@okta/okta-auth-js 5.10.0 → 6.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +60 -0
- package/README.md +10 -6
- package/cjs/AuthStateManager.js +11 -3
- package/cjs/AuthStateManager.js.map +1 -1
- package/cjs/OktaAuth.js +139 -95
- package/cjs/OktaAuth.js.map +1 -1
- package/cjs/OktaUserAgent.js +2 -2
- package/cjs/OktaUserAgent.js.map +1 -1
- package/cjs/PromiseQueue.js +11 -2
- package/cjs/PromiseQueue.js.map +1 -1
- package/cjs/SavedObject.js +4 -2
- package/cjs/SavedObject.js.map +1 -1
- package/cjs/StorageManager.js +16 -9
- package/cjs/StorageManager.js.map +1 -1
- package/cjs/TokenManager.js +38 -22
- package/cjs/TokenManager.js.map +1 -1
- package/cjs/TransactionManager.js +26 -7
- package/cjs/TransactionManager.js.map +1 -1
- package/cjs/browser/browserStorage.js +25 -14
- package/cjs/browser/browserStorage.js.map +1 -1
- package/cjs/browser/fingerprint.js +12 -4
- package/cjs/browser/fingerprint.js.map +1 -1
- package/cjs/builderUtil.js +7 -19
- package/cjs/builderUtil.js.map +1 -1
- package/cjs/clock.js +5 -1
- package/cjs/clock.js.map +1 -1
- package/cjs/crypto/base64.js +18 -0
- package/cjs/crypto/base64.js.map +1 -1
- package/cjs/crypto/index.js +6 -4
- package/cjs/crypto/index.js.map +1 -1
- package/cjs/crypto/oidcHash.js +5 -1
- package/cjs/crypto/oidcHash.js.map +1 -1
- package/cjs/crypto/webauthn.js +101 -0
- package/cjs/crypto/webauthn.js.map +1 -0
- package/cjs/crypto/webcrypto.js +3 -1
- package/cjs/crypto/webcrypto.js.map +1 -1
- package/cjs/errors/AuthApiError.js +1 -1
- package/cjs/errors/AuthPollStopError.js +1 -1
- package/cjs/errors/AuthSdkError.js +1 -1
- package/cjs/errors/CustomError.js +5 -1
- package/cjs/errors/CustomError.js.map +1 -1
- package/cjs/errors/OAuthError.js +1 -1
- package/cjs/errors/index.js +1 -1
- package/cjs/features.js +9 -3
- package/cjs/features.js.map +1 -1
- package/cjs/fetch/fetchRequest.js +19 -6
- package/cjs/fetch/fetchRequest.js.map +1 -1
- package/cjs/http/headers.js.map +1 -1
- package/cjs/http/index.js +4 -2
- package/cjs/http/index.js.map +1 -1
- package/cjs/http/request.js +11 -5
- package/cjs/http/request.js.map +1 -1
- package/cjs/idx/authenticate.js +8 -5
- package/cjs/idx/authenticate.js.map +1 -1
- package/cjs/idx/authenticator/Authenticator.js.map +1 -1
- package/cjs/idx/authenticator/OktaPassword.js.map +1 -1
- package/cjs/idx/authenticator/SecurityQuestionEnrollment.js +1 -1
- package/cjs/idx/authenticator/SecurityQuestionEnrollment.js.map +1 -1
- package/cjs/idx/authenticator/SecurityQuestionVerification.js +2 -1
- package/cjs/idx/authenticator/SecurityQuestionVerification.js.map +1 -1
- package/cjs/idx/authenticator/VerificationCodeAuthenticator.js +2 -2
- package/cjs/idx/authenticator/VerificationCodeAuthenticator.js.map +1 -1
- package/cjs/idx/authenticator/WebauthnEnrollment.js +46 -0
- package/cjs/idx/authenticator/WebauthnEnrollment.js.map +1 -0
- package/cjs/idx/authenticator/WebauthnVerification.js +55 -0
- package/cjs/idx/authenticator/WebauthnVerification.js.map +1 -0
- package/cjs/idx/authenticator/getAuthenticator.js +17 -6
- package/cjs/idx/authenticator/getAuthenticator.js.map +1 -1
- package/cjs/idx/authenticator/index.js +34 -6
- package/cjs/idx/authenticator/index.js.map +1 -1
- package/cjs/idx/cancel.js.map +1 -1
- package/cjs/idx/emailVerify.js +73 -0
- package/cjs/idx/emailVerify.js.map +1 -0
- package/cjs/idx/flow/AccountUnlockFlow.js +30 -0
- package/cjs/idx/flow/AccountUnlockFlow.js.map +1 -0
- package/cjs/idx/flow/AuthenticationFlow.js +2 -1
- package/cjs/idx/flow/AuthenticationFlow.js.map +1 -1
- package/cjs/idx/flow/FlowSpecification.js +24 -4
- package/cjs/idx/flow/FlowSpecification.js.map +1 -1
- package/cjs/idx/flow/PasswordRecoveryFlow.js +4 -1
- package/cjs/idx/flow/PasswordRecoveryFlow.js.map +1 -1
- package/cjs/idx/flow/RegistrationFlow.js +2 -0
- package/cjs/idx/flow/RegistrationFlow.js.map +1 -1
- package/cjs/idx/flow/index.js +20 -5
- package/cjs/idx/flow/index.js.map +1 -1
- package/cjs/idx/handleInteractionCodeRedirect.js +6 -1
- package/cjs/idx/handleInteractionCodeRedirect.js.map +1 -1
- package/cjs/idx/headers.js +21 -5
- package/cjs/idx/headers.js.map +1 -1
- package/cjs/idx/idx-js/client.js +91 -0
- package/cjs/idx/idx-js/client.js.map +1 -0
- package/cjs/idx/idx-js/index.js +162 -0
- package/cjs/idx/idx-js/index.js.map +1 -0
- package/cjs/idx/idx-js/interact.js +83 -0
- package/cjs/idx/idx-js/interact.js.map +1 -0
- package/cjs/idx/idx-js/introspect.js +58 -0
- package/cjs/idx/idx-js/introspect.js.map +1 -0
- package/cjs/idx/idx-js/parsers.js +41 -0
- package/cjs/idx/idx-js/parsers.js.map +1 -0
- package/cjs/idx/idx-js/util.js +34 -0
- package/cjs/idx/idx-js/util.js.map +1 -0
- package/cjs/idx/idx-js/v1/actionParser.js +90 -0
- package/cjs/idx/idx-js/v1/actionParser.js.map +1 -0
- package/cjs/idx/idx-js/v1/generateIdxAction.js +117 -0
- package/cjs/idx/idx-js/v1/generateIdxAction.js.map +1 -0
- package/cjs/idx/idx-js/v1/idxResponseParser.js +137 -0
- package/cjs/idx/idx-js/v1/idxResponseParser.js.map +1 -0
- package/cjs/idx/idx-js/v1/makeIdxState.js +64 -0
- package/cjs/idx/idx-js/v1/makeIdxState.js.map +1 -0
- package/cjs/idx/idx-js/v1/parsers.js +24 -0
- package/cjs/idx/idx-js/v1/parsers.js.map +1 -0
- package/cjs/idx/idx-js/v1/remediationParser.js +32 -0
- package/cjs/idx/idx-js/v1/remediationParser.js.map +1 -0
- package/cjs/idx/index.js +121 -109
- package/cjs/idx/index.js.map +1 -1
- package/cjs/idx/interact.js +53 -36
- package/cjs/idx/interact.js.map +1 -1
- package/cjs/idx/introspect.js +17 -19
- package/cjs/idx/introspect.js.map +1 -1
- package/cjs/idx/poll.js +13 -3
- package/cjs/idx/poll.js.map +1 -1
- package/cjs/idx/proceed.js +4 -7
- package/cjs/idx/proceed.js.map +1 -1
- package/cjs/idx/recoverPassword.js +1 -1
- package/cjs/idx/recoverPassword.js.map +1 -1
- package/cjs/idx/register.js +11 -16
- package/cjs/idx/register.js.map +1 -1
- package/cjs/idx/remediate.js +74 -27
- package/cjs/idx/remediate.js.map +1 -1
- package/cjs/idx/remediators/AuthenticatorEnrollmentData.js +12 -4
- package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
- package/cjs/idx/remediators/AuthenticatorVerificationData.js +13 -7
- package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
- package/cjs/idx/remediators/Base/AuthenticatorData.js +31 -13
- package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
- package/cjs/idx/remediators/Base/Remediator.js +67 -31
- package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
- package/cjs/idx/remediators/Base/SelectAuthenticator.js +46 -30
- package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/Base/VerifyAuthenticator.js +16 -4
- package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/ChallengeAuthenticator.js +2 -2
- package/cjs/idx/remediators/ChallengeAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/ChallengePoll.js +2 -2
- package/cjs/idx/remediators/EnrollAuthenticator.js +2 -2
- package/cjs/idx/remediators/EnrollAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/EnrollPoll.js +18 -9
- package/cjs/idx/remediators/EnrollPoll.js.map +1 -1
- package/cjs/idx/remediators/EnrollProfile.js +24 -9
- package/cjs/idx/remediators/EnrollProfile.js.map +1 -1
- package/cjs/idx/remediators/EnrollmentChannelData.js +96 -0
- package/cjs/idx/remediators/EnrollmentChannelData.js.map +1 -0
- package/cjs/idx/remediators/Identify.js +5 -3
- package/cjs/idx/remediators/Identify.js.map +1 -1
- package/cjs/idx/remediators/ReEnrollAuthenticator.js +6 -3
- package/cjs/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/RedirectIdp.js +2 -2
- package/cjs/idx/remediators/ResetAuthenticator.js +2 -2
- package/cjs/idx/remediators/ResetAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js +7 -5
- package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorEnroll.js +2 -2
- package/cjs/idx/remediators/SelectAuthenticatorEnroll.js.map +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js +72 -0
- package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js.map +1 -0
- package/cjs/idx/remediators/SelectEnrollProfile.js +2 -2
- package/cjs/idx/remediators/SelectEnrollProfile.js.map +1 -1
- package/cjs/idx/remediators/SelectEnrollmentChannel.js +86 -0
- package/cjs/idx/remediators/SelectEnrollmentChannel.js.map +1 -0
- package/cjs/idx/remediators/Skip.js +5 -3
- package/cjs/idx/remediators/Skip.js.map +1 -1
- package/cjs/idx/remediators/index.js +57 -16
- package/cjs/idx/remediators/index.js.map +1 -1
- package/cjs/idx/remediators/util.js +18 -3
- package/cjs/idx/remediators/util.js.map +1 -1
- package/cjs/idx/run.js +139 -49
- package/cjs/idx/run.js.map +1 -1
- package/cjs/idx/startTransaction.js +4 -2
- package/cjs/idx/startTransaction.js.map +1 -1
- package/cjs/idx/transactionMeta.js +82 -69
- package/cjs/idx/transactionMeta.js.map +1 -1
- package/cjs/idx/types/idx-js.js.map +1 -1
- package/cjs/idx/types/index.js +59 -7
- package/cjs/idx/types/index.js.map +1 -1
- package/cjs/idx/unlockAccount.js +48 -0
- package/cjs/idx/unlockAccount.js.map +1 -0
- package/cjs/index.js +33 -13
- package/cjs/index.js.map +1 -1
- package/cjs/oidc/endpoints/authorize.js +10 -2
- package/cjs/oidc/endpoints/authorize.js.map +1 -1
- package/cjs/oidc/endpoints/index.js +5 -3
- package/cjs/oidc/endpoints/index.js.map +1 -1
- package/cjs/oidc/endpoints/token.js +16 -3
- package/cjs/oidc/endpoints/token.js.map +1 -1
- package/cjs/oidc/endpoints/well-known.js +7 -3
- package/cjs/oidc/endpoints/well-known.js.map +1 -1
- package/cjs/oidc/exchangeCodeForTokens.js +12 -4
- package/cjs/oidc/exchangeCodeForTokens.js.map +1 -1
- package/cjs/oidc/getToken.js +12 -6
- package/cjs/oidc/getToken.js.map +1 -1
- package/cjs/oidc/getUserInfo.js +7 -3
- package/cjs/oidc/getUserInfo.js.map +1 -1
- package/cjs/oidc/getWithPopup.js +8 -2
- package/cjs/oidc/getWithPopup.js.map +1 -1
- package/cjs/oidc/getWithRedirect.js +15 -38
- package/cjs/oidc/getWithRedirect.js.map +1 -1
- package/cjs/oidc/getWithoutPrompt.js +8 -2
- package/cjs/oidc/getWithoutPrompt.js.map +1 -1
- package/cjs/oidc/handleOAuthResponse.js +87 -87
- package/cjs/oidc/handleOAuthResponse.js.map +1 -1
- package/cjs/oidc/index.js +4 -2
- package/cjs/oidc/index.js.map +1 -1
- package/cjs/oidc/parseFromUrl.js +9 -3
- package/cjs/oidc/parseFromUrl.js.map +1 -1
- package/cjs/oidc/renewToken.js.map +1 -1
- package/cjs/oidc/renewTokens.js +6 -2
- package/cjs/oidc/renewTokens.js.map +1 -1
- package/cjs/oidc/renewTokensWithRefresh.js +5 -1
- package/cjs/oidc/renewTokensWithRefresh.js.map +1 -1
- package/cjs/oidc/revokeToken.js +34 -31
- package/cjs/oidc/revokeToken.js.map +1 -1
- package/cjs/oidc/util/browser.js +5 -1
- package/cjs/oidc/util/browser.js.map +1 -1
- package/cjs/oidc/util/defaultTokenParams.js.map +1 -1
- package/cjs/oidc/util/errors.js.map +1 -1
- package/cjs/oidc/util/index.js +27 -11
- package/cjs/oidc/util/index.js.map +1 -1
- package/cjs/oidc/util/loginRedirect.js +10 -1
- package/cjs/oidc/util/loginRedirect.js.map +1 -1
- package/cjs/oidc/util/oauth.js +4 -2
- package/cjs/oidc/util/oauth.js.map +1 -1
- package/cjs/oidc/util/oauthMeta.js +36 -0
- package/cjs/oidc/util/oauthMeta.js.map +1 -0
- package/cjs/oidc/util/pkce.js +11 -3
- package/cjs/oidc/util/pkce.js.map +1 -1
- package/cjs/oidc/util/prepareTokenParams.js +62 -39
- package/cjs/oidc/util/prepareTokenParams.js.map +1 -1
- package/cjs/oidc/util/validateClaims.js +3 -1
- package/cjs/oidc/util/validateClaims.js.map +1 -1
- package/cjs/oidc/verifyToken.js +13 -4
- package/cjs/oidc/verifyToken.js.map +1 -1
- package/cjs/options.js +12 -6
- package/cjs/options.js.map +1 -1
- package/cjs/server/serverStorage.js +2 -1
- package/cjs/server/serverStorage.js.map +1 -1
- package/cjs/services/TokenService.js +3 -0
- package/cjs/services/TokenService.js.map +1 -1
- package/cjs/tx/AuthTransaction.js +18 -9
- package/cjs/tx/AuthTransaction.js.map +1 -1
- package/cjs/tx/TransactionState.js +0 -17
- package/cjs/tx/TransactionState.js.map +1 -1
- package/cjs/tx/api.js +11 -6
- package/cjs/tx/api.js.map +1 -1
- package/cjs/tx/index.js +7 -5
- package/cjs/tx/index.js.map +1 -1
- package/cjs/tx/poll.js +6 -4
- package/cjs/tx/poll.js.map +1 -1
- package/cjs/tx/util.js +5 -1
- package/cjs/tx/util.js.map +1 -1
- package/cjs/types/Transaction.js +10 -2
- package/cjs/types/Transaction.js.map +1 -1
- package/cjs/types/index.js +16 -14
- package/cjs/types/index.js.map +1 -1
- package/cjs/util/index.js +7 -18
- package/cjs/util/index.js.map +1 -1
- package/cjs/util/misc.js +5 -1
- package/cjs/util/misc.js.map +1 -1
- package/cjs/util/object.js +16 -6
- package/cjs/util/object.js.map +1 -1
- package/cjs/util/sharedStorage.js +5 -1
- package/cjs/util/sharedStorage.js.map +1 -1
- package/cjs/util/url.js.map +1 -1
- package/dist/okta-auth-js.min.js +1 -1
- package/dist/okta-auth-js.min.js.LICENSE.txt +0 -12
- package/dist/okta-auth-js.min.js.map +1 -1
- package/dist/okta-auth-js.polyfill.js +1 -1
- package/dist/okta-auth-js.polyfill.js.map +1 -1
- package/dist/okta-auth-js.umd.js +1 -1
- package/dist/okta-auth-js.umd.js.LICENSE.txt +0 -12
- package/dist/okta-auth-js.umd.js.map +1 -1
- package/esm/index.js +2758 -957
- package/esm/index.js.map +1 -1
- package/lib/AuthStateManager.d.ts +1 -2
- package/lib/OktaAuth.d.ts +10 -13
- package/lib/StorageManager.d.ts +2 -2
- package/lib/TokenManager.d.ts +4 -4
- package/lib/TransactionManager.d.ts +4 -3
- package/lib/browser/fingerprint.d.ts +2 -3
- package/lib/builderUtil.d.ts +1 -2
- package/lib/crypto/base64.d.ts +2 -0
- package/lib/crypto/browser.d.ts +1 -1
- package/lib/crypto/webauthn.d.ts +25 -0
- package/lib/features.d.ts +1 -1
- package/lib/http/headers.d.ts +2 -2
- package/lib/http/request.d.ts +4 -4
- package/lib/idx/authenticate.d.ts +2 -2
- package/lib/idx/authenticator/Authenticator.d.ts +4 -5
- package/lib/idx/authenticator/OktaPassword.d.ts +7 -9
- package/lib/idx/authenticator/SecurityQuestionEnrollment.d.ts +9 -8
- package/lib/idx/authenticator/SecurityQuestionVerification.d.ts +7 -7
- package/lib/idx/authenticator/VerificationCodeAuthenticator.d.ts +6 -2
- package/lib/idx/authenticator/WebauthnEnrollment.d.ts +16 -0
- package/lib/idx/authenticator/WebauthnVerification.d.ts +17 -0
- package/lib/idx/authenticator/getAuthenticator.d.ts +1 -1
- package/lib/idx/authenticator/index.d.ts +9 -0
- package/lib/idx/cancel.d.ts +2 -2
- package/lib/idx/emailVerify.d.ts +26 -0
- package/lib/{util/emailVerify.d.ts → idx/flow/AccountUnlockFlow.d.ts} +2 -6
- package/lib/idx/flow/FlowSpecification.d.ts +3 -2
- package/lib/idx/flow/index.d.ts +1 -0
- package/lib/idx/headers.d.ts +3 -2
- package/lib/idx/idx-js/client.d.ts +36 -0
- package/lib/idx/idx-js/index.d.ts +51 -0
- package/lib/idx/idx-js/interact.d.ts +25 -0
- package/lib/idx/idx-js/introspect.d.ts +20 -0
- package/lib/idx/idx-js/parsers.d.ts +15 -0
- package/lib/idx/idx-js/util.d.ts +12 -0
- package/lib/idx/idx-js/v1/actionParser.d.ts +16 -0
- package/lib/idx/idx-js/v1/generateIdxAction.d.ts +13 -0
- package/lib/idx/idx-js/v1/idxResponseParser.d.ts +20 -0
- package/lib/idx/idx-js/v1/makeIdxState.d.ts +13 -0
- package/lib/idx/idx-js/v1/parsers.d.ts +16 -0
- package/lib/idx/idx-js/v1/remediationParser.d.ts +12 -0
- package/lib/idx/index.d.ts +12 -10
- package/lib/idx/interact.d.ts +7 -13
- package/lib/idx/introspect.d.ts +4 -3
- package/lib/idx/poll.d.ts +2 -2
- package/lib/idx/proceed.d.ts +8 -5
- package/lib/idx/recoverPassword.d.ts +2 -2
- package/lib/idx/register.d.ts +2 -2
- package/lib/idx/remediate.d.ts +10 -4
- package/lib/idx/remediators/AuthenticatorEnrollmentData.d.ts +3 -3
- package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +3 -3
- package/lib/idx/remediators/Base/AuthenticatorData.d.ts +8 -7
- package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +10 -7
- package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +8 -12
- package/lib/idx/remediators/EnrollPoll.d.ts +1 -1
- package/lib/idx/remediators/EnrollProfile.d.ts +1 -1
- package/lib/idx/remediators/EnrollmentChannelData.d.ts +54 -0
- package/lib/idx/remediators/Identify.d.ts +2 -2
- package/lib/idx/remediators/ReEnrollAuthenticator.d.ts +2 -2
- package/lib/idx/remediators/RedirectIdp.d.ts +3 -3
- package/lib/idx/remediators/SelectAuthenticatorUnlockAccount.d.ts +38 -0
- package/lib/idx/remediators/SelectEnrollmentChannel.d.ts +40 -0
- package/lib/idx/remediators/index.d.ts +3 -0
- package/lib/idx/remediators/util.d.ts +2 -2
- package/lib/idx/run.d.ts +5 -3
- package/lib/idx/startTransaction.d.ts +3 -2
- package/lib/idx/transactionMeta.d.ts +10 -31
- package/lib/idx/types/FlowIdentifier.d.ts +1 -1
- package/lib/idx/types/idx-js.d.ts +44 -1
- package/lib/idx/types/index.d.ts +36 -9
- package/lib/idx/unlockAccount.d.ts +15 -0
- package/lib/index.d.ts +1 -0
- package/lib/oidc/endpoints/well-known.d.ts +3 -3
- package/lib/oidc/exchangeCodeForTokens.d.ts +14 -2
- package/lib/oidc/getToken.d.ts +2 -2
- package/lib/oidc/getWithPopup.d.ts +2 -2
- package/lib/oidc/getWithRedirect.d.ts +2 -2
- package/lib/oidc/getWithoutPrompt.d.ts +2 -2
- package/lib/oidc/handleOAuthResponse.d.ts +2 -2
- package/lib/oidc/parseFromUrl.d.ts +1 -1
- package/lib/oidc/renewToken.d.ts +2 -2
- package/lib/oidc/renewTokens.d.ts +1 -1
- package/lib/oidc/renewTokensWithRefresh.d.ts +2 -2
- package/lib/oidc/revokeToken.d.ts +2 -2
- package/lib/oidc/util/browser.d.ts +3 -3
- package/lib/oidc/util/defaultTokenParams.d.ts +2 -2
- package/lib/oidc/util/errors.d.ts +2 -2
- package/lib/oidc/util/index.d.ts +1 -0
- package/lib/oidc/util/loginRedirect.d.ts +4 -4
- package/lib/oidc/util/oauth.d.ts +4 -11
- package/lib/oidc/util/oauthMeta.d.ts +2 -0
- package/lib/oidc/util/prepareTokenParams.d.ts +5 -2
- package/lib/oidc/util/validateClaims.d.ts +2 -2
- package/lib/oidc/verifyToken.d.ts +2 -2
- package/lib/server/serverStorage.d.ts +1 -1
- package/lib/services/TokenService.d.ts +2 -2
- package/lib/tx/AuthTransaction.d.ts +2 -2
- package/lib/tx/TransactionState.d.ts +11 -1
- package/lib/tx/api.d.ts +6 -6
- package/lib/types/OktaAuthOptions.d.ts +6 -8
- package/lib/types/Storage.d.ts +3 -3
- package/lib/types/Transaction.d.ts +10 -7
- package/lib/types/UserClaims.d.ts +3 -3
- package/lib/types/api.d.ts +44 -20
- package/lib/types/index.d.ts +0 -1
- package/lib/util/console.d.ts +1 -1
- package/lib/util/index.d.ts +0 -1
- package/lib/util/sharedStorage.d.ts +1 -1
- package/lib/util/types.d.ts +1 -1
- package/lib/util/url.d.ts +2 -2
- package/package.json +10 -7
- package/polyfill/index.js +1 -0
- package/cjs/util/emailVerify.js +0 -28
- package/cjs/util/emailVerify.js.map +0 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","options","tokenParams","token","prepareTokenParams","
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","options","tokenParams","token","prepareTokenParams","pkceMeta","flow","withCredentials","activationToken","undefined","recoveryToken","meta","hasSavedInteractionHandle","savedMeta","getSavedTransactionMeta","interactionHandle","transactionManager","load","e","isTransactionMetaValid","getTransactionMeta","validExistingMeta","saveTransactionMeta","save","muteWarning","clearTransactionMeta","clear","keys","isTransactionMetaValidForOptions","isTransactionMetaValidForFlow","shouldValidateFlow","mismatch","some","key","value"],"mappings":";;;;;;;;;;;;AAcA;;AACA;;AAfA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,qBAAf,CACLC,UADK,EAELC,OAA+B,GAAG,EAF7B,EAGwB;AAC7B,QAAMC,WAAW,GAAG,MAAMF,UAAU,CAACG,KAAX,CAAiBC,kBAAjB,CAAoCH,OAApC,CAA1B;AACA,QAAMI,QAAQ,GAAG,2BAAgBL,UAAhB,EAA4BE,WAA5B,CAAjB;AACA,MAAI;AACFI,IAAAA,IAAI,GAAG,SADL;AAEFC,IAAAA,eAAe,GAAG,IAFhB;AAGFC,IAAAA,eAAe,GAAGC,SAHhB;AAIFC,IAAAA,aAAa,GAAGD;AAJd,MAKA,EAAE,GAAGT,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GALJ,CAH6B,CAQc;;AAE3C,QAAMU,IAAwB,GAAG,EAC/B,GAAGN,QAD4B;AAE/BC,IAAAA,IAF+B;AAG/BC,IAAAA,eAH+B;AAI/BC,IAAAA,eAJ+B;AAK/BE,IAAAA;AAL+B,GAAjC;AAOA,SAAOC,IAAP;AACD;;AAEM,SAASC,yBAAT,CAAmCZ,UAAnC,EAAkEC,OAAlE,EAA6G;AAClH,QAAMY,SAAS,GAAGC,uBAAuB,CAACd,UAAD,EAAaC,OAAb,CAAzC;;AACA,MAAIY,SAAJ,aAAIA,SAAJ,eAAIA,SAAS,CAAEE,iBAAf,EAAkC;AAChC,WAAO,IAAP;AACD;;AACD,SAAO,KAAP;AACD,C,CAED;;;AACO,SAASD,uBAAT,CACLd,UADK,EAELC,OAFK,EAG2B;AAChCA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;AACAA,EAAAA,OAAO,GAAG,EAAE,GAAGD,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GAAV,CAFgC,CAEiB;;AACjD,MAAIY,SAAJ;;AACA,MAAI;AACFA,IAAAA,SAAS,GAAGb,UAAU,CAACgB,kBAAX,CAA8BC,IAA9B,CAAmChB,OAAnC,CAAZ;AACD,GAFD,CAEE,OAAOiB,CAAP,EAAU,CACV;AACD;;AAED,MAAI,CAACL,SAAL,EAAgB;AACd;AACD;;AAED,MAAIM,sBAAsB,CAACN,SAAD,EAAYZ,OAAZ,CAA1B,EAAgD;AAC9C,WAAOY,SAAP;AACD,GAhB+B,CAkBhC;AACA;AACA;;;AACA,kBAAK,sEACH,4DADF;AAGD;;AAEM,eAAeO,kBAAf,CACLpB,UADK,EAELC,OAFK,EAGwB;AAC7BA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;AACAA,EAAAA,OAAO,GAAG,EAAE,GAAGD,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GAAV,CAF6B,CAEoB;AACjD;;AACA,QAAMoB,iBAAiB,GAAGP,uBAAuB,CAACd,UAAD,EAAaC,OAAb,CAAjD;;AACA,MAAIoB,iBAAJ,EAAuB;AACrB,WAAOA,iBAAP;AACD,GAP4B,CAQ7B;;;AACA,SAAOtB,qBAAqB,CAACC,UAAD,EAAaC,OAAb,CAA5B;AACD;;AAEM,SAASqB,mBAAT,CAA8BtB,UAA9B,EAA6DW,IAA7D,EAAyE;AAC9EX,EAAAA,UAAU,CAACgB,kBAAX,CAA8BO,IAA9B,CAAmCZ,IAAnC,EAAyC;AAAEa,IAAAA,WAAW,EAAE;AAAf,GAAzC;AACD;;AAEM,SAASC,oBAAT,CAA+BzB,UAA/B,EAAoE;AACzEA,EAAAA,UAAU,CAACgB,kBAAX,CAA8BU,KAA9B;AACD;;AAEM,SAASP,sBAAT,CAAiCR,IAAjC,EAAuCV,OAA+B,GAAI,EAA1E,EAAuF;AAC5F;AACA,QAAM0B,IAAI,GAAG,CACX,QADW,EAEX,UAFW,EAGX,aAHW,EAIX,OAJW,EAKX,eALW,EAMX,qBANW,EAOX,iBAPW,EAQX,eARW,CAAb;;AAUA,MAAIC,gCAAgC,CAACjB,IAAD,EAAOV,OAAP,EAAgB0B,IAAhB,CAAhC,KAA0D,KAA9D,EAAqE;AACnE,WAAO,KAAP;AACD,GAd2F,CAgB5F;;;AACA,QAAM;AAAErB,IAAAA;AAAF,MAAWL,OAAjB;;AACA,MAAI4B,6BAA6B,CAAClB,IAAD,EAAOL,IAAP,CAA7B,KAA8C,KAAlD,EAAyD;AACvD,WAAO,KAAP;AACD;;AAED,SAAO,IAAP;AACD;;AAEM,SAASuB,6BAAT,CAAuClB,IAAvC,EAA6CL,IAA7C,EAAmD;AACxD;AACA,QAAMwB,kBAAkB,GAAGxB,IAAI,IAAIA,IAAI,KAAK,SAAjB,IAA8BA,IAAI,KAAK,SAAlE;;AACA,MAAIwB,kBAAJ,EAAwB;AACtB,QAAIxB,IAAI,KAAKK,IAAI,CAACL,IAAlB,EAAwB;AACtB;AACA,aAAO,KAAP;AACD;AACF;;AACD,SAAO,IAAP;AACD;;AAEM,SAASsB,gCAAT,CAA0CjB,IAA1C,EAAgDV,OAAhD,EAAyD0B,IAAzD,EAA+D;AACpE;AACA;AACA,QAAMI,QAAQ,GAAGJ,IAAI,CAACK,IAAL,CAAUC,GAAG,IAAI;AAChC,UAAMC,KAAK,GAAGjC,OAAO,CAACgC,GAAD,CAArB;;AACA,QAAIC,KAAK,IAAIA,KAAK,KAAKvB,IAAI,CAACsB,GAAD,CAA3B,EAAkC;AAChC,aAAO,IAAP;AACD;AACF,GALgB,CAAjB;AAMA,SAAO,CAACF,QAAR;AACD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuthInterface, IdxTransactionMeta, TransactionMetaOptions, PKCETransactionMeta } from '../types';\nimport { removeNils, warn } from '../util';\nimport { createOAuthMeta } from '../oidc';\n\n// Calculate new values\nexport async function createTransactionMeta(\n authClient: OktaAuthInterface,\n options: TransactionMetaOptions = {}\n): Promise<IdxTransactionMeta> {\n const tokenParams = await authClient.token.prepareTokenParams(options);\n const pkceMeta = createOAuthMeta(authClient, tokenParams) as PKCETransactionMeta;\n let {\n flow = 'default',\n withCredentials = true,\n activationToken = undefined,\n recoveryToken = undefined,\n } = { ...authClient.options, ...options }; // local options override SDK options\n\n const meta: IdxTransactionMeta = {\n ...pkceMeta,\n flow,\n withCredentials,\n activationToken,\n recoveryToken,\n };\n return meta;\n}\n\nexport function hasSavedInteractionHandle(authClient: OktaAuthInterface, options?: TransactionMetaOptions): boolean {\n const savedMeta = getSavedTransactionMeta(authClient, options);\n if (savedMeta?.interactionHandle) {\n return true;\n }\n return false;\n}\n\n// Returns the saved transaction meta, if it exists and is valid\nexport function getSavedTransactionMeta(\n authClient: OktaAuthInterface,\n options?: TransactionMetaOptions\n): IdxTransactionMeta | undefined {\n options = removeNils(options);\n options = { ...authClient.options, ...options }; // local options override SDK options\n let savedMeta;\n try {\n savedMeta = authClient.transactionManager.load(options) as IdxTransactionMeta;\n } catch (e) {\n // ignore errors here\n }\n\n if (!savedMeta) {\n return;\n }\n\n if (isTransactionMetaValid(savedMeta, options)) {\n return savedMeta;\n }\n\n // existing meta is not valid for this configuration\n // this is common when changing configuration in local development environment\n // in a production environment, this may indicate that two apps are sharing a storage key\n warn('Saved transaction meta does not match the current configuration. ' + \n 'This may indicate that two apps are sharing a storage key.');\n\n}\n\nexport async function getTransactionMeta(\n authClient: OktaAuthInterface,\n options?: TransactionMetaOptions\n): Promise<IdxTransactionMeta> {\n options = removeNils(options);\n options = { ...authClient.options, ...options }; // local options override SDK options\n // Load existing transaction meta from storage\n const validExistingMeta = getSavedTransactionMeta(authClient, options);\n if (validExistingMeta) {\n return validExistingMeta;\n }\n // No existing? Create new transaction meta.\n return createTransactionMeta(authClient, options);\n}\n\nexport function saveTransactionMeta (authClient: OktaAuthInterface, meta): void {\n authClient.transactionManager.save(meta, { muteWarning: true });\n}\n\nexport function clearTransactionMeta (authClient: OktaAuthInterface): void {\n authClient.transactionManager.clear();\n}\n\nexport function isTransactionMetaValid (meta, options: TransactionMetaOptions = {}): boolean {\n // Validate against certain options. If these exist in options, they must match in meta\n const keys = [\n 'issuer',\n 'clientId',\n 'redirectUri',\n 'state',\n 'codeChallenge',\n 'codeChallengeMethod',\n 'activationToken',\n 'recoveryToken'\n ];\n if (isTransactionMetaValidForOptions(meta, options, keys) === false) {\n return false;\n }\n\n // Validate configured flow\n const { flow } = options;\n if (isTransactionMetaValidForFlow(meta, flow) === false) {\n return false;\n }\n\n return true;\n}\n\nexport function isTransactionMetaValidForFlow(meta, flow) {\n // Specific flows should not share transaction data\n const shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';\n if (shouldValidateFlow) {\n if (flow !== meta.flow) {\n // The flow has changed; abandon the old transaction\n return false;\n }\n }\n return true;\n}\n\nexport function isTransactionMetaValidForOptions(meta, options, keys) {\n // returns false if values in meta do not match options\n // if the option does not have a value for a specific key, it is ignored\n const mismatch = keys.some(key => {\n const value = options[key];\n if (value && value !== meta[key]) {\n return true;\n }\n });\n return !mismatch;\n}\n"],"file":"transactionMeta.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/types/idx-js.ts"],"names":["isRawIdxResponse","obj","version","isIdxResponse","rawIdxState"],"mappings":";;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA;
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/types/idx-js.ts"],"names":["isRawIdxResponse","obj","version","isIdxResponse","rawIdxState"],"mappings":";;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA;AA0KA;AAaO,SAASA,gBAAT,CAA0BC,GAA1B,EAA2D;AAChE,SAAOA,GAAG,IAAIA,GAAG,CAACC,OAAlB;AACD;;AAoBM,SAASC,aAAT,CAAuBF,GAAvB,EAAqD;AAC1D,SAAOA,GAAG,IAAID,gBAAgB,CAACC,GAAG,CAACG,WAAL,CAA9B;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n// TODO: remove when idx-js provides type information\n\nexport interface ChallengeData {\n challenge: string; \n userVerification: string; \n extensions?: {\n appid: string;\n };\n}\nexport interface ActivationData {\n challenge: string;\n rp: {\n name: string;\n };\n user: {\n id: string;\n name: string;\n displayName: string;\n };\n pubKeyCredParams: {\n type: string;\n alg: number;\n }[];\n attestation?: string;\n authenticatorSelection?: {\n userVerification?: string;\n authenticatorAttachment?: string;\n requireResidentKey?: boolean;\n residentKey?: string;\n };\n excludeCredentials?: {\n id: string;\n type: string;\n }[];\n}\nexport interface IdxAuthenticatorMethod {\n type: string;\n}\nexport interface IdxAuthenticator {\n displayName: string;\n id: string;\n key: string;\n methods: IdxAuthenticatorMethod[];\n type: string;\n settings?: {\n complexity?: unknown;\n age?: unknown;\n };\n contextualData?: {\n enrolledQuestion?: {\n question: string;\n questionKey: string;\n };\n qrcode?: { \n href: string; \n method: string; \n type: string; \n };\n sharedSecret?: string;\n questions?: {\n questionKey: string;\n question: string;\n }[];\n questionKeys?: string[];\n selectedChannel?: string;\n activationData?: ActivationData;\n challengeData?: ChallengeData;\n };\n credentialId?: string;\n}\n\nexport interface IdxForm {\n value: IdxRemediationValue[];\n}\n\nexport interface IdxOption {\n value: string | { form: IdxForm };\n label: string;\n relatesTo?: IdxAuthenticator;\n}\n\nexport interface IdpConfig {\n id: string;\n name: string;\n}\n\nexport interface IdxRemediationValueForm {\n form: IdxForm;\n}\n\nexport interface IdxRemediationValue {\n name: string;\n type?: string;\n required?: boolean;\n secret?: boolean;\n visible?: boolean;\n mutable?: boolean;\n value?: string | IdxRemediationValueForm;\n label?: string;\n form?: IdxForm;\n options?: IdxOption[];\n messages?: IdxMessages;\n minLength?: number;\n maxLength?: number;\n}\n\nexport interface IdxRemediation {\n name: string;\n label?: string;\n value?: IdxRemediationValue[];\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n idp?: IdpConfig;\n href?: string;\n method?: string;\n type?: string;\n accepts?: string;\n refresh?: number;\n}\n\nexport interface IdxContext {\n version: string;\n stateHandle: string;\n expiresAt: string;\n intent: string;\n currentAuthenticator: {\n type: string;\n value: IdxAuthenticator;\n };\n authenticators: {\n type: string;\n value: IdxAuthenticator[];\n };\n authenticatorEnrollments: {\n type: string;\n value: IdxAuthenticator[];\n };\n enrollmentAuthenticator: {\n type: string;\n value: IdxAuthenticator;\n };\n user: {\n type: string;\n value: Record<string, unknown>;\n };\n app: {\n type: string;\n value: Record<string, unknown>;\n };\n messages?: IdxMessages;\n success?: IdxRemediation;\n failure?: IdxRemediation;\n}\n\nexport interface IdxMessage {\n message: string;\n class: string;\n i18n: {\n key: string;\n params?: unknown[];\n };\n}\n\nexport interface IdxMessages {\n type: 'array';\n value: IdxMessage[];\n}\n\n// JSON response from the server\nexport interface RawIdxResponse {\n version: string;\n stateHandle: string;\n intent?: string;\n expiresAt?: string;\n remediation?: {\n type: 'array';\n value: IdxRemediation[];\n };\n messages?: IdxMessages;\n}\n\nexport function isRawIdxResponse(obj: any): obj is RawIdxResponse {\n return obj && obj.version;\n}\n\n\nexport interface IdxActions {\n [key: string]: Function;\n}\n\n// Object returned from idx-js\nexport interface IdxResponse {\n proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n neededToProceed: IdxRemediation[];\n rawIdxState: RawIdxResponse;\n interactionCode?: string;\n actions: IdxActions;\n toPersist: {\n interactionHandle?: string;\n };\n context?: IdxContext;\n}\n\nexport function isIdxResponse(obj: any): obj is IdxResponse {\n return obj && isRawIdxResponse(obj.rawIdxState);\n}\n"],"file":"idx-js.js"}
|
package/cjs/idx/types/index.js
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
-
Object.defineProperty(exports, "
|
|
3
|
+
Object.defineProperty(exports, "IdxAuthenticator", {
|
|
4
4
|
enumerable: true,
|
|
5
5
|
get: function () {
|
|
6
|
-
return
|
|
6
|
+
return _idxJs.IdxAuthenticator;
|
|
7
7
|
}
|
|
8
8
|
});
|
|
9
9
|
Object.defineProperty(exports, "IdxMessage", {
|
|
@@ -12,6 +12,24 @@ Object.defineProperty(exports, "IdxMessage", {
|
|
|
12
12
|
return _idxJs.IdxMessage;
|
|
13
13
|
}
|
|
14
14
|
});
|
|
15
|
+
Object.defineProperty(exports, "ChallengeData", {
|
|
16
|
+
enumerable: true,
|
|
17
|
+
get: function () {
|
|
18
|
+
return _idxJs.ChallengeData;
|
|
19
|
+
}
|
|
20
|
+
});
|
|
21
|
+
Object.defineProperty(exports, "ActivationData", {
|
|
22
|
+
enumerable: true,
|
|
23
|
+
get: function () {
|
|
24
|
+
return _idxJs.ActivationData;
|
|
25
|
+
}
|
|
26
|
+
});
|
|
27
|
+
Object.defineProperty(exports, "FlowIdentifier", {
|
|
28
|
+
enumerable: true,
|
|
29
|
+
get: function () {
|
|
30
|
+
return _FlowIdentifier.FlowIdentifier;
|
|
31
|
+
}
|
|
32
|
+
});
|
|
15
33
|
Object.defineProperty(exports, "AuthenticationOptions", {
|
|
16
34
|
enumerable: true,
|
|
17
35
|
get: function () {
|
|
@@ -30,6 +48,12 @@ Object.defineProperty(exports, "PasswordRecoveryOptions", {
|
|
|
30
48
|
return _recoverPassword.PasswordRecoveryOptions;
|
|
31
49
|
}
|
|
32
50
|
});
|
|
51
|
+
Object.defineProperty(exports, "AccountUnlockOptions", {
|
|
52
|
+
enumerable: true,
|
|
53
|
+
get: function () {
|
|
54
|
+
return _unlockAccount.AccountUnlockOptions;
|
|
55
|
+
}
|
|
56
|
+
});
|
|
33
57
|
Object.defineProperty(exports, "ProceedOptions", {
|
|
34
58
|
enumerable: true,
|
|
35
59
|
get: function () {
|
|
@@ -42,22 +66,48 @@ Object.defineProperty(exports, "CancelOptions", {
|
|
|
42
66
|
return _cancel.CancelOptions;
|
|
43
67
|
}
|
|
44
68
|
});
|
|
69
|
+
Object.defineProperty(exports, "EmailVerifyCallbackResponse", {
|
|
70
|
+
enumerable: true,
|
|
71
|
+
get: function () {
|
|
72
|
+
return _emailVerify.EmailVerifyCallbackResponse;
|
|
73
|
+
}
|
|
74
|
+
});
|
|
75
|
+
Object.defineProperty(exports, "WebauthnEnrollValues", {
|
|
76
|
+
enumerable: true,
|
|
77
|
+
get: function () {
|
|
78
|
+
return _WebauthnEnrollment.WebauthnEnrollValues;
|
|
79
|
+
}
|
|
80
|
+
});
|
|
81
|
+
Object.defineProperty(exports, "WebauthnVerificationValues", {
|
|
82
|
+
enumerable: true,
|
|
83
|
+
get: function () {
|
|
84
|
+
return _WebauthnVerification.WebauthnVerificationValues;
|
|
85
|
+
}
|
|
86
|
+
});
|
|
45
87
|
exports.IdxFeature = exports.AuthenticatorKey = exports.IdxStatus = void 0;
|
|
46
88
|
|
|
47
|
-
var _FlowIdentifier = require("./FlowIdentifier");
|
|
48
|
-
|
|
49
89
|
var _idxJs = require("./idx-js");
|
|
50
90
|
|
|
91
|
+
var _FlowIdentifier = require("./FlowIdentifier");
|
|
92
|
+
|
|
51
93
|
var _authenticate = require("../authenticate");
|
|
52
94
|
|
|
53
95
|
var _register = require("../register");
|
|
54
96
|
|
|
55
97
|
var _recoverPassword = require("../recoverPassword");
|
|
56
98
|
|
|
99
|
+
var _unlockAccount = require("../unlockAccount");
|
|
100
|
+
|
|
57
101
|
var _proceed = require("../proceed");
|
|
58
102
|
|
|
59
103
|
var _cancel = require("../cancel");
|
|
60
104
|
|
|
105
|
+
var _emailVerify = require("../emailVerify");
|
|
106
|
+
|
|
107
|
+
var _WebauthnEnrollment = require("../authenticator/WebauthnEnrollment");
|
|
108
|
+
|
|
109
|
+
var _WebauthnVerification = require("../authenticator/WebauthnVerification");
|
|
110
|
+
|
|
61
111
|
/*!
|
|
62
112
|
* Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
63
113
|
* The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
|
|
@@ -90,14 +140,16 @@ exports.AuthenticatorKey = AuthenticatorKey;
|
|
|
90
140
|
AuthenticatorKey["GOOGLE_AUTHENTICATOR"] = "google_otp";
|
|
91
141
|
AuthenticatorKey["SECURITY_QUESTION"] = "security_question";
|
|
92
142
|
AuthenticatorKey["OKTA_VERIFY"] = "okta_verify";
|
|
143
|
+
AuthenticatorKey["WEBAUTHN"] = "webauthn";
|
|
93
144
|
})(AuthenticatorKey || (exports.AuthenticatorKey = AuthenticatorKey = {}));
|
|
94
145
|
|
|
95
146
|
let IdxFeature;
|
|
96
147
|
exports.IdxFeature = IdxFeature;
|
|
97
148
|
|
|
98
149
|
(function (IdxFeature) {
|
|
99
|
-
IdxFeature[
|
|
100
|
-
IdxFeature[
|
|
101
|
-
IdxFeature[
|
|
150
|
+
IdxFeature["PASSWORD_RECOVERY"] = "recover-password";
|
|
151
|
+
IdxFeature["REGISTRATION"] = "enroll-profile";
|
|
152
|
+
IdxFeature["SOCIAL_IDP"] = "redirect-idp";
|
|
153
|
+
IdxFeature["ACCOUNT_UNLOCK"] = "unlock-account";
|
|
102
154
|
})(IdxFeature || (exports.IdxFeature = IdxFeature = {}));
|
|
103
155
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/types/index.ts"],"names":["IdxStatus","AuthenticatorKey","IdxFeature"],"mappings":"
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/types/index.ts"],"names":["IdxStatus","AuthenticatorKey","IdxFeature"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiBA;;AAWA;;AAGA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAGA;;AACA;;AACA;;AAzCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IAiCYA,S;;;WAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;GAAAA,S,yBAAAA,S;;IAQAC,gB;;;WAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;GAAAA,gB,gCAAAA,gB;;IAgCAC,U;;;WAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;GAAAA,U,0BAAAA,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { InteractOptions } from '../interact';\nimport { IntrospectOptions } from '../introspect';\nimport { APIError, Tokens } from '../../types';\nimport { PKCETransactionMeta } from '../../types/Transaction';\nimport { \n IdxActions, \n IdxAuthenticator, \n IdxContext,\n IdxForm,\n IdxMessage, \n IdxOption, \n IdxRemediation, \n IdxResponse, \n RawIdxResponse \n} from './idx-js';\nimport { FlowIdentifier } from './FlowIdentifier';\n\nexport { IdxMessage, ChallengeData, ActivationData } from './idx-js';\nexport { AuthenticationOptions } from '../authenticate';\nexport { RegistrationOptions } from '../register';\nexport { PasswordRecoveryOptions } from '../recoverPassword';\nexport { AccountUnlockOptions } from '../unlockAccount';\nexport { ProceedOptions } from '../proceed';\nexport { CancelOptions } from '../cancel';\nexport { FlowIdentifier };\nexport { IdxAuthenticator };\nexport { EmailVerifyCallbackResponse } from '../emailVerify';\nexport { WebauthnEnrollValues } from '../authenticator/WebauthnEnrollment';\nexport { WebauthnVerificationValues } from '../authenticator/WebauthnVerification';\n\nexport enum IdxStatus {\n SUCCESS = 'SUCCESS',\n PENDING = 'PENDING',\n FAILURE = 'FAILURE',\n TERMINAL = 'TERMINAL',\n CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n OKTA_PASSWORD = 'okta_password',\n OKTA_EMAIL = 'okta_email',\n PHONE_NUMBER = 'phone_number',\n GOOGLE_AUTHENTICATOR = 'google_otp',\n SECURITY_QUESTION = 'security_question',\n OKTA_VERIFY = 'okta_verify',\n WEBAUTHN = 'webauthn',\n}\n\nexport type Input = {\n name: string;\n type?: string;\n label?: string;\n value?: string | {form: IdxForm};\n minLength?: number;\n maxLength?: number;\n secret?: boolean;\n required?: boolean;\n}\n\nexport type NextStep = {\n name: string;\n authenticator?: IdxAuthenticator;\n canSkip?: boolean;\n canResend?: boolean;\n inputs?: Input[];\n options?: IdxOption[];\n poll?: IdxPollOptions;\n authenticatorEnrollments?: IdxAuthenticator[];\n}\n\nexport enum IdxFeature {\n PASSWORD_RECOVERY = 'recover-password',\n REGISTRATION = 'enroll-profile',\n SOCIAL_IDP = 'redirect-idp',\n ACCOUNT_UNLOCK = 'unlock-account',\n}\n\nexport interface IdxTransactionMeta extends PKCETransactionMeta {\n interactionHandle?: string;\n remediations?: string[];\n flow?: FlowIdentifier;\n withCredentials?: boolean;\n activationToken?: string;\n recoveryToken?: string;\n}\n\nexport interface IdxTransaction {\n status: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n\n // from idx-js, used by signin widget\n proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n neededToProceed: IdxRemediation[];\n rawIdxState: RawIdxResponse;\n interactionCode?: string;\n actions: IdxActions;\n context: IdxContext;\n}\n\nexport type IdxOptions = InteractOptions & IntrospectOptions & {\n flow?: FlowIdentifier;\n exchangeCodeForTokens?: boolean;\n autoRemediate?: boolean;\n};\n\nexport interface IdxPollOptions {\n required?: boolean;\n refresh?: number;\n}\n\nexport type Authenticator = {\n key: string;\n methodType?: string;\n phoneNumber?: string;\n};\n"],"file":"index.js"}
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
|
|
4
|
+
|
|
5
|
+
exports.unlockAccount = unlockAccount;
|
|
6
|
+
|
|
7
|
+
var _includes = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/includes"));
|
|
8
|
+
|
|
9
|
+
var _run = require("./run");
|
|
10
|
+
|
|
11
|
+
var _transactionMeta = require("./transactionMeta");
|
|
12
|
+
|
|
13
|
+
var _startTransaction = require("./startTransaction");
|
|
14
|
+
|
|
15
|
+
var _errors = require("../errors");
|
|
16
|
+
|
|
17
|
+
var _types = require("../types");
|
|
18
|
+
|
|
19
|
+
/*!
|
|
20
|
+
* Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
21
|
+
* The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
|
|
22
|
+
*
|
|
23
|
+
* You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
|
|
24
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
25
|
+
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
26
|
+
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
27
|
+
*
|
|
28
|
+
* See the License for the specific language governing permissions and limitations under the License.
|
|
29
|
+
*/
|
|
30
|
+
async function unlockAccount(authClient, options = {}) {
|
|
31
|
+
options.flow = 'unlockAccount'; // Only check at the beginning of the transaction
|
|
32
|
+
|
|
33
|
+
if (!(0, _transactionMeta.hasSavedInteractionHandle)(authClient)) {
|
|
34
|
+
const {
|
|
35
|
+
enabledFeatures
|
|
36
|
+
} = await (0, _startTransaction.startTransaction)(authClient, { ...options,
|
|
37
|
+
autoRemediate: false
|
|
38
|
+
});
|
|
39
|
+
|
|
40
|
+
if (enabledFeatures && !(0, _includes.default)(enabledFeatures).call(enabledFeatures, _types.IdxFeature.ACCOUNT_UNLOCK)) {
|
|
41
|
+
throw new _errors.AuthSdkError('Self Service Account Unlock is not supported based on your current org configuration.');
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
return (0, _run.run)(authClient, { ...options
|
|
46
|
+
});
|
|
47
|
+
}
|
|
48
|
+
//# sourceMappingURL=unlockAccount.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/unlockAccount.ts"],"names":["unlockAccount","authClient","options","flow","enabledFeatures","autoRemediate","IdxFeature","ACCOUNT_UNLOCK","AuthSdkError"],"mappings":";;;;;;;;AAaA;;AACA;;AACA;;AAQA;;AACA;;AAxBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA4BO,eAAeA,aAAf,CACLC,UADK,EAC0BC,OAA6B,GAAG,EAD1D,EAEoB;AACzBA,EAAAA,OAAO,CAACC,IAAR,GAAe,eAAf,CADyB,CAGzB;;AACA,MAAI,CAAC,gDAA0BF,UAA1B,CAAL,EAA4C;AAC1C,UAAM;AAAEG,MAAAA;AAAF,QAAsB,MAAM,wCAAiBH,UAAjB,EAA6B,EAAE,GAAGC,OAAL;AAAcG,MAAAA,aAAa,EAAE;AAA7B,KAA7B,CAAlC;;AACA,QAAID,eAAe,IAAI,CAAC,uBAAAA,eAAe,MAAf,CAAAA,eAAe,EAAUE,kBAAWC,cAArB,CAAvC,EAA6E;AAC3E,YAAM,IAAIC,oBAAJ,CACJ,uFADI,CAAN;AAGD;AACF;;AAED,SAAO,cAAIP,UAAJ,EAAgB,EAAE,GAAGC;AAAL,GAAhB,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { hasSavedInteractionHandle } from './transactionMeta';\nimport { startTransaction } from './startTransaction';\nimport {\n IdentifyValues,\n SelectAuthenticatorUnlockAccountValues,\n SelectAuthenticatorAuthenticateValues,\n ChallengeAuthenticatorValues,\n AuthenticatorVerificationDataValues\n} from './remediators';\nimport { AuthSdkError } from '../errors';\nimport { \n OktaAuthInterface, \n IdxOptions, \n IdxTransaction,\n IdxFeature,\n} from '../types';\n\nexport type AccountUnlockOptions = IdxOptions\n & IdentifyValues\n & SelectAuthenticatorUnlockAccountValues\n & SelectAuthenticatorAuthenticateValues\n & ChallengeAuthenticatorValues\n & AuthenticatorVerificationDataValues;\n\nexport async function unlockAccount(\n authClient: OktaAuthInterface, options: AccountUnlockOptions = {}\n): Promise<IdxTransaction> {\n options.flow = 'unlockAccount';\n\n // Only check at the beginning of the transaction\n if (!hasSavedInteractionHandle(authClient)) {\n const { enabledFeatures } = await startTransaction(authClient, { ...options, autoRemediate: false });\n if (enabledFeatures && !enabledFeatures.includes(IdxFeature.ACCOUNT_UNLOCK)) {\n throw new AuthSdkError(\n 'Self Service Account Unlock is not supported based on your current org configuration.'\n );\n }\n }\n\n return run(authClient, { ...options });\n}\n"],"file":"unlockAccount.js"}
|
package/cjs/index.js
CHANGED
|
@@ -1,6 +1,12 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
-
var
|
|
3
|
+
var _WeakMap = require("@babel/runtime-corejs3/core-js-stable/weak-map");
|
|
4
|
+
|
|
5
|
+
var _Object$getOwnPropertyDescriptor = require("@babel/runtime-corejs3/core-js-stable/object/get-own-property-descriptor");
|
|
6
|
+
|
|
7
|
+
var _Object$keys = require("@babel/runtime-corejs3/core-js-stable/object/keys");
|
|
8
|
+
|
|
9
|
+
var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
|
|
4
10
|
|
|
5
11
|
var _exportNames = {
|
|
6
12
|
crypto: true,
|
|
@@ -22,7 +28,7 @@ var _OktaAuth = _interopRequireDefault(require("./OktaAuth"));
|
|
|
22
28
|
|
|
23
29
|
var _constants = require("./constants");
|
|
24
30
|
|
|
25
|
-
|
|
31
|
+
_Object$keys(_constants).forEach(function (key) {
|
|
26
32
|
if (key === "default" || key === "__esModule") return;
|
|
27
33
|
if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
|
|
28
34
|
if (key in exports && exports[key] === _constants[key]) return;
|
|
@@ -34,9 +40,23 @@ Object.keys(_constants).forEach(function (key) {
|
|
|
34
40
|
});
|
|
35
41
|
});
|
|
36
42
|
|
|
43
|
+
var _idx = require("./idx");
|
|
44
|
+
|
|
45
|
+
_Object$keys(_idx).forEach(function (key) {
|
|
46
|
+
if (key === "default" || key === "__esModule") return;
|
|
47
|
+
if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
|
|
48
|
+
if (key in exports && exports[key] === _idx[key]) return;
|
|
49
|
+
Object.defineProperty(exports, key, {
|
|
50
|
+
enumerable: true,
|
|
51
|
+
get: function () {
|
|
52
|
+
return _idx[key];
|
|
53
|
+
}
|
|
54
|
+
});
|
|
55
|
+
});
|
|
56
|
+
|
|
37
57
|
var _types = require("./types");
|
|
38
58
|
|
|
39
|
-
|
|
59
|
+
_Object$keys(_types).forEach(function (key) {
|
|
40
60
|
if (key === "default" || key === "__esModule") return;
|
|
41
61
|
if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
|
|
42
62
|
if (key in exports && exports[key] === _types[key]) return;
|
|
@@ -50,7 +70,7 @@ Object.keys(_types).forEach(function (key) {
|
|
|
50
70
|
|
|
51
71
|
var _tx = require("./tx");
|
|
52
72
|
|
|
53
|
-
|
|
73
|
+
_Object$keys(_tx).forEach(function (key) {
|
|
54
74
|
if (key === "default" || key === "__esModule") return;
|
|
55
75
|
if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
|
|
56
76
|
if (key in exports && exports[key] === _tx[key]) return;
|
|
@@ -64,7 +84,7 @@ Object.keys(_tx).forEach(function (key) {
|
|
|
64
84
|
|
|
65
85
|
var _errors = require("./errors");
|
|
66
86
|
|
|
67
|
-
|
|
87
|
+
_Object$keys(_errors).forEach(function (key) {
|
|
68
88
|
if (key === "default" || key === "__esModule") return;
|
|
69
89
|
if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
|
|
70
90
|
if (key in exports && exports[key] === _errors[key]) return;
|
|
@@ -78,7 +98,7 @@ Object.keys(_errors).forEach(function (key) {
|
|
|
78
98
|
|
|
79
99
|
var _oidc = require("./oidc");
|
|
80
100
|
|
|
81
|
-
|
|
101
|
+
_Object$keys(_oidc).forEach(function (key) {
|
|
82
102
|
if (key === "default" || key === "__esModule") return;
|
|
83
103
|
if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
|
|
84
104
|
if (key in exports && exports[key] === _oidc[key]) return;
|
|
@@ -92,7 +112,7 @@ Object.keys(_oidc).forEach(function (key) {
|
|
|
92
112
|
|
|
93
113
|
var _StorageManager = require("./StorageManager");
|
|
94
114
|
|
|
95
|
-
|
|
115
|
+
_Object$keys(_StorageManager).forEach(function (key) {
|
|
96
116
|
if (key === "default" || key === "__esModule") return;
|
|
97
117
|
if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
|
|
98
118
|
if (key in exports && exports[key] === _StorageManager[key]) return;
|
|
@@ -106,7 +126,7 @@ Object.keys(_StorageManager).forEach(function (key) {
|
|
|
106
126
|
|
|
107
127
|
var _TransactionManager = require("./TransactionManager");
|
|
108
128
|
|
|
109
|
-
|
|
129
|
+
_Object$keys(_TransactionManager).forEach(function (key) {
|
|
110
130
|
if (key === "default" || key === "__esModule") return;
|
|
111
131
|
if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
|
|
112
132
|
if (key in exports && exports[key] === _TransactionManager[key]) return;
|
|
@@ -120,7 +140,7 @@ Object.keys(_TransactionManager).forEach(function (key) {
|
|
|
120
140
|
|
|
121
141
|
var _TokenManager = require("./TokenManager");
|
|
122
142
|
|
|
123
|
-
|
|
143
|
+
_Object$keys(_TokenManager).forEach(function (key) {
|
|
124
144
|
if (key === "default" || key === "__esModule") return;
|
|
125
145
|
if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
|
|
126
146
|
if (key in exports && exports[key] === _TokenManager[key]) return;
|
|
@@ -134,7 +154,7 @@ Object.keys(_TokenManager).forEach(function (key) {
|
|
|
134
154
|
|
|
135
155
|
var _AuthStateManager = require("./AuthStateManager");
|
|
136
156
|
|
|
137
|
-
|
|
157
|
+
_Object$keys(_AuthStateManager).forEach(function (key) {
|
|
138
158
|
if (key === "default" || key === "__esModule") return;
|
|
139
159
|
if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
|
|
140
160
|
if (key in exports && exports[key] === _AuthStateManager[key]) return;
|
|
@@ -148,7 +168,7 @@ Object.keys(_AuthStateManager).forEach(function (key) {
|
|
|
148
168
|
|
|
149
169
|
var _util = require("./util");
|
|
150
170
|
|
|
151
|
-
|
|
171
|
+
_Object$keys(_util).forEach(function (key) {
|
|
152
172
|
if (key === "default" || key === "__esModule") return;
|
|
153
173
|
if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
|
|
154
174
|
if (key in exports && exports[key] === _util[key]) return;
|
|
@@ -160,7 +180,7 @@ Object.keys(_util).forEach(function (key) {
|
|
|
160
180
|
});
|
|
161
181
|
});
|
|
162
182
|
|
|
163
|
-
function _getRequireWildcardCache(nodeInterop) { if (typeof
|
|
183
|
+
function _getRequireWildcardCache(nodeInterop) { if (typeof _WeakMap !== "function") return null; var cacheBabelInterop = new _WeakMap(); var cacheNodeInterop = new _WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
164
184
|
|
|
165
|
-
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty &&
|
|
185
|
+
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && _Object$getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? _Object$getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
166
186
|
//# sourceMappingURL=index.js.map
|
package/cjs/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../lib/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"sources":["../../lib/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAaA;;;;AAEA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport * as crypto from './crypto';\n\nexport { default as OktaAuth } from './OktaAuth';\nexport * from './constants';\nexport * from './idx';\nexport * from './types';\nexport * from './tx';\nexport * from './errors';\nexport * from './oidc';\nexport * from './StorageManager';\nexport * from './TransactionManager';\nexport * from './TokenManager';\nexport * from './AuthStateManager';\nexport * from './util';\nexport { crypto };\n"],"file":"index.js"}
|
|
@@ -1,12 +1,18 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
+
var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
|
|
4
|
+
|
|
3
5
|
exports.convertTokenParamsToOAuthParams = convertTokenParamsToOAuthParams;
|
|
4
6
|
exports.buildAuthorizeParams = buildAuthorizeParams;
|
|
5
7
|
|
|
8
|
+
var _indexOf = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/index-of"));
|
|
9
|
+
|
|
6
10
|
var _util = require("../../util");
|
|
7
11
|
|
|
8
12
|
var _errors = require("../../errors");
|
|
9
13
|
|
|
14
|
+
/* eslint-disable @typescript-eslint/no-non-null-assertion */
|
|
15
|
+
|
|
10
16
|
/*!
|
|
11
17
|
* Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
12
18
|
* The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
|
|
@@ -19,12 +25,14 @@ var _errors = require("../../errors");
|
|
|
19
25
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
20
26
|
*/
|
|
21
27
|
function convertTokenParamsToOAuthParams(tokenParams) {
|
|
28
|
+
var _context, _context2, _context3;
|
|
29
|
+
|
|
22
30
|
// Quick validation
|
|
23
31
|
if (!tokenParams.clientId) {
|
|
24
32
|
throw new _errors.AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');
|
|
25
33
|
}
|
|
26
34
|
|
|
27
|
-
if ((0, _util.isString)(tokenParams.responseType) && tokenParams.responseType.
|
|
35
|
+
if ((0, _util.isString)(tokenParams.responseType) && (0, _indexOf.default)(_context = tokenParams.responseType).call(_context, ' ') !== -1) {
|
|
28
36
|
throw new _errors.AuthSdkError('Multiple OAuth responseTypes must be defined as an array');
|
|
29
37
|
} // Convert our params to their actual OAuth equivalents
|
|
30
38
|
|
|
@@ -53,7 +61,7 @@ function convertTokenParamsToOAuthParams(tokenParams) {
|
|
|
53
61
|
}
|
|
54
62
|
});
|
|
55
63
|
|
|
56
|
-
if (tokenParams.responseType.
|
|
64
|
+
if ((0, _indexOf.default)(_context2 = tokenParams.responseType).call(_context2, 'id_token') !== -1 && (0, _indexOf.default)(_context3 = tokenParams.scopes).call(_context3, 'openid') === -1) {
|
|
57
65
|
throw new _errors.AuthSdkError('openid scope must be specified in the scopes argument when requesting an id_token');
|
|
58
66
|
} else {
|
|
59
67
|
oauthParams.scope = tokenParams.scopes.join(' ');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/oidc/endpoints/authorize.ts"],"names":["convertTokenParamsToOAuthParams","tokenParams","clientId","AuthSdkError","responseType","
|
|
1
|
+
{"version":3,"sources":["../../../../lib/oidc/endpoints/authorize.ts"],"names":["convertTokenParamsToOAuthParams","tokenParams","clientId","AuthSdkError","responseType","oauthParams","codeChallenge","codeChallengeMethod","display","idp","idpScope","loginHint","maxAge","nonce","prompt","redirectUri","responseMode","sessionToken","state","forEach","mayBeArray","Array","isArray","join","scopes","scope","buildAuthorizeParams","oauthQueryParams","extraParams"],"mappings":";;;;;;;;;AAcA;;AACA;;AAfA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAOO,SAASA,+BAAT,CAAyCC,WAAzC,EAAmE;AAAA;;AACxE;AACA,MAAI,CAACA,WAAW,CAACC,QAAjB,EAA2B;AACzB,UAAM,IAAIC,oBAAJ,CAAiB,yEAAjB,CAAN;AACD;;AAED,MAAI,oBAASF,WAAW,CAACG,YAArB,KAAsC,iCAAAH,WAAW,CAACG,YAAZ,iBAAiC,GAAjC,MAA0C,CAAC,CAArF,EAAwF;AACtF,UAAM,IAAID,oBAAJ,CAAiB,0DAAjB,CAAN;AACD,GARuE,CAUxE;;;AACA,MAAIE,WAAwB,GAAG;AAC7B,iBAAaJ,WAAW,CAACC,QADI;AAE7B,sBAAkBD,WAAW,CAACK,aAFD;AAG7B,6BAAyBL,WAAW,CAACM,mBAHR;AAI7B,eAAWN,WAAW,CAACO,OAJM;AAK7B,WAAOP,WAAW,CAACQ,GALU;AAM7B,iBAAaR,WAAW,CAACS,QANI;AAO7B,kBAAcT,WAAW,CAACU,SAPG;AAQ7B,eAAWV,WAAW,CAACW,MARM;AAS7B,aAASX,WAAW,CAACY,KATQ;AAU7B,cAAUZ,WAAW,CAACa,MAVO;AAW7B,oBAAgBb,WAAW,CAACc,WAXC;AAY7B,qBAAiBd,WAAW,CAACe,YAZA;AAa7B,qBAAiBf,WAAW,CAACG,YAbA;AAc7B,oBAAgBH,WAAW,CAACgB,YAdC;AAe7B,aAAShB,WAAW,CAACiB;AAfQ,GAA/B;AAiBAb,EAAAA,WAAW,GAAG,sBAAWA,WAAX,CAAd;AAEA,GAAC,WAAD,EAAc,eAAd,EAA+Bc,OAA/B,CAAuC,UAAUC,UAAV,EAAsB;AAC3D,QAAIC,KAAK,CAACC,OAAN,CAAcjB,WAAW,CAACe,UAAD,CAAzB,CAAJ,EAA4C;AAC1Cf,MAAAA,WAAW,CAACe,UAAD,CAAX,GAA0Bf,WAAW,CAACe,UAAD,CAAX,CAAwBG,IAAxB,CAA6B,GAA7B,CAA1B;AACD;AACF,GAJD;;AAMA,MAAI,kCAAAtB,WAAW,CAACG,YAAZ,kBAAkC,UAAlC,MAAkD,CAAC,CAAnD,IACF,kCAAAH,WAAW,CAACuB,MAAZ,kBAA4B,QAA5B,MAA0C,CAAC,CAD7C,EACgD;AAC9C,UAAM,IAAIrB,oBAAJ,CAAiB,mFAAjB,CAAN;AACD,GAHD,MAGO;AACLE,IAAAA,WAAW,CAACoB,KAAZ,GAAoBxB,WAAW,CAACuB,MAAZ,CAAoBD,IAApB,CAAyB,GAAzB,CAApB;AACD;;AAED,SAAOlB,WAAP;AACD;;AAEM,SAASqB,oBAAT,CAA8BzB,WAA9B,EAAwD;AAC7D,MAAI0B,gBAAgB,GAAG3B,+BAA+B,CAACC,WAAD,CAAtD;AACA,SAAO,yBAAc,EACnB,GAAG0B,gBADgB;AAEnB,QAAI1B,WAAW,CAAC2B,WAAZ,IAA2B,EAAE,GAAG3B,WAAW,CAAC2B;AAAjB,KAA/B;AAFmB,GAAd,CAAP;AAID","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { isString, removeNils, toQueryString } from '../../util';\nimport { AuthSdkError } from '../../errors';\nimport { OAuthParams, TokenParams } from '../../types';\n\nexport function convertTokenParamsToOAuthParams(tokenParams: TokenParams) {\n // Quick validation\n if (!tokenParams.clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');\n }\n\n if (isString(tokenParams.responseType) && tokenParams.responseType.indexOf(' ') !== -1) {\n throw new AuthSdkError('Multiple OAuth responseTypes must be defined as an array');\n }\n\n // Convert our params to their actual OAuth equivalents\n var oauthParams: OAuthParams = {\n 'client_id': tokenParams.clientId,\n 'code_challenge': tokenParams.codeChallenge,\n 'code_challenge_method': tokenParams.codeChallengeMethod,\n 'display': tokenParams.display,\n 'idp': tokenParams.idp,\n 'idp_scope': tokenParams.idpScope,\n 'login_hint': tokenParams.loginHint,\n 'max_age': tokenParams.maxAge,\n 'nonce': tokenParams.nonce,\n 'prompt': tokenParams.prompt,\n 'redirect_uri': tokenParams.redirectUri,\n 'response_mode': tokenParams.responseMode,\n 'response_type': tokenParams.responseType,\n 'sessionToken': tokenParams.sessionToken,\n 'state': tokenParams.state,\n };\n oauthParams = removeNils(oauthParams) as OAuthParams;\n\n ['idp_scope', 'response_type'].forEach(function (mayBeArray) {\n if (Array.isArray(oauthParams[mayBeArray])) {\n oauthParams[mayBeArray] = oauthParams[mayBeArray].join(' ');\n }\n });\n\n if (tokenParams.responseType!.indexOf('id_token') !== -1 &&\n tokenParams.scopes!.indexOf('openid') === -1) {\n throw new AuthSdkError('openid scope must be specified in the scopes argument when requesting an id_token');\n } else {\n oauthParams.scope = tokenParams.scopes!.join(' ');\n }\n\n return oauthParams;\n}\n\nexport function buildAuthorizeParams(tokenParams: TokenParams) {\n var oauthQueryParams = convertTokenParamsToOAuthParams(tokenParams);\n return toQueryString({ \n ...oauthQueryParams, \n ...(tokenParams.extraParams && { ...tokenParams.extraParams })\n });\n}\n"],"file":"authorize.js"}
|
|
@@ -1,8 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
+
var _Object$keys = require("@babel/runtime-corejs3/core-js-stable/object/keys");
|
|
4
|
+
|
|
3
5
|
var _authorize = require("./authorize");
|
|
4
6
|
|
|
5
|
-
|
|
7
|
+
_Object$keys(_authorize).forEach(function (key) {
|
|
6
8
|
if (key === "default" || key === "__esModule") return;
|
|
7
9
|
if (key in exports && exports[key] === _authorize[key]) return;
|
|
8
10
|
Object.defineProperty(exports, key, {
|
|
@@ -15,7 +17,7 @@ Object.keys(_authorize).forEach(function (key) {
|
|
|
15
17
|
|
|
16
18
|
var _token = require("./token");
|
|
17
19
|
|
|
18
|
-
|
|
20
|
+
_Object$keys(_token).forEach(function (key) {
|
|
19
21
|
if (key === "default" || key === "__esModule") return;
|
|
20
22
|
if (key in exports && exports[key] === _token[key]) return;
|
|
21
23
|
Object.defineProperty(exports, key, {
|
|
@@ -28,7 +30,7 @@ Object.keys(_token).forEach(function (key) {
|
|
|
28
30
|
|
|
29
31
|
var _wellKnown = require("./well-known");
|
|
30
32
|
|
|
31
|
-
|
|
33
|
+
_Object$keys(_wellKnown).forEach(function (key) {
|
|
32
34
|
if (key === "default" || key === "__esModule") return;
|
|
33
35
|
if (key in exports && exports[key] === _wellKnown[key]) return;
|
|
34
36
|
Object.defineProperty(exports, key, {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/oidc/endpoints/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"sources":["../../../../lib/oidc/endpoints/index.ts"],"names":[],"mappings":";;;;AAaA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './authorize';\nexport * from './token';\nexport * from './well-known';\n"],"file":"index.js"}
|
|
@@ -1,8 +1,16 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
+
var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
|
|
4
|
+
|
|
3
5
|
exports.postToTokenEndpoint = postToTokenEndpoint;
|
|
4
6
|
exports.postRefreshToken = postRefreshToken;
|
|
5
7
|
|
|
8
|
+
var _slice = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/slice"));
|
|
9
|
+
|
|
10
|
+
var _map = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/map"));
|
|
11
|
+
|
|
12
|
+
var _entries = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/entries"));
|
|
13
|
+
|
|
6
14
|
var _errors = require("../../errors");
|
|
7
15
|
|
|
8
16
|
var _util = require("../../util");
|
|
@@ -40,6 +48,8 @@ function validateOptions(options) {
|
|
|
40
48
|
}
|
|
41
49
|
|
|
42
50
|
function getPostData(sdk, options) {
|
|
51
|
+
var _context;
|
|
52
|
+
|
|
43
53
|
// Convert Token params to OAuth params, sent to the /token endpoint
|
|
44
54
|
var params = (0, _util.removeNils)({
|
|
45
55
|
'client_id': options.clientId,
|
|
@@ -63,7 +73,7 @@ function getPostData(sdk, options) {
|
|
|
63
73
|
} // Encode as URL string
|
|
64
74
|
|
|
65
75
|
|
|
66
|
-
return (0, _util.toQueryString)(params).
|
|
76
|
+
return (0, _slice.default)(_context = (0, _util.toQueryString)(params)).call(_context, 1);
|
|
67
77
|
} // exchange authorization code for an access token
|
|
68
78
|
|
|
69
79
|
|
|
@@ -82,13 +92,15 @@ function postToTokenEndpoint(sdk, options, urls) {
|
|
|
82
92
|
}
|
|
83
93
|
|
|
84
94
|
function postRefreshToken(sdk, options, refreshToken) {
|
|
95
|
+
var _context2;
|
|
96
|
+
|
|
85
97
|
return (0, _http.httpRequest)(sdk, {
|
|
86
98
|
url: refreshToken.tokenUrl,
|
|
87
99
|
method: 'POST',
|
|
88
100
|
headers: {
|
|
89
101
|
'Content-Type': 'application/x-www-form-urlencoded'
|
|
90
102
|
},
|
|
91
|
-
args:
|
|
103
|
+
args: (0, _map.default)(_context2 = (0, _entries.default)({
|
|
92
104
|
client_id: options.clientId,
|
|
93
105
|
// eslint-disable-line camelcase
|
|
94
106
|
grant_type: 'refresh_token',
|
|
@@ -96,7 +108,8 @@ function postRefreshToken(sdk, options, refreshToken) {
|
|
|
96
108
|
scope: refreshToken.scopes.join(' '),
|
|
97
109
|
refresh_token: refreshToken.refreshToken // eslint-disable-line camelcase
|
|
98
110
|
|
|
99
|
-
}).
|
|
111
|
+
})).call(_context2, function ([name, value]) {
|
|
112
|
+
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
|
|
100
113
|
return name + '=' + encodeURIComponent(value);
|
|
101
114
|
}).join('&')
|
|
102
115
|
});
|