, otherwise check try \"legacy tokens\" if credentials were provided\r\n\r\n if (!this._forceLegacyToken) {\r\n const oauth2Token = await this.getOAuthTokenForMapLayerUrl(params.mapLayerUrl.toString());\r\n if (oauth2Token)\r\n return oauth2Token;\r\n }\r\n\r\n if (params.userName && params.password) {\r\n return ArcGisTokenManager.getToken(params.mapLayerUrl.toString(), params.userName, params.password, { client: ArcGisTokenClientType.referer });\r\n }\r\n\r\n return undefined;\r\n }\r\n\r\n /** @internal */\r\n public static async validateOAuth2Endpoint(endpointUrl: string): Promise<boolean> {\r\n const data = await fetch(endpointUrl, { method: \"GET\" });\r\n return data.status === 400; // Oauth2 API returns 400 (Bad Request) when there are missing parameters\r\n }\r\n\r\n public async getTokenServiceEndPoint(mapLayerUrl: string): Promise<MapLayerTokenEndpoint | undefined> {\r\n if (!this._forceLegacyToken) {\r\n return this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n }\r\n\r\n return undefined;\r\n }\r\n\r\n public invalidateToken(token: MapLayerAccessToken): boolean {\r\n let found = ArcGisTokenManager.invalidateToken(token);\r\n if (!found) {\r\n found = ArcGisTokenManager.invalidateOAuth2Token(token);\r\n }\r\n return found;\r\n }\r\n\r\n public get redirectUri() {\r\n return this._redirectUri;\r\n }\r\n\r\n public getMatchingEnterpriseClientId(url: string) {\r\n const clientIds = this.arcGisEnterpriseClientIds;\r\n if (!clientIds) {\r\n return undefined;\r\n }\r\n\r\n let clientId: string | undefined;\r\n let defaultClientId: string | undefined;\r\n for (const entry of clientIds) {\r\n if (entry.serviceBaseUrl === \"\") {\r\n defaultClientId = entry.clientId;\r\n } else {\r\n if (url.toLowerCase().startsWith(entry.serviceBaseUrl)) {\r\n clientId = entry.clientId;\r\n }\r\n }\r\n }\r\n\r\n // If we could not find a match with serviceBaseUrl, and a default clientId\r\n // was specified (i.e empty url), then use default clientId\r\n if (clientId === undefined && defaultClientId !== undefined) {\r\n clientId = defaultClientId;\r\n }\r\n return clientId;\r\n }\r\n\r\n public get expiration() {\r\n return this._expiration;\r\n }\r\n\r\n public get arcGisOnlineClientId() {\r\n return this._clientIds?.arcgisOnlineClientId;\r\n }\r\n\r\n public set arcGisOnlineClientId(clientId: string | undefined) {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = { arcgisOnlineClientId: clientId };\r\n }\r\n this._clientIds.arcgisOnlineClientId = clientId;\r\n }\r\n\r\n public get arcGisEnterpriseClientIds() {\r\n return this._clientIds?.enterpriseClientIds;\r\n }\r\n\r\n public setEnterpriseClientId(serviceBaseUrl: string, clientId: string) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n const foundIdx = this._clientIds.enterpriseClientIds.findIndex((entry) => entry.serviceBaseUrl === serviceBaseUrl);\r\n if (foundIdx !== -1) {\r\n this._clientIds.enterpriseClientIds[foundIdx].clientId = clientId;\r\n } else {\r\n this._clientIds.enterpriseClientIds.push({ serviceBaseUrl, clientId });\r\n }\r\n } else {\r\n if (this._clientIds === undefined) {\r\n this._clientIds = {};\r\n }\r\n this._clientIds.enterpriseClientIds = [{ serviceBaseUrl, clientId }];\r\n }\r\n }\r\n\r\n public removeEnterpriseClientId(clientId: ArcGisEnterpriseClientId) {\r\n\r\n if (this._clientIds?.enterpriseClientIds) {\r\n this._clientIds.enterpriseClientIds = this._clientIds?.enterpriseClientIds?.filter((item) => item.serviceBaseUrl !== clientId.serviceBaseUrl);\r\n }\r\n\r\n }\r\n\r\n /// //////////\r\n /** @internal */\r\n private async getOAuthTokenForMapLayerUrl(mapLayerUrl: string): Promise<ArcGisOAuth2Token | undefined> {\r\n try {\r\n const oauthEndpoint = await this.getOAuth2Endpoint(mapLayerUrl, ArcGisOAuth2EndpointType.Authorize);\r\n if (oauthEndpoint !== undefined) {\r\n const oauthEndpointUrl = new URL(oauthEndpoint.getUrl());\r\n return ArcGisTokenManager.getOAuth2Token(oauthEndpointUrl.origin);\r\n }\r\n } catch { }\r\n return undefined;\r\n }\r\n\r\n // Mapping between a map-layer URL and its corresponding Oauth endpoint\r\n // i.e. \t https://hostname/server/rest/services/NewYork/NewYork3857/MapServer\r\n // => https://hostname/portal/sharing/oauth2/authorize\r\n\r\n private _endPointsCache = new Map<MapLayerUrl, EndPointsCacheEntry>();\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private cacheEndpoint(url: MapLayerUrl, endpointType: ArcGisOAuth2EndpointType, endPoint: ArcGisOAuth2Endpoint) {\r\n const entry = endpointType === ArcGisOAuth2EndpointType.Authorize ? {authorizeEndpoint: endPoint} : {tokenEndpoint: endPoint};\r\n this._endPointsCache.set(url, entry);\r\n }\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private async createEndpoint(mapLayerUrl: MapLayerUrl, oauthEndpointUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\r\n // Validate the URL we just composed\r\n const oauthEndpoint = new ArcGisOAuth2Endpoint(oauthEndpointUrl, this.constructLoginUrl(oauthEndpointUrl, false), false);\r\n this.cacheEndpoint(mapLayerUrl, endpointType, oauthEndpoint);\r\n return oauthEndpoint;\r\n }\r\n\r\n /**\r\n * Returns whether the ArcGis host is valid\r\n * @internal\r\n */\r\n private isArcGisHostValid(url: URL): boolean {\r\n const allowedHosts = [\r\n \"arcgis.com\",\r\n ];\r\n\r\n return allowedHosts.some((host: string) => url.hostname.toLowerCase().endsWith(host));\r\n }\r\n\r\n private async validateEndpointUrl(url: string) {\r\n let valid: boolean|undefined;\r\n try {\r\n valid = await ArcGisAccessClient.validateOAuth2Endpoint(url.toString());\r\n } catch {\r\n // If we reach here, this means we could not validate properly the endpoint;\r\n // we cannot conclude the endpoint is invalid though; it might happen endpoint doesn't support CORS requests,\r\n // but still valid for Oauth process.\r\n }\r\n return valid;\r\n }\r\n\r\n /**\r\n * Get OAuth2 endpoint that must be cause to get the Oauth2 token\r\n * @internal\r\n */\r\n private async getOAuth2Endpoint(mapLayerUrl: string, endpointType: ArcGisOAuth2EndpointType): Promise<ArcGisOAuth2Endpoint | undefined> {\r\n // Return from cache if available\r\n const cachedEndpoint = this._endPointsCache.get(mapLayerUrl);\r\n if (cachedEndpoint !== undefined) {\r\n return (endpointType === ArcGisOAuth2EndpointType.Authorize ? cachedEndpoint.authorizeEndpoint : cachedEndpoint.authorizeEndpoint);\r\n }\r\n\r\n const endpointStr = (endpointType === ArcGisOAuth2EndpointType.Authorize ? \"authorize\" : \"token\");\r\n\r\n const urlObj = new URL(mapLayerUrl);\r\n\r\n if (this.isArcGisHostValid(urlObj)) {\r\n // ArcGIS Online (fixed)\r\n // Doc: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/\r\n\r\n if (this.arcGisOnlineClientId === undefined) {\r\n return undefined;\r\n }\r\n\r\n const oauth2Url = `https://www.arcgis.com/sharing/rest/oauth2/${endpointStr}`;\r\n return new ArcGisOAuth2Endpoint(oauth2Url, this.constructLoginUrl(oauth2Url, true), true);\r\n } else {\r\n\r\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\r\n try {\r\n const restUrlFromTokenService = await ArcGisUrl.getRestUrlFromGenerateTokenUrl(urlObj);\r\n\r\n if (restUrlFromTokenService === undefined) {\r\n // We could not derive the token endpoint from 'tokenServicesUrl'.\r\n // ArcGIS Enterprise Format https://<host>:<port>/<subdirectory>/sharing/rest/oauth2/authorize\r\n const regExMatch = mapLayerUrl.match(new RegExp(/([^&\\/]+)\\/rest\\/services\\/.*/, \"i\"));\r\n if (regExMatch !== null && regExMatch.length >= 2) {\r\n const subdirectory = regExMatch[1];\r\n const port = (urlObj.port !== \"80\" && urlObj.port !== \"443\") ? `:${urlObj.port}` : \"\";\r\n const newUrlObj = new URL(`${urlObj.protocol}//${urlObj.hostname}${port}/${subdirectory}/sharing/rest/oauth2/${endpointStr}`);\r\n\r\n // Check again the URL we just composed\r\n const isValidUrl = await this.validateEndpointUrl(newUrlObj.toString());\r\n if (isValidUrl === undefined || isValidUrl ) {\r\n const endpoint = await this.createEndpoint(mapLayerUrl, newUrlObj.toString(), endpointType);\r\n if (endpoint)\r\n return endpoint;\r\n }\r\n }\r\n } else {\r\n const oauthEndpointUrl = `${restUrlFromTokenService.toString()}oauth2/${endpointStr}`;\r\n const isValidUrl = await this.validateEndpointUrl(oauthEndpointUrl);\r\n if (isValidUrl === undefined || isValidUrl ) {\r\n const endpoint = await this.createEndpoint(mapLayerUrl, oauthEndpointUrl, endpointType);\r\n if (endpoint)\r\n return endpoint;\r\n }\r\n }\r\n } catch {\r\n }\r\n }\r\n\r\n // If we reach here, we were not successful creating an endpoint\r\n this._endPointsCache.set(mapLayerUrl, {}); // Cache an empty entry, and avoid making repeated failing requests.\r\n\r\n return undefined; // we could not find any valid oauth2 endpoint\r\n }\r\n\r\n /**\r\n * Construct the complete Authorize url to starts the Oauth process\r\n * @internal\r\n */\r\n private constructLoginUrl(url: string, isArcgisOnline: boolean) {\r\n const urlObj = new URL(url);\r\n\r\n // Set the client id\r\n if (isArcgisOnline) {\r\n const clientId = this.arcGisOnlineClientId;\r\n assert(clientId !== undefined);\r\n if (clientId !== undefined) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n\r\n } else {\r\n const clientId = this.getMatchingEnterpriseClientId(url);\r\n assert(clientId !== undefined);\r\n if (undefined !== clientId) {\r\n urlObj.searchParams.set(\"client_id\", clientId);\r\n }\r\n }\r\n\r\n urlObj.searchParams.set(\"response_type\", \"token\");\r\n if (this.expiration !== undefined) {\r\n urlObj.searchParams.set(\"expiration\", `${this.expiration}`);\r\n }\r\n\r\n if (this.redirectUri)\r\n urlObj.searchParams.set(\"redirect_uri\", this.redirectUri);\r\n\r\n return urlObj.toString();\r\n }\r\n\r\n}\r\n"]}
package/lib/esm/ArcGis/ArcGisOAuth2Endpoint.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisOAuth2Endpoint.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisOAuth2Endpoint.ts"],"names":[],"mappings":"AAMA,gBAAgB;AAChB,MAAM,CAAN,IAAY,wBAA0C;AAAtD,WAAY,wBAAwB;IAAE,iFAAS,CAAA;IAAC,yEAAK,CAAA;AAAA,CAAC,EAA1C,wBAAwB,KAAxB,wBAAwB,QAAkB;AAEtD,gBAAgB;AAChB,MAAM,OAAO,oBAAoB;IACvB,IAAI,CAAS;IACb,SAAS,CAAS;IAClB,eAAe,CAAU;IAEjC,YAAY,GAAW,EAAE,QAAgB,EAAE,cAAuB;QAChE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,cAAc,CAAC;IACxC,CAAC;IAED,kCAAkC;IAC3B,MAAM;QACX,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED;;;;;OAKG;IACI,WAAW,CAAC,SAAe;QAChC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAEvC,MAAM,IAAI,GAAG;YACX,cAAc,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,EAAK,uCAAuC;YACrF,UAAU,EAAE,SAAS,EAAyB,gBAAgB;SAC/D,CAAC;QAEF,IAAI,QAAQ,CAAC;QACb,IAAI,CAAC;YACH,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAClC,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QACD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC7C,CAAC;QAED,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;IAED,IAAW,cAAc,KAAI,OAAO,IAAI,CAAC,eAAe,CAAC,CAAA,CAAC;CAE3D","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\nimport { MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\n\n/** @internal */\nexport enum ArcGisOAuth2EndpointType {Authorize,Token}\n\n/** @internal */\nexport class ArcGisOAuth2Endpoint implements MapLayerTokenEndpoint {\n private _url: string;\n private _loginUrl: string;\n private _isArcgisOnline: boolean;\n\n constructor(url: string, loginUrl: string, isArcgisOnline: boolean) {\n this._url = url;\n this._loginUrl = loginUrl;\n this._isArcgisOnline = isArcgisOnline;\n }\n\n // Returns the actual endpoint url\n public getUrl() {\n return this._url;\n }\n\n /**\n * Returns the URL used to login and generate the Oauth token.\n * @param stateData Custom JSON data that will sent back by once the Oauth process completes\n * @returns Promise resolves after the defaults are setup.\n * @internal\n */\n public getLoginUrl(stateData?: any) {\n const urlObj = new URL(this._loginUrl);\n\n const data = {\n endpointOrigin: new URL(this._url).origin, // arcGisOAuth2Callback depends on this\n customData: stateData, // caller's data\n };\n\n let stateStr;\n try {\n stateStr = JSON.stringify(data);\n } catch {\n\n }\n if (stateStr !== undefined) {\n urlObj.searchParams.set(\"state\", stateStr);\n }\n\n return urlObj.toString();\n }\n\n public get isArcgisOnline() {return this._isArcgisOnline;}\n\n}\n"]}
1
+ {"version":3,"file":"ArcGisOAuth2Endpoint.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisOAuth2Endpoint.ts"],"names":[],"mappings":"AAMA,gBAAgB;AAChB,MAAM,CAAN,IAAY,wBAA0C;AAAtD,WAAY,wBAAwB;IAAE,iFAAS,CAAA;IAAC,yEAAK,CAAA;AAAA,CAAC,EAA1C,wBAAwB,KAAxB,wBAAwB,QAAkB;AAEtD,gBAAgB;AAChB,MAAM,OAAO,oBAAoB;IACvB,IAAI,CAAS;IACb,SAAS,CAAS;IAClB,eAAe,CAAU;IAEjC,YAAY,GAAW,EAAE,QAAgB,EAAE,cAAuB;QAChE,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;QAChB,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,cAAc,CAAC;IACxC,CAAC;IAED,kCAAkC;IAC3B,MAAM;QACX,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED;;;;;OAKG;IACI,WAAW,CAAC,SAAe;QAChC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAEvC,MAAM,IAAI,GAAG;YACX,cAAc,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,EAAK,uCAAuC;YACrF,UAAU,EAAE,SAAS,EAAyB,gBAAgB;SAC/D,CAAC;QAEF,IAAI,QAAQ,CAAC;QACb,IAAI,CAAC;YACH,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAClC,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QACD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC7C,CAAC;QAED,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;IAED,IAAW,cAAc,KAAI,OAAO,IAAI,CAAC,eAAe,CAAC,CAAA,CAAC;CAE3D","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\nimport { MapLayerTokenEndpoint } from \"@itwin/core-frontend\";\r\n\r\n/** @internal */\r\nexport enum ArcGisOAuth2EndpointType {Authorize,Token}\r\n\r\n/** @internal */\r\nexport class ArcGisOAuth2Endpoint implements MapLayerTokenEndpoint {\r\n private _url: string;\r\n private _loginUrl: string;\r\n private _isArcgisOnline: boolean;\r\n\r\n constructor(url: string, loginUrl: string, isArcgisOnline: boolean) {\r\n this._url = url;\r\n this._loginUrl = loginUrl;\r\n this._isArcgisOnline = isArcgisOnline;\r\n }\r\n\r\n // Returns the actual endpoint url\r\n public getUrl() {\r\n return this._url;\r\n }\r\n\r\n /**\r\n * Returns the URL used to login and generate the Oauth token.\r\n * @param stateData Custom JSON data that will sent back by once the Oauth process completes\r\n * @returns Promise resolves after the defaults are setup.\r\n * @internal\r\n */\r\n public getLoginUrl(stateData?: any) {\r\n const urlObj = new URL(this._loginUrl);\r\n\r\n const data = {\r\n endpointOrigin: new URL(this._url).origin, // arcGisOAuth2Callback depends on this\r\n customData: stateData, // caller's data\r\n };\r\n\r\n let stateStr;\r\n try {\r\n stateStr = JSON.stringify(data);\r\n } catch {\r\n\r\n }\r\n if (stateStr !== undefined) {\r\n urlObj.searchParams.set(\"state\", stateStr);\r\n }\r\n\r\n return urlObj.toString();\r\n }\r\n\r\n public get isArcgisOnline() {return this._isArcgisOnline;}\r\n\r\n}\r\n"]}
package/lib/esm/ArcGis/ArcGisTokenGenerator.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisTokenGenerator.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenGenerator.ts"],"names":[],"mappings":"AAmCA,4GAA4G;AAC5G,gBAAgB;AAChB,MAAM,CAAN,IAAY,qBAIX;AAJD,WAAY,qBAAqB;IAC/B,6DAAE,CAAA;IACF,uEAAO,CAAA;IACP,2EAAS,CAAA;AACX,CAAC,EAJW,qBAAqB,KAArB,qBAAqB,QAIhC;AA8BD,gBAAgB;AAChB,MAAM,OAAO,oBAAoB;IACvB,MAAM,CAAU,WAAW,GAAG,QAAQ,CAAC;IACvC,MAAM,CAAU,eAAe,GAAG,cAAc,CAAC;IAEzD,wEAAwE;IAChE,MAAM,CAAC,qBAAqB,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE1D,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,oBAA4B;QACnE,MAAM,QAAQ,GAAG,oBAAoB,CAAC,WAAW,EAAE,CAAC;QACpD,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC;QACtE,IAAI,UAAU,KAAK,CAAC,CAAC;YACnB,OAAO,SAAS,CAAC;QACnB,MAAM,OAAO,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC,EAAE,UAAU,GAAG,oBAAoB,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,oBAAoB,CAAC,eAAe,CAAC;QAE/I,IAAI,gBAAoC,CAAC;QACzC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACzD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,gBAAgB,GAAG,oBAAoB,CAAC,2BAA2B,CAAC,IAAI,CAAC,CAAC;QAC5E,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAEM,MAAM,CAAC,2BAA2B,CAAC,IAAS;QACjD,OAAO,IAAI,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;IAC5F,CAAC;IAEM,KAAK,CAAC,kBAAkB,CAAC,OAAe;QAC7C,MAAM,MAAM,GAAG,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACvE,IAAI,MAAM,KAAK,SAAS;YACtB,OAAO,MAAM,CAAC;QAEhB,MAAM,eAAe,GAAG,MAAM,oBAAoB,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;QACjF,IAAI,eAAe,KAAK,SAAS;YAC/B,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAE3E,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,6FAA6F;IACtF,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QACzH,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,oBAAoB,CAAC,CAAC;QAC5E,IAAI,CAAC,eAAe;YAClB,OAAO,SAAS,CAAC;QAEnB,IAAI,KAAgB,CAAC;QACrB,IAAI,CAAC;YACH,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YACrD,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YAErD,+BAA+B;YAC/B,IAAI,aAAa,GAAG,EAAE,CAAC;YACvB,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;gBACvB,aAAa,GAAG,eAAe,OAAO,CAAC,UAAU,EAAE,CAAC;YACtD,CAAC;YAED,2BAA2B;YAC3B,IAAI,SAAS,GAAG,EAAE,CAAC;YACnB,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,OAAO,EAAE,CAAC;gBACrD,IAAI,UAAU,GAAG,EAAE,CAAC;gBACpB,IAAI,OAAO,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;oBAClC,UAAU,GAAG,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAK,gCAAgC;gBACxF,CAAC;qBAAM,CAAC;oBACN,UAAU,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;gBACnD,CAAC;gBAED,SAAS,GAAG,2BAA2B,UAAU,EAAE,CAAC;YACtD,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,EAAE,EAAE,CAAC;gBACvD,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS;oBAC1B,OAAO,KAAK,CAAC;gBACf,SAAS,GAAG,iBAAiB,OAAO,CAAC,EAAE,EAAE,CAAC;YAC5C,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,SAAS,EAAE,CAAC;gBAC9D,SAAS,GAAG,uBAAuB,CAAC;YACtC,CAAC;YAED,MAAM,kBAAkB,GAAgB;gBACtC,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,YAAY,eAAe,aAAa,eAAe,GAAG,SAAS,GAAG,aAAa,UAAU;gBACnG,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;aACjE,CAAC;YAEF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC;YAElE,0EAA0E;YAC1E,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEhC,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gIAAgI;IAChI,2HAA2H;IACpH,MAAM,CAAC,UAAU,CAAC,GAAW;QAClC,OAAO,oBAAoB,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACtE,CAAC;IAED,2EAA2E;IAC3E,qDAAqD;IAC9C,MAAM,CAAC,aAAa,CAAC,GAAW;QACrC,OAAO,kBAAkB,CAAC,GAAG,CAAC;aAC3B,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;IAC3B,CAAC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\n\n/** @packageDocumentation\n * @module Tiles\n */\n\n/** @internal */\nexport interface ArcGisOAuth2Token extends MapLayerAccessToken {\n\n // The expiration time of the token in milliseconds (UNIX time)\n expiresAt: number;\n\n // This property will show as true if the token must always pass over ssl.\n ssl: boolean;\n\n // Username associated with this token\n userName: string;\n\n // A Binary value that, if true, implies that the user had checked \"Keep me signed in\"\n persist?: boolean;\n}\n\n/** @internal */\nexport interface ArcGisToken extends MapLayerAccessToken {\n // The expiration time of the token in milliseconds since January 1, 1970 (UTC).\n expires: number;\n\n // This property will show as true if the token must always pass over ssl.\n ssl: boolean;\n}\n\n// client application's base URL, a user-specified IP address, or the IP address that is making the request.\n/** @internal */\nexport enum ArcGisTokenClientType {\n ip,\n referer,\n requestIp,\n}\n\n/** @internal */\nexport interface ArcGisGenerateTokenOptions {\n\n // The client type that will be granted access to the token.\n // Users will be able to specify whether the token will be generated for a client application's base URL,\n // a user-specified IP address, or the IP address that is making the request.\n client: ArcGisTokenClientType;\n\n // The IP address that will be using the created token for access.\n // On the Generate Token page, the IP address is specified in the IP Address field. This is required when client has been set as ip.\n // Example ip=11.11.111.111\n ip?: string;\n\n // The base URL of the client application that will use the token.\n // On the Generate Token page, the referrer URL is specified in the Webapp URL field.\n // Defaults to location.origin if undefined and client = referer.\n // This is required when client has been set as referer.\n // Example : referer=https://myserver/mywebapp\n referer?: string;\n\n // The token expiration time in minutes. The default is 60 minutes (one hour).\n // The maximum expiration period is 15 days. The maximum value of the expiration time is controlled by the server.\n // Requests for tokens larger than this time will be rejected.\n // Applications are responsible for renewing expired tokens;\n // expired tokens will be rejected by the server on subsequent requests that use the token.\n expiration?: number; // in minutes, defaults to 60 minutes\n}\n\n/** @internal */\nexport class ArcGisTokenGenerator {\n private static readonly restApiPath = \"/rest/\";\n private static readonly restApiInfoPath = \"info?f=pjson\";\n\n // Cache info url to avoid fetching/parsing twice for the same base url.\n private static _tokenServiceUrlCache = new Map<string, string>();\n\n public static async fetchTokenServiceUrl(arcGisRestServiceUrl: string): Promise<string | undefined> {\n const lowerUrl = arcGisRestServiceUrl.toLowerCase();\n const restApiIdx = lowerUrl.indexOf(ArcGisTokenGenerator.restApiPath);\n if (restApiIdx === -1)\n return undefined;\n const infoUrl = arcGisRestServiceUrl.substring(0, restApiIdx + ArcGisTokenGenerator.restApiPath.length) + ArcGisTokenGenerator.restApiInfoPath;\n\n let tokenServicesUrl: string | undefined;\n try {\n const response = await fetch(infoUrl, { method: \"GET\" });\n const json = await response.json();\n tokenServicesUrl = ArcGisTokenGenerator.getTokenServiceFromInfoJson(json);\n } catch { }\n return tokenServicesUrl;\n }\n\n public static getTokenServiceFromInfoJson(json: any): string | undefined {\n return json.authInfo?.isTokenBasedSecurity ? json?.authInfo?.tokenServicesUrl : undefined;\n }\n\n public async getTokenServiceUrl(baseUrl: string): Promise<string | undefined> {\n const cached = ArcGisTokenGenerator._tokenServiceUrlCache.get(baseUrl);\n if (cached !== undefined)\n return cached;\n\n const tokenServiceUrl = await ArcGisTokenGenerator.fetchTokenServiceUrl(baseUrl);\n if (tokenServiceUrl !== undefined)\n ArcGisTokenGenerator._tokenServiceUrlCache.set(baseUrl, tokenServiceUrl);\n\n return tokenServiceUrl;\n }\n\n // base url: ArcGis REST service base URL (format must be \"https://<host>/<instance>/rest/\")\n public async generate(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<any> {\n const tokenServiceUrl = await this.getTokenServiceUrl(arcGisRestServiceUrl);\n if (!tokenServiceUrl)\n return undefined;\n\n let token: undefined;\n try {\n const encodedUsername = encodeURIComponent(userName);\n const encodedPassword = encodeURIComponent(password);\n\n // Compose the expiration param\n let expirationStr = \"\";\n if (options.expiration) {\n expirationStr = `&expiration=${options.expiration}`;\n }\n\n // Compose the client param\n let clientStr = \"\";\n if (options.client === ArcGisTokenClientType.referer) {\n let refererStr = \"\";\n if (options.referer === undefined) {\n refererStr = encodeURIComponent(location.origin); // default to application origin\n } else {\n refererStr = encodeURIComponent(options.referer);\n }\n\n clientStr = `&client=referer&referer=${refererStr}`;\n } else if (options.client === ArcGisTokenClientType.ip) {\n if (options.ip === undefined)\n return token;\n clientStr = `&client=ip&ip=${options.ip}`;\n } else if (options.client === ArcGisTokenClientType.requestIp) {\n clientStr = `&client=requestip&ip=`;\n }\n\n const httpRequestOptions: RequestInit = {\n method: \"POST\",\n body: `username=${encodedUsername}&password=${encodedPassword}${clientStr}${expirationStr}&f=pjson`,\n headers: { \"content-type\": \"application/x-www-form-urlencoded\" },\n };\n\n const response = await fetch(tokenServiceUrl, httpRequestOptions);\n\n // Check a token was really generated (an error could be part of the body)\n token = await response.json();\n\n } catch { }\n return token;\n }\n\n // Encode following 'application/x-www-form-urlencoded' standard (https://www.w3.org/TR/html401/interact/forms.html#h-17.13.3.3)\n // Also mentioned here: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent\n public static formEncode(str: string): string {\n return ArcGisTokenGenerator.rfc1738Encode(str).replace(/%20/g, \"+\");\n }\n\n // Encode following RFC1738 standard (https://www.ietf.org/rfc/rfc1738.txt)\n // Code from https://locutus.io/php/url/rawurlencode/\n public static rfc1738Encode(str: string): string {\n return encodeURIComponent(str)\n .replace(/!/g, \"%21\")\n .replace(/'/g, \"%27\")\n .replace(/\\(/g, \"%28\")\n .replace(/\\)/g, \"%29\")\n .replace(/\\*/g, \"%2A\");\n }\n}\n"]}
1
+ {"version":3,"file":"ArcGisTokenGenerator.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenGenerator.ts"],"names":[],"mappings":"AAmCA,4GAA4G;AAC5G,gBAAgB;AAChB,MAAM,CAAN,IAAY,qBAIX;AAJD,WAAY,qBAAqB;IAC/B,6DAAE,CAAA;IACF,uEAAO,CAAA;IACP,2EAAS,CAAA;AACX,CAAC,EAJW,qBAAqB,KAArB,qBAAqB,QAIhC;AA8BD,gBAAgB;AAChB,MAAM,OAAO,oBAAoB;IACvB,MAAM,CAAU,WAAW,GAAG,QAAQ,CAAC;IACvC,MAAM,CAAU,eAAe,GAAG,cAAc,CAAC;IAEzD,wEAAwE;IAChE,MAAM,CAAC,qBAAqB,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE1D,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,oBAA4B;QACnE,MAAM,QAAQ,GAAG,oBAAoB,CAAC,WAAW,EAAE,CAAC;QACpD,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC;QACtE,IAAI,UAAU,KAAK,CAAC,CAAC;YACnB,OAAO,SAAS,CAAC;QACnB,MAAM,OAAO,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC,EAAE,UAAU,GAAG,oBAAoB,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,oBAAoB,CAAC,eAAe,CAAC;QAE/I,IAAI,gBAAoC,CAAC;QACzC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACzD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,gBAAgB,GAAG,oBAAoB,CAAC,2BAA2B,CAAC,IAAI,CAAC,CAAC;QAC5E,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAEM,MAAM,CAAC,2BAA2B,CAAC,IAAS;QACjD,OAAO,IAAI,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;IAC5F,CAAC;IAEM,KAAK,CAAC,kBAAkB,CAAC,OAAe;QAC7C,MAAM,MAAM,GAAG,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACvE,IAAI,MAAM,KAAK,SAAS;YACtB,OAAO,MAAM,CAAC;QAEhB,MAAM,eAAe,GAAG,MAAM,oBAAoB,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;QACjF,IAAI,eAAe,KAAK,SAAS;YAC/B,oBAAoB,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAE3E,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,6FAA6F;IACtF,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QACzH,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,oBAAoB,CAAC,CAAC;QAC5E,IAAI,CAAC,eAAe;YAClB,OAAO,SAAS,CAAC;QAEnB,IAAI,KAAgB,CAAC;QACrB,IAAI,CAAC;YACH,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YACrD,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YAErD,+BAA+B;YAC/B,IAAI,aAAa,GAAG,EAAE,CAAC;YACvB,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;gBACvB,aAAa,GAAG,eAAe,OAAO,CAAC,UAAU,EAAE,CAAC;YACtD,CAAC;YAED,2BAA2B;YAC3B,IAAI,SAAS,GAAG,EAAE,CAAC;YACnB,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,OAAO,EAAE,CAAC;gBACrD,IAAI,UAAU,GAAG,EAAE,CAAC;gBACpB,IAAI,OAAO,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;oBAClC,UAAU,GAAG,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAK,gCAAgC;gBACxF,CAAC;qBAAM,CAAC;oBACN,UAAU,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;gBACnD,CAAC;gBAED,SAAS,GAAG,2BAA2B,UAAU,EAAE,CAAC;YACtD,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,EAAE,EAAE,CAAC;gBACvD,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS;oBAC1B,OAAO,KAAK,CAAC;gBACf,SAAS,GAAG,iBAAiB,OAAO,CAAC,EAAE,EAAE,CAAC;YAC5C,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,qBAAqB,CAAC,SAAS,EAAE,CAAC;gBAC9D,SAAS,GAAG,uBAAuB,CAAC;YACtC,CAAC;YAED,MAAM,kBAAkB,GAAgB;gBACtC,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,YAAY,eAAe,aAAa,eAAe,GAAG,SAAS,GAAG,aAAa,UAAU;gBACnG,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;aACjE,CAAC;YAEF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC;YAElE,0EAA0E;YAC1E,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEhC,CAAC;QAAC,MAAM,CAAC,CAAC,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gIAAgI;IAChI,2HAA2H;IACpH,MAAM,CAAC,UAAU,CAAC,GAAW;QAClC,OAAO,oBAAoB,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACtE,CAAC;IAED,2EAA2E;IAC3E,qDAAqD;IAC9C,MAAM,CAAC,aAAa,CAAC,GAAW;QACrC,OAAO,kBAAkB,CAAC,GAAG,CAAC;aAC3B,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;aACpB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;aACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;IAC3B,CAAC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\r\n\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\n/** @internal */\r\nexport interface ArcGisOAuth2Token extends MapLayerAccessToken {\r\n\r\n // The expiration time of the token in milliseconds (UNIX time)\r\n expiresAt: number;\r\n\r\n // This property will show as true if the token must always pass over ssl.\r\n ssl: boolean;\r\n\r\n // Username associated with this token\r\n userName: string;\r\n\r\n // A Binary value that, if true, implies that the user had checked \"Keep me signed in\"\r\n persist?: boolean;\r\n}\r\n\r\n/** @internal */\r\nexport interface ArcGisToken extends MapLayerAccessToken {\r\n // The expiration time of the token in milliseconds since January 1, 1970 (UTC).\r\n expires: number;\r\n\r\n // This property will show as true if the token must always pass over ssl.\r\n ssl: boolean;\r\n}\r\n\r\n// client application's base URL, a user-specified IP address, or the IP address that is making the request.\r\n/** @internal */\r\nexport enum ArcGisTokenClientType {\r\n ip,\r\n referer,\r\n requestIp,\r\n}\r\n\r\n/** @internal */\r\nexport interface ArcGisGenerateTokenOptions {\r\n\r\n // The client type that will be granted access to the token.\r\n // Users will be able to specify whether the token will be generated for a client application's base URL,\r\n // a user-specified IP address, or the IP address that is making the request.\r\n client: ArcGisTokenClientType;\r\n\r\n // The IP address that will be using the created token for access.\r\n // On the Generate Token page, the IP address is specified in the IP Address field. This is required when client has been set as ip.\r\n // Example ip=11.11.111.111\r\n ip?: string;\r\n\r\n // The base URL of the client application that will use the token.\r\n // On the Generate Token page, the referrer URL is specified in the Webapp URL field.\r\n // Defaults to location.origin if undefined and client = referer.\r\n // This is required when client has been set as referer.\r\n // Example : referer=https://myserver/mywebapp\r\n referer?: string;\r\n\r\n // The token expiration time in minutes. The default is 60 minutes (one hour).\r\n // The maximum expiration period is 15 days. The maximum value of the expiration time is controlled by the server.\r\n // Requests for tokens larger than this time will be rejected.\r\n // Applications are responsible for renewing expired tokens;\r\n // expired tokens will be rejected by the server on subsequent requests that use the token.\r\n expiration?: number; // in minutes, defaults to 60 minutes\r\n}\r\n\r\n/** @internal */\r\nexport class ArcGisTokenGenerator {\r\n private static readonly restApiPath = \"/rest/\";\r\n private static readonly restApiInfoPath = \"info?f=pjson\";\r\n\r\n // Cache info url to avoid fetching/parsing twice for the same base url.\r\n private static _tokenServiceUrlCache = new Map<string, string>();\r\n\r\n public static async fetchTokenServiceUrl(arcGisRestServiceUrl: string): Promise<string | undefined> {\r\n const lowerUrl = arcGisRestServiceUrl.toLowerCase();\r\n const restApiIdx = lowerUrl.indexOf(ArcGisTokenGenerator.restApiPath);\r\n if (restApiIdx === -1)\r\n return undefined;\r\n const infoUrl = arcGisRestServiceUrl.substring(0, restApiIdx + ArcGisTokenGenerator.restApiPath.length) + ArcGisTokenGenerator.restApiInfoPath;\r\n\r\n let tokenServicesUrl: string | undefined;\r\n try {\r\n const response = await fetch(infoUrl, { method: \"GET\" });\r\n const json = await response.json();\r\n tokenServicesUrl = ArcGisTokenGenerator.getTokenServiceFromInfoJson(json);\r\n } catch { }\r\n return tokenServicesUrl;\r\n }\r\n\r\n public static getTokenServiceFromInfoJson(json: any): string | undefined {\r\n return json.authInfo?.isTokenBasedSecurity ? json?.authInfo?.tokenServicesUrl : undefined;\r\n }\r\n\r\n public async getTokenServiceUrl(baseUrl: string): Promise<string | undefined> {\r\n const cached = ArcGisTokenGenerator._tokenServiceUrlCache.get(baseUrl);\r\n if (cached !== undefined)\r\n return cached;\r\n\r\n const tokenServiceUrl = await ArcGisTokenGenerator.fetchTokenServiceUrl(baseUrl);\r\n if (tokenServiceUrl !== undefined)\r\n ArcGisTokenGenerator._tokenServiceUrlCache.set(baseUrl, tokenServiceUrl);\r\n\r\n return tokenServiceUrl;\r\n }\r\n\r\n // base url: ArcGis REST service base URL (format must be \"https://<host>/<instance>/rest/\")\r\n public async generate(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<any> {\r\n const tokenServiceUrl = await this.getTokenServiceUrl(arcGisRestServiceUrl);\r\n if (!tokenServiceUrl)\r\n return undefined;\r\n\r\n let token: undefined;\r\n try {\r\n const encodedUsername = encodeURIComponent(userName);\r\n const encodedPassword = encodeURIComponent(password);\r\n\r\n // Compose the expiration param\r\n let expirationStr = \"\";\r\n if (options.expiration) {\r\n expirationStr = `&expiration=${options.expiration}`;\r\n }\r\n\r\n // Compose the client param\r\n let clientStr = \"\";\r\n if (options.client === ArcGisTokenClientType.referer) {\r\n let refererStr = \"\";\r\n if (options.referer === undefined) {\r\n refererStr = encodeURIComponent(location.origin); // default to application origin\r\n } else {\r\n refererStr = encodeURIComponent(options.referer);\r\n }\r\n\r\n clientStr = `&client=referer&referer=${refererStr}`;\r\n } else if (options.client === ArcGisTokenClientType.ip) {\r\n if (options.ip === undefined)\r\n return token;\r\n clientStr = `&client=ip&ip=${options.ip}`;\r\n } else if (options.client === ArcGisTokenClientType.requestIp) {\r\n clientStr = `&client=requestip&ip=`;\r\n }\r\n\r\n const httpRequestOptions: RequestInit = {\r\n method: \"POST\",\r\n body: `username=${encodedUsername}&password=${encodedPassword}${clientStr}${expirationStr}&f=pjson`,\r\n headers: { \"content-type\": \"application/x-www-form-urlencoded\" },\r\n };\r\n\r\n const response = await fetch(tokenServiceUrl, httpRequestOptions);\r\n\r\n // Check a token was really generated (an error could be part of the body)\r\n token = await response.json();\r\n\r\n } catch { }\r\n return token;\r\n }\r\n\r\n // Encode following 'application/x-www-form-urlencoded' standard (https://www.w3.org/TR/html401/interact/forms.html#h-17.13.3.3)\r\n // Also mentioned here: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent\r\n public static formEncode(str: string): string {\r\n return ArcGisTokenGenerator.rfc1738Encode(str).replace(/%20/g, \"+\");\r\n }\r\n\r\n // Encode following RFC1738 standard (https://www.ietf.org/rfc/rfc1738.txt)\r\n // Code from https://locutus.io/php/url/rawurlencode/\r\n public static rfc1738Encode(str: string): string {\r\n return encodeURIComponent(str)\r\n .replace(/!/g, \"%21\")\r\n .replace(/'/g, \"%27\")\r\n .replace(/\\(/g, \"%28\")\r\n .replace(/\\)/g, \"%29\")\r\n .replace(/\\*/g, \"%2A\");\r\n }\r\n}\r\n"]}
package/lib/esm/ArcGis/ArcGisTokenManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisTokenManager.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenManager.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F;;GAEG;AAGH,OAAO,EAA8D,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAO7H,gBAAgB;AAChB,MAAM,OAAO,kBAAkB;IACrB,MAAM,CAAU,oBAAoB,GAAG,MAAM,CAAC,CAAE,4BAA4B;IAC5E,MAAM,CAAC,MAAM,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC/C,MAAM,CAAC,YAAY,CAA6C;IAChE,MAAM,CAAC,UAAU,CAAmC;IACpD,MAAM,CAAU,kBAAkB,GAAG,aAAa,CAAC;IAEpD,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QAChI,IAAI,CAAC,kBAAkB,CAAC,UAAU;YAChC,kBAAkB,CAAC,UAAU,GAAG,IAAI,oBAAoB,EAAE,CAAC;QAE7D,MAAM,aAAa,GAAG,GAAG,kBAAkB,CAAC,QAAQ,CAAC,IAAI,oBAAoB,EAAE,CAAC;QAEhF,mCAAmC;QACnC,MAAM,WAAW,GAAG,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QAEjE,2GAA2G;QAC3G,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACjH,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,yCAAyC;QACzC,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,oBAAoB,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACjH,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,KAAK,GAAG,QAAuB,CAAC;YACtC,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;YACpD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,MAAM,CAAC,eAAe,CAAC,KAA0B;QAEtD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,MAAM,EAAE,CAAC;YACrD,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK;gBAC7B,OAAO,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjD,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW;QACtC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;YACvE,kBAAkB,CAAC,sBAAsB,EAAE,CAAC;QAC9C,CAAC;QAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAE7D,gFAAgF;QAChF,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,SAAS,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACnH,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC5C,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAEM,MAAM,CAAC,qBAAqB,CAAC,KAA0B;QAE5D,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;YACpC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;gBAC3D,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK,EAAC,CAAC;oBAC/B,MAAM,OAAO,GAAG,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBAC5D,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;oBAC1C,OAAO,OAAO,CAAC;gBACjB,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW,EAAE,KAAwB;QAEhE,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;QAEzE,CAAC;QACD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAEhD,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;IAC5C,CAAC;IAEM,MAAM,CAAC,sBAAsB;QAClC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,IAAwB,EAAE,EAAE;YAC/C,IAAI,IAAI,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC1D,MAAM,MAAM,GAAiC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC9D,IAAI,MAAM,EAAE,CAAC;oBACX,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;wBAClD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;oBAClD,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,WAAW,CAAC,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;QACjF,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;IACjF,CAAC;IAEM,MAAM,CAAC,oBAAoB;QAEhC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QACD,MAAM,aAAa,GAAqB,EAAE,CAAC;QAC3C,MAAM,aAAa,GAAqB,EAAE,CAAC;QAE3C,kBAAkB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,KAAwB,EAAE,GAAW,EAAE,EAAE;YAChF,oEAAoE;YACpE,gCAAgC;YAChC,gCAAgC;YAChC,WAAW;YACX,gCAAgC;YAChC,IAAI;YACJ,aAAa,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC7B,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;QACtF,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;IACtF,CAAC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @packageDocumentation\n * @module Tiles\n */\n\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\nimport { ArcGisGenerateTokenOptions, ArcGisOAuth2Token, ArcGisToken, ArcGisTokenGenerator } from \"./ArcGisTokenGenerator.js\";\n\n/** @internal */\ninterface ArcGisTokenProps {\n [hostname: string]: ArcGisOAuth2Token;\n}\n\n/** @internal */\nexport class ArcGisTokenManager {\n private static readonly tokenExpiryThreshold = 300000; // 5 minutes in milliseconds\n private static _cache = new Map<string, ArcGisToken>();\n private static _oauth2Cache: Map<string, ArcGisOAuth2Token> | undefined;\n private static _generator: ArcGisTokenGenerator | undefined;\n private static readonly _browserStorageKey = \"arcGisOAuth\";\n\n public static async getToken(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<ArcGisToken | undefined> {\n if (!ArcGisTokenManager._generator)\n ArcGisTokenManager._generator = new ArcGisTokenGenerator();\n\n const tokenCacheKey = `${encodeURIComponent(userName)}@${arcGisRestServiceUrl}`;\n\n // First check in the session cache\n const cachedToken = ArcGisTokenManager._cache.get(tokenCacheKey);\n\n // Check if token is in cached and is valid within the threshold, if not, generate a new token immediately.\n if (cachedToken !== undefined && (cachedToken.expires - (+new Date()) > ArcGisTokenManager.tokenExpiryThreshold)) {\n return cachedToken;\n }\n\n // Nothing in cache, generate a new token\n const newToken = await ArcGisTokenManager._generator.generate(arcGisRestServiceUrl, userName, password, options);\n if (newToken.token) {\n const token = newToken as ArcGisToken;\n ArcGisTokenManager._cache.set(tokenCacheKey, token);\n return token;\n }\n\n return undefined;\n }\n\n public static invalidateToken(token: MapLayerAccessToken): boolean {\n\n for (const [key, value] of ArcGisTokenManager._cache) {\n if (value.token === token.token)\n return ArcGisTokenManager._cache.delete(key);\n }\n\n return false;\n }\n\n public static getOAuth2Token(key: string): ArcGisOAuth2Token | undefined {\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\n ArcGisTokenManager.loadFromBrowserStorage();\n }\n\n const cachedToken = ArcGisTokenManager._oauth2Cache.get(key);\n\n // If cached token has expired (or about to expire), invalidate don't return it.\n if (cachedToken !== undefined && (cachedToken.expiresAt - (+new Date()) < ArcGisTokenManager.tokenExpiryThreshold)) {\n ArcGisTokenManager._oauth2Cache.delete(key);\n return undefined;\n }\n\n return cachedToken;\n }\n\n public static invalidateOAuth2Token(token: MapLayerAccessToken) {\n\n if (ArcGisTokenManager._oauth2Cache) {\n for (const [key, value] of ArcGisTokenManager._oauth2Cache) {\n if (value.token === token.token){\n const deleted = ArcGisTokenManager._oauth2Cache.delete(key);\n ArcGisTokenManager.saveToBrowserStorage();\n return deleted;\n }\n }\n }\n\n return false;\n }\n\n public static setOAuth2Token(key: string, token: ArcGisOAuth2Token) {\n\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\n\n }\n ArcGisTokenManager._oauth2Cache.set(key, token);\n\n ArcGisTokenManager.saveToBrowserStorage();\n }\n\n public static loadFromBrowserStorage() {\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n return;\n }\n\n const loadEntries = (json: string | undefined) => {\n if (json && ArcGisTokenManager._oauth2Cache !== undefined) {\n const tokens: ArcGisTokenProps | undefined = JSON.parse(json);\n if (tokens) {\n for (const [key, value] of Object.entries(tokens)) {\n ArcGisTokenManager._oauth2Cache.set(key, value);\n }\n }\n }\n };\n\n loadEntries(window.sessionStorage.getItem(this._browserStorageKey) ?? undefined);\n loadEntries(window.localStorage.getItem(this._browserStorageKey) ?? undefined);\n }\n\n public static saveToBrowserStorage() {\n\n if (ArcGisTokenManager._oauth2Cache === undefined) {\n return;\n }\n const sessionTokens: ArcGisTokenProps = {};\n const storageTokens: ArcGisTokenProps = {};\n\n ArcGisTokenManager._oauth2Cache.forEach((value: ArcGisOAuth2Token, key: string) => {\n // ignore the persist flag for now, and only save to session storage\n // if (value.persist === true) {\n // storageTokens[key] = value;\n // } else {\n // sessionTokens[key] = value;\n // }\n sessionTokens[key] = value;\n });\n window.sessionStorage.setItem(this._browserStorageKey, JSON.stringify(sessionTokens));\n window.localStorage.setItem(this._browserStorageKey, JSON.stringify(storageTokens));\n }\n\n}\n"]}
1
+ {"version":3,"file":"ArcGisTokenManager.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisTokenManager.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F;;GAEG;AAGH,OAAO,EAA8D,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAO7H,gBAAgB;AAChB,MAAM,OAAO,kBAAkB;IACrB,MAAM,CAAU,oBAAoB,GAAG,MAAM,CAAC,CAAE,4BAA4B;IAC5E,MAAM,CAAC,MAAM,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC/C,MAAM,CAAC,YAAY,CAA6C;IAChE,MAAM,CAAC,UAAU,CAAmC;IACpD,MAAM,CAAU,kBAAkB,GAAG,aAAa,CAAC;IAEpD,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,oBAA4B,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAmC;QAChI,IAAI,CAAC,kBAAkB,CAAC,UAAU;YAChC,kBAAkB,CAAC,UAAU,GAAG,IAAI,oBAAoB,EAAE,CAAC;QAE7D,MAAM,aAAa,GAAG,GAAG,kBAAkB,CAAC,QAAQ,CAAC,IAAI,oBAAoB,EAAE,CAAC;QAEhF,mCAAmC;QACnC,MAAM,WAAW,GAAG,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QAEjE,2GAA2G;QAC3G,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACjH,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,yCAAyC;QACzC,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,oBAAoB,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACjH,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,KAAK,GAAG,QAAuB,CAAC;YACtC,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;YACpD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,MAAM,CAAC,eAAe,CAAC,KAA0B;QAEtD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,MAAM,EAAE,CAAC;YACrD,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK;gBAC7B,OAAO,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjD,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW;QACtC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;YACvE,kBAAkB,CAAC,sBAAsB,EAAE,CAAC;QAC9C,CAAC;QAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAE7D,gFAAgF;QAChF,IAAI,WAAW,KAAK,SAAS,IAAI,CAAC,WAAW,CAAC,SAAS,GAAG,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACnH,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC5C,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAEM,MAAM,CAAC,qBAAqB,CAAC,KAA0B;QAE5D,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;YACpC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;gBAC3D,IAAI,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK,EAAC,CAAC;oBAC/B,MAAM,OAAO,GAAG,kBAAkB,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBAC5D,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;oBAC1C,OAAO,OAAO,CAAC;gBACjB,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,GAAW,EAAE,KAAwB;QAEhE,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,kBAAkB,CAAC,YAAY,GAAG,IAAI,GAAG,EAA6B,CAAC;QAEzE,CAAC;QACD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAEhD,kBAAkB,CAAC,oBAAoB,EAAE,CAAC;IAC5C,CAAC;IAEM,MAAM,CAAC,sBAAsB;QAClC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,IAAwB,EAAE,EAAE;YAC/C,IAAI,IAAI,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC1D,MAAM,MAAM,GAAiC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC9D,IAAI,MAAM,EAAE,CAAC;oBACX,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;wBAClD,kBAAkB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;oBAClD,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,WAAW,CAAC,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;QACjF,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC,CAAC;IACjF,CAAC;IAEM,MAAM,CAAC,oBAAoB;QAEhC,IAAI,kBAAkB,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YAClD,OAAO;QACT,CAAC;QACD,MAAM,aAAa,GAAqB,EAAE,CAAC;QAC3C,MAAM,aAAa,GAAqB,EAAE,CAAC;QAE3C,kBAAkB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,KAAwB,EAAE,GAAW,EAAE,EAAE;YAChF,oEAAoE;YACpE,gCAAgC;YAChC,gCAAgC;YAChC,WAAW;YACX,gCAAgC;YAChC,IAAI;YACJ,aAAa,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC7B,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;QACtF,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;IACtF,CAAC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @packageDocumentation\r\n * @module Tiles\r\n */\r\n\r\nimport { MapLayerAccessToken } from \"@itwin/core-frontend\";\r\nimport { ArcGisGenerateTokenOptions, ArcGisOAuth2Token, ArcGisToken, ArcGisTokenGenerator } from \"./ArcGisTokenGenerator.js\";\r\n\r\n/** @internal */\r\ninterface ArcGisTokenProps {\r\n [hostname: string]: ArcGisOAuth2Token;\r\n}\r\n\r\n/** @internal */\r\nexport class ArcGisTokenManager {\r\n private static readonly tokenExpiryThreshold = 300000; // 5 minutes in milliseconds\r\n private static _cache = new Map<string, ArcGisToken>();\r\n private static _oauth2Cache: Map<string, ArcGisOAuth2Token> | undefined;\r\n private static _generator: ArcGisTokenGenerator | undefined;\r\n private static readonly _browserStorageKey = \"arcGisOAuth\";\r\n\r\n public static async getToken(arcGisRestServiceUrl: string, userName: string, password: string, options: ArcGisGenerateTokenOptions): Promise<ArcGisToken | undefined> {\r\n if (!ArcGisTokenManager._generator)\r\n ArcGisTokenManager._generator = new ArcGisTokenGenerator();\r\n\r\n const tokenCacheKey = `${encodeURIComponent(userName)}@${arcGisRestServiceUrl}`;\r\n\r\n // First check in the session cache\r\n const cachedToken = ArcGisTokenManager._cache.get(tokenCacheKey);\r\n\r\n // Check if token is in cached and is valid within the threshold, if not, generate a new token immediately.\r\n if (cachedToken !== undefined && (cachedToken.expires - (+new Date()) > ArcGisTokenManager.tokenExpiryThreshold)) {\r\n return cachedToken;\r\n }\r\n\r\n // Nothing in cache, generate a new token\r\n const newToken = await ArcGisTokenManager._generator.generate(arcGisRestServiceUrl, userName, password, options);\r\n if (newToken.token) {\r\n const token = newToken as ArcGisToken;\r\n ArcGisTokenManager._cache.set(tokenCacheKey, token);\r\n return token;\r\n }\r\n\r\n return undefined;\r\n }\r\n\r\n public static invalidateToken(token: MapLayerAccessToken): boolean {\r\n\r\n for (const [key, value] of ArcGisTokenManager._cache) {\r\n if (value.token === token.token)\r\n return ArcGisTokenManager._cache.delete(key);\r\n }\r\n\r\n return false;\r\n }\r\n\r\n public static getOAuth2Token(key: string): ArcGisOAuth2Token | undefined {\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\r\n ArcGisTokenManager.loadFromBrowserStorage();\r\n }\r\n\r\n const cachedToken = ArcGisTokenManager._oauth2Cache.get(key);\r\n\r\n // If cached token has expired (or about to expire), invalidate don't return it.\r\n if (cachedToken !== undefined && (cachedToken.expiresAt - (+new Date()) < ArcGisTokenManager.tokenExpiryThreshold)) {\r\n ArcGisTokenManager._oauth2Cache.delete(key);\r\n return undefined;\r\n }\r\n\r\n return cachedToken;\r\n }\r\n\r\n public static invalidateOAuth2Token(token: MapLayerAccessToken) {\r\n\r\n if (ArcGisTokenManager._oauth2Cache) {\r\n for (const [key, value] of ArcGisTokenManager._oauth2Cache) {\r\n if (value.token === token.token){\r\n const deleted = ArcGisTokenManager._oauth2Cache.delete(key);\r\n ArcGisTokenManager.saveToBrowserStorage();\r\n return deleted;\r\n }\r\n }\r\n }\r\n\r\n return false;\r\n }\r\n\r\n public static setOAuth2Token(key: string, token: ArcGisOAuth2Token) {\r\n\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n ArcGisTokenManager._oauth2Cache = new Map<string, ArcGisOAuth2Token>();\r\n\r\n }\r\n ArcGisTokenManager._oauth2Cache.set(key, token);\r\n\r\n ArcGisTokenManager.saveToBrowserStorage();\r\n }\r\n\r\n public static loadFromBrowserStorage() {\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n return;\r\n }\r\n\r\n const loadEntries = (json: string | undefined) => {\r\n if (json && ArcGisTokenManager._oauth2Cache !== undefined) {\r\n const tokens: ArcGisTokenProps | undefined = JSON.parse(json);\r\n if (tokens) {\r\n for (const [key, value] of Object.entries(tokens)) {\r\n ArcGisTokenManager._oauth2Cache.set(key, value);\r\n }\r\n }\r\n }\r\n };\r\n\r\n loadEntries(window.sessionStorage.getItem(this._browserStorageKey) ?? undefined);\r\n loadEntries(window.localStorage.getItem(this._browserStorageKey) ?? undefined);\r\n }\r\n\r\n public static saveToBrowserStorage() {\r\n\r\n if (ArcGisTokenManager._oauth2Cache === undefined) {\r\n return;\r\n }\r\n const sessionTokens: ArcGisTokenProps = {};\r\n const storageTokens: ArcGisTokenProps = {};\r\n\r\n ArcGisTokenManager._oauth2Cache.forEach((value: ArcGisOAuth2Token, key: string) => {\r\n // ignore the persist flag for now, and only save to session storage\r\n // if (value.persist === true) {\r\n // storageTokens[key] = value;\r\n // } else {\r\n // sessionTokens[key] = value;\r\n // }\r\n sessionTokens[key] = value;\r\n });\r\n window.sessionStorage.setItem(this._browserStorageKey, JSON.stringify(sessionTokens));\r\n window.localStorage.setItem(this._browserStorageKey, JSON.stringify(storageTokens));\r\n }\r\n\r\n}\r\n"]}
package/lib/esm/ArcGis/ArcGisUrl.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ArcGisUrl.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisUrl.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F,gBAAgB;AAChB,MAAM,OAAO,SAAS;IAEpB,qCAAqC;IAC9B,MAAM,CAAC,kBAAkB,CAAC,GAAQ;QACvC,MAAM,MAAM,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC;QAC3B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAC1C,OAAO,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAEjG,CAAC;IAEM,MAAM,CAAC,KAAK,CAAC,8BAA8B,CAAC,GAAQ;QACzD,MAAM,OAAO,GAAG,SAAS,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAClD,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,wGAAwG;QACxG,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,GAAG,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACrD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAEzC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QAED,MAAM,gBAAgB,GAAG,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC;QAC1D,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,SAAS,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACjE,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,GAAQ;QACrC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YAChE,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC/B,CAAC;QAAC,MAAM,CAAC;QACT,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;CACF","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\n/** @internal */\nexport class ArcGisUrl {\n\n // Extract the sub-url up to '/rest/'\n public static extractRestBaseUrl(url: URL): URL | undefined {\n const urlStr = url.toString();\n const searchStr = \"/rest/\";\n const restPos = urlStr.indexOf(searchStr);\n return (restPos === -1 ? undefined : new URL(urlStr.substring(0, restPos + searchStr.length)));\n\n }\n\n public static async getRestUrlFromGenerateTokenUrl(url: URL): Promise<URL | undefined> {\n const restUrl = ArcGisUrl.extractRestBaseUrl(url);\n if (restUrl === undefined) {\n return undefined;\n }\n\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\n const infoUrl = new URL(`${restUrl.toString()}info`);\n infoUrl.searchParams.append(\"f\", \"json\");\n\n let json;\n try {\n json = await ArcGisUrl.fetchJson(infoUrl);\n } catch {\n\n }\n\n const tokenServicesUrl = json?.authInfo?.tokenServicesUrl;\n if (tokenServicesUrl === undefined) {\n return undefined;\n }\n return ArcGisUrl.extractRestBaseUrl(new URL(tokenServicesUrl));\n }\n\n private static async fetchJson(url: URL): Promise<any> {\n let json;\n try {\n const response = await fetch(url.toString(), { method: \"GET\" });\n json = await response.json();\n } catch {\n }\n return json;\n }\n}\n"]}
1
+ {"version":3,"file":"ArcGisUrl.js","sourceRoot":"","sources":["../../../src/ArcGis/ArcGisUrl.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F,gBAAgB;AAChB,MAAM,OAAO,SAAS;IAEpB,qCAAqC;IAC9B,MAAM,CAAC,kBAAkB,CAAC,GAAQ;QACvC,MAAM,MAAM,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC;QAC3B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAC1C,OAAO,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAEjG,CAAC;IAEM,MAAM,CAAC,KAAK,CAAC,8BAA8B,CAAC,GAAQ;QACzD,MAAM,OAAO,GAAG,SAAS,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAClD,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,wGAAwG;QACxG,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,GAAG,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACrD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAEzC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;QAED,MAAM,gBAAgB,GAAG,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC;QAC1D,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,SAAS,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACjE,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,GAAQ;QACrC,IAAI,IAAI,CAAC;QACT,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YAChE,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC/B,CAAC;QAAC,MAAM,CAAC;QACT,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;CACF","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\n/** @internal */\r\nexport class ArcGisUrl {\r\n\r\n // Extract the sub-url up to '/rest/'\r\n public static extractRestBaseUrl(url: URL): URL | undefined {\r\n const urlStr = url.toString();\r\n const searchStr = \"/rest/\";\r\n const restPos = urlStr.indexOf(searchStr);\r\n return (restPos === -1 ? undefined : new URL(urlStr.substring(0, restPos + searchStr.length)));\r\n\r\n }\r\n\r\n public static async getRestUrlFromGenerateTokenUrl(url: URL): Promise<URL | undefined> {\r\n const restUrl = ArcGisUrl.extractRestBaseUrl(url);\r\n if (restUrl === undefined) {\r\n return undefined;\r\n }\r\n\r\n // First attempt: derive the Oauth2 token URL from the 'tokenServicesUrl', exposed by the 'info request'\r\n const infoUrl = new URL(`${restUrl.toString()}info`);\r\n infoUrl.searchParams.append(\"f\", \"json\");\r\n\r\n let json;\r\n try {\r\n json = await ArcGisUrl.fetchJson(infoUrl);\r\n } catch {\r\n\r\n }\r\n\r\n const tokenServicesUrl = json?.authInfo?.tokenServicesUrl;\r\n if (tokenServicesUrl === undefined) {\r\n return undefined;\r\n }\r\n return ArcGisUrl.extractRestBaseUrl(new URL(tokenServicesUrl));\r\n }\r\n\r\n private static async fetchJson(url: URL): Promise<any> {\r\n let json;\r\n try {\r\n const response = await fetch(url.toString(), { method: \"GET\" });\r\n json = await response.json();\r\n } catch {\r\n }\r\n return json;\r\n }\r\n}\r\n"]}
package/lib/esm/map-layers-auth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"map-layers-auth.js","sourceRoot":"","sources":["../../src/map-layers-auth.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F,cAAc,gCAAgC,CAAC;AAC/C,cAAc,kCAAkC,CAAC;AACjD,cAAc,kCAAkC,CAAC;AACjD,cAAc,gCAAgC,CAAC;AAC/C,cAAc,uBAAuB,CAAC","sourcesContent":["/*---------------------------------------------------------------------------------------------\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\n* See LICENSE.md in the project root for license terms and full copyright notice.\n*--------------------------------------------------------------------------------------------*/\nexport * from \"./ArcGis/ArcGisAccessClient.js\";\nexport * from \"./ArcGis/ArcGisOAuth2Endpoint.js\";\nexport * from \"./ArcGis/ArcGisTokenGenerator.js\";\nexport * from \"./ArcGis/ArcGisTokenManager.js\";\nexport * from \"./ArcGis/ArcGisUrl.js\";\n\n"]}
1
+ {"version":3,"file":"map-layers-auth.js","sourceRoot":"","sources":["../../src/map-layers-auth.ts"],"names":[],"mappings":"AAAA;;;+FAG+F;AAC/F,cAAc,gCAAgC,CAAC;AAC/C,cAAc,kCAAkC,CAAC;AACjD,cAAc,kCAAkC,CAAC;AACjD,cAAc,gCAAgC,CAAC;AAC/C,cAAc,uBAAuB,CAAC","sourcesContent":["/*---------------------------------------------------------------------------------------------\r\n* Copyright (c) Bentley Systems, Incorporated. All rights reserved.\r\n* See LICENSE.md in the project root for license terms and full copyright notice.\r\n*--------------------------------------------------------------------------------------------*/\r\nexport * from \"./ArcGis/ArcGisAccessClient.js\";\r\nexport * from \"./ArcGis/ArcGisOAuth2Endpoint.js\";\r\nexport * from \"./ArcGis/ArcGisTokenGenerator.js\";\r\nexport * from \"./ArcGis/ArcGisTokenManager.js\";\r\nexport * from \"./ArcGis/ArcGisUrl.js\";\r\n\r\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@itwin/map-layers-auth",
3
- "version": "5.5.0-dev.2",
3
+ "version": "5.5.0-dev.5",
4
4
  "description": "Extension that adds a Map Layers Widget",
5
5
  "main": "lib/cjs/map-layers-auth.js",
6
6
  "module": "lib/esm/map-layers-auth.js",
@@ -44,14 +44,14 @@
44
44
  "source-map-support": "^0.5.6",
45
45
  "typescript": "~5.6.2",
46
46
  "fetch-mock": "~11.1.3",
47
- "@itwin/build-tools": "5.5.0-dev.2",
48
- "@itwin/core-bentley": "5.5.0-dev.2",
49
- "@itwin/core-frontend": "5.5.0-dev.2",
47
+ "@itwin/core-bentley": "5.5.0-dev.5",
48
+ "@itwin/core-common": "5.5.0-dev.5",
49
+ "@itwin/build-tools": "5.5.0-dev.5",
50
50
  "internal-tools": "3.0.0-dev.69",
51
- "@itwin/core-common": "5.5.0-dev.2"
51
+ "@itwin/core-frontend": "5.5.0-dev.5"
52
52
  },
53
53
  "peerDependencies": {
54
- "@itwin/core-bentley": "5.5.0-dev.2"
54
+ "@itwin/core-bentley": "5.5.0-dev.5"
55
55
  },
56
56
  "nyc": {
57
57
  "extends": "./node_modules/@itwin/build-tools/.nycrc",