@okta/okta-auth-js 5.10.0 → 6.1.0

package/cjs/TokenManager.js

@@ -1,9 +1,21 @@
 "use strict";
 
-var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
+var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
 
 exports.TokenManager = exports.EVENT_ERROR = exports.EVENT_REMOVED = exports.EVENT_ADDED = exports.EVENT_RENEWED = exports.EVENT_EXPIRED = void 0;
 
+var _assign = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/assign"));
+
+var _keys = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/keys"));
+
+var _stringify = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/json/stringify"));
+
+var _filter = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/filter"));
+
+var _reduce = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/reduce"));
+
+var _promise = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/promise"));
+
 var _util = require("./util");
 
 var _errors = require("./errors");
@@ -12,12 +24,12 @@ var _util2 = require("./oidc/util");
 
 var _features = require("./features");
 
-var _constants = require("./constants");
-
 var _clock = _interopRequireDefault(require("./clock"));
 
 var _types = require("./types");
 
+var _constants = require("./constants");
+
 var _TokenService = require("./services/TokenService");
 
 /*!
@@ -70,7 +82,8 @@ class TokenManager {
       throw new _errors.AuthSdkError('Emitter should be initialized before TokenManager');
     }
 
-    options = Object.assign({}, DEFAULT_OPTIONS, (0, _util.removeNils)(options));
+    this.service = null;
+    options = (0, _assign.default)({}, DEFAULT_OPTIONS, (0, _util.removeNils)(options));
 
     if ((0, _features.isIE11OrLess)()) {
       options._storageEventDelay = options._storageEventDelay || 1000;
@@ -93,7 +106,9 @@ class TokenManager {
       storageOptions.storageType = options.storage;
     }
 
-    this.storage = sdk.storageManager.getTokenStorage(storageOptions);
+    this.storage = sdk.storageManager.getTokenStorage({ ...storageOptions,
+      useSeparateCookies: true
+    });
     this.clock = _clock.default.create();
     this.state = defaultState();
     this.on = this.emitter.on.bind(this.emitter);
@@ -125,7 +140,8 @@ class TokenManager {
   }
 
   getExpireTime(token) {
-    var expireTime = token.expiresAt - this.options.expireEarlySeconds;
+    const expireEarlySeconds = this.options.expireEarlySeconds || 0;
+    var expireTime = token.expiresAt - expireEarlySeconds;
     return expireTime;
   }
 
@@ -157,15 +173,15 @@ class TokenManager {
   emitEventsForCrossTabsStorageUpdate(newValue, oldValue) {
     const oldTokens = this.getTokensFromStorageValue(oldValue);
     const newTokens = this.getTokensFromStorageValue(newValue);
-    Object.keys(newTokens).forEach(key => {
+    (0, _keys.default)(newTokens).forEach(key => {
       const oldToken = oldTokens[key];
       const newToken = newTokens[key];
 
-      if (JSON.stringify(oldToken) !== JSON.stringify(newToken)) {
+      if ((0, _stringify.default)(oldToken) !== (0, _stringify.default)(newToken)) {
         this.emitAdded(key, newToken);
       }
     });
-    Object.keys(oldTokens).forEach(key => {
+    (0, _keys.default)(oldTokens).forEach(key => {
       const oldToken = oldTokens[key];
       const newToken = newTokens[key];
 
@@ -250,7 +266,7 @@ class TokenManager {
   getTokensSync() {
     const tokens = {};
     const tokenStorage = this.storage.getStorage();
-    Object.keys(tokenStorage).forEach(key => {
+    (0, _keys.default)(tokenStorage).forEach(key => {
       const token = tokenStorage[key];
 
       if ((0, _types.isAccessToken)(token)) {
@@ -269,8 +285,10 @@ class TokenManager {
   }
 
   getStorageKeyByType(type) {
+    var _context;
+
     const tokenStorage = this.storage.getStorage();
-    const key = Object.keys(tokenStorage).filter(key => {
+    const key = (0, _filter.default)(_context = (0, _keys.default)(tokenStorage)).call(_context, key => {
       const token = tokenStorage[key];
       return (0, _types.isAccessToken)(token) && type === 'accessToken' || (0, _types.isIDToken)(token) && type === 'idToken' || (0, _types.isRefreshToken)(token) && type === 'refreshToken';
     })[0];
@@ -337,7 +355,7 @@ class TokenManager {
       }
     }); // add token to storage
 
-    const storage = types.reduce((storage, type) => {
+    const storage = (0, _reduce.default)(types).call(types, (storage, type) => {
       const token = tokens[type];
 
       if (token) {
@@ -382,7 +400,9 @@ class TokenManager {
 
 
   async renewToken(token) {
-    return this.sdk.token.renew(token);
+    var _this$sdk$token;
+
+    return (_this$sdk$token = this.sdk.token) === null || _this$sdk$token === void 0 ? void 0 : _this$sdk$token.renew(token);
   } // TODO: this methods is redundant and can be removed in the next major version OKTA-407224
 
 
@@ -404,7 +424,7 @@ class TokenManager {
         throw new _errors.AuthSdkError('The tokenManager has no token for the key: ' + key);
       }
     } catch (e) {
-      return Promise.reject(e);
+      return _promise.default.reject(e);
     } // Remove existing autoRenew timeout
 
 
@@ -417,12 +437,8 @@ class TokenManager {
       const tokenType = this.getTokenType(token);
       return tokens[tokenType];
     }).catch(err => {
-      // If renew fails, remove token and emit error
-      if ((0, _util2.isRefreshTokenError)(err) || err.name === 'OAuthError' || err.name === 'AuthSdkError') {
-        // remove token from storage
-        this.remove(key);
-      }
-
+      // If renew fails, remove token from storage and emit error
+      this.remove(key);
       err.tokenKey = key;
       this.emitError(err);
       throw err;
@@ -440,7 +456,7 @@ class TokenManager {
 
   clearPendingRemoveTokens() {
     const tokens = this.getTokensSync();
-    Object.keys(tokens).forEach(key => {
+    (0, _keys.default)(tokens).forEach(key => {
       if (tokens[key].pendingRemove) {
         this.remove(key);
       }
@@ -471,7 +487,7 @@ class TokenManager {
 
   addPendingRemoveFlags() {
     const tokens = this.getTokensSync();
-    Object.keys(tokens).forEach(key => {
+    (0, _keys.default)(tokens).forEach(key => {
       tokens[key].pendingRemove = true;
     });
     this.setTokens(tokens);

package/cjs/TokenManager.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../lib/TokenManager.ts"],"names":["DEFAULT_OPTIONS","autoRenew","autoRemove","clearPendingRemoveTokens","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","syncStorage","_storageEventDelay","EVENT_EXPIRED","EVENT_RENEWED","EVENT_ADDED","EVENT_REMOVED","EVENT_ERROR","defaultState","expireTimeouts","renewPromise","TokenManager","constructor","sdk","options","emitter","AuthSdkError","Object","assign","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","clock","SdkClock","create","state","on","bind","off","start","service","stop","TokenService","getOptions","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","emitRenewed","freshToken","oldToken","emitAdded","emitRemoved","emitError","error","emitEventsForCrossTabsStorageUpdate","newValue","oldValue","oldTokens","getTokensFromStorageValue","newTokens","keys","forEach","newToken","JSON","stringify","clearExpireEventTimeout","clearTimeout","clearExpireEventTimeoutAll","prototype","hasOwnProperty","call","setExpireEventTimeout","expireEventWait","Math","max","expireEventTimeout","setTimeout","setExpireEventTimeoutAll","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","setStorage","getSync","get","getTokensSync","tokens","accessToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","filter","getTokenType","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","reduce","existingToken","remove","removedToken","renewToken","renew","validateToken","e","Promise","reject","renewTokens","then","tokenType","catch","err","name","tokenKey","finally","clear","clearStorage","pendingRemove","value","parse","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY","addPendingRemoveFlags"],"mappings":";;;;;;AAYA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAmBA;;AArCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA4BA,MAAMA,eAAe,GAAG;AACtBC,EAAAA,SAAS,EAAE,IADW;AAEtBC,EAAAA,UAAU,EAAE,IAFU;AAGtBC,EAAAA,wBAAwB,EAAE,IAHJ;AAItBC,EAAAA,OAAO,EAAEC,SAJa;AAIF;AACpBC,EAAAA,kBAAkB,EAAE,EALE;AAMtBC,EAAAA,UAAU,EAAEC,6BANU;AAOtBC,EAAAA,WAAW,EAAE,IAPS;AAQtBC,EAAAA,kBAAkB,EAAE;AARE,CAAxB;AAUO,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;;AAMP,SAASC,YAAT,GAA2C;AACzC,SAAO;AACLC,IAAAA,cAAc,EAAE,EADX;AAELC,IAAAA,YAAY,EAAE;AAFT,GAAP;AAID;;AACM,MAAMC,YAAN,CAAoD;AAYzDC,EAAAA,WAAW,CAACC,GAAD,EAAgBC,OAA4B,GAAG,EAA/C,EAAmD;AAC5D,SAAKD,GAAL,GAAWA,GAAX;AACA,SAAKE,OAAL,GAAgBF,GAAD,CAAaE,OAA5B;;AACA,QAAI,CAAC,KAAKA,OAAV,EAAmB;AACjB,YAAM,IAAIC,oBAAJ,CAAiB,mDAAjB,CAAN;AACD;;AAEDF,IAAAA,OAAO,GAAGG,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB1B,eAAlB,EAAmC,sBAAWsB,OAAX,CAAnC,CAAV;;AACA,QAAI,6BAAJ,EAAoB;AAClBA,MAAAA,OAAO,CAACZ,kBAAR,GAA6BY,OAAO,CAACZ,kBAAR,IAA8B,IAA3D;AACD;;AACD,QAAI,CAAC,4BAAL,EAAoB;AAClBY,MAAAA,OAAO,CAAChB,kBAAR,GAA6BN,eAAe,CAACM,kBAA7C;AACD;;AACD,SAAKgB,OAAL,GAAeA,OAAf;AAEA,UAAMK,cAA8B,GAAG,sBAAW;AAChDpB,MAAAA,UAAU,EAAEe,OAAO,CAACf,UAD4B;AAEhDqB,MAAAA,MAAM,EAAEN,OAAO,CAACM;AAFgC,KAAX,CAAvC;;AAIA,QAAI,OAAON,OAAO,CAAClB,OAAf,KAA2B,QAA/B,EAAyC;AACvC;AACAuB,MAAAA,cAAc,CAACE,eAAf,GAAiCP,OAAO,CAAClB,OAAzC;AACD,KAHD,MAGO,IAAIkB,OAAO,CAAClB,OAAZ,EAAqB;AAC1BuB,MAAAA,cAAc,CAACG,WAAf,GAA6BR,OAAO,CAAClB,OAArC;AACD;;AAED,SAAKA,OAAL,GAAeiB,GAAG,CAACU,cAAJ,CAAmBC,eAAnB,CAAmCL,cAAnC,CAAf;AACA,SAAKM,KAAL,GAAaC,eAASC,MAAT,EAAb;AACA,SAAKC,KAAL,GAAapB,YAAY,EAAzB;AAEA,SAAKqB,EAAL,GAAU,KAAKd,OAAL,CAAac,EAAb,CAAgBC,IAAhB,CAAqB,KAAKf,OAA1B,CAAV;AACA,SAAKgB,GAAL,GAAW,KAAKhB,OAAL,CAAagB,GAAb,CAAiBD,IAAjB,CAAsB,KAAKf,OAA3B,CAAX;AACD;;AAEDiB,EAAAA,KAAK,GAAG;AACN,QAAI,KAAKC,OAAT,EAAkB;AAChB,WAAKC,IAAL;AACD;;AACD,QAAI,KAAKpB,OAAL,CAAanB,wBAAjB,EAA2C;AACzC,WAAKA,wBAAL;AACD;;AACD,SAAKsC,OAAL,GAAe,IAAIE,0BAAJ,CAAiB,IAAjB,EAAuB,KAAKC,UAAL,EAAvB,CAAf;AACA,SAAKH,OAAL,CAAaD,KAAb;AACD;;AAEDE,EAAAA,IAAI,GAAG;AACL,QAAI,KAAKD,OAAT,EAAkB;AAChB,WAAKA,OAAL,CAAaC,IAAb;AACA,WAAKD,OAAL,GAAe,IAAf;AACD;AACF;;AAEDG,EAAAA,UAAU,GAAwB;AAChC,WAAO,iBAAM,KAAKtB,OAAX,CAAP;AACD;;AAEDuB,EAAAA,aAAa,CAACC,KAAD,EAAQ;AACnB,QAAIC,UAAU,GAAGD,KAAK,CAACE,SAAN,GAAkB,KAAK1B,OAAL,CAAahB,kBAAhD;AACA,WAAOyC,UAAP;AACD;;AAEDE,EAAAA,UAAU,CAACH,KAAD,EAAQ;AAChB,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,WAAOC,UAAU,IAAI,KAAKd,KAAL,CAAWiB,GAAX,EAArB;AACD;;AAEDC,EAAAA,WAAW,CAACC,GAAD,EAAMN,KAAN,EAAa;AACtB,SAAKvB,OAAL,CAAa8B,IAAb,CAAkB1C,aAAlB,EAAiCyC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDQ,EAAAA,WAAW,CAACF,GAAD,EAAMG,UAAN,EAAkBC,QAAlB,EAA4B;AACrC,SAAKjC,OAAL,CAAa8B,IAAb,CAAkBzC,aAAlB,EAAiCwC,GAAjC,EAAsCG,UAAtC,EAAkDC,QAAlD;AACD;;AAEDC,EAAAA,SAAS,CAACL,GAAD,EAAMN,KAAN,EAAa;AACpB,SAAKvB,OAAL,CAAa8B,IAAb,CAAkBxC,WAAlB,EAA+BuC,GAA/B,EAAoCN,KAApC;AACD;;AAEDY,EAAAA,WAAW,CAACN,GAAD,EAAMN,KAAN,EAAc;AACvB,SAAKvB,OAAL,CAAa8B,IAAb,CAAkBvC,aAAlB,EAAiCsC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDa,EAAAA,SAAS,CAACC,KAAD,EAAQ;AACf,SAAKrC,OAAL,CAAa8B,IAAb,CAAkBtC,WAAlB,EAA+B6C,KAA/B;AACD;;AAEDC,EAAAA,mCAAmC,CAACC,QAAD,EAAWC,QAAX,EAAqB;AACtD,UAAMC,SAAS,GAAG,KAAKC,yBAAL,CAA+BF,QAA/B,CAAlB;AACA,UAAMG,SAAS,GAAG,KAAKD,yBAAL,CAA+BH,QAA/B,CAAlB;AACArC,IAAAA,MAAM,CAAC0C,IAAP,CAAYD,SAAZ,EAAuBE,OAAvB,CAA+BhB,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMiB,QAAQ,GAAGH,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAIkB,IAAI,CAACC,SAAL,CAAef,QAAf,MAA6Bc,IAAI,CAACC,SAAL,CAAeF,QAAf,CAAjC,EAA2D;AACzD,aAAKZ,SAAL,CAAeL,GAAf,EAAoBiB,QAApB;AACD;AACF,KAND;AAOA5C,IAAAA,MAAM,CAAC0C,IAAP,CAAYH,SAAZ,EAAuBI,OAAvB,CAA+BhB,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMiB,QAAQ,GAAGH,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAI,CAACiB,QAAL,EAAe;AACb,aAAKX,WAAL,CAAiBN,GAAjB,EAAsBI,QAAtB;AACD;AACF,KAND;AAOD;;AAEDgB,EAAAA,uBAAuB,CAACpB,GAAD,EAAM;AAC3BqB,IAAAA,YAAY,CAAC,KAAKrC,KAAL,CAAWnB,cAAX,CAA0BmC,GAA1B,CAAD,CAAZ;AACA,WAAO,KAAKhB,KAAL,CAAWnB,cAAX,CAA0BmC,GAA1B,CAAP,CAF2B,CAI3B;;AACA,SAAKhB,KAAL,CAAWlB,YAAX,GAA0B,IAA1B;AACD;;AAEDwD,EAAAA,0BAA0B,GAAG;AAC3B,QAAIzD,cAAc,GAAG,KAAKmB,KAAL,CAAWnB,cAAhC;;AACA,SAAK,IAAImC,GAAT,IAAgBnC,cAAhB,EAAgC;AAC9B,UAAI,CAACQ,MAAM,CAACkD,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqC5D,cAArC,EAAqDmC,GAArD,CAAL,EAAgE;AAC9D;AACD;;AACD,WAAKoB,uBAAL,CAA6BpB,GAA7B;AACD;AACF;;AAED0B,EAAAA,qBAAqB,CAAC1B,GAAD,EAAMN,KAAN,EAAa;AAChC,QAAI,2BAAeA,KAAf,CAAJ,EAA2B;AACzB;AACD;;AAED,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,QAAIiC,eAAe,GAAGC,IAAI,CAACC,GAAL,CAASlC,UAAU,GAAG,KAAKd,KAAL,CAAWiB,GAAX,EAAtB,EAAwC,CAAxC,IAA6C,IAAnE,CANgC,CAQhC;;AACA,SAAKsB,uBAAL,CAA6BpB,GAA7B;AAEA,QAAI8B,kBAAkB,GAAGC,UAAU,CAAC,MAAM;AACxC,WAAKhC,WAAL,CAAiBC,GAAjB,EAAsBN,KAAtB;AACD,KAFkC,EAEhCiC,eAFgC,CAAnC,CAXgC,CAehC;;AACA,SAAK3C,KAAL,CAAWnB,cAAX,CAA0BmC,GAA1B,IAAiC8B,kBAAjC;AACD;;AAEDE,EAAAA,wBAAwB,GAAG;AACzB,QAAIC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;;AACA,SAAI,IAAIlC,GAAR,IAAeiC,YAAf,EAA6B;AAC3B,UAAI,CAAC5D,MAAM,CAACkD,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCQ,YAArC,EAAmDjC,GAAnD,CAAL,EAA8D;AAC5D;AACD;;AACD,UAAIN,KAAK,GAAGuC,YAAY,CAACjC,GAAD,CAAxB;AACA,WAAK0B,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACD;AACF,GApKwD,CAsKzD;;;AACAyC,EAAAA,0BAA0B,GAAG;AAC3B,SAAKb,0BAAL;AACA,SAAKU,wBAAL;AACD;;AAEDI,EAAAA,GAAG,CAACpC,GAAD,EAAMN,KAAN,EAAoB;AACrB,QAAIuC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,8BAAcxC,KAAd;AACAuC,IAAAA,YAAY,CAACjC,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAK1C,OAAL,CAAaqF,UAAb,CAAwBJ,YAAxB;AACA,SAAK5B,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,SAAKgC,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACD;;AAED4C,EAAAA,OAAO,CAACtC,GAAD,EAAM;AACX,QAAIiC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,WAAOD,YAAY,CAACjC,GAAD,CAAnB;AACD;;AAEQ,QAAHuC,GAAG,CAACvC,GAAD,EAAM;AACb,WAAO,KAAKsC,OAAL,CAAatC,GAAb,CAAP;AACD;;AAEDwC,EAAAA,aAAa,GAAW;AACtB,UAAMC,MAAM,GAAG,EAAf;AACA,UAAMR,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAArB;AACA7D,IAAAA,MAAM,CAAC0C,IAAP,CAAYkB,YAAZ,EAA0BjB,OAA1B,CAAkChB,GAAG,IAAI;AACvC,YAAMN,KAAK,GAAGuC,YAAY,CAACjC,GAAD,CAA1B;;AACA,UAAI,0BAAcN,KAAd,CAAJ,EAA0B;AACxB+C,QAAAA,MAAM,CAACC,WAAP,GAAqBhD,KAArB;AACD,OAFD,MAEO,IAAI,sBAAUA,KAAV,CAAJ,EAAsB;AAC3B+C,QAAAA,MAAM,CAACE,OAAP,GAAiBjD,KAAjB;AACD,OAFM,MAEA,IAAI,2BAAeA,KAAf,CAAJ,EAA2B;AAChC+C,QAAAA,MAAM,CAACG,YAAP,GAAsBlD,KAAtB;AACD;AACF,KATD;AAUA,WAAO+C,MAAP;AACD;;AAEc,QAATI,SAAS,GAAoB;AACjC,WAAO,KAAKL,aAAL,EAAP;AACD;;AAEDM,EAAAA,mBAAmB,CAACC,IAAD,EAA0B;AAC3C,UAAMd,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAArB;AACA,UAAMlC,GAAG,GAAG3B,MAAM,CAAC0C,IAAP,CAAYkB,YAAZ,EAA0Be,MAA1B,CAAiChD,GAAG,IAAI;AAClD,YAAMN,KAAK,GAAGuC,YAAY,CAACjC,GAAD,CAA1B;AACA,aAAQ,0BAAcN,KAAd,KAAwBqD,IAAI,KAAK,aAAlC,IACD,sBAAUrD,KAAV,KAAoBqD,IAAI,KAAK,SAD5B,IAED,2BAAerD,KAAf,KAAyBqD,IAAI,KAAK,cAFxC;AAGD,KALW,EAKT,CALS,CAAZ;AAMA,WAAO/C,GAAP;AACD;;AAEOiD,EAAAA,YAAY,CAACvD,KAAD,EAA0B;AAC5C,QAAI,0BAAcA,KAAd,CAAJ,EAA0B;AACxB,aAAO,aAAP;AACD;;AACD,QAAI,sBAAUA,KAAV,CAAJ,EAAsB;AACpB,aAAO,SAAP;AACD;;AACD,QAAG,2BAAeA,KAAf,CAAH,EAA0B;AACxB,aAAO,cAAP;AACD;;AACD,UAAM,IAAItB,oBAAJ,CAAiB,oBAAjB,CAAN;AACD;;AAED8E,EAAAA,SAAS,CACPT,MADO,EAEP;AACAU,EAAAA,aAHO,EAIPC,SAJO,EAKPC,cALO,EAMD;AACN,UAAMC,mBAAmB,GAAG,CAACtD,GAAD,EAAMN,KAAN,KAAgB;AAC1C,YAAMqD,IAAI,GAAG,KAAKE,YAAL,CAAkBvD,KAAlB,CAAb;;AACA,UAAIqD,IAAI,KAAK,aAAb,EAA4B;AAC1BI,QAAAA,aAAa,IAAIA,aAAa,CAACnD,GAAD,EAAMN,KAAN,CAA9B;AACD,OAFD,MAEO,IAAIqD,IAAI,KAAK,SAAb,EAAwB;AAC7BK,QAAAA,SAAS,IAAIA,SAAS,CAACpD,GAAD,EAAMN,KAAN,CAAtB;AACD,OAFM,MAEA,IAAIqD,IAAI,KAAK,cAAb,EAA6B;AAClCM,QAAAA,cAAc,IAAIA,cAAc,CAACrD,GAAD,EAAMN,KAAN,CAAhC;AACD;AACF,KATD;;AAUA,UAAM6D,WAAW,GAAG,CAACvD,GAAD,EAAMN,KAAN,KAAgB;AAClC,WAAKW,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,WAAKgC,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACA4D,MAAAA,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAKA,UAAM8D,aAAa,GAAG,CAACxD,GAAD,EAAMN,KAAN,EAAaU,QAAb,KAA0B;AAC9C,WAAKF,WAAL,CAAiBF,GAAjB,EAAsBN,KAAtB,EAA6BU,QAA7B;AACA,WAAKgB,uBAAL,CAA6BpB,GAA7B;AACA,WAAK0B,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACA4D,MAAAA,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;AACD,KALD;;AAMA,UAAM+D,aAAa,GAAG,CAACzD,GAAD,EAAMN,KAAN,KAAgB;AACpC,WAAK0B,uBAAL,CAA6BpB,GAA7B;AACA,WAAKM,WAAL,CAAiBN,GAAjB,EAAsBN,KAAtB;AACA4D,MAAAA,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAMA,UAAMgE,KAAkB,GAAG,CAAC,SAAD,EAAY,aAAZ,EAA2B,cAA3B,CAA3B;AACA,UAAMC,cAAc,GAAG,KAAKnB,aAAL,EAAvB,CA7BM,CA+BN;;AACAkB,IAAAA,KAAK,CAAC1C,OAAN,CAAe+B,IAAD,IAAU;AACtB,YAAMrD,KAAK,GAAG+C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIrD,KAAJ,EAAW;AACT,kCAAcA,KAAd,EAAqBqD,IAArB;AACD;AACF,KALD,EAhCM,CAuCN;;AACA,UAAM/F,OAAO,GAAG0G,KAAK,CAACE,MAAN,CAAa,CAAC5G,OAAD,EAAU+F,IAAV,KAAmB;AAC9C,YAAMrD,KAAK,GAAG+C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIrD,KAAJ,EAAW;AACT,cAAMvC,UAAU,GAAG,KAAK2F,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;AACA/F,QAAAA,OAAO,CAACG,UAAD,CAAP,GAAsBuC,KAAtB;AACD;;AACD,aAAO1C,OAAP;AACD,KAPe,EAOb,EAPa,CAAhB;AAQA,SAAKA,OAAL,CAAaqF,UAAb,CAAwBrF,OAAxB,EAhDM,CAkDN;;AACA0G,IAAAA,KAAK,CAAC1C,OAAN,CAAc+B,IAAI,IAAI;AACpB,YAAM9B,QAAQ,GAAGwB,MAAM,CAACM,IAAD,CAAvB;AACA,YAAMc,aAAa,GAAGF,cAAc,CAACZ,IAAD,CAApC;AACA,YAAM5F,UAAU,GAAG,KAAK2F,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;;AACA,UAAI9B,QAAQ,IAAI4C,aAAhB,EAA+B;AAAE;AAC/B;AACAJ,QAAAA,aAAa,CAACtG,UAAD,EAAa0G,aAAb,CAAb;AACAN,QAAAA,WAAW,CAACpG,UAAD,EAAa8D,QAAb,CAAX;AACAuC,QAAAA,aAAa,CAACrG,UAAD,EAAa8D,QAAb,EAAuB4C,aAAvB,CAAb;AACD,OALD,MAKO,IAAI5C,QAAJ,EAAc;AAAE;AACrBsC,QAAAA,WAAW,CAACpG,UAAD,EAAa8D,QAAb,CAAX;AACD,OAFM,MAEA,IAAI4C,aAAJ,EAAmB;AAAE;AAC1BJ,QAAAA,aAAa,CAACtG,UAAD,EAAa0G,aAAb,CAAb;AACD;AACF,KAdD;AAeD;;AAEDC,EAAAA,MAAM,CAAC9D,GAAD,EAAM;AACV;AACA,SAAKoB,uBAAL,CAA6BpB,GAA7B;AAEA,QAAIiC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,QAAI6B,YAAY,GAAG9B,YAAY,CAACjC,GAAD,CAA/B;AACA,WAAOiC,YAAY,CAACjC,GAAD,CAAnB;AACA,SAAKhD,OAAL,CAAaqF,UAAb,CAAwBJ,YAAxB;AAEA,SAAK3B,WAAL,CAAiBN,GAAjB,EAAsB+D,YAAtB;AACD,GA9TwD,CAgUzD;;;AACgB,QAAVC,UAAU,CAACtE,KAAD,EAAQ;AACtB,WAAO,KAAKzB,GAAL,CAASyB,KAAT,CAAeuE,KAAf,CAAqBvE,KAArB,CAAP;AACD,GAnUwD,CAoUzD;;;AACAwE,EAAAA,aAAa,CAACxE,KAAD,EAAe;AAC1B,WAAO,0BAAcA,KAAd,CAAP;AACD,GAvUwD,CAyUzD;;;AACAuE,EAAAA,KAAK,CAACjE,GAAD,EAAsB;AACzB;AACA,QAAI,KAAKhB,KAAL,CAAWlB,YAAf,EAA6B;AAC3B,aAAO,KAAKkB,KAAL,CAAWlB,YAAlB;AACD;;AAED,QAAI;AACF,UAAI4B,KAAK,GAAG,KAAK4C,OAAL,CAAatC,GAAb,CAAZ;;AACA,UAAI,CAACN,KAAL,EAAY;AACV,cAAM,IAAItB,oBAAJ,CAAiB,gDAAgD4B,GAAjE,CAAN;AACD;AACF,KALD,CAKE,OAAOmE,CAAP,EAAU;AACV,aAAOC,OAAO,CAACC,MAAR,CAAeF,CAAf,CAAP;AACD,KAbwB,CAezB;;;AACA,SAAK/C,uBAAL,CAA6BpB,GAA7B,EAhByB,CAkBzB;AACA;;AACA,SAAKhB,KAAL,CAAWlB,YAAX,GAA0B,KAAKG,GAAL,CAASyB,KAAT,CAAe4E,WAAf,GACvBC,IADuB,CAClB9B,MAAM,IAAI;AACd,WAAKS,SAAL,CAAeT,MAAf,EADc,CAGd;;AACA,YAAM+B,SAAS,GAAG,KAAKvB,YAAL,CAAkBvD,KAAlB,CAAlB;AACA,aAAO+C,MAAM,CAAC+B,SAAD,CAAb;AACD,KAPuB,EAQvBC,KARuB,CAQjBC,GAAG,IAAI;AACZ;AACA,UAAI,gCAAoBA,GAApB,KAA4BA,GAAG,CAACC,IAAJ,KAAa,YAAzC,IAAyDD,GAAG,CAACC,IAAJ,KAAa,cAA1E,EAA0F;AACxF;AACA,aAAKb,MAAL,CAAY9D,GAAZ;AACD;;AACD0E,MAAAA,GAAG,CAACE,QAAJ,GAAe5E,GAAf;AACA,WAAKO,SAAL,CAAemE,GAAf;AACA,YAAMA,GAAN;AACD,KAjBuB,EAkBvBG,OAlBuB,CAkBf,MAAM;AACb;AACA,WAAK7F,KAAL,CAAWlB,YAAX,GAA0B,IAA1B;AACD,KArBuB,CAA1B;AAuBA,WAAO,KAAKkB,KAAL,CAAWlB,YAAlB;AACD;;AAEDgH,EAAAA,KAAK,GAAG;AACN,SAAKxD,0BAAL;AACA,SAAKtE,OAAL,CAAa+H,YAAb;AACD;;AAEDhI,EAAAA,wBAAwB,GAAG;AACzB,UAAM0F,MAAM,GAAG,KAAKD,aAAL,EAAf;AACAnE,IAAAA,MAAM,CAAC0C,IAAP,CAAY0B,MAAZ,EAAoBzB,OAApB,CAA4BhB,GAAG,IAAI;AACjC,UAAIyC,MAAM,CAACzC,GAAD,CAAN,CAAYgF,aAAhB,EAA+B;AAC9B,aAAKlB,MAAL,CAAY9D,GAAZ;AACA;AACF,KAJD;AAKD;;AAEDa,EAAAA,yBAAyB,CAACoE,KAAD,EAAQ;AAC/B,QAAIxC,MAAJ;;AACA,QAAI;AACFA,MAAAA,MAAM,GAAGvB,IAAI,CAACgE,KAAL,CAAWD,KAAX,KAAqB,EAA9B;AACD,KAFD,CAEE,OAAOd,CAAP,EAAU;AACV1B,MAAAA,MAAM,GAAG,EAAT;AACD;;AACD,WAAOA,MAAP;AACD;;AAED0C,EAAAA,kBAAkB,CAACzF,KAAD,EAAsB;AACtC,UAAMM,GAAG,GAAG,KAAK8C,mBAAL,CAAyB,cAAzB,KAA4CsC,oCAAxD,CADsC,CAGtC;;;AACA,QAAInD,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,8BAAcxC,KAAd;AACAuC,IAAAA,YAAY,CAACjC,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAK1C,OAAL,CAAaqF,UAAb,CAAwBJ,YAAxB;AACD;;AAEDoD,EAAAA,qBAAqB,GAAG;AACtB,UAAM5C,MAAM,GAAG,KAAKD,aAAL,EAAf;AACAnE,IAAAA,MAAM,CAAC0C,IAAP,CAAY0B,MAAZ,EAAoBzB,OAApB,CAA4BhB,GAAG,IAAI;AACjCyC,MAAAA,MAAM,CAACzC,GAAD,CAAN,CAAYgF,aAAZ,GAA4B,IAA5B;AACD,KAFD;AAGA,SAAK9B,SAAL,CAAeT,MAAf;AACD;;AAhawD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from './util';\nimport { AuthSdkError } from './errors';\nimport { isRefreshTokenError, validateToken  } from './oidc/util';\nimport { isLocalhost, isIE11OrLess } from './features';\nimport { TOKEN_STORAGE_NAME } from './constants';\nimport SdkClock from './clock';\nimport {\n  EventEmitter,\n  Token, \n  Tokens, \n  TokenType, \n  TokenManagerOptions, \n  isIDToken, \n  isAccessToken,\n  isRefreshToken,\n  StorageOptions,\n  StorageType,\n  OktaAuth,\n  StorageProvider,\n  TokenManagerErrorEventHandler,\n  TokenManagerEventHandler,\n  TokenManagerInterface,\n  RefreshToken\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY } from './constants';\nimport { TokenService } from './services/TokenService';\n\nconst DEFAULT_OPTIONS = {\n  autoRenew: true,\n  autoRemove: true,\n  clearPendingRemoveTokens: true,\n  storage: undefined, // will use value from storageManager config\n  expireEarlySeconds: 30,\n  storageKey: TOKEN_STORAGE_NAME,\n  syncStorage: true,\n  _storageEventDelay: 0\n};\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\n\ninterface TokenManagerState {\n  expireTimeouts: Record<string, unknown>;\n  renewPromise: Promise<Token>;\n}\nfunction defaultState(): TokenManagerState {\n  return {\n    expireTimeouts: {},\n    renewPromise: null\n  };\n}\nexport class TokenManager implements TokenManagerInterface {\n  private sdk: OktaAuth;\n  private clock: SdkClock;\n  private emitter: EventEmitter;\n  private storage: StorageProvider;\n  private state: TokenManagerState;\n  private options: TokenManagerOptions;\n  private service: TokenService;\n\n  on: (event: string, handler: TokenManagerErrorEventHandler | TokenManagerEventHandler, context?: object) => void;\n  off: (event: string, handler?: TokenManagerErrorEventHandler | TokenManagerEventHandler) => void;\n\n  constructor(sdk: OktaAuth, options: TokenManagerOptions = {}) {\n    this.sdk = sdk;\n    this.emitter = (sdk as any).emitter;\n    if (!this.emitter) {\n      throw new AuthSdkError('Emitter should be initialized before TokenManager');\n    }\n\n    options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n    if (isIE11OrLess()) {\n      options._storageEventDelay = options._storageEventDelay || 1000;\n    }\n    if (!isLocalhost()) {\n      options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n    }\n    this.options = options;\n\n    const storageOptions: StorageOptions = removeNils({\n      storageKey: options.storageKey,\n      secure: options.secure,\n    });\n    if (typeof options.storage === 'object') {\n      // A custom storage provider must implement getItem(key) and setItem(key, val)\n      storageOptions.storageProvider = options.storage;\n    } else if (options.storage) {\n      storageOptions.storageType = options.storage as StorageType;\n    }\n\n    this.storage = sdk.storageManager.getTokenStorage(storageOptions);\n    this.clock = SdkClock.create(/* sdk, options */);\n    this.state = defaultState();\n\n    this.on = this.emitter.on.bind(this.emitter);\n    this.off = this.emitter.off.bind(this.emitter);\n  }\n\n  start() {\n    if (this.service) {\n      this.stop();\n    }\n    if (this.options.clearPendingRemoveTokens) {\n      this.clearPendingRemoveTokens();\n    }\n    this.service = new TokenService(this, this.getOptions());\n    this.service.start();\n  }\n  \n  stop() {\n    if (this.service) {\n      this.service.stop();\n      this.service = null;\n    }\n  }\n\n  getOptions(): TokenManagerOptions {\n    return clone(this.options);\n  }\n  \n  getExpireTime(token) {\n    var expireTime = token.expiresAt - this.options.expireEarlySeconds;\n    return expireTime;\n  }\n  \n  hasExpired(token) {\n    var expireTime = this.getExpireTime(token);\n    return expireTime <= this.clock.now();\n  }\n  \n  emitExpired(key, token) {\n    this.emitter.emit(EVENT_EXPIRED, key, token);\n  }\n  \n  emitRenewed(key, freshToken, oldToken) {\n    this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n  }\n  \n  emitAdded(key, token) {\n    this.emitter.emit(EVENT_ADDED, key, token);\n  }\n  \n  emitRemoved(key, token?) {\n    this.emitter.emit(EVENT_REMOVED, key, token);\n  }\n  \n  emitError(error) {\n    this.emitter.emit(EVENT_ERROR, error);\n  }\n  \n  emitEventsForCrossTabsStorageUpdate(newValue, oldValue) {\n    const oldTokens = this.getTokensFromStorageValue(oldValue);\n    const newTokens = this.getTokensFromStorageValue(newValue);\n    Object.keys(newTokens).forEach(key => {\n      const oldToken = oldTokens[key];\n      const newToken = newTokens[key];\n      if (JSON.stringify(oldToken) !== JSON.stringify(newToken)) {\n        this.emitAdded(key, newToken);\n      }\n    });\n    Object.keys(oldTokens).forEach(key => {\n      const oldToken = oldTokens[key];\n      const newToken = newTokens[key];\n      if (!newToken) {\n        this.emitRemoved(key, oldToken);\n      }\n    });\n  }\n  \n  clearExpireEventTimeout(key) {\n    clearTimeout(this.state.expireTimeouts[key] as any);\n    delete this.state.expireTimeouts[key];\n  \n    // Remove the renew promise (if it exists)\n    this.state.renewPromise = null;\n  }\n  \n  clearExpireEventTimeoutAll() {\n    var expireTimeouts = this.state.expireTimeouts;\n    for (var key in expireTimeouts) {\n      if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n        continue;\n      }\n      this.clearExpireEventTimeout(key);\n    }\n  }\n  \n  setExpireEventTimeout(key, token) {\n    if (isRefreshToken(token)) {\n      return;\n    }\n\n    var expireTime = this.getExpireTime(token);\n    var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n  \n    // Clear any existing timeout\n    this.clearExpireEventTimeout(key);\n  \n    var expireEventTimeout = setTimeout(() => {\n      this.emitExpired(key, token);\n    }, expireEventWait);\n  \n    // Add a new timeout\n    this.state.expireTimeouts[key] = expireEventTimeout;\n  }\n  \n  setExpireEventTimeoutAll() {\n    var tokenStorage = this.storage.getStorage();\n    for(var key in tokenStorage) {\n      if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n        continue;\n      }\n      var token = tokenStorage[key];\n      this.setExpireEventTimeout(key, token);\n    }\n  }\n  \n  // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n  resetExpireEventTimeoutAll() {\n    this.clearExpireEventTimeoutAll();\n    this.setExpireEventTimeoutAll();\n  }\n  \n  add(key, token: Token) {\n    var tokenStorage = this.storage.getStorage();\n    validateToken(token);\n    tokenStorage[key] = token;\n    this.storage.setStorage(tokenStorage);\n    this.emitAdded(key, token);\n    this.setExpireEventTimeout(key, token);\n  }\n  \n  getSync(key) {\n    var tokenStorage = this.storage.getStorage();\n    return tokenStorage[key];\n  }\n  \n  async get(key) {\n    return this.getSync(key);\n  }\n  \n  getTokensSync(): Tokens {\n    const tokens = {} as Tokens;\n    const tokenStorage = this.storage.getStorage();\n    Object.keys(tokenStorage).forEach(key => {\n      const token = tokenStorage[key];\n      if (isAccessToken(token)) {\n        tokens.accessToken = token;\n      } else if (isIDToken(token)) {\n        tokens.idToken = token;\n      } else if (isRefreshToken(token)) { \n        tokens.refreshToken = token;\n      }\n    });\n    return tokens;\n  }\n  \n  async getTokens(): Promise<Tokens> {\n    return this.getTokensSync();\n  }\n\n  getStorageKeyByType(type: TokenType): string {\n    const tokenStorage = this.storage.getStorage();\n    const key = Object.keys(tokenStorage).filter(key => {\n      const token = tokenStorage[key];\n      return (isAccessToken(token) && type === 'accessToken') \n        || (isIDToken(token) && type === 'idToken')\n        || (isRefreshToken(token) && type === 'refreshToken');\n    })[0];\n    return key;\n  }\n\n  private getTokenType(token: Token): TokenType {\n    if (isAccessToken(token)) {\n      return 'accessToken';\n    }\n    if (isIDToken(token)) {\n      return 'idToken';\n    }\n    if(isRefreshToken(token)) {\n      return 'refreshToken';\n    }\n    throw new AuthSdkError('Unknown token type');\n  }\n\n  setTokens(\n    tokens: Tokens,\n    // TODO: callbacks can be removed in the next major version OKTA-407224\n    accessTokenCb?: Function, \n    idTokenCb?: Function,\n    refreshTokenCb?: Function\n  ): void {\n    const handleTokenCallback = (key, token) => {\n      const type = this.getTokenType(token);\n      if (type === 'accessToken') {\n        accessTokenCb && accessTokenCb(key, token);\n      } else if (type === 'idToken') {\n        idTokenCb && idTokenCb(key, token);\n      } else if (type === 'refreshToken') {\n        refreshTokenCb && refreshTokenCb(key, token);\n      }\n    };\n    const handleAdded = (key, token) => {\n      this.emitAdded(key, token);\n      this.setExpireEventTimeout(key, token);\n      handleTokenCallback(key, token);\n    };\n    const handleRenewed = (key, token, oldToken) => {\n      this.emitRenewed(key, token, oldToken);\n      this.clearExpireEventTimeout(key);\n      this.setExpireEventTimeout(key, token);\n      handleTokenCallback(key, token);\n    };\n    const handleRemoved = (key, token) => {\n      this.clearExpireEventTimeout(key);\n      this.emitRemoved(key, token);\n      handleTokenCallback(key, token);\n    };\n    \n    const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n    const existingTokens = this.getTokensSync();\n\n    // valid tokens\n    types.forEach((type) => {\n      const token = tokens[type];\n      if (token) {\n        validateToken(token, type);\n      }\n    });\n  \n    // add token to storage\n    const storage = types.reduce((storage, type) => {\n      const token = tokens[type];\n      if (token) {\n        const storageKey = this.getStorageKeyByType(type) || type;\n        storage[storageKey] = token;\n      }\n      return storage;\n    }, {});\n    this.storage.setStorage(storage);\n  \n    // emit event and start expiration timer\n    types.forEach(type => {\n      const newToken = tokens[type];\n      const existingToken = existingTokens[type];\n      const storageKey = this.getStorageKeyByType(type) || type;\n      if (newToken && existingToken) { // renew\n        // call handleRemoved first, since it clears timers\n        handleRemoved(storageKey, existingToken);\n        handleAdded(storageKey, newToken);\n        handleRenewed(storageKey, newToken, existingToken);\n      } else if (newToken) { // add\n        handleAdded(storageKey, newToken);\n      } else if (existingToken) { //remove\n        handleRemoved(storageKey, existingToken);\n      }\n    });\n  }\n  \n  remove(key) {\n    // Clear any listener for this token\n    this.clearExpireEventTimeout(key);\n  \n    var tokenStorage = this.storage.getStorage();\n    var removedToken = tokenStorage[key];\n    delete tokenStorage[key];\n    this.storage.setStorage(tokenStorage);\n  \n    this.emitRemoved(key, removedToken);\n  }\n  \n  // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n  async renewToken(token) {\n    return this.sdk.token.renew(token);\n  }\n  // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n  validateToken(token: Token) {\n    return validateToken(token);\n  }\n\n  // TODO: renew method should take no param, change in the next major version OKTA-407224\n  renew(key): Promise<Token> {\n    // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n    if (this.state.renewPromise) {\n      return this.state.renewPromise;\n    }\n  \n    try {\n      var token = this.getSync(key);\n      if (!token) {\n        throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n      }\n    } catch (e) {\n      return Promise.reject(e);\n    }\n  \n    // Remove existing autoRenew timeout\n    this.clearExpireEventTimeout(key);\n  \n    // A refresh token means a replace instead of renewal\n    // Store the renew promise state, to avoid renewing again\n    this.state.renewPromise = this.sdk.token.renewTokens()\n      .then(tokens => {\n        this.setTokens(tokens);\n\n        // resolve token based on the key\n        const tokenType = this.getTokenType(token);\n        return tokens[tokenType];\n      })\n      .catch(err => {\n        // If renew fails, remove token and emit error\n        if (isRefreshTokenError(err) || err.name === 'OAuthError' || err.name === 'AuthSdkError') {\n          // remove token from storage\n          this.remove(key);\n        }\n        err.tokenKey = key;\n        this.emitError(err);\n        throw err;\n      })\n      .finally(() => {\n        // Remove existing promise key\n        this.state.renewPromise = null;\n      });\n  \n    return this.state.renewPromise;\n  }\n  \n  clear() {\n    this.clearExpireEventTimeoutAll();\n    this.storage.clearStorage();\n  }\n\n  clearPendingRemoveTokens() {\n    const tokens = this.getTokensSync();\n    Object.keys(tokens).forEach(key => {\n      if (tokens[key].pendingRemove) {\n       this.remove(key);\n      }\n    });\n  }\n  \n  getTokensFromStorageValue(value) {\n    let tokens;\n    try {\n      tokens = JSON.parse(value) || {};\n    } catch (e) {\n      tokens = {};\n    }\n    return tokens;\n  }\n\n  updateRefreshToken(token: RefreshToken) {\n    const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n    // do not emit any event\n    var tokenStorage = this.storage.getStorage();\n    validateToken(token);\n    tokenStorage[key] = token;\n    this.storage.setStorage(tokenStorage);\n  }\n\n  addPendingRemoveFlags() {\n    const tokens = this.getTokensSync();\n    Object.keys(tokens).forEach(key => {\n      tokens[key].pendingRemove = true;\n    });\n    this.setTokens(tokens);\n  }\n  \n}\n"],"file":"TokenManager.js"}
+{"version":3,"sources":["../../lib/TokenManager.ts"],"names":["DEFAULT_OPTIONS","autoRenew","autoRemove","clearPendingRemoveTokens","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","syncStorage","_storageEventDelay","EVENT_EXPIRED","EVENT_RENEWED","EVENT_ADDED","EVENT_REMOVED","EVENT_ERROR","defaultState","expireTimeouts","renewPromise","TokenManager","constructor","sdk","options","emitter","AuthSdkError","service","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","useSeparateCookies","clock","SdkClock","create","state","on","bind","off","start","stop","TokenService","getOptions","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","emitRenewed","freshToken","oldToken","emitAdded","emitRemoved","emitError","error","emitEventsForCrossTabsStorageUpdate","newValue","oldValue","oldTokens","getTokensFromStorageValue","newTokens","forEach","newToken","clearExpireEventTimeout","clearTimeout","clearExpireEventTimeoutAll","Object","prototype","hasOwnProperty","call","setExpireEventTimeout","expireEventWait","Math","max","expireEventTimeout","setTimeout","setExpireEventTimeoutAll","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","setStorage","getSync","get","getTokensSync","tokens","accessToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","getTokenType","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","existingToken","remove","removedToken","renewToken","renew","validateToken","e","reject","renewTokens","then","tokenType","catch","err","tokenKey","finally","clear","clearStorage","pendingRemove","value","JSON","parse","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY","addPendingRemoveFlags"],"mappings":";;;;;;;;;;;;;;;;;;AAYA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAkBA;;AACA;;AApCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA2BA,MAAMA,eAAe,GAAG;AACtBC,EAAAA,SAAS,EAAE,IADW;AAEtBC,EAAAA,UAAU,EAAE,IAFU;AAGtBC,EAAAA,wBAAwB,EAAE,IAHJ;AAItBC,EAAAA,OAAO,EAAEC,SAJa;AAIF;AACpBC,EAAAA,kBAAkB,EAAE,EALE;AAMtBC,EAAAA,UAAU,EAAEC,6BANU;AAOtBC,EAAAA,WAAW,EAAE,IAPS;AAQtBC,EAAAA,kBAAkB,EAAE;AARE,CAAxB;AAUO,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;;AAMP,SAASC,YAAT,GAA2C;AACzC,SAAO;AACLC,IAAAA,cAAc,EAAE,EADX;AAELC,IAAAA,YAAY,EAAE;AAFT,GAAP;AAID;;AACM,MAAMC,YAAN,CAAoD;AAYzDC,EAAAA,WAAW,CAACC,GAAD,EAAyBC,OAA4B,GAAG,EAAxD,EAA4D;AACrE,SAAKD,GAAL,GAAWA,GAAX;AACA,SAAKE,OAAL,GAAgBF,GAAD,CAAaE,OAA5B;;AACA,QAAI,CAAC,KAAKA,OAAV,EAAmB;AACjB,YAAM,IAAIC,oBAAJ,CAAiB,mDAAjB,CAAN;AACD;;AACD,SAAKC,OAAL,GAAe,IAAf;AAEAH,IAAAA,OAAO,GAAG,qBAAc,EAAd,EAAkBtB,eAAlB,EAAmC,sBAAWsB,OAAX,CAAnC,CAAV;;AACA,QAAI,6BAAJ,EAAoB;AAClBA,MAAAA,OAAO,CAACZ,kBAAR,GAA6BY,OAAO,CAACZ,kBAAR,IAA8B,IAA3D;AACD;;AACD,QAAI,CAAC,4BAAL,EAAoB;AAClBY,MAAAA,OAAO,CAAChB,kBAAR,GAA6BN,eAAe,CAACM,kBAA7C;AACD;;AACD,SAAKgB,OAAL,GAAeA,OAAf;AAEA,UAAMI,cAA8B,GAAG,sBAAW;AAChDnB,MAAAA,UAAU,EAAEe,OAAO,CAACf,UAD4B;AAEhDoB,MAAAA,MAAM,EAAEL,OAAO,CAACK;AAFgC,KAAX,CAAvC;;AAIA,QAAI,OAAOL,OAAO,CAAClB,OAAf,KAA2B,QAA/B,EAAyC;AACvC;AACAsB,MAAAA,cAAc,CAACE,eAAf,GAAiCN,OAAO,CAAClB,OAAzC;AACD,KAHD,MAGO,IAAIkB,OAAO,CAAClB,OAAZ,EAAqB;AAC1BsB,MAAAA,cAAc,CAACG,WAAf,GAA6BP,OAAO,CAAClB,OAArC;AACD;;AAED,SAAKA,OAAL,GAAeiB,GAAG,CAACS,cAAJ,CAAmBC,eAAnB,CAAmC,EAAC,GAAGL,cAAJ;AAAoBM,MAAAA,kBAAkB,EAAE;AAAxC,KAAnC,CAAf;AACA,SAAKC,KAAL,GAAaC,eAASC,MAAT,EAAb;AACA,SAAKC,KAAL,GAAapB,YAAY,EAAzB;AAEA,SAAKqB,EAAL,GAAU,KAAKd,OAAL,CAAac,EAAb,CAAgBC,IAAhB,CAAqB,KAAKf,OAA1B,CAAV;AACA,SAAKgB,GAAL,GAAW,KAAKhB,OAAL,CAAagB,GAAb,CAAiBD,IAAjB,CAAsB,KAAKf,OAA3B,CAAX;AACD;;AAEDiB,EAAAA,KAAK,GAAG;AACN,QAAI,KAAKf,OAAT,EAAkB;AAChB,WAAKgB,IAAL;AACD;;AACD,QAAI,KAAKnB,OAAL,CAAanB,wBAAjB,EAA2C;AACzC,WAAKA,wBAAL;AACD;;AACD,SAAKsB,OAAL,GAAe,IAAIiB,0BAAJ,CAAiB,IAAjB,EAAuB,KAAKC,UAAL,EAAvB,CAAf;AACA,SAAKlB,OAAL,CAAae,KAAb;AACD;;AAEDC,EAAAA,IAAI,GAAG;AACL,QAAI,KAAKhB,OAAT,EAAkB;AAChB,WAAKA,OAAL,CAAagB,IAAb;AACA,WAAKhB,OAAL,GAAe,IAAf;AACD;AACF;;AAEDkB,EAAAA,UAAU,GAAwB;AAChC,WAAO,iBAAM,KAAKrB,OAAX,CAAP;AACD;;AAEDsB,EAAAA,aAAa,CAACC,KAAD,EAAQ;AACnB,UAAMvC,kBAAkB,GAAG,KAAKgB,OAAL,CAAahB,kBAAb,IAAmC,CAA9D;AACA,QAAIwC,UAAU,GAAGD,KAAK,CAACE,SAAN,GAAkBzC,kBAAnC;AACA,WAAOwC,UAAP;AACD;;AAEDE,EAAAA,UAAU,CAACH,KAAD,EAAQ;AAChB,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,WAAOC,UAAU,IAAI,KAAKb,KAAL,CAAWgB,GAAX,EAArB;AACD;;AAEDC,EAAAA,WAAW,CAACC,GAAD,EAAMN,KAAN,EAAa;AACtB,SAAKtB,OAAL,CAAa6B,IAAb,CAAkBzC,aAAlB,EAAiCwC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDQ,EAAAA,WAAW,CAACF,GAAD,EAAMG,UAAN,EAAkBC,QAAlB,EAA4B;AACrC,SAAKhC,OAAL,CAAa6B,IAAb,CAAkBxC,aAAlB,EAAiCuC,GAAjC,EAAsCG,UAAtC,EAAkDC,QAAlD;AACD;;AAEDC,EAAAA,SAAS,CAACL,GAAD,EAAMN,KAAN,EAAa;AACpB,SAAKtB,OAAL,CAAa6B,IAAb,CAAkBvC,WAAlB,EAA+BsC,GAA/B,EAAoCN,KAApC;AACD;;AAEDY,EAAAA,WAAW,CAACN,GAAD,EAAMN,KAAN,EAAc;AACvB,SAAKtB,OAAL,CAAa6B,IAAb,CAAkBtC,aAAlB,EAAiCqC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDa,EAAAA,SAAS,CAACC,KAAD,EAAQ;AACf,SAAKpC,OAAL,CAAa6B,IAAb,CAAkBrC,WAAlB,EAA+B4C,KAA/B;AACD;;AAEDC,EAAAA,mCAAmC,CAACC,QAAD,EAAWC,QAAX,EAAqB;AACtD,UAAMC,SAAS,GAAG,KAAKC,yBAAL,CAA+BF,QAA/B,CAAlB;AACA,UAAMG,SAAS,GAAG,KAAKD,yBAAL,CAA+BH,QAA/B,CAAlB;AACA,uBAAYI,SAAZ,EAAuBC,OAAvB,CAA+Bf,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMgB,QAAQ,GAAGF,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAI,wBAAeI,QAAf,MAA6B,wBAAeY,QAAf,CAAjC,EAA2D;AACzD,aAAKX,SAAL,CAAeL,GAAf,EAAoBgB,QAApB;AACD;AACF,KAND;AAOA,uBAAYJ,SAAZ,EAAuBG,OAAvB,CAA+Bf,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMgB,QAAQ,GAAGF,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAI,CAACgB,QAAL,EAAe;AACb,aAAKV,WAAL,CAAiBN,GAAjB,EAAsBI,QAAtB;AACD;AACF,KAND;AAOD;;AAEDa,EAAAA,uBAAuB,CAACjB,GAAD,EAAM;AAC3BkB,IAAAA,YAAY,CAAC,KAAKjC,KAAL,CAAWnB,cAAX,CAA0BkC,GAA1B,CAAD,CAAZ;AACA,WAAO,KAAKf,KAAL,CAAWnB,cAAX,CAA0BkC,GAA1B,CAAP,CAF2B,CAI3B;;AACA,SAAKf,KAAL,CAAWlB,YAAX,GAA0B,IAA1B;AACD;;AAEDoD,EAAAA,0BAA0B,GAAG;AAC3B,QAAIrD,cAAc,GAAG,KAAKmB,KAAL,CAAWnB,cAAhC;;AACA,SAAK,IAAIkC,GAAT,IAAgBlC,cAAhB,EAAgC;AAC9B,UAAI,CAACsD,MAAM,CAACC,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCzD,cAArC,EAAqDkC,GAArD,CAAL,EAAgE;AAC9D;AACD;;AACD,WAAKiB,uBAAL,CAA6BjB,GAA7B;AACD;AACF;;AAEDwB,EAAAA,qBAAqB,CAACxB,GAAD,EAAMN,KAAN,EAAa;AAChC,QAAI,2BAAeA,KAAf,CAAJ,EAA2B;AACzB;AACD;;AAED,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,QAAI+B,eAAe,GAAGC,IAAI,CAACC,GAAL,CAAShC,UAAU,GAAG,KAAKb,KAAL,CAAWgB,GAAX,EAAtB,EAAwC,CAAxC,IAA6C,IAAnE,CANgC,CAQhC;;AACA,SAAKmB,uBAAL,CAA6BjB,GAA7B;AAEA,QAAI4B,kBAAkB,GAAGC,UAAU,CAAC,MAAM;AACxC,WAAK9B,WAAL,CAAiBC,GAAjB,EAAsBN,KAAtB;AACD,KAFkC,EAEhC+B,eAFgC,CAAnC,CAXgC,CAehC;;AACA,SAAKxC,KAAL,CAAWnB,cAAX,CAA0BkC,GAA1B,IAAiC4B,kBAAjC;AACD;;AAEDE,EAAAA,wBAAwB,GAAG;AACzB,QAAIC,YAAY,GAAG,KAAK9E,OAAL,CAAa+E,UAAb,EAAnB;;AACA,SAAI,IAAIhC,GAAR,IAAe+B,YAAf,EAA6B;AAC3B,UAAI,CAACX,MAAM,CAACC,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCQ,YAArC,EAAmD/B,GAAnD,CAAL,EAA8D;AAC5D;AACD;;AACD,UAAIN,KAAK,GAAGqC,YAAY,CAAC/B,GAAD,CAAxB;AACA,WAAKwB,qBAAL,CAA2BxB,GAA3B,EAAgCN,KAAhC;AACD;AACF,GAtKwD,CAwKzD;;;AACAuC,EAAAA,0BAA0B,GAAG;AAC3B,SAAKd,0BAAL;AACA,SAAKW,wBAAL;AACD;;AAEDI,EAAAA,GAAG,CAAClC,GAAD,EAAMN,KAAN,EAAoB;AACrB,QAAIqC,YAAY,GAAG,KAAK9E,OAAL,CAAa+E,UAAb,EAAnB;AACA,8BAActC,KAAd;AACAqC,IAAAA,YAAY,CAAC/B,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAKzC,OAAL,CAAakF,UAAb,CAAwBJ,YAAxB;AACA,SAAK1B,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,SAAK8B,qBAAL,CAA2BxB,GAA3B,EAAgCN,KAAhC;AACD;;AAED0C,EAAAA,OAAO,CAACpC,GAAD,EAAM;AACX,QAAI+B,YAAY,GAAG,KAAK9E,OAAL,CAAa+E,UAAb,EAAnB;AACA,WAAOD,YAAY,CAAC/B,GAAD,CAAnB;AACD;;AAEQ,QAAHqC,GAAG,CAACrC,GAAD,EAAM;AACb,WAAO,KAAKoC,OAAL,CAAapC,GAAb,CAAP;AACD;;AAEDsC,EAAAA,aAAa,GAAW;AACtB,UAAMC,MAAM,GAAG,EAAf;AACA,UAAMR,YAAY,GAAG,KAAK9E,OAAL,CAAa+E,UAAb,EAArB;AACA,uBAAYD,YAAZ,EAA0BhB,OAA1B,CAAkCf,GAAG,IAAI;AACvC,YAAMN,KAAK,GAAGqC,YAAY,CAAC/B,GAAD,CAA1B;;AACA,UAAI,0BAAcN,KAAd,CAAJ,EAA0B;AACxB6C,QAAAA,MAAM,CAACC,WAAP,GAAqB9C,KAArB;AACD,OAFD,MAEO,IAAI,sBAAUA,KAAV,CAAJ,EAAsB;AAC3B6C,QAAAA,MAAM,CAACE,OAAP,GAAiB/C,KAAjB;AACD,OAFM,MAEA,IAAI,2BAAeA,KAAf,CAAJ,EAA2B;AAChC6C,QAAAA,MAAM,CAACG,YAAP,GAAsBhD,KAAtB;AACD;AACF,KATD;AAUA,WAAO6C,MAAP;AACD;;AAEc,QAATI,SAAS,GAAoB;AACjC,WAAO,KAAKL,aAAL,EAAP;AACD;;AAEDM,EAAAA,mBAAmB,CAACC,IAAD,EAA0B;AAAA;;AAC3C,UAAMd,YAAY,GAAG,KAAK9E,OAAL,CAAa+E,UAAb,EAArB;AACA,UAAMhC,GAAG,GAAG,mDAAY+B,YAAZ,kBAAiC/B,GAAG,IAAI;AAClD,YAAMN,KAAK,GAAGqC,YAAY,CAAC/B,GAAD,CAA1B;AACA,aAAQ,0BAAcN,KAAd,KAAwBmD,IAAI,KAAK,aAAlC,IACD,sBAAUnD,KAAV,KAAoBmD,IAAI,KAAK,SAD5B,IAED,2BAAenD,KAAf,KAAyBmD,IAAI,KAAK,cAFxC;AAGD,KALW,EAKT,CALS,CAAZ;AAMA,WAAO7C,GAAP;AACD;;AAEO8C,EAAAA,YAAY,CAACpD,KAAD,EAA0B;AAC5C,QAAI,0BAAcA,KAAd,CAAJ,EAA0B;AACxB,aAAO,aAAP;AACD;;AACD,QAAI,sBAAUA,KAAV,CAAJ,EAAsB;AACpB,aAAO,SAAP;AACD;;AACD,QAAG,2BAAeA,KAAf,CAAH,EAA0B;AACxB,aAAO,cAAP;AACD;;AACD,UAAM,IAAIrB,oBAAJ,CAAiB,oBAAjB,CAAN;AACD;;AAED0E,EAAAA,SAAS,CACPR,MADO,EAEP;AACAS,EAAAA,aAHO,EAIPC,SAJO,EAKPC,cALO,EAMD;AACN,UAAMC,mBAAmB,GAAG,CAACnD,GAAD,EAAMN,KAAN,KAAgB;AAC1C,YAAMmD,IAAI,GAAG,KAAKC,YAAL,CAAkBpD,KAAlB,CAAb;;AACA,UAAImD,IAAI,KAAK,aAAb,EAA4B;AAC1BG,QAAAA,aAAa,IAAIA,aAAa,CAAChD,GAAD,EAAMN,KAAN,CAA9B;AACD,OAFD,MAEO,IAAImD,IAAI,KAAK,SAAb,EAAwB;AAC7BI,QAAAA,SAAS,IAAIA,SAAS,CAACjD,GAAD,EAAMN,KAAN,CAAtB;AACD,OAFM,MAEA,IAAImD,IAAI,KAAK,cAAb,EAA6B;AAClCK,QAAAA,cAAc,IAAIA,cAAc,CAAClD,GAAD,EAAMN,KAAN,CAAhC;AACD;AACF,KATD;;AAUA,UAAM0D,WAAW,GAAG,CAACpD,GAAD,EAAMN,KAAN,KAAgB;AAClC,WAAKW,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,WAAK8B,qBAAL,CAA2BxB,GAA3B,EAAgCN,KAAhC;AACAyD,MAAAA,mBAAmB,CAACnD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAKA,UAAM2D,aAAa,GAAG,CAACrD,GAAD,EAAMN,KAAN,EAAaU,QAAb,KAA0B;AAC9C,WAAKF,WAAL,CAAiBF,GAAjB,EAAsBN,KAAtB,EAA6BU,QAA7B;AACA,WAAKa,uBAAL,CAA6BjB,GAA7B;AACA,WAAKwB,qBAAL,CAA2BxB,GAA3B,EAAgCN,KAAhC;AACAyD,MAAAA,mBAAmB,CAACnD,GAAD,EAAMN,KAAN,CAAnB;AACD,KALD;;AAMA,UAAM4D,aAAa,GAAG,CAACtD,GAAD,EAAMN,KAAN,KAAgB;AACpC,WAAKuB,uBAAL,CAA6BjB,GAA7B;AACA,WAAKM,WAAL,CAAiBN,GAAjB,EAAsBN,KAAtB;AACAyD,MAAAA,mBAAmB,CAACnD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAMA,UAAM6D,KAAkB,GAAG,CAAC,SAAD,EAAY,aAAZ,EAA2B,cAA3B,CAA3B;AACA,UAAMC,cAAc,GAAG,KAAKlB,aAAL,EAAvB,CA7BM,CA+BN;;AACAiB,IAAAA,KAAK,CAACxC,OAAN,CAAe8B,IAAD,IAAU;AACtB,YAAMnD,KAAK,GAAG6C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAInD,KAAJ,EAAW;AACT,kCAAcA,KAAd,EAAqBmD,IAArB;AACD;AACF,KALD,EAhCM,CAuCN;;AACA,UAAM5F,OAAO,GAAG,qBAAAsG,KAAK,MAAL,CAAAA,KAAK,EAAQ,CAACtG,OAAD,EAAU4F,IAAV,KAAmB;AAC9C,YAAMnD,KAAK,GAAG6C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAInD,KAAJ,EAAW;AACT,cAAMtC,UAAU,GAAG,KAAKwF,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;AACA5F,QAAAA,OAAO,CAACG,UAAD,CAAP,GAAsBsC,KAAtB;AACD;;AACD,aAAOzC,OAAP;AACD,KAPoB,EAOlB,EAPkB,CAArB;AAQA,SAAKA,OAAL,CAAakF,UAAb,CAAwBlF,OAAxB,EAhDM,CAkDN;;AACAsG,IAAAA,KAAK,CAACxC,OAAN,CAAc8B,IAAI,IAAI;AACpB,YAAM7B,QAAQ,GAAGuB,MAAM,CAACM,IAAD,CAAvB;AACA,YAAMY,aAAa,GAAGD,cAAc,CAACX,IAAD,CAApC;AACA,YAAMzF,UAAU,GAAG,KAAKwF,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;;AACA,UAAI7B,QAAQ,IAAIyC,aAAhB,EAA+B;AAAE;AAC/B;AACAH,QAAAA,aAAa,CAAClG,UAAD,EAAaqG,aAAb,CAAb;AACAL,QAAAA,WAAW,CAAChG,UAAD,EAAa4D,QAAb,CAAX;AACAqC,QAAAA,aAAa,CAACjG,UAAD,EAAa4D,QAAb,EAAuByC,aAAvB,CAAb;AACD,OALD,MAKO,IAAIzC,QAAJ,EAAc;AAAE;AACrBoC,QAAAA,WAAW,CAAChG,UAAD,EAAa4D,QAAb,CAAX;AACD,OAFM,MAEA,IAAIyC,aAAJ,EAAmB;AAAE;AAC1BH,QAAAA,aAAa,CAAClG,UAAD,EAAaqG,aAAb,CAAb;AACD;AACF,KAdD;AAeD;;AAEDC,EAAAA,MAAM,CAAC1D,GAAD,EAAM;AACV;AACA,SAAKiB,uBAAL,CAA6BjB,GAA7B;AAEA,QAAI+B,YAAY,GAAG,KAAK9E,OAAL,CAAa+E,UAAb,EAAnB;AACA,QAAI2B,YAAY,GAAG5B,YAAY,CAAC/B,GAAD,CAA/B;AACA,WAAO+B,YAAY,CAAC/B,GAAD,CAAnB;AACA,SAAK/C,OAAL,CAAakF,UAAb,CAAwBJ,YAAxB;AAEA,SAAKzB,WAAL,CAAiBN,GAAjB,EAAsB2D,YAAtB;AACD,GAhUwD,CAkUzD;;;AACgB,QAAVC,UAAU,CAAClE,KAAD,EAAQ;AAAA;;AACtB,8BAAO,KAAKxB,GAAL,CAASwB,KAAhB,oDAAO,gBAAgBmE,KAAhB,CAAsBnE,KAAtB,CAAP;AACD,GArUwD,CAsUzD;;;AACAoE,EAAAA,aAAa,CAACpE,KAAD,EAAe;AAC1B,WAAO,0BAAcA,KAAd,CAAP;AACD,GAzUwD,CA2UzD;;;AACAmE,EAAAA,KAAK,CAAC7D,GAAD,EAAkC;AACrC;AACA,QAAI,KAAKf,KAAL,CAAWlB,YAAf,EAA6B;AAC3B,aAAO,KAAKkB,KAAL,CAAWlB,YAAlB;AACD;;AAED,QAAI;AACF,UAAI2B,KAAK,GAAG,KAAK0C,OAAL,CAAapC,GAAb,CAAZ;;AACA,UAAI,CAACN,KAAL,EAAY;AACV,cAAM,IAAIrB,oBAAJ,CAAiB,gDAAgD2B,GAAjE,CAAN;AACD;AACF,KALD,CAKE,OAAO+D,CAAP,EAAU;AACV,aAAO,iBAAQC,MAAR,CAAeD,CAAf,CAAP;AACD,KAboC,CAerC;;;AACA,SAAK9C,uBAAL,CAA6BjB,GAA7B,EAhBqC,CAkBrC;AACA;;AACA,SAAKf,KAAL,CAAWlB,YAAX,GAA0B,KAAKG,GAAL,CAASwB,KAAT,CAAeuE,WAAf,GACvBC,IADuB,CAClB3B,MAAM,IAAI;AACd,WAAKQ,SAAL,CAAeR,MAAf,EADc,CAGd;;AACA,YAAM4B,SAAS,GAAG,KAAKrB,YAAL,CAAkBpD,KAAlB,CAAlB;AACA,aAAO6C,MAAM,CAAC4B,SAAD,CAAb;AACD,KAPuB,EAQvBC,KARuB,CAQjBC,GAAG,IAAI;AACZ;AACA,WAAKX,MAAL,CAAY1D,GAAZ;AACAqE,MAAAA,GAAG,CAACC,QAAJ,GAAetE,GAAf;AACA,WAAKO,SAAL,CAAe8D,GAAf;AACA,YAAMA,GAAN;AACD,KAduB,EAevBE,OAfuB,CAef,MAAM;AACb;AACA,WAAKtF,KAAL,CAAWlB,YAAX,GAA0B,IAA1B;AACD,KAlBuB,CAA1B;AAoBA,WAAO,KAAKkB,KAAL,CAAWlB,YAAlB;AACD;;AAEDyG,EAAAA,KAAK,GAAG;AACN,SAAKrD,0BAAL;AACA,SAAKlE,OAAL,CAAawH,YAAb;AACD;;AAEDzH,EAAAA,wBAAwB,GAAG;AACzB,UAAMuF,MAAM,GAAG,KAAKD,aAAL,EAAf;AACA,uBAAYC,MAAZ,EAAoBxB,OAApB,CAA4Bf,GAAG,IAAI;AACjC,UAAIuC,MAAM,CAACvC,GAAD,CAAN,CAAY0E,aAAhB,EAA+B;AAC9B,aAAKhB,MAAL,CAAY1D,GAAZ;AACA;AACF,KAJD;AAKD;;AAEDa,EAAAA,yBAAyB,CAAC8D,KAAD,EAAQ;AAC/B,QAAIpC,MAAJ;;AACA,QAAI;AACFA,MAAAA,MAAM,GAAGqC,IAAI,CAACC,KAAL,CAAWF,KAAX,KAAqB,EAA9B;AACD,KAFD,CAEE,OAAOZ,CAAP,EAAU;AACVxB,MAAAA,MAAM,GAAG,EAAT;AACD;;AACD,WAAOA,MAAP;AACD;;AAEDuC,EAAAA,kBAAkB,CAACpF,KAAD,EAAsB;AACtC,UAAMM,GAAG,GAAG,KAAK4C,mBAAL,CAAyB,cAAzB,KAA4CmC,oCAAxD,CADsC,CAGtC;;;AACA,QAAIhD,YAAY,GAAG,KAAK9E,OAAL,CAAa+E,UAAb,EAAnB;AACA,8BAActC,KAAd;AACAqC,IAAAA,YAAY,CAAC/B,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAKzC,OAAL,CAAakF,UAAb,CAAwBJ,YAAxB;AACD;;AAEDiD,EAAAA,qBAAqB,GAAG;AACtB,UAAMzC,MAAM,GAAG,KAAKD,aAAL,EAAf;AACA,uBAAYC,MAAZ,EAAoBxB,OAApB,CAA4Bf,GAAG,IAAI;AACjCuC,MAAAA,MAAM,CAACvC,GAAD,CAAN,CAAY0E,aAAZ,GAA4B,IAA5B;AACD,KAFD;AAGA,SAAK3B,SAAL,CAAeR,MAAf;AACD;;AA/ZwD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from './util';\nimport { AuthSdkError } from './errors';\nimport { validateToken  } from './oidc/util';\nimport { isLocalhost, isIE11OrLess } from './features';\nimport SdkClock from './clock';\nimport {\n  EventEmitter,\n  Token, \n  Tokens, \n  TokenType, \n  TokenManagerOptions, \n  isIDToken, \n  isAccessToken,\n  isRefreshToken,\n  StorageOptions,\n  StorageType,\n  OktaAuthInterface,\n  StorageProvider,\n  TokenManagerErrorEventHandler,\n  TokenManagerEventHandler,\n  TokenManagerInterface,\n  RefreshToken\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY, TOKEN_STORAGE_NAME } from './constants';\nimport { TokenService } from './services/TokenService';\n\nconst DEFAULT_OPTIONS = {\n  autoRenew: true,\n  autoRemove: true,\n  clearPendingRemoveTokens: true,\n  storage: undefined, // will use value from storageManager config\n  expireEarlySeconds: 30,\n  storageKey: TOKEN_STORAGE_NAME,\n  syncStorage: true,\n  _storageEventDelay: 0\n};\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\n\ninterface TokenManagerState {\n  expireTimeouts: Record<string, unknown>;\n  renewPromise: Promise<Token | undefined> | null;\n}\nfunction defaultState(): TokenManagerState {\n  return {\n    expireTimeouts: {},\n    renewPromise: null\n  };\n}\nexport class TokenManager implements TokenManagerInterface {\n  private sdk: OktaAuthInterface;\n  private clock: SdkClock;\n  private emitter: EventEmitter;\n  private storage: StorageProvider;\n  private state: TokenManagerState;\n  private options: TokenManagerOptions;\n  private service: TokenService | null;\n\n  on: (event: string, handler: TokenManagerErrorEventHandler | TokenManagerEventHandler, context?: object) => void;\n  off: (event: string, handler?: TokenManagerErrorEventHandler | TokenManagerEventHandler) => void;\n\n  constructor(sdk: OktaAuthInterface, options: TokenManagerOptions = {}) {\n    this.sdk = sdk;\n    this.emitter = (sdk as any).emitter;\n    if (!this.emitter) {\n      throw new AuthSdkError('Emitter should be initialized before TokenManager');\n    }\n    this.service = null;\n    \n    options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n    if (isIE11OrLess()) {\n      options._storageEventDelay = options._storageEventDelay || 1000;\n    }\n    if (!isLocalhost()) {\n      options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n    }\n    this.options = options;\n\n    const storageOptions: StorageOptions = removeNils({\n      storageKey: options.storageKey,\n      secure: options.secure,\n    });\n    if (typeof options.storage === 'object') {\n      // A custom storage provider must implement getItem(key) and setItem(key, val)\n      storageOptions.storageProvider = options.storage;\n    } else if (options.storage) {\n      storageOptions.storageType = options.storage as StorageType;\n    }\n\n    this.storage = sdk.storageManager.getTokenStorage({...storageOptions, useSeparateCookies: true});\n    this.clock = SdkClock.create(/* sdk, options */);\n    this.state = defaultState();\n\n    this.on = this.emitter.on.bind(this.emitter);\n    this.off = this.emitter.off.bind(this.emitter);\n  }\n\n  start() {\n    if (this.service) {\n      this.stop();\n    }\n    if (this.options.clearPendingRemoveTokens) {\n      this.clearPendingRemoveTokens();\n    }\n    this.service = new TokenService(this, this.getOptions());\n    this.service.start();\n  }\n  \n  stop() {\n    if (this.service) {\n      this.service.stop();\n      this.service = null;\n    }\n  }\n\n  getOptions(): TokenManagerOptions {\n    return clone(this.options);\n  }\n  \n  getExpireTime(token) {\n    const expireEarlySeconds = this.options.expireEarlySeconds || 0;\n    var expireTime = token.expiresAt - expireEarlySeconds;\n    return expireTime;\n  }\n  \n  hasExpired(token) {\n    var expireTime = this.getExpireTime(token);\n    return expireTime <= this.clock.now();\n  }\n  \n  emitExpired(key, token) {\n    this.emitter.emit(EVENT_EXPIRED, key, token);\n  }\n  \n  emitRenewed(key, freshToken, oldToken) {\n    this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n  }\n  \n  emitAdded(key, token) {\n    this.emitter.emit(EVENT_ADDED, key, token);\n  }\n  \n  emitRemoved(key, token?) {\n    this.emitter.emit(EVENT_REMOVED, key, token);\n  }\n  \n  emitError(error) {\n    this.emitter.emit(EVENT_ERROR, error);\n  }\n  \n  emitEventsForCrossTabsStorageUpdate(newValue, oldValue) {\n    const oldTokens = this.getTokensFromStorageValue(oldValue);\n    const newTokens = this.getTokensFromStorageValue(newValue);\n    Object.keys(newTokens).forEach(key => {\n      const oldToken = oldTokens[key];\n      const newToken = newTokens[key];\n      if (JSON.stringify(oldToken) !== JSON.stringify(newToken)) {\n        this.emitAdded(key, newToken);\n      }\n    });\n    Object.keys(oldTokens).forEach(key => {\n      const oldToken = oldTokens[key];\n      const newToken = newTokens[key];\n      if (!newToken) {\n        this.emitRemoved(key, oldToken);\n      }\n    });\n  }\n  \n  clearExpireEventTimeout(key) {\n    clearTimeout(this.state.expireTimeouts[key] as any);\n    delete this.state.expireTimeouts[key];\n  \n    // Remove the renew promise (if it exists)\n    this.state.renewPromise = null;\n  }\n  \n  clearExpireEventTimeoutAll() {\n    var expireTimeouts = this.state.expireTimeouts;\n    for (var key in expireTimeouts) {\n      if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n        continue;\n      }\n      this.clearExpireEventTimeout(key);\n    }\n  }\n  \n  setExpireEventTimeout(key, token) {\n    if (isRefreshToken(token)) {\n      return;\n    }\n\n    var expireTime = this.getExpireTime(token);\n    var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n  \n    // Clear any existing timeout\n    this.clearExpireEventTimeout(key);\n  \n    var expireEventTimeout = setTimeout(() => {\n      this.emitExpired(key, token);\n    }, expireEventWait);\n  \n    // Add a new timeout\n    this.state.expireTimeouts[key] = expireEventTimeout;\n  }\n  \n  setExpireEventTimeoutAll() {\n    var tokenStorage = this.storage.getStorage();\n    for(var key in tokenStorage) {\n      if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n        continue;\n      }\n      var token = tokenStorage[key];\n      this.setExpireEventTimeout(key, token);\n    }\n  }\n  \n  // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n  resetExpireEventTimeoutAll() {\n    this.clearExpireEventTimeoutAll();\n    this.setExpireEventTimeoutAll();\n  }\n  \n  add(key, token: Token) {\n    var tokenStorage = this.storage.getStorage();\n    validateToken(token);\n    tokenStorage[key] = token;\n    this.storage.setStorage(tokenStorage);\n    this.emitAdded(key, token);\n    this.setExpireEventTimeout(key, token);\n  }\n  \n  getSync(key) {\n    var tokenStorage = this.storage.getStorage();\n    return tokenStorage[key];\n  }\n  \n  async get(key) {\n    return this.getSync(key);\n  }\n  \n  getTokensSync(): Tokens {\n    const tokens = {} as Tokens;\n    const tokenStorage = this.storage.getStorage();\n    Object.keys(tokenStorage).forEach(key => {\n      const token = tokenStorage[key];\n      if (isAccessToken(token)) {\n        tokens.accessToken = token;\n      } else if (isIDToken(token)) {\n        tokens.idToken = token;\n      } else if (isRefreshToken(token)) { \n        tokens.refreshToken = token;\n      }\n    });\n    return tokens;\n  }\n  \n  async getTokens(): Promise<Tokens> {\n    return this.getTokensSync();\n  }\n\n  getStorageKeyByType(type: TokenType): string {\n    const tokenStorage = this.storage.getStorage();\n    const key = Object.keys(tokenStorage).filter(key => {\n      const token = tokenStorage[key];\n      return (isAccessToken(token) && type === 'accessToken') \n        || (isIDToken(token) && type === 'idToken')\n        || (isRefreshToken(token) && type === 'refreshToken');\n    })[0];\n    return key;\n  }\n\n  private getTokenType(token: Token): TokenType {\n    if (isAccessToken(token)) {\n      return 'accessToken';\n    }\n    if (isIDToken(token)) {\n      return 'idToken';\n    }\n    if(isRefreshToken(token)) {\n      return 'refreshToken';\n    }\n    throw new AuthSdkError('Unknown token type');\n  }\n\n  setTokens(\n    tokens: Tokens,\n    // TODO: callbacks can be removed in the next major version OKTA-407224\n    accessTokenCb?: Function, \n    idTokenCb?: Function,\n    refreshTokenCb?: Function\n  ): void {\n    const handleTokenCallback = (key, token) => {\n      const type = this.getTokenType(token);\n      if (type === 'accessToken') {\n        accessTokenCb && accessTokenCb(key, token);\n      } else if (type === 'idToken') {\n        idTokenCb && idTokenCb(key, token);\n      } else if (type === 'refreshToken') {\n        refreshTokenCb && refreshTokenCb(key, token);\n      }\n    };\n    const handleAdded = (key, token) => {\n      this.emitAdded(key, token);\n      this.setExpireEventTimeout(key, token);\n      handleTokenCallback(key, token);\n    };\n    const handleRenewed = (key, token, oldToken) => {\n      this.emitRenewed(key, token, oldToken);\n      this.clearExpireEventTimeout(key);\n      this.setExpireEventTimeout(key, token);\n      handleTokenCallback(key, token);\n    };\n    const handleRemoved = (key, token) => {\n      this.clearExpireEventTimeout(key);\n      this.emitRemoved(key, token);\n      handleTokenCallback(key, token);\n    };\n    \n    const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n    const existingTokens = this.getTokensSync();\n\n    // valid tokens\n    types.forEach((type) => {\n      const token = tokens[type];\n      if (token) {\n        validateToken(token, type);\n      }\n    });\n  \n    // add token to storage\n    const storage = types.reduce((storage, type) => {\n      const token = tokens[type];\n      if (token) {\n        const storageKey = this.getStorageKeyByType(type) || type;\n        storage[storageKey] = token;\n      }\n      return storage;\n    }, {});\n    this.storage.setStorage(storage);\n  \n    // emit event and start expiration timer\n    types.forEach(type => {\n      const newToken = tokens[type];\n      const existingToken = existingTokens[type];\n      const storageKey = this.getStorageKeyByType(type) || type;\n      if (newToken && existingToken) { // renew\n        // call handleRemoved first, since it clears timers\n        handleRemoved(storageKey, existingToken);\n        handleAdded(storageKey, newToken);\n        handleRenewed(storageKey, newToken, existingToken);\n      } else if (newToken) { // add\n        handleAdded(storageKey, newToken);\n      } else if (existingToken) { //remove\n        handleRemoved(storageKey, existingToken);\n      }\n    });\n  }\n  \n  remove(key) {\n    // Clear any listener for this token\n    this.clearExpireEventTimeout(key);\n  \n    var tokenStorage = this.storage.getStorage();\n    var removedToken = tokenStorage[key];\n    delete tokenStorage[key];\n    this.storage.setStorage(tokenStorage);\n  \n    this.emitRemoved(key, removedToken);\n  }\n  \n  // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n  async renewToken(token) {\n    return this.sdk.token?.renew(token);\n  }\n  // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n  validateToken(token: Token) {\n    return validateToken(token);\n  }\n\n  // TODO: renew method should take no param, change in the next major version OKTA-407224\n  renew(key): Promise<Token | undefined> {\n    // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n    if (this.state.renewPromise) {\n      return this.state.renewPromise;\n    }\n  \n    try {\n      var token = this.getSync(key);\n      if (!token) {\n        throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n      }\n    } catch (e) {\n      return Promise.reject(e);\n    }\n  \n    // Remove existing autoRenew timeout\n    this.clearExpireEventTimeout(key);\n  \n    // A refresh token means a replace instead of renewal\n    // Store the renew promise state, to avoid renewing again\n    this.state.renewPromise = this.sdk.token.renewTokens()\n      .then(tokens => {\n        this.setTokens(tokens);\n\n        // resolve token based on the key\n        const tokenType = this.getTokenType(token);\n        return tokens[tokenType];\n      })\n      .catch(err => {\n        // If renew fails, remove token from storage and emit error\n        this.remove(key);\n        err.tokenKey = key;\n        this.emitError(err);\n        throw err;\n      })\n      .finally(() => {\n        // Remove existing promise key\n        this.state.renewPromise = null;\n      });\n  \n    return this.state.renewPromise;\n  }\n  \n  clear() {\n    this.clearExpireEventTimeoutAll();\n    this.storage.clearStorage();\n  }\n\n  clearPendingRemoveTokens() {\n    const tokens = this.getTokensSync();\n    Object.keys(tokens).forEach(key => {\n      if (tokens[key].pendingRemove) {\n       this.remove(key);\n      }\n    });\n  }\n  \n  getTokensFromStorageValue(value) {\n    let tokens;\n    try {\n      tokens = JSON.parse(value) || {};\n    } catch (e) {\n      tokens = {};\n    }\n    return tokens;\n  }\n\n  updateRefreshToken(token: RefreshToken) {\n    const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n    // do not emit any event\n    var tokenStorage = this.storage.getStorage();\n    validateToken(token);\n    tokenStorage[key] = token;\n    this.storage.setStorage(tokenStorage);\n  }\n\n  addPendingRemoveFlags() {\n    const tokens = this.getTokensSync();\n    Object.keys(tokens).forEach(key => {\n      tokens[key].pendingRemove = true;\n    });\n    this.setTokens(tokens);\n  }\n  \n}\n"],"file":"TokenManager.js"}

package/cjs/TransactionManager.js

@@ -1,7 +1,13 @@
 "use strict";
 
+var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
+
 exports.default = void 0;
 
+var _stringify = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/json/stringify"));
+
+var _assign = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/assign"));
+
 var _errors = require("./errors");
 
 var _constants = require("./constants");
@@ -27,12 +33,14 @@ var _sharedStorage = require("./util/sharedStorage");
  */
 class TransactionManager {
   constructor(options) {
+    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
     this.storageManager = options.storageManager;
     this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;
     this.saveNonceCookie = options.saveNonceCookie === false ? false : true;
     this.saveStateCookie = options.saveStateCookie === false ? false : true;
     this.saveParamsCookie = options.saveParamsCookie === false ? false : true;
     this.enableSharedStorage = options.enableSharedStorage === false ? false : true;
+    this.saveLastResponse = options.saveLastResponse === false ? false : true;
     this.options = options;
   } // eslint-disable-next-line complexity
 
@@ -43,10 +51,9 @@ class TransactionManager {
 
     transactionStorage.clearStorage(); // clear IDX response storage
 
-    this.clearIdxResponse(); // Usually we do NOT want to clear shared storage because another tab may need it to continue/complete a flow
-    // It can be cleared after a user succcesfully signs in and receives tokens
+    this.clearIdxResponse(); // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow
 
-    if (this.enableSharedStorage && options.clearSharedStorage) {
+    if (this.enableSharedStorage && options.clearSharedStorage !== false) {
       const state = options.state || (meta === null || meta === void 0 ? void 0 : meta.state);
 
       if (state) {
@@ -118,7 +125,7 @@ class TransactionManager {
           urls,
           ignoreSignature
         };
-        cookieStorage.setItem(_constants.REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);
+        cookieStorage.setItem(_constants.REDIRECT_OAUTH_PARAMS_NAME, (0, _stringify.default)(oauthParams), null);
       }
 
       if (this.saveNonceCookie && meta.nonce) {
@@ -173,7 +180,7 @@ class TransactionManager {
     if (options.oauth) {
       try {
         const oauthParams = this.loadLegacyOAuthParams();
-        Object.assign(meta, oauthParams);
+        (0, _assign.default)(meta, oauthParams);
       } finally {
         this.clearLegacyOAuthParams();
       }
@@ -182,7 +189,7 @@ class TransactionManager {
     if (options.pkce) {
       try {
         const pkceMeta = this.loadLegacyPKCE();
-        Object.assign(meta, pkceMeta);
+        (0, _assign.default)(meta, pkceMeta);
       } finally {
         this.clearLegacyPKCE();
       }
@@ -245,7 +252,7 @@ class TransactionManager {
     // eslint-disable-next-line max-len
 
 
-    throw new _errors.AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', null);
+    throw new _errors.AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', undefined);
   }
 
   clearLegacyOAuthParams() {
@@ -299,6 +306,10 @@ class TransactionManager {
   }
 
   saveIdxResponse(idxResponse) {
+    if (!this.saveLastResponse) {
+      return;
+    }
+
     const storage = this.storageManager.getIdxResponseStorage();
 
     if (!storage) {
@@ -309,6 +320,10 @@ class TransactionManager {
   }
 
   loadIdxResponse() {
+    if (!this.saveLastResponse) {
+      return null;
+    }
+
     const storage = this.storageManager.getIdxResponseStorage();
 
     if (!storage) {
@@ -325,6 +340,10 @@ class TransactionManager {
   }
 
   clearIdxResponse() {
+    if (!this.saveLastResponse) {
+      return;
+    }
+
     const storage = this.storageManager.getIdxResponseStorage();
     storage === null || storage === void 0 ? void 0 : storage.clearStorage();
   }

package/cjs/TransactionManager.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearIdxResponse","clearSharedStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","JSON","stringify","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","Object","assign","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","getLegacyOAuthParamsStorage","saveIdxResponse","idxResponse","getIdxResponseStorage","loadIdxResponse"],"mappings":";;;;AAaA;;AACA;;AAEA;;AAWA;;AACA;;AACA;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6Be,MAAMA,kBAAN,CAAyB;AAStCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKN,OAAL,GAAeA,OAAf;AACD,GAjBqC,CAmBtC;;;AACAO,EAAAA,KAAK,CAACP,OAAoC,GAAG,EAAxC,EAA4C;AAC/C,UAAMQ,kBAAmC,GAAG,KAAKP,cAAL,CAAoBQ,qBAApB,EAA5C;AACA,UAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;AACAH,IAAAA,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;AACA,SAAKC,gBAAL,GAR+C,CAU/C;AACA;;AACA,QAAI,KAAKP,mBAAL,IAA4BN,OAAO,CAACc,kBAAxC,EAA4D;AAC1D,YAAMC,KAAK,GAAGf,OAAO,CAACe,KAAR,KAAiBL,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEK,KAAvB,CAAd;;AACA,UAAIA,KAAJ,EAAW;AACT,8DAAkC,KAAKd,cAAvC,EAAuDc,KAAvD;AACD;AACF;;AAED,QAAI,CAAC,KAAKb,mBAAV,EAA+B;AAC7B;AACD,KArB8C,CAuB/C;;;AACA,QAAIF,OAAO,CAACgB,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIjB,OAAO,CAACkB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GAnDqC,CAqDtC;;;AACAC,EAAAA,IAAI,CAACV,IAAD,EAAwBV,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIqB,OAAwB,GAAG,KAAKpB,cAAL,CAAoBQ,qBAApB,EAA/B;AACA,UAAMa,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBW,GAAlB,KAA0B,CAACtB,OAAO,CAACuB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDF,IAAAA,OAAO,CAACG,UAAR,CAAmBd,IAAnB,EAfgE,CAiBhE;;AACA,QAAI,KAAKJ,mBAAL,IAA4BI,IAAI,CAACK,KAArC,EAA4C;AAC1C,yDAA+B,KAAKd,cAApC,EAAoDS,IAAI,CAACK,KAAzD,EAAgEL,IAAhE;AACD;;AAED,QAAI,CAACV,OAAO,CAACgB,KAAb,EAAoB;AAClB;AACD,KAxB+D,CA0BhE;;;AACA,QAAI,KAAKb,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMoB,aAA4B,GAAG,KAAKxB,cAAL,CAAoBU,UAApB,CAA+B;AAAEe,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKrB,gBAAT,EAA2B;AACzB,cAAM;AACJsB,UAAAA,YADI;AAEJZ,UAAAA,KAFI;AAGJa,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFtB,IARJ;AASA,cAAMuB,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBZ,UAAAA,KAFkB;AAGlBa,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkDC,IAAI,CAACC,SAAL,CAAeJ,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK9B,eAAL,IAAwBO,IAAI,CAACkB,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBI,qCAAtB,EAAkD5B,IAAI,CAACkB,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKxB,eAAL,IAAwBM,IAAI,CAACK,KAAjC,EAAwC;AACtC;AACAU,QAAAA,aAAa,CAACS,OAAd,CAAsBK,qCAAtB,EAAkD7B,IAAI,CAACK,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDyB,EAAAA,MAAM,CAACxC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMU,IAAqB,GAAG,KAAK+B,IAAL,CAAUzC,OAAV,CAA9B;AACA,aAAO,CAAC,CAACU,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GA7HqC,CA+HtC;AACA;;;AACA+B,EAAAA,IAAI,CAACzC,OAA+B,GAAG,EAAnC,EAAwD;AAE1D,QAAIU,IAAJ,CAF0D,CAI1D;;AACA,QAAI,KAAKJ,mBAAL,IAA4BN,OAAO,CAACe,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKd,cAAxB,EAD6C,CACJ;;AACzCS,MAAAA,IAAI,GAAG,qDAAiC,KAAKT,cAAtC,EAAsDD,OAAO,CAACe,KAA9D,CAAP;;AACA,UAAI,8BAAkBL,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIW,OAAwB,GAAG,KAAKpB,cAAL,CAAoBQ,qBAApB,EAA/B;AACAC,IAAAA,IAAI,GAAGW,OAAO,CAACV,UAAR,EAAP;;AACA,QAAI,8BAAkBD,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKR,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtByD,CAwB1D;;;AACA,QAAIF,OAAO,CAACgB,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMiB,WAAW,GAAG,KAAKS,qBAAL,EAApB;AACAC,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBuB,WAApB;AACD,OAHD,SAGU;AACR,aAAKhB,sBAAL;AACD;AACF;;AAED,QAAIjB,OAAO,CAACkB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAM2B,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACAH,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBmC,QAApB;AACD,OAHD,SAGU;AACR,aAAK1B,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBT,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAhLqC,CAkLtC;;;AACAS,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIE,OAAJ;;AAEA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKX,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAEDkC,EAAAA,cAAc,GAAwB;AACpC,QAAIzB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKrB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKrB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAI6B,oBAAJ,CAAiB,yJAAjB,EAA4K,IAA5K,CAAN;AACD;;AAEDlC,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAII,OAAJ;;AAEA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKX,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED8B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAIrB,OAAJ;AACA,QAAIY,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIkB,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDE,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,UAAMjC,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;;AACA,QAAI,CAAClC,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB8B,WAAnB;AACD;;AAEDE,EAAAA,eAAe,GAAmB;AAChC,UAAMnC,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;;AACA,QAAI,CAAClC,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAMiC,WAAW,GAAGjC,OAAO,CAACV,UAAR,EAApB;;AACA,QAAI,CAAC,6BAAiB2C,WAAjB,CAAL,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AAEDzC,EAAAA,gBAAgB,GAAS;AACvB,UAAMQ,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;AACAlC,IAAAA,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAET,YAAT;AACD;;AAlSqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport StorageManager from './StorageManager';\nimport {\n  StorageProvider,\n  TransactionMeta,\n  isTransactionMeta,\n  isOAuthTransactionMeta,\n  PKCETransactionMeta,\n  OAuthTransactionMeta,\n  TransactionMetaOptions,\n  TransactionManagerOptions,\n  CookieStorage\n} from './types';\nimport { RawIdxResponse, isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n  clearTransactionFromSharedStorage,\n  loadTransactionFromSharedStorage,\n  pruneSharedStorage,\n  saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n  clearSharedStorage?: boolean;\n}\nexport default class TransactionManager {\n  options: TransactionManagerOptions;\n  storageManager: StorageManager;\n  legacyWidgetSupport: boolean;\n  saveNonceCookie: boolean;\n  saveStateCookie: boolean;\n  saveParamsCookie: boolean;\n  enableSharedStorage: boolean;\n\n  constructor(options: TransactionManagerOptions) {\n    this.storageManager = options.storageManager;\n    this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n    this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n    this.saveStateCookie = options.saveStateCookie === false ? false : true;\n    this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n    this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n    this.options = options;\n  }\n\n  // eslint-disable-next-line complexity\n  clear(options: ClearTransactionMetaOptions = {}) {\n    const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n    const meta = transactionStorage.getStorage();\n\n    // Clear primary storage (by default, sessionStorage on browser)\n    transactionStorage.clearStorage();\n\n    // clear IDX response storage\n    this.clearIdxResponse();\n\n    // Usually we do NOT want to clear shared storage because another tab may need it to continue/complete a flow\n    // It can be cleared after a user succcesfully signs in and receives tokens\n    if (this.enableSharedStorage && options.clearSharedStorage) {\n      const state = options.state || meta?.state;\n      if (state) {\n        clearTransactionFromSharedStorage(this.storageManager, state);\n      }\n    }\n  \n    if (!this.legacyWidgetSupport) {\n      return;\n    }\n\n    // This is for compatibility with older versions of the signin widget. OKTA-304806\n    if (options.oauth) {\n      this.clearLegacyOAuthParams();\n    }\n\n    if (options.pkce) {\n      this.clearLegacyPKCE();\n    }\n  }\n\n  // eslint-disable-next-line complexity\n  save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n    // There must be only one transaction executing at a time.\n    // Before saving, check to see if a transaction is already stored.\n    // An existing transaction indicates a concurrency/race/overlap condition\n\n    let storage: StorageProvider = this.storageManager.getTransactionStorage();\n    const obj = storage.getStorage();\n    // oie process may need to update transaction in the middle of process for tracking purpose\n    // false alarm might be caused \n    // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n    if (isTransactionMeta(obj) && !options.muteWarning) {\n      // eslint-disable-next-line max-len\n      warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n    }\n\n    storage.setStorage(meta);\n\n    // Shared storage allows continuation of transaction in another tab\n    if (this.enableSharedStorage && meta.state) {\n      saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n    }\n\n    if (!options.oauth) {\n      return;\n    }\n  \n    // Legacy cookie storage\n    if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n      const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n      if (this.saveParamsCookie) {\n        const { \n          responseType,\n          state,\n          nonce,\n          scopes,\n          clientId,\n          urls,\n          ignoreSignature\n        } = meta;\n        const oauthParams = {\n          responseType,\n          state,\n          nonce,\n          scopes,\n          clientId,\n          urls,\n          ignoreSignature\n        };\n        cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n      }\n\n      if (this.saveNonceCookie && meta.nonce) {\n        // Set nonce cookie for servers to validate nonce in id_token\n        cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n      }\n\n      if (this.saveStateCookie && meta.state) {\n        // Set state cookie for servers to validate state\n        cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n      }\n    }\n  }\n\n  exists(options: TransactionMetaOptions = {}): boolean {\n    try {\n      const meta: TransactionMeta = this.load(options);\n      return !!meta;\n    } catch {\n      return false;\n    }\n  }\n\n  // load transaction meta from storage\n  // eslint-disable-next-line complexity,max-statements\n  load(options: TransactionMetaOptions = {}): TransactionMeta {\n\n    let meta: TransactionMeta;\n\n    // If state was passed, try loading transaction data from shared storage\n    if (this.enableSharedStorage && options.state) {\n      pruneSharedStorage(this.storageManager); // prune before load\n      meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n      if (isTransactionMeta(meta)) {\n        return meta;\n      }\n    }\n\n    let storage: StorageProvider = this.storageManager.getTransactionStorage();\n    meta = storage.getStorage();\n    if (isTransactionMeta(meta)) {\n      // if we have meta in the new location, there is no need to go further\n      return meta;\n    }\n\n    if (!this.legacyWidgetSupport) {\n      return null;\n    }\n\n    // This is for compatibility with older versions of the signin widget. OKTA-304806\n    if (options.oauth) {\n      try {\n        const oauthParams = this.loadLegacyOAuthParams();\n        Object.assign(meta, oauthParams);\n      } finally {\n        this.clearLegacyOAuthParams();\n      }\n    }\n\n    if (options.pkce) {\n      try {\n        const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n        Object.assign(meta, pkceMeta);\n      } finally {\n        this.clearLegacyPKCE();\n      }\n    }\n\n    if (isTransactionMeta(meta)) {\n      return meta;\n    }\n    return null;\n  }\n\n  // This is for compatibility with older versions of the signin widget. OKTA-304806\n  clearLegacyPKCE(): void {\n    // clear storages\n    let storage: StorageProvider;\n\n    if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n      storage.clearStorage();\n    }\n\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n      storage.clearStorage();\n    }\n  }\n\n  loadLegacyPKCE(): PKCETransactionMeta {\n    let storage: StorageProvider;\n    let obj;\n    \n    // Try reading from localStorage first.\n    if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n      obj = storage.getStorage();\n      if (obj && obj.codeVerifier) {\n        return obj;\n      }\n    }\n\n    // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n      obj = storage.getStorage();\n      if (obj && obj.codeVerifier) {\n        return obj;\n      }\n    }\n\n    // If meta is not valid, throw an exception to avoid misleading server-side error\n    // The most likely cause of this error is trying to handle a callback twice\n    // eslint-disable-next-line max-len\n    throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', null);\n  }\n\n  clearLegacyOAuthParams(): void {\n    // clear storages\n    let storage: StorageProvider;\n\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n      storage.clearStorage();\n    }\n\n    if (this.storageManager.storageUtil.testStorageType('cookie')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n      storage.clearStorage();\n    }\n  }\n\n  loadLegacyOAuthParams(): OAuthTransactionMeta {\n    let storage: StorageProvider;\n    let oauthParams;\n  \n    // load first from session storage\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n      oauthParams = storage.getStorage();\n    }\n    if (isOAuthTransactionMeta(oauthParams)) {\n      return oauthParams;\n    }\n\n    // try to load from cookie\n    if (this.storageManager.storageUtil.testStorageType('cookie')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n      oauthParams = storage.getStorage();\n    }\n\n    if (isOAuthTransactionMeta(oauthParams)) {\n      return oauthParams;\n    }\n\n\n    throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n    // Something is there but we don't recognize it\n    // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n  }\n\n  saveIdxResponse(idxResponse: RawIdxResponse): void {\n    const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n    if (!storage) {\n      return;\n    }\n    storage.setStorage(idxResponse);\n  }\n\n  loadIdxResponse(): RawIdxResponse {\n    const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n    if (!storage) {\n      return null;\n    }\n    const idxResponse = storage.getStorage();\n    if (!isRawIdxResponse(idxResponse)) {\n      return null;\n    }\n    return idxResponse;\n  }\n\n  clearIdxResponse(): void {\n    const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n    storage?.clearStorage();\n  }\n}"],"file":"TransactionManager.js"}
+{"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","saveLastResponse","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearIdxResponse","clearSharedStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","undefined","getLegacyOAuthParamsStorage","saveIdxResponse","idxResponse","getIdxResponseStorage","loadIdxResponse"],"mappings":";;;;;;;;;;AAaA;;AACA;;AAEA;;AAWA;;AACA;;AACA;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6Be,MAAMA,kBAAN,CAAyB;AAUtCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C;AACA,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,gBAAL,GAAwBP,OAAO,CAACO,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKP,OAAL,GAAeA,OAAf;AACD,GApBqC,CAsBtC;;;AACAQ,EAAAA,KAAK,CAACR,OAAoC,GAAG,EAAxC,EAA4C;AAC/C,UAAMS,kBAAmC,GAAG,KAAKR,cAAL,CAAoBS,qBAApB,EAA5C;AACA,UAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;AACAH,IAAAA,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;AACA,SAAKC,gBAAL,GAR+C,CAU/C;;AACA,QAAI,KAAKR,mBAAL,IAA4BN,OAAO,CAACe,kBAAR,KAA+B,KAA/D,EAAsE;AACpE,YAAMC,KAAK,GAAGhB,OAAO,CAACgB,KAAR,KAAiBL,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEK,KAAvB,CAAd;;AACA,UAAIA,KAAJ,EAAW;AACT,8DAAkC,KAAKf,cAAvC,EAAuDe,KAAvD;AACD;AACF;;AAED,QAAI,CAAC,KAAKd,mBAAV,EAA+B;AAC7B;AACD,KApB8C,CAsB/C;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GArDqC,CAuDtC;;;AACAC,EAAAA,IAAI,CAACV,IAAD,EAAwBX,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIsB,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACA,UAAMa,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBW,GAAlB,KAA0B,CAACvB,OAAO,CAACwB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDF,IAAAA,OAAO,CAACG,UAAR,CAAmBd,IAAnB,EAfgE,CAiBhE;;AACA,QAAI,KAAKL,mBAAL,IAA4BK,IAAI,CAACK,KAArC,EAA4C;AAC1C,yDAA+B,KAAKf,cAApC,EAAoDU,IAAI,CAACK,KAAzD,EAAgEL,IAAhE;AACD;;AAED,QAAI,CAACX,OAAO,CAACiB,KAAb,EAAoB;AAClB;AACD,KAxB+D,CA0BhE;;;AACA,QAAI,KAAKd,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMqB,aAA4B,GAAG,KAAKzB,cAAL,CAAoBW,UAApB,CAA+B;AAAEe,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKtB,gBAAT,EAA2B;AACzB,cAAM;AACJuB,UAAAA,YADI;AAEJZ,UAAAA,KAFI;AAGJa,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFtB,IARJ;AASA,cAAMuB,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBZ,UAAAA,KAFkB;AAGlBa,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkD,wBAAeF,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK/B,eAAL,IAAwBQ,IAAI,CAACkB,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBE,qCAAtB,EAAkD1B,IAAI,CAACkB,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKzB,eAAL,IAAwBO,IAAI,CAACK,KAAjC,EAAwC;AACtC;AACAU,QAAAA,aAAa,CAACS,OAAd,CAAsBG,qCAAtB,EAAkD3B,IAAI,CAACK,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDuB,EAAAA,MAAM,CAACvC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMW,IAAI,GAAG,KAAK6B,IAAL,CAAUxC,OAAV,CAAb;AACA,aAAO,CAAC,CAACW,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GA/HqC,CAiItC;AACA;;;AACA6B,EAAAA,IAAI,CAACxC,OAA+B,GAAG,EAAnC,EAA+D;AAEjE,QAAIW,IAAJ,CAFiE,CAIjE;;AACA,QAAI,KAAKL,mBAAL,IAA4BN,OAAO,CAACgB,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKf,cAAxB,EAD6C,CACJ;;AACzCU,MAAAA,IAAI,GAAG,qDAAiC,KAAKV,cAAtC,EAAsDD,OAAO,CAACgB,KAA9D,CAAP;;AACA,UAAI,8BAAkBL,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIW,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACAC,IAAAA,IAAI,GAAGW,OAAO,CAACV,UAAR,EAAP;;AACA,QAAI,8BAAkBD,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKT,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtBgE,CAwBjE;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMiB,WAAW,GAAG,KAAKO,qBAAL,EAApB;AACA,6BAAc9B,IAAd,EAAoBuB,WAApB;AACD,OAHD,SAGU;AACR,aAAKhB,sBAAL;AACD;AACF;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAMuB,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACA,6BAAchC,IAAd,EAAoB+B,QAApB;AACD,OAHD,SAGU;AACR,aAAKtB,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBT,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAlLqC,CAoLtC;;;AACAS,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIE,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED8B,EAAAA,cAAc,GAAwB;AACpC,QAAIrB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKtB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAACwB,YAAf,EAA6B;AAC3B,eAAOxB,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKtB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAACwB,YAAf,EAA6B;AAC3B,eAAOxB,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAIyB,oBAAJ,CAAiB,yJAAjB,EAA4KC,SAA5K,CAAN;AACD;;AAED/B,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAII,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED4B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAInB,OAAJ;AACA,QAAIY,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKjC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKjC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIc,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDG,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,QAAI,CAAC,KAAK7C,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBoD,qBAApB,EAAhB;;AACA,QAAI,CAAC/B,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB2B,WAAnB;AACD;;AAEDE,EAAAA,eAAe,GAA0B;AACvC,QAAI,CAAC,KAAK/C,gBAAV,EAA4B;AAC1B,aAAO,IAAP;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBoD,qBAApB,EAAhB;;AACA,QAAI,CAAC/B,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAM8B,WAAW,GAAG9B,OAAO,CAACV,UAAR,EAApB;;AACA,QAAI,CAAC,6BAAiBwC,WAAjB,CAAL,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AAEDtC,EAAAA,gBAAgB,GAAS;AACvB,QAAI,CAAC,KAAKP,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBoD,qBAApB,EAAhB;AACA/B,IAAAA,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAET,YAAT;AACD;;AA7SqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport { StorageManager } from './StorageManager';\nimport {\n  StorageProvider,\n  TransactionMeta,\n  isTransactionMeta,\n  isOAuthTransactionMeta,\n  PKCETransactionMeta,\n  OAuthTransactionMeta,\n  TransactionMetaOptions,\n  TransactionManagerOptions,\n  CookieStorage\n} from './types';\nimport { RawIdxResponse, isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n  clearTransactionFromSharedStorage,\n  loadTransactionFromSharedStorage,\n  pruneSharedStorage,\n  saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n  clearSharedStorage?: boolean;\n}\nexport default class TransactionManager {\n  options: TransactionManagerOptions;\n  storageManager: StorageManager;\n  legacyWidgetSupport: boolean;\n  saveNonceCookie: boolean;\n  saveStateCookie: boolean;\n  saveParamsCookie: boolean;\n  enableSharedStorage: boolean;\n  saveLastResponse: boolean;\n\n  constructor(options: TransactionManagerOptions) {\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    this.storageManager = options.storageManager!;\n    this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n    this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n    this.saveStateCookie = options.saveStateCookie === false ? false : true;\n    this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n    this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n    this.saveLastResponse = options.saveLastResponse === false ? false : true;\n    this.options = options;\n  }\n\n  // eslint-disable-next-line complexity\n  clear(options: ClearTransactionMetaOptions = {}) {\n    const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n    const meta = transactionStorage.getStorage();\n\n    // Clear primary storage (by default, sessionStorage on browser)\n    transactionStorage.clearStorage();\n\n    // clear IDX response storage\n    this.clearIdxResponse();\n\n    // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow\n    if (this.enableSharedStorage && options.clearSharedStorage !== false) {\n      const state = options.state || meta?.state;\n      if (state) {\n        clearTransactionFromSharedStorage(this.storageManager, state);\n      }\n    }\n  \n    if (!this.legacyWidgetSupport) {\n      return;\n    }\n\n    // This is for compatibility with older versions of the signin widget. OKTA-304806\n    if (options.oauth) {\n      this.clearLegacyOAuthParams();\n    }\n\n    if (options.pkce) {\n      this.clearLegacyPKCE();\n    }\n  }\n\n  // eslint-disable-next-line complexity\n  save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n    // There must be only one transaction executing at a time.\n    // Before saving, check to see if a transaction is already stored.\n    // An existing transaction indicates a concurrency/race/overlap condition\n\n    let storage: StorageProvider = this.storageManager.getTransactionStorage();\n    const obj = storage.getStorage();\n    // oie process may need to update transaction in the middle of process for tracking purpose\n    // false alarm might be caused \n    // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n    if (isTransactionMeta(obj) && !options.muteWarning) {\n      // eslint-disable-next-line max-len\n      warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n    }\n\n    storage.setStorage(meta);\n\n    // Shared storage allows continuation of transaction in another tab\n    if (this.enableSharedStorage && meta.state) {\n      saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n    }\n\n    if (!options.oauth) {\n      return;\n    }\n  \n    // Legacy cookie storage\n    if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n      const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n      if (this.saveParamsCookie) {\n        const { \n          responseType,\n          state,\n          nonce,\n          scopes,\n          clientId,\n          urls,\n          ignoreSignature\n        } = meta;\n        const oauthParams = {\n          responseType,\n          state,\n          nonce,\n          scopes,\n          clientId,\n          urls,\n          ignoreSignature\n        };\n        cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n      }\n\n      if (this.saveNonceCookie && meta.nonce) {\n        // Set nonce cookie for servers to validate nonce in id_token\n        cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n      }\n\n      if (this.saveStateCookie && meta.state) {\n        // Set state cookie for servers to validate state\n        cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n      }\n    }\n  }\n\n  exists(options: TransactionMetaOptions = {}): boolean {\n    try {\n      const meta = this.load(options);\n      return !!meta;\n    } catch {\n      return false;\n    }\n  }\n\n  // load transaction meta from storage\n  // eslint-disable-next-line complexity,max-statements\n  load(options: TransactionMetaOptions = {}): TransactionMeta | null {\n\n    let meta: TransactionMeta;\n\n    // If state was passed, try loading transaction data from shared storage\n    if (this.enableSharedStorage && options.state) {\n      pruneSharedStorage(this.storageManager); // prune before load\n      meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n      if (isTransactionMeta(meta)) {\n        return meta;\n      }\n    }\n\n    let storage: StorageProvider = this.storageManager.getTransactionStorage();\n    meta = storage.getStorage();\n    if (isTransactionMeta(meta)) {\n      // if we have meta in the new location, there is no need to go further\n      return meta;\n    }\n\n    if (!this.legacyWidgetSupport) {\n      return null;\n    }\n\n    // This is for compatibility with older versions of the signin widget. OKTA-304806\n    if (options.oauth) {\n      try {\n        const oauthParams = this.loadLegacyOAuthParams();\n        Object.assign(meta, oauthParams);\n      } finally {\n        this.clearLegacyOAuthParams();\n      }\n    }\n\n    if (options.pkce) {\n      try {\n        const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n        Object.assign(meta, pkceMeta);\n      } finally {\n        this.clearLegacyPKCE();\n      }\n    }\n\n    if (isTransactionMeta(meta)) {\n      return meta;\n    }\n    return null;\n  }\n\n  // This is for compatibility with older versions of the signin widget. OKTA-304806\n  clearLegacyPKCE(): void {\n    // clear storages\n    let storage: StorageProvider;\n\n    if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n      storage.clearStorage();\n    }\n\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n      storage.clearStorage();\n    }\n  }\n\n  loadLegacyPKCE(): PKCETransactionMeta {\n    let storage: StorageProvider;\n    let obj;\n    \n    // Try reading from localStorage first.\n    if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n      obj = storage.getStorage();\n      if (obj && obj.codeVerifier) {\n        return obj;\n      }\n    }\n\n    // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n      obj = storage.getStorage();\n      if (obj && obj.codeVerifier) {\n        return obj;\n      }\n    }\n    \n    // If meta is not valid, throw an exception to avoid misleading server-side error\n    // The most likely cause of this error is trying to handle a callback twice\n    // eslint-disable-next-line max-len\n    throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', undefined);\n  }\n\n  clearLegacyOAuthParams(): void {\n    // clear storages\n    let storage: StorageProvider;\n\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n      storage.clearStorage();\n    }\n\n    if (this.storageManager.storageUtil.testStorageType('cookie')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n      storage.clearStorage();\n    }\n  }\n\n  loadLegacyOAuthParams(): OAuthTransactionMeta {\n    let storage: StorageProvider;\n    let oauthParams;\n  \n    // load first from session storage\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n      oauthParams = storage.getStorage();\n    }\n    if (isOAuthTransactionMeta(oauthParams)) {\n      return oauthParams;\n    }\n\n    // try to load from cookie\n    if (this.storageManager.storageUtil.testStorageType('cookie')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n      oauthParams = storage.getStorage();\n    }\n\n    if (isOAuthTransactionMeta(oauthParams)) {\n      return oauthParams;\n    }\n\n\n    throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n    // Something is there but we don't recognize it\n    // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n  }\n\n  saveIdxResponse(idxResponse: RawIdxResponse): void {\n    if (!this.saveLastResponse) {\n      return;\n    }\n    const storage = this.storageManager.getIdxResponseStorage();\n    if (!storage) {\n      return;\n    }\n    storage.setStorage(idxResponse);\n  }\n\n  loadIdxResponse(): RawIdxResponse | null {\n    if (!this.saveLastResponse) {\n      return null;\n    }\n    const storage = this.storageManager.getIdxResponseStorage();\n    if (!storage) {\n      return null;\n    }\n    const idxResponse = storage.getStorage();\n    if (!isRawIdxResponse(idxResponse)) {\n      return null;\n    }\n    return idxResponse;\n  }\n\n  clearIdxResponse(): void {\n    if (!this.saveLastResponse) {\n      return;\n    }\n    const storage = this.storageManager.getIdxResponseStorage();\n    storage?.clearStorage();\n  }\n}"],"file":"TransactionManager.js"}

package/cjs/browser/browserStorage.js

@@ -1,13 +1,23 @@
 "use strict";
 
-var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
+var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
 
 exports.default = void 0;
 
+var _slice = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/slice"));
+
+var _keys = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/keys"));
+
+var _indexOf = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/index-of"));
+
+var _stringify = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/json/stringify"));
+
 var _AuthSdkError = _interopRequireDefault(require("../errors/AuthSdkError"));
 
 var _util = require("../util");
 
+/* eslint-disable @typescript-eslint/no-non-null-assertion */
+
 /*!
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -20,6 +30,7 @@ var _util = require("../util");
  * See the License for the specific language governing permissions and limitations under the License.
  *
  */
+// eslint-disable-next-line import/no-commonjs
 const Cookies = require('js-cookie'); // Building this as an object allows us to mock the functions in our tests
 
 
@@ -76,7 +87,7 @@ var storageUtil = {
     return supported;
   },
   getStorageByType: function (storageType, options) {
-    let storageProvider = null;
+    let storageProvider;
 
     switch (storageType) {
       case 'sessionStorage':
@@ -105,7 +116,7 @@ var storageUtil = {
   findStorageType: function (types) {
     let curType;
     let nextType;
-    types = types.slice(); // copy array
+    types = (0, _slice.default)(types).call(types); // copy array
 
     curType = types.shift();
     nextType = types.length ? types[0] : null;
@@ -154,11 +165,11 @@ var storageUtil = {
       }
     };
 
-    if (!options.useMultipleCookies) {
+    if (!options.useSeparateCookies) {
       return storage;
-    } // options.useMultipleCookies - because cookies have size limits.
+    } // Tokens are stored separately because cookies have size limits.
     // Can only be used when storing an object value. Object properties will be saved to separate cookies.
-    //  Each property of the object must also be an object.
+    // Each property of the object must also be an object.
 
 
     return {
@@ -166,32 +177,32 @@ var storageUtil = {
         var data = storage.getItem(); // read all cookies
 
         var value = {};
-        Object.keys(data).forEach(k => {
-          if (k.indexOf(key) === 0) {
+        (0, _keys.default)(data).forEach(k => {
+          if ((0, _indexOf.default)(k).call(k, key) === 0) {
             // filter out unrelated cookies
-            value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie dataa
+            value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie data
           }
         });
-        return JSON.stringify(value);
+        return (0, _stringify.default)(value);
       },
       setItem: function (key, value) {
         var existingValues = JSON.parse(this.getItem(key));
         value = JSON.parse(value); // Set key-value pairs from input to cookies
 
-        Object.keys(value).forEach(k => {
+        (0, _keys.default)(value).forEach(k => {
           var storageKey = key + '_' + k;
-          var valueToStore = JSON.stringify(value[k]);
+          var valueToStore = (0, _stringify.default)(value[k]);
           storage.setItem(storageKey, valueToStore);
           delete existingValues[k];
         }); // Delete unmatched keys from existing cookies
 
-        Object.keys(existingValues).forEach(k => {
+        (0, _keys.default)(existingValues).forEach(k => {
           storage.removeItem(key + '_' + k);
         });
       },
       removeItem: function (key) {
         var existingValues = JSON.parse(this.getItem(key));
-        Object.keys(existingValues).forEach(k => {
+        (0, _keys.default)(existingValues).forEach(k => {
           storage.removeItem(key + '_' + k);
         });
       }